Will Azure PaaS Discovery use MID Server? What's the mechanism?

Kiana Yu · ‎07-17-2019

I have some questions regarding ServiceNow Cloud Discovery, especially for PaaS discovery.

For IaaS discovery, should it be done under Discovery module by providing specific IP ranges like what we do for on premise devices? Noticed the cloud discovery document mentioned 'The Discovery plugin includes the necessary components from Cloud Management to perform cloud discovery.' What about PaaS discovery schedule? Is it under Discovery module or Cloud management module?

Is Azure PaaS based discovery initiated from MID Server too? Wondering why we need the MID Server during the PaaS discovery, ServiceNow is on cloud, and Azure is also on cloud, why do we need to go back to MID Server that was hosted on a server?

If we need to go through MID Server, I guess it is still a different way against scanning for on premise devices? Does Azure PaaS discovery use probes or patterns or does it only use Azure APIs? Does it probe each PaaS resource? Is it to pull out resource list from each subscription that was configured in cloud management? Is it directly from Azure portal or any other websites that Microsoft stored the Azure resources?

Ganesh Bhat · ‎07-18-2019

Hi Kiana Q.Will Azure PaaS Discovery use MID Server? What's the mechanism? A. Yes. Azure discovery uses mid server to connect to Azure endpoints. As you can see in this documentation, mid server helps you to be inside customer network and perform discovery without having to explicitly open firewalls. Mid servers also can be clustered and hence helps you to get better performance. https://docs.servicenow.com/bundle/geneva-it-operations-management/page/product/mid_server/concept/c_MIDServer.html Q.Will Azure PaaS Discovery use MID Server? What's the mechanism? A.Yes. Same as above. Mid will help you to get inside network and perform discovery, many times you don't want to open firewalls just for discovery from your network, mid can stay within your VPC and discover. Q.For IaaS discovery, should it be done under Discovery module by providing specific IP ranges like what we do for on premise devices? Noticed the cloud discovery document mentioned 'The Discovery plugin includes the necessary components from Cloud Management to perform cloud discovery.' What about PaaS discovery schedule? Is it under Discovery module or Cloud management module? A. It's under Discovery module. Cloud management does only IaaS discovery such as Network, VM, Security Group, Subnet, LB etc. Q.Is Azure PaaS based discovery initiated from MID Server too? Wondering why we need the MID Server during the PaaS discovery, ServiceNow is on cloud, and Azure is also on cloud, why do we need to go back to MID Server that was hosted on a server? A.Yes.

View solution in original post

Ganesh Bhat · ‎07-18-2019

Hi Kiana Q.Will Azure PaaS Discovery use MID Server? What's the mechanism? A. Yes. Azure discovery uses mid server to connect to Azure endpoints. As you can see in this documentation, mid server helps you to be inside customer network and perform discovery without having to explicitly open firewalls. Mid servers also can be clustered and hence helps you to get better performance. https://docs.servicenow.com/bundle/geneva-it-operations-management/page/product/mid_server/concept/c_MIDServer.html Q.Will Azure PaaS Discovery use MID Server? What's the mechanism? A.Yes. Same as above. Mid will help you to get inside network and perform discovery, many times you don't want to open firewalls just for discovery from your network, mid can stay within your VPC and discover. Q.For IaaS discovery, should it be done under Discovery module by providing specific IP ranges like what we do for on premise devices? Noticed the cloud discovery document mentioned 'The Discovery plugin includes the necessary components from Cloud Management to perform cloud discovery.' What about PaaS discovery schedule? Is it under Discovery module or Cloud management module? A. It's under Discovery module. Cloud management does only IaaS discovery such as Network, VM, Security Group, Subnet, LB etc. Q.Is Azure PaaS based discovery initiated from MID Server too? Wondering why we need the MID Server during the PaaS discovery, ServiceNow is on cloud, and Azure is also on cloud, why do we need to go back to MID Server that was hosted on a server? A.Yes.

Kiana Yu · ‎07-19-2019

Ganesh, for PaaS discovery, when saying 'Mid will help you to get inside network and perform discovery', I still don't quite understand why we need to use MID Server. Is it only to initiate the discovery pattern and to import data into CMDB in an easier way? We do not have any internal resources to reach right?

And when we are doing PaaS discovery, which website are we reaching to get PaaS resources information? For example, our company is now focusing on Azure resource. So for this scenario, when I'm opening the firewall, which destination DNS/IP should I enter?

Thanks!

Jayant Kaushal · ‎07-19-2019

Kiana,

All Cloud API calls go through mid and that is by design.

this way you can control all the traffic going outside service now through a single tunnel for various security reasons.if you make direct calls through Instance, for specific calls you will have to put specific security rules in place.which might not be scalable as your APIs increase.

Also, you might have proxies configured which can be configured on mid only once and all your outbound traffic will honour those.

Here is the link which can help you understand what API calls are being made for PAAS discovery.

https://docs.microsoft.com/en-us/rest/api/sql/databases

Pistle · ‎10-08-2020

Microsoft is taking a very different approach to edge storage than Amazon Web Services (AWS). Azure Data Box Edge and its ruggedized Azure Stack are Microsoft's first branded enterprise servers. However, under the unassuming faceplate, the two products use a Dell EMC server chassis.