Tanium Server requires the installation of Tanium Module Server on a dedicated device. The remote location of Tanium Module Server helps to prevent the execution of malicious or otherwise unauthorized code on the Tanium Server device or across the security network.
Tanium Module Server does not support silent mode installation.
Tanium Module Server 6.5 has the following basic requirements for hardware and software.
The hardware requirements for Tanium Module Server 6.5 depend on the configuration of the security network, including:
- Whether the server device is physical or virtual
- The number of managed endpoints
The minimum requirements to run Tanium Module Server 6.5 on a Windows-based server device are as follows:
- 4 processor cores
- 8 GB RAM
- 150 GB disk space
For detailed guidance on how to allocate a server device for Tanium Module Server, see System Requirements.
Tanium Module Server 6.5 runs on 64-bit editions of Microsoft Windows Server operating systems including:
- Microsoft Windows Server 2008 R2 or later versions
Before you install Tanium Module Server
The Tanium Module Server installation process requires certificate and key files that are distributed with Tanium Server. These files must be copied into a directory on the Tanium Module Server device before installation. The Module Server installer uses information from these files during the installation process.
To copy the certificate and key files
- Locate the SOAPServer.crt and SOAPServer.key files on your Tanium Server. They are located in the Tanium Server folder by default.
- Copy them onto the Tanium Module Server device, into the directory that contains SetupPluginServer, the Tanium Module Server installer.
Your Technical Account Manager (TAM) will provide a link to download Tanium Module Server after it is licensed.
To install Tanium Module Server
- Right-click SetupPluginServer and select Run as Administrator.
The Tanium Module Server installation wizard opens.
- Click Next to review the License Agreement.
- Click I Agree.
- (Optional) Change the directory location where Tanium Module Server will be installed. By default, this location is C:\Program Files\Tanium\Tanium Plugin Server.
- Click Next.
- (Optional) In Plugin Server Port, change the number of the port that Tanium Module Server uses.
- Select Use Existing Certificate and Key. The installer will detect these files if they have been copied into the same directory.
If necessary, for Certificate Path and for Key Path, click Browse and select the appropriate file.
- Click Install.
The installation process begins.
At the end of the installation process, the wizard displays a completion message.
- Click Finish.
After you install Tanium Module Server
Tanium Module Server typically requires the following post-installation tasks.
Migrate proxy settings
If your deployment of Tanium Server uses proxy servers, you will need to configure those settings on Tanium Module Server.
Modify Windows Registry
After you deploy a Tanium Module Server to a remote device, Tanium Server must be configured to use the remote instance. This requires a change to the Tanium key in Windows Registry on the Tanium Server device. Note that this must be done for each instance of Tanium Server deployed using the Tanium Server installer.
To configure Tanium Module Server
- On the Tanium Server device, in Run, type "regedit.exe" and press ENTER.
- Navigate to the Tanium hive, and locate the following Registry key:
- Replace the value of the key with the fully qualified hostname of the Tanium Module Server device.
After Windows Registry is configured to use the remote instance of Tanium Module Server, you can uninstall the local instance that is installed by default with Tanium Server.
To uninstall the local instance of Tanium Module Server
- On the Tanium Server device, click Control Panel.
- Click Programs and Features.
When the uninstallation process is complete, a success message appears.
You can confirm the uninstallation on the Tanium Server device, in Server Manager.
To confirm the removal of the local Tanium Module Server service
- On the Tools menu, select Services.
- Check the Names column on the Services (Local) page for Tanium Plugin Server or Tanium Module Server. Neither should appear.
Verify the installation of Tanium Module Server
To verify the remote instance of Tanium Module Server, confirm that the Module Server service is visible and available to Tanium Server.
To verify the installation
- Open a web browser.
- Use Secure HTTP to view the information page for the Tanium Server service. For example: https://188.8.131.52/info
- In the left pane, in Module Cache, confirm that the hostname or IP address of Tanium Module Server is listed with the port number. By default, the port number is 17477.