Tanium Proving Ground Lab

718 Launches
Solution Overview

WWT's ATC Tanium Proving Ground Lab exists to provide a unified solution built around relevant use cases. It seeks to showcase an architecture that solves the business problems our customers are currently facing, including patch management, threat detection, asset management, software license reclamation and continuous compliance.

This lab consists of several servers running Tanium, Splunk and Nessus, as well as a number of user workstations. All Tanium modules are configured to show functionality. In addition, Splunk is used to show how Tanium data exports can be used to create valuable insights. 

You will access the environment using a Windows-based jumphost from which you can browse web consoles, open RDP/SSH sessions, etc. (see topology below).

Goals & Objectives

The purpose of this lab is to help you develop proficiency in deploying, managing and monitoring the Tanium solution. The lab guide provides a flexible framework for evaluating the solution, its installation and behavior in a sample customer environment.

The lab environment will allow you to:

  • Access the Tanium Proving Ground environment.
  • Login to the cloud-based portal.
  • Navigate the portal's interface and workflow.
  • Deploy agents on Windows systems.
  • Deploy agents on Linux systems.

Hardware & Software

  • Tanium Core Platform
  • Splunk log collector
  • Nessus vulnerabilty scanner
  • Palo Alto VM-series firewall

Server Devices
  • 1x Windows Jumphost (Windows Server 2016)
  • 4x Tanium Servers (Windows Server 2016)
  • 1x Splunk Server (CentOS 7)
  • 1x Syslog Server (CentOS 7)
  • 1x Nessus Server (CentOS 7)
  • 1x Utility Server (CentOS 7)

Client Devices
  • 4x Windows 10 Clients (Windows 10 Enterprise)
  • 3x Windows 7 Clients (Windows 7 Enterprise)
  • 3x Red Hat Clients (Red Hat Enterprise Linux 7)
  • 1x Attack Host (Kali Linux)