ADDENDUM #1 TO RFP #15-574655-cs Enterprise Secure Internet Content Filter Solution and Implementation



Similar documents
Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Response to Questions CML Managed Information Security

DreamFactory Security Whitepaper Customer Information about Privacy and Security

Running a Successful Proof of Concept

PierianDx - Clinical Genomicist Workstation Software as a Service FAQ s

Cisco Identity Services Engine

2. Are explicit proxy connections also affected by the ARM config?

Application Note. Onsight TeamLink And Firewall Detect v6.3

Wherever there is a conflict, the Addenda to the RFP document and the RFP document (in that order) override the explanations that are provided here.

February Considerations When Choosing a Secure Web Gateway

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600

Williamson County Technology Services Technology Project Questionnaire for Vendor (To be filled out withprospective solution provider)

NetScaler VPX FAQ. Table of Contents

Component Details Notes Tested. The virtualization host is a windows 2008 R2 Hyper-V server. Yes

Access Your Cisco Smart Storage Remotely Via WebDAV

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

SiteCelerate white paper

Networking for Caribbean Development

Move over, TMG! Replacing TMG with Sophos UTM

Addendum #4 to Spotsylvania County RFP # for Enterprise Asset Management System Software June 10, 2015

How to Build a Massively Scalable Next-Generation Firewall

This presentation provides an overview of the architecture of the IBM Workload Deployer product.

Direct or Transparent Proxy?

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX60 MX60W MX80 MX100 MX400 MX600

Secure Traffic Inspection

Stateful Inspection Technology

Request for Proposal MDM Offeror s Questions for RFP for Virtual Private Network Solution (VPN)

Building A Secure Microsoft Exchange Continuity Appliance

Ixia Phantom vtap. Overview. Virtual Taps Phantom Monitoring Solution DATA SHEET

Alliance Key Manager A Solution Brief for Technical Implementers

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Configuration Guide BES12. Version 12.2

Evaluation of Enterprise Data Protection using SEP Software

Application Note. Onsight Connect Network Requirements V6.1

Addendum to RFP for Supply, Installation and Maintenance of Server, Storage and Virtualization Solution

More than just Layer 2-7 Load Balancing Citrix NetScaler & CloudGateway

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Navigating Endpoint Encryption Technologies

Firewalls and VPNs. Principles of Information Security, 5th Edition 1


Enterprise Buyer Guide

Configuration Guide BES12. Version 12.1

Networking Topology For Your System

Network Administrator s Guide

White Paper. Securing and Integrating File Transfers Over the Internet

How To Choose A Network Firewall

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Server Software Installation Guide

About This Document. Response to Questions. Security Sytems Assessment RFQ

RSA Security. RSA, RC2, RC4, RC5, MD5 AES RC6 PKCS RSA Keon PKI. RSA BSAFE 5 Web. RSA SecurID 4000

Request for Proposal INFORMATION SECURITY ASSESSMENT SERVICES RFP # Addendum 1.0

Network Access Security. Lesson 10

SSL Performance Problems

CISCO WIDE AREA APPLICATION SERVICES (WAAS) OPTIMIZATIONS FOR EMC AVAMAR

Next Generation Network Firewall

Backup and Archiving Explained. White Paper

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Secure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco

4 Delivers over 20,000 SSL connections per second (cps), which

SSL EXPLAINED SSL EXPLAINED

Frequently Asked Questions PIVOT by Spectralink

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

SaaS at Pfizer. Challenges, Solutions, Recommendations. Worldwide Business Technology

Current VPN Market Scenario

HTTPS Inspection with Cisco CWS

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

Cisco ACE 4710 Application Control Engine

Stingray Traffic Manager Sizing Guide

ClearPass Policy Manager

Installing and Configuring vcenter Multi-Hypervisor Manager

Securing Virtualization with Check Point and Consolidation with Virtualized Security

What is an SSL Certificate?

Project X Mass interception of encrypted connections

SECUR IN MIRTH CONNECT. Best Practices and Vulnerabilities of Mirth Connect. Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions

Advanced Administration

SSL Inspection Step-by-Step Guide. June 6, 2016

Configuration Guide BES12. Version 12.3

SSL ACCELERATION DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY

SILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

NEFSIS DEDICATED SERVER

Barracuda Web Application Firewall vs. Intrusion Prevention Systems (IPS) Whitepaper

Extreme Networks Solutions for Microsoft Skype for Business Deployments SOLUTION BRIEF

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

IBM Security QRadar Version Vulnerability Assessment Configuration Guide IBM

Filtering remote users with Websense remote filtering software v7.6

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more. Security Review

Managing and Securing the Mobile Device Invasion IBM Corporation

Vyatta Network OS for Network Virtualization

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Transcription:

ADDENDUM #1 TO RFP #15-574655-cs Enterprise Secure Internet Content Filter Solution and Implementation DATE OF RELEASE OF ADDENDUM #1: 7/14/15 QUESTION 1: Please let us know how much traffic is going through your 10Gbps connection RESPONSE: Typical utilization is ~750Mbps with a peak of ~3 Gbps QUESTION 2: On Deliverable section 1 B you note a 10 Gb/s MM/SR connection, but how much of that 10G pipe are you using? What is your actual throughput? RESPONSE: Typical utilization is ~750Mbps with a peak of ~3 Gbps QUESTION 3: General Question on Deliverable Section 1: Do you have any plans to run the solution inline? RESPONSE: No decision has been made regarding running the solution inline or out of band. Both architectures will be considered. QUESTION 4: General Question on Deliverable Section 1: Do you have plans to decrypt SSL? RESPONSE: Yes. QUESTIONS 5 THROUGH 7 FROM ATTACHMENT 1: QUESTION 5: You do not list current architecture of integrating content filter solution into the UCD network. You only list interface and user count. Can you list the current architecture, make of and model of hardware/software? RESPONSE: The architecture considerations is Cisco ASA 5585 (ASA 9.1(5)) QUESTION 6: Is there a need to design for multiple egress points HA or FA design? Is that being considered? RESPONSE: One egress point with HA is desired. QUESTION 7: Can you provide the current average HTTP and HTTPS utilization for the environment? RESPONSE: Typical http/https utilization is ~550Mbps with a peak of ~2 Gbps.

QUESTION 8: Under Vendor Requirements you list the following: Bidder must also have verifiable in-depth knowledge and experience in integrating the proposed Enterprise Secure Internet Content Filter Solution product with infrastructure technologies including Cisco wired and wireless networks and VPNs, Microsoft Windows, Apple Macintosh, and common mobile clients. The bidder must have full-time resources on staff. How long is that person to be on staff? RESPONSE: Minimum 3 years is preferred. QUESTION 9: Is there a specific deployment method UCDHS prefers? (Explicit with a proxy. PAC File; Transparent/Inline; Virtual Inline using Cisco WCCP) RESPONSE: Transparent/Inline or Virtual Inline using Cisco WCCP are being considered. QUESTION 10: Is there any interest in High Availability, and if so, how does UCDHS plan to do that? RESPONSE: HA is desired. We will rely on the design recommendations of the winning bidder. QUESTION 11: Is this going to be a replacement for an existing system or a new solution? And, if this is a replacement, how many existing policies are on the old system that will need to be migrated to the new system? RESPONSE: This is a new solution. QUESTION 12: Does UCDHS already have a Certificate Authority setup and implemented in their environment? RESPONSE: UCDHS does not use an internal CA. All certificates originate from an external, trusted CA. QUESTION 13: How much web traffic will the solution be intercepting? If UCDHS doesn t have the necessary reporting appliances currently in place, this can usually be obtained from your ISP. RESPONSE: Typical overall utilization is ~750Mbps with a peak of ~3 Gbps. Typical http/https utilization is ~550Mbps with a peak of ~2 Gbps. QUESTION 14: Regarding the mobile client, what type of policy is required: basic/simple filtering, or a more granular approach? RESPONSE: The expectation is that all policies, exceptions, reporting, etc. that apply to the general computer devices will also apply to the mobile devices.

QUESTION 15: Will mobile devices be required to be filter when they aren t on the network (ie: on public wifi)? RESPONSE: Off network compliance is desired. Questions 16 through 21 from Attachment 2, System Integration: QUESTION 16: What version of Epic is supported? What level of exposed API s have been deployed at your organization from Epic? In what application areas? RESPONSE: Integration with Epic is not planned. This questionnaire is a template for all technology reviews. Any QUESTION 17: Is there a specific requirement around integrating Epic's EMR? RESPONSE: Integration with Epic is not planned. This questionnaire is a template for all technology reviews. Any QUESTION 18: Is it safe to assume data type for EMR Integration may be XML or JSON format? Are there requirement to support other data types? What are those data types? RESPONSE: Integration with Epic is not planned. This questionnaire is a template for all technology reviews. Any QUESTION 19: Is there a list of applications, systems, databases for non-emr systems? RESPONSE: Integration with systems not explicitly stated in the RFP is not planned. This questionnaire is a template for all technology reviews. Any QUESTION 20: Do you have any device provisioning system? If so, does system expose api to query device data? Does it have secure interface to query device data? RESPONSE: Please clarify what is meant by device provisioning system. QUESTION 21: What are encryption requirement? Minimum cipher requirement? Minimum key length requirement? Fully encrypted data Or any subset of data? For example, only encrypt data that involves PHI or PII or those mandated by HIPAA compliance?

RESPONSE: The Enterprise Secure Internet Content Filter solution is not planned to perform encryption other than inspecting secure web traffic (e.g., https). This questionnaire is a template for all technology reviews. Any QUESTION 22: (From Attachment 2, Data Mgmt): Is there detail information available on network traffic from internet? Volume, size, frequency, connections, type of traffic (html, audio, video, Instance messaging, xml, json)? RESPONSE: Typical overall utilization is ~750Mbps with a peak of ~3 Gbps. Typical http/https utilization is ~550Mbps with a peak of ~2 Gbps. QUESTIONS 23 & 24 from Attachment 2, Server Technology: QUESTION 23: Is there any preferences for physical vs virtual appliances? If so, any hypervisor preferences, vmware, kvm, powervm, hyper-v etc? RESPONSE: No preference on appliance type, however, any virtual appliance must guarantee no performance degradation compared to a physical appliance. VMWare or Hyper-V are preferred. QUESTION 24: What are all server platform supported currently? Linux, Windows, something else? X86 or X64 or other chips? RESPONSE: Windows and Linux are supported in both 32 and 64 bit chips. QUESTION 25: From Attachment 3, Digital Imaging Technologies: What systems are you current supporting in Radiology, Cardiology, etc.? RESPONSE: Integration with imaging technologies is not planned. This questionnaire is a template for all technology reviews. Any QUESTION 26: From Attachment 3, Clinical Engr. Technologies: What devices are currently used today with Epic and any other clinical information system? Are you using a MDI Vendor (e.g., Capsule) to integrate with Epic or a third party application working in tandem with Epic? RESPONSE: Integration with systems not explicitly stated in the RFP is not planned. This questionnaire is a template for all technology reviews. Any QUESTIONS 27 THROUGH 32 from Attachment 6, Table 2, Question 2 QUESTION 27: What features of Qradar are currently installed? RESPONSE: Please clarify the question and give examples of features.

QUESTION 28: Is there any patch management solution in place? For example, IBM Endpoint Management. RESPONSE: Patch management is not in scope for this RFP. QUESTION 29: Is there a requirement to support traffic originating from trusted partners, suppliers, external vendors? In other words any B2B requirement? RESPONSE: Only egress traffic from the UCDHS internal network is in scope for this RFP. QUESTION 30: Is there a need to expose internal system using API Management solution? Do we need to consider this kind of trusted traffic in our overall security solution? RESPONSE: API integration is not anticipated unless required to accomplish integrations stated in the RFP. QUESTION 31: With regard to questions above, is this traffic flowing thru separate pipe? Isolated? Private VPN? Do we need to consider support for this in our overall security solution? RESPONSE: Only egress traffic from the UCDHS internal network is in scope for this RFP. QUESTION 32: Is there any specific requirement around data retention policies? Any other compliance requirement for data retention besides HIPAA? RESPONSE: Data retention is intended to be handled by the QRadar SIEM; however, if the proposed solution is exclusively internal storage, 3 months of rolling data must be retained at a minimum.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information