Corporate  Capability  Statement  

2014    

     

1801  Robert  Fulton  Drive,  Suite  120  Reston,  VA  20191  www.dexisive.com  

Phone:  703-­‐935-­‐0110  Fax:  866-­‐877-­‐0529  

 

   

2    

 

Table  of  Contents  

Company  Information  ..................................................................................................................................  3  

Company  Size  ...........................................................................................................................................  3  

Company  Background  ..............................................................................................................................  4  

Primary  Capabilities  .....................................................................................................................................  5  

Enterprise  Performance  Management  Capabilities  .................................................................................  5  

Enterprise  Management  Capabilities  ......................................................................................................  6  

Information  Assurance  Capabilities  .........................................................................................................  6  

Examples  of  Capabilities  Delivered  to  our  Valued  Clients  ...........................................................................  7  

 

   

   

3    

Company  Information  

DEXISIVE  is  pleased  to  provide  this  summary  of  corporate  capabilities  for  prospective  clients.  We  thank  you  for  considering  DEXISIVE  as  a  valued  partner  for  your  success.    Following  is  information  that  demonstrates  our  capability  to  support  your  mission  and  objectives.    Any  questions  regarding  this  capabilities  statement  may  be  directed  to:  

 

Name:     Alex  Kunin  

Phone:     703-­‐935-­‐0110  

E-­‐mail:     alexander.kunin@dexisive.com  

Address:   DEXISIVE,  Inc.         1801  Robert  Fulton  Drive,  Suite  120       Reston,  VA  20119      

Company  Size  DEXISIVE,  Inc.  qualifies  in  the  following  business  categories:  

ü Small  Business  under  NAICS  Code  541519  (and  many  other  NAICS  codes)  

ü Woman  Owned  Small  Business  

ü Veteran  Owned  Small  Business  

ü Service-­‐Disabled  Veteran-­‐Owned  Small  Business    (VA  Verified)  

 

As  a  VA  Verified  small  business  DEXISIVE  provides  the  added  assurance  that  the  Department  of  Veteran  Affairs  has  vetted  our  eligibility  in  this  set-­‐aside  category-­‐-­‐many  “self-­‐certified”  business  entities  cannot  make  such  a  claim.    The  attached  letter  is  evidence  of  our  entry  in  the  verified  veteran  business  database  and  provides  a  government  web  site  where  this  information  can  be  confirmed.  

 

   

4    

Company  Background  DEXISIVE  Inc.  is  a  Woman  Owned,  Service  Disabled  Veteran  Owned  Small  Business  established  in  2005  to  design  and  deploy  technology  solutions  for  medium  to  large  enterprises  with  high  quality  and  predictability  for  our  clients.  Every  solution  we  develop  is  designed  to  be  appropriately  Scalable,  Supportable,  and  Secure.    We  focus  on:    

• Enterprise  Infrastructure  Management  • Security  Solutions  • Network  Design  and  Related  IT  Solutions  

 

DEXISIVE  is  led  by  President  and  CEO  Ms.  Petrina  B.  Murphy.  She  is  a  retired  U.S.  Air  Force  officer  with  Air  Force  Intelligence  Agency  (formerly  AF  Security  Service)  experience,  Master’s  degrees  in  Computer  Science  and  Business,  and  an  active  DoD  Top  Secret  clearance.  Ms.  Murphy  is  supported  by  a  management  team  consisting  of  experienced  IT  professionals  with  outstanding  credentials  in  Government  Information  Technology  planning,  design,  implementation,  and  operations.  Her  team  has  designed  and  implemented  some  of  the  largest  and  most  complex  infrastructure  solutions  for  mission  critical  systems  for  the  Federal  Government.    

Additionally,  

ü DEXISIVE  has  the  highest  Dunn  and  Bradstreet  Rating  (BA1)  for  a  company  of  our  size  (DUNS  #  60-­‐085-­‐3241).  

ü DEXISIVE  holds  a  Top  Secret  Facility  Clearance  (CAGE  code:  42GS2)  and  more  than  30%  of  our  employees  hold  DoD  security  clearances.    The  majority  with  SCI  or  Top  Secret  access.  

ü DEXISIVE  is  a  sponsor  of  the  Mississippi  State  University  Center  for  Computer  Security  Research,  an  NSA  certified  center  of  academic  excellence  (http://www.security.cse.msstate.edu/).  

DEXISIVE  can  provide  outstanding  references  from  a  variety  of  Government  and  Commercial  clients.  Operations  and  Maintenance  projects  include  supporting  data  center  operations  and  IT  Infrastructure  system  administration  (Unix  and  Windows)  for  HUD.  We  have  also  provided  a  wide  range  of  system  integration  support  for  the  DoD  Military  Health  System  (MHS)  such  as  smart-­‐card  identification  and  authentication  for  the  DoD  clinics  worldwide.  The  DTIL  is  used  to  design/implement  prototype  solutions  that  can  be  evaluated  and  tested  before  deployment.  For  the  Bureau  of  Alcohol,  Tobacco,  Firearms,  and  Explosives  DEXISIVE  successful  relocated  a  data  center    and  fail-­‐over  site  with  no  end-­‐user  impact.  

   

5    

Primary  Capabilities  

DEXISIVE  maintains  focus  and  core  competencies  in  the  critical  service  areas  of  enterprise  IT:  enterprise  performance  management,  enterprise  management  and  information  assurance.  We  believe  that  by  enhancing  client  solutions  in  these  focus  areas,  savings  and  a  real  sense  of  control  can  be  realized  across  the  entire  IT  organization.  

Enterprise  Performance  Management  Capabilities  

DEXISIVE  is  an  industry  leader  and  your  authority  in  providing  Enterprise  Performance  Management.  Enterprise  Performance  Management  is  our  approach  to  optimize  client  infrastructure  services  such  as  inefficient  applications,  slow  web,  high  usage  volumes,  or  applications  falling  short  of  their  performance  expectations).      We  have  the  proven  capability  to  accurately  understand  the  client’s  enterprise  environment  performance  and  predictably  determine  the  outcome  of  technical  solutions  to  minimize  risk.    Enterprise  performance  management  allows  DEXISIVE  to  gain  operational  visibility  into  the  environment  meaning  we  will  know  exactly  what  components  are  out  there,  how  they  configured,  how  they  are  interrelated,  and  how  they  are  being  used.  Additionally,  we  gain  definitive  understanding  of  the  performance  characteristics  of  the  operational  infrastructure  regardless  of  the  complexity.  This  allows  DEXISIVE  to  adjust  and  plan  the  capacity  to  meet  the  business  mission,  optimally  consume  the  services  being  provided  by  the  infrastructure,  reducing  the  time  to  resolve  problems.    DEXISIVE  enterprise  performance  management  is  a  combination  of  a  well-­‐defined  toolset,  skillset,  and  methodology.    • Planning  and  Engineering  Support—DEXISIVE  conducts  capacity  planning,  validates  

requirements,  and  predicts  the  impact  of  changes  to  the  enterprise  IT  configuration.  • Operational  Monitoring—Through  DEXISIVE’s  proactive  monitoring  of  performance  

characteristics  we  can  compare  the  current  performance  with  any  prior  point  in  time.    We  analyze  differences  to  identify  the  root  cause  of  any  degradation  of  performance  and  compare  approved  configuration  settings  with  as-­‐is  settings  to  quantify  the  effect  of  the  change  our  client’s  system’s  performance.  

• Operational  Support—Our  support  methodology  allows  us  to  validate  and  troubleshoot  actual  and  perceived  performance  issues  without  guessing.  We  get  to  the  root-­‐cause  quickly  to  minimize  mission  impact  to  our  clients.  

• Enterprise  Consolidation—DEXISIVE  can  assist  in  optimizing  data  storage  and  server  space  while  boosting  overall  productivity  by  minimizing  operating  expenses  through  storage,  server,  and  network  virtualization  technologies.    

   

6    

Enterprise  Management  Capabilities  DEXISIVE  maintains  expert  capabilities  in  engineering  and  operations  of  enterprise  management  systems.  Our  experience  and  knowledge  allow  rapid  implementation  of  an  enterprise  management  system  that  effectively  automates  an  organization’s  IT  service  management  operations.    A  robust  set  of  enterprise  management  capabilities  is  fundamental  to  achieving  many  organizational  IT  goals.    DEXISIVE  implements  an  enterprise  management  system  designed  to  provide  the  overall  health  management  of  an  enterprise  service;  systems  we  implement  monitor  and  manage  the  fault,  configuration,  accounting,  performance  and  security  (FCAPS)  state  of  devices  and  IT  components  in  a  vast  array  of  enterprise  services  areas  like  client,  server,  application,  network,  storage,  and  facility.        DEXISIVE  provides  full  life-­‐cycle  technical  expertise  in  support  of  planning,  engineering,  implementation,  operations  and  enhancement  of  the  enterprise  management  systems  to  our  clients.      • Planning  and  Assessment—DEXISIVE  conducts  requirements  analysis,  does  discovery  of  

existing  management  capabilities,  assesses  maturity  of  organizational  IT  processes,  gains  understanding  of  the  operational  IT  staff’s  capabilities,  and  performs  gap  analysis.  

• Engineering  and  Implementation—DEXISIVE’s  systematic  approach  creates  a  development  roadmap  that  provides  best  return  on  investment  for  our  client.    This  drives  the  shortest  path  to  achieving  usable  instrumentation,  tangible  results  and  critical  capabilities  from  the  management  systems.  

• Operations  and  Tuning—DEXISIVE  baselines  our  client’s  management  system’s  performance  and  organizational  services  infrastructure  characteristics  to  develop  thresholds;  metrics  and  KPIs  that  are  critical  to  achieving  operational  excellence.    We  also  tune  and  adapt  your  system  to  eliminate  false  negatives  and  positives.  

Information  Assurance  Capabilities  DEXISIVE  leverages  exceptional  information  assurance  experience  across  a  broad  spectrum  of  functional  and  technical  domains  to  satisfy  client  security  requirements.  We  have  the  following  capabilities  to  assist  our  clients  in  meeting  FISMA  requirements  while  securing  their  systems  in  ways  that  enhance  trust  and  confidence  in  the  protection  of  sensitive  information  and  systems.  

• Certification  and  Accreditation  Support  (C&A)—DEXISIVE  provides  DITSCAP  and  DIACAP  certification  for  DoD  organizations.  For  other  federal  agencies,  DEXISIVE  provides  NIST  800-­‐37  Risk  Management  as  well  as  Certification  and  Accreditation  Support,  including  continuous  monitoring  following  formal  C&A.  

• Vulnerability  Assessment—DEXISIVE  conducts  NSA-­‐style  Vulnerability  Assessments  that  include  structured  approaches  for  Discovery,  Analysis,  Validation,  and  Reporting.  When  working  with  DEXISIVE,  client  engagements  are  typically  divided  into  a  Pre-­‐Assessment  Phase,  

   

7    

On-­‐Site  Activities  Phase  and  Post  Assessment  Phase  with  a  strong  emphasis  on  information  categories  and  risks  based  on  confidentiality,  integrity,  and  availability  characteristics.  

• Penetration  Testing—DEXISIVE  employs  Penetration  Testing  techniques  based  on  a  defense-­‐in-­‐depth  model.  We  test  network,  host,  and  install  application  security  mechanisms  using  a  combination  of  white-­‐box  (access  to  code/systems  security  configuration)  and  black-­‐box  (where  visibility  of  security  configuration  is  restricted  but  can  be  derived  from  detected  network/system  vulnerabilities)  techniques.  Passive  and  active  penetration  testing  capabilities  are  both  available  as  client  agreements  determine  the  level  and  type  of  penetration  testing  performed.  

• Security  Engineering—DEXISIVE  designs  and  implements  security  solutions  to  meet  organization  goals  for  protection  of  data  and  systems  from  unauthorized  use.  These  solutions  include  boundary  protection,  security  zones,  identity  and  access  control  solutions,  proxy  and  gateway  solutions  for  partner/public  access,  security  event  monitoring  and  logging,  physical  and  logical  data  separation,  and  digital  rights  management  solutions.  

• Infrastructure  Hardening—DEXISIVE  provides  security  enhancements  for  desktops,  servers,  and  network  devices  (e.g.,  routers).  We  leverage  vendor  databases  and  national  repositories  to  identify  known  vulnerabilities  and  patches  to  ensure  systems  are  optimally  patched  to  satisfy  functional  and  performance  requirements  while  providing  risk-­‐based  security.  In  addition  to  hardening  through  patch  management,  DEXISIVE  also  recommends  and  implements  additional  best  practices  for  access  control,  confidentiality,  integrity,  and  availability.  This  service  may  also  include  off-­‐site  storage,  backup,  archive  and  remote  fail-­‐over  support  for  continuity  of  operation  in  the  event  of  catastrophic  failure  caused  by  electro-­‐mechanical  failure,  natural  disaster,  or  inadvertent/intentional  system  failure.  

• Security  Operations—DEXISIVE  can  provide  full  security  operations  support,  including  24X7  security  monitoring  and  incident  response.  DEXISIVE’s  Incident  Response  capabilities  are  consistent  with  NIST  guidelines  and  include  coordinating  with  Government  sponsored  incident  response  centers,  as  appropriate.  Our  Security  Operations  Services  also  include  Incident  Analysis  and  Data  Loss  Prevention  (DLP).  Additionally,  our  security  operations  capabilities  easily  integrate  with  existing  service  management  frameworks.  

Examples  of  Capabilities  Delivered  to  our  Valued  Clients  

• For  the  US  Air  Force  DEXISIVE’s  Dr.  Murphy  acted  as  the  Lead  Technical  Solution  Architect  for  the  CITS  NMS/BIP  program  to  champion  the  entire  systems  design/engineering  effort.    Additionally,  Murphy  developed  training  for  Operators  of  the  Network  Management  System  for  Base  Information  Protection  (NMS/BIP)  under  the  AF  CITS  Program.    Dr.  Murphy’s  training  deployed  to  80+  Air  Force  bases  and  included  sophisticated  IT  and  information  assurance  technology.    Dr.  Murphy  adopted  a  role-­‐based  training  approach  for  system  operators  to  understand  the  use  of  these  advanced  tools  for  their  specific  job  function.    This  was  in  contrast  to  previous  product  oriented  training  programs  which  taught  about  products  features  and  

   

8    

capabilities  without  conveying  how  the  system  operators  were  to  use  each  feature  to  satisfy  their  assigned  portion  of  the  NMS/BIP  mission.  

• The  Department  of  Interior  (DOI)  is  supported  by  DEXISIVE  with  full  service  Information  Assurance  services,  including  Certification  and  Accreditation,  Security  event  monitoring,  network  and  host-­‐based  forensics,  and  security  policy  implementation.  Also,  DEXISIVE  provides  full  service  Enterprise  Performance  Management  for  DOI  ‘s  Enterprise  Services  Network  (ESN).  

• For  the  Defense  Information  Systems  Agency  DEXISIVE  implemented  and  deployed  firewalls  and  other  security  devices  globally,  including  Bahrain,  AFRICOM  and  locations  throughout  the  US.  

• The  Department  of  Energy  hired  the  DEXISIVE  team  to  develop  Security  Architecture  to  protect  critical  information,  network,  storage,  and  processing  systems  from  exploitation.    DEXISIVE’s  technical  architecture  defined  19  non-­‐negotiable  core  principles  for  protecting  infrastructure  as  well  as  refined  information  resource  and  mechanisms  for  negotiating  more  exact  operating  agreements  and  protection  mechanisms  between  various  labs  and  organizations  that  shared  common  information  and  infrastructure.    The  Security  Architecture  also  defined  detailed  architectural  views  (network,  host,  and  application)  to  facilitate  communication  and  policy.    The  Security  Architecture  also  defined  7  goals  and  16  supporting  objectives  to  manage  and  monitor  improvements  for  intermediate  (<  18  months)  and  long-­‐term  improvements.  

• For  the  Department  of  Veterans  Affairs  our  staff  developed  an  interactive  weekend  retreat  to  conduct  Enterprise  Security  Architecture  seminars  for  Senior  Executives  to  help  build  their  understanding  of  the  importance  of  security  on  the  Internet.    The  event  was  a  mix  of  informational  content,  discussion,  and  small  group  activities  intended  to  help  these  leaders  understand  risk.    Participants  were  required  to  interact  with  representatives  from  other  organizations  so  that  each  gained  a  better  understanding  of  the  perspectives/needs  of  the  entire  Department.    As  an  example,  participants  worked  in  small  groups  to  allocate  a  limited  Information  Assurance  budget  to  provide  for  various  protection  mechanisms  then  evaluate  the  efficacy  of  their  approach  relative  to  the  approach  of  other  groups.  

• DEXISIVE  provided  the  Pentagon  with  contingency  operations  support,  remote  network  management/monitoring,  as  well  as  application/storage  fail-­‐over  and  redundancy  programs.  

These  projects  represent  a  sample  of  DEXISIVE’s  Team  Enterprise  Performance  Management  and  Information  Assurance  capabilities,  experience  and  results.    DEXISIVE’s  senior  leadership  continues  to  identify  the  need  for  key  resources  with  a  clear  understanding  of  performance  management  and  forward  thinking  information  assurance  concepts.    DEXISIVE  will  leverage  these  our  best  abilities,  relationships  and  affiliations  to  find  the  best  resolution  to  your  unique  needs.  Client  success  is  DEXISIVE’s  number  one  goal.  

“DEXISIVE  is  committed  to  high  levels  of  customer  satisfaction  and  trust  by  delivering  quality  services  through  well-­‐qualified  staff  that  are  supported  by  professional  corporate  resources.  We  will  define,  institutionalize,  and  continually  improve  processes  to  maximize  quality  for  our  clients.”    

Petrina  Murphy,  President/CEO