Office of Acquisition and Grants, 1710 GWYNN OAK AVENUE, BALTIMORE, MD, 21207-5279

70 -- REMOTE COMPUTER ACCESS SECURITY DEVICES DUE 090898 POC JERRY BURTON, 410-965-9487 WEB: Download Solicitation when/if available, http://www.ssa.gov/oag. E-MAIL: Contracting Officer, SSA/OAG, JERRY.BURTON@ssa.gov. REMOTE COMPUTER ACCESS SECURITY DEVICES Sources Sought Synopsis The Social Security Administration (SSA) is interested in obtaining information from vendors who can provide Remote Access Security Enhancement capabilities for computer systems at SSA Headquarters in Baltimore, MD. The product must protect SSA's mainframe and local/wide area networks (LAN/WAN) from exploitation by users both inside and outside of SSA. SSA plans to pilot promising software possibly followed by rollout to several thousand machines. Vendors should provide information on products that meet the required capabilities and possess the preferred features as follows: Reguired Capabilities ? Must provide reliable authentication of remote access users( Describe how product accomplishes this). Must provide statistics on Type 1 and Type 2 errors. Product should be transparent to user and applications once authentication has taken place ? Must have the ability to integrate with existing remote LAN access processes and the standard software Version 4.2 or later of Attachmate Remote LAN Node (RLN). ? Must not be dependent on RLN for operation (in the event of future product change for remote access). ? Must run compatibly with SSA's production applications and system development facilities. SSA uses Token Ring, Windows NT, and Novelle Netware LAN/WANs as well as IBM MVS mainframes. ? Must be Year 2000 compliant. ? Must provide information on systems requirements for application software/hardware/operating system. ? Must have client interface that requires little or no training to use (Describe client interface). ? Must not appreciably affect performance of the current remote access process or the RLN software (Describe the extent and logistics of any expected performance degradation). Other Reguired Information ? Must describe implementation processes for host, client and remote computer including hardware, application software and recommended systems requirements. ? Must describe processes needed to maintain and control the operation. ? Mustdescribe how access rights are issued. Is the authority to grant access centralized or distributed? What is the time frame required for adding a new client? ? Must describe the restoration process after access lockout. ? Must provide information on any access override features for supervisors or designated parties to allow access to clients "locked out" (e.g., How are these controlled?). ? What is the expected systems life of all components required to operate the authentication system? ? Must provide monitoring and reporting of all remote access authentication events. Explain monitoring and reporting capabilities. ? Must describe how device prevents transference of access rights to unauthorized parties. Preferred Features ? Describe any encryption capabilities and the type and strength of encryption. ? SSA would have control of creation of any proposed access devices for individual users and the installation of any required hardware and software. ? Product would be implemented without requiring extra clientdatabase for auxiliary authentication method or telephone verification in case of lockout? References Provide contact names and telephone numbers for customers currently utilizing the suggested user authentication product. Vendor Response This is not a request for proposal and the Government does not intend to pay for information submitted. While receipt of responses will not be acknowledged, all information received will be used in SSA's assessment of capable sources when establishing a procurement plan. Capable vendors should forward the requested information to the above SSA address within 30 days after this publication date and refer to synopsis "Lan-Secure". Posted 08/05/98 (D-SN233100). (0217)

Loren Data Corp. http://www.ld.com (SYN# 0432 19980807\70-0011.SOL)