Find out more about us at
www.tandemworld.net
NonStop ™ Newsletter for August 2020 ______________________________________________ Current Global Subscribers 15,281 Click to Sponsor a Newsletter Contents TAL - Travelling Through Time Premier & Tailored for a New Environment Cancelled !! Gravic Publishes Two New Shadowbase Solution Briefs on ....HPE NonStop and the "data-to-everything platform" TIC Software: NonStop Forward, Forward NonStop!TRIBUTARY SYSTEMS’ ARTICLE 5 Best Practices for HPE NonStop File Integrity Monitoring Even Mums are buying with “Click & Collect” New Features Available for LightWave Server and LightWave Client CSP PassPort to Compliance Next Generation Payment Technology
|
||||||||||||
TAL - Travelling Through Time
In the beginning there was only TAL. When the first Tandem was shipped in 1976 it was the only programming language on the NonStop 1. A lot has changed since but TAL is still shipped with every new NonStop server. When I told people last year I was learning TAL they could have thought I was learning some obscure foreign language at night school. But no, just as strangely, I learnt TAL the HPE NonStop language that is largely deprecated for new development. TAL still provides Insider Technologies the advantages that it always has:
1) it is highly efficient as it is optimised for NonStop 2) it can be used to create passive fault tolerant processes that are easy to implement and robust 3) it is block structured and strongly typed leading to better quality software Late last year whilst learning TAL and MultiBatch I realised extra tooling would be required. Back in 1976 you had very few tools to aid your development process, maybe a line editor and a cross reference listing. The now ubiquitous PC would not be launched until the 1980s. The world of IT development has now changed beyond recognition.
Photo by Anastasia Dulgier on Unsplash
Remember this, a working PET 2001 prototype with wooden case was first shown to the public in 1977. Although I have professionally worked on NonStop since the mid-1980s I have taken a keen interest in Web development for the past 15 years. I have seen the rise of open source and the increase in the number of software developers. The industry has never been so accessible. HPE NonStop understands this; check out the latest HP NonStop pre-built open source packages for OSS! I am an open source advocate, especially in terms of development tools. We gain reliable tools at low/no cost that are standardised across the industry. There are more software developers learning best techniques from one another than ever before. So for much of the last six months I have sought out suitable tools and synergies to make my job easier. Many of the younger developers in the company were using VS Code so I decided to start there. This article is about where this led; my hope is that those of us of a certain age with many decades of NonStop experience will see value here and contribute their ideas and code. Those who already understand GIT and VS Code extension development may want to stop reading now! There are many very accessible tutorials on the internet regarding VS Code and GIT. VS Code positively encourages contribution with many code examples and GIT repositories to use as a start point. This is where I started and within a few weeks I was confident enough to move forward. Visual Studio Code (VS Code) has become the standard software development tool since its release in 2015. Some surveys show it is used by over half the developers in the world. As there were an estimated 26 million developers worldwide VS Code is a very popular piece of software. It is easy to install. You can use the links here Download VS Code. Made by Microsoft, VS Code is free, open source and released under the permissive MIT licence. To round the circle, it was also in 1976 that Bill Gates was writing his open “Thieves” and “Parasites” letter to Software Hobbyists. The people who were hobbyists back then are the same kind that are today are at the leading edge of software development practices. To be fair to Bill Gates, he became a billionaire selling closed source proprietary PC software. For me the most important attribute of VS Code is its extensibility. You are able to add to the core functionality by using a defined set of interfaces and patterns. Using the core software, you can build out the specific functionality you need. This is an incredibly powerful concept which should at least be a consideration in all software we develop. VS Code is also cross platform, quick and responsive, comparatively light weight and is compatible with most programming languages. It was developed by Microsoft, is open source and supports syntax highlighting, code completion and has an interface to GIT. When checking the VS Code Marketplace there are 20,000 plus extensions, but only one for TAL. At the time of writing Tandem TAL Syntax Highlighter has been installed 368 times, that probably fairly represents the proportion of the 26 million developers worldwide who know TAL! VS Code has a standard way to define a language grammar, the TAL Highlighter is no more than a 400 line JSON file describing the TAL language. VS Code uses TextMate grammars; these are just a collection of regular expressions written as XML or JSON files. Beyond this simple syntax highlighting VS Code provides a semantic API to improve highlighting and many other API features to create a very sophisticated editing experience. I would recommend the syntax highlighter, check out the JSON file, maybe you could improve it. VS Code development is a large subject so learning the more complex APIs is time consuming; I will add extra functionality to this extension at some point. To add real value to my TAL editing I needed to be able to navigate the code using a code explorer tree. Again VS Code provides a tree view API and there was already a Codemap extension I could extend. Following the online tutorials, it was easy to install the development environment needed and within a few minutes I was viewing Typescript code. If you have some understanding of JavaScript and OO concepts using Typescript in VS Code will be a joy; the code completion and real time syntax checking are very impressive. There is a theme here, Microsoft developed now open source Typescript and GitHub has been a subsidiary since 2018. They have a powerful set of tools but the community sets the direction, a lot has changed since 1976. My development wish list beyond the code highlighter was as follows:
1) provide an explorer showing separately PROCs, SUBPROCs, DEFINEs and LITERALs 2) allow jumping to relevant code position from the explorer 3) auto positioning within the explorer tree as the cursor is positioned in the code 4) ability to return to marked positions as the explorer is used to move the cursor to different code positions.
The diagram above shows some of the 400 lines of Typescript code that I wrote to parse TAL code. Essentially the algorithm is as follows:
1) break up line into constituent code statements 2) remove code comments 3) bring together into a single line code statements written over several lines 4) parse line to filter for and store PROCs, SUBPROCs, DEFINEs, STRUCTs and LITERALs 5) sort results into alphabetical order 6) return items for display
The diagram shows the explorer window on the left with the procedures expanded out to subprocs. I had achieved the first three items on my wish list. For the fourth I have used the excellent Bookmarks extension. Armed with three extensions modifying large TAL programs is no longer a daunting prospect. To undertake my development, I registered on GitHub, forked the Codemap extension, cloned it to my PC, made the changes and pushed back to my fork. Now I must make a pull request to the original project requesting that someone reviews and approves my code. Please look out for it! So it is that easy to start extending and collaborating with any of the 20 million+ public repositories on GitHub and 26 million developers worldwide. Sometimes it is difficult to understand the structure of large complex programs without creating a structure diagram. My next VS Code project will auto-generate Mermaid Diagrams in a VS Code window for an associated TAL code file. Keep checking the VS Code Marketplace!
If you have any ideas regarding VS Code developments for NonStop let me know; maybe, we can start collaborating. A photograph in this article was taken from https://unsplash.com/. The internet’s source of freely-usable images.
Dave Hall | Product Owner - MultiBatch
Premier & Tailored
No smoke, no mirrors, no snake oil. Just NonStop Services to suit you.
Cancelled eGTUG Dear NonStop Community, we are very sorry to inform you, that due to the still worldwide critical pandemic situation we have to cancel the "GTUG European NonStop HotSpot/IT-Symposium 2020" planned for Sept. 7-9, 2020 in Berlin. Unfortunately currently organizing a successful conference for everyone is not possible. Regarding the still unclear situation we think it does not make sense to postpone the event for a second time. We are now
discussing an virtual GTUG track at the virtual TBC in November. Best regards and hope things will be better soon! Your GTUG-Team https://www.gtug.de/HotSpot2020/welcome.html www.connect-community.de
Gravic Publishes Two New Shadowbase Solution Briefs on Business Continuity and Data/Application Integration
HPE Shadowbase Business Continuity Solutions
Businesses with continuous access to real-time online transactional data have a competitive advantage. HPE Shadowbase data replication solutions support low-latency, uni-directional (one-way), and bi-directional (two-way) data replication between homogeneous and heterogeneous systems and databases with scalability, selectivity, and sophisticated data transformation and mapping facilities. Companies often purchase an HPE Shadowbase uni-directional, disaster recovery architecture, then extend its use into a more advanced business continuity solution, such as a bi-directional active/active architecture. They also often take advantage of Shadowbase data and application integration capabilities for real-time business intelligence. This brief covers the available HPE Shadowbase business continuity architectures, and using HPE Shadowbase for zero downtime migration, zero data loss, data validation, and database restoration.
HPE Shadowbase Streams – Integrate Data and Applications to Create New Solutions
HPE Shadowbase Streams for application integration and for data integration provide the facilities for integrating existing applications, services, and/or database environments in order to create new value-add functionality for a business, without the need to modify existing application code. Using HPE Shadowbase Streams, applications that once were isolated now can interoperate in real-time to provide services that were not possible before integration. Critical data generated by one application is distributed immediately to other applications or database environments. HPE Shadowbase Streams modernizes legacy applications and databases by enabling the creation of new and valuable business services to enhance competitiveness, reduce costs or increase revenue, and to satisfy regulatory requirements. and Shadowbase Support are Available During the Pandemic We are concerned for all of our friends in the HPE and Connect communities and pray that they remain safe through this unprecedented and dangerous situation! For the duration of the COVID-19 Pandemic, Gravic and its Shadowbase Products Group are open and operating with remote support and access. To reach Shadowbase Support, please use your normal Support contact information or use Support. Please use Contact Us for all other inquiries. Hewlett Packard Enterprise globally sells and supports Shadowbase solutions under the name HPE Shadowbase. For more information, please contact your local HPE Shadowbase representative or visit our website. For additional information, please view our Shadowbase solution videos: https://vimeo.com/shadowbasesoftware. Specifications subject to change without notice. Trademarks mentioned are the property of their respective owners. Copyright 2020. HPE NonStop and the “data-to-everything platform”XYGATE Merged Audit (XMA), included with every HPE NonStop server since 2010, is an easy-to-use and integral security component of the HPE NonStop operating system. XMA collects data from application, system and audit logs into a single, normalized SQL database to generate reports and forward data to your log management or analytics solution. Exciting, right?
Without having to purchase any additional software, XMA communicates directly with enterprise solutions like Splunk “…to modernize your security operations and strengthen your cyber defenses”.
Data is collected from EMS, Safeguard, ACI Base24, iTP Webserver, XYGATE installations and much more. This data is aggregated, filtered, formatted, and selectively forwarded in real time. Did I mention you don’t have to try or buy any additional software? XMA is on your NonStop servers already! You own it!
Getting HPE NonStop server data to Splunk is easy. Whether your data is in native XMA/NonStop format, Common Event Format (CEF) or a custom format, it can be sent to multiple targets via TCP or UDP. The only thing to decide is which data you want to send.
XMA is installed and set up within minutes. Configuring XMA to forward data to Splunk takes even less time. All you need is the IP address, port and transport method (TCP or UDP). Pop those settings into the template inside of your XMA filters file and off you go.
Sit back, relax, and let your SOC monitor the log data from Splunk, while you enjoy modern, intelligent, and intuitive enterprise dashboards.
Want to read about XYPRO’s top 5 recommended reports? Here you go!
Register for the webinar today ! And Happy -ing!
TIC Software: NonStop Forward, Forward NonStop!
Evolution or elimination: Investing in modernization to safeguard NonStop’s future!
The pandemic, which we are currently experiencing globally, has created chaos in the business world. Corporations scramble to deal with an uncertain economic future. Many projects or initiatives have been deferred till later this year, and in some cases, next year, or even indefinitely. The immediate strategy is to leverage current assets and extend and maximize their values. The NonStop has always proven to be the most reliable and cost-effective platform, supporting thousands of mission-critical applications worldwide every day. In these uncertain times, investment in the trustworthy NonStop platform through modernization will return more benefits than migrating to other platforms.
Follow us on LinkedIn | Twitter | TIC Blogs
TRIBUTARY SYSTEMS’ ARTICLE FEATURED IN THE JULY-AUGUST 2020 ISSUE OF “THECONNECTION” ON-LINE MAGAZINE….
Take a few minutes to read the Tributary Systems’ contribution to the July-August “The Connection”, “Considerations for A Modern Enterprise Backup Solution”: https://connect2nonstop.com/considerations-for-a-modern-enterprise-backup-solution/ And after reading the article, check out the extensive list of features Storage Director provides for NonStop Backup and Restore operations: • Storage Director allows users to fully virtualize and automate backup and restore operations, with:• Lights-out operation and remote administration• Separate front and back end processing• Superior per node performance, eliminating issues meeting customer specified backup windows• Users can define policies that allow flexible data storage and migration strategies, including:• The ability to separate data into pools and apply different protection policies such as retention, replication, and tiering. Appropriate and automated movement of data to lower cost media such as tape, NAS or public cloud for archival is key to the cost effectiveness of Storage Director• The functionality necessary to perform real-time backups while concurrently and transparently migrating older data from legacy tape or proprietary dedup storage to cloud object storage solutions• Storage Director allows consolidation of all user storage subsystems for simplified backup/restore operations • Storage Director is secure, incorporating built in encryption algorithms while fully supporting Information Dispersal Algorithm (IDA) or Erasure Coding. The security features provided by public cloud vendors such as AWS, Google and Azure are leveraged by Storage Director • Storage Director is expandable and scalable for both capacity and performance • An intuitive, easy-to-use GUI is incorporated within Storage Director, simplifying system configuration, administration and daily operations • Storage Director may be employed in open, heterogeneous multi-platform environments: • Such as Windows, Linux, UNIX (AIX, HPUX, Solaris), IBM iSeries (AS/400), HPE NonStop (Tandem), HPE VMS, and VMware® among others• All major backup management applications such as Spectrum Protect/TSM, NetBackup®, Veeam, Commvault Simpana®, BRMS (iSeries) and ABS/MDMS (OpenVMS) are supported• Storage Director is transparent to users and existing applications• Storage Director can be installed and operated on non-proprietary, less expensive, hardware, avoiding costly “supplier lock-in”.• Storage Director eliminates the requirement for personnel to be on-site for manual tape operations, such as loading and unloading cartridges. This consideration takes on increased importance given the current global pandemic.
Also, visit www.tributary.com for complete details on Storage Director, Back-ups to Public Clouds, Cloud Object Storage, and data security, and feel free to contact sales@tributary.com or our Director of Sales, Matt Allan at 713-492-7434
5 Best Practices for HPE NonStop File Integrity MonitoringWatch the replay on YouTube and XYPRO.com
File Integrity Monitoring (FIM) is a foundational requirement for security compliance frameworks to help identify unexpected or malicious activity across critical system files, diagnose unwanted or inadvertent changes, and shut down attacks before they have a chance to cause damage and disruption. Organizations that collect and process credit card transactions and payments data must comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements 10.5.5 and 11.5 that state organizations must make efforts to monitor file modifications and ensure the integrity of critical logs from within their Cardholder Data Environment (CDE).
On HPE NonStop servers, XYGATE SecurityOne (XS1) monitors and alerts when key files, objects, or system configurations are viewed, deleted, modified or ownership has changed. XS1 identifies who made the change and if the change put the system at risk or violated policy.This intelligent form of real-time integrity monitoring simplifies monitoring activity and helps meet the strictest of compliance requirements while reducing noise generated by unnecessary alerts. Your resources are focused on the most critical security events.XYPRO Technology’s Chief Product Officer & CISO, Steve Tcherchian, and Solutions Delivery Specialist, William Ferrara demonstrate the Top 5 HPE NonStop File Integrity Monitoring use Cases.*Originally broadcast live July 28th, 2020
Even Mums are buying with “Click & Collect”
Is there anyone left who insists on actually going to a store to buy something? Business journalists Bloomberg have brought to our attention that the flight from physical store purchases to e-commerce has been even greater than was predicted. We knew it would grow but by how much? During the global lockdown, there were not many ways to buy anything much more than the basic necessities of food to feed our families. Everything else has to be bought on-line, and so we have. The darlings of the stock market Amazon, Apple, Paypal etc have all enjoyed new peaks as we hover our mouses daily over the BUY button. Amazon reported year on year growth of around 40% in an economy that shrank by 32%.
Newsletters Missed a Newsletter? Catch Up Here Find out about Tandemworld
New Features Available for LightWave Server and LightWave Client
The LightWave solution suite has been helping NonStop users quickly and easily integrate their HPE NonStop applications with REST environments for a number of years now. LightWave ServerTM makes NonStop applications available as REST services, with no change to those applications. Customers are using the product to integrate with API gateways, to simplify access to their valuable NonStop applications, and to move toward microservices-based architectures, among other things. LightWave ClientTM brings the wide array of available REST services into a NonStop environment. Customers use LightWave ClientTM to access corporate API gateways, and to work with a variety of external REST Web services to extend their NonStop applications’ capabilities. The latest features include custom measure counters, sensitive data masking, international character support, message logging, and more. NuWave has also added BLOB support in LightWave ServerTM (this was already available in LightWave ClientTM) and XML payload support in LightWave ClientTM. You can read more about these features in NuWave's latest NonStop Innovations Blog article, or you can check out NuWave's CTO talking about some of these features on YouTube. See "Working with Optional Elements" or "Using BLOBs (binary large objects)"
CSP PassPort to Compliance Over the past few months, the coronavirus pandemic has upended our daily lives and tested our resilience during an incredibly difficult time. This has exposed the best in some of us. Regrettably, fraudsters have taken the opportunity to develop inventive new scams, targeting people and organizations when they are at their most vulnerable.
In these uncertain times, organizations are relying on CSP’s trusted security solutions more than ever to ensure the integrity of their applications. CSP PassPort® and PCI-DSS Compliance CSP PassPort provides important security features for NonStop servers (with or without Safeguard) and greatly expands the Guardian security package. While Safeguard provides a range of authorization and authentication controls, additional controls are required to manage how users log onto TACL and OSH, and what privileged commands they can use. In addition to this, once a user has logged on, it is critical to control which activities they can then carry out.
CSP PassPort addresses some of the following PCI-DSS requirements:
CSP PassPort CSP PassPort provides comprehensive user and command control, password quality enforcement and auditing. It controls and filters user access to systems, programs and commands according to customized user profiles. It offers superior user authentication, command control, session control, accountability, and auditing capabilities not available with Guardian or Safeguard security. All user terminal input/output operations (including OSS) can be monitored via an easy-to-use GUI interface, while an audit process records all user activities.
User Account Update Screen
Major Benefits: Ø Limit user access to sensitive assets, programs and commands Ø Improve user accountability and audit activities Ø Track powerful user id’s and commands Ø Prevent easy hacks by enforcing Password Quality Ø Eliminate the need to disclose sensitive SUPERID passwords for executing commands Ø Generate extensive reports of user activities Ø Get real-time notifications with Alert-Plus, and forward logs to SIEM for analysis
Key Features: Ø Monitor and audit user sessions down to keystroke level Ø Role-based user access Ø Time restrictions by command and program Ø User Authentication SEEP to prevent users from logging on outside CSP PassPort Ø Powerful Custom Reporting Ø Control client connections by IP address or IP address ranges Ø Multi-factor authentication support (coming soon!)
Learn more about CSP PassPort here.
CSP - Compliance at your Fingertips™ For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com
We Built the Wiki for NonStop Security ® Regards, The CSP Team +1(905) 568 - 8900
Next Generation Payment Technology TANGO is a Mission Critical System that does NOT Fail.
For this reason, many large banks and financial institutions as well as other mission critical businesses have chosen our TANGO solution for many years. These organizations have demanded a modern, open architecture with superior availability, scalability and data integrity as they look to the future. TANGO meets these demands. TANGO is built on a highly performing micro-services architecture providing agile delivery for banking payments needs. The collection of autonomous services work together to provide a global service and can be developed separately and deployed and run independently. Our CBSD approach leads to reduced development and maintenance costs which provides faster time-to-market and an ongoing, cost-effective payments solution. With it's versatile common architecture, TANGO removes issues regarding integration associated with disparate legacy systems and can be deployed on one hardware platform, or multiple hardware platforms, from the same or different hardware vendors all running the same TANGO infrastructure and code base.
Is your organization ready for the Complete Solution? Contact me now to learn:
Or visit: www.lusispayments.com/tango
Brian Miller Brian.Miller@lusispayments.com Ask TandemWorld Keep up with us on Twitter @tandemworld We are currently seeking skilled resources across the EMEA region, contact us for More Info www.tandemworld.net
Find out more about us at www.tandemworld.net
|
|
|||||||||||
+44 (0) 20 8304 7979 Our company, Tandemworld,
accepts no liability for the content of this email, or for the
consequences of any actions |