AWARD
D -- RECOVERY - Department of State Global Data Communications Capabilities Program - Modification of Prime 3.2 Task Order
- Notice Date
- 7/30/2009
- Notice Type
- Award Notice
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- U.S. Department of State, Office of Logistics Management, Acquisition Management, P.O. Box 9115, Rosslyn Station, Arlington, Virginia, 22219
- ZIP Code
- 22219
- Solicitation Number
- AQM07F0777
- Archive Date
- 8/13/2009
- Point of Contact
- Lanah C Hamrick, Phone: 7038756842
- E-Mail Address
-
hamricklb@state.gov
(hamricklb@state.gov)
- Small Business Set-Aside
- N/A
- Award Number
- ModificationM024
- Award Date
- 7/29/2009
- Awardee
- Northrop Grumman Information Technology, Inc., 7575 Colshire Drive<br />, McLean, Virginia 22102-7508, United States
- Award Amount
- The dollar value of this task order modification for the 26 months of the ARRA funds is estimated to be $23 million.
- Description
- Modfication M024 to task order S-AQMPD-07-F-0777 was awarded to add Functional Task Area 8 to provide Department of State Infrastructure Hardening and Improved Defensive Sensors pursuant to the American Recovery and Reinvestment Act of 2009. This Functional Task Area (FTA) is awarded on a time-and-materials basis. The services to be performed under FTA8 would ordinarily have been included as tasks under existing time-and-materials FTA3 and FTA6 if program funds had been available. The use of time-and-materials approach was justified at the time the task order was originally awarded. The ENM requirements constitute day-to-day support of its operations which cannot be broken into useful increments that could be funded on a Firm-Fixed-Price basis. With the availability of ARRA funds, the services could be added to the task order within its ceiing, but must be completely separate from the other work of the task order for accountability and reporting purposes under the Act. Therefore, new FTA8 was created. The performance of this Functional Task Area (FTA) is limited to the 26-month period beginning with bilateral execution of Modification M024, which took place on July 29, 2009. The place of performance is U.S. Department of State, Bureau of Information Resource Management (IRM/OPS/ENM), 7374 Boston Boulevard, Springfield, Virginia 22153. As indicated in the notice of intent to award a modification to the existing task order that was posted on May 20, 2008, this FTA requires performance of the following: 7.8 Functional Task Area 8 – DoS Infrastructure Hardening and Improved Defensive Sensors (A) In support of the American Recovery and Reinvestment Act (ARRA) of 2009, this initiative reduces the ways cyber attacks can succeed against the Department of State. The goal of this task area is to produce a more secure network infrastructure that enhances the protection of IT assets for the Department of State and its partners in the U.S. foreign affairs community. This initiative will also protect the personally identifying information of U.S. citizens receiving services from the Department of State (ex. passport requests/issuance). By implementing a state-of-the-art secure IT infrastructure, the Department of State will both enhance its ability to execute its diplomatic mission and serve the U.S. public, as well as to strengthen its infrastructure from cyber security threats; thereby better protecting information on U.S. citizens as well as national security information that is stored on our network infrastructure. This will be accomplished through a series of technical initiatives. All personnel assigned to tasks in this functional area require a Top Secret security clearance. All tasks and subtasks within Functional Area 7.8 are performed on a Time and Materials with Profit Incentive Based on Performance. All work must be completed within 26 months after the execution of the modification that incorporates FTA8 into the task order. The Contractor shall provide DoS Infrastructure Hardening and Improved Defensive Sensors support that include but not be limited to: 7.8.1 Task 1 - Program Management Support The contractor shall support the Department of State’s enhanced, disciplined Capital Planning and Investment Control (CPIC) process by supporting an increased level of scrutiny and frequency. These processes include project life-cycle methodology with rigorous earned value management. Progress reports that include earned value data will be distributed monthly or more frequently if required. Project Managers are/will be certified by the Project Management Institute and trained in the Department of State’s standard project management methodology, MSP. The contractor shall use a set of formal, established measures to ensure it achieves required outcome(s) and executes appropriately. In providing program management support the contractor shall: 1.Providing qualified, cleared and badged employees to adequately staff the ARRA tasks; 2.Filling vacancies within an average of 30 calendar days unless otherwise agreed to by the Government; 3.Submitting cost and schedule status into the government’s eCPIC application on a monthly basis or as otherwise required; 4.Developing a detailed Work Breakdown Structure, for all planned ARRA work, and Control Account Plans (CAP) incorporating labor and material costs, appropriate milestones with an associated EVM reporting method for each milestone. All Control Account Plans shall be reflective of just the required effort needed to complete the milestones in that CAP; 5.Providing monthly earned value status data that will feed into ENM’s Earned Value Management System for the production of monthly Earned Value Management reports; 6.Ensuring all contractors and subcontractors enter their time daily and accurately into the government’s time tracking system and submit their time weekly in support of its EVMS; 7.Ensuring all Control Account Managers approve employee time for their control accounts within the required time to ensure weekly accurate EVM status can be reported; 8.Adequately plan all work and material procurements for this initiative to ensure cost and schedule variances do not exceed - 5% for any tasks. Additionally, the cumulative Cost Performance Index (CPI) for the program must be 97% or greater and the cumulative Schedule Performance Index (SPI) for the program must be 97% or greater; 9.Developing, within 60 days of the modification that incorporates FTA8 into the task order, a detailed Integrated Master Plan (IMP) and Integrated Master Schedule (IMS) that incorporate major program events, significant accomplishments, accomplishment criteria, tasks, project start dates, project end dates, etc. The IMS shall be tracked and managed within ENM”s MS Project Server system (ET) using MS Project Professional; 10.Ensuring control account managers develop detailed project plans incorporated into the Integrated Master Schedule with a defined critical path and are tracked and updated regularly in ENM’s MS Project Server system (ET) using MS Project Professional; 11.Producing monthly labor invoices specific to ARRA tasks (does not include costs from other functional task areas) and reconcile them with the government’s Earned Value Management System prior to invoicing; 12.Providing surveillance of contract Service Level Agreements to ensure contractors will meet or exceed requirements; 13.Ensuring collaboration with other DoS offices, annexes, and foreign affairs agencies; 14.Ensuring all hardware/software procurements are submitted to the ENM CCB for approval and forwarded to CESR for final approval and funding; 15.Ensuring full cooperation with ENM Planning Directorate established processes, procedures, and EVM policies as well as full cooperation with ENM managed Integrated Baseline Reviews; 16.Developing Risk Management Plans and continuously exploring ways to mitigate risk; 17.Establishing a single document repository in the ENM File Cabinet to store all ARRA project plans, risk management plans, control gate documentation, meeting minutes and other related documentation; 18.Ensuring detailed minutes of all control gates and related meetings are taken and stored in the ARRA documentation repository with related project documents; and 19.Ensuring all tasks are completed on time as scheduled and within 26 months from the date of the task order modification. 7.8.2 Task 2 - Network Access Control and Perimeter Security In support of Network Access Control and Perimeter Security, the contractor is required to design, engineer, and implement a more secure foreign affairs network by deploying secure network access points (enclaves) around the globe that will better protect against cyber attacks. The contractor shall design, engineer, test and deploy network access controls to a minimum of 145 sites (overseas and domestic) at a rate of 15 sites or more per month and in accordance with scheduled SLA milestones. The contractor shall deploy network access controls to all large embassies that meet the requirements for security enclaves. Access onto the Departments network will be provided based upon need, requirements and compliance with DoS End-to-End Configuration requirements for a standardized operating environment. The contractor shall work with the IMO’s at embassies as well as other DoS offices such as MSO, DS, IA, EA, and PKI to identify sites and determine requirements for deploying the enclaves. Some travel may be required to gather requirements. The contractor shall provide network access control and perimeter security that includes but is not limited to the tasks listed below. a.The contractor shall provide Security Infrastructure Design/Acquisition that includes but is not limited to: a.Designing stronger digital locks, alarms, and perimeters around the Department of State’s information systems to better protect against cyber attacks; b.Engineering especially protected areas for the most sensitive data and then building “enclaves” for widest possible use; c.Developing and implementing these changes using the best techniques available to the public and private sector; d.Designing, acquiring and deploying a system that supports multi-agency user access authentication; e.Designing, acquiring and deploying a system that verifies network connected workstation and server configurations to ensure they conform to Department policy before granting access to the network and enforces standardized workstation configurations; f.Working in coordination with the NexGEN efforts to ensure adequate planning for network design, encryption, routing, and WAN Acceleration/Quality of Service; and g.Deploying network access controls to a minimum of 145 sites overseas and domestic at a rate of 15 sites per month or more and in accordance with scheduled SLA milestones. b.The contractor shall provide Network Modernization Design/Acquisition that includes but is not limited to: a.Designing, acquiring and deploying a single logical network that can consolidate all of the Department’s networks into a single Modernized Network using the best techniques available to the public and private sector as well as best practices; b.Assisting the ENM Director in support of the CIO to advertise the new single network with the goal of DoS offices and other federal agencies migrating to it; c.Expanding network capability to make electronic exchanges with citizens interactive. Examples of interactive exchanges could include discussion of key foreign policy issues with anyone and responses to citizen requests for services provided by the Department of State; d.Providing and deploying an enterprise portal that provides access to our partner Federal agencies into the performance and status of the enterprise network at any point in time; e.Ensuring the design will allow for eliminating the need for switches at the desktop to switch between networks or secure environments; and f.Building disaster recovery/continuity of operations (COOP) capabilities for the foreign affairs community eliminating a single point of failure. 7.8.3 Task 3 –End-to-End Configuration Management The contractor is required to provide design, testing, integration, and deployment of end-to-end configuration management which is critical to providing a secure operating environment that minimizes the risk of security threats and vulnerabilities on the Department’s enterprise network. This task requires the contractor to centralize management of enterprise workstation and server configurations, which is a requirement to be on the enterprise network enclaves, and allows the opportunity to provide centralized patch management to the enterprise without manual intervention. The Contractor shall provide design/engineering, testing, integration and deployment that allows for end-to-end configuration management of the enterprise to a minimum of 145 sites within the 26 month milestone schedule. This includes but is not limited to the following: 1.Designing and building networks flexible enough to implement changes in the management or structure of administrative services in the foreign affairs community without expensive re-design; 2.Implementing a network design that will securely support the same multi-media technologies already available on the Internet for interaction between government, the citizens, business, and communities, as advocated by the administration. This includes the support of technologies including safest possible use of social networks and streaming video/audio; 3.Building a security foundation consistent with the many different business needs of our partner Federal agencies abroad. This involves balancing highly secure requirements with requirements to interface actively with the public on the same IT infrastructure; 4.Testing, integrating, and deploying a centrally managed network with regional hubs to support all foreign affairs agencies world-wide and in conjunction with the ENM Director in support of the CIO advertising the availability of the network; 5.Standardizing the operating environment of workstations and servers at all the sites with the same configuration and implementing tools to maintain the configuration. This includes developing templates for a standardized configuration of workstations and servers, converting the servers and workstations onto the standardize configuration and equipment as the network access controls are put into place, and maintain the configuration centrally; 6.Developing standard operating environment templates to support other federal agency requirements for connection into the security enclaves; 7.Developing standard operating procedures and guidelines for administering and maintaining the configuration; and 8.Implementing configuration management to a minimum of 145 sites at a rate of 15 sites or more per month. 7.8.4 Task 4 - Automated/Centralized Patch Management – The contractor shall, by the end of month 26 of this initiative after the execution of the modification that incorporates FTA8 into the task order, integrate all DoS sites, domestic and overseas, under Centralized Patch Management (CPM) thereby enabling Universal Patch Management capabilities. CPM will enable IRM to deploy patches to all workstations and servers in the enterprise without manual intervention. The End-to-End Configuration initiative will allow DoS to maintain a configuration that allows for enterprise patching. This includes but is not limited to: 1.Integrating workstations and servers at all DoS sites, domestic and overseas, under Centralized Patch Management (CPM) that will allow IRM to deploy patches to without manual intervention; 2.Working with each site’s local administrator to get their workstations to the current SOE-D configuration as well as servers and incorporating them into CPM. 3.Ensuring that after a site is integrated into CPM the contractor shall install 95% of the in-scope patches applicable at the sites by the end of 3 business days if the patch is rated as a Critical risk; 4.Ensuring that after a site is integrated into CPM the contractor shall install 95% of the in-scope patches applicable at the sites by the end of 5 business days if the patch is rated High, Medium, or Low. The clock starts on the day the Patch Installation Order Cable is released to the Department. The contractor is not responsible for deploying patches/upgrades outside of the Enterprise Patch Management’s proactive patching scope. This includes any patches/upgrades handled by the Department’s Vulnerability Management Process; and 5.Automating critical functions using the best techniques available to the public and private sector for installing security patches, distributing software security upgrades, and monitoring dangerous events via recorded audit logs. 7.8.5 Task 5 - Domestic Network Modernization The contractor shall re-design and engineer the Department’s domestic wide-area-network and metropolitan-area-network architectures to adequately support emerging operational and security requirements, centralized IT consolidation, and the migration of all annexes and ports onto E-Net. This includes but is not limited to: 1.Re-designing and engineering the Department of State’s IT Domestic Network (E-NET) to support emerging operational and security requirements using the best technology available to lower the greatest amount of risk; 2.Developing a new design that can adequately support the centralized consolidation of all IT within the Department (i.e. centralized E-mail, centralized File & Print server, etc.); 3.Developing a design that incorporates all Annexes and DoS offices that makeup the Domestic MAN/WAN and all of their ports to include support of voice, data and video services; 4.Developing a detailed project plan, establishing system requirements, and producing a list of equipment to be procured in support of the design as well as circuit (bandwidth) requirements; 5.Developing a critical design that eliminates the need for switches at the desktop to switch between networks or secure environments; 6.Placing analyzers in annexes to test traffic and plan requirements for an office moving to E-Net; 7.Establishing deployment specification requirements the incorporates a phased design in conjunction with IT Consolidation schedules; and 8.Submitting detailed design specifications and equipment requirements as part of transition to IRM/OPS/ENM/TWD for acquisition/provisioning, deployment, and operations and maintenance. Task may require provisioning of circuits and deployment instead of TWD; however that will be determined during the Deployment Readiness Review in Month 10. If NGIT is tasked with provisioning and deployment, they will convert all domestic sites to ENet. O&M support will remain with TWD. Performance will be measured based on ten Service Level Agreements (SLAs) as stated below: SLA1 - Objective:The speed with which positions are filled with qualified, experienced and cleared personnel to resolve day-to-day issues and support ARRA requirements. Required Service:The Contractor shall provide qualified, experienced and cleared staff to adequately support the program by filling open billets within 32 calendar days from the date the position (billet) becomes open unless otherwise agreed to by the Government or rejection by the Government of candidates who meet the technical requirements for the job. SLA2 - Objective:To successfully consolidate all 260 overseas sites (embassies and consulates) and 75 domestic sites into the Department’s Centralized Patch Management program. Consolidation of a site consists of upgrading it to the current SOE configuration and placing the site under CPM control. Required Service:The Contractor shall complete a project plan, a ConOps, conduct site surveys, and a Deployment Plan within the first four months of MOD execution. During the fifth month, 10 OpenNet sites will be consolidated and placed under CPM control. Thereafter, the contractor shall incorporate 20 OpenNet sites per month into the CPM program with the goal to incorporate 260 embassies and consulates by Month 17. In month 18, 5 domestic sites will be consolidated and placed under CPM control and thereafter 10 sites per month for a total of 75 domestic sites by Month 25. SLA3 - Objective:To deploy in-scope patches directly to desktops and servers in the time required. Required Service:Once a site is integrated into CPM, the contractor shall ensure that 95% of the in-scope patches applicable at the sites are installed by the end of 3 business days if the patch is rated as a Critical risk and by the end of 5 business days if the patches are rated High, Medium or Low. The clock will start on the day the Patch Installation Order Cable is released to the Department. The contractor shall not be responsible for patches/upgrades outside of Enterprise Patch Management’s proactive patching scope. These include any patches/upgrades handled by the Department’s Vulnerability Management Process. SLA4 - Objective:Deploy Network access control and security enclaves to a minimum of 145 sites globally. Required Service:The Contractor shall deploy network access control to OpenNet sites, establish security enclaves, and upgrade the OpenNet perimeter security. The deployed system shall support multi-agency user access authentication. The system shall also, in conjunction with the end-to-end configuration management deployment (SLA5), verify network connected workstation/server configurations to ensure they conform to department policy before granting access to the network. SLA5 - Objective:Implement End-to-End workstation and server Configuration Management to a minimum of 145 sites. Required Service:The Contractor shall deploy end-to-end PC/server configuration management to OpenNet sites in parallel with the Network Access Control (NAC) project (SLA4). The configuration management system shall, in conjunction with the NAC system, verify network connected workstation/server configurations to ensure they conform to department policy before granting access to the network and implement the tools to maintain workstation and server configurations. SLA6 - Objective:Design and reengineer the Department’s IT Domestic Network to support emerging and security requirements Required Service:The Contractor shall design and develop a framework to modernize the domestic OpenNet WAN, incorporating the support of ClassNet WAN and a VoIP WAN. The Contractor shall prepare a detail design for the metropolitan DC area network, incorporating long term security and performance goals. The contractor shall conduct a Deployment Readiness Review in Month 10. At the DRR, if the decision is made by the Govt to transition the effort to another contractor, then month 11 will be the end of the project for NG, and this SLA will be considered Non-applicable for months 12-26, and its value will be distributed among the other SLAs based on their relative weights. If the decision is made to have NG perform the deployment, NG will deploy the sites as described below. SLA7 - Objective:Cost Performance Index across all ARRA projects Required Service:Contractor shall provide weekly earned value cost status to feed into the Government’s EVMS. The cumulative Cost Performance Index (CPI) for the program must be 97% or greater. SLA8 - Objective:Schedule Performance Index across all ARRA projects Required Service:Contractor shall provide weekly earned value schedule status to feed into the Government’s EVMS. The cumulative Schedule Performance Index (SPI) for the ARRA program must be 97% or greater. SLA9 - Objective:Cost and Schedule Variances across all ARRA projects and initiatives do not exceed a 5% variance (applies to individual tasks and is not a roll-up). Required Service:Contractor shall provide weekly cost and schedule status of all ARRA projects and initiatives. The Cost and Schedule Variance Percentages cannot exceed the -5% range for any tasks during the month (not a roll-up). SLA10 - Objective:Ensure contractors enter all billable project, task and level of effort related labor into ENM’s Time Tracking System daily and accurately at the end of their shift. Contractors are not permitted to enter their time before the time is worked. Required Service:All Contractors’ shall record billable time on a daily basis to the correct control account/task and at the end of their shift in the ENM Time Tracking System. The Program Manager shall submit copies of timesheets, hand clock records, or other supporting data as requested.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/State/A-LM-AQM/A-LM-AQM/Awards/ModificationM024.html)
- Record
- SN01892858-W 20090801/090730235314-1a6758b807e1e7bd299f1f5044c96df4 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |