Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF APRIL 06, 2012 FBO #3786
SOURCES SOUGHT

99 -- Secure Public-use Common Access Card (CAC) Reader

Notice Date
4/4/2012
 
Notice Type
Sources Sought
 
NAICS
334119 — Other Computer Peripheral Equipment Manufacturing
 
Contracting Office
ACC - Rock Island (ACC-RI), ATTN: AMSAS-AC, Rock Island, IL 61299-6500
 
ZIP Code
61299-6500
 
Solicitation Number
W52P1J12RFIEJ
 
Response Due
4/18/2012
 
Archive Date
6/17/2012
 
Point of Contact
Elvia Jaggers, (309) 782-3271
 
E-Mail Address
ACC - Rock Island (ACC-RI)
(elvia.jaggers.civ@mail.mil)
 
Small Business Set-Aside
N/A
 
Description
1.INTRODUCTION This Request for Information (RFI) is being issued by Product Director Enterprise Email (PD EE) to provide the Army with a better understanding of potential industry solutions to its' Secure Public-use Common Access Card Reader requirement. The Secure Public-use Common Access Card (CAC) Reader will be a critical enabler of the Army's deployment of CAC-enabled enterprise solutions, enabling users to securely access CAC-enabled applications from public computing devices, within the limited security tolerance of these devices, and without installing client software or middleware on the public device. Responses to this RFI will assist the Army in determining if sources exist that are capable of satisfying the Army's Secure Public-use Common Access Card Reader requirement and whether commercial or non-developmental items are available that meet these requirements. Subsequent to the receipt of responses to this RFI, the PD EE may invite select RFI respondents to further discuss their solution with Government representatives. This is not a Request for Proposal (RFP), Request for Quotation (RFQ), or an invitation for bid, nor does its issuance obligate or restrict the Government to an eventual acquisition. All information received from this RFI will be used for Market Research purposes only. The Government does not intend to award a contract on the basis of responses to this RFI nor otherwise reimburse vendors for the preparation of any information submitted or Government use of such information. Acknowledgement of receipt of responses will not be made, nor will respondents be notified regarding the outcome of the information received. 1.1.Army PD EE and PEO EIS Background Product Director Enterprise Email is a component of the Army Program Executive Office, Enterprise Information Systems (PEO EIS). Product Manager Enterprise Email is responsible for fielding capabilities which support the Army's Enterprise Email and related services; the Secure Public-use Common Access Card Reader requirement is a critical capability which will extend the Enterprise Email solution as well as other CAC-enabled applications. Program Executive Office, Enterprise Information Systems provides infrastructure and information management systems to the Army, enabling it to achieve victory through total information dominance. PEO EIS develops, acquires and deploys tactical and management information technology systems and products. PEO EIS is a systems acquisition, development and integration center of excellence under the management of four deputy program executive officers, five directorates and numerous project/product managers. PEO EIS develops and fields a wide range of products and services that support the Army and, through its diverse programs, touches every soldier, every day. 1.2.Army's Secure Public-use Common Access Card Reader Requirement The Army utilizes Common Access Card authentication to enable user access to a host of applications access over local and wide area networks, as well as the internet and World Wide Web. The computing devices through which these applications are accessed require a CAC reader and the associated certificates for authentication, available as a matter of course in Army provided desktop computing devices. Supporting infrastructure enabling the use of Common Access Card and associated devices has been established to enable and maintain the CAC solution. There is, however, a need to provide the same authentication method for users who regularly or periodically have access only to public computing devices at hotels, library, internet kiosks, and other non-Government facilities. These public computers do not commonly include attached CAC readers, nor do they include or enable the installation of client software (including certificates) and the middleware required to attach an external CAC reader. Thus, the user attempting to access a CAC-enabled application is unable to do so from a public venue, greatly limiting productivity and user satisfaction. In particular, one example of a critical CAC-enabled application is DoD Enterprise Email. DoD Enterprise Email is currently using MS Exchange 2010, and CAC PKI certificates are required for authentication and for S/MIME functionality. Because S/MIME functionality in Exchange 2010 webmail is provided using ActiveX, Internet Explorer is the only browser that currently enables webmail S/MIME functionality. The Army seeks a device that enables individuals to easily use a public computer by simply plugging in the Reader and which provides the requisite functionality without requiring any special (elevated) user privileges. Key requirements for the Army Secure Public-use Common Access Card (CAC) Reader include: a.The Army Secure Public-use Common Access Card (CAC) Reader must be entirely self-contained. b.The device must appear as a read-only device to the operating systems and not require any drivers or other software to be installed before it can be used. c.The Army Secure Public-use Common Access Card (CAC) Reader must either have middleware resident/installed (or be able to interact directly with the certificates on the CAC) so that CAC certificates are automatically available to Windows and the browser. d.The Army Secure Public-use Common Access Card (CAC) Reader must include, resident on the device, an internet browser that provides full S/MIME functionality (encrypt, sign, decrypt) with MS Exchange 2010 (or higher) OWA using certificates on the CAC, and full PKI certificate authentication to access.mil and other PKI-enabled websites. e.The browser loaded on the device will need to be updated and receive patches and updates to maintain currency, functionality, and availability, of the browser. f.The device must protect any data and applications resident on the CAC Reader in the event of theft or loss. g.The device must function on a full range of MS operating systems, including XP, Vista, and Win 7. It is preferred that the device also function with Apple operating systems. PD EE is currently exploring potential technical solutions to this requirement -- this RFI and the resulting responses are intended to enable the Army to make informed decisions as to the best solution for meeting this requirement. 2.RFI INSTRUCTIONS Responses to this RFI are requested in four (4) parts. First, the Army seeks to identify the companies that provide products that will meet the requirements listed above. Second, the Army seeks a description of the device, its capabilities, limitations, etc. Third, the Army seeks to understand the extent to which the device has been deployed and its current usage. Finally, the Army seeks answers to specific technical matters as listed in section 6 of this document. Response submissions should be submitted in Microsoft Word format and should not exceed twenty (20) pages with Arial font greater than or equal to 10 pt. Respondents are strongly urged to adhere to this page limitation as well as to limit marketing material in order to provide more substantive information in their response. Responses are to be submitted via e-mail to Elvia Jaggers at elvia.jaggers.civ@mail.mil no later than 1700 EDT 18 April 2012. 3.PART 1: COMPANY PROFILE AND DEMOGRAPHIC INFORMATION Responses to the following questions are requested, provided in a tabular format. IDINFORMATION REQUESTEDCOMPANY RESPONSE 1Organization Name (if organization has experienced name changes, please list all previous names used) 2Industry (NAICS) Codes (North American Industry Classification System) and business size for each NAICS code (rows may be added as necessary)NAICSSIZE 3Vehicles and contracts your company holds VEHICLE / CONTRACTAGENCYEXPIRATION 4Year established/founded 5Company ownership (public, private, joint venture) 6Business Classification / Socio-Economic Status (e.g., large, small, 8(a), women owned, hub-zone, SDB, Service-Disabled Veteran Owned) 7Location of Headquarters 8Location where Incorporated 9Overview of Products provided 10Overview of Services provided 4.PART 2: DESCRIPTION OF THE DEVICE AND INFRASTRUCTURE a.Provide a description of the product and the enabling architecture b.Confirm that the device will meet all requirements or discuss a proposed alternative method for meeting the requirements c.Describe how the device meets each requirement d.Describe the capabilities of the device, how the device functions and provide several, simple use case examples e.Describe relevant limitations of the device f.Describe the infrastructure needed to support the device (e.g., update servers, patch servers) g.Provide an estimated price for the device at various quantities from 1,000 to 100,000 h.Provide cost parameters for Contractor-furnished infrastructure i.Provide cost parameters for Government-furnished infrastructure j.What is the recommended user support model? What type of technical support (e.g., Help Desk, knowledge documentation) is available from your company or partners? 5.PART 3: DEVICE DEPLOYMENT AND USAGE a.Describe the current use of the device, including the number and types of customers, typical uses, and deployment models. b.Provide examples that will illustrate integrity, reliability, and resiliency of the device as well as mean time between failure. c.Discuss the infrastructure deployment models in use today and the lessons learned, key insights from each. 6.PART 4: TECHNICAL QUESTIONS a.Is the device currently in use by Government or Commercial clients? If so, please provide contact information including Agency/Company Name, primary point of contact name, phone number, email address/ b.What security challenges do you anticipate if the Army deploys the device? c.Is the required infrastructure available as a service? Or must the customer (the Army) acquire and manage the infrastructure? d.What are the pros and cons of Government-owned versus Contractor-owned infrastructure? What are the cost differences between these models both in terms of the initial start-up costs and the sustainment costs? e.What security is provided to protect the software and data on the device in the event of theft or loss? f.What data is stored on the device and what is the risk/impact if a device is lost or stolen?
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/notices/54abcae8c3277b967a9362d6ed76d18e)
 
Place of Performance
Address: ACC - Rock Island (ACC-RI) ATTN: AMSAS-AC, Rock Island IL
Zip Code: 61299-6500
 
Record
SN02713725-W 20120406/120404235129-54abcae8c3277b967a9362d6ed76d18e (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.