Feed requirements
Review the requirements before you
Core platform dependencies
Make sure that your environment meets the following requirements:
- Tanium™ Core Platform servers: 7.5.5.1140 or later
- Tanium™ Client: No client requirements
Solution dependencies
Other Tanium solutions are required for Feed to function (required dependencies) or for specific Feed features to work (feature-specific dependencies). The installation method that you select determines if the Tanium Server automatically imports dependencies or if you must manually import them.
Some Feed dependencies have their own dependencies, which you can see by clicking the links in the lists of Required dependencies and Feed requirements. Note that the links open the user guides for the latest version of each solution, not necessarily the minimum version that Feed requires.
Tanium recommended installation
If you select Tanium Recommended Installation when you import Feed, the Tanium Server automatically imports all your licensed solutions at the same time. See Tanium Console User Guide: Import all modules and services.
Import specific solutions
If you select only Feed to import and are using Tanium Core Platform 7.5.2.3531 with Tanium Console 3.0.72 or later, the Tanium Server automatically imports the latest available versions of any required dependencies that are missing. If some required dependencies are already imported but their versions are earlier than the minimum required for Feed, the server automatically updates those dependencies to the latest available versions.
Required dependencies
Feed has the following required dependencies at the specified minimum versions:
- Tanium™ RDB Service 1.0.172 or later
- Tanium™ System User Service 1.0.40 or later
Tanium™ Module Server
Feed is installed and runs as a service on the Module Server host computer. The impact on the Module Server is minimal and depends on usage.
For information about Module Server sizing in a Windows deployment, see Tanium Core Platform Deployment Guide for Windows: Host system sizing guidelines.
Endpoints
Feed does not deploy packages to endpoints. For Tanium Client operating system support, see Tanium Client Management User Guide: Client version and host system requirements.
Host and network security requirements
Specific ports and processes are needed to run Feed.
Ports
The following ports are required for Feed communication.
| Source | Destination | Port | Protocol | Purpose |
|---|---|---|---|---|
|
|
Tanium Server | 17422 | TCP | Proxy for requests from the Tanium Server |
No additional ports are required.
Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.
For Tanium Cloud ports, see Tanium Cloud Deployment Guide: Host and network security requirements.
Security exclusions
If security software is in use in the environment to monitor and block unknown host system processes, Tanium recommends that a security administrator create exclusions to allow the Tanium processes to run without interference. The configuration of these exclusions varies depending on AV software. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.
| Target Device | Notes | Exclusion Type | Exclusion |
|---|---|---|---|
| Module Server | Process | <Module Server>\services\feed-service\TaniumFeedService.exe |
No additional process exclusions are required.
User role requirements
The following tables list the role permissions required to use Feed. To review a summary of the predefined roles, see Set up Feed users.
To access notifications in the Tanium Console, users must have either the Feed Show permission or the Interact Show permission. On installation, Feed modifies the Interact Show permission to include access to read and acknowledge notifications. As such, users who already have the Interact Show permission can access notifications after installing Feed. As part of the modification, the Interact Show permission appears under Feed in the role configuration page. If you uninstall Feed, the Interact Show permission is removed from all roles. You must then reinstall Interact to restore the original Interact Show permission to roles that previously had the permission. For information about the Interact Show permission, see Tanium Interact User Guide: Interact module permissions.
Do not assign the Feed Service Account and Feed Service Account - All Content Sets roles to users. These roles are for internal purposes only.
For more information about role permissions and associated content sets, see Tanium Console User Guide: Managing RBAC.
| Permission | Feed User | Feed Operator |
|---|---|---|
|
Feed SHOW: View Feed in the Tanium Console |
SHOW |
OPERATOR SHOW |
|
Feed Message Read and acknowledge Feed notifications |
ACKNOWLEDGE1 READ1 |
ACKNOWLEDGE READ |
|
1 Grants access to content in the Feed content set. |
||
| Permission | Feed User | Feed Operator |
|---|---|---|
| Plugin |
READ EXECUTE |
|
|
To view which content set permissions are granted to a role, see Tanium Console User Guide: View effective role permissions. |
||
Last updated: 3/10/2023 9:26 AM | Feedback