Discovery Fundamentals

Challenges for an organizations ERP system includes identifying all the most important devices, assets, and critical infrastructure that are used for service delivery. This is important for managing important compliance requirements such as licenses on different devices, or it could mean promptly implementing IT service management within the correct layers of the CSDM.

The scheduled maintenance to the Configuration Management Data Base (CMDB) is often best handled by the ServiceNow Discovery Application. The CMDB contains a series of tools and views that facilitate its health optimization in ServiceNow. Data can come into the CMDB in a variety of ways, using any of the methods in the image below is dependant on the needs of the organization, the volume of data and various other factors.

However, if an organization has many on-premise IT assets which fulfil service requirements, then this is where Discovery and the usage of MID Servers are highly effective.

MID Server

A MID Server is a simple piece of Java software created by ServiceNow that is installed on the customer side to access any device with an IP address. The MID Server allows communication to a ServiceNow instance via the External Communications Channel (ECC) queue, which is an asynchronous messaging system for handling scalability and performance on large amounts of data.

Events in the ECC queue are also used by the ServiceNow instance for the creation and update of the CMBD records. The ECC queue also enhances fault tolerance by decoupling the communication between MID Server and ServiceNow instance.

How Discovery Works

1. Instructions are placed in the ECC Queue as output probes.
2. MID Server monitors the ECC queue for jobs to be worked on.
3. The MID Server interrogates devices for information, according to probe instructions.
4. The MID Server reports responses to the interrogation as an input record on the ECC queue.
5. An XML payload of the input record payload is processed, updating the CMDB accordingly.

The Discovery Phases

Four distinct phases are sequenced in the Discovery process to populate the CMDB. This is all facilitated through the MID Server via the organizational firewall, which then can communicate with ServiceNow through the ECC queue.

Scanning is simply putting out a large batch scan on the ports within an IP address range. It is looking for any open ports by using what is called a Shazzam probe, and returns results to the ECC queue in ServiceNow.

The classification phase is, as the name suggests, trying to determine the device type. During the classification phase, discovery patterns are also determined for the following phase; identification.

During identification, Discovery is trying to determine if a result in the ECC queue relating to the CMDB is already in existence. This is important for consistency and avoiding duplicate records.

The last phase is the exploration phase where once a CI or asset has been correctly identified, more specific information can now be probed to further populate attributes on the record in the CMDB.

Types of Probes used in Discovery

Discovery uses different types of probes depending on which phase discovery is currently engaging in.

Shazzam Probe ?

Completes batches of port scans, produces an XML payload showing IP address, Ports open/refused, Banners, Host names.

Classify Probe ??

Categorizes specifically what type of device responds successfully to port scan. Computers are classified by operating system, network devices are classified by functionality (power, print, switch, route).

Identification Probe ??

Once classification has taken place, a horizontal pattern probe specifies which pattern to launch. Important to note that patterns run during identification and exploration phases, whilst probes run during all phases.

Exploration Probe ??

Once classification has taken place, a third round of probes can be sent out to get more specific information about a device. These probes and discovery patterns launch based on the CI classification.

Horizontal versus Vertical Discovery

Another important concept in Discovery is the difference with horizontal and vertical discovery. From the image you can see that horizontal is striving to cover breadth of CIs, whereas the vertical Discovery is concerned with relational dependencies amongst the CIs.

Both are important as one tells ServiceNow what is there, the other tells us how they are related to each other. You can see how vitally important it is to get this right as it gives accurate visibility of the CIs, and this would be used for reporting, IT Service Management, and maintenance on the CMDB for those CIs most critical to service delivery.

These are some of the important topics in getting started with ServiceNow Discovery. Now you too can be a superhero in Configuration Management health for on-premise systems!

Shazzam!!