Tanium as a Service requirements
Review the requirements before you use Tanium as a Service.
|Tanium™ Client||7.4 or later|
Supported operating systems
The following endpoint operating systems are supported with Tanium as a Service.
For Tanium Client operating system support, see Tanium Client User Guide: Host system requirements.
To use Tanium as a Service in production, each customer must bring a Security Assertion Markup Language (SAML 2.0) compliant identity provider with two-factor authentication (2FA) enabled. Configuration of multiple identity providers for a single TaaS instance is supported. Examples of these providers include:
- Microsoft Active Directory Federation Services (ADFS)
- Azure Active Directory (AD)
Specific ports and processes are needed to run Tanium as a Service.
The following ports are required for Tanium as a Service communication.
|Tanium Client||Tanium Client||17472||TCP||Communication between Tanium Client installations|
|Tanium Client||Tanium as a Service||17472||TCP||Communication between Tanium Client and TaaS|
|Tanium Client||Tanium as a Service||17486||TCP||Communication between Tanium Client and TaaS for direct endpoint connections|
Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.
If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.
For more information about role permissions and associated content sets, see Tanium Core Platform User Guide: Managing RBAC.
Last updated: 11/13/2020 11:02 AM | Feedback