Map requirements

Review the requirements before you install and use Map.

Tanium dependencies

In addition to a license for the Map product module, make sure that your environment also meets the following requirements.

Component	Requirement
Tanium™ Core Platform	7.3.314.4250nn or later 7.4.1.1939 or later
Tanium™ Client	For more information about specific Tanium Client versions, see Tanium Client Deployment Guide: Client host system requirements. For Map on Tanium™ as a Service, use Tanium Client 7.4.1.1955 or later. One of the following 7.2 Tanium Client versions is required as a minimum: 7.2.314.3476 and later with the exception of 7.2.314.3518 (Linux, MacOS, Windows) 7.2.314.3608 (MacOS 10.15.x and later) = MacOS earlier than 10.15.x Catalina 7.4.1.1955 and later clients are supported on Map 2.0.1 and later. If you use a client version that is not listed, certain product features might not be available, or stability issues can occur that can only be resolved by upgrading to one of the listed client versions.
Tanium products	If you selected Install with Recommended Configurations when you installed Map, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Map requires to function, as described under Tanium Console User Guide: Manage Tanium modules. Modules at the following minimum versions are required: Tanium Endpoint Configuration 1.0 or later The following modules are optional, but Map requires the specified minimum versions to work with them: Tanium Trends 3.6.310 or later

Component

Requirement

Tanium™ Core Platform

7.3.314.4250nn or later
7.4.1.1939 or later

Tanium™ Client

For more information about specific Tanium Client versions, see Tanium Client Deployment Guide: Client host system requirements.

For Map on Tanium™ as a Service, use Tanium Client 7.4.1.1955 or later.

One of the following 7.2 Tanium Client versions is required as a minimum:

7.2.314.3476 and later with the exception of 7.2.314.3518 (Linux, MacOS*, Windows)
7.2.314.3608 (MacOS 10.15.x and later)

* = MacOS earlier than 10.15.x Catalina

7.4.1.1955 and later clients are supported on Map 2.0.1 and later.

If you use a client version that is not listed, certain product features might not be available, or stability issues can occur that can only be resolved by upgrading to one of the listed client versions.

Tanium products

If you selected Install with Recommended Configurations when you installed Map, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Map requires to function, as described under Tanium Console User Guide: Manage Tanium modules.

Modules at the following minimum versions are required:

Tanium Endpoint Configuration 1.0 or later

The following modules are optional, but Map requires the specified minimum versions to work with them:

Tanium Trends 3.6.310 or later

Tanium™ Module Server

Map is installed and runs as a service on the Module Server host computer. The impact on the Module Server is minimal and depends on usage.

Endpoints

Supported operating systems

The following endpoint operating systems are supported with Map. Map uses the Tanium™ Client Recorder Extension to gather data from endpoints.

Operating System	Version
Windows	Windows 7 or later Windows Server 2008 R2 with SP1 or later Windows XP and Windows Server 2003 are not supported
macOS	Same as Tanium Client support. See Tanium Client User Guide: Host system requirements.
Linux	Same as Tanium Client support. See Tanium Client User Guide: Host system requirements. For Linux endpoints: Install the most recent stable version of the audit daemon and audispd-plugins. For information on deprecated parameters in the audit daemon configuration, see Tanium Client Recorder Extension User Guide. See the specific operating system documentation for instructions. Be aware that when using immutable "-e 2" mode, the recorder adds Tanium audit rules in front of the immutable flag. When using the -e 2 flag on Linux, the endpoint must be restarted after the recorder is enabled. Be aware that when using the failure "-f 2" mode, the Linux kernel panics in the event that auditd message is lost. The recorder does not add audit rules if this configuration is detected. Disable SELinux. In the /etc/sysconfig/selinux file, set SELINUX=disabled.

Operating System

Version

Windows

Windows 7 or later
Windows Server 2008 R2 with SP1 or later
Windows XP and Windows Server 2003 are not supported

macOS

Same as Tanium Client support. See Tanium Client User Guide: Host system requirements.

Linux

Same as Tanium Client support. See Tanium Client User Guide: Host system requirements.

For Linux endpoints:

Install the most recent stable version of the audit daemon and audispd-plugins. For information on deprecated parameters in the audit daemon configuration, see Tanium Client Recorder Extension User Guide. See the specific operating system documentation for instructions.
Be aware that when using immutable "-e 2" mode, the recorder adds Tanium audit rules in front of the immutable flag. When using the -e 2 flag on Linux, the endpoint must be restarted after the recorder is enabled.
Be aware that when using the failure "-f 2" mode, the Linux kernel panics in the event that auditd message is lost. The recorder does not add audit rules if this configuration is detected.

Disable SELinux. In the /etc/sysconfig/selinux file, set SELINUX=disabled.

Disk space requirements

The Map database on each endpoint contains a record of the TCP connections from the past 24 hours. The size of this database depends on the number of TCP connections. In most cases, the maximum size of the database is 200 MB.

CPU and memory requirements

The CPU demand on the endpoint averages less than 1%. For full functionality, a minimum of two CPUs per endpoint is required. The Tanium Client Recorder Extension cannot operate on fewer than 2 CPU cores.

A minimum of 4 GB RAM is recommended on each endpoint device.

Host and network security requirements

Specific ports and processes are needed to run Map.

Ports

Source	Destination	Port	Protocol	Purpose
Module ServerTanium as a Service	Endpoints	80	TCP	Application discovery
		443	TCP	Application discovery
		17272	TCP	Application discovery
		17473	TCP	Application discovery

For Tanium as a Service ports, see Tanium as a Service Deployment Guide: Host and network security requirements.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.

Table 1: Map security exclusions
Target Device	Notes	Process
Module Server		<Tanium Module Server>\services\map-service\node.exe
		<Tanium Module Server>\services\endpoint-configuration-service\TaniumEndpointConfigService.exe
Windows endpoints	7.2.x clients	<Tanium Client>\Python27\TPython.exe
	7.4.x clients	<Tanium Client>\Python38\TPython.exe
	7.4.x clients	<Tanium Client>\Python38\*.dll
		<Tanium Client>\TaniumCX.exe
Linux endpoints	7.2.x clients	<Tanium Client>/python27/bin/pybin
	7.4.x clients	<Tanium Client>/python38/python
		<Tanium Client>/TaniumCX
macOS endpoints		<Tanium Client>/TaniumCX

Table 2: Map security exclusions
Target Device	Notes	Process
Windows endpoints	7.4.x clients	<Tanium Client>\Python38\TPython.exe
	7.4.x clients	<Tanium Client>\Python38\*.dll
		<Tanium Client>\TaniumCX.exe
Linux endpoints	7.4.x clients	<Tanium Client>/python38/python
Linux endpoints		<Tanium Client>/TaniumCX
macOS endpoints		<Tanium Client>/TaniumCX

User role requirements

Table 3: Map user role permissions
Privilege	Map Administrator^1,2	Map Operator^1,2	Map User¹	Map Read Only User¹	Map Service Account^1,2	Map Endpoint Configuration Approver^1,2
Show Map Access Map workbench
Map Application Definition Read Read map application definitions
Map Application Definition Write Edit map application definitions
Map Application Configuration Service Register, use, write endpoint configuration items for Map
Map Operator Settings Read Read most map settings
Map Operator Settings Write Edit most map settings
Map Settings Read Read all map settings
Map Settings Write Edit all map settings
Map Endpoint Configuration Approve Approve endpoint configuration items for Map
¹ This role provides module permissions for Tanium Trends. You can view which Trends permissions are granted to this role in the Tanium Console. For more information, see Tanium Trends User Guide: User role requirements. ² This role provides module permissions for Tanium Endpoint Configuration. You can view which Endpoint Configuration permissions are granted to this role in the Tanium Console. For more information, see Tanium Endpoint Configuration User Guide: User role requirements.

Table 4: Provided Map Micro Admin and Advanced user role permissions
Permission	Role Type	Content Set for Permission
Read Action Group	Micro Admin
Execute Plugin	Advanced	Reserved
Execute Plugin	Advanced	Map
Execute Plugin	Advanced	Trends
Execute Plugin	Advanced	Endpoint Configuration
Read Plugin	Advanced