This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Improve diagnostic accuracy of Secure+ error messages
We often get Secure+ error messages (prefix CSPA) that don’t necessarily indicate a Secure+ issue. This makes it difficult to monitor for errors. The error messages that have caused us the most difficulty are:
CSPA202E SSL handshake failure, reason=Socket closed by remote partner
We often see these error messages but they reflect a transient networking issue rather than an actual Secure+ error. That makes it difficult to alert on Secure+ issues because of the large number of false positives we would generate with a simple message alert.
If the SSL handshake fails because the remote side doesn’t respond or sends a TCP reset, we would like the error message to indicate that as opposed to the case where the SSL handshake fails because of a true SSL handshake failure. The former error is transient while the latter will require some change to the security configuration on either the remote or local node to correct the problem.
I’ve attached a document showing some examples of CSPA error messages followed by successful connections.
If implemented, we will use this idea to improve the monitoring of remote nodes. Currently, we have a custom-built monitor running in CA's Netmaster product that checks connectivity to remote nodes by submitting a "heartbeat" process periodically and monitoring whether the connection succeeds. with accurate diagnostic messages we will more easily be able to alert our Operations team if there are Secure+ issues.
Do not place IBM confidential, company confidential, or personal information into any field.