Summary

What you need before using Guaranteed State.

Prerequisites

To configure Guaranteed State, you will need the following:

  • An appropriate Tachyon License to permit using Guaranteed State. This is normally included in a standard Tachyon license.
  • A domain security group representing Guaranteed State Administrators who will use the Tachyon Guaranteed State application. 
    • The steps below describe how a Tachyon user will be created for this group, and a role which grants access to the Guaranteed State pages and instructions.
  • Your Tachyon user will need the following role permissions in addition to the ones listed above:
    • Permissions Administrators role in order to create the above Tachyon user.
    • Log Viewers role to aid troubleshooting (optional).
  • The PolicyTool folder extracted from Tachyon Platform zip.

This process assumes you have already verified your Tachyon installation and have Tachyon Agents deployed on some Windows devices.

On this page:

Assigning users to the Guaranteed State Administrators role

In this version of Tachyon, a Gauranteed State users is either a viewer or an administrator. A user needs to be an administrator in order to create and deploy policies.

To optionally create a new user:

  1. Navigate to the Settings→Permissions→Users page.
  2. Click the Add button to start the add user process.
    1. In the Add user popup subsequently displayed, type the name of an Active Directory account or security group in the Select user field.
    2. Select a name from the search results list and click the Add button.
  3. The new user will be added to the Users table.

To assign the new user to the Guaranteed State Administrators role:

  1. In the Users table, locate the row for the new user and click on the link in its Name column.
  2. In the User : <user/group> page, click the Edit button.
  3. In the Edit roles assigned to user popup, scroll down the list and check the checkbox for the Guaranteed State Administrators role.
  4. Click Save.

To verify:

  1. Logon to the Tachyon Portal using a Tachyon user account with the new Guaranteed State Administrators role.

    Guaranteed State can be reached directly using the following URL:

    https://<tachyon DNS Name FQDN>/Tachyon/App/#/guaranteedstate/

    where <tachyon DNS Name FQDN> is the one set up during the preparation phase, as described under the heading Preparation: DNS Names.

  2. Navigate to the Guaranteed State→Overview page.

Importing pre-defined Guaranteed State policy objects

Guaranteed State requires various policy objects to be defined. Typically you will create new rules and policies, using Guaranteed State→Administration. However, when defining new rules you must reference objects such as rule triggers which you must import from a Policy Pack. The Tachyon Platform zip used to install Tachyon contains a Policy Tool with a set of default policy objects which provide core Guaranteed State functionality.

Use the following steps to import the default policy objects. You will require a a user that is assigned to the Guaranteed State Administrators role in order to import or manage policy objects.

  1. On the Tachyon Server, or on remote device that is able to connect to the server, logon as a user that is assigned to the Guaranteed State Administrators role.
  2. Open a browser and confirm you can navigate to Guaranteed State→Administration→Policies page. This will confirm the logged on user is able to administer Guaranteed State. 
  3. Confirm the Policies page does not have any policies.
  4. Extract the Tachyon Platform zip and copy the PolicyTool folder to an appropriate directory on the device.
  5. Open a command-prompt and navigate to the PolicyTool directory.
  6. Set the TACHYON_CONSUMER_URL environment variable to the Consumer URL for Tachyon, which is: https://<TachyonDNSName>/Consumer. In our example this is set by the following command-line:

    set TACHYON_CONSUMER_URL=https://tachyon.acme.local/Consumer
  7. Run the import_all.bat script.
  8. Confirm no errors occurred.

    The import script uses the Tachyon Policy Tool to perform the import. For more information about using this tool to manage individual policy objects such as triggers, please refer to Using the Tachyon Policy Tool.

  9. Refesh the Policies page in the browser and confirm that a new Windows Client Health Policy has appeared.
  10. To continue with using Guaranteed State, please refer to Getting Started with Guaranteed State.


Tachyon Platform zip

The TachyonPlatform zip file can be downloaded from the 1E support portal page (https://1eportal.force.com). Extracting the zip will create a folder structure containing the following, where highlighted files are required by Tachyon Setup.

  • Licenses.txt
  • Tachyon Release Information.html
  • Tachyon.Setup.exe
  • Installers\1ECatalog.msi
  • Installers\SLA.BI.Installer.msi
  • Installers\SLA.Platform.Installer.msi
  • Installers\TachyonCertificateManager.exe
  • Installers\TachyonServer.msi
  • Installers\TachyonToolkit.msi
  • Installers\Apps\Explorer\Explorer.zip
  • Installers\Apps\Explorer\metadata.json
  • Installers\Apps\GuaranteedState\GuaranteedState.zip
  • Installers\Apps\GuaranteedState\metadata.json
  • Installers\Apps\PatchSuccess\metadata.json
  • Installers\Apps\PatchSuccess\PatchSuccess.zip
  • Installers\Apps\Settings\metadata.json
  • Installers\Apps\Settings\Platform.zip
  • PolicyTool\delete_all.bat
  • PolicyTool\Export_All.bat
  • PolicyTool\import_all.bat
  • PolicyTool\log4net.dll
  • PolicyTool\Newtonsoft.Json.dll
  • PolicyTool\Tachyon.Policy.exe
  • PolicyTool\Tachyon.Policy.exe.config
  • PolicyTool\Tachyon.Policy.exe.RoslynCA.json
  • PolicyTool\Tachyon.SDK.Consumer.dll
  • PolicyTool\Fragments\1E-GuaranteedState-*.xml
  • PolicyTool\Policies\Policy-Windows Client Health.xml
  • PolicyTool\Rules\Rule-*.xml
  • PolicyTool\TriggerTemplates\TriggerTemplate-*.xml