Trade Agreement: NONE Tendering Procedures: Generally only one firm has been invited to bid Attachment: None Non-Competitive Procurement Strategy: Exclusive Rights Comprehensive Land Claim Agreement: No Vendor Name and Address:
Conexsys Communications Limited 6715 Millcreek Drive Unit 5 & 6 Mississauga Ontario Canada L5N5V2 Nature of Requirements:
Damballa Failsafe Security Solution W7714-125679/A Lessard, Peter Telephone No. - (819) 956-5846 Fax No. - (819) 953-3703
REQUIREMENT:
Defence Research Development Canada (DRDC) has a requirement for the provision of goods as specified under "Background" below. The purpose of this Advance Contract Award Notice (ACAN) is to signal the government's intention to award a contract for these goods to Conexsys Communications Limited of Mississauga, Ontario. Before awarding a contract, however, the government would like to provide otherv suppliers with the opportunity to demonstrate that they are capable of satisfying the requirements set out in this Notice, by submitting a statement of capabilities during the 15 calendar day posting period.
If other potential suppliers submit a statement of capabilities during the 15 calendar day posting period that meet the requirements set out in the ACAN, the government will proceed to a full tendering process on either the government's electronic tendering service or through traditional means, in order to award the contract.
If no other supplier submits, on or before the closing date, a statement of capabilities meeting the requirements set out in the ACAN, a contract will be awarded to the pre-selected supplier.
BACKGROUND:
Defence Research Development Canada is seeking to enhance its Network Security specifically in regards to malware and persistent threat detection. DRDC believes that the most efficient method to provide this detection is through hardware appliances designed specifically for detection of malware and persistent threats.
Public Works and Government Services Canada, on behalf of its Client, DRDC, intends to enter into a sole source contract with Conexsys Communications Limited for the purpose of procurement of the following:
Initial Requirement
1) 1 Damballa Failsafe Security Solution - 2,501 - 5,000 2) 1 Damballa G2 Management Console - Lease 3) 7 Damballa G2 Sensor - Lease
MINIMUM ESSENTIAL REQUIREMENTS
Any interested supplier must demonstrate by way of a statement of capabilities that it meets all of the mandatory requirements at Annex A
JUSTIFICATION FOR THE PRE-SELECTED SUPPLIER
The reasons for single tendering are described at Annex A.
Section 6 of the Government Contract Regulations is being invoked in this procurement as only one person or firm is capable of performing the contract.
Articles 506.12(a) and 506.12(b) of AIT are applicable on the basis of limited tendering due to compatibility with existing products, to recognize exclusive rights, such as exclusive licenses, copyright and patent rights, or to maintain specialized products that must be maintained by the manufacturer or its representative, and when there is an absence of competition for technical reasons and the goods or services can be supplied only by a particular supplier and no alternative or substitute exists, respectively.
Articles 1016.2(b) and 1016.2(d) of NAFTA are applicable on the basis of limited tendering due to reasons where, for works of art, or for reasons connected with the protection of patents, copyrights or other exclusive rights, or proprietary information or where there is an absence of competition for technical reasons, the goods or services can be supplied only by a particular supplier and no reasonable alternative or substitute exists, for additional deliveries by the original supplier that are intended either as replacement parts or continuing services for existing supplies, services or installations, or as the extension of existing supplies, services or installations, where a change of supplier would compel the entity to procure equipment or services not meeting requirements of inter changeability with already existing equipment or services, including software to the extent that the initial procurement of the software was covered by this Chapter, respectively.
PERIOD OF CONTRACT
The proposed contract is for the purchase a Damballa Failsafe Security Solution including associated maintenance and support services for a period of one (1) year from date of Contract Award.
The solution will be delivered within 10 days of any resulting contract.
CLOSING DATE AND TIME FOR WRITTEN SUPPLIER RESPONSES CHALLENGING THIS REQUIREMENT IS 2:00 p.m. EST, 28 MARCH 2012.
ANNEX A
The reasons for sole source justification for the required malware and persistent threats Solution are detailed below. DRDC requires the solution to be compliant with the following functionalities:
1.) The product must detect suspicious files (potential malware) entering the network, and analyze them to determine whether they are malicious.
a. Analysis must be configurable so that either it happens automatically, or files can be chosen for analysis.
b. Analysis must be done using cloud-based systems instead of equipment on customer premises (in order to avoid scalability issues).
c. Analysis must not be done using only virtualized systems (in order to avoid difficulties related to the combinatorial explosion of software packages and versions, and the complexity of upgrading multiple virtual configurations).
2.) The product must detect infected systems based on their attempts to communicate with malicious domains.
3.) The threat intelligence used to recognize malicious domains must not be based on a simple "trusted source" list but rather on a reputational system derived from analysis of global DNS activity and updated continuously.
4.) The product must detect the use of Domain Generation Algorithms (which get around blacklisting) by observing DNS queries.
5.) Analysis must be domain-based, rather than IP-based (in order to increase accuracy and avoid false positives).
6.) The product must, whenever possible, identify the specific criminal operator groups that are related to the infections discovered on machines in the network. 7.) The product must operate out-of-line with respect to normal traffic flow within the network, so that there are no issues related to latency or single points of failure.
8.) The product must be able to mitigate the threats posed by infected systems in two ways:
a. Using TCP resets to block communications with malicious sites
b. Spoofing responses from DNS servers so that infected systems are directed somewhere else, instead
of to malicious sites.
9.) The product must correlate evidence of infections, and present it accurately and clearly.
Alerts must NOT be issued for each piece of evidence observed; they must be issued only when there is overwhelming evidence of an infection.
10.) The product must record the communications between a possibly infected machine and the malicious sites that it tries to communicate with, so that forensic analysis can be done.
11.) Because the threat landscape is constantly changing, the product must operate based on threat intelligence that is re-evaluated and updated daily.
In particular, the product should avoid using simple blacklisting or whitelisting approaches.
12.) The product must operate using timely and accurate threat intelligence that is derived from sources including-but going beyond-analysis of malware samples.
The vendor should have a proven record of thought leadership in the advanced cyber threat discipline, and should have a history of publishing new research and participating in industry research groups and academia.
The vendor's research methodology must have been proven through publication in peer-reviewed academic journals.
13.) The product should operate effectively out of the box, without extensive tuning.
You are hereby notified that the Government intends to solicit a bid and negotiate with one firm only as identified above.
If you wish to submit a written response showing that you are capable of meeting this requirement, it must be done not later than the specified closing date and time. The file number, contracting officer's name, and the closing date of the ACAN must appear on the outside of the envelope in block letters or, in the case of a facsimile transmission, on the covering page. As it is intended to proceed in a timely manner, responses received after the closing date will not be considered.
Responses received on or before the closing date will be considered solely for the purpose of deciding whether or not to conduct a competitive procurement. Information provided will be used by the Crown for technical evaluation purposes only and is not to be construed as a competitive solicitation. Your written response must provide sufficient evidence (e.g. specifications, technical data, drawings, or any other proof) that clearly demonstrates that your product or service is capable of fulfilling this requirement. Suppliers that have submitted a response will be notified in writing of PWGSC's decision to continue with the non-competitive procurement or to compete the requirement.
Delivery Date: Above-mentioned
You are hereby notified that the government intends to negotiate with one firm only as identified above. Should you have any questions concerning this requirement, contact the contracting officer identified above.
An Advance Contract Award Notice (ACAN) allows departments and agencies to post a notice, for no less than fifteen (15) calendar days, indicating to the supplier community that it intends to award a good, service or construction contract to a pre-identified contractor. If no other supplier submits, on or before the closing date, a Statement of Capabilities that meets the requirements set out in the ACAN, the contracting authority may then proceed with the award.
However, should a Statement of Capabilities be found to meet the requirements set out in the ACAN, then the contracting authority will proceed to a full tendering process.
Suppliers who consider themselves fully qualified and available to provide the services/goods described herein, may submit a statement of capabilities in writing to the contact person identified in this Notice on or before the closing date of this Notice. The statement of capabilities must clearly demonstrate how the supplier meets the advertised requirements.
The PWGSC file number, the contracting officer's name and the closing date of the ACAN must appear on the outside of the envelope in block letters or, in the case of a facsimile transmission, on the covering page.
The Crown retains the right to negotiate with suppliers on any procurement.
Documents may be submitted in either official language of Canada.