Next phase of Security LOB may include SmartBuy deal

A working group developing the Security Line of Business wants to develop an enterprise software agreement under the SmartBuy program to help agencies implement three capabilities in the areas of situational awareness and incident reporting.

A LOB working group of 35 agencies is developing the common governmentwide technical requirements for baseline configuration testing, vulnerability assessments and network mapping and discovery tools, which eventually will become part of the SmartBuy program, said John DiLuna, a SRA/Touchstone project manager who works for the Security LOB.

In a recent survey by the developers of the LOB, agencies said these three -- along with anti spy ware and anti-virus -- were the areas they were most interested in and would implement in the next year or so, DiLuna said during a conference on the core desktop standard sponsored by the National Institute of Standards and Technology.

A SmartBuy contract already exists for anti-spy ware and anti-virus with vendors including McAfee and Xacta.

“Within the technical requirements, the working group insisted that vendors make Secure Content Automation Protocol validated products for these functions,” DiLuna said. “The LOB will work with NIST to ensure the tools align with their processes.”

DiLuna added that he would expect a blanket purchase agreement in place by late summer.

In addition to these areas, DiLuna said the LOB's developers are starting to consider options for how agencies could obtain other situational awareness and  incident reporting services, including forensics, penetration testing, security information management and data flow analysis. In the survey,agencies had a less than immediate need for these four functions.


He said going to a shared service center concept is an option for some of these.

“These four are highly specialized or carry a high carrying cost because they are used intermittently,” DiLuna said. "They also may not be used or bought by small agencies."

These tools may not be available until fiscal 2009, according to the Security LOB project timeline.

The LOB also kicked off a working group around the Trusted Internet Connections initiative. It will consider how to help agencies meet the June 30 deadline to reduce the number of Internet gateways across government.

Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.