Taniumâ„¢ Client Deployment Guide

PDF
  • All Files
Documentation Home > Tanium Client Deployment Guide

AIX links

Deploying the Tanium Client to AIX endpoints

On AIX endpoints, the Tanium Client is installed as a system service. The default installation directory for Tanium Client files is /opt/Tanium/TaniumClient. You can use the Tanium Client Deployment Tool (CDT) to download the latest Tanium Client package file.

Before you begin

  • The installation process does not modify any host-based firewall that might be in use. Your network security team must ensure host and network firewalls are configured to allow inbound and outbound TCP traffic on port 17472.
  • Endpoints running AIX 6.1 or 7.1 must have the xlC.rte bundle installed. Tanium Client 6.0 requires xlC.rte 12.1.0.1 or later, and Tanium Client 7.2 requires xlC.rte 13.1.3.1 or later. To determine the version of the currently installed package, access the operating system CLI on the endpoint and run lslpp -l xlC\*. If the bundle is already installed, skip to Install the Tanium Client. Otherwise, perform the steps under Install xlC.rte.

Install xlC.rte

Perform the following steps on each endpoint that runs AIX 6.1 or 7.1 but does not have the required xlC.rte runtime bundle installed:

  1. Obtain the appropriate xlC.rte bundle for your system from IBM Fix Central.
  2. Upload the xlC.rte bundle to your endpoint.
  3. Extract, unzip, or untar the bundle to the /usr/sys/inst.images directory.
  4. Run the following command to install the bundle:

    sudo installp -aXYgd /usr/sys/inst.images -e /tmp/install.log all

  5. Review the installation log /tmp/install.log for any errors.

Install the Tanium Client

  1. Open the Tanium CDT and select Client > Check for Updates to download the latest set of Tanium Client installers. For details, see Check for Tanium Client updates.
  2. Go to the <CDT_installation_directory>\Tanium Client Deployment Tool\clients folder and copy the Tanium Client installer file (TaniumClient.<client_version>-<AIX_version>-powerpc.pkg) to a temporary location.
  3. Log into the target computer.
  4. Copy the package to a temporary location on the target computer.
  5. Execute the following command to install the package and generate a default configuration file.

    sudo installp -agqXYd ./TaniumClient.<client_version>-<AIX_version>-powerpc.pkg TaniumClient

  6. Configure basic Tanium Client settings (for details, see Tanium Client settings).
    ServerName Tanium Server FQDN or IP address.
    LogVerbosityLevel

    The following decimal values are best practices for specific use cases:

    • 0: Disable logging. This is the best practice value for clients installed on sensitive endpoints or virtual desktop infrastructure (VDI) endpoints.
    • 1: This is the best practice value during normal operation.
    • 41: This is the best practice value during troubleshooting.
    • 91 or higher: Enable the most detailed log levels for short periods of time only.
    ResolverThe default hostname resolver for Tanium is getent. Because AIX generally does not have the getent command, add the Resolver=nslookup setting.

    The steps to configure the settings depend on the Tanium Client version:

    • Tanium Client 6.0: Edit the /opt/Tanium/TaniumClient/TaniumClient.ini file. The following is an example of the file contents:

      • Resolver=nslookup
      Version=6.0.314.1437
      ServerName=ts1.example.com
      ServerPort=17472
      LogVerbosityLevel=1

    • Tanium Client 7.2: Issue the following CLI commands (for details, see Non-Windows). Version 7.2 does not require TaniumClient.ini.

      cmd-prompt> sudo ./TaniumClient config set ServerNameList ts1.example.com,ts2.example.com
      cmd-prompt> sudo ./TaniumClient config set LogVerbosityLevel 1
      cmd-prompt> sudo ./TaniumClient config set resolver nslookup

  7. Copy the tanium.pub file from the Tanium Server installation directory to the /opt/Tanium/TaniumClient folder on the target computer.
  8. Start the Tanium Client service:

    For Tanium Client 6.0

    /etc/rc.d/init.d/TaniumClient start

    For Tanium Client 7.2

    startsrc -s taniumclient

If you encounter issues when deploying the Tanium Client, examine the CDT debug logs (see Client Deployment Tool logs) and Tanium Client installation log (see Tanium Client installation log).

Manage the Tanium Client service on AIX

Manage the Tanium Client 6.0 service on AIX

The legacy rc.d start/stop scripts control the Tanium Client 6.0 service on AIX. You cannot use the startsrc command to control the Tanium Client.

To start the Tanium Client service:

/etc/rc.d/init.d/TaniumClient start

To stop the Tanium Client service:

/etc/rc.d/init.d/TaniumClient stop

Manage the Tanium Client 7.2 service on AIX

Tanium Client 7.2 on AIX uses the IBM AIX System Resource Controller (SRC) to manage the client service.

To start the Tanium Client service:

startsrc -s taniumclient

To stop the Tanium Client service:

stopsrc -s taniumclient

To verify that the Tanium Client service is available:

lssrc -s taniumclient

Uninstall the Tanium Client on AIX

To uninstall the Tanium Client on AIX:

installp -u TaniumClient

Last updated: 8/2/2019 3:52 PM | Feedback