The Australian Signals Directorate (ASD) is looking for a provider of a managed protective Domain Name Server (DNS) to block known malicious domains for internal and external Australian Cyber Security Centre (ACSC) customers.
The ASD said the protective DNS capability will also provide information to customers to improve their security posture and provide information to the ACSC to improve the cyber security mission.
Currently there is no government-wide protective DNS capability that is centrally managed, the tender documents stated.
The ACSC has limited visibility of the Government DNS environment and does not have a centralised, responsive method to identify and protect Government agencies from malware using DNS as part of the compromise vector.
The project, dubbed WinterRose, will be delivered in two phases. Phase one will see a pilot covering 10 to 15 organisations, which could take up to 12 months. However the RfI has a phase one period set for July-December 2019.
From this, ASD expects to provide quantitative data to the ACSC to determine the feasibility, costs and benefits of upscaling these efforts to protect all levels of Australian Government and key systems, including critical infrastructure.
Phase two of the project could see the service be extended to all levels of Australian government and key systems, including critical infrastructure with an internet facing self-service portal that allows users to sign up, configure and receive reports on the service.
The project has several requirements which are divided into services including threat-blocking recursive DNS; threat feed ingest and validate services; sinkhole services; logging, reporting and intelligence feed services, customer service portal; management services; security monitoring, operations and responsive services and first time and ongoing security certification and accreditation services.
The invitation to register went live on 4 March and will close on 18 March, shortlisted candidates will be advised on 29 March.
A contract is expected to be awarded in June with the protective DNS and customer service portal design and build to be ready by 30 September.