XDR Solution

The vendor is required to provide extended detection and response (XDR) services for approximately 1400 windows clients and up to 30 windows servers.
- Managed firewall services
•    24/7 firewall monitoring and management: continuous monitoring and management of firewall devices to ensure network security and performance 
•    Incident management: proactive identification and resolution of firewall-related issues 
•    Configuration management: regular backup and management of firewall configurations 
•    Firmware and patch updates: regular updates of firewall firmware and software to ensure security and optimal performance 
•    Performance optimization: analysis and optimization of firewall performance 
•    Security policy management: implementation and management of security policies and rules 
•    Compliance reporting: generation of detailed reports on firewall activity and compliance 
•    Service level agreements (SLAs): commitment to response and resolution times for firewall related incidents, ensuring minimal downtime and prompt issue resolution 
•    Proprietary monitoring tool: utilization of a proprietary monitoring tool for real-time visibility and management of firewall activities.
- Managed extended detection and response (MXDR) services
•    24/7 threat monitoring and detection: continuous real-time monitoring and detection of endpoints, network traffic, and cloud environments for malicious activity. 
•    Proactive threat hunting and incident response: security experts proactively hunt for threats and respond to incidents. 
•    Security event correlation and analytics: managed collects and analyzes security events. 
•    Threat intelligence and automated remediation: integration with global threat intelligence feeds and automated threat containment. 
•    Compliance and security posture management: assistance with compliance requirements and regular security posture assessments. 
•    Service level agreements (SLAs): commitment to rapid response and resolution times for security incidents, ensuring timely threat mitigation and minimal impact on operations. 
•    All high or critical severity alerts must be acknowledged by the vendor’s security operations team within 30 minutes of detection. 
•    Containment actions: vendor must initiate appropriate containment or remediation steps (e.g., isolating an endpoint, terminating malicious processes) within the same window.
- Advanced infrastructure support (ruckus wireless and switching)
•    Ruckus wireless access points
o    Configuration changes
o    Firmware upgrades
o    Performance troubleshooting
o    Wireless security audits
o    Signal coverage optimization and diagnostics
•    Network switching (ruckus and other supported hardware)
o    VLAN configuration and maintenance
o    Link aggregation and trucking
o    Port-level diagnostics and tuning
o    QOS adjustments and traffic analysis
o    Switch firmware updates and configuration backups
- Dedicated roles and proprietary tools
•    Service delivery manager: a dedicated service delivery manager (SDM) responsible for overseeing all aspects of service delivery, ensuring smooth coordination, quality assurance, and client satisfaction. 
•    Customer success manager: a dedicated customer success manager (CSM) to ensure ongoing Client engagement, satisfaction, and alignment with business objectives. 
•    Proprietary reporting software and website: a comprehensive reporting website that consolidates all services, providing real-time insights and overall service management.
- Budget: $39 million

- Contract Period/Term: 3 years
- Questions/Inquires Deadline: October 2, 2025