GSA rethinks FIDNet solution

The General Services Administration this week decided to delay its acquisition

of a governmentwide system to detect cyberattacks so that the agency can

better align the request for proposals with commercial market solutions.

GSA released a draft RFP for the Federal Intrusion Detection Network

(FIDNet) last month and tried to leave the solicitation open enough for

vendors to offer a system specially developed for the government or a solution

based on commercial managed security services. FIDNet is intended to provide

a central place for correlating information from civilian agencies' intrusion-detection

sensors.

The comments received from agencies and industry, however, have pushed

GSA to rewrite the draft so that it focuses on managed security service

offerings in which the vendor would staff the system and monitor its output.

"We tried to encapsulate both [solutions] in that draft...and the comments

we got back basically reflected "You're straddling the fence here' concerns,"

said Darwyn Banks, program manager for FIDNet. "Managed security services

seemed to be the better solution for the government at this point for ease

of use and what makes sense."

The new version of the draft RFP should be available for comment by

September, Banks said.