Search Contract Opportunities

Cloud-Based Internet Isolation (CBII) Service

ID: DISA-RFI-25-R-CBII • Type: Sources Sought

Description

Posted: Oct. 30, 2024, 2:59 p.m. EDT

**Amendment 02 extends the RFI response due date to Wednesday, November 6, 2024.**

**Amendment 01 (AMD 01) provides Government responses to questions received from industry.**

THIS NOTICE IS NOT A REQUEST FOR PROPOSAL. This Request for Information (RFI) is for information and planning purposes only. The Government is conducting market research to improve its acquisition strategy and determine the availability and adequacy of potential sources in providing the capabilities to meet the requirements of the Government.

DISA, in support of the DoD, is seeking information from commercial vendors and integrators that can provide a managed, cloud-based, web browser isolation service that will isolate, contain, and render all non-government websites (.com, .net, etc.) in a secured cloud platform. This cloud environment will be configured to offload non-mission essential, commercial traffic, which will declutter DoD networks and provide enhanced cyber security protections by removing potentially malicious websites and source code rendering to a cloud-based, isolation chamber. The managed service must be hosted in a secured, cloud environment that is quickly accessible anywhere and at any time in the world.

DISA seeks information on a managed service that can deploy a Cloud Based Internet Isolation (CBII) solution that handles non-mission essential, commercial web traffic and browsing sessions for 3.4 to 3.6 million Non-classified Internet Protocol Router Network (NIPRNET) DoD users in a secured, cloud environment.

CBII services will reduce the bandwidth and cybersecurity risks associated with utilizing the internet browser on the Department of Defense Information Networks (DODIN). CBII will secure the Department's data and networks by taking an end users' (i.e., non-.mil/non-.gov) internet browsing off the endpoint (i.e., DoDIN) and isolating it within a cloud environment.

The proposed solution must include technologies that can detect the nature of Malicious Cyber Activity (MAC) and attacks, provide immediate, automated threat mitigations in real time against these threats, and capture threat analytics that can be reviewed by cyber protection teams

Posted: Oct. 25, 2024, 9:33 a.m. EDT
Posted: Oct. 22, 2024, 10:22 a.m. EDT
Posted: Oct. 16, 2024, 12:00 p.m. EDT
Background
The Defense Information Systems Agency (DISA), in support of the Department of Defense (DoD), is conducting market research to improve its acquisition strategy and determine the availability and adequacy of potential sources for a managed, cloud-based web browser isolation service.

The goal is to isolate, contain, and render all non-government websites in a secured cloud platform to declutter DoD networks and enhance cybersecurity protections.

Work Details
The Cloud-Based Internet Isolation (CBII) service must provide capabilities including:
- Destination-based whitelisting and blacklisting.
- Web content filtering, site categorization, and risk assessment.
- Malware scanning and sandboxing.
- Data loss prevention and web isolation within a secured container.
- The ability to send user internet activity to a cloud-based vendor solution external to the DoDIN.
- Isolation of all internet code execution in the vendor's accredited cloud environment.
- Configuration to block access to malicious websites.
- Support for data encryption between the user endpoint and system host.
- Multi-tenancy capabilities allowing individual DoD components to apply policies.
- Logging of all web requests tied to specific users from authentication through session end.
- Capabilities for detecting, preventing, responding to, and reporting malicious activities such as code injection, denial of service attacks, and unauthorized traffic flows.

Place of Performance
DISA Headquarters, 6910 Cooper Avenue, Fort Meade, Maryland 20755.
Show All

Overview

Agency
Defense Information Systems Agency (DISA) [DoD]
Response Deadline
Nov. 6, 2024, 6:00 p.m. EST (original: Nov. 4, 2024, 4:00 p.m. EST) Past Due
Posted
Oct. 16, 2024, 12:00 p.m. EDT (updated: Oct. 30, 2024, 2:59 p.m. EDT)
Set Aside
None
NAICS
541519 - Other Computer Related Services
PSC
DA01 - IT And Telecom - Business Application/Application Development Support Services (Labor)
Place of Performance
Fort George G Meade, MD 20755 United States
Source
SAM
Current SBA Size Standard
$34 Million
Pricing
Likely Fixed Price
Est. Level of Competition
Low
Odds of Award
15%
On 10/16/24 Defense Information Systems Agency issued Sources Sought DISA-RFI-25-R-CBII for Cloud-Based Internet Isolation (CBII) Service due 11/6/24. The opportunity was issued full & open with NAICS 541519 and PSC DA01.
Primary Contact
Name
Vanessa McCollum   Profile
Email
disa.scott.ditco.mbx.ps84-other-transaction-authority@mail.mil
Phone
None

Secondary Contact

Name
Amber Lindauer   Profile
Email
disa.scott.ditco.mbx.ps84-other-transaction-authority@mail.mil
Phone
None

Documents

Posted documents for Sources Sought DISA-RFI-25-R-CBII

Question & Answer

Incumbent or Similar Awards

Contracts Similar to Sources Sought DISA-RFI-25-R-CBII

Potential Bidders and Partners

Awardees that have won contracts similar to Sources Sought DISA-RFI-25-R-CBII

Similar Active Opportunities

Open contract opportunities similar to Sources Sought DISA-RFI-25-R-CBII

Additional Details

Source Agency Hierarchy
DEPT OF DEFENSE > DEFENSE INFORMATION SYSTEMS AGENCY (DISA) > IT CONTRACTING DIVISION - PL84
FPDS Organization Code
97AK-HC1084
Source Organization Code
500018349
Last Updated
Nov. 21, 2024
Last Updated By
amber.d.lindauer.civ@mail.mil
Archive Date
Nov. 21, 2024