fbpx
Contact us for Pricing or Questions:      (888) 682-5335          *We Ship Worldwide
Search Products

Henry Rodriguez, August 20, 1965 – January 31, 2021

Henry Rodriguez, August 20, 1965 – January 31, 2021
We said good bye today to a very dear friend and family member Henry Rodriguez.  It was a beautiful ceremony for a truly beautiful person.  Henry was loved by everyone that knew him, which showed by the huge turnout.  People flew in and drove to Florida from all over the country.  Those that had the opportunity to stand up to speak about him, knew exactly what to say.  Even if I were asked to speak, I do not know how I would have gotten through it.  The entire place had to be tears after hearing his sweet little daughter Oliva speak about her father, all the advice he gave her and how much she was going to miss him.  Ugh! If you were unable to attend, you can view the entire Annunciation Church ceremony on YouTube.  There is also a GoFundMe page setup for his family where you can also post a message. Henry was an amazing friend, father and husband, and we will all miss him dearly.  Everyone looked up to Henry… he set a great example for all of us, at work and as a human being.  I have worked for Henry for over 20 years, and I do not recall him ever losing his temper or getting mad at anyone.  You may have heard an “oh jeez” or “oh man”, but that was the extent of his outbursts.  You cannot teach or learn that type of behavior.  He was just a genuinely great guy.  In many ways, he was my shoulder angel.  Henry always did the right thing, which was probably why everyone loved him so much and why he was so successful in business.  People trusted Henry.  I believe most people would say he was the best in the industry at what he did.  Which is true, as he knew AS400s better than anyone, but at the end of the day, I think people just loved doing business with Henry because he was a great person. He was also very thoughtful and giving person, and always made time for everyone, no matter how busy he was.  Every holiday,...
Continue reading

Comparing the new Power9 9009-41G vs the 9009-41A

Comparing the new Power9 9009-41G vs the 9009-41A
What's the difference between the new IBM S914 9009-41G and 9009-41A Power9 models? The only difference is the newer 9009-41G S914 model was built entirely with fourth generation PCIe technology, capable of delivering much better I/O performance, bandwidth and faster data transfers. The number of Gen4 PCIe slots vary based on the Power9 configuration, but the 9009-41G supports up to fourteen PCIe4 devices, eleven 6.4 TB Non-Volatile Memory express (NVMe) Solid State Drives for a total of 70.4 TB of usable NVMe SSD storage for an IBM i, AIX, Linux server or VIOS partition.     Performance gains of a IBM S914 9009-41G compared to a 9009-41A The 9009-41G performance gains to be had over its 9009-41A predecessor are in the backplane, storage and controller options selected. Compared to a SAS or SATA SSD, NVMe solid state drives provide significantly better read and write performance (latency), IOPS and bandwidth compared to SATA and traditional SAS SSDs. IBM NVMe SSDs (a.k.a. NVMe Flash Adapters) are directly connected to the Gen4 PCIe bus, and are assigned to a specific LPAR as a device. Whereas traditional SATA and SAS SSDs must rely on a controller and is shared with all the storage it manages.From a performance comparison perspective, NVMe SSDs can utilize most of the available bandwidth supported by the Power9 Gen4 PCIe slot which maxes out at 8 Gb per NVMe SSD, compared to only 6-12 Gb per storage controller (which must also be shared between all of the managed drives), and Gen3 PCIe has a 4 Gb/s maximum. Therefore, a Power9 SATA SSD could potentially achieve 200,000 IOPS on its best second, where as an NVMe SSD in an PCIe Gen4 slot can achieve over 1,000,000 IOPS. It is also important to note, the Power9 must also have the required V7R4 to use NVMe SSDs and other necessary PTFs and Firmware updates to achieve these performance gains.    Storage configuration options for the 9009-41G 41G Storage Options12 SAS HDD/SSD + RDX or 18 SAS HDD/SSD or 6 SAS HDD/SDD + 2 NVMe U.2 + RDX or 4 NVMe U.241A Storage Options12 or 18 SAS HDD/SSD or 4...
Continue reading

IBM i 7.4 TR2 Announcement Details 5770-SS1 V7R4

IBM i 7.4 TR2 Announcement Details 5770-SS1 V7R4
IBM i 7.4 TR2 Details: V7R4 Technology Release 2 Announcement for 5770-SS1 IBM i V7R4 TR2 Technology Release 2 for IBM POWER9 and POWER8 Systems with OS400 was announced on May 15, 2020, adding many new enhancements for security, encryption, virtualization, high availability, backup and recovery, web services, DB2 database, administration, architecture, APIs, development and many other major improvements that affect operating system components, software licenses and hardware features. IBM i 7.4 TR2 is supported on select Power Systems servers with POWER9 or POWER8 processors and OS400 operating systems. IBM i customers using Blades, PureFlex systems and older Power generation processors must first upgrade AS400 system hardware. IBM i Software Maintenance and Support is required for applying V7R4 Technology Refresh 2. IBM software maintenance and support allows OS and software release updates electronically, telephone support during the normal business hours, and provides Severity 1 assistance 24 hours a day, every day of the year. For additional details, go to the IBM Support Handbooks page. For a limited time, IBM i, iSeries and AS400 customers on older Power system models with expired maintenance and support can for take advantage of IBM’s Amnesty Program to get systems back on maintenance and support without a penalty or after license fee for a limited time. This offer allows companies to take advantage of free OS and software license upgrades for fixes, performance improvements, security updates, as well as access to IBM support. The IBM Software Maintenance Amnesty Program is available for select Power and Storage System models licensed and installed in the U.S. To qualify, customers must reinstated system maintenance no later than August 31, 2020. Contact Midland for details about the Amnesty program or to reinstate your system’s maintenance and support. IBM i 7.4 TR2 Details Transport Layer Security (TLS) has been enhanced to leverage POWER9 capabilities for low-level cryptography instructions. Obtain IBM i Security updates with the latest HTTP PTF Group PTF SF99662. View PTF MF66828 to improve data transfer rates for AES encryption GCM cipher suites. Elliptic curve Diffie-Hellman key exchange using Curve25519(x25519) and Curve448(x448) are now supported and enabled named elliptic curve...
Continue reading

Endpoint Security: Managed Security Service Provider (MSSP)

Endpoint-Managed-Security-MSSP
Endpoint security management might be best handled by a Managed Security Service Provider (MSSP) to monitor and manage, because over 70% of cybersecurity breaches originate from endpoint devices, and almost every company admits they lack the required resources. Our endpoint security management services provide a centralized monitoring and remediation service that proactively discovers device vulnerabilities using real-time cybersecurity AI, monitors for required services needed for protection, blocks malicious applications and ensures endpoints are up to date with required patches according to defined policies. Hackers know endpoints are the easiest way to penetrate a network, and companies’ seldomly have multiple security controls in place that would prevent unauthorized access. Network vulnerabilities caused by mobile devices and remote employees are the number one reason companies need to adopt strict endpoint security controls to prevent malicious intent. A centralized endpoint management solution can automate network access based on polices by identifying the device’s signatures, security level and configuration. The endpoint security management product or service you use needs support all the devices and OS versions you want to allow access your network and which applications and services can be used to connect to your network. All event logs should also be forwarded to a Managed SIEM service for complete visibility. Our endpoint security management services can be for customer owned Carbon Black, Palo Alto, Check Point, Sophos, CrowdStrike, McAfee or Symantec endpoint security solutions. Alternatively, our no charge endpoint assessment service can help recommend the best endpoint security management solution for your environment. Endpoint security management is perhaps one of the most critical components needed today to protect against cybersecurity threats and other malicious plots which require monitoring and prevention efforts 24X7, 365 days a year. What do endpoint security management solutions protect against?Ransomware attacks are the result of a hacker gaining access to an endpoint or multiple endpoints on the network, and then proceeds to encrypt files on these devices and makes them useless. Most ransomware attacks are successful, and will require an exorbitant amount of time to decrypt your files or you will need to resort to restoring your files from a backup. The hackers...
Continue reading

IBM Linux server hardware performance and software license costs

IBM Linux server hardware performance and software license costsThe best Linux server hardware for enterprise open-source ecosystems will be the platform that delivers the best processor, memory and disk performance per core. Judging by the number of discussions in customer support communities, technical articles and blog posts on various Linux server performance troubleshooting, there is clearly a need for a better performing Linux server for both scale up and scale out infrastructures. This article will explain the importance of selecting the best performing hardware for your Linux server farm and how it affects software license costs. IBM POWER9 Linux Server Hardware models: 9009-22G S922 1-2 Processors, 8-22 Cores, 4TB Memory 9008-22L S922 1-2 Processors, 8-12 Cores, 4TB Memory9183-22X IC922 1-2 Processors, 12-20 Cores, 2TB Memory9006-12P LC921 1-2 Processors, 16-40 Cores, 1TB Memory9006-22P LC922 1-2 Processors, 16-44 Cores, 1TB Memory9009-41G S914 1 Processor, 4-8 Cores, 1TB Memory9009-41A S914 1 Processor, 4-8 Cores, 1TB Memory9009-42G S924 1-2 Processors, 8-24 Cores, 4TB Memory9009-42A S924 1-2 Processors, 8-24 Cores, 4TB Memory9009-22A S922 1-2 Processors, 4-10 Cores, 4TB Memory Should I scale up or scale out my Linux server farm?A scale up Linux server environment enables economies and performance of scale for all levels of the IT infrastructure, by reducing the number of physical systems and underlying ecosystem components that will require administration and support. Scaling up means less human resources needed, less software licenses, less hardware, less failures, less power, less vulnerabilities and less everything else that negatively effects costs. In addition, a scale up environment can have power and resources available to share much more efficiently than a scale out infrastructure, which must distribute workloads across multiple servers, will increase software licenses, as well as infrastructure and system administration costs at every level. Almost every virtualized Linux server environment can benefit from a scale up server approach to save money and improve performance. IBM Power9 Linux server performance results have consistently shown it is the most cost effective and fastest midrange Linux platform to run database, ERP, big data analytics, Java, video, cloud, Nutanix, web, file system, DevOps. Any CPU, I/O intensive or memory demanding Linux server workload running NoSQL like MongoDB, Relational DBMS like MySQL, PostgreSQL,...
Continue reading

Is Power9 the best performing Linux server? Q&A With IBM Gold Partner, Midland Information Systems plus real world examples.

Linux-Servers
  IBM Power9 Servers may be the best Linux server to run your applications. IBM Power Linux servers have a proven history of delivering over twice the performance per core compared to industry leading x86 server brands. IBM Power Linux servers have also proven to deliver the lowest cost of ownership compared to other Linux servers running on x86 hardware. Although there is no one single answer to this question, the two statements address what most people want to know when comparing Linux server workloads, such as: application server, database server, cloud server, SAP server, analytics server, business intelligence server, web server, media server, HCI or like x86 workloads. IBM Power Linux Server Q&A The questions and answers in this article are based on real-life business scenarios, independent x86 Linux server comparison case studies, industry experts, competitor specifications, vendor testing and other fact based benchmark laboratory testing results. The questions revolve around the important business decisions companies must make about how to lower licensing costs, operating costs and/or how to improve application response times for business units. Fact: 80 percent of the Fortune 100 companies use IBM Power Systems. Q: What applications can I run on a IBM Power Linux Server? A: Any x86 Linux server application running on Ubuntu Server, SUSE Linux Enterprise Server and RedHat Enterprise Linux is supported. In addition, the community versions of Linux server like Debian, openSUSE, CentOS, Fedora and others can also run on IBM Power Linux servers. Q: Does an IBM Power9 Linux server cost more than an x86 server? A: Yes, maybe and no. When comparing the upfront hardware costs of purchasing a IBM Power Linux server solution to a comparable x86 server solution, x86 hardware may be at times less expensive and sometimes not. However, after accounting for lower licensing costs, reliability, implementation time, scalability, performance, ongoing management and security, IBM Power9 Linux servers have a much lower cost of ownership compared to alternative x86 servers. Q: Why does a IBM Power Linux server have a lower TCO compared to an x86 server? A: IBM Power systems provide better performance per core,...
Continue reading

SFTP Client Software for IBM i iSeries AS400 Bank File Transfers

SFTP Client Software for IBM i iSeries AS400 Bank File Transfers
SFTP client software or Secure FTP that uses SSH (Secure Shell) and PGP encryption for secure file transfer over the SSH2 protocol as defined by the Internet Engineering Task Force (IETF) SSH (SECSH) working group. Customers with an AS400, iSeries or IBM i can use the Secure FTP (SFTP) for to automate secure file transfer to their bank or other trading partners in just a few minutes. Banks like Bank of America, BankOne, CitiGroup, JP Morgan Chase, State Street, US Bank, Vanguard and Wells Fargo have additional file transfer requirements such as PGP encryption, ASCII armored, RSA public key exchange, sign and verify, key import and export, and other common secure file transfer processes which the IBM i SFTP software also supports. Banks also commonly require trading partners use an SFTP client software that supports their environment, such as their exchange, EDI or Value Added Network (VAN) services, including GE eXchange Services (GXS), Sterling, Inovis, Pantellos and Advantis. The IBM i SFTP client software supports these services and allows for Public Key and/or User ID and Password for authentication. A few banks will also have unique and complicated requirements for non-standard FTP ports, directory changes, file naming conventions and scripts that use special User and Password specifications. The IBM i Secure FTP (SFTP) software is very flexible and feature rich tool that supports these unique requirements, and many other complicated scenarios. Perhaps the most cost effective SFTP Client Software for IBM i, iSeries and AS400 systems on the market, includes free installation, configuration support and trials. Send us your IBM i system information, and we will send you a download link and walk you through the setup. Run the following command: CALL PGM(QLZARCAPI) Press F1 on the message at the bottom of the screen, press F10 to display the full message and send us the copy/paste. Common secure file transfer requirements for banks include Remittance Transfers, ACH Payments, Bank Statement Transfers and Image Processing. The IBM i Secure FTP software also supports FTPS (FTP over SSL 'implicit'), and provides the same file transfer, automation and data conversion features as the SFTP protocol provides, however most banks will...
Continue reading

IBM Power Solid State Drives SSD

AdobeStock_328713121
 How to increase IBM POWER System application performance running on IBM i, AIX and Linux Server with SSDs (Solid State Drives) Every IBM POWER System application performs significantly faster running on SSD (microsecond and nanosecond response times, compared to millisecond and seconds). Application performance on IBM POWER Systems experiencing slow query responses times, have intensive I/O requirements or are experiencing latency as a result of accessing data on hard disk drives, can improve performance using various database and query approaches. However, the most effective and usually quickest approach is to replace traditional HHDs with IBM Solid State Drives (SSD) using either Enterprise or Mainstream SSDs, depending on read and write requirements. Solid state drives have been available for IBM POWER Systems since IBM released the first POWER5 models, although the initial SSDs were cost prohibitive for most companies. Since their initial release, time and the refurbished market has made IBM SSDs cost effective for any company needing a quick and simple performance upgrade. In comparison to hard disk drives, SSDs run at the speed of memory capable of delivering tens of thousands more I/O operations per second for any IBM POWER System, providing queries, I/O intensive applications and aging IBM i, Linux Servers and AIX Power servers a massive performance boost. As a result, IBM POWER Systems can typically be configured to replace HDDs with a lot less SSDs and still achieve huge I/O performance boost and reduce related hardware costs of expansion units and IBM hardware maintenance. IBM Enterprise SSDs with eMLC (for write intensive database applications) and Mainstream SSDs (for read intensive with no more than 1 write per day) do not have the seek time performance bottlenecks of hard disk drives. IBM i POWER systems have a built in storage manager for the DB2 database that simplify and automate how data is used between ASPs, Libraries, DB2 database and physical storage types available utilizing preferences and calculations for maximum response times and performance costs that impact CPU and I/O. IBM SSDs provide users with almost instantaneous access to DB2 data, removing latency and I/O performance bottlenecks HDD spinning platters and arms cause. What are...
Continue reading

Managed SIEM Services: Evaluation and Pricing

managed-siemaas-msiem-socaas-mssp Managed SIEM SIEMaaS SOCaaS MSIEM MSSP
Managed SIEM Services (MSIEM, SOCaaS, MSSP, SIEMaaS) can provide companies with various levels of security services at a reasonable price including: Monitoring (threat hunting), vulnerability scanningReporting, alertingRoot cause analysisData encrichment and intelligence providing context about security incidentsRecommendations for containment and remediation stepsPerform actual remediation on behalf customerSIEM tuning and managed security services needed to augment deficiencies in expertise and staffing. Managed SIEM prices vary based on the volume of events per second (EPS) and the required level of services from the SIEM as a Service provider. To compare apples to apples, be sure to request a detailed SOW and clear SLA. Outsourcing SIEM management and other security services can significantly improve a company’s security posture, minimize risks and lower ongoing operating costs. Security companies typically have much better training and resources for security engineers and analysts than most companies can afford to pay for the level of monitoring required to maintain a secure environment.Contact us for Managed SIEM as a Service pricing for QRadar, AlienVault, Splunk or Exabeam, and view demo of how an advanced SOC implementation can minimize the risks and threats in your environment.   Is your SIEM always crying wolf? Are large number of false positives causing alert fatigue and overwhelming operators with unimportant alarms? Alert fatigue causes poor response times and prevents security engineers from responding to real security threats quickly. SIEMs with an over whelming number of alerts actually cause critical alerts to get missed. If SIEM alerts are not consistently triggering on actionable security threats, it means something is awry with the SIEM rules, event logs or both. Most SIEMs are still configured with default settings for Device Support Modules (DSMs), using regular expressions to extract and parse only a portion of the available data from the raw data, meaning they are not converting some of the most critical data from needed to identify and analyze threats. Furthermore, most SIEM DSMs will not parse the additional layers of the event logs using defaults, which is needed to create meaningful alerts minimize false positives. Most SIEMs are also missing critical log sources that provide necessary context to identify threats, which is...
Continue reading

IBM HMC Model Specifications and Comparisons

IBM-7042-CR9-IBM-7042-CR9-Hardware-Management-Console
The IBM Hardware Management Console (HMC) is a virtual hardware appliance used to manage and monitor IBM i, AIX and Linux server workloads running on Power9, Power8, Power7, Power6 and Power5 Systems. The IBM HMC uses built in terminal emulation software to connect and control Power system resources, services, virtualization features and order Capacity Upgrade on Demand. The IBM HMC can consolidate the monitoring and management of all Power systems in a company’s infrastructure that is supported by the HCM code. Every HCM model supports different Power system models based on the version of HMC code. For instance, the latest HCM models 7063-CR1, 7042-CR9, CR8, CR7, OE1 and OE2 all support Power9, Power8 and Power7 systems when running V9R1 HMC code, but not do not support IBM Power6 system models. If same the HMC has V8.8.7 code installed (which does not support Power9 system models), the HCM can also connect and manage Power6 systems. Similar to the HMC virtual hardware appliance, customers may choose to use HMC functions on a PowerVM-based environment running on a PowerLinux LPAR and using PowerVM NovaLink software. The IBM HMC hardware appliance and the PowerVM NovaLink features function the same as the HMC appliance. The PowerVM NovaLink uses a cloud architecture, that provides a direct OpenStack connection to a PowerVM server running on a PowerLinux partition. IBM provides upgrades for HMC code for each model, which can be downloaded from IBM Fix Central. The latest IBM HMC appliance model specifications and comparisons are provided in the below chart, and should be considered before upgrading your IBM Power system or purchasing a HMC. IBM HMC Model Specifications and Comparisons (in Newest to Oldest order)HMC ModelHMC CodePower GenerationProcessorMemoryDisk SpaceEthernetUSB PCI-XPCIePCI7063-CR1V9R1 M9xxPower9, 8 & 72.095 GHz32 GB4 TB547063-CR1V8.8.7Power8, 7 & 67042-OE2V9R1 M9xxPower9, 8 & 77042-OE2V8.8.7Power8, 7 & 67042-OE1V9R1 M9xxPower9, 8 & 77042-OE1V8.8.7Power8, 7 & 67042-CR9V8.8.7Power9, 8 & 72.4 GHz16 GB.5 TB or 1 TB4617042-CR9V8.8.7Power8, 7 & 67042-CR9V8.8.6Power8, 7 & 67042-CR9V8.8.5Power8, 7 & 67042-CR9V8.8.4Power8, 7 & 67042-CR8V9R1 M9xxPower9, 8 & 72 GHz8 GB500 GB46117042-CR8V8.8.7Power8, 7 & 67042-CR8V8.8.6Power8, 7 & 67042-CR8V8.8.5Power8, 7 & 67042-CR8V8.8.4Power8, 7 & 67042-CR8V8.8.3Power8, 7 & 67042-CR8V8.8.2Power8, 7 &...
Continue reading

Managed SIEM Services: MSIEM SIEMaaS, SECaaS, SOCaaS

managed-siem-secaas-socaa_20190807-211809_1 Managed SIEM SOCaaS SECaaS
Is your SIEM the magic bullet? Many companies are finding their SIEM implementations have provided little return on investment and have not strengthened their security posture to any great degree. Purchasing the best SIEM and endpoint security tools on the market will not magically identify vulnerabilities, make an infrastructure more secure. Every SIEM requires proper implementation and ongoing tuning services to keep up with the constant changing landscape of threats, vulnerabilities and a customer’s own environment. Like any security product, every SIEM requires an experienced technician to configure it correctly, and enough staff must be trained to keep up with the volume of threats and alerts. The number of false positives and lack of discernable actionable alerts (false positives) a SIEM produces, is a direct result of the implementation, alert maintenance and tuning. Security threats are escalating in sophistication, volume and severity at a rate most companies cannot keep up with. Millions of new threats are discovered each day and requires a dedicated security team to monitor and manage. An experienced Managed SIEM Service or SOC team knows to keep a log of all these security events from threat intelligence feeds, so rules can trigger accurate alerts based on current and past content. Threat intelligence feeds provide the security intelligence, data enrichment and logic needed to maintain a healthy SOC. A Managed SIEM that does not utilize fresh threat intelligence feeds for security AI, may as well not exist. Contact us for Managed SIEM pricing on QRadar AlienVault, Splunk or Exabeam, and view demo of how an advanced SOC implementation can minimize the risks and threats in your environment. Like therapy, the first step is to be honest with yourself. Is your SIEM delivering the results you were promised, and with the efficiency seen during your sales demonstration? Are SIEM operators keeping up with all the alerts? If you answered “no”, your company should consider hiring qualified security experts to go over your SIEM setup and deployed rules. It is probably wise advice not to consider using the same individuals that originally implemented your SIEM or those responsible for the ongoing maintenance and health of your SIEM....
Continue reading

IBM i Encryption for Data Protection and Privacy Compliance

ibm-i-data-protection IBM i Encryption Data Protection
It has only been a year, and the new data protection and privacy regulations have already hit a few companies with multi-million dollar fines. Every company with sensitive data on an IBM i (iSeries AS400) and has data protection and privacy requirements, should have implemented DB2 encryption already. Some of the companies seen in the news recently not only failed to secure personal data properly, could not accurately assess how much data was compromised, had a lax incident response plan and were slow to notify authorities. These factors all led to heavier fines, causing the total financial penalties to exceed 100s of millions dollars. The latest data security and privacy regulations like GDPR, PCI and NYCRR 500 extend globally, and have some pretty sharp teeth. GDPR’s data protection and privacy safeguards have garnered such high praise, most federal, state and local governments like California are modeling their new laws after it. These new data protection and privacy laws have put a lot of overdue responsibility on companies to take better care of our personal data. There are several aspects of the new data security and privacy laws that will affect how much a company will be fined, and will vary on the compliance regulation. So far, GDPR appears to be the strictest and has the costliest consequences with a maximum fine equal to 4% of a company’s revenue. The number of records exposed will be a significant factor when determining a fine, but even more importantly will be the extent and measure of data protections the company implemented to protect personal data. Put simply, companies better due their due diligence to secure personal data. The company fines that incurred the heaviest fines thus far, were incidents that involved unencrypted records. On the IBM i, DB2 database encryption is the most important data protection mechanism for data security and privacy compliance. Here is why. Regardless of how the data is accessed, used or where the data ends up, DB2 database encryption for IBM i provides data security and privacy protection from both internal and external threats. No other security access control mechanism provides this...
Continue reading

Why Nutanix HCI is the ideal VM platform for Splunk SIEM

Nutanix-Product-Shot-3 Why Nutanix HCI is the ideal VM platform for Splunk SIEM
Most SIEM environments rely on a plethora of different servers, storage arrays, hypervisors and network interconnects to support their rapidly growing SOC environments. Likewise, most SIEMs also all have the same issues and concerns about performance, costs and time required to provision and manage storage growth. The primary problem is, the entire infrastructure the SIEM relies on is not integrated or even truly virtualized under a single unified architecture. As a result, administrators are stuck in a never ending battle of upgrading and adding more traditional technology for the same problems, and security analysts are constantly waiting for searches to complete until more resources are made available. The definition of “crazy” comes to mind. The solution? A hyperconverged infrastructure! You should consider and investigate all players in the HCI market place, but this article will be focusing on the proven leader, Nutanix. The Nutanix HCI for Enterprise Cloud can provide SIEM security analysts many times faster search results and administrators with a more scalable and economical infrastructure to grow a SIEM with minimal capex expenses. All SIEM deployments have three key bottlenecks to constantly monitor that affect event log ingestion, searching and retention. This article will explain the advantages of using Nutanix HCI Enterprise Cloud for Splunk, and addresses the common performance and cost issues that affect all SIEMs. Nutanix virtualizes all aspects of the hardware, delivering the most efficient use of all system resources that other VM solutions cannot provide for Splunk SIEM environments. The Nutanix HCI solution has a distributed architecture that shares all infrastructure resources and prevents any workload from depleting another node’s resources. It does not need or rely on expensive SAN, NAS storage, RAID groups or network switches. Nutanix Distributed Storage Fabric enables SIEM indexers and collectors to process data locally, monitors data access paths and places data in the optimal location and automatically moves hot, warm, cold and frozen data to the appropriate internal and external storage resources. The most frequently used data is access from the local node of VM memory and flash, providing maximum performance. Unlike other storage systems that will experience significant I/O bottlenecks,...
Continue reading

IBM i 7.4 Hardware Enhancements for POWER9 and POWER8 Systems

IBM i 7.4 Hardware Enhancements for POWER9 and POWER8 Systems
Details of each POWER9 and POWER8 hardware enhancement provided by the release of IBM 7.4 (V7R4) are below the initial summary, organized by IBM Power generation and topic. The new IBM POWER9 and POWER8 hardware features provided for OS400 V7R4 are now all available for ordering as of June 21, 2019. Read about IBM i 7.4 (V7R4) announcement details here. IBM V7R4 announcement provides the following I/O enhancements for Power9 scale-out and scale-up system models: 1.6 TB, 3.2 TB, and 6.4 TB PCIe3 Enterprise SSD NVMe adapters for Power9 E980, E950, L922, S922, S914, S924, H922, and H924 servers1.6 TB and 3.2 TB Mainstream SSD NVMe U.2 modules for Power9 E980 serverPCIe3 6-Slot Fan-out Module, PCIe x16 to CXP Optical or CU converter Adapter, and Active Optical Cables for PCIe3 Expansion Drawer for Power9 E980, E950, L922, S922, S914, S924, H922, and H924 serversStorage Backplane with HI Performance plus 2x24-Port for Power9 E950 server IBM V7R4 provides the following I/O enhancements for both Power9 and Power8 scale-out and scale-up system models: 931 GB, 1.86 TB, 3.72 TB, and 7.45 TB 2.5-inch Mainstream Solid-State Drives (SSD) for the following IBM Power9 and Power8 System models: E980, E950, L922, S914, S922, S924, H922, H924, S812L, S822L, S824L, S814, S812, S822, S824, E870, E870C, E880, E880C, E850, and E850C servers387 GB, 775 GB, and 1.55 TB 2.5-inch Enterprise Solid-State Drives (SSD) for the following IBM Power9 and Power8 System models: E980, E950, L922, S914, S922, S924, H922, H924, S812L, S822L, S824L, S814, S812, S822, S824, E870, E870C, E880, E880C, E850, and E850C serversDeactivation of LPM for Dedicated Servers for Power E980, E950, S922, S914, and S924 serversIBM i V7R4 Indicator for the following IBM Power9 and Power8 System models: E980, S914, S922, S924, H922, H924, S814, S812, S822, S824, E870, E870C, E880, and E880C servers   Hardware Enhancements for POWER9 provided with V7R4 IBM EC5B and EC5G PCIe3 1.6 TB SSD NVMe AdapterThe IBM EC5B and EC5G PCIe3 1.6 TB SSD NVMe Adapters provide a low write latency and use nonvolatile flash memory (NVMe), which is a high-performance software interface for reading and writing to...
Continue reading

QRadar Prices for All-in-One Hardware SIEM Appliances

QRadar Prices for All-in-One Hardware SIEM Appliances
QRadar Prices for All-in-One SIEM Appliances start at $38,500.00 to $102,000.00. Pricing is calculated based on the volume of events and network flows ingested by the SIEM. QRadar prices for All-in-One appliance includes the following licenses for out of the box deployment: Maximum Events per Second defined by model (expandable increments: 100, 500, 1000, 2500, 20000, 40000, 80000)Maximum Flows per Minute defined by model (expandable increments: 10000, 25000, 50000, 100000, 1200000, 2400000, 3600000)QRadar Security Intelligence Console for SOC including advanced threat protection, predefined dashboards, partner provided and editableIBM Security AI Sense Analytics for assets on premise, mobile, remote sites and cloud servicesAsset and device auto discoveryUser Behavior Analytics and Anomaly DetectionNetwork Scanning, Behavior Analytics and Anomaly DetectionVulnerability Manager for 256 devices with IP address with unlimited scans (expandable). Use of customer provided 3rd party scanner is free.Predictive threat modeling, simulation and impact analysisRisk Manager for 256 devices (expandable increments: 100, 250, 500, 1000, 2500, 5000)xForce IP Reputation FeedAccess to over 100 apps on IBM xForce Exchange with real-time cybersecurity threat and vulnerability updates  All QRadar Security Intelligence offerings, can flexibly grow and scale by simply adding an additional appliance for workload specific requirements, or use a hybrid of software licenses running on customer provided virtual machines and the cloud. QRadar pricing for the different product lines is significantly different. For instance, IBM’s SIEM SaaS QRadar on Cloud offering has zero upfront costs, providing a simple pay as you go solution. Customers may alternatively deploy QRadar in a private or public Cloud service from Amazon AWS, Microsoft Azure or like provider. Fully managed SIEM Security Services MSIEM is provided by the IBM SOC team. QRadar prices for All-in-One Appliances are pre-configured with OS and all required software entitlements needed and are performance tested on Lenovo X-Series Appliance with full support by IBM. Simply power it on. Volume based pricing is determined by the number of events being ingested by QRadar SIEM for additional workloads. First year 24x7 software and 9x5 hardware Maintenance Support is included with initial appliance sale.   QRadar Price(IBM SRP) QRadar Product Part Number $38,500.00 IBM QRadar 3105 All-in-One Appliance...
Continue reading

QRadar vs Splunk SIEM What You Need To Know BEFORE switching in 2019

QRadar vs Splunk SIEM What You Need To Know BEFORE switching in 2019
This QRadar vs Splunk comparison will help anyone planning on switching in 2019 from Splunk to QRadar SIEM. It will also help anyone just curious to see the additional functionality QRadar has in comparison to Splunk. First Get the FREE Splunk to QRadar SIEM App! You should check out the free Splunk to QRadar SIEM App that enables forwarding of Spl...
Continue reading

Power8 vs Power9 Performance Facts for IBM Model S924

ibm-power9-s924-9009-42a IBM Power9 S924 9009-42A Specifications
This specification breakdown of the IBM Power9 9009-42A model S924 will explain the key performance features that sets it apart from its Power8 predecessor.  In comparison to the 8286-42A model S824, the IBM Power9 S924 delivers 40-50% better performance for data intensive database and analytics workloads, with over twice the memory footprint (accelerated by Coherent Accelerator Processor Interface CAPI) running at speeds up to 344 GB/s (172 GB/s per socket), has over 60-70% more CPW for IBM i workloads and 2X the I/O bandwidth (Gen4 PCIe slots). IBM Power9 with CAPI 2.0 increased I/O bandwidth over 4X Power8 ability, clocked at 192 GB/s. The Power9 S924 also has PowerVM virtualization is built into the Power9 processor chip, which increases performance, server utilization and cloud enables your data. Power9 S924 9009-42A Specifications Power9 Processors – 2 socket server with up to 24 active cores EP1E 8-core (18,188-145,500 CPW)EP1F 10-core (17,450-174,500 CPW)EP1G 12-core (15,446-370,700 CPW) Memory - up to 4TB of DDR4 direct attached memory, 16 DIMM slots per socket EM62 – 16GB DIMM (Qty. 2-8 per socket = 2666 MHz / Qty. 10-16 per socket = 2133 MHz)EM63 – 32GB DIMM (Qty. 2-8 per socket = 2400 MHz / Qty. 10-16 per socket = 2133 MHz)EM64 – 64GB DIMM (Qty. 2-8 per socket = 2400 MHz / Qty. 10-16 per socket = 2133 MHz)EM65 – 128GB DIMM (Qty. 2-8 per socket = 2400 MHz / Qty. 10-16 per socket = 2133 MHz)L2 to L3 cache - 7 TB/s on chipPer core - 512 KB L2 | 10 MB L3 | 128 MB L4 PCIe Slots - Hot-plug, 4 CAPI 2.0 enabledTwo Gen4 and Six Gen3 (single socket)Five Gen4 and Six Gen3 (two socket) Storage backplane options (hot-swappable disk bays) EJ1C - 12 SFF-3 Bays + 1 RDX BayEJ1D - Expanded Function 18 SFF-3 Bays + Dual IOA with Write Cache and optional external SAS port Expanded FunctionEJ1E - Split feature to 6+6 SFF Bays + 1 RDX bax with ability to add a second SAS ControllerEJ1M - 12 SFF-3 Bays + RDX Bay and optional external SAS port. SSD and HDD options 600GB, 1200GB, 1800GB - 10K RPM SFF HDD300GB, 600GB - 15K...
Continue reading

Nutanix Hardware for Hyper Converged Infrastructure (HCI)

nutanix-hardware-lenovo-hc_20190427-171927_1 Nutanix Hardware for HCI Lenovo
A hyper converged infrastructure (HCI) uses software to virtualize all server and storage resources for streamlining, automating and maximizing IT resources and operations for a variety of complex, compute-intensive Databases, VDI, Microsoft, Business Applications, Cloud, Big Data, SIEM, SYSLOG and other x86 environments. HCI virtualization solutions significantly reduce operating and licensing costs, provide predictable performance, provide up to 2.8 times storage gains and enables long-term flexibility and scalability. The HCI software defined infrastructure model addresses almost every IT challenge facing companies today, including:Improving IT staff productivityImproving operational efficiencyReducing capital expensesReducing operating expensesImproving backup/recoveryImproving resource utilizationData center consolidationThe value of hyper converged infrastructure solutions lies in moving away from a legacy hardware architecture consisting of multiple generations of servers, operating systems, hypervisors and storage devices from multiple vendors, to a more available, modernized solution that is software defined, cloud-like and an all-encompassing ecosystem. Some hyper converged infrastructure solutions have partnered with hardware vendors to provide an out of the box, ready to deploy hyper converged infrastructure that can enable deployment up to 85% faster. The industry’s leading HCI vendor Nutanix, partnered with the enterprise server leader Lenovo as its key hardware vendor, which offers the Lenovo ThinkAgile HX Series, a best in breed, all-in-one HCI solution with preloaded software defined storage licenses, hypervisors, consolidated maintenance and support. ThinkAgile Software for HX pairs Nutanix HCI solutions, Prism and Acropolis, with Lenovo server management solutions XClarity and ThinkAgile Network Administrator, to deliver single click provisioning, upgrades, management, software and firmware updates, and centralized monitoring of entire infrastructure from a single pane of glass. Most importantly, Nutanix virtualizes all cluster resources to work as a single, optimized and efficient system, eliminating the challenges of managing multiple interfaces. Every HCI system depends on reliable, performance capable, scalable servers to ensure critical business processes run smoothly and without interruption, which makes the Nutanix Lenovo marriage perfect. Lenovo Intel based x86 servers have been rated #1 for reliability for the last five years in a row, has the highest customer satisfaction rating and holds the world record for virtualization performance. Lenovo’s ThinkAgile HX Series servers harness many highly functional features for...
Continue reading

QRadar IBM i iSeries AS400 Log Forwarding

qradar-ibm-i-iseries-leef-gid-offense-risk-score QRadar IBM i Offense
Configuring the IBM i to forward security and system event logs to QRadar SIEM can be done a few different ways, but in order to do it correctly; in LEEF format, in real-time, with GID and enriched event log information, you need an IBM i event log forwarding tool designed for the QRadar SIEM. There are IBM i security event log forwarding tools that can be used for QRadar that will send event logs in real-time and in CEF SYSLOG format, and even a couple that support LEEF, but only one includes QRadar QID for mapping, log enrichment and is on DSM support list. These features are important for QRadar's automatic log source discovery, parsing IBM i event logs properly for offenses, alerts and reports, and so that SOC operators can make sense of the logs. Similarly, all the IBM z Mainframe event log sources also require a forwarding tool that is able to format all the unique event log types and designed specifically for IBM QRadar. The IBM i has many different event log sources, of which most SYSLOG and SIEM forwarding tools can only format and send System Audit (QAUDJRN) and Message Queues like QHST. However, most companies will also need to forward other event log types for compliance and audit requirements, like sensitive database access logs for File Integrity Monitoring (FIM), Network, SQL Statements, Open Source protocols, Privileged Access Management (PAM) events, Port usage, and Commands issued from a workstation. Other logs sources that companies also sometimes forward are web application logs, third party application and performance data, but these log sources are not typically required. Before choosing your method or tool to forward your IBM i event logs to QRadar, first identity which event types need to be sent based on your compliance or audit requirements. Then, identify the solutions capable of formatting and forwarding those IBM i log sources correctly. Another important specification for IBM i QRadar integration, is the solutions ability to send all event details, not just certain fields and data the vendor or freeware deemed important. Sending security events to a SOC or...
Continue reading

IBM i Privileged Access Management (PAM) Specifications

IBM i Privileged Access Management (PAM) Specifications
IBM i Privileged Access Management (PAM) solutions have various levels of flexibility for implementation and integration with existing applications and ticketing systems that need to be considered before purchasing. Assessing your IBM i Security requirements for implementation will be key to ensuring the IBM i PAM solution you choose meets your all your use cases, as well as environmental and compliance requirements. First note, Privileged Access Management (PAM) terminology used by most technology sectors and compliance regulations refer to processes more commonly known on the IBM i (iSeries AS400) platform as Profile Swapping and Adopted Authority procedures. Terminology aside, the goal of PAM is to limit the number of powerful profiles (user IDs with excessive special authorities, powerful user classes and users with no or partial capability limits) on the IBM i to a bare minimum, and only temporarily grant elevated authorities (privileges) to user profiles with a specific need (use case) to complete a task or provide access to sensitive data which is outside their normal duties in a controlled, permissions based manner. Other companies start using PAM simply because they want to stop wasting time giving out passwords for powerful profiles on a regular basis. There are a number of ways to grant privileged access authority for IBM i users which are much more granular than Open platforms, and each PAM solution has different capabilities that will determine the success of your implementation. In general, all IBM i PAM solutions should be able to control which menus and commands users can access, as well as which actions they can take for specific objects or files. When a user is performing a profile swap or adopted authority, an extensive audit trail should be captured in the system journal, as well as possibly screen captures in some instances. Ideally, Privileged Access Management functions should be automated, seamlessly integrate with both internal and external applications, and without disrupting to existing processes. You should always do a trial or POC of the PAM solution before you purchase to ensure it will deliver the functionality you need for successful implementation and features work as advertised....
Continue reading