Specifications include, but are not limited to: Desired Capabilities • Ability to identify and track a wide range of university endpoint devices or hardware (Definition of Endpoint Devices provided in Section 1.3.) • Ability to manage software and security on university-owned computers, servers, laptops and mobile devices. • Endpoint encryption (full disk, data in transit, data at rest) and key escrow • Centralized console for controlling endpoint anti-malware, anti-spyware, Intrusion Prevention System (IPS), firewalls, applications, web security, email security and endpoint status (operating system version, patch levels, hardware version, etc.) • A unified view of security status and asset inventories to the Office of Cybersecurity and the CIO • Delegated administration with role-based access controls • Ability to support multiple operating systems in a robust manner; Windows, macOS, Linux, Solaris, AIX, iOS, Android…and those to come • Integration with central and distributed Active Directory and other directory services • Support for stand-alone machines (no directory services) • Integration with SAML 2.0 authentication services • Ability to manage endpoints on unmanaged networks (push/pull) • Integration with a security information and event management (SIEM) platform • A robust, full-featured Application Programming Interface (API) • Section 508 of the Rehabilitation Act and WCAG 2.0 web accessibility compliance
