The Department of Home Affairs has launched a tender for a comprehensive Extended Detection and Response (XDR) system, to bolster cyber security across its extensive network infrastructure.
The tender seeks a contemporary solution to provide enhanced protection for all user, functional and compute endpoints throughout the department's networks.
With approximately 24,000 users and 44,000 endpoints including workstations, laptops and kiosk-style devices, the department faces significant challenges in maintaining security across its diverse infrastructure spanning every state.
The new system will replace aging endpoint protection software while adding extended detection and response capabilities across all devices, including servers, mobile devices and virtual desktop infrastructure.
"The solution will help the Department meet its cyber security obligations in accordance with the Protective Security Policy Framework, and be a foundational technology to support a future Zero Trust implementation," the tender documentation states.
Key requirements include the ability to prevent, detect and contain malware, perform investigations both manually and automatically, and gather telemetry from all endpoints to provide a unified view of security threats.
Furthermore, the new solution should be IRAP [Infosec Registered Assessors Program] assessed and be able to store Australian Commonwealth PROTECTED data.
Machine learning analysis is expected to be a core component, allowing the system to identify and respond to incidents as they occur.
The tender specifies that all classified information must be processed onshore in compliance with Australian data sovereignty laws, with system administrators requiring appropriate security clearances.
Implementation is expected to start by July 2025, and fully deployment by June next year.
The department has structured the delivery in two phases: first replacing existing products and their current functions, then extending security capabilities to provide additional protections meeting the department's requirements.
Industry responses must address both technical functional requirements and security measures, with very important elements including real-time threat detection, application control capabilities, and continuous monitoring across all department endpoints.
The successful tenderer will also be required to provide comprehensive training, documentation and 24/7 support for the solution.
Closing time for the tender lodgement is May 6, at 2 pm ACT time.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
