Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF FEBRUARY 11, 2010 FBO #3001
SOURCES SOUGHT

D -- SECURITY RISK INFORMATION REPOSITORY

Notice Date
2/9/2010
 
Notice Type
Sources Sought
 
NAICS
541511 — Custom Computer Programming Services
 
Contracting Office
NASA/John F. Kennedy Space Center, Procurement, Kennedy Space Center, FL 32899
 
ZIP Code
32899
 
Solicitation Number
OP-OS-BCD-RFI10RISK
 
Response Due
2/23/2010
 
Archive Date
2/9/2011
 
Point of Contact
Beverly C Davis, Contract Specialist, Phone 321-867-3399, Fax 321-867-1188, Email beverly.davis@nasa.gov - Beverly C Davis, Contract Specialist, Phone 321-867-3399, Fax 321-867-1188, Email beverly.davis@nasa.gov
 
E-Mail Address
Beverly C Davis
(beverly.davis@nasa.gov)
 
Small Business Set-Aside
N/A
 
Description
This Request for Information (RFI) is issued for INFORMATIONAL AND PLANNINGPURPOSES and is not to be construed as a commitment by the Government nor will theGovernment pay for information solicited. Respondents will not be notified of theresults of this request. **NO SOLICITATION EXISTS; THEREFORE, DO NOT REQUEST A COPY OF ASOLICITATION**. If a solicitation is released it will be synopsized on the FederalBusiness Opportunities Web Page and on the NASA Acquisition Internet Service. NASA Kennedy Space Center (KSC) is soliciting information for potential sources toprovide the Agency with a centralized repository for all information security risk andcompliance related information. The following are the management requirements and goalsfor the repository and continuous monitoring capability, required to support anEnterprise Agency wide system. These broad requirements are representative of therequirements to cover multiple operating systems, and discuss the architecture that isrequired. This list is not all-inclusive. The product shall: support commercial off the shelf hardware and software; use commercialoff the shelf operating system and databases; be capable of utilizing a single backenddatabase server in the case of multiple servers are required for a single site;be capable of utilizing Storage Area Network (SAN) architecture for database storage; becapable of splitting out server functions to dedicated servers. (for server loadingpurposes, example web server, database server, report server, analysis server); allow forusage with multiple O/S workstations (Windows, Linux, Mac) and browsers; integrate withan Enterprise wide authentication or naming infrastructure; be able to pre-populate NIST800-53 controls via other data sources and populate the SSP following NIST 800-18 andNASA formats; provide capability for encrypted network traffic inbound and outbound toand from server; support a minimum of 500 concurrent users; shall be exportable to CSV,XLS, & PDF formats as well as importing for incorporation into database tables as aminimum; be compatible with anti-virus definition files updates for Symantec, McAfee, andTranscend as a minimum; be able to import results from multiple formats and support dataimport from other plans; able to integrate with multiple database formats; FIPS 140-2compliant; support the ability to enter/track/review multiple versions/iterations ofassessments such as risk assessments, contingency testing, continuous monitoring, etc;allow the capability for subsystems (applications) to inherit implementation detail andtest results from the hosting system.The purpose of this requirement is to provide NASA KSC with potential, interested,competitive sources for an effective centralized repository for information security riskand compliance related information. INSTRUCTIONS: Firms having the required specialized capabilities in part or in all of theabove requirements should submit a capability statement of a **no more than two pages**documenting their ability and past experience in performing similar efforts as describedabove. All pages after page two of response will NOT be reviewed. Vendors are requestedto include the following: name and address of firm; synopsis of relevant work performedin the past five years, point of contact address and phone number, business size,NAICS/CAGE code. All responses will be forwarded to the technical team for review ofcapabilities. Contact Beverly Davis at John F. Kennedy Space Center, FL via email onlyto: Beverly.Davis@nasa.gov no later than 23 FEB 09.Reference SECURITY RISK REPOSITORY SOURCES in any response.The Government reserves the right to consider a small business or 8(a) set-aside based onresponses hereto. Any referenced notes may be viewed at the following URLs linked below.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/NASA/KSC/OPDC20220/OP-OS-BCD-RFI10RISK/listing.html)
 
Record
SN02061974-W 20100211/100209235314-990657c3452b9b6679486ed9d844139f (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.