Posted Date : September 18,2018
Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID : NET-1250
Government Authority located in Hastings, Michigan; USA based organization looking for expert vendor for Network Security Audit and Vulnerability Assessment Services.
[A] Budget: Looking for Proposals
[B] Scope of Service:
(1) Vendor needs to provide Network Security Audit and Vulnerability Assessment Services provides technology services to focus on providing a secure, protected network
infrastructure dedicated to the protection, reliability, and availability of the County’s data
1. Edge Security
a. Perform ping sweep and port scan of external IP addresses
b. Perform vulnerability scan of all external IP addresses
c. Review configurations of demilitarized zone (DMZ) including access lists
d. Review ingress and egress firewall policies
e. Review network address translation rules for publishing internal systems
f. Verify firewall inspection layer - application layer / stateful inspection
g. Determine if reverse proxy is in place for inspecting encrypted traffic and preauthentication
h. Determine if any unified threat management is configured for the edge security
i. Review current auditing policies and practice for edge security devices
2. Network Security
a. Review switch configurations to determine if network segmentation configured between
networks
b. Determine if any internal firewalls are in place between workstations and servers
c. Determine if encryption is configured to protect internal communications
d. Review wireless security settings to validate security measures in place
e. Validate port security and whether or not network ports are active by default and if port
security enforces based on MAC address
f. Determine if any network intrusion detection or prevention systems are providing
network scanning
3. Systems Security
a. Perform ping sweep and port scan of internal IP addresses
b. Review all servers and workstations(see appendix) in the environment to determine if the
following configurations have been made or security measures are in place
i. Have any unnecessary services been disabled?
ii. Is an existing patch management solution in place to ensure the latest operating
system security updates are installed?
iii. Review the auditing policies and procedures in place for each system
iv. Does each system have an updated Endpoint protection application installed to
provide for:
1. Anti-malware
2. Host IDS/IPS
4. Audit must meet necessary requirements
5. Access Management to the government authority located Hastings, MI.
(2) All question must be submitted no later than September 27, 2018.
[C] Eligibility:
- Onshore (USA Only);
[D] Work Performance:
Performance of the work will be Offsite. Vendor needs to carry work in their office location.
Budget :
Deadline to Submit Proposals: October 05,2018
Cost to Download This RFP/RFQ/RFI/Solicitation/Tender/Bid Document : 5 US$
Image may be NSFW.
Clik here to view.
Product (RFP/RFQ/RFI/Solicitation/Tender/Bid Etc.) ID : NET-1250
Government Authority located in Hastings, Michigan; USA based organization looking for expert vendor for Network Security Audit and Vulnerability Assessment Services.
[A] Budget: Looking for Proposals
[B] Scope of Service:
(1) Vendor needs to provide Network Security Audit and Vulnerability Assessment Services provides technology services to focus on providing a secure, protected network
infrastructure dedicated to the protection, reliability, and availability of the County’s data
1. Edge Security
a. Perform ping sweep and port scan of external IP addresses
b. Perform vulnerability scan of all external IP addresses
c. Review configurations of demilitarized zone (DMZ) including access lists
d. Review ingress and egress firewall policies
e. Review network address translation rules for publishing internal systems
f. Verify firewall inspection layer - application layer / stateful inspection
g. Determine if reverse proxy is in place for inspecting encrypted traffic and preauthentication
h. Determine if any unified threat management is configured for the edge security
i. Review current auditing policies and practice for edge security devices
2. Network Security
a. Review switch configurations to determine if network segmentation configured between
networks
b. Determine if any internal firewalls are in place between workstations and servers
c. Determine if encryption is configured to protect internal communications
d. Review wireless security settings to validate security measures in place
e. Validate port security and whether or not network ports are active by default and if port
security enforces based on MAC address
f. Determine if any network intrusion detection or prevention systems are providing
network scanning
3. Systems Security
a. Perform ping sweep and port scan of internal IP addresses
b. Review all servers and workstations(see appendix) in the environment to determine if the
following configurations have been made or security measures are in place
i. Have any unnecessary services been disabled?
ii. Is an existing patch management solution in place to ensure the latest operating
system security updates are installed?
iii. Review the auditing policies and procedures in place for each system
iv. Does each system have an updated Endpoint protection application installed to
provide for:
1. Anti-malware
2. Host IDS/IPS
4. Audit must meet necessary requirements
5. Access Management to the government authority located Hastings, MI.
(2) All question must be submitted no later than September 27, 2018.
[C] Eligibility:
- Onshore (USA Only);
[D] Work Performance:
Performance of the work will be Offsite. Vendor needs to carry work in their office location.
Budget :
Deadline to Submit Proposals: October 05,2018
Cost to Download This RFP/RFQ/RFI/Solicitation/Tender/Bid Document : 5 US$
Image may be NSFW.
Clik here to view.
