STIGQter: STIG Summary: Tanium 7.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Firewall rules must be configured on the Tanium Zone Server for Client-to-Zone Server communications.

DISA Rule

SV-234090r612749_rule

Vulnerability Number

V-234090

Group Title

SRG-APP-000142

Rule Version

TANS-SV-000018

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Configure host-based firewall rules as required, to include Tanium Clients to Zone Server over TCP port 17472.

Check Contents

Note: If a Zone Server is not being used, this is Not Applicable.

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:

Port Needed: Tanium Clients to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Clients to the Tanium Zone Server, this is a finding.

Vulnerability Number

V-234090

Documentable

False

Rule Version

TANS-SV-000018

Severity Override Guidance

Note: If a Zone Server is not being used, this is Not Applicable.

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:

Port Needed: Tanium Clients to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Clients to the Tanium Zone Server, this is a finding.

Check Content Reference

M

Target Key

5259

Comments