Managed Service Providers (MSP) are one of Lumu’s finest partners when it comes to bringing proficient operation of cybersecurity to customers everywhere. It is for this reason that the Lumu Portal for MSP was created; there, MSPs can find all the resources they need to manage their tenants and customers quickly and easily.
Consult
our website to learn more about Lumu’s offering for MSPs, and
our FAQ if you have further questions or doubts.
This article provides all you need to get started and provide value to the companies and customers under your umbrella in three simple steps:
Let us take a look at each of these steps so you can start providing compromise visibility to all your clients.
These steps can only be conducted by a user with the Admin role in the Lumu Portal It is extremely recommended that all accounts involved in the operation of the Lumu Portal for MSP be protected with
two-factor authentication (2FA) to further safeguard your organization and customers. You may also want to consider our
Single-sign-on feature.
1. Create Tenants
The first step is to create tenants for each of your clients. A tenant is the way the MSP Portal displays all the security and visibility options available for a client organization. If you are monitoring the cybersecurity state of three tenants with different workforces, you should create a tenant for each at the very least, for example. Let’s see how a tenant is created:
1. Enter the
Lumu Portal for MSP and log in. You will see the “Deployment” drop-down to your left on the side panel, click on it and select the “Tenants”
option.
2.
Create a Tenant
by using the provided option, this will open up the tenant creation form which contains the following fields:
-
Name: your identifier for the tenant.
-
Company Logo: Simple image for easy identification. Please mind the size requirements and limitations. This is an optional field.
-
Licensing: This field will allow you to assign the number of endpoints the tenant requires for monitoring.This number will be taken from the pool of endpoints available to your organization.
Once you are done entering the information,
save
the changes and create the tenant.
3. You will be taken to the tenant you just created, where you will see and be able to edit its information.
-
It is important to note that you are able to edit the endpoints assigned to the tenant; however, bear in mind that it isn’t possible to reduce the number of assigned assets below the number of installed agents. You must first remove the agent from the devices that you no longer require, and then reduce the assigned assets accordingly.
You will also see all its available data collection and monitoring options. However, for the MSP market, the preferred way to collect data is the Lumu Agent.
The Lumu Agent can be deployed using the most common RMM tools. Check
our documentation to find out more.
4. Now, when you enter the Tenants section, you will see the one you just created along with any other available tenants.
Now you are able to manage your clients assets and start providing them visibility into their cybersecurity state.
2. Deploy Agents
The second step is to deploy the
Lumu Agent into the organization’s remote assets. This will provide visibility into the status of the organization’s devices, specially those outside the organization’s premises which can easily turn into weak spots when left unattended.
Before starting the deployment, let’s take a look at the following playbook to decide which agent type we want to deploy, and which other types of collection we may want to consider:
Taking the playbook into account, let’s deploy the Lumu Agent or Agents that fit the organization’s characteristics.
Deploying the agent is a very straightforward process.
Lumu’s
Labels are helpful for organizing and categorizing traffic. They are available in the Lumu Portal for MSP alongside other visibility options for each company.
1. Enter the
Lumu Portal for MSP and log in. You will see the “Tenants”
option to your left on the side panel. Select it. Now, select the company you want to operate. 2. You will find all the visibility options available to the company. Remember that some may only be available to specific
Lumu tiers. You will land on the “
Agents
”
tab. 3. You will be able to select the type of agent you want to download based on the necessities of the company. You can do so by making use of the provided options as shown below:
These are the two agent types:
-
Endpoint agent: Designed to provide visibility of individual devices. Must be installed into each machine.
-
Collector Agent: Designed to provide visibility of devices that act as domain controllers for a number of machines.
-
For the Endpoint Agent, start by
creating a group using the option displayed in the portal.
After that, you can continue by following the procedure for the agent of your choice:
Windows,
macOS, or
Linux.
-
For the Collector Agent, start by
adding a collector
using the option displayed in the portal.
Once done, you will be ready for the next step.
3. Automated Response
The third step to set up Lumu’s Continuous Compromise AssessmentTM for the companies under your umbrella is to configure our automated integrations.
Lumu can be seamlessly integrated with a range of other solutions in the market for
data collection,
SecOps
and
response automation procedures
to incorporate Continuous Compromise Assessment™ seamlessly into the organization's defense strategy. Consult our documentation to learn more about
Lumu Integrations.
Follow these instructions to start providing the value of automated integrations to your customers:
1. Inside the
Lumu Portal for MSP
’s “
Tenants
”
section, select the company you want to operate.
2. Open the “
Integrations
”
tab, make sure you are looking at the Tenant’s available apps, and then select the integration type you want. We will select Response. You can learn more about our
Out-of-the-box Integration
(OOTB) types in our documentation. 3. When Response is selected, you will see all the available integrations. Look for the cybersecurity solution you want to integrate with Lumu within them. Alternatively, you can also look at all the available
OOTB integrations in our documentation.
4. Add
the technology you want to integrate
Now you can activate the integration; however, each integration has a different setup procedure. You can access the documentation from this view, alternatively you can look it up in our documentation.
Follow the integration procedure and finish setting up the response integration.
Now you have unprecedented visibility into the company’s cybersecurity state; however, Lumu has additional options that may suit individual organizations with specific needs.
Optional Step - Additional Visibility
Lumu has an array of additional visibility options MSPs can use to provide Continuous Compromise AssessmentTM to their organizations which you can find in the portal.
Navigate the available options that you think can provide value to your customers. You will find the related documentation in each tab to deploy them. Let’s take a brief look at each option:
-
Virtual Appliances: The Lumu Virtual Appliance (VA) is a pre-configured lightweight virtual machine solution that collects the network metadata of the entire enterprise and forwards it to the Lumu cloud with the lowest impact on the network operation.
-
Gateways: Lumu Gateways allow you to associate part of the traffic originating from the organization using Lumu IP addresses as DNS resolvers and illuminate threats, attacks, and adversaries coming from the network.
-
Custom Collectors: Some enterprises may already be using defense solutions such as Endpoint Detection and Response (EDR) or network monitoring tools as part of their pipelines to centralize their logs. Lumu gives the option to deploy custom collectors to send the company’s network metadata to Lumu.
-
Email Intelligence: Lumu can analyze your email data to find potential threats and campaigns targeting a company. This unique threat intelligence source can help you understand who adversaries are attempting to compromise in the organization and how they are being targeted. This intelligence will help you make strategic and tactical decisions to disrupt the cycle.
-
Defender API - Custom Integrations: For scenarios where an organization has specific requirements that are not yet available through the preconfigured out-of-the-box integrations, you have the possibility to set up integrations via API to connect Lumu in the way that best suits your needs. The Defender API settings are available from the Lumu Portal and allows endless possibilities of integrating with blocking lists, firewalls, SIEMs and far more.