Enterprise SM VOLUME 1, SECTION 5.4: ANTI-VIRUS MANAGEMENT SERVICE

Similar documents
Enterprise SM VOLUME 1, SECTION 5.7: SECURE MANAGED SERVICE

3.0 NETWORX ARCHITECTURE FOR IP-BASED SERVICES (L ) (M.2.1) (a), M.2.1.1(a))

Enterprise SM VOLUME 1, SECTION 4.3: COLLOCATED HOSTING SERVICES

6.6 INCIDENT RESPONSE MANAGEMENT SERVICES (INRS) (L )

6.2 OPTIONAL SECURITY SERVICES

5.7 DEDICATED HOSTING SERVICES (DHS)

3.6 TROUBLE AND COMPLAINT HANDLING

Enterprise SM VOLUME 1, SECTION 3.2: NETWORK-BASED IP VPN SERVICES

Managed Security Services - Endpoint Managed Security on Cloud

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

5.10 CUSTOMER SPECIFIC DESIGN AND ENGINEERING SERVICES (L )

6.0 SECURITY SERVICES 6.1 MANAGED FIREWALL SERVICE (L )

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Vol. 1 Technical RFP No. QTA0015THA

Security Standards for Electric Market Participants

4.1.5 Private Line Service (L )

Vol. 1 Technical RFP No. QTA0015THA

4.1.2 NETWORK-BASED IP VIRTUAL PRIVATE NETWORK SERVICES (NBIP-VPNS) (L , C.2.7.3, M.2.1.2)

Compliance with NIST

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

IT SECURITY RISK ANALYSIS FOR MEANINGFUL USE STAGE I

Reinvent Your 2013 Security Management Strategy

3.4 NON-DOMESTIC SERVICES (L )(C.2.1.9)

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

SERVICE DESCRIPTION MANAGED FIREWALL/VPN

Appendix 3 Disaster Recovery Plan

Cybersecurity Overview

Appendix 2 Part A National Security and Emergency Preparedness (NS/EP) Functional Requirements Implementation Plan (FRIP)

CORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION

eplus Managed Services eplus. Where Technology Means More.

4.1.8 PREMISES-BASED IP VPN SERVICES (PBIP-VPNS) (L )

5.2.2 COLLOCATED HOSTING SERVICES (CHS) (L , M.2.1.4)

Digital Renewable Ecosystem on Predix Platform from GE Renewable Energy

Appendix 12 Risk Assessment Plan

Carbon Black PCI Compliance Mapping Checklist

The Common Controls Framework BY ADOBE

IBM Managed Security Services - Vulnerability Scanning

White Paper. How to Write an MSSP RFP

Security and Compliance at Mavenlink

Version v November 2015

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

XO SITE SECURITY SERVICES

Sneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security

Continuous protection to reduce risk and maintain production availability

Appendix 12 Risk Assessment Plan

4.0 TRANSPORT/IP/OPTICAL SERVICES 4.1 MANDATORY SERVICES

CCISO Blueprint v1. EC-Council

5.2.8 Teleworking Services (TWS) (L , M.2.1.4)

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Optimizing Infrastructure Management with Predictive Analytics: The Red Hat Insights Approach

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Clearswift Managed Security Service for

locuz.com SOC Services

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

Ensuring System Protection throughout the Operational Lifecycle

SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE

SoftLayer Security and Compliance:

Reviewer s guide. PureMessage for Windows/Exchange Product tour

Security Architecture

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

IBM Security Intelligence on Cloud

Cisco SP Wi-Fi Solution Support, Optimize, Assurance, and Operate Services

Schedule document N4MDM. PUBLIC Node4 limited 31/11/2018. Node4 Limited Millennium Way Pride Park Derby DE24 8HZ

Symantec Endpoint Protection Integration Component User's Guide. Version 7.0

SCHEDULE DOCUMENT N4MDM PUBLIC NODE4 LIMITED 13/07/2017. Node4 Limited Millennium Way Pride Park Derby DE24 8HZ

ISO27001 Preparing your business with Snare

Inventory and Reporting Security Q&A

Application Lifecycle Management on Softwareas-a-Service

SERVICE DESCRIPTION MANAGED BACKUP & RECOVERY

WHITE PAPER- Managed Services Security Practices

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Unified Communications from West

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

AUTHORITY FOR ELECTRICITY REGULATION

Akamai White Paper. FedRAMP SM Helps Government Agencies Jumpstart their Journey to the Cloud. FedRAMP. Federal Risk Authorization Management Program

Written Statement of. Timothy J. Scott Chief Security Officer The Dow Chemical Company

Cyber Security For Business

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Managed Security Services - Event Collector Implementation, Configuration and Management

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

Aligning Agency Cybersecurity Practices with the Cybersecurity Framework

v February 2016

Core Services for ediscovery Perfection

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Certified Information Security Manager (CISM) Course Overview

Magento Enterprise Edition Customer Support Guide

IBM Vulnerability Management Service

Certified Information Systems Auditor (CISA)

AppPulse Point of Presence (POP)

5.2.3 AUDIO CONFERENCING SERVICE (ACS) (L , M.2.1.4, C.2.8.2)

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Projectplace: A Secure Project Collaboration Solution

Xerox and Cisco Identity Services Engine (ISE) White Paper

Future-ready security for small and mid-size enterprises

1 SAP HANA Remote Monitoring

Cisco Secure Ops Solution

JSC THE JUSTICE & SAFETY CENTER. Snapshot 2014

Transcription:

VOLUME 1, SECTION 5.4: ANTI-VIRUS MANAGEMENT SERVICE

5.4 ANTI-VIRUS MANAGEMENT SERVICE [C.2.10.4, M.2.1.3] The Level 3 Team s (AVMS) will meet or exceed the Government s requirements for AVMS, as defined in RFP Section C.2.10.4. This section provides a description of this service offering followed by responses to the specific requirements listed in RFP Section L.34.1.6. The Level 3 AVMS solution will provide virus protection for in-bound and out-bound email, file transfers and web traffic. The solution, illustrated in will also allow for Level 3 will continually monitor anti-virus advisories for complete understanding of the ever-changing virus landscape. Agencies will be able to leverage our security staff to protect their networks from virus threats, freeing up your security staff to focus on security management. Volume 1, Section 5.4 Page 749 Rev. 3-5-2007

5.4.1 Technical Approach to Security Services This section addresses the requirements contained in RFP Section L.34.1.6.1 for the Level 3 Team s. The topics covered include our approach to Service Delivery, our approach regarding Federal agency Enterprise Architecture objectives, and any foreseen problems and solutions related to our offering. 5.4.1.1 SERVICE DELIVERY The Level 3 Service Delivery objective is to provide Government agency customers with rapid and responsive Service Delivery for our Anti-Virus Management Service. All services proposed by the Level 3 Team for will use the same Service Delivery process. Level 3 s Volume 1, Section 5.4 Page 750 Rev. 3-5-2007

Networx delivery process is discussed in detail in Section 3.1.1.1 of this proposal volume. 5.4.1.2 FEDERAL AGENCY ENTERPRISE ARCHITECTURE The method for addressing the FEA objectives for our agency customers under (3)Enterprise is independent of the service being procured. Section 3.1.1.2 of this proposal volume contains a detailed discussion of the Level 3 Team s proposed approach for FEA. 5.4.1.3 FORESEEN PROBLEMS AND SOLUTIONS The Level 3 Team has reviewed the individual service requirements for AVMS in RFP Section C.2.10.4.1. We do not anticipate any problems meeting the specified service requirements. In the unlikely event that a problem does arise, our security engineering team will work with the agency to customize a solution to meet the requirement. 5.4.2 Satisfaction of Security Services Performance Requirements [C.2.10.4.4] This section addresses the requirements contained in RFP Section L.34.1.6.2 for the Level 3 Team s Quality of Service. The topics covered are quality of services with respect to performance metrics, monitoring and measuring Key Performance Indicators (KPI) and Acceptable Quality Levels (AQL), testing procedures, and proposed performance improvements and associated benefits. 5.4.2.1 QUALITY OF SERVICE In compliance with RFP Section C.2.10.4.4, Level 3 will provide the performance metrics shown in. Volume 1, Section 5.4 Page 751 Rev. 3-5-2007

5.4.2.2 MONITORING AND MEASURING KPIS AND AQLS The Level 3 will monitor all Networx services provided using our IP backbone. Section 3.1.2.2 of this proposal volume describes the monitoring tools used by this organization that will allow for comprehensive visibility of numerous network elements and the ability to accurately measure AQLs for the applicable KPIs. The KPIs measured for AVMS are described below. Volume 1, Section 5.4 Page 752 Rev. 3-5-2007

5.4.2.2.2 Time to Restore Unlike many service providers, Level 3 measures the Time to Restore (TTR) as the customer-facing time to restore a problem. Our metric represents the gross internal performance of our service management teams. Specifically, the duration of an unexcused outage on an AVMS port would be measured from the time a trouble ticket is opened to the time that service is restored. 5.4.2.3 TESTING PROCEDURES FOR KPI AND AQL Section 2.2.3 of this proposal volume provides a discussion of the management expertise and toolsets used by Level 3 to ensure KPI and AQL compliance. Volume 1, Section 5.4 Page 753 Rev. 3-5-2007

5.4.2.4 PROPOSED PERFORMANCE IMPROVEMENTS Level 3 does not propose AQLs that exceed the AQLs in the KPIs at this time but would like to reserve the ability to do so with performance improvements that may be attained through the introduction of new technology. Level 3 believes in continuous improvement and will always strive to provide the highest quality, available services. 5.4.2.5 PROPOSED PERFORMANCE METRICS The Level 3 Team will not propose additional performance metrics for our AVMS offering at this time. 5.4.3 Satisfaction of Security Services Specifications This section demonstrates the Level 3 Team s ability to satisfy the service requirements for AVMS. We also describe anticipated modifications to the network for delivery of the service and our experience delivering the service. 5.4.3.1 TECHNICAL DESCRIPTION OF AVMS The Level 3 offering fulfills the Mandatory Service Requirements for AVMS contained in RFP Section C.2.10.4.1. This section demonstrates our capabilities in the following areas: Standards Connectivity Technical Capabilities Features Interfaces Volume 1, Section 5.4 Page 754 Rev. 3-5-2007

5.4.3.1.1 Standards [C.2.10.4.1.2] The Level 3 AVMS complies with the required standards as delineated in RFP Section C.2.10.4.1.2. Members of our team are active in numerous industry forums and working groups, which demonstrates our commitment to implementing future standards as technologies are developed and standards are defined and become commercially available. Our memberships include: Network Service Provider Security Association (NSP-Sec) International Systems Security Association (ISSA) VoIP Security Association (VOIPSA) Intrusion Detection Systems Consortium National Infrastructure Advisory Council (NIAC) Department of Homeland Security (DHS) National Institute of Standards and Technology (NIST) National Information Assurance Partnership (NIAP) Federal Bureau of Investigation (FBI) National Association of State Chief Information Officers (NASCIO) Information Technology - Information Sharing and Analysis Center (IT-ISAC) Open Security Evaluation Criteria (OSEC) Intrusion Detection Exchange Format Working Group (IDWG) 5.4.3.1.2 Connectivity [C.2.10.4.1.3] Level 3 is a Tier 1 Internet Service Provider. Our AVMS offering meets the connectivity requirements listed RFP Section C.2.10.4.1.3. Volume 1, Section 5.4 Page 755 Rev. 3-5-2007

5.4.3.1.3 Technical Capabilities [C.2.10.4.1.4] Our AVMS solution complies with the 15 mandatory technical capabilities requirements listed in RFP Section C.2.10.4.1.4. Details follow. 1. Provide design and implementation services: The Level 3 Team has a five-phase approach to design and implementation services, which is standard for our Managed Security Services. Please see the response to Section 5.3.3.1 3 for details. 2. Provide installation, configuration and integration support: Testing at Level 3 is given great importance in the engineering and operations processes. It is continuously performed in Level 3 s own extensive laboratory facilities. All Level 3 service and design features deployed in the network may be replicated using every type of element in the actual production network. Replication of real-network element behavior under realistic traffic load conditions is critical to producing accurate test results. Regression and performance testing is completed on all features of the Level 3 Network. This includes New procedures and tools, such as new network management and provisioning tools, are tested before deployment. Even maintenance procedures are tested before they are performed on the network. Many service providers use their in-band Internet backbone as their primary management network. Some have an out-of-band (OOB) network, Volume 1, Section 5.4 Page 756 Rev. 3-5-2007

usually dial-up, or very low bandwidth switched data services such as Frame Relay. 3. Provide software and hardware components, including servers and gateways, as required by the agency: Level 3 will provide the necessary hardware and software. The AVMS offering includes 4. System Monitoring: The Level 3 will be responsible for all facilities and network management, monitoring, and repair associated with the proposed managed tiered security services. The Level 3 Network group is staffed by highly trained operations managers and network technicians at The provides proactive monitoring of customer traffic across the Level 3 Network. It identifies potential problems and provides resolution before our customers even know there s an issue. The performs regular network connectivity performance reviews. If an irregularity is detected, the organization follows documented procedures to restore service. The Level 3 Team s concept of operations integrates network surveillance performed by the to provide seamless coverage and end-to-end management of all critical Volume 1, Section 5.4 Page 757 Rev. 3-5-2007

network elements. The will serve as liaison between the Level 3 and the. The staff will gather performance data on the systems supported and use these data to optimize network efficiency and help Government agencies avoid unnecessary costs. Level 3 will monitor the AVMS engines 5. Allow real-time and on-demand virus scanning: The Level 3 AVMS offering includes the ability to do real-time as well as on-demand virus scanning. 6. Screen incoming and outgoing FTP, HTTP, POP, and SMTP traffic: The Level 3 AVMS offering provides virus protection for in-bound and out-bound email, file transfers and web traffic. 7. Perform data integrity checks: Volume 1, Section 5.4 Page 758 Rev. 3-5-2007

The Level 3 AVMS offering is based on 8. Respond to infections and violations of agency networking environment and provide the following minimum capabilities: Alert Service, Infected File Isolation and Control of user access and environment for the malicious file: Volume 1, Section 5.4 Page 759 Rev. 3-5-2007

9. Maintain the anti-virus system and perform the necessary hardware/software upgrades, updates, and replacements: As part of the AVMS offering, Level 3 will maintain the anti-virus platform and software and provide all the necessary hardware/software upgrades and updates. All hardware replacements will be handled on the agency s behalf through the vendor s support contracts. 10. Deploy the latest system patches and bug fixes as soon as they become available: As part of the AVMS offering, Level 3 will be fully responsible for all system patches and bug fixes. All updates other than virus pattern updates must be certified by Level 3 personnel prior to being released to production. These updates include, but are not limited to: Volume 1, Section 5.4 Page 760 Rev. 3-5-2007

11. Provide automatic and timely updates of the virus pattern and signature files as they become available to ensure adequate protection: 12. Perform periodic gateway scans capable of revealing any vulnerabilities of the anti-virus system: The Level 3 Team will provide scans of the deployment. The vulnerability scans will determine what vulnerabilities, if any, are present on the AVMS platform. As part of the managed AVMS offering, Level 3 will take full responsibility for patching and updating the AVMS platform. This will ensure all applicable security patches are placed on the platform in a timely manner, lessening the chance of vulnerabilities existing on the AVMS platform. 13. Perform configuration changes as initiated and prioritized by the agency: The Level 3 Team s AVMS includes unlimited changes to the AVMS device. As a fully managed solution, we will be responsible for making all the changes to the AVMS hardware and software. On average, Level 3 completes more than Our process provides the rigor and discipline necessary to minimize the risk of change while at the same time providing flexibility and adaptability to allow our customers to meet their critical requirements. Volume 1, Section 5.4 Page 761 Rev. 3-5-2007

The Level 3 Configuration Management procedure is described below. Note that our procedures ensure that no changes initiated by our team will be implemented without agency consent. 14. Change Management Process: A detailed discussion of Level 3 s Change Management Process is provided in Section 5.2.3.1.3.16 of this proposal volume. 15. Provide agency with secure web access to logs and service information: The Level 3 portal will provide the agency with online access to logs and service information, which will contain, but not be limited to, the following, as applicable: As noted previously, the portal will provide agencies with insight into the performance of Level 3 services. The portal gives direct access to the monitoring and maintenance systems used by Level 3 internal staff. Agencies can use the portal to report and/or obtain status information for ongoing events. The portal will provide the ability to view all current issues, provide updates to ongoing issues, open trouble tickets, and allow escalation of individual tickets or issues. It will also provide the agency Volume 1, Section 5.4 Page 762 Rev. 3-5-2007

with immediate access to severe alert information including: 16. Support networks of varying complexity: 5.4.3.1.4 Features [C.2.10.4.2] 5.4.3.1.5 Interfaces [C.2.10.4.3] Volume 1, Section 5.4 Page 763 Rev. 3-5-2007

5.4.3.2 PROPOSED SERVICE ENHANCEMENTS The Level 3 Team does not propose service enhancements to AVMS at this time. As new FISMA-compliant features and functionality are added to the chosen platform, Level 3 will work with the agency to roll out the new features and functionality. 5.4.3.3 NETWORK MODIFICATIONS We anticipate the need for very minimal modifications to the network for delivery of AVMS, with negligible impact on the security or performance of the network. These modifications are described below. Volume 1, Section 5.4 Page 764 Rev. 3-5-2007

5.4.3.4 EXPERIENCE DELIVERING AVMS The Level 3 Team leads the industry in planning and deploying Managed Security Services for both the commercial and Government sectors. We bring five years of experience delivering anti-virus services to customers worldwide. Section 5.1.3.4 of this proposal volume further demonstrates our team s experience and credentials in the managed security arena. Volume 1, Section 5.4 Page 765 Rev. 3-5-2007

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback