This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
As with standard Linux servers today Secure Proxy should be able to present Host Keys (more than one) in both RSA and ECDSA formats depending on what type the vendor incoming connection supports. Vendors are demanding Host Keys that are stronger t...
Need an ability to Stop and Start the SSP Adapters and Engines vis SSPRestAPI.SH and SSPRestAPI.properties
We are building a solution that will allow us to centrally manage all of our estate which includes IBM Sterling Secure Proxy. Currently we can see in the HTTPS webcalls we can see the methods to Start and Stop the adapters it will be good if we ca...
License FASP at SSP rather than the endpoints. Add FASP support to SSP for additional protocols
FASP licensing could be applied to SSP rather than the underlying endpoints thereby allowing bridging to be performed where a multitude of underlying endpoints route through that SSP instance. Currently each endpoint has to be licensed individuall...
Enhancement to add automatic failover from an active CM node to another
Currently, we have CM installed on 4 servers and the configs are written to the local drive. If something were to fail on the active node, there is a manual fail-over process to not only copy the configs to another node (might not be possible if i...
Password security controls for SSP administrator interfaces using local authentication are not allow enough password security controls:
Passwords expiration can’t be enforced.
Password complexity settings are minimal and don’t comply with the ...
Inactive User Accounts Controls - Administrator Accounts
Application parameter settings that do not automatically disable and/or remove user accounts after a specified period of inactivity may result in unauthorized access, modification, destruction, and/or disclosure of confidential information.
Ability to see perimeter server status on SSP (i.e. monitioring - running/stopped)
Currently we're unable to see which perimeter servers are active on the Sterling Secure Proxy engines, this in turn can cause issues if duplicates are present. This would mimic the monitoring ability currently in place for adapters.
Right now SSP currently allows for two user roles (Admin, Operator)within the application. We would like to be able to create custom roles based on specific user requirements so exact permissions can be assigned.
Make Sterling Secure Proxy perform DNS resolution at the connection time
Currently SSP Engines only perform DNS lookups when the configuration is loaded from the configuration manager. This should be changed so that DNS resolution is performed at the time of a connection, when a node's configuration is accessed.
Do not place IBM confidential, company confidential, or personal information into any field.