Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF NOVEMBER 22, 2006 FBO #1822
SOURCES SOUGHT

D -- 2007-S-012 CYBER SECURITY INFRASTRUCTURE SUPPORT SERVICES

Notice Date
11/20/2006
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
United States Senate, Office of the Sergeant at Arms, Finance Division, United States Senate, Washington, DC, 20510-7207, UNITED STATES
 
ZIP Code
00000
 
Solicitation Number
2007-S-012
 
Response Due
12/20/2006
 
Archive Date
12/21/2006
 
Description
DESC: MARKET SURVEY AND BIDDERS LIST DEVELOPMENT - SOURCES SOUGHT REQUEST FOR CYBER SECURITY INFRASTRUCTURE SUPPORT SERVICES. The purpose of this sources sought synopsis is to gain knowledge of potential qualified industry sources for providing cyber security infrastructure support services for the United States Senate (Senate), Office of the Sergeant at Arms (SAA). The Office of the CIO within the SAA has a broad range of responsibilities that include providing for a secure cyber environment, in which to carry out Senate business and activities. These activities are primarily carried out in the Senate?s Security Operations Centers (SOC?s). The SAA is currently conducting market research to determine the existence of viable organizations capable of providing the necessary services in support of its cyber security operations. All requirements listed below are mandatory unless otherwise noted. This Sources Sought Notice (SSN) is not a request for proposal and in no way obligates the Senate to an award of a contract. This sources sought synopsis contains the currently available information. This information is subject to change at any time. Requirements are stated in terms of minimum capabilities and characteristics required by the Senate. The key functional areas under consideration include, but are not limited to, the following: (1) Network Security Monitoring/Analysis and Event Escalation: monitor networks to ensure the integrity, availability, and confidentiality of the critical Information Technology (IT) infrastructure. Provide both on-site and off-site 24x7x365 monitoring under prescribed service levels, with an advanced level analyst available on-site during business hours performing fusion analysis described in functional area (2). Enhance and optimize an existing workflow process to identify, scope, and track potential security events, escalating to a Senate in-house incident response group. Develop sophisticated analysis methods to detect and assess anomalies. Using methods developed previously, streamline existing monitoring processes using the SIM and develop reporting dashboards. (2) Cyber Threat Analysis: provide enhanced cyber security analysis services to include indications and warnings (i.e. situational awareness) on threats and potential threats to the Senates networks using both open and classified sources; perform advanced technical analyses and operational security analyses of computer and network systems using Network Security Monitoring systems; and perform short and long-term security event trend analysis. (3) Security Research and Engineering: research, evaluate, test, and deploy security technology, products, and integrated systems for safeguarding, monitoring, assessing, and investigating the security of IT assets. (4) SOC automation and monitoring systems: SOC process development utilizing web portals for automation, and perform resource analysis for new security services. Evaluate, test, deploy, and manage a collaboration server. (5) Vulnerability analysis: Review existing material and processes to optimize, implement, and conduct an ongoing comprehensive vulnerability assessment program using an existing in-house enterprise vulnerability assessment system. Generate reports, conducts trend analysis, and produces recommendations. Maintain updates inventory of IT assets. Integrate data gathered from vulnerability assessments with SIM database. Perform security configuration verification, application configuration verification, and on-site security assessments under prescribed service levels. (6) Security Operations Center IT engineering and operations: provide both onsite and offsite IT engineering and operations 24x7x365 support under prescribed service levels, for various enterprise-grade security technologies. Manage and operate the network monitoring/intrusion detection sensor network; assess, implement, and manage numerous data sources for Security Information Management (SIM) system as well as managing and operating the SIM infrastructure. Manage SOC IT infrastructure. Develop and run a test and development computing environment. (7) Enterprise client security infrastructure: Operate and manage enterprise-wide client security software system (includes anti-virus, spyware, and firewall components) under prescribed service levels. Test new versions and capabilities, manage deployment, perform second/third level support, generate and distributes report, perform trend analysis. Optional Tasks The Contractor may be required, at the Senate?s request, to provide the following support: (8) Enterprise Technology Assessment: conduct security test and evaluation of Commercial Off-the-Shelf (COTS) products and enterprise-wide IT solutions to determine potential risks, provide implementation recommendations, and establish security configuration standards. (9) Security Policy and Standards: develop computer security and communications security guidelines and computer security policies and standards as required. (10) Forensics: provide a computer forensics capability as needed. (11) Software engineering: backend support for SOC operations; system service integration for vendor shortcomings; prototypes and develops customized security portals/?dashboards? for business units. (12) Application code review: provide services to test application and/or review source code using automated and manual processes. REQUIREMENTS: The Senate is seeking vendors who can meet its needs using commercial practices performing under 1) fixed-price, performance-based task orders for support and 2) fully burdened fixed labor hourly-rates (inclusive of travel, material and ODCs) to perform services on a time and materials basis. The vendors must be located no more than 50 miles driving distance to the United States Capitol Building. In responding to this SSN, state your qualifications to perform each of the mandatory and optional requirements listed above. The effort may require some personnel who can obtain and maintain Defense Security Systems (DSS) clearances up to and including Top Secret. Your response to each requirement must include paragraph numbering identifiable to requirements listed above. In addition, submissions must include: a) past performance experience/information for a minimum of three contracts of similar scale, less than two (2) years old that involve use of capabilities and products relevant to those necessary for the Senate=s requirements, including contract number, customer name and address, and brief synopsis of work performed relevant to requirements 1-12 listed above, b) description of capabilities to support the Senate?s ability to continue essential functions under a business continuity plan which is modeled on Federal Preparedness Circular ? 65, Federal Executive Branch Continuity of Operations (FPC-65), dated June 15, 2004 <http://www.fema.gov/txt/library/fpc65_0604.txt>, and c) organizational information including your Dun and Bradstreet number and point of contact with telephone, fax and e-mail address. After receipt and review of the responses to this SSN, the SAA intends to issue a solicitation. The information contained in this notice will be the only information provided by the Senate during the Sources Sought process. All qualified sources should respond to this Market Survey - Sources Sought by submitting an information package in accordance with the instructions provided. Vendors responding to this notice and deemed qualified by the SAA may be requested to submit a proposal in response to a solicitation. Only firms deemed qualified will be permitted to submit proposals. If suitable responses are received from qualified sources, the SAA anticipates release of a solicitation during the second quarter of Fiscal Year 2007. Neither the SAA nor the Senate will be responsible for any costs for the preparation of responses to this request. INSTRUCTIONS: Responses to this Market Survey-Sources Sought request are due to the POC no later than December 20, 2006, at 3:00 p.m. EST and shall be submitted electronically via email only to the attention of Jill T. Johnson at acquisitions@saa.senate.gov. The subject line of the email message shall be: SSN 2007-S-012 Cyber Security Infrastructure Support. No other method of transmittal will be accepted. The response shall not exceed twenty-five (25) pages. Unnecessarily elaborate submissions are discouraged. Pages over the page limitation may be discarded. Access by the SAA to information in any files attached to the response is the responsibility of the submitting party. Neither the SAA nor the Senate is responsible for any failure to access vendor?s information. THIS IS NOT A REQUEST FOR PROPOSAL. THIS NOTICE CONSTITUTES THE ENTIRE SOURCES SOUGHT NOTICE AND IS THE ONLY INFORMATION PROVIDED BY THE SAA OR SENATE. ANY REQUESTS FOR ADDITIONAL INFORMATION WILL NOT BE HONORED.
 
Place of Performance
Address: Senate Office Building, Washington, DC
Zip Code: 20510-7207
Country: UNITED STATES
 
Record
SN01184464-W 20061122/061120221253 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.