Feb 23 2022 02:36 AM
Team,
We would like to want to set up Azure light house to support our customers on sentinel. We do not want to use our existing corporate tenant and wanted to setup a new tenant to support our customers.
Query is what licenses are required to actual support our customers on new tenant using light house.
For example: My thought process is to have Azure AD P2 licenses to have MFA for the Analysts when they login to access the sentinel.
Similarly do we also wanted to have M365 E5 license for outlook and Teams or can we leverage the corporate email and teams from corporate tenant to manage the communications with the customer.
Are there any other things which needs to be considered from the security aspect to setup lighthouse on a new tenant only to support the customers
Also what would be the best approach to integrate sentinel with MSSP ITSM and then B2B integration with customer ITSM tool or integrate sentinel with customer ITSM tool and have a B2B integration with MSSP ITSM tool
Feb 23 2022 05:05 AM
Feb 23 2022 05:07 AM
@pavankemi First, you only need Azure AD P1 to use MFA (Azure Active Directory Pricing | Microsoft Security)
In regards to M365, it is up to you, but I would think that having your own instance would be much better than relying on your customer's instance since that would require your customers to create accounts for you and each analyst could potentially have multiple accounts they would need to check. As to what license level you would need, it would all depend if you are planning on using the extra security tools that the E5 license would provide (which you probably should to make sure your tenant is as safe as possible)
As far as the B2B is concerned, having your customer inviting your analysts to their Azure AD would suffice unless their ITSM does not use Azure AD