A server is a server...until you know what’s on it

Key methods to connect the infrastructure to business applications

David Goodwin

David Goodwin

Specialist Director, Advisory, Digital Lighthouse, KPMG US

+1 646-327-8319

In the previous post , we discussed foundational CMDB components for application mapping. In this post, we will discuss some of the data sources available to build out the relationships

Populate the relationships

There are three popular options for populating the relationships—manual mapping, service mapping tools, and provisioning integration.

Manual mapping – In this scenario, the goal is to populate a simple, flat hierarchy that links servers and databases directly to business application environments. Conceptually, the simplest approach is to have someone manually enter the relationships. Keep in mind, however, doing so requires clear procedures for execution. And by adding a user interface into the server and database provisioning workflows, you can facilitate server owners more easily entering relationships—even if it is still a manual step. This approach is often used when:

  • An automated mapping tool is not available
  • The application technology is not supported by the mapping tool
  • The business application is not reachable by automated tools, such as a PCI environment

Service mapping tools – ServiceNow Service Mapping (and other similar tools) provides the most sophisticated model of application relationships. It establishes relationships that represent the traffic flow through the application—from load balancer, to web server, application server, database, and storage, with maps continuously updating to reflect the business application’s current configuration. ServiceNow Service Mapping supports a specific set of infrastructure and application technologies, so you should validate that it is compatible with your needs. Assuming your application environment is compatible, Service Mapping will additionally need some tuning to work in your environment.

Provisioning integration – With this approach, data is automatically collected at the time of server and database provisioning. For example, if a request is initiated from a ServiceNow catalog item, then non-discoverable attributes from the requester such as the business application and environment type can also be captured. When automated provisioning tools are used, they can leverage ServiceNow’s API to create a new server configuration item, which can be enriched with data/relationships from the catalog item. Then ServiceNow Discovery can be invoked to populate additional technical attributes. This option has the advantage that it is more technology-agnostic than service mapping although the output is not as sophisticated.

In many scenarios, a combination of two or more of the techniques are used. For example, service mapping may be used on Tier 0 business applications where the additional level of detail is desired and technology standards are more carefully enforced. A provisioning-driven approach may be used for newly deployed applications and a manual approach may be used for legacy applications that are in a “sunset” lifecycle phase.

Whatever approach is used, the full lifecycle of the relationships should be considered, such as: What do you do when servers are retired? Are the relationships to retired servers maintained or deleted? Who and how does this step get executed? Maintaining the relationships has the advantage of seeing the history, but it clutters up dependency maps and form views.

Track completeness

Visibility into progress is an important part of governance. ServiceNow’s CMDB Health Dashboard can provide transparency into it. For example, the Orphan metric can be used to help report on an organization’s progress with application mapping as it can be configured to scan for servers and databases that do not have a corresponding relationship to an application service. These reports can then be sliced by class, which typically corresponds to ownership within the organization such as all Windows servers or all MS SQL databases. By aligning the reporting to infrastructure owners, they become more actionable and progress can be trended.

With application relationships populated, organizations can benefit from understanding how servers and databases contribute to an organizations goals. Costs can be rolled up back to organizations; planned and unplanned outage impact can be determined; and technology refreshes and cloud migrations can be planned based on value to an organizations priorities.

Seemingly simple tasks require innovation, experience, and diligence

ServiceNow CMDB provides strong functionality to track infrastructure and application data in order to prioritize and differentiate treatment, investment, support, and priority for uptime, upgrades, patching, and security protection. However, it is up to the organization to identify data sources and processes to govern the data. Adding to the complexity is the challenge to operationalizing all of this–coordinating the many stakeholders, developing procedures, tuning functionality, and execution.

For help in establishing an application mapping plan, many organizations turn to KPMG. With extensive ServiceNow and application mapping experience, we can help you achieve greater value from your technology investments based on your business needs.

© 2020 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.
The KPMG name and logo are registered trademarks or trademarks of KPMG International.
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation.