IBM Infrastructure’s Role in Cloud, AI and Security
Cloud, artificial intelligence (AI) and security all have underpinnings in infrastructure—the servers, storage and software that power an organization. A purpose-built architecture is critical to achieving the performance needed for current and future business requirements. “Technology alone can’t transform a company, but it’s a very essential ingredient in business transformation,” says Tom Rosamilia, senior vice president, IBM Systems.
IBM Systems magazine sat down with Rosamilia to learn more about the role of infrastructure in organizations’ digital transformations.
IBM Systems magazine (ISM): Where are IBM clients in terms of digital transformation?
Tom Rosamilia (TR): Some IBM clients are very advanced. Others are just beginning their journey. I think the journey will take time. Many of our clients have an established infrastructure and their digital transformation requires them to think about how they may change it or even modernize it.
IBM is helping clients get to a point where they can create a set of services and combine those into other applications to leverage the investments they’ve already made. We’re also helping clients move workloads to hybrid cloud. I think the journey to the cloud–public, private and hybrid cloud—is just beginning. IBM estimates that enterprises are about 20 percent of the way there. And going to the cloud doesn’t mean moving everything off premises. It means that clients want to be in the most flexible environment possible and the right answer for them is a hybrid and/or multicloud environment.
ISM: What business challenges are clients looking to IBM infrastructure to solve?
TR: Companies will be working with five, 10, 15 different cloud platforms. Some of these may be off-the-shelf applications. A level of interconnection and integration between them is needed. The good news is that this is something IBM is very, very good at—being the glue among all of these different platforms. Some of these will be on premises; they will be running on IBM servers with IBM storage. Some will be hyperscale data centers, hopefully with IBM servers, storage and software. Some may be by service providers. The role of CIOs and the role of IT providers is to enable that multicloud world. To do that, they will need to provide clients with a level of choice, portability and freedom.
“About 80 percent of the world’s data is behind a firewall still. The IBM Z platform has the crown jewels of data that companies want to analyze and need to protect.”
–Tom Rosamilia, senior vice president, IBM Systems
ISM: Cloud is becoming important because of all of the data that people are using to make business decisions. Why are IBM infrastructure solutions well suited to handle vast quantities of data?
TR: IBM architected memory bandwidth, networking bandwidth, and speed between GPU and CPU are tops in industry. It’s not just the performance per core. We have that. It’s not just about memory per socket. We have that. It’s also the bandwidth between processor and accelerator. We have lots and lots of that.
About 80 percent of the world’s data is behind a firewall still. The IBM Z* platform has the crown jewels of data that companies want to analyze and need to protect. They want to combine information from the outside with information from the inside. Our ability to do machine learning on Z, where the data lives, is absolutely key. The ability to go through hyperlinks between a z/OS* partition and a Linux* partition running on Z gives us the ability to secure that within Z. Clients can do so with ultimate speed and without moving workloads and data off the platform; this is critical because moving data off the platform subjects it to potential security issues as well as latency.
The IBM Spectrum family of storage software also does heavy lifting with data. Products like Spectrum Discover enable clients to leverage analytics, AI, compliance and regulatory applications by leveraging the metadata on storage to more rapidly execute those solutions. This is about data oceans, not just data lakes. IBM flash and software-defined storage can handle all of this big data.
“If you examine the amount of workload running the world’s production for mission-critical workloads, mainframes handle about 68 percent of that. But the IBM Z platform is only 6 percent of the IT spend.”
–Tom Rosamilia
ISM: What business challenges are leading organizations to explore private cloud?
TR: Cloud—public or private—provides a level of flexibility, agility and speed to deployment that organizations need. Data location is critical because data has a lot of gravity. If your data lives on premises, you’re going to want to use a private cloud. You get the advantages of cloud, the speed of deployments, the ups and the downs, the ebbs and the flows, the capacity as needed, and potentially even the pricing.
Private cloud gives people the ability to say, “Maybe I want to run that somewhere else someday. If I run it in my container in my private cloud today, if I architect it a certain way, it gives me the choice of running it somewhere else tomorrow.” That’s the kind of choice IBM wants to give people. That’s why we encourage enterprises to provision infrastructure for the location of where they might want to run that workload in the future. For private cloud, the combination of IBM Cloud Private and Red Hat Open Shift, which we announced in May 2018, allows Power Systems and IBM Z servers to be integral parts of a hybrid cloud.
ISM: What other technical innovations demonstrate IBM’s commitment to hardware?
TR: IBM is pouring innovation into IBM Z with things like pervasive encryption. Storage innovations include NVME storage and software-defined storage, and cybersecurity.
One area we haven’t really talked about is quantum. It will be a game changer. It won’t replace any of the existing compute power. It’s a nonclassical form of computing. Many of the kinds of algorithms that can’t run today, or would take a thousand or a million years to run, can be run on quantum systems. Over the next couple of years, IBM will demonstrate that. With the IBM Q system, more than 100,000 scientists and users are seeing the power of IBM Q on the cloud. They have run millions of experiments. The power of quantum will be something people will see soon. It’s also something they can get a sense for now on the IBM Cloud.
ISM: You mentioned pervasive encryption, which is one of the latest and greatest features of IBM Z. Can you explain why it’s so critical in today’s digital landscape?
TR: When IBM was in the planning stages for the z14, we asked more than 150 clients about their pain points and what IBM could do to solve them. We obviously deliver better performance in the z14. That’s one of the features our clients are always looking for. One of the pain points that really stood out was the lack of encryption in the world today. Only about 5 percent of the data is encrypted and encryption is absolutely the best way to fight against the bad guys.
People are going to continue to do perimeter-level security and threat detection to the best of their abilities. But almost everyone would admit that eventually cyberthreats become full-fledged cyberattacks. Then the question is: What can hackers see when they get in? If your data is encrypted, they can’t see anything. They can’t make sense of anything. Encryption can protect against insider threats as well.
The next question becomes: If encryption is so wonderful, why is only 5 percent of the world’s data encrypted? The answer is two-fold: It’s either too punitive from a performance standpoint or too expensive. If I want to do file-level encryption, then my system comes to a grinding halt. If I want to do field-level encryption, for example, encrypting Social Security numbers or passwords, I have to make application changes to encrypt and decrypt that at the field level. So, people don’t do it.
The z14 platform offers the ability to do file-level encryption. I just point a system to a data set and say, “I want that to be an encrypted file from now on.” The system handles everything else. The encryption happens at the file level so the system handles it without performance penalty and without having to make application changes. This eliminates the two big pain points people were feeling—performance and cost. We did it by handling the encryption in the silicon and in the microcode so people don’t pay a performance penalty for doing it. As a result, we have many clients well on their way to benefiting from pervasive encryption.
ISM: Didn’t IBM Storage announce a new security solution too?
TR: Yes, IBM Safeguarded Copy, which works on the DS array solutions, protects clients against having their data held hostage and having to pay with cryptocurrency to get it back. It keeps multiple copies of the data—from four hours ago, from eight hours ago, from 12 hours ago, etc. So if a hacker comes along and holds your data hostage, you go back to your file and say, “I’ll go back to what I had four hours ago.” It’s not a perfect solution, but it’s better than paying to get your data back.
ISM: Can you address the concerns people have about the affordability of the mainframe?
TR: People have the perception that the mainframe is expensive. Part of that comes from the fact that it’s isolatable—meaning it’s actually something I can account for. I have a good accounting of how much I’m spending for hardware and software. If you examine the amount of workload running the world’s production for mission-critical workloads, mainframes handle about 68 percent of that. But the IBM Z platform is only 6 percent of the IT spend. In some ways, you could say it is 10-to-1 less expensive than other platforms because of the volume that it handles for the minimal amount of money that it actually costs. Adding workloads to a mainframe is super competitive. Adding analytics to an existing z/OS transaction processing environment is a very competitive business.
Competing on that margin is something IBM absolutely wants to do and does in all cases where clients have come to us and said, “If I can get this kind of a price, I would put it on the mainframe.” The answer is you actually can. It’s the least expensive platform to add capacity to.
ISM: What types of new workloads are clients deploying on Z?
TR: One great example is a new Z client running Temenos on their IBM Z zR1 platform on LinuxONE. This mid-tier bank in Asia knew it wanted the value of Z with an off-the-shelf banking application. Another example is companies consolidating Linux on Intel* onto LinuxONE. Lots of money is being spent on underutilized Intel servers and clients consolidate hundreds of them onto a LinuxONE box. It saves space, energy and software licenses.