IBM's latest Z mainframes offer a bulwark against data breaches

— 12:00 PM on July 18, 2017

Protecting data in an information economy is a tough task. Bigger data breaches have been occurring more often in recent memory, affecting retailers like Target and decidedly more seedy victims. In response to this growing problem, IBM has tooled up the Z (or Z14), its latest line of mainframe computers, to take a shot at stemming the tide. The new mainframe systems' claim to fame is their end-to-end encryption chops, a capability that IBM says will help to protect sensitive information from cybercriminals, state actors, and rogue employees both at rest and in flight.

IBM claims its new generation of big iron is specifically built to reduce corporate and government costs related to hacks and security breaches, and it's also poised to help businesses stay in compliance with new laws like the EU's General Data Protection Regulation. The company predicts that global cybercrime costs could top a heart-stopping $8 trillion by 2022, and the need for stronger encryption certainly seems pressing. According to IBM, only 4% of the nine billion data records stolen since 2013 were encrypted.

The company attributes the lagging use of encryption on corporate data stores to technological complexity in managing encrypted systems and to the reduced performance of x86 systems when extensive encryption is enabled. To ensure high performance when handling encrypted data, the company says that it has quadrupled the amount of silicon dedicated to cryptographic algorithms in the Z14 platform. The result is a claimed 18x performance increase in these scenarios compared to x86 servers. IBM further claims administrators will be able to encrypt data associated with entire databases, applications, or cloud services with a single click, as opposed to the piecemeal approach to encryption that's apparently common in today's organizations.

The company further says its new machines can protect millions of encryption keys with "tampering respoding" hardware that can invalidate the keys and restore them safely later. IBM has also created new encrypted APIs that will make it easy for developers to discover and use IBM Z applications from cloud services, as well, and that access to these APIs will be three times faster than with x86 systems serving similar requests.

As for the hardware, the Z mainframes are built up from 5.2 GHz ten-core processors built on a 14-nm silicon-on-insulator (SOI) process node. IBM says the z14 CPU boasts new single-instruction-multiple-data (SIMD) instructions for analytics and traditional floating-point workloads. The processor also has hardware-accelerated encryption capabilities and a specialized compression co-processor. Each Z server can pack as much as 32 TB of system memory, a three-fold increase over the older z13 models. IBM says the Z mainframes have triple the I/O performance of its last-generation systems, as well.

IBM says all this silicon, memory, and storage lets the Z mainframe process up to 12 billion encrypted transactions per day, offer up to 2.5x faster NodeJS performance, and 50% better Java performance than comparable x86 platforms. Administrators might also be able to host two million Docker containers and over 1000 concurrent NoSQL databases on a fully armed and operational Z14. The company didn't provide any pricing information for the new Z mainframes, but TheStreet says prices will start at a cool $500,000.

Tip: You can use the A/Z keys to walk threads.
View options