Consult our website to learn more about Lumu’s offering for MSPs, and our FAQ if you have further questions or doubts.

This article provides all you need to get started and provide value to the companies and customers under your umbrella in three simple steps: 

Let us take a look at each of these steps so you can start providing compromise visibility to all your clients. 

These steps can only be conducted by a user with the Admin role in the Lumu Portal It is extremely recommended that all accounts involved in the operation of the Lumu Portal for MSP be protected with two-factor authentication (2FA) to further safeguard your organization and customers. You may also want to consider our Single-sign-on feature.

1. Create Tenants

The first step is to create tenants for each of your clients. A tenant is the way the MSP Portal displays all the security and visibility options available for a client organization. If you are monitoring the cybersecurity state of three tenants with different workforces, you should create a tenant for each at the very least, for example. Let’s see how a tenant is created:

• Name: your identifier for the tenant.
• Company Logo: Simple image for easy identification. Please mind the size requirements and limitations. This is an optional field. 
• Licensing: This field will allow you to assign the number of endpoints the tenant requires for monitoring.This number will be taken from the pool of endpoints available to your organization. 

Once you are done entering the information, save the changes and create the tenant.

3. You will be taken to the tenant you just created, where you will see and be able to edit its information.

• It is important to note that you are able to edit the endpoints assigned to the tenant; however, bear in mind that it isn’t possible to reduce the number of assigned assets below the number of installed agents. You must first remove the agent from the devices that you no longer require, and then reduce the assigned assets accordingly. 

The Lumu Agent can be deployed using the most common RMM tools. Check our documentation to find out more.

Now you are able to manage your clients assets and start providing them visibility into their cybersecurity state. 

2. Deploy Agents

The second step is to deploy the Lumu Agent into the organization’s remote assets. This will provide visibility into the status of the organization’s devices, specially those outside the organization’s premises which can easily turn into weak spots when left unattended.

Lumu’s Labels are helpful for organizing and categorizing traffic. They are available in the Lumu Portal for MSP alongside other visibility options for each company.

These are the two agent types:

• Endpoint agent: Designed to provide visibility of individual devices. Must be installed into each machine. 
• Collector Agent: Designed to provide visibility of devices that act as domain controllers for a number of machines. 

• For the Endpoint Agent, start by creating a group using the option displayed in the portal. 
  

After that, you can continue by following the procedure for the agent of your choice: Windows, macOS, or Linux. 

• For the Collector Agent, start by adding a collector using the option displayed in the portal. 

Once done, you will be ready for the next step. 

3. Automated Response

The third step to set up Lumu’s Continuous Compromise AssessmentTM for the companies under your umbrella is to configure our automated integrations. 

Lumu can be seamlessly integrated with a range of other solutions in the market for data collection, SecOps and response automation procedures to incorporate Continuous Compromise Assessment™ seamlessly into the organization's defense strategy. Consult our documentation to learn more about Lumu Integrations.

Follow these instructions to start providing the value of automated integrations to your customers:

1. Inside the Lumu Portal for MSP ’s “ Tenants ” section, select the company you want to operate. 

2. Open the “ Integrations ” tab, make sure you are looking at the Tenant’s available apps, and then select the integration type you want. We will select Response. You can learn more about our Out-of-the-box Integration (OOTB) types in our documentation. 

3. When Response is selected, you will see all the available integrations. Look for the cybersecurity solution you want to integrate with Lumu within them. Alternatively, you can also look at all the available OOTB integrations in our documentation. 

4. Add the technology you want to integrate

Now you can activate the integration; however, each integration has a different setup procedure. You can access the documentation from this view, alternatively you can look it up in our documentation. 

Follow the integration procedure and finish setting up the response integration. 

Now you have unprecedented visibility into the company’s cybersecurity state; however, Lumu has additional options that may suit individual organizations with specific needs. 

Optional Step - Additional Visibility

Lumu has an array of additional visibility options MSPs can use to provide Continuous Compromise AssessmentTM to their organizations which you can find in the portal. 

Navigate the available options that you think can provide value to your customers. You will find the related documentation in each tab to deploy them. Let’s take a brief look at each option:

• Virtual Appliances: The Lumu Virtual Appliance (VA) is a pre-configured lightweight virtual machine solution that collects the network metadata of the entire enterprise and forwards it to the Lumu cloud with the lowest impact on the network operation.
• Gateways: Lumu Gateways allow you to associate part of the traffic originating from the organization using Lumu IP addresses as DNS resolvers and illuminate threats, attacks, and adversaries coming from the network. 
• Custom Collectors: Some enterprises may already be using defense solutions such as Endpoint Detection and Response (EDR) or network monitoring tools as part of their pipelines to centralize their logs. Lumu gives the option to deploy custom collectors to send the company’s network metadata to Lumu.
• Email Intelligence: Lumu can analyze your email data to find potential threats and campaigns targeting a company. This unique threat intelligence source can help you understand who adversaries are attempting to compromise in the organization and how they are being targeted. This intelligence will help you make strategic and tactical decisions to disrupt the cycle.
• Defender API - Custom Integrations: For scenarios where an organization has specific requirements that are not yet available through the preconfigured out-of-the-box integrations, you have the possibility to set up integrations via API to connect Lumu in the way that best suits your needs. The Defender API settings are available from the Lumu Portal and allows endless possibilities of integrating with blocking lists, firewalls, SIEMs and far more.