Network Quarantine requirements
Review the requirements before you install and use Network Quarantine.
Tanium dependencies
| Component | Requirement |
|---|---|
| Platform | Version 7.0 or later |
| License | Network Quarantine is included with Tanium Connect. For information about licensing, contact your Technical Account Manager (TAM). |
| Tanium Connect |
(Optional) Version 4.7.4 or later |
| Tanium Discover | (Optional) Version 2.7.0 or later |
Tanium Module Server
Network Quarantine is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.
Third-party software
- Cisco Identity Services Engine (ISE) 2.2 or later with pxGrid installed
- Palo Alto Networks OS 7.1 or later
Host and network security requirements
Specific ports and processes are needed to run Network Quarantine.
Ports
The following ports are required for Network Quarantine communication.
| Component | Port | Direction | Purpose |
|---|---|---|---|
| Module Server | 17467 | Loopback | Internal purposes; not externally accessible. |
| 5222 | Outbound | Access to Cisco ISE, unless specified otherwise. | |
| 443 | Outbound | Access to Palo Alto Networks firewall, unless specified otherwise. |
User role requirements
Tanium 7.0
Administrator role is required for all Network Quarantine tasks.
Tanium 7.1
| Privilege | Network Quarantine Administrator | Network Quarantine User | Network Quarantine Read Only User |
|---|---|---|---|
|
Show Networkquarantine View Network Quarantine shared service |
|
|
|
|
Networkquarantine Certificates Read View configured certificates |
|
|
|
|
Networkquarantine Certificates Write Add or update configured certificates |
|
|
|
|
Networkquarantine Nacs Read View configured NACs |
|
|
|
|
Networkquarantine Nacs Write Add or update configured NACs |
|
|
|
|
Networkquarantine Quarantines Read View quarantined endpoints |
|
|
|
|
Networkquarantine Quarantines Write Quarantine or unquarantine endpoints |
|
|
|
|
Networkquarantine Settings Read View service settings |
|
|
|
|
Networkquarantine Settings Write Configure service settings |
|
|
|
|
Networkquarantine Nacauditlog Read View audit log |
|
|
|
Last updated: 8/14/2018 12:43 PM | Feedback