Direct Connect overview

Direct Connect provides a communication channel for other Tanium™ modules and a central location for configuring and administeringmonitoring direct endpoint connections across modules, as well as for designating endpoints as satellites.

With Direct Connect, you can configure the connection settings that are shared by Tanium modules for establishing direct endpoint connections. Since Direct Connect uses mutual authentication, both IP addresses and self-signed certificates are supported.

Active endpoint sessions

You can review open and pending endpoint sessions across Tanium modules. Use active endpoint connections to see the active connections on the server. For more information, see Reviewing active endpoint sessions.

Satellite management

Designate specific endpoints to run certain targeted, secure workloads on other endpoints.endpoints that cannot be reached directly from the Module Server. For more information, see Managing satellites.

Integration with other Tanium products

Tanium™ API Gateway

Use API Gateway to access the Direct Connect API. For information about what features are available through the API Gateway, refer to the schema reference in API Gateway: see Tanium API Gateway User Guide: Schema reference.

Tanium™ Comply

Perform scans using satellites, to access unmanaged endpoints or endpoints that the Module ServerTanium Cloud cannot reach directly. Comply 2.11 or later is required to use Direct Connect. For more information, see Comply User Guide: Remote-authenticated scanning.

Tanium™ Connect

Use Direct Connect audit logs as a connection source. Connect 4.12 or later is required to use Direct Connect. For more information, see Exporting an audit log.

Tanium™ Client Management

Client Management uses Direct Connect to access client health information from endpoints. Client Management 1.5 or later is required to use Direct Connect. For more information, see Tanium Client Management User Guide: Access detailed client health and troubleshooting information on an endpoint.

Tanium™ Discover

Perform satellite scans. Discover 4.5 or later is required to perform satellite scans. For more information, see Discover User Guide: Running satellite scans.

Tanium™ Enforce

Enforce encryption management policies use Direct Connect to transfer encryption keys securely from the client to the recovery key database during the encryption process. For more information see Enforce User Guide: Encryption management.

Tanium™ Performance

Use Direct Connect with Performance to view historical process-level data from a single endpoint for analysis and troubleshooting. For more information, see Performance User Guide: Connecting directly to endpoints.

Tanium™ Reveal

Reveal uses Direct Connect to view files on endpoints that match configured rules and patterns. Reveal 1.4 or later is required to use Direct Connect. For more information, see Reveal User Guide: Investigating rule matches and Reveal User Guide: Validating pattern matches.

Tanium™ Threat Response

Threat Response uses Direct Connect to connect to live endpoints and explore data. Threat Response 3.2 or later is required to use Direct Connect 2.1 or later. For more information, see Threat Response User Guide: Connecting to live endpoints and exploring data.