SOURCES SOUGHT
70 -- SSA Seeking Sources Capable of Providing an Enterprise Solution for Malware Detection
- Notice Date
- 1/5/2005
- Notice Type
- Sources Sought
- NAICS
- 541511
— Custom Computer Programming Services
- Contracting Office
- Social Security Administration, Deputy Commissioner for Finance, Assessment and Management, Office of Acquisition and Grants, G-C-7 East High Rise Building 6401 Security Blvd., Baltimore, MD, 21235
- ZIP Code
- 21235
- Solicitation Number
- SSA-RFI-MALWARE-CS
- Response Due
- 1/20/2005
- Archive Date
- 2/4/2005
- Description
- This is a REQUEST FOR INFORMATION. The Social Security Administration (SSA) is seeking sources capable of providing an enterprise solution for malware detection and removal software for the Windows Computing platform. This procurement will be used to implement a recurring scanning policy for the Agency across 150,000 or more Windows desktop computers. As part of SSA?s ongoing requirement for increased overall information security, SSA intends to implement a malware detection and removal product. This enterprise solution product will: 1)Detect, report and clean malware, worms, Trojans, macro and script viruses, key loggers, Peer to Peer (P2P) application components and adware, at a minimum; 2)Have low system overhead; 3)Require little or no routine maintenance except for program upgrades; 4)Provide extensive logging capabilities to record malware detected and removed, failed attempts to retrieve virus signature files and failed scheduled scans; 5)Deliver new signature files in a timely manner to address new exploits; 6)Have the ability to send malware threat data and alerts locally and to a central source over an IP network; and 7)Provide scheduled scanning of files, hard drives and registry settings. The solution must scale to at least 150,000 computers and have the following minimum mandatory features: 1)operate on the Window Operating System (Windows 2000, Windows 2003 Server, Windows XP); 2)have a command line interface?a)product may be hardware and software based solution and b)solutions that include hardware appliances may be considered; 3)the command line interface must accept external parameter files for scan and log options; 4)the command line interface must accept external exclude files; 5)able to detect and not quarantine or delete, as well as be able to quarantine or delete per user selection; 6)have the ability to select to scan: a)memory, b)hard drives, c)the registry, d)active processes, and e)IE Favorites; 7)report data at a minimum must consist of a cumulative, delimited master file that includes a field for: a)date, b)malware name, c)malware category, d)malware ID number, e)malware location, f)computer name, and f)threat severity level; 8)detailed report information should be provided for each computer scanned; 9)limit the extent of false positives by performing in depth scans to determine if the source is valid for reporting; 10)signature (pattern) files available electronically and a have published minimum update schedule. Signatures able to detect widely known threats announced in computer journals such as FedCirc and SANs Top 20; 11)an option to control the amount of CPU utilization allowed when the scan is run, i.e., give the scan low priority or high priority; 12)detect these instances of malware: a)key loggers, b)spyware, c)adware, d)Trojans, e)Peer to Peer (P2P) threats, f)hacker tools, g)DDOS Attack Agents, h)browser helper objects, i)commercial administration tools, j)downloaders, k)cracking tools, l)droppers, m)dialers, n)tracking cookies, o)backdoors and, p)password captures. Additional consideration will be given to these optional, desirable, items: 1) Have a simple installation process; 2)Little or no system overhead; 3)Intuitive technical documentation; 4)Extensive logging capabilities to include recording viruses detected and removed, failed attempts to retrieve virus signature files and failed nightly scans; 5)Notification of malware detected via email and pager; 6)A permanent record of malware events to be journaled for security purposes; 7)Timely Technical Support during installation and as required; 8)Consistent, timely and automatic delivery of the latest virus signature definition files; 9)Scheduled scanning of files; 10)Scan within compressed files (such as, but not limited to, ZIP and ARJ); 11)Automatic download of malware definition files; 12)Automatic download of software updates and fixes ;13)Provide an easy upgrade path (no ?forklift? upgrades); 14)Ability to send virus incident data alerts locally and to a central source over an IP network; 15)Scalable and interoperable within the SSA environment; 16)Scale to 150,000 computers at a minimum; 17)Provide secure access to database information and provide multiple report views of the database according to SSA security requirements; 18)Provide multiple views of data (e.g., locally, regionally, nationally, etc.); 19)Have customizable reporting capability; 20)Provide data access capabilities that include native database interfaces to all major databases, such as ODBC, MS Access, flat files, MS Excel, dBase; and, 21)Provided by a single source Vendor or Integrator. Section 508 Compliancy: Interested vendors must provide verifiable proof in sufficient detail to demonstrate their ability to meet the Agency?s requirement, see URL site http://www.ssa.gov/oag/acq/oagacq_508.htm. Respondents should indicate whether their software is available on GSA Federal Supply Schedules or any other Government-wide Agency Contract (GWAC). Please submit product cost and/or pricing data, inclusive of annual maintenance, with your response. This is not a request for proposal and the Government does not intend to pay for information submitted. Respondents will not be notified of any evaluated results from the data received. No contract award will be made on the basis or responses received; however, this information will be used in SSA?s assessment of capable sources. Electronic responses only must be submitted by January 20, 2005. Faxed information will not be permitted. Requests for copies of a solicitation will not be honored or acknowledged. NO FORMAL SOLICITATION IS BEING ISSUED AT THIS TIME. The size limitation for email attachments is 5 megabytes. MS Word 2002 is the standard word processing software. Respondents should refer to SSA-RFI-MALWARE-CS. .
- Place of Performance
- Address: 6401 Security Blvd., Baltimore, MD
- Zip Code: 21235
- Country: US
- Zip Code: 21235
- Record
- SN00730517-W 20050107/050105212344 (fbodaily.com)
- Source
-
FedBizOpps.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |