Cisco Vulnerability Management’s ticketing integrations allow customers to take advantage of its powerful prioritization and reporting platform to streamline your remediation workflow and ensure that you’re able to close the vulnerabilities that Cisco Vulnerability Management prioritizes for you. With the BMC Remedy Ticketing Integration, you can send tickets directly from the UI to BMC Remedy.
Note: This connector supports only BMC Remedy and does not support BMC’s Helix platform.
Prerequisites
- The user account must have read/write access to the projects that you want to create tickets for.
- You must be a Cisco Vulnerability Management administrator.
Configuring the BMC Remedy Ticketing Connector in Cisco Vulnerability Management
1. In the Cisco Vulnerability Management UI, click Connectors.
2. Click Add Connector.
3. In the Ticketing section, click BMC Remedy Ticketing. Note: If you do not see the BMC Remedy Connector in the UI (and you are a Cisco Vulnerability Management administrator), email Cisco Support or your Customer Success Engineer and ask them to enable the connector for your Cisco Vulnerability Management instance.
4. On the Remedy PROD page, enter the following information:
- Name: Enter a name for the connector, or leave it as "Remedy".
- Username and Password (Service Account User recommended): The user account must have read/write access to the projects to which you will wish to ticket.
-
Host:
If your host is static, enter the IP address and the port number.
If your host is dynamic, enter the DNS and port number. - If your Remedy deployment is on-premises you must use the Virtual Tunnel, so you must select Use Virtual Tunnel.
5. Click Save and Verify.
Creating a BMC Remedy Ticket for a Vulnerability
1. In the Cisco Vulnerability Management UI, click Vulnerability Management > Explore.
2. Click the Vulnerabilities tab.
3. Select a vulnerability in the list.
4. Click the Remedy Incident button.
5. In the BMC Remedy page, fill out the information and click Create BMC Remedy Ticket. Short Description and Description are pre-populated with the appropriate vulnerability and/or fix data.
Creating a BMC Remedy Ticket for a Fix
1. In the Cisco Vulnerability Management UI, click Vulnerability Management > Explore.
2. Click the Fix tab.
3. Select a fix in the list.
4. Click the Remedy Incident button.
5. In the BMC Remedy page, fill out the information and click Create BMC Remedy Ticket. Short Description and Description are pre-populated with the appropriate vulnerability and/or fix data.
Creating a BMC Remedy Ticket for a Top Fix Group
Tickets can also be created for any Top Fix group after your connector is created. Each group can contain up to three fixes, all of which will included in the Incident when it is opened.
1. In the Cisco Vulnerability Management UI, click Vulnerability Management > Dashboard.
2. Click the Top Fixes button for the group that you want to open a ticket for.
3. Click the Remedy Incident button.
4. On the BMC Remedy page, fill out the information and click Create BMC Remedy Ticket. The Short Description and Description fields are pre-populated with the appropriate vulnerability and fix data.
Viewing BMC Remedy ticket information
Whether the BMC Remedy ticket creation is initiated from Vulnerabilities, Fix, or Fix Groups, ticket metadata becomes specifically tied to the associated vulnerabilities. Visually that is displayed in Cisco Vulnerability Management in multiple ways. First, any vulnerability with an associated ticket ticket will display in orange on the Vulnerabilities tab.
The Service Ticket ID will be displayed on the Vulnerability that is ticketed in Cisco Vulnerability Management, along with the Ticket Status.
The specific BMC Remedy issue number is displayed on the Vulnerability Details page for the vulnerability. To access the Vulnerability Details page, click on the vulnerability name or the blue arrow.
Issue details are at the bottom right-hand side of the Vulnerability Details page. This information includes Status and Assignee. When you click the link to “View BMC Remedy Issue”, you will be directed to the ticket in your BMC Remedy instance.
Data Flow between Cisco Vulnerability Management and BMC Remedy Ticketing
Data flow between Cisco Vulnerability Management and Remedy is somewhat bi-directional. Tickets in Remedy are populated with asset, vulnerability, and fix information from Cisco Vulnerability Management. A nightly data synchronization pulls in the service ticket number and ticket status from Remedy but will not update the vulnerability status in Cisco Vulnerability Management. Therefore, status changes of Open/Closed/Deleted made to a ticket in Remedy as part of the remediation workflow are synchronized back to the Cisco Vulnerability Management ticket view, however, any vulnerabilities associated with the ticket will not be marked as closed until data is retrieved from the scanning platform confirming the vulnerability is fixed. Once the ticket has been created in Remedy a notification bar will appear at the top of the page with the Ticket information which is a link to the new ticket in Remedy.
Remedy ticket data is fully accessible from Cisco Vulnerability Management and can be used as filter criteria from the right-hand search pane in the Explore view as shown below. This view is available only if there are vulnerabilities in the current view that have a ticket status other than “None”.
Additional Information
The Cisco Vulnerability Management-Remedy Ticketing integration is built on the default Template views in Remedy. Regardless of which Templates you choose to use, the default fields currently cannot be changed. The following are the default fields Cisco Vulnerability Management will import the following fields:
-
Template • Support Company
-
Service Type • Support Organization
-
Reported Source • Assignment Group
-
Impact • Short Description
-
Urgency • Description
Cisco Vulnerability Management will connect to Remedy to retrieve the list of available choices for each of the listed fields and display them in the form presented to the Cisco Vulnerability Management user. Changes to the choices should be made in the Templates in Remedy.
If a Remedy Ticket exists for a specific vulnerability or fix, you will cannot create a second ticket from Cisco Vulnerability Management for that item.
If a Remedy ticket exists for a subset of fixes or vulnerabilities you are trying to ticket, you can create that second ticket, however it will only include the data from the selection that has not yet been ticketed.
Optional Settings
To enable these items, contact Cisco Support:
- Service Ticket Type: If you want to change the default ticket type to a different status than the default “Incident”
- Use External ID instead of First and Last Name: For tickets that are submitted through Cisco Vulnerability Management, the First and Last name of the user (in this case, the Service Account that is enabled in Cisco Vulnerability Management) is typically auto-filled to the “Submitter” field in Remedy. Since most organizations will use a Service Account, the team can instead opt to display the external ID of the service account.
Contact Support if you require any additional assistance with the BMC Remedy Connector.
Comments
Please sign in to leave a comment.