Reputation requirements

Review the requirements before you install and use Reputation.

Tanium dependencies

Make sure that your environment meets the following requirements.

Component Requirement
Platform 7.2 or later.
Tanium™ Client No client requirements.
Tanium Connect Version 4.11 or later (optional).
Tanium™ Trace Version 2.0.5 for reputation data (optional).
Tanium™ Incident Response For hash data (optional).

Tanium™ Module Server

Reputation is installed and runs as a service on the Module Server host computer. The impact on the Module Server is minimal and depends on usage.

Third-party software

With Reputation, you can integrate with several different kinds of third-party software. If no specific version is listed, there are no version requirements for that software.

  • Palo Alto Networks WildFire
  • ReversingLabs A1000
  • ReversingLabs TitaniumCloud
  • VirusTotal

Host and network security requirements

Specific ports and processes are needed to run Reputation.

Ports

The following ports are required for Reputation communication.

Component Port Direction Purpose
Module Server 17455 Inbound Internal purposes; not externally accessible

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.

Table 1:   Reputation security exclusions
Target Device Process
Module Server <Tanium Module Server>\services\reputation-service\node.exe

Internet URLs

If security software is deployed in the environment to monitor and block unknown URLS, your security administrator might need to add the following URLs to the whitelist.

  • reversinglabs.com
  • virustotal.com
  • wildfire.paloaltonetworks.com

User role requirements

Table 2:   Reputation user role permissions
Permission Reputation Administrator

Show Reputation1

View the Reputation workbench


2

Reputation Read

Read access to the Reputation shared service


2

Reputation Write3

Write access to the Reputation shared service


2

Reputation Administrator

Administrative access to the Reputation shared service


1 To install Reputation, you must have the reserved role of Administrator.

2 Denotes a provided permission.

3 If you need access to only the Reputation API, you can add the Reputation Write permission to your user.

Table 3:   Provided Reputation Advanced user role permissions for Tanium 7.1.314.3071 or later
Permission Content Set for Permission Reputation Administrator
Execute Plugin Reputation

For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.

Last updated: 9/3/2019 5:03 PM | Feedback