Summary

An overview of Tachyon features and enhancements.

Instructions, Product Packs, Instruction Sets and permissions

Tachyon lets you investigate your network using questions and actions, which are collectively known as Instructions.

You can load Instructions into Tachyon, either individually or via a Product Pack, which is essentially a zip file containing one or more Instructions. Tachyon comes with a range of pre-framed questions and actions in the form of product packs, providing extensive out-of-the-box capabilities that can be extended as new and updated product packs are made available.

Tachyon permissions for the Instructions are handled using Instruction Sets. You create Instruction Sets, then define roles which specify particular permissions on those sets and then assign the roles to users. Each Instruction is only allowed to reside in one Instruction Set, which associates it with a role and thereby the users that have that role and can run the Instruction.

When Instructions are loaded into Tachyon they are placed in the default Unassigned Instruction Set, so you must move them into previously created Instruction Sets before they can be run.

Task-based organization for accessing instructions

Tachyon provides a way of accessing the questions and actions that is organized around the way that network administrators typically interact with their network.

The Tasks page in Tachyon Explorer provides a structured view of the instructions defined in the product packs. Tachyon 3.0 onwards this is a new way of accessing instructions that revolves around the task areas you are interested in.

Using task groups

The benefit of using Tasks lies in the task group structure that is defined in the product packs. It is this structure that enables you to focus in on specific task areas to find the particular instruction that you want.

For example you may be interested in instructions related to particular software vendors products. At the top-level there could be a Software Vendors task group whose children are 1E and Microsoft. Underneath the 1E task group could be a number of instructions that enable you to control various aspects of the 1E products. Underneath the Microsoft task group could be some child task groups that cater for different Microsoft products, such as Configuration Manager and Microsoft Office. Below these groups could be instructions related to those specific products.

On this page:

Questions, actions and their responses

Tachyon lets you question the devices on the network directly and, based on the responses, run any associated actions.

Questions, actions and responses are presented to the user via the Tachyon Explorer, a web-based portal that lets Tachyon users interact with Tachyon and its agents.

The questions, responses and actions feature includes:

  • Graphical display of response information
  • Instruction impact assessment

Coverage, question filters, view filters and follow-on instructions

Questions and responses can be tailored to focus on specific ranges of device through the use of coverage and filters:

  • Coverage acts first to let you restrict the devices that will be asked a given question
  • Question filters act before devices have responded to narrow the responses that are sent
  • View filters act after the responses have been sent to focus the responses presented to the user and to determine the input into the follow-on instructions

The responses to initial questions can be further refined by asking follow-on questions or actions, allowing Tachyon questioners and actioners to focus in on the results they want to see.

Exporting responses

Tachyon lets you export responses to CSV files. These can then be used for auditing purposes or to drive external programs.

The Tachyon Agent

Tachyon enables rapid response to instructions using the Tachyon Agent, which supports the retrieval of information, running actions and device tagging. The Agent can also be extended to support additional features. On Windows OS, the Agent is installed as a service, with a small footprint.

The Tachyon Agent is supported on the following Windows OS:

Windows

  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • Windows 10 CB 1903
  • Windows 10 CB 1809
  • Windows 10 CB 1803
  • Windows 10 CB 1709
  • Windows 10 CB 1703
  • Windows 8.1

Professional and Enterprise editions of Windows 10 are supported.

All versions are provided with 32-bit & 64-installers.

A service is installed called 1E Tachyon Agent with a small footprint.

The Tachyon Agent is supported on the following non-Windows OS:

macOS

  • macOS High Sierra 10.13

Linux

  • CentOS 7
  • Red Hat Enterprise Linux 7.1
  • SUSE Linux Enterprise (SLES) 12
  • Ubuntu 14.04

Solaris

  • Solaris 11.3

Android

  • Android Oreo 8.1
  • Android Oreo 8.0

Other versions of these Operating Systems should work but have not been tested by 1E.

The Tachyon Agent is available for download from the 1E Support Portal, for the following architectures:

  • Linux variations on Intel 64-bit platforms
  • Solaris on Intel 64-bit and SPARC platforms
  • Android ARM

Also included in the download are Tachyon Agents for the following legacy Linux distributions:

  • Fedora 21
  • openSUSE Leap 42.1

Tachyon Agents for other Linux distributions can be requested, including Raspbian for Raspberry Pi, and Debian.

Tachyon Agent Historic Data Capture

On Tachyon Windows Agent devices Tachyon continuously captures events, which enables Tachyon to capture all significant events as they happen. This should be contrasted with polling, which to a certain degree relies on luck to capture conditions that are brief enough to fall between polls. In this way Tachyon Agent Historic Data Capture compares with the Windows Task Manager or Perfmon. Tachyon captures the data to a compressed and encrypted database to ensure that it has a very low impact on device performance and security.

Permissions

Tachyon is a powerful system enabling rapid diagnostic and remediation across an entire network in seconds. For this reason careful attention has been paid to how the system is locked down to access by authorized users and devices.

Tachyon users, administrators and roles

The capabilities of Tachyon users are configured through role-based access to Tachyon features. When using Tachyon there are generally four types of access: Actioner, Approver, Questioner and Viewer corresponding to the main Tachyon users. These can be determined broadly or down to the level of access to individual Instruction Sets.

Tachyon administration access can be determined through role-based access to the extended properties, infrastructure, Instruction Set and permissions areas of Tachyon.

Certificates

Tachyon uses certificates on the Tachyon Server and Tachyon Agent devices to maintain the security of the system. Any custom Instructions must be code-signed with a certificate that has been registered in your 1E license before they can be run in Tachyon. 

The certificates feature includes:

  • Support for Cryptographic Next Generation certificates

  • Upgrade to latest version of OpenSSL v1.0.2h

  • Security to enforce Tachyon Agent device certificates

Approval Workflow

To enhance the safety of running actions in the Tachyon system, there is an approval workflow that ensures that every Tachyon action requires the approval of designated approvers before it can be run. To make it even safer, someone with approval permissions cannot approve their own action.

When an attempt is made to run an action the Tachyon approval workflow sends an email and a Tachyon notification to all the approvers associated with the action. Any of the approvers may approve or reject the request to run the action.

The workflows feature includes:

  • New-look email template for approval workflow

Authentication

Users must provide their user credentials when attempting to run an action, this prevents unauthorised access by a third-party attempting to make use of an unattended computer.

Actions can also be configured to require two-factor authentication, where the user attempting to run an action is challenged to enter a unique, one-time Tachyon authorization code that has been sent to them via an alternative method - such as email or via a registered mobile.

System status dashboard

Tachyon infrastructure administrators have access to a system status dashboard where they can monitor the performance of Tachyon and find useful data when troubleshooting issues. Tachyon provides instrumentation data on key performance metrics for the core components.

1E Support may ask you to investigate the system status dashboard if you encounter certain types of issue.

Audit logging

Tachyon provides a trail of action, question and Explorer management data to help in auditing the use of Tachyon in your environment.

System status bar and notification area

Tachyon includes a system status bar that displays the number of Tachyon instructions in progress and current and historical connectivity information for the total number of devices connected to Tachyon.

The notification area provides information on the logged on user or administrator and access to their notifications.

Inventory and connectivity

The Devices page in the Tachyon Explorer shows you all the devices that have connected with Tachyon and their current connection status. There are two views provided that let you research the devices: the devices table and the devices dashboard, please refer to Checking inventory and connectivity - The Devices table and Checking inventory and connectivity - The Devices dashboard for more details.

Tachyon integration

Tachyon can integrate with 3rd party products. It integrates seamlessly with Microsoft System Center Configuration Manager, it can use 1E Nomad to add content download capabilities, provides a fully-featured consumer API and can even be used as a response delivery mechanism by 3rd party applications.

Consumer management

Tachyon provides a dedicated page where the 3rd party consumers can be enabled and managed by Tachyon Consumer Administrators, as described in Consumers.

Microsoft System Center Configuration Manager console integration

Configuration Manager users can use all the features of Tachyon from within the Configuration Manager console.

  • Run questions and actions that target the devices in Configuration Manager collections.

Agent integration with 1E Nomad to enable efficient download of content

Tachyon can leverage the features of the industry-respected 1E Nomad to enable content to be downloaded to the Tachyon Agent device. Using 1E Nomad provides the following benefits:

  • Significantly reduces the bandwidth required for delivering software
  • Small offices or sites connected via poor network links can receive software updates more reliably
  • Reduces the need for large numbers of Configuration Manager servers
  • Faster Configuration Manager implementations because fewer servers are required
  • Distribute software to home, mobile and remote office users
  • Low cost – easy to deploy
  • No new infrastructure or skills required
  • Reduces software distribution costs

The feature is a set-and-forget option on the Tachyon Agent. By default it is enabled and means that Tachyon will automatically use Nomad to download content if it is installed on the Tachyon Agent device (Nomad is currently supported on Windows devices only). The prerequisites for using Nomad are given on Supported Platforms. The options for configuring Nomad integration are NomadContentDownloadEnabled and NomadContentDownloadTimeoutSecs in the Tachyon Agent configuration file.

Tachyon consumer API

Tachyon implements a complete API for controlling the questions, answers, responses and workflows that implement the Tachyon features from third-party applications.

The Tachyon API feature includes:

  • Consumer API versioning
  • Improved version and error reporting support in Consumer API
  • Extended RBAC API extensions for consumers

Tachyon can offload responses directly to 3rd party applications

Tachyon can be used as the means to gather data for 3rd party applications. Using its fast response time to gather the data it then be configured to pass the data on without storing it locally. The offloading is configured for each consumer on the Consumers page. To use this feature the consumer must be configured to use the offloaded responses data.

Custom tagging

Tachyon lets you tag Tachyon Agent devices with Coverage Tags so that they can be easily targeted when setting the coverage for specific questions. For example you may want to tag devices related to different departments so that they can be managed appropriately.

Installation

Tachyon has two installers, one for the Tachyon Server components and the other for the Tachyon Windows Agent.

Tachyon Setup is used to validate a server prior to running the Tachyon Server installer, and supports a range of configurations as described in Design Considerations - Tachyon Setup configuration choices.

There are also Tachyon Agent installation packages for supported non-Windows OS.