Can we discover the web applications using SAM in Servicenow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-17-2022 03:27 AM
We can discover the installed software on systems/devices using SAM . Here my doubt is , can we discover the web based applications (access through links) using same set up or any other ways for this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-17-2022 07:01 AM
I'm not aware of a way to 'discover' web based traffic to websites that require a login and subscription
If your organization has fronted the website with an enterprise authentication service (sso), ServiceNow has connectors to grab usage information from the SSO (Azure or Okta) for that software subscription (website).
See the link below
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-17-2022 07:08 AM
Hi Priya. Here is the list of pre-designed API integrations into SaaS applications (referred to as "spokes"). ServiceNow also offers API tools to create custom connections for SaaS products that have an appropriate API to discover utilization. However, not all SaaS applications have this (LucidChart, for instance, has refused to open up user licensing to API, requiring only SCIM provisioning access which doesn't effectively describe licenses assigned upon query). ServiceNow has said it will continue to build its library of API connections, similar to other SAM solutions. And I do believe ServiceNow's ability to dynamically set up integration profiles is an advantage in the SAM market.
There is no clear integration into CASB or other web filtering tools that is out of the box with ServiceNow yet. Those ambitious enough to set up the structure to import such data as a custom data source are welcome to try, and there are several ways to accomplish this. However, just because you access a web site doesn't mean you have a license, and doesn't really even mean you are actually using the application that has the license. You may just be reading their blog or reviewing their pricing. To effectively record application traffic, you need to know in every case what constitutes active use. That is why all the SAM tools have been so slow in solutioning SaaS application utilization consistently, let alone any sort of general discovery.
Your goal is not to upload these to the Software Installation table, but rather the Subscriptions table. This means you not only need the product assigned but the person assigned. You also benefit from knowing the last login or last access date (Last Used).
The best approach today, even in San Diego, is to have a diverse approach to SaaS / web app utilization data management.
- Where possible, use the spoke connections in SAM Pro/Enterprise.
- Where you have devs that can develop a custom connection, make those API integrations that will achieve subscription license assignment (and hopefully last login).
- Where you have a report from a SaaS admin portal, format it appropriately and upload it to the Subscriptions table.
- As a last option, do whatever other reporting and data gathering to validate active subscriptions with assignment and upload them to the Subscriptions table.
- Once all of that is in the Subscriptions table, reconcile and make sure to allocate the subscription to the appropriate Subscription metric entitlements.
