Challenges: Streamlining Communications in Hybrid Environments.
While a lot has changed in recent years, one constant has been the insatiable demand for more data—and the increasing volumes of it that need to be stored, accessed, and transmitted. As data use and volumes grow, so too does the need to accelerate and streamline communications and connectivity.
Addressing demands for higher bandwidth and lower latency has proven challenging, however. These challenges are particularly pronounced in hybrid environments, which have traditionally presented significant performance constraints and complexity. This is very much the case for organizations running Hewlett Packard Enterprise (HPE) NonStop platforms alongside open systems like Linux.
Too often, efforts like application recoding and recompiling have been required to facilitate the integration necessary between these two environments. Underlying networks typically relied on approaches like traditional TCP/IP transmissions, which introduced fundamental performance limitations. Further, most NonStop transmissions needed to go through the NonStop CLIM (Cluster I/O Module), which also added application latency.
What’s driving the need for modernizing payment applications on the HPE NonStop platform? And what are the most effective methods of doing so? The payments industry is undergoing rapid change, which introduces many reasons for modernizing payment applications.The key drivers for modernizing payment applications fall within two main categories: business and regulatory.
If you’re administering NonStop systems, then chances are your organization already has a security plan. That’s because NonStop systems support some of the most important organizations in critical industries, including financial services, telecommunications, and energy, to name a few.
A successful cyber-attack on certain organizations within any of these industries could have widespread effects. That’s precisely why they have been staked out for, if not already targeted with, sophisticated attacks by threat actors ranging from criminals and hacktivists to terrorists and nation-states.
In an ideal world, every NonStop administrator has built upon his or her organization’s existing security plan to develop specific NonStop policies and safeguards. However, we know the reality: Security is but one of many hats NonStop administrators wear every day, and there are many hats and only so many hours.
So, if you haven’t already, today is a good day to start developing a security plan for the systems you administer. If you already have one, this article can serve as a guide to reviewing and updating your plan.
The Payment Card Industry Data Security Standard (PCIDSS) requires that payment data is rendered unreadableanywhere it is stored-but it does not describe howorganizations can address this requirement in an efficient way.When the decision makers at Getnet SA were looking for abetter way to safeguard consumer data and ensure compliance,they turned to comForte. With comForte SecurData, thecompany could protect information in their HP NonStopenvironments, while incurring minimal cost and performanceoverhead.
Your proven apps, some call them ‘legacy apps’, are doing their job as consistently as ever but most businesses are anything but consistent in these rapidly changing times. The advent of new technology itself has changed the expectations of our users and stakeholders. We hear, “Why do our users have to leave our site or application just to …?”
Whether the users might need to see information on a related product/project or integrate information into their decision cycle with something as simple as travel delays, weather or tools for any number of things from calculators to converters, to linking with another ‘smart app’ to do something even more sophisticated – our users expect our systems to be able to adapt – now.
The Cloud has transformed expectations, too. These ‘services’ are available, many times for no or very low cost, if we can only integrate them with our proven systems.
Article from the Connection Magazine.
Having been in business for decades, the team at Gallagher Bassett ("GB") had invested significant time, expertise, and resources in its HPE NonStop-based claims management system.
While core application functionality had been maintained and did a good job of supporting GB’s business, the system continued to rely on outdated "green screens" for a portion of its user interface.
These screens got the job done, performed well and were favored by veteran users, but lacked advanced functionality associated with more modern user interfaces, were difficult for new users to learn, and were beginning to hinder the company’s sales efforts. With the help of comForte’s staff and solutions, Gallagher Bassett was able to deliver a modern, intuitive interface that offered significant benefits from a usability and sales standpoint. Further, they were able to do so making minimal changes to the application.
In these days of 24/7 tech hype and new buzzwords emerging on a seemingly hourly basis, why write a book on the HPE NonStop platform? While it is based on technologies that are decades old, the HPE NonStop platform, and the way it gets deployed, has seen significant change. In order to provide a fresh look at the platform, several technical experts teamed up to write a new booklet called “HPE NonStop for Dummies,” which was just published by John Wiley & Sons. In this article, freelance writer Randy Budde interviews Thomas Burg, one of the booklet’s co-authors, to uncover more information about the booklet and why it was written.
When you take a step back and look at how the world of IT has changed in the past few years, it is pretty astounding. Advancements in mobile devices and applications, cloud services, big data, and a number of other areas have contributed to fundamental shifts in virtually every industry—and the pace only seems to be quickening.
These rapid and substantive changes can bring both opportunities and challenges for organizations. Eventually, for organizations to survive in this quickly changing environment, they have to evolve and enhance their services and capabilities—and legacy technologies can represent an increasingly significant impediment in meeting this demand.
For IT teams, it isn’t necessarily straightforward to know whether to try to keep working with legacy technologies as is, modernize them, or scrap them altogether.
While the costs of tackling the challenges of legacy technologies directly can be significant, they can pale in comparison to the expenses of continuing to work with these legacy systems in their current state.
As the saying goes, “Those who cannot remember the past are condemned to repeat it.”1 Let’s hope the security breach at Target, in which 40 million payment cards have been compromised, will be long remembered - and that this memory guides future security directions.
Sadly though, the history of just the past few years seems to be forgotten or ignored by too many. In recent years, the list of organizations that have had large-scale, high-profile breaches
includes retailers (TJ Maxx, Neiman Marcus), payment processors (Global Payments, Heartland Payment Systems), banks (JPMorgan Chase, Citibank), and even security vendors (RSA). In fact, when looking at the sophistication, scale, and frequency of breaches, one can rightfully wonder if the battle against these attacks can be won.
Big data is a term that’s increasingly being discussed and written about, but what does it really mean? What constitutes “big” and how does it differ from prior analytics approaches? In this article, we look at some examples that fit the more formal definition of big data, and some that don’t. In addition, we look at some different approaches for how HPE NonStop platforms can support big data initiatives. Finally, we provide some details of a sample application that illustrates how a live Twitter feed can easily be analyzed on an HPE NonStop platform.
The term “cloud computing” is regrettably appropriate because the term is rather vague (“cloudy”), and means very different things to different people. While there is a NIST definition of the term1, this description covers about three pages and consists of the definition itself (in not too few words), five essential characteristics, three service models, and four deployment models.
The German Federal Office for Information Security2 discussed the lack of a short and concise definition of cloud computing and therefore created its own3, which we translate as follows: Cloud computing means the dynamic provisioning, usage, and accounting of IT services via a network. The range of services consists of the whole spectrum of IT, such as infrastructure (computing capacity and storage), platforms, and software.
Security standards governing the credit card industry are not new. In fact, the first such program was introduced by Visa back in 2001. Over the years, a lot has been written about the topic. comForte first contributed to the discussion in this publication back in 2006, writing about Visa’s Cardholder Information Security Program (CISP). We also wrote about “The PCI Security Standard: Encryption Requirements in the NonStop World” in 2008, and in 2012, wrote how tokenization is “A New Approach to Fully Comply with PCI 3.4”. Most recently, we wrote about how the whole experience can turn into a “Nightmare on PCI Street” (Sept/Oct 2012)1. While there is no shortage of articles focusing on credit card security standards,
and how to comply with them, we are still seeing a fair amount of confusion when it comes to non-compliance. In this article, we will focus on thinking the unthinkable: What happens to organizations who are not PCI compliant? We also will discuss compensating controls for requirement 3.4 of the PCI DSS, and their future as we see it.
In an article entitled “Securing Your NonStop System”, comForte described the concept of the security pyramid. We encourage you to read the full article which describes the pyramid in detail, and reveals how different security mechanisms work together to protect your sensitive assets. In the following sections, we will focus on the top of the pyramid: auditing. As events such as the UBS rogue trader scandal illustrate, 1 it is often the intended application user who inflicts the biggest damage. By design, the four bottom layers of the security pyramid cannot stop these kinds of events, which is why auditing is so important.
Render PAN unreadable anywhere it is stored (including on portable digital media, backup media, and in logs).” That is how PCI1 3.4 is defined and for NonStop users that has proven to be a difficult task to comply with. Most users have resorted to compensating controls to satisfy auditor requirements. The article entitled ‘Tokenization - A New Approach to Fully Comply with PCI 3.4 and Improve Data Security’, written by Thomas Burg, CTO, and Michael Stephenson, Senior Software Engineer at comForte, looks at Tokenization, a new approach to fulfill the PCI 3.4 requirement and improve data security. It discusses the rationale behind not allowing sensitive data to be stored “in the clear”; then presents tokenization as a fresh approach which goes beyond only encrypting the data. Finally it shows how Tokenization can be added to existing applications without requiring any changes to the application itself.
Today, hundreds of organizations rely on their NonStop platforms, which continue to deliver the robust availability and performance that drove the initial hardware selection. However, within the NonStop installed base, some organizations continue to wrestle with ongoing challenges, such as lack of access to the application on NonStop from other systems, failure to integrate with SOA initiatives, old-style text-based user interface of legacy applications, and more. On the other hand, other organizations have given new life to their NonStop platforms, modernizing them, broadening and simplifying system access so they can gain even more value from their NonStop investments and their infrastructure overall. What makes the diference?
This article by Thomas Burg and Brad Poole looks at some proven approaches organizations have taken to modernize their NonStop platforms and the signifcant benefts they have gained by doing so.
comForte recently acquired The Operations Pack (TOP) product from Gresham Software Labs. TOP is an easy-to-use GUI-based tool providing intuitive and effective access to all HPE NonStop subsystems and components from a Windows workstation. Read this article by Andy Simpson and learn how TOP can boost productivity, reduce errors, and help optimize resources.
After a selection process among all emulation vendors, HPE chose MR-Win6530 as the new standard emulation delivered with the NonStop System Console.
Please find more details about the MR-Win6530 product and its usage on the NonStop System console in the full article which is available for download in the "Publications" area on the right side of this page.
Service-oriented architecture (SOA) is becoming widely recognized as the key to business agility, IT flexibility, enterprise business integration, and many other business benefits. Several analysts predict SOA to have a major impact on the future of enterprise IT.
So what is SOA all about, and how is it related to HPE NonStop servers? What does it mean for enterprise IT? Why is NonStop an attractive platform to host mission-critical services at the backbone of an SOA?
These questions are answered in the full article which is available for download in the "Publications" area on the right side of this page
For many organizations, encryption of data in transit and at rest has become mandatory. Due to the broad range of transfer and storage mechanisms, implementation of appropriate security measures is a challenging task.
This article gives an overview about the areas of concern and the technologies available to meet requirements such as SSL, SSH , or backup tape encryption. It will also present how NonStop server customers use comForte's solutions to apply these technologies to secure their business.
The full article is available for download in the "Publications" area on the right side of this page.
While FTP is a well-established standard for transferring files, it lacks any security features to protect the integrity or confidentiality of the data transferred. This article looks at the technologies involved while the second half looks at some solutions available for the NonStop platform.