Orange County NC Website
Customer Agency Name <br /> Month 1, 2019 <br />The Proposal Title Goes Here and Breaks Like This Use or disclosure of this proposal is subject <br /> to the restrictions on the cover page. <br /> Motorola Solutions Confidential Restricted ASTRO 25 Advanced Services Statement of Work 1-35 <br />1.4.7 Security Monitoring <br />Security Monitoring provides continuous monitoring of authentication logs and monitors for potential <br />introduction of malware into the ASTRO 25 network. <br />1.4.7.1 Scope <br />ASTRO 25 Security Monitoring is available 24 hours a day, 7 days a week. The service is delivered <br />by the Motorola Solutions Security Operations Center (“SOC”). The SOC is part of Motorola <br />Solutions’ Cyber Security Organization and is staffed by highly trained and experienced security <br />professionals. When a security event is detected, the security specialists run remote diagnostics and <br />initiate an appropriate response. This response may consist of continuing to monitor the event for <br />further development, or logging an incident for dispatch of a field service or customer technician <br />(dependent on any maintenance agreement). <br />Motorola Solutions responds to events in accordance with Section 1.4.7.7: Security Monitoring <br />Priority Level Definitions and Response Times. <br />1.4.7.2 Inclusion <br /> Antimalware Monitoring - ASTRO 25 is shipped with antimalware software and the service <br />remotely monitors this for activity such as deletion, quarantine, and alerting of suspicious <br />software. <br /> Authentication Monitoring - ASTRO 25 may be accessed by users of Microsoft Windows and <br />RSA logins. The service remotely monitors such logins for repeated failures and locked accounts. <br /> Firewall Monitoring - ASTRO 25 systems may be deployed with various firewalls, as described <br />in Section 1.4.7.6: Potential ASTRO 25 Firewalls, which may or may not support remote <br />monitoring. The service remotely monitors supported firewalls . <br /> Intrusion Detection System (“IDS”) Monitoring - An IDS is a deployable option within the <br />system located between the ASTRO 25 firewall and the Customer Enterprise Network (“CEN”). <br />The service remotely monitors an IDS for the Customer where deployed. <br /> Centralized Event Logging - ASTRO 25 has provided the ability to forward device syslogs to a <br />single virtual server called the Centralized Syslog Server. The service remotely monitors syslog <br />data elements forwarded by the centralized event logging server. <br />1.4.7.3 Motorola Solutions Responsibilities <br /> Motorola Solutions will provide a secure router for installation at the ASTRO 25 firewall. If the <br />Customer is unable to install, please contact your CSM who will be able to arrange for this to be <br />completed. Note this may incur an additional fee. <br /> Provide, maintain the SIEM collectors. <br /> If the Centralized Event Logging feature is not installed on the Customer’s ASTRO 25 system, <br />Motorola Solutions will install it as part of this service. <br /> Verify connectivity and monitoring is active prior to start of service. <br /> Will coordinate with the Customer to maintain service authentication credentials. <br /> Maintain trained and accredited technicians and monitor the Customer’s system 24/7/365 for <br />malicious or unusual activity. <br /> <br />DocuSign Envelope ID: 22453AE7-FED2-4AEF-91BB-1C6406B68FE8