HITIDE Support Portal - SPP-AU Regulated Market Australia (APC/IRAP) customer specific access and network requirements.Summary<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } span { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } h2 { font-size: 24pt; font-family: Lato; color: var(--now-color--text-primary, black); } h3 { font-size: 18pt; font-family: Lato; color: var(--now-color--text-primary, black); } h4 { font-size: 14pt; font-family: Lato; color: var(--now-color--text-primary, black); } a { font-size: 12pt; font-family: Lato; color: var(--now-color--link-primary, #00718F); } a:hover { font-size: 12pt; color: var(--now-color--link-primary, #024F69); } a:target { font-size: 12pt; color: var(--now-color--link-primary, #032D42); } a:visited { font-size: 12pt; color: var(--now-color--link-primary, #00718f); } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } How does SPP-AU (Australian Regulated Market/APC/IRAP) differ from Commercial NowSupport? Whitepaper: Accelerating digital transformation with the ServiceNow Protected Platform Cloud Security Customer Resources Cloud Security White Papers, Articles, Guides, and Other Resources Most of your security inquiries will be addressed in the "IRAP assessment report," which should be available with your organisation's ServiceNow Contacts. If necessary, request these documents from the ServiceNow Account team representatives. Also, you can coordinate with your SAM and ServiceNow Account representatives to set up a session with the ServiceNow Security team. If you need any architecture or dataflow documents specific to SPP boundaries, you should seek these through ServiceNow Account representatives, as they may be legally bound. The instance email address will be assigned a regulated market domain, such as instancename@servicenow*The instance URL will also possess a regulated market domain, for example, instancename.servicenow*Access to the instances will be limited and only available from pre-whitelisted IPs /IP ranges The instance IP will be changed if the instance is migrated from the Commercial Environment ( instancename.service-now.com) FAQ 1.Support Portal Access/HITIDE Password Reset/Unlock HITIDE account 2.User and Account contacts management from HITIDE Support portal? 3.How to create Support Case from HITIDE? 4.Notifications from HITIDE ( SPP-AU Support portal) 5.SPP-AU Instance Access for Customer 6.Instance OOB "System Administrator" Password reset 7.Instance Access for Customer Support 8.External integrations to SPP-AU instances 9.Instance/Module(Plugin/Store Application) Go-Live on SPP-AU PROD instance 10.Plugin installation on SPP-AU instances 11.Store Application installation on SPP-AU instances 12.Inquiries regarding existing or new licenses/subscriptions/financial matters on SPP-AU 13.Queries on Subscription and Allocation count on Subscription Management Dashboard. 14.SPP-AU ServiceNow AppRepo( Custom applications) 15.WAR Upgrades and MID server download/installation and Auto upgrade on SPP-AU instances. 1. Support Portal Access/HITIDE Password Reset/Unlock HITIDE account. The NowSupport portal link is different for SPP-AU customers and is HITIDE. HITIDE access is restricted to ServiceNow employees and can only be accessed internally via Secure Virtual Machines. External customers can access HITIDE from the internet. https://hitide.servicenowcloud.com.au/hi_login.do External users can start the HITIDE password reset process through this "Forgot your Password" link https://hitide.servicenowcloud.com.au/reset_password.do?username= KB0547255: Resetting your Now Support user password Upon their first login, customers will be prompted to set up Multi-Factor Authentication (MFA) for HITIDE. HITIDE is a highly secure environment with a session timeout of 15 minutes if idle, which cannot be altered. 2. User and Account contacts management from HITIDE Support portal? It is recommended that your organisation maintains more than one HITIDE customer_admin user. User/Account management direct link ==> https://hitide.servicenowcloud.com.au/now?id=ns_manage_account_details Existing HITIDE users with a customer_admin role within their organisation can manage other users. New users can be created from "Add new users" .If the partner company is not an SPP-AU customer, it is necessary to create the partner users as HITIDE users. These users should be linked to your organization with the customer or customer_admin role.The role of "Primary Customer Admin" /"Account Contacts" can be updated directly by an existing customer_admin. Navigate to Account Contacts, then Update Contacts, and click on the existing primary customer admin's username. This will provide you with a search button to select a new user. Please ensure that the new primary customer admin possesses the customer_admin role."Inactive" and "Locked-out" users can contact their HITIDE customer_admin to reactivate their accounts, as HITIDE ServiceNow support does not have a way to verify their legitimacy unless backed by approval from customer_admin/ServiceNow Account representatives. Personally Identifiable Information (PII) from Regulated Market (SPP) instances is strictly contained within the regulated boundary and is not shared or transmitted externally. Consequently, accounts and credentials for external ServiceNow platforms must be managed separately. Customers are expected to establish a new account—using either the same or different credentials as their HI* account—when accessing External ServiceNow services such as the Community or ServiceNow Training portals. This approach aligns with standard practices in Regulated Market environments and ensures the highest level of security and privacy controls is maintained. 3.How to create Support Case from HITIDE? https://hitide.servicenowcloud.com.au/now?id=ns_guided_support You can find the option "Create a case" in the bottom right corner of the page. Just follow the on-screen prompts. 4. Notifications from HITIDE ( SPP-AU Support portal). Any case email notification from HITIDE will not have any case details, and the notification will only say the case is updated. Please log in to HTIDE to see the details of the update. **This is to ensure any sensitive information on the case notes/short description ( personal information on signature/IPs/endpoints) is not communicated via email. These emails can be accessed from anywhere, and the watch list of a case can contain any email address. 5. SPP-AU Instance Access for Customer. Customers will receive a Welcome email from HITIDE with instance credentials. Once customers have obtained their HITIDE access, they must create a Customer Support case, including the IP information (only on the HITIDE case). ServiceNow will then whitelist it on our end (NGINX ADC V3) for their organisation, which will apply to all instances. This whitelist should include the public egress IP/CIDR from the customer organisation’s Proxy/VPN/NLB. This case should be created by the customer_admin/ns admin for the Organisation on the HITIDE Now Support Portal. If the instance is accessed from an IP that is not whitelisted, it will show a snow_adc error with "403 Forbidden" Customers (customer_admin/ns admin) can manage IP whitelisting through the HITIDE catalog. For more information, please refer to the knowledge base article KB90000488: Managing IP Whitelisting for your ServiceNow instance (SPP-AU), available within HITIDE. Please note that the “IP whitelisting” control is implemented at the LB/ADCV3 level, whereby traffic is restricted at the load balancer, preventing access before it reaches the instance, in alignment with IRAP requirements. This configuration is applied at the ADCV3 container/cluster at the organisational level and is therefore applicable to all instances associated with the organisation. This differs from IP Access Access control which is instance-specific and configured within the individual instance database by the instance administrator. In this case, restrictions are enforced only after the traffic reaches the instance, at which point the ingress IP is validated. Both mechanisms may be utilised in conjunction, depending on the organisation’s security requirements, for example, to restrict PROD instance access to a defined IP range. However, IP whitelisting at the load balancer(superset) level will take precedence over the instance-specific IP address access control (deny subset) configuration. 6. Instance OOB "System Administrator" Password reset. ServiceNow does not handle Instance User Management. Customers can reset the instance ADMIN password using the admin password reset catalogue available at password reset catalogue from hitide.servicenowcloud.com.au. The catalogue permits HITIDE customer_admin to input the new instance “admin” password, which will generate a change on HITIDE. Another HITIDE Support Portal customer_admin must approve this change. Your organisation should maintain more than one HITIDE customer_admin user, as these requests should be initiated by one customer_admin and approved by another on the HITIDE Support Portal. Please note that due to HITIDE's secure environment, automated approval emails triggered from the Change for the Password reset catalogue change will not accept responses via email; therefore, the email recipient (second customer_admin) must log on to HITIDE to approve the request from the HITIDE change record created by the first customer_admin. 7. Instance Access for Customer Support. Customer support can access the instance only from SNCAV3 (Secure Virtual Machine) SNC Access Plugin-enabled customers should add Customer Support agent names to the SNC access list in the format firstname.lastname.snf.aus to allow SNC access IP Access Access control-enabled customers should add ServiceNow SNCAV3 VPN IPs for Customer Support to HOP on the instance. This KB provides more details. SPP IP Access Control restrictions during HOP 8. External integrations to SPP-AU instances. Access to SPP-AU instances is stringently regulated, permitting communication exclusively from whitelisted IP addresses. Consequently, should there be intentions to integrate external or third-party systems with the SPP instance, it is imperative to whitelist the endpoint IP/CIDR to ensure seamless connectivity. Customers can manage these IPs through their customer_admin or NS admin, utilizing the HITIDE catalogue as detailed in the knowledge base KB90000488: Managing IP Whitelisting for your ServiceNow instance (SPP-AU) available within HITIDE. KB90000509: SPP-AU : Network Connectivity Guidance is available within HITIDE. The Virtual IP (VIP) for the instance is provisioned at the ADCv3 container level and is allocated to the NGINX ADCv3 container specific to the organization. Each organization is assigned a pair of public instance IPs that remain consistent across all instances associated with that organization. When configuring the SPP instance endpoints for communication with external endpoints, it is crucial to consider both IPs. These IP pairs, sourced from each of the Primary and Secondary Datacenter pairs, guarantee high availability. Further insights into the "High Availability" architecture can be found in the document provided below. White paper: Delivering Performance, Scalability, and Availability on The ServiceNow Cloud KB0538621: Finding the IP information for your instance Additionally, you can access this information directly from the instance dashboard, as illustrated in the attached screenshot. 9. Instance/Module(Plugin/Store Application) Go-Live on SPP-AU PROD instance. KB0965738 - On-Boarding/Go Live Best Practice ( Tech Support Perspective) Most Plugins and Applications hosted on the Store are, by default, accessible on the customer's sub-production instances. The customer_admin must verify the license status of these applications applications from the Store( including all dependent applications listed within the store), irrespective of their entitlement status, to render them "installable" on the instance. A license or entitlement check governs the app's visibility within the Production environment. Consequently, installing the application on the sub-production instance does not automatically ensure its availability for installation in the Production environment. To ensure a smooth go-live in the Production environment, it is essential to confirm that the application and all its dependencies—including plugins—are visible, properly licensed, and installable well ahead of deployment. Even when your organisation holds entitlement to these products, any missing application or dependency in the Production environment’s Application Manager can cause considerable delays. Addressing such gaps requires collaboration with several backend teams for contract verification and depends on daily data uploads. As multiple backend systems contribute to the overall data flow, resolving these issues promptly isn’t always possible. Proactive preparation will help minimise disruptions and keep your deployment on schedule. Customer Support is unable to perform these validations on your behalf, as they must be completed by the HITIDE customer_admin on the SPP-AU store side. Please note that PROD instances retrieve information from multiple endpoints. Therefore, we are unable to verify these details from our backend, as the process depends on licences downloaded on the instance, the SPP-AU store, and the licensing server on SPP-AU. 10. Plugin installation on SPP-AU instances. KB0716626: Plugin FAQs KB0759221: Visibility of Plugins on Instances This KB will assist in requesting Plugins for an instance from HIRISE using the Request plugin catalogue. KB0695388: Plugin Activation Overview If the Plugin and its dependency Plugin is "Installable" on PROD, the customer(instance admin) can install it as the license/entitlement check has already been completed. Plugins can be also be requested from the "Activate Plugin" catalogue hosted on the Support Portal Environment by customer_admin on the HITIDE portal. You can access the portal at this link: https://hitide.servicenowcloud.com.au/now/en/pages/automation-store?id=ns_automation_store. All Automations==> Service Catalog==> Activate Plugin If the desired plugin is not listed, you can select "Plugin I'm looking for is not listed" and specify the plugin name as free text in the catalogue. This catalogue doesn't work for Store App installation It's important to note that Plugins and Store applications are different. This distinction can be identified in the product documentation, which also outlines the activation method. The plugin list for individual family releases can be found in the product documentation. List of Plugins Plugin Activation on Regulated Markets-Australia (SPP-AU) 11. Store Application installation on SPP-AU instances. The SPP-AU Store differs from the NowSupport Commercial Customer ServiceNow Store. For further details, please visit the following link:https://hitide.servicenowcloud.com.au/now Scroll to the bottom of the page to find this option How to access the HITIDE (SPP-AU) ServiceNow Store As of 2026, the store will prompt you to accept the standard terms on a one-time basis. Following this, you will be able to seamlessly install all free applications, as well as any paid applications included within your contract, without the need for separate procurement. This KB will provide more insight into this process. Application Store Procurement - Store Application Installation If the Application and its dependent applications are “Installable" on PROD, the customer (instance admin) can install them, as the license/entitlement check has already been completed. The customer_admin on the HITIDE portal should log in to the Regulated Market store to verify the license status of a product, regardless of whether the product has been purchased or entitled. The license status will be visible within the store on the application page. If the product or any dependent products are marked as “Not licensed”, the customer_admin should engage with the account representatives to resolve the issue. Once rectified within the sales portal, the product status will update to “Ready to Install” in the store. This process ensures that the customer is appropriately licensed for both the application and its dependencies, and that all components are compatible with the instance version. If you attempt to obtain a licensed(PAID) ServiceNow product from the store that is not included in your contract, the button status will change to “License requested” In such cases, please coordinate with your account representatives to have the subscription added to your contract. Once completed, the application status will update to “Ready to Install”For third-party Vendor products (trial or purchase), please submit a request via the Store. Following this, you will need to work directly with the vendor (outside of ServiceNow) to complete the trial approval or purchase process. Upon completion, the vendor will provide an OPTY* number if it is a purchase, which ServiceNow requires to track the transaction. The status will then change to “Ready to Install” once the trial/purchase syncs through. So that you know, the turnaround time for additional purchases may exceed 48 hours. This timeline depends on ServiceNow or Vendor approval processes, daily synchronisation cycles, and other Sales process dependencies. Customer Support has a limited scope to expedite these processes; therefore, the appropriate point of contact remains the vendor or Account Representatives for any sales-related matters. Once the application status is updated to “Ready to Install” in the Regulated Market store, the instance admin can use the “Sync Now” option within the Application Manager to make the product available on the instance for installation. The "Sync now" button in the ServiceNow Application Manager (found under System Applications > All Available Applications > All) manually refreshes your instance to reflect the latest applications and updates available from the ServiceNow Store. KB0759221: Visibility of Store Applications on Instances Consequently, deploying the application in a sub-production environment does not ensure it will be accessible for installation in the Production environment. This is largely because numerous products are offered as free trials exclusively for sub-production instances, so their licensing terms or availability may change when shifting to Production. For Production deployment, it is required to explicitly reconfirm the LICENSE status of the product and its dependencies in the store, ensuring they are visible and available for installation in the Production environment (Application Manager). 12. Inquiries regarding existing or new licenses/subscriptions/financial matters on SPP-AU. Also, for all monetary questions regarding licensing/subscriptions/entitlements, please check with the ServiceNow Account reps, as that doesn't fall under Customer Support's Scope and we do not have access to check these. Questions regarding pricing, subscription fees, or license costs for customer instances 13. Queries on Subscription and Allocation count on Subscription Management Dashboard. Please note that the count displayed on the Subscription Management Dashboard isn't real-time and can be blank for certain subscriptions. For real-time visibility, refer directly to the "sys_user_has_role" table within your instance. This table reflects current role assignments and provides the most accurate view of users currently consuming various Roles/entitlements. It also serves as the source for the Usage and Compliance report data provided by your account teams. Differences between ServiceNow issued Use Verification Reports and the Subscription Management application Discrepancies may exist between the information on the Subscription Dashboard (informational purpose) and the User Compliance Report provided by your account team. To accurately track the licenses and subscriptions your organisation consumes, you may request "Use Verification" reports through your Account Representatives. These reports should be considered the definitive source of truth. Latest release notes for Subscription Management. 14. SPP-AU ServiceNow AppRepo( Custom applications). SPP ServiceNow application repository (Custom Applications) Entitlement check 15. WAR Upgrades and MID server download/installation and Auto upgrade on SPP-AU instances. install.service-now.com, the repository for WAR versions ( Releases and Patches), is hosted in the SPP network. For upgrades, the instance will access this SPP-hosted install.service-now.com repo, which doesn't need to be whitelisted on the customer network. The MID server host (customer network) can obtain(manual download) the MID server WAR version from install.service-now.com for the installation. For MID server auto upgrades on SPP instances, please create or update the property mid.install_server.base_uri with the value https://install.servicenowcloud.com.au/. Alternatively, follow the knowledge base for manual steps to enable MID auto-upgrade. Accessing Regulated Market-specific Install servers for MID Server download, MID Server Upgrade and Nmap The MID server IP hosted on the customer network should be added to the SPP F5 whitelist to enable it to access install.servicenowcloud.com.au. If you require the static IPs of install.servicenowcloud.com.au, please create a case with us. For ocsp.entrust.net whitelisting, please refer to the knowledge base article "Required list of the IP address for ocsp.entrust.net for the firewall team to include the ocsp.entrust.net endpoint for mid-server communication." Release<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } span { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } h2 { font-size: 24pt; font-family: Lato; color: var(--now-color--text-primary, black); } h3 { font-size: 18pt; font-family: Lato; color: var(--now-color--text-primary, black); } h4 { font-size: 14pt; font-family: Lato; color: var(--now-color--text-primary, black); } a { font-size: 12pt; font-family: Lato; color: var(--now-color--link-primary, #00718F); } a:hover { font-size: 12pt; color: var(--now-color--link-primary, #024F69); } a:target { font-size: 12pt; color: var(--now-color--link-primary, #032D42); } a:visited { font-size: 12pt; color: var(--now-color--link-primary, #00718f); } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } R Related Links<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } span { font-size: 12pt; font-family: Lato; color: var(--now-color--text-primary, #000000); } h2 { font-size: 24pt; font-family: Lato; color: var(--now-color--text-primary, black); } h3 { font-size: 18pt; font-family: Lato; color: var(--now-color--text-primary, black); } h4 { font-size: 14pt; font-family: Lato; color: var(--now-color--text-primary, black); } a { font-size: 12pt; font-family: Lato; color: var(--now-color--link-primary, #00718F); } a:hover { font-size: 12pt; color: var(--now-color--link-primary, #024F69); } a:target { font-size: 12pt; color: var(--now-color--link-primary, #032D42); } a:visited { font-size: 12pt; color: var(--now-color--link-primary, #00718f); } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Additional Documents Commercial to Regulated Market(SPP) Instance migration FAQ (Technical Support perspective) KB0538621: Finding the IP information for your instance FAQ on penetration test (PEN) ServiceNow Maintenance Impact (Customer Support Perspective) KB0965738 - On-Boarding/Go Live Best practice ( Tech Support Perspective) KB1048209 : How to Report Security Incidents and Security Findings to ServiceNow