SOURCES SOUGHT
70 -- SECURE NETWORK ACCESS WITH DEVICE AND IDENTITY AUTHENTICATION
- Notice Date
- 4/4/2006
- Notice Type
- Sources Sought
- Contracting Office
- 12155 W. Alameda Parkway Lakewood, CO
- ZIP Code
- 00000
- Solicitation Number
- DE-RP65-06WG72448
- Response Due
- 4/17/2006
- Archive Date
- 10/17/2006
- Small Business Set-Aside
- N/A
- Description
- The Western Area Power Administration, Desert Southwest Region is requesting information to find out methods and estimated implementation costs to effectively and securely manage known devices and users requesting access to the Western Intranet network. The object is to gain information on the best methods to be proactive in allowing secure network access and admission at any point in the network. While allowing access the solution must also isolate and control infected or unpatched devices that attempt to access the network. The essential functions to be provided might include: 1. Requesting device identification/authentication 2. Security and operating system patch validation a. Pushes access policy enforcement to network devices 3. Auditable device denial or acceptance 4. User login authentication/validation a. Authenticates entities and determines access privileges 5. Auditable user denial or acceptance 6. Usage accountability and monitoring a. Accounting, auditing, and forensic tools to allow tracking of network activity 7. Alerting on user-configurable events, including but not limited to SNMP, syslog, and SMTP. 8. Reporting on user-configurable events including audit logs Enforcement - Authenticates entities and determines access privileges based on policy. ??? Provisioning - Authorizes and controls network access via VLANs, access control lists (ACLs), disabling switch/router ports, etc. ??? Monitoring - The technology will use the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources, thereby limiting damage from emerging security threats. This method will allow network access only to compliant and trusted endpoint devices (PCs, servers, and PDAs, for example) and will restrict the access of noncompliant devices. Also, it will proactively protect against worms, viruses, spyware, and other malware. The technology: 1. Must be capable of integration with a large variety of systems security and management packages. Multi-vendor integration is desirable. 2. Prevent unknown, ???Rogue???, or malware infected devices from attaching to the network or receiving any services. 3. Must be fully auditable and have monitoring, alerting, and reporting capabilities. 4. Be able to manage all defined endpoints. 5. Work across various access methods (LAN, Wireless, PDAs, WAN, routers, switches, hubs, etc.) 6. Capability to configure, re-direct or restrict levels of access to network resources 7. Possess the ability to check if ???Ghost??? image has been altered. 8. Must Utilize industry-standard communications protocols for AAA and control services 9. Must integrate with multiple host platforms, including but not limited to Cisco, MS-Windows, Linux, and Unix. Western's point of contact for information is Jim Potts 602-605-2778. This is a request for information, prices are for budget reasons only and may not lead to a solicitation.
- Web Link
-
Click here for further details regarding this notice.
(https://e-center.doe.gov/iips/busopor.nsf/UNID/5B1D76EF5FF3D1598525714600737FB5?OpenDocument)
- Record
- SN01020590-W 20060406/060404220337 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |