Reveal requirements

Review the requirements before you install and use Reveal.

Review the requirements before you use Reveal.

Tanium dependencies

In addition to a license for the Reveal product module, make sure that your environment also meets the following requirements.

Component	Requirement
Tanium™ Core Platform	7.3.314.4250 or later.
Tanium™ Client	Any supported version of Tanium Client. For the Tanium Client versions supported for each OS, see Tanium Client User Guide: Client version and host system requirements. If you use a client version that is not listed, certain product features might not be available, or stability issues can occur that can only be resolved by upgrading to one of the listed client versions.
Tanium products	If you clicked the Install with Recommended Configurations button when you installed Reveal, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Reveal requires to function, as described under Tanium Console User Guide: Manage Tanium modules. The following products are required for features of Reveal to function. The given versions are the minimum required: Tanium Index 2.5.2 or later. Tanium Trends 3.6.331 or later. Tanium Interact 2.5.146 or later. Tanium Direct Connect 1.4.0 or later. Tanium Endpoint Configuration 1.2 or later. Endpoint Configuration is installed as part of Tanium Client Management 1.5 or later.
Computer groups	When you first log into the Tanium Console after installing the Tanium Server, the server automatically imports the computer groups that Reveal requires: All Computers All Windows All Mac All Linux

Reveal deploys the Tanium Index tools if necessary and starts the indexing process. Additionally, Reveal deploys a default Index configuration. Ensure that any file types or directories that you expect Reveal to scan are not excluded from hashing. By default, the following directories are excluded from hashing:

^/Library/Tanium/TaniumClient/ (macOS)
^/opt/Tanium/TaniumClient/ (Linux)
\\Tanium\\Tanium Client\\ (Windows)

Tanium Module Server

Reveal is installed and runs as a service on the Tanium Module Server. The impact on the Module Server is minimal and depends on usage.

Endpoints

Up to 2 GB of free disk space is required on each endpoint.

Supported operating systems
Operating system	OS version
Microsoft Windows Server	Windows Server 2008 R2 SP1 or later
Microsoft Windows Workstation	Windows 10 Windows 8 Windows 7 SP1 Windows 7 Service Pack 1 requires Microsoft KB2758857.
macOS (Intel processor only)	macOS 11.0 Big Sur macOS 10.15 Catalina macOS 10.14 Mojave macOS 10.13 High Sierra macOS 10.12 Sierra OS X 10.11.6 El Capitan
Linux
	Amazon Linux 2 LTS (2017.12)
	Debian 9.x, 8.x, 10x
	Oracle Linux 8.x, 7.x, 6.x, 5.x
	Red Hat Enterprise Linux (RHEL) 8.x, 7.x, 6.x, 5.x CentOS 8x, 7.x, 6.x, 5.x
	Ubuntu 20.04 LTS
	Ubuntu 18.04 LTS
	Ubuntu 16.04 LTS

Host and network security requirements

Specific ports and processes are needed to run Reveal.

Ports

The following ports are required for Reveal communication.

Source	Destination	Port	Protocol	Purpose
Tanium Client (internal)	Module Server	17475	TCP	Used by the Module Server for endpoint connections to internal clients.
Tanium Client (external)	Zone Server* Tanium as a Service	17486	TCP	Used by the Zone Server for endpoint connections to external clients. The default port number is 17486. If needed, you can specify a different port number when you configure the Zone Proxy. Used for endpoint connections.
Module Server	Zone Server*	17487	TCP	Used by the Zone Server for Module Server connections. The default port number is 17487. If needed, you can specify a different port number when you configure the Zone Proxy.
Module Server	Zone Server*	17488	TCP	Allows communication between the Zone Server and the Module Server. On TanOS, the Direct Connect Zone Proxy installer automatically opens port 17488 on the Zone Server. This port must be manually opened on Windows.
*These ports are required only when you use a Zone Server.

Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.

Reveal security exclusions
Target Device	Notes	Process
Module Server		<Module Server>\services\reveal-service\node.exe
Module Server		<Module Server>\services\endpoint-configuration-service\TaniumEndpointConfigService.exe
Windows endpoints		<Tanium Client>\TaniumCX.exe
		<Tanium Client>\Tools\EPI\TaniumExecWrapper.exe
		<Tanium Client>\Tools\EPI\TaniumEndpointIndex.exe
		<Tanium Client>\TaniumClientExtensions.dll
		<Tanium Client>\TaniumClientExtensions.dll.sig
		<Tanium Client>\extensions\RevealCX.dll
		<Tanium Client>\extensions\RevealCX.dll.sig
		<Tanium Client>\extensions\TaniumDEC.dll
		<Tanium Client>\extensions\TaniumDEC.dll.sig
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll.sig
	7.2.x clients, ¹	<Tanium Client>\Python27\TPython.exe
	7.4.x clients, ¹	<Tanium Client>\Python38\TPython.exe
	7.2.x clients	<Tanium Client>\Python38\*.dll
Linux endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/libTaniumClientExtensions.so
		<Tanium Client>/libTaniumClientExtensions.so.sig
		<Tanium Client>/extensions/libRevealCX.so
		<Tanium Client>/extensions/libRevealCX.so.sig
		<Tanium Client>/extensions/libTaniumDEC.so
		<Tanium Client>/extensions/libTaniumDEC.so.sig
		<Tanium Client>/extensions/core/libTaniumPythonCx.so
		<Tanium Client>/extensions/core/libTaniumPythonCx.so.sig
	7.2.x clients	<Tanium Client>/python27/python
	7.4.x clients	<Tanium Client>/python38/python
macOS endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/libTaniumClientExtensions.dylib
		<Tanium Client>/libTaniumClientExtensions.dylib.sig
		<Tanium Client>/extensions/libRevealCX.dylib
		<Tanium Client>/extensions/libRevealCX.dylib.sig
		<Tanium Client>/extensions/libTaniumDEC.dylib
		<Tanium Client>/extensions/libTaniumDEC.dylib.sig
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib.sig
	7.2.x clients	<Tanium Client>/python27/python
	7.4.x clients	<Tanium Client>/python38/python
¹ = TPython requires SHA2 support to allow installation.

Reveal security exclusions
Target Device	Notes	Process
Windows endpoints		<Tanium Client>\TaniumCX.exe
		<Tanium Client>\Tools\EPI\TaniumExecWrapper.exe
		<Tanium Client>\Tools\EPI\TaniumEndpointIndex.exe
		<Tanium Client>\Tools\Reveal\TaniumReveal.exe
		<Tanium Client>\TaniumClientExtensions.dll
		<Tanium Client>\TaniumClientExtensions.dll.sig
		<Tanium Client>\extensions\RevealCX.dll
		<Tanium Client>\extensions\RevealCX.dll.sig
		<Tanium Client>\extensions\TaniumDEC.dll
		<Tanium Client>\extensions\TaniumDEC.dll.sig
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll.sig
	7.4.x clients, ¹	<Tanium Client>\Python38\TPython.exe
Linux endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/Tools/Reveal/TaniumReveal
		<Tanium Client>/libTaniumClientExtensions.so
		<Tanium Client>/libTaniumClientExtensions.so.sig
		<Tanium Client>/extensions/libRevealCX.so
		<Tanium Client>/extensions/libRevealCX.so.sig
		<Tanium Client>/extensions/libTaniumDEC.so
		<Tanium Client>/extensions/libTaniumDEC.so.sig
		<Tanium Client>/extensions//core/libTaniumPythonCx.so
		<Tanium Client>/extensions/core/libTaniumPythonCx.so.sig
	7.4.x clients	<Tanium Client>/python38/python
macOS endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/Tools/Reveal/TaniumReveal
		<Tanium Client>/libTaniumClientExtensions.dylib
		<Tanium Client>/libTaniumClientExtensions.dylib.sig
		<Tanium Client>/extensions/libRevealCX.dylib
		<Tanium Client>/extensions/libRevealCX.dylib.sig
		<Tanium Client>/extensions/libTaniumDEC.dylib
		<Tanium Client>/extensions/libTaniumDEC.dylib.sig
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib.sig
	7.4.x clients	<Tanium Client>/python38/python
¹= TPython requires SHA2 support to allow installation.

User role requirements

Use role-based access control (RBAC) permissions to restrict access to Reveal functions.

Tanium Reveal User Role Privileges
Permission	Reveal Administrator	Reveal Operator	Reveal Read Only User	Reveal Service Account³	Reveal User¹	Reveal Endpoint Configuration Approver²
Show Reveal Access to the Reveal workbench
Reveal Affected Files Enables viewing of affected files
Reveal Quick Search Enables viewing of quick search results
Reveal Rules Deploy Enables the deployment of rules to endpoints
Reveal Rules Deploy Status Access to the Reveal workbench
Reveal Rules Read Enables the viewing and listing of rules
Reveal Rules Write Enables the editing of rules
Reveal Rule Sets Read Enables the viewing and listing of rule sets
Reveal Rule Sets Write Enables the editing of rule sets
Reveal Service User Enables a user to perform work as the service account user
Reveal Service User Read Allows viewing details of the service account user
Reveal Service User Write Enables modifications to the service user account
Reveal Snippets Enables viewing of snippets of affected files.
Reveal Use API Perform Reveal operations using the API
Reveal Validations Deploy Enables the deployment of validations to endpoints
Reveal Validations Deploy Status Enables viewing of the status of validation deployments
Reveal Validations Read Enables viewing and listing of validations
Reveal Validations Write Enables the editing of validations
Reveal Settings Read Enables viewing and listing Reveal settings
Reveal Settings Write Enables the editing of Reveal settings
Reveal Operator Settings Read Enables viewing and listing Reveal settings
Reveal Operator Settings Write Enables the editing of Reveal settings
Reveal Admin Perform administrative functions for the Reveal module
Trends Integration Service Account Provides access for module service accounts to read and write data, and to define sources and boards.
Reveal Endpoint Configuration Approve Enables approver privileges in Tanium Endpoint Configuration for Reveal configuration changes.
¹ This role provides module permissions for Tanium Trends. You can view which Trends permissions are granted to this role in the Tanium Console. For more information, see the Tanium Trends User Guide: User role requirements. ² This role provides module permissions for Tanium Endpoint Configuration. You can view which Endpoint Configuration permissions are granted to this role in the Tanium Console. For more information, see the Tanium Endpoint Configuration User Guide: User role requirements. ³ If you installed Tanium Client Management, Endpoint Configuration is installed, and by By default, configuration changes initiated by the module service account (such as tool deployment) require approval. You can bypass approval for module-generated configuration changes by applying the Endpoint Configuration Bypass Approval permission to this role and adding the relevant content sets. For more information, see Tanium Endpoint Configuration User Guide: User role requirements.

For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.