Firewall rules must be configured on the Tanium Zone Server for Client-to-Zone Server communications.
An XCCDF Rule
Description
<VulnDiscussion>In customer environments using the Tanium Zone Server, a Tanium Client may be configured to point to a Zone Server instead of a Tanium Server. The communication requirements for these Clients are identical to the Server-to-Client requirements. https://docs.tanium.com/platform_install/platform_install/reference_network_ports.html</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-234090r612749_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure host-based firewall rules as required, to include Tanium Clients to Zone Server over TCP port 17472.