Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF OCTOBER 10, 2004 FBO #1049
SOURCES SOUGHT

70 -- Enterprise Anti-Virus Solution

Notice Date
10/8/2004
 
Notice Type
Sources Sought
 
NAICS
334290 — Other Communications Equipment Manufacturing
 
Contracting Office
United States House of Representatives, Office of the Chief Administrative Officer, Office of Procurement, Room 359, Ford House Office Building, Washington, DC, 20515
 
ZIP Code
20515
 
Solicitation Number
Reference-Number-HIR10082004
 
Response Due
10/25/2004
 
Archive Date
11/8/2004
 
Description
1.0 Scope: This document is the Statement of Work (SOW) for request for information of current technology for a commercial-off-the-shelf (COTS) anti-virus product(s) to support the House of Representatives enterprise requirements. 2. 0 Objective: This RFI will provide the U.S. House of Representatives with commercial enterprise-wide anti-virus software, maintenance and services for the implementation of the latest generation comprehensive, enterprise-wide anti-virus protection solution for all House servers, desktops and laptops. House Mail servers are excluded from this RFI. 2.0 Background: The House IT infrastructure consists of a single LAN system throughout the Capitol and Congressional buildings located in Washington DC. The computer systems of all Members of Congress, Leadership, Committees, and other House support organizations are connected to each other through this LAN system. A private Frame Relay network (WAN), predominantly 512K with some 256K and 56K connectivity, connects approximately 940 Member of Congress District Offices throughout the continental United States and its territories. Additionally, some remote offices connect via IPSEC hardware VPN over commercial ISP services. Within this network are 1000-1500 servers, predominantly Windows NT with a smaller mix of Novell NetWare, AIX, and Unix operating systems (some running SAMBA). As many as 500 Windows NT/2000 servers act as primary domain controllers and approximately 200 Windows NT/2000 servers act as secondary domain controllers. Our client installations consist of over 14,000 workstations running various Microsoft Windows operating systems (98, NT, 2000 and XP) with Windows 2000 being the predominant desktop operating system, and a small number of Macintosh systems. These workstations are all physically connected to the LAN/WAN and over 1,000 users connect remotely to the LAN/WAN through secured dial access and IPSEC VPN tunnels. The House infrastructure will also be implementing an infrastructure wide Active Directory Service over the next year. The House is currently in the process of implementing an Alternate Computing Facility, which will serve as a disaster recovery site for their computing infrastructure in the event of a catastrophe. It is highly desirable to employ an antivirus product which will easily lend itself to providing a method for insuring uninterrupted protection for all House systems in the event of such a disaster. 3.0 Technical Overview: HIR intends to use 8 Windows 2000 servers as the internal staging point for all desktop and in-office servers (i.e. servers not employed in an enterprise-wide infrastructure support role). The term client will be used to refer to systems that install and update antivirus software under this approach. Each staging server incorporates the following specifications: ? CPU: 2 900MHz processors ? Memory: 1GB MB RAM ? Network Interface: 2 Dual Port Compaq Network Interface cards utilizing all ports in Compaq load balancing mode. ? Disk space (total): 3 18GB drives per server running RAID Level 5 N+1 Arrays ? Operating System: Windows 2000 Advanced Server, SP4 The default configuration is to have clients install and update the anti-virus software directly from our Antivirus server farm. We anticipate approximately 8,000 clients will use the default configuration. We are also open to deploying from a web server. Some offices may desire to stage the anti-virus software for installation and update on their own in-office file server. We anticipate approximately 100 offices may select this option. This flexibility should be supported. The administrator for the offices that do this secondary staging should be able to monitor the status of the clients that update from the secondary staging server. The enterprise administrator should be able to monitor the status of all clients, including those that update from a secondary server. A desired feature is for administrators of offices that update from the enterprise Antivirus server farm to be able to monitor the status and modify configuration of the clients for that office, but not of other offices. Granularity of access control to configuration/status information is also desired (allow access to view status information to some people, but prohibit them from changing configurations.) Security controls for deploying and updating anti-virus software and for status reporting and monitoring should be identified. Of particular interest is whether NT security or an internal security mechanism within the anti-virus software distribution agent is used. Also of interest is whether share level access to the NT file system is required or if process-to-process communications (remote procedure calls ? RPC) is utilized. 4.0 Enterprise Anti-Virus Mandatory Required Items: 1 Server and Workstation/Client Support 2 ICSA certification of anti-virus software for all clients. For the purposes of this quotation, Windows 98, Windows NT Workstation, Windows NT Server, Windows 2000 Professional, Windows 2000 Server, And Windows XP are considered separate clients. If software for a particular client is not ICSA Certified the responding vendor should explain why the product failed certification or why the product was not submitted to ICSA for certification. Certification status for Macintosh support should also be included. 3 A mechanism for returning a not fully operational client to a fully operational condition (back out or roll back) in the event of a bad installation or update. 4 Real-time outbreak detection and prevention 5 Reliable detection and performance 6 Immediate notification of infection 7 Automatic updates and installs from network servers or web servers within the House infrastructure 8 Assured enforcement that software is running, remains installed, and is current 9 Centralized Management of enterprise anti-virus program 10 Centralized single database for enterprise anti-virus Program 11 Centralized Granular Reporting and Roles Based Administration 12 No user intervention for operation or updates 13 Ability to support remote users 14 Ability for workstations to update without Administrative privileges 15 Ability for remote installation through frame relay 16 Ability to perform an automatic scan of the hard drive for viruses and to check the memory at the frequency level required by the House?s perceived risk level 17 Ability to protect the boot record and inform the user when a virus is detected 18 Ability to protect incoming data from a modem or network connection and intercept a virus before it is stored on the hard drive 19 Ability to scan all files that are opened, created, or downloaded 20 Ability to scan all file types for malicious code and monitor JavaScript and ActiveX components for malicious activity 21 Ability to provide an option to choose scanning preferences and perform on-demand scans 22 Minimum network bandwidth utilization when Applying product updates. (Must support 56k) 23 Proposed solutions must be currently available. No Vaporware will be considered 24 Ability to return system to original state 25 Outbreak prevention or protection 4.1 Enterprise Anti-Virus Desirable Items 1 Multi-Platform Support a. All Supported Microsoft PC Desktop Platforms (Windows 98, Windows NT 4, Windows 2000,Windows XP) b. Apple Macintosh c. Red Hat Linux d. Sun Solaris e. IBM AIX f. Handheld Devices (PDA?s, Phones) g. Cisco Products 2 Ability to return system to original state without end-user intervention 3 Ability to resume broken downloads of product Updates. (Download Manager) 4 Ability to manually scan network drives from clients 5 Automatic check and self repair of anti-virus files 6 Full and real-time memory virus checking 7 SPAM / SPYWARE/Adware detection and prevention 8 HTML / POP mail protection 9 Ability to manually scan servers from server?s own console 5.0 Training A. The seller should provide 2 days on-site training at the House for up to 20 System Administration staff members. Material and course material for the training should also be provided in the form of text, drawings, workbooks, and outlines. B. The seller should permit the buyer to reproduce the training material for internal use if necessary. C. Training classes would be scheduled and completed at the discretion of the buyer and it is preferred that they be conducted prior to acceptance testing. 6.0 Documentation A. Complete documentation of the COTS should be provided. B. The documentation shall be of a technical nature intended for use by the system administrators. 7.0 Software Warranty A. Offeror shall provide full details concerning warranty provisions. B. Maintenance will include software fixes, version and release updates and new feature releases. C. Documentation updates are required when necessary software upgrades/enhancements would be performed. Instructions for Submitting Requested Information Respondents are asked to provide the information requested above as well as references describing where systems are installed. Interested parties must submit written responses in Microsoft Word format to be delivered as an attachment to an e-mail only. The response should be sent by Monday October 25, 2004. The response should include the company name, address, telephone number, fax number, point of contact, e-mail address, and company Web site, if available. E-mail your responses to Jim.Caskey@mail.house.gov and reference this RFI number and title. Please direct technical questions to Terry Hancock via e-mail at: terry.hancock@mail.house.gov or Steve Kaeser via email at: steve.kaeser@mail.house.gov). This RFI is for information and planning purposes only. It does not constitute a solicitation and is not to be construed as a commitment by the Government. The House is not responsible for incomplete or inaccurate republishing of this document by third parties. These e-mail addresses are provided for responses to this RFI only and are expressly not intended to be added to general solicitation lists, i.e., consider this an "opt-out" notice.
 
Place of Performance
Address: Washington, D.C.
Zip Code: 20515
Country: USA
 
Record
SN00692105-W 20041010/041009085151 (fbodaily.com)
 
Source
FedBizOpps.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.