June 2, 2026
Cloud-Delivered Secure Internet Access and
Security Service Edge Solution
Project Overview
The City of Holland is seeking proposals for a cloud-native cybersecurity platform that
provides secure internet access, DNS-layer threat protection, web traffic inspection, cloud
application visibility, and centralized security policy enforcement for all users, devices, and
locations.
The proposed solution shall provide protection for on-premises users, remote workers, mobile
devices, and branch locations through a unified cloud-delivered architecture without requiring
dedicated security appliances at each location.
Required Capabilities
Cloud-Native Architecture
The solution shall:
• Be delivered as a cloud-hosted service.
• Require minimal on-premises infrastructure.
• Provide globally distributed points of presence for high availability and performance.
• Support automatic updates to security intelligence and threat protection services.
• Scale to support organizational growth without major infrastructure changes.
DNS-Layer Security
The solution shall:
• Inspect and enforce security controls at the DNS layer.
• Block access to malicious, phishing, malware, ransomware, botnet, command-and-
control, and newly observed malicious domains before connections are established.
• Provide category-based filtering and policy enforcement.
• Support custom allow and deny lists.
• Protect users regardless of network location.
Secure Web Gateway
The solution shall:
• Provide cloud-based web traffic inspection and filtering.
• Support HTTP and HTTPS inspection.
• Enforce acceptable use policies through URL and content filtering.
• Identify and block malicious websites, downloads, and web-based attacks.
• Support user, group, device, and location-based policy enforcement.
Cloud-Delivered Firewall
The solution shall:
• Provide firewall functionality delivered from the cloud.
• Support Layer 3 through Layer 7 policy controls.
• Filter traffic based on IP address, protocol, port, user identity, application, and
destination.
• Apply security policies consistently across all locations and remote users.
Cloud Application Visibility and Control
The solution shall:
• Discover and identify cloud applications in use throughout the organization.
• Provide visibility into sanctioned and unsanctioned cloud services.
• Assess risk levels associated with cloud applications.
• Enable policy enforcement for cloud application usage.
Advanced Threat Protection
The solution shall:
• Utilize global threat intelligence to identify emerging threats.
• Detect and prevent phishing, malware, ransomware, and command-and-control activity.
• Provide protection against known and newly observed threats.
• Support advanced malware analysis and sandboxing capabilities.
• Leverage machine learning and behavioral analytics to identify suspicious activity.
Data Protection
The solution shall:
• Provide capabilities to identify and protect sensitive organizational data.
• Support policy-based monitoring and control of data transmitted through web and cloud
services.
• Generate alerts and reports related to potential data exposure events.
Remote User Protection
The solution shall:
• Protect users on and off the organizational network.
• Support roaming devices without requiring VPN connectivity for security enforcement.
• Provide endpoint-based protection for Windows, macOS, iOS, and Android devices.
• Maintain consistent security policies regardless of user location.
Reporting and Analytics
The solution shall:
• Provide centralized management through a single administrative console.
• Offer real-time visibility into threats, blocked activity, and policy enforcement actions.
• Generate customizable reports and dashboards.
• Support log export and integration with SIEM and security monitoring platforms.
• Retain security logs for historical analysis and compliance purposes.
Identity and Directory Integration
The solution shall:
• Integrate with Microsoft Entra ID (Azure AD), Active Directory, and other industry-
standard identity providers.
• Support role-based administration.
• Apply policies based on user identity, groups, and organizational units.
• Support multi-factor authentication integration where applicable.
Integration Requirements
The solution shall:
• Support integration with existing security monitoring and incident response platforms.
• Provide RESTful APIs for automation and reporting.
• Support syslog and SIEM integrations.
• Integrate with endpoint security and identity management platforms.
Vendor Response Requirements
Vendors shall provide:
• Detailed descriptions of how each requirement is met.
• Licensing model and pricing structure.
• Service level agreements (SLAs).
• Deployment methodology and implementation timeline.
• Training and knowledge transfer offerings.
• Documentation regarding security certifications, compliance standards, and third-party
assessments.
Selection Criteria
The selection will be based on part of the following:
A. Completeness of submittal
B. Experience and capacity of Respondent and staff.
C. Quality and methodology utilized in developing insurance placement program.
D. Compensation philosophy
Questions
Questions regarding this RFP must be made in writing to Technology Manager Joe Firmiss at
j.firmiss@cityofholland.com until Monday, June 15, 2026 at noon.
Questions and answers will be collected and published via Bidnet Direct as a communication.
Phone calls and other solicitation will not be accepted.
RFP Information
The City of Holland officially distributes RFP documents through the Michigan
Intergovernmental Trade Network (MITN) website
https://www.bidnetdirect.com/mitn/cityofholland and through the Bids and RFPs page on
the City’s website www.cityofholland.com.
Submittal
All proposals submitted in response to the RFP are due by:
Monday, June 22, 2026 11:00 a.m.
Proposals may NOT be emailed – this is a sealed RFP process.
Please submit RFP’s via the MITN website
https://www.bidnetdirect.com/mitn/cityofholland or via mail to:
Lynn McCammon
Finance Director & Purchasing Coordinator
City of Holland
270 S River Ave
Holland MI 49423
The City reserves the right to accept or reject any or all submittals, to waive any information or
irregularities in any submittal, and to cancel or revise this request. This RFP does not obligate
the City to pay any costs incurred by any respondent in the preparation of a Request for
Proposal.
This is the opportunity summary page. It provides an overview of this opportunity and a preview of the attached documentation.