AIX® has come a long way since its 1986 debut on the IBM 6150 RT workstation. These days, AIX and reliability are nearly synonymous, with industries across the globe counting on this open standards-based UNIX operating system for any number of mission critical enterprise workloads. With so many organizations depending on AIX day to day, data on its usage is of great importance to technology experts, particularly in the areas of security, long term roadmaps, and new regulatory requirements.
This survey was conducted in Q4 2018 to gauge how AIX is being used and the role it will play for IT leaders in the coming years. 600 IT professionals from various industries around the world participated.
Cybersecurity and high availability/disaster recovery capabilities remain top priorities, both currently and for long term planning. Though there are dedicated cybersecurity personnel, increased security measures are primarily being achieved through the introduction of software solutions like antivirus, Security Information Event Management (SIEM), and Managed File Transfer (MFT). Additionally, industries are now almost universally required to meet regulatory compliance, making audit reporting tools a necessity for IT and security teams.
- 37.8 percent have two or fewer IT staff members focused solely on cybersecurity, while 62.3 percent have three or more.
- 49.8 percent have adopted antivirus protection, 51.1 percent use network firewalls, and 46.1 percent use compliance and audit reporting tools.
- Many respondents noted plans to implement security solutions, with SIEM/SYSLOG leading the pack at 38.8 percent.
- 37.8 percent of respondents named high availability/disaster recovery as a top IT concern for their AIX environment over the next 12 months, likely stemming from the dependence on AIX for core business processes. Companies cannot afford downtime in this environment.
- Almost all respondents (97.1 percent) reported that their organizations must adhere to regulatory compliance requirements including Sarbanes-Oxley (SOX), PCI DSS, HIPAA, GDPR, NERC, and DOD.
A new area of concern beginning to emerge is an increasing need for AIX skills. Though many experts make up the AIX workforce, this may indicate that a lack of new professionals are entering the field. This will be important to monitor over the coming years.
- 57.7 percent of respondents have more than 10 years of experience with AIX.
- 2.4 percent of respondents have only two years’ experience or less.
- 33.6 percent of respondents listed AIX skills as primary concern.
Despite these concerns, IT professionals remain invested in AIX and rely on it to run critical business solutions. Its stability and high ROI will ensure that it will remain a core feature of IT environments across industries for years to come.
- 73.7 percent report AIX provides a higher ROI than other servers.
- 91.6 percent use AIX to run at least 25 percent of their core business processes.
- 31.8 percent expect to increase their AIX footprint.
AIX is a mainstay for IT experts, who trust it to support critical business applications
AIX forms an essential part of many organizations’ IT environments, with 91.6 percent of respondents running at least a quarter of their core applications on this platform. This number indicates that the AIX platform is providing the stability, flexibility, and security that businesses require.
Additionally, 73.7 percent of respondents believe AIX yields a higher ROI than other platforms. Given this confidence in its performance capabilities, it’s unsurprising that over 50 percent of respondents said they either intend to keep their environment just as it is, or plan to increase their AIX footprint. This indicates a strong investment in the longevity and future of AIX, as well as the platforms it runs on.
AIX users are staying reasonably current with their hardware and software. Over 70 percent of those surveyed are either on AIX 7.1 or 7.2. Only 26.8 percent are using POWER6® technology, although some respondents that use this older version also have POWER8® and POWER7® servers.
Of those that have not upgraded to the latest releases, 40 percent cited application limitations, which may indicate an intention to upgrade once the necessary applications become compatible. Almost 90 percent of AIX users have 11 or more partitions of AIX in their environments. As IBM lowers the cost of hardware while increasing the power of the server, we will see more and more partitions in this operating system.
It is also interesting to see that 61.3 percent of survey respondents run Linux or IBM i operating systems on the same servers they use to run AIX. The adoption rate for this shows consolidation has occurred even across the various OS offerings. When an organization hasn’t updated to a new OS level, it is generally a reflection of budget, the applications that need to run on the server, or a lack of necessity.
AIX Remains a Steady Presence Across Organizations
Only 13.3 percent expect to move all applications to a different platform, with Linux and Windows being the preferred options. A far larger percent (31.8) intend to increase their AIX footprint in the next year.
Those moving to Linux plan to use the following servers: x86 (54.9 percent), public cloud (45.1 percent), IBM Power Systems™ (37.3 percent), and mainframe (11.8 percent). IBM has a notable opportunity with such a large percentage looking at the IBM® Power Systems™ series. Though the new POWER version has only been out for one year for the enterprise POWER9™servers, the fact that 66.3 percent has plans to, is in the process of, or has already moved applications over to Linux on Power is strong indicator of its favorability. Both POWER8® and POWER9™ servers are optimized to meet Linux market needs.
IT Concerns Reveal Common Challenges
There are numerous IT initiatives afoot for the organizations surveyed: ensuring environments offer high availability and disaster recovery options, modernizing applications, cybersecurity, and addressing the need for AIX skills led the list again this year.
Though not a top concern, it is also worth noting that capacity management made an impressive jump from last year’s 4 percent to 22.8 percent. This may reflect increasing workload demands from organizations that are growing faster than their IT infrastructure or customers needing to evaluate POWER9™ sizing. It may also indicate the continuing rise in the variety of server types within organizations. With options such as on-premise, public clouds, or private clouds, organizations are continuing to diversify where workloads and applications are deployed, making it difficult to manually monitor and ensure no server is overburdened.
High Availability/Disaster Recovery
With its PowerHA®, EMC®, and Oracle Exadata® technology for hardware-based replication, IBM POWER servers have multiple options for high availability. Additionally, there are many software-based replication offerings, including Oracle. Cloudbursting capabilities can give IT teams the option to move non-critical applications from a private cloud server to a preconfigured public cloud location when demand spikes threaten performance.
Pre-POWER7® users should plan to upgrade to POWER8® and POWER9™ to protect against Spectre and Meltdown. IBM will not be releasing patches for these older systems and recommends migrating to a more current generation of POWER technology.
Modernizing applications can be quite complicated, often involving efforts such as re-platforming, re-hosting, and recoding. However, these efforts can have a large payoff, not only in integrating new functions, but also ensuring security is up to date. This ties in closely with cybersecurity being another top concern for AIX users.
The Latest on Cybersecurity: Mandates, Challenges, and Plans
Keeping sensitive information from falling into the wrong hands is top of mind for every CIO. IT and security professionals are largely responsible for ensuring such information is secure as possible. It seems like every week a new story comes out about a large data breach or an emerging threat. In this survey, 97.1 percent of respondents said their organizations are subject to regulatory compliance including Sarbanes-Oxley (SOX), PCI DSS, HIPAA, GDPR, NERC, and DOD.
This means leaders in almost every industry are responsible for understanding evolving risks and putting the right technology in place as a preventative measure. The 2.9 percent of organizations not required to adhere to any compliance standards may soon face changes, with new regulations like the California Consumer Privacy Act being proposed or coming into effect. The rollout of the GDPR last year and subsequent violations, as well as the increase in proposed regulations may explain why respondents’ concerns over compliance jumped from 14.5 percent last year to 24.1 percent.
Cybersecurity is a top challenge for 34.5 percent of survey participants, plus the addition of numerous highlighted concerns that also fall into this category. These include the feeling that management underestimates security risks (45.3 percent). This is perhaps reflected in the number of dedicated security staff, with 37.8 percent of respondents having fewer than three staff members working solely on increasingly sophisticated and time-consuming cybersecurity issues. Additional team members would also assist in the concerns of the complexity of government and industry regulations (46.4 percent), a constant change in threats (43.1 percent), and an overall lack of knowledge and skills (41.8 percent). Managed File Transfer (MFT) is also a bigger concern from last year, climbing from 16.6 percent to 23 percent, which may reflect the increasing move away from FTP and HTTP for file transfer due to their insecure nature.
The good news is there is an array of powerful security solutions available, and IT professionals are either using or planning to implement many of these technologies in their AIX environments. When looking at solutions currently deployed, 49.8 percent have adopted antivirus protection, 51.1 percent use network firewalls, and 46.1 percent use compliance and audit reporting tools. Many respondents noted plans to implement security solutions, with SIEM/SYSLOG leading the pack at 38.8 percent. This is of particular interest given the increase in the concern of reducing IT spending from 23.2 percent last year to 29.2 percent. SIEM solutions streamline security dataflows, prioritize alerts and reduce the need for manual monitoring by security teams, saving time and eliminating the need to hire additional staff to keep up any time a new tool is introduced. Other planned implementations include multi-factor authentication solutions at 37.6 percent, encrypted and secure MFT at 46.1 percent, and file integrity monitoring at 36.8 percent.
AIX Staffing is Becoming an Increasing Concern
With 57.7 percent of respondents having more than 10 years of experience with AIX, there is an impressive amount of expertise in the AIX community. However, this expertise may be indicative of an aging workforce and an increasing skills gap. With only 2.4 percent of respondents having experience of only two years or less, there may be fewer and fewer AIX specialists entering the job market each year. This is further reflected by the increased concern over AIX skills. In last year’s survey, AIX skills ranked 9th in top concerns at 27.9 percent. This year, it climbed to the 5th spot, with 33.6 percent of respondents listing it as a primary concern.
Organizations will need to take proactive measures in order to address this skills shortage. Automation tools can streamline your workload so you can deploy the staff you do have available to focus on the strategic activities where they add the most value. The skills gap can also be addressed in the security sphere with tools like SIEM, as mentioned above, which automate escalation of events and normalizes them into a common format, reducing the need for an AIX expert to interpret data.
Concerns for AIX Environments Show Overlap Across Industries
It is interesting to note that despite how varied the top ten industries were, there remained a significant overlap in issues like cybersecurity, AIX Skills, and high availability/disaster recovery. Any differences may reflect varying industry regulations and priorities.
AIX continues to be a steady presence in many organizations, and the challenges that the AIX community face are all manageable as long as they are not ignored.
Internal struggles with data management and application modernization demonstrate an ongoing need to stay current and prepared to scale accordingly as organizations grow and change.
However, most challenges are primarily external, with concerns like high availability/disaster recovery and cybersecurity a reaction to a global increase in attacks. With budgetary limits and finite dedicated staff, cybersecurity issues are increasingly being addressed with the adoption of new security technologies.
Introduction of new regulatory requirements and ever-changing cybersecurity threats means IT experts and security teams need to stay abreast of the most cost-effective method of protecting sensitive data and what makes the most sense in their environments.
Organizations will need to keep an eye on AIX skill shortages to ensure that experts don’t retire without passing on vital knowledge about the capabilities of this unique operating system. Cloud offerings from IBM and its partners can help augment shortages in employees working as administrators as they take on effort of monitoring, security and automation.
Despite these challenges, the future of AIX is bright. AIX remains a highly relevant and valued operating system for IT professionals across many industries, trusted for its return on investment and reliability.
Survey Methodology and Participant Demographics
In Q4 2018, HelpSystems launched its 3rd annual global online survey of AIX IT professionals to get their feedback on usage of the AIX operating system, the challenges they face, and the security solutions they plan to implement. Respondents included 600 individuals across varying roles, experience, industries, and geographies.