Tandemworld eNewsletter for Jan 2013

It’s not too late to register for the Mid-Atlantic Tandem User Group (MATUG) Meeting scheduled for May 3, 2013 in Chantilly, Virginia, USA. MATUG is open to any NonStop customer, partner, user, consultant, or interested party. Please contact Susan Loeliger (Chapter Secretary/Treasurer) at sbproductmanagement@gravic.com to register. Members are typically from the following states: Pennsylvania, New Jersey, Maryland, Delaware, Virginia, and West Virginia. MATUG provides members with the opportunity to participate in quality informational sessions, and learn about new HP products and services as well as interact with fellow HP NonStop users. Please visit the MATUG Connect Chapter web page for more information.

As the first-generation of virtual tape products reaches end-of-life, customers face a new challenge as they attempt to migrate from proprietary virtual tape formats onto competing vendors’ solutions. Like physical tape technologies, old formats and equipment become unsupportable and have to be migrated to new platforms and storage media. But unlike physical tape, the virtual tape market has no standards in its storage formats, so disk-based virtual tape images are not directly transferable between different products. Fortunately the actual task is not as complicated as it may first seem.

On behalf of just such a customer challenge, ETI-NET recently evaluated these requirements and, in cooperation with HP Technical Services, tools and services were developed to facilitate the orderly off-line migration of virtual media from older virtual tape products onto ETI-NET’s BackBox product.

Sausalito, California, April 18, 2013 – Ascert announces the availability of VersaTest Automation Server Classic Migration Edition (“CME”) for users of the VersaTest Classic NSK or MP product versions. The new product allows test drivers developed for VersaTest Classic to operate within a VersaTest Automation Server environment, side-by-side with newer drivers developed to the Driver Framework Standard (DFS) as used by VersaTest Automator.

The CME product enables current users of the VersaTest Classic product to realize the significant benefits of the latest automation technology without going through costly and lengthy software upgrades. The new product gives users an easy to use browser based GUI, support for multiple testing environments in one interface, zero client-side installation and dynamic communication configurations.

"VersaTest Classic has been a tremendously successful product in the testing of global payments systems," says Andrew Mould, Managing Partner of Ascert. "We are excited about this offering because it allows our current VersaTest Classic users to retain their technology investment while providing easy access to many of the automated features that exist in our VersaTest Automator product, without having to build simulations and test cases. Moving to a new testing platform can be an involved and lengthy process depending on how sophisticated a testing environment is. The CME product allows this to happen in a rapid but painless fashion and provides an easy upgrade path to full end-to-end automation on the users own timeline."

VersaTest/AS CME adds user-authorized security functionality, enabling different testing groups their own secure testing environments and customized interface and testing functionality. In addition to security, this feature ensures that users testing in one environment don’t impact the testing being performed in other environments; making VersaTest a much more flexible enterprise testing tool. CME also provides for an enhance user experience enabling panels and menus to be tailored depending on the users operational role in testing.

To find out more about VersaTest/AS CME visit contact one of the local Ascert offices.

I would really l like to be able to say that I was subject to an April Fools’ Day joke, but nothing really materialized. Au contraire, it was all too serious! And the month really started with the last week of March, as it included multiple face-to-face meetings with clients followed by my participation in a well-attended webinar, about which more will follow shortly.

However, what really caught my attention was the article I read on the Forbes web site – HP Moonshot: Say Goodbye to the Vanilla Server. A couple of sentences into the article, and contributor, Patrick Moorhead, throws out the thought about “the biggest driver of datacenter expansion are the pervasiveness of smartphones and a new class of devices, nicknamed IoT, or Internet of Things … current enterprise datacenters aren’t prepared for the onslaught of devices coming their way. It’s not as easy as adding more homogeneous, virtualized servers …”

Ever since I purchased my iPad, and shortly afterwards my iPhone, foregoing any further investment in Blackberry solutions, mind you, I realized that the world had changed and in several email exchanges with vendors from within the NonStop community I was chastised for being a tad overzealous. However, the quarterly results of the big PC vendors released this week suggests that, without viable smartphone and tablet offerings, many of these PC vendors will be in serious trouble. But is the pervasiveness of smartphones and the IoT really the biggest drivers of datacenter expansion?

The short answer is yes, they are! The longer answer is, we are going to be overwhelmed by a tsunami! The volume of transactions they will generate, I have just written in a feature story that will appear in the May – June, 2013, issue of The Connection, will be enormous. When you see this feature, look for my take on the likely impact of robots as just another class of IoT dumping information into our datacenters.

I participated in the before mentioned webinar that was hosted by Attunity and in it I looked at possible drivers for Big Data along with the observations that future transaction growth will place NonStop right in the cross hairs of today’s business managers. To remain competitive, they want to see much-needed business analytics in real time. The days of scanning monthly or quarterly analysis are pretty much over – the need is to respond to changing circumstances right now!

The webinar took as source material two recent opinion papers written for Attunity and these looked at the impact of mobility (and the transition to smartphones and tablets) as well as the heterogeneous nature of today’s data center. In both cases – data just has to be moved, given the products available today. Adding homogeneous servers may help us scale out – but it represents an unnecessary dumbing-down of the datacenter while accommodating ever more smartphones and tablets is rightly an onslaught of unbelievable magnitude.

HP NonStop Transactional Data: Critical for Meaningful Big Data
http://learn.attunity.com/hp-nonstop-transactional-data-critical-for-meaningful-big-data

However, this month has also been a time for face-to-face meetings as mentioned at the start of this month’s Musings. Catching up with John Dunne, IR’s General Manager, Products and Alliances, is never an easy proposition no more so than when he is in the middle of a whirlwind global kick-off tour promoting the latest release of Prognosis 10. I have been associated with many software releases but a quick scan of this release’s highlights tells me IR is being blessed by a wealth of riches. Perhaps even an embarrassment of riches. No matter how you assess all that is being provided in this release, it’s offering an abundance of choices.

“Delivering a powerful web-based user experience, centralized reporting, and a robust architecture update that is ready for Big Data, Prognosis 10 delivers insights from massive amounts of data generated across enterprise communications systems … For the mobile professional Prognosis real-time insight is accessible on any tablet, smart phone or smart TV that supports HTML5 or the free iOS App ‘Prognosis First Responder’”. was how the press release began and after talking to John, it’s clear that all those involved within IR are excited to see this release come out and yes, Prognosis 10 will be available to all of the NonStop community.

Look for further commentary from me in posts and discussions as well as features in the upcoming issue of The Connection. And watch the LinkedIn group, Pyalla Technologies, for updates as posts and discussions are made public.

Ready for Big Data! Accessible on any tablet, or smart phone! The IoT is clearly pushing datacenter managers hard when it comes to ensuring equate capacity to meet every contingency. Fortunately, when all is said and done that mission critical applications (the very heart of what today is being accessed by mobile devices and whose data is much sought after by Big Data frameworks) are running on NonStop where much of what concerns datacenter managers is a moot point.

And for that, we should all be extremely thankful!

…. And check out the Group on LinkedIn, realtime.ir

ATMmarketplace at
http://www.atmmarketplace.com/blogger.php?id=130763

Third Data Corporation provides numerous products which can reside on HP Nonstop and other HP hardware platforms.

FastBuild Switch – When building a switch be it ATM-POS, Wire Transfer, EFT, Medical, or any other type of data that needs to get from one place to another, you are usually faced with three choices. Take an existing package and modify your system to match it. Get the vendor to “enhance” their system to meet your needs. Write a new system from scratch. The FastBuild Switch integrates with your existing system, or if you are building from scratch gives you a good start. The switch is also built around the latest HP technology to maximize performance. It integrates several of our other products to maximize cost savings and security. In a cross platform environment it also runs on other non-Guardian HP supplied platforms.

SecureStore – If you are trying to become compliant (PCI, HIPAA, etc) then you know that you can not leave sensitive data readily viewable. SecureStore does three things for you. The data is encrypted so that you can become compliant. The data is compressed so that your hardware costs are reduced. As part of disaster recovery your data is sent to three (or more) locations so it will be available when you need it. As a bonus for those having trouble with Guardian 4K limits there is no record size.

NxLib – NxLib provides a platform and utility libraries for developing a high performance multi-threaded applications on NonStop Guardian. The platform provides threading capability. This enables development of an application written single threaded style to perform as multi-threaded. Extensible command processing and help are supported. Development time can be cut to a fraction of the time it would normally take. This results in fast application development with consistent look and feel across multiple projects.

NxWeb – A high performance web server which provides support for NxLib applications. It also can be used without NxLib. It provides for secure connections, virtual domains, full http support and interfaces to pathway and IPC communications.

NxUndelete – Files accidentally deleted can be a real problem. Even when a backup is available, it is frequently a significant effort to retrieve it from a backup tape. NxUndelete implements a recycle bin function on the the HP NonStop system. Files deleted may be easily recovered using its GUI interface.

NxFile+ – NxFile+ provides compression and encryption to Enscribe structured files. The files are configured through a GUI interface and the results are provided seamlessly to your applications, typically without any code changes. In addition this provides for dynamic key changes on the fly so data stored at-rest may have it’s encryption keys changed as required. Because the records can be compressed prior to encryption, it’s also possible to have records which significantly exceed the 4k record size limitations. The savings in disk I/O typically pay for the overhead of the compression and encryption.

NxSSL – NxSSL is an SSL proxy which may be used to provide SSL encryption and authentication services to TCP/IP connections. It provides full support for certificates and multiple encryption standards. It has been carefully tuned to provide the highest performance available for any NonStop SSL connection.

Availability Digest Says DDoS Attacks are on the Rise

DDoS attacks in 2012 exceeded the number of attacks in 2011 by 53%, and the projection for 2013 is for an even greater increase in frequency and in size. DDoS attacks clearly are on the rise, so much so that the April issue of the Availability Digest is devoted to DDoS attacks and their impacts on system availability. “DDoS Attacks on the Rise” includes DDoS attack statistics, countries of origin, an introduction to DDoS reflection attacks and DNS open resolvers, and examples of DDoS attack mitigation.

Also in the April Digest:

History’s Largest DDoS Attack? – From March 18^th thru March 28^th of this year, spam-filtering site Spamhaus was swamped with up to 300 gigabits per second of traffic in what is being reported as the largest Distributed Denial of Service (DDoS) attack to-date. The quantity of malicious traffic generated was due to the presence of open resolvers, a well-known flaw in DNS servers. “History’s Largest DDoS Attack” tells the story of Spamhaus’ predicament and how the company was able to survive the malicious assault.

Anatomy of a DDoS Attack – Botnets are very, very bad. The DDoS attacks they generate are even more destructive. “Anatomy of a DDoS Attack” introduces botnets, the different strategies used by attackers to overwhelm a web site, the most common types of DDoS attacks, and mitigation strategies.

Prolexic – A DDoS Mitigation Firm – Prolexic is an example of a new breed of companies whose services are focused on DDoS attack mitigation. Founded in 2003, the company was the first to offer cloud-based DDoS mitigation services. It detects and blocks approximately 7,000 DDoS attacks per year for its customers. The article discusses Prolexic’s mitigation strategies and how the firm monitors traffic flow through its clients’ systems.

The Availability Digest offers one-day and multi-day seminars on High Availability: Concepts and Practices. Seminars are given both onsite and online and are tailored to an organization’s specific needs. We also offer technical and marketing writing services as well as consulting services for achieving high availability.

Published monthly, the Digest is free and lives at www.availabilitydigest.com. Please visit our Continuous Availability Forum on LinkedIn. We’re at 537 members and counting. Our latest thread discusses the impact of DDoS attacks on system availability.

XYGATE Object Security (XOS) Active and Dynamic RBAC make static ACL's and policy implementers for Safeguard and OSS redundant.

Taking advantage of the recently released OSS Security Event Exit (SEEP) by HP, XYPRO now offers an upgrade to our standard XOS product that applies security dynamically and instantaneously for both Guardian and OSS environments, virtually eliminating the need to manage complex Guardian, Safeguard and OSS security.

Using simple Role Based Access Control rules, XOS applies security at the time of request based on logical object and user groupings and extends access decision criteria to any object attribute rather than just the object name.

PANfinder is a comprehensive data discovery software solution. It searches systems for hidden and unmasked/unencrypted payment card data. It provides a method of scanning systems for unprotected PAN data (Primary Account Number). This ensures there are no live PANs residing in unauthorized locations and also provides organizations with a way of proving that all PANs on the systems are being stored in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).

We are very pleased to announce the latest version (v 2.51) of PANfinder which includes a number of new features and performance improvements:

1. Support for Agent Mode. PANfinder can now run in agent mode where it constantly monitors the configured file set for suspect PAN data.

2. Restartable scans. If a scan is stopped for any reason before it has completed, PANfinder can be recommenced from the point in the file set where the previous scan was interrupted.

4. Support for syslog messaging via TCP. Previously PANfinder only supported delivery of syslog format events via UDP transport. It now supports both UDP and TCP.

For more background information on PANfinder and why no PCI DSS compliance project should have to do without such a detection tool please read the article 'Where in the world is my credit card data?'

Many organizations running HP NonStop servers process credit or payment cards as a part of their business. This means that they are subject to the Payment Card Industry (PCI) Data Security Standard (DSS), which mandates a strict set of requirements for the protection of payment card cardholder data.

At the core of the standard is the Primary Account Number, usually abbreviated to PAN. This is the card number embossed on credit or payment cards that is used in payment card transactions, along with the card expiry date and often the Card Verification Value (CVV). The PCI DSS mandates in requirement 3.41 that all PAN data that is stored on the system must be protected by means of encryption or tokenization.

A NonStop customer was faced with the challenge of making a date-format conversion to all of its Enscribe files, from a six-character format to an eight-character format. Impacted as well would be the thousands of programs that interfaced with the Enscribe files and thus also had to have their source codes changed from six-character date formats to eight-character date formats. The recompiling and follow-up testing of each program would require time, additional staff resources, and increased costs that had not been budgeted for the fiscal year. As part of the planning process, the customer researched third-party alternatives to its anticipated in-house effort. What they discovered was TANDsoft’s E2S-Lite, which permits efficient, low-cost Enscribe modifications without the need to change a program’s source code.

E2S-Lite is the latest product to originate from TANDsoft’s years of experience as an interception specialist. The solution is based on TANDsoft’s Enscribe-2-SQL Toolkit, which allows easy conversion of Enscribe calls to SQL/MP or SQL/MX statements. E2S-Lite lets developers generate a single date-format conversion module that is attached to every affected program. When a program makes an API procedure call - Open, Read, Write, WriteUpdate, etc. - to access an Enscribe file, E2S-Lite seamlessly intercepts the call, executes the call on behalf of the program, and converts the Enscribe file’s new date format into a format that the program can understand. All is accomplished without any source-code changes.

E2S-Lite functionality assists with a variety of Enscribe modifications, including Enscribe file locking, Encribe file auditing, and other format conversions. In addition to in-house applications, E2S-Lite also can be used for HP products and third-party solutions such as Base24, where source code typically is unavailable.

TANDsoft’s “best of breed, best in price” philosophy offers highly competitive value for all TANDsoft solutions. In addition to the Enscribe-2-SQL Toolkit and E2S-Lite, they include the OPTA2000 virtual clock- and time-zone simulator; FileSync for automatic file synchronization and replication; the OPTA suite of interception and trace utilities (OPTATrace Online Process Tracer and Analyzer, Recycle Bin, EMS Alerts Online Startup and Termination Capture Utility, Low Pin Optimizer); Stack Monitor, which alerts developers to the impending threat of a stack overflow; Command Stream Replicator, which automatically logs and replicates NonStop SQL/MP, SQL/MX, Enscribe DDL and other HP utility (FUP, SQLCI, MXCI, SCF, TACL) commands to the backup system; the TMF-Audit Toolkit, which offers flexible, affordable alternatives to more expensive conversion products or manual conversion techniques; and AutoLib, which automatically loads a user library or a DLL for executing processes.

TANDsoft products require no application source-code modifications, are available for all HP NonStop servers, and support major third-party applications.

For information about TANDsoft solutions, contact Jack Di Giacomo at +1 (514) 695-2234. Our Enscribe to SQL Migration Forum on LinkedIn is at 157 members and counting.

www.tandsoft.com

We have been a leading supplier of security solutions to the Nonstop community for over 25 years and are pleased to celebrate another anniversary with continued growth and success.

The last twelve months have seen a series of significant enhancements and upgrades to our product suite to meet the continuing and evolving challenges of NonStop security, with a special focus on compliance (Compliance Reporting Module and File Integrity Checker) and OSS security (Protect-UX).

CSP’s success is based on technical innovation and excellence, outstanding service and support, and a responsive approach to our customers’ needs, and our security solutions not only enhance and augment HP’s built-in security with advanced functions and manageability, but also provide distinct alternatives from the available default tools.

Our role in the Nonstop vendor community, based on our objectivity and independence, has resulted in a unique range of solutions designed around our customers’ requirements.

For more information about Computer Security Products and our security solutions for NonStop, visit www.cspsecurity.com.”

The BrightStrand International hp NonStop Server Health Check Service has been created in order to provide users of hp NonStop Servers with a situation report as to the status of their hp NonStop systems and service environments.

The service has been designed by BrightStrand, to assure customers that they are getting the optimum from their current hp NonStop Server environments. The Health Check will provide a guide to assist customers in making improvements to various service areas. It can also be used as a tool to aid the decision-making process in such key areas as hardware purchasing, system migration and Service Level Agreement (SLA) planning.

The service will take into account a number of factors depending on the pre-defined scope. These may include - procedures, strategies, system performance, configurations and security. The service will involve the monitoring of system metrics, an assessment of general procedures, a review of software revision levels and a general check of the installation.

The objective of the Health Check is to provide high quality reviews of service areas that have been identified, by the customer, as being of concern or of interest. The main goals of the service will be:

This will be achieved by engaging a fully qualified and experienced BrightStrand consultant that will work closely with the customer to agree the scope of the engagement and to identify areas of special interest or concern, use BrightStrand tools and solutions to gather the necessary information and documentation, analyse the information and deliver the agreed reports. Consultancy will be provided in the areas of Performance, Capacity Planning, Disaster Recovery, Operations, Database Management, System Security, System Management and Hardware Maintenance.

For further details please contact Dave Stewart today on +44 (0)7831 775115 or email him on dstewart@brightstrand.com.

In BBC’s historically long-lived sci-fi program, Doctor Who, there’s a certain bit of technology whose form has become an iconic image to many during the shows fifty years on television screens. The TARDIS (Time And Relative Dimensions In Space) is the ship piloted by the program’s main character, The Doctor, who is an alien from a race called the Time Lords. The TARDIS can go anywhere in time and space. Due to a broken chameleon circuit, it appears as a 1960’s police box, but always manages to surprise observers who discover that “it’s bigger on the inside!”

Discover 2013 will be held in Las Vegas at the Venetian/Palazzo Resort on June 11-13. Registration is open: http://h30614.www3.hp.com/discover

Brightstrand Health Check Service

Too Many Systems

Too Little Time!

Published monthly, the Digest is free and lives at www.availabilitydigest.com. Please visit our Continuous Availability Forum on LinkedIn. We’re at 537 members and counting. Our latest thread discusses the impact of DDoS attacks on system availability.

Brightstrand Health Check Service

Too Many Systems

Too Little Time!

Meet us at the NonStop Technical Boot Camp in San Jose in November!