Direct Connect overview
Direct Connect provides a communication channel for other Tanium™ solutions and a central location for
With Direct Connect, you can configure the connection settings that are shared by Tanium solutions for establishing direct endpoint connections. Since Direct Connect uses mutual authentication, both IP addresses and self-signed certificates are supported.
Active endpoint sessions
You can review open and pending endpoint sessions across Tanium solutions. Use active endpoint connections to see the active connections on the server. For more information, see Reviewing active endpoint sessions.
If you have a license, you can use screen sharing capabilities to connect to endpoints for troubleshooting purposes. For more information, see Opening screen sharing sessions.
Designate specific endpoints to run certain targeted, secure workloads on other
Interoperability with other Tanium products
Tanium™ API Gateway
Use API Gateway to access the Direct Connect API. For information about what features are available through the API Gateway, refer to the schema reference in API Gateway: see Tanium API Gateway User Guide: Schema reference.
Perform scans using satellites, to access unmanaged endpoints or endpoints that
Use Direct Connect audit logs as a connection source. Connect 4.12 or later is required to use Direct Connect. For more information, see Exporting an audit log.
Tanium™ Client Management
Client Management uses Direct Connect to access client health information from endpoints. Client Management 1.5 or later is required to use Direct Connect. For more information, see Tanium Client Management User Guide: Access detailed client health and troubleshooting information on an endpoint.
Perform satellite scans. Discover 4.5 or later is required to perform satellite scans. For more information, see Discover User Guide: Running satellite scans.
Enforce encryption management policies use Direct Connect to transfer encryption keys securely from the client to the recovery key database during the encryption process. For more information see Enforce User Guide: Encryption management.
Use Direct Connect with Performance to view historical process-level data from a single endpoint for analysis and troubleshooting. For more information, see Performance User Guide: Connecting directly to endpoints.
Provision uses Direct Connect satellites to create Preboot eXecution Environment (PXE) endpoints and set up offline domain join for newly-provisioned Windows endpoints. For more information, see Provision User Guide: Deploy the Tanium PXE service and Provision User Guide: Create an ODJ endpoint.
Reveal uses Direct Connect to view files on endpoints that match configured rules and patterns. Reveal 1.4 or later is required to use Direct Connect. For more information, see Reveal User Guide: Investigating rule matches and Reveal User Guide: Validating pattern matches.
Tanium™ Threat Response
Threat Response uses Direct Connect to connect to live endpoints and explore data. Threat Response 3.2 or later is required to use Direct Connect 2.1 or later. For more information, see Threat Response User Guide: Connecting to live endpoints and exploring data.
Last updated: 5/30/2023 4:29 PM | Feedback