(1) Vendor needs to provide secure web portal for various web applications, hosted on-premises and in the cloud, mainly comprising SharePoint farms.
- Unified portal aggregating various web applications into one workplace, allowing users secure access to multiple applications using one set of credentials.
- Mobile-friendly design.
- Apps may be on-premises installations or cloud-based (Azure, Office 365, Zoom).
- The portal should be able to host web apps that support SAML, OAuth and OpenID Connect.
- The source of this directory may be any of various on-premises Active Directory, Azure AD, LDAP, Okta or any other identity provider systems.
- Searchability, filters and grouping of apps based on certain criteria or tags.
- Multi-factor authentication should be available based on the criticality of the published apps.
- Ability to automate provisioning of apps or roles based on certain events or conditions.
- Where possible, reverse proxying should be used with minimum exposure of the web server.
- Dynamic and interactive input fields.
- Protection against common web vulnerabilities such as SQL injection and cross-site scripting.
- Sufficient support hours for the installation, initial deployment and configuration of the solution.
- Support during provisioning of custom applications and custom workflows.
- Self-registration form allowing users to register and gain access to various apps.
- Reporting and dashboarding.
- Password reset functionality.
- Access based on IP reputation
- Anti-bot protection
- DDoS protection
- Brute-force protection
- Rate-limiting or tarpitting
- Support during initial security hardening of the solution.
- Support during architectural phase.
- API access management
- Portal logs
- App statistics
- Audience location
- Audience user agents
(2) All questions must be submitted no later than April 24, 2023.
↧