IBM i 7.5

Basic information

• Model: IBM i
• Version: 7.5 (V7R5)
• Release Date: May 10, 2022
• Minimum Requirements: IBM i 7.5 requires selected IBM Power servers with Power9, Power10, or future Power System models. It is not supported on Power8 or earlier processor technology. For upgrades, approximately 8 gigabytes of system ASP free space are required on the load-source disk unit.
• Supported Operating Systems: IBM i 7.5 is an operating system that runs on IBM Power Systems hardware. It can coexist with other operating systems like AIX or Linux on Power servers.
• Latest Stable Version: IBM i 7.5. Technology Refreshes (TRs) are released periodically, with TR1 on December 2, 2022, and TR2 on May 5, 2023.
• End of Support Date: IBM i 7.5 is currently supported. IBM's lifecycle policy for Enhanced (E) products, which includes IBM i, provides a minimum of 5 years of support with an extension option of 3 years.
• End of Life Date: Not explicitly stated, but the roadmap for IBM i continues into 2032 and beyond.
• Auto-update Expiration Date: Not applicable; updates are managed through Technology Refreshes and PTFs.
• License Type: International Program License Agreement (IPLA). Subscription options are also available for certain configurations.
• Deployment Model: Primarily on-premise on IBM Power Systems. Hybrid cloud deployments are supported, with portability of software licenses and hardware capacity between on-premises gear and IBM Cloud.

Technical Requirements

• RAM: The absolute minimum memory required to IPL an IBM i partition is 1 GB, but the recommended minimum is at least 2 GB.
• Processor: IBM Power9, Power10, and future Power11 technology-based processors. IBM i 7.5 supports a maximum of 48 SMT8 processor cores per partition, scaling up to 240 processors per partition with IBM Lab Services engagement.
• Storage: Requires approximately 8 GB of system ASP free space on the load-source disk unit for installation or upgrade. Supports NVMe storage technology. DB2 for i indexes can now hold up to 16 TB of data, an increase from the previous 1.7 TB limit.
• Display: Not directly applicable to the operating system itself, as it is a server OS. Management interfaces typically use standard display outputs.
• Ports: Standard network ports for TCP/IP connectivity, including support for TCP Selective Acknowledgement.
• Operating System: IBM i 7.5 is the operating system itself, running on specified IBM Power Systems hardware.

Analysis of Technical Requirements

IBM i 7.5 is designed for high-performance, data-intensive enterprise workloads, leveraging the capabilities of IBM Power Systems. The hardware requirements emphasize modern Power processors (Power9, Power10, and Power11) to ensure optimal performance and access to the latest features. The scalability in processor cores per partition (up to 240 with Lab Services) highlights its suitability for demanding environments. The significant increase in DB2 index size to 16 TB addresses the growing need for managing large datasets. While minimum RAM is low for basic operation, real-world enterprise deployments will require substantially more. The support for NVMe storage indicates a focus on high-speed I/O performance.

Support & Compatibility

• Latest Version: IBM i 7.5, with ongoing Technology Refreshes (TRs) providing continuous enhancements and hardware support.
• OS Support: Runs exclusively on IBM Power Systems. Compatible with Power9, Power10, and Power11 processors. It supports mixed OS releases for DB2 Mirror, allowing one node to run IBM i 7.4 and another IBM i 7.5 for minimal-impact upgrades.
• End of Support Date: IBM i 7.5 is under an Enhanced (E) lifecycle policy, guaranteeing a minimum of 5 years of support with a 3-year extension option.
• Localization: IBM i 7.5 features a broader range of CCSIDs (Coded Character Set Identifiers) to support new markets, indicating enhanced globalization capabilities.
• Available Drivers: Drivers are integrated within the IBM i operating system for supported IBM Power Systems hardware and peripherals. Specific drivers for NVMe devices are managed through System Service Tools.

Analysis of Overall Support & Compatibility Status

IBM i 7.5 offers robust support and compatibility, primarily due to its tight integration with IBM Power Systems hardware. The continuous release of Technology Refreshes ensures ongoing enhancements and support for new hardware features. The commitment to a minimum of 5 years of support, with extension options, provides enterprises with a predictable lifecycle. Its ability to support mixed OS releases in DB2 Mirror facilitates smoother upgrades and minimizes downtime. Enhanced localization features cater to a global user base.

Security Status

• Security Features:
  • New password encryption scheme (QPWDLVL 4) using PBKDF2 with HMAC SHA512 (SHA-2 512 bit) encryption.
  • Elimination of default user profile passwords (now *NONE instead of *USRPRF).
  • Removal of System Security (QSECURITY) Level 20, making Level 30 the minimum, which enforces object-level controls.
  • Enhanced NetServer security with access control via authorization lists (*AUTL) for servers and specific shares.
  • New Check Password Meets Password Rules (QSYCHKPR) API for password validation.
  • Improved Digital Certificate Manager (DCM) for simplified management and object signing support.
  • Granular control over failed sign-on attempts for user profiles.
  • Support for TCP Selective Acknowledgement for secure networking.
  • Enhancements to the Integrated File System (IFS) for securing access and resilient file sharing.
  • Elimination of system-provided SST/DST profiles (11111111 & 22222222).
• Known Vulnerabilities: IBM i 7.5, like any complex software, has had vulnerabilities identified and patched. Recent examples include:
  • CVE-2024-27316: Security flaw in HTTP Server allowing DOS attacks (CVSS 7.5).
  • CVE-2024-31890: Local privilege escalation in TCP/IP Connectivity Utilities (CVSS 7.8).
  • CVE-2024-6387: OpenSSH flaw allowing arbitrary code execution (CVSS 8.1).
  • CVE-2024-31870: User enumeration vulnerability in Db2 for i (CVSS 3.3).
  • CVE-2024-27275: Local privilege escalation in Db2 for i (CVSS 7.4).
  • CVE-2024-27264: Local privilege escalation in IBM Performance Tools for i (CVSS 7.4).
  • CVE-2023-30990: Remote attacker executing CL commands via DDM architecture exploitation.
  • General vulnerabilities like SQL Injection, exposed API vulnerabilities, insecure code, weak system configurations, and lack of regular security testing are common across platforms, including IBM i.
• Blacklist Status: Not applicable for an operating system.
• Certifications: IBM offers various certifications for professionals working with IBM technologies, including IBM i.
• Encryption Support: Stronger password encryption (SHA512). Support for encryption of Auxiliary Storage Pool (ASP) and System ASP (ASP1) with encryption keys stored in LIC. iSCSI CHAP authentication credentials can be stored in PowerVM's Platform KeyStore (PKS).
• Authentication Methods: Enhanced password policies, including passphrase support up to 128 characters. Integration with IBM Tivoli Directory Server for advanced password syntax checking. Multi-factor authentication (MFA) is a key security enhancement in IBM i 7.6, which is a subsequent release, indicating a continued focus on advanced authentication.
• General Recommendations:
  • Enable password level 4 for strongest encryption.
  • Regularly apply PTFs (Program Temporary Fixes) to address known vulnerabilities.
  • Minimize and restrict file shares, leveraging authorization lists for least privilege.
  • Block user-level mapping to critical system directories.
  • Conduct regular audits of file shares and user permissions.
  • Implement robust authentication mechanisms for APIs and perform regular API scans.
  • Ensure secure coding practices and regular code analysis.
  • Maintain strong system configurations and avoid outdated security levels.

Analysis on the Overall Security Rating

IBM i 7.5 significantly enhances the platform's security posture by implementing stronger default settings and advanced encryption. The move to SHA512 for password encryption, the elimination of weak default passwords, and the removal of the lowest security level (QSECURITY Level 20) are crucial improvements. Enhanced NetServer and IFS security, along with improved Digital Certificate Manager, provide better control over access and data integrity. While IBM i is known for its inherent security, continuous vigilance is necessary. Regular patching is essential to mitigate identified vulnerabilities, some of which can be severe. The platform provides robust tools and features, but their effective implementation by administrators is key to maintaining a strong security rating.

Performance & Benchmarks

• Benchmark Scores: Specific, publicly available benchmark scores for IBM i 7.5 are not readily detailed in the search results. Performance is typically measured in terms of throughput, transaction processing, and scalability on Power Systems.
• Real-world Performance Metrics:
  • Supports a maximum of 48 SMT8 processor cores per partition, scaling up to 240 with Lab Services, enabling high concurrency and workload handling.
  • DB2 for i now supports indexes up to 16 TB, improving performance for large databases.
  • Reduced time for Cluster Resource Group (CRG) switchovers for specific configurations, enhancing high availability.
  • Easier access to the ZLIB algorithm for data compression.
  • Improved performance for saving IFS data with the new default value for the ASYNCBRING parameter on the Save Object (SAV) command.
  • Enhancements in DB2 for i, including improved CPU costing and SMP processing for SQL Query Engine (SQE).
• Power Consumption: Not directly an OS metric, but IBM Power Systems are designed for energy efficiency in enterprise environments.
• Carbon Footprint: Not directly an OS metric, but tied to the underlying Power Systems hardware and data center operations.
• Comparison with Similar Assets: IBM i is often compared to other enterprise operating systems like AIX or Linux running on Power, or other mainframe/midrange systems. It is distinguished by its integrated architecture, including a built-in database (DB2 for i) and middleware, offering a highly optimized and reliable environment for business-critical applications. Its scalability and reliability are key differentiators.

Analysis of the Overall Performance Status

IBM i 7.5 continues the platform's tradition of robust performance and scalability, particularly for mission-critical enterprise workloads. The ability to leverage a large number of Power processor cores per partition, coupled with significant improvements in DB2 for i (such as larger index support and SQE enhancements), directly translates to better handling of data-intensive applications and increased transaction throughput. Enhancements like faster CRG switchovers and improved IFS save performance contribute to higher availability and operational efficiency. While direct comparative benchmarks are not extensively detailed, the architectural advantages of IBM i on Power Systems, including its integrated nature, position it as a strong performer for demanding business applications.

User Reviews & Feedback

User reviews and feedback for IBM i 7.5 generally highlight its continued reliability, security enhancements, and modernization efforts. Users appreciate the stronger password encryption, improved default security settings, and granular control over access, which address long-standing security concerns. The enhanced capabilities of DB2 for i, including larger index sizes and SQL:2016 compliance, are well-received by developers and database administrators. The introduction of Merlin, a browser-based development environment, is seen as a significant step towards modernizing application development on the platform, offering an alternative to traditional tools and integrating DevOps practices.

Strengths frequently mentioned include the platform's legendary stability, integrated architecture (OS, database, middleware), and strong backward compatibility. The focus on security by default is a major positive.

Weaknesses sometimes relate to the perception of a steep learning curve for new users unfamiliar with the IBM i ecosystem, and the need for continuous modernization of legacy applications. While Merlin addresses some of these, the transition can be challenging. The proprietary nature of the hardware and software can also be a point of consideration for some organizations.

Recommended use cases include running mission-critical business applications, enterprise resource planning (ERP) systems, financial applications, and core business processes that demand high availability, data integrity, and robust security. Its integrated nature makes it suitable for environments seeking a consolidated and highly reliable platform.

Summary

IBM i 7.5 is a significant release for IBM's integrated operating system, building upon its foundation of reliability, security, and performance for enterprise workloads. Released on May 10, 2022, it continues to run exclusively on IBM Power Systems, specifically supporting Power9, Power10, and future Power11 processors. The operating system is designed for demanding, data-intensive environments, offering high scalability with support for numerous processor cores per partition and substantial improvements in DB2 for i, including a 16 TB index size limit.

Strengths: A primary strength of IBM i 7.5 lies in its enhanced security features. These include a new, stronger password encryption scheme (SHA512), the elimination of insecure default passwords, and the removal of the lowest security level (QSECURITY Level 20), enforcing a more secure baseline. Granular control over NetServer access and improved Digital Certificate Manager further bolster its security posture. The platform's integrated architecture, encompassing the OS, database, and middleware, provides a highly optimized and stable environment. Continuous support through Technology Refreshes and a long lifecycle policy offer predictability and ongoing innovation. The introduction of Merlin signifies a commitment to modern development practices and application modernization.

Weaknesses: While robust, IBM i 7.5 requires specific IBM Power Systems hardware, which can represent a significant investment. The platform's unique ecosystem can present a learning curve for IT professionals accustomed to other operating environments. Despite modernization efforts, organizations with extensive legacy applications may still face challenges in fully leveraging new features without significant refactoring. The continuous need to apply PTFs to address vulnerabilities, though common in all software, requires diligent management.

Recommendations: IBM i 7.5 is highly recommended for enterprises requiring a stable, secure, and high-performance platform for mission-critical applications, such as ERP, financial systems, and core business operations. Organizations currently on older IBM i versions should consider upgrading to 7.5 to benefit from the significant security enhancements and modernization capabilities. It is crucial to implement all recommended security configurations, including enabling the highest password level and regularly applying patches. For new development or modernization projects, leveraging tools like Merlin and exploring the enhanced DB2 for i features can maximize the platform's value. Enterprises should also plan for adequate hardware resources to fully utilize the scalability offered by Power Systems.

The information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.