# Recommended next steps ## Backing up your Brain As discussed earlier in the [Deployment Process Overview](#_Deployment_Process_Overview), the Brain appliance should be backed up by the customer. The Vectra cloud platform stores detections, metadata, and triage filters but the configuration of the Brain is not backed up by Vectra. Care should be taken to ensure backup to a Windows server, SFTP/SCP, or AWS S3 bucket. Please see the following Vectra support portal articles for more details: * [Backup and Restore for Vectra Brain Appliances (v8.5+)](https://docs.vectra.ai/operations/backup-restore-dr/backup-and-restore-v85) * [Vectra Brain Appliance Disaster Recovery (DR) / Migration Recommendations (v8.5+)](https://docs.vectra.ai/operations/backup-restore-dr/disaster-recovery-and-migration-v85) ## Recommended Next Steps Vectra offers a variety of deployment services, consulting, or full MDR options for customers that need more help or expert analyst assistance. Please work with your Vectra account team for additional details. This guide covered initial configuration of basic settings. Some recommended next steps are: * Work on [traffic engineering](https://docs.vectra.ai/deployment/traffic-engineering-and-validation) and getting traffic flowing to your Sensors or mixed mode Brain. * Integrations that help with HostID or add context such as: * [vCenter integration](https://docs.vectra.ai/deployment/getting-started/respond-ux-deployment-guide/broken-reference) if you have a VMware environment * [SIEM Event Forwarding](https://docs.vectra.ai/configuration/setup/external-connectors/siem-vectra-brain-ingesting-logs) * [Windows Event Log ingestion](https://docs.vectra.ai/configuration/coverage/network-identities-weli/windows-event-log-ingestion-weli) * [EDR integration](https://docs.vectra.ai/configuration/setup/edr-integrations) * [AD integration](https://docs.vectra.ai/configuration/setup/external-connectors/active-directory) * Integrations to enable taking action. * [AD](https://docs.vectra.ai/configuration/setup/external-connectors/active-directory) and [EDR](https://docs.vectra.ai/configuration/setup/edr-integrations) integration bring [host](https://docs.vectra.ai/configuration/response/lockdown/host-lockdown-edr) and [account](https://docs.vectra.ai/configuration/response/lockdown/active-directory-account-lockdown) Lockdown capability. * [Entra ID (Azure AD) Account Lockdown](https://docs.vectra.ai/configuration/response/lockdown/entra-id-azure-ad-account-lockdown-rux) works with and Azure AD data source. * Enabling [Stream](https://docs.vectra.ai/deployment/stream). * Setting up [SSO using SAML](https://docs.vectra.ai/configuration/access/saml-sso-rux) if you have not already done so. * Building groups and [triage rules](https://docs.vectra.ai/configuration/tuning/triage-best-practices) to suppress unwanted detections for authorized behaviors. ## Best Practices * Change default passwords for the 'admin' (GUI) and `vectra` (CLI and IPMI/iDRAC) users to strong versions. * See [ssh login process for CLI](https://docs.vectra.ai/deployment/appliance-operations/ssh-login-process-for-cli) for details on accessing the CLI of your Brain appliance. * Passwords must be between 8 and 128 characters and contain at least: 1 number, both lowercase and uppercase letters, and 1 symbol (e.g. \~!@#$%^&\*,.?-\_+=). * Limit exposure to admin interfaces through firewall rules that permit communication only from appropriate nodes/networks (including Vectra required endpoints as well). * IPMI / iDRAC interfaces should be on their own isolated networks when possible. * See [IPMI / iDRAC configuration](https://docs.vectra.ai/deployment/appliance-operations/ipmi-idrac-configuration) for more details.