Capabilities & Solutions

GLOBAL NETWORK SYSTEMS, INC. (GNS) 2400 RESEARCH BOULEVARD SUITE 360 ROCKVILLE, MD 20850

BD-CC-4001 12.15 v1

www.gns-us.com hqoffice@gns-us.com 301-987-8750

GNS, Inc. was established in 2000 with a sole purpose of providing IT security solutions.

GNS Mission and Vision

Our mission is to contribute to our clients’ success by

ensuring their information systems are secure and productive

and to achieve the optimal level of security and productivity

in a cost-effective manner.

GNS, is committed to building long-term relationships. We

believe in providing quality services and focusing on our

tasks to ensure 100% client satisfaction.

GNS at a Glance In addition to our technical and program management expertise, GNS continues to invest in the infrastructure required to grow a business while maintaining quality of services.

Examples include:

We are ISO 9001-2008 certified for our Quality Management System (QMS);

We are ISO 27001-2013 certified for our Information Security Management System(ISMS);

We use Deltek GCS Premier as our primary financial and accounting system;

GNS has a full suite of Microsoft applications to support activities such as collaboration with clients, team members and the public (SharePoint) and ensure 100% compatibility with client;

GNS maintains more than 80% cleared staff at a Secret or higher level and maintains above industry level retention rates;

Our Operation staff is implementing a self-certified Earned Value Management System (EVMS) to support EVM projects; and

GNS exhibits strong financial stability, zero debts and holds the highest rating from Dun & Bradstreet.

Small Business Women Owned Small Business Minority Owned

2

Capabilities Core

IT/Cyber Security Solutions Certification & Accreditation (C&A)

Risk Management Framework

Continuous Monitoring

FISMA Compliance

Computer Incident Response Team (CIRT)

Independent Validation & Verification (IV&V)

Penetration and Vulnerability Testing

Security Operations Center (SOC)

Software Testing

508 Compliance Testing

GNS has expertise in all National Institute of Standards and Technology (NIST), Office of Management and Budget (OMB) and related standards and experience in using them to create organization-specific policies, procedures and guidance. For example, we are supporting clients developing policies to address IPv6, TIC, cloud computing, FISMA 2.0, and other federally mandated standards. GNS provides OCIO-level support for diverse and dispersed organizations comprising simple-to-complex systems at unclassified to classified levels including:

IV&V and QA of technical and budgetary performance, gap analysis and performance improvement;

Critical Infrastructure Protection (CIP ) support; Policy and procedure development; Risk management; Compliance.

Infrastructure Solutions

Internet/Intranet/Extranet Implementation

SharePoint Solutions

Project/Program Quality Assurance

Continuity of Operation Planning (COOP)

Disaster Recovery Planning (DRP)

Independent Software Testing and Evaluation including 508 Compliance, Automation and Performance Testing

Project and Process Improvement and Support

Quality Assurance Planning

3

IT/CYBER SECURITY SOLUTIONS

Security Management

Network Security

Conducting vulnerability and intrusion detection assessments;

Designing and implementing: Local and wide area network security (LAN/WAN), firewalls,

intrusion detection, routers and switches, protocol analysis and encryption;

Access controls for network infrastructure — routers, switches and servers.

Web server and DNS security, DMZ configuration;

Unix, Windows, mainframe security reviews;

Network management systems for total control of network environment.

GNS has expertise in all National Institute of Standards and Technology (NIST), Office of Management

and Budget (OMB) and all relevant Federal standards, directives and guidance. Our certified staff

support: risk management, audits and compliance, continuous monitoring, and critical infrastructure

protection (CIP) to include: incident response and forensics, security operations, ST&E, vulnerability

scanning, contingency planning and disaster recovery. We are experts in analyzing the security impacts

from new initiatives and technologies such as IPv6, TIC, cloud computing, FISMA 2.0, etc.

Conducting threat, vulnerability and risk assessments;

Developing an integrated plan including security organization, policies, standards and best

practices;

Developing technical, procedural and administrative controls using standards and best practices;

Creating agency-specific policies for email and internet usage, firewall and antivirus software, data

protection and backup; application development and new technologies;

Developing and implementing incident and emergency response procedures;

Supporting CIRT/CERT operations.

Core Capabilities

Application Security

Conducting threat, vulnerability and risk assessments;

Developing an integrated plan including security organization, policies, standards and best

practices;

Developing technical, procedural and administrative controls using standards and best practices;

Creating agency-specific policies for email and internet usage, firewall and antivirus software, data

protection and backup; application development and new technologies;

Developing and implementing incident and emergency response procedures;

Supporting CIRT/CERT operations.

4

IT/CYBER SECURITY SOLUTIONS

Information Technology (IT) Auditing

Access Control

Develop policies and procedures for authorization, authentication and auditing (AAA);

Evaluation of AAA effectiveness.

Risk assessments and control of systems, networks and applications;

Technical audit and review of confidentiality, integrity, and availability controls;

Compliance with government regulations;

Flowcharting of network data.

Core Capabilities

Security Awareness and Training

Developing training programs which provide mandatory periodic computer security training for all

employees who are involved with the management, use, or operation of Federal computer systems;

Conduct skills assessments, audits and develop performance metrics to track training effectiveness.

Risk Manager (CISO) Support

Developing strategies for IT security, control and audit;

Assessing and selecting security vendors, technology and products;

Liaison to management for security operations, risk management and IT audits;

Project management for security technology implementation.

Risk Management Framework

Expertise in NIST SP 800-37 implementation;

Developing and managing a continuous monitoring program;

Conducting independent security test and evaluation.

Transition to Risk Management Framework (RMF)

5

INFRASTRUCTURE SOLUTIONS

Internet/Intranet/Extranet Implementation

SharePoint Solutions

Initial installation and upgrades;

Administration.

GNS applies a systems development lifecycle approach comprising of:

GNS designs and develops secure web content management for networking, E-Business, and systems

design. We define desired features and operation in detail, screen layouts, process key documentation.

Core Capabilities

Project/Program Quality Assurance

Assessments of existing internal QA functions;

Implementing and managing the QA function as part of Project/Program oversight.

Continuity of Operation Planning (COOP)/ Disaster Recovery Planning (DRP)

Designing systems and networks to ensure high availability, fault tolerance and redundancy;

Planning: hardware, software, infrastructure and staff.

Independent evaluation and testing of COOP and DRP

6

7

Current Clients

DHS - NPPD

DHS - CBP DHS - CIS

DOC

DHS - ICE

Past Clients Bureau of Engraving and Printing

U.S. Department of Agriculture

U.S. Department of Energy

U.S. Department of Interior

NIST (National Institute of Standards and Technology)

U.S. Department of Health and Human Resources

D.C. Lottery Board Advisory

U.S. Department of Commerce, OCIO

National Oceanic and Atmospheric Administration (NOAA)

U.S. Securities and Exchange Commission (SEC)

DHS - OBIM

ISS LOB RMF BPA

8(a) STARS II Schedule 70 GS-35F-0582M

VETS

NOAALink ITS-SB ITES-2S

R23G

TIPSS IV ITS & SB

eFAST

EAGLE II BOSS-R MD CATS II FL IT Consulting

8

Contract Vehicles

GNS supported the SEC’s IT

security program in IA, C&A and

FISMA compliance management

and reporting efforts. Our staff

reviews existing and draft

legislation and standards,

commercial best practices and

report on potential impacts. We

provide quarterly reports of the

status of weaknesses tracked in

the POA&M for FIPS 199 and

discuss with system owners. Our

staff collected metrics for the

CIO dashboard tool to assist

with analysis of efforts to

mitigate identified weaknesses.

Sample Past Performance

U.S. Department of Energy

U.S. Securities and Exchange Commission

GNS reviews and updates the

SEC’s five-year strategic

security plan. We provided

program-level support to the

SEC staff assessing high-level

security-related, IT security

policies and procedures

pursuant to OMB circulars. Our

experts support the SEC

Technical Manager with risk

management including risk

assessment of internal and

external threats; risk-based

security policies and procedures;

and review of others’ risks

assessments.

GNS supported the DOE OCIO

management team overseeing

the one-billion dollar IT

infrastructure program. We have

established Independent

Validation & Verification (IV&V)

technical, schedule and cost

oversight and quality assurance

compliance with the Federal

Acquisition Regulation (FAR)

46.401(a), Office of

Management and Budget (OMB)

Circular A-130, the Government

Accountability Office (GAC)

Federal Information System

Controls Audit Manual (FISCAM)

and OMB Circular A-76 to

support Business Guide

Benchmarking Standards. As

part of our support, GNS

provided objective and

knowledgeable analysis of IT

security policy and systems

documentation and

management issues.

9

Sample Past Performance

U.S. Treasury Bureau of Engraving and Printing

Department of Commerce

GNS supported the Office of the

Secretary/OCIO and Operating

Unites (OUs) in the review and

analysis of IT security policy,

system documentation and

security program management

issues for unclassified and

classified systems, networks and

applications. GNS developed

and/or reviewed and assessed

existing security plans, C&A

packages and other security

related tasks and documents

throughout the enterprise life

cycle. GNS also assisted with

implementing and maintaining

DOC-wide standards in line with

applicable OMB, NIST, FISMA,

and other government

regulations and industry best

practices. Additional activities

included: CIRT support (incident

reporting, tracking, handling);

COOP; DR; penetration and

vulnerability testing; security

awareness training; specialized

training; security operations

center (SOC) implementation

and integration.

GNS supported the

development, review and

analysis of IT security policy,

systems documentation and IT

security management issues as

well as C&A projects and

compliance monitoring. Our on-

site staff provided technical,

analytical, and program

management support to the

Office of Critical Infrastructure

and IT Security including:

identifying policy and procedural

gaps; recommending and

documenting standards for

implementing security controls;

developing security test and

evaluation (ST&E) plans;

conducting ST&E testing,

analysis, and reporting;

monitoring industry security

trends and reporting on services;

supporting security analysis,

monitoring, and defense (IDS,

IPS, firewalls, etc.); incident

support and management

including installing patches and

upgrades; auditing IBM

Mainframe, LAN/WAN, and

other systems; performing

continuous monitoring to ensure

security controls remain

effective; and providing IT

Contingency Plan Testing

Support.

10

Awards & Recognitions

Certifications

Awards & Recognitions

ISO 9001:2008 Certified;

ISO 27001:2013 Certified

EVMS Self Certified;

Women-Owned Small Business (WOSB);

11

INC 5000 Awardee;

Washington Technology’s Fast 50;

SBA Best Small Business of the Year Nominee;

Exceptional rating by GSA;

Highest Rating by Dun and Bradstreet;

Recognition for the support of the National Guard and Reserve.

Client Commendations

12

“GNS has consistently provided highly qualified contractors to each contract task. The contractors provided by GNS are well trained and have excellent experience. The GNS contractors quickly integrated themselves into the Commerce environment and quickly became very productive. I have found the GNS management team to be extremely responsive to the needs of Commerce and have always worked diligently to exceed our expectations.“

William Lay Associate Deputy CIO, U.S. Department of Energy

“When we need information technology products or services to complete our mission in a hurry, we look to Global Network Systems because they are responsive, honest and highly professional. They are focused and produce high quality deliverables at a fair price. “

John Ogungbemi Project Manager, DC Lottery Board

“GNS engineers have proven themselves as reliable support staff, hard workers, and talented individuals. They are extremely cooperative and possess the capacity to contribute positively while working as part of a team. “

Michael Sheaver Contracting Officer Technical Manager, USDA, NRCS

“I am pleased to share with you a commendation for the exceptional performance shown by GNS’ [staff] for the ST&E of the FM&E TRIRIGA system. [GNS] showed exceptional dedication and professionalism in completing a difficult ST&E. These examples speak of high standards, leadership, time management skills, dedication and professionalism and we are proud to have [GNS] as a member of our team.”

Rick King OIT/EDME/STP, U.S. Customs and Border Protection

CONTACT GNS Global Network Systems, Inc. 2400 Research Boulevard, Suite 360 Rockville, MD 20850-3243 hqoffice@gns-us.com P: 301.987.8750 www.gns-us.com

13