Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF NOVEMBER 21, 2002 FBO #0354
SOURCES SOUGHT

99 -- FTI

Notice Date
11/19/2002
 
Notice Type
Sources Sought
 
Contracting Office
FEDERAL AVIATION ADMINISTRATION, ASU-330 FAA Headquarters (ASU)
 
ZIP Code
00000
 
Solicitation Number
2840
 
Response Due
11/29/2002
 
Point of Contact
Dixie Harper, (202)
 
E-Mail Address
Email your questions to dixie.harper@faa.gov
(dixie.harper@faa.gov)
 
Description
The Federal Aviation Administration (FAA) intends to award a competitive contract to utilize a National Information Assurance Partnership (NIAP) accredited Common Criteria Testing Laboratory (CCTL) for Information Technology Security Evaluations of two FAA programs, the FAA Telecommunications Infrastructure (FTI) program and the Integrated Financial Management System (IFMS). Protection Profiles have been developed for both programs. The purpose of this announcement is to solicit interested sources with the ability to participate in this procurement. The FTI program will provide integrated voice, data, and video telecommunications services CONUS-wide, with connectivity to Hawaii, Alaska, and U.S. territories, for administrative and the U.S. National Airspace (NAS) mission-critical traffic. FTI telecommunications requirements are expressed in terms of service classes and service interfaces. FTI is responsible for providing security services for ISO/OSI levels 1-3 from Service Delivery Point (SDP) to SDP for telecommunications services, and ISO/OSI levels 1-7 for the Network Management and Operations (NMO), and Integrated Business System (IBS). FTI does not provide application or facility level security. FTI is a composite Target of Evaluation (TOE) that consists of three component TOEs: Telecommunications Services (TS), NMO, and IBS. The NMO and IBS TOEs are self-contained. The TS TOE is composed of 10 packages: ? BV1 - basic voice ? BD1 - basic data ? EV1 - voice closed user groups ? ED2 - encryption for IP or non-IP traffic ? ED3 - virtual private networks ? ED4 - secure Extranets ? ED5 - X.25 closed user groups ? ED6 - packet filtering firewalls ? ED7 - bastion host firewalls ? DS - dedicated transmission service The FTI contractor is required to demonstrate Evaluation Assurance Level (EAL) three (EAL-3) augmented for all three component TOEs. The FTI invoice review, validation, and reconciliation services are under the Invoice and Financial Management Services (IFMS) contract. IFMS consists of three component Targets of Evaluation (TOEs): (1) Information retrieval from external sources, (2) Information analysis, manipulation, and storage, and (3) Information transmission to external sources. The IFMS contractor is required to demonstrate EAL-2 for the three component TOEs. The ultimate goal of FTI security engineering activities is to ensure that: (1) FTI passes the initial FAA security certification and authorization, so that it may be deployed into the U.S. National Airspace (NAS), and (2) FTI maintains a stable security posture so that the mandatory tri-annual security certification and authorization activities are successful. The FTI Program Office views the formal evaluation activities that will be conducted by the Common Criteria Testing Laboratory (CCTL) as an input to the FAA security certification and authorization process. The FAA requires any vendor interested in the FTI Common Criteria Security Evaluation (FCCSE) procurement to meet the following requirements: 1. Must be a United States owned and operated company. 2. Have a current as well as a past history of Common Criteria Testing Laboratory accreditation issued by the National Information Assurance Partnership (NIAP). As part of the NIAP accreditation process labs must meet the requirements of the National Institute of Standards and Technology (NIST) National Voluntary Laboratory Accreditation Program (NVLAP) and comply with the Common Criteria Evaluation and Validation Scheme (CCEVS). The NIAP accreditation is the primary requirement for becoming a Common Criteria Testing Laboratory. 3. Have experience in Wide Area (backbone telecommunications) Network (WAN) security testing and accreditation. 4. May not participate with the FTI prime contractor on the Information System Security Verification (ISSV), in the preparation of the FTI security documentation, or the development of the security architecture. The closing date for this announcement is November 29, 2002. Contractors who meet the above requirements are encouraged to submit a not to exceed 3-page paper specifically addressing the four points stated above. The paper should be submitted (e-mail is acceptable) no later than 4:00 P.M. December 5, 2002. The FAA will review all qualification statements and make a down-select decision based on those that meet the above qualifications and are most likely to receive the award. The solicitation will be issued to the down-selected vendors, only. If there are questions or comments, please contact Dixie Harper at dixie.harper@faa.gov.
 
Web Link
FAA Contract Opportunities
(http://www.asu.faa.gov/faaco/index.htm)
 
Record
SN00207364-W 20021121/021119213228 (fbodaily.com)
 
Source
FedBizOpps.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.