IBM United States
Software Announcement 202-123
June 4, 2002

IBM OS/400 V5R2 — Enterprise IT Management Made Simple

 ENUS202-123.PDF (76KB)


At a Glance

Performance at your fingertips

  • Dynamic logical partitioning for award-winning 64-bit Linux
  • Intuitive iSeries Navigator with performance monitoring with new B2B transactions
  • Adaptive e-transaction services

Adaptive storage virtualization for high availability

  • Mainframe-class availability with switched disk cluster management
  • Self-optimizing, multiple DB2 UDB for iSeries images for business unit consolidation
  • Extensive Windows® server management supports Microsoft™ Cluster Services
  • Disk Migrate While Active

Flexible management of e-business infrastructure

  • Industry's first eLiza Enterprise Identity Mapping helps enable true single sign-on
  • High-performance Apache Web serving with secure sockets and caching accelerators
  • Simple wireless operations with wireless-optimized, Web-ready micro edition
  • Enterprise application enablement through commitment to open standards

For ordering, contact:

Your IBM representative, an IBM Business Partner, or IBM Americas Call Centers at 800-IBM-CALL (Reference: AE001).

Overview

With the latest release of Operating System/400® (OS/400®) V5R2, the IBM eServer iSeries delivers self-managing, mainframe-class technology — simplicity to an otherwise complex world.

Performance

OS/400 V5R2 features many enterprise-class data-center management capabilities and makes managing IT environments simple, whether you run a Model 890 or a Model 270.

Your benefits include the flexibility to use powerful functions such as dynamic logical partitioning, iSeries Navigator with extensive graphical systems management tools, integrated DB2 Universal Database® (UDB) for iSeries database, and the ability to manage and allocate resources to a variety of workloads based on business priorities.

High Availability

V5R2 extends many of the virtualization technologies available on the iSeries to further assist clustering and business continuity solutions, including the ability to extend switched disk cluster services to support database objects.

In addition to advancing our storage management and availability solutions, DB2® UDB for iSeries now has greatly enhanced support for open standards with much greater compatibility between DB2 UDB for iSeries on OS/400 and our other DB2 UDB platforms.

Further Management Flexibility

OS/400 V5R2 delivers on IBM's commitment to provide self-managing solutions through the industry's first implementation of Enterprise Identity Mapping (EIM), a Project eLiza initiative.

Project eLiza is IBM's approach to creating a self-managing, autonomic computing environment.

The iSeries is well poised to provide a reliable, integrated, and highly available Web serving environment.

The investment in OS/400 continues.

With the deployment of technologies such as Apache, XML, Java™, and Linux, the proprietary locks on serving Web applications are broken.

Key Prerequisites

IBM eServer iSeries Models 150, 170, 250, 270, 6xx, Sxx, 7xx, and 8xx

Planned Availability Date

August 30, 2002

Description

Innovative IBM Technology for the Enterprise

Performance: V5R2 delivers innovative enhancements in database function and continuous availability with IASP, clustering, and journaling enhancements.

Independent Databases: Support for independent DB2 UDB for IBM eServer iSeries databases via Independent Auxiliary Storage Pools (IASPs) gives you additional availability and server consolidation options. Multiple DB2 UDB for iSeries databases within a single instance of the operating system allows for application flexibility and server consolidation by providing separate named database spaces. For instance, a company could have each of its regions share the same applications on a single instance of OS/400, each with their own copy of the DB2 UDB for iSeries schemas (libraries). Each region sees only the database objects for that region. Different users on the same system can connect to the appropriate database for their region. Independent switchable databases enable access to your data during scheduled and unscheduled downtime without requiring redundant data collection.

Continuous Availability: V5R2 delivers on the promise and potential of switched disk clustering and IASP technology introduced in V5R1. V5R2 extends the IASP support to applications that use the traditional library-based file system and database files.

IASPs enable the segmentation of physical and logical storage into isolated and independent subsets within OS/400 single-level storage. IASPs can be brought online and offline independently on a single system and switched between multiple systems in an iSeries cluster.

The iSeries clustering and IASP capabilities are similar to the High-Availability Cluster Multiprocessing (HACMP) functions on the IBM eServer pSeries.

IASPs provide a data center solution for switching storage that can reduce downtime for operating system and hardware maintenance and unplanned outages, and can also be used for database segmentation and workload switching.

To define switchable IASPs, you must have high-availability (HA) switchable resources (OS/400 Option 41) installed on your system.

Enhancements to Cluster Resource Services and APIs help expand the number of ClusterProven™ applications, particularly Web serving and legacy/batch applications, and make clustering easier.

Disk Migrate While Active with OS/400 V5R2 further enhances availability by supporting concurrent migration of most of the disk subsystem data during normal operations. This capability is available through the Start ASP Balancing (STRASPBAL) command with options to mark and move data off disk subsystems.

Journal performance can be substantially improved in some environments by installing and enabling the new HA Journal Performance (OS/400 option 42) feature. Two options enhance journal performance:

  1. Journal Caching can help to substantially reduce the number of synchronous disk write operations performed in batch applications and reduces overall elapsed batch execution time.
  2. Journal Standby allows you to achieve fast failover in a high-availability environment and enable journal support on your target iSeries machine well in advance of the failover event without incurring the normal performance impact associated with journaling. This should be especially attractive in shops that need 24 x 7 operation, have lots of journaled tables, and need more rapid failover/role-swap times.

OS/400 options 41 and 42 are fee-based options. For pricing information, refer to Software Announcement 202-131 , dated June 4, 2002.

Workload Consolidation

Many companies are consolidating workloads onto fewer and fewer systems to help optimize their IT infrastructure. Many companies choose iSeries for the wide selection of applications available.

These solutions include:

  • iSeries Integrated Language Environment® (ILE)
  • UNIX® application through OS/400 Portable Application Solution Environment (OS/400 PASE)
  • Domino™
  • Java and Java2 Enterprise Edition through WebSphere®
  • Windows 2000 Server
  • Linux

For V5R2, many additional functions improve the usability, manageability, and efficiency in this consolidated environment.

Linux: One of the most important developments in business computing in recent years is the arrival of Linux. iSeries V5R2 enhances Linux support with:

  • Dynamic allocation of virtual processor units
  • Shared read-only virtual disk
  • Linux library support for 64-bit Linux applications
  • iSeries Navigator enhancements for Linux
  • ODBC connectivity to DB2 UDB for iSeries
  • iSeries Support for Windows Network Neighborhood (iSeries NetServer) to allow Linux Samba to access the Integrated File System
  • Output queues on the iSeries

In addition, Linux distributions for iSeries include native I/O support for fibre channel and multiport serial device drivers.

iSeries Linux now supports IBM Java 1.3.1.

OS/400 PASE: OS/400 PASE supports the AIX® 5L 5.1 application environment, which includes support for 32- and 64-bit applications. Additionally, OS/400 PASE (OS/400 option 33) is now packaged as a no-charge feature of OS/400, enabling use of OS/400 PASE by operating system functions or other IBM software such as Tivoli® Storage Manager.

iSeries Windows Integration: iSeries Integrated IBM eServer xSeries server and Integrated xSeries Adapter offerings support Virtual Ethernet LAN, Microsoft Cluster Services, and Automatic Cartridge Loader support.

With this release, new xSeries models are now supported using the Integrated xSeries Adapter. For the latest information on supported models, refer to:

The iSeries Virtual Ethernet LAN introduced in V5R1 to enable high-speed communications between OS/400 and Linux partitions within the iSeries server is extended to support Integrated xSeries servers and xSeries servers attached with Integrated xSeries Adapters. With this support, Windows servers can communicate with each other and with OS/400 and Linux partitions over the fast, more secure, and reliable Virtual Ethernet LANs.

iSeries Windows integration supports the Microsoft Cluster Services. With the clustering support provided in Windows 2000 Advanced Server, two Integrated xSeries servers or two xSeries servers attached with Integrated xSeries Adapters can form a cluster and utilize the sixteen new shared storage spaces available with V5R2. In the cluster environment, if there is an outage on one of the Windows servers, the storage spaces can be switched to the second Windows server and the applications can be automatically restarted to reduce the length of the system outage.

For planning information regarding Windows .NET Standard and Enterprise servers, refer to Product Preview information in Hardware Announcement 102-157 , dated June 4, 2002.

Customers who have systems with large amounts of data often have Auto Cartridge Loader (ACL) tape devices (3570, 3580, and 3590) with the ability to automatically load another tape cartridge. Support is now added in the Windows integration support to handle commands for ACLs. Multiple tape cartridges can be accessed during backup/restore operations initiated from the Windows server.

Logical Partitioning: OS/400's superior dynamic logical partitioning is enhanced with extensive graphical workload management tools enabling multipartition management with customizable views for enhanced operator productivity. In addition, system administrators can export and save partition configuration data to simplify the management and reconfiguration of partitioned servers.

Logical partitioning supports the iSeries Model 890. Customers can install OS/400 V5R2 in the primary partition or any secondary partitions. Existing customers with OS/400 V5R1 can add OS/400 V5R2 in secondary partitions to complete their release upgrade tests.

e-business Infrastructure

iSeries can provide a complete and integrated e-business or e-commerce solution. V5R2 delivers seamless heterogeneous transaction processing, accelerated speed that Web pages are delivered to users with the latest level of TCP/IP and new methods to help enhance data privacy and to manage a system more securely using wireless technology.

High Availability

Adaptive e-transaction Services: With V5R2, we are specifically optimizing the operating system to adapt seamlessly to and process different transaction types, both traditional and e-business — simple, predictable transactions or multidimensional transactions that spawn multiple tasks.

This self-optimizing capability of OS/400 to manage transactions of all types gives you potential performance gains for your Web serving or day-to-day business applications. Furthermore, the iSeries is optimized for highly scalable WebSphere and Java transaction performance with no programming changes required.

Web Availability/Scalability: IBM HTTP Server for iSeries includes a generally available version of Apache Software Foundation's Apache Web Server V2, released April 5, 2002.

In addition to industry currency, the following product enhancements are added:

  • Highly Available HTTP Server (powered by Apache) takes advantage of iSeries Clustering technology and makes it possible to build a highly available Web site, improving the availability of business-critical Web applications built with Common Gateway Interface (CGI) programs.
  • Improved navigation, usability, and accessibility enhancements for the administration GUI.
  • Fast Response Cache Accelerator (FRCA), a Web-caching technology, can more than double capacity for serving static content compared to conventional server architectures. It has allowed IBM to establish new, state-of-the-art Web server performance.

Security Enhancements: For V5R2, many security enhancements are implemented. These include the following, and are discussed in more detail in the Security Enhancements section:

  • Enhancements to iSeries Kerberos support
  • Enhancements for Digital Signatures
  • Implementation of new Java Security standards
  • Firewall-friendly Virtual Private Networks (VPN)
  • Enhancements for Cryptographic Accelerators

Support for New Hardware Cryptographic Accelerators

Encryption is a key e-business security mechanism. The Cryptographic Accelerator is targeted to high transaction rate, secure Web applications using SSL, or Transport Layer Security (TLS). When installed, it is automatically used by the system to off-load compute-intensive public-key processing to improve cryptographic performance for transactions using SSL/TLS.

Networking Enhancements: For V5R2, networking enhancements include:

  • Support for IPv6, the next generation (version) of TCP/IP, via the IPv6 Application Developer's Platform
  • Network Quality of Service enhancements
  • Proxy ARP routing for virtual IP interfaces
  • Remote access enhancements including point-to-point protocol over Ethernet (PPPoE)

iSeries Access for Wireless: Increase your business productivity without spending more time in the office or at the desk. Wireless access to administration functions and business solutions can help. This product supports administration of OS/400 and application development for intended wireless devices such as personal digital assistants (PDA) and Internet-enabled phones. New, consistent branding and consolidation of development tools exist for creating wireless solutions.

iSeries Access for Wireless includes:

  • An OS/400 administrator interface, previously called Management Central-Pervasive, is enhanced and consolidated as part of iSeries Navigator.
  • The IBM Toolbox for Java 2 Micro Edition is used by developers to rapidly develop Java applications to access iSeries data and resources. This micro edition extends its capabilities to wireless devices. It also includes the Java Database Connection (JDBC) driver to access DB2 UDB for iSeries.

Through simplified yet highly secure access to information and function, iSeries Access for Wireless provides what you need to make your workforce truly mobile.

eLiza/System Management/Client Enhancements

Further Management Flexibility: Project eLiza is an IBM initiative to help companies deal effectively with increased complexity. It's a blueprint for self-managing systems, aimed at creating an intelligent IT infrastructure that responds to unexpected capacity demands or system failures. This allows you to react faster to changing circumstances, realize cost efficiencies, and focus on your business needs.

Enterprise Identity Mapping (EIM): For V5R2, self-management capability is enhanced with EIM. EIM gives you and your business partners a technology that maps a user identity on one system to the user's identity on another system. The operating system and applications can equate jsmith on iSeries to janesmith on IBM eServer zSeries.

Identity mapping information is available to customers and ISVs through APIs available on all IBM eServer platforms.

Agent Building and Learning Environment (ABLE): iSeries also exploits an intelligent agent technology from IBM Research called ABLE. The ABLE technology enables additional automation and self-management to be built up over future releases.

iSeries Navigator: With V5R2, we increase our graphical management capability through iSeries Navigator, formerly called Operations Navigator.

Customer comments have again resulted in improvements to the management of multiple iSeries servers in a network using iSeries Navigator.

Features to improve ease of use and capability, include:

  • New user-defined PEX (Performance Explorer) events including key server jobs used by e-business applications
  • Transaction management capability is added for B2B transactions
  • Synchronization of time across multiple servers for System Monitor graphing consistency
  • The ability to more easily verify a valid connection to the Management Central server and detect errors in configuration
  • Options for automatic restart of a monitor after system IPL and retry after connection error
  • Management Central functions are SSL enabled for highly secure transmissions
  • More fully featured drag and drop support in Management Central
  • Enhancements to the PTF management tools allow management of PTF groups across multiple iSeries systems
  • New work management functions such as system status
  • Database support such as Database Navigator and SQL Visual Explain is improved by using a new technology for better map layout and control, multiple databases on a system by using independent disk pools, and database transaction support to view DB transaction for a job, see a job associated with a transaction, and lock holders for an object and the transactions using the lock space
  • New wizards to create logical partitions, IPv6 and IPv4 configuration, interfaces, and routes; and Enterprise Identity Mapping configuration
  • Support to run a Windows command on your Integrated xSeries server
  • Enhancements to BRMS
  • In addition, system administrators can export and save partition configuration data to simplify the management and reconfiguration of partitioned servers
  • iSeries Navigator V5R2 contains new self-optimizing index advisors within Visual Explain, which provide advice on creating indexes and collection statistics for a given SQL query called Automatic Index Advisor

Grid Computing: Grid is the next stage in Internet evolution — the ability, using a set of open standards and protocols, to gain access to applications and data, processing power, storage capacity, and a vast array of other computing resources over the Internet. Just as the user looks at the Internet and sees content via the World Wide Web, the user looking at a grid sees essentially one, large virtual computer.

Grid computing continues to evolve. It shows the potential of running commercial applications across the virtual organizations. The iSeries is poised to take advantage of grid computing as business applications are made available. Research and development to exploit grid computing has already started in the development laboratory, as demonstrated by the recent successful connection of iSeries to the IBM BlueGrid using the Globus Toolkit through OS/400 PASE and iSeries PowerPC® Linux.

Simplification/Serviceability: Simplification attempts to make the user's experience with the iSeries as easy and rewarding as possible. In V5R2, simplification continues to be the focus as function is enhanced and extended for the iSeries Navigator. iSeries Navigator is the strategic user interface for iSeries servers.

The software installation process is enhanced by a Virtual Media Install from DASD, allowing users to upgrade software without handling physical media.

The service enhancements in V5R2 are in two major areas:

  • PTF group support allows a group of PTFs to be managed as a single entity. This helps reduce complexity when dealing with PTFs.
  • Improved diagnostic tools include:
    • Enhancements to communications trace that allow improved access to trace information
    • Enhanced security audit records to include the IP address of the client that caused the security audit to be generated
    • Enhancements to the job trace facility (STRTRC) to filter the information traced and to be selective about what components are traced
    • Improved error messages for errors detected by TCP/IP

e-Care: VPN support is enhanced with protocol support for User Datagram Protocol (UDP) Encapsulation that provides a simpler way to create VPNs when using firewalls. This opens up easier high-speed connectivity opportunities for customers connecting into IBM for reporting problems, downloading PTFs, and sending inventory. Also, support for remote support center connectivity is enhanced by allowing high-speed, secure connectivity through customer-initiated VPN connections.

Technical Support Advantage Enhancements for iSeries

  • Enhanced configuration tools and technologies
    • Software keys management tool
    • LPAR Validation Tool
    • Workload Estimator
    • Find and Compare Tool (FACT)
    • Online Disk Arms Calculator
  • Enhanced healing tools and technologies
    • Enhanced software knowledge base for support
    • Streamlined fix downloads help you download larger fix sizes over the Web
  • Enhanced protecting tools and technologies — Through direct assistance in problem determination using a VPN
  • Find Out More about the Technical Support Advantage resources and tools available for iSeries and AS/400e™, at:

    Click What's New.

Trademarks

 
iSeries, pSeries, xSeries, and zSeries, are trademarks of International Business Machines Corporation.
 
The e-business logo, ClusterProven, and AS/400 are trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Operating System/400, OS/400, DB2 Universal Database, DB2, Integrated Language Environment, WebSphere, AIX, and PowerPC are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Microsoft is a trademark of Microsoft Corporation.
 
Windows is a registered trademark of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
UNIX is a registered trademark is a registered trademark of the Open Company in the United States and other countries.
 
Tivoli is a registered trademark of International Business Machines Corporation or Tivoli Systems, Inc., in the United States or other countries or both.
 
Domino is a trademark of Lotus Development Corporation and/or IBM Corporation.
 
Other company, product, and service names may be trademarks or service marks of others.

Innovative IBM Technology for the Enterprise

DB2 Universal Database® (UDB) for eServer™ iSeries Standards Support: V5R2 furthers DB2® UDB for iSeries' position in support of many industry standards and DB2 UDB for iSeries family compatibility.

Benefits include:

  • More application and tool availability
  • Easier application or database portability
  • Improved interconnectivity to many different platforms/databases
  • Better use of available skills in the workforce

In addition to the traditional database interface and language support, DB2 UDB for iSeries provides a robust SQL-based database required by today's Enterprise Application Systems while leveraging the strengths of the iSeries.

Additional enhancements in V5R2 make it easier for you to transition from traditional database interfaces to the SQL world. A unique advantage for iSeries customers is that you can choose from a mixed environment of traditional and SQL facilities based on requirements, skills, or existing applications.

Query optimization technology within DB2 UDB for iSeries is improved in V5R2 to deliver improved performance in certain query/SQL environments.

Industry-Standard and DB2 UDB for iSeries Family SQL Enhancements in V5R2

  • JDBC 3.0 (JDK 1.4)
  • The Open Group's Distributed Transaction Processing: The XA Specification
  • Java™ Transaction API (JTA) 1.0.1
  • ODBC and JDBC drivers for Linux
  • User-Defined Table functions
  • Savepoints
  • Common Catalog Views
  • UNION in Views
  • IDENTITY columns and ROWIDs
  • CREATE TABLE AS (subselect) (support in SQL equivalent to DDS Field Reference)
  • SQL Source Code Debugger
  • Additional SQL Enhancements in conformance with the ISO and ANSI SQL Core Standard

Integrated File System (IFS): Enhanced data management and performance for the IFS is rolled out with a new directory implementation that provides significantly enhanced directory performance, scalability, robustness, and recoverability. That, combined with the journaling and improved caching techniques, provides the system with a faster, safer, more reliable file system.

Note that the IFS directory enhancements are available in V5R1 and will ship when ready. Watch for APAR II13161 at:

Java/XML Enhancements: New versions of the core Java runtime environment and WebSphere® Application Server are now available, as well as Java 2 Enterprise Edition (J2EE) compliance.

J2EE represents an emerging suite of standard requirements placed on Java application servers like WebSphere. The Java Virtual Machine (JVM) supports the emerging Java Debug, Performance Profiling, and Wire protocols that enable third-party tools to work with the iSeries JVM, along with iSeries-specific instrumentation for memory leak detection and enhanced debug. With this release, the suite of XML enablers can stay in step with the latest XML standards. The support for XML schemas is a key XML enabler extensions provided in this release.

JavaMail for iSeries: In V5R2, the iSeries supports the industry-standard JavaMail program interface used by applications to access or send e-mail using POP, IMAP, or SMTP protocols.

IBM Toolbox for Java: A new version of the IBM Toolbox for Java is available with V5R2.

Enhancements include:

  • A set of classes for accessing data from a wireless device
  • An updated JDBC driver that supports JDBC 3.0
  • The ability to use a Kerberos ticket when authenticating to the server
  • A system debugger to graphically debug C, C++, Java, and RPG programs on the iSeries

Globalization: The primary globalization focus in V5R2 is Unicode enablement. Unicode is a fundamental internationalization infrastructure for the programmer that provides multilingual support in a simpler environment for our globalized marketplace.

Following are Unicode-related enhancements:

  • Currency upgrade for a standardized set of open source Unicode APIs (International Components for Unicode or ICU)
  • Additional IFS Unicode path name and data support as part of the IFS directory rewrite
  • Additional OS/400® mapping and conversion support for Unicode
  • API for Unicode Transformation Formats, UTF-8, UTF 16, and UTF-32
  • API for Unicode endian conversion
  • Database Unicode (UTF-8) CLI (Call Level Interface) support

Additionally:

  • A locale currency upgrade for localization support
  • Update to allow for changing default language-related settings for NLVs where a change in euro code pages is required

Workload Consolidation

OS/400 PASE: V5R2 OS/400 PASE includes Linux library support based on AIX® 5L. Many Linux-developed applications can be ported to the POWER PC architecture through a recompile. Most Linux applications that can be ported to AIX 5L can be easily ported to OS/400 PASE providing a more integrated and scalable solution.

V5R2 includes support to build OS/400 PASE programs without compiling on a separate AIX system. OS/400 PASE (OS/400 option 33) now includes a number of application development utilities such as make, ld (linker), and as (assembler). Header files for OS/400 PASE C and C++ programs are now included in System Openness Includes (OS/400 option 13). OS/400 application developers can compile C and C++ applications using compilers provided separately by IBM. Also, the iSeries System Debugger supports debugging for OS/400 PASE applications. OS/400 PASE can also run many open source tools compiled for AIX PowerPC® (including the gcc compiler).

The OS/400 PASE application environment includes PTY/TTY device driver support, which makes it easier to port applications that require terminal support.

V5R2 supports OS/400 PASE programs to launch the iSeries integrated JVM, as well as support for the integrated JVM to run native methods implemented as procedures in an OS/400 PASE executable. This support makes it easier to port AIX applications that use a combination of Java and C/C++ code to OS/400 PASE.

e-business Infrastructure

Security Enhancements

Kerberos

In V5R1, we enabled applications on OS/400 to act as a Kerberos client by processing a Kerberos ticket granted by a Kerberos server somewhere in the network. In V5R2, iSeries continues to improve its interoperability with Kerberos environments. Server applications within OS/400 are enhanced to allow OS/400 itself to act as a Kerberos client greatly improving interoperability with Microsoft™ and other Kerberos-based authentication systems.

Digital Signatures

Digital signatures on OS/400 objects help enhance the integrity of software and data. Business Partners, customers, and IBM can sign information to provide improved integrity in their products. Digital signatures help to identify data tampering, virus introduction, or any other modification to an object. The signature also helps to identify the originator of the data or software. The infrastructure and APIs for signing some objects, including programs, were provided in V5R1, and OS/400 itself was signed. In V5R2, in addition to support for command objects, support was added to allow non-objects to be signed. This non-object support can be used to write applications that sign items like digital receipts and B2B transactions.

Java Security

Java Generic Security Services (JGSS) is a Java standard (JSR 000072). In V5R2, the APIs are added to the iSeries Developer Kit for Java. The JGSS APIs enable Java applications to access either Java-based or native OS/400 Kerberos (client) security services. JGSS compliments the existing OS/400 GSS support by providing support for Java applications. Integration of JGSS with the existing OS/400 native GSS APIs means better performance, serviceability, and administration.

Firewall-Friendly VPN

Network Address Translation, or NAT, is a technology used in many networks and firewalls. Until now, NAT did not allow end-to-end security using the IPSec protocol. UDP encapsulated IPSec is a new standards-based protocol that solves this problem. With UDP encapsulation, end-to-end IPSec security is possible to systems anywhere in your network further reducing the risk associated with doing business on the Internet.

IP Networking Security Enhancements

In addition to Firewall-friendly VPN, several other key enhancements support IP network security. These include:

  • Configuring IP packet rules can be a very difficult task, requiring detailed knowledge of how TCP/IP and associated protocols work. In V5R2, wizards added to the packet filtering support in iSeries Navigator allow the most common filtering configurations to be easily configured by even novice-level network administrators.
  • Configuring the required IP filtering rules in support of VPN is eliminated in the majority of cases. This includes the "implicit IKE rules" that allows IKE (UDP 500) traffic without explicitly coding the required filter rules and no need to explicitly code IPSec policy filters.

Transport Layer Security (TLS)/Secure Sockets Layer (SSL) support for server authentication is added to the native FTP client allowing secure sessions with compatible servers (including the native FTP server with TLS/SSL support added in V5R1). This support allows you to specify whether FTP session data, including the login ID and password used for authentication, is encrypted.

Networking Enhancements

IPv6 Application Developer's Platform

IPv6, the next generation (version) of TCP/IP, is an important re-architectured base infrastructure for the Internet. IPv6 in V5R2 allows a customer to build, test, and debug applications for the next generation Internet based on IPv6 using ILE and OS/400 PASE programs. Support includes key Sockets APIs and iSeries Navigator enhancements. The IPv6 Application Developer's Platform allows application and middleware providers to be ready for rapidly approaching TCP/IP changes associated with IPv6.

HTTP Performance

The HTTP data collection category contains HTTP performance data for Collection Services. The HTTP performance data can then be queried to analyze HTTP server activity and better understand what types of HTTP transactions are being processed by the iSeries (for example, static files, CGI, or Java Servlets). Enhanced Performance Tools for iSeries generate reports based on the HTTP performance data (transactions processed by HTTP server jobs).

For more information, visit:

Network Quality of Service Enhancements: Several key enhancements round out the Network Quality of Service (QoS) support first introduced in V5R1. These include:

  • Configure the network, not the systems in the network. Now iSeries QoS is directory enabled. This enablement allows policy stored in LDAP to be shared across many systems in the network. Now rather than simply configuring a single system in Operations Navigator, the Network QoS policy can be exported and stored in an LDAP directory.
  • A new and improved user interface simplifies the system administration tasks associated with building and deploying Network QoS policies.
  • Inbound connection controls. Limiting the rate of inbound connections to a server can be used not only to provide Network QoS, but can also be used to help prevent denial of service type of network attacks. Denial of service attacks can be one of the simplest forms of attack, yet some of the most difficult to prevent.
  • URL-based policies in support of inbound connection controls. The administrator can build policies based on URLs rather than IP addresses, ports, and protocols. This has tremendous advantages in the world of e-business. For example, the administrator may choose to give priority to the URL used in support of online B2B commerce transactions.
  • New, simplified APIs allow applications to leverage the RSVP protocol for end-to-end Network QoS. Additionally, you can define "No Signaling" QoS policies that only require application changes on the server side. This allows RSVP to be completely transparent to the client.

Proxy ARP Routing for Virtual IP Interfaces: In support of fault tolerance and high availability, the iSeries allows you to define a Virtual IP address on the same network as defined on other physical interfaces. In this configuration, the iSeries responds to ARP (Address Resolution Protocol) requests for virtual interfaces, eliminating the need to define static routes or run a dynamic routing protocol such as RIP (Routing Information Protocol).

Remote Access Enhancements

Point-to-Point Protocol Over Ethernet (PPPoE)

  • Digital Subscriber Line (DSL) is becoming a very popular technology for providing broadband Internet access. Unlike other comparable broadband technologies, DSL uses existing copper telephone lines. With support for PPPoE in V5R2, the iSeries can exploit DSL for Internet access.
  • Dialup networking is a low-cost WAN solution used by many iSeries customers. Unfortunately, managing modems for incoming and outgoing calls can be frustrating. To reduce this burden and allow for fewer modems, dialup line resources can be shared for outgoing and incoming calls.

Internet Printing Protocol (IPP): The iSeries support for the IPP is enhanced to comply with the V1.1 specification, and includes a new IPP print driver as an alternative method of sending iSeries print output to network-attached printers for those that support this protocol.

Directory Services: Directory Services are enhanced to better protect the security and integrity of data stored in the Lightweight Directory Access Protocol (LDAP) server. This is done by disabling database capabilities for non-operating system programs attempting to access the underlying database files. Directory Services provides a projection of user profiles into the LDAP directory. This enhancement allows you to create, retrieve, change, and delete OS/400 user profiles through standard LDAP interfaces. All function is moved into the base operating system with option 32 now removed; it is no longer required. The V5R2 LDAP server and client APIs are current with SecureWay® Directory V3.2.2.

eLiza/System Management/Client Enhancements

iSeries Navigator: Enhancements include:

  • New work management functions such as:
    • System status
    • Seeing threads for a job and taking actions on threads
    • More job lists for jobs using IFS objects
    • Tape devices
    • Disk pools
    • TCP/IP connection jobs
    • Lock holders for objects, members, and rows
    • Locked object lists include:
      • Lock space objects
      • System objects
      • More
    • View the last SQL statement that ran
    • Improvement to viewing job logs (sort, print, and find)
  • Output queue support to see output queues, their contents, and take actions on output queues.
  • Fix support for group fixes. The compare and update fixes wizard is more robust with:
    • Improved supersede recognition
    • Continue when fixes are not available
    • Perform an update without doing a compare
  • Stand-alone tape device and tape library support includes actions to vary on/off devices and format, duplicate, display, and print tapes and cartridges; see the cartridges and tape resources in a tape library; and also insert and eject cartridges.
  • Disk management support to see parity sets and take actions on the parity sets such as start or stop parity, resynchronize parity, and change parity optimization. And, additional disk pool (ASPs — auxiliary storage pools) support to create independent disk pools and disk pool groups that support libraries and databases.
  • Integrated File System support for active reference counts and libraries in independent disk pools.
  • Network support for IP Version 6 (IPv6); new wizards to create IPv6 and IPv4 configuration, interfaces, and routes; new communication lines folder; and the ability for you to create user-defined servers that will appear in the server jobs list and the job monitor's server list; more QoS support such as inbound connection rate control; and more packet rules and VPN support.
  • Windows® Administration support to run a Windows command on your Integrated IBM eServer xSeries, support to install the latest version and service pack, and to create a new open source disk file system for guest operating system logical partitions such as Linux.
  • Other new items such as verifying the central system connection, more streamlined menus, rudimentary system time synchronization, auto-refresh support on all folders, and more.

Self-Managing Database Enhancements: DB2 UDB for iSeries inherently provides many self-managing concepts. Automatic spreading of data and load balancing, self-configuring (no special installation or setup required) databases, system managed access paths and system managed journaling, and an integrated query (SQL) optimizer are all current aspects of self-managing capabilities of DB2 UDB for iSeries.

With V5R2, additional capabilities allow for automatic database statistics collection (without requiring logical files). These statistics, collected in the background automatically, are then used by they query optimizer component of DB2 UDB for iSeries for building the most efficient plan to respond to application requests for data.

A new Index Advisor is added to iSeries Navigator's Visual Explain function that provides key advice related to improving performance using information gathered during application execution.

The Database Navigator function of iSeries Navigator is enhanced to display more complex data models and inclusion of triggers.

Additional enhancements to iSeries Navigator include support for management of relational databases defined through Distributed Relational Database Architecture™ (DRDA®), SQL Packages, commitment control, and SQL Explain. A new wizard called SQL Assist helps build SQL Statements for running SQL scripts.

Simplification/Serviceability

EZ-Setup

Initial setup is enhanced:

  • An interview process to helps determine how the iSeries will be used.
  • EZ-Setup uses the interview responses to develop a custom path through initial planning and configuration to meet those needs.
  • iSeries Operations Console usability improvements to make it easier to bring up your iSeries for the first time with more detailed and easier to understand help, additional graphics, and panels.
  • New EZ-Setup wizards provide electronic system registration and download of the current recommended service PTFs over the high-speed secure connection.
  • EZ-Setup supports the LAN connection for operations console.

Information delivery is enhanced to:

  • Provide new content and to improve search within the Information Center, including a search capability on the CD-ROM version of the Information Center.
  • Allow users to update the contents of an Information Center installed on their iSeries server or local PC with documentation downloads from the Internet.

Performance Tools

  • The Performance Explorer (PEX) is a key system tool for analyzing application performance and identifying performance bottlenecks. In V5R2, additional functions are instrumented with user-defined events including key server jobs used by e-business applications. This improves the ability to optimize and tune the server jobs and the applications that use them. Improvements to the ENDPEX command significantly decrease the amount of time it takes to end a PEX collection. Other improvements decrease the overhead of PEX and enable it to run longer and to make it easier to find performance bottlenecks in the software being analyzed.
  • The Performance Tools for iSeries product improvements enable summary reports and graphs to be created and viewed using iSeries Navigator. The same graphical interface can now be used to collect performance data, monitor performance metrics, and produce performance summary reports and graphs.
  • Performance instrumentation of system functions is improved. This instrumentation is needed to supply a wide variety of performance tools with information to help customers solve their performance problems, predict when they will need system upgrades, and monitor the current performance of their systems. Also, enhancements to Performance Collection Services make it easier for applications to plug-in programs that enable application performance statistics to be collected and stored in the system performance database.
  • Collection of performance information on a continual basis, and with much clearer and efficient reduction and analysis is now allowed. This means it will be easier and faster to identify which function in the system is contributing to a performance bottleneck so that appropriate steps can be taken more expediently to fix the problem. This function is the first step in a multistage plan to better instrument and enable the system for continual measurement and analysis.
  • LDAP-based directories provide integration for e-business. We are expanding exploitation of LDAP beyond Apache, WebSphere Application Server, and WebSphere Commerce to include Enterprise Identity Mapping and other solutions.

Technical Support Advantage Enhancements for iSeries: IBM eServer Technical Support Advantage is IBM's comprehensive initiative for IBM eServer platforms, including iSeries and AS/400®, which provides a superior portfolio of resources to help people learn about, choose, implement, and use IBM eServer solutions for your IT infrastructure. iSeries provides you Extreme Support — right in the product where you need it the most and on the Web.

Enhancements for iSeries and AS/400e™ include new tools and enhancements to existing functions.

General Web Enhancements

  • Help for finding iSeries technical support information on the Web and for using iSeries technical support Web tools is available on the Web via the Web site assistant.
  • The IBM eServer Campus on the Web provides a portal to all your IBM eServer education needs, including a new search for select Redbooks™.

New Configuration Tool to Manage Software Keys

Installing or upgrading software is now easier, especially if you manage several systems or it's been a while since you initially received the software keys that allow you to upgrade. You can now view, download and install, or print a copy of your software keys directly from the Web. You can also easily e-mail a copy of your software keys to your IBM representative or Business Partner. This Web solution allows you to directly manage your software keys via the Internet for each of your iSeries and AS/400 servers.

Software keys are required when you install a software release or processor group upgrade. All you need is a valid iSeries Software Subscription contract, an IBM registration user ID, and a TCP/IP connection from your PC to your server. Managing software keys via the Internet gives you direct 24 x 7 access to the keys, compared to the alternative method of relying on phone calls to obtain or install your keys.

To find out more, visit:

Customer Financing

IBM Global Financing offers attractive financing to credit-qualified commercial and government customers and Business Partners in more than 40 countries. IBM Global Financing is provided by the IBM Credit Corporation in the United States. Offerings, rates, terms, and availability may vary by country. Contact your local IBM Global Financing organization. Country organizations are listed on the Web at:

Terms and Conditions

Terms and conditions are unchanged by this announcement. Refer to Software Announcements 201-112 and 201-114 , dated April 23, 2001.

Program Services: Available until September 30, 2004

Ordering Information

Refer to Software Announcement 202-131 , dated June 4, 2002, for ordering information.

OS/400 V5 is IBM's strategic operating system for customers seeking integrated business solutions.

It is a robust, scalable, and easy to use platform that supports the largest range of applications in the industry, from the newest Java and J2EE applications, ported UNIX® applications, Linux Windows applications as well as the Integrated xSeries Adapter and traditional, enterprise-class transaction processing. To provide these capabilities, IBM has integrated many of the tools, middleware, and development technologies that would have to be purchased separately on competitive systems. For example, DB2 UDB for iSeries is integrated within OS/400, providing a leading-edge, self-optimizing database for customers and application providers of all sizes.

IBM's powered by Apache Web server is combined with iSeries renowned security and is the base for e-business applications of all types.

iSeries Navigator, the system's intuitive GUI operations manager, provides easy-to-use management capabilities for all of the iSeries functions including wizards that assist configuration for everything from TCP/IP to WebSphere to Linux.

IBM's ongoing investment in OS/400 is reflected in V5R2, where mainframe-class technologies in the area of clustering, partitioning, and security are combined with a wide range of performance, usability, and application development improvements to provide a enterprise platform to quickly and securely deploy solutions of almost any size or type.

One of OS/400's true strengths is as a workload manager, making it the ideal server consolidation platform.

V5R2 includes capabilities for workload, data, and system-level partitioning giving you a broad selection of deployment and management choices for deploying new workloads on the system.

Along with iSeries features such as Capacity Upgrade on Demand and the new WebSphere pricing terms where you pay license fees for only the amount of processors you use, V5R2 is clearly positioned as the operating system to power e-businesses — today and tomorrow.

Order Now

 Use Priority/Reference Code: AE001
 
 Phone:     800-IBM-CALL
 Fax:       800-2IBM-FAX
 Internet:  ibm_direct@vnet.ibm.com
 Mail:      IBM Atlanta Sales Center
            Dept. AE001
            P.O. Box 2690
            Atlanta, GA  30301-2690

You can also contact your local IBM Business Partner or IBM representative. To identify them, call 800-IBM-4YOU.

Note: Shipments will begin after the planned availability date.

Trademarks

 
iSeries and xSeries are trademarks of International Business Machines Corporation.
 
The e-business logo, Distributed Relational Database Architecture, AS/400e, and Redbooks are trademarks of International Business Machines Corporation in the United States or other countries or both.
 
DB2 Universal Database DB2, WebSphere, OS/400, AIX, PowerPC, SecureWay, DRDA, and AS/400 are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Microsoft is a trademark of Microsoft Corporation.
 
Windows is a registered trademark of Microsoft Corporation.
 
Java is a trademark of Sun Microsystems, Inc.
 
UNIX is a registered trademark is a registered trademark of the Open Company in the United States and other countries.
 
Other company, product, and service names may be trademarks or service marks of others.