Skip to Main Content
IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Future consideration
Workspace z/VM
Created by Guest
Created on Mar 2, 2017

collect more data for FTP/TN3270 sessions in MONWRITE

We are enabling all FTP and TN3270 in our environment to comply with Payment Card Industry (PCI) standards. With FTP we cannot make it default for the entire environment at this time so we must still allow unsecure FTP to occur. PCI compliance “regulations” allow us to permit unsecure/secure FTP as long as there is a compensating control that identifies if key personnel who MUST use secure methods can be seen as not complying. (per PCI compliance certain individuals are identified that CANNOT use their USERID/PASSWORD in the “clear” – ie SYSTEM administration personnel).

We are also a z/OS shop with the same compliance issues and we leveraged SMF data to identify FTP transactions that were not secure by personnel that should not use unsecure connections. In z/VM we tried to leverage the MONWRITE data in the same way but MONITOR records do not capture the FTP event with the same detail that SMF does (see PMR 02011,082,000).
With SMF data we can see the client/server connections, who did them and whether the connection was secure or not. With z/VM the best granularity we can see is by enabling MONITORRECORDS in the TCP/IP stacks which provides records for opening/closing TCP or UDP connections and the IP address and port.

We are seeking an enhancement that will provide encryption information also for these connections.

Idea priority High