The Defense Information Systems Agency is preparing a single-vendor, $11.7 billion IT contract to consolidate Defense Department’s sprawling networks across its many support agencies.
The Defense Enclave Services program is meant to “eliminate unnecessary complexity within the IT space” to improve the modernization and security of DOD‘s networks. DISA is seeking services that range from infrastructure, cybersecurity, technical refreshes and full-spectrum support.
The agency expects to issue a final request for proposals for the contract in late September, according to a transcript of a pre-solicitation meeting released by DISA.
DISA was tasked by department leadership to be the single service provider to optimize network capabilities across the so-called “Fourth Estate” — DOD’s non-warfighting support agencies. The Fourth Estate network optimization initiative (4ENO) effort has been a top priority for the agency “to reduce the cyber-attack surface, reduce operating costs, and improve support services for end users,” DISA said.
“Our role here is to migrate these Defense Agencies from their legacy commodity IT networks to a single network we’re calling DoDNet, which DISA will operate,” Col. Chris Autrey, the program manager for DES, said during the pre-solicitation meeting. The effort includes consolidating the 22 individual networks operated by Fourth Estate agencies, according to DISA.
The contract will be an indefinite-delivery, indefinite-quantity vehicle with task orders issued for specific work. The agency anticipates a 10-year work period, but the contract will have an initial four-year base with three optional two-year extensions.
As part of the acquisitions, DISA will evaluate bidders on their ability to meet Cybersecurity Maturity Model Certification (CMMC) level three or four. CMMC is the DOD’s proposed new cyber requirements for contractors that will involve third-party audits for all contractors doing work with the DOD. The new rules have yet to go into effect, but DOD expects to have the standards and assessors available during the time the contract would be awarded. DISA
DISA “will review the offeror’s proposed compliance plan for the CMMC audit program, and anticipates a level 3-4 certification requirement for this procurement,” said Susan Beury, acquisition analyst assigned to the DES procurement, according to the transcript.
The nearly $12 billion, single-provider DES acquisition comes after the Pentagon followed a similar model for its $10 billion Joint Enterprise Defense Infrastructure (JEDI) cloud contract. JEDI faced intense scrutiny for proposing to award such a large contract to a single contractor and, after more than three years in development, has yet to reach operation due to constant bid protests.