DOCUMENT
70 -- Sourcefire Intrusion Prevention System - Attachment
- Notice Date
- 10/28/2011
- Notice Type
- Attachment
- NAICS
- 334111
— Electronic Computer Manufacturing
- Contracting Office
- Department of Veterans Affairs;Technology Acquisition Center - Austin;1701 Directors Blvd;Suite 600;Austin TX 78744
- ZIP Code
- 78744
- Solicitation Number
- VA118A11RQ0123
- Archive Date
- 10/29/2011
- Point of Contact
- Angela Deren
- E-Mail Address
-
1-4432<br
- Small Business Set-Aside
- N/A
- Award Number
- NNG07DA41B VA118A-11-F-0198
- Award Date
- 9/29/2011
- Awardee
- WORLD WIDE TECHNOLOGY, INC.;60 WELDON PKWY;MARYLAND HEIGHTS;MO;630433237
- Award Amount
- $282,158.14
- Description
- JUSTIFICATION AND APPROVAL FOR AN EXCEPTION TO FAIR OPPORTUNITY 1.Contracting Activity: Department of Veterans Affairs (VA) Office of Acquisition and Logistics Center for Acquisition Innovation - Austin 1701 Directors Blvd., Suite 600 Austin, TX 78744 2.Description of Action: This proposed action is for a Firm-Fixed-Price Delivery Order (DO) issued under the National Aeronautics and Space Administration (NASA) Solutions for Enterprise-Wide Procurement (SEWP) IV Government-Wide Acquisition Contract (GWAC), for a Network Intrusion Prevention System (IPS) solution that will protect VA traffic traversing the VA Wide Area Network (WAN) and the Defense Information Systems Agency (DISA) Defense Information Systems Network (DISN) as well as the Region 2 and 3 networks. This will be an inline device used to monitor network traffic for vulnerabilities, network attacks, buffer overflows and be capable to prevent these attacks. Additionally, maintenance support is required for the aforementioned solution. The period of performance for the maintenance support will consist of a one year base period with three, 1-year options. 3.Description of Supplies or Services: The proposed action will provide a device, which has in line service speeds of 150 mbps as well as provide capture of pre- and post-event traffic for analysis. It must also be 'host-aware' in that if vulnerable traffic is detected to a patched and protected system, that this event will be intelligently ignored. It must provide integration with Lightweight Directory Access Protocol (LDAP) and Active Directory. It must be able to be easily compatible for submission of real time events to a Security Information and Event Management (SIEM) product. It must have the ability to scan for PII data. It must be able to have SNORT intrusion prevention rules imported and have 'Open Signatures', meaning that code for all signatures must be viewable and editable as well as the ability to create custom signatures easily. The IPS solution must be capable of monitoring and detecting attacks on Internet Protocol version 6 (IPv6) networks. It must be able to provide real time auto tuning of IPS rules gathered from host information. The IPS needs to be able to activate, and if needed, block on rules depending on host information. IPS solution must have built in NetFlow monitoring of all seven layers of the network protocols. Additionally, maintenance support is required to ensure the aforementioned solution remains operational. The total estimated price of the proposed action, inclusive of the base year and all option years, is. 4.Statutory Authority: The statutory authority permitting other than full and open competition is 41 U.S.C. 253(j)(b) as implemented by the Federal Acquisition Regulation (FAR) Subpart 16.505(b)(2)(ii)(B), "Only one awardee is capable of providing the supplies or services required at the level of quality required because the supplies or services ordered are unique or highly specialized." 5.Reason for Authority Cited: Based on extensive market research, as described in paragraph 8 of this document, it was determined that limited competition is available for this brand name item and service. Sourcefire Realtime Network Awareness Host Data is able to pull host information from nmap and Nessus scans to determine if IPS signatures will be applicable or not. This is valuable in the reduction of false positives. The IPS is also able to analyze the host data to automatically activate applicable signatures in monitor and block mode if necessary. The IPS is unique in that it can provide NetFlow monitoring and be able to provide IPv6 monitoring. 6.Efforts to Obtain Competition: Market research was conducted, details of which are in the market research section of this document. Limited competition is anticipated for the required brand name items and maintenance. Furthermore, in accordance with FAR 5.3 the contract award will be synopsized on the Federal Business Opportunities (FBO) Page. In addition, this Justification and Approval (J&A) will be made publicly available on the FBO page. 7.Actions to Increase Competition: Although the Government is limiting competition as a result of specifying a brand name item, there are authorized resellers of these products on the NASA SEWP IV GWAC. Limited competition for this requirement among these vendors is anticipated. Accordingly, this J&A and the Request for Quote will be submitted to all four (4) groups on the NASA SEWP IV GWAC in order to fully notify all interested parties and obtain price competition. Any quotations received will be evaluated. Furthermore, in order to remove or overcome barriers to competition in future acquisitions for this requirement, the agency will work with the program office to perform additional market research in a timely manner so that other solutions can be considered. 8.Market Research: National Data Center Program/Corporate Data Center Operations staff consulted with Gartner Group to determine if there were viable products from other manufacturers besides Sourcefire to meet VA requirements of IPS. As a result, additional market research was conducted with three other contractors (IBM-ISS, Enterasys, and Tipping point) to confirm that the current requirement for Sourcefire was the best value to the Government. Market research was conducted by VA via phone calls to vendors on the NASA SEWP IV GWAC to ensure this solution was available on contract. Based on this market research, limited competition is expected for the proposed action. As stated above, the Sourcefire IPS solution meets the VA requirements. 9.Other Facts: The Sourcefire Intrusion Prevention System/Intrusion Detection System is currently available and in production in the Austin Information Technology Center (AITC). VA is currently expanding it into Philadelphia and Hines Information Technology Centers as well as the consolidated VistA sites in order to expand the architecture to accommodate the increased capacity needs that are anticipated due to the national data center consolidation project.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/notices/fd1939d2ed63d275515ae25e26a18d2b)
- Document(s)
- Attachment
- File Name: NNG07DA41B VA118A-11-F-0198 NNG07DA41B VA118A-11-F-0198.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=269347&FileName=NNG07DA41B-008.docx)
- Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=269347&FileName=NNG07DA41B-008.docx
- Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
- File Name: NNG07DA41B VA118A-11-F-0198 NNG07DA41B VA118A-11-F-0198.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=269347&FileName=NNG07DA41B-008.docx)
- Record
- SN02614492-W 20111030/111028233854-fd1939d2ed63d275515ae25e26a18d2b (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |