Federal contract opportunity SB1341-14-SU-0072 for software publishers at National Institute of Standards and Technology (NIST) Acquisition Management Division, response was due Jan 3, 2014.

Solicitation Number
Contract Number(s)
None listed
Additional Info Link
None listed
No Set-Aside Used
Synopses View

The National Institute of Standards and Technology (NIST) intends to award on a brand name basis under the authority of FAR 13.106-1(b)(1) to Computer Security Consulting Inc. (CSCI) of 17481 Oak forest Drive, Mabelvale, Arizona 72103-4514 US to obtain NGGSQuirrel Software Licenses for the National Institute of Standards and Technology (NIST)Division 181, Information Technology Laboratory, located in Gaithersburg, MD. The resulting purchase order will be a firm fixe priced award purchase order.

NGGSQuirrel Software package requirements
This procurement is for the renewal of the NGS SQuirreL product for the Assessment & Authorization (A&A) team to perform automated secure configuration testing. The product provides FISMA compliance auditing and reporting as required by OMB and NIST. The product also provides the ability to generate lockdown scripts for Oracle and Microsoft SQL database servers. The license also allows administrators to quickly and easily remedy vulnerabilities found while auditing. The product interfaces one to one with existing Department of Commerce database vulnerability scanning processes and product provides strong integration with existing NIST security products, while supporting the needed range of databases. The capabilities of the system will improve the efficient and effective management of the Assessment & Authorization testing processes.

• FISMA Compliance Auditing and Reporting: a product that will allow NIST to perform secure configuration audits and generate reports in the format required by OMB and NIST for Oracle and MS SQL databases.
• A product with the ability to create lockdown scripts for Oracle and MS SQL database servers. When vulnerabilities are discovered, a lockdown script can be generated to allow system administrators to patch servers quickly to remediate those vulnerabilities.
• A product with ongoing support to provide updates with the latest known vulnerabilities.
• A product that provides a one to one interface to existing Department of Commerce database vulnerability scanning processes.
• A product that can work within NIST's existing vulnerability scanning process.
• A product with and easy to use and intuitive interface.

The NAICS Code is 511210 with a size standard of $25 Million

No solicitation package will be issued. This notice of intent is not a request for quotations. However, responses received will be considered by the Government.
The Justification for Other Than Full and Open Competition is attached.



Package File Description
NIST 492 NIST_492_Complete.pdf JFOC
Place of Performance