We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More

ALgosec Integration with Service Now

Not applicable

What are the pre requesites to start the Algosec integration with servicenow.

3 REPLIES 3

rakshith_shetty
Tera Contributor

@Community Alums  did you get answer for your question ?

mathewsebastian
Tera Contributor

Did a research and spoke with few who done this before and verified the below details 
 from claude
Prerequisites: AlgoSec + ServiceNow Integration

AlgoSec side

  • AlgoSec Security Management Suite (ASMS) installed and running — specifically FireFlow, which is the component that handles change request integration with ITSM tools
  • FireFlow is the AlgoSec component that integrates with ITSM solutions such as ServiceNow — Firewall Analyzer alone is insufficient AlgoSec
  • FireFlow must be network-reachable from the ServiceNow instance (or MID server if on-prem)
  • A dedicated service account on AlgoSec with sufficient permissions to create and manage change requests
  • Inbound REST API calls are enabled by default on FireFlow; SOAP is more broadly supported than REST for record queries and manipulation — confirm which protocol the chosen integration method requires 
  • FireFlow web services API accessible at the base URL

ServiceNow side

  • ITSM (Change Management or Request Management) module active on the instance — the integration centres on change requests
  • A dedicated integration service account in ServiceNow with appropriate roles (at minimum itil and web_service_access_only; avoid admin)
  • The integration between ServiceNow and AlgoSec is set up via a web services call — so the ServiceNow instance must allow outbound HTTP/HTTPS to the AlgoSec ASMS IP
  • AlgoSec FireFlow plug-in / scoped app installed from the ServiceNow Store (if using the native app route rather than custom REST integration)
  • If on-prem AlgoSec: a MID server deployed in the same network segment with connectivity to the ASMS host

Network / connectivity

  • Port 443 (HTTPS) open bidirectionally between ServiceNow and the AlgoSec appliance
  • If AlgoSec is on-prem and ServiceNow is cloud-hosted: MID server required, or a firewall rule permitting ServiceNow's outbound IP ranges to reach the ASMS appliance
  • DNS resolution or static IP entry for the ASMS host

Credentials and authentication

  • AlgoSec service account credentials (username/password) for session-based API auth, or API token if configured
  • ServiceNow OAuth application registry configured if using OAuth rather than basic auth for the reverse direction (AlgoSec calling ServiceNow)

Process and governance prerequisites (often missed)

  • Agreement on system of record: which system owns the change request lifecycle — typically ServiceNow creates the CR, AlgoSec executes and validates
  • Firewall change request templates defined in FireFlow before integration — the API requires a named template at ticket creation
  • Change Management workflow in ServiceNow mapped to AlgoSec status transitions (submitted → in progress → implemented → validated)

mathewsebastian
Tera Contributor

AlgoSec's detailed integration guide requires a customer portal login at Algosec portal. If you do not have access, raise it with your AlgoSec account team