SPECIAL NOTICE
D -- ESOC TRIPWIRE SECURITY LICENSE PURCHASE AND RENEWAL
- Notice Date
- 10/13/2021 7:06:44 AM
- Notice Type
- Justification
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- ACQUISITIONS - AQM MOMENTUM WASHINGTON DC 20520 USA
- ZIP Code
- 20520
- Solicitation Number
- 19AQMM21F4696
- Archive Date
- 11/12/2021
- Point of Contact
- Paul Virostek, Phone: 7035161560, Jenel Charles
- E-Mail Address
-
virostekp@state.gov, CharlesJA6@state.gov
(virostekp@state.gov, CharlesJA6@state.gov)
- Award Number
- NNG15SC71B
- Award Date
- 09/27/2021
- Description
- Identification of the agency and the contracting activity:� � The Office of Acquisition Management proposes to enter into a requisition on the basis of other than full and open competition for renewal of Tripwire licenses on behalf of the Bureau of Information Resource Management, Enterprise Server Operations Center (IRM/SIO/ESOC).� The total estimated cost is $XXX �� ����������� Nature and/or description of the action being approved. Description Qty VnE Manager Ev - Annual License - Renewal Term �VnE Manager For OpenNet & OpenNet DMZ monitoring (Unclassified Network) PoP: 9/29/2021 through 9/28/2022 1 VnE Manager Ev - Annual License - Renewal Term VnE Manager For ClassNet (Classified Network) PoP: 9/29/2021 through 9/28/2022 1 VnE Manager Ev Limited - Annual License - Renewal Term - Limited to 10,000 Ips VnE Manager For DEVNet environment. The lowest tier is 10,000. This VnE does have a Device Profiler embedded PoP: 9/29/2021 through 9/28/2022 1 Device Profiler Ev - Annual License - Renewal Term Device Profiler For OpenNet monitoring. No limit on IP subscriptions. DP's can scan up to 10,000 IP's in a weekly period PoP: 9/29/2021 through 9/28/2022 1 Device Profiler Ev - Annual License - Renewal Term Device Profiler For ClassNet monitoring. No limit on IP subscriptions. DP's can scan up to 10,000 IP's in a weekly period PoP: 9/29/2021 through 9/28/2022 1 Device Profiler Ev Limited - Annual License - Renewal Term - Limited to 500 Ips Device Profiler For OpenNet DMZ monitoring PoP: 9/29/2021 through 9/28/2022 1 Tripwire Enterprise Console - Enterprise Support Renewal For ClassNet PoP: 9/29/2021 through 9/28/2022 1 Tripwire Enterprise Console - Enterprise Support Renewal For OpenNet and OpenNet DMZ PoP: 9/29/2021 through 9/28/20221 1 Tripwire Enterprise Console - Enterprise Support Renewal For DEVNet PoP: 9/29/2021 through 9/28/2022 1 Tripwire Enterprise for File Systems - Enterprise Support Renewal - Enterprise Agent for OpenNet DMZ PoP: 9/29/2021 through 9/28/2022 150 Tripwire Enterprise for File Systems - Enterprise Support Renewal Enterprise Agent for ClassNet PoP: 9/29/2021 through 9/28/2022 501 Tripwire Enterprise for File Systems - Enterprise Support Renewal Enterprise Agent for ClassNet PoP: 9/29/2021 through 9/28/2022 150 Tripwire Enterprise for File Systems - Enterprise Support Renewal Enterprise Agent for DEVNet PoP: 9/29/2021 through 9/28/2022 4 Tripwire Enterprise for File Systems - Enterprise Support Renewal 50 Enterprise Agent for ClassNet and 46 Agent for DEVNet. Addt�l licenses included for volume discounts PoP: 9/29/2021 through 9/28/2022 101 Tripwire for Directory Services - Enterprise Support Renewal Monitor the Activ e Directory application. For ClassNet PoP: 9/29/2021 through 9/28/2022 1 Tripwire for Directory Services - Enterprise Support Renewal Monitor the Active Directory application. For OpenNet PoP: 9/29/2021 through 9/28/2022 1 Tripwire for Directory Services - Enterprise Support Renewal Monitor the Active Directory application. For DEVNet PoP: 9/29/2021 through 9/28/2022 1 Tripwire Enterprise for Network Devices - Enterprise Support Renewal (Routers, Switches, etc) - Agentless to monitor the Network devices. For ClassNet PoP: 9/29/2021 through 9/28/2022 120 Tripwire Enterprise for Network Devices - Enterprise Support Renewal (Routers, Switches, etc) - Agentless to monitor the Network devices. For OpenNet and OpenNet DMZ PoP: 9/29/2021 through 9/28/2022 251 Tripwire Enterprise for Network Devices - Enterprise Support Renewal (Routers, Switches, etc) - Agentless to monitor the Network devices. For DEVNet PoP: 9/29/2021 through 9/28/2022 5 Tripwire Enterprise for VMware ESX - Enterprise Support Renewal (Agentless to monitor all the ESX hosts). For OpenNet PoP: 9/29/2021 through 9/28/2022 620 Tripwire Enterprise for VMware ESX - Enterprise Support Renewal (Agentless to monitor all the ESX hosts). 80 for OpenNet and 40 for ClassNet. PoP: 9/29/2021 through 9/28/2022 160 Tripwire Enterprise for VMware ESX - Enterprise Support Renewal (Agentless to monitor all the ESX hosts). 80 for OpenNet and 40 for ClassNet. PoP: 9/29/2021 through 9/28/2022 120 Tripwire Enterprise for VMware ESX - Enterprise Support Renewal (Agentless to monitor all the ESX hosts). For DEVNet PoP: 9/29/2021 through 9/28/2022 4 Tripwire for Databases - Enterprise Support Renewal For DevNet. Lab License PoP: 9/29/2021 through 9/28/2022 1 Tripwire Connect Local - Enterprise Support Renewal (Up to 1GB per day PoP: 9/29/2021 through 9/28/2022 2 Tripwire App - Dynamic Software Reconciliation - Utility & Implementation - Enterprise Support Renewal For OpenNet and ClassNet PoP: 9/29/2021 through 9/28/2022 2 Tripwire Log Center Advanced Log Collector - Enterprise Support Renewal TLC Windows Agent. Includes 80 for OpenNet DMZ, 46 for DEVNet, and 300 for ClassNet PoP: 9/29/2021 through 9/28/2022 426 Tripwire Log Center Advanced Log Collector - Enterprise Support Renewal TLC Windows Agent. For OpenNet and OpenNet DMZ PoP: 9/29/2021 through 9/28/2022 620 Tripwire Log Center Advanced Log Collector - Enterprise Support Renewal TLC Windows Agent. For DEVNet PoP: 9/29/2021 through 9/28/2022 4 Tripwire Log Center Manager 10000 EPS - Enterprise Support Renewal For OpenNet and OpenNet DMZ PoP: 9/29/2021 through 9/28/2022 1 Tripwire Log Center Manager 500 EPS - Enterprise Support Renewal For ClassNet PoP: 9/29/2021 through 9/28/2022 1 Tripwire Log Center Manager 500 EPS - Enterprise Support Renewal For DEVNet PoP: 9/29/2021 through 9/28/2022 1 IP360 - Enterprise Support Renewal for DEVNet monitoring. PoP: 9/29/2021 through 9/28/2022 40 IP360 Federal - Enterprise Support Renewal 1,001 IP's for ClassNet monitoring. PoP: 9/29/2021 through 9/28/2022 1001 IP360 Federal - Enterprise Support Renewal 1,000 IP's for OpenNet and OpenNet DMZ monitoring. PoP: 9/29/2021 through 9/28/2022 1000 IP360 - Enterprise Support Renewal 10 IP�s for DEVNet PoP: 9/29/2021 through 9/28/2022 10 ����������� ����������� Based on the specifications for use of Tripwire licenses within the Enterprise Server Operations Center, IRM Systems & Integration Office (IRM/OPS/SIO) is seeking the approval of the purchase of Tripwire license renewals to enable enhanced security protections and operation of the data centers.����� ����������� This is a Brand Name buy, any qualified reseller can bid.�� ����������� 3.� ������ A description of the supplies or services required to meet the Department�s needs. ����������� ����������������������������������������������������������������������������������� ����������� Tripwire solutions will allow the continued secure operation and support of mission critical ESOC infrastructure components hosted in geographically dispersed multiple data centers. Tripwire Enterprise suite license renewals will enable ESOC systems to continue to operate in Department production networks in accordance with Authorization to operate (ATO) granted by CIO office. These Tripwire products will remediate several Technical and Operational security controls findings for the ESOC Storage and Virtual Infrastructure (VI) components. It is necessary and instrumental to purchase Tripwire because it is the best solution that performs File integrity monitoring, Malware detection, Centralized Log management, detection of unauthorized systems changes in real-time, Vulnerability management, and IT Asset discovery while maintaining required FISMA compliance based on NIST Risk Management Framework.� ����������� Tripwire Enterprise Solutions (TES) provides an integrated approach to collect and analyze system state intelligence to protect against both external and insider threats.� TES discovers all assets on the network (including virtual assets), profiles them, and collects highly detailed system state information, including configurations, vulnerabilities, and logs.� The most critical function provided by the solution, with respect to our needs, is a cataloged baseline of our systems state, change monitoring, including file integrity monitoring and alerting on security violations or potential breaches in progress.���� ����������� 4.� ������ Authority permitting a Fair Opportunity Exception and the supporting rationale. This acquisition is conducted pursuant to 41 U.S.C. 4103 and 4106 as implemented by FAR 16.505(b)(2) and substantiated by the following:� ����������� ? FAR 16.505(a)(4) � The agency need for procuring items peculiar to one manufacturer.� ����������� Tripwire owns these licenses and only Tripwire can authorize their use. Tripwire is a proven product and meets the requirements of the Department; no other product is available and can meet these requirements. ����������� 5.� ������ A determination by the Contracting Officer that the anticipated cost to the Government will be fair and reasonable.� ����������� When specifying this solution, interoperability and feature parity is imperative: Tripwire solutions are already deployed, tested and working satisfactorily within the data centers.� �� �������� Impact if not approved/discontinued:� Without purchase, or purchase of different company�s product, there will be uncertainties in implementation, lack of compatibility and gaps in coverage and protection of the data centers.� This will place at risk the department�s ability to accomplish its missions relating to IT security compliance.��� ����������� Procurement of substitute products would invalidate warranties, and greatly increase risk of incompatibility, and result in further costs in software, training, environment expansion and ongoing maintenance. 6. ������� �Any other facts supporting the justification. ��� ����������� Yes. Thorough Market Research Analysis has been done prior to the acquisition of Tripwire suite of solutions. � ����������������������� LINK Leveraging industry-standard market analysis report, ESOC Security team has done in-depth comparative analysis on vendor solutions that provide capabilities to identify, categorize, and manage vulnerabilities in our ESOC IT infrastructure components. Solutions from Tenable (Nessus), Rapid7 (Nexpose), and Tripwire (IP360) were analyzed using various decision-making factors that include vulnerability signature quality and coverage, assessment methods, reporting metrics, secure configuration assessment, ease of deployment, and ease of integration using standard APIs and tools. In addition, vendor service and support criteria were evaluated based on Timeliness of vendor response and quality of technical support. Outcome of Market Research: All three vendor solutions offered comparable product capabilities with overall capability score around 4.3. Due to the fact the department has already deployed Enterprise license for Nexpose (from Rapid7) and Nessus (from Tenable) as part of the Continuous Diagnostic and Monitoring (CDM) solution at the enterprise level accessed through iPost dashboard, ESOC has narrowed down to Tripwire IP360 Vulnerability Management solution to have full visibility and customization capabilities to monitor and manage ESOC infrastructure components, especially Virtualized Infrastructure (VI). Analysis Report on Tripwire Log Center: LINK Leveraging industry-standard market analysis report, ESOC Security team has done in-depth comparative analysis on vendor solutions that provide Security Information and Event Management (SIEM) capabilities to analyze event data in real time for early detection of targeted attacks and data breaches. Solutions from Splunk and LogRhythm were used in comparative analysis using various categories that include service and support criteria, ease of integration and deployment, and analytic capabilities. Outcome of Market Research: All three vendor solutions offered comparable product capabilities with overall capability score around 4.3. Due to the fact the department has already deployed Enterprise license for Splunk as part of the Continuous Diagnostic and Monitoring (CDM) solution at the enterprise level accessed through iPost dashboard, ESOC has narrowed down to Tripwire Log Center solution to have full visibility and customization capabilities to monitor and manage ESOC infrastructure components, especially Virtualized Infrastructure (VI). Analysis Report on Tripwire Enterprise LINK Leveraging industry-standard market analysis report, ESOC Security team has done in-depth comparative analysis on vendor solutions that provide Change management, security configuration assessment, and policy management. Solutions from Microsoft (Microsoft Identify Manager) and Venafi (TLS Protect) were used in comparative analysis using various categories that include service and support criteria, ease of integration and deployment, and analytic capabilities. Outcome of Market Research: All three vendor solutions offered comparable product capabilities with overall capability score around 4.3. ESOC has narrowed down to Tripwire Enterprise solution to have full visibility and customization capabilities to monitor and manage ESOC infrastructure components, especially Virtualized Infrastructure (VI). 7.� ������ Actions the agency may take to remove or overcome any barriers to Increase Fair Opportunity before any subsequent acquisitions for the supplies or services is made.� IRM/SIO/ESOC keeps current with regard to new and emerging tools by reviewing technical publications and checking vendors� web sites. Therefore, if and when a product or products become available that is/are comparable or superior to Tripwire, then IRM/SIO/ESOC will perform a technical assessment, including a benefit/cost analysis, to determine whether to retain this product or to transition to a new, more cost-efficient product.�
- Web Link
-
SAM.gov Permalink
(https://beta.sam.gov/opp/92903d3a73f64ef7b2ae7561efb73869/view)
- Place of Performance
- Address: Washington, DC 20520, USA
- Zip Code: 20520
- Country: USA
- Zip Code: 20520
- Record
- SN06156486-F 20211015/211013230109 (samdaily.us)
- Source
-
SAM.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's SAM Daily Index Page |