Summary

An overview of all the Tachyon features and enhancements. The page provides a brief overview of each feature and links to other pages with more detail.

Installation

Tachyon provides a Tachyon Setup wizard that installs all of the separate parts of the Tachyon Platform using their individual installers. It is used to validate a server prior to running the installers, and supports a range of configurations as described in Design Considerations: Tachyon Setup configuration choices.

1E Client installers are also provided for Windows and packages for supported non-Windows OS.

1E Client Deployment Assistant is a wizard that assists Configuration Manager with deployment of 1E Client and other 1E client agents, guiding you through common settings for clients and deployments.

Explorer features

The Explorer application gives you the ability to investigate, remediate issues and manage operations across all your endpoints in real-time. For more information please refer to the Using Explorer section of this documentation.

Here's an overview of the features available in the Explorer application.

Questions, actions and their responses

Tachyon lets you question the devices on the network directly and, based on the responses, run any associated actions.

Questions, actions and responses are presented to the user via the Tachyon Explorer, a web-based portal that lets Tachyon users interact with Tachyon and its client devices.

The questions, responses and actions feature includes:

  • Graphical display of response information
  • Instruction impact assessment
  • Response history.

For more information on Instructions and their responses please refer to:

Exporting data from Explorer

Results visible in Explorer can be exported to files containing comma-separated values (CSV) or, in the case of the Export all option on the instruction response page, tab-separated values (TSV), and results can be marked for export at the point of asking a question to automate the process. Explorer lets you export the data on a number of pages to CSV files:

  • Instruction history
  • Responses - you can export a single page or all results once the Instruction has finished gathering responses - these can then be used for auditing purposes or to drive external programs
  • Drill-down responses
  • Device information

For more information on exporting data from Explorer please refer to:

Coverage, question filters, view filters and follow-on instructions

Questions and responses can be tailored to focus on specific ranges of device through the use of coverage and filters:

  • Coverage acts first to let you restrict the devices that will be asked a given question
  • Question filters act before devices have responded to narrow the responses that are sent
  • View filters act after the responses have been sent to focus the responses presented to the user and to determine the input into the follow-on instructions

The responses to initial questions can be further refined by asking follow-on questions or actions, allowing Tachyon questioners and actioners to focus in on the results they want to see.


For more information on coverage, question filters, view filters and follow-on instructions please refer to:

Approval workflow

To enhance the safety of running actions in the Tachyon system, there is an approval workflow that ensures that every Tachyon action requires the approval of designated approvers before it can be run. To make it even safer, someone with approval permissions cannot approve their own action.

When an attempt is made to run an action the Tachyon approval workflow sends an email and a Tachyon notification to all the approvers associated with the action. Any of the approvers may approve or reject the request to run the action.

For more information on the Approval workflow please refer to:

Authentication

Users must provide their user credentials when attempting to run an action, this prevents unauthorised access by a third-party attempting to make use of an unattended computer.

Actions can also be configured to require two-factor authentication, where the user attempting to run an action is challenged to enter a unique, one-time Tachyon authorization code that has been sent to them via an alternative method - such as email or via a registered mobile.

For more information on authentication please refer to:

Task-based organization for accessing and scheduling instructions

Tachyon provides a way of accessing the questions and actions that is organized around the way that network administrators typically interact with their network. This interface also lets you run the Instruction using a schedule.

The Explorer→Instructions→Tasks page in Tachyon Explorer provides a structured view of the instructions defined in the product packs. It also lets you schedule the tasks so they can be run in the future or according to a particular schedule.

Using task groups

The benefit of using Tasks lies in the task group structure that is defined in the product packs. It is this structure that enables you to focus in on specific task areas to find the particular instruction that you want.

For example you may be interested in instructions related to particular software vendor's products. Depending on the Instructions that you have uploaded to your Tachyon system you may see the following structure:

  • At the top-level there is a Software Vendors task group whose children are 1E and Microsoft.
  • Underneath the 1E task group there is a Tachyon group that contains Configuration, Diagnostics and Verification groups as well as a couple of Instructions.
  • Underneath the Microsoft task group is the Configuration Manager task group containing Instructions related to that product.

For more information on using Task groups to access and schedule Instructions please refer to:

Inventory and connectivity

The Devices page in the Tachyon Explorer shows you all the devices that have connected with Tachyon and their current connection status. There are two views provided that let you research the devices: the devices table and the devices dashboard, please refer to Checking inventory and connectivity - The Devices table and Checking inventory and connectivity - The Devices dashboard for more details.

For more information on inventory and connectivity please refer to:

Guaranteed State features

The Guaranteed State application gives you the ability to ensure device compliance with enterprise IT policies. For more information please refer to the Using Guaranteed State section of this documentation.

Here's an overview of the features available in the Guaranteed State application.

Policies and Rules

The Guaranteed State of a device is enforced by the Tachyon client at the device. One or more policies are deployed to devices according to the management groups the devices belong to. Each policy consists of one or more rules that are either check rules or fix rules:

  • Check rules - allow you to verify that a device has a particular state, such as a registry key having a specific value. You can then view summary and detail reports which show devices which are compliant and not compliant with the check rules
  • Fix rules - allow you to define a desired state for the device and then enforce that state. For example, you could mandate that a registry key exists and contains a specific value. Again, you can report on the application of these fix rules to devices.

For an explanation of management groups, please refer to the Management groups page. Management groups allow devices to be flexibly grouped, based on management group rules. This means you can easily administer devices based on, for instance, their Active Directory Organisational Unit, or their operating system version, or any other criteria supported by the management group rules.

For more information on policies and rules please refer to:

The Guaranteed State Overview page

The Overview page lets you view the current state of your enterprise in terms of the devices and policies that have been defined and applied. It consists of a number of charts that let you monitor the state in real-time.

For more information on the Guaranteed State Overview page please refer to:

Guaranteed State Reports

The Guaranteed State application provides three reports that let you view the details for the currently defined Policies, Rules and Devices. The information in these reports is consolidated into the Guaranteed State Overview page charts.

For more information on the Policies, Rules and Devices reports pages please refer to:

Exploring devices

Guaranteed State provides a Devices page where you can view the currently connected devices. On this page you can also select one or more of the devices and click an Explore button that launches the Explorer application. You can then run an instruction using the selected devices as the coverage for the instruction.

For more information on exploring devices please refer to:

Device Criticality

Device criticality is an attribute of a device that defines its importance within an organisation. As defined by default in Tachyon, criticality has the following settings

  • Undefined (or not set)
  • Non-critical
  • Low
  • Medium
  • High
  • Critical

At present, criticality settings do not affect the primary operation of Guaranteed State. However, it is possible to use Tachyon to set device criticality and to view it within Guaranteed State.

Tachyon also supports the use of the criticality setting when defining coverage for an instruction. For example, you can target an instruction to be sent only to devices whose criticality is not Critical.

For more information on device criticality please refer to:

Patch Success features

Patch Success is a Tachyon application that lets you maximize success of enterprise-wide patch deployment. It provides a view of patch state of your estate, as well as supplementing your existing patch deployment methods.

Overview page

The overview page contains three charts that show the current device patch status, the security updates by severity level and patch performance across all the devices connected to Tachyon.

The charts are interactive letting you easily drill-down into details on specific items in the display. The table can toggle between the status of devices or status of patches.

For more information on the Overview page please refer to:

Patches page

The Patches page shows a full list of patches that are applicable to devices within your estate and you can select an individual patch to view its details. From this page you can also launch the Explorer application with the coverage set to the selected devices.

For more information on the Patches, Patch installations and Patch details page please refer to:

Devices page

The Devices page shows a full list of devices within your estate and you can select an individual device to view its details.

For more information on the Devices, Device patches and Device details page please refer to:

Monitoring

The Monitoring pages show a full list of instruction history created by Patch Success and you can select individual instruction to view its details.

For more information on the History, Instruction details and Responses page please refer to:

Settings features

The Settings application lets you configure Tachyon system and application settings. For more information please refer to the Using Settings section of this documentation.

Here's an overview of the features available in the Settings application.

Instructions, product packs, Instruction sets and permissions

Tachyon lets you investigate your network using questions and actions, which are collectively known as Instructions.

You can load Instructions into Tachyon, either individually or via a Product Pack, which is essentially a zip file containing one or more Instructions. Tachyon comes with a range of pre-framed questions and actions in the form of product packs, providing extensive out-of-the-box capabilities that can be extended as new and updated product packs are made available.

Tachyon permissions for the Instructions are handled using Instruction sets. You create Instruction sets, then define roles which specify particular permissions on those sets and then assign the roles to users. Each Instruction is only allowed to reside in one Instruction Set, which associates it with a role and thereby the users that have that role and can run the Instruction. The roles have associated Management groups that determine the devices that users with the role have access to.

When Instructions are loaded into Tachyon they are placed in the default Unassigned Instruction Set, so you must move them into previously created Instruction sets before they can be run.

For more information on uploading product packs into Tachyon and managing Instruction sets please refer to:

Connectors

Connectors are used to connect to other 1E and third party systems and populate repositories. When more than one connector to different data sources are used, the information from those different data sources is de-duplicated and normalized into a single cohesive view that is then stored in a repository. In this way you can use the data from different sources to augment each other and build a better picture of "what's out there?". For example, you can sync inventory data from Configuration Manager into an inventory repository, which will fetch information about your Windows devices. You could then augment that with inventory data synced from Tachyon which could include information about non-Windows devices where the Tachyon client has been installed. 

For more information on connectors please refer to:

The following connectors are supported:

Repositories

Repositories are used by applications to process and store information. For example the Patch Success application uses both an inventory and a BI repository to process the information needed to report on how successful patching is in your enterprise. Normally a connector is used to connect a data source to an appropriate repository.

Repositories are also useful when you want to segregate different types of data. For example, you could have one inventory repository for Configuration Manager inventory data, and another one for BigFix data. Alternatively, you can have connectors to different inventory sources pushing data into one repository. Any Management Groups that you create will span all the repositories you have.

For more information on managing repositories please refer to:

Custom properties

Custom properties are generally associated with Explorer and can be used when setting coverage tags to target Instructions to particular devices. The custom properties must be defined by a custom properties administrator before they can be used to tag devices or used to set the coverage of Instructions.

This is done from the Settings→Configuration→Custom properties page, which can be viewed by users with any of the following roles:

  • Global Administrators
  • Custom Properties Administrators.

Schedules

Schedules can be created to execute specific operations on repositories in Tachyon so that they are kept up to date with their data sources and processing. These operations include:

  • Syncing data sources to repositories using connectors
  • Processing the BI data cube.

Repository schedules are different to Instruction schedules that can be set in Explorer.

For more information on setting schedules please refer to:

Consumers, Applications, Components and Providers

There are pages in the Settings application for each of these. They are described in the following table:

Configuration objectsDescription
Consumers

These can access Tachyon using the Tachyon Consumer API. To enhance the security of the Tachyon system, only consumers that have been registered on the Settings→Configuration→Consumers page will be allowed to access Tachyon.

ApplicationsFeatures of Tachyon that are hosted in the Tachyon Portal. Applications are generally Consumers as they need to interact with Tachyon using the Tachyon API. These are available on the Switch App menu.
ComponentsThese form part of SLA and cannot be changed or altered by a user. These can be viewed using the Settings→Configuration→Components page.
ProvidersThese are components that can be configured to provide a particular operation in SLA. These can be viewed and configured using the Settings→Configuration→Provider configuration page.

For more information on Consumers, Components and Providers please refer to:

Information pages

Information on your Tachyon license is available, as well as the ability to re-activate it following an update.

You can view information on the Tachyon system information for the Consumer, Coordinator, Background channel, Core and Switch.

For more information please refer to:

Monitoring log files

The monitoring pages let you view how Tachyon is performing its tasks. Four key log pages are provided:

PageDescription
Process logWhenever you execute a sync or process a repository the steps are displayed here. This page is updated in real-time and shows the status of each step as it happens.
Sync logThe results of performing a sync are displayed here.
Infrastructure logInformation on the Tachyon infrastructure is displayed here, such as: license status and instruction workflow.
Audit information logThis page displays information on the Instructions that have been run in Explorer. This includes the instruction text and the user that requested it.

Defining users and roles

Tachyon users or groups can be added from AD. They can be assigned roles that determine what aspects of Tachyon they can access. Custom roles can be created that let you associate particular permissions on particular Instruction sets for particular management groups.

For more information on users and roles please refer to:

Management groups

Management groups use inventory-based rules to define groups of particular devices, they are implemented in SLA and then made available to Tachyon applications and other consumers. After a management group is defined, each time the inventory is updated the device membership of the groups is re-evaluated by applying the management group's rules to the new inventory.

Custom roles can be created that tie particular Instruction sets to particular management groups. This means you can not only set the permissions for users to access the Instructions in specific Instructions sets, you can also determine which devices they can target using those Instructions.

Once defined, management groups can then be used to set the coverage for Instructions in Explorer and also which devices can be targeted by particular users. Management groups are also used by the Patch success and Guaranteed state applications to determine which devices are being targeted.

For more information on management groups please refer to:

Uploading Instructions into Tachyon and creating Instruction sets

You determine the capabilities of Explorer by uploading Instructions from product packs into Tachyon. Product packs are either provided with the release or downloaded from the Tachyon Exchange. Once the Instructions have been uploaded into Tachyon you then need to put them into Instruction sets. The Instruction sets can then be associated with custom roles to determine the permissions applied to the Instructions. The custom roles are then applied to users to determine which Instructions each user has access to.

For more information on uploading product packs into Tachyon and managing Instruction sets please refer to:

The Tachyon client

The Tachyon client is a feature of the 1E Client. On Windows devices, the 1E Client provides client features and modules for other 1E products. On non-Windows devices, the 1E Client only provides Tachyon client features.

Tachyon enables rapid response to instructions using the Tachyon client, which supports the retrieval of information, running actions and device tagging. The 1E Client can also be extended to support additional features. On Windows OS, the 1E Client is installed as a service, with a small footprint.

Supported Platforms

All 1E Client features are supported on the following Windows OS:

Windows

  • Windows Server 2019
  • Windows Server 2016
  • Windows 10 CB 2004
  • Windows 10 CB 1909
  • Windows 10 CB 1903
  • Windows 10 CB 1809
  • Windows 10 CB 1803
  • Windows 10 CB 1709
  • Windows 8.1

Professional and Enterprise editions of Windows 10 are supported.

The 1E Client for Windows zip is available for download from the 1E Support Portal.

All versions are provided with 32-bit & 64-installers, and can be installed on physical and virtual computers.

This list is automatically updated to show only those OS versions in mainstream support by Microsoft, and therefore supported by 1E, and by 1E Client 5.0. However the following OS continue to be supported as exceptions to help customers during their migration to the latest OS:

  • Windows Server 2012 R2
  • Windows 7 SP1

Please refer to Constraints of Legacy OS regarding end of mainstream support.

For Microsoft product lifecycle details, please refer to https://support.microsoft.com/en-us/lifecycle/search.

Please refer to https://1eportal.force.com/s/support-for-msft-rapid-release-cycle for details of which Current Branch versions are supported by 1E products, and known issues regarding specific versions.

The Tachyon client features of 1E Client are supported on the following non-Windows OS:

macOS

  • MacOS Catalina 10.15.1
  • macOS Mojave 10.14
  • macOS High Sierra 10.13

Linux

  • CentOS 7
  • Red Hat Enterprise Linux 7.1
  • SUSE Linux Enterprise (SLES) 12
  • Ubuntu 14.04

Solaris

  • Solaris 11.3

1E Client supports only Tachyon features on non-Windows devices.

Other versions of these non-Windows OS should work but have not been tested by 1E.

The 1E Client for non-Windows zip is available for download from the 1E Support Portal, and includes 1E Client packages for the following architectures:

  • Linux variations on Intel 64-bit platforms
  • Solaris on Intel 64-bit and SPARC platforms

Also included in the download are 1E Client packages for the following legacy Linux distributions:

  • Fedora 21
  • openSUSE Leap 42.1

1E Client packages for other Linux distributions can be requested, including Raspbian for Raspberry Pi, and Debian.

The Tachyon client features of 1E Client are supported on the following mobile OS:

Android

  • Android Pie 9.0
  • Android Oreo 8.1
  • Android Oreo 8.0

1E Client supports only Tachyon features on non-Windows devices.

Other versions of these mobile OS should work but have not been tested by 1E.

The 1E Client for Android zip is available for download from the 1E Support Portal, and includes 1E Client packages for the following architectures:

  • Android ARM

Tachyon Activity Record feature

Tachyon clients capture certain types of event data in a local database (Persistent Storage) so that Tachyon instructions can query later. Data is compressed and encrypted in a way that ensures a very low impact on device performance and security.

Tachyon Activity Record is similar to Windows Task Manager and Perfmon. On Windows client devices Tachyon continuously captures events, which enables all significant events to be captured as they happen. Other OS use polling, which requires the polling frequency to be regular enough to ensure brief events to be captured.

System status bar and notification area

Tachyon includes a system status bar that displays the number of Tachyon instructions in progress and current and historical connectivity information for the total number of devices connected to Tachyon.

The notification area provides information on the logged on user or administrator and access to their notifications.

Certificates

Tachyon uses certificates on the Tachyon Server and Tachyon client devices to maintain the security of the system. Any custom Instructions must be code-signed with a certificate that has been registered in your 1E license before they can be run in Tachyon. 

The certificates feature includes:

  • Support for Cryptographic Next Generation certificates

  • Upgrade to latest version of OpenSSL v1.0.2h

  • Security to enforce Tachyon client device certificates

Tachyon integration

Tachyon can integrate with 3rd party products. It integrates seamlessly with Microsoft System Center Configuration Manager, it can use 1E Nomad to add content download capabilities, provides a fully-featured consumer API and can even be used as a response delivery mechanism by 3rd party applications.

Consumer management

Tachyon provides a dedicated page where the 3rd party consumers can be enabled and managed by Tachyon Consumer Administrators, as described in Consumers.

Microsoft System Center Configuration Manager console integration

Configuration Manager users can use all the features of Tachyon from within the Configuration Manager console.

  • Run questions and actions that target the devices in Configuration Manager collections.

Tachyon client integration with 1E Nomad to enable efficient download of content

Tachyon can leverage the features of the industry-respected 1E Nomad to enable content to be downloaded to the Tachyon client device. Using 1E Nomad provides the following benefits:

  • Significantly reduces the bandwidth required for delivering software
  • Small offices or sites connected via poor network links can receive software updates more reliably
  • Reduces the need for large numbers of Configuration Manager servers
  • Faster Configuration Manager implementations because fewer servers are required
  • Distribute software to home, mobile and remote office users
  • Low cost – easy to deploy
  • No new infrastructure or skills required
  • Reduces software distribution costs

The feature is a set-and-forget option on the Tachyon client. By default it is enabled and means that Tachyon will automatically use Nomad to download content if it is installed on the Tachyon client device (Nomad is currently supported on Windows devices only). The prerequisites for using Nomad are given on Supported Platforms. The options for configuring Nomad integration are NomadContentDownloadEnabled and NomadContentDownloadTimeoutSecs in the 1E Client configuration file.

Tachyon consumer API

Tachyon implements a complete API for controlling the questions, answers, responses and workflows that implement the Tachyon features for third-party applications including ServiceNow.

The Tachyon API feature includes:

  • Consumer API versioning
  • Improved version and error reporting support in Consumer API
  • Extended RBAC API extensions for consumers

Tachyon can offload responses directly to 3rd party applications

Tachyon can be used as the means to gather data for 3rd party applications. Using its fast response time to gather the data it then be configured to pass the data on without storing it locally. The offloading is configured for each consumer on the Consumers page. To use this feature the consumer must be configured to use the offloaded responses data.