SOLICITATION NOTICE
70 -- CISCO SECURITY INTELLISHIELD ALERT MANAGER
- Notice Date
- 8/30/2006
- Notice Type
- Solicitation Notice
- NAICS
- 334119
— Other Computer Peripheral Equipment Manufacturing
- Contracting Office
- NASA/Goddard Space Flight Center, Code 210.I, Greenbelt, MD 20771
- ZIP Code
- 20771
- Solicitation Number
- NNG06158998Q
- Response Due
- 9/13/2006
- Archive Date
- 8/30/2007
- Small Business Set-Aside
- N/A
- Description
- NASA GSFC has a requirement for CISCO Security Intellishield Alert Manager (CSAM-CUSTOM). QUANTITY: 1 JOB / 2 YEARS (Period of Performance: 09/22/2006 through 09/21/2008), and should meet the following requirements: Database Archiving Users must be able to access a robust database for filtering and searching threats and vulnerabilities. It is preferred that the database maintains user profiling and proactive notification and analysis of security vulnerabilities, malicious codes, hacker tools and techniques, and global security trends. The database should be updated real-time and have an open architecture. Adaptive Intelligence Management System Incorporation of artificial intelligence to gather intelligence from multiple sources and automate alert generation and publishing. Accuracy and quality of intelligence must be reviewed ensured. 24x7 Mission Critical System A manned 24x7x365 operation should be capable of monitoring threats to ensure that none are missed. Risk Ratings Scale A rating scale should be implemented to assess the urgency, credibility, and severity and make it easy for users to glance at an alert and immediately recognize how threatening a particular security challenge is. These ratings should be included on every message. User Notification Customization The user should have multiple methods of notification such as, but not limited to: o Online o Pager o E-mail o Wireless Additionally, notifications should be set for individual products or product sets to enable more sensitive thresholds for critical systems. Notification thresholds should be set to correspond to proprietary risk rating system. Users should receive a direct call from the client service team for high-profile alerts. The client should not out-source e-mail, pager, or voice notifications to a third party. This service should be made available at no additional charge. Job Tasking Users should be able to respond to vulnerabilities, assign individual action items, and audit responses. Client Service Support The service client should provide remote training, implementation assistance, and live help desk services throughout the entire term of the contract at no additional charge. Types of Messages The messaging system should be broken down to the following categories: 1. Vulnerability Alert (VA): Should provide detailed technical descriptions and an objective analytical assessment that identifies specific vulnerability characteristics and prerequisites. 2. Malicious Code Alerts (MCA): Should provide users with detailed information concerning the latest viruses, worms, and Trojans. The MCA should cover destructive viruses that are deemed to have a Severity rating of 3 or higher or an Urgency Rating of 3 or higher. 3. Security Issue Reports (SIR): Should be used to report potential vulnerabilities that currently have few details available. The SIR should provide all the known information concerning a security issue, and is converted into a Vulnerability Alert when additional information concerning the issue is available. 4. Intelligence Bulletin (IB): Should cover issues such as security trends, hacker tools & techniques, specific hacker organizations, security practices, and other information that may aid readers in securing their systems. 5. Geopolitical Analysis Reports (GAR): Should identify global events as catalysts for cyber response. 6. Activity Report (AR): Should provide indications and warning data based on multiple sensor inputs, including intrusion detection and underground sources. The AR should increase awareness of potential threats and allows clients to take any applicable preemptive actions. The initial alert should function as a baseline, driving additional research and an update process that follows the threat or vulnerability throughout the entire life cycle. 7. Daily Virus Report (DVR): Should provide users with detailed information concerning the latest viruses, worms, and Trojans in one comprehensive daily report. The DVR should cover all viruses that are deemed to have a Severity rating of 2 or lower or an Urgency Rating of 2 or lower. 8. Flash Alert (FA): Should be a brief descriptive Alert that is sent out to notify readers of an issue that is moving very quickly. A Flash Alert should be designed to provide readers with the opportunity to proactively prepare their systems against a fast moving threat or vulnerability. Development and Maintenance The entire system, including Database Archiving backend and user interface, should be developed, maintained, and updated in-house. User Interface The user interface should be updated based upon user requests, feedback, and in-house Research and Development efforts. Delivery Personnel Expertise Intelligence gathering should be conducted by individuals with IT expertise. Military and DoD intelligence gathering and dissemination experience a plus. NASA/GSFC intends to purchase the items from CISCO Systems, Inc. The Government intends to acquire a commercial item using FAR Part 12. Interested organizations may submit their capabilities and qualifications to perform the effort in writing to the identified point of contact not later than 4:00 p.m. local time on September 13, 2006. Such capabilities/qualifications will be evaluated solely for the purpose of determining whether or not to conduct this procurement on a competitive basis. A determination by the Government not to compete this proposed effort on a full and open competition basis, based upon responses to this notice, is solely within the discretion of the government. Oral communications are not acceptable in response to this notice. All responsible sources may submit an offer which shall be considered by the agency. An Ombudsman has been appointed. See NASA Specific Note "B".
- Web Link
-
Click here for the latest information about this notice
(http://prod.nais.nasa.gov/cgi-bin/eps/bizops.cgi?gr=D&pin=51#122010)
- Record
- SN01130442-W 20060901/060830221921 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |