The Vendor is required to provide managed information technology services for include:
- End-user on-site support
• Dispatch of a qualified technician to city hall when remote support efforts are unsuccessful in resolving covered incidents.
• Normal support hours: Monday through Friday, 8:00 am to 5:00 pm eastern time, excluding city-observed holidays.
• A documented ticketing system must be used for all support requests.
• Service level agreements (SLAs): vendor must meet the following minimum response times:
• Critical: 30-minute response
• High: 1-hour response
• Standard: 4 business hours
- Network and systems monitoring and management
• Servers and network infrastructure, including automated alerting and human review/response.
• Fortigate firewalls (6).
• Workstations for covered users (approximately 250).
• Microsoft 365 tenant administration and management.
• Proactive identification and remediation of performance, security, and reliability issues.
• Patch management reporting — vendor must provide regular reporting on patch compliance across all covered devices.
- Cybersecurity
• Managed detection and response (MDR) endpoint protection for all covered end users (approximately 250).
• 24/7 security operations center (SOC) monitoring included as part of MDR service.
• Firewall advanced threat protection and next-generation firewall management.
• Maintain a documented incident response plan and provide IT to the city upon request.
• Security event log retention — minimum 90 days.
• Security incident notification — vendor must notify the city within one (1) hour of a confirmed security incident.
- Cloud administration
• Azure and Veeam support for all covered users and network devices.
- Emergency after-hours and holiday support
• Remote support must be exhausted prior to dispatching an on-site technician.
• After-hours or holiday support for non-critical issues shall be billed separately at applicable professional service rates.
• “Critical” incidents are defined as: network outage, cybersecurity incident, ransomware event, firewall failure, or loss of core business systems (e.g., email, file access).
• Proposers shall clearly define their on-call escalation path and response time for a critical (p1) incident in their proposal.
- Network health reviews
• Plain-language summary reports of environmental health, security posture, system continuity, and warranty status.
• Vulnerability or network scanning assessments, either internal or external, as applicable.
• Identification of equipment approaching end-of-life.
• Clear recommendations with estimated costs when action is required.
Set up free email alerts and get notified when new government bids, tenders and procurement opportunities match your industry and location. Choose daily or weekly delivery.