Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF DECEMBER 18, 2022 SAM #7691
SPECIAL NOTICE

70 -- Tenable Software Acquisition

Notice Date
12/16/2022 10:17:38 AM
 
Notice Type
Justification
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
FEDERAL STUDENT AID WASHINGTON DC 20002 USA
 
ZIP Code
20002
 
Solicitation Number
91003123Q0003
 
Archive Date
12/23/2022
 
Point of Contact
Linwood Cherry, Phone: 2023773187
 
E-Mail Address
linwood.cherry@ed.gov
(linwood.cherry@ed.gov)
 
Award Number
EDOFSA-23-000111
 
Award Date
12/22/2022
 
Description
SINGLE SOURCE DETERMINATION USING SIMPLIFIED ACQUISITION PROCEDURES (SAP) � FOR AN ACTION NOT EXCEEDING THE SIMPLIFIED ACQUISITION THRESHOLD �(AUTHORITY: FAR 13.106-1(b)(1)) EDOFSA-23-000111 Agency and contracting activity. Department of Education / Federal Student Aid Technology Office Description of supplies or services required to meet agency needs (including the estimated value). This is an individual justification for an Exception to Fair Opportunity (Brand Name Specific) for the acquisition of FSA�s Tenable Security and Nessus subscription and maintenance renewal. This acquisition will be a small business set-aside, competed among licensed small business resellers of those specific software licenses identified in the request for quote. Federal Student Aid requires this brand-name only renewal to provide on-prem continuous monitoring and vulnerability management. Tenable is a comprehensive enterprise vulnerability analysis solution that provides FSA with complete visibility into the security posture of the Next Gen Data Center. Period(s) of Performance ����������������������������������������� Cost (Estimated) 12/22/2022 thru 12/21/2023 (Base Year)������ ����� $47,421.16 12/22/2023 thru 12/21/2024 (OY1)��������������� ����� $49,792.22 12/22/2024 thru 12/21/2025 (OY2)��������������� ����� $52,281.83 �The contract type planned - provide the total estimated value including all options. This acquisition will result in the award of a firm fixed price contract. The total estimated value including all option years is $149,495,21. ����������� Identification of the single source or the brand name to be solicited. Software Manufacturer/Vendor: Tenable Software Product: Tenable.sc Console included with Tenable.sc Continuous View Licenses Type: Console Quantity:� 1 Manufacturer SKU: TSCCV-STNDC-MGS *No Charge* Software Product:� LCE FED Add-on for Tenable.sc+ Licenses Type: Plug-in Quantity:� 1 Manufacturer SKU: TSCCV-STNDC-MGS *No Charge* Software Product: Annual Maintenance for Tenable.sc Continuous View includes scanners, 1GB NNM Licenses Type: IP Quantity:� 4500 Manufacturer SKU: TSCCV-M-GS Product: Nessus Professional - On Premise - Annual License Type: Subscription Quantity: 1 Manufacturer SKU: GS-SERV-NES-R Supporting rationale. Only one source or brand name is reasonably available as detailed below: Brand Name � This brand name is essential to the requirement and market research indicates similar products do not meet or cannot be modified to meet agency needs. Tenable Nessus is one of the most comprehensive and widely deployed vulnerability assessment tools.� It is available as a software package for MS Windows Server, Linux, VM and Amazon EC2 appliance. Tenable has a wide variety of plugins which gives Nessus the ability to interface with any networked device and can easily be integrated with most major patch management systems (which gives administrators the ability to verify that updates are installing as they should be). Nessus can be deployed with endpoint agents which allow vulnerability scanning to occur offline and scanned results can be analyzed later.� This is critically important to organizations where not all assets may always be connected to the network. The endpoint agents also allow Nessus to perform malware scanning. Security policy creation on Nessus is uncomplicated, powerful, possesses the ability to scan all operating systems on the network in only a few clicks. No other tool within the market is compatible with FSA�s existing Tenable Security Center software proprietary source code and data. Tenable stands as the only on-prem vulnerability scanning and assessment tool that can map to the currently deployed Security Center. Since the Tenable Security Center is only powered through Tenable Nessus, replacing Tenable would jeopardize FSA�s network security posture as breaks in service would leave the agency susceptible to cyber-attacks, data breaches, and other malicious events. The required supplies or service must be compatible in all aspects (form, fit, and function) with existing systems or equipment and the source is uniquely qualified to meet the requirement. Tenable Nessus is already in the FSA environment.� It is a proven performer and works well with other major technologies in the FSA environment like IBM. Tenable Nessus is well designed, easy to use, comprehensive, and performs reliably on the FSA network.� This is one of the reasons Tenable is popular in addition to being robust and comprehensive. The deployed Security Center is a proprietary software product owned by Tenable. There are no other tools in the market that are compatible with this Security Center and can properly carry out the required vulnerability scanning to provide sensitive data discovery, vulnerability analysis, and assessment of FSA�s environment and IT security state. For FSA to use any tool other than Tenable it would require a complete replacement of FSA�s entire on-prem monitoring solution, as no other vendor can integrate with the existing toolset and security architecture. The estimated cost to perform a complete replacement is about $200K. A new platform would need to be developed and configured to satisfactorily emulate the currently fielded production applications that communicate with the Tenable brand name software.� Any brand other than Tenable will result in gaps in vulnerability service and ineffective security management. Without continuity of Tenable, FSA�s IT security posture and mission would be in an unacceptable risk state. Determination I hereby determine that the circumstances of this action deem only one source is reasonably available. This determination is accurate and complete to the best of my knowledge and belief. � �______________________________________ ________________ ����� Pamerah Marksman / Contracting Officer������������������ Date �
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/2ff541b2926e42969fa6671671736865/view)
 
Place of Performance
Address: Washington, DC 20202, USA
Zip Code: 20202
Country: USA
 
Record
SN06545581-F 20221218/221216230058 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.