Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Platform Diagram

All the components of the platform starting from high level
by

on 7 January 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Platform Diagram

Other
Integrations
ServiceNow
MID Server/
Discovery
End Users
Mobile
Tablet
Desktop
Inbound HTTPS Access can be controlled
via IP Access Controls module within
ServiceNow Instance
HTTPS Access to
System (TCP/443)
Tipping Point
IPS 660N
F5 BigIP
3900
ServiceNow HI
ServiceNow HI
ACL limits traffic between App
and DB servers (TCP/3306)
Database VLAN
Application VLAN
MySQL Database
Unencrypted traffic
(TCP/3306)
Application Traffic
HTTP (TCP/16xxx)
IAD - Culpeper, VA (Terremark)
Tipping Point
IPS 660N
F5 BigIP
3900
ServiceNow HI
ServiceNow HI
ACL limits traffic between App
and DB servers (TCP/3306)
Database VLAN
Application VLAN
MySQL Database
traffic (TCP/3306)
Application Traffic
HTTP (TCP/16xxx)
SJC - San Jose, CA (Equinix)
External Akamai DNS
Name Server: AUS1.AKAM.NET
Name Server: EUR6.AKAM.NET
Name Server: NS1-98.AKAM.NET
Name Server: USE1.AKAM.NET
Name Server: USE3.AKAM.NET
Name Server: USW1.AKAM.NET
Internal View
ns1.sjc2.service-now.com
ns2.iad1.service-now.com
ns3.ams3.service-now.com
ns4.lhr1.service-now.com
HADNS
Master Bind Servers
VPN Firewall
Cisco ASA 5520
IPSEC Tunnel for integrations
into customer network (protocols TBD)
AES256/SHA
ServiceNow VPN management pool
VPN Firewall
Cisco ASA 5520
SSH Administration
Traffic (TCP/22)
SSH Administration
Traffic (TCP/22)
VPN Client
Access Firewall
Cisco ASA 5510
MySQL Database Replication (TCP/3306)

ServiceNow Intradatacenter Private Circuit

ServiceNow Intradatacenter Private Circuit

VPN Client
Access Firewall
Cisco ASA 5510
ServiceNow "Secure" VPN:
Client-to-site VPN which requires
RSA two-factor authentication for
each authorized sysadmin or
support user
No site-to-site VPN access from
ServiceNow offices
Client to Site VPN (AES256/SHA)
Multi-tenant with mix of prod and sub-prod JVMs for various customers
Each JVM constitutes one "node"
Each JVM is also a Tomcat container
Glide code runs inside the Tomcat container (server+servlet)
Multi-tenant (prod with prod, sub-prod with sub-prod)
Each catalog represents one instance cluster
Gen 2: One MySQL process/service with access to multiple catalogs
Gen 3: Multiple MySQL processes, each with access to only one catalog
VPN Traffic is only
one direction.
Initiated from ServiceNow
Full transcript