Transcript Document

10th Natural Conference
October 29, 2001
High Performance
Web-enablement of
ADABAS/Natural
using
ShadowDirect
and
ShadowWeb Server
by Rex Bowe
1
SHADOW
® Natural Conference Agenda
 Who is NEON?
 Shadow Architecture
Shadow Direct
• NEON Client
• Transaction Level Security
ADABAS Interface
Natural Interface
Data Mapping Facility
Monitoring, Diagnostics, & Controls
• Shadow Event Facility
Shadow Web Server for OS/390
 Live Demo
2
SHADOW
® Who is NEON?
NEON Systems
Corporate Information






Founded in 1991
Rapid Market Acceptance
Profitable in Four Years
No debt
Acquisition Growth Model
NASDAQ (NESY)
30
25
20
15
Revenue
10
5
0
FY1996
FY1998
FY2000
3
SHADOW
® NEON History
 History of Shadow
 Peter Schaffer @ Texaco in 1990 – Power Builder Environment
 Developed from 1991 - 1994
 First customer in 1995 (BASF)
 Formation of NEON Systems
 Shadow Today
 Active Development - V 4.8 Shipping End of Month
 ALL Industry Acceptance
 Current Clients No 1 Priority
 Customer References
4
More than 400 customers (over 40% of the Fortune 100)
and most are Global 2000, spanning most industries
5
Global 2000 Customer Base
6
Wells Fargo Bank
BUSINESS GOAL
NEON Systems’ SOLUTION
 To Web-enable and optimize its
customer support initiatives.
 Shadow Direct and Shadow Web Server
were implemented eliminating problems
associated with gateways and increasing
customer support capabilities.
COMPETITION
 None
SELECTION CRITERIA
 Required a CICS transaction
server.
 Monitoring, control, and
diagnostic capabilities.
 Fault tolerance
7
Merrill Lynch
BUSINESS GOAL
NEON Systems’ SOLUTION
 As one of the world’s largest
client/server to mainframe
production environments, Merrill
Lynch required a safe, simple
solution to provide mainframe
data access to its users.
 Current transaction volumes
facilitated through Shadow
Direct has topped 800,000 per
day and is steadily growing
30%-40% per year.
COMPETITION
 An in-house application
 IBM’s DB2 Connect
 MDI Gateway
SELECTION CRITERIA
 Shadow Direct was chosen for
its simple architecture, large
application scalability, ease of
implementation, low overall
cost, speedy problem
identification and resolution,
and IT-friendly nature.
8
GMAC Insurance
BUSINESS GOAL
NEON Systems’ SOLUTION
 To build Web-enabled access to
many years of GMAC ADABAS
legacy mainframe data for an
easy-to-use, self-service
customer website.
 GMAC employed Shadow Direct
and JDBC driver for data access
and legacy application renewal
for is customer-focused Web
service.
COMPETITION
 EDA SQL
 IBM DB2 Connect
 EntireX
SELECTION CRITERIA
 NEON provided access to
ADABAS, DB2, and Cobol RPC’s,
and Read Write functionality
without a required gateway and
custom coding.
9
Boeing
BUSINESS GOAL
NEON Systems’ SOLUTION
 To rapidly Web-enable legacy
programs (such as the Employee
Timekeeping System) with a
secure, scalable, and reliable
solution.
 Example: Employee Timekeeping
System generates 1.5 million hits
per day.
 Shadow Web Server accessing
IMS/TM, DB2, and CICS
COMPETITION
 IBM's ICSS
SELECTION CRITERIA
 Scalability, security, and time
required for deployment.
10
SHADOW
®
Shadow Architecture
11
SHADOW ® Unique Architecture
Web, Application or Integration Server
Packaged application: ERP, CRM, BI, Portal
Running on NT or Unix
OS/390
NEON
Client
Client App
Windows, NT,
Unix, OS/2, Mac
TCPIP
Shadow Server
DB2
SNA
Thread Management
CICS
RACF
TCB
TCB
TCB
TCB
TCB
VSAM
IMS/TM
NEON
Client
Web Browser
Internet Explorer,
Netscape
TCB
ACF2
No gateway
required
direct access
to OS/390
Top
Secret
RRS
WLM
RPC
RSP
IMS/DB
Monitoring/Diagnostics
Auto Management
Data Mapping
ADABAS
Natural
Flat
Files
12
® Architecture
SHADOW
Shadow
NO gateways required
Many Optimized Connection Modes
SSL Encryption
Load Balancing, Work Load Manager support
Real-time end-to-end diagnostics, Event Facility, Activity Monitor
Access OS/390 data, applications & transactions
Data Mapping Facility for non-relational data
Transaction Level Security
As scalable as S390
13
SHADOW
® Why is it scalable and reliable?
 Runs as own MVS based address space (No USS required)
 TCB Architecture (Isolation, scale, monitoring, control)
 Run up to 36 address spaces (one address space supports
300-800 connections depending on data sources)
 Load balancing among address spaces
 Work Load Manager (WLM) Support
 DB2 Thread Reuse (Virtual Connection Facility)
 Supports ODBC and JDBC connection pooling
 Boeing driving 2-3 million IMS Transactions in SWS
during a 2 hour window
14
SHADOW ® How secure is it?

Enforces native OS/390 security via Security Access Facility (SAF),
provides tight integration with RACF, ACF2, TopSecret

Enforces subsystem security
• DB2
• IMS
• CICS
• Natural

Encryption of data stream with SSL
• Software
• Hardware (GSK encryption chip, 10 times faster)

Complete accountability
• Detail mainframe logging
• Cuts SMF records for connection and query
• Extended proxy user logging

Has not been hacked
• Security through obscurity
15
SHADOW
®
ShadowDirect
16
SHADOW DirectTM NEON Client
 High performance, multi-threaded, thread-safe,
scalable driver
 Single .dll approx. 2-3 meg (small footprint)
 Supports Unix, NT, Windows, OS/2, Mac platforms
 Supports ubiquitous database APIs
• ODBC
• JDBC J2EE Driver
• JCA
 Client-side optimizations, limits, debugging
 Connection Pooling
 NEON data stream
• Data compression – up to 90%
17
SHADOW DirectTM provides access to OS/390
for these solutions and products…
 Client/Server: VisualBasic, PowerBuilder, Delphi,
Microsoft Office, C/C++...
 Web Servers: IIS, Apache, Cold Fusion, ...
 Application Servers: WebSphere, WebLogic,
SilverStream, iPlanet, WebGain ...
 Integration Servers: CrossWorlds, Vitria …
 Business Intelligence: Brio, Cognos …
 CRM and ERP: Siebel, Peoplesoft, …
 Portals: Epicentric, Plumtree …
18
SHADOW DirectTM Transaction Level Security
 Feature for Shadow Direct in a 3-tier web
 When proxy Logon IDs are used by servers to access
OS/390 data, applications and transactions
 Shadow allows for detailed information about a user
to be cut with SMF records for the proxy Logon ID
 Provides traceability, chargeback to users, who would
otherwise be masked by proxy Logon ID
 Only way to properly handled infinite number of
Internet users in conjunction with RACF, ACF2 or Top
Secret
19
SHADOW DirectTM for ADABAS & Natural
OS/390 - MVS Host
Shadow Direct
TCB
TCB
ODBC/
JDBC
TCB
T
C
P
/
I
P
TCP/IP
Listner
ADAREP FDT/
ADACMP
Data Mapping
Facility
SQL -> Direct Call
Result set
ADABAS
CICS/Batch
Diagnostic
Facility
Event
Facility
SAF
RACF
ACF2
TOP S
WLM
A
C
I
Natural-trans
Natural-trans
Natural-trans
CALL
SHADOW_ACI
20
SHADOW
®
Interface for ADABAS
21
SHADOW ® Interface for ADABAS
 SQL syntax and native database syntax
• Supports ADABAS end transaction (ET) and
Backout transaction (BT) commands
 ADABAS File Level Security
 Multi-file Joins in ADABAS
• Up to 5 files
 Supports Native ADABAS Constructs and
Operations:
• Multi-Value fields (MU), Periodic Group (PE)
• Cursor Processing
• Multi-descriptor Processing
22
SHADOW ® Interface for ADABAS
Access
ADABAS
Meta Data
from a
distributed
tool.
23
SHADOW
®
Interface for Natural/ACI
24
SHADOW

® Shadow ACI’s benefits
Simple Implementation
CALL SHADOW_ACI(‘SEND’,’NATSRV1,NATPDA1’,1009,’1’,…)

Input/Output data checking & transformation using mapping

Return multiple column, multiple records

CICS connection fail over

CICS load balancing

Resource protection.
Natural Storage leak protection by limiting the amount times the
server is accessed before it is restarted.
Shadow Server automatically start and kill servers according to
demand.
Allowing less frequently used servers to “Die” free’s up storage for
more often used servers, utilizing the available resources more
wisely
25
SHADOW SHADOW_ACI() SQL CALL
CALL SHADOW_ACI(‘FUNC’,‘SERVER,MAPIN,MAPOUT’,‘DATA’,…)
Parameter Description
‘FUNC’ Function for Call, ex. ‘SEND’, ‘SOC’, ‘EOC’.
‘SERVER’ Name of defined Natural “server” process.
‘MAPIN’ Name of Map definition taken from data area
definition, to provide data-type checking
‘MAPOUT’ Name of Map definition taken from data area
definition, to provide result set of Natural data
area
SQL example:
CALL SHADOW_ACI('SEND','EXAMPLE1,PARMMAP1',3009,'1')
26
SHADOW DirectTM
Interface for CICS/ACI
OS/390
RACF ACF2 TOP SECRET
CICS/TS
REGION
Shadow Server
EXCI
XS01
SHADOW_ACI
XS02
DEFINE DATA LOCAL
DFH$AXCS
1 SENDAREA
(A250)
1 RECEIVEAREA (A250)
XS03
XS04
XS05
DATA
MAPPING
FACILITY
Monitoring/Diagnostics
CALL ‘BROKER’ RECEIVEAREA
FIND EMPLOYEE WITH
NAME EQ NAME-IN
MOVE DATA TO SENDAREA
CALL ‘BROKER’ SENDAREA
ADABAS
Automated Management
27
SHADOW ® Interface for Natural/CICS
Fail Over
Support
OS/390
RACF ACF2 TOP SECRET
Shadow Server
CICS/TS
REGION-A
SHADOW_ACI
CICS/TS
REGION-B
Monitoring/Diagnostics
Automated Management
28
SHADOW
® Natural Server Management
View
Map
Details
29
SHADOW
®
Data Mapping Facility
Powers Shadow in providing metadata and relational
resultsets for non-relational data, applications and transactions
30
SHADOW ® Data Mapping Facility
Meta Data repository for non-relational data
CICS COMMAREA, IMS MFS, VSAM Copybook, ADAREP, ADAWAN or Natural
data area
01 DFHCOMMAREA
03 INPUT-ID
03 CUSTOMER-NAME
03 ADDRESS-DETAILS
04 ADDRESS-NUMBER
04 ADDRESS-STREET
04 ADDRESS-CITY
04 ADDRESS-STATE
MAP NAME : CUSTINFO
INPUT-ID
CUSTOME
R-NAME
ADDRESSNUMBER
ADDRESSSTREET
ADDRESSCITY
ADDRESSSTATE
31
SHADOW
® Natural Data Map Creation
Extract
Meta Data
From
Source
code
32
SHADOW ® Data Mapping Facility
Source
code,
Copybook,
COMMAREA,
MFS,
Natural
Data Area
33
SHADOW ® Data Mapping Facility
View
Map
Details
34
SHADOW
®
Monitoring and
Diagnostics
A centralized detailed tracing facility,
monitoring real-time usage.
35
SHADOW TM Monitoring and Diagnostics
 Trace ADABAS queries
SQL -> ADABAS Direct Calls
Display of ADABAS Control Block
 Trace Natural servers
Natural Server activity
Display input and output data buffers
 Record error messages
 ISPF panel and web monitoring interfaces
36
SHADOW
®
Diagnostic Facility
Monitoring Users
37
SHADOW
®
Diagnostic Facility
Trace Browse
38
SHADOW ® Event Facility
Wide range of detectable
Shadow events
• Resource management events
• Security events
• SQL, DL/1, RPC, CICS, IMS
• Communication events
Wide range of actions available
• Terminate connection and
thread
• Adjust performance profiles
• Modify queries
• Adjust authorization details
• Limit rows and CPU Time
Maximum Rows
 Limit resultset size
Maximum DB2 Timerons
• Prevents expensive
queries from starting
Maximum CPU Usage
• Per Session
• Per Query
DB2 Lock Utilization Limits
• Fail & Warning for:
– Shared
– Update
– Exclusive
39
SHADOW ® Event Facility
 What are customers doing with SEF?
• Limit the number of connections that a user can have
• Restrict access to only certain DB2s from certain Shadows
• Obtaining ACF2 Logon information from a user’s ACEE and
returning it to the client application.
• Granting users additional CPUTIME and unlimited FAILWAITIME
based on userid.
• Restricting logons during certain parts of the day
• Overriding client connection parameters - like MAXROWS.
• Quiescing the server rather than shutting down nightly when
running database backups
• Modifying or rejection queries before they execute (check for
WHERE clause)
• Prevent expensive queries from running
17
40
SHADOW
®
ShadowWeb Server
visit http://mkt.neonsys.com
41
SHADOW Web ServerTM 2-tier Shadow Web
MVS-OS/390
Shadow Web Server
Intranet/
Internet
Web Client
RACF
ACF2
Top Secret
HTTP
DB2
CICS,
Natural
TCP/IP
IMS
Windows,
NT, OS/2,
UNIX
WWW
Rules
ADABAS
SDF
(ISPF)
Trace
Browse
VSAM,
IDMS,
others
42
SHADOW Web ServerTM Why consider it?
 It works on OS/390!
 Leverage existing OS/390 skills & assets
 Secure, scalable, and reliable
 Turn-key and rapid development features
 Supports proprietary development approaches (secure)
 Adaptable to emerging http technologies
 Cost effective
 No additional hardware required
 Rapid installation and development
 Minimal support staff
43
SHADOW
®
Top Ten Benefits
1. Reduce Costs:
from the home office in Sugar Land, Texas
Reduce total cost of ownership (TCO) and manpower to
maintain due to “no gateway” architecture
2. Leverage Investments: OS/390 hardware, software and skills
3. Integration Standards: ODBC, JDBC, XML, HTML
4. Quality of Service (QoS): High performance, reliable, scalable and
secure architecture requiring no gateways
5. Reduce Network Load:
Optimizations to reduce bandwidth
requirements and network round trips
6. Security:
Support RACF, ACF2, TopSecret via SAF; cuts SMF records;
Encryption with SSL, TLS, support subsystem security, KILL command
7. Transparent access OS/390 Data and Transactions:
One
product to access DB2, IMS, ADABAS, VSAM, CICS/TS, Natural, more . . .
8. SYSPROG and DBA Control:
Automated management to control
utilization by distributed applications
9. Visibility: Extraordinary real-time end-to-end monitoring and diagnostics
10. References: Many high volume, high performance, HAPPY customers
44
NEON, Shadow, ShadowDirect, and Enterprise Direct are registered
trademarks, and Shadow Activity Monitor, Shadow Advanced Scalability,
Shadow AutoHTML, Shadow Enterprise Transactions, Shadow Event
Facility, Shadow Interface, Shadow REXX/Tools, Shadow TLS, Shadow Web
Interface, Shadow Web Server for OS/390, and Shadow Web Server for VM
are trademarks of NEON Systems, Inc.
ADABAS and Natural are registered trademarks of Software AG.
DB2, CICS, MQSeries, and OS/390 are registered trademarks, and MVS and
IMS are trademarks of the IBM Corporation.
All other trademarks are the property of their respective owners.
45
SHADOW
®
Shadow
LIVE DEMO!
46