IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Functionality already exists
Workspace Sterling File Gateway
Categories Security
Created by Guest
Created on Nov 22, 2021

RELATED IDEAS

CAPTCHA implementation for SFG UI Interface

One of our Customer (STATE BANK OF INDIA) raised the below security issue. They are migrating their SFTP partner to Sterling File Gateway. They have requested to have CAPTCHA option when partners uploading files via the SFG UI. Their requirement is to have a manual intervention through CAPTCHA to prevent any automated file uploads. We have told customer that the CAPTCHA option is not available in current product versions, but we have suggested to have adapter policies/customizing user permissions to achieve this. We also suggested mailbox user exit option to see if that helps here. However, SBI would like to have CAPTCHA option as a proactive approach to prevent such file uploads .

What is your industry? Banking
How will this idea be used?

Implementation of CAPTCHA option when partners uploading files via the SFG UI for security reasons. Their requirement is to have a manual intervention through CAPTCHA to prevent any automated file uploads.
  • Guest
    Reply
    |     Apr 1, 2022

    Hi Ryan


    We have already suggested mentioned solution (MFA) to our customer and they have rejected it. Customer do not want captcha implementation on login page.

    It is mandatory to implement rate limiting mechanism (Captcha) for file upload from UI, i.e, captcha implementation on fileupload page for myfilegateway URL. This is required to prevent any automated file upload script execution by a bot ,etc.


    Captcha is required after user is authenticated ,is able to access their respective mailbox and tries to upload a file. Any file upload by user has to go through captcha validation, post validation file should get uploaded.

    Request you to check the feasibility.


    Just for your information, we also tried to suggest a work around as below which customer has not agreed:

    1. Uploading a file can only been done by an authenticated trading partner.

    2. If a trading partner acts as attacker and upload a lot of files. The problem can be easily identified and the trading partner can be disabled.

    3. If the customer wants, they can disable file upload from UI and forced the trading partners to upload a file via ftp or sftp. For ftp and sftp, we have rate limit control in Deployment -> Adapter Utilities -> Policy Configuration in dashboard UI. The customer can remove "myfilegateway File Upload" permission to disable file uploading via UI.

  • Guest
    Reply
    |     Mar 31, 2022

    Hello, SFG can be extended with Sterling Secure Proxy and SEAS to connect to external identity providers over SAML 2.0.


    More information on MFA can be found here:

    https://community.ibm.com/community/user/supplychain/blogs/vijay-chougule/2021/02/24/multi-factor-authentication-for-ibm-sterling-b2b-c

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.