Lumu simplifies Continuous Compromise Assessment by consolidating its management, reporting, and related contextual intelligence within a single portal. Security teams no longer need to chase down data from multiple network monitoring tools.
Lumu offers a variety of collector options for sending your network metadata. Depending on your needs and how you want to integrate Lumu into your infrastructure, you can choose a combination of collectors to cover all your enterprise perimeters.
Variety of collectors available at Lumu
In this section of the
Lumu Portal, you can manage the available collector types such as Gateways, Virtual Appliances, Agents, and API.
This article shows a brief overview of the collectors you can use to incorporate Lumu into your security operation. For detailed information, consult the documentation link included in each collector description, or consult our deployment and integration guide.
Note: some features, such as end-point level visibility, Custom Collectors and Integrations are only available for Lumu PRO subscriptions,
consult our website for more details.
Gateways
At Lumu, Public Gateways are how we define the network’s public IP addresses, which are used to forward traffic to other networks or the internet. Consult our Gateway documentation on using gateways to associate traffic from your organization to Lumu.
Gateways Management
Virtual Appliances and VA Collectors
The Lumu Virtual Appliance is a virtualized machine that enables collecting network metadata from your entire enterprise and forwards it to the Lumu cloud with the lowest impact on the network operation. For more details, consult our Lumu VA documentation.
Virtual Appliances management
The Lumu VA offers the option to create VA Collectors, a seamless way to integrate network metadata (firewall, proxies, etc.), as well as send your DNS logs through the VA instead of the VA built-in resolver.
Agents
The Lumu Agent is an endpoint software program provided by Lumu installed on a user's machine and enables the monitoring of remote devices no matter where they are. Lumu Agents run silently while intentionally collecting network metadata to be analyzed by Lumu to measure compromise in real time. For more information, consult our Lumu Agent documentation.
Lumu Agent management
For organizations with a remote workforce, Lumu has the option to implement the Continuous Compromise Assessment concept for remote workers using VPN (Virtual Private Network) or SDP (Software Defined Perimeter) technologies as well. For detailed guidance,
consult our documentation.
Custom Collectors API
The Lumu Custom Collectors API allows posting network metadata captured from third-party platforms/services/appliances to Lumu for real-time and Continuous Compromise Assessment. It can also be used as an alternative for greater visibility in cases where the enterprise network restricts the use of Virtual Appliances. For more details, consult the Custom Collectors API documentation.
Custom Collectors API management
Integrations
This section of the Lumu Portal allow customers to easily setup Lumu to feed confirmed compromise instances into any third-party tool for automated mitigation and remediation. Take advantage of our vendor-agnostic integrations to send Lumu’s confirmed compromise instances to any third-party tool for automated mitigation and remediation.
In the Integrations' section of the Lumu Portal, you can find the “API” area for custom integrations and the “Apps” area for out-of-the-box integrations for easy deploy and management. For more details, consult the
Integration's documentation.
Integrations management
Know more about the Lumu Portal:
- Incidents
- Compromise Overview
- Labels
- Lumu Email