Laserfiche WebLink
SOLICITATION # CH16012 <br />FireEye At rest: Data are collected using automated batch and real-time processes and by manual <br />personnel -driven actions via an Analyst facing Portal. Any information that is collected may be <br />stored temporarily within appliances attached to our customers' networks and may subsequently <br />be transmitted back to one or more FireEye datacenters. Data transmitted from a customer's <br />network to a datacenter travels over a strong encryption Virtual Private Network ("VPN") <br />established by the appliances. <br />At transit: FireEye's network sensors are configured to collect full packet capture of customer <br />network streams, including those originating from or destined to potentially malicious IP <br />addresses, matching signature -based network indicators of compromise, results of domain name <br />lookups, and full e-mail messages including headers, content and attachments. This information is <br />primarily stored on -site on the appliances and only meta data matching FireEye / Mandiant <br />indicators of compromise are sent to FaaS. <br />VirtueStream Virtustream's use of Intel® Trusted Execution Technology (Intel® TXT), a hardware -root of trust <br />security feature, and Intel® AES-NI encryption acceleration helps secure and protect virtualized <br />environments against malware and provides more of the critical infrastructure and data protection <br />assurances needed to enable trusted multi -tenancy in the cloud. Virtustream offers solution for <br />data -at -rest and data -in -transit encryption solution for our customers as optional service, as most <br />of our customer environment is only accessible via private network and only to the internal users <br />of the customer. Solutions available to our customer as follows. <br />1. IPSEC VPN Tunnel for data -in -transit and <br />2. VM level encryption for files and databases <br />3. Encrypted Backup (all backups are encrypted by default) <br />The technologies of encryption available throughout the entire data Iifecycle and all are FIPS 140- <br />2 compliant. <br />a) DB and File System Encryption <br />b) Encrypts file system and volume data transparently to: <br />i) Applications <br />ii) Databases <br />iii) Storage Infrastructure <br />c) Integrated Key Management <br />d) High Efficiency Encryption <br />i) Centralized Key Management <br />ii) Policy Management <br />iii) Detailed Auditing <br />iv) Highly Available <br />v) FIPS 140-2 Certified Hardware Appliance <br />vi) Very Low Encryption Penalty due to Intel AES-NI enabled chip sets used <br />e) Encryption of Virtual Machine, OS and App <br />i) Integration of SafeNET Protect-V <br />ii) Logging of all image access <br />f) Encryption in Archive <br />g) Implements Encryption, Access Control, Auditing on Host (LUW) <br />h) Kernel Level Driver —Win <br />i) File System — Unix/Linux <br />j) Support for file systems and raw partitions <br />k Highly efficient block encryption <br />8.6.13 Describe policies and procedures regarding notification to both the State and the Cardholders of a <br />data breach, as defined in this RFP, and the mitigation of such a breach. <br />carahsoft <br />carahsoft <br />