Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF FEBRUARY 20, 2022 SAM #7387
SOURCES SOUGHT

99 -- Public Key Infrastructure (PKI)--PKI Engineering, Modernization, Operations and Maintenance

Notice Date
2/18/2022 4:35:19 AM
 
Notice Type
Sources Sought
 
NAICS
541512 — Computer Systems Design Services
 
Contracting Office
IT CONTRACTING DIVISION - PL83 SCOTT AFB IL 622255406 USA
 
ZIP Code
622255406
 
Solicitation Number
832266534
 
Response Due
2/28/2022 12:00:00 PM
 
Point of Contact
Tara S. Simmons-Gulck, Phone: 334-819-3633, Kenric Phillips, Phone: 618-418-6736
 
E-Mail Address
tara.s.simmons-gulck.civ@mail.mil, kenric.l.phillips.civ@mail.mil
(tara.s.simmons-gulck.civ@mail.mil, kenric.l.phillips.civ@mail.mil)
 
Small Business Set-Aside
SBA Total Small Business Set-Aside (FAR 19.5)
 
Description
The Defense Information Systems Agency (DISA) is seeking sources for DISA�s Department of Defense (DoD) Public Key Infrastructure (PKI) Program Office, PKI Engineering, Modernization, Operations and Maintenance. CONTRACTING OFFICE ADDRESS:� DISA DITCO Scott PL8331 2300 East Drive Bldg 3600 Scott AFB, IL 62225-5406 INTRODUCTION: This is a SOURCES SOUGHT ANNOUNCEMENT to determine the availability and technical capability of small businesses (including the following subsets, Small Disadvantaged Businesses, Certified 8(a), Service-Disabled Veteran-Owned Small Businesses, HUBZone Small Businesses and Woman Owned Small Businesses) to provide the required products and/or services. The DISA DoD PKI Program Office is seeking information for potential sources to provide a modernization solution, transition to the modernized solution, along with continued engineering support and continued program management and sustainment support of the PKI program.� This will include operational monitoring and reporting support, multi-tiered support, training support, system integration/deployment support and risk management framework (RMF) support of DISA�s architecture.� The technical requirements to be executed under this acquisition are captured in the attached PWS excerpt. Anticipated Time Frame: 23 November 2022 � 22 Nov 2023 Base 23 November 2023 � 22 Nov 2024 Option Year 1 23 November 2024 � 22 Nov 2025 Option Year 2 23 November 2025 � 22 Nov 2026 Option Year 3 23 November 2026 � 22 Nov 2027 Option Year 4 Anticipated Place of Performance: Contractor facility as primary place of performance DISA Headquarters 6914 Cooper Ave Ft. Meade, MD 20755 PE/DECC at Oklahoma City, OK 8705 Industrial Blvd Oklahoma City, OK 73145 PE/DECC at Mechanicsburg, PA 5450 Carlisle Pike, Bldg. 308 Mechanicsburg, PA, 17050-241 DISCLAIMER: THIS SOURCES SOUGHT ANNOUNCEMENT IS FOR INFORMATIONAL PURPOSES ONLY. THIS IS NOT A REQUEST FOR PROPOSAL.� IT DOES NOT CONSTITUTE A SOLICITATION AND SHALL NOT BE CONSTRUED AS A COMMITMENT BY THE GOVERNMENT.� RESPONSES IN ANY FORM ARE NOT OFFERS AND THE GOVERNMENT IS UNDER NO OBLIGATION TO AWARD A CONTRACT AS A RESULT OF THIS ANNOUNCEMENT.� NO FUNDS ARE AVAILABLE TO PAY FOR PREPARATION OF RESPONSES TO THIS ANNOUNCEMENT.� ANY INFORMATION SUBMITTED BY RESPONDENTS TO THIS SOURCES SOUGHT ANNOUNCEMENT IS STRICTLY VOLUNTARY. CONTRACT/PROGRAM BACKGROUND: Contract Number: HC102818C0008 Contract Type: FFP, CPFF Incumbent and their size: X Technologies, Inc; Self Certified Small Disadvantaged Business Method of previous acquisition: Small business set aside Period of performance:� 22 January 2019 � 21 January 2023 Contract Number: GS00Q17GWD2157/HC102820F0021 Contract Type: FFP, CPFF Incumbent and their size: 3 Vesta; 8(a) Method of previous acquisition: 8(a) small business set aside Period of performance:� 5 December 2019 � 4 December 2023 The Department of Defense (DoD) Public Key Infrastructure (PKI) Portfolio is the mechanism for providing Public Key (PK) certificates that support mission critical DoD applications. PKI satisfies the DoD�s Information Assurance (IA) requirement for confidentiality and authentication of network transactions, identification and verification of data integrity, and non-repudiation of communications or transactions. Since 1998, the PKI program has evolved into an operational program consolidated under a single Program Management Office (PMO), which oversees the DoD-wide effort to identify, and PK enable applications to take advantage of the PKI security services by providing guidance and a capability for interoperability testing.� As PKI capabilities have expanded and become more ubiquitous, requirements for its security benefits and systems enhancements have increased to better meet the reliability and availability requirements of the DoD community. As a result, there is now an increased demand for high assurance operation of the DoD PKI systems, requiring the infrastructure to be modernized and secured against evolving threats.� REQUIRED CAPABILITIES: � The DoD PKI/E team supports an extremely broad yet technically detailed focus area. Our mission is to support DoD customers in using existing and emerging PKI capabilities. Occasionally, DoD PKI/E must evaluate hardware or software product integration within the PKI infrastructure in compliance with DoD PKI policies. Describe your experience deploying, configuring, testing, and/or using PKI infrastructure products (e.g., certificate authority software, database software, hardware security modules), stating specific products when possible. DoD PKE exists to support our customers; therefore, customer support and outreach are our top priorities.� Describe your experience supporting others in deploying systems to use an enterprise PKI, with a focus on techniques used during support (e.g., help desk, technical guides, on-site visits). DoD PKE provides engineering support through direct consultation to end users, system owners, system developers and help desk personnel for all issues concerning the use of PKI. The range of support is broad and could be a basic support question, such as �how to send an encrypted email�, or more complex, such as a request for on-site support to assist in the design of a security architecture to accept PKI credentials. Describe your experience configuring or testing the capabilities of Commercial Off the Shelf products (e.g., network devices, servers, desktops, mobile devices, etc.) to use the services of an enterprise PKI.� The DoD PKE team develops custom tools to support requirements relying parties have when using PKI.� Describe your experience implementing new capabilities through development activities, such as developing new support for other data source providers, developing new support for smartcards, implementing support for new cryptographic algorithms or PKI standards and/or developing new support for emerging web technologies. Describe your experience developing and maintaining DoD PKI and other Federal agency PKI tools and capabilities in support of enterprise requirements. These requirements include certificate authorities (CAs), online certificate status protocol, global directory services, hardware security modules and other PKI capabilities. Describe the operating systems used to build the CAs. Describe your experience in providing cloud consulting, cloud broker, cloud integration, IaaS,�other�Cloud Service Provider services, and security engineering expertise�necessary to�build, integrate,�transition,�and secure�the�customer�s portfolio�in a modernized solution that utilizes cloud, a hybrid cloud environment, or other solution. Also, describe your experiences in integrating and transitioning from a customer�s legacy environment to a new modernized cloud environment. ISO/IEC 27000 series provides models and standards to follow to keep information assets secure. The Capability Maturity Model Integration (CMMI) guide process improvements through a program�s initial level through the optimizing level.� Describe your organization�s current posture as it relates to this certification that ensures all information security system standards have been followed and that all projects have been vetted through the maturity level. SPECIAL REQUIREMENTS Must have Secret Facility Clearance.� Please provide your current Facility Clearance level. SOURCES SOUGHT: The North American Industry Classification System Code (NAICS) for this requirement is 541512 with the corresponding size standard of $30,000,000.� To assist DISA in making a determination regarding the level of participation by small business in any subsequent procurement that may result from this Sources Sought, you are also encouraged to provide information regarding your plans to use joint venturing (JV) or partnering.� Please outline how you would envision your company's areas of expertise and those of any proposed JV/partner would be combined to meet the specific requirements contained in this announcement. In order to make a determination for a small business set-aside, two or more qualified and capable small businesses must submit responses that demonstrate their qualifications.� Responses must demonstrate the company�s ability to perform in accordance with the Limitations on Subcontracting clause (FAR 52.219-14). � SUBMISSION DETAILS: Responses should include: 1. Business name and address; 2. Name of company representative and their business title; 3. Type of Small Business; 4. CAGE Code; 5. Your contract vehicles that would be available to the Government for the procurement of the product and/or service, to include ENCORE III, SETI, NIH, NASA SEWP, General Service Administration (GSA): OASIS, ALLIANT II, VETS, STARS II, Federal Supply Schedules (FSS) (including applicable SIN(s)), or any other Government Agency contract vehicle that allows for decentralized ordering.� (This information is for market research only and does not preclude your company from responding to this notice.) 6. Response to each of the 7 required capabilities Vendors who wish to respond to this should send responses via email NLT 3:00 PM Eastern Daylight Time (EDT) on February 28, 2022 to tara.s.simmons-gulck.civ@mail.mil and kenric.l.phillips.civ@mail.mil.� Interested businesses should submit a brief capabilities statement package addressing the specific questions (no more than seven pages) and demonstrating ability to perform the services listed under Required Capabilities.��� �� Proprietary information and trade secrets, if any, must be clearly marked on all materials.� All information received that is marked Proprietary will be handled accordingly.� Please be advised that all submissions become Government property and will not be returned.� All government and contractor personnel reviewing submitted responses will have signed non-disclosure agreements and understand their responsibility for proper use and protection from unauthorized disclosure of proprietary information as described 41 USC 423.� The Government shall not be held liable for any damages incurred if proprietary information is not properly identified.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/c936a3079e8441aa87580f1fd8f9dd94/view)
 
Place of Performance
Address: Fort George G Meade, MD 20755, USA
Zip Code: 20755
Country: USA
 
Record
SN06247695-F 20220220/220218230111 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.