Requirements for the Remote Support Integration with ServiceNow

 

You must purchase this integration separately for both your Remote Support software and your ServiceNow solution. For more information, contact BeyondTrust's Sales team.

Outlined below are requirements for the enterprise versions of the Remote Support ServiceNow integration. If any of the integration requirements are not yet met, they must be in place prior to starting the integration setup process unless the associated features of the integration are not required.

Review Base Integration Requirements

A current version of a ServiceNow release, including:

  • A working Service Desk application
  • A working email configuration

A current release of BeyondTrustRemote Support including:

  • At least one usable representative console capable of generating session keys
  • A functional Remote Support site through which users can connect to representatives

To configure network firewall rules for this integration, do the following:

  • Allow TCP 443 traffic from the B Series Appliance to the appropriate ServiceNow instance.
  • Allow TCP 443 traffic from the appropriate ServiceNow instance to the B Series Appliance.
  • Optionally, use ServiceNow MID Servers for this integration.

For more information on MID Servers, please see MID Server Configuration.

Review Additional Integration Requirements

The enterprise version of BeyondTrust's ServiceNow integration has additional features that require certain ServiceNow functions to be operational in order to work correctly. If these functions are not set up or actively used, the integration can still be installed and the basic features will work, but the enterprise features will not be usable until the necessary ServiceNow functionality is implemented. This can be done after the initial installation of the integration update set(s). The additional features should immediately be usable, assuming the appropriate setup steps are taken during the integration setup as described in this guide.

To successfully integrate the BeyondTrust Jump Client services with ServiceNow, the following requirements must also be met and reviewed:

  • A functional ServiceNow configuration management database (CMDB)
  • One or more ServiceNow configuration items on which BeyondTrust Jump Client services can be or have been installed
  • A working ServiceNow Employee Self Service (ESS) application and portal

The CMDB is used to launch Remote Support sessions based on the hostname of the machine added to the Configuration Item field of an incident. If the CMDB is not populated with any available hosts, BeyondTrust Remote Support Jump Clients cannot be used to remotely access them through ServiceNow's interface. These hosts can be added after the initial setup without making any changes to the integration.

BeyondTrust Remote Support includes support for all the major modern versions of Microsoft, Apple, and Linux. One or more computers running one of these operating systems must be populated in ServiceNow's CMDB in order for BeyondTrust Remote Support Jump features to work through ServiceNow. As mentioned above, this can be done after initial installation of the integration.

ServiceNow's ESS portal is leveraged by the integration to allow ServiceNow users of the portal to request remote support from logged-in Remote Support representatives. This is not always desired, so some administrators prefer not to use the ESS portal. This is acceptable for the purposes of installation, and the ESS portal can be deployed after the integration setup to enable the associated Remote Support features.

Test the Firewall

It is important to test all requirements of the integration prior to beginning setup. Most of these can be tested by the Remote Support and ServiceNow administrators within their respective systems, but to test the network firewall, the BeyondTrust admin should take the following steps to confirm that the necessary rules are in place.

  1. Log in to a machine either external to the B Series Appliance's network or in the same VPN as the ServiceNow instance, depending on how ServiceNow is connecting to the B Series Appliance's network.
  2. Log in to the B Series Appliance's /appliance interface.
  3. Browse to Support > Utilities :: TCP Connection Test.
  4. Enter the hostname of the ServiceNow instance, enter the port number of 443, and then click Test. A successful result is a Connected status message.
Do not enter the protocol when entering the ServiceNow instance (https://servicenow.example.com, for example). Instead, use only the fully qualified domain name (servicenow.example.com). In most environments, BeyondTrust Remote Support resides in a DMZ network and has a public DNS address which ServiceNow contacts over the public internet. In some environments, Remote Support is not publicly accessible. In these cases, contact ServiceNow about implementing a VPN connection to your internal network for ServiceNow. For more information, please see Virtual Private Network (VPN).