Tanium 6.x: Module Server Installation

 

Introduction

This guide provides installation instructions for Tanium Module Server 6.5. Your environment must have the Tanium Server 6.5 installed prior to performing these steps. See Tanium 6.5 Server Installation for the steps required to install the Tanium Server 6.5.

Requirements

Tanium Module Server 6.5 has the following basic requirements for hardware and software:

Hardware

The hardware requirements for Tanium Module Server 6.5 depend on the configuration of the security network, including:

  • Whether the server device is physical or virtual
  • The number of managed endpoints

The minimum requirements to run Tanium Module Server 6.5 on a Windows-based server device are as follows:

  • 4 processor cores
  • 8 GB RAM
  • 150 GB disk space

For detailed guidance on how to allocate a server device for Tanium Module Server, see System Requirements.

Software

Tanium Module Server 6.5 runs on 64-bit editions of Microsoft Windows Server operating systems including:

  • Microsoft Windows Server 2012, 2012 R2, or later versions
  • Microsoft Windows Server 2008 R2 or later versions

Installation

Download the Tanium Module Server installer

Your Tanium Technical Account Manager will provide a download location for the installer. Download the TaniumModuleServer.exe installation file to a directory on your Tanium Module Server.

Tms6.5install_setupmoduleserver_icon.png

Copy Certificate File to Tanium Module Server

You will need the SOAPServer.crt file from your Tanium Server. By default, this file is located on the Tanium Server in the C:\Program Files\Tanium\Tanium Server directory. Copy this file from the Tanium Server to the directory on the Tanium Module Server where you downloaded the Tanium Module Server installation file. In the examples below, the SetupModuleServer.exe file as well as the SOAPServer.crt file will be placed in the C:\Users\Administrator\Desktop directory.

300px-TMS_6.5_Install_-_SOAPServer_files.png

Copy any Module Server Content (Migration)

If this is a migration you will need to place content from the old Module Server onto the new target by recreating the directory. Copy the 'content' folder and recreate a path like "C:\Program Files\Tanium\Tanium Module Server\plugins\content" on the new Module Server.

Launch the Tanium Module Server installer

The Tanium Module Server installer must be run as Administrator. To run Tanium Module Server installer, right click the installer, and choose Run as Administrator.

TMS_6.5_Install_-_Run_As_Administrator.png


The Tanium Module Server installer displays the Welcome screen. Click Next to continue.
520px-TMS_6.5_Install_-_Screenshot_1.png

The installer displays the Tanium Module Server license agreement. Click I Agree to accept the license agreement and continue.
520px-TMS_6.5_Install_-_Screenshot_2.png

Enter a custom installation directory for the Tanium Module Server or choose the default of C:\Program Files\Tanium\Tanium Module Server. Click Next to continue.
520px-TMS_6.5_Install_-_Screenshot_3.png

Configure the Set Module Server Configuration screen as follows:

  1. Leave the default Module Server Port value of 17477 unless you need to utilize a custom port.
  2. Click the Browse button next to Server’s Certificate Path, select the SOAPServer.crt file which you copied over from the Tanium Server, and click Open.
  3. Select the Generate Self-Signed Certificate and Key radio button and enter the fully-qualified domain name (FQDN) of the Tanium Module Server. For example, if your Tanium Module server is named "tms" and it is in the "example.com" domain, you should enter "tms.example.com" in this input field.
  4. Click Install when the settings are correct.

520px-TMS_6.5_Install_-_Screenshot_4.png

The Tanium Module Server installation routine will continue, copying files and configuring the Tanium Module Server according to your specifications. When complete, click Finish to end the installer.
520px-TMS_6.5_Install_-_Screenshot_5.png

Post-Installation Configuration

Migrate Proxy Settings

If your Tanium Server installation includes proxy server configuration settings, be sure to copy those configuration settings to your Tanium Module Server installation as well. See Proxy server settings for more information.

Update Tanium Server Registry Key setting

  1. After the Tanium Module Server installer finishes successfully, log in to the Tanium Server as an a administrator.
  2. Open the Registry Editor (regedit.exe) and browse to the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Tanium\Tanium Server.
  3. Locate the ModuleServer value, right click and choose Modify to enter either the fully qualified hostname (preferred) or the IP address of the Tanium Module Server.
  4. If you chose a custom port for the Tanium Module Server, then locate the ModuleServerPort value, right click, and choose Modify to enter the custom port number that you chose during the Tanium Module Server installation.
  5. Restart the Tanium Server service or reboot the Tanium Server to apply the registry changes.

Import Solutions

Once the new Module Server has been installed or migrated, browse the Solutions tab under Authoring to import solutions.

Validating the Tanium Module Server installation

  1. From your web browser, navigate to https://<ip_address_of_tanium_server>/plugin/server/status.
  2. Verify that the XML data displays the Tanium Module Server hostname or IP address following the module_server_name: value, including the proper port number (17477 is the default).

Frequently Asked Question

Why is the Tanium Module server required to be on a separate server from the Tanium Server?
Separating the Module server from the application server enables greater performance and security of the Tanium platform. From a security standpoint, separation of functionality assists to prevent full compromise. For example, compromise of the Module Server or a single Plugin would not result in a Tanium compromise. Further, the separation of the two servers allows for easier performance upgrades if necessary without administration of the Tanium Server.

Best Practices

NOTE: During the Tanium Server install, a local instance of the Tanium Module Server is installed by default on the Tanium Server C:\ Drive. To avoid conflicts with your stand alone Tanium Module Server - best practice is to either disable the "Tanium Module Server" service on the Tanium Server - or browse to "Programs and Features" and uninstall the Module Server all together. You may also delete the "Tanium Module Server" folder from the default 'C:\Program Files\Tanium" folder after uninstall. Please ask your Technical Account Manager for clarification on when to do this if you have any questions.

Have more questions? Submit a request