GSA casting for FIDNet comments

[InfoSec News <isn () C4I ORG>]

http://www.fcw.com/fcw/articles/2000/0605/web-fidnet-06-08-00.asp

BY Diane Frank
06/08/2000

The General Services Administration today released the draft request
for proposals on the Federal Intrusion Detection Network, a program
that will provide a single analysis and response center for
governmentwide cyberattacks.

The FIDNet program is intended to create an environment that will
enable civilian agencies to react collectively to cyberattacks and
security incidents rather than having each agency trying to respond on
its own.

The FIDNet program office, housed at GSAs Federal Computer Incident
Response Capability, will be able to diagnose in real time whether a
concerted, governmentwide attack is occurring by pulling together
reports from the intrusion-detection systems already in place at
civilian agencies.

FedCIRC, working with the National Infrastructure Protection Centers
Analysis and Warnings Unit, will help the agencies involved in
fighting cyberattacks and put out alerts. And should the FIDNet
analysis center determine that a criminal attack is occurring, the
information will be forwarded to the FBI.

The concept behind FIDNet will require vendors to take their
technology beyond its current capabilities. Intrusion-detection
systems can only read the output from their own sensors, and the
FIDNet system will need to read reports from the many different
sensors agencies have installed across their networks.

FIDNet program officials have held several meetings with vendors who
are interested in the program, and the draft RFP released today is
designed to determine what vendors can offer now and what they may be
able to offer in the future.

"Were looking for comment from the vendor community so that we can
structure [the final RFP] for them and still get what we need," said
Darwyn Banks, FIDNet program manager.

Starting with an erroneous report last year that FIDNet would monitor
both federal and private-sector networks, the program has raised
objections from privacy groups and Congress. The $10 million requested
by the president for FIDNet in the fiscal 2001 budget, along with
almost $91 million for other information security programs outlined in
the National Plan for Information Systems Protection, is having
problems making it through the appropriations committees.

But GSA is going ahead as planned and is asking for comments by June
23, with the hopes of getting a final RFP out and proposals in by the
end of the summer.

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".