From FIDNet to AIDC
- By Diane Frank
- Oct 02, 2000
Major milestones in the General Services Administration's effort to build
an intrusion-detection system for federal information systems.
May 1999: GSA, the Critical Infrastructure Assurance Office and the
National Infrastructure Protection Center begin developing a governmentwide
intrusion-detection warnings and response center called the Federal Intrusion
Detection Network (FIDNet).
June 1999: GSA issues a request for information to industry on "next-
generation" intrusion-detection technologies for FIDNet.
July 1999: A draft of the National Plan for Information Systems Protection,
which includes a section on FIDNet, is leaked to the press. The New York
Times writes an article reporting that the program, through the FBI, will
monitor private-sector systems, a fact that government security officials
deny. Congress and privacy advocates write letters to the Clinton administration
citing privacy concerns and calling for FIDNet to be suspended. Congressional
committee leaders hold hearings calling for more information on the program.
01/2000: President Clinton releases the National Plan for Information
Systems Protection, including an updated explanation of FIDNet and a discussion
of privacy concerns. The release includes a request for $10 million in supplemental
funds for GSA to develop FIDNet.
February 2000: The administration's fiscal 2001 budget is released.
The overall security funding request totals more than $2 billion, in addition
to a request for FIDNet funding.
March 2000: Still waiting for funding, GSA starts working with security
vendors on the technical aspects of FIDNet.
June 2000: GSA releases a draft request for proposal for FIDNet. Based
on vendor responses, GSA decides to abandon FIDNet to pursue commercial
managed security services.
September 2000: GSA releases a draft RFP for the Enhanced Intrusion
Detection Capability (later changed to Automated Intrusion Detection Capability)
to support the governmentwide cyberincident correlation system and replace
the FIDNet program.