DA01--VA Server Enterprise Endpoint Security (VASEES) RFI (VA-25-00011736)
ID: 36C10B25Q0203Type: Sources Sought
Overview

Buyer

VETERANS AFFAIRS, DEPARTMENT OFVETERANS AFFAIRS, DEPARTMENT OFTECHNOLOGY ACQUISITION CENTER NJ (36C10B)EATONTOWN, NJ, 07724, USA

NAICS

Other Computer Related Services (541519)

PSC

IT AND TELECOM - BUSINESS APPLICATION/APPLICATION DEVELOPMENT SUPPORT SERVICES (LABOR) (DA01)

Original Source

https://sam.gov/opp/1105880ccd7b48f89dfa8d21a37ed43c/view
Timeline
    Description

    The Department of Veterans Affairs (VA) is seeking vendors to provide endpoint security solutions through the VA Server Enterprise Endpoint Security (VASEES) initiative, identified by solicitation number 36C10B25Q0203. The procurement aims to enhance the VA's cybersecurity infrastructure by managing up to 750,000 devices, requiring a comprehensive Software as a Service (SaaS) solution that complies with federal standards, including FISMA and FedRAMP. This initiative is critical for safeguarding sensitive information and ensuring operational integrity across the VA's network. Interested vendors must submit their responses to the Request for Information (RFI) by March 20, 2025, with inquiries directed to Contract Specialist Dana Seeler at dana.seeler@va.gov.

    Point(s) of Contact
    Dana SeelerContract Specialist
    dana.seeler@va.gov
    Files
    Title
    Posted
    36C10B25Q0203.docx
    The Department of Veterans Affairs has issued a Sources Sought Notice for the VA Server Enterprise Endpoint Security (VASEES) Request for Information (RFI) under solicitation number 36C10B25Q0203. The notice is aimed at gathering input from potential vendors regarding endpoint security solutions and associated services. The contracting office is located in Eatontown, NJ, and the deadline for responses is set for March 20, 2025, at 12:00 PM Eastern Time. The notice references attachments that encompass a draft Performance Work Statement (PWS) and a series of questions regarding the RFI. Additional documentation includes service level agreements and specific requirements for endpoint detection and response systems. This engagement appears to be part of the federal government's strategy to enhance cybersecurity measures for the VA’s IT infrastructure, reflecting increasing priorities on security and compliance in federal operations. The point of contact for inquiries is Contract Specialist Dana Seeler, whose email is provided for direct communication. Overall, this notice outlines the VA's intention to assess the market for potential solutions that fulfill its security objectives.
    36C10B25Q0203 0001.docx
    The Department of Veterans Affairs (VA) is preparing to release a solicitation for the VA Server Enterprise Endpoint Security (VASEES) initiative, identified by solicitation number 36C10B25Q0203. This solicitation will be issued unrestricted under the NASA SEWP V Government-wide Acquisition Contract (GWAC) and falls under NAICS code 541519. The expected release date for this solicitation is projected for early to mid-August. The contracting office for this project is located in Eatontown, NJ, and inquiries can be directed to Contract Specialist Dana Seeler via email at dana.seeler@va.gov. This document serves as an official modification to a previous notice and indicates the agency's intent and expectations regarding the forthcoming solicitation for endpoint security services to enhance the VA's technical infrastructure.
    Appendix A - VASEES SERVICE LEVEL AGREEMENTS RFI.pdf
    The VASEES Service Level Agreements (SLA) outline performance expectations for a contractor providing services to the VA. Key SLAs include a two-hour engineering response time, 24/7 network monitoring with a 15-minute outage notification, and a commitment to 99.9% service availability. Should service availability fall below this threshold, the VA can request service credits proportional to the level of non-compliance. The contractor is required to monitor system load and utilization to ensure efficiency, with specific thresholds for CPU and memory usage. Support response times vary by severity level: critical issues demand a 30-minute response, serious problems require one hour, moderate issues four hours, and minimal requests one day. Performance levels must be validated within 30 days of contract award, including routine testing and reporting to maintain compliance. The document emphasizes accountability, outlining how service credits will be structured if SLAs are not met, reinforcing the contract's terms while ensuring continuous support for VA operations. The SLA serves as a critical element in government contracts, ensuring that contractors uphold their obligations and provide reliable service to federal clients.
    Appendix B_EDR_EPP Reqs March 4 2025.xlsx
    The document outlines a Request for Proposal (RFP) for an Endpoint Protection Platform (EPP) designed for the Veterans Affairs (VA). It specifies general and operational requirements for a scalable, enterprise-grade host endpoint monitoring solution. Key features include FIPS 140-2 encryption for data security, modularity for component updates, and extensive application and network control capabilities. The solution must support various operating systems and integrate seamlessly with existing IT infrastructure, including SIEM and SOAR systems. Performance and operational metrics highlight the need for real-time threat analysis, malicious file containment, and data collection, ensuring minimal resource impact on host systems. Furthermore, the EPP solution should enable remote management capabilities, detailed reporting options, and adherence to federal compliance standards like NIST and 508 compliance. The focus on user access control, automated response to threats, and forensic investigation capabilities illustrates a comprehensive cybersecurity strategy, essential in protecting sensitive data and maintaining operational integrity across the VA's network. This RFP emphasizes the necessity for modern security solutions that can adapt to evolving threats while supporting the VA's mission to serve veterans effectively.
    PWS VASEES RFI.pdf
    The Performance Work Statement (PWS) outlines the Department of Veterans Affairs' (VA) requirement for the VA Server Enterprise Endpoint Security (VASEES) system, designed to deliver comprehensive cybersecurity for up to 750,000 physical, virtual, and cloud-hosted clients. The contractor is responsible for deploying a Software as a Service (SaaS) solution, obtaining necessary authorizations, and maintaining high levels of security through compliance with federal guidelines, including FISMA and FedRAMP standards. The scope includes project management, staffing plans, training, and operational support. Key deliverables encompass a detailed project management plan, continuous monitoring and maintenance of the VASEES solution, and training for VA personnel. The contractor must ensure documentation, help desk scripts, and support infrastructure are in place to facilitate effective user interaction with the system. The contract spans an initial twelve-month period, extendable over four additional years, allowing for incremental asset licensing and scalability. This PWS reflects the VA’s commitment to enhancing cybersecurity practices while adhering to federal regulations, ensuring the safe management of sensitive information across all VA operations.
    RFI QUESTIONS 36C10B25Q0203.pdf
    The Request for Information (RFI) for the VA Server Enterprise Endpoint Security (VASEES) is issued for planning purposes and does not obligate the government to procure any products or services. It invites vendors to provide insights regarding their capabilities specific to endpoint security solutions anticipated for the management of up to 750,000 devices. Interested vendors are instructed to submit detailed information within a 15-page limit, excluding marketing materials, and must include business size, NAICS codes, and a summary of their proposed solutions. Key areas of response include the scalability of technology, integration with existing cybersecurity systems, operational staffing plans to support 24/7 operations, and the readiness for FedRAMP certification. Vendors are also asked to outline pricing models and provide details about their experience with federal contracts. Responses are due by March 20, 2025, with submissions sent via email and marked for proprietary information. This RFI serves as a preparatory step for assessing market capabilities in achieving comprehensive endpoint protection for the VA's server enterprise.
    RFI Questions and Answers 3172025.pdf
    The Request for Information (RFI) 36C10B25Q0203 pertains to the Department of Veterans Affairs' interest in exploring pricing structures associated with the VASEES initiative. Following a query about extending the closing date for the RFI, the response confirmed that the closing date remains set for Thursday, March 20, 2025. A significant inquiry regarding the expected format for pricing submissions indicated that the Department seeks an overview of the pricing structure rather than a detailed market research quote or precise cost estimation. This document serves as a communication tool to clarify details for potential respondents, ensuring their submissions align with the Department’s expectations and aiding in their market research efforts related to veterans’ services. The document reflects the structured communication typical in government RFPs, aiming to streamline the procurement process and ensure clarity for all stakeholders involved.
    Lifecycle
    Title
    Type
    DA01--VA Server Enterprise Endpoint Security (VASEES) RFI (VA-25-00011736)
    Currently viewing
    Sources Sought
    Similar Opportunities
    DA10--RFI - Modernization of Veterans Canteen Service IT Systems (VA-26-00004970)
    Buyer not available
    The Department of Veterans Affairs is seeking input for the modernization of its Veterans Canteen Service IT Systems through a Request for Information (RFI) identified as VA-26-00004970. The primary objectives of this procurement include enhancing performance, streamlining processes, improving customer service, and integrating new functionalities while ensuring robust security measures and compliance with industry standards. This modernization effort is crucial for the efficient operation of approximately 220 retail and food service locations nationwide, which currently rely on outdated technologies. Interested vendors should direct their inquiries to Contract Specialist Justin Daniel at justin.daniel@va.gov, and responses to the RFI are due by August 1, 2025, with a focus on providing detailed proposals that meet the outlined requirements.
    6525--SEP 2025 Equipment Only Consolidation
    Buyer not available
    The Department of Veterans Affairs is seeking proposals for the "SEP 2025 Equipment Only Consolidation" contract, specifically aimed at procuring medical imaging equipment and related services. This procurement encompasses a variety of medical devices, including but not limited to MRI systems, ultrasound units, and radiographic equipment, which are essential for enhancing diagnostic capabilities and improving healthcare delivery to veterans. The contract is unrestricted, with a due date for offers set for January 14, 2026, at 11:59 PM CST, and interested vendors can direct inquiries to Contracting Officer Teresa Rogofsky at teresa.rogofsky@va.gov. The solicitation includes detailed specifications and requirements, emphasizing compliance with security standards and the need for comprehensive training and support services.
    TheraDoc Electronic Clinical Surveillance Platform
    Buyer not available
    The Department of Veterans Affairs is seeking to procure the TheraDoc Electronic Clinical Surveillance Platform through a federal contract. This procurement aims to enhance clinical surveillance capabilities within the department, ensuring improved patient care and safety through advanced electronic monitoring solutions. The platform is critical for the effective management of clinical data and real-time surveillance, which is essential for healthcare operations within the Veterans Affairs system. Interested vendors can reach out to the Contract Specialist, Mickey A. Linize, at mickeya.linize@va.gov or by phone at 913-946-1967 for further details regarding the justification and requirements associated with this opportunity.
    DA10--Department of Veterans Affairs- Data Call Centers - RFI
    Buyer not available
    The Department of Veterans Affairs (VA) is seeking industry input through a Request for Information (RFI) regarding the consolidation of its decentralized contact centers into a more efficient system. The objective of this initiative is to streamline operations, enhance customer experience, and reduce costs while managing over 60 million calls annually. Interested vendors are invited to provide detailed responses addressing their technical capabilities, corporate experience, and compliance with set-aside requirements, with submissions due by December 16, 2025, at 1:00 PM EST. Responses should be sent via email to Contract Specialist Joshua Fitzmaurice and Contracting Officer Mina Awad, with a maximum file size of 5 MB and a page limit of 15 pages.
    DA10--Bi-Directional Image/Report Exchange
    Buyer not available
    The Department of Veterans Affairs (VA) is seeking information from qualified vendors for a Bi-Directional Image/Report Exchange System to support the Veterans Health Administration (VHA). This initiative aims to establish an enterprise imaging system that integrates with existing electronic health records (EHRs) and community care referral systems, facilitating the management and secure exchange of clinically relevant medical imaging data. Key requirements include on-demand access, AI support for workflow, stringent security measures, and a commitment to 99.99% uptime, with responses due by December 18, 2025, and questions accepted until December 5, 2025. Interested parties should contact Contract Specialist Laura Startek at Laura.Startek@va.gov or 848-377-5089 for further details.
    J065 | Viewpoint Software Support and Maintenance
    Buyer not available
    The Department of Veterans Affairs (VA) is seeking contractors to provide support and maintenance services for the Viewpoint Wireless Temperature Monitoring System, as outlined in a Sources Sought Announcement. The procurement aims to gather information on potential vendors who can deliver comprehensive service agreements, including hardware/software warranties, unlimited support, system monitoring, and on-site calibration of NIST probes for various healthcare facilities in Southern Nevada. This initiative is crucial for ensuring proper temperature management within VA healthcare settings, thereby maintaining safety and compliance with federal regulations. Interested parties must respond by February 26, 2025, at 1:00 PM Pacific Time, and are encouraged to contact Gary Christensen at gary.christensen@va.gov for further details.
    R499--Ergonomic Assessment Services
    Buyer not available
    The Department of Veterans Affairs is seeking proposals for Comprehensive Ergonomic Assessment Services under solicitation number 36C26226Q0104. The objective of this procurement is to provide ergonomic assessments to enhance workplace safety and efficiency for veterans' facilities, with a total of 935 hours of service required during the contract period from January 1, 2026, to December 31, 2026. This service is crucial for ensuring that the work environments are optimized for the health and productivity of employees, particularly in settings that serve veterans. Interested vendors must submit their offers by December 15, 2025, at 1:00 PM MST, and direct any questions to Contract Specialist Trainee Garrett Lyles at garrett.lyles@va.gov.
    DA01--FMBT System Integrator (New Action-Recompete, VA-26-00002411)
    Buyer not available
    The Department of Veterans Affairs (VA) is seeking qualified contractors for the FMBT System Integrator acquisition, identified under solicitation number 36C10B25Q0354, which will be issued through the General Services Administration (GSA) Multiple Award Schedule (MAS) Financial Management (FM) Marketplace. This procurement aims to promote broad competition among various business sizes, including small, disadvantaged, veteran-owned, woman-owned, and HUBZone small businesses, as well as large businesses, ensuring compliance with Executive Order 14249. The solicitation is anticipated to be posted within one week of this notice, with the primary contact for this opportunity being Contract Specialist Angel Santos, who can be reached at Angel.Santos2@va.gov or by phone at 848-377-5096. Interested parties should prepare for the upcoming solicitation and note that the response date for the special notice is August 28, 2025, at 5 PM Eastern Time.
    J063--FY26 Lenel S2 Security System Support Five (5)-Year Indefinite Delivery Contract (IDC) for VA Coatesville. Brand Name Only.
    Buyer not available
    The Department of Veterans Affairs (VA) is seeking proposals for a five-year Indefinite Delivery Contract (IDC) for Lenel S2 Security System Support at the Coatesville VA Medical Center, specifically for brand-name-only products. The procurement includes a comprehensive service package that covers a PRO SUSP PLAN for 513-1024 readers, technical support, and Verizon monthly router service for remote support, with a total performance period extending from December 8, 2025, to September 30, 2030. This contract is a 100% set-aside for Certified Veteran-Owned Small Businesses (VOSBs) and emphasizes compliance with VA regulations regarding subcontracting limitations. Interested parties must submit their proposals by December 15, 2025, at 3:00 PM ET, and can direct inquiries to Contract Specialist Allan Tabliago at allan.tabliago@va.gov.
    6530--Self-Service Kiosk and Intelligent Queueing Display Hardware
    Buyer not available
    The Department of Veterans Affairs (VA), specifically the VISN 15 Network Contracting Office, is seeking information from potential vendors for the procurement of self-service kiosks and intelligent queueing display hardware at the Kansas City VA Medical Center. The requirement includes the purchase of six new kiosks and a two-year hardware warranty for 28 existing kiosks, all of which must be compatible with the existing Vetlink software and capable of integrating with future Electronic Health Record Modernization (EHRM) plans. These kiosks are critical for enhancing patient and staff interactions while ensuring compliance with privacy regulations, ADA requirements, and operational standards. Interested parties must submit their responses, including company details and capabilities, to Contract Specialist Tracie Raggs at tracie.raggs@va.gov by December 12, 2025, at 0800 CST.