SSA RFI: Secure Kiosk Browser Solution

Notice ID 28321321RI0000031

“The Social Security Administration (SSA) has a network of over 1,200 field offices.  To better serve the public, the agency has deployed two major self-service technologies in almost all of its field offices: Self-Help Personal Computers (SHPCs) and Visitor Intake Process Rewrite (VIPR).”

“SSA will continue to use secure kiosk browser software running on the aforementioned virtual desktops for the VIPR and SHPC initiatives, and is seeking a supplier with a Chromium-based secure browser client.  This software will replace an existing secure kiosk client currently based on the Internet Explorer browser.  The secure kiosk browser solution’s licensing model must accommodate a specified number of active clients on these virtual desktops.  There will be more virtual desktops than active sessions to provide high availability in the event that some virtual machines are inaccessible as a result of a hardware failure.  There are a mirror set of virtual machines created in an alternate data center to allow failover in the event of a loss of the primary data center.  A fixed number of physical end user devices have been deployed nationally, which dictates the maximum number of active sessions possible.

The government has implemented this solution in two separate data centers for high availability and redundancy.  One data center is active with the secondary data center serving as a hot standby.  It is expected that two or more servers and corresponding database replicas associated with the secure kiosk browser solution would be required in each location for redundancy to provide management, monitoring, reporting, license registration and other server-based functions that are required to support the clients.  The same clients/licenses will be used in both data centers.  Clients are normally directed to only the primary data center.  In the event of a loss of the primary data center, clients are directed to the secondary data center.”

“The Contractor shall provide a comprehensive kiosk secure Chromium-based browser software solution including client, server, database, and support services for Self-Help Personal Computers (SHPC) and Visitor Intake Process Rewrite (VIPR) units at SSA Field Offices.  This software will replace an existing secure kiosk browser solution currently used for both SHPC and VIPR.  The agency will use the software to provide a pool of virtual machines running on an internal Virtual Desktop Infrastructure (VDI) environment to satisfy various kiosk project requirements including but not limited to the SHPC and VIPR initiatives.

Mandatory Technical Requirements

  1. The solution must provide the means for clients to be centrally managed, centrally monitored, and rapidly deployed.
  2. The solution must include the ability to remotely monitor and assess kiosk usage for management personnel.
  3. The solution must provide a means to register each physical endpoint during the first use and retain that that registration in a database for subsequent sessions. The physical endpoints are zero clients with unique MAC addresses.  The operating system identifiers running on the VDI virtual machines cannot be used because the agency uses VDI clones for the client sessions.  These virtual machines are not persistent; physical endpoints connect to a random virtual machine from a pool of machines, therefore, any local virtual machine identification information is not retained and is not exclusive to a given physical zero client.  Using a MAC address identifier is the preferred method of client identification, but similar identifier methods are acceptable.  The agency currently utilizes secure kiosk browser software that acquires the MAC address via VMware Horizon Agent.  The agent provides the following registry value to distinguish between physical endpoints: HKEY_CURRENT_USER\Volatile Environment.  String value:
  4. The solution must provide heartbeat functionality to determine the health of each kiosk.
  5. The solution must provide the ability to deploy configuration changes from a management server to the kiosk clients.
  6. The solution must provide client and server software that is compatible with VMware virtual machines running the Microsoft Windows 10 Enterprise and Microsoft Windows Server 2016 Datacenter/Microsoft Windows Server 2019 Datacenter operating systems respectively and it must continue to be compatible with future feature updates and patches of these platforms. The solution must also provide updates to its software to maintain compatibility with forthcoming Microsoft Windows server and desktop operating systems.
  7. The client and server software must be fully compatible with Microsoft platforms installed on virtual machines using various commercial Hypervisor technology, including but not limited to VMware Horizon View, Microsoft Hyper-V, and Citrix. The client and server software must also be compatible with the JAWS (Job Access With Speech) screen reader running in a virtual environment with zero clients…”

Read more here.


This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 month, 2 weeks ago.

  • Author
  • #121043

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?