SPARTA News

July 2018

SPARTA President’s Corner

contributed by Randy Springs

This year is half over and everyone is either taking vacation or working on software upgrades at our shop. With a z/OS upgrade, a CICS upgrade, and an Omegamon upgrade, it’s a busy summer for us. Also, a few people on my team are getting a Windows 10 upgrade on their laptop. I will be happy to wait a while for that.

Our speaker this month will be Andre Clark of IBM. He will be presenting on IPCS and diagnosing CICS issues. I’m sure it will be informative and worth attending.

Please plan to join your colleagues for subs, networking, and education on Tuesday, July 10 at 6:15 p.m. at our usual LabCorp location.

Randy Springs
BB&T

Future Speakers

(subject to change)

July 10, 2018 (Special Date) - Using IPCS for CICS by Andre Clark of IBM

August 7, 2018 - TBD

Sept. 11, 2018 (Special Date) - SHARE Conference Report by Ed Webb of SAS

We need ideas and volunteers for future speakers. Presentations don’t have to be fancy, just informative and interesting. Even a 5 or 10 minute talk can start an interesting interaction. Contact Ron Pimblett by phone as noted below.

2017-2018 SPARTA

Board of Directors

Randy Springs - President

BB&T                  (919) 745-5241

3200 Beechleaf Court, Suite 300

Raleigh, NC 27604

Ron Pimblett - Vice President

MDI Data Systems

Land line 613 599 6970

Mobile 613 981 6919

190 Guelph Private

Kanata, ON K2T 0J7

Chris Blackshire - Secretary

Retired (Dell, Perot Systems, Nortel)  (919) nnn-nnnn

street

Durham, NC 27713

Randy Springs - (Acting) Treasurer

BB&T                  (919) 745-5241

see Randy

Springs earlier

Ed Webb -  Communications Director

SAS Institute Inc.  919-531-4162

SAS Campus Drive

Cary, NC 27513

Mike Lockey -  Web Master

Guilford Co. Information Services  336-641-6235

201 N. Eugene St.

Greensboro, NC 27401

Meetings

Meetings are scheduled for the first Tuesday evening of each month (except no meeting in January), with optional dinner at 6:15 p.m. and the meeting beginning at 7:00 p.m.

These monthly meetings usually are held at LabCorp’s Center for Molecular Biology and Pathology (CMBP) near the Research Triangle Park (see last page). Take I-40 to Miami Boulevard and go north. Turn right onto T.W. Alexander Drive. Go about a mile or so. Then turn right into LabCorp complex and turn Left to the CMBP Building (1912 T.W. Alexander Drive). In the lobby, sign in as a visitor to see Bill Johnson. Bill will escort you to the conference room.

Call for Articles

If you have any ideas for speakers, presentations, newsletter articles, or are interested in taking part in a presentation, PLEASE contact one of the Board of Directors with your suggestions.

Newsletter e-Mailings

The SPARTA policy is to e-mail a monthly notice to our SPARTA-RTP Group. The newsletter is posted to the website about five (5) days before each meeting so you can prepare. The SPARTA-RTP Group is maintained by Chris Blackshire; if you have corrections or problems receiving your meeting notice, contact Chris at chrisbl@nc.rr.com.

January 2018 “CBT Tape” Shareware Online

The directory and files from the latest CBT tape V495 (dated January 15, 2018) are available from www.cbttape.org.

If you need help obtaining one or more files, contact Ed Webb at SAS (see Board of Director’s list for contact info).

Minutes of the June 5, 2018 Meeting

• The meeting was called to order at 7:00 PM by Chris Blackshire standing in for Randy Springs, the SPARTA President.

• The meeting was held at a LabCorp conference room in RTP, N.C.

• Fourteen (14) people were present of which Thirteen (13) are 2017/2018 paid members.

• Everyone introduced themselves, told where they worked, and briefly described their job functions or their job hunting challenges.

• The presentation was given first to meet the presenter's schedule - see the presentation below (7:10-8:05 PM).

OLD BUSINESS

• The minutes of the May 1, 2018 meeting as published in the June 2018 Newsletter was approved.

• The May 31, 2018 Treasurer's report was not given. Randy will give it at the July meeting. Duane Reaugh will check on the DTS corporate sponsorship payment.

• Call For Articles: Articles are needed for this newsletter. If you would like to write an article for this newsletter, please contact Ed Webb. Keep in mind that you don't really need to write the article, it can be an article that you read that you would like to share with the membership.

• The SPARTA Web page is available. To access the SPARTA Web page, point your Web browser to this site: http://www.spartanc.org. Please send any comments or suggestions about the Web page to Mike Lockey. Be sure to check the Web page every once in a while to see any new or changed information.

• Chris reminded everyone to leave the LabCorp conference room clean.

• Future Speakers and Topics (subject to change based on internal politics, budget, the weather):

If you have suggestions about speakers and topics, contact Ron Pimblett.

• The next SPARTA monthly meeting will be on Tuesday, July 10, 2018 at LabCorp in RTP.

• Food for the July 10 meeting will be subs.

• The 2018 dues are due ($30) starting in February 2018. Please pay Randy Springs.

• Thanks to LabCorp and Bill Johnson for hosting the meeting.

• There are currently 79 people on the SPARTA-RTP e-mail list.

• Send any e-mail address changes to Chris Blackshire so he can update the SPARTA-RTP Listserv. You will be added by the moderator (Chris = SPARTA-RTP-owner@yahoogroups.com) sending you an invitation to Join the list.

• No update from Randy Springs on the SPARTA website connection to LinkedIn.

• Chris is in the process of putting a package together for Brad Carson, Tommy Thomas, and John Bryan's SPARTA contributions and death information on the web page under a new Emeritus section.

• Randy Springs is looking for a new Treasurer volunteer. He projects about 3 hours per month is needed.

-The treasurer position duties are:
--Collect dues and pay expenses at each monthly meeting.
--Deposit income at the BB&T bank monthly.
--Make an updated monthly excel income-expense list for the monthly newsletter.
--Give a Treasurer report at each meeting.
--One Time: Be added to the checking account authorization.
-Contact Randy Springs if you are interested.

• No update about whether SPARTA needs to change the website to HTTPS access. A security certificate would be $75 per year from GoDaddy. Randy Springs will work with Mike Lockey to research if we need this option and how to change it.

• No status update from Bill Johnson on whether we can continue to use the LabCorp conference room after the LabCorp data center is moved out of the building that we meet in. The move is scheduled sometime between July and November and Bill Johnson may not have access to this building after the move. That means we may have to find a new meeting place.

NEW BUSINESS

• None.

• The Business portion of the meeting ended about 8:30 PM.

Presentation

Syncsort Mainframe Products Updates

By Maggie Li, Chief Architect, Syncsort

• Syncsort Company
> 7,000 customers
84 of the Fortune 100 Customers in > 100 countries
Headquarters: Pearl River, NY
U. S. L o c a t i o n s - Burlington, MA; Irvine, CA; Oakbrook Terrace, IL; Rochester, MN
G l o b a l P r e s e n c e - U.K., France, Germany, Netherlands, Israel, Hong Kong & Japan
Global leader in Big Iron to Big Data

• Agenda
1 Mainframe Data Security - MFXSORTWORK Encryption
2 Access & Integrate Mainframe and IBM i Machine Data
3 Ironstream® for z/OS Release 2.1
4 Ironstream® for IBM i Overview
5 Capacity Management with Athene®

• Mainframe Data Security: MFXSORTWORK Encryption
- Release 3.1 Updates
- - OUTREC to INREC
- - - Data Manipulation feature
- - - When to use INREC vs OUTREC
- - - Automated conversion when appropriate
- - Join
- - - Complicated function
- - - Improved communication and coordination
- - - Lots of potential for improvements
- - Block Level Exits
- - - Less record level overhead
- - - Better cache efficiency
- - Message Exit
- - - Post process of sort msgs
- - - Allows for local language support
- - - Accept, modify, delete, insert

• Data Privacy & the Mainframe
- GDPR
- - What is it? (General Data Protection Rule)
- - Why is it important to me?
- - "We are not a European company"

• Mainframe Security
z/OS is a very secure-able environment and z14 was designed with security in mind but
even if it was, it would not protect against internal threats...
even if it did, the law doesn't distinguish among environments

• SORTWKs and User Data
- SORTWK data is not encrypted
- - Can't be protected
- - Application data can be easily identified
- MFX will be able to encrypt SORTWK
- There is a cost for encryption
- - but there is a cost by not encrypting
- ZPSaver can reduce cost by moving work to zIIPs

• Access & Integrate Mainframe and IBM i Machine Data
- Analyze Machine Data with platforms like Splunk and Elastic
- Meet SLAs and deliver critical business services
- Address compliance mandates and pass required audits
- Detect and prevent security breaches and threats
- Proactively avoid outages that disrupt the Business

• Challenges of Including Legacy Data in Your Analytics
- So many data sources - With millions of records generated daily!
- - Mainframe
- - - SMF, Syslog, Log4j web and application logs, RMF, RACF, USS files and standard datasets
- - IBM i
- - -QAUD Journal, QHIST, Message Que, Operational Logs
- Complex Data Formats
- - Mainframe
- - - Complex data structures (SMF) with headers, product sections, data sections, variable length
- - - EBCDIC not recognized outside of the mainframe world
- - - Binary flags and fields
- - IBM i
- - - Complex data structures with unique journal entry types, headers, product sections, data sections, variable length
- - - IBM i journals in DB2
- - - IBM i information needs to be converted to workable formats such as Syslog, CEF, JSON, etc.
- - Not timely, detailed enough
- - - Not real-time
- - - Typically have to wait overnight for an offload
- - - Daily FTP upload/downloads aren't granular enough

• Ironstream® is the leading solution to forward z/OS and IBM i log data to the Splunk and Elastic platforms
- Supports the most z/OS and IBM i data sources in the industry
- Consolidate or eliminate custom tooling to save time and money
- Provides a true 360-degree view of your enterprise security and operations

• Ironstream® for z/OS Release 2.1
- How Iron stream Works (diagram not copied)

• Ironstream® for z/OS Release 2.1 New Features
- Log forwarding to Elastic Stack (Logstash)
- - All data sources supported by Ironstream may be forwarded to Logstash
- - Filtering of log data prior to forwarding
- - Sample Kibana dashboards are included
- - Transport is TCPIP or HTTP/HTTPS
- - Simple installation and configuration
- IMS Log Forwarding
- - For mission critical applications that need to be monitored for operational, security, and regulatory compliance
- - Ironstream now provides support for IMS logs
- - Collection may be synchronous or asynchronous
- - Critical log records for monitoring performance, capacity utilization, throughput, and resource utilization are captured and forwarded to Splunk or Elastic for reporting purposes.
- SMF Logstream Collection
- - New SMF record gatherer that uses the SMF INMEM resources and SMF real-time API
- - This feature enables asynchronous collection of SMF data for certain situations with very high transaction rates which could, in real-time, impact the performance of the application

• DB2 Performance Monitoring
- (Diagram not copied)

• Ironstream® for IBM i Overview
- Ironstream for IBM i (IS4I) product is a new product from Syncsort Inc that will be GA in Q3 2018
- Ironstream for IBM i will format and forward this data to Splunk and other SIEM solutions for Log Analytics
- Security & compliance (SIEM) and IT operations analytics (ITOA) use cases will be supported by the log data available
- We have already seen interest for this requirement from a number of customers and are accelerating our product launch plan

• Ironstream® for IBM i - Architecture
- (Diagram not copied)

• IBM i Security Data - Example Splunk Dashboard
- (Diagram not copied)

• Capacity Management with Athene®
- Benefits of Capacity Management
- - Configure Accurately
- - Avoid Capacity Incidents
- - Purchase Strategically
- - Achieve Maximum ROI

• Athene Capacity Management
- The world's most scaleable capacity management software for physical and virtual environments.
- Bringing metrics from across the enterprise to one place
- Athene covers all major platforms including:
- - z/OS
- - IBM i
- - VMWare
- - Unix
- - Linux
- - HP
- - Windows
- - Others
- 360° view of your service and infrastructure
- The most cost-effective product in its class

• Athene - Architecture
- (Diagram not copied)

• Sample Dashboards
- (Graphs not copied)

• Athene - Capacity and Performance Management
- Athene
- - Relied on by the world's leading companies
- - Automates the capture and storage of data and the creation of capacity reports
- - Provides predictive analysis to help with sizing of infrastructures today and in the future
- - Includes the mainframe, IBM i, Unix, Windows, storage, business, financial data, and more
- Athene Cloud
- - World class solution without the need to provision, maintain and manage Athene hardware
- - Secure transfer of data from your environment to Athene® in the cloud
- - Ongoing management of historical data
- - Optional services can help organizations start or augment a Capacity Management process -
- Syncsort Professional Services
- - Provides capacity management expertise to help organization best manage capacity and achieve maximum ROI
- - Creates capacity reports, capacity plans, and strategic recommendations to those organization needing that expertise or staff augmentation
- - Leverage Syncsort's expertise - our consultants have decades of experience

• The complete June 5, 2018 Syncsort presentation can be found at URL:
http://www.spartanc.org/#PRESENTATIONS

• Contact Info:
Maggie Li of Syncsort
Chief Architect
Email: zli@syncsort.com
www.syncsort.com

David Hodgson of Syncsort
Chief Product Officer
Work: 201-930-8207
Mobile: 703-965-7449
dhodgson@syncsort.com

• Presentation Access - See SPARTA webpage for the complete presentation.

• The June 5, 2018 monthly meeting ended about 8:30 PM.

Treasurer’s Report for June 2018

contributed by Randy Springs

The balance in the account is $981.35 as of June 30, 2018.

SPARTA Financial Report
5/01/2018 through 06/30/2018

Items of Interest

SPARTA Schedule and Menu for 2018

contributed by Chris Blackshire

July 10, 2018 - Subs (date changed because of the July 4 holiday)
August 7, 2018 - BarBQ
September 11, 2018 - Pizza (date changed because of the Labor Day holiday)
October 2, 2018 - Fried chicken
November 6, 2018 - Subs
December 4, 2018 - BarBQ

SHARE in St. Louis Hotel Reservation Deadline Looms

Contributed By Ed Webb

SHARE in St. Louis, Missouri August 12-17, 2018. Hotel reservations can be made at no charge at SHARE's Event hotel site through Friday, July 13.

Online conference registration is still available. And yes, for the first time in 7 years (15 SHARE conferences), the registration fees have increased.

Registration for SHARE has changed for GDPR compliance, including Opt In/Opt Out for personal information sharing, explicit consent for SHARE to use your personal data per the updated privacy policy found here.

Explore the updated, desktop online agenda for access to technical education sessions that span topics such as Pervasive Encryption, Cloud Technology in the Enterprise, Data Privacy, API Economy and IBM Z(r) topics.

What can you do in St. Louis when SHARE is not in session? Check out the ideas in this SHARE blog entry.

Be prepared to participate in 2019 at one of these announced venues:

SHARE Winter 2019:     Phoenix, AZ   March 10-15
SHARE Summer 2019:  Pittsburgh, PA  August 4-9

You can always see the future SHARE schedule here.

Check out the z/OS Introduction Video Series

Contributed By Ed Webb

"This series of short educational videos teaches you about the IBM Z environment. The IBM Z mainframe is essential technology of large enterprises handling critical data and services every second of every day. While the IBM mainframe initially transformed business during past decades, IBM Z mainframe technology advancements provide limitless potential to enable future business transformation.

The IBM Redbooks video course starts from the beginning teaching IBM Z basics and the IBM Z flagship operating system z/OS. The course addresses z/OS access and interaction basics, data sets and data access methods, and operating system environment topics. No prior experience with mainframes and the IBM Z mainframe is necessary.

Review the several video lectures here.

How to Ensure a Secure IBM Z System With RACF

Contributed By Ed Webb

"Once upon a time, it was easy to secure a z/OS* (e.g., MVS) system. Users were defined, passwords were created and data sets were protected. Users accessed the mainframe from terminals connected directly to it. Now consider today’s environment. Users are accessing the mainframe from different places and devices.

IBM Z* systems host mission-critical corporate information and production applications for banking, financial services, healthcare, government and retail companies that require highly secure systems.

Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work and life communications. They can present a relatively simple point of attack for hackers to exploit. ”

Learn about doing more to secure your mainframe from this IBM Systems Magazine article.

Internet Security & Privacy In a Few Easy Steps

Contributed By Chris Blackshire

Cybercrime is projected to cost the global economy more than $2 trillion a year by 2019 according to market analysts Juniper Research, and many of those scams start with phishing — tricking people into clicking on nefarious links through legitimate-looking emails.

An easy way to block these attacks: Change the Domain Name System (DNS) that your computer uses. Most computers connect to the DNS that’s automatically set by their internet service providers, but there are safer alternatives.

There are now several Domain Name Service (DNS) providers out there, all vying for your attention and internet traffic. The majority of people use their ISP’s default DNS, especially when using an ISP-issued router. But you don’t have to stick with that.

You have several choices such as Google Public DNS, OpenDNS, FreeDNS, and many more, including a newcomer called Quad9 DNS. But it is it worth a switch to Quad9 DNS? Is it more secure than the alternatives? Or is it faster than its competitors? Let’s take a look at everything you need to know about Quad9.

Background: How DNS works

Every URL has a unique numeric address, that is the IP address attached to that site. When you click a URL, it is looked up through the DNS, which translates the words in the URL that make sense to humans into the IP address, or numbers, that computers and routers understand. Your computer then connects to the site with the IP address it found in the DNS lookup.

Quad9 checks URLs against a huge list of compromised sites that’s maintained by 19 different security intelligence firms, to ensure the URL has not been flagged for being dangerous in the past. If it has been, Quad9 will block the site. Unlike Cloudflare and Google, the organization behind Quad9 describes its service as “entirely altruistic,” created in partnership with IBM and security company Packet Clearing House (PCH). Quad9, a nonprofit, doesn’t charge consumers for the service and promises not to collect or sell user data.

Quad9 routes your DNS queries through a secure network of servers around the globe. The system uses threat intelligence from more than a dozen of the industry’s leading cyber security companies to give a real-time perspective on what websites are safe and what sites are known to include malware or other threats. If the system detects that the site you want to reach is known to be infected, you’ll automatically be blocked from entry – keeping your data and computer safe.

Whitelists

Quad9 also uses two whitelisting methods. The first uses a list of the top one million requested domains. This data was initially pulled from Alexa, but the Alexa top one million site list is no longer maintained. Instead, Quad9 now uses the Majestic Million daily top one million feed. The feed is constantly updated, and the DNS accounts for any changes.

The second is a “gold list” of domains that should remain secure at all times. These include major sites and services like Microsoft Azure cloud, Amazon Web Services, and so on. Adnan Baykal, GCA’ Chief Technical Advisor says, “We do realize that docs.google.com is hosting phishing attacks, but this is DNS filtering, we cannot block that URL specifically. And we don’t ever want to completely block Google.”

Global Presence

Quad9 DNS server clusters around the world receive the block lists, whitelists, and gold list of domains.

At launch, Quad9 had DNS server clusters in 70 different locations around the globe, scheduled to rise to 100 by the end of 2017. Baykal elaborates that each cluster has at least three servers, but “in some critical areas, like Chicago, we have five, seven, or nine systems behind a load balancer.” The Quad9 load balancer of choice is dnsdist, using a mix of Unbound and PowerDNS servers to deliver superfast responses.

This 30-second change to your computer settings is the easiest way to stop hackers

Setup: Windows

Step 1: Open Control Panel, select Network and Internet, and then select Network and Sharing Center. Click Change adapter settings on the left pane.

Step 2: Right-click the network interface connected to the internet and select Properties. Select Internet Protocol Version 4 (TCP/IPv4) from the list and click Properties.

If you are using IPv6 select Internet Protocol Version 6 (TCP/IPv6)

Step 3: Select “Use the following DNS server addresses” and enter 9.9.9.9 into the Preferred DNS server box. For the Alternative DNS server enter 149.112.112.112

If you are using IPv6 enter 2620:fe::fe into the Preferred DNS server box.

Step 4: Click OK then Close to save your settings.

DNS Provider List - Primary Address - - Alternate Address
Quad9 - - - - - - - - - - 9.9.9.9 - - - - - - - - - 149.112.112.112
Google - - - - - - - - - 8.8.8.8 - - - - - - - - - - 8.8.4.4
Cloudflare - - - - - - - 1.1.1.1 - - - - - - - - - - 1.0.0.1
OpenDNS - - - - - - - 208.67.222.222 - - - - 208.67 220.220

To Switch or Not to Switch?

Quad9 DNS is a fast, secure solution to your default ISP DNS. Is it trustworthy? This is difficult to answer. Your search data is completely anonymous but still aggregated for use with other services. Still, Google Public DNS does essentially the same but without input from 19 intelligence sources (though I’m sure Google does plenty of security analysis for their DNS regardless).

If you are worried about privacy as well as security, OpenDNS is probably a better choice. You still have blazing fast speeds, but have the bonus of privacy, too. Though for the overwhelming majority of people switching to Quad9 represents a significant upgrade, privacy issues or not.

Privacy Issues

Privacy laws instituted by the Obama administration were overturned in April 2017, which means internet service providers can now sell your browser history to advertisers without your consent. Using Quad9 or a similar private DNS could block that. Quad9 can prevent malware such as the recent Russian software called VPNFilter, which infected hundreds of thousands of devices across 54 countries, according to John Todd, executive director at Quad9.

Humor

Humorous Thoughts

Contributed by Ed Webb

• When you think about it, beef jerky is just a cow raisin.
• Waldo’s parents are probably worried sick.
• College apartments are where furniture goes to die.
• Bath tubs are just reverse boats.

Membership Information

Don’t Forget the Next SPARTA Meeting

Tuesday, July 10, 2018 (Special Date)

7 p.m.

Location: LabCorp in RTP

Take I-40 to Miami Boulevard and go north. Turn right onto 1912 T.W. Alexander Drive. Go about a mile or so. Then turn right into LabCorp complex and turn left to the CMBP Building. In the lobby, sign in as a visitor to see Bill Johnson. Bill will escort you to the conference room. Use 1912 TW Alexander Drive, Durham, NC 27703 in your map app.

Free Food before meeting: Subs, Sodas and Tea, Dessert

Program:

IPCS and CICS

Speaker: Andre Clark of IBM

SPARTA News

P.O. Box 13194

Research Triangle Park, NC  27709-3194

First Class Postage

SPARTA Corporate Sponsors: