Friday, 31 August 2018

Get a health check for your SAP HANA on IBM Power Systems

Are you confident your SAP HANA on IBM Power Systems are getting optimal performance?

SAP HANA has been available on IBM Power Systems for a few years, and many organizations have migrated to it, bringing numerous advantages such as flexibility, efficient resource utilization, server consolidation and reduction in costs. As a Tailored Data Center Integration (TDI) model, an SAP-certified person is required to install and configure HANA. During deployment, a certified HANA engineer sets up the system following IBM Power server and SAP HANA best practices and runs an SAP HANA Hardware Configuration Check Tool (HWCCT), which ensures the environment has been configured for HANA prerequisites and for hardware performance to meet HANA KPIs.

After deployment, however, organizations will eventually need to make changes to their workloads and infrastructure. The monitoring tools you use might not capture deviations from best practices. Some components of your system might require periodic checks like firmware updates, patches, backups, cluster operations and so on. Hence the need arises for a periodic health check for SAP HANA on Power Systems. Without periodic health checks, you might not be getting the best availability and performance from your systems, and you could be at greater risk for an unplanned outage.

What is an SAP HANA on Power Systems health check?


A health check involves inspecting your system in several key areas, such as:

◈ Ensuring up-to-date software levels
◈ Examining the adequacy of hardware resources
◈ Looking at system tuning based on your current workload pattern
◈ Doing checks for best practices in virtualization
◈ Checking the feasibility of adopting newly released features in the Power server/OS/HANA

Your HANA configuration, error logs, high availability and backup policies are also validated.

Minimum checks that needs to be carried out as a part of an SAP HANA on Power Systems health check


The following chart shows a list of the minimum checks that must be covered as a part of an SAP HANA on Power Systems health check. This is only a high-level list; additional checks based on your results may be needed.

SAP HANA, IBM Guides, IBM Certification, IBM Learning, IBM Tutorial and Material

SAP HANA, IBM Guides, IBM Certification, IBM Learning, IBM Tutorial and Material

Benefits of an SAP HANA system health check


An SAP HANA on Power Systems health check offers numerous benefits:

◈ Helps you identify any single point of failure and fix it

◈ Helps prepare you for handling unexpected downtime

◈ Demonstrates current hardware utilization and growth trends, thus helping you plan for future growth or release a portion of your hardware for other workloads, thus saving on budget for any additional workloads

◈ Helps you get better support by staying up-to-date with software versions

◈ Helps you better manage your IT budget by knowing growth trends

◈ Helps you know new technologies that could be applied to your environment

◈ Improves productivity, improves your confidence and may reduce the cost of acquiring additional hardware for new workloads

Who can perform an SAP HANA on Power Systems health check?


An SAP HANA on Power Systems health check can be done by anyone who has good knowledge of IBM Power Systems, Linux and HANA. You may do it yourself or engage a team of experienced consultants like IBM Systems Lab Services. Lab Services helps organizations build and optimize SAP HANA solutions with Linux on Power Systems with a tailored data center infrastructure strategy, and health checks are among the many services we offer to help clients optimize their SAP HANA environments.

IBM X-Force Red Security Team takes on security challenges with the help of IBM Cloud

Unless you live under a rock, you’ve likely seen a recent top news headline with the words “security breach” somewhere in there. This is not the type of press companies want to be recognized for, and it is even worse for the millions of customers who are left out in the cold when their unauthorized information is made public.

IBM Cloud, IBM Certification, IBM Guides, IBM Learning, IBM Tutorial and Material

High-profile security breaches are becoming more common every year as cyber criminals are becoming more sophisticated in finding new security vulnerabilities to penetrate to access protected data. These hackers aren’t planning to ease up on businesses anytime soon, either. With that in mind, the best course of action for organizations is to rapidly test, identify and fix where they are most vulnerable.

Security penetration testing to better manage vulnerable data


IBM recognized this need two years ago when it launched IBM X-Force Red, a team of security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware and software applications before cybercriminals find those same vulnerable areas. The security testing expertise that IBM X-Force Red brings to the table spans multiple industries including healthcare, financial services, retail, manufacturing, government and the public sector.

Although there are unique security vulnerabilities in each industry, password security issues remain among the top areas of concern for every enterprise, no matter the industry. It only takes one weak password for a cybercriminal to breach an entire business. The need for greater password security has given rise to an entire segment of “password auditing” solutions that test for password weaknesses within an enterprise, particularly among website applications.

Password auditing, or password cracking, is the act of running plain text through an algorithm to generate a hash, then matching the plain text to hashes. When a match occurs, the hash is considered cracked. Once the hash is cracked, so is the password. This assumes there hasn’t been anything added to the password before hashing — referred to as password “salt” — which is added to slow down hackers.

Hacking anything to secure everything


In the world of password auditing, there is little that the IBM X-Force Red team doesn’t know. The team put this on full display recently at the Black Hat Security Conference in Las Vegas, Nevada. However, as the team prepared for the security event, members realized that, to rapidly test all aspects of an organization’s password security vulnerabilities, they would need a strong compute foundation to run their tests at scale.

Dustin Heywood, also known as EvilMog, from the IBM X-Force Red team and a member of Team Hashcat — a group of password security researchers and the contest team for the open source Hashcat project — led both teams, first in a demo of their “Cracken” password cracking application, then in the Black Hat “Crack me if you can” password cracking contest. He decided to turn to IBM Cloud infrastructure as a service (IaaS) for high-computing performance and scalability. In preparation for both the demo and the contest, Heywood and his team provisioned and tested a complex, 32-server virtual server environment with 64 NVIDIA Tesla P100 graphical processing units (GPUs) all in under a day. In the words of one Hashcat team member, “it was a little like bringing a nuke to a gunfight.”

Big results


The IBM Cloud environment provided a fivefold increase over the existing IBM X-Force Red 16-server GPU-based infrastructure to fuel the “Cracken” password cracking application and demonstrate real-time, eight-character password cracking in an average of two to three minutes, a feat that would normally take the X-Force Red GPU-based infrastructure alone about eight to 12 hours per password to accomplish.

The IBM X-Force Red team didn’t stop there. With the DEF CON 26 conference coming hot on the heels of Black Hat, EvilMog used the same IBM Cloud and Cracken combined infrastructure to tackle the “Crack Me If You Can” contest, which is essentially, the World Series of password cracking contests. Over a two-day period, Team Hashcat cracked more passwords than any other team.

The team’s performance shows that the IBM Cloud is an ideal environment to consider for quickly running complex, compute-intensive applications.