NET-7658 - USA (Omaha, Nebraska) - Managed Network Security Services - Deadline January 24,2023

(1) Vendor needs to provide managed security services provider (MSSP) for its endpoints, networks and systems to the government authority located in Omaha, NE. • The MSSP will provide real time threat protection on a 24x7x365 day basis. • The MSSP will provide dedicated account management for the entire term of the service agreement. • The MSSP will conduct centralized logging and event correlation used against all available internal and external data sources. These data sources will include DNS, device logs, Office 365 logs, and Sentinel One EDR. • The MSSP will detect substantial short-term changes in user and system behavior. • Log data collected and monitored will enable the MSSP to isolate and analyze malicious activity regardless of the agency deployed device's function, brand or type. • The MSSP will ensure that any security device data collected and provided to agency for separate and parallel analysis is translated into a standardized readable format to ensure a common understanding of collected results. • The MSSP will provide a log management solution. This solution will be used for the storage of 100% of the raw log data for one year. • The MSSP will maintain overall responsibility for any tasks, analysis, or detection required during security event response. • The MSSP will ensure that the intrusion detection team has designated personnel 24-hour a day, 7 days a week on call to react to any security incident. • MSSP will identify, document, and track all incidents in a managed security portal. • The MSSP will review all security event activity in real time on agency networks and remote enclaves. • The MSSP will perform threat correlation and has the ability to sort through multiple logs and log entries to identify attackers. • The MSSP will conduct real-time monitoring and detection for malicious code phishing attacks, providing alerts, reporting, and blocking actions for the agency networks. • The MSSP will provide computer forensics capabilities within incident responses as needed by agency. (2) All questions must be submitted no later than January 20, 2023. (3) Contract term will be two years.