For Tanium as a Service ports, see Tanium as a Service Deployment Guide: Host and network security requirements. Security exclusions If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. Other Packages — PyTan v2.1.6 2.1.6 documentation. PyTan relies on a number of python packages to function properly. All dependencies are bundled with PyTan in order to make it easier for the user to start using PyTan right away. Create a new directory for storing PyTan: mkdir /tanium. Extract the PyTan ZIP file you downloaded to /tanium: cd /tanium unzip pytan-2.1.8.zip. Verify that your OSX install has Python 2.7.x installed and that your PYTHONPATH points to 2.7.x: python -V python -c “import sys; print sys.path”. The Version column reports the version of the Tanium Client software running on the managed machine. # mysql -version mysql Ver 14.14 Distrib 5.1.73, for redhat-linux-gnu (x8664) using readline can you post a screen shot of the sep client on linux, all this time I was under impression that only sav can be installe on Linux, may the screen.
Tanium™ Core Platform: 7.3 or later: Tanium™ Client: Windows: 7.2.314.3584 or later; Linux, AIX, Solaris: Any supported version of Tanium Client; Any supported version of Tanium Client. For the Tanium Client versions supported for each OS, see Tanium Client Management User Guide: Client version and host system requirements.
Review the requirements before you install and use Map.
Tanium dependencies
In addition to a license for the Map product module, make sure that your environment also meets the following requirements.
| Component | Requirement |
|---|---|
| Tanium™ Core Platform |
|
| Tanium™ Client | For more information about specific Tanium Client versions, see Tanium Client Management User Guide: Client host system requirements. One of the following Tanium Client versions is required, depending on OS:
* = macOS earlier than 10.15.x Catalina If you use a client version that is not listed, certain product features might not be available, or stability issues can occur that can only be resolved by upgrading to one of the listed client versions. |
| Tanium solutions | If you selected Tanium Recommended Installation when you installed Map, the Tanium Server automatically installed all your licensed solutions at the same time. Otherwise, you must manually install the Tanium solutions that Map requires to function, as described under Tanium Console User Guide: Import, re-import, or update specific solutions. Tanium solutions at the following minimum versions are required:
The following Tanium solutions are optional, but Map requires the specified minimum versions to work with them:
|
Tanium™ Module Server
Map is installed and runs as a service on the Module Server host computer. The impact on the Module Server is minimal and depends on usage.
Endpoints
Supported internet protocols
Map is currently only supported with IPv4 networks.
Supported operating systems
The following endpoint operating systems are supported with Map. Map uses the Tanium™ Client Recorder Extension to gather data from endpoints.
| Operating System | Version | Notes |
|---|---|---|
| Windows |
| For Windows 7 endpoints, update to Windows 7 SP2 or later whenever possible. Windows 7 SP1 requires Microsoft Windows Update KB2758857. |
| macOS | Same as Tanium Client support. See Tanium Client Management User Guide: Host system requirements. | |
| Linux |
| The Client Recorder Extension does not support CentOS and Red Hat Enterprise Linux versions 5.3 and earlier. Endpoints require version 5.4 or later of CentOS or Red Hat Enterprise Linux. The Client Recorder Extension provides SELinux policies for the following distributions and versions:
At this time, SELinux is not supported on other Linux distributions. For Linux endpoints:
|
Disk space requirements
The Map database on each endpoint contains a record of the TCP connections from the past 24 hours. The size of this database depends on the number of TCP connections. In most cases, the maximum size of the database is 200 MB.
CPU and memory requirements
The CPU demand on the endpoint averages less than 1%. A minimum of two CPU cores per endpoint is required. The Tanium Client Recorder Extension cannot operate on fewer than 2 CPU cores.
A minimum of 4 GB RAM is recommended on each endpoint device.
Host and network security requirements
Specific processes are needed to run Map.
Ports
The following ports are required for Map communication.
| Source | Destination | Port | Protocol | Purpose |
|---|---|---|---|---|
| 17504 | TCP | Internal purposes; not externally accessible. |
Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.
For Tanium as a Service ports, see Tanium as a Service Deployment Guide: Host and network security requirements.
Security exclusions
If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.
| Target Device | Notes | Exclusion Type | Exclusion |
|---|---|---|---|
| Module Server | Process | <Module Server>servicesmap-servicenode.exe | |
| Process | <Module Server>servicesendpoint-configuration-serviceTaniumEndpointConfigService.exe | ||
| Process | <Module Server>servicesmap-service[email protected]postgresqllibwin32binpostgres.exe | ||
| Process | <Module Server>servicesmap-service[email protected]postgresqllibwin32binpg_ctl.exe | ||
| Windows endpoints | 7.2.x clients | Process | <Tanium Client>Python27TPython.exe |
| 7.4.x clients | Process | <Tanium Client>Python38TPython.exe | |
| 7.4.x clients | Folder | <Tanium Client>Python38 | |
| Process | <Tanium Client>TaniumCX.exe | ||
| macOS endpoints | Process | <Tanium Client>/TaniumCX | |
| Linux endpoints | 7.2.x clients | Process | <Tanium Client>/python27/bin/pybin |
| 7.4.x clients | Process | <Tanium Client>/python38/python | |
| Process | <Tanium Client>/TaniumCX |
| Target Device | Notes | Exclusion Type | Process |
|---|---|---|---|
| Windows endpoints | 7.4.x clients | Process | <Tanium Client>Python38TPython.exe |
| 7.4.x clients | Folder | <Tanium Client>Python38 | |
| Process | <Tanium Client>TaniumCX.exe | ||
| macOS endpoints | Process | <Tanium Client>/TaniumCX | |
| Linux endpoints | 7.4.x clients | Process | <Tanium Client>/python38/python |
| Folder | <Tanium Client>/TaniumCX |
User role requirements
The following tables list the role permissions required to use Map. To review a summary of the predefined roles, see Set up Map users.
For more information about role permissions and associated content sets, see Tanium Console User Guide: Managing RBAC.
| Permission | Map Administrator1,2,3 | Map Operator1,2,3 | Map Read Only User1 | Map Service Account1,2,4 | Map Endpoint Configuration Approver1,2 |
|---|---|---|---|---|---|
Map Access Map workbench | SHOW | SHOW | SHOW | SHOW | |
Map API Perform Map operations using the API | EXECUTE | ||||
Map Application Definition Read and write map application definitions | READ WRITE | READ WRITE | READ | ||
Map Application Configuration Register, use, write endpoint configuration items for Map | SERVICE | ||||
Map Operator Settings Read or write most map settings |
|
| READ | ||
Map Settings Read or write all map settings | READ WRITE | READ WRITE | |||
Adobe acrobat 6.0 professional free download filehippo. Map Endpoint Configuration Approve endpoint configuration items for Map | APPROVE | ||||
1 This role provides module permissions for Tanium Trends. You can view which Trends permissions are granted to this role in the Tanium Console. For more information, see Tanium Trends User Guide: User role requirements. 2 This role provides module permissions for Tanium Endpoint Configuration. You can view which Endpoint Configuration permissions are granted to this role in the Tanium Console. For more information, see Tanium Endpoint Configuration User Guide: User role requirements. 3 This role provides module permissions for Tanium Interact. You can view which Interact permissions are granted to this role in the Tanium Console. For more information, see Tanium Interact User Guide: Tanium Data Service permissions. 4 | |||||
Python Package Index
Tanium Client Extension Coordinator
| Permission | Role Type | Map Administrator 1 | Map Operator 1 | Map Read Only User 1 | Map Service Account 1 | Map Endpoint Configuration Approver 1 |
|---|---|---|---|---|---|---|
| Action Group | Administration | READ WRITE | READ WRITE | READ | ||
| Computer Group | Administration | READ WRITE | READ WRITE | READ | READ WRITE | |
| Action | Platform Content | WRITE | WRITE | WRITE | ||
| Action For Saved Question | Platform Content | WRITE | WRITE | WRITE | ||
| Own Action | Platform Content | READ | READ | READ | ||
| Package | Platform Content | READ WRITE | READ WRITE | READ WRITE | ||
| Plugin | Platform Content | READ EXECUTE | READ EXECUTE | READ EXECUTE | READ EXECUTE | READ EXECUTE |
| Saved Question | Platform Content | READ WRITE | READ WRITE | READ | READ WRITE | |
| Sensor | Platform Content | READ | READ | READ | ||
You can view which content sets are granted to any role in the Tanium Console. | ||||||