Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Functionality already exists
Categories Security
Created by Guest
Created on Aug 23, 2023

Show source IP and user in log for ALL attempts

It is useful to scan logs with security tools to look for patterns in brute force access to the B2B Integrator instance. None of the logs today contain the real source IP of connection attempts. Only certain logs show the perimeter server IP the request came through. We request adding this source IP to the log where it shows IP and user for attempted and successful connections.

What is your industry? Banking
How will this idea be used?

This idea will allow security threat detection to monitor connection attempts to IBM Sterling B2B Integrator from a variety of protocols, and confirm if we have a history of brute force or DDOS attempts to connect from certain IPs. Allowing threat response to those specific IPs.

  • Admin
    Mark Allen
    Reply
    |
    Jan 24, 2024

    Hi Peter,


    Talking it over with the team, they explained the following:

    • Source IP captured by SSP is passed to SEAS as part of the SSO mechanism, which is how B2Bi receives it from the client

    • By not using SEAS it would be a direct passthrough with SSP, which would be a security concern

    • if SSP is configured with SEAS, this should pass the source IP as per your request

    • if using external Perimeter Server instead, then this wouldn't pass the source IP and may require changes


    You will want to check if you have SEAS implemented with SSP since this is the way the solution was designed. Using SSP alone won't work well.

  • Admin
    Mark Allen
    Reply
    |
    Nov 2, 2023

    Thank you for taking the time to provide your ideas to IBM. I truly value our relationship with you and appreciate your willingness to share details about your experience, your recommendations and ideas.


    We already provide this feature when using B2Bi with SSP. See: https://www.ibm.com/docs/en/b2b-integrator/6.1.2?topic=adapters-configuring-services

    Sterling B2B Integrator, when used with Sterling Secure Proxy for file transfer using SFTP or FTP adapters, records the IP address of Sterling Secure Proxy as the client IP address instead of the IP address of the actual client that is connected from Sterling Secure Proxy.

    The Client IP feature allows you to record the initiating client IP address, which is required by several clients for regulatory requirements.


    Can you take a look at this and see if this satisfies your requirement?

    Thank you for bringing your ideas to us. If you have any additional feedback, thoughts or ideas, or if there is anything else I can do, please do not hesitate to reply to this message to continue the conversation.