Hello Everybody,

I have a challenge that I was wondering if other folks had encountered and had some advice for me.

Our Audit team has mandated that we separate sub-production from production environments; a network segmentation policy.   At some point, neither environment will be able to "talk to each other".

In terms of discovery, this would mean that I have a production ServiceNow instance with production MID servers doing production discovery and a sub-production ServiceNow instance with sub-production MID servers doing sub-production discovery - two separate systems, and no single system of engagement, or single version of the truth.

Our goal (ITSM) is to have all CI data (sub-production and production) in one place to manage cost, maintenance, etc. in the production instance.  

I am not able to have a sub-production MID server talk to the production ServiceNow instance, so I am wondering what other options there are, or a way around this.

I see a few options:

Option 1:   Do nothing, i.e, maintain the two discovery solution for sub-production and production, but not attain the goal of one system of engagement, one version of the truth.

Option 2: Utilize some sort of ETL, or Web Service to pull discovery data from the sub production SN instance and then populate the production SN instance.   This would enable the goal of one version of the truth, but has cost in terms of software, maintenance, added complexity etc.

Option 3:   Seek an exception to the network segmentation policy and utilize a sub production MID server to feed the production ServiceNow instance.   This is not likely to be approved.

Has anyone else encountered this situation, and are there other potential options/solutions?

Thanks everyone.

Best,
Jeff