Review the requirements before you use Tanium as a Service.
|Tanium™ Client||7.4 or later|
Legacy operating systems might be reduced by using Tanium Client 7.4 or later. For more information, see Endpoints.
Supported operating systems
The following endpoint operating systems are supported with Tanium as a Service.
For Tanium Client operating system support, see Tanium Client Management User Guide: Client version and host system requirements.
To use Tanium as a Service in production, each customer must bring a Security Assertion Markup Language (SAML 2.0) compliant identity provider with two-factor authentication (2FA) enabled. Configuration of multiple identity providers for a single TaaS instance is supported. Examples of these providers include:
- Microsoft Active Directory Federation Services (ADFS)
- Azure Active Directory (AD)
Specific ports and processes are needed to run Tanium as a Service.
The following ports are required for Tanium as a Service communication.
|Tanium Client||Tanium Client||17472||TCP||Bi-directional communication between Tanium Client installations|
|Tanium Client||Tanium as a Service||17472||TCP||Outbound communication from the Tanium Client and inbound communication to TaaS|
|Tanium Client||Tanium as a Service||17486||TCP||Outbound communication from the Tanium Client and inbound communication to TaaS for direct endpoint connections|
Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.
To see additional port requirements that are specific to Tanium™ modules and shared services, click the following links to access the associated user guides:
- Client Management
- Comply: No additional port requirements
- Direct Connect
- Endpoint Configuration
- End-User Notifications
- Integrity Monitor: No additional port requirements
- Interact: No additional port requirements
- Map: No additional port requirements
- Patch: No additional port requirements
- Threat Response
If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.
For more information about role permissions and associated content sets, see Tanium Core Platform User Guide: Managing RBAC.
Last updated: 10/25/2021 10:16 AM | Feedback