The Vendor is required to provide a parent portal or app allowing guardians to control and/or monitor content filtering for off-site devices, a student safety portal or app that monitors and alerts on potential student threats such as self-harm, and classroom-based controls enabling teachers to manage content filtering while devices are in use within the classroom.
- A cloud-based, browser-agnostic management dashboard is available, designed for ease of use by non-security administrators.
- Regular updates are provided for filtering categories and threat intelligence feeds.
- Web filtering categorizes content based on predefined categories (e.g., pornography, drugs, and violence) relevant to K-12 settings.
- Filtering policies are differentiated based on user roles such as primary students, secondary students, and staff.
- Proxy anonymizers, VPNs, and other circumvention tools are blocked to maintain filtering effectiveness.
- Custom allow/block lists are supported for specific devices, users, groups, or policies.
- Filtering enforcement applies to both managed and unmanaged devices without performance degradation.
- Detailed content logging is supported at the domain, URL, and category levels where applicable.
- Activity logging and reporting are available with a minimum retention period of 30 days.
- Exportable log functionality is available, with filtering by user, IP, time, and content category.
- Malware protection and termination capabilities for suspicious command-and-control callbacks are included.
- A bypass capability is provided for administrators to temporarily disable filtering for specific devices or users.
- Compatibility with third-party captive portals for guest Wi-Fi filtering is supported.
- On-site filtering for district-connected endpoints and off-site filtering for portable devices, including iPads, macOS, and Windows devices, is supported.
- The solution supports both user-based and device-based policy assignment for accurate filtering levels.
- The solution is configurable at the URL level for District devices, supporting either SSL decryption with configurable exceptions or browser-based filtering methods (e.g., PAC files).
- DNS-level filtering is available for unmanaged networks, including BYOD, guest, and IoT devices.
- The solution is capable of high-performance scalability, capable of handling 40,000+ devices.
- Safe search enforcement is supported across common search engines and video platforms.
- Integration with authentication systems (Azure Entra ID, OAuth, or SAML) for role-based administration and Single Sign-On (SSO) is supported.
- Compatibility with Mobile Device Management (MDM) systems for management and deployment of on-device clients/software:
• Jamf Pro - macOS, iOS, iPad OS Devices
• Microsoft Intune - Windows Devices
• Google Workspace Device Management – Chrome OS Devices
- Compatibility with currently supported District hardware and operating systems:
• MacOS 14 or greater
• IPad OS 17 or greater
• Windows 11 23H2 or greater
• Chrome OS 132 or greater
- If server hardware is required for the proposed solution:
• Maximum 4-U rack space
• Ability to run hardware in Active-Active mode and support multi-site operation.
• 10GB or greater interface capabilities
- If virtualized appliances are required for the proposed solution:
• Compatibility with VMWare, Nutanix, and Hyper-V.
- Contract Period/Term: 1 year
- Questions/Inquires Deadline: March 17, 2025
