Specifications include, but are not limited to: Network Dedicated hardware appliances (sensors) with appropriate span ports, network taps, inline deployment, port-aggregation, or a combination of connectivity schemes to achieve the broadest window into data gathering, analysis, and mitigation for both wired and wireless infrastructure. (Note: Any inline deployment must utilize a “fail open” mechanism in case of equipment failure or malfunction.) Host Agent or operating system based data collection. Vulnerability Regular vulnerability scanning of systems for proactive risk analysis and remediation. Sources Data collection sources include but are not limited to: ○ Syslogs ○ Log Managers (e.g. Splunk, Solarwinds, ManageEngine, etc.) ○ Event logs ○ SNMP Traps ○ Network Traffic Flows (e.g. Netflow, sFlow, IPFIX, etc.) ○ DNS