Documentation Home > Tanium Client Deployment Guide

Deployment options summary

The deployment of Tanium™ Client to your enterprise computers and into your standard IT processes has multiple phases. During each phase, there are a number of tools and options. Discuss these options with your technical account manager (TAM).

The following table summarizes our recommendations.

Phase	Recommendations
Pilot	The Tanium Client Deployment Tool (CDT) is a free and simple tool you can use to deploy the Tanium Client to target computers during your pilot deployment. Pilots usually target fewer than 5,000 endpoints. The CDT supports deployment in batches of 250-500 endpoints. The endpoints must be currently joined in an Active Directory domain (Windows only) or currently connected to the network and match an IP address range that you specify (Windows, Linux, and macOS). See Using the Tanium Client Deployment Tool.
Pilot	During your pilot, we recommend you test deployment of the Tanium Client with your organization's standard software package deployment tool, such as AD Group Policy Objects (GPO), System Center Configuration Manager (SCCM), Altiris, LANDESK, Puppet, Casper, and custom scripts. You can use the Tanium CDT to prepare .exe, .msi, .iso, .rpm, .deb, and .pkg installation package files for these standard methods. See: Deploying the Tanium Client to Windows endpoints Deploying the Tanium Client to Mac endpoints Deploying the Tanium Client to Linux endpoints Deploying the Tanium Client to Solaris endpoints Deploying the Tanium Client to AIX endpoints
Initial deployment	After the pilot, an intial deployment into your enterprise might target 500,000 endpoints or more, and the deployment might reach across datacenter, headquarter, and branch locations. We recommend you use the standard software distribution methods your IT organization and end users are already familiar with for the intial rollout.
Initial deployment	If your organization does not have an existing software package distribution solution, you can use the Tanium CDT. The CDT supports deployment in batches of 250-500 endpoints.
Onboarding new computers	Plan to integrate Tanium Client installation into your standard new computer build processes, such as Microsoft Deployment Toolkit task sequences. You can install Tanium Client within the reference OS images used to provision new computers and VDI instances. When the new computer boots for the first time, the Tanium Client is started, and it attempts to register with the Tanium Server. See Preparing the Tanium Client on OS images.
Ongoing hygiene	After the initial rollout, you want to put policies and procedures in place to enforce use of Tanium Client on the endpoints in your enterprise network. Many organizations have used Active Directory computer startup scripts to ensure Tanium Client is installed and the Tanium Client service is started. Contact your TAM for details.
Ongoing hygiene	Use Tanium Discover to scan for previously unmanaged and even previously unknown endpoints. See the Tanium Discover User Guide for details.

Last updated: 4/25/2018 8:19 AM | Feedback