Specifications include, but are not limited to: DETAILED REQUIREMENTS: 3.1. File Integrity Monitoring 3.1.1.The proposed solution must provide integrated built-in File Integrity Monitoring (FIM), not through a third-party software and it must be managed and monitored by same NG-SIEM platform interface. 3.1.2.The proposed solution FIM capability must capture the user identity for the generated FIM events. 3.2. Operating System Support: 3.2.1. The proposed solution must include support for Windows, Linux distros, Mac, Unix Distros and the capability to gather, document and preserve detailed event information, allowing for analysis of evidence and maintain a complete audit trail of the investigation process. 3.3. Vendor Server Location Requirements: 3.3.1. Any hosting services must be provided on servers only located within the United States. 3.4. User Entity and Behavior Analytics (UEBA) 3.4.1.The UEBA must be fully integrated within the proposed solution –not through any separate integrated software. 3.4.2.The UEBA must support an unlimited number of users. 3.4.3.The pre-packaged “out of the box” use cases must be listed. 3.4.4.The UEBA must be able to detect and respond to insider threats, compromised accounts and privileged account abuse. 3.4.5.The UEBA must collect machine data from across the environment and complete forensic gaps with endpoint and network monitoring. 3.4.6.The UEBA must support User activity monitoring. 3.4.7.Integrate with LDAP and AD solutions for access provisioning to the SIEM.
