SOURCES SOUGHT
70 -- Anti-Malware Solution
- Notice Date
- 12/14/2017
- Notice Type
- Sources Sought
- NAICS
- 511210
— Software Publishers
- Contracting Office
- Social Security Administration, Office of Budget, Finance, Quality and Management, Office of Acquisition and Grants, 1540 Robert M. Ball Building, 6401 Security Boulevard, Baltimore, Maryland, 21235, United States
- ZIP Code
- 21235
- Solicitation Number
- 3366-18-1004
- Archive Date
- 1/6/2018
- Point of Contact
- Katherine B. Medeiros, Phone: 4109651067
- E-Mail Address
-
katherine.medeiros@ssa.gov
(katherine.medeiros@ssa.gov)
- Small Business Set-Aside
- N/A
- Description
- Sources Sought: Advanced Threat Detection Tool and Threat Intelligence Exchange Tool The Social Security Administration (SSA) is conducting a market survey/sources sought to help determine the availability and technical capability of qualified businesses capable of providing the requirement below. This market survey/sources sought announcement is not a request for proposals, and the Government is not committed to issue a solicitation or award a contract pursuant to this announcement or based on responses to this announcement. The information from this market research is only for planning purposes, and will assist the Government in its acquisition strategy. As such, the Government will not entertain questions concerning this synopsis, and will not pay any costs incurred in the preparation of information for responding to this market survey or the Government's use of the information. Proprietary information must be clearly identified as proprietary information. The North American Industry Classification System (NAICS) code is 511210 and the size standard is $38.5M. The Social Security Administration (SSA) currently has the following McAfee products deployed: • McAfee VirusScan Enterprise (VSE) • McAfee Drive Encryption (DE) • McAfee File and Removable Media Protection (FRP) • McAfee Data Loss Prevention Endpoint (DLPe) • McAfee Network Data Loss Prevention (DLP) • McAfee Web Gateway (MWG) To enhance SSA's current McAfee malware solution, SSA has a requirement to increase response time to identify and remediate more advanced malware attacks that might not be detected in real-time when only using a signature-based malware detection method. SSA requires advanced and intelligent threat detection tools that must be equal to or comparable to McAfee Threat Intelligence Exchange (TIE) and Advance Threat Detection (ATD). To continue to protect SSA's network from zero-day threats in real-time, and prevent the loss of Personally Identifiable Information (PII), this advanced malware tool must meet the following minimum requirements: • Must integrate with SSA existing security infrastructure, McAfee ePolicy Orchestrator (ePO). Integration with McAfee ePO must not require a third party product or tool. • Must integrate with SSA existing endpoint anti-malware product, McAfee VirusScan Enterprise (VSE) and McAfee Endpoint Security (ENS), and web proxy software McAfee WebGateway (MWG). Integration with McAfee products must not require a third party product or tool. • Infrastructure must provide redundancy through load balancing or clustering of appliances. • Must support up to 170,000 endpoints with unified infrastructure. • Must be compliant with FIPS processing standards. • Must provide ability to automatically blacklist and block malicious and suspicious files using OpenDXL in real time. • Must provide ability to whitelist files and executables to prevent additional scanning and analysis. • Infrastructure and appliances must be on-premise solution with an option to install appliance software on virtual systems. • Infrastructure and appliances must integrate with LDAP for authentication. • Must provide protection against zero-day malware in real-time. • Must provide ability to analyze URLs, files, and executables for malicious codes. • Must have ability to accept both automatic and manual uploads for file submission. • Must provide ability to detonate malicious payloads in a virtual sandbox environment. • Must provide support for sandboxing current operating systems for Windows and Android. • Must provide ability to integrate with third party or cloud based file reputation repositories such as VirusTotal. • Must have ability to audit user login and actions in appliance software. • Must have ability to configure automatic backups of appliance software and configuration. • Must provide detailed information on malicious or suspicious files such as hash values. • Must provide detailed reports on payload detonation for review by Analyst. • Must include self-protection mechanisms against user tampering. Interested vendors shall submit capability statements that demonstrate their expertise in the above-described areas in sufficient detail, including any other specific and relevant information, so the Government can determine the firm's experience and capability to provide the requirements. Failure to demonstrate the capability of providing the requirement in response to this market survey may affect the Government's review of the industry's ability to perform or provide these requirements. Capability statements must be submitted via email at Katherine.Medeiros@ssa.gov by 1:00 EST on 12/22/2017. SSA will not honor or acknowledge requests for copies of a solicitation. Oral communications are not acceptable. The Government will not accept or return phone calls related to this Market Survey.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/SSA/DCFIAM/OAG/3366-18-1004/listing.html)
- Place of Performance
- Address: Headquarters, Woodlawn, Maryland, 21235, United States
- Zip Code: 21235
- Zip Code: 21235
- Record
- SN04767160-W 20171216/171214231135-a80f9cab72be6a23643e8bf907c90fac (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |