Tanium™ Appliance overview

This guide describes how to deploy Tanium Appliances with Tanium Core Platform roles and how to use the Tanium operating system (TanOS) menus.

For information about physical appliance support and the support lifecycle of TanOS, see Support for Tanium Appliances.

Tanium Appliance types

There are three Tanium Appliance options for deploying the Tanium Core Platform:

  • physical Tanium Appliance
  • virtual Tanium Appliance
  • cloud-based Tanium Appliance

The Tanium Appliance is designed for the low-latency and high-throughput needs of the Tanium Core Platform. The Tanium Appliance runs a tuned, hardened Linux-based operating system (OS). Deploying a Tanium Appliance provides the following advantages:

  • Built and tested with specified hardware components that are proven to support the indicated deployment sizes.
  • Easy-to-use TanOS menus to quickly configure and deploy Tanium Core Platform roles.
  • Eliminates challenges or side-effects of OS patch deployments. Tanium tests updates to the OS and provides RPM updates that are simple to install.
  • Eliminates adverse interactions with third-party tools or drivers.
  • Eliminates issues when provisioning service accounts needed by Tanium Core Platform components and solution modules.
  • Eliminates difficulty troubleshooting across components that were designed by multiple vendors. Tanium is the single point of contact for hardware (physical Tanium Appliance), OS, and application support.
  • Reduces additional licensing costs for OS and database products. TanOS is based on a Linux OS and the Tanium Server role is integrated with a limited access database.
  • Saves time. A controlled and consistent Tanium platform environment means high reliability. Your teams can focus on Tanium use cases instead of OS and hardware issues.
Tanium prohibits installation of third-party software on Tanium Appliances to preserve the security, supportability, and performance of the appliance.

Download the Tanium Infrastructure product brief for an overview of Tanium Appliance offerings.

Appliance roles

You can deploy a Tanium Appliance in any of the following Tanium Core Platform roles:

Tanium™ Server

The core server that communicates with clients. The Tanium Server also runs the UI console and API services and communicates with all other platform and solution components, as well as the content.tanium.com servers that host Tanium content packs and Tanium solutions. The Tanium Server depends on a database server that is installed when the Tanium Server role is installed.

Tanium™ Module Server

A dedicated server to run application services and store files for Tanium solution modules. It is installed on a separate Tanium Appliance to prevent intentional or accidental scripts from having a direct impact on the Tanium Server.

Tanium™ Zone Server

A server typically deployed in an enterprise DMZ network or another separate network with limited access to proxy traffic between Tanium™ Clients that reside there and a Tanium Server that resides on the trusted core network.

All-in-One

A Tanium Server, Tanium Module Server, and database server on the same appliance. You can optionally use separate Zone Servers with an All-in-One Tanium Appliance, but you cannot use additional Tanium Servers or Module Servers. Use Tanium Appliances configured with the All-in-One role only for evaluation purposes. Tanium does not support All-in-One deployments in production environments.

Topology

In an enterprise production deployment, the Tanium Server and Tanium Module Server reside on separate Tanium Appliances.

Enterprise production or enterprise lab deployment

TanOS menus

TanOS includes a menu interface to guide you through installation, configuration, and maintenance tasks.

For a reference of TanOS menus, see Reference: TanOS menu map. Entries are linked to associated topics elsewhere in this guide.