Network Quarantine requirements
Review the requirements before you install and use Network Quarantine.
Core platform dependencies
Make sure that your environment meets the following requirements:
- Tanium™ Core Platform servers:
- 7.3.314.4250 or later
- 7.4.1.1939 or later
Network Quarantine is not supported for use with Tanium Core Platform 7.5.x or later.
Solution dependencies
Other Tanium solutions are required for specific Network Quarantine features to work (feature-specific dependencies). The installation method that you select determines if the Tanium Server automatically imports dependencies or if you must manually import them.
Some Network Quarantine dependencies have their own dependencies, which you can see by clicking the links in the list of Feature-specific dependencies. Note that the links open the user guides for the latest version of each solution, not necessarily the minimum version that Network Quarantine requires.
Tanium recommended installation
If you select Tanium Recommended Installation when you import Network Quarantine, the Tanium Server automatically imports all your licensed solutions at the same time. See Tanium Console User Guide: Import all modules and services.
Import specific solutions
If you select only Network Quarantine to import, you must manually import dependencies. See Tanium Console User Guide: Import, re-import, or update specific solutions.
Feature-specific dependencies
Network Quarantine has the following feature-specific dependencies at the specified minimum versions:
- Tanium Connect 4.7.4 or later to send notifications about NAC events to destinations.
- Tanium Discover 2.7.0 or later to quarantine a MAC address directly from the Discover Interfaces pages.
Tanium Module Server
Network Quarantine is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.
Endpoints
Supported internet protocols
Network Quarantine supports only IPv4 addresses.
Supported operating systems
Same as Tanium Client support. See Tanium Client Management User Guide: Client version and host system requirements.
Third-party software
Network Quarantine is supported for use with Cisco Identity Services Engine (ISE) 2.2 - 2.7 with Cisco Platform Exchange Grid (pxGrid) installed.
Cisco ISE 3.x or later and pxGrid 2.0 or later are not supported.
Host and network security requirements
Specific ports and processes are needed to run Network Quarantine.
Ports
The following ports are required for Network Quarantine communication.
Source | Destination | Port | Protocol | Purpose |
---|---|---|---|---|
Module Server | Module Server (loopback) | 17467 | TCP | Internal purposes; not externally accessible. |
Cisco ISE | 5222 | TCP | Access to Cisco ISE, unless specified otherwise. |
User role requirements
The following tables list the role permissions required to use Network Quarantine. To review a summary of the predefined roles, see Set up Network Quarantine users.
For more information about role permissions and associated content sets, see Tanium Console User Guide: Managing RBAC.
Permission | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
---|---|---|---|---|---|---|
Network Quarantine Certificates View, add or update configured certificates |
READ WRITE |
|
|
|
|
|
Network Quarantine Nacauditlog View audit log |
READ |
READ |
READ |
READ |
|
|
Network Quarantine NACs View, add or update configured NACs |
READ WRITE |
READ |
READ |
READ |
|
|
Network Quarantine Quarantines View, quarantine or unquarantine quarantined endpoints |
READ WRITE |
READ |
READ |
READ WRITE |
READ |
|
Network Quarantine Requests View, approve and deny quarantine requests |
APPROVE READ DENY |
APPROVE READ DENY |
APPROVE READ DENY |
|
|
|
Network Quarantine Rules View and edit rules and targets; use service account to evaluate rules; start rule evaluation process |
READ WRITE RUN |
READ |
READ WRITE RUN |
|
|
EVALUATE |
Network Quarantine Runs View rule evaluation runs |
READ |
READ |
READ |
|
|
|
Network Quarantine Settings View and configure service settings |
READ WRITE |
READ |
READ WRITE |
READ |
READ |
|
Networkquarantine View Network Quarantine shared service |
SHOW |
SHOW |
SHOW |
SHOW |
SHOW |
|
Permission | Role type | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
---|---|---|---|---|---|---|---|
Computer Group | Administration |
READ |
READ |
READ |
|
|
READ |
User | Administration |
READ |
|
READ |
|
|
|
Plugin | Platform content |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
Saved Question | Platform content |
READ |
|
READ |
|
|
READ WRITE |
Sensor | Platform content |
READ |
|
READ |
|
|
READ |
Role | Enables |
---|---|
Connect User |
For signed in user:
For service account:
|
For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.
Last updated: 1/24/2022 3:42 PM | Feedback