Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF SEPTEMBER 18, 2011 FBO #3585
SOLICITATION NOTICE

70 -- Data Loss Prevention (DLP) - Contract Deliverables

Notice Date
9/16/2011
 
Notice Type
Combined Synopsis/Solicitation
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Defense Logistics Agency, DLA Acquisition Locations, DLA Contracting Services Office - Philadelphia, 700 Robbins Avenue, Philadelphia, Pennsylvania, 19111-5096, United States
 
ZIP Code
19111-5096
 
Solicitation Number
SP4701-11-R-0021
 
Archive Date
10/7/2011
 
Point of Contact
Mark Sullivan, Phone: 215-737-4851
 
E-Mail Address
mark.sullivan@dla.mil
(mark.sullivan@dla.mil)
 
Small Business Set-Aside
N/A
 
Description
Contract Deliverables COMBINED SYNOPSIS/SOLICITATION DLA Contracting Services Office - Philadelphia Site intends to solicit for Data Loss Prevention software, hardware and support services on a competitive basis. A brand name or equal product is required for this requirement. Request for Proposal SP4701-11-R-0021 contemplates a Firm Fixed Price type contract with Performance Measures. In Accordance with FAR 12.603 this solicitation is issued as a request for proposals. The performance period is expected to start at time of award and continue thru 12 months. This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in FAR Subpart12.6 using Simplified Acquisition Procedures under FAR Part 13; as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; a proposal is being requested and a written solicitation will not be issued- PAPERCOPIES OF THE SOLICITATION WILL NOT BE AVAILABLE. The Government will not pay for information received. The NAICS code is 541519 with a size standard of $25M. The solicitation document and incorporated provisions and clauses are those in effect through the current Federal Acquisition Circular. It is the contractor's responsibility to be familiar with the applicable clauses and provisions. The clauses may be accessed in full text at this address: http://farsite.hill.af.mil. The Contract Line Items (CLINS) are as follows: CLIN 0001 SOFTWARE Part #-SW-DLPDC-40000, DLP Datacenter per User, Qty. 35,000 Part #-SW-NMEFB-40000, DLP Network Monitor + Enforce per User, Qty. 35,000 Part #-SW-EDEEB-40000, DLP Endpoint Discover + Enforce per User, Qty.35,000 Part #-AXM00001000, RSA Access Manager Core Bundle per User, Qty. 100 Part #-SSF-SOL-COM-U5-P, Archer On-Demand Application, Qty. 2 CLIN 0002 HARDWARE Part #-RSA-0010405, DLP Network Sensor Appliance, Qty. 14 Part #-RSA-0010406, DLP Network Interceptor Appliance, Qty. 8 Part #-RSA-0010407, DLP Network ICAP Server Appliance, Qty. 14 Part #-RSA-0010408, DLP Network Controller Appliance, Qty. 4 CLIN 0003 ANNUAL MAINTENANCE Part #-M-SW-DLPDC-40000, Basic Maintenance for DLP Data Center Software for Year 1, Qty. 35000 Part #-M-SW-NMEFB-40000, Basic Maintenance for DLP Network Bundle for Year 1, Qty. 35000 Part #-M-SW-EDEEB-40000, Basic Maintenance for DLP End Point Bundle for Year 1, Qty. 35000 Part #-M-HW-DLP-SENS Basic Maintenance for Network Sensor Appliance for 1 Year, Qty. 14 Part #-M-HW-DLP-INT, Basic Maintenance for Network Interceptor Appliance for 1 Year, Qty. 8 Part #-M-HW-DLP-ICAP, Basic Maintenance for Network ICAP Appliance for 1 Year, Qty. 14 Part #-M-HW-DLP-CONT, Basic Maintenance for Network Controller Appliance for 1 Year, Qty. 4 Part #-STD-SUP-P, Basic Maintenance for Archer On Demand Application for 1 Year, Qty. 1 Part #-AXM00001000E12, Enhanced Maintenance for Access Manager for 1 Year, Qty. 100 Part #-PS-CAS-CUS, Basic Maintenance for Archer Custom Applications for 1 Year, Qty. 1 A single award for all line items will be made to the lowest price technically acceptable offeror. MUST BE BRAND NAME OR EQUAL CLIN 0004: Labor Support Services. The contractor shall perform the following tasks: Task 1 - Within five (5) business days after receipt of contract award, the contractor shall contact the Contracting Officer's Representative (COR) to arrange for a kick off meeting to initiate action and confirm requirements. The actual meeting and determination of actions to be taken must take place within five (5) days after receipt of order. Task 2 - Install EMC/RSA (or equal) Data Loss Prevention Hardware and Software at 11 DLA Primary Field Sites to enable Data at Rest Scanning by end of the contract period of performance. EMC/RSA (or equal) Data Loss Prevention Hardware and Software at DLA HQ field site to be installed and operational within 3 months after receipt of contract award. Task 3 - The contractor shall work with the COR with assistance from the POCs (or their proxies) to enable a rapid transition to the new EMC/RSA (or equal) DLP technology platform. The contractor shall use the appropriate mix of technical professional services and professional services project management to develop, test and deploy a DLA Custom PII Policy where completion of task is determined by delivery of a customized PII policy that provides detection of unencrypted Social Security Numbers with a False Positive Rate less than or equal to 10%. Task 4 - The contractor shall work with the COR with assistance from the POCs (or their proxies) to enable a rapid transition to the new EMC/RSA (or equal) DLP technology platform the contractor shall use the appropriate mix of technical professional services and professional services project management to develop, test and deploy a DLA Custom PII Incident Management Workflow where completion of task is determined by integration of DLA's published PII Incident Management Workflow, and transition of existing DLP management workflow. Task 5 - The contractor shall work with the COR with assistance from the POCs (or their proxies) to enable a rapid transition to the new EMC/RSA (or equal) DLP technology platform the contractor shall use the appropriate mix of technical professional services and professional services project management to develop, test and deploy DLA Custom PII Incident Reporting where completion of task is determined by transition of existing DLP incident reports and implementation of DLA DLP PII summarized dashboard reports. Task 6 - The contractor shall work with the COR with assistance from the POCs (or their proxies) to enable a rapid transition to the new EMC/RSA (or equal) DLP technology platform the contractor shall use the appropriate mix of technical professional services and professional services project management to develop, test and deploy DLA Custom DLP System Reporting where completion of task is determined by transition of existing DLP system reports and implementation of DLA DLP summary dashboard reports. Task 7 - The contractor shall work with the COR with assistance from the POCs (or their proxies) to enable a rapid transition to the new EMC/RSA (or equal) DLP technology platform the contractor shall use the appropriate mix of technical professional services and professional services project management to develop, test and deploy DLA DLP PKI/CAC Authentication Integration such that the EMC/RSA (or equal) DLP product is fully integrated with DLA PKI/CAC authentication infrastructure where completion of task is determined by functioning integration. Task 8 - The contractor shall work with the COR with assistance from the POCs (or their proxies) to enable a rapid transition to the new EMC/RSA (or equal) DLP technology platform the contractor shall use the appropriate mix of technical professional services and professional services project management to develop, test and deploy DLA DLP AD Role Based Access Control Authorization such that the EMC/RSA (or equal) DLP product is fully integrated with DLA AD infrastructure where completion of task is determined by functioning integration. Task 9 - The contractor shall provide three (3) students of DLA's choosing, e.g., two DLA employees and one DLA IT support contractor, comprehensive instruction in the administration and configuration of the EMC/RSA (or equal) Data Loss Prevention (DLP) Suite. Each student shall be trained in and provided 1 week (36 credit hours per student) of theory and product basics such as the EMC/RSA (or equal) DLP Suite architecture, integration of EMC/RSA (or equal) DLP components, and the importance of various configuration parameters are discussed. The contractor shall deliver this training within thirty (30) days after receipt of order. Task 10 - The contractor shall provide three (3) students of DLA's choosing, e.g., two DLA employees and one DLA IT support contractor, comprehensive instruction in the EMC/RSA (or equal) Archer platform's Basic Administration capabilities. Each student shall be trained in and provided 1 week (36 credit hours per student) with detailed insights and best practices for administering the EMC/RSA (or equal) Archer platform, and each student will learn how to build and develop custom applications, integrate applications with external data sources and communicate GRC information through reports, emails and dashboards. After completing this class, each student will be prepared to use the EMC/RSA (or equal) Archer platform to solve common GRC problems and meet the business requirements of various enterprise stakeholders. The contractor shall deliver this training within eleven (11) months after receipt of order. Task 11 - The contractor shall provide three (3) students of DLA's choosing, e.g., two DLA employees and one DLA IT support contractor, comprehensive instruction in the EMC/RSA (or equal) Archer platform's Advanced Administration capabilities. Each student shall be trained in and provided 1 week (36 credit hours per student) with detailed insights and best practices for administering the EMC/RSA (or equal) Archer platform, and each student will learn how to build and develop custom applications, integrate applications with external data sources and communicate GRC information through reports, emails and dashboards. After completing this class, each student will be prepared to use the EMC/RSA (or equal) Archer platform to solve common GRC problems and meet the business requirements of various enterprise stakeholders. The contractor shall deliver this training within eleven (11) months after receipt of order. Task 12 - The contractor shall supply: software upgrades and patches and five (5) days per week by nine (9) hours per day telephone technical support provided to DLA technical POCs designated by COR. Task 13 - The contractor is responsible to provide seamless transfer of knowledge from outgoing personnel to the new personnel in his staff. The contractor shall not allow change in personnel to affect productivity and timely receipt of deliverables. Deliverables shall include technology architecture diagrams, Application STIG documentation, Web Server STIG documentation, Database STIG documentation, and Operating System STIG documentation. All documentation will be delivered in Microsoft Office file formats: Word, Excel, Visio, Project. The Performance Work Statement (PWS) is as follows: 1.1 INTRODUCTION: DLA requires a suite of enterprise-scalable information technology (IT) tools to provide data loss prevention (DLP) capabilities. 1.2 GENERAL REQUIREMENTS: Automate the detection, remediation, movement, and quarantine, of unencrypted files containing PII from Network Share drives, unauthorized SharePoint repositories, Microsoft Exchange Public folders, Internet egress points, and e-mails thereby reducing risk to the DLA Enterprise of unauthorized disclosures of, or access to, PII. This requirement will be achieved to minimize risk of unsecured PII being stored on unauthorized file locations within the DLA "Firewall," and detect, prevent, and quarantine unsecured PII in e-mail from leaving DLA, thereby minimizing the risk of that PII ever being lost, stolen, or compromised to anyone outside of DLA. This requirement will also be achieved to maximize DLA compliance with the Privacy Act of 1974, as amended; the Federal Information Security Management Act of 2002; OMB Memorandum M-07-16, "Safeguarding Against and Responding to the Breach of Personally Identifiable Information;" DoD 5400.11-R, "DoD Privacy Program Regulation," Appendix 1, "Safeguarding Personally Identifiable Information;" DoDI 8500.2, "Information Assurance (IA) Implementation;" NIST SP 800-53, Rev 3., "Recommended Security Controls for Federal Information Systems and Organizations;" and CNSS Instruction No. 1253, "Security Categorization and Control Selection for National Security Systems." The contractor shall work with J-64, DGA, as well as J6F employees and contractors to customize the EMC/RSA (or equal) DLP product to meet J-64's requirements as detailed below. This effort will not be considered complete until the customer signs off for completion of each requirement defined below. Offeror will also provide technical support to EMC/RSA (or equal) DLP users. Visits to the Andrew T. McNamara Building must be arranged ahead of time to establish an escort. Any offeror personnel to work on location shall come with appropriate identification (a valid driver's license). Offeror personnel will be signed in and must stay with an escort while in the building. Questionable individuals may be refused entrance into the complex. Database administrator, and any contract personnel who have direct access to the DLA EMC/RSA (or equal) DLP system, will be in a position classification of IT 2 which requires a National Agency Check with Law and Credit Checks (NACLC). The NACLC must be favorably adjudicated by DoD and should show in the DoD Joint Personnel Adjudication System (JPAS). The contractor must ensure that there accreditation is completed. 1.3 CONTRACT DELIVERALBLES: See attached document "Contract Deliverables" 1.4 CONTRACT TYPE: Firm Fixed Price with Performance Measures 1.5 PERIOD OF PERFORMANCE: The period of performance shall be for 12 months after award. The contract period of performance will be considered to have started when the contract is signed by both parties and all badges and clearances have been issued. 1.6 PLACE OF PERFORMANCE: Defense Logistics Agency (DLA) DLA Information Operations (J6) 8725 John J. Kingman Road Fort Belvoir, VA 22060-6221 1.7 CONTRACTING OFFICERS REPRESENTATIVE: To be named at time of award. 1.8 CONTRACT SPECIALIST: Mark Sullivan Phone #: (215) 737-4851. FAX #: (215) 737-7942. Email Address: Mark.Sullivan@dla.mil 1.9 SUBMISSION OF QUESTIONS: Questions with respect to this RFP should be submitted via email to the Contract Specialist (see Section 1.8, above). Any technical questions, requests for clarification or requests for data in connection with this RFP must be submitted in writing on or before September 20, 2011 by 12:00pm (Eastern Time) to allow DLA adequate time to provide answers or to consider potential changes to the RFP. Vendors are strongly urged to follow-up the submission of any questions to the Specialist via telephone to ensure that questions have been received. 1.10 PROPOSAL SUBMISSION: Offerors shall submit proposals in two parts shown below: • Technical Proposal (Showing the product proposed is equal to the products listed in this RFP). • Price Proposal (Showing a breakout of all items and substantiating the tasks listed under CLIN 0004). All offers must be submitted on or before September 22, 2011 @ 12:00pm Eastern Time. All responses should be submitted electronically to the email listed in 1.8. Per DLA directive all e-mail entering or leaving DLA systems is not to exceed a total message size of 15MB. Proposal submissions exceeding 15MB need to be separated into multiple e-mails or condensed prior to submission. Offeror's shall follow up with a phone call to the contracting POC listed in 1.8 to ensure receipt of proposal. 2.1 PERFORMANCE MEASURES: 2.1.1 Purpose of Measure The subject procurement will be awarded using a fixed price contract with performance based measures. The performance measurements to be used to assess the Contractor's performance under this contract will determine whether the Contractor is performing at acceptable levels in order to allow for a 100% payment of monthly invoices. The Government will make objective and subjective assessments of the Contractor's performance to determine whether contractor performance is acceptable. The Contractor is expected to perform all functions in a professional manner and prepare accurate and timely documentation. Progress will be tracked based on the milestone event when the Contractor receives a specific tasking. The number of completed actions will be balanced against the quality of this output. 2.1.2 PERFORMANCE MEASUREMENTS: The performance measurements under this contract shall be based on timeliness and quality of the work and deliverables provided by the Contractor under the contract. These measurements are defined as: • Timeliness - The completion of taskings and/or the submission of deliverables within the schedule set forth by the government during the performance of the contract. • Quality - The quality of work completed under the resulting taskings will be measured based on the Government's determination of the validity, accuracy, clarity and usefulness of a deliverable or if the work performance met the expected outcomes as was communicated to the Contractor by the government. 2.1.3 FIXED PRICE PERFORMANCE STANDARDS: The following performance standards will be applied to the resultant contract: a) The contractor shall submit a combined monthly invoice for 100% of the fixed monthly amount for each PWS tasking. As part of the Contracting Officer's Representative's (COR) monthly certification process, the COR will indicate on the invoice submitted the amounts authorized for payment for each task based on the performance measures described herein. b) The determination for payment of the performance standards will be made in accordance with the procedures set forth below. c) The COR or his/her designated representative will advise the contractor of what the authorized amount of payment will be for each month within 10 working days of submittal of the invoice. If the COR or his/her designated representative does not come to a determination or certify the invoice within 10 working days than the contractor will be provided 100% of their invoiced amount. Should the government withhold any part of the firm's monthly fee the balance of the amount withheld may be redeemable in a separate invoicing period should the contractor maintain a highly acceptable rating for a minimum of three (3) months. The Contractor may direct questions on any withholding of a payment to the Contracting Officer or Contract Specialist identified herein. If the contractor demonstrates that the firm's inability to meet performance requirements was due to a failure on the part of the Government (i.e. miscommunication of facts, failure to provide the Contractor with information or devices necessary to complete tasks, etc.) the monthly payment, or some part of the monthly payment, may be released to the contractor in a future invoicing period. 2.1.4 PERFORMANCE REVIEW: Below are the Performance Standards that will be used in evaluating performance on a monthly basis and in determining the amount of the monthly payment owed to the contractor. Highly Acceptable - • Meets or exceeds contract requirements in terms of timeliness and quality requirements in the Performance Work Statement. • COR will make a determination to pay the contractor 100% of the monthly invoice amount. Acceptable - • Meets all deliverable requirements of the PWS but required minor revisions necessary and the revisions do not adversely impact the PWS requirements • The COR will make a determination to pay the contractor 95% or more of the monthly invoice amount. Marginally Acceptable - • Have two or more issues that were not minor, such as missed deliverables, poor quality levels of work, or services that did not comply with the intended and agreed to requirements. • The level of authorized payment will be based on the level of the severity the revisions or delayed deliverables cause. • The COR will make a determination to pay the contractor from 85% to 94% of the monthly invoice amount. Unacceptable - • Performance has been Marginally Acceptable for more than one month. • Performance has been at a level where the Contracting Officer has had to issue one or more cure notices regarding performance. • Payment for the month will be withheld pending resolution of cure notice(s). Upon satisfactory resolution of issues related to the cure notice(s), payment for the month in question will be made at the Marginally Acceptable rate. • If issues are not resolved No payment will be made. • Continually monthly performance at the unacceptable level will be at a level where a termination will be considered if the performance is not improved. CLAUSES: The provisions at 52.212-1, 52.212-3, apply to this acquisition. A completed copy of provision 52.212-3 shall be included with the proposal. The clause at 52.212-4, Contract Terms and Conditions Commercial Items, applies to this acquisition. The clauses at 52.212-5 and 252-212-7001, Contract Terms and Conditions Required to Implement Statues or Execute Orders-Commercial Items, 52.222-37, Employment Reports on Disabled Veterans and Veterans of the Vietnam Era; 52.232-33, Payment by Electronic Funds Transfer-Central Contractor Registration, 52.204-7 Central Contractor Registration and 252.204-7004 (AltA) Central Contractor Registration apply to this acquisition, with the following clause checked as applicable: 52.222-2, 52.222-35, and 52.222-36. Offerors must be registered in the CCR and in Wide Area Work Flow prior to solicitation closing. Clause 52.219-9 Small Business Subcontracting Plan is incorporated into the solicitation by reference. The closing date of this solicitation is 22 September 2011 at 12pm (Noon) Eastern time. For additional information concerning this requirement, please contact Mark Sullivan at 215-737-4851 or via E-mail at Mark.Sullivan@dla.mil. 52.252-2 CLAUSES INCORPORATED BY REFERENCE (FEB 1998) This contract incorporates one or more clauses by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. Also, the full text of a clause may be accessed electronically at this address: http://www.dla.mil/j-3/j-336/icps.htm OR http://www.dla.mil/j-3/j-336/logisticspolicy/ procurementlinks2.htm. The following additional clauses are incorporated by reference: CLAUSE TITLE/DATE 52.222-50 Combating Trafficking in Persons (FEB 2009) (22 U.S.C. 7104(g)). ___ Alternate I (AUG 2007) of 52.222-50 (22 U.S.C. 7104(g)). 52.203-6 Restrictions on Subcontractor Sales to the Government (JUL 1995), with Alternate I (SEP 2006) (41 U.S.C. 253g and 10 U.S.C. 2402). 52.225-13 Restrictions on Certain Foreign Purchases (JUN 2008) (E.O.'s, proclamations, and statutes administered by the Office of Foreign Assets Control of the Department of the Treasury). 52.203-3 Gratuites (APR 1984) (10 U.S.C. 2207) 252.209-7004 Subcontracting with Firms that are Owned or Controlled by the Government of a Terrorist Country (DEC 2006) DFARS 52.209-6 Protecting the Government's Interest when Subcontracting with Contractors Debarred, Suspended, or Proposed for Debarment (SEP 2006) 252.209-7004 Subcontracting with Firms that are Owned or Controlled by the Government of a Terrorist Country (DEC 2006) DFARS 252.211-7006 Radio Frequency Identification (FEB 2007) DFARS 52.211-9010 Shipping Label Requirements-MIL-STD-129P (MAY 2006) DLAD 52.211-9014 Contractor Retention of Traceability Documentation (OCT 2008) DLAD 252.225-7002 Qualifying Country Sources as Subcontractors (APR 2003) DFARS 52.232-17 Interest (OCT 2008) 252.232-7010 Levies on Contract Payments (DEC 2006) DFARS 52.242-13 Bankruptcy (JUL 1995) 52.242-15 Stop Work Order (AUG 1989) 52.247-9012 Requirements for Treatment of Wood Packaging Material (WPM)(FEB 2007) DLAD
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DLA/J3/DSCP-PB/SP4701-11-R-0021/listing.html)
 
Place of Performance
Address: 8725 John J. Kingman Road, Fort Belvoir, Virginia, 22060, United States
Zip Code: 22060
 
Record
SN02579660-W 20110918/110916235259-e172dd7282656de2f8eada8d47359239 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.