11
Change, complexity and uncertainty have become
opportunities for businesses to innovate, transform, and grow
in new ways
22
Mobile is a mandatory transformation
Users are migrating to mobile as preferred channel of interaction, therefore organizations need to leverage and extend their existing capabilities and meet the mobile demand
As BYOD becomes more pervasive, it is critical to protect and manage the device while securing access to corporate data
The dynamic nature of mobile is forcing organizations to be more agile with both their business models and IT delivery
Advisors Employees
Customers�Provide tools that can help advisors close business faster
�Become easy-to-do-business-with for servicing needs
�Improve employee productivity through effective collaboration
�Reduce cost of doing business by transparent processes
�Highly engaging, personalized, and differentiated experiences
�Drive customer satisfaction, improve brand loyalty & reduce costs
33
Characteristics of Mobile WorkloadsOn any platform
Increased web traffic
• Mobile applications drive an increase in overall transaction rates. When a user can check their bank balance anytime, they tend to do it more often.
Increased off-peak web traffic
• Traditional workload peaks change or are smoothed out when more mobile devices are driving the traffic.
New mobile applications are often first deployed rapidly to cloud-based servers.
• According to Intel -- A new cloud server is required for every 600 smart phones (or 120 tablets) sold. This leads to over a million new servers required in 2013.
Mobile applications could cause huge spikes in transactions.
• Consider a time-sensitive offer sent to mobile users. Since they are more likely to see and respond to the offer quickly this could cause a huge and sharp spike in transaction invocations. This drives the move toward light-weight data transports like JSON.
Think Sensors and Actuators
• Mobile is more than smartphones. Think of any device relaying information to a server.
444
System z bridges Systems of Record and Systems of
Engagement
Systems of Record (SOR)
Systems of Record are well integrated, trusted
repositories.
Systems of Engagement (SOE)
Systems of Engagement are cloud-based, decentralized,
support rapid app development.
Mobile Apps
Siloed Dept. Apps
CloudAPIs
Order Fulfillment
CorporateData
Ware-house
Accounting
Finance
Linux on z z/OS
IMS Goes Mobile in South Africa
5
…in South Africa, more people have cellphones and smart
mobile devices than bank accounts. FNB wanted to launch
a reliable, secure and highly responsive mobile channel…
“With IMS as our core orchestration and
business logic execution
layer, we have true 24/7 service capability
and the ability to manage growth without
worrying about scalability. IMS hierarchical
structures manage data in a much more
efficient way, ensuring that we have
scalability and growth all catered for
with our IMS Transactional and Database
management solutions.”
66
First National Bank, South-Africa
Easy Mobile Channel integration with core z/OS IMS applications to improve customer experience
and add new revenue opportunities at low implementation cost
Business challengeAllow shift to self-service mobile banking Grow business while keeping high-level of performanceReduce IT costs by leveraging core business infrastructure
Solution� Numerous channel connectivity to IMS Apps using a 2-Tier architecture based on a proprietary IMS Connect socket API � Service layer based on IMS SOAP Gateway on z/OS to interact with all external web services with inbound and outbound requests� Orchestration layer developed in IMS Apps� Additional performance tuning by consolidating complex services into a single IMS transaction - thus effectively lowering the transaction volume and improving response times
Benefits� Architecture simplification by using z/OS IMS applications as core orchestration
and business logic execution layer� Constantly innovating with new systems and frameworks to support growing
business needs resulting in IMS Workload growth up to X 8 in 10 years - Now up to 1 Billion+ transactions a month
� Customer initiated transactions workload including mobile doubled every year since 6 years
Solution components:
� IBM System z & z/OS� IBM IMS 11� IBM IMS Connect & IMS SOAP Gateway
“Innovation and technology are core to
FNB business strategy. We achieved
our goals with IMS as our core
strategic transactional system
providing both transactional and batch
workload support, capability to scale in
both transactional and database
volumes, cloud like concepts and 24x7
service capability“
Jay Prag, CIO – Channels at FNB
77
FNB – Mobile Banking & IMS – Evidences
Customer Initiated Transactions including mobile, ATM, internet
Fast and cost-effective development, integration and management of rich, cross-platform mobile
applications
Client Challenge
Key Capabilities
Using standards-based technologies and tools and delivering an enterprise-grade services layer that meets the needs of mobile employees and customers
Mobile optimized middleware
• Open approach to 3rd-party integration
• Mix native and HTML
• Strong authentication framework
• Encrypted offline availability
• Enterprise back-end connectivity
• Unified push notifications
• Data collection for analytics
• Direct updates and remote disablement
• Packaged runtime skins
• zLinux support
Delivering for multiple mobile platforms
IBM Worklight
99
System z Mobile Enterprise with IBM Worklight Server
WorklightWorklight Server on WASServer on WAS
Authentication
JSON Translation
Server-side App Code
Adapter Library
Application Center
Enterprise App Store
Worklight Console
Push Notifications
AnalyticsCast Iron
HTTP/REST
SOAP
IIB
SQL
SAP
z/OS
IMS & CICS Applications
Linux on z
Device RuntimeDevice Runtime
• Security and
Authentication
• Back-end Data
Integration
• Caching and local data
Worklight Video: http://www.youtube.com/watch?feature=player_embedded&v=zHnFw70XXXo
Linux on z z/OS
IMS & DB2 Data
Public Cloud
IBM Cast Iron
Synching data with SaaS apps to leverage new cloud economy
Private Cloud
BPM
WAS DB
DBCICS
DB2
SAP
.JCAPs
.NETPattern
Pattern
IMS
ODM
DB
IBM Integration portfolio
Mobile
Internet of Things
Trading partner communities
DeveloperCommunities
IBM Message Broker
Integration Bus provides universal connectivity for heterogeneous environments across enterprise processes, applications, and data
IBM MQ messaging
Messaging backbone provides reliable transport and data delivery across data center
IBM PureApplication System
Enterprises looking to achieve “more with less” by better managing IT resources as collectives
IBM Worklight
Productive multi-device development and management
IBM Web API Management
Manage your APIs to open up access encouraging innovation from App Developers
IBM MQTT
Reliable, efficient, scalable messaging for mobiles and sensors
DMZ DMZ
IBM DataPower Gateway Appliance
B2B Integration Gateway for secure collaboration with communities of trading partners
IBM Caching Appliance
Cache grids improve scale and performance
IBM DataPower Gateway Appliance
Integration Gateway for secure & controlled access to enterprise resources, while optimizing workload delivery
IMS
IMS Connect
WebSphere
DataPower (DP)REST
client
JSON OTMA
IMS App
Mobile Integration with IMS
� WebSphere DataPower as the Web and RESTful service facade
� DataPower supports bi-directional communications with IMS transactions
� DataPower supports direct access to IMS database ODBM
IMS DB
DB2
Documentation
DataPower IMS Implementation Guide:
http://www-01.ibm.com/support/docview.wss?uid=swg27038927&aid=1
IMS
IMS Connect
WebSphere
DataPower (DP)REST
client
JSON
OTMA
IMS App
Mobile Integration with IMS %
Worklight
Server
IIB, IBPM , etc.
Worklight
Server
DP, WAS, IMS SOAP Gwy
� WebSphere DataPower as the Web and RESTful service facade
� DataPower supports bi-directional communications with IMS transactions
� DataPower supports direct access to IMS database
� Worklight server
� Worklight server can reside on DP, WAS, IMS SOAP Gateway, IIB, IBPM, and etc.
zOS Connect
A service that encapsulate calling z/OS target applications using REST calls. zOS Connect will support JSON payloads for calls from external cloud or mobile-based clients and will enable the conversion of the payload to the target program's expected format. It will also provide the response payload conversion from a byte array into JSON format before returning the response to the caller.
z/OS Connect
WOLA
WOLA CICS
Programs
IMS dependent
regions
BlueMix
IMS
VSAM
DB2
DLI
zConnectJSON to/from
byte[] (Cobol
copybook)
CICS
Batch
zConnectJSON to/from
byte[] (C
structure)
zConnectJSON to/from
byte[] (PL/I
structure)
WOLA
WAS Liberty z/OS
RESTful
RESTful
RESTful
Data binding
conversion/routing
Mobile/APIM
Mobile/APIM
CloudOEJavascript
CloudOEJavascript
CloudOEJava
CICS
Batch
IMS
CICS
Batch
Data binding
conversion/routing
Data binding
conversion/routing
Security / Auditing /
Metering
zOS Connect Liberty for IMS
Same zConnect implementation – WOLA or the IMS Connect service provider handles requests targeted to existing IMS transactions and data
z/OS Connect for IMS
Dependent Region
Message Processing
Program (MPP)
WOLA
IMS
Connect
IMS dependent
regions
BlueMix
IMS
DB2
zConnectJSON to/from
byte[] (Cobol
copybook)
zConnectJSON to/from
byte[] (C
structure)
zConnectJSON to/from
byte[] (PL/I
structure)
zConnect Liberty for IMS
RESTful
RESTful
RESTful
Data binding
conversion/routing
Security / Auditing /
Metering
TCP/IP
OTMA
OTMA
CloudOEJavascript
CloudOEJavascript
CloudOEJava
Mobile/APIM
Mobile/APIM
DLI
IMSDB
ODBM
Dependent Region
Batch Message Processing
Program (BMP)
Dependent Region
IMS Fast Path (IFP)
Dependent Region
Java Message Proc (JMP)
Dependent Region
Java Batch Proc(JBP)
DLI
Data binding
conversion/routing
Security / Auditing /
Metering
IMS
IMSDB
IMS
IMS Connect
WebSphere
DataPower (DP)REST
client
JSON
OTMA
IMS App
Mobile Integration with IMS %
Worklight
Server
IIB, IBPM , etc.
Worklight
Server
DP, WAS, IMS SOAP Gwy
� WebSphere DataPower as the RESTful service facade
� DataPower supports bi-directional communications with IMS transactions
� DataPower supports direct access to IMS database
� Worklight server
� Worklight server can reside on DP, WAS, IMS SOAP Gateway, IIB, IBPM, and etc.
� IMS Mobile feature pack (IMS Mobile) – zConnect
� Access IMS transactions
IMS Mobile/zConnect
WebSphere DataPower: Mainframe integration
Offload processing for reduced MIPS
Services Enablement for IMS, DB2, CICS
is the first level of security for access control, threat
protection, and data validation
WebSphere DataPower deployed in the DMZ
Identity & AccessManagement
ThreatProtection
Data Security
IBM DataPower Gateway Appliance Virtual Edition
WebSphere DataPower XG45 and XI52 physical appliance functionality in a
“virtual appliance” form-factor running on VMware hypervisor
Once deployed, DataPower Virtual Editions (VE) behave like their physical appliance counterparts
• All DataPower Security Best Practices apply to DP VE as well
• Physical appliances still recommended for DMZ operation and bullet-proof HW/SW security
– Hardware is virtualized as part of the VM infrastructure so some functions, e.g. intrusion detection, Trusted Platform Module (TPM) for encryption, Crypto acceleration, and Hardware Security Module (HSM) device, etc. which require HW assist are not supported
Secure backup/restore supported for:
• Backup on virtual, restore to virtual
Configuration export/import supported for:
• Export from virtual, import to virtual or physical
• Export from physical, import to physical or virtual
Chain of trust down to the hardware requires DataPower physical appliances
• DataPower Virtual Editions adds deployment options for secure virtual environments
Physical Appliance for hardware performance & security
Virtual Appliance for deployment flexibility
What Makes IBM WebSphere DataPower Different?
Highest level of protection for back-end service calls
• Reverse Proxy• Policy enforcement• Authentication & Authorization• Message level validation
Pre-processing of messages to reduce load on back end
• Transformation, protocol translation, validation, and routing
Resilience, scalability, and acceleration at the edge
• Front-end and back-end intelligent load balancing• Hardware accelerated processing of requests• Sidecar caching for even faster response time• Operational Governance & Service Level Management• Hardened audit trail logging
Configuration, not coding
IBM WebSphere DataPower Family
Integration Appliance XI52� High density 2U form
� “Any-to-Any” conversion at wire-speed
� Bridges multiple transport protocols
� Mainframe integration & enablement
Service Gateway XG45� Entry-level device, slim footprint (1U)
� Security gateway (AAA, XML threat, etc)
� Service level management and monitoring
� Intelligent load distribution & dynamic routing
� Lightweight integration functions (optional module)
B2B Appliance XB62� High density 2U form
� B2B Messaging (AS1/AS2/AS3/ebMS)
� Trading Partner Profile Management
� B2B Transaction Viewer
Integration Blade XI50B/XI50z� Functionally equivalent to XI52
� Form factor flexibility
� XI50B: BladeCenter form factor
� XI50z: zEnterprise BladeCenter Extension (zBX) form factor
IMS
IMS Connect
WebSphere
DataPower (DP)REST
client
JSON
OTMA
IMS App
Mobile Integration with IMS %
Worklight
Server
IIB, IBPM , etc.
Worklight
Server
DP, WAS, IMS SOAP Gwy
� WebSphere DataPower, i.e. XG45, can be placed at DMZ
� The same WebSphere DataPower appliance, e.g. XI52, XI50B, can be used for both DMZ and trusted zone
� WebSphere DataPower XG45 and XI52 physical appliance functionality in a “virtual appliance” form-factor running on VMware hypervisor
IMS Mobile/zConnect
DMZ Trusted zone
e.g. REST
(JSON/XML)
over HTTPS
WebSphere
DataPower HTTP(S)
with
security
token
e.g. LTPA
Worklight
Server
System z
Transactions &
Database
(IMS TM, IMS DB,
CICS and DB2)
WebSphere
DataPower
Integration with WorklightIntegration with Worklight
WebSphere
DataPower
RESTful Service FacadeRESTful Service Facade
Trusted zone
DMZ
Mobile Enablement for System Z
WAS, IIB,
IMS SOAP
GWY, etc.
zConnect
Hybrid Cloud Integration with IMS
23
IBM Cloud Operating
EnvironmentOur New Our New ComposableComposableEnvironment Environment Codename:
BlueMix
� Run apps in a variety of popular languages
� Built on open standards
� Provides integration services to systems of record
� Designed for mobile
� Provides DevOps services for integrated dev experience
Traditional
Enterprise
Information
Systems, i.e. IMS,
CICS, DB2
API Management
Cast Iron Integration
Secure Connector
Data Mapper Private API Catalog
• Combine mobile and cloud for best of both – mobile applications in the cloud linked
to the enterprise is your competitive advantage
•Fast time to market of cloud based applications – combined with the trusted
transactions of traditional mainframe systems
•Securely connect – leverage data from your existing enterprise systems
Bluemix
SecureConnector
DataPower
Integrate into existing applications
define, assemble, secure
Enterprise API’s for mobile
•Rapidly define APIs – Use the web interface to construct the API contract
•Manage and monitor – Built in analytics provide insight into your API usage
•Develop new revenue streams – Safely make APIs available externally
a branded developer portal analytics and operational insight
End-to-end architecture for mobile and cloud
applications invoking z services using APIs
Web Services or REST based services
On-Premise API Enablement
Cloud APIs
Mobile
Applications
Cloud-based
Services
Enterprise Transaction Processing
Enterprise
Services
Enterprise
Services
CICSIMSWAS
DataPowerGW
appliance
DMZ
Access to systems of
records and enterprise
data via APIs
Enterprise
APIs
JANE - Mobile
app developerUses APIs to access BE
services
BOB – developer of z based Services
Develops services from IMS, CICS and other z
applications
Enterprise API s
Mobile/Cloud App
Enablement
Service Enablement:• Enables invocation of z
applications by remote applications using standard protocols (WSDL,
REST)
API Enablement:• Consumability by internal and external
developers (creation and look up)• Entitlement Management (securing,
workload enforcement) • Usage monitoring & Analytics
Mobile Application Development
• Invokes APIs for accessing SOR
Shavon – API developer
Develops APIs from z based services
Cloud form factor: Value proposition of IBM Integration Service
Cloud OE
External SaaSApplications
Third-partyAPIs
On-PremiseServices
Connectors
Connectors
APIs APIs
On-PremiseApplications
Secure G
ateway
CloudOEBuilt APIs
Visual Composition
Rapid Coding
Broad pre-built connectivity�Simplify access to systems with pre-built, easy to use connectors to a wide range of on-premise and off-premise systems
�SDK included allowing partners and customers to extend the connectivity
End to end integration forms one platform �Secure COTS and API connectivity, mapping interface, exposing integration as API all from one cloud based Environment that no other competitor has
Integration as an integral part of the Cloud Platform �IBM’s cloud platform is the only one allowing customers to integrate as part of the platform , reducing time to value to an completed application for the enterprise
Reduced development time �Choice of Rapid coding and visual composition gives developers a choice of environments based on skill
�Reduces development time from weeks to days
APIs
The Bank of San Jose owns and manages 4 accounts• Checking • Saving• Mortgage• Brokerage
IMS is the Bank’s core-banking system; and owns and manages following accounts: • Checking• Saving• Mortgage
The Bank uses a Brokerage account in the cloud
IBM’s BlueMix Hybrid Cloud & IMS Demo
Cast Iron Live
Cast Iron Live
Cast Iron
Secure Connector
HTTPSJSON
Firewall
HTTPS HTTPS
DataPower
IMS
Transaction
IBM’s BlueMix Hybrid Cloud & IMS Demo %
IBM’s BlueMix Hybrid Cloud & IMS Demo %
IMSIMS
IMS
IMS Connect
WebSphere
DataPower (DP)
IMS Bank A
pp
�Accounts Summary� Invoke IMS Bank Application to obtain accounts summary� IMS Bank Application goes outbound to the Brokerage account in the cloud to obtain the account balance� IMS Bank Application returns all Accounts Summary
�Transfer funds � Invoke IMS Bank Application to transfer funds � IMS Bank Application goes outbound to the Brokerage account in the cloud to transfer $$ from Savings to the Brokerage account� IMS Bank Application returns the results
IMS DB
Secure Tunnel
Cloud Demo
Thank You