Summary

Information that will help you design and plan the implementation of Tachyon in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with Tachyon client enabled.

For a full understanding of Tachyon features and their configuration please refer to Tachyon 5.2 documentation.

Tachyon client features are not required if the 1E Client is being installed only to support PXE Everywhere, Shopping, or WakeUp.

Tachyon client features are required if you are using any of the following:




Public Key Infrastructure

Tachyon features require a PKI and certificates on client devices and servers. Please see below for client requirements, and Tachyon 5.2 - Requirements: Certificates for server requirements.


You need to have a PKI in your environment with at least one Issuing CA.

Tachyon requires each Issuing CA has:

  • Certificate Revocation List (CRL) Distribution Point (CDP) that uses HTTP/S 
  • this HTTP/S CDP information is included in certificates issued to Tachyon Server and client devices



If you have an existing PKI and have just added a new CDP to support HTTP/S then you will need to re-issue certificates to your servers and devices.

Tachyon deliberately does not work with self-signed certificates for security reasons. Therefore Tachyon client or Server cannot be installed on the same server as a Root CA, because its certificate is self-signed.

Tachyon uses TLSv1.2. If your PKI is using SHA512 then please ensure that your environment has relevant updates applied, as described in KB2973337. See Client issues: Enabling SHA-512 to work with TLSv1.2.

If you want Tachyon to manage legacy OS that Microsoft no longer supports there may be issues with encrypted certificates described in Requirements: Constraints of Legacy OS.




Client Certificates




Tachyon client integration with Nomad

Tachyon client integration with Nomad allows Tachyon clients to make use of Nomad features for more efficient downloading of content from different HTTP sources including the Tachyon Background Channel. Using this feature needs the following settings enabled, you can do this during the 1E Client installation:

  • Nomad client module - enabled (off by default)
  • Tachyon integration with Nomad - enabled (on by default)

With the Tachyon integration setting enabled, the Tachyon client will automatically detect if the Nomad client module is enabled and use it to download content from HTTP sources when requested.

Tachyon's use of Nomad works irrespective of whether Nomad is integrated with Microsoft Configuration Manager, or using 1E ActiveEfficiency or Content Distribution features.

The Nomad client included in 1E Client 5.2 and later requires Tachyon Platform with Content Distribution features enabled. Content Distribution is the replacement for ActiveEfficiency. 


Configuration Manager is not a prerequisite for Tachyon integration with Nomad, but you will need to consider the following:

Configuration Manager client present

You do not need to make any configuration changes to Nomad for it to integrate with Tachyon, other than enable the Nomad client module in the 1E Client, or have a legacy version of the Nomad client installed. Please refer to Nomad 7.1 documentation for guidance on designing and deploying Nomad.

Configuration Manager client not present

You must ensure the following bits are enabled in the relevant Nomad installer properties and their corresponding registry values. These are enabled by default in the Nomad client module of the 1E Client, but if you modify the following properties for any other purposes then you must ensure these bits are set:

  • CompatibilityFlags bit 1 - enable long hashes
  • SpecialNetShare bit 13 - enable HTTP(S)


If you have any configuration baselines or other policies that control Nomad settings then these will need to be reviewed. Review is especially important if you have upgraded from legacy Nomad Branch 6.x where these bits were disabled by default.



Tachyon scripting requirements

Tachyon real-time instructions are written in the Tachyon native language SCALE, which is very like SQL but with additional logic, functions and methods. Scripts can be downloaded when an instruction runs, or actual command text embedded in the instruction. You will very probably want to use scripts in the instructions you download from 1E or instructions you write yourself. Therefore, you must ensure the appropriate scripting environment is present on Agent devices.

Windows Tachyon clients can use PowerShell scripts. Ensure your Tachyon client devices have an appropriate version of PowerShell installed to support any custom scripts you may develop. See PowerShell on Windows OS.

Non-Windows Tachyon clients can use bash as their scripting medium. This should be present on all non-Windows Tachyon client devices.

For more information about SCALE and writing your own instructions, please refer to:


PowerShell

Bash and Perl

Requirements for verifying the Tachyon installation

The Verifying page provides detailed steps for verifying a new or upgraded infrastructure, including firsts steps for uploading and running instructions. Below is a list of requirements to perform verification testing.

Firewall ports

Please refer to Tachyon communication ports.