NGA said in a FedBizOpps notice published Oct. 13 that it is in search for tools intended to log data on the actions that users and network administrators perform in its virtual infrastructure as well as record any malicious activity from denied network attempts.
According to the notice, such audit data logs must be “human readable“ and can be transferred to NGA“™s event management and security data tools.
The agency wants platforms that will work to send alerts and mitigate the risk of configuration drift within its virtual networks.
NGA also seeks to implement encryption before it moves data workloads to a cloud platform and deploy “Two Person Integrity“ control tools in order to monitor any sensitive behavior in its virtual systems.
The agency indicated in the notice that it plans to award a firm-fixed-price contract that contains a one-year base term and two option years for the Virtual Environment Insider Threat Two Person Integrity Two Stage Control and Encryption program.
NGA will accept responses through Friday.