Network Quarantine requirements
Review the requirements before you install and use Network Quarantine.
Tanium dependencies
Network Quarantine is included with Tanium Connect. For information about licensing, contact Tanium Support. Make sure that your environment meets the following requirements.
| Component | Requirement |
|---|---|
| Taniumâ„¢ Core Platform | Version 7.3.314.4250 or later |
| Tanium products |
The following modules are optional, but Network Quarantine requires the specified minimum versions to work with them:
|
Tanium Module Server
Network Quarantine is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.
Endpoints
Supported operating systems
Same as Tanium Client support. See Tanium Client User Guide: Host system requirements.
Third-party software
- Cisco Identity Services Engine (ISE) 2.2 or later with pxGrid installed
- Palo Alto Networks OS 7.1 or later
- Palo Alto Networks Panorama is not supported
Host and network security requirements
Specific ports and processes are needed to run Network Quarantine.
Ports
The following ports are required for Network Quarantine communication.
| Source | Destination | Port | Protocol | Purpose |
|---|---|---|---|---|
| Module Server | Module Server (loopback) | 17467 | TCP | Internal purposes; not externally accessible. |
| Cisco ISE | 5222 | TCP | Access to Cisco ISE, unless specified otherwise. | |
| Palo Alto Networks firewall | 443 | TCP | Access to Palo Alto Networks firewall, unless specified otherwise. |
Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.
User role requirements
| Permission | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
|---|---|---|---|---|---|---|
|
Show Networkquarantine View Network Quarantine shared service |
|
|
|
|
|
|
|
Network Quarantine Certificates Read View configured certificates |
|
|
|
|
|
|
|
Network Quarantine Certificates Write Add or update configured certificates |
|
|
|
|
|
|
|
Network Quarantine Nacs Read View configured NACs |
|
|
|
|
|
|
|
Network Quarantine Nacs Write Add or update configured NACs |
|
|
|
|
|
|
|
Network Quarantine Quarantines Read View quarantined endpoints |
|
|
|
|
|
|
|
Network Quarantine Quarantines Write Quarantine or unquarantine endpoints |
|
|
|
|
|
|
|
Network Quarantine Rules Evaluate Use service account to evaluate rules |
|
|
|
|
|
|
|
Network Quarantine Settings Read View service settings |
|
|
|
|
|
|
|
Network Quarantine Settings Write Configure service settings |
|
|
|
|
|
|
|
Network Quarantine Nacauditlog Read View audit log |
|
|
|
|
|
|
|
Network Quarantine Rules Run Start rule evaluation process |
|
|
|
|
|
|
|
Network Quarantine Rules Read View rules and targets |
|
|
|
|
|
|
|
Network Quarantine Rules Write Edit rules and targets |
|
|
|
|
|
|
|
Network Quarantine Requests Read View quarantine requests |
|
|
|
|
|
|
|
Network Quarantine Requests Approve Approve quarantine requests |
|
|
|
|
|
|
|
Network Quarantine Requests Deny Deny quarantine requests |
|
|
|
|
|
|
|
Network Quarantine Runs Read View rule evaluation runs |
|
|
|
|
|
|
| Permission | Role type | Content set for permission | Network Quarantine Administrator | Network Quarantine Approver | Network Quarantine Rule Author | Network Quarantine User | Network Quarantine Read Only User | Network Quarantine Service Account |
|---|---|---|---|---|---|---|---|---|
| Read User | Micro Admin |
|
|
|
|
|
|
|
| Read Computer Group | Micro Admin |
|
|
|
|
|
|
|
| Execute Plugin | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Read Plugin | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Read Saved Question | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Read Sensor | Advanced | Reserved, Default, Base, Network Quarantine Content Set |
|
|
|
|
|
|
| Write saved question | Advanced | Network Quarantine Content Set |
|
|
|
|
|
|
| Role | Enables |
|---|---|
| Connect User |
For signed in user:
For service account:
|
For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.
Last updated: 2/23/2021 3:42 PM | Feedback