Tandemworld eNewsletter for September 2014

Gold Sponsor is


Silver Sponsor is



Tandemworld eNewsletter for September 2014


My head is in the clouds

TANDsoft’s FileSync and OPTA2000

Musings on NonStop! - September, ‘14

BrightStrand Managed Service

TLF Format 2 and NCPCOM Monitoring Real Time

Insider Technologies launches ‘Sentra Fraud Detection’

comForte and Knightcraft Technology partner to provide Security Services

XYPRO's Instructor Led Education Classes 2014

New HP NonStop Mobile App Now Available

comForte blog: Migrations to the NonStop platform – a promising outlook for X86?

Breaching Bad and the Cost of Incident Response

NEW Benchmark Video: ....

comForte at events near you in 2014 and 2015

Where we are in The World...

 Availability Digest Explores the Darknet

OmniPayments Introduces “The Smarts Behind EMV Smart Cards”

Gravic Publishes Article on HP Pathway Domains and Shadowbase Data Replication

The Nets Group Successfully Implements Lusis Payments’ TANGO for ATM Driving

Computer Security Products’ newest solutions for OSS

Gravic Completes Whirlwind Trip to Asia-Pac Region

High Performance Switching and Secure Data Storage

Mix of COBOL, TAL and C re-documented

Online Version

Current Subscribers 14992

My head is in the clouds

NTI is fortunate to have a lot of customers distributed around the world. Everyday we work with our Customers to plan and implement their DR solutions. These days most Tandem sites either have a DR site in place or are planning to eventually roll one out. Active/Active data replication enables their businesses to resume “sub second” with zero loss of data.

With all of the Customers that we work with to implement DR solutions, I still run into Tandem sites where they need coverage but can’t afford the investment in duplicate hardware and duplicate operational sites. It’s expensive to set up the backup location (buildings, equipment, people, etc.). Some are in the middle of a multi-year implementation and are exposed until everything is rolled out.

Here is an idea…. Let’s imagine that your Tandem-2-Tandem data replication could also be pointed to a cloud vault. If your production Tandem node could replicate to the cloud then you would not need a second Tandem to hold your data. The vault would have to be easily reachable, ultra-secure, persistent, distributed around the world, and nearly limitless in capacity. If all this were possible then a single Tandem node could protect its transactional data. If the Tandem node failed then your data would still be safe and available.

The cloud vault would have to be quick to setup. Developed properly you would be able to quickly download the software to the production Tandem node, configure the node, and point it at the cloud. With a few keystrokes you would be protecting your business with sub-second accuracy. You would not have to invest in a second Tandem. You would not have to work through the logistics of setting up a remote data center. You could point, click, and protect.

Of course, having your data protected in the cloud does not solve all of your recovery problems. You would also need the ability to point your cloud vault at the recovery site and quickly reload your Tandem node. While you would still have to deal with the logistical headaches of rebuilding or relocating your data center, you would have confidence knowing that you can accurately reload your data and be back in business.

What if that replication service was uniform and affordable? What if it did not matter what size your Tandem node was, or how many cores it had, or how much volume you wanted to replicate, or what the Tandem application was? A node is a node is a node.

Just a thought… these days my head is in the clouds….stay tuned for more in the coming months.

DRNet® is world class NonStop Data Replication technology.

·       Real-time Active/Active Data Replication

·       Real-time Tandem to OPEN Data Replication

·       Real-time File Synchronization

·       Refreshingly Real-Time Support from Real Engineers


+1 (402) 968 3674


TANDsoft’s FileSync and OPTA2000 – Proven Solutions, Installed Worldwide, Price-Competitive, No Source Code Changes Required

FileSync and OPTA2000 are TANDsoft, Inc.’s popular flagship products and represent TANDsoft’s expertise in interception technology and file synchronization.

OPTA2000 is a virtual clock and time-zone simulator that installs easily and requires no application modifications. It allows multiple applications operating in a consolidated environment to each have its own virtual system clock or to function in its own virtual time zone with date/time specifications different than that of the system clock. For time-zone simulation, virtual times are offset from a system’s actual time by an amount expressed as a deviation from GMT. For clock simulation, the virtual times can be offset to whatever time is required for testing, maintenance, etc. With OPTA2000, a single system can host thousands of applications. It supports all applications on the HP BladeSystem as well as on the NonStop S-Series and Itanium servers. It also supports a wide variety of NonStop subsystems. HP customers have relied on OPTA2000 Clock and Time Zone simulation for over 15 years.

FileSync automatically monitors, replicates and synchronizes source files, program and application environments, configuration files, programs – anything non-database that needs to be kept current across the network. It supports qualified expressions and the synchronization of SQL/MX Tables. In addition, FileSync supports all Guardian files – audited, unaudited, structured and unstructured; all OSS files; NonStop SQL/MP Tables; program source and object files; and configuration and TACL files. Use FileSync for system migrations, disaster recovery, upgrades, and backups. It works closely with NonStop real-time data replication products to provide a comprehensive solution for maintaining duplicate system and application environments. HP customers have relied on FileSync for over 10 years.

FileSync Data Deduplication significantly reduces bandwidth requirements and the size of backups by streaming to the backup database only changed data, not entire files.

FileSync Incremental minimizes the time by synchronizing only files that have changed or are new since the last incremental synchronization.

Filesync AppendOnly works with very large, unaudited files that must be synchronized every few minutes. Changes made to a file are “appended” to the end of the file. When AppendOnly checks for changes since the last synchronization, it needs only to look at the end of the last changed data update.

TANDsoft solutions also include the OPTA suite of interception and trace utilities (OPTA-¬Trace Online Process Tracer and Analyzer, Recycle Bin, EMS Alerts Online Startup and Termination Capture Utility, Low Pin Optimizer); Stack Monitor, which alerts developers to the impending threat of a stack overflow; Command Stream Replicator, which logs and automatically replicates TMF-audited/unaudited FUP, SQL/MP and SQL/MX DDL structure and other environment changes to target systems; AutoLib, which automatically loads a user library or a DLL for executing processes; the Enscribe-2-SQL and TMF-Audit Toolkits and the Enscribe-2-SQL Data Replicator, all of which offer flexible, affordable alternatives to more expensive conversion products or manual conversion techniques; E2S-Lite, which permits efficient, low-cost Enscribe modifications without the need to change a program’s source code; and SDI/LOG (Sensitive Data Intercept), which logs Sensitive Data access to Enscribe files and SQL/MP tables.

Free trials are available for all TANDsoft products.

Visit www.tandsoft.com, or contact Jack Di Giacomo at +1 (514) 695-2234.

Drop by our booth at the NonStop Technical Boot Camp in San Jose, California, USA (16 - 19 November).

TANDsoft will be represented at CTUG (9 -10 October) in Mississauga, Ontario, Canada.

Musings on NonStop!

September, ‘14

The opinions expressed here are solely
those of the now self-employed author

Last month I wrote of how there were just a few weeks to go before a number of regional user group meetings kick-off, and now here it is, and I’m on the road looking forward to both MATUG and CTUG and to a final quick “splash and dash” pit stop at home before heading to the NonStop Bootcamp. There’s nothing I know of that would deter me from spending time with real NonStop users and it certainly gives me a buzz every time I get to participate.

Should you be attending any of these events, make sure you come on by, even if to just say “Hi!”, as I really do look forward to such interactions. You probably all know of just how much of my time I give to user groups but it’s something I have been doing for several decades now and see little chance of me backing down any time soon. For me, it remains a crucial litmus test for the health of a product – if nobody wants to talk about it, then it’s time to move on! 

In 1977 when I returned to Australia after a time in the UK, Canada, and the US, it wasn’t a year before I created a national user group in support of the company I joined. It’s now faded from history but I so enjoyed my time working for The Computer Software Company (TCSC) and thought its products so special that gathering the community together for a mix of social and technical session just seemed the right thing to do. This too gives you a little insight to just how long I have enjoyed tilting at windmills, as the sole product of TCSC was a 3rd party OS for IBM mainframes – at a time when IBM still provided the OS for free!

This month we have seen a major sea change take place. Obviously, the news of Larry Ellison of Oracle dividing his CEO role into two parts made headlines everywhere, but when you put it into the context of other changes we have seen, it does signal a sizable shift. It was only a short time ago that a localized earthquake hit Sonoma and shook up the Napa / Sonoma wine industry, but CEO changes in Silicon Valley have a far reaching, global impact.

As Bloomberg reported on September 19, 2014, in the story
Ellison Becomes Oracle Chairman as Catz, Hurd Split CEO Job  “Ellison’s departure as CEO also signals a broader changing of the guard in the technology industry, as a generation of founder-CEOs who ushered in the personal-computer and business-software era leave their posts. Ellison, who co-founded Oracle in 1977 and has run the company ever since, rose alongside Apple Inc.’s Steve Jobs and Microsoft Corp.’s Bill Gates.”

Earlier in the week there had been rumblings in the media as analysts anticipated less than stellar financial results from one of the original four-horsemen of Silicon Valley (a reference to investors in the dot com era tracking just the financial performance of Oracle, Microsoft, Intel and Cisco) and it proved to be true. According to the same Bloomberg report, “Oracle’s sales growth has clocked in at less than 5 percent for 12 consecutive quarters. The company has struggled to sign up new customers and has turned to selling more hardware and industry-specific technologies to existing customers.”

By comparison, it shouldn’t surprise anyone to read that the new four horsemen of technology are Google, Apple, Facebook and Amazon, but for how much longer, I wonder. And talking of surprises, with the many references to there being a technology leadership sea change, there wasn’t any references made to former Microsoft CEO, Steve Ballmer. Perhaps that’s for the better. In the meantime, there was just as much speculation going on about what HP plans to do next and it involved possible further acquisitions.

As I wrote in a private email update for my clients a short time ago, seeding these speculations were comments by HP CEO, Meg Whitman, after this quarter’s financials were released. This was further fueled when online publication,
Seeking alpha, came out with the story on September 10, 2014, that “CEO Meg Whitman says Hewlett-Packard is again in a position to consider takeover options, a near-record cash pile gives it the means to do a deal and the worst sales forecast among computer hardware peers provides the motivation, so Bloomberg begins speculating about possible targets.”

And the Bloomberg targets?  “One possible candidate is cybersecurity firm Imperva, particularly in the wake if the hacking of J.P. Morgan, Home Depot and celebrities’ phones.” Perhaps a little better known were the other two candidates – Teradata and Tibco Software. “Teradata has more of an ‘old-school’ approach to big-data management but H-P could use it as a platform to make other acquisitions and build out its own offerings, HighMark Capital's Todd Lowenstein says. Tibco Software is now reviewing its strategic options, and Morningstar's Peter Wahlstrom thinks it could draw H-P's interest.”

However, the week ended with the news of the acquisition of a software company called Eucalyptus! According to a post on
ZDNET, “Eucalyptus, an open source software vendor for hybrid cloud deployments,” and likely “a deal that gives the company a leader for its Helion business unit.” Furthermore, their CEO, Marten Mickos, will be the general manager of HP's cloud business and will report to HP chief, Meg Whitman, taking that responsibility away from Martin Fink who will continue as CTO and the boss of HP Labs.

I like following the industry as much as I like attending user group meetings and through the years I have happily speculated on the future of NonStop. Oracle, Teradata, Tibco – all struggling? Interesting – and much of this has to do with Big Data and Clouds where new, up and coming companies (including clearly Eucalyptus) are capturing significant analyst mindshare. And for a very good reason – computing is heading the way of other infrastructure services (think power generation and delivery) and yes, there’s business gold buried underneath all that data (think our behavior is every bit as important – and telling – as what we say).

It’s still very much all about transactions. We transact so much in our everyday life that we shouldn’t be surprised that so many companies know so much about us – living “off the grid” is really not an option. Fortunately for us, NonStop remains in the middle of all of this stuff and shows few signs of losing its stronghold on the most important transactions of all – financial. When you look at Target, Home Depot, even the raid on ATMs earlier this year, the NonStop systems weren’t breached and indeed, in at least one instance I know about, mitigated against even greater exposure and damage.

Guards may change with companies falling out of favor on a regular basis but four decades on, we still run NonStop and for that, I have a lot more to say – so yes, look for me at the upcoming user events as I will be only too happy to find time to chat. And with that, I will wrap up this month’s musings and get back on the road!

Richard Buckle
Founder and CEO

Pyalla Technologies, LLC

Following my blogs? My web publications? My discussion Groups?

Check out (copy and paste to your browser):

Real Time View at http://www.itug-connection.blogspot.com/

…. And check out the Group on LinkedIn, Real Time View

comForte Lounge at http://comfortelounge.blogspot.com/

…. And check out the Group on LinkedIn, comForte Lounge

Realtime.ir at http://realtime.ir.com/

…. And check out the Group on LinkedIn, realtime.ir

ATMmarketplace at

buckle-up at http://www.buckle-up-travel.blogspot.com/

…. And check out the SubGroup on LinkedIn, Pyalla Track Days



 BrightStrand International provides an array of NonStop Services to its customer base. Its consultants have the skill and experience that make it the premier service deliverer in the NonStop sector. Services are tailored to individual customer needs to reduce costs and risk whilst getting the best from the environment.

BrightStrand delivers a Fully Managed Service to many of its customers. BrightStrand take account of the particular needs of the customer and offer a variety of options. BrightStrand currently supplies managed services; ranging from standby ad hoc onsite cover through to fully managed with secure datacentre hosting, systems management, operations, 24/7 support and remote support.

 Each service is tailored to meet customer needs to provide a focused but low cost and flexible solution to meet your changing business requirements.

A Managed Service can include all or some of the following elements, as required by the customer:

·       Systems and Operations Management

·       24 x 7 Cover

·       Performance and Tuning / Capacity Planning

·       Database Design and Administration

·       Communications Subsystems

·       Web Services

·       Security Reviews

·       IBM WebSphere MQ Series environments.

·       NonStop Integrity and Blade Migrations

·       Operation System Upgrades

·       System Healthchecks

·       Specialist Consultancy

·       Disaster Recovery and Service Continuity Planning

·       Multi-platform options

BrightStrand Service Managers and consultants are ITIL and PRINCE2 accredited and therefore all have an excellent understanding of service delivery best practices and risk management/avoidance.  BrightStrand delivers services where possible using customer processes and procedures ensuring a fully integrated solution to provide better response, improved reporting and faster communication.

For further details call BrightStrand today on +44 (0)141 204 4046 or email sales@brightstrand.com.


TLF Format 2 and NCPCOM Monitoring Real Time

Hi, my name is Andre Ardiayanto. Currently I am working at BNI (Bank Negara Indonesia) – one of government bank in Indonesia – for 2 years and 5 months as contract employee. My role is developing the ATM payment features using BASE24 classic.

Since I have quite deep knowledge in programming, using Java, before I developed any payment feature in BNI, I have to know what the programming language use is, therefore I rather read “TAL Programmer’s Guide” manual book than ACIDOC, since ACIDOC more like Base24 application guidance than programming language guidance.

After I had quite enough knowledge in TAL programming, I decided to develop some utility that might be useful for my teams and me in the future, therefore I tried to develop TLFMON (TLF Format 2 Monitoring) and NCPMON (NCPCOM/NCS Monitoring) around mid 2013. Before I finished that utility, I involved at several projects in BNI, so I decide to hold develop my utility. After I finished the projects in BNI, I try to continue it again in early 2014. I able to finish develop TLFMON within 4 weeks and finished the NCPCOM/ NCS Monitoring in 2 weeks. Though I need around 20 hours/day, 6days/week to develop my utility I feel great for what I accomplished.

TLFMON Format 2 Monitoring is for automatic monitors TLF (Transactions Log File). It supports qualified expression for searching the data in TLF. In addition, TLFMON Format can give you result:

1.      Transactions per second.

2.      Max transaction per second.

3.      Average transaction per minute.

4.      Max transaction per minute.

5.      Total transaction in one hour.

6.      Max peek transaction in one hour.

NCPCOM/NCS Monitoring is for automatic monitors Station and Process environments.

Now I need new challenges to customize BASE24 and make new utilities.


-. Nice To Share with you .-

-. Never give up and always think different .-


Screenshots URL:


Download URL:



Best Regards,


Andre Ardiayanto


Insider Technologies launches ‘Sentra Fraud Detection’

Everyone in the payments chain needs an agile, flexible cost effective solution for fraud and the challenges it presents – Sentra Fraud Detection from Insider Technologies is that solution.

Insider Technologies were delighted to announce the product launch of Sentra Fraud Detection at the Payments Knowledge Forum (PKF); formerly the Base24 European User Group in London on 29th and 30th September.

The new product was also unveiled at the Retail Banking Forum in Bratislava, Slovakia on the 12th and 13th October. “Reaction from the banks has been swift and dramatic” said John Bycroft, Sales & Marketing Director at Insider Technologies. He continued “We certainly seem to have struck a seam; combining our 25 year experience and expertise in monitoring high volume transaction systems with modern data mining and machine learning techniques, allows banks to taken a quantum leap forward in protecting themselves against fraud”

Sentra is a proven platform for the alerting, monitoring and information management of systems, applications and transactions from Insider Technologies. Its GUI driven architecture has been used to monitor fraud by our global blue chip customers for more than 25 years. In the latest release of Sentra, Insider Technologies has significantly added to the flexibility and functionality, using new and innovative technology to allow an enhanced, user friendly, focused toolset to prevent, detect and manage fraud as the transaction occurs.

For more information, see www.insidertech.co.uk and click on the link for more information.

More Insider Technologies Product News

Several major enhancements have been made to version 4.8 of our HP NonStop Management software product, Reflex 80:20, incorporating areas such as:

Additional information returned from the File and Process Status Agents, providing a complete list of opens, file opens, stack traces and segment information, as well as data from four-digit file codes and SQL/MX information..

New features within later H and J-series have been incorporated into the Hardware Statue Agent.

Individual % Busy values can be set against individual processes, as well as allowing specific processes and processes running against specific objects to be monitored in Dashboard, including the monitoring of PFS and Heap memory.

The Email alerting functionality has been updated so that the email subject line can now be configured to include the original EMS Event text.

Several new Measurement serverclasses have been introduced to allow Measure metrics to be sent to a Sentra environment for reporting, monitoring, alerting, in-depth analysis and historical analysis.

Reflex Console can display events, where (based on user configuration), new events can appear at the bottom or at the top of the display.

Further information can be obtained via enquiries@insidertech.co.uk, or by visiting www.insidertech.co.uk/

Insider Technologies Limited, Spinnaker Court, Chandlers’ Point, 37 Broadway, Salford Quays, Manchester, M50 2YR, United Kingdom. Tel: +44 161 876 6606.

Quality Certified to ISO9008 / 2000 and TickIT plus (DNV).


comForte and Knightcraft Technology partner to provide Security Services

 comForte 21 GmbH and Knightcraft Technology are pleased to announce that they are teaming up to deliver PCI DSS compliance and security services to HP NonStop customers.

In light of recent high profile payment card data breaches, it has become clear that being compliant is not enough to prevent theft of sensitive information. Often an organization will have been judged to be PCI DSS compliant but will have security vulnerabilities that were not detected by their QSA. In some cases, compensating controls used to protect sensitive data are inadequate, even though they have been accepted by the auditor. This can leave an organization’s system and sensitive data potentially vulnerable to theft or misuse.

Very few QSAs have the expertise on the HP NonStop platform to really know whether an organization’s HP NonStop servers are secure. Compliance tends to be judged based on “ticks in the box” rather than an in-depth analysis.


Read the full news release here


XYPRO's Instructor Led Education Classes 2014

2014 XYGATE Classes
October 20-24, 2014 
Class Open
Register for the next General XYGATE Learning Class 

XYPRO provides formal instruction for all XYGATE Security products. Classes for up to eight (8) students are offered at XYPRO's education
facilities in Simi Valley, California. Classes can also be held on-site at your facility and be customized to meet your unique requirements 

XYPRO offers both General XYGATE Learning and Advanced XYGATE Instruction 

General XYGATE Learning is for those just getting started with NonStop and XYGATE security or those who wish to hone their XYGATE skills in a broad range of HP NonStop Security fundamentals using the XYGATE Suite of security solutions. 

Periodically, XYPRO will offer Advanced XYGATE Instruction classes. Advanced instruction is also available on request. Topics may include, but are not limited to XYGATE production configuration deep-dives, XMA SYSLOG and SIEM appliance filters, user-exits, expanding storage for XMA, user impersonation, file hashing,  XYGATE Encryption Library (XEL) implementation and XYGATE Intercept Library (XIL) implementation. 

Stay Connected with XYPRO

LinkedIn Group




New HP NonStop Mobile App Now Available

NuWave is excited to announce that you can now download their LightWave demo to your mobile device, right from the Android Play Store. Just search for "HP NonStop Explorer" and look for the NuWave's "NW" icon:    or simply click here to be brought directly to the mobile app.


The NonStop Explorer mobile app uses LightWave on the back-end to check NuWave's NonStop server CPU status and storage. With LightWave, you can easily create mobile and web applications (like the NonStop Explorer demo) that will give you just about any information you need about your NonStop servers and Pathway applications. Then you'll be able to access this information anywhere, from any device!


If you don't have an Android phone or tablet, try out their NonStop Explorer web application at explorer.lightwave.mobi. The web application works in the same way as the mobile app, but allows you see their NonStop's CPU status and storage from a browser.


To learn more about LightWave and how you can develop neat applications like NonStop Explorer quickly and easily, go to www.nuwavetech.com/lightwave. If you have any questions about LightWave or the NonStop Explorer demos, email info@nuwavetech.com.


comForte blog: Migrations to the NonStop platform – a promising outlook for X86?

Written by Richard Buckle

So much has changed in the car industry of late. It would seem the more regulations are introduced to close the loopholes allowing manufacturers to innovate, the more car manufacturers, big and small, seem to able to come up with something completely new. Yes, the new McLaren is a hybrid, but it only runs for 5 or 6 miles solely on batteries – will it be allowed to use the HOV, or car pool lanes?

Stepping out of older model cars and into the latest offerings used to be rather easy – yes, the pedals were all in the right places and the gearshift lever was pretty obvious. However, today more and more controls are finding their way onto the steering column and indeed the steering wheel and the complexities of modern navigation / infotainment centers boggle the mind. I have one very modern car that has baffled me completely when it comes to using its navigation system, so much so that I rely on my trusty iPad.

In my most recent post to ATMmarketplace.com, A screening near you and cash will fly! I write about these navigation / infotainment centers, noting how Mercedes Benz, even as it pursues modernization, may be thinking about eliminating navigation systems, replacing them with cellphone-based systems. “Rumor has it that the ‘floating’ navigation screens in new Mercedes cars look like tablets for a reason,” said the magazine. “In the future, they may be replaced with docks for your iPad, Samsung Galaxy Tab, or other 4G-enabled tablets.” For families with more than one car, this will simplify future car swaps as one nuisance will clearly be eliminated.

But what about computer swaps where it’s a little more complicated – like migrating to a newer, more modern system or even converting to a completely new platform? There is considerable incentive for car makers to support a switch of vendor when customers jump into their car from something different, but for the enterprise user, switching to NonStop is an entirely different matter. On the other hand, even NonStop users have faced times where upgrading to the newest model was similar to switching platforms as chip architectures changed – the introduction of NonStop support for the x86 architecture being the latest example of such a switch.


Read the full blog post here.


Breaching Bad and the Cost of Incident Response

Last month, we explored data breaches involving memory scraping - how payment card information can get into the hands of thieves by siphoning off unencrypted data directly from system memory of the POS system. blog.xypro.com 

Since then, several widely publicized breaches hit the news, and speculation is that they were all victims of this same type of memory scraping malware. Because of this, I’ve been issued a slew of new credit cards and have to go through the joy of having to check my credit reports weekly – and I know I’m not alone there. Thanks a lot!

But what if you, as the administrator, did the due diligence, changed your default credentials, implemented two factor authentication, enabled account lockout settings and you were still breached?  What happened?  The likely culprit is an Advanced Persistent Threat, or APT, that’s what.  APTs are a set of stealth, continuous hacking processes executed by a group or organization with a lot of patience.  They know what they’re targeting and they’ll take their time to do it right, and be nearly impossible to detect.  As the old saying goes, we as security professionals need to be right 100% of the time, the attacker only needs to be right once.

Continue Reading...

Stay Connected with XYPRO

LinkedIn Group


NEW Benchmark Video: Randy Meyer, HP and Bob Kossler, HP discuss details of the extraordinary benchmark performed at HP’s Advanced Technology Center and HP's partnership with Lusis Payments.

 Featured in the video: Randy Meyer, HP Vice President & General Manager of Mission Critical Systems, Bob Kossler - HP Director, Technology, Strategy and Planning, Ki Roth -Lusis Payments Head of Business Development, Americas, and Brian Miller – Lusis Payments, VP & GM Americas.

The client that participated in the proof of concept currently operates more than 20 million terminals, deployed in over 125 countries, which include some of the world’s largest financial institutions. For the proof of concept, Lusis Payments simulated the client’s system to test TANGO.  HP ran the proof-of-concept tests at its Advanced Technology Center in Palo Alto, California,  and worked with the client to reproduce its hardware environment for a true simulation. As a Lusis Payments partner, HP was proud to demonstrate how well an elite product like TANGO can maximize the high performance of HP Nonstop servers. The project determined that TANGO is fault-tolerant and is capable of processing 2,500 transactions per second (TPS) for 48 hours straight without failure.

"Our relationship with Lusis has been a tremendous asset to us. We've worked at all levels together. We've worked technically to get the TANGO software into the NonStop environment and not only port it but tune it and get the utmost in performance from that. We've also worked together on the go to market side... Philippe Preval the President (of Lusis Payments) has been a tremendous part of that success...he understands the payments marketplace and has worked directly with us...he has a clear grasp of the business and shares our passion for customers."  - Randy Meyer, HP Vice President & General Manager of Mission Critical Systems

WATCH THE VIDEO HERE: http://www.youtube.com/watch?v=PPDKRiaBlr0


For more information about TANGO contact Brian Miller at brian.miller@lusispayments.com or visit http://www.lusispayments.com

Brian Miller
Lusis Payments, North America

(415) 829-4577


comForte at events near you in 2014 and 2015

 Join us at these events:



8 Oct


PCI Community Meeting, Europe

7-9 Oct 2014

Berlin, Germany


9 Oct 2014

Toronto, Canada

CONNECT Advanced Technical Boot Camp

16-19 Nov 2014

San Jose, USA

PCI Community Meeting, Asia Pacific

19 Nov 2014

Sydney, Australia


2 Dec 2014

London, UK


6-7 March 2015

Florida, USA

Int'l GTUG

27-29 April 2015

Munich, Germany


And there is more, join the security discussion in the HP NonStop [Tandem] Security Group on LinkedIn.

 Last but not least, follow us on ...

NEW - comForteLounge Blog

comForteLounge LinkedIn Group

comForteLounge Twitter

comForte on YouTube


Where we are in The World...

Join XYPRO at these upcoming Events in 2014 & 2015

September 25th, 2014
Renaissance Philadelphia Airport Hotel
Philadelphia, PA

The Payments Knowledge Forum (EBUG)

September 29-30, 2014
Central London, United Kingdom


NENUG-Fall Meeting

October 2nd, 2014
Andover, MA

October 9-10, 2014
Toronto, Canada

PCI SSC European

Community Meeting
October 8-9, 2014
Berlin, Germany


HP NonStop Technical

November 16-19, 2014
San Jose, CA

PCI SSC Asia Pacific
Community Meeting

November 18-19, 2014
Sydney, Australia



December 2nd, 2014
London, United Kingdom


March 6th, 2015


Stay Connected with XYPRO

LinkedIn Group


 Availability Digest Explores the Darknet

Over a three-week period at the end of 2013, Point-of-Sale (POS) terminals at Target stores throughout the U.S. were infected with malicious software that stole the personal information of over 110 million credit-card holders. Yet another American retailer, Home Depot, recently announced its POS terminals were hacked; and the number of impacted customers could exceed those victimized by the Target hack.

Question: What happens to all that stolen information? Answer: It is offered for sale on the Darknet.

The Darknet is an online network where connections are made only between trusted peers. Potential new members must be approved by existing members. In 2002, a project called Tor was established by the U.S. Naval Research Laboratory with the original purpose of protecting U.S. intelligence communications. Tor allows groups of people using the Internet to maintain complete anonymity via numerous layers of protection. Tor continues to be used legitimately. However, when Tor is used for illegal purposes, it is called the Darknet. The Availability Digest explores the Darknet, how money is made on the Darknet, and how law enforcement agencies work to prevent the Darknet sale of stolen information.

In addition to “The Darknet,” read the following articles in the Digest’s September issue:

TWC Internet Outage Affects Millions – On 27 August, millions of U.S. residents woke to discover that their Time Warner Cable internet service was down. The cause? During overnight network maintenance, human error resulted in an erroneous configuration that propagated throughout TWC’s national backbone. The outage lasted for hours. Time Warner Cable is the second largest cable company in the U.S. and is in the middle of an effort to merge with Comcast, the nation’s largest cable provider.

2014 Verizon Data Breach Investigations Report – Each year, the Verizon Data Breach Investigations Report (DBIR) analyzes the impact of security incidents, data breaches (in which data was exposed), and security disclosures (in which information was actually stolen). Fifty organizations contributed content to the 2014 DBIR, and 95 countries were the sources of confirmed incidents. The report covers 63,437 security incidences that resulted in 1,367 data breaches. 2014 was the year of large-scale attacks on payment-card systems. Among the most notable was Target.

Why Your Business Continuity Plan May be Inadequate – In today’s business world, access to real-time, online transactional data is a competitive advantage. Learn how solid business continuity plans can ensure continuously available application services. Guest authors: Keith Evans, Shadowbase Business Development & Product Management, and Paul Holenstein, Executive Vice President, Gravic, Inc.

@availabilitydig – The Twitter Feed of Outages - This article highlights some of the @availabilitydig tweets that made headlines in recent days. If you currently are not following @availabilitydig, consider making our Twitter presence a daily read.

The Availability Digest offers one-day and multi-day seminars on High Availability: Concepts and Practices. Seminars are given both onsite and online and are tailored to an organization’s specific needs. We also offer technical and marketing writing services as well as consulting services.

Published monthly, the Digest is free and lives at www.availabilitydigest.com. Please visit our Continuous Availability Forum on LinkedIn. We’re at 654 members and counting. Follow us on Twitter @availabilitydig. Digest Managing Editor Dr. Bill Highleyman will present “How Does Failover Affect Your SLA” at Connect’s NonStop Technical Boot Camp in November.



OmniPayments Introduces “The Smarts Behind EMV Smart Cards”

Enclosed within the recently distributed September/October 2014 Connection is the “The Smarts Behind EMV Smart Cards: Part 1 – Online Transaction Processing.” Written by Yash Kapadia, CEO of OmniPayments, Inc., “Smarts” introduces smart-card technology, including card structure, card data, terminal capabilities, encryption support, and processing flow. Part 1 pays special attention to online transactions using smart cards.
Since most card-payment networks include one or more HP NonStop servers, “Smarts” is of special value to HP NonStop customers and third-party partners.

A smart card, also called a chip card or an integrated-circuit card (ICC), includes an embedded computer chip that employs cryptographic and risk-management features. In conjunction with a smart-card POS or ATM terminal, these features are designed to thwart skimming, card-cloning, card-counterfeiting, and other fraudulent attacks.

A decade or more ago, a consortium of card issuers comprising Europay, MasterCard, and Visa (EMV) began the specification of smart cards, formally known today as EMV cards. EMV card technology has been adopted by most of the countries on all continents in the world. Excluding the U.S., there now exist 2.3 billion EMV cards and 37 million EMV terminals worldwide. However, the United States is the laggard. Representing almost half of all payment cards and terminals in the world, the U.S. still runs its payment-card services on outdated magnetic-stripe technology. “Smarts” explains how and why the U.S. attitude toward smart cards will change in 2015.

Part 2 of “The Smarts Behind EMV Smart Cards” focuses on Offline Transaction Processing and will appear in The Connection’s November/December 2014 issue. Highlighted will be the procedures for securely authorizing smart-card transactions offline without direct issuer involvement.

The OmniPayments financial-transaction switch offers a comprehensive solution for financial institutions to acquire, authenticate, route, switch and authorize transactions across multiple input channels such as ATMs, POS (point-of-sale) terminals, kiosks, IVR (interactive voice response) units, mobile devices, and the Internet. It provides a full set of functionalities to support payment transactions. As OmniPayments routes transactions to the card-issuing institutions, each transaction must be validated against an often complex set of rules before its execution can be authorized. The authorization process consumes valuable processing resources and requires the continual maintenance of authorization rules and parameters. OmniPayments offloads this complex task from the transaction-acquiring and card-issuing institutions with a powerful Transaction Screening rules engine that can preauthorize transactions, thereby minimizing the time and bandwidth typically required to obtain transaction approval.

OmniPayments supports EMV protocols and other EMV requirements necessary to bring the enhanced EMV security capabilities to the financial payment industry.

With successful implementations at many customer sites, OmniPayments is just one member of the Opsol family of solutions for the financial industry. Opsol Integrators specializes in NonStop mission-critical applications and offers customers all the requisite functionality to manage credit/debit-card transactions. OmniPayments is easily expandable to provide additional functionality when needed.

OmniPayments supplies complete security functions for every financial transaction that it handles, including encryption-at-rest and encryption-in-flight. Available around the clock, OmniPayments will survive any single fault, requires no downtime for maintenance or upgrades, and supports a range of disaster-recovery solutions. For further information, visit www.omnipayments.com. Contact Yash Kapadia at +1 408-446-9274 or at yash@omnipayments.com. Visit our booth at the upcoming NonStop Technical Boot Camp in San Jose, California, USA (16 – 19 November).

Gravic Publishes Article on HP Pathway Domains and Shadowbase Data Replication


Gravic recently published an article, Pathway Domains and Data Replication – Perfect Together! in the September-October issue of The Connection.

It takes two to tango!

It is of no use having data available on alternate/takeover systems if the applications required to provide the business services are not also available when needed.

Shadowbase data replication solutions keep databases replicated and synchronized across multiple systems, whether it be a uni-directional (active/passive), bi-directional (sizzling-hot-takeover or active/active), heterogeneous, or homogeneous environment.

The introduction of Pathway domains spanning nodes for HP NonStop servers helps to ensure that Pathway applications remain available too, even when catastrophic failures take out a system, an entire data center, or a geographic region.

By configuring applications within a Pathway domain across multiple HP NonStop nodes, in the event of planned or unplanned outages, user requests are automatically routed to the remaining systems, thereby preserving application availability.

In addition, application scalability is increased by automatic workload distribution across those systems. Since Shadowbase replication technology ensures the data remains available, the combination of Shadowbase software and Pathway domains increases the availability of your business services.

In short, Pathway domains and Shadowbase data replication solutions are perfect together!

For more information on Shadowbase solutions, please visit: www.gravic.com/shadowbase.

Gravic Presents at VNUG, the 2014 Nordic Conference

Gravic recently attended the Viking NonStop User Conference 2014, in Balsta, near Stockholm, Sweden. The well-attended conference celebrated 40 years of HP NonStop, reviewing past highlights and discussing future milestones. One of the clever highlights included an all-hands culinary class taught by a master chef where the attendees prepared, served, and then devoured a delicious four-course meal featuring a greens salad, scallop-wrapped bacon appetizer, reindeer filets with fluffy mashed potatoes, and crème brulee for dessert!

The Gravic team delivered a presentation on the key issues affecting application availability when catastrophic disasters occur, and how to mitigate them using best-in-breed solutions consisting of HP NonStop hardware platform married with Shadowbase software. If you are interested in having this material presented to your team, please contact us at +1.610.647.6250 or SBProductManagement@gravic.com. Congratulations to Veronica Strom of CSC Sverige AB who won our Kindle Fire prize!

Please Visit Gravic at these Upcoming Events

MATUG Meeting Philadelphia, PA, USA, 25 September


The Payments Knowledge Forum London, UK, 29-30 September


CTUG Fall Conference Toronto, Canada, 9-10 October


Connect NonStop Technical Boot Camp San Jose, CA, USA, 16-19 November


BITUG BIG SIG London, UK, 2 December

Please Visit Gravic at these Sites

Website  http://www.gravic.com/shadowbase


Twitter  https://twitter.com/GravicSB


LinkedIn  http://www.linkedin.com/company/gravic-inc./shadowbase-data-replication-305119/product


Facebook  http://www.facebook.com/pages/Gravic-Shadowbase/116969767814


Google +  https://plus.google.com/b/117288516055822969721/117288516055822969721/posts


The Nets Group Successfully Implements Lusis Payments’ TANGO for ATM Driving

 (Paris, September 2014) — Lusis Payments, a leading supplier of mission-critical payments software, today announced the selection and rollout of its TANGO solution by Nordic switch processor The Nets Group, a leading provider of payment, card and information solutions.  The selection of TANGO followed a comprehensive review of alternative payment solutions over a number of months. The ensuing project implemented TANGO to drive Nets’ ATM estate of withdrawal and deposit ATMs and culminated in the successful migration of more than 700 ATMs, all achieved within a short time frame compared to similar migration projects. 

“Nets wouldn’t be the successful, market-leading company we are today if it wasn’t for our ability to develop new and innovative solutions that satisfy clients and partners needs and time frames,” said Jan Erik Secker, vice president at Nets.

Read the complete press release HERE.

For more information about TANGO contact Brian Miller at brian.miller@lusispayments.com or visit http://www.lusispayments.com

Brian Miller
Lusis Payments, North America

(415) 829-4577


Computer Security Products’ newest solutions for OSS

 With our latest release of Protect-UX, CSP delivers a new, higher level of visibility, management and compliance for your OSS environment.  

Protect-UX delivers a unique range of functionality, and the new release introduces several improvements over the previous releases.

CSP delivers the most comprehensive solution for OSS security, with:

-        File Integrity Checking

-        Compliance Reporting

-        Auditing and Real-time Alerts

-        User Management and Session Control

-        Protect-UX File Permissions Management

-        Rapid detection of Orphan Files

-        Provision of Templates to secure OSS Applications quickly and easily

-        Effective access reports for any user

CSP’s solutions leverage the built-in Safeguard, Guardian and OSS controls to provide robust and effective compliance.

Find out more  at www.cspsecurity.com and www.protect-ux.com


Gravic Completes Whirlwind Trip to Asia-Pac Region

In July, I traveled to South Korea and Japan for eleven whirlwind days. I presented on Shadowbase business continuity solutions at the 2014 South Korea NonStop User’s Group (KNUG) meeting. It was held in Seoul, on July 3 at the Ritz-Carlton Hotel, and attended by approximately 65 delegates, along with a dozen vendors not including the HP entourage. The morning sessions were presented in English and translation into Korean was provided. Gelin Cheng, HP Regional Business Manager for Asia Pacific and Japan (HP Singapore office), received a standing ovation per Korean culture for her opening remarks. She later presented on the HP hardware and software roadmap. The rest of the morning was reserved for presentations from the English-speaking vendors; approximately half of the vendors were local to the region, with the other half traveling from all over the world to participate in this event. After lunch, the interpreters were released and the remainder of the meeting was presented in Korean. At the end of the day Kristi Elizondo, Director of Connect, spoke of advocacy and the need for everyone to stay involved in the Connect organization in order for it to provide the best support for all of its users.

For the rest of the time, I was busy with a visit to our local Japanese representative, High Availability Systems (HAS), in Mina Tao Precinct, Japan. HAS provides expert Shadowbase resources for installation and configuration and management for all of Japan. My meetings were also held with HP-Japan at its offices as well as between HAS and HP-J. Emphasis was given on the Shadowbase Other Servers Oracle source collection tool, for extracting and replicating Oracle data from remote servers to HP NonStop SQL/MP and SQL/MX databases of records. HAS engineers provide top-level testing and analysis of Shadowbase replication software, and the accompanying peripheral Shadowbase Utilities. For more information on either HAS Shadowbase support in Japan or Shadowbase international support in other countries, please contact sbsupport@gravic.com and reference this article.


William G. “Bill” Holenstein

Senior Manager of Product Delivery

Shadowbase Products Group



High Performance Switching and Secure Data Storage

Third Data Corporation

888-301-2431 / sales@thirddata.com


               Third Data Corporation provides numerous products which can reside on HP Nonstop and other HP and Non-HP  hardware platforms. In addition we provide custom high performance software design and development for our clients.

FastBuild SwitchWhen building a switch be it ATM-POS, Wire Transfer, EFT, Medical, or any other type of data that needs to get from one place to another, you are usually faced with three choices. Take an existing package and modify your system to match it. Get the vendor to “enhance” their system to meet your needs. Write a new system from scratch. The FastBuild Switch integrates with your existing system, or if you are building from scratch gives you a great start. The switch is also built around the latest HP technology to maximize performance. It integrates several of our other products to maximize cost savings and security in a fault tolerant manner. In a cross platform environment it also runs on other non-Guardian HP supplied platforms.

SecureStoreIf you are security conscience trying to become compliant (PCI, HIPAA, etc) then you know that you can not leave sensitive data readily viewable. SecureStore does three things for you. The data is encrypted so that you can become compliant. The data is compressed so that your hardware costs are reduced. As part of disaster recovery your data is sent to multiple locations so it will be available when you need it. As a bonus for those having trouble with Guardian 4K limits there is no record size. It supports Big Data with up to 18 Exabytes. It can also integrate with SQL systems (SQL MX/MP, Oracle, Postgres etc).

NxLibNxLib provides a platform and utility libraries for developing a high performance multi-threaded applications on NonStop Guardian. The platform provides threading, queuing and network capabilities. This enables development of an application written single threaded style to perform as multi-threaded.   Extensible command processing and help are supported.  Development time can be cut to a fraction of the time it would normally take.  This results in fast  application development with consistent look and feel across multiple projects.

NxWebA high performance web server which provides support for NxLib applications.  It also can be used without NxLib.  It provides for secure connections, virtual domains, full http support and interfaces to pathway and IPC communications.

NxFile+NxFile+ provides compression and encryption to Enscribe structured files.  The files are configured through a GUI interface and the results are provided seamlessly to your applications, typically without any code changes.  In addition this provides for dynamic key changes on the fly so data stored at-rest may have its encryption keys changed as required.  Because the records can be compressed prior to encryption, it’s also possible to have records which significantly exceed the 4k record size limitations.

NxSSLNxSSL is an SSL proxy which may be used to provide SSL encryption and authentication services to TCP/IP connections.  It provides full support for certificates and multiple encryption standards.  It has been carefully tuned to provide the highest performance available for any NonStop SSL connection.

NxUndeleteFiles accidentally deleted can be a real problem.  Even when a backup is available, it is frequently a significant effort to retrieve it from a backup tape.  NxUndelete implements a recycle bin function on the the HP NonStop system.  Files deleted may be easily recovered using its GUI interface.


Mix of COBOL, TAL and C re-documented in the ITP-PANORAMA OLAP HyperCube

At the newest user of ITP-PANORAMA, Six Group, largest financial services provider in Switzerland, we learned that applications running on NonStop computers can contain a mix of COBOL, TAL and C. We had to do some programming on the scanner and achieved, that developers at Six Group are now able to perform change requests of users in a HyperCube Repository that was built of this mix of languages. The HyperCube Repository contains the technical re-documentation of all applications. The daily scanning of the sources shows hidden bugs, open links and potentially dead code.

Like all new users Six Group evaluated ITP-PANORAMA during a 30 day trial. The order was placed immediately after the 30 day trial ended. Developers save now 90% of analysis time and can deliver changes in shorter time and at lower cost. This allows a pretty short ROI. 

Contact: Juergen Overhoff, JO@itp-panorama.com



Find out more about us at www.tandemworld.net



+44 (0) 20 8304 7979

We would like to thank the sponsors of the September 2014 eNewsletter


Gold Sponsor


Silver Sponsor

To enquire about Sponsorship opportunities for the Tandemworld Newsletter please click here.

Current Subscribers 14992

Our company, Tandemworld, accepts no liability for the content of this email, or for the consequences of any actions taken on the basis of the information provided.
To Unsubscribe or Change your Subscription Please click here