Firewall rules must be configured on the Tanium Server for Console-to-Server communications.
An XCCDF Rule
Description
<VulnDiscussion>An HTML5 based application, the Tanium Console runs from any device with a browser that supports HTML5. For security, the HTTP and SOAP communication to the Tanium Server is SSL encrypted, so the Tanium Server installer configures the server to listen for HTTP and SOAP requests on port 443. Without a proper connection to the Tanium Server, access to the system capabilities could be denied. Port Needed: To Tanium Server over TCP port 443. Network firewall rules: Allow HTTP traffic on TCP port 443 from any computer on the internal network to the Tanium Server device. https://docs.tanium.com/platform_install/platform_install/reference_network_ports.html.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-254940r867720_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
1. Configure host-based firewall rules on the Tanium Server to include the following required traffic:
1A. Allow TCP traffic on port 433 to the Tanium Server from designated Tanium console user clients.
1B. Configure the network firewall to allow the above traffic.