Policy Change Request - ServiceNow Integration
The ServiceNow integration with Application Control enables optimized, fully audited request handling. This functionality is available in Application Control 2022.1 and later. End users of Application Control use this integration to request and monitor the status of Policy Change Requests. Refer to Endpoint User - Create a Policy Change Request.
Prior to working in Application Control, create a new catalog item for Application Control in ServiceNow. See Creating a New Catalog Item in ServiceNow.
Administrators complete the following tasks:
Application Control Administrator Tasks: Configure access to the ServiceNow server and the options available to end users when they open a change request. Policy Change Request Options - ServiceNow Integration
ServiceNow Administrator Tasks: Manually configure the request offering and request form in ServiceNow. Ensure the workflow performs as expected. Refer to Endpoint User Access and Endpoint User Approval Requests.
The status of all service requests is changed according to its processing within the ServiceNow workflow. The number and name of each stage used in the process is configured within the ServiceNow system.
Typically, when a service request is first raised, it is in the Submitted state, and only when it has been reviewed and analyzed against a set of criteria will it be Approved or Denied.
Application Control only fulfills service requests in the Approved state.
Policy Change Request options allow you to enable or disable end-user access to the Policy Change Request feature and determine the request template available to them. The options determine how requests are communicated to ServiceNow and the selection choices available to end users when creating change requests.
Configure user accounts in ServiceNow before integrating with Application Control.
From the Menu ribbon, select Global Settings > Policy Change Request Options.
- Complete the setup steps in Configuring ServiceNow.
Select the ServiceNow Integration tab:
Specify details needed for ServiceNow based on your preferred authentication method.
The Client ID and Client Secret are read from ServiceNow when authenticating directly, and they're read from the third-party identity provider if using SSO.
In Application Control, Browse for Catalog Items and select the Application Control Catalog Item. Click OK.
If an access denied or forbidden message is shown when you attempt to add the Application Control Catalog Item, ensure the user has access to the relevant tables in ServiceNow. See Endpoint User Access for more information.
- Click OK in the Policy Change Request Options dialog.
- On returning to the ServiceNow tab, the Application Control Catalog Item has been added to the list and can be assigned to one or more rules.
To finish setting up the configuration, set the Policy Change Request options for the endpoint.