Next-Generation Firewall
Integrating with ServiceNow
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
-
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
Integrating with ServiceNow
Learn how to set up the integration between AIOps for NGFW and ServiceNow.
Where Can I Use This? | What Do I Need? |
---|---|
|
When configuring your ServiceNow integration on the AIOps for NGFW
Notification Rule, you need the following:
- Configured ServiceNow instance with administrative access
- ServiceNow username and password with web access and specific roles to create incidents or query various tables
- Client ID and Password created under Application Registry in order to authorize AIOps to access your ServiceNow Instance
- URL of your ServiceNow instance
Your ServiceNow instance should also have an Incident table
for AIOps to send alerts to, and Assignment Groups with
Assignees so that these alerts can be raised to specific
people.
- Creating a ServiceNow Rest User.Create a new ServiceNow User with specific roles to read and write to the various tables needed for the integration (Incident, Assignment Groups, and Assignees).
- To create a user in ServiceNow, navigate to Users under Security > Users and Groups.Check the Web service access only check box and submit your changes.Search for the newly created user. Select the Roles tab in the table at the bottom of the page and click Edit. You will need to give the user permissions for the following three roles: itil, sn_incident_read, and sn_incident_write. Save your changes.Click Set Password on the User page. In the pop-up window, click Generate and Save Password. Make sure to copy the password to a secure location along with the User ID. This information will be used to populate the ServiceNow User credentials in AIOps for NGFW.Create a Web OAuth client.An OAuth client is required for AIOps for NGFW to authenticate into your ServiceNow instance.
- Navigate to System OAuth > Application Registry.Create a new entry and select Create an OAuth API endpoint for external clients in the following page.Add a Name for the OAuth and create a Client Secret. The Client Secret can also be left blank if an auto-generated secret is wanted. Click Submit and then navigate back to the Application Registry entry and save both the Client ID and Client Secret in a safe place. This information will be used under the Client credential forms in AIOps for NGFW.Add ServiceNow Account Settings information in AIOps for NGFW.Add the information from the previous steps in AIOps for NGFW to complete the integration between ServiceNow and AIOps for NGFW.You need the following:
- Your ServiceNow Instance URL
- ServiceNow User and Password from Step 1
- Client ID and Client Secret from Step 2
- In AIOps for NGFW, navigate to Alert Notification Rules and click Add Notification Rule.Fill in fields such as Rule Name and Alert Condition, then click the check box for ServiceNow under Notification Type and Recipients.Click ServiceNow Account Settings at the bottom of the sidebar. Fill the following form with the information that was saved previously. ServiceNow User and ServiceNow Password from Step 1, where you set up the Rest User. Client Id and Client Secret from Step 2, where you set up the Application Registration. Leave the version as is. Click Test to save the configuration and post a test incident to your ServiceNow instance. This must be successful to proceed. Click Next.Expand the Please select a template drop down, and click Create a new ServiceNow Template.Enter ServiceNow Template Name and then choose a group from the Assignment Group drop-down list. Choose an assignee from the Assignee drop-down list. Note that these drop-down lists are populated by calling the following tables from your ServiceNow instance:
- System Security > Users and Groups > Users
- System Security > Users and Groups > Groups
If there are no Groups defined, then the Assignment Group drop-down list will not populate. If there are no Users assigned to a specific Group, the Assignees drop-down list will not populate. Click Next and then Save Rule.