Documentation Home > Tanium Map User Guide

Map requirements

Review the requirements before you install and use Map.

Tanium dependencies

In addition to a license for the Map product module, make sure that your environment also meets the following requirements.

Component	Requirement
Platform	7.2.314.2831 or later 7.3.314.3420 or later
Tanium™ Client	For more information about specific Tanium Client versions, see Tanium Client Deployment Guide: Client host system requirements. For best results, the following Tanium Client versions are suggested: 7.2.314.3211 (Linux, MacOS, Windows) 7.2.314.3476 (Linux, MacOS, Windows) 7.2.314.3518 (Linux, MacOS, Windows) 7.2.314.3584 (Linux, MacOS, Windows)

Component

Requirement

Platform

7.2.314.2831 or later
7.3.314.3420 or later

Tanium™ Client

For more information about specific Tanium Client versions, see Tanium Client Deployment Guide: Client host system requirements.

For best results, the following Tanium Client versions are suggested:

7.2.314.3211 (Linux, MacOS, Windows)
7.2.314.3476 (Linux, MacOS, Windows)
7.2.314.3518 (Linux, MacOS, Windows)
7.2.314.3584 (Linux, MacOS, Windows)

Tanium™ Module Server

Map is installed and runs as a service on the Module Server host computer. The impact on the Module Server is minimal and depends on usage.

Endpoints

Map content is supported on Windows, Mac, and Linux endpoints.

Map uses the Tanium™ Client Recorder Extension to gather data from endpoints. The recorder and engine are supported on the same Linux and Mac endpoints as the Tanium Client. For Windows endpoints, a minimum of Windows 7 or Windows Server 2008 R2 is required. Windows XP and Windows Server 2003 are not supported.

Up to 1 GB of free disk space might be required for the Map database.

For Linux endpoints:

Install the most recent stable version of the audit daemon and audispd-plugins. See the specific operating system documentation for instructions.
Be aware that when using immutable "-e 2" mode, the Linux recorder adds Tanium audit rules in front of the immutable flag. When using the -e 2 flag on Linux, the endpoint must be restarted after the recorder is enabled.

Host and network security requirements

Specific processes are needed to run Map on the Tanium Module Server and endpoints.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.

Table 1: Map security exclusions
Target Device	Process
Module Server	<Tanium Module Server>\services\map-service\node.exe
Endpoints (all OS)	<Tanium Client>\Python27\TPython.exe
Endpoints (Linux)	<Tanium Client>/Tools/Trace/recorder
Endpoints (macOS)	<Tanium Client>/Tools/Trace/TaniumRecorder

User role requirements

Table 2: Map user role permissions
Privilege	Map Administrator	Map User	Map Read Only User
Map Module Read Read access to the Map module, including viewing maps and application definitions
Map Module Write Write access to the Map module, including the creation and editing of maps and application definitions
Map Settings Write Write access to global settings in the Map module
Map Application Read Read access to application definition	¹	¹	¹
Map Application Write Write access to application definition	¹	¹
Map Map Read Read access to maps and map definitions	¹	¹	¹
Map Map Write Write access to maps and map definitions	¹	¹
¹ Denotes a provided permission.

Last updated: 10/29/2019 3:12 PM | Feedback