Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF JUNE 13, 2024 SAM #8234
SOLICITATION NOTICE

D -- Cloud Broker & ATO-Ready Secure Cloud Enclave for AWS and GCP

Notice Date
6/11/2024 11:12:36 AM
 
Notice Type
Solicitation
 
NAICS
541511 — Custom Computer Programming Services
 
Contracting Office
ARGONNE NATL LAB - DOE CONTRACTOR Lemont IL 60439 USA
 
ZIP Code
60439
 
Solicitation Number
4-B148-P-00218-00
 
Response Due
6/27/2024 3:00:00 PM
 
Archive Date
07/01/2024
 
Point of Contact
Cully Johnston
 
E-Mail Address
cjohnston@anl.gov
(cjohnston@anl.gov)
 
Description
Appendix �B� Argonne National Laboratory Statement of Work Cloud Broker & ATO-Ready Secure Cloud Enclave for AWS and GCP 6/1/2024 1.0 Background The Computing, Environment and Life Sciences Directorate (CELS) at Argonne National Laboratory is dedicated to advancing scientific research through cutting-edge computing technologies. To enhance the capabilities of our research community, CELS aims to expand its IT service offerings by providing access to public cloud services. This initiative is driven by the need to enable researchers to experiment and consume innovative technologies in a flexible and scalable cloud environment. By leveraging public cloud services, CELS can offer robust and innovative solutions that meet the diverse needs of its research projects. However, to successfully integrate public cloud services into our IT infrastructure, it is crucial to ensure that all compliance and security procedures are in place. This includes managing risks effectively in accordance with relevant regulatory standards, such as FedRAMP and FISMA, and ensuring adherence to NIST SP 800-53 based controls. This RFP seeks to establish an ATO Ready Public Cloud Enclave that aligns with these requirements, enabling CELS to provide secure and compliant public cloud services to its research community. 2.0 Scope The scope of this project includes a comprehensive discovery and documentation process to capture Argonne National Laboratory's decisions and requirements for designing, building, operating, and monitoring a secure public cloud enclave. The contractor will be responsible for producing an Authority to Operate (ATO) document that demonstrates compliance with NIST 800-53, FedRAMP Moderate, and FISMA standards. This document will be subject to review by internal Argonne cybersecurity assessors as well as Department of Energy (DOE) site office assessors and compliance personnel. The project will employ infrastructure as code (IaC) methods to deliver all configurations, policies, and compliance monitoring code through a Git repository. This repository will facilitate efficient and auditable changes to the secure cloud enclave. Additionally, the contractor will capture and incorporate Argonne's business goals, desired outcomes, and success metrics into the deliverables, ensuring alignment with organizational objectives. An essential component of the project will be to educate and train Argonne personnel on the implemented solutions to enable them to efficiently operate the enclave. The contractor will also explore and identify the feasibility of integrating existing cybersecurity solutions and technologies into the cloud environment. The contractor will provide project management and coordination in close partnership with Argonne personnel, guiding them through the ATO process to ensure that IT systems are appropriately secured and compliant prior to production use. The solution design will position CELS as a secure cloud broker, establishing capabilities for chargeback billing and financial operations (FinOps). Objectives The primary objective of this project is to design, build, and implement a secure cloud enclave for the Computing, Environment and Life Sciences Directorate (CELS) at Argonne National Laboratory. The project aims to achieve the following specific objectives: Develop a Secure Cloud Enclave: Create a secure cloud environment that adheres to NIST 800-53, FedRAMP Moderate, and FISMA compliance standards, ensuring all configurations, policies, and compliance monitoring are managed through infrastructure as code methods. This environment shall be built in AWS, with multi-account support, and expanded to include Google Cloud Platform. Produce Comprehensive ATO Documentation: Compile an Authority to Operate (ATO) document that demonstrates compliance with all relevant security standards and can be reviewed by both internal Argonne cybersecurity assessors and DOE site office assessors. Enable Effective Operations: Educate and train Argonne personnel on the new cloud solutions, providing them with the knowledge and tools needed to efficiently operate and manage the secure public cloud enclave. Integrate Existing Solutions: Assess the feasibility of utilizing existing cybersecurity solutions and technologies within the new cloud enclave to maximize resource use and compatibility. Support Business Goals: Capture and incorporate Argonne�s business goals, desired outcomes, and success metrics into all deliverables, ensuring that the project aligns with the strategic objectives of the organization. Facilitate Project Management: Provide robust project management and coordination in partnership with Argonne personnel, ensuring clear communication, timely delivery of milestones, and effective collaboration throughout the project lifecycle. Guide Through ATO Process: Assist Argonne in navigating the ATO process, ensuring that all IT systems are secured and compliant prior to production use, thereby minimizing risks and enhancing operational security. Position as a Cloud Broker: Design the solution to enable CELS to function as a secure cloud broker, including the establishment of capabilities for chargeback billing and financial operations (FinOps), thereby optimizing resource allocation and cost management. By achieving these objectives, CELS will be able to provide its research community with access to a secure, compliant, and efficient public cloud environment, enhancing the overall research capabilities and operational efficiency of Argonne National Laboratory. 4.0 Tasks 4.1 Discovery and Documentation Conduct Initial Meetings: Organize and conduct initial meetings with Argonne stakeholders to understand project requirements, goals, and constraints � Document Requirements: Discover and document Argonne's decisions and requirements for designing, building, operating, and monitoring the secure cloud enclave. � Review Existing Systems: Assess Argonne�s current cybersecurity solutions and technologies to identify feasible integrations within the cloud enclave. � Design and Build Secure Public Cloud Enclave Create Design Specifications: Develop detailed design specifications for the secure cloud enclave, ensuring alignment with NIST 800-53, FedRAMP Moderate, and FISMA standards. � Develop Infrastructure as Code (IaC): Utilize IaC methods to deliver all configurations, policies, and compliance monitoring code via a Git repository. � Implement Cloud Environment: Build the secure public cloud enclave in AWS, with expansion to include Google Cloud Platform. � Compliance and ATO Documentation � Develop ATO Documentation: Produce comprehensive ATO documentation demonstrating compliance with relevant security standards. � Facilitate Reviews: Coordinate with internal Argonne cybersecurity assessors and DOE site office assessors to review and approve the ATO documentation. � Training and Knowledge Transfer � Develop Training Materials: Create training materials and documentation for Argonne personnel on the new cloud solutions. � Conduct Training Sessions: Organize and conduct training sessions to educate Argonne personnel on operating and managing the secure cloud enclave. � Project Management and Coordination � Provide Project Management: Offer comprehensive project management services, including regular updates, milestone tracking, and risk management. � Ensure Coordination: Maintain regular communication with Argonne personnel to ensure alignment and address any issues promptly. � Implementation and Validation � Deploy Cloud Enclave: Implement the secure cloud enclave as per the design specifications. � Validate Implementation: Conduct thorough testing and validation to ensure the cloud enclave meets all compliance and security requirements. � Guide Through ATO Process: Assist Argonne through the ATO process, ensuring all IT systems are secure and compliant prior to production use. � Financial Operations and Chargeback Capabilities � Design FinOps Solutions: Develop and implement financial operations (FinOps) solutions to enable chargeback billing and cost management. � Integrate Chargeback Capabilities: Integrate chargeback billing capabilities into the cloud enclave to support financial accountability and resource allocation. 5.0 Delivery Deliverables Discovery and Documentation Report: A comprehensive report documenting Argonne's decisions and requirements for the secure cloud enclave, due 10 days after contract award. � Design Specifications: Detailed design specifications for the secure cloud enclave, delivered within 30 days after contract award. � Infrastructure as Code Repository: A Git repository containing all IaC configurations, policies, and compliance monitoring code, delivered within 60 days after contract award. � ATO Documentation: A complete ATO document demonstrating compliance with NIST 800-53, FedRAMP Moderate, and FISMA standards, due 90 days after contract award. � Training Materials and Sessions: The vendor shall provide comprehensive training materials and conduct training sessions for Argonne personnel, which can be delivered online. The training should encompass the architecture of the solution, infrastructure as code methodologies, and the use of any IT systems involved in managing the operations and compliance of the secure cloud enclave. Substantial training and knowledge transfer should be provided to enable a group of 2-3 platform engineers to effectively maintain the solution. Additionally, for any security operations tools, specific training and knowledge transfer will need to be delivered to a team of 2-3 Cyber Security professionals. All online training sessions must be recorded and archived for Argonne's future reference and reuse. Implementation and Validation Report: The vendor shall be responsible for the full implementation and validation of the secure cloud enclave, ensuring it meets all specified requirements and standards. This includes building the enclave according to design specifications and thoroughly testing its functionality and security compliance. A detailed Implementation and Validation Report must also be provided, documenting the entire process, findings, and outcomes. This deliverable, encompassing both the implemented and validated enclave and the comprehensive report, is due within 90 days after contract award. � FinOps and Chargeback Capabilities Report: A report detailing the design and implementation of FinOps solutions and chargeback billing capabilities. � 5.2 Delivery Timeline � Initial Meetings and Planning: Within 5 days after contract award. � Discovery and Documentation Report: Within 10 days after contract award. � Design Specifications: Within 30 days after contract award. � Infrastructure as Code Repository: Within 60 days after contract award. � ATO Documentation: Within 90 days after contract award. � Training Materials and Sessions: Within 120 days after contract award. � Implementation and Validation Report: Within 90 days after contract award. � FinOps and Chargeback Capabilities Report: Within 120 days after contract award. � 5.3 Required Documentation Each deliverable must be accompanied by a cover letter detailing the contents and purpose of the delivery. � The ATO Documentation must include all necessary supporting materials for review by internal Argonne and DOE assessors. 5.4 Acceptance & Revisions Deliverables will be reviewed by Argonne project managers and relevant stakeholders within 3 business days of submission. � Acceptance will be based on compliance with the specified requirements, quality standards, and alignment with Argonne�s goals and objectives. � Feedback will be provided, and any necessary revisions must be completed within 5 business days after receiving feedback. 6.0 Security All staff working on the project shall be US Citizens with FedRAMP compliant background checks. 7.0 Place of Performance Contractor is expected to perform work remotely and meet virtually. Possible onsite engagements (if necessary) at Argonne's Lemont, IL campus may be incorporated into the contract at a later date.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/fc8435c0eab047f59f62024b9cfd9877/view)
 
Place of Performance
Address: Lemont, IL 60439, USA
Zip Code: 60439
Country: USA
 
Record
SN07092876-F 20240613/240611230125 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.