Skip to main content
McAfee Enterprise MVISION Cloud

ServiceNow Proxy Integration Prerequistes

Before you deploy MVISION Cloud for ServiceNow via Proxy, make sure the following prerequisites are in place. 

  • To connect with IAM tenants, see Add Domains or URLs to Allow List for MVISION Cloud.
  • Third-Party integration with ServiceNow. Provide the list of all the third-party integration in ServiceNow to be supported to MVISION Cloud Support.
  • Single Sign-On for ServiceNow instance. Enable SSO and configure IDP for SSO integration. The IDP should support SAML 2.0.
  • KMIP-supported Key Management Appliance. A key management appliance that supports the latest version of KMIP is required to manage encryption keys. 
  • Key Management Server(KMS). This server can be either deployed in the cloud or on-premises.
  • On-Premises KMS. This is required to support customer-owned key management through integration with enterprise key management systems and hardware security modules (HSM) via the key management interoperability protocol (KMIP).
    • Install MVISION Cloud Key Agent. Virtual Machines should install key agents to provide the encryption keys from the KMS and send them to MVISION Cloud reverse proxy for encryption/decryption.
    • Recommended Specifications. The following are the minimum specifications for the MVISION Cloud Key Agent Virtual Machine.
      Component Recommended Specification

      Number of processing cores

      RAM 4 GB
      HDD 100 GB
      Operating System
      • Windows 8 and above (64-bit)
      • Windows Server 2008 and above
      • RedHat/CentOS 6 and above (64-bit)
    • This VM sends the key from the KMIP appliance to MVISION Cloud.The key agent installed virtual machine should connect to:

      • MVISION Cloud production environment ( over port 443. Refer table below.

      • Key management server over port 5696.

      • Open outgoing ports to allow the VM to access the KMIP appliance on the KMIP port (default 5696) and MVISION Cloud (HTTPS).

NOTE: If an on-premises Key management server is not available, then MVISION Cloud can integrate with any cloud-based KMS vendors that support KMIP protocol.

  • Fields to encrypt in ServiceNow. A final list of fields that require encryption should be ready at the time of deployment.

MVISION Cloud supports encryption of unstructured data, Format Preserving Encryption (FPE), and Order Preserving Encryption (OPE) and Line Oriented Encryption (LOE) for structured data in ServiceNow. For details on ServiceNow Data Encryption, see Configure ServiceNow Encryption.

These are the prerequisites of MVISION Cloud ServiceNow Data Encryption:

  • Fields to encrypt in ServiceNow.  A final list of fields that require encryption should be ready at the time of deployment.
  • Files/documents to encrypt in ServiceNow. A final list of files/documents that required encryption should be stored and managed in ServiceNow.
  • Inbound and Outbound emails to encrypt in ServiceNow. A final list of email servers used in your organization that required encryption should be ready at the time of deployment.
  • Encryption as a Service (EaaS). This is required only for the third party application working with ServiceNow or the applications in ServiceNow.
  • Was this article helpful?