Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
Contract 36142
CITY- SECRETARY Soluti CONTRACT NO. onary —king sen.r►ty manageable Amendment #3 to Exhibit A - Statement of Work (City Secretary Contract No.32401) for City of Fort Worth This Amendment#3 (Amendment)which is incorporated into CSC No. 32401, is made to Exhibit A- Statement of Work (SOW) executed September 8, 2005 between City of Fort Worth (City or Client) and Solutionary, Inc. (Solutionary). The Effective Date of this Amendment is September 4,.2007. The parties agree as follows: 1. A new item is added to Section 1, Scope of Work, and reads as follows: 1.2. ActiveGuard®Subscription Services Solutionary will utilize ActiveGuard® software to perform monitoring and analysis of designated City device(s) as described below: 1.2.1. Solutionary will monitor 1 CheckPoint Firewall - Clustered for Fault Tolerance running OS TBD, version TBD. 1.2.1.1. Solutionary will utilize an existing FW1 Classifier to parse the log information for this device type. Ckw*&Vt 1.2.2. Solutionary will monitor 1 Nortel Alteon Firewall running OS TBD, version TBD. 1.2.2.1. Solutionary will utilize an existing FW1 Classifier to parse the log information for this device type. 1.2.3. Solutionary will monitor 4 Active Directory Domain Controllers running OS TBD, version TBD. 1.2.3.1. Solutionary will utilize an existing TBD Classifier to parse the log information for this device type. 1.2.4. Solutionary will monitor 3 IIS Web Servers running OS TBD, version TBD. 1.2.4.1. Solutionary will utilize an existing TBD Classifier to parse the log information for this device type. 1.2.5. The aggregate daily log feed volume for all "in-scope" device(s) is estimated to be 5,000,000. 1.2.6. Solutionary will provide City of Fort Worth the following hardware, as stated on Exhibit B - Pricing Attachment: 1.2.6.1. 1 — ActiveGuard® Analyzer 5 Appliance, with two additional physical network interfaces. 2. The document titled "ActiveGuard® Monitoring Service Specifications" attached hereto as Exhibit C shall govern the ActiveGuard®Subscription Services. 3. Solutionary will provide the Services set forth in this Amendment#3 to Client for a term of 12 Months from the Effective Date of the Amendment (Term). This Agreement may be renewed at the City's option for three (3) additional one year periods. The City shall have the right for any reason to terminate Services pursuant to this Amendment upon written notice after ninety (90) days from the Effective Date. Termination shall be! effective thirty (30) days after written notice has been received. If this Amendment is terminated prior to the expiration of the Term, the City shall receive a pro-rated refund of all fees paid for Services pursuant to this Amendment. C 2000-2007,Solutionary,Inc.All rights reserved.ActiveGuard,eV3,Solutionary,and the Solutionary logo are registered marks of Solutionary,Inc. SecurCompass is a service mark of Solutionary,Inc.This document contains Confidential and Proprietary information for use only by Solutionary, Inc.and its intended recipients,and must not be disclosed to unauthorized individuals,without express written consent from Solutionary,Inc. 1 Solutionary, Inc. 4. For the ActiveGuard® Subscription Services set forth in this Amendment, Solutionary will bill and City of Fort Worth agrees to pay a single payment, which is due on a Net 30 basis from the Effective Date of this Amendment. 5. Exhibit B, Pricing Attachment, of the SOW is modified to include pricing for monitoring services as outlined in Exhibit B attached hereto. 6. Upon execution of this Amendment by the parties, any subsequent reference to the SOW between the parties shall mean the SOW as modified by this Amendment. 7. Except as expressly modified herein, the terms and conditions set forth in the SOW shall remain in full force and effect. In Witness Whereof, the parties hereto have caused this Amendment to be duly executed below. Proposed by: Agreed Upon and Accepted by: City of Fort Worth, Signature: _ Signatur . Printed Name: Christopher C. Rehberg Printed Name: Karen L. Montgomery Title: Executive Vice President, Operations Title: Assistant City Manager/CFO Date: 51,0 Date: 11 &6/07 APPROVED AS TO FORM A' LEGALITY: ASSIS NT CITY ATTORNEY 0-v'(2 : C-aayo I $testedl Bye , W l q - n o This document contains Confidential and Proprietary information for use only by Solutionary and its intended recipients,and must not be disclosed to unauthorized individuals,without express written consent from Solutionary. 2 Solutionary, Inc. Exhibit B Pricing Attachment This Pricing Attachment outlines the fees for the in-scope Services Solutionary will provide to City of Fort Worth: Offering Quantity Annual Rate • .•• Fees ActiveGuard®Subscription Services One-Time Setup and Implementation Fee $1,950.00 $1,950.00 Firewall Devices(1 Checkpoint FW clustered and 1 1 FW Mgmt $21,600.00 $21,600.00 Alteon) CheckPoint FW logs provide via one mgmt console console 1 stand alone Active Director Based-4 domain controllers 4 $7,800.00 $7,800.00 Active Director Based—3 IIS Servers 3 $5,850.00 $5,850.00 Total for ActiveGuard®Monitoring Services $35,250.00 $1,950.00 $37,200.00 ActiveGuard®Analyzer Appliance $4,000.00 Total for all Hardware Purchases $4,000.00 $4,000.00 Sub-Total ActiveGuard®Subscription Services $48,650.00 Total for All ActiveGuard®Services and Fees $35,250.00 $5,950.00 $41,200.00 If applicable, Solutionary will bill and City of Fort Worth agrees to pay the following fees for incremental, 'but of scope" services. Description of Security Specialist Fees — Solutionary Technicians are available for alert troubleshooting and vulnerability remediation assistance. City of Fort Worth can reserve these resources through a Solutionary Account Manager(AM) at the following hourly rates: • Security Specialists $150.00 • Security Engineers $200.00 • Security Architects $250.00 Technical Security Consultant (TSC) Fees — Solutionary TSCs are available for Security Consulting Services (SCS), which are not specifically stated in the "Scope of Work" section $175.00- of the SOW. City of Fort Worth can reserve these resources through a Solutionary AM at the $225.00 following hourly rates. Account Management Fees— If City of Fort Worth requests the assigned Solutionary AM to $150.00 perform Services not specifically stated in the SSD, the following hourly rate applies. Travel Expenses — Solutionary will bill, and City of Fort Worth agrees to pay, actual cost of travel and travel expenses. Incremental Devices for Monitoring Services —The following annual rate applies for each additional device, over the number identified in the "Scope of Work", added for monitoring services: • FW, NIDS, and NIPS $10,800.00 • Servers: IIS, web, email, domain controllers $1,950.00 • Other $2,400.00 This document contains Confidential and Proprietary information for use only by Solutionary and its intended recipients,and must not be disclosed to unauthorized individuals,without express written consent from Solutionary. 3 Solutionary, Inc. Incremental Devices for Management Services - The following annual rate applies for $3,000.00 each additional device (i.a., FW, NIDS, or NIPS), over the number identified in the"Scope of Work", added for management services. New Classifier Development - The following one-time fee applies for each new Classifier $5,000.00 that Solutionary must develop in order to perform monitoring services. Solutionary reserves the right to retain all Solutionary-developed Classifiers for future use. New Log Transport Agent (LTA) Development - The following one-time fee applies for $10,000.00 each new LTA that Solutionary must develop in order to perform monitoring services. Solutionary reserves the right to retain all Solutionary-developed LTAs for future use. Shipping and Handling -• City of Fort Worth is responsible for all taxes, custom duties, clearance fees, freight and shipping costs associated with the purchase, transport, and installation of ActiveGuard® appliances, and any other hardware purchased from Solutionary. All ActiveGuard®appliances are FOB Omaha, Nebraska, U.S.A. On-Demand Assessments - The following one-time fee applies for each additional On- $1,000.00 Demand Assessment over and above the amount allotted in the"Scope of Work". Verification Scanning - The following prorated annual fee applies per block of 50, or $2,500.00 portion thereof, for additional Verification Scanning of Domain Name Registrations, Root Name Servers, and SSL Certificates exceeding the quantity specified in the SSD. Additional Class C Address Blocks for Visibility Scanning - The following prorated $6,000.00 annual fee applies for each additional Class "C" IP Address block to include in visibility scanning. Internet-accessible IPs for Vulnerability Assessments - The following pro-rated annual $ fee applies for each additional internet-accessible IP encountered during the execution of Services, which exceeds the amount allotted in the "Scope of Work". Note: The fee is not pro-rated for one-time EVA Services. Note: Incremental fees only apply when City of Fort Worth exceeds the quantities agreed upon in the SOW. This docum nt contains Confidential and Proprietary information for use only by Solutionary and its intended recipients,and must not be disclosed to unauthorized individuals,without express written consent from Solutionary. 4 I Solutionary, Inc. July 2006 Exhibit C ActiveGuard® Monitoring Service Specifications 1. ActiveGuard®Overview 2.3 Phase 3—Device Configuration: Solutionary pre- Solutionary uses amulti-phased approach to implement configures ActiveGuard® appliance(s) for installation at and continuously "tune" the ActiveGuard® Monitoring Client site. This process is dependent upon Client service(Services): providing all of the required information as requested by ■ Phase 1 —Device Profiling Solutionary's AM. ■ Phase 2—Log Device 2.3.1 Solutionary will provide Log Transport Agent ■ Phase 3—Device Configuration (LTA) installation guides and/or support for all in-scope ■ Phase 4—Normalization applications and OSs, and monitor ongoing successful ■ Phase 5—Ongoing Tuning and Support transport of logs. 1.1 Solutionary will assign an Account Manager (AM) 2.3.2 Phase 4 — Normalization: Solutionary generates to work with Client throughout the performance of Services. statistical analysis in accordance with the project plan and works with Client to establish threshold alert criteria. 1.1.1 Solutionary's AM will work with Client's Point of Solutionary performs the following major functions during Contact (POC) to create a schedule with dates for all the Normalization process: deliverables, customize all appropriate components for Client's environment, and complete the ActiveGuard® Map software errors Profile for all in-scope devices and environmental Establish Client specific baseline by Classifier information, including but not limited to: Establish (with Client) minimum and maximum Network topology including subnet structure log quantity thresholds in appropriate time ■ P gY 9 intervals, specific to each log source ■ Host systems ■ The OS running on each device Note: ActiveGuard® generates alerts when log ■ The applications running on each OS counts received at Solutionary fall outside the ■ 30 days of sample logs from all applications and approved ranges. OS(s) Generate reports for appropriate devices ■ Audit levels Issue a"Go-Live"notice for appropriate devices ■ Log format and structure 1.2 Solutionary conducts and/or coordinates all Note: Alert activity during the Normalization period does Services from the Security Operations Center(SOC.) not reflect medium or low-priority alerts. 1.3 Solutionary's monthly reporting package includes 2.4 Phase 5 — Ongoing Tuning and Support: This information pertaining to the devices and log feeds phase lasts for the duration of the SOW and consists of identified in the SOW. monthly and quarterly intervals, focused on: 1.4 Solutionary retains all logs and alert information • Fielding and validating alerts, and either online for up to 30 days. escalating appropriately, or tuning baseline settings 2. Core Service Description Providing reports and analysis This section describes each phase of the ActiveGuard® 2.4.1 ActiveGuard® provides continuous monitoring Monitoring Service in detail. and is configured to report on items such as: 2.1 Phase 1 — Device Profiling: Solutionary profiles Monitoring and analysis of user and system Client's in-scope devices to: activity ■ Determine application and Operating Systems (OS) Recognition of activity patterns reflecting known versions attacks ■ Review peak and average log volumes, as well as Verifications of security policy adherence bandwidth requirements. Statistical analysis of abnormal activity patterns ■ Map log feeds to existing classifiers. 2.5 Detailed Investigative Analysis 2.2 Phase 2—Log Recognition: Solutionary will ensure 2.5.1 At Client's request, Solutionary will perform up to proper transport of logs from Client's in-scope devices in two Detailed Investigative Analyses (DIAs) per month, in order to: which a SOC Security Engineer will analyze and provide ■ Process sample logs to ensure compatibility with additional information about a specific ActiveGuard®alert. classifier. ■ Evaluate audit-level settings of OS and applications defined in scope. ©2000-2007,Solutionary, Inc.All rights reserved.Solutionary,the Solutionary logo,ActiveGuard,eV3,Iv3,and SecurCompass are registered trademarks of Solutionary, Inc.This document contains Confidential and Proprietary information for use only by Solutionary and its intended recipients,and must not be disclosed to unauthorized individuals,without prior,express written consent from Solutionary. Solutionary, Inc. July 2006 2.5.1.1 DIAs are over and above the initial investigation Providing an IP address for each Solutionary performed by a SOC Security Specialist; including but not ActiveGuard® appliance to be installed at Client limited to,the following: site. ■ Alert activity and/or alerting patterns Installing ActiveGuard® appliances on Client's ■ Attack or activity re-creation network. ■ Forensic investigation submitted in a case study Installing LTAs. Solutionary will provide Client with documentation and/or support to assist with Notes: Unused DIAs expire monthly. Incremental fees for the installation of all LTAs. additional DIAs are subject to the Security Engineer's Working with third-party vendor to assist in hourly rate, as outlined on the"Pricing Attachment". gathering the necessary information to map 2.6 ActiveGuard®Appliances software errors. 2.7 The following describes the capabilities of each 4.3.1 OS and LTA configurations must comply with Solutionary ActiveGuard®appliance: Solutionary's standard setup requirements. Solutionary provides configuration guides for supported "in-scope" 2.7.1 ActiveGuard® Transport 1 can transport the devices. In the event Client's configuration cannot or does lesser of 1,000,000 events/logs per day or 200 MB. not comply with Solutionary's standard setup and 2.7.2 ActiveGuard®Analyzer 5 can process and analyze configuration, Solutionary Security Architect and/or the lesser of 5,000,000 events/logs per day or one GB. Engineer hourly rates will apply in order to develop a 2.7.2.1 The maximum daily log volumes identified above custom solution. are dependent on the event type, classifier, Client's 4.3.2 If any of Client's "in-scope" devices (e.g., network infrastructure, and peak volume. Symantec's VelociRaptor® proxy firewall or similar technology) utilize log rotation methods, Client must Note: Solutionary explicitly restricts login access to all coordinate with Solutionary prior to rotation of logs. ActiveGuard® appliances located on-site at Client locations to a monitored list of Solutionary personnel. Note: Loss of log lines and interruption of monitoring capabilities may occur as a result of un-coordinated log 3. Service Level Agreement rotation. 3.1 Solutionary's Security Operations Center (SOC) 4.4 Client will work directly with third-party vendors is available 24 hours a day, 365 days a year, and is hosting any in-scope devices to allow Solutionary to staffed to support alert escalation. perform Services. 3.2 Solutionary's Mean Time to Respond (MTR) 4.5 Client is responsible for procuring all Service Level Agreement (SLA), upon determination of a maintenance, support, and licensing agreements with third High Priority Alert, is 15 minutes. party vendors for all non-Solutionary provided in-scope 3.2.1 Solutionary measures response metrics for High devices for the term of the SOW, unless otherwise stated Priority Alerts over the course of a month, by dividing total in the"Scope of Work". response minutes by total alert quantity, which derives 4.5.1 Solutionary will not support altered, damaged, or MTR. modified software, or software that is not the most current, 4. Service Requirements or Solutionary-supported version. 4.1 Client will assign a main POC to work with 4.6 Client will work with third party vendors to rectify Solutionary's AM to schedule activities and communicate device failure for all non-Solutionary provided devices, and with the SOC as needed for installation and ongoing is responsible for all associated expenses. tuning and support. 4.7 Client is responsible for all relevant administrative 4.1.1 In order to prevent delays during the policies and procedures related to monitoring user traffic implementation of Services, Client's POC will be available and communications. during all scheduled activities. 4.8 Client is responsible for ensuring the physical 4.1.2 Client is responsible for providing Solutionary security of all ActiveGuard®appliances located on-site at with all contact information updates pertaining to alert Client locations. escalation instructions. 4.9 Solutionary is not responsible for resolving 4.2 Client will ensure access and connectivity to all Client's Internet Service Provider (ISP) outages, or issues "in-scope" devices, including the ability to receive OS and with Client's internal network infrastructure. device feeds. 4.10 Client is fully aware of Solutionary's 4.3 Client will provide knowledgeable technical staff, recommendation to perform full back-ups prior to the and/or third party resources, to assist Solutionary with performance of Services. hardware and software implementations, including: 4.11 Client will work with Solutionary to bring closure ■ Configuring end-to-end connectivity to ensure the to each ticket. successful transport of all in-scope log feeds. 4.12 Client's failure to provide any of the Service ■ Providing rack space and power for each in- Requirement information on a timely basis can result in scope ActiveGuard®appliance. delays in implementation and incremental fees. This document contains Confidential and Proprietary information for use only by Solutionary and its intended recipients,and must not be disclosed to unauthorized individuals,without express written consent from Solutionary. Solutionary, Inc. July 2006 5. Changes in Service 5.3 If any of the OS or applications resident on any of 5.1 Solutionary reservers the right to change the the originally contracted devices are materially altered, terms and conditions of this Service Specifications Solutionary may re-instigate the implementation process, Document (SSD) without notice to Client; provided any and additional fees will apply (see Pricing Attachment) if such change will not result in a material reduction in the classifiers or log transport agents require modification or Services provided by Solutionary. development. 5.2 Applications, OS(s)„ and devices, which are 6. Controlling Terms materially modified or altered, may constitute a coding 6.1 All terms and conditions of this SSD are in change to the classifier in use. Classifier changes of this accordance with the MSA and the SOW. In the event of nature are a billable service (see the "Pricing any conflict between the terms of this SSD and the terms Attachment"). Additionally, these changes may result in of the MSA or the SOW, then terms of the MSA or the the re-instigation of the implementation process. SOW shall control.v.i This document contains Confidential and Proprietary information for use only by Solutionary and its intended recipients,and must not be disclosed to unauthorized individuals,without express written consent from Solutionary. City of Fort Worth, Texas Mayor and Council Communication COUNCIL ACTION: Approved on 9/25/2007 DATE: Tuesday, September 25, 2007 LOG NAME: 0405-0103A REFERENCE NO.: **C-22401 SUBJECT: Authorize Execution of an Amendment to an Agreement with Solutionary, Inc., for ActiveGuard Subscription Services for the Information Technology Solutions Department ._ _ , ..._...�. RECOMMENDATION: It is recommended that the City Council: 1. Authorize execution of an amendment to an agreement with Solutionary, Inc., for ActiveGuard Subscription Services for the Information Technology Solutions Department (IT Solutions); and 2. Authorize this agreement to begin September 25, 2007, and expire September 24, 2008, with options to renew for three additional one-year periods. DISCUSSION: On August 9, 2005, (M&C P-10203) the City Council authorized the purchase of a network monitoring external assessment subscription for the City's computer infrastructure with Solutionary, Inc., Solutionary). The ActiveGuard Subscription services protect the City of Fort Worth's Internet presence by performing electronic vulnerability scans, analysis, recommendations and reporting. The Solutionary product was chosen based on a Request for Proposals evaluation completed in 2005. It is recommended that the City add an additional module for expansion of services including device profiling, log recognition, device configuration normalization, and ongoing tuning and support. The information provided by the additional module will facilitate IT Solutions staff addressing Internet security problems in an expedient manner. RENEWAL OPTIONS - This agreement to begin September 25, 2007, and expire September 24, 2008, with options to renew for up to three additional one-year terms at the City's option. This action does not require specific City Council approval provided that the City Council has appropriated sufficient funds to satisfy the City's obligations during the renewal term. FISCAL INFORMATION/CERTIFICATION: The Finance Director certifies that funds are available in the current operating budget, as appropriated, of the Information Systems Fund. Logname: 0405-0103A Page 1 of 2 ANO TO Fund/Account/Centers FROM Fund/Account/Centers P168 539120 0041100 $41,200.00 Submitted for City Manager's Office Or. Karen Montgomery (6222) Originating Department Head: Pete Anderson (8781) Additional Information Contact: Pete Anderson (8781) 0 Logname: 0405-0103A Page 2 of 2