Forum Discussion
Unified SecOps XDR
Hi,
I am reaching out to community to seek understanding regarding Unified SecOps XDR portal for Multi-tenant Multi-workspace. Our organization already has a Azure lighthouse setup. My question is if M365 lighthouse license also required for the Multi-tenant Multi-workspace in unified SecOps XDR portal?
2 Replies
Hey !
You don’t need a Microsoft 365 Lighthouse license for multi-tenant, multi-workspace in the Unified SecOps XDR portal. M365 Lighthouse is designed for MSP-style management of Microsoft 365 services and isn’t relevant here. For Unified SecOps, the key requirements are Azure Lighthouse for cross-tenant management and Azure AD B2B access for authentication and permissions. Focus on ensuring Azure Lighthouse is properly configured across all tenants, with the right RBAC roles and Sentinel connector delegation, as that’s what enables the centralized incident and threat view in the XDR portal.
Let me know if this helps you ! :)
I have exactly the same question. We are an MSSP and have multiple customers with Sentinel which we access via delegated access (lighthouse). The customers own their own Azure tenants so this means we dont actually need accounts in their tenant, they just run the lighthouse template. How will we access customers defender portals with our own identities? Will the customer have to invite us as external users and then have the overhead of handling JML for our users?
