Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF SEPTEMBER 02, 2010 FBO #3204
MODIFICATION

70 -- Security Event Logging and Management - Questions to combo 2

Notice Date
8/31/2010
 
Notice Type
Modification/Amendment
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of the Air Force, Air Mobility Command, 6th Contracting Squadron, 2606 Brown Pelican Ave., MacDill AFB, Florida, 33621-5000, United States
 
ZIP Code
33621-5000
 
Solicitation Number
F2VUJ00194AC01
 
Archive Date
9/22/2010
 
Point of Contact
Melissa A Robertson, Phone: 813-828-6570, Alyson Gowin, Phone: 813-828-0486
 
E-Mail Address
melissa.robertson@macdill.af.mil, alyson.gowin@macdill.af.mil
(melissa.robertson@macdill.af.mil, alyson.gowin@macdill.af.mil)
 
Small Business Set-Aside
Total Small Business
 
Description
Questions to combo 2 This is a combined synopsis/solicitation for a commercial product prepared in accordance with the format in FAR Subpart 12.6, as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; proposals are being requested and a written solicitation will NOT be issued. This is a Request for Quote (RFQ) and the solicitation number is F2VUJ00194AC01. This acquisition is set aside for 100% small business competition. The 6th Contracting Squadron, MacDill AFB, Florida, requires the following: Purchase SPLUNK replacement capability. DESCRIPTION OF REQUIREMENT CLIN 0001 - All software licenses to meet all the above listed capabilities. Licensing required to support two networks (NIPRNET and SIPRNET). POP is 1 October 2010 to 30 September 2011. CLIN 0002 - Required training, to include a training schedule for on-site, off-site, and virtual training for 12 employees. POP is 1 October 2010 to 30 September 2011. CLIN 0003 - All costs required for installation, testing, certification and accreditation, in order to meet operational readiness requirements. POP is 1 October 2010 to 30 September 2011. CLIN 0004 - Provide maintenance and support of software to include any upgrades; provide 24/7 customer service with response within 4 hours. POP is 1 October 2010 to 30 September 2011. CLIN 1001 - Provide maintenance and support of software to include any upgrades; provide 24/7 customer service with response within 4 hours. POP is 1 October 2011 to 30 September 2012. CLIN 2001 - Provide maintenance and support of software to include any upgrades; provide 24/7 customer service with response within 4 hours. POP is 1 October 2012 to 30 September 2013. CLIN 3001 - Provide maintenance and support of software to include any upgrades; provide 24/7 customer service with response within 4 hours. POP is 1 October 2013 to 30 September 2014. CLIN 4001 - Provide maintenance and support of software to include any upgrades; provide 24/7 customer service with response within 4 hours. POP is 1 October 2014 to 30 September 2015. Please provide a BRAND NAME OR EQUAL quote. If an or equal quote is submitted, the proposal will be sent to the technical advisor for compatibility verification. ANY OFFEROR PROVIDING AN OR EQUAL PRODUCT SHOULD DESCRIBE THOROUGHLY HOW THEIR PRODUCT MEETS ALL THE CHARACTERISTICS LISTED BELOW. FAILURE TO DO SO WILL MAKE THAT OFFEROR NON-RESPONSIVE AND WILL NOT BE CONSIDERED FOR AWARD. Attached is a description of the requirement and license necessary. USSOCOM requires the ability to view network security status across the entire USSOCOM IT infrastructure from one place in real time. Need to be able to search, report, monitor, and analyze streaming and historical data from any source. The tool will be used to centralize USSOCOM security logs and monitor security events in support of USSOCOM Enterprise network defense-in-depth requirements as directed by CJCSI 6510.01D, Information Assurance and Computer Network Defense (CND), and support the Warfighter in Overseas Contingency Operations (OCO). USSOCOM must be able to correlate security events from multiple IA devices producing a consolidated listing using a common taxonomy to describe events. Must be able to conduct centralized security operations viewing events to and from multiple worldwide locations allowing an analysis of data transported or residing on our Enterprise networks. Software must provide USSOCOM the capability to monitor, investigate, remediate and protect all networks against malicious intrusion, security incidents and cyber attacks and augment or enable traditional methods of warfare. The solution must include the ability to troubleshoot application problems and investigate security incidents in minutes (instead of hours or days) and be able to monitor to avoid service degradation or outages. Must be able to search billions of events in seconds on a single commodity server. As daily volumes and data sources grow, the solution must scale to allow searching and indexing of all collected log information. The solution must also include automatic load balancing to optimize workloads and response times and must provide redundancy and built-in failover support. There is also a requirement to be able to use a SAN or other storage device to store this log data from this collection point to meet long term storage needs. There is a requirement to indexes any kind of IT data from any source in real time. The solution should allow indexing of all IT data without the need for any specific parsers or adapters to purchase, write, or maintain. The solution must support a distributed architecture to allow search of multiple deployments within the USSOCOM Enterprise. The solution must include role-based access to allow control of how far a given user's search will span. USSOCOM Component users can see data from regional systems and enterprise-wide users can see data from all datacenters. Every authorized user should be able to view the IT security data that they need; whether for investigations, or reports and dashboards, or analysis to continually improve IT operations and gain valuable business insights. The solution must allow secure connections. Transactions through the selected product must allow secure authentication and the ability to authenticate user activities through a web user interface or command line interface. Must be able to define your own roles for users that limit functionality by user type. These access controls should limit the searches, alerts, reports, and dashboard views. The solution must integrate with external LDAP-compliant directory servers and Active Directory servers to enforce enterprise-wide security policies. Single sign-on integration must also available to enable pass-through authentication of user credentials. Without this service, USSOCOM will not be able to effectively monitor networks used to support OCO. Furthermore, USSOCOM would not have visibility of potential risks and lack the capability to quickly identify and mitigate vulnerabilities that, if accessed by unauthorized personnel or hackers, can be used to initiate loss of services or compromise data. This type of activity will pose additional risks to operational SOF missions worldwide. Proposed solution for USSOCOM must: • Meet the standards of DODI 8500.2, Information Assurance (IA) Implementation. • Provide centralized security logs and monitor security events supporting USSOCOM's Computer Network Defense directed by CJCSI 6510.01D. • Correlate security events from USSOCOM's current multiple Information Assurance (IA) devices to provide a dashboard picture. • Be interoperable with USSOCOM's current enterprise network solutions. • Provide scalable event correlation and comprehensive trend analysis. • Provide audit log configuration and integration of auditing files from applications, operating systems and network logs. • Include software maintenance support to remediate and/or fix any deficiency releases needed to eliminate minor problems occurring after a major release; includes all system and security patches as well as required fixes needed to maintain security compliance with DoD standards. • Provide on-call support to assist in recovery and management of data, files and services. • Rapidly and thoroughly identify computer incidents occurring on any and all nodes within USSOCOM's network, regardless of physical or network location; must provide ability to review both unique closed networks and standalone systems. • Verify data files and structure to determine possible compromise. • Provide event correlation needed to investigate and analyze devices running on all standard commercial operating systems. • Provide analysis without disrupting business processes or alerting targets. • Provide technical support to assigned personnel to ensure the continued operations with no lapse in current capability. • Allow analysts and technicians to access multiple files/folders across an array of servers. • Respond to information detection system alerts to verify device(s) compromised. • Be delivered not later than 1 October 2010. The solicitation document and incorporated provisions and clauses are those in effect through Federal Acquisition Circular 2005-43 effective 2 August 2010, DFAR DCN 20100713 and AFFAR AFAC 2010-0402. The North American Industry Classification System code (NAICS) 511210 Software Publishers and 443120 Computer and Software Stores. A firm fixed price contract will be awarded. All interested parties must bid on all items. BASIS FOR AWARD: Award will be made to the offeror that is determined to be technically acceptable and in the best interest of the Government. 52.212-2 Evaluation -- Commercial Items (Jan 1999) (a) The Government will award a contract resulting from this solicitation to the responsible offeror whose offer conforming to the solicitation will be most advantageous to the Government, price and other factors considered. The following factors shall be used to evaluate offers: (i) technical capability of the item offered to meet the Government requirement and all characteristics in the attachment (ii) price; (iii) past performance (see FAR 15.304); Offeror shall submit 3 references Technical and past performance, when combined, is approximately equal to price when being evaluated. (b) Options. The Government will evaluate offers for award purposes by adding the total price for all options to the total price for the basic requirement. The Government may determine that an offer is unacceptable if the option prices are significantly unbalanced. Evaluation of options shall not obligate the Government to exercise the option(s). (c) A written notice of award or acceptance of an offer, mailed or otherwise furnished to the successful offeror within the time for acceptance specified in the offer, shall result in a binding contract without further action by either party. Before the offer's specified expiration time, the Government may accept an offer (or part of an offer), whether or not there are negotiations after its receipt, unless a written notice of withdrawal is received before award. (End of Provision) DELIVERY ADDRESS: The software is to be procured on behalf United States Special Operations Command (US SOCOM), MacDill AFB (Tampa), FL 33621. PROVISIONS/CLAUSES: The following Federal Acquisition Regulation (FAR), provisions and clauses apply to this solicitation and are incorporated by reference (provisions and clauses may be obtained via the internet: http://farsite.hill.af.mil, http://www.arnet.gov/far/, or http://safaq.hq.af.mil/contracting): FAR 52.204-7, Central Contractor Registration; FAR 52.209-6 Protecting the Government's Interest; FAR 52.212-1, Instruction to Offerors-Commercial Items; FAR 52.212-4, Contract Terms and Conditions; FAR 52.217-5 Evaluation of Options; FAR 52.247-34, F.O.B. Destination. The following FAR clauses apply to this solicitation and are incorporated in full text: FAR 52.212-3, Offeror Representation and Certifications-Commercial Items (Offeror must submit a completed copy of this prevision with its proposal for the proposal to be considered. See https://orca.bpn.gov/ for online submittal); FAR 52.212-5, Contract Terms and Conditions Required to Implement Statutes Or Executive Orders-Commercial Items, within FAR 52.212-5, the following clauses apply: FAR 52.204-10 Reports on Subcontracting; FAR 52.219-28, Small Business Representations, FAR 52.222-3, Convict Labor, FAR 52.222-19, Child Labor-Cooperation with Authorities and Remedies, FAR 52.222-21, Prohibition of Segregated Facilities, FAR 52.222-26, Equal Opportunity, FAR 52.222-35, Affirmative Action for Disabled Veterans and Veterans of the Vietnam Era, FAR 52.222-36, Affirmative Action for Workers with Disabilities, FAR 52.222-37 -- Employment Reports on Special Disabled Veterans, Veterans of the Vietnam Era, and Other Eligible Veterans, FAR 52.225-13 Restrictions on Certain Foreign Purchases; FAR 52.232-33 Payment By Electronic Funds Transfer-Central Contractor Registration; FAR 52.252-2, Clauses Incorporated by Reference; FAR 52.217-8 Option to Extend Services (fill-in = 30 days); FAR 52.217-9 Option to Extend the Term of the Contract (fill-ins = 60 days, 30 days respectively). The following Defense Federal Acquisition Regulation Supplement (DFARS) clauses apply to this solicitation and are incorporated by reference: DFARS 252.204-7003 Control of Government Personnel Work Product; 252.243-7001, Pricing of Contract Modifications; 252.204-7004 (Alt 1), Required Central Contractor Registration; 252.232-7010, Levies on Contract Payments. The following DFARS clauses apply to this solicitation and are incorporated in full text: DFARS 252.212-7000, Offeror Representations and Certifications-Commercial Items; DFARS 252.212-7001, Contract Terms and Conditions Required to Implement Statutes or Executive Orders Applicable to Defense Acquisitions of Commercial Items, within DFARS 252.212-7001, the following clauses apply: FAR 52.203-3 Gratuities; DFARS 252.203-7000, Requirements Relating to Compensation of Former DoD Officials; DFARS 252.225-7001, Buy American Act and Balance of Payment Program; DFARS 252.225-7012, Preference for Certain Domestic Commodities; DFARS 252.225-7036 Buy American Act, Free Trade Agreements, Balance of Payment Programs; DFARS 252.232-7003, Electronic Submission of Payment Requests; DFARS 252.247-7023 Transportation of Supplies by Sea. The following Air Force Federal Acquisition Regulation Supplement (AFFARS) clause applies and is incorporated in full texts: AFFARS 5352.201-9101, Ombudsman: (a) An ombudsman has been appointed to hear and facilitate the resolution of concerns from offerors, potential offerors, and others for this acquisition. When requested, the ombudsman will maintain strict confidentiality as to the source of the concern. The existence of the ombudsman does not affect the authority of the program manager, contracting officer, or source selection official. Further, the ombudsman does not participate in the evaluation of proposals, the source selection process, or the adjudication or protests or formal contract disputes. The ombudsman may refer the party to another official who can resolve the concern. (b) Before consulting with an ombudsman, interested parties must first address their concerns, issues, disagreements, and/or recommendations to the contracting officer for resolution. Consulting an ombudsman does not alter or postpone the timelines for any other processes (e.g., agency level bid protests, GAO bid protests, requests for debriefings, employee-employer actions, contests of OMB Circular A-76 competition performance decisions). (c) If resolution cannot be made by the contracting officer, concerned parties may contact the Center/MAJCOM ombudsman Mr. Michael R. Jackson, HQ AMC/A7K, 507 Symington Drive, Scott AFB, IL 62225-5022, (618) 229-0267, fax (618) 256-668, email: Michael.Jackson@scott.af.mil. Concerns, issues, disagreement, and recommendations that cannot be resolved at the MAJCOM/DRU level, may be brought by the concerned party for further consideration to the Air Force ombudsman, Associate Deputy Assistant Secretary (ADAS) (Contracting), SAF/ACQ, facsimile number (703) 588-1067. (d) The ombudsman has no authority to render a decision that binds the agency. (e) Do not contact the ombudsman to request copies of the solicitation, verify offer due date, or clarify technical requirements. Such inquiries shall be directed to the Contracting Officer. (End of clause) Also your quote must list your DUNS number, CAGE code, and Federal TIN with Company name, POC and phone number. If you need to obtain or renew a DUNS number or CAGE code, please visit www.ccr.gov. Lack of registration in the CCR database will make an offeror ineligible for award. DEADLINE: Offers are due on 7 September 2010 by 9:00 AM EST. Submit offers or any questions to the attention of Melissa Robertson 6 CONS/LGCB by email to melissa.robertson@macdill.af.mil.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USAF/AMC/6CS/F2VUJ00194AC01/listing.html)
 
Place of Performance
Address: USSOCOM, MacDill AFB, Tampa, Florida, 33621, United States
Zip Code: 33621
 
Record
SN02262202-W 20100902/100831235901-03111157cb064993e8c092e4b7e1b392 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.