Lumu MSP - Getting Started

Lumu MSP - Getting Started

Managed Service Providers (MSP) are one of Lumu’s finest partners when it comes to bringing proficient operation of cybersecurity to customers everywhere. It is for this reason that the Lumu Portal for MSP was created; there, MSPs can find all the resources they need to manage their tenants and customers quickly and easily. 

Consult our website to learn more about Lumu’s offering for MSPs, and our FAQ if you have further questions or doubts.

This article provides all you need to get started and provide value to the companies and customers under your umbrella in three simple steps: 

Let us take a look at each of these steps so you can start providing compromise visibility to all your clients. 

These steps can only be conducted by a user with the Admin role in the Lumu Portal It is extremely recommended that all accounts involved in the operation of the Lumu Portal for MSP be protected with two-factor authentication (2FA) to further safeguard your organization and customers. You may also want to consider our Single-sign-on feature.

1. Create Tenants

The first step is to create tenants for each of your clients. A tenant is the way the MSP Portal displays all the security and visibility options available for a client organization. If you are monitoring the cybersecurity state of three tenants with different workforces, you should create a tenant for each at the very least, for example. Let’s see how a tenant is created:

1. Enter the Lumu Portal for MSP and log in. You will see the “Deployment” drop-down to your left on the side panel, click on it and select the “Tenants option. 
2.  Create a Tenant by using the provided option, this will open up the tenant creation form which contains the following fields: 
  • Name: your identifier for the tenant.
  • Company Logo: Simple image for easy identification. Please mind the size requirements and limitations. This is an optional field. 
  • Licensing: This field will allow you to assign the number of endpoints the tenant requires for monitoring.This number will be taken from the pool of endpoints available to your organization. 

Once you are done entering the information, save the changes and create the tenant.

3. You will be taken to the tenant you just created, where you will see and be able to edit its information.
  • It is important to note that you are able to edit the endpoints assigned to the tenant; however, bear in mind that it isn’t possible to reduce the number of assigned assets below the number of installed agents. You must first remove the agent from the devices that you no longer require, and then reduce the assigned assets accordingly. 

You will also see all its available data collection and monitoring options. However, for the MSP market, the preferred way to collect data is the Lumu Agent.
The Lumu Agent can be deployed using the most common RMM tools. Check our documentation to find out more.
4. Now, when you enter the Tenants section, you will see the one you just created along with any other available tenants.

Now you are able to manage your clients assets and start providing them visibility into their cybersecurity state. 

2. Deploy Agents

The second step is to deploy the Lumu Agent into the organization’s remote assets. This will provide visibility into the status of the organization’s devices, specially those outside the organization’s premises which can easily turn into weak spots when left unattended.

Before starting the deployment, let’s take a look at the following playbook to decide which agent type we want to deploy, and which other types of collection we may want to consider:

Taking the playbook into account, let’s deploy the Lumu Agent or Agents that fit the organization’s characteristics.
Deploying the agent is a very straightforward process. 
Lumu’s Labels are helpful for organizing and categorizing traffic. They are available in the Lumu Portal for MSP alongside other visibility options for each company.
1. Enter the Lumu Portal for MSP and log in. You will see the “Tenants option to your left on the side panel. Select it. Now, select the company you want to operate. 

2. You will find all the visibility options available to the company. Remember that some may only be available to specific Lumu tiers. You will land on the “ Agents tab.

3. You will be able to select the type of agent you want to download based on the necessities of the company. You can do so by making use of the provided options as shown below: 

These are the two agent types:

  • Endpoint agent: Designed to provide visibility of individual devices. Must be installed into each machine. 
  • Collector Agent: Designed to provide visibility of devices that act as domain controllers for a number of machines. 
4. Once downloaded, you must deploy the agent. To do so, you must follow the deployment procedure which you can find in our technical documentation repository
  • For the Endpoint Agent, start by creating a group using the option displayed in the portal. 

After that, you can continue by following the procedure for the agent of your choice: Windows, macOS, or Linux

  • For the Collector Agent, start by adding a collector using the option displayed in the portal. 

After that, follow the Agent Collector deployment procedure as shown in our documentation. 

Once done, you will be ready for the next step. 

3. Automated Response

The third step to set up Lumu’s Continuous Compromise AssessmentTM for the companies under your umbrella is to configure our automated integrations. 

Lumu can be seamlessly integrated with a range of other solutions in the market for data collection, SecOps and response automation procedures to incorporate Continuous Compromise Assessment™ seamlessly into the organization's defense strategy. Consult our documentation to learn more about Lumu Integrations.

Follow these instructions to start providing the value of automated integrations to your customers:

1. Inside the Lumu Portal for MSP ’s “ Tenants section, select the company you want to operate. 
2. Open the “ Integrations tab, make sure you are looking at the Tenant’s available apps, and then select the integration type you want. We will select Response. You can learn more about our Out-of-the-box Integration (OOTB) types in our documentation. 

3. When Response is selected, you will see all the available integrations. Look for the cybersecurity solution you want to integrate with Lumu within them. Alternatively, you can also look at all the available OOTB integrations in our documentation. 
4. Add the technology you want to integrate

Now you can activate the integration; however, each integration has a different setup procedure. You can access the documentation from this view, alternatively you can look it up in our documentation. 

Follow the integration procedure and finish setting up the response integration. 

Now you have unprecedented visibility into the company’s cybersecurity state; however, Lumu has additional options that may suit individual organizations with specific needs. 

Optional Step - Additional Visibility

Lumu has an array of additional visibility options MSPs can use to provide Continuous Compromise AssessmentTM to their organizations which you can find in the portal. 

Navigate the available options that you think can provide value to your customers. You will find the related documentation in each tab to deploy them. Let’s take a brief look at each option:

  • Virtual Appliances: The Lumu Virtual Appliance (VA) is a pre-configured lightweight virtual machine solution that collects the network metadata of the entire enterprise and forwards it to the Lumu cloud with the lowest impact on the network operation.
  • Gateways: Lumu Gateways allow you to associate part of the traffic originating from the organization using Lumu IP addresses as DNS resolvers and illuminate threats, attacks, and adversaries coming from the network. 
  • Custom Collectors: Some enterprises may already be using defense solutions such as Endpoint Detection and Response (EDR) or network monitoring tools as part of their pipelines to centralize their logs. Lumu gives the option to deploy custom collectors to send the company’s network metadata to Lumu.
  • Email Intelligence: Lumu can analyze your email data to find potential threats and campaigns targeting a company. This unique threat intelligence source can help you understand who adversaries are attempting to compromise in the organization and how they are being targeted. This intelligence will help you make strategic and tactical decisions to disrupt the cycle.
  • Defender API - Custom Integrations: For scenarios where an organization has specific requirements that are not yet available through the preconfigured out-of-the-box integrations, you have the possibility to set up integrations via API to connect Lumu in the way that best suits your needs. The Defender API settings are available from the Lumu Portal and allows endless possibilities of integrating with blocking lists, firewalls, SIEMs and far more.

        • Related Articles

        • Lumu Portal for MSP Navigation

          The Lumu Portal for MSPs offers everything you need to manage your tenants and efficiently monitor the cybersecurity status of your customers. In this article, we will take a look at the different sections the Lumu Portal for MSP has, and how your ...
        • Lumu Portal for MSP - Two-Factor Authentication (2FA)

          The Lumu Portal for MSP offers secure login alternatives through the use of two-factor authentication (2FA), in this case, One-time Password (OTP) on top of your account password. You can use the Authenticator app you prefer, such as Google ...
        • MSP Portal - Accounts and Roles

          You can create and manage your user accounts and roles using the Lumu Portal for MSP. You will see how to carry out these procedures in this article. MSP Portal User Configuration Bear in mind that to create new users and assign roles to them you ...
        • How to Configure SSO in the Lumu MSP Portal using Entra ID Active Directory

          Microsoft Azure is now called Entra ID The Lumu MSP Portal provides SSO with Entra ID (Microsoft Entra ID), a third-party authentication service that enables users to log in to the Lumu MSP Portal seamlessly. When you configure SSO in your Lumu MSP ...
        • How to Configure SSO in the Lumu MSP Portal using Thales (Safenet Trusted Access)

          The Lumu MSP Portal provides SSO with Thales (Safenet Trusted Access), a third-party authentication service that enables users to log in to the Lumu MSP Portal seamlessly. When you configure SSO in your Lumu MSP Portal, your users can connect without ...