Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Tanium 7.x Security Technical Implementation Guide
SRG-APP-000142
Firewall rules must be configured on the Tanium Server for client-to-server communications.
Firewall rules must be configured on the Tanium Server for client-to-server communications.
An XCCDF Rule
Details
Profiles
Prose
Firewall rules must be configured on the Tanium Server for client-to-server communications.
Medium Severity
<VulnDiscussion>In addition to the client-to-server TCP communication that takes place over port 17472, Tanium Clients also communicate to other Tanium-managed computers over port 17472. Without proper firewall configurations, proper TCP communications may not take place as necessary for application functionality. The Tanium environment can perform hundreds or thousands of times faster than other security or systems management tools because the Tanium Clients communicate in secure, linearly controlled peer-to-peer rings. Because clients dynamically communicate with other nearby agents based on proximity and latency, rings tend to form automatically to match a customer's topology. For example, endpoints in California will form one ring while endpoints in Germany will form a separate ring. For more information, refer to https://docs.tanium.com/platform_deployment_reference/platform_deployment_reference/network_ports.html.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>