Specifications include, but are not limited to: USM is a public research doctoral institution which services approximately 14,100 students and 3,000 employees across multiple campuses in the Pine Belt and coastal regions of Mississippi. In addition to the university community, there are a handful of third-party entities that utilize USM network resources.; The scope of this project will be the USM networks utilized by employees and units, which contains up to 5,000 computing end points and roughly 355 servers. USM makes use of multiple RFC1918 based networks, segregated by location and function. USM also has a class B network, which it uses for public facing IP addresses. Aside from IT resources previously listed, USM uses several cloud-based services, platforms, and products, most notably Microsoft 365. The solution proposed must be able to selectively exclude IT resources that are not considered in scope.; More specific systems and network configuration information can be made available to respondents, by request only, in the time period specified by item #25 in the Bid Response Instructions.; The primary objective of this project is to replace, in whole, the current SEIM solution through the acquisition of an MDR or other MSS that must address the following: Effectively augment USM staff with qualified cybersecurity analysts, on a 24/7/365 basis.; Reduce the Mean Time to Detect events and the Mean Time to Respond to events.; Detect network attacks and appropriately alert on impactful, disruptive, or consequential incidents; Detect and alert on anomalous activity in Microsoft 365 Tenant; Detect, report, and alert on malware infected systems; Detect and alert on anomalous user behavior; Detect potentially malicious lateral movement; Detect and alert on unauthorized data exfiltration; Provide on-demand and scheduled reporting on key metrics; Aggregate, normalize, and correlate logs from several disparate systems and devices
