Networx Unit Pricer

Home
Unit Pricer
ICB Pricer
Contract Mods
Lookup Tools
Service Guides: Anti-Virus Management Service (AVMS)
Return to full list of service guides.

1. Overview

Networx Security Services - Overview

The Networx contracts require a basic level of security management for its contractors that ensures compliance with Federal Government generally accepted security principles and practices, or better. The contracts employ adequate and reasonable means to ensure and protect the integrity, confidentiality, and availability of Networx services, Operational Support Systems (OSS), and Government information transported or stored in the contractors Networx services infrastructure. These requirements are detailed in Section C.3.3.2 of the Networx contracts.

In addition to this mandatory level of security, the Networx contracts provide additional security services that may be ordered on a fee-for-service basis. These are:

  1. Managed Tiered Security Service (MTSS)
  2. Managed Firewall Service (MFS)
  3. Intrusion Detection and Prevention Service (IDPS)
  4. Vulnerability Scanning Service (VSS)
  5. Anti-Virus Management Service (AVMS)
  6. Incident Response Service (INRS)
  7. Managed E-Authentication Service (MEAS)
  8. Secure Managed E-Mail Service (SMEMS)

The AVMS offering is described below.

2. Technical Description

3. Technical Summary

AVMS is a service that was not offered on the original FTS2001 contracts. AVMS enables the detection and removal of viruses by scanning Agency systems and traffic for patterns, activities, and behaviors that may signal the presence of malicious code. Anti-virus applications are constantly active in attempting to detect patterns, activities, and behaviors that may signal the presence of viruses. AVMS enables Agencies to procure anti-virus capabilities that protect their network infrastructure.

AVMS provides the most current anti-virus software and tools. It includes traffic scanning, anti-virus software/hardware, monitoring of anti-virus advisories, management, and maintenance. The service monitors traffic for malicious content, and complements the anti-virus software already implemented on Agency desktops.

AVMS connects to and interoperates with the Agency networking environment, including Demilitarized Zones (DMZs) and secure LANs as required by the Agency. The service also supports connectivity to extranets and public networks such as the Internet.

As part of its AVMS service, the contractor provides the software and hardware components, including servers and gateways as required by the Agency. The Agency may order either or both of the two following components:

A managed gateway-based anti-virus service which provides a gateway that scans web and email traffic for worms, viruses, and malicious content. A server-based anti-virus service that scans all files and software housed on a specific server, including the operating system. This host-level scanning is provided at Agency-specified time intervals.

The diagram below illustrates a sample implementation of these components, as applicable. Illustrative hardware such as firewalls and edge routers are not provided as part of the AVMS.

AVMS also offers a load balancing feature which distributes traffic across multiple gateway anti-virus servers, to meet the requirements of large high-volume implementations.

4. Technical Detail

AVMS provides Agency's internal networks with a layer of protection against cyber attacks. This includes providing Agencies with anti-virus capabilities to protect their network infrastructure. It also equips Agencies with up-to-date anti-virus systems and tools for timely virus protection.

AVMS will support the full range of technical capabilities that are available in commercial offerings. These include a design for the appropriate anti-virus solution for an Agency's specific needs. The contractor will monitor the system on a 24X7 basis for infection, will allow real-time and on-demand virus scanning, will screen incoming and outgoing traffic for possible infection, will protect against all known threats, and will provide various methods of alerting the Agency to detected threats. These and other service capabilities are detailed in Section C.2.10.4.1.4 Technical Capabilities of the Networx contracts.

AVMS is required to support the User-to-Network Interfaces (UNIs) defined in the following Networx Internet Protocol (IP) services;

  • Internet Protocol Service (IPS)
  • Premises-Based IP VPN Services (PBIP-VPNS)
  • Network-Based IP VPN Services (NBIP-VPNS)

Each Networx contractor may provide variations or alternatives to the offering and pricing for AVMS. The specific details can be found within each Contractors Networx contract files and pricing notes for AVMS

For more information on the general AVMS specifications and requirements, please refer to Section C.2.10.4 of the Networx contract for technical specifications and Section B.2.10.4 for pricing.

5. AVMS Price Description

AVMS Price Basics

AVMS is a service that was not offered on the original FTS2001 contracts. AVMS provides the following components:

  • A managed gateway-based anti-virus service which provides a gateway that scans web and email traffic for worms, viruses, and malicious content.
  • A server-based anti-virus service that scans all files and software housed on a specific server, including the operating system. This host-level scanning is provided at Agency-specified time intervals.

Price components required for service are:

  • Basic service (NRC and/or MRC) consisting of either:
    • Managed Gateway-Based AVMS (NRC + MRC per user).
    • Server-Base2d (NRC + MRC per server).
  • Anti-Virus Load Balancing feature ordered as needed by the Agency.
  • Service Enabling Devices (SEDs) may be required to implement AVMS. [Please note that SEDs under Networx replace the FTS2001 User-to-Network Interfaces and Access Adaptation Functions (UNIs/AAFs). SEDs may differ between Networx providers. The pricing structure for SEDs provides for either a one-time payment or monthly term payments for purchase, plus a NRC for installation and a MRC for maintenance.]

Example 1: Managed Gateway-Based AVMS

  • Choose CLIN 360001 Managed Gateway-Based AVMS NRC per user
  • Choose CLIN 360101 Managed Gateway-Based AVMS MRC per user
  • Service Enabling Devices (SEDs) may be required to implement AVMS. Illustrative hardware such as firewalls and edge routers are not provided as part of the AVMS.

Example 2: Server-Based AVMS

  • Choose CLIN 360002 Server-Based AVMS NRC per server
  • Choose CLIN 360102 Server-Based AVMS MRC per server
  • Service Enabling Devices (SEDs) may be required to implement AVMS. Illustrative hardware such as servers are not provided as part of the AVMS.

Each Networx contractor may provide variations or alternatives to the offering and pricing for AVMS. The specific details can be found within each Contractors Networx contract files and pricing notes for AVMS.

For more information on the general AVMS specifications and requirements, please refer to Section C.2.10.4 of the Networx contract for technical specifications and Section B.2.10.4 for pricing.