Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF SEPTEMBER 06, 2008 FBO #2476
SOLICITATION NOTICE

D -- Computer Foreensic Software

Notice Date
9/4/2008
 
Notice Type
Modification/Amendment
 
NAICS
511210 — Software Publishers
 
Contracting Office
Department of the Air Force, Air Mobility Command, 6th Contracting Squadron, 2606 Brown Pelican Ave., MacDill AFB, Florida, 33621-5000, United States
 
ZIP Code
33621-5000
 
Solicitation Number
F2VUJ08185AC06
 
Response Due
9/5/2008 12:00:00 PM
 
Archive Date
9/20/2008
 
Point of Contact
Stephen M. Colton, Phone: 813-828-6570, Leyla L. Campbell,, Phone: 813-828-4018
 
E-Mail Address
stephen.colton@macdill.af.mil, leyla.campbell@macdill.af.mil
 
Small Business Set-Aside
Total Small Business
 
Description
The purpose of this ammendment is to add to and clarify the above information. Computer Forensic Software Solicitation Number: F2VUJ08185AC06 Below is a consolidated listing of vendor questions received on subject solicitation. Interpretive statements made within the questions should not be viewed as stated requirements. The government answers are identified with an asterisk and the full requirement is stated in the advertised solicitation. 1. In CLIN 6 you state "Provide all Hardware necessary." Is this exclusive of servers and infrastructure? Can you provide additional information so that we know what our hardware responsibilities are? ***Answer: The proposal must include all equipment necessary to make the system operational. 2. Can you confirm that the government is looking for a perpetual software license as opposed to a term license (time limited). ***Answer: The Govt. is looking for a perpetual software license & the solicitation is for one year with two option years. 3. With respect to the training, there are quite a range of options that impact cost. (govt will/will not provide the facility, govt will/willnot provide hardware, custom class at your site vs std class at one of our training centers, etc) Can we make the assumption that we need to provide a single dedicated class for (8) SOCOM people at or near MacDill. Does the training need to be delivered as part of the system implementation and prior to Oct 1? If you can let us know what is ideal for SOCOM it would be appreciated. *****Answer: The government requirement is for eight fully trained personnel. Proposal must meet the stated requirement; whether training is provided at a local facility or another facility outside the Tampa Bay area, all associated costs should be included in the proposal as stated in the solicitation. Note: Training can't begin before October 1, 2008 but must be completed within the first 2 weeks of October. 4. What is the selection criteria.best overall value? Please refeerence 52.212-2 ****Evaluation of Commercial Items within the solicitation. 5. Can you advise on the number of users /servers or IP addresses in the total scope of the SOCOM domain. ********Answer: Users are NTE 4500/network for two networks as identified in the requirement. 6. Can you provide the number of existing licenses (standalone vs enterprise) of software and the brand that SOCOM already owns. ********Answer: Encase by Guidance; 2 Enterprise licenses. Existing licenses will not be used. a. How many egress points to the internet does the two networks have each? *********Answer: With regard to to internet access points, this is Govt. sensitive information The requirement is to be able to perform identified functions for a global enterprise network. b. Are the 2 Enterprise licenses, two instances of the SAFE, one for each network? ********Answer: Yes. c. Do you have 8 examiners per network or 4 per network? ********Answer: The requirement is for 8 trained personnel; they work on both networks. d. How many concurrent connections does SOCOM currently own today? *********Answer: Three. e. Does SOCOM currently own any Encase mobile units? ***********Answer: No. 12. Can you advise on the available budget for the project? *********Answer: NO 13. What criteria are you going to use to determine which system will better meet your needs? Can you provide a test plan for pass/fail comparison between the software systems. ************Answer: This is a best value acquisition. Reference Question # 4. 14. When will you be able to send your people to training? *********Answer: Personnel will be scheduled for training based on mission requirements at time of identified class dates. 15. Will SOCOM allow time next week for a site survey where we can develop a rollout plan? **********Answer: There will be no site survey. If not, a) can you please provide a current hardware inventory list where XXXX can make sure that we provide the equivalent (or better) replacement hardware. **********Answer: Any proposal should address hardware requirements for the proposed system. The current tool implementation at USSOCOM requires no additional hardware. b) What is the current workstation configuration? Will SOCOM provide a gold disk of their desktop environment? Will SOCOM be willing to assist as needed in provisioning new network nodes? **********Answer: USSOCOM will not provide a copy of their desktop environment. The government expects to receive an off-the-shelf forensic tool which meets the requirements in the solicitation. c) Do we need to provide new CAC card readers? What are the parameters for this? *********Answer: No. d) Also, do we need to provide server racks or do you have rack space for new servers. What are the dimensions of the existing racks or will there be enough floor space to accommodate a new rack? **********Answer: No. e) Are there open KVM ports, how would you like to see the keyboards and monitors integrated? **********Answer: USSOCOM expects to be able to operate the tool from existing USSOCOM desk top systems. f) Do you want the systems integrated into an existing storage infrastructure? **********Answer: We currently use an existing storage infrastructure. We do not anticipate a need for unique integration support. If a proposed solution has integration requirements which exceed the skill set of the trained users, the vendor should price and provide recommended support. g) Is there sufficient power for parallel operations during transition? ************Answer: This answer addresses g-i. There will be no parallel operations. The current contract expires 30 Sep 08. h) Is there sufficient network connectivity for duplicative connections during transition? i) Do you have an extra port at each workstation for parallel connections during transition? j) What are the hours of operation and shipping instructions for hardware and is there a loading dock? ***********Answer: 0800 - 1700 and there is a loading dock. 16. Another option - would the government prefer that we offer a fixed amount of money to be allocated towards new hardware post award. The hardware can be ordered as needed up to the stated amount. XXXX would anticipate enough funding to cover most of the equipment, except for possibly a few incidentals. This would allow the government re-use of equipment that is still adequate and allow you to put funds towards more important items. ***********Answer: This will be a firm fixed price award, the proposal must include all equipment necessary to make the system operational. 17. The Description of Requirements references CJCSI 6510.01D, however this instruction was superseded by CJCSI 6510.01E on 15 August 2007. The "D" version was cancelled. Do you mean to reference the later version of the Instruction? **********Answer: Yes. 18. There are three major technology requirements in the section DESCRIPTION OF REQUIREMENTS: a. Intrusion and extrusion network inspection and action to be taken if there is a malicious or suspect packet b. Computer operating system and device inspection c. Forensic Analysis We believe that no one commercial solution today addresses all of these. Therefore we ask, a. Which of these areas is the highest level of priority? b. Is there one area that is more important than the other two? ***********Answer: Question 18 reflects a vendor restatement of the requirement in the solicitation. The current tool at USSOCOM addresses all requirements in the solicitation. 19. Scope a. There is no indication of the size of the system, nor of the number of monitoring points required in the solicitation. Specifically, Location *********Answer: Users are NTE 4500/network for two networks as identified in the requirement. The proposed tool must be able to perform identified functions for a global enterprise network. The requirement also states the tool must "rapidly and thoroughly investigate computer incidents occurring on any and all nodes within USSOCOM's network, regardless of physical or network location; must provide ability to review both unique closed networks and standalone systems." 1. How many buildings and locations? 2. Are all locations permanent? 3. Are there any temporary locations? 4. Are there any mobile locations? Networks 1. Which USSOCOM networks are in scope? a. NIPRNET? b. SIPRNET? c. JWICS? *********Answer: The requirement is for two networks. 20. How many network locations require a. Sub-1Gbps packet inspection b. 1Gbps-2.5Gbps packet inspection c. 2.5Gbps-5Gpbs packet inspection d. 5Gbps-10Gbps packet inspection e. 10+Gbps packet inspection *********Answer: Not a stated requirement. Forensics 1. There is a requirement for 1 terabyte of data analysis required. a. Is the storage system for this data presently installed, or will a new storage system be required? **********Answer: The requirement states "accommodate the analysis of terabytes of data based on multi-layered security (classifications)." We will use an existing storage system. b. If not, is there a preferred storage provider? Computers and Operating Systems 1. Device analysis - Is there a list, or types of devices the solution should detect and analyze? **********Answer: Windows, Linux, and Unix systems. 2. What computer operating systems manufacturers and versions are in scope of operating system analysis? ***********Answer: Windows, Linux, and Unix systems. 3. What data types from which program types should be inspected? *********Answer: All data types. 4. Will encrypted files and data be in the scope of analysis? If so, will the proposed analysis system need to have the encryption keys available to perform the analysis on the encrypted data, or will they be provided by the Government? ************Answer: No. Management 1. How many locations will require localized network appliance management? 2. Will enterprise management of each regional area be required? **********Answer: the tool will be used from USSOCOM to "rapidly and thoroughly investigate computer incidents occurring on any and all nodes within USSOCOM's network, regardless of physical or network location; must provide ability to review both unique closed networks and standalone systems."
 
Web Link
FedBizOpps Complete View
(https://www.fbo.gov/?s=opportunity&mode=form&id=54d36dbacdcbb7a701d135fb7520256c&tab=core&_cview=1)
 
Place of Performance
Address: Macdill AFB, Tampa, Florida, 33621, United States
Zip Code: 33621
 
Record
SN01659690-W 20080906/080904221628-54d36dbacdcbb7a701d135fb7520256c (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.