MID Server internal connectivity requirements

The three methods used for discovering various devices on a network are SSH, WMI and SNMP.

SSH is used for accessing UNIX-like machines. Discovery logs into a machine with SSH and runs commands within an encrypted session to gather system information. Orchestration logs in to UNIX and Linux machines using SSH to perform Workflow activities. WMI is used by Discovery for Windows based machines and is used for querying the remote WMI protocol on targets for gathering of Windows information. Orchestration uses PowerShell to run activities on Windows machines. And lastly, SNMP v1/v2c/v3 is used on various network devices (Routers, Switches, Printers) by Discovery and Orchestration. Detailed information is listed below about these methods.

Note: The requirements in this page are specifically for the use of MID Servers with the ServiceNow Discovery and Orchestration products.

SSH - UNIX

For UNIX-like machines, Discovery and Orchestration use SSH protocol, version 2 to access target machines. SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. SSH communicates on port 22 within an encrypted datastream and requires a login to access the targets using two available methods of authentication: a user name and password combination and a user name and shared private key. Specify SSH authentication information and type in the Credentials module. If multiple credentials are entered, the platform tries one after the other until a successful connection is established or all are ultimately denied. To provide for application relationships a limited number of SUDO commands must be available to be run. Additional details to these requirements can be found in UNIX/Linux commands requiring root privileges for Discovery and Orchestration.

WMI - Windows

For Windows machines, Discovery uses the Windows Management Instrumentation (WMI) interface to query devices. Due to security restrictions for WMI, the MID Server application executing the WMI queries must run as a domain user with local (target) administrator privileges. When Discovery detects activity on port 135, it launches a WMI query. The response from the Windows device is sent over a Distributed Component Object Model (DCOM) port configured for WMI on Windows machines. This can be any port. Ensure that the MID Server application host machine has access to the targets on all ports due to the unique nature of the WMI requirements.

Windows PowerShell

PowerShell is built on the Windows .NET Framework and is designed to control and automate the administration of Windows machines and applications. Orchestration uses PowerShell to run Workflow activities on Windows machines. PowerShell must be installed on any MID Server that executes these activities. MID Servers using PowerShell must be installed on a supported Windows operating system. ServiceNow supports PowerShell 2.0 and 3.0. Orchestration activities for PowerShell require a credentials Type of Windows.

SNMP - Network

For network devices, Discovery uses a SNMP scan to get device specific MIBs and OIDs. SNMP is a common protocol used on most routers, switches, printers, load balancers and various other network enabled devices. Use a "community string" (password) for authentication when scanning a device via SNMP. Many devices have an out-of-box community string of public which Discovery (by default) uses when querying a target. Define additional community strings in the Credentials module which are tried in succession, along with public, until a successful query returns. In addition to the credentials, the platform also requires the ability to make port 161 SNMP requests from the MID Server to the target. If Access Control Lists (ACLs) are in place to control the IP addresses that can make these queries, ensure that the IP address of the MID Server is in the ACL. ServiceNow Discovery supports SNMP versions 1 and 2c.

WBEM

Web-Based Enterprise Management (WBEM) defines a particular implementation of the Common Information Model (CIM): , including protocols for discovering and accessing each CIM implementation. WBEM requires either of two ports, 5989 or 5988 and uses the HTTP transport protocol. WBEM supports SSL encryption and uses CIM user name/password credentials. ServiceNow Discovery launches a WBEM port probe to detect activity on the target ports and to append gathered data to a classification probe that explores CIM Servers.