Thursday Jan 28, 2016

More Free/Open-Source Software Now Available for Solaris 11.3

Building on the program established last year to provide evaluation copies of popular FOSS components to Solaris users, the Solaris team has announced the immediate availability of additional and newer software, ahead of official Solaris releases:

Today Oracle released a set of Selected FOSS Component packages that can be used with/on Solaris 11.3. These packages provide customers with evaluation copies of new and updated versions of FOSS ahead of officially supported Oracle Solaris product releases.

These packages are available at the Oracle Solaris product release repository for customers running Oracle Solaris 11.3 GA. The source code used to build the components is available at the Solaris Userland Project on Java.net. The packages are not supported through any Oracle support channels. Customers can use the software at their own risk.

detailed how-to guide outlines how to access the selected FOSS evaluation packages, configure IPS publishers, determine what FOSS components are new or updated, and identify available packages and download/install them. The guide also contains recommendations for customers with support contracts.

The table of components below contains the available selected FOSS components that are new or updated since the release of Oracle Solaris 11.3 GA:

New Components

asciidoc 8.6.8 aspell 0.60.6.1 cppunit 1.13.2 daq 2.0.2
dejagnu 1.5.3 libotr 4.1.0 pidgin-otr 4.0.1 isl 0.12.2
jjv 1.0.2 qunit 1.18.0 libdnet 1.12 libssh2 1.4.2
nettle 3.1.1 cx_Oracle 5.2 R 3.2.0 re2c 0.14.2
nanliu-staging 1.0.3 puppetlabs-apache 1.4.0 puppetlabs-concat 1.2.1 puppetlabs-inifile 1.4.1
puppetlabs-mysql 3.6.1 puppetlabs-ntp 3.3.0 puppetlabs-rabbitmq 3.1.0 puppetlabs-rsync 0.4.0
puppetlabs-stdlib 4.7.0 saz-memcached 2.7.1 scons 2.3.4 wdiff 1.2.2
yasm 1.3.0

Updated Components

ant 1.9.4 (was 1.9.3) mod_jk 1.2.41 (was 1.2.40) mod_perl 2.0.9 (was 2.0.4)
apache2 2.4.16 (was 2.2.29, 2.4.12) autoconf 2.69 (was 2.68) autogen 5.16.2 (was 5.9)
automake 1.15, 1.11.2, 1.10 (was 1.11.2, 1.10, 1.9.6) bash 4.2 (was 4.1) binutils 2.25.1 (was 2.23.1)
cmake 3.3.2 (was 2.8.6) conflict 20140723 (was 20100627) coreutils 8.24 (was 8.16)
libcurl 7.45.0 (was 7.40.0) diffstat 1.59 (was 1.51) diffutils 3.3 (was 2.8.7)
doxygen 1.8.9 (was 1.7.6.1) emacs 24.5 (was 24.3) findutils 4.5.14 (was 4.2.31)
getopt 1.1.6 (was 1.1.5) gettext 0.19.3 (was 0.16.1) grep 2.20 (was 2.14)
git 2.6.1 (was 1.7.9.2) gnutls 3.4.62.8.6 (was 2.8.6) gocr 0.50 (was 0.48)
tar 1.28 (was 1.27.1) hexedit 1.2.13 (was 1.2.12) hplip 3.15.7 (was 3.14.6)
httping 2.4 (was 1.4.4) iperf 2.0.5 (was 2.0.4) less 481 (was 458)
lftp 4.6.4 (was 4.3.1) libarchive 3.1.2 (was 3.0.4) libedit 20150325-3.1 (was 20110802-3.0)
libpcap 1.7.4 (was 1.5.1) libxml2 2.9.3 (was 2.9.2) lua 5.2.1 (was 5.1.4)
lynx 2.8.8 (was 2.8.7) m4 1.4.17 (was 1.4.12) make 4.1 (was 3.82)
meld 1.8.6 (was 1.4.0) mysql 5.6.25, 5.5.43 (was 5.6.21, 5.5.43, 5.1.37) ncftp 3.2.5 (was 3.2.3)
openscap 1.2.6 (was 1.2.3) openssh 7.1p1 (was 6.5p1) openssl 1.0.2e plain and fips-140 (was 1.0.1p of each)
pcre 8.38 (was 8.37) perl 5.20.1, 5.16.3 (was 5.12.5) DBI 1.623 (was 1.58)
gettext 1.0.5 (was 0.16.1) Net-SSLeay 1.52 (was 1.36) Tk 804.33 (was 804.31)
pmtools 1.30 (was 1.10) XML-Parser 2.41 (was 2.36) XML-Simple 2.20 (was 2.18)
pv 1.5.7 (was 1.2.0) astroid 1.3.6 (was 0.24.0) cffi 1.1.2 (was 0.8.2)
CherryPy 3.8.0 (was 3.1.2) coverage 4.0.1 (was 3.5) Django 1.4.22 (was 1.4.20)
jsonrpclib 0.2.6 (was 0.1.3) logilab-common 0.63.2 (was 0.58.2) Mako 1.0.0 (was 0.4.1)
nose 1.3.6 (was 1.2.1) pep8 1.6.2 (was 1.5.7) ply 3.7 (was 3.1)
pycurl 7.19.5.1 (was 7.19.0) pylint 1.4.3 (was 0.25.2) Python 3.5.1, 3.4.3, 2.7.11 (was 3.4.3, 2.7.9, 2.6.8)
quilt 0.64 (was 0.60) readline 6.3 (was 5.2) rrdtool 1.4.9
screen 4.3.1 (was 4.0.3) sed 4.2.2 (was 4.2.1) slrn 1.0.1 (was 0.9.9)
snort 2.9.6.2 (was 2.8.4.1) sox 14.4.2 (was 14.3.2) stunnel 5.18 (was 4.56)
swig 3.0.5 (was 1.3.35) text-utilities 2.25.2 (was 2.24.2) timezone 2015g (was 2015e)
tomcat 8.0.30 (was 8.0.21, 6.0.43) vim 7.4 (was 7.3) w3m 0.5.3 (was 0.5.2)
wget 1.16.3 (was 1.16) wireshark 1.12.8 (was 1.12.5) xmlto 0.0.26 (was 0.0.25)
xz 5.2.1 (was 5.0.1)

Tuesday Jan 26, 2016

Preparing for the Upcoming Removal of UCB Utilities from the Next Version of Solaris

(Note: Edited after errata noted and suggestions made by the Solaris team)

For those of you who are holding on to the /usr/ucb commands as a last vestige of Solaris's origins in the UC Berkeley UNIX distribution, it's time to act. The long-anticipated demise of the /usr/ucb and /usr/ucblib directories is planned for the next major version of Solaris. If you are building software that uses these components, now's the time to switch to alternatives.  Shell scripts are often used during software installation and configuration, so dependency on /usr/ucb commands could stop your app from installing properly.

If you don't know if your software package depends on the commands or libraries in these directories, here's a simple heuristic:  if you're not requiring Solaris 11 users to run "pkg install ucb" that means you're not using ucb command or libraries, and you can skip the rest of this writeup.

If you're still reading, perform these checks:

  • Do you explicitly add /usr/ucb in the PATH for your shell commands, so that you get the /usr/ucb versions of commands instead of the /usr/bin?
  • Do any shell scripts use /usr/ucb in PATH variables or explicit command paths?
  • Do any system() or exec*() calls in your application use /usr/ucb?

You can go to the top level directory of your software, either your build tree or your distribution and run:

    # find ./ \( -type f -a -print -a -exec strings '{}' \; \) | \
    nawk '/^\.\// {file =  $0; first = 1}; /usr\/ucb/ {if (first) {print "FILE:", file; first = 0}; print "\t" $0}'


This shell code will print out any files with strings containing "usr/ucb", so it catches /usr/ucb and /usr/ucblib. Here's the output from running it in a test directory:

FILE:  ./mywd/Makefile
                  INSTALL = /usr/ucb/install
FILE:  ./d.ksh
            /usr/ucb/date -r $seconds $format
FILE:  ./DragAndDrop/core.1
        /usr/ucblib
FILE:  ./%s
        PATH=/usr/openwin/bin:/usr/local/bin:/usr/bin:/usr/etc:/usr/sbin:/usr/ucb:.
FILE:  ./uid.c
        printf( "/usr/ucb/whoami: " );
        system( "exec /usr/ucb/whoami" );
FILE:  ./SUNWvsdks/reloc/SUNWvsdk/examples/docs/README.makefiles
        Please make sure the "ld" used is /usr/ccs/bin/ld rather than /usr/ucb/ld.

Note: The command sees lines that start with "./" as file names, so the command mistook the "./%s" it found in ./DragAndDrop/core.1 as a file name. The next line was really found in the file  DragAndDrop/core.1. If you see a file name in the output that doesn't exist, then the script was was confused in just this way. Ignore the FILE: line for the non-existent file, and the rest of the output will make sense.

Commands most likely to come from /usr/ucb:

  • ps -- now the /usr/bin version also accepts the /usr/ucb/ps arguments
  • echo -- "-n" for no newline vs. "\r"
  • whereis -- No direct replacement.
  • whoami  -- Replacement in /usr/bin
  • sum -- /usr/ucb and /usr/bin versions return different checksums, see manpage sum(1B)
  • touch -- /usr/ucb/touch has a -f option not in /usr/bin/touch

The good news is that of the 76 commands in /usr/ucb as of Solaris 11.3, 45 of them are links back to /usr/bin, and only 31 are unique to /usr/ucb.  This means that many of the commands in /usr/ucb are available in /usr/bin by default now and in some cases, /usr/ucb may not be required at all.  "ls -la /usr/ucb" shows the commands that are linked to /usr/bin.

The man pages for a /usr/ucb command can be displayed with "man -s1b <cmd>", e.g.

# man -s1b echo

Now check for libraries. Look back at the find output, or peruse your own build files. Do you see /usr/ucblib in any makefiles, or any LD_LIBRARY_PATH / LD_PRELOAD variables?

Libraries in /usr/ucblib and /usr/ucblib/sparcv9:

  • libcurses.so
  • libbdbm.so
  • librpcsoc.so
  • libtermcap.so
  • libucb.so

So get ready for the changes in Solaris, and clear out the last remnants of UCB, along with your SunOS 4.x documentation and your Joy of UNIX button. Fix up your software before Oracle releases the  version of Solaris without /usr/ucb and /usr/ucblib.

Tuesday Jan 12, 2016

Best Practices Using Oracle Solaris Compliance Tool for SAP

In a recent blogs we talked about end-to-end security with Oracle Solaris 11, SPARC M7 and the ISV Ecosystem  and one of the main elements: the built-in Solaris 11 compliance tools.

Organizations such as banks, hospitals, and governments have specialized compliance requirements. Auditors, who are unfamiliar with an operating system, can struggle to match security controls with requirements. Therefore, tools that map security controls to requirements can reduce time and costs by assisting auditors.

Oracle Solaris 11 lowers the cost and effort of compliance management by designing security features to easily meet worldwide compliance obligations; documenting and mapping technical security controls for common requirements like PCI-DSS to Oracle Solaris technologies. The simple-to-use tool Oracle Solaris compliance tool provides users with not only reporting but also simple instructions on how to mitigate any compliance test failure. It also provides compliance report templates.

Available since release 11.2, Oracle Solaris provides scripts that assess and report the compliance of Oracle Solaris to two security benchmarks:

  • Oracle Solaris Security Benchmark and
  • Payment Card Industry-Data Security Standard (PCI-DSS).

The new command, compliance (1M), is used to run system assessments against security/compliance benchmarks and to generate HTML reports from those assessments. The reports indicate which system tests failed and which passed, and they provide any corresponding remediation steps.

A new whitepaper introduces the compliance report on Oracle Solaris and provides information and best practices on how to assess and report the compliance of an Oracle Solaris system to security standards for SAP Installations. The procedure in this whitepaper was tested on an Oracle Solaris global zone, non-global zone, kernel zone, Oracle SuperCluster, Oracle Solaris Cluster, as well as various SAP Advanced Business Application Programming (ABAP) and Java releases with Oracle Database 11g and 12g. The document concludes with information on an additional new SAP benchmark for SAP applications with special security requirements. Read the whitepaper for details. There is also a related SAP note 2114056  "Solaris compliance tool for SAP installation" published (requires SAP login).

Friday Jan 08, 2016

Informatica Analytics on Oracle SPARC: Up-to 9X Faster with In-Memory DB

Oracle and Informatica have a very close working relationship and one of the recent results of this collaboration is the joint project done by Informatica and our Oracle ISV Engineering team to test the performance of Informatica software with Oracle Database 12c In-memory on Oracle SPARC systems. 

Informatica previously optimized their PowerCenter and Data Quality applications on Oracle Engineered Systems, achieving up-to five times faster performance with Oracle Exadata Database Machine and the SPARC-based Oracle SuperCluster (see announcement). They have been Oracle SuperCluster Optimized as well as Oracle Exadata and Exalytics Optimized since 2014. Now they have taken a step further by successfully testing PowerCenter with the Oracle Database 12c In-memory feature achieving extreme performance on SPARC.

A significant number of Informatica customers use Oracle as their main database platform. With the introduction of the Oracle Database 12c In-Memory Option, it is now possible to run real-time, ad-hoc, analytic queries on your business data as it exists right at this moment and receive results in sub-seconds. True real-time analytics! The Oracle SPARC big memory machines with up to 32 terabytes of memory are the perfect match, delivering extreme performance for in-memory databases and business analytics applications. 

Informatica PowerCenter and Oracle Database 12c were both installed on the same machine and Informatica leveraged the In-memory feature really well and was able to scale very well on the Oracle SPARC machine.

The following are some of the test results showing the Oracle Database 12c in-memory advantage on SPARC for Informatica:

  • TPC-H Q6 Performance: 9x in-memory over buffer cache for the workload tested
  • TPC-H Q10 Performance: 1.5x in-memory over buffer cache for the workload tested
  • Oracle Writer Throughput Performance: 2.5x performance improvement in Ram Disk to Ram Disk over Disk to Disk
  • PDO Performance:  Aggregator Tx Throughput: 1.5x in-memory over buffer cache for the workload tested

The tests were run with the following software/hardware stack: 

  • Informatica 9.6.1
  • Oracle SPARC, 8 PROCESSOR, 12 core , 2TB RAM, 4.3 TB Disk
  • Oracle Solaris 11.2
  • Oracle DB 12c
  • Network 10GBps
  • Setup: Domain and DB on same machine

Oracle SPARC servers and Oracle SuperCluster with Oracle Database 12c In-memory prove to be a great platform for Informatica customers to run their analytic queries. 

For more details you can contact isvsupport_ww@oracle.com.


Thursday Dec 24, 2015

The Advantage of Running Temenos on Oracle Engineered Systems

Temenos, a market leader in banking applications, recently won the prestigious Oracle Excellence Award for Exastack ISV Partner of the Year for EMEA.

In the following video Simon Henman and Martin Bailey from Temenos discuss their banking applications and the main challenges their customers face.  They also discuss how Oracle Engineered Systems address these challenges and allow their customers to focus on their banking task itself and not on the infrastructure. That is why they recommend them to their customers and have become Oracle SuperCluster, Exadata and Exalogic Optimized.

In previous blogs we discussed how their main application T24 is SuperCluster Optimized as well as their WealthManager application.

Watch the Video.

Monday Dec 21, 2015

Scaling Intellect MH on Oracle SPARC to 25,000 TPS


Intellect Design Arena Ltd, a Polaris Group company, is a global leader in Financial Technology for Banking, Insurance and other Financial Services.

A joint performance and scalability testing exercise was conducted by Intellect Design and Oracle Engineering teams to study the performance and scalability of Intellect MH on Oracle SPARC systems. The activity was aimed at scaling up the application load in terms of Transactions Per Second (TPS) with a workload that consisted of a mix of 10 OLTP scenarios with audit logging enabled, as well as some related batch scenarios. 

Intellect FT Message Hub (MH) is a lightweight Java based integration platform that facilitates seamless and transparent integration of business applications. It reduces the complexity of integrating disparate applications by leveraging the principles of Service Oriented Architecture (SOA).   

MH provides a function to exchange data online and in batch mode, and enables various interfaces, integration of customer access channels like PCs connected to the Internet and mobile phones, and connection with external financial intelligence institutions and settlement networks.

Message Hub serves as a pass-through station between business applications. It provides a common platform for the customer to do business transactions. The Listeners will be an entry point for front-end systems to perform straight through transaction processing. Transaction Rule Engine (TRE) communicates with the Communication Engine and the Message Engine for communication with the host and message formatting requirements respectively. These engines coordinate the operations based on configured rules. 

The following are the key features of Intellect FT Message Hub:

  • Routing
  • Message transformation
  • Message enhancement
  • Protocol transformation
  • Transaction workflow management
  • Synchronous/Asynchronous transaction
  • Pre/Post process transaction
  • Post dated/ scheduled transaction 
  • Fail-over
  • Support custom action 

MH supports all industry standard protocols including SOAP over HTTP, SOAP over JMS, RESTful, TCP/IP, MQ, JMS, HTTP/s, EJB, File, FTP, SFTP, SMTP, IMAP, POP3. The product also supports a wide range of messaging standards such as SWIFT, ISO 8583, XML, SOAP, JSON, Fixed Length, NVP, Delimited, EBCDIC, POJO, MAP.

The diagram below shows the technical architecture of Intellect FT Message Hub.


Test Details 

OLTP Tests:

The most common MH transactions were covered in the tests. Different transactions were tested with different listeners and communication engines. A mix of the following 10 OLTP Scenarios was tested:

Audit logging:

Audit records  that contain the request and message details are inserted into  the MH database, once at the point of receipt of the message in MH and a second time after the message has just been processed but before the transmission of the message to the external system using communication engines.

Batch Tests:

In batch processing, records are picked up by Intellect MH from a preconfigured location. The files are processed and records are submitted to external systems (stubs) using JMS communication engines.  Multiple files are processed by the managed servers in parallel. The following batch processes were tested:

Hardware Details:

The application was deployed on Oracle SPARC T5 systems, FS1 Flash storage and ZS3 storage. 

Software Details:

  • Oracle Solaris 11.2 
  • Oracle Database 12c RAC 
  • Oracle Weblogic 12c Cluster 
  • Oracle HTTP Server 12c 
  • Oracle JDK 8 
  • Apache JMeter  
  • IBM MQ 
  • Polaris FT Message Hub 15.1 


Test Results:

The systems near linearly scaled up to 25,000 TPS, with an average response time of 323 ms and about 52K concurrent users.  For the batch tests around 10 million records (1000 Files, each containing 10000 records) were processed in 21 minutes. 

These results are 6x better than results seen currently on typical large customer deployments.

More Information: 

For more information, details and system sizing help you can contact the team via isvsupport_ww@oracle.com.



Tuesday Dec 08, 2015

IBM GSKit Supports SPARC M7 Hardware Encryption

Oracle and IBM have a very close working relationship running IBM software on Oracle hardware. One of the recent results of this collaboration is the announcement by IBM that its GSKit v8 now supports SPARC M7 hardware encryption (as well as SPARC T4 and T5 processors). This, in turn, means that several IBM software products can now make use of on-chip SPARC hardware encryption today, automatically, without significant performance impact

What Is GSKit?

The IBM Global Security Kit (aka GSKit) is not a product offering in itself, but instead a security framework used by many IBM software products for its cryptographic and SSL/TLS capabilities. Example IBM products making use of GSKit today include DB2, Informix, IBM HTTP Server and WebSphere MQ. This latest version of GSKit ( aka "IBM Crypto for C" ), version 8, was validated as a FIPS 140-2 Cryptographic Module within the past earlier this year.

Obtaining The Proper Version of GSKit

GSKit is bundled with each product that makes use of it; over time, new product releases will incorporate GSKit v8 by default. Until then, the latest GSKit v8 for SPARC/Solaris is available on IBM Fix Central, for download and upgrade into existing products. Installation instructions can be found here.

The support described above is available in GSKit v8.0.50.52 and later. As of this writing, the latest GSKit v8.0.50.55 is available for download from Fix Central.

IBM Products that currently make use of GSKit v8 on Solaris (and therefore could take advantage of SPARC on-chip data encryption automatically) include (but are not limited to):

Determining Current GSKit Version

  • $ /opt/ibm/gsk8/bin/gsk8ver # 32-bit version
  • $ /opt/ibm/gsk8_64/bin/gsk8ver_64 # 64-bit version

What This Means

In many cases (such as SSL/TLS over-the-wire communication), products using the proper version of GSKit on Solaris/SPARC will automatically take advantage of hardware encryption. Situations with larger client-server packets will benefit more than those with small packet sizes.  

This will allow these products to make use of the increased security that encryption offers with extremely low performance overhead (something that is not possible with software-only crypto or hardware crypto on other platforms).

Because each of these IBM products has specific use cases, we'll cover more details for each in future blogs.

Monday Dec 07, 2015

End-to-End Security: Solaris 11, SPARC M7 and the ISV Ecosystem

You'll be seeing quite a bit on this blog about increasing security of your applications in the coming weeks and months. Before that, however, before we dive into the specs and numbers, the wonders of CPU features, the software technologies that protect -- it is worth setting some overall context.  

Security is more than just data encryption. Indeed, security is more than any single feature, technology or product. Security, as much as anything in the IT world, must be addressed, planned-for and administered both in the whole, as well as the details. Security must be considered from beginning to end or -- as we engineers like to say -- "end-to-end". Holistically. The Big Picture. Soup to Nuts. You get the idea.

Because, in truth, while any single component of a system can provide state-of-the-art security for its little realm, the entire system is only as secure as each and every component. Your on-disk encryption can be unbreakable, but if your system uses weak passwords on internet-facing portals, your company could be the next featured New York Times data breach story.

Within the Oracle Systems Group, we get that. We understand that it takes more than algorithms and firewalls. That's why we'll be talking about Best Practices. About Security Compliance. About Industry and Governmental Security Standards. About hardware encryption. About all the roles in the development, deployment and use of a system. About the pieces of a system which, in total, is 'end-to-end secure'.

With the recent announcement of SPARC M7, Oracle now has the most compelling End-to-End Security platform for the Data Center. These new SPARC-based servers, with on-chip Security in Silicon, and running the Solaris 11 Operating System provide the following enhancements:

  • Silicon Secured Memory: For the first time, Silicon Secured Memory adds real-time checking of access to data in memory to help protect against malicious intrusion and flawed program code in production for greater security and reliability. This protection is available to third-party software developers via application programming interfaces.

  • Hardware-Assisted Encryption: Built into all 32 cores, this feature enables data encryption without performance penalty. This gives customers the ability to have secure runtime and data for all applications even when combined with wide key usage of AES, DES, SHA, and more. Existing applications that use encryption will be automatically accelerated by this new capability including Oracle, third party, and custom applications.

  • Built-in Solaris Compliance Tools: Oracle Solaris 11 lowers the cost and effort of compliance management by designing security features to easily meet worldwide compliance obligations; documenting and mapping technical security controls for common requirements like PCI-DSS to Oracle Solaris technologies with a simple-to-use tool that provides not only reporting but also simple instructions on how to mitigate any compliance test failures; and providing compliance report templates. The compliance system is standards based (XML) and built on the SCAP ecosystem (XCCDF, OVAL, and SCE), which easily integrates with enterprise wide compliance management programs. 

Tuesday Dec 01, 2015

Increasing Data Security with SPARC M7 'Always On' Cryptography

Oracle's new SPARC M7-based servers (released in late October) have numerous compelling hardware features, including the all new Software in Silicon feature set. What many still don't realize is that one of these features -- Hardware Assisted Cryptography -- has existed on SPARC CPUs for several generations. SPARC M7 provides the most powerful on-chip hardware encryption capabilities to date, and what many don't know is that it's Always On and it's available at No Extra Cost. It's also supported by a plethora of Oracle and third-party software offerings Right Now.

SPARC M7 provides 32 cryptographic engines per processor, delivering wide-key encryption of both 'data at rest' and 'data in-motion' with near zero performance impact. Most of today's most secure bulks encryption ciphers, message digests and public-key encryption algorithms are supported. Nothing to enable, no code to change.

SPARC M7 on-board encryption functionality (similar to that of previous-generation SPARC T5):

Accelerator Driver: Userland (no drivers required)
Public-Key Encryption: RSA, DSA, DH, ECC
Bulk Encryption: AES, DES, 3DES, R4, Camelia
Message Digest: CRC32c, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
APIs: PKCS#11 Standard, UCrypto APIs, Java Cryptography Extensions, OpenSSL

What about software support? Oracle 12c already takes advantage of M7 HW Crypto via its Oracle Advanced Security Transparent Data Encryption (TDE), out of the box. WebLogic? The same - it works out of the box. This is true for both native (C/C++-based) and Java Oracle "Red Stack" applications, all of which make seamless use of the underlying hardware encryption mechanisms. 

Okay, you say, we'd expect Oracle's Database and Middleware to support Oracle hardware features -- what about the rest of us? Well, as it turns out, much of the framework software in Solaris 11 is hardwired to take advantage on SPARC HW Crypto when it's detected. Third-party software that makes use of these will usually "get HW Crypto for free". This list includes:

  • openssl (5)
  • ssh (1)
  • Solaris VM for SPARC (aka LDoms)
  • Java runtime - configured via standard JCE/JSSE security mechanisms
The Systems ISV Engineering team is currently working with a number of Solaris ISVs to insure support and optimal usage of SPARC Hardware Crypto functionality. Look for future blog posts here (and technical articles on OTN) where we will cover this topic with ISVs such as IBM and Sybase.

"The future data center is completely encrypted, and this is the first processor that enables that."

— John Fowler, Oracle Executive Vice President for Systems

You can test your applications on SPARC M7-based systems today, to explore and leverage their breakthrough technologies using the Oracle Software in Silicon Cloud for developers and partners. Available now to all OPN members, enterprise developers with MOS accounts and university researchers (members of Oracle Academy), the Software in Silicon Cloud is a robust and secure cloud platform with ready-to-run virtual machine environments and offers easy access to Oracle SPARC M7 systems running Oracle Solaris 11.3. Try it today!

Additional Reading:

Tuesday Oct 13, 2015

Asseco def3000/CB Core Banking Systems Optimized on Oracle SuperCluster


 “Our biggest clients need highly performant and scalable systems to grow their business and consolidate data from other banks in the future.  With Oracle SuperCluster we can offer a platform that meets these requirements and offers our. Oracle Systems are now a preferred platform customers lower TCO for Asseco's def3000/CB solution.”- Robert Płociński, Technical Director, Commercial Banks Dept, Asseco

Asseco Poland is the largest IT company listed on the Warsaw Stock Exchange. It has developed technologically advanced software solutions for companies and institutions of all key sectors of the economy for more than 20 years. Today, Asseco is the number one IT powerhouse in Central Europe and the sixth largest software vendor in Europe.

Their def3000/CB (Core Banking) system constitutes the central point of their product offerings for a modern financial institution. It is a state-of-the-art, comprehensive tool, which allows to pursue an effective, efficient and competitive policy of the Bank.

Recently Asseco tested and tuned def3000/CG on Oracle SuperCluster and achieved Oracle Exastack SuperCluster Optimized Status.

Here's what they tested:

  • def3000/CB 10.05.000N
  • Oracle SuperCluster T5-8 Half Rack using Solaris Zones and 4 Exadata X5 HC storage nodes
  • Oracle WebLogic Server 11g
  • Oracle Database Enterprise Edition Release 12.1.0.2
  • Oracle Real Application Clusters
  • Oracle Partitioning

Oracle Solaris 11 Oracle SuperCluster accommodated the workload requirements and performance SLAs from their biggest customers as well as near linear scalability with RAC and Database partitioning.

It met business and technical requirements to be a preferred platform for def3000.

For more information about def3000 check here.



Wednesday Sep 16, 2015

Innovative Software Provider Moves to SPARC Solaris


Shanghai Baosight Software Company is the IT software business unit of Baosteel, recognized as the fourth-largest steel producer in the world.  Baosight Software is an innovative software provider in the manufacturing industry delivering a variety of enterprise modernization software solutions, such as manufacturing execution systems (MES), energy management systems (EMS), ERP, BI, and IT consulting services.

Recently Oracle and Baosight worked together to successfully port the iHyperDB and iCentroView Systems applications from Windows OS to Oracle Solaris 11.2 on SPARC T5 servers.  The primary drivers of this move to SPARC Solaris is improved performance and greater system stability.   Oracle Solaris 11.2 delivers an integrated cloud platform with industry-leading virtualization and a complete OpenStack distribution for Baosight.

Baosight's iCentroView is an integrated monitoring system which is widely used in  intelligent traffic, intelligent buildings, coal mine safety, water conservancy, and many other sectors.  iCentroView was utilized on the integrated monitoring system for the first cross-river tunnel under the Qiantang River, to intelligently observe the running state of equipment and traffic conditions inside the tunnel.

Baosight's iHyperDB is a high performance real-time database, which stores massive amounts of data while providing efficient data indexing, statistical analysis and visualization capabilities. Baosight is basing its future on the Internet of Things (IoT), and iHyperDB will enable large amounts of data storage for IoT solutions in enterprise modernization solutions for Baosight.

Baosight was rated among “The Ten Most Innovative Software Company in China” by China Software Industry Association in 2007and 2008.  Baosight owns 143 registered software products, 150 patents and 261 registered software copyrights. Shanghai Baosight Software Co., Ltd. is an Oracle PartnerNetwork Gold member.

Wednesday Aug 05, 2015

OpenWay Optimized on Oracle SuperCluster


OpenWay Group is a payment processing software vendor headquartered in Brussels, Belgium. OpenWay’s WAY4 Card Issuing and Merchant Acquiring, Financial Switching, Personalized Mobile Payments, Mobile Wallet and other payment solutions successfully operate at 130 banks, processing and telecom companies in Europe, Asia, North and Latin America, the Middle East, and Africa. WAY4 is a customer-centric rule-driven environment for debit, credit, prepaid and commercial cards, deposits, loans, current accounts, mobile money and other financial products, for targeted marketing campaigns and personalized self-service via ATMs, kiosks, POS terminals, web, mobile banking and other channels.

Recently OpenWay completed Oracle SuperCluster Optimized testing and certification. They had the following goals:
  • Prove that the SuperCluster T5  solution performance meets and exceeds the results of a similarly scaled platform with traditional storage on volumes of up to 10 Million cards
  • Demonstrate a configuration as close as possible to real life conditions: a complex credit card configuration and a long transaction history, high availability for authorizations, PCI DSS, as well as simulation of long distance between two sites.
  • Measure the results in terms of TPS, response time and scalability

The tests were conducted on an Oracle T5 SuperCluster with:

  • WAY4 CMS and Switch v03.40
  • Oracle Database 11g, Release 2
  • Oracle Database, Real Application Clusters
  • Oracle Database, Advanced Security and Partitioning Options
  • Oracle Solaris 11

Results demonstrated a 2x shorter average response time compared to a similarly scaled platform with traditional storage and great scalability on TPS and response time when adding more CPUs. The data encryption as per PA-DSS standards also resulted in only 5% performance overhead.

“WAY4 CMS and Switch solutions by OpenWay have demonstrated a very high performance on the SuperCluster T5 while running in a high available configuration. This benchmark will create opportunities for OpenWay customers to benefit from the engineering solutions by Oracle on SuperCluster T5/Solaris platform while reaching another level of the service quality." - Dmitry Yatskaer, CTO OpenWay

More information about OpenWay Group can be found here and the Oracle Exastack Optimized program information is  here.

Tuesday Aug 04, 2015

Docker in the Zone with Oracle Solaris

After including a full distribution of OpenStack in Oracle Solaris 11.2 last year, Oracle recently announced plans to integrate Docker into Oracle Solaris. The integration will allow enterprise customers to use the Docker open platform to easily distribute applications built and deployed in Oracle Solaris Zones. Oracle also plans to make software including Oracle WebLogic Server available for development and testing as Docker images.

A majority of Oracle Solaris customers use Solaris Zones for its industry-leading scalability and efficiency, as well as comprehensive resource and security isolation, which is critical for enterprise class environments. Oracle Solaris Zones are also widely recognized as license boundaries for most enterprise applications, allowing customers to significantly lower costs.

“Docker welcomes Oracle Solaris to the Docker community. Integrating Docker with Oracle Solaris Zones will bring a mature and proven container technology to Docker environments running in enterprise class clouds,” said Nick Stinemates, vice president of Business Development & Technical Alliances for Docker.

“As enterprises have increasingly adopted cloud technologies over the last few years, collaboration between development and operations has become a business imperative,” said  Laurent Lachal, Senior Analyst, Infrastructure Solutions, Ovum.  “Oracle’s move to integrate Docker into Oracle Solaris is a win-win proposition. Cloud developers can take advantage of Oracle Solaris’ full OpenStack distribution, built-in security capabilities and easily migrate workloads across a broader choice of platforms.”

Read the full press release here.

Wednesday Jul 22, 2015

Scale up or Scale out?

QuartetFS In-memory Analytical Suite on Oracle SPARC Servers

Is scale out really the most cost effective architecture for all solutions?

ActivePivot, the in-memory analytics suite from QuartetFS, is implemented by customers such as HSBC, Société Générale, FNAC, Gefco and EBRD. On June 12, during Technology Keynote of the 7th annual ActivePivot User Group conference, Antoine Chambille, head of research & development at Quartet FS, along with Eric Bezille chief technologist of Oracle Systems France, discussed the benefits of scaling up ActivePivot on large memory machines. They shared the near linear scalability and great performance results of a joint benchmarking and tuning effort with recently released ActivePivot 5.2 running on an Oracle M6 SPARC server with 3072 CPU threads and 16 TB of memory. They also discussed the cost effectiveness of such a solution.

Watch the video and check out the presentation for more details.

Two sessions in JavaOne 2015 will also discuss the results of this project CON1855 and CON1917.




Monday Jul 13, 2015

Surveillance Video Vault with Oracle SPARC T5

Scalable Combined Solution

Powered by Oracle, the SoleraTec Surveillance Video Vault delivers exceptional video surveillance recording, storage, and management in one complete end-to-end solution. With the stability and robustness only Oracle can deliver, the SoleraTec Video Vault solution provides police departments, transit authorities, critical infrastructure facilities, bank and finance companies, retail establishments, and educational institutions complete peace of mind. 

Providing architecture for each discrete section of an overarching video surveillance infrastructure, the Oracle based
SoleraTec Surveillance Video Vault manages the initial capture, live view capabilities, and complete video migration to
long-term retention storage. This Oracle hardware stack in concert with SoleraTec’s Phoenix RSM™ surveillance video management software delivers the most cost-efficient, dependable, scalable multi-tiered solution available without any of the complexity.

Check out the datasheet for more details.

Tuesday Jul 07, 2015

Oracle Solaris 11.3 Beta is now available

Oracle Solaris 11.3 Beta is now available for download!

The Oracle Solaris 11.3 Beta program is an opportunity for developers and architects of our ISV partners to evaluate a pre-release version of the latest Oracle Solaris enterprise cloud platform.

Some of the key new features in this release:

  • Oracle Solaris’ advanced and easy to use, built-in security features help you prevent hacking and avoid malware for the lifetime of your applications, from install to run-time and prove it simply! Through the bundled compliance tools, tailored reports can be generated easily and rapidly saving money and time.
  • Support for Oracle's Software in Silicon ADI feature on SPARC M7 processors. Oracle Solaris 11.3 introduces support for this new functionality through both tools (mdb, DTrace) and APIs through a new libadimalloc system library.
  • Live Migration for Kernel Zones. You can now move kernel zones instances around in your cloud infrastructure without incurring an outage.
  • Updated OpenStack software to the Juno version of OpenStack, including new services like Heat, Ironic and the Murano application catalog from our friends at Mirantis.
  • Oracle Solaris virtualization technologies give you all the flexibility of a hypervisor with the performance and density of a container, enabling you to deploy your enterprise workloads safely and securely, in traditional or OpenStack based cloud environments.
  • Simplified and fast lifecycle management provides for large gains in productivity and lower cost of operations, enabling you to build new products and services and deliver on your business strategy faster.

Start learning about these new features by reviewing the What's New document and check the Product Documentation.

Wednesday Jun 17, 2015

Sinosure Core Business System Excels on Oracle SPARC T5 and Solaris

China Export & Credit Insurance Corporation (SINOSURE) is China's only policy-oriented insurance company specializing in export credit insurance. It began operations on December 18, 2001. Since then SINOSURE has formed a nationwide service network. 

SINOSURE Core Business System 6.0 is the main platform for insurance product operation & risk control, covering the execution & management of all of the insurance business.

Recently Oracle and SINOSURE worked together to test and certify SINOSURE Core Business System 6.0 on Oracle Solaris 11 and SPARC T5. This application is based on Oracle Weblogic 12c, JVM HotSpot JDK7 and Oracle Database 11gR2.  Oracle Solaris Zones, the built-in, no-cost, no-overhead virtualization technology in Solaris, was used to consolidate the application, middelware and database on the same SPARC T5 server. Oracle Solaris delivers unique innovation and optimization for Oracle database and middleware that helped increase the application performance.

The tests demonstrated that SINOSURE Core Business System6.0 runs extremely well on the Oracle SPARC T5 server.  The speed to start-up was much faster than any previous deployment and the combined solution proved to be very stable and fast!

Monday Jun 01, 2015

Oracle's Software In Silicon Cloud Is A Hit!

Oracle’s Software in Silicon Cloud is available NOW, free of charge, to our customers and partners for a test drive.

This special offering provides our ISV partners and enterprise developers early access to the revolutionary Software in Silicon technology in the forthcoming Oracle SPARC M7 processor running Oracle Solaris 11, with a robust and secure cloud platform and ready-to-run virtual machine environments.

And we have 3 partners who have great things to say about using it TODAY!



JomaSoft is utilizing Oracle’s Software in Silicon Cloud to evaluate memory leak and code security of their cloud management platform, Virtual Data Center Control Framework (VDCF). “Leveraging the Software in Silicon Cloud literally saved Jomasoft weeks in comparison to our normal beta test cycle process in-house." —Marcel Hofstetter, CEO


">Capitek is also leveraging this cloud offering to evaluate Oracle's latest Software in Silicon technology in the SPARC M7 processor.  “We were able to create our own customized application test and verification environment in just minutes, while eliminating the need to acquire and deploy our own server resources for similar tests." —Jerry Chen, Senior Manager, Telecom Software Product Department

AsiaInfo is testing their AsiaInfo Internet Short Message Gateway (AIISMG) solution on Oracle’s Software in Silicon Cloud to improve overall software reliability and security.  “The Software in Silicon Cloud is a very economic and efficient method for AsiaInfo to validate the upcoming hardware and software from Oracle on our AIISMG solution." —Fu Tingsheng, Director of Engineering

Learn how you can break the code to take advantage of this revolutionary new technology in software development.

Get an edge on your competition — Sign up NOW!



Friday May 22, 2015

Tivoli Storage Manager Supports Solaris 11.2


IBM recently announced support for Tivoli Storage Manager on Solaris 11.2. TSM Client is supported on both SPARC and X86, while TSM Server is supported only on SPARC.

This support is available in v7.1.1.200 of the product.

Monday May 11, 2015

Oracle for SAP Technology Update

Oracle and SAP have had an ongoing commitment to tens of thousands of joint customers for over 27 years. Deploying SAP applications on Oracle platforms delivers end-to-end SAP infrastructure solutions that improve productivity and performance, increase system utilization, and create an eco-friendly data center. The two companies recently renewed their longstanding reseller and support agreements to provide enhanced access to Oracle Database technology and world class customer support.

The Oracle for SAP Technology Update is an annual publication that provides updates and information about Oracle products and services for SAP customers. The latest update was published this month.  Example topics covered are:

  • Oracle Database 12c for SAP: Roadmap and Base Certification Features 
  • Implementing a Data Management Infrastructure for SAP with Oracle Database Options and Packs
  • Why Oracle Database and Engineered Systems for SAP
  • Oracle Mission-Critical Support Services for SAP Customers
  • Oracle DB and Oracle Solaris related Notes for SAP
  • Why more and more SAP customers are migrating to Solaris
  • Oracle Security Solutions for SAP environments
  • Customer Examples

You can get the full report here: Oracle for SAP Technology Update #24

About

Application tuning, sizing, monitoring, porting on Solaris 11

Search

Categories
Archives
« February 2016
SunMonTueWedThuFriSat
 
1
2
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
     
       
Today