Network Quarantine requirements
Review the requirements before you install and use Network Quarantine.
Tanium dependencies
| Component | Requirement |
|---|---|
| Tanium™ Core Platform | Version 7.3.314.4250 or later |
| Tanium solutions |
The following solutions are optional, but Network Quarantine requires the specified minimum versions to work with them:
|
Tanium Module Server
Network Quarantine is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.
Endpoints
Supported internet protocols
Network Quarantine supports only IPv4 addresses.
Supported operating systems
Same as Tanium Client support. See Tanium Client Management User Guide: Client version and host system requirements.
Third-party software
Network Quarantine is supported for use with Cisco Identity Services Engine (ISE) 2.2 - 2.7 with Cisco Platform Exchange Grid (pxGrid) installed.
Cisco ISE 3.x or later and pxGrid 2.0 or later are not supported.
Host and network security requirements
Specific ports and processes are needed to run Network Quarantine.
Ports
The following ports are required for Network Quarantine communication.
| Source | Destination | Port | Protocol | Purpose |
|---|---|---|---|---|
| Module Server | Module Server (loopback) | 17467 | TCP | Internal purposes; not externally accessible. |
| Cisco ISE | 5222 | TCP | Access to Cisco ISE, unless specified otherwise. |
User role requirements
The following tables list the role permissions required to use Network Quarantine. To review a summary of the predefined roles, see Set up Network Quarantine users.
For more information about role permissions and associated content sets, see Tanium Console User Guide: Managing RBAC.
| Permission | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
|---|---|---|---|---|---|---|
|
Network Quarantine Certificates View, add or update configured certificates |
READ WRITE |
|
|
|
|
|
|
Network Quarantine Nacauditlog View audit log |
READ |
READ |
READ |
READ |
|
|
|
Network Quarantine NACs View, add or update configured NACs |
READ WRITE |
READ |
READ |
READ |
|
|
|
Network Quarantine Quarantines View, quarantine or unquarantine quarantined endpoints |
READ WRITE |
READ |
READ |
READ WRITE |
READ |
|
|
Network Quarantine Requests View, approve and deny quarantine requests |
APPROVE READ DENY |
APPROVE READ DENY |
APPROVE READ DENY |
|
|
|
|
Network Quarantine Rules View and edit rules and targets; use service account to evaluate rules; start rule evaluation process |
READ WRITE RUN |
READ |
READ WRITE RUN |
|
|
EVALUATE |
|
Network Quarantine Runs View rule evaluation runs |
READ |
READ |
READ |
|
|
|
|
Network Quarantine Settings View and configure service settings |
READ WRITE |
READ |
READ WRITE |
READ |
READ |
|
|
Networkquarantine View Network Quarantine shared service |
SHOW |
SHOW |
SHOW |
SHOW |
SHOW |
|
| Permission | Role type | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
|---|---|---|---|---|---|---|---|
| Computer Group | Administration |
READ |
READ |
READ |
|
|
READ |
| User | Administration |
READ |
|
READ |
|
|
|
| Plugin | Platform content |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
READ EXECUTE |
| Saved Question | Platform content |
READ |
|
READ |
|
|
READ WRITE |
| Sensor | Platform content |
READ |
|
READ |
|
|
READ |
| Role | Enables |
|---|---|
| Connect User |
For signed in user:
For service account:
|
For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.
Last updated: 10/21/2021 9:12 AM | Feedback