MESPT-ICT-10-2025 – PROVISION OF TRELLIX ENDPOINT DETECTION AND RESPONSE SECURITY SOLUTION. Full Time NEW

TERMS OF REFERENCE

FIRMS ONLY

PROVISION OF TRELLIX ENDPOINT DETECTION AND RESPONSE SECURITY SOLUTION.

INTRODUCTION

Micro-Enterprises Support Programme Trust (MESPT) is a Kenyan development organization established in 2002. MESPT’s overall objective is to promote economic growth, employment creation and poverty alleviation through enterprise development. This is achieved predominantly through support to the development of agricultural value chains whilst embracing and promoting the green growth and climate change agenda. Through its vision of building a more Prosperous Society, MESPT facilitates increased commercialization, decent employment and green transformation through targeted interventions in the selected value chains. The Trust is a multi-donor entity jointly founded by the Government of Kenya and the European Union who later relinquished their position to the Royal Danish Embassy in Kenya, Ministry of Foreign Affairs of Denmark (DANIDA). To learn more about MESPT, please visit www.mespt.org.

1. PURPOSE

The purpose of this Request for Proposal (RFP) is to solicit proposals from vendors for an Endpoint Security Solution. The Endpoint Security solution must provide continuous endpoint monitoring, behavioural analysis, incident response, and capabilities to identify and mitigate advanced threats. It must integrate seamlessly with the existing infrastructure and provide centralized visibility and management.

1. OBJECTIVE

The objective of this RFP is to acquire and deploy Trellix endpoint security solution that improves the detection of threats and protection from threats on endpoint devices across MESPT. The specific Objectives are as follows:

1. Simplify deployment using a central management solution
2. Provide high quality proactive threat detection and response capabilities
3. End point protection for targeted attacks
4. Proactive web security
5. Provide analysts with machine-generated insights into attacks and proactive insight on threats before the attack
6. Zero-day threat detection.
7. Rollback remediation
8. Fast report generation; provide the right data at the right time for the task at hand i.e. historical search, real time search, on-demand data collection and trending campaigns.
9. Reduce the mean time to detect and respond to threats
10. Seamless integration with other security infrastructure to expand visibility, increase operational efficiency and improve outcomes.

Technical Requirements

Endpoint Detection and Response:

1. Provide high quality proactive threat detection and response capabilities. The solution must provide always-on data collection and multiple analytic engines throughout detection and investigation stages to help accurately surface suspicious behavior, make sense of alerts, and inform action.
2. Cross platform support: End point security for Microsoft windows, Linux, MAC OS.
3. Seamless Integration: The solution should be able to integrate with other security infrastructure to expand visibility, increase operational efficiency and improve outcomes.
4. Zero-Day Exploit Protection: Detect and mitigate zero-day exploits that are not detected by traditional signature-based methods.
5. Device Control: provide comprehensive device management to enable safe use of removable media.
6. Drive Encryption: protection of data on systems by encrypting the entire hard drive by offering pre-boot authentication and a powerful encryption engine to prevent unauthorized access, loss and exposure.
7. Application Control and change control: write protect and read protect critical files from unauthorized tampering
8. Malware and Fileless Attack Prevention: Prevent advanced malware and fileless attacks that evade traditional detection methods.
9. Proactive Threat Hunting: Enable security teams to conduct proactive searches for hidden or undetected threats.
10. Behavioral Analytics – Behavior-based detection results that map to the MITRE ATT&K® framework to support a more consistent process to determine the phase of a threat and its associated risk, and to prioritize a response.
11. Central Management: The solution should provide scalable, simple deployment. The solution should provide a centralized security management platform that simplifies deployment and ongoing maintenance of the Endpoint Security Solution. The solution should provide management flexibility to fit diverse organizational needs
12. Role based Access: The solution should provide role-based access by function.
13. Reporting
14. Dashboards: The solution should provide dashboards with drill down capability to make it easier to identify and select aspike of events or network flows.
15. Scheduled Reports: The solution should have the ability to schedule reports and send exception alerts.
16. The ability to generate alerts: The solution must be able to provide real-time monitoring and rule-based alerting.
17. Report Creation: The solution must provide an intuitive reporting interface that can leverage existing reports or the creation of new reports. The reports should also provide for drill down capabilities.

Qualification and experience profile of the firm relevant to this assignment.

At least five years’ experience in implementing related ICT solutions. Experience in implementing McAfee is an added advantage.

Ability of the proposed solution to meet the Technical Specifications and Requirements

Technical qualifications of the technical personnel, certifications from Trellix for implementation of the proposed solution. The technical personnel should have at least 4 years of experience implementing similar ICT security solutions.