D -- D-SERVICES -- ESTABLISH AND OPERATE SOFTWARE PATCH AND REVISION DISTRIBUTION CAPABILITY

Notice Date

February 16, 2001

Contracting Office

General Services Administration, Federal Technology Service (FTS), Office of Information Security (TI), 7th & D Streets, S.W., Room 5060, Washington, DC, 20407

ZIP Code

20407

E-Mail Address

Jon Faye (jon.faye@gsa.gov)

Description

REQUEST FOR INFORMATION REGARDING A SOFTWARE PATCH AND REVISION DISTRIBUTION CAPABILITY FOR FEDERAL CIVILIAN AGENCIES Description The General Services Administration (GSA), Federal Technology Service (FTS), Office of Information Assurance and Critical Infrastructure Protection (OIACIP) is requesting information (Technical Solutions) from qualified industry partners which would aid in defining the acquisition requirements, and identifying partners capable of providing commercially available services, materials and accessories supporting a future effort to establish and operate a software patch and revision distribution capability. These projected capabilities will simplify the dissemination of patches and revisions of operating system(s) software. Technology solutions must, at a minimum, include the capability to. Collect patches and revisions for operating systems in use by Federal civilian agencies and departments of the United States Government from the respective product vendors. Validate the authenticity and functionality of the patch or revision. Authenticate the patch/revision by use of a cryptographic checksum or other Federally approved form of digital signature. Distribute notices to Federal civilian agencies and/or departments announcing the availability of the patch/revision and an accompanying summary detailing the vulnerability the respective patch addresses and any prerequisites or special instructions for patch/revision installation. Employ a means to distribute the notices of availability according to the agency or department_s infrastructure requirements, avoiding distribution of notices to disinterested recipients. Establish a trusted repository from which the authenticated patch/revision may be obtained and receipt of which is verifiable, using the Federal PKI model for recipient identification and authentication. Partners_ technology solutions must be usable across government and consider the impact of the solution cost to both the largest and smallest agencies. New technology innovations will be considered based on cost effectiveness, scalability and overall value to the government. Available communications bandwidth may vary significantly from agency to agency and should be an important consideration. Additionally, qualified industry participants are requested to consider teaming arrangements that will include large, small, small disadvantaged and women-owned businesses. Please provide the requested information, along with pertinent capabilities statements via electronic mail to the e-mail address shown below. For additional information regarding this request for information, please contact David L. Jarrell, Director, Federal Computer Incident Response Center, Phone -(202) 708-5608, FAX -- (202) 708-5267, E-mail -- david.jarrell@gsa.gov

Web Link

Visit this URL for the latest information about this (/cgi-bin/WebObjects/EPS.woa/wa/SPF?A=S&P=Reference-Number-GSA-TFI-2001-024&L=246)

Record

Loren Data Corp. 20010221/SPMSC006.HTM (D-047 SN50D9A1)