Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

IBM i for Enterprise Businesses Quantifying the Value of Resilience


Published on

Learn about the IBM i for Enterprise Businesses Quantifying the Value of Resilience.The IBM i operating environment has a longstanding track record of maintaining extremely high levels of
availability, security and disaster recovery. Users routinely describe it as “highly stable, extremely robust, completely dependable, rock-solid” and comparable terms.

  • Be the first to comment

  • Be the first to like this

IBM i for Enterprise Businesses Quantifying the Value of Resilience

  1. 1. October  2012  MANAGEMENT  BRIEF   IBM i for Enterprise Businesses Quantifying the Value of Resilience International Technology Group 609 Pacific Avenue, Suite 102 Santa Cruz, California 95060-4406 Telephone: + 831-427-9260 Email: Website:
  2. 2. Copyright © 2012 by the International Technology Group. All rights reserved. Material, in whole or part, contained in this document may not bereproduced or distributed by any means or in any form, including original, without the prior written permission of the International TechnologyGroup (ITG). Information has been obtained from sources assumed to be reliable and reflects conclusions at the time. This document wasdeveloped with International Business Machines Corporation (IBM) funding. Although the document may utilize publicly available material fromvarious sources, including IBM, it does not necessarily reflect the positions of such sources on the issues addressed in this document. Materialcontained and conclusions presented in this document are subject to change without notice. All warranties as to the accuracy, completeness oradequacy of such material are disclaimed. There shall be no liability for errors, omissions or inadequacies in the material contained in thisdocument or for interpretations thereof. Trademarks included in this document are the property of their respective owners.
  3. 3. TABLE OF CONTENTS EXECUTIVE SUMMARY 1 Value Proposition 1 Costs Of Downtime 2 Severe Unplanned Outages 5 Security and Malware Protection 7 Conclusions 8 RISK TRENDS 9 Overview 9 Supply Chain Disruption 9 Retail Vulnerabilities 12 Financial Services 13 Risk Sensitivities 13 Availability and Recovery 13 Security and Malware 14 Data Breaches 15 PLATFORM DIFFERENTIATORS 16 Overview 16 IBM i 17 Principal Characteristics 17 High-end Storage Support 19 Power Systems 21 Overview 21 Virtualization 21 PowerVM and x86 Virtualization 23 Availability Optimization 24 Power Systems 24 Software Solutions 25 DETAILED DATA 27 Company Profiles 27 Costs of Downtime 28 Calculation Process 28 Supply Chain Companies 28 Financial Services Companies 29 Severe Unplanned Outages 29List of Figures 1. Average Costs of Downtime per Hour – Supply Chain Companies 3 2. Average Costs of Downtime per Hour – Financial Services Companies 4 3. Three-year Costs of Downtime by Platform – Supply Chain Companies 4 4. Three-year Costs of Downtime by Platform – Financial Services Companies 5 5. Three-year Risk Exposure to Severe Unplanned Outages – Averages for Supply Chain Companies 6 6. Three-year Risk Exposure to Severe Unplanned Outages – Averages for Financial Services Companies 6 7. Comparative Vulnerability Data – January 2008 Through June 2012 7 8. Comparative Vulnerability Data – Lifetime Totals 7 9. Basic Manufacturing Supply Chain Processes – SCOR Model 10 10. Potential Costs of Outages – Manufacturing Companies 11 11. Data Breach Costs – U.S. Examples 15 12. IBM i Single-level Storage Structure 17 13. IBM i and Power Systems Autonomic Functions 20 14. IBM i and Power Systems Architecture 22 15. System Environment Layers – Example 24 16. Key Power Systems Availability Optimization Technologies 26 17. Company Profiles 27 18. Average Costs of Outages per Hour Detail 29International Technology Group i
  4. 4. EXECUTIVE SUMMARYValue PropositionThe IBM i operating environment has a longstanding track record of maintaining extremely high levels ofavailability, security and disaster recovery. Users routinely describe it as “highly stable...extremelyrobust…completely dependable…rock-solid” and comparable terms.This has been the experience not only of midsize businesses, but also of large organizations requiringenterprise-class capabilities. Among IBM i users are some of the world’s largest corporations, includingmembers of the Fortune 100 and FTSE 100.Among this group, IBM i typically supports high-volume business-critical systems. Examples includeenterprise resource planning (ERP) systems, along with supply chain management, core banking andretail, e-commerce and equivalents in a wide range of industries. IBM i offers levels of availability,security and recoverability that are – by wide margins – greater than any competitive platform.What is the value of these strengths? Few would dispute that disruption of core enterprise systems canaffect the bottom line. Many organizations, however, do not factor costs of downtime into their platformselection processes. This may be a serious mistake. Business damage due to planned as well as unplannedoutages may vary significantly between platforms.This report presents two sets of three-year cost comparisons for use of IBM i, Microsoft Windows ServerFailover Clusters (WSFC), and Oracle Exadata Database Machine to support core enterprise systems insix companies. Comparisons are presented for companies operating supply chains, and for financialservices companies with revenues of between $1 billion and $10 billion.Results may be summarized as follows: • Costs of downtime – i.e., business costs due to outages – averaged 90 percent less for use of IBM i than for Windows server clusters, and 71 percent less than for Oracle Exadata. This calculation is for planned outages and unplanned outages of less than three hours duration. Lower IBM i costs of downtime translated into three-year business savings of $2.8 million to $35.3 million compared to use of clustered Windows servers, and $700,000 to $8.6 million compared to use of Oracle Exadata. • Risk exposure to severe unplanned outages of 6 to 24 hours duration is also significantly lower for use of IBM i. These calculations, which employ a standard probability/impact methodology, indicate that risks of severe business damage for use IBM i average 93 percent less than for use of clustered Windows servers and 73 percent less than for use of Oracle Exadata. These variances translated into $257,000 to $7.43 million in higher risk exposure for use of clustered Windows servers and $56,000 to $1.69 million for use of Oracle Exadata.Comparisons are based on use of IBM i 7.1 with IBM PowerHA SystemMirror for i high availabilityclusters on latest-generation Power Systems; Windows Server 2008 R2, SQL Server 2008 R2 and WSFCon latest-generation Intel E5- and E7-based platforms; and current Oracle Exadata models with Oracle11g Database including Real Application Clusters (RAC).Lower costs of downtime and risk exposure for use of IBM i are due to fundamental differences inarchitecture and technology.International Technology Group 1
  5. 5. IBM i is designed specifically to run business-critical systems. High levels of availability reflect featuresbuilt into the IBM i kernel, and embedded into Power Systems hardware and firmware. IBM i is the mosttightly integrated and automated operating environment in existence. The potential for system, operator oradministrator errors is minimal.The strengths of IBM i in security and malware protection reflect the system’s distinctive object-basedarchitecture. Objects are encapsulated in a manner that places strict controls on data as well as systemcode, making it extremely difficult for unauthorized instructions to execute. Security violations are rare,and malware incidents are virtually unknown. There are no known native IBM i viruses.Disaster recovery capabilities are built into the IBM i kernel and tightly integrated with IBM PowerHAand third-party failover and recovery solutions. These have supported high-volume business-criticalsystems for decades.IBM i and Power Systems routinely handle enterprise-class workloads requiring high levels of scalabilityand performance – many users employ IBM Power 770, 780 and 795 models with up to 64, 96 and 256POWER7 cores respectively – and offer highly granular, real-time virtualization even in demandingproduction environments.In terms of technological currency, IBM i implements the full function SQL-compliant DB2 relationaldatabase, Internet standards and interfaces to tablets and smartphones. It also supports a wide range ofdevelopment languages, including C/C++, COBOL, RPG, Java, PHP, XML and others.IBM i users have been able to take full advantage of Internet and, more recently, mobile technologies toemploy popular “open” development tools and to exploit growing pools of developer skills.A further point should be noted. The virtualization strengths of IBM i and PowerVM provide a strongbase for realization of public as well as private clouds. IBM i and PowerVM are central platforms in IBMcloud strategy, and will be fully supported in the future evolution of IBM cloud solutions and services.In most organizations – including those upon which comparisons presented in this report are based – IBMi systems coexist with a variety of UNIX and x86 servers. IBM i may not be appropriate for allapplications. But for core systems that “run the business,” its distinctive strengths are unmatched.Costs Of DowntimeThe comparisons presented in this report are based on detailed financial and operational data supplied by60 companies employing IBM i, WSFC or Oracle Exadata to run core enterprise systems.Based on this input, six composite company profiles were created. These included companies operatingsupply chains (an auto parts manufacturer, a retail chain and an industrial distributor) as well as financialservices companies (a diversified retail bank, a property and casualty insurer and a services company).Average costs of downtime per hour were first calculated for these companies, and then multiplied bynumbers of hours of downtime for each of the three platform options. The focus was placed on underlyinghardware and software platform outages, rather than application-level downtime.For supply chain companies, average costs of downtime ranged from $549,000 to $1.21 million to perhour. Figure 1 summarizes these results.International Technology Group 2
  6. 6. SUPPLY  CHAIN  C OMPANIES   1,213.71 Auto  Parts  Manufacturer   Outbound  supply  chain  disrupCon   Inbound  supply  chain  &  producCon  disrupCon   Customer  penalCes  &  remedial  costs   685.03 Retail  Chain   Lost  sales   Supply  chain  disrupCon   SG&A  costs   549.16 Industrial  Distributor   Lost  sales   $  thousands   Supply  chain  disrupCon  Figure 1: Average Costs of Downtime per Hour – Supply Chain CompaniesCosts of downtime allow for cascading effects. In tightly integrated supply chains characterized by leanoperating models (i.e., there are few or no inventory buffers) and real-time operations, evidence has shownthat the effects of disruption at any point may cascade across the entire supply chain.This significantly changes the costs of downtime equation. In the past, for example, companies oftencalculated that, if annual sales were $5 billion, the cost of an hour of downtime was $5 billion divided by8,760 hours per year = $570,000. In practice, however, the cost may be four or five times higher, and theeffects may continue to felt for days or even weeks.For supply chain companies, allowance was also made for lost sales, increases in operational costs,remedial costs such as late delivery and imperfect order penalties, and related effects. Selling, general andadministrative (SG&A) costs for the retail chain are due to disruption of store operations.Costs of downtime may be substantial in other industries where cascading occurs. These includetransportation, where schedule disruption may have major bottom-line impacts; third-party logisticsservices; engineering and construction; energy companies and public sector organizations.For financial services companies, costs of downtime varied by type of business. For the bank, costs ofdowntime include lost or delayed transaction fees, lost interest income and lost productivity for branchand call center staff.For the insurer and services company, costs include lost policy income (the company transacted a largevolume of business over the Internet, and was thus exceptionally vulnerable to effects of outages) and lostservices income respectively. Other items include lost interest income and lost productivity for customer-facing staff.Costs of downtime for all three companies allow for the effects customer attrition, calculated usingappropriate customer lifetime value (CLV) metrics, and lost customer acquisition costs.Average costs of downtime ranged from $128,000 to $259,000 per hour. Figure 2 summarizes theseresults.International Technology Group 3
  7. 7. FINANCIAL  SERVICES  COMPANIES   259.45 Bank   Customer  aNriCon     Lost  fee  income   Other  costs   150.36 Insurance  Company   Lost  income   Other  costs   127.86 Services  Companies   Lost  income     Other  costs   $  thousands  Figure 2: Average Costs of Downtime per Hour – Financial Services CompaniesBased on these values, three-year costs of downtime for the three platform options were as shown infigures 3 and 4.  38.84     Auto  Parts  Manufacturer    12.14      3.52      20.55     Retail  Chain    8.56      2.77      9.88     Industrial  Distributor    4.39      1.10     MicrosoY  WSFC   Oracle  Exadata   $  millions   IBM  i/Power  Figure 3: Three-year Costs of Downtime by Platform – Supply Chain CompaniesComparatively high WSFC costs of downtime are notable in that “five nines” (99.999 percent)availability is commonly claimed for this platform. There are several reasons for this disparity.One is that such claims commonly refer to low-volume environments and/or applications whosecharacteristics are significantly different to those of enterprise business systems. The technical challengesof maintaining high levels of availability for, say, email or collaborative networks are not the same asthose for high-volume transactional and mixed workloads.International Technology Group 4
  8. 8.  9.34     Bank    2.98      0.78      4.81     Insurance  Company    1.50      0.45      3.07     Services  Company    1.02      0.32     MicrosoY  WSFC   Oracle  Exadata   $  millions   IBM  i/Power  Figure 4: Three-year Costs of Downtime by Platform – Financial Services CompaniesA second reason is that claims typically refer to avoidance of unplanned outages rather than overalldowntime. Windows cluster environments tend to be highly complex, and in practice require extensivesoftware maintenance. Complexity also increases risks that unplanned outages will occur – there are morepotential points of failure.WSFC deployments supporting enterprise-class systems are typically customized by professional servicesfirms. Modifications, as well as testing of these, tend to be more difficult and time-consuming than mightbe the case in a less complex Microsoft environment.Higher levels of availability for Oracle Exadata reflect more resilient hardware and use of the company’sRAC cluster technology. Planned outages, however, tend to be longer and more frequent than for IBM i.Oracle Exadata systems have been variously deployed for business intelligence (BI), transactionalapplications and consolidation of Oracle database servers. The underlying architecture is, however,primarily optimized for high-performance analytics.Severe Unplanned OutagesThere is a great deal of evidence that, when severe unplanned outages occur, the bottom-line impactincreases in a manner that is as much exponential as arithmetic. A 24-hour outage, for example, may nothave four times the impact of a 6-hour outage. It may have 20 times more.Experience with major supply chain failures has shown that effects may extend beyond operational costsand lost sales to include reputational damage, impaired corporate financial performance, share pricedeclines, reduced investor confidence and other negative effects.Financial services companies are equally if not more vulnerable. Customer attrition and remedial costs arelikely to be substantial, reputational damage may be immediate and massive, and regulatory penalties andlegal costs may be incurred.International Technology Group 5
  9. 9. The example of the recent (June 2012) core banking system outage affecting the UK’s Royal Bank ofScotland (RBS) is instructive. The outage left 17 million of the company’s 23 million customers unable toaccess account information, withdraw or transfer funds, or process payments for up to six days. Mediacoverage was massive and predominantly negative.In August 2012, RBS projected more than $200 million in remedial costs for customer reimbursements,overdraft extensions and related actions. The company was also obliged to extend hours at more than1,200 out of 2,500 branches and double call center staff in order to handle customer queries. The extent ofcustomer attrition is still unclear.Like costs of downtime, risk exposure is materially affected by platform choices. In supply chaincompanies, three-year exposure for use of IBM i on Power Systems averaged 93 percent less than forWSFC, and 73 percent less than for use of Oracle Exadata.Disparities for financial services companies were generally similar. Comparable averages were 95 percentand 76 percent less respectively. Figures 5 and 6 illustrate these results. MicrosoY  WSFC   4,858.51   Oracle  Exadata   1,319.79   IBM  i/Power   357.63   $  thousands  Figure 5: Three-year Risk Exposure to Severe Unplanned Outages – Averages for Supply Chain Companies MicrosoY  WSFC    604.54     Oracle  Exadata    140.76     IBM  i/Power    34.25     $  thousands  Figure 6: Three-year Risk Exposure to Severe Unplanned Outages – Averages for Financial Services CompaniesInternational Technology Group 6
  10. 10. Security and Malware ProtectionA further area of risk exposure should be highlighted. Hacking and infection by malware (malicious code)remain ubiquitous threats for all large organizations.Companies that experience customer data breaches may incur fines and other regulatory penalties, alongwith costs of remedial actions such as notifications, monitoring for identity theft, query handling, andinvestigation and resolution of security flaws. In the event of a publicized breach, customer attrition andreputational damage may also be substantial.Even if customer data is not compromised, other types of sensitive information may be compromised, anddamage to systems and software may occur.In security and malware protection, differences between IBM and competitive platforms are not merelysignificant – they are dramatic. These differences are reflected in data compiled by Secunia, one of theindustry’s leading authorities on security and malware exposure.Figure 7 shows numbers of advisory notices issued by the company between January 2008 and June 2012inclusive for the most recent versions of IBM i, the two principal Linux distributions – Red HatEnterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES) – and for Windows Server 2008. WINDOWS   RHEL   RHEL   SEVERITY   SLES  10   SLES  11   IBM  i  7.1   i5/OS  6.x   SERVER  2008   Server  5   Server  6   Extremely  critical   3   1   0   0   0   0   0   Highly  critical   64   93   61   134   88   0   0   Moderately  critical   34   185   84   79   53   0   6   Less  critical   73   175   85   60   66   0   5   Not  critical   5   53   31   18   14   0   0   TOTAL  ADVISORIES     179   507   261   291   221   0   11  Source:  Secunia  Figure 7: Comparative Vulnerability Data – January 2008 Through June 2012Figure 8 shows lifetime vulnerabilities; i.e., the number of vulnerabilities recorded by the company sinceeach version was introduced. Multiple vulnerabilities may be documented in a single advisory notice. WINDOWS   RHEL   RHEL     SLES  10   SLES  11   IBM  i  7.1   i5/OS  6.x   SERVER  2008   Server  5   Server  6   February   March   November   July     March   April     January   Release  Date   2008   2007   2010   2006   2009   2010   2008   Lifetime  Vulnerabilities   352   1,871   906   3,557   1,889   0   16  Source:  Secunia  Figure 8: Comparative Vulnerability Data – Lifetime Totals(Oracle Enterprise Linux, the most commonly employed Exadata operating system, is not trackedseparately. It is based on RHEL. Windows Server 2012 became generally available in September 2012.)Disparities are confirmed by other sources. During 2011, for example, the National Vulnerability Databasemaintained the U.S. National Institute of Standards and Technology (NIST), recorded 197 medium andhigh security vulnerabilities for Linux, and 130 for Windows Server. None were recorded for IBM i.International Technology Group 7
  11. 11. The significance of IBM i security strengths is reinforced by two factors. One is that, most securityauthorities recognize, firewall-based perimeter defenses are no longer enough. Penetration of these hasbecome increasingly common, and they do not prevent escalating threats of insider abuse. Higher levelsof protection are required for core business databases.The second is that, since the onset of recession, businesses have become reluctant to increase spending onIT security, and many have reduced it. Threats, however, have continued to increase. Organizations havebeen faced with a choice between greater expenditure or greater risk. IBM i enables them to avoid thischoice. Better security may be maintained at a lower cost.ConclusionsNo matter how one rates the value of IBM i’s distinctive strengths, that value is increasing over time.Industry trends are magnifying the effects of downtime. Among companies operating supply chains,economic conditions have accelerated inventory drawdowns, while moves to lower-cost offshore sitesincrease supply chain complexity and geographic dispersion. Adoption of real-time business analytics andtechnologies such as RFID will further reduce cycle times.For financial services companies, mergers and acquisitions mean that core systems outages affect largernumbers of customers. Growth of online and – increasingly – mobile services has introduced new pointsof vulnerability. Competitive pressures have increased risks of customer attrition. In these and otherindustries, use of social media has increased security and malware exposure.IBM i has been employed, in some cases for more than 20 years, by large users worldwide. It wasdesigned to offer a simple, reliable, secure and easy-to-administer platform to support core businesssystems.In an era when the IT world has veered toward ever-greater complexity, IBM i has retained thesecharacteristics. More than any other server environment available today, it is designed to minimize thecomplexities with which organizations must deal.Over the last few years the IT industry has, ironically, rediscovered the advantages of complexityreduction. The principal value propositions for cloud computing – faster deployment and provisioning,more effective use of virtualization to enable consolidation and reduced administrative overhead – havebeen enjoyed by IBM i users for decades.Others may enjoy the same benefits.International Technology Group 8
  12. 12. RISK TRENDSOverviewKey industry trends mean that the significance of IBM i strengths in availability and disaster recovery,and in security and malware resistance are increasing over time. These trends are discussed in this section.The following section, Platform Differentiators, deals with differences in architecture and technologybetween IBM i and Power Systems, and competitive hardware and software platforms. The last section,Detailed Data, provides additional information on the methodology employed for calculations. Detailedcost breakdowns are also provided.Supply Chain DisruptionDecades of experience have shown that, in industries operating supply chains, downtime costs money.Risks of supply chain disruption have, however, been the subject of greatly increased attention since themid 2000s. This shift been driven by a number of trends, including the following: 1. Integration. ERP systems have progressively expanded to integrate a broader range of transactional processes, as well as new analytical and collaborative functions. ERP environments now commonly include customer relationship management (CRM), e- commerce, supply chain management (SCM), product data management (PDM) and product lifecycle management (PLM), supplier relationship management (SRM), BI and a wide range of other applications. Businesses, however, have found that the benefits of broader functionality and organization-wide process integration have a side effect: they become fundamentally dependent upon their systems. Quite simply, an outage may grind the entire business to a halt. Vulnerabilities are magnified by consolidation of systems. Mergers and acquisitions, as well as adoption of shared services structures for order processing, finance, human resources (HR), customer service and other functions have contributed to this trend. Exposure extends to solutions for planning and forecasting, analytics, mobile computing and other informational applications. Even if applications are deployed on different platforms, they draw upon core databases – if these are down, they will at best be working with stale data. 2. Globalization. The growth of offshore sourcing has caused procurement and logistics operations to grow more complex, while transportation times have increased. The impact of disruptions tends to be greater for regional and global supply chains than for those in more restricted geographies. A delay in shipping from a local plant to a nearby distribution center, for example, may mean waiting for another truck. A delay in shipping from a Chinese plant to North America or Europe may mean waiting 10 days for the next ship. 3. Supply chain strategies. Adoption of just in time, lean and real-time operating models has further increased vulnerability. In most supply chain industries, lean strategies have become the norm. In consumer products and retailing, they have been reflected in techniques such as Efficient Customer Response (ECR), Collaborative Planning, Forecasting and Replenishment (CPFR), Continuous Replenishment and Vendor Managed Inventory (VMI).International Technology Group 9
  13. 13. The effects of lean strategies may permeate the entire supply chain. At the corporate or business unit level, for example, forecasting and planning cycles may be reduced from weeks to days, or to 24 hours or less. At the other end of the spectrum, cross docking (i.e., the immediate transshipment of goods between arriving and departing vehicles, without intermediate storage) in distribution centers may increase both efficiency and vulnerability to disruption. In the automotive industry, for example, suppliers now receive continuous demand signals from their customers, recalibrate plans and forecasts, and initiate procurement, production and logistics actions in real-time. In a fiercely competitive industry, supplier shortfalls are rarely tolerated. The automotive parts company profiled in this report, for example, delivers to its customers’ manufacturing plants on a just-in-time basis, often several times a day. Orders are typically processed in minutes and deliveries dispatched within two to five hours. 4. Cascading effects. These may be simply illustrated. Even a basic manufacturing supply chain will typically involve most or all of the processes summarized in figure 9. SOURCE   § Identify  sources  of  supply   § Schedule  product  deliveries     § Transfer  product   § Select  supplier(s)   § Receive  product   § Authorize  supplier  payment   § Negotiate  with  supplier(s)   § Verify  product   MAKE   § Schedule  production   § Produce     § Stage  product   § Set  up  production   § Inspect/test  product   § Release  to  delivery   § Issue  product   § Package  product   DELIVER   § Process  inquiry  &  quote   § Build  loads   § Load  product     § Receive,  enter  &  validate  order   § Route  shipments   § Generate  shipping  docs   § Reserve  inventory  resources   § Select  carrier(s)/rate(s)   § Ship  product   § Reserve  delivery  resources   § Receive  product   § Customer  receipt  &  verify   § Determine  delivery  date   § Pick  product   § Install  product   § Consolidate  orders   § Pack  product   § Invoice  customer   Figure 9: Basic Manufacturing Supply Chain Processes – SCOR Model The figure above is based on selected segments of the Supply Chain Operations Reference (SCOR) model developed by the Supply Chain Council. Delays in one process can spread rapidly to others. For example, a delay in delivering parts to a plant may cause finished product shipment deadlines to be missed. This may affect transportation schedules and distribution center operations, affecting other deliveries. The impact is cumulative. 5. Customer responses. Economic conditions, changing expectations and mounting competition have made customers less tolerant of supplier failures. Although the costs of operational disruption may be substantial, the largest bottom-line impact often involves customers. Sales may be lost, and customers may defect. Even if this does not occur, suppliers may be subject to late delivery, imperfect order and other penalties. It may also be necessary to offer special discounts or terms and conditions in order to win back the customer’s business.International Technology Group 10
  14. 14. A less visible, but potentially more damaging erosion of confidence may also occur. This could cause the customer to hedge by diverting some future purchases to other suppliers in order to reduce dependence. In addition, the customer might be reluctant to rely upon the company for future strategic orders, particularly where these were time-sensitive. No manufacturer wants to learn that customers now consider them a high-risk supplier.An additional set of “strategic” costs may be incurred if outages are severe, protracted or both. Shareprices may be affected. Other effects such as reduced brand value; increased risk provision; higherinsurance premiums; and a variety of reputational, legal and compliance problems may be experienced.System outages may have a wide range of potential cost impacts. Figure 10, for example, shows arepresentative list of these for manufacturing companies.  STRATEGIC  COSTS Charge  against  earnings   Damaged  reputation     Legal  exposure   Financial  metrics/ratios   - Financial  markets   - Customers   Share  price  decline   - Customers/prospects   - Third  parties   Share  price  volatility   - Banks   - Shareholders   Cost  of  capital   - Business  partners Compliance  exposure   - M&A  candidates - Regulatory  reporting   Increased  risk  provision     Impaired  credit   - Impaired  inspection   Reduced  brand  value   Liquidity  exposure - Impaired  traceability Insurance  premiums   CUSTOMER-­‐RELATED  COSTS Lost  short-­‐term  sales   Late  delivery  penalties   Customer  rebates   Lost  short-­‐term  profit   Imperfect  order  penalties   Buyback  pricing/concessions   Lost  future  sales/profit   Product  defect  penalties Additional  customer  service  cost OPERATIONAL  COSTS Idle  capacity   Finance  processes   Error-­‐related  costs   - Overall  supply  chain   - Delayed  billing/receivables   - Order  processing  errors   - Procurement   - Inventory  carrying  cost   - Product  defect   - Plant  operations   - Cash  flow  cost   - Specification  error   - Logistics/distribution   - Delayed  close   - Manufacturing  error   - Transportation     Costs  of  change   - Quality  failure   - Warehouses   - Procurement  change   - Shipment  error   - Third-­‐party  services   - Revised  order  processing   - Damaged  product   Personnel  costs   - Special  order  cost   - Wrong  packaging   - Idleness/underutilization   - Production  schedule  change   - Routing  error   - Reduced  productivity   - Line  change  cost   - Wrong  delivery  time   - Additional  work  required   - Costs  of  logistics  change   Other  costs   - Overtime/shift  premiums   - Supplier  premiums   - Lost  promotional  expenditure   - Additional  T&E  costs   - Expedited  transportation     - Lost  marketing  expenditure   - Additional  handling  cost   - IT  costs     - Additional  inventory  cost   - Administrative  costs   - Additional  checking  cost   - OverheadFigure 10: Potential Costs of Outages – Manufacturing CompaniesThe potential significance of such effects was highlighted by a study co-authored by Kevin Hendricks ofthe University of Western Ontario and Vinod Singhal of the Georgia Institute of Technology. Afterreviewing the financial results of more than 800 public companies that had experienced severe supplychain disruptions, the authors concluded that company stocks experienced 33 to 40 percent lower returnsrelative to industry benchmarks over a three-year period because of these.International Technology Group 11
  15. 15. The study also reported declines of 7 percent in sales growth, 107 percent in operating income, 114percent in return on sales, 93 percent in return on assets, and increases in cost of sales, selling, SG&Aexpenses and inventory levels.A further implication should be highlighted. Disruptions tend to raise error rates across any or all stagesof supply chains. This is particularly likely if there is a rush to catch up with backlogs. Results mayinclude dissatisfied customers, remedial costs, legal and regulatory exposure and other negative effects.A clear conclusion emerges. Whether outages result in operational disruption, customer-related costsand/or strategic costs, they have a significant impact. Maintenance of the highest possible level ofavailability and recovery for core supply chain systems should be a central goal of IT strategy.Retail VulnerabilitiesRetailers worldwide have experienced many of the same trends as manufacturers. Supply chains havebecome more complex and fragile, logistics structures have been consolidated and cycle times have beencut across the board.Acceleration has affected processes such as sales and inventory tracking, and merchandising decisions.Although the pace has varied between retail lines and geographies, there has been a steady trend towardmore frequent new product launches, and greater use of time-sensitive promotions and markdowns.System downtime occurring during such periods may have particularly serious effects.Service interruptions may also cause lost sales and customers. In conventional storefront retailing, theindustry “rule of thumb” is 40 to 80 percent of stockouts result in lost sales rather than purchases of analternative in-store product. Additional costs may be incurred for changes to store displays, backorders,restocking, markdowns and other remedial actions.Online sales are even more vulnerable. More than 20 years of experience with retail websites has shownthat 24x365 usage is the norm, and that even short outages during off-peak periods may cause significantloss of business. If protracted outages occur at times of high usage (e.g., during seasonal sales peaks, or inresponse to new product launches, promotions or Internet buzz), losses may be massive.It has become a truism that, in online retailing, shoppers who are diverted to another supplier becausethey are unable to research a product, determine availability or place an order may not return. Even if theydo, they are more likely to buy from multiple sources in the future.Retailers also face growing use of mobile devices in stores. In the United States, for example, more than40 percent of tablet and smartphone owners use these for comparison-shopping while visiting retailoutlets, and some estimates put the ratio at over 60 percent. There are similar trends in other geographies.It has long been a principle that, in e-commerce, “customers are only a few clicks away fromcompetitors” and that online outages translate rapidly into lost sales. Mobility extends this effect to stores.Increasingly, any customer may be “only a few clicks away from competitors.”International Technology Group 12
  16. 16. Financial ServicesRisk SensitivitiesFinancial services are, more than any other industry, sensitive to risk. Financial institutions are equippedwith highly sophisticated risk management processes and systems. Cultures of risk awareness andmitigation are well established.This extends to IT. Most companies have developed high availability, disaster recovery and securityinfrastructures over decades. Risk sensitivity, however, has its blind spots. While the importance of suchinfrastructures is generally understood, there is less awareness that the platforms around which they arebuilt may themselves be risk factors.In large banks, core systems are typically mainframe-based. A significant minority, however, run on IBMi. Worldwide, more than 15,000 banks, including large as well as small and midsize institutions, run coresystems on this platform. The general industry recognition is that IBM i offers mainframe-class levels ofavailability, security and recoverability.IBM i is supported by most of the industry’s major ISVs offering core banking and electronic fundstransfer (EFT) solutions, and has also been deployed by numerous insurance and other financial servicescompanies.As the results presented in this report indicate, risk exposure may be significantly greater for otherplatforms with which there is less experience in large-scale core system deployments.Availability and RecoveryThe financial services industry has long been sensitive to outages. The cost per hour of downtime fortrading, credit card processing, ATM and debit card networks, and other high-volume EFT systems hasoften run to hundreds of thousands or millions of dollars.With the growth of Internet services, vulnerability has increased further. “Normal business hours” nolonger exist. Most companies experience some level of activity at all hours of the day and night, 365 daysper year. Any interruption of service, at any time, may affect customers. An outage at times of highactivity may impact millions.Apart from lost fee income, lost or delayed payments and other financial effects, customer loss may alsooccur. Even if defections cannot be attributed to a specific incident, their effects will show up in overallattrition statistics.Outages may accelerate trends that are already causing concern among many companies. Bank customerattrition rates, for example, continue to increase. In North America and Western Europe, annual rates arealready in the 5 to 10 percent per year range, while in many developing economies rates of 10 to 20percent are becoming the norm.Similar trends have been reported in insurance and other financial services businesses. For these, as forbanks, service issues are – by a wide margin – the most common cause of attrition.Customer loss is magnified if it measured in terms of CLV. In banking, insurance and other lines ofbusiness, the effects are magnified by the growing numbers of products held per customer, and by the factthat relationships tend to become more profitable the longer they last.International Technology Group 13
  17. 17. Allowance should also be made for lost customer acquisition costs. In banking, for example, acquisitioncosts in developed countries are routinely $200 to $400 per customer, and average costs are escalating indeveloping geographies. This expenditure is inevitably lost if a customer defects.Disruption of core banking systems may be exceptionally damaging. Over time, these have developedlinks to a wide range of other systems within banking infrastructures. A disruption may create cascadingeffects as severe and long lasting as those in supply chain companies.The recent Royal Bank of Scotland core banking system outage, for example, affected not only batchprocessing but also all branch systems, ATMs, debit and credit cards, online banking and call centersystems. All channels and customer touch points were affected.Vulnerability to such disruptions has tended to increase. Mergers and acquisitions have led many banks indeveloped countries to merge legacy core banking systems (this was notably the case for Royal Bank ofScotland), while in developing economies new deployments have often been driven by the need tosupport business growth and offer new services.The replacement of a core banking system is, under any scenario, a high-risk proposition. Risks increasein proportion to the size of institutions. They increase further if new systems are deployed on platformswhose stability and robustness is problematic.Security and MalwareFinancial services companies are the preferred target of the most sophisticated cybercriminals, includingorganized gangs operating worldwide.Hacking as well as malware attacks are growing more sophisticated over time. Companies also face agrowing threat from “hacktivists” promoting social and political agendas. During 2011, groups such asAnonymous and its affiliates are believed to have exposed more confidential records in the U.S. thancybercriminals. Despite occasional law enforcement successes, the problem continues to grow.Financial services companies continue to invest heavily in perimeter defenses. These are, increasingly,by-passed by two forms of threat: 1. Advanced persistent threats (APTs) involve malware that illicitly collects and forwards confidential information over time. In many cases, APTs, which operate inside firewalls, have functioned for months or years before being detected. No doubt, many have not been detected. Increasingly, APTs have been directed to theft of funds rather than identify information. During late 2011 and 2012, for example, a growing number of banks have reported “High Roller” attacks which target high balance customer accounts and transfer funds elsewhere. 2. Insider abuse also appears to be expanding, and some industry sources estimate that insiders now account for between a quarter and a third of all cybercrime incidents in financial services companies. Perpetrators range from low-level employees to high-level executives, often cooperating with external cybercriminals. Schemes routinely, again, operate for months or years.Economic conditions have contributed to growth in all types of cybercrime.Growing attention is also being paid to the threat of nation-state attacks. Rogue nations are capable ofassembling and protecting larger numbers of computer specialists, and their activities may have access togreater resources and more advanced skills than cybercriminals. Financial services companies andpayments infrastructures are natural targets.International Technology Group 14
  18. 18. Data BreachesDespite increasingly stringent privacy laws in most countries, data breaches remain pervasive.In the United States, for example, credit card processor Global Payments reported in March 2012 thathackers had compromised more than 1.5 million accounts of American Express, Discover, MasterCardand Visa cardholders. Some external estimates put the number of accounts compromised at over 7million. It is believed that hackers first penetrated Global Payments during 2011.Penetration over long periods would not be unusual. For example, services company Heartland DataSystems recently revealed that a Ukraine-based hacker group operated inside the company’s perimeterdefenses for around six months. The company experienced a major breach in 2008 that exposed 134million credit card accounts.In June 2011, Citicorp disclosed that a hacker attack had compromised more than 360,000 customeraccounts. Numerous other such incidents have been reported during 2011 and 2012 worldwide.In most countries, privacy laws expose businesses to regulatory penalties in the event of data breaches,and other costs may be substantial. Figure 11 shows examples. ACTIVITY   COSTS   (1) Forensic  examination  &  fixes   Weeks  to  months  using  specialists  at  $1,000-­‐5,000  per  person/day     (1) Customer  notification   $0.20  to  $5  per  customer,  depending  on  medium     (1) Query-­‐handling   $10  to  $25  per  customer  (call  center)     (1) Credit/identity  monitoring   $100 to $300 per customer per year (1) Other  customer  remedial  actions     $15  to  $1,000+  per  customer     (2) Reissue  payment  card   $12-­‐22  per  card     Legal  costs   Average  legal  defense  cost:  $500,000   (3) Average  legal  settlement:  $1  million     Regulatory  fines  &  penalties   Variable Management,  PR  costs   Variable   Customer  attrition,  brand  damage   Variable   Sources:   (1)   International  Technology  Group   (2)  “Data  Breach  Cost,”  Zurich  Insurance  Group  2011   (3)  “Cyber  Liability  &  Data  Breach  Insurance  Claims,  A  Study  of  Actual  Payouts  for  Covered  Data  Breaches,”              June  2011,  NetDiligence  Figure 11: Data Breach Costs – U.S. ExamplesCompanies that have quantified breach costs report that customer attrition and brand damage represent thelargest cost components.International Technology Group 15
  19. 19. PLATFORM DIFFERENTIATORSOverviewIBM i and Power Systems represent the convergence of two major technology streams: 1. IBM i originated with the AS/400 in 1988, and has been progressively enhanced to incorporate new technologies. According to the company, IBM i is employed by more than 150,000 organizations worldwide. Although the installed base has decreased since the early 2000s, most of this has been due to system consolidation. Many organizations that had initially deployed AS/400s to remote sites later replaced these with larger centralized systems. IBM i is supported by more than 2,500 ISVs – including most major vendors of ERP and industry-specific core business systems – along with systems integrators and professional services firms worldwide. It enjoys one of the highest levels of customer loyalty of any platform. Many organizations continue to employ custom-developed RPG- and COBOL-based systems. Among this group, application modernization initiatives – ranging from simple addition of browser-based interfaces to large-scale re-engineering projects employing service oriented architecture (SOA) – have been common. IBM’s policy on i technology upgrades is distinctive. As a general principle, the company introduces new i releases every two years. New technology is also implemented in Technology Updates, which are introduced every six months, and may be applied in a simple and non-disruptive manner. This approach, which was widely requested by customers, enables them to implement new capabilities in an incremental manner rather than though major migrations every few years. 2. Power Systems are built upon the seventh generation of IBM POWER reduced instruction set computing (RISC) architecture. POWER7-based systems, which also support the IBM AIX UNIX-based operating system and Power versions of RHEL and SLES Linux, have consistently outperformed competitive platforms in a wide range of industry benchmarks. POWER7-based systems incorporate industry-leading advances in chip density, memory technology, multithreading virtualization, workload management, availability optimization, energy efficiency and other areas. In the UNIX server market, Power Systems have progressively increased their share since 2008, and by the end of 2011 had reached the 50 percent mark. This share has continued to expand during 2012 in both developed and growth markets worldwide. In addition, IBM i runs on Power processors in new IBM PureFlex Systems, which combine IBM Power, System x (x86) and midrange Storwize V7000 disk arrays in a single integrated platform. PureFlex Systems implement common management services across the full range of operating systems, systems software and hypervisors supported by the platform.For large organizations considering whether to deploy new enterprise business systems on IBM i orcompetitive servers, or debating whether to maintain commitments to existing i-based systems, it isimportant to understand the differences between these platforms.International Technology Group 16
  20. 20. IBM iPrincipal CharacteristicsMajor IBM i features include the following: 1. Core design. The core IBM i design is built around an object-based kernel in which all system resources are defined and managed as objects. The kernel incorporates single-level storage capability, meaning that the system treats all storage resources, including main memory and disks, as a single logical entity. Placement and management of data on all resources is handled automatically by the system, minimizing tasks that must be handled by administrators. This capability, illustrated in figure 12, enables high levels of configuration flexibility; improves system administrator productivity; and materially improves the efficiency with which processor and storage resources are used, improving performance and capacity utilization. Objects     SINGLE-­‐LEVEL  STORAGE     STORAGE  MANAGEMENT   Main  memory  (RAM)   Solid  state   Disk  storage   Figure 12: IBM i Single-level Storage Structure A further benefit is that integration and management of solid-state drives (SSDs) is comparatively simple. IBM i automatically places the most frequently accessed data on SSDs, reallocates data to SSDs or hard drives as workloads evolve, and optimizes performance on an ongoing basis. IBM i users have realized performance gains from use of SSDs in high-throughput applications such as large batch runs (reductions of 20 to 50 percent in elapsed time are common) and initial program loads (IPLs). The IBM i kernel also embeds the Technology Independent Machine Interface (TIMI), a unique IBM i feature that acts as a “virtual” instruction set with which applications interact regardless of the instruction set of underlying processor hardware. The TIMI has enabled IBM to update underlying hardware platforms without obliging users to recompile applications software. Organizations have found avoidance of costs, workloads and disruptions of application migration to be major benefits.International Technology Group 17
  21. 21. 2. System integration. IBM i includes not only operating system functions, but also DB2 for i, an integrated file system, WebSphere Application Server (WAS), Tivoli Directory Server, Java Virtual Machine (JVM) environments, and more than 300 tools handling system, database, storage, backup and recovery, communications, security, operations and other management tasks. DB2 for i is an i-optimized version of IBM DB2 platform, which is offered by the company for Windows, Linux, UNIX and mainframe systems. It is a full-functional SQL relational database enabling high levels of transactional as well as query performance, along with industry-leading data compression, encryption and Extensible Markup Language (XML) compatibility. IBM i components are not simply bundled. They are engineered to interact with each other in a simple and efficient manner, and extensive testing is carried out to ensure that they do so. This testing extends not only across IBM hardware and software, but also across key independent software vendor (ISV) solutions. The implications are important. Integration affects performance – efficient software structures generate lower system overhead – as well as availability. Tightly integrated, tested systems are less likely to experience outages. Equivalent functionality in Windows and x86 Linux server environments typically requires that users acquire, install, configure and administer multiple software products from different vendors. Integration and testing of these is less coordinated, and version upgrades rarely follow the same schedule. Deployment complexity and management challenges are increased. In addition to increasing full time equivalent (FTE) staffing for system, database and security administration, less integrated environments are more likely to degrade performance. Maintenance of availability, security and disaster recovery also become a great deal more problematic. 3. Workload management. Since its inception, IBM i has incorporated industry-leading workload management (in IBM i terminology, work management) capabilities designed to handle diverse workloads such as online, batch and collaborative processing in a highly efficient manner. The backbone of these capabilities is provided by IBM i subsystems, which leverage the IBM i object-based architecture – individual workloads or applications (e.g., ERP, CRM, e-mail, Web serving) are described and managed independently. The system allocates memory, limits consumption of resources by individual workloads, and manages scheduling, tuning and other tasks automatically, or based on priorities set by users. Subsystems are integral to the IBM i design, and may be employed independently of or in conjunction with PowerVM virtualization. This approach represents one of the most elegant and sophisticated forms of workload management available for any server platform. 4. Automation. IBM i was designed to automatically handle a wide range of functions – including configuration, tuning, software updates, availability and security optimization and other common operational tasks – for which most other systems require extensive manual intervention. Although the most visible effect of automation is that it reduces FTE staffing (users report that IBM i typically requires two to five times fewer administrators than Windows and x86 Linux equivalents), other benefits may be expected. A system that can determine workload requirements and reallocate system resources in a matter of milliseconds, for example, will use capacity more efficiently than one that is dependent on administrator or operator intervention. Automation reduces the potential for human errors leading to performance bottlenecks, outages, data loss or corruption and other negative effects.International Technology Group 18
  22. 22. IBM i automation strengths have been reinforced by autonomic technologies. Autonomic computing – meaning the application of artificial intelligence technologies to IT administration and optimization tasks – has been a major IBM development focus since the 1990s, and the company is the recognized industry leader in this area. Four categories of autonomic functions – self-configuring, self-optimizing, self-protecting and self-healing – are implemented in IBM i and Power Systems. These functions, which represent one of the most advanced implementations of autonomic technologies within the IBM product line, are summarized in figure 13. 5. Security and malware resistance. The strengths of IBM i’s object-based design are reinforced by tight integration of security functions with compiler, directory server and object-based file system structures. In contrast, security functions for Windows and x86 Linux are implemented as software subsystems. The level of integration is significantly less. IBM i also contains a full IP security suite, including support for the principal industry security standards and encryption techniques; and extensive access control and audit facilities. Single sign-on is enabled using an industry-leading IBM autonomic technology, Enterprise Identity Mapping (EIM), which maps user IDs across all middleware and application components. The time and effort that must be spent on routine security and malware protection tasks, and in patching and auditing is a great deal less than for Windows and x86 Linux servers.A broader IBM i characteristic is that its different components are implemented in a highly synergisticmanner. For example, DB2 for i exploits the underlying object-based structure and single level storagecapabilities of the operating system. Multithreading, virtualization, workload management and otherfunctions are closely integrated.High-end Storage SupportThe IBM i presence in the high-end systems market is reflected in support by the industry’s principalvendors of enterprise-class disk arrays and software.IBM’s System Storage DS8000, which offers the highest levels of performance and availability within theIBM storage product line, may be attached to IBM i systems. The DS8000 platform is commonlyemployed for the most business-critical mainframe- and UNIX server-based systems worldwide.Easy Tier, IBM’s solution for automated storage tiering, is supported by IBM i for DS8000 as well asother IBM disk arrays. Easy Tier has a reputation for enabling full-function tiering while minimizing thecomplexities with which storage administrators must deal.IBM PowerHA SystemMirror for i integrates IBM’s top-of-the-line Metro Mirror and Global Mirror toolsfor synchronous and asynchronous remote replication respectively. Metro Mirror supports failover andrecovery at distances of up to 300 kilometers, while there is no distance limit to Global Mirror coverage.IBM i users have also deployed the company’s XIV Storage System. Built around an innovative parallelprocessing design, the XIV system has demonstrated exceptional reliability, high-volume snapshotcopying and disk-caching capabilities. Integrated software and low management overheads have alsocontributed to its popularity.IBM i is supported by EMC for its high-end VMAX arrays, including the multiple-petabyte VMAX 40K.EMC announced in May 2012 that its automated storage tiering technology, FAST VP (Fully AutomatedStorage Tiering for Virtual Pools), could be exploited by VMAX arrays attached to IBM i systems.International Technology Group 19
  23. 23. SYSTEM   Self-­‐configuring   Self-­‐protecting   Connect  automated  services   Automatic  virus  removal   CPU  capacity  upgrade  on  demand   Chipkill  Memory   Enterprise  Identity  Mapping   Digital  certificates   EZSetup  Wizards   Digital  object  tagging   Hot  plug  disk  &  I/O   Enterprise  Identity  Mapping   Linux  &  Windows  Virtual  I/O   Integrated  Kerberos  support   RAID  subsystem   Integrated  SSL  support     Switchable  auxiliary  storage  pools   IP  takeover   Windows  file/print  support   RAID  subsystem   Windows  dynamic  storage  addition   Self-­‐protecting  kernel   Wireless  system  management  access   Tagged  storage   Self-­‐optimizing   Self-­‐healing   Adaptive  e-­‐transaction  services   ABLE  problem  management  engine   Automatic  performance  management   Auto-­‐fix  defective  PTFs     Automatic  workload  balancing     Automatic  performance  adjuster     Dynamic  disk  load  balancing   Chipkill  Memory,  dynamic  bit  steering   Dynamic  LPAR  for  i  &  Linux   Concurrent  maintenance     Expert  Cache     Domino  auto  restart,  clustering   Global  resource  manager     Dynamic  IP  takeover,  clustering   Heterogeneous  workload  manager     Electronic  Service  Agent  (“call  home”)   Quality  of  service  optimization   First-­‐failure  data  capture  &  alerts     Single-­‐level  storage   Service  director     DATABASE   Self-­‐configuring   Self-­‐protecting   Automatic  collection  of  object  relationships     Automatic  Encryption  management   Automatic  data  spreading  &  disk  allocation   Automatic  enforcement  of  user  query     Automatic  data  striping  &  disk  balancing                &  storage  limits   Automatic  disk  space  allocation   Automatic  synchronization  of  user  security   Automatic  distributed  access  configuration     Digital  object  signing     Automatic  object  placement     Object  auditing   Automatic  self-­‐balancing  indexes   OS-­‐controlled  resource  management   Automatic  tablespace  allocation   Automatic  TCP/IP  startup   Graphical  database  monitor   Self-­‐optimizing   Self-­‐healing   Adaptive  Query  Processing   Automatic  object  backup/restore   Automatic  Index  Advisor   Automatic  database  object  extents   Automatic  memory  pool  tuning     Automatic  database  restart     Automatic  query  plan  adjustment     Automatic  index  rebalancing   Automatic  rebind  &  reoptimization     Automatic  journaling  of  indexes  &  objects   Automatic  statistics  collection   Automatic  rebuild  of  catalog  views   Auto  Tuner   Automatic  restart  of  journal  processing   Caching  of  open  data  paths  &  statements   Self  managed  database  logging   Cost-­‐based  Query  Optimizer   Self-­‐managed  journal  receivers   On  Demand  Performance  Center     Systems  managed  access  path  protection   Performance  monitoring  &  analysis  Figure 13: IBM i and Power Systems Autonomic FunctionsEMC and IBM cooperate under an agreement first concluded in 2006, and recently extended to 2016, toensure full integration of IBM i with VMAX arrays.A wide range of other IBM and third-party disk arrays may be used with IBM i systems.International Technology Group 20
  24. 24. Power SystemsOverviewPower Systems have been the recognized industry leader in server performance since the mid-2000s. Tosome extent, this has been a function of the performance delivered by successive generations of POWERprocessors. However, other factors come into play.In Power Systems, system-level performance potential has been optimized at all levels of design andimplementation – including microelectronics, module- and subsystem-level components, internalcommunications, I/O and system-level hardware and software.Key features include highly effective compiler- and operating system-level performance acceleration,including chip simultaneous multithreading; low levels of symmetric multiprocessing (SMP) overhead;and extensive system-level integration and optimization of performance-related features.Intelligent Cache and Intelligent Threads in Power Systems allow cache allocation and numbers ofthreads (two to four may be employed) to be varied according to workload requirements. Parameters maybe set by administrators, or determined automatically by the system based on application priorities.The overall architecture, illustrated in figure 14, integrates with IBM i to allow users to manipulate awider range of variables – including subsystems, threads, processors, cache, main memory and I/O,multiple types of partition, multiple threads and dedicated or pooled processors – with higher levels ofgranularity and flexibility than any competitive platform.Power Systems are optimized not only to deliver high levels of performance for single applications andworkloads, but also for the mixed workload environments that are typically generated by core enterprisesystems. Transactional as well as query and collaborative workloads may be handled concurrently in ahighly efficient manner.Current-generation Power Systems include single-socket (710 and 720), two-socket (730 and 740) andfour-socket (750, 770 and 780) models covering a wide range of prices, and performance andexpandability levels; and the high-end Power 795, which is configurable up to 32 sockets (256 cores).There are also single- and two-socket POWER7-based blade models.VirtualizationEffective virtualization consists of more than the ability to create virtual machines.Multiple mechanisms are required to create and modify partitions; share system resources between these,and change resource allocations as needs change. It is also necessary to prioritize availability of resourcesto different applications based on business criticality; monitor and control workload execution processes;and meet service-level performance and uptime targets.PowerVM virtualization meets these requirements. Capabilities include three types of partitioning: 1. Logical partitions (LPARs) are microcode-based partitions that may be configured in increments as small as 1/10th core. The technology was originally developed for IBM mainframes. As a general principle, this approach (often referred to as hard partitioning) offers better isolation of workloads than software-based techniques. Workloads running in different partitions are less likely to interfere with each other, enabling higher levels of concentration. LPARs provide additional security functions.International Technology Group 21
  25. 25. IBMi7.1 ObjectMbasedarchitecture•SingleMlevelstorage Systemintegration&automation WORKLOADMANAGEMENT Subsystem Subsystem Subsystem Subsystem RESOURCESHARING Processors,Cache,Memory,I/O Threads ! POWERVM HYPERVISOR Virtualdisks Virtualtape LPAR LPAR LPAR LPAR Micro-partitions Micro-partitions LPAR LPAR VirtualLAN DEDICATED SHARED SHARED PROCESSORS PROCESSORPOOL PROCESSORPOOL Physicalprocessors Virtualprocessors Virtualprocessors Physical processors VIRTUALI/OSERVER VIRTUALI/OSERVER Figure 14: IBM i and Power Systems Architecture Figure 12: Power Systems Architecture No equivalent capability is available for Intel-based servers with Windows, x86 Linux and/or x86 virtualization tools, or for newer Oracle Sun servers. 2. Micro-partitions are software-based partitions. They are typically employed to support instances requiring limited system resources, and to improve load balancing for large, complex workloads. Micro-partitions may be configured in initial increments of 1/20th core, and subsequent increments as small as 1/100th core. International Technology GroupInternational Technology Group Approval Version – August 3, 2012 22 1
  26. 26. LPARs and micro-partitions are supported by mechanisms that allow processor, memory and I/O resources to be pooled and reallocated in an extremely granular manner. The system monitors resource utilization every 10 milliseconds, and may change allocations as rapidly. Business-critical workloads may run in dedicated LPARs, using dedicated physical processors. However, other workloads may be executed based on assigned priorities using combinations of threads, partitions and shared processor pools. The system allows workloads to run on one or more processor cores within shared pools. 3. Virtual I/O Servers allow operating system instances running in multiple LPARs to share a common pool of LAN adapters as well as Fiber Channel, SCSI and RAID devices; i.e., it is not necessary to dedicate adapters to individual partitions. Hardware, maintenance and energy cost savings may be realized. Virtual I/O Servers may be duplexed to provide redundancy.PowerVM also provides key availability optimization features. Live Partition Mobility, introduced forIBM i 7.1 in April 2012, allows movement of active LPARs between Power Systems without disruptingoperations. Service interruptions of one or two seconds may occur due to network latency. These are,however, rarely noticeable to users.This capability has proved particularly attractive to organizations that need to perform scheduledmaintenance and software upgrades without downtime.The PowerHA SystemMirror for i clustering solution enables failover and recovery of even large-scale,highly granular PowerVM environments in a highly efficient and reliable manner.PowerVM and x86 Virtualizationx86 virtualization tools such as VMware, Microsoft Hyper-V, Xen KVM and Oracle VM employ only asingle, software-based partitioning method. While they may be able to support diverse workloads, they doso less efficiently. System overhead may be significantly larger.(Hard partitioning is supported on the Intel Itanium-based HP Integrity with HP-UX and RHEL, and onolder Oracle Sun SPARC-based M-Series with the Solaris operating system. New installations of theseare, however, now comparatively rare.)Differences in other areas should also be highlighted. • Workload management. Most workloads experience fluctuations, and processes (e.g., online, batch, collaborative) may vary. Unexpected spikes may occur. When multiple applications are concentrated on a single physical platform – particularly if these generate mixed workloads – highly granular, real-time monitoring and resource assignment will be required. If systems cannot provide such capabilities, administrators will tend to limit the number and size of partitions to prevent workloads interfering with each other. This is one of the key weaknesses of VMware and other x86 hypervisors, and helps explain why most installations of these realize only a fraction of their architectural potential. • Complexity. Ironically, solutions intended to reduce complexity by enabling consolidation of physical x86 servers have often had the reverse effect. As figure 15 illustrates, virtualization introduces a new layer of architecture into system environments.International Technology Group 23
  27. 27. APPLICATIONS DATABASES/MIDDLEWARE OPERATING  SYSTEM VIRTUALIZATION HARDWARE Figure 15: System Environment Layers – Example In an IBM i environment, the bottom four layers shown in the figure above are integrated by IBM. In addition, the company’s close relationships with ISVs mean that the applications layer is better tested and optimized for the overall IBM stack than is the case for Windows and x86 Linux servers. A VMware environment, in contrast, will typically include components from Intel or Advanced Micro Devices (AMD); the server hardware manufacturer; operating system, database and/or application suppliers; and VMware itself. The number of vendors may be significantly larger if storage and networks, and third-party tools are included. Integration among these vendors may leave much to be desired and, even though they cooperate, overall complexity in customer installations will still be significantly greater than for IBM i on Power Systems.Attention should be drawn to a further differentiator. VMware and other x86 tools have become commonhacker and malware targets. Businesses that deploy them have often found that their vulnerabilitiesincrease, while patching workloads expand.IBM i is less vulnerable, as is PowerVM. National Vulnerability Database maintained by the U.S.National Institute of Standards and Technology (NIST), for example recorded 39 medium and highseverity vulnerabilities for VMware, and 13 for Xen and KVM during 2011. None were reported forPowerVM over the same period.Lower PowerVM vulnerability reflects, to some extent, the fact that it is less targeted than x86equivalents. However, security and malware protection mechanisms are more closely embedded andintegrated across IBM i, Power Systems and PowerVM than is the case for competitive platforms.Availability OptimizationPower SystemsA first set of availability optimization features is built into Power Systems hardware and microcode. Itincludes the following: • Basic capabilities include high levels of component reliability and redundancy, along with hot swap capabilities enabling devices to be replaced without taking systems offline. Redundant and hot swap components include disk drives, PCI adapters, fans, blowers, power supplies, on high- end models, system clocks, service processors, and power regulators.International Technology Group 24