Notice ID 28321321RI0000031
“The Social Security Administration (SSA) has a network of over 1,200 field offices. To better serve the public, the agency has deployed two major self-service technologies in almost all of its field offices: Self-Help Personal Computers (SHPCs) and Visitor Intake Process Rewrite (VIPR).”
“SSA will continue to use secure kiosk browser software running on the aforementioned virtual desktops for the VIPR and SHPC initiatives, and is seeking a supplier with a Chromium-based secure browser client. This software will replace an existing secure kiosk client currently based on the Internet Explorer browser. The secure kiosk browser solution’s licensing model must accommodate a specified number of active clients on these virtual desktops. There will be more virtual desktops than active sessions to provide high availability in the event that some virtual machines are inaccessible as a result of a hardware failure. There are a mirror set of virtual machines created in an alternate data center to allow failover in the event of a loss of the primary data center. A fixed number of physical end user devices have been deployed nationally, which dictates the maximum number of active sessions possible.
The government has implemented this solution in two separate data centers for high availability and redundancy. One data center is active with the secondary data center serving as a hot standby. It is expected that two or more servers and corresponding database replicas associated with the secure kiosk browser solution would be required in each location for redundancy to provide management, monitoring, reporting, license registration and other server-based functions that are required to support the clients. The same clients/licenses will be used in both data centers. Clients are normally directed to only the primary data center. In the event of a loss of the primary data center, clients are directed to the secondary data center.”
“The Contractor shall provide a comprehensive kiosk secure Chromium-based browser software solution including client, server, database, and support services for Self-Help Personal Computers (SHPC) and Visitor Intake Process Rewrite (VIPR) units at SSA Field Offices. This software will replace an existing secure kiosk browser solution currently used for both SHPC and VIPR. The agency will use the software to provide a pool of virtual machines running on an internal Virtual Desktop Infrastructure (VDI) environment to satisfy various kiosk project requirements including but not limited to the SHPC and VIPR initiatives.
Mandatory Technical Requirements
- The solution must provide the means for clients to be centrally managed, centrally monitored, and rapidly deployed.
- The solution must include the ability to remotely monitor and assess kiosk usage for management personnel.
- The solution must provide a means to register each physical endpoint during the first use and retain that that registration in a database for subsequent sessions. The physical endpoints are zero clients with unique MAC addresses. The operating system identifiers running on the VDI virtual machines cannot be used because the agency uses VDI clones for the client sessions. These virtual machines are not persistent; physical endpoints connect to a random virtual machine from a pool of machines, therefore, any local virtual machine identification information is not retained and is not exclusive to a given physical zero client. Using a MAC address identifier is the preferred method of client identification, but similar identifier methods are acceptable. The agency currently utilizes secure kiosk browser software that acquires the MAC address via VMware Horizon Agent. The agent provides the following registry value to distinguish between physical endpoints: HKEY_CURRENT_USER\Volatile Environment. String value:
- The solution must provide heartbeat functionality to determine the health of each kiosk.
- The solution must provide the ability to deploy configuration changes from a management server to the kiosk clients.
- The solution must provide client and server software that is compatible with VMware virtual machines running the Microsoft Windows 10 Enterprise and Microsoft Windows Server 2016 Datacenter/Microsoft Windows Server 2019 Datacenter operating systems respectively and it must continue to be compatible with future feature updates and patches of these platforms. The solution must also provide updates to its software to maintain compatibility with forthcoming Microsoft Windows server and desktop operating systems.
- The client and server software must be fully compatible with Microsoft platforms installed on virtual machines using various commercial Hypervisor technology, including but not limited to VMware Horizon View, Microsoft Hyper-V, and Citrix. The client and server software must also be compatible with the JAWS (Job Access With Speech) screen reader running in a virtual environment with zero clients…”