Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY - FEDBIZOPPS ISSUE OF SEPTEMBER 05, 2015 FBO #5034
SOURCES SOUGHT

70 -- Privileged Access Management Solution

Notice Date
9/3/2015
 
Notice Type
Sources Sought
 
NAICS
511210 — Software Publishers
 
Contracting Office
Social Security Administration, Office of Budget, Finance, Quality and Management, Office of Acquisition and Grants, 1540 Robert M. Ball Building, 6401 Security Boulevard, Baltimore, Maryland, 21235, United States
 
ZIP Code
21235
 
Solicitation Number
SSA-RFI-15-0071
 
Archive Date
9/18/2015
 
Point of Contact
Rick Bolt, Phone: 410-966-8765
 
E-Mail Address
rick.bolt@ssa.gov
(rick.bolt@ssa.gov)
 
Small Business Set-Aside
N/A
 
Description
Privileged Access Management SSA-RFI-15-0071 BACKGROUND SSA currently manages privileged accounts through an IDM tool and assigns Active Directory privileges through multiple tiers of permission groups. With the enterprise scale at which the agency operates, the agency is investigating technical controls over its privileged accounts, while decreasing the agency's privileged account footprint. The agency also recognizes the importance of increased governance over these accounts, as well as increased monitoring and reporting. The agency expects that by evolving its technical controls it will advance its privileged access program. CURRENT ENVIRONMENT SSA currently has one production forest encompassing eight child domains (not including the forest root). Along with the built in Enterprise, Schema, and Domain admin accounts, there are hundreds of groups, which encompasses users who can affect change on three or more devices. These groups are disbursed geographically, mostly across the United States, with some located throughout the world. Each location has designated users who can effect change at their location. GOALS/OBJECTIVES This is a Request for Information (RFI) for an enterprise privilege management solution for the SSA. The goal is to implement an enterprise-wide privilege management solution that is cost-effective and scalable. The agency is exploring privileged management solutions for enterprise use with Active Directory integration. SSA is requesting information from interested and qualified vendors regarding their privileged management solutions. The solution should automate privileged password and privileged session management, provide secure access control, auditing, alerting and recording for any privileged, shared, and service account. The solution should also be able to manage social media accounts, such as Facebook and Twitter. The proposed solution should be compliant with the goals of CMaaS phase 2 objectives, specifically Tools Functional Areas 8 and 9 relating to CRED and PRIV. The solution should assist SSA's goals in conjunction with the Federal Identity Credential and Access Management (FICAM) program which provides architecture and implementation guidance to address Identity, Credential, and Access Management (ICAM) concerns. Specifically, the solution should address two of ICAMs three main capability areas - Credential Management and Access Management. The solution is required to leverage the SSA's existing Active Directory infrastructure for account management as well as its Splunk infrastructure for reporting purposes. SSA is also interested in leveraging integration with HP Service Manager for ticket management. The agency acknowledges that responders may bundle their privileged access management capability into products that support other platforms, such as Unix, Cisco, database, SSH keys, and applications. Although the agency is interested in these technologies, responders should focus their responses on Active Directory and social media as a primary concern. Responders should also assume that the agency is familiar with promotional material concerning their offerings. This RFI seeks information that is not readily available through those channels. RFI REQUIREMENTS SSA has the following mandatory requirements: Enterprise Privileged Management Mandatory Requirements 1. Ability to change password at set intervals including after credential is checked in 2. Ability to manually kill privileged session while in use 3. Ability to force account check-in after certain time interval 4. Ability to manage infrastructure without logging onto a domain controller (i.e. Active Directory tools) 5. Ability to interface with Top Secret from Computer Associates 6. Password and session management together in the same solution - no requirement for two different interfaces or to be charged separately for each 7. Full network scanning, discovery and profiling with auto-onboarding 8. Secure and tamper-proof storage for audit records, policies, entitlements, privileged credentials, recordings 9. Provide for separation of duties 10. Usage and auditing reports 11. Session playback with search capabilities 12. Solution will need to directly interface with Splunk 13. Solution should be able to integrate with HP Service Manager Vendor Responses Vendors that believe they can offer a technically compliant product are invited to submit information concerning their product's capabilities. Detailed responses to each of the above requirements (with substantiating documentation) are required. The vendor response must provide detailed accounts of how each of the requirements are met. Simple marketing information or incomplete responses will not be considered. Reference to vendor web sites is not considered a valid response. Respondents should indicate whether their product is available on GSA Federal Supply Schedules or any other Government-wide Agency Contract (GWAC). You may submit product cost and/or pricing data, inclusive of annual maintenance, with your response, however it is not required. Respondents should refer to SSA-RFI-15-0071. Electronic responses only must be submitted by 12:00 PM, ET, September 17, 2015 to the email address below. Faxed information will not be permitted. The size limitation for email attachments is 5 megabytes. NO FORMAL SOLICITATION IS BEING ISSUED AT THIS TIME, and the Government does not intend to pay for the information submitted. This information will be used in SSA's assessment of capable sources. Respondents will not be notified of any evaluated results from the data received. Any questions should be submitted via EMAIL ONLY (no phone calls please) to the Contracting Officer at Rick.Bolt@ssa.gov.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/SSA/DCFIAM/OAG/SSA-RFI-15-0071/listing.html)
 
Place of Performance
Address: Social Security Administration, National Computer Center, Baltimore, Maryland, 21235, United States
Zip Code: 21235
 
Record
SN03872628-W 20150905/150904001800-659ea1a8bb01a58837532e4af87f987d (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.