Authority Of The Freeport Area Of Bataan Tender

Description Privacy Notice: "the Authority Of The Freeport Area Of Bataan (afab) Ensures That The Data Gathered In This Form Are Held Under Strict Confidentiality In Accordance With The R.a.10173 Otherwise Known As The Data Privacy Act Of 2012." Authority Of The Freeport Area Of Bataan Mariveles, Bataan Telefax 047-9354004 Loc. 8116 Or (02) 236-5010 Request For Quotation (rfq) For Asd-pmd Use Deadline Of Submission Of Quotation (date And Time): July 01, 2024 At 9:00 Am Purchase Request No: 2024-06-0085 Approved Budget For The Contract (abc): 756,000 Canvasser's Name, Email And Contact Number: Renel Forio, Renel.forio@afab.gov.ph, 09123844004 For External Provider (supplier, Service Provider, Contractor, Consultant) Company/business Name : Complete Address : Contact Number : Email Address : Tax Identification Number (tin) : _______________________________ Philgeps Registration No. : Terms Of Payment: Please Quote Your Best Offer For The Item/s Listed And Described Below, Subject To The Terms And Conditions Written Hereunder. Duly Signed Quotation/s Must Be Submitted To The Procurement Management Division Of The Afab. After Having Carefully Read The Terms And Conditions, I/we Hereby Accept The Same And Submit Our Quotation/s For The Item/s As Follows: Item No. Qty. Unit Articles P R I C E (in Philippine Peso And Shall Include All Taxes, 12% Vat, Duties And/or Levies Applicable.) Unit Cost Total 1 280 Lic Antivirus, Endpoint Security Renewal Features Included: Anti-malware For File Servers And Workstations Firewall Application Control Application Whitelisting Web Control Device Control File Server Protection Mobile Device Management (mdm) Mobile Endpoint Security For (tablets And Smartphones) Encryption Systems Configuration And Deployment Network Admission Control Advanced Vulnerability Scanning Patch Management Endpoint Detection And Response Oc-based Detection And Scanning Generating Incident Information Card Root Cause Analysis / Attack Threat Visualization Prevent File Execution Host Isolation File Quarantine / File Recovery I. Architecture And Design 1. The Suggested Solution Must Support Integration With Free Of Charge Threat Intelligence Portal, Which Contains And Displays Information About The Reputation Of Files And Urls. 2. The Suggested Solution Must Support Integration With Cloud Reputation Service. 3. The Suggested Solution Must Support Central Management And Analytics Through On-prem Web Console And Cloud Management Console. (incident Related Data, System Status And Health Check Data, Settings, Etc.) 4. Edr Agent Must Have Integration With Endpoint Protection Application. 5. Edr And Endpoint Protection Solutions Must Have Unified Console For Administrators And Analysts 6. Edr Should Support Standalone Agent Installation (without Endpoint Protection Application). 7. Hardware Platform Where The Solution Is Installed Should Be Flexible For Any Upgrade Include Network Interfaces, Ram And Cpu "ii. Detection 1. The Suggested Solution Must Supplement Verdict Information From Endpoint Protection Solution With System Artefacts About The Detection. 2. The Suggested Solution Must Support Auto Generation Of Threat Indicators (ioc) After Detection Occurs With Ability To Apply Response Action. 3. The Solution Must Have The Capability To Force Run Ioc Scan Across All Endpoints With Installed Edr Agents. 4. The Suggested Solution Must Support Ioc Scanning Run According To A Scheduler. 5. The Suggested Solution Must Support Import Of Third-party Ioc In Open Ioc Format For Its Use In Network Scanning. 6. The Suggested Solution Must Support Scanning Using Auto Generated, Uploaded Or External (third-party) Set Of Ioc’s To Detect Earlier Undetected Threats. 7. The Suggested Solution Must Support Exporting Of Ioc Generated By The Solution To A File In Openioc Format." "iii. Visibility 1. The Suggested Solution Must Generate Detailed Incident Card Related To The Detected Threat On An Endpoint. 2. An Incident Card Must Include At Least The Following Information About Detected Threat: - Threat Development Chain Graph (kill Chain). - Information About The Device On Which The Threat Is Detected (name, Ip Address, Mac Address, User List, Operating System). - General Information About The Detection, Including Detection Mode. - Registry Changes Associated With The Detection. - History Of The File Presence On The Device. - Response Actions Performed By The Application. 3. Threat Development Chain (kill Chain) Graph Must Provide Visual Information About The Objects Involved In The Incident, For Example, About Key Processes On The Device, Network Connections, Libraries, Registry, Etc. 4. An Incident Card Must Present Detailed View On System Artefacts And Incident-related Data For Root Cause Analysis: - Process Spawning - Network Connections - Registry Changes - Downloading Object - Dropped Objects, Etc." "iv. Response 5. The Suggested Solution Must Support ‘single-click” Response Form Management Console 6. The Suggested Solution Must Support At Least The Following Response Actions That An Administrator Can Perform When Threats Are Detected: 6.1 Prevent Object Execution • Edr Solution Must Support Both Modes: Records To The Events About Attempts To Launch Objects Or Open Documents That Meet The Criteria Of The Execution Prevention, But Does Not Block Launch Or Opening These Objects. Blocks Launch Of The Objects Or Opening The Documents That Meet Criteria Of The Execution Prevention Rules. • Edr Solution Must Support Blocking Objects By Hash (md5 Or Sha256) Or By Path Pattern. • Edr Solution Must Support Blocking Executables, Scripts And Documents • Edr Solution Must Support Notification User About Prevention Option" "6.2 Host Isolation. • Edr Solution Must Provide Means Of Isolating Machine From The Rest Of The Network In Case Of Security Incident, While Preserving Controlled Communication With Agents’ Administration And Management Server. • Edr Solution Must Support Creating Custom Host Isolation Rules (i.e. Adding Particular Network Resources To Exclusion E.g. Dns Or Selecting Predefined Profiles) • Edr Solution Must Support Manual Bringing The Host Back Online From Isolation. 6.3 Host Isolation. 6.4 Terminate A Process On The Device. 6.5 Quarantine An Object • The Suggested Solution Must Support Object Recovery From Quarantine. 6.6 Run System Scan 6.7 Remote Program / Process / Command Execution 6.8 Start Ioc Scan For A Group Of Hosts." V. Administration And Reporting 1. The Solution Must Have A Unified Policies, Centralized Reporting And Tasks Execution Within A Single-console For Centralized Management – On-prem Or Cloud Based. 2. Suggested Solution Management Server Must Have Ability To Send Logs To Siem, Syslog Servers 3. The Solution Must Have Different Administrators Functions That Have A Single Interface/dashboard During Sign On And Controlled By Privileges And Rights Based On Their Functions (administrator, Reviewer, Investigator, Etc.). 4. The Suggested Solution Must Support Secure Communication Between Management Console And Endpoints With Edr Agent 5. The Suggested Solution Must Support Management Of Edr Agent Through Command Line Interface 6. Suggested Solution Must Have Inbuilt Feature/module To Collect The Data Required For Troubleshooting, Without Require A Physical Access To The Endpoint. 7. Edr Agent Must Have Self-defense Mechanism To Prevent Agent Modifying Agent-related Files/system Components Entries Etc. "8. The Solution Must Allow The Creation Of Accounts With Different Roles Used To Administer The Solution, Just Monitor The Alerts, Or Review Changes 9. Administration Server Upgrade Must Not Require Installation From Scratch And Losing Settings, Etc. 10. The Solution Should Be Able To Send Email Notifications When Certain Types Of Security Alerts Are Generated. 11. The Solution Must Support Backup And Restore The Solution Configuration. 12. The Solution Should Be Simple To Install And Operate, And Not Require High-level Skills From It/information Security Staff 13. The Solution Should Provide Minimal Impact On Existing It/information Security Staff Load 14. The Solution Should Be Able To Work In Autonomous Mode Without Access To External Threat Intelligence Sources 15. Requirements For The Solution Documentation. A Documentation For Edr Software, Including Administration Tools, Should Include At Least Online Help For Administrators" "vi. Additional Features 1. The Suggested Solution Must Support Integration With Sandbox With Ability To Automatically Scan Endpoints And Apply Responses In Case If Suspicious Activity Has Been Detected By The Sandbox. 2. The Suggested Solution Must Support Integration With Apt Solution. 3. The Suggested Solution Must Support Integration With Managed Detection And Response Service. 4. The Suggested Solution Must Support Automated Detection Of Malicious Activity Using Endpoint Protection Solution And Sandbox." "vii. Technology Reputation 1. Quality Technologies That Are Constantly Proven By Independent Testing Laboratories Year By Year Including Specific Tests Certification On Advanced Threats And Performance. 2. Have Perfect Scores On Protection, Performance, And Usability Test For Business Users For At Least Two (2) Years Prior To Current Year." "viii. Maitenance And Support 1. Have A Reputable Local Vendor Representative In The Philippines That Has Been Active In Cybersecurity Trade For At Least 15 Years Now. 2. Supplier Of The Solution Have At Least Two (2) Certified Engineers For End-point Solution. 3. Able To Provide 3-tier Support (1st Local, 2nd Distributor And 3rd Principal) 4. Provides Regular Call Or Email Check-up For Concerns And Product Health Monitoring Even After Sales. 5. Available Support Through Phone, Email, Web-remote Assistance And On-site/on-call Support. 6. The Solution Must Be Able To Provide Comprehensive After-sales Agreement Options." Note: 1. Must Be Compatible In Our Existing Av Management 2. Implementation With Refresher Training 3. With Quarterly Maintenance 4. Delivery Period: 30 Cd Note: Compatible With Windows 10, Server 2008 R2, Server 2012 R2 Standard, Standard Operating System Xxx Nothing Follows Xxxx Purpose: For Security, Protection And Update Of Antivirus In Afab Servers And Computer Workstations. Eligibility Requirements (need To Submit Together With This Rfq Form): Updated Mayor's/business Permit Income Tax Return (for Abc Above P500,000.00) Notarized Omnibus Sworn Statement Upon Award (for Abc Above P50,000.00) Others (indicate Requirements Based On Annex H Of The Rirr Of Ra 9184) The External Provider Shall Ensure To Read And Understood The Content Of This Rfq Form, The Specifications And The Following Terms Of Conditions: "1. All Information Are True And Correct And That The No Changes Or Cancellation Shall Be Allowed Once Awarded. 2. Price Quotation/s Must Be Valid For A Period Of Thirty (30) Calendar Days From The Date Of Submission. 3. Quotations Exceeding The Approved Budget For The Contract Shall Be Rejected. 4. Award Of Contract Shall Be Made To The External Provider With The Lowest Quotation And Complies With The Requirement. 5. Any Interlineations, Erasures Or Overwriting Shall Be Valid Only If They Are Signed Or Initialled By You Or Any Of Your Duly Authorized Representative/s. 6. The Afab Shall Have The Right To Inspect And/or To Test The Goods To Confirm Their Conformity To The Technical Specifications. 7. Liquidated Damages Equivalent To One Tenth Of One Percent (0.001%) Of The Value Of The Goods Not Delivered Within The Delivery Period Indicated Shall Be Imposed Per Day Of Delay. The Afab Shall Rescind The Contract Once The Cumulative Amount Of Liquidated Damages Reaches Ten Percent (10%) Of The Amount Of The Contract, Without Prejudice To Other Courses Of Action And Remedies Provided By Law. 8. The Afab Reserves The Right To Reject Any And All Bids, Not To Award The Contract Or Cancel Procurement Pursuant To Sec. 41 Of R.a. 9184. " ___________________________________ External Provider 's Printed Name & Signature Date : Pmd -fm-002 Rev. 05 Date Effective 14 November 2023