The Vendor is required to provide a managed intrusion detection system (IDS) that provides real-time threat monitoring, alerting, and analysis through a responsive security operations center (SOC).
- This system must support a small it staff by offering expert analysis, rapid incident response, and proactive threat intelligence to enhance cybersecurity posture.
- IDS solution
• Provide network-based intrusion detection with real-time alerts on malicious activity.
• Include 24/7 SOC monitoring, offering expert analysis and rapid response.
• Be scalable to accommodate future growth.
• Integrate with existing security tools and log aggregation systems.
• Be cost-effective while providing comprehensive protection.
• Provide network-based intrusion detection with real-time alerts on malicious activity.
• Include 24/7 SOC monitoring, offering expert analysis and rapid response.
• Be scalable to accommodate future growth.
• Integrate with existing security tools and log aggregation systems.
• Be cost-effective while providing comprehensive protection.
- Intrusion detection features
• Monitor inbound and outbound network traffic to detect suspicious activity.
• Identify known threats using signature-based detection.
• Provide anomaly-based detection to identify emerging threats.
• Support custom rules to address organization-specific risks.
• Be capable of detecting lateral movement within the network.
• Generate real-time alerts with priority-based categorization.
- Security operations center (SOC) support
• Monitor the IDS 24/7/365.
• Triage alerts, reducing false positives and escalating genuine threats.
• Provide human-led analysis and threat validation.
• Offer incident response guidance and recommended remediation actions.
• Generate monthly reports summarizing detected threats, response actions, and trends.
• Be accessible via phone, email, and secure portal for incident reporting and escalation.
- Integration and compatibility
• Must support industry-standard network protocols for monitoring.
• Should integrate with security information and event management (SIEM) systems.
• Provide API support for data sharing with existing security tools.
- Deployment & maintenance
• The vendor must provide remote and/or on-site deployment support.
• Offer regular updates to ids signatures and detection logic.
• Conduct quarterly security reviews and system health checks.
- Compliance & data handling
• The system must align with NIST, CIS, and other relevant cybersecurity frameworks.
• Ensure encrypted data transmission for alerts and logs.
• Provide role-based access controls for authorized personnel.  
- Contract Period/Term: 1 year
- Questions/Inquires Deadline: April 18, 2025