FBO Notice Date 04/19/18
BIDS Reference Number 127
Document Type: Presolicitation
Other Defense Agencies, USCYBERCOM, USCYBERCOM Contracting, 20755
99 -- Guard Farm Support Services SOL HB0001-18-R-0009 DUE 051018 POC Robert Sheehan, Phone 4108543914, Email email@example.com. Purpose
The RFI is issued to seek feedback on a Statement of Work (SOW)for an interested party to support the multiple input/out USCYBERCOM Cross Domain Solution (CDS) Guard Farm. This is a Request for Information (RFI) only. Thisis not a Request for Proposals (RFP). No solicitation is available at this time.
This RFI is requesting information from both large and small businesses, including the following subsets: Small Disadvantaged Businesses (SDBs), Historically Underutilized Business Zones (HUBZone) Firms, Certified 8(a), Serviced-Disabled Veteran-Owned Small Businesses (SDVOSBs) and Women Owned Small Businesses (WOSBs).
USCYBERCOM intends to use the information gathered from the submission to determine interested parties, refine the SOW requirements, and develop an acquisition strategy. Early industry involvement is critical to the success of this contemplated acquisition while providing the USCYBERCOM operators with superior and cost-effective services.
Through the responses provided, the Government intends to obtain the following information:
a. Industry's capabilities to meet the acquisition and technical characteristics described in Section 3.
b. Industry input and suggestions on requirements, acquisition, and management approaches in a way that would maximize innovative approaches and solutions, while minimizing cost and improving schedule.
c. Feedback on refining and improving the proposed acquisition and technical characteristics.
d. Acquisition recommendations, including contract type, contract structure, strategies to maximize competition and strategies to maximize small business participation.
The United States Cyber Command (USCYBERCOM) has a need to move data securely between USCYBERCOM, Intelligence Community (IC), Department of Defense (DoD), and commercial networks. This boundary solution, the Cyber Command Guard Farm (CCGF1) will provide robust boundary security and mediation of data and information sources. A secondary Cyber Command Guard Farm (CCGF2) solution will protect and buttress the CCGF1 at the network layer and may additionally serve as an enterprise boundary.
The Government will maintain, replicate and expand these boundary solutions for deployment in support of enterprise and mission systems. The initial CCGF1 will be designed, implemented and accredited by a partnering government agency. Once accreditation is approved, the CCGF1 will be maintained by the USCYBERCOM. Based on the architecture created by CCGF1, CCGF2 will be procured and maintained by USCYBERCOM.
The objective of the CCGF Support Services effort is to provide support services to maintain a scalable network security boundary for USCYBERCOM that is based on industry best practices, and to implement those best practices securely and adeptly. The objective is to obtain technical and management support to improve the inherent security of USCYBERCOM's boundary through actionable engineering practices and in concert with host agency best practices. USCYBERCOM requires engineering and information technology (IT) services to support theCCGF program's efforts. These services include but aren't limited to network security and CDS design, testing, implementation, sustainment, lab management support, and process engineering.
The SOW details three major efforts in support of the USCYBERCOM Cross Domain Solutions - design and deployment of CCGF2, maintenance of both CCGFs in support of operations, and development of documentation for life-cycle management and security authorizations.
CCGF2 - USCYBERCOM is completing the deployment of its first Guard Farm (CCGF1) within the greater Fort Meade area during FY18, to include the Authorityto Operate (ATO). The objective shall require the Contractor to deploy a secondguard farm (CCGF2), based on the configuration of CCGF1. The Contractor shall complete ordering of equipment, installation, testing, and documentation necessary for configuration management and security for the CCGF2 during FY19. Additional government furnished equipment may be provided. The location for the second has not yet been determined, but the goal is deploy CCGF2 in a location that is geographically separate, within the continental United States, and within a government owned facility. The CCGF2 location shall be determined and included in the final SOW.
Maintenance - USCYBERCOM requires support services to create, maintain, and remove data flows across the different security levels. USCYBERCOM has limited information on number of data flows and different types of dataflows, based on historical data. This daily maintenance shall include security patch updates and other tasks necessary to keep the system in operational status. This effort shall provide support to administrative data flows, which support the USCYBERCOM administrative enterprise. These data flows are deliberate and support shall be required during USCYBERCOM normal business hours (0600 to 1700 EST). Mission data flows are required to move mission data across the different security levels. The support for mission data flows will be during the previously identified normal business hour, however during mission efforts, it may be necessary to provide 24/7 support in limited cases. The contractor shall be required to initially support CCGF1. Additional support shall be required for CCGF2 once it has been deployed and granted ATO.
Documentation Support - USCYBERCOM will require the contractor to develop the documentation required for life-cycle support (e.g. following IA patch update or data flow log). This includes security documentation required to maintain an ATO certification.
4. Information Requested
All requested information is intended to facilitate theGovernment's market research efforts and inform the Government's acquisition approach. Please ensure submissions include responses to the following information:
4.1 Business Information
Provide the following business information for your company and for any teaming or joint venture partner:
Company Name and Address:
Name of Company Representative and Business Title
DUNS Number/CAGE Code:
Web Page URL:
Business Category(ies) (e.g. Large Business, Small Business, SDBs, HUBZone, 8(a), SDVOSB, WOSB, involvement in a mentor and/or protégé program, etc.)
Explain your company's ability to meet the classification and security requirements for this effort:
Size of business pursuant to North American Industry Classification System (NAICS) Code: 541990
Acknowledgement of the Disclaimer
4.2 Acquisition Information
Explain your company's potential interest in this effort (e.g. Prime, subcontract, teaming arrangements, Joint Ventures, etc.)
Describe corporate experience providing similar operational and security boundary services
Describe any foreseen problems that may resulting from combining the purchasing and installing of the second CCGF with the continued maintenance and documentation aspects.
The Government shall either provide the equipment for CCGF2 as government furnished equipment, or may require the Contractor to procure the equipment. Describe any concerns with either strategy.
Describe the time frame necessary to develop a stable equipment baseline and enough information for a performance based contract.
Describe the Rough Order of Magnitude (ROM) necessary to accurately estimate the three major contract aspects? It is understood equipment and travel cost will not be included.
Describe the contract structure your company would recommend given the unknowns innumber and type of data flows. What recommendations are necessary to accommodate the level of risk in the contract?
4.3 Technical Information
Background - The following questions are based on the attached draft SOW.
Does the inclusion of the second CCGF design and deployment place an unduly requirement on your company? Would your company recommend to award the second CCGF build-out as a separate contract? Please explain the pros/cons of your recommendation
Does your company feel the Staffing requirements are not achievable or have moderate to high risk? If yes, please explain?
Efforts were made to keep the contract at the unclassified level. Is there sufficient Background and Scope to provide the necessary information to complete a proposal? If not, please provide some types of information your company would like to see?
What additional information (if any) is required for your company to development cost estimate for the three Tier supports (SOW Section 2.1.1)?
5 Industry Discussions
Representatives of USCYBERCOM may choose to meetwith potential offerors and hold one-on-one discussions. Such discussions wouldbe intended to obtain further clarification of RFI response and the potential capability to meet requirements.
Questions regarding this announcement shall be submitted in writing by email to firstname.lastname@example.org and shall be clearly marked "QUESTIONS in response to CCGF Maintenance RFI". Verbal questions will not be accepted. Answers to questions shall be posted to FedBizOps. The Government does not guarantee that questions received after the closing date will be answered. The Government does not reimburse companies for any costs associated with the submissions of their RFI response.
7 Response Guidelines
Interested parties are requested to respond to this RFI with a white paper. White papers should be in Microsoft Word for Office, Adobe PDF, or compatible format and shall not exceed 14 pages, excluding cover, title, and table of contents pages. A page is defined as each face of an 8 ½ by 11 inch sheet with information contained within a one-inch margin on all sides. Text shall be Times New Roman and no less than 10-point font. The response should not exceed a 5MB email limit for all items associated with the RFI response.
Responses must specifically describe responses to each of the bulletsin Section 4 of the RFI. FedBizOps will be the sole repository for all information related to this RFI.
Companies that wish to respond to this RFI shall send responses clearly marked "RESPONSES to CCGF Maintenance RFI" via email "time stamped" no later than the date specified on FedBizOps. In the subject line, please label in the following formation: "CCGF_Maintenance_RFI Responses_Company Name_DDMMYYYY. The Government may or may not choose to meet with potentialrespondents. Such meetings and discussions would only be intended to further clarification of potential capabilities.
This RFI is not a RFP and is not to be construed as a commitment by the Government to issue a solicitation or ultimately award a contract. Responses will neither be considered as proposals nor will any award be made as a result of this RFI. All information contained in the RFI is preliminary as well as subject to modification and is in no way binding on the Government. Federal Acquisition Regulation (FAR) clause 52.215-3, "Request for Information or Solicitation for Planning Purposes", is incorporated by reference in this RFI. The Government does not intend to pay for information received in response to this RFI. Respondents to this invitation are solely responsible for all expenses associated with responding to this RFI. This RFI will be the basis for collecting information on available capabilities and is issued solely for information and planning purposes. Proprietary information and trade secrets, if any, shall be clearly marked on all materials providedin response to this RFI. All information that is marked "Proprietary" will be handled accordingly. Please be advised that all submissions become Government Property and will not be returned. In accordance with FAR 15.201(e), responses to this RFI are not offers and cannot be accepted by the Government to form a binding contract.
DRAFT Statement of Work: USCYBERCOM Guard Farm Deployment and Support, 19 April 2018.