Project Overview Current Environment: • Two environments with mixed on-prem Exchange servers • ~400 employees (not all require full suite) • 140 virtual machines across 6 ESXi hosts and 2 SANs • 310 computers • Multiple domains to consolidate: jeffersoncountywv.org, JCPAwv.org, jcesa.org, jcecc.local, jcsdwv.org, jcda.org, jcprc.org, wvfp.org, jcdsr.org • Existing Microsoft 365 E3 licensing Modernization Goals: • Consolidate domains under jeffcowv.gov • Migrate mailboxes, archives, and services to Microsoft 365 • Replace all on-prem domain controllers with Azure AD • Introduce PIV smart card authentication for secure access • Deploy Microsoft Defender for Endpoint across all devices • Evaluate and implement cloud vs on-prem options for CA, DNS, and DHCP • Provide robust on-site engineering support and training for Jefferson County’s IT team Scope of Work 1. Domain Consolidation & Microsoft 365 Migration • Migrate all email accounts to jeffcowv.gov • Preserve compliance and retention policies • Decommission legacy Exchange servers • Provide phased migration strategy with rollback plans 2. Identity Architecture • Option A: Azure AD Buildout • Option B: Hybrid On-Prem AD with Azure Sync • Include GPO structure, VIP tiering, and conditional access policies 3. PIV Smart Card System • FIPS 201-compliant smart cards • Issuance equipment: printers, encoders, laminators, secure key injection tools • Integration with Active Directory, Exchange, surveillance, and access control systems • Support for digital signing, non-repudiation, and email encryption • Two CA options required: o Option A: Cloud-Based CA (e.g., Microsoft Entra ID integration) o Option B: On-Prem AD CS with HSM • Vendors must recommend best-fit model and provide lifecycle cost comparison
