Using Settings

Summary

How to use the Settings application to configure Tachyon system and application settings.

Settings can be reached directly using the following URL:

https://<tachyon DNS Name FQDN>/Tachyon/App/#/platform/

where <tachyon DNS Name FQDN> is the one set up during the preparation phase, as described under the heading Preparation: DNS Names.

In this section...

Settings Features

An overview of the Settings application features.

Configuration Menu

General configuration options for Tachyon.

Connectors page
Connectors are used to connect to other 1E and third party systems, retrieve their data and populate repositories. Tachyon provides the following inventory connectors to populate the Tachyon inventory repository:
BigFix connector — Connects to a BigFix Inventory database server.
BigFixInv connector — Connects to a BigFix Inventory database.
File Upload connector — Uploads inventory data from a folder containing tab (TSV) and comma (CSV) separated value file(s).
InTune connector — Connects to an InTune application and pulls in inventory and usage data.
Microsoft Office 365 connector — Connects to an Office 365 application in InTune and pulls in inventory and usage data.
Oracle LMS connector — Connects to Oracle LMS and queries it for inventory information.
ServiceNow connector — Connects to a ServiceNow instance to import basic inventory data into SLA Platform.
System Center Configuration Manager connector — Connects to a Configuration Manager database and pulls in inventory and usage data.
Tachyon connector — Connects the Tachyon and SLA components to support Management group and Tachyon Powered Inventory features. The Tachyon Powered Inventory feature uses instructions to fetch inventory data from Tachyon clients, and is a prerequisite for Patch Success.
vCenter connector — Connects to a vCenter server and pulls in inventory data.
Windows Server Update Services connector — Connects to a WSUS database and pulls in patch data.
Use the links above to find more information about each type of connector. Please refer to Using Inventory for more information about viewing and exporting inventory repositories.
Additional connectors may exist for add-on Consumer applications that have been installed. For example, AppClarity 7.1 has the following connectors to populate its entitlement repository:
AppClarity v5.2 connector — Exports entitlements from an AppClarity 5.2 database into a TSV file, which can then be reviewed and imported into .
Entitlement .tsv connector — Uploads entitlements from a folder containing one or more tab or comma separated value file(s).
Consumer applications may add additional connectors to populate their repositories.

Repositories page

Repositories are used by applications to process and store information. Tachyon provides an Inventory repository out-of-the-box. Some consumer applications provide their own types of repositories.

Repository types	Used by	Used for
Application Migration	Application Migration	Migration rules.
Business Intelligence	Patch Success	Patch data for Patch Success.
Compliance	AppClarity	Compliance data for AppClarity. Reclaim policies and history.
Entitlement	AppClarity	Entitlements for AppClarity.
Inventory	Inventory AppClarity Application Migration Patch Success	Hardware and software inventory for devices. Optionally stores associations between Catalog products and Configuration Manager packages and applications.

A default repository is provided for each type of repository. You cannot delete a repository but you can change its details, clear its data or archive it. You can add further repositories for each type.

Repositories are populated using Connectors which are executed either manually or on schedule, and data is then processed by applications. In some cases you can manually enter data.

Provider configuration page
Providers can be used by applications to leverage external tools to perform specific operations. For example the reclaim provider enables software to be uninstalled, thereby extending the functionality of the platform to include uninstallation.
Custom properties page
Custom properties are generally associated with Explorer and can be used when setting coverage tags to target Instructions to particular devices. The custom properties must be defined by a custom properties administrator before they can be used to tag devices or used to set the coverage of Instructions.
This is done from the Settings→Configuration→Custom properties page, which can be viewed by users with any of the following roles:
Global Administrators
Custom Properties Administrators.
1E Client installer page
The 1E Client installer page is part of a feature that is currently under development and for use with the new Tachyon Discovery product, which is due for release in the coming months. To enable 1E Client to be rolled out across a network in conjunction with the network discovery piece, this page lets you select the 1E Client installer you want to use for the installation.
To deploy the 1E Client please refer to Deploying Tachyon clients.
Consumers page
The Consumers page lets you register the consumers that can access Tachyon. To enhance the security of the Tachyon system, only consumers that have been registered on this page will be allowed to access Tachyon.
Tachyon can integrate with third-party applications to enable its instruction-based investigation and resolution capabilities to be leveraged by other products. Some examples include: the Nomad Content Pause and Tachyon Configuration Manager integration features.
Components page
The Components page displays the configuration options and activity for all the components that make up the Tachyon platform.
Schedules page
The Schedules page lets you add schedules for executing actions on repositories, and select the categories of data you wish to collect.
License information page
The License information page shows details of the current license status and lets you reactivate your license if any changes have been made.
In the Products section, under Features, you can see which consumers you are able to use, and which type of instructions you can run according to their prefix pattern. Available consumers and prefixes are listed below under License requirements for consumer applications.
System information page
The System information page lets you review the configuration of Tachyon components used for Tachyon real-time features. There are no configuration options.
Branding page
The Branding page lets you customize the appearance of the Tachyon Portal and emails to match your corporate style.

Monitoring Menu

Viewing Tachyon logs.

Process log page
The Process log page lets you view the progress of queued actions, cancel actions that are pending and purge process log history.
Provider log page
The Provider log page lets you view status log events related to Tachyon Provider operations.
Sync log page
The Sync log page lets you review the records that have been added to repositories as a result of syncing connectors.
Infrastructure log page
The Infrastructure log page lets you view status log events related to the Tachyon infrastructure.
Audit information log page
The Audit information log page lets you view information on who is using Tachyon what actions they are performing.
System health page
The System Health page runs a comprehensive series of component checks. By default, it shows issues, but you can see a full list of green lights by toggling Issues only.

Permissions Menu

Configuring Tachyon users, roles and management groups.

Users page
The Users page lets you view and manage the current users of Tachyon. From this page you can:
Reactivate deactivated users
Deactivate selected users
Add new users
Remove users
View the details for particular users and set their roles.
Roles page
The Roles page lets you view the system roles and currently defined custom roles. From here you can also go into each role to set its membership and any associated management groups.
Configuring Access Rights - tutorial
A quick tutorial on configuring access rights for Tachyon. Using a scenario where access to Tachyon will be managed through Active Directory groups, the tutorial illustrates the general setup required and the particular steps needed to add the necessary Tachyon users.

In this tutorial

In this tutorial we demonstrate a process for creating Active Directory (AD) managed permissions to the Tachyon portal. We use specifically created AD groups for each of the Tachyon system roles and create Tachyon users for each one, we then define a custom role for a specific Instruction Set and create a Tachyon user with an existing AD group that provides access to running actions in the Instruction Set.
Example AD groups for the Tachyon system roles
As mentioned in Requirements: Active Directory requirements, we recommend that the AD security groups used for defining access to the Tachyon portal features are defined as Universal groups. The picture opposite shows an example TCNConsumerAdmins AD security group intended for the Consumer Administrators role.
Management groups page
Management groups are containers used to group devices and the software installed on those devices. Management groups are defined using configurable rules that look at various properties of the devices and their installed software, these are then evaluated to determine the group membership. This means that Management group membership adapts to changes to the devices and software in your environment.Management groups are used by Tachyon to:
Determine the targets for questions, actions and reporting.
Determine user permissions for targeting on particular devices based on Management group membership.
In terms of permissions for determining how Tachyon users interact with the devices in your network, Management groups work alongside Instruction sets.
In Tachyon Platform 5.2, Management Groups are created in two different ways:
Rule based - the Management groups page lets you add, edit, delete and evaluate management groups that are based on rules - once created these appear in the Management groups page marked with an RB icon.
Direct based - these use scripts to create management groups by importing lists of devices using FQDN names only - once created these appear in the Management groups page marked with a DB icon.
This type of Management group has no associated rules and cannot be edited and evaluated from the Management groups page.
Both types of Management group have the following properties:
Each device known to Tachyon can be assigned to any number of management groups, or be left unassigned. Devices not assigned to any management group will still be accessible, subject to permissions.
Roles can be associated with specific management groups, so that users with those roles will only be able to target the devices in their management groups.
Management groups can only contain devices, and they are completely independent of any other management group, even if they contain the same devices.
Each Management Group must have a unique name which is not case-sensitive.
Management groups - tutorial
In this tutorial

In this tutorial we add a number of management groups for the ACME organization: one that uses the name of the devices and several that use the Organizational Unit (OU) the devices belong to. The following picture shows what we have in our example Active Directory and how this will appear as management groups in Tachyon. Here you can see there are four servers in the AD Computers group, an additional Domain Controller server and six workstations in the OU.
By the end of this example you will have added six management groups:
Devices - this management group will use the names of the devices to bring them all into a single management group.
Workstations, Executive, Support, Finance and Sales - these management groups will use an OU rule to separate the devices according to the OU they belong to.

Instructions Menu

Loading and managing Tachyon Instruction sets.

Instruction sets page
How to load Instruction Definitions into Tachyon and then create, populate and delete Instruction sets.
The Instruction sets page enables Instruction set administrators to add, remove and modify the product packs used by Tachyon.
This page can be viewed by users with any of the following roles:
Global Administrators
Instruction Set Administrators
Security Administrators
You can perform the following tasks:

Adding Instruction Definitions into Tachyon

Creating Instruction sets

Moving Instructions to Instruction sets

Deleting Instructions sets and Instructions

Updating Instructions

An extended example
Instruction sets, Tachyon Exchange and custom roles - tutorial
How to load Instruction Definitions into Tachyon and then create, populate and delete Instruction sets.
In this tutorial

Every Instruction loaded into Tachyon has an implicit risk when applied to a network, some Instructions carry more risk than others.
One way of mitigating the risks could be to define Instruction sets that organize the Instructions according to their perceived risk. You could then define varying levels of access to the Instruction sets according to their associated risk.
For example the quarantine Instructions, available on the Tachyon Exchange, are for use in high-impact emergency scenarios, the way that these instructions work carries a fair degree of risk whereby devices are isolated from the network - which is appropriate for emergency use, however you may not want those Instructions to be generally available. To implement this you could create a High Security Instruction set to contain those Instructions, as well as any others you feel have a similar risk, and then lock down access to the Instruction set to suitable roles in the organization.
In this tutorial we will demonstrate:

Creating an Instruction set

Downloading a product pack from the Tachyon Exchange

Uploading a product pack to Tachyon, and adding the Instructions to an Instruction set

Creating a custom role

Adding a custom role to a Tachyon user or group

Page tree

Publish this draft for everyone to see.

Other users have edits for this page:

Permanently discard changes to this page.

This cannot be undone.

Contents