Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Future consideration
Created by Guest
Created on Nov 4, 2021

Security Administration Report from SPOE administration

Using the ADMIN function to maintain entries in SPOE is basically performing security administration functions.

In some environments auditors/regulators like to see who is performing administration and what changes they are making.

Requesting that you consider having a pre-defined report, or the data available to show WHO (Inserted/Updated/Deleted) a record in SPOE, WHAT record did they administer, DETAILS (If they inserted a record what are the fields that was set, if they updated a record, what fields were changed, If they deleted a record, what did the record look like prior to deletion). You would also want to show WHEN the record was administered.


What is your industry? Banking
How will this idea be used?

Two Methods in which this can be useful:

#1. Problem resolution, when a transmission fails due to security issues, and you see the record has been updated in SPOE, you can tell what was changed by looking at this administration log.

#2. We can provide to auditors and regulators details of what we have administered in SPOE.

  • Admin
    Chris Sanders
    Feb 1, 2022

    Thank you for your patience as we reviewed this request across the C:D z/OS and CC teams. After quite a few discussions we do believe that this would be a reasonable enhancement. I'm going to accept this for Future Consideration so that it will be added to our backlog. As we move forward we'll look to add it to the roadmap.


    Sincerely,

    Chris Sanders

    Connect:Direct Product Manager

  • Guest
    Jan 6, 2022

    Hello, I have been in touch again with my NDM technical staff. They have been able to point me to some JCL that will pull out data based on record types (IU or DU).


    However the JCL does not produce the date the record was inserted or deleted. I just know the query stated to pull in the data from "yesterday". If an auditor were to look at that file/report they would immediately question me on the date of the activity.


    Another issue with a Insert or an Update, the data does not tell what was done. For example if I am doing an INSERT we list the SNODE/SNODEID, but where is the Security User ID reported. What ID did I map when I inserted the record. Another example is when I update an existing record, the data does not appear to state what was updated. What was changed?


    If this is available already can you point me where in the documentation is it located.


    For the zOS platform we are not using Control Center due to the size of our installation.


    Thanks for your assistance.


  • Guest
    Dec 31, 2021

    Hello, for our organization I am one of the RACF Engineers, not the person that supports NDM/SPOE. Also we are talking about the mainframe (zOS) environment.

    How do I access the Control Center? I do not believe we are running 6.2 yet, so I assume the Web UI would be an option at this time.

    I will also bring your comments to the attention of the team that supports NDM, since when I asked them earlier about this capability they were unaware of its existence.

    Linnea G Sullivan Jr
    VP, Information Security Senior Engineer
    zSeries Security Strategy

    809 4 �� Street | Winston-Salem, NC 27101
    MAC D9635-010
    Tel 336-595-2831 | Cell 336-413-2080
    Linnea.G.Sullivan@wellsfargo.com

    This transmission may contain information that is confidential and/or proprietary. If you are not the individual or entity to which it is addressed, note that any review, disclosure, copying, retransmission, or other use is strictly prohibited. If you received this transmission in error, please notify the sender immediately and delete the material from your system. This transmission is for informational purposes only and is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. Any information regarding specific investments or other products is not warranted for completeness or accuracy and is subject to change without notice.

  • Admin
    VIJAY CHOUGULE
    Dec 20, 2021

    Thank you for taking the time to provide your ideas to IBM. We truly value our relationship with you and appreciate your willingness to share details about your experience, your recommendations, and ideas.

    The Audit log in Control Center captures/logs the changes performed by Administration. In 6.2 onwards the Audit logging feature is also available in Web UI making it even more easier to view the log records with easy to use filters.

    Thanks,

    Vijay