Number 63 (Update of Volume 6, Issue 8)

Itanium takes to the streets at last

HP released its first computers using the chips it developed with Intel over the past seven years, processors which began their life as Merced and were eventually renamed Itanium by Intel. It's a mark of the sway Intel holds over the project that it was allowed to ultimately name the processors. A Wall Street Journal article on the project, whose fruits are destined to replace the existing PA-RISC chips powering all HP's top servers, described fierce battles between HP and Intel over how the processor would be designed and what it would carry, conflicts that led to the multiple delays of the project.

The HP server rx9610 is HP's most powerful Itanium system, using the first generation of the processor family. HP built the rx9610 on a cell architecture similar to the Superdome. HP said the server "delivers leadership performance for floating-point and Secure Socket Layer calculations, making it an outstanding choice for technical and Internet-focused applications." Analysts wasted little time testing the system to find it wasn't quite as fast in some aspects as Sun's latest SPARC designs. The revelation didn't rock the market, however, since most experts are pointing to the McKinley generation of Itanium as the door-buster for performance.

The HP e3000 division hasn't had much public comment about its use of Itanium chips in future systems. Division leaders have made multiple references to the longevity of the PA-RISC family, and roadmaps show those processors serving as the bedrock of HP 3000s through 2004. Officials from the division have said that Itanium will be offered in HP 3000 models when it makes good sense to diverge from the PA-RISC path, one that's got at least three more iterations — 8700, 8800 and 8900 — on the drawing boards to serve in e3000s.

HP said that Itanium can run multiple operating systems in native mode, "and will become the essential platform for all of them." It's first systems employing the processor use HP-UX, and the company asserted that customers "can run any of thousands of 32-bit and 64-bit PA-RISC applications unchanged on the HP server rx9610 -- and when you are ready to optimize your applications for Itanium, HP has the support and the software tools to smooth your transition."

HP takes a hard look at multithreading

Hewlett-Packard engineers at the Commercial Systems Division (CSY) were giving the top enhancement request from this year's SIB improvement ballot a hard look this month, trying to decide how and when they'd deliver a thread-aware and thread-safe version of TurboIMAGE. CSY hadn't made any public commentary on which of the top 11 requested items would surface in short order from the ballot, well over a month after the winners were announced.

Voters had not made things any easier by requesting multithreading capabilities for IMAGE as their top enhancement request, a technical challenge made even more complex by conflicting desires among those who voted for it. Some say that multithreaded IMAGE is a shadow of a longer-standing enhancement request for the system -- renovating the fork() behavior in MPE/iX to improve its performance and more accurately mimic the way fork() works in Unix environments. Forking an open database, something that customers in Internet and Web-based environments might want to do very soon, is uncharted territory for the HP 3000 and its database.

Interex posted a loss in its latest fiscal year

While the HP user group Interex helped deliver the SIB enhancement list for the HP 3000, the group was reporting that its fiscal year 2000 was a tough one. The group operated at a loss for the year, needing to dip into its reserve fund for another $153,000 to cover the shortfall. It was the second straight year that the user group went into its reserve fund, and the two-year total loss is more than $345,000.

Comments from the board of directors indicated that the last fiscal year showed more than $9.8 million in revenues, an increase of $161,000 from the prior year. But expenses to promote the HP World conference contributed to an increase of $134,000, and there were increases in printing, production and distribution related to the user group's publications. Membership dues were off $188,000 for the year, and advertising was down $134,000, but revenues from the user group's conference operations increased $562,000, fueled in part by a successful launch of the HP 3000 Solutions Symposium.

In the years where Interex has shown a profit, the organization has banked its excess into a reserve fund. The group calls this its Members Equity, and that fund has $1.3 million in reserve left. The Year 2000 "net loss and resulting decrease in Members' Equity reflects the Association's efforts to invest in new products and services," according to notes from the Interex board. In a recent memo to its volunteers, the group said it is anticipating more revenue reductions in the current year.

MPE certification takes a step forward

The detail-driven process to create a certification track for HP 3000 managers took another step forward as a full slate of experts was named to steer the test design process. Tech Group University, which is leading an effort across many HP 3000 consultants and veterans, reported that all levels of certification now have leaders:

"The committee members for the various certifications have been selected and given their marching orders," said Tech Group's Jon Backus. "The MPE Certification program calls for a total of nine tests. There is an entry level 'Certified Professional' (MPE-CP) geared to bring relatively new MPE professionals into the program. Once that test is passed people can move up to the mid-level 'Certified System Manager' (MPE-CSM). From there people can begin to specialize in up to seven areas, including Database Administration (MPE-CDBA), Security Administration (MPE-CSA), Performance Analysis (MPE-CPA), Development (MPE-CD), Network Professional (MPE-CNP), Internet Professional (MPE-CIP), and Hardware Specialist (MPE-CHS). Details about the scope of each test and the committee members can be found at the Web site www.MPECert.org."

Lack of hacking is bonus for low profile

A few questions on how an HP 3000 might be hacked into surfaced on the 3000-L mailing list recently, and replies kept all the HP 3000 secrets at bay. But several experts held opinions that the server escapes from most of the virus threats out there because of its low profile, rather than its inability to be hacked.

"As far as I know, neither CERT nor CIAC have on record any such hacking incidents against an HP 3000," said Greg Stigers. "Furthermore, I would say that on any such business system that is not already Internet connected and which is well administered, any such unusual activity (such as a number of failed logon attempts, especially for non-existant users [because someone is guessing], coming from a single source) would be detected on the next review or audit of system activities, which can include any alert user issuing SHOWJOB. Since the 3000 does not normally serve as a client, the various malicious scripts that are not platform specific seem unlikely to infect or affect it, at this time."

Mark Bixby, whose work has led to HP 3000 advances such as the Apache Web server, said viruses haven't struck the 3000 because the server doesn't offer up the dramatic target hackers seem to crave. "I have thought about what it would take to create an MPE virus, and I believe it could be done easier than you might think," he said. "So no, we are not immune, just ignored."

Bixby also cautioned that good administration is a powerful anti-viral tool. "Even on MPE, you still want to follow good security practices of staying current on OS releases and patches, only assigning the minimum capabilities needed for people to do their jobs, limiting access, enabling logging, doing auditing, only download Internet software from trusted sources, etc. The more of those things you do, the more you reduce your exposure to viruses or other security threats."

Class library for MPE still available

While customers continue to evaluate Java for use on their HP 3000s, some are discovering the MPE Class library for the language for the first time. The Class Library is only available by cvs checkout at the Interex Shared Source Web site at http://www.interex.org/tech/3000/cvsform.html. The library makes it possible to call MPE Intrinsics from Java without the need of writing stub code using the Java Native Interface (JNI). HP's Mike Yawn explains that "Since the JNI only supports C and C++ development, the need to use JNI provided a real barrier to programmers in COBOL or other languages who wanted to interoperate with Java."

"The MPE Class Library can be though of as a multi-layered set of interfaces. At the lowest layer, there is a generic calling mechanism that permits Java programs to call any library-resident code. On top of this is an intrinsic support layer, which frees the programmer from the need to supply parameter and return type information for system-defined intrinsics. Finally, there is an abstraction layer which presents an object-oriented view of the MPE system intrinsics." With a much faster version of Java/iX due out this summer in the 7.0 Express 1 release, things like the Class Library might become more viable development tools for the 3000 community.

FTP patches deliver new functionality

New versions of FTP for the 6.0 and 6.5 releases of MPE/iX are available in beta test, with new commands coming online for the first time for e3000 sites. SITE STREAM supports the execution STREAM of a MPE batch job file from a FTP client which has already established a connection to the HP e3000. A NETRC file supports an automated logon to a remote host. And the PASSIVE command is an enhancement added to the FTP Client and FTP Server to support third-party transfers. HP engineer James Hoffmeister said that PASSIVE "is an important implementation for sites using firewall technology, securing access from users or systems external to their local intranet.

And HP has added some security to its FTP for the e3000 with the PASSWORD = ON configuration option. The enhancement added to the FTP Server supports the ability to restrict the establishment of FTP connections to MPE USER.ACCOUNT's where at least one password -- a USER password or an ACCOUNT password -- must exist. By using PASSWORD = ON, the FTP server will reject any attempt to establish an inbound FTP client connection to the e3000 for MPE USER.ACCOUNTs which do not have at least one MPE logon password. A CONSOLE_LOGGING = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP Server which supports the logging of MPE session logon attempts (success and failure) on inbound FTP connections to the HP e3000 system. The messages are logged on the system console as well as to the MPE system logfiles.

Getting the new FTP capabilities up and running on your e3000 is a matter of asking for beta test patches from the Response Center: FTPGD01 for 6.5 and FTPGD29 for 6.0.