Network Quarantine requirements
Review the requirements before you install and use Network Quarantine.
Tanium dependencies
| Component | Requirement |
|---|---|
| Platform | Version 7.0 or later |
| License | Network Quarantine is included with Tanium Connect. For information about licensing, contact your Technical Account Manager (TAM). |
| Tanium Connect |
(Optional) Version 4.7.4 or later |
| Tanium Discover | (Optional) Version 2.7.0 or later |
Tanium Module Server
Network Quarantine is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.
Third-party software
- Cisco Identity Services Engine (ISE) 2.2 or later with pxGrid installed
- Palo Alto Networks OS 7.1 or later
- Palo Alto Networks Panorama is not supported
Host and network security requirements
Specific ports and processes are needed to run Network Quarantine.
Ports
The following ports are required for Network Quarantine communication.
| Component | Port | Direction | Purpose |
|---|---|---|---|
| Module Server | 17467 | Loopback | Internal purposes; not externally accessible. |
| 5222 | Outbound | Access to Cisco ISE, unless specified otherwise. | |
| 443 | Outbound | Access to Palo Alto Networks firewall, unless specified otherwise. |
User role requirements
Tanium 7.0
Administrator role is required for all Network Quarantine tasks.
Tanium 7.1
| Privilege | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
|---|---|---|---|---|---|---|
|
Show Networkquarantine View Network Quarantine shared service |
|
|
|
|
|
|
|
Network Quarantine Certificates Read View configured certificates |
|
|
|
|
|
|
|
Network Quarantine Certificates Write Add or update configured certificates |
|
|
|
|
|
|
|
Network Quarantine Nacs Read View configured NACs |
|
|
|
|
|
|
|
Network Quarantine Nacs Write Add or update configured NACs |
|
|
|
|
|
|
|
Network Quarantine Quarantines Read View quarantined endpoints |
|
|
|
|
|
|
|
Network Quarantine Quarantines Write Quarantine or unquarantine endpoints |
|
|
|
|
|
|
|
Network Quarantine Rules Evaluate Use service account to evaluate rules |
|
|
|
|
|
|
|
Network Quarantine Settings Read View service settings |
|
|
|
|
|
|
|
Network Quarantine Settings Write Configure service settings |
|
|
|
|
|
|
|
Network Quarantine Nacauditlog Read View audit log |
|
|
|
|
|
|
|
Network Quarantine Rules Run Start rule evaluation process |
|
|
|
|
|
|
|
Network Quarantine Rules Read View rules and targets |
|
|
|
|
|
|
|
Network Quarantine Rules Write Edit rules and targets |
|
|
|
|
|
|
|
Network Quarantine Requests Read View quarantine requests |
|
|
|
|
|
|
|
Network Quarantine Requests Approve Approve quarantine requests |
|
|
|
|
|
|
|
Network Quarantine Requests Deny Deny quarantine requests |
|
|
|
|
|
|
|
Network Quarantine Runs Read View rule evaluation runs |
|
|
|
|
|
|
| Permission | Role type | Content set for permission | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
|---|---|---|---|---|---|---|---|---|
| Read User | Micro Admin |
|
|
|
|
|
|
|
| Read Computer Group | Micro Admin |
|
|
|
|
|
|
|
| Execute Plugin | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Read Plugin | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Read Saved Question | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Read Sensor | Advanced | Reserved, Default, Base, Network Quarantine Content Set |
|
|
|
|
|
|
| Write saved question | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Role | Enables |
|---|---|
| Connect User |
For signed in user:
For service account:
|
For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.
Last updated: 2/12/2019 2:09 PM | Feedback