Introduction:
Service Request Remediation Management capability lets you automate the remediation of compliance irregularities that are detected in the network.
IT Management Suite remediation management works along with a service desk application and a compliance solution to complete the automated remediation of service requests.
The automated closed loop remediation process begins with a Compliance solution, for example: Symantec Control Compliance Suite, which scans the computers in the network and triggers the generation of tickets in ServiceNow. Currently, only ServiceNow is supported. In the future releases, the list of supported service desk applications will be expanded.
The IT Management Solution gets the service requests from ServiceNow and starts the remediation process. After the process completes, IT Management Solution shares the results of the remediation actions with the ServiceNow application. The Symantec Control Compliance Suite then scans the assets again to ensure that the remediation action is complete.
The following diagram illustrates the interaction and the dataflow between all the three components that work in the automated closed loop remediation process.
Components and phases of automated service request remediation
Following is the list of components that work together to achieve automated closed loop service request remediation process:
- A Compliance Solution:
The compliance solution should be able to scan the computers in your network and report back the issues and irregularities found in the scanned computers.
In this use case, we will use Symantec Control Compliance Suite as an example. - A Service desk application:
A service desk application is used to generate and track the service requests for the issues found in the network.
In this use case, we will use ServiceNow as an example. - A patch deployment solution:
To complete the remediation process the patch deployment solution deploys the bulletins based on the service requests raised.
In this use case, we will use IT Management Solution as an example.
Phases of automated Service Request Remediation Process:
Phase1: Scan the computers in the network for vulnerabilities:
Symantec Control Compliance Suite (CCS) lets you scan the computers in the network for any vulnerabilities and compliance irregularities that you need to address. CCS then interacts with ServiceNow to create tickets for remediation.
To configure the remediation settings in CCS:
- In the CCS console, navigate to Settings > General.
- In the left pane of the General view, click Application Configuration > Remediation Settings.
3.In the right pane, select the ServiceNow Ticket tab and provide the following information:
Field | Description |
|---|---|
ServiceNow Instance URL | Specify the ServiceNow instance URL that you want to use for ticketing in CCS. |
Credentials |
The user created for the ServiceNow instance.
Password for the user created for the ServiceNow instance. Note: Click Validate Connection to test the ServiceNow connection. |
Split tickets based on the priority of the ticket | Option you select if you want the ServiceNow tickets to be split based on the ticket priority. |
Maximum assets per ticket | The maximum number of assets that you want to combine in a single ServiceNow ticket. |
Ticket assigned to | The value in the two fields should match one of the following values configured in ServiceNow: User ID Email ID Username |
Poll interval (in minutes) | The interval after which CCS polls ServiceNow for a change in ticket status. |
Ticket Status mapping | CCS Status and ServiceNow status Note: After mapping a CCS status to ServiceNow status, if the mapped status is deleted from ServiceNow, then the mapping in CCS is set to none or blank. You must change the Servicenow mapping for that particular CCS status. |
4.Create an evaluation Job.
5.In the Create or Edit Collection Evaluation Reporting Job, select the Create a ServiceNow ticket.
For more information, refer to the following article:
https://support.symantec.com/en_US/article.TECH246522.html
Phase2: Ticket is created in ServiceNow:
In the ServiceNow application, ticket is created with the attachment Symantec_CCS_Remediation_Context.zip.
In the Activity flow of the ServiceNow ticket, the details of Non-Patch related remediation information is included.
Things to note: The ticket statuses from ServiceNow application are used in IT Management Suite.
In IT Management Suite these ticket statuses are used to track the ticket status in remediation phase such as, Ready to Remediate, In Progress, Completed, Failed etc.
For more information refer to the section on IT Management Suite Remediation Management.
Phase3: Remediation Management in IT Management Suite:
In the IT Management Suite, connect with ServiceNow from the Service Request Remediation and configure the schedule for remediating service requests and set the service request tracking statuses.
In the Symantec Management Console, navigate to Settings > Service Request Remediation and connect and get all the service request states from the ServiceNow application.
To configure Service Request Remediation Management
- In the Symantec Management Console, navigate to Settings > Service Request Remediation.
- In the Service Request Remediation Configuration page, enter the following:
Field | Description |
Service Name | Select the name of the service desk application. |
Service URL | Enter the service desk application connection URL. |
User Name | Enter the user name to connect to the service desk application. |
Password | Enter the password to connect to the service desk application. |
Never | Select this option, if you do not want to get requests from the service desk application. |
Day | Select this option, if you want to get requests daily once from the service desk application. |
Week | Select this option, if you want to get requests weekly once from the service desk application. |
Month | Select this option, if you want to get requests monthly once from the service desk application. |
Custom Schedule | Select this option, if you want to customize the schedule to get the requests from the service desk application. For more information, refer to the following article: |
Get the tickets with status | Set the status of the tickets which should be filtered for remediation. |
During work in progress, set status to | Select the status that should be displayed on the service desk application when the remediation of the service requests is in progress. |
After successful completion, set status to | Select the status that should be displayed on the application when the remediation of the service requests is successful. |
On failure, set status to | Select the status to be displayed on the service desk application when the remediation of the service requests fails. |
After completion with failures, set status to | Select the status to be displayed on the service desk application if the remediation is successful for some client computers and fails for some of the client computers. |
3. In the Connection Setting, click Connect to check the connection with the service desk application and get the service request statuses.
Note: If a new status is added in the service desk application, then you must click Connect to get all the latest statuses from the service desk
application.
4. Click Save Changes.
For more information about the fields and setting up the configuration, refer to the following URL:
After you save the configuration, the Service Request Remediation schedule to report the status back to the ServiceNow application is turned on. By default, the schedule to report back the ticket status is 4hrs.
To view the status of remediation of service requests in IT Management Suite
To view the Patch based service request remediation, navigate to Symantec Management Console > Policies > Software > Windows > Service Request Remediation Management.
A policy is created based on the bulletin ID for which the Service Request Remediation management action is taken. After the remediation action is complete the policy is disabled automatically.
Things to note:
1. IT Management suite supports remediation for Windows computers only.
2. Ensure that Symantec Management Agent and Software Update Plug-in are installed on the client computers on which remediation action should be
completed.
3. Patch Management Solution is installed and configured. The patch bulletin Metadata is imported.
For more information on how to import Patch data, refer to the following article:
help.symantec.com
4. Bulletins of only supported vendors are considered for remediation.
5. If you modify the shared schedules for remediation, without configuring the Service Request Remediation Configuration, the remediation action will not
be triggered.
6. If you are not using the Symantec Control Compliance Suite to scan the target computers, the ServiceNow ticket should have the attachment that shares
the metadata with IT Management suite in the prescribed format.
4.Create an evaluation Job.