National Institute of Standards & Technology, Acquisition & Assistance Div., Bldg. 301, Rm B117, Gaithersburg, MD 20899

70 -- PREPACKED SOFTWARE SOL 53SBNB860052 DUE 051898 POC Contract Specialist, Anita Tolliver, (301) 975-6308, Fax (301) 963-7732; Contracting Officer, Lisa Jandovitz, (301) 975-6344 WEB: NIST Contracts Homepage, http://www.nist.gov/admin/od/contract/contract.htm. E-MAIL: NIST Contracts Office, Contract@nist.gov. The National Institute of Standards and Technology (NIST) has a requirement to purchase two stateful inspection FireWalls, one for the NIST Gaithersburg campus and one for the NIST Boulder campus, including software for two standby systems in order to provide cold standby FireWalls at each campus. The requirement is for a base period of twelve months plus four option periods of twelve months each as follows (Quantities are one each except where noted): Base Period-CLIN 0001, Check Point FireWall-1 Enterprise Encryption Center DES Unlimited User License; CLIN 0002, Check Point FireWall-1 Enterprise Encryption Center 12-Month Software Maintenance; CLIN 0003, Check Point FireWall-1 FireWall Module Unlimited User License; CLIN 0004, Check Point FireWall-1 FireWall Module Unlimited 12-Month Software Maintenance; CLIN 0005, Check Point FireWall-1 FireWall DES Encryption Module (includes FWZ1); CLIN 0006, Check Point FireWall-1 FireWall DES Encryption Module 12-Month Software Maintenance; CLIN 0007, Qty. two each, Check Point FireWall-1 FireWall Module Unlimited User License (For a standby FireWall); CLIN 0008, Qty. two each, Check Point FireWall-1 FireWall Module Unlimited 12-Month Software Maintenance (For a standby FireWall); CLIN 0009, Qty. two each, Check Point FireWall-1 FireWall DES Encryption Module (includes FWZ1) (For a standby FireWall); CLIN 0010, Qty. two each, Check Point FireWall-1 FireWall DES Encryption Module 12-Month Software Maintenance (For a standby FireWall); CLIN 0011, NT-Based security console for management of up to ten third-party security enforcement points: routers or Cisco's PIX FireWall. NOTE: At no additional charge to NIST, the NT version of this item shall be exchanged for a SUN Solaris version within six months from date of award; CLIN 0012, Maintenance for 12 Months for Security Console; CLIN 0013, Qty. two each for one year, Check Point FireWall-1 Help Desk, Monday through Friday, 8:00 a.m. to 5:00 p.m. Eastern Standard Time (EST) and Central Standard Time (CST). The help deskshall be provided by a Premier Partner within Check Point's reseller program (the highest level of designation, indicating extensive technical competence on Check Point's products); CLIN 0014, SecureVIEW Reporting Tool for FireWall-1 Log Analysis; CLIN 0015, SecureVIEW 12-Month Software Maintenance; CLIN 0016, SecureVIEW Reporting Tool for FireWall Module Log Analysis; CLIN 0017, SecureVIEW 12-Month Software Maintenance; CLIN 0018, Qty. four each (persons), Check Point FireWall-1 Certified Check Point Security Administrator Two-Day Training Per Student; CLIN 0019, Qty. four each (persons), Check Point FireWall-1 Certified Check Point Security Engineer Two-Day Advanced Training Per Student; CLIN 0020, Qty. four each (persons), Check Point Beyond the FireWall One-Day Training (Identifying Security Vulnerabilities). For CLINs 0018-0020, the training shall be held at an authorized training center within the D.C. Metropolitan Washington Area only. The training sessions may be used up to one year from the date of award and will not be held consecutively. CLIN 0021, Qty. 5,000 each, SecuRemote Client Encryption product for Microsoft Windows 95 and Windows NT. For option periods one through four, the offer shall provide pricing for 12-month maintenance coverage for each of the following CLINs for each option period (quantity is one each unless otherwise noted): CLIN 0001, Check Point FireWall-1 Enterprise Encryption Center Software; CLIN 0002, Qty. two each, Check Point FireWall-1 FireWall Module Unlimited Software (One is for standby FireWall); CLIN 0003, Qty. two each, Check Point FireWall-1 FireWall DES Encryption Module Software (One is for standby FireWall); CLIN 0004, Security Console; CLIN 0005, Qty. two each, Check Point FireWall-1 Help Desk, Monday-Friday, 8 a.m. -- 5 p.m. EST and CST; and CLIN 0006, Qty. two each, SECUREVIEW Software. The software above has been identified by a "brand name or equal" description, which is intended to be descriptive, but not restrictive, and to indicate the quality and characteristics of items considered satisfactory to meet the Government's minimum requirement. Offerors may quote an equal product that will be considered, but the product shall meet the following minimum needs of the Government: 1. The FireWall shall be a Solaris Unix stateful inspection; 2. The FireWall shall operate primarily on the kernel level, between network layers 2 and 3, which enables network traffic to be processed rapidly; 3. The FireWall shall perform at T3 speeds; 4. The FireWall shall support TCP, UDP, and ICMP protocols; 5. The FireWall shall support the defacto encryption standard for interoperability among FireWalls known as manual IPSEC in its support of virtual private networks (VPN); 6. The FireWall shall support SafeWord AS through its support of radius; 7. The FireWall shall block well known viruses and malicious Java and ActiveX applets through support of Content Vectoring Protocol (CVP). This shall allow the FireWall to redirect ftp, mail, and web traffic to a content security system prior to delivery to the destination system. NIST initially will require the capability to scan for viruses and may in the future have a requirement for Java and ActiveX screening; 8. The FireWall product shall have been evaluated by an organization such as NSA; 9. The FireWall shall be certified by a third-party organization such as the National Computer Security Association (NCSA) now called the International Computer Security Association (ICSA); 10. The FireWall management station shall be capable of managing multiple FireWalls and to centrally manage routers and switches within the protected network. This feature shall be NT-based and transferrable to Sun Solaris within six months from date of award; 11. The FireWall shall extend the VPN to the desktop and laptop by providing client-to-FireWall encryption. This capability shall enable remote users to connect to a protected network through an encrypted VPN, therefore, creating a private connection between the remote desktop and a protected network; 12. The FireWall shall support DES and an exportable encryption scheme. 13. The FireWall shall support over 100 pre-defined applications, services and protocols including secure Web Browsers, mail, FTP, Telnet, RPC, X11, "R" commands, UDP, ICMP, Oracle SQL*Net, Sybase, multimedia applications such as Real Audio, VDOLive, and PointCast. The FireWall shall be an open architecture that is extensible to new and custom applications; 14. The FireWall shall be compatible with Public-Key technology within one year from date of award; 15. The FireWall shall have logging capabilities including tracking of every communication attempt, tracking of active connections, and the ability to issue a security alert; 16. The log files shall be converted into management reports including detailed performance statistics; 17. Reports shall be provided such as bandwidth utilization statistics, associate cost accounting, and identification of Internet use patterns; 18. Reports shall be provided in both graphic and tabular output; and shall be capable of being provided by time period, organization, location, and service; 19. Training requirements are as follows: Training in FireWall configuration, implementation, and administration including operations and architecture, installation, log analysis, NetWork Address Translation, integrating multiple authentication methods, and content security management for URL, Java, anti-virus, e-mail, and ftp screening. Advanced FireWall topics including remote management, encryption and virtual private networking, SNMP, router management, load balancing and FireWall synchronization, customized services, and desk-top software implementation. Network security implementation pitfalls and real-world case studies including hacker methodologies and techniques, security scanning, and monitoring tools; 20. The training shall be held at an authorized training center within the D.C. Metropolitan Washington Area only. 21. The FireWall shall be able to integrate with Tivoli Enterprise Console and Tivoli Distributed Monitoring products to ensure the automated detection and reporting of security events from the FireWall. The quote for an equal item shall also include pricing for option periods one through four. Delivery shall be FOB destination to NIST in Gaithersburg, Maryland within 60 days after award. NIST does not require installation. Maintenance and support shall be provided to both NIST in Gaithersburg, Maryland and NIST in Boulder, Colorado. This acquisition is 100% set-aside for small business and the applicable Standard Industrial Classification Code is 7389 with a size standard of $5 million. THIS IS A COMBINED SYNOPSIS/SOLICITATION FOR COMMERCIAL ITEMS PREPARED IN ACCORDANCE WITH THE FORMAT IN FEDERAL ACQUISITION REGULATION SUBPART 12.6. THIS ANNOUNCEMENT CONSTITUTES THE ONLY SOLICITATION, QUOTATIONS ARE BEING REQUESTED AND A WRITTEN SOLICITATION WILL NOT BE ISSUED. THIS ACTION IS BEING ISSUED USING SIMPLIFIED ACQUISITION PROCEDURES UNDER THE AUTHORITY OF THE TEST PROGRAM FOR CERTAIN COMMERCIAL ITEMS. Solicitation 53SBNB860052 is issued as a request for quotations (RFQ). In accordance with the provision at FAR 52.212-2, (a) the Government will award a purchase order resulting from this solicitation to the responsible offeror whose offer conforming to the solicitation will be most advantageous to the Government, price and other factors considered. The following factors shall be used to evaluate offers: (I) Technical capability of the items offered to meet the Government requirements and (ii) Past Performance. The quotation shall list the manufacturer or brand name of the items to be furnished and shall also include product literature or other documentation that shall show that the offered items meet or exceed the Government's minimum requirements as specified above. For past performance, the quotation shall also include three references of recent customers of which the FireWall that meets the Government's minimum requirements is installed and operational. Please provide addresses and telephone numbers of the contacts from these sources. The evaluation factors listed above are significantly more important than price. (b) Options: The Government will evaluate offers for award purposes by adding the total price for all options to the total price for the basic requirement. The Government may determine that an offer is unacceptable if the option prices are significantly unbalanced. Evaluation of options shall not obligate the Government to exercise the option(s). Award will be made on an all-or-none basis. The clauses at FAR 52.212-1, Instructions to Offerors -- Commercial Items and 52.212-4, Contract Terms and Conditions -- Commercial Items, applies to this acquisition. Also, the clause at 52.212-5, Contract Terms & Conditions Required to Implement Statutes or Executive Orders -- Commercial Items, applies to this acquisition, including subparagraphs (1) 52.203-6; (3) 52.219-8; (6) 52.222-26; (7) 52.222-35;(8) 52.222-36; (9) 52.222-37; (10) 52.225-3; (15)(I) 52.225-21; 52.217-8; 52-217-9, Government may extend the term ofthis contract by written notice to the Contractor within 30 days; and DOC AGENCY-LEVEL PROTEST PROCEDURES LEVEL ABOVE THE CONTRACTING OFFICER, which is available in full text at http://www.nist.gov/admin/od/contract/protest.htm. The full text for the above FAR clauses are available at http://www.arnet.gov/far/. The solicitation document and incorporated provisions are those in effect through Federal Acquisition Circular 97-04. Offers are due by 11:00 a.m. Eastern Standard Time on May 18, 1998 and must include a copy of the provisions at 52.212-3, Offeror Representations and Certifications -- Commercial Items, which may also be downloaded from the NIST external web page at ttp://www.nist.gov/admin/od/contract/repcert.htm. Offers shall be sent to the National Institute of Standards and Technology, Acquisition and Assistance Division, Reference Solicitation #53SBNB860052, Bldg. 301, Rm . B117, Gaithersburg, MD 20899-0001. Faxed offers will not be accepted. For information, call the POC identified above. See Numbered Note 1 (0126)

Loren Data Corp. http://www.ld.com (SYN# 0298 19980508\70-0008.SOL)