Reveal requirements
Review the requirements before you install and use Reveal.
Tanium dependencies
In addition to a license for the Reveal product module, make sure that your environment also meets the following requirements.
| Component | Requirement |
|---|---|
| Platform | 7.2.314.2831 or later |
| Tanium Client | 6.0.314.1540 or later recommended |
| Tanium Module | Taniumâ„¢ Trace 2.7.7 |
Tanium Module Server
Reveal is installed and runs as a service on the Module Server host computer. The impact on Module Server is minimal and depends on usage.
Endpoints
Reveal supports Windows and macOS endpoints. Up to 2 GB of free disk space is required.
Host and network security requirements
Specific ports and processes are needed to run Reveal.
Ports
The following ports are required for Reveal communication.
| Component | Port | Direction | Purpose |
|---|---|---|---|
| Module Server | 17444 | Inbound | Connecting to the Module Server for live connections to endpoints. |
Security exclusions
If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.
| Target Device | Process |
|---|---|
| Module Server | <Tanium Module Server>\services\ProductName\node.exe |
| Endpoint computers |
<Tanium Client>\Tools\EPI\TaniumExecWrapper.exe <Tanium Client>\Tools\EPI\TaniumEndpointIndex.exe <Tanium Client>\Tools\Reveal\win32\TaniumReveal.exe |
User role requirements
The Trace Live Connections Write permission is required for any user to make direct connections to endpoints to investigate rule matches.
Provide the Bypass Action Approval Advanced Role to the Trace Analysis Content Set so that Trace users can make Live Connections to endpoints without having to go through action approval and still require approval on all other actions.
Last updated: 1/16/2019 11:56 AM | Feedback