Check the "Contract Updates for the Week"

ENTERPRISE LICENSE FOR ENDPOINT VULNERABILITY SOFTWARE
(contract last updated 06/18/2010)
SCOPE: Contract for the Division of Information Technology (DoIT) for Enterprise License for Endpoint Vulnerability Scanning Tools for software for the University of Wisconsin System Schools that will provide vulnerability and patch scanner features which can identify and report on installed software on endpoints as well as any missing security patches.
CONTRACT # DESCRIPTION
10-5264 ENTERPRISE LICENSE FOR ENDPOINT VULNERABILITY SOFTWARE
CONTRACT ORIGIN: ADDITIONAL INFORMATION:
UW-Madison
Purchasing Services
21 N Park St, Ste 6101
Madison, WI 53715-1218 		UW-Madison users contact:
Carl Hubbard
(608) 262-6557 FAX (608) 262-4467
CHubbard@bussvc.wisc.edu
RESTRICTED TO: UW-Madison for UW-System
COOPERATIVE PURCHASING: NO
CONTRACT TERM: June 11, 2010 through June 10, 2015, unless amended, cancelled or rebid.
Vendor(s)
135288
Secunia
Weidekampsgade 14A
DK-2300 Copenhagen S
Denmark
     
Sales Representative: PHONE # FAX
Thomas Piil +45-70205144 +45-70205145
DIRECT LINE: +45-33387620  
MOBILE: +45-27149250  
E-mail tp@secunia.com
  PHONE #  
Ordering/Expediting: +45-70205144 +45-70205145
Invoice Information: +45-70205144 +45-70205145
Returns: +45-70205144 +45-70205145
Supplier Diversity Reporting: +45-33387601 +45-70205145
Website: www.secunia.com
Commodity Code 208-90
Federal Employee ID # (FEIN) 26-833345
F.O.B. “D” F.O.B. DESTINATION, FREIGHT PREPAID AND ALLOWED
“V” F.O.B. SERVICE/MAINTENANCE
Terms: N/30
Delivery: 1-2 days ARO
Invoicing: Invoices shall reflect contract pricing.
Pricing Information: Contact agent for pricing at (608) 262-6557 or e-mail (chubbard@bussvc.wisc.edu)

SPECIFICATIONS

1.         The product must be able to report on vulnerabilities on all common Microsoft products.

2.         The product must be able to detect vulnerabilities on at least 500 third party applications including Abode Reader, Flash and Java.

3.         The product must offer an agent install for client machines.

4.         The product must offer an agent-less install for client machines.

5.         The product must encrypt network traffic between the product's console/collector and the client machines.

6.         The product must collect and store software inventory and vulnerability information in a central database installed on a customer server which allows for direct customer access, e.g. direct customer database queries.

7.         The product must provide integration with Microsoft Windows Server Update Service and System Center Configuration Manager.

8.         The product must work on the following Microsoft operating systems; XP, Vista, 7, Server 2003 and Server 2008.

9.         The product must report on found installed end of life programs.

Name : Secunla Corporate Software Inspector Verslon 4 — Enterprlse Sewer Edltlon

CSI scans for more than 15.000 unique applications, thereby giving you insight into both Microsoft and third party applications.

CSI allows you to scan all applications within your infrastructure using Secunia's own “FiIe Scanning
Technology". This technology is a “truIy non·intrusive" scan and creates a highly accurate mapping of all
installed applications, as well as their version numbers for the entire infrastructure. Using the Secunia
Advisory Database. these mappings are checked for missing patches, thus giving a complete overview of vulnerable software within a network.

lntegratlon wlth Mlcrosoft WSUSISCCM for 3"' Party patchlng.

CSI 4.0 integrates directly with Microsoft WSUS/SCCM for patching 3'° party applications making CSI 4.0 a All-In-One Vulnerability Management system, allowing you to detect, prioritize, patch and verify missing security updates with a few simple clicks.

CSI Reports

One of CSl‘s fundamental elements is its reports. which can give you an ovenziew of either an entire
infrastructure, a specific group or a single hosts. This allows you to identify all security risks, assess the
general security level and view a variety ol other factors that influences your lT security. Furthermore it
tracks your security status. enabling you to continuously document the IT security progress. The ease of making and reading reports allows them to be used intemally within the IT depanment or as an audit/status tool for other departments, such as the Board of Directors. management, finance. etc.
Additionally you have the option of generating reports of a more technical nature.

Revision History
link to top of document