Accessibility Information

Users of assistive technologies such as screen readers should use the following link to activate Accessibility Mode before continuing: Learn more and Activate accessibility mode.

Request for Information: IT Enterprise Infrastructure Support Services

Solicitation Number: AA13INF046
Agency: Department of Homeland Security
Office: Transportation Security Administration
Location: Headquarters TSA
  • Print
:
AA13INF046
:
Sources Sought
:
Added: Sep 20, 2013 10:05 am Modified: Oct 18, 2013 9:16 amTrack Changes
As a result of the partial Government shutdown between 1 October 2013 and 16 October 2013, the due date for responses to this Notice has been extended from 4 October 2013 to 24 October 2013.  Vendors who have already provided the Government with a response, may at their discretion, choose to re-submit prior to the modified closing date.

1. Introduction

The Transportation Security Administration (TSA), a component of the Department of Homeland Security (DHS) is responsible for protecting the Nation's transportation systems to ensure freedom of movement for people and commerce. These statutory responsibilities encompass providing the most effective transportation security in the most efficient way possible as a high performing counterterrorism organization. To enhance mission performance and achieve its shared goals, TSA is committed to promoting a culture founded on integrity, innovation, and team spirit.


To this end, TSA requires Information Technology (IT) enterprise infrastructure support services capable of supporting the operational requirements of the agency and communications with the general public and other governmental organizations.


1.1 Purpose


Through this Sources Sought/Request for Information (RFI), TSA is seeking information related to industry capabilities, best practices, technology trends, and specific information relating to managed Enterprise IT Services and other innovative end-to-end IT service delivery models.


Any information provided will only be used to inform TSA of the opportunities that may be available through a managed service model or other innovative IT service delivery models. Responses should include the technical pros, cons, risks, business models used, and the customer base supported via an IT service delivery model. In addition, information related to Managed Service delivery model Service Level Agreements (SLAs) and best practices for continuous improvement of IT infrastructure and operations is also requested.


1.2 Background and Overview


TSA's IT infrastructure and customers are currently supported by the IT Infrastructure Program (ITIP) contract. TSA's IT infrastructure includes a full range of services and solutions necessary to support the TSA mission. Additionally, included is support to analyze requirements, develop and implement recommended solutions, and the capability to operate and maintain legacy systems, and equipment.


TSA supports approximately 60,000 employees at various locations, including TSA Headquarters in Arlington, VA; approximately 550 airports and Federal Security Director (FSD) offices; international support sites; and numerous other mission critical centers and locations.


Approximately 85 percent of TSA users are a combination of Transportation Security Officers (TSOs) and Federal Law Enforcement Officers (LEOs), while other TSA staff includes TSA HQ employees and field security operations management and administrative support personnel.


2. Scope of This RFI


TSA is currently exploring alternate models of IT service management. Responses to this RFI are not limited to the managed services approach. Specifically TSA is seeking information about: the managed services approach and other innovative IT service delivery models; SLAs; introduction, adoption and integration of emerging technologies; Enterprise Architecture (EA) frameworks; and best practices. The sought information pertains to the following areas of interest:


• Innovative IT service delivery models: The proactive delivery of service operations in an IT environment by a third party on behalf of a customer with a cost effective support model such a managed services or operations and maintenance service models.
• Service Level Agreements (SLAs): SLAs related to the proposed service delivery model, preferably SMART (specific, measurable, attainable, relevant, time-bound), and metrics are required from both provider and end-user perspectives. Qualitative, as well as quantitative, SLAs/OLAs, metrics, and standards are anticipated.
• Introduction, adoption and integration of emerging technologies: Includes the onboarding of emerging technologies and services; modernizing or sunsetting of legacy IT systems infrastructure; transitioning to "X as a Service" (XaaS ) (to include transitioning to DHS or another government agency as a service provider) and embracing cloud computing.
• EA frameworks: Industry recognized and recommended EA frameworks for IT service delivery, (e.g., COBIT , ISO/IEC 2000 , IT Infrastructure Library (ITIL) , etc.) and any enterprise architecture framework employed (e.g., DoD Architecture Framework (DODAF) , The Open Group Architecture Framework (TOGAF) ), as reference models.
• Best practices: Any additional IT methods or techniques that have consistently shown results superior to those achieved with other techniques to deliver cost-efficient, mission focused, customer-centric IT services, as demonstrated by experience.


3. Information Requested


TSA seeks information from the IT industry to ensure that its future solicitations regarding the acquisition of enterprise IT services, definitions of objectives and requirements, related performance metrics, and terms are clear, reasonable, and understood. A primary objective is to determine the most desirable and logical approach for moving forward in a manner that enables TSA to continuously transform the IT infrastructure that supports optimization and modernization from a mission, technical, financial and environmental perspective. Additional objectives of this RFI are to:


• Explore the technical solutions available in the marketplace to meet organizational needs and improve the effectiveness of IT operations and maintenance
• Explore innovative IT solutions in the identified areas that the agency could benefit
• Assess industry capabilities to meet TSA's mission needs
• Allow vendors an opportunity to respond to questions in this RFI to assist TSA in determining the appropriate acquisition strategy


Respondents are encouraged to provide information for any service(s), and may provide information to any number of the questions. The respondent is not required to provide a response to all of the questions. Specific questions for individual services are delineated in Section 4.


4. Enterprise IT Services Questions


4.1 Managed services and other innovative IT service delivery models


• How does the managed service model or innovative IT service delivery model address the operations, maintenance, and management (e.g. device health monitoring, signature updates, patch and firmware upgrades, etc.) of the enterprise and network security devices (e.g. Servers, routers, switches, IDS, firewalls, log/event collectors, SIEM's, proxies, etc.) ?
• How does the managed service model or innovative IT service delivery model address on-site support for local, remote, field, and international locations?
• In relation to the managed service or innovative IT service delivery model, what are the IT infrastructure monitoring parameters and reporting frequencies for each?
• How does the managed service or innovative service delivery model address the potential for the migration of Level I infrastructure (ping, power, and pipe) to a Level II data center management model (data center provider manages the infrastructure up to and including the operating system) or to a Level III (data center provider manages the infrastructure up to and including complete application support)?
• How does the managed service model or innovative IT service model manage external partners in an end-to-end solution where multiple vendors cross boundaries?
• How does the managed service or innovative service delivery model address the integration and adoption of an enterprise-wide unified communications (voice, video, and instant messaging) and collaboration environment in a multi-vendor and product environment?
• How does the managed service model or innovative IT service delivery model address numerous infrastructure environments (Development and Test, Integration and Test, and Production)?
• How does the managed service model or innovative IT service delivery model address cyber-security incident response, remediation, mitigation, and sanitization?
• How does the managed service model or innovative IT service delivery model address the integration of continuous vulnerability and risk monitoring across the IT enterprise?


4.2 Service Level Agreements (SLAs)


• What are leading industry standard SLAs and supporting Key Performance Parameters (KPPs) for managed services or proposed innovative IT service delivery model?
• Provide examples of SLAs and supporting KPPs, based on managed services approach or innovative IT service delivery model in the area of Incident Management and Service Restoration to include Incident Escalation during high impact outages.
• What are the industry standards for availability SLAs and supporting KPPs for Mission Essential Systems (i.e. e-mail, collaboration tools, and mobile computing)?


4.3 Introduction, adoption and integration of emerging technologies


• How does the managed service model or innovative IT service delivery model address "Data Classification or Data Categorization" as it applies to the "Hybrid Enterprise" and "Big Data"?
• How does the managed service model or innovative IT service delivery model address the onboarding of emerging technologies and services; modernizing or sunsetting of legacy IT systems infrastructure; transitioning to XaaS (include transitioning to DHS or another government agency as a service provider) and embracing cloud computing?
• How does the managed service model or innovative IT service delivery model address the potential for Bring Your Own Device (BYOD)?
• How does the managed service model or innovative IT service delivery model address Mobile Device Management (MDM)?
• How does the managed service model or innovative IT service delivery model address continually improving network architectures?
• How does the managed service model or innovative IT service delivery model address the trend of de-perimeterization of the IT enterprise due to the increasing adoption of XaaS, BYOD, and cloud computing?


4.4 Recommended EA frameworks


• How do the recommended frameworks enhance the delivery of the services to the customer?
• How does the recommended EA framework increase the agility and flexibility of IT managed services?
• How does the recommended EA framework fulfill federal and DHS statutory and regulatory requirements?


4.5 Best practices


• What are the best practices for the migration or movement of data to the appropriate compute resource that has been Classified/Categorized as it applies to the "Hybrid Enterprise" and "Big Data"?
• What are the best practices for Incident Management and appropriate Escalation (especially for high impacting outages), as well as Service Restoration?
• What are the best practices/guidelines for a fully-managed, automated monitoring, alerting and management of IT infrastructure in a multi-vendor services delivery model?
• What are the best practices for integrating Help Desk capabilities with that of an external provider, i.e. XaaS?


5. Respondent Information


Respondents must provide the following vendor profile information:


•Company name
•Company address
•Company website URL
•Company point of contact (name, telephone number, and email address)
•Business type (large business, small business, small disadvantaged business, 8(a)-certified small disadvantaged business, etc.)


6. RFI Response Criteria


This RFI does not constitute a Request for Proposal (RFP). This RFI is issued for information and planning purposes only and does not constitute a solicitation. TSA will NOT make an award of a contract on the basis of this RFI or otherwise pay for information received in response to this RFI. Do not provide proprietary information. Responses to this RFI will not be returned nor will the Government confirm receipt of the RFI response.
The RFI responses should be in a White Paper format limited to 25 pages exclusive of the company capability statement. The response shall be prepared in a Microsoft Word 2010 compatible format, using 12pt font, 1" margins, and 8.5" x 11" document.


Responses to this RFI are due no later than October 24, 2013 at 1600 ET. Responses will be accepted only if delivered by overnight delivery and contained in either a CD or thumb drive. No other format will be accepted.


Responses shall be sent to the attention of:


Michael Moran
Transportation Security Administration
601 S. 12th Street
Arlington, VA 20590-6025


If there are additional recommendations or approaches not covered in the scope of this RFI, please submit as a separate response. All additional recommendations should be provided in a document no longer than five pages and shall be submitted at the same time and in the same manner as the responses to the RFI.


TSA will not take telephone calls regarding this RFI.
Respondents are further encouraged to provide a brief company capability statement of no more than two (2) pages which includes the company size information and a list of similar endeavors. A brief summary of the organization's specific experience providing large scale infrastructure support services to geographically-disbursed user base.


TSA reserves the right to interview respondents for further inquiries in regards to this RFI.

:
601 S. 12th Street
TSA-25, 10th Floor
Arlington, Virginia 20598
United States
:
701 S. 12th Street

Arlington, Virginia 20590
United States
: