End user computer

Tanium – Update and Throttling

Posted by robd on February 08, 2024
Tanium / No Comments

Hi All,

Its been a while since my last post but I’ve been doing some interesting work with a new product we’ve bought called Tanium (no one has sponsored this post, or any of my posts to date).

Its essentially a cloud tool to manage your end user devices (especially brilliant for the all the staff who work at home).  It patches Office and Windows, rolls out software, has a self service portal so users can install software themselves, checks for vulnerabilities etc etc.

I’m honestly really impressed with it, much lower overheads than SCCM and easier to deploy software than endpoint manager (intune).

So what’s this blog post all about.  Well we have had one or two teething issues after deploying this software to several thousand devices.

Issue 1:

Software is super slow to download to clients.  Well after tinkering around for a while I discovered Bandwidth throttles on the cloud console.

This was set at 45Mbps and concurrent connections at 300 meaning each client gets 0.15Mbps if all the connects are at max bandwidth.  Well for several thousand clients this would not do:

So after emailing support, we’re currently testing:

800Mbps and 1600 connections meaning each the bandwidth is 0.5 Mbps per connection if all connections use the maximum bandwidth.

So far this has made a huge difference!!  Worth a look if you’re getting sluggish downloads.

Issue 2:

Some clients were not getting the self service portal.

So in my naivety I presumed Tanium self updated, turns out this is not the case and as you’d expect new updates come out regularly to the client. So after being quite far behind we setup up the client update process.  Here’s how:

In the cloud console, go to:  Shared Services > Tanium Client Management > Tanium Client Upgrades

Click Create Client Upgrade:

Now there are a few options:

I did this twice, once for servers and once for clients, just incase in the future we needed a different version on servers than clients etc.

The deployment is pretty self explanatory:

Name: give it a name

Client Version: If you choose latest, then the client is always going to be up to date, I appreciate some companies might not be able to do this so you may have to choose a version. I went with always up to date.

Targets – choose who to deploy too, I went with All Workstations for my clients and All Servers for my servers.

Check the deployment schedule is Ongoing and click preview and go:

 

Job done.

Tags: , , , , , ,