The current initiative calls for:
• NIPRNet access via Common
Access Card ([CAC], 5 volt) and SIPRNet access via Smart Card (SIPRNet
Token, 3.5 volt) access on from any AF base (NIPRNet/SIPRNet) or through
any data network (NIPRNet) via compatibility with all applicable and
approved DoD/NSA Smart Card Readers as well as username/password
•
Must support up to 1,000,000 users on NIPRNet across the globe at 100+
bases Guard, Reserve, and recruiter locations (~400 total including
previous bullet)
• Must support up to 220,000 users on SIPRNet across the globe at 100+ bases
• Must also support various Guard, Reserve, and recruiter locations (~400 total including previous bullet)
• Must support up to 700,000 concurrent users on NIPRNet
• Must support up to 75,000 concurrent users on SIPRNet
• Persistent storage of user profile information (e.g., e-mail settings, printer settings, user documents, internet favorites)
• Clean desktop presented to user each time they log in
• Management of master image at the enterprise level
• Highly available pool of virtual desktops (24/7/365 usage for some portion of systems at each base)
•
Following master image updates, individual pool of virtual desktops
refreshed with updates within 30 minutes of selecting it to be updated
• Anti-virus integrated, but without causing input/output operations per second (IOPS) storms
• Disconnected operations capability for portion of users from each base
• Ability to utilize existing desktop systems (fat clients) until hardware can be tech refreshed with zero client
•
Ability to stream individual applications (e.g., standard desktop
configuration-based applications as well as custom apps such as command
and control systems) based on users' security groups
• Ability to use existing building network infrastructure at user location
• Capacity planning tool utilization at each base prior to roll out of solution for those users
•
Support unified communications through
video/messaging/voice/presence/collaboration, including the ability to
run Defense Connect Online (DCO)
• User experience at least as good
as current desktop fat-client system for any/all applications being used
for at least 80% of the user base
• Support a pilot roll-out with 9000 users on NIPRNet and 6200 users on SIPRNet at Scott AFB IL
• Training for AF/Government personnel to manage all aspects of the enterprise
• Device should allow for separate USB port management
• Device management suite to allow control/upgrades/etc. to be performed at the enterprise level
•
Significant transport layer delay not acceptable, possibly introducing
the need for virtual desktop servers at each base, yet managed at the
enterprise level
• Capability should be device agnostic supporting commercial mobile devices (NIPRNet only requirement)
• Support telework
• Compliant with Unified Capability 2008 Rev 3 (http://www.disa.mil/_large_files/DOD_UCR_2008_Change_3.pdf) and future revisions
Submissions should answer the following questions:
Overall:
1. How does the vendor's capability/concept support the AF goal/vision for the effort?
2. How well does your solution scale?
3.
Does the proposed capability/concept rely on any proprietary standards
to meet any of the Air Force's or Department of Defense's requirements?
4. Can your concept be remotely administered?
5. How does the proposed concept manage/support disaster recovery?
•
Can the solution/concept support Full, Differential, and Incremental
back-ups directly to an off-site location? An on-site location?
• Can the solution/concept support automated client/server back-ups?
6. What fault tolerance measures are utilized/supported by the proposed solution?
• RAID levels, redundant power supplies, etc.
7. How much bandwidth does your capability typically use?
8. What other vendors are you partnered with and support the proposed solution?
9. What type of Active Directory architecture changes would need to be made to implement your solution?
10. How does your solution support port security through DoD and AF PKI certificate-based 802.1x?
11. What features whether listed above or not, are in development and will be available in future releases.
• Describe in detail.
• What standards are the features based on?
• Is the proposed technology proprietary?
12. How many monitors does your environment support off of one desktop system (fat/thin/zero)?
13. Does your solution support commercial mobile devices, like iPads, smart phones, Android tablets, etc.?
14. Does your solution support wireless (e.g., 801.11G, N)?
15. What is the typical/peak bandwidth utilization per client/server?
16.
Discuss your system's resilience in degraded network conditions on both
the near and far ends and how it presents degradation in its logs.
17. Discuss what networking infrastructure is required and/or recommended to support the environment and why.
18.
Discuss how your solution would work with security identifiers (SID)
and global unique identifiers (GUID) in Active Directory. An enterprise
solution of this size requires the ability to re-use these to avoid
running out.
Cost of Ownership:
19. What is the general
projected Total Cost of Ownership (TCO)? Please provide a generic
commercial cost of hardware/software investment needed to stand up a
solution for users across multiple bases and the recurring annual
cost(s). Also address associated training costs.
20. What equipment
will be required to fulfill the solution? How does the solution use
existing equipment? Is any of the equipment proprietary?
Security:
21. Does the solution for NIPRNet support Common Access Card (CAC) and DoD Public Key Infrastructure?
22. What ports and protocols does the proposed solution/concept use?
23. What measures/mechanisms are used to ensure data is accessible to authorized individuals/systems?
24. Does the solution for SIPRNet support the SIPRNet Token and DoD Public Key Infrastructure (PKI)?
25.
Describe how the solution addresses Network Access Protection (NAP) and
Network Access Control (NAC) considerations in an environment that
includes mixed clients.
26. What capabilities does the solution provide for containing viruses and malicious code?
27.
What capabilities does the solution provide to deal with a Classified
Message Incident (CMI) or other event where information of a higher
classification is found where it should not be? For example, SECRET info
on the NIPRNet servers; Top Secret or Secure Compartmented Information
info on the SECRET systems.
System Administration:
28. What is the expected administrator to user ratio?
29.
Explain how the solution load balances resources and ensures high
availability/continuity of operations during high periods of high volume
usage and outages? Are there any critical points of failure and what
are mitigating actions?
30. How is the solution managed over a WAN? -
Consider an enterprise that serves hundreds of thousands of users in
many countries and in many autonomous systems.
31. How will the
solution automatically and securely accept and apply centrally
(AFNETOPS) pushed patches and upgrades? Will manual processes be
required to apply patches?
Environment:
32. How does the solution scale over an enterprise?
Does it operate over a Wide Area Network (WAN)? What is the largest
deployment you have accomplished with your proposed solution?
33.
What are the infrastructure requirements for local area networks (LANs),
metropolitan area networks (MANs) and WANs? What limitations, if any,
exist for each case?
34. What are the physical server space requirements per user? What about power and cooling requirements?
35.
What actions are required by the AF to prepare our environment
(storage, user profile changes, email applications) to ensure successful
implementation of your product?
36. If there will be multiple server
sites, how will sites back-up each other in case of disaster? For
example, if servers at base A go down, users would be diverted to
servers at base B.
Data Backup and Recovery:
37. What kind of data backup method is used?
Business Case:
38. From a business case perspective, how does your
product improve operations for your customers? What kinds of returns do
they see?
39. Can you provide positive examples of the benefits resulting from adoption on your solution?
40. What has been the impact on performance and security for customers switching to your technology?
41. Can you provide examples of savings reported by your customers resulting from decreased system management/support costs?
42.
Can you provide examples of total cost of ownership savings reported by
your customers as a resulting of implementing your solution?
43. Has
or can your product provide benefit to users working in a multi-domain
security environment? Has its use been evaluated/accredited in such an
environment?