The subject of the public procurement (hereinafter referred to as the 'public procurement') is the delivery of software, hardware, and related services in order to enhance the cyber security of the assets of the Prague 11 City Hall, specifically its information systems, including the information managed within them. This delivery will consist of providing the following:

1) NDR, Sandbox, Honeypots
- NDR is a security technology focused on monitoring, analyzing, and responding to suspicious activities in network traffic. Using advanced techniques such as machine learning, behavioral analysis, and network flow analysis, NDR identifies anomalies that may indicate the presence of malicious activity, such as attempts of lateral movement, data exfiltration, or communication with C2 servers.
- A Sandbox is a virtualized or emulated environment where suspicious files, programs, or links can be safely executed without the risk of affecting the production system. It allows for detailed observation of the behavior of the executed object – whether it attempts to modify system files, connect to a remote server, or install malware, etc.
- A Honeypot is a deliberately unprotected or partially vulnerable system that mimics actual targets within the network. It is used to lure attackers, monitor their techniques, and gather information on new attack methods. Honeypots can be deployed for research purposes, early attack detection, or as part of active defense.

2) Endpoint system EDR
- EDR (Endpoint Detection and Response) enhances the ability to identify, monitor, and respond to suspicious activities on endpoint devices such as workstations, servers, and mobile devices. This type of security solution enables real-time monitoring of application, process, and user behaviors, alerting to potential anomalies or dangerous actions. This allows the security team to quickly identify new, unknown threats and take necessary actions to stop them.

3) Servers
- 4 pieces of servers. Server hardware to ensure the operation of virtualized servers/applications. The overall hardware solution must provide adequate resilience against hardware failure for individual nodes and sufficient performance for the operation of the required systems.

4) Disk array/storage
- Storage refers to specialized storage systems for efficient and high-performance data management and storage. Among other things, they serve as storage for individual virtual servers. Connection via Fibre Channel ports. Architecture: modular, at least dual-controller all-flash disk array active-active design, the solution must form a coherent whole with proven interoperability, uniform supported SLA, and one responsible integrator, the contracting authority also accepts multi-vendor solutions if all requirements are met and demonstrable evidence of compatibility and unified support is provided. A minimum of 64 GB of memory. The capacity of the installed disk pool must be at least 24 TB of net binary capacity (in case of protection against a single disk failure), excluding deduplication, compression, and other reduction mechanisms.

Part of the subject of the public procurement also includes services related to the aforementioned delivery, its implementation including the provision of support, which consists of the following services:

a) transport, installation, initial initialization of HW and SW at the contracting authority's premises;
b) delivery of all related documentation for HW and SW;
c) training of the client's ICT administrators as per the contract;
d) provision of basic support for all parts of HW and SW tools and provision of other related operational services, all for a period of 60 months from the date of delivery installation;
e) provision of extended support for all parts of HW and SW tools and provision of other related operational services, all for a period of 60 months from the date of delivery installation.

Part of the subject of the public procurement also includes documentation of the actual execution of the procurement, which must contain at least:

- a description of the implemented solution (including screenshots confirming the deployment of SW tools and photographic documentation of the installed HW tools);
- a timeline of the actual implementation;
- conducted training, including attendance sheets;
- product documentation (including a list and documentation in separate attachments);
- the way to meet the requirements for ensuring cyber security in the implementation phase, see Appendix 3 of the contract;
- all mutually signed acceptance protocols.

Expected IT infrastructure:

Number of users: 270
Expected number of email accounts: 400
Expected number of endpoint devices (PC/Laptop): 350
Expected number of mobile phones: 100
Expected number of virtual servers (WIN): 50
Expected number of virtual servers (LNX): 2
Number of internal administrators within the City Hall (PIM/PAM): 10
Number of external administrators (PIM/PAM): 60

Detailed specification of the subject of the public procurement, including technical conditions in details necessary for processing the bids, is provided in the annexes of this procurement documentation.

LOT-0001
Increase of Cyber Security for Information Systems of the Prague 11 City Hall - Phase 1 - II.
The subject of the public procurement (hereinafter referred to as the 'public procurement') is the delivery of software, hardware, and related services in order to enhance the cyber security of the assets of the Prague 11 City Hall, specifically its information systems, including the information managed within them. This delivery will consist of providing the following:

1) NDR, Sandbox, Honeypots
- NDR is a security technology focused on monitoring, analyzing, and responding to suspicious activities in network traffic. Using advanced techniques such as machine learning, behavioral analysis, and network flow analysis, NDR identifies anomalies that may indicate the presence of malicious activity, such as attempts of lateral movement, data exfiltration, or communication with C2 servers.
- A Sandbox is a virtualized or emulated environment where suspicious files, programs, or links can be safely executed without the risk of affecting the production system. It allows for detailed observation of the behavior of the executed object – whether it attempts to modify system files, connect to a remote server, or install malware, etc.
- A Honeypot is a deliberately unprotected or partially vulnerable system that mimics actual targets within the network. It is used to lure attackers, monitor their techniques, and gather information on new attack methods. Honeypots can be deployed for research purposes, early attack detection, or as part of active defense.

2) Endpoint system EDR
- EDR (Endpoint Detection and Response) enhances the ability to identify, monitor, and respond to suspicious activities on endpoint devices such as workstations, servers, and mobile devices. This type of security solution enables real-time monitoring of application, process, and user behaviors, alerting to potential anomalies or dangerous actions. This allows the security team to quickly identify new, unknown threats and take necessary actions to stop them.

3) Servers
- 4 pieces of servers. Server hardware to ensure the operation of virtualized servers/applications. The overall hardware solution must provide adequate resilience against hardware failure for individual nodes and sufficient performance for the operation of the required systems.

4) Disk array/storage
- Storage refers to specialized storage systems for efficient and high-performance data management and storage. Among other things, they serve as storage for individual virtual servers. Connection via Fibre Channel ports. Architecture: modular, at least dual-controller all-flash disk array active-active design, the solution must form a coherent whole with proven interoperability, uniform supported SLA, and one responsible integrator, the contracting authority also accepts multi-vendor solutions if all requirements are met and demonstrable evidence of compatibility and unified support is provided. A minimum of 64 GB of memory. The capacity of the installed disk pool must be at least 24 TB of net binary capacity (in case of protection against a single disk failure), excluding deduplication, compression, and other reduction mechanisms.

Part of the subject of the public procurement also includes services related to the aforementioned delivery, its implementation including the provision of support, which consists of the following services:

a) transport, installation, initial initialization of HW and SW at the contracting authority's premises;
b) delivery of all related documentation for HW and SW;
c) training of the client's ICT administrators as per the contract;
d) provision of basic support for all parts of HW and SW tools and provision of other related operational services, all for a period of 60 months from the date of delivery installation;
e) provision of extended support for all parts of HW and SW tools and provision of other related operational services, all for a period of 60 months from the date of delivery installation.

Part of the subject of the public procurement also includes documentation of the actual execution of the procurement, which must contain at least:

- a description of the implemented solution (including screenshots confirming the deployment of SW tools and photographic documentation of the installed HW tools);
- a timeline of the actual implementation;
- conducted training, including attendance sheets;
- product documentation (including a list and documentation in separate attachments);
- the way to meet the requirements for ensuring cyber security in the implementation phase, see Appendix 3 of the contract;
- all mutually signed acceptance protocols.

Expected IT infrastructure:

Number of users: 270
Expected number of email accounts: 400
Expected number of endpoint devices (PC/Laptop): 350
Expected number of mobile phones: 100
Expected number of virtual servers (WIN): 50
Expected number of virtual servers (LNX): 2
Number of internal administrators within the City Hall (PIM/PAM): 10
Number of external administrators (PIM/PAM): 60

Detailed specification of the subject of the public procurement, including technical conditions in details necessary for processing the bids, is provided in the annexes of this procurement documentation.