CMDB & MID Server

SatishChitti · 3 hours ago

Hello Community,
Can anyone please help me understand the following questions:-

1.) On what basis do we decide the number of MID Servers required in a client network, considering that a single MID Server can typically handle around 10,000 CIs under ideal conditions.

2.) Which IP subnet mask (or subnet size) is commonly used when discovering devices in a client network, and how is it decided?
3.) When do we add Certificate in the MID Server & what is the need of adding certificates when doing any kind of integrations ex:- Nutanix, Azure etc.
In CMDB Side:-

1.) What are the best practices to manage CMDB.
2.)What is the role of CMDB Workspace in maintaining the CMDB. What are the key "tabs" which I have to navigate in CMDB Workspace.
3.)When do we use CMDB Data Certifications, can anyone please provide the navigation.

4.) How are duplicate CIs created in real time based on identification rules, and how does the OOTB deduplication process work in ServiceNow?

Thanks

Sandeep Rajput · 2 hours ago

@SatishChitti You have tried to cram in too many questions into a single post. I recommend you to either get this information from official documentation or take help from AI to get the relevant answers.

pavani_paluri · 2 hours ago

Hi @SatishChitti

1.Mid server selection
Think of a MID Server like a worker. One worker can do a lot, but if the network is big, if there are different locations,
If there are firewalls, If you want backup (if one fails).
1 MID Server per network/location
Add 1 more for backup (HA)
Keep Discovery MIDs and Integration MIDs separate if possible

Don’t size MIDs based only on “10,000 CIs” — size them based on workload.*

2. Which subnet is used for Discovery?
There is no fixed subnet. It depends on how the client network is designed.
Examples:

`/24` → most common (256 IPs)
`/22` or `/21` → large data centers
`/32` → single device (like routers)

Discover only what you need. Smaller subnets = faster and safer discovery. Never blindly scan very large networks

3.Why do we add Certificates to MID Server?

Certificates are like ID proof for secure communication. We add certificates when:
MID Server talks to cloud systems (Azure, AWS, Nutanix)
Secure API integrations are required. HTTPS trust is needed.

Without certificates, Systems don’t trust each other. Integrations fail

Best practices to manage CMDB
Think of CMDB as a master inventory list.
To keep it clean:

One trusted source per CI
Avoid manual CI creation
Use Discovery / Integrations
Assign owners to CIs
Regularly check data health
4.What is CMDB Workspace?

CMDB Workspace is the control room.
You use it to check CMDB health.Find missing or wrong data. See relationships between CIs. Monitor duplicates

Important things to know:
Overview → overall health
CIs → list of CIs
Health → issues in data
Relationships → how CIs connect

5.What is CMDB Data Certification?
It’s a manual confirmation process.

Example:
“Hey Application Owner, please confirm this CI data is still correct.”

When do we use it?

For important applications during audits. Quarterly / yearly checks are used when automation is not enough.

4.How are duplicate CIs created & handled?

Duplicates happen when multiple tools send data. Identification rules are weak like same server is discovered differently

How ServiceNow handles it:

1. ServiceNow checks identification rules
2. If match found → update existing CI
3. If no match → new CI created
4. Duplicates are detected later
5. Admins merge or clean them

Best practice:
Prevent duplicates first instead of fixing later.

Final Summary

MID Servers = workers for discovery & integrations
Certificates = trust between systems
CMDB = clean inventory with owners
Workspace = monitoring dashboard
Duplicates = avoid early, fix later

Mohammed8 · 2 hours ago

@pavani_paluri

Great job !! answering all those questions

Regards,

Mohammed Zakir