Loren Data's SAM Daily™

FBO DAILY - FEDBIZOPPS ISSUE OF JUNE 14, 2018 FBO #6047
DOCUMENT

D -- Department of Veterans Affairs Enterprise Endpoint Security Solution - Attachment

Notice Date

6/12/2018
 

Notice Type

Attachment
 

NAICS

541512 — Computer Systems Design Services
 

Contracting Office

Department of Veterans Affairs;Technology Acquisition Center;23 Christopher Way;Eatontown NJ 07724
 

ZIP Code

07724
 

Solicitation Number

36C10B18Q2945
 

Response Due

6/22/2018
 

Archive Date

8/21/2018
 

Point of Contact

Edward Hebert
 

E-Mail Address

0.9715<br
 

Small Business Set-Aside

N/A
 

Description

Request for Information VA Enterprise Endpoint Security Solution This is a Request for Information (RFI) only. Any and all information requested in response to this RFI is for Market Research purposes only. In accordance with FAR 15.201(e), responses to this notice are not offers and cannot be accepted by the Government to form a binding contract. The Government is under no obligation to issue a solicitation or to award any contract on the basis of this RFI. All costs associated with responding to this RFI will be the sole responsibility of the contractor. All submissions to this RFI will be treated as business confidential materials, become Government property, and will not be returned. No funds have been authorized, appropriated or received for this effort. The information provided may be used by the VA in developing its acquisition strategy and Product Description (PD). Interested parties are responsible for adequately marking proprietary, restricted or competition sensitive information contained in their response. Be advised that set-aside decisions may be made based on the information provided in response to this RFI. A company that is a Service-Disabled Veteran-Owned Small Business (SDVOSB) or a Veteran-Owned Small Business (VOSB) must be VIP registered and verified (http://www.va.gov/OSDBU/index.asp). Department of Veteran Affairs (VA) current Enterprise Anti-Virus (EAV) Host-Based Intrusion Prevention System (HIPS) Anti-Spyware Anti malware Solution provides an enterprise-wide automated, standardized suite of tools to provide end-point, or host-based security, against both insider threats and external threats that are able to penetrate boundary defenses or enter through backdoors. The following components make up the current VA EAV system: VirusScan Enterprise, McAfee Host Intrusion Prevention System, McAfee Application Control, and Data Loss Prevention. This is all hosted on premise, with an East and West coast model. Each component is a module within the McAfee framework and is managed, distributed, and reported through the ePolicy Orchestrator 5.x management console. The current EAV system supports approximately 575,000 workstations, 32,500 servers, and 395 storage devices. VA is exploring the possibility of migrating from its current EAV HIPS environment to a FedRamp moderate, cloud hosted environment which would provide layered protection with intelligent, collaborative endpoint defenses, intrusion prevention and firewall for desktops and laptops, device control, encryption, secure confidential data on all devices, removable media, and cloud storage with secure file sharing. Pre-execution containment to isolate ransomware and advanced threats before they infect the system, machine-learning, behavior classification to discover zero-day malware and improve detection. Actionable threat forensics to better understand and rapidly act against advanced threats.   The VA is looking to have a single-pane console that shows all systems in a single presentation. This single console must also be able to manage all clients, policies, and updates. The underlying infrastructure is up to the contractor. This Enterprise Endpoint Security cloud based solution shall not interfere with the operation of server operating systems to include Windows VA Server baseline, Linux Red Hat, Unix, and future versions of these operating systems. In addition, the contractor will be responsible for the Operations and Maintenance (O&M) of VA s EAV HIPS environment while it undergoes the transition to the FedRamp moderate, cloud hosted environment. The current McAfee East and West coast VA model includes Hardware that is hosted on premise. The Contractor provided O&M support shall include maintaining the current environment, including licensing for all endpoints, while transitioning VA to the new cloud hosted, managed service model. This shall include, HIPS Anti-Spyware, Anti-Malware, ePO Deep Command, McAfee Application Control, HIPS for Servers, Virus Scan Enterprise (VSE) for Storage, Management for Optimized Virtual Environments (MOVE), and Security for SharePoint support to include any other McAfee suite offerings. Contractor shall maintain accurate and tested Continuity of Operations Plan to include Disaster Recovery Plan (DRP), Information Systems Contingency Plan (ISCP), and Incident Response Plan (IRP). Contractor shall provide full back-up capabilities and is responsible for providing VA with proof of fail over testing on an annual basis in accordance with VA Directive 6500. Contractor will be responsible to cover any issues 24x7x365. Contractor will be responsible for all ATO packages and the maintenance of them as well. Contractor shall provide initial and ongoing training in either a virtual or classroom environment. The VA will choose the environment for each training offering as appropriate. This is a request for information (RFI) only. It is requested that all companies interested in participating in this effort please note their interest, provide which Contract Vehicles they are a part of, and provide indication of their respective capabilities to perform the effort as described above. The page limit for RFI responses is 10 pages. It is also requested that the prospective Contractor respond specifically to the following areas: Please provide a brief overview of your company s approach migrating to an Enterprise Endpoint Security Solution. Specifically, please describe your ability to support the following: Describe your approach to migrate VA s current environment to your Enterprise Endpoint Security cloud based solution with consideration given to the size of VA s current environment and the requirements that are listed above. Describe your experience in migrating to a FedRamp moderate, cloud hosted environment of this size and scale. Explain your approach to managing the current environment, while transitioning to a Fedramp Moderate SaaS with complete management of the backend system. Identify benchmark traffic for all the agents on a device and what it would look like during some sort of malware attack scenario. Can your company support all elements of this Endpoint turn-key solution? DLP- Data Loss Protection Whitelisting/Application Control MOVE- Management for Optimized Virtual Environments ENS- Endpoint Security Please indicate your company s socio-economic status (e.g., Large Business, Small Business, Service-Disabled Veteran Owned Small Business, Veteran Owned Small Business, Woman-Owned Small Business, Disadvantaged Small Business, and Hub Zone. Small Business, Service-Disabled Veteran Owned Small Business, Veteran Owned Small Business, Woman-Owned Small Business, Disadvantaged Small Business, and Hub Zone). If Service-Disabled or Veteran Owned Small Business, is your company certified in VA s VetBiz (www.vip.vetbiz.gov) repository? Please provide your standard commercial price structure, as well as commercial price history and a rough order of magnitude for the same or similar products/solutions. Your response should clearly mark any information that is proprietary. Faxed copies are not acceptable. Please send your responses or questions to Contract Specialist, Edward.Hebert@va.gov regarding this announcement. Responses are due no later than 2:00 PM Eastern Daylight Time (EDT) on June 22, 2018. Contracting Office Address: Department of Veterans Affairs Office of Acquisition Operations Technology Acquisition Center 23 Christopher Way Eatontown, NJ 07724 Primary Point of Contact: Edward Hebert Contract Specialist Email: Edward.Hebert@va.gov
 

Web Link

FBO.gov Permalink
(https://www.fbo.gov/notices/dc3ca4ad8cceae91c7417c2153b46b26)
 

Document(s)

Attachment
 

File Name: 36C10B18Q2945 36C10B18Q2945.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=4381389&FileName=36C10B18Q2945-000.docx)

Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=4381389&FileName=36C10B18Q2945-000.docx

 

Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
 

Record

SN04952501-W 20180614/180612230736-dc3ca4ad8cceae91c7417c2153b46b26 (fbodaily.com)
 

Source

FedBizOpps Link to This Notice
(may not be valid after Archive Date)

---

| FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |