Purchasing and Property Services AOC 200 4202 East Fowler Avenue Tampa, Florida 33620 (813) 974-2481



Similar documents
JOHNSON COUNTY COMMUNITY COLLEGE College Blvd., Overland Park, KS Ph Fax

Security Information and Event Management (SIEM) Hardware & Software RFP #

Wherever there is a conflict, the Addenda to the RFP document and the RFP document (in that order) override the explanations that are provided here.

Government of Canada Managed Security Service (GCMSS) Annex A-7: Statement of Work - Security Information and Event Management (SIEM)

Request for Proposal MDM Offeror s Questions for RFP for Virtual Private Network Solution (VPN)

Solicitation RFI-FTB-1415-SIEM Project. SIEM Project. Bid designation: Public. State of California

Statement of Work Security Information & Event Management (SIEM) December 20, 2012 Request for Proposal No

Request for Information RFI #15/ for Enterprise Password Management Software

REQUEST FOR PROPOSAL FOR DESKTOP MANAGEMENT SYSTEM FOR MIDVALE CITY OFFICES

Subject: Request for Information (RFI) Franchise Tax Board (FTB) Security Information and Event Management (SIEM) Project.

REQUEST FOR PROPOSAL ACQUISITION & IMPLEMENTATION OF CENTRALIZED LOG MANAGEMENT SYSTEM

QRadar Security Intelligence Platform Appliances

INVITATION TO RFP. Oneida County Central Services Professional Services for Implementation of Enterprise Content Management System RFP- #

Request for Proposal Managed IT Services 7 December 2009

Protezione dei dati. Luca Bin. EMEA Sales Engineer Version 6.1 July 2015

Restricted Document. Pulsant Technical Specification

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Approximately 260 PST files totaling 180GB will be included in the pilot. 2. Are the Windows XP clients running XP 64 bit or 32 bit OS?

What is SIEM? Security Information and Event Management. Comes in a software format or as an appliance.

RFP # ADDENDUM #1 & ACKNOWLEDGMENT OF RECEIPT

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

1 OPPORTUNITY SUMMARY

Security Information/Event Management Security Development Life Cycle Version 5

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Request for Resume (RFR) CATS II Master Contract. Section 1 General Information R00B

DCADLEC RFP Clarifications

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Event Log Monitoring and the PCI DSS

How To Set Up Foglight Nms For A Proof Of Concept

Security Information & Event Manager (SIEM)

Security Overview Enterprise-Class Secure Mobile File Sharing

211 LA County. Technology Infrastructure Assessment. Request for Proposals. August 2012 Request for Proposals- 211 LA County 1

C a r l G o e t h a l s T e r r e m a r k E u r o p e. C a r l. g o e t h a l t e r r e m a r k. c o m

Purchasing and Property Services AOC East Fowler Avenue Tampa, Florida (813)

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

ADDENDUM #1 TO RFP # cs Enterprise Secure Internet Content Filter Solution and Implementation

Hosted SharePoint: Questions every provider should answer

SAN JOAQUIN COUNTY PURCHASING AND SUPPORT SERVICES PURCHASING DIVISION

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide

BMS Consulting LLC Portfolio, partners and benefits

SOFTNIX LOGGER Centralized Logs Management

ACME Enterprises IT Infrastructure Assessment

PRESIDIO MANAGED SERVICES OVERVIEW JULY 2013

Managed Security Service Providers vs. SIEM Product Solutions

City of Montpelier Requests for Proposal. Purchase of Onsite and Remote File / Data Backup Devices

REQUEST FOR PROPOSAL

REQUEST FOR PROPOSALS INFORMATION TECHNOLOGY SUPPORT SERVICES. Bid Packets are Due:

SENIOR SYSTEMS ANALYST

CITY OF FRISCO PURCHASING DIVISION

E-GOVERNANCE MISSION MODE PROJECT (MMP) CRIME & CRIMINAL TRACKING NETWORK & SYSTEMS (CCTNS) IMPLEMENTATION OF CCTNS IN GOA

WASHTENAW COUNTY FINANCE DEPARTMENT Purchasing Division

Security Information & Event Manager (SIEM)

Questions & Answers. Request for Proposal RFP# ELCMDM for Enterprise Network Support and Hosting Services for Miami-Dade and Monroe Counties

This is an RFI and not a RFQ or ITN. Information gathered will lead to possible RFQ/ITN. This is a general RFI for all proposed solutions.

ERP Infrastructure Guide APPENDIX B

NOTICE ADDENDUM NO. TWO (2) JULY 8, 2011 CITY OF RIVIERA BEACH BID NO SERVER VIRTULIZATION/SAN PROJECT

Re-Tender RFP for Providing Dedicated Web Hosting Services for IBA Pre-Bid Queries

Managed Network Services RFP. Q&A Document. Q1: What types of hardware does Clark County Department of Job & Family Services (CCDJFS) currently have?

SolarWinds Log & Event Manager

OVERVIEW. We seek consultative services that would deal with the following objectives:

The due date for questions has been extended to 10 AM on Wednesday January 11, 2012.

Hosting Solutions Made Simple. Managed Services - Overview and Pricing

How To Write A Request For Information (Rfi)

1. Can you clearly state which piece of equipment we will be support and each site location?

How To Create A Virtual Desktop In Gibidr

REQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SUPPORT SERVICES

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

Tom Reilly President & CEO, ArcSight

REQUEST FOR PROPOSAL #347 SERVER VIRTUALIZATION QUESTIONS & ANSWERS

ADDENDUM #1. Request for Proposals. COMMUNICATIONS SYSTEM UPGRADE Proposal # 12-IS-001. Kenneth J. Schmidt

Call: Disaster Recovery/Business Continuity (DR/BC) Services From VirtuousIT

Welcome to Tech Data's Enterprise Service Center!

Log Management SIMetry

How To Use Arcgis For Free On A Gdb (For A Gis Server) For A Small Business

What is the count of the Google Mail and Office365 mailboxes that LIC would like to include in the sizing?

Response to Queries Received for RFP of Security Integrator - Tender No. 63

PCI DSS. Get Compliant, Stay Compliant Seminar

Specifications for VOIP Telephone System, Data Distribution and Protection and Associated Wireless Infrastructure

Request for Proposal RFP No. IT Phone System Replacement

When Your Networkʼs Down, Call Crown

Addendum 03. This is the Final Extension in response and due to the above received request:

City of Richmond Business and Financial Services Department. Contract 4595P. Security Information Event Management System

1.0 Purpose of Solicitation

STREAM FRBC

Response to Questions CML Managed Information Security

Prepared by: OIC OF SOUTH FLORIDA. May 2013

Business Values of Network and Security Virtualization

GETTING MORE FOR LESS AS LOG MANAGEMENT AND SIEM CONVERGE

How To Make Money On Security For A Large Organization

address) : (True IP Address)

PavelComm s Pro-Tech Lite Fact Sheet

Request for Pre- Qualification

INCIDENT RESPONSE CHECKLIST

Penobscot County IT Department Technology Modernization: Server and Storage Virtualization

Invitation To Bid By State of Connecticut Office of Policy and Management. Vendor to Host Internet Applications. Amendment #2 October 29, 2008

Addendum No. 1 to Packet No Enterprise Data Storage Solution and Strategy for the Ingham County MIS Department

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

PHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015

Devising a Server Protection Strategy with Trend Micro

Transcription:

Purchasing and Property Services AOC 200 4202 East Fowler Avenue Tampa, Florida 33620 (813) 974-2481 Web Address: http://usfweb2.usf.edu/purchasing/purch2.htm December 13, 2013 Invitation to Bid No. Entitled: Opening Date: 14-12-MH SIEM Solution for USF Health I.S. January 06, 2013 at 3:00 p.m. Addendum No. 1 Please review the following changes/additions to Invitation to Negotiate (ITN) No. 14-12-MH SIEM Solution for USF Health I.S. to be addressed in submitted proposals: Vendor Questions for ITN 14-12-MH SIEM Solution for USF Health 1. My question is will USF Health also consider a Managed Services Security Solution hosted at our SOC and managed by the vendor, instead of an on-premise SIEM software solution? Our firm uses a SIEM solution which is in upper right quadrant of Gartner s Magic Quadrant and it is managed and monitored by trained Presidio engineers 24x7x365. Would this type of SIEM manage services offering be considered? No 2. What is the total number of catch points in the USF system? Not sure what is meant by catch point, USF Health has 13 locations that firewall and IPS logs will come from. Server logs will not come from all locations. 1

3. What is the (Flow Per Second) FPS desired for the system? 4. How many (Events Per Second) EPS is needed on the back-end? 5. Please provide the volume of logs (Events per Second) for each of your geographic locations. Please also provide the number and type of each device at each location including more granular detail on the network devices (i.e. X Firewalls, Y IPS devices, Z Routers, per location) The System Identification and Estimated Events per Second Table (re page 5), lists totals for the information requested, over 90% of the equipment listed exists in our main location. Events from most of the locations will consist of syslog from Cisco router, firewall logs, and IPS logs from Check Point firewalls only. 3 locations will also have Windows 2008 Domain Controllers as well. 6. Does USF desire to separate parsed event data and raw logs? If so, are there specific compliance requirements for raw logs? Are there different retention policies for raw vs. parsed logs? This is not a requirement. 7. Is a VMWare infrastructure available for running SIEM components? If so, is it available at each of the geographic locations? USF Health does have a VMWare deployment but I would prefer not to run this system on VMWare. Since VMWare is not available at all locations 8. Does USF desire the RFP Respondent to provide redundancy at any layer for the SIEM? There is no requirement for redundancy at this point 9. Do you want respondents to include the storage infrastructure necessary to meet those archive retention requirements OR will USF utilize their own existing storage infrastructure (SAN, NAS, etc.)? If SAN is available is it 4GB or 8GB? USF Health will utilize existing SAN infrastructure. Existing SAN infrastructure is 8 GB. 2

10. Does USF desire database session logging to be part of the response? Are native audit logs being collected today? USF Health does desire database session logging. Native audit logs are not being collected at this point. 11. Please provide information on the anticipated volume of netflow data. Roughly 250 GB/month. 12. How many personnel will require training? If training is available as online course there will be 4 people to train, if training is at Vendor s site outside of Florida then there will be 2 people to train. 13. Are you able to estimate how much data will be indexed daily based solely on your SIEM use case? Alternatively, how many servers/devices/applications are a part of your Security infrastructure and are you able to share what some of those are? At this time USF Health is not able to estimate how much data will be indexed daily. Refer to the System Identification and Estimated Events per Second Table, on the last page of the Addendum. 14. Are there any specific hardware requirements that the Vendor will have to provide? Or can the software be put on your own commodity hardware? If USF Health is to supply the hardware to run software on vendor needs to submit recommended hardware specifications so USF Health can gather costs of hardware for comparing proposals 15. FIM: How many servers / devices do you want to monitor / put it on? We estimate 300 servers. a. Does USF Health currently have a FIM solution like TripWire or Imperva in your IT environment? No. 16. How many of USF staff do you wish us to include in our proposal for formal training? If training is available as online course there will be 4 people to train, if training is at Vendor s site outside of Florida then there will be 2 people to train. 3

17. Can you please clarify Microsoft Windows Based? USF Health would prefer the SIEM solution use Microsoft Windows as the underlying operating system. 18. Can a Value Added Re-seller submit a proposal or does it have to come directly from the software manufacturer? We are looking to engage directly with software manufactures only. 19. The ITN mentions that a proof of concept evaluation will need to take place prior to a purchase. How long will that proof of concept take? When will that proof of concept take place? For any products proposed USF Health IS would like to have 2 weeks to test the product in our environment. This POC would run on an agreed schedule with the vendor. 20. Our solution is priced per device. How many devices is USF looking to cover with this project? The way that devices are defined are below. Servers: Applications: Layer 3 devices (Routers, switches, firewalls, etc) : Desktops (If applicable): 4

System Identification and Estimated Events per Second Table The initial deployment is expected to support the following: Device Type Product Version / Model Quantity FIM Agents 1 - Operating Systems 1 Est. Per /Device Volume MPD Est.Volume - MPS Windows Server Windows 2003/2008 500 0 32,500 188 Windows Domain Controller Windows 2003/2008 18 0 325,000 68 *NIX Server RedHat 0 70 0 13,000 11 2 - Applications 1 Email Microsoft Exchange Exchange 2010 15 0 65,000 11 Database Other Various 34 0 1,300,000 512 Web Server Other Various 44 0 650,000 331 Antivirus/Security Application Symantec 3 - Network Devices 1 Symantec & Check Point 2 0 130,000 3 Firewall Check Point R75.40 20 0 10,000,000 2,315 Router Cisco C6509E 2 0 13,000 0 IDS/IPS Check Point R75.40 20 0 260,000 60 VPN Appliance Check Point R65 20 0 13,000 3 Load Balancer F5 Big IP 6 0 65,000 5 1 MPS Volume Based (ONLY) 1 0 0 1 12,866,500 3,506 Est. Total 1 Note: Please note receipt of this addendum by signing and returning with your proposal response Authorized Signature & Date Print Name Company Name 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information