Upload
voduong
View
214
Download
0
Embed Size (px)
Citation preview
Naval Enterprise Networks (NEN) Transport Services (TXS) Performance Work Statement (PWS)
NEXT GENERATION ENTERPRISE NETWORK PROGRAM
PERFORMANCE WORK STATEMENT
Version: C.02
DATE: 30 September 2011
Program Executive Office Enterprise Information Systems
Program Manager, Naval Enterprise Networks
1325 10th Street, SE, Suite 301
Washington, DC 20374
This document includes technical data for which the Department of the Navy possesses
Government Purpose Rights and should not be disclosed outside the Government except to
entities, which have executed the Defense Federal Acquisition Regulation Supplement Part 227
non-disclosure agreement and handled in accordance with the terms of such agreement.
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
i
Revision History
DOCUMENT HISTORY
VERSION DATE DESCRIPTION
1.0 23 DEC 2010 Signed NGEN Transport Services PWS
1.01 18 MAR 2011 Review of the NGEN Transport Services PWS with PEO EIS Procuring Contracting
Officer (PCO)
1.02 17MAY 2011 Modification of PWS to Option 3 and Review of the NGEN Transport Services
PWS with PEO EIS PCO
1.03 27 JUN 2011 Acquisition Concept Release 1 to Stakeholders
1.04 30 JUN 2011 Acquisition Concept Release 1 to Industry
1.05 24 JUL 2011 Acquisition Concept Release 2 to Stakeholders
1.06 29 JUL 2011 Acquisition Concept Release 2 to Industry
C.01 23 SEP 2011 Draft RFP Release to Stakeholders
C.02 30 SEP 2011 Draft RFP Release to Industry
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
ii
Document Approval
Shawn P. Hendricks
Captain, U. S. Navy
Program Manager, PMW-205
Naval Enterprise Networks
Date
APPROVED
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
iii
Table of Contents
1. INTRODUCTION .............................................................................................................. 1
1.1 DON Management Domain ............................................................................................. 2
1.1.1 Navy Management Domain ...................................................................................... 2
1.1.2 Marine Corps Management Domain ........................................................................ 2
1.2 NGEN Operating Models ................................................................................................ 3
1.2.1 Navy Operating Model ............................................................................................. 3
1.2.1.1 Fleet Cyber Command (FLTCYBERCOM) / Tenth Fleet (TENTHFLT) ........ 3
1.2.1.2 Naval Network Warfare Command ................................................................... 4
1.2.1.3 Navy Cyber Defense Operations Command (NCDOC) .................................... 5
1.2.1.4 Naval Computer and Telecommunications Area Master Stations (NCTAMS) / Regional Network Operations and Security Centers (RNOSC) .......................................... 6
1.2.1.5 Customer Technical Representatives (CTR) ..................................................... 8
1.2.2 Marine Corps Operating Model ............................................................................... 8
1.2.2.1 Marine Corps Network Operations Security Center (MCNOSC) ................... 10
1.2.2.2 Regional Network Operation and Security Centers (RNOSCs) ...................... 10
1.2.2.3 Marine Air Ground Task Force (MAGTF) IT Support Centers (MITSCs) .... 11
1.2.2.4 Major Subordinate Command (MSC) – Base-Post-Stations ........................... 12
2. REFERENCE DOCUMENTS .......................................................................................... 12
3. NAVY REQUIREMENTS ............................................................................................... 19
3.1 Scope .............................................................................................................................. 19
3.2 Program Management .................................................................................................... 22
3.2.1 Quality Management .............................................................................................. 23
3.2.2 NGEN Performance Management .......................................................................... 24
3.2.3 Governance Boards ................................................................................................ 26
3.2.4 In-Progress Reviews (IPR) ..................................................................................... 30
3.2.5 NGEN Risk Management ....................................................................................... 31
3.3 Services Portfolio ........................................................................................................... 31
3.3.1 Engineering Design and Support Services (EDSS) ................................................ 31
3.3.1.1 Systems Engineering Technical Review (SETR) Process ............................... 34
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
iv
3.3.1.1.1 SETR – Beginning of Contract Execution ..................................................... 34
3.3.1.1.2 SETR – Post Transition ................................................................................... 36
3.3.1.2 Core Build Contents Services .......................................................................... 36
3.3.1.3 Computer-Electronic Accommodations Program (CAP) ................................ 39
3.3.1.4 Modernization and Technology Refresh ......................................................... 39
3.3.1.5 Navy Enterprise Portal (NEP) ......................................................................... 42
3.3.2 Enterprise Operations Services .............................................................................. 42
3.3.2.1 Network Operations Center (NOC) Services .................................................. 43
3.3.2.2 Security Operations Center (SOC) Services .................................................... 45
3.3.2.3 Service Order Management ............................................................................. 46
3.3.2.3.1 Ordering Tool Interface .................................................................................. 46
3.3.2.3.2 Order to Delivery (OTD) ................................................................................ 47
3.3.3 Application Hosting Services (AHS) ..................................................................... 47
3.3.3.1 AHS at a Commercial Facility......................................................................... 48
3.3.4 Directory Services .................................................................................................. 48
3.3.5 Cross Domain Security (CDS) Services ................................................................. 51
3.3.6 Security Configuration and Management Services ................................................ 52
3.3.6.1 Security Operations Center (SOC) Services .................................................... 55
3.3.6.2 Data at Rest (DAR) Services ........................................................................... 57
3.3.6.3 Network Cryptography Services ..................................................................... 58
3.3.7 Boundary, Demilitarized Zone (DMZ), and Communities of Interest (COI) Services 59
3.3.7.1 External Network Interface Services ............................................................... 61
3.3.7.2 Maritime Operations Center (MOC) and Command and Control (C2) Services 62
3.3.7.3 Demilitarized Zone (DMZ) Services ............................................................... 62
3.3.7.4 Deployable Site Transport Boundary (DSTB) Services .................................. 64
3.3.8 Malware Detection and Protection Services .......................................................... 64
3.3.9 Security Event Management (SEM) Services ........................................................ 66
3.3.9.1 Intrusion Management Services ...................................................................... 66
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
v
3.3.9.2 Security Incident Handling Services ............................................................... 68
3.3.9.3 Audit and Accountability Services .................................................................. 69
3.3.10 Security and IT Certification and Accreditation (C&A) Services.......................... 69
3.3.11 Authentication and Authorization Services ............................................................ 74
3.3.11.1 Identity and Access Management (IdAM) and Public Key Infrastructure (PKI) Services 74
3.3.12 Network Access Control (NAC) Services .............................................................. 77
3.3.13 Remote Access Services (RAS) ............................................................................. 78
3.3.14 End User Training Services .................................................................................... 79
3.3.15 Network Operations (NetOps) and Information Assurance (IA) Training Services 81
3.3.15.1 Network Operations (NetOps) Training Services ........................................... 81
3.3.15.1.1 Instructional Strategy Services and Training Materials ............................... 86
3.3.15.2 Information Assurance (IA) Training Services ............................................... 87
3.3.16 Testing Services ..................................................................................................... 87
3.3.17 Continuity of Operations (COOP), Disaster Recovery (DR), and Business Continuity Planning (BCP) Services ..................................................................................... 89
3.3.17.1 Continuity of Operations (COOP) Services .................................................... 89
3.3.17.2 Disaster Recovery (DR) Services .................................................................... 90
3.3.17.3 Business Continuity Planning (BCP) Services ................................................ 91
3.3.17.4 Contingency Operations Services .................................................................... 92
3.3.17.4.1 Determine and Test Contingency Operations Hardware and Software Configurations ................................................................................................................ 92
3.3.17.4.2 Deploy IT Capabilities to Support Contingency Operations ....................... 92
3.3.18 File Removal Services ............................................................................................ 93
3.3.19 Electronic Software Delivery Services (ESDS) ..................................................... 94
3.3.20 Service Desk Services ............................................................................................ 95
3.3.20.1 Move, Add, and Change (MAC) Services ....................................................... 98
3.3.21 Base Area Network (BAN) Services and Local Area Network (LAN) Services ... 99
3.3.21.1 Pierside Connectivity ..................................................................................... 102
3.3.21.2 Application Server Connectivity ................................................................... 104
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
vi
3.3.21.3 Program of Record Workstation Connectivity .............................................. 105
3.3.21.4 Wireless Local Area Network (WLAN) Services ......................................... 105
3.3.22 Wide Area Network (WAN) Services .................................................................. 107
3.3.22.1 Non-Secure Internet Protocol Router Network (NIPRNet) and Intranet ...... 109
3.3.22.2 Secret Internet Protocol Router Network (SIPRNet) .................................... 109
3.3.22.3 Satellite Communications (SATCOM) Services ........................................... 110
3.3.23 Data Storage Services ........................................................................................... 112
3.3.24 Enterprise Messaging Services ............................................................................. 114
3.3.25 Enterprise Web Portal Services ............................................................................ 115
3.3.25.1 Homeport ....................................................................................................... 116
3.3.25.2 Content Discovery ......................................................................................... 116
3.3.26 Collaboration Services ......................................................................................... 117
3.3.27 Voice over Internet Protocol (VoIP) Options and Services ................................. 118
3.3.28 Unclassified Mobile Phone Services .................................................................... 119
3.3.29 Classified Mobile Phone Services ........................................................................ 119
3.3.30 Video Teleconferencing (VTC) Services ............................................................. 120
3.3.31 End User Computing Services ............................................................................. 122
3.3.31.1 Workstations (Fixed, Portable, or Virtual) .................................................... 122
3.3.31.2 Portable End User Device (Computing Services) ......................................... 124
3.3.31.3 Deployable End User Computing .................................................................. 125
3.3.31.4 Desktop Virtualization Services .................................................................... 127
3.3.31.5 Navy Recruiting Command (NRC) Mobile Computing Solution ................. 130
3.3.32 Optional Hardware and Software Services .......................................................... 131
3.3.33 Printing Services ................................................................................................... 131
3.3.34 Desk Side Support Services ................................................................................. 133
3.4 IT Service Management (ITSM) .................................................................................. 134
3.4.1 Service Management Tools .................................................................................. 135
3.4.2 Continual Service Improvement (CSI) Process .................................................... 137
3.4.3 Service Design Processes ..................................................................................... 137
3.4.3.1 Service Catalog Management ........................................................................ 137
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
vii
3.4.3.2 Service Level Management (SLM) ............................................................... 138
3.4.3.3 Capacity and Demand Management .............................................................. 139
3.4.3.4 Availability Management .............................................................................. 141
3.4.4 Service Transition Processes ................................................................................ 141
3.4.4.1 Asset Management ........................................................................................ 141
3.4.4.2 Configuration Management ........................................................................... 143
3.4.4.3 Change Management ..................................................................................... 144
3.4.4.4 Release and Deployment Management ......................................................... 145
3.4.5 Service Operations Processes ............................................................................... 147
3.4.5.1 Event Management ........................................................................................ 147
3.4.5.2 Incident Management .................................................................................... 148
3.4.5.3 Request Fulfillment ....................................................................................... 149
3.4.5.4 Problem Management .................................................................................... 150
3.5 Logistics ....................................................................................................................... 151
3.5.1 Installation Support .............................................................................................. 151
3.5.2 Maintenance ......................................................................................................... 153
3.5.3 Warranty Management ......................................................................................... 154
3.5.4 Supply Support ..................................................................................................... 154
3.5.5 Diminishing Manufacturing Sources and Material Shortages (DMSMS) ........... 154
3.5.6 Demilitarization and Disposal .............................................................................. 154
3.5.7 Environmental Safety and Occupational Health .................................................. 155
3.5.8 Packaging, Handling, Storage, and Transportation (PHS&T) ............................. 155
3.5.9 Facilities Management ......................................................................................... 156
3.5.10 Data Management (DM) ...................................................................................... 157
3.6 Transition Services ....................................................................................................... 160
3.6.1 Transition Overview ............................................................................................. 160
3.6.2 Navy Transition Profiles ...................................................................................... 161
3.6.3 Phase-In Services ................................................................................................. 162
3.6.3.1 Planning ......................................................................................................... 163
3.6.3.1.1 Phase-In Plan and Readiness Templates ...................................................... 163
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
viii
3.6.3.1.2 Detailed Phase-In Project Plans .................................................................. 164
3.6.3.2 Pre-Execution ................................................................................................ 164
3.6.3.2.1 Readiness Templates .................................................................................... 164
3.6.3.2.2 Readiness to Transition Review (RTR) ....................................................... 165
3.6.3.3 NGEN Transition Phase-In Execution .......................................................... 166
3.6.3.4 Success Criteria ............................................................................................. 167
3.6.4 NGEN Phase-Out Services ................................................................................... 168
3.6.4.1 Planning ......................................................................................................... 168
3.6.4.2 Pre-Execution ................................................................................................ 168
3.6.4.2.1 Work In Progress .......................................................................................... 168
3.6.4.2.2 Successor Preparation for the NGEN Environment ..................................... 168
3.6.4.2.3 Business Operational Support .......................................................................... 169
3.6.4.3 Execution and Success Criteria ..................................................................... 169
3.6.5 NGEN Optional Transition Services Move to Section C under CLIN 56 ........... 170
3.7 Litigation ...................................................................................................................... 170
4. Marine Corps Enterprise Services Requirements ........................................................... 176
4.1 Scope of Work ............................................................................................................. 176
4.2 Program Management .................................................................................................. 178
4.3 Risk Management ........................................................................................................ 180
4.4 IT Service Management (ITSM) .................................................................................. 181
4.5 Performance Requirements .......................................................................................... 182
4.5.1 Performance Quality ............................................................................................. 182
4.5.1.1 Quality Control Plan ...................................................................................... 182
4.5.1.2 Government Representatives ......................................................................... 182
4.5.2 Phase In/Phase Out Period ................................................................................... 182
4.5.2.1 Phase In Period .............................................................................................. 182
4.5.2.2 Phase Out Period ........................................................................................... 183
4.6 Services Provided ......................................................................................................... 183
4.6.1 Enterprise Engineering Design and Support Services (EEDSS) .......................... 183
4.6.1.1 Specific Tasks ................................................................................................ 184
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
ix
4.6.2 Enterprise Operations Services ............................................................................ 187
4.6.2.1 Specific Tasks ................................................................................................ 188
4.6.3 Data Storage Services ........................................................................................... 193
4.6.3.1 Specific Tasks ................................................................................................ 193
4.6.4 Enterprise Messaging Services ............................................................................. 197
4.6.4.1 Specific Tasks ................................................................................................ 197
4.6.5 Application Hosting Services ............................................................................... 198
4.6.5.1 Specific Tasks ................................................................................................ 198
4.6.6 Enterprise Web Portal Services ............................................................................ 199
4.6.6.1 Specific Tasks ................................................................................................ 199
4.6.7 Workflow and Collaboration Services ................................................................. 204
4.6.7.1 Specific Tasks: ............................................................................................... 205
4.6.8 Directory Services ................................................................................................ 206
4.6.8.1 Specific Tasks ................................................................................................ 206
4.6.9 COOP/Disaster Recovery/Business Continuity Services ..................................... 210
4.6.9.1 Specific Tasks ................................................................................................ 210
4.6.10 File Removal Services .......................................................................................... 211
4.6.10.1 Specific Tasks ................................................................................................ 211
4.6.11 Electronic Software Delivery Services ................................................................. 212
4.6.11.1 Specific Tasks ................................................................................................ 212
4.6.12 Commercial Voice Services ................................................................................. 214
4.6.12.1 Specific Tasks ................................................................................................ 214
4.6.13 VoIP Options and Services ................................................................................... 215
4.6.13.1 Specific Tasks ................................................................................................ 215
4.6.14 Unclassified Mobile Phone Services .................................................................... 216
4.6.14.1 Specific Tasks ................................................................................................ 216
4.6.15 Classified Mobile Phone Services ........................................................................ 217
4.6.15.1 Specific Tasks ................................................................................................ 217
4.6.16 VTC Services ....................................................................................................... 218
4.6.16.1 Specific Tasks ................................................................................................ 218
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
x
4.6.17 Cross Domain Security Services .......................................................................... 220
4.6.17.1 Specific Tasks ................................................................................................ 220
4.6.18 Security Configuration and Management Services .............................................. 221
4.6.18.1 Specific Tasks ................................................................................................ 221
4.6.19 Boundary, DMZ, and Communities of Interest (COI) Services ........................... 226
4.6.19.1 Specific Tasks ................................................................................................ 226
4.6.20 Malware Detection and Protection Services ........................................................ 229
4.6.20.1 Specific Tasks ................................................................................................ 229
4.6.21 Security Event Management Services .................................................................. 230
4.6.21.1 Specific Tasks ................................................................................................ 230
4.6.22 Security and IT Certification and Accreditation Services .................................... 234
4.6.22.1 Specific Tasks ................................................................................................ 234
4.6.23 Authentication and Authorization Services .......................................................... 239
4.6.23.1 Specific Tasks ................................................................................................ 240
4.6.24 Network Access Control Services ........................................................................ 244
4.6.24.1 Specific Tasks ................................................................................................ 244
4.6.25 Fixed and Portable Computing Services .............................................................. 245
4.6.25.1 Specific Tasks ................................................................................................ 245
4.6.26 Thin Client Computing Services .......................................................................... 248
4.6.26.1 Specific Tasks ................................................................................................ 248
4.6.27 Optional Hardware and Software Services .......................................................... 248
4.6.27.1 Specific Tasks ................................................................................................ 248
4.6.28 Remote Access Services ....................................................................................... 250
4.6.28.1 Specific Tasks ................................................................................................ 250
4.6.29 Printing Services ................................................................................................... 250
4.6.29.1 Specific Tasks ................................................................................................ 251
4.6.30 Service Desk Services .......................................................................................... 252
4.6.30.1 Specific Tasks ................................................................................................ 252
4.6.31 Desk Side Support Services ................................................................................. 255
4.6.31.1 Specific Tasks ................................................................................................ 255
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
xi
4.6.32 End User Training Services .................................................................................. 258
4.6.32.1 Specific Tasks ................................................................................................ 259
4.6.33 Network Operations (NETOPS) and Cyber Security Training Services ............. 260
4.6.33.1 Specific Tasks ................................................................................................ 260
4.6.34 Testing and Evaluation (T&E) Services ............................................................... 261
4.6.34.1 Specific Tasks ................................................................................................ 261
4.7 Place of Performance ................................................................................................... 265
4.7.1 Server Farms ......................................................................................................... 265
4.7.2 Micro Server Farm ............................................................................................... 266
4.8 Special Requirements................................................................................................... 266
4.8.1 Ordering and Invoicing Tools and Services ......................................................... 266
4.8.2 Asset Management ............................................................................................... 268
4.8.2.1 Asset Acquisition and Accountability ........................................................... 269
4.8.2.2 Asset Record Control..................................................................................... 270
4.8.2.3 Operations Management ................................................................................ 271
4.8.2.4 Life Cycle Management and Disposal of Assets ........................................... 272
4.8.3 Configuration Management (CM) ........................................................................ 272
4.8.4 Law Enforcement and Investigative Support ....................................................... 274
4.8.4.1 DON Investigator or Designee LE/CI Support Services ............................... 274
4.8.4.2 Litigation Support .......................................................................................... 279
4.8.4.2.1 General Litigation Support .............................................................................. 279
4.8.4.2.2 Litigation Support Services.............................................................................. 280
4.8.4.2.3 Litigation Holds Services ................................................................................. 280
4.8.4.2.4 Records Searches and Production Services ..................................................... 281
4.8.4.2.5 Testimony Services .......................................................................................... 282
4.8.4.2.6 Technical Advice and Assistance to Government Attorneys .......................... 284
5. Marine Corps Transport Services Requirements ............................................................ 285
5.1 Service Management .................................................................................................... 285
5.2 Scope of Work ............................................................................................................. 286
5.3 Summary of Services ................................................................................................... 286
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
xii
5.3.1 BAN/LAN ............................................................................................................ 287
5.3.2 WAN and Boundary Protection ........................................................................... 287
5.3.3 Facilities Capacity Management .......................................................................... 288
5.4 PERFORMANCE REQUIREMENTS ........................................................................ 288
5.4.1 Performance Quality ............................................................................................. 288
5.4.1.1 Quality Control Plan ...................................................................................... 288
5.4.1.2 Government Representatives ......................................................................... 289
5.4.2 Phase In/Phase Out Period ................................................................................... 289
5.4.2.1 Phase In Period .............................................................................................. 289
5.4.2.2 Phase Out Period: .......................................................................................... 289
5.5 Services Provided ......................................................................................................... 290
5.5.1 Transport Engineering Design and Support Services (TEDSS) ........................... 290
5.5.1.1 Specific Tasks ................................................................................................ 290
5.5.2 Transport Operations Services ............................................................................. 291
5.5.2.1 Specific Tasks ................................................................................................ 291
5.5.2.2 IT Collateral Equipment Management Specific Tasks .................................. 293
5.5.3 Base Area Network/Local Area Network (BAN/LAN) Services ........................ 293
5.5.3.1 Specific Tasks ................................................................................................ 294
5.5.3.2 For both BAN and LAN ................................................................................ 294
5.5.4 Wide Area Network (WAN) Services .................................................................. 296
5.5.4.1 Specific Tasks ................................................................................................ 296
5.5.5 Security Configuration and Management Services .............................................. 297
5.5.5.1 Specific Tasks ................................................................................................ 297
5.5.6 Boundary, DMZ, and Communities of Interest (COI) Services ........................... 299
5.5.6.1 Specific Tasks ................................................................................................ 299
5.5.7 Security and IT Certification and Accreditation Services .................................... 300
5.5.7.1 Specific Tasks ................................................................................................ 300
5.5.8 Network Operations (NETOPS) and Cyber Security Training Services ............. 300
5.5.9 Testing & Evaluation (T&E) Services ................................................................. 300
5.5.9.1 Specific Tasks ................................................................................................ 301
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
xiii
APPENDIX A: ACRONYMS AND DEFINITIONS ................................................................ A-1
APPENDIX B: USMC Rate Card Transport Applications......................................................... B-1
APPENDIX C: USMC Rate Card Transport Equipment ........................................................... C-1
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
1
1. INTRODUCTION 1
The Department of the Navy (DON) operates one of the largest intranets in the world, the Navy 2
Marine Corps Intranet (NMCI). NMCI provides end-to-end secure Information Technology (IT) 3
services to more than 400,000 seats and 800,000 users, across 2,500+ locations that vary from 4
major bases to single-user locations. Hewlett Packard Enterprise Services (HP Enterprise 5
Services), formerly Electronic Data Systems (EDS), hereinafter called Incumbent Provider, 6
operated NMCI under the programmatic and operational oversight of the DON until the end of 7
the contract period of performance, 30 Sep 2010. The DON has since transitioned to the NMCI 8
Continuity of Service Contract (CoSC), which provides continued delivery of NMCI services to 9
the DON through 30 Apr 2014. The DON will next transition the delivery of these IT services, 10
in segments, from the NMCI CoSC to the follow-on Next Generation Enterprise Network 11
(NGEN) contracts. 12
13
The overall goals of NGEN are to: 14
a. Operate the NMCI network and maintain delivery of NMCI network and computing 15
services. 16
b. Ensure continued security of the network and proactive enhancement of information 17
assurance (IA) capabilities to meet evolving and emerging threats. 18
c. Provide Government Command and Control (C2) to ensure flexible and responsive 19
operation and defense of the network. 20
d. Maintain continuity of service during transition from NMCI CoSC to follow-on NGEN 21
contract(s) or Government operation. 22
23
The Performance Work Statement (PWS) is divided into five sections: 24
a. Section 1: Introduction – Provides an overview of the DON management domains and 25
NGEN operating models the NGEN contractors must work within to deliver NGEN 26
services. 27
b. Section 2: Applicable Documents – Federal, DoD, DON, Navy, Marine Corps, or other 28
documents that provide policy and governance for the NGEN program. 29
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
2
c. Section 3: Navy Requirements – Defines the work to be performed for the United States 30
Navy (USN). 31
d. Section 4: Marine Corps Enterprise Services Requirements – Defines the work to be 32
performed for the United States Marine Corps (USMC) ES Segment. 33
e. Section 5: Marine Corps Transport Services Requirements – Defines the work to be 34
performed for the USMC Transport Segment. 35
36
The NGEN service delivery frameworks are different between the two management domains and 37
are described in the following sections. 38
39
1.1 DON Management Domain 40
The NGEN program uses "management domains" to establish the boundaries of a network for 41
which a management authority can affect operational-level C2. In this respect, management 42
domains address the Government's ability to direct and manage network resources and 43
capabilities. Management domains also define the relationship between the Government and 44
NGEN segment Contractors, and the roles and responsibilities related to the ownership, 45
operation, and support of the network. The NGEN program will be divided into two 46
management domains, based on the military services within the DON: Navy Management 47
Domain and Marine Corps Management Domain. 48
49
1.1.1 Navy Management Domain 50
The Navy Management Domain will be structured as a Government Owned, Contractor 51
Operated (GO/CO) network. With the exception of end user hardware, the Navy will purchase 52
NGEN network infrastructure in order to own the network. End user hardware will be provided 53
as a service by the NGEN ES Contractor. During the NGEN contract period of performance, the 54
ES Contractor and the TXS Contractor shall operate the NGEN network in the Navy 55
Management Domain and provide services described in Section 3 of the PWS. 56
57
1.1.2 Marine Corps Management Domain 58
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
3
For the Marine Corps management domain, the USMC will transition from a single Government 59
Owned, Contractor Operated (GO/CO) network to a Government Owned, Government Operated 60
(GO/GO), and Contractor supported network. The USMC may purchase select services from the 61
ES and TXS contracts including the associated hardware, software, and training. During the 62
NGEN contract period of performance, the ES Contractor and TXS Contractor shall provide 63
support to the USMC for services described in Sections 4 and 5 of the PWS. Marine Corps 64
Enterprise Network (MCEN) is the Marine Corps' network of networks and approved 65
interconnected network segments. The physical characteristics of the USMC management 66
domain are provided as an attachment to the Contract. 67
68
1.2 NGEN Operating Models 69
Within the management domains defined above, the NGEN ES Contractor and TXS Contractor 70
will operate and support NGEN as described in the following sections. 71
72
1.2.1 Navy Operating Model 73
The Navy Network Operations (NetOps) operating model employs a centrally managed and 74
decentralized execution framework where global, regional, and local responsibilities are 75
delineated. Network C2 is accomplished through a hierarchal, tiered organizational framework. 76
The following sections provide an overview of the global, regional, and local relationships for 77
Navy NetOps management and control. 78
79
1.2.1.1 Fleet Cyber Command (FLTCYBERCOM) / Tenth Fleet (TENTHFLT) 80
FLTCYBERCOM 1) directs Navy cyberspace operations globally to achieve military objectives 81
in and through cyberspace; 2) executes cyber missions as directed by U.S. Cyber Command 82
(USCYBERCOM); 3) directs, operates, maintains, secures, and defends the Navy's portion of the 83
Global Information Grid (NAVGIG); 4) delivers global Navy cyber Common Operational 84
Picture (COP); and, 5) develops, coordinates, and assesses Navy cyber operational requirements. 85
FLTCYBERCOM is the Navy component to USCYBERCOM for cyberspace operations. 86
87
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
4
TENTHFLT 1) serves as the numbered fleet commander for FLTCYBERCOM; 2) exercises 88
operational control of assigned Navy forces; and, 3) coordinates with other naval, coalition, and 89
joint forces to execute full spectrum cyberspace operations. In accordance with the joint chain of 90
command established by the Secretary of Defense and USCYBERCOM, operational control 91
(OPCON) and tactical control (TACON) of FLTCYBERCOM / TENTHFLT units are exercised 92
by FLTCYBERCOM / TENTHFLT. 93
94
1.2.1.2 Naval Network Warfare Command 95
The Naval Network Warfare Command is referred to as NAVNETWARCOM or NNWC. The 96
Commander, NAVNETWARCOM 1) coordinates, assesses, and oversees the global operation of 97
Navy computer networks and telecommunications systems; 2) manages the distributed Navy 98
Dynamic Global Information Grid (GIG) Operations (DGO) mission, including information 99
assurance; accredits and certifies networks; and, 3) issues DGO directives. 100
NAVNETWARCOM is granted authority to directly coordinate with units regarding DGO 101
matters and keeps the fleet apprised of activity in respective theaters. NAVNETWARCOM 102
tasks are: 103
a. Execute network C2 and computer network task orders. 104
b. Maintain network situational awareness. 105
c. Monitor, manage, and report on network operations and IT services. 106
d. Provide performance status and statistics on the NAVGIG and recommend 107
improvements. 108
109
NAVNETWARCOM provides operational and technical support to the NAVGIG through its 110
subordinate NetOps commands across the operational and tactical levels, in direct support and 111
coordination with regional commanders. NAVNETWARCOM coordinates, monitors, and 112
oversees the day-to-day operations of the NAVGIG. 113
114
Operationally, NAVNETWARCOM is divided into two execution centers, NetOps C2 and 115
Enterprise Management (EM). C2 consists of a 24x7x365 watch organization to conduct 116
NAVGIG service operations including monitoring, managing, and reporting on IT services and 117
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
5
security. The NetOps C2 section is supported by the EM section which performs IT operations 118
management, problem management, analysis, and metrics collection, and coordinates with the 119
Navy and joint IT commands. EM evaluates and responds to the demand signals on the network 120
and its customers. EM coordinates with TENTHFLT and the higher command tasking such as 121
USCYBERCOM. 122
123
NAVNETWARCOM exercises global Network C2 from its headquarters located at Little Creek, 124
Virginia. NetOps service operations are managed by the NAVNETWARCOM operations staffs 125
located at Joint Expeditionary Base Little Creek-Fort Story and at Norfolk Naval Station. 126
127
1.2.1.3 Navy Cyber Defense Operations Command (NCDOC) 128
NCDOC coordinates, monitors, and oversees the defense of the Navy computer networks and 129
systems. NCDOC is also responsible for accomplishing Computer Network Defense (CND) 130
missions as assigned by the Commander, U.S. TENTH Fleet and USCYBERCOM as follows: 131
a. Protects, monitors, analyzes, detects, and responds to unauthorized activity on the NGEN 132
network. 133
b. Monitors and reacts to malicious activity and intrusions on Navy computer networks and 134
systems. Assesses the impact on military operations and capabilities. Notifies C10F and 135
the end user community. 136
c. Coordinates and directs appropriate Navy actions to halt malicious activity, contains 137
damage, restores functionality, and provides feedback to the end user community. 138
d. Provides Vulnerability and Analysis Assessment support for NGEN. 139
e. Provides Information Assurance Vulnerability Management (IAVM) support for NGEN. 140
f. Provides relevant cyberspace threat analysis, reporting and information exchange to 141
support global Attack Sensing and Warning to defend NGEN, and to integrate with other 142
Navy and DoD computer network operations. 143
g. Maintains an incident database for operational reporting and to support mission and 144
forensic analysis on misuse and malicious activity on NGEN. 145
146
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
6
1.2.1.4 Naval Computer and Telecommunications Area Master Stations (NCTAMS) / Regional 147
Network Operations and Security Centers (RNOSC) 148
NCTAMS / RNOSCs manage the geographical regions which provide direct IT services to 149
ashore, afloat, and deployed end users. They exercise network C2 through subordinate Naval 150
Computer and Telecommunications Stations (NCTS) and NCTAMS Detachments (DETs). 151
Figures 1.2.1.4-1 and 1.2.1.4-2 show the current and future NAVNETWARCOM domain 152
organizational structures. 153
154
The NCTAMS / RNOSC’s are responsible for regional situational awareness and coordination of 155
assigned NetOps and CND tasks. The NCTAMS / RNOSC C2 and EM teams have 156
watchstanders co-located at the NGEN NOCs in Norfolk and Hawaii. These teams manage 157
NetOps IA and CND services and interface with NETWARCOM and NCDOC staffs for overall 158
deconfliction and prioritization of Navy NGEN services. 159
160
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
7
161 Figure 1.2.1.4-1 162
163
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
8
164 Figure 1.2.1.4-2 165
166
1.2.1.5 Customer Technical Representatives (CTR) 167
The local commands have on-site CTR who support delivery of NGEN services. 168
169
1.2.2 Marine Corps Operating Model 170
The Marine Corps has assumed operational control of the NMCI/CoSC infrastructure and will be 171
transitioning to a regionalized strategy comprised of four RNOSCs and includes eight sub 172
regions supported by MITSCs designed to provide garrison Marine Expeditionary Forces 173
(MEFs) and Marine Corps Supporting Establishments within respective areas of responsibility. 174
Bases, Posts, and Stations (B/P/S) provide touch labor in support of the MITSCs. Figure 1.2.2-1 175
shows the geographical and functional relationships of the regions. 176
177
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
9
Operationally, the MCNOSC functions as the NetOps/Cyber Network Operations 178
(CyberNetOps) enterprise lead responsible for all cross-regional IT issues. The four RNOSCs 179
provide NetOps oversight, approval authority, the tasking and reporting framework, decision 180
support, and recommendations for MITSC(s) in their areas of responsibility. MITSCs execute 181
NetOps functions for a sub-region in support of the RNOSC. Approval authorities for B/P/S 182
NetOps reside with the B/P/S G6 in support of the local commander. 183
184
185 Figure 1.2.2-1: MCNOSC, RNOSCs, MITSCs, and B/P/S Relationship 186
187
The current USMC NetOps C2 structure that conducts the operation, defense, and governance of 188
the Marine Corps Information Enterprise is comprised of existing global, regional, and local 189
NetOps authorities. It comprises people, processes, logical and physical infrastructure, 190
architecture, topology, and Cyberspace Operations. The MCNOSC, RNOSCs, and MITSCs, 191
along with the MSCs provide essential C2 functions executed at the lowest level possible and 192
will provide Government direction to the supporting NGEN Contractor(s). Within this C2 193
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
10
framework, status communication occurs both horizontally and vertically via a robust 194
collaboration infrastructure. 195
196
1.2.2.1 Marine Corps Network Operations Security Center (MCNOSC) 197
The MCNOSC will provide global CyberNetOps of the USMC management domain in order to 198
facilitate seamless information exchange in support of Marine Forces operating worldwide. The 199
MCNOSC reports operationally to the Commander, US Cyber Command and administratively to 200
the Director C4, the Marine Corps Chief Information Officer and principal staff member for the 201
Commandant of the Marine Corps. 202
203
The MCNOSC is responsible for the operation and defense of the MCEN. The MCNOSC 204
maintains the responsibility for the execution of current and emerging DoD Information Security 205
and Cyber Security doctrine as well as promulgation of USMC specific policies and procedures 206
outlining the protection of all information communication mediums. The MCNOSC implements 207
and enforces policies under the administrative control of HQMC including DoDI 841002p 208
NetOps for the Global Information Grid (GIG), under the operational control of the Joint Task 209
Force Global Network Operations (USCYBERCOM). 210
211
1.2.2.2 Regional Network Operation and Security Centers (RNOSCs) 212
Four RNOSCs, operated by Marine Forces (MARFOR) commanders, manage well-rounded 213
regional CyberNetOps functions to include: (a) maintenance of CyberNetOps SA; (b) 214
determination and execution of regional priorities and tasking; (c) conduct of regional operations 215
impact assessments; and (d) control of regional network defense response actions. The RNOSCs 216
are under tactical control (TACON) of the MCNOSC. 217
218
The geographic locations of the four RNOSCs are: 219
a. Marine Corps Base (MCB) Quantico, VA (RNOSC National Capital Region (NCR)) 220
b. Camp Allen, VA (RNOSC Atlantic) 221
c. Camp Smith, HI (RNOSC Pacific) 222
d. New Orleans, LA (RNOSC Reserves) 223
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
11
224
The RNOSCs support MARFOR Commands and delegate CyberNetOps to MITSCs to provide 225
regional CyberNetOps capabilities. 226
227
1.2.2.3 Marine Air Ground Task Force (MAGTF) IT Support Centers (MITSCs) 228
The technical arm of each RNOSC, responsible for backbone network operations, defense, and 229
services is the MITSC. A MITSC is the regional data and network operations center operated by 230
a staff, under the command of the Marine Corps installations or geographic bound regional 231
Commander and maintained with assistance from a MCNOSC onsite support detachment. The 232
MCNOSC detachment supports enterprise-level data center operations and troubleshooting and 233
augments the MITSC staff when necessary. The MITSCs are operationally controlled by the 234
RNOSC. RNOSCs may delegate CyberNetOps responsibilities to the MITSCs for providing 235
regional capabilities. 236
237
A MITSC supports MEFs and the Marine Corps supporting establishments at bases, posts and 238
stations by managing and executing regionally focused network operations, IT services, 239
configuration management, Continuity of Operations/Disaster Recovery and network SA. A 240
MITSC supports the MCNOSC in the managing of global/enterprise assets/infrastructure (e.g., 241
Exchange email accounts, network and web access permissions, and file sharing) and provides 242
regional tier 1 and tier 2 support. 243
244
The geographic locations of the eight regional MITSCs are: 245
a. MCB Camp Lejeune, NC (MITSC East) 246
b. MCB Camp Pendleton, CA (MITSC West) 247
c. MCB Quantico, VA (MITSC NCR) 248
d. New Orleans, LA (MITSC Reserves) 249
e. MCB Camp Butler, Japan (MITSC WestPac) 250
f. MCB Kaneohe Bay, HI (MITSC MidPac) 251
g. Panzer Kaserne, Germany (MITSC Europe) 252
h. Pentagon, DC/VA (MITSC HQMC) 253
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
12
254
Each MITSC hosts services and applications and supports forces as designated by Director C4. 255
The MITSCs are provisioned within Marine Corps Installation Commands to support MEF 256
Commands; and, as part of the fifth element of the MAGTF, support the warfighter while 257
operationally deployed, in garrison, or engaged in training. 258
259
1.2.2.4 Major Subordinate Command (MSC) – Base-Post-Stations 260
The MSC, Base-Post-Station G6s or S6s, act as the local CyberNetOps over their designated area 261
of responsibility. They provide hands-on technical support; respond to direction and tasking 262
from the MCNOSC, RNOSCs, and MITSCs; and support the management of access to the 263
MCEN. Some services and applications may be hosted and/or managed by the local 264
CyberNetOps. Deployed MAGTFs will constitute their own management domain and have local 265
CyberNetOps during deployment in support of military operations or engaged in training 266
exercises. During deployment as part of a Joint or Multinational force, operational tasking and 267
reporting for these commands will occur as established by their Joint or Multinational command 268
authority. 269
270
2. REFERENCE DOCUMENTS 271
This PWS references applicable documents, attachments, appendices, and an online repository: 272
a. Applicable documents are Federal, Department of Defense (DoD), DON, Navy, or 273
Marine Corps documents that provide policy and governance for the NGEN program. 274
Applicable Documents are listed in Section 2.0 of this PWS. 275
b. Attachments are NGEN program-level documentation that amplify the requirements, 276
performance standards, and provide additional program details pertaining to multiple 277
NGEN segments. Attachments are listed in Section J of the Request for Proposal. 278
c. Appendices are NGEN documents that define unique terms and requirements applicable 279
to the NGEN PWS. Appendices are listed following Section 5.0 of the document. 280
d. There is an additional online repository of technical data for the NGEN program hosted 281
on a MITRE SharePoint site and includes applicable documents that may not be readily 282
available in the public domain. 283
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
13
The following table lists the applicable documents. Documents with an asterick (*) are available 284
as technical data on the MITRE SharePoint web site: 285
Department of Defense (DOD) Applicable Documents and International Standards
1. CJCSI 6211.02C, Defense Information System Network (DISN): Policy and Responsibilities *
2. CJCSI 6510.01E, Information Assurance (IA) and Support to Computer Network Defense (CND) *
3. CJCSI 6510.01F, Information Assurance (IA) and Computer Network Defense (CND)*
4. CJCSM 6510.01 CH3, Defense-In-Depth: Information Assurance (IA) And Computer Network Defense (CND) Change 3
5. CJCSM 6510.01A, Information Assurance (IA) and Computer Network Defense (CND) Volume I (Incident Handling Program) *
6. CNSSI 1253, Security Categorization and Control Selection for National Security Systems
7. CNSSI 4009, National Information Assurance (IA) Glossary
8. Defense Acquisition Guidebook (DAG) *
9. Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG)
10. Director of Central Intelligence Community Directive Number 503, effective 15 September 2008*
11. DISA Unified Capabilities Requirements (UCR 2008, Change 2) *
12. DoD 4000.25-2-m Military Standard Transaction Reporting and Accounting Procedures (MILSTRAP) Manual *
13. DoD 4140.1-R, DoD Supply Chain Material Management Regulation *
14. DoD 4160.21-M-1, Defense Militarization Manual *
15. DoD 5000.04-M-1, Cost and Software Data Reporting (CSDR) Manual*
16. DoD 5015.02-STD, Electronic Records Management Software Applications Design Criteria Standard *
17. DoD 5200.2-R, Security Requirements for Automated Information Systems (AISs) *
18. DoD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM)*
19. DoD 8570.01-M IA Workforce Improvement Program *
20. DoDD 3020.26, Department of Defense Continuity Programs *
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
14
Department of Defense (DOD) Applicable Documents and International Standards
21. DoDD 8100.02, Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense (DoD) Global Information Grid (GIG) *
22. DODI 8100.04, Unified Capabilities (UC) *
23. DoDD 8190.3, Smart Card Technology *
24. DoDD 8320.02, Data Sharing in a Net-Centric Department of Defense *
25. DoDD 8320.03, Unique Identification (UID) Standards for a Net-Centric Department of Defense *
26. DoDD 8500.01E, Information Assurance (IA) *
27. DoDD O-8530.1, Computer Network Defense *
28. DoDI 4165.14, Real Property Inventory and Forecasting *
29. DODI 5000.64, Accountability and Management of DoD Equipment and Other Accountable Property *
30. DoDI 8410.02, NetOps for the Global Information Grid (GIG) *
31. DoDI 8500.2, Information Assurance (IA) Implementation, dated February 6, 2003 *
32. DoDI 8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP) *
33. DODI 8520.2, Public Key Infrastructure (PKI) and Public Key (PK) Enabling *
34. DoDI 8523.01, Communications Security
35. DoDI 8551.1, Ports, Protocols, and Services Management (PPSM) *
36. DoDI 8560.01, Communications Security (COMSEC) Monitoring and Information Assurance (IA) Readiness Testing
37. DoDI O-3600.2, Information Operation (IO) Security Classification Guidance (U)
38. DoDI O-8530.2, Support to Computer Network Defense
39. Electronic Key Management System (EKMS) Policy and Procedures Manual, EKMS 1(Series) *
40. IETF RFC 2409, The Internet Key Exchange (IKE)
41. IETF RFC 4301, Security Architecture for the Internet Protocol
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
15
Department of Defense (DOD) Applicable Documents and International Standards
42. IETF RFC 4303, IP Encapsulating Security Payload (ESP)
43. ISE-G-108, Identity and Access Management Framework
44. Joint Pub 1-02, Dictionary of Military and Associated Terms *
45. JTF-GNO CTO 07-015, Public Key Infrastructure (PKI) Implementation, Phase 2
46. JTF-GNO CTO 07-12, Deployment of the Host Based Security System (HBSS)
47. JTF-GNO CTO 08-001, Encryption Of Sensitive Unclassified Data At Rest (DAR) On Mobile Computing Devices And Removable Storage Media Used Within The Department Of Defense (DoD)
48. JTF-GNO CTO 08-005, Directive for Automated Scanning, Remediation and Reporting of Network Vulnerabilities throughout DOD Global Information Grid (GIG)
49. JTF-GNO INFOCON Level 3 Clarification and Guidance *
50. Key Management Using ANSI X9.17
51. MIL-HDBK-1012/3, Military Handbook: Telecommunications Premises Distribution Planning, Design, and Estimating *
52. MIL-HDBK-29612-2a, DoD Handbook; Instructional Systems Development/Systems Approach to Training and Education (ISD/SAT) *
53. MIL-HDBK-61, Military Handbook: Configuration Management Guidance *
54. MIL-STD 2042(SH), Fiber Optic Cable Topology Installation Standard Methods for Naval Ships *
55. MIL-STD-130N Identification Marking of US Military *
56. MIL-STD-882D, Standard Practice for Systems Safety *
57. PKCS #1 v2.1: RSA Cryptography Standard
58. Risk Management Guide for DOD Acquisition, Sixth Edition (Version 1.0) *
59. SIPRNET and NIPRNET Connection Questionnaire *
60. Strategic Directive 527-1 INFOCON *
61. USCYBERCOM CTO 10-033A, Defense Connect Online (DCO) Upgrade to Adobe Acrobat Connect Pro 7.0 *
286
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
16
Department of Navy (DON) Applicable Documents
62. CNO/USMC IA PUB 5239-22, Information Assurance Protected Distribution Systems (PDS) Publication
63. DON DIACAP Handbook, 15 July 2008 *
64. DON FY09 CLIN Structure *
65. DON FY10 CLIN Structure *
66. DON FY11 CLIN Structure *
67. DTG 122213Z MAY 08, Public Key Infrastructure Software Certificate Minimization Effort for DON Unclassified Environments *
68. EKMS Policy and Procedures for Navy Electronic Key Management System Tiers 2 & 3
69. Enterprise Pier Connectivity Architecture (EPCA) *
70. MARADMIN 328/08 DTG: 031012Z *
71. MARADMIN 336/08 *
72. Marine Corps Enterprise IA Directive (EIAD) 018 Certification and Accreditation Manual DAA Guidance Memorandum 01/0909
73. MC IA OPSD 010, Marine Corps Incident Handling Procedures
74. NAVADMIN 248/08 *
75. Naval Systems Engineering Technical Review Handbook *
76. Naval Telecommunications Procedures 4 Chap 11 *
77. NAVEDTRA 130B, Automated Electronic Classrooms (AEC) guidelines *
78. Navy Enterprise Services Profile (NESP) Network Operations, Network and Systems Management *
79. Navy Ports, Protocols, and Services (NPPS) Manual *
80. NIST SP 800-42, Guideline on Network Security Testing
81. NIST SP 800-53, Information Security
82. NNWCINST 5450.4A Mission, Function & Tasks for NCDOC-Norfolk *
83. NTD 03-11 Disposal of Navy Computers *
84. NTD 05-10, Cryptographic Log-On (CLO) *
85. NTD 11-08, Electronic Spillage Policy * 287
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
17
Department of Navy (DON) Applicable Documents
86. OPNAVINST 1500.76B, Naval Training System Requirements, Acquisition and Management *
87. OPNAVINST 2201.2, Navy and Marine Corps Computer Network Incident Response *
88. OPNAVINST 3030.5B, Navy Continuity of Operations Program and Policy *
89. OPNAVINST 5239.1C, Navy Information Assurance (IA) Program *
90. OPNAVINST 9210-3, Safeguarding of Naval Nuclear Propulsion Information *
91. SECNAV M-5239.1, Department of the Navy Information Assurance Manual *
92. SECNAV M-5239.2, Department Of The Navy Information Assurance (IA) Workforce Management Manual To Support The IA Workforce Improvement Program *
93. SECNAV M-5510.36, DON Information Security Program *
94. SECNAVINST 2075.1, Department of the Navy Use of Commercial Wireless Local Area Network (WLAN) Devices, Services, and Technologies *
95. SECNAVINST 3030.4C, Department of the Navy Continuity of Operation Program *
96. SECNAVINST 3052.2, Cyberspace Policy and Administration Within the DON *
97. SECNAVINST 3501.1B, DON Critical Infrastructure Protection Program
98. SECNAVINST 5230.15, Information Management/Information Technology Policy for Fielding of Commercial Off the Shelf Software *
99. SECNAVINST 5239.19, DON Computer Network Incident Response and Reporting Requirements *
100. SECNAVINST 5239.3B, DON IA Policy *
101. SECNAVINST 5430.107, Mission and Functions of the Naval Criminal Investigative Service *
102. SECNAVINST 5510.34A, Disclosure Of Classified Military Information And Controlled Unclassified Information To Foreign Governments, International Organizations, And Foreign Representatives
103. SECNAVINST 7320, Department of Navy Personal Property Policies and Procedures *
104. SPAWAR Shore Installation Process Handbook (SIPH) *
105. SPAWARINST 4720.5, Policy and Procedures for Development and Life-Cycle Management of Installation Requirements Drawings *
288
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
18
Next Generation Enterprise Network (NGEN) Applicable Documents 106. Disaster Recovery Plan (DRP) *
107. Enterprise DIACAP Plan (EDP) *
108. NGEN Allocated Baseline *
109. NGEN Core Build *
110. NGEN Integrated Architecture *
111. NGEN Learning Management System Functional Area Description *
112. NGEN Navy Training System Plan, N6-NTSP-E-70-0817 *
113. NGEN Ordering Tool Interface Control Document *
114. NGEN Product Baseline *
115. NGEN Program CONOPS *
116. NGEN Requirements Management Plan (RQMP) *
117. NGEN Site Scheduling Tool *
118. NGEN Systems Design Specification (SDS) *
119. NGEN Systems Engineering Plan (SEP) *
120. NMCI COSC FY11 Enterprise Technology Refresh Plan *
121. NMCI Naming Standards, D400.11939.01 *
122. NGEN Security Classification Guide * 289
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
19
290
3. NAVY REQUIREMENTS 291
3.1 Scope 292
The NGEN Functional Baseline was established upon approval of the Systems Design 293
Specification (SDS) and the successful completion of the Program's System Functional Review 294
(SFR). NGEN Contractors will provide NGEN services to both the unclassified Non-secure 295
Internet Protocol Router Network (NIPRNet) and the classified Secret Internet Protocol Router 296
Network (SIPRNet) environments. 297
298
The alignment of the services to contract segments is provided in Figure 3.1-1. This table 299
identifies which services individually belong to the different segments or, in some cases, which 300
segment has the primary role and which segment has the supporting role for shared services. 301
Primary responsibility is denoted by a “P” and means the contractor will have the primary 302
responsibility for delivering those services. Supporting responsibility is denoted by an “S” and 303
means the Contractor will support the delivery of those services by the Contractor that has 304
primary responsibility. Regardless of the designations, the Contractors shall collaborate with 305
each other and any other service providers to provide its assigned portion of the NGEN program. 306
307
Primary service provider means: 308
a. Plan in coordination with the Government the location, a set day and time for every 309
meeting. 310
b. Host assigned meetings. 311
c. Prepare consolidated meeting minutes including action items. Track action items through 312
closure. (CDRL A001 – Meeting Minutes) 313
d. Determine the content and format of meeting in coordination with and approval from the 314
Government. 315
e. Provide programmatic and technical support for all meetings. 316
f. Prepare meeting agenda. (CDRL A002 – Meeting Agenda) 317
g. Develop a combined (relevant) brief and submit electronically to the Government three 318
(3) business days prior to the meeting. (CDRL A003 – Presentation Materials) 319
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
20
h. Submit consolidated plans which contain required information as specified within the 320
service. 321
i. Submit consolidated CDRL responses to the Government, unless specifically directed 322
otherwise in the contract. 323
324
Supporting service provider means: 325
Provide the primary service provider the required data as stipulated in the relevant CDRLs. The 326
format for submission of this information to the primary service provider will be determined by 327
the respective providers themselves, not by the Government. 328
329
NGEN Services CONTRACT SEGMENTS
Enterprise Transport
Enterprise Engineering Design and Support Services P S
Enterprise Operations Services P S
Application Hosting Services P
Directory Services P S
Cross Domain Security (CDS) Services P S
Security Configuration and Management Services * P S Boundary, Demilitarized Zone (DMZ), and Communities of Interest (COI) Services S P
Malware Detection and Protection Services P S
Security Event Management (SEM) Services P S
Security and IT Certification and Accreditation (C&A) Services P S
Authentication and Authorization Services P S
Network Access Control (NAC) Services P S
Remote Access Services (RAS) S P
End User Training Services P S Network Operations (NetOps) and Information Assurance (IA) Training Services P S
Testing Services P S
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
21
NGEN Services CONTRACT SEGMENTS
Enterprise Transport Continuity of Operations (COOP), Disaster Recovery (DR), Business Continuity Planning Services P S
File Removal Services (Spillage) P S
Electronic Software Delivery Services (ESDS) P S
Service Desk Services P S Base Area Network (BAN) Services and Local Area Network (LAN) Services P
Wide Area Network (WAN) Services P
Data Storage Services P
Enterprise Messaging Services P
Enterprise Web Portal Services P
Collaboration Services P
Voice over Internet Protocol (VoIP) Options and Services P
Unclassified Mobile Phone Services P
Classified Mobile Phone Services P
Video Teleconferencing (VTC) Services P
End User Computing Services P
Optional Hardware and Software Services P
Printing Services P
Desk Side Support Services P 330
Figure 3.1-1: Mapping of Services to NGEN Contract Segments 331
332
The contractors are responsible for the respective infrastructure assignments outlined in Navy 333
Assigned Infrastructure listed as an attachment in Section J and software functionality 334
assignments as outlined in NGEN Software Tools List listed an attachment in Section J. For the 335
software functionality assignments, the contractor is responsible to provide all licensing, 336
integration, operations and maintenance. 337
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
22
338
3.2 Program Management 339
Program Management provides the personnel, processes, and tools necessary to effectively 340
manage the NGEN program within schedule and performance requirements. The Contractors 341
shall collaborate with each other and any other service providers to provide common 342
management of the services described below: 343
a. Provide management, administration, and documentation, including staff, equipment, 344
tools, processes, procedures, and training required to manage and meet the requirements 345
of this PWS. 346
b. Establish and maintain a formal program management organization and provide the 347
Government with an organization diagram and a directory with the positions, names and 348
contact information of all supervisory personnel. 349
c. Designate a Program Manager and Deputy Program Manager empowered to make 350
program and project level decisions and commit company resources to execute courses of 351
action within the scope of this contract. 352
d. Submit a Program Management Plan that describes: (CDRL A004 - Program 353
Management Plan) 354
i. The Contractor’s organizational structure 355
ii. Program Management Methodology 356
iii. Subcontract Management Methodology 357
iv. Service Management Methodology 358
v. Performance Management Plan. 359
e. Develop a Communications Strategy and Plan. (CDRL A005 - Communications Plan) 360
f. Report Contractor Cost Data Reporting (CCDR) information in accordance with the 361
NGEN Cost and Software Data Reporting Plan and DoD 5000.04-M-1, (CDRL A019 – 362
Cost Data Summary Reports and CDRL A020 – Functional Cost Hour Reports) 363
364
In addition to the above, the ES Contractor shall: 365
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
23
a. Submit a unified Program Management Plan that combines all Contractors individual 366
Program Management Plans. The combined plan shall contain the information described 367
above. (CDRL A004- Program Management Plan) 368
b. Submit a unified Communications Strategy that combines all Contractors individual 369
Program Management Plans. (CDRL A005 - Communications Plan) 370
c. Provide a Project Management application to meet all NGEN scheduling and 371
performance management reporting requirements. The application must be compatible 372
with the NGEN infrastructure and meet the certification requirements of the network. 373
i. Provide the Government access to the application for oversight activities to 374
include design and technical authority. 375
ii. Develop project templates as directed by the Government. All project templates 376
must be approved by the government prior to use. 377
378
3.2.1 Quality Management 379
Quality Management Systems (QMS) reduce and eventually eliminate nonconformance to 380
specifications, standards, and customer expectations in the most cost effective and efficient 381
manner. The Contractors shall collaborate with each other and any other service providers to 382
provide common management of the services described below: 383
a. Maintain effective QMS processes and procedures that comply with ISO 9000, ISO 9001, 384
and ISO 9004. 385
b. Develop and submit a Quality Control Plan (QCP) that documents processes and 386
procedures to identify, prevent, and ensure non-recurrence of defective services. (CDRL 387
A006 - Quality Control Plan) 388
c. Develop and implement quality inspection processes (e.g., examinations, tests, etc.) 389
required to demonstrate service level conformance with PWS requirements and 390
associated Service Level Requirements (SLR). 391
d. Conduct Quality Assurance (QA) reviews and after action analysis of work activities and 392
project deliverables to identify areas for correction and opportunities for improvement. 393
e. Identify any noncompliant QA and Quality Control (QC) issues and ensure issues are 394
resolved. 395
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
24
f. The Government will monitor the Contractor’s performance under this contract in 396
accordance with the Quality Assurance Surveillance Plan (QASP) listed as an attachment 397
in Section J. To support this effort the Contractor shall participate in activities contained 398
in the QASP. 399
400
In addition to the above, the ES Contractor shall submit a consolidated NGEN Quality Control 401
Plan that demonstrates how the providers will coordinate efforts to deliver end-to-end quality 402
services. The Contractors’ shall collaborate to deliver the consolidated plan. (CDRL A006 – 403
Quality Control Plan) 404
405
3.2.2 NGEN Performance Management 406
NGEN Performance Management includes all the processes, metrics, measurements, and 407
systems necessary to: 408
a. Continually assess the state of compliance of the network and network services with the 409
schedule and performance requirements established by the NGEN Capability Production 410
Document (CPD), NGEN contracts, and other DoD, DON, and Navy policies and 411
requirements. 412
b. Assess the effectiveness of the network and network services in supporting the execution 413
of Navy combat, combat support, and business processes. 414
415
The Contractors shall collaborate with each other and any other service providers to provide 416
common management of the services described below: 417
a. Provide data and reports to the performance management systems from assigned 418
components and systems necessary to support the collection of data required by contract 419
SLRs, OLAs, and other contract performance requirements. 420
b. Identify the root causes and propose corrective actions to address performance measures 421
that are not meeting requirements or are trending toward out of specification conditions. 422
(CDRL A007 – Monthly Status Report) 423
c. Assist with Government verification, validation, and auditing of the performance 424
management systems. 425
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
25
426
In addition to the above, the ES Contractor shall: 427
a. Operate and maintain the Service Level Requirement (SLR), and Operating Level 428
Agreement (OLA) systems and associated performance data collection mechanisms, 429
databases, and report generation systems. The Service and Operational Levels are listed 430
as an attachment in Section J. 431
b. Operate and maintain NGEN Enterprise Performance Management Database (EPMD) 432
and Client Performance Management Database (CPMD) systems and associated 433
collection mechanisms, databases, and report generation systems. 434
i. Provide systems administration for EPMD and CMPD to integrate TXS and other 435
NGEN provider input and management requirements. 436
ii. Integrate (physically and electronically) ES infrastructure and service metrics into 437
EPMD and CPMD. 438
c. Operate and maintain the user, command user, and network operator automated survey 439
systems, databases, and report generation systems. 440
d. Provide overall systems integration for NGEN performance management tools and 441
implement an integrated NGEN performance monitoring database accessible through the 442
Homeport Portal. 443
e. Prepare and submit performance management reports for the entire network. (CDRL 444
A007 – Monthly Status Report) 445
f. Implement, operate, and maintain the capability to collect additional measurements 446
required by NGEN (e.g., SLRs and OLAs) associated with new services or new Navy, 447
DON or DoD performance measurement requirements that are within the scope of the 448
existing performance measurement areas at the time the new requirement is added to the 449
contract. 450
g. Propose strategies and technologies to improve and reduce the cost of performance 451
management systems. (CDRL A008 - Continuous Service Improvement Plan) 452
h. Provide the Government and TXS Contractor access to the performance management 453
systems for obtaining information and extracting reports. 454
455
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
26
3.2.3 Governance Boards 456
NGEN has established various Governance boards, councils, and meetings to support the 457
management and delivery of IT services as summarized in Table 3.2.3 -1. 458
459
The NGEN Program CONOPS contains more detailed information on these boards, councils, and 460
meetings (e.g., scope of authority, membership, roles and responsibilities, frequency and 461
schedule, as well as operational procedures). 462
463
The Contractor shall: 464
a. Execute assigned tasks required in the preparation and execution of the Governance 465
entities as identified in the PWS. 466
b. Appoint a representative who has the authority to act on the Contractor’s behalf to 467
participate in and commit to the acceptance and completion of action items assigned by 468
the Governance entity. A brief description of each board’s purpose is provided below. 469
470
Governance Entity Frequency Roles
Program In-Progress Review (IPR) Monthly
Gov: Chair and lead ES and TXS: Provide input and execute assigned elements
Risk Management Board Monthly Gov: Chair and lead TXS/ES: Present and manage assigned risks
Core Build Review Quarterly Gov: Chair ES: Lead
Information Assurance Policy Board Quarterly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Executive Integration Leadership Team Weekly Government only NGEN Senior Integration Board Monthly Government only
NGEN Transition Control Board Weekly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Change Advisory Board Weekly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Engineering Working Monthly Gov: Chair
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
27
Integrated Product Team (WIPT)
ES: Lead Architect TXS: Provide input and execute assigned elements
Enterprise Configuration Control Board Weekly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Incident Management Review Board Weekly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
NetOps/Contractor Network Operations Meeting Bi-weekly
Gov:Chair ES: Lead TXS: Provide input and execute assigned elements
Major Problem Review As Required
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Process Owners Council Monthly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Integration Certification Solution Review
As Required
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
DIACAP Certification As Required
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
DIACAP Accreditation As Required
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Continual Process and Service Improvement Board Quarterly
Gov: Chair ES: Lead TXS: Provide input and execute assigned elements
Training Readiness Review Board Annually
Gov: Chair and lead ES/TXS: Provide input and execute assigned elements
Table 3.2.3 - 1 – NGEN Governance Boards 471
472
NGEN Governance Board Summary Descriptions: 473
a. Program In-Progress Review (IPR) – track progress toward goal; identify newly 474
identified risks and issues; fine-tune strategic objectives based on evolving circumstance; 475
garner leadership support and approval for recommended action. 476
b. Risk Management Board – formal session designed to identify program risks; discuss 477
suggested remediation plans; garner leadership support and approval. 478
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
28
c. Core Build Review – meeting designed to be a quarterly review of the Core Build to 479
discuss new Core Build applications, including new versions and patches (where known), 480
that will be expected to be delivered (pushed) to NMCI/NGEN users over the following 481
quarter. This meeting will be a much smaller version of the annual meeting to specify 482
and verify the Core Build Release schedule for the next fiscal year. 483
d. Information Assurance Policy Board – ensures that information systems meet the dictates 484
of Department of Defense instruction 8500.01E relating to the capabilities integration of 485
personnel, operations, and technology. 486
e. Executive Integration Leadership Team – a government-only meeting designed to review 487
past progress, review upcoming tasks, address known issues, and craft plans to remediate 488
potential risks. 489
f. NGEN Senior Integration Board – executive leadership tasked with making major policy 490
and operational decisions; removing obstacles inhibiting successful transition activities; 491
and establishing working groups and sub-committees as necessary to recommend courses 492
of action. 493
g. NGEN Transition Control Board – tasked with administration and oversight of all 494
transition activities; identification of risks and issues; responsible for ensuring 495
remediation plans are in place and are executable. 496
h. Change Advisory Board – detailed review of proposed changes to the network 497
infrastructure; assess potential impact and consequence of executing proposed change; 498
garner leadership support and approval for proposed change. 499
i. Engineering Working Integrated Product Team (WIPT) – technical working group 500
designed to identify and remediate identified issues and risks for changes affecting the 501
network infrastructure’s fit, form, or function. 502
j. Enterprise Configuration Control Board – executive board designed to assess major 503
modifications to the existing network infrastructure; assess impact and consequence of 504
proposed changes; ensure proposed changes adhere to established, published architectural 505
standards. 506
k. Incident Management Review Board – designed to review past incidents to identify ways 507
in which processes can be improved to prevent future recurrence. 508
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
29
l. NetOps/Contractor Network Operations Meeting – designed to review service metrics; 509
infrastructure, circuits, information assurance, and all other issues of concern to the 510
network operations community. 511
m. Major Problem Review – meeting designed to review and analyze major problems 512
discovered during the course of day-to-day operations; assign ownership of problems to 513
address issues; recommend appropriate changes as necessary. 514
n. Process Owners Council – meeting designed to review and act upon proposed process 515
modifications; discuss and remediate issues with process execution; schedule process 516
audits; brief audit results; and recommend implementation actions. 517
o. Integration Certification Solution Review 518
p. DIACAP Certification – is the standard process under which all Department of Defense 519
information systems will achieve and maintain their Authority to Operate. The DIACAP 520
processes are documented in Department of Defense instruction 8510.01. Information 521
systems apply for DIACAP certification prior to installation and operation. 522
q. DIACAP Accreditation – subsequent to certification, information systems are accredited 523
to ensure that information systems meet the dictates of business need, protection of 524
personal privacy, protection of information being processed, and protection of the 525
information environment. 526
r. Continual Process and Service Improvement Board – a cross-representational group of 527
users tasked with assessing the efficiency and efficacy of the processes and services 528
extant in the network infrastructure, and designing methods and policies for their 529
measurable improvement. 530
s. Training Readiness Review Board – a cross-representational group of users tasked with 531
ensuring operation and support staff and management have received adequate training, 532
and are prepared to assume full responsibility for their assigned activities and tasks. 533
534
A graphical representation of the boards and councils listed above is provided in Figure 3.2.3 - 2. 535
This graphic is not meant to suggest an ordered hierarchical system, but rather a logical 536
representation of how the governance boards relate to, and interact with, one another. 537
538
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
30
539 Figure 3.2.3 - 2 540
541
3.2.4 In-Progress Reviews (IPR) 542
The purpose of the In-Progress Reviews (IPRs) are to review and monitor the Contractors’ 543
performance under the contract. The Government intends to conduct joint IPRs. However, 544
should the need arise as mutually determined by the Government and Contractor, individual IPRs 545
may be conducted. The Contractors shall collaborate with each other and any other service 546
providers to provide common management of the services described below: 547
a. Provide up-to-date progress, program status (e.g., cost, schedule, and performance), risk 548
assessment summary, transition status, issues, etc. in the form of a briefing that is 549
presented at a monthly IPR. (CDRL A003 – Presentation Materials) 550
b. Prepare meeting agenda. (CDRL A002 – Meeting Agenda) 551
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
31
c. Prepare briefing materials to address the mutually agreed agenda items. 552
d. Require the appropriate SMEs participate in the meetings to address all agenda items. 553
e. Propose strategies and technologies improvements to enhance network capabilities and 554
performance and to reduce overall program cost (CDRL A008 – Continuous Service 555
Improvement Plan) 556
557
In addition to the above, the ES Contractor shall plan and host the joint IPR. 558
559
3.2.5 NGEN Risk Management 560
NGEN Risk Management provides an organized means of identifying, measuring, and ranking 561
risks and developing, selecting, and managing options for resolving or mitigating risks. The 562
Contractors shall collaborate with each other and any other service providers to provide common 563
management of the services described below: 564
a. Establish and execute a risk management program in accordance with the Risk 565
Management Guide for DoD Acquisition, Sixth Edition (Version 1.0) and the NGEN 566
Risk Management Plan listed as an attachment in Section J. 567
b. Designate a Risk Manager who reports directly to the Contractor Program Manager and 568
serves as the primary point of contact for the Government on all matters relating to risk 569
management for its portion of the network. 570
c. Identify program risks, conduct risk assessments, and communicate results to the 571
Government. (CDRL A009 – Risk Management Plan) 572
d. Participate in monthly NGEN Risk Management Board meetings. 573
e. Prepare and present new program risks with proposed mitigation plans and strategies and 574
report on the mitigation status of existing risks. 575
576
In addition to the above, the ES contractor shall plan and host meetings. 577
578
3.3 Services Portfolio 579
3.3.1 Engineering Design and Support Services (EDSS) 580
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
32
EDSS encompasses the engineering and technical support services required to design, model, 581
test, pilot, and implement the systems and infrastructure required to deliver voice, video, and 582
data services. EDSS includes managing the resources, systems, and services to meet business 583
and mission requirements. EDSS provides a structured and disciplined life cycle systems 584
engineering approach to manage the enterprise architecture. 585
586
EDSS are shared services. The ES Contractor is designated as the primary service provider, and 587
the TXS Contractor is designated as the supporting service provider. The Contractors shall 588
collaborate with each other and any other service providers to provide common management of 589
the services described below: 590
a. Perform systems engineering processes and procedures in accordance with the 591
Government engineering and technical policies described in the NGEN Systems 592
Engineering Plan (SEP). 593
b. Update and refine the NGEN integrated architecture documentation to reflect new or 594
modified services, processes, and designs as well as changes in the environment. 595
c. Document all requirements in the master Requirements Traceability Matrix (RTM) and 596
the NGEN RQMP tool(s) [currently Dynamic Object Oriented Requirements System 597
(DOORS)]. (CDRL A010 – Requirements Traceability Matrix) 598
i. Provide requirements decomposition and allocation into the ES-developed joint 599
Requirements Traceability Matrix (RTM) for all joint NGEN projects. 600
ii. Provide NGEN RQMP tool(s) software licenses necessary for the Contractor to 601
fulfill its requirements responsibility. 602
d. Participate in the planning and execution of the monthly Engineering Integrated Product 603
Team (IPT) meetings in accordance with the SEP guidelines. 604
e. Provide the following participation in monthly Engineering IPT meetings: 605
i. Program Management 606
ii. Security 607
iii. Messaging 608
iv. Directory 609
v. Operations 610
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
33
vi. Testing and Evaluation 611
f. Provide the Contractors’ respective portion of the end-to-end design documentation in 612
support of new services and modifications to existing services. (CDRL A011 – Technical 613
Baseline Documents) 614
g. Develop all designs for 1) Entrance Facilities (EF) and the respective Main Cross 615
Connect (MCC) equipment; and, 2) Telecommunications Room (TR) and the respective 616
Intermediate Cross Connect (ICC) equipment in compliance with governing architectural, 617
mechanical, and electrical requirements. 618
h. Deliver all design hardware and software specifications and Bill of Materials (BOM) 619
including incorporation of input from the Government. 620
i. Use the following industry standards as the basis to design IT facilities. 621
i. ANSI / TIA / EIA 569-A, Commercial Building Standard for 622
Telecommunications Pathways and Spaces. 623
ii. ANSI / TIA / EIA 568-B.1, Commercial Building Telecommunications Cabling 624
Standard. 625
iii. NFPA 70, National Electric Code. MIL-HDBK-1012/3, Telecommunications 626
Premises Distribution Planning, Design, and Estimating. 627
iv. Environment, Safety, Occupational Health (ESOH) in accordance with MIL-STD-628
882D (System Safety). 629
j. Develop, update, and maintain all as-built site drawings and associated documentation for 630
components and functions for all sites. (CDRL A012 - As Built and Network Topology 631
Drawings) 632
i. Maintain existing drawings in its current format. 633
ii. Develop new drawings in accordance with the SPAWAR Shore Installation 634
Process Handbook. 635
k. Maintain all service and domain topology diagrams. (CDRL A012 - As Built and 636
Network Topology Drawings) 637
l. Plan and execute quarterly design and program technical reviews. 638
i. Present designs for quarterly software and hardware releases. (CDRL A003 – 639
Presentation Materials) 640
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
34
641
In addition to the above, the ES Contractor shall: 642
a. Administrative oversight of requirements for all projects including the development of a 643
Requirements Traceability Matrix (RTM) as well as capturing and maintaining the 644
requirements in the NGEN RQMP tool(s). 645
b. Conduct Engineering Board meetings. 646
c. Integrate and deliver the end-to-end design documentation in support of new services and 647
modifications to existing services. (CDRL A011 – Technical Baseline Documents) 648
649
In addition to the above, the TXS Contractor shall provide Network Engineering participation in 650
monthly Engineering meetings. 651
652
3.3.1.1 Systems Engineering Technical Review (SETR) Process 653
The Systems Engineering Technical Review (SETR) process is an integral part of systems 654
engineering and the life cycle management of acquisition and modernization programs and are 655
used to assess the technical health of a program. The SETR process is documented in the Navy 656
Systems Engineering Technical Review Handbook. The NGEN program includes a SETR at the 657
beginning of contract execution to establish technical baselines, and SETR events following 658
transition to evaluate the risks as well as standards and policy compliance for major changes. 659
The NGEN SEP is the governing document for SETR events. 660
661
3.3.1.1.1 SETR – Beginning of Contract Execution 662
The purpose of the SETR events at the beginning of contract execution is for both Contractors to 663
demonstrate full understanding of all NGEN technical requirements and validate the allocated, 664
product, and operational technical baselines. 665
666
The Contractors shall: 667
a. Map NGEN PWS requirements to Contractors manning, process, procedures, and tools 668
and provide a Requirements Traceability Matrix (RTM). (CDRL A010 – Requirements 669
Traceability Matrix) 670
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
35
b. Review and update the technical baselines to be used as the basis for managing deviations 671
in accordance with the NGEN CMP. 672
i. Validate and, as required, update the allocated baseline. (CDRL A011 – Technical 673
Baseline Documents) 674
ii. Validate and, as required, update the product baseline as described in the Defense 675
Acquisition Guidebook. (CDRL A011 – Technical Baseline Documents) 676
iii. Validate and, as required, update the operational baseline. (CDRL A011 – 677
Technical Baseline Documents) 678
c. Provide the allocated baseline to the Government for review and approval. (CDRL A011 679
– Technical Baseline Documents) 680
d. Present the allocated baseline and the following draft documents at the Preliminary 681
Design Review (PDR): 682
i. Technology Refresh Plan (TRP). (CDRL A014 - Technology Refresh Plan) 683
ii. Configuration Management Implementation Plan (CMIP). (CDRL A015 – 684
Configuration Management Implementation Plan) 685
iii. Risk Management Plan. (CDRL A009 – Risk Management Plan) 686
iv. Phase-In Plan. (CDRL A016 – Phase-In Plan) 687
v. Service Management Plan (SMP). (CDRL A042 – Service Management Plan) 688
e. Provide the product baseline to the Government for review and approval. 689
f. Present the allocated baseline and the following draft documents at the Critical Design 690
Review (CDR): 691
i. TRP. (CDRL A014 - Technology Refresh Plan) 692
ii. CMIP. (CDRL A015 – Configuration Management Implementation Plan) 693
iii. Risk Management Plan. (CDRL A009 – Risk Management Plan) 694
iv. Phase-In Plan. (CDRL A016 – Phase-In Plan) 695
v. SMP. (CDRL A042 – Service Management Plan) 696
g. Develop and deliver a Systems Engineering Management Plan (SEMP) including [e.g., 697
the approach to planning and controlling 1) Government assigned systems engineering 698
projects to meet cost, schedule, and performance requirements; and, 2) Government 699
assigned systems engineering tasks (e.g., technology analysis and trade-off studies, 700
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
36
design process and synthesis, logistics support analysis, training, requirements, and 701
specifications management)]. (CDRL A013 – Systems Engineering Management Plan) 702
h. Maintain the allocated, product, and operational baselines in accordance with the SEMP 703
and the CMIP. 704
705
In addition to the above, the ES Contractor shall: 706
a. Develop and submit a consolidated set of PDR and CDR documentation: 707
i. Allocated baseline. (CDRL A011 – Technical Baseline Documents) 708
ii. Product baseline. (CDRL A011 – Technical Baseline Documents) 709
iii. Operational baseline. (CDRL A011 – Technical Baseline Documents) 710
iv. RTM. (CDRL A010 – Requirements Traceability Matrix) 711
v. SEMP. (CDRL A013 – Systems Engineering Management Plan) . 712
vi. TRP. (CDRL A014 – Technology Refresh Plan) 713
vii. CMIP. (CDRL A015 – Configuration Management Implementation Plan) 714
viii. Risk Management Plan. (CDRL A009 – Risk Management Plan) 715
ix. Phase-In Plan. (CDRL A016 – Phase-In Plan) 716
x. SMP. 717
718
3.3.1.1.2 SETR – Post Transition 719
The purpose of the SETR events post transition is for both Contractors to document the plans, 720
risks, and mitigation strategies to support major modifications to either the NGEN infrastructure 721
or service delivery framework. 722
723
The Contractors shall plan and execute SETR events in accordance with the SEP guidelines. 724
725
3.3.1.2 Core Build Contents Services 726
The NGEN Workstation Core Build is comprised of the desktop Operating System (OS), core 727
applications (e.g., Microsoft Office Suite, Java, Adobe Reader, and Anti-Virus), as well as 728
hardware specific configuration items and the associated configuration characteristics for a 729
specific workstation platform. Changes to the Core Build occur when 1) specific Core Build 730
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
37
components are updated; 2) new components are added to the Core Build; 3) security patches are 731
applied to the components in the Core Build; or, 4) existing Core Build components are retired 732
and removed from the Core Build. 733
734
The Contractors shall engineer, test, and integrate the NGEN Core Build to deliver the services 735
required in the contract. 736
737
In addition to the above, the ES Contractor shall: 738
a. Provide, operate, and maintain Core Build software and associated updates. 739
b. Design, configure, integrate, implement, update, test, and maintain workstation Core 740
Builds for all current and future operating systems approved for use on NGEN, including 741
virtual operating systems in accordance with the NGEN Core Build and the CMIP. 742
i. Manage and test GFE software compability with the Core Builds. 743
ii. Provide a GFE software management capability that allows for the tracking and 744
reporting of GFE allocation and use. 745
c. Incorporate Government requirements identified at the quarterly Core Build Review 746
meeting. 747
d. Test all client applications on the Core Build for compatibility with other Core Build 748
software. 749
e. Integrate approved computer software into the Core Build before deploying it to client 750
workstations. 751
f. Provide the Core Build to the Government so that it can be scanned for security 752
vulnerabilities. (CDRL A017 – Core Build Software Plan) 753
g. Provide the capability to remove software identified to have security vulnerabilities from 754
end user workstations. 755
h. Identify, document, and develop a mitigation strategy to resolve known and potential 756
compatibility issues with other Core Build software, information assurance settings, 757
network infrastructure, network operations, virus protection, and standard hardware 758
configurations. 759
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
38
i. Submit a DIACAP Certification and Accreditation (C&A) package to the Government 760
for approval for each Core Build. (CDRL A018 – DoD Information Assurance 761
Certification and Accreditation Package) 762
j. Complete the DON Application and Database Management System (DADMS) 763
registration paperwork for Government submission and approval for each new 764
application on the Core Builds including new versions of the application. 765
k. Develop a Core Build image for building and rebuilding of end user workstation. 766
l. Maintain current library of Designated Approving Authority (DAA) approved 767
workstation Core Build images. 768
m. Maintain and provide for Government use a comprehensive list of the Core Build and 769
Enterprise Configuration Control Board (ECCB) approved software, software patches, as 770
well as Group Policy Objects (GPOs) and upgrades approved by the Government for 771
installation on the Network. (CDRL A017 – Core Build Software Plan) 772
n. Recommend enhancements of the Core Build process and products to the Government. 773
o. Develop an annual workstation Core Build Software Update Plan to address known 774
schedules for vendor software upgrades, end of support timelines, and planned upgrades 775
to Government-provided Core Build software (e.g., Office Suite). (CDRL A017 – Core 776
Build Software Plan) 777
i. Coordinate with the Government to ensure specific functionality requirements 778
identified by the Government and planned upgrades to Government-owned Core 779
Build software are included in the Core Build Software Update Plan. 780
ii. Address yearly deployment schedules and long term upgrades (five years ahead) 781
in the Core Build Software Upgrade Plan. 782
p. Develop, test, and deliver quarterly Core Build releases. 783
i. Present plans for release on the fifth day of each quarter (5 Oct, 5 Jan, 5 Apr, and 784
5 Jul). 785
ii. Test quarterly releases against existing hardware configurations and report results 786
to the Government. (CDRL A026 – Test Reports) 787
iii. Process proposed Core Build changes in accordance with the CMIP. 788
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
39
iv. Deliver quarterly releases in accordance with the NGEN Release and Deployment 789
process. 790
791
3.3.1.3 Computer-Electronic Accommodations Program (CAP) 792
The Computer-Electronic Accommodations Program (CAP) is a no-cost service, managed and 793
funded by the DoD, which provides assistive technology, devices, and services to federal 794
employees with disabilities. CAP makes it possible for people with disabilities to have equal 795
access to the information in the electronic and telecommunication work environments. 796
797
The ES Contractor shall: 798
a. Provide and maintain Electronic and Information Technology (EIT) in accordance with 799
Section 508 of the Rehabilitation Act of 1973 (29 U.S.C. 794d) as amended by the 800
Workforce Investment Act of 1998 (P.L. 105 - 220). 801
b. Designate a point of contact to interface with the DoD CAP office. 802
c. Perform configuration management on all SW, HW, and HW peripherals provided by the 803
CAP Office and ensure all network end users of CAP purchased SW, HW, and HW 804
peripherals are operating to the same baseline configuration. (e.g., multiple versions of 805
the same SW shall be avoided). 806
d. Identify and complete certification testing and submit the certification package to the 807
Government within 30 days of receiving SW, HW, or hardware peripherals provided by 808
the CAP Office. 809
e. Install and test SW, HW, and HW peripherals, within 30 days of receipt from the CAP 810
office or within 30 days of Government accreditation of the solution. 811
f. Maintain all SW, HW, and HW peripherals provided by the CAP Office. 812
813
3.3.1.4 Modernization and Technology Refresh 814
Modernization consists of proposing, planning, testing, and implementing new technologies to 815
maintain current capabilities and performance at lower cost or provide improved capabilities and 816
performance at the same cost. NGEN goals for modernization include: 1) incorporation of 817
transformational technologies and service architectures that lead to improved efficiency (reduced 818
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
40
total ownership costs) and increased performance; 2) enhanced situational awareness and 819
associated tools in support of network C2; and, 3) improved security in response to threats and 820
vulnerabilities. To the extent possible, the Government’s desire is for key modernization 821
initiatives be fully integrated and executed with technical refresh activities. 822
823
Technology Refresh is the periodic replacement of NGEN HW, SW (non-end user software), and 824
select non-IT assets [e.g., electrical panels and Heating, Ventilation, and Air Conditioning 825
(HVAC)] to avoid obsolescence and loss of Original Equipment Manufacturer (OEM) support, 826
improve reliability and availability, and to remain current with Government security 827
requirements and industry IT standards. 828
829
NGEN Technology Refresh Planning Guidance document is listed as an attachment in Section J. 830
The Navy Modernization Framework is included as Appendix I to the Guidance document. 831
832
Modernization and Technology Refresh is a shared service. The ES Contractor is designated as 833
the primary service provider, and the TXS Contractor is designated as the supporting service 834
provider. The Contractors’ shall collaborate with each other and any other service providers to 835
provide common management of the services described below: 836
a. Develop and provide Technology Refresh Plans (TRPs) in accordance with the 837
requirements identified in the NGEN Technology Refresh Planning Guidance document. 838
(CDRL A014 – Technology Refresh Plan) 839
i. Integrate the following modernization elements into the TRPs per the Navy 840
Modernization Framework contained in the Guidance document. 841
a) Basic Technology Refresh for End-of-Support (EOS) and End-of-Life 842
(EOL) components. 843
b) NGEN Multi-Protocol Label Switching (MPLS). 844
c) Network Server Farm Consolidation at Government facilities. 845
d) Internet Protocol version (IPv6). 846
ii. Propose alternate technology refresh strategies in the yearly TRP updates that 847
reduce Government total ownership cost. 848
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
41
iii. Manage changes to the TRP in accordance with the approved Configuration 849
Management Implementation Plan (CMIP). Cover the period encompassing the 850
current Future Year Defense Program (FYDP). 851
b. Participate in a formal review of TRP with the Government within 30 calendar days after 852
submission of the TRP. Objectives of the review are to: 853
i. Validate specified HW and SW conform to approved or certified solution 854
requirements. 855
ii. Validate alignment with NGEN TRP framework. 856
iii. Obtain Government approval of the TRP. 857
c. Develop Engineering Change Proposals (ECPs) as part of the TRP that articulate impacts 858
of proposed changes to the technical baselines, technical performance measures, and 859
Integrated Architecture. (CDRL A023 – Engineering Change Proposal – Request for 860
Change) 861
i. Update design documentation to reflect the impacted technical baselines. (CDRL 862
A011 – Technical Baseline Documents) 863
ii. Provide installation documentation and Bill of Materials. (CDRL A025 – 864
Installation Technical Documentation and Plans) 865
iii. Provide Certification and Authorization (C&A) DIACAP artifacts. (CDRL A018 866
– DoD Information Assurance Certification and Accreditation Package) 867
iv. Ensure proposed Commercial off the Shelf (COTS) IA and IA-enabled products 868
are compliant with DoD 8500.01E. 869
v. Provide test plans and procedures. (CDRL A024 – Test Plans and CDRL A033 – 870
Test Procedures) 871
vi. Provide service or system operations and maintenance costs. 872
d. Test and install technology refresh components for designated HW and SW in accordance 873
with the approved TRP. 874
i. Conduct and report completion of required interoperability and compatibility 875
testing for the technology refresh HW and SW. (CDRL A026 – Test Reports) 876
ii. Conduct installations per established NGEN Release and Deployment process 877
requirements listed as an attachment in Section J. 878
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
42
iii. Provide for the receipt, warehousing, distribution, and installation of technology 879
refresh assets in accordance with the approved Asset Management 880
Implementation Plan (AMIP). (CDRL A021 – Asset Management 881
Implementation Plan) 882
iv. Provide a monthly report of the status of the Contractor’s technology refresh plan. 883
(CDRL A007 – Monthly Status Report) 884
v. Document asset and configuration changes in accordance with the CMIP. 885
f. Dispose of equipment no longer supporting NGEN in accordance with FAR 52.245-1. 886
887
In addition to the above, the ES Contractor shall: 888
a. Consolidate and provide an integrated TRP. 889
b. Collect and integrate TXS input into all documentation. 890
c. Publish a consolidated technology refresh schedule and deployment plan updates no later 891
than 14 calendar days after receiving Government-approved change requests. 892
893
3.3.1.5 Navy Enterprise Portal (NEP) 894
The ES Contractor shall establish a Navy Enterprise Portal (NEP) to provide Knowledge 895
Management (KM) capabilities such as an end user customizable workspace, content repository, 896
search, document management, workflow, blog, wiki, notifications, discussion threads, and 897
community or team based support for calendars, tasks, and email in accordance with NEP 898
Requirements listed as an attachment in Section J. 899
900
3.3.2 Enterprise Operations Services 901
Enterprise Operations Services include the day-to-day activities required of the ES and TXS 902
Contractors to provide end-to-end monitoring, management, administration, and maintenance for 903
all NGEN services and infrastructure. 904
905
Enterprise Operations Services are shared services. The ES Contractor is designated as the 906
primary service provider, and the TXS Contractor is designated as the supporting service 907
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
43
provider. The Contractors shall collaborate with each other and any other service providers to 908
provide common management of the services described below. 909
910
3.3.2.1 Network Operations Center (NOC) Services 911
The Network Operations Center (NOC) Services provide 1) management and oversight of day-912
to-day operations and maintenance of the NGEN network and associated services; 2) support 913
remote management and change control to the network and service environment; and, 3) respond 914
to network service anomalies and incidents. 915
916
The Contractors shall: 917
a. Monitor and manage assigned infrastructure and services (e.g., capacity, health, 918
performance, and utilization). 919
i. Provide near real-time [as defined in Joint Pub 1-02 Common Operational Picture 920
(COP)] performance as well as health, availability, and capacity data of assigned 921
IT services, systems, and infrastructure. 922
ii. Prioritize events, incidents, and problems for presentation as part of the COP 923
dashboard. 924
b. Provide status of compliance with Information Assurance Vulnerability Management 925
(IAVM) directed actions, USCYBERCOM Communications Tasking Orders (CTOs), 926
and other Government Directed Actions (GDAs) for assigned components and functions. 927
(CDRL A007 - Monthly Status Report) 928
c. Accept, distribute, track, and mitigate all assigned NetOps incidents in accordance with 929
the Navy Process Development Model (NPDM) listed as an attachment in Section J: 930
i. General Service Incidents: Service and infrastructure related incidents (e.g., loss 931
of service, poor performance, and service anomalies). 932
ii. Electronic Spillage: An incident where classified, Personal Identifiable 933
Information (PII), Navy Nuclear Power Information (NNPI), or Community of 934
Interest (COI) information, is introduced on an IT system or network that is not 935
authorized to hold or process such data. 936
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
44
iii. Unauthorized Disclosure (UD): Any incident where information, data or files 937
have been made available to a person or persons who do not have authorized 938
access. 939
iv. INFOCON and CYBERCON Incidents: Incidents to increase the measurable 940
readiness and operational capabilities of specific command networks for the 941
Commander USSTRATCOM HQ, regional commanders, service chiefs, as well 942
as base, post, camp, station, and vessel commanders, and agency directors. 943
v. Investigations: Activities associated with complex incidents requiring more in-944
depth data collection for command or law enforcement issues. 945
vi. Security Incidents: 946
a) Perimeter Configuration Incident: Incident that requires the 947
implementation or removal of a specific Computer Network Defense 948
(CND) or Network Operational configuration that either blocks or permits 949
network access. 950
b) Security Event (1): Efforts to address actual or potential CND event, 951
incident, or identified threat. 952
c) Security Event (2): End user level intrusion (rogue systems). 953
vii. Vulnerability Identification and Mitigation: Activities required to decrease, 954
reduce, or eliminate a weakness in an 1) information system; 2) system security 955
procedures; 3) internal controls; or, 4) implementation that could be exploited. 956
d. Provide required performance data to the NGEN Enterprise Performance Management 957
Database (EPMD) and Client Performance Management Database (CPMD). 958
a. Generate an incident ticket when any metric operates outside of thresholds. 959
e. Respond to all security related Government Directed Actions (GDAs) in coordination 960
with the other service providers, with expediency consistent with technical constraints 961
and capabilities: 962
i. Design, track, document, and implement GDAs with input from other NGEN 963
service providers. 964
ii. Submit extension requests for GDA to the GDA issuing authority for 965
consideration prior to a lapse of 50% to the original compliance window. The 966
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
45
"compliance window" is the time between GDA issuance and its compliance 967
deadline. 968
969
In addition to the above, the ES Contractor shall: 970
a. Operate and maintain the electronic dashboard (i.e. COP) that includes an integrated 971
status of the infrastructure and services as well as events and incidents and the associated 972
impacts and mitigation plans. 973
b. Provide the combined near real-time COP to the Navy NetOps control authorities (C2 974
facilities and watch standers on both the Navy classified and unclassified networks) via 975
electronic network management systems. 976
c. Operate and maintain the connection to and integration into the NNWC Enterprise 977
Network Management System (ENMS) ensuring continued compliance with the Navy 978
Enterprise Service Profile (NESP), Network Operations, Network and Systems 979
Management. 980
981
In addition to the above, the TXS Contractor shall: 982
a. Coordinate with the ES contractor to obtain the required access privileges to EPMD for 983
the input and management of TXS information. 984
b. Coordinate with the ES contractor to determine the appropriate actions and response to 985
assigned Government Directed Actions (GDA). 986
987
3.3.2.2 Security Operations Center (SOC) Services 988
The Security Operations Center (SOC) Services manage the security infrastructure and policies 989
within the NGEN environment. SOC services include centralized maintenance, operation, 990
reporting, and upgrading of systems that support and enhance the NGEN Information Assurance 991
(IA) posture (e.g., confidentiality, availability, integrity, and non‐repudiation). 992
993
The Contractors shall: 994
a. Operate and maintain all assigned IA and Computer Network Defense (CND) systems. 995
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
46
b. Provide security event data feeds to the CND databases in accordance with Security 996
Event Management Services requirements contained in this PWS and as described in the 997
NPDM. 998
c. Provide security configuration management in accordance with Security Configuration 999
and Management Services requirements contained in this PWS. 1000
1001
In addition to the above, the ES Contractor shall provide centralized NGEN Enterprise Security 1002
COP. 1003
1004
3.3.2.3 Service Order Management 1005
The purpose of Service Order Management is to plan, submit, review, fund, approve, receive, 1006
deliver, and pre-invoice service requests. 1007
1008
3.3.2.3.1 Ordering Tool Interface 1009
The Contractors shall: 1010
a. Develop and provide an electronic web-based ordering capability. 1011
i. Minimize disruptions and risk during transition. 1012
ii. Develop risk mitigation plans as needed. 1013
iii. Provide an interface that complies with the attached NGEN NET Interface 1014
Control Document listed as an attachment in Section J. 1015
iv. Provide workflow capability from initiation of the order to closeout: 1016
a) Include secure transactions in conformance with DoD Public Key 1017
Infrastructure (PKI). 1018
b) Retain ordering data, to comply with FAR record retention requirements. 1019
c) Adhere to the workflow in the NGEN Program CONOPS. 1020
b. Support bilateral and unilateral orders and modifications including obligation and de-1021
obligation of Government funds. 1022
c. Synchronize service catalog offerings with the Government designated ordering tool. 1023
d. Acknowledge the status of pending service orders. 1024
e. Provide order status to include, e.g.: 1025
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
47
i. Order Accepted Notification – Send an electronic order notification within 24 1026
hours of the timestamp from the ordering system. 1027
ii. Order Rejection Notification – Provide electronic order notification within 24 1028
hours of the time stamp in the ordering system and provide the reason with 1029
justification why the service request cannot be fulfilled. 1030
iii. Delivery Scheduled – Send an electronic order status notification. 1031
iv. Delivery Complete – Send an electronic order status notification. 1032
f. Provide Receipt Validation services: 1033
i. Maintain a web-based tool that provides pre-invoice data to the ordering authority 1034
for validation prior to invoicing. 1035
ii. Allow government to validate dates and quantities as presented or change the 1036
dates and quantities to reflect actual delivery. 1037
iii. Reconcile discrepancies between Government and Contractor records. 1038
iv. Provide accurate asset data as defined AMIP. 1039
1040
3.3.2.3.2 Order to Delivery (OTD) 1041
NGEN OTD service requests are received, tracked end-to-end, and acted on in the timeframe 1042
specified by the Government. OTD service requests are tracked in the Order Management 1043
system and closed when the Government signs off on the installation. 1044
1045
The Contractors shall: 1046
a. Monitor queues for the execution of OTD service requests in accordance with the stated 1047
requirement. 1048
b. Submit additions and deletion to the queues as service requests are generated or fulfilled. 1049
c. Update and maintain the applicable OTD processes in conjunction with the Government 1050
and other service providers. 1051
d. Perform all tasks on the work order in the time stated. 1052
1053
3.3.3 Application Hosting Services (AHS) 1054
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
48
AHS provide a protected application hosting environment comprised of standardized, common 1055
HW and SW platforms. Application Hosting includes hosting a mix of enterprise, Community of 1056
Interest (COI), and individual command applications and systems. 1057
1058
3.3.3.1 AHS at a Commercial Facility 1059
The ES Contractor shall: 1060
a. Design, procure, install, operate and maintain AHS consistent with requirements and 1061
tasks contained in the Application Hosting Requirements. 1062
i. Provide a centrally managed hosting environment within Contractor owned and 1063
operated facilities and infrastructure to host enterprise, command-owned, and 1064
Community of Interest (COI) applications and systems. 1065
ii. Migrate applications currently hosted at the incumbent facility as contained in the 1066
Application Hosting Requirements. 1067
iii. Provide the capability for Government application administrators to remotely 1068
access and manage hosted applications, systems, and data. 1069
b. Provide Continuity of Operations (COOP) backup hosting capability at a site remote from 1070
the primary hosting site. 1071
c. Provide for the hosting of new applications at the Contractor's commercial application 1072
hosting facility. 1073
1074
3.3.4 Directory Services 1075
Directory Services provide central authentication and resource locator services that deliver a 1076
distributed computing environment. These services support the management and use of file 1077
services, network resources, security services, messaging, web, e-commerce, white pages, and 1078
object-based services across NGEN. 1079
1080
Directory Services are shared services. The ES Contractor is the primary service provider, and 1081
the TXS Contractor is the supporting service provider. The Contractors shall collaborate with 1082
each other and any other service providers to provide common management of the services 1083
described below: 1084
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
49
a. Use Government-provided Alternative Log on Token (ALT) for system administrator 1085
access. 1086
b. Maintain a directory structure within the NGEN forest to support the integration of DoD 1087
networks [e.g., the Consolidated Afloat Networks and Enterprise Services (CANES) and 1088
other ashore services as designated by the Government] by establishing, testing, and 1089
maintaining the required secure network interfaces between the prescribed end points. 1090
1091
In addition to the above, the ES Contractor shall: 1092
a. Maintain top-level Active Directory (AD) administrator accounts. 1093
b. Provide support for the TXS Contractor functions by enabling: 1) distributed access to 1094
network management tools; 2) network-enabled devices for configuration change; 3) 1095
testing; and, 4) maintenance-related activities. 1096
c. Comply with the current naming conventions. 1097
d. Operate and maintain Directory Services, e.g.: 1098
i. Group Policy management. 1099
ii. Monitoring of replication speed. 1100
iii. Maintenance of the .dit file. 1101
iv. Perform schema extensions. 1102
v. Cleanup of orphaned objects and inactive end user and computer objects as 1103
directed by the Government. 1104
vi. End user provisioning. 1105
vii. Apply security updates as directed by the Government. 1106
e. Provide ability to browse the Global Address List (GAL) via Outlook and Outlook Web 1107
Access. 1108
f. Support existing AD interfaces and integration capabilities between the NGEN DON 1109
Directory structure and the Defense Enrollment and Eligibility Reporting System 1110
(DEERS). 1111
g. Provide capability for local, mobile, and remote end users, devices, and applications to 1112
access directory services where NGEN connectivity is available. 1113
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
50
h. Monitor the health of AD components such as Active Directory Application Mode 1114
(ADAM) Suites, and AD trusts within the NGEN enclave via B1, Demilitarized Zone 1115
(DMZ), and B2 connections. 1116
i. Maintain synchronization of all existing GAL Interop contacts on the classified network 1117
with internal DON partners [e.g., ONE-NET, Bureau of Medicine (BUMED), and IT-21 1118
ship and shore] and the Defense Intelligence Agency (DIA), as directed by the 1119
Government. 1120
j. Maintain synchronization of all currently defined attributes contained in AD on the 1121
classified network with internal DON partners (ONE-NET, BUMED, and IT 21 ship and 1122
shore) and the DIA every 24 hours or less. 1123
k. Establish and maintain synchronization of the directory with external directories in other 1124
designated trusted networks (e.g., Naval, DoD, and Federal). 1125
l. Synchronize the following attributes: 1126
i. Surname. 1127
ii. Given-Name. 1128
iii. Initials. 1129
iv. Generation-Qualifier. 1130
v. Personal-Title. 1131
vi. Company. 1132
vii. Department. 1133
viii. Electronic Data Interchange - Personal Identifier (EDI-PI). 1134
ix. Email-Addresses. 1135
x. Title. 1136
xi. Country-Of-Citizenship. 1137
xii. Employee-Type. 1138
xiii. Display-Name. 1139
xiv. Obj-Dist-Name. 1140
xv. Locality-Name. 1141
xvi. End User Certificate. 1142
m. Synchronize Directory to JEDS. 1143
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
51
n. Provide directory responsiveness report in accordance with Government defined 1144
parameters. 1145
o. Establish a directory structure within the NGEN forest to integrate DoD network 1146
directories. 1147
1148
In addition to the above, The TXS Contractor shall: 1149
a. Maintain directory synchronization with the Joint Enterprise Directory Service (JEDS) 1150
through the appropriate transport boundaries by establishing, testing, and maintaining the 1151
required secure network interfaces between the prescribed end points. 1152
b. Operate and manage AD-enabled TXS infrastructure components via supplied, role-1153
based, and delegated AD administrative accounts and group memberships provisioned by 1154
ES Provider. TXS-specific administrative accounts will be provisioned with the 1155
appropriate level of permissions and privileges within dedicated TXS organizational units 1156
(OUs) to effectively manage all TXS components provisioned within the TXS OU 1157
hierarchy. 1158
c. Utilize delegated administrator accounts to support TXS functions by enabling distributed 1159
access to network management tools and network-enabled devices for configuration 1160
change, testing, and implementation of new capabilities per GDA. 1161
d. Provide secure network TXS capability for local, mobile, and remote end users, devices, 1162
and applications to reliably utilize and authenticate against Directory Services. 1163
e. Operate and maintain the underlying TXS elements supporting the delivery of Directory 1164
Services within the NGEN enclave, B1, B2, B3, DMZ, COI, and Transport Boundary. 1165
1166
3.3.5 Cross Domain Security (CDS) Services 1167
Cross Domain Security (CDS) Services provide the required degree of cross domain access (two 1168
different security domains) to enable the exchange of information across national, security, and 1169
management domain boundaries in compliance with Chairman of the Joint Chiefs of Staff 1170
Instruction (CJCSI) 6211.02C. All IA policies and regulations as listed in Section 2. 1171
1172
The ES Contractor shall: 1173
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
52
a. Recommend new solutions and designs to the Government to include multi-level thin 1174
clients. 1175
b. Integrate, implement, operate, and maintain a solution(s) for sharing information across 1176
security domains that enables the following cross domain functional capabilities 1177
synchronized to rights management, Domain Name System Security (DNSSEC) 1178
Extensions, and SIPRNet DoD-approved smart card authentication: 1179
i. Deliver (i.e., push or export) data to specified recipients. 1180
ii. Import (i.e., pull) data from repositories in other domains. 1181
iii. Exchange email with attachments. 1182
iv. Enforce reliable human review when required (high-to-low only). 1183
v. Enforce content release policy (high-to-low only). 1184
c. Implement, operate, and maintain content and allowable action restrictions [utilizing 1185
directory, Group Policy Object (GPO), rights management, SIPRNet DoD smart card 1186
authentication, and DNSSEC capabilities native to core build systems and end points, in 1187
addition to the standard mechanisms of the network] based on the trust agreement for 1188
each type of data exchange. 1189
d. Implement, operate, and maintain data protection and data tracking capabilities when 1190
NGEN upgrades SIPRNet and NIPRNet domain controllers, SIPRNet and NIPRNet 1191
enterprise services, SIPRNet authentication to DoD approved smart card systems and 1192
methods, and core operating systems on servers and end user end points. 1193
e. Enable metadata tagging of network resources with the data necessary for determination 1194
and enforcement of policy compliance in the rights management infrastructure. 1195
f. Enforce cross domain trust agreement and policy changes in timeframes agreed upon by 1196
the Contractor and the Government. 1197
1198
3.3.6 Security Configuration and Management Services 1199
Security Configuration and Management Services provides an enterprise wide security 1200
compliance capability that scans and remediates NGEN servers, services, and all end points for 1201
out-of compliance conditions such as changed settings, outdated patches, and illicit software. 1202
All IA policies and regulations as listed in Section 2. 1203
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
53
1204
Security Configuration and Management Services are shared services. The ES Contractor is 1205
designated as the primary service provider, and the TXS Contractor is designated as the 1206
supporting service provider; except for Network Cryptography Services where TXS Contractor 1207
is the primary service provider. The Contractors shall collaborate with each other and any other 1208
service providers to provide common management of the services described below. 1209
1210
The ES Contractor shall: 1211
a. Integrate and correlate data across the NGEN systems, servers, services, and end points to 1212
measure, monitor, remediate, and remove threats to the environment. 1213
b. Implement, operate, and maintain IA capabilities and components including: 1214
i. Network Access Control (NAC). 1215
ii. Anti-Malware appliances, hardware, and software. 1216
iii. Host Based Security System (HBSS) and supporting infrastructure. 1217
iv. Anti-spam. 1218
v. Mail filtering. 1219
c. Correlate data and manage information from all IA sensors and devices (e.g., profiling of 1220
end-to-end threat vectors). 1221
d. Recommend design, plan, and implementation actions as required by each of the Cyber 1222
Readiness Conditions and execute Government approved actions. 1223
e. Validate and maintain the current network and system configuration baseline of all ES IA 1224
items and required security attributes within the Configuration Management Data Base 1225
(CMDB) in accordance with the approved CM Implementation Plan. 1226
f. Ensure in scope HW and SW support the Computer Network Defense (CND) functions in 1227
accordance with existing DoD and DON directives, (e.g., Communications Tasking 1228
Orders). 1229
g. Provide the Government with administrative services to support measuring, analyzing, 1230
documenting, distributing, and mitigating Security Configuration Management (SCM) 1231
across the NGEN environment. 1232
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
54
h. Report the status of implementation and remediation of NGEN SCM as well as the 1233
Government resolution of NGEN SCM conflicts. (CDRL A007 - Monthly Status Report) 1234
i. Manage SCM of assigned IA devices including: 1235
a) Central administration of overall NGEN SCM status. 1236
b) Execution of bi-monthly SCM scanning. 1237
c) SCM data collection and analysis. 1238
d) Mitigation of assigned SCM configurations. 1239
ii. Execute overall tactical administration of end-to-end data correlation, multi-1240
vector threat analysis, as well as enterprise integration and coordination of IA 1241
functions and capabilities. 1242
i. Analyze information systems and networks to identify potential security weaknesses and 1243
exposures to known threats. 1244
i. Provide performance measurements, logs, and information feeds from the security 1245
monitoring systems [e.g., Host Based Security System (HBSS) and Intrusion 1246
Prevention System (IPS)]. 1247
ii. Provide access to historical data for 90 days through standard protocols [e.g., 1248
Extensible Markup Language (XML) Simple Object Access Protocol (SOAP), 1249
and provide summary management reports]. (CDRL A027 – Summary 1250
Management Report) 1251
iii. Integrate, operate, and maintain DoD provided standard vulnerability scanning 1252
tools. Incorporate revisions and updates within 120 calendar days of DoD release. 1253
iv. Provide Routine Vulnerability Scans Analysis Report. (CDRL A028 – Technical 1254
Report) 1255
v. Provide an updated POA&M every 90-calendar days with the status of any 1256
outstanding vulnerability. 1257
j. Operate and maintain the current SCM tools and databases. 1258
i. Report the availability, capacity, and performance of the security infrastructure 1259
and services for which ES is responsible. (CDRL A007 – Monthly Status Report) 1260
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
55
ii. Provide access and resources (e.g., personnel, equipment, and tools) to authorized 1261
third party evaluators performing vulnerability evaluations [e.g., Independent 1262
Verification and Validation (IV&V)]. 1263
iii. Update SCM tools and database signature files every two weeks or as necessary. 1264
In the event of GDA, start implementation to update signature files within 24 1265
hours. 1266
1267
The TXS Contractor shall: 1268
a. Maintain SCM of TXS IA devices (e.g., IPS and firewall) in collaboration with the ES 1269
Contractor. 1270
b. Analyze TXS systems and networks to identify potential security weaknesses and 1271
exposures to known threats. 1272
c. Implement IA vulnerability alerts, bulletins, and technical advisories for TXS 1273
components per Government direction. 1274
i. Report status of implementation progress. (CDRL A007 – Monthly Status Report) 1275
ii. Recommend design, plan, and implementation actions for TXS security 1276
components as required by each of the Cyber Readiness Conditions and execute 1277
Government approved actions. 1278
1279
3.3.6.1 Security Operations Center (SOC) Services 1280
Security Operations Center (SOC) is a centralized unit in an organization that deals with 1281
organizational and technical security issues. The SOC provides security situational awareness of 1282
the myriad of networks, systems, and applications and defends that grid from potential cyber 1283
threats. SOC services include functions such as planning, management, testing, implementation, 1284
maintenance, operation, reporting, and upgrading. All IA policies and regulations are listed in 1285
Section 2. 1286
1287
The ES Contractor shall: 1288
a. Maintain the IA Common Operational Picture (COP) on NGEN system status consoles. 1289
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
56
b. Investigate suspicious activities and classify incidents in accordance with CJCSI 6510 1290
series and NGEN Incident Management process described in the NPDM. 1291
c. Report suspicious activities via the incident ticket tracking system, in accordance with the 1292
NGEN Incident Management process described in the NPDM. 1293
d. Generate, archive, and provide Government access to activity and event component logs 1294
as directed by the Computer Network Defense Security Provider (CNDSP): 1295
i. Provide an automated logging aggregation system that compresses, correlates, and 1296
provides for an analysis of logged data from Government identified sources (e.g., 1297
host audits, networks, and HBSS). 1298
ii. Monitor and analyze logs to identify unauthorized or illegal activity. 1299
iii. Provide access to the CNDSP to enable and support data mining for the 1300
correlation of security events. 1301
iv. Collect, archive, and provide access to all NGEN transactional information 1302
captured during the auditing process. 1303
v. Retain security audit data in accordance with DoDI 8500.2 Controls. 1304
e. Support and comply with Government directed CND Response Actions (RAs): 1305
i. Evaluate the impact of Government directed configuration changes. 1306
ii. Provide a written assessment of adverse impacts to end user services and potential 1307
Course of Actions (COAs). (CDRL A028 – Technical Report) 1308
f. Comply with formal security classification and Operational Security (OPSEC) guidance 1309
related to generation, transmission, storage, and destruction of CND related incidents, 1310
countermeasures, and vulnerabilities. 1311
g. Provide a single point of contact, by name, to receive, report, and manage all Information 1312
Assurance Vulnerability Management (IAVM) alerts: 1313
i. Implement a process for emergency IAVM alerts to accommodate accelerated 1314
timelines. 1315
ii. Report status through the designated Government reporting mechanisms [i.e. 1316
Online Compliancy Reporting System (OCRS) and Vulnerability Management 1317
System (VMS)]: 1318
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
57
a) Provide Incident and Event reporting. (CDRL A029 – Service Operations 1319
Reports) 1320
b) Report on IAVM compliance. (CDRL A007 – Monthly Status Report) 1321
c) Provide incident logs. (CDRL A007 – Monthly Status Report) 1322
The TXS Contractor shall: 1323
a. Utilize the following audit and monitoring technologies for IA and CND to CNDSP(s) as 1324
directed by the Government for TXS security components. 1325
i. Security Event Correlation Tools to enable the Government to determine 1326
compliance of system activities in accordance with security policies. 1327
ii. Computer Forensic Tools to identify, extract, preserve, and document computer-1328
based evidence. 1329
iii. Capture of all transactional information during the auditing process and retain 1330
security audit data. 1331
b. Comply with the CND and SOC services policies and guidance. 1332
1333
3.3.6.2 Data at Rest (DAR) Services 1334
Data at Rest (DAR) Services is a protection system comprised of the HW and SW used to encrypt 1335
stored data. All IA policies and regulations are listed in Section 2. 1336
1337
The ES Contractor shall: 1338
a. Provide DAR services on all NGEN NIPRNet end user end points using DoD-approved 1339
solutions. 1340
i. Encrypt all end user partitions using full disk encryption, content protection, or an 1341
equivalent DoD-approved encryption system. 1342
ii. Authenticate end users with their DoD-approved smart card prior to loading the 1343
disk encryption key and booting the operating system. 1344
b. Encrypt all data written to removable storage media. 1345
c. Provide Government access to DAR encryption keys (e.g., a workstation encryption key), 1346
DAR administrator credentials, and DAR management servers and databases. 1347
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
58
d. Provide forensic-level data recovery services when end user hard disks or the DAR full 1348
disk encryption solution fails and those end points are without an automated client data 1349
backup and restore services. 1350
1351
3.3.6.3 Network Cryptography Services 1352
Network Cryptography Services is the use of encryption technology to cryptographically 1353
separate information at different levels of classification that permits that information to be 1354
communicated via a common infrastructure and even “tunneled” across a non-secure public 1355
Internet. This service does not include multi-level security. All IA policies and regulations are 1356
listed in Section 2. 1357
1358
The ES Contractor shall provide and maintain Government approved enterprise client SW. 1359
1360
The TXS Contractor shall: 1361
a. Operate and maintain Virtual Private Network (VPN) connections between all points of 1362
presence for the unclassified network. 1363
b. Operate and maintain Government provided Type 1 encryption when supporting 1364
classified and coalition networks. 1365
i. Encrypt all classified traffic on a base, post, or station with Type 1 Encryption 1366
when PDS is not available. 1367
ii. Encrypt all classified traffic (voice, video, and data) across the Wide Area 1368
Network (WAN) with Type 1 Encryption. 1369
c. Manage and safeguard Government provided encryption products and keying materials in 1370
accordance with the Navy’s Electronic Key Management System (EKMS) Policy and 1371
Procedures Manual, EKMS 1(Series). No other policies or procedures are authorized. 1372
d. Implement bulk encryption for Government-directed transmission channels in accordance 1373
with CJCSI 6510.01F. 1374
e. Implement bulk encryption within the United States Pacific Command’s (USPACOM’s) 1375
Area of Responsibility (AOR) for all transmission channels in accordance with the 1376
current USPACOM’s policy and guidance for protection of transmission channels. 1377
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
59
Unless otherwise directed by the Government, other non-contiguous sites shall also be 1378
covered by USPACOM policy and guidance for protection of transmission channels. 1379
f. Provide and maintain government approved boundary VPN HW and SW including (e.g.): 1380
i. Cryptographic modules. 1381
ii. Key generation. 1382
iii. Key distribution-DoD medium assurance PKI for public key distribution using 1383
class 4, X.509 version 3 certificates, with HW tokens for protection of private 1384
keys. This requirement applies to system administrators, security administrators, 1385
and remote end users. 1386
iv. PKI tokens to DoD PKI roadmap and FIPS 171 key management using American 1387
National Standard Institute (ANSI) X9.17. 1388
v. Internal device Key destruction. 1389
vi. Data encryption-Either 128-bit Advanced Encryption Standard (AES) (FIPS pub 1390
197), 3- DES (FIPS pub 46-3), Elliptical Curve Digital signature Algorithm 1391
(ECDSA), or current DoD cryptographic standard. 1392
vii. Protocol-Internet Engineering Task Force IPSec RFC 4301 and 4303, 1393
Encapsulated Security Protocol (ESP) tunnel mode only. The Authentication 1394
Header (AH) will not be implemented. 1395
a) Signature functions- Rivest, Shamir, & Adleman (RSA) (public key 1396
encryption technology) per Public Key Crypto Standard (PKCS-1) with 1397
cryptographic key size modules of at least 1024 bits/group 2, e=65537 1398
meeting ANSI standards or DSS FIPS 186-3. 1399
viii. Key exchange functions Diffie-Helman algorithm and cryptographic key size of 1400
1024 bits/IPSec group 2, or 1536/IPSec Group 5 meeting IETF RFCs 4869, 4301, 1401
4303, and 4306, for IPSec Internet Key Exchange, tunnel mode, main mode, and 1402
public key signatures. 1403
1404
3.3.7 Boundary, Demilitarized Zone (DMZ), and Communities of Interest (COI) Services 1405
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
60
Boundary, Demilitarized Zone (DMZ), and Communities of Interest (COI) Services provide 1406
protection to NGEN, including the management and operation of the boundaries. All IA policies 1407
and regulations are listed in Section 2. 1408
1409
Defense-in-Depth includes defense mechanisms at each of the 5 boundaries: 1410
a. Transport Boundary: Internal facing intranet transport. 1411
b. Boundary 1 (B1): Trusted to Un-trusted WAN. 1412
c. Boundary 2 (B2): Trusted to Trusted Network (e.g., ONE-NET and IT-21). 1413
d. Boundary 3 (B3): Communities of Interest (COI). 1414
e. Boundary 4 (B4): Application and host level. 1415
1416
Boundary, Demilitarized Zone (DMZ), and Communities of Interest (COI) Services are shared 1417
services. The TXS Contractor is designated as the primary service provider, and the ES 1418
Contractor is designated as the supporting service provider. The Contractors shall collaborate 1419
with each other and any other service providers to provide common management of the services 1420
described below. 1421
1422
The ES Contractor shall: 1423
a. Update and maintain the end-to-end security architecture design for boundaries, DMZs, 1424
and COIs in coordination with the TXS Contractor. 1425
b. Operate and maintain ES assigned boundary, DMZ, and COI components. 1426
1427
The TXS Contractor shall: 1428
a. Operate and maintain the NGEN security boundaries: 1429
i. B1 security boundaries between NGEN and the NIPRNet or SIPRNet. 1430
ii. B2 boundaries between NGEN and other networks. 1431
iii. B3 boundaries between NGEN and specified NGEN COIs. 1432
iv. Unclassified and classified transport boundaries that connect all NGEN sites. 1433
v. Deployable Site Transport Boundaries (DSTBs). 1434
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
61
b. Provide the transport components to support the implementation, operations, and 1435
maintenance of training classrooms at existing Naval Education and Training Command 1436
classroom locations. Maintain a COI network solution that supports access to NGEN 1437
training resources from other networks and NGEN electronic classroom seats. 1438
c. Provide its portion of the end-to-end architecture design documentation to the ES 1439
Contractor for incorporation into to the architecture documents submitted to the 1440
Government. 1441
1442
3.3.7.1 External Network Interface Services 1443
External Network Interface Services provide a network interface between the NGEN enclave and 1444
the Defense Information Systems Network (DISN) NIPRNet and SIPRNet, DoD DMZ, ONE-1445
NET, IT-21, Consolidated Afloat Network and Enterprise Services (CANES), commercial 1446
internet service providers, Defense Switched Network (DSN), and other networks. 1447
1448
The ES Contractor shall provide up-to-date situational awareness of external interface services, 1449
devices, and resources associated with service and network deep packet inspection including: 1450
a. Behavior-based intrusion detection. 1451
b. Malware inspection. 1452
c. Uniform Resource Locator (URL) filtering. 1453
d. Hypertext Transfer Protocol (HTTP) filtering. 1454
e. Hypertext Transfer Protocol Secure (HTTPS) inspection. 1455
1456
The TXS Contractor shall: 1457
a. Provide Tier 2 and 3 Service Desk end user support for network services including 1458
network recovery. 1459
b. Provide B1 solutions to support Layer 2 and Layer 3 VPN, with the capability to 1460
remotely manage, monitor, and administer network interfaces from the Navy NOCs. 1461
c. Maintain classified and unclassified B1 configurations to comply with Navy Ports, 1462
Protocols, and Services (NPPS) Category Assurance for network access, DISA Enclave 1463
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
62
Single Technical Implementation Guide (STIG), IA Vulnerability Management (IAVM) 1464
notices, and the DoD Ports, Protocols, and Services Category Assurance List. 1465
i. Operate and maintain B1 Citrix terminal services interfaces that support secure 1466
Layer 2 and Layer 3 traffic and protocol, and allow Citrix traffic from Science 1467
and Technology (S&T) seats to the server farms. 1468
d. Operate and maintain logical or physical interfaces to the DSN for basic voice transport 1469
from premise switches that are either part of a campus or Base Area Networks (BANs). 1470
e. Operate and maintain B1 network interfaces to local telephone line Incumbent Local 1471
Exchanges Carriers (ILECs), Competitive Local Exchange Carriers (CLECs), and Inter-1472
Exchange Carriers (IECs) via T1 interfaces that support an Integrated Services Digital 1473
Network - Primary Rate Interface (ISDN-PRI). 1474
f. Install, operate, and maintain Generic Transport Service Extension (GTSE) services. 1475
i. Implement GTSE to support unfiltered connectivity to NIPRNet from the NOC 1476
premise router. 1477
ii. Configure network devices to allow proper routing of GTSE traffic. 1478
1479
3.3.7.2 Maritime Operations Center (MOC) and Command and Control (C2) Services 1480
MOCs support the Navy’s Command and Control (C2) mission through interoperable Command, 1481
Control, and Communications (C3) systems. The MOC provides a flexible, robust command 1482
center capability that directs maritime operations and collaborates with joint, interagency, and 1483
multinational partners. There are a total of five MOCs in the Continental United States 1484
(CONUS) and Hawaii that together form a network to support the Navy’s C2 of forces at the 1485
operational level. There is also a separate C2 center in Hawaii that supports the USPACOM HQ 1486
21. 1487
1488
The Contractors shall provide local onsite component support at each MOC location and at 1489
USPACOM HQ 21. 1490
1491
3.3.7.3 Demilitarized Zone (DMZ) Services 1492
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
63
A Demilitarized Zone DMZ is a logical and physical framework that allows protected access to 1493
resources from both internal and external networks. An e-DMZ Extension, for the purpose of 1494
this document, is a combination of hardware and software that creates a logical addition from a 1495
different physical facility to 1) the DMZ resources; or, 2) a single zone in the e-DMZ. 1496
1497
The ES Contractor shall operate and maintain public facing servers. 1498
1499
The TXS Contractors shall: 1500
a. Operate and maintain interfaces to the external firewall that permit allowable data 1501
communications between the DMZ and the external network. 1502
b. Operate and maintain interfaces to an internal firewall to allow communication between 1503
the public and private zones. 1504
c. Operate and maintain the remote management for DMZ infrastructure devices. 1505
d. Operate and maintain the NGEN DoD DMZ Extension infrastructure components to 1506
support standard and mission critical levels of availability and performance at the three 1507
NOCs, all e-DMZ extensions, and all e-DMZ Zone extensions. 1508
e. Configure static and routable IP addresses in public zones. 1509
f. Enable VPN connections to extend public zones to DMZ Extensions. 1510
g. Configure and maintain approved NGEN end user access into the DMZ. 1511
h. Enable VPN connections to extend private zones to DMZ Extensions. 1512
i. Operate and maintain NGEN DMZ Intrusion Prevention Systems. 1513
j. Maintain redundant switches and dual Network Interface Cards (NICs) to provide 1514
alternate paths within the DMZ. 1515
k. Maintain a Network Access Translation (NAT) capability to support the IP space 1516
required for DMZs and B3 COIs. 1517
l. Encrypt traffic via Internet Protocol Security (IPsec) tunnels established between the 1518
DMZ firewalls and firewalls used at the perimeter of the extension security zones to 1519
maintain appropriate security posture. 1520
m. Coordinate with ES contractor to design, implement, and maintain the TXS components 1521
of the end-to-end security architecture. 1522
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
64
n. Operate and maintain asymmetric application acceleration to load balance servers in the 1523
public facing zones. 1524
1525
3.3.7.4 Deployable Site Transport Boundary (DSTB) Services 1526
Deployable Site Transport Boundary (DSTB) services consist of NGEN components that 1527
augment existing services to provide a mobile virtual NGEN environment. A single DSTB 1528
contains hardware and software for switches, routers, VPN and WAN equipment, and associated 1529
spares. 1530
1531
The ES Contractor shall apply software and security patches for all assigned components or 1532
elements at least once a month during deployment. 1533
1534
The TXS Contractor shall: 1535
a. Configure components for new DSTBs. 1536
b. Maintain and operate DSTB components. 1537
c. Perform preventative and corrective maintenance on elements of DSTBs prior to 1538
deployment. 1539
d. Maintain non-deployed components for DSTBs. 1540
e. Apply software and security patches for all assigned components or elements at least 1541
once a month during deployment. 1542
f. Deliver TXS equipment and pack-up kits in coordination with the Government to end 1543
users and commands for the support of deployed units at non-NGEN sites or for use 1544
across network management domains. 1545
1546
3.3.8 Malware Detection and Protection Services 1547
Malware Detection and Protection (MDP) Services provide end-to-end network-based and host-1548
based (server and client) anti-malware capabilities. MDP services use a range of DoD approved 1549
software and hardware appliances throughout NGEN to enhance its security architecture. 1550
Centralized management and reporting are included as part of MDP services. All IA policies 1551
and regulations are listed in Section 2. 1552
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
65
1553
Malware Detection and Protection (MDP) are shared services. The ES Contractor is designated 1554
as the primary service provider, and the TXS Contractor is designated as the supporting service 1555
provider. The Contractors shall collaborate with each other and any other service providers to 1556
provide common management of the services described below: 1557
a. Operate and maintain DON approved anti-malware detection and prevention solutions on 1558
all assigned equipment. 1559
i. Take corrective action as directed by the Government to malware alerts. 1560
ii. Scan installed storage devices at least every 30 days or upon GDA. 1561
a) Scan files and data dynamically as they are accessed. 1562
1563
In addition to the above, the ES Contractor shall: 1564
a. Monitor and conduct incident response to alerts generated by the anti-malware software. 1565
i. Provide the Government with automatic malware alert feeds in a method and 1566
format compatible with the Government Computer Network Defense (CND) 1567
systems. No other malware reports should be generated without the authority of 1568
the Navy CNDSP(s). 1569
ii. Conduct a one-time full system scan within 45 days of completing transition as 1570
described in the Transition Services section of the PWS. 1571
iii. Conduct a full system scan of specific workstations and servers upon GDA. 1572
iv. Actively investigate newly discovered or emerging anti-malware that affects 1573
system devices. 1574
v. Monitor anti-malware organization advisories and websites. 1575
vi. Operate and maintain boundary anti-malware capabilities to protect servers, 1576
services, and end points by integrating and correlating the following: 1577
a) URL filtering. 1578
b) Anti-malware inspection. 1579
c) Intrusion prevention. 1580
d) Application and network-layer firewall. 1581
e) HTTP and HTTPS inspection. 1582
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
66
1583
3.3.9 Security Event Management (SEM) Services 1584
SEM Services provide the ability to monitor and correlate security events that are generated 1585
from identified networked devices and sensors such as firewalls, IPSs, and anti-malware within 1586
NGEN using Government approved filtering strategies and designs. All IA policies and 1587
regulations are listed in Section 2. 1588
1589
SEM Services are shared services. The ES Contractor is designated as the primary service 1590
provider, and the TXS Contractor is designated as the supporting service provider. The 1591
Contractors shall collaborate with each other and any other service providers to provide common 1592
management of the services described below. 1593
1594
The ES Contractor shall provide SEM data correlation and analysis reporting for all NGEN IA 1595
sensors and capabilities including (e.g., IPSs, anti-malware, scanners, and HBSS). (CDRL A028 1596
– Technical Report) 1597
1598
The TXS Contractor shall provide near real-time data feeds from designated TXS systems to the 1599
SEM system. 1600
1601
3.3.9.1 Intrusion Management Services 1602
Intrusion management refers to the process of utilizing an intrusion detection and prevention 1603
product that will collect security intrusions events from NGEN to comply with DON directives, 1604
analyze network traffic, and provide personnel with a centralized security event view. 1605
1606
The ES Contractor shall: 1607
a. Implement updated signatures on the NGEN Sensor Grid as soon as possible and no later 1608
than 24 hours after approval. 1609
b. Provide IAVM and analysis services: 1610
i. Conduct routine vulnerability scans twice a month using DoD standards, 1611
commercially equivalent tools, or other tools as directed by the Government. 1612
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
67
a. Utilize the latest Government approved and provided configuration and 1613
definition files. 1614
b. Analyze and provide results of the vulnerability scan. (CDRL A028 – 1615
Technical Report) 1616
c. Remediate software vulnerabilities and system misconfigurations 1617
identified in routine scans, unless otherwise approved by the Government. 1618
i. Provide a Plan of Actions and Milestones (POA&M) if the 1619
remediation actions cannot be accomplished by the assigned 1620
completion date. 1621
d. Remediate vulnerabilities and misconfigurations identified by approved 1622
external network assessments. 1623
i. Provide a POA&M if the corrective actions cannot be 1624
accomplished by the assigned completion date. 1625
ii. Implement Government directed signatures within 24 hours in rapid deployment 1626
scenarios (e.g., zero day vulnerabilities). 1627
c. Conduct host based intrusion detection monitoring and prevention on all devices that 1628
support HBSS: 1629
i. Provide administrator access on the HBSS management servers to the designated 1630
Government POCs. 1631
ii. Implement only Government approved policies, configurations, and signatures on 1632
the host based sensors and management servers. 1633
iii. Provide data feeds from all HBSS intrusion detection and prevention modules for 1634
incorporation into the HBSS Enterprise Security Incident Management System. 1635
iv. Maintain Government-provided components of HBSS at the most current 1636
baseline, in accordance with USCYBERCOM and DON policy. 1637
v. Implement additional HBSS modules as approved by the Government. 1638
vi. Provide an operational status report of the HBSS managers and related SW 1639
repository servers to the Government. (CDRL A007 – Monthly Status Report) 1640
1641
The TXS Contractor shall: 1642
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
68
a. Configure, operate, and maintain the TXS elements of the NGEN Sensor Grid within the 1643
security infrastructure to provide intrusion signature data from multiple sources [e.g., 1644
firewalls, Intrusion Prevention Systems (IPSs), and Intrusion Detection Systems (IDSs)]. 1645
b. Operate and maintain TXS components of the CND systems (e.g., firewalls, IPS, and 1646
IDS): 1647
i. Update sensor software in accordance with the NGEN Change Management 1648
process described in the NPDM. 1649
ii. Provide access to the Government for the review of sensor or appliance log data 1650
as required. 1651
1652
3.3.9.2 Security Incident Handling Services 1653
CJCSI 6510.01 defines reportable incidents and outlines a standard operating procedure for 1654
incident response and management. 1655
1656
The Contractors shall: 1657
a. Provide incident response isolation for a specified network or system device upon 1658
Government provided direction to each Contractor’s designated POCs. 1659
i. Within 30 minutes for servers. 1660
ii. Within 15 minutes for end points. 1661
b. Provide evidence collection: 1662
i. Capture electronically volatile incident data within 1 hour of Government 1663
direction. 1664
ii. Provide magnetic and optical media related to a network incident utilizing the 1665
Government chain of custody procedures. 1666
iii. Support the restoration of network and system devices to the approved baseline. 1667
1668
In addition to the above, the ES Contractor shall: 1669
a. Develop, operate, and maintain a Computer Network Defense (CND) Incident and Event 1670
Reporting System that provides automated ticket forwarding to the reporting CNDSP 1671
either by direct interface or Extensible Markup Language (XML) output. 1672
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
69
i. Implement and maintain data feeds that meet all CNDSP reporting requirements 1673
and other supporting directives promulgated by the CNDSP. 1674
ii. Provide Contractor-acquired information to the CNDSP; additional disclosures 1675
cannot be made without Government approval. 1676
1677
3.3.9.3 Audit and Accountability Services 1678
Audit and Accountability Services provide for the collection and analysis of security data records 1679
to privileged access areas (e.g., end user permissions and system access history). 1680
1681
The ES Contractor shall: 1682
a. Develop and maintain a log audit system in accordance with DoD and DON policy and 1683
guidance. 1684
b. Monitor and analyze logs to identify unauthorized, illicit, or otherwise unwanted activity 1685
as directed by the Government. 1686
c. Capture transactional information during the auditing process as directed by the 1687
Government. 1688
1689
The TXS Contractor shall provide data feed of audit log data to the ES Contractor to develop an 1690
NGEN audit log system in accordance with DoD and DON policy. 1691
1692
3.3.10 Security and IT Certification and Accreditation (C&A) Services 1693
NGEN Security and IT Certification and Accreditation (C&A) Services execute the DoD 1694
Information Assurance Certification and Accreditation Process (DIACAP), in accordance with 1695
the DON DIACAP Handbook and the NGEN Enterprise Accreditation Strategy to provided as 1696
an attachment in Section J. The program maintains accreditation boundaries and solutions for 1697
twenty-seven components. All IA policies and regulations are listed in Section 2. 1698
1699
Security and IT Certification and Accreditation (C&A) Services are shared services. The ES 1700
Contractor is designated as the primary service provider, and the TXS Contractor is designated 1701
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
70
as the supporting service provider. The Contractors shall collaborate with each other and any 1702
other service providers to provide common management of the services described below: 1703
a. Submit proposed updates to the accreditation boundary ATO approval cycle for 1704
stakeholder review. All sections of the Enterprise DIACAP Plan (EDP) must be 1705
reviewed and updated prior to the expiration of the Authority to Operate (ATO). (CDRL 1706
A018 - DoD Information Assurance Certification and Accreditation Package) 1707
1708
In addition to the above, the ES Contractor shall: 1709
a. Prepare certification packages in accordance with DoD and DON security policies and 1710
requirements, as well as the NGEN Enterprise Accreditation Strategy. 1711
b. Conduct C&A testing in accordance with the NGEN Enterprise Accreditation Strategy, 1712
the DIACAP Implementation Plan (DIP), and other Government provided test plans. 1713
c. Participate in NGEN Technical Interchange Meetings, Conferences, and Workshops as 1714
directed by the Government POC e.g.: 1715
i. Certification Solution Review (CSR) for Architecture and Engineering (A&E) 1716
solutions. 1717
ii. Enterprise Configuration Control Board (ECCB). 1718
iii. Enterprise Residual Risk Panel (ERRP). 1719
iv. Security and Technical Accreditation Boundary Action Group and subgroups. 1720
v. Operational Designated Accrediting Authority (ODAA). 1721
vi. Designated Accrediting Authority (DAA). 1722
d. Implement accreditation boundary change requests following the established processes as 1723
outlined in the Navy Ports, Protocols, and Services (NPPS) Manual. 1724
e. Verify automated systems comply with security requirements and are accredited by the 1725
Operational Designated Accrediting Authority (ODAA) and the Designated Accrediting 1726
Authority (DAA) Command, Control, Communications, and Computers (C4) prior to 1727
operating in the production environment. 1728
f. Support the Government in the role of Validator and Certification Agent by conducting 1729
site visits, Information Assurance Manager (IAM) interviews, as well as Security Test 1730
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
71
and Evaluations using Government provided test plans, building walkthroughs, and 1731
physical security inspections for room certifications. 1732
g. Submit C&A documentation to the Government in accordance with the DON DIACAP 1733
Handbook no later than seventy (70) days prior to packet submission impact date. 1734
(CDRL A018 - DoD Information Assurance Certification and Accreditation Package) 1735
i. Run tests no earlier than four (4) months prior to package submission. 1736
ii. Upload results to the IA Tracking Status (IATS) or available C&A tool. 1737
h. Perform Security Test and Evaluation (ST&E) in accordance with Government provided 1738
test plans. 1739
i. Support Independent Test and Audit Teams evaluations on systems or networks to verify 1740
and determine the extent a particular design and implementation meets a set of specified 1741
security requirements. Provide the Teams with the use of assigned servers to run remote 1742
scans and support of on-site POCs. Collaborate with the Government to collect and 1743
analyze test data and remediate findings. 1744
j. Participate in a weekly Production Conference Call to provide the status of all C&A 1745
packages in process and the resolution of issues impacting those packages. 1746
k. Evaluate proposed new products and protocols for impacts to C&A. 1747
l. Provide the Government architecture documentation, risk assessments, and risk 1748
mitigation plans to support DIACAP accreditation. 1749
m. Assist the Government in the transition from the Issue and Action Tracking System 1750
(IATS) to a future approved C&A tool set. 1751
n. Submit C&A packages to the Government for approval (CDRL A018 - DoD Information 1752
Assurance Certification and Accreditation Package): 1753
i. Package accuracy must be 90% on first submission and 100% on second 1754
submission. 1755
ii. All packages must be screened by the Contractor using the Government approved 1756
Quality Assurance Plan. Report weekly Quality Assurance metrics agreed to with 1757
the Government. 1758
iii. Achieve ATO for all sites granted Interim Authority to Operate (IATO) prior to 1759
expiration of the IATO. 1760
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
72
o. Review U.S. Cyber Command (USCC) Coordinated Alert Messages and verify that 1761
NGEN sites are not identified as within 30 calendar days of IATO expiration. This 1762
requirement does not apply to Interim Authority to Test (IATT) sites. 1763
p. Populate C&A templates per DIACAP requirements. 1764
b. Provide annual forecast of packages to be delivered to the Government for C&A 1765
decisions and update the forecast monthly. (CDRL A018 - DoD Information Assurance 1766
Certification and Accreditation Package) 1767
q. Provide C&A status reports. (CDRL A007 - Monthly Status Report) 1768
r. Provide accreditation boundary documentation. (CDRL A018 - DoD Information 1769
Assurance Certification and Accreditation Package) 1770
s. Attend the Integration Certification Solution Review Board on behalf of the NGEN 1771
Program Manager and the NGEN Chief Engineer. 1772
t. Provide NGEN certification documentation [e.g., scans, Requirements Traceability 1773
Matrices (RTMs), or DoD Architecture Framework (DODAF) documents] for solutions 1774
being certified for inter-network use. 1775
u. Provide security design management control of NGEN core build processes for servers, 1776
services, and end points. 1777
v. Coordinate C&A packages with the TXS Contractor. 1778
1779
In addition to the above, the TXS Contractor shall: 1780
a. Support the development of certification packages in coordination with the ES Contractor 1781
and other service providers and in accordance with DoD and DON Security Policies and 1782
Requirements, as well as the NGEN Enterprise Accreditation Strategy. Support the 1783
development of certification packages at three (3) levels of C&A: 1784
i. Systems and projects for incremental changes and improvements. 1785
ii. Site installations. 1786
iii. Enterprise. 1787
b. Support the annual review of certification packages in coordination with the ES 1788
Contractor and other service providers. 1789
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
73
c. Ensure automated systems comply with security requirements and are accredited by the 1790
Navy's ODAA prior to processing classified or sensitive unclassified data. 1791
d. Conduct C&A testing on TXS systems in accordance with the NGEN Enterprise 1792
Accreditation Strategy, the DIACAP Implementation Plan (DIP), and other Government 1793
provided test plans. 1794
e. Support the Government in the role of Validator and Certification Agent by conducting 1795
evaluations on systems or networks to verify and determine the extent a particular design 1796
and implementation meets a set of specified security requirements. 1797
f. Participate in NGEN Technical Interchange Meetings, Conferences, and Workshops as 1798
directed by the Government POC e.g.: 1799
i. Certification Solution Review (CSR) for Architecture and Engineering (A&E) 1800
solutions. 1801
ii. Enterprise Configuration Control Board (ECCB). 1802
iii. Enterprise Residual Risk Panel (ERRP). 1803
iv. Security and Technical Accreditation Boundary Action Group and subgroups. 1804
v. Security engineering reviews. 1805
g. Execute accreditation boundary change requests following the established processes as 1806
outlined in the Navy Ports, Protocols, and Services (NPPS) Manual. 1807
h. Review compliance with all non-inheritable IA Controls for each site (i.e., each Physical 1808
Site Indicator (PSI) Code and all tenant commands there) annually. 1809
i. Support site Validation testing in accordance with the Government provided test plan for 1810
each site by PSI Code for all non-inheritable IA controls applicable to that site. 1811
j. Produce and provide to the ES Contractor C&A related information, including detailed 1812
site topology drawings and other documentation such as the SIPRNet and NIPRNet 1813
Connection Questionnaire required by DISA for Approval to Connect to the GIG. (CDRL 1814
A012 – As-Built and Network Topology Drawings) 1815
k. Provide to the ES Contractor updates to the Enterprise System Security Authorization 1816
Agreement (eSSAA) document and its successor, the Enterprise DIACAP Plan (EDP) 1817
when implemented quarterly. 1818
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
74
l. Submit proposed updates to the stakeholders (e.g., DAAs and CAs) for review and 1819
approval. 1820
m. Provide to the ES Contractor approved updates for inclusion in the Enterprise Security 1821
Architecture. 1822
1823
3.3.11 Authentication and Authorization Services 1824
Authentication and Authorization Services provides end user credential authorization and 1825
required access in accordance with applicable DoD policies. All IA policies and regulations are 1826
listed in Section 2. 1827
1828
Authentication and Authorization Services are shared services. The ES Contractor is designated 1829
as the primary service provider, and the TXS Contractor is designated as the supporting service 1830
provider. The Contractors shall collaborate with each other and any other service providers to 1831
provide common management of the services described below. 1832
1833
3.3.11.1 Identity and Access Management (IdAM) and Public Key Infrastructure (PKI) Services 1834
The ES Contractors shall: 1835
a. Implement strong authentication. 1836
b. Deploy, operate, and maintain an internal certification authority infrastructure to issue 1837
PKI certificates as needed to augment Government PKI certificate issuance capabilities. 1838
c. Manage certificate trusts and certificate stores on all NGEN end points, domain 1839
controllers, servers, and network components, as directed by the DON network 1840
operations authorities. 1841
d. Deploy, operate, and maintain an internal certificate validation (e.g., Online Certificate 1842
Status Protocol) infrastructure to provide certificate revocation status for PKI certificates 1843
issued from the DoD, DON, and DoD-approved external PKIs. 1844
e. Validate revocation statuses of PKI certificates using the NGEN certificate validation 1845
infrastructure or the DoD Robust Certificate Validation Services (RCVS). 1846
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
75
f. Minimize certificate validation-related network traffic (e.g., certificate revocation list 1847
download requests) bound for PKIs external to NGEN through the use of web proxies 1848
and caching. 1849
g. Develop and obtain DAA approval for Certificate Policies and Certificate Practice 1850
Statements governing the operation of the NGEN certification authority and certificate 1851
validation infrastructures. 1852
h. Support the Department of Defense (DoD) smart card and the United States Navy (USN) 1853
ALT on the NGEN. 1854
i. Support Personal Identity Verification (PIV) cards issued by DoD-approved Federal 1855
Agencies and PIV-Interoperable (PIV-I) cards issued by DoD-approved industry partners 1856
on NGEN. 1857
j. Support the DoD SIPRNet Token. 1858
k. Participate in DoD testing and evaluation of smartcard platforms. 1859
l. Obtain and use Government-furnished smart card credentials for all NGEN Contractor 1860
and Sub-Contractor accounts. 1861
m. Authenticate all end users to access the NGEN network and network services, 1862
applications, resources, and components using only PKI-based authentication. 1863
n. Configure and deploy smart card readers with every end point, mobile devices, servers, 1864
and network components from which end users authenticate, encrypt, or digitally sign. 1865
o. Deploy and maintain any necessary middleware or software to support deployed smart 1866
card readers. 1867
p. Deploy and maintain a web-based, self-service tool for end users to establish and manage 1868
the relationship between the PKI certificate(s) on their smartcard and their network 1869
account. 1870
q. Publish end users' PKI encryption certificates automatically to network directory 1871
services. 1872
r. Provide digital signature and encryption capabilities for all NGEN electronic mail 1873
services. 1874
s. Install and maintain PKI machine (i.e., non-person entity) certificates on all NGEN end 1875
points, domain controllers, servers, network components, and applications. 1876
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
76
t. Perform Local Registration Authority (LRA) functions to augment DON LRA 1877
capabilities. 1878
u. Develop, publish, and maintain on Homeport instructions for end users on smart cards 1879
and PKI certificates for network Log on, email message digital signature and encryption, 1880
and authentication to public-key enabled services. 1881
v. Operate and maintain authentication and authorization services on both classified and 1882
unclassified networks in compliance with DoD PKI initiatives. 1883
i. Implement Identity and Access Management (IdAM) in accordance with 1884
Information Sharing Environment Guidance (ISE-G-101). 1885
ii. Comply with DoD and DON policy to provide Cryptographic Log-On (CLO) for 1886
network authentication. 1887
iii. Comply with Government direction to provide a DON login mechanism that 1888
includes an end user name and password combination for enterprise assets that do 1889
not support CLO. 1890
w. Obtain and comply with current regulations, policy, and guidance for the implementation 1891
of the IdAM schema and access control mechanism. Maintain the established identity 1892
attribute schema with DAR. 1893
1894
The TXS Contractor shall: 1895
a. Implement Identity and Access Management (IdAM) for TXS assigned infrastructure and 1896
services in accordance with Information Sharing Environment Guidance (ISE-G-108 19 1897
Dec 2008). 1898
b. Provide Cryptographic Log on (CLO) for access to all TXS services and infrastructure. 1899
c. Provide a login mechanism consisting of an end username and password for all TXS 1900
assigned infrastructure assets that do not support CLO. 1901
d. Limit consecutive unsuccessful access attempts to access a TXS assigned infrastructure 1902
item to three. 1903
e. Display an approved system use notification message before granting system access to 1904
the TXS information systems. 1905
f. Maintain session locking for account inactivity on the TXS assigned infrastructure. 1906
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
77
g. Maintain a Government-approved trust relationship structure. 1907
h. Utilize two-factor authentication provided by DoD issued smart cards or Alternate Log 1908
on Tokens (ALT). 1909
i. Provide this capability for technology-refreshed devices. 1910
ii. Obtain prior Government approval for deviations from this requirement. 1911
i. Obtain and install required non-DoD issued X.509-class certificates from ES Enterprise 1912
Certificate Authority (CA) and Online Certificate Status Protocol (OCSP) instances. 1913
1914
3.3.12 Network Access Control (NAC) Services 1915
The Network Access Control (NAC) Services (IEEE 802.1X) are comprised of hardware and 1916
software used to provide device discovery and rogue device prevention. NAC Services check 1917
host machines for IA compliance before allowing access to the network. Non-compliant hosts 1918
are remediated before an NGEN IP address is issued [Dynamic Host Configuration Protocol 1919
(DHCP)] and a NGEN network connection is made. All IA policies and regulations are listed in 1920
Section 2. 1921
1922
NAC Services are shared services. The ES Contractor is designated as the primary service 1923
provider, and the TXS Contractor is designated as the supporting service provider. The 1924
Contractors shall collaborate with each other and any other service providers to provide common 1925
management of the services described below: 1926
a. Device and End User Discovery - Provide infrastructure and services to implement, 1927
operate, and maintain the NAC end user and device discovery component. 1928
b. Security Scanning and Monitoring - Implement, operate, and maintain the NAC security 1929
scanning and monitoring component. 1930
c. Identity Based Compliance Evaluation and Verification - Implement, operate, and 1931
maintain the NAC identity based compliance component. 1932
d. Network Services – Comply with DoD Security Technical Information Guide (STIG). 1933
e. Remote Diagnostic and Configuration Port Protection - Implement, operate, and maintain 1934
the NAC remote diagnostic and configuration component. 1935
1936
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
78
The ES Contractor shall: 1937
a. Operate and maintain NAC scanning. 1938
i. Perform remediation. 1939
ii. Develop and execute isolation plans 1940
b. Recommend, design, and implement enhanced NAC in alignment with NGEN Integrated 1941
Architecture. 1942
1943
The TXS Contractor shall: 1944
a. Establish and maintain Virtual LANs (VLANs) for ES to scan, remediate, and activate 1945
isolation plans. 1946
b. Implement Port Blocking or port isolation, as directed by the CNDSP, for those clients 1947
that are found to be non-compliant and non-trusted. 1948
1949
3.3.13 Remote Access Services (RAS) 1950
Remote Access Services (RAS) support the design, implementation, operation, and maintenance 1951
of systems required to afford network service and resource access by remote end users. All IA 1952
policies and regulations are listed in Section 2. 1953
1954
RAS are shared services. The TXS Contractor is designated as the primary service provider and 1955
the ES Contractor is designated as the supporting service provider. The Contractors shall 1956
collaborate with each other and any other service providers to provide common management of 1957
the services described below. 1958
1959
The ES Contractor shall: 1960
a. Operate, maintain, and manage the ES components [e.g., Secure Sockets Layer Virtual 1961
Private Network (SSLVPN) client, certificate integration, and enterprise authentication] 1962
to give end users secure access to both the NIPRNet and SIPRNet from remote locations 1963
via cellular access, or commercially available wired and wireless broadband internet 1964
access. ES components of the RAS solution include: 1965
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
79
i. End user SSLVPN client [including integrated Public Key Infrastructure (PKI) 1966
and DoD Smart Card components and capabilities] and RAS supported 1967
middleware. 1968
ii. Enterprise authentication components that integrate remote access capabilities 1969
with the current directory services and PKI infrastructure. 1970
1971
The TXS Contractor shall: 1972
a. Operate and maintain the Virtual Private Network (VPN) infrastructure resident at the 1973
Boundary 1 (B1) that supports end-to-end encryption for both clients and Very Small Site 1974
Design (VSSD) sites enabling end users to establish a secure, encrypted tunnel to NGEN 1975
network resources. 1976
b. Operate and maintain classified RAS for remote access to the Navy classified enclave 1977
with approved remote computing devices via approved Government Furnished Property 1978
(GFP) secure dial up capability and certified Type-1 cryptographic devices. 1979
c. Operate and maintain DON Routing and RAS servers. 1980
d. Integrate, operate, and maintain Government Furnished Equipment (GFE) remote 1981
transport connectivity components for designated Commanders in-flight. 1982
1983
3.3.14 End User Training Services 1984
End User Training Services includes the development and delivery of training to NGEN end 1985
users and network and computing support to Navy classrooms. End User Training Services will 1986
be delivered through classroom instruction, computer labs, computer-based training (CBT), web-1987
based e-learning, and on-the-job training (OJT). 1988
1989
End User Training Services are shared services. The ES Contractor is designated as the primary 1990
service provider and the TXS Contractor is designated as the supporting service provider. The 1991
Contractors shall collaborate with each other and any other service providers to provide common 1992
management of the services described below. 1993
1994
The ES Contractor shall: 1995
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
80
a. Provide assigned service training materials (e.g., Procedures for publishing PKI 1996
certificates to the GAL). 1997
b. Provide end users with web accessible training materials in coordination with the TXS 1998
Contractor. 1999
c. Participate in the quarterly Government-chaired Training Readiness Review Board 2000
(TRRB). 2001
d. Provide classified and unclassified Electronic Classroom Training in accordance with the 2002
Automated Electronic Classrooms Guidelines, NAVEDTRA M-130B. 2003
i. Operate and maintain assigned ECR infrastructure. 2004
ii. Operate and maintain classroom management solution. 2005
e. Develop training solution alternatives and recommendations in accordance with the DoD 2006
Handbook: Instructional Systems Development (ISD)/Systems Approach to Training 2007
(SAT) (MIL-HDBK-29612-2A) and the NGEN Navy Training System Plan (N6-NTSP-2008
E-70-0817). (CDRL A031 – Training Program Documentation) 2009
i. Provide access to training content hosted in NGEN and other Navy networks (e.g. 2010
DMZ). 2011
ii. Provide training content, manuals, and job aids for any ES contractor-provided or 2012
deployed end user hardware and software upgrades procured within the NGEN 2013
ES contract (i.e., not part of the “as-is” baseline). 2014
iii. Operate and maintain the existing automated and Web-based account creation and 2015
management solution that is populated via automated feeds from Government 2016
legacy management systems to Active Directory. 2017
iv. Manage classroom-shared resources to allow and restrict students’ access to 2018
selected resources without reducing the native NGEN IA posture. 2019
f. Operate and maintain classroom management solution. 2020
i. Load authorized training content and curriculum. 2021
ii. Modify classroom workstation configurations and re‐connect to the NGEN 2022
Training COI. 2023
iii. Provide access controls to as well as backup and restoration services of file share 2024
storage data. 2025
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
81
iv. Support both the Integrated Learning Environment (ILE) web based instructional 2026
content and the current inventory of legacy instructional content. 2027
v. Support the “On Demand” web based account creation tool. 2028
vi. Update end user and status of accounts every hour from 0800 to 1800 local time 2029
as well as part of the scheduled nightly updates. 2030
vii. Allocate file share storage space in 50GB increments. 2031
2032
3.3.15 Network Operations (NetOps) and Information Assurance (IA) Training Services 2033
Network Operations (NetOps) and Information Assurance (IA) Training Services are a shared 2034
service. The ES Contractor is designated as the primary service provider, and the TXS 2035
Contractor is designated as the supporting service provider. The Contractors shall collaborate 2036
with each other and any other service providers to provide common management of the services 2037
described below. 2038
2039
3.3.15.1 Network Operations (NetOps) Training Services 2040
NetOps Training Services provide Government staff responsible for oversight of the network 2041
with information and instruction on NGEN-specific Information Technology Service 2042
Management (ITSM) processes, NGEN-specific business processes, and NGEN network and 2043
service management tools. 2044
2045
The Contractors shall: 2046
a. Maintain and update training materials and systems. 2047
b. Provide training materials for all new tool, process, and solution development or 2048
deployment efforts including training requirements needed to achieve and support 2049
Government network and service management job skills requirements as outlined in the 2050
NGEN Navy Training System Plan N6-NTSP-E-70-0817. 2051
c. Provide NGEN deployables training including advanced network and process training 2052
and certification for DON fleet IT personnel (Unit IT) responsible for successful fleet 2053
deployment, deployed operation, and return of a command’s deployable end user devices 2054
and shore network services to the ashore network enclaves. 2055
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
82
2056
In addition to the above, the ES Contractor shall: 2057
a. Provide combined training which encompasses the hardware and software standards, 2058
solutions, and processes necessary to meet NGEN CTR requirements as outlined in the 2059
NGEN Navy Training System Plan. The minimum training requirement is 1-day, 2060
Instructor-Led Training (ILT) via Defense Connect Online (DCO) or Interactive Course 2061
Ware (ICW) for each of the following courses in accordance with Table 3.3.15.1-1. 2062
i. File Shares, Security Groups, and Distribution Lists Management. 2063
ii. Account Security. 2064
iii. Spillage Containment. 2065
iv. CTR Roles, Responsibilities, and Certification Process. 2066
v. CTR Communications Plan and Knowledge Management. 2067
vi. NGEN End User Services. 2068
vii. End User Accounts Management. 2069
viii. Customer Services. 2070
ix. Operations and Change Management. 2071
x. Ordering Services. 2072
xi. Asset Management. 2073
xii. Performing Technology Refresh 2074
xiii. Change Requests (Move, Add, and Change). 2075
xiv. Deployables. 2076
xv. Manage DoD Smart Card Exceptions List. 2077
2078
Table 3.3.15.1-1 USN CSR Training Training Requirements Students FY13 FY14 FY15 FY16
MIL/CIV 575 2125 700 700 Convening’s 23 85 28 28
2079
b. Provide NGEN-specific ITSM process training based on the NPDM and consisting of 2080
content for all prescribed NPDM life cycle management processes. Provide ILT via 2081
DCO for the courses identified in Table 3.3.15.1-2. 2082
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
83
2083
Table 3.3.15.1-2 USN NGEN Process Training
Process Duration(Days) Delivery
Convening’s (per year) Seats
Demand Management 1 Instructor-DCO or ICW 3 25
Service Portfolio Management 2 Instructor-DCO or ICW 5 25
Financial Management 2 Instructor-DCO or ICW 2 25
Supplier Management 1 Instructor-DCO or ICW 5 25
Service Catalog Management 2 Instructor-DCO or ICW 3 25
Information Security Management 2 Instructor-DCO or ICW 5 25
IT Service Continuity Management 1 Instructor-DCO or
ICW 3 25
Capacity Management 2 Instructor-DCO or ICW 5 25
Availability Management 2 Instructor-DCO or ICW 5 25
Service Level Management 2 Instructor-DCO or ICW 5 25
Knowledge Management 1 Instructor-DCO or ICW 2 25
Transition Planning and Support 1 Instructor-DCO or ICW 5 25
Release and Deployment Management 2 Instructor-DCO or
ICW 5 25
Service Asset and Configuration Management 2 Instructor-DCO or
ICW 10 25
Change Management 2 Instructor-DCO or ICW 5 25
Request Fulfillment 3 Instructor-DCO or ICW 10 25
Event Management 4 Instructor-DCO or ICW 10 25
Access Management 2 Instructor-DCO or ICW 10 25
Evaluation 3 Instructor-DCO or ICW 3 25
Service Validation and Testing 2 Instructor-DCO or ICW 5 25
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
84
Table 3.3.15.1-2 USN NGEN Process Training
Process Duration(Days) Delivery
Convening’s (per year) Seats
Problem Management 3 Instructor-DCO or ICW 10 25
Data Management 3 Instructor-DCO or ICW 3 25
Facilities Management 3 Instructor-DCO or ICW 3 25
Incident Management 3 Instructor-DCO or ICW 10 25
2084
c. Provide NGEN tools training in the operational NGEN environment in accordance with 2085
Table 3.3.15.1-3. 2086
2087
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
85
Table 3.3.15.1-3 USN NGEN Tools Training
Tool Duration
(Days) Delivery
Convening’s
(per year) Seats
Configuration Management 2 Instructor-DCO or ICW 2 25
Service Catalog and Ordering
System 2 Instructor-DCO or ICW 2 25
Request Fulfillment 3 Instructor-DCO or ICW 2 25
Knowledge Management
(SKMS) 2
Instructor-DCO or ICW 2 25
Incident Management 3 Instructor-DCO or ICW 2 25
Change Management 3 Instructor-DCO or ICW 2 25
Problem Management 3 Instructor-DCO or ICW 2 25
Financial Systems 2 Instructor-DCO or ICW 2 25
Service Level Management 2 Instructor-DCO or ICW 2 25
Availability Management 2 Instructor-DCO or ICW 2 25
Auto Discovery Tools 2 Instructor-DCO or ICW 2 25
Asset Management 3 Instructor-DCO or ICW 2 25
Configuration Management 3 Instructor-DCO or ICW 2 25
Event Management 2 Instructor-DCO or ICW 2 25
Customer Relations 1 Instructor-DCO or ICW 2 25
Access and Identity 1 Instructor-DCO or ICW 2 25
2088
d. Place all NGEN training content on the NGEN web portal and provide access to other 2089
learning resources (e.g., current news and virtual communities of practice). NGEN 2090
training content includes Operating System functions and capabilities, core build 2091
applications, and end user applications. 2092
e. Host, operate, and maintain a Learning Management System (LMS), in accordance with 2093
the requirements specified in the NGEN Learning Management System Functional Area 2094
Description, to schedule training, track training progression, and record training 2095
completion metrics. 2096
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
86
2097
In addition to the above, the TXS Contractor shall: 2098
a. Provide TXS training input to ES contractor for NGEN CSR requirements as outlined in 2099
the NGEN Navy Training System Plan. The minimum training requirement is 1-day, 2100
ILT via DCO for each of the following courses in accordance with Table 3.3.15.1-1: 2101
i. NGEN Transport Services 2102
ii. TXS Operations and Change Management elements 2103
iii. Asset Management 2104
iv. Performing Tech Refresh and Modernization 2105
v. Change Requests (Move, Add, Change) 2106
vi. Deployables 2107
b. Provide input and support to ES for NGEN-specific ITSM process training based on the 2108
NPDM and consisting of content for all prescribed NPDM management processes. 2109
Provide ILT via DCO for the courses Table 3.3.15.1-2. 2110
c. Provide TXS input to the ES contractor on NGEN tools training in the operational NGEN 2111
environment in accordance with Table 3.3.15.1-3. 2112
d. Provide TXS training content (e.g., RAS configurations) to ES for inclusion on the 2113
NGEN web portal. 2114
e. Provide required TXS input to the ES Contractor for inclusion in the LMS including 2115
training schedule, progression, and completion metrics. 2116
2117
3.3.15.1.1 Instructional Strategy Services and Training Materials 2118
Training Materials and Instructional Strategy Services are provided by the ES Contractor. 2119
2120
The ES Contractor shall: 2121
a. Recommend the most cost effective form of training materials. 2122
b. Recommend an instructional strategy (e.g., web based documents, computer based 2123
training, on the job training, classroom training, etc.) 2124
c. Develop training materials to address training issues identified by the Government. 2125
2126
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
87
3.3.15.2 Information Assurance (IA) Training Services 2127
Information Assurance (IA) Training Services provide, operations-focused training for the 2128
Government IA and NETOps workforce on topics related to the specific IA systems and 2129
processes supporting the network. 2130
2131
The ES and TXS Contractors shall provide Information Assurance Workforce Improvement 2132
(IAWF) Program training and certification status for all personnel performing IA functions. 2133
(CDRL A007 – Monthly Status Report) 2134
2135
3.3.16 Testing Services 2136
NGEN Testing Services encompass a broad spectrum of testing events across the unclassified 2137
and classified enclaves. NGEN Testing Services consist of 1) risk assessments; 2) performance 2138
assessments; 3) hardware testing and certification; 4) software testing and certification; 5) core 2139
build testing and certification; 6) application testing and certification; 7) system integration 2140
testing; 8) release testing; and, 9) production testing. NGEN Testing Services validate the 2141
compliance of all changes, additions, or refresh of NGEN services in accordance with 2142
performance requirements stipulated in this PWS. The criteria of the performance metrics will 2143
be used to validate performance changes to the NGEN services. 2144
2145
A Contractor provided NGEN Testing Services Facility (USN) will be used to test and certify 2146
hardware and software systems in an applicable test environment to ensure compliance with 2147
NGEN performance requirements. The test facility will be used to assess hardware, software 2148
systems, and applications (GOTS and COTS products) to meet the performance metrics in the 2149
NGEN Service and Operational Levels document. 2150
2151
NGEN Testing Services requires participation and collaboration with various Government 2152
agencies and support Contractors to ensure compliance with established policies, technical, 2153
contractual, interoperability, and operational requirements of the NGEN services. 2154
2155
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
88
Testing Services are shared services. The ES Contractor is designated as the primary service 2156
provider, and the TXS Contractor is designated as the supporting service provider. The 2157
Contractors shall collaborate with each other and any other service providers to provide common 2158
management of the services described below: 2159
a. Provide testing services input to NGEN Test Readiness Reviews (TRR). (CDRL A001 – 2160
Meeting Minutes; CDRL A002 – Meeting Agenda; and, CDRL A003 – Presentation 2161
Materials) 2162
i. Provide testing services support for Engineering. 2163
ii. Plan and conduct NGEN operational testing and performance assessments. 2164
2165
In addition to the above, the ES Contractor shall: 2166
a. Provide, operate, and maintain a test facility that can be connected to the GIG (e.g., 2167
connectivity to NIPRNet and SIPRNet) and represents the NGEN production 2168
environment (e.g., NNPI, MOC, and NCIS). 2169
b. Perform service, system, and application testing in support of services identified in 2170
Section 3.3 (ES Services Portfolio) of this PWS. 2171
i. Provide Computer-Electronic Accommodations Program (CAP-Section 508) 2172
certification letter to the Government. (CDRL A032 – Computer Electronic 2173
Accommodations Program Certification Letter) 2174
c. Provide test facility and production test plans, procedures, reports, as well as operator and 2175
end user impact information for all required test events. (CDRL A026 – Test Report and 2176
CDRL A033 – Test Procedures) 2177
i. Provide and implement remediation procedures in accordance with the test plans. 2178
d. Provide other NGEN service providers (e.g., TXS Contractor and DISA), designated 2179
Government and Contractor personnel access to the test facility to observe and participate 2180
in operations and testing. 2181
e. Store and maintain all testing and technical documentation in the Contractor provided 2182
Integrated Data Environment (IDE). 2183
2184
In addition to the above, the TXS Contractor shall: 2185
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
89
a. Provide, operate, and maintain assigned hardware and software required to stand up and 2186
deliver a production representative environment in the test facility provided by the ES 2187
Contractor. 2188
b. Provide the ES Contractor with input to all required testing and technical documentation 2189
(e.g., plans, procedures, and reports). 2190
2191
3.3.17 Continuity of Operations (COOP), Disaster Recovery (DR), and Business Continuity 2192
Planning (BCP) Services 2193
Continuity of Operations (COOP) and Disaster Recovery (DR) involve 1) creating, testing, and 2194
executing plans for emergency response; 2) storage and backup operations; and 3) post-disaster 2195
recovery of information systems. COOP and DR is a collection of processes, policies, and 2196
procedures required for recovery or continuation of the infrastructure and services critical to an 2197
organization after a disaster. 2198
2199
Continuity of Operations (COOP), Disaster Recovery (DR), and Business Continuity Planning 2200
(BCP) are shared services. The ES Contractor is designated as the primary service provider, and 2201
the TXS Contractor is designated as the supporting service provider. The Contractors shall 2202
collaborate with each other and any other service providers to provide common management of 2203
the services described below. 2204
2205
3.3.17.1 Continuity of Operations (COOP) Services 2206
The Contractors shall: 2207
a. Operate and maintain the COOP capability consistent with existing architecture and 2208
redundancy characteristics. 2209
b. Adhere to OPNAV Instruction 3030.5B (20 OCT 2009), DOD Directive 3020.26, 2210
SECNAV Instruction 3030.4C, and other DoD and DON policies as described in the 2211
NPDM, for IT Service Continuity Management. 2212
c. Conduct COOP testing: 2213
i. Twice a year for all redundant NGEN standard services. 2214
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
90
ii. For the MOC C2 COOP server farms when planned and authorized by each MOC 2215
site. 2216
d. Provide controlled degradation of services as requested by the Government in the event 2217
of a disaster, incident, or planned exercises for all services provided under this contract. 2218
e. Provide After Action Reports (AARs) for all exercises. (CDRL A034 – After Action 2219
Reports) 2220
2221
In addition to the above, the ES Contractor shall: 2222
a. Consolidate all After Action Reports (AARs) for all exercises and submit to the 2223
Government. (CDRL A034 – After Action Reports) 2224
b. Provide as part of the monthly IPR recommended architecture, process, and tool 2225
enhancements or upgrades to address any identified deficiencies in COOP capabilities. 2226
(CDRL A008– Continuous Service Improvement Plan) 2227
c. Operate and maintain the data COOP capability for the C2 MOC located at Makalapa, 2228
Pearl Harbor, HI including: 2229
i. Provide ongoing monitoring, support, and maintenance of the server 2230
infrastructure. 2231
ii. Operate and maintain the required infrastructure to support COOP. 2232
iii. Operate and maintain the Storage Area Network (SAN) backup and restore 2233
(BUR) system. 2234
iv. Provide 30-day disk-to-disk backup and restore with off-site tape backup for the 2235
primary location. 2236
v. Provide an initial COOP capability that can be operational as the primary site 2237
within 15 minutes. 2238
vi. Provide support for single email mailbox recovery for all C2 MOC end users. 2239
vii. Provide a failover COOP site that can be operational as the primary site with full 2240
capability within 12 hours. 2241
2242
3.3.17.2 Disaster Recovery (DR) Services 2243
2244
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
91
The Contractors shall: 2245
a. Operate and maintain DR capability consistent with existing architecture and redundancy 2246
characteristics. 2247
b. Develop and provide an annual update to the Disaster Recovery Plan (DRP) for 2248
restoration of operations in the event of a minor or major disaster. (CDRL A035 – 2249
Disaster Recovery Plan) 2250
c. Activate the assigned components of the approved DRP in the event of a disaster in 2251
coordination with the other Contractors and the Government Service Manager. 2252
d. Provide an AAR in the event of a disaster or exercise. (CDRL A034 – After Action 2253
Report) 2254
e. Conduct the DRP annual exercise for one large site, one NOC, and one server farm and 2255
provide AARs following the exercises. (CDRL A034 – After Action Report) 2256
2257
In addition to the above, the ES Contractor shall provide a consolidated annual update to the IT 2258
section of the DRP. (CDRL A035 – Disaster Recovery Plan) 2259
2260
3.3.17.3 Business Continuity Planning (BCP) Services 2261
BCP determines the Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs), 2262
and defines specific scenarios that trigger the activation of COOP and DR plans, subject to GDA. 2263
2264
The Contractors shall: 2265
a. Provide input to the BCP including: 1) prioritization of service and data restoration 2266
operations; 2) master service and data restoration schedule; and, 3) preferred source or 2267
storage locations based on the situational needs of each site or command. (CDRL A036 – 2268
Business Continuity Plan ) 2269
b. Create and maintain IT Service Continuity Plans, for organizations supported by the 2270
Navy Management Domain. (CDRL A037 - IT Service Continuity Plan) 2271
c. Conduct annual exercises to ensure the effectiveness of the Government approved IT 2272
Service Continuity Plans in coordination with the other Contractors and the Government 2273
Service Manager. 2274
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
92
2275
In addition to the above, the ES Contractor shall create and submit to the Government a 2276
consolidated IT Service Continuity Plans. (CDRL A036 – Business Continuity Plan) 2277
2278
3.3.17.4 Contingency Operations Services 2279
Contingency Operations Services provide IT capabilities in support of Operations Other Than 2280
War (OOTW), disaster relief, defense support to civil authorities, foreign humanitarian 2281
assistance, etc. 2282
2283
3.3.17.4.1 Determine and Test Contingency Operations Hardware and Software Configurations 2284
2285
The Contractors shall: 2286
a. Determine the standard HW and SW configurations in coordination with the other 2287
Contractors and the Government. 2288
b. Test the approved standard contingency HW and SW configurations at an agreed upon 2289
NGEN site with more than 25 end users. 2290
2291
3.3.17.4.2 Deploy IT Capabilities to Support Contingency Operations 2292
2293
The Contractors shall: 2294
a. Develop a deployable contingency design and Bill of Materials (BOM) to support 2295
identified operational requirements and intended operational environment. 2296
b. Obtain required HW and SW. 2297
c. Develop personnel resource estimate to include quantity, billet type, and logistics 2298
requirements (e.g., transportation, housing accommodations, and food) for those 2299
contingencies requiring on-site support. 2300
d. Submit personnel foreign country clearance requests and obtain necessary visas. 2301
e. Document the result of the deployment in a Government provided template with input 2302
and conduct a post-deployment review with the Government. 2303
f. Return any unused and reusable equipment to stock. 2304
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
93
2305
In addition to the above, the ES Contractor shall: 2306
a. Develop and obtain Government approval of a consolidated deployable contingency 2307
design and Bill of Materials (BOM) to support identified operational requirements and 2308
intended operational environment that includes input from all Contractor. 2309
b. Provide for the transportation of all ES and TXS HW and SW required to support 2310
contingency operations and obtain all import permits. 2311
c. Submit a consolidated document of the result of the deployment in a Government 2312
provided template with input from the TXS Contractor and conduct a post-deployment 2313
review with the Government. 2314
2315
In addition to the above, the TXS Contractor shall coordinate with the ES Contractor to transport 2316
all TXS HW and SW required to support contingency operations and to obtain import permits. 2317
2318
3.3.18 File Removal Services 2319
File Removal Services (formerly known as Spillage) provide resolution when electronic spillage 2320
has occurred where classified information, Personally Identifiable Information (PII), Navy 2321
Nuclear Propulsion Information (NNPI), or Community of Interest (COI) information has been 2322
introduced on an IT system, network, or component that is not authorized to hold or process such 2323
information. 2324
2325
File Removal Services are shared services. The ES Contractor is designated as the primary 2326
service delivery provider, and the TXS Contractor is designated as the supporting service 2327
delivery provider. The Contractors shall collaborate with each other and any other service 2328
providers to provide common management of the services described below. 2329
2330
The ES Contractor shall: 2331
a. Quarantine known electronic spillage locations within one hour of incident discovery. 2332
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
94
b. Remove all instances of the electronic spillage from the network, backup systems, and 2333
media within 24 hours of notification in accordance with procedures approved by the 2334
Navy Designated Approval Authority (DAA) (NTD 11-08, 032052ZNOV08). 2335
c. Start the trace process within 30 minutes of notification by an authorized Government 2336
authority to determine the extent of the electronic spillage proliferation across systems 2337
(e.g. desktop, laptop, servers, and monitoring systems). 2338
d. Provide trace report in accordance with Government provided parameters. (CDRL A038 - 2339
Trace Report - File Removal Services) 2340
i. Submit a Plan of Action and Milestones (POA&M) for actions that cannot be 2341
completed within 24 hours of notification. 2342
e. Notify designated Government authority upon completion of electronic spillage cleanup. 2343
f. Report last known locations of files that may have been further distributed, but cannot be 2344
traced to service level network operations centers (e.g., email files that were opened and 2345
read or files that may have been copied). (CDRL A038 - Trace Report - File Removal 2346
Services) 2347
g. Coordinate with designated TXS personnel to remove electronic spillage from equipment 2348
and systems assigned to the TXS Contractor. 2349
h. Report unauthorized or inadvertent disclosures of unclassified and classified NNPI data 2350
in accordance with current version of OPNAV Instruction 9210-3 as directed by the 2351
designated Government representative. 2352
i. Report the unauthorized or inadvertent disclosure summary data and results to the 2353
designated Government representative quarterly. (CDRL A038 - Trace Report - File 2354
Removal Services (FMS) Trace Report) 2355
2356
The TXS Contractor shall coordinate with and support ES personnel to remove electronic 2357
spillage from equipment and systems assigned to the TXS Contractor. 2358
2359
3.3.19 Electronic Software Delivery Services (ESDS) 2360
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
95
Electronic Software Delivery Services (ESDS), also known as digital distribution, refers to the 2361
practice of having SW products delivered or updated remotely as opposed to loaded and installed 2362
locally from physical media. 2363
2364
ESDS are shared services. The ES Contractor is designated as the primary service provider, and 2365
the TXS Contractor is designated as the supporting service provider. The Contractors shall 2366
collaborate with each other and any other service providers to provide common management of 2367
the services described below: 2368
a. Deliver software, patches, updates, and firmware to all components on the network in 2369
accordance with the Release and Deployment Management (RDM) process as described 2370
in the NPDM. 2371
2372
The ES Contractor shall provide the combined status of all security and software patches. 2373
(CDRL A007 – Monthly Status Report) 2374
2375
The TXS Contractor shall provide the ES Contractor with the status of all security and software 2376
patches and updates to its equipment. 2377
2378
3.3.20 Service Desk Services 2379
Service Desk Services manage and coordinate the handling of incidents, problems, and requests 2380
with end users and IT groups for unclassified and classified equipment. The Service Desk 2381
provides multiple means (e.g., single toll-free number and single Web interface) for requesting 2382
service. The Service Desk manages the life cycle of incidents, problems, and service requests 2383
including fulfillment, verification, and closure. Service desk support includes multiple tiers in 2384
accordance with the Incident Management process as described in the NPDM: 2385
a. Tier 0: End user self service 2386
b. Tier 1: Basic service support to end users and IT groups. 2387
c. Tier 2: More complex service support requiring the involvement of Subject Matter 2388
Experts (SMEs). 2389
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
96
d. Tier 3: Onsite support for complex service support requirements that may involve 2390
certified systems engineers or touch labor. 2391
e. Tier 4: Engineering technology support. 2392
2393
Service Desk Services encompasses support for two basic customer types 1) War Fighter; and, 2) 2394
Business. Further automation of and enhanced processes will improve the efficiency and 2395
effectiveness of the NGEN Service Desk. An example of potential improvements is a web based 2396
knowledge management system to increase end user self-sufficiency (e.g., end user password 2397
reset and GAL updates). 2398
2399
Service Desk Services are shared services. The ES Contractor is designated as the primary 2400
service provider, and the TXS Contractor is designated as the supporting service provider. The 2401
Contractors shall collaborate with each other and any other service providers to provide common 2402
management of the services described below. 2403
2404
The ES Contractor shall: 2405
a. Provide Service Desk Services for defined enclaves (e.g., classified, unclassified, and 2406
COIs). 2407
b. Provide geographically diverse facilities to provide redundant Service Desk Services 2408
within the Continental United States (CONUS). Each location must be capable of 2409
servicing the entire NGEN population in the event of a natural disaster or loss of 2410
capabilities. 2411
c. Provide Service Desk Services availability for all users, 24x7x365. 2412
d. Provide Service Desk ticket submission and tracking through multiple means (e.g., email, 2413
single toll-free number and single web interface), to include a routing system for end user 2414
classifications (e.g., NIPRNet, SIPRNet, War Fighter, and Standard Business). 2415
e. Document, assess, track, and resolve or fulfill Service Desk incidents, problems, and 2416
requests in accordance with the NGEN SMP and the processes as described in the 2417
NPDM. 2418
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
97
f. Coordinate with the other service providers to resolve incidents and fulfill requests [e.g., 2419
Move, Add, Changes (MACs)]. 2420
g. Operate and maintain an Online status system to initiate, query, track, update, and display 2421
information (e.g., aging and backlog) pertaining to incidents, problems, and requests. 2422
h. Track the resolution of all service desk incidents, problems, and Service Requests to 2423
closure. 2424
i. Verify resolution with the customer prior to closing incidents, problems, and requests. 2425
j. Upon resolution of an incident for outage of service, provide the Government with 2426
written information regarding the reason for the outage, corrective actions taken, and any 2427
follow-on actions. (CDRL A034 – After Action Report) 2428
k. Provide Service Desk Services for NGEN deployed and Broadband Unclassified Remote 2429
Access Services (BURAS) end users, including support for appropriate services [e.g., 2430
remote access, Outlook Web Access (OWA), email, email redirection, client hardware, 2431
client software, and deployable process support]. 2432
l. Provide an interface between the NGEN Service Desk and legacy networks, Government 2433
application Service Desks, as well as third party providers (e.g., PDA and end user 2434
equipment). This interface includes redirecting end user calls to the applicable legacy 2435
system Service Desk after confirming NGEN services are not the source of the legacy 2436
system anomaly or outage. 2437
m. Escalate and resolve incidents in coordination with the base, post, or station desk side 2438
support agents when Tiers 1 and 2 have not been able to resolve. 2439
n. Automatically generate, post, and retain historical information for monthly Service Desk 2440
performance measurements on a Government designated website and report this 2441
information as part of the monthly IPR. 2442
2443
The TXS Contractor shall: 2444
a. Provide Service Desk Services in accordance with OLA-006 “End User Incident 2445
Resolution”, OLA-007 “Incident Resolution for Government Applications”, and OLA-2446
008 “First Call Resolution”. 2447
b. Provide Tier 1 troubleshooting scripts and job aids. 2448
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
98
c. Provide Tier 2, Tier 3, and Tier 4 support to troubleshoot and resolve TXS related 2449
incidents. 2450
2451
3.3.20.1 Move, Add, and Change (MAC) Services 2452
Move, Add, and Change (MAC) Services are a subset of Service Desk Services and provide two 2453
support categories: 1) Simple MACs; and 2) Project MACs. 2454
a. Simple MACs address request fulfillment to deliver a piece of HW and SW to a single 2455
end user. This includes the capability to: 2456
i. Move, connect, and integrate NGEN HW from one NGEN location to another 2457
NGEN location for an end user. 2458
ii. Add HW or SW to an existing end user configuration or install a new end user 2459
HW and SW configuration. 2460
iii. Modify the configuration of NGEN HW and SW for an end user. 2461
b. Project MACs are more complex, involve multiple end users and pieces of HW and SW, 2462
and are handled via separate task orders (e.g., movement of multiple end users or 2463
organizations to locations that potentially require the installation of an NGEN 2464
infrastructure). 2465
2466
Move, Add, and Change (MAC) Services are shared services. The ES Contractor is designated 2467
as the primary service provider, and the TXS Contractor is designated as the supporting service 2468
provider. The Contractors shall collaborate with each other and any other service providers to 2469
provide common management of the services described below. 2470
2471
The ES Contractor shall: 2472
a. Perform requested simple MAC services. 2473
b. Process, manage, and execute classified and unclassified MAC requests. 2474
c. Perform MACs in accordance with the CMIP and the AMIP. 2475
d. Provide end users technical assistance and guidance to resolve service delivery issues 2476
related to MAC processing. 2477
e. Perform requested project MAC services . 2478
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
99
i. Analyze and develop a detailed implementation plan for requested project MACs. 2479
(CDRL A039 – Implementation Plan) 2480
ii. Develop detailed cost estimate including Bill of Materials. 2481
iii. Develop Request for Change (RFC). (CDRL A023 – Engineering Change 2482
Proposal – Request for Change) 2483
iv. Provide the Government with access to a website containing a status of received 2484
project MACs and aging report. 2485
2486
The TXS Contractor shall provide the touch labor, network reconfiguration, inside cable plant, 2487
and closet port management support associated with MACs. 2488
2489
3.3.21 Base Area Network (BAN) Services and Local Area Network (LAN) Services 2490
Base Area Network (BAN) Services include the installation, operation, and maintenance of the 2491
cable, wireless, and switching infrastructure that connects a base, post, or station Wide Area 2492
Network (WAN) to the Local Area Network (LAN)s, server farms, datacenters and MOC in the 2493
buildings on the base, post or station and to associated piers serving Navy ships. The BAN 2494
supports NIPRNet and SIPRNet IP based voice, video, and data services. 2495
2496
The TXS Contractor shall: 2497
a. Operate and maintain the existing BAN infrastructure, which includes all necessary cable 2498
plant (inside and outside) and equipment required to provide information transport 2499
functionality between LANs located on given bases/posts/camps/stations and connecting 2500
them to the BAN/LAN/SDP. BAN infrastructure shall provide a reliable IP-based 2501
network that supports a dual stack Internet Protocol version 4 and version 6 (IPv4/IPv6) 2502
environment and necessary IA services. 2503
b. Operate and maintain GFP and the existing LAN infrastructure, including cable plant 2504
(inside and outside) and equipment, wall jacks, Layer 2 and Layer 3 LAN switches, and 2505
WLAN devices. In the case of a very small site, the LAN is directly connected to the 2506
WAN or Internet Service Provider premise equipment. 2507
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
100
i. Comply with the RFC 1918 requirements and maintain private IP space in the 2508
NGEN interior. 2509
ii. Comply with RFC 4193 for Testing and COI support. 2510
iii. Develop a recommended design and infrastructure assessment and test plan for 2511
transitioning of private IP address spaces to public IP addresses in accordance 2512
with Government direction. (CDRL A022 – Contract Change Proposal) 2513
iv. Migrate the NGEN IP space from private to public address space per approved 2514
migration plan. 2515
v. Assign static IP addresses as required on a case-by-case basis. 2516
c. Develop and maintain Routing Plan. (CDRL A040 – Routing Plan) 2517
i. Maintain and update quarterly the Master IP Routing Plan. 2518
ii. Design/document the routing. 2519
iii. Maintain interior routing of private IP addresses up to the site interior router and 2520
other infrastructure that utilizes private IP addresses. 2521
iv. Design, test, plan and pilot approach for transition of static routing to dynamic 2522
routing. 2523
d. Provide updated design documentation, installation as needed, maintenance, and 2524
operation of all required network and network security infrastructure needed to deliver all 2525
network/contract services (e.g. e-mail, web portal, workflow and collaboration, 2526
application hosting). 2527
e. Provide capacity and utilization monitoring of TXS components needed to deliver all ES 2528
provided services. 2529
f. Maintain IPv6/IPv4 Coexistence and Interworking Practices. 2530
i. Operate and maintain dual stack IPv4/IPv6 network devices. 2531
ii. Develop plan and implement migration to full IPv6 environment. 2532
g. Operate and maintain BAN/LAN/WAN interfaces for NGEN designated C2 sites. 2533
h. Comply with Government DIACAP processes prior to connecting any new device into 2534
the NGEN environment. 2535
i. Comply with the Navy Ports, Protocols and Services (NPPS) Manual. 2536
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
101
j. The network technical and security architecture shall be consistent with Category 2537
Assignments List (CAL) (e.g., IP unicast and multicast at the network layer and Ethernet 2538
at the physical layer). 2539
k. Notify the Government if the addition of a network device or service will exceed 75% of 2540
existing port capacity, transport infrastructure element (e.g., rack space), WAN access 2541
circuit capacity, WAN subscription capacity, and inside and/or outside cable plant 2542
utilization. 2543
l. Maintain and configure Virtual Local Area Networks (VLANs) [e.g., providing single 2544
VLAN, multiple VLANs within a DMZ, B3 COI, to support Access Control List (ACL) 2545
solution]. 2546
m. Implement network layer access control lists and data link layer port security in TXS 2547
infrastructure. 2548
n. Maintain, configure, and provide support for port aggregation protocol (e.g., Ether 2549
Channel) for Government identified devices. 2550
o. Operate and maintain existing IP Multicast traffic. 2551
p. Operate and maintain very high bandwidth connectivity (≥10 Gbps) for select mission 2552
critical and standard application servers at ordered sites. 2553
q. Maintain and update SW and firmware required for BAN/LAN components. 2554
r. Provide annual BAN/LAN components tech refresh recommendations six months prior to 2555
the beginning of the Fiscal Year to update the Government provided annual NGEN TXS 2556
Technology Refresh Plan (TRP). (CDRL A014 - Technology Refresh Plan ) 2557
s. Conduct BAN/LAN tech refresh in accordance with Government provided NGEN TRP. 2558
t. Operate and maintain TXS infrastructure at Very Small Sites (VSS). 2559
u. Perform requirements analysis for future BAN and LAN services in support of NGEN 2560
modernization. 2561
v. Conduct annual service continuity BAN/LAN site assessments, identify deficiencies and 2562
provide future design/operations recommendations. (CDRL A028 – Technical Report) 2563
2564
Provide TXS waterfront support (to include recommending, receiving and managing inventory of 2565
material) to Shipyard environments that does not have an NGEN compatible infrastructure that 2566
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
102
meets NGEN standards, to support the movement, repair and reinstallation of Data Seats that are 2567
subjected to waterfront surge events or shipyard environment limitations and hazards or where 2568
shipyard mission requirements dictate expedited handling. 2569
2570
3.3.21.1 Pierside Connectivity 2571
Enterprise Pier Connectivity Architecture (EPCA) provides network connectivity and TXS 2572
between ships and/or submarines with Government approved connection points and the 2573
corresponding supporting Fleet Network Operations Center (FLTNOC) or regional Mini‐NOC 2574
via the fiber optic Umbilical Cable Assembly (UCA) or Government approved wireless system. 2575
The EPCA consists of a system of elements located at the piers or wharves, at the Pier‐head 2576
Information Transfer Nodes, and the Pier Consolidation Point (PCP) ‐ and WAN TXS 2577
infrastructure and within the FLTNOC or regional Mini‐NOC as required. 2578
2579
The TXS Contractor shall: 2580
a. Operate and maintain secure transport infrastructure between pierside connections from 2581
the shore to docked ships and submarines and the corresponding Information Technology 2582
for the 21st Century (US Navy IT program to improve shipboard communications and 2583
computing capability) (IT-21) FLTNOC facility. The TXS infrastructure supports the 2584
transmission of voice, video, and data via either wired, copper, standard fiber optic 2585
Umbilical Cable Assembly (UCA), or Government-approved wireless system. 2586
b. Maintain cables (UCA), connectors, risers, Government-installed wireless system and all 2587
other equipment supporting EPCA, inside and outside cable plants used from pier ITN 2588
building to connect with ship/sub connection box in accordance with the specifications 2589
provided in the NNWC memo dated 6 Dec 07 and per the sites and quantities listed in 2590
NGEN locations. 2591
c. Maintain an inventory of all EPCA equipment being maintained, including Government 2592
provided spares (e.g., inventory of all pierside networking equipment, cabling) in 2593
accordance with NGEN Asset Management tools and processes. 2594
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
103
d. Development of a technical obsolescence and service delivery mitigation options 2595
(including alternative access schemes) for locations that will not be refreshed during the 2596
period of performance for the contract. (CDRL A028 – Technical Report) 2597
i. Provide TXS from vessel fiber optic interface at designated pier locations to Fleet 2598
NOC or regional mini-NOC. 2599
ii. Provide wide-area connectivity and bandwidth to naval vessels connected to the 2600
Pier Connectivity Architecture (PCA) access point. 2601
iii. Operate and maintain existing service for pier fiber optic cable plant Operate and 2602
maintain existing service when pier infrastructure is upgraded by the Government. 2603
iv. Operate and maintain newly installed PCA. 2604
v. Maintain PCA infrastructure and fiber optic cable plant with Original Equipment 2605
Manufacturer (OEM) or equivalent HW and SW. 2606
vi. Provide maintenance for the pierside network equipment and SW provided by the 2607
TXS Contractor. 2608
vii. Perform remote diagnostics with the end user when problems are identified. 2609
viii. Before an Incident ticket is closed, the TXS Contractor shall advise the Navy via 2610
the incident ticket of the actions taken. 2611
ix. Conduct ongoing analysis of Equipment maintenance and call history to track 2612
service trends. 2613
e. Maintain cables, Umbilical Cable Assembly (UCA), connectors, risers, Government-2614
installed wireless system and all other equipment supporting EPCA, inside and outside 2615
cable plants used from pier ITN building to connect with ship/sub connection box in 2616
accordance with the specifications provided in the NNWC memo dated 6 Dec 07 and per 2617
the sites and quantities listed in NGEN locations attached to contract. 2618
i. Provide and maintain fiber optic UCA to meet specifications described in Military 2619
Standard 2042-7(SH) and Naval Sea Systems Command (NAVSEA) drawing 2620
numbers 7325759, 7379171, and 7379173. 2621
ii. Maintain quantities of UCA cables at pier sites to meet fleet operational 2622
requirements. 2623
iii. Store, deliver and pick-up UCA to meet fleet operational requirements. 2624
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
104
iv. Connect and disconnect UCAs to the ships/submarines and the Piers junction 2625
boxes (i.e., Pier risers). 2626
2627
3.3.21.2 Application Server Connectivity 2628
The TXS Contractor shall provide the following Standard Application Server Connectivity 2629
Services for all physical and virtual application servers managed by their respective DON 2630
organizations (such as NAVSEA and other Claimants) to enable their incorporation into the 2631
NGEN Enterprise environment: 2632
a. Assign a standard host name to the server. C27XXXXXYYYYNNO, where XXXXX is 2633
the system acronym, YYYY is the site code, NN is the server number, and O is an 2634
optional alpha identifier. Legacy naming will be maintained on an as needed basis. 2635
i. Validate the server connection status via the use of Ping and Trace commands. 2636
ii. Notify by email and/or telephone the Government’s identified point of contact 2637
when the TXS Contractor determines that the cause of an incident ticket 2638
concerning access to a Government application is not the Contractor’s 2639
responsibility. 2640
iii. Support failover connection for each mission critical server. 2641
iv. Provide inbound and outbound Secure Shell (SSH) protocol access for each server 2642
as directed by Government. 2643
v. Provide network access for inbound SSL traffic if the implementation meets 2644
NPPS and is approved by the Navy ODAA. 2645
vi. Provide network access to the designated NGEN Enterprise OCSP responder. 2646
vii. Provide access to 10 Multicast channels within the transport boundary for the 2647
LAN to which the server is connected. 2648
viii. Provide the capability and network access for the server to print to network 2649
printers using Windows print services and Line Printer Request (LPR). The use 2650
of LPR is contingent upon receipt of all Government-required approvals. 2651
ix. Provide the capability and network access for the server to print to network 2652
printers using Windows print services and Line Printer Request (LPR) from 2653
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
105
within a Boundary 3 (B3) COI. The Servers may be using customer’s Active 2654
Directory. 2655
x. Perform Interim Authority to Connect (IATC) security scans of servers that will 2656
be or currently are placed within the USN network (enclave, B3 COI, DMZ.) As a 2657
result of the NOC IATC scan, the Contractor will provide the appropriate 2658
Government POC with the results that include Information Assurance 2659
Vulnerability Advisories /Information Assurance Vulnerability Bulletins status of 2660
the device, and overall security vulnerability assessment. 2661
xi. Provide network access to NGEN standard anti-virus definition files. 2662
b. The TXS provider shall also provide these supplemental functions to support physical and 2663
virtual Application Servers based on the requirements of the Claimant to ensure proper 2664
application functionality in the NGEN environment: 2665
i. Provide Network Address Translation (NAT) capabilities to address customers 2666
with permanent IP address space. 2667
ii. Provide multicasting capability and ongoing support within the transport 2668
boundary for the LAN to which the server is connected. 2669
2670
3.3.21.3 Program of Record Workstation Connectivity 2671
The TXS Contractor shall provide for the connection and access of Program of Record (POR) 2672
workstation to the network to include: 2673
a. Obtain and assign a static IP address. 2674
b. Deliver the static IP address to an assigned wall plug. 2675
c. Register the POR device. 2676
d. Establish a virtual local area network, if required. 2677
e. Invoke Network Layer access control lists and Data Link Layer port security as required. 2678
f. Allow the POR device to connect to an application server, as required. 2679
2680
3.3.21.4 Wireless Local Area Network (WLAN) Services 2681
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
106
NGEN WLANs are deployed in infrastructure mode-only, via wireless access points, as 2682
extensions to existing wired networks in order to allow clients to access network resources or the 2683
Internet without physical connections to the network via a cable. 2684
2685
The TXS Contractor shall: 2686
a. Conform to DoD Directive 8100.02, 23 April 2007. 2687
b. Maintain and operate wireless connections to the network ensuring compliance with 2688
DISA Wireless STIG and SECNAVINST 2075.1 guidance. 2689
c. Utilize, as a minimum, WPA2 Encryption (802.11i) for all unclassified wireless traffic. 2690
d. Maintain and operate WLAN service for wireless transmission of classified information 2691
using approved client devices. 2692
e. Design and implement WLAN service for wireless transmission of classified information 2693
using approved client devices. 2694
f. Operate and manage GFP National Security Agency (NSA) Type 1 encryptors for all 2695
Classified WLAN services. 2696
g. Integrate and install GFP NSA Type 1 encryptors for all new Classified WLAN services. 2697
h. Provide the capability to detect, isolate and remediate unknown or rogue wireless device 2698
within the vicinity of a network WLAN. 2699
i. Implement new or maintain the currency of WLAN access capabilities (e.g., IEEE 2700
802.11n) to the network as required by the Government- approved NGEN TXS. 2701
j. Technology Refresh Plan (TRP). [See Logistics section]. 2702
k. Develop WLAN access point design documentation as required in the TRP; provide 2703
configuration and installation of all APs to include ‘as built’ drawings. (CDRL A011 – 2704
Technical Baseline Documents) 2705
l. Provide the capability to execute Government directed wireless port activation, switch 2706
activation and switch configuration. 2707
m. Provide monitoring and maintenance services for NGEN wireless capabilities to include 2708
the following: 2709
i. Per Site – updates to WLAN controller, operating environment and associated 2710
infrastructure. 2711
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
107
ii. Per Access Point – device configuration, Information Assurance Vulnerability 2712
Advisories patching, SW maintenance and upgrades. 2713
n. Operate and maintain TXS components supporting as-is radio frequency identification 2714
environment – to include device configuration, Information Assurance Vulnerability 2715
Advisories patching, SW maintenance and upgrades for access points supporting radio 2716
frequency identification devices used in radio frequency identification tag environment. 2717
2718
3.3.22 Wide Area Network (WAN) Services 2719
WAN services provide separate connections to external networks, including NIPRNet, SIPRNet, 2720
Defense Research Engineering Network (DREN) and the Internet. WAN services provide 2721
transport of voice, video and data from Government base, facility and office locations, across 2722
non-Government property, to other Government base, facility and office locations. WAN 2723
requires connectivity to the NIPRNet at the unclassified B1 gateway, and SIPRNet at the 2724
classified B1gateway. This will allow the individual unclassified NGEN seats to access resources 2725
on NIPRNet and the Internet, and classified seats to access resources on SIPRNet. 2726
2727
The Navy expects to accelerate implementation of Thin Client Services (TCS) that provides for a 2728
client computer or client software in client-server architecture networks that depends primarily 2729
on the central server for processing activities, and mainly focuses on conveying input and output 2730
between the end user and the remote server. TCS can include the use of virtualization to support 2731
centrally housed and managed desktops that are “streamed” to the end user, or hosted desktops 2732
such that operating system processing itself occurs centrally. TCS can also incorporate centrally 2733
managed streamed applications, or centrally managed server/web-based application capabilities. 2734
2735
The TXS Contractor shall: 2736
a. Provide Government with technical information required to place a DISN circuit order. 2737
b. Propose, design, install and document site modifications to connect BAN and/or LAN to 2738
local DISN SDP in accordance with Site-WAN circuit mapping. (CDRL A011 –2739
Technical Baseline Documents) 2740
c. Maintain WAN Routing Plan. (CDRL A040 – Routing Plan) 2741
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
108
i. Maintain interior routing of private IP addresses up to the site interior router and 2742
other infrastructure that utilizes private IP addresses. 2743
ii. Design, test, pilot and implement a solution for migration from static routing to 2744
dynamic routing. 2745
d. Provide the following services required to complete installation of circuit services: 2746
i. Install and test circuit extensions and base extensions, including coordination with 2747
Base Communications Office (BCO), DISA and Government Program Manager 2748
for end-to-end testing and activation of DISN circuits. 2749
ii. Document WAN interface HW and SW to support Certification and 2750
Accreditation. (CDRL A018 – DoD Information Assurance Certification and 2751
Accreditation Package) 2752
e. Provide a Capacity Planning report based on LAN/WLAN/BAN/WAN network data. 2753
(CDRL A028 – Technical Report) 2754
i. Maintain as-is modeling capabilities to support the planning of changes to the 2755
network infrastructure, specifically to estimate future volume, usage, and 2756
application characteristics, as well as integration of emerging technology and 2757
utilization of DISN provided as GFP. 2758
ii. Provide quarterly analysis of the network capacity and recommendations for 2759
future engineering changes. 2760
f. Configure external network connections to allow for interoperability with other DoD 2761
networks such as Marine Corps Tactical Data Network (MCTN) and IT-21, and to major 2762
commercial partners of DON stakeholders. 2763
g. Operate and maintain transport boundary infrastructure and services providing 2764
connectivity for operational Command, and Control, Intelligence Surveillance and 2765
Reconnaissance (C2ISR) on classified networks (and unclassified networks where 2766
appropriate) at the MOCs, NOCs, and Fleet NOCs. This includes support for establishing 2767
and maintaining Multiprotocol Label Switching (MPLS) QOS, where enabled. 2768
h. Manage the connection to long-haul services provided by the Government to the 2769
Government identified point-of-presence for the purposes of configuration, maintenance, 2770
and troubleshooting. 2771
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
109
i. Accept and manage the connections of NSA Type 1 Encryptors from the Government for 2772
installation, configuration and use. 2773
j. Submit annual WAN Transport Boundary TRP. (CDRL A014 - Technology Refresh 2774
Plan) 2775
k. Operate and maintain NGEN DCE/C2 Nodes: 2776
i. Provide for remote network management for NGEN DCE Transport Boundary 2777
elements. 2778
ii. Test, implement, and document Government-approved material and nonmaterial 2779
configuration changes in accordance with the CMIP. 2780
iii. Provide on-site support and touch labor to support incident management at all 2781
NGEN DISN Core Extension (DCE) WAN locations. 2782
iv. Provide 24x7x365 on-site maintenance for the fielded system. 2783
2784
3.3.22.1 Non-Secure Internet Protocol Router Network (NIPRNet) and Intranet 2785
The NIPRNet is a global long-haul IP-based network to support unclassified IP data 2786
communications services for combat support applications to the DoD, Joint Chiefs of Staff (JS), 2787
Military Departments (MILDEPs) and Combatant Commands. The NIPRNet provides seamless 2788
interoperability IP services to customers with access data rates ranging from 56 kbps to OC-192 2789
via direct connections to a NIPRNet router, remote dial-up services (56 kbps), services to the 2790
Tactical community via Integrated Tactical Strategic Data Network/STEP sites and access to the 2791
Internet. 2792
2793
The TXS Contractor shall operate and maintain B1 TXS components connecting to the NIPRNet. 2794
Monitor network status and resolve connectivity issues surrounding the operation and 2795
maintenance of the NIPRNet B1. 2796
2797
3.3.22.2 Secret Internet Protocol Router Network (SIPRNet) 2798
The SIPRNet is DoD's interoperable C2 data network, supporting the Global Command and 2799
Control System, the Defense Message System (DMS), collaborative planning, and numerous 2800
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
110
other classified warfighter applications. Direct connection data rates range from 56 kbps to OC-2801
24. Remote dial-up services are available up to 115.2kbps. 2802
2803
The TXS Contractor shall: 2804
a. Operate and maintain B1 solutions for secure traffic exchange with the SIPRNet at 2805
Government designated locations. 2806
i. Monitor network status and resolve connectivity issues surrounding the operation 2807
and maintenance of the SIPRNet B1. 2808
b. Comply with all pertinent Government/DISA STIGs except as authorized by the Navy 2809
ODAA. 2810
c. Interface DON SECRET enclaves or COIs to SIPRNet. 2811
d. Transport classified data using approved physical and/or cryptographic separation 2812
mechanisms. 2813
e. Protect SECRET and below data in transit as specified in NGEN Enterprise Systems 2814
Security Authorization Agreement (eSSAA) security plans or DIACAP equivalent 2815
including support for incorporating required protection mechanisms in accordance with 2816
DoDI 8500.2 Mission Assurance Categories I and II Classified IA Controls (Mission 2817
Assurance Category I is to support MOC connectivity). 2818
f. Comply with the SIPRNet Connection Approval Process security standards and continue 2819
to comply with the updated security requirements that the Defense IA/ Security 2820
Accreditation Working Group (formerly DISN Security Accreditation Working Group 2821
imposes on the SIPRNet. 2822
g. Incorporate process and resources to support the execution of DIACAP (the 2823
identification, installation, configuration, and operation of SIPRNet connections. 2824
2825
3.3.22.3 Satellite Communications (SATCOM) Services 2826
SATCOM is a service that connects satellite-based up/down communication linkage to network 2827
SDPs within the logical network enclave to secure points outside the network enclave. The TXS 2828
Contractor is not being tasked to provide the SATCOM link. 2829
2830
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
111
The TXS Contractor shall: 2831
a. Provide for the extension of the network via commercial satellite communications, 2832
terminating at DON or commercial mobile Earth stations. 2833
b. Provide engineering support to deploy with communication link to establish and 2834
configure service. 2835
c. Provide HW and SW support and maintenance satellite communication interface 2836
infrastructure. 2837
d. Provide network services over high latency circuits (satellite connection) with the 2838
following where needed: 2839
i. DSTB service via SATCOM link that allows network end users the ability to have 2840
direct secure access into NGEN and resources (via B1) while deployed. 2841
a) Utilize Bandwidth optimization (WAN acceleration) technologies. 2842
b) Pre-load cache for deployable WAN acceleration device. 2843
ii. Tactical printer solution (in coordination with ES). 2844
a) Enables local printer access for in-field printing (i.e., bypassing print 2845
servers while deployed). 2846
b) Allows for connection of only printers certified for use on network. 2847
e. Maintain Satellite interface solution that meets DON security requirements for 2848
NIPRNet/SIPRNet traffic to include: 2849
i. VPN/ IP Security (IPsec) encrypted traffic—by requesting the appropriate class 2850
certificate(s) from ES for installation of each VPN concentrator or server 2851
instance--over NIPRNet and Internet. 2852
ii. Coordinate all solutions/connections with the Navy ODAA. 2853
iii. VPN encrypted on location when utilizing DON tactical circuit. 2854
a) Maintain existing services over High latency circuits (satellite 2855
connection). 2856
b) Maintain existing Bandwidth optimization (WAN acceleration) 2857
technologies. 2858
f. Maintain DSTB service via SATCOM link while deployed. 2859
2860
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
112
3.3.23 Data Storage Services 2861
Data Storage Services provide storage solutions for Online, near-line, and off-line storage. 2862
2863
The ES Contractor shall: 2864
a. Operate and maintain classified and unclassified storage capabilities including SW, HW, 2865
processes, and tools to facilitate the management and reporting of different classes of 2866
storage services across a wide range of workloads and applications. 2867
b. Provide end users the ability to store and retrieve files on shared and controlled-access 2868
storage media. 2869
c. Manage on-demand access to scalable storage space to optimize performance for storage 2870
intensive applications. 2871
d. Perform file share and folder administration capabilities: 2872
i. Provide, operate and maintain storage management and reporting tools that 2873
provide the Government and the Contractor the following capabilities: 2874
a) Government organizational units’ allocation. 2875
b) Group allocation. 2876
c) End user allocation. 2877
d) Storage utilization reporting. 2878
e) Security management for the storage and transmission of data. 2879
f) Capacity management to enable the on-demand addition of capacity or the 2880
physical or logical reallocation at any tier, within hardware constraints. 2881
ii. Provide storage report by participating command. (CDRL A028 – Technical 2882
Report) 2883
a) Actual Usage: The amount of data actually stored on a device at a specific 2884
time or over a period of time. 2885
b) Threshold Violations: The situation when a storage array exceeds 75% 2886
capacity. 2887
c) Anticipated Usage: The amount of data that is allocated for storage on a 2888
device. 2889
d) Rate of Access: The frequency with which data files are accessed. 2890
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
113
iii. Assign individual and group permissions at the file and folder level to include the 2891
ability to open, list, read, modify, save, copy, delete, and rename as well as print 2892
files and map folders. 2893
iv. Control the manipulation of shared folders at the individual and group level 2894
including the ability to: 2895
a) Change folder security permissions even when explicit rights are taken 2896
away from the File Share Manager by an end user. 2897
b) Determine who has locked files on a file server and, when necessary, 2898
unlock the files. 2899
v. Set up file type filtering on a folder and all sub-folders within a Government 2900
organizational unit’s shared space, and provide the ability to restrict by file type. 2901
vi. Control the physical size limit quota of a folder and all sub-folders within a 2902
Government organizational unit’s shared space: 2903
a) Set the maximum size quota of a folder to prevent the aggregated size of 2904
the files contained in the folder and sub-folders from exceeding an 2905
established limit quota. 2906
b) Set thresholds for folders and sub-folders and alert the identified folder 2907
manager when they are approaching the size limit. 2908
c) Grant sufficient permissions to Government authorized POCs to produce 2909
on-demand space utilization reports with sub-level folder totals. 2910
d) Operate and maintain Microsoft Exchange Services email and public 2911
folder storage systems for the allocated storage and auto-archiving. 2912
e) Operate and maintain end user and Government organizational unit’s file 2913
server storage provisions. 2914
e. Provide incremental daily backup of all file shares. 2915
f. Provide for recovery for all stored data: 2916
i. For online backup - within 24 hours of a restore request. 2917
ii. For offline backup - within 48 hours of a restore request. 2918
iii. For offline, offsite backup - within 72 hours of a restore request. 2919
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
114
g. Operate and maintain the storage environment of critical information assurance logging 2920
data stored for forensic analysis and provisions in accordance with requirements outlined 2921
in DoD Instruction 8500.2 and JTF-GNO INFOCON Level 3 Clarification and Guidance. 2922
2923
3.3.24 Enterprise Messaging Services 2924
Enterprise Messaging Services include the operation and maintenance of NIPRNet and SIPRNet 2925
e-mail messaging systems. 2926
2927
The ES Contractor shall: 2928
a. Operate and maintain the enterprise messaging capability to process, deliver, store, and 2929
receive email, and associated attachments. 2930
i. Operate and maintain required software (e.g., Exchange 2010 and Server 2008R2) 2931
and required licenses to deliver messaging to end users [e.g., Client Access 2932
Licenses (CAL)] 2933
ii. Operate and maintain the NGEN messaging server infrastructure, message 2934
archiving, spam filtering, mail security, and anti-malware capabilities. 2935
a) Provide, operate, and maintain content filtering capabilities to prevent 2936
unwanted incoming email or embedded malicious code in incoming email. 2937
i. Provide spam filtering that blocks unwanted email, contains 2938
content that is prohibited by policy, or is coming from a 2939
masqueraded source. 2940
ii. Provide malicious code filtering that blocks incoming email that 2941
contains malware from reaching the end recipients. 2942
iii. Allow users and organizations to create, modify, and delete all 2943
personal, command, echelon, and organizational messaging 2944
distribution lists. 2945
b. Configure the email client with the ability to send and receive signed and encrypted email 2946
and attachments using PKI certificates issued by the DoD PKI certifying authority and 2947
DoD-approved external PKI certifying authorities. 2948
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
115
c. Configure email service to conform with 1) Simple Mail Transfer Protocol (SMTP), 2949
native Remote Procedure Calls (RPC), and Hypertext Transfer Protocol (HTTP); and, 2) 2950
approved Designated Approving Authority (DAA) configuration to ensure 2951
interoperability and remote access. 2952
d. Operate and maintain capability to execute mailbox restore within 4 hours of loss for 2953
Government identified mission critical end users. For all others, restore mailbox within 7 2954
days. 2955
e. Operate and maintain the BlackBerry (BB) and other smartphone email service 2956
infrastructures [e.g., BlackBerry Enterprise Servers (BES) or the BES successors]. 2957
i. Configure BB and other smartphones to support PKI certificates issued by the 2958
DoD PKI certifying authority and DoD-approved external PKI certifying 2959
authorities. 2960
ii. Configure and integrate NGEN BB service provider phones and smartphones (e.g 2961
AT&T, Sprint, T-Mobile, and Verizon) devices into NGEN end user workstations 2962
and BES and other PDA email servers. 2963
iii. Install, configure, and support vendor specific software for approved BB and 2964
other smartphone devices (e.g., BB Desktop management software). 2965
iv. Install, configure, and support tethering functionality for all NGEN BB and other 2966
smartphone service provider devices 2967
v. Provide integration, certification, and accreditation of new BB and smartphone 2968
devices. 2969
f. Provide, operate, and maintain the NIPRNet and SIPRNet capability to access email via a 2970
web-based application [e.g., Outlook Web Access (OWA)]. 2971
i. Enable only PKI-based end user authentication to control access to the NIPRNet 2972
application. 2973
ii. Allow PKI-based end user authentication to control access to the SIPRNet 2974
application. 2975
2976
3.3.25 Enterprise Web Portal Services 2977
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
116
Enterprise Web Based Services consist of the Homeport classified and unclassified websites, and 2978
SearchNAVY Content Discovery tool. 2979
2980
3.3.25.1 Homeport 2981
Homeport serves as a single gateway for DON personnel to access information, services, 2982
support, and training resources for the NGEN services. 2983
The ES Contractor shall: 2984
a. Operate and maintain the unclassified and classified Homeport. 2985
i. Promulgate service alerts, as well as outage and degradation notification 2986
messages. 2987
ii. Publish scheduled maintenance information and impact statements. 2988
iii. Provide and update contact information for the NGEN Service Desk, including 2989
alternate contact information for USN desks, classified desk, and Special 2990
Assistance desks. 2991
iv. Provide content discovery and search capability. 2992
v. Provide a searchable library of existing training materials that address primary 2993
end user needs including [(e.g., 1) operating system functions and capabilities; 2) 2994
core build applications; 3) common issues, and 4) common end user 2995
applications)]. 2996
vi. Provide a searchable archive of end user communications, alerts, and 2997
notifications. 2998
vii. Provide a list of all HW and SW that have been certified for use on the Network 2999
including the OEM name, hardware model, and software version. 3000
viii. Provide NGEN program, contract, and public affairs materials as published by the 3001
NGEN Public Affairs Officer and post links, as directed by the Government, to 3002
other NGEN related information. 3003
ix. Restrict access and usage to elements of Homeport, sub-sites or specific content 3004
areas when directed by the NGEN Program Office. 3005
3006
3.3.25.2 Content Discovery 3007
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
117
SearchNAVY provides enhanced search features that allow fast and secure discovery of 3008
information within the Navy management domain using simple keywords and phrases. 3009
Information sources include structured and unstructured data from: 3010
a. Intranet websites 3011
b. Portal data 3012
c. Local file shares 3013
d. Exchange folders 3014
e. Legacy systems 3015
f. Databases 3016
g. Document management systems 3017
h. Service desk systems 3018
i. Homeport 3019
3020
The ES Contractor shall: 3021
a. Maintain and operate the current capabilities of SearchNAVY in accordance with the 3022
detailed SearchNAVY requirements provided in Reference AXXXX, Content Discovery 3023
Requirements. 3024
b. Provide a self-service capability for the specified Government representatives to obtain 3025
usage heuristics. 3026
c. Restrict access and usage to sub-sites or specific content areas when directed by the 3027
Government. 3028
3029
3.3.26 Collaboration Services 3030
Defense Connect Online (DCO) provides Web conferencing (to include audio, video, chat, 3031
instant messaging, screen sharing etc.) and chat capabilities for DoD end users. DCO is 3032
composed of two commercial tools and a custom portal for access. Adobe Connect is the Web 3033
conferencing application and Jabber is the XMPP secure chat service and client. 3034
3035
The ES Contractor shall: 3036
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
118
a. Operate and maintain desktop tools and browser configurations to enable end users on the 3037
NGEN network the ability to fully utilize the collaboration functionality provided by 3038
DCO as contained in USCYBERCOM Communications Tasking Order (CTO) 10-033A. 3039
b. Integrate and install updated or revised NCES services. 3040
3041
3.3.27 Voice over Internet Protocol (VoIP) Options and Services 3042
VoIP Services enables voice communications over an Internet Protocol (IP) network interfaced 3043
with the Public Switched Telephone Network (PSTN). The NGEN VoIP system supports 3044
communications via analog and digital handsets, computer terminals, fax machines, and 3045
conference speakerphones [analog connections are via Analog Telephone Adapter (ATA) 3046
devices]. The NGEN VoIP system must be compliant with the DoD CIO Unified Capabilities 3047
Master Plan (UCMP) Version July 2011, the Defense Information Systems Agency (DISA) 3048
Unified Capabilities Requirement (UCR) Version 2008 Change 2, relevant security 3049
requirements, and VoIP relevant Security Technical Implementation Guides (STIGs) in order to 3050
deliver Assured Services (AS) capabilities. 3051
3052
DSN trunks, NSA approved Type-1 encryption devices, as well as PSTN, Federal 3053
Telecommunications Service (FTS) / Networx, and DSN circuits will be Government Furnished 3054
Property (GFP). 3055
3056
The ES Contractor shall: 3057
a. Support the delivery of VoIP services 3058
i. Operate and maintain assigned VoIP components e.g.: 3059
a) Media servers. 3060
b) Application servers. 3061
c) End user devices and handsets. 3062
d) VoIP-enable fax machines. 3063
ii. Update continually NGEN VoIP design as well as Certification and Accreditation 3064
(C&A) documentation for end-to-end VoIP configurations for all components 3065
[e.g., Quality Of Service (QOS) aware gateways, switches, routers, servers, PSTN 3066
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
119
interfaces, end user devices, Local Session Controllers (LSC), Edge Boundary 3067
Controllers (EBC), and other equipment supporting VoIP services]. 3068
iii. Maintain telephony administration database that includes a web interface for end 3069
users and captures monthly usage information [e.g., individual base, command, 3070
and Physical Site Identifier (PSI)]. 3071
iv. Provide Move, Add, and Change (MAC) services for assigned VoIP components 3072
in accordance with the NGEN MAC process. 3073
v. Provide receipt, tracking, and resolution of assigned VoIP incidents in accordance 3074
with the NGEN Incident Management process. 3075
3076
3.3.28 Unclassified Mobile Phone Services 3077
Unclassified Mobile Phone Services are a comprehensive set of wireless cellular capabilities, 3078
available through multiple carriers with the service plans to support end users throughout the 3079
United States and its territories, which includes cellular phones, Personal Digital Assistant 3080
(PDA) devices, paging services, and cellular data network access devices. 3081
3082
The ES Contractor shall: 3083
a. Provide data integration services of Government furnished mobile devices (e.g., iPhone, 3084
iPad, BlackBerry, and Android) to: 3085
i. Enable secure email, text, tethering, and messaging services. 3086
ii. Integrate Government provided cellular data card and service from a Tier 1 3087
mobile services provider (e.g., AT&T, Sprint, and Verizon). 3088
b. Collaborate with designated Government representatives to enable delivery on a new 3089
account order within 14 business days of receiving the request. 3090
c. Provide ongoing end user support initiated through requests to the NGEN Service Desk. 3091
3092
3.3.29 Classified Mobile Phone Services 3093
Classified Mobile Phone Services provide classified voice services that are certified by the 3094
National Security Agency (NSA) and are compliant with DOD Directive 8100.2. Secure 3095
Wireless Cellular Service consists of cellular data network access services and the connection of 3096
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
120
Government-supplied Secure Multi Environment Personal Electronic Devices (SME PED) and 3097
SIPRNet email accounts. The SME PED, with its dedicated infrastructure, provides end-to-end, 3098
secure solutions for voice and data to Senior Commanders and their senior staff members. 3099
3100
The ES Contractor shall: 3101
a. Provide data integration services of classified Government furnished SME PEDs to: 3102
i. Enable secure classified email, text, tethering, and messaging services. 3103
ii. Provide integration to the DOD Light Directory Access Protocol (LDAP) or the 3104
Online Certificate Status Protocol (OCSP) servers for real time certificate 3105
validation of the SIPRNet hard tokens. 3106
b. Operate and maintain the SME PED Management Server and software. 3107
c. Operate and maintain a dedicated Mail Proxy Server connected to the Microsoft 3108
Exchange system. 3109
d. Operate and maintain a dedicated Policy and Management Server. 3110
e. Review, comply with, and implement Security Technical Implementation Guide (STIG) 3111
requirements for wireless STIG. 3112
f. Prepare all certification documentation required for the Authority to Operate (ATOs) 3113
from the Navy Operational Designated Approval Authority (ODAA). 3114
3115
3.3.30 Video Teleconferencing (VTC) Services 3116
Video Teleconferencing (VTC) Services are comprised of the hardware, software, network, and 3117
scheduling services necessary to deliver real time video and audio communications between end 3118
users at two or more locations. 3119
3120
VTC Services include: 1) cameras; 2) coder-decoder (CODECs); 3) monitors; 4) onscreen 3121
menus; 5) dynamic speaker technology; 6) far-end camera control; 7) collaborative tools; 8) 3122
VTC scheduling set-up and operations; 9) Internet Protocol (IP) infrastructure; 10) multi-session; 3123
11) Multi-point Control Unit (MCU) bridging service; and, 12) remote diagnostics. The VTC 3124
Services provide VTC connectivity throughout NGEN and with external participants via high 3125
bandwidth communications, point-to-point, and point-to multi-point switching. 3126
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
121
3127
The ES Contractor shall: 3128
a. Operate and maintain hardware, software, and scheduling tools required for end users to 3129
conduct video conferences with other parties on the network or on other DON, DoD, 3130
federal, or commercial networks. 3131
b. Comply with DISA Uniform Capabilities Requirements and Federal Telecommunications 3132
Recommendations (FTR) 1080B-2002 standards (H.320 and H.323) for IP VTC sessions 3133
for all future designs. 3134
c. Support the following service elements: 3135
i. Fixed Video: Configure, operate, and maintain existing audio-visual services in 3136
existing dedicated facilities where end users can initiate and participate in live 3137
video teleconferences connectivity within and external to NGEN. Configure, 3138
operate, and maintain room cameras with full area coverage, large monitors, on-3139
screen menus, dynamic speaker technology, far end camera control, as well as 3140
video player and recorder capability. 3141
ii. Moveable Video: Configure, operate, and maintain movable VTC capability. 3142
iii. Desktop: Configure capability for end users to participate in live video 3143
teleconferences from any NGEN seat. 3144
d. Provide facilitator-assisted videoconference setup and operation on a 24x7x365 basis. 3145
e. Configure video service to be delivered via Integrated Services Digital Network (ISDN) 3146
or other digital transmission service. 3147
f. Configure VTC system that enables the routing of video calls: 3148
i. To off-net locations over the NGEN to the NGEN location nearest the destination 3149
point. 3150
ii. Over the Defense Information Systems Network (DISN) Video Services Global 3151
(DVS-G) or Federal Telecommunications System 2001 (now General Services 3152
Administration Network Contract), ISDN, and other commercial digital services 3153
when specified by the end user. 3154
g. Configure the equipment to support transfer of multimedia data (e.g., text, graphics, 3155
images, video, and audio) to a format the receiving side can integrate. 3156
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
122
h. Provide remote diagnostics for videoconferencing from the NOCs. 3157
i. Provide software distribution and upgrades to videoconference software and firmware. 3158
j. Configure NGEN VTC system to support multi-point bridging. 3159
k. Configure movable VTC seats to operate over temporary connections such as the 3160
Deployable Site Transport Boundary (DSTB). 3161
3162
3.3.31 End User Computing Services 3163
End User Computing Services include the provisioning, storage, configuration, integration, 3164
installation, operation, maintenance, and end-of-life disposal of classified and unclassified 3165
workstations (fixed or portable) and deployable workstations and associated peripherals. 3166
3167
3.3.31.1 Workstations (Fixed, Portable, or Virtual) 3168
The ES Contractor shall: 3169
a. Provide end user hardware as a service (ES Contractor owned HW[dls1]), if ordered. 3170
b. Procure, ship, track, stage, configure, and install hardware and software (including GFE 3171
equipment) based on NGEN orders (classified and unclassified). 3172
i. Provide and track equipment and execute custody transfer of any GFE hardware 3173
received at the site in accordance with FAR 52.245-1 (Alt 1) and the ES Asset 3174
Management Implementation Plan (AMIP). 3175
a) End user computers (ES provided) 3176
b) Additional hardware and peripherals (GFE or ES provided) 3177
c) Computer /Electronic Accommodations Program (CAP-Section 508) HW 3178
(GFE) 3179
ii. Update asset and configuration management databases as required in accordance 3180
with the NGEN Asset and Configuration Management plans. 3181
a) Perform asset identification, scanning and logging of assets that have been 3182
delivered (tagging). 3183
iii. Configure and deploy end user HW and SW. 3184
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
123
a) Configure HW with core build, Functional Area Manager (FAM) 3185
approved applications, NGEN certified applications, and approved SW to 3186
the HW identified in end user profiles. 3187
i. Support COI-specific core build integration for all NGEN COIs 3188
[e.g., NCIS, NNPI, unclassified, classified, NLSO (Tax), and 3189
PACOM]. 3190
b) Configure workstations based on DAA approved configurations, DoD and 3191
DON policy and guidance to include the Defense Information Systems 3192
Agency (DISA) Security Technical Implementation Guidelines (STIGs), 3193
DISA Enclave STIG, and SECNAVINST 2075.1 Guidance as specifically 3194
agreed upon and approved by the Navy Operational Designated 3195
Approving Authority (ODAA) for the Network. 3196
c) Configure all workstations to include a DoD-approved smart card reader 3197
in accordance with DoD Directive 8190.3 and DoD Instruction 8520.2, 3198
Smart Card Technology. 3199
d) Configure all workstations in the NGEN environment so they are locked 3200
down and no additional software can be added by the end user with the 3201
exception of plug and play and approved devices or print drivers[dls2]. 3202
iv. Perform data migration from previous to new HW, as applicable. 3203
a) Provide access to migrated data or external data storage devices to ensure 3204
end user data sources are valid and accessible. 3205
b) Transfer data from external devices enabled with Data at Rest (DAR) 3206
solutions. 3207
v. Notify the Government Custodian or designated representative that equipment has 3208
been delivered, data migrated and installed applications are functioning properly. 3209
vi. Install and Deploy clients and additional peripheral hardware. 3210
a) Provide onsite resources to support deployment and operational validation 3211
of clients. 3212
i. Develop workstation deployment test plan to be approved by the 3213
Government. (CDRL A026 – Test Plans) 3214
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
124
ii. Conduct performance tests on each workstation after it is fully 3215
loaded with all applicable software and security configurations in 3216
accordance with Contractor provided and Government approved 3217
workstation test plan. 3218
a. Ensure client can map to network printers and assigned 3219
network drives. 3220
b. Ensure Email client has been configured and mail is 3221
operational and integrated with smart card reader. 3222
c. Ensure core build software is available and operational. 3223
d. Ensure transferred data is available and complete. 3224
vii. Maintain installed end user equipment 3225
a) Repair or replace defective end user hardware. 3226
b) Manage warranties on end user hardware. 3227
c) Provide loaner or spare end user hardware to end users during the period 3228
that their equipment is not available for use. 3229
d) Upgrade client software upgrades, configurations, tool extensions, and 3230
templates, in accordance with the Government-approved core build 3231
Software Update Plan, DAA approved configurations, IAVA or IAVMs or 3232
as directed by the Government to meet emergent security requirements. 3233
e) Install additional end user HW and SW, at the end user location including 3234
connecting approved peripherals (as ordered). 3235
f) Provide the capability to access and load approved device drivers online 3236
via available website to include printer drivers. 3237
g) Dispose of end-of-life classified and unclassified workstations and 3238
associated peripherals in accordance with FAR 52.245-1 (Alt 1). 3239
3240
3.3.31.2 Portable End User Device (Computing Services) 3241
In addition to the above, the ES Contractor shall configure and deploy portable end user HW and 3242
SW with the following capabilities: 3243
a. Battery power display and management tools. 3244
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
125
b. 802.11 a/b/g/n wireless connectivity hardware. 3245
c. 802.11 a/b/g/n wireless connectivity management software. 3246
3247
3.3.31.3 Deployable End User Computing 3248
In addition to the above, the ES Contractor shall provide, maintain, and support deployable end 3249
user devices for use in an expeditionary or field environment: 3250
a. Provide deployment support services and logistics support services of loaners and spares 3251
for operational forces in a deployed environment. 3252
b. Provide worldwide logistics support for deployed end user devices and software to meet 3253
war fighter requirements including: 3254
i. Replacement devices for deployed hardware. 3255
ii. Integration of forward "points of service”. 3256
iii. Remote troubleshooting. 3257
iv. Technical liaison and support for Deployed Naval Unit Information Technology 3258
(IT) specialists. 3259
c. Coordinate with the Government to have spares available (up to 5% whole unit and up to 3260
5% hard drive of deployed devices), as part of the Pack up Kit (PUK) to facilitate 3261
operations at sea or for forward deployed locations. 3262
d. Provide to the Government alerts of equipment failures while deployed. 3263
e. Ensure that any replacement parts are shipped via means approved by the Government. 3264
f. Assume all costs associated with the commercial shipment of devices and spares to 3265
deployed units. 3266
g. Perform configuration, reconfiguration, upgrades, and software maintenance upon return 3267
of the deployed devices and prior to reconnection with the shore NGEN infrastructure in 3268
accordance with the pertinent IAVA. 3269
i. Reconfigure deployed end user devices for return and interface with NGEN in the 3270
event that the Government IT support does not return with the unit. 3271
ii. Submit the required MACs[dls3] 3272
iii. Scan the returning deployable end user devices, if requested by Government, to 3273
validate compatibility with the network. 3274
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
126
h. Provide deployable end user devices that are capable of interfacing with 1) IT-21 3275
shipboard networks; 2) the Marine Corps Tactical Network (MCTN); 3) the ONE-NET 3276
environment; and. 4) other DON and DoD networks. 3277
i. Provide deployable services for scheduled movements that are known in advance, 3278
contingency operations, and other unplanned movements. 3279
j. Provide trained DON IT personnel system administrator rights to perform all functions 3280
required to operate and maintain deployed end user devices in the embarked 3281
environment. 3282
k. Maintain needed curricula to train end users in the use of NGEN equipment in deployed 3283
environments. 3284
i. Provide the curricula electronically via the DON Portal Environment (currently 3285
Homeport) for use by the NGEN end user community. 3286
ii. Update the curricula continually to incorporate relevant changes in the 3287
deployment tools, processes, and networks. 3288
l. Provide the tools and training to enable deployed command to locally rebuild end user 3289
devices. 3290
m. Provide a copy of the core build media and authorized application software loaded on the 3291
deployed end user devices to facilitate a rebuild. 3292
n. Provide email redirection, forwarding, and reimplementation of full service email for 3293
deployed accounts. 3294
o. Provide email redirection to a “.mil” or “.gov” address only. 3295
p. Implement and maintain the email redirection capability to allow deployed end users to 3296
remotely and securely start, stop, or modify their email redirection configuration. 3297
q. Provide an automated web based deployable tool solution to allow the Government IT 3298
unit to remotely choose, schedule, and execute the deployment of end user devices. 3299
3300
DON Desktop Virtualization Services Implementation 3301
The ES Contractor shall implement Desktop Virtualization services to provide a server-centric 3302
computing model that supports the delivery of end user services such as data storage and 3303
messaging services in accordance with requirements outlined in (Attachment).[LM4] 3304
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
127
3305
3.3.31.4 Desktop Virtualization Services 3306
Desktop Virtualization Services provide a server-centric computing model for delivery of end 3307
user services. 3308
3309
The ES Contractor shall: 3310
a. Operate and maintain the NGEN Desktop Virtualization services. 3311
b. Procure, ship, track, stage, configure, and install Desktop Virtualization HW and SW 3312
equipment (classified and unclassified). 3313
i. Deliver and tag ordered services and associated HW in accordance with FAR 3314
52.245-1 (Alt 1) and the AMIP including: 3315
a) Desktop Virtualization client terminals. 3316
b) Optional HW and peripherals (GFE or ES Contractor provided). 3317
ii. Update asset and configuration management databases as required in accordance 3318
with the AMIP, CMIP, and the FAR 52.245-1 (Alt 1). 3319
a) Perform asset identification, scanning, and logging of assets that have 3320
been delivered. 3321
iii. Configure and deploy Desktop Virtualization HW and SW. 3322
a) Configure servers withthe NGEN core build and other Functional Area 3323
Manager (FAM) approved, NGEN certified software. 3324
i. Support COI specific core build integration for all NGEN COIs 3325
[e.g., Naval Criminal Investigation Service (NCIS), Naval Nuclear 3326
Propulsion Information (NNPI), unclassified, classified, Naval 3327
Legal Service Office (NLSO-Tax), Pacific Command (PACOM)]. 3328
ii. Configure servers based on DAA approved configurations. 3329
iii. Configure servers to comply with DoD and DON policy and 3330
guidance [e.g., 1) Defense Information Systems Agency (DISA) 3331
Security Technical Implementation Guidelines (STIGs); 2) DISA 3332
Enclave STIG; and, 3) SECNAVINST 2075.1 guidance as 3333
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
128
specifically interpreted by the Navy Operational Designated 3334
Approving Authority (ODAA) for the Network]. 3335
iv. Configure all Desktop Virtualization client HW to include a DoD-3336
approved smart card reader in accordance with DoD Directive 3337
8190.3 series and DoD Instruction 8520.2 series. 3338
iv. Perform data migration from previous end user data stores to new Desktop 3339
Virtualization server(s) and associated storage HW, as applicable, including 3340
devices enabled with DAR solutions. 3341
v. Install Desktop HW. 3342
a) Provide onsite resources to support deployment and operational validation 3343
of virtualized clients. 3344
i. Develop Desktop Virtualization performance test plan (CDRL 3345
A024 – Test Plans). The minimum set of validation tests are: 3346
a. Validation the Desktop Virtualization client HW can map 3347
to network printers and assigned network drives. 3348
b. Validate email client has been configured and mail is 3349
operational and integrated with the smart card reader. 3350
c. Validate the core build SW is available and operational. 3351
d. Validate the transferred data is available and complete. 3352
ii. Conduct a core set of performance tests on each Desktop 3353
Virtualization client HW in accordance with the Government 3354
approved test plan and document results. (CDRL A026 – Test 3355
Reports) 3356
vi. Operate and Maintain installed VDI service: 3357
a) Maintain assigned VDI. 3358
i. Microsoft SQL server. 3359
ii. Wyse Device Management server or Virtual Desktop Management 3360
server. 3361
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
129
b) Maintain Desktop Virtualization client HW in accordance with the 3362
requirements listed under End User Computing Services described in this 3363
PWS. 3364
c) Maintain the existing virtual application images that are common to all 3365
NGEN virtual desktop users and any other applications that are added 3366
through the appropriate application certification process. 3367
d) Provide client software upgrades, configurations, tool extensions, and 3368
templates. Implement these, in accordance with the Government approved 3369
Core Build Software Update Plan, the core build services outlined in this 3370
PWS, DAA approved configurations, IAVAs, or as directed by the 3371
Government to meet emergent security requirements. 3372
e) Remove from service end-of-life Desktop Virtualization client HW in 3373
accordance with FAR 52.245-1 (Alt 1). 3374
c. Expand the VDI, including deployment of additional servers and network storage. 3375
i. Develop and maintain a “virtual application store” from which authorized end 3376
users can select and run applications. 3377
ii. Applications can be run from Virtualized Desktops, thick clients, and other 3378
potential clients that are IA approved and authorized. 3379
a) When natively connected to the NGEN network. 3380
b) When remotely connected to NGEN. 3381
iii. Maintain a virtual image of active applications for a specified period of time 3382
during periods of thick client offline activity. 3383
iv. Synchronize data created while not connected to the network with the network 3384
storage when the thick client is reconnected to the NGEN network. 3385
d. Create a process and mechanism for authorized representatives to 1) add and remove 3386
applications; and, 2) authorize end users to use those applications. 3387
i. Provide Server Based Computing that provides Online terminal emulation of 3388
basic NGEN services excluding multimedia, video conferencing, and the Net 3389
Meeting application. 3390
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
130
a) Provide a web based solution that provides basic NGEN services to non-3391
NGEN end user workstations through a virtual front end. 3392
ii. Accommodate the special requirements of the Science & Technology (S&T) 3393
community by providing Server Based Computing (SBC) service to non-NGEN 3394
networks: 3395
a) Access NGEN core build applications through a web browser. 3396
b) Access the SBC servers through B2 connections that allow only SBC 3397
traffic from the designated S&T network to the SBC servers. 3398
c) Access the SBC servers through the public B1 via an authorized means 3399
[e.g., the Citrix Access Gateway (CAG)]. 3400
3401
3.3.31.5 Navy Recruiting Command (NRC) Mobile Computing Solution 3402
The ES Contractor shall: 3403
a. Provide ongoing support for the mobile computing devices (convertible laptops) used by 3404
the Navy Recruiting Command (NRC). 3405
i. Provide Tier 1 and Tier 2 Service Desk support to 27 NRC System 3406
Administrators, including 1 designated System Administrator at each of the 26 3407
Navy Recruiting Districts (NRD) and 1 designated System Administrator at Navy 3408
Recruiter Orientation Unit (NORU) Pensacola FL. Provide Service Desk support 3409
during normal working hours of 0800-1700 local time, Monday through Friday 3410
(i.e., 9 hours a day x 5 days a week), across the 4 continental U.S. time zones. 3411
ii. Provide NGEN break-fix support for NRC Mobile Computing devices. 3412
iii. Provide software maintenance for the following: 3413
a) CAE Software Suite. 3414
b) Mobile Armor. 3415
c) MS Office Suite. 3416
d) MS SQL Server. 3417
e) Active Client. 3418
f) VM Ware. 3419
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
131
iv. Provide software updates to the Mobile Recruiter Build (MRB) as needed, up to 3420
three times per year. 3421
v. Provide one (1) free MAC per Mobile Computing unit, per year. (move into MAC 3422
section) 3423
3424
3.3.32 Optional Hardware and Software Services 3425
Optional Hardware and Software Services provide: 1) enhanced, optional SW, HW, and HW 3426
peripherals to end users; and, 2) the associated engineering services required to support the 3427
installation of the optional SW, HW, and HW peripherals. End users may choose from a wide 3428
selection of items that utilize the latest Commercial off the Shelf (COTS) technology to best 3429
meet their requirements beyond the basic services. The term “optional” means SW, HW, and 3430
HW peripherals determined and ordered by the Government as an option that the Contractor 3431
must fulfill. 3432
3433
The ES Contractor shall: 3434
a. Publish a catalog of optional SW, HW, and HW peripheral service options certified for 3435
use on the network. The catalog will include: 1) the original equipment manufacturer 3436
(OEM) name; 2) make of the SW, HW, and HW peripherals; 3) model of the HW; 4) 3437
version of the SW; and, 5) the date the item was certified for use on the network. 3438
b. Operate and maintain optional HW and HW peripherals ordered by the Government. 3439
c. Operate and maintain optional SW ordered by the Government. This service will include 3440
providing SW updates and patches. 3441
d. Provide optional peripherals for cellular service to provide enhanced use via a CLIN 3442
ordering process. 3443
3444
3.3.33 Printing Services 3445
Printing Services include labor, HW, and SW to enable end users to access and use local and 3446
network printers. 3447
3448
The ES Contractor shall: 3449
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
132
a. Provide print services to the Government (ES Contractor owned HW). 3450
b. Provide printers on a tiered basis: 3451
i. Tier 1: Black and white printers. 3452
ii. Tier 2: Color printers. 3453
iii. Tier 3: Other printers [e.g., color plotters, Multi-Function Devices (MFD), and 3454
color photography printers]. 3455
c. Provide, operate, and maintain printers in accordance with below requirements: 3456
i. Provide an end user to printer ratio that does not exceed twenty-five to one (25:1) 3457
for networked black and white printers. 3458
ii. Provide access to a networked black and white printer within fifty (50) feet of 3459
each end user device where access does not cross a physical security boundary or 3460
a safety hazard. 3461
iii. Provide an end user to printer ratio that does not exceed one hundred to one 3462
(100:1) for networked color printers. 3463
iv. Provide access to a networked color printer within two hundred (200) feet of each 3464
end user device where access does not cross a physical security boundary or a 3465
safety hazard. 3466
v. Provide printers on the same floor as the supported end user device with no 3467
separation by ceilings, floors, or true walls. 3468
vi. Provide local print solutions to remote and Very Small Site Design (VSSD) end 3469
users which meet NGEN print capability requirements. 3470
vii. Provide maintenance and troubleshooting services for Contractor owned printers 3471
with the exception of consumables as defined by the OEM. 3472
d. Integrate and deploy NGEN approved printers. 3473
i. Provide configuration and connection services for Contractor owned printers, 3474
printers ordered from the catalog, and Government furnished printers. 3475
ii. Provide the capability for end users to map and connect to any available 3476
networked NGEN printer. 3477
iii. Operate and maintain capability for end users to download and install current, 3478
certified printer drivers from the NGEN website (currently Homeport). 3479
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
133
iv. Configure, operate, and maintain print servers. 3480
v. Remove from service Contractor owned printers that are no longer supported by 3481
the manufacturer or are inoperable for more than thirty (30) consecutive days. 3482
3483
3.3.34 Desk Side Support Services 3484
Desk Side Support Services consist of providing assistance with computer HW, SW, or other 3485
electronic or mechanical devices. Desk Side Support is in support of a trouble ticket that has 3486
been transferred from the initial Service Desk Service. VIP support capability provides specified 3487
NGEN end users in key leadership and management positions with enhanced help desk and desk 3488
side service support. 3489
3490
The ES Contractor shall: 3491
a. Provide on-site (base, post, camp, station) technical support to all NGEN end user bases, 3492
including clients, servers, legacy systems, computer HW, SW, and other electronic base, 3493
waterfront and pier side equipment. 3494
b. Investigate, resolve, and report causes and corrective actions for all issues identified 3495
through Service Desk. 3496
c. Maintain a sufficient loaner equipment pool to support break-fix scenarios. 3497
d. Define and follow transfer or escalation procedures to ensure timely resolution of 3498
assigned trouble tickets. 3499
e. Provide touch labor support to physically move or transfer HW or SW in accordance with 3500
Move Add Change (MAC) service. 3501
f. Comply in accordance with FAR 52.245-1 (Alt 1). 3502
g. Provide dedicated and elevated support services, consisting of continuous technical 3503
support and rapid remediation in the event of failures in the following areas: 3504
i. End User Problem Resolution. 3505
ii. MAC services in accordance with Government priority. 3506
iii. Enhanced VIP Desk Side end user support on a 24x7 basis. 3507
h. Comply with Government approved issue escalation and problem resolution processes. 3508
i. Provide for receipt of MAC requests from Government ordering tool (e.g., NET). 3509
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
134
j. Maintain web enabled tools for tracking status of requests. 3510
k. Generate and submit monthly MAC Backlog Exception report. 3511
l. Provide a single point of contact to interface with the Service Request Management 3512
(SRM) team for IMAC services. 3513
m. Update assigned change or trouble ticket as the status changes. 3514
n. Close tickets only when approved by Government representatives, to include the end user 3515
that submitted the ticket. Tickets may be closed without Government approval after 3 3516
non-responses to attempts to contact the end user over 6 business days. 3517
o. Execute physical MACs on site during business hours, 0600 to 1800 local, on 3518
Government work days only. 3519
p. Provide at no additional cost one MAC per end user per year. 3520
3521
3.4 IT Service Management (ITSM) 3522
The objectives of the NGEN ITSM are to: provide for stability of the current environment 3523
during the transition to NGEN; ensure reliable quality of service to end users with continuous 3524
service improvement; respond to dynamic mission requirements; and establish the mechanisms 3525
to continually improve service management. 3526
3527
IT Service Management (ITSM) is a shared service. The ES Contractor is designated as the 3528
Primary Process Manager and the TXS Contractor is designated as the Supporting Process 3529
Manager. The Contractors shall collaborate with each other and any other service providers to 3530
provide common management of the services described below. 3531
3532
The Contractors shall: 3533
a. Designate a Process Manager POC for each of the NGEN ITSM processes. 3534
b. Designate a Service Manager POC for each of the NGEN services. 3535
c. Coordinate with other service providers to develop, document, implement, manage, 3536
execute, and improve end-to-end processes and procedures. 3537
d. Develop process metrics in collaboration with the Government and other service 3538
providers. 3539
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
135
e. Provide monthly process metric analysis and assessment within the monthly In-Progress 3540
Review (IPR). (CDRL A007 – Monthly Status Report) 3541
f. Collaborate with other segment Contractors to avoid service disruption caused by a lack 3542
of coordination. 3543
g. Participate in monthly and emergency service and process council meetings. 3544
h. Develop a Service Management Plan (SMP) in collaboration with the Government and 3545
other service providers to address how the ITSM processes, procedures, and tools are 3546
managed, executed, measured, and controlled to successfully deliver the services: (CDRL 3547
A042 – Service Management Plan – Under Development)[LM5] 3548
i. Service Catalog Management 3549
ii. Capacity and Demand Management 3550
iii. Availability Management 3551
iv. Service Asset Management 3552
v. Configuration Management 3553
vi. Change Management 3554
vii. Release and Deployment Management 3555
viii. Knowledge Management 3556
ix. Event Management 3557
x. Incident Management 3558
xi. Request Management 3559
xii. Problem Management 3560
3561
The ES Contractor shall provide the consolidated Service Management Plan to the Government 3562
as required. (CDRL A042 – Service Management Plan – Under Development[LM6])[LM7] 3563
3564
3.4.1 Service Management Tools 3565
Service Management Tools include the operation and maintenance of the applications, data 3566
bases, sensors, associated software, servers, portal connections, and report generators that 3567
support the management of network, computing, and security services. 3568
3569
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
136
Service Management Tools are shared. The ES Contractor is designated as the primary service 3570
provider, and the TXS Contractor is designated as the supporting service provider. 3571
The Contractors shall collaborate with each other and any other service providers to provide 3572
common management of the services described below: 3573
a. Operate and maintain Contractors’ service management tools. Current suite of service 3574
management tools is provided as an Attachment. Processes and functions that must be 3575
supported by the Contractors' service management tools are provided as an Attachment. 3576
i. Provide licenses for NGEN Government and Contractor personnel with network 3577
management responsibilities. 3578
ii. Provide access to tools and associated data bases to designated Government 3579
personnel and to other Contractor personnel requiring access to view and generate 3580
reports. Such access will generally be limited read only except as otherwise 3581
defined in the NGEN Program CONOPS. 3582
iii. Implement patches, DISA STIGS, updates, and revisions as they become 3583
available. 3584
iv. Integrate service management tools across the Multi-Contractor environment. 3585
b. Propose improvements to the existing NGEN tools and associated systems that reduce 3586
Government costs or improve capabilities. Include a cost estimate for implementation 3587
and integration into the overall NGEN tools architecture, a schedule for implementation, 3588
and a business case that addresses projected cost savings for the Government. Needs to 3589
be included in and IPR section. 3590
c. Notify the Government of any COTS tools that within two years will reach end of life, 3591
end of service, or end of software maintenance release, in accordance with 3592
SECNAVINST 5230.15, Information Management/Information Technology Policy for 3593
Fielding of COTS software. 3594
d. Register all new tools in DADMS. 3595
3596
In addition to above, the ES Contractor shall integrate Government, ES, TXS, and other NGEN 3597
Contractors tools, into an Enterprise management capability. 3598
3599
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
137
3.4.2 Continual Service Improvement (CSI) Process 3600
Continual Service Improvement (CSI) process is improvement of IT service management, 3601
performance, processes and supporting tools. 3602
3603
Continual Service Improvement (CSI) is a shared process. The ES Contractor is designated as 3604
the primary service provider, and the TXS Contractor is designated as the supporting service 3605
provider. The Contractors shall collaborate with each other and any other service providers to 3606
provide common management of the services described below: 3607
a. Execute CSI in accordance with the SMP. 3608
b. Perform service and process evaluations and provide recommendations. 3609
i. Submit CSI recommendations as part of the monthly IPR. 3610
ii. Execute the next steps identified and approved at the IPR. 3611
c. Implement modified processes or services as approved by the Government. Update 3612
appropriate processes and documentation, as required, through the NGEN Configuration 3613
Management Process. 3614
d. Assess the enhanced processes or services, no later than 6 months post implementation, 3615
and include the assessment as part of the monthly IPR. 3616
e. Conduct a trend analysis of NGEN services quarterly and include as part of the monthly 3617
IPR. 3618
3619
3.4.3 Service Design Processes 3620
Service Design Processes is a shared process. The ES Contractor is designated as the primary 3621
service provider, and the TXS Contractor is designated as the supporting service provider. The 3622
Contractors shall collaborate with each other and any other service providers to provide common 3623
management of the services described below. 3624
3625
3.4.3.1 Service Catalog Management 3626
The purpose of Service Catalog Management (SCM) is to provide a single, accurate, consistent 3627
source of information on all available NGEN products and services. 3628
3629
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
138
The Contractors shall: 3630
a. Establish and maintain a Technical Service Catalog that includes service offerings that 3631
align with the NGEN Service Catalog. 3632
b. Integrate the Technical Service Catalog with the NGEN Service Catalog in accordance 3633
with the CMIP. 3634
3635
In addition to the above, the ES Contractor shall maintain and submit a consolidated Technical 3636
Service Catalog. 3637
3638
3.4.3.2 Service Level Management (SLM) 3639
The purpose of Service Level Management is to ensure that an agreed upon level of service is 3640
provided for all IT services, and that future services are delivered in accordance with SLRs. 3641
Proactive measures are also taken to seek and implement improvements to the level of service 3642
delivered. Service Level Management encompasses Service Level creation, updates and 3643
assessments, and is responsible for monitoring performance to ensure SLRs are upheld. 3644
3645
The Contractors shall: 3646
a. Establish and maintain processes and procedures to support service coordination and 3647
collaboration with the Government and other service providers. 3648
b. Identify common management approaches and procedures to ensure that services are 3649
provided effectively and efficiently across the NGEN enterprise regardless of contractual 3650
boundaries. 3651
c. Design and implement Service Level Management tools, processes, and procedures that 3652
align with the Government Service Level Management Processes. 3653
d. Develop a Service Level Management Plan to ensure all operational services and their 3654
performance is measured in a consistent manner throughout the IT organization. The 3655
plan shall include: 3656
i. Service Level Management procedures. 3657
ii. Specific and measurable service levels for each service offered in the Service 3658
catalog. 3659
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
139
iii. Clear and unambiguous service targets. 3660
iv. Method for monitoring service targets. 3661
e. Execute approved changes to SLRs. 3662
f. Develop and implement cross supplier procedures to enable integrated enterprise 3663
reporting. 3664
i. Report all breaches of service in accordance with the Incident Management 3665
Process. 3666
ii. Identify cause of loss of service and how to prevent recurrence. 3667
iii. Identify service levels that are unachievable and recommend different service 3668
targets to the Government. ( all been met under NMCI and) 3669
i. Implement an automated solution for tracking and managing service levels. 3670
j. Conduct service reviews, as part of the Monthly IPRs, to: 3671
i. Review with the Government all IT Services to be included in the Service Catalog 3672
ii. Provide status of service level monitoring. 3673
k. Ensure alignment of SLRs against Operational Level Agreements (OLAs), Underpinning 3674
Contracts with external providers of IT products and services, and IT capabilities (i.e. 3675
Availability, Capacity). 3676
l. Recommend service improvement to the Government. 3677
m. Develop NGEN service improvement plans to be submitted to the Government. 3678
3679
In addition to the above, the ES Contractor shall: 3680
a. Collect, organize and integrate service improvement recommendations from the TXS 3681
Contractor and collaboratively develop NGEN service improvement plans to be 3682
submitted to the Government. 3683
b. Collect, organize, and provide to the Government results of Government led Cross 3684
Supplier Service Reviews. 3685
c. Monitor end-to-end service performance against Service Level Agreements and produce 3686
and submit consolidated service reports. 3687
3688
3.4.3.3 Capacity and Demand Management 3689
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
140
Capacity Management addresses the capacity and performance of IT services and systems to 3690
meet the current and future business requirements in the most cost-effective and timely manner. 3691
The objectives of Capacity Management are to optimize performance and efficiency as well as 3692
provide information to plan for and justify financial investments. Demand Management 3693
provides a decision-making and analysis framework that utilizes available capacity, mission, and 3694
business data to assess demand for services. 3695
3696
The Contractors shall: 3697
a. Develop and implement an NGEN Capacity and Demand Management Plan in 3698
coordination with the Government and other NGEN providers (i.e., DISA). (CDRL A043 3699
– Demand and Capacity Management Plan) 3700
b. Identify and analyze NGEN service and component capacity and demand requirements 3701
and develop metrics and measurements to implement capacity and demand management. 3702
c. Perform capacity and demand management in accordance with the NGEN Capacity and 3703
Demand Management Plan. 3704
d. Extend the instrumentation of the NGEN environment to monitor the capacity and 3705
demand metrics identified in the NGEN Capacity and Demand Management Plan and 3706
incorporate into the EPMD and CPMD. 3707
e. In collaboration with NGEN operations, engineering, and services providers, recommend 3708
service modifications that optimize the use of the existing infrastructure. (CDRL A008 – 3709
Continuous Service Improvement Plan) 3710
f. Document and assess the current and future demands for services and computing 3711
resources as well as future plans for workload growth. 3712
i. Document influences and projections on demand for computer and network 3713
resources. 3714
ii. Incorporate capacity and demand engineering services into the requirements and 3715
design activities of new and modified services. Analyze measurement data to 3716
include the impact of new releases on capacity. 3717
g. Collect and analyze capacity and demand information and provide the outcome at the 3718
monthly In-Progress Review (IPR). 3719
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
141
3720
In addition to the above, the ES Contractor shall establish and implement, in collaboration with 3721
the Government, a system and tools to electronically capture, model, and readily generate 3722
tailored information on the capacity of and demand for services and systems. 3723
3724
In addition to the above, the TXS Contractor shall provide TXS input into the current and future 3725
demands for services and computing resources and future plans for workload growth for 3726
consolidation by the ES contractor to support the monthly IPR. (CDRL A007 – Monthly Status 3727
Report) 3728
3729
3.4.3.4 Availability Management 3730
The Availability Management process provides a framework to address the availability of 3731
services and infrastructures to meet mission needs in a cost-effective manner. 3732
3733
The Contractors shall conduct availability trend analysis of assigned systems and services against 3734
established thresholds and provide the outcome of this analysis and recommendations at the 3735
monthly IPR. (CDRL A007 – Monthly Status Report) 3736
3737
In addition to the above, the ES Contractor shall analyze and refine, as required, assigned NGEN 3738
service and component availability metrics and associated measurements. 3739
3740
3.4.4 Service Transition Processes 3741
Service Transition Processes are shared services. The ES Contractor is designated as the primary 3742
service provider, and the TXS Contractor is designated as the supporting service provider. The 3743
Contractors shall collaborate with each other and any other service providers to provide common 3744
management of the services described in the sections below. 3745
3746
3.4.4.1 Asset Management 3747
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
142
The NGEN Information Technology Asset Management (ITAM) program is governed in 3748
accordance with FAR 52.245-1 (Alt 1), which provides high level goals, objectives, and overall 3749
structure for managing Navy assets. 3750
3751
The Contractors shall: 3752
a. Develop and provide an Asset Management Implementation Plan (AMIP) in accordance 3753
with FAR 52.245-1 (Alt 1). (CDRL A021 – Asset Management Implementation Plan) 3754
b. Manage all assets within the NGEN environment in accordance with the approved AMIP 3755
and CMIP. 3756
c. Operate and maintain the NGEN CMDB and associated asset elements as identified in 3757
FAR 52.245-1 (Alt 1), and in accordance with the approved AMIP and CMIP. 3758
i. Provide the SW licenses necessary to operate and maintain the CMDB, which 3759
includes all NGEN GFE and CFE. 3760
ii. Upload and maintain all asset procurement data in the CMDB in accordance with 3761
the AMIP. 3762
d. Configure and mark all assets procured for the Government with the Unique Item 3763
Identifier (UII) in accordance with the criteria established in 1) the NGEN Item Unique 3764
Identification (IUID) Implementation Plan listed as an attachment in Section J; 2) 3765
DFARS 211.274, Item Identification and Valuation Requirements; and, 3) DFARS 3766
252.211-7003, Item Identification and Valuation for new asset procurements and legacy 3767
equipment undergoing maintenance. 3768
3769
In addition to the above, the ES Contractor shall: 3770
a. Provide an integrated, enterprise level view of all NGEN assets in the CMDB including 3771
the capability to develop, store, and disseminate structured, as well as ad hoc reports. 3772
b. Design, develop, implement, and maintain interface(s) with DoD asset systems [e.g., 3773
Defense Property Accountability System (DPAS)] in accordance with the approved 3774
AMIP. (CDRL A021 – Asset Management Implementation Plan) 3775
c. Assist the Government in performing audits and inspections and identify and correct asset 3776
discrepancies. 3777
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
143
d. Dispose of the end-of-life assets, including electronic media, in accordance with 3778
NETWARCOM NTD 03-11(DTG 021854Z May 11) and DON CIO policy (DTG 3779
221633Z Aug 10). Property shall be turned in to the Defense Logistics Agency (DLA) 3780
Disposition Services Site in accordance with DoD4000.25-1-M, Appendix C46A. 3781
3782
3.4.4.2 Configuration Management 3783
The NGEN CMP is the primary Configuration Management (CM) document for the program and 3784
defines the program CM approach, policies, processes, roles and responsibilities, and interactions 3785
with other processes such as Change Management listed as an attachment in Section J. The 3786
NGEN CMP addresses the major CM activities: 1) Configuration Identification; 2) 3787
Configuration Control, 3) Configuration Status Accounting (CSA); and, 4) Configuration 3788
Verification and Audit. The NGEN CM process is documented in the NPDM. 3789
3790
The Contractors shall: 3791
a. Develop and deliver the CMIP to the Government for approval. (CDRL A044 – 3792
Configuration Management Implementation Plan) 3793
b. Provide CM of the Configuration Items (CIs). 3794
c. Propose additional CIs for Government approval. (CDRL A008 – Continuous Service 3795
Improvement Plan) 3796
d. Manage the technical baselines. 3797
e. Audit configuration management activities. 3798
i. Execute monthly operational self-audits and provide reports in accordance with 3799
the CMIP. 3800
f. Perform annual Physical Configuration Audits (PCAs) to validate the system is 3801
accurately represented in the design documentation. (CDRL A045 – Configuration 3802
Audit Report) 3803
g. Perform annual Functional Configuration Audits (FCAs) to validate system test results 3804
meet the performance specification requirements. (CDRL A045 – Configuration Audit 3805
Report ) 3806
3807
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
144
In addition to the above, the ES Contractor shall provide, operate, and maintain an NGEN 3808
CMDB. 3809
a. Provide system administration for the NGEN CMDB. 3810
b. Provide regular updates of configuration records. 3811
c. Maintain all change records for CIs in the CMDB and communicate the status of all 3812
changes to the Government or authorized designee. 3813
d. Provide the ability for and allow the Government to generate tailored reports on CIs. 3814
e. Provide other NGEN service provider’s access to the CMDB as required. 3815
3816
3.4.4.3 Change Management 3817
Change Management enables beneficial changes, with minimum disruption to IT services, by 3818
ensuring changes are recorded, evaluated, authorized, prioritized, planned, tested, implemented, 3819
documented, and reviewed in a controlled manner. The NGEN Change Management process is 3820
documented in the NPDM. 3821
3822
The Contractors shall: 3823
a. Execute NGEN Change Management activities in accordance with the approved CMIP. 3824
i. Maintain and provide to the Government a list of names and roles of the systems 3825
administrators assigned to execute change activities. 3826
ii. Develop the change and remediation plan. (CDRL A046 – Change Remediation 3827
Plan) 3828
iii. Develop draft change communication including schedule, expectations, and any 3829
impacts to or changes in the associated service. 3830
iv. Test the change and remediation plan and report results. 3831
v. Implement the change. 3832
vi. Report unsuccessful changes and apply remediation as required. 3833
vii. Establish, maintain, and promulgate change schedules containing details of the 3834
approved changes and their proposed deployment dates. Use the schedules of 3835
change as the basis for planning the deployment of releases. (CDRL A047 – 3836
Forward Schedule of Changes – Under Development) 3837
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
145
3838
In addition to the above, the ES Contractor shall 3839
a. Support and participate in the ECCB and the Change Advisory Board (CAB), with input 3840
from the TXS Contractor. 3841
b. Document, deliver, and manage all Requests for Change (RFC) and associated change 3842
packages including inputs from all NGEN service providers in accordance with the 3843
CMIP. (CDRL A023 - Engineering Change Proposal - Request for Change) 3844
c. Provide a web accessible change documentation library that contains in development, 3845
requested, planned, in progress, and completed RFCs. Provide and manage access to the 3846
change documentation library as directed by the Government. 3847
3848
3.4.4.4 Release and Deployment Management 3849
The purpose of Release and Deployment Management (RDM) is to provide life cycle 3850
management to support the development, deployment, and reporting of services including HW 3851
and SW releases. The existing NGEN Release and Deployment Management process is 3852
documented in the NPDM. NGEN RDM supports: 3853
a. Quarterly software update releases. 3854
b. Semi-annual hardware upgrade releases. 3855
c. Urgent hardware and software release packages based on GDA, IAVA or IAVM, and 3856
other NGEN incidents. 3857
3858
The Contractors shall: 3859
a. Plan and document all NGEN planned builds and associated releases. 3860
i. Document, manage, and deliver all NGEN technical release packages including 3861
incorporation of inputs from all NGEN service providers. 3862
ii. Develop the Release and Deployment Plan. (CDRL A029 – Service Operations 3863
Report ) 3864
a) Develop the deployment schedule(s), remediation plan(s), and the 3865
supporting communications plan. 3866
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
146
b) Develop, as required, new or updated training package(s) as well as 3867
deployment and support documentation. 3868
c) Develop release test plans and procedures for the lab and live environment 3869
including pass or fail criteria and the criteria for deployment completion. 3870
b. Provide and present release packages to the CAB and the ECCB. (CDRL A003 – 3871
Presentation Material) 3872
c. Execute approved NGEN releases. 3873
i. Develop and obtain NetOps approval for the deployment of the release. 3874
ii. Develop draft release communication including schedule, expectations, and any 3875
impacts to or changes in the associated service. (CDRL A029 - Service 3876
Operations Report) 3877
iii. Stage and configure required deployment resources, systems, and tools and record 3878
Government ownership in accordance with the AMIP. 3879
iv. Prepare and execute operations turn-over checklists and track checklist 3880
completion. (CDRL A029 - Service Operations Report) 3881
v. Deliver release test reports including operator and end user impact information to 3882
the Government for review. (CDRL A029 - Service Operations Report) 3883
vi. Distribute, install, and verify deployment items. 3884
vii. Perform integrity, operability, and interoperability checks. 3885
viii. Track the deployment of the release and run remediation procedures, as needed. 3886
d. Review and close the deployment. 3887
i. Communicate deployment acceptance and completion to the Government. 3888
ii. Update site drawing packages, security documentation, integrated architectures, 3889
CIs, and the Asset and CM data bases throughout the RDM process. 3890
iii. Track and close release deployment issues. 3891
iv. Record the Lesson Learned within two weeks of completing the release. 3892
e. Conduct a monthly Post-Implementation Review. 3893
f. Produce a gap analysis between the intended and actual results of the NGEN release, and 3894
present process improvement recommendations at the IPR. (CDRL A008 – Continuous 3895
Service Improvement Plan) 3896
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
147
3897
In addition to the above, the ES Contractor shall store all release, design, deployment, testing, 3898
and technical documentation in the NGEN Technical Library provided by the ES Contractor. 3899
3900
In addition to the above, the TXS Contractor shall provide release, design, deployment, testing, 3901
and technical documentation to the ES Contractor for inclusion in the NGEN technical solution 3902
library. 3903
3904
3.4.5 Service Operations Processes 3905
Service Operations Processes is a shared process. The ES Contractor is designated as the 3906
primary service provider, and the TXS Contractor is designated as the supporting service 3907
provider. The Contractors shall collaborate with each other and any other service providers to 3908
provide common management of the services described below. 3909
3910
3.4.5.1 Event Management 3911
The purpose of Event Management is to collect, collate, filter, categorize, and respond to NGEN 3912
service and system events. The NGEN Event Management process is documented in the NPDM. 3913
3914
The Contractors shall: 3915
a. Execute Event Management in accordance with the SMP. 3916
b. Collect, monitor, detect, assess, display, notify, correlate and respond to events. 3917
c. Provide near real-time situational awareness of events (e.g., the status and impact on 3918
NGEN systems, IT services, and Navy operations). 3919
3920
In addition to the above, the ES Contractor shall: 3921
a. Provide near real-time integrated situational awareness (e.g., ES, TXS, DISA, and other 3922
service providers) of events (e.g., the status and impact on NGEN systems, IT services, 3923
and Navy operations). 3924
b. Publish Event Management correlated data from the NGEN Event Management tools in 3925
accordance with the NESP. 3926
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
148
3927
3.4.5.2 Incident Management 3928
The purpose of the Incident Management process is to document, track, and mitigate incidents as 3929
quickly as possible to support the return to normal service operation of the NGEN IT 3930
infrastructure and minimize adverse impact on mission operations. The NGEN Incident 3931
Management process is documented in the NPDM. 3932
3933
The Contractors shall: 3934
a. Execute Incident Management in accordance with the SMP. 3935
b. Participate in the monthly, Government led, Incident Management Review Board. 3936
3937
In addition to the above, the ES Contractor shall: 3938
a. Provide and manage access to the NGEN incident management tools to support the 3939
execution of the NGEN Incident Management Process. 3940
i. Integrate any additional incident management tools with the Government 3941
furnished tools. (CDRL A029 – Service Operations Reports) 3942
b. Manage the resolution of all NGEN IT incidents in accordance with the Government 3943
approved NGEN Incident Management process. 3944
i. Provide near-real time status of all NGEN IT incidents. 3945
ii. Maintain the NGEN Incident Management process in accordance with GDA. 3946
a) Log, correlate, categorize, prioritize, allocate, track, and escalate incidents. 3947
b) Provide prioritization recommendations of physical infrastructure and IT 3948
service incidents based on the Navy mission and operational impact. 3949
iii. Conduct an initial analysis of incidents and designate responsibility to the 3950
appropriate owners (e.g., the TXS Contractor and other service providers). 3951
iv. Convene, as required, the Incident Working Group to analyze, allocate, and 3952
resolve joint incidents. 3953
v. Close assigned incidents in accordance with the NGEN Incident Management 3954
processes and procedures. 3955
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
149
vi. Track and report all incidents in coordination with the TXS Contractor and other 3956
service providers, and include in the monthly IPR incident. (CDRL A029 – 3957
Service Operations Reports) 3958
3959
In addition to the above, the TXS Contractor shall: 3960
a. Coordinate with the ES Contractor to gain access and appropriate administrative rights to 3961
the NGEN incident management tools to support the execution of the NGEN Incident 3962
Management process. 3963
b. Manage the resolution of assigned NGEN IT incidents in accordance with the 3964
Government approved Incident Management process. 3965
i. Provide TXS input into near-real time status tool for all assigned NGEN 3966
incidents. 3967
ii. Track and resolve assigned incidents: 3968
a) Provide recommended prioritization of physical infrastructure and IT 3969
service incidents based on the Navy mission and operational impact. 3970
b) Close all assigned incidents in accordance with the NGEN Incident 3971
Management process. 3972
c. Track and provide input to the ES Contractor for the monthly incident report. 3973
3974
3.4.5.3 Request Fulfillment 3975
Request Fulfillment supports the request for and delivery of IT products and services available 3976
under the contract(s). Task records are generated through the NGEN ordering tool [(e.g., NMCI 3977
enterprise tool, (NET)] and passed to the appropriate service provider through interfaces to 3978
Contractor ordering tools. These tasks are assigned to one or more Contractors or Government 3979
entities for fulfillment. When the request is fulfilled, the task record is closed. The NGEN 3980
Request Fulfillment process is documented in the NPDM. 3981
3982
The Contractors shall: 3983
a. Execute Request Fulfillment in accordance with the SMP. 3984
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
150
b. Accept, document, and deliver ordered services in accordance with the prescribed process 3985
and CLIN delivery requirements. 3986
c. Provide monthly service delivery and backlog report as part of the monthly IPR. (CDRL 3987
A007 – Monthly Status Report) 3988
3989
In addition to the above, the ES Contractor shall: 3990
a. Provide primary service delivery confirmation for service orders requiring support from 3991
multiple service providers. 3992
i. Develop a joint service delivery schedule for requested task orders with other 3993
service providers. 3994
ii. Track and report progress on task order delivery. (CDRL A007 – Monthly Status 3995
Report) 3996
3997
In addition to the above, the TXS Contractor shall: 3998
a. Coordinate and integrate TXS service components with the ES Contractor for the 3999
delivery of service orders requiring support from multiple providers. 4000
i. Provide input to the ES Contractor on the joint task order delivery schedule. 4001
ii. Deliver TXS components and services in accordance with the joint task order 4002
delivery schedule. 4003
4004
3.4.5.4 Problem Management 4005
The Problem Management process provides a framework to conduct troubleshooting, trend, 4006
diagnosis, and analysis of root cause. Problem Management identifies similar incidents that are 4007
grouped into “problems” and initiates Requests for Change (RFCs) when appropriate, to resolve 4008
those problems. The NGEN Problem Management process is documented in the NPDM. 4009
4010
The Contractors shall: 4011
a. Execute Problem Management in accordance with the SMP. 4012
b. Identify, monitor, diagnose, mitigate, and report problems in accordance the NGEN 4013
Problem Management Process. 4014
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
151
i. Identify underlying root cause of assigned problems and generate, as required, 4015
RFC(s) to resolve problem. (CDRL A007 - Monthly Status Reports) 4016
ii. Convene joint service provider resolution sessions, as required, to resolve 4017
problems. 4018
4019
In addition to the above, the ES Contractor shall: 4020
a. Record, prioritize, and provide near real time information on all NGEN problems. 4021
b. Recommend allocation of problems to the appropriate service provider or Government 4022
entities. 4023
c. Track resolution of NGEN problems and provide monthly Problem Management 4024
summary as part of the monthly IPR. (CDRL A007 - Monthly Status Report) 4025
4026
In addition to the above, the TXS Contractor shall track resolution of assigned TXS problems 4027
and provide input to the ES Contractor for the monthly Problem Management summary, and 4028
include the TXS Problem Management summary in the monthly IPR. (CDRL A007 - Monthly 4029
Status Report) 4030
4031
3.5 Logistics 4032
Logistics Management includes the personnel, processes, and tools required to sustain ES 4033
services and associated infrastructure (e.g., hardware, software, and facilities). NGEN‘s support 4034
strategy and approach are governed by the NGEN Life Cycle Sustainment Plan (LSCP) listed as 4035
an attachment in Section J. 4036
4037
Logistics Management is a shared service. The ES Contractor is designated as the primary 4038
service provider, and the TXS Contractor is designated as the supporting service provider. The 4039
Contractors shall collaborate with each other and any other service providers to provide common 4040
management of the services described below: 4041
4042
3.5.1 Installation Support 4043
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
152
IT installations include the installation of new equipment, technology refresh, modernization, 4044
and equipment relocations. 4045
4046
Installation Support is a shared service. The ES Contractor is designated as the primary service 4047
provider, and the TXS Contractor is designated as the supporting service provider. The 4048
Contractors shall collaborate with each other and any other service providers to provide common 4049
management of the services described below: 4050
a. Plan, communicate, and execute NGEN installations in accordance with the NGEN 4051
Release and Deployment process, the NGEN Change Management process, the IT Asset 4052
Management process, and the NGEN Configuration Management process described in 4053
the NPDM as well as the SPAWAR Shore Installation Process Handbook (SIPH). 4054
b. Submit quarterly status reports on the status of installation tasks at the monthly IPR. 4055
c. Perform site installations and maintain and leave all work areas neat and orderly and 4056
dispose of all waste material daily. 4057
d. Ensure all configuration and asset records are added, modified, or updated in accordance 4058
with the CMIP and AMIP. 4059
e. Develop and provide Installation Technical Documentation and Plans in accordance with 4060
Government direction. (CDRL A025 – Installation Technical Documentation and Plans) 4061
i. Develop and provide Installation Requirements Drawing (IRD) packages for new 4062
equipment, technology refresh, modernization, and equipment relocations 4063
associated with Large sites, Small sites, and Very Small Site Design (VSSD) 4064
sites, server farms, network operations centers, service desks and any other 4065
category that has multiple same assets, using SPAWARINST 4720.5 as guidance. 4066
ii. Perform site surveys and provide copies of the site survey documentation to the 4067
Government, in accordance with the SIPH. 4068
iii. Prepare Base Electronic System Engineering Plans (BESEPs) to reflect processes 4069
associated with new equipment, technology refresh, modernization, and 4070
equipment relocations, in accordance with the SIPH. 4071
iv. Develop and provide an Installation Design Plan (IDP) for each site to reflect new 4072
equipment, technology refresh, modernization, and equipment relocations 4073
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
153
installation processes using the appropriate IRD as the starting point, if one is 4074
available, and use the SIPH (Appendices AC and Q) as guidance. Provide red-4075
line updates based on actual installations. 4076
v. Develop System Operational Verification Test (SOVT) plans to reflect new 4077
equipment, technology refresh, modernization, and equipment relocations at the 4078
system level and site-specific SOVT plans for each site in accordance with the 4079
SPAWAR System Operational Verification and Test (SOVT) Preparation and 4080
Execution Guide (SPEG) for Ship, Shore, and Submarine Installations. Perform 4081
system checkout and SOVTs for new equipment, technology refresh, 4082
modernization, and equipment relocations installation activity at each site in 4083
accordance with the approved site-level SOVT document. Immediately report 4084
major discrepancies and deficiencies to the designated Government representative 4085
and correct all installation related deficiencies discovered during the SOVT in 4086
accordance with SIPH. 4087
f. Develop and submit a Plan of Action and Milestones (POA&M) containing an 4088
installation schedule for all installation. 4089
g. Provide an Installation Completion Report (ICR) to reflect new equipment, technology 4090
refresh, modernization, and equipment relocations. 4091
4092
3.5.2 Maintenance 4093
Maintenance planning and execution includes preventive and corrective maintenance of 4094
Contractor assigned GFE (HW and SW) consistent with requirements (e.g. availability) specified 4095
in this PWS. The Contractors shall collaborate with each other and any other service providers 4096
to provide common management of the services described below: 4097
a. Prepare and implement a maintenance approach that describes how the Contractor will 4098
perform, document, track, and report maintenance on assigned GFE. (CDRL A048 – 4099
Maintenance Approach) 4100
b. Plan and communicate scheduled and unscheduled maintenance activities in accordance 4101
with the CMIP and the maintenance approach. Collect, analyze, and post maintenance 4102
history metrics. (CDRL A049 – Maintenance Report) 4103
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
154
c. Provide Break Fix services including the labor and parts required to repair GFP that may 4104
have failed due to defects in material and workmanship or as a result of normal use. 4105
4106
3.5.3 Warranty Management 4107
The Contractors shall collaborate with each other and any other service providers to track and 4108
manage warranties within the CMDB. 4109
4110
3.5.4 Supply Support 4111
Supply Support for the Navy portion of the NGEN program encompasses the management and 4112
handling of spares. 4113
4114
The Contractors shall: 4115
a. Provide, as required, sparing for Contractor assigned assets on the network. 4116
b. Transfer ownership of spares, with exception of end user hardware, to the Government 4117
once installed. 4118
c. Mark and report spares in accordance with the AMIP. 4119
4120
3.5.5 Diminishing Manufacturing Sources and Material Shortages (DMSMS) 4121
DMSMS is the loss, or impending loss, of manufacturers of items or suppliers of items or raw 4122
materials. The NGEN DMSMS Plan provides guidance for the planning and execution of 4123
NGEN DMSMS activities. The Contractors shall collaborate with each other and any other 4124
service providers to provide common management of the services described below: 4125
a. Incorporate DMSMS considerations into the Annual Technology Refresh Plan. (CDRL 4126
A014 - Technology Refresh Plan) 4127
b. Provide any identified DMSMS risks via the Risk Management process. (CDRL A007 - 4128
– Monthly Status Report and CDRL A009 - Risk Management Plan) 4129
4130
3.5.6 Demilitarization and Disposal 4131
Government policies, regulations, and instructions (e.g., DoD 4160.21-M-1 and Executive Order 4132
13423) require the demilitarization and disposal of all Global Information Grid (GIG) HW, SW, 4133
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
155
and electronic components at the end of service life. The Contractors shall collaborate with each 4134
other and any other service providers to provide common management of the services described 4135
below: 4136
a. Demilitarize and dispose of HW, SW, and electronic components at cleared Contractor 4137
facilities in accordance with the AMIP and the NGEN Programmatic Environment, 4138
Safety, and Occupational Health Evaluation (PESHE) listed as an attachment in Section 4139
J. 4140
b. Maintain accountability records for assigned GFE and CFE within the CMDB in 4141
accordance with the NGEN Life Cycle Sustainment Plan (LCSP), the CMIP, and the 4142
AMIP. 4143
4144
3.5.7 Environmental Safety and Occupational Health 4145
The Contractors shall collaborate with each other and any other service providers to provide 4146
common management of the services described below: 4147
a. Develop and provide to the Government a Hazard Analysis that identifies potential 4148
health, fire, and safety hazards for the NGEN environments in accordance with the 4149
PESHE. (CDRL A050 – Hazard Analysis Report) 4150
b. Develop and provide to the Government a Safety and Health Risk Assessment that 4151
determines the severity and likelihood of occurrence for safety and health risks in NGEN 4152
operational and maintenance environments. (CDRL A051 – Safety and Health Analysis 4153
Report) 4154
4155
3.5.8 Packaging, Handling, Storage, and Transportation (PHS&T) 4156
Packaging, Handling, Storage, and Transportation (PHS&T) is the combination of resources, 4157
processes, procedures, design considerations, environmental consideration, and methods to 4158
ensure all systems, equipment and support items are preserved, packaged, handled, transported, 4159
and stored properly. The Contractors shall collaborate with each other and any other service 4160
providers to provide common management of the services described below: 4161
a. Attach a complete packing list to each shipment. 4162
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
156
b. Mark hazardous material and parts in accordance with the Occupational Safety and 4163
Health Administration Standard, the Code of Federal Regulations 29 Part 1910.1200, as 4164
well as applicable Environmental Protection Agency (EPA) and Department of 4165
Transportation requirements. 4166
4167
3.5.9 Facilities Management 4168
Government Furnished Facilities (GFF) will be transitioned to the NGEN Contractors in an “as 4169
is, where is” condition. The Contractors shall collaborate with each other and any other service 4170
providers to provide common management of the services described below: 4171
a. Develop and provide to the Government a Facility Management, Operation, and 4172
Maintenance Plan in accordance with the NGEN Facilities Plan. (CDRL A052 – 4173
Facilities Management, Operation, and Maintenance Plan) 4174
b. Manage, operate, and maintain facilities in accordance with the Facilities Management, 4175
Operation, and Maintenance Plan. 4176
c. Provide facilities utilization information with any recommendations for the optimal mix 4177
of Government or commercial facilities within the monthly IPR. (CDRL A007 – 4178
Monthly Status Report) 4179
d. Plan, procure, and implement required facilities IT refresh. 4180
e. Provide a POC for each facility with knowledge of facilities support equipment, or 4181
subsystems, at each location. (CDRL A052 – Facilities Management, Operation, and 4182
Maintenance Plan) 4183
i. Document and report all additions, changes, or deletions made to the site 4184
electrical and mechanical systems in accordance with the CMIP and the SIPH. 4185
f. Execute facilities incident management in accordance with the NGEN Incident 4186
Management process and the NGEN Facilities Plan listed as an attachment in Section J. 4187
g. Provide physical access control to all assigned facilities including integration with local 4188
physical security requirements. 4189
h. Develop a process for the Government to gain access to spaces where the Contractor(s) 4190
operates and maintains equipment. 4191
4192
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
157
In addition to the above, the ES Contractor shall: 4193
a. Validate, operate, and maintain the “as is, where is’ facilities inventory data within the 4194
CMDB. 4195
b. Provide consolidated facilities utilization information with any recommendations for the 4196
optimal mix of Government or commercial facilities within the monthly IPR. (CDRL 4197
A007 - Monthly Status Report) 4198
c. Perform system operation, maintenance, auditing, inspections, testing, and repair 4199
functions to support all NGEN ES Government Furnished Facilities (GFF) and 4200
Government Furnished Equipment (GFE): 4201
i. Heating, Ventilating, and Air Conditioning (HVAC). 4202
ii. Electrical System. 4203
iii. Fire Detection and Suppression Systems. 4204
iv. UPS, Battery, and Generator. 4205
v. Fuel Storage and Transfer. 4206
vi. All other facility related support systems with the exception of BAN and LAN 4207
GFF in dedicated wiring closets. 4208
d. Provide administrative equipment needed to support on site ES personnel (e.g., 4209
telephones, PCs, servers, copiers, printers, fax machines, and consumables). 4210
4211
In addition to the above, the TXS Contractor shall: 4212
a. Perform system operation, maintenance, auditing, inspections, testing, and repair 4213
functions to support all NGEN TXS GFF and GFE: 4214
i. BAN and LAN GFF contained in dedicated wiring closets. 4215
b. Provide updated “as is, where is’ facilities CMBD data to the ES Contractor. 4216
4217
3.5.10 Data Management (DM) 4218
The NGEN Data Management Plan (DMP), (Attachment), articulates the Government’s 4219
overarching vision to ensure all NGEN data will be accessible, visible and usable as needed, and 4220
that it is actively managed from creation to final disposition or destruction within the IDE. 4221
4222
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
158
The NGEN Integrated Digital Environment (IDE) will be a physically distributed, logically 4223
linked data structure for the collection of shared product and support data for NGEN in which 4224
technical and business information is warehoused, readily accessible, in a real-time environment, 4225
to all functional participants and decision makers across all NGEN life cycle processes. 4226
Data Management is a shared service. The ES Contractor is designated as the primary service 4227
provider, and the TXS Contractor is designated as the supporting service provider. The 4228
Contractors shall collaborate with each other and any other service providers to provide the 4229
following common services of its own portion of the NGEN program. 4230
4231
The Contractors shall: 4232
a. Develop and deliver the Data Management Implementation Plan (DMIP). (CDRL A053 – 4233
Data Management Implementation Plan) 4234
b. Provide, operate and maintain internal Data Management capabilities (processes, 4235
procedures and tools) internal to the contractors to support the creation, validation, 4236
maintenance, cataloging and storage, and which serve as the authoritative source of data 4237
feeds, to the NGEN IDE. 4238
i. Provide and maintain as-is data feeds to the NGEN IDE (e.g., performance data) 4239
in accordance with the NGEN DMP and IA policies. 4240
ii. Implement data tagging standards as described in the NGEN DMP. 4241
iii. Manage changes to the IDE data feeds and structure in accordance with the 4242
CMIP. 4243
iv. A comprehensive list of data and its associated schemas as identified in the 4244
NGEN DMP. 4245
4246
In addition to above, the ES Contractor shall: 4247
a. Collect and integrate TXS and other service provider inputs into a single NGEN DMIP. 4248
(CDRL A053 – Data Management Implementation Plan) 4249
b. Operate, maintain and provide systems administration for the as-is NGEN IDE in 4250
accordance with the NGEN DMP (i.e. tools, applications, databases, data warehouses, 4251
ETL tools, repositories, etc). 4252
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
159
i. Perform daily, incremental backup of data environment. 4253
ii. Provide for the restoration of lost data within 24 hours of notification. 4254
iii. Implement and maintain defined taxonomy and metadata standards as published 4255
in the NGEN DMP. 4256
iv. Manage changes to the NGEN IDE in accordance with the CMIP. 4257
v. Configure, operate and maintain SearchNAVY (Autonomy COTS tool) in 4258
accordance with the DMIP. 4259
vi. Integrate updated and refined data sources into the IDE. 4260
vii. Maintain a comprehensive list of NGEN data structures, sources, categorizations 4261
and formats to be aligned with the data feeds. 4262
viii. Provide system integrity reports on unauthorized access attempts, testing results, 4263
or related system integrity metrics as required by the Data Governance Board 4264
(DGB) for ongoing monitoring purposes. (CDRL A007 – Monthly Status Report ) 4265
ix. Provide access and SME support as required for the Government to perform 4266
annual audits related to the integrity of the IDE to ensure execution and support of 4267
NGEN DMP and data security requirements are met. 4268
x. Process requests for user access to the IDE and provide system administration and 4269
support of the IDE data management tools by assigning rights based on roles and 4270
responsibilities identified in the NGEN DMP. 4271
xi. Receive, catalog, and integrate all NGEN service provider data feeds and data 4272
updates to the IDE. This includes timely execution of all inspection and 4273
acceptance procedures as approved by the DGB. 4274
c. Execute continual process and product improvements to the IDE to deliver improved 4275
capabilities, maturity and efficiency. 4276
i. Provide design and implementation documentation for a to-be IDE that promotes 4277
and enables industry best practice for data management and provides a process 4278
and technology roadmap to transition from the current state to the to-be state 4279
outlined in the NGEN DMP. (CDRL A008 – Continuous Service Improvement 4280
Plan): 4281
a) Design documentation 4282
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
160
b) Implementation plan 4283
c) Bill of Materials 4284
d) Test Plan 4285
e) Request for Change (RFC) 4286
f) IDE Operations and Maintenance Concept of Operations (CONOPS) 4287
4288
In addition to the above, the TXS Contractor shall: 4289
a. Catalog and maintain TXS data. 4290
b. Provide TXS design documentation inputs for the to-be state IDE to the ES Contractor. 4291
4292
3.6 Transition Services 4293
3.6.1 Transition Overview 4294
The over-arching goal of transition is to maintain uninterrupted, quality services (e.g., security, 4295
functionality, and performance) to Navy commands and end users. Transition is the planning 4296
and completion of activities necessary for phase-out from the CoSC Incumbent (hereinafter 4297
Incumbent) providing the services and the phase-in to the NGEN Successors (hereinafter 4298
Successors) providing the services. The Successors will be both Government and other 4299
Contractors. 4300
4301
During the CoSC phase-out, the Incumbent relinquishes responsibility for the provisioning and 4302
operational sustainment of the network as the Successors assumes full operational responsibility, 4303
as defined in the Transition Management Plan (TMP) listed as an attachment in Section J. A 4304
successful transition is measured by the Contractors’ Successors’ ability to provide the required 4305
services. 4306
4307
The Navy’s phase-in approach for the TXS and ES contract segments is based on the 4308
simultaneous transfer of the NGEN infrastructure and services as coordinated among the 4309
Contractors and the Government. The Navy will require phase-out services from the Contractors 4310
to phase-in future NGEN Successor(s). 4311
4312
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
161
The Contractors shall collaborate with each other and any other service providers to provide 4313
common management of the services described below. 4314
4315
The Contractors shall: 4316
a. Provide transition services for the phase-in and phase-out periods within the NGEN 4317
environment. 4318
b. Assume responsibility for Work-In-Progress (WIP) for outstanding efforts required to be 4319
assumed during phase-in. 4320
c. Perform transition activities in accordance with the NGEN TMS and the TMP. 4321
4322
3.6.2 Navy Transition Profiles 4323
NGEN Services are provided and supported using IT Service Management (ITSM). For 4324
transition purposes NGEN comprises ITSM and the following profiles: Global Services, Field 4325
Services, Service Desk Services. There are three Global Services profiles five Field Services 4326
profiles and one Service Desk profile. ITSM addresses the tools, processes, and integration 4327
responsibilities required to accomplish NGEN service delivery within the multi-Successor 4328
environment. 4329
4330
Global Services affect the delivery of services across NGEN and are managed centrally. These 4331
services are performed either at a specific site or delivered through a virtual team arrangement. 4332
Global Services include common services that are shared among the service providers. 4333
4334
Field Services are the local resources for touch labor necessary to deliver the NGEN services. 4335
The sites are grouped into five profiles. The criteria for establishing the field services profiles 4336
are a combination of seats, users, and network devices that interface physically with the NGEN 4337
network. 4338
4339
The Service Desk Services profile includes Tier 1 support. Tier 2, Tier 3 and Tier 4 Service 4340
Desk Services are embedded within the Global and Field Service profiles and do not have 4341
dedicated service desk profiles. 4342
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
162
4343
Each site is designated with a physical site identifier (PSI) code and with the appropriate 4344
profile(s) within the Site Scheduling Tool. The Contractors shall collaborate with each other and 4345
any other service providers to provide common management of the services described below. 4346
4347
The Contractors shall phase-in NGEN using the Services Profiles in the Profile Summary table 4348
below: 4349
Profile 1 Profile 2 Profile 3 Profile 4 Profile 5 Global Services
GSP1 – Are NOC/ SOC activities and B1 Boundary Suite activities
GSP2 – Are Server Farm/Demilitarized Zone (DMZ) activities and B2 Boundary Suite activities
GSP3 – contains Engineering activities within the EDSS subject matter expertise, Technology Refresh services, Security and IT Certification and Accreditation (C&A) Services support in global processes and global Logistic
n/a n/a
Field Services
FSP1 – Are sites co-located with NOC/SOCs or Contain B1 Boundary Suites
FSP2 – Are sites co-located with Server Farms or Contain B2 Boundary Suites
FSP3 – Contain over 250 seats
FSP4 – Are remotely managed sites and contain between 24 – 249 seats
FSP5 – Are remotely managed sites and contain 23 or less seats
Service Desk Services
SDSP1 - Tier 1 Service Desk Services
n/a n/a n/a n/a
Table 3.6.2-1 Profile Summary 4350 4351
3.6.3 Phase-In Services 4352
The Contractors transition execution period shall not exceed 10 months from the successful 4353
completion of CDR. The Contractors are encouraged to reduce this duration without interruption 4354
to service. 4355
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
163
4356 Figure 3.6.3-1 Notional Navy Phase-In Timeframe 4357
The Contractors shall collaborate with each other and any other service providers to provide 4358
common management of the services described below, to accomplish a fully coordinated, 4359
simultaneous phase-in. 4360
4361
The Contractors shall ensure continuity of services during the transfer of service delivery 4362
responsibilities 4363
4364
3.6.3.1 Planning 4365
The Contractors shall deliver a Phase-In Plan and associated Detailed Phase-In Project Plans 4366
including the phase-in schedule to transfer the services, tools, ITSM processes, assets, and 4367
facilities from the incumbent without disrupting end-user services within the NGEN multi-4368
provider community. 4369
4370
3.6.3.1.1 Phase-In Plan and Readiness Templates 4371
The Phase-In Plan provides a description of the Contractors’ technical approach for transferring 4372
services from CoSC to NGEN. The Readiness Templates identify the repeatable process and 4373
Notional Navy TXS & ES Transition TimelineFY13 FY14
Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2
n/a n/a 30 60 90 120 150 180 210 240 270 300 330 360 390 420 450 480 510
TXS Services & ES Services Phase-In
SOLICITATION / CONTRACT
PLANNING
Phase-In Plan
Detailed Plans for Identified Projects
PRE-EXECUTION & PROGRAM EVENTS 2%
Systems Engineering Technical Reviews
Preliminary Design Review (PDR)
Critial Design Review (CDR)Project Readiness to Transition Reviews (RTR) %
EXECUTION
Project 1 Service Management Phase-In
Project 2 (GSP 1, 2, 3 and FSP 1)
Project 3 (Service Desk Services)
Project 4 (GSP 2 and FSP 2 & 3)
Project 5 (FSP 4)
TXS / ES Award
ES & TXS PDR
100%100%100%100%100%100%
ES & TXS Phase‐in Plan
ES & TXS CDR
ES & TXS Execution
23
54
ES & TXS Detailed Phase‐in Project Plans
Pre‐Execution & ProgramEvents
Planning
1
1 2 53+4
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
164
reusable tools that can be applied, as appropriate, to Service Management or a Global, Service 4374
Desk, or Field Services Profile for purposes of phase-in. 4375
4376
The Contractors shall prepare the Phase-In Plan containing the Readiness Templates. (CDRL 4377
A016 - Phase-In Plan) 4378
4379
In addition to the above, the ES Contractor shall deliver an integrated Phase-in Plan and 4380
Readiness Templates to include the TXS Contractor’s portion. 4381
4382
3.6.3.1.2 Detailed Phase-In Project Plans 4383
The purpose of a Detailed Phase-In Project Plan is to identify the detailed tasks and schedule to 4384
accomplish each transition Phase-In project. 4385
4386
The Contractors shall prepare the Detailed Phase-In Project Plans. (CDRL A054 – Detailed 4387
Phase-In Project Plans) 4388
4389
In addition to the above, the ES Contractor shall deliver the integrated Detailed Phase-In Project 4390
Plans to include the TXS Contractor’s portion. 4391
4392
3.6.3.2 Pre-Execution 4393
Pre-Execution activities include coordination with the Government, NGEN Contractors, and 4394
other Successor Providers to become ready for Execution. 4395
4396
The Contractors shall: 4397
a. Complete readiness activities identified within the Contractors’ Phase-In Plans, Detailed 4398
Project Phase-In Plans, and Readiness Templates. 4399
b. Conduct PDR and CDR, training, and Readiness to Transition Reviews (RTR). 4400
4401
3.6.3.2.1 Readiness Templates 4402
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
165
The Contractors shall complete the appropriate Readiness Template with the relevant 4403
information and current status of all readiness activities for ITSM and the Global, Field and 4404
Service Desk profiles as necessary to accomplish the five (5) Phase-In projects described in the 4405
NGEN Transition Phase-In Execution of the PWS. For the five Phase-In Projects the 4406
Contractors shall deliver the Readiness Template information as follows: (CDRL A055 – 4407
Readiness Templates) 4408
a. ITSM, Global, Field and Service Desk Readiness Templates containing the relevant 4409
information and current status for each site within Projects 1, 2, 3, and 4. 4410
b. A single report containing all the relevant information and current status for the Field 4411
Services for sites in Project 45. 4412
4413
In addition to the above, the ES Contractor shall deliver integrated completed Readiness 4414
Templates to include the TXS Contractor’s portion. 4415
4416
3.6.3.2.2 Readiness to Transition Review (RTR) 4417
During an RTR, the Contractors demonstrate transition readiness based on successful completion 4418
of the tasks contained on the applicable template. Upon successful conclusion of an RTR, the 4419
Contractors will have Government approval to Assume Full Operational Responsibility (AFOR) 4420
on the agreed upon dates for the services and sites presented at the RTR. RTRs shall be 4421
conducted in accordance in the Table 3.6.3-1 below. 4422
4423
The Contractors shall: 4424
a. Prepare an RTR Package, to demonstrate readiness to Phase-In the applicable services at 4425
the sites identified within each Detailed Phase-In Project Plan. (CDRL A056 – Readiness 4426
to Transition Review Package) 4427
b. Conduct the RTRs: 4428
i. Provide presentation via Defense Connect Online for remote Navy participants. 4429
4430
In addition to the above, the ES Contractor shall: 4431
a. Integrate the TXS Contractor’s portion into the final RTR packages 4432
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
166
b. Host the RTRs. Ensure requirements are in meeting requirements 4433
4434
3.6.3.3 NGEN Transition Phase-In Execution 4435
The sequence of Phase-In Execution is for the Successors to assume responsibility of the ITSM 4436
services first, followed by Global services and then the remaining services. 4437
4438
The Contractors shall execute the Phase-In Projects as described in the table below: 4439
Project Short Description Sites: Execution
Timeframe* 1 • Phase-in of the NGEN ITSM
Capabilities • N/A • RTR conducted
at PDR • Project shall not
exceed 30 days • AFOR being 40
days after PDR / RTR
2 • GSP1 Services within the three NOC/SOC Services
• GSP1 Services for sites with B1 Boundaries
• GSP2 Services within any Server Farms co-located with the NOC/SOC or B1 Boundary sites
• FSP1 services for users co-located with the NOC/SOC and B1 Boundary sites
• GSP3 Services
• NOC/SOC Sites: NRFK, PRHL, SNDI
• B1 Boundary Sites: PAXR, BRM, PTNH, CHLK, JAXS
• Server Farm Sites: NRFK, SNDI, PRLH, PAXR, BREM, JAXS
• B2 Boundary Sites: NRFK, PRLH, SDNI, PAXR, CHLK,JAXS, BREM
• RTR conducted at CDR
• Project shall not exceed 90 days
• AFOR begins 40 days after PDR
3 • SDSP1 • Service Desk Sites: NRFK (GFF) and Contractor provided redundant location
• RTR conducted 90 days after CDR
• AFOR begins 40 days after RTR
• Project shall not exceed 90 days
4 • GSP2 Services for all remaining Server Farms
• GSP2 Services for all remaining B2 Boundary Sites
• FSP2 services for users co-located with the remaining Server Farms and
• Remaining Server Farm Sites: WNYD, NWOR, LEMR, PRTH, MECH, SPSC, MUGU, SDNS, CHRL, FALN, CRAN, OCEN, CHRL, MILL
• RTR conducted 90 days after CDR
• AFOR begins 40 days after RTR
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
167
B2 Boundary Sites • FSP3 services for users co-located at
PHIL • FSP3 services for sites with over 250
users
• B2 Boundary Sites: WNYD, NWOR, LEMR, PRTH, MECH, MUGU, SDNS, FALN, CRAN, OCEN, CHRL, MILL, PHIL
• Sites with over 250 users: See Site Scheduling Tool
• Project shall not exceed 90 days
5 • FSP3, FSP4, and FSP5 Services for users located at the remotely managed sites
See Site Scheduling Tool • RTR conducted 180 days after CDR
• AFOR begins 40 days after RTR
• Project shall not exceed 60 days
*Reflects calendar days Table 3.6.3-1 Phase-In Projects 4440
4441
3.6.3.4 Success Criteria 4442
Completion of Pre-Execution activities is a prerequisite for entering the Execution Stage of 4443
Phase-In. During Phase-In, the Contractors shall perform the activities, plans, and processes 4444
prescribed in the approved Detailed Phase-In Project Plans in order to AFOR. 4445
4446
The Contractors shall: 4447
a. Deliver all planning artifacts per the Contractor developed Phase-In schedule 4448
b. Complete Pre-Execution activities on the schedule identified within the Contractor 4449
Readiness Templates. 4450
c. Meet staffing levels (i.e., inventory of workload capacity and current staff 4451
availability) identified in the Contractor’s Phase-In Plan. (CDRL A016 – Phase In 4452
Plan) 4453
d. Assume asset management of the NGEN GFP in accordance with the requirements 4454
identified in the PWS. 4455
e. Assume operations, maintenance, auditing, inspections, repair, and accountability for 4456
and access control to all GFF space and related infrastructure assigned. 4457
f. Deliver Finalized Readiness Templates. (CDRL A055 – Readiness Templates) 4458
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
168
g. Assume full responsibility for the service management capabilities in the NGEN 4459
environment. 4460
h. AFOR for the provisioning and sustainment of NGEN Services 4461
i. Completed within the time specified in the Phase-In Projects table above. 4462
4463
3.6.4 NGEN Phase-Out Services 4464
At a future time, when NGEN Successor(s) are selected to replace the Contractors, Phase-Out 4465
services to relinquish the responsibility for the provisioning and operational sustainment of the 4466
network will be required. The Contractors shall collaborate with each other and any other 4467
service providers to provide common management of the services described below, to 4468
accomplish a fully coordinated Phase-Out. 4469
4470
3.6.4.1 Planning 4471
The Contractors shall prepare its Phase-Out Plan. (CDRL A057 – Phase-Out Plan) 4472
4473
3.6.4.2 Pre-Execution 4474
Phase-Out Pre-Execution includes preparing the NGEN environment and the Successor(s), both 4475
Government and Contractor, to AFOR the provisioning and sustainment of NGEN operations. 4476
4477
3.6.4.2.1 Work In Progress 4478
The Contractors shall, within 30 days of Government notification of intention to Phase-Out, 4479
identify any backlogged work and provide all associated information necessary to identify unmet 4480
requirements for all the remaining Work In Progress (WIP). 4481
4482
3.6.4.2.2 Successor Preparation for the NGEN Environment 4483
Activities during the Phase-Out Pre-Execution period include preparation of the Government and 4484
the Successor Contractors. 4485
4486
Prior to Phase-Out, The Contractors shall: 4487
a. Provide Successor Preparation Services to include: 4488
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
169
i. Provide a total of 4,000 hours of SME to SME knowledge transfer sessions. 4489
ii. Within the NGEN operational environment, provide job shadowing for a total of 4490
360 people prior to, during, and post Successor AFOR. This includes allowing the 4491
successor contractor employee to handle live work, and can be in a collocated 4492
situation or remote. 4493
iii. Provide critical situation simulations allowing the successor contractor employee 4494
to demonstrate proficiency in managing services during an event that has high 4495
negative impact on the Intranet services. 4496
4497
3.6.4.2.3 Business Operational Support 4498
The Contractor shall deliver the underlying processes and tools necessary to monitor and assist 4499
with the fulfillment of contracted requirements, solutions, and implementations. To facilitate 4500
transitioning responsibilities in a “step-down” fashion, where a portion of the service has been 4501
transferred to the new Successor(s) the Contractors shall provide access to the systems required 4502
to perform its tasks: 4503
a. Modify processes and supporting tools to grant access. 4504
b. Incorporate transition business rules into the tools as required. 4505
4506
3.6.4.3 Execution and Success Criteria 4507
Prior to the end of contract performance, the Contractors perform Phase-Out Execution activities 4508
to transfer relinquish the Global, Field and Service Desk Services as defined in this PWS to a 4509
Successor(s). 4510
4511
The Contractors shall: 4512
a. Continue to provide operational staff and expertise during the Phase-Out Execution for 4513
stabilization of the three Global Service Profiles and Service Desk Services Profiles, and 4514
the five Field Services Profiles after the transfer of operational responsibility to minimize 4515
disruption and maintain available and on-going services. 4516
b. Provide Tier 2, 3, and 4 support services as defined in this PWS to ensure stabilization of 4517
the NGEN environment. 4518
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
170
c. Transfer ITSM processes. 4519
d. Participate in Successor monthly IPR to validate progress towards Phase-Out. 4520
e. Report and document transition status in Monthly IPR and in Monthly Status Report. 4521
(CDRL A003 – Presentation Materials, CDRL A007 – Monthly Status Report) 4522
f. Complete Phase-Out of NGEN Services. 4523
4524
In addition to the above, the ES Contractor shall provide Tier1 support services as defined in the 4525
PWS to ensure stabilization of the NGEN environment. 4526
4527
3.6.5 NGEN Optional Transition Services Move to Section C under CLIN 56 4528
Optional Phase-In services may include additional seats within Navy Legacy Networks and other 4529
services required to achieve the Phase-In and Phase-Out services detailed in the PWS. The 4530
Contractors shall collaborate with each other and any other service providers to provide common 4531
management of the services described below. 4532
4533
3.7 Litigation 4534
The Contractors shall: 4535
a. Assist DON attorneys according to the parameters set by the lead DON attorney to 4536
respond to subpoenas, discovery requests, court orders and other matters related to 4537
litigation that require the discovery, production, archiving, retention, or rotation of end 4538
user electronic information and Internet or Intranet activity information. Such assistance 4539
will not include any subjective decision making by the Contractor(s). 4540
b. Respond within 10 calendar days (or 20 calendar days in the case of retrieving 4541
information from network backup tapes) from the date of the lead DON attorney’s 4542
written request unless otherwise agreed by the lead DON attorney. 4543
c. Provide the following Litigation Support Services: 4544
i. Accurate, timely and complete information as requested by the lead DON attorney 4545
for DON responses to discovery requests served on the Government. The DON 4546
Lead Attorney will direct the Contractor(s) by describing the type of information 4547
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
171
sought. Contractor(s) will not make any determination as to whether such 4548
information requested is “responsive” or no. 4549
ii. Accurate information and documentation concerning infrastructure configuration 4550
and information that describes management of any network under the 4551
Contractors’ control, including encryption, protocols for network back-up 4552
procedures, enterprise and other legacy systems, preservation protocols, and data 4553
applications used, etc. (if not classified). 4554
iii. Information concerning electronic discovery and data issues as these topics apply 4555
to networks and any enterprise and other legacy systems controlled by the 4556
Contractor(s) (e.g., information required for the Government in to evaluate the 4557
scope of potential electronic discovery agreements and electronic data 4558
preservation orders). 4559
a. Information on electronic discovery issues related to items under the 4560
Contractor’s control. 4561
b. Data to authenticate electronic information. 4562
c. Recovery of network backup tapes within reason, for up to 30 calendar 4563
days from the date of the lead DON attorneys request or a litigation hold, 4564
including signed and dated affidavits by a Contractor(s) information 4565
custodian stating that data is accurate to the best of his or her knowledge, 4566
as well as where, how, and when the electronic information on the backup 4567
tapes was collected and recovered. 4568
i. Preservation of relevant network backup information, including 4569
taking network media out of the Contractors’ network backup 4570
rotation and storing as required to respond to Government 4571
litigation needs. 4572
ii. Accurate data from data seats or mobile devices, including sector-4573
by-sector imaging that preserves the integrity of the original data 4574
and metadata. 4575
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
172
iii. Periodic audit planning for electronic records, including 4576
conducting audits as directed by the Government and providing 4577
reports of compliance on a periodic basis. 4578
d. Provide the following Litigation Holds services: 4579
i. When notified by the Government to place a litigation hold on a category of 4580
records, the Contractor(s) shall locate, secure and preserve, within reason those 4581
records found in Contractor-controlled Online and off-line storage. A single 4582
litigation hold notice may cover one, few or many different categories of records. 4583
In addition, the Contractor(s) shall search end user controlled online storage areas 4584
of specified end users. If the Government does not specify the manner or method 4585
of performance for the litigation hold, the Contractor(s) may use any means 4586
generally accepted in the industry for preserving evidence in anticipation of 4587
litigation. A generally accepted preservation method would be to make a read-4588
only copy of the pertinent native files on a hard drive or portable media with 4589
back-up copies stored at a different site. The Contractor(s) shall discontinue 4590
routine destruction of those records. The Contractor(s) shall continue to locate, 4591
secure and preserve that category of records or end usercontrolled online storage 4592
areas of specified end users until notified by the Government that the litigation 4593
hold has ended. After the litigation hold has ended, the Contractor(s) may resume 4594
normal records management practices including the routine destruction of records. 4595
ii. Provide the Government copies of the records held for each litigation hold 4596
request. Unless otherwise specified by the Government, the Contractor(s) may 4597
produce the records as preserved by providing a read-only copy on hard drive or 4598
portable media. The Contractor(s) shall also provide documents identifying the 4599
records, their file type, the corresponding litigation hold and category. 4600
iii. Maintain a record of its actions on each litigation hold request and report the 4601
status of litigation holds to the Government upon request. Upon request, the 4602
Contractor(s) shall report, for each litigation hold request, a description of the 4603
records preserved, including their quantity, category, file type, and location. 4604
e. Provide the following Records Searches and Production Services: 4605
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
173
i. When the lead DON attorney requests a search for a category of records, the 4606
Contractor(s) shall search Contractor controlled online and offline storage for the 4607
requested records. A single search request may request one, few or many 4608
different categories of records. In addition, the Contractor(s) shall search end user 4609
controlled online storage areas of specified end users. The Contractor(s) shall 4610
secure and preserve all responsive records found. If the Government does not 4611
specify the manner or method of performance, the Contractor(s) may use any 4612
means generally accepted in the industry for preserving evidence in anticipation 4613
of litigation. A generally accepted preservation method would be to make a read-4614
only copy of the pertinent native files on a hard drive or portable media with 4615
back-up copies stored at a different site. The Contractor(s) shall discontinue 4616
routine destruction of those records. The Contractor(s) shall continue to locate, 4617
secure, and preserve that category of records until notified by the Government. 4618
ii. Produce all responsive records found as soon as practical, and give to the 4619
Government as soon as practical. Unless otherwise specified by the Government, 4620
the Contractor(s) may produce the records as preserved by providing a read-only 4621
copy of all responsive records on hard drive or portable media. With each 4622
production, the Contractor(s) shall provide a document identifying the records, 4623
their file type, corresponding request, and the category. 4624
iii. Maintain a record of actions on each search request and report the status of the 4625
searches to the Government upon request. Upon request, the Contractor(s) shall 4626
report for each search request a description of the records found and preserved, 4627
including their quantity, category, file type, and location. 4628
iv. Respond to written requests for information retrieval from end user hardware and 4629
all other equipment on the network including Contractor controlled online and 4630
offline storage and end user controlled offline storage. The Contractor(s) shall 4631
locate, secure, preserve, and provide records responsive to identified document 4632
records or record categories. Unless otherwise specified, the Contractor(s) may 4633
use any means generally accepted in the industry to preserve retrieved documents. 4634
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
174
Upon request, the Contractor(s) shall produce responsive records found as soon as 4635
practical, unless a response perior is otherwise specified. 4636
d. Provide the following Testimony Services: 4637
i. Upon timely request by the Government, the Contractor(s) shall provide credible, 4638
qualified knowledgeable individuals to testify as “Keeper of the Records” in 4639
litigation and investigations before various courts, boards, agencies and other 4640
forums. This often requires travel to various locations within the United States, 4641
review and analysis necessary to form conclusions and opinions, interviews by 4642
various attorneys, and preparation for testimony and cross-examination. It may 4643
also involve assisting attorneys representing the Government in preparing 4644
disclosures of the substance of facts and opinions of the witness’s expected 4645
testimony. The testimony may consist of both factual and expert testimony and 4646
may among other subjects address: authenticity of evidentiary copies of electronic 4647
records, search efforts related to document requests, preservation efforts related to 4648
litigation hold requests, missing and destroyed electronic records, and the 4649
Contractors’ routine business practices including policy and procedures regarding 4650
the routine destruction of records. In testifying about Government records and 4651
information the Contractor(s) and witnesses shall follow all reasonable 4652
instructions of the attorneys representing the Government, (e.g., the assertion of 4653
privileges and instructions limiting testimony). Testimony may take three forms 4654
and in all forms must be accurate. 4655
a) Testimony may be presented through an Affidavit or Declaration under 4656
penalty of perjury rather than live testimony, such as in support of a 4657
summary judgment motion. 4658
b) Testimony may be presented Under Oath in response to oral or written 4659
questions for a deposition. Although a judge may not attend the 4660
deposition, the deposition is still in effect before a judge or other presiding 4661
official. Testimony is recorded by a court reporter that prepares a written 4662
transcript and may prepare a video recording. The testifying witnesses 4663
shall review, correct, and sign video and written deposition transcripts in 4664
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
175
accordance with the procedures of the respective forum. Contractor(s) 4665
reserves the right to have its counsel present for such proceedings. 4666
c) Testimony is presented at a Trial or Hearing, under oath in accordance 4667
with procedures set by the presiding official. Testimony may be presented 4668
either orally or in writing, in the form of a narrative report or questions 4669
and answers. Contractor(s) reserves the right to have its counsel present 4670
for such proceedings. 4671
e. Provide the following Technical Advice and Assistance to Government Attorneys: 4672
i. Provide technical advice and assistance regarding NGEN network administered 4673
by the Contractor(s) and the information contained therein to attorneys 4674
representing the Government upon request. 4675
ii. Provide technical assistance in preparing the Government’s case. This includes 4676
preparing for cross-examination of opposing witnesses. 4677
iii. Assist the Government in preparing for discovery of opposing experts’ opinions, 4678
including preparation for and attendance at opposing experts’ depositions. 4679
iv. Provide technical assistance in presenting the Government’s case at trials and 4680
hearings. 4681
v. Assist the Government in preparing for and in conducting cross-examination of 4682
opposing experts, including attendance at trials and hearings during testimony by 4683
opposing experts. 4684
vi. Provide technical assistance in drafting motions and briefs. This includes, among 4685
other things, reviewing and analyzing portions of opposing briefs and motions, as 4686
well as reviewing Government drafts. 4687
f. Adhere to the following Confidentiality and Release of Government Information 4688
provisions: 4689
i. Classified and “No Foreign” information procedures are not relaxed for litigation 4690
or because information might be relevant to litigation. 4691
ii. Unclassified information about the services provided under this section, and the 4692
Government records involved, may be privileged and shall be treated as For 4693
Official Use Only (FOUO), until otherwise directed by the Government. 4694
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
176
iii. Information about the services provided or records involved shall not be released 4695
without prior authorization by the Contracting Officer, the Contracting Officer 4696
Representative, or the representative of the office that placed the litigation hold, 4697
or, in the case of actual litigation, an attorney representing the Government in the 4698
matter. 4699
g. If the records involved include records on individuals, the Contractor shall also comply 4700
with the Privacy Act of 1974 and agency rules and regulations issued under the act as 4701
required by the Privacy Act clauses, FAR 52.224-1 and 52.224-2 (April 1984). 4702
4703
4. MARINE CORPS ENTERPRISE SERVICES REQUIREMENTS 4704
4.1 Scope of Work 4705
The scope of this effort is to establish operational control and transition of current enterprise 4706
services from the incumbent service provider; to provide services for the day-to-day operation 4707
and maintenance of the network; and to provide services for technology refresh and 4708
modernization. 4709
4710
The NGEN Functional Baseline was established upon approval of the Systems Design 4711
Specification (SDS) and the successful completion of the Program's System Functional Review 4712
(SFR). NGEN is comprised of 38 NGEN services, covering the breadth of the capabilities 4713
currently provided by the Incumbent Provider. These 38 services are further divided into 4714
"segments" based on whether the services relate directly or indirectly to network Transport 4715
Services (TXS), Enterprise Services (ES) (including non-end user software licensing, some end 4716
user software licensing, and end user hardware), and End User Software Licenses. 4717
4718
For the Marine Corps Management Domain (MD), enterprise services will be managed by 4719
government personnel, with additional support provided by the ES contractor. Notional tasks 4720
include operating, troubleshooting, and monitoring enterprise hardware, infrastructure and 4721
software and may include 24/7 operations, information technology management, data and 4722
migration services, and various support functions. 4723
4724
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
177
Throughout the contract period, the contractor will be required to coordinate schedules, support 4725
data collection for assets, provide engineering and technical support, support Enterprise 4726
management and operations, end user requirements management, application and hardware 4727
inventory, transition activities, technical refresh schedules and activities, and life-cycle 4728
sustainment in the USMC IT environment (e.g. SRM data collection, asset reconciliation and 4729
tracking). The scope of task orders will be structured to reflect centralized and distributed 4730
support at all Marine Corps locations including any outlying sites listed in Appendix J. 4731
4732
The contractor will support the USMC operation, maintenance, and sustainment of enterprise 4733
services, perform associated services, provide hardware and software procurement and 4734
associated training. The life cycle support for enterprise services includes the following, which 4735
are detailed in section 4.6 as indicated: 4736
a. Enterprise Engineering Design and Support Services 4737
b. Enterprise Operations Services 4738
c. Data Storage Services 4739
d. Enterprise Messaging Services 4740
e. Application Hosting Services 4741
f. Enterprise Web Portal Services 4742
g. Workflow and Collaboration Services 4743
h. Directory Services 4744
i. COOP/Disaster Recovery/Business Continuity Services 4745
j. File Removal Services 4746
k. Electronic Software Delivery Services 4747
l. Commercial Voice Services 4748
m. VOIP Options and Services 4749
n. Unclassified Mobile Phone Services 4750
o. Classified Mobile Phone Services 4751
p. VTC Services 4752
q. Cross Domain Security Services 4753
r. Security Configuration and Management Services 4754
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
178
s. Boundary, DMZ, and COI Services 4755
t. Malware Detection and Protection Services 4756
u. Security Event Management Services 4757
v. Security and IT Certification and Accreditation Services 4758
w. Authentication and Authorization Services 4759
x. Network Access Control Services 4760
y. Fixed and Portable Computing Services 4761
z. Thin Client Computing Services 4762
aa. Optional Hardware and Software Services 4763
bb. Remote Access Services 4764
cc. Printing Services 4765
dd. Service Desk Services 4766
ee. Desk Side Support Services 4767
ff. End user Training Services 4768
gg. Network Operations and Cyber Security Training Services 4769
hh. Testing and Evaluation Services 4770
4771
4.2 Program Management 4772
This section describes the types of work the ES contractor shall provide under this contract to 4773
achieve management, technical, logistical, cost and schedule objectives. The ES contractor shall: 4774
a. Maintain a formal program management organization and identify responsible key 4775
personnel who will provide program planning, support, development, and maintenance of 4776
a management plan that describes the ES contractor’s organizational assignment of 4777
functions, duties, and responsibilities. Designate at least one individual and alternate 4778
with the responsibility and authority to execute required courses of action as directed by 4779
the government. 4780
b. Define and establish clear lines of authority and responsibility between all organizational 4781
elements and update the Government when changes are made. 4782
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
179
c. Provide input and comments into requirements development, discussions, designs, 4783
testing, evaluations, implementation, deployments, sustainment, risk management, and 4784
recommendations to the Government. 4785
d. Plan required post-install site certification, implementation, testing, resources, and 4786
coordination activities and identify roles and responsibilities, to include migration of user 4787
data. 4788
e. Provide project management and technical support (e.g., participate in discussions, design 4789
solutions, risk identification, make recommendations and develop schedules for approval) 4790
such as: 4791
i. Attend leadership team meetings. 4792
ii. Prepare briefing material as required to address the agenda items proposed by the 4793
government before the scheduled meetings. (CDRL AXXX) 4794
iii. Attend and provide support for Conferences. 4795
iv. Provide SME support, briefings and technical material as required. 4796
v. Conferences will be sponsored by the Government. 4797
f. Conduct Program Management Reviews (PMRs) quarterly including an overview of 4798
enterprise operations, schedule performance (review of the master schedule of key 4799
projects), contract status (including a discussion of open issues and negotiations in 4800
process), status of legacy operations, operational metrics and trending, metrics for key 4801
projects, and an overall assessment of program risk. 4802
i. Provide a venue for the PMRs 4803
ii. Develop agendas and record minutes for PMRs. (CDRL AXXX) 4804
iii. Provide a proposed draft agenda to the government 21 business days prior to the 4805
scheduled PMR. Modify or add items to the PMR agenda when requested by the 4806
government, provided these requests are transmitted to the ES contractor within 4807
five business days of government receipt of the draft agenda. Track and provide 4808
status of official communication with the Contracting Officer’s Representative 4809
(COR) such as technical direction and transmittals. (CDRL AXXX) 4810
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
180
iv. Comply, measure and report the service level requirements, service level 4811
objectives and operational level agreements for each of the transport-related 4812
services using government provided tools and processes. 4813
g. Maintain web enabled tools for tracking status of requests that have been received by the 4814
contractor. 4815
h. Notify the government POC when agreed upon deadlines will not be met and what are 4816
the risks associated with schedule slip. 4817
i. Provide quality assurance plans (QAPs) for designated NGEN initiatives including, but 4818
not limited to, plans, training materials, process improvement and conflict resolution 4819
processes, customer feedback processes, and trend analysis (CDRL AXXX). 4820
j. For all meetings/briefings, provide executive level and/or SME support, briefings, 4821
technical material, meeting minutes and action items, as required. 4822
k. Provide SME support, briefings and technical material as required and provide meeting 4823
minutes. 4824
l. Execution Discipline Decision meetings will be held as required to validate completion of 4825
program/project milestones. 4826
m. Provide SME support, briefings and technical material as required. 4827
n. Joint Government/Contractor WAN Team meetings will be held to review and update 4828
issues and actions. 4829
o. Have the Program Manager (or designee) and key Contractor personnel attend PMRs. 4830
p. Provide ad hoc reports as required by the Government in accordance with (CDRL 4831
AXXX). 4832
q. Provide Contractor Management Plan in accordance with (CDRL AXXX). 4833
r. Provide PMR Action Items, Requests for Information and Timelines for closure in 4834
accordance with (CDRL AXXX). 4835
4836
4.3 Risk Management 4837
Risk Management provides an organized means of identifying, measuring, and ranking risks and 4838
developing, selecting, and managing options for resolving or mitigating risks. The ES contractor 4839
shall: 4840
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
181
a. Establish and execute a risk management program in accordance with the Risk 4841
Management Guide for DoD Acquisition, Sixth Edition (Version 1.0) dated August 2006 4842
and the NGEN Risk Management Plan (Attachment XXX). 4843
b. Designate a Risk Manager who reports directly to the ES Contractor Program Manager 4844
and serves as the primary point of contact for the Government on all matters relating to 4845
risk management. 4846
c. Conduct a risk analysis (i.e. risk identification and assessment) and brief results to the 4847
Government (CDRL AXXX). 4848
d. Support monthly NGEN Risk Management Board meetings. 4849
e. Prepare and present new program risks with proposed mitigation plans and strategies and 4850
report on the mitigation status of existing risks. 4851
4852
4.4 IT Service Management (ITSM) 4853
ITSM is a framework of specialized functions and processes that, in conjunction with IT 4854
infrastructure and personnel, provides value to managers, technicians and customers in the form 4855
of IT services. ITSM processes support conceptualization, planning, procurement, 4856
implementation, and operation of IT services. Well-defined process interfaces ensure the 4857
integration of acquisition, governance, and operational activities. USMC E-ITSM (E ITSM) 4858
processes and activities are based on the Information Technology Infrastructure Library (ITIL) 4859
v3® lifecycle and processes, but are tailored to the unique policies, culture, and organizational 4860
constructs of the USMC. In the future net-centric operational environment, the Marine Corps 4861
will become increasingly dependent on IT services and capabilities, so service management will 4862
become even more important. The ES contractor is responsible for participating in the USMC E 4863
ITSM framework by managing and reporting work activities according to defined processes, 4864
procedures, work instructions, and metrics. The ES contractor will align its teams with USMC 4865
NETOPS organizations and participate in the ITSM framework on the behalf of these different 4866
enterprise, regional, and local organizations under the guidance of local commanders and 4867
managers. The ES contractor shall ensure that its activities are recorded separately, allowing the 4868
government to examine the contractor's specific contribution to USMC IT services. A notional 4869
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
182
tools list is provided in Appendix H. EITSM Guide to Reference list in Section 2. 4870
4871
4.5 Performance Requirements 4872
4.5.1 Performance Quality 4873
The enterprise services contractor shall be evaluated against the performance standards defined 4874
in the quality assurance surveillance plan (Appendix A). 4875
4876
4.5.1.1 Quality Control Plan 4877
Within thirty (30) calendar days after initial task order award, the ES Contractor shall establish 4878
and maintain a complete quality control plan (QCP) that shall ensure the requirements of the 4879
contract are provided as specified in Sections 4.3, 4.4, and 4.6 of this document. This will be a 4880
“living” document that covers the initial task order and allows changes including future task 4881
orders, (CDRL AXXX). All documents, artifacts, reports etc developed under this contract are 4882
government property. 4883
4884
4.5.1.2 Government Representatives 4885
The government will designate representatives to evaluate contractor personnel against these 4886
categories. Representatives generally hold positions as MITSC directors, Ops managers, 4887
MCNOSC site leads, MCNOSC department heads, and designated G6 leadership. Specific 4888
personnel will be identified within thirty (30) calendar days after task order award. 4889
4890
4.5.2 Phase In/Phase Out Period 4891
4.5.2.1 Phase In Period 4892
Phase in period encompasses the people, processes, tools, technologies, and sequenced activities 4893
required to transfer service operations from the incumbent. The phase in period of services will 4894
occur beginning December 2012. 4895
4896
Contractors shall support a smooth transition with processes, procedures, and tools currently 4897
utilized to provide these services. The ES Contractor shall: 4898
a. Participate in readiness reviews during the phase in period. 4899
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
183
b. Propose a staffing plan to support task order requirements that encompass staffing and 4900
on-boarding activities for locations specified. Staffing plan shall include labor 4901
categories, describe associated skill sets, and level of support required to meet the service 4902
requirement in this PWS. (CDRL AXXX) 4903
4904
4.5.2.2 Phase Out Period 4905
Phase out period encompasses the people, processes, tools, technologies, and sequenced 4906
activities required to transfer service operations to the successor. Contractors shall support a 4907
smooth transition and familiarization with processes, procedures, and tools currently utilized 4908
under this contract to the successor. During the phase out period, the ES Contractor shall: 4909
a. Participate in readiness reviews 4910
b. Provide and execute a phase-out plan in accordance with the terms of the NGEN 4911
Enterprise Service Contract to ensure continuity of services, minimize any decreases in 4912
productivity, and prevent possible negative impacts on additional services during the 4913
phase out period. (CDRL AXXX) 4914
c. Provide knowledge transfer, support successor job shadowing, training, and other 4915
activities in order to transfer the full operation of services. (CDRL AXXX) 4916
4917
4.6 Services Provided 4918
The ES Contractor shall support a broad range of technical, operational, maintenance and 4919
management functions in support of delivery of enterprise services to the Marine Corps 4920
Management Domain (MD), and be expected to support the following elements: 4921
4922
Note: Unless a CDRL is cited, the format, font, and content of data deliverables should be at the 4923
contractor’s discretion subject to the PM’s final approval. Due date is as requested by the 4924
government. 4925
4926
4.6.1 Enterprise Engineering Design and Support Services (EEDSS) 4927
Enterprise engineering design and support services (EEDSS) provide the functions needed to 4928
design, model, test, pilot, and implement the interfaces and services required for underlying 4929
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
184
enterprise functionality, provisioning of data and resources, and harmonization of 4930
business/operational functions with interfaces and services. 4931
4932
4.6.1.1 Specific Tasks 4933
For EEDSS, the support tasks the ES Contractor shall perform or provide include: 4934
a. Support the development of architectures for new or expansions of existing services. 4935
b. Provide input and support the Government in developing plans for new services or 4936
expansion of existing services including deployment plans. 4937
c. Provide input and support the Government in developing a deployment plan for any 4938
technology refresh of existing core services. 4939
d. Configure enterprise core services HW/SW to the current government-approved solution 4940
operating configuration. 4941
e. Install enterprise core HW/SW, at the appropriate location in accordance with 4942
government direction. 4943
f. Provide input and support the Government in updating/revising architecture designs to 4944
accommodate new or changing requirements, emerging technology, and results of 4945
vulnerability assessments to ensure compliance with government security mandates. 4946
g. Support software upgrade plans, including tools extensions and templates, as provided by 4947
the software developer(s) to meet security or specific functionality requirements 4948
indentified by the Government. 4949
h. Provide input and support the Government in developing technical documentation to 4950
support various technical reviews. 4951
i. Support the establishment of metrics to capture equipment performance trends. 4952
j. Implement specific item unique identification (IUID) marking as defined in MIL-STD-4953
130N, DoDI 5000.64 DoDD 8320.03 and DFARS clause 252.211-7003. 4954
k. Support the engineering of core builds for each operating system comprised of software 4955
provided by the government, a contractor or by a third party contractor. 4956
l. Support the development for each operating system on the network applicable Group 4957
Policy Objects (GPOs) based on the corresponding Government documentation such as: 4958
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
185
i. Develop for each Operating System on the Network applicable Group Policy 4959
Objects (GPOs) based on the corresponding Defense Information Systems 4960
Agency (DISA) Security Technical Implementation Guides (STIG) and the 4961
Marine Corps Enterprise DAA guidance regarding the Federal Desktop Core 4962
Configuration (FDCC), as directed by the Office of Management and Budget 4963
(OMB) memorandum M‐07‐11, "Implementation of Commonly Accepted 4964
Security Configurations for Windows Operating Systems," March 22, 2007, 4965
guidelines and configurations (from National Institute of Standards and 4966
Technology; National Vulnerability Database for FDCC). 4967
m. Develop a core image for building or rebuilding of a data seat. 4968
n. Ensure the core build operates and meets all requirements as defined by the government. 4969
Identify potential compatibility issues with other core build software, information 4970
assurance settings, impact to network operations, virus protection and standard hardware 4971
configurations. 4972
o. Incorporate Government requirements identified at the semi-annual Core Build joint 4973
review meeting. 4974
p. Maintain a comprehensive list of the Core Build and Engineering Change Control Board 4975
(ECCB) approved software, as well as software patches, GPOs and upgrades provided by 4976
the Government for installation on the Network. Provide these lists to the government in 4977
accordance with (CDRL AXXX) (version control). 4978
q. Obtain Government approval for hardware and software specifications/BOM. 4979
r. Implement approved engineering solutions in the USMC domain. 4980
s. Review Requests for Change (RFC) and validate the classification of the change in 4981
accordance with MIL-HDBK-61. 4982
t. Support the maintenance of an electronic records management application (RMA) 4983
certified in accordance with the current DoD Standard 5015.2- STD and consistent with 4984
DON policy such as Total Records and Information Management (TRIM). 4985
u. Support the implementation of Electronic Records management in accordance with 4986
current DoD 5015.2-STD and DoDI 8500.2. 4987
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
186
v. Provide authorized users the ability to: add new documents; “check-out” existing 4988
documents by locking edit access of other users; “check-in” documents by saving any 4989
changes and removing edit-lock; maintain control of a document’s master/original copy 4990
and all versions stored in the repository. 4991
w. Provide an audit log of all actions users take in the system; provide the following 4992
standard reports: records due transfer to National Archives and Records Administration 4993
(NARA) or a federal record center, records due for destruction / deletion, records on 4994
hold/freeze for litigation/inquiry, records without a disposition assigned, offline storage 4995
(data, workflows and documents on a medium that is removed from system access), audit 4996
report of events on content: Record Management Administration, and record “file plan. 4997
x. Provide a workflow capability to create, modify, and save custom (ad-hoc) document 4998
routing paths with multiple assignable due dates; allow for “rule-based triggers” in the 4999
workflow (Support decision base routing on time, approval/disapproval, user defined or 5000
set-values and user actions); provide the capability to send an email that a workflow will 5001
be arriving soon, has arrived, is overdue, and/or is in suspense; provide the capability to 5002
link electronic documents to emails; provide the capability to review and approve 5003
workflow documents; provide the capability to close a workflow; provide the capability 5004
to delete a workflow; provide an audit record of every reference to a workflow. 5005
y. Support geographically-separated storage sites for the records contained in the RMA 5006
utilizing a SAN architecture to provide logical separation of data, redundancy, and 5007
security. 5008
z. Allow all authorized users access to the RMA through the capability to manage 5009
permissions such that: (1) users can have access to all non-restricted records in the 5010
system, and (2) record access can be restricted when appropriate. 5011
aa. Support integration with records stored in the legacy RMA system. 5012
bb. Assist the Government with planning hardware and software upgrade roadmaps to 5013
support testing, Service Desk, and on-site support training. 5014
cc. Submit C&A packages to the Government for approval. 5015
dd. Maintain Core Build software. The NGEN Workstation Core Build is comprised of an 5016
Operating System (OS), core applications (i.e. Microsoft Office), and hardware specific 5017
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
187
configuration items and the associated configuration characteristics of specific 5018
workstation platforms. Changes to the Core Build occur when 1) specific Core Build 5019
components are updated; 2) new components are added to the Core Build; 3) security 5020
patches are applied to the components in the Core Build; or, 4) existing Core Build 5021
components are retired and removed from the Core Build. Core Build software will 5022
include but is not limited to: 5023
i. Operating systems (OS) to include drivers associated with OS hardware 5024
compatibility list as provided by the original equipment manufacturer (OEM) 5025
ii. Office Productivity Suite 5026
iii. Desktop management software 5027
iv. Email services software 5028
v. Internet browsing software 5029
vi. Virus protection software 5030
vii. PDF viewer software 5031
viii. Remote access services (RAS) software 5032
ix. GIS Viewer to view geospatial material 5033
x. Terminal and Print Emulator – Host 5034
xi. Compression tool 5035
xii. Collaboration tool 5036
xiii. Multimedia capability to view video and listen to audio 5037
xiv. Electronic records management 5038
xv. Security software 5039
xvi. Software management 5040
xvii. Inventory and remote control software 5041
xviii. Smart Card software 5042
xix. Just-in-time Compiler 5043
xx. Virtual Private Network (VPN) Client 5044
xxi. Remote Software Installation Tool Set 5045
5046
4.6.2 Enterprise Operations Services 5047
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
188
Enterprise operations services include the day-to-day activities required to provide monitoring, 5048
management, administration, and maintenance for all manned and unmanned NGEN operational 5049
facilities. 5050
5051
4.6.2.1 Specific Tasks 5052
For Enterprise Operations Services, the specific support tasks the ES Contractor shall perform or 5053
provide include: 5054
a. Perform monitoring and management of enterprise core services, including email and file 5055
share, using government provided tool suites. The government shall have access to all 5056
logs without contractor participation. 5057
b. Participate in, and provide input to, meetings as required. Attendance at and support of 5058
meetings shall include, but not limited to: provide input and comments into all phases of 5059
requirements, discussions, designs, testing, evaluations, implementation, deployments, 5060
sustainment, risk management, and recommendations to the government. Draft minutes 5061
and provide to the government, as required. 5062
c. Recommend changes to the environment. 5063
d. Perform break fix actions. 5064
e. Perform maintenance actions. 5065
f. Respond to proactive environment alarms. 5066
g. Manage applications to minimize network traffic destined for the DoD PKI certificate 5067
validation infrastructure. 5068
h. Support the delivery of near real time (as defined in Joint Pub 1-02, as amended) full 5069
spectrum situational awareness of IT services and infrastructure to Marine Corps 5070
NETOPS control authorities via electronic network management systems (automated 5071
means) and command and control facilities/watchstanders on the USMC network. This 5072
service shall be capable of facilitating the government’s exercise of network operational 5073
control over critical services and infrastructure in support of DON statutory and 5074
warfighting responsibilities. 5075
i. Provide situational awareness to exercise network operational control including: 5076
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
189
i. Provide near real time performance metrics for IT services to support the 5077
development of consistent operational pictures of the status of the network. 5078
ii. Provide near real time information on the configurations of components, systems, 5079
and services to support vulnerability analyses. 5080
iii. Provide near real time information on ongoing events, incidents, and problems. 5081
iv. Recommend the prioritization of remediation actions for events, incidents, and 5082
problems. 5083
v. Use government provided tools and processes to inform the government of the 5084
status of reportable incidents. 5085
j. Maintain and manage enterprise performance monitoring of government furnished 5086
systems and services. The minimum amount of monitoring must include, but is not 5087
limited to: 5088
i. Exchange 5089
ii. Mailbox servers: 5090
a) Front-end 5091
b) Exchange routing 5092
c) Exchange public folder 5093
d) BlackBerry or similar device 5094
iii. Directory: 5095
a) Name resolution 5096
b) Directory 5097
iv. Cryptographic Log on (CLO): 5098
a) Repeater 5099
b) Responder 5100
v. Web: 5101
a) Proxy 5102
b) Web 5103
c) Citrix 5104
vi. File and print: 5105
a. File 5106
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
190
b. Print 5107
vii. Boundary: 5108
a. Firewall B1 5109
b. Firewall B2 5110
c. VPN 5111
viii. WAN: 5112
a. Wan accelerators 5113
b. Utilization data 5114
c. Network latency 5115
d. Packet-loss 5116
ix. IA Infrastructure: 5117
a. SCRI servers 5118
b. SCCVI servers 5119
c. SIM infrastructure 5120
d. HBSS infrastructure 5121
e. URL content filter infrastructure 5122
f. IPS infrastructure 5123
x. End user workstation: 5124
a. Power-up to login time, excluding BIOS 5125
b. Login response time (login to desktop loaded) 5126
c. Power-down command to power-off 5127
d. CPU utilization 5128
e. Memory utilization 5129
f. Disk utilization 5130
g. Network/Disk IO 5131
h. Services 5132
f. Maintain and manage storage devices, including analysis of capacity and execute 5133
generation of standard capacity reports for the designated government manager of that 5134
storage device, system, or component. 5135
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
191
g. Maintain and manage a reporting database for collection of probe data, capable of 5136
generating customizable reports, near-real time dashboard information, and targeted 5137
comparative analysis of performance data. 5138
h. Manage installation processes, including troubleshooting issues after delivery and 5139
installation of HW/SW. 5140
i. Perform asset scanning and logging of assets that have been delivered in accordance with 5141
established government directives. 5142
j. Provide contractor personnel lists to the government for those who have been granted 5143
administrative and privileged access that are executing NETOPS actions. (CDRL 5144
AXXX) 5145
k. Provide status to the government of contractor personnel clearances. The DD254 5146
information is addressed in Section J attachment to the RFP. 5147
l. Designate an individual (and backup) with the responsibility and authority to execute 5148
required courses of action as directed by the government. 5149
m. Operate and maintain software supporting USMC services. 5150
n. Provide break/fix and maintenance services on enterprise core GFE hardware. 5151
o. Provide technology refresh services for equipment in accordance with a mutually agreed 5152
upon schedule. Such schedule will include, but is not limited to the refresh timeline 5153
along with the timing for events (e.g., ordering and delivery of equipment to the staging 5154
area) leading up to the actual implementation. 5155
p. Assist the Government in conducting transfer custody of all internal and removable hard 5156
drives and unclassified internal and removable hard drives at such time as the IT resource 5157
is being reassigned, replaced, upgraded, or decommissioned. 5158
q. Provide input to the network system maintenance plan, which shall include, but is not 5159
limited to maintenance history, trending analysis, and metrics. 5160
r. Update TMS tickets within time frames established by government procedures. 5161
s. Close ticket when approved by government representatives. 5162
t. Tickets that are not high priority will be updated, completed, and reassigned as per 5163
current government guidance. 5164
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
192
u. If the event/incident generates a response to operational problem (RTOP), the RTOP 5165
reporting method will meet the severity/priority status update requirements. 5166
v. Provide ongoing monitoring and support services for each Data Seat. 5167
w. Provide Server Based Computing that provides Online terminal emulation of basic 5168
services excluding multimedia, video conferencing, and the Net Meeting application. 5169
x. Provide a Web based solution that provides basic services through a Citrix frontend. 5170
y. Assist in exercising operational control over critical services of the infrastructure in 5171
support of DOD policies, statutory and warfighting responsibilities. 5172
z. Support and prioritize responses to events, incidents and problems based on mission 5173
impact and situational urgency. 5174
aa. Close events and incidents after their resolution. The designated NetOps authority will 5175
approve closures of incidents upon reporting that the incident has been resolved. 5176
bb. Implement policies and direct changes to the overall posture of IT services and 5177
infrastructure. 5178
cc. Support the coordination of the physical location, termination of IT services, and 5179
augmentation or changes to existing services. 5180
dd. Assist in development of system status dashboards. 5181
i. CJCSI 6510.01E IA and CND 5182
ii. CJCSM 6510.01 Defense in Depth: IA and CND 5183
iii. CJCSM 6510.01A IA and CND Vol 1 (IH program) 5184
iv. CJCSM 6510.02 IA Vol II (Vulnerability Management) 5185
v. ASD Memo for CND Response Actions 5186
vi. DoDD O‐8530.1 CND 5187
vii. DoDI O‐8530.2 Support to CND 5188
viii. DoDD 8500.1 IA 5189
ix. DoDI 8500.2 IA Implementation 5190
x. DoD 8570.01‐M IA Workforce Improvement Program 5191
xi. Joint NetOPS CONOPS Aug 2006 5192
xii. SD 527‐1 INFOCON 5193
xiii. SECNAVINST 5239.3B DON IA Policy 5194
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
193
xiv. SECNAVINST 5239.19 DON Computer Network Incident Response and 5195
Reporting Requirements 5196
xv. OPNAVINST 5239.1C Navy IA Program 5197
xvi. SECNAVINST 5239.2 Navy IA Workforce Management Manual 5198
xvii. Naval Telecommunications Procedures 4 Chap 11 5199
xviii. NNWCINST 5450.4A Mission, Function & Tasks for NCDOC‐Norfolk 5200
xix. Navy NETOPS CONOPS 5201
5202
4.6.3 Data Storage Services 5203
Data storage services provide storage solutions for Online, near-line and off-line storage. 5204
Storage includes but is not limited to applications, databases, shared file services, server 5205
virtualization, back-up, recovery and restore. 5206
5207
4.6.3.1 Specific Tasks 5208
For Data Storage Services, the specific support tasks the ES Contractor shall perform or provide 5209
include: 5210
a. Manage log retention data storage for USCYBERCOM Information Operations 5211
Condition (INFOCON) requirements. 5212
b. Provide access to migrated data or external data storage devices after migration of data. 5213
c. Deliver DAR services using a commercial off-the-shelf solution approved by the DoD 5214
Data at Rest Tiger team per the DoD CIO memo dated 03 July 2007. 5215
d. Deliver DAR services that interoperate with all DoD PKI credentials in both the DAR 5216
pre-boot kernel and client operating system. 5217
e. Encrypt workstation media storage device using full disk encryption. 5218
f. Encrypt mobile devices using full disk encryption, content protection, or equivalent 5219
encryption system. 5220
g. Encrypt data written from workstations to removable storage media. 5221
h. Enable file and folder encryption on workstations. 5222
i. Allow a means to designate authorized access to end users for workstation data encrypted 5223
on removable storage or in files and folders. 5224
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
194
j. Enable authentication to end users for authorized access to workstation data encrypted on 5225
removable storage media or in files and folders using DoD PKI credentials and/or 5226
password. 5227
k. Provide a means for end users to decrypt files and folders encrypted on removable 5228
storage for government and non-government workstations. 5229
l. Provide for encryption of data written from network computing devices to removable 5230
storage media. 5231
m. Decrypt hard drives, storage media, files, folders, or other data encrypted by DAR 5232
Services when directed by designated government operational interfaces. 5233
n. Remove one or more components of the DAR services from workstations if necessitated 5234
by operational requirements and directed by designated government operational 5235
interfaces. 5236
o. Provide a DAR system administrator credential (i.e., end username and password) and 5237
recovery tools for a DAR full disk encryption solution to the designated government 5238
operational interfaces. This will enable the government to decrypt DAR-encrypted hard 5239
drives in the network. 5240
p. Operate enterprise storage infrastructure (SFI) at server farm sites. 5241
q. Provide end users the ability to store and retrieve files on shared, controlled access 5242
storage media. 5243
r. Provide for the storage of and access to data files. 5244
s. Provide the ability to administer, identify, and grant individuals and/or groups general or 5245
specific operational capabilities that can be performed at file level. These capabilities 5246
shall include, but is not limited to the ability to open, list, read, modify, save, copy, 5247
delete, rename and print files. 5248
t. Provide and administer the capability to control the manipulation of shared folders at the 5249
individual and/or group level. 5250
u. Provide the ability to administer, identify, and grant individuals and/or groups general or 5251
specific operational capabilities that can be performed at folder level. These capabilities 5252
shall include, but is not limited to the ability to open, list, create, delete, copy, move, 5253
rename and map to folders. 5254
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
195
v. Provide and administer the capability to set up file blocking on a folder and all sub-5255
folders, within a command share space. 5256
w. Provide the ability to specify what type or group of files are not allowed to be written to a 5257
folder structure (i.e. block ability of end users to save *.PST files to a folder and all 5258
subfolders). 5259
x. Provide and administer the capability to control the physical size limit quota, within a 5260
command share space, of a folder and all subordinate folders. 5261
y. Provide and administer Exchange Services for end user storage allocation and high 5262
availability storage services. 5263
z. Provide and administer personal data storage allocation, command storage allocation, 5264
exchange storage allocation, and public folder storage allocation. 5265
aa. Provide Orderable Data Seat Backup and Restore services in accordance with DON and 5266
DoD policy, standards, and architecture regarding data, data storage, and data retrieval, 5267
including use of COTS tools as provided by the government. 5268
bb. Provide a backup and restore solution for desktop and laptop clients, including the ability 5269
to manage and automate distributed backups to a centralized repository in a highly 5270
scalable architecture with tools provided by the government. 5271
cc. Provide complete backups and online recovery, regardless of location, when connected 5272
through a high-speed connection with tools provided by the government. 5273
dd. Provide recovery from accidental file deletion, system corruption, loss of system, or 5274
hardware failure, to the last backup file (or older available back up file as requested), 5275
with tools provided by the government. 5276
ee. Manage automated distributed backup to and recovery from a centralized repository in a 5277
scalable architecture. 5278
ff. Provide 24/7/365 access to backup and restore data, regardless of location, without direct 5279
assistance from the Enterprise Service Desk staff with tools provided by the government. 5280
gg. Provide email and telephonic customer support if required for Data Seat Backup and 5281
Restore services. 5282
hh. Maintain government servers and intelligent storage systems for scalability, high 5283
availability and redundancy. 5284
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
196
ii. Ensure capability to recover backed-up files for at least a 30 day window after file loss. 5285
jj. Verify selection of files for backup to ensure full end user data protection and recovery 5286
capabilities. 5287
kk. Manage and maintain baseline tiered storage options for the enterprise that vary in 5288
performance as measured by disk latency/disk responsiveness, security and availability, 5289
as well as options to implement departmental or workgroup instances to meet 5290
technological, DoD, and legal requirements. 5291
ll. Maintain Active Tiered Storage Allocation Management tools. 5292
mm. Maintain Passive Tiered Storage Allocation Management options. 5293
nn. Manage storage options for prioritization of data based on government direction, 5294
including changes in mission priorities that can be adjusted in real time. 5295
oo. Manage High Availability storage options, which meet or exceed Recovery Time 5296
Objective and Recovery Point Objective values for data availability and address specific 5297
end user applications and types. 5298
pp. Provide engineering, implementation, and maintenance capabilities for additional Tiered 5299
Storage options as directed by the government. 5300
qq. Manage data storage mechanisms for long-term storage and/or archiving of data to meet 5301
regulatory and legal requirements for discovery and audit. 5302
rr. Provide information assurance and security to data based on content for all tiers. 5303
ss. Manage log retention data storage for USCYBERCOM Information Operations 5304
Condition (INFOCON) requirements. 5305
tt. Maintain statistical trending for capacity management of tiered storage services. 5306
uu. Manage and maintain the accessibility and capability to retrieve data from any 5307
maintenance data repository 24 hours per day, 7 days per week. 5308
vv. Provide engineering, implementation, and maintenance capabilities for storage options 5309
requested and funded by specific Commands or initiatives. 5310
ww. Provide trained and certified Storage and File Managers for the level of business 5311
ordering storage. 5312
xx. Maintain the Definitive Storage System Guide (DSSG) and make available via web site. 5313
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
197
yy. Provide input to Active and Passive Tiered Storage Allocation Management direction, 5314
policies, and procedures. 5315
zz. Provide input to Data Prioritization direction, policies, and procedures. 5316
aaa. Support individual Command or Organization storage requirements outside of 5317
enterprise solutions. 5318
bbb. Direct data to storage tiers based on requirements and cost optimization factors. 5319
ccc. Deliver DAR services providing authentication of users with DoD PKI credentials prior 5320
to loading a workstation hard disk encryption key and booting the operating system. 5321
5322
4.6.4 Enterprise Messaging Services 5323
Enterprise Messaging Services are core messaging solutions. Messaging encompasses human-5324
readable messages delivered via computer software for person-to-person communication through 5325
SMTP based E-mail applications. Shared service messaging for NGEN Block 1 will be provided 5326
via existing messaging infrastructure with potential future integration with NCES, DKO, and 5327
other enterprise wide messaging services. Messaging provides one-to-one relationships, but also 5328
one-to-many relationships (multicasting), intelligent routing, and guaranteed delivery. 5329
5330
4.6.4.1 Specific Tasks 5331
For Enterprise Messaging Services, the specific support tasks the ES Contractor shall perform or 5332
provided include: 5333
a. Manage and maintain digital signature and encryption capabilities for email services in 5334
accordance with NTD 07/06, NAVADMIN 248/08 and MARADMIN 336/08 digital 5335
signature policy. 5336
b. Provide unique identification to both the sender and the recipient of a message. 5337
c. Manage and maintain capability to send, store, process, and received email and 5338
associated attachments. 5339
d. Configure the unclassified email client with the ability to send and receive signed and 5340
encrypted email and attachments, by utilizing DoD PKI issued end user certificates in 5341
accordance with government direction. 5342
e. Maintain the capability for email to support cryptographic functions from a smart card. 5343
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
198
f. Support email that conforms to industry standards (including native RPC, HTTP) for 5344
interoperability and remote access. 5345
g. Configure and manage Exchange Services including Single Mailbox Restore capability. 5346
h. Manage and maintain global access to email via a web-based application (e.g., OWA) 5347
using PKI-based end user authentication or both PKI and password-based authentication 5348
for government designated exceptions from a hardware/software entry point with a 5349
browser compatible with Transport Layer Security (TLS). 5350
i. Configure and manage Exchange Services for automatic archiving for up to 6GB storage 5351
per end user. 5352
j. Configure and manage Exchange Services for automatic archiving of single instance 5353
storage. 5354
k. Configure and manage SMTP connections to network bridgehead servers designated by 5355
the government. 5356
l. Configure and manage email redirection, forwarding, and re-implementation of full 5357
service email for accounts being deployed. 5358
m. Configure and manage email redirection to a “.mil” or “.gov” address only. 5359
n. Implement and maintain the email redirection capability to allow deployed end users to 5360
remotely and securely start/stop/modify their email redirection configuration. 5361
o. Modify E-Mail account storage limits. 5362
p. Transfer E-Mail Accounts between MITSCs. 5363
5364
4.6.5 Application Hosting Services 5365
Application Hosting Services provide a protected hosting environment, consisting of common 5366
hardware platforms and operating systems where applications reside. Application hosting 5367
includes, but is not limited to hosting legacy, enterprise and Community of Interest (COI) 5368
applications. 5369
5370
4.6.5.1 Specific Tasks 5371
For Application Hosting Services, the specific support tasks the ES Contractor shall perform or 5372
provide include: 5373
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
199
a. Prepare the hosting environment to allow the Government to install the hosted 5374
applications. 5375
b. The Contractor shall support the Government with preparation of Application Security 5376
Validation documentation as contained in the DOS. 5377
c. Provide server de-installation services from the hosting environment to discontinue 5378
application hosting service. 5379
5380
4.6.6 Enterprise Web Portal Services 5381
Enterprise Web Portal Services provide or utilize existing authentication services and control end 5382
user access based upon DoD security policies in support of controlled access to DoD-controlled 5383
information and applications. The Marine Corps provides all portal functionality through 5384
MCEITS, but may require contractor support. NGEN Web Portal efforts will transition current 5385
portals, operate, design, and implement Enterprise Web Portal Service. This includes integration 5386
of current portals into the DON Portal, establishment of content, discovery, and delivery 5387
services, and integration with existing identity synch solutions. Enterprise Web Portal Service 5388
Architecture/Design will provide web based portal content, discovery, and delivery services. 5389
The USMC will use the MITSCs and MCEITS to support all enterprise web portal content, 5390
discovery, and delivery not offered through Net Centric Enterprise Services (NCES). The 5391
USMC will host non-enterprise web portal content, discovery, and delivery services at the 5392
MITSCs and/or bases, posts, and stations. 5393
5394
4.6.6.1 Specific Tasks 5395
For Enterprise Web Portal Services, the specific support tasks the ES Contractor shall perform or 5396
provide include: 5397
5398
a. Administer the capabilities and features that allow end users to access internal and 5399
external web content via HTTP and HTTPS protocols. 5400
b. Administer the capabilities for caching and proxy to enhance information access and 5401
performance. 5402
c. Provide control over the content that may be accessed through the proxy: 5403
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
200
i. Filter by category 5404
ii. Allow policy application scheduling 5405
iii. Automated filter categories updates from a Government approved industry 5406
provider 5407
d. Provide filtering policy information regarding any web filtering performed at the proxy 5408
level. 5409
e. Provide access to web report from proxy and web filtering tools on the network. 5410
f. Administer and facilitate hosting of unclassified web pages or provisioning of a web 5411
address (URL). 5412
g. Create and maintain static web pages. 5413
h. Administer DNS services for hosted websites. 5414
i. Provide the ability to host HTTPS websites. 5415
j. Support both http and https hosting. 5416
k. Administer and facilitate DoD CAC/PKI Log on authentication for hosted websites. 5417
l. Administer security groups to manage access to internal web sites. 5418
m. Maintain web content. 5419
n. Post program, contract, and public affairs materials. 5420
o. Restrict access and usage to sub-sites or specific content areas. 5421
p. Administer and maintain search capabilities for Web Portal. 5422
q. Maintain Service Desk contact information on the public internet including contact 5423
information for the Service Desk with email and telephone number. 5424
r. Publish appropriate news, information, and event content on Web Portal. 5425
s. Operate and maintain portal services in existence at contract outset. 5426
t. Maintain portal services that support the capacity implemented at contract outset. 5427
u. Maintain portal services that support the capacity implemented at contract outset; 5428
estimated at 1,000,000 named end users. 5429
v. Maintain Portal services that support the capacity implemented at contract outset; 5430
estimated at 100,000 concurrent end users. 5431
w. Maintain DMZ services. 5432
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
201
x. Maintain storage services necessary to support the end user size of the portal, meeting 5433
specified caching, transmission, and reliability metrics. 5434
y. Maintain continuity of operations services including fail over capacity to an alternate site. 5435
z. Provide and maintain end user content alert/notification services. 5436
aa. Integrate content discovery services. 5437
bb. Integrate Net Centric Enterprise Services (NCES) collaboration services. 5438
cc. Integrate Joint Enterprise Directory Service (JEDS). 5439
dd. Provide Incident and Service Desk support for portal end users. 5440
ee. Support planning and risk mitigation of a portal migration to the Enterprise Portal: 5441
i. Provide input for a detailed Project Plan and Timeline showing interim objectives 5442
and milestones leading to the Full Operational Capability of the migrated portal 5443
within the Enterprise Portal 5444
ii. Assess current portal environment and components 5445
iii. Provide input for a Migration Validation Strategy Document 5446
iv. Provide input for a detailed Migration Plan 5447
v. Prepare NEIS environment to receive the legacy portal 5448
vi. Provide input for any necessary migration tools 5449
ff. Support execution of a portal migration plan to the Enterprise Portal including 5450
transformation of end user accounts and content in the migration plan, optimization of 5451
migrated portal, and transition to steady state operations: 5452
i. Migrate end user accounts and content into the Enterprise Portal environment 5453
ii. Resolve any issues with migrated portal 5454
iii. Measure and analyze the daily performance of the migrated portal, resolving any 5455
issues uncovered 5456
gg. Provide analysis and design service for new Portal functionality (content crawlers, web 5457
services, community templates, etc.), which may be used for either new requirements or 5458
as part of a portal migration: 5459
i. Provide input for a detailed requirements document for the Portal functionality 5460
ii. Provide input for a validation document for the Portal functionality 5461
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
202
iii. Provide input for a strategy for integrating this Portal functionality into the 5462
Enterprise Portal environment 5463
iv. Provide input to design documents of how the Portal functionality would function 5464
and interact with administrators and end users 5465
hh. Provide input to an implementation service for new Portal functionality (content crawlers, 5466
web services, community templates, etc.), which may be for either new requirements or 5467
as part of a portal migration: 5468
i. Develop the Portal functionality as designed 5469
ii. Validate the Portal functionality 5470
iii. Integrate the Portal functionality into the Enterprise Portal environment 5471
iv. Provide input and assist the government in updating project documentation to 5472
reflect any functionality and/or usage changes. 5473
ii. Provide portal engineering support to achieve 98.5 percent service availability exclusive 5474
of scheduled downtime. 5475
jj. Support the Portal architecture design process to support up to 100 TB of end user 5476
content. 5477
kk. Prepare legacy portal data for migration. 5478
ll. Enable searches using a simple web based access page with full text, phrase, and 5479
conceptual search options. 5480
mm. Provide data indexing. 5481
nn. Support Content Discovery capabilities. 5482
oo. Support automated user initiated process for content submission and indexing. 5483
pp. Maintain a web based search page to search enterprise data sources. 5484
qq. Maintain capability to search the address book and directory service. 5485
rr. Maintain a web services standardized XML interface that will allow interaction with 5486
other available web services. 5487
ss. Support content discovery server hosting and maintenance. 5488
tt. Maintain compliance with security controls, ports, and protocols as directed by the 5489
MCEN DAA. 5490
uu. Provide Content Discovery reports in accordance with (CDRL AXXX). 5491
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
203
vv. Maintain authorized data sources that will be included in the search index. 5492
ww. Maintain content and data. 5493
xx. Provide SME support for legacy solutions. 5494
yy. Maintain contacts for data source. 5495
zz. Provide communication with web host servers on NIPRNet and Internet. 5496
aaa. Support hosting capabilities compatible with Windows operating systems 5497
bbb. Execute a migration plan to re-host the Homeport system. 5498
ccc. Maintain user’s self-service tools. 5499
ddd. Maintain the Government provided listing, accessible by all end users of the 5500
Network, of all Optional Capabilities that have been certified for use on the Network. 5501
eee. Produce the Data User Capacity Report in accordance with (CDRL AXXX). 5502
fff. Support content delivery services access to content. 5503
ggg. Support Business Process Management and Workflow services. 5504
hhh. Support Federation Services capabilities framework. 5505
iii. Use necessary governance, management, and administration of the portal. 5506
jjj. Coordinate licensing requirements for federation to other DoD and DON portals, 5507
systems, and applications. 5508
kkk. Maintain a self service capability to obtain the following analytic reports 5509
including: 5510
i. Traffic Reports 5511
ii. Total number of searches 5512
iii. Most popular Query Phrases (Top 100) 5513
iv. Most popular Query word (Top 100) 5514
v. No-Match queries 5515
vi. Query Reports: 5516
a. Documents indexed 5517
b. Data Sources indexed 5518
c. Time required for first run index 5519
d. Remaining storage available for the index 5520
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
204
lll. Support the capability to search the contents of structured and unstructured data to 5521
include: 5522
i. Intranet web sites 5523
ii. Portal data 5524
iii. Local file shares 5525
iv. Exchange folders 5526
v. Legacy systems 5527
vi. Databases 5528
vii. Document management systems 5529
viii. Service Desk systems 5530
5531
4.6.7 Workflow and Collaboration Services 5532
Workflow and Collaboration Services enable synchronous and asynchronous communication 5533
using Web Portal infrastructure, instant messaging, low-bandwidth text chat, and Web 5534
conferencing. This capability is provisioned to the operational community predominantly 5535
through the Web Portal Services. Near Future provisioning of workflow and collaboration tools 5536
could include both mobile and secure mobile devices across the enterprise. Instant messaging 5537
and Web conferencing both includes, but is not limited to text-based communication, while Web 5538
conferencing adds shared whiteboards, desktop & application sharing, and the ability to invite 5539
non-DOD personnel into collaboration sessions. Workflow Design provides capabilities that 5540
include, but is not limited to: 5541
a. Improved efficiency 5542
b. Better process control 5543
c. Improved customer service 5544
d. Flexibility 5545
e. Business process improvement 5546
Workflow and Collaboration Tools design the tasks, procedural steps, organizations or people 5547
involved, required input and output information, and tools needed for each step in the business 5548
processes. 5549
5550
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
205
4.6.7.1 Specific Tasks: 5551
For Enterprise Messaging Services, the specific support tasks the ES Contractor shall perform or 5552
provide include: 5553
a. Install Government provided CAC Readers that allow end users to send digitally signed 5554
and/or encrypted email, receive digitally encrypted email or use encrypted PIN-to-PIN 5555
Instant Messaging on Blackberry or similar device. 5556
b. Integrate Net Centric Enterprise Services (NCES) collaboration services. 5557
c. Provide support for integration of content discovery and collaboration components. 5558
d. Maintain information sharing/collaboration capability (i.e. portal) to include required 5559
engineering, architectural, and requirements documents; test documentation (test plans, 5560
test reports, test data/observations); and applicable test coordination, scheduling, and 5561
execution information. 5562
e. Sustain operational capability of Web Services (SharePoint Portal). 5563
f. Sustain operational capability of Portal Access. 5564
g. Provide Large Scale Collaboration for up to 500 personnel. 5565
h. Provide access to the following portal-driven capabilities: 5566
i. Team threaded discussion forum 5567
ii. Team contact list 5568
iii. Shared bookmark 5569
iv. Team tasks list 5570
v. Ability to conduct surveys, polls, questions and voting 5571
vi. Team notification and alerting capability 5572
i. Provide the ability for the end user to participate in a Wiki-based collaborative 5573
information repository. 5574
j. Provide a mechanism for an individual to customize and present personally relevant 5575
information in a consolidated area. 5576
k. Provide visibility into hosted email accounts (Microsoft Exchange-based or other similar 5577
product). 5578
l. Provide visibility into hosted calendars accounts (Exchange-based or other similar 5579
product). 5580
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
206
m. Provide access to a portal-end user to portal-end user asynchronous, closed loop 5581
messaging capability (Internal to the portal). 5582
n. Provide ability to present content exposed through RSS/Atom feeds on external servers. 5583
o. Provide the ability to present the end user contact information contained within the 5584
Global Address Book and/or other LDAP-based end user identity repositories. 5585
p. Provide the ability to present end user contact information from the DISA- sponsored 5586
Joint Enterprise Directory Service Whitepages. 5587
q. Provide the ability for the end user to author and publish a blog through portal. 5588
r. Provide a mechanism for an organization to customize and present organizational 5589
information in a consolidated area. 5590
s. Provide synchronous collaboration by providing links to the DISA-sponsored Button 2 5591
collaboration suite. 5592
5593
4.6.8 Directory Services 5594
Directory Services provide global information services that deliver a distributed computing 5595
environment, support the management and use of file services, network resources, security 5596
services, messaging, web, e-commerce, white pages, and object-based services across NGEN. 5597
Directory Services provide authentication to enterprise applications and trusted relationships 5598
between people, devices, applications, services, and other resources throughout the network. 5599
5600
4.6.8.1 Specific Tasks 5601
For Directory Services, the specific support tasks the ES Contractor shall perform or provide 5602
include: 5603
a. Use an automated process or self-service tool provided by the government for managing 5604
the association between a PKI certificate on an end user credential and an Active 5605
Directory Domain account. 5606
b. Maintain publishing of end user PKI certificates automatically to unclassified network 5607
directory services. 5608
c. Use only PKI-based authentication for network services, applications, resources, and 5609
components requiring Active Directory domain account authentication. 5610
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
207
d. Maintain mappings between PKI certificates and network accounts to support two-factor 5611
authentication for all Active Directory domain account categories and eliminate the need 5612
for password-based authentication (i.e., 'exception accounts'). 5613
e. Receive request for and initiate end user account lifecycle events. 5614
f. Create new end user account with DON provided attributes data. 5615
g. Modify end user account attributes including move, add, change, disable or deactivate. 5616
h. Modify end user account type (upgrade/downgrade). 5617
i. Deactivate end user accounts. 5618
j. Change end user account status when directed by the government. 5619
k. Provide unique identifiers for all accounts using naming standards as specified by the 5620
government. 5621
l. Provide end user access to workstations based on end user account and workstation 5622
permissions as designated by the government or as specified by requested service. 5623
m. Delete or transfer all network end user data associated to account when directed by the 5624
government. 5625
n. Provide network end user data associated with an account, if requested by the 5626
government, during deactivation process. 5627
o. Maintain the web-based end user account management tool for government end users to 5628
perform account management functions. 5629
p. Change specific attributes of an account using the end user account management tool. 5630
q. Direct changes to account status using the end user account management tool. 5631
r. Track account changes including move, add, change, disable or deactivate using the end 5632
user account management tool. 5633
s. Provide current information about each account as documented in the Active Directory 5634
using the end user account management tool. 5635
t. Provide an account ledger with pre-defined reports (e.g. based on number, type, status) 5636
using the end user account management tool. 5637
u. Provide access based on end user role of designated government representatives using the 5638
end user account management tool. 5639
v. Maintain a list of authorized submitters for end user account activities. 5640
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
208
w. Create new groups as directed by the government. 5641
x. Modify group attributes. 5642
y. Modify group type for network operations. 5643
z. Deactivate/delete groups. 5644
aa. Provide unique identifiers for all groups required using naming standards in accordance 5645
with government policy. 5646
bb. Provide groups required for new site setup and operations. 5647
cc. Provide installation of Admin Pack utility and Active X components to use Active 5648
Directory management tools, upon request from government. 5649
dd. Maintain a web-based custom active directory interface (CADI) tool to allow designated 5650
government end users to: 5651
i. Perform group management to add and/or delete groups in organizational units 5652
(OUs) allowed access; excluding certain restricted or sensitive groups. 5653
ii. Change specific attributes of groups, including security permissions. 5654
iii. Perform group management to rename groups as necessary. 5655
iv. Perform group management requirements to make changes to group status. 5656
v. Perform group management requirements to move groups between allowed sites 5657
and other Echelon II OU sites. 5658
vi. Assign permission-based functionality based on end user role of designated 5659
government representatives and delegation of roles to other end users. 5660
ee. Perform group management requirements to track specific group changes, including 5661
changes in permissions. 5662
ff. Operate and maintain group policy management in existing directory services in 5663
accordance with government direction. 5664
gg. Monitor replication speed of directory services. 5665
hh. Conduct maintenance of the .dit file for directory services. 5666
ii. Perform schema extensions for directory services. 5667
jj. Cleanup of orphaned objects and inactive end user and computer objects as directed by 5668
the government for directory services. 5669
kk. Perform end user provisioning for directory services. 5670
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
209
ll. Apply security updates as directed by the government for directory services. 5671
mm. Maintain ability to browse the Global Address List (GAL) via Outlook or Outlook Web 5672
Access or other similar product. 5673
nn. Maintain DEERS ability to request reports on specific directory objects when designated 5674
by the government. 5675
oo. Maintain the capability for local, mobile and remote end users, devices, and applications 5676
to access directory services where connectivity is available. 5677
pp. Monitor administration and management of Active Directory network resources such as 5678
ADAM Suite, AD components and AD trusts. 5679
qq. Operate Active Directory services including authentication and authorization of data 5680
maintained in the directory. 5681
rr. Maintain directory synchronization to the Joint Enterprise Directory Service (JEDS) 5682
through the appropriate transport boundaries as directed by the government. 5683
ss. Maintain standard Active Directory services (plus the availability to use Windows 5684
Lightweight Directory Access Protocol (LDAP) services) for all physical and virtual 5685
application servers. 5686
tt. Remove any associated packaged solutions from the Electronic Software Distribution, 5687
(ESD) system and any associated objects from Active Directory for applications removed 5688
from the USMC Management domain. 5689
uu. Maintain LDAP end user access with the network exchange servers. 5690
vv. Assign system administrator rights to government IT personnel for deployed workstations 5691
as directed by the government. 5692
ww. Assign trained government IT personnel system administrator rights to perform all 5693
functions required to operate and maintain a deployed workstations in an embarked 5694
environment when directed by the government. 5695
xx. Provide user account data in accordance with (CDRL AXXX). 5696
yy. Perform lifecycle events on user accounts as requested by the government. 5697
zz. Delete or transfer all network user data associated to account not sooner than 30 calendar 5698
days after USMC requests account deactivation. 5699
aaa. Receive request for and initiate lifecycle events. 5700
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
210
bbb. Provide current information about each group. 5701
5702
4.6.9 COOP/Disaster Recovery/Business Continuity Services 5703
COOP/disaster recovery/business continuity planning services consist of continuity of operations 5704
(COOP), disaster recovery, and business continuity planning (BCP). The COOP involves 5705
establishing and implementing plans for emergency response, storage and backup operations, 5706
off-site storage and post-disaster recovery of information systems. Disaster recovery is the 5707
processes, policies and procedures related to preparing for recovery or continuation of 5708
technology infrastructure critical to an organization after a natural or human-induced disaster. 5709
The BCP is an interdisciplinary concept used to create and validate a practiced logistical plan for 5710
how an organization will recover and restore partially or completely interrupted critical functions 5711
within a predetermined time after a disaster or extended disruption. 5712
5713
4.6.9.1 Specific Tasks 5714
For COOP/ disaster recovery/business continuity planning services, the specific support tasks the 5715
ES Contractor shall perform or provide include: 5716
a. Support, operate, and maintain COOP capabilities 5717
b. For BCP, develop, maintain and update the disaster recovery plan (DRP) for restoration 5718
of operations in the event of an incident or disaster (major/minor) in accordance with 5719
government direction. 5720
c. Provide input and assist the Government in developing system and network designs that 5721
enable business and network operations capable of surviving individual component 5722
failure. 5723
d. Provide input to the government for making system degradation decisions in the event of 5724
a disaster or incident. 5725
e. Provide input to the government after action reports and lessons learned following 5726
exercises. 5727
f. Support execution of emergency failover/failback COOP requirements. 5728
g. Support annual exercise of the DRP. 5729
h. Support activation of the DRP in the case of an incident or disaster. 5730
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
211
i. Assist in the implementation of continuity of operations activities. 5731
5732
4.6.10 File Removal Services 5733
File removal services (spillage) is defined as any incident where information of a higher 5734
classification is introduced on an IT System that is not authorized to hold or process such data. 5735
This service shall support the recovery of data and services following a spillage and includes, but 5736
is not limited to continuing the discovery as required, assessing the damage, cleaning up the 5737
spillage in accordance with the MC IA OPSD 010, Marine Corps Incident Handling Procedures, 5738
all associated reporting requirements, recovering the data, and restoring the services. 5739
5740
4.6.10.1 Specific Tasks 5741
For File Removal Services, the specific support tasks the ES Contractor shall perform or provide 5742
include: 5743
a. Provide personnel, with appropriate security clearances, to execute file removal of 5744
electronic spillage. 5745
b. Lock access to known electronic spillage locations within one hour. This includes 5746
physically removing the device from the network or administratively disabling the port. 5747
c. Remove all instances of the electronic spillage data files from the network, backup 5748
systems, and media within 24 hours of notification by service level Designated 5749
Approving Authority (DAAs). 5750
d. Minimize access and further dissemination of electronic spillage. 5751
e. Start trace process to determine the extent of the electronic spillage proliferation across 5752
systems (desktop, laptop, servers, monitoring systems) in the enterprise within 30 5753
minutes of notification. 5754
f. Remove Online electronic spillage files off all affected systems (desktop, laptop, servers, 5755
monitoring systems, and BlackBerries). 5756
g. Remove electronic spillage files from the back-up systems and tapes. 5757
h. Provide input and assist the Government in developing a POA&M to execute removal of 5758
electronic spillage for actions that cannot be completed by government directed deadline. 5759
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
212
i. Certify completion of electronic spillage cleanup and notify the government when 5760
complete. 5761
j. Report to service level network operations centers all locations of electronic spillage files 5762
that may have been further distributed, but cannot be traced such as email files that were 5763
opened and read or files that may have been copied. (CDRL AXXX) 5764
k. Reconnect the device to the network once the host is certified clean. 5765
l. Report unauthorized or inadvertent disclosures of NNPI. 5766
m. Physically remove spillage from end user devices. 5767
5768
4.6.11 Electronic Software Delivery Services 5769
Electronic software delivery (ESD) services, also known as digital distribution, refers to the 5770
practice of having software products delivered electronically as opposed to receiving physical 5771
media. Security, licensing, bandwidth, reporting and compliance represent a few of the major 5772
considerations associated with ESD. 5773
5774
4.6.11.1 Specific Tasks 5775
For ESD Services, the specific support tasks the ES Contractor shall perform or provide include: 5776
a. Maintain software to perform remote software installation. 5777
b. Provide input and assist the Government in repairing software script, packaging it for 5778
distribution and testing, presenting to Enterprise Change Control Board (ECCB) for 5779
approval, and loading into the ESD system. 5780
c. Distribute government approved new and/or updated Packaged Application Solutions via 5781
automated support; using electronic distribution methods. 5782
d. Resolve failures in the event the software application fails to be electronically delivered 5783
and installed because of failures in the ESD system. 5784
e. Provide electronic software distribution services for applications that will be distributed 5785
within the USMC Management domain. 5786
f. At the completion of the initial distribution event, place the Packaged Instance Active 5787
Directory Object for the application into the "Core" Application Distribution Group. 5788
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
213
g. Provide software deployment in either a single event or a series of multiple events, 5789
depending on the requirements of the application developer and/or the site(s) receiving 5790
the deployed application. 5791
h. Only install DADMS and ECCB approved software. All software must be DADMS 5792
approved before installing to the network. 5793
i. Complete distribution of software over a 30 calendar day duration unless the government 5794
directs more time. 5795
j. Distribute software that has been certified under the Testing and Evaluation Services. 5796
k. Use government provided seat to application mapping to deploy software to designate 5797
data seats. 5798
l. Provide application virtualization services to mitigate application incompatibility issues. 5799
m. Use Active Directory data to determine which seats have applications targeted for 5800
removal using ESD. 5801
n. Remove software, using ESD mechanisms if able, for applications that were manually 5802
installed. 5803
o. Remove any associated packaged solutions from the ESD system and any associated 5804
objects from Active Directory for applications removed from the USMC Management 5805
Domain. 5806
p. Provide a script to remove the last two versions of application (N-2) in the USMC 5807
Management Domain. 5808
q. Report status of deployed patch/upgrade every 24 hours until completion. Reported 5809
information should contain: 5810
i. Total devices needing push 5811
ii. Total successful pushes 5812
iii. Total unsuccessful pushes 5813
iv. Total number of machines not yet having the push applied 5814
r. Develop software distribution report in accordance with (CDRL AXXX). 5815
s. Support “initial” and “subsequent” distribution event services. 5816
t. Use standard deployed solution for any dependent applications (Oracle, Java, CITRIX or 5817
similar products) if it is available. 5818
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
214
u. Add only Government approved applications or application components to the 5819
Environment. 5820
v. Validate that applications that will be deployed meet DAA Information Assurance (IA) 5821
requirements. 5822
w. Deploy applications Identified in Request to Deploy Document. 5823
x. Validate that the software application is appropriately licensed for distribution. 5824
y. Provide Subject Matter Experts (SME) for troubleshooting of applications to ensure 5825
proper application functionality. 5826
5827
4.6.12 Commercial Voice Services 5828
Commercial Voice Connectivity Services address unsecured cable plant commercial Public 5829
Switched Telecommunications Network (PSTN) availability and pier side connectivity, and 5830
PBX. This also supports interfaces to secure voice systems. The USMC has Programs of record 5831
(PoRs) (e.g., Base Telecommunications Infrastructure [BTI]) separate from NGEN that 5832
implement commercial voice connectivity. These PoRs provide commercial voice services to 5833
commercial entities, family housing, and unofficial end users located on USMC installations 5834
where ready connection to the Public Switched Telephone Network (PSTN) is available. 5835
5836
4.6.12.1 Specific Tasks 5837
For Commercial Voice Services, the specific support tasks the ES Contractor shall perform or 5838
provide include: 5839
a. Provide voice connectivity between buildings on a base, facility or office campus 5840
delivered to a BAN Point of Presence within each building and to the Wide Area 5841
Network (WAN) Point of Presence at the base, facility or office campus. 5842
b. Provide voice connectivity between end user devices within a building and the BAN 5843
point of presence in the building. 5844
c. Configure, operate and maintain logical or physical interface to the Defense Switched 5845
Network (DSN) for basic voice transport services from premise switches that are either 5846
part of a campus or BAN. 5847
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
215
d. Configure, operate and maintain network interface to Incumbent Local Exchanges 5848
Carriers (ILECs), Competitive Local Exchange Carriers (CLECs) and Inter-exchange 5849
Carriers (IECs) via T1 interfaces that support ISDN Primary Rate Interface. 5850
5851
4.6.13 VoIP Options and Services 5852
VOIP Options and Services utilize Internet Protocol for the transmission of voice. This service 5853
provides the requisite hardware and software to permit the use of VOIP. IP phones provide end 5854
users with all the standard telephony features, including full voice mail capabilities and the 5855
option to customize ring tones and color display features. The VOIP system also supports fax 5856
machines and legacy analog conference speakerphones. 5857
5858
4.6.13.1 Specific Tasks 5859
For VoIP Options and Services, the specific support tasks the ES Contractor shall perform or 5860
provide include: 5861
a. Support engineering and design of VoIP services to include unlimited local connection 5862
minutes for basic telephone functionality. 5863
b. Support system hardware and software de-installation, move, re-installation, and 5864
change. 5865
c. Support engineering and design to provide access to toll free numbers. 5866
d. Support engineering and design to provide VoIP telephone system that interfaces 5867
between data services and the network on a fully converged voice and data LAN meeting 5868
DISA Unified Capabilities Requirements. 5869
e. Support end user training and education on the various devices provided by the 5870
Government for voice services on the network including computer-based training, web-5871
based training, and instructor-led training as required. 5872
f. Manage, maintain, operate, existing VoIP servers, switches, routers and other equipment 5873
supporting VoIP networks. 5874
g. Maintain configuration of auxiliary voice VLANS. 5875
h. Maintain configuration, management, and operations of network devices, PSTN 5876
interfaces, and fax modules supporting the voice system. 5877
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
216
i. Support tiered Service Desk support for Voice Seats. 5878
j. Support VoIP MACs and complete other associated Service Desk network request. 5879
k. Program, configure, and maintain the network devices. 5880
l. Support VoIP services that provide Layer 3 switching capability as well as updated 5881
TACLANE configurations in support of future transition to DISA VoSIP. 5882
m. Provide engineering and design support for a VoIP service with capability to support 5883
Extension Mobility, Unified Messaging, and Emergency Responder. 5884
n. Provide engineering and design support for a VoIP service that supports Call Center 5885
operations in a Service Desk environment. 5886
5887
4.6.14 Unclassified Mobile Phone Services 5888
Unclassified mobile phone services are a comprehensive set of wireless cellular capabilities, 5889
available through multiple carriers with the service plans to meet end users' needs, where 5890
available, which includes cellular phones, PDA devices, paging services, and cellular data 5891
network access devices. 5892
5893
4.6.14.1 Specific Tasks 5894
For Unclassified Mobile Phone Services, the specific support tasks the ES Contractor shall 5895
perform or provide include: 5896
a. Develop and maintain mobile solutions that incorporate cellular phones, cellular 5897
modems/air cards, PDA devices (e.g. Blackberries or other approved devices), tethering, 5898
paging, etc into the Enterprise Network. 5899
b. Support testing and certifying of mobile solutions including new capabilities as well as 5900
patches, updates, and technology refresh of existing solutions. 5901
c. Develop and implement procedures for technology refresh and deployment of significant 5902
mobile service solution updates and patches. 5903
d. Draft and support implementation of procedures for service transfer between end users as 5904
well as transfers of service between carriers. 5905
e. Maintain data services that include cellular cards, tethering, and associated service plans 5906
for connectivity to the network including a cellular card and service from approved 5907
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
217
carriers, transfer of service from a government furnished device and service plan to this 5908
contract, upgrade cellular card service will replace the older technology with a new 5909
cellular card, and associate it with the existing service plan. 5910
f. Install government provided CAC readers that allow end users to send digitally signed 5911
and/or encrypted email, receive digitally encrypted email, or use encrypted PIN-to-PIN 5912
instant messaging on BlackBerry or similar device. 5913
g. Provide remote connectivity to unclassified email, calendar and contacts, as well as 5914
optional data services and peripherals, including a supporting enterprise server capable of 5915
support DoD PKI or approved hard token encryption. 5916
h. Maintain a mobile solution interoperable with USMC approved BlackBerry or similar 5917
devices combining mobile voice and data access to USMC email services. 5918
i. Maintain a mobile solution able to interface with the PKI certificates stored on a end 5919
user’s DoD CAC through a MCEN DAA approved device and/or connection - either a 5920
physical connection or a secured Bluetooth communications link configured in 5921
accordance with DoD, DON, and USMC wireless security standards. 5922
5923
4.6.15 Classified Mobile Phone Services 5924
Classified Mobile Phone Services provide classified voice services that meet the National 5925
Security Agency (NSA) certification and are compliant with DOD 8100.2. Secure Wireless 5926
Cellular Service consists of cellular data network access services. 5927
5928
4.6.15.1 Specific Tasks 5929
For Classified Mobile Phone Services, the specific support tasks the ES Contractor shall perform 5930
or provide include: 5931
a. Maintain data services that includes cellular cards, tethering, and associated service plans 5932
for connectivity to the network including a cellular card and service from approved 5933
carriers, transfer of service from a government furnished device and service plan, 5934
upgrading cellular card service to replace the older technology with a new cellular card, 5935
and associate it with the existing service plan. 5936
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
218
b. Install Government provided CAC Readers that allow end users to send digitally signed 5937
and/or encrypted email, receive digitally encrypted email or use encrypted PIN-to-PIN 5938
Instant Messaging on Blackberry or similar device. 5939
c. Provide remote connectivity to classified email, calendar and contacts as well as optional 5940
data services and peripherals including supporting Enterprise Server capable of support 5941
DoD PKI or approved hard token encryption. 5942
d. Maintain the Government mobile solution interoperable with USMC approved 5943
Blackberry or similar devices combining mobile voice and data access to USMC email 5944
services. 5945
e. Maintain the Government mobile solution able to interface with the PKI certificates 5946
stored on a end user’s DoD CAC through a NAVY ODAA/MCEN DAA approved device 5947
and/or connection - either a physical connection or a secured Bluetooth communications 5948
link configured in accordance with DoD, DON, and USMC wireless security standards. 5949
5950
4.6.16 VTC Services 5951
Video Teleconferencing (VTC) Services offer cameras, coder-decoder (CODECs), monitors, 5952
onscreen menus, dynamic speaker technology, far-end camera control, collaborative tools, VTC 5953
scheduling set-up and operations, IP infrastructure, multi-session Multi-point Control Unit 5954
(MCU)/bridging service, and remote diagnostics to enable VTC connectivity throughout NGEN 5955
and with external participants via high bandwidth communications, point-to-point and point-to-5956
multi-point switching. 5957
5958
4.6.16.1 Specific Tasks 5959
For VTC Services, the specific support tasks the ES Contractor shall perform or provide include: 5960
a. Maintain hardware, software, network, and scheduling required for end users to conduct 5961
videoconferences with other parties on the network or on other DON, DoD, federal, or 5962
commercial networks. 5963
b. Support videoconference services including: 5964
i. Fixed Video Seats: Support VTC services in existing facilities where end users 5965
can initiate and participate in live VTC’s with in-network and external 5966
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
219
connectivity. Support fixed rooms only, room cameras with full area coverage, 5967
large monitors, on-screen menus, dynamic speaker technology, and video 5968
player/recorder capability. 5969
ii. Moveable Video Seats: Provide support for end users to access VTC services 5970
offering mobility and easy relocation. End users can initiate and participate in 5971
live VTC’s with in-network and external connectivity. Support connection of 5972
room cameras, large monitors, speakers, T.120 compliant collaborative tools, 5973
VTC scheduling, setup, and operations, and multi session bridging. 5974
iii. Desktop: Support capability for end users to participate in live video 5975
teleconferences from any location with other VTC systems using H.320 and 5976
H.323 standards. 5977
c. Support videoconference MAC services. 5978
d. Support upgrades to high-end, mission-critical, and/or classified functionality. 5979
e. Provide operator services for operator-assisted videoconference setup and operation 5980
which are processed on normal business days (M-F). Combined normal VTC support 5981
coverage: 0230-1500 PST, unless scheduled in advance. 5982
f. Support video service delivered via government provided Integrated Services Digital 5983
Network (ISDN) or other digital transmission service. 5984
g. Support efficient off-net routing of video calls. 5985
h. Support routing of calls over the government provided DISN Video Services Global 5986
(DVS-G) or FTS only when specified by the end user on a per call basis. 5987
i. Provide end user training on videoconferencing including the operation of any associated 5988
hardware and software. 5989
j. Conduct testing for videoconferencing services. 5990
k. Provide remote diagnostics for videoconferencing. 5991
l. Support software distribution and upgrades to videoconference software and firmware. 5992
m. Support multi-point bridging. 5993
n. Support service for movable VTC seats over standard infrastructure and temporary 5994
connections such as the Deployable Site Transport Boundary (DSTB). 5995
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
220
o. Support compliance with DISA Uniform Capabilities Requirements and DVS-G 5996
standards for IP VTC configurations for LANs and WANs. 5997
5998
4.6.17 Cross Domain Security Services 5999
Cross domain security services provide the required degree of cross domain access to enable the 6000
exchange of information across COI and management domain boundaries. 6001
6002
4.6.17.1 Specific Tasks 6003
For Cross Domain Security Services, the specific support tasks the ES Contractor shall perform 6004
or provide include: 6005
a. Operate and maintain Cross Domain Infrastructure. 6006
b. Locate information and data stores across network domains and provide network domain 6007
source of information and data store location transactions. 6008
c. Enable cross-domain functional capabilities for end users that include the following: 6009
i. Post data to repositories 6010
ii. Deliver (push, or export) data to specified recipients 6011
iii. Exchange email with attachments 6012
iv. Conduct Instant Messaging (IM) and text chat 6013
d. Filter cross-domain information and data store location results based on the (government 6014
approved) trust agreements among the domains. 6015
e. Maintain CDS architecture as a configuration record for cross domain implementation. 6016
f. Provide content and allowable action restrictions, in addition to the standard mechanisms 6017
of the network, based on the trust agreement for each type of data exchange. 6018
g. Enable metadata tagging of network resources with the data necessary for determination 6019
and enforcement of policy compliance. 6020
h. Enforce cross-domain trust agreement and policy changes in timeframes agreed upon by 6021
the contractor and the government. 6022
i. Coordinate Cross-Domain Solution efforts through the Navy Cross Domain Solution 6023
Office (NCDSO). 6024
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
221
j. Comply with current policies, guidelines, and requirements for the trust agreements and 6025
metadata tagging for data exchanges across COIs. 6026
k. Enforce reliable human review when required. 6027
l. Operate and maintain Cross Domain Infrastructure. 6028
m. Import (pull) data from repositories in other domains. 6029
n. Enforce content release policy. 6030
o. Permit users to request information from a network domain, in addition to, the one he or 6031
she is using. 6032
6033
4.6.18 Security Configuration and Management Services 6034
Security configuration and management (SCAM) services provides an enterprise-wide security 6035
compliance capability that scans and remediates NGEN network devices, workstations, laptops, 6036
and wireless PDAs for out-of compliance conditions such as changed settings, outdated patches, 6037
and illicit software. 6038
6039
4.6.18.1 Specific Tasks 6040
For Security Configuration and Management Services, the specific support tasks the ES 6041
Contractor shall perform or provide include: 6042
a. Analyze information systems and networks to identify potential security weaknesses and 6043
exposures to known threats. 6044
b. Provide performance monitoring and management of Information Assurance measures 6045
including providing security services for protection of the network. Resultant measures 6046
shall be included in reports readily accessible by the government for monitoring and 6047
validation purposes in accordance with (CDRLs AXXX, AXXX, and AXXX). 6048
c. Conduct Information Assurance Vulnerability Management (IAVM) in accordance with 6049
DoDI 8500.2, DoDD 8500.01E, CJCSI 6510.01E and DON policy. 6050
d. Conduct vulnerability scans twice monthly using the DoD standard tool(s). 6051
e. Provide a service single point of contact, position or billet, in accordance with CJCSM 6052
6510.01, DoDI O-8530.2, , to receive all IAVM alerts: a. Designate in writing a single 6053
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
222
point of contact position or billet that shall be available 24 hours a day and is 6054
knowledgeable on all actions that must be taken upon notification of an IAVM alert. 6055
i. Implement a process for emergency IAVM alerts that require shortened deadlines. 6056
ii. Report status of implementation through the designated government reporting 6057
portal. 6058
f. Complete corrective actions within the designated Vulnerability Alert timeline, including 6059
the following: 6060
i. Complete corrective actions within five calendar days of discovery if it is 6061
discovered that a previously designated Vulnerability Alert deadline has passed. 6062
ii. Provide input and assist the Government in developing a POA&M if the system 6063
cannot be brought into compliance within five calendar days of discovery if 6064
deadline has expired. 6065
iii. Includes, but is not limited to the MAC address, host name, location, device 6066
function, vulnerability and temporary mitigation to the POA&M. 6067
g. Provide review, analysis, evaluation, risk assessment, and recommendations to the 6068
respective CNDSP(s) for required government vulnerability management and analysis. 6069
h. Provide input and assist the Government in developing a POA&M every 90 calendar 6070
days that shows the status of each vulnerability and actions taken, if there are any 6071
outstanding enterprise-wide vulnerabilities existing. 6072
i. Maintain a current network and system configuration baseline of all devices. 6073
j. Ensure network and system devices supporting CND functions operate within two 6074
versions of the latest commercially available release unless otherwise directed by the 6075
government. Upon notification by the government of change to current regulation, policy 6076
and/or guidance, the ES Contractor shall notify the government, within 30 days if there is 6077
a material change. 6078
k. Install “plug and play” network and system monitoring device into the system when 6079
supplied by the government. 6080
l. Provide routine vulnerability scans analysis report in accordance with (CDRL AXXX). 6081
m. Report on IAVM compliance in accordance with (CDRL AXXX). 6082
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
223
n. Implement physical and system mechanisms for safeguarding Character User Interface 6083
(CUI) including encryption, access control, end user identification and authentication, 6084
malicious content detection, audit, and physical and environmental control. 6085
o. Adjust and implement security changes following a Security Review including: 6086
i. Provide a standard process for designing, implementing, and changing CUI 6087
security requirements and efforts. 6088
ii. Provide an emergency process for designing, implementing, and changing CUI 6089
security requirements and efforts in operations. 6090
p. Provide support for controlled unclassified safeguard tasks in accordance with applicable 6091
directives. 6092
q. Monitor status of DAR services on DAR enabled computing devices across the network 6093
enterprise. 6094
r. Engineer core builds for each operating system comprising software provided by the 6095
government, the contractor or by a third party contractor. Engineering the core build will 6096
provide the core build to the government at a government testing facility so that it can be 6097
scanned for security vulnerabilities. 6098
s. Develop group policy objects (GPOs) based on the corresponding Defense Information 6099
Systems Agency (DISA) Security Technical Implementation Guides (STIG) for each 6100
operating system on the network and the Marine Corps Enterprise DAA (DAA) guidance 6101
regarding the United States Government Configuration Baseline (USGCB), as directed 6102
by the Office of Management and Budget (OMB) memorandum M-07-11, 6103
"Implementation of Commonly Accepted Security Configurations for Windows 6104
Operating Systems," March 22, 2007, guidelines and configurations (from National 6105
Institute of Standards and Technology; National Vulnerability Database for FDCC). 6106
t. Provide input and assist the Government in developing IAVA/IAVB packages to servers. 6107
u. Maintain data seat configurations based on current DoD and DON policy and guidance 6108
including the Defense Information Systems Agency (DISA) Security Technical 6109
Implementation Guidelines (STIGs) as specifically agreed upon and approved by the 6110
MCEN DAA for the network. 6111
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
224
v. Provide touch labor to maintain deployable seats that meet the requirements for a 6112
portable data seat including performing preventive and/or corrective maintenance upon 6113
return of the embarked units and prior to reconnection with the shore infrastructure 6114
including (but not limited to) reconfiguration or upgrades of software and hardware as 6115
necessary to verify IAVA compliance at the time of return. 6116
w. Provide input and assist the Government in reporting status of deployed patch/upgrade 6117
within 24 hours of deployment direction. 6118
x. Maintain CND mechanisms, including anti-spam tools, Network Access Control, Host 6119
Based Security Systems (HBSS), and HBSS Device Control Modules at enterprise 6120
locations in accordance with government direction based on NIST SP 800-53, 6121
DoDI8500.2, DoDD 8500.1. 6122
y. Operate and defend the network in accordance with DoDI O-8530.2, STRATCOM 6123
Directive (SD) 527-1, and CYBERCOM cyber condition operational tasking orders. 6124
z. Develop plan and implement actions on the enterprise as required by each of the Cyber 6125
Readiness Conditions. 6126
aa. Provide input to Cyber Readiness Implementation Plans. 6127
bb. Execute the Cyber Readiness Implementation Plan as directed by the government. 6128
Report completion of all steps. Report any actions that could not be completed, along 6129
with an estimated time of completion. (CDRL AXXX) 6130
cc. Defend Systems by recognizing, reacting to, and responding to threats (as directed by 6131
NCDOC, Marine Corps Network Operations and Security Center (MCNOSC) or higher 6132
authority), vulnerabilities, and deficiencies, such that no access is uncontrolled and all 6133
systems and networks are capable of self-defense with all reporting and responses to 6134
Computer Network Defense Service Provider (CNDSP). 6135
dd. Support and comply with government directed CND Response Actions (RAs), which 6136
may develop CND-RAs based on intelligence reporting, active network incidents or 6137
trends. Provide a written assessment of any adverse impact to end user services. In the 6138
case of an adverse impact, provide alternative actions to achieve the original intent of the 6139
CND-RA. (CDRL AXXX) 6140
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
225
ee. Conduct weekly monitoring and analyze logs to identify unauthorized, illicit, or other 6141
unwanted activity. 6142
ff. Capture transactional information, during the auditing process." 6143
gg. Conduct routine vulnerability scans. 6144
hh. Analyze vulnerability scan results to determine potential network or system 6145
vulnerabilities in accordance with DoDI O-8530.2 and CJCSI 6510.01E. 6146
ii. Provide an analysis of vulnerable machines to MCNOSC including the following 6147
information: hostname, IP, MAC address, site, device function, and vulnerability 6148
associated with that asset. (CDRL AXXX) 6149
jj. Remediate software vulnerabilities and system misconfigurations identified in routine 6150
scans in accordance with DoDD O-8530.1, CJCSM 6510.01 and DoDI 8500.2, except for 6151
instances approved by the appropriate approving Service authorities. Vulnerability 6152
remediation will be conducted using the approved DoD solution (SCRI) or other 6153
approved methodologies. 6154
kk. Remediate vulnerabilities and misconfigurations identified by an external network 6155
assessment conducted by the government entity, except for instances approved by the 6156
appropriate approving Service authorities. 6157
ll. Provide input and development of a Plan of Actions and Milestones (POA&M) if the 6158
remediation actions cannot be accomplished by the assigned completion date. 6159
mm. Provide input and development of monthly vulnerability reports. 6160
nn. Provide, in accordance with performance measures, logs and information feeds including 6161
HBSS, Intrusion Prevention System (IPS) and IDS to the MCNOSC to support 6162
government oversight. Maintain government accessible historical data (30 days) that can 6163
be retrieved/mined by automated means using standard protocols (i.e. XML, SOAP, etc.). 6164
oo. Provide input and assist the Government in updating/revising architecture designs to 6165
accommodate changing requirements, emerging technology, and results of vulnerability 6166
assessments, for government review and approval to ensure compliance with DoDI 6167
8500.2 IA Controls. 6168
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
226
pp. Support the restoration of network and system devices to a known valid baseline. 6169
Provide post-event scans and verification of mitigation actions as required by the 6170
CNDSP(s). 6171
qq. Carry out a program of inspection and audit to safeguard against threats and hazards to 6172
the confidentiality, integrity, and availability of CUI. 6173
rr. Afford access to the facilities, technical capabilities, operations, and personnel. 6174
ss. Use only products that are FIPS 140-2 certified to protect Controlled Unclassified 6175
Information. 6176
tt. Support Government security policies, guidelines, and directives for identification and 6177
handling of CUI. 6178
uu. Provide IA CND personnel in accordance with DoD 8570.01-M, SECNAVINST 6179
5510.36, SECNAVINST 5239.3B, and SECNAV M-5239.1. Ensure personnel qualify 6180
on the equipment they have access to and have and will maintain required security 6181
clearances. 6182
vv. Provide a report of the IA CND workforce status in accordance with (CDRL AXXX). 6183
ww. Vulnerability scans shall utilize the latest Government provided configuration and 6184
definition files as applicable to the DoD mandated solution. 6185
xx. Provide analysis results to MCNOSC. 6186
6187
4.6.19 Boundary, DMZ, and Communities of Interest (COI) Services 6188
Boundary, Demilitarized Zone (DMZ), and Community of Interest (COI) Services protect the 6189
NGEN Enterprise including the management and operation of the boundaries. 6190
6191
4.6.19.1 Specific Tasks 6192
For Boundary, DMZ, and COI Services, the specific support tasks the ES Contractor shall 6193
perform or provide include: 6194
a. Provide input to Cyber Readiness Implementation Plans for the government. 6195
b. Comply with guidelines established by Department of Defense Instruction (DoDI) 6196
8551.1, "Ports, Protocols, and Services Management (PPSM)", the Navy Unclassified 6197
Trusted Network Protection Policy, and the Navy Classified Network Protection Policy. 6198
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
227
c. Conduct weekly monitoring and analyze logs to identify unauthorized, illicit, or other 6199
unwanted activity. 6200
d. Capture transactional information, during the auditing process. 6201
e. Remediate vulnerabilities and misconfigurations identified by an external network 6202
assessment conducted by the government entity, except for instances approved by the 6203
appropriate approving Service authorities. 6204
f. Report any actions that could not be completed, along with an estimated time of 6205
completion via the Government provided Ticket Management System (TMS). 6206
g. Provide, in accordance with performance measures, logs and information feeds including 6207
HBSS, Intrusion Prevention System (IPS) and IDS to the MCNOSC to support 6208
government oversight. 6209
h. Implement the Enterprise Services portion of the Sensor Grid within the security 6210
infrastructure that collects intrusion/incident/audit data from a collection of sources 6211
including but not limited to Content Monitoring products, Content Filtering products, 6212
HBSS for servers and hosts with the capability for packet capture, deep inspection, and 6213
customized signature capability. Implement automated tools to collect this data and to 6214
send it to the MCNOSC. 6215
i. Conduct system based intrusion detection monitoring and prevention on managed 6216
systems: 6217
i. Implement standard vendor provided appliance signatures within 24 hours of 6218
approval. 6219
ii. Implement government directed signatures no later than 24 hours after direction 6220
and files are provided. 6221
iii. Provide operational status of all sensors, managers and associated database 6222
systems to the government within 15 minutes of government request. 6223
iv. Monitor intrusion detection systems 24/7. 6224
j. Conduct host based intrusion detection monitoring and prevention on all devices that 6225
support HBSS: 6226
i. Provide administrator access to the HBSS management application to designated 6227
government POC. 6228
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
228
ii. Implement only government approved policies/configuration/signatures on the 6229
host based sensors and management servers. 6230
iii. Provide near real-time data feeds from all intrusion detection/prevention system 6231
for incorporation into the government Security Incident Management system. 6232
iv. Maintain government-provided components of HBSS at the most current baseline, 6233
in accordance with USCYBERCOM and DON policy. 6234
v. Provide operational status of the managers and related software repository servers 6235
to the government within 15 minutes. 6236
k. Provide for ongoing support of improvements to the DMZ Facility to accommodate 6237
hosting of a single server. 6238
l. Provide input and development of an operational status report. 6239
m. Provide sensor or appliance log data to the government within 24 hours of a government 6240
request. 6241
n. Provide input and development of a status report of the managers and related software 6242
repository servers. 6243
o. Support Anti-Virus Scans of servers. 6244
p. Support Anti-Virus updates to servers. 6245
q. Host Government specified anti-virus definition files for use on a single server. 6246
r. Maintain an IP address to the connected unclassified or classified device. 6247
s. Maintain the USMC COI as a separate enclave. 6248
t. Maintain a standard level of connectivity, network loading, and maintenance 6249
responsiveness for a single server located in the DMZ Facility. 6250
u. Perform the per instance tasks required to maintain the redundant enterprise access. 6251
v. Maintain the deployed Citrix Access Gateway units at B1 sites. 6252
w. Support front end service for government managed and maintained servers connected to 6253
NGEN supporting standard low bandwidth Citrix based server/applications. 6254
x. Support server-load balancing, server SSL overhead offload (SSL termination), HTTP 6255
web caching, HTTP compression, and authentication framework services, parallel 6256
browser request processing, express document processing, smart technology, and layer 7 6257
virtualization capability as uplift. 6258
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
229
y. Support capability for asymmetric application acceleration to load balance servers in 6259
public facing zones. 6260
z. Support capability to interface with additional external networks. 6261
aa. Implement hardware sensors into the USMC architecture for on-call/future use of CND 6262
tools. 6263
bb. Implement Defense-in-Depth strategies in accordance with Chapter 3 of the DON Chief 6264
Information Officer (CIO) Information Technology Steering Group (ITSG) and 6265
Appendix E of the DON CIO IT Infrastructure Architecture (ITI). 6266
6267
4.6.20 Malware Detection and Protection Services 6268
Malware Detection and Prevention (MDP) Services provide network-based and host-based 6269
malware (malicious code) prevention capabilities with centralized management and reporting. 6270
MDP uses a range of DoD approved software and hardware appliances throughout NGEN to 6271
enhance defense-in-depth posture. 6272
6273
4.6.20.1 Specific Tasks 6274
For Malware Detection and Protection Services, the specific support tasks the ES Contractor 6275
shall perform or provide include: 6276
a. Operate anti-malware software, as designated by the government, on all system devices 6277
in accordance with CJCSM 6510.01, DoDI 8500.2, DoD 5220, SECNAVINST 5239.3B, 6278
and SECNAV M-5239.1. 6279
b. Monitor and conduct incident response to alerts generated by the government anti-6280
malware software in accordance with CJCSM 6510.01, DoDI 8500.2, DoD 5220, 6281
SECNAVINST 5239.3B, and SECNAV M-5239.1. 6282
c. Maintain anti-malware alert feeds to the government automatically in a method and 6283
format compatible with government CND systems in accordance with CJCSM 6510.01, 6284
DoDI 8500.2, DoD 5220, SECNAVINST 5239.3B, and SECNAV M-5239.1. 6285
d. Conduct a one-time full system scan within 45 calendar days of contract start. 6286
e. Conduct a full system scan of specific workstations and servers in accordance with 6287
government directed actions. 6288
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
230
f. Actively investigate newly discovered or emerging malware that affects system devices. 6289
g. Report and submit to the CNDSP(s) all newly discovered or unknown malware. (CDRL 6290
AXXX) 6291
h. Monitor anti-malware organization advisories and websites. 6292
i. Implement physical and system mechanisms for safeguarding CUI including encryption, 6293
access control, end user identification and authentication, malicious content detection, 6294
audit, and physical and environmental control. 6295
j. Conduct anti-virus scans on all physical and virtual application servers. 6296
k. Download anti-virus updates for all physical and virtual application servers. 6297
l. Maintain specified anti-virus definition files for use on a single server. 6298
m. Operate and maintain boundary anti-malware capabilities to protect servers, services, and 6299
end points by integrating and correlating the following: 6300
i. URL filtering 6301
ii. Anti-malware inspection 6302
iii. Intrusion prevention 6303
iv. Application and network-layer firewall 6304
v. HTTP and HTTPS inspections 6305
6306
4.6.21 Security Event Management Services 6307
Security Event Management (SEM) Services provide the ability to monitor and correlate security 6308
events that are generated from identified networked devices such as firewalls, IPS, and server 6309
logs within NGEN COIs using government approved filtering strategies and implementations. 6310
6311
4.6.21.1 Specific Tasks 6312
For Security Event Management Services, the specific support tasks the ES Contractor shall 6313
perform or provide include: 6314
a. Conduct weekly monitoring and analyze logs to identify unauthorized, illicit, or other 6315
unwanted activity. 6316
b. Provide cyber threat/issue recommendations to mitigate or respond to threats and 6317
vulnerabilities, to the government for validation and acceptance based on established 6318
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
231
policies. The urgency or phasing of any actions will consider the level of threat or 6319
vulnerability to the network. (CDRL AXXX) 6320
c. Obtain access to security logs, including centralized storage of data. 6321
d. Maintain CND mechanisms, including anti-spam tools, Network Access Control, Host 6322
Based Security Systems (HBSS), and HBSS Device Control Modules at enterprise 6323
locations in accordance with government direction based on NIST SP 800-53, 6324
DoDI8500.2, DoDD 8500.1. Operate and defend the network in accordance with DoDI 6325
O-8530.2, STRATCOM Directive (SD) 527-1, and CYBERCOM cyber condition 6326
operational tasking orders. 6327
e. Design, plan and implement actions on the enterprise as required by each of the Cyber 6328
Readiness Conditions. 6329
f. Provide input to Cyber Readiness Implementation Plans for the government. 6330
g. Execute the Cyber Readiness Implementation Plan as directed by the government. 6331
h. Notify appropriate Government representative upon completion of all steps in the Cyber 6332
Readiness Implementation Plan. 6333
i. Defend Systems by recognizing, reacting to, and responding to threats (as directed by 6334
NCDOC, Marine Corps Network Operations and Security Center (MCNOSC) or higher 6335
authority), vulnerabilities, and deficiencies, such that no access is uncontrolled and all 6336
systems and networks are capable of self-defense with all reporting and responses to 6337
Computer Network Defense Service Provider (CNDSP). 6338
j. Support and comply with government directed CND Response Actions (RAs), which 6339
may develop CND-RAs based on intelligence reporting, active network incidents or 6340
trends: Provide a written assessment of any adverse impact to end user services. In the 6341
case of an adverse impact, provide alternative actions to achieve the original intent of the 6342
CND-RAs. (CDRL AXXX) 6343
k. Capture transactional information, as directed by the government, during the auditing 6344
process utilizing tools in place as of the COSC Start Date. 6345
l. Analyze vulnerability scan results to determine potential network or system 6346
vulnerabilities in accordance with DoDI O-8530.2 and CJCSI 6510.01E. 6347
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
232
m. Provide an analysis of vulnerable machines to MCNOSC including the following 6348
information: hostname, IP, MAC address, site, device function, and vulnerability 6349
associated with that asset. (CDRL AXXX) 6350
n. Provide analysis results to MCNOSC. 6351
o. Provide, in accordance with performance measures, logs and information feeds including 6352
HBSS, Intrusion Prevention System (IPS) and IDS to the MCNOSC to support 6353
government oversight. 6354
p. Maintain government accessible historical data (30 days) that can be retrieved/mined by 6355
automated means using standard protocols (i.e. XML, SOAP, etc.). 6356
q. Take and report prescribed actions either pre-designated or government directed actions 6357
in response to an identified attack on or intrusion into an information system or network. 6358
(CDRL AXXX) 6359
r. Provide any actions recommended by the CND team to MARCERT for possible 6360
inclusion into the overall DON security posture as part of the threat sharing initiative. 6361
s. Provide Incident/Event reporting utilizing the government provided Ticket Management 6362
System. 6363
t. Provide input and development of incident logs. 6364
u. Provide input and development of Operation Support Services data. 6365
v. Maintain near real-time data feeds from designated systems into the government Security 6366
Incident Management (SIM) system. Test software required for real-time data feed for 6367
compatibility on designated devices. Provide completed test reports. (CDRL AXXX) 6368
w. Operate the government-provided software agent within 30 calendar days of the 6369
government’s acceptance of the performance or capability issues identified in the test 6370
report. 6371
x. Provide incident response by isolating a network or system device: At a minimum, 6372
logically isolate a network device within 30 minutes of government direction for servers 6373
and 60 minutes of government direction for Data Seats (government may direct physical 6374
removal after logical isolation). 6375
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
233
y. Collect incident handling evidence. Execute a preselected volatile data capture tool 6376
within 1 hour of government direction for such data and provide the tool output in the 6377
CNDSP(s) approved format/output. 6378
z. Take possession of any magnetic and optical media related to a network incident utilizing 6379
government chain of custody procedures. 6380
aa. Ship incident handling evidence, via registered mail, or as specified by DoD 5000.2-R if 6381
classified, the media (or entire device, if required) within 48 hours to the government 6382
POC. 6383
bb. Operate a decryption capability for DAR enabled media. 6384
cc. Restore network and system devices to a known valid baseline. 6385
dd. Reimage workstations and servers as required by either incident response procedures or 6386
current INFOCON/Cyber-Readiness Condition requirements. 6387
ee. Support the restoration of network and system devices to a known valid baseline. 6388
Provide post-event scans and verification of mitigation actions as required by the 6389
CNDSP(s). 6390
ff. Monitor and conduct incident response to alerts generated by the government anti-6391
malware software in accordance with CJCSM 6510.01, DoDI 8500.2, DoD 5220, 6392
SECNAVINST 5239.3B, and SECNAV M-5239.1. 6393
gg. Monitor the IA/CND operational situation on network system status consoles, perform 6394
initial investigation on any suspicious activity reported, and escalate potential events via 6395
the incident ticket/event tracking system to the appropriate-level NOSC security 6396
Operations Duty manager in accordance with government directed actions. 6397
hh. Coordinate operational reporting of CDRL and Incident/Events reporting. 6398
ii. Generate, provide, and archive activity and event component logs as directed by the 6399
CNDSP(s): a. Operate an automated logging aggregation system that will compress, 6400
correlate, and provide (30 days of data) for analysis of logged data from all required 6401
logging sources (host audits, networks and host-based IDS, etc.) and audit those logs. 6402
This system shall be open to external connections as specified by the CNDSP to enable 6403
CNDSP Data mining for event correlations specific to the DON GIG. 6404
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
234
jj. Monitor logging aggregation system (weekly) and analyze logs to identify unauthorized, 6405
illicit, or other unwanted activity. 6406
kk. Operate Security Event Correlation Tools to enable the government to determine if 6407
ongoing system activities are in accordance with security policies. 6408
ll. Operate Computer Forensic Tools to identify, extract, preserve, and document computer-6409
based evidence. 6410
mm. Capture in scope transactional information directed by the government during the 6411
auditing process, the scope of information requested is limited to the capabilities of the 6412
solutions in the forensics area. 6413
nn. Operate physical and system mechanisms for safeguarding CUI including encryption, 6414
access control, end user identification and authentication, malicious content detection, 6415
audit, and physical and environmental control. 6416
oo. Support the Security Operations Center by generating, providing, and archiving activity 6417
and event component logs as directed by the CNDSP(s). 6418
pp. Any data storage requirements in excess of 30 days will be addressed via an Engineering 6419
Services CLIN. 6420
qq. Provide audit and monitor controls to allow system administrators to perform testing for 6421
implementation of new services, changes to services, and investigations. 6422
rr. Provide audit and monitoring technologies for IA and Computer Network Defense to 6423
CNDSP(s) as directed. 6424
6425
4.6.22 Security and IT Certification and Accreditation Services 6426
Security and IT Certification and Accreditation (C&A) Services supports the Department of 6427
Defense Information Assurance Certification and Accreditation Process (DIACAP). This 6428
includes management of the certification process, the performance of a complete certification or 6429
preparation and assessment of individual documents in the final DIACAP package. 6430
6431
4.6.22.1 Specific Tasks 6432
For Security and IT Certification and Accreditation Services, the specific support tasks the ES 6433
Contractor shall perform or provide include: 6434
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
235
a. Provide input and assist the Government in developing and preparing certification and 6435
accreditation packages that will allow each discrete site to be certified and accredited in 6436
accordance with DON DIACAP Handbook, 15 July, 2008, DoDI 8510.01, “DoD 6437
Information Assurance Certification and Accreditation Process (DIACAP),” November 6438
28, 2007 and/or Director of Central Intelligence Community Directive Number 503 6439
effective 15 September 2008. 6440
b. Conduct C&A testing and analysis of system security and data safeguards in accordance 6441
with the DIACAP Implementation Plan (DIP) to provide correct and thorough 6442
implementation of relevant Information Assurance controls as defined within DoDI 6443
8500.2 (Information Assurance Implementation) in accordance with the system’s Mission 6444
Assurance Category and Classification level of information processed. 6445
c. Participate and provide points-of-contact to the government for discussions, design 6446
solutions, identify risks, make recommendations, and develop schedules for approval in 6447
Configuration Control Board (CCB), Information Assurance (IA) Verification and 6448
Validation (V&V) activities, Working Integrated Project Team (WIPT), and other 6449
Engineering and Security-focused Working Groups related to the Clinger-Cohen Act 6450
such as S/TEAG and C&A Subgroup), as directed by government POC (APM for the 6451
IA/C&A). 6452
d. Participate in and provide points-of-contact to the government for technical reviews, 6453
analysis of capability, processes and systems such as the Certification Solution Review 6454
(CSR), Enterprise Change Control Board (ECCB), and Enterprise Residual Risk Panel 6455
(ERRP) providing design solutions, identification of risks and recommendations. 6456
e. Implement accreditation boundary change requests following the established 6457
U4010/C4010 processes. 6458
f. Comply with the requirements DoDI 8500.2, DoD 5200.2-R, DoD Instruction 8510.01, 6459
DON DIACAP Handbook dated 15 July 2008, SECNAVINST 5239.3 and OPNAVINST 6460
5239.1C, Marine Corps Enterprise IA Directive (EIAD) 018 Certification and 6461
Accreditation Manual DAA Guidance Memorandum 01/0909 6462
g. Validate that automated systems comply with security requirements and are accredited by 6463
the Designated Approving Authority (DAA), Headquarters United States Marine Corps 6464
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
236
(HQMC), Command, Control, Communications and Computers (C4) prior to processing 6465
sensitive unclassified data. 6466
h. Provide input and assist the Government in preparing DIACAP Packages consisting of 6467
the DIACAP Implementation Plan (DIP), System Identification Profile (SIP), IT Security 6468
Plan of Action and Milestones (POA&M) identifying the non-complaint IA Controls or 6469
vulnerabilities, and scorecard populated with security testing results. 6470
i. Assign and tailor IA system/site controls and security requirements for the government. 6471
j. Track status of packages coming up for recertification. 6472
k. Implement and validate assigned IACs: 6473
i. Execute the DIACAP implementation plan (DIP) and conduct system testing. 6474
ii. Compile system/site testing results. 6475
iii. Provide input for development of an IT security POA&M. 6476
iv. Provide input and assist the Government in preparing C&A Packages. 6477
l. Support Echelon II/MSC Concurrence of C&A Package. 6478
m. Complete required testing and provide input to the required C&A documentation to assist 6479
the CA/CAR and DAA in making certification determination and accreditation decisions. 6480
i. Provide any additional information required by government PM and designated 6481
representatives to substantiate packages submitted for decisions from the 6482
CA/CAR DAA. 6483
ii. Respond to inquiries during this activity. 6484
n. Provide input and assist the Government in maintaining Authority to Operate and conduct 6485
system/site reviews. 6486
i. Maintain system/site situational awareness and maintain IA security posture. 6487
ii. Remediate vulnerabilities that have been identified by the government, or identify 6488
any scheduled timeline deviation required, according to the timeline identified by 6489
the government representatives. 6490
iii. Assist the Government in conducting annual system/site reviews. 6491
iv. Assist the Government in conducting system/site re-accreditations. 6492
o. Decommission system/site when directed by the government. 6493
p. Notify MCNOSC when system/site is de-commissioned 6494
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
237
q. Assist the Government in preparing C&A Documentation for sites in accordance with 6495
DON DIACAP Handbook, dated 15 July 2008, not less than 70 calendar days before 6496
expiration, Authority to Operate (ATO). 6497
r. Perform Security Test and Evaluation (ST&E) in accordance with the government 6498
preapproved test plan for each site and identify security discrepancies found during 6499
testing in the approved DIACAP documentation, Federal Information Security 6500
Management Act (FISMA) POA&M, and DIACAP Scorecard. 6501
s. Maintain and update the Enterprise DIACAP Plan (EDP) when implemented. 6502
t. Assist the Government in preparing proposed updates to the enterprise ATO (eATO) 6503
approval cycle for stakeholder (DAA, CA, PM, USMC) review. All Sections of the EDP 6504
must be updated prior to the expiration of the eATO. 6505
u. Participate and provide recommendations in discussions, design solutions, identify risks, 6506
and develop schedules for approval in technical interchange meetings, conferences, and 6507
workshops including in certification solution review (CSR) for architecture & 6508
engineering (A&E) solutions - security engineering review (ER) for new solutions. 6509
v. Participate and provide recommendations in discussions, design solutions, identify risks, 6510
and develop schedules for approval in technical interchange meetings, conferences, and 6511
workshops including in enterprise residual risk panels (ERRP). 6512
w. Participate and provide recommendations in discussions, design solutions, identify risks, 6513
and develop schedules for approval in Technical Interchange Meetings, Conferences, and 6514
Workshops including in Security and Technical Enterprise Action Group and subgroups. 6515
x. Participate and provide recommendations in discussions, design solutions, identify risks, 6516
and develop schedules for approval in Technical Interchange Meetings, Conferences, and 6517
Workshops including in DAA and Other Status Briefings. 6518
y. Support independent test and audit teams conducting evaluations on systems or networks 6519
to verify and determine the extent a particular design and implementation meets a set of 6520
specified security requirements. 6521
z. Participate in weekly production call with the government in order to identify status of 6522
C&A packages in process and the identification of issues impacting those packages. 6523
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
238
aa. Assist the Government in preparing C&A related information, including detailed site 6524
topology drawings and other documentation required by DISA for Approval to Connect 6525
(ATC) to the Global Information Grid (GIG). 6526
bb. Support the government in the role of certification agent by conducting site visits, IAM 6527
Interviews, Security Test and Evaluations using government provided Test Plans 6528
including building walkthroughs and physical security inspections for room certifications 6529
and build and support the government in delivering C&A packages that are able to be 6530
Certified and Accredited Authority to Operate (ATO) and DISA Authority to Connect 6531
(ATC) to the GIG. 6532
cc. Evaluate proposed new IT products and protocols for impacts to C&A. 6533
dd. Assist the Government in preparing sufficient architecture documentation, risk 6534
assessments, risk mitigation plans, and other supporting documents required to support 6535
DIACAP accreditation. 6536
ee. Migrate from manual C&A processing to automated processing using the specified DON 6537
DIACAP Tool for populating data using specified templates. 6538
ff. Provide input and assist the Government in developing C&A packages. 6539
gg. Achieve ATO for all sites granted IATO within 180 calendar days from the date IATO 6540
was granted. 6541
hh. Review U.S. Cyber Command Coordinated Alert Messages and verify that no sites on 6542
these messages, with the exception of IATB sites, are within 30 calendar days of 6543
expiration. 6544
ii. Populate templates per DIACAP requirements in accordance with DON DIACAP 6545
Handbook dated--15 July 2008. 6546
jj. Provide input and development of C&A status reports. 6547
kk. Provide input and development of annual forecast of packages to be delivered to the 6548
government for C&A decisions. 6549
ll. Provide input and development of Enterprise documentation. 6550
mm. Attend the Integration Certification Solution Review Board as the Engineering and 6551
Program Manager (PM) representative. 6552
nn. Provide C&A Program Management. 6553
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
239
oo. Notify all site echelons of upcoming C&A visits. 6554
pp. Fulfill C&A responsibilities with respect to applicable laws, policies and directives. 6555
qq. Review business best practices (BBP) and review semi-annually to validate that BBPs are 6556
evaluated and where appropriate implemented in a Lean Six SIGMA effort to 6557
continuously improve performance of the network and security posture supporting the 6558
network. 6559
rr. Provide input and assist the Government in developing C&A package for the Core Build. 6560
ss. Complete and submit the DIACAP Implementation Plan (DIP). 6561
tt. Validate assessments of system's compliance with stated requirements, assess the risks 6562
associated with operating the system, and coordinate the certification activities. 6563
uu. Support the Government as the NGEN Validator and Certification Agent. 6564
vv. Participate and provide recommendations in discussions, design solutions, identify risks 6565
and develop schedules for approval in NMCI Technical Interchange Meetings, 6566
Conferences and Workshops, including: 6567
i. First attempt: 90% must obtain accreditation approval 6568
ii. Second attempt: 100% must obtain accreditation approval 6569
ww. Provide problem escalation and resolutions for Government issues relating to 6570
C&A site package preparation. 6571
xx. Report on Information Assurance requirements compliance with respect to C&A. 6572
yy. Perform test and audit to include verification and validation of contractor performance by 6573
conducting on site and remote scan assessments of selected sites classified and 6574
unclassified networks, servers and workstations and security infrastructure. 6575
zz. Promulgate C&A guidance, policy consistent with DoD tasking. 6576
aaa. Coordinate with the responsible Government designated representative, to 6577
validate 100% compliance and compatibility with DIACAP C&A data standards. 6578
bbb. Provide documentation of established performance metrics. 6579
ccc. Follow Government direction for use of the specified DON DIACAP Tool for 6580
C&A processing. 6581
6582
4.6.23 Authentication and Authorization Services 6583
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
240
Authentication and authorization services comply with the applicable policies of DoDD 8500.1 6584
by enforcing procedures to ensure that end users possess appropriate identity credentials and that 6585
end users are authorized only the minimum rights and privileges required to perform their 6586
assigned duties and tasks. The network enforces end user authentication through the use of 6587
strong (two factor) authentication using the DoD public key infrastructure (PKI), which allows 6588
for the implementation of a comprehensive accountability model and holds end users responsible 6589
for their actions. The authorization management piece allows for the definition of authorization 6590
policy and for the enforcement of this policy. 6591
6592
4.6.23.1 Specific Tasks 6593
For Authentication and Authorization Services, the specific support tasks the ES Contractor shall 6594
perform or provide include: 6595
a. Support identity and access management in accordance with Information Sharing 6596
Environment Guidance (ISE-G-108 v1.0). 6597
b. Comply with DoD and DON Policy to support cryptographic log-On (CLO) for network 6598
authentication. 6599
c. Comply with government guidance/direction to support DON login mechanism using an 6600
end username and password combination for any enterprise assets that do not support 6601
CLO. 6602
d. Operate an identity management system for the authorization and access model directed 6603
by DON. 6604
e. Support limitation of the number of consecutive unsuccessful access attempts in 6605
accordance with DoDI 8500.2 and JTF-CTO 07-15. 6606
f. Monitor and maintain the use of a government approved system use notification message 6607
before granting system access for the information system. 6608
g. Maintain a session lock as defined by policy due to inactivity to prevent further access to 6609
the system. 6610
h. Comply with current government regulations, policy, and guidance in effect at time of 6611
implementation of the IdAM schema and access control mechanism. Upon notification 6612
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
241
by the government of change to current regulation, policy and/or guidance, notify the 6613
government, within 30 days if there is a material change. 6614
i. Maintain the trust relationship structure among resources, assets, networks, and security 6615
domains. 6616
j. Maintain CND mechanisms, including anti-spam tools, Network Access Control, Host 6617
Based Security Systems (HBSS), and HBSS Device Control Modules at enterprise 6618
locations based on NIST SP 800-53, DoDI8500.2, DoDD 8500.1. Operate and defend 6619
the network in accordance with DoDI O-8530.2, STRATCOM Directive (SD) 527-1, and 6620
CYBERCOM cyber condition operational tasking orders. 6621
k. Support actions on the enterprise as required by each of the Cyber Readiness Conditions. 6622
l. Defend Systems by recognizing, reacting to, and responding to threats (identified by, 6623
Marine Corps Network Operations and Security Center (MCNOSC) or higher authority), 6624
vulnerabilities, and deficiencies, such that no access is uncontrolled and all systems and 6625
networks are capable of self-defense with all reporting and responses to Computer 6626
Network Defense Service Provider (CNDSP). 6627
m. Comply with formal security classification and Operational Security (OPSEC) guidance 6628
in accordance with DoDI O-3600.2, CJCSI 6510.01E and DoDI O-8530.1 related to 6629
generation, transmission, storage and destruction of CND related incidents, 6630
countermeasures, vulnerabilities or CND systems status or, as specified by DoD 5000.2-6631
R, if classified. 6632
n. Support the implementation of physical and system mechanisms for safeguarding CUI 6633
including encryption, access control, end user identification and authentication, malicious 6634
content detection, audit, and physical and environmental control. 6635
o. Support the operation of PKI services in compliance with Public Key Infrastructure 6636
Software Certificate Minimization Effort for DON Unclassified Environments (DTG 6637
122213Z MAY 08) policies, guidelines, and configurations in accordance with MCEN 6638
DAA. 6639
p. Support the maintenance of smart card (or credential) reader, middleware, and all 6640
necessary software to support the use of PKI certificates on each data seat, portable 6641
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
242
electronic device, and network component which require Active Directory domain 6642
account authentication. 6643
q. Support the authentication of end users, both locally and remotely, using only PKI-based 6644
authentication on each data seat, portable electronic device, and network component 6645
which require Active Directory domain account authentication. 6646
r. Use medium assurance PKI based X.509 Version 3 certificates (PK Standard). 6647
s. Support the medium assurance PKI implementation of the Common Access Card (CAC) 6648
and Alternate Log on Token (ALT) on all unclassified networks. 6649
t. Use ALT for System Administrator when necessary to comply with requirement for 6650
CLO. 6651
u. Participate in DoD testing and evaluation of end user credential platforms. 6652
v. Use only those MS Windows-based servers that are DoD PKI-enabled. 6653
w. Use only PKI-based authentication for network services, applications, resources, and 6654
components requiring Active Directory Domain account authentication. 6655
x. Support the management and maintenance of digital signature and encryption capabilities 6656
for email services in accordance with government policy (e.g. NTD 07-06, NAVADMIN 6657
248/08 and MARADMIN 336/08 digital signature policy.). 6658
y. Register and install DoD PKI certificates for network PK-enabled servers, infrastructure, 6659
non-person entities, and applications. 6660
z. Perform Local Registration Authority (LRA) functions to augment Service LRA 6661
capabilities for machine certificate issuance. 6662
aa. Maintain current certificate trusts for all DoD certification authorities on data seats and 6663
network components. 6664
bb. Support the management of applications to minimize network traffic destined for the 6665
DoD PKI certificate validation infrastructure. 6666
cc. Maintain internal certificate validation infrastructure (i.e., OCSP and certificate 6667
revocation list (CRL) caching). 6668
dd. Operate certificate validation services for each data seat, portable electronic device, and 6669
network component utilizing PKI certificates. 6670
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
243
ee. Validate PKI certificates processed at each data seat, portable electronic device, and 6671
network components. 6672
ff. Operate a certification authority infrastructure to support PKI requirements, that is 6673
compliant with Public Key Infrastructure Software Certificate Minimization Effort for 6674
DON Unclassified Environments (DTG 122213Z MAY 08) in accordance with MCEN 6675
DAA. 6676
gg. Maintain mappings between PKI certificates and network accounts in order to both 6677
support two-factor authentication for all Active Directory Domain account categories and 6678
eliminate the need for password-based authentication (i.e., 'exception accounts'). 6679
hh. Provide unique identification to both the sender and the recipient of a message. 6680
ii. Receive request for and initiate end user account lifecycle events. 6681
jj. Create new end user account with DON provided attributes data. Perform lifecycle 6682
events on end user accounts as requested by DON, including the following: 6683
i. Modify end user account attributes including Move, Add, Change, Disable or 6684
Deactivate. 6685
ii. Modify end user account type (upgrade/downgrade). 6686
iii. Deactivate end user accounts. 6687
iv. Change end user account status when directed by the government. 6688
v. Provide unique identifiers for all accounts using naming standards in accordance 6689
with government policy (e.g. MARADMIN 328/08 DTG: 031012Z JUN 08). 6690
kk. Provide end user access to workstations based on end user account and workstation 6691
permissions as designated by the government or as specified by requested service. 6692
ee. Associate the DoD PKI user credential with a provisioned Active Directory Domain 6693
account. 6694
ff. Issue user credentials, to include the CAC, ALT, and SIPR user credential, for the 6695
purposes of user authentication, digital signature, and email encryption. 6696
gg. Perform Certification Authority (CA) functions. 6697
hh. Perform Registration Authority (RA) functions. 6698
ii. Perform LRA functions. 6699
jj. Publish certificate revocation lists for certificates issued by the DoD PKI. 6700
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
244
kk. Provide certificate validation services. 6701
ll. Publish DoD and Service certificate policies and certificate practice statements. 6702
mm. Implement the trust relationship structure to be used among resources, assets, networks 6703
and security domains. 6704
6705
4.6.24 Network Access Control Services 6706
Network access control (NAC) Services provide device discovery and rogue device prevention 6707
by identity based compliance evaluation/verification for network connected devices and end 6708
users. The NAC Service checks host machines before allowing access to the network. Non-6709
compliant hosts can be remediated before an NGEN IP address is issued (dynamic host 6710
configuration protocol (DHCP)) and an NGEN network connection is made. 6711
6712
4.6.24.1 Specific Tasks 6713
For NAC Services, the specific support tasks the ES Contractor shall perform or provide include: 6714
a. Maintain CND mechanisms, including anti-spam tools, Network Access Control, Host 6715
Based Security Systems (HBSS), and HBSS Device Control Modules at enterprise 6716
locations in accordance with government direction based on NIST SP 800-53, 6717
DoDI8500.2, DoDD 8500.1. Operate and defend the network in accordance with DoDI 6718
O-8530.2, STRATCOM Directive (SD) 527-1, and CYBERCOM cyber condition 6719
operational tasking orders. 6720
b. Develop, plan and implement actions on the enterprise as required by each of the Cyber 6721
Readiness Conditions. 6722
c. Execute the Cyber Readiness Implementation Plan as directed by the government. 6723
Inform Government upon completion of all steps. Report any actions that could not be 6724
completed, along with an estimated time of completion via the Government provided 6725
Ticket Management System (TMS). 6726
d. Defend Systems by recognizing, reacting to, and responding to threats (as directed by 6727
NCDOC, Marine Corps Network Operations and Security Center (MCNOSC) or higher 6728
authority), vulnerabilities, and deficiencies, such that no access is uncontrolled and all 6729
systems and networks are capable of self-defense with all reporting and responses to 6730
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
245
computer network defense service provider (CNDSP). 6731
6732
4.6.25 Fixed and Portable Computing Services 6733
Fixed computing services provide a fixed workstation with the following capabilities: hardware 6734
and software (core build), local storage capability, standard and enhanced graphics with 6735
processing capabilities, and standard office automation software; which includes, but is not 6736
limited to word processing, spreadsheet work, email, calendar, multimedia presentation, and an 6737
internet browser. Each workstation shall be capable of facilitating the following services: 6738
network file sharing, shared network printing, network and web access services, training, 6739
relocation, customer support, messaging, maintenance, refreshment, administration, and operate 6740
over a non-optimized, high-latency link via cable or wireless connection. 6741
6742
Portable computing services deliver all services available from a fixed workstation to a portable 6743
workstation. Also, if required the portable workstation can be upgraded to accommodate special 6744
requirements. 6745
6746
4.6.25.1 Specific Tasks 6747
For Fixed and Portable Computing Services, the specific support tasks the ES Contractor shall 6748
perform or provide include: 6749
a. Receive and track hardware and software (including GFE), and stage and ship equipment 6750
based on jointly developed implementation plan. 6751
b. Configure end user HW/SW with "core build" and "DON Applications and Database 6752
Management System (DADMS)" approved software to the place and at the time 6753
identified in the individual orders. 6754
c. Install end user HW/SW at the end user location including connecting approved 6755
peripherals. 6756
d. Register end users for full disk encryption authentication on workstations they are 6757
authorized to use. 6758
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
246
e. Maintain smart card (or credential) reader, middleware, and all necessary software to 6759
support the use of PKI certificates on each data seat, portable electronic device, and 6760
network component which require Active Directory domain account authentication. 6761
f. Authenticate end users, both locally and remotely, using only PKI-based authentication 6762
on each data seat, portable electronic device, and network component which require 6763
Active Directory domain account authentication. 6764
g. Maintain operating systems (OS) including drivers associated with OS hardware 6765
compatibility list as provided by the original equipment manufacturer (OEM). 6766
h. Maintain core build software including but not limited to: 6767
i. Just-in-time Compilers 6768
ii. The office productivity Suite 6769
iii. Desktop management software 6770
iv. Email services software 6771
v. Internet browsing software 6772
vi. Virus protection software 6773
vii. PDF viewer software 6774
viii. GIS viewer to view geospatial material 6775
ix. Terminal and print emulator – host software 6776
x. Compression tool software 6777
xi. Collaboration tool software 6778
xii. Multimedia capability to view video and listen to audio 6779
xiii. Electronic records management software 6780
xiv. Security software 6781
xv. Software management software 6782
xvi. Inventory and remote control software 6783
xvii. Smart card middleware software 6784
i. Apply software upgrades, tool extensions and templates, as provided by the software 6785
developer(s) to meet security or specific functional requirements identified by the 6786
government. 6787
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
247
j. Support the capability to send, store, process, and received email and associated 6788
attachments. 6789
k. Configure email client with the ability to send and receive signed and encrypted email 6790
and attachments, by utilizing DoD PKI issued end user certificates. 6791
l. Maintain the ability for email to support cryptographic functions from a smart card. 6792
m. Support the management and maintenance of remote access to email via a web-based 6793
application (e.g., OWA) using PKI-based end user authentication or both PKI and 6794
password-based authentication for government designated exceptions from a 6795
hardware/software entry point with a browser compatible with transport layer security 6796
(TLS). 6797
n. Maintain a desktop or laptop embarkable seat to be used in an expeditionary or field 6798
environment. 6799
o. Maintain deployable seats that are capable of interfacing with and being reconfigured for 6800
compatibility with DON and DoD networks. 6801
p. Perform installation and configuration of received end user hardware and software and 6802
deliver to end user. 6803
q. Configure default email client settings to include a digital signature utilizing DoD PKI 6804
certificates in accordance with Service direction (e.g., NAVADMIN 248-08 and 6805
MARADMIN 336-08. 6806
r. Provide the ability to Create, modify, and delete all personal, command, echelon, and 6807
organizational messaging distribution lists existing at the start of the service and those 6808
created at later dates. 6809
s. Use a method/tool for a Unit IT to display Deployable equipment Information Assurance 6810
Vulnerability Assessment (IAVA) status to the hosting network’s Information Assurance 6811
Manager (IAM). 6812
t. Use an automated web based deployable tool solution to allow the Unit IT to remotely 6813
choose, schedule, and execute the deployment of equipment and users. 6814
u. Receive end user hardware and software as GFE and perform installation, configuration 6815
and deliver to end user. 6816
6817
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
248
4.6.26 Thin Client Computing Services 6818
Thin Client Computing Services provide a server-centric computing model in which the 6819
application software, data, and CPU power resides on a network server rather than on the client 6820
computer. Thin Client workstations do not have a local hard drive and consist of a set of IT 6821
characteristics (e.g. hardware and firmware, file share services, maintenance, refreshment, 6822
administration, network access, customer support, relocation, and training). Each Client 6823
configuration must be able to meet a core set of performance tests when fully loaded, with all 6824
security configurations set and operational over a non-optimized, high-latency link. Using 6825
terminal services software, end users share the applications in the server with all other end users 6826
at thin client stations. Although presented with their own desktop, end users are limited to 6827
running prescribed shared operating system, applications in a server with other end users and 6828
performing simple tasks such as creating folders and shortcuts. There are options for Classified 6829
Thin Client seats and S&T Terminal seat services. These seats shall be refreshed every 48 6830
months. 6831
6832
4.6.26.1 Specific Tasks 6833
For Thin Client Computing Services, the specific support tasks the ES Contractor shall perform 6834
or provide include: 6835
a. Provide touch labor to maintain thin client, fixed workstations available on supported 6836
networks. 6837
b. Support thin client capabilities including file share services, maintenance, refreshment, 6838
administration, network access, customer support, re-location, and training. 6839
6840
4.6.27 Optional Hardware and Software Services 6841
Optional hardware and software services offer enhanced, optional software and hardware 6842
peripherals by providing Commercial-off-the-Shelf (COTS) software and hardware peripherals 6843
associated with data, voice, and video. End users may choose from a wide selection of items 6844
utilizing the latest technology that will best meet the requirements beyond the basic services. 6845
6846
4.6.27.1 Specific Tasks 6847
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
249
For Optional Hardware and Software Services, the specific support tasks the ES Contractor shall 6848
perform or provide include: 6849
a. Receive and track hardware and software (including GFE). Stage and ship equipment 6850
based on jointly developed implementation plan. 6851
b. Configure end user HW/SW with core build software and functional area manager 6852
(FAM) approved and certified software to the place identified in the individual task 6853
orders. 6854
c. Install end user HW/SW at the end user location including connecting approved 6855
peripherals. 6856
d. Perform delivery and installation for non-catalog/ specially-negotiated services per 6857
individual task order. 6858
e. Apply software upgrades, tool extensions and templates, as provided by the software 6859
developer(s) to meet security or specific functionality requirements. 6860
f. Maintain the ability for designated workstations to run the time and attendance 6861
applications. 6862
i. The seat shall permit a functional account to remain logged in, with no Log on 6863
password required, and accommodate the barcode scanners. 6864
ii. End user authentication shall occur within the application and not in the NGEN 6865
Active Directory infrastructure. 6866
iii. The seat shall consist of one functional end user account for each seat and a 6867
barcode scanner shall be ordered in conjunction with the seat order. 6868
iv. CAC authentication will not be required, a functional account Log on ID and 6869
password will be utilized for Active Directory authentication. 6870
v. Provide automatic Active Directory Log on to the functional account at power-up 6871
and re-boot. 6872
vi. Disable screensaver password requirement. 6873
vii. Maintain group policy object-enabled restrictions to Microsoft Internet Explorer, 6874
Microsoft Office, WinZip, RealPlayer, and WRQ Reflections. 6875
viii. Maintain auto load of the time and attendance application at power-up or re-boot. 6876
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
250
ix. Operate and maintain peripheral devices on NGEN including software updates 6877
and patches. 6878
x. Operate and maintain software on NGEN including software updates and patches. 6879
g. Test and certify DoD approved versions of assistive technology software and hardware 6880
for use in the enterprise upon request of the computer electronic assistance program 6881
(CAP) office. 6882
h. Coordinate with the CAP office and the applicable customer technical representative for 6883
procurement (by CAP at no cost to end user or contractor), delivery and installation of 6884
CAP – procured assistive technology to qualifying end users (as defined by the CAP 6885
office). 6886
i. Perform installation and configuration of received end user hardware and software GFE 6887
and deliver to end user, in accordance with government established timelines. 6888
j. Maintain the process and procedures to Network end users for obtaining and deploying 6889
assistive technology. 6890
6891
4.6.28 Remote Access Services 6892
Remote access services support implementation, operation and maintenance for access by remote 6893
end users to unclassified resources on the network from laptops, desktops, or PDAs, via 6894
broadband or other authorized access medium (e.g. cellular). 6895
6896
4.6.28.1 Specific Tasks 6897
For Remote Access Services, the specific support tasks the ES Contractor shall perform or 6898
provide include: 6899
a. Configure end user devices such as laptops, tablets, and desktops with remote access 6900
software. 6901
b. Support maintenance of virtual private network (VPN) client software. 6902
c. Support maintenance of remote access services (RAS) software. 6903
6904
4.6.29 Printing Services 6905
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
251
Printing services includes, but is not limited to hardware and software to provide black and white 6906
and/or color, local or network printing. Network printing enables jobs sent by end users to go to 6907
the appropriate printer. 6908
6909
4.6.29.1 Specific Tasks 6910
For Printing Services, the specific support tasks the ES Contractor shall perform or provide 6911
include: 6912
a. Map network printers to the new end user computer, in cases where the end user 6913
computer is being replaced. 6914
b. Test end user network printer to ensure the end user can print. 6915
c. Implement the capability and features to produce black-and-white and color hard copies, 6916
and transparencies of electronic documents. 6917
d. Operate and maintain network printer infrastructure. 6918
e. Implement the ability for end users to connect to any networked printer via the service 6919
desk. 6920
f. Provide access to printers without exposing an end user to a safety hazard or creating a 6921
security compromise. 6922
g. Monitor location of networked printers to ensure they located within 50 feet of end users 6923
being serviced. 6924
h. Monitor end user to printer ratio to ensure a ratio of twenty-five to one (25:1) is 6925
maintained. 6926
i. Monitor printer locations to ensure they are within the same physical plane of supported 6927
end users and not separated by ceilings, floors, and true walls. 6928
j. Monitor original equipment manufacturer (OEM) specified consumables (including 6929
paper, fuser and maintenance kits) where available for replacement. 6930
k. Administer print queues. 6931
l. Implement the ability for end users to connect authorized local printers to their desktop or 6932
laptop computer and provide service desk support if needed. 6933
m. Provide hardware specifications in accordance with (CDRL AXXX). 6934
6935
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
252
4.6.30 Service Desk Services 6936
Service desk services manage and coordinate the handling of incidents, problems, and requests 6937
from end users and organizations, using established processes. The Service desk will provide an 6938
end user with a single point of contact accessible via toll-free number, web interface, voice mail 6939
or email, for incident resolution management, and request fulfillment. 6940
6941
4.6.30.1 Specific Tasks 6942
For Service Desk Services, the specific support tasks the ES Contractor shall perform or provide 6943
include: 6944
a. Support the operation of a service desk that provides a single point of contact for end user 6945
problems and service requests. 6946
b. Coordinate with desk side support services to provide assistance in resolution of tickets 6947
as necessary. 6948
c. Provide for dedicated VIP support capability for specified NGEN uses in key leadership 6949
and management positions with enhanced service desk support. All general officers and 6950
SES civilians will automatically receive this VIP support. 6951
d. Additional VIP end users can be identified by authorized government representatives. 6952
e. Close tickets in the ticket management system (TMS) after the incident or event has been 6953
resolved. 6954
f. Direct resolution of incidents at the lowest possible management level. 6955
g. Perform service desk services as an initial point of contact for trouble-calls. 6956
h. Support the maintenance of self-service tools for end users to access current status of 6957
NGEN services. 6958
i. Support the maintenance of self-service tools for end users to access planned status of 6959
NGEN services. 6960
j. Support the maintenance of self-service tools for end users to access service desk point of 6961
contact information. 6962
k. Support the maintenance of the government provided listing, accessible by all end users 6963
of the network, of all optional capabilities that have been certified for use on the network. 6964
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
253
l. Provide end user’s electronic notification of service requests and ticket closures using 6965
government provided service desk tools. 6966
m. Use government approved escalation and problem resolution processes. 6967
n. Accept service requests from government ordering tool. 6968
o. Maintain government provided web enabled tools for tracking status of service request 6969
tickets. 6970
p. Prioritize all tickets as directed by the government. 6971
q. Use government approved processes for opening, processing, and closing tickets. 6972
r. Update change tickets to document the processing of the request until resolved. 6973
s. Close change tickets only when authorized by the initiator or other approved government 6974
representative. 6975
t. Accept service requests from end users and authorized submitters, and process in 6976
accordance with service request fulfillment process guide. 6977
u. Provide end user technical assistance for solving issues. 6978
v. Operate a service desk that enables direct interaction between the end user and the 6979
technical support organizations for questions and problem resolution. 6980
w. Coordinate incident diagnosis and resolution with the technical support organizations for 6981
questions and problem resolution. 6982
x. Create an incident ticket for all trouble calls or a service request ticket for all pre-6983
approved standard change requests. 6984
y. Update incident tickets and service request tickets to document the processing of the 6985
ticket until resolved 6986
z. Operate service desk 24 hours a day and 7 days a week. 6987
aa. Provide service desk services in response to requests received via toll-free number, web 6988
interface, voice mail or email. If request is new, ensure a new ticket is created in TMS. 6989
If request is for status of an existing ticket, ensure response is documented in the ticket. 6990
bb. Support the maintenance of government provided tools for tracking ticket status. 6991
cc. Notify only those affected end users of scheduled and unscheduled system maintenance 6992
or degradation of service. 6993
dd. Collect service desk metrics and post on government specified web site. 6994
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
254
ee. Use government provided asset management system in approval process for service 6995
requests. Update government provided asset management system with results of 6996
action(s) taken WRT a Service request. 6997
ff. Provide dedicated and elevated support (above normal service desk services) for rapid 6998
remediation of incidents when directed by the government. 6999
gg. Support the maintenance of password reset service. 7000
hh. Maintain government provided tools to allow an end user to review and provide 7001
information to the service desk. 7002
ii. Assist end users in obtaining and deploying CAP-procured assistive technology in 7003
accordance with Section 508 of the Rehabilitation Act of 1973 (29 U.S.C. 794d). 7004
jj. Update ticket management system (TMS) tickets within time frames established by 7005
government procedures. 7006
kk. Close ticket when approved by government representatives. 7007
ll. Maintain vendor technical references for all hardware and software supporting or 7008
associated with supporting the network. 7009
mm. Maintain custody of received equipment until turned over to a government 7010
representative. 7011
nn. Maintain government records for warranty and maintenance repair. 7012
oo. Ensure labor services update tickets such that an analyst can track progress of equipment 7013
upgrade/repair. 7014
pp. Ensure a ticket created for equipment repair contains the government approved/required 7015
information. 7016
qq. Track all IT assets in accordance with DoD Instruction(s) 5000.64, 4165.14, DoD 7017
4140.1‐R, and DoD 4000.25‐2‐M, Federal Acquisition Regulation (FAR) Part 45.000, 7018
and SECNAVINST 7320 7019
rr. Use government provided configuration management system (CMS). 7020
ss. Coordinate with desk side support services to provide assistance in resolution of tickets 7021
as necessary. 7022
tt. Provide input and development of status reports to measure service desk service 7023
performance to the appropriate government service desk manager. 7024
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
255
uu. Provide input and development of an end of month Service Request backlog exception 7025
report. 7026
vv. Provide input and development of an end of month (EOM) problem resolution backlog 7027
exception report. 7028
ww. Provide input and development of an end of month (EOM) access to government 7029
application problem resolution backlog exception report. 7030
xx. Perform Service Desk assistance for deployed users. 7031
7032
4.6.31 Desk Side Support Services 7033
Desk side support services consist of providing Tier-2 assistance with computer hardware, 7034
software, or other electronic or mechanical devices. Desk side support, which is located at the 7035
Base/Post/Station level, is usually in support of a trouble ticket that has been transferred from the 7036
service desk. An extension of the service desk to the field, desk side support is comprised of any 7037
labor activities, physical or virtual, required to address incident management, problem 7038
management, event management, access management, asset management, request fulfillment 7039
(including Move, Add, and Change activities), and release and deployment management to on-7040
site, remote, and/or very small site design (VSSD) sites. Desk side support includes a VIP 7041
support capability that provides specified NGEN end users in key leadership and management 7042
positions with enhanced help desk service support. 7043
7044
4.6.31.1 Specific Tasks 7045
For Desk Side Support Services, the specific support tasks the ES Contractor shall perform or 7046
provide include: 7047
a. Conduct data migration from previous HW to new HW. 7048
b. Provide access to migrated data or external data storage devices to ensure end user data 7049
sources are valid and available following data migration from previous HW to new HW 7050
for implementation of enterprise core services HW/SW operations. 7051
c. Support the maintenance of onsite resources to manage end user HW installation 7052
processes, including troubleshooting issues after delivery and installation of end user 7053
HW. 7054
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
256
d. Notify the government custodian that equipment has been delivered, data migrated and 7055
installed applications are functioning properly. 7056
e. Perform asset scanning and logging of assets that have been delivered. 7057
f. Conduct data migration from previous HW to new HW, including any external devices 7058
enabled with data at rest (DAR) solutions. 7059
g. Provide access to migrated data or external data storage devices to ensure end user data 7060
sources are valid and available following data migration from previous HW to new HW 7061
for implementation of end user HW/SW. 7062
h. Utilize government procedures and implementation plans to ensure that IT resources 7063
leaving the control of the assigned end user such as being reassigned, removed for repair, 7064
replaced, or upgraded is cleared of all DON data, including CUI and sensitive application 7065
software by a technique approved by the government. 7066
i. Provide end user support of DAR services, including hard disk data recovery if full disk 7067
encryption DAR services cause a failure. 7068
j. Manually install a software application on a data seat connected to the network in 7069
accordance with government direction. 7070
k. Manually remove a software application on a data seat connected to the network in 7071
accordance with government direction. 7072
l. Support the maintenance of all end user devices. 7073
m. Support the maintenance of time and attendance application for end users. 7074
n. Provide labor for deployable seats that meet the requirements for a portable data seat with 7075
limited regular services when deployed. 7076
o. Provide labor for deployable seats that meet the requirements for a portable data seat to 7077
maintain deployment support services and logistics services in support of operational 7078
forces in a deployed environment. 7079
p. Provide worldwide logistics support for deployed equipment and software, which will 7080
include replacement units, forward points of service, and Online troubleshooting. 7081
q. Incorporate spares as part of the pack up kit (PUK) to facilitate operation at forward 7082
deployed locations in accordance with government direction. 7083
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
257
r. Provide to government logistics team alerts of equipment failures while deployed, in 7084
accordance with the logistics process and procedures guide (LPPG). 7085
s. Provide labor to maintain deployable seats that meet the requirements for a portable data 7086
seat, to reconfigure, perform preventive and/or corrective maintenance upon return of the 7087
embarked units and prior to reconnection with the shore infrastructure. 7088
t. Maintain deployable seats that are capable of interfacing with and being reconfigured for 7089
compatibility with DON and DoD networks. 7090
u. Provide deployable services for both scheduled movements that are known in advance, or 7091
contingency operations and other unplanned movements. 7092
v. Scan the returning deployed seat to validate compatibility with network. 7093
w. Maintain a copy of the core build media and authorized application software loaded on 7094
the deployable equipment to rebuild seats. 7095
x. Conduct local desktop support requiring access to the device or end user only during 7096
normal local working hours and only on normal government workdays. 7097
y. Provide labor support to physically move or transfer assets or software. 7098
z. Perform requested service requests and incident ticket resolution as provided by the 7099
enterprise service desk. 7100
aa. Provide local troubleshooting of issues identified through service desk to ensure the ticket 7101
is updated with all troubleshooting actions accomplished in the TMS. 7102
bb. Resolve issues and notify service desk and government of cause and corrective action to 7103
ensure the ticket is updated with what action(s) actually resolved the issue in the TMS 7104
cc. Maintain any loaner equipment that is in place in a ready-to-issue condition to support 7105
break-fix scenarios. 7106
dd. Submit an individual incident ticket for each piece of broken equipment 7107
ee. Operate and maintain authorized software in use including software updates and patches. 7108
ff. Coordinate with the computer electronic assistance program (CAP) office and the 7109
applicable customer technical representative for procurement (by CAP at no cost to end 7110
user or contractor), delivery and installation of CAP – procured assistive technology to 7111
qualified end users (as defined by the CAP Office). 7112
gg. Document changes to assets in the government furnished asset management tool. 7113
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
258
hh. Provide break/fix and maintenance services on end user hardware that is in warranty or 7114
planned for technology refresh. 7115
ii. Document custody transfer of internal and removable hard drives at such time as the IT 7116
resource is being reassigned, replaced, upgraded, or decommissioned. 7117
jj. Ship equipment to customer locations as directed by the government. 7118
kk. Maintain custody of received equipment until turned over to a government representative. 7119
ll. Identify and track equipment and components being repaired. 7120
mm. Document the RMA and the serial number of the component being repaired in 7121
ticket management system (TMS) ticket. 7122
nn. Manually install the software application on a Data Seat connected to the network in the 7123
event the software application cannot be packaged for installation via an electronic 7124
distribution method. 7125
oo. Use other techniques to remove software (e.g. remote administration or manual removal 7126
at the Data Seat) if unable to remove via ESD mechanisms as needed. 7127
pp. Respond to Request to Deploy forms, prior to the initial movement of a Deployable seat. 7128
qq. Remove non-standard and/or unauthorized applications from the seat before it is rejoined 7129
to the NGEN environment. 7130
rr. Perform requested MAC services within performance parameters identified in Appendix 7131
B. 7132
7133
4.6.32 End User Training Services 7134
End user training services develop and deliver training in accordance with current DON, USN, 7135
USMC, Training and Education Command (TECOM) guidance, curriculum development 7136
manuals, and style guides. The purpose is to train the end user on the tools and applications 7137
required to operate, maintain, administer, and secure the network aligned to mission essential 7138
task lists and job task analysis. 7139
7140
Support end-user training and education on the various NGEN Services including computer-7141
based training, web-based training, and instructor-led training as required 7142
7143
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
259
4.6.32.1 Specific Tasks 7144
For End User Training Services, the specific support tasks the ES Contractor shall perform or 7145
provide include: 7146
a. Provide input to and publish end user communications and training material for DAR. 7147
b. Provide end user training on the use of DoD PKI certificates for network Log on, email 7148
message signing/encryption, and authentication to public key-enabled services. 7149
c. Maintain needed curricula to train end users in the use of computer equipment in 7150
deployable environments. 7151
d. Curricula shall be available electronically. 7152
e. Provide input to update curricula to incorporate relevant changes in the deployment 7153
tools/processes and the network. 7154
f. Support the maintenance of a searchable resource library for end users to reference in 7155
order to solve common issues or find training materials. 7156
g. Provide end user training services that include access to training content addressing 7157
primary end user needs, including operating system functions and capabilities, core build 7158
applications, and common end user applications, drawing on available resources and 7159
existing DoD, DON, or commercial practices. 7160
h. Maintain end user training services that include training materials based on analysis of 7161
end user need or interest. 7162
i. Provide input for instructional learning content. 7163
j. Provide input for instructional content in courseware material. 7164
k. Provide input for instructional content in instructional material. 7165
l. Maintain access, access controls/lists and privileges of file share. 7166
m. Generate a report for allocation, usage and ad-hoc reports of file share. 7167
n. Provide input for end user training to order services. 7168
o. Provide input for end user training on the process required by the end user to implement a 7169
new service or capability. 7170
p. Provide input for end user training for changes in services, tools and processes. 7171
q. Report on user training execution for both security and standard hardware and software 7172
training hosted by a computer-based learning system. 7173
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
260
r. Work with government (PM office, Customer Technical Representatives, and USMC) to 7174
determine training requirements supporting end users. 7175
s. Provide technical subject matter expertise in documenting training requirements and 7176
assist government subject matter experts (SME) in development of training. 7177
t. Participate in the Training and Communications Review Board (TCRB) and other 7178
stakeholder reviews of current and emerging End User Training, and training 7179
requirements for new capabilities. 7180
u. Support the operation of an automated means for users to request training and track their 7181
completion. 7182
v. Operate a centralized repository for training materials and documentation. 7183
7184
4.6.33 Network Operations (NETOPS) and Cyber Security Training Services 7185
NETOPS and cyber security training services provide transformational, operationally-focused 7186
training to accomplish the USN, USMC, and joint mission requirements for NETOPS and IA 7187
training and certification. 7188
7189
4.6.33.1 Specific Tasks 7190
For Network Operations and Cyber Security Training Services, the specific support tasks the ES 7191
Contractor shall perform or provide include: 7192
a. Provide input for instructional content learning content. 7193
b. Provide input for instructional content in instructional material. 7194
c. Provide input for instructional content in courseware material. 7195
d. Maintain access controls/lists and privileges of file share. 7196
e. Initiate generation of a report for allocation, usage and ad-hoc reports of file share. 7197
f. Provide input for end user training for changes in services, tools and processes. 7198
g. Post government-provided training materials to support deployed personnel. 7199
h. Report on end user training execution for both security and standard hardware and 7200
software training hosted by a computer-based learning system. 7201
i. Provide technical subject matter expertise in documenting training requirements and 7202
support government subject matter experts (SME) in development of training. 7203
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
261
j. Provide IT certifications for NETOPS and Cyber Security personnel in accordance with 7204
the DoD 8570.01M. 7205
7206
4.6.34 Testing and Evaluation (T&E) Services 7207
Enterprise testing services encompass the broad aspects of testing scope, objectives, and 7208
schedules, and bring together the specialists to manage and conduct the enterprise testing 7209
requirements. Entities include the enterprise test and evaluation manager/director, the NGEN 7210
service provider, DON major commands and claimants, DON operational T&E, and systems 7211
support centers / activities, as well as the various other test groups and sites that will be involved. 7212
Testing and certification services consist of hardware, software, information assurance, core 7213
build, integration, interoperability production pilot, and Community of Interest (COI) testing. 7214
7215
USMC unique test requirements include USMC applications and regionalized B/P/S Command 7216
and Control (C2). Of particular interest for regionalized testing is a replicated MITSC test 7217
capability, as this would be the focal point for demonstrating mission effectiveness, reliability, 7218
and responsive, dynamic network management for Marines in garrison. 7219
7220
Specific testing services identified below shall be provided for fulfillment of Developmental 7221
Testing (DT) and in support of government testing including Operational Testing (OT). 7222
7223
Every test shall include a test plan (CDRL AXXX). Every test shall include a test procedure(s) 7224
(CDRL AXXX). Every test shall include and a test report (CDRL AXXX). These artifacts, 7225
along with test cases and other supporting data, shall be maintained in the configuration 7226
management database (CMDB). 7227
7228
4.6.34.1 Specific Tasks 7229
For Testing and Evaluation Services, the specific support tasks the ES Contractor shall perform 7230
or provide include: 7231
a. Establish, maintain, accredit, and manage a test and evaluation facility which provides 7232
capability for certification and accreditation of services and applications for the 7233
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
262
enterprise, developmental testing and engineering of new products and services and is 7234
operationally representative of the network. Lab shall integrate and provide testing 7235
support to other government labs where necessary. 7236
b. Coordinate with USN test services (Section 3.3.16) to consolidate common test 7237
objectives and results. 7238
c. Provide laboratory design and equipment bill of materials documentation for the 7239
environment (CDRL AXXX) 7240
d. Ensure the core build operates and meets all requirements as defined by the government. 7241
Identify potential compatibility issues with other core build software, cyber security 7242
settings, and or impact to network operations, malware protection and standard hardware 7243
configurations. 7244
e. Test user / enterprise core services software modification / upgrade to validate software 7245
operability. 7246
f. Test applications that have received configuration authority approval for use on the 7247
network. 7248
g. Provide a packaged solution for all tested applications and services, which includes any 7249
required media/supporting documentation. All material shall be stored in the definitive 7250
software library (DSL). 7251
h. For applications that fail, a test summary report (TSR) (CDRL AXXX) shall be provided 7252
to the government stating the reasons for failure. The government will propose solutions 7253
or mitigations of test defects. 7254
i. Provide a test summary report, a copy of the packaged solution, and any supporting 7255
documentation on CDs. All material shall be stored in the configuration management 7256
database (CMDB). 7257
j. The packaged solution shall account for all associated applications, simulations, scripts, 7258
tools, or configuration changes required for the test. These shall be provided in 7259
supplemental packaged solutions. 7260
k. Prepare packaged solution for distribution and deployment, and submit to Change 7261
Advisory Board (CAB) for approval. 7262
l. Recommend to the CAB release of successfully tested configuration items. 7263
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
263
m. Provide notification of any stoppages or failures during testing. 7264
n. Send a failed notice to the application developer/owner and AMT. 7265
o. Test and evaluate new or upgraded solutions, services, and/or capabilities at 7266
Base/Post/Station, including travel to remote locations, or across the Wide Area Network 7267
(WAN) prior to and subsequent to final deployment. 7268
p. Contractor shall use approved test plans (CDRL AXXX) for the planning and execution 7269
of final certification tests. 7270
q. Submit test plans 30 calendar days prior to a testing event for government approval. 7271
r. Provide access and review of applicable documentation including at a minimum, 7272
requirements documents, architecture and engineering/deployment plans. 7273
s. Perform Verification and Validation (V&V) of requirements and service implementations 7274
and provide V&V traceability matrices (CDRL AXXX). 7275
t. Receive government signature approval of the applicable production test plan (CDRL 7276
AXXX) prior to commencement of testing. 7277
u. Test and certify DoD approved versions of assistive technology software and hardware 7278
for use in the enterprise upon request of the computer electronic assistance program 7279
(CAP) office. 7280
v. Provide a formal test requirements traceability matrix (CDRL AXXX), which maps all 7281
documented requirements to applicable production test cases in the respective test plan 7282
(CDRL AXXX). 7283
w. Ensure the Core Build operates and meets all requirements as defined by the government. 7284
Identify potential compatibility issues with other Core Build software, Information 7285
Assurance settings, impact to Network operations, virus protection and standard hardware 7286
configurations. 7287
x. The deliverable for this service is a Test Summary Report (CDRL AXXX) detailing the 7288
procedures used, issues and problems encountered, proposed resolutions and mitigations, 7289
and the results of the test. If the results of the test are that the applications pass. 7290
y. This service shall provide up to three attempts to test the subject software application(s). 7291
(CDRL AXXX) After each failure provide the Test Summary Report. Execution of the 7292
proposed resolution or mitigation of the failure is not included in this service. 7293
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
264
z. When Packaged Solutions are updated by the Contractor as a result of a Remedy fix due 7294
to a packaging error, the updated new Packaged Solution shall be deployed to all network 7295
environments where the old solution exists. 7296
aa. Test and certification of simple and complex hardware. 7297
bb. Provide Test Summary Report (TSR). 7298
cc. Release the solution after ECCB approval is granted or if test results are that the 7299
hardware device did not pass certification requirements, the Test Summary Report 7300
described above will provide in reasonable detail the reasons for failure. 7301
dd. Store a copy of the certified solution and any supporting documentation in the 7302
Configuration Management Database (CMDB. 7303
ee. Update the listing in the event a previously-certified item no longer properly integrates 7304
with the NMCI or fails to meet updated security/IA requirements so the Government can 7305
promptly remove the item. 7306
ff. Test all applications in response to a Request for Service (RFS) in ISF Tools. If the 7307
application is actually a suite, only the parent/primary application requires an RFS in ISF 7308
Tools. If there already is a valid RFS for an application with the ex. 7309
gg. Record all testing results and store the Test Summary Report (Certification/Failure 7310
Letter) in ISF Tools. 7311
hh. Provide Problem Application Wrapping (PAW) report in accordance with (CDRL 7312
AXXX). 7313
ii. Maintain test lab facility that has network connectivity and can represent the applicable 7314
test environment in the field and real world operations. 7315
jj. Test newly developed and discovered Information assurance/security vulnerabilities, new 7316
products, compatibility issues, and Legacy support. 7317
kk. Allow designated government personnel and/or direct support contractors access to the 7318
test lab facility and observe lab operations and testing. 7319
ll. Formally record test data and observations. Test data and observations are to be made 7320
available to the government on request. 7321
mm. Formally document the results of certification testing in a separate formal written 7322
report to the government. 7323
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
265
nn. Provide a formal requirements traceability matrix to the government which maps all 7324
documented requirements to applicable production test cases in the respective test plan. 7325
oo. Record all test data and observation, unless otherwise directed by the government. 7326
pp. Provide all test data and observations to the Government when requested. 7327
qq. In the event of a “failed test” event or “no test” event related to testing in the field, 7328
develop and submit a Plan of Action and Milestones (POA&M) to the government for 7329
approval that outlines the required corrective action, projected completion. 7330
rr. Provide a Test Plan in accordance with (CDRL AXXX). 7331
ss. Provide format and content guidance on test plans and reports to meet Government 7332
requirements and guidelines. 7333
tt. Review, evaluate and approve test reports on lab certification testing. 7334
uu. Review and formally sign/approve all test plans submitted by the Contractor for testing 7335
outside the Contractor lab facility. 7336
vv. Conduct test coordination and planning meetings. 7337
ww. Conduct Test Readiness Reviews (TRR). 7338
xx. Assist in test data collection and final reporting responsibilities. 7339
yy. In the case of a failed test event or “no test” event, assist in review and approval of plan 7340
of action and milestones for corrective action and re-test as required. 7341
7342
4.7 Place of Performance 7343
This section provides the contractor with geographical information for enterprise service support. 7344
This can include server farms, micro server farms, service desk locations, small end user 7345
locations major bases, remote sites, small, and very small sites. More detail will be provided in 7346
Appendix XXXXX. 7347
7348
4.7.1 Server Farms 7349 Installation City State/Country
MCB Quantico Quantico VA
MCB Camp Foster Okinawa JP
HQMC Server Farm Pentagon, Arlington VA
MCB Camp Lejeune Jacksonville NC
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
266
MCB Camp Pendleton Oceanside CA
MCB Kaneohe Bay Kaneohe Bay HI
7350
4.7.2 Micro Server Farm 7351 Installation City State/Country
Marine Corps Logistics Base (MCLB) Albany GA
MCAS Cherry Point Havelock NC
Marine Corps Recruit Depot (MCRD) Beaufort SC
Marine Forces Reserve (MFR) Headquarters New Orleans LA
MCAS San Diego CA
MCAS Yuma AZ
Marine Corps Air Ground Combat Center (MCAGCC) 29 Palms CA
MCLB Barstow CA
Marine Corps Mountain Warfare Training Center Bridgeport CA
MCAS Iwakuni Japan
7352
4.8 Special Requirements 7353
The ES Contractor shall satisfy the following requirements. 7354
7355
4.8.1 Ordering and Invoicing Tools and Services 7356
a. Participate in requirements review meetings, as well as develop price and technical 7357
proposals. 7358
b. Create orders and exchange data with government ordering tools. 7359
c. Support internal review and approval of orders by the government ordering approval 7360
authority and provision of financial information. 7361
d. Track order approval, invoicing, and delivery status. 7362
e. Maintain the ability to input direct manual entry of orders for exceptions for data 7363
exchange format (e.g. certain end of year orders). 7364
f. Electronically submit invoices to the Defense Finance and Accounting Services (DFAS) 7365
according to the instructions contained in each order. 7366
g. Accept service delivery details for services electronically. 7367
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
267
h. Include the ability to de-obligate funds at least quarterly at the Task Order level and 7368
provide the order modifications to the customer via reports and screens. Interfaces with 7369
the Government contracting information system permitting download of database. 7370
i. Support continuous access to the full set of ordering information through ad-hoc reports. 7371
j. Support retention of ordering data to comply with FAR Record Retention requirements. 7372
k. Support bilateral and unilateral orders and modifications. Include secure transactions in 7373
conformance with DoD Public Key Infrastructure (PKI) searchable database containing 7374
all orders (open and closed). 7375
l. Track individual service status by service ID for invoicing. 7376
m. Develop automated order close-out capability with provision for web-based contract 7377
closeout statistics and exception reports to be ordered via a RAP request. 7378
n. Provides the ability to process multiple lines of accounting on a single task order to 7379
support obligation/deobligation/invoicing transactions down to the CLIN/SLIN level. 7380
o. Interface with USMC SABRES to ensure processing of invoice (exists today). 7381
p. Create and maintain physical location identifiers in the ordering tool. 7382
q. Keep ordering tool user account data current. 7383
r. Provide a web‐based tool for submitting invoices, acceptance of services, and 7384
certification for payment: 7385
i. Develop tool capability that ensures that any changes made to the invoice post 7386
ACTR review are clearly identified and reviewable by the Government in the 7387
tool. 7388
ii. Provide Government with Receipt Validation data at CLIN level data for 7389
reporting and through ad‐hoc reporting downloads updated daily. 7390
iii. Develop tool capability to provide Government with Invoice data at CLIN level 7391
data for reporting and through ad‐hoc reporting downloads updated daily. 7392
iv. Retain and allow Government access to Invoices, Receiving Reports and 7393
underlying reporting data for at least 6 years after the end of the Contract. 7394
v. Provide updated and accurate payment status including date and amount. 7395
vi. Develop tool capability that provides accurate payment status to include the 7396
interest. 7397
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
268
s. Provide Receipt Validation services: 7398
i. Maintain a web‐based tool that provides for government receipt validation and 7399
tracks status of all deliverables received by the government 7400
ii. Maintain Receiving Report (previously known as “Pre‐invoice screens”) to the 7401
Government for validation prior to invoicing: 7402
a) Records designated government representatives’ electronic receipt of 7403
delivered services 7404
b) Allow government to validate dates and quantities as presented or change 7405
the dates and quantities 7406
c) Provides accurate asset data information reflecting services being invoiced 7407
t. Electronically transfer the following data to the Government ordering tool: 7408
i. Physical Site Identifier (PSI) data 7409
ii. Legacy server information 7410
iii. New application data as created by Government-owned DADMS and after 7411
applications have been placed on the Command Applications List 7412
iv. User account data, by type 7413
v. Daily Move, Add, Change (MAC) ledgers (annual and purchased) and MAC 7414
execution details 7415
vi. Asset data to service ID level for confirmation of delivery and subsequent service 7416
modification 7417
vii. Schedule of service deliveries 7418
viii. Manufactured date for all data seats services eligible for Technology Refresh 7419
7420
4.8.2 Asset Management 7421
The Asset Management Tools, which are part of the larger Configuration Management System 7422
(CMS), is a set of tools and databases that will be used for collecting, storing, managing, 7423
updating and presenting data for all configuration items, and includes assets and their 7424
relationships. 7425
7426
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
269
The vendor shall maintain USMC Asset Management systems set forth in Appendix (XXX), 7427
which includes Asset Management Systems and Configuration Management Databases owned or 7428
operated by the government and monitor: 7429
a. All hardware assets, moveable and non-moveable. 7430
b. Software and all other assets directly or indirectly supporting the network. 7431
7432
4.8.2.1 Asset Acquisition and Accountability 7433
Asset acquisition and accountability procures and accounts for assets, to include receipt of assets 7434
from a supplier, and repurposing or redeploying existing assets. This activity also provides 7435
status, as well as the assignment of transportation and coordination of assets to new locations, 7436
when applicable. 7437
7438
For Asset Acquisition and Accountability, the specific support tasks the ES Contractor shall 7439
perform or provide include: 7440
a. Support the importation of existing data (i.e. inventory and usage information, purchase 7441
order, and contracting data) from other data sources into a centralized asset repository. 7442
b. Procure HW and SW assets in support of Enterprise Services. 7443
c. Perform receipt, inventory, integrate, and perform kitting and shipment of HW and SW to 7444
designated government locations. 7445
d. Perform Asset Discovery scans and Usage Monitoring to ensure the asset repository is 7446
always current with the latest information. 7447
e. Maintain accountability of SW and storing significant information about each SW 7448
license, such as: 7449
i. Software information including name, version, release 7450
ii. Purchase orders including approving authority 7451
iii. Vendor information 7452
iv. License type 7453
v. License allocation 7454
vi. Financial information 7455
vii. Any related contracts or documentation 7456
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
270
viii. Custom fields 7457
f. Maintain accountability of HW and storing significant information about each asset, such 7458
as: 7459
i. Manufacturer, make, model, serial number 7460
ii. Purchase orders including approving authority 7461
iii. Vendor information 7462
iv. Financial information 7463
v. Any related contracts or documentation 7464
vi. Custom fields 7465
g. Provide government ordering tool updates daily with service delivery data for assets. 7466
h. Manage and maintain accurate and timely warranty data information on all assets. 7467
i. Support development of spares requirements and fielding to achieve material availability. 7468
7469
4.8.2.2 Asset Record Control 7470
Asset record control involves maintaining asset records (i.e., creating, updating, or deleting asset 7471
data) as required. Incident management, problem management and ITSM operational 7472
configuration management can also trigger modifications to asset data information. This activity 7473
also administers the asset database and performs asset reconciliation. The database includes all 7474
assets with status designation (i.e., ordered, in storage, assigned, retired or disposed). 7475
7476
For Asset Record Control, the specific support tasks the ES Contractor shall perform or provide 7477
include: 7478
a. Support the management of inventory records for HW and SW. 7479
b. Create, update and maintain CI information on HW and SW assets in support of the 7480
enterprise. 7481
c. Support periodic reporting of the number of installed copies of software, the total number 7482
of licenses allocated, and the number actually being used to support accounting and 7483
reconciliation processes, as well as validating compliance with license agreements. 7484
d. Verify asset deployment, changes, and removal to ensure that actual configurations match 7485
inventory, license agreements, and finance records. 7486
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
271
e. Monitor the status of all assets within the enterprise to ensure government CM tools are 7487
maintained and updated with the most current information. 7488
f. Verify software is being used only by the assets to which it is allocated. 7489
g. Identify asset management data errors and mitigate errors with government concurrence. 7490
7491
4.8.2.3 Operations Management 7492
Operations management performs NGEN IT asset monitoring. The NGEN IT status, with regard 7493
to compliance for licensing and information security requirements, is also monitored. Formal 7494
inventory audits of all physical assets occur during operations management. Also performed are 7495
audits and reconciliation of the ITAM data. Audits of logical CIs include installed software on 7496
workstations and IT configurations. 7497
7498
For Operations Management, the specific support tasks the ES Contractor shall perform or 7499
provide include: 7500
a. Maintain and link contracts to related assets, licenses, vendors, and purchases in 7501
government tools. 7502
b. Alert users based on events determined by user-defined business rules (e.g. when 7503
maintenance renewals are due). 7504
c. Perform ad-hoc reporting. 7505
d. Configure tools to allow scheduling and data reporting to meet specific needs over a 7506
period of time. 7507
e. Provide recommendations and inputs for the budgeting process (e.g. the number of 7508
licenses that will be required, the number of desktop computers that need to be 7509
upgraded). 7510
f. Link maintenance licenses with the underlying original full license. 7511
g. Link HW warranties to each asset and perform maintenance activities in accordance with 7512
warranty provisions. 7513
h. Link a software license directly with the hardware it is installed on, to include any 7514
hardware that may not be directly connected to the network. 7515
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
272
i. Define the structure of the organization (e.g. group computers/assets by department, 7516
location, unit, cost center) to facilitate license allocation, compliance, and reporting. 7517
j. Maintain and update the supply chain management concept and approach to support 7518
Enterprise Services. 7519
k. Support warranty mail-in service. 7520
l. Support next-day mail to return the repaired item to the user. 7521
m. Support the retention of master copies of all software (purchased or internally produced) 7522
to include any SW license and warranty information for purposes of regulatory 7523
compliance and warranty administration. 7524
7525
4.8.2.4 Life Cycle Management and Disposal of Assets 7526
Life cycle management and disposal of assets ensures that NGEN assets are maintained and 7527
updated until criteria for retirement are met and the assets are returned to storage in preparation 7528
for disposal. Assets that have reached end-of-life will be disposed of as required. NGEN asset 7529
records and databases must be updated with new information and a change in asset status. 7530
7531
For Life Cycle Management and Disposal of Assets, the specific support tasks the ES Contractor 7532
shall perform or provide include: 7533
a. Track all assets from purchase to disposal/retirement. 7534
b. Track all changes that are made to a system (e.g., what changes have been made, when 7535
changes were made, who made the change). 7536
c. Provide usage data to determine if any unused license can be reallocated or if software 7537
can be retired. 7538
d. Prepare documentation for asset disposal. 7539
e. Update government CM and ITAM tools. 7540
f. Perform Return Material Authorization (RMA) activities. 7541
g. Provide input to a network system maintenance and sustainment strategy. 7542
h. Support the development of sustainment related specifications and collection of metrics. 7543
7544
4.8.3 Configuration Management (CM) 7545
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
273
Configuration Management (CM) is a shared process. The ES Contractor is designated as the 7546
primary service provider for the Navy and a supporting service provider for the USMC, and the 7547
TXS Contractor is designated as the supporting service provider for NGEN services. 7548
7549
The Marine Corps Information Enterprise (MCIENT) Configuration Management Plan (CMP), 7550
Enterprise IT Service Management (E-ITSM) process guides, and other supporting documents 7551
are the primary CM documents for the USMC and define the program CM approach, policies, 7552
processes, roles, and responsibilities and interactions with other processes such as CM. The 7553
MCIENT CMP addresses the major CM activities: 1) Configuration identification; 2) 7554
Configuration control, 3) Configuration Status Accounting (CSA); and, 4) Configuration 7555
verification and audit. The CMP is provided for reference purposes in Attachment XXX. 7556
7557
For Configuration Management, the specific support tasks the ES Contractor shall perform or 7558
provide include: 7559
a. Participate in the USMC CM process in accordance with the MCIENT CMP and E-ITSM 7560
process guides. 7561
b. Develop and deliver the ES Contractor’s Configuration Management Implementation 7562
Plan (CMIP) to the government for approval (CDRL AXXX). Provide CM of assigned 7563
CIs to include all systems, subsystems, components, and associated technical 7564
documentation: 7565
i. Propose additional CIs for government approval (CDRL AXXX) 7566
ii. Execute functional requirements traceability in the establishment of CIs in 7567
accordance with the MCIENT CMP 7568
iii. Manage assigned baseline documentation including validation of the allocated 7569
and ES product baselines. The baseline descriptions include the HW, 7570
firmware, and SW (CDRL AXXX) 7571
c. Utilize the USMC provided CMDB: 7572
i. Assist with system administration for the CMDB 7573
ii. Maintain ES CIs within the CMDB and ensure regular updates of configuration 7574
records applicable to this contract, including proper archiving 7575
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
274
iii. Maintain all change records for ES CIs in the CMDB and communicate the 7576
status of all changes to the government or authorized designee 7577
iv. Provide tailored data and reports on CIs and changes to all equipment (CDRL 7578
AXXX) 7579
v. Provide other service providers (e.g., TXS contractor) access to the CMDB as 7580
required with USMC approval 7581
d. Audit configuration management activities: 7582
i. Execute monthly operational self-audits and provide reports in accordance with 7583
the contractor’s ES CMIP, MCIENT CMP and E-ITSM process guides (CDRL 7584
AXXX) 7585
ii. Perform annual Physical Configuration Audits (PCAs) to validate the system is 7586
accurately represented in the design documentation. (CDRL AXXX) 7587
iii. Perform annual Functional Configuration Audits (FCAs) to validate system test 7588
results meet the performance specification requirements (CDRL AXXX) 7589
e. Provide input to a Configuration Management Report in accordance with (CDRL 7590
AXXX). 7591
7592
4.8.4 Law Enforcement and Investigative Support 7593
The ES Contractor shall comply with CALEA (Communications Assistance for Law 7594
Enforcement Act) 47 USC 1001-1010 upon direction of NCIS or other federal law enforcement 7595
entities as required. Provide support services when required by the government and as directed 7596
in writing by DON credentialed, badged, or appointed investigators within 72 hours from the 7597
time of the investigator’s request unless another timeline is indicated. 7598
7599
4.8.4.1 DON Investigator or Designee LE/CI Support Services 7600
For DON Investigator or Designee LE/CI Support Services, the specific support tasks the ES 7601
Contractor shall perform or provide include: 7602
a. Notice to the appropriate government POC, upon discovery of an intrusion. 7603
nn. Forensic analysis of identified data or mobile/peripheral user devices. The ES Contractor 7604
shall not conduct forensic analysis until authorized to do so by the government. 7605
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
275
oo. Notice to the appropriate government POC of any suspected criminal activity detected. 7606
pp. Notice of any unauthorized access or use detected to the appropriate government POC. 7607
qq. Access to any security logs, domain topology and remote access connection logs for the 7608
purpose of obtaining information relevant to the investigation, including exculpatory 7609
evidence. 7610
rr. Access to operating system loads that are provided to the user device and mobile devices 7611
for identified users. 7612
ss. Assistance on implementing specialized investigative technologies that may be required 7613
in furtherance of specific government investigative or operational support requirements. 7614
tt. PKI assistance, including assistance on PKI key control and decryption of PKI encrypted 7615
EIF. 7616
uu. Information assurance plans, network management plans and other information related to 7617
logging methodologies, locations or logs, backups, disaster recovery plans, and similar 7618
information in furtherance of government criminal investigation requirement. 7619
vv. Historical email records (for up to 30 calendar days) for an identified user. 7620
ww. Provide to the DON investigator or to another individual as designated and as 7621
directed in writing by DON credentialed, badged, or appointed investigators within 72 7622
hours from the time of the investigator’s request unless another timeline is indicated, 7623
historical electronic information file (EIF) retention, recovery, and archiving services, 7624
which may apply to a single point in time and/or periodic timeframes or updates, for the 7625
following: 7626
i. Identified user email account(s). The ES Contractor shall also, when directed 7627
by the government, retain all or selected EIF associated with an identified 7628
account. 7629
ii. Network EIF for all of the network drives to which an identified user had 7630
access during an identified time period. The contactor shall, as required, 7631
authorize or conduct local forensic/administrative copying via an 7632
administrator’s set of identified user network drives. 7633
iii. User device EIF of local drives to which an identified user has or had local 7634
access during an identified time period. The ES Contractor shall, when 7635
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
276
directed, physically deliver local drives, with administrative privileges, to the 7636
DON investigator or designee. 7637
xx. Comply with DON policies specifying the roles and responsibilities of the Naval 7638
Criminal Investigative Service: 7639
i. SECNAVINST 5430.107, Mission and Functions of the Naval Criminal 7640
Investigative Service 7641
ii. SECNAVINST 3052.2, Cyberspace Policy and Administration Within the 7642
DON 7643
iii. SECNAVINST 5239.19, DON Department of the Navy Computer Network 7644
Incident Response and Reporting Requirements 7645
iv. OPNAVINST 2201.2, Navy and Marine Corps Computer Network Incident 7646
Response 7647
v. If the records involved include records on individuals, the ES Contractor shall 7648
also comply with the Privacy Act of 1974 and agency rules and regulations 7649
issued under the act as required by the Privacy Act clauses, FAR 52.224-1 and 7650
52.224-2 (April 1984). 7651
vi. Unclassified information about the services provided under this section, and 7652
the government records involved, may be privileged and shall be treated as for 7653
official use only (FOUO), or personal identifiable information (PII) until 7654
otherwise directed by the government. 7655
vii. Information about the services provided or records involved shall not be 7656
released without prior authorization by the contracting officer (CO), the 7657
contracting officer’s representative (COR), or the representative of the office 7658
which placed the litigation hold, or, in the case of actual litigation, an attorney 7659
representing the government in the matter. 7660
yy. Provide to the DON investigator, or to another individual designated in writing by the 7661
DON investigator, historical electronic information file (EIF) retention, recovery and 7662
archiving services, which may apply to a single point in time and/or periodic timeframes 7663
or updates, for the following: user device, EIF of local drives to which an identified user 7664
has or had local access during an identified time period. The ES Contractor shall, when 7665
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
277
directed, physically deliver local drives, with administrative privileges, to the DON 7666
investigator or designee: 7667
i. Internet and intranet activity monitoring services: Provide internet and/or 7668
intranet activity monitoring services for identified user(s), including 7669
monitoring of proxy server logs, email server logs, firewall activity reports, 7670
ACT and/or security logs of any network device accessed by the identified 7671
user(s). These services may apply to a single point in time and/or include 7672
periodic timeframes or updates. The ES Contractor shall assist DON law 7673
enforcement and counter intelligence (LE/CI) in executing electronic 7674
surveillance pursuant to the requirements of a telecommunications carrier 7675
under Communications Assistance for Law Enforcement Act of 1994 as stated 7676
in Title 47, U.S. Code, Section 1002. 7677
ii. Single point of contact (POC) for LE/CI support services: Provide the 7678
government with a single POC and an alternate who is responsible for 7679
coordinating the ES Contractor’s performance of required LE/CI support 7680
services. The single POC for LE/CI support services shall be competent to 7681
provide forensically sound support services and to abide by chain-of-custody 7682
procedures, and will be expected to provide testimony in court regarding their 7683
services provided when required. The single POC for LE/CI support services 7684
shall have authority to retain, recover and archive all EIF necessary to respond 7685
to government requests for such effort. The ES Contractor shall follow USMC 7686
processes to receive, process, track, and maintain at a classified level all LE/CI 7687
requests for support. This process shall be restricted to a specific and limited 7688
number of contractor personnel and shall be the sole process for all LE/CI 7689
requests for EIF collection. The ES Contractor shall only process LE/CI 7690
requests from DON credentialed, badged, or appointed investigators. The 7691
single POC for LE/CI support services and an alternate shall be available to 7692
respond to government requests for information at all times. 7693
iii. Securing user EIF: The ES Contractor shall ensure that the user EIF identified 7694
by the government is replicated to a secured data storage environment to 7695
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
278
eliminate the potential that a user could destroy data associated with an 7696
investigation. In securing the user EIF, the ES Contractor must preserve the 7697
data in an “as found” state so that it is not altered by the contractor’s opening 7698
of files, folders, or adding notes. The ES Contractor shall preserve the data as 7699
soon as practical, consistent with its regular business practices. Such data 7700
preservation shall be initiated within 24 hours and forwarded to the 7701
government upon completion of the preservation. 7702
iv. Documentation of services provided: Provide the DON investigator or 7703
designee with written certification of services performed. Written certification 7704
shall identify the specific means in which such services were performed and 7705
records preserved. For internet or intranet monitoring, the ES Contractor shall, 7706
where possible, provide electronic copies of monitoring information. 7707
v. Delivery formats and delivery locations: The government may also direct the 7708
ES Contractor to utilize physical media, such as hard disks, CD-ROMs and 7709
DVD-ROMs. Reports, spreadsheets, databases and other written information 7710
shall be delivered in contractor format and be compatible with the latest core 7711
build release of Microsoft Office or similar product. The ES Contractor shall 7712
maintain the integrity of the original data, including any metadata, until 7713
confirmation is received from the government that the data has been received, 7714
verified and validated. When requested, provide a copy of all the existing 7715
electronic information related to a specific investigative subject or suspect to 7716
specified investigative personnel within one week of request, without regard to 7717
where that electronic information may be located. 7718
vi. Confidentiality: The ES Contractor shall not disclose or reproduce EIF, data or 7719
information without prior written authorization of the contracting officer, 7720
unless compelled by a subpoena or court order, in which case the ES 7721
Contractor must first notify the general counsel of the DON and await direction 7722
from the Office of the DON General Counsel. 7723
vii. Privacy: Each user signs a system authorization access request and agrees to 7724
the DoD notice and consent banner in order to access the U.S. government 7725
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
279
information system. Therefore, users do not have a reasonable expectation of 7726
privacy in government provided EIF and the contractor must not delay 7727
providing EIF on the basis of purported privacy rights. 7728
viii. Under exigent circumstances and in response to threats to national security, 7729
allow duly authorized government personnel to seize data, software, and 7730
hardware and associated peripheral devices found to be of evidentiary value to 7731
an investigation. 7732
zz. Assist government personnel in obtaining an image of a user device or mobile device 7733
(e.g., removing and providing local hard drive to government personnel). 7734
aaa. Assist government personnel in accessing to any intrusion detection system (IDS) 7735
or network sniffer. 7736
bbb. Assist government personnel in identifying and monitoring of VOIP and wireless 7737
technologies associated with the identified users. 7738
7739
4.8.4.2 Litigation Support 7740
For Litigation Support, the specific support tasks the ES Contractor shall perform or provide 7741
include: 7742
7743
4.8.4.2.1 General Litigation Support 7744
a. Assist DON attorneys according to the parameters set by the lead DON attorney to 7745
respond to subpoenas, discovery requests, court orders and other matters related to 7746
litigation that require the discovery, production, archiving, retention or rotation of user 7747
electronic information and Internet/Intranet activity information. Such assistance will 7748
not include any subjective decision making by contractor. 7749
b. Respond within ten calendar days (or twenty calendar days in the case of retrieving 7750
information from network backup tapes) from the date of the lead DON attorney’s 7751
written request unless otherwise agreed by the lead DON attorney. 7752
c. Designate a lead attorney who will set the parameters of the information required, 7753
including the identified user account name and time period. DON attorneys will perform 7754
all privilege reviews and legal services. 7755
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
280
7756
4.8.4.2.2 Litigation Support Services 7757
a. Accurate, timely and complete information as requested for DON responses served on 7758
the government. The DON lead attorney will direct the contractor by describing the 7759
type of information sought. The contractor will not make any determination as whether 7760
such information requested is “responsive” or not. 7761
d. Accurate information and documentation concerning infrastructure configuration and 7762
information describes management of any network, including encryption, protocols for 7763
network back-up procedures, legacy systems, preservation protocols, and data 7764
applications used, etc (if not classified). 7765
e. Information concerning discovery and data issues as these topics apply to networks and 7766
systems (e.g. information required for the government to evaluate the scope of potential 7767
electronic discovery agreements and electronic data preservation orders). 7768
f. Information on electronic discovery issues. 7769
g. Data to authenticate electronic information. 7770
h. Recovery of network backups, for up to 30 attorneys request or a litigation hold, 7771
including signed and dated affidavits by a contractor information custodian stating that 7772
data is accurate to the best of his/her knowledge , as well as where, how and when the 7773
electronic information on the backups was collected and recovered. 7774
i. Preservation of relevant network backup information, including taking network media out 7775
of the network backup rotation and storing as required to respond to government 7776
litigation needs. 7777
j. Accurate data from user devices or mobile devices, including sector-by-sector imaging 7778
that preserves the integrity of the original data and metadata. 7779
k. Periodic audit planning for electronic records, including conducting audits as directed by 7780
the government and providing reports of compliance on a periodic basis. 7781
7782
4.8.4.2.3 Litigation Holds Services 7783
a. When notified by the government to place a litigation hold on a category of records, the 7784
ES Contractor shall locate, secure and preserve, within reason those records found in 7785
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
281
Online and off-line storage. A single litigation hold notice may cover one, few or many 7786
different categories of records. In addition, the ES Contractor shall search user-7787
controlled Online storage areas of specified users. If the government does not specify 7788
the manner or method of performance for the litigation hold, the contractor may use any 7789
means generally accepted in the industry for preserving evidence in anticipation of 7790
litigation. A generally accepted preservation method would be to make a read-only copy 7791
of the pertinent native files on a hard drive or portable media with back-up copies stored 7792
at a different site. The ES Contractor shall discontinue routine destruction of those 7793
records. The ES Contractor shall continue to locate, secure and preserve that category of 7794
records or user-controlled Online storage areas of specified users until notified by the 7795
government that the litigation hold has ended. After the litigation hold has ended, the 7796
contractor may resume normal records management practices including the routine 7797
destruction of records. 7798
b. Provide the government copies of the records held for each litigation hold request. 7799
c. Specified by the government, the contractor may produce the records as preserved by 7800
providing a read-only copy on hard drive or portable media. The ES Contractor shall also 7801
provide documents identifying the records, their file type, the corresponding litigation 7802
hold, and category. 7803
d. Maintain a record of its actions on each litigation hold request and report the status of 7804
litigation holds to the government upon request. Upon request, the ES Contractor shall 7805
report, for each litigation hold request, a description of the records preserved, including 7806
their quantity, category, file type, and location. 7807
7808
4.8.4.2.4 Records Searches and Production Services 7809
a. When the lead DON attorney requests a search for a category of records, the ES 7810
Contractor shall search Online and off-line storage for the requested records. A single 7811
search request may request one, few or many different categories of records. In 7812
addition, the ES Contractor shall search user-controlled Online storage areas of specified 7813
users. The ES Contractor shall secure and preserve all responsive records found. If the 7814
government does not specify the manner or method of performance, the Contractor may 7815
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
282
use any means generally accepted in the industry for preserving evidence in anticipation 7816
of litigation. A generally accepted preservation method would be to make a read-only 7817
copy of the pertinent native files on a hard drive or portable media with back-up copies 7818
stored at a different site. The ES Contractor shall discontinue routine destruction of 7819
those records. The ES Contractor shall continue to locate, secure and preserve that 7820
category of records until notified by the government otherwise. 7821
b. Produce all responsive records found as soon as practical, and give to the government as 7822
soon as practical. Unless otherwise specified by the government, the Contractor may 7823
produce the records as preserved by providing a read-only copy of all responsive records 7824
on hard drive or portable media. With each production, the ES Contractor shall provide a 7825
document identifying the records, their file type, corresponding request and the category. 7826
c. Maintain a record of actions on each search request and report the status of the searches 7827
to the government upon request. Upon request, the ES Contractor shall report for each 7828
search request a description of the records found and preserved, including their quantity, 7829
category, file type, and location. 7830
d. Respond to written requests for information retrieval from end user hardware and all 7831
other equipment on the network including Contractor controlled online and offline 7832
storage and end user controlled offline storage. The Contractor(s) shall locate, secure, 7833
preserve, and provide records responsive to identified document records or record 7834
categories. Unless otherwise specified, the Contractor(s) may use any means generally 7835
accepted in the industry to preserve retrieved documents. Upon request, the Contractor(s) 7836
shall produce responsive records found as soon as practical, unless a response period is 7837
otherwise specified. 7838
7839
4.8.4.2.5 Testimony Services 7840
a. Upon timely request by the government, the ES Contractor shall provide credible, 7841
qualified knowledgeable individuals to testify as “Keeper of the Records” in litigation 7842
and investigations before various courts, boards, agencies and other forums. This often 7843
requires travel to various locations within the United States, review and analysis 7844
necessary to form conclusions and opinions, interviews by various attorneys, and 7845
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
283
preparation for testimony and cross-examination. It may also involve assisting attorneys 7846
representing the government in preparing disclosures of the substance of facts and 7847
opinions of the witness’s expected testimony. The testimony may consist of both factual 7848
and expert testimony and may among other subjects address: authenticity of evidentiary 7849
copies of electronic records, search efforts related to document requests, preservation 7850
efforts related to litigation hold requests, missing and destroyed electronic records, and 7851
the contractor’s routine business practices including policy and procedures regarding the 7852
routine destruction of records. In testifying about government records and information 7853
the contractor and witnesses shall follow all reasonable instructions of the attorneys 7854
representing the government, e.g., the assertion of privileges and instructions limiting 7855
testimony. Testimony may take three forms and in all forms must be accurate. 7856
b. Upon timely request by the government, the ES Contractor shall provide credible, 7857
qualified knowledgeable individuals to testify as “Keeper of the Records” in litigation 7858
and investigations before various courts, boards, agencies and other forums. This often 7859
requires travel to various locations within the United States, review and analysis 7860
necessary to form conclusions and opinions, interviews by various attorneys, and 7861
preparation for testimony and cross-examination. It may also involve assisting attorneys 7862
representing the government in preparing disclosures of the substance of facts and 7863
opinions of the witness’s expected testimony. The testimony may consist of both factual 7864
and expert testimony and may among other subjects address: authenticity of evidentiary 7865
copies of electronic records, search efforts related to document requests, preservation 7866
efforts related to litigation hold requests, missing and destroyed electronic records, and 7867
the contractor’s routine business practices including policy and procedures regarding the 7868
routine destruction of records. In testifying about government records and information 7869
the contractor and witnesses shall follow all reasonable instructions of the attorneys 7870
representing the government, e.g., the assertion of privileges and instructions limiting 7871
testimony. Testimony may take three forms and in all forms must be accurate a. 7872
Testimony may be presented through an affidavit or declaration under penalty of perjury 7873
rather than live testimony, such as in support of a summary judgment motion. 7874
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
284
c. Upon timely request by the government, the ES Contractor shall provide credible, 7875
qualified knowledgeable individuals to testify as “Keeper of the Records” in litigation 7876
and investigations before various courts, boards, agencies and other forums. This often 7877
requires travel to various locations within the United States, review and analysis 7878
necessary to form conclusions and opinions, interviews by various attorneys, and 7879
preparation for testimony and cross-examination. It may also involve assisting attorneys 7880
representing the government in preparing disclosures of the substance of facts and 7881
opinions of the witness’s expected testimony. The testimony may consist of both factual 7882
and expert testimony and may among other subjects address: authenticity of evidentiary 7883
copies of electronic records, search efforts related to document requests, preservation 7884
efforts related to litigation hold requests, missing and destroyed electronic records, and 7885
the contractor’s routine business practices including policy and procedures regarding the 7886
routine destruction of records. In testifying about government records and information 7887
the contractor and witnesses shall follow all reasonable instructions of the attorneys 7888
representing the government, e.g., the assertion of privileges and instructions limiting 7889
testimony. Testimony may take three forms and in all forms must be accurate. 7890
d. Testimony may be presented under oath in response to oral or written questions for a 7891
deposition. Although a judge may not attend the deposition, the deposition is still in 7892
effect before a judge or other presiding official. Testimony is recorded by a court 7893
reporter that prepares a written transcript and may prepare a video recording. The 7894
testifying witnesses shall review, correct, and sign video and written deposition 7895
transcripts in accordance with the procedures of the respective forum. Contractor 7896
reserves the right to have its counsel present for such proceedings. 7897
7898
4.8.4.2.6 Technical Advice and Assistance to Government Attorneys 7899
a. Provide technical advice and assistance regarding USMC networks and the information 7900
contained therein to attorneys representing the government upon request. 7901
b. Provide technical assistance in preparing the government’s case. This includes preparing 7902
for cross-examination of opposing witnesses. 7903
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
285
c. Assist the government in preparing for discovery of opposing experts’ opinions, 7904
including preparation for and attendance at opposing experts’ depositions. 7905
d. Provide technical assistance in presenting the government’s case at trials and hearings. 7906
e. Assist the government in preparing for and in conducting cross-examination of opposing 7907
experts, including attendance at trials and hearings during testimony by opposing experts. 7908
f. Provide technical assistance in drafting motions and briefs. This includes, among other 7909
things, reviewing and analyzing portions of opposing briefs and motions, as well as 7910
reviewing government drafts. 7911
g. Adhere to the following confidentiality and release of government information 7912
provisions: Classified and “No Foreign” information procedures are not relaxed for 7913
litigation or because information might be relevant to litigation. 7914
7915
5. MARINE CORPS TRANSPORT SERVICES REQUIREMENTS 7916
5.1 Service Management 7917
ITSM is a framework of specialized functions and processes that, in conjunction with IT 7918
infrastructure and personnel, provides value to end users and customers in the form of IT 7919
services. ITSM processes support conceptualization, planning, procurement, implementation, 7920
and operation of IT services. Well-defined process interfaces ensure the integration of 7921
acquisition, governance, and operational activities. USMC Enterprise ITSM (EITSM) processes 7922
and activities are based on the ITIL v3 lifecycle and processes, but are tailored to the unique 7923
policies, culture, and organizational constructs of the USMC. In the future net-centric 7924
operational environment, the Marine Corps will become increasingly dependent on IT services 7925
and capabilities, so service management will become even more important. The TXS Contractor 7926
is responsible for participating the USMC EITSM framework by managing and reporting work 7927
activities according to defined processes, procedures, work instructions, and metrics. The TXS 7928
Contractor will align its teams with USMC NetOps organizations and participate in the ITSM 7929
framework on the behalf of these different enterprise, regional, and local organizations under the 7930
guidance of local commanders and managers. The TXS Contractor shall ensure that its activities 7931
are recorded separately, allowing the Government to examine the Contractor's specific 7932
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
286
contribution to USMC IT services. A notional tools list is provided in Appendix I. USMC 7933
EITSM process guides are attached to this RFP. 7934
7935
5.2 Scope of Work 7936
The scope of this effort is to provide technical support, network sustainment, and network 7937
transition support to the Marine Corps Systems Command (MCSC), Information Systems and 7938
Infrastructure Product Group 10 (PG-10/ISI), Marine Corps Network and Infrastructure Services 7939
(PM MCNIS) program office, MCNOSC, and USMC garrison network operations at USMC 7940
sites. 7941
7942
For the Marine Corps Management Domain, Transport and Facilities Management Services will 7943
be managed by Government personnel, with additional support provided by the TXS Contractor. 7944
Notional technical support categories are listed in the Rate Card attachment to the contract and 7945
map to corresponding tasks. Tasks include assisting in operating, troubleshooting, and 7946
monitoring WAN, BAN, and LAN network HW, infrastructure, and SW and may include 24/7 7947
operations, systems and network engineering, cyber security, information technology 7948
management, data and migration services, and various support functions. 7949
7950
Throughout the contract period, the Contractor will be required to coordinate schedules, assist 7951
with data collection for assets, provide engineering and technical support, assist in network 7952
management and operations, user requirements management, application and HW inventory, 7953
transition activities, technical refresh schedules and activities, and lifecycle sustainment in the 7954
USMC IT environment (e.g., SRM data collection, asset reconciliation and tracking). The scope 7955
of task orders shall be structured to reflect support for MCNOSC and Major Commands across 7956
the USMC sites. 7957
7958
5.3 Summary of Services 7959
Contractors under USMC Transport Services task orders, will support the USMC in operating, 7960
maintaining, and sustaining the Transport infrastructure, perform associated services, provide 7961
transport HW and SW procurement, and provide associated training. Task orders will include 7962
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
287
support of technology refresh for the Cable Plant, some lease hold improvements, and movable 7963
infrastructure associated with LAN/BAN operations. The Cable Plant includes LAN/BAN fiber 7964
and wire that connects the office wall plug to the DISN point of presence. Within the NOCs, the 7965
Transport vendor will assist the Government in operation of the Transport infrastructure. 7966
Transport hardware and software will consist of routers, switches, and boundary suites including 7967
LAN/BAN components down to the wall plug in each office. The Contractor will also install, 7968
configure, and test GFP. The draft Responsible, Accountable, Supportive, Consulted, Informed 7969
(RAsCI) matrix at appendix K of this PWS depicts a notional model of USMC requirements with 7970
a manpower breakout of how much of the work will be performed by the government (G 7971
columns) and how much of the work will be performed by the contractor (C columns). 7972
7973
TXS includes lifecycle support and operations of the following infrastructure: 7974
5.3.1 BAN/LAN 7975
a. Network CP is the LAN and BAN media (fiber, copper and wireless) that links office 7976
wall plugs to the DISN SDPs. 7977
b. Switching Infrastructure is all of the SW, HW, electronic infrastructure required to 7978
deliver BAN/LAN services. TXS infrastructure extends from the wall plug (wired 7979
network access point interface to the workstation/laptop NIC), to the distribution routers, 7980
core switches, inner routers, and out to the DISN SDPs. 7981
7982
5.3.2 WAN and Boundary Protection 7983
a. B1 Security Boundaries (between NGEN and the DISN POP) with associated 7984
Demilitarized Zones (DMZs). 7985
b. B2 Boundaries (between NGEN Enterprise and other Legacy networks). 7986
c. Transport Boundaries (connects all NGEN sites except Very Small Sites (VSSs) that use 7987
a commercial ISP). 7988
d. Deployable Site Transport Boundaries (DSTBs). 7989
e. The types of equipment used in the B1, B2, and Transport Boundaries include: 7990
i. Firewalls and all associated functionality 7991
ii. Network Load Balancers 7992
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
288
iii. Intrusion Detection/Intrusion Prevention Systems (IDS/IPS) network appliances 7993
a. Anti-Malware appliances 7994
iv. Network-based Encryption Devices 7995
v. Network elements of the NAC system 7996
vi. VPN Appliances 7997
vii. WAN Accelerators 7998
viii. Network and Security management HW and SW 7999
ix. Other Network-based Cyber Security Devices 8000
8001
5.3.3 Facilities Capacity Management 8002
Transport Services shall also include Facilities Capacity Management Services which include 8003
assessment, planning, design, and coordination of improvements or modifications to Government 8004
buildings. Locations for improvements include building communications rooms, wiring closets, 8005
NOCs, server-farms, micro-server farms, administrative spaces, and warehouses. These 8006
modifications include capacity of: 8007
a. Heating, Ventilation, Air Conditioning (HVAC). 8008
b. Electrical Systems, including Power Distribution Units, Uninterruptible Power Supply 8009
(UPS), Backup Generators, Transformers, and Lighting. 8010
c. Fire and Smoke Detection and Suppression Systems. 8011
d. Floors, Walls, and Ceilings. 8012
e. Hazardous Material Abatement. 8013
f. Physical Security (e.g. locks and surveillance). 8014
g. Other improvements such as office spaces and storage. 8015
8016
5.4 PERFORMANCE REQUIREMENTS 8017
5.4.1 Performance Quality 8018
The TXS Contractor shall be evaluated against the Performance Standards defined in the Quality 8019
Assurance Surveillance Plan. 8020
8021
5.4.1.1 Quality Control Plan 8022
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
289
Within thirty (30) calendar days after initial task order award, the Contractor shall establish and 8023
maintain a complete Quality Control Plan that shall ensure the requirements of the contract are 8024
provided as specified in Sections 7.0, 8.0, and 9.0 of this document. This will be a “living” 8025
document that covers the initial task order and allows for changes to include future task orders 8026
(CDRL A117). 8027
8028
5.4.1.2 Government Representatives 8029
The Government will designate representatives who will evaluate Contractor personnel against 8030
these categories. Representatives will generally hold positions as MITSC Directors, Ops 8031
Managers, MCNOSC Site Leads, MCNOSC Department Heads, and Base G6 leadership. 8032
Specific personnel will be identified within thirty (30) calendar days after task order award. 8033
8034
5.4.2 Phase In/Phase Out Period 8035
5.4.2.1 Phase In Period 8036
Phase in period encompasses the people, processes, tools, technologies, and sequenced activities 8037
required to transfer service operations from the Incumbent. The phase in services will begin 1 8038
October, 2011 (FY 2012). A Notional USMC Transition Timeline is attached. 8039
8040
The Contractor shall support a smooth transition and familiarization with processes, procedures, 8041
and tools currently utilized to provide these services. 8042
The Contractor shall perform these specific tasks: 8043
a. Propose a staffing and training plan to support task order requirements that encompass 8044
staffing and on-boarding activities for the location(s) specified. The staffing plan shall 8045
include labor categories, describe associated skill sets, and level of support required to 8046
meet the service requirements in this PWS (CDRL A118). 8047
b. Participate in transition readiness reviews to ensure successful transfer of service 8048
operations. 8049
8050
5.4.2.2 Phase Out Period: 8051
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
290
a. During the phase-out period, the contractor shall provide and execute a phase-out plan in 8052
accordance with the terms of the NGEN Transport Contract to ensure continuity of 8053
services, minimize any decreases in productivity, and prevent possible negative impacts 8054
on additional services during the phase out period (CDRL A119) 8055
b. Provide knowledge transfer, support successor job-shadowing, training, and other 8056
activities in order to transfer full operation of services. 8057
8058
5.5 Services Provided 8059
The Contractor shall support a broad range of technical, operational, maintenance and 8060
management functions in support of delivery of Transport Services to the Marine Corps 8061
Management Domain, and be expected to support the following elements: 8062
8063
5.5.1 Transport Engineering Design and Support Services (TEDSS) 8064
TEDSS is the engineering and technical services required to support implementation of transport 8065
systems and infrastructure in accordance with Government-provided architecture and design. 8066
This will support the delivery of data services including all functionality of the underlying 8067
enterprise, provisioning of data and resources, and synchronization of business operational 8068
functions with available systems and services. The general tasks include centralized Internet 8069
Protocol (IP) network management, legacy network support, Management Domain expansion 8070
and extension, and dynamic bandwidth management. The USMC is the design and technical 8071
authority for the transport system. 8072
8073
5.5.1.1 Specific Tasks 8074
For TEDSS, the specific tasks the Contractor shall perform or provide include: 8075
a. Design and engineering activities for expansions and transformations to the existing 8076
Transport architecture. 8077
b. Inputs to deployment plans for any new or expansion to the existing Transport 8078
architecture, including recommendations for hardware/software. 8079
c. Deployment plans as required by changes in hardware, software or resource availability 8080
or other reasons 8081
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
291
d. Inputs to the tech refresh deployment plan and schedules. 8082
e. Test the newly installed Transport assets design functionality and interoperability with 8083
existing Network Transport infrastructure. 8084
f. Report the procedures used for the test, issues encountered, proposed resolutions to the 8085
issues and the results of the design and interoperability test. 8086
g. Move the software from a development / test environment to the live environment. 8087
8088
5.5.2 Transport Operations Services 8089
Transport Operations Services include the day-to-day activities required to provide end-to-end 8090
monitoring, management, administration, and maintenance for the USMC. 8091
8092
5.5.2.1 Specific Tasks 8093
For Transport Operations Services, the specific tasks the Contractor shall perform or provide 8094
include: 8095
a. Monitor and manage Transport Services, including the infrastructure, hardware, and 8096
software for the Marine Corps management domain. 8097
b. Installation and maintenance of Government-provided performance monitoring and 8098
management systems for Network Transport infrastructure. 8099
c. Input to reporting of performance monitoring and management measures for Network 8100
Transport infrastructure. 8101
d. Notify, per Government procedures, of cyber threats and activities as well as information 8102
from sensors within the transport services network. 8103
e. Recommend prioritization of events, incidents, and problems. 8104
f. Monitor the Cyber Security/CND operational situation on network system status 8105
consoles. 8106
g. Initial investigation on any suspicious activity reported. 8107
h. Escalate potential security events via the incident ticket/event tracking system to the 8108
appropriate Operations Duty manager. 8109
i. Execute the Cyber Readiness Implementation Plan. 8110
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
292
j. Implementation of CND Response Actions (RAs), which may be based on intelligence 8111
reporting, active network incidents or trends. 8112
k. Evaluate the impact of Government directed configuration changes from CND-RAs. 8113
l. Audit and Accountability that can include monitoring (weekly) and analyzing logs to 8114
identify unauthorized, illicit, or other unwanted activity. 8115
m. Maintain near real-time data feeds from designated systems into the Government SIM 8116
system. 8117
n. Install the Government-provided software agent(s). 8118
o. Execute a preselected volatile data capture tool and provide the output in the Government 8119
approved format/output. 8120
p. Take possession of any equipment related to a Government designated network incident 8121
utilizing Government chain of custody procedures. 8122
q. Restoration of network and system devices to a known valid baseline. 8123
r. Post-event scans and verification of mitigation actions. 8124
s. Maintain the network and system configuration baseline of all devices in accordance with 8125
current Government directives. 8126
t. Install network and system monitoring devices into the Transport Services system. 8127
u. Implement automated tools to collect Intrusion Management data. 8128
v. Prepare collected Intrusion Management data IAW USMC format. 8129
w. Implement standard vendor provided appliance signatures. 8130
x. Update and maintain detailed network diagrams in support of conducting network based 8131
intrusion detection monitoring and prevention. 8132
y. Operational status of all sensors, manager systems, and associated database systems to 8133
the Government. 8134
z. Monitor intrusion detection systems. 8135
aa. Collect and copy sensor log data to the Government. 8136
bb. Collect and copy appliance log data to the Government. 8137
cc. Electronic notification upon receipt of request, resolution (work completion) of request 8138
and ticket closure. 8139
dd. Approved Move, Add, Change MAC Services. 8140
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
293
ee. Create, log, close a change ticket to document the processing of requests until resolved 8141
per Government established ITSM documentation (attached to this contract). 8142
ff. Negative impacts to systems, operational risk, or potential performance risks associated 8143
with any Government initiative, design elements, or plans and recommend options to 8144
reduce or eliminate these risks. 8145
gg. Status of Government directed actions to the Government POC to include; when action is 8146
initiated, progress, and confirmation of completed action. 8147
8148
5.5.2.2 IT Collateral Equipment Management Specific Tasks 8149
With IT Collateral Equipment Services Management, the specific tasks the Contractor shall 8150
perform or provide include: 8151
a. Assessment, design, implementation, and optimization of Government IT facilities. 8152
b. Planning and design of new facilities requiring network connections. 8153
c. Overall condition and status of facility support systems, including maintenance and repair 8154
activities, equipment condition, and environmental conditions. 8155
d. Assess environmental requirements for space, air conditioning, electric power, plumbing 8156
and lighting systems, fire suppression, and security capabilities. 8157
e. Overseeing the safe, secure, and environmentally-sound operations and maintenance of 8158
assets. 8159
f. Life-cycle management of facility equipment and consumables. 8160
g. Communicate plans and activities with others. 8161
h. Fixture ordering, supply ordering, and generating work requests. 8162
i. Maintain storage and staging areas. 8163
j. Update facilities programs such as spreadsheets, cad drawings, facilities management 8164
tools, and line drawings as required. 8165
8166
5.5.3 Base Area Network/Local Area Network (BAN/LAN) Services 8167
A BAN service resides on Marine Corps bases, connecting LANs and organizations to the 8168
Intranet and Internet. The LAN resides in buildings/offices/sites and connects to the BAN 8169
infrastructure (or the BAN/LAN/SDP) and ES. The BAN extends to the external edge (inner 8170
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
294
routers) of bases served by BAN services and provides the IP transport capabilities for integrated 8171
services supporting data. 8172
8173
5.5.3.1 Specific Tasks 8174
For BAN/LAN, the specific tasks the Contractor shall perform or provide include: 8175
a. Operate and maintain the existing BAN infrastructure, which includes all necessary cable 8176
plant (inside and outside) and equipment required to provide information transport 8177
functionality between LANs located at end user locations at given 8178
bases/posts/camps/stations connecting them to the BAN/LAN/SDP. BAN infrastructure 8179
provides an IP based network that supports a dual stack IPv4/IPv6 environment and 8180
necessary Cyber Security services. 8181
b. Operate and maintain the existing LAN infrastructure, which includes cable plant (inside 8182
and outside) and equipment, required to provide information transport functionality 8183
between end nodes that is confined within end user locations. LAN infrastructure 8184
consists of premise cabling and equipment located at the customer sites. The LAN 8185
connects to a BAN or WAN. 8186
8187
5.5.3.2 For both BAN and LAN 8188
a. Plan, engineer, design, and install BAN and LAN infrastructure. 8189
b. Install, configure, and remove routers, switches, and other BAN/LAN devices in 8190
accordance with enterprise change management processes. 8191
c. Use, safeguard, operate, and maintain cryptographic material in accordance with 8192
appropriate Government policy and processes. 8193
d. Plan, implement, operate, and maintain regional and local wireless capabilities. 8194
e. Install cable trunks and fiber runs in accordance with enterprise change management 8195
processes. 8196
f. Maintain and update SW and firmware required for BAN/LAN components. 8197
g. Requirements analysis for future BAN and LAN services in support of NGEN 8198
modernization. 8199
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
295
h. Conduct annual service continuity BAN/LAN site assessments, identify deficiencies, and 8200
provide future design/operations recommendations. 8201
i. Coordinate with Service Desk regarding tracking of issues with BAN and LAN in 8202
accordance with Government-provided incident management processes. 8203
j. Install Transport HW/SW, at the appropriate locations. This may include electronic 8204
distribution or manual installation of SW. 8205
k. Configure Transport HW/SW to the current operating configuration in accordance with 8206
configuration management processes. 8207
l. Manage troubleshooting support after installation of HW/SW for Network Transport 8208
infrastructure. 8209
m. Data migration activities for supported end user devices, storage devices and application 8210
hosting devices. 8211
n. Plan, configure and operate data migration tools. 8212
i. Maintain IP Addressing Plan. 8213
o. Maintain Routing Plan. 8214
i. Maintain IPv6/IPv4 Coexistence and Interworking Practices. 8215
ii. DIACAP processes prior to connecting any new device into the NGEN 8216
environment. 8217
iii. Install ducts and conduits, pull cables, and terminate, test, splice, and repair 8218
copper, coaxial, and fiber optic cabling. 8219
iv. Install outside and interior copper and fiber cabling, fiber optic modems, fiber 8220
multiplex equipment, fiber patch panels, analog and digital copper patch panels, 8221
main and intermediate distribution frames, lightning protection, and supporting 8222
ground and power connections. 8223
v. Install cabinets, cable ladder and rack systems, and equipment components in the 8224
cabinets. 8225
vi. Develop and update policy and procedures to ensure consistent standards and 8226
requirements, for inside and outside plant installations. 8227
vii. Make recommendations for Government approval for replacement/upgrade of 8228
support equipment (e.g., test equipment), and copper/fiber optic cable 8229
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
296
transmission technologies to increase reliability and optimize systems 8230
performance. 8231
viii. Advise the Government on inside and outside plant cable installation issues. 8232
ix. Update cable plant programs such as spreadsheets, Computer-Aided Design 8233
(CAD) drawings, management tools, and line drawings as required. 8234
x. Identify any possible risks to the project schedule and provide any needed 8235
mitigation for those risks. 8236
xi. Ensure all cable locating has been done and marked prior to any maintenance. 8237
8238
5.5.4 Wide Area Network (WAN) Services 8239
WAN services provide separate connections to external networks and the Internet. WAN 8240
services provide transport of data from Government base, facility and office locations, across 8241
non-Government property, to other Government base, facility and office locations. WAN 8242
requires connectivity to the B1/B2 gateway. 8243
8244
5.5.4.1 Specific Tasks 8245
For WAN Services, the specific tasks the Contractor shall perform or provide include: 8246
a. Technical information required to place a DISN circuit order IAW Site-WAN circuit 8247
mapping. 8248
b. Input to design, installation, and documentation of site modifications to connect BAN 8249
and/or LAN to local DISN SDP IAW Site-WAN circuit mapping. 8250
c. Maintain WAN Routing Plan, including interior routing of IP addresses up to the site 8251
interior router and other infrastructure that uses IP addresses. 8252
d. Install and test circuit extensions and base extensions, including coordination with the 8253
Telecommunications Office (TELO), DISA and Government Program Manager for end-8254
to-end testing and activation of DISN circuits. 8255
e. Document WAN interface HW and SW to support DIACAP. 8256
f. Input to Capacity Planning based on LAN/WLAN/BAN/WAN network data. 8257
g. Maintain as-is modeling capabilities to support the planning of changes to the network 8258
infrastructure, specifically to estimate future volume, usage, and application 8259
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
297
characteristics, as well as integration of emerging technology and utilization of DISN 8260
provided as GFP. 8261
h. Analysis of the network capacity and recommendations for future engineering changes. 8262
i. Configure external network connections to allow for interoperability with other DoD 8263
networks such as the Marine Corps Tactical Data Network (TDN) and IT-21, and to 8264
major commercial partners of Navy and Marine Corps stakeholders. 8265
j. Install ducts and conduits, pull cables, and terminate, test, splice, and repair copper, 8266
coaxial, and fiber optic cabling. 8267
k. Install outside and interior copper and fiber cabling, fiber optic modems, fiber multiplex 8268
equipment, fiber patch panels, analog and digital copper patch panels, main and 8269
intermediate distribution frames, lightning protection, and supporting ground and power 8270
connections. 8271
l. Install cabinets, cable ladder and rack systems, and equipment components in the 8272
cabinets. 8273
m. Develop and update policy and procedures to ensure consistent standards and 8274
requirements, for inside and outside plant installations. 8275
n. Make recommendations for Government approval for replacement/upgrade of support 8276
equipment (e.g., test equipment), and copper/fiber optic cable transmission technologies 8277
to increase reliability and optimize systems performance. 8278
o. Advise the Government on inside and outside plant cable installation issues. 8279
p. Update spreadsheets, CAD drawings, management tools, and line drawings for WAN 8280
infrastructure. 8281
q. Ensure all cable locating has been done and marked prior to any maintenance. 8282
8283
5.5.5 Security Configuration and Management Services 8284
Security Configuration and Management Services provides an enterprise wide security 8285
compliance capability that scans and remediates NGEN network devices for out-of compliance 8286
conditions such as changed settings, outdated patches, and illicit SW. 8287
8288
5.5.5.1 Specific Tasks 8289
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
298
For Security Configuration and Management Services, the specific tasks the Contractor shall 8290
perform or provide include: 8291
a. Use Government cryptographic keys, algorithms and IPsec Security Associations to 8292
encrypt and decrypt data. 8293
b. Use Government provided Type 1 cryptographic devices when interfacing with coalition 8294
networks. 8295
c. Safeguard Government provided encryption products and keying materials in accordance 8296
with EKMS 1A. 8297
d. Operate and maintain bulk encryption on transmission channels in accordance with 8298
current Government directives. 8299
e. Operate and maintain HW and SW with key distribution using current X.509 PKI 8300
certificates. 8301
i. Operate and maintain HW and SW with PKI tokens in accordance with 8302
Government direction. 8303
ii. Operate and maintain HW and SW with key-destruction in accordance with 8304
Government direction. 8305
iii. Operate and maintain HW and SW with data encryption in accordance with 8306
Government direction. 8307
iv. Operate and maintain HW and SW with Protocol-Internet Engineering Task Force 8308
IPsec RFC 4301 and 4303, ESP tunnel mode only. 8309
v. Operate and maintain HW and SW with data hashing functions in accordance 8310
with Government direction. 8311
f. Operate, maintain, and troubleshoot VPN HW and SW. 8312
g. Analyze VPN Concentrator capacity planning. 8313
h. Operate, maintain, and troubleshoot encryption tunneling HW and SW associated with 8314
remote access services VPN concentrators. 8315
i. Conduct IAVM. 8316
j. Conduct vulnerability scans that utilize the latest Government provided configuration and 8317
definition files as applicable to the DoD mandated solution. 8318
k. Implement Government directed signatures. 8319
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
299
l. Analyze vulnerability scan results to determine potential network or system 8320
vulnerabilities in accordance with current Government directives. 8321
m. Status IAVM actions implementation through the designated Government portal. 8322
n. Develop a POA&M that shows the status of each vulnerability and actions taken, if there 8323
are any outstanding vulnerability. 8324
o. Complete corrective actions for Vulnerability Alerts. 8325
p. Provide reviews, analyses, evaluations, risk assessments, and recommendations to the 8326
Government for required vulnerability management and analysis. 8327
8328
5.5.6 Boundary, DMZ, and Communities of Interest (COI) Services 8329
Boundary, DMZ, and COI Services protect the NGEN Enterprise including the management and 8330
operation of the boundaries. 8331
8332
5.5.6.1 Specific Tasks 8333
For Boundary, DMZ, and COI Services, the specific tasks the Contractor shall perform or 8334
provide include: 8335
a. Administer and maintain external interface solutions supporting remote management, 8336
monitoring, and administration through a VPN to and from Marine Corps NOCs and 8337
SOCs. 8338
b. Administer and maintain interfaces that allow all USMC networks to interface with the 8339
network boundary routers. 8340
c. Administer and maintain a physical interface between the migrated Legacy systems 8341
(server) via the network interface card in the server, in accordance with Network 8342
Transport infrastructure DAA security requirements and policy. 8343
d. Administer and maintain logical or physical interface to the DSN for basic voice 8344
transport services from premise switches that are part of a BAN. 8345
e. Administer and maintain network interface to Local Exchanges Carriers (LECs) via T1 8346
interfaces that support ISDN Primary Rate Interface and Basic Rate Interface. 8347
f. Administer and maintain network interface to IECs via T1 interfaces that support ISDN 8348
Primary Rate Interface. 8349
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
300
8350
5.5.7 Security and IT Certification and Accreditation Services 8351
Security and IT C&A Services supports the DIACAP to include tracking, testing and delivery in 8352
support of C&A. 8353
8354
5.5.7.1 Specific Tasks 8355
For Security and IT C&A Services, the specific tasks the Contractor shall perform or provide 8356
include: 8357
a. Evaluate proposed new products and protocol for impacts to C&A. 8358
i. Analyze network security requirements based on Government guidance 8359
b. Ongoing assessment of the infrastructure. 8360
c. Ongoing Government DIACAP testing and processes in support of C&A. 8361
d. C&A recommendations to network engineers and other technical staff. 8362
e. Create DIACAP packages in support of C&A. 8363
f. Collect documents, finding artifacts and evaluating system security posture as it relates to 8364
the stated standards. 8365
8366
5.5.8 Network Operations (NETOPS) and Cyber Security Training Services 8367
The Contractor shall develop training materials and procedures and train personnel on Transport 8368
hardware and software. 8369
8370
5.5.9 Testing & Evaluation (T&E) Services 8371
The Contractor shall provide Test and Evaluation support to four principal areas of T&E: 8372
a. C&A. 8373
b. Application Compatibility & Technology Integration (AC&TI). 8374
c. Solution Testing. 8375
d. Performance Measurement and Analysis using established GFE measurement system (ie. 8376
EPMD as provided by the Government). 8377
8378
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
301
The TXS testing shall verify compliance with technical and operational thresholds. The TXS 8379
Contractor will be required to closely collaborate with the ES Contractor, Service Management 8380
Coordinator and designated Government engineers to support all required testing. The NGEN 8381
overarching Test and Evaluation Strategy (TES) is documented in the NGEN Test and 8382
Evaluation Master Plan (TEMP). No testing will be performed until it has been approved by the 8383
Government. 8384
8385
5.5.9.1 Specific Tasks 8386
For Testing and Evaluation Services, the specific tasks the Contractor shall perform or provide 8387
include: 8388
a. Test upgrades or additions to the Transport architecture prior to deployment in 8389
accordance with approved test plans. 8390
b. Test upgrades or additions to the Transport architecture after deployment in accordance 8391
with approved test plans. 8392
c. Development of test plans for the certification of upgrades or additions to the Transport 8393
architecture. 8394
d. Collect test data that includes test results and observations from test events. 8395
e. Develop test reports that include test results and observations from test events. 8396
f. Develop a requirements traceability matrix that maps documented requirements to 8397
production test cases. 8398
Develop a POAM to the Government that outlines corrective actions and a schedule for any 8399
failed test. 8400
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐1
APPENDIX A: ACRONYMS AND DEFINITIONS 8401
8402 ACRONYM DEFINITION
A&E Architecture and Engineering
AAR After Action Report
AC&TI Application Compatibility & Technology Integration
ACL Access Control List
AD Active Directory
ADAM Active Directory Application Mode
ADN Area Distribution Nodes
AES Advanced Encryption Standard
AFOR Assume Full Operational Responsibility
AH Authentication Header
ALT Alternative Log on Token
AMDB Asset Management Database
AMIP Asset Management Implementation Plan
AMP Asset Management Plan
ANSI American National Standards Institute
ANSI/EIA American National Standard Institute/Electrical Industries Association
AOR Area of Responsibility
API Application Programming Interface
AS Assured Services
ATA Analog Telephone Adapter
ATO Authority to Operate
B/P/S Bases, Posts, and Stations
B1 Boundary 1
B2 Boundary 2
B3 Boundary 3
B4 Boundary 4
BAN Base Area Networks
BB Blackberry
BCP Business Continuity Planning
BES Blackberry Enterprise Servers
BOM Bill of Material
B/P/S Bases, Posts, and Stations
BREM Bremerton (Naval Station)
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐2
ACRONYM DEFINITION
BUMED Bureau of Medicine and Surgery
BURAS Broadband Unclassified Remote Access Services
C&A Certification and Accreditation
C2 Command and Control
C2ISR Command, and Control, Intelligence Surveillance, and Reconnaissance
C3 Command, Control, and Communication
C4 Command, Control, Communications, and Computers
CA Certificate Authority
CAC Common Access Card
CAD Computer-Aided Design
CAL Category Assignment List
CALEA Communications Assistance for Law Enforcement Act
CANES Consolidated Afloat Network Enterprise Services
CBT Computer-Based Training
CCB Configuration Control Board
CCDR Contractor Cost Data Reporting
CDR Central Data Repository
CDR Critical Design Review
CDRL Contract Data Requirements List
CDS Cross-Domain Security
CFSR Contract Funds Status Report
CHLK China Lake (Naval Air Weapons Station)
CHRL NWS Charleston
CI Configuration Item
CIO Chief Information Officer
CJCSI Chairman of the Joint Chiefs of Staff Instruction
CJCSM Chairman of the Joint Chief of Staff Manual
CLEC Competitive Local Exchange Carrier
CLIN Contract Line Item Number
CLO Cryptographic Log‐On
CM Configuration Management
CMDB Configuration Management Database
CMIP Configuration Management Implementation Plan
CMP Configuration Management Plan
CND Computer Network Defense
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐3
ACRONYM DEFINITION
CNDSP Computer Network Defense Security Provider
COA Course of Actions
COI Communities of Interest
CONOPS Concept of Operations
CONUS Continental United States
COOP Continuity of Operations
COP Common Operating Picture
COR Contracting Officer’s Representative
CoSC Continuity of Services Contract
COTS Commercial Off the Shelf
CPD Capability Production Document
CPMD Client Performance Management Database
CRAN NSWC Crane
CSA Configuration Status Accounting
CSDR Cost and Software Data Reporting
CSI Continual Service Improvement
CSR Certification Solution Review
CTNPP Classified Transportation Network Protection Policy
CTO Computer Tasking Orders
CTR Claimant Technical Representatives
CYBERCON Cyber Command
CyberNetOps Cyber Network Operations
DAA Designated Approving Authority
DADMS DON Application and Database Management System
DAR Data at Rest
DAU Defense Acquisition University
DCE DISN Core Extension
DCO Dial Central Office
DEERS Defense Enrollment and Eligibility Reporting System
DES Data Encryption Standard
DFAR Defense Federal Acquisition Regulation Supplement
DGO DoD GIG Operations
DHCP Dynamic Host Configuration Protocol
DIA Defense Intelligence Agency
DIACAP DoD Information Assurance Certification and Accreditation Process
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐4
ACRONYM DEFINITION
DIP DIACAP Implementation Plan
DISA Defense Information Systems Agency
DISN Defense Information Systems Network
DMS Data Management Strategy
DMSMS Diminishing Manufacturing Sources and Material Shortages
DMZ Demilitarized Zone
DNSSEC Domain Name System Security
DO Delivery Order
DoD Department of Defense
DODAF DoD Architecture Framework
DoDD Department of Defense Directives
DoDI DoD Instruction
DON Department of the Navy
DOORS Dynamic Object Oriented Requirements System
DON CIO Department of the Navy Chief Information Officer
DPAS Defense Property Accounting System
DR Disaster Recovery
DREN Defense Research Engineering Network
DRP Disaster Recovery Plan
DSN Defense Switched Network
DSTB Deployable Site Transport Boundary
ECCB Enterprise Configuration Control Board
ECP Engineering Change Proposal
e-DMZ Extended DMZ
EDP Enterprise DIACAP Plan
EDS Electronic Data Systems
EDSS Engineering Design and Support Services
EF Entrance Facilities
EIAD Marine Corps Enterprise IA Directive
EITSM Enterprise Information Technology Service Management
EKMS Electronic Key Management System
ENMS Enterprise Network Management System
EPCA Enterprise Pier Connectivity Architecture
EPMD Enterprise Performance Management Database
ERRP Enterprise Residual Risk Panel
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐5
ACRONYM DEFINITION
ES Enterprise Services
ESDS Electronic Software Delivery Services
ESP Encapsulated Security Protocol
eSSAA Enterprise System Security Authorization Agreement
FALN NAS Fallon
FAR Federal Acquisition Regulation
FIPS Federal Information Processing Standard
FLTCYBERCOM Fleet Cyber Command
FLTNOC Fleet Network Operations Center
FSP Field Service Provider
FYDP Future Year Defense Program
GAL Global Address List
Gbps Gigabit-per-second
GDA Government Directed Action
GFE Government-Furnished Equipment
GFF Government-Furnished Facilities
GFP Government-Furnished Property
GFY Government Fiscal Years
GIAC Global Information Assurance Certification
GIG Global Information Grid
GNOC Global Network Operations Center
GNOSC Global Network Operations and Security Center
GO/CO Government Owned, Contractor(s) Operated network
GOTS Government Off-The-Shelf
GPO Group Policy Objects
GSP Global Services Provider
GTSE Generic TXS Extension
HBSS Host-Based Security System
HQMC Headquarters Marine Corps
HSI Human Systems Integration
HVAC Heating, Ventilation, and Air Conditioning
HW Hardware
IA Information Assurance
IA/CND Information Assurance/Computer Network Defense
IAM IA Manager
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐6
ACRONYM DEFINITION
IAPB Information Assurance Policy Board
IATC Interim Authority to Connect
IAVM Information Assurance Vulnerability Management
IAWF Information Assurance Workforce Improvement
ICC Intermediate Cross Connect
ICW Interactive Courseware
IdAM Implement Identity and Access Management
IDE Integrated Digital Environment
IEC Inter-exchange Carriers
IEEE Institute of Electrical and Electronics Engineer
IETF Internet Engineering Task Force
ILE Integrated Learning Environment
ILEC Incumbent Provider Local Exchanges
ILT Instructor-Led Training
IMS Integrated Master Schedule
INFOCON Information Operations Condition
IOCM ITSM Operational CM
IP Internet Protocol
IPR In Process Review
IPsec IP Security
IPT Integrated Product Team
IPv4/IPv6 Internet Protocol version 4 and version 6
IS Information Security
ISD Instructional System Design
ISDN Integrated Services Digital Network
ISP Information Security Program
IT Information Technology
IT-21 Information Technology for the 21st Century (US Navy IT program to improve
shipboard communications and computing capability)
ITIL IT Infrastructure Library
ITSCM IT Service Continuity Management
ITSM Information Technology Service Management
IUID Item Unique Identification
IV&V Independent Verification and Validation
JAXS Jacksonville (Naval Air Station)
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐7
ACRONYM DEFINITION
JEDS Joint Enterprise Directory Service
JS Joint Chiefs of Staff
JTF-GNO Joint Task Force -Global Network Operations
KM Knowledge Management
KPI Key Performance Indicator
LAN Local Area Network
LCSP Life Cycle Sustainment Plan
LEC Local Exchanges Carriers
LMS Learning Management System
LOE Level-Of-Effort
LRA Local Registration Authority
MAC Move, Add, Change
MAGTF Marine Air-Ground Task Force
MARCORSYSCOM Marine Corps Systems Command
MARFOR Marine Forces
MCB Marine Corps Base
MCC Main Cross Connect
MCIENT Marine Corps Information Enterprise
MCEN Marine Corps Enterprise Network
MCSC Marine Corps Systems Command
MCTN Marine Corps Tactical Network
MDP Malware Detection and Prevention
MECH Mechanicsburg (Navy Support Activity)
MEF Marine Expeditionary Force
MILDEP Military Department
MIL-HDBK Military Handbook
MILL Millington, Mid South (Navy Support Activity)
MITSC Marine Air - Ground Task Force IT Service Center
MOC Maritime Operation Center
MPLS Multiprotocol Label Switching
MSC Major Subordinate Command
MUGU NBVC Point Mugu
NAC Network Access Control
NAT Network Address Translation
NAVGIG Navy’s Global Information Grid
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐8
ACRONYM DEFINITION
NAVSEA Naval Sea Systems Command
NCDOC Navy Cyber Defense Operations Command
NCES Net-Centric Enterprise Services
NCQ NIPRNet Connection Questionnaire
NCR National Capital Region
NCTAMS Naval Computer and Telecommunications Area Master Stations
NCTS Naval Computer and Telecommunications Stations
NEP Naval Enterprise Portal
NetOps Network Operations
NETWARCOM Network Warfare Command
NGEN Next Generation Enterprise Network
NIC Network Interface Card
NIPRNet Non-secure Internet Protocol Router Network
NIST National Institute of Standards & Technology
NMCI Navy-Marine Corps Intranet
NNPI Naval Nuclear Propulsion Information
NNWC Naval Network Warfare Command
NOC Network Operations Center
NPPS Navy Ports, Protocols and Services
NRFK Norfolk (Naval Station)
NSA National Security Agency
NWOR NSA New Orleans East Bank
O&M Operation and Maintenance
OCEN Oceana (Naval Air Station)
OCONUS Outside the Continental United States
OCRS Online Compliancy Reporting System
ODAA Operational Designated Approving Authority
OEM Original Equipment Manufacturer
OJT On-the-Job Training
OLA Operational Level Agreement
OLR Operational Level Requirements
OOTW Operations Other Than War
OPCON Operational Control
OPNAVINST Chief of Naval Operations Instruction
OOB Out-of-band
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐9
ACRONYM DEFINITION
OPSEC Operational Security
OS Operating System
OU Organizational Units
OTB Over Target Baseline
OWA Outlook Web Access
PAXR Patuxent River (Naval Air Station)
PCA Pier Connectivity Architecture
PCO Procuring Contracting Officer
PCP Pier Consolidation Point
PDA Personal Digital Assistant
PDR Preliminary Design Review
PDS Protected Distribution System
PHIL Philadelphia (Naval Support Activity)
PHS&T Packaging, Handling, Storage, and Transportation
PII Personally Identifiable Information
PIV Personal Identity Verification
PKI Public Key Infrastructure
PMB Performance Measurement Baseline
PMO Program Management Office
PMR Program Management Review
POA&M Plan of Action and Milestones
POC Point of Contact
POP Point of Presence
PRLH Pearl Harbor (Naval Complex)
PSI Physical Site Indicator
PSTN Public Switched Telephone Network
PBWS Program Work Breakdown Structure
PTNH Portsmouth (Naval Shipyard)
PWS Performance Work Statement
QA Quality Assurance
QASP Quality Assurance Survelliance Plan
QC Quality Control
QCP Quality Control Plan
QMS Quality Management Systems
RAS Remote Access Services
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐10
ACRONYM DEFINITION
RCVS Robust Certificate Validation Services
RDM Release and Deployment Mangement
REC Relocate, Establish or Convert
RFC Request for Change
RFP Request for Proposal
RNOC Regional Network Operation Center
RNOSC Regional Network Operations and Security Center
RPO Recovery Time Objectives
RQMP Requirements Management Plan
RSA Rivest, Shamir, & Adelman
RTM Requirements Traceability Matrix
RTO Recovery Time Objectives
RTR Readiness to Transition Reviews
S&T Science and Technology
S&TE Support and Test Equipment
SA Situational Awarerness
SATCOM Satellite Communication
SCAM Security Configuration and Management
SCCVI Secure Configuration Compliance Validation Initiative
SCM Security Configuration Management
SCRI Secure Configuration Remediation Initiative
SDNI San Diego North Island (Naval Air Station)
SDNS San Diego (Naval Station)
SDP Service Delivery Point
SDS System Design Specification
SDSP Service Desk Service Provider
SECNAVINST Secretary of the Navy Instructions
SEM Security Event Management
SEMP Systems Engineering Management Plan
SEP System Engineering Plan
SETR Systems Engineering Technical Review
SFR System Functional Review
SIM Security Incident Management
SIPH SPAWAR Shore Installation Process Handbook
SIPRNet Secret Internet Protocol Router Network
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐11
ACRONYM DEFINITION
SLA Service Level Agreement
SLM Service Level Management
SLR Service Level Requirement
SLR PC Service Level Requirement Performance Category
SME Subject Matter Expertise
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SOAP Simple Object Access Protocol (XML protocol)
SOC Security Operation Center
SOP Standard Operating Procedure
SOVT System Operational Verification Test
SPAWAR Space and Naval Warfare Systems Command
SPAWARINST Space and Naval Warfare Systems Command Instructions
SPSC Point Loma (Naval Base)
SRM Service Request Management
SRR Systems Requirements Review
SSL Secure Socket Layer
SSLVPN Secure Sockets Layer Virtual Private Network
ST&E Security Test and Evaluation
STEP Standardized Tactical Entry Point
STIG Security Technical Implementation Guide
STRATCOM Strategic Command
SW Software
T&E Test and Evaluation
T-1 Transmission carrier 1
TA Technical Authority
TACON Tactical Control
TBD To be determined
TCS Thin Client Services
TDA Technical Design Authority
TDLC Technical Design Life Cycle
TDN Tactical Data Network
TDPP Technical Data, , and Procedures
TECOM Training and Education Command
TEDSS Transport Engineering Design and Support Service
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐12
ACRONYM DEFINITION
TELO Telecommunications Office
TEMP Test and Evaluation Master Plan
TENTHFLT Tenth Fleet
TES Test and Evaluation Strategy
TIM Technical Interchange Meeting
TMP Transition Management Plan
TMS Transition Management Strategy
TR Telecommunications Room
TRP Technology Refresh Plan
TRR Conduct Test Readiness Reviews
TRRB Training Readiness Review Board
TSA Transport Services Architecture
TSPMD Transport Services Performance Monitoring Database
TXS Transport Services
UCA Umbilical Cable Assembly
uCMDB Universal CMDB
UD Unauthorized Disclosure
UII Unique Item Identifier
UPS Uninterruptible Power Supply
uRAS Unclassified Remote Access Service
URL Uniform Resource Locator
USCYBERCOM U.S. Cyber Command
USMC United States Marine Corps
USN United States Navy
USPACOM United States Pacific Command
USSTRATCOM Commander United States Strategic Command
VLAN Virtual LAN
VMS Vulnerability Managemnt System
VoIP Voice Over IP
VPN Virtual Private Network
VSS Very Small Site
VSSD Very Small Site Design
VTC Video Teleconferencing
WAN Wide Area Networks
WBS Work Breakdown Structure
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
A‐13
ACRONYM DEFINITION
WIP Work-In-Progress
WLAN Wireless LAN
WNYD Washington Navy Yard
WPA2 Wi-Fi Protected Access 2
XML Extensible Markup Language
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except IAW the referenced non‐disclosure agreement
B‐1
APPENDIX B: USMC Rate Card Transport Applications 8403
8404
Application Function Purpose / Use Admin Console for Load Balancers (F5)
Operations Mgt Individually manage Load balancers, typically to troubleshoot
CiscoWorks (LMS) LAN Management System
Operations Mgt Monitor for SLA collection. LMS consists of the RME, DFM, IPM and CM components.
CiscoWorks ACS (TACACS+) Access Mgt Provides password control for network devices.
HP NA (Opsware) Config MgtRelease & Deploy
Network Device Configuration Management
IntruShield IPS Security Manager
Event Mgt Report Console for IntruShield IPS.
McAfee Command Center Operations Mgt Manages Security Policy for Firewalls McAfee Sidewinder Administrator
Operations Mgt Individually manages firewalls, from workstations
Remedy Change MgtConfig MtgIncident Mtg
Ticket and change management tool. Used for service desk tickets, service requests, and change management for enterprise change.
Symantec Network Security Console
Event Mgt Manages Cisco Intrusion Detection System
Tivoli Netview Network Node Event MgtOperations Mgt
Discovers TCP/IP networks, displays network topologies, correlates and manages events and SNMP traps, monitors network health, and gathers performance data.
Tivoli Netview Web Console Event MgtOperations Mgt
Network Device Monitoring
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except in accordance with the referenced non‐disclosure agreement
C‐1
APPENDIX C: USMC Rate Card Transport Equipment 8405
8406
Equipment Type Function DescriptionEnterprise & Application Servers (Small)
Enterprise Services Server Classes include: Dell Poweredge Series 1550 through 1950 series (Poweredge 1950 – Dual Core XEON Processor, 2.66GHZ, 4 GB RAM)
Enterprise & Application Servers (Medium)
Enterprise Services Server Classes include: Dell Poweredge Series 2000 through 2850 series (Poweredge 2850 – XEON Processor, 2.8GHZ, 512K Cache, 4 GB RAM, 2U)
Enterprise & Application Servers (Large)
Enterprise Services Server Classes include: Dell Poweredge Series 6000 series and higher (Poweredge 6650 – XEON Processor, 3.0GHZ, 2.0MB Cache, 8 GB RAM, 4U)
Other Enterprise Servers
IA Services, etc. Server Classes include: • Sun Microsystems Enterprise Series 200 • Sun Microsystems Enterprise Series 400 • Sun Microsystems Enterprise Series 2000 • Sun Microsystems Enterprise Series 4000 • Sun Microsystems Enterprise Series 6000 • Sun Microsystems Sunfire Series T2000 • Sun Microsystems Sunfire Series V200 • Sun Microsystems Sunfire Series V400 • Sun Microsystems Sunfire Series V800 • Sun Microsystems Sunfire Series V1000 • Sun Microsystems Sunfire Series V2000 • Sun Microsystems Ultra 10 • Sun Microsystems Ultra 60 • Sun Microsystems Ultra 80 • Sun Microsystems Solaris • Cyclades TS 3000 • Hewlett Packard RP5000 Series • Hewlett Packard RP7000 Series
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except in accordance with the referenced non‐disclosure agreement
C‐2
IA & Boundary Zone Hardware Boundary Zone • Alcatel VPN Gateway 7137 • Netscreen Series 5200 ES Firewall • Netscreen Series 500 ES Firewall • Netscreen Series 200 ES Firewall • Netscreen ISG 1000 FW/VPN/IDP • Cisco Intrusion Detection Sensor 4250 • Cisco Intrusion Detection Sensor 4240 • Cisco Intrusion Detection Sensor 4235 • Cisco Intrusion Detection Sensor 4230 • Foundry Network Load Balancer FCSLB16-Bundle • Foundry Network Load Balancer TS8F-RPS2-Bundle • Trusted Systems Cabinet NMCI-IPS27D-1.5 KVA • Leibert Cabinet NMCI-IPS14P-1KVA • Fortinet Firewall Bundle • Sidewinder G2 Firewall • Quick Eagle DL 3100 Access Multiplexer • Riverbed Interceptor 9200 • Riverbed Steelhead Appliance • Juniper Secure Access 6000 • McAfee IntruShield Appliance • WebWasher Malicious Code Detection and Protection
Routers Network Services • Cisco 10/100/1000 Ethernet • Cisco 2600 Series • Cisco 2900 Series • Cisco 3600 Series • Cisco 3700 Series • Cisco 4000 Series • Cisco 800 Series • Cisco 6015 DSL Concentrator • Cisco 2800 Series • Cisco 3800 Series • Cisco 7500 Series • Cisco 7200 VRX Series • Cisco 4400 WLAN Controller Series • Cisco LWAPP Access Point
Attachment 1
Naval Enterprise Networks (NEN) Performance Work Statement (PWS) Program Management Office (PMW 205) V C.02 30 Sept 2011
Not to be disclosed outside the Government except in accordance with the referenced non‐disclosure agreement
C‐3
Switches Network Services • Cisco 2 Port 10/100 Ethernet • Cisco 3 Port 10/100 Ethernet • Cisco 4 Port 10/100 Ethernet • Cisco 5 Port 10/100 Ethernet • Cisco 8 Port 10/100 Ethernet • Cisco 12 Port 10/100 Ethernet • Cisco 16 Port 10/100 Ethernet • Cisco 18 Port 10/100 Ethernet • Cisco 22 Port 10/100/1000 Ethernet • Cisco 24 Port 10/100/1000 Ethernet • Cisco 48 Port 10/100/1000 Ethernet • Cisco 2 GBIC Port 10 10/100/1000 Ethernet • Cisco 2 GBIC Port 24 10/100/1000 Ethernet • Cisco 2 GBIC Port 48 10/100/1000 Ethernet • Cisco Catalyst Blade 24 Port • Cisco Catalyst 45 • Cisco Catalyst 130 • Cisco Catalyst 450 • Cisco Catalyst 2000 Series • Cisco Catalyst 3000 Series • Cisco Catalyst 4000 Series • Cisco Catalyst 6000 Series • Cisco Chassis 4000 Series • Cisco Chassis 6000 Series • Foundry 16 Port ServerIron X • Cisco Catalyst 2948G • Cisco Catalyst 2980G • Cisco Catalyst 2900 XL • Cisco Catalyst 3500 XL • Cisco Catalyst 3550 • Cisco Catalyst 3560 • Cisco Catalyst 3750 • Cisco Catalyst 4500 Series • Cisco Catalyst 6500 Series • Cisco Catalyst 7600 Series • Enterasys Smartswitch 6000 • Nortel Baystack 450 • Cisco 585 LRE CPE • Cisco Fiber Amplifier 15216
8407
Attachment 1