The General Services Administration (GSA) this week awarded initial task orders to four companies under a potential multi-billion dollar, multiple award contract announced last August that allows federal agencies to buy cyber security products and services from vendors.
The task orders, the first yet awarded under the Continuous Diagnostics and Mitigation (CDM) program, were let to Hewlett Packard [HPQ], Knowledge Consulting Group (KCG), Northrop Grumman [NOC], and Technica.
HP received the lion’s share of the $60 million awarded for various products with $32 million. Northrop Grumman’s task order is for $15.8 million, KCG’s $8.5 million and Technica’s $3.8 million.
The purchases were made by the Department of Homeland Security (DHS), which oversees the protection of federal civilian networks. The actual federal agencies that will be licensing the products being acquired from the four vendors were not disclosed.
CDM is part of a government-wide effort to move from periodic checks of networks to continuous security. DHS and GSA last August announced the selection of 17 vendors eligible to sell products and services under the $6 billion CDM program to interested federal agencies. GSA provides the Blanket Purchase Agreements for agencies to order products from. The initial task orders mean that the tap has begun to flow for orders under the program.
The orders also mean that the agencies acquiring the licenses will begin to close cyber vulnerabilities, Helen Kelly, Technica’s CDM program manager, told Defense Daily. Technica is providing Symantec’s [SYMC] endpoint protection and Altiris Software Management for Client under its initial task order, she said. Kelly said that until the actual order comes in Technica won’t know who the end customer is.
The cyber products will help agencies provide sensors at all servers and desktops, allowing agencies to have a better understanding of the software and software versions running on their networks, enabling more frequent security scans than is now the case, Kelly said.
Matt Brown, vice president of homeland security at KCG, said his company will be providing three products aimed an endpoint protection: McAfee [MFE] ePolicyOrchestrator, McAfee Vulnerability Manager and McAfee VirusScan. KCG will also provider BDNA Normalize, which normalizes IT language throughout an enterprise and makes it easier to monitor changes.
In addition to federal agencies, state agencies are also eligible to purchase various cyber security products and services under the CDM program, facilitating wider deployments of security technology.