The vendor is required to provide to procure a cloud-based email security gateway that enhances protection for google workspace (Gmail) by providing advanced threat protection, spam filtering, phishing detection, and email encryption.
- The solution must be off-premise and seamlessly integrate with google workspace's administrative suite for policy management and monitoring.
- Email security gateway for google workspace integration:
• Provide advanced email filtering and security for Gmail.
• Offer protection against phishing, malware, and spam.
• Support email encryption and data loss prevention (DLP) policies.
• Ensure seamless integration with google workspace without affecting email flow.
• Be managed externally with an easy-to-use web-based admin interface.  - Email threat protection features
- The email security gateway must:
• Utilize AI-driven threat detection to identify sophisticated phishing attacks.
• Include real-time scanning for email attachments and links.
• Prevent business email compromise (BEC) and impersonation attacks.
• Provide anti-spam filtering with customizable threshold settings.
• Include ransomware and zero-day malware protection with sandboxing.
• Offer allow list/block list management for trusted or suspicious senders.  - Integration with google workspace:
• Must support google workspace (Gmail) APIS for email security management.
• Allow for direct integration with google admin console for policy enforcement.
• Provide real-time dashboard visibility for email security analytics.
• Offer agency or other secure authentication mechanisms for access control.
• Support quarantine management and user self-service release of emails.
- Deployment & access requirements:
• The solution must be cloud-based (off-premise) and require no on premise hardware.
• Allow email routing through its secure servers before delivery to Gmail inboxes.
• Offer redundant infrastructure for high availability and uptime.
• Be vendor-managed, including automatic updates and security patching.
- Compliance & data protection:
• Ensure compliance with GDPR, CISA, NIST, and other relevant security frameworks.
• Support TLS encryption for email in transit.
• Provide data loss prevention (DLP) policies for sensitive data protection.
• Offer audit logs and detailed reporting on email security incidents.
- Administrative & User Controls:
• Provide a web-based admin portal with granular access controls.
• Allow role-based permissions for email security management.
• Enable automated policy enforcement based on predefined rules.
• Support automated alerts for detected threats or unusual email activity.
- Questions/Inquires Deadline: April 18, 2025