The District requires visibility into data and traffic flowing on the network and must be able to respond immediately. The District desires a cybersecurity platform focused on real-time compromise assessment and continuous monitoring. The District requires a solution that will gain visibility into the network's security posture by collecting and analyzing network metadata, such as DNS logs and firewall access logs, to identify threats and compromised devices across all segments of the District network. Existing Environment: 15,000 Student Laptops 2,400 Staff Computers 40 GBPS east-west WAN traffic 30 GBPS Internet circuit All WAN traffic connects to a central bunker for data egress to the internet (Spoke and wheel topology design) The following are minimum specifications for the MDR: • Must provide a SPIN number provided by USAC • Must accept SPI as a form of eRate discount. The District’s discounted rate is 90% for the cybersecurity grant • Must be able to collect and process data from all circuits (30GBps and 40 GBps WAN) • Provisioning and ingest of NDR data from one or more Quorum Collector (QC) appliances • Must be able to keep traffic for a minimum of 7 days • Must be able to archive data that needs further investigation or needs to be saved for future actions (IPS, Advanced Malware Protection Service, Application Control, and FortiCare)
