Request for Information - Enterprise Virtualization and Hybrid Cloud Infrastructure Services
ID: 1019530027Type: Special Notice
Overview

Buyer

STATE, DEPARTMENT OFSTATE, DEPARTMENT OFACQUISITIONS - AQM MOMENTUMWASHINGTON, DC, 20520, USA

NAICS

Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services (518210)

PSC

IT AND TELECOM - NETWORK AS A SERVICE (DG10)

Set Aside

Partial Small Business Set-Aside (FAR 19.5) (SBP)

Original Source

https://sam.gov/opp/32b674caab4f4ceea7240f575254168f/view
Timeline
    Description

    The U.S. Department of State is seeking information from industry vendors regarding their capabilities to provide an enterprise hybrid cloud computing platform as part of a Request for Information (RFI). The objective is to identify a proven commercial-off-the-shelf (COTS) solution that can effectively manage and automate virtual desktops, servers, networks, and storage services while adhering to federal security standards and supporting a zero trust security approach. This initiative is crucial for enhancing the Department's IT infrastructure and ensuring secure operations across its critical business processes. Interested parties must submit their responses by January 6, 2025, and can direct inquiries to Meghan M. Mullen at MullenMM@state.gov or John K. Warner at WarnerJ1@state.gov.

    Point(s) of Contact
    Meghan M. Mullen
    (202) 674-6373
    MullenMM@state.gov
    John K. Warner
    (771) 206-6520
    WarnerJ1@state.gov
    Files
    Title
    Posted
    C-SCRM Questionnaire.xlsx
    The Cybersecurity Supply Chain Risk Management (C-SCRM) Questionnaire is a document designed for vendors submitting offers to the government, focusing on their risk management approaches regarding cybersecurity within their supply chains. The questionnaire is structured into three main sections: Contact Information, Vendor Risk Management Plan, and Physical and Personnel Security. Vendors are required to provide key contact details and respond to specific queries regarding their identification of supply chain threats, mapping of suppliers, and verification processes related to supply chain risk management. Additionally, the document outlines expectations for conducting employee background checks and preventing tampering of Information and Communications Technology (ICT) inventory. It emphasizes that responses must be credible, and the government may request documentation to confirm provided details. This systematic effort aligns with federal standards outlined in NIST SP 800-53, underlining the government's initiative to enhance cybersecurity resilience within supply chains and ensure that organizations have robust risk management practices in place.
    State Department Secure Software Development Attestation Form.pdf
    The Secure Software Development Attestation Form, mandated by Executive Order 14028 and related OMB Memoranda, aims to ensure software used by federal agencies is developed securely. It outlines the obligations of software producers to attest to their compliance with established secure software development practices as outlined by NIST standards. The document specifies that software requires self-attestation if developed or significantly modified after September 14, 2022, or if it is continually updated. Exemptions apply to open-source software, federal agency-developed software, and components that are publicly available. The self-attestation form collects details about the producer and software, requiring completion by an authorized signatory, typically the CEO. The producer can choose to substantiate compliance via a third-party assessment. If a completed attestation cannot be obtained, agencies may still use the software with a documented risk mitigation plan. Compliance with these protocols supports the federal objective of enhancing cybersecurity and securing the software supply chain effectively. The process encourages accountability and regular monitoring of security practices in software development.
    Virtualization and Hybrid Cloud Infrastructure _RFI revised 12162024.pdf
    The U.S. Department of State's Bureau of Diplomatic Technology has issued a Request for Information (RFI) to assess industry capabilities for providing an enterprise hybrid cloud computing platform. The goal is to find a market-leading solution that allows for monitoring and managing virtual resources like desktops and servers, ensuring compatibility with federal security standards while being scalable and user-friendly. The RFI solicits responses detailing company background, technical capability assessments relative to outlined functional requirements, and relevant federal project experience. Required qualifications include proven commercial-off-the-shelf (COTS) products, mandatory federal security certifications, and support for a diverse range of virtualization and cloud services. The document emphasizes a zero trust security approach and requires submissions by January 6, 2025, while stipulating that this RFI does not commit the government to procuring any products or services. This initiative aims to identify capable vendors who can meet the Department's complex IT needs effectively and securely.
    Similar Opportunities
    Army Virtualization Software, Solutions, and Migration
    Active
    Dept Of Defense
    The Department of Defense, specifically the Army, is seeking information from companies regarding virtualization software, solutions, and migration services tailored to military operations in both unclassified and classified environments. The objective of this Request for Information (RFI) is to gather insights on commercial capabilities that can support the Army's unique requirements, including the ability to operate in disconnected and contested environments while ensuring U.S.-based support and data centers. Interested parties are required to provide detailed responses addressing their migration capabilities, expertise in virtualization, pricing structures, hardware requirements, and compliance with cybersecurity standards. Responses must be submitted to the designated contacts by the deadline of 15 business days after the RFI release date, with no obligation on the part of the government to award a contract based on the information provided.
    CYBERSECURITY SUPPORT IN THE INTERNATIONAL FINANCIAL SECTOR
    Active
    State, Department Of
    The Department of State is soliciting proposals for cybersecurity support services aimed at enhancing the counter-cybersecurity posture of foreign entities against threats from the Democratic People's Republic of Korea (DPRK) within the international financial sector. The procurement seeks specialized expertise to provide timely cyber incident response, consultancy, and forensic analysis, with a focus on combatting cyber theft and money laundering in cryptocurrency exchanges. This initiative is part of the U.S. government's broader commitment to international cybersecurity collaboration and compliance with sanctions against DPRK, emphasizing the need for contractors to adhere to the NIST Cybersecurity Framework and maintain personnel with active security clearances. Proposals are due by January 13, 2025, with inquiries accepted until December 3, 2024; interested parties should contact Khoa Tran at TranKD@state.gov for further information.
    Managed Attribution and Secure Remote Web Browsing
    Active
    Dept Of Defense
    The Department of Defense, through the Air Combat Command Acquisition Management and Integration Center, is seeking information from qualified vendors regarding a cloud-based solution for managed attribution and secure remote web browsing. The primary objective is to develop a scalable virtual browser that supports robust collection capabilities while ensuring the security of analytic personnel and DoD networks against adversarial threats. This initiative is crucial for the Department's efforts in countering transnational organized crime and drug trafficking, providing essential intelligence analysis services to law enforcement agencies. Interested parties must submit their responses to the Request for Information (RFI) by January 8, 2025, at 12:00 PM EST, directed to Chase Gordon at chase.gordon@us.af.mil.
    FA8307_RFI_Red_Hat_Openshift_Alternatives
    Active
    Dept Of Defense
    The Department of Defense, specifically the Department of the Air Force, is seeking information from qualified vendors regarding alternatives to the Red Hat OpenShift Platform Plus, which is currently utilized for application development and deployment. The government requires solutions that can operate across unclassified impact levels, support C++ software pipelines, and incorporate a DevSecOps approach to enhance security within development workflows. This initiative is crucial for maintaining productivity and compliance in software development processes. Interested vendors must submit their responses using the provided RFI template to the designated contacts, Geoffrey Bender and Elijah Simmons, by the specified deadline, noting that no contract awards will be made as a result of this RFI.
    Request for Information (RFI): Insider Threat Program Technical Solutions
    Active
    Justice, Department Of
    The Department of Justice (DOJ) is issuing a Request for Information (RFI) to gather insights from qualified vendors specializing in technology solutions for Insider Threat Programs. The DOJ seeks to understand vendor capabilities in areas such as artificial intelligence, user behavior analytics, and data loss prevention, with the aim of enhancing its proactive measures against insider threats that could compromise sensitive information and national security. This initiative is part of the DOJ's broader commitment to cybersecurity and threat mitigation, and interested vendors must submit their responses, including a Vendor Information Template and Technical Capabilities Matrix, by January 24, 2025. For further inquiries, vendors can contact DeChanta Vaughan or Sar McClain at ITP@usdoj.gov.
    DHS Procurement Records Management Modernization (PRM2)
    Active
    Homeland Security, Department Of
    The Department of Homeland Security (DHS) is seeking industry feedback for its Procurement Records Management Modernization (PRM2) initiative, aimed at enhancing its electronic contract filing system. The project focuses on developing a cloud-based solution that improves contract file storage, workflow, and compliance management, serving approximately 1,800 personnel across various DHS components. This modernization effort is critical for streamlining procurement operations and ensuring regulatory compliance throughout contract lifecycles. Interested parties are encouraged to submit their feedback on the Draft Request for Quote by January 8, 2025, to Breean Jaroski at Breean.Jaroski@hq.dhs.gov, with no vendor marketing materials accepted.
    Sources Sought Notice (SSN)/Request for Information (RFI) – 70SBUR25I00000009 Identity, Credentials, and Access Management - Enterprise Services 3 (ICAM-ES 3)
    Active
    Homeland Security, Department Of
    The Department of Homeland Security, specifically the U.S. Citizenship and Immigration Services (USCIS), is seeking information from small business vendors through a Sources Sought Notice (SSN)/Request for Information (RFI) regarding the Identity, Credentials, and Access Management - Enterprise Services 3 (ICAM-ES 3) program. The objective is to gather market research on technical and program management support for maintaining the USCIS ICAM enterprise IT services program, which is crucial for enhancing security, privacy, and efficiency across various systems. Interested vendors are invited to provide detailed information about their capabilities, past experiences, and relevant projects, particularly in areas such as technology integration and zero-trust implementation. Responses are due by January 17, 2025, and should be directed to Sylwia Salkic at Sylwia.Salkic@uscis.dhs.gov or Gary Whitney at gary.d.whitney@uscis.dhs.gov.
    Request for Information - USCIS Enterprise Collaboration Network (ECN)
    Active
    Homeland Security, Department Of
    The U.S. Citizenship and Immigration Services (USCIS), part of the Department of Homeland Security, is seeking information through a Request for Information (RFI) regarding its Enterprise Collaboration Network (ECN) to inform future acquisitions related to its SharePoint platform. The USCIS requires support services that encompass program management, operations and maintenance, development of new applications, and enhancements to existing applications, all while adhering to federal standards and utilizing Agile Methodology. This initiative is crucial for modernizing web technologies and improving services for approximately 30,525 users. Interested parties should submit their responses, which should not exceed six pages, by January 3, 2025, and can direct inquiries to Nicholas Hart at nicholas.a.hart@uscis.dhs.gov or by phone at 802-872-4128.
    Cloud Service Provider for Defense Retiree and Annuitant Pay System
    Active
    Dept Of Defense
    The Department of Defense, through the Defense Finance and Accounting Service (DFAS), is seeking information from qualified vendors regarding the operation and maintenance (O&M) of its IL-5 cloud infrastructure as part of its transition from a mainframe hosting environment to a commercial cloud service provider. The procurement aims to identify personnel with the necessary skills and experience to support a cloud-hosted environment, focusing on areas such as Infrastructure as Code implementation, database maintenance, server OS hosting, web server administration, and cybersecurity measures. This initiative is critical for enhancing DFAS's IT capabilities and ensuring effective management of its information systems. Interested parties must submit their responses by January 10, 2025, and can direct inquiries to Eric J. Filion at eric.j.filion.civ@mail.mil.
    RFI for USMC M&RA Information Technology Service & Support (ITSS)
    Active
    Dept Of Defense
    The Department of Defense, through the United States Marine Corps (USMC), is seeking contractor support for Information Technology Service and Support (ITSS) related to the Manpower and Reserve Affairs (M&RA) division. The primary objective is to develop and sustain software agnostic, cloud-native applications that enhance data analysis, manpower management, and compliance with security protocols, particularly through a Zero Trust strategy. This initiative is crucial for modernizing manpower information systems, ensuring operational efficiency, and protecting sensitive data in compliance with NIST and DoD cybersecurity standards. Interested vendors are invited to respond to the Request for Information (RFI) by December 23, 2024, and can direct inquiries to Monica L. Curley at monica.curley@usmc.mil or by phone at 703-781-0081.