Welcome to a new series of blog posts about Qualys integrations. This is first in a series covering our integrations and covers CMDB Sync. CMDB Sync is part of our CSAM (CyberSecurity Asset Management) tool set and has two versions. One version is for basic SNOW customers who have CMDB without ITOM (IT Operations Management) and those who do have ITOM and can utilize the Service Graph tool sets within SNOW. Except where indicated this blog post applies to both versions.
CMDB Sync & CMDB Sync Service Graph: Why 2 versions?
At a high level both apps achieve the same goals:
1.Sync Asset data from Qualys to ServiceNow CMDB in the correct structure, and mapping to the right classes, tables,and attributes.
2.Enrich your CMDB with additional content, such as OS, Hardware,and Software EOL/EOS dates.
3.Normalize and Categorize your Hardware and Software products, e.g.,placing products on a taxonomy such as Databases.
4.Import from ServiceNow to Qualys missing IP addresses in an asset group or with a tag so that they can get scanned, and hence removing that gap from security program.
5.Import Business information from ServiceNow to Qualys.
The main differences are that CMDB Sync:
1. Does not support Cloud Metadata (region, instance ID, machine size, etc. for AWS/GCP/Azure) because CMDB needs to be upgraded to ITOM visibility for this to be supported.
2. Does not support IoT typeclasses because CMDB needs to be upgraded to ITOM visibility for this to be supported.
Service Graph is where ServiceNow wants to go in the long term. They want every vendor to develop their integrations using Service Graph. However, they still need to push thousands of vendors to do this before they can deprecate the non-service graph method. So, the Service Graph version is more strategic for us. These 2 apps have separate code base, so we always prioritize feature development on the Service Graph app first, followed by the non-Service Graph version after 3 months give or take.
From the service now store choose the right version of CMDB sync for your environment. if you have ITOM as a paid add on for your ServiceNow instance then choose the Service Graph connector version otherwise choose the plain version.
Once it’s installed you need to add a Qualys credential record to use for syncing.
Then setup a schedule for differing groups of assets. More dynamic assets (like workstations) may need syncing more often than more static assets (like servers).
Once you have setup your schedules and successfully run them you will have assets to approve in the approval step. You can auto-approve assets in the schedule window, but we recommend only doing that after you have run it manually and are happy with the sync results.
Not shown: all the ports, software, network adapters, data volumes.
We’ve recently added the ability to sync asset metadata regarding business information back to already created assets in Qualys.
This has shown the primary use cases Qualys’ CMDB Sync and CMDB Sync Service Graph connector. For more details on all of this functionality see the respective documentation and reach out to your TAM if you’d like to trial CSAM and CMDB Sync.
Useful links/More information
CMDB Sync: https://www.qualys.com/docs/qualys-cmdb-sync-user-guide.pdf
CMDB Sync Service Graph Connector: https://www.qualys.com/docs/qualys-asset-inventory-cmdb-sync-ire.pdf
Qualys Blog: https://blog.qualys.com/product-tech/2022/07/11/how-to-quickly-prioritize-risks-with-vmdr-2-0-and-orchestrate-response-with-cmdb-itsm-integration
Service Now Community Blog [community.servicenow.com] https://community.servicenow.com/community?id=community_article&sys_id=0bf37ccd1b1b98906531ea89bd4bcbc3
Solution Brief: Confidently Integrate with 3rd Parties [servicenow.com] https://www.servicenow.com/content/dam/servicenow-assets/public/en-us/doc-type/resource-center/data-sheet/ds-introducing-the-service-graph-connector-program.pdf
Solution Brief: Service Graph FAQ [servicenow.com] https://www.servicenow.com/content/dam/servicenow-assets/public/en-us/doc-type/resource-center/solution-brief/sb-service-graph-faq.pdf
Webinar [servicenow.com] https://www.servicenow.com/lpwbr/introducing-new-service-graph-connectors.html