Installing Direct Connect
Tanium as a Service automatically handles module installations and upgrades.
For information about configuring Direct Connect for Tanium as a Service (TaaS), see Configuring Direct Connect.
Use the Solutions page to install Direct Connect and choose either automatic or manual configuration:
- Automatic configuration with default settings (Tanium Core Platform 7.4.2 or later only): Direct Connect is installed with any required dependencies and other selected products. After installation, the Tanium Server automatically configures the recommended default settings. This option is the best practice for most deployments. For details about the automatic configuration for Direct Connect, see Import Direct Connect with default settings.
- Manual configuration with custom settings: After installing Direct Connect, you must manually configure required settings. Select this option only if Direct Connect requires settings that differ from the recommended default settings. For more information, see Import Direct Connect with custom settings.
Use the Automatic configuration with default settings option.
- Read the Release Notes.
- Review the Direct Connect requirements.
- If you are upgrading from a previous version, see Upgrade Direct Connect.
- Assign the correct roles to users for Direct Connect . Review the User role requirements.
- To import the Direct Connect solution, you must be assigned the Administrator reserved role or a role that has the Import Signed Content permission.
- To configure the Direct Connect action group, you must be assigned the Administrator reserved role, Content Administrator reserved role, or a role that has the Action Group write permission.
- Determine if some endpoints connect to the Module Server through a Tanium™ Zone Server. To enable connections to endpoints through a Zone Server, you must configure a zone proxy after you import Direct Connect. For more information, see Configure zone proxies.
When you import Direct Connect with automatic configuration, the following default settings are configured:
The following default setting is configured:
The service account is set to the account that you used to import the module.
Configuring a unique service account for each Tanium solution is an extra security measure to consider in consultation with the security team of your organization. See Configure service account.
|Fully Qualified Domain Name for the module server||
The Fully Qualified Domain Name setting in the Endpoint Connection settings is set to the first-detected IPv4 address that is closest to the Tanium Server IP address. (This is often the IP address of the module server.)
The IP address or FQDN that is specified for this setting must resolve to the Module Server from all endpoints in all direct endpoint connections. After the initial installation and configuration completes, you can verify this value on the Endpoint Connection tab in the Direct Connect settings and update it if needed.
To import Direct Connect and configure default settings, see Tanium Console User Guide: Import all modules and services. After the import, verify that the correct version is installed: see Verify Direct Connect version.
To import Direct Connect without automatically configuring default settings, be sure to clear the Apply All Tanium recommended configurations check box while performing the steps in Tanium Console User Guide: Import, re-import, or update specific solutions. After the import, verify that the correct version is installed: see Verify Direct Connect version.
To configure the service account, see Configure service account.
To configure the Direct Connect action group, see Configure the Direct Connect action group.
To configure Endpoint Connection settings, see Configure Endpoint Connection settings.
To configure connection certificates, see Configure certificates.
When you start the Direct Connect workbench for the first time, the Tanium console ensures that all of the required dependencies for Direct Connect are installed at the required version. You must install all required Tanium dependencies before the Direct Connect workbench can load. A banner appears if one or more Tanium dependencies are not installed in the environment. The Tanium Console lists the required Tanium dependencies and the required versions.
- From the Main menu, go to Administration > Configuration > Solutions.
- Select the required solutions, click Import Selected, and then click Begin Import. When the import is complete, you are returned to the Tanium Solutions page.
- From the Main menu, go to Administration > Shared Services > Direct Connect to open the Direct Connect Overview page after you import all of the required Tanium dependencies.
For the steps to upgrade Direct Connect, see Tanium Console User Guide: Import, re-import, or update specific solutions. After the upgrade, verify that the correct version is installed: see Verify Direct Connect version.
For the steps to upgrade a Direct Connect Zone Proxy, see Install or upgrade the Direct Connect Zone Proxy.
After you import or upgrade Direct Connect , verify that the correct version is installed:
- Refresh your browser.
- From the Main menu, go to Administration > Shared Services > Direct Connect to open the Direct Connect Overview page.
- To display version information, click Info .
Last updated: 9/21/2021 10:54 AM | Feedback