The General Services Administration (GSA) this month awarded initial task orders to four companies under a potential multi-billion dollar, multiple award contract announced last August that allows federal agencies to buy cyber security products and services from vendors.

The task orders, the first yet awarded under the Continuous Diagnostics and Mitigation (CDM) program, were let to Hewlett Packard [HPQ], Knowledge Consulting Group

(KCG), Northrop Grumman [NOC], and Technica.

HP received the lion’s share of the $60 million awarded for various products with $32 million. Northrop Grumman’s task order is for $15.8 million, KCG’s $8.5 million and Technica’s $3.8 million.

The purchases were made by the Department of Homeland Security (DHS), which oversees the protection of federal civilian computer networks. The actual federal agencies that will be licensing the products being acquired from the four vendors were not disclosed.

CDM is part of a government-wide effort to move from periodic checks of networks to continuous security. DHS and GSA last August announced the selection of 17 vendors eligible to sell products and services under the five-year, $6 billion CDM program to interested federal agencies. GSA provides the Blanket Purchase Agreements for agencies to order products from.

The initial task orders mean that the tap has begun to flow for orders under the program.

The orders also mean that the agencies acquiring the licenses will begin to close cyber vulnerabilities, Helen Kelly, Technica’s CDM program manager, tells HSR. Technica is providing Symantec’s [SYMC] endpoint protection and Altiris Software Management for Client under its initial task order, she says. Kelly adds that until the actual order comes in Technica won’t know who the end customer is.

The cyber products will help agencies provide sensors at all servers and desktops, allowing agencies to have a better understanding of the software and versions of software running on their networks, enabling more frequent security scans than is now the case, Kelly says.

Matt Brown, vice president of homeland security at KCG, says his company will be providing three products aimed an endpoint protection: McAfee ePolicyOrchestrator, McAfee Vulnerability Manager and McAfee VirusScan. KCG will also provider BDNA Normalize, which normalizes IT language throughout an enterprise and makes it easier to monitor changes.

McAfee is part of Intel [INTC].

In addition to federal agencies, state agencies are also eligible to purchase various cyber security products and services under the CDM program, facilitating wider deployments of security technology.