ClearPath MCP Software Update by liwenting


									ClearPath MCP Software
Technology Overview and Software Update
ClearPath MCP Release 12.0

                                          Page 1
ClearPath MCP Software Update

• Real-Time Infrastructure
• Service-Oriented Architecture
• Security
• Where to find more information

                                   Page 2
  ClearPath MCP Release 12.0
  Focus and Benefits
     Focus Areas                               Key Benefits
                              • Point-and-click SOA enablement for
                                entry/midrange users
• Service-Oriented            • Reduce the time, skill level and risk of human
  Architecture                  error associated with ensuring continuous
                                availability of data and applications
                              • Increase IT’s ability to satisfy service-level
                              • Reduce dependence on ClearPath-specific
• Real-time Infrastructure      skills
                              • Increased network scalability and throughput
                              • Comprehensive security reporting for
                                administrators, auditors, and regulators
• Security                    • Additional protection for sensitive data backed
                                up to tape and transferred between computers
                              • Stronger and more flexible user identification
                                and access control

                             Available April 2008                                 Page 3
Real-Time Infrastructure

                           Page 4
 MCP 12.0 New RTI Products/Features
Business Problem                        New Product/Capability
Reduce the time, skill level and risk   Business Continuity Accelerator
of human error associated with          automates the process of moving an
ensuring continuous availability of     application workload to a alternate server
data and applications                   and getting it running. New Product
Satisfy service-level agreements        Workload Management enhancements
with business units                      – Runaway program detection
                                         – Batch job elapsed time completion goals
Reduce dependence on scarce
MCP tuning skills                        – Throttles for I/O, COMS and DMSII usage
                                         – Conflicts and bottleneck report
Increased network scalability           TCP/IP support for IPv6 increases the
                                        number of network addresses available
Improved TCP/IP network                 TCP/IP high-performance data transfer
throughput                              (aka window scale factor)
Reduce the amount of time               Software License Management
managing software license keys          enhancements
                                         – Improved reporting capabilities

                                                                                     Page 5
The Impact of Downtime

• For several hours on Saturday August 11, 2007,
  U.S. Customs and Border Protection officers at
  LAX were unable to access databases used to
  process arriving international passengers
• Over 17,000 arriving passengers affected
• Passengers waited for as long as 9 hours to be
  cleared for entry into the U.S.
• Departing flights also delayed - misconnections
  rippled around the world
• Outage occurred on one of the busiest days for
  international arrivals
• Considered one of the worst IT disasters of all

                                                    Page 6
  Unisys Business Continuity Accelerator
• Ensures continuous availability of applications and data      MCP 12.0
• Accelerates and automates
   – Relocating a workload and associated data from a primary
     server to an alternate server
   – Restarting a workload on an alternate server.
• Reduces
   – Downtime
   – Required skill level
   – Risk of human error
• Makes the process repeatable and predictable
• Can help reduce the number of dedicated BC servers by
  repurposing servers
   – Example: Development/test to BC
• No distance limitations
• Introduced on MCP 12.0 as an optional software product

                                                                           Page 7
 Build a Complete Business Continuity
Works with a data replication product (one is required)
• EMC Symmetrix Remote Data Facility (SRDF)
• EMC MirrorView
• SafeGuard Duplex
• Host-based mirrored disk (MCP OS feature)
Can be used with
• SMA OpCon/xps
• Remote Database Backup
• Mirrored disk enhancement products
   – SAN Mirror Disk Manager
   – SAN StoreSafe Manager
   – SAN Spare Disk Manager

                                                          Page 8
Unisys Business Continuity Accelerator
     Primary Site                              Alternate Site

  Business                                              Business
 Continuity                                            Continuity
 Accelerator               Network                     Accelerator

  Operating                                            Operating
 Environment                                          Environment
   Image                                                 Image
   Enabler          Data Replication Product             Enabler

Available on all ClearPath MCP servers that support MCP 12.0

                                                                     Page 9
    Automation Avoids Manual Steps

Uses automation to                      Avoid manual steps - multiple utilities
• Transfer resources                    • Halt both systems (Server Control)
   – Storage subsystem                  • Make the disk drives available to the
   – Software license keys                alternate server (EMC Navisphere or
                                          Control Center)
   – Halt/Load parameters
                                        • Make partition configuration changes
   – USERDATA file contents               (LOADER)
   – Network addresses
                                        • Change Halt/Load units and load a
   – HOSTNAME                             partition (Server Control)
• Activate image enabler                • Deal with the DEAD 431 system stops
• Halt/Load alternate server            • Copy the SYSTEM/KEYSFILE (Native
                                          File Transfer, tape or CD-ROM)
• Restart jobs – even if servers have
  different e-mode levels               • Activate Image Enablers (system

                                                                               Page 10
How fast is it?
• Unisys Business Continuity Accelerator can
  relocate a workload and get it running on an
  alternate server in as little as 15 minutes.
• The actual time for your workload will be
• Factors affecting recovery time include:
  – Server capacity and configuration
  – Number, capacity, and type of storage
  – Number and size of databases
  – Application characteristics
  – Network characteristics

                                                 Page 11
Business Continuity Accelerator Uses

• Relocate a workload to an alternate server in a remote data
  center as a result of a disaster
• Move a workload to an alternate server while the primary
  server is unavailable due to maintenance or upgrade
• Migrate a workload to a new system software release while
  providing a secure fallback position.
• Permanently move a workload onto a newly purchased
• Relocate a server environment to another physical server
  as needed for purposes such as testing, modeling, or

                                                                Page 12
   Workload Management
• Simplifies management of ClearPath
  MCP servers
• Maintains Service Level Agreements
• Improves performance of critical
• Specifies operations policy in
  business terms
• Reduces the need for MCP-specific
  performance-tuning skills
• Included in the operating environment
• Available on all ClearPath MCP
  servers that support MCP 12.0

                                          Page 13
WLM MCP 12.0 Enhancements

• Runaway program protection
• Elapsed time goal
• Goals for IO, DMSII, and COMS
• Host events for alerting system
• System monitors provide a real-
  time visual representation of the
  system resource usage history
• Enhanced reporting
   – Performance goal compliance
   – Bottlenecks and conflicts

                                      Page 14
 Runaway Program Protection
• Administrator can specify conditions that determine
  when an individual program is considered a runaway
  – Resource consumption rate limits
     • Sustained CPU, IO, or DMSII rates over a time period
  – Resource consumption maximums
     • Total Elapsed or CPU time
     • Total IO or DMSII operations

• Automatic responses to detected events can be
  – Notify administrator
  – Suspend task
  – Terminate task
• Useful on metered servers

                                                              Page 15
Elapsed Time Goal

• Useful for batch jobs with completion deadlines
• Specifies a desired completion time for tasks within a
  Workload Group
• Based on “baseline statistic” data of previous runs
   – Collected by WLM or provided manually

                                                           Page 16
Internet Protocol Version 6 (IPv6)
• The successor to the current Internet Protocol
                                                     MCP 12.0
  version 4 for use on the global Internet.
• More addresses – IPv4 provided 232. IPv6 provides 2128
• Improved authentication and privacy: IPsec mandatory
• Automatic configuration of host IP addresses
  – Stateless Autoconfiguration Protocol
• Neighbor Discovery Protocol
  – Replaces ARP, ICMP Router Discovery, ICMP Redirect
• Subject to US Government export control
  – Packaged in the operating environment encryption option

                                                              Page 17
IPv6 Impact

• Everything that touches IP addresses is impacted
  –   Upper layer protocols
  –   System software
  –   Applications
  –   Network infrastructure
       •   Routers
       •   Hosts
       •   DNS
       •   Firewalls, etc.

• Conversion cost has caused slow adoption rate world-wide
  – Except where address shortage is acute (Eastern Asia)

                                                             Page 18
Impact of IPv6 on MCP Applications

• Applications to be evaluated to determine scope of
  required changes
  – Will operate over an IPv6 or hybrid IPv6/IPv4 network and
  – Use TCP port files or Sockets and manipulate or examine IP
• No changes needed
  – Existing applications operating over a pure IPv4 network
• For details, please consult
  – MCP Systems Interfaces Programming Reference Manual
  – File Attributes Programming Reference Manual
  – MCP Sockets Service Programming Guide

                                                                 Page 19
TCP/IP High-Performance Data

                                                   MCP 12.0
• Offers improved TCP performance over networks with high
• Allows a larger amount of unacknowledged data to be
  outstanding on the network
• “Window scale factor” is negotiated when the connection is
• Administrators can enable or disable this capability
• Based on RFC 1323

                                                               Page 20
  Software License Management
• Helps administrators answer questions such
  – How much are we using the software we
  – Are we using any software that we don’t have
    licenses for?
  – Are software products installed and running on
    the correct servers?
• Tracks license status changes and compiles
  a detailed license usage history
• License Center provides a single GUI that
  integrates software licenses and resource
  licenses (processor, memory, and IO)
• Reports can be customized, saved, and
  exported to Microsoft Excel
• Included in the operating environment

                                                     Page 21
Enhanced License Key Reporting
• You can now user License center to view:                      MCP 12.0
  – All license keys in the active keys file – including compliance, and
    expiration status
  – All license keys in inactive keys files
  – Usage information for a user-specified set of keys

                                                                           Page 22
Service-Oriented Architecture

                                Page 23
ClearPath SOA Scenarios: ClearPath
Can Fully Participate in SOA

1. SOA enable existing ClearPath applications
   and data

   Expose ClearPath transactions as services
   They can function as:
     1. Service providers
     2. Consumers

   Use ClearPath data in your SOA implementations
2. Create new ClearPath-bases SOA services

                                                    Page 24
MCP 12.0 New SOA Products/Features
Business Problem                     New Product/Capability
Need secure, automated               ClearPath ePortal Business for
deployment of applications in Web,   entry/midrange MCPvm servers. New
mobile, and Web Services             Product
Looking for a tool to develop and    JBoss Application Server 4.2.0
deploy rich high performance Java    provides a new release of this market-
applications in a secure             leading open source enterprise Java
environment                          platform.
Reduce dependence on scarce          Database Operations Center
DMSII design skills                  integration with Embarcadero ER/Studio
                                     provides the ability to modify DMSII
                                     database schemas rather than having to
                                     learn the proprietary DASDL language.

                                                                              Page 25
 ClearPath ePortal

                          Web or

Suite /   Component
 EAE       Enabler          Web
             SDF Forms


                                     Page 26
ClearPath ePortal
• Automates SOA development and deployment
• Development Studio
  –   No programming required
  –   1-click solution generation
  –   Host Interaction orchestration and consolidation
  –   Microsoft Visual Studio plug-in
  –   Included in operating environment
• Run-time environment
  –   Automated application deployment and updates
  –   Browser-based management from anywhere
  –   Optional software
  –   Deployment options

       • ClearPath ePortal Enterprise:
         Scalable enterprise-class blade appliances with
         redundancy options

       • New ClearPath ePortal Business: Entry-level rack-mount

                                                                  Page 27
 ClearPath ePortal Business
• Capacity                                              MCP 11.1 & 12.0
   – ~1000 users
   – ~2000 transactions/minute overall
   – Up to 4 virtualized web personality modules.
• Hardware Components
   – 1U 19” Rack mount appliance
   – One Dual-Core XEON Woodcrest 2.66 MHZ processors
• Availability
   – Libra 300, 400, 520
   – CS7201, LX7100
   – FS1100, FS1300, FS1400, FS1700

                                                                     Page 28
DMSII Database Design and
Maintenance – The Problem

• Current method
  – DASDL source
  – Describe the physical and logical
    characteristics of the database

• Problem?
  – New staff don’t know DASDL and expect to
    use modern tools with graphical interfaces
  – DMSII – remains well kept secret in industry

• Solution
  – New method for DMSII database design and

                                                   Page 29
DMSII Database Design and
Maintenance – The Solution

• New method
  – Visualize and edit DMSII schemas
  – Edit on a PC using Database Operations
    Center and Embarcadero ER/Studio
  – Deploy on a ClearPath MCP Server
• Create new DMSII database schemas
• Import relational database schemas to
• Maintain and update existing DMSII
  database schemas
  – New – MCP 12.0

                                             Page 30
ClearPath Java: Reuse, Integrate,
Develop and Participate in SOA

• Include your existing ClearPath applications and data in your SOA
  and Java implementations (Wrapping)
• Develop new ClearPath-based SOA services and consumers
   – e.g. to extend your existing ClearPath applications
• Reuse and integrate your existing ClearPath applications and data

                                                                  Page 31
    ClearPath MCP JProcessor (Intel)
    Libra 680, 690, 585, 595, 580, 590
                                                      MCP 11.1 & 12.0
  All access,
                        MCP Environment
 and recovery
   via MCP
                         Java Environment (J2SE 5.0, JBoss, Tomcat)
Transparent Migration
User Access                         Java EE and Java Applications
• Web browser
                             DTP         COMS                           Hibernate
• Java clients
                           Resource    Resource
                            Adapter     Adapter                JDBC Driver
Tools available
• Administration
• Development tools       COMS Transaction Server       SQL Query Processor
• Monitoring tools
                            DTP         COMS
                            TP           TP

    Intel-based             DMSII       DMSII          DMSII                 DMSII

                                                                                Page 32
    ClearPath Libra 400 Java Environment
    Optimized for Intel Processors
                                                      MCP 11.1 & 12.0
  All access,
                        MCP Environment
 and recovery
   via MCP
                         Java Environment (J2SE 5.0, JBoss, Tomcat)
Transparent Migration
User Access                         Java EE and Java Applications
• Web browser
                             DTP         COMS                           Hibernate
• Java clients
                           Resource    Resource
                            Adapter     Adapter                JDBC Driver
Tools available
• Administration
• Development tools       COMS Transaction Server       SQL Query Processor
• Monitoring tools
                            DTP         COMS
    Intel-based MCP         TP           TP
    Intel-based Java        DMSII       DMSII          DMSII                 DMSII

                                                                                Page 33
 J2SE 5.0 (Java Virtual Machine)
                                                  MCP 11.1 & 12.0
• Reengineered for efficiency
• Major new functionality
  –   Metadata
  –   Generic types
  –   Concurrency utilities
  –   Monitoring and management instrumentation
  –   Improved out-of-box performance

• Availability
  – Libra Models 580, 590, 585, 595, 680, 690,
    FS1600, FS1800
       • Requires JProcessor
  – Libra Model 400, FS1700
       • Requires 2 quad-core processors
  – Separately orderable (no additional charge)

                                                               Page 34
JBoss Application Server
• J2EE application server
   – Makes it easy to develop, deploy, and manage enterprise Java applications
   – A professional open source software product
   – No software license fees

• Unisys and JBoss Inc. partner to offer JBoss Enterprise
  Application Platform Subscriptions that include:
   – Support (9x5 or 24x7) and bug fixes
   – New versions

• Availability
   – Libra Models 580, 590, 585, 595, 680, 690, FS1600, FS1800
      • Requires JProcessor
   – Libra Model 400, FS1700
      • Requires 2 quad-core processors

• Requires J2SE (JVM) 5.0

                                                                                 Page 35
What’s New in JBoss Application
Server Release 4.2

• Tomcat 6.0, which adds support for JSP
  2.1 and Servlet 2.5
• JavaServer Faces 1.2 integration
• JBoss Transactions (Arjuna) JTA 4.2.3 as
  the default transaction monitor
• Enterprise JavaBeans (EJB) 3.0
• Hibernate 3.2.3
• Upward compatible to Java EE 5.0

                                             Page 36
ClearPath MCP IDE for Eclipse
Major Benefits
• Standard platform for application development
• Most popular Java development IDE
• Open source (no software license charges)
• Unisys tested and integrated All-in-One release
• Unisys developed plug-ins for tight integration
  with ClearPath
• An extensive number of industry standard tools
• Fast to install; reduces the complexities of using
  open source
• Easy and fast use of Eclipse IDE for ClearPath
  Java, COBOL and ALGOL development
• Click here to download:
  ClearPath MCP IDE for Eclipse™

                                                       Page 37
          ClearPath MCP IDE for Eclipse     - System Architecture
Eclipse SDK (Basic Eclipse Download)
                                                  Open Src Plug-ins
                    Eclipse Platform
                                                       DTP             DMS II
                        User Interface                 VSS

   JDT – Java
                                Workbench         Web Enabler
                                                    Web Enabler
                                   JFace                              ClearPath
                                                  MCP Project
                                    SWT             Plug-in
                                                 Prog. WB Client      Prog. WB
 PDE – Plug-in                                       Plug-in           Server
                                                   MCP Editor
 Environment                    Workspace           Plug-in

                                  Runtime            Logging
                                                                           Page 38

           Page 39
MCP 12.0 New Security Products/Features
Business Problem                       New Product/Capability
Security administrators, auditors,     Locum SecureAudit provides a solution with
and regulators need reports on         reports that are relevant, non-technical, readable
security events and violations         and concise New Product
Protect     When in databases          Tape Encryption enhancements: DMSII dump to
sensitive   backed-up to tape          disk, and incremental/accumulated dumps
            While being transferred    TCP/IP support for IPsec provides a mechanism
            between computers          for encrypting and/or authenticating data at the
                                       packet level when using IPv6
            When in files being        FTP support for explicit TLS/SSL (Transport
            transferred between        Layer Security and its predecessor, Secure
            computers                  Sockets Layer)
Improved security on development       Permanent directory databases enable common
systems                                database access without having to use common
                                       usercodes or chargecodes
Enhance identification and access      Case-sensitive passwords increase the number
control with stronger, more flexible   of possible passwords

                                                                                      Page 40
 The Need for Security Reporting
• The demand for clear and
  comprehensive security reports
  grows constantly
• Security reporting is required by
  many organizations including:
  – Security officers, administrators and
  – Internal and external auditors
  – Government examiners and

                                            Page 41
Locum SecureAudit
                                                        MCP 11.1 & 12.0
• Produces security reports for ClearPath MCP
  – Security events extracted from the SUMLOG
  – Relevant - each targets a specific security issue
  – Non-technical - technical jargon is avoided
  –   Readable - layouts are clear and friendly
  –   Concise - extraneous information is omitted
  –   Fast-executing - efficient processing
  –   One or more log files per report
  –   Reports for specific time intervals
• Optional software product

                                                                     Page 42
Locum SecureAudit Standard Reports
• Security Violations   • COMS CFILE Changes
• Logon Violations      • File Status Changes
• MCS Initializations   • Run-time Usercode Changes
• Disk File Accesses    • Installation Records
• Program Executions    • Userdatafile Changes
• System Commands       • Security Policy Changes
• Password Changes      • Privileged Actions
• Rejected Passwords    • Miscellaneous Security Actions
• Window Accesses       • Session Information

                                                           Page 43
Locum SecureAudit Reporting Modes

• Client mode from a Windows-based PC.
  Reports can be stored in a local database
  for further analysis
    - Statistics         - Standard
    - Correlation        - Graphical
• Real-time to monitor specific events and
  violations – output routed to a program to
  generate alerts
• Batch for recurring reports
• Interactive from a terminal emulator

                                               Page 44
Protection of Sensitive Data
• Public concern about data privacy is at an all time
  – Legislation requiring notification of people impacted by
    suspected breaches
  – Several well-publicized events where sensitive personal or
    financial data was compromised
• Security of offsite data is a key issue
• Need to use sensitive data at disaster recovery
• MCP 12.0 introduces several new features to help
  you protect sensitive data
  – All require the Operating Environment Encryption Option
    and encryption-capable hardware

                                                                 Page 45
 Tape Encryption

All software tape encryption capabilities in a
single optional software product
• Encrypt/decrypt library maintenance tapes and CDs
• Make an encrypted/decrypted copy of an existing tape
• Encrypt data while stacking several tapes onto a single
  stacked tape
• Decrypt data while unstacking a stacked tape onto
  several tapes
• Encrypt/decrypt DMSII database data on audit and
  dump tapes - MCP 11.1
• Encrypt/decrypt DMSII database data in dumps
  copied to tape: disk dumps, accumulated dumps,
  and incremental dumps - MCP 12.0

                                                            Page 46
IP Security (IPsec)                                          MCP 12.0
• Can protect sensitive data while it is being transferred
  between computers
• Authenticates and/or encrypts each IP packet in a
  data stream
• Includes protocols for cryptographic key establishment
• Uses policies to define security at the MCP-to-network
  boundary. IP packets can be:
   – Forbidden from being transmitted unencrypted
   – Allowed to be transmitted unencrypted (BYPASS)
   – Encrypted prior to transmission (PROTECT)
• Provided for IPv6 only
• Subject to US Government export control
   – Packaged in the operating environment encryption option

                                                                        Page 47
Securing FTP with Explicit SSL/TLS

                                                    MCP 12.0
• Can protect sensitive data in files being transferred
  between computers
• Use of Secure Sockets Layer (SSL) or Transport Layer
  Security (TLS) protocols is dynamically negotiated so that
  only the sensitive portions of an FTP session are secured
• Defined in RFC 4217
• Included in the operating environment

                                                               Page 48
Databases in Permanent Directories
                                                 MCP 12.0
          • Can improve security on development and test
          • Removes the dependence on the use of
            shared usercodes or chargecodes
          • Enables administrators to monitor access by
          • Provides the ability to move between logically
            identical databases by simply changing the
            DATAPATH task attribute
          • Does not affect existing databases unless
            explicitly invoked

                                                             Page 49
 Case-Sensitive Passwords                           MCP 12.0
• Enhance identification and access control
  with stronger, more flexible passwords
• Increases the number of possible passwords
  to make hacking more difficult
• Controlled by a new security option
  CASESENSITIVEPW. When this option is
  – Passwords containing lowercase characters
    and some special characters do not need to
    be enclosed in quotation marks (“”) to retain
    case sensitivity.
  – Password characters are not automatically

                                                           Page 50
Where to Find More Information

                                 Page 51
Internet Resources

  – Repository for whitepapers, presentations, software release
    announcements, migration guides, catalogs, downloads, etc.
  – Registration required
  – ClearPath MCP Release 12.x
  – ClearPath MCP Business Continuity
  – SOA for ClearPath
  – ClearPath ePortal
  – ClearPath Secure Java
  – Technical Documentation Libraries Internet Site
  – No registration required to access documentation
  – ClearPath MCP Release 12.0

                                                                  Page 52
Recent Technical Whitepapers

• Business Continuity Automation in the ClearPath MCP Environment
• ClearPath MCP Java Application Architecture Environment
• Java EE and ClearPath MCP
• Java Application Access to ClearPath MCP Data
• MCP Library Maintenance Tape Encryption
• Middleware Strategy and Products for ClearPath MCP systems
• Service-Oriented Architecture: ClearPath Systems in SOA
• Service-Oriented Architecture: Delivering for Business
• Workload Management for ClearPath MCP

   All are available at

                                                                    Page 53
Topic                                    Date
ClearPath MCP 12.0 Software Update       Thursday May 22, 2008
Workload Management for ClearPath MCP    Wednesday May 28, 2008
ClearPath ePortal Update                 Thursday June 12, 2008
Business Continuity Automation           Thursday June 26, 2008

All Webinars will be at the same time
Location                   Time
New York (US Eastern)      11 AM        Webinars will be archived at
Los Angeles (US Pacific)   8 AM
Rio de Janeiro             12 Noon
London                     4 PM

                                                                       Page 54
UNITE 2008 Annual Technology

Adapting to a Changing World
Caribe Royale, Orlando, Florida
October 19-22, 2008

                      • Learn about new products
                      • Participate in workshops
                      • Meet our technical experts

                                                     Page 55
Page 56

To top