Logical Security

To protect the instances and data within the ServiceNow Nonstop Cloud, we have implemented specific logical security zones. These zones are logically separated and protected using logical access controls. The three primary zones are as follows:

  • Internet Services Layer: The first zone of the architecture includes network routers, switches, load balancers with integrated network firewalls, and intrusion detection systems. These devices are deployed in a fully redundant configuration to provide the highest possible availability in the event of a failure.
  • Application layer: The second zone isolates the application servers, installed in a discrete network segment inaccessible from the Internet. The servers in this zone host the application nodes for each of your ServiceNow instances. They serve as the termination point for all inbound requests from users of those instances. 
  • Database layer: The third zone contains the database servers that have host‑based firewalls. In our multi‑instance architecture, each database server runs one or more unique database processes assigned to a customer instance.