Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF AUGUST 16, 2020 SAM #6835
SOURCES SOUGHT

70 -- Request for Information (RFI) Number HHM402-20-RFI-HostBased-EndPoint

Notice Date
8/14/2020 6:46:16 AM
 
Notice Type
Sources Sought
 
NAICS
511210 — Software Publishers
 
Contracting Office
VIRGINIA CONTRACTING ACTIVITY WASHINGTON DC 203405100 USA
 
ZIP Code
203405100
 
Solicitation Number
HHM402-20-RFI-HostBased-EndPoint
 
Response Due
8/24/2020 1:00:00 PM
 
Archive Date
09/08/2020
 
Point of Contact
Cheryl Hyatt, Phone: 7037356417, Maj Sauceda
 
E-Mail Address
Cheryl.Hyatt@dodiis.mil, Giacomo.Sauceda@dodiis.mil
(Cheryl.Hyatt@dodiis.mil, Giacomo.Sauceda@dodiis.mil)
 
Description
Title:�� Host Based/End Point Security Industry Study �� 1.�SCOPE� This is a Request for Information (RFI), as defined in Federal Acquisition Regulation (FAR) 15.201(e).��The Government is issuing this RFI in an effort to understand market availability, for Host Based and End Point Security capabilities described in this RFI.��Any information submitted by respondents to this request is strictly voluntary.��This is not a request for proposal�(RFP, request for quotation�(RFQ), or invitation for bid�(IFB), nor does its issuance obligate or restrict the Government to an eventual acquisition approach. The Government does not intend to award a contract on the basis of responses from this RFI or pay for the preparation of any information submitted or for the use of such information. The Government will use RFI responses for planning and market research.��To the maximum extent possible, please submit non-proprietary information.��Any proprietary information submitted should be identified as such and will be properly protected from disclosure.��The Government is not liable for damages related to proprietary information that is not properly identified.��Proprietary information shall be safeguarded in accordance with the applicable Government regulations.��Responses to the RFI will not be returned. � � � � 2.�PURPOSE � The Defense Intelligence Agency (DIA), Virginia�Contracting Authority (VCA),�is seeking information on businesses that have expertise in enterprise wide�Host-Based and End Point Security. The objective is to identify vendors that have the capability to provide agent or agentless capability to provide Host-Based and End Point Security �to detect, prevent, and report anomalous (outside user norms) or noncompliant activity (in violation of established rule sets) occurring on their host machines that will enable effective and timely response generation in accordance with ICS 502-2. ��This RFI should be able to support Cloud base, hybrid and stand-alone architectures within the IC Information Environment (IC IE). 3.�COMPANY CAPABILITIES � Ensure that host-based /end point asset and configuration management information is aggregated and made available in non-mutated state, which supports audit and logs in case of required investigative actions. Able to correlate trend analysis, review audit logs, and reassess existing configuration and protection requirements in response to anomalies and incidents. Automate Implementation/rollout to maintain change management processes (e.g., signature updates, sensor tuning) when available and that adhere to established host-based/end point protection requirements. Establish and maintain a Security Information and Event Management (SIEM) and repository that includes the following capabilities: Store and aggregate event and host data from multiple hosts (show scaling of end points) (Provide in detail ability to scale from 10 to Million end points) Store events/alerts � roll up/provide automated discovery and details Identify the events, the enforcement of policies, and the updating of intrusion prevention/antivirus signatures on hosts/end points, to include describe management ease of implementing white list/black list management. As required support encrypted communications between servers using a Federal Information Processing Standard (FIPS) 140-2 certified cryptographic module Use asset tracking with configuration baseline and configuration to identify changes in baseline Provide dashboards/SIEM at the analytical, CND operational, and executive levels with attribute-based access controls Import and integrated computer security related information made available from multiple vendors of host security products Agent based or agentless, describe and identify which host that are configured to not interfere with the operation and collection of other IC or DOD required agents used for the detection of insider threats where utilized Provide anti-virus/malware/spyware protection on all hosts/end points, workstations, and servers including virtual machines. Scan Enterprise Storage and remove malware from network attached storage devices (NAS). Scan desktops to view Security Content Automation Protocol (SCAP) for internal and external security audits Support automated discovery and defense of elastic workloads and containers to eliminate unknown areas of threat, provide multi-cloud management. Provide Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) for all hosts, workstations, and servers including virtual machines Configure a firewall on endpoints including virtual machines, enable white listing Monitor, block, restrict, and report on the use of removable devices and media, to include identify data removed from environment, and include audit support Monitor, block, restrict, and report on the use of embedded devices or other user peripherals and monitor device status (whether enabled or disabled. Monitor host process via configurable Host Integrity Check that verifies the capability to compare running processes against a standard baseline for workstations, during both off network and on network operations Provide quarantine rule set and automated remediation procedures based on host integrity check results on all hosts during both off network and on network operations. Monitor file systems via configurable host integrity tests for anomalous file system status. Monitor host configuration via a configurable Host Integrity Check for configuration drift based on compliance policy; during both off network and on network operations. Enforce security and compliance policies off-line, including connection awareness to sense and react to online/offline/online status changes; identify hosts that fail to report in that were previously managed. Monitor, detect and deter unauthorized anomalous user or privileged user activity related to end point devices including unauthorized use of removal media, unauthorized uploading and downloading of information including malware, escalation of privileges, unauthorized changing of Anti-Virus settings and unauthorized connection of user devices to government networks. ��Enable browser-protection solution that monitors, audit web based searching and browsing activity on workstations; Protect against threats on web pages and downloads.� �Identified commercial robust support training to engineer, implement and sustain technical operations in support of personnel conducting host-based security activities.� Identify experience in providing Tier 0 � Tier 4 Cleared Help Desk to handle technical, architecture and troubleshooting support.� 4. END POINT SCENARIOS � 1-1K end points: 1K-100K end points: 100K � greater end points: For each above: Identify types/kinds of HW and SW resources required to meet requirements above. Also, describe the level of effort and possible labor categories for architecture, engineer and implementation and continued operation in a cloud and hybrid environment. � � � 5.�ASSUMPTIONS �� The Government�anticipates that an award will be made during�the second�quarter�of fiscal year (FY)�2021. � �� 6.�REQUEST FOR INDUSTRY INPUT� Offerors�responding to this RFI should include the following�information: � �� Business name, business type, socio-economic status (e.g., Veteran-Owned, Woman-Owned, Disadvantaged Small Business, 8(a), etc.),�business and technical points of contact�(including telephone number�and�email address), GSA Contract number/SIN number (if applicable), and DUNS number/Cage Code Briefly summarize your company�s experience in Section 3 �Company Capabilities�.� Briefly summarize any risk management framework experience and/or if your company was able to obtain Authorization to Operate (ATO). Summarize your company�s experience in Section 4 �End Point Scenarios�. Provide specific examples for each scenarios.����� 7.�SUBMISSION OF QUESTIONS � Questions in response to this RFI should be�submitted by email to both the Contract Specialist and Technical Points of Contact�no later than 4:00 PM Eastern on 17 August 2020.� Questions received after 4:00 PM Eastern on 17 August�2020�may not be answered.� The subject line of the email should read �Questions in Response to RFI Number HHM402-20-RFI-HostBased-EndPoint�.� Questions should be emailed to the Contract Specialist and Technical Points of Contact in accordance with the information stated below:� Contract Specialist:� Cheryl Hyatt Email address:��Cheryl.hyatt@dodiis.mil Technical Point of Contact:��Maj Sauceda Email address:��giacomo.sauceda@dodiis.mil Late questions received�in response to this RFI�may not be answered.��Industry responses to this request are considered as consent review by an internal team of DIA government employees. Respondents are advised that the Government is under no obligation to provide feedback with respect to any information submitted.��All submissions become Government property and will not be returned. All personnel reviewing RFI responses will have signed non-disclosure agreements and understand their responsibility for proper use and protection from unauthorized disclosure of proprietary information. � � �� NOTE:� Questions received in response to this RFI will be posted on or about 14 August 2020. 8.�SUBMISSION FORMAT �� The subject line of the email should state �Response to�RFI Number�HHM402-20-RFI-HostBased-EndPoint Responses shall:� Be formatted for printing�on 8.5 X 11 inch paper,�single-spaced, Times New �Roman, 12-point font, with one�(1)�inch margins all around, compatible with MS Office Word 2013 or�higher/newer� Be submitted in Adobe PDF format. Not exceed a total page count of fifteen (15)�pages.��� Be marked appropriately when containing propriety or business-sensitive data� Note:� Some email systems may block file types such as .zip or other macro-enabled extensions; respondents should verify receipt.� identify�administrative/business and technical�point(s) of contact�(name, address, phone number, and email address)�� briefly summarize the capabilities and core competencies of the company as it relates to the Request for Information����� 9.�SUBMISSION INSTRUCTIONS� Responses to this RFI must be submitted via email to Cheryl Hyatt at�Cheryl.Hyatt@dodiis.mil�no later than 1600 Eastern on 17 August 2020. �� 10. POINTS OF CONTACT: �� Primary Point of Contact:� Contract Specialist:� Cheryl Hyatt Email address:��Cheryl.hyatt@dodiis.mil 11. DISCLAIMER � �� This RFI is issued solely for information�gathering only.� This RFI does not constitute a formal solicitation for proposals.� In accordance with FAR 15.201(e), responses to this RFI are not offers and cannot be accepted by the Government to form a binding contract.��This RFI does not commit the Government to contract for any supply or service in any manner.��Respondents are advised that the U.S. Government will not�provide reimbursement for costs incurred in responding to this RFI.� All costs associated with responding to this RFI will be solely at the interested parties' expense.��Not responding to this RFI does not preclude participation in any future�request for proposal (RFP)/request for quote (RFQ), if any is issued.��However, an�Offeror's�facility clearance, experience, and ability to quickly staff with qualified personnel will improve the potential for contract award. � � The Defense Intelligence Agency, Virginia Contracting Agency�thanks all respondents in advance for their feedback.��� First Round of Questions have been posted. Question Due Date and Submission of Responses is extended to COB on 24 August 2020.
 
Web Link
SAM.gov Permalink
(https://beta.sam.gov/opp/989709c6fe23467f875114a9e21b2c44/view)
 
Place of Performance
Address: Bolling AFB, DC 20032, USA
Zip Code: 20032
Country: USA
 
Record
SN05759823-F 20200816/200814230202 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.