ServiceNow Asset Classification Details

This article summarizes what types of asset attributes can be enriched from our connector with ServiceNow CMDB, and the benefits of using that enriched data in policy.

 

ServiceNow Integration with Elisity

Our Integration is designed to provide two major benefits: 

  • Provide contextual data from CMDB into CCC to help our SecOps user persona to understand operational context about a device 
  • Enable customers to distinguish rogue devices from enterprise-managed and apply differentiated policies to them. By rogue devices, we mean devices of types that we have accurately identified – but which may not be owned or managed by our enterprise customer. 

ServiceNow integration is similar to our Medigate integration in overall operation.

There is one minor difference. When we discover a new endpoint, we will take attributes MAC and IP which uniquely identify the device and query ServiceNow. If MAC and IP together do not have a match in ServiceNow, we will query with MAC address alone, and finally the IP alone.

To reiterate, when a new device comes online, Elisity will query ServiceNow with the following attributes in order of precedence. 

  1. MAC + IP Address
  2. MAC Address
  3. IP Alone

 

Attribute Mapping

Below is a map of how attributes map from ServiceNow to Elisity's Cloud Control Center.

 

 

Additional Considerations

Admin-initiated refresh of device info from ServiceNow: 

Cloud Control Center will query ServiceNow for new information every 24 hours. Any devices learned by Elisity prior to the Connector being configured will be automatically scheduled for enrichment during the next 24 hour cycle and based on their attachment timestamp. 

Deployment Order: 

If ServiceNow functions are deployed after Elisity, admin-initiated refresh(es) will need to be triggered from CCC when the CMDB has been populated. 

If ServiceNow is used prior to an Elisity deployment and the CMDB is populated, admin intervention should not be necessary.  

 

Was this article helpful?
0 out of 0 found this helpful