Requirements

Tanium dependencies

Review the requirements before you install and use Protect.

Component Requirement
Platform Version 7.0 or later
Tanium Client 6.0.314.1293 or later
License For information about licensing Protect, contact your Technical Account Manager (TAM).

Tanium Module Server

Protect is installed and runs as a service on the Taniumâ„¢ Module Server host computer. The impact on the Module Server is minimal and depends on usage. For more information, contact your TAM.

Installation prerequisites

The Tanium Module server must be running when you install Protect.

Required credentials

Before installing Protect, you need to have a service account with Tanium Administrator credentials.

To initialize Protect, you must have a valid Tanium account with Action Author permissions. Protect uses this account to perform internal maintenance tasks.

System requirements

Following are the requirements for each policy and rule type in Protect:

Anti-malware policy

System Center Endpoint Protection (SCEP)

  • Windows 7
  • Windows Server 2008 R2 or 2012

Windows Defender

  • Windows 8 or 10
  • Windows Server 2016

AppLocker policy

  • Windows 7 Enterprise, Ultimate, or Embedded
  • Windows 8 Enterprise, 8.1 Enterprise, or 10 Enterprise
  • Windows Server 2008 R2 or later

EMET policy

  • Windows Vista or later
  • Windows Server 2008 or later

Windows firewall management policy

  • Windows Vista or later
  • Windows Server 2008 or later

Linux firewall management policy

  • Centos 6 and 7
  • RHEL 6 and 7
  • Ubuntu 16

SRP management rules

  • Windows Vista or later
  • Windows Server 2008 or later

Remediation policy

  • Windows 7 Enterprise or later

User role requirements

The following user roles are supported in Protect. The three predefined roles are Protect Admin, Protect User, and Protect Read Only User.

Table 1:   Protect User Role Privileges for Tanium 7.1.314.3071 or later
Privilege Protect Administrator Protect User Protect Read Only User

Show Protect1

View the Protect workbench.


2

2

2

Protect Read

View policies, enforcements, reports, and results for Protect questions asked in Interact. Export policies.


2

2


Protect Write

Create and edit policies, enforcements, and reports. Import and re-prioritize policies.





Protect Settings Write

Change the global settings for the Protect module.




1 To install Protect, you must have the reserved role of Administrator.

2 Denotes a provided permission.

 

Table 2:   Provided Protect Micro Admin and Advanced User Role Permissions for Tanium 7.1.314.3071 or later
Permission Role Type Content Set for Permission Protect Administrator Protect User Protect Read Only User
Read User Micro Admin  


Ask Dynamic Questions Advanced  


Approve Action Advanced Protect


Approve Action Advanced Protect Anti-malware Definitions


Execute Plugin Advanced Protect


Read Action Advanced Protect


Read Action Advanced Protect Anti-malware Definitions


Read Package Advanced Protect


Read Package Advanced Protect Anti-malware Definitions


Read Sensor Advanced Reserved


Read Sensor Advanced Protect


Write Action Advanced Protect


Write Action Advanced Protect Anti-malware Definitions


Write Package Advanced Protect


Write Package Advanced Protect Anti-malware Definitions


Write Saved Question Advanced Protect


Last updated: 10/23/2018 6:51 PM | Feedback