Mask CI info coming from secure datacenter at mid server before it gets entered to CMDB

Servicenow lear · ‎09-17-2024

Hello All,

We are doing ITOM discovery and part of it is to do discovery of a secure data center.

The Regulations asks us to mask the important details of CI coming into ServiceNow such as mac ,Serial,IP,Host name.

Is there a way to mask such details at mid server level so that the data gets anonymised.If Yes, then how to do it ?

We are deploying a dedicated mid server for this secured network.

Kamal17 · ‎09-25-2024

From whatever I know so far, ECC queue is the first place where the data gets inserted. From there, sensors/patterns will parse the response and execute pre-configured commands/scripts.

So, when we are masking the data while it is inserted into ECC queue, we'll achieve our objective.

btw, review the probe/pattern once to make sure there are no log statements to log the incoming data.

PS: Hit "Correct", "Helpful" or "Like" depending on the impact of the response.

Servicenow lear · ‎09-26-2024

thanks,

Do you think the data in ecc queue is encrypted ?

Kamal17 · ‎09-26-2024

No it's not encrypted by default. We can see it's content by navigating to "ecc_queue.LIST" in the navigation menu.

Servicenow lear · ‎09-30-2024

thanks let me do some internal analysis. I will get back

tommike070 · ‎11-30-2024

Yes, you can mask sensitive CI details at the MID Server level in ServiceNow using Discovery Sensors and Pre/Post Processing Scripts. Modify the relevant Discovery Sensor or add a Post Processing Script in the Discovery Pattern to anonymize fields like MAC, IP, or hostnames before sending data to ServiceNow. Deploy a dedicated MID Server for the secure network, and configure it with limited access. Optionally, enable field encryption in ServiceNow for added security. Test the setup to ensure compliance with regulatory requirements and accurate discovery. Tiblor