This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Mask or Don't Include Passwords In Connect Direct Process Scripts that have been built in Connect Direct Web Services or Connect Direct Browser UI
Currently when a user builds a process in CDWS or CD Browser UI, the password is in plain text if a pnode/snode ID is used with password. This is a security vulnerability and should be addressed. We realize that there is no way to stop a user from...
Add TLS 1.3 Support to Connect:Direct for HPE Nonstop Platform
It was mentioned in HPE NonStop Forum that TLSv1.3 will be coming out later 2019 year. It was also mentioned by HPE that TLSv1.0 is a degraded security protocol and that HPE NonStop Client Applications running on X86 and Itanium Platform need to m...
CDW services should be running as non-system and non-admin user account
Our security assessment team found an issue with 'System' running CDW services by default. Although IBM allows a service account to run CDW services, it requires this account to be a member of local admin group. Either method causes security conce...
Remove the need of 'Log on locally' permission for user accounts in Connect:Direct Windows
Remove the need of 'Log on locally' permission for user accounts in Connect:Direct Windows. In our organization providing service accounts with 'Log on locally' permission is picked as a Non-standard security configuration and deviating from our s...
In Connect:Direct v4.1 for Unix and v4.6 for Windows, we use the Cipher.txt file to limit the selection of cipher suites to strong ones so the spcli.sh "Display CipherSuites" command only shows what's allowed in the Cipher.txt file. This good secu...
Do not place IBM confidential, company confidential, or personal information into any field.