Security: Must be compliant to Family Educational Rights and Privacy Act guidelines for student data. Caching: Must incorporate high-performance caching capability, to accommodate unexpected or sudden spikes in traffic, as well as a way to bypass the caching for immediate review of changes made to any given site. Scalable Architecture: Must include a flexible infrastructure with the ability to scale during high demand time periods, or system performance degradation. Resilient Architecture: Must include a fault tolerant infrastructure with no single point of failure Monitoring: Must include secure cloud/web-based monitoring dashboards with service-level statistics viewable by personnel on demand. Disaster Recovery. Backup and Recovery. Distributed Denial of Service Protection: Must be resilient to DDoS attacks, with a capability of no less than 50Gbps throughout. Ability to block IP addresses quickly. Vulnerability Management: Any service should have a vulnerability management practice and regularly scan for network level and service level vulnerabilities Patch Management: Any service should have a patch management practice and immediately patch for all critically categorized vulnerabilities. SSL/TLS Requirements: All sites must support and force the use of TLS 1.2 or greater. Change Management: Any service should have a change management practice that includes the concepts of maintenance windows, impact and risk assessments, quality control and customer communications.
