Firewall rules must be configured on the Tanium Server for server-to-database communications.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-253836 | TANS-DB-000005 | SV-253836r1099950_rule | CCI-001762 | medium |
| Description | ||||
| The Tanium Server can use either a SQL Server relational database management system (RDBMS) installed locally to the same device as the Tanium Server application or a remote dedicated or shared SQL Server instance. Using a local SQL Server database typically requires no changes to network firewall rules since all communication remains on the Tanium application server device. To access database resources installed to a remote device, however, the Tanium Server service communicates over the port reserved for SQL, by default port 1433, to the database. Port Needed: Tanium Server to Remote SQL Server over TCP port 1433. Network firewall rules: Allow TCP traffic on port 1433 from the Tanium Server device to the remote device hosting the SQL Server RDBMS. | ||||
| STIG | Date | |||
| Tanium 7.x Security Technical Implementation Guide | 2025-05-14 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-7(1)
1.00
- DISA · V2R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.7
1.00
- DISA · V2R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001762
1.00
- DISA · V2R3 · disa_xccdf · related
Details
Check Text (C-253836r1099950_chk)
Consult with the Tanium system administrator to verify which firewall is being used as a host-based firewall on the Tanium Server.
1. Access the Tanium Server.
2. Log on to the server with an account that has administrative privileges.
3. Access the host-based firewall configuration on the Tanium Server.
4. Validate a rule exists for the following:
Port Needed: Tanium Server to Remote SQL Server over TCP port 1433.
If a host-based firewall rule does not exist to allow Tanium Server to Remote SQL Server over TCP port 1433, this is a finding.
Consult with the network firewall administrator and validate rules exist for the following:
Allow traffic from Tanium Server to Remote SQL Server over TCP port 1433.
If a network firewall rule does not exist to allow traffic from Tanium Server to Remote SQL Server over TCP port 1433, this is a finding.
Fix Text (F-57239r842535_fix)
1. Configure host-based firewall rules on the Tanium Server to include the following required traffic:
Allow TCP traffic on port 1433 from the Tanium Server to the Remote SQL Server.
2. Configure the network firewall to allow the above traffic.