SOURCES SOUGHT
R -- Public Key Infrastructure and Common Service Provider Engineering and Technical Support
- Notice Date
- 4/14/2016
- Notice Type
- Sources Sought
- NAICS
- 541511
— Custom Computer Programming Services
- Contracting Office
- Defense Information Systems Agency, Procurement Directorate, DITCO-Scott, 2300 East Dr., Building 3600, Scott AFB, Illinois, 62225-5406, United States
- ZIP Code
- 62225-5406
- Solicitation Number
- DISA_PKI_CSP
- Archive Date
- 5/20/2016
- Point of Contact
- Jennifer M. Jones, Phone: 6182299379, Sherita Roberts, Phone: 3012258604
- E-Mail Address
-
jennifer.m.jones265.civ@mail.mil, sherita.m.roberts2.civ@mail.mil
(jennifer.m.jones265.civ@mail.mil, sherita.m.roberts2.civ@mail.mil)
- Small Business Set-Aside
- N/A
- Description
- SOURCES SOUGHT ANNOUNCEMENT The Defense Information Systems Agency (DISA) is seeking sources for Public Key Infrastructure (PKI) and Common Service Provider (CSP) Engineering and Technical Support. CONTRACTING OFFICE ADDRESS: DISA, Defense Information Technology Contracting Office (DITCO) Scott PL8311, 2300 East Drive, Bldg 3600, Scott AFB, IL, 62225-5406 INTRODUCTION: This is a SOURCES SOUGHT NOTICE to determine the availability and technical capability of small businesses (including the following subsets: Small Disadvantaged Businesses, HUBZone Firms, Certified 8(a), Service-Disabled Veteran-Owned Small Businesses, and Woman Owned Small Business) to provide the required products and/or services. The Defense Information Systems Agency (DISA) Business Development Center - Infrastructure Development Directorate (BDC-ID) is seeking information for potential sources for Net-Centric Information Assurance (IA) and Identity Management capabilities for the Department of Defense (DoD) PKI and CSP Engineering and Technical Support. As PKI capabilities have expanded and become more ubiquitous, requirements for its security benefits and systems enhancements have increased in order to better meet the reliability and availability requirements of the DoD community. As a result, there is now an increased demand for high assurance operation of the DoD PKI systems, requiring the infrastructure to be modernized and secured against evolving threats. This contract will be responsible for the sustainment engineering of DoD PKI and CSP. This contract will provide sustainment engineering, technical support, design, and implementation support for CSP. This contract supports the PKI/CSP team in the sustainment of a secure enclave, enhanced PKI/CSP credentialing capabilities to warfighter, and strengthened DoD PKI/CSP's security posture to protect against critical threats to systems security. Red Hat products (Red Hat Directory Server, Red Hat Certificate System and Red Hat Enterprise Server) provide the fundamental basis for PKI/CSP certificate storage, retrieval and validation and are the core components of PKI/CSP system. This contract will also be responsible for the design, development, and deployment of DoD's derived credential solution for mobile devices. DISCLAIMER: THIS SOURCES SOUGHT IS FOR INFORMATIONAL PURPOSES ONLY. THIS IS NOT A REQUEST FOR PROPOSAL. IT DOES NOT CONSTITUTE A SOLICITATION AND SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT. RESPONSES IN ANY FORM ARE NOT OFFERS AND THE GOVERNMENT IS UNDER NO OBLIGATION TO AWARD A CONTRACT AS A RESULT OF THIS ANNOUNCEMENT. NO FUNDS ARE AVAILABLE TO PAY FOR PREPARATION OF RESPONSES TO THIS ANNOUNCEMENT. ANY INFORMATION SUBMITTED BY RESPONDENTS TO THIS TECHNICAL DESCRIPTION IS STRICTLY VOLUNTARY. CONTRACT/PROGRAM BACKGROUND: Contract Number: HC1028-15-F-0282 Contract Type: Firm Fixed Price Incumbent and their size: August Schell Enterprises, Inc. / Small Business under NAICS 541511 Method of previous acquisition: Sole Source via General Services Administration (GSA) The current contract includes support for PKI engineering activities for DoD PKI and CSP systems. The engineering activities include the design and development of new technical solutions for system security, system sustainability, credentials for mobile devices, and the issuance of end user credential capabilities. The current contract includes performance at Government sites and contractor facilities in the Washington, DC metropolitan area. REQUIRED CAPABILITIES: Please explain your experience and capabilities as related to the following topics: a)Designing, developing and testing modifications to the i) Red Hat Certificate System (RHCS) 8.x and 9.x products and ii) Red Hat Directory Server (RHDS) 7.x, 8.x, 9.x and 10.x products. b)Designing, developing, and testing i) host based web application firewalls; and ii) technical controls for implementing least privilege of Certificate Authority (CA) and Data Relationship Management (DRM) user and agent groups using Security Enhanced (SE) Linux and sudo. c)Supporting the migration of DoD and/or other federal agencies PKI to Rivest-Shamir-Adleman (RSA)/Secure Hash Algorithm 256 (SHA-256) signatures. d)Supporting the migration of DoD PKI from RHCS 8.x to RHCS 9.x and RHDS 9.x to RHDS 10.x. This task implicitly requires knowledge and experience with Red Hat Enterprise Linux (RHEL) 7.x. e)Configuring and deploying the following commercial software products: •RHEL 5.x, 6.x, and 7.x. •Red Hat Linux Directory Server 7.x, 8.x, 9.x and 10.x •Red Hat Linux Certificate System 7.x, 8.x, 9.x •Red Hat Satellite 6.x •MySQL (mariadb) and PostgreSQL configuration and deployment •Open Platform 2.0.1, Global Platform 2.1.1 and Global Platform 2.2.1, with clear understanding on SCP 01, 02, and 03. •Puppet •Hewlett Packard DL 380 and 580 server configuration (e.g. Unified Extensible Firmware Interface (UEFI) configuration, Redundant Array of Inexpensive disks (RAID) controller configuration) •Hardware Security Module configurations for Thales and Safenet net- Hardware Security Modules (HSMs) and PCI HSMs •Nagios configurations •Cisco and F5 network appliance configuration •Symantec Netbackup configuration •Java and Python development f)Designing, developing, and deploying PKI capabilities for DoD or other Federal Agencies in advancement of the U.S. Government's cybersecurity mission. SPECIAL REQUIREMENTS Must have Top Secret clearance. Must be ISO 9001 certified. SOURCES SOUGHT: The anticipated North American Industry Classification System Code (NAICS) for this requirement is 541511, with the corresponding size standard of $27.5 million. This Sources Sought Synopsis is requesting responses to the following criteria ONLY from small businesses that can provide the required services under the NAICS Code. To assist DISA in making a determination regarding the level of participation by small business in any subsequent procurement that may result from this Sources Sought, you are also encouraged to provide information regarding your plans to use joint venturing (JV) or partnering to meet each of the requirements areas contained herein. This includes responses from qualified and capable Small Businesses, Small Disadvantaged Businesses, Service Disabled-Veteran Owned Small Businesses, Women-owned Small Businesses, HUBZone Small Businesses, and 8(a) companies. You should provide information on how you would envision your company's areas of expertise and those of any proposed JV/partner would be combined to meet the specific requirements contained in this announcement. In order to make a determination for a small business set-aside, two or more qualified and capable small businesses must submit responses that demonstrate their qualifications. Responses must demonstrate the company's ability to perform in accordance with the Limitations on Subcontracting clause (FAR 52.219-14). SUBMISSION DETAILS: Responses should include: 1)Business name and address; 2)Name of company representative and their business title; 3)Type of Small Business; 4)Cage Code; 5)Contract vehicles that would be available to the Government for the procurement of the product and service, to include ENCORE II, General Service Administration (GSA), GSA MOBIS, NIH, NASA SEWP, Federal Supply Schedules (FSS), or any other Government Agency contract vehicle. (This information is for market research only and does not preclude your company from responding to this notice.) Vendors who wish to respond to should send responses via email NLT 4:00 PM Eastern Time (EDT) on May 5, 2016 to jennifer.m.jones265.civ@mail.mil and disa.meade.bd.mbx.bdl2@mail.mil. Interested businesses should submit a brief capabilities statement package (no more than five pages) demonstrating ability to perform the services listed in this Sources Sought Notice. Responses should reference "PKI and CSP Engineering and Technical Support." Proprietary information and trade secrets, if any, must be clearly marked on all materials. All information received that is marked Proprietary will be handled accordingly. Please be advised that all submissions become Government property and will not be returned. All government and contractor personal reviewing RFI responses will have signed non-disclosure agreements and understand their responsibility for proper use and protection from unauthorized disclosure of proprietary information as described 41 USC 423. The Government shall not be held liable for any damages incurred if proprietary information is not properly identified.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/spg/DISA/D4AD/DITCO/DISA_PKI_CSP/listing.html)
- Place of Performance
- Address: Washington, DC Metropolitan Area, Fort Meade, Maryland, 20755, United States
- Zip Code: 20755
- Zip Code: 20755
- Record
- SN04084291-W 20160416/160414234636-e0f2f74a2ac3dfcf56a5093332a30223 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |