Azure Lighthouse: Do we need to deploy our own Active directory, LogAnalytics and Sentinel to manage those from customer environment?

zied 1 Reputation point

We are deploying a new Azure instance to activate the Azure Lighthouse solution only.
The purpose is to manage our customer's Sentinel, Defender and LogAnalytics solutions.
My question is, once the Lighthouse configured, do we have to enable our own Azure Sentinel, Defender, LogAnalytics to manage those at the customer side?


Azure Lighthouse
Azure Lighthouse
An Azure service that provides secure managed services and access control for partners and customers.
64 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andrew Blumhardt 9,461 Reputation points Microsoft Employee

    You do not need your own instance of Sentinel or Defender for Cloud to manage these services in a customer's tenant using Lighthouse.

    That said you might want them for several reasons. Defender for Cloud helps keep your subscriptions and tenant secure. It is also common for MSSPs to develop solutions in their own Sentinel instance. For example, custom rules, workbooks, and playbooks.

    Also be aware that there are certain tasks that cannot be performed over Lighthouse. Like activating Sentinel connectors. Having your own instance as a comparison or model instance can be helpful.

    0 comments No comments