Specifications include, but are not limited to: • Client Hardware: Client devices available at SBCUSD school sites varies widely in type and age. SBCUSD is a multi-platform District, including Macs, iPads, Chromebooks, Windows 10 or better, and Windows Server 2016 or better. • Client Management Systems: In order to mass deploy Endpoint Detection and Response (EDR) agents, the District is currently leveraging the following Mobile Device Management (MDM) services: o PCs are enrolled in Microsoft Intune. o Macs are enrolled in Mosyle. o iOS and iPadOS devices are enrolled in Mosyle. o Chromebooks are enrolled in Google’s Chromebooks for Education Management Console. • Developing and supporting the MDM integrations for application push to District devices and troubleshooting any installation issues with installation command line options. • Provisioning and initial setup of the web-based console for the product(s) purchased under this RFP for the District and enabling access to a specific group of District IT Staff members. • Full setup of best practices for device policies for all platforms that will have an agent installed, for operating systems below: o Windows o macOS o iOS/iPadOS o Linux o Android and/or ChromeOS • Full setup of alerting and reporting for the IT District staff members. • Desired integrations setup via APIs to the District’s current security infrastructure, including but not limited to: o Fortigate Firewalls o Intrusion Detection Systems (IDS) o Vulnerability Assessment systems o Industry standard DDI integrations o Network Access Controls, such as Aruba Clearpass o Support Indicators of Compromise (IOC) ingestion via API • Develop and test Agent update procedures on the various platforms and demonstrate the update process so it is clearly understood. • Assisting the District with the removal (if applicable) of the incumbent EDR solution application and other legacy software that could be performing A/V functionality. • Identifying and testing with a specific set of District client platforms (listed above) to ensure the EDR application is installed, functioning as expected, reporting back to the web console, and not causing any strange device issues or interfering with user activity. • Providing guidance and troubleshooting to the District with full deployment of the EDR client to all platforms. • Reviewing the web console for all platforms to determine if any policy tweaks need to be made to achieve best practices. • Vendor must utilize the Center for Internet’s (CIS) security benchmark controls or similar benchmarks to enforce hardened security controls based on best practices of the proposed solutions. • Vendor must meet or exceed National Institute of Standards and Technology (NIST) controls identified in NIST SP 800-128. • Solution must utilize the MITRE ATT&CK framework. • Providing the District with all licensing, documentation, and other information necessary to transition from implementation to production operations. • Provide all knowledge transfer to District IT staff for assumption of operational control and monitoring/maintenance.
