MID Server in DMZ - What could an attacker do with the MID Server (java service) if they were able to compromise it?

cynlink1
Tera Expert

‎02-07-2022 02:18 PM

I recently proposed adding a MID server to our DMZ to discover a server we want to include in an application (service) map. My security team had multiple questions, but I was hoping to get feedback from the community on the following:

  • What could an attacker do with the MID Server (java service) if they were able to compromise it?
  • What are ServiceNow's recommendations related to MID servers to mitigate the risk(s)?

Thanks in advance,

-Cyn

 

Labels:
0 Helpfuls
  • 1,370 Views
6 REPLIES 6

cynlink1
Tera Expert
In response to doug_schulze

‎02-07-2022 04:15 PM

Hi Doug,

Thanks for the words of wisdom. 

I agree that using the Agent Client Collector would be a better option than having to create and maintain CIs. However, it is my understanding that it does not support our service mapping initiative. Can you please confirm my understanding? 

Thanks,

Cyndi

 

0 Helpfuls

doug_schulze
ServiceNow Employee
ServiceNow Employee
In response to cynlink1

‎02-07-2022 04:27 PM

Yes, since the agent doesn't run patterns yet that could put a damper on that option.