Friday, 8 April 2022

Sweet (z)16 mainframe

On Tuesday, IBM unveiled its much-trailed new mainframe, the z16, its next-generation system with an integrated on-chip AI accelerator, which delivers latency-optimized inferencing. The accelerator is designed to enable clients to analyze real-time transactions, at scale. So, ideal for mission-critical workloads such as credit card, healthcare, and financial transactions. The z16 is also specifically designed to help protect against near-future threats that might be used to crack today's encryption technologies.

What problem is the new z16 addressing? To a large extent, it’s financial fraud. According to a study from IBM and Morning Consult “2022 IBM Global Financial Fraud Impact Report”, credit card fraud is the most common type of fraud among consumers in the seven countries surveyed. Furthermore, respondents said they believe that banks and payment networks should be most responsible for preventing fraud. But running deep-learning models at scale in real-time has not been possible due to latency issues, meaning fraud detections models are only run on less than 10% of high-volume transactions, which means that a significant amount of fraud is going undetected.

The z16, with its pre-announced 7nm Telum processor provides the much needed on-chip AI inferencing, and the rest of the mainframe (like earlier models) provides highly secured and reliable high-volume transaction processing. Banks are now able to analyze for fraud during transactions on a massive scale. IBM asserts that the z16 can process 300 billion inference requests per day with just one millisecond of latency. Users of the z16 will be able to reduce the time and energy required to handle fraudulent transactions on their credit card. For both merchants and card issuers, this could mean a reduction in revenue loss as consumers could avoid the frustration associated with false declines where they might turn to other cards for future transactions.

Tax fraud and organized retail theft are emerging as challenges for governments and businesses to control. Real-time payments and alternative payment methods like cryptocurrencies are pushing the limits on traditional fraud detection techniques. Applying the new capabilities of IBM z16 to other industries can help create an entirely new class of use cases, including:

  • Loan approval: to speed up approval of business or consumer loans
  •  Clearing and settlement: to determine which trades and/or transactions may have a high-risk exposure before settlement
  • Federated learning for retail: to better model risk against fraud and theft.

The Telum chip contains eight processor cores that apparently run at more than 5GHz clock frequency. There will be two eight-core chips in each individual socket with the z16 processor, and they will be linked by a proprietary interconnect. To put that in perspective, the Z15's clock speed was 5.2GHz, and it came with 10 cores.

As hybrid environments become more popular, comprising on-prem and public cloud resources, it becomes critically important to protect against threats and work against cyber criminals who might steal data now for decryption later. To that end, the z16 comes with Pervasive Encryption and Confidential Computing.

IBM, like other organizations is working on quantum computing, which is promised to be able to break currently-available security techniques. The z16 is recognized as the industry's first quantum-safe system. What that means is that the z16 with the Crypto Express 8S card provides quantum-safe APIs providing access to quantum-safe algorithms that have been selected as finalists during the PQC standardization process conducted by NIST. Quantum-safe cryptography refers to efforts to identify algorithms that are resistant to attacks by both classical and quantum computers, to keep information assets secure even after a large-scale quantum computer has been built.

The IBM z16 is underpinned by lattice-based cryptography, an approach for constructing security primitives that helps protect data and systems against current and future threats. With IBM z16 quantum-safe cryptography, businesses can future-ready their applications and data today.

With secure boot (meaning that bad actors cannot inject malware into the boot process to take over the system during start-up), IBM z16 clients can strengthen their cyber resiliency posture and retain control of their system. The secure boot and quantum-safe cryptography (mentioned above) can help clients address future quantum-computing-related threats including harvest now, decrypt later attacks, which can lead to extortion, loss of intellectual property and disclosure of other sensitive data.

In terms of resiliency, IBM announced Flexible Capacity for cyber resiliency, allowing a fully automated client-initiated site swap within seconds, which can then stay for a year. Customers can dynamically shift production workloads from one IBM z16 system to another z16 system in seconds – an almost instantaneous shift of capacity from one environment to another. IBM allows customers to perform this operation up to 12 times a year, ie six round trips.

IBM also introduced the IBM Z Security and Compliance Center to simplify and streamline compliance tasks. Complex hybrid-cloud environments can make putting together all the information needed for an audit time-consuming and difficult. The IBM Z Security and Compliance Center automates the collection and validation of the evidence against a set of controls, the system, operating system, middleware, and applications. The first release will focus on PCI DSS and NIST 853 security controls, with a more planned. The solution includes a centralized interactive dashboard displaying compliance posture in real-time.

With cyber-crime such a huge issue, and the worry about quantum computers and their ability to quickly break codes, having a platform that is ahead of the game like the z16 has got to make it a first choice for any organization worried about those threats. The new mainframe becomes generally available on 31 May.

No comments: