Tanium Cloud automatically handles module installations and upgrades.
For information about configuring Enforce for Tanium Cloud, see Configuring Enforce.
Use the Solutions page to install Enforce and choose either automatic or manual configuration:
- Automatic configuration with default settings: (supported on Tanium Core Platform 7.4.2 or later only) Enforce is installed with any required dependencies and other selected products. After installation, the Tanium Server automatically configures the recommended default settings. This option is the best practice for most deployments. For more information about the automatic configuration for Enforce, see Import Enforce with default settings.
- Manual configuration with custom settings: After installing Enforce, you must manually configure required settings. Select this option only if Enforce requires settings that differ from the recommended default settings. For more information, see Import Enforce with custom settings.
Before you begin
- Read the release notes.
- Review the Enforce requirements.
- If you are upgrading from a previous version, see Upgrade Enforce.
- Assign the correct roles to users for Enforce. Review the User role requirements.
- To import the Enforce solution, you must be assigned the Administrator reserved role.
- To configure the Enforce action group, you must be assigned the Administrator reserved role, Content Administrator reserved role, or a role that has the Write Action Group permission.
Import Enforce with default settings
When you import Enforce with automatic configuration, the following default settings are configured:
The following default settings are configured:
|Computer groups||The Enforce tools group is set to All Computers.|
To import Enforce and configure default settings, see Tanium Console User Guide: Import all modules and services. After the import, verify that the correct version is installed: see Verify Enforce version.
Import Enforce with custom settings
To import Enforce without automatically configuring default settings, be sure to clear the Apply All Tanium recommended configurations checkbox while performing the steps in Tanium Console User Guide: Import, re-import, or update specific solutions. After the import, verify that the correct version is installed: see Verify Enforce version.
(Re-imports only) Do not use Enforce until the re-import process finishes. Otherwise, you might lose work still in progress.
To configure the Enforce action group, see (Optional) Configure Enforce action group.
Manage solution dependencies
When you start the Enforce workbench for the first time, the Tanium Server checks whether all the Tanium modules and shared services (solutions) that are required for Enforce are installed at the required versions. The Enforce workbench cannot load unless all required dependencies are installed. If you selected Tanium Recommended Installation when you imported Enforce, the Tanium Server automatically imported all your licensed solutions at the same time. Otherwise, if you manually imported Enforce and did not import all its dependencies, the Tanium Console displays a banner that lists the dependencies and the required versions. See Solution dependencies.
Perform the following steps if a banner indicates any Enforce dependencies are not installed:
- Install the dependencies as described in Tanium Console User Guide: Import, re-import, or update specific solutions.
- From the Main menu, go to Modules > Enforce to open the Enforce Overview page and verify that the Console no longer displays a banner to list missing dependencies.
For the steps to upgrade Enforce, see Tanium Console User Guide: Import, re-import, or update specific solutions. After the upgrade, verify that the correct version is installed: see Verify Enforce version.
Upgrade to Enforce 1.11 or later
In Enforce 1.11 (and later), the steps required to configure the service account are no longer necessary due to the adoption of the System User Service, which performs these tasks automatically. Additionally, the Enforce database is migrated to RDB in this release. As a result, after upgrading, it might take time for the database migration to complete and for RBAC privileges and other updates to synchronize properly. This could lead to issues and error messages when you first query the Tanium Console. These issues should resolve on their own after a few minutes, but could take longer depending on system resources and the amount of data to migrate.
Upgrade from a version earlier than 2.0.x to version 2.0.x or later
If your existing installation is a version earlier than 2.0.x, you must upgrade to version 2.2.254 or later so that the required migrations are in place.
Verify Enforce version
After you import or upgrade Enforce, verify that the correct version is installed:
- Refresh your browser.
- From the Main menu, go to Modules > Enforce to open the Enforce Overview page.
- To display version information, click Info .
Last updated: 5/30/2023 2:06 PM | Feedback