System iNetwork

August 2008

August 29, 2008 10:56 AM

Could Sun Go On the Market?

Not too long ago I wrote a blog about Sun's acquisition of MySQL and how that could affect users of the System i. I chatted with Eileen Burgess regarding the acquistion (to read this interview click here), and it seemed that the System i had nothing to worry about.

Recently, though, I came across a new article regarding Sun's current status, and it isn't looking so good. People are speculating that Sun could soon start selling pieces of the company to stay afloat, or even go completely on the market. Given, these are just speculations at the moment...but if this were to happen, what then would be the effect of Sun's original acquistion of MySQL? Would the System i benefit further from the buyout of one of IBM's greatest competitors? Would System i users suffer? Or would nothing change at all?

--Cassandra Deemer, editorial assistant

Posted by cdeemer on August 29, 2008 at 10:56 AM | Comments (0)

August 27, 2008 4:31 PM

Application Lifecycle Management Wants You

Fans of application lifecycle management swear that it reinvigorates productivity, boosts quality, crosses boundaries by way of collaboration and smooth information flow, speeds development through simplified integration, reduces maintenance time by synchronizing application and design, improves flexibility by dropping the time it takes to build and adapt applications that support new business initiatives, and magnifies investments in skills, processes, and technologies. Check out the latest buzz in the upcoming Demo Booth "Automate, Improve, Comply--Application Lifecycle Management with MKS Integrity for IBM i." You'll learn how to bring visibility and traceability to your development with flexible processes and workflows, giving you seamless change control across the application lifecycle.

Posted by vhamende on August 27, 2008 at 4:31 PM | Comments (0)

Spreadsheets: Can't Live Without 'em

Companies have been using spreadsheets for hundreds of years to see the big picture through a jumble of cells, grids, rows, columns, alphanumeric text, numeric values, and formulas. There's a method to the madness, though, particularly as technology speeds and streamlines the creative processes involved. Don't take your spreadsheets for granted, Check out the September 25, 2008, webcast "Unlocking the Value of Spreadsheets in Your Business Processes." It surveys common spreadsheet automation use cases, examines implementation options, and shows how non-programmatic spreadsheet automation can achieve results faster and at lower cost using existing staff members and their skills.

Posted by vhamende on August 27, 2008 at 4:13 PM | Comments (0)

Dashing Dashboards Deliver Smart BI

Designing the perfect business dashboard calls for juggling graphical displays with application databases, data warehousing, and data mining technology. Mel Beckman provides a recipe for success in his article "Deliver Business Dashboards." To learn more about navigating the i with your dashboard, check out the upcoming October 14, 2008, Demo Booth "Exploring System i Data with Dashboards." It focuses on how to make dashboards that align with your unique enterprise and that provide launching pads for customized, graphical business analysis.

Posted by vhamende on August 27, 2008 at 1:46 PM | Comments (0)

Getting a Grip on App Modernization

Application modernization is no simple undertaking, and knowing where to start is half the battle. To help ease this endeavor, I've put together a collection of recent articles that discuss what you need to consider before tackling a project and the myriad ways to get the job done.

A Fresh Look at Application Modernization
The System i community has been arguing about just what application modernization means for at least a decade, and most System i shops have made limited progress toward achieving it. In this article, Sharon Hoffman and Carson Soule help break the stalemate.

Beyond RPG: A Java Guy's Perspective
Dan Darnell, a Java enthusiast, offers specific examples on why Java is the solution to many old and future IT problems. He also shares some pros and cons of EGL, which can be useful in the modernization process. However, even with the use of EGL, Java knowledge is imperative.

Beyond RPG with .NET
Before starting down an arduous modernization path, seriously consider whether a web interface is the best fit. For some requirements, users might be better served by small desktop tools or plug-ins to existing programs that they work with. In many environments, those programs are Microsoft Excel and Word. To get the most leverage out of the Microsoft tools, you should work with the .NET framework. Craig Pelkie explains how.

Approaches to Application Modernization
Application modernization can be scary but is a necessary step for any business. Don Denoncourt offers tips on modernizing and goes through the steps to get your business on the track to success.

Go Beyond RPG -- with Modern RPG
The value of a business-oriented application comes not from the language it's written in but from the business objectives that it lets its users achieve. Scott Klement demonstrates how you can write modular, cohesive, well-encapsulated code in today's RPG.

Application Modernization: How to Balance Business and IT Needs
For a successful application modernization project, business and IT managers need to band together as they make the move from legacy to cutting edge. As Carsten Flensburg discusses, the right strategy can ensure gain rather than pain for both sides.

Start Off Right with Browser-based Interfaces
If you've been reading System iNEWS for a while, you know that many different solutions are available to modernize System i applications, and even more solutions are specifically built to implement browser-based interfaces for System i applications. However, figuring out how to get started with these solutions can be a challenge. To help on that front, Sharon Hoffman offers suggestions to get your project on the right path.
http://systeminetwork.com/article/start-right-browser-based-interfaces

Considerations for a Successful ILE Implementation
An ILE implementation is less scary than you might think. Here, Paul Tuohy shows that all you need is a carefully thought out plan and these guidelines to lead you to success.

Externalize Database Processing
Paul Tuohy shows how to externalize your database to make it accessible to different client platforms, improve performance, and ease maintenance, all while retaining integrity.

iSeries Application Modularization Options
Modular code is generally easier to maintain and modify, but several factors--such as complexity, code reuse, and performance--can influence your modular designs. Sharon Hoffman explores RPG and SQL modularization techniques to help you choose the best solution for your situation.

Mastering Modules, Part 1
Knowing what procedures are and how and when to use them is key to implementing a modular programming approach in RPG IV. Bryan Meyers shows you how to build modular programs using procedures.

Mastering Modules, Part 2
Organizing modules and service programs containing code for reuse, and converting copy members and subroutines to procedures can help you create effective module applications. Bryan Meyers walks you through the steps to accomplish these tasks.

If you'd like to learn more about one vendor's modernization solution, check out the upcoming Demo Booth:

Discover the Hidden Value In Your Legacy System i Applications
Oct 20, 2008 - 12:00pm
Learn how RAMP from LANSA can take any 5250 application, break it down, and reassemble it into a new application, without changing a single line of code.

--Cindy Bushong, RPG editor

Posted by cbushong on August 27, 2008 at 12:06 PM | Comments (0)

Who Says Green Screens and iPhones Don't Go Together?

I want to give a shout out to MochaSoft for delivering one of the first iPhone applications to the Apple iPhone App Store. The apps are TN5250 ($29.99) and TN5250 Lite (free). They support all standard 5250 emulation features, SSL, zoom and scroll (just like the Safari iPhone browser), auto login, macros, and a handful of other features. So far 11 people have reviewed it on the Apple App Store, which is part of iTunes for those not in the know, and the reviews have been predominantly positive.

In addition to Vicki Hamende's coverage of looksoftware's snap solutions for mobile front ends, are there any other iPhone and System i apps out and about or on the way?

Eventually -- and by eventually I mean sometime in 2008 -- IBM will deliver Lotus iNotes on the iPhone. IBM has a promo web site for iNotes, including screenshots . . . but only a little concrete detail.

I have an iPhone . . . and I actually used it while traveling to send out NEWS Daily -- but just once. It was kind of a painful process on a tiny screen. Anyone out there using iPhones with System i-related applications yet?

--Chris Maxcer, news editor

Posted by cmaxcer on August 27, 2008 at 1:52 AM | Comments (4)

August 26, 2008 12:57 PM

The Magic Fit: Not Too Fat, Not Too Thin

Seeing is believing when it comes to application development and deployment. Glenn Johnson says it, sees it, and believes it. As senior vice president at Magic Software Enterprises, he believes in delivering applications seamlessly over the Internet. He sees it happening in a unique single development paradigm that removes the need to manage multiple programming languages and create separate client and server standards. This leaves folks free to focus on writing powerful application business logic. To i types, this means the power to choose how to deploy apps—whether full client or web, on-premise or on-demand, software or Software-as-a-Service (SaaS), or global or local.

Johnson describes Magic Software's new uniPaaS, the next generation of its eDeveloper tool, as unique in that logic execution can come either on the client side or the user side. "Usually when you develop a rich Internet application, you have to use Java on the server side and then something like Ajax on the other side. You're using two different languages to create one business application," he says. "With uniPaaS, System i customers with native green screen user interfaces can develop applications to access over the Internet with a full rich application mode."

If clients lose communication when they're trying to deploy applications over the Internet, uniPaaS comes to the rescue by maintaining the state of the application, Johnson notes. "Certain functions can continue on the client side even when communication has been broken with the server. The whole application platform is more robust than those approaches that require constant service of the client from the server."

As Magic Software Enterprises notes in its description of uniPaaS, "Where the 'Fat Client' would expand the total cost of ownership, and a 'Thin Client' would lack the required functionality and computation capacity, uniPaas's new 'Fit Client' combines the computation power of the fat client and affordability of the thin client to give the perfect fit for all business web application needs."

Johnson adds that the tool is unique because it utilizes and accesses all IBM i server side resources and capabilities that people don’t find on other platforms. "It's very much a System i-aware application, using the logic of RPG."

Vicki Hamende, application development and database editor

Posted by vhamende on August 26, 2008 at 12:57 PM | Comments (1)

August 25, 2008 3:02 PM

Make Yourself Highly Available...

Still not sure if your systems are truly available? If you wouldn't bet your salary on it, then it's time to start looking for a new solution. Here are a couple of my favorite articles that can help you make up your mind:

The Essential Guide to Supporting a High Availability Environment
Chris Hird explains the basic homework you need to do on an HA solution before you take the plunge.

No, Not High Availability: I Said Disaster Recovery!
So what's the real difference between DR and HA anyway? While a full high availability solution brings with it substantive disaster recovery characteristics, they are not one and the same. Here’s an informative article from Jill Aitoro with some handy advice from our beloved Al Barsa. Gone but not forgotten!

Defeating Disaster: From High Availability to Business Continuity
To mitigate disaster risks, businesses must craft multilayered plans for high availability, continuous operations, recovery and continuity. Such plans should represent a continuum of protection against a variety of hazards that vary from internal technical problems to external events and global disturbances. They should speak to the concerns of everyone from the CIO to the CEO. Here, Carson Soule shows you how to start making those plans.

And if you'd like to learn even more about High Availability, check out these upcoming demo booths:
The 5 minute role swap: Demystifying the high availability role swap
Sep .15, 2008 - 12:00pm
Watch this live role swap and see firsthand what takes place to ensure that the data, application, and programs are exactly as they should be when the roll over is complete.

RSF-HA: High Availability that’s Highly Effective and Highly Economical
Sep. 22, 2008 - 12:00pm
Learn how Bug Busters' RSF-HA can protect your company's data and help keep your business running, despite the unexpected.

--Erin Bradford, systems management & availability editor

Posted by ebradford on August 25, 2008 at 3:02 PM | Comments (0)

Backup Refreshers...

If any of you are still contemplating the best way to back up your systems, well, shame on you! You should have that done already! But, I'll give you the benefit of the doubt and assume that you're just wanting to switch to a new backup and recovery plan. Ok, good work on trying to stay up-to-date on the latest offerings!

But before you jump in to the confusing and complicated world of options, check out a few of my favorite articles on the subject:

The Essential Guide to Backup and Recovery

This absolute no-miss guide by Richard Dolewski will help you determine the metrics behind your perfect DR plan, including when backups are executed, the complete contents of your backup, the frequency of your backups, your vaulting procedures, and your restore process.

Is Your Organization at Risk?
Scott Steinacher describes situations that can pose risks to disaster recovery at System i shops. Whether obvious or obscure, each has the potential to lead even the best-laid DR plan awry.

Backup Horror Stories
Every day, somebody somewhere encounters a career-threatening backup disaster. Read these horror stories, compiled by Mel Beckman (security whiz) and learn from them. The job that you save might be your own...

The Serious Business of Business Resiliency
Dan Riehl, our SysMan expert, provides a short laundry list of some of the shortcomings he has found when visiting System i sites in the US and around the world.

Are You Prepared for a Disaster Recovery?
Brian Bohner, a support center rep who specializes in disaster recoveries, asked for input from other experts and included some of their responses to give you the general knowledge you need to stand back up quickly after a disaster.

And if you'd like to learn even more about a specific solution, check out this Demo Booth:
Bullet proof Backup - Is your current backup solution putting you at risk?
Sep 29, 2008 at12:00pm
In it, you'll learn how LXI's MMS, with its intelligent backup, allows companies to implement a reliable backup strategy that protects backup media from accidental re-use and ensures that archive requirements are enforced.

--Erin Bradford, systems management & availability editor

Posted by ebradford on August 25, 2008 at 2:33 PM | Comments (0)

August 21, 2008 2:52 PM

“WOW”ed by Webinar for New MarkMagic On Demand

I just got out of a web presentation from CYBRA on its new add-on to its System i-based printing solution, MarkMagic. This new functionality lets users create web-based portals where their customers can securely sign in and find all the information they need. This helps cut down on time-consuming tasks, such as physically sending out statements, invoices, purchase orders, or other forms to the customer. Instead, MarkMagic On Demand creates a self-service web tool that lets customers retrieve the forms they need when they need them.

But how does it work? Well, to create this new solution, MarkMagic teamed up with PlanetJ and its Web Object Wizard (WOW). MarkMagic On Demand is built on top of WOW and uses it to eliminate any necessary coding that would normally go into creating a web application. With WOW, a company can create a web application in minutes, with absolutely no worry about having to code anything. During the webinar, I learned that Wells Fargo was said to be able to complete “an iSeries application in 8 minutes.” Not bad. Not bad. What’s more, it can run on any system and access data on any database. For instance, you could run it on a Windows and still get data from the DB2.

When a customer logs into this web portal built with MarkMagic On Demand, he or she can search and display, print, or email any forms created in MarkMagic. When a user clicks on a statement, for example, the information is pulled from the specified database and then is dynamically merged into the MarkMagic pre-set format, creating a PDF live on the web.

So, if you are interested in cutting down on the time spent delivering forms to your customers, you may want to check out this new offering. It will be available sometime in September.

Cassandra Deemer, editorial assistant

Posted by cdeemer on August 21, 2008 at 2:52 PM | Comments (0)

August 18, 2008 5:10 PM

True Security Requires Philosophical Shift

Today's security is not your father's security. For a company to be thoroughly secure, a paradigm change from "IT and software create the solution" to "business needs define and shape the solution" is essential, according to Group8 Security, Inc. To explore this philosophical shift and get some tips for you on how to accomplish it within your organization, I spoke with Pat Botz, Group8's vice president of security consulting and formerly IBM's lead security architect for the System i platform and i5/OS.

What is your biggest challenge when it comes to helping customers understand the importance of security?

Botz: The biggest challenge tends to be helping the technical folks understand the difference between applying technology to enforce behavior versus defining the behavior that needs to be enforced. The biggest mistake I see most customers making is with the IT department thinking they're responsible for defining the business behaviors.

That whole philosophy is what Group8 Security is based on: To improve security, we all need to take security out of the "it's a technical problem" realm and take it into the "it's a business problem" realm.

Do you get resistance?

Botz: It depends on the audience I'm talking to. If I'm talking to the more technical leadership, I tend to get resistance. If I'm talking to the higher-level management, either in IT or at the CIO level, there is less resistance. I have a presentation that I give, Demystifying Security, that goes over all this with both audiences. I have been told by at least one CIO after this presentation that I was the first person that he ever talked to about security that actually said anything he could understand. The point is that Demystifying Security isn't a technical presentation. The definition of security is specific to each organization, and unless an organization actually defines what security means, there's no way anybody can measure whether they've achieved the objective of "securing" their business assets.

With the technical people, when I talk to them about this philosophical shift, most of the time their reaction is, "That's fine and good, but our business guys won't get involved." My response is that it's a communication problem. The way to overcome that is not to have the tech guys speak in tech lingo but rather have them speak in business lingo. I always encourage technical people to never use words like "database" or "entries" or "objects." I encourage them to speak only in terms of business assets. So whatever application you're using for the finance department, you should speak in terms of that application and the business function it performs.

I believe one of the reasons that business has abdicated its rightful role in all this is because the terminology that's been used has always been extremely technical. Here's an analogy I like to use:

Before computers, how was information stored and managed? It was on paper, and that paper was stored in filing cabinets. When the information was in filing cabinets, which department was responsible for the filing cabinets, to make sure they opened, they didn't squeak, and the locks worked? The facilities department. But which department was responsible for determining which employees had keys to those cabinets? The managers of the departments that owned or managed the various data. When we moved to computers, somehow we decided it was the IT department that should be responsible for figuring out who gets the keys to the data. And that's always been wrong. Because of the way computers came in to business and the way the industry grew, organizations lost sight of the fact that IT facilitates the management of information; it doesn't own the information.

Do you feel like you're making progress in helping companies shift their philosophy about security?

Botz: Yes, not every client, but I think in general we have made progress, because every client I work with, the first thing I do is help them define what the business requirements and business assets are, which typically coincide with the applications they have. Then I help them define the various employee roles that interact with those business assets, and next I help them define the limits of those interactions. Once these are defined, it's typically easy to show them how to most cost effectively manage access to their assets in a way that enforces those business rules.

Does Group8 have any security software products?

Botz: We do not sell software, but we do develop software, and typically we'll retain the rights to that software so that we can use it with all our customers. There are a couple of ideas behind that. (1) We don't intend to build monolithic solutions. In fact, I believe that there are enough monolithic solutions out there, and there's a problem with them, in that many are sold under the claim that "you need only one tool for security, and ours is that tool." The reality is that most of those products are good and perform a useful and vital function, but they're not the total solution. (2) The software we build--I call it utility software--is the stuff that ties existing functions--be they operating system, third-party solutions, or home grown--together in a way that helps these monolithic solutions integrate more effectively or cost efficiently with the customer's environments. Often we'll pull together disparate functions that on the surface may not seem to be security centric but that when you pull them together provide a very useful security function. I think that's really an important distinction: We don't sell software licenses; we provide our utilities as part of our consulting engagements, and mostly with the source code. They are utilities with very specific functions and are not full-blown apps, so the support isn't nearly as critical as it would be for a very large, general-purpose app.

We have been building and will continue to build up a whole set of these utilities for our customers, and the customers can use the ones that make sense for them. They're not betting the farm on our software at all.

What kind of software utilities have you been building?

Botz: One of the recent ones that I find really interesting was for a customer who had a lot of image data stored in the IFS, and that data contained credit card numbers. The customer was using IBM's Content Manager to manage that information and wanted to be able to encrypt/decrypt that information in the IFS without having to change Content Manager and without having to change apps--and do it in a way that didn't require a bunch of front-end or backend processing on the data. We designed and implemented a mechanism that did that transparently with tie-ins through IFS exit points. Now at the OS level, we transparently encrypt image data being stored in specific directories and only if being stored by the Content Manager application. On the other end, we will decrypt that data transparently, only if it is being read by Content Manager. Content Manager makes all access control decisions as it normally does. And that's done through just a couple of rather small programs. We provided a way for data stored in specific IFS directories to be encrypted/decrypted transparently without changing any applications.

Another utility we built in effect securely propagates adopted authority from one job, submitting another job, to the submitted job. This functionality makes it much easier and cheaper to build role-based accessed control models by using adopted authority. The utility actually adds the adopted authority back at the time the submitted job is executed, but the effect is the ability to propagate adopted authority to submitted jobs.

We have several other utilities related to password elimination and single sign-on also.

What do security software vendors think of Group8?

Botz: We don't sell software, and we wouldn't sell software that competes with existing vendor solutions. Our goal is always to help customers use whatever tools or solutions they have as effectively and efficiently as possible, or to select solutions that best fit their needs, in order to help them accomplish their security needs. In a competitive environment, third-party solutions get sold as, "Our solution is the best one out there." But sales folks often take this further to imply that you cannot be secure without their software. The claim that software alone makes you either secure or not secure is invalid. The only reason to buy or use any security software is if that software makes it cheaper for you to enforce the behaviors that you need to enforce. Software doesn't make you secure; enforcing the appropriate business behaviors makes you secure. Software's purpose is to make it cheaper and easier for you to enforce desired behaviors. If you enforce the right behaviors, you are "secure." Software merely impacts the cost of enforcing the right behaviors.

For example, theoretically, you could hire an army of people to check every TCP/IP packet that comes in on your network. But that's not cheap. That's an example in which software, a firewall, makes it less costly for you to enforce the behaviors that you want to enforce.

In general, I think you'll find that the technical people at those vendors would agree, at least to a high extent, with what I'm saying. And I think in lots of cases the sales forces will go with the messages that they've been successful with.

Something I run into all the time is that a lot of companies in the System i space have exit-point solutions. One statement I hear is, "We bought software x because it covers more exit points than software y." That is a moot point because exit points are only one piece of your security, and if you are managing security correctly, you probably don't even need to cover all exit points. Exit point programs are just one of the tools you can use to reduce the cost of enforcing the behaviors you need to enforce. There are other ways to protect interfaces associated with exit points--for example, don't start them. The fact that one product covers more exit points than another is not really a valid point on which to make a purchase decision. The only valid consideration is, "Can we use this product to more efficiently and cost effectively enforce the behaviors we need to enforce?"

Does Group8's clientele consist only of System i customers, or is its clientele broader?

Botz: It's broader than System i. We're working with a large US retailer right now, and that project includes some System i work but also AIX and Solaris work.

What types of companies are asking for help?

Botz: What's been interesting and gratifying to me is that we've worked with all sorts of customers--for example, from a five-person IT shop to a very large 2,000-person IT shop. So we're able to help at a number of different levels. When we work with the larger customers, most often we're helping those customers determine the best way to technically enforce policy. When we work with smaller companies, often we're helping them understand exactly what their policy is or should be and helping them make business decisions about policy, not just technical decisions.

--Linda Harty, security & networking/connectivity editor

Posted by lharty on August 18, 2008 at 5:10 PM | Comments (1)

August 15, 2008 12:52 PM

ACOM Keeps the Faith on 25th Anniversary

ACOM Solutions, a developer and marketer of integrated payment and document management software solutions, is currently celebrating its 25th year in business, and business couldn’t be better.

The company began in 1983 leasing IBM midrange equipment. With the introduction of the System/38, ACOM produced a protocol converter that could convert 38 output into ASCII format, enabling users to print on the new laser printers that were just getting their kick-start at the time. Shortly thereafter, ACOM began developing and selling MICR laser printers targeted for the IBM mid-range market.

As the 80s rolled on, ACOM continued to research and develop, yielding software that could sit directly on the 38 without any conversion. In the early 90s, the company decided to move away from document output and instead focus on overlay forms, replacing impact printing with laser-compatible overlays. This gave them the edge they needed to move into payment processing, which was a slow and ridiculously labor-intensive process at the time. And now, in the 21st century, ACOM’s core solution suites, EZeDocs, EZ Content Manager and EZPayManager, enable companies to eliminate preprinted checks and business forms by using stored electronic form templates that merge with data to create complete electronic documents that can users can distribute, capture, store, and manage.

ACOM has also introduced solutions for EDI-XML that facilitate trading partner relationships, and enterprise content management, for consolidating otherwise dispersed files into a single corporate document repository from which they can be used and managed electronically and electronically generate documents and labels.

Establishing the Healthcare Business Division three years ago, ACOM created a chiropractic office software suite for electronic medical records and business management, and more recently began offering chiropractic consulting services. Earlier this year, the division also launched a comprehensive medical billing service.

ACOM currently boasts over 4000 customers in both IBM midrange and Windows environments, and according to Mark Firmin, Senior VP of Marketing, ACOM is expecting those midrange numbers to increase dramatically in the next few years. “We are very committed to our Power systems users, and in fact, we recently increased our development resources for the System i product line.”

And not by a little—ACOM has nearly doubled its System i resources in the last 14 months, a move that is mostly motivated by their loyal customer and install base. “There are definitely still opportunities to provide new solutions” to customers, says Firmin.

Of EZeDocs, Firmin assures me that ACOM continues to “see very high renewels from our customers. They are still committed to System i, and so are we.”

Here’s to another 25 years.

--Erin Bradford, systems management & availability editor

Posted by ebradford on August 15, 2008 at 12:52 PM | Comments (0)

August 12, 2008 7:57 AM

Products Speak Many Languages

If you clicked through to here from NEWS Daily looking for an encryption article, find it at "Encryption: Your Last Line of Defense."

Language, it seems, is no longer a barrier for many of the software vendors pursuing international customers.

"In a truly global marketplace, work can be done anywhere by anyone," says Bill Hunt, principal product manager for CA. "This means that there's a tremendous economic incentive to have work done by people whose first language may not be English."

CA is one of many System i companies pursuing language localization of software so that, for example, clients in Japan or France can use products written in their native tongue. "CA's commitment to localization is a reflection of our commitment to globalization," Hunt adds. "In the case of CA Plex and CA 2E, rapid application development environments that can both target IBM i, we work with several partners on product localization, language libraries, and so on, where we can deliver end applications using character sets from many languages." For CA Plex, the company offers a fully localized Japanese version in which the development interface is in Japanese. CA 2E is available in Japanese and French versions.

Both products contain numerous language libraries in which applications can be delivered to end users in languages such as Arabic, Brazilian Portuguese, Catalan, traditional and simplified Chinese, Croatian, Czech, Danish, Finnish, French, German, Greek, Icelandic, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Slovenian, Spanish, Swedish, Swiss German, and Turkish.

ADC Austin, which has a technical alliance partnership with CA, develops its own core software and works with business partners in other countries to translate documentation and assist with the localization of solutions. "We are currently working with partners Dominion in Spain and Takaya in Japan to produce localized versions of our WebClient for CA Plex Ajax code generator," reports John Rhodes, principal architect and president. "We are also exploring Arabic as a possible localization candidate," he adds.

Going global is not without its glitches. "Our products are written in Java and interface with CA 2E and Plex, all of which have inherent support for national language localization as long as certain standards are followed," Rhodes says. "The Japanese version, in particular, has been challenging to develop. There are character set issues that are exacerbated by double byte representations, and we have to deal with a version of Windows and IBM OS that appear very different to the developers. We cannot read Japanese, so we need assistance from our partner. Simply using a keyboard set up for a different national language can be a challenge."

Rhodes reports that statistics regarding demand for web development tools caught the attention of ADC Austin early on. "Although English is the top Internet language, it still has only about 30 percent of the web users. Chinese, Spanish, and Japanese round out the top four and have a high percentage of users. Collectively these countries represent as large a market as English," he explains. "Although we are not ready to tackle Chinese yet, Spanish and Japanese localization seemed like a natural next step for us, especially since we have strong partners in these countries who are enthusiastic to assist us."

Michael Swindell, vice president of products for Codegear, which was acquired by Embarcadero Technologies at the end of June, says one way to avoid the technological challenges of native language versions of software is to think about internationalization up front. He recommends building English and global versions at the same time. "We do 100 percent of the development ourselves," he reports. "When we build our English products, they are internationally enabled right away."

Codegear offers database solutions in German, Japanese, and French and is pursuing Chinese and Russian versions. "We are seeing a growth in the software industry in these emerging markets," Swindell says. "We are really helping our customers expand their businesses into these growing economies."

More than 50 percent of Codegear’s business is international, and a good part of that is due to its translated products. "We are really pushing our database tools to get them out," Swindell explains. "The localized versions are the key."

Although Coglin Mills has a Japanese translation and a partial Spanish translation of its RODIN ETL tool, Alan Jordan, vice president of business development, reports that the high cost of developing product versions in other languages makes it somewhat prohibitive.

"We have customers in many different countries, and most of them are happy to work with the English language version," Jordan says. "Ours is a developer tool, so it is used primarily by IT people who are mostly somewhat fluent in English (or at least can read it well enough), and this is in our favor. Some other products where the user is not an IT professional would have a much stronger need for a translation than we do." Conversely, he adds, it is difficult to go after some markets without a translation.

"Recently a business partner in Latin America commented that some IT people prefer to work with documentation in English because they've found in the past that the translated version is either incomplete, incorrect, out of date, or just poorly done," Jordan says. RODIN is used to build and maintain data warehouses, data marts, and operational data stores on IBM i Power Systems servers.

Apatar’s data integration tools are used in the U.S. as well as Canada, Brazil, Germany, South Africa, Russia, China, India, and other countries, and Alex Khizhnyak, chief evangelist, expects the products to be translated to the languages of these nations soon. "In most cases, our partners in other countries aim to translate the tools themselves as a volunteer job. It's okay for us, as we are an open-source project foremost."

He sees the major obstacles to rewriting solutions in international languages as the lack of necessary information about the local markets, the lack of specialists capable of translating the technical expressions and terms, and the compatibility issues arising from local encoding systems and character sets. Apatar products include the desktop tool Apatar Open Source Data Integration and Apatar On-Demand, which is a web-hosted application for data synchronization.

Richard Milone, a CNX Corporation partner, reports that his company has not developed much of its software in other languages. "Our flagship product, Valence Web Application Framework for System i, is a web development framework and is actually used by many different countries in languages all over the world. Our customers develop their own applications with the language of their choice," he explains.

"Our other product, ATOMIC, is marketed only in North America. We do have some programs that work in Spanish and French within ATOMIC, but we normally only apply these modifications at special request," Milone adds. "Interestingly, it was customers themselves who volunteered to do the translations for us, which we then applied to the programming. So we didn't need to contract with anyone; it was the customers who offered the service for free to get the benefit of using the software."

Regardless of how and when vendors cross the language barrier, the future for this kind of development is bright. As CA's Hunt points out, "Language localization of software facilitates the distribution of work wherever it makes the most business sense."

--Vicki Hamende, application development & database editor

Posted by vhamende on August 12, 2008 at 7:57 AM | Comments (0)

August 9, 2008 11:27 AM

Encryption: Your Last Line of Defense

If you clicked through to here from NEWS Daily looking for a language localization article, find it at "Products Speak Many Languages."

In the war on identity theft, encryption is an important weapon in your arsenal. I spoke with Bob Luebbe, Linoma Software's president and chief architect, recently to check in on the state of encryption and find out whether it's becoming more common in the System i world and easier to accomplish.

"We initially developed a product to help encrypt credit card numbers. Customers already had firewalls, network security, and fairly good System i security. But customers were still concerned that hackers could get access to data. So we've spent a lot of time doing encryption of all sorts of highly sensitive data. Encryption is the last line of defense, and it provides the highest protection possible," Bob says.

"But what we're seeing is that customers now are looking to encrypt other types of data besides credit card numbers. Identity theft is on the rise, and with that, we're starting to see organizations wanting to encrypt personal data such as Social Security numbers, birthdates, even names and addresses. They're concerned not only for their employees but also for their customer information."

We've all heard the stories about well-known companies losing laptops and backup tapes containing sensitive data about millions of people. But don't just take my word for it: If you haven't read "Backup Horror Stories," on System iNetwork, it's never too late to get up to speed, so go check it out after you read the rest of this blog post! Bob adds that even if the data isn't stolen, you still have a problem. "Maybe it got stuck away in a corner, or maybe someone really did steal it. The adverse effect of that is that companies have to notify all their customers. If you lose a laptop or backup tapes, and if that data is encrypted, the PCI says that you don't have to notify your customers of that breach, which maintains good relations with your customers." Bob points out that for breaches of personal information, regulation is mostly at the state level, so check your state law. In California, he says, as long as the data is encrypted, you don't have to notify the consumers.

"Encryption is really not that difficult, and our products are affordable for most companies. When you look at the costs of not encrypting," Bob stresses, "it's pretty easy to justify doing it."

When it comes to protecting their data, most companies' first instinct is to try to protect themselves from external hackers. "Probably 50 percent of the time, breaches are from your own employees," Bob warns. "Any programmer could look at payroll and other data. Companies look to encryption to also prevent their employees from accessing highly sensitive data." To address this concern, Bob says, Linoma's Crypto Complete lets you restrict which users are authorized to what data.

Companies today send all kinds of sensitive information over the Internet (e.g., direct deposits for employees, purchase orders, etc.). Before the Internet, companies exchanged data via private lines or private networks. "Probably the banking industry has done the best job of protecting data, but lots of other industries are sending confidential information over the Internet without protecting it," Bob explains. "Auditors come in to look at security exposures, and one of the first things they find is that a lot of stuff isn't being protected when it's leaving the data center. Linoma's GoAnywhere product can encrypt data transmissions. There are a lot of data transmission standards out there, such as SSL, SSH, and PGP, and once a company and its business partners agree on a standard, they can use a product that implements that standard to encrypt data before it's transmitted."

Speaking of GoAnywhere, Bob notes that Linoma recently joined the Microsoft Midrange Alliance Program (MAP). "The reason we joined MAP is because we're finding that customers have a mixed server environment, SQL Server, Oracle, Informix, and so forth. Thus, we're really getting into more complex environments. So we're starting to form alliances with other vendors besides IBM. For instance, GoAnywhere can take data from the System i and send that to a SQL Server machine and vice versa. As companies add all these different database servers, they need to be able to share that data between them."

Joining MAP also presented a good opportunity for Linoma to partner with other companies in the program. "A lot of these companies have products complementary to ours. We're starting conversations so we can do some cross selling and ultimately help the customers in these mixed environments."

IT life is only becoming more complex, as we all can attest. "It used to be that System i shops had to worry only about RPG and DB2 and how to make that data usable to their users. Now we're talking to IT people who are not only responsible for System i but also an Oracle server, a SQL Server box, and more." Linoma's goal is to help customers simplify that complexity while keeping their data securely encrypted.

--Linda Harty, security & networking/connectivity editor

Posted by lharty on August 9, 2008 at 11:27 AM | Comments (0)

August 5, 2008 3:14 PM

Security Pulse Point: A Quick Chat with Security Vendor Raz-Lee

I recently touched base with Eli Spitz, Raz-Lee Security's vice president of business development, about trends in the security market and customer concerns:

Eli, tell me what you're hearing out there in the industry. What's the buzz in security these days?

Eli: In the areas of security and compliance, we're seeing an additional market open up for monitoring and auditing business-critical application data (as opposed to the more traditional--and less important on a day-to-day business level--topics, such as network access, auditing QAUDJRN, managing user names and passwords, etc.). Because this critical data is typically journaled by using i5/OS native journaling facilities, we've responded to customers and business partners and provided capabilities that expand these native facilities to provide:

• field level, realtime alerts when field values exceed a predetermined percentage or absolute number threshold value
• reports covering, say, 20 or more years, detailing, in a timeline format, all changes made to a mortgage, a loan, a person's stay in a hospital, and so forth. These reports, which actually are applications, help to
• differentiate a company's services from those of its competitors.
• provide value to a bank's or hospital's customers.
• provide tools for auditors and application developers.

What are your customers' greatest concerns? What are they asking Raz-Lee for help with?

Eli: Our customers' biggest concern is definitely compliance. Auditors these days are more empowered than ever; they have budgets and usually report directly to C-level executives. What auditors want and need are three things:

• the ability to run ad hoc prepackaged reports (i.e., on an as-needed basis)
• the ability to easily tailor prepackaged reports to particular site requirements, conventions, policies, and so on
• the ability to easily schedule the execution of these reports, with different parameters, in different timeframes, such as weekly, monthly, and quarterly

Raz-Lee's iSecurity provides all these capabilities, both in a Java-based Eclipse interface and in green-screen mode.

--Linda Harty, security & networking/connectivity editor

Posted by lharty on August 5, 2008 at 3:14 PM | Comments (3)