No any credential is created for security device
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2025 05:57 AM
Hi team,
There is one change request where for one CI credential issue is coming, after discussion change owner confirmed that the mentioned CI is virtual appliance for security device and for that there is no any credential is created for this device by Unix team.
So, could you please help me to understand how to scan this security device in CMDB table?
Thanks in advance!!
- Labels:
-
Discovery
-
Orchestration (ITOM)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2025 11:27 PM
Hello @Shraddha Dube,
Please refer to the below links:
https://noderegister.service-now.com/kb?id=kb_article_view&sysparm_article=KB0657528
OR
-
MID Server:You can use a MID Server (Managed Integration Device) to scan devices within a specific network segment, including those that might be air-gapped.
-
Air-gapped Systems:For air-gapped systems, you might need to generate a report or file on the device and then manually import it into ServiceNow.
-
Discovery Engine:ServiceNow's discovery engine can automatically identify and classify security devices based on their configuration and features.
-
Integrate with Security Tools:You can integrate ServiceNow with external security scanners (like Nessus or other third-party tools).
-
Data Connector:Connect your ServiceNow instance to the security scanner to import vulnerability and configuration information.
-
Security Suite:In ServiceNow, you can create and configure security suites to align with your specific scanning requirements.
-
Scanning:Run scans regularly to identify security vulnerabilities and misconfigurations, and automatically map the findings to the corresponding CMDB records.
-
CI Class:Choose the appropriate CI class in ServiceNow's CMDB for the security device (e.g., "Firewall", "Intrusion Detection System").
-
Table:The specific table you use will depend on the CI class. You might need to create a new table or extend an existing one if the security device doesn't fit into an existing category.
-
Vulnerability Classification:Use vulnerability classification rules to categorize vulnerabilities based on your organization's perspective.
-
Assignment Rules:Set up rules to automatically assign vulnerabilities to relevant teams or workflows.
-
Remediation:Plan for remediation actions based on the discovered vulnerabilities and configuration issues.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2025 11:30 PM
Which platform they are hosted? As it is virtual you will have to cloud discovery to get the information.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2025 01:15 AM
Hi Pratiksha,
It is not about cloud discovery, we have one CI which is Security/ virtual appliance without any credential configuration? so my que is like how to discovered it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-30-2025 02:26 AM - edited 05-30-2025 02:27 AM
You have option to go for credential less discovery. I personally dont recommend it. Can you check with security team how do they login to this devices? I mean the protocol. Most of the appliances connect via snmp or ssh. If possible share the model details for the appliances you are trying to discover.