IBM is betting big on pervasive encryption with a new mainframe dubbed IBM Z that may land new workloads amid data breaches.
The company has rolled out the IBM Z, its next-generation mainframe that's capable of handling 12 billion encrypted transactions a day. The general idea is that IBM Z will encrypt all data all the time and reduce the attack surface for enterprises about 92 percent.
With the mainframe repositioning, IBM is looking to juice sales of its stalwart z system lineup. At the heart of IBM Z is an encryption engine that will encrypt data associated with any application, cloud service or database.
The timing is handy given the surge in data breaches and regulations such as the EU's General Data Protection Regulation. Mainframes are still widely used in financial services.
"We think this will be broadly adopted across financial services, government, retail and travel and transportation," said Ross Mauri, general manager of IBM Z. "The encryption is critical for all industries. This new system allows for a customer to encrypt all data on the mainframe. This feature rose to the top regardless of industry or country. Security is a board level issue."
IBM said it co-designed the IBM Z with 150 clients including security experts and chief security officers. The last time IBM respun the mainframe was when it virtualized Linux and open source software about 15 years ago.
Make no mistake. Mainframe sales have a significant impact on IBM's hardware business. There will certainly be an upgrade cycle, but what's unclear is whether IBM can expand the reach of the IBM Z with its approach to encryption. Mauri said IBM so far has preached and collaborated with the base, but the company brings on anywhere from 5 to 15 new Z customers a quarter.
Mauri said the core of the system--software, hardware and firmware--is usually in development about 3 years. Engineers have been working on the base technologies for IBM Z for 5 years. "Customers have been engaged for more than 2 years," said Mauri.
Big Blue also said it plans to build six IBM Cloud Blockchain data centers with IBM Z as the encryption engine. Those IBM Cloud Blockchain data centers launched in New York, London, Frankfurt, Sao Paolo, Tokyo and Toronto to cater to the financial services sector. Mauri said more blockchain centers will be added.
"There are six that we've built and more in the future," said Mauri. "We located them around the world for latency and more for regulations and data locality."
- The pervasive encryption approach includes:
- Data is encrypted at rest and in flight wherever it resides. In addition, data can be encrypted in bulk given improvements in the silicon dedicated to the cryptographic algorithms.
- IBM Z protects millions of encryption keys with tamper responding hardware that self destructs at any sign of intrusion.
- Encrypted application programming interfaces so developers can build applications and services.
As for pricing, IBM unveiled three container pricing models. Pricing for new microservices and applications can be co-located based on quality of service requirements. Application development and test environments will be tripled so capacity can be raised without a license increase. And there's pricing model for payment systems, which is based on the volume of payments not capacity.
These new pricing models will be available by the end of the year for z/OS V2.2 and z/OS V2.3.
IBM Z will be able to support 12 billion encrypted transactions a day, two million Docker containers and 1,000 concurrent NoSQL databases via three times the memory of the z13 and 3x faster I/O and transaction processing.