Firewall Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-25-2018 07:34 AM
Can we discover firewalls, certificates and appliances using servicenow OOB discovery..?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-25-2018 07:54 AM
Firewalls, appliances can be discovered by SN Discovery. OOB probes & patterns interrogate lots of different types of target devices, but to specifically answer your question the makes/types of devices needs to be articulated... your question is very broad, too broad to state that "OOB discovery" can/can't do it.
Review the list of OOB probes for London here https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/reference/r_ListOfDiscoveryProbes.html and types of data collected (OOB by London) here https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/concept/c_DataCollectedByDiscovery.html
As always, you can add your own probes or patterns - or expand upon OOB probes/sensors/patterns per your needs.
Does this help?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-26-2018 04:52 AM
Certificates is another question. I could imagine you can use Configuration File Tracking within the Patterns to do this, but SN isn't a dedicated Cert or Key mgmt tool.
Information on tracking configuration files is here - https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/concept/tracked-config-files.html
Further, while it may be simple to discover certs for something like Apache where the PEM files are in clear text, you may have to write some custom pattern steps to discover Certificates that are inside a Java Keystore.
You could add a Custom Operation that leverages Java classes to interact with them.
The Custom Operation code would include something like this...
var ks = Packages.java.security.KeyStore.getInstance("JKS", "SUN");
If this sounds like too much for you, perhaps speaking with a Professional Services partner would help you gauge the Level of Effort involved. There is an X509 Certificate table in the system, and you are able to use it if you know how.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-01-2020 01:02 PM
Hi,
Have you been able to capture certificates that are inside Java keystore?
Servicenow store recently release below store application to capture certificates that running under pre defined ports but it does not support certs inside java keystore.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-15-2019 03:09 PM
Could you please suggest your use case to discover Firewall in more deatils?
What specifically do you want to discover?
Have you already written any customization?