STIGQter STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

Firewall rules must be configured on the Tanium Server for Server-to-Zone Server communications.

DISA Rule

SV-93417r1_rule

Vulnerability Number

V-78711

Group Title

SRG-APP-000383

Rule Version

TANS-SV-000033

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure host-based firewall rules on the Tanium Zone server to include the following required traffic:

Allow Tanium Server to Zone Server over TCP port 17472.

Configure the network firewall to allow the above traffic.

Check Contents

Note: If a Zone Server is not being used, this is "Not Applicable".

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:
Port Needed: Tanium Server to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Server to the Tanium Zone Server, this is a finding.

Vulnerability Number

V-78711

Documentable

False

Rule Version

TANS-SV-000033

Severity Override Guidance

Note: If a Zone Server is not being used, this is "Not Applicable".

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:
Port Needed: Tanium Server to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Server to the Tanium Zone Server, this is a finding.

Check Content Reference

M

Target Key

3215

Comments