I think the best way to tackle this situation is to build your case for keeping your iSeries-based infrastructure...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
and put them across in an open and frank debate about the organization's IT direction. The debate would certainly benefit from an independent -- and I mean independent -- risk assessment and return-of-investment report. These would provide a baseline from which arguments both for and against could be judged. Here are some reasons why you may want to consider championing for the iSeries.
The AS/400 has powerful security features built in to it; its security architecture is time tested and has been the backbone of subsequent IBM midrange product lines, including the iSeries. User authorization is mapped to the objects through a well-proven system of user rights, object types, group authorities and special authorities. Every resource is considered an object and authentication and authorization exists at the user and object levels. Users are defined by a user profile, made up of dozens of parameters defining the authorities and environments available to the user.
Your organization obviously has skilled in-house expertise to manage your current infrastructure. There would be extensive retraining requirements if the IT department had to learn how to maintain and secure a Windows-based server infrastructure. Certainly, one process that would need revamping is patch management, to ensure the new system maintained current performance levels. Virtualization is certainly all the rage, but little is understood about the security implications, both long and short term, of running virtual systems. I think virtualization is great for running test and development systems, but I would want to wait until the technology has matured a little further before I bet my business on it.
Counter arguments that you need to consider are the availability of iSeries experts. Finding admin staff to run a Windows environment is going to be easier and cheaper than for the iSeries. In five years time, how easy will it be to recruit iSeries specialists? You certainly need to be aware of IBM's road map for the iSeries so you can counter any arguments based on future compatibility issues with technologies such as smart phones and mobile devices.
Certainly, any migration would need to be rolled out slowly, with less-critical processes migrated first. A virtual environment would actually be a good way to test how any new system handles both business and security requirements. This won't be a short exercise though, and in the end, budget constraints and the overall business environment may well distract your bosses' attentions elsewhere.
Dig Deeper on Windows Security: Alerts, Updates and Best Practices
Related Q&A from Michael Cobb
Many large enterprises have their own internal public key infrastructure. Expert Michael Cobb explains the considerations organizations should make ...continue reading
Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of ...continue reading
Microsoft is banning weak passwords on many of its services with the Smart Password Lockout feature. Expert Michael Cobb explains how it works, and ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.