The Tanium application must be configured in a High-Availability (HA) setup to ensure minimal loss of data and minimal disruption to mission processes in the event of a system failure.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-234120 | TANS-SV-000054 | SV-234120r612749_rule | Medium |
| Description |
|---|
| Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving application state information helps to facilitate application restart and return to the operational mode of the organization with less disruption to mission-essential processes. |
| STIG | Date |
|---|---|
| Tanium 7.3 Security Technical Implementation Guide | 2021-12-20 |
Details
| Check Text ( C-37305r610860_chk ) |
|---|
| If the system is not considered mission critical, this is Not Applicable. Using a web browser on a system that has connectivity to the Tanium Application, access the Tanium Application web user interface (UI). Log on with CAC. Click on the navigation button (hamburger menu) on the top left of the console. Click on "Packages". Browse to the package called "Distribute Tanium Standard Utilities". Select it. Press "Status". Observe the text underneath a package file indicating the file cache status. If the cache status represents only one Tanium Server, this is a finding. |
| Fix Text (F-37270r610861_fix) |
|---|
| If the system is not considered mission critical, this is Not Applicable. Work with the Tanium System Administrator to configure Tanium in a HA Active-Active setup based on the process outlined in the Tanium documentation found at: https://docs.tanium.com/platform_install/platform_install/installing_an_ha_active_active_cluster.html. |