z/VM 7.3

Basic Information

• Model: IBM z/VM 7.3 (Product ID: 5741-A09)
• Version: 7.3
• Release Date: September 16, 2022
• Minimum Requirements: Requires IBM z14 family or later servers. Specific RAM and storage requirements apply based on configuration and workload.
• Supported Operating Systems: Linux on IBM Z, IBM z/OS, IBM z/VSE, IBM z/TPF, and z/VM itself. Also supports Red Hat Enterprise Linux CoreOS as part of Red Hat OpenShift Container Platform.
• Latest Stable Version: While IBM z/VM 7.3 is a current and supported release, z/VM 7.4 was released on September 20, 2024.
• End of Support Date: To Be Determined (TBD). IBM typically provides approximately 4.5 years of in-service support for z/VM releases, with new releases generally occurring every two years.
• End of Life Date: Not publicly announced.
• Auto-update Expiration Date: Not applicable for this enterprise hypervisor software.
• License Type: International Program License Agreement (IPLA). Sub-capacity pricing is available, requiring the IBM License Metric Tool (ILMT) and z/VM Hypervisor Proxy for ILMT.
• Deployment Model: Hypervisor for IBM Z and LinuxONE servers.

Technical Requirements

• Processor: IBM z14 family or later servers, including IBM z16, LinuxONE Emperor 4, IBM z15, LinuxONE III, IBM z14, LinuxONE Emperor II, and LinuxONE Rockhopper II. Requires z/Architecture.
• RAM:
  • Minimum 512 MB for a first-level z/VM system.
  • Minimum 128 MB for a second-level z/VM system.
  • At least 768 MB of virtual storage is recommended for a second-level system IPLed from an FCP SCSI LUN.
  • Supports up to 4 TB of memory per Logical Partition (LPAR).
  • A fully configured 8-member Single System Image (SSI) cluster can address up to 32 TB.
  • 2 TB virtual storage is supported with APAR VM66673 under specific restrictions.
• Storage:
  • Minimum 6 GB of available space for installation media (Disc 1 and Disc 2).
  • IBM System Storage SCSI disks or equivalent with a minimum size of 6 GB.
  • Supports DASD volumes residing on data encryption drives (DEDs).
  • Includes Non-Volatile Memory Express (NVMe) EDEVICE support.
• Display: Access to a local 3270 terminal, or equivalent, configured with at least 32 lines and 80 columns for installation and operation.
• Ports: TCP/IP communication is required for the Hardware Management Console (HMC) and FTP server for installation and management.
• Operating System: z/VM 7.3 runs natively on IBM Z and LinuxONE server hardware.

Analysis of Technical Requirements: IBM z/VM 7.3 operates exclusively on IBM Z and LinuxONE mainframe platforms, leveraging their z/Architecture for high performance and scalability. The memory requirements are flexible, ranging from minimal for basic installations to terabytes for large-scale virtualized environments and SSI clusters, reflecting its capability to host numerous virtual machines. Storage needs are modest for the base installation but scale with the number and size of guest operating systems and data. Support for NVMe and encrypted drives indicates a focus on modern, high-performance, and secure storage solutions. The reliance on 3270 terminal emulation highlights its mainframe heritage and operational model.

Support & Compatibility

• Latest Version: IBM z/VM 7.4, released September 20, 2024, is the latest version in the z/VM family.
• OS Support: Supports a wide range of guest operating systems, including various Linux distributions on IBM Z, IBM z/OS V2.1 or later, IBM z/VSE, IBM z/TPF, and z/VM itself. It also supports Red Hat Enterprise Linux CoreOS as part of Red Hat OpenShift Container Platform.
• End of Support Date: The End of Service (EoS) date for z/VM 7.3 is currently To Be Determined (TBD). z/VM 7.2 EoS is March 31, 2025. IBM typically provides approximately 4.5 years of service for each z/VM release.
• Localization: IBM, as a global vendor, provides documentation and support in multiple languages, though specific localization details for the z/VM 7.3 interface are not explicitly detailed in public documentation.
• Available Drivers: As a hypervisor, z/VM does not use traditional drivers. It supports various hardware adapters and features of the IBM Z and LinuxONE platforms, including Crypto Express, RoCE Express2, and OSA-Express.

Analysis of Overall Support & Compatibility Status: IBM z/VM 7.3 maintains strong compatibility with current and previous generations of IBM Z and LinuxONE hardware, ensuring a stable platform for mission-critical workloads. Its broad support for various IBM Z-compatible guest operating systems, particularly Linux, underscores its role in modern mainframe virtualization. The continuous delivery model ensures ongoing feature enhancements and service. While the EoS date for 7.3 is pending, IBM's established lifecycle policies provide a predictable support window.

Security Status

• Security Features:
  • Unique virtual machine definitions and hardware features prevent unauthorized access between guests.
  • Minidisk security with password protection controls read-only and read-write access.
  • User ID and password checking, including support for longer password phrases.
  • Multi-Factor Authentication (MFA) support for enhanced user identity verification.
  • Privilege class modification enables granular, role-based access controls for commands and DIAGNOSE codes.
  • Journaling and directory control statements support POSIX-related security functions.
  • Integration with Resource Access Control Facility (RACF) for comprehensive access control and auditing.
  • Drive-based data encryption for IBM System Storage tape drives and DASD volumes (DEDs), with support for IBM Encryption Key Manager.
  • IBM Fibre Channel Endpoint Security for encryption and authentication states of FCP devices.
  • Transport Layer Security (TLS) and Secure Sockets Layer (SSL) support; z/VM 7.2 System SSL is FIPS 140-2 validated, and 7.3 is designed to meet these requirements.
  • Guest Secure IPL (Initial Program Load) validates signed IPL code for ECKD and SCSI devices, ensuring integrity and trusted origin.
  • Digital signature verification of z/VM service packages ensures authenticity and integrity of updates.
  • KEYVAULT utility for secure storage and retrieval of user ID keys (logon passwords) for applications.
  • Security settings and compliance API and command interfaces for extracting security-relevant configuration data for compliance analysis (e.g., PCI DSS).
• Known Vulnerabilities: Specific known vulnerabilities are not publicly listed in general product documentation. IBM provides security bulletins and advisories for identified vulnerabilities.
• Blacklist Status: Not applicable.
• Certifications:
  • FIPS 140-2 (Federal Information Processing Standard) validation for z/VM 7.2 System SSL; z/VM 7.3 is designed to meet these requirements.
  • Common Criteria (ISO/IEC 15408) certification at Evaluation Assurance Level 4 (EAL4+) for z/VM 7.2, conforming to the Operating System Protection Profile (OSPP) with Virtualization (-VIRT) and Labeled Security (-LS) extensions.
  • NIAP Virtualization Protection Profile (VPP) 1.0 with Server Virtualization Extensions for z/VM 7.2.
• Encryption Support: Comprehensive, including drive-based data encryption, TLS/SSL, IBM Fibre Channel Endpoint Security, and guest exploitation of cryptographic facilities via Crypto Express adapters and CPACF.
• Authentication Methods: Passwords, password phrases, and Multi-Factor Authentication (MFA) are supported, often integrated with RACF.
• General Recommendations: IBM recommends utilizing MFA, implementing RACF for robust access control, employing privilege class modification, and leveraging secure IPL capabilities to maintain a strong security posture.

Analysis on Overall Security Rating: IBM z/VM 7.3 offers an exceptionally robust security framework, built upon decades of mainframe security expertise. It incorporates hardware-assisted isolation, strong authentication mechanisms including MFA, comprehensive access control via RACF, and extensive encryption capabilities for data at rest and in transit. Certifications like FIPS 140-2 and Common Criteria EAL4+ (achieved by 7.2 and targeted by 7.3) underscore its adherence to stringent security standards. Features like Guest Secure IPL and digital signature verification for service packages further enhance the integrity and trustworthiness of the environment. The overall security rating is very high, making it suitable for highly sensitive and regulated workloads.

Performance & Benchmarks

• Benchmark Scores: Specific benchmark scores for z/VM 7.3 are not readily available in general public documentation. Performance is typically evaluated in the context of specific customer workloads and configurations on IBM Z hardware.
• Real-world Performance Metrics:
  • Designed for "legendary scalability, system management, and performance," enabling the deployment of hundreds to thousands of Linux servers on a single IBM Z or LinuxONE server.
  • Supports up to 80 logical processors per member in an 8-member SSI cluster.
  • Improved memory management efficiency on IBM z14 family processors and later, leading to increased performance for z/VM workloads, especially with multithreading.
  • Embedded Artificial Intelligence Acceleration on IBM z16 family servers reduces CPU operations for neural-networking processing functions, benefiting applications like real-time fraud detection.
  • NVMe EDEVICE support provides capacity and performance benefits for solid-state drives.
• Power Consumption: Power consumption is highly dependent on the underlying IBM Z or LinuxONE server hardware and the specific workload. z/VM itself, as software, does not directly consume power, but it optimizes resource utilization on the hardware, contributing to overall efficiency.
• Carbon Footprint: Similar to power consumption, the carbon footprint is tied to the underlying hardware and its energy efficiency. IBM Z and LinuxONE systems are designed for high workload consolidation, which can lead to a reduced data center footprint and potentially lower overall energy consumption compared to distributed x86 environments for equivalent workloads.
• Comparison with Similar Assets: IBM z/VM is positioned as a leading virtualization platform for IBM Z and LinuxONE servers, capable of deploying "more virtual servers in a single IBM zSystems or LinuxONE server than any other platform" due to its scalability and performance.

Analysis of Overall Performance Status: IBM z/VM 7.3 excels in performance and scalability, particularly within the IBM Z and LinuxONE ecosystem. It is engineered to maximize hardware utilization, allowing for massive consolidation of virtual servers and efficient execution of demanding workloads. While specific public benchmarks are scarce, its design principles, such as support for large SSI clusters, high logical processor counts, NVMe, and memory management optimizations, point to superior performance for enterprise-grade applications. The integration with hardware-accelerated AI functions on newer IBM Z servers further enhances its capability for modern, data-intensive tasks. Its ability to consolidate workloads efficiently also indirectly contributes to optimized power consumption and a potentially smaller carbon footprint for the overall IT infrastructure.

User Reviews & Feedback

Direct user reviews and feedback for IBM z/VM 7.3 are not available in the provided public documentation. However, IBM's continuous delivery model and engagement with the z/VM community through forums and ideas portals suggest an active feedback loop for product development.

Summary

IBM z/VM 7.3 is a powerful, enterprise-grade hypervisor specifically designed for IBM Z and LinuxONE mainframe environments. Released in September 2022, it continues IBM's legacy of delivering highly scalable, secure, and efficient virtualization. Its strengths lie in its unparalleled ability to consolidate hundreds to thousands of virtual servers on a single physical machine, leveraging the unique capabilities of z/Architecture.

Technically, z/VM 7.3 demands IBM z14 family or later servers, offering flexible memory configurations that can scale to terabytes per LPAR and across SSI clusters. It supports modern storage technologies like NVMe and integrates robust security features such as Multi-Factor Authentication, comprehensive access control via RACF, extensive encryption, and certified compliance with standards like FIPS 140-2 and Common Criteria EAL4+. These security measures make it an ideal platform for mission-critical and highly regulated workloads.

Performance is a core tenet, with features like improved memory management and hardware-accelerated AI capabilities on newer IBM Z servers contributing to its efficiency and responsiveness. While direct benchmark scores are not widely published, its design for extreme scalability and high utilization positions it as a leader in its niche.

A potential weakness, from a broader market perspective, is its platform-specific nature, limiting its deployment to IBM Z and LinuxONE hardware. However, within this ecosystem, it offers a highly optimized and integrated solution. The lack of readily available public user reviews makes it challenging to gauge general sentiment, but its continuous development and long-standing presence in enterprise IT suggest a mature and reliable product.

Recommendations for use cases include large-scale server consolidation, hosting critical enterprise applications, supporting extensive Linux on Z deployments, and environments requiring the highest levels of security, availability, and performance. Organizations already invested in the IBM Z platform will find z/VM 7.3 to be a robust and evolving virtualization foundation.

Information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.