Hello Experts,

We are using ServiceNow discovery to discover devices and applications in our internal network + resources hosted in the Cloud (Azure). Our Infra team has reached out asking us to confirm the below:

'We need to apply NSG rules on all windows servers, we would need the application specific IP address & ports to be allowed at the NSG for the respective VM’s'. Further they say 'We will be applying the deny rules post applying the allow rules, so request to provide the all valid ports & IP addresses to be connecting to the servers.'

We have until now shared with them the IP Address ranges from the discovery schedules that we are using for 'Configuration Items' type of discovery. I have also shared with them the below page from Docs site:

https://docs.servicenow.com/bundle/tokyo-it-operations-management/page/product/discovery/reference/r_DiscoveryPortsAndProtocols.html

Can someone confirm if that is the correct info to share with them? And what about Cloud discovery (I have limited knowledge on the topic)?

Regards,

Kunal