IBM Z Hardware and Operating Systems Ideas Portal
Hide about this portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

Communications Server

Showing 85

Provide TLS_NEGKEYSHARE data for TLSV1.2 protocol in zERT Type 119 Subtype 12 Reporting

We would like to see the TLS_NEGKEYSHARE column in zERT Reporting contain the data which will reflect which elliptical curve is in use. The SMF 119 layout has the field below: 40(X'28') SMF119SS_TLS_Neg_Key_Share 2 Binary Negotiated key share:...
over 2 years ago in z/OS / Communications Server 0 Future consideration

Provide support for IKED/NSSD for PassPhrases or Protected in RACF

Our organization is migrating from a password to passphrase environment. Our userids for the IKED and NSSD started tasks have passwords. We would like to make these IDs RACF PROTECTED or be able to use a PassPhrase. But it seems via the case that ...
over 2 years ago in z/OS / Communications Server 0 Future consideration

Move Policy Agent processing to above the bar to correct storage exhaustion errors during policy REFRESH/UPDATE

We are building an ipSecPolicy file for REFRESH/UPDATE into PAGENT for load to TCPIP for packet management. In defining our rules, we've found we have a very large Policy Agent definition file to cover such disparate issues as VIPA, DVIPA, Enterpr...
7 months ago in z/OS / Communications Server 0 Future consideration

NSSD Passticket Authentication with RACF protected Userid

During initialization of IKED-NSSD communication, IKED has to transfer a RACF Userid/Password or a RACF Userid/Passticket combination. When using a passticket, the RACF userid must not have the RACF protected attribute. When this Userid is used un...
over 7 years ago in z/OS / Communications Server 0 Future consideration

Enable SNMP subagents to support SNMPv3

I would like to eliminate as much unencrypted SNMP as possible. To do that it would help if the SNMP subagents (such as IOBSNMP, TCP/IP Subagent and OSPF Subagent) could be configured to work with SNMPv3 (preferably at AES128).
over 9 years ago in z/OS / Communications Server 8 Future consideration

z/OS FTP PROXY OPEN support over TLS

We've recently started to enforce TLS encryption for z/OS FTP connections. Some of our jobs use the FTP "proxy" command to request that a dataset be transferred from one z/OS FTP server to another z/OS FTP server. However, when this is done after ...
8 months ago in z/OS / Communications Server 0 Future consideration

Message for when Join does not occur due to Moninterface issue

We had an issue where we were doing some maintenance on our Sandbox system where we had MONINTERFACE coded. The engineer dynamically deleted the interfaces and re added them, minus the Moninterface. When we realized that we weren’t in the TCPPLEX ...
over 1 year ago in z/OS / Communications Server 0 Future consideration

Enhance zERT discovery to be more accurate in recognizing and recording TLS sessions with very large handshake messages and unusual timing

zERT discovery is currently unable to recognize TLS sessions when handshake messages exceed the maximum TLS record length. It also relies on timers in specific situations that can sometimes generate misleading information regarding TLS sessions th...
over 2 years ago in z/OS / Communications Server 0 Future consideration

Enhance AT-TLS filters to allow hostname specification for RemoteAddr

For AWS ELB (Amazon Web Services Elastic Load Balancing), we need support destination host name (instead of IP only) for attaching an SNI header using TTLSRules AWS Load Balancer externally uses multiple IP addresses of the range assigned to the e...
about 4 years ago in z/OS / Communications Server 2 Future consideration

zERT - Allow filtering for cipher suites

Please add a filter criteria for CipherSuites, like 009D or C027. So it is a quick view over used certificates, and we could reduce our AT-TLS rules for longer unused ciphers. Alternative would be a filtering with multiple parts, like AES_CBC_128 ...
over 1 year ago in z/OS / Communications Server 0 Future consideration

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.