‫جامعة آل البيت‬
‫دائرة العطاءات المركزية‬
Central Committee for Tender
)2015/44( ‫مواصفات العطاء رقم‬
‫توريد برمجية حماية األجهزة الحاسوبية‬
(Endpoint Security solution) ‫من الفيروسات‬
)Technical Specifications for the Endpoint Security solution(
1. General requirements:
This project provides for supply 2500 licenses for one year of Anti-Virus software for
on PCs and Servers in al albayt university. As described in the table:
Machine
Servers
Servers
Desktops





Ten44-15-m
Platform (OS)
Windows based
Linux based
Windows based
Quantity
25
25
2450
The centralized management server will be placed at computer center.
The bidder will be responsible for installation & configuration of the centralized
management server and deployment process for the PCs and servers. According to a
specific schedule by the computer center.
The bidder should provide on site training for four technical personals.
The endpoint security solution should include important endpoint security features
such as (Anti-Virus, Anti-malware, Anti-spyware, Protection from Known-Unknown
and Advanced Threats, Automatic Exploit Prevention, Host-based Intrusion
Prevention System (HIPS), Personal Firewall, Application Control, Web Control,
Device Control, Vulnerability and Patch Management, Integrated encryption
technology, Software Distribution and Troubleshooting …. Etc ).
In case of some of above features needs to third-party applications or needs to
another application package, The bidder should mention them, Where he is obliged
to implementation and operation of this solution.
1
‫ج‬.‫ح‬/‫خ‬.‫ع‬
)02/6297027( ‫) فاكس‬4672/4614/4612( ‫) فرعي‬02/6297000 ( ‫ هاتف‬/ ‫ دائرة العطاءات المركزية‬/ ‫جامعة آل البيت‬
2. Requirements of endpoint security solution for windows workstations
Should function on the following versions of operating systems:




Microsoft Windows 8 Professional / Enterprise (x32, x64)
Microsoft Windows 7 Professional / Enterprise / Ultimate (x32, x64)
Higher Microsoft Windows Vista Business / Enterprise / Ultimate (x32, x64)
Microsoft Windows XP (SP3, SP2, SP1).
Should have the following functionalities:















Ten44-15-m
Resident antivirus monitoring.
Network attack protection software.
Heuristic analyzer that allows to identify and block previously unknown malware
more efficiently.
Detection of hidden processes.
Antivirus scanning on the user's or administrator's request and according to a
schedule.
Antivirus checking and disinfection of files packed.
Antivirus checking and disinfection of files in the archives using the RAR, ARJ, ZIP,
CAB, LHA, JAR, ICE formats, including password-protected files.
Cloud-based technology that provides the ability to receive verdicts in online mode
about applications and executable files running on the computer.
Protection of email correspondence from malware and spam. Scanning of traffic on
the following protocols: IMAP, SMTP, POP3, regardless of the mail client being used;
Regardless of the type of protocol (including MAPI, HTTP) as part of the operation of
plug-ins incorporated in the mail program of Microsoft Office Outlook.
Protection of HTTP-traffic – scanning of all objects entering the user's computer
through the HTTP/FTP protocol.
Scanning of scripts – scanning of all scripts, developed in Microsoft Internet Explorer,
as well as any WSH scripts (JavaScript, Visual Basic Script WSH scripts (JavaScript,
Visual Basic Script etc.), launched when the user works on the computer, including
the Internet.
Protection against still unknown malware based on an analysis of their behavior and
examination of changes in the system registry, with the option of automatic
restoration of system register values changed by the malware.
Applications control that prevents applications from performing actions that may be
dangerous for the system, and ensures control of access to operating system
resources and protected data.
Protection against hacker attacks by using a firewall with an intrusion detection and
prevention system (IDS/IPS) and network activity rules for most popular applications
when working on computer networks of any type, including wireless networks.
Protection against masking programs, auto redial programs, blocking of banners,
pop-ups, malicious scenarios downloaded from websites and identification of
phishing sites.
2
‫ج‬.‫ح‬/‫خ‬.‫ع‬
)02/6297027( ‫) فاكس‬4672/4614/4612( ‫) فرعي‬02/6297000 ( ‫ هاتف‬/ ‫ دائرة العطاءات المركزية‬/ ‫جامعة آل البيت‬











Ten44-15-m
Applications installation/startup control that regulates the launch of applications by
rules with criteria: path to the folder with the executable file of an application,
metadata (the original name of the executable file of an application, the name of the
executable file of an application on the drive, the version of the executable file of an
application, the application name, and the application publisher), MD5 hash of the
executable file of an application.
Control over the user's work with external input/output devices, limiting access to
external USB carriers, multimedia devices and other data storage devices, ability to
create trusted devices by identifier, and allowing selected users to access to devices.
Acceleration of scanning process by skipping objects whose status have not changed
since the last check.
Detecting vulnerabilities, with results available in reports
Update enforcement via Windows Update for Microsoft applications.
Flexible user management of PC resources to ensure comfortable working conditions
for the user when scanning the file space.
Application self-protection technology, protection from unauthorized remote
management of an application service as well as protection of access to application
parameters via password, preventing the disabling of protection from malware,
criminals or amateur users.
Ability to choose which antivirus components will be installed.
Integrated file level encryption (FLE) and full disk encryption (FDE) functionality that:
1. Allows to encrypt files on local computer drives or on removable drives.
Create encryption lists of files by extension or group of extensions and
encryption lists of folders on local computer drives. And supports several file
encryption modes for removable drives.
2. Allows to encrypt all files that specific applications create or modify on both
hard drives and removable drives.
3. Allows to manage rules of application access to encrypted files. Define an
encrypted file access rule for any application. It blocks access to encrypted
files or allows access to encrypted files as ciphertext only.
4. Allows to create encrypted packages for safe data sharing with a password.
The contents of an encrypted package can be accessed only by entering the
password that protects it.
5. Allows to encrypt full hard drives and removable drives. Specify the default
hard drive encryption rule and create a list of hard drives to be excluded
from encryption. Specify a default encryption rule by which the application
applies the same action to all removable drives, or configure encryption rules
for individual removable drives.
6. Allows to manage user rights to boot an OS on computers with encrypted
hard drives. Create user accounts with settings that allow or block user
access to encrypted hard drives after users pass authentication by the
Authentication Agent.
Restoration of encrypted devices if an encrypted hard drive or removable drive is
corrupted.
Managed by centralized administrative system.
3
‫ج‬.‫ح‬/‫خ‬.‫ع‬
)02/6297027( ‫) فاكس‬4672/4614/4612( ‫) فرعي‬02/6297000 ( ‫ هاتف‬/ ‫ دائرة العطاءات المركزية‬/ ‫جامعة آل البيت‬
3. Requirements of endpoint security solution for servers:
Should function on the following versions of operating systems:






Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008
Microsoft Windows Server 2003
Red Hat Enterprise Linux
(all Editions) (x32, x64)
(all Editions) (x32, x64)
(all Editions) (x32, x64)
(all Editions) (x32, x64)
(all Editions)
(5 and higher) (x32, x64)
Should have the following functionalities:















Resident antivirus monitoring.
Heuristic analyzer that allows to identify and block previously unknown malware
more efficiently.
Detection of hidden processes, with iswift, ichecker technologies
Network attack protection software.
Protection against hacker attacks by using a firewall with an intrusion detection and
prevention system (IDS/IPS) and network activity rules for most popular applications
when working on computer networks of any type.
Antivirus scans on the user's or administrator's request and according to a
schedule. Antivirus checking and disinfection of files packed using PKLITE, LZEXE,
DIET, EXEPACK, … etc technologies.
Antivirus checking and disinfection of files in the archives using the RAR, ARJ, ZIP,
CAB, LHA, JAR, ICE formats, including password-protected files.
Protection against still unknown malware belonging to registered families, based on
heuristic analysis.
Acceleration of scanning process by skipping objects whose status have not changed
since the last check.
Scanning of critical sections of the server as a standalone task.
Special task for detecting vulnerabilities, results should be available in reports.
Regulation of the distribution of server resources between antivirus and other
applications depending on task priority: option to continue background antivirus
scanning.
The availability of multiple ways to notify administrator about important events that
have taken place (mail notification, audible announcement, pop-up window, log
entry).
Application self-protection technology, protection from unauthorized remote
management of an application service, as well as protection of access to application
parameters via password, preventing the disabling of protection from malware,
criminals or amateur users.
Managed by centralized administrative system.
4. Requirements for the management system
Ten44-15-m
4
‫ج‬.‫ح‬/‫خ‬.‫ع‬
)02/6297027( ‫) فاكس‬4672/4614/4612( ‫) فرعي‬02/6297000 ( ‫ هاتف‬/ ‫ دائرة العطاءات المركزية‬/ ‫جامعة آل البيت‬
Management software for all protected resources must function with the following operating
systems:
 Administration server and Administration console:

Microsoft Windows Server ( 2003 , 2008 , 2008R2, 2012, 2012R2) (x32 /
x64)
 Microsoft Windows (7, 8 ) Professional/Enterprise/Ultimate (x32/x64)
 The administration server must use of the following database management
systems:


Microsoft SQL Express / Server (2005, 2008, 2008R2, 2012).
MySQL / MySQL Enterprise 5 or higher
 Administration agent:

The software must meet the requirements for antivirus protection
software for workstations and servers.
Management software for all protected resources must have the following functionalities:














Ten44-15-m
Installation of the antivirus protection system from a single distribution disk.
Creation of logic network groups based on the Active Directory structure.
Automatic relocation of unassigned computers to manage groups.
Centralized installation/update/deletion of antivirus protection software, setting,
administration, viewing reports and statistical information on software
operation.
Centralized deletion of incompatible software.
Centralized applications installation/startup control that regulates the launch of
applications by rules with criteria: path to the folder with the executable file of
an application, metadata, MD5 hash of the executable file of an application.
Centralized web control with ability to restrict access to predefined categories of
websites and to restrict downloads by the types of data.
Various methods of antivirus protection software installation: remote methods RPC, GPO, net agents; local method – stand-alone installation package.
Remote installation of antivirus protection software from the latest version of
application databases.
Automatic update of antivirus protection software and antivirus databases.
Checking the integrity and authenticity of updates using electronic digital
signatures.
Vulnerability scan for computers in the network, ability to provide reports on
detected software vulnerabilities.
Microsoft applications update enforcement via Windows Update.
Automatic license deployment.
5
‫ج‬.‫ح‬/‫خ‬.‫ع‬
)02/6297027( ‫) فاكس‬4672/4614/4612( ‫) فرعي‬02/6297000 ( ‫ هاتف‬/ ‫ دائرة العطاءات المركزية‬/ ‫جامعة آل البيت‬




















Testing uploaded updates using administration server resources before
distribution to client machines. Delivery of updates to user workstations
immediately after their receipt.
Virtual machine recognition for further load optimization when several virtual
machine running on single host.
Centralized control of external input/output devices, limiting access to external
USB disks and flash devices, multimedia devices and other data storage devices,
ability to create trusted devices by identifier, and allowing selected users to
access to devices.
Creation of a multi-level management system with the option of setting
administrator and operator roles, as well as the forms of reports presented on
every level.
Update of software and antivirus databases from various sources via
communication channels and via technical information carriers.
Centralized collection of information and creation of reports about the status of
antivirus protection.
Collecting information on hardware devices used in the network.
Collecting information on applications installed in the network.
Integrated operating systems image management: capturing from template
machines and remote installation on target client machines.
Centralized remote installation of third-party applications.
Integrated patch management functionality: centralized discovery and remote
installation of OS and third-party applications updates.
Integrated Network Access Control (NAC) functionality.
Support of the data encryption management feature.
Availability of a mechanism of notification about events in the operation of
installed antivirus protection applications and setting of mail about them.
Centralized collection of information about all applications installed on client
computers.
Export of reports in the PDF and XML file formats.
Centralized management of objects of backup storage and quarantine locations
on all network resources in which antivirus software is installed.
Ability to create backup copy of management system.
Monitoring and provide antivirus protection management via web console.
Allowing the administrator to:
1. Create and store images and remotely deploy systems.
2. Prioritize the treatment of hardware and software vulnerabilities with a
powerful combination of advanced Vulnerability Scanning and intelligent
Patch Management.
3. Set data and infrastructure access policies for users and guests with
Network Admission Control.
4. Deploy and install updates and new software to users remotely from the
central console.
Ten44-15-m
6
‫ج‬.‫ح‬/‫خ‬.‫ع‬
)02/6297027( ‫) فاكس‬4672/4614/4612( ‫) فرعي‬02/6297000 ( ‫ هاتف‬/ ‫ دائرة العطاءات المركزية‬/ ‫جامعة آل البيت‬
‫شروط خاصة للعطاء ‪:‬‬
‫تقدم األسعار بالدينار األردني شاملة جميع ننععاع الاعراوا عالرسععم الجمرويعة عشعاملة اعر بة‬
‫‪.1‬‬
‫المبيعات‪.‬‬
‫األسعار تشمل التعر د عالترويا عالتشغيل في المعاق التي تحددها الجامعة‪.‬‬
‫‪.2‬‬
‫الجامععة ييععر مقيععدب بلقععل األسعععار علقععا الحعة فععي تجأوععة الع ععاا نع لغاوع وليععا نع جأويععا ا‬
‫‪.3‬‬
‫اقتات مصلحة الجامعة لع عفعي ن مرحلعة معر م ارحعل الع عاا دعر نر يوععر للمناقصعير‬
‫الحة في الم البة بلية خسارب نع ارر ناتج عر ل ‪.‬‬
‫تحديد الماروة عالمنشل عالصناعة بشول عااح عدقية‪.‬‬
‫‪.4‬‬
‫ارعرب رفاق عينة نع وتالعج للبنعد‪.‬‬
‫‪.5‬‬
‫مدب الصيانة المجانية‪ :‬لمدب سنة مر تار خ الترويا عالتشغيل‪.‬‬
‫‪.6‬‬
‫يتم التعر د عالترويا عالتشغيل خالل شقر مر تار خ التعقي على اإلحالة‪.‬‬
‫‪.7‬‬
‫* ضررررورة ارفرررا )‪ (C.D.‬يشرررتمل علرررا عررررو امورررعار والمواصررربات الب يرررة لكرررل ب رررد علرررا بر رررام‬
‫)‪.(Word‬‬
‫ع‪.‬خ‪/‬ح‪.‬ج‬
‫‪7‬‬
‫‪Ten44-15-m‬‬
‫جامعة آل البيت ‪ /‬دائرة العطاءات المركزية ‪ /‬هاتف ( ‪ )02/6297000‬فرعي (‪ )4672/4614/4612‬فاكس (‪)02/6297027‬‬