Loren Data's SAM Daily™

fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF NOVEMBER 18, 2012 FBO #4012
SOURCES SOUGHT

70 -- host-based monitoring and digital forensics software

Notice Date
11/16/2012
 
Notice Type
Sources Sought
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of Homeland Security, Transportation Security Administration, Headquarters TSA, 601 S. 12th Street, TSA-25, 10th Floor, Arlington, Virginia, 20598, United States
 
ZIP Code
20598
 
Solicitation Number
2113203RFICIO575
 
Archive Date
12/6/2012
 
Point of Contact
Douglas W Gerard, Phone: 571-227-5202, Kristin S Fuller, Phone: 571-227-2740
 
E-Mail Address
douglas.gerard@tsa.dhs.gov, kristin.fuller@dhs.gov
(douglas.gerard@tsa.dhs.gov, kristin.fuller@dhs.gov)
 
Small Business Set-Aside
N/A
 
Description
SECTION I: Purpose Product, Service or Outcome Needed: Focused Operations (FO) is in need of a tool to monitor and conduct digital forensics at the host-based level. Networked monitoring solutions are not the purpose of this procurement. Scope of the Product, Service, or Outcome: The scope of this procurement is an enterprise solution to host-based monitoring and the collection of digital forensics information. SECTION II: Background The Information Assurance & Cyber Security Division (IAD)/Focused Operations (FO) Branch supports areas of cyber threats and digital forensics. FO is seeking an enterprise technology that will automate enterprise-wide host-based monitoring. TSA has approximately 25,000 host nodes in its enterprise. SECTION III: Technical Requirements/Tasks/Outcomes FO is seeking a technology that will focus at the user host level. The following is a list of requirements that the technology must perform: 1. Ability to monitor activities through a. Keystroke monitoring/logging b. Chat monitoring/logging c. Email monitoring/logging d. Attachment monitoring/logging e. Website monitoring/logging f. Network activity monitoring/logging g. Files transferred monitoring/logging h. Document tracking monitoring/logging i. Screenshot capture j. Program activity monitoring/logging 2. All activities that are being monitored/logged must call back to a central enterprise command infrastructure and transfer its collected data a. If a host is connected to the TSA network, it will communicate with the central command b. If a host is not connected to the TSA network, it will continue collecting on the host. Once it connects back to the TSA network, it will then transfer its collected data automatically 3. The end user must not have the ability to detect this technology. 4. The end user must not have the ability to kill the process or service. 5. All communications to and from the host and the central command must be encrypted with FIPS approved algorithms. 6. Ability to alert based on specific criteria such as a name and/or combination of names 7. Ability to mine through all the collected data using built-in or third party tools 8. The configurations must be customizable to eliminate operational impact to the end user 9. Ability to monitor Windows based systems at the host and retrieved via network connection. 10. Potentially have the ability to monitor MacOSX at the host and retrieved via network connection. 11. The technology must be able to comply with FISMA requirements. 12. Ability to transfer licenses from one host to another. Due to the limited budget surrounding this initiative, the technology must be able to automatically transfer licenses from one host to another. Additionally, the offeror must provide formal training of their proposed technology. SECTION IV: Submission instructions Submissions shall not exceed 5 pages, single sided, in length. Submissions should include detailed information that communicates the products(s) ability to meet the requirements described in the Section III of this RFI.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DHS/TSA/HQTSA/2113203RFICIO575/listing.html)
 
Place of Performance
Address: TSA HQ, 701 S. 12th ST, Arlington, Virginia, 20598-6011, United States
Zip Code: 20598-6011
 
Record
SN02933090-W 20121118/121116235225-8fa9efcbe076002333ee882b8b84d33f (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)

FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.