Deploy is a software management module that you can use to rapidly install, update, and remove software across large organizations with minimal infrastructure requirements. You can create deployments to run during a maintenance window that is convenient for your IT operations.
You can deploy applications or a group of applications to a flexible set of targets, including computer groups, user groups, departments, locations, individual computers, and individual users. You can also update existing software installation to the latest available versions, and create custom packages to install, update, and remove applications.
A Tanium Deploy software package is a combination of source files, metadata, detection logic, and actions that are used to detect, install, update, and remove software from Tanium managed devices.
Each software package contains the following elements:
Package Files (install/source files)
The files needed to silently install an application on a managed device. This includes, but is not limited to, msi/exe installer, resource files/folders, configuration files, custom scripts, custom registry files, license keys.
The vendor, name, version, and operating system of the software package. This information is derived automatically from source files, when available.
The minimum requirements for this software package to run on the endpoint: minimum operating system and version, minimum disk space, and minimum RAM for the system.
The list of detection rules that are associated with prerequisite software packages. Each prerequisite software package has one or more rules associated with it.
The list of detection rules that are associated with previous versions of this software package. This list determines what previous software installations can be updated by this package.
Each software package has a number of supported operations. Each package has an installation and uninstallation operation type, and has the ability to add named custom operations to the software package.
The list of detection rules to determine whether the package installation was complete/successful.
A Tanium Deploy software bundle is a list of Deploy software packages that can be deployed and executed in an ordered sequence. Software bundles are used to deploy a list of packages that are used by specific departments or user types.
For more information, see Managing packages and bundles.
The Tanium Deploy packages gallery is a collection of software packages that you can use to distribute software package templates. These templates include all of the required information for you to import and deploy third-party software.
The supported applications for Windows include:
- 7-Zip (32/64-bit) - latest version
- Adobe Acrobat DC (Update only) - latest version
- Adobe Acrobat Reader DC - latest version
- Adobe AIR - latest version
- Adobe Digital Editions - latest version
- Adobe Flash Player (ActiveX/NPAPI/PPAPI) - latest version
- Adobe Shockwave EOL (Remove only)
- Box Drive (32/64-bit) - latest version
- code4ward GmbH Royal TS - latest version
- DB Browser for SQLite (32/64-bit) - latest version
- Dropbox - latest version
- FileZilla (32/64-bit) - latest version
- Google Android Studio - latest version
- Google Chrome Enterprise (32/64-bit) - latest version
- Google Drive File Stream - latest version
- Microsoft Power BI Desktop (32/64-bit) - latest version
- Microsoft Silverlight (32/64-bit) - latest version
- Microsoft Skype Desktop Client (32-bit) - latest version
- Microsoft Visual Studio Code (32/64-bit) - latest version
- Microsoft Windows 10 Upgrade (32/64-bit) - 1803, 1809, 1903, 1909, 2004
- Mozilla Firefox (32/64-bit) - latest version
- Mozilla Firefox ESR (32/64-bit) - latest version
- NodeJS Current (32/64-bit) - latest version
- NodeJS LTS (32/64-bit) - latest version
- Notepad++ (32/64-bit) - latest version
- Oracle Java 8 Runtime (32/64-bit) - latest version
- Oracle MySQL Community - latest version
- PuTTY (32/64-bit) - latest version
- VideoLAN VLC Media Player (32/64-bit) - latest version
- VMware Workstation Player (Update and Remove only) - latest version
- Wireshark (32/64-bit) - latest version
- Zoom - latest version
- Zoom Outlook Plugin - latest version
The following Audit only software package templates are used for auditing and reporting purposes. No source files or commands are distributed for these packages, but there is logic to determine if the software is installed or out of date.
- Adobe After Effects CC - latest version
- Adobe Animate CC - latest version
- Adobe Audition CC - latest version
- Adobe Dreamweaver CC - latest version
- Adobe Illustrator CC - latest version
- Adobe InDesign CC - latest version
- Adobe Photoshop CC - latest version
- Adobe Prelude CC - latest version
- Adobe Premiere Pro CC - latest version
For more information, see Managing the packages gallery.
You can configure how often applicability scans run for the software packages that are in the Deploy software package catalog, and how frequently the applicability status cache is updated.
Applicability scans evaluate endpoints against the required operating system, minimum disk space, memory, and requirements. Each software package is evaluated on a routine basis to determine if a Tanium managed device is eligible to install, is eligible for update, installed, or has failed requirements.
The count of systems where the software is not installed and system requirements are met.
The count of systems where one or more of the previous versions of the application are detected, and the software package can update those systems.
The count of systems where the software package is already installed.
The count of systems where one or more of the previous versions of the application are detected, but the system requirements are not met.
The count of systems where the system requirements or prerequisites are not met.
A deployment is a one-time or recurring action to install, update, or remove applications on targeted endpoints. For more information, see Deploying packages and bundles.
Maintenance windows designate the permitted times that the targeted computer groups are open for deployments to run. You can have multiple maintenance windows, even with overlapping times. Maintenance windows do not interfere with each other. For a deployment to take effect, the deployment and maintenance window times must be met. For more information, see Managing maintenance windows.
With the Self Service Client application, you can publish software to Windows endpoints so that users can install software on their own without the need for IT to install for them. Deploy self service profiles and the Self Service Client application are used in conjunction with End-User Notification profiles in Tanium™ End-User Notifications 1.5 or later. For more information, see Using the Self Service Client application.
Deploy integrates with other Tanium products to provide additional features and reporting.
Deploy uses Tanium End-User Notifications to notify users about deployments to Windows endpoints, and to configure End-User Self Service capabilities. You can create a message with your deployment to notify the user that the system is about to begin a deployment, has completed a deployment, and if postponements are enabled, to give the user the option to postpone the deployment or restart now. For more information, see Windows endpoint restarts.
Deploy has built in integration with Tanium™ Trends to provide data visualization. The Deploy board displays metrics related to software deployment, including machines running Deploy and gallery packages that are installed. The following panels are in the Deploy board:
- Endpoints Running Deploy
- Endpoints Running Deploy - Online Only
- Top 25 Gallery Packages Installed
- Top 25 Gallery Package Updates Needed
For more information about how to import the Trends board that is provided by Deploy, see Tanium Trends User Guide: Importing the initial gallery.
This documentation may provide access to or information about content, products (including hardware and software), and services provided by third parties (“Third Party Items”). With respect to such Third Party Items, Tanium Inc. and its affiliates (i) are not responsible for such items, and expressly disclaim all warranties and liability of any kind related to such Third Party Items and (ii) will not be responsible for any loss, costs, or damages incurred due to your access to or use of such Third Party Items unless expressly set forth otherwise in an applicable agreement between you and Tanium.
Further, this documentation does not require or contemplate the use of or combination with Tanium products with any particular Third Party Items and neither Tanium nor its affiliates shall have any responsibility for any infringement of intellectual property rights caused by any such combination. You, and not Tanium, are responsible for determining that any combination of Third Party Items with Tanium products is appropriate and will not cause infringement of any third party intellectual property rights.
Tanium is committed to the highest accessibility standards to make interaction with Tanium software more intuitive and to accelerate the time to success. For more information, see Tanium Product Accessibility.
Last updated: 8/26/2020 12:05 PM | Feedback