Forum Discussion

Anonymous

Apr 21, 2021

Sentinel Lighthouse - Best Practice

Hello - I've begun the testing and development phase of my Azure/Lighthouse deployment. Currently: Customer A has defender for endpoint configured. Goal: Take defender ATP alerts and centr...

Anonymous

Apr 22, 2021

bump

Thijs Lecomte

Bronze Contributor

Apr 23, 2021

Hi

You don't need a Sentinel resource in your tenant perse. If your internal organization doesn't require Sentinel, you don't need to deploy it.

I would recommend to configure Lighthouse first, then setup Azure Sentinel in the environment of your customer.

To manage Microsoft Defender, you can't use Lighthouse, I would recommend this => https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/grant-mssp-access?view=o365-worldwide

Anonymous
Apr 27, 2021
Hi Thijis,

My ( CUSTOMER A- ) tenant, doesn't have access to Identity Governance (seen within the documentation provided) , What is the subscription needed for this?

I'm trying to figure out what Subscription is needed for my clients - I thought I could get away with just supplying standalone Defender for Endpoint licenses.

The business plan will change if there is not a workaround, and a different license is needed.

This was my original question in an earlier post that nobody had replied to:

What subscription is needed within the customer tenant in order for me to deliver an MDR-like service.
- Dean_Gross
  Silver Contributor
  Apr 27, 2021
  Identity Governance requires Azure AD P2 (which comes with EM+S E5 or M365 E5)
  - Anonymous
    Apr 27, 2021
    I see that!
    - Last thing I want to do is manage InTune for clients, I'm trying to go for volume with defender agents and cut costs.
    I'll have to see what works,
    What do most MSSP charge per endpoint? SOCaaS model? Thanks - !