1. Kenna FAQ
  2. General
  3. Security Tool/Vulnerability Scanner Connectors

BMC Remedy Ticketing Integration

Cisco Vulnerability Management’s ticketing integrations allow customers to take advantage of our powerful prioritization and reporting platform to streamline your remediation workflow and ensure that you’re able to close the vulnerabilities that Cisco Vulnerability Management prioritizes for you. With the BMC Remedy Ticketing Integration, you can send tickets directly from the UI to BMC Remedy. This guide will help you get up and running.

 

Please note, this connector supports only BMC Remedy and does not support BMC’s Helix platform.

BMC_Remedy_Title_Slide.png


Adding the BMC Remedy Ticketing Connector

Data flow between Cisco Vulnerability Management and BMC Remedy requires the configuration of the BMC Remedy Connector in Cisco Vulnerability Management.

The first step is to add the BMC Remedy Ticketing Connector from the connectors tab and configure it with your credentials. The user account must have read/write access to the projects to which you will wish to ticket. Information required to configure the connector includes:

  • Username (Service Account User recommended)

  • API Token

  • Remedy host

    • If your host is static, enter the IP address and the port.

    • If your host is dynamic, enter the DNS and port information.

  • If your Remedy deployment is on-premise you will need to leverage the Kenna Virtual Tunnel.

    • Once you have the Virtual Tunnel installed, in the Remedy set-up window, please check the box for “Use Kenna Virtual Tunnel”

If you do not see the BMC Remedy Connector by default (and you are a Cisco Vulnerability Management Administrator) please email support or your Customer Success Team and ask them to enable the BMC Remedy connector for your Cisco Vulnerability Management instance.

BMC_Remedy_Selection.png

The image below shows the BMC Remedy Connector configuration window.

BMC_Remedy_Config.png

 

After entering the Username, API Key and Host information, click Save And Verify to save the connector. Once the above steps are completed, you will be able to successfully create tickets using the “Create BMC Remedy Issue” button in the UX.

Creating a BMC Remedy Ticket

Tickets can be created to either address a vulnerability (or set of vulnerabilities) or apply a fix directly in Cisco Vulnerability Management.  You can create tickets from both the Vulnerabilities tab and the Fixes tab. You can do so by selecting the checkbox to the left of the desired item, and clicking the BMC Remedy Incident button, which will appear next to the tabs within the explore view.

Create_Remedy_Vulns.png

BMC Remedy Tickets can also be created for any Top Fix group using the same button, which will appear after your connector is created. The Remedy ticket will be created for the Top Fix Group which is currently shown on the screen and each group may contain up to 3 fixes, all of which will included in the BMC Remedy Incident when opened.

Top_Fixes_Remedy_Ticket.png

Once you click to create a new ticket, the Remedy dialog box will pop up and display a standard set of fields with choice values loaded from your specific Remedy instance. Users can select data for any of the fields. Short Description and Description are pre-populated with the appropriate vulnerability and/or fix data.

 

Remedy_Ticket.png

Whether the BMC Remedy ticket creation is initiated from Vulnerabilities, Fix, or Fix Groups, ticket metadata becomes specifically tied to the associated vulnerabilities.  Visually that is displayed in Cisco Vulnerability Management in multiple ways.  First, any vulnerability with an associated ticket will show an orange “pill” on the Vulnerabilities tab.

Remedy_Pill.png

The Service Ticket ID will be displayed on the Vulnerability ticketed within Cisco Vulnerability Management, along with the Service Ticket Status.

Remedy_Service_Ticket_info.png

The specific BMC Remedy Issue number is displayed on the Vulnerability Details page for the vulnerability. To get to the Vulnerability Details page, click on the vulnerability name or the blue carat to see the details on a vulnerability from the Vulnerabilities tab.

 

19031adc-7d85-463b-83eb-0adb6a10824c.png

 

Issue details are at the bottom right hand side of the vulnerability detail page. This information includes Status and Assignee. When you click the link to  “View BMC Remedy Issue”, you will be directed to the Ticket in your BMC Remedy instance.

Data Flow between Cisco Vulnerability Management and BMC Remedy Ticketing

Data flow between Cisco Vulnerability Management and Remedy is somewhat bi-directional.  Tickets in Remedy are populated with asset, vulnerability, and fix information from Cisco Vulnerability Management.  A nightly data sync will pull in the service ticket number and ticket status from Remedy but will not update the vulnerability status in Cisco Vulnerability Management. Therefore, status changes of Open/Closed/Deleted made to a ticket in Remedy as part of the remediation workflow are synced back to the Cisco Vulnerability Management ticket view, however, any vulnerabilities associated with the ticket will not be marked as closed until data is retrieved from the scanning platform confirming the vulnerability is fixed. Once the ticket has been created in Remedy a notification bar will appear at the top of the page with the Ticket information which is a link to the new ticket in Remedy.

Remedy ticket data is fully accessible from with Cisco Vulnerability Management and can be used as filter criteria from the right hand search pane in the explorer view as shown below. This view is only available if there are vulnerabilities in the current view who have a ticket status other than “None”.

Service_Ticket_Classification.png

Additional Information

The Cisco Vulnerability Management-Remedy Ticketing integration is built on the default Template views in Remedy. Regardless of which Templates you choose to ticket to, the default fields currently cannot be changed. The following are the default fields Cisco Vulnerability Management will bring in:

  • Template                  • Support Company

  • Service Type           • Support Organization

  • Reported Source    • Assignment Group

  • Impact                     • Short Description

  • Urgency                  • Description

Cisco Vulnerability Management will connect to Remedy to retrieve the list of available choices for each of the listed fields and display them in the form presented to the Cisco Vulnerability Management user. Changes to the choices should be made in the Templates within Remedy.

If a Remedy Ticket exists for a specific Vulnerability or Fix, you will be unable to create a second ticket from Cisco Vulnerability Management for that item.

If a Remedy ticket exists for a subset of fixes or vulns you are trying to ticket, you can create that second ticket, however it will only include the data from the selection that has not yet been ticketed.

Optional Settings

Please reach out to Support or CS to enable these items:

  • Service Ticket Type

    • If you wish to change the default ticket type to a different status rather than the default “Incident”

  • Use External ID instead of First and Last Name

    • For tickets that are submitted via Cisco Vulnerability Management, the First and Last name of the User (in this case, the Service Account that is enabled in Cisco Vulnerability Management) is typically auto-filled to the “Submitter” field in Remedy. Given that most organizations will use a Service Account, the team can instead opt to display the external ID of the service account.

 

Please contact Support should you require any additional assistance with the BMC Remedy Connector.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Articles in this section

See more