Computing Service Banner

IBM LINUX ON SYSTEM Z

PRINT PAGE Add This

Specialty engines on the Integrated Facility for Linux Mainframe allow the mainframe to run Linux workloads. What does this mean to our partners? DISA’s Linux on System z environment offers many of the benefits of the traditional mainframe environment combined with the flexibility of Linux. The benefits include:

  • Mainframe hardware reliability and redundancy
  • Quick scalability with minimal disruption
  • Strong disaster recovery solution
  • Rock solid performance

Our partners save money several ways.

  • Cost is based on Central Processing Unit (CPU) usage, so this is a true pay-for-what-you-use model.
  • Our partners may be able to reduce their software license costs by having many Linux on System z operating environments (OEs) on very few mainframe engines. If several OEs use the same software (i.e. the Oracle Database Management System), all DISA partners who use that software can share the cost. This eliminates the need for each partner to pay for discrete licenses and maintenance.

DISA will host DoD IBM Linux on System z applications using DISA-provided hardware, operating systems (OSs), and labor.

STANDARD FEATURES

  • System Administration (SA): Including, but not limited to the following. DISA will:
    • Install, configure, and maintain the OS and core software components
    • Monitor the operational status of production systems running on DISA’s Linux on System z
    • Manage user accounts at the OS level
    • Install executive software and associated patches
    • Coordinate closely with partners for the installation of application software and associated patches
    • Tune the OS kernel parameters to optimize performance
    • Install and maintain the mainframe security environment
    • Ensure compliance with Security Technical Implementation Guides (STIGs), Security Readiness Reviews (SRRs), and Information Assurance Vulnerability Alerts (IAVAs)
    • Monitor console messages and system logs
    • Schedule and monitor backups for system files
    • Resolve referred trouble tickets
    • Develop standard solutions and procedures for the DISA Knowledge Management System in accordance with standard central procedures and guidance
    • Monitor the environment for any changes that might affect partner production schedules (and notifying our partners of the same)
    • Configure and maintain the system communication hardware and software
    • Install and maintain a standard suite of Enterprise System Management (ESM) software DISA uses to monitor and manage the OE

  • Security: DISA’s DECCs benefit from the high level of physical security afforded by their location on military installations. DISA also provides a superior information assurance (IA) environment. In the transition to the DoD IA Certification and Accreditation Process (DIACAP), DISA has accepted Inherited Controls for a wide range of IA responsibilities and functions.

  • Data Communications: This covers the communications infrastructure – the hardware, software, firmware, and labor – that allows our partners’ users around the nation and the world to connect to the partners’ data and DISA’s computers. Once the request for information leaves the user’s locale (base, office building, home, etc.), DISA will handle the traffic and expedite the response back to the user.

  • ESM Software: These are the tools DISA uses to monitor the health and well-being of our partners’ information systems and data and to manage problems when, or before, they occur. ESM software alerts DISA when conditions are favorable for problems to occur, so DISA can ensure the appropriate technicians are available to resolve any potential problems before they occur.

  • Level 2 Service Desk Support

  • Storage: Storage in the IBM Linux on System z computing environment consists of direct access storage device (DASD) storage with backup to tape and the associated communication infrastructure.

  • Assured Computing/IT Service Continuity: Our partners who purchase Linux on System z with unclassified processing will receive, at no additional charge, the use of a shared Continuity of Operations (COOP) processor at a remote site for disaster recovery. In addition, the storage infrastructure required for data replication and utilizing the Assured Computing Environment (ACE) will automatically be assigned to the partner for use at the recovery site. The normal charges for this storage service will apply. The end result is that our partners will be protected by the COOP/Service Continuity program through documented recovery procedures and pre-positioned infrastructure and will automatically gain access to the DISA COOP exercise program.

  • Mainframe Internet Access Portal (MIAP)

  • Capacity Management: Capacity reporting is used to monitor and validate system resource trends. DISA collects and retains this usage data to use in the analysis of current and projected resource consumption. With this information, decisions about system capacity changes can be made proactively and economically.

OPTIONAL FEATURES

Because all our partners require different levels of support, DISA provides choices from the following supplemental features. Each feature has its own set of rates, priced per OE on the Linux on System z platform. However, if a partner has a uniquely large workload, DISA will work with the partner to develop an agreeable labor support cost method outside of these rates. Optional features include:

  • Database Administration (DBA): These rates consist of (1) the labor costs of the database administrator support for any database management systems that run on Linux platforms and (2) the costs of database management tools that improve their productivity. An example of the latter is the Oracle Management Packs, which automate or simplify many labor-intensive tasks. The following list identifies some of the functions that DISA database administrators perform on our partners’ behalf:
    • Set up database structures
    • Perform initial database environment configuration for the physical layout of the database environment and storage allocation
    • Create or modify database instances; install, upgrade, and patch the database software; and adjust authorizations and permissions of users and groups
    • Ensure compliance with Security Technical Implementation Guides (STIGs) and Information Assurance Vulnerability Alerts (IAVAs) for the database product, harden the database for security compliance, and maintain Vulnerability Management System (VMS) postures
    • Schedule and monitor database backups
    • Maintain procedures for continuity of operations (COOP)
    • Resolve referred trouble tickets
    • Aid in performance tuning and work vendor tickets
    • Monitor availability (DISA-provided) for database instances.
    • Develop standard procedures for the DISA Knowledge Management System, based on the proclivities of the information system and its associated databases

If our partners serve as their own database administrators, DISA must still ensure that their databases comply with the DoD’s security guidelines. The charge for this service is 10 percent of the full DBA rate per database OE. The security fee includes the following services:

    • Consultative services on the STIG
      • Consulting is defined as providing STIG interpretation and clarification to our partners. Consulting does not include performing VMS data entry.
      • Assist partners in entry and validating VMS
        • Our partners have the responsibility to perform VMS functions
          • System/Enclave creation
          • VMS Reports
          • Plan of Action and Milestones (POA&M) entry
          • Designated Approving Authority (DAA) Risk Acceptance (DRA) entry
          • Update findings to proper status (Fixed, Open, Not a Finding, etc.)
          • Etc.
        • DISA will provide instruction in the use of VMS
          • System/Enclave creation
          • How to run VMS reports
          • How to input POA&Ms and DRAs
          • How to update findings
          • Etc.
    • Answer questions about how to handle STIG findings with respect to database requirements
      • This is defined as interpreting database STIG requirements
      • If DISA is unable to interpret STIG requirements, DISA will provide our partners with FSO Support information.
    • Provide United States Cyber Command (USCC) Communications Tasking Order (CTO) mandated vulnerability scan results to partners for resolution

Note : If DISA is serving as the partner’s database administrators, there is no security surcharge as it is included in the DBA rate.

  • 24 x 7 SA The standard Linux on System z CPU rate provides for on-site SA for five 8-hour shifts weekly (e.g., Monday through Friday from 0800 to 1600). It also includes a 2-hour response to emergencies on nights and weekends and on-site support for the monthly scheduled maintenance window. For those workloads requiring 24x7 on-site SA, however, we offer a separate rate to cover the 16 non-prime shifts. This provides for immediate response to an emergency 24 hours a day, 7 days a week.

  • 24 X 7 DBA: The standard DBA rate provides for on-site DBA for five 8-hour shifts weekly (e.g., Monday through Friday from 0800 to 1600). It also includes a 2-hour response to emergencies on nights and weekends and on-site support for the monthly scheduled maintenance window. For those workloads requiring 24x7 on-site DBA, we offer a separate rate to cover the 16 non-prime shifts. This provides for immediate response to an emergency 24 hours a day, 7 days a week.

  • 24 x 7 Application Support: The standard Application Support rate provides for on-site application support for five 8-hour shifts weekly (e.g., Monday through Friday from 0800 to 1600). It also includes a 2-hour response to emergencies on nights and weekends and on-site support for the monthly scheduled maintenance window. For those workloads requiring 24x7 on-site application support, we offer a separate rate to cover the 16 non-prime shifts. This provides for immediate response to an emergency 24 hours a day, 7 days a week.

  • Local Operational Recovery: In the event of a server failure at the primary processing site, the relevant maintenance program in effect will be the default vehicle for returning the server to production status. If our partners require a greater degree of protection, they may place additional equipment at the production site and have that equipment pre-configured and available to serve as a local fail-over environment.

ADDITIONAL INFORMATION

DISA has standard performance level data available for our partners to view. Additional data can also be provided as requested. All performance data to be provided will be documented in the SLA which will be executed when the service is ordered.