Specifications include, but are not limited to: Specific Project or Service Needs Privileged Access Management (PAM) solution with an initial contract term of three (3) years with the option to renew for up to two (2) additional one (1) year terms upon mutual agreement of the parties. Business Requirements Vendor led and LES assisted installation, vendor would create and turn over the instance to LES and then the tuning phase would be begin as listed below Provide management capabilities for privileged accounts and service accounts Six months’ worth of weekly hour-long tuning sessions Technical Requirements Required capabilities On premise deployment with high availability design over multiple geographically separated data centers Enforce MFA for system administrators for operating systems Ability to manage service accounts Be capable of changing passwords at a pre-determined interval or after a session completion Ability to audit privileged and service accounts for the purpose of compliance Ability to utilize Microsoft Azure authentication service for the purpose of MFA Automated tool for the discovery of accounts Recovery option in the event the PAM appliances cannot be reached Ability to manage local admin accounts Ability to install on virtual or physical servers (virtual is preferred) Ability to launch session without the administrator knowing the password Ability to manage 30 administrator accounts, 500 user accounts, and 1,000 endpoints Preferred capabilities
