Webinar Q&A: How a Healthy CMDB helps you deliver great service quality

QUESTION

ANSWER

Could you please define Business Service

ServiceNow has defined key terms and concepts for modeling in what we call the Common Service Data Model (CSDM).  Download the CSDM white paper here.  

i can see two classes in CMDB. Business Applications and Business Serivces. What's the difference ?

ServiceNow has defined key terms and concepts for modeling in what we call the Common Service Data Model (CSDM).  Download the CSDM white paper here.  

Are there any documented "best practices" to properly align config management and event management?

Event Management aligns with configuration management by binding events to configuration items.  You can read the doumentation here:  https://docs.servicenow.com/bundle/london-it-operations-management/page/product/event-management/reference/r_EMHowAlertsBindCI.html.

It my understanding the Service Mapping is at the Application Level

Service Mapping is all about relating Business Services (cmdb_ci_service_discovered) classes to infrastructure Cis. These are primarily hardware (cmdb_ci_hardware) and software application (cmdb_ci_appl) configuration items.  This is what at ServiceNow we mean by "Application Level".

How you deal with a rapidly changing Estate ? We are Cloud only

This takes a bit of explaining, and it is not as straightforward as it could be - but it all comes down to what your GRC requirements are.  Some data is sensitive - customer, health, financial, even export controlled and where ever this data is used is an auditable environment which requires full traceabilty.  Most application teams use real data when developing and testing, so every place sensitive data is used is auditable - not just production.  The rest of this response assumes that the environments discussed require full traceability.   If you are using microservices / containers, the execution of any single container is a separate CI.  In fact, that executing container cannot even be a CI, because it cannot be changed.  The container is a piece of code, which is called, it executes, and terminates.  No chance for a change to be made means this is NOT a CI.  What is the CI in this instance is the source code of that container.  What version of that code was being used when the container fired is the traceability requirement here.  In the rare case where you might have something like a database running as a container, you may have to record those as separate CIs due to software licensing capture.  In these types of environments, full traceability often comes from a combination of the application log, container and orchestration tools, and the CMDB.  Auto-scaling servers is a bit different - in these environments each server is a separate CI which must be dynamically created in the CMDB and appropriately retired when the auto-scale event is over.  This is a more rigorous traceability requirement than containers since each server has unique data processing configurations.

ServiceMapping needs a lot of technical expertise in ServiceNow ServiceMapping and poses a lot of challenges as the organizations adoption of different tools and technologies are customized and do not confirm to ServiceNow mapping patterns. Can you provide some learnings and experiences to optimize the effort required for ServiceMapping?

It is recommended that any new customer for Service Mapping hire consulting services with the expertise in ServiceNow Discovery and Service Mapping.  This way, this specialist can focus on a successful initial deployment and will know how to work through the challenges as quickly as possible and also deal with whatever other tools or solutions need to be integrated with ServiceNow.  This will optimize the effort required for Service Mapping.

How does ITOM 'see' alerts on individual components?

ITOM Event Management receives events from monitoring tools.  The events must have a node name of the configuration item on which the event was triggered (e.g. IP Address or server name).  Event management then searches the CMDB for the host name that matches the node referenced in the event.  It then creates an Alert in ServiceNow that is then bound to that CMDB component.  At this point, you will be able to understand all the Alerts for that configuration item.  You can read the doumentation here on how this works:  https://docs.servicenow.com/bundle/london-it-operations-management/page/product/event-management/reference/r_EMHowAlertsB

Service Now ITOP -- is this another module or process?

A typing error. - ITOM (IT Operations Management) is one of the business units within ServiceNow.

Is ServiceNow IT Operations Management (ITOM) required for establishing a CMDB?

No. When we refer to ITOM, that is a business unit within ServiceNow which owns the CMDB, discovery, service mapping, cloud management and event management applications. You can build and leverage a CMDB without these tools, but our software makes this a lot easier due to them being designed to work seamlessly.

"Identify services outages more quickly" seems to be more related to a monitoring tool than CMDB, isn't it? But for sure with the CMDB the impact of the issue can be more quickly assessed

ServiceNow Event Management correlates events from multiple monitoring tools.  It can be used in conjunction with automated service mapping, which associates infrastructure CIs with business services..  In doing this, it enables users to discover that detected issues from monitors are affecting a particular business service.  Thus, we are detecting an outage in a business service faster and can then resolve the issue faster.

What if we did start populating our CMDB discovering everything, can we then revert this ?

To clean this up, retire the data you don’t need.  Don’t delete - just in case you have audit trails on the CIs you arent managing going forward.  Focus only classes you need to focus on to support your use cases.

Slide 14 has a typo. "you're on track?"

Thank, John. Good catch. 🙂 Hope you're enjoying the webinar.

How do you create a report in ServiceNow to present all downstream incidents and changes that roll up to a parent CI (regardless of how many levels down components are)

There is no "canned" way to get the information you are looking for.  There may be a way on the Madrid release: there are new capabilities for building CMDB Query Builder reports, such as being able to query to two relationship levels, storing the results sets (now capable of massive file sizes), and the ability to run additional queries on those stored results sets.  I did not see any of our engineers build a report to such a scale, but I do believe this is possible to build if you want to.

Did we have standard CMDB implementation plan with standard test cases for servicenow for any organisation.

No we don’t have a standard implementation plan per se, but reach out to me via email and I will help you out with some materials.

How do you clean up a CMDB if it already has too many classes?

To clean this up, retire the data you don’t need.  Don’t delete - just in case you have audit trails on the CIs you arent managing going forward.  Focus only classes you need to focus on to support your use cases.

Does servicenow have a recommended taxonomy for cmdbs?

In general, if something is electronically discoverable, use the default CI classes that ServiceNow discovery uses.  If you dont know what those are, email me for that info.  If it is not discoverable, we recommend you follow what we call the Common Service Data Model (CSDM).  Download the CSDM white paper here.  <need link>  This white paper defines key terms and concepts for modeling in the CMDB.

Would you consider using an integration layer (like Mulesoft, etc) to standardize the discovery effort?

You certainly can use tools like Mulesoft and it makes a lot of sense for some organizations.  ServiceNow also recognizes this need and we have product engineering improvements along these lines currently under development.

When determining what CI classes are in scope, how much does the node count limitation impact the end goal?

The number of CIs, whether it is 1,000 or 100,000,000, is not important at all.  What is important is to make sure you have indentified all of the CIs that your organization needs to deliver it's products or services as a CI. 

Did we have any standard process by servicenow for maintaining the accuracy of data in CMDB.

There are two kinds of data in the CMDB: discoverable and non-discoverable.  If something is electronically discoverable, then all of that data should be read-only in the CMDB. There is no sense having people editing data that will be overwritten the next time the CI is discovered.  The data pushed into the CMDB from properly configured discovery tools is always accurate as of the moment the data was collected.  And since ServiceNow has recently improved the capability to allow you to easily run discovery for any item on demand, 100% accurate information is always available.   Non-discoverable CI data is generally considered to be more strategically critical since it is used to supply business context to the compute infrastructure. Department name, business process, what are the chargeback / billing codes, is something on your disaster recovery plan, is there a start-up sequence for this application, etc. - non-discoverable data in our customers CMDBs simply does not change frequently.  For non-discoverable CI data, we highly suggest you leverage the Proposed Change feature in the ServiceNow Change Management application to ensure that changes to this critical data are done in a proactive manner.  For most organizations, this means that way less than 5% of your changes per year will require anyone to do anything to maintain CMDB data.  So, you see having the goal of 100% accuracy is achievable.  This is true for CI data under configuration control - but the average CMDB usually provides visibility to a lot of related data.  Users of your CMDB must understand what data is 100% and what data is not managed by configuration management but visible in the CMDB (and thus not likely to be 100% accurate).  

Suppose we move a bunch of critical CIs from our Storage systems (volumes, snapshots, file shares, etc). What would be a reasonable expectation of the Storage team to keep their CIs and relationships healthy?

Any data coming from an electronic discovery source is automatically maintained and available on-demand.  No one has to anything to maintain it once discovery is properly configured.  There are a critical few CI attributes and relationships which cannot be discovered which must be maintained manually.  This data does not change frequently, so time demands are minimal.  It is entirely reasonble to have the Strorage team be responsible and accountable to maintain their non-discoverable data.   That said, storage is one area where people are more likely to go overboard than types of technologies.  For example, I just saw a customer who was discovering file systems as CIs and had spent a tremendous amount of resources to capture and track this in their CMDB.  And yet, they had no use for it - no use case they were supporting which needed that info.  They never opened an incident against a file system, a problem, or a change request...  Before you dig too deep into the art of what is possible, look into what use cases need what data about those technologies... In my example, file system data could be collected anytime in an ad-hoc manner so no requirement for that data to be maintained in the CMDB.

What is the relationship to IT Asset Management in these recommendations?

Asset Management must be in place to support configuration management.  These disciplines share data, but there are differences in governance, data quality and the life cycles of an asset vs a CI.

How do we discover Services? -- I thought these were manually defined...

Yes, services are manually defined.  Please refer to the Common Service Data Model, which defines how ServiceNow defines services. <link>  Services are manually defined.  Service Mapping begins at what is termed an "entry point"; i.e. a running service on a device with an IP address (service in this context is a running program: FTP, SFTP, etc.) Service Mapping discovers all of the infrastructure "below" the entry point.  The relationship between the Service and the entry point CI is manually defined.

What is the overlap between CMDB and Enterprise Architecture? As an e.g. information on infrastructure would be used by both.

Lets take an example Enterprise Architecture use case, where in managing your data domain you need to know where financial information (SOX) is in use.  Think of seeing a dependency map where this data domain element is mapped to the services and underpinning technology CIs where it is in use.  ServiceNow is on the journet to implement a complete data model for your services, including support for enterprise architecture artifacts and use cases.  We call this the Common Service Data Model.  You can find the CSDM white paper <here>.

How frequently should discovery be done?

This depends on how often the organization requires the data in the CMDB to be refreshed.  Most customers run full discovery scans once a day although some companies are OK doing scans only once a week.

what 3rd party tools ServiceNow supports/works with on CMDB discovery?

ServiceNow Horizontal discovery doesn't depend on any 3rd party tools.  Here is the documentation on the 3rd party hardware and software components captured by discovery: https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/concept/c_DataCollectedByDiscovery.html

Does Service Mapping require manual approval before the services are fully mapped?

It is recommended that each service map be validated by a subject matter expert to ensure that the map is complete. Since the Kingston release, Service Mapping has an approval process built-in to help customers validate the service maps using ServiceNow to manage the process.  This is an optional process so customers can track whether or not a service map has been validated.  Service Maps are only "fully mapped" when all components that make up a business servicer have been identified.

How do you perform an automated vertical discovery without a horizontal one first?

Automated vertical discovery runs independently and does not require horizontal discovery.  It runs from an entry point to identify the different target servers that are part of a business service.  It leverages the exact same discovery technology in ServiceNow as Horizontal Discovery but you do not need to run any Horizontal discovery scans first for Service Mapping scans to operate successfully.

what are the network requirement like permission, firewall access etc for implementing the vertical discovery.

For Service Mapping discovery (vertical discovery), there are no additional network or firewall permissions needed between the MID Server and the target servers or network devices other than what is already required for Horizontal Discovery.  The requirements are the exact the same as with horizontal discovery.   The MID Server is not logging into the application being discovered.  It is discovering the components of the application by logging into the computers at the operating system level.  So, it will log into Unix/Linux machines over SSH (port 22), Windows WMI (ports 135, and above 1024) and SNMP for network devices (port 161).

Is Horizontal and Vertical discovery and either/or choice, or does SN recommend utilizing both in some enterprises?

For most customers, we do advocate the use of the Discovery and Service Mapping applications.  This is driven by the use cases. If the organization wants business impact analysis, we recommend service mapping.  Horizontal discovery will populate the CMDB for inventory.  Customers can do either one or both.

How does service mapping know what specific components make up a service?

This is computed by the configuration of the software components it discovers.  Service Mapping starts at an Entry Point, usually a URL.  From this URL the software application running on each server is identified, usually because it is listening on the port of the server to which the entry point is connecting.  For example, if the url points to https://192.168.1.1:8080, then service mapping will look at whatever process is running on port 8080 on the server at IP Address 192.168.1.1.  It will identify the software application from the process and will then run the pattern associated with that software application.  In the pattern, it wll look for configuration files or network connections that show the dependencies for that software to identify the other components of the application.  It repeats this process until it has identified the entire business service.  For custom applications that it does not recognize, the customer can define custom patterns.  Read this documentation for more information: https://docs.servicenow.com/bundle/london-it-operations-management/page/product/service-mapping/concept/service-mapping-get-started.html

Can ServiceNow Discovery apply priority to key ci's that are mission critical in the delivery of services?

No, you have to assign priority using an attribute.  Discovery has no understanding of the context of how something is deployed.  It is possible to build the behaviour you are looking for by assigning your services a priority (using an attribute), and using business rules to inherit the priority value (using dot walking) to the child CIs.  The catch comes when a CI is shared across two or more services (and those services differ in priority).  That situation requires the business rules to apply the highest level of priority from all services a CI is supporting.  Possible, have seen it done, but requires a bit of effort to build and maintain.

Can you utilize both horizontal and service mapping vertical discovery?

Yes, the two products are designed to work together and complement each other.

Striving to maintain 100% CMDB health seems to be a daunting task. What is the average health percentage for the ServiceNow customer base?Striving to maintain 100% CMDB health seems to be a daunting task. What is the average health percentage for the ServiceNow customer base?

There is no average health percentage for our customer base for a wide variety of reasons.  Our customers have different priorities, approaches, scope, and even quality measurements themselves differ.  Some understand it takes a sustained configuration management capability, and not just a CMDB, to sustain quality data.

At wat tme durung the implemtation of a CMDB do you consideusing (or activating) automtaed discovery? Can you walk through a tyupical use of the tool during a CMDB deployment project?

We recommend deploying automated discovery in the beginning (phase 1) project of the CMDB because it is nearly impossible to accurately populate a CMDB without automation.  This must be done carefully, though. Automated discovery does not guarantee an accurately populated CMDB.  You must understand the hardware and software in your data center and understand how automated discovery will try to discover those components, what attributes it will pick up and how it will uniquely identify each component.  Every data center is different and while automated discovery tools try to anticipate what will work best, this still needs to be reviewed by the configuration management team.

Are there ways to automate the QA of the CMDB or is it mostly a manual governance process

You can leverage desired state audits and compliance scripts / jobs that are part of the CMDB Health Dashboard.

Was that last dashboard custom or provided OOTB? I don't recall seeing it on our site. thanks!

The CMDB Health Dashboard is provided OOTB but it does need to be configured.  Please see this documentation for further information: https://docs.servicenow.com/bundle/london-servicenow-platform/page/product/configuration-management/concept/cmdb-health-dashboards.html

Is there any reason NOT to combine the Configuration Management Manager role with an IT Asset Management role, other than the differences in the technical versus fiscal knowledge, skills, and abilities?

You certainly can combine those roles, but I would typically advise against it - unless you are a very small organization.  The nature of the work for these disciplines is quite different - configuration management is much more strategic in efforts whereas asset management is more focused on day-to-day ongoing efforts.  In my experience when combining these two roles, neither get the full attention they require.  If you would like to discuss further, please reach out to me: drew.hart@servicenow.com

Does the CMDB health give you reports on recent changes to Configuration Items?

This information can be obtained using the CMDB Query Builder.

Do the CMDB dashboard reports need to be purchased as a separate module. or are they enabled and active by default?

No.  The CMDB Health Dashboard and other CMDB reports are included in ServiceNow at no additional charge.  They are activated by default.

Can you automate a health check cleanup? Removing duplicate or stale CIs, or sending alerts on incomplete CIs?

You can leverage desired state audits and compliance scripts / jobs that are part of the CMDB Health Dashboard.

how to automate this duplicate, stale CIs cleanup task.

You can leverage desired state audits and compliance scripts / jobs that are part of the CMDB Health Dashboard.

Is there a recommendation for determining the necessary maturity level for ServiceMapping?

The only maturity level needed for customers to begin with Service Mapping is that they have a requirement for the CMDB to have the relationship between business services and infrastructure components.  This requirement should be understood at a management level in your organization in order to support the effort.  In order to proceed successfully, an organization must have the expertise to use Service Mapping and meet the technical requirements (MID Server, credentials) for a successful deployment.

Can you speak about CMDB vs Desired State. Does ServiceNow perform a difference evaluation between these items? If so, how is Desired State tracked?

Please refer to our product documentation on this topic: <https://docs.servicenow.com/bundle/madrid-it-business-management/page/product/application-portfolio-management/task/run-desired-and-scripted-audits.html>

Can you speak a little about the differences in process and governance between an Asset Mgmt DB and the CMDB?

Process differences are life cycle related.  An asset life cycle begins with a request and ends with disposal.  The life cycle of a CI begins when the CI is deployed into scope for configuration control and also ends with disposal.  Asset management uses service requests and configuration management leverages the Request for Change (RFC) mechanism of change management.  They share some data elements, which is why the asset database and the CMDB are architected to work together on ServiceNow.

What are the prerequisites for automated mapping?

In order to do automated service mapping, a MID Server must be setup that can access all servers on which the business applications are running and valid credentials must be entered that can access those servers at the right level.  Please read this documentation for more information:  https://docs.servicenow.com/bundle/london-it-operations-management/page/product/service-mapping/concept/service-mapping-setup.html

How do we quantify the staff requirements needed for properly maininting a CMDB?

Unless you are a very small organization, I always recommend at least two resources for configuration management.  But many organizations dont have the appropriate understanding of the day-to-day efforts of these resources.  Reach out to me so we can discuss this and I will share job descriptions and such: drew.hart@servicenow.com  

MTTR - please define

Mean-time-to-repair.  A common metric used in incident management.

I'm the proud new owner of a CMDB which has been evolving at our company over the last 4 years. In other words, there's lots of history, data discrepancies, and inconsistent use of relationships. What would you recommend as an approach to make it healthy? Where to start (bottom up, top down, etc)?

A CMDB reboot has a number of challenges.  First is changing the culture of untrusted data.  Then re-align efforts to your strategic goals.  A main cause of quality data issues is the lack of organizational accountability and responsibility, so you will need excutive sponsorship to get people to be accountable and responsible.  Configuration management must be scoped, designed and governed appropriately.   I would suggest that reach out to the SN Account Executive or SN Solution Consultant assigned to your account and discuss the possibility of participating in a configuration management workshop we have available.  There are a number of SC's accredited to deliver this workshop in each part of the world.

how to regain the trusted data. did we have any standard cases for CMDB by servicenow.

A CMDB reboot has a number of challenges.  First is changing the culture of untrusted data.  Then re-align efforts to your strategic goals.  A main cause of quality data issues is the lack of organizational accountability and responsibility, so you will need excutive sponsorship to get people to be accountable and responsible.  Configuration management must be scoped, designed and governed appropriately.   I would suggest that reach out to the SN Account Executive or SN Solution Consultant assigned to your account and discuss the possibility of participating in a configuration management workshop we have available.  There are a number of SC's accredited to deliver this workshop in each part of the world.

How many people does it take to support a CMdb? Do you have any rules of thumb based on the number of CIs?

Unless you are a very small organization, I always recommend at least two resources for configuration management.  But many organizations dont have the appropriate understanding of the day-to-day efforts of these resources.  Reach out to me so we can discuss this and I will share job descriptions and such: drew.hart@servicenow.com

Any suggestions on data maintenance and validation when you do not have any CMDB Health reports?

We suggest this basic strategy: if data is discoverable it should be read-only in your CMDB.  There is no sense in making people edit attribute fields which will be overwritten the next time discovery updates the CMDB.  The remaining data, which is not discoverable, should be updated using the Proposed Change feature in our Change Management application.  Setting up the CMDB Health Dashboard is really pretty simple, and will have a powerful impact to communicate the data quality issues you are trying to address.

I assume CMDB updates should be included in the change process. Assuming full CI/CD automation, how do you suggest these updates be implemented/triggered?

Refer to our product documentation on the CMDB SDK (solution development kit) and the CI lifecycle management API.  Consider this example: you have a critical application running in the cloud and your cloud hypervisior performs a v-motion in order to move this workload to a physical device with more resources available.  These events from your cloud provider can call these APIs keep the CMDB up to date - and in near real-time.  Now, please keep in mind that not everything that runs in your cloud should be a CI - there are rules for what can be / cannot be a CI.  For additional details, please reach out to me via email: drew.hart@servicenow.com.

Is there a way to use the Data Certification module so that tasks are created based on 'manage by' and not on CI name

In the Data Certification module, CIs are selected by their display fields and assigned to users for certification.   “Managed by” is not an OOTB field in the CMDB but it can be added and then would be available for display on the CIs assigned to a user for certification.

When new requirements or use cases arise, is it difficult to "backfill" necessary attributes and relationships that weren't picked up during initial discovery or service mapping? We are just getting started and aren't sure how much careful, up-front planning we need to do versus just getting something useful in the database and refining it as we go.

My advice is to start simple and stay as near to "out-of-the-box" as you can.  If something is discoverable, use the default CI classes it maps to.  FYI, in my time with ServiceNow, I have not talked with a customer who needed to add attributes to these default classes.  Not saying that it never happens, but it is rare as these have been vetted over the years by our customers.  Non-discoverable data is where you need to do your analysis of your use cases to identify the data you need.   The only real difficulty in adding attributes later is when you are adding a required field.  If you may find that you dont have the required data for every CI readily available, a decision is needed to how to approach populating this field.  Option 1) wati till you have all the data for all the CIs before you add it.  Option 2) implement as a recommended field giving people a "grace period" to collect and add the data.  For option 2, leverage the CMDB Health Dashboard to track your progress on populating this data.

Are there any How To

Yes, we have the materials that can help you those tasks including ebooks, white papers, example documents, and workshops <link(s)>. 

DO you have TCO models that canbe used to help jusify the project work to implemnet a CMDB?

To my knowledge, there is only one economic study of configuration management.  A white paper published by the Institute of Configuration Management stated that without proper configuration management practices in place, your organizaition spends 40% of labor on "corrective actions".  If you would like a copy, please email: drew.hart@servicenow.com

Deleting CI’s will create orphan relationships so its understood its discouraged. Is being Stale, sufficient enough to justify deleting a CI? And is it safe?

We do not recommend deleting CIs - retire them.  Also, you can set business rules so that the operational state attribute cannot be changed to retired if there active CI-to-CI relationships.   A CI being marked as stale is not justification to retire a CI.  Recommended action is to open a task assigned to the CI owner to investigate why is it not being discovered.  It could be a PC that has been off the network due to a vacation, perhaps changes to firewall rules prevent discovery from accessing the subnet, etc. 

drew, what are the key skills needed on the cmdb team?

First and foremost: configuration management training.  This is a discipline, like testing for example, and you and your team should have more than what the ITIL books can provide.  For the configuation manager you want a strategic thinker, practical in approach, and technically aware.  For analysts and specialists, you should look for folks who are detail-oriented with analytical / requirements gathering skills.  Remember, the configuration management team is responsible for the design and delivery of configuration management services to the organization: not updating data... 🙂

Any concerns with data integrity in terms of updating CMDB to newest version?

We have no concerns of data integrity during upgrades. 

Hi - How would you suggest linking CMDB CIs with Asset Management perspective?

Asset Management underpins a successful configuration management caapability.  So, the ServiceNow CMDB and Asset Management applications are engineered to work together, including sharing data elements.  There are configurations you can enable / disable to allow the automatic creation of a CI record when as asset record is created, or create an asset record when a CI is created, or both can be enabled.

How often should a CCB meet?

A mature CCB should probably meet quarterly.  At first, you might meet more frequently as you are initially implementing configuration management.  Of course, there may be issues which arise which require an ad-hoc meeting from time to time.  Email me if you want an example copy of a CCB charter: drew.hart@servicenow.com

What if you have already "dumped" a bad discovery session into your CMDB and there is a lot of useless data in there?

You can test your identification rules are working properly before you commit them to your CMDB.  Please refer to this article in our product documentation: https://docs.servicenow.com/bundle/madrid-servicenow-platform/page/product/configuration-management/concept/identification-simulation.html

What are pros/cons of federated data model for CMDB?

Pros: a federated model may be the only option available given technical boundries and organizatinal barriers.  Cons: often designers do not consider failure mode analysis (i.e. what use cases can still be performed if >part< of the CMDB is down?) and have considered the GRC raminfications for definitive systems of record / segregation of duties.  They are significantly more technically challenging to build and maintain.  They also require a much broader span across the organization from a functional role perspective: one Configuration Manager sets direction for technical support teams of the federated CMDBs across any and all organizational reporting structures.

How could we utilize CMDB in an environment of a University IT department?

In my work with other universities, their IT department needs are generally the same as every other IT organization.  Visibility into operational environments, a contextual business model, infosec / risk mitigations, asset management / software licensing, underpin IT service managment processes, etc., are all operational needs of any IT department.  Email me and we will discuss how other universities go about this: drew.hart@servicenow.com

can you kindly let me know what if our organization does not have service mapping configured , what would be the best condition for orphan rule ?

Consider these ideas: what CIs are not related to another CI?  Or what CIs do not have an association to a business owner (an assignment group for a business area (not the CI owners who respond to incidents, implement changes. etc.))?  

what you think about the approach to implement CMDB, Service Map and EM at first and then implement IM and PM at later stage?

Yes, that seems a reasonable approach.

Are there any specific How To's to on setting up Business Services to Application/Infrastructure Services and relating them to Software Models and relationships to CIs?

Suggest you read our materials on the ServiceNow Common Service Data Model materials for how our recommended approach.

We use Discovery today. We manually create the business service to infrastructure mapping today. We think Service Mapping would help us. How do we know we are ready? Is there a level of maturity our CMDB should be at before we take on service mapping?

Suggest you read our materials on the ServiceNow Common Service Data Model.  After reading those, ask yourselves if those are use cases your organization sees value in.  If you have Discovery up and running, most of the heavy lifting of setting up Service Mapping is already in place, but please consider whether your CMDB is capturing events / changes from your cloud providers, CI/CD tools, etc. - as you need to have a CMDB as near to real-time as possible. 

What companies are doing CMDB really well and can we talk with them?

Reach out to your ServiceNow account executive and we wil find other customers for you to talk with.

How does SNOW treat asset management database and CMDB?

ServiceNow has been known in the past as SNOW, so not sure if you are asking about our solution or the solution from Snow Software.  Another webinar attendee asked a question related to how the ServiceNow CMDB and the ServiceNow Asset Management application are architected to work together, so that response may be the information you are asking about.

Do you recommend having fields open for multiple resources to update a data attribute fields in a particular class of CI? Or would it be better to keep all CI attributes "locked down" and only available to Configuration Management Team to update - using the Change management process to drive those updates.

Neither of your suggested approaches are recommended.  In a production instance, no one should have access to directly edit data in the CMDB, so consider this appproach: if something can be electronically discovered, it should be read-only in the CMDB.  If data cannot be electronically discovered, changes to that data should be done using the Proposed Change functionality in the ServiceNow Change Management application.

Actively, we are in the process of Horizontal agentless discovery based on IP addresses and are ready to share the report with the various CI owners for review/verification/validation of discovered CIs as part of the normalization process. However this requires role designation and there are so many roles available in servicenow. Is there a process or template as the best way to identify/align roles/CI owners/Process Owners... Thank you so much.

The ServiceNow Solution Consultant assigned to your account can help you determine the best ACL permissions for your organization.  Remember there are four general types of users for the CMDB: the CMDB tean themselves, CI owners, administrators (not just the ServiceNow CMDB, but the entire configuration management system (CMS), and a broader user community of analysts, project managers, infosec, auditors, change managers, service desk staff, etc...

Good example of how companies are sustaining CMDB data through the change management process?

If data is electronically discoverable, that data should be read-only in the CMDB.  Default behaviour in current release of the ServiceNow Change Management application is when a change is closed, Discovery will be initiated for the CIs associated to that RFC (if they can be discovered).  Additionally, a sinlge CI can be discovered on-demand from the CI detail forms. This addresss how to keep discoverable data 100% accurate.  For data that is not electronically disoverable, we offer the use of the Proposed Change functionality in the ServiceNow Change Management application - this can keep non-discoverable data 100% accurate.  This enables proactive changes to be prepared and reviewed in advance of the change being approved for implementation.  Once implemented, those changes are applied to the CMDB automatically when the change is closed.  

Can discovery help mitigate the impact of changes to the environment that bypassed the traditional change management process?

ServiceNow CMDB has a planned change verification script that automatically checks for a planned change request that matches a changed CI detected by Discovery or any other change.

Are there best practices for the manual aspect of maintaining the CMDB?

If data is electronically discoverable, that data should be read-only in the CMDB.  Default behaviour in current release of the ServiceNow Change Management application is when a change is closed, Discovery will be initiated for the CIs associated to that RFC (if they can be discovered).  Additionally, a sinlge CI can be discovered on-demand from the CI detail forms. This addresss how to keep discoverable data 100% accurate.  For data that is not electronically disoverable, we suggest the use of the Proposed Change functionality in the ServiceNow Change Management application - this can keep non-discoverable data 100% accurate.  This enables proactive changes to be prepared and reviewed in advance of the change being approved for implementation.  Once implemented, those changes are applied to the CMDB automatically when the change is closed.  

from your experience, what is the success rate of your scanning tool in providing a list of CIs, in both Horizontal and Vertical discovery?

The automated scanning is only as successful as it can be if the MID Server is setup and the network allows access to discovering these Cis and that there are valid credentials entered that allow access to discovering the Cis.  This applies to both horizontal and vertical discovery.

Where are the best online resources on how to address stale CI's?

Set up the CMDB Health Dashboard to trigger a task (with associated workflow) assigned to the CI owner to investigate why the CI is stale.

Our CMDB dashboard reports do not work ... data is from 2 years ago ... how do we fix them?

You should open a service request HI ticket and ServiceNow support will be able to help you reset your CMDB Health Dashboard Data.  It will most likely involve emptying out the data in the CMDB Health Result table but it might be necessary to run some scripts to clean up the data.

How do we normalize the CMDB? Get rid of the noise?

Normalization of data involves ensuring that data values in a field are all in the right format even if they have the same value.  For example, in a memory value field for a server, the value might be stored as either 1024 Megabyte or 1 Gigabyte.  Both are the same value but expressed differently and this could cause problems in CMDB reports.  ServiceNow has a normalization plug-in that can be activated and then scripted to ensure that data written to a field is normalized to the right format.  For existingdata that may be in the wrong format, you will need to query the records that have the incorrect data and either manually fix it or write a script to do so.

Is there a significant enhancement in CMDB from Jakarta to London?

Significant performance improvements await you in London, and more with the upcoming release of Madrid.  Additionally, features like CI Class Manager, CMDB Health Dashboard, CMDB Query Builder have a much richer feature sets.  Additionally, how services are stored and represented in the CMDB were changed in London to support the Common Service Data Model.

Can you provide links to help articles/videos on using the CMDB daskboard

https://docs.servicenow.com/bundle/madrid-servicenow-platform/page/product/configuration-management/concept/cmdb-health-dashboards.html

Is the health dashboard a readily available screen in SNow???

The CMDB Health Dashboard does require up front configuration for some metrics.  For example, you need to configure which classes you want measured in the dashboard and which attributes for these classes you want tracked for completeness.  Audits and Orphans must also be configured for any data to appear in these catagories.

I consistently fight CMDB Management between their ITIL objectives, and my need to have stronger CIs for better integration with Event Management for growing ITOM capabilities. Any recommendations?

I don't know what you mean by "stronger" Cis.  You certainly want CIs that accurately reflect the servers, network devices and software components running in your data center.  ServiceNow Event Management binds events collected from monitoring tools to CIs in the CMDB so it is important that you have CIs for every type of event you will receive from the monitoring tools for which you are collecting events.  You also need to make sure that the nodes specified in the events have the names that can be used to identify the CIs.  Sometimes, an event rule is necessary to refine the binding.

Is there defined process for completing quality assurance of your cmdb? What is our litmus test for ensuring accuracy?

The real test of accuracy of a CMDB are in the Use Cases that consume data from the CMDB.  For example, if the use cases are logging incidents on servers you want to make sure the server CIs are accurate, meaning that all the servers are in the CMDB and there are no duplicates and the attributes in the servers are completed and accurate and that the servers are verified as correct, then the data is accurate.  Achieving this requires regular quality control by the configuration management team.  A software QA approach needs to be taken to be most effective.

what's the easiest way to exclude CI's that are discovered out of the box but not needed (i.e. FC Disks, workstation memory modules)

In ServiceNow forms, you can setup a referential qualifier on the configuration item field and setup a filter that excludes CI classes that you don't want shown to users when they are presented with the form.  Or, more likely, the filter would include only those CI classes that you want made available to the users.  This approach should be applied for any reports or processes for users on the CMDB.

We have many 3rd party hosted vendor applications that feed our in-house developed applications. Our support teams want CI's setup as vendor hosted applications. Our Config Manager wants them setup as data centers. What is the best practice?

In the ServiceNow CMDB, running software applications are stored as a subclass of the application (cmdb_ci_appl) CI.  This is how software applications should be stored whether they are in house applications or vendor applications.  Custom CI classes for the vendor applications should be created under applications.

There is a datacenter CI type but this should be used for actual data centers.

In developing team, what skills is typically required? How does monitoring operate with other monitoring tools?

What a Configuration Management team needs first and foremost is configuration management training.  This is a discipline, like testing for example, and you and your team should have more than what the ITIL books can provide.  For the configuation manager you want a strategic thinker, practical in approach, and technically aware.  For analysts and specialists, you should look for folks who are detail-oriented with analytical / requirements gathering skills.  Remember, the configuration management team is responsible for the design and delivery of configuration management services to the organization: not updating data... 🙂  <richard>

can you explain a bit more about data policy ?

CMDB policies are an effective way for companies to enforce good practices for updating the CMDB data that will help ensure a more accurate CMDB that will better meet your use cases.  An example of a Configuration Management policy is to require that for each application and server entered into the CMDB, that the owner of that CI and the business purpose be documented as attributes into the CI.  If this policy is adhered to, the CMDB will now have more valuable information on each application and server other than their inventory information.

Does ServiceNow have a recommended set of Business/Technical services most often used by their customers?

Every customer has different business processes, customers, offerings, organizational structures, etc. - so there really are no standards per se.  Please make sure you are aligning to the ServiceNow definition of business services and technical services - all the details can be found in the materials of the Common Service Data Model <link>.

we have duplicate CI from discovery, how do we clean up?

The best approach is to identify the duplicate Cis and then identify the primary CI that you want to keep.  The duplicates should either be deleted or marked as retired so they never come up in reports or processes.  It is important to copy over any necessary data from the duplicates to the primary and update any references from other records such as incident tickets that reference the duplicates so that they now reference the primary.  ServiceNow introduced a CMDB CI duplicate remediation tool in the London release to assist with this.

he mentioned 3 kinds of data in a CMDB. I caught 2: discovery & manual - what is the 3rd? change req?

The data under configuration control stored in the CMDB can be described as discoverable and non-discoverable.  However, most commercial CMDB's used in the IT industry including ServiceNow's, contain related data that is not under configuration control.  This anciallary data is often essential to providing an integrated solution needed for effecient operational processes.  Consider, the CMDB may contain information regarding a support contract for a specific device.  The contract data is not managed with configuration management, it is simply there to expedite efforts. 

How to migrate from an existing CMDB implementation (another vendor)? Or is start from scratch the solution?

There are a lot of considerations for this decision, and every organization is unique.  Please reach out to your ServiceNow Account Executive or Solutions Consultant and have them contact me (Drew Hart) to arrange a call to discuss your situation.

how can we tell which items can be discovered and which ones cant?

Configuration items that cannot be discovered are those for which you can't run a command on an operating system or against an external server to discover the data.  Examples of this would be the user assigned to the CI or the department or the asset ID or the CI location.

Is CI Class same as CI Group ?

No, a CI class is a  group of the same kind of CIs within the CMDB. Consider: a CI class for Windows servers would contain individual Windows server CIs.  A CMDB group is a group of CIs from any CI class.  Consider: a CMDB group for all network gear on the second floor of the main office building. 

Is discovery a separate purchase?

Yes, ServiceNow Discovery requires separate licensing.  Discovery is licensed by the number of physical/virtual nodes you are discovering.

How often to organizations under estimate the importance of knowing the network breakdown when deploying Discovery?

We couldn't guess how many organizations don't discover the network relationships to servers but we do acknowledge that those organizations that do not understand the network relationships are limiting the benefit of their CMDB.

At what intervals do you recommend running discovery to help ensure the accuracy of our CMDB?

This varies by customer.  Performing discovery as often as possible would be preferable but is often not practical.  Typical customers perform a complete scan of their networks once a day to refresh all the data although some customers find that only once a week is necessary for their needs.  For an asset inventory, a weekly update may be sufficient.  For tracking CIs in operations, a daily update is recommended.  In addition, event based discovery is a good idea. This is where an event is received from a hypervisor like VMWare or a cloud provider to the ServiceNow instance when a change was detected.  This event would trigger a rediscovery of just that CI and can provide near real-time updates of the CMDB without the overhead of a complete network scan.

Benefits/challenges with Discovery w/o Service Watch or vice versa?

ServiceNow Discovery automatically populates the CMDB with an inventory of the infrastructure components (servers, network devices, software applications) with no business context to these components.  Vertical discovery populates the CMDB only with the infrastructure compnents that relate to specific business services.  So, the beneifts of Horizontal Discovery are the CMDB use cases that do NOT involve a business impact analysis (Asset management, compliance, dependencies between components) and the benefits of ServiceWatch discovery are those CMDB use cases that do involve a business impact (Change management business impact, Incident Management business impact, Event Management business impact).

If you only want to populate CI's you want to manage, how do you filter the other CI info out

You need to find a common criteria of the CIs that you want to manage and ensure that the attributes reflect this data.  If all these CIs assigned to a particular department and are these CIs tagged with the department name, then you have a useful criteria.  Perhaps they are CIs of a particular class or servers that are running certain software.  These queries can be setup in the CMDB query builder in ServiceNow and allow you to isolate those CIs that you are looking to manage.

Is the CI owner the business owner or the IT owner

The Technical Owner responds to incidents, performs changes to the CI, is responsible and accountable for the data in the CMDB.  The Business Owner approves changes and is responsible and accountable to verify the changes are correct, clear and complete (including changes to the data in the CMDB).