Direct Connect overview

Direct Connect provides a communication channel for other Tanium™ modules and a central location for configuring and administeringmonitoring direct endpoint connections across modules.

With Direct Connect, you can configure the connection settings that are shared by Tanium modules for establishing direct endpoint connections. Since Direct Connect uses mutual authentication, both IP addresses and self-signed certificates are supported.

Active endpoint sessions

You can review open and pending endpoint sessions across Tanium modules. Use active endpoint connections to see the active connections on the server. For more information, see Reviewing active endpoint sessions.

Integration with other Tanium products

Tanium™ Client Management

Client Management uses Direct Connect to access client health information from endpoints. For more information, see Tanium Client Management User Guide: Monitoring client health in the Client Management service.

Tanium™ Enforce

Enforce encryption management policies use Direct Connect to transfer encryption keys securely from the client to the recovery key database during the encryption process. For more information see Enforce User Guide: Encryption management.

Tanium™ Performance

Use Direct Connect with Performance to view historical process-level data from a single endpoint for analysis and troubleshooting. For more information, see Performance User Guide: Connecting directly to endpoints.

Tanium™ Protect

Protect encryption management policies use Direct Connect to securely retrieve encryption keys from the endpoint. For more information see Protect User Guide: Encryption management.

Tanium™ Reveal

Reveal uses Direct Connect to view files on endpoints that match configured rules and patterns. For more information, see Reveal User Guide: Investigating rule matches and Reveal User Guide: Validating pattern matches.

Tanium™ Threat Response

Threat Response uses Direct Connect to connect to live endpoints and explore data. For more information, see Threat Response User Guide: Connecting to live endpoints and exploring data.