Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

Our Lumeta integration has passed ServiceNow's rigorous certification process and is available now in the ServiceNow Store. Search for "FireMon" or "Lumeta" to get started. 

In this implementation, Lumeta highlights missing network data for the ServiceNow "Orlando" platform (patch 7). ServiceNow then pulls this network data from Lumeta. Lumeta Cloud Discovery (aka Scanner) enables ServiceNow to pull cloud details from FireMon Lumeta as well. 

Here's how the integration works:

  1. ServiceNow initiates the first API call to Lumeta requesting a list of all third-party integrations configured on the Lumeta Command Center and the connection status of each. This screenshot shows the scheduled job that calls the underlying API to pull data from Lumeta. 


    The results display in this Lumeta Security Integrations dashboard in ServiceNow. It lists bundles of all third-party integrations configured on the Lumeta Command Center and the connection status of each.
     

  2. ServiceNow initiates a second API call to Lumeta to see the gaps. What does Lumeta know that ServiceNow doesn't?
    1. Did Lumeta identify a device lacking an agent such as McAfee or Carbon Black
    2. Did Lumeta find a device that ServiceNow hasn't scanned?  (Tenable, Qualys, Rapid7)?
    3. Did Lumeta discover a CIDR or IP that ServiceNow isn't aware of (Infoblox, BlueCat).

  3. For those whose "SNOW Status" is unmatched, ServiceNow generates an incident ticket––one incident ticket per third-party vendor such as McAfee and containing individual records for each finding (e.g., one row for each of the device at issue).



  4. ServiceNow security professional remediates the issue and marks the ticket as "completed."

  5. ServiceNow initiates a third API call to Lumeta to get an updated list of gaps.

  6.  Lumeta compares the current issue-status to the expected issue-status to validate that ServiceNow-fixed issues are demonstrably fixed. 

  7. Lumeta updates ServiceNow with the new status.


  8. In Lumeta, you can configure the ServiceNow integration to have Lumeta update ServiceNow at regular polling intervals, the cadence of which you set. This mechanism refreshes ServiceNow device details as often as you like, keeping them current. 

Populating CMDB Data

A second use case uses a similar API exchange to answer the question, "What has Lumeta discovered?" It shares with ServiceNow information about a device's profile, its status, and when it was first and last observed. It conveys timestamps and other network details to populate the Configuration Management Database (CMDB) within ServiceNow. 

About CMDB

Configuration Management Database (CMDB) is an IT model for the efficient support of services and whose purpose is to organize and manage Configuration Items (CI). 

Here's how it works:

  1. Lumeta queries ServiceNow at a regular interval and ingests CMDB data from ServiceNow, handling it as an external source.

  2. Lumeta compares data across the two systems.
  3. Lumeta pushes assets and attributes that are missing in ServiceNow to the ServiceNow server, which it populates the ServiceNow CMDB.
  4. Lumeta can push assets globally or by zone.

Lumeta Dashboards within ServiceNow

Lumeta Continuous Discovery
From Lumeta, each device profile, its status, first observed, and last observed timestamps, and other network details populating the CMDB database within ServiceNow. 

All of the dashboards in ServiceNow can be personalized to display the columns of interest.


  • No labels