Performance requirements

Review the requirements before you install and use Performance.

Tanium dependencies

In addition to a license for Performance, make sure that your environment meets the following requirements.

Component Requirement
Tanium™ Core Platform 7.2 or later
Tanium™ Client
  • 7.2.314.3211 or later
  • 7.4.1.1955 or later
7.4.1.1955 or later
Tanium products If you clicked the Install with Recommended Configurations button when you installed Performance, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Performance requires to function, as described under Tanium Console User Guide: Manage Tanium modules.

The following modules are optional, but Performance requires the specified minimum versions to work with them:

  • Tanium Direct Connect 1.1.0 or later (1.3.0 or later to kill processes or browse files on an endpoint)
  • Tanium Trends 2.4.0 or later

If you are using any of the following Tanium™ modules that use the Tanium™ Client Recorder Extension, you must use the specified versions:

  • Tanium™ Integrity Monitor 1.7.0.0035 or later
  • Tanium™ Map 1.1.1.0006 or later
  • Tanium™ Threat Response 1.2.0.0037 or later
  • Tanium™ Trace 2.9.0.0035 or later

Endpoints

Supported operating systems

The following endpoint operating systems are supported with Performance.

  • Windows 7 and later
  • macOS 10.11 and later
  • Red Hat Enterprise Linux (RHEL) 6.x, 7.x
  • CentOS 6.x, 7.x

Support for specific metrics varies by operating system. For more information, see Reference: Event Rules.

Host and network security requirements

Specific ports and processes are needed to run Performance.

Ports

The following ports are required for Performance communication.

Source Destination Port Protocol Purpose
Tanium Client (internal) Module Server 17475 TCP Used by the Module Server for endpoint connections to internal clients.
Tanium Client (external) Zone Server1 Tanium as a Service 17486 TCP Used by the Zone Server for endpoint connections to external clients.
The default port number is 17486. If needed, you can specify a different port number when you configure the Zone Proxy.
Zone Server1 Module Server 17487 TCP Used by the Zone Server for Module Server connections.
The default port number is 17487. If needed, you can specify a different port number when you configure the Zone Proxy.
17488 TCP Allows communication between the Zone Server and the Module Server. On TanOS, the Direct Connect Zone Proxy installer automatically opens port 17488 on the Zone Server. This port must be manually opened on Windows.
1 These ports are required only when you use a Zone Server.

For more information about the ports required for Direct Connect, see Direct Connect User Guide: Host and network security requirements.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.

Table 1:   Performance security exclusions
Target Device Notes Process
Tanium Module Server   <Module Server>\services\performance\node.exe
  <Module Server>\services\event-service\twsm.exe
Windows x86 and x64 endpoints   <Tanium Client>\Tools\Performance\TaniumTSDB.exe
7.2.x clients <Tanium Client>\Python27\TPython.exe
7.4.x clients <Tanium Client>\Python38\TPython.exe
7.4.x clients <Tanium Client>\Python38\*.dll
  <Tanium Client>\TaniumCX.exe
macOS and Linux (x86 and x64) endpoints   <Tanium Client>/Tools/Performance/TaniumTSDB
7.2.x clients <Tanium Client>/python27/python
7.4.x clients <Tanium Client>/python38/python
  <Tanium Client>/TaniumCX
Table 2:   Performance security exclusions
Target Device Notes Process
Windows (x86 and x64) endpoints   <Tanium Client>\Tools\Performance\TaniumTSDB.exe
  <Tanium Client>\Python38\TPython.exe
  <Tanium Client>\Python38\*.dll
  <Tanium Client>\TaniumCX.exe
macOS and Linux (x86 and x64) endpoints   <Tanium Client>/Tools/Performance/TaniumTSDB
  <Tanium Client>/python38/python
  <Tanium Client>/TaniumCX

User role requirements

Table 3:   Performance user role privileges
Privilege Performance Administrator Performance Operator Performance Read Only User Performance Service Account3 Performance User

Show Performance

View Performance workbench.


1

1



1

Performance Administer

View all pages in Performance. Update settings, profiles, and the service account credentials. Can generate and retrieve a support bundle.






Performance Kill Process

Kill endpoint processes when you connect to an endpoint through Performance.


1




Performance File Download

Download a file from an endpoint that you connect to through Performance.






Performance Direct Connect Read2

Connect to an endpoint using Direct Connect and read data from that endpoint.


1




Performance Event Read

View performance events.


1




Performance Profile Read

View performance profiles.


1

1



Performance Profile Write

Create or modify performance profiles.






Performance Settings Read

View performance settings.


1

1



Performance Components Manage

Manage back-end components for Performance, such as actions.






1 Denotes an implicit permission that is provided by a privilege with a higher permission level. For example, a write permission provides an implicit read permission.

2 Also requires the Show Direct Connect privilege for the Direct Connect service.

3 Also provides the Trends Integration Service Account privilege.

 

Table 4:   Provided Advanced user role permissions for Tanium 7.1.314.3071 or later
Permission Content Set for Permission Performance Administrator Performance Operator Performance Service Account Performance User
Ask Dynamic Questions  
Read Sensor Reserved
Read Sensor Base
Read Sensor Performance
Read Sensor Hardware
Read Plugin Performance
Execute Plugin Performance
Read Saved Question Reserved
Read Saved Question Base
Read Saved Question Performance
Read Saved Question Hardware
Read Filter Group Reserved
Read Filter Group Default Filter Groups
Read Filter Group Performance