Loren Data's SAM Daily™

fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF SEPTEMBER 08, 2011 FBO #3575
DOCUMENT

70 -- CDCO Security Network Access Control - Justification and Approval (J&A)

Notice Date
9/6/2011
 
Notice Type
Justification and Approval (J&A)
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Department of Veterans Affairs;Center for Acquisition Innovation-Austin;1701 Directors Blvd;Suite 600;Austin TX 78744
 
ZIP Code
78744
 
Solicitation Number
VA798A11RQ0125
 
Archive Date
9/30/2011
 
Point of Contact
Leonard Eddie
 
E-Mail Address
Contract Specialist
(leonard.eddie@va.gov)
 
Small Business Set-Aside
N/A
 
Award Number
NNG07DA25B VA118A-11-0135
 
Award Date
8/31/2011
 
Description
JUSTIFICATION AND APPROVAL FOR EXCEPTION TO FAIR OPPORTUNITY 1.Contracting Activity:Department of Veterans Affairs Office of Acquisition and Logistics Center for Acquisition Innovation - Austin 1701 Directors Blvd., Suite 600 Austin, Texas 78744 2.Description of Action: This proposed action is for a Firm-Fixed-Price Delivery Order (DO) to be issued under the National Aeronautics and Space Administration (NASA) Solutions for Enterprise-Wide Procurement (SEWP) IV Government-Wide Acquisition Contract (GWAC), for a Cisco brand name Network Access Control (NAC) solution to be implemented with the Department of Veterans Affairs (VA) Corporate Data Center Operations (CDCO). The NAC solution is required to provide network hierarchal device and solution management, identify newly connected devices on the network, and provide compliance auditing and scanning of systems on the network. Additionally, maintenance support will be provided under the existing VA Smart Net contract for the aforementioned appliances. 3.Description of Supplies/Services: The proposed action will provide Cisco brand name NAC appliances and maintenance support. Cisco brand name NAC appliances include hardware, such as network identification and authentication devices, with embedded software, including a perpetual license. The specified equipment and software for this acquisition is listed below with the original equipment manufacturer part numbers. Description/Part Number NAC 3315 Collector Failover Bundle - max up to 1000 devices / ISE-3315-K9 SHARED SUPP SAU NAC APPLIANCE COLLECTOR RELEASE 3.1.1 / CAB-AC NAC APPLIANCE COLLECTOR RELEASE 3.1.1 / ISE-SW-1.0-K9 NAC Appliance 3315 Server Hardware / CON-SNT-ISE3315 Cisco Identity Services Engine 1000 EndPoint Base License / L-ISE-ADV3Y-1K= Cisco ISE 1000 EndPoint 3Year Advanced Subscription License / L-ISE-BSE-1K= (Software Warranty Support subscription) Cisco brand name NAC appliances ensure compliance with Austin Information Technology Center's (AITC) accreditation, interoperability with VA's existing network technology infrastructure and will align with the CDCO Security Standardization project. The CDCO is a provider of Federal Information Technology (IT) business solutions and includes the AITC data center. The AITC is a franchise fund organization that provides IT services to VA and other Federal agency customers. THE CDCO/AITC has the requirement to be able to implement a NAC solution that will augment the existing AITC network posture and remediation service by creating profiling rule sets to protect the network, providing roaming within VA facilities and allowing VA guests/ non-AITC laptops to be fully audited for compliance. Furthermore, the NAC solution is required to be compatible with existing AITC network switches and QRadar Security Information Event Manager (SIEM). The CDCO/AITC received a Plan of Action and Milestones (POA&M) as a result of an Office of the Inspector General (OIG) finding of unprotected workstation network ports at the CDCO/AITC. The CDCO/AITC has the requirement to provide security controls on the network physical ports and workstation port security within the AITC, Hines Information Technology Center (HITC), and the Philadelphia Information Technology Center (PITC) to closeout this POA&M. In addition, the NAC solution is required to interface with the AITC's Federal Information Security Management Act (FISMA) accredited Internetwork Operating System (IOS) standard and QRadar Security Information Event Manager (SIEM). The CDCO Security group is standardizing IT Security tool sets and processes, which the CISCO NAC solution will support. Standardization of IT Security technologies to included the needed CISCO NAC solution in the accredited network will not cause deployment or configuration delays due to accreditation violations or interoperability issues. In addition, NAC appliance maintenance support will allow for remedying hardware and software defects as well as enhancing and optimizing software; it includes all new fixes, patches, corrections, releases, updates, versions and upgrades to the software. Technical support consists of a range of services providing 24x7x365 assistance for the hardware and software via telephone, e-mail, Website, or otherwise. This will ensure the appliances remain operational. The total estimated price of the proposed action is __________. 4.Statutory Authority: The statutory authority permitting other than full and open competition is 41 U.S.C. 253(c)(1) as implemented by the Federal Acquisition Regulation (FAR) Subpart 6.302-1(c) entitled, "Only One Responsible Source and No Other Supplies or Services Will Satisfy Agency Requirements- Brand Name". 5.Rationale Supporting Use of Authority Cited Above: Based on extensive market research, as described in paragraph 8 of this document, it was determined that limited competition is available for the aforementioned brand name appliances and maintenance support. AITC's Network is accredited in accordance with the Federal Information Security Management Act (FISMA) of 2002. CDCO/AITC is required to implement a NAC solution that provides interoperability within the ATIC network's existing FISMA accreditation and with QRadar SIEM. Cisco network devices are currently in production on the AITC network and at the other three data centers within the CDCO. The current production configuration needs to be augmented to include Cisco network access control architecture. The NAC solution requires Cisco IOS network architecture for VA network interoperability and to provide compatibility with the current CDCO SIEM solution. Deviation from the current Cisco architecture will present compatibility issues, which will cause integration issues and network downtime. A Cisco branded NAC solution will allow for protecting the AITC network integrity and availability to AITC visitors and only a Cisco branded NAC solution will allow interoperability with existing AITC network switches, network IOS and integration with QRadar SIEM and be compliant with AITC's Network FISMA accreditation. 6.Efforts to Obtain Competition: Market research was conducted, the details of which are in Section 8 of this document. Limited competition is anticipated for the required brand name appliances and services. 7.Actions to Increase Competition: Although the Government is limiting competition as a result of specifying brand name appliances and services, there are multiple authorized resellers of the brand name items on the NASA SEWP IV GWAC. Limited competition among these vendors is anticipated. Additionally, this Justification & Approval and the Request for Quotation will be submitted to all four NASA SEWP IV GWAC groups in order to fully notify all interested parties. Any quotations received will be evaluated. In accordance with FAR 5.202(a)(6), this effort is exempt from synopsizing since the proposed contract action is an order placed under an existing Indefinite Delivery/Indefinite Quantity contract. 8.Market Research: The Government's technical experts have determined that a Cisco branded NAC solution appliances and maintenance support is the only available NAC solution that will provide interoperability within the ATIC network's existing FISMA accreditation and with existing QRadar SIEM without modifying the existing accreditation. Specifically, from May 2010 to June 2011, the Government's technical experts from the CDCO/AITC staff consulted Gartner's Magic Quadrant for network access control, various vendors, vendor white papers and other product reviewing agencies to determine if there were products from other manufacturers that could meet VA's functionality requirements. The Government's technical experts reviewed industry leading solutions by Juniper, Symantec and Sophos. Upon examination, the technical experts determined these appliances and services cannot provide the needed existing architecture VA requires. VA's technical experts determined these software products are not able to meet all of VA's needs, to include CISCO's accredited IOS network architecture that exists in the CDCO. Cisco NAC appliances are the only commercially available NAC solution that is compatible with AITC's network accreditation and existing CISCO IOS infrastructure, as outlined in paragraph 5 above. Additionally, in July 2011, CDCO/AITC technical experts reviewed four NASA SEWP IV GWAC groups to determine if more than one contractor was capable of providing the required Cisco appliances and services. The results of the market research indicated there were fifteen existing contractors capable of providing the required Cisco appliances and maintenance support; therefore, limited competition is not anticipated for this proposed action. 9.Other facts supporting the use of other than full and open competition: None. 10.Technical and Requirements Certification: I certify that the supporting data under my cognizance, which are included in this justification, are accurate and complete to the best of my knowledge and belief. Benito UrbinaDate: ____________ Chief, Technical Security Signature: _________ 11.Fair and Reasonable Cost Determination: I hereby determine that the anticipated price to the Government for this contract action will be fair and reasonable. Contracts awarded on NASA SEWP IV GWAC have already been determined to be fair and reasonable. There are twenty-seven (27) potential vendors on the NASA SEWP IV GWAC, price competition is anticipated. Finally, the successful quotation will be compared to the Independent Government Cost Estimate. Kari CozzensDate: ______________________ Procuring Contracting OfficerSignature: ______________________ 12.Procuring Contracting Officer Certification: I certify that this justification is accurate and complete to the best of my knowledge and belief. Kari CozzensDate: ______________________ Procuring Contracting OfficerSignature: ______________________ 13.Legal Sufficiency Certification: Not required for this acquisition. As the Contracting Officer for this action and based on the foregoing justification, I hereby approve a Firm-Fixed-Price Delivery Order to be issued under the National Aeronautics and Space Administration Solutions for Enterprise-Wide Procurement IV Government-Wide Acquisition Contract, for Cisco brand name Network Access Control appliances to be implemented within the VA Austin Information Technology Center. Additionally, maintenance support is required for the aforementioned appliances. The proposed action will be issued as an exception to fair opportunity pursuant to the authority of Federal Acquisition Regulation Subpart 6.302-1(c), subject to availability of funds, and provided that the property and support herein described have otherwise been authorized for acquisition. Date: ____________Signature:_________________________________ Kari Cozzens Contracting Officer
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/notices/eb28fcac9420477138cef440c9b442ec)
 
Document(s)
Justification and Approval (J&A)
 
File Name: NNG07DA25B VA118A-11-0135 NNG07DA25B VA118A-11-0135_1.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=251771&FileName=NNG07DA25B-000.docx)
Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=251771&FileName=NNG07DA25B-000.docx

 
Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 
Record
SN02563921-W 20110908/110906235952-eb28fcac9420477138cef440c9b442ec (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)

FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.