Performance requirements

Review the requirements before you install and use Performance.

Tanium dependencies

In addition to a license for the Performance product module, make sure that your environment meets the following requirements.

Component Requirement
Tanium™ Core Platform Servers Version 7.2 or later
Tanium™ Client Version 7.2.314.3211 or later
Tanium Direct Connect Version 1.1.0 or later (Optional; for connecting directly to an endpoint to view historical data)
Tanium™ solutions that use the Tanium™ Client Recorder Extension If you are using any of the following Tanium solutions that use the endpoint recorder, you must use the specified versions:
  • Tanium™ Integrity Monitor 1.7.0.0035 or later
  • Tanium™ Map 1.1.1.0006 or later
  • Tanium™ Threat Response 1.2.0.0037 or later
  • Tanium™ Trace 2.9.0.0035 or later

Endpoints

Performance is supported on the following endpoint operating systems:

  • Windows 7 and later
  • macOS 10.11 and later
  • Red Hat Enterprise Linux (RHEL) 6.x, 7.x
  • CentOS 6.x, 7.x

Support for specific metrics varies by operating system. For more information, see Reference: Event Rules.

Host and network security requirements

Specific ports and processes are needed to run Performance.

Ports

The following ports are required for Performance communication.

Component Port Direction Purpose
Module Server 17475 Inbound Required only for Direct Connect. Used for connecting to the Module Server for direct connections to endpoints.

Security exclusions

A security administrator must create exclusions to allow Tanium processes to run without interference if security software is in use in the environment to monitor and block unknown host system processes.

Table 1:   Performance security exclusions
Target device Process
Tanium Module Server <Tanium Module Server>\services\performance\node.exe
<Tanium Module Server>\services\event-service\twsm.exe
Windows x86 and x64 endpoints <Tanium Client>\Tools\Performance\TaniumTSDB.exe
macOS, and Linux x86 and x64 endpoints <Tanium Client>/Tools/Performance/TaniumTSDB

User role requirements

Table 2:   Performance user role privileges
Privilege Performance Administrator Performance Service Account Performance User

Show Performance1

View Performance workbench.


2


2

Performance Administer

View all pages in Performance. Update settings, profiles, and the service account credentials. Can generate and retrieve a support bundle.





Performance Direct Connect Read3

Connect to an endpoint using Direct Connect and read data from that endpoint.


2



Performance Event Read

View performance events.


2



Performance Profile Read

View performance profiles.


2



Performance Settings Read

View performance settings.


2


Performance Components Manage

Manage back-end components for Performance, such as actions.

1 To install Performance, you must have the reserved role of Administrator.

2 Denotes an implicit permission that is provided by a privilege with a higher permission level. For example, a write permission provides an implicit read permission.

3 Also requires the Direct Connect Use API privilege for the Direct Connect service.

 

Table 3:   Provided Advanced user role permissions for Tanium 7.1.314.3071 or later
Permission Content Set for Permission Performance Administrator Performance Service Account Performance User
Ask Dynamic Questions  
Read Sensor Reserved
Read Sensor Base
Read Sensor Performance
Read Sensor Hardware
Read Plugin Performance
Execute Plugin Performance
Read Saved Question Reserved
Read Saved Question Base
Read Saved Question Performance
Read Saved Question Hardware

 

Last updated: 10/16/2019 3:20 PM | Feedback