Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

ServiceNow

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
INFOBLOX & SERVICENOW INTEGRATION TEMPLATES, DEPLOYMENT GUIDE & DEMO VIDEO.
[ Edited ]
Moderator
Posts: 84
Registered: ‎06-21-2017
Moderator
Moderator
Posts: 69

Hello,

 

Infoblox and ServiceNow: Modernizing the IT service management outlook

By consolidating your on-premise IT tools to a modern, easy-to-use service management solution in the cloud.

 

  • Resolving Network Issues at light speed:

Eliminate calls before they occur with self-service, proactively prevent issues by assessing product or service health in real time, and engage the right resources to fix issues fast.

 

  • Consumerize the Employee Network Experience:

Provide a single place for network and security teams to quickly and easily get the HR services they need.

 

  • Build Business network and security decisions at light speed:

Automate processes and orchestrate actions across the network enterprise, reuse components and integrations, and delegate application development with easy-to-use resources and drag-and-drop tools.

 

  • Eliminate network Service Outages:

Proactively identify network and security issues and pinpoint disruptions with automated orchestrate remediation.

 

In the attached documents you will find the templates for the ServiceNow integration in PDF and txt format. The templates are provided “as-is” and should be tested in your lab environment and modified as needed before implementing them into production.

 

The templates require extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level.

 

Extensible Attributes

Description

ServiceNow_LastIncidentSentAt

Provides the last time an asset sent an incident to ServiceNow.

ServiceNow_Add_Incident

True or False. Defines if an object should create an incident on ServiceNow.

ServiceNow_Event_ID

Provides the Incident number of the last Incident sent to ServiceNow.

ServiceNow_SYS_ID

Provides the unique ID of the asset on ServiceNow.

ServiceNow_Sync

True or False. Defines if and asset should be added to ServiceNow when created.

ServiceNow_SyncedAt

Internal attribute. Provides the time that an asset was created on ServiceNow.

ServiceNow_Table

Internal attribute. Provides the ServiceNow table that an asset was added to.

ServiceNow_Location

Custom field. Determines the location field for the ServiceNow table upon creation.

 

Re: INFOBLOX & SERVICENOW INTEGRATION TEMPLATES, DEPLOYMENT GUIDE & DEMO VIDEO.
Moderator
Posts: 84
Registered: ‎06-21-2017
Moderator
Moderator
Posts: 69

Security Incident Response (SIR) differences from Incident Management:

 

  1. SIR simplifies identification of critical incidents and provides workflow and automation tools to speed up remediation

 

  1. With SIR, teams can create customized workflows based on your organization’s own security runbook to ensure company best practices are followed

 

  1. With SIR, It’s Easier to view and track response tasks that run in parallel. The system will remind assignees if their tasks aren’t completed on-time per Service Level Agreement (SLA) thresholds, or it can escalate tasks if necessary

 

  1. SIR will speed up response and allow your security team to spend more time hunting complex threats by automating basic tasks, including approval requests, malware scans, or the retrieval of running processes

 

  1. SIR has a security knowledge base (KB) which adds additional information, and relevant KB articles are automatically associated with incidents for reference.

 

  1. With SIR, all activities in an incident lifecycle, from analysis and investigation to containment and remediation, are tracked in the platform. Once an incident is closed, assessments are distributed across the team and a time-stamped post-incident review is automatically created as a historical audit record.
Re: INFOBLOX & SERVICENOW INTEGRATION TEMPLATES, DEPLOYMENT GUIDE & DEMO VIDEO.
New Member
Posts: 7
Registered: ‎01-17-2018
New Member
Posts: 6

Where do I find the Service Now Templates?

Re: INFOBLOX & SERVICENOW INTEGRATION TEMPLATES, DEPLOYMENT GUIDE & DEMO VIDEO.
Adviser
Posts: 171
Registered: ‎09-09-2015
Adviser
Posts: 81

They are attached to the first post

New Member
Posts: 7
Registered: ‎01-17-2018
New Member
Posts: 6
Thanks, saw them just after I posted...


Pete Newcomb

Pre-Sales Systems Engineer

Infoblox

pnewcomb@infoblox.com

978-500-6244

[cid:2f83291b-5e04-4c7e-be11-1d59a081c6d4]






DNS For Dummies
Re: INFOBLOX & SERVICENOW INTEGRATION TEMPLATES, DEPLOYMENT GUIDE & DEMO VIDEO.
[ Edited ]
Moderator
Posts: 2
Registered: ‎02-20-2018
Moderator
Moderator
Posts: 4
 
   In continuation to the integration above and to address the newer NIOS 8.3 enhancements,  two new templates are added in this post. NIOS 8.3 has enhancements to outbound features; notification rules now support Security ADPSchedule, and Object Change Discovery Data event types. For more information on NIOS 8.3 notifications, see Configuring Notification Rules.
 
Attached in this post are the Security ADP templates for creating incidents as well as the Discovery template for creating incident or security incidents. Also, attached is the updated deployment guide for NIOS 8.3. Security ADP and Object Change Discovery Data are the two additional notifications handled in these templates. For the discovery template, setting the external attribute, ServiceNow_Discov_AllNew to “true” will create incidents for all managed and unmanaged devices.  Setting it to “false” will only create incidents for unmanaged devices. The type of incident created, security or no-security - is controlled by the external attribute, ServiceNow_Discov_AddSecurInc.
 
Additional External Attributes for the templates are as below:
 

Extensible Attributes

Description

ServiceNow_Discov_AddSecurInc

True or False. Defines if a Security incident should be created for a Discovery event.

ServiceNow_Discov_AllNew

True or False. Process and create incidents of discovery events for all devices or only unmanaged.

 
 
The templates are in PDF and txt format and are provided “as-is”.  It is recommended that any desired changes be tested in your lab environment and modified as needed before implementing them into production.
Showing results for 
Search instead for 
Did you mean: