WebSphere MQ v7.5 Security Concerns

Content contributed by Allan Bartleywood – Sr. MQ Subject Matter Expert
WebSphere MQ v7.5 security concerns seemed to be a resounding issue. We heard a lot of concerns regarding it while we were at the IBM Impact 2014 conference last week.

I do not believe it’s actually a concern for security when your organization is doing an upgrade to version 7.5, but more a concern as to whether your organization already has security enabled within your MQ environment.

At a lot of the organizations that I’ve consulted with, I’ve noticed that there is a lack of security actually implemented within the MQ environment.  WebSphere MQ has always had security implemented that was focused at the operating system level where it was running.

With this latest WebSphere MQ v7.5, security concerns, features have been added to meet today’s demands. This includes support for Advanced Message Security where the queue manager actually encrypts and decrypts Messages as they go through the environment on a put an get of an application.

You can actually configure the queue manager down to individual queues so that only certain queues will have messages encrypted.

This feature is providing the capability for messages to now meet compliance requirements like HIPAA and PCI Compliance. While data is in transit, it is in encrypted by the messaging transport without any special requirements being added to the applications.

This will, of course, mean that from the time a message put onto queue to the time a message just gotten off the queue, it has been included. Further security enhancements are provided to ensure that only certain applications will get the message decrypted from a given queue.

Now all of these features are out of the box with no added installs and compatibility issues being encountered.

Going back to whether organizations are actually implementing suitable levels of security within their messaging environment is another matter. What is quite often seen it is that administration and application usage of MQ is left open, that is it has not been unable at all.

This is normally due to a conscious decision or simply a lack of knowledge of the capabilities of the product; or a lack of understanding of the security policies and implications relating to the data that is being sent over the messaging environment.

It is not uncommon to see administrators using client connections to queue managers over the server connection channel with no authentication at all. It is also not uncommon to see the queue manager with channel authority disabled.

So are the security concerns about upgrading to version 7.5 related to a lack of understanding and knowledge of what the security capabilities are within 7.5 and pressure being put on IT for tighter security compliance, rather than whether 7.5 is capable of delivering services to these tighter security compliance requirements.

There are also situations where IT sees the requirement for better security compliance but the business doesn’t understand what is compliance are.

If you’re having WebSphere MQ v7.5 security concerns, please feel free to reach out to Wendy at TxMQ, wendy@txmq.com and let us answer your questions and guide your upgrade so all the proper security features are in place.

(Photo: Compliments of Still Burning)

IBM's key solutions for company growth and success

Recently, I had the opportunity to interview Nancy Pearson, VP BPM, SOA, & WebSphere Marketing, SWG at IBM about their solution categories and what it can do for your business.Check out her responses regarding what’s new and exciting with IBM technologies. I hope you find it as interesting as I did.
TxMQ: Can you please give a brief overview of the following IBM solution categories?

IBM:

  • BPM: The basic operational value proposition of business process management (BPM) is the ability to process more with less effort and higher quality. BPM provides three core benefits – efficiency, effectiveness and agility. We’re continuing to invest in our market-leading BPM portfolio, which includes products many of you may already be using, such as WebSphere Process Server, WebSphere Business Modeler, WebSphere Business Monitor, and WebSphere Lombardi Edition. You can discover, document, automate, and improve revenue-generating processes to drive growth, reduce cost, and optimize execution across your business network. IBM can help you get started with a BPM solution that will help deliver business agility by providing a prescriptive approach based on best practices from more than 5,000 customer engagements.
  • SOA: As business processes evolve, suppliers and regulations change. Organizations need to have seamless integration and connections within the boundaries of the organization and across trading networks. It’s vital to share services across domains to optimize business performance and improve flexibility.  They also need any-to-any connectivity to allow easy integration within and beyond the company – connecting systems throughout their dynamic business network.  In addition, it is also useful to have a federated approach that helps manage complexity – even as they share services across different domains.  We have leading integration and SOA capabilities that include WebSphere Message Broker, WebSphere DataPower, and WebSphere MQ products. We’re improving our capabilities in this area with WebSphere MQ Telemetry, which enables intelligent decision making based on remote real-world events. We’re also enhancing IBM Cast Iron appliances. IBM Cast Iron appliances help integrate on-premise applications with cloud-based apps. And you can build, run and manage an integration between applications and deploy it using a physical on-premise appliance, a virtual appliance, or completely within a multi-tenant cloud service.
  • Cloud: Your company needs to be able to respond quickly to business changes that effect your applications and services, all while managing costs. Virtualization and Cloud are key technologies that enable you to control costs while adding flexibility to the infrastructure that supports your applications and services. With Virtualization and Cloud technologies, you can simplify management of applications and services while optimizing the usage of your infrastructure resources. Given the inherent flexibility of virtualized infrastructure, you can roll out new products and services more dynamically. And you can ensure immediate application response with through elastic scalability. We’re continuing to invest in our core application infrastructure portfolio that includes CICS, WebSphere Application Server, and WebSphere Virtual Enterprise. We are announcing a new Feature Pack for Modern Batch for our WebSphere Application Server, which provides support for a Java Batch programming model for the development and deployment of batch applications. You can also migrate applications developed using the feature pack to IBM’s comprehensive batch platform, WebSphere Compute Grid, without making any application changes.

TxMQ: Can you describe the type of company or the business needs best served by one or more of these technologies?

IBM: Think about today’s business structure. It is a growing network of relationships between employees, customers, suppliers and partners. It encompasses the people, processes and systems inside and outside the organization. It continues to get broader and more complex. Above all, it’s always changing. Suppliers come and go. Regulations change. New relationships emerge. It’s become a truly dynamic business network.
The ideal business looking to integrate these products is businesses is looking to successfully deal with this change and complexity that are using these technologies. The new business environment will favor companies able to execute faster, with more dexterity, across their dynamic business network. That’s why the ability to help deliver agility with these capabilities is so important.
TxMQ: What benefit will be derived from implementing one or more of these integrated technologies?
IBM: Agile businesses have higher EPS growth, ROI and return on capital, with faster revenue growth than their industry peers.
Only IBM has the products and expertise to deliver on the promise of business agility. Using the best practices from thousands of customer engagements, deep industry expertise and market leading products, IBM can deliver a road map to help you achieve profitable growth and enable business agility. To get you started with a project that meets your business objectives, IBM Software Services for WebSphere (ISSW) offers IBM QuickStart services to accelerate the delivery of a deployed solution, helping you realize value quickly around BPM, rules, events, SOA, cloud computing and virtualization. IBM will get you up and running with a high ROI project in just 90 days, delivering great business value you can showcase around your organization. They’ll also set you up with a great proofpoint for taking further steps, should you choose to do so in the future. As business value is realized, you can extend those projects both vertically and horizontally to make your organization even more nimble. Such an integrated approach encompasses your business processes, relationships and infrastructures, helping you fully realize true business agility.
TxMQ: What company officials generally need to be a part of the decision to implement IBM technologies?
IBM: That’s an interesting question, because the issues being solved here are top-of-mind with many CEOs.  Just this year we published our most recent research based on interviews with over 1500 CEOs worldwide.  The full study can be found here:  www.ibm.com/ceostudy
CEOs are clearly interested in the power of these capabilities to transform their business.  More directly involved are the line of business executives that own the outcomes and the key processes used to deliver them.
I started with the business executives because these technologies are very much about aligning IT with the business – so it’s important for that connection to occur, as it makes sense for a project.  When an initial project begins, you typically see the LOB executives, their IT counterparts, and the IT managers in charge of the applicable applications and associated software infrastructure directly involved.
Clearly though, other IT executives, from the CIO to the chief architect, play a critical role in making sure that initial projects can be leveraged down the road , as capabilities are extended for the broader benefit of the organization.
TxMQ: How will the new technology allow companies to strengthen existing customer relationships?
IBM: A Smart SOA approach can help any business manage complexity and improve agility by enabling integration, interaction, and business execution across distributed value chains. With solutions for seamless, any-to-any integration and connectivity, within and beyond the organization, IBM can help you:

  • Maximize service reuse across your enterprise
  • Federate within and across SOA domains, including cloud and smart devices
  • Enhance flexibility and security across your enterprise

New IBM solutions simplify integrating your software-as-a-service (SaaS) and cloud applications with on-premises applications. With configurable access to today’s most prevalent SaaS and cloud applications, integration takes days versus weeks or months.
IBM, together with Sterling Commerce, helps you gain greater control over, and flexibility with, critical business processes within and beyond the enterprise. Sterling B2B Integration extends connectivity across channels to trading partners so you can:

  • Communicate efficiently across, and extend management of, trading partner communities
  • Eliminate “blind spots” and improve business performance with real-time business transaction visibility and performance metrics
  • Minimize business risk and achieve consistent policy enforcement and compliance

TxMQ: How difficult is the transition into these products and how much downtime can a company expect?
IBM: We continue to invest in making our solutions as simple and effective as possible.  To help our clientele transition to our products, we have introduced innovative new cloud-based offerings that enable you to get up and running quickly with minimal IT investment. Our new IBM Blueworks Live offering is a great example, allowing you to automate simple processes in just 90 seconds! We have also introduced WebSphere Hypervisor Editions for many of our offerings that significantly speed time to value for deploying and configuring environments. WebSphere Hypervisor Editions allow you to install and configure defined standard topology patterns in a matter of hours, and easily manage installation and deployment.
TxMQ: Are there any new and particularly exciting product updates within a specific industry?
IBM: We have delivered a lot of exciting product enhancements across multiple industries.  One of the really exciting announcements we have made is around IBM Blueworks live – a new BPM in the Cloud offering that allows knowledge workers to leverage the benefits of BPM in a cloud environment to capture, understand, collaborate on, and improve everyday processes that drive their businesses. Blueworks Live combines the best of our two previous BPM in the cloud offerings: the community from BPM BlueWorks and the process documentation of BPM Blueprint. On top of that, Blueworks Live adds in exciting new automation capabilities, creating a first-of-its-kind, best in class new offering to improve processes. BlueWorks Live helps turn the unstructured  activities of real business people into automated processes, with the added benefits of visibility, understanding, insight and control.
We also have enhanced our industry accelerators to include updated support for industry standards, more pre-built assets, and an enhanced industry asset navigator tool.  These industry accelerators cover a wide range of industries including Banking, Insurance, Healthcare and Telecommunications.
TxMQ: What’s the best way for a company to choose the right product to fit their needs?
IBM: The first step is to identify your business objectives. With all the complexity of a dynamic business network, starting down the road to business agility can seem challenging. The key to success is to use the right approach, an approach that starts with careful analysis that is focused on business value, and then expands slowly leveraging incremental successes along the way. By first documenting what your business pains and goals are, you can understand which area to focus on first. Are you trying to solve a process issue?  Do you need to establish better linkages across your dynamic business network with customers, suppliers and partners? Are you looking to control costs and add flexibility to your application infrastructure? IBM can help you identify the best solution to meet your business objectives and provide a roadmap for achieving those business goals.
TxMQ: How are the new versions of the aforementioned products better and more efficient than previous editions?
IBM: I’ve mentioned several of the updates already. The bottom line is that we’re bringing forward improved ways to be prescriptive in delivering business agility. With things like the new IBM Blueworks BPM in the cloud offering and new IBM QuickStart services, we’ve brought together the technology and expertise of IBM to engage both business and IT in projects that return real value in the short term, and set the foundation for extended value in the longer term.
TxMQ: Can you share any new and exciting products that companies can look forward to in 2011?
IBM: I can’t provide specific details around our planned announcements for 2011, I can tell you that we have a lot of exciting things planned. I would encourage you to register at www.ibm.com/impact for our Impact 2011 conference, which is being held in Las Vegas April 10 – 15th, 2011. At the conference, you can learn about our new products and announcements across BPM, SOA and Application Infrastructure. Impact 2011 will feature a world-class Technology Program with over 400 sessions on WebSphere BPM, SOA, commerce and cloud technologies. We will also have a Forbes sponsored Business Program with over 40 sessions addressing critical business topics and issues, and a state-of-the-art EXPO and Product Technology Center featuring the latest technologies from IBM and IBM Business Partners.

New WebSphere products take center stage

Seems like there is always something cooking with IBM. Fall 2010 has been no different. I just attended a webinar regarding what’s new with their WebSphere Application Infrastructure products. Here’s what they discussed…
WebSphere Application Migration Toolkit Version 2.0
The new Toolkit Version 2.0 was released at the end of September. It was developed to help migrate from previous versions of WebSphere to WebSphere Version 7.
That means anyone with WAS V5.1, V6.0 and V6.1 can easily upgrade to V7 because the program automatically scans applications and identifies the changes required. It removes the barrier that prevents migration to new versions in one simple scan.
The best part? The product is risk-free. It’s a totally free program that you can download from the web and the support on the program is free.
Download it for free now. Try it out and see if it works for you.
WebSphere Application Server V7 Feature Pack for Modern Batch
WebSphere Batch is a technology modified for Java. This version was built for common batch architecture across enterprises. It allows you the ability to have consistent models across multiple platforms.
WebSphere Batch Value Proposition

  • SOA alignment  complements and leverages online application assets
  • Application agility assists the development speed and power of Java
  • Cost advantage lowers execution costs so you can focus on application and not time spent on middleware logics.

WebSphere Batch Technical Advantages

  • Structured programming model
  • Container managed checkpoint
  • Time compression
  • Multi-platform

WebSphere Batch provides Feature set options which allow you to begin with the Feature Pack and grow into the WebSphere Compute Grid. The Feature Pack includes the batch container, job scheduler and batch toolkit, while the WebSphere Compute Grid Product includes those three plus parallel job manager, enterprise connectors and advanced operations pack.
To find out more about the WebSphere Application Server V7 Feature Pack for Modern Batch click here.
WebSphere Application Server V8 Open Beta
Because the product is a Beta, IBM  is looking for feedback on what’s delivered in the end, so they initiated this portion of the webinar with the following disclaimer:
“Product plans referenced in this document may change at any time at IBM’s sole discretion, and are not intended to be a commitment to future product or feature availability….”
Version 8 Beta is a follow-up from the Alpha 1H10 that was released in the summer of 2010. The Beta is a refresh of this product and was released in early October, 2010.
This version really addresses the market and enhanced productivity for developers and administrators. The goal of this version was to reduce the cots of ownership and increase business agility.
This was done in several ways:
1.     Reducing Barriers to Adoption – allows administrators to configure the deployment environment so IT can use it faster.
2.     Fit for Purpose Programming Models to Jumpstart Development – allows customers to choose program models that best suit their application needs.
3.     Fit for Purpose Application Foundations & Tooling – focused on high performance, strength, scalability, security and more.
The advanced Beta themes included the broadest programming models and standards possible. It is meant to be fast, flexible and simplified with extensive deployment environments and utilize integrated joint solutions.
Download the WAS next open Beta here.
About TxMQ
TxMQ, headquartered in Buffalo, NY provides flexible staffing solutions across all divisions and departments within a company. As a leading staffing agency, TxMQ provides placement of permanent and contract professionals within a wide variety of skill sets including Information Technology, Engineering and Manufacturing Operations, Accounting and Finance, Sales and Marketing, Human Resources, and Administrative Management.
Contact us today to find the solution that’s right for you.