Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF JUNE 30, 2013 FBO #4236
SOLICITATION NOTICE

70 -- SIPRNet Accreditation - Package #1

Notice Date
6/28/2013
 
Notice Type
Combined Synopsis/Solicitation
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of the Army, National Guard Bureau, CRTC-ALPENA/LGC OFFICE, MICHIGAN AIR NATIONAL GUARD, 5884 A STREET, ALPENA, Michigan, 49707-8125
 
ZIP Code
49707-8125
 
Solicitation Number
W912JB13T9001
 
Archive Date
8/15/2013
 
Point of Contact
Jonathan D. Bodus, Phone: 9893546586
 
E-Mail Address
jonathan.bodus@ang.af.mil
(jonathan.bodus@ang.af.mil)
 
Small Business Set-Aside
N/A
 
Description
Solicitation Package General Information Document Type: Combined Synopsis / Solicitation Solicitation Number: W912JB-13-T-9001 Project Name: Alpena CRTC SIPR Accreditation Classification Code: 70 - ADP Software NAICS Code: 511210 Software Publishers Contracting Office Address Department of the Air Force, Air National Guard, Alpena Combat Readiness Training Center (CRTC), 5884 A Street, Alpena, Mi, 49707-8125, UNITED STATES Description: (i) This is a combined synopsis/solicitation for commercial items prepared in accordance with the format in FAR Subpart 12.6, as supplemented with additional information included in this notice. This announcement constitutes the only solicitation; proposals are being requested and a written solicitation will not be issued. (ii) This solicitation is issued as a Request for Quote (RFQ) against solicitation number W912B-13-T-9001 for a commercial items acquisition for the accreditation of the base Secret Internet Protocol Router Network (SIPRNet) at the Alpena Combat Readiness Training Center located in Alpena, MI. (iii) This solicitation document and incorporated provisions and clauses are those in effect through Federal Acquisition Circular (FAC) 2005-068 effective 26 Jun 2013. (iv) The North American Industrial Classification System (NAICS) Number is 511210 - Software Publishers, Small Business Size Standard $25,000,000. (v) The proposed acquisition consists of the following Contract Line Items Numbers (CLINs): To be considered RESPONSIVE, offeror's must address all CLINs utilizing W912JB-13-T-9001 Proposal Bid Schedule. (vi) Description of requirements for the items to be acquired. The CRTC requires that the vender be certified as an Agent to the Certification Authority (ACA) for the Air Force and shall perform the following tasks in accordance with the full DIACAP as outlined in DoDI 8510.01 and AFI 33-210: 1. Identify IA controls a. Create DIACAP Implementation Plan b. Select IA controls based on MAC level c. Ensure all Designated Approving Authority security requirements are identified 2. Network Assessment a. Utilize a variety of vulnerability assessment tools to identify if security requirements are being met. e.g., identification and authentication, audit, object reuse, discretionary access control, data encryption, and labeling b. Generate a detailed report of configuration shortfalls as they apply to the IA controls and Security Technical Implementation Guidance (STIG) 3. Non-technical Controls a. Assess all Information Assurance documentation (e.g., training plans, security policies, disaster recovery plans, continuity of operations, etc...) and develop when necessary. 4. Security Architecture Assessment a. Evaluate the security architecture based on standard commercial or National Security Agency (NSA)-approved information security technologies to facilitate/improve secure information processing/networking. We consider all aspects of user authentication, access control, data confidentiality, data integrity, system availability, and auditing; and identify the required protection of transmission paths/sites and procedures for the setting up and the placement of authentication (e.g., CAC), intrusion detection (e.g., detecting denial of service attacks or probes), firewall (e.g., filters and proxies), and encryption (e.g., key management) devices. b. Ensure all products are NIAP approved, and analyze inherently insecure protocols, such as telnet, FTP, and versions of SNMP 5. Technical Control Testing a. Conduct testing and assess the network to determine the adequacy of its security measures. Areas that are evaluated include identification and authentication, auditing, discretionary access control, object reuse, purge, security tools in use, active network ports and services, and system configuration in accordance with the DISA STIGs. b. full technical security policy compliance audit and vulnerability assessment which includes an extensive line item configuration audit of the control and management devices, network connections, and network interfaces perimeter security measures, and other embedded network components, as well as computer systems and operating system instances within the network c. This detailed system level configuration audit consists of an evaluation of account and audit polices; storage and protection of system and device security log data; IAVM compliance and patching status of all network components; minimization of all non-essential system/network services, antivirus implementation, and update processes; proper implementation of warning banners/screen savers; implementation of least privilege, file permissions, and user rights; use of approved encryption mechanisms for users' certificates and protection of data in transit and at rest; and an extensive evaluation of the network's resilience against attempts by attackers 6. Evaluation a. Correlate the result of the validation procedures with the corresponding IA control, and map the results to the proper DoD 8500.2 IA control requirements for subsequent risk analysis and reporting. 7. Risk Assessment a. Identify risk based on probability, and calculate an overall network risk. b. Identify processes, safeguards or countermeasures to mitigate risks will be developed. c. Make recommendation to mitigate risk to an acceptable level. 8. C&A Package a. Input all data into the Department of Defense Enterprise Mission Assurance Support Service (eMass) utilizing all appropriate AFNET and ANG service level agreement inheritance. b. Progress each IA control through the appropriate validations c. Generate SIP, DIP, POA&M as relevant or appropriate. 9. NIPR/SIPR FISMA Assessment a. Prepare all FISMA documentation b. Test annual FISMA controls c. Generate FISMA IA reports in eMass (vii) The requested delivery date for the above items is 31 Jan 2014. Please provide the cost of freight charges if applicable. Estimated Delivery Date if Different than Requested Date: ____________ (viii) Provision at 52.212-1, Instructions to Offerors -- Commercial, applies to this acquisition. Offerors must comply with all instructions contained in FAR 52.212-1, Instructions to Offerors--Commercial Items-(JUN 2008). (x) Provision at 52.212-3, Offeror Representations and Certifications -- Commercial Items applies and to that end offerors must ensure that the representations and certifications have been completed in accordance with FAR 52.212-3 Offeror Representations and Certifications--Commercial Items on the ORCA website (http://orca.bpn.gov/publicsearch.aspx). (xi) Clause at 52.212-4, Contract Terms and Conditions -- Commercial Items, applies to this acquisition. (xii) Clause at 52.212-5, Contract Terms and Conditions Required To Implement Statutes Or Executive Orders -- Commercial Items Dec 2009 Deviation. (xiii) Contract financing arrangements will not apply. The following additional clauses will apply: CLAUSES INCORPORATED BY REFERENCE 52.204-7 Central Contractor Registration APR 2008 52.204-9 Personal Identity Verification of Contractor Personnel SEP 2007 52.211-6 Brand Name or Equal AUG1999 52.219-28 Post-Award Small Business Program Rerepresentation APR2009 52.222-3 Convict Labor JUN 2003 52.222-21 Prohibition Of Segregated Facilities FEB 1999 52.222-22 Previous Contracts and Compliance Reports FEB 1999 52.222-26 Equal Opportunity MAR 2007 52.222-50 Combating Trafficking in Persons AUG 2007 52.223-5 Pollution Prevention and Right-to-Know Information AUG 2003 52.223-15 Energy Efficiency in Energy-Consuming Products DEC 2007 52.232.18 Availability of Funds APR 1984 52.232-33 Payment by Electronic Funds Transfer--Central Contractor Registration OCT 2003 52.233-3 Protest After Award AUG 1996 52.233-4 Applicable Law for Breach of Contract Claim OCT 2004 52.250-2 SAFETY Act Coverage Not Applicable NOV 2007 252.203-7000 Requirements Relating to Compensation of Former DoD Officials JAN 2009 252.203-7002 Requirement to Inform Employees of Whistleblower Rights JAN 2009 252.204-7004 Alt A Central Contractor Registration (52.204-7) Alternate A SEP 2007 252.212-7000 Offeror Representations and Certifications- Commercial Items JUN 2005 252.225-7001 Buy American Act and Balance Payments Program JAN 2009 252.232-7003 Electronic Submission of Payment Requests and Receiving Reports MAR 2008 252.232-7010 Levies on Contract Payments DEC 2006 CLAUSES INCORPORATED BY FULL TEXT 52.252-2 CLAUSES INCORPORATED BY REFERENCE (FEB 1998) This contract incorporates one or more clauses by reference, with the same force and effect as if they were given in full text. Upon request, the Contracting Officer will make their full text available. Also, the full text of a clause may be accessed electronically at this/these address(es): http://farsite.hill.af.mil/VFFARA.htm (End of clause) 52.252-5 AUTHORIZED DEVIATIONS IN PROVISIONS (APR 1984) (a) The use in this solicitation of any Federal Acquisition Regulation (48 CFR Chapter 1) provision with an authorized deviation is indicated by the addition of"(DEVIATION)" after the date of the provision. (b) The use in this solicitation of any provision with an authorized deviation is indicated by the addition of "(DEVIATION)" after the name of the regulation. (End of provision)
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/USA/NGB/DAHA20-3/W912JB13T9001/listing.html)
 
Place of Performance
Address: Alpena Combat Readiness Training Center, Alpena, Michigan, 49707, United States
Zip Code: 49707
 
Record
SN03103065-W 20130630/130628235040-01797e2063487bf0f9107c0e464279d4 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.