Network Management Software / Patch Management

General  Support both agent-based and agent-less in management/deployment of the

Requirements endpoint systems
 Have centralized single dashboard user web interface.
 Be able to manage/deployment on Windows 7 and later, MaCOS X10.10 and
later, Linux variants including Ubuntu, Redhat, SUSE Linux, and Linux AS and ES
 Able to configure and implement using Group Policy Objects (GPO)
Inventory and  Discover all installed software, with comprehensive details such as (not
Asset restricted to) version information and installed patches on all managed
endpoints.
 Be capable to regularly, automatic re-discovery to ensure the asset inventory
remains accurate and up to date.
 Discover comprehensive details such as (not restricted to) IP address(es), host
name, connection status, BIOS, processor(s), disk drive(s), memory and any
other systems information of all managed endpoints.
 Organized, coherent and is up-to-date to recognize software name changes
and packaging variations.
 Tracking of vendor, contract, service and maintenance contracts
 Accurate monitoring of application use, including the number of times an
application is started and cumulative application usage metrics
 Reporting that facilitates license harvesting and reuse, as well as compliance
 Software catalog providing details on discovered software applications, such as
software category and threat level
OS and Application  Ability to remotely provision any desktop, laptop or server via hardware-
Deployment independent network OS installation or disk imaging
 Remote and unattended bare-metal provisioning that enables the automation
of both pre and post-provisioning tasks, including disk formatting and
application deployment
 Fast mass systems deployments to remote sites from any location
 Automated system driver inventory and download
 Pre-migration analysis, such as identifying which machines can be upgraded
and which applications are supported on which Windows releases
 Streamlining of tasks such as user state migration, operating system
deployment and application distribution
 Remote distribution and installation of any application, update or digital asset
to Windows and Linux desktops and servers, including .msi, .exe, .zip, and
batch files
 Dynamic groups that enable you to easily control which machines are
addressed and when
 Direct access to application deployment best practices and technical
information from community websites
 Easy application distribution without the need for time-consuming and
complex repackaging
 Support for a wide range of package types, including .msi, .exe and .zip for
windows as well as .rpm, .zip, .bin, .tgz, and tar.gz for Linux
  The ability to include parameters or full command lines to customize
installations and avoid repackaging
 The ability to automate many configuration tasks that would typically require
manual processes or advanced scripting
 Preconfigured scripts and policies, such as USB device control, that can be
easily configured.
 The ability to directly execute shell scripts
Security  Wizards for creating scripts to set and enforce security policies for browsers,
firewalls and anti-virus applications
 Wizard-based configuration of conditional, multi-dependency and multi-stage
scripts and policies
 Easy granular configuration of the timing and targets for script deployment
 Comprehensive yet easy to use OS and application patching, including the
ability to uncover vulnerabilities and then quickly and easily schedule their
remediation
 Patch repositories that include OS patches for Windows, MacOS and the most
popular applications
 The ability to scan individual nodes, groups of nodes or even all nodes for a
complete view of vulnerabilities
 The ability to interface with a broad set of predefined industry standard scans
such as OVAL and SCAP, which are regularly augment with new tests as they
are defined and published
 The ability to set testing schedules and customize result reports
Reporting and  Preconfigured and ad-hoc reports and dashboards
Dashboards  Flexible wizard-based report creation tools
 Ability to build reports using SQL queries
 Ability to schedule and email reports to ease distribution and administration
 Integration points for third party tools
 Ability to generate report in various formats including HTML, CSV, TXT, excel
and PDF
Remote Control  Centralized user console that provides direct access to any endpoint registered
and Recovery to the client management solution
 Support for third party remote control packages such as UltraVNC, Windows
RDP, Bomgar
 The ability to remotely boot any system on the network
 The ability to perform Wake-on-LAN functionality
System  Support alert notification through SMTP and/or SNMP traps.
Management  Provide a centralized web-based management console
 Support SNMP v2c and v3
 Provide system logs & audit trail of administrative actions
 Able to integrate with AD assign roles to AD users
 Ability to control access and privilege until granular level for each different
individual users and roles
 Authentication  It should allow role-based administration, for example full admin rights, read-
and Authorization only
 It should support fine-grain control of user access permissions
 It shall allow role-based administration, for example full admin rights, read-
only
 It shall also provide support fine-grain control of user access permissions. It
shall also allow the definition of user roles to manage a specific device groups
within the role definition.
 It shall allow integration of LDAP or AD to facilitate mapping of LDAP or AD user
groups to system roles.
Support and  With 1 year warranty, updates and support
Certification  With 24 x 7 available phone, remote and e-mail technical support
 With 8 x 5 Onsite and remote support
 With support on the installation, configuration and deployment
 Provider should have at least 1 certified in-house administrators/engineers of
the proposed solution
Total Estimated Price: P465,000.00

Prepared by: Noted by: Approved by:

Winnie A. Gerio Doris R. Jimenez Aniceto C. Orbeta, Jr.

Information Technology Officer I Division Chief II, ICTSD Technical Advisor, ICSTD

John Mark V. Fernandez

Information Technology Officer I