SOURCES SOUGHT
70 -- Enterprise Database Scanning and Vulnerability Assessment Tool
- Notice Date
- 1/31/2006
- Notice Type
- Sources Sought
- NAICS
- 561990
— All Other Support Services
- Contracting Office
- Social Security Administration, Deputy Commissioner for Finance, Assessment and Management, Office of Acquisition and Grants, 1st Floor, Rear Entrance 7111 Security Blvd., Baltimore, MD, 21244
- ZIP Code
- 21244
- Solicitation Number
- Reference-Number-0002-20-2006
- Response Due
- 2/20/2006
- Archive Date
- 3/7/2006
- Description
- The Social Security Administration (SSA) is seeking a vendor who can provide an enterprise solution for database server security compliance. SSA intends to use the database vulnerability scanners to ensure that systems are securely configured and to ensure that accurate and timely knowledge of configuration changes and new vulnerabilities within the databases are reported and corrected. Mandatory requirements are as follows: 1) System must have a centrally managed console and support distributed scanning nodes, 2) System must have agent-less detection capability, 3) Must report and identify weak passwords and default vendor supplied passwords, 4) Must support database discovery with no increased network credentials, 5) Must support database penetration test that requires no additional or direct account access on target host, 6) Must provide security database audit feature, 7) Must provide for automated fix and vulnerability script generation, 8) Must have a report writing capability such ash Crystal Reports reporting capabilities, 9) Must support vendor provided vulnerability and monthly updates, and 10) Must support installed FISMA, SOX and HIPPA policies. Support for the following platforms is mandatory: 1) Oracle, 2) Oracle Application Server, 3) Microsoft SQL Server, 4) IBM DB2, 5) MySQL, 6) IBM WebSphere and 7) Only database product that supports DB2 on the Mainframe. Interested vendors able to provide the required product are invited to submit information in sufficient detail to demonstrate their ability to meet SSA?s requirements. Vendors responding should indicate whether the candidate products are available on the GSA schedule. This is not a request for proposals (RFP) and the Government does not intend to pay for information submitted. Respondents will not be notified of the results of the evaluation of the data received. No contract award will be made on the basis of responses received; however, this information will be used in SSA?s assessment of capable sources. Responses to this notice should be submitted in duplicate within 15 days of the publication of this notice and should refer to ?0002-20-2006?. Request for copies of a solicitation will not be honored or acknowledged.
- Place of Performance
- Address: 6401 Security Blvd., Baltimore, Maryland 21235
- Country: US
- Country: US
- Record
- SN00977720-W 20060202/060131215503 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |