Other versions

Configuring client subnets

The client subnet configuration affects how Tanium™ Clients peer with each other. Before making changes, make sure you understand the default behavior and make sure you understand the impact of your changes. See Configuring Tanium Client Peering.

The subnets configuration is stored in configuration files on the Tanium™ Server host computer. The configuration files are not automatically synced to other cluster nodes. If you make changes to these settings in active-active deployments, be sure to perform the procedure on both nodes.

Configure separated subnets

Use the separated subnets configuration to specify subnets that should not allow client peering with neighbors outside the subnet.

  1. Go to Configuration > Tanium Server > Subnets.
  2. Use the Separated Subnets box to specify the CIDR IP address for subnets that should not allow client peering outside of the subnet.
  3. Note: Use either the ; or # character at the beginning of a line or immediately following an entry to add optional comments or documentation.

  4. Save your changes.

It can take up to four hours (Tanium Client registration reset interval) for clients to register and receive an updated peer list.

Configure isolated subnets

VPN clients should not participate in Tanium Client peering. Use the "isolated subnets" configuration to specify the enterprise VPN subnet address(es).

  1. Go to Configuration > Tanium Server > Subnets.
  2. Use the Isolated Subnets box to specify the CIDR IP address for subnets in which clients should never peer.
  3. Note: Use either the ; or # character at the beginning of a line or immediately following an entry to add optional comments or documentation.

  4. Save your changes.

It can take up to four hours (Tanium Client registration reset interval) for clients to register and receive an updated peer list.

Only users assigned the Administrator reserved role can see and use the Configuration pages.

Last updated: 3/19/2018 10:42 AM | Feedback