NetOps Solution commercial Software Licensing and integration supporting services

The Army is issuing this Request for Information (RFI)/source sought announcement as a means of conducting market research to identify sources which have commercial software solutions that meet the requirements described below without delaying the Army’s current deployment plans. This market research is for identifying mature commercial software solutions and software support services including maintenance, feature improvements / enhancements, integration, testing and other technical services. This market research is for potentially procuring annual software licenses of the identified mature commercial software solutions. The Government will evaluate market information to ascertain the potential market capacity/capabilities and develop a procurement strategy for this capability.

This market research does not include hardware or vendors to develop a new software solution.

This RFI is for a Network Operations (NetOps) software platform that provides the ability to install, operate, maintain, and protect the Unified Network.  The software must provide Network Management/Enterprise Systems Management (NM/ESM), Cybersecurity, and Information Dissemination Management/Content Staging (IDM/CS) capabilities.

The Government’s requirements are for software that can provide the following capabilities:

1. Assist Soldiers with planning and design of the tactical network in a unified process that addresses mission requirements across NM/ESM, IDM/CS, and Electronic Warfare (EW)/Cybersecurity;
2. Provide integrated planning for the entire tactical network that simplifies and reduces complexity and provides the flexibility to plan adjustments to the network communications assets, services, and cybersecurity posture to ensure mission priorities are met;
3. Assist Soldiers in Primary, Alternate, Contingency and Emergency (PACE) planning at echelon to meet mission requirements;
4. Incorporate modelling and simulation into DODIN operations tasks, assisting Soldiers in more effectively preparing and executing an integrated tactical network that meets mission requirements and advising leadership of potential risks;
5. Incorporates risk modeling to identify how failure or compromise of network components, services, or mission aspect could affect mission planning and execution;
6. Leverage analytics (threat, network, device, and service), artificial intelligence/machine learning (AI/ML) to simplify network decision making and improve the performance, reliability, or security of the network;
7. Utilize AI/ML solutions to augment capabilities of network operators, streamline complex processes, data integration, and analysis to speed up operator tasks and workflows;
8. Assist Soldiers with configuring, operating, extending, maintaining, and sustaining the tactical network through conducting enterprise services management, systems management, network management, and IDM/CS functions;
9. Assist Soldiers with configuring, loading, and managing hardware and software, both locally and over the air / through the network;
10. Provide scalable, tailorable integrated Network Common Operational Picture (Net COP) with geographical and logical network views for monitoring the network, cybersecurity, service health, and situational understanding that is interoperable with command-and-control systems;
11. Simplify network decision making continuously monitoring and automatically managing and/or controlling large numbers of network devices, services, topology, traffic paths, and bandwidth;
12. Assist Soldiers with network security: ensuring the availability, confidentiality, and integrity of defined, explicitly trusted (“deny by default”) information and information systems; and denying adversaries access to the same information and information systems;
13. Assist Soldiers protect, detect, respond, and recovery activities from EW or cyber incidents (i.e., attack vector management);
14. Assist Soldiers in scanning and reporting for Information Assurance Vulnerability Alert (IAVA) compliance as well as verifying integrity, deploying, and validating the success of patches and software updates;
15. Manage cyber risk in accordance with Army Regulations (AR) 25-1 and AR 25-2.
16. All connections between components shall mutually authenticate each end of the connection and ensure that traffic is encrypted using CNSSP 15 approved cryptography (e.g., mutually authenticated Transport Layer Security (TLS);
17. Support Identity, Credential and Access Management (ICAM) services to Authenticate and Authorize Person Entities (PEs) and Non-Person Entities (NPEs);
18. Create and maintain event logs in a persistent storage such that they can be retrieved and audited by users or software;
19. Log and store DODIN operations related logs;  
20. Integrate with endpoint security solutions on the network such as Windows Defender and Elastic EndGame;
21. Support industry standard protocols to include but not limited to Kerberos, Security Assertion Markup Language (SAML), Open ID Connect (OIDC), OAuth 2.0, System for Cross-domain Identity Management (SCIM), eXtensible Access Control Markup Language (XACML), American National Standards Institute (ANSI) 449 - Next Generation Access Control;
22. Leverage Tactical Public Key Infrastructure (TPKI) for both non-person identity and TLS;
23. Provide a common look-and-feel across instances and functions through a SUI that the user interacts with DODIN operations functions;
24. Reduce the time and manual effort required to perform DODINOPS activities at both an organization-level (e.g., network planning / re-planning, unit task reorganization, response to cyber events and user-level (e.g., node operation, radio loading);
25. Employ automation to minimize menial and repetitive tasks;
26. Be intuitive and easy to use, guiding users through required tasks and helping them quickly understand what next action is required;
27. Provide user performance feedback, automatically identifying errors and prompting the user to correct;
28. Support embedded, self-guided training that supports new users with teaching themselves how to use the Capability;
29. Integrate Enterprise Service Management / Network Management (ESM/NM), Information Dissemination Management / Content Staging (IDM/CS), and Cybersecurity activities to ensure the network meets communication needs, provides required level of security, and supports commander’s objectives for Multi-Domain Operations (MDO) within the constraints of Mission, Enemy, Troops, Time, Terrain/Weather, Civil Consideration (METT-TC) and available equipment against managed elements and networks;
30. Support integrated digital exchange of DoDIN operations data for common planning, management, and security;
31. Interoperable with existing DoDIN operations applications/systems where applicable;
32. Support DoDIN operations stakeholder processes and data products (e.g., Tactical Network Initialization and Configuration (TNIC) initialization data, SATCOM Access Authorization (SAA), Gateway Access Authorization (GAA);
33. Support fully automated exchange and federation of DoDIN operations data/information with other capability instances;
34. Provide management capabilities to manage, discover, update, and provide data across echelons as needed;
35. Integrate with Unified Data Reference Architecture (UDRA) for storage and dissemination of DoDIN operations data with external systems (e.g., EW/spectrum, SATCOM support and Cyber Situational Understanding (SU));
36. Provide an integrated, interoperable, and scalable framework for the DoDIN operations capabilities;
37. Exhibit a modular approach with highly cohesive, loosely coupled, and severable modules that can be competed separately and acquired from independent vendors;
38. Allow rapid insertion of technology using Modular Open Systems Architecture that provides independent software modules, open standards between containerized microservices supporting interoperability and accelerated technology refresh when needed;
39. Exhibit an open architecture supporting the modular enhancement of the capability through components developed and integrated by third parties;
40. Exhibit an open architecture with system interfaces sharing common, widely accepted standards, with which conformance can be verified;
41. Exhibit technical architecture that adopts open standards to support openness to integrate and interoperate with external systems and components;
42. Provide application containerization that is lightweight, efficient, portable, and is consistently reliable across different computing environments;
43. Have an availability of 97% or greater;
44. Assist Soldiers with restoration within 45 minutes of experiencing failure, with an adjustable amount of user data re-entry required;
45. Be capable of achieving a Risk Management Framework (RMF) Assess-Only accreditation in accordance with Department of Defense Instruction (DoDI) 8510.01;
46. Assist Soldiers with executing DoDIN operations for a Division-worth of network assets without exceeding available compute and network (notionally <10% of network capacity) resources or otherwise impacting mission execution.  For reference, a division-worth of network assets would be ~10,000, and a brigade-worth would be ~2,500;
47. Be platform-agnostic (e.g., smartphone, tablet, laptop, servers, cloud);
48. Incorporates mission dependency models for analyzing and understanding interdependencies between different assets, systems, and information streams;
49. Be deployable in Common Operating Environments (COE) used in Army Platforms; 
50. Provide low code/no code solutions for non-technical users to quickly adapt tools and data models for rapid information integrations;
51. Assist Soldiers with DoDIN operations tasks while experiencing low capacity / intermittent packet loss / high latencies (i.e., Denied, Disrupted, Intermittent, and Limited (DDIL)), and even support DoDIN operations activities in the absence of an available network; and
52. Leverage COE Cross Cutting Capabilities (CCCs) (e.g. Unified Data, Standard Sharable Geospatial Foundation (SSGF), Universal Symbology Display – MIL-STD-2525).

Software Requirements. The vendor’s commercial software solution:

1. Must be consist of Modular Open Systems Approach (MOSA) compliant architecture;
2. Must be deployable on-premise and/or in the cloud, and across diverse environments ranging from tactical edge communications to full server-based environments;
3. Must be hardware & product agnostic;
4. Must be operationally ready to deploy;
5. Must support current, NGC2, and C2NOW architectures.
6. Must be tailorable to each unit based on their operational demands;
7. Must support the ability to specify access control rules;
8. Must support the ability to interoperate with Mission Partners; and
9. Must support all army Corps, Divisions and their subordinate units; deployments ranging from tactical edge communications to full server-based environments.

The end state is a network operations software that provides a continuously modernizing, secure, and resilient network that enables the effective conduct of Multi-Domain Operations (MDO). There is no final end state, but rather a perpetual evolution to keep pace with technology.

If your organization has a mature software solution to meet this requirement, please provide the following information via email to the POC’s identified at the bottom of this posting:

1. Entity name, UEI, address, email address, website address, telephone number, and size and type of ownership for the organization.
2. Tailored software capability statements addressing whether the software solution meets each of the software requirements listed above, with the appropriate documentation.
3. How your company will seamlessly provide and install a software solution.
4. Have you ever provided your software addressing the above requirements to the Department of Defense? If so, to whom, when, and scope of effort.
5. The Army intends to procure direct from OEM. If you provide this capability only through a reseller or if you are a reseller, provide a statement of why this is a value added to the Government.

*DISCLAIMER*  

This Request for Information (RFI)/source sought announcement is issued for planning purposes only and does not constitute an Invitation for Bid, Request for Quotation, Request for Proposal, or a commitment by the Government to procure any goods or services described herein. Responses to this announcement are for informational purposes only and will not result in any reimbursement of costs incurred by respondents. This source sought announcement does not authorize negotiations, obligate the Government to award a contract, or imply funding availability. No funds have been authorized, appropriated, or allocated in connection with this source sought announcement.