Installation Service Node Modernization (ISN-M)

Questions & Answers / Clarifications

This document provides responses to vendor questions regarding the ISN-M (Infrastructure Services Network - Modernization) opportunity, clarifying various aspects of the acquisition strategy, architecture, cybersecurity, integration, operations, and phasing.

• Acquisition Strategy: The Government is evaluating multiple contract vehicles (CSO, IDIQ, GWACs, ESAs, set-asides) and the final strategy will depend on market research. Pricing volatility is expected to be managed by the contractor, and offerors must derive their own Total Cost of Ownership (TCO) baseline, including specified cost categories.
• Architecture: Solutions can be hypervisor-agnostic, and the Government is interested in decoupling infrastructure from software to reduce vendor lock-in. A "common baseline" emphasizes standardized architecture and management, not necessarily identical hardware.
• Cybersecurity: Offerors should plan for full lifecycle ATO management. Adherence to RMF, DoD/Air Force policies, and DISA STIGs is mandatory. Existing ATOs are expected to be inherited, with the next renewal due October 2026.
• Operations & Support: A hybrid operating model (Government/contractor) is anticipated. 24/7 global support with cleared personnel is required. The contractor will manage solutions via the existing Government-provided Out-of-Band Management (OOBM) network.
• Migration & Phasing: The contractor is responsible for site surveys and migration planning. A phased implementation is expected, with the legacy system remaining operational during transition. "Migration" includes enabling Government migration of data, identity, and applications.

This Q&A document clarifies requirements and expectations, influencing how vendors should structure their proposals and technical approaches. It confirms that submission to the GSA MRAS RFI is not required, and responses can be submitted via SAM.gov or concurrently. Specific details regarding prototype awards and site prioritization are still being refined.

Request for Information (RFI)

This RFI is issued by the U.S. Air Force (USAF) to conduct market research for the Installation Service Node Modernization (ISN-M) initiative. The primary objective is to consolidate two disparate, physically and functionally separate network infrastructures (NIPR and SIPR) into a single, modern technical framework. The goal is to optimize performance, enhance security, improve reliability, and achieve cost savings.

The USAF currently operates separate NIPR and SIPR Installation Service Nodes (ISNs). The NIPR ISN is mature but has architectural differences due to a long fielding timeline, hindering standardization. The SIPR ISN recently evolved to a centrally managed enterprise service, revealing inconsistencies in ISN stack installation, configuration, and maintenance across the enterprise. This divergence creates operational overhead, complexity, and inefficient resource utilization, slowing modernization efforts.

The lack of a common technical foundation between NIPR and SIPR leads to significant inconsistencies. The future architecture aims to consolidate these into a centralized location at each installation, referred to as an Installation Service Node/Installation Processing Node (ISN/IPN).

High-level Operational View (OV-1) diagrams of the NIPR and SIPR ISN environments are available upon request (marked CUI). Requests must be emailed to the POC with the subject line "Request for ISN-M RFI OV-1 Diagrams" and include the company's full name and CAGE code. CUI documents will be transmitted via DoD SAFE.

• Questions Deadline: April 17, 2026, 3:00 PM EDT.

• Response Deadline: May 8, 2026, 3:00 PM EDT.

• Format: Single, searchable PDF document.

• Organization: Cover Page, Table of Contents, Executive Summary (1-2 pages), and Numbered Responses (restating questions).

• This RFI is for informational and planning purposes only and is not a solicitation.

• Responses are not offers and do not form a binding contract.

• No reimbursement for costs incurred.

• Not responding does not preclude future participation.

• Information is subject to change and not binding.

• The Government is considering various acquisition strategies, including FAR and non-FAR based approaches.

Ms. Kathleen Delgado, Contracting Officer, at kathleen.delgado@us.af.mil.

Includes sections on Company Information (Cage Code, address, POC, NAICS code, business size, facility clearance, SIPRNet accounts, FIPS experience, ownership, contract vehicles) and Technical Questions (company overview, experience with ISN modernization, similar projects, partnerships, IT modernization approach, network consolidation experience, pricing model, innovative services, OEM support, patching/STIGs, FIPS 140-2/140-3 certification).

Statement of Objectives (SOO)

This Statement of Objectives (SOO) outlines the goals for modernizing and aligning the Non-classified Internet Protocol Router (NIPR) and Secret Internet Protocol Router (SIPR) Installation Service Nodes (ISN). The aim is to create a unified, secure, and sustainable ISN solution that offers parity between the two infrastructures, enabling common baseline management.

The Air Force currently operates two separate NIPR and SIPR ISN infrastructures. This has led to inconsistencies in installation, configuration, and maintenance, increasing complexity. The proposed modernization seeks to align these stacks into a single, common architecture to optimize performance, enhance security, and reduce lifecycle costs through standardized procurement and management.

The government is considering a two-phased approach:

• Phase I: Potential use of a Commercial Solutions Opening (CSO) to award multiple contracts for prototype installations.
• Phase II: Following successful prototypes, a potential full and open competition for an Indefinite Delivery/Indefinite Quantity (IDIQ) contract vehicle for further development, fielding, testing, and scaling.

The scope covers the full lifecycle of a unified NIPR/SIPR ISN solution, including design, prototyping, testing, procurement, global installation, migration, and long-term sustainment. The solution must be scalable and capable of hosting core services, tenant software, and co-located hardware.

• Technical Solution: Deliver a comprehensive and innovative technical solution for ISN stacks supporting both NIPR and SIPR from a common baseline.

• Standardized Architecture: Design and implement a standardized architecture and common hardware/software baseline.

• Enhanced Security: Provide robust and secure solutions meeting or exceeding Department of War (DoW) cybersecurity requirements.

• Cost Reduction: Propose a methodology to establish the current Total Cost of Ownership (TCO) and demonstrate quantifiable TCO reduction.

• Consistent Technical Baseline: Develop and maintain a consistent baseline across both infrastructures.

• Remote Management: Components must be fully manageable via an Out-of-Band Management (OOBM) network.

• Sustainability: The solution must be sustainable long-term with a clear path for upgrades and scalability.

• Design: Utilize a modular, scalable architecture leveraging open standards to avoid vendor lock-in, aligning with modern Air Force initiatives (e.g., IaC, private/hybrid cloud).

• Core Services: Provide hosting for services like Active Directory, DNS, DHCP, File Services, Print Services, SolarWinds, Backup and Restore, PAM, MECM, ACAS, and ESS.

• Integration and Scalability: Design must be flexible for evolving enterprise capabilities and scalable for future growth, allowing seamless integration with services like Next Gen Gateway (NGG) and Zero-Trust (ZT) frameworks.

• Technical Data Package (TDP)

• Project Management Plan

• Integrated Master Schedule (IMS)

• System Design Document (SDD)

• Implementation and Transition Plan

• Test and Evaluation Plan & Report

• Demonstration of Solution Viability (functional prototype)

The government is seeking feedback on a Challenge-Based Acquisition (ChBA) approach with a prototype demonstration.

• Compliance with DoD and DoW policies, standards, and regulations.

• Maintain operational availability and integrity during transition.

• Scalability for future growth.

• Non-proprietary/open concept solution.

• Alignment with Cyber Security and Control System (CSCS) Weapon System CONOPS.

• Personnel must possess required security clearances and technical certifications.

• Utilize Government Furnished Software (GFE) or designated Air Force licensing offices where possible.

• Integrate with and adhere to Government Furnished Information (GFI) and Equipment (GFE).

• Maximize utilization of existing DoW Enterprise Software Initiative (ESI).

• Preferred configuration of 16-core CPUs, with TCO analysis required for alternatives.

• Seamless operation with Enterprise IT as a Service (EITaaS) Wave 1 contract, including compatibility with ACAS, MECM, and associate contractor collaboration.

• Deconfliction of responsibilities with associate contractors.

• Interaction with EITaaS for tickets and Asset tracking.

• System Up time/Availability

• Mean Time to Recovery (MTTR)

• Total Cost of Ownership (TCO)

• Infrastructure Footprint Reduction

• Security Incident Rate

• Time to Patch Critical Vulnerabilities

• Network Latency

• Remote Access Performance