Networx Unit Pricer

The Networx contracts require a basic level of security management for its contractors that ensures compliance with Federal Government generally accepted security principles and practices, or better. The contracts employ adequate and reasonable means to ensure and protect the integrity, confidentiality, and availability of Networx services, Operational Support Systems (OSS), and Government information transported or stored in the contractor's Networx services infrastructure. These requirements are detailed in Section C.3.3.2 Security Management of the Networx contracts.

In addition to this mandatory level of security, the Networx contracts provide additional security services that may be ordered on a fee-for-service basis. These are:

• Managed Tiered Security Service (MTSS)
• Managed Firewall Service (MFS)
• Intrusion Detection and Prevention Service (IDPS)
• Vulnerability Scanning Service (VSS)
• Anti-Virus Management Service (AVMS)
• Incident Response Service (INRS)
• Managed E-Authentication Service (MEAS)
• Secure Managed E-Mail Service (SMEMS)

The SMEMS offering is described below.

SMEMS Technical Summary

Email is one of the most important communication methods used by Agencies. However, its increasing use exposes Agency networks to a variety of security risks and unsolicited content, such as viruses, spam, and inappropriate material. Secure Managed Email Service (SMEMS) provides Agencies with a complete, fully managed email security solution.

Email security services implemented at Agency gateways and desktops usually attempt to handle events that have already breached the network. Any delay in applying security updates to this infrastructure exposes the network to rapid outbreaks and dynamic threats. SMEMS offers an additional layer of protection by proactively scanning and monitoring email traffic at the contractor's security platform, before it enters the Agency's network. The service supports email security functions such as Anti-Virus Scanning, Anti-Spam Filtering, and Content Control. The diagram below illustrates a sample SMEMS implementation. Illustrative hardware such as premises computers and servers are not provided as part of the SMEMS.

SMEMS builds on the FTS2001 contracts offerings. The service connects to and interoperates with the Agency's email system and networking environment. The service also supports connectivity to the Internet. SMEMS does not currently offer any features.

SMEMS guards the Agency's network against growing security threats such as viruses, spam, unsolicited and inappropriate content. Security engines are continuously updated to maintain the effectiveness of the system. The contractor's fault tolerant and load-balanced platform can scan millions of email messages a day without noticeable delay to end-users. SMEMS works in conjunction with existing Agency email systems, and is implemented without additional investment in hardware and software at Agency sites.

SMEMS supports a range of technical capabilities that are available in commercial offerings. These include:

• Anti-Virus Scanning which monitors inbound and outbound messages and attachments for:
  • Trojan horses, worms, macro viruses and other malicious files.
  • Behaviors and characteristics that may indicate the presence of email viruses.
  • Different strains of polymorphic viruses.
  • Viruses in compressed files.
  • Viruses in different languages (e.g., JAVA, ActiveX, Visual Basic).
• Anti-Spam Filtering which prevents unsolicited marketing and messages from entering the Agency's network, and having the effect of draining human, bandwidth and storage resources. The system shall support the following:
  • Anti-spam methods including fingerprinting, blacklists, open relay blocking, honeypots, Bayesian probability, heuristic and rule-based filtering, as appropriate.
  • Capability to distinguish between legitimate email and spam, reducing false negatives and false positives.
  • Agency ability to customize spam lists, and specify domains, IP and email addresses which are to be allowed or blocked.
• Content Control which screens inbound and outbound email for content that may signal system abuse or violation of Agency communications policies. The systems shall support the following:
  • Blocking of specific words, phrases, adult or sexually explicit material, and other inappropriate content.
  • Preventing transmission of intellectual property and confidential information.
  • Stopping files and attachments based on type, size, formats, number, and delivery time.
• Response to email infections and Agency policy violations, providing the following at a minimum:
  • Alerts notifying the Systems/Network Administrator.
  • Alerts notifying the sender and recipient of the message.
  • Isolation of virus infected for cleaning, deletion, or post alert analysis and interpretation.
• A secure Web-based management interface which provides, but is not limited to, the following:
  • Configuration tools allowing the Agency to set policies, rules and routing requirements.
  • Email activity trends, such as daily, weekly, monthly, and yearly volumes and patterns.
  • Email cleaned, deleted or rejected.
  • Forwarding of weekly reports to designated Agency representative.
  • Management of user and domain permissions.
  • Potential threats flagged.
  • Real-time service statistics and availability data.
  • User and company domain activity.
  • Viruses, spam, and other inappropriate content blocked.
• Email monitoring in real-time and on a 24x7 basis, for timely and accurate detection of harmful traffic and unwanted content.

These and other service capabilities are detailed in Section C.2.10.8.1.4 Technical Capabilities of the Networx contracts.

Each Networx contractor may provide variations or alternatives to the offering and pricing for SMEMS. The specific details can be found within each contractor's Networx contract files and pricing notes for SMEMS.

For more information on the general SMEMS specifications and requirements, please refer to Section C.2.10.8 of the Networx contract for technical specifications and Section B.2.10.8 for pricing.

SMEMS Price Basics

SMEMS provides a complete, secure and fully managed email security solution. The service mitigates security holes and flaws before they are exploited. SMEMS is similar to FTS2001 Secure Managed Email.

Price components required for SMEMS are:

• Basic service (NRC and/or MRC per email account).
• No features available currently.
• Service Enabling Devices (SEDs) may be required to implement SMEMS. [Please note that SEDs under Networx replace the FTS2001 User-to-Network Interfaces and Access Adaptation Functions (UNIs/AAFs). SEDs may differ between Networx providers. The pricing structure for SEDs provides for either a one-time payment or monthly term payments for purchase, plus a NRC for installation, and a MRC for maintenance.]

Each Networx contractor may provide variations or alternatives to the offering and pricing for SMEMS. The specific details can be found within each contractor's Networx contract files and pricing notes for SMEMS.

For more information on the general SMEMS specifications and requirements, please refer to Section C.2.10.8 of the Networx contract for technical specifications and Section B.2.10.8 for pricing.