IT Consulting Services

The vendor is required to provide a senior network security engineer consultant to assist with configuration, evaluating existing configure and migration of configuration including authentication services, user realms and profiles, from old appliance to new appliance.
- Core responsibilities and essential duties:
1. Assessment
• Authentication setup assessment:
○ Inventory all user realms, profiles, and configurations on the PSA devices.
○ Assess the compatibility of current configurations with the new ISA platform and the new domain authentication structure.
• New domain authentication assessment:
○ Review the architecture and configuration of the new domain environment.
○ Identify potential integration challenges and ensure readiness for authentication migration.
2. Planning
• Migration and testing plan:
○ Develop a comprehensive migration plan for user realms and profiles, incorporating testing against the new domain environment.
○ Define prerequisites for integration, including trust relationships, certificates, and access control configurations.
○ Establish rollback procedures to address any migration or authentication issues.
• Pre-migration preparation:
○ Prepare ISA devices to receive migrated configurations and support the new domain authentication structure.
○ Coordinate with client teams to align schedules and test periods.
3. Migration execution
• Data and configuration migration:
○ Extract user realms, profiles, and authentication settings from the PSA devices.
○ Transform and adapt extracted data for compatibility with ISA devices and the new domain environment.
○ Load configurations onto ISA devices in a phased manner.
• Domain authentication configuration:
○ Enable and configure multiple domain authentication on ISA devices.
○ Integrate and validate authentication protocols (SAML, Kerberos, LDAP) with the new domain structure.
- Validation and testing
• Functional testing:
○ Test authentication workflows for all user realms and profiles against the new domain authentication structure.
○ Validate user access for each domain, ensuring no disruptions or policy violations.
• Failover testing:
○ Test failover and redundancy scenarios to confirm system reliability.
• New domain compatibility testing:
○ Verify that the migrated configurations work seamlessly within the new domain authentication setup.
○ Address and resolve any compatibility or integration issues.
5. Documentation and knowledge transfer:
○ Document all migration procedures, challenges, and resolutions.
○ Provide knowledge transfer to agency staff through detailed documentation and live demonstrations
- Assessment
• Create a current state report
• Complete ivanti pulse secure environment assessments
• Review remote access architecture
• Complete configuration and security assessment of all devices
• Understand and document bandwidth utilization and inventory
• Identify all issues in all layers of the architecture
- Recommendations
• Authentication requirements
• Areas to create redundancy
• Hardening of the network
• Areas to upgrade technology
• Estimated cost of the upgrades
• Opportunities for cost avoidance
• Value adds for the upgrades.