RFI ADDENDUM #1

Similar documents
Proposal to be returned PRIOR to time and date above.

MICROSOFT SYSTEM CENTER SERVICE MANAGER CONSULTING SERVICES RFP # ADDENDUM #1. May 23, 2012

Windows Password Change Scenarios

ADDENDUM NUMBER TWO RE: RFP : ELECTRONIC PAYMENT PROCESSING AND OTHER COMMERCE SERVICES

Oracle SQL Query Database Access LSREAD and FSREAD

Cloud Services Catalog with Epsilon

AUSTIN PEAY STATE UNIVERSITY RFQ Package Tracking System Questions & Answers

Nexxis User Management

Student Last Name Student First Name Student address Student mm/dd of their birthday (June 6 would be 0606)

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Active Directory Automation RFSP # 1382 Addendum # 1 November 5, 2015

Configuring User Identification via Active Directory

STATE OF NEW YORK IT Transformation. Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses

Choosing an SSO Solution Ten Smart Questions

Server-based Password Synchronization: Managing Multiple Passwords

Virtual Cabinet Document Portal User Guide

Approximately 260 PST files totaling 180GB will be included in the pilot. 2. Are the Windows XP clients running XP 64 bit or 32 bit OS?

Implementing Microsoft Azure Infrastructure Solutions

REQUEST FOR INFORMATION FOR GRANTS MANAGEMENT SYSTEM

Implementing Microsoft Azure Infrastructure Solutions

Bill Fiddes Learning and Development Specialist Rob Latino Program Manager in Office 365 Support

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

City of Pittsburgh SaaS and Data File Collaboration System Vendor Questions and Answers 3/10/2015

Secure network guest access with the Avaya Identity Engines portfolio

Centralized Self-service Password Reset: From the Web and Windows Desktop

Enterprise Mobility Suite Overview. Joe Kuster Catapult Systems

Manage Oracle Database Users and Roles Centrally in Active Directory or Sun Directory. Overview August 2008

Documentation. CloudAnywhere. Page 1

Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management

Extending Identity and Access Management

Symantec Mobile Management Suite

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions

University of Maine System Active Directory Services - RFP# ADDENDUM #01

CA SiteMinder SSO Agents for ERP Systems

Symantec Mobility: Suite Service Description

Request for Proposals. Statewide Two Factor Authentication Solution. Addendum #2 October 5, Questions and Responses

Addendum #4 to Spotsylvania County RFP # for Enterprise Asset Management System Software June 10, 2015

Implementing Microsoft Azure Infrastructure Solutions

HOW TO CONFIGURE SQL SERVER REPORTING SERVICES IN ORDER TO DEPLOY REPORTING SERVICES REPORTS FOR DYNAMICS GP

Implementing Microsoft Azure Infrastructure Solutions

Deadline for submission of completed RFP questionnaire is 8/3/2015.

Password Management Buyer s Guide. FastPass Password Manager V 3.3 Enterprise & Service Provider Editions

NOMINATION FORM. Category for judging: 5 - Digital Government: Government to Government (G to G)

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet

Table of Contents. Page 1 of 6 (Last updated 30 July 2015)

Citrix Password Manager 4.5 Partner and Sales FAQ

RFP BOR-1511 Federated Identity Services - Response to Questions / Answers

Active Directory User Management System (ADUMS)

Password Self-Service for Novell edirectory. Brent McCormick Novell Corporate Technology Strategist

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

Centralized Oracle Database Authentication and Authorization in a Directory

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

Request for Proposals for RFP. (No MeHI-05 Salesforce.com Integration) Questions and Answers December 21, 2012

managing SSO with shared credentials

PeopleSoft Enterprise Directory Interface

Request for Information RFI #15/ for Enterprise Password Management Software

ADDENDUM #1 TO RFP # cs Facilities Project Management Software

State of Tennessee Sourcing Event #9160 ServiceNow Preliminary Statement of Work (SOW)

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

Installation & Configuration Guide

March 26, 2013 ADDENDUM NO. 1. RFP #MWJ1304 PeopleSoft Campus Solutions Implementation Project Office of Information Technology

A SECURITY MODEL THAT WORKS FOR YOU!

Current Environment Assessment Specification. Single Sign On Customer Relation Management Workstation Support

Identity Management Basics. OWASP May 9, The OWASP Foundation. Derek Browne, CISSP, ISSAP

Aurora Hosted Services Hosted AD, Identity Management & ADFS

Answer # 2: This is the deadline that was determined and it is preferable that it be met.

Proposal No. P16/9921 Records Management Platform

How To Create A Financial Aid Independent Verification System At Hsu

Course Outline. Microsoft Azure Fundamentals Course 10979A: 2 days Instructor Led. About this Course. Audience Profile. At Course Completion

Working with Structured Data in Microsoft Office SharePoint Server 2007 (Part1): Configuring Single Sign On Service and Database

Assumptions. It is assumed that:

2. Does BGSU have a preference for an on-premise or cloud/hosted solution?

Oracle Access Manager. An Oracle White Paper

***NOTICE***: Proposed Selection Date now 12/16/13

Installing Active Directory

How Cisco IT Migrated to Microsoft Active Directory

ADDENDUM NO. 1. Date: November 5, 2012 For RFP No. 301D

Identity & Access Management new complex so don t start?

IBM Tivoli Access Manager for Enterprise Single Sign-On

owncloud Architecture Overview

An Oracle White Paper September Directory Services Integration with Database Enterprise User Security

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

Oakland County Department of Information Technology Project Scope and Approach

Agenda. How to configure

State of Alaska Enterprise Messaging and Directory Services Strategy Vision and Scope

Passlogix Sign-On Platform

The School Board of Palm Beach

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

ADDENDUM B January 10, 2014

REQUEST FOR PROPOSAL (RFP) # HIPAA SECURITY ASSESSMENT VENDOR QUESTIONS & ANSWERS ~ MAY 29, 2014

Campus Infrastructure Survey Directories/Repositories and Certificate Authorities NSF/CREN Seminar June 6-8, 2001

PortWise Access Management Suite

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite.

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

A Technical Best Practices White Paper

AD Self-Service Suite for Active Directory and ADAM

FileNet and SharePoint Better Together. Tom Moen Channel Development Manager

Transcription:

RFI 21619 ADDENDUM #1 Issued on: March 20, 2007 RFP due no later than March 23, 2007 at 11:00 a.m. (our clock) to Jefferson County School District R-1 Education Center, Purchasing Dept. 1829 Denver West Drive, Bldg. # 27, 3rd Flr P.O. Box 4001 Golden, Colorado 80401-0001 RFP to be returned prior to the time and date above Please contact Barbara Ruley, Purchasing Agent at 303-982-6757 if you require any additional information. This Addendum #1, in its entirety shall become a part of the contract documents as if originally included. This original signed document must be included with your response to this bid. Company Name Authorized Signature Question: In 8.1, does every password reset request need to open a ticket in Remedy? And do we wait for Remedy tickets to close before we show the transaction as complete? Any further details would be appreciated. It would be a nice to have if every password reset request opened a ticket in Remedy. It doesn t matter if the ticket is closed before the transaction shows as complete. Question: In 8.2, since there is not already an Enterprise Identity Management system currently deployed at the District (is this assumption, correct?), what level of integration between password reset and enterprise identity management do you envision in the future? There is not an Enterprise Identity Management system currently deployed at the District. There should be some level of integration between an EIM system and a self-service password. The following areas are potential places: Auditing: As end-users change their passwords, an audit trail is created in the EIM for tracking all account changes. Page 1 of 5

Directory: If the EIM controls accounts attributes for a user, then the self-service password system will need to integrate with the EIM to change the passwords for the various system a user logs on to. Question: In System audit reporting, are we talking about providing reports or just the data in the system will suffice? If there are any specific reports required, please elaborate on how many and what those reports are specifically. We need to show that we have strong and reliable authentication, audit trails recording user access rights across the environment/over time, ability to review user rights and controls over user access to systems and data. Question: The Windows GINA component will use the native encryption mechanism provided by Microsoft. Will that suffice? Are there any special requirement vis-à-vis encryption? The native Microsoft encryption will suffice. There are no special requirements. Question: When is this voicemail system integration required? Please provide details on which system is being used and what level of integration. This is a nice to have solution. We use Nortel CallPilot 4.0. CallPilot has a simple and flat LDAP directory that contains about 10 fields. Passwords must be numerical only. Question: Is this the native SQL Server store or a custom table with SQL database? This is a custom table in a Microsoft SQL 2000 Enterprise database. Question: 2.2 states that campus staff passwords are stored in a SQL 2000 database. Are these passwords encrypted? If so, is the algorithm available for use by the password management tool? The passwords are in clear text. Question: 2.4 states that voicemail passwords may be a target for the password management tool in the future. Can you share details on the voicemail system? We use Nortel CallPilot 4.0. CallPilot has a simple and flat LDAP directory that contains about 10 fields. Passwords must be numerical only. Question: 3.1 and 3.2 refer to question sets used for user authentication, and that the answers should come from external data sources such as AD, Oracle, SQL or LDAP. Does this mean Jeffco already has the answers to questions for user authentication stored in these repositories, or that these repositories are the preferred locations for the storage of questions and answers? We would like to pull the questions from existing data sources. We would prefer to use existing information and not require end-users or administrators to manually populate a separate database. We would also prefer these questions to be queried dynamically, and not have to be stored within a separate database. The data sources include Active Directory, PeopleSoft HCM 8.9 (Oracle database, we can create a view), SQL server table and LDAP sources. Page 2 of 5

Question: In the initial overview section of the proposal you refer to wanting to potentially support the parent population as well. Can you share that user population with us? Would you like all vendors to price for this as well? Would you like more information on supporting an external user population through a portal? The parent population at Jeffco logs onto our Student Information System, Campus, through a parent portal. The userid and passwords are in the same data store as staff passwords and are not in Active Directory. They only have access to Campus via the web. If your proposal includes Active Directory, include that and if you can support the Campus (parent, staff, student) population, include that as a separate line item. Question: You have requested pricing for the password reset software but have not included any specific parameters for how you would the pricing structured (ie, per user, site/enterprise license, internal/external). To ensure an apples to apples comparison on pricing did you have a structure that you want the vendors to adhere to? Since this is a RFP, the District will be evaluating each proposal received. We did not give a specific structure due to the variety of products and how each vendor prices their products. Question: 4.0 states "See the District's password policy". Is this contained in a separate document (doesn't seem to be in the RFP doc)? See the District s password policy was a link to the document, but it seems not to work. See policy below. Password Requirements Passwords must be at least seven characters. Passwords will expire every 240 days. Passwords must contain mixed character types (explanation below*). *Mixed character types means your password will need to include three of the following four character types. This will help to ensure that your password is secure. o Upper case alphabetical (A,B,C Z) o Lower case alphabetical (a,b,c z) (example: R1chmond) o Numbers (0,1,2 9) (example: Richm0nd) o Special characters: (!@#$%^&*()_+-={}[] \:; <>,.?/~`) (example: R!chmond) Question: 8.0 talks about supporting future systems. Can you provide further information on what systems/targets you are referring to? Currently, Jeffco has 50+ services/systems it supports. While we are working to consolidate authentication against Active Directory, we realize there maybe other systems that will not have the capability. In some cases, these systems have not been implemented yet. Most of these systems will rely on an Oracle/SQL Server backend. How does your product work with 3 rd party systems? How easy is it for companies that have your product to integrate new systems after they ve purchased and implemented your password reset tool? Question: Many organizations implement password reset functionality as part of a holistic identity management framework. Does Jefferson County School District currently own an identity management framework consisting of other identity services (such as single sign-on, account provisioning/deprovisioning, directory services)? Page 3 of 5

No, Jeffco does not own any other identity services. There is a requirement to be able to integrate with EIM tools as that will be a future implementation. Please specify what EIM tools your product integrates with. Question: Does Jefferson County Public School District have any regulatory requirements which may affect their password reset/identity management initiatives? See the District s password policy stated above. Question: Does Jefferson County have any ROI defined for password reset functionality? Not yet. Without pricing information we cannot determine our ROI. If you are asking what we anticipate our ROI should be, then in terms of what? Percent, time? 2-3 years would be our guess. Question: Is there a proof of concept or pilot already deployed? No. Question: What types of resources (if any) will Jefferson County Public School District allocate to the password reset project? Integral Business Solutions means what Jefferson County School s team members (resources) will be available to us in order to complete the password reset project? In other words, will Jefferson County Schools allocate a project manager for this initiative? Will Integral Business Solutions have access to various technical team members from Jefferson County Schools during the project? Jeffco will have a Project Manager and other technical resources (as defined) allocated to this project. However, these resources will not be dedicated full-time to the project, but rather shared between this project, and their operational duties, other project work. We will need to know the anticipated resources and the professional services required for successful implementation. Question: Would Jefferson County Public School District like training at the end of the implementation, or a ride along approach to understand the chosen technology and its associated functionality as the solution is implemented? For IT personnel supporting this service, we would expect some level of knowledge transfer from the implementation as well as formal training. For the end user population, we would not expect to rollout formal training. We are anticipating the toolset to be user friendly and intuitive therefore, not require formal training. We are expecting to communicate how to use the toolset through a cheat sheet or short video. Any pricing for training or materials should be presented in the RFP. Question: In Section 8 when referring to expanding to an Enterprise Identity Management System. Do you want the password management solution to be a component of a broader enterprise solution where expansion will be virtually seamless? Or you considering purchasing a point password reset solution with the goal of integrating into a future enterprise identity solution with the associated costs of integration? Jeffco is considering both approaches. Question: The "best practice" approach to a project is a phased methodology. Is the District considering a requirements/design phase of the project which will determine the cost of implementation Page 4 of 5

services for the password reset component? Or is the district going to handle the implementation and deployment of the system. Yes, we are considering a design phase to the project where the selected vendor would work with us to determine functional requirements for system configuration. We are also anticipating the need for assistance with deployment of toolset. Any professional services options and pricing should be outlined and presented as part of the RFP. Question: What types of resources (if any) will Jefferson County Public School District allocate to the password reset project? See above. Question: What is meant when referencing programming? Is that intended to refer to integration services? Yes. Question: Is training to be included in our proposal? Yes, if necessary. Question: How many workstations are needed the Windows client GINA/Vista? 1,000 initially, up to 6,000 eventually. Question: How many user accounts are in Active Directory and how many in SQL? Currently there are 13,000 Active Directory accounts and approximately 91,000 in our Student Information System SQL user table. Question: What is the breakdown of students, staff, and parents? Students: 85,000 Staff: 13,000 Parents: 50,000 households. Question: How many domains and forests? One forest, one domain. Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information