Cloud computing is one of the hot IT buzzwords/phrases floating around currently. Cloud computing offers interesting capabilities, but like anything nowadays, security is an essential component that needs to be considered carefully.
"Consolidated Security Management for Mainframe Clouds" will take a look at the challenges of security in a mainframe Cloud environment. The premise is that better management of mainframe security simplifies complex IT environments, and allows the cost-effective consolidation of security management and compliance reporting for the enterprise.
If you are interested in learning more about Cloud computing, the security challenges in this paradigm, and what Tivoli is doing to manage security in the Cloud, take a look at this webcast.
The event is July 14th at 11AM ET. Here's a link to sign up:
http://www.ibm.com/software/os/systemz/webcast/jul14/
Wednesday, June 29, 2011
Tuesday, June 28, 2011
Upcoming webcast on solving network problems
The Share user group is sponsoring a webcast on July 7th on "Solving Application and Network Issues with OMEGAMON and NetView". The presenter for the session is Kirk Bean, the product manager for NetView and OMEGAMON Mainframe Networks.
Kirk is very knowledgeable and I think you will find this to be an interesting session.
The event is July 7th and 11 AM ET. Here's a link to register:
http://www.share.org/SHAREeLearning/Webcasts/tabid/700/Default.aspx
Kirk is very knowledgeable and I think you will find this to be an interesting session.
The event is July 7th and 11 AM ET. Here's a link to register:
http://www.share.org/SHAREeLearning/Webcasts/tabid/700/Default.aspx
Thursday, June 23, 2011
A unique alert
When you generate alerts you always want the alert to be unique and meaningful, and also have a solid means of notification. You may want the alert to be visible or have some other means of notification.
Here's a unique example of an alert. This was taken from a road sign on I-75 just outside of Cincinnati. Clearly someone had a sense of humor, but once you see the alert, you'll remember it.
Wednesday, June 22, 2011
Security and alerting on z/OS
Reading the papers lately, one thing that seems interesting is a spate of very sophisticated hacking attacks on various entities and companies. A new group called LutzSec has recently claimed to have hacked the CIA, PBS, SONY and who knows what other sites. And there are other groups out there doing what they do. One thing that seems apparent is these are very sophisticated attacks, done by very tech savvy individuals.
System z is blessed with very robust security capabilities driven by tools, such as RACF. You have a lot of power and flexibility to control access to System z. But, if someone is trying to do something nefarious, how quickly will you be notified? If a hacker attack is underway, wouldn't you want to know as soon as possible?
One interesting tool is Tivoli zSecure Alert. zSecure Alert comes with a pre-defined group of alerts, plus the ability to add additional user defined alerts, as needed. So you can alert on things like logon failures with powerful IDs, people attempting to access sensitive files, or people using system authorities that you may not want them to be using. Using zSecure Alert you can generate an alert in the form of an email, an SNMP trap, or a WTO to the z/OS console.
Or you could take that alert even further. Once the alert is on the console, how about having SA V3.3 send the alert message to the Tivoli Portal, fire a situation alert in the Portal, and have that situation forward the alert to OMNIBus, if desired.
The bottom line is zSecure Alert is an intriguing tool in that it can let you know right away if a potential attack is underway. You can then drive your notification in a number of ways. Stop them in their tracks before your company or government agency is the next one in the news (for all the wrong reasons).
System z is blessed with very robust security capabilities driven by tools, such as RACF. You have a lot of power and flexibility to control access to System z. But, if someone is trying to do something nefarious, how quickly will you be notified? If a hacker attack is underway, wouldn't you want to know as soon as possible?
One interesting tool is Tivoli zSecure Alert. zSecure Alert comes with a pre-defined group of alerts, plus the ability to add additional user defined alerts, as needed. So you can alert on things like logon failures with powerful IDs, people attempting to access sensitive files, or people using system authorities that you may not want them to be using. Using zSecure Alert you can generate an alert in the form of an email, an SNMP trap, or a WTO to the z/OS console.
Or you could take that alert even further. Once the alert is on the console, how about having SA V3.3 send the alert message to the Tivoli Portal, fire a situation alert in the Portal, and have that situation forward the alert to OMNIBus, if desired.
The bottom line is zSecure Alert is an intriguing tool in that it can let you know right away if a potential attack is underway. You can then drive your notification in a number of ways. Stop them in their tracks before your company or government agency is the next one in the news (for all the wrong reasons).
Webcast tomorrow on Integrated Service Management on System z
Here's an interesting webcast happening tomorrow on Integrated Service Management for System z.
"Learn from System z customer experience: Cookbooks that can speed up deployment of integrated service management" In the session they will cover the new ISM for System z cookbooks with detailed information on how to implement ISM, and reference architectures. The details include prescriptive best practices that have been created, based on customer deployments, and are now available to speed your time to value of ISM solutions running on the mainframe.
The event will happen on June 23rd, at 11 AM ET. It's a free event, so the price is right. Here's a link to sign up:
http://www-01.ibm.com/software/os/systemz/telecon/jun23/index.html?S_TACT=101HX11W&S_CMP=twr
"Learn from System z customer experience: Cookbooks that can speed up deployment of integrated service management" In the session they will cover the new ISM for System z cookbooks with detailed information on how to implement ISM, and reference architectures. The details include prescriptive best practices that have been created, based on customer deployments, and are now available to speed your time to value of ISM solutions running on the mainframe.
The event will happen on June 23rd, at 11 AM ET. It's a free event, so the price is right. Here's a link to sign up:
http://www-01.ibm.com/software/os/systemz/telecon/jun23/index.html?S_TACT=101HX11W&S_CMP=twr
Wednesday, June 15, 2011
Upcoming System z technology virtual summit
This is a similar event to the System z summit I mentioned a few weeks ago, only this one is a virtual event, so you can attend from the comfort of your own office. This event will have four tracks: DB2 for z/OS technical update, Modern application development and deployment, CICS technical update, and Data Center operations and systems management update.
The virtual event will happen on June 29th. It's a free event, so the price is right. The agenda looks good, with good technical content on several fronts. Here's a link to sign up:
http://www.ibm.com/software/systemz/virtual/summit
The virtual event will happen on June 29th. It's a free event, so the price is right. The agenda looks good, with good technical content on several fronts. Here's a link to sign up:
http://www.ibm.com/software/systemz/virtual/summit
Monday, June 13, 2011
System z jobs
System z jobs is a web site that connects IBM System z clients, partners and businesses with students and professionals seeking System z job opportunities.
The fun thing about System z is it keeps going strong. I began working in the MVS arena in the early 1980s. In 1992 I took a job with Candle Corporation. At the time some of my colleagues asked me "why take a job with a mainframe vendor, everyone knows the mainframe is going away"? Well, it's been almost 20 years later, and as Mark Twain may have said, reports of the mainframe's death have been "greatly exaggerated". System z continues to grow and evolve. I have the pleasure of working with many shops, large and small, that continue to invest heavily in the technology.
I've also had the pleasure at IBM to mentor younger colleagues about System z technology. What's interesting is that we are now seeing a new generation of technical talent coming into the System z realm. It will be enlightening to see where they take the platform in the future.
If you are interested in the System z jobs web site, here's the link:
http://systemzjobs.com/home/index.cfm?site_id=11677
The fun thing about System z is it keeps going strong. I began working in the MVS arena in the early 1980s. In 1992 I took a job with Candle Corporation. At the time some of my colleagues asked me "why take a job with a mainframe vendor, everyone knows the mainframe is going away"? Well, it's been almost 20 years later, and as Mark Twain may have said, reports of the mainframe's death have been "greatly exaggerated". System z continues to grow and evolve. I have the pleasure of working with many shops, large and small, that continue to invest heavily in the technology.
I've also had the pleasure at IBM to mentor younger colleagues about System z technology. What's interesting is that we are now seeing a new generation of technical talent coming into the System z realm. It will be enlightening to see where they take the platform in the future.
If you are interested in the System z jobs web site, here's the link:
http://systemzjobs.com/home/index.cfm?site_id=11677
New Version of ITCAM for Transactions
IT Composite Application Monitoring (aka ITCAM) Version 7.3 went GA in May. ITCAM is one of the most interesting and powerful tools in the Tivoli suite of solutions. ITCAM provides end-to-end transaction tracking and end user experience monitoring capabilities. ITCAM also provides capabilities for robotic monitoring and Internet service monitoring. By using ITCAM you can visualize and more easily isolate problems, leading to faster problem resolution. ITCAM is a very big solution, with quite a bit of technology and capability bundled into it. There are many ways you can apply this technology to monitor and track transaction activity.
ITCAM V7.3 adds new capabilities including:
http://www-01.ibm.com/software/tivoli/subscriptionandsupport/whats-new-itcam-transactions/?cm_sp=MTE18609
ITCAM V7.3 adds new capabilities including:
-
Agentless tracking that provides improvements in time-to-value
-
Integrated view of agent based and agentless data through a single user interface on a single topology view
-
Scalable monitoring roll outs that leads to improvement in consumability
-
Enhanced transaction tracking that provides support for multiple domains including Microsoft (.Net), Distributed (Websphere, J2EE, etc.), and Mainframe
http://www-01.ibm.com/software/tivoli/subscriptionandsupport/whats-new-itcam-transactions/?cm_sp=MTE18609
Friday, June 10, 2011
About the PDS (the Persistent Data Store)
Anyone who has done an install of any of the OMEGAMONs on z/OS has gone through the exercise in the ICAT installer of configuring the Persistent Data Store (PDS). Odds are if you've done it, you have executed the configuration steps multiple times (once for each TEMS and once for each agent TEMA task on each LPAR). This adds up to doing what seems to be the same task many times over and over. The question may be, is this really necessary?
If you plan on using the history functions of the Tivoli Enterprise Portal, displaying the data in the TEP, and optionally sending the history data to the Tivoli Data Warehouse (TDW), you will need this infrastructure in place to some extent. If you are not planning on using these functions, then you can get by without doing this work. One exception to this would be OMEGAMON XE For Storage, which will require the PDS for all its various features.
My recommendation is to go ahead and set up the PDS, at minimum, at the level of the TEMS. This gives you the option of collecting at least some history data in the TEP. Keep in mind though, that this may cause some confusion with users if they are trying to collect history at the level of the TEMA, but the PDS in the TEMA is not set up.
If you can, configure the PDS for each component, TEMS and TEMAs. Often I will scale down the default size allocations of the PDSs for the various components, just to save space (this stuff can add up across many systems and agents). But, I will go ahead and create the files per the steps in ICAT. This means that a user will be able to get the history to function from the TEP without having to worry about the underlying infrastructure being in place. It may not be optimal, but it will at least function.
With that being said, you may need re-create the files with more space if usage goes up. So if users are taking advantage of the history facility, it is a good idea to monitor usage, and make adjustments if usage increases.
If you plan on using the history functions of the Tivoli Enterprise Portal, displaying the data in the TEP, and optionally sending the history data to the Tivoli Data Warehouse (TDW), you will need this infrastructure in place to some extent. If you are not planning on using these functions, then you can get by without doing this work. One exception to this would be OMEGAMON XE For Storage, which will require the PDS for all its various features.
My recommendation is to go ahead and set up the PDS, at minimum, at the level of the TEMS. This gives you the option of collecting at least some history data in the TEP. Keep in mind though, that this may cause some confusion with users if they are trying to collect history at the level of the TEMA, but the PDS in the TEMA is not set up.
If you can, configure the PDS for each component, TEMS and TEMAs. Often I will scale down the default size allocations of the PDSs for the various components, just to save space (this stuff can add up across many systems and agents). But, I will go ahead and create the files per the steps in ICAT. This means that a user will be able to get the history to function from the TEP without having to worry about the underlying infrastructure being in place. It may not be optimal, but it will at least function.
With that being said, you may need re-create the files with more space if usage goes up. So if users are taking advantage of the history facility, it is a good idea to monitor usage, and make adjustments if usage increases.
Thursday, June 9, 2011
What is tacmd?
tacmd is a command line tool used for ITM 6.x monitoring infrastructure management. There is a wide array of functions that you can use tacmd for. For example, you can use tacmd at the command line to edit agent configuration options, add a situation, create a situation, delete a situation, edit managed system lists, stop/start agents, and more. tacmd is a handy tool to have around.
The ITM Command Reference documents the capabilities of tacmd. Here's a link to the doc:
http://publib.boulder.ibm.com/infocenter/tivihelp/v15r1/index.jsp?topic=/com.ibm.itm.doc/itm_cmdref34.htm
The ITM Command Reference documents the capabilities of tacmd. Here's a link to the doc:
http://publib.boulder.ibm.com/infocenter/tivihelp/v15r1/index.jsp?topic=/com.ibm.itm.doc/itm_cmdref34.htm
Thursday, June 2, 2011
An interesting subtlety of using the KILL command with OMEGAMON CICS
OMEGAMON CICS offers levels of KILL and KILL FORCE commands to kick a problem task out of CICS. This is a handy command that users need on occasion to deal with problem transactions. Users will sometimes ask me, when is it appropriate to use KILL versus KILL FORCE? I usually suggest starting with the least powerful command and progressively working your way up to KILL FORCE.
APAR OA35253 discusses an interesting scenario when using KILL versus KILL FORCE. While OMEGAMON does not require that a user issue a KILL before doing a KILL FORCE, there is apparently an occasional timing issue where if you try doing a KILL without first doing the KILL FORCE, the command may not work, and generate an error message.
Now you may see the following if a KILL FORCE is attempted without a prior KILL. The tool will process the command as a KILL, and a message will be displayed:
APAR OA35253 discusses an interesting scenario when using KILL versus KILL FORCE. While OMEGAMON does not require that a user issue a KILL before doing a KILL FORCE, there is apparently an occasional timing issue where if you try doing a KILL without first doing the KILL FORCE, the command may not work, and generate an error message.
Now you may see the following if a KILL FORCE is attempted without a prior KILL. The tool will process the command as a KILL, and a message will be displayed:
OC0550: FORCE OPTION REMOVED - MUST TRY KILL FIRST
Wednesday, June 1, 2011
Upcoming webcast on OMEGAMON historical data collection
On June 16th I will be doing a webcast entitled "Become More Proactive through Effective Historical Analysis". In this webcast I will be looking at each of the OMEGAMON products, and their historical data collection and analysis capabilities. I'll look at the various types of historical data available, and how it can be viewed and analyzed. I will focus on the specific historical data collection capabilities unique to each of the OMEGAMON products, and then look at historical analysis functions common to all OMEGAMON and other IBM Tivoli® solutions.
I'll get into the cost/benefit aspects of historical data collection, and try to help advise on a strategy for effective efficient historical data collection. Then I will look at examples of how you can use history to be more proactive from a monitoring perspective.
The event is June 16th at 11 AM Eastern Time.
Here is a link to the event:
http://www.ibm.com/software/systemz/telecon/jun16
I'll get into the cost/benefit aspects of historical data collection, and try to help advise on a strategy for effective efficient historical data collection. Then I will look at examples of how you can use history to be more proactive from a monitoring perspective.
The event is June 16th at 11 AM Eastern Time.
Here is a link to the event:
http://www.ibm.com/software/systemz/telecon/jun16
Subscribe to:
Posts (Atom)