Next phase of Security LOB may include SmartBuy deal

A working group developing the Security Line of Business wants to develop an enterprise software agreement under the SmartBuy program to help agencies implement three capabilities in the areas of situational awareness and incident reporting.

A LOB working group of 35 agencies is developing the common governmentwide technical requirements for baseline configuration testing, vulnerability assessments and network mapping and discovery tools, which eventually will become part of the SmartBuy program, said John DiLuna, a SRA/Touchstone project manager who works for the Security LOB.

In a recent survey by the developers of the LOB, agencies said these three -- along with anti spy ware and anti-virus -- were the areas they were most interested in and would implement in the next year or so, DiLuna said during a conference on the core desktop standard sponsored by the National Institute of Standards and Technology.

A SmartBuy contract already exists for anti-spy ware and anti-virus with vendors including McAfee and Xacta.

“Within the technical requirements, the working group insisted that vendors make Secure Content Automation Protocol validated products for these functions,” DiLuna said. “The LOB will work with NIST to ensure the tools align with their processes.”

DiLuna added that he would expect a blanket purchase agreement in place by late summer.

In addition to these areas, DiLuna said the LOB's developers are starting to consider options for how agencies could obtain other situational awareness and  incident reporting services, including forensics, penetration testing, security information management and data flow analysis. In the survey,agencies had a less than immediate need for these four functions.


He said going to a shared service center concept is an option for some of these.

“These four are highly specialized or carry a high carrying cost because they are used intermittently,” DiLuna said. "They also may not be used or bought by small agencies."

These tools may not be available until fiscal 2009, according to the Security LOB project timeline.

The LOB also kicked off a working group around the Trusted Internet Connections initiative. It will consider how to help agencies meet the June 30 deadline to reduce the number of Internet gateways across government.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.