EUC devices discovery

Sudharshan Mohi
Tera Contributor

Hi Team - We have EUC devices(Desktop, Laptops, Tablets) to be discovered as part of deliverables. Would like to understand what is the best approach procs and crons if we have to go proceed with any one of the below options.

1) Credential based discovery

2) Agent based through ACC

 

7 REPLIES 7

Appli
Mega Sage
Mega Sage

Hi, I would suggest second - ACC, as in this case credentials for agent hosts do not need to be stored on the instance. Plus, end-user devices are usually hardened according to company security policies where all inbound connections are closed by default; making agentless discovery under these conditions may be very challenging exercise.

Hope it helps

Hope it helps

David104
Tera Guru

There are some great use cases for ACC on EUC devices, but depending on what level of detail you require from them, something like an SCCM or InTune Servicegraph connector might be the easiest to implement and maintain.

If you are licensed for End-User devices though, ACC is definitely an interesting proposition. As mentioned already, ACC has the advantage of not requiring admin credentials to be used, and firewall configuration may be simplified because all of the traffic comes from the device via one port.

The other nice thing about ACC is that there is the integration hub spoke available which will allow you to initiate activities easily on the devices from ServiceNow flows, or even collect 'live' data from a device during a support call for example. Take a look at the 'Live CI View' app on the ServiceNow store for an example.

https://store.servicenow.com/sn_appstore_store.do#!/store/application/cfa5ce8377cb3010f1acee1b8d5a9944/19.0.1?referer=%2Fstore%2Fsearch%3Flistingtype%3Dallintegrations%25253Bancillary_app%25253Bcertified_apps%25253Bcontent%25253Bindustry_solution%25253Boem%25253Butility%25253Btemplate%26q%3Dacc&sl=sh 

My understanding is that ACC doesn't quite do everything that IP based discovery does (yet), but it is pretty close, and for EUC devices, it will generally collect more than you need. There seems to be a lot of development happening on the Agent also and some of the 'enterprise ready' features around managing, upgrading and securing the agent appear to be getting some focus

Sudharshan Mohi
Tera Contributor

Thanks all for the support. Would like to know if we proceed with credential based discovery for EUC what all devices can be discovered ? Appreciate if we have more info on this.

If you are heading down the IP (credential) based path, the types of devices supported is much larger than via the Agent - but you can take a hybrid approach also if it makes sense.

The ServiceNow docs have a pretty comprehensive list of technologies that can be discovered here -> https://docs.servicenow.com/bundle/sandiego-it-operations-management/page/product/discovery/reference/data-collected-by-itom-visibility.html

Regards,

David