CMMC Secure Enclave: 12-Week Implementation

KTL will configure and implement Office 365, Enterprise Mobility & Security, and Windows 10 Enterprise features in a Virtual Desktop Infrastructure (VDI) in Azure Government and configure Azure Sentinel services. Services provided will cover: • Deployment of Azure Active Directory Domain Services. • Deployment and configuration of Azure Virtual Desktops within supported Azure Government regions. • Deployment of a next generation network security appliance to protect devices within the enclave. • Configuration of routing and access control lists to limit connectivity to only services identified as required. • Configuration of conditional access policies • Deployment and configuration of Azure Sentinel • Configuration of up to five Azure Sentinel analytic rules. • Configuration of up to five Azure Information Protection (AIP) labels • Deployment of Microsoft Defender for Endpoint on supported systems within the environment. • Configuration of Microsoft Defender for Office 365 following industry and vendor best practices • Configuration of backups for user data within Office 365 and Azure • Configuration of Azure AD Privilege Identity Management features if Azure AD P2 licenses are purchased. • Configuration of Office 365 B2B features • Configuration of Azure AD user settings following industry and vendor security best practices.
• Creation of a System Security Plan (SSP) to document CMMC practices/objectives satisfied through technical configurations. • Identification of CMMC practices/objectives that customer is responsible for or can be met using additional third-party services. • Set up of VDI for users in Azure Government • Configuration of services and document configurations mapped to CMMC/NIST 800-171 • Determining and Configuration of Required Compliance Policies • Determining and Configuration of Required and Supportable Configuration Policies • Configuration of Conditional Access Policies • Configuration of Exchange DLP rules

~ 12-Week Timeframe