DOD moves to enhance e-mail security

The Defense Department needs a security system to scan e-mail on its Global Information Grid (GIG) network, and it has asked industry to submit information on such a system, according to an announcement on the Federal Business Opportunities Web site.

DOD will consider software as a service, managed services, software-only, or bundled software/hardware solutions, according to the announcement.

The E-mail Security Gateway is intended to provide a defensible e-mail security border that includes automatic defenses and configurable quick reaction capabilities, the announcement made May 12 states.

The solution must scan every e-mail message entering DOD via the Internet and NIPRNet gateways and should integrate with existing e-mail systems in DOD. The solution also must include sensor technologies that detect attacks, characterize the type of attack, and offer responses to the attack, DOD said.

The Defense Information Systems Agency is coordinating the effort and wants e-mail security information from industry and academia.

“State of the art threat detection, system availability design, ease of management, likelihood of obtaining system accreditation, cost, scalability and physical system footprint will weigh heavily in the review of all submissions,” the announcement states.

The solution must be able to support about five million users with an estimated 700 NIPRNet e-mail domains. Approximately 50 million messages per day are expected to be screened by the system.

Vendors should take into account that most but not all NIPRNet domains will be addressed as .mil.

At a minimum, for inbound e-mail security protection, the solution should provide anti-virus, anti-spam, anti-phishing and content filtering capabilities, DOD also said.

Submissions are due June 1.