Log Management- Planning Ahead Saves Time and Resources

Busy person“I am too busy to plan!”

It seems like most IT professionals today are so busy keeping up with day-to-day tasks, not to mention myriad unexpected issues that arise; that project planning and time management often take a back seat., Besides, “planning” sounds like such an “open-ended” thing that is frequently deemed a waste of time and lost in the shuffle.

 

In fact, a little proactive planning could save a lot of time and stress in the future. And it does not have to take up a lot of time, e.g. like planning how to better deal with production issues. Continue reading

Modernization with TIC Software

modernization3.0

Founded in 1983, TIC Software has been designing, developing and distributing IT solutions to address the technical challenges of modernizing legacy applications for over three decades and counting! We’re proud of our history – helping our clients maintain the highest standards with innovative solutions that keep their business IT infrastructure running smoothly.

Our products and services provide our customers with solutions that optimize: data flow and reporting, gateway and communication development, business intelligence and, of course, legacy application development. We’ve been modernizing legacy applications for a variety of companies in myriad industries such as financial services, healthcare and wholesale distribution. We work with technology partners to leverage the most up-to-date IT innovations – to best serve our clients – many of whom have been with us since day one! Continue reading

Proactive Measure to Alert Application Issues

dashboard_gauges

Drivers rely on their dashboard gauges, warning lights and alarms to keep them apprised of any potential issues – so shouldn’t the same theory apply for monitoring
your important business applications? Being forewarned at the first sign of trouble puts one in the best position to address the problem before further issues arise.
Like this guy who neglected to monitor his dashboard:

broken_car

It’s important to not only be warned of an application error – but also to be informed as soon as possible so corrective action may be taken in as timely a manner as possible. Paying attention to important information that the applications are writing to the logs is critical. Continue reading

Modernizing SCOBOL Programs Part 1: The Challenge

Part 1: The Challenge

Why Modernize?

The pace of application modernization initiatives on NonStop has accelerated in the past several years, as more users and organizations have started to consider the importance of NonStop’s strategic values. The objectives of application modernization are to reduce risk, reduce costs, and to increase agility. These objectives align with the priorities of all organizations’ IT management.

Migrating Existing Legacy Programs 

Most discussions on application modernization focus on how to develop new applications on NonStop using new technology, such as Java, SOAP, open source frameworks such as SASH. Yet, one of the most common problems faced by IT management is not about the development of new programs, but rather with the challenge of how to migrate existing legacy programs containing complex business logic to a  new programming platform.SCOBOL2

This blog series focuses on this last topic and uses SCOBOL as an example. We show how it is possible to extract business logic from a legacy SCOBOL program and incorporate it in a modern version of the program using a software engineering tool called Blu Age.

The Challenge – Embedded Business Logic

Business LogicSCOBOL was originally designed for handling the UI, and the recommended best practice was to avoid business logic in SCOBOL programs. In reality, developers commonly exploit SCOBOL’s capabilities by putting business logic in their programs. These business logic routines may range from something simple like checking input fields for certain values, to extensive logic that cross-references multiple screen fields. With all this embedded logic, the SCOBOL programs become very function-rich and work beautifully in the native Pathway environment. However, when the time comes to migrate the program to a new environment such as a web browser, embedded logic becomes an obstacle in the migration effort. In the browser and application server environment, you will need to understand where the business logic is in the existing program, and how to replicate this business logic in the new program.

Dealing with programs with business logic

Let’s say that you have SCOBOL programs with business logic that you want to transform into to a web graphical user interface (GUI) application. Here are some of your available options in handling the embedded business logic:

Rewriting

programming teamOne instinctive approach would be: “Let’s rewrite the business logic into a modern equivalent.” While that sounds straightforward, the skill sets required to faithfully reproduce the business logic embedded in the legacy UI in a modern form are considerable.

Here are some of the challenges:

  1. There is usually no adequate documentation of the existing code. The only thing available is the source code.
  2. That means someone needs to understand how to read SCOBOL code, and someone else with expertise in the new programming environment to assist in the migration.
  3. SCOBOL programming expertise doesn’t necessarily translate to a clear understanding of the business logic in someone else’s code. In most organizations, chances are that the original coder is no longer available.  In some cases, this could be further complicated by the fact that the program had been modified by multiple developers over the years.
  4. Finally, you must verify that all the functions are rewritten correctly.

CautionCaution: Rewriting by hand sounds easier than it really is.

Language Translator

translateUsing an automated language translator is another approach to modernizing legacy programs with business logic. A language translator is a program that can read in a SCOBOL program source and output a program in a target computer language like Java or C#, along with all the other technology pieces needed to provide equivalent functionality to the SCOBOL program.

The HP Pathway/iTS product is an example of this kind of translator product. It reads in the SCOBOL source, and generates equivalent Java applet code that will run in the web browser and communicate with the Pathway TCP. There are other commercially available COBOL translator products and services in the market that work similarly on different COBOL variants on different platforms.PathwayiTS

While this sounds good in theory, the result usually falls far short from ideal.

  • This translator would face all the challenges of human “rewriter” without the human’s intelligence. A translator is a black box to its users, and “tuning” by vendor experts is required to produce a successful translation. SCOBOL programming style changes (e.g. two different programmers’ coding styles) may befuddle the translator, requiring expert vendor intervention to keep things moving.
  • Most translators can deliver only somewhere between 50%-70% success rate at best, and the result varies depending on the complexity of the original program. The rest requires additional manual tweaking by an expert of the tool and could take a fair amount of time.
  • Experience with program translators shows they can be brittle. Even if the translated program is functional, most likely the generated source code cannot be maintained manually by a developer.
  • Translated code usually does not perform well, as the vendor of the translator tool focuses more on delivering an output that functions correctly, without regard to performance

CautionCaution: Translators sound great but have severe practical limitations.

So, what would be a better approach? Read about it in our next blog:

Modernizing SCOBOL Programs Part 2:  Re-engineering using Blu Age

moreinfo_icon

Feedback please

Do you find this tutorial blog helpful? Let us know what you think, and how we can make it even better. Don’t forget, you can subscribe to our blogs (top right-hand corner of the home page) to get automatic email notification when a new blog is available.

Phil LyPhil Ly is the president and founder of TIC Software, a New York-based company specializing in software and services that integrate NonStop with the latest technologies, including Web Services, .NET and Java. Prior to founding TIC in 1983, Phil worked for Tandem Computer in technical support and software development.

Application Rationalization

Application Rationalization 101

imagescaojxf86

Application Rationalization is a managed process that reviews and evaluates applications in the IT Application Portfolio on a rational basis, to determine which should be preserved and enhanced, redeveloped and re-platformed, replaced with alternative solutions, or simply retired.

The goal of application rationalization is two fold.

  1. To Identify candidate applications for modernization action that might include enhancing, transforming or migrating to newer technology platforms, replacing with new solutions available as COTS or Cloud offerings, or simply retiring with no replacement.
  2. To initiate action based on the rationalization plan, and begin the modernization effort.

What follows is a brief discussion of application rationalization, beginning with scoping, and following through to taking action on the rationalization plan.

Scoping

To begin the rationalization process, you and TIC Software develop an action plan to decide on the scope of the application rationalization effort, considering such drivers as:
imagescafujf1s

  • Which business unit generates the highest IT costs?
  • What class of technology generates highest support costs, (e.g. NonStop)?
  • Which Line of Business (LOB) was most recently acquired and is now least integrated with the balance of the portfolio?

Then, we capture the following information, used to scope the Application Rationalization effort:

  • A count of applications to be reviewed,
  • The quantity and availability of supporting application documentation and support records
  • The report and presentation process that will follow from the rationalization effort (high-level, high-impact supported by detail roll-up

We will be grading applications on their cost, and the value they deliver, both now and in the future. Therefore we will need your agreement on how forward-looking we should be.

Rationalizing

imagescafbx311

The key drivers for the rationalization are typically

  • Enabling a “do more with less” attitude by identifying IT portfolio bloat and reducing it, thereby freeing funds
  • Bring transparency to IT by portraying IT spend in a meaningful (e.g. business and value-oriented) way, and
  • Establishing business ownership of IT assets (applications, data) through the Application Rationalization effort

To understand cost and value, we will gather and evaluate information within the scope of the effort. Here are some examples of what we would examine…

  • Where is your organization or individual business unit, if that is our scope going as a business
  • What are the desired principles of IT’s operation to support client’s business direction
  • What is the history and projection of annual support, license, and enhancement costs (people and technology) by application, considering direct costs first, and indirect from client’s rational basis of overhead allocation
  • What do Business and Technical Stakeholders think about the application suites under review, compiled through interviews and completed surveys

Understanding

whereis-resized-600The Application Rationalization process gives insight into the value that applications deliver and the costs and risks associated with that delivery. Delivered value can be understood as profits derived from business functions directly supported by application suites under review. However, there is a deeper meaning to delivered value, having to do with key strategic alignments, discussed following.

Alignment between Business Processes and Applications

Proper alignment means that the time and effort you spend running your business is devoted to productive work, not work-around. Misalignment means extra work such:

  • Is each business process is supported by multiple applications? This gives insight into redundant user interfaces among applications, identifies the use of application integration, and also identifies the number of applications that must be modified when the business process changes.
  • Are business activities are supported by a single application?
  • Are critical business processes/activities supported by different applications than the noncritical business processes/activities? This helps to identify less critical applications that might be replaced or retired
  • Does each application’s functionality support at least one business process activity? Applications that play no role in supporting the business should disappear

Alignment between Business Processes and their Data

Business and Data alignment means that business people have the information they need – accurate information, with the right level of detail, and on time. Misalignments make it difficult to get information that is relevant for the business.

We perform a technology and business process review to answer questions such as…

  • Is every data attributes used by at least by one business process?
  • Are all data entities meaningful to their business users?
  • Is the organization using standard, off the shelf applications for generating ad-hoc reports, inquiries, and graphs, or are custom-written applications doing this work?
  • How well is data lineage (origin, and update path) of data entities tracked?
  • Are business people responsible for overseeing the quality and relevance of data content?
  • Does the organization use an Information Architecture with published principles and rules? If so, which data entities are in compliance, and which are not?

Alignment between Applications and Data

Application and Data alignment means that IT experts expend coding effort coding business functions and logic, rather than on data repair, conflation, and extra transformation. We perform a technology and business process review to answer questions such as…

  • Is data entity managed by only one application? This means that entities are identified, created and reused by a single application, simplifying information management
  • Are data entities created with null values present, or with plugged values, when real values are not available?
  • Are there vocabulary and semantics organization standards so data from one business entity can be easily shared with others?
  • Do standards exist for data interchange formats across the organization? Are they used, or ignored?

Acting

imagesca431vbc

Our application rationalization offering brings focus on the business value delivered by client application suites vs. the cost and risk associated with that value delivery.

No matter how complete the go-forward plan, or how compelling the analysis for modernization, retirement, or replacement of applications, clients will only derive real benefit by putting the rationalization plan into action. Successful implementation of a rationalization plan will require buy-in from all in-scope business and technology stakeholders. Therefore, selecting the right initial application suite, engaging stakeholders, and selecting the right modernization partner, are all crucial to success.


moreinfo_icon
To learn more about TIC, Application Rationalization, Modernization with BluAge, and what it means for your NonStop environment, schedule a conversation by emailing us to TIC Sales .

Feedback please

Do you find this tutorial blog helpful? Let us know what you think, and how we can make it even better. Don’t forget, you can subscribe to our blogs (top right-hand corner of this page) to get automatic email notification when a new blog is available.

stu_selip-resized-600Stuart Selip owns and operates Principal Consulting, LLC, an IT Strategy consulting firm that is a business partner of TIC Software. Prior, as the Chief Executive Officer of Luxoft’s Consulting Strategies unit, he managed delivery of IT Strategy consulting to Fortune 500/Global 2000 firms in the Financial Services, Insurance, and Media industries.

Fix it before it breaks – Modernize now!

Fix_it_logo

Some people may believe in: “If it ain’t broke, don’t fix it.” Unfortunately, this saying undermines the importance of investing in strategic options with foresight to avoid pending disasters.

A couple of cases in point:

oldpcI started my first job in the 1970’s with an intelligent terminal company called Sycor , which was eventually acquired by Northern Telecomm. In those days, Sycor terminals were used for Source Data Entry (key to disk), and its programming language was called – ironically – TAL for Terminal Application Language. It was an Assembler/Macro like language, which required one to work with registers, memory addresses and screen fields. When Sycor introduced the Sycor 440 machine in 1976, it had a whopping 64K of memory, a 10 MB hard disk, and a COBOL compiler. Surprisingly, I was one of the very few field personnel that knew COBOL at the time. When I asked some of the more senior Sycor analysts about COBOL, their response was: “Why would we need COBOL? Assembler language is faster and uses less memory!” Well, we all know that the world has moved past Sycor TAL and assembler programming languages.

talscreenFast forward to 2001: I was giving a web Enabling workshop to a NonStop customer in Chicago, when one of the senior COBOL programmers raised his hand and asked: “ COBOL works perfectly well for us. Why would we want do any of this web stuff?” That company was later acquired and sadly, they no longer use NonStop. None of the NonStop developers was asked to stay to work in the new IT environment, which was Unix, Java and totally web-based.

Today, the NonStop has a lot of modern technologies available, including support for SQL, web server, Java, Eclipse, SOAP and others. Yet, a lot of users still haven’t taken advantage of some or all of these new technologies. In many cases, they are still developing COBOL applications that use 6530 terminals, Enscribe files and interface with other platforms using FTP. Seriously, it is in your best interest to start considering options to modernize your NonStop environment.

“Why should I be interested in modernizing?”

top3reasons

  • Prevent self-obsolescence
    Working with new technologies will expand your current and future employment opportunities.
  • It could make your job easier
    There are a lot of facilities, tools and utilities available in Java, Apache, SOAP, and other new technologies that are “off-the-shelf” which you can leverage without any coding
  • Build a stronger and more dynamic team
    If you are a manager, adapting new technology will create positive challenges for your current team, and make it easier to hire new staff.

“What should I do?”

learn

  • Make time
    I know that all of us are very busy at work, barely keeping our head above water. I encourage you to check out this blog “Create Time to Change Your Life.”
  • Pick one topic to start
    Any topic: Java, Web Service, Apache, etc. Instead of trying to learn everything about all the modern tools, pick just one thing to start learning. Start slowly but work on it consistently. If you are looking for a recommendation, I would suggest Java. Why? Because it is easy to set up and learn on your desktop, and you can test your programs on the NonStop very easily. In my next blog, I will cover more on Java and NonStop, and the benefits that it offers.
  • Look for free tutorials
    There are many excellent tutorial blogs and YouTube videos available. Here are some examples:

Also, visit our blog (http://www.ticsoftware.com/blog) for an upcoming series of Modernization Tutorial blogs and vides.

do_it_nowDon’t Wait. Start today.

In the history of IT, complacency and shortsightedness usually lead to obsolescence in applications, platforms and people. It may not be “broke” right now, but you can’t afford to wait for it to be broken before you try to fix it. By then, it will be too late.

help-resized-600Need professional service help? Contact TIC Software

If you need help to get started, you can benefit from our Workshops or Quick Start Service. TIC Software is ready to help you modernize your NonStop applications and develop new software solutions. Check out our Modernization Service suite on our web site.

Feedback please

Do you find this tutorial blog helpful? Let us know what you think, and how we can make it even better. Don’t forget, you can subscribe to our blogs (top right-hand corner of this page) to get automatic email notification when a new blog is available.

Phil LyPhil Ly is the president and founder of TIC Software, a New York-based company specializing in software and services that integrate NonStop with the latest technologies, including Web Services, .NET and Java. Prior to founding TIC in 1983, Phil worked for Tandem Computer in technical support and software development.

 

My NonStop system is hack-proof?

hp-data-centre

This Guest Blog is written by Thomas Burg, CTO of comForte, a leading provider of security solutions for HP NonStop systems. This is part of the TIC blog series on A.I.M. (“Assess”, “Innovate”, “Modernize”). This particular article focuses on Assessing your Security”.

security_lock-resized-600

How secure is your NonStop?

While there is a plethora of publicized stories about other platforms being breached, there is no public record of a HP NonStop system being breached. Given the high value of the typical data stored on a NonStop system (credit card transaction logs, healthcare data, high-value financial transactions) this seems somewhat surprising. So why is it that no NonStop system has been hacked?

The writer of these lines thinks it is a combination of obscurity of the platform as well as the fact that so far other platforms have been so much easier to breach. However, this should not become a reason for complacency: with increasing regulatory pressure (PCI, HIPAA, …) other platforms are made more secure which might have attackers reconsider which platforms to target in the first place. For an outsider, there are powerful hacking tools such as ‘nmap’ which will allow them to fully map the server landscape and then go after targets; for an insider the presence of NonStop is often fully known.

hacked

“We’ll never get hacked”

The web site http://www.privacyrights.org/data-breach lists publicized data breaches since 2005. These days, there is a about a breach per day (!) – most probably the companies having joined this ‘list of shame’ did not exactly plan to get this kind of publicity.

Why are we seeing so much more incidents? First, the tools for an attacker have become more and more sophisticated over the years: these days it is rather common for an attack to consist of multiple stages. Starting with discovery, typically at first a single PC is ‘taken over’ and can then be remote-controlled from the attacker for long period of times. From that PC, other PCs and/or servers are then attacked and taken over – making defense much harder. Second, the attackers themselves are becoming more as well as better organized. Cyber-crime is relatively low risk and high reward; also these days there is more and more state-sponsored cyber crime.

All that said, there are reasons why well-written security standards (such as PCI) implement “defense in depth”, namely a combination of security practices which ensure the best possible security even if individual components have already been broken. If defense in depth is properly implemented, the unfortunate victims of attacks such as The New York Times, Sony or RSA would not have been under “enemy remote control” for extended period of times.

no_time_sign

“I don’t have the time/budget to do all this”

Unfortunately, the bad guys out there have all the time in the world and your data is virtual money to them. So, think again! Think about your total yearly budget for running your NonStop system – just adding a small percentage to better secure the system will in time go a long way on the journey towards better security.

security

Applying defense in depth to NonStop security

Here are several security concepts which all should be part of properly securing a NonStop system:

  • Have a security policy in place. Live the policy
  • Have a firewall in place between your PCs and your NonStop system.
  • Encrypt all network traffic to/from your NonStop system
  • Run network-based intrusion detection systems with the sensor being close to the NonStop system
  • Use Safeguard. Put proper ACLs in place for critical files
  • Ensure security-relevant events of your NonStop system are logged to a central logging system (SIEM)
  • Have an active alerting system which reacts to relevant events (repeated password failure for any user, specifically for SUPER users)
  • Track SUPER user usage
  • Record keystrokes of users (ideally all, at least SUPER user group)
  • Have secure passwords. Change them regularly
  • Have periodic security audit. Ideally, these are not only “paper audits” but include penetration testing

Feedback please

moreinfo_icon
Do you find this blog helpful? Let us know what you think, and how we can make it even better. Don’t forget, you can subscribe to our blogs (top right-hand corner of this page) to get automatic email notification when a new blog is available.
Thomas_Burg
Thomas Burg has an extensive background in systems programming, networking, and security. For more than 30 years, Thomas has worked with a range of computing platforms, including Windows, UNIX, and HP NonStop. Burg is Chief Technology Officer for comForte, a software vendor specializing in security, connectivity, and modernization solutions for the HP NonStop market. At comForte, he has helped guide the company’s strategic product direction and orchestrated a range of technology initiatives, such as the company’s SSL/SSH encryption suite, which was ultimately adopted by HP within the NonStop OS.

Take AIM – Assess. Innovate. Modernize.

people_thumbs_up Happy New Year!

2013-target-resized-600 May 2013 be a successful year to all of you. New Year always presents new opportunities, inspirations and resolutions. What are some of yours? I’d like to suggest that you consider taking up “AIM” initiatives – Assess. Innovate. Modernize.

Assess.

assess-resized-600

Too often, we get caught up in our day-to-day grind during the year that we had no time to pause and to inventory where we are. Yet, taking time to review and assess is critical to improvement in the new year.
For examples:

  • You have lots and lots of COBOL programs, but…
    Do you know what are in your application assets?
  • You know it is important to protect your “crown jewel platform”, but…
    How secure is your NonStop environment?
  • You have a whole team of operators, tech support, system managers, but…
    How efficient is your operation environment?

Now is a good time to reflect on where we are and to set some goals for improvement.

Innovate.

lightbulb

Get out of your status quo comfort zone and think outside the box! Commit some time to learn more about some of the newer technology such as

  • Mobile Apps
    Think about your users with iPad and Smartphones
  • Cloud Computing
    What SaaS can you leverage?

Now, you may think: “But what does a legacy machine like NonStop have to do with these new technologies?” Think again! In fact, integrating new technologies with Nonstop could present some exciting opportunities and ROI for your organization.

Modernize.

modernize

While you look for new technologies to jump into, don’t forget all the valuable application assets you already have on your NonStop system. Make 2013 be the year to start your modernization initiative to make these NonStop assets even more valuable. Commit to starting one (or more) of these following projects:

  • Buid a better GUI with Java or .NET
  • Improve your database and application connectivity
  • Adopt modern development methodology and tools

Need help getting started? Look for more discussions on these topics in our upcoming blogs, with tutorials, examples and success stories. We hope that you will follow these discussions, and we would love to hear about your experience as well.

Feedback please

Do you find this tutorial blog helpful? Let us know what you think, and how we can make it even better. Don’t forget, you can subscribe to our blogs (top right-hand corner of this page) to get automatic email notification when a new blog is available.

Phil LyPhil Ly is the president and founder of TIC Software, a New York-based company specializing in software and services that integrate NonStop with the latest technologies, including Web Services, .NET and Java. Prior to founding TIC in 1983, Phil worked for Tandem Computer in technical support and software development.