Multiple Companies Protest $1.6 Billion Pentagon Contract

Several companies have filed bid protests over the Defense Information Systems Agency’s recent $1.6 billion Defense Departmentwide licensing agreement with VMware.

Since Feb. 19, Amazon Web Services, Citrix, Nutanix and Minburn Technology Group, a Microsoft reseller, have filed formal bid protests with the Government Accountability Office on the DISA joint enterprise license agreement with VMware, citing an overly broad agreement that stifles competition.

Based on the contracting language, the bid protesters also contend the contract re-up is an improper sole-source request for cloud services that would give VMware an unfair advantage competing for DOD’s growing cloud demand.

So many vendors responded to the Feb. 9 solicitation that the government requested additional time to respond to questions received Feb. 19, suggesting the feedback received was highly contentious.

None of the protesting vendors contacted by Nextgov offered comment, nor did VMware.

While DOD wants physical separation for its classified data, it has been forging ahead with its cloud strategy in an effort to formulate processes for hosting unclassified data in cloud environments. One of the barriers to entry to win cloud contracts in DOD is achieving compliance under the Federal Risk and Authorization Management Program, the government’s standardized cloud computing security requirements.

VMware achieved that feat in early February and because of its success in the virtualization market, VMware figures to be a big player in the growing federal cloud market, which could reach $7.3 billion in 2015.

Yet, the license agreement in question – which calls for “required software support on the existing perpetual licenses and additional licensing” for over 2 million VMware licenses – also requests cloud services. The agreement appears to skirt DISA’s current security requirements guide, which require cloud service providers to be vetted against risk-based standards that increase with rigor as the sensitivity of DOD data does.

One of two things is likely to happen as a result of the uproar. Sources within DISA said the the agreement could be pulled back and tweaked, which seems the most likely scenario.

The other option would be for DISA to push forth, which will result in GAO rendering a decision in the bid protest. GAO has 100 days from a bid protest filing to make a decision.

(Image via brainpencil / Shutterstock.com)