The URL can be used to link to this page

Home My WebLink About050054-A16 - General - Contract - Motorola Solutions, Inc.CSC No. 50054-A16 SIXTEENTH AMENDMENT TO FORT WORTH CITY SECRETARY CONTRACT NO. 50054 This Sixteenth Amendment to Fort Worth City Secretary Contract No. 50054 ("Sixteenth Amendment") is made between the City of Fort Worth ("City,") a Texas home rule municipality, and Motorola Solutions, Inc. ("Vendor,") a Delaware corporation. City and Vendor are each individually referred to herein as a"party" and collectively referred to as the "parties." WHEREAS, City and Vendor entered into an Agreement identified as City Secretary Contract No. 50054 beginning December 18, 2017 (the "Agreement") through a Houston- Galveston Area Council (H-GAC) Cooperative Contract and its successors; WHEREAS, it is the collective desire of the parties to amend the Agreement to include Exhibit A-14 Motorola Solutions Proposal No. 25-193540-2 for the purchase of the ASTRO 25 Managed Detection and Response (MDR) solution; and WHEREAS, it is the collective desire of the parties to amend the Agreement to include Exhibit A-15 City of Fort Worth Notice to Proceed for implementation of the Motorola ASTRO 25 MDR solution. NOW THEREFORE, known by all these present, the Parties, acting herein by and through their duly authorized representatives, agree to the following terms, which amend the Agreement as follows: I. AMENDMENTS 1. The Agreement is hereby amended to include Exhibit A-14 Motorola Solutions Proposal No. 25-193540-2 for the purchase of the ASTRO 25 Managed Detection and Response (MDR) solution, attached hereto this Sixteenth Amendment, with annual pricing in accordance with the attached proposal's pricing summary. 2. The Agreement is hereby amended to include Exhibit A-15 City of Fort Worth Notice to Proceed for implementation of the Motarola ASTRO 25 MDR solution. 3. The total amount of the Agreement will remain unchanged, at an amount not to exceed $5,538,544.48 for Year 9 of the Agreement. IL MISCELLANEOUS All other terms, provisions, conditions, covenants and recitals of the Agreement not expressly amended herein shall remain in full force and effect. [Signature Page Follows] OFFICIAL RECORD CITY SECRETARY FT. WORTH, TX Sixteenth Amendment to Fort Worth City Secretary Contract No. 50054 Page 1 of 4 [Executed effective as of the date signed by the Assistant City Manager below.] /[ACCEPTED AND AGREED:] City: �Aru�t�� B�7. Dlanna Giordano (Feb 5, 2026 13:03�22 CST) Name: Dianna Giordano Title: Assistant City Manager Motorola Solutions, Inc. By; � �c� K� c,f� Name: Brad Rice Title: Area Sales Manager Date: 02/05/2026 Date: January 29, 2026 CITY OF FORT WORTH 1NTERNAL ROUTING PROCESS: Approval Recommended: /-� �_ By: Name: Kevin Gunn Title: Director, IT Solutions Approved as to Form and Legality: Contract Compliance Manager: By signing I acknowledge that I am the person responsible for the monitoring and administration of this contract, including ensuring all performance and reporting requirements. L�--._�� • B�7; Lawrence Crockett (Feb 2,202610:27:01 CST) Name: Lawrence Crockett Title: Sr. IT Solutions Manager Candq�e Pc�c�liara B�. .2 �cecz V'aKl�iare �:I E63,JOJ610:�40�L� � Name: Candace Pagliara Title: Sr. Assistant City Attorney Contract Authorization: M&C: 24-0533 Approval Date: 06/25/2024 Form 1295: 2024-1139355 City Secretary: �� .��: By: � Name: Jannette Goodall Title: Ciry Secretary �QIl as° F�pr�aao oa o�° o?�o ov> 0=00 °oa» o e o,o .de oaa4 4E4ps4aq OFFICIAL RECORD CITY SECRETARY FT. WORTH, TX Sixteenth Amendment to Fort Worth City Secretary Contract No. 50054 Page 2 of 4 EXHIBIT A-14 Motorola Solutions Proposal No. 25-193540-2 (Attached) Sixteenth Amendment to Fort Worth City Secretary Contract No. 50054 Page 3 of 4 �4 "' ��`�1� � � ~ ��-. A � • • - • - �. �� i, -.. . ' � . � r. J � � � `°� , � �� '� '��+ � � �'�.� .� � . 1 �� , _, � ,,,. ��'�' -�� -,�� " ' � �` ``` — \ � , "",�` �� "� ► �: o. ; - n � �,�`+'' - ry�� j `t w � r � :.: " '�,�-' � : -� �'� ! „�, �, _� ��_ ' � ��- � �" .:_� ' �` _ �,-T �� '� `-: '.ri � .� ��- i � r--T �:. % _;;; � � � � � �,;. �/.. j �� ;�y� '� - - . �c,_•� �_' 4 '� � �,a� � .�, . �,. .. .'. . �`�? .� ' _.��\ ` ;..��\��`��'� �\ ~' y a � �� r � ti . � � `i ��'`1'r``�� '��,� !I*' � /' �' � ../ # � �� {� � � f� ♦ �..:��!i :.�� - �� Firm Fixed Price Proposal City of Fort Worth AS'1'1�0 25 Mana ed g Detection and Res onse p 25-193540-2 / Cybersecurity Services November 14, 2025 The design, technical, and price information furnished with this proposal is proprietary information of Motorola Solutions, Inc. (Motorola). Such information is submitted with the restriction that it is to be used only for the evaluation of the proposal, and is not to be disclosed publicly or in any manner to anyone other than those required to evaluate the proposal, without the express written permission of Motorola Solutions, Inc. MOTOROLA, MOTO, MOTOROLA SOLUTIONS, and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. O 2025 Motorola Solutions, Inc. All rights reserved. PS-000193540-2 City of Fort Worth October 27, 2025 ASTRO 25 Managed Detection and Response 25-193540-2 / Cybersecurity Services Table of Contents Section 1 ExecutiveSummary ............................................................................................................................... l-1 Section 2 SolutionDescription .............................................................................................................................. 2-1 2.1 Solution Overview .............................................................................................................................. 2-1 2.2 Service Description ............................................................................................................................. 2-2 Section 3 Statementof Work ................................................................................................................................. 3-1 3.1 3.2 3.3 3.4 3.5 3.6 Section 4 Overview............................................................................................................................................. 3-1 Descriptionof Service ........................................................................................................................ 3-1 DeploymentTimeline and Milestones .............................................................................................. 3-2 GeneralResponsibilities .................................................................................................................... 3-3 Security Operations Center Monitoring and Support .................................................................... 3-7 Limitationsand Exclusions ............................................................................................................. 3-12 ProposalPricing ..................................................................................................................................... 4-1 4.1 Pricing Summary ............................................................................................................................... 4-1 4.2 Payment Schedule & Terms .............................................................................................................. 4-2 4.3 Invoicing and Shipping Addresses .......................................................... Error! Bookmark not defined. Section 5 ContractualDocumentation .................................................................................................................. 5-1 Table of Contents Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 1-ii qMOTOROLA SOLUTIONS Motorola Solutions, Inc. 500 W Monroe Street, Ste 4400 Chicago, IL 60661-3781 USA November 14, 2025 Mr. Larry Crocket Senior Manager, Radio Services City of Fort Worth 1515 11 th Avenue Fort Worth, TX 76102 RE: ASTRO° 25 Managed Detection and Response (MDR) Dear Mr. Crocket: Motorola Solutions, Inc. (Motorola) appreciates the opportunity to provide City of Fort Worth quality cybersecurity services. Motorola's project team has taken great care to propose a solution to address your needs and provide exceptional value to Ciry of Fort Worth through the following: • Providing a market leading MDR solution for the City of Fart Worth's network with Motarola's SOAR platform, known as ActiveEye • Providing geographically redundant Security Operations Centers (SOC) operating 24 hours a day, 7 days per week, 365 days per year We are coniident that Motorola can provide a best-in-class premier offering of MDR to City of Fort Worth. Motorola Solutions' proposal is conditioned upon City of Fort Worth acceptance of the terms and conditions included with this proposal, or a mutually negotiated version thereof. This proposal shall remain valid until thirty (30) days from the date of this proposal. Any questions City of Fort Worth has regarding this proposal can be directed to Jessica Neill, Cybersecurity Account Manager at 817-773-7874 or by email at iessica.neill cr,motorolasolutions.com. Our goal is to provide you with the best products and services available in the industry to address your ongoing Cybersecurity needs. We thank you for the opportunity to provide Managed Detection and Response for City of Fort Worth, and we hope to strengthen our relationship by implementing this project. Sincerely, � �� Tom Vedder Area Sales Manager — Central & West Cybersecurity Services North America MOTOROLA SOLUTIONS, INC. City of Fort Worth ASTR025 Managed Detection and Response SeCtlOri 1 Executive Summar Y October 27, 2025 25-193540-2 / Cybersecurity Services Motorola is pleased to build upon our years of ongoing support to City of Fort Worth with a response that efiiciently meets the needs for your ASTRO� 25 Managed Detection and Response (MDR) solution. We are a national and global leader in the cybersecurity community. We have evolved into a holistic mission critical technology provider, placing Information Technology (IT), as well as cybersecurity, at the forefront of importance to protect our customers against threats to the confidentiality, integrity, and availability of their operation. ASTRO 25 Managed Detection and Response Motorola's ASTRO 25 MDR provides radio network security element monitoring by experienced, specialized security technologists with extensive experience working with ASTRO 25 mission-critical networks. For highly complex or unusual security events, Motorola's technologists have direct access to Motorola engineers for rapid resolution. Our solution provides 24/7 Security Operations Center Support. This is a component of our broader proprietary SOC 2 Type 2 certifed Managed Security Platform targeted to Public Safety, Critical Infrastructure, and State/Local municipalities. The ActiveEye Platform With the ActiveEye platform, Motorola is able to deliver to our customers a co-managed approach to 24/7 security monitoring operations across IT enterprise environments. The benefits of the ActiveEye platform are demonstrated below: • Included Public Safety Threat Data Feed Threat reports covering potential attack vectors based on dark web research. Summaries of actual attacks against public safety and state/local municipalities. • Advanced Threat Detection & Response — Consolidate SIEM data and direct threat inputs from endpoint security, network sensors, and cloud/SaaS applications. Pre-built custom playbooks to process alerts and reduce/eliminate manual analyst effort. • Single Dashboard for Threat Visibility —Complete visibility into the security of the network. Monitor alerts, perform investigations, track cases, and create reports all from one interface. Chief Information Security Offcer (CISO) Benefts A main dashboard displays and aggregates all of the important and relevant risk information from across the organization, helping decision makers to make better-informed decisions to balance cybersecurity efforts and operational efficiencies. The dashboard provides key performance metrics and indicators that can inform an admin at a glance to the activity that is occurring throughout their environment. Create ad-hoc reports and notifications based on available data and ActiveEye parameters. Transparency into the service that Motorola is providing. The dashboard will provide the key indicators to the number of events that are handled on a daily, weekly, monthly basis and how those events are handled by the Motorola Security Operations Center (SOC). Executive Summary Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 1-1 City of Fort Worth ASTR025 Managed Detection and Response Public Safety Threat Alliance October 27, 2025 25-193540-2 / Cybersecurity Services Cyber threats to public safety agencies are increasing in scope, scale, and complexity; however, most agencies lack the cybersecurity capabilities required to mitigate risk and ensure continuity of public safety operations. To address this critical need, Motorola has established a cyber threat information sharing and analysis arganization (ISAO) for public safety called The Public Safety Threat Alliance (PSTA). The PSTA is recognized by the U.S. Cybersecurity and Infrastructure Security Association (CISA), and highlights Motorola's commitment to public safety agencies and the communities they serve. The PSTA will leverage cybersecurity risk information from across Motorola's Cybersecurity Services. This, paired with information from members and trusted partners including CISA, other ISAOs, and nonprofits dedicated to sharing cyber threat intelligence, will help generate actionable intelligence to improve members' cybersecurity posture, defense, and resilience against evolving threats to their public safety missions. In addition to the intelligence alerts and reports provided, other benefits included access to an automated threat feed, with context and tags, that can be � fed into your SIEM or MDR solution and Dark Web monitoring that � checks for activity, including the sale of credentials or mention of your organization's name. There is no cost for membership to the PSTA. Public Safety Threat Alliance Public Safeiy ISAO Learn more about membership to the PSTA at https://motorolasolutions.com/bublic-safetv-threat-alliance. ABOUT MOTOROLA WE ARE INNOVATIVE WE ARE PA$SIpNATE WE ARE �RIVEN WE ARE ACCOUNTABLE WE ARE PARTNERS Company Background and History Motorola creates innovative, mission-critical communication solutions and services that help public safety and commercial customers build safer cities and thriving communities. You can find our products at work in a variety of industries including law enforcement, fire, emergency medical services, national government security, utilities, mining, energy, manufacturing, hospitality, retail, transportation and logistics, education, and public services. Our communication solutions span infrastructure, devices, services, and software to help our public safety and commercial customers be more effective and efficient. Company Overview Since 1928, Motorola Solutions, Inc. (formerly Motorola, Inc.) has been committed to innovation in communications and electronics. Our company has achieved many milestones in its history. We pioneered mobile communications in the 1930s with car radios and public safety networks. We made the equipment that carried the first words from the moon in 1969. We commercialized the first handheld portable scanner in 1980. Today, as a global industry leader, excellence in innovation continues to shape the future of the Motorola brand. We help people be theiN best in the rnoments that rnatte�. Motorola connects people through technology. Public safety and commercial customers around the world turn to Motorola innovations when they want highly connected teams that have the information they need throughout their workdays and in the moments that matter most to them. Our customers rely on us for the expertise, services, and solutions we provide, trusting our years of invention and innovation experience. By partnering with customers and observing how our products can help in their specific industries, we are able to enhance our customers' experience every day. Executive Summary Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 1-2 City of Fort Worth ASTR025 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services Motarola's Corporate Headquarters is located at 500 West Monroe Street, Chicago, IL 60661. Telephone is +1 847.576.5000, and the website is www.motorolasolutions.com. Executive Summary Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 1-3 City of Fort Worth ASTR025 Managed Detection and Response Section 2 Solution Descri tion p 2.1 Solution Overview October 27, 2025 25-193540-2 / Cybersecurity Services Motorola Solutions, Inc. (Motorola) is pleased to present the proposed cybersecurity Managed Detection and Response (MDR) services for City of Fort Worth (hereinafter referred to as "Customer"). Identifying and mitigating cyber threats requires a reliable solution that supplies the right data to cybersecurity experts. Motorola will provide access to our ActiveEye Security Platform, along with 24x7 support from specialized security technologists, who will monitor your mission critical network against threat and intrusion. The following ASTRO° 25 MDR features and services are included in our proposal: • ActiveEye Managed Detection and Response Elements - ActiveEye Security Management Platform • Service Modules - Log Collection / Analytics - Network Detection - External Vulnerability Scanning - Endpoint Detection and Response • Security Operations Center Monitoring and Support 2.1.1 Site Information The following site information is included in the scope of our proposal: Table 2-1: Site Information Core Site DSR Network Management Clients Dispatch Consoles AIS _ Solution Description i Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted 1 1 8 46 1 i � MOTOAOLA SOLUTIONS Page 2-1 City of Fort Worth October 27, 2025 ASTR025 Managed Detection and Response 25-193540-2 / Cybersecurity Services Services Included The ActiveEye service modules included in our proposal are shown in the tables below. The Network Environment column will designate the location of each module: ASTRO 25 Radio Network Infrastructure (RNI), Customer Enterprise Netwark (CEN), or the Control Room CEN. Table 2-2: Service Modules Log Collection / Analytics Netwark Detection External Vulnerability Scanning Endpoint Detection and Response (EDR) Online Storage Period: 30 Day Storage Extended Log Storage Length: 12 Months Up to 1 Gbps per sensor port Features in Section 3.2.3.2 Online Storage Period: 30 Day Storage RNI/DSR RNUDSR RNI/DSR RNI Note: CENs are out of scope and are the responsibility of the customer. EDR for Core and Fort Worth dispatch sites only: Site 1, Radio Shop; Site 2, Bolt Street; Site 3, ALT PSAP. 2.2 Service Description Managed Detection and Response is performed by Motorola Solutions' Securiry Operations Center (SOC) using the ActiveEyeTM security platform. The SOC's cybersecurity analysts monitor for alerts 24x7x365. If a threat is detected, analysts will investigate and initiate an appropriate Customer engagement. Customer engagements may include, but are not limited to; deploying cybersecurity countermeasures for incident containment, requesting additional information from the Customer, continuing to monitor the event for further development, or informing the Customer to enact the Customer's documented Incident Response plan. SOC analysts rely on monitoring elements to detect signs of a potential threat impacting the Customer's ASTRO 25 network and applicable Customer Enterprise Network (CEN) systems. These elements are described below. The MDR service includes the deployment and optimization of these elements into the Customer's network. 2.2.1 Managed Detection and Response Elements This section and its subsections describe Managed Detection and Response elements, and their applicability for specific infrastructure. 2.2.1.1 ActiveEye Security Platform Motorola's ActiveEye security platform collects and analyzes security event streams from the Customer's ASTRO 25 network and applicable CEN systems, using security orchestration and advanced analytics to identify the most important security events from applicable systems. The ActiveEye platform is provided in the English language. The platform automates manual investigation tasks, verifies activity with external threat intelligence sources, and learns what events will require rapid response action. Solution Description Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 2-2 City of Fort Worth ASTR025 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services The Customer will receive access to the ActiveEye platfarm as part of this service. ActiveEye will serve as a single interface to display system security information. Using ActiveEye, the Customer will be able to configure alerts and notifications, review security data, and perform security investigations. Applies to included ASTRO 25 RNI, CEN, and Control Room CEN infrastructure. 2.2.2 Service Modules ActiveEye delivers service capability by integrating one or more service modules. These modules provide ActiveEye analytics more information to correlate and a clearer vision of events on Customer's network. In addition, modules enable security teams and analysts to more easily access and compare data from these disparate systems. The following subsections describe each ActiveEye service module in detail. 2.2.2.1 Log Collection / Analytics The AERSS deployed in the system collects logs and other security information from applicable servers, workstations, switches, routers, Network Detection, and firewalls. This information is forwarded to the ActiveEye platform, which uses advanced analytics to identify signs of security incidents. If it identifies signs of a security incident, ActiveEye notiiies the SOC for further analysis. Collected events will be stored in the ActiveEye Security Platform to enable historical searching or threat hunting as needed. Some high volume, repetitive logs may be aggregated as noted in the documentation. The default storage time period is one year, but no longer than 90 days, following expiration or termination of the Agreement. A longer time period can be provided if subscribed, see Table 2-2: Service Modules for subscription details. 2.2.2.2 Network Detection The AERSS supports Network Detection, constantly monitoring traffic passing across, into, or out of infrastructure. Network Detection analyzes traffic for signs of malicious activity in real time, and performs packet level and flow level analysis to enable communications modeling. This information is used to identify anomalous behavior that is not captured by pre-defined traffic signatures, including traffic using encrypted connections. Network Detection forwards detected suspicious activity to the SOC for further analysis. 2.2.2.3 External Vulnerability Scanning External Vulnerability Scanning is provided for the ASTROOO internet-facing, external network interfaces. The scan is enabled from an internet cloud hosted service outside the ASTRO� network. Discovery and vulnerability scans will be run quarterly or on a less frequent schedule defned with the Customer. 2.2.2.4 Endpoint Detection and Response Endpoint Detection and Response (EDR) is an endpoint security agent that integrates with the ActiveEye security platform to provide additional threat detection, investigation, and response actions to optimize protection of critical systems. EDR integration with ActiveEye accelerates investigations by making necessary information available for analysts in a single platform where they can quickly access details of what caused an alert, its context, and its history. Solution Description Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 2-3 City of Fort Worth ASTR025 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services The platform enables analysts to initiate response actions (i.e., isolate host, ban ar block a file hash, terminate a process) on endpoints to respond to detection of verified malicious activity within the system. Available responses are determined by the Customer's security policies. 2.2.3 Security Operations Center Services Motorola delivers SOC Monitoring using one or more SOC facilities. The SOC includes any centralized hardware and software used to deliver this Service and its service modules. The SOC and its centralized hardware and software are housed within an SSAE-18 compliant data center. Motorola's SOC is staffed with security experts who will use ActiveEye Security Management Platform to monitor elements integrated by service modules. In addition, SOC staff will take advantage of their extensive experience to investigate and triage detected threats, and to recommend responses to the Customer. Solution Description Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 2-4 City of Fort Worth ASTRO 25 Managed Detection and Response Section 3 Statement of v'Vork 3.1 Overview October 27, 2025 25-193540-2 / Cybersecurity Services Motorola Solutions, Inc. (Motorola) ASTRO° 25 Managed Detection and Response (MDR) provides monitoring of radio network security information by specialized cybersecurity analysts with extensive experience warking with ASTRO 25 mission-critical networks. The following sections describe the deliverables of the service, its technologies, and service obligations. This Statement of Work (SOW), including all of its subsections and attachments, is an integral part of the applicable agreement (Agreement) between Motorola and the Customer. In order to receive the services as defined within this SOW, the Customer is required to keep the system within a standard support period as described in Motorola's Softwarc Support Polic�SwSP). 3.2 Description of Service MDR is performed by Motorola's Security Operations Center (SOC) using the ActiveEye security platform. The SOC cybersecurity analysts monitor for alerts 24/7. If a threat is detected, analysts will investigate and initiate an appropriate Customer engagement. Customer engagements may include, but are not limited to, deploying cybersecurity countermeasures for incident containment, requesting additional information from the Customer, continuing to monitor the event for further development, or informing the Customer to enact the Customer's documented Incident Response Plan. SOC analysts rely on monitoring elements to detect signs of a potential threat impacting the Customer's ASTRO 25 network and applicable Customer Enterprise Network (CEN) systems. These elements are described below. The MDR service includes the deployment and optimization of these elements into the Customer's network. 3.2.1 Managed Detection and Response Elements This section and its subsections describe MDR elements, and their applicability for specific infrastructure. 3.2.1.1 ActiveEye Security Platform Motorola's ActiveEye security platform collects and analyzes security event streams from Endpoint Detection and Response, EDR, agents and embedded ActiveEye Remote Security Sensors (AERSS) in the Customer's ASTRO 25 network and applicable CEN systems, using security orchestration and advanced analytics to identify the most important security events from applicable systems. The ActiveEye platform is provided in the English language. The platform automates manual investigation tasks, verifies activity with external threat intelligence sources, and learns what events will require rapid response action. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-1 City of Fort Worth ASTRO 25 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services The Customer will receive access to the ActiveEye platfarm as part of this service. ActiveEye will serve as a single interface to display system security information. Using ActiveEye, the Customer will be able to configure alerts and notifications, review security data, and perform security investigations. Applies to included ASTRO 25 Radio Netwark Infrastructure (RNI), CEN, and Control Room CEN infrastructure. 3.3 Deployment Timeline and Milestones The following phase descriptions lay out the necessary deployment activities and milestones required to achieve service readiness: 3.3.1.1 Phase 1: Service Onboarding After contract signature, Motorola will schedule a service kickoff ineeting with the Customer and provide information-gathering documents. This kickoff ineeting is conducted remotely at the earliest, mutually available opportunity. Customer is to identify and ensure participation of key team members in kickoff and project initiation activities. On the Kickoff Date, the Customer will be provisioned onto the ActiveEye MDR portal. The portal will enable service notiiications, access to vulnerability scans and cybersecurity advisories. The frst vulnerability scan will be conducted and reported within 30 days following the Kickoff Date. On the Kickoff Date, the Customer will receive instructions for accessing the Security Operations Center and Incident Response (IR) teams. Once access is provisioned, the Customer will receive any assistance required from the IR team and be able to configure key contacts for interaction with the Security Operations team. The Customer will receive instructions for accessing the Security Operations Center within the first 30 days. 3.3.1.2 Phase 2: Infrastructure Readiness Motorola will provide detailed requirements regarding Customer infrastructure preparation actions at the kickoff meeting. It is the Customer's responsibility to accomplish all agreed upon infrastructure preparations. It is Motorola's responsibility to separately complete any obligated and/or agreed infrastructure readiness tasks. 3.3.1.3 Phase 3: System Buildout and Deployment Motorola will build and provision tools in accordance with the requirements of this proposal and consistent with information gathered in earlier phases. Motorola will also provide detailed requirements regarding Customer deployment actions. The Customer may be required to deploy software and/or configurations in cases where Motorola does not manage the device and does not have access or authorization to perform the installation. Motorola will coordinate with the customer to identify and schedule mutually agreeable maintenance windows where Motorola will perform integration of endpoint detection and response agents at in-scope sites and Customer Enterprise Networks (CENs). Endpoint detection and response agents will not be installed at sites that do not meet the minimum connectivity requirements (either site links with sufficient bandwidth or Control Room Firewalls with customer provided internet). Motorola will leave the existing antivirus solution in place on endpoints located at these out-of-scope sites. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-2 City of Fort Worth October 27, 2025 ASTRO 25 Managed Detection and Response 25-193540-2 / Cybersecurity Services 3.3.1.4 Phase 4: Monitoring "Turn Up" Motorola will verify in-scope assets are forwarding logs or events and notify the Customer of any exceptions. Motarola will begin monitoring connected in-scope sources after the initial tuning period. 3.3.1.5 Phase 5: Tuning and Customer Training Motorola will conduct initial tuning of events and alarms in the service, and conduct an additional ActiveEye Portal training session. 3.3.1.6 Service Commencement The Service will commence with the Service Onboarding phase or within 30 days of contract signature, whichever event occurs soonest for existing customers. In the case of a new ASTRO system, the Service will commence in parallel to the commencement date of the core ASTRO Service package "Turn Up" go live date. Motorola and the Customer will collaborate to complete the additional deployment tasks. 3.4 General Responsibilities Motorola Responsibilities • Provide and when necessary, repair under manufacturer warranty hardware and software required to remotely monitor the ASTRO 25 network and applicable CEN systems inclusive of the AERSS and all software operating on it. - If the Centralized Event Logging feature is not installed on the Customer's ASTRO 25 RNI, Motorola will install it as part of this service. • Coordinate with the Customer on any system changes necessary to integrate the AERSS into the system and establish necessary connectivity. • Provide software and licenses to the Customer necessary to remotely monitor the ASTRO 25 network and applicable CEN environments. • Integrate EDR agents as per the "Deployment Timeline and Milestones" section in all network segments where endpoint detection and response is in scope. - Note that network segments with insufficient connectivity to support endpoint detection and response will be considered out of scope for endpoint detection and response - Motorola will perform the installation of endpoint detection and response agents in the RNI-DMZ CEN(s) and Control Room CEN(s) for all Motorola managed devices that support endpoint detection and response agents. • Assist the Customer with the installation of log forwarding agents on systems that are not managed by Motorola. Note, Motorola will perform installation on all endpoints that are managed by Motorola. • Verify connectivity and monitoring is active prior to start of service. • Coordinate with the Customer to maintain Motorola service authentication credentials. • Monitor the Customer's ASTRO 25 network and applicable CEN systems 24/7 for malicious or unusual activity, using trained and accredited technicians. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-3 City of Fort Worth ASTRO 25 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services • Respond to security incidents in the Customer's system in accordance with Section 3.5.6: Incident Priority Level Defnitions and Response Times. Response may include, but is not limited to, requesting additional information from the Customer, continuing to monitor the event for further development or informing the Customer to enact the Customer's documented Incident Response plan. • Assist the Customer with identifying devices that support logging within the ASTRO 25 network and applicable CEN systems have been configured to forward Syslog events to the AERSS. • Provide the Customer with access to the ActiveEye platform enabling Customer access to security event and incident details. Customer Responsibilities The ASTRO 25 MDR service requires a connection from the Customer's ASTRO 25 netwark and applicable CEN systems to the Internet. Establish connectivity with sufficient bandwidth before the service commences. Internet service bandwidth requirements are as follows: - Bandwidth throughput 10 Mbps per AERSS. - High availability Internet Connection (99.99% (4-9s) or higher). - Packet loss < 0.5%. - Jitter <10 ms. - Delay < 120 ms. - RJ45 Port Speed - Auto Negotiate. - If an ASTRO site link will be leveraged for endpoint detection and response communications, that site link must support a minimum of 2 Mbps of bandwidth. • It is the Customer's responsibility or the contracted maintainer to install the AERSS device in the Control Room CEN. • Allow Motorola continuous remote access to monitor the ASTRO 25 network and applicable CEN systems. This includes keeping the connection active, providing passwords, and working with Motorola to understand and maintain administration privileges. • Maintain an active subscription for: - Security Update Service (SUS) (or Remote Security Update Service), ensuring patches and antivirus defnitions are applied according to the release cadence of the service. - ASTRO Dispatch Service and ASTRO Infrastructure Response. • Provide continuous utility services to any equipment installed ar utilized at the Customer's premises to support service delivery and remote monitoring. • Provide Motorola with contact information necessary to complete the Customer Support Plan (CSP). Notify the Customer's Customer Support Manager (CSM) within two weeks of any contact information changes. • Notify Motorola if any components are added to or removed from the environment as it may be necessary to update or incorporate in MDR. Changes to monitored components may result in changes to the pricing of the MDR service. • Ensure that the ASTRO 25 system is operating on a Motorola supported release. • Allow Motorola dispatched field service technicians physical access to monitoring hardware when required. • Cooperate with Motorola and perform all acts that are required to enable Motorola to provide the services described in this SOW. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-4 City of Fort Worth ASTRO 25 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services • Configure and maintain networking infrastructure physical and logical configuration to mirror (typically via a port(s) on a switch) netwark traffic to the ActiveEye sensor for applicable CEN systems. • Responding to Cybersecurity Incident Cases created by the Motorola SOC. • It is the Customer's responsibility to install endpoint detection and response agents in the RNI-DMZ CEN(s) and Control Room CEN(s) for any device that supports endpoint detection and response agents and is not Motorola Solutions managed. 3.4.1 3.4.1.1 Service Modules Log Collection / Analytics The AERSS deployed in the system collects logs and other security information from applicable servers, workstations, switches, routers, network intrusion detection sensors, and firewalls. This information is forwarded to the ActiveEye platform, which uses advanced analytics to identify signs of security incidents. If it identifies signs of a security incident, ActiveEye notifies the SOC for further analysis. Motorola Responsibilities • Consult with and advise the Customer on performing necessary system configurations to direct log sources to the appropriate Remote Security Sensor. • The SOC will consult with the Customer to identify appropriate log sources. Customer Responsibilities • If applicable, configure any Customer managed devices in the CEN to forward data to ActiveEye. Applies to included ASTRO 25 RNI, CEN, and Control Room CEN infrastructure. 3.4.1.2 Network Detection The AERSS deploys a Network Intrusion Detection System (NIDS), constantly monitoring traffic passing across, into, ar out of the infrastructure. Network Detection analyzes traffic for signs of malicious activity in real time, and performs packet level and flow level analysis to enable communications modeling. This information is used to identify anomalous behavior that is not captured by pre-defined traffic signatures, including traffic using encrypted connections. Network Detection alerts the SOC for further analysis. Motorola Responsibilities • Optimize the policies and configuration to tune out noise and highlight potential threats. • The SOC consults with the Customer to identify the appropriate deployment of Network Detection Service Components. The SOC monitors and updates the security policy of each sensor to tune out unnecessary alerting and flow monitoring so that the system is optimized to detect true malicious activity. Customer Responsibilities • For Customer's owned CEN infrastructure, con�gure and maintain networking infrastructure physical and logical configuration to mirror (typically via a port(s) on a switch) network traffic to the ActiveEye sensor. • Initiate recommended response actions when active attacks are detected. Applies to included ASTRO 25 RNI, CEN, and Control Room CEN infrastructure. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-5 City of Fort Worth October 27, 2025 ASTRO 25 Managed Detection and Response 25-193540-2 / Cybersecurity Services 3.4.1.3 Endpoint Detection and Response Endpoint detection and response agents deployed on in-scope and supported Windows and Linux hosts and servers throughout the system constantly monitor for indicatars of compromise and feed this infarmation back to the ActiveEye security platform. The Security Operations Center monitors this feed and is ready 24/7 to take action when a detection is made. Motorola Solutions Responsibilities • Install and/or support the installation of endpoint detection and response agents on in scope endpoints in the system as detailed in the "Deployment Timeline and Milestones" section. • Monitor endpoint detection and response feeds for detections of indicators of compromise. • In the event of the detection of an indicatar of compromise, perfarm detailed investigations of the event. • Per the Customer's security policies and defined incident response plan, alert and engage the customer and potentially take an action to deploy a countermeasure to contain the incident. Customer Responsibilities • Work with Motorola to ensure that there is a documented incident response plan that indicates how Motorola should engage with the Customer in the event of a detection of an indicator of compromise. • Provide and maintain contact information for a Customer point of contact that can take action or authorize Motorola to take action in the event of a detection of an indicator of compromise. Applies to in scope ASTRO 25 RNI, CEN, and Control Room CEN infrastructure. 3.4.1.4 External Vulnerability Scanning External Vulnerability Scanning is provided for the ASTRO internet-facing, external network interfaces. The scan is enabled from an internet cloud hosted service outside the ASTRO network. Discovery and vulnerability scans will be run quarterly or on a less frequent schedule defined with the Customer. The initial scan results will be discussed with the Customer during service onboarding. Subsequent scans will be reviewed by a cybersecurity analyst. If any new findings of interest are surfaced, a ticket will be created to communicate these findings with the customer defined contacts. Motorola Responsibilities • Configure scans to match the Customer's preferences for external scope. • Verify vulnerability scans are operating correctly. • Make generated results available in the Customer's ActiveEye portal. • Create ticket notifications for significant, new findings of interest. Customer Responsibilities • During Service Onboarding kickoff, provide Motorola with the IP addresses and/or domain names to be included in the external vulnerability scans. • In accepting this Statement of Work, the Customer authorizes Motorola to engage in external vulnerability scans of internet-facing, external assets disclosed by the Customer. • Be responsible for updating Motorola with any changes to the IP addresses and/or domain names of the internet-facing, external assets subject to the external vulnerability scans. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-6 City of Fort Worth ASTRO 25 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services • If the information required to enable vulnerability scanning of the internet-facing, external assets is not provided initially or is not current at any time during the term, Motorola will suspend scans until it is reasonably satisfied that it has been provided with the most current information. • Review a11 quarterly vulnerability reports, and tickets of new �ndings. • Perform any remediation actions required to address identified vulnerabilities. Applies to Internet facing assets only. 3.5 3.5.1 Security Operations Center Monitoring and Support Scope Motorola delivers Security Operations Center (SOC) Monitoring using one or more SOC facilities. The SOC includes any centralized hardware and software used to deliver this Service and its service modules. The SOC and its centralized hardware and software are housed within an SSAE-18 compliant data center. Motorola's SOC is staffed with security experts who will use ActiveEye security platform to monitor elements integrated by service modules. In addition, SOC staff will take advantage of their extensive experience to investigate and triage detected threats, and to recommend responses to the Customer. Depending on Customer security policies and the extent to which endpoint detection and response is deployed within the system, the SOC may take actions to deploy countermeasures in an attempt to contain a security incident. Customer support is provided in the English language. Motorola will start monitoring the ASTRO 25 MDR service in accordance with Motorola processes and procedures after deployment, as described in Section 1.2 Deployment Timeline and Milestones. The SOC receives system-generated alerts 24/7, and provides the Customer with a toll-free telephone number and email address for support requests, available 24/7. Support requests are stored in a ticketing system for accountability and reporting. The SOC will respond to detected events in accordance with Section 3.5.6: Incident Priority Level Definitions and Response Times. 3.5.2 Ongoing Security Operations Center Service Responsibilities Motorola Responsibilities If a probable security incident is detected, provide phone and email support to: • Engage the Customer's defined Incident Response Process. • Gather relevant information and attempt to determine the extent of compromise using existing monitoring capabilities in place as part of the ASTRO 25 MDR service. • Analysis and support to help the Customer determine if the Customer's corrective actions are effective. • Continuous monitaring, in parallel with analysis, to support Incident Response. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-7 City of Fort Worth ASTRO 25 Managed Detection and Response Customer Responsibilities October 27, 2025 25-193540-2 / Cybersecurity Services • Provide Motorola with accurate and up-to-date information, including the name, email, landline telephone numbers, and mobile telephone numbers for all designated, authorized Customer escalation Points of Contact (POC). • Provide a timely response to SOC security incident tickets or investigation questions. Notify Motorola at least twenty-four (24) hours in advance of any scheduled maintenance, network administration activity, or system administration activity that would affect Motorola's ability to perform the Managed SOC Service, as described in this SOW. 3.5.3 Technical Support ActiveEye Security Management Technical Support provides the Customer with a toll-free telephone number and email address for ActiveEye Security Management support requests, available Monday through Friday from 8 a.m. to 7 p.m. CST. Motorola Responsibilities • Notify customers of any scheduled maintenance or planned outages. • Provide technical support, security control, and service improvements related to ActiveEye. Customer Responsibilities Provide sufficient information to allow Motorola technical support agents to diagnose and resolve the issue. Limitations and Exclusions Technical support is limited to the implementation and use of the ActiveEye platform and does not include use or implementation of third-party components. 3.5.4 Incident Response An Indicator of Compromise (IoC) is an observable event that Motorola Security Analysts have determined will jeopardize the confidentiality, integrity, or availability of the system. Examples of IoC include ransomware or malicious use of PowerShell. When an IoC is observed, the Motorola Security Operations team will engage with the customer to investigate the issue, determine the extent of the compromise, and contain the activity to the extent possible with the Motorola security controls deployed within the environment. This expert guidance is available upon contract signature and extends through MDR infrastructure deployment phases and the term of the contract. When an IoC is observed by the Security Analyst, Motorola and Customer will be responsible for the tasks defined in the following subsections. Motorola Responsibilities • Upon the identification of an IoC, notify the Customer's documented contact and initiate the escalation plan. • Take documented, Customer approved actions in an attempt to contain an IoC to the extent enabled via Motorola managed technology. Communicate to the Customer any additional potential containment actions and Incident Response resources that can be taken across the Customer's managed IT infrastructure. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-8 City of Fort Worth ASTRO 25 Managed Detection and Response October 27, 2025 25-193540-2 / Cybersecurity Services • Perform investigation using the ActiveEye MDR integrated and enabled data sources in an initial attempt to determine the extent of an IoC. • Document and share IoC and artifacts discovered during investigation. Motorola services exclude performing on-site data collection or official forensic capture activities on physical devices. Customer Responsibilities • Maintain one named Point of Contact (PoC) to coordinate regular team discussions and organize data collection and capture across the Customer and Motorola teams. • If determined to be required by Customer, contract an Incident Response service provider to perform procedures beyond the scope of this Agreement such as forensic data capture, additional malware removal, system recovery, ransomware payment negotiation, law enforcement engagement, insurance provider communications, identify patient zero, etc. 3.5.5 Event Response and Notification Motorola will analyze events created and/or aggregated by the Service, assess their type, and notify the Customer in accordance with the following table. Table 3-1: Event Handling False Positive or Any events determined by Motorola to not likely None Benign have a negative security impact on the organization. Event of Interest Any events determined by Motorola to likely Escalate to Customer in accordance with (EOI) have a negative security impact on the routine notification procedure. organization. Escalate in accordance with urgent notification procedure when required by agreed-upon thresholds and SOC analysis. Notification procedures are included in Table 3-2. 3.5.5.1 Notification Motorola will establish notification procedures with the Customer, generally categorized in accordance with the following table. Table 3-2: Notification Procedures Routine Notification Procedure The means, addresses, format, and desired content (within the capabilities of the installed technology) for Events of Interest (EOI). These can be formatted for automated processing, e.g., by ticketing systems. Urgent Notification Procedure Additional, optional means and addresses for notifications of Events of Interest that require urgent notification. These usually include telephone notifications. Motorola will notify the Customer according to the escalation and contact procedures defined by the Customer and Motorola during the implementation process. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-9 City of Fort Worth October 27, 2025 ASTRO 25 Managed Detection and Response 25-193540-2 / Cybersecurity Services 3.5.5.2 Tuning Motorola will assess certain events to be environmental noise, potentially addressable configuration issues in the environment, ar false positives. Motorola may recommend these be addressed by the Customer to preserve system and network resources. Motorola will provide the Customer with the ability to temporarily suppress alerts reaching ActiveEye, enabling a co-managed approach to tuning and suppressing events or alarms. The SOC may permanently suppress particular alerts and alarms if not necessary for actionable threat detection. 3.5.5.3 Tuning Period Exception The tuning period is considered to be the first thirty (30) days after each service module has been confirmed deployed and configured and starts receiving data. During the tuning period, Motorola may make recommendations to the Customer to adjust the configurations of their installed software so Services can be effectively delivered. Service Availability will not be applicable during the tuning period and responses or notifications may not be delivered. However, Motorola will provide responses and notifications during this period. Motorola may continue to recommend necessary tuning changes after this period, with no impact on Service Availability. 3.5.6 Incident Priority Level Definitions and Response Times Priority for alert-generated incident ar Events of Interest is determined by the ActiveEye Platform analytics that process multiple incoming alert feeds, automation playbooks, and cybersecurity analyst knowledge. Priority Critical Security incidents that have caused, or are suspected to have caused significant Response provided 24 damage to the functionality of the Customer's ASTRO 25 system ar hours, 7 days a week, information stored within it. Efforts to recover from the incident may be including United States significant. (U.S.) public holidays. Examples: Malware that is not quarantined by anti-virus. Evidence that a monitored component has communicated with suspected malicious actors. High Security incidents that have localized impact and may become more serious if not quickly addressed. Effort to recover from the incident may be moderate to significant. Examples: Malware that is quarantined by antivirus. Multiple behaviors observed in the system that are consistent with known attacker techniques. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted Response provided 24 hours, 7 days a week, including U.S. public holidays. � MOTOAOLA SOLUTIONS Page 3-10 City of Fort Worth ASTRO 25 Managed Detection and Response ' i 1 • i Medium Security incidents that potentially indicate an attacker is performing reconnaissance or initial attempts at accessing the system. Effort to recover from the incident may be low to moderate. Examples include: Suspected unauthorized attempts to log into user accounts. Suspected unauthorized changes to system configurations, such as firewalls or user accounts. Observed failures of security components. Informarional events. User account crearion or deletion. Privilege change for existing accounts. Low 3.5.6.1 Priority These are typically service requests from the Customer. Response Time Goals October 27, 2025 25-193540-2 / Cybersecurity Services Response provided on standard business days, Monday through Friday 8 a.m. to 5 p.m. CST/CDT, excluding U.S. public holidays. Response provided on standard business days, Monday through Friday 8 a.m. to 5 p.m. CST/CDT, excluding U.S. public holidays. Critical An SOC Cybersecurity Analyst will make contact with the customer technical representative within one (1) hour of the request for support being logged in the issue management system ar the creation of an alert suggesting a cybersecurity incident that requires action. Continual effort will be maintained to identify the extent of the incident and provide actions for containment. High An SOC Cybersecurity Analyst will make contact with the customer technical representative within four (4) hours of the request for support being logged at the issue management system or the creation of an alert suggesting a cybersecurity incident that requires action. Continual effort will be maintained to identify the extent of the incident and provide actions for containment. Medium An SOC Cybersecuriry Support Engineer will make contact with the customer technical representative within the next business day of the request for support being logged at the issue management system or the creation of an alert suggesting a cybersecurity incident that requires action. Low 3.5.6.2 An SOC Cybersecurity Support Engineer will make contact with the Customer technical representative within seven business days of the logged request for support at the issue management system. ActiveEye Platform Availability The platform utilizes a multi-zone architecture which can recover from failures in different data collection, enhancement, analysis, and visualization tiers. Motorola will make commercially reasonable efforts to provide monthly availability of 99.9°/o for the ActiveEye Platform services. Service availability is subject to limited scheduled downtime for servicing and upgrades, as well as unscheduled and unanticipated downtime resulting from circumstances or events outside of Motorola's reasonable control, such as disruptions of, or damage, to the Customer's or a third-party's information or communications systems or equipment, telecommunication circuit availability/performance between Customer sites, any on-premises core and/or between on-premises equipment and the ActiveEye Platform. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-11 City of Fort Worth October 27, 2025 ASTRO 25 Managed Detection and Response 25-193540-2 / Cybersecurity Services 3.5.6.3 ActiveEye Remote Security Sensor (AERSS) One or more AERSS may be deployed as part of the MDR solution. The AERSS is configured with multiple local redundancy features such as hot-swap hard disk drives in a redundant drive array configuration and dual redundant power supplies. The AERSS and all components of ActiveEye are monitored by a dedicated Site Reliability Engineering team. In cases of hardware failure of the AERSS, Motorola will provide, subject to active service subscriptions in the Customer contract, onsite services to repair the AERSS and restore service. AERSS operation and outage troubleshooting requires network connection to the ActiveEye Platform which may be impacted by customer configuration changes, telecommunications connectivity, and/or customer network issues/outages. 3.6 Limitations and Exclusions This section applies to all cybersecurity services contained in the Statement of Work. Managed Detection and Response does NOT include services to perform physical containment and/or remediation of confirmed security incidents, remote or onsite. The Customer may choose to purchase additional Incident Response professional services to assist in the creation of and/or execution of a Customer's Incident Response Plan. Motorola's scope of services does not include responsibilities relating to recovery of data available through the products or services, or remediation or responsibilities relating to the loss of data, ransomware, or hacking. Motorola does not represent that it will identify, fully recognize, discover, or resolve all security events or threats, system vulnerabilities, malicious codes, files or malware, indicators of compromise or internal threats or concerns NOTWITHSTANDING ANY PROVISION OF THE AGREEMENT TO THE CONTRARY, MOTOROLA WILL HAVE NO LIABILITY FOR (A) INTERRUPTION OR FAILURE OF CONNECTIVITY, VULNERABILITIES, OR SECURITY EVENTS; (B) DISRUPTION OF OR DAMAGE TO CUSTOMER'S OR TffiRD PARTIES' SYSTEMS, EQUIPMENT, OR DATA, INCLUDING DENIAL OF ACCESS TO USERS, OR SHUTDOWN OF SYSTEMS CAUSED BY INTRUSION DETECTION SOFTWARE OR HARDWARE; (C) AVAILABILITY OR ACCURACY OF ANY DATA AVAILABLE THROUGH THE SERVICES, OR INTERPRETATION, USE, OR MISUSE THEREOF; (D) TRACKING AND LOCATION-BASED SERVICES; OR (E) BETA SERVICES 3.6.1 Service Limitations Cybersecurity services are inherently limited and will not guarantee that the Customer's system will be error-free or immune to security breaches as a result of any or all of the services described in this SOW. Motorola does not warrant or guarantee that this service will identify all cybersecurity incidents that occur in the Customer's system. Services and deliverables are limited by, among other things, the evolving and often malicious nature of cyber threats, conduct/attacks, as well as the complexity/disparity and evolving nature of Customer computer system environments, including supply chains, integrated software, services, and devices. To the extent we do offer recommendations in connection with the services, unless otherwise stated in the Statement of Work, our recommendations are necessarily subjective, may or may not be correct, and may be based on our assumptions relating to the relative risks, priorities, costs, and benefits that we assume apply to you. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-12 City of Fort Worth October 27, 2025 ASTRO 25 Managed Detection and Response 25-193540-2 / Cybersecurity Services 3.6.2 Processing of Customer Data in the United States and/or Other Locations Customer understands and agrees that data obtained, accessed, or utilized in the performance of the services may be transmitted to, accessed, monitored, and/or otherwise processed by Motorola in the U.S. and/or other Motorola operations globally. Customer consents to and authorizes all such processing and agrees to provide, obtain, or post any necessary approvals, consents, or notices that may be necessary to comply with applicable law. 3.6.3 Customer and Third-Party Information Customer understands and agrees that Motorola may obtain, use and/or create and use, anonymized, aggregated andlor generalized Customer Data, such as data relating to actual and potential security threats and vulnerabilities, for its lawful business purposes, including improving its services and sharing and leveraging such information for the benefit of Customer, other customers, and other interested parties. For avoidance of doubt, so long as not specifically identifying the Customer, Customer Data shall not include, and Motorola shall be free to use, share and leverage security threat intelligence and mitigation data generally, including without limitation, third party threat vectors and IP addresses (i.e., so long as not defined as personal information under applicable law), file hash information, domain names, malware signatures and information, information obtained from third party sources, indicators of compromise, and tactics, techniques, and procedures used, learned or developed in the course of providing Services, which data shall be deemed Service Use Data (i.e., Motorola data). 3.6.4 Third-Party Software and Service Providers, Including Resale Motorola may use, engage, license, resell, interface with, or otherwise utilize the products or services of third- party processors or sub-processors and other third-party software, hardware, or services providers (such as, for example, third-party endpoint detection and response providers). Such processors and sub-processors may engage additional sub-processars to process personal data and other Customer Data. Customer understands and agrees that the use of such third-party products and services, including as it relates to any processing or sub-processing of data, is subject to each respective third-party's own terms, licenses, End User License Agreements (EULA), privacy statements, data processing agreements and/or other applicable terms. Motorola disclaims any and all responsibility for any and all loss or costs of any kind associated with security events. Motorola disclaims any responsibility for customer use or implementation of any recommendations provided in connection with the services. Implementation of recommendations does not ensure or guarantee the security of the systems and operations evaluated. Statement of Work Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 3-13 c�ty of Fon wortn ASTRO 25 Managed Detection and Response Section 4 Pro osal Pricin p g 4.1 Pricing Summary October 27, 2025 25-193540-2 / Cybersecurity Services Motorola pricing is based on the services and solution presented in Section 2. The addition or deletion of any component(s) may subject the total solution price to modifications. 1 • i i � . � . � . ASTRO� 25 Managed Detection and Response $102,460.28 -$2,460.28 $100,000.00 Hardware and Equipment Installation and Activation Services Included Included Year 1 Total $102,460.28 Initial Subscription Pricing after Year 1: Inirial Subscription Period - Year 2 Initial Subscription Period - Year 3 Initial Subscription Period - Year 4 TOTAL MDR (Outyears) The Total Contract Value of this proposal is: $412,696.63. CSC #50054 (HGAC RA05-21) $106,558.69 $110,821.04 $115,257.57 $332,637.30 Included Included Included Included -$2,460.28 $100,000.00 -$4,358.69 -$6,571.04 -$9,010.94 -$19,940.67 $102,200.00 $104,250.00 $106,246.63 $312,696.63 Due to significant market and tariff volatility, as well as fluctuations in the cost of energy and raw materials including, but not limited to, steel, copper, finished wood, and concrete, Motorola Solutions reserves the right to equitably adjust the contract price, completion schedule, and/or contract requirements. Additionally, Motorola Solutions reserves the right to apply a fuel surcharge to quoted freight rates based on the prevailing diesel cost at the time of shipment. Proposal Pricing Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 4-1 c�ty of Fon wortn ASTRO 25 Managed Detection and Response 4.2 Payment Schedule & Terms Period of Performance October 27, 2025 25-193540-2 / Cybersecurity Services The initial MDR subscription period of the contract will extend four (4) years from the Commencement Date of Service, defined as the date data is available for analysis, or not later than thirty (30) days after Motorola provides the Customer with necessary hardware or software. Term The Term of the contract begins on the Commencement Date of Service and remains in effect until the expiration of the initial period so specified. Billing Upon acceptance of this proposal by the Customer, Motorola will invoice the Customer for all service fees in advance for the full Year 1 amount according to the Pricing table in Section 4.1. Thereafter, Motorola will invoice the Customer annually, in advance for (a) the Services to be performed (as applicable); and (b) any other charges incurred as agreed upon between the parties during the term of the subscription. Customer will make payments to Motorola within thirty (30) days after receipt of each invoice. Customer will make payments when due in the form of a check, cashier's check, or wire transfer drawn on a United States financial institution. INFLATION ADJUSTMENT. For multi-year agreements, at the end of the first year of the Agreement and each year thereafter, a CPI percentage change calculation shall be performed using the U.S. Department of Labor, Consumer Price Index, all Items, Unadjusted Urban Areas (CPI-U). Should the annual inflation rate increase greater than 3% during the previous year, Motorola shall have the right to increase all future maintenance prices by the CPI increase amount exceeding 3%. All items, not seasonally adjusted shall be used as the measure of CPI for this price adjustment. Measurement will take place once the annual average for the new year has been posted by the Bureau of Labor Statistics. For purposes of illustration, if in year 5 the CPI reported an increase of 8%, Motorola may increase the Year 6 price by 5% (8%-3% base). Tax Unless otherwise noted, this proposal excludes sales tax or other applicable taxes (such as Goods and Services Tax, Value Added Tax, and other taxes of a similar nature). Any tax the customer is subject to will be added to invoices. Proposal Pricing Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 4-2 City of Fort Worth ASTRO 25 Managed Detection and Response Section 5 October 27, 2025 25-193540-2 / Cybersecurity Services Contractual Documentation This Products and Services Agreement (this "AgreemenP') is entered into between Motorola Solutions Inc., ("Seller" or "Motorola") and the entity set forth in section I(b) ("Customer") as of the date last signed below ("Effective Date"). Seller and Customer will each be referred to herein as a"Party" and collectively as the "Parties". I. Seller and Customer Information (a) Se11er (b) Cuetomer � II. (a) �) (c) Transaction Details Proposal Pricing Motorola Solutions, Inc. Name: City of Fort Worth Address: 1515 llth Avenue, Fort Warth, TX 76102 Contact: Mr. Larry Crocket - Senior Manager, Radio Services Proposal No.: 25-193540-2 Date: November 14, 2025 Motorola will provide Customer with the products and services set forth in the proposal dated above (the "Proposal"), a copy of which is attached hereto and incorporated herein. Pricing far products and services being purchased by Customer is set forth in the Proposal. Terms and The Parties acknowledge and agree that the terms of the City of Fort Worth System Purchase Conditions Agreement Contract Number 50054 (HGAC RA05-21) (the "Contract"), including all applicable addenda, are incorporated herein and shall apply to the products and services provided to Customer as set forth in the Proposal. A copy of the Contract is available upon request. III. Entire Agreement This Agreement, including the Proposal and any terms and conditions referenced herein, constitutes the entire agreement of the Parties regarding the subject matter of the Agreement and supersedes all previous agreements, proposals, and understandings, whether written or oral, relating to this subject matter. This Agreement may be executed in multiple counterparts, and shall have the same legal force and effect as if the Parties had executed it as a single document. The Parties may sign in writing, or by electronic signature, including by email. An electronic signature, or a facsimile copy or computer image, such as a PDF ar tiff image, of a signature, shall be treated as and shall have the same effect as an ariginal signature. In addition, an electronic signature, a true and correct facsimile copy, ar computer image of this Agreement shall be treated as and shall have the same effect as an original signed copy of this document. This Agreement may be amended or modified only by a written instrument signed by authorized representatives of both Parties. The preprinted terms and conditions found on any Customer purchase or purchase order, acknowledgment or other form will not be considered an amendment ar modification of this Agreement, even if a representative of each Party signs that document, and the terms of this Agreement will take precedence. Contractual Documentation Use or disclosure of this proposal is subject to the restrictions on the cover page. Motorola Solutions Confidential Restricted � MOTOAOLA SOLUTIONS Page 5-1 EXHIBIT A-15 City of Fort Worth Notice to Proceed (Attached) Sixteenth Amendment to Fort Worth City Secretary Contract No. 50054 Page 4 of 4 FORT WORTH� City of Fort Worth 100 Fort Worth Trail Fort Worth, TX 76102 November 14, 2025 Motorola Solutions, Inc. ("Motorola") 500 W. Monroe St. Chicago, IL 60661 Re: ASTR025 Managed Detection and Response Proposal Contract Name / Number: City of Fort Worth contract #50054 (HGAC RA05-21) Proposal: ASTR025 Managed Detection and Response, Cyber Security Services This Notice to Proceed (NTP) serves as authorization for Motorola Solutions to place an order and invoice for the communication equipment and services as referenced on Proposal ASTR025 Managed Detection and Response and dated November 14, 2025 for the total purchase price of $412,696.63, subject to the terms and conditions of City of Fort Worth contract #50054 (HGAC RA05-21). The yearly payment schedule is: Year 1-$100,000.00 — Net 30 payment from contract execution and subscription commencement Year 2-$102,200.00 — Net 30 from subscription year 2 commencement date Year 3-$104,250.00 — Net 30 from subscription year 3 commencement date Year 4-$106,246.63 — Net 30 from subscription year 4 commencement date The City of Fort Worth agrees to pay Motorola Solutions "Net 30 days from receiving an invoice" for the equipment and services. Title and Risk of Loss to Equipment shall pass to Customer upon shipment from Motorola. Unless otherwise agreed by the parties in writing, shipment will be made in a manner determined by Motorola. This NTP will take precedence with respect to conflicting or ambiguous terms. Customer affirms they have signatory authority to execute this contract. The contract price is fully committed and identified, including all subsequent years of contracted services, if applicable. Customer's payment obligations for all subsequent years of contracted services, if applicable, are contingent upon the appropriation of funds by the Customer's governing body for such purpose. In the event funds are not appropriated for any subsequent fiscal year, the Customer may terminate this Agreement upon thirty (30 days' advance notice to Motorola, effective at the end of the last fiscal year for which funds were appropriated, without penalty or further obligation. Subject to the appropriation of funds as set forth herein, the Customer will pay all invoices as received from Motorola and any changes in scope will be subject to the change order process as described in this Agreement. Motorola acknowledges the Customer may require the issuance(s) of a purchase order or notice to proceed as part of the Customer's procurement process. However, Customer agrees that the issuance or non-issuance of a purchase order or notice to proceed does not preclude the Customer from its contractual obligations as defined in this Agreement. Information Technology Solutions Department IT Strategic Planning and Finance Division City of Fort Worth • 100 Fort Worth Trail, Fort Worth, TX 76102 FORT WORTH� Unless otherwise agreed upon in writing, invoices will be billed based on equipment shipped, services rendered, and standard payment terms and milestones. Once billed, invoices shall be sent and emailed to the Customer at the following address: Invoices should reference City of Fort Worth — IT Solutions; PO # FW004-OOOO011 553. The Equipment will be shipped to the Customer at the following address: 100 Fort Worth Trail Fort Worth, TX 76102 The ultimate destination address (if different from the ship to above) where the Equipment will be delivered to Customer is: 1515 ll t'' Avenue Fort Worth, TX 76102 Customer may change shipment information by giving written or electronic notice to Motorola. If you have any questions regarding this order, please feel free to contact Casey Moore at 817-368-8683. Sincerely yours, G�G1VI�'�� Dlanna Glordano (Feb 5, 2026 13:0322 CST) Y� Name: Dianna Giordano Title: Assistant City Manager Information Technology Solutions Department IT Strategic Planning and Finance Division City of Fort Worth • 100 Fort Worth Trail, Fort Worth, TX 76102 ACITY COUNCIL AGEND Create New From This M&C DATE: 6/25/2024 REFERENCE NO.. **M&C 24- LOG NAME: 04MOTOROLA RADIO 0533 REFRESH CSC 50054 �0 RT �'�'U RT I I -��- CODE: C TYPE: CONSENT PUBLIC NO HEARING: SUBJECT: (ALL) Authorize Amendment to City Secretary Contract No. 50054 with Motorola Solutions, Inc., Using Houston-Galveston Area Council Cooperative Contract No. RA05- 21 and its Successors for the Acquisition of Public Safety Radios, Associated Equipment, and Services to Increase the Authorized Year-Three Amount by $5,267,481.00 for a Revised Year-Three Amount Up to $10,981,617.00 and Authorize Three Additional Renewal Terms with Fourth-Year Amount Up to $5,318,911.80, Fifth-Year Amount Up to $5,538,544.48, and Sixth-Year Amount Up to $5,802,233.03 for the Information Technology Solutions Department RECOMMENDATION: It is recommended that the City Council authorize an amendment to City Secretary Contract No. 50054 with Motorola Solutions, Inc. using Houston-Galveston Area Council Cooperative Contract No. RA05-21 and its successors for the acquisition of public safety radios, associated equipment, and services, to increase the authorized year-three amount by $5,267,481.00 for a revised year-three amount up to $10,981,617.00, and authorize three additional renewal terms with fourth-year amount up to $5,318,911.80, fifth-year amount up to $5,538,544.48, and sixth-year amount up to $5,802,233.03 for the Information Technology Solutions Department. DISCUSSION: The City of Fort Worth maintains a radio communications system, the North Texas Interoperable Radio Network (NTIRN), utilized by most City departments and almost 200 external government entities. On December 5, 2017, Mayor and Council Communication (M&C) C-28495 authorized a System Purchase Agreement with Motorola Solutions, Inc. (Motorola) in an initial annual amount of $1,602,101.00 using Houston-Galveston Area Council (H-GAC) Contract RA05-15 for the acquisition and implementation of radio related capabilities, and establishment of a four-year discount program for the purchase of radios, other system equipment and services. The discount program includes additional discounts of up to 20 percent off H-GAC pricing for radio equipment and a discount of up to 5 percent for services through December 17, 2025. Accordingly, the City executed City Secretary Contract No. 50054 (Agreement) with Motorola. M&C C-28495 also authorized the City to purchase similar equipment and services under successive contracts, stating if H-GAC Contract RA05-15 is not extended but H-GAC executes a new cooperative contract with Motorola with substantially similar terms as H-GAC Contract RA05-15, that M&C authorizes the City to purchase equipment and services under the new H-GAC contract. On December 14, 2021, City Council approved M&C 21-0937 authorizing an amendment to the agreement with Motorola for additional radios and other system equipment & services for three one- year terms with a first-year amount of $1,462,800.00, second-year amount of $1,609,080.00, and third-year amount of $1,769,988.00 for a cumulative contract total up to $4,841,868.00. On June 28, 2022, City Council approved M&C 22-0496 to acquire public safety radios and associated equipment and increase the contract amount in year two by $2,797,260.00 for a revised year two amount up to $4,406,340.00. This M&C revised the cumulative contract up to $7,639,128.00. On April 23, 2024, City Council approved M&C 24-0311 authorizing an amendment to the agreement with Motorola for an additional radio tower and communication equipment in the amount of $3,944,148.00 for a revised year-three amount up to $5,714,136.00. This M&C will authorize the City to continue purchasing radios for Radio Refresh, additional radio consoles, communication equipment, and services with an increase of spend authority in the amount of $5,267,481.00 for a revised year-three amount up to $10,981,617.00 and authorize three additional renewal terms in the amount of $5,318,911.80 in year-four. Future years' expenditures are expected to rise 10 percent each year as follows: $5,538,544.48 in year five and $5,802,233.03 in year six. This M&C revised the cumulative contract up to $33,510,446.31. Year Year-one (FY22) Year-two (FY23) Year- three(FY24)* Year-four (FY25)** Year-five (FY26)** Year-six (FY27)** Total Amount Up to $1,462,800.00 $4,406,340.00 $10,981,617.00 $5,318,911.80 $5,538,544.48 $5,802,233.03 $33,510,446.31 *FY24 includes increases for Northwest radio tower, radio refresh and dispatch console additions. *�`FY25-FY27 includes increases for radio refresh. All other terms and conditions of the existing agreement remain the same. Funding is budgeted in the Other Contractual Services account within the Info Technology Systems Fund and in the CCPD Capital Projects and ITS Capital Funds for the ITS Department for the purpose of funding various projects. PRICE ANALYSIS - H-GAC provides up to a 25 percent discount off the list price for products commonly acquired by the City with no significant pricing increase compared to the last agreement approved by City Council on December 6, 2016 (M&C P-11978). In addition, Information Technology Solutions staff negotiated additional discounts of up to 20 percent off H-GAC pricing in an agreement with Motorola approved by City Council on December 5, 2017 (M&C C-28495) through December 2025. BUSINESS EQUITY - An M/WBE goal is not assigned when purchasing from an approved purchasing cooperative or public entity. COOPERATIVE PURCHASE - State law provides that a local government purchasing an item under a Cooperative Purchasing Agreement satisfies any state law requiring that the local government seek competitive bids for the purchase of the item. The contract was competitively bid to increase and simplify the purchasing power of government entities across the State of Texas. ADMINISTRATIVE CHANGE ORDER: An administrative change order or increase may be made by the City Manager up to the amount allowed by relevant law and the Fort Worth City Code and does not require specific City Council approval as long as sufficient funds have been appropriated. AGREEMENT TERMS — Upon City Council's approval, the existing agreement will be renewed in accordance with H-GAC RA05-21 or its successor. RENEWAL OPTIONS — The agreement may be renewed for additional one-year terms at the City's option, in accordance with H-GAC RA05-21 or its successor. If H-GAC Contract RA05-21 is not extended but H-GAC executes a new cooperative contract with Motorola Solutions, Inc. with substantially similar terms as H-GAC Contract RA05-21, this M&C authorizes the City to purchase equipment and services under the new H-GAC contract. This action does not require specific City Council approval provided that the City Council has appropriated sufficient funds to satisfy the City's obligations during the renewal term. SUCCESSOR CONTRACTS - In the event the H-GAC agreement is not renewed, staff would cease purchasing at the end of the last purchase agreement coinciding with a valid cooperative agreement. If the City Council were to not appropriate funds for a future year, staff would stop making purchases when the last appropriation expires, regardless of whether the then-current purchase agreement has expired. The City will initially use H-GAC Contract No. RA05-21 to make purchases authorized by this M&C. As noted, H-GAC Contract No. RA05-21 expires on July 31, 2024. If H-GAC Contract No. RA05-21 is extended, this M&C authorizes the City to purchase similar equipment and supplies under the extended contracts. If H-GAC Contract No. RA05-21 is not extended, but H-GAC executes a new cooperative contract with Motorola Solutions, Inc. with substantially similar terms as H-GAC Contract No. RA05-21, this M&C authorizes the City to purchase the equipment and supplies under the new H- GAC contract. FISCAL INFORMATION/CERTIFICATION: The Director of Finance certifies that funds are available in the current operating and capital budgets, as previously appropriated, in the Info Technology Systems Fund and in the ITS Capital and CCPD Capital Projects Funds for various projects to support the approval of the above recommendation and execution of the amendment. Prior to an expenditure being incurred, the IT Solutions Department has the responsibility to validate the availability of funds. TO � Fund FROM Fund Department ID Department ID Account Project � Program I Activity I Budget ID Year Account Project Program � Activity � Budget ID Year Submitted for City Manager's Office by_ Originating Department Head: Additional Information Contact: ATTACHMENTS Mark McDaniel (6316) Kevin Gunn (2015) Donlen Ruffin (2017) Reference # Amount (Chartfield 2) Reference # Amount (Chartfield 2) i 04MOTOROLA RADIO REFRESH CSC 50054.docx (CFW Internal) FID Table Motorola 50054 Radio Refresh.XLSX (CFW Internal) Form 1295 Certificate 101180453.pdf (CFW Internal) FORT �ORTH� City Secretary's Office Contract Routing & Transmittal Slip Contractor's Name: Motoro�a so�utions, Inc. Sub�eCt Of the Agreement: Sixteenth Amendment to CSC 50054 with Motorola Solutions, Inc. for the purchase of Public Safety Radios, Associated Equipment, and Related Services M&C Approved by the Council? * Yes 8 No ❑ If �so, the M&C must be attached to the contract. Is this an Amendment to an Existing contract? Yes 8 No ❑ CSC 5oo54-A� 6 If �so, provide the original contract number and the amendment number. Is the Contract "PermanenY'? *Yes ❑ No 8 If �unsure, see back page for pernianent contract listing. Is this entire contract Confidential? *Yes ❑ No 8 If only specific information is Confidential, please list what information is Confidential and the page it is located. Exhibit A-14 is confidential (pages 4-29) & Exhibit A-15 is confidential (pages 31-32) Effective Date: Expiration Date: 07�3��2026 If different from the approval date. If applicable. Is a 1295 Form required? * Yes ❑ No 8 *If �so, please ensure it is attached to the approving M&C or attached to the contract. Proj ect Number: If applicable. *Did you include a Text field on the contract to add the City Secretary Contract (CSC) number? Yes 8 No ❑ Contracts need to be routed for CSO processin� in the followin� order: 1. Katherine Cenicola (Approver) 2. Jannette S. Goodall (Signer) 3. Allison Tidwell (Form Filler) *Indicates the information is required and if the information is not provided, the contract will be returned to the department.