Active Solicitation · DEPARTMENT OF STATE

    SOLICITATION FOR PALO ALTO PA-455 IPS OR COMPATIBLE FOR EMBASSY TBILISI, WRAIR

    DEPARTMENT OF STATE
    Sol. 19GG8026Q0026Combined Synopsis/SolicitationWASHINGTON, DC
    Open · 15d remaining
    DAYS TO CLOSE
    15
    closes Jul 28, 2026
    POSTED
    Jul 14, 2026
    Publication date
    NAICS CODE
    334516
    Primary industry classification
    PSC CODE
    6640
    Product & service classification

    AI Summary

    The U.S. Embassy in Tbilisi is seeking a contractor to provide a Palo Alto PA-455 IPS or compatible device. This opportunity is a fixed-price contract that includes door-to-door transportation to the embassy. Interested bidders should ensure compliance with the specified hardware and performance characteristics outlined in the solicitation.

    Contract details

    Solicitation No.
    19GG8026Q0026
    Notice Type
    Combined Synopsis/Solicitation
    Posted Date
    July 14, 2026
    Response Deadline
    July 28, 2026
    NAICS Code
    334516AI guide
    PSC / Class Code
    6640
    Issuing Office
    U.S. EMBASSY TBILISI
    Primary Contact
    Anna Kosinska
    State
    DC
    ZIP Code
    20520
    AI Product/Service
    product

    Description

    The contractor shall provide Palo Alto PA-455 IPS or compatible to US Embassy Tbilisi WRAIR office. The contract type will be a fixed price contract. The price listed below shall door-to-door transportation cost to US Embassy Tbilisi, 29 Georgian American Friendship Ave. Tbilisi 0131, Georgia.  .

    Minimum Essential Characteristic (MEC) for Palo Alto PA-455 IPS or Compatible

    Hardware specifications

    • 1G SFP/RJ45 combo (2), 1G RJ45 (2), 1G RJ45/PoE (4)
    • Management port 10/100/1000 out-of-band management port (1), RJ45 console port (1), USB port (2), Micro USB console port (1)
    • Storage Capacity 128 GB eMMC
    • Trusted Platform Module (TPM) Integrated with TPM for secure boot, hardware root of trust, and securing system secrets.
    • Power Over Ethernet (PoE) PoE 1G RJ45 ports (4) Total PoE Budget: 91 W Maximum loading on a single port: 60 W
    • Average Power Consumption: 32.6 W, Max Power Consumption: 41.3W
    • Max BTU/hr:205
    • Input Voltage (Input Frequency): 100-240 VAC (50–60 Hz)
    • Max Current Consumption: 5 A @ 12 VDC
    • Max Inrush Current: 4.4 A
    • Dimensions: 1.7" H x 9.4" D x 15.4" W

    Performance and Capacities

    • Firewall throughput 3.3 Gbps
    • Threat Prevention throughput 2.1 Gbps
    • IPsec VPN throughput 1.7 Gbps
    • Max concurrent sessions 300,000
    • New sessions per second 48,000
    • Virtual systems (base/max) 1/5

    Networking Features

    • Interface Modes: L2, L3, tap, virtual wire (transparent mode)
    • Routing: OSPFv2/v3 with graceful restart, BGP with graceful restart, RIP, static routing, Policy-based forwarding, Point-to-Point Protocol over Ethernet (PPPoE), Multicast: PIM-SM, PIM-SSM, IGMP v1, v2, and v3
    • SD-WAN: Path quality measurement (jitter, packet loss, latency), Initial path selection (PBF), Dynamic path change
    • IPv6: IPv6 L2, L3, tap, virtual wire (transparent mode), ) Features: App-ID, User-ID, Content-ID, Wildfire, and SSL decryption, SLAAC
    • IPsec VPN: Key exchange: manual key, IKEv1 and IKEv2  (pre-shared key, certificate-based authentication), Encryption: 3des, AES (128-bit, 192-bit, 256-bit), Authentication: MD5, SHA-1, SHA-256, SHA-384, SHA-512
    • VLANS: 802.1Q VLAN tags per device/per interface: 4,094/4,094, Aggregate interfaces (802.3ad), LACP

    Security and Connectivity Features

    • Embeds machine learning (ML) in the core of the firewall to provide inline signatureless attack prevention for file-based attacks while identifying and immediately stopping never-before-seen phishing attempts.
    • Leverages cloud-based ML processes to push zero-delay signatures and instructions back to the NGFW.
    • Uses behavioral analysis to detect internet of things (IoT) devices and make policy recommendations; is a cloud-delivered and natively integrated service on the NGFW.
    • Automates policy recommendations that save time and reduce the chance of human error.
    • Identifies and Categorizes All Applications, on All Ports, All the Time, with Full Layer 7 Inspection
    • Enforces Security for User Devices Anywhere While Adapting Policies Based on User Activity
    • Prevents Malicious Activity Concealed in Encrypted Traffic
    • Offers Centralized Management and Visibility
    • Offers AI-Powered Unified Management and Operations with Strata Cloud Manager
    • Cloud-Delivered Security Services Powered by Precision AI:
      • Service:
            • Advanced Threat Prevention: Stop known and unknown exploits, malware, spyware, and command-and-control (C2) threats, including 60% more injection attacks and 48% more highly evasive C2 traffic than traditional IPS solutions with industry-first zero-day attack prevention
            • Advanced Wildfire: Ensure safe access to files with the industry’s largest malware prevention engine, stopping up to 22% more unknown malware and turning detection into prevention 180X faster than competitors.
            • Advanced URL Filtering: Ensure safe access to the web and prevent 40% more threats in real time than traditional filtering databases with industry-first prevention of known and unknown phishing attacks, stopping up to 88% of malicious URLs at least 48 hours before competitors.
            • Advanced DNS Security: Protect your DNS traffic and stop advanced DNS-layer threats, including DNS hijacking, all in real time with 2X more DNS-layer threat coverage than competitors
            • Next-Generation CASB: Discover and control all SaaS consumption in your network with visibility into 60,000+ SaaS apps and protect your data with 28+ API integrations.
            • IoT Security: Secure your blind spots and protect every connected device unique to your vertical with the industry’s most comprehensive Zero Trust solution for IoT devices, discovering 90% of devices within 48 hours.
          • Delivering a Unique Approach to Packet Processing with Single-Pass Architecture
          • Enables SD-WAN Functionality

    Key dates

    1. July 14, 2026Posted Date
    2. July 28, 2026Proposals / Responses Due

    AI search tags

    Frequently asked questions

    SOLICITATION FOR PALO ALTO PA-455 IPS OR COMPATIBLE FOR EMBASSY TBILISI, WRAIR is a federal acquisition solicitation issued by DEPARTMENT OF STATE. Review the full description, attachments, and submission requirements on SamSearch before the response deadline.

    SamSearch Platform

    Stop searching. Start winning.

    AI-powered intelligence for the right opportunities, the right leads, and the right time.