General Requirements • Must include at least one, three, and five years of support and software/firmware updates. • Must include all applicable licensing to enable/activate features to meet requirements. • Must be able to support three ISPs at one site and one Datacenter. • Current Palo Alto firewall licensing expires July 10, 2025. As such, replacement solution needs to be delivered no later than June 1, 2025. ‘As bid’ solutions must include extension of existing licensing to cover gap if delivery is not possible by that date. ‘Not as bid’ solutions will be judged on their cost PLUS gap licensing on existing firewall if delivery date cannot be met. Additionally, ‘not as bid’ solutions must also include on-site engineers/technicians as part of their proposal to ensure operational viability of the new system. Technical Requirements • Must support single-pass inspection of packets (or equivalent). • Must support the use of virtual routers. • Optional manageable via single application (Example: Palo Alto Networks Panorama). • Must be able to support up to 30 Gbps of sustained inspection/decryption and threat protection traffic. • Must be able to support at least 265,000 new sessions per second. • Must provide at least 2x 25 Gbps and 10x 1/10 Gbps interfaces per device. • Must support agentless user identification for user-based rules. • Must support user identification on ChromeOS devices via ADFS without the need to install agents on all AD servers.
