Updated: Feb 1, 2021
In this week’s Share the Wealth video, Mike Desmond of GlideFast Consulting gives an overview and demonstration of Discovery in ServiceNow.
Why Discovery?
Clients want to leverage Discovery for a number of reasons. It can help eliminate service outages and it is important to get ahead of outages by understanding what is in your database and environment.
The core of Discovery is helping users to create and maintain an accurate CMDB. CMDB drives asset management, change management, audit and compliance, security operations, and automation.
Discovery serves as a prerequisite for SAMPro, which leverages the information gathered by Discovery.
Service-Aware Operations Management
Service Management is people/process/service-centric. Operations management is infrastructure-centric.
Once the configuration items (CIs) are discovered, users understand how the items are configured and how applications and dependencies work. Application dependency mapping is a part of the discovery process that gives users insight into elements that are interconnected.
What is Infrastructure Discovery?
ServiceNow infrastructure discovery is an agentless method of populating your CMDB with relevant hardware and software assets within your enterprise environment. It uses a phased approach to remotely discover all your IP-based devices, such as computers, servers, network devices, storage devices, and printers. With our platform, we map specific Application-to-Host and Application-to-Application dependencies.
Discovery Life Cycle
Scan — Shazzam probe launched. Scan defined IP’s ranges. Identify active devices and port numbers.
Classify — Determine device type. Launch probe/pattern against active devices. Gather additional information.
Identify — Collect additional information about classified devices. Check CMDB for matching CI.
Explore — Probe devices for detailed information. Process results and update CMDB.
Discovery Architecture
The types of discovery architecture are agentless, extensible, and scalable. This leverages the MID server, which is a lightweight secure data collector for outbound communication, using 128bit SSL. This is outbound only as it communicates to the server one-way.
Cloud Discovery
Large vCenter Support — Near real-time discovery of vCentr. Parallel processing of discovered CIs.
Near real-time discovery for AWS and Azure — Detect changes made outside of ServiceNow Cloud Management. Event triggers creation and updates of appropriate CIs/relationships.
Roadmap — Discovery of additional cloud providers.
Application Dependency Mapping (ADM) in Discovery
Application dependency mapping (ADM) creates relationships between interdependent applications. ADM identifies:
The devices that are in communication with one another.
The TCP ports these devices are communicating on.
The processes that are running on these devices.
Discovered Application Relationships
Discovered Application Relationship was previously called “Business Service Maps” (BSM) before ServiceWatch/ServiceMapping. It is called “Application Dependency Mapping” (ADM) in the product. Discovery maps application data automatically into upstream and downstream relationships. These types are available:
Runs on::Runs
Depends on::Used by
Hosted on::Hosts
Virtualized by::Virualizes
Contains::Contained by
IP Connection::IP Connection
Discovered Infrastructure
Below is a list of different components that can be discovered in the following categories:
Computers, Clusters, and Virtual Machines — AIX Computers, ESX Servers, HPUX Computers, Linux Computers, Linux Kernel-based Virtual Machines (KVM), Mac Computers, Netware Computers, Solaris Computers, Solaris Zones, Virtual Machines, VMware vCent3er, Windows Computers
Hardware Devices — Dell DRAC, Load Balancers and Load Balancer Proxy Software, Network Printers, Routers, Storage Devices, Switches, Uninterruptible Power Supplies (UPS)
Web and Database Servers — Apache Web Servers, General Software Packages, HBase on UNIX, JBoss Servers, Microsoft IIS Servers, Microsoft SQL Servers, MongoDB Instances, MySQL Servers, NGINX Web Servers, Oracle Databases, PostgreSQL Instances, Tomcat Servers, WebLogic Application Servers, WebSphere Servers
Other Technologies — Amazon Web Services (AWS) Cloud, Connections, IP Networks, Puppet Automation Software, Relationships, Services/Daemons
Discovery Standard Ports
Below is a list of standard discovery ports:
TCP
135: WMI for Windows Systems including Power Shell discovery
22: SSH for potential Unix Systems
80/443: HTTP/s for potential Web servers
427/5989: SLP and WBEM for storage via CIM (SMI-S)
5480: VMAPP for vCenter appliance
UDP
161: SNMP. Discovery sends a single OID query (sysdescr) searching for a response from potential network devices.
53: DNS. Discovery queries the locally configured DNS server to resolve the name of each IP address.
137: NetBIOS. Discovery queries the local domain to resolve the name of an IP address.
Interested in working with experts like Mike? Reach out to our team. We would love to learn more about your ServiceNow challenges and how we can help your organization build better solutions.