Agentless discovery avoids the management complexity of permanent software installed on discoverable devices. A lightweight Java application called Management, Instrumentation, and Discovery (MID) Server runs as a Windows service or Unix daemon on standard hardware—including virtual machines already in your environment.

Multiple MID Servers, capable of handling thousands of devices each, can be deployed in different network segments to provide virtually unlimited scalability.

The MID Server executes probes and patterns and returns the results to an associated ServiceNow instance; it does not retain any information. MID Servers communicate by querying their associated instance for probes and patterns to run, and post the results of probes they have completed back to the instance. Within the instance, sensors process the collected data.

The MID Server starts all communications using HTTPS, which means communication is secure and all communications are initiated inside the enterprise’s firewall. No special firewall rules or VPNs are required.

Configuration of IP ranges, credentials, and schedules are all handled in ServiceNow. Credentials are stored using 3DES encryption or optionally can be provided by an external credential store. Once entered, ServiceNow has no way of ever displaying them again.

On the MID Server, the standard encryption capabilities of SSH, WMI/WinRM, and Simple Network Management Protocol (SNMP) are used.

The MID Server uses several techniques to probe computers and IP‑enabled devices without using agents. For example, it uses SSH to connect to a Unix or Linux computer and runs standard commands to gather information. Similarly, it uses SNMP to gather information from a network switch or a printer.

WMI and PowerShell are used for Windows computers and there is support for WinRM as well. Storage components are discovered via SMI‑S and CIM. RESTful HTTP queries are initiated as well for supported targets such as UCS and Amazon Web Services (AWS).

Discovered information is securely sent back to an associated ServiceNow instance for processing by the probe’s matching sensors. Patterns‑based content is handled by a generic pair of probe and sensor.

Discovery maps hierarchical dependencies and assigns the appropriate relationship type between CIs that it finds. 

Application dependency mapping (ADM) creates upstream and downstream relationships between interdependent applications by identifying which devices are communicating with one another, which TCP ports they are communicating on, and which processes are running on these devices. 

All this information is used to automatically keep the ServiceNow CMDB up to date. 

Discovery uses identifiers to search the CMDB for CIs that match devices discovered in the network. These identifiers can be configured to instruct Discovery to take certain actions when device matches are made, or not made, to maintain data integrity.

When IT uses VMware, AWS, or Microsoft Azure to make changes to their virtual or cloud environments, events from these environments trigger Discovery to detect those changes and then update the CIs and corresponding relationships. 

This ensures up‑to‑date accuracy of the CMDB and real‑time visibility into virtual and cloud environments.

IT can create custom patterns to explore any discoverable resource. Using pattern designer, IT can expand discoverable elements using a codeless engine. IT can also customize data model fields, tables, and relationship descriptions in the CMDB to meet specific needs. 

ServiceNow also integrates with many industry‑standard Privileged Access Management solutions (PAM), such as CyberArk®, BeyondTrust®and others available via the ServiceNow store. This allows security admins to provide least privilege access and rotate credentials updated per their policy with ease.

A guided setup provides a logical, friendly starting point to configure and launch Discovery. IT can follow simple steps to deploy a MID Server, add credentials, and automatically create schedules based on discovered subnets and user defined window, and then complete the process by launching Discovery.

Discovery is tightly integrated with ServiceNow Service Mapping to form a unified collection architecture on the ServiceNow platform for discovering enterprise hybrid infrastructure and services. 

ServiceNow Discovery provides a comprehensive inventory of physical and logical assets within the IT infrastructure. These CIs and relationships are populated into the CMDB. Service Mapping uncovers the hybrid infrastructure underlying business services and connects these CIs to form individual service maps. 

You can drill down seamlessly from service maps into detailed asset information, which provides a powerful, integrated environment for resolving service issues and managing service changes.

Speed adoption by identifying business service candidates and generating service maps. Automatically identify candidates through traffic‑based discovery. Generate and refine initial service maps using network information and machine learning algorithms.

When credentials are not available or not correct, the service will create a placeholder CI using NMAP to gather additional details for Service Mapping. This simplifies the credential‑less completion of service mapping deliverables.

An intuitive interface guides the Discovery Administrator through configuration and management. Administrators can easily see what Discovery is configured to discover on which subnet(s), and a historical view of progress against those goals.

This feature automatically creates a discovery schedule and updates that schedule as the network grows and changes. Automatically creating schedules based on discovered subnets and user defined windows provides greater details and speeds the discovery process.