Direct Connect overview
Direct Connect provides a communication channel for other Tanium™ modules and a central location for
With Direct Connect, you can configure the connection settings that are shared by Tanium modules for establishing direct endpoint connections. Since Direct Connect uses mutual authentication, both IP addresses and self-signed certificates are supported.
You can review open and pending endpoint sessions across Tanium modules. Use active endpoint connections to see the active connections on the server. For more information, see Reviewing active endpoint sessions.
Designate specific endpoints to run certain targeted, secure workloads on other
Perform scans using satellites, to access unmanaged endpoints or endpoints that
Tanium™ Client Management
Client Management uses Direct Connect to access client health information from endpoints. For more information, see Tanium Client Management User Guide: Monitoring client health in the Client Management service.
Perform satellite scans. For more information, see Discover User Guide: Running satellite scans.
Enforce encryption management policies use Direct Connect to transfer encryption keys securely from the client to the recovery key database during the encryption process. For more information see Enforce User Guide: Encryption management.
Use Direct Connect with Performance to view historical process-level data from a single endpoint for analysis and troubleshooting. For more information, see Performance User Guide: Connecting directly to endpoints.
Reveal uses Direct Connect to view files on endpoints that match configured rules and patterns. For more information, see Reveal User Guide: Investigating rule matches and Reveal User Guide: Validating pattern matches.
Tanium™ Threat Response
Threat Response uses Direct Connect to connect to live endpoints and explore data. For more information, see Threat Response User Guide: Connecting to live endpoints and exploring data.
Last updated: 10/26/2021 10:32 AM | Feedback