Configuring client subnets
The client subnet configuration affects how Tanium™ Clients peer with each other. Before making changes, make sure you understand the default behavior and make sure you understand the impact of your changes. See Configuring Tanium Client Peering.
The subnets configuration is stored in configuration files on the Tanium™ Server host computer. The configuration files are not automatically synced to other cluster nodes. If you make changes to these settings in active-active deployments, be sure to perform the procedure on both nodes.
Configure separated subnets
Use the separated subnets configuration to specify subnets that should not allow client peering with neighbors outside the subnet.
- Go to Configuration > Tanium Server > Subnets.
- Use the Separated Subnets box to specify the CIDR IP address for subnets that should not allow client peering outside of the subnet.
- Save your changes.
Note: Use either the ; or # character at the beginning of a line or immediately following an entry to add optional comments or documentation.
It can take up to four hours (Tanium Client registration reset interval) for clients to register and receive an updated peer list.
Configure isolated subnets
VPN clients should not participate in Tanium Client peering. Use the "isolated subnets" configuration to specify the enterprise VPN subnet address(es).
- Go to Configuration > Tanium Server > Subnets.
- Use the Isolated Subnets box to specify the CIDR IP address for subnets in which clients should never peer.
- Save your changes.
Note: Use either the ; or # character at the beginning of a line or immediately following an entry to add optional comments or documentation.
It can take up to four hours (Tanium Client registration reset interval) for clients to register and receive an updated peer list.
Only users assigned the Administrator reserved role can see and use the Configuration pages.
Last updated: 3/19/2018 10:42 AM | Feedback