CA Mainframe Storage Management 197591

8/8/2019 CA Mainframe Storage Management 197591

1/15

CA Mainframe Storage Management

A White Paper by Bloor ResearchAuthor : Peter WilliamsPublish date : October 2008

Wh

itePa

per


2/15

Importantly, the software is alsoheterogeneousvendor- andmedia-neutraland managementis also centralized; this provides asingle point from which disparatetechnologies across the enterprisecan be managed, reducing

complexity.Peter Williams


3/15

page1

2008 Bloor Research A Bloor White Paper


Executive Summary

Rocketing storage growth is placing an ever-greater burden onstorage administrators, but adding extra equipment increasespurchase, operating and maintenance costs, as well asincreasing energy costs and environmentally damaging CO

2

emissions. Adding more equipment and media also complicatesits management and adds pressure on performance so thatservice level agreements (SLAs) may be threatened.

This paper rst considers, in a general way, how mainframestorage users may be able to mitigate, or even remove, thesenegative effects and then looks at the ways the CA MainframeStorage Management software solutions address these issues.

Under-utilization of existing resources in terms of wastedcapacity occurs in several ways. For instance, archive tapemedia averages only 60% utilization, primarily through unusedspace at the end of each reel. If this space can be used to raiseutilization to near 100%, the number of tapes will be reduced.Data compression can be used to t more information in thesame space. In addition, improving the capability to predictfuture storage requirements will help lessen wasted capacitycaused through over-provisioning of equipment and media toprotect against unexpectedly hitting the storage capacity ceiling.

However, such improvements may be harder to achieve for anorganization with a mix of past and present tape formats.Mixing disparate equipment and media is common and makesstorage environments harder to manage. However, if softwarecan centrally manage such mixed environments, and automatethe processes as far as possible, this can simplify the processand so reduce the staff burden. It can also boost utilization

through, for instance, virtualizing the environment or beingable to more easily re-deploy spare infrastructure.

A further consideration is that much of the electronicallystored information is sensitive and private to the business;customer information must be kept private and condential.Increased regulatory compliance requirements, backed by stiffpenalties for non-compliance, have focused minds on makingsure the information is secure but also accessible. The mostreliable way of ensuring this is to encrypt the data as it isstored, but the process needs to be selective and agnostic to amix of devices and media to be effective.

Any or all of these have the potential to reduce the total cost ofownership (TCO) of the storage pool and its management in

terms of running costs, oor space, staff pressure and thelikelihood of costly errorsor, in the case of compliance, toreduce the risk of legal penalties or the damaging effects ofsecurity breaches.

All of these factors can be included in a checklist of desirableattributes when preparing to choose a mainframe storagemanagement solution.

The CA Mainframe Storage Management software is logicallysplit between CA Automated Storage Optimization Suite and CATape Utilization and Compliance Suite (although compliance isconsidered separately).

The CA Automated Storage Optimization Suite is designed tounify z/OS storage management operations and automatesmonitoring and administration of Direct Access Storage Device(DASD) and tape (media, drives, libraries and virtual tapesubsystems). It addresses poor utilization through bettermanagement and optimizes media to signicantly reduce mediacosts and extend their lifespan. It is centralized, enterprise-wideand heterogeneous (both vendor- and media-neutral), whichreduces complexity, especially in a mixed vendor equipmentenvironment. In turn this reduces operating costs, including staffcosts, and signicantly extends the storage upgrade options andlife of legacy tape storage by allowing far greater exibility andchoice without creating future management problems.

Its management extends to cover central resource allocation,data backup, restore, archive, volume retrieval and disasterrecovery (DR), as well as reporting and data migration. It willarchive infrequently used data to lower cost media. It alsoprovides predictive allocation to minimize costly over-provision.

The key element of the Tape Utilization and Compliance Suiteis CA Vtape Virtual Tape System (CA Vtape VTS), which usesDASD caching to optimize tape performance and usage.Time-consuming tape mounts are replaced by instantaneousvirtual mounts as the data is captured on disk; les can thenbe stacked and only written out to tape when there is enoughto ll a tape reel, thereby removing wasted space. It handles amix of media, so staff need no re-training if new equipment isinstalled. The effect is to reduce the physical number of tapes,drives and robotic libraries needed, lowering both capitalexpenditure and operating costs.

The Peer-to-Peer Option allows for mirroring to a remote site(even without a tape drive), which may then be used for DR. Ituses TCP/IP for transmission rather than costly channelextenders; this can also remove the cost, delay and risk of lossin external transportation for tapes. It also provides the abilityto implement a tapeless environment.

CA Tape Encryption can be automatically applied selectively topre-determined les or le groups for storing on tape; theprocess is transparent to user operation. Particular attentionis paid to the encryption keys. The software centrally creates,stores, tracks, audits and protects the keys throughout theirlifecycle in line with the NIST recommendations for keymanagement. The software functions across multiple vendors

and applications and supports standard AES, DES and 3DES/TDES algorithms. Data compression can be carried outimmediately prior to encryption to yield capacity savings.

Proof of the potential for savings from deploying this CAMainframe Storage Management software, and in particulartape utilization, is described in a real case study. A businessusing 100,000 tape reels and 88 drives before deploying the CAsolutions was able to reduce the number of tapes by three-quarters and drives by a half, cancel its weekend and overtimestaff working and redeploy those staff previously involved intape mounts. Better utilization meant the 10GB capacity reelscould hold up to 74GB of data, management was greatlysimplied and, with disk as the interim medium, data accesswas also much faster.


4/15

page2


The amount of stored data is exploding, placing an ever-greater burden on storage administrators. Yet buying moredisk or tape units to handle this has huge implications in termsof: new equipment and media purchase costs, higher dailyrunning costs, increased oor space, greater energy usage andcosts, higher heat output (leading to extra cooling) andenvironmental damage through increasing CO

2emissions.

Accessing a larger and/or more fragmented storage pool canimpact overall system performance and undermine servicelevel agreements (SLAs). Even if an organization is willing toabsorb extra equipment costs in order to meet its volume orperformance needs, it could run up against data center orcomputer room capacity limitations in terms of space, the totalpower supply available, or heat dissipation capacity.

Increasing the number of disk or tape drives and ever moremedia items only serves to increase storage managementcomplexity; this, in turn, applies increasing pressure on staffleading to more human errors which carry their own costs.

So what can be done? An organization should of course be onthe lookout for ways of containing and limiting the total amountof data being added to the storage pool; this can slow theincrease in total data. It is equally important to consider andaddress the problem of wasted capacity through equipmentand media under-utilization. The easiest way of countering thedata explosion is likely to be to boost storage utilizationlevelsbut what this means in practice needs to be fullyunderstood.

Under-utilization manifests itself in a series of different ways.In a mainframe environment, disk utilization may be as high as7080% but this still leaves scope for improvement. Tapemedia may average only 60% utilization, primarily becausethere is spare capacity at the end of each reel. Moreover, if abusiness cannot accurately predict its rate of data expansion, ithas no option but to carry spare capacity just in case in termsof disk drives and/or tape units; otherwise there is thepotential to suddenly hit a capacity brick wall capable ofbringing down the whole system.

Under-utilization should also be considered in terms of datastorage efciency. Standard data output without any form ofcompression can be unnecessarily wasteful in terms of disk ortape capacity.

Specic to tape units, the capacity problem is exacerbated bythe variety of past and present recording formats. The greaterthe mix, the harder it is to manage the archive and access andexploit information from it. Old tapes left unchanged ratherthan migrated to the newer formats will be wasteful (as well asthe information being ever more difcult to retrieve) sincenewer formats store data more densely, which boosts capacity.Moreover, including old tape drives adds operational costs forstaff, support and systems management.

Utilization may even be held down by management softwareconstraints and complexity. A simple example of how greatermanagement exibility and agility can help is if a drive

freed-up as superuous to one system can be easilyreallocated to where extra capacity is needed.

In summary, ways in which overall utilization may be improvedinclude:

increasing percentage disk and tape utilization

reducing the stored data footprint

better-predicting future capacity to avoid over-provisioningof spare disk or tape capacity

improving storage management exibility and agility such asin reallocation of physical resources

So there is considerable potential for boosting utilization, butbeing able to realize this is, of course, dependent on thecapabilities of the chosen storage management software. Whatis already clear is that organizations need to be seeking outsoftware that will help simplify management, increaseoperational exibility and agility and apply information (such astrend statistics) to more accurately provision for future use.Organizations looking to improve utilization should consider allthese factors.

Why regulatory compliance needs consideration instorage data management

The subject of regulatory compliance is concentrating minds atboard level in major corporations, not least because there can

be stiff penalties in terms of nes, lost customers or even apublic relations nightmare for blatant data breach incidents.

One aspect of this is addressed by organizations implementingsoftware to gather and present the electronically-storedinformation in accordance with the requirements of thespecic legislation affecting them. However, ensuring thisinformation is reliable and accurate in the rst place is a morebasic requirement, as this means protecting it from beingillegitimately accessed and tampered with. Being able to verifythat the data has been protected is a key part of compliance(and also helps in achieving best practice in corporategovernance). Lack of data protection can lead to prosecutionwith high penalties, lost customers and revenueand thecompetition almost certainly jumping at the chance to point out

shortcomings.

In a court case in which an organization is being accused ofnon-compliance with a legal requirement, the datas legaladmissibility (whether or not it can be used as evidence) or itsevidential weight (its reliability as evidence) may well bechallenged. If the organization cannot demonstrate that itsrelevant data has been kept securely, it may lose the ability tomount a credible defense.

Alongside access security, the most reliable way of protectingsensitive electronically-stored information is data encryption.One of many examples of what can otherwise happen concernsa major US bank, which earlier this year gave an unencrypted


Under-utilization: the issues and their impact


5/15

page3


tape with around 12.5 million customer and shareholdernames with personal details to an archiving rm which thenlost it in transit. All these persons details may becompromised and huge penalties could ensue.

However, data has also to be usable on a day-to-day basis, soa sensible and exible approach, which nevertheless ensuressecure management, is needed. Typically, a large organizationwill have a mix of vendor storage equipment and media; so, tobe fully secure, this encryption capability needs to bevendor-agnostic.

In summary, organizations should factor in securing their dataand retaining good accessibility when considering theircompliance needs.

How Total Cost of Ownership (TCO) can also bereduced

Fairly obviously, if an organization can reduce the amount ofstorage hardware it uses to carry the same amount of storedinformation, it will reduce its Total Cost of Ownership (TCO).Yet there are a number of less obvious aspects to this that gowell beyond hardware usage.

If an organization can reduce the total amount of equipmentit needs, this also reduces the ongoing running costs interms of reduced energy consumption and reduced heatoutput, which also saves in terms of the power needed forcooling, in turn lowering CO

2emissions. There is also a real

estate value to the oor space used; more equipment can

lead to a larger secure computing area being needed, whichmeans less space being available for other businessfunctions within the same building. If reducing the equipmentmeans avoiding a revamp to expand the computer area thenthis should be factored in as a TCO saving versus thealternative.

Perhaps less obvious is the value of reducing staff overloadthrough simplifying, improving and, where practical,automating storage management functions. For instance,virtualizing the infrastructure can help simplify and make themanagement process more exible (as well as being a factorin helping to boost utilization).

If existing equipment, rendered surplus to requirements in one

area, can be easily re-deployed in another, its value isincreased and a new equipment purchase may be avoided. Ifthe organization has a disparate mix of vendors storageequipment and media, as is common, then a single softwaresuite that can control this mixed environment should be easierto manage; once the staff are trained in its use, no costlyretraining should then be needed if new equipment ispurchased.

Automated and simplied management will also tend tobenet staff in helping to eliminate costly human mistakes andthe staff time taken to remedy them, as well as reducing thebusiness riskas will unplanned system downtime, whichleads to higher equipment maintenance costs and time anddamage to business performance and service.

Moreover, optimizing the total information resource will tendto lead to better budgetary and statistical information beingavailable to the business for decision-making and operation.All these potential TCO gains should be factored in whenconsidering new storage software solutions.

How improving operational efciency can increaseopportunities and improve performance

Management of an organizations total storage has thepotential for improvement in several different directions, whichcan lead to better performance. Optimizing the equipmentresource will mean greater exibility and agility in, for instance,re-deploying spare capacity as and when it is needed. Thiscapability, along with more accurate future capacity planning,also prevents: a) storage outages from under-provisioning andb) wasted idle capacity through over-provisioning.

If the management process can be more automated orprovides better management information, this will tend tomean staff can be redeployed to other business projects andwill help reduce costly errors. In turn, these factors can lead totheir having the time and ability to consider how the data canbe exploited in new ways or in new applications to increase its

value to the organization.

If the management software is capable of handling a mix ofvendors storage equipment in an agnostic way, then this willremove the danger of vendor lock-in which may otherwisepreclude the most appropriate and best value hardware beingpurchased when the need arises.

Organizations should factor in these types of improvementswhen weighing up the relative merits of storage managementproducts.

So far we have considered the issues facing organizationsregarding mainframe storage and, in a general way, the areasfor potentially improving storage management and capacity

utilization. Put together, the above provides a checklist of itemsfor an organization to look for and evaluate when consideringthe mainframe storage management solutions available.

Now we will consider how CAs Mainframe StorageManagement software specically addresses these issues. Itcomprises a number of individual but integrated productsunder three main category headings.



6/15

page4


The CA Automated Storage Optimization Suite is designed tounify z/OS storage management operations. It does this viaautomated monitoring and analysis of the DASD environmentas well as tape management that covers tapes, robotic tapelibrary systems and virtual tape subsystems.

The software includes the following elements grouped underthe CA Vantage Storage Resource Management name:Automation Option, CA Allocate DASD Space and Placement(Allocation Option), Interface for DFSMShsm and the TapeResource Option. These unify the major managementoperations and ensure that there are no outages caused byout-of-storage conditions.

Here is how this software sets out to address the issues.

The software addresses poor disk and tape utilization in twodistinct ways: a) through optimizing and automatingmanagement, and b) by extending the life of the storagemediawhich in turn can signicantly reduce media costs.

The difculty in managing DASD and tape infrastructure isexacerbated if, as is usual, the storage pools are dispersedacross multiple systems and locations. The softwareaddresses this by centralizing, as well as simplifying, storagemanagement, analysis and administration; this includes, forinstance, providing at-a-glance status viewing, even for thedata which is in transit to and from remote locations acrossthe enterprise.

Importantly, the software is also heterogeneousvendor- andmedia-neutraland management is also centralized; thisprovides a single point from which disparate technologiesacross the enterprise can be managed, reducing complexity.These two factors should also help eliminate the need forniche software to handle non-standard storage systems(with a by-product of reducing the number of licenses toconsider). This should also mean resource usage in a mixedvendor and equipment environment is maximized. A furtherbenet is that, once training in this management has beengiven for the rst time, no extensive re-training or newknowledge is needed if new or changed equipment is broughtinto the mix.

Automated DASD allocation control is an option that optimizesstorage resources following pre-set standards. This directsboth VSAM and non-VSAM data sets to the correct tape or DASDwithin a storage group. It also redirects inaccurate data setallocations for proper grouping, and directs them to meetoptimum space or best-t usage requirements. It can thereforebe used to enforce allocation policies and simplifyadministration of the rules. It has full central allocation controlover all data sets and critical z/OS storage tasks including:backup, restore and archive to disk or tape, volume and disasterrecovery, reporting, data migration, compression and idle spacerelease. X-37 errors are intercepted and resolved, whichprevents application failures, saving costly time and resources.

Automated allocation is also designed to help organizationseffectively manage storage growth. It does this by exiblycontrolling and optimizing utilization of new storage withoutlosing data integrity or simplicity of operation. Storage costsare also reduced through the software archiving infrequentlyused data sets to less expensive storage media. Finally, the CAAutomated Storage Optimization Suite interfaces withmainframe security systems and uses a Windows graphicalmanagement interface to simplify usage of the CA Storageproducts and a host of other CA solutions.

Part of the overall storage management solution, CA DiskBackup and Restore completes the picture. It is acomprehensive system that also covers archiving to disk or tapeas well as volume or disaster recovery. The automated software

helps in optimizing storage resources and reducing storagecosts. Its exibility is shown in that it can carry out incrementalbackup and recovery for a data set, volume, application orentire storage infrastructureand can be used for datamigration, PDS compression and online or hard copy reporting.

The Interface for IBM DFSMShsm includes over 50 standardDFSMShsm reports and enables customization of many more.These provide real-time information to manage DFSMShsmmigration, recall, backup and recovery operations and facilitaterapid problem detection and resolution before the system isimpacted. Multiple DFSMShsm systems can be monitored tomaximize productivity.


Figure 1: CA Vantage SRM volume space usage display

CA Automated Storage Optimization Suite the issues and approach


7/15

page5


These functions together improve total cost of ownership (TCO)in a number of ways:

Being centralized and enterprise-wide, the softwareconsolidates and therefore simplies monitoring, reportingand forecasting of storage utilization.

Automating and centralizing management also helpmaximize existing and future storage resources, achievinghigher utilization and optimization of media.

In turn this saves time, eases operation and reduces theburden on staffleading to more accurate budgeting and areduction in costly errors.

When problems and their impact on the system areidentied and addressed ahead of time this also improvesservice levels, reduces installation and maintenance costsand assists achievement of SLA and overall performancetargetswithout the need for an increase in investment.

Because the software can cope with a mixed equipmentenvironment, organizations are not constrained by vendorlock-in, which can stand in the way of best value systemsbeing deployed.

CA Tape Utilization and Compliance Suitethe issuesand approach

There is a signicant management burden created by theburgeoning number of tapes being used to hold data as storage

volumes rocket. Yet individual tapes are under-utilized,especially as tape capacities have increased more thantwenty-fold in the last three years leading to huge amounts ofspare, wasted capacity unless a new approach is used. The CAVtape Virtual Tape System (CA Vtape VTS) is designed toaddress this problem by improving utilization rates andmaximizing the use and life of tape media (minimizing tapereplacements).

Through using CA Vtape VTS, the z/OS operating system sees anumber of virtual tape drive images instead of the actualphysical tape devices. The software intercepts requests forscratch tape mounts and buffers them on disk as virtualvolumes; tape mounts thereby become instantaneous. Whenenough of these are received, it stacks them onto a physical

tape so that the tape is fully utilized. Because it is using disk, ifthere are requests for critical data the DASD cache buffers areused to provide far greater throughput and performance thanphysical tape. This also means bottlenecks caused by tapeprocessing are reduced.


Figure 2: CA Vantage SRM object tree


8/15

page6


The software is vendor- and media-neutral (heterogeneous) somanages existing disparate hardware and media. This shouldmean reduced complexity and optimization of mixed tapeinfrastructure usage, and that no re-training or new knowledgeis needed to use the software when changes are made to thestorage infrastructure. It can therefore coexist with existingapplications to minimize disruption when implemented but,being heterogeneous, can also replace some previously-usedniche products. These factors ensure that vendor equipmentlock-in ceases to be an issue.

The Peer-to-Peer Option provides real-time tape mirroring,with immediate sharing of virtual tape volumes for use inremote sites, including for disaster recovery (DR), and is evenavailable without a local physical tape (thereby creating atape-less environment). Costs are minimized by utilizing TCP/IP instead of expensive channel extenders.

CA Vtape VTS also provides virtual device dynamic pathsupport. It achieves this by emulating physical device pathselection for up to eight different Channel Path IDs (CHPIDs).This reduces the possibility of device trafc being delayed dueto unavailable paths and eliminates a single point of failure,which would otherwise preclude high availability and DR.These facilities can also obviate the need for physical tapetransportation to remote locations, which incurs costs,increases risk of loss or theft and has an inherent time delay.

The issue of scalability is also largely eliminated. As it is purelysoftware, the number of virtual devices supported is increasedor decreased by a simple parameter change. Also, whereas

virtualization can increase the processor loading, CA Vtape VTScan uniquely exploit IBMs System zSeries IntegratedInformation Specialty Processor (zIIP) to ofoad processing forvirtualization (and also data compression and encryption, seebelow) from the mainframes general-purpose processors.This prevents growing amounts of business-critical data fromimpacting performance.

The software has a recall client-server architecture, meaningthat a single subsystem can serve recalls for the entire CAVtape VTS environment. Using its Backstore Engine to run theRecall Server and the Externalization Server, it lowers thephysical drive requirements by concentrating their use on asingle subsystem in a single logical partition (LPAR). Usinggroup-level policies, storage administrators can specify when

a primary or duplex physical tape is offsite, rendering itunavailable for local recall. Automatic switching to the nextavailable primary or duplex copy after a specied number ofrecall attempts is also allowed.

Global management and protection of critical tape data usingselective encryption with advanced encryption keymanagement meets compliance standards for safeguardingpersonal and business-critical information from unauthorizedaccess. (The way this is achieved and the full benets areexplained in more detail in the next item.) As with the otherstorage management software described, it is integrated withCA Vantage SRM to allow users to visualize and manage theirentire tape operations and virtual tape infrastructure from acentral location.

Included in the CA Tape Utilization and Compliance Suite, CAsCopycat tape-to-tape copy utility complements CA Vtape VTSsheterogeneous approach. It manages format and vendor-specic changes automatically during the copy process. Anadditional feature is to carry across catalog data updates toavoid re-keying.

As before, TCO is improved in a number of ways, potentiallysaving many thousands of dollars:

Costs are saved through reducing the number of tapes, tapedrives and robotic libraries by higher utilization and greatermedia longevityand perhaps removing physicaltransportation costs

This leads to lower ongoing costs for electrical power, cooling,oor space and maintenance on less equipment, a reducedneed for equipment replacement and maximized value fromexisting tape and mainframe hardware

Genuine hardware independence can reduce the managementburden in terms of time, errors and training related to newequipment, with improved budgetary accuracy also limitingerrors and the cost of remediation.



9/15

page7


Encryption goes a long way towards ensuring that stored data,both personal and business-critical information, is protectedfrom unauthorized access. For example, it needs to be appliedto some of the stored information in order for storage to becompliant with regulations covering data privacy. Then, if abreach occurs through an attempt to access or steal the data,the information will remain safeprovided the encryption keysare kept separately.

The vital importance of encrypting the information has beenhighlighted by many recent cases of electronically-heldsensitive personal information being lost with the informationnot encrypted, which means it could be exploited in all sorts ofways. An increasing number of nations are legislating againstthis, with stiff nes and, potentially, jail sentences among thepunishments for negligence.

On the other hand, it may not be necessary to encrypt all theinformation, particularly as this can affect system performancerelated to reading and writing data. So, to maintain agility, anorganization ideally needs the ability to be selective over whatis to be kept encrypted and what is not. The process of


Tape encryption and its management to ensure compliance

Figure 3: CA Tape Encryption showing key management

encrypting and decrypting also needs to be transparent, withthe most important aspect being management of theencryption keys themselves.

CA Tape Encryption and CA Tape Encryption Key Manager aretwo complementary products that run on z/OS mainframes andautomate the full lifecycle for encryption key management. CATape Encryption automates both full and selective encryptionof mainframe data and distributed data sent to z/OS tapes. CATape Encryption Key Manager automates encryption keymanagement for IBM TS1120 (3592-E05) drives.

It is very common for organizations to under-estimate theimportance of proper key management throughout theencryption keys lifecycles. Poor management can create twoopposing problems: 1) keys illegally accessed unlock the wayinto sensitive encrypted data, but 2) keys lost make theassociated encrypted information irretrievable even forlegitimate use. CAs approach, which fully supports theNational Institute of Standards and Technology (NIST) 800-57key management lifecycle recommendations document,centrally creates, stores and protects the keys. Measures


10/15

page8


include monitoring, tracking and auditing, which extend tocover back-up and recovery as needed, with automatedexpiring and removal of the keys. The process is integratedwith both CAs and IBMs z/OS tape management systems (CA 1Tape Management, CA TLMS Tape Management and IBMDFSMSrmm) offering the same level of exibility and securitythroughout the lifecycle.

The scope of encryption can be determined by user policy andis accomplished transparently by any application. It maytherefore be applied selectively to a pre-determined le orgroup of les to be stored on tape. Files are automaticallyselected for encryption with users able to choose a number ofoptions; these include a DFSMS-based (ACS Dataclassconstruct) suite, existing systems such as CA ACF2 for z/OS,CA Top Secret for z/OS or IBM RACF, or a combination ofDFSMS and one of these. CA Tape Encryption interfaces with z/OS external security systems using the standard z/OS SystemAuthorization Facility (SAF) call.

CA includes, at no charge, secured tape exchange andportability for any business to business (B2B) partner to whomusers wish to send encrypted tapes. CA supports Windows,Unix and Solaris operating system users through theMultiplatform Decryption Utility (MDU) which decryptsdistributed les encrypted by CA Tape Encryption on z/OSplatforms; it does not need CA Tape Encryption installed onthe distributed systems. Appropriate keys are exchangedunder secure digital certicates stored in the externalsecurity systems. MDU, written in Java, utilizes the industrystandard decryption routines provided by the Java

Cryptography Extension.

CA Tape Encryption supports symmetric cryptography usingAdvanced Encryption Standard (AES), Data EncryptionStandard (DES) and Triple Data Encryption (3DES/TDES)algorithms. During decryption, CA Tape Encryptionautomatically identies the encrypted tapes for which it hasownership then dynamically applies the appropriatedecryption routine. More globally, the whole process isagnostic to, and supports, organizations internal compliancepolicies and legal obligations.

Enabling security-based selection gives the securityadministrator total control and added exibility for protectingcritical data and managing encryption policies as an integral

part of corporate security policies.

Encryption and decryption inevitably add a performanceoverhead. However, CA Tape Encryption exploits IBMS z/Series cryptographic hardware to limit processor overhead andmaximize performance. It uses CP Assist for CryptographicFunctions (CPACF) on z890, z990 and z9 processors (includingthe zIIP specialty processors) or the CryptographicCoprocessor Facility (CCF) on z800 and z900which provideshigh speed DES64, 3DES128 and 3-DES192 encryption/decryption, with CPACF on the z9 also providing hardwareencryption for AES128 (128-bit encryption). AES 128, AES192and AES256 are also available as software-only. Finally, thereis a FIPS 140-2 compliant mode, which encrypts using IBMsFIPS 140-2 certied Crypto-Processor and algorithms.

An important step in saving space on the tape media is theability to also compress tape les before encryption but, again,this must be balanced against performance. CA TapeEncryption allows the user to identify the desired compressionalgorithm and optionally specify minimum compression ratesto assist performance.

Facilities are also provided to protect CA Tape Encryptionconsole commands, utilities and individual symmetric keys.Integration with CA Vantage Storage Resource Manager (CAVantage SRM) means a secure audit trail of all encryption/decryption activity and access to the CA Tape Encryptiondatabase, including performance statistics, is provided.

TCO benets come out of the ease and exibility of use within acomprehensive, cross-platform encryption approach. Thisshould greatly reduce the risk of lost revenue through nes orother penalties for non-compliance, lost customer business,auditing issues, system downtime or negative publicity. If datacompression is applied ahead of encryption it can double theamount of data for the same tape used, boosting utilization toreduce the amount of tape media.

Customer case study

A US-based company highlights the potential benets ofmoving to CA Vtape VTS. It has, for well over a decade,provided data center mainframe outsourcing and directmarketing tools and services to customers.

The company, an IBM Premier Business Partner and Prime

Hosting Partner, hosts almost every type of mainframehardware and carries skills in most mainframe platforms andsystems (including VSE, VM, MVS and IBMs zSeries). It pridesitself on never losing a customer but nearly became a majorvictim of its own success about three years ago. Its challengecame from constant growth and expansion which meant it washandling 100,000 tapes through 88 separate drivesand was inneed of a more cost-effective and efcient way of managingthem. Problems included a huge amount of oor-space forboth the tape hardware and its media and the sheer number oftape mounts to achieve the work needed which was puttinghuge strain on the staff. This had the potential to underminethe superior service their customers were used to.

One obvious way of improving the situation, if it could be

achieved, was to reduce the number of tapes used, but alasting solution was needed. The company investigatedwhether there was more sophisticated technology. Its rstmove was to purchase an IBM 3590 Automated Tape Library(ATL) and it also selected J tapes, which have a 10 gigabyte(GB) capacity. It also chose CA Vtape VTS for the managementof the whole operation.

Reasons for CA Vtape VTS being selected included the fact thatit was purely software and was able to utilize existing tape andmainframe hardware and applications. It also allowed thecompany to implement a virtual tape system for the rst time,backed by heterogeneous hardware and software support. CAVtape VTS gave the company a hardware-independent solutionthat freed it from any vendor constraint in future purchases.



11/15

page9


After implementation, results were dramatic. The number oftapes was reduced by three-quarters and tape drives by half,while the use of its automated tape libraries was maximized.Most importantly, since CA Vtape VTS intercepts andvirtualizes the tape mount requests, this function has becomeinstantaneous. It is also set to compress the data as it writesit to a virtual (DASD cache) volume before later writing out tothe physical tape when system loading is lighter. Thesefactors have hugely reduced the burden on the staff tape

jockeys who had been constantly loading, mounting andremoving tapes.

Part of the space saving is achieved through CA Vtape VTS, inconjunction with IBM data compression algorithms, storingapproximately 2830GB on the 10GB tapes and, when itexternalizes the tape from Vtape cache, this gure can rise to74GB. Since the software can stack many virtual volumes ontoa single physical tape, this fully exploits the features of thesehigh-capacity tapes and the automated tape libraries. Thecompany has seen the IBM 3590 now ostensibly holding 147%more data but, since the software stacks les, this gure ismuch higher in practice. A signicant side-benet is that thedisk-based virtual volumes provide immediate data accesswhich increases throughput and performance to help meet thecompanys SLAs.

Actual TCO benets include being able to discontinue overtimeand weekend shiftspreviously needed almost entirelybecause of the need to mount tapesas well as freeing upstaff time for other functions, even during the day. Thedramatic reduction in required oor space is matched by

reduced power and heat output. For the future, the companyhas a considerable pool of free tape drives available to avoidextra equipment purchases if extra capacity should then beneeded. Perhaps most important of all, the companyconrmed the ease of use of CA VTape VTS softwareand thatit just worked.



12/15

page1



With the amount of storage rising inexorably, the idealmainframe storage management software needs to beautomated as far as is possible to simplify operation,centralized to provide global control and heterogeneous to beable to handle a mix of storage equipment and media. Thesewill, together, improve management performance, reducestafng costsincluding for re-trainingand minimize costlyerrors. The CA software addresses all of these.

Equally, there are a number of ways in which utilization of thedisk and storage assets may be boosted. These include:virtualization and consolidation of equipment, datacompression, storing multiple data sets onto a single tape,greater exibility in (for instance) reallocating spareresources, and better prediction of future storagerequirements. When these are all applied, this will in practicereduce the amount of physical equipment and media in useand, in turn, provide savings in space, energy, heat, (indirectly)CO

2output, and, above all, TCO. Again, CAs mainframe storage

management software includes features that assist in everyone of these areas.

In conclusion

However, the sensitive information held within the data storagepool is subject to compliance with regulations and policiesthat, in practice, means it needs to be stored in encryptedform. This does not help in saving space or time but hasbecome a must have capability even though some of the datacan remain unencrypted. CAs comprehensive encryptionsolution securely manages both the selective encryption and,equally importantly, the keys, throughout their lifecycle. Thesaving here is in being more secure against illegal data accessand reduced risk from nes or other penalties.

In summary, CAs mainframe storage management softwaresuites include features that specically address each of theissues considered in an easy-to-manage way. As the casestudy shows, when this functionality is applied in practice,major savings and benets can be accrued.

Further Information

Further information about this subject is available fromhttp://www.bloor-reseearch.com/update/971
http://www.bloor-reseearch.com/update/971http://www.bloor-reseearch.com/update/971


13/15

Bloor Research overview

Bloor Research has spent the last decadedeveloping what is recognised as Europesleading independent IT research organisation.With its core research activities underpinninga range of services, from research andconsulting to events and publishing, BloorResearch is committed to turning knowledgeinto client value across all of its productsand engagements. Our objectives are:

Save clients time by providing comparisonand analysis that is clear and succinct.

Update clients expertise, enablingthem to have a clear understandingof IT issues and facts and validate

existing technology strategies.

Bring an independent perspective,minimising the inherent risks of productselection and decision-making.

Communicate our visionaryperspective of the future of IT.

Founded in 1989, Bloor Research is one ofthe worlds leading IT research, analysisand consultancy organisationsdistributingresearch and analysis to IT user and vendororganisations throughout the world viaonline subscriptions, tailored research

services and consultancy projects.

About the authors

Peter WilliamsCommunications Manager and PracticeLeader IT Infrastructure Management

Peter Williams IT industry experience spans over40 years and he is well-respected for his breadthof both technology and business knowledge. Peter

joined Bloor Research in late 2004 after four yearsas an IT writer and correspondent. Peter recentlytook on the IT Infrastructure Management brieffor Bloor, which includes Storage Management.

IT infrastructure management here refers tomanagement of the physical servers, storageand network infrastructure and devices (assets)found within an enterprise, including the data

centre and distributed communicationsandespecially the infrastructure managementsoftware which also manages the logical (virtual)system views. It includes asset management,systems and service/maintenance management(which relates back to the assets includinglicensing), plus data backup/restore/archive anddisaster recovery and business continuity.

Peters early experience was primarily withcomputer manufacturer NCR, working in a numberof technical roles including: programmer, systemsanalyst, installation consultant then graduatingto project manager responsible for major softwaredevelopments in the banking, retail and health

sectors. In the late 1980s he became NCRsnational marketing manager for the logistics andmanufacturing vertical sectors. In 1993 he joined ahigh-tech marketing company, writing promotionaland technical material for companies such asDigital (DEC), Kyocera Europe and RS Components,while he also gained a BSc in Computing part-time.

After a contract period as information systemsmanager for a pipework tools manufacturer heentered IT journalism with IT Week, part of VNUBusiness Publications, in October 2000 and waslater a founding correspondent within the VNUNews Centre team. In his four-years with VNUhe provided some 2000 reports and analyses onboth technology and business for the VNUnetweb site plus IT Week, Computing, NetworkNews and Computer Reseller News IT businesspublications. Peter was able to conduct in-depthinterviews with some top IT industry leaders.Latterly he also wrote regular newsletterson open source and business hardware.

Peter has researched and provided positioningmaterial for a number of vertical markets forBloor and also carried out an editorial role forthe Bloor Bytes news bulletin. Away from IT,Peter plays an active role in his local church.He is an honorary vice-president of the SussexCounty Table Tennis Association having longago represented Sussex and England. Married

35 years, he has three grown up children.


14/15

Copyright & disclaimer

This document is copyright 2008 BloorResearch. No part of this publication maybe reproduced by any method whatsoeverwithout the prior consent of Bloor Research.

Due to the nature of this material, numeroushardware and software products have beenmentioned by name. In the majority, if notall, of the cases, these product names areclaimed as trademarks by the companiesthat manufacture the products. It is not BloorResearchs intent to claim these names ortrademarks as our own. Likewise, companylogos, graphics or screen shots have beenreproduced with the consent of the ownerand are subject to that owners copyright.

Whilst every care has been taken in thepreparation of this document to ensurethat the information is correct, thepublishers cannot accept responsibilityfor any errors or omissions.


15/15

Suite 4, Town Hall,86 Watling Street East

TOWCESTER,Northamptonshire,

NN12 6BS, United Kingdom

Tel: +44 (0)870 345 9911Fax: +44 (0)870 345 9922

Web: www.bloor-research.comemail: [email protected]
http://www.bloor-research.com/http://malto:[email protected]/http://malto:[email protected]/http://www.bloor-research.com/

Documents

CA Mainframe Storage Management 197591