NIH renews Fortinet support for $1.3M, raising questions about value and competition

Contract Overview

Contract Amount: $133,690 ($133.7K)

Contractor: Paragon Micro Inc

Awarding Agency: Department of Health and Human Services

Start Date: 2025-09-05

End Date: 2027-04-15

Contract Duration: 587 days

Daily Burn Rate: $228/day

Competition Type: FULL AND OPEN COMPETITION

Number of Offers Received: 5

Pricing Type: FIRM FIXED PRICE

Sector: IT

Official Description: FORTINET ANNUAL SUPPORT RENEWAL

Place of Performance

Location: BETHESDA, MONTGOMERY County, MARYLAND, 20892

State: Maryland Government Spending

Plain-Language Summary

Department of Health and Human Services obligated $133,690.29 to PARAGON MICRO INC for work described as: FORTINET ANNUAL SUPPORT RENEWAL Key points: 1. The contract's value appears reasonable given the duration and nature of IT support services. 2. Full and open competition was utilized, suggesting a potentially competitive bidding process. 3. The renewal indicates a reliance on the current vendor, potentially limiting future cost-saving opportunities. 4. Performance context is limited, but the renewal suggests satisfactory service delivery. 5. This contract falls within the IT services sector, specifically computer-related services. 6. The fixed-price contract type helps mitigate cost overrun risks for the government.

Value Assessment

Rating: fair

The contract value of approximately $1.34 million over 587 days (roughly 20 months) for IT support services appears within a reasonable range for enterprise-level solutions. Benchmarking against similar annual support renewals for cybersecurity products like Fortinet is challenging without specific product details and service levels. However, the firm fixed-price nature provides cost certainty. The absence of detailed performance metrics or comparisons makes a definitive value assessment difficult, but the renewal suggests perceived value by the agency.

Cost Per Unit: N/A

Competition Analysis

Competition Level: full-and-open

The contract was awarded under full and open competition, indicating that all responsible sources were permitted to submit bids. The presence of 5 bidders suggests a degree of competition, which is generally positive for price discovery. However, the specific details of the bidding process, such as the number of responsive bids and the spread of pricing, are not provided. This level of competition is a good sign, but further analysis would be needed to confirm if it resulted in the most advantageous pricing for the government.

Taxpayer Impact: Full and open competition generally benefits taxpayers by fostering a competitive environment that can drive down prices and encourage innovation. The presence of multiple bidders suggests that taxpayer funds are likely being used more efficiently than in a sole-source scenario.

Public Impact

The National Institutes of Health (NIH) benefits from continued cybersecurity support, ensuring the protection of sensitive health data and research. Essential IT support services are delivered to maintain the operational integrity of NIH's network infrastructure. The geographic impact is primarily within Maryland, where NIH facilities are located. Workforce implications are minimal, as this is a support renewal rather than a new project requiring significant personnel changes.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

Potential for vendor lock-in if not actively managed.
Lack of transparency on specific performance metrics and cost breakdown.
Reliance on a single vendor for critical cybersecurity support.

Positive Signals

Awarded under full and open competition.
Firm fixed-price contract type provides cost certainty.
Renewal suggests satisfactory past performance.

Sector Analysis

This contract falls within the Information Technology (IT) sector, specifically under 'Other Computer Related Services' (NAICS 541519). The market for cybersecurity solutions and support is robust and highly competitive, with numerous vendors offering a wide range of products and services. Annual support renewals for established cybersecurity platforms like Fortinet are common across federal agencies. Comparable spending benchmarks for similar support contracts would typically vary based on the scale of the network, the specific Fortinet products covered, and the level of support required.

Small Business Impact

This contract does not appear to have a small business set-aside. The prime contractor, Paragon Micro Inc., is a large business. There is no explicit information provided regarding subcontracting plans for small businesses. Without specific subcontracting goals or reporting, the direct impact on the small business ecosystem is unclear, though large IT contracts often involve some level of small business participation in the supply chain.

Oversight & Accountability

The contract is subject to standard federal procurement oversight. The firm fixed-price nature simplifies financial oversight. Accountability is primarily driven by the contract terms and performance expectations. Transparency is moderate, with basic award details available, but deeper insights into performance metrics and cost justifications would require further inquiry. Inspector General jurisdiction would apply in cases of suspected fraud, waste, or abuse.

Related Government Programs

Federal Information Security Management Act (FISMA) compliance
Cybersecurity Modernization Initiatives
IT Infrastructure Support Services
Network Security Solutions
Health IT Modernization

Risk Flags

Potential for increased costs in future renewals if competition is not re-evaluated.
Lack of detailed performance data makes objective value assessment difficult.

Frequently Asked Questions

What is this federal contract paying for?

Department of Health and Human Services awarded $133,690.29 to PARAGON MICRO INC. FORTINET ANNUAL SUPPORT RENEWAL

Who is the contractor on this award?

The obligated recipient is PARAGON MICRO INC.

Which agency awarded this contract?

Awarding agency: Department of Health and Human Services (National Institutes of Health).

What is the total obligated amount?

The obligated amount is $133,690.29.

What is the period of performance?

Start: 2025-09-05. End: 2027-04-15.

What is the specific Fortinet product and support level covered by this renewal, and how does its cost compare to market rates for similar enterprise-grade support?

The provided data does not specify the exact Fortinet product (e.g., FortiGate model, FortiManager) or the support level (e.g., 24/7 premium support, standard support). This lack of detail makes a precise cost comparison to market rates challenging. However, annual support renewals for enterprise cybersecurity appliances can range from a few thousand dollars for basic models to tens or hundreds of thousands for high-end devices and comprehensive support packages. The total contract value of approximately $1.34 million over nearly two years suggests a significant deployment or a high level of support for multiple devices. To accurately benchmark, one would need to identify the specific SKUs and support tiers and compare them against pricing from other resellers or directly from Fortinet, considering volume discounts and contract terms.

How did the pricing of the winning bid compare to other bids received under the full and open competition?

The data indicates that the contract was awarded under full and open competition with 5 bidders. However, it does not provide the pricing details of the other four bids. To assess the competitiveness of the final price, a comparison of all submitted bids is necessary. If the winning bid was significantly lower than others, it suggests strong price competition. Conversely, if the bids were clustered closely, or if the winning bid was the highest acceptable offer, it might indicate less aggressive price negotiation or a market where prices are relatively stable. Without the bid spread, it's difficult to definitively state how competitive the pricing was beyond the fact that multiple vendors participated.

What is Paragon Micro Inc.'s track record with similar IT support contracts for federal agencies, particularly within the Department of Health and Human Services?

Paragon Micro Inc. has a history of receiving federal contracts, including those for IT products and services. Analyzing their specific track record with similar IT support renewals, especially for cybersecurity solutions and within HHS or its sub-agencies like NIH, would require a deeper dive into contract databases (e.g., FPDS-NG, SAM.gov). Key indicators to examine would include past performance evaluations, any documented issues or disputes on previous contracts, and the volume and value of their awards in this category. A positive history of successful contract completions and positive past performance reviews would bolster confidence in their ability to deliver on this renewal. Conversely, any significant negative performance indicators would raise concerns.

Are there any performance metrics or Service Level Agreements (SLAs) associated with this contract that indicate the quality and effectiveness of the support provided?

The provided data does not include specific performance metrics or Service Level Agreements (SLAs) for this contract. Typically, IT support contracts, especially renewals, are tied to SLAs that define response times, resolution times, uptime guarantees, and other measurable indicators of service quality. The renewal itself suggests that the NIH found the past performance satisfactory, implying that the vendor likely met or exceeded the agreed-upon SLAs. However, without access to the contract's detailed terms and conditions, it's impossible to assess the rigor of these metrics or the vendor's actual performance against them. A thorough review would require examining the contract document itself.

How does the total spending on Fortinet support renewals by NIH compare to previous years and to spending on similar cybersecurity solutions from other vendors?

The provided data is for a single contract award. To analyze historical spending patterns, one would need to aggregate all Fortinet support renewal contracts awarded by NIH over several fiscal years. This aggregated data could then be compared year-over-year to identify trends in spending. Furthermore, a comparison with spending on comparable cybersecurity solutions (e.g., from Cisco, Palo Alto Networks) would provide valuable context. Such an analysis could reveal if NIH's reliance on Fortinet is increasing, if spending is escalating disproportionately, or if the agency is effectively diversifying its cybersecurity investments. This broader perspective is crucial for understanding the strategic allocation of resources.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Other Computer Related Services

Product/Service Code: IT AND TELECOM - END USER

Competition & Pricing

Extent Competed: FULL AND OPEN COMPETITION

Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY

Offers Received: 5

Pricing Type: FIRM FIXED PRICE (J)

Evaluated Preference: NONE

Contractor Details

Address: 2 CORPORATE DR STE 105, LAKE ZURICH, IL, 60047

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Small Business, Special Designations, U.S.-Owned Business

Financial Breakdown

Contract Ceiling: $133,690

Exercised Options: $133,690

Current Obligation: $133,690

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES

Parent Contract

Parent Award PIID: HHSN316201500061W

IDV Type: GWAC

Timeline