Tanium
Feature availability
Operating systems | WARP mode required | Zero Trust plans |
---|---|---|
macOS, Windows, Linux | WARP with Gateway | All plans |
Service-to-service device posture with Tanium requires the Tanium agent and the Cloudflare WARP client to be deployed on your devices. This integration reads Tanium endpoint data via the WARP client. You can use either Tanium Cloud or on-premise installations of Tanium.
Set up Tanium as a service provider
1. Get Tanium settings
The following Tanium values are needed to set up the Tanium posture check:
- Client Secret
- Rest API URL
To retrieve those values:
- Log in to your Tanium instance.
- Go to Administration > API Tokens.
- Select New API Token.
- Set Expire in days to an appropriate value for your organization. When this token expires, all device posture results will begin to fail unless updated.
- Set Trusted IP addresses to
0.0.0.0/0
. - Select Save.
- Copy the Client Secret and API URL to a safe place.
2. Add Tanium as a service provider
- In Zero Trust, go to Settings > WARP Client.
- Scroll down to Device posture providers and select Add new.
- Select Tanium.
- Enter any name for the provider. This name will be used throughout the dashboard to reference this connection.
- Enter the Client Secret and Rest API URL you noted down above.
- Choose a Polling frequency for how often Cloudflare Zero Trust should query Tanium for information.
- Select Save.
3. Configure the posture check
- In Zero Trust, go to Settings > WARP Client > Service provider checks.
- Select Add new.
- Select the Tanium provider.
- Configure a device posture check and enter any name.
- Select Save.
Next, go to Logs > Posture and verify that the service provider posture check is returning the expected results.
Device posture attributes
Selector | Description |
---|---|
Total score | totalScore of the device from Tanium’s EndpointRisk assessment |