This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
IDEA Fixpack Augmentation – Priority 1 The recommendation is to augment the remediation artifact to include the entire history of the available fixpacks that are applicable to a vulnerability which is not done today. The current view on the glass reflects IBM’s design decision taken from a security standpoint, that WSA will promote the latest fixpack as a best practice and will most likely remain as the default choice. Kaiser can work with the API approach to install fixpacks that are not at the latest level via API customization but it would be nice to have it in the UI visibility.
As an example of why this approach would be useful, consider Kaiser’s current approach offers developers the choice of n-1, n-2, and current fixpack version. A view on the glass that will show if eight of ten CVE’s are fixed in one fixpack, that K...
IDEA #2 - PRIORITY #2 - Enhance WSA to enable en masse remediation selection and application. Currently, WebSphere Automation provides the apply for a user to select a single vulnerability.
Upon selection of a single vulnerability, a user can select only a single registered WebSphere instance for remediation application. Unfortunately, this behavior is serial and singular that does not conform to scaling needs for a security operatio...
IDEA #1 - PRIORITY #1 - Enhance WSA to display entire available & applicable remediation artifacts. Currently, WebSphere Automation displays only the absolute latest remediation artifacts (like APARs, etc).
Additionally, WebSphere Automation selects (by default) the most recent but smallest remediation artifact. Unfortunately, this method and model assumes a security operational team can aligned with IBM recommendation.
Request to potentially do a singular ifix remediation against many target servers; that is to do an en-mass group execution (one-to-many) of a CVE ifix.
To be able to select a group of servers to install an ifix to, rather than installing an ifix one server at a time. Something with maybe a check box list of servers that you that you can choose to push the ifix to, so that many servers are install...
Provide the function to schedule patch installation jobs
This is part 3 of an existing IDEA https://ideas.ibm.com/ideas/WASINTOPS-I-107 and is built on top of WASINTOPS-I-109. The customer would like to use the GUI of WSA to select one or more servers, display the list of unresolved vulnerabilities, cho...
To enhance WebSphere Automation (WSA) to install and rollback multiple iFixes for a list of WebSphere Application Servers
This IDEA is part 2 of https://ideas.ibm.com/ideas/WASINTOPS-I-107 . it builds on top of IDEA WASINTOPS-I-109 and extend to multiple servers. The current design of the product focuses on detecting unresolved security vulnerabilities that affect tr...
To enhance WebSphere Automation (WSA) to install and rollback multiple iFixes for one WebSphere Application Server
The IDEA is part 1 of an existing IDEA https://ideas.ibm.com/ideas/WASINTOPS-I-107; it limits the change scope to one server. The current design of the product focuses on detecting unresolved security vulnerabilities that affect traditional WebSph...
Do not place IBM confidential, company confidential, or personal information into any field.