Network Quarantine requirements

Review the requirements before you install and use Network Quarantine.

Tanium dependencies

Component Requirement
Tanium™ Core Platform Version 7.3.314.4250 or later
Tanium solutions

The following solutions are optional, but Network Quarantine requires the specified minimum versions to work with them:

  • Tanium Connect 4.7.4 or later
  • Tanium Discover 2.7.0 or later

Tanium Module Server

Network Quarantine is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.

Endpoints

Supported internet protocols

Network Quarantine supports only IPv4 addresses.

Supported operating systems

Same as Tanium Client support. See Tanium Client Management User Guide: Client version and host system requirements.

Third-party software

Network Quarantine is supported for use with Cisco Identity Services Engine (ISE) 2.2 - 2.7 with Cisco Platform Exchange Grid (pxGrid) installed.

Cisco ISE 3.x or later and pxGrid 2.0 or later are not supported.

Host and network security requirements

Specific ports and processes are needed to run Network Quarantine.

Ports

The following ports are required for Network Quarantine communication.

Source Destination Port Protocol Purpose
Module Server Module Server (loopback) 17467 TCP Internal purposes; not externally accessible.
Cisco ISE 5222 TCP Access to Cisco ISE, unless specified otherwise.

User role requirements

The following tables list the role permissions required to use Network Quarantine. To review a summary of the predefined roles, see Set up Network Quarantine users.

For more information about role permissions and associated content sets, see Tanium Console User Guide: Managing RBAC.

Network Quarantine user role permissions
Permission Network Quarantine Administrator Network Quarantine Approver Network Quarantine Rule Author Network Quarantine User Network Quarantine Read Only User Network Quarantine Service Account

Network Quarantine Certificates

View, add or update configured certificates


READ
WRITE

Network Quarantine Nacauditlog

View audit log


READ

READ

READ

READ

Network Quarantine NACs

View, add or update configured NACs


READ
WRITE

READ

READ

READ

Network Quarantine Quarantines

View, quarantine or unquarantine quarantined endpoints


READ
WRITE

READ

READ

READ
WRITE

READ

Network Quarantine Requests

View, approve and deny quarantine requests


APPROVE
READ
DENY

APPROVE
READ
DENY

APPROVE
READ
DENY

Network Quarantine Rules

View and edit rules and targets; use service account to evaluate rules; start rule evaluation process


READ
WRITE
RUN

READ

READ
WRITE
RUN

EVALUATE

Network Quarantine Runs

View rule evaluation runs


READ

READ

READ

Network Quarantine Settings

View and configure service settings


READ
WRITE

READ

READ
WRITE

READ

READ

Networkquarantine

View Network Quarantine shared service


SHOW

SHOW

SHOW

SHOW

SHOW

Provided Network Quarantine administration and platform content user role permissions
Permission Role type Network Quarantine Administrator Network Quarantine Approver Network Quarantine Rule Author Network Quarantine User Network Quarantine Read Only User Network Quarantine Service Account
Computer Group Administration
READ

READ

READ

READ
User Administration
READ

READ
Plugin Platform content
READ
EXECUTE

READ
EXECUTE

READ
EXECUTE

READ
EXECUTE

READ
EXECUTE

READ
EXECUTE
Saved Question Platform content
READ

READ

READ
WRITE
Sensor Platform content
READ

READ

READ

 

Optional roles for Network Quarantine
Role Enables
Connect User

For signed in user:

  • Configure connections for Network Quarantine event notifications

For service account: 

  • Send Network Quarantine event notifications

For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.