STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

Firewall rules must be configured on the Tanium Zone Server for Client-to-Zone Server communications.

DISA Rule

SV-93389r1_rule

Vulnerability Number

V-78683

Group Title

SRG-APP-000142

Rule Version

TANS-SV-000018

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Configure host-based firewall rules as required, to include Tanium Clients to Zone Server over TCP port 17472.

Check Contents

Note: If a Zone Server is not being used, this is "Not Applicable".

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:
Port Needed: Tanium Clients to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Clients to the Tanium Zone Server, this is a finding.

Vulnerability Number

V-78683

Documentable

False

Rule Version

TANS-SV-000018

Severity Override Guidance

Note: If a Zone Server is not being used, this is "Not Applicable".

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:
Port Needed: Tanium Clients to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Clients to the Tanium Zone Server, this is a finding.

Check Content Reference

M

Target Key

3215

Comments