Request for Information: Next-generation Commercial Operations in Defended Enclaves (NCODE)
ID: 2024DCCOE009Type: Special Notice
Overview

Buyer

DEPT OF DEFENSEDEPT OF THE ARMY

Original Source

https://sam.gov/opp/6874f1dfcf954fe3b0f78c2c41cae210/view
Timeline
    Description

    The Department of Defense, specifically the Army, is seeking input through a Request for Information (RFI) for its Next-generation Commercial Operations in Defended Enclaves (NCODE) initiative, aimed at enhancing cybersecurity for small businesses within the Defense Industrial Base (DIB). The initiative intends to establish a secure, cloud-based environment that provides essential productivity tools and advanced business operations support, enabling small businesses to comply with NIST SP 800-171 security standards. This effort is crucial for improving the cybersecurity posture of small businesses engaged with the Department of Defense, facilitating their ability to meet emerging contractual requirements. Interested parties are encouraged to submit their responses by 10:00 EST on December 24, 2024, and can direct inquiries to the NCODE team at ncode@army.mil.

    Point(s) of Contact
    NCODE Team
    ncode@army.mil
    Files
    Title
    Posted
    Appendix 1- Threshold Requirements for NCODE Pilot.pdf
    The NCODE Pilot outlines the foundational requirements for a secure cloud-based platform that combines commercial services with government oversight, particularly for small businesses (SBs) engaged with the Department of Defense (DoD). It emphasizes the need for a Virtual Desktop Interface (VDI) connected to a private cloud, with distinct environments: one exclusive to SB employees and another for collaboration between contractors and government personnel. Key features include the requirement for NIST SP 800-171 and CMMC 2.0 compliance to alleviate assessment burdens on Defense Industrial Base (DIB) small businesses. Authentication mechanisms must incorporate FIPS-compliant Multi-Factor Authentication and provisions for DoD Common Access Cards. Each vendor will have isolated workspaces to protect intellectual property while facilitating secure data sharing through a controlled collaboration environment. Further, NCODE environments must provide comprehensive monitoring and logging for oversight, maintain minimum FedRAMP moderate baseline security standards, and fulfill ITAR compliance. Documentation of shared responsibilities regarding security controls is mandatory to assist small businesses in achieving necessary certifications. Overall, NCODE aims to enhance security, usability, and collaboration within a federated environment while prioritizing compliance with federal standards.
    Appendix 2- Questions for Service-Solution Providers.pdf
    The document outlines questions directed at service or solution providers regarding the NCODE Pilot Use Case, highlighting the need for effective service delivery and decision-making in government contracting. Key inquiries include recommended delivery and pricing models for on-demand resources, and the most suitable discriminators for expediting award processes. It examines two potential contracting approaches—Contractor Support Services (CSO) and Multiple Award Indefinite Delivery Indefinite Quantity (MA IDIQ)—and solicits input on their respective benefits and drawbacks. Additionally, the document seeks to identify barriers to entry that small businesses may face in competing for these opportunities. Overall, it aims to gather insights that would enable the U.S. Government (USG) to efficiently and objectively facilitate award decisions in the context of federal contracting, ensuring readiness to meet scalable service demands.
    Appendix 3- Questions for Small Business Users.pdf
    The document comprises a set of questions aimed at small business users regarding their engagement with the NCODE environment for government contracts. Key inquiries focus on the types of products or services offered to the government, the transition needs for using NCODE, and involvement with Controlled Unclassified Information (CUI). Additionally, it addresses the necessary tools and software required for effective operations within an NCODE framework, suggesting categories like software development and model-based system engineering. The document also seeks to identify potential obstacles small businesses might encounter in adopting NCODE. Overall, the document emphasizes the transition to NCODE while highlighting the specific requirements and challenges faced by small businesses in government contracting, facilitating a tailored approach to support their integration and operational efficiency.
    NCODE RFI Questions and Answers- 20 December.pdf
    The NCODE RFI document outlines responses to questions about the N-CODE project, aimed at aiding small businesses in achieving CMMC compliance. The average user count is estimated at ten per small business, with a flexible approach anticipated for contract types, allowing for Managed Service Provider (MSP) proposals to include either virtual hosting or delivery of CMMC solutions. The government emphasizes openness to various solution proposals, including alternative approaches to the pilot program, and has previously engaged industry through CRADAs for proof-of-concept phases. Additionally, while the government intends to implement solutions incrementally, they are willing to consider fully developed proposals from vendors who can meet all requirements, provided that cost estimates and alternative schedules are presented clearly. This flexibility and willingness to collaborate indicate the government's commitment to effectively addressing small business needs in cybersecurity compliance.
    Pilot Increment Cost Estimate Table v2.xlsx
    The document outlines a federal Request for Proposals (RFP) focused on providing a user-license structure for small businesses, with the goal of onboarding a total of 60,000 users within a two-year timeframe. It details a phased approach across several increments, starting from April 2025 through March 2027, each highlighting desired capabilities such as basic productivity tools, DevSecOps, and Model-Based Systems Engineering (MBSE) tools, along with other essential services including Virtual Desktop Infrastructure (VDI), Multi-Factor Authentication (MFA), help desk support, and user training. Respondents are instructed to complete a worksheet estimating user counts, costs, and any additional considerations for each capability increment. The RFP encourages firms to indicate their capabilities accurately and offers flexibility for those unable to meet all specified requirements, promoting inclusivity among potential contractors. This initiative exemplifies the government's commitment to enhancing productivity and leveraging technology in small businesses to streamline operations and secure system infrastructures.
    RFI- NCODE v3.pdf
    The Army's Next-generation Commercial Operations in Defended Enclaves (NCODE) initiative aims to enhance cybersecurity for small businesses (SBs) within the Defense Industrial Base (DIB). This initiative seeks to establish a secure, cloud-based environment that incorporates essential productivity tools and advanced business operations support, enabling SBs to meet NIST SP 800-171 security standards. Led by the Deputy Assistant Secretary of the Army for Data, Engineering, and Software, the program will transition from a proof of concept to a two-year pilot to evaluate its effectiveness and scalability. The Army solicits input on contract strategies and technical considerations through a Request for Information (RFI), inviting responses from both service/solution providers and small business users. Specific feedback is requested on contract strategies, cost estimates, and desired features, with an emphasis on providing realistic pricing estimates. The RFI clarifies that submissions are for planning purposes only, are not binding, and will not result in contracts. Responses should be submitted by December 24, 2024, and all inquiries must be directed to the provided contact email. The initiative represents a critical effort to bolster DIB security while fostering collaboration with SBs and service providers.
    Similar Opportunities
    Network Management
    Active
    Dept Of Defense
    The Department of Defense, specifically the U.S. Army Combat Capabilities Development Command (DEVCOM), is seeking insights from businesses regarding network management for defensive cybersecurity operations (DCO). The Request for Information (RFI) aims to gather information on the roles and interactions between Network Operations Centers (NOC) and Security Operations Centers (SOC), focusing on their structures, collaboration during incidents, and the potential integration of these functions, including the involvement of managed service providers. This initiative underscores the critical need for specialized network management to ensure effective DCO, emphasizing continuous monitoring and rapid incident response capabilities. Interested parties are encouraged to submit white papers addressing specific queries related to NOC and SOC configurations, handling of Indicators of Compromise (IoCs), and scalability strategies, with responses due to the Engineering & Systems Integration (ESI) Directorate at the provided email address. Note that submissions will not result in contracts but will inform future acquisition strategies.
    Request for Information (RFI) PEO Missiles and Space OCIO Cybersecurity Intrusion Detection Capability
    Active
    Dept Of Defense
    The Department of Defense, specifically the Army's Program Executive Office for Missiles and Space, is seeking information regarding cybersecurity intrusion detection capabilities through a Request for Information (RFI). The objective is to gather insights on currently available non-developmental cybersecurity intrusion detection systems that support Integrated Fires Offensive and Defensive Operations. This RFI is part of market research to identify potential sources and does not constitute a request for proposals or guarantee future contracts. Interested parties must submit an unclassified white paper by 1600 hours EST on January 10, 2025, detailing their technical approach and capabilities, with submissions directed to the primary contact, Christopher M. Caputo, at christopher.m.caputo.civ@army.mil.
    NATO Request for Information: Capability Package CP149 Rev 1 “Dragonfly Increment 1”
    Active
    Commerce, Department Of
    The Department of Commerce, specifically the Bureau of Industry and Security, has issued a Request for Information (RFI) from the NATO Communications and Information Agency (NCIA) regarding the Capability Package CP149 Rev 1 “Dragonfly Increment 1” project. This RFI aims to explore potential solutions for the NATO Information Clearing House – Release Gateway (ICH-RG) project, which seeks to enhance secure information sharing capabilities across NATO and with non-NATO entities, addressing current capability gaps in military information exchange. The initiative is crucial for ensuring effective information dissemination for mission operations across various security domains, utilizing a modular approach to interconnect different networks. Interested parties must submit their responses by 17:00 Brussels time on January 31, 2025, and should refer to the NCIA reference number MS-423340-ICH-RG in all correspondence. Detailed instructions for submission are provided in the attached document.
    CALL 0002 - HNCO Industry Outreach Event Responses
    Active
    Dept Of Defense
    The Department of Defense, specifically the United States Air Force, is soliciting industry responses for the CALL 0002 - HNCO Industry Outreach Event, aimed at enhancing cyber warfare mission systems. This initiative seeks innovative solutions to accelerate the development of offensive cyber capabilities that support air superiority and resilience, with a focus on addressing identified capability gaps. The funding ceiling for this opportunity is approximately $100 million, with a two-step submission process involving white papers and proposals due by January 31, 2025. Interested parties can reach out to Timothy Emeott at timothy.emeott@us.af.mil or Corey M. Berry at corey.berry.2@us.af.mil for further information.
    Next Generation Command and Control (NGC2) Capability Characteristics
    Active
    Dept Of Defense
    The Department of Defense, specifically the Army, is seeking industry collaboration for the Next Generation Command and Control (NGC2) Capability Characteristics initiative. This effort aims to transform the Army's enterprise data architecture and operational software framework, focusing on solutions that enhance network and transport layers, infrastructure, data analytics platforms, and user experiences for application-based tools and services. The Characteristics of Need document is a dynamic resource that will be updated based on ongoing technological research and experimentation, and interested vendors are encouraged to register to receive updates. For access to the controlled attachment, companies must be certified by the Joint Certification Program (JCP), and inquiries regarding certification can be directed to jcp-admin@dla.mil. For further information, contact Nicolas A. Martin at nicolas.a.martin2.civ@army.mil or Timothy Weiman at timothy.j.weiman.civ@army.mil.
    Navigation Critical Distribution System (NCDS) IOC Software Upgrade
    Active
    Dept Of Defense
    The Department of Defense, through the Naval Surface Warfare Center Philadelphia, is seeking proposals for the Navigation Critical Distribution System (NCDS) IOC Software Upgrade, transitioning from VxWorks to Red Hat Linux. The procurement aims to enhance navigation systems on naval vessels by acquiring software development services, Red Hat Enterprise Linux (RHEL) server subscriptions, and deliverable data reports to ensure compliance with technical requirements. This initiative is crucial for maintaining operational readiness and reliability in military navigation processes. Interested small businesses must submit their responses to Stefan Kitzinger at stefan.b.kitzinger.civ@us.navy.mil by 3:00 PM EST on January 9, 2024, to be considered for this total small business set-aside opportunity.
    NATO Request for Information: Distributed Denial of Service (DDOS) Protection Landscape
    Active
    Commerce, Department Of
    The NATO Communications and Information Agency (NCIA) has issued a Request for Information (RFI-424211-DDOS) to identify advanced Distributed Denial of Service (DDOS) protection solutions that can be provided through Commercial Off-The-Shelf (COTS) products, services, and solutions. This RFI aims to gather insights on the availability and technical capabilities of DDOS protection technologies, which are critical for enhancing NATO's cybersecurity strategies and ensuring robust defense mechanisms among member nations. Interested parties are encouraged to submit their responses, detailing their experience, solution features, integration capabilities, security measures, management support, and pricing structures, by the deadline of January 20, 2025. Responses should be directed to the email address provided in the attached instructions, and all correspondence must reference the RFI number RFI-424211-DDOS.
    Department of Defense Request for Information on Implementation of Pilot Program for Anything-As-A-Service
    Active
    Dept Of Defense
    The Department of Defense (DoD) is seeking public feedback on the implementation of a new pilot program titled Anything-As-A-Service, as mandated by the 2024 National Defense Authorization Act. This initiative aims to explore consumption-based solutions that provide on-demand access to technology capabilities, including software, hardware, and services billed based on actual usage, with a focus on enhancing operational efficiency. The DoD invites comments on proposed product service codes and insights regarding the program's implementation, with submissions due by December 31, 2024, to Paula Smith at osd.pentagon.ousd-a-s.mbx.asda-dp-c-contractpolicy@mail.mil. The pilot program will be implemented at a later date, reflecting the DoD's commitment to innovation in service delivery.
    NEEDIPEDIA - COMMERCIAL SOLUTIONS OPENING - CSO
    Active
    Dept Of Defense
    The Department of Defense, through the Defense Intelligence Agency, is soliciting innovative ideas and solutions under the NEEDIPEDIA - COMMERCIAL SOLUTIONS OPENING (CSO) initiative, identified by solicitation number HHM402-23-SC-0002. This opportunity invites participation from a diverse range of contributors, including large and small businesses, independent consultants, and academic institutions, to enhance operational efficiency and technological capabilities in support of national and international mission requirements. The initiative emphasizes the importance of innovative approaches, particularly in areas such as Artificial Intelligence and Machine Learning, to improve existing practices and address associated risks. Interested parties can reach out to Tamara Yockey at tamara.yockey@dodiis.mil or call 703-735-6377 for further information. Submissions must adhere to specific guidelines, including a two-page white paper format, and are due by the specified deadlines outlined in the solicitation documents.
    Infrastructure, Systems, and Network Enhancement Program (ISNEP)
    Active
    Dept Of Defense
    The Department of Defense, through the Defense Information Systems Agency (DISA), is seeking sources for the Infrastructure, Systems, and Network Enhancement Program (ISNEP) via a Sources Sought Notice. This initiative aims to identify small businesses, including those classified as Small Disadvantaged, Certified 8(a), Service-Disabled Veteran-Owned, HUBZone, and Woman-Owned, that can provide comprehensive support for the implementation and integration of advanced networking capabilities across the Department of Defense Information Network (DODIN) and the Defense Information System Network (DISN). The program is critical for enhancing information superiority and operational transition within the DoD and is expected to span from September 2026 to September 2033, with a seven-year ordering period. Interested firms must demonstrate relevant experience and hold a Top Secret Facility Clearance, with responses due by January 21, 2025, directed to Shamra Y. Joiner at shamra.y.joiner.civ@mail.mil.