RALEIGH-DURHAM AIRPORT AUTHORITY Procurement Department 1000 Trade Dr., PO Box 80001, RDU Airport, NC 27623
REQUEST FOR PROPOSALS (RFP) NO. PCD2014-TP02 Proposal Title: Security Information & Event Management (SIEM) Security Analytics Type of Service: IT Related Products and Services
Refer ALL Inquiries to:
Proposal Advertise Date: 9/22/2014
Travis Pierce, Contracts Officer
Deadline for Submitting Questions:10/3/2014 at 8:00am EST
Telephone No.: 919-840-7833
Proposal Due Date and Time: 10/21/14 by 4:00pm EST
E-Mail:
[email protected] Website: www.rdu.com
Authority’s Using Department: Information Services
NOTICE TO OFFERORS This solicitation advertises the Raleigh-Durham Airport Authority’s (the “Authority”) needs for the products and/or services described herein. All proposals are subject to the conditions identified and stated herein. All formal proposals and responses received shall be treated as offers to contract. The Authority’s acceptance of any proposal must be demonstrated by execution of the acceptance found below and any subsequent Request for Best and Final Offer, if issued. Acceptance shall create a contract having an order of precedence among terms as follows: Terms and conditions specific to this RFP, Specifications of the solicitation documents, except as amended, and Best and Final Offers, if any and the awarded Vendor’s proposal. The Authority reserves the right to reject any and all proposals, to waive any informality or technicality in the proposals, and unless otherwise specified by the bidder, to accept any item in the bid. OFFER In compliance with this Request for Proposals, and subject to all the conditions herein, the undersigned offers and agrees to furnish and deliver any or all products or services upon which prices are offered, at the price(s) offered herein, within the time specified herein. By executing this offer, the undersigned certifies that this proposal is submitted competitively and without collusion, that none of its officers, directors, or owners of an unincorporated business entity has been convicted of any violations of Chapter 78A of the General Statutes, the Securities Act of 1933, or the Securities Exchange Act of 1934 (G.S. 143-59.2), and that it is not an ineligible vendor as set forth in G.S. 143-59.1. False certification is a Class I felony. Failure to execute/sign proposal prior to submittal shall render proposal invalid. Late proposals are not acceptable. Vendor/Bidder Name:
HUB/DBE/MBE/WBE Certification:
Federal Employer ID No.
Business Sales Tax Registration No.
Street Address:
City:
Print Name & Title of Authorized Signatory:
Phone & E-Mail:
AUTHORIZED SIGNATURE:
DATE:
State/Zip Code
Offer valid for one hundred eighty (180) business days from proposal due date and time.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 1 of 42
DELIVERY INSTRUCTIONS: Vendor must deliver one (1) signed original and two (2) copies of the Proposal to the Authority in a sealed package with Company Name and RFP Number clearly marked on the front. Vendor must return all the pages of this solicitation in their response. Vendor must also submit one (1) signed, executed electronic copy of its proposal on USB Flash Drive or read-only CD/DVD(s). The files should not be password-protected and should be capable of being copied to other media. Address envelope and insert RFP Number as shown below. Please note that the US Postal Service does not deliver any mail (US Postal Express, Certified, Priority, Overnight, etc.) on a set delivery schedule to the Authority. It is the responsibility of the Vendor to have the Proposal to the Authority by the specified proposal due date and time. HAND DELIVER TO:
MAIL TO:
RFP NUMBER: PCD2014-TP02
RFP NUMBER: PCD2014-TP02
Raleigh-Durham Airport Authority
Raleigh-Durham Airport Authority
Procurement Department
Procurement Department
Attn: Travis Pierce, Contracts Officer
Attn: Travis Pierce, Contract Officer
1000 Trade Drive
PO Box 80001 RDU Airport, NC 27623-0001
RDU Airport, NC 27623-0001
Sealed proposals, subject to the conditions made a part hereof, will be received no later than Tuesday, October 21, 2014 at 4:00pm EST for furnishing and delivering the products and/or services as described herein. Proposals for this RFP must be submitted in a sealed package with the Execution of Proposal signed and dated by an official authorized to bind the Vendor’s firm. Failure to return a signed execution of proposal shall result in disqualification. All proposals must comply with Section VII, Proposal Content and Organization. Proposals will not be accepted by electronic means. This RFP is available electronically at the Authority’s Website (RDU Website) https://www.ips.state.nc.us/ips/. All inquiries regarding the RFP requirements are to be addressed to the contact person listed on Page 1 above in writing via email. DIGITAL IMAGING: The Authority may digitize the Vendor’s response, and any awarded contract together with associated contract documents. This electronic copy shall be a preservation record, and serve as the official record of this solicitation with the same force and effect as the original written documents comprising such record. Any printout or other output readable by sight shown to reflect such record accurately is an "original." PRE-PROPOSAL CONFERENCE: A Pre-Proposal Conference will not be held for this RFP. QUESTIONS: Written questions concerning this RFP will be received until Friday, October 3, 2014 at 8:00am. Questions must be sent via email to
[email protected]. Please insert “Questions regarding RFP#: PCD2014-TP02” as the subject for the email. The Authority will prepare responses to all written questions submitted, and post an addendum to the RDU Website at http://www.rdu.com/business/busopp-list.html. Oral answers are not binding by the Authority. Vendor contact regarding this RFP with anyone other Travis Pierce, Contracts Officer may be grounds for rejection of said Vendor’s offer.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 2 of 42
ADDENDUM TO RFP: An addendum comprising questions submitted and responses to such questions, and/or any additional terms deemed necessary by the Authority will be posted to the RDU Website (http://www.rdu.com/business/busopp-list.html ) as an Addendum to this RFP. Vendors’ questions posed orally at the pre-proposal conference must be reduced to writing by the Vendor and provided to the Contracts Officer. Critical updated information may be included in these Addenda. It is important that all Vendors bidding on this proposal periodically check the websites for any and all Addenda that may be issued prior to the proposal submission date.
BASIS FOR REJECTION: The Authority reserves the right to reject any and all offers, in whole or in part; by deeming the offer unsatisfactory as to quality or quantity, delivery, price or service offered; non-compliance with the requirements or intent of this solicitation; lack of competitiveness; error(s) in specifications or indications that revision would be advantageous to the Authority; cancellation or other changes in the intended project, or other determination that the proposed requirement is no longer needed; limitation or lack of available funds; circumstances that prevent determination of the best offer; or any other determination that rejection would be in the best interest of the Authority. LATE PROPOSALS: Regardless of cause, late proposals will not be accepted and will automatically be disqualified from further consideration. It shall be the Vendor’s sole risk to ensure delivery at the designated office by the designated time. Late proposals will not be opened and may be returned to the Vendor at the expense of the Vendor or destroyed if requested. NOTICE TO VENDORS ABOUT TERMS AND CONDITIONS: The Authority will not be required to evaluate or consider any additional terms and conditions and/or contract language submitted with a Vendor’s response to this RFP. This applies to any language appearing in or attached to the document as part of the Vendor’s response to this RFP. By execution and delivery of this RFP and response(s), the Vendor agrees that any additional terms and conditions, whether submitted purposely or inadvertently, shall have no force or effect. VENDOR UTILIZATION OF WORKERS OUTSIDE U.S.: In accordance with NC General Statute 147-33.97, the Vendor must detail in the proposal response, the manner in which it intends to utilize resources or workers. The Authority will evaluate the additional risks, costs, and other factors associated with such utilization prior to making an award for any such Vendor’s proposal. The Vendor shall provide the following for any proposal or actual utilization or contract performance: a) The location of work performed under a state contract by the Vendor, any subcontractors, employees, or other persons performing the contract and whether any of this work will be performed outside the United States b) The corporate structure and location of corporate employees and activities of the Vendors, its affiliates or any other subcontractors c) Notice of the relocation of the Vendor, employees of the Vendor, subcontractors of the Vendor, or other persons performing services under a state contract outside of the United States d) Any Vendor or subcontractor providing call or contact center services to the Authority shall disclose to inbound callers the location from which the call or contact center services are being provided The vendor must notify the Authority if any jobs related to the services offered in the proposal are to be outsourced to others countries. Include this information in your bid response.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 3 of 42
Will any work under this contract be performed outside the United States? YES____________
NO____________
Where will services be performed: ______________________________________
[REMAINDER OF PAGE INTENTIONALLY LEFT BLANK]
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 4 of 42
TABLE OF CONTENTS Section I.
Introduction
Section II.
Bidding Information A.
Instructions to Vendors
B.
General Conditions of Proposal
C.
Evaluation Process
Section III.
Scope of Work and Specifications
Section IV.
Cost Proposal
Section V.
Minority and Women-Owned Small Business (MWSB) Program Requirements
Section VI.
Proposal Content, Organization and Requirements
Section VII. RDU Sample Basic Services Agreement
[REMAINDER OF PAGE INTENTIONALLY LEFT BLANK]
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 5 of 42
I. INTRODUCTION: The Authority requires a security information & event management / security analytics solution that promotes comprehensive visibility into the information security environment. The Authority wishes to enter into a partnership with a vendor meeting the Authority’s security information & event management / security analytics requirements, combined with competitive rates for the solution selected. Because our success and satisfaction after any agreement is signed are of paramount importance, prospective vendors will be evaluated according to these key criteria:
The proposed solution meets necessary functional requirements. The proposed solution is competitively priced. The proposed solution is easy to use. The proposed solution is easy to implement (provide timeline/costs). The bidder is financially stable. The proposed solution includes excellent customer support. The bidder can provide excellent and appropriate references for Work of a similar scope. The proposed solution has a demonstrated record of security and quality. The proposed solution enhances our preparedness, continuity, and general business communications, or any other applicable area of our business.
II. BIDDING INFORMATION: A. Instructions to Vendors 1. Proposals submitted electronically, or via facsimile (fax) machine will not be accepted. 2. Offer: Failure to sign under Offer section will render proposal invalid. 3. Time for Consideration: Unless otherwise indicated on the first page of this document, Vendors offer must be valid for 180 business days from the proposal due date. 4. Failure to Meet Proposal Requirements: While it is not anticipated that the awarded Vendor will fail to meet the proposal requirements, if such should occur, the right is reserved to further evaluate the responses to this RFP and then to recommend an award to the next Vendor response that represents the best interest of the Authority. 5. Prompt Payment Discounts: Vendors are urged to compute all discounts into the price offered. If a prompt payment discount is offered, it will not be considered in the award of the contract except as a factor to aid in resolving cases of identical prices. 6. Miscellaneous: Masculine pronouns shall be read to include feminine pronouns and the singular of any word or phrase shall be read to include the plural and vice versa. 7. Organization: Vendors are directed to carefully review all Sections herein and fully comply with the content and organizational requirements.
B. General Conditions of Proposal 1. Read and Review. It shall be the Vendor’s responsibility to read this entire document, review all enclosures and attachments, and comply with all requirements and the Authority’s intent as specified herein. If a Vendor discovers an inconsistency, error or omission in this solicitation, the Vendor should request a clarification from the Authority’s contact person listed on the front page of the solicitation. Questions and clarifications must be submitted in writing and may be submitted by personal delivery, letter, fax or e-mail within the time period identified hereinabove. 2.
Vendor Responsibility. The Vendor will be responsible for investigating and recommending the most effective and efficient technical configuration. Consideration shall be given to the
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 6 of 42
stability of the proposed configuration and the future direction of technology, confirming to the best of their ability that the recommended approach is not short lived. Several approaches may exist for hardware configurations, other products and any software. The Vendor(s) must provide a justification for their proposed hardware, product and software solution(s) along with costs thereof. Vendors are encouraged to present explanations of benefits and merits of their proposed solutions together with any accompanying services, maintenance, warranties, value added services or other criteria identified herein. 3. Oral Explanations. The Authority will not be bound by oral explanations or instructions given at any time during the bidding process or after award. Vendor contact regarding this RFP with anyone other than the Contract Officer named on Page 1 above may be grounds for rejection of said Vendor’s offer. 4. Insufficiency of References to Other Data. Only information that is received in response to this RFP will be evaluated. Reference to information previously submitted or Internet Website Addresses (URLs) will not suffice as a response to this solicitation. 5. Conflict of Interest. Applicable standards may include: N.C.G.S. §§ 147-33.100, 14-234, 13332. The Vendor shall not knowingly employ, during the period of this contract, nor in the preparation of any response to this solicitation, any personnel who are, or have been, employed by a Vendor also in the employ of the Authority and who are providing services involving, or similar to, the scope and nature of this solicitation or the resulting contract. 6. Contract Term. A contract awarded pursuant to this RFP shall have an effective date as provided in the Notice of Award. The term shall be three (3) years, and will expire upon the anniversary date of the effective date unless otherwise stated in the Notice of Award, or unless terminated earlier. The Authority shall retain the option to extend this contract for two (2) additional one (1) year periods at its sole discretion. “Automatic renewals” are not allowed. 7. Effective Date. This solicitation, including any Exhibits, or any resulting contract or amendment shall not become effective nor bind the Authority until the Board approves and the Authority’s President and Chief Executive Officer (CEO) has signed the document(s), contract or amendment. The effective award date will been completed on the document(s), by the Authority’s procurement department. The Authority shall not be responsible for reimbursing Vendor for goods provided nor services rendered prior to the appropriate signatures and the arrival of the effective date of the Contract. No contract shall be binding on the Authority until an encumbrance of funds has been made for payment of the sums due under the contract. 8. MWSB Requirements. Vendors must comply with Section V of this RFP. 9. Clarifications/Interpretations. Any and all amendments or revisions to this document shall be made by written addendum from the Contract Officer. If either a unit price or extended price is obviously in error and the other is obviously correct, the incorrect price will be disregarded. 10. Rights Reserved. While the Authority has every intention to award a contract as a result of this RFP, issuance of the RFP in no way constitutes a commitment by the Authority, to award a contract. Upon determining that any of the following would be in its best interests, the Authority may: a) waive any formality; b) amend the solicitation; c) cancel or terminate this RFP; d) reject any or all proposals received in response to this document; e) waive any undesirable, inconsequential, or inconsistent provisions of this document, which would not have significant impact on any proposal; f) if the response to this solicitation demonstrate a lack of competition, negotiate directly with one or more Vendors; g) not award, or if awarded, terminate any contract if the Authority determines adequate funds are not available; or h) if all responses are deficient, determine whether Wavier of Competition criteria may be satisfied, and if so, negotiate with one or more Vendors. SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 7 of 42
11. Submitting a Proposal. Each Vendor submitting a proposal warrants and represents that: a) The proposal is based upon an understanding of the specifications and requirements described in this RFP. b) Costs for developing and delivering responses to this RFP and any subsequent presentations of the proposal as requested by the Authority are entirely the responsibility of the Vendor. The Authority is not liable for any expense incurred by the Vendors in the preparation and presentation of their proposals. All materials submitted in response to this RFP become the property of the Authority and are to be appended to any formal documentation, which would further define or expand any contractual relationship between the Authority and Vendor resulting from this RFP process. A proposal may not be unilaterally modified by the Vendor following the delivery of the proposal, or of any best and final offer. Vendor bid responses to this RFP will be deemed non-responsive by the Authority and will be rejected without further consideration or evaluation if statements such as the following are included: “This bid does not constitute a binding offer”, “This bid will be valid only if this offer is selected as a finalist or in the competitive range”, “The vendor does not commit or bind itself to any terms and conditions by this submission”, “This document and all associated documents are non-binding and shall be used for discussion purposes only”, “This bid will not be binding on either party until incorporated in a definitive agreement signed by authorized representatives of both parties”, or A statement of similar intent.
C. Evaluation Process 1. "Best Value" procurement methods are authorized by N.C.G.S. §143-135.9. The award decision is made based on multiple factors, including: total cost of ownership, meaning the cost of acquiring, operating, maintaining, and supporting a product or service over its projected lifetime; the evaluated technical merit of the Vendor's proposal; the Vendor's past performance; and the evaluated probability of performing the requirements stated in the solicitation on time, with high quality, and in a manner that accomplishes the stated business objectives and maintains industry standards compliance. The intent of "Best Value" procurement is to enable Vendors to offer, and the Authority to select the most appropriate solution to meet the business objectives defined in the solicitation and to keep all parties focused on the desired outcome of the procurement. 2. Source selection. A trade-off/ranking method will be utilized in this procurement to allow the Authority to award the contract to the Vendor providing the Best Value, and recognizing that Best Value may result in award other than the lowest price or highest technically qualified offer. By using this method, the overall ranking may be adjusted up or down when considered with, or traded-off against other non-price factors. a. The Authority’s evaluation committee may request clarifications from Vendor proposals through the Contract Officer. An interview or presentation/demonstration from any or all Vendors may be requested by the Authority. However, the Authority may refuse to accept, in full or partially, the response to a clarification request given by any Vendor. Vendors are cautioned that the evaluators are not required to request clarifications; therefore, all offers should be complete and reflect the most favorable terms. Vendors
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 8 of 42
should be prepared to send qualified personnel to the Authority, to discuss technical and contractual aspects of the proposal. b. Evaluation Process Explanation. The Authority will review all proposals. All proposals will be initially classified as being responsive or non-responsive. If a proposal is found non-responsive, it will not be considered further. All responsive proposals will be evaluated based on stated evaluation criteria. Any references in an answer to another location in the RFP materials or Proposal shall have specific page numbers and sections stated in the reference. c.
To be eligible for consideration, a Vendor must meet the intent of all requirements. Compliance with the intent of all requirements will be determined by the Authority. Responses that do not meet the full intent of all requirements listed in this RFP may be deemed deficient. Further, a serious deficiency in the response to any one factor may be grounds for rejection regardless of overall score.
d. Vendors are advised that the Authority is not obligated to ask for, or accept after the closing date for receipt of proposal, data that is essential for a complete and thorough evaluation of the proposal. 3. Best and Final Offers (BAFO). If negotiations or subsequent offers are solicited, the Vendors shall provide BAFOs in response. Failure to deliver a BAFO when requested shall disqualify the non-responsive Vendor from further consideration. The Authority may establish a competitive range based upon evaluations of proposals, and request BAFOs from the Vendors within this range; e.g. “Finalist Vendors”. The Authority will evaluate BAFOs and add any additional weight to the Vendors’ respective proposal. Additional weight awarded from oral presentations and product demonstrations during negotiations, if any, will be added to the previously assigned weights to attain their final ranking. 4. Each of the criteria below shall be evaluated in accordance with the solicitation documents: a. Demonstration of compliance with the Proposal Specifications/Requirements and/or Scope of Work. b. Evaluation Criteria. Vendor qualifications substantially impact the evaluation process, and will be evaluated for the following in addition to the items listed in Section I of this document: i. Specifications and/or Scope of Work. ii. Demonstration of satisfaction Specifications/Scope of Work.
of
the
desired
Proposal
iii. Strength of references relevant or material to technology area(s) and/or Specifications. iv. Submission of all and compliance with the material specified in the RFP document. 5. Vendors may be disqualified from any evaluation or award if Vendor or any key personnel proposed, has previously failed to perform satisfactorily during the performance of any contract with the Authority, or violated rules or statutes applicable to public bidding in the Authority.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 9 of 42
6. The Authority will make every effort to adhere to the following schedule, however the schedule is subject to change: Action Advertisement of RFP Deadline To Receive Questions from Vendors
Responsibility Contracts Officer Contractor/Vendor
Submission of Proposal (Proposal Due Date & Time)
Contractor/Vendor
Proposal Evaluation & Selection of Finalist(s)
Evaluation Committee Vendors
Oral Presentation and/or Product Demonstrations by Selected Finalists (optional / if needed) Selection of a successful Vendor Contract Development with successful Vendor Contract Award/Approval with successful Vendor Contract Execution
Evaluation Committee Contracts Officer Board CEO
Date 9/22/2014 10/3/2014 by 8am EST 10/21/2014 by 4pm EST 10/22/2014 through10/31/2014 11/3/2014 through 11/7/2014 To Be Determined To Be Determined To Be Determined To Be Determined
7. Award Of Contract. Qualified proposals will be evaluated and acceptance may be made in accordance with Best Value procurement practices as defined by GS §143-135.9 and applicable administrative rules. The responsible Vendor whose proposal is most advantageous to the Authority, taking into consideration the evaluation factors herein, will be recommended for contract award. Unless otherwise specified by the Authority or the Vendor, the Authority reserves the right to accept any item or group of items on a multi-item proposal. 8. The Authority has implemented links to the RDU Website that allows the public to retrieve proposal information electronically from our Internet web site: http://www.rdu.com/business/busopp-list.html . This information may not be available for several weeks dependent upon the complexity of the acquisition and the length of time to complete the evaluation process.
[REMAINDER OF PAGE INTENTIONALLY LEFT BLANK]
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 10 of 42
Section III. Scope of Work & Specifications SOLUTION PROPOSAL Instructions to Bidder: Complete all questions below. Only add comments if they usefully clarify your response. Answer every question where it is presented, even if you have previously offered an identical answer. For any question answered by an Attachment, clearly refer the reader to the specific Attachment answering the question.
REQ. # 1.1
1.2
1.3
1.4
1.5
1.6
1.7
REQUIREMENT DESCRIPTION
Y/N
EXPLANATION
SECTION 1: APPLIANCE ADMINISTRATION & CONFIGURATION The Security Intelligence solution must provide central management of all components and administrative functions from a single web based user interface. Please describe how your solution meets this requirement. The administrator must be able to define role base access to the system by device, device group or network range. This includes being able restrict a user’s access to information to only those systems from a specific group of devices or network range. Please describe how your solution meets this requirement. The administrator must be able to define role based access to various functional areas of the solution. This includes being able to restrict a user’s access to specific functions of the solution that is not within the scope of a user’s role including, but not limited to, administration, reporting, event filtering, correlation, and/or dashboard viewing. Please describe how your solution meets this requirement. The solution must support auto discovery of assets that are being protected or monitored. Please describe how your solution meets this requirement. The solution must support automated classification of assets that are being protected Please describe how your solution meets this requirement. The solution must support the detachment of selected dashboards from the UI for use in SOC or NOC deployments. Please describe how your solution meets this requirement. The vendor of the solution must provide SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 11 of 42
1.8
1.9
1.10
1.11
2.1
2.2
2.3
2.4
2.5
and foster community oriented information and experience sharing among users of the security intelligence solution. Describe your companies approach to this requirement. The solution must support the ability to modify communications ports between components. Please describe how your solution meets this requirement. The solution must provide an open API for access to data stored within the information database(s). Please describe how your solution meets this requirement. The solution must provide the ability to encrypt communications between components. Please describe how your solution meets this requirement. The solution must integrate with 3rd party directory systems as an authentication method. How does your solution integrate with a LDAP or AD solution for access provisioning to the SIEM system? SECTION 2: APPLIANCE OPERATIONAL REQUIREMENTS The solution must enable a phased role out of log management and security intelligence functions. Introduction of more analysis capabilities should minimize the need for additional system components and be enabled through license key upgrades to meet demands. Please describe how your solution meets this requirement. The solution must provide a framework for future expansion and integration with other 3rd party solutions. Please describe how your solution meets this requirement. The solution must demonstrate ‘ease of use’. Ease of use is critical to the successful deployment and on-going use of the solution. Describe the ease of use considerations and implementations within the solution. The solution must support the automatic update of configuration information with minimal user intervention. For example, security taxonomy updates, vendor rule updates, device support, etc. Describe how the solution provides this functionality and detail the features that are updated. The solution must support a web-based SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 12 of 42
2.6
2.7
2.8
2.9
2.10
2.11
2.12
2.13
GUI for management, analysis and reporting. Please describe how your solution meets this requirement. The solution must support high availability requirements in an embedded fashion and without the need for additional 3rd party software. Please explain meets this requirement to provide 24x7 availability and fault tolerance. The solution must ensure all distributed system components continue to operate when any other part of the system fails or loses connectivity. (i.e., management console goes off-line all separate collectors still continue to capture logs). Please describe how your solution meets this requirement. The solution must have an automated backup/recovery process. Please describe how your solution meets this requirement. The solution must automate internal health checks and notify the user when problems arise. Please describe how your solution meets this requirement. The solution must provide the ability to deliver multiple dashboards that can be customized to meet the specific requirements of different users of the system. Please describe how your solution meets this requirement. The solution must deliver sample dashboard templates out of the box (i.e. for threat management, compliance management, etc.). Please describe how your solution meets this requirement. The solution must deliver customizable dashboard widgets that can present relevant security information to the users of the system (i.e. event views, network activity views, incident views, etc.). Please describe how your solution meets this requirement. The solution must maintain a database of all assets discovered on the network. This asset data must include important information about the asset as learned by the information collected (i.e. system attributes, network attributes, vulnerability state, etc.). The database must provide the ability to edit attributes when they cannot be learned (i.e. department, location, etc.). The user SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 13 of 42
3.1
3.2
3.3
3.4
3.5
3.6
3.7
3.8
3.9
must be able to search this database. Please describe how your solution meets this requirement. SECTION 3: APPLIANCE ARCHITECTURE REQUIREMENTS The solution must enable deployments as software and/or appliance. Please describe how your solution meets this requirement. The solution must integrate with other security and network intelligence solutions. Describe the level of integration and solutions supported. The solution must allow for customization to meet our unique requirements. Please describe how your solution meets this requirement. The solution must easily expand to support additional demand. How does your solution scale to increase demand placed on the solution as the organization adds more devices, locations, applications, etc? Please describe the impact to each of the proposed components of your solution (i.e. appliances, storage, management consoles, etc.) The solution must support a distributed database for event and network activity collection such that all information can be accessd from a single UI. Please describe how your solution meets this requirement. The solution must ensure the integrity of the information collected. What mechanisms does the solution provide to meet this requirement? The solution must provide intuitive mechanisms for troubleshooting such as proactive notifications, command line utilities etc. The solution must support a distributed model for correlation such that counters, sequences, identity lookups, etc… are shared across all collectors. (i.e., look for 25 login failures from the same user name followed by a single successful login for that same user name, where events seen by a single collector do not exceed the threshold of 25, but across multiple collectors would exceed the threshold). Please describe how your solution meets this requirement. The solution must support user SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 14 of 42
3.10
3.11
4.1
4.2
4.3
4.4
4.5
4.6
4.7
extended taxonomy of events and fields. The user must be able to add their own unique event names (i.e., the ability to add in new fields that are not part of the vendors out of the box schema such as a failed called “Special ID from my Custom Application”). Please describe how your solution meets this requirement. The solution must allow for custom defined tagging of events. Please describe how your solution meets this requirement. The solution must provide transparent retrieval, aggregation, sorting, filtering and analysis of data across all distributed components. Please describe how your solution meets this requirement. SECTION 4: APPLIANCE LOG MANAGEMENT REQUIREMENTS The solution must have a log collection and archive architecture that supports both short-term (online) and long-term (offline) event storage. How does your solution manage, store, and archive the log data? The solution must support log archives on 3rd party storage. Please describe how your solution meets this requirement. The solution must provide capabilities for efficient storage and compression of collected data. Please describe how your solution meets this requirement. The solution must support industry log collection methods (syslog, WMI, JDBC, SNMP, Checkpoint LEA, etc.). Please describe what collection methods are available in your solution. The solution must provide agent-less collection of event logs whenever possible. Does your solution rely on agent technology? If so, please describe how this is used to collect and aggregate event data? The solution must provide the ability to distribute both event storage and processing across the entire Log Management/SIEM deployment. Explain how your architecture will support this requirement. The solution must normalize common event fields (i.e. usernames, IP addresses, hostnames, and log source SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 15 of 42
4.8
4.9
4.10
4.11
5.1
5.2
5.3
5.4
5.5
5.6
5.7
device, etc.) from disparate devices types across a multi-vendor network. Please describe how normalization is performed and the standard event fields that are normalized out-of-the-box. The solution must provide a common taxonomy of events. Please describe how this is provided by the solution the standard event categories that are provided out-of-the-box. The solution must provide the ability to store/retain both normalized and the original raw format of the event log for forensic purposes. Please describe how this requirement is met by the solution. The solution must provide the ability to normalize and aggregate event fields that are not represented by the out-ofthe-box normalized fields. Please describe how this requirement is met by the solution. The solution must support/normalize event time stamps across multiple time zones. Describe you this requirement is met by the solution. SECTION 5: APPLIANCE EVENT FILTERS, ANALYSIS AND REPORTING The solution must provide near-real-time analysis of events. Please describe how this requirement is met by the solution. The solution must provide long term trend analysis of events. Please describe how this requirement is met by the solution. The solution must provide the ability to aggregate an analyze events based on a user specified filter. Please describe how this requirement is met by the solution. The solution must provide more advanced event drill down when required. Please describe how this requirement is met by the solution. The solution must provide a real-time streaming view that supports full filtering capabilities. Please describe how this requirement is met by the solution. The solution must provide alerting based on observed anomalies and behavioral changes in network and security events. Please describe how this requirement is met by the solution. The solution must provide reporting on all items available for management via
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 16 of 42
5.8
5.9
5.10
5.11
5.12
5.13
5.14
5.15
6.1
6.2
6.3
the GUI. Describe how the solution provides the ability to configure reports. The solution must provide configurable reporting engine for customized report creation. Please describe how your solution meets this requirement. The solution must support the ability to schedule reports. Describe the mechanisms and frequency at which reports can be scheduled. The solution must provide templates for the easy creation and delivery of reports at multiple levels ranging from operations to business issues. Please describe the process for creating reports and the number of available reports. The solution must provide ‘canned’, outof-the-box reports for typical business and operational issues. Describe the reports and report types available. The solution must provide ‘canned’, outof-the-box reports for specific compliance regulations (PCI, SOX, FISMA) and control frameworks including (NIST, CoBIT, ISO). Please describe how your solution meets this requirement. The solution must provide a ‘Dashboard’ for quick visualization of security and network information. Please describe the components available in the dashboard and the frequency at which this information refreshes. The solution must support the automated distribution of reports. Describe the mechanisms used to distribute reports. The solution must support the capability to provide historical trend reports. Please describe how your solution meets this requirement. SECTION6: APPLIANCE SECURITY EVENT CORRELATION & ALERTING The solution must provide alerting based on observed security threats from monitored devices. Please describe how your solution meets this requirement. The solution must provide the ability to correlate information across potentially disparate devices. Please describe how your solution meets this requirement. The solution must provide alerting based on observed anomalies and behavioral changes in network activity
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 17 of 42
6.4
6.5
6.6
6.7
6.8
6.9
6.10
6.11
7.1
(flow) data. Describe any pre-packaged alerts and method for adding userdefined anomaly and behavior alerts. The solution must provide alerting based upon established policy. (e.g., IM traffic is not allowed.) Describe the solutions ability to alert on policy violations. The solution must support weighted alerts to allow for prioritization. Weights must be assignable based on multiple characteristics such as asset type, protocol, application, etc. Describe how the solution supports weighted alerts and the structure of assigning weights. The solution must provide the ability to transmit alerts using multiple protocols and mechanisms to other management solutions The solution must provide UI based wizard and capabilities to minimize false positives and deliver accurate results. Please describe how your solution meets this requirement. The solution must limit the presentation of multiple similar alerts. Describe the solutions ability to minimize duplicate alarms. The solution must support the ability to take action upon receiving an alert. For example, the solution should support the ability to initiate a script or send an email message. Please describe how your solution meets this requirement. The solution must support the ability to correlate against 3rd party security data feeds (i.e. geographic mapping, known botnet channels, known hostile networks, etc.). These 3rd party data feeds should be updated automatically by the solution. Please describe how your solution meets this requirement. The solution must support the ability to correlate against 3rd party vulnerability scan results. Please describe how your solution meets this requirement. SECTION 7: APPLIANCE SUPPORTED ACTIVITY/EVENT MONITORING The solution must display visual traffic profiles in terms of bytes, packet rates and number of hosts communicating. These displays must be available for applications, ports, protocols, threats and each monitoring point in the network. All of these views must support SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 18 of 42
7.2
7.3
7.4
7.5
7.6
7.7
7.8
7.9
7.10
network location specific view such that they can present information from a single location, the entire network or any other defined grouping of hosts. Please describe how your solution meets this requirement. The solution must support application definition beyond protocol and port. The system must support the identification of applications using ports other than the well-known, and applications tunneling themselves on other ports (e.g., HTTP as transport for MS-Instant Messenger should be detected as Instant messenger - not HTTP). Please describe how your solution meets this requirement. The solution must detect “zero-day” events. Describe how the solution detects and displays this information. The solution must dynamically learn behavioral norms and expose changes as they occur. Detail the methods used by the solution and the method by which anomalies are displayed. The solution must detect denial-ofservice (DoS) and distributed denial-ofservice (DDoS) attacks. Describe how the solution detects and displays this information. The solution must detect and present views of traffic pertaining to observed threats in the network. Describe the types of threats and visualizations for this information in the Security Intelligence system. The solution must profile traffic by TCP and UDP port. Please describe how your solution meets this requirement. The solution must support traffic profiling associated with logical network design (e.g., Subnet/CIDR). Please describe how your solution meets this requirement. The solution must identify network traffic from potentially risky applications (e.g. file sharing, peer-to-peer, etc.). Please describe how your solution meets this requirement. The solution must display traffic profiles in terms of packet rate. This capability must be available for simple TCP analysis (TCP Flags, etc) but rate-based information may be presented for other SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 19 of 42
7.11
7.12
7.13
7.14
7.15
7.16
7.17
7.18
7.19
7.20
profiles (e.g., applications). Please describe how your solution meets this requirement. The solution must profile and present information in multiple user defined timeframes. Profiles must be available for week, day and hour. Describe the maximum and minimum timeframes available for profiling and analysis. The solution must be able to profile communication originating from or destined to the internet by Geographic regions in real-time. Describe how this is accomplished. The solution must create clearly independent and differentiated profiles from local traffic vs traffic originating or destined for the internet. Please describe how your solution meets this requirement. The solution must allow the user to create custom profiles and views using any property of a flow, log, data source or already profiled traffic. Describe how the solution supports this level of customization. The solution must support traffic profiling based on IP addresses, groups of IP addresses, source/destination IP pairs etc. Please describe how your solution meets this requirement. The solution must support the collection and analysis of packet capture data. Please describe how your solution meets this requirement. The solution must provide the ability to extract specific, user defined, fields from packet capture data and use the fields in correlation rules. Please describe how your solution meets this requirement. The solution must be able to collect and normalize configuration from switches, routers, firewalls, and IPS. Please describe how your solution meets this requirement. The solution must have the ability to compare the configuration on a device when configuration changes occur. Please describe how your solution meets this requirement. The solution must be able to detect and notify configuration change that is outside some pre-defined policy baseline. Please describe how your SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 20 of 42
7.21
7.22
7.23 7.24
7.25
7.26
7.27
7.28
solution meets this requirement. The solution must be able to provide a Layer 2/Layer 3 topology of how the network is configured. This user must be able to filter this topology by network, port, and protocol. Please describe how your solution meets this requirement. The solution must be able to prioritize vulnerabilities based on whether the network is configured in such a way to allow the vulnerability to be compromised. Please describe how your solution meets this requirement. The solution must support the following products. Microsoft o Active Directory o WSUS o SQL Cisco o ASA o UCS o Call Manager o IOS Palo Alto Oracle VMWare IronPort o WSA o ESA Symantec Trend Micro o OfficeScan o Deep Security The solution must support information collected from Microsoft based servers and end-user systems. Please describe your level of support for this type of product. The solution must support information collected from Linux/Unix based servers and end-user systems. Please describe your level of support for this type of product. The solution must support information collected from mainframe servers. Please describe your level of support for this type of product. The solution must support information collected from enterprise class database solutions. Please describe your level of support for this type of product. SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 21 of 42
7.29
7.30
7.31
7.32
7.33
7.34
7.35
7.36
7.37
7.38
7.39
The solution must support information collected from commercial applications (i.e. SAP, Web, etc.). Please describe your level of support for this type of product. The solution must support information collected from Data Loss Protection (DLP) Security software and tools. Please describe your level of support for this type of product. The solution must support information collected from proprietary applications. Please describe your level of support for this type of product. The solution must support information collected for Database Activity Monitoring (DAM) Security software and tools. Please describe your level of support for this type of product. The solution must support information collected from File Integrity/Activity Monitoring (FIM/FAM) Security software and tools. Please describe your level of support for this type of product. The solution must support information collected from Identity and Access Management Security software and tools (IAM). Please describe your level of support for this type of product. The solution must support information collected from Directories (i.e. AD, LDAP) products. Please describe your level of support for this type of product. The solution must support information collected from Network flows (i.e. Netflow, J-Flow, S-Flow etc.) products. Please describe your level of support for this type of product. The solution must support information collected from network management systems (i.e. McAfee ePolicy Orchestrator, Microsoft MOM, etc.). Please describe your level of support for this type of product. The solution must support information collected from Network infrastructure (i.e. switches, routers, etc.). Please describe your level of support for this type of product. The solution must support information industry leading vulnerability scanners or include vulnerability scanning with automatic updates. Please describe your level of support for this type of SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 22 of 42
product. 8.1
8.2
8.3
8.4
8.5
8.6
8.7
9.1
9.2
SECTION 8: APPLIANCE ADVANCED CORRELATION The solution must provide the ability to contextually link application activity on the network with security events from monitored devices. Explain how the solution uses network knowledge to validate security events. The solution must provide the ability to contextually link reported security events with real-time knowledge of the assets that are being targeted. Explain how the solution uses knowledge of assets within the network to validate security The solution must provide the ability to automatically weight the priority of reported security events according to the relative importance of the targeted asset. Please explain how this is accomplished The solution must provide the ability to automatically weight the severity of reported security events according to the vulnerability of the targeted assets. Please explain how asset profiles are used to prioritize events The solution must provide the ability to assign credibility ratings to monitored security devices. Please describe how your solution meets this requirement. The solution must provide a real-time event view of monitored information in raw/original as well as processed/parsed format. Please describe how your solution meets this requirement. The solution must be able to automatically change the credibility weightings of security devices in response to network-wide attacks. Please describe how your solution meets this requirement. SECTION 9: APPLIANCE SUPPORT & PROFESSIONAL SERVICES The vendor must have a proven implementation methodology that has been completed within the last 3years The vendor must provide a comprehensive support offering, including; 1. Phone support 2. Email support 3. Online community portal to access patches, upgrades new devices support and via online download
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 23 of 42
9.3
The vendors must provide response and work around times for critical and urgent issues The vendor must provide comprehensive product training
Section IV. Cost Proposal Vendor must provide price break down of all cost associated with Section III. Vendor must clearly indicate an all-inclusive, not-to-exceed Grand Total for each year. (Reference Contract Term in Section II, Letter B, Number 6).
[REMAINDER OF PAGE INTENTIONALLY LEFT BLANK]
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 24 of 42
Section V. Minority and Women-Owned Small Business Program Requirements It is the policy of the Authority that neither the Authority, its contractors, service providers, subcontractors nor vendors, shall discriminate on the basis of race, color, religion, national origin, or gender in the award and performance of contracts, subcontracts and purchases. The Authority has established a Minority and Women-Owned Small Business Program (MWSB Program) to encourage equal opportunity for MWSBs to compete for employment as contractors, subcontractors, suppliers and service providers. It is also the Authority’s policy to remove barriers which may exist for MWSBs to compete for contracts, subcontracts and procurement awarded by the Authority. Additional information concerning the Authority’s MWSB Program may be found on the internet at http://www.rdu.com/business/smallbusiness.html. The Authority awards contracts without regard to race, religion, color, creed, national origin, gender, age or handicapping condition. The Authority’s contracts are subject to the requirements of North Carolina law, and this contract will be awarded in accord therewith. The MWSB Goals for MWSB participation on this contract represent the total dollars that will be spent with MWSBs as a percentage of the total contract amount, including any change orders and contingency. In accordance with the MWSB Program, the Authority will require that the selected firm must either meet the MWSB goals or demonstrate that the proposer has made sufficient good faith efforts to meet the MWSB goals 1. Minority and Women-Owned Small Business (MWSB) A Minority or Women-Owned Small Business (MWSB) is a firm which has been certified by an approved agency to meet the following criteria: A small business, as defined by the Small Business Administration size standards, that is at least fifty-one percent (51%) owned, and controlled by one or more socially and economically disadvantaged individuals. The following individuals are presumed to be socially and economically disadvantaged: Black Americans; Hispanic Americans; Asian Americans; Native Americans; and Women. Firms which are not owned by members of these groups may not be utilized to achieve MWSB Goals in Authority contracts. 2. MWSB Goals The MWSB Goals for MWSB participation on this contract represent the total dollars that will be spent with MWSBs as a percentage of the total contract amount, including any change orders and contingency. The MWSB Goals are as follows: MBE Goal: WBE Goal:
The goal for minority-owned business participation is: Five percent (5%). The goal for woman-owned business participation is: Five percent (5%).
In order to comply with the MWSB Program requirements, a proposer must either meet the MWSB Goals or demonstrate that the proposer has made sufficient good faith efforts to meet the MWSB Goals. If the proposer does not meet the MWSB Goals, it shall nevertheless be eligible for award of the contract if it can demonstrate to the Authority that it has made good faith efforts to meet the MWSB Goals. 3. MWSB Program Provisions All proposers shall agree by the submission of a proposal for this project that MWSBs have the maximum opportunity to participate in the performance of contracts and subcontracts. All proposers are hereby notified that failure to carry out the obligations of the MWSB Program will constitute a breach of good faith in dealing with the Authority, and the Authority will take any and all actions 1 permitted by law to ensure compliance by all Contractors engaged by it. Failure to meet or exceed 1
Contractor - A firm that enters into a Contract with the Authority. The term “Contractor” includes consultants, architects, engineers, suppliers and providers of tangible goods and services. SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 25 of 42
the MWSB Goals or to make a good faith effort to meet the MWSB Goals and to adequately document such efforts to the Authority will be grounds for disqualifying a proposal as non-responsive. Proposers specifically agree to comply with all applicable provisions of the MWSB Program and any amendments thereto. Proposers are encouraged to refer to the MWSB Program which is posted on the Authority’s website: http://www.rdu.com/business/smallbusiness.html. 4. MWSB Program – Accepted Certifications Currently, the following certifications may be utilized towards achieving MWSB Goals: 1. DBE – N.C. Department of Transportation: Disadvantaged Business Enterprise; 2. SBA 8(a) – Small Business Administration: SBA 8(a) Business Development; 3. SWBE –Women’s Business Enterprise National Council: Small Women Business Enterprise. Furthermore, the Authority will accept the following certifications with appropriate supplemental documentation: 1. HUB – N.C. Department of Administration Office for Historically Underutilized Businesses; 2. CMSDC/ NMSDC – Carolinas/National Minority Supplier Development Council, or any affiliate council; 3. NAWBO – National Association of Women Business Owners. Firms with these certifications must submit the Small Business Verification form and supplemental documentation to the Small Business Program Office, prior to submitting the proposal for the purpose of evaluating achievement of MWSB Goals or good faith efforts. In order for firms to meet the “WB” portion of the MWSB goal, the firm must be certified by one of the agencies described above as a “women-owned business”. In order for firms to meet the “MB” portion of the MWSB goal, the firm must be certified by one of the agencies described above in one of the other minority categories: Black American; Hispanic American; Asian American or Native American. Firms certified as both MB and WB may only satisfy the MB goal. Please note: A proposer may utilize any firm desired. However, for participation purposes, all MWSB firms who wish to do business must be certified by an accepted agency. Links to the NCDOT and HUB directories are available on the Authority’s Small Business Program website (http://www.rdu.com/business/smallbusiness.html). Prospective proposers are encouraged to inspect these databases to assist in locating firms for MWSB participation. MWSBs must be certified at the time responses are received and proof of certification must be included in the response when submitted to the Authority. 5. Required Documentation – Proposal Submission The Proposer shall complete and submit the “Statement of MWSB Participation” form which demonstrates the Proposer understands the MWSB Program requirements. **SEE ATTACHED MWSB FORM ABOVE**
Links to the NCDOT and HUB directories are available on the Authority’s Small Business Program website (http://www.rdu.com/business/smallbusiness.html). Prospective proposers are encouraged to inspect these databases to assist in locating firms for MWSB participation. Proof of certification must be included in the response when submitted to the Authority. Questions concerning the MWSB Program can be addressed to the Authority’s Small Business Program Officer, Ms. Thiané Carter Edwards via e-mail at
[email protected] or via telephone at (919) 8407712. [REMAINDER OF PAGE INTENTIONALLY LEFT BLANK]
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 26 of 42
Section VI. Proposal Content, Organization and Requirements 1) Vendor’s proposal should contain all relevant and material information relating to the Vendor’s organization, personnel, and experience that would substantiate its qualifications and capabilities to perform the services and/or provide the goods described in this RFP. If any relevant and material information is not provided, the offer may be rejected from consideration and evaluation. Proposals will be considered and evaluated based upon the Vendor’s full completion and response to the following, and any additional requirements herein, or stated in a separate Exhibit. 2) Information and Descriptive Literature. Vendor must furnish all information requested; and if response spaces are provided in this document, the Vendor shall furnish said information in the spaces provided. Further, if required elsewhere in this proposal, each Vendor must submit with their proposal sketches, descriptive literature and/or complete specifications covering the products offered. References to literature submitted with a previous proposal will not satisfy this provision. Proposals that do not comply with these requirements may be rejected. 3) Proposal Content. Demonstrate compliance with all mandatory conditions, requirements and terms of performance. a) Clearly state your understanding of the problem(s) presented by this RFP. i) ii)
Response to mandatory and desired technical specifications (Section III) Cost proposal (Section IV)
b) Detailed description of Vendor’s firm should include all of the following: i) ii) iii) iv) v) vi)
Full name, address, email address, telephone number, and website of the organization; Date established; Background of firm; Ownership (public company, partnership, subsidiary, etc.); If incorporated, state of incorporation must be included. Number of full-time employees on January 1st for the last three years or for the duration that the Vendor’s firm has been in business, whichever is less.
4) Any errata or exceptions must be stated on a separate page, labeled “Errata and/or Exceptions” with references to the corresponding terms or provisions (sample contract) of the Solicitation (See Section VII). 5) Proposal Format. The proposals should be organized in the order in which the requirements and/or desirable performance criteria are presented in the RFP. Each page should be numbered. The proposal should contain a table of contents, which cross-references the RFP requirement and the specific page of the response in the Vendor's proposal. All proposals should be typewritten on standard 8 ½ x 11 paper (larger paper is permissible for charts, spreadsheets, etc.) and placed within a binder with tabs delineating each section. 6) Vendors are strongly encouraged to adhere to the following general instructions in order to bring clarity and order to the proposal and subsequent evaluation process: a) Elaborate proposals in the form of brochures or other presentations beyond that necessary to present a complete and effective proposal are not desired. b) The response should be complete and comprehensive with a corresponding emphasis on being concise and clear.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 27 of 42
7) Proposal Organization: The proposal should be organized and indexed in the following format and should contain, at a minimum, all listed items in the sequence indicated. a) Letter of Transmittal - Each proposal must be accompanied by a letter of transmittal that provides the following information: i) Identify the submitting organization; ii) Identify the name, title, telephone and fax number, along with an e-mail address of the person authorized by the organization to contractually obligate the organization; iii) Identify the name, title, telephone and fax number, along with an e-mail address of the person authorized to negotiate the contract on behalf of the organization; iv) Identify the names, titles, telephone and fax number, along with an e-mail address of the person to be contacted for clarification; v) Acknowledge receipt of any and all amendments to this RFP. b) Table of Contents c) Proposal Summary. A proposal summary may be included by Vendors to provide the Evaluation Committee with an overview of the technical and business features of the proposal; however, this material will not be used in the evaluation process unless specifically referenced from other portions of the Vendor’s proposal. d) Response to Scope of Work and Specifications e) Completed Cost Breakdown (may include quotes/estimate forms) f)
Conflict of Interest: i)
Provide a statement that no assistance in preparing the response was received from any current or former employee of the Authority whose duties relate(d) to this RFP, unless such assistance was provided by the state employee in his or her official public capacity and that neither such employee nor any member of his or her immediate family has any financial interest in the outcome of this RFP;
ii)
State if the Vendor or any employee of the Vendor is related by blood or marriage to an Agency employee or resides with an Agency employee. If there are such relationships, list the names and relationships of said parties. Include the position and responsibilities within the Vendor's organization of such Vendor employees; and
iii)
State the employing State Agency, individual’s title at that State Agency, and termination date.
g) Exceptions, if any h) Copy of Vendor's License and Maintenance Agreements i)
Other Supporting Material Including Technical System Documentation
j)
Training and Other Materials, Samples or Examples
8) Any proposal that does not adhere to these requirements may be deemed non-responsive and rejected on that basis. 9) Vendors may attach other materials that they feel may improve the quality of their responses. However, these materials should be included as items in a separate appendix.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 28 of 42
Section VII. RDU Basic Services Agreement (Sample Contract) (See following pages) *REFERENCE THE INSURANCE REQUIREMENTS IN THE SAMPLE CONTRACT*
SERVICE AGREEMENT BETWEEN THE RALEIGH-DURHAM AIRPORT AUTHORITY AND ___________________________________
THIS AGREEMENT, made and entered into this _____ day of ______________, 20___ by and between the RALEIGH-DURHAM AIRPORT AUTHORITY, a public body chartered by the General Assembly of North Carolina under Chapter 168 of the 1939 Session Laws, as amended, whose address is 1000 Trade Drive, Post Office Box 80001, RDU Airport, North Carolina, 27623, hereinafter referred to as the "Authority," and ___________________________ whose address is _______________________, ______________, _______________, hereinafter referred to as the "Contractor."
W I T N E S S E T H: THAT WHEREAS, the Authority desires to obtain the services of the Contractor to provide ____________________________________ services as further described herein;
WHEREAS, the Contractor has represented to the Authority that it is fully qualified to provide and capable of providing such services in a competent manner; and
WHEREAS, the Authority desires to engage the Contractor to provide such services.
NOW, THEREFORE, the Authority and the Contractor, for and in consideration of the mutual covenants and agreements hereinafter set forth, do hereby agree as follows:
I.
SCOPE OF SERVICES AND TERM
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 29 of 42
Subject to the provisions for early termination as set forth herein, the Contractor agrees that it will perform the services enumerated in the scope of services attached hereto as Exhibit A and incorporated herein by reference (the “Scope of Services”) for a term of three (3) years beginning _________________, 20____ through _________________, 20_____ (the “Term”). The maximum payment for the Term is set forth in Section II(a). All work shall be diligently performed by the Contractor in an economical, expeditious and professional manner.
II. PAYMENTS (a)
The Authority will pay the Contractor for services rendered by its personnel associated with the
performance
of
the
Scope
of
Services
in
the
maximum
not
to
exceed
amount
of
___________________________________ Dollars ($____________________). (b)
All invoices shall be submitted by the Contractor to the Authority at monthly intervals on or within
ten (10) days following the first day of each calendar month.
Each invoice shall detail each fee, subject
to the limitations described herein. Each invoice shall be accompanied by such documentation as may be requested by the Authority to fully support the claims for payment made. Each invoice shall include a record of payments to Minority and Women-Owned Small Businesses (“MWSB”), as applicable. Credit for previous payments on account by the Authority shall be recognized on the invoice. Any items that are disputed by the Authority will be so identified by the Authority. The Authority shall pay the undisputed amount certified by the Contractor on or before the last business day of the month, but an invoice shall not be deemed past due until not paid within fifteen (15) days thereafter. (c)
In the event that the Authority disputes the Contractor’s invoice(s) and documentation, or any
portion thereof: (1) the Authority will identify the disputed items and pay any undisputed items pursuant to Section II(b);
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 30 of 42
(2) the Contractor shall continue to perform the Scope of Services and to meet the requirements of this Agreement, even in the absence of an agreement regarding the disputed items; (3) the parties may reserve all rights related to the disputed items; (4) the parties shall negotiate the disputed items in good faith; (5) at any time during said negotiations, either of the parties may refer the matter to a North Carolina certified mediator agreed upon by the parties; and (6) any disputed item that is not resolved during negotiations and/or mediation may be referred to the Wake County Superior Court for resolution, which shall have exclusive jurisdiction. (d)
The Contractor’s final invoice shall be so-identified, shall state the total amount which the
Contractor claims to be due, and shall reflect that the Contractor will have received full compensation for all services pursuant to this Agreement upon payment of such invoice by the Authority. Said final invoice shall be submitted by the Contractor to the Authority within thirty (30) days after the date of the final services provided by Contractor to the Authority. The Contractor’s acceptance of payment pursuant to such final invoice shall constitute a full release of the Authority for any and all claims and payments due or claimed to be due by the Contractor under this Agreement. The maximum payment and/or the maximum fees detailed in Section II(a) are subject to adjustment under Section IV for any expansions or reductions in the scope of work authorized by the Authority pursuant to Section III.
Under no
circumstances will the Authority provide any payments to the Contractor in excess of the maximum payment as detailed herein except as provided in Section III. III. EXPANSION/REDUCTION OF SCOPE OF SERVICES (a)
The Authority may, at any time, change the Scope of Services to meet its needs. In the event
that such a change would reduce or increase the payment(s) due the Contractor as detailed in Section II, the Authority shall notify the Contractor in writing not later than thirty (30) days before it is to be made, SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 31 of 42
clearly describing the same therein, and request that the Contractor submit to the Authority within ten (10) business days of receipt of said notice a written statement setting forth the amount of the reduction or increase in cost the Contractor believes is associated with such change, supported by such documentation related thereto as may be requested by the Authority. The Authority shall review the Contractor’s statement of cost and documentation, and shall notify the Contractor in writing of its approval or rejection of such statement, or any part thereof, within ten (10) business days following receipt of said statement. In the event that the Authority rejects the Contractor’s statement of cost, or any portion thereof: (1) the Authority may proceed to change the Scope of Services, or any portion thereof, even in the absence of an agreement regarding the resulting reduction or increase in the payment(s) due to the Contractor; (2) the parties may reserve all rights related to the change in the Scope of Services and the resulting reduction or increase in the payment(s) due to the Contractor; (3) the parties shall negotiate the resulting reduction or increase in the payment(s) due to the Contractor in good faith; (4) at any time during said negotiations, either of the parties may refer the matter to a North Carolina certified mediator agreed upon by the parties; and (5) any dispute related to the change in the Scope of Services and the resulting reduction or increase in the payment(s) due to the Contractor that is not resolved during negotiations and/or mediation may be referred to the Wake County Superior Court for resolution, which shall have exclusive jurisdiction. (b)
The Contractor shall not be entitled to payment on account of any services except those set forth
in Exhibit A unless prior to commencement of any additional services it shall have (1) submitted to the Authority a written statement of cost with respect to the proposed additional services in the form required by the Authority and (2) received written approval and instructions from the Authority to undertake such SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 32 of 42
additional services. In no event shall the Contractor alter the Scope of Services without the Authority’s prior written approval. IV. ADJUSTMENTS TO PAYMENTS (a)
If the Scope of Services is reduced by the Authority in accordance with Section III hereof, the
Maximum Payment which may be paid to the Contractor shall be decreased by the amount of the reduction in the payments due the Contractor as shown in the statement required to be furnished to and approved in writing by the Authority pursuant to Section III of this Agreement. (b)
If additional services by the Contractor are requested and approved by the Authority in
accordance with Section III hereof, the Maximum Payment which may be paid the Contractor shall be increased by the amount of the payments due for such additional work as shown in the statement required to be furnished to the Authority and approved in writing by the Authority pursuant to Section III of this Agreement. V. OWNERSHIP OF WORK PRODUCT (a)
The Authority shall be the legal owner of all Work Product. Work Product means all information
which the Contractor prepares or obtains in performing the Scope of Services, or which are related to the Scope of Services, except: (1) information in the public domain prior to the execution of this Agreement; (2) information which becomes part of the public domain without any breach of this Agreement; and (3) information in the Contractor’s lawful possession prior to the execution of this Agreement. Information means any writing or other source of recorded information of whatever nature and by whatever means recorded and whether or not claimed to be subject to copyright including without limitation: drawings, specifications, written memoranda, raw and interpreted data, notes, records, interoffice communications, policies, procedures, manuals, audits, analyses, surveys, correspondence, reports, minutes, diaries, books, manuscripts, sound recordings, microfilm, computer printouts, drawings or other graphical representations, pictorial reproductions, documents and information available from electronic data storage
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 33 of 42
equipment, summaries or records of conversations, reports of tests, photocopies, pictures and all other papers and writings, including drafts, originals and copies. (b) The Contractor shall treat all Work Product as confidential information and shall not disclose or make same available to any Third Party without the Authority’s advance written consent. Third Party means any person or entity other than the Authority or the Contractor and includes without limitation any governmental unit, private enterprise or individual. (c)
Any use, modifications or extensions of the Work Product by the Authority without the
Contractor’s specific advance written consent will be at the Authority’s sole risk without liability or legal exposure to the Contractor and the Authority shall defend, indemnify and hold harmless the Contractor from all claims, damages, losses and expenses, including attorneys’ fees, arising out of or resulting therefrom. Notwithstanding the foregoing, neither party hereto shall be liable to the other for any indirect, special or consequential damages, including but not limited to lost profits and loss of use. (d)
If the Contractor becomes legally compelled (by deposition, interrogatory, request for documents,
subpoena, investigation, demand, order or similar process or otherwise) to disclose any Work Product to any Third Party, then before such disclosure is made, Contractor shall notify the Authority of the disclosure demand or obligation, consult with the Authority on the advisability of taking steps to narrow such demand or obligation, and cooperate with the Authority in any attempt to obtain a protective order or other appropriate remedy or assurance that the Work Product shall be afforded confidential treatment. If such protective order or other appropriate remedy is not obtained, the Contractor shall disclose only that portion of the Work Product which Contractor’s legal counsel specifies in writing actually is subject to the disclosure obligation. (e)
The Contractor shall retain all Work Product for at least three (3) years after the date of
completion of the work. The Contractor shall submit all original Work Product to the Authority if the Authority makes a written request to the Contractor to provide the Work Product. If the Authority makes such a request, it shall reimburse the Contractor for reasonable expenses relating to the transportation and delivery of the Work Product. SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 34 of 42
(f)
Prior to destroying or disposing of any Work Product upon the termination of the three (3) year
period referenced in Section V(e), the Contractor shall notify the Authority of its intent to do so and shall give the Authority a reasonable time within which to take custody of said Work Product. Within such reasonable time, the Contractor shall furnish those materials to the Authority without charge except for the reasonable cost of transporting and delivering the materials. (g)
The Contractor may make reasonable internal, non-commercial use of Work Product in its
possession provided such use is consistent with the Contractor’s obligations under this Agreement. The Contractor shall not commercially exploit any Work Product except pursuant to a licensing and royalty agreement (or other such agreement acceptable to the Authority) between the Contractor and the Authority. (h)
In addition to any other remedies to which the Authority may be entitled by law or in equity, the
Authority may enforce the provisions of this Section V in an action for equitable relief, including without limitation temporary and permanent injunctions (or their functional equivalents) and/or specific performance of this Section. VI. INSURANCE (a)
The Contractor shall carry and maintain during the life of this Agreement the following insurance
with the minimum limits indicated:
(1) Property Coverage (Special Causes of Loss) insurance for replacement cost coverage under an “All Risk” policy for any of the Contractor’s Real and Personal Property used or situated on Authority property. (2) Commercial General Liability insurance for bodily injury and property damage, including products and completed operations coverage, broad form contractual liability, per project/location aggregate with a per occurrence limit of $1,000,000/$2,000,000 aggregate. (3) Umbrella Excess Liability: Excess coverage on insurance required in (#2) above in the amount of $4,000,000 occurrence/aggregate. (4) Workers’ Compensation and Employer’s liability insurance requirement includes the All States Endorsement for Workers’ Compensation and $1,000,000 for Employer’s Liability. (5) Statutory unemployment insurance protection for all of its employees
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 35 of 42
(6) Professional Liability/Technology Errors and Omissions Insurance with limits of not less than $1,000,000 each occurrence for claims arising out of the performance of professional services, resulting from any error, omission or negligent act of the Contractor. Maximum SelfInsured Retention (SIR) of $25,000. Any SIR greater than $25,000 must be approved by the Authority. (b)
The Authority shall be designated as an additional insured on all policies, except the workers’
compensation policy. Prior to the provision of any services pursuant to this Agreement, the Contractor shall submit: (i) Certificates of Insurance, acceptable to the Authority, confirming that the insurance coverages required by this Agreement are in place; (ii) an endorsement(s) stating that the coverages will not be cancelled, terminated or allowed to expire without the Authority being provided at least thirty (30) days prior written notice; and (iii) an endorsement(s) or policy declaration(s) stating that the Authority is named as an additional insured. When requested by the Authority, the Contractor shall provide additional evidence of insurance demonstrating that the required policies are in force throughout the Term and any Option Period. VII. PROFESSIONAL SERVICES, INDEMNITY AND INSURANCE The Contractor’s services shall be performed as expeditiously as is consistent with reasonable professional skill and care and the orderly progress of the Scope of Services. To the fullest extent permitted by law, the Contractor shall indemnify and hold harmless the Authority, its officers, agents and employees, from and against claims, damages, losses, liabilities and expenses, including, but not limited to, attorneys’ fees, arising out of or resulting from the performance of the Contractor’s services pursuant to this Agreement to the extent caused in whole or in part by negligent acts or omissions of the Contractor. Notwithstanding the foregoing, neither party hereto shall be liable to the other for any indirect, special or consequential damages, including but not limited to lost profits and loss of use. Contractor shall maintain an appropriate commercial general liability policy and any other insurance policies needed to meet all applicable legal requirements. Contractor shall deliver any certificate of insurance to the Authority upon its request. VIII.TERMINATION
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 36 of 42
The Authority may terminate this Agreement at any time for any reason upon written notice to the Contractor, which notice shall be effective upon the later of the date stated therein or the date the notice is received by the Contractor. No additional Services shall be performed by the Contractor after the termination date stated in the notice. In the event of such termination, the Contractor's charges to the Authority shall be limited to the charges for the Services theretofore satisfactorily rendered and expenses theretofore incurred or committed and not able to be avoided pursuant to the terms contained herein. The Contractor may terminate this Agreement only upon prior written request to and receipt of written permission from the Authority, in which case the immediately preceding sentence shall apply. IX. ENTIRE AGREEMENT This Agreement, including all attachments hereto, constitutes the entire agreement between the parties with respect to the subject matter hereof and supersedes all prior agreements, whether oral or written, between the parties hereto with respect to such subject matter. This Agreement may be modified only by written agreement between the Contractor and the Authority. X. ASSIGNMENT Neither the rights nor the obligations of either party arising under this Agreement shall be transferred or assigned without the prior written consent of the other party. XI. SUCCESSORS AND ASSIGNS All covenants and agreements in this Agreement by or on behalf of either of the parties hereto shall bind the successors and assigns of such party and shall inure to the benefit of the successors and assigns of the other party. XII. CONSTRUCTION OF AGREEMENT In the event of any conflict between the terms of this Agreement and the terms of any document attached hereto and incorporated herein by reference, this Agreement shall control and the conflicting provision of the attachment shall, to the extent of the conflict, be null and void. The headings contained in this Agreement are for reference only and shall not affect the rights or obligations of either of the parties SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 37 of 42
hereunder. The term “Authority” shall mean and include the Authority and its Board, officers, employees and agents, and the term “Contractor” shall mean and include the Contractor, its employees, suppliers and agents. XIII.GOVERNING LAW This Agreement and the duties, responsibilities, obligations and rights of the respective parties hereunder shall be governed by the laws of the State of North Carolina. The exclusive venue for any action between the Authority and Contractor arising out of or in connection with this Agreement shall be in Wake County, North Carolina. XIV.
INDEPENDENT CONTRACTOR
In the performance of this Agreement, it is agreed by and between the parties hereto that the Contractor shall be acting as an independent contractor and not as an employee of the Authority. XV. COMPLIANCE WITH APPLICABLE LAWS The Contractor shall comply with all applicable federal, state and local laws, codes and regulations, including the ordinances, rules, policies, bulletins, notices, directives and regulations of the Authority, the Transportation Security Administration, and the U.S. Customs and Border Protection Service as amended from time to time. Nothing in this Agreement shall be construed to conflict with any applicable Federal, state or local law, code or regulation, including the ordinances, rules, policies, bulletins, notices, directives and regulations of the Authority, the Transportation Security Administration, and the U.S. Customs and Border Protection Service as amended from time to time. XVI.
RIGHTS AND REMEDIES
The Authority’s rights and remedies as set forth herein shall be in addition to any other right or remedy now and hereafter provided by law or in equity. All rights and remedies shall be cumulative and not exclusive of each other.
No delay by the Authority in exercising a right or remedy shall constitute
acquiescence thereof.
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 38 of 42
XVII.
FORCE MAJEURE
A party hereto shall have no liability to the other hereunder due to circumstances beyond its control, including, but not limited to, acts of God, terrorism, flood, natural disaster, regulation or governmental acts, fire, civil disturbance, or extreme weather (a “Force Majeure Event”). Notwithstanding anything to the contrary herein, the Authority may terminate the this Agreement in its entirety and without penalty if a Force Majeure Event continues for more than ten (10) consecutive days and prevents or delays Contractor from delivering the Scope of Services. XVIII.
OTHER CONDITIONS
(a)
The Contractor’s Contract Manager shall be ____________________. The Contractor shall not
replace or substitute for the Contract Manager during the Term except upon written notice to and receipt of written approval of the Authority. Said notice to the Authority shall state the reason(s) for the proposed replacement or substitution and shall specify the qualifications, including education, training and experience, of the proposed replacement or substitute. (b)
The Authority’s Contract Administrator shall be ____________________. The Contractor shall
communicate
and
coordinate
all
matters
related
to
this
Agreement
through
and
with
__________________ or his designee. (c)
Notices required to be given under this Agreement shall be delivered to: FOR THE AUTHORITY: President and C.E.O. PO Box 80001 1000 Trade Dr. RDU Airport, NC 27623 FOR THE CONTRACTOR:
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 39 of 42
Neither review nor approval of the Contractor’s work by the Authority shall in any way relieve the Contractor from its duty to utilize a professional standard of care in the performance of the Scope of Services, nor will such review or approval limit or remove the Contractor’s liability therefore. XIX.
Minority and Women-Owned Small Business Program
(a)
The Authority has established a Minority and Women-Owned Small Business Program to
encourage equal opportunity for MWSBs to compete for employment as contractors, subcontractors, suppliers and service providers. (b)
MWSB Goals for MWSB participation on this contract represent the total dollars that will be spent
with MWSBs as a percentage of the total contract amount, including any change orders and contingency (“MWSB Goals”). The Authority has assigned the following MWSB Goals for work assigned to the Contractor hereunder: 1. Minority-owned business participation (“MB Goal”): 5%. 2. Woman-owned business participation (“WB Goal”): 5%. (c)
If the Contractor proposes to terminate or substitute a MWSB after submitting a proposal, the
Contractor must make good faith efforts to find a substitute MWSB for the original MWSB to meet its MWSB commitment. The Contractor must give the MWSB notice in writing, with a copy to Authority, of its intent to request to terminate and/or substitute, and the detailed reasons for the request. All substitutions shall be coordinated with and approved by the Authority prior to being made. (d)
The Contractor has a continuing obligation to meet the MWSB utilization to which it committed at
contract award, inclusive of change orders, amendments, and modifications. (e)
The Contractor shall maintain records and submit monthly reports of MWSB payments,
concurrent with the Contractor’s submission of invoices, with each invoice. The report shall include a certification by the Contractor and MWSB regarding payment to each MWSB subcontractor for the prior
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 40 of 42
month’s work.
These reports will be certified as true and correct by an appropriate Contractor
representative. IN WITNESS WHEREOF, the parties, by and through their duly authorized agents, have hereunto set their hands and seal(s), all as of the day and year first above written. RALEIGH-DURHAM AIRPORT AUTHORITY
BY:
_____________________________________
DATE:
_____________________________________
NAME:
_____________________________________
TITLE:
_____________________________________
INSERT NAME OF COMPANY
BY:
_____________________________________
DATE:
_____________________________________
NAME:
_____________________________________
TITLE:
_____________________________________
This instrument has been preaudited in the manner required by the Local Government Budget and Fiscal Control Act. _______________________________ Finance Officer
Approved as to form: ______________________________ Legal Counsel
EXHIBIT A SCOPE OF SERVICES (Documents from the RFP and the Awarded Vendor will be inserted here)
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 41 of 42
**SEE ATTACHED MWSB FORM TO BE COMPLETED (Reference Section V, Number 5)**
[END OF RFP: PCD2014 – TP02] [REMAINDER OF PAGE INTENTIONALLY LEFT BLANK]
SECURITY ANALYTICS
RFP: SECURITY INFORMATION& EVENT MANAGEMENT RFP#: PCD2014-TP02
Page 42 of 42
