2020年2月24日月曜日

Mainframe (general-purpose machine) IBM Z features on a 19-inch rack. IBM z15 Everywhere Encryption & D DevOps Practice for IBM Mainframe Applications.(19インチラック上のメインフレーム(汎用機)IBM Zの特徴。IBM z15 あらゆる場所での暗号化 & IBMメインフレーム・アプリケーションのDevOps実践)

LINUX runs on an IBM Z mainframe (general purpose machine) on a 19-inch rack mount. (Red Hat Enterprise, SUSE® Linux Enterprise Server, Ubuntu, etc. run.)
(19インチラックマウント上のIBM Zメインフレーム(汎用機)の上でLINUXが動作します。(Red Hat Enterprise、SUSE® Linux Enterprise Server、Ubuntuなどが動作致します。))
https://www.ibm.com/it-infrastructure/z/os/linux


IBM z15 encryption everywhere
IBM z15 あらゆる場所での暗号化
https://www.youtube.com/watch?v=1A3XixTjC9w
https://www.facebook.com/masahiro.ishizuka.54/videos/3017120514986467/
DevOps practices for IBM mainframe applicationsIBMメインフレーム・アプリケーションのDevOps実践
https://www.youtube.com/watch?v=vIT1tze1Xlw
https://www.facebook.com/masahiro.ishizuka.54/videos/2976992688999250/

What is a DevOps problem?
What is "DevOps" that bridges the gap between development and infrastructure operations teams?

Do you know the term DevOps?
DevOps is a coined term for "Development" and "Infrastructure Operations Team (Operations)".
Agile development is different from agile development that is often confused, but agile development refers to development methods, and DevOps is called organizational theory.
Agile development is one of the methods to realize DevOps, but there is no specific definition, and the concept is that "the development team and the infrastructure operation team work together, Developing and operating ".
In this DevOps, while the purpose of the development team is "add new features" ,
The purpose of the infrastructure operations team is "stable operation" , which often causes friction.
Eliminate common DevOps issues and problematic friction here
Introducing F5 BIG-IP Cloud Edition .
devops_comic01.jpg

Why development teams rush to market


Why is the development team so rushing to do so?
In recent years, the existence of applications has become indispensable to deploy new services.
In addition, the environment in which applications can be developed and the number of methods have been improved, and it is very important to deploy services to the market and make improvements in response to feedback from user needs.
For this reason, being a pioneer will have a significant impact on your business.

IT company trends before application launch

Development team demands shorter time to market
 Invest in current IT applications
40% are DevOps models
● More than 70% of settings and deployment procedures are automated
Source: F5 SOAD report
So if DevOps is n’t working,
Delays in adoption may result in missed business opportunities.
further


Increasing cyber attacks and application security vulnerabilities


In order to prioritize the release of applications to the market, security measures may be neglected.
Cyber ​​attacks targeting applications continue to diversify and evolve, and the damage is endless.

Application growth and security issues against cyber attacks

application
 The number of applications will increase at 19% CAGR by 2021
 Enterprises deploy more than 200 applications on average, and smartphone users use more than 80 applications on their devices
Security
 36% said less than 25% of applications are protected by WAF
● Attacks on Web applications are the number one cause of data leakage (29%)
● More than 3 billion credential information stolen in 2016
Source: F5 SOAD report

The top cause of data leakage is "web application attack"


Increasing numbers of applications and web application attacks exploiting security vulnerabilities are increasing the number of victims.
Ideally, the development team and the infrastructure operations team should work together to quickly and reliably increase the value of the business and deliver it to the end user, but due to differences in opinions, sufficient measures and time would not be given Is said to be a factor ...
devops_comic02.jpg

DevOps Issues: Development and Operations Discrepancies


Why are there frictions between development, infrastructure operations and security teams?
Because the reality and the ideal are different and conflict.
Development team
ideal
 Introduction of application = business
 I want to increase business speed
 I want to realize user needs immediately
reality
● It takes time to release the service due to the arrangement of infrastructure equipment and security measures
Infrastructure operations team
ideal
 We want to provide infrastructure that realizes stable services
reality
 Compatibility with infrastructure is required for each application
 Stable and safe implementation method does not keep pace with app release
Security team
ideal
 I want to implement security functions with uniformity
reality
● It is difficult to manage security centrally
● It is difficult to apply security according to the application
Conflicts between realities and ideals
While the development team aims to "add features" , the infrastructure operations team aims to "keep the system stable," making it difficult to achieve both ideals.
In addition, the security team demands security measures for the application, so the demands of the three teams will inevitably conflict.
↓
Infrastructure operations team wants to provide infrastructure that realizes stable services
Development team's "Fulfill requests faster and reduce time to market"
"Implementation of security functions with uniformity" by the security operation team
What would be the tools to fulfill the various ideals and enable DevOps?
↓
BIG-IP Cloud Edition
devops_comic03.jpg

Four advantages of F5 BIG-IP Cloud Edition


[1] Self-deployable by the development team using templates

Use template
Development team
 Quick implementation is possible without relying on the operation team
● No ticket creation required
Infrastructure operations team
 Reduction of application implementation work other than major specification changes
 Concentrate only on operation work
Security team
● With unified security function
Security is ensured

[2] ADC for each single application

ADC per single application
Development team
 Visualization of detailed application information, traffic and performance at a glance
Infrastructure operations team
 Stable operation is possible
 Changes in ADC settings do not affect all applications
 Reduction of risk due to troubles such as malfunctions

[3] Auto scale as needed

Auto scale
Infrastructure operations team
 Stable operation even in the case of sudden traffic increase

[4] Cost-effective application services

Cost-effective application services
Security team
● A WAF can be assigned to each application, providing the best protection for each application.
devops_comic04.jpg
devops_comic05.jpg

Template used by the development team when deploying self-apps

Template to use when deploying the self app
Work intuitively via GUI or API.
The development team self-deploys the implementation work previously performed by the infrastructure operations team.

Visualized application display screen


Template to use when deploying the self app
Dramatically improved ease of management and operation by assigning ADCs to each application.
Depending on the characteristics of the application
It is possible to use ADC and security policy properly!
↓

Infrastructure construction according to application characteristics


In building an IT infrastructure, it is very important to understand the concept of "bimodal".
This means "maintaining" mission-critical systems and delivering innovative applications for digital transformation.
Gartner calls these two “mode 1 / mode 2”, which are also called defensive IT and offensive IT, respectively.
Bimodal
These need to cooperate and balance with each other, so it is not just one of them.
However, corporate IT expectations must also take into account that the shift from mode 1 to mode 2 is progressing.

Mode 1 (Defense IT) : Conventional BIG-IP


Ideal for systems in areas where little change and certainty and stability are important
Mode 1: Conventional BIG-IP

Mode 1 (defensive IT) systems often aim to reduce costs by improving efficiency, and focus on core businesses such as human resources, accounting, and production management.
 High quality and stable operation
 Steady and accurate
 High cost / price
 generous support
 Safety and security
If you do not need to make frequent changes, this is the best way to manage multiple applications with a single ADC.

Mode 2 (Aggressive IT) : BIG-IP Cloud Edition


Ideal for systems that value development / improvement speed and ease of use
Mode 2: BIG-IP Cloud Edition

Mode 2 (aggressive IT) often aims to enhance competitiveness and increase profits through differentiation, and focuses on digital business integrated with IT and services that require communication with customers.
 Fast and agile
 Low cost / price
 Convenient and quick support
 High satisfaction
This configuration allows the ADC to be assigned to each single application, so that it can be immediately reflected and the operation status can be grasped.
↓
Mode 2 (aggressive IT) is essential if your business requires constant implementation, secure infrastructure, and security protection
↓

Aggressive IT dramatically reduces flows that previously took time


Dramatically reduced flow

Service overview Accelerate life cycle / Cloud / on-prem seamless use
Completely shortens about one month or more that used to be the conventional flow!
By being able to concentrate on each other's work, you can achieve a win-win state.
devops_sec6_img06.png
devops_comic06.jpg









Recommended articles


WAF that can be understood by manga

Is your company's web security really ok?

F5's WAF is a leader in Gartner's 2017 Magic Quadland web application firewall.

Security measures with SSL visualization

Security Measures with SSL Visualization-Pitfalls of Always Using SSL

This section introduces the knowledge, precautions, and measures that must be taken by the infrastructure administrator when making the Web site SSL-compliant at all times.


0 コメント:

コメントを投稿