The Homeland Security Department awarded a contract to protect agency networks that has a $1 billion ceiling.
DHS chose Raytheon for its DOMino program to maintain and improve the intrusion protection and detection system known as EINSTEIN, and for other cyber tools under the National Cybersecurity Protection System.
Danny Toler, the DHS director of the Network Security Deployment division in the Office of Cybersecurity and Communications, announced the award to Raytheon in an email to staff, which Federal News Radio obtained.
There isn’t a lot of detail about DOMino because DHS released it under a “For Official Use Only” marking and came out of the Office of Selective Acquisitions, which is the classified portion of the DHS acquisition shop.
But sources say it was a hotly contested contract with several other major vendors bidding on this sought-after procurement. Sources say General Dynamics, Lockheed Martin and Leidos were potentially vying for this contract.
One former government official with knowledge of DHS said DOMino is a new acquisition vehicle that is part of DHS’s evolving cyber strategy. The source, who was limited in what they could talk about because of the contract’s sensitive nature, said there is no incumbent and DOMino is not a consolidation of existing contracts either.
General Dynamics received a contract in 2013 to support NCPS, but it isn’t the same as DOMino, the source said.
DHS spokesman S.Y. Lee didn’t confirm the award, but highlighted DHS’s and DOMino’s role in protecting federal networks.
“Through the Department’s National Cybersecurity Protection System (NCPS), which includes EINSTEIN, DHS prevents known or suspected cyber threats using an integrated system of intrusion detection, analytics, information sharing, and intrusion prevention capabilities. These combined capabilities provide a foundation for defending the federal civilian government’s information technology infrastructure against cyber threats,” Lee wrote in an email statement. “The DOMino (Development, Operations and Maintenance) contract will provide services to operate and maintain existing EINSTEIN capabilities and will also be used to design and develop new cybersecurity capabilities for the NCPS.”
Raytheon didn’t respond to a request for comment.
A few details about DOMino have come out over the past few years. A 2014 presentation by DHS acquisition officials shows the program as a limited competition indefinite delivery, indefinite quantity contract with a five-year performance period.
A 2011 DHS budget document highlights the NCPS program, detailing its plan for growth by releasing new capabilities in “blocks.” But the document offers little insight into the cost or specific tools the program is working on.
The award to Raytheon comes as DHS is ramping up its EINSTEIN implementation timetable.
DHS told lawmakers in June that the latest iteration of its EINSTEIN program, known as 3A, is up and running for about 45 percent of the government – 20 percent more than nine months ago.
DHS says it sees the deployment of EINSTEIN 3A as a high priority because it has the capability to stop malicious network traffic automatically and in real-time, unlike prior versions of the system, which merely notify network administrators when something appears to be amiss in the dot-gov world.
For fiscal 2016, DHS requested $480 million for network security deployment to protect governmentwide networks. That figures includes funding for the EINSTEIN 3A program.
Congress also sees value in the EINSTEIN program.
Sens. Ron Johnson (R-Wis.) and Tom Carper (D-Del.), the Homeland Security and Governmental Affairs Committee’s chairman and ranking member, respectively, sponsored The Federal Cybersecurity Enhancement Act of 2015 to authorize DHS to put EINSTEIN on every agency’s network.
The committee passed the bill in July and significant sections of the legislation were added as an amendment to the Cyber Information Sharing Act.