Domain separation and Threat Intelligence Security Center

  • Release version: Zurich
  • Updated July 31, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Domain separation and Threat Intelligence Security Center

    Domain separation is fully supported in Threat Intelligence Security Center (TISC), allowing ServiceNow customers to logically segregate data, processes, and administrative tasks into distinct domains. This separation ensures that users only access data and configurations pertinent to their assigned domains, enhancing security and data governance in multi-tenant environments.

    Show full answer Show less

    How Domain Separation Works in TISC

    • All base system configurations are initially provisioned in the global domain.
    • In domain-separated instances, an explicit Setup TISC button appears in the TISC Administration module to clone global domain configurations into specific domains.
    • Customers should only modify or enable domain-specific configuration records, avoiding changes in the global domain to maintain separation integrity.
    • Platform notification rules provisioned globally must be cloned into target domains and enabled per domain to ensure proper notifications within separated environments.
    • All ingested data and configurations remain isolated to their respective domains, preventing cross-domain data access.

    Configuration and Administration

    • Domain separation requires the installation of the Domain Support - Domain Extensions Installer plugin.
    • Domain columns are added to all base system application tables to support data segregation at the platform level.
    • The platform’s domain separation capabilities extend to business logic and processes, allowing both instance owners and tenant domains to administer their respective configurations as supported by the platform.
    • The TISC Setup page in the Administration section provides access to domain separation views and management.
    • For dashboards using Performance Analytics indicators, specific procedures are outlined in a knowledge base article to ensure domain separation compatibility.

    Key Features

    • Standard support includes domain-aware application properties and business logic tailored per tenant (service provider scenario).
    • Full domain separation for all TISC tables and features, ensuring complete data and configuration isolation.
    • Supports multi-tenant use cases, such as enforcing tenant-specific administrative controls (e.g., record closure comments required in one tenant but not another).

    Practical Benefits for ServiceNow Customers

    • Enables secure multi-tenant deployments within a single ServiceNow instance by isolating customer data and processes.
    • Allows instance owners and tenant administrators to configure and manage domain-specific settings independently.
    • Improves compliance and governance by preventing unauthorized data access across domains.
    • Simplifies administration through domain-aware configurations and clear separation of responsibilities.

    Domain separation is supported for Threat Intelligence Security Center. Domain separation enables you to separate data, processes, and administrative tasks into logical groupings called domains. You can control several aspects of this separation, including which users can see and access data.

    Support level: Standard

    • Includes all aspects of Basic level support.
    • Application properties are domain-aware as needed.
    • Business logic: The service provider (SP) creates or modifies processes per customer. The use cases reflect proper use of the application by multiple SP customers in a single instance.
    • The instance owner must configure the minimum viable product (MVP) business logic and data parameters per tenant as expected for the specific application.

    Sample use case: An Admin must be able to make comments required when a record closes for one tenant, but not for another.

    For more information on support levels, see Application support for domain separation.

    Overview

    Domain separation is enabled for all the features of Threat Intelligence Security Center.

    How domain separation works in Threat Intelligence Security Center

    • All the configuration related records that are provisioned in the base system are shipped in the global domain. In case the instance is domain separated, users would see an explicit button Setup TISC under the Administration module of the TISC workspace. Click on this button to clone the base system provisioned global domain configurations into the respective domains.
      Figure 1. Domain Separation
      TISC Domain Separation
      Note:
      Users should only enable or modify domain specific configuration records and should not enable or modify configuration records in the global domain.
    • Couple of platform notification rules (sysevent_email_action) are provisioned in the base system, these notification rules should be cloned into required domains and only domain specific notification rules need to be enabled.
      Note:
      For more information on the rules notifications, navigat to System Notification > Notifications and filter for all the global domain notification rules defined on the tables starting with name sn_sec_tisc to understand how users can identify the base notification rules that are provisioned in the base system.
    • All the configurations and data ingested will be specific to each domain, which means that users from one domain will not be able to access data from other domain.
    • Configure a domain-separated environment with this application by installing Domain Support - Domain Extensions Installer plugin.
    • There are domain columns added for all the base system application tables.
    • Using the Platform provided functionality the tenant domains manage their own application data.
    • The business logic and processes that can be domain-separated by instance owner is same as what Platform supports.
    • The business logic and processes that can be administered by tenant domain is same as what platform supports.
    • You can access the Setup page from the Administration section. Click on the link provided under the Administration section to view the domain separation view.
    • To support the domain separation for the widgets using Performance Analytics (PA) indicators in the TISC Home dashboard, refer to the KB article KB1647990 for detailed procedure.

    Domain Separated tables

    All the tables are domain separated.

    Use cases

    All features of this application are domain separated.