Modernizing the mainframe

If you’re like me, a cold shiver goes down your back whenever you read a headline like that. Too often, the report or article is written by people who don’t ‘grok’ the mainframe. You can guess that the first paragraph is going to contain words like ‘legacy’, ‘venerable’, and ‘still’ – as in ‘still using a mainframe’. The attitude is that it is a technology that most people have grown out of! How wrong is that attitude.

Articles usually go on to suggest that all those ancient applications could be easily written in modern languages and could be running on an array of Linux machines or in the cloud. They could then be updated by people trained in modern languages and customers would be getting a much better deal.

Many of the authors don’t seem to grasp that fact that the first mainframe appeared in the mid-sixties, and has been updated all the time. And that is in much the same way that aeroplanes and cars have been updated since they first appeared. Yes, people like air shows and car shows where these old vehicles turn up, but no-one uses them for everyday business uses. And that is exactly the same with mainframes.

So, let’s take a look at some of the reasons people think mainframes need modernizing. Firstly, many people think that you need to have worked on mainframes for at least 40 years before you really understand how to work on green screens and make important changes to the mainframe that won’t cause chaos. As I wrote in a TechChannel article, there are lots of things that non-mainframers can use to make working on a mainframe easier. In the article, I talk about z/OSMF, VSCode, Zowe, and ZOAU, which enable developers with non-IBM Z backgrounds to work usefully on mainframes.

Then, there’s the myth that mainframes are in a world of their own and you can’t use things like containers on a mainframe. Again, not true. Using mainframe Linux, Docker and Kubernetes can run as easily on a mainframe as on a workstation, with all the advantages you would get on a workstation or in the cloud. New containers can be spun up as needed. Containers can be made up of single microservices or multiple microservices that make up a unit of service in exactly the same way.

And, talking about cloud, many people think that mainframes and cloud are two separate worlds that can’t possibly interact. Again, this just isn’t the case. Many mainframers will jump up and down explaining that the mainframe was the first iteration of a cloud-style environment before we had the cloud. In fact, using the cloud is now something that the mainframe does well. And, IBM has been very clear that cloud is a direction it wants to be going. Red Hat OpenShift on IBM Cloud helps enterprises start the cloud migration process by creating cloud-agnostic containerized software. Developers can containerize and deploy large workloads in Kubernetes quickly and reliability.

You also find people who think that mainframes are a kind of silo area. They don’t believe that the outside world can be in contact with a mainframe unless they’re using a 3270 terminal emulator. Again, that’s not the case. Many people are accessing services on CICS or IMS from a browser. Clicking an option on the screen kicks off a CICS or IMS transaction, and the results would be displayed in the browser. In additions, CICS and IMS can take part in the API economy. RESTful APIs can be used to link mainframe microservices with microservices from the cloud or distributed systems to create new applications. And, using JSON, the results can be served up in a browser. What I’m saying is that mainframes can be treated as just another processing platform that interacts with every other processing platform.

People who work on distributed systems have, in the past, always seemed a bit behind the mainframe world in some of the things they do. But, on the other hand, they were definitely ahead in a couple of ways. For example, a SIEM running on a distributed platform is quite common. It’s used to pick up incident messages and display them for security staff to deal with straight away. Nowadays, it is possible for SMF data and other mainframe records to be written out to a SIEM on a distributed system and alert security staff. This is better than reading through day-old SMF log files. The other piece of software found on distributed systems that isn’t generally found on many mainframes is FIM software. File Integrity Monitoring software can identify when changes have been made to files and check with products like ServiceNow whether they are authorized changes and alert security staff if not. This makes identifying unauthorized activity so much quicker than pouring over yesterday’s SMF data. BMC offers such mainframe software, as well as a company called MainTegrity with their FIM+ product.

Lastly, many people aren’t aware of just how secure a platform a mainframe can be. With z15 processors, IBM has extended the ability to encrypt data stored on the mainframe to also encrypt data in transit. And it can do that without impacting system performance. This uses the idea of Data Privacy Passports. So, even if data is accessed by an intruder, they won’t be able to read it because they won’t be able to decrypt it.

What I’m saying is that mainframes are being modernized by IBM and other software vendors all the time. It’s just a case of whether mainframe users are making use of all the facilities that are available. I’d also like to suggest that it’s the job of all mainframe professionals to spread the word about what mainframes can do to not only non-mainframe-based IT staff, but also management and the rest of the world.