Software package and information systems

Contract Value:: EUR 500K - 500K
Notice Type:: Contract Notice

Published Date:: 14 July 2023
Closing Date:: 11 August 2023

Location(s):: DEA55 Herne, Kreisfreie Stadt (DE Germany/DEUTSCHLAND)

Description:

Mikrosegmentierungs-Firewall

In the present negotiation procedure with competitive bidding, a micro-segmentation solution is being sought.

description

As a result, the solution must meet the following requirements:

Software-based

The solution must be software-based. The bidder's hardware must not be required to regulate data traffic. A software-based solution offers a high degree of flexibility to be able to implement requirements quickly, regardless of physical cable paths to hardware or VLAN restrictions. A software client is to be used on the end devices. It must not be necessary to change the IP address of the end devices. It must be possible to restrict the following traffic:

- IP host with software client to and from IP host without software client

- IP host with software client from and to IP host with software client

Operating system support

The support of the solution's operating systems must be extensive and up-to-date so that the servers and clients operated by rku.it can be covered. We currently use the following operating systems. The solution offered must support them

List of server operating systems:

Windows Server 2022 Standard

Windows Server 2022 Datacenter

Windows Server 2019 Standard

Windows Server 2019 Datacenter

Windows Server 2016 Standard

Windows Server 2016 Datacenter

Windows Server 2012 R2

Windows Server 2012

Redhat 7,8,9 x86_x64

Redhat 8,9 ppc64le

SLES12, SLES15 x86_64

SLES12, SLES15 ppc64le

AIX 7.1 / 7.2 / 7.3

List of client operating systems:

Windows 10

Windows 11

Windows 11 Enterprise Multi Session

Berechtigungsmanagement

Authorization management of the administration interface for any rku.it teams is mandatory. Different teams must be allowed to view/create/edit firewall rules and firewall objects (IP hosts or IP networks or groups of various objects), but must not be able to perform system administration.

The solution must have suitable functions in order to be able to restrict the authorizations of the administration of the firewall rules and the firewall objects. There are the following scenarios for which multiple user accounts must be assigned:

(1) Full administration (all rights of the software solution including system administration)

(2) Read, edit, and create firewall rules and firewall objects. Activation of the firewall rules is not allowed here.

(3) Read, edit, and create firewall rules and firewall objects specifically assigned to a department or site or application. Accounts in this role (3) are therefore only allowed to administer firewall rules and fire-wall objects in role (3). Activation of the firewall rules is allowed here.

(4) Read, edit, and create firewall rules and firewall objects specifically assigned to a department or site or application. Accounts in this role (4) are therefore only allowed to administer firewall rules and firewall objects in role (4). Activation of the firewall rules is not allowed here.

(5) No editing and no creation of firewall rules and firewall objects. Read-only access assigned to a department or location or application.

Comments

When creating and editing firewall rules, a comment function is required in the firewall rule set in order to be able to enter manual information (e.g. ticket number) that was the cause of creating or modifying the firewall rule. The comment fields must be searchable afterwards. The comment fields must be at least 250 characters long per field.

For further details, please refer to the service description