Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF FEBRUARY 27, 2011 FBO #3382
SPECIAL NOTICE

D -- Request for Information (RFI) - Information Infrastructure Password Management

Notice Date
2/25/2011
 
Notice Type
Special Notice
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of Homeland Security, Immigration & Customs Enforcement, ICE-OAQ-TC, 801 I STREET, NW, Suite 910, Washington, District of Columbia, 20536, United States
 
ZIP Code
20536
 
Solicitation Number
RFI_HSICE_056_001
 
Archive Date
3/23/2011
 
Point of Contact
Bryan O'Shaughnessy, Phone: 2027322547
 
E-Mail Address
Bryan.O'Shaughnessy@dhs.gov
(Bryan.O'Shaughnessy@dhs.gov)
 
Small Business Set-Aside
N/A
 
Description
INFORMATION INFRASTRUCTURE PASSWORD MANAGEMENT Release Date: February 25, 2011 Response Date: March 8, 2011 THIS IS NOT A SOLICITATION OR REQUEST FOR PROPOSALS. NO PROPOSALS ARE SOUGHT. Any responses to this Request for Information (RFI) should be submitted by March 8, 2011. I. INTRODUCTION The following is a Request for Information (RFI). This inquiry is for information and planning purposes and does NOT constitute a Request for Proposal (RFP). II. BACKGROUND The Department of Homeland Security (DHS) Immigration and Customs Enforcement (ICE) Office of the Chief Information Officer (OCIO) has developed a number of critical IT initiatives that will help ICE modernize its IT systems, adapt and conform to modern IT management disciplines, and provide IT solutions throughout ICE. For additional information on ICE's mission see: http://www.ice.gov/about/index.htm Immigration and Customs Enforcement (ICE) is considering procurement of commercial off-the-shelf (COTS) software for information technology (IT) infrastructure password management. This software needs to be effective, efficient, and compliant with Federal Information Security Management Act (FISMA) requirements. The purpose of this notice is to obtain information on available products and associated services, including current commercial pricing practices, conventions, and warranties for IT infrastructure password management. III. AREAS IN WHICH INFORMATION IS SOUGHT Information and comments are solicited regarding the following Discussion Areas: Discussion Area 1: Industry Practices 1.1 How long has this product been in active development? (including predecessors with similar capabilities) 1.2 Do you have contracts with other Government Agencies? 1.3 What is the largest deployment of the product that you are aware of? 1.4 Do these other Government Agencies use a similar product? 1.5 Are there pre-existing enterprise contracts within other DHS Agencies? 1.6 If you have Federal Government Points of Contact that have successfully implemented this solution, we'd appreciate it if you'd share their contact information with us. 1.7 What type of contract is usually used with this type of solution? (i.e. Firm-Fixed Price, Cost Plus Fee, Time & Material) 1.8 What are the key elements of this type of solution deployment that are critical to successful outcomes and results? 1.9 Would ICE benefit from a demonstration to see and discuss the information submitted in response to this notice? 1.10 How do you provide technical support? Is this covered under the maintenance contract? 1.11 Do you have in-house consulting staff that we may contract to provide onsite implementation, integration, or troubleshooting assistance? a. Are such services available via an approved 3rd party vendor? 1.12 What is the boundary of the fundamental deliverable and are there add-on modules? 1.13 Are product updates freely available as they are released or is a maintenance agreement required? 1.14 Is the product Section 508 compliant? 1.15 What methods/features may be used to scale the product as needs grow (additional servers, server clustering, etc.)? Discussion Area 2: Measuring Performance 2.1 What performance requirements, e.g., tasks and deliverables, are susceptible to measurement? 2.2 What standards can or should be used to measure unsatisfactory, satisfactory, and outstanding achievement of the performance requirements identified? What are the best sources of performance standards? 2.3 Should standards be expressed in terms of technical performance (quality), timeliness (schedule), cost control, or some combination of these parameters? 2.4 What surveillance and measurement techniques can or should be used to determine whether the standards are not achieved, achieved, or exceeded? Discussion Area 3: Technical Characteristics 3.1 What is the maintenance and licensing structure? 3.2 Is this compatible with ICE products to include: a. Local accounts on Windows XP/7 machines b. Local accounts on Linux machines c. Active Directory accounts (service accounts) d. Network device such as Cisco IOS e. SQL/Oracle 3.3 What systems and applications will the product manage out of box? 3.4 Does the product support customization to manage systems not supported natively? a. How are these customizations achieved; scripting, use of an SDK with a compiled language, etc.? 3.5 Is the product dependent upon a client-side service or driver? 3.6 What network ports/protocols does your product utilize? 3.7 What operating system(s) are used to host the product? 3.8 Is the product supported in a virtual environment? 3.9 What methods/features may be used to improve availability (load balancing, hot spare, manual/automatic failover, etc.)? 3.10 What are the formulas we may use to estimate the system requirements for storage, redundancy, and backup? 3.11 What kind of user and interfaces are provided to manage and operate the product (client application, web application, Simple Object Access Protocol (SOAP) interface, etc.)? a. Does the product support Active Directory (AD) Authentication? b. Can security groups be used to control user capabilities within the system? c. Can the AD organization unit (OU) of a managed system be used to limit access to a particular subset of users? 3.12 What happens when devices do not connect to ICE network for long intervals (laptop not used for months, training room computers in power save mode)? a. Maintain password history list? b. Can the current or temporary password be forced to device? With WinMagic locked or unlocked? c. If admin password can only be transferred while WinMagic is unlocked, then window of opportunity is small on laptops. How can the product effectively update laptops? d. Can the product update admin password through VPN connection? e. Admin password retrieval needs to be available 24x7 and easy to access from all ICE locations f. How can the Federal PIV card credential be leveraged to provide strong authentication for administrators, while adhering to the policy that identities used for administrative activities (must be special identities), and not the administrator's "normal" identity that is used for everyday activities such as email and building access? Discussion Area 4: Other 4.1 If you have Federal Government Points of Contact that have implemented a successful password management software solution using FFP, contract incentives, and/or performance-based contracting, we'd appreciate it if you'd share their contact information with us. 4.2 Do you currently offer this product on an existing government contract vehicle such as federal supply schedule? IV. HOW TO RESPOND TO THIS NOTICE Please direct any questions concerning this notice to Mr. Bryan O'Shaughnessy at Bryan.O'Shaughnessy@dhs.gov, or 202-732-2547. Please submit your information and comments, including product data literature, to the Contracting Specialist electronically no later than March 8, 2011. Please submit the replies electronically to Bryan.O'Shaughnessy@dhs.gov. Electronic submissions should be submitted as an e-mail attachment in Microsoft Word. Please repeat each Discussion Area with questions and provide the response beneath. Please submit the information in the same order and using the same numbering scheme in this notice to facilitate evaluation and organization by Government reviewers. Replies will be separated from, and have no bearing on, subsequent evaluation of proposals submitted in response to any resulting formal Requests for Proposals (RFPs). The use of information received in response to this notice may be used by ICE for acquisition planning and solicitation preparation activities. Eligibility in participating in a future acquisition does not depend upon a response to this notice. ICE will not critique the responses to this notice. ICE does not intend to pay for the information solicited and will not reimburse any costs associated with responding to this RFI. Proprietary information is neither sought nor desired by ICE. If such information is submitted, it must clearly be marked "proprietary" on every sheet containing such information, and the proprietary information must be segregated to the maximum extent practicable from other portions of the response (e.g., use an attachment or exhibit).
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DHS/INS/ICE-OAQ-TC/RFI_HSICE_056_001 /listing.html)
 
Place of Performance
Address: 801 I Street, NW, Suite 800, Washington, District of Columbia, 20536, United States
Zip Code: 20536
 
Record
SN02388289-W 20110227/110225234700-219fcab03f8800af407ead19bbf70df5 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.