Provisioning a New Tenant
As a Managed Security Services Provider (MSSP) administrator, you are using a single instance of JSA to provide multiple customers with a unified architecture for threat detection and prioritization.
In this scenario, you are onboarding a new client. You provision a new tenant and create a tenant administrator account that does limited administrative duties within their own tenant. You limit the access of the tenant administrator so that they can't see or edit information in other tenants.
Before you provision a new tenant, you must create the data sources, such as log sources or flow processors, for the customer and assign them to a domain.
Complete the following tasks by using the tools on the Admin tab to provision the new tenant in JSA:
To create the tenant, click Tenant Management.
For information about setting events per second (EPS) and flows per minute (FPM) limits for each tenant, see Monitoring License Usage in Multitenant Deployments.
To assign domains to the tenant, click Domain Management.
To create the tenant administrator role and grant the Delegated Administration permissions, click User Roles.
In a multitenant environment, tenant users with Delegated administration permissions can see only data for their own tenant environment. If you assign other administrative permissions that are not part of Delegated Administration, access is no longer restricted to that domain.
To create the tenant security profiles and restrict data access by specifying the tenant domains, click Security Profiles.
To create the tenant users and assign the user role, security profile, and tenant, click Users.