Solicitation: 36C10B20Q0262
The Contractor shall provide Strong Authentication operations, maintenance (O&M), storage, shipping, and help desk support for VA’s SAM Infrastructure (Hardware Security Module (HSM) servers, HSMs Firmware and software) as a managed service. Strong Authentication provides two-factor authentication services for IT administrative use cases and shall be leveraged to provide alternative two-factor authentication support for VA systems for which the PIV smart card is not capable of meeting. The support (SAM) servers (anything that is not the SafeNet appliances) are covered under a separate Cisco VA Enterprise License Agreement (ELA). The support servers will continue to be covered under the VA ELA. The authentication appliances and software are currently covered under a SafeNet maintenance contract. The Contractor shall be responsible for providing the maintenance of the SafeNet branded hardware and software. The Contractor shall be responsible for the installation, configuration, maintenance of the SafeNet hardware, HSM and SAM software. The VA COR shall approve or disapprove any equipment moves or replacements…
The Contractor shall ensure the SAM two-factor authentication system (for the purpose of this acquisition is also referred to as Strong Authentication) achieve and maintain 99.99% availability. The designed and deployed VA system utilizes device authentication for Windows and Apple Macintosh use cases via Active Directory certificate based authentication, and network device management and secure access to the Citrix Access Gateway (CAG) one-time-password (OTP) devices with the ACS infrastructure utilizing Remote Authentication Dial In User Service (RADIUS). To support the 6 use cases, the VA currently have over 30,000 SafeNet eToken, 6100 Universal Serial Bus (USB), certified to Federal Information Processing Standards (FIPS) 140-2 Level 3, and close to 7,000 SafeNet OTP devices. These were distributed to Windows/Macintosh and network administrators. In some use cases, a user may have more than one USB device and may have both USB and OTP authentication devices…
