STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Tanium 7.0 Security Technical Implementation Guide

V-241029

CAT II (Medium)

Firewall rules must be configured on the Tanium Zone Server for Client-to-Zone Server communications.

Rule ID

SV-241029r1043177_rule

STIG

Tanium 7.0 Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-000382

Discussion

In customer environments using the Tanium Zone Server, a Tanium Client may be configured to point to a Zone Server instead of a Tanium Server. The communication requirements for these Clients are identical to the Server-to-Client requirements. https://docs.tanium.com/platform_install/platform_install/reference_network_ports.html

Check Content

Note: If a Zone Server is not being used, this is "Not Applicable".

Consult with the Tanium System Administrator to verify which firewall is being used as a host-based firewall on the Tanium Zone Server.

Access the host-based firewall configuration on the Tanium Zone Server.

Validate a rule exists for the following:
Port Needed: Tanium Clients to Zone Server over TCP port 17472.

If a host-based firewall rule does not exist to allow TCP port 17472, bi-directionally, from Tanium Clients to the Tanium Zone Server, this is a finding.

Fix Text

Configure host-based firewall rules as required, to include Tanium Clients to Zone Server over TCP port 17472.