Corporate Capability Statement 2014 1801 Robert Fulton Drive, Suite 120 Reston, VA 20191 www.dexisive.com Phone: 7039350110 Fax: 8668770529
Sep 14, 2014
Corporate Capability Statement
2014
1801 Robert Fulton Drive, Suite 120 Reston, VA 20191 www.dexisive.com
Phone: 703-‐935-‐0110 Fax: 866-‐877-‐0529
2
Table of Contents
Company Information .................................................................................................................................. 3
Company Size ........................................................................................................................................... 3
Company Background .............................................................................................................................. 4
Primary Capabilities ..................................................................................................................................... 5
Enterprise Performance Management Capabilities ................................................................................. 5
Enterprise Management Capabilities ...................................................................................................... 6
Information Assurance Capabilities ......................................................................................................... 6
Examples of Capabilities Delivered to our Valued Clients ........................................................................... 7
3
Company Information
DEXISIVE is pleased to provide this summary of corporate capabilities for prospective clients. We thank you for considering DEXISIVE as a valued partner for your success. Following is information that demonstrates our capability to support your mission and objectives. Any questions regarding this capabilities statement may be directed to:
Name: Alex Kunin
Phone: 703-‐935-‐0110
E-‐mail: [email protected]
Address: DEXISIVE, Inc. 1801 Robert Fulton Drive, Suite 120 Reston, VA 20119
Company Size DEXISIVE, Inc. qualifies in the following business categories:
ü Small Business under NAICS Code 541519 (and many other NAICS codes)
ü Woman Owned Small Business
ü Veteran Owned Small Business
ü Service-‐Disabled Veteran-‐Owned Small Business (VA Verified)
As a VA Verified small business DEXISIVE provides the added assurance that the Department of Veteran Affairs has vetted our eligibility in this set-‐aside category-‐-‐many “self-‐certified” business entities cannot make such a claim. The attached letter is evidence of our entry in the verified veteran business database and provides a government web site where this information can be confirmed.
4
Company Background DEXISIVE Inc. is a Woman Owned, Service Disabled Veteran Owned Small Business established in 2005 to design and deploy technology solutions for medium to large enterprises with high quality and predictability for our clients. Every solution we develop is designed to be appropriately Scalable, Supportable, and Secure. We focus on:
• Enterprise Infrastructure Management • Security Solutions • Network Design and Related IT Solutions
DEXISIVE is led by President and CEO Ms. Petrina B. Murphy. She is a retired U.S. Air Force officer with Air Force Intelligence Agency (formerly AF Security Service) experience, Master’s degrees in Computer Science and Business, and an active DoD Top Secret clearance. Ms. Murphy is supported by a management team consisting of experienced IT professionals with outstanding credentials in Government Information Technology planning, design, implementation, and operations. Her team has designed and implemented some of the largest and most complex infrastructure solutions for mission critical systems for the Federal Government.
Additionally,
ü DEXISIVE has the highest Dunn and Bradstreet Rating (BA1) for a company of our size (DUNS # 60-‐085-‐3241).
ü DEXISIVE holds a Top Secret Facility Clearance (CAGE code: 42GS2) and more than 30% of our employees hold DoD security clearances. The majority with SCI or Top Secret access.
ü DEXISIVE is a sponsor of the Mississippi State University Center for Computer Security Research, an NSA certified center of academic excellence (http://www.security.cse.msstate.edu/).
DEXISIVE can provide outstanding references from a variety of Government and Commercial clients. Operations and Maintenance projects include supporting data center operations and IT Infrastructure system administration (Unix and Windows) for HUD. We have also provided a wide range of system integration support for the DoD Military Health System (MHS) such as smart-‐card identification and authentication for the DoD clinics worldwide. The DTIL is used to design/implement prototype solutions that can be evaluated and tested before deployment. For the Bureau of Alcohol, Tobacco, Firearms, and Explosives DEXISIVE successful relocated a data center and fail-‐over site with no end-‐user impact.
5
Primary Capabilities
DEXISIVE maintains focus and core competencies in the critical service areas of enterprise IT: enterprise performance management, enterprise management and information assurance. We believe that by enhancing client solutions in these focus areas, savings and a real sense of control can be realized across the entire IT organization.
Enterprise Performance Management Capabilities
DEXISIVE is an industry leader and your authority in providing Enterprise Performance Management. Enterprise Performance Management is our approach to optimize client infrastructure services such as inefficient applications, slow web, high usage volumes, or applications falling short of their performance expectations). We have the proven capability to accurately understand the client’s enterprise environment performance and predictably determine the outcome of technical solutions to minimize risk. Enterprise performance management allows DEXISIVE to gain operational visibility into the environment meaning we will know exactly what components are out there, how they configured, how they are interrelated, and how they are being used. Additionally, we gain definitive understanding of the performance characteristics of the operational infrastructure regardless of the complexity. This allows DEXISIVE to adjust and plan the capacity to meet the business mission, optimally consume the services being provided by the infrastructure, reducing the time to resolve problems. DEXISIVE enterprise performance management is a combination of a well-‐defined toolset, skillset, and methodology. • Planning and Engineering Support—DEXISIVE conducts capacity planning, validates
requirements, and predicts the impact of changes to the enterprise IT configuration. • Operational Monitoring—Through DEXISIVE’s proactive monitoring of performance
characteristics we can compare the current performance with any prior point in time. We analyze differences to identify the root cause of any degradation of performance and compare approved configuration settings with as-‐is settings to quantify the effect of the change our client’s system’s performance.
• Operational Support—Our support methodology allows us to validate and troubleshoot actual and perceived performance issues without guessing. We get to the root-‐cause quickly to minimize mission impact to our clients.
• Enterprise Consolidation—DEXISIVE can assist in optimizing data storage and server space while boosting overall productivity by minimizing operating expenses through storage, server, and network virtualization technologies.
6
Enterprise Management Capabilities DEXISIVE maintains expert capabilities in engineering and operations of enterprise management systems. Our experience and knowledge allow rapid implementation of an enterprise management system that effectively automates an organization’s IT service management operations. A robust set of enterprise management capabilities is fundamental to achieving many organizational IT goals. DEXISIVE implements an enterprise management system designed to provide the overall health management of an enterprise service; systems we implement monitor and manage the fault, configuration, accounting, performance and security (FCAPS) state of devices and IT components in a vast array of enterprise services areas like client, server, application, network, storage, and facility. DEXISIVE provides full life-‐cycle technical expertise in support of planning, engineering, implementation, operations and enhancement of the enterprise management systems to our clients. • Planning and Assessment—DEXISIVE conducts requirements analysis, does discovery of
existing management capabilities, assesses maturity of organizational IT processes, gains understanding of the operational IT staff’s capabilities, and performs gap analysis.
• Engineering and Implementation—DEXISIVE’s systematic approach creates a development roadmap that provides best return on investment for our client. This drives the shortest path to achieving usable instrumentation, tangible results and critical capabilities from the management systems.
• Operations and Tuning—DEXISIVE baselines our client’s management system’s performance and organizational services infrastructure characteristics to develop thresholds; metrics and KPIs that are critical to achieving operational excellence. We also tune and adapt your system to eliminate false negatives and positives.
Information Assurance Capabilities DEXISIVE leverages exceptional information assurance experience across a broad spectrum of functional and technical domains to satisfy client security requirements. We have the following capabilities to assist our clients in meeting FISMA requirements while securing their systems in ways that enhance trust and confidence in the protection of sensitive information and systems.
• Certification and Accreditation Support (C&A)—DEXISIVE provides DITSCAP and DIACAP certification for DoD organizations. For other federal agencies, DEXISIVE provides NIST 800-‐37 Risk Management as well as Certification and Accreditation Support, including continuous monitoring following formal C&A.
• Vulnerability Assessment—DEXISIVE conducts NSA-‐style Vulnerability Assessments that include structured approaches for Discovery, Analysis, Validation, and Reporting. When working with DEXISIVE, client engagements are typically divided into a Pre-‐Assessment Phase,
7
On-‐Site Activities Phase and Post Assessment Phase with a strong emphasis on information categories and risks based on confidentiality, integrity, and availability characteristics.
• Penetration Testing—DEXISIVE employs Penetration Testing techniques based on a defense-‐in-‐depth model. We test network, host, and install application security mechanisms using a combination of white-‐box (access to code/systems security configuration) and black-‐box (where visibility of security configuration is restricted but can be derived from detected network/system vulnerabilities) techniques. Passive and active penetration testing capabilities are both available as client agreements determine the level and type of penetration testing performed.
• Security Engineering—DEXISIVE designs and implements security solutions to meet organization goals for protection of data and systems from unauthorized use. These solutions include boundary protection, security zones, identity and access control solutions, proxy and gateway solutions for partner/public access, security event monitoring and logging, physical and logical data separation, and digital rights management solutions.
• Infrastructure Hardening—DEXISIVE provides security enhancements for desktops, servers, and network devices (e.g., routers). We leverage vendor databases and national repositories to identify known vulnerabilities and patches to ensure systems are optimally patched to satisfy functional and performance requirements while providing risk-‐based security. In addition to hardening through patch management, DEXISIVE also recommends and implements additional best practices for access control, confidentiality, integrity, and availability. This service may also include off-‐site storage, backup, archive and remote fail-‐over support for continuity of operation in the event of catastrophic failure caused by electro-‐mechanical failure, natural disaster, or inadvertent/intentional system failure.
• Security Operations—DEXISIVE can provide full security operations support, including 24X7 security monitoring and incident response. DEXISIVE’s Incident Response capabilities are consistent with NIST guidelines and include coordinating with Government sponsored incident response centers, as appropriate. Our Security Operations Services also include Incident Analysis and Data Loss Prevention (DLP). Additionally, our security operations capabilities easily integrate with existing service management frameworks.
Examples of Capabilities Delivered to our Valued Clients
• For the US Air Force DEXISIVE’s Dr. Murphy acted as the Lead Technical Solution Architect for the CITS NMS/BIP program to champion the entire systems design/engineering effort. Additionally, Murphy developed training for Operators of the Network Management System for Base Information Protection (NMS/BIP) under the AF CITS Program. Dr. Murphy’s training deployed to 80+ Air Force bases and included sophisticated IT and information assurance technology. Dr. Murphy adopted a role-‐based training approach for system operators to understand the use of these advanced tools for their specific job function. This was in contrast to previous product oriented training programs which taught about products features and
8
capabilities without conveying how the system operators were to use each feature to satisfy their assigned portion of the NMS/BIP mission.
• The Department of Interior (DOI) is supported by DEXISIVE with full service Information Assurance services, including Certification and Accreditation, Security event monitoring, network and host-‐based forensics, and security policy implementation. Also, DEXISIVE provides full service Enterprise Performance Management for DOI ‘s Enterprise Services Network (ESN).
• For the Defense Information Systems Agency DEXISIVE implemented and deployed firewalls and other security devices globally, including Bahrain, AFRICOM and locations throughout the US.
• The Department of Energy hired the DEXISIVE team to develop Security Architecture to protect critical information, network, storage, and processing systems from exploitation. DEXISIVE’s technical architecture defined 19 non-‐negotiable core principles for protecting infrastructure as well as refined information resource and mechanisms for negotiating more exact operating agreements and protection mechanisms between various labs and organizations that shared common information and infrastructure. The Security Architecture also defined detailed architectural views (network, host, and application) to facilitate communication and policy. The Security Architecture also defined 7 goals and 16 supporting objectives to manage and monitor improvements for intermediate (< 18 months) and long-‐term improvements.
• For the Department of Veterans Affairs our staff developed an interactive weekend retreat to conduct Enterprise Security Architecture seminars for Senior Executives to help build their understanding of the importance of security on the Internet. The event was a mix of informational content, discussion, and small group activities intended to help these leaders understand risk. Participants were required to interact with representatives from other organizations so that each gained a better understanding of the perspectives/needs of the entire Department. As an example, participants worked in small groups to allocate a limited Information Assurance budget to provide for various protection mechanisms then evaluate the efficacy of their approach relative to the approach of other groups.
• DEXISIVE provided the Pentagon with contingency operations support, remote network management/monitoring, as well as application/storage fail-‐over and redundancy programs.
These projects represent a sample of DEXISIVE’s Team Enterprise Performance Management and Information Assurance capabilities, experience and results. DEXISIVE’s senior leadership continues to identify the need for key resources with a clear understanding of performance management and forward thinking information assurance concepts. DEXISIVE will leverage these our best abilities, relationships and affiliations to find the best resolution to your unique needs. Client success is DEXISIVE’s number one goal.
“DEXISIVE is committed to high levels of customer satisfaction and trust by delivering quality services through well-‐qualified staff that are supported by professional corporate resources. We will define, institutionalize, and continually improve processes to maximize quality for our clients.”
Petrina Murphy, President/CEO