Performance requirements
Review the requirements before you
Tanium dependencies
In addition to a license for Performance, make sure that your environment meets the following requirements.
Component | Requirement |
---|---|
Tanium™ Core Platform | 7.3.314.4250 or later |
Tanium™ Client | Any supported version of Tanium Client. For the Tanium Client versions supported for each OS, see Tanium Client User Guide: Client version and host system requirements. If you use a client version that is not listed, certain product features might not be available, or stability issues can occur that can only be resolved by upgrading to one of the listed client versions. |
Tanium products | If you clicked the Install with Recommended Configurations button when you installed Performance, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Performance requires to function, as described under Tanium Console User Guide: Manage Tanium modules.
Modules at the following minimum versions are required:
The following modules are optional, but Performance requires the specified minimum versions to work with them:
If you are using any of the following Tanium™ modules that use the Tanium™ Client Recorder Extension, you must use the specified versions:
|
Endpoints
Supported operating systems
The following endpoint operating systems are supported with Performance.
Operating System | Version | Notes |
---|---|---|
Windows |
|
|
macOS | 10.11 and later | |
Linux |
|
Only POSIX-compliant file systems are supported. |
Support for specific metrics varies by operating system. For more information, see Reference: Event Rules.
Disk space requirements
Endpoints must have at least 500 megabytes (MB) available in free disk space.
Host and network security requirements
Specific ports and processes are needed to run Performance.
Ports
The following ports are required for Performance communication.
Source | Destination | Port | Protocol | Purpose |
---|---|---|---|---|
Tanium Client (internal) | Module Server | 17475 | TCP | Used by the Module Server for endpoint connections to internal clients. |
Tanium Client |
|
17486 | TCP | Used |
Module Server | Zone Server1 | 17487 | TCP | Used by the Zone Server for Module Server connections. The default port number is 17487. If needed, you can specify a different port number when you configure the Zone Proxy. |
17488 | TCP | Allows communication between the Zone Server and the Module Server. On TanOS, the Direct Connect Zone Proxy installer automatically opens port 17488 on the Zone Server. This port must be manually opened on Windows. | ||
1 These ports are required only when you use a Zone Server. |
For more information about the ports required for Direct Connect, see Direct Connect User Guide: Host and network security requirements.
Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.
Security exclusions
If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.
Target Device | Notes | Process |
---|---|---|
Module Server | <Module Server>\services\performance\node.exe | |
<Module Server>\services\event-service\twsm.exe | ||
<Module Server>\services\endpoint-configuration-service\TaniumEndpointConfigService.exe | ||
Windows x86 and x64 endpoints | <Tanium Client>\TaniumClientExtensions.dll | |
<Tanium Client>\TaniumClientExtensions.dll.sig | ||
<Tanium Client>\extensions\TaniumPerformance.dll | ||
<Tanium Client>\extensions\TaniumPerformance.dll.sig | ||
<Tanium Client>\Tools\Performance\TaniumTSDB.exe | ||
7.2.x clients1 | <Tanium Client>\Python27\TPython.exe | |
7.4.x clients1 | <Tanium Client>\Python38\TPython.exe | |
7.4.x clients | <Tanium Client>\Python38\*.dll | |
<Tanium Client>\TaniumCX.exe | ||
macOS and Linux (x86 and x64) endpoints | <Tanium Client>/libTaniumClientExtensions.so | |
<Tanium Client>/libTaniumClientExtensions.so.sig | ||
<Tanium Client>/extensions/libTaniumPerformance.so | ||
<Tanium Client>/extensions/libTaniumPerformance.so.sig | ||
<Tanium Client>/Tools/Performance/TaniumTSDB | ||
7.2.x clients | <Tanium Client>/python27/bin/pybin | |
7.4.x clients | <Tanium Client>/python38/bin/pybin | |
<Tanium Client>/TaniumCX | ||
1 = TPython requires SHA2 support to allow installation. |
Target Device | Notes | Process |
---|---|---|
Windows (x86 and x64) endpoints | <Tanium Client>\TaniumClientExtensions.dll | |
<Tanium Client>\TaniumClientExtensions.dll.sig | ||
<Tanium Client>\extensions\TaniumPerformance.dll | ||
<Tanium Client>\extensions\TaniumPerformance.dll.sig | ||
<Tanium Client>\Tools\Performance\TaniumTSDB.exe | ||
1 | <Tanium Client>\Python38\TPython.exe | |
<Tanium Client>\Python38\*.dll | ||
<Tanium Client>\TaniumCX.exe | ||
macOS and Linux (x86 and x64) endpoints | <Tanium Client>/libTaniumClientExtensions.so | |
<Tanium Client>/libTaniumClientExtensions.so.sig | ||
<Tanium Client>/extensions/libTaniumPerformance.so | ||
<Tanium Client>/extensions/libTaniumPerformance.so.sig | ||
<Tanium Client>/Tools/Performance/TaniumTSDB | ||
<Tanium Client>/python38/bin/pybin | ||
<Tanium Client>/TaniumCX | ||
1 = TPython requires SHA2 support to allow installation. |
User role requirements
The following tables list the role permissions required to use Performance. For more information about role permissions and associated content sets, see Tanium Core Platform User Guide: Managing RBAC.
Privilege | Performance Administrator2, 3 | Performance Operator2, 31,2 | Performance Read Only User2,31,2 | Performance Service Account3,52 | Performance User2,31,2 | Performance Endpoint Configuration Approver3,42,3 |
---|---|---|---|---|---|---|
Show Performance View Performance workbench. |
|
|
|
|
|
|
Performance Administer View all pages in Performance. Update settings, profiles, and the service account credentials. Can generate and retrieve a support bundle. |
|
|
|
|
|
|
Performance Kill Process Terminate endpoint processes when you connect to an endpoint through Performance. |
|
|
|
|
|
|
Performance File Download Browse the file system and download a file from an endpoint that you connect to through Performance. |
|
|
|
|
|
|
Performance Direct Connect Read Connect to an endpoint using Direct Connect and read data from that endpoint. |
|
|
|
|
|
|
Performance Event Read View performance events. |
|
|
|
|
|
|
Performance Profile Read View performance profiles. |
|
|
|
|
|
|
Performance Profile Write Create or modify performance profiles. |
|
|
|
|
|
|
Performance Settings Read View performance settings. |
|
|
|
|
|
|
Performance Endpoint Configuration Approve Allows approving endpoint configuration items. |
|
|
|
|
|
|
Performance Components Manage Manage back-end components for Performance, such as actions. |
|
|
|
|
|
|
1 To install Performance, you must have the Import Signed Content micro admin permission (Tanium Core Platform 7.4 or later) or the reserved role of Administrator. 21 This role provides module permissions for Tanium Direct Connect. You can view which Direct Connect permissions are granted to this role in the Tanium Console. For more information, see the Tanium Direct Connect User Guide: User role requirements. 32 This role provides module permissions for Tanium Trends. You can view which Trends permissions are granted to this role in the Tanium Console. For more information, see the Tanium Trends User Guide: User role requirements. 43 This role provides module permissions for Tanium Endpoint Configuration. You can view which Endpoint Configuration permissions are granted to this role in the Tanium Console. For more information, see Tanium Endpoint Configuration User Guide: User role requirements. 5 |
Permission | Role Type | Content Set for Permission | Performance Administrator | Performance Operator | Performance Read Only User | Performance Service Account | Performance User | Performance Endpoint Configuration Approver |
---|---|---|---|---|---|---|---|---|
Ask Dynamic Questions |
|
|
|
|
|
|
||
Read Action Group | Micro Admin |
|
|
|
|
|
|
|
Read Sensor | Advanced | Reserved |
|
|
|
|
|
|
Read Sensor | Advanced | Base |
|
|
|
|
|
|
Read Sensor | Advanced | Performance |
|
|
|
|
|
|
Read Sensor | Advanced | Direct Connect |
|
|
|
|
|
|
Read Plugin | Advanced | Performance |
|
|
|
|
|
|
Read Plugin | Advanced | Trends |
|
|
|
|
|
|
Read Plugin | Advanced | Endpoint Configuration |
|
|
|
|
|
|
Execute Plugin | Advanced | Performance |
|
|
|
|
|
|
Execute Plugin | Advanced | Trends |
|
|
|
|
|
|
Execute Plugin | Advanced | Endpoint Configuration |
|
|
|
|
|
|
Read Package | Advanced | Performance |
|
|
|
|
|
|
Read Package | Advanced | Direct Connect |
|
|
|
|
|
|
Write Package | Advanced | Performance |
|
|
|
|
|
|
Write Package | Advanced | Direct Connect |
|
|
|
|
|
|
Read Own Action | Advanced | Performance |
|
|
|
|
|
|
Read Own Action | Advanced | Direct Connect |
|
|
|
|
|
|
Read Action | Advanced | Performance |
|
|
|
|
|
|
Read Action | Advanced | Direct Connect |
|
|
|
|
|
|
Write Action | Advanced | Performance |
|
|
|
|
|
|
Write Action | Advanced | Direct Connect |
|
|
|
|
|
|
Read Saved Question | Advanced | Reserved |
|
|
|
|
|
|
Read Saved Question | Advanced | Base |
|
|
|
|
|
|
Read Saved Question | Advanced | Performance |
|
|
|
|
|
|
Read Saved Question | Advanced | Direct Connect |
|
|
|
|
|
|
Read Saved Question | Advanced | Hardware |
|
|
|
|||
Read Filter Group | Advanced | Reserved |
|
|
|
|
|
|
Read Filter Group | Advanced | Default Filter Groups |
|
|
|
|
|
|
Read Filter Group | Advanced | Performance |
|
|
|
|
|
|
Show Preview | Advanced | Performance |
|
|
|
|
|
|
Show Preview | Advanced | Direct Connect |
|
|
|
|
|
|
Last updated: 4/13/2021 6:53 PM | Feedback