TANIUM - Linear Chain

แชร์
ฝัง
  • เผยแพร่เมื่อ 22 ธ.ค. 2024

ความคิดเห็น • 8

  • @davidpaul705
    @davidpaul705 3 ปีที่แล้ว

    Nice review Dan. Can this provide real time reporting or only scheduled reporting, based on the linear chain?

    • @danielpowers2772
      @danielpowers2772  3 ปีที่แล้ว +2

      the whole point f the linear chan is to provide data in real time as much as possible - so yes 😊

    • @danielpowers2772
      @danielpowers2772  2 ปีที่แล้ว +1

      Tanium most talked about feature is that the Linear chain provides REAL TIME data from endpoints. And (statistically) the more endpoints you have, the quicker you get results, in terms of date per endpoint#. In many cases Querying 10's of thousands on endpoints can result in data return in seconds/minutes.

  • @simounibarra1514
    @simounibarra1514 2 ปีที่แล้ว

    What do you mean by a "Linear Chain"? There are no straight connections from one server to another and so on and so forth, because each machine in the subnet is connected via a hub or a switch. Connections do not go straight from computer 1 to computer 2. But it's computer 1 - to switch - to computer 2 and this is most common connection in the real world. What you are trying to explain here is some sort of a token ring connection. Not sure if people are still using token ring, which is a thing of the past.

    • @danielpowers2772
      @danielpowers2772  2 ปีที่แล้ว

      In Tanium the devices (by default ) do create a chain between device1/devices2 etc. it is called it’s upstream neighbor. and the do communicate like this until the LAST device in that subnet (highest ip ) then sends results, in the case of a question, to the Tanium server. it is NOT a token ring nor is it peer-2-peer in a pure sense.

    • @danielpowers2772
      @danielpowers2772  2 ปีที่แล้ว

      docs.tanium.com/client/client/client_concepts.html

    • @simounibarra1514
      @simounibarra1514 2 ปีที่แล้ว

      @@danielpowers2772 Where is this chain of information being saved or updated - in the server or in the clients? Thanks for the quick reply :)

    • @danielpowers2772
      @danielpowers2772  2 ปีที่แล้ว +1

      at the end of it - then formation gets saved at the Tanium server. So ina simple case let’s say you ask for the version of adobe on all devices. the first device in each subnet gets the question, answer it and forward to the next decice (ip) - if that device has the same versio of adobe it simple tags the day with a +1 (for ease of conversation here) and forwards along to next .. until it reaches the end of the chain/subnet. the last device sends all the data to tanium server. ali g the chain of another device does not have adobe, it adds a line saying NOT INSTAllEd any other devices without adobe would add a +1 to that line etc…. different version would add new one with the version that is different. At the end this process moves LESS data around, and the bulk of communication is done at the high speed subnet and NOT accross a WAN link, as most HUB and apple would do. :-)