Annexure 7.4 Technical Specification Ver 6.0

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.
4 (T ECHNICAL SPECIFICATIONS)
A. REQUIR EMEN TS
1.1 REQUIREMENTS TO BE MET BY THE SYSTEM
The generalized requirements for the new systems to be implemented, but not limited to, can be summarized as follows: The application system should primarily work in centralized architecture. However, essential data should be replicated at the central server. The system should allow both interactive and the batch work modes depending on the type of modules. The application design and construction should take into account the network infrastructure availability, as per the proposed solution by the bidder. Incorporation of Multi-tier architecture in the centralized solution. Development and Integration of portal & new system with existing and upcoming FCS applications and systems. Ensuring quality in all the activities carried out during the development/ customization, documentation, testing, implementation, maintenance etc. of the system. The bidder would also be required to provide FCS with approach for quality related activities. The bidder MUST provide the quality records related to deliverables of the project e.g. review reports, defect density, effort and schedule slippage etc. Taking care of the configuration management i.e. version control of all the deliverables, where applicable. Considering that most of the documents of FCS are in Hindi, the application system MUST cater to the Hindi language requirements of FCS and as per existing policies and procedures. The fields of application system can be bilingual (both English and Hindi) depending upon the design of the application system. Where it is not possible due to technical reasons to have Hindi User Interface, the bidder MUST propose an alternative means of converting English text to Hindi and vice-versa, so that appropriate reports can be generated for use by the department.
RFP for appointment of Vendor for Distribution Mechanism for PDS
44
FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)
OVERVIEW OF PROPOSED SOLUTION Proposed Solution The proposed portal architecture for FCS shall comprise of the following components: 1) 2) 3) 4) 5) Database Servers Application Servers Portal Engine Load balancing Routers (Hardware) MIS and Other applications Servers
The details of the above mentioned components are provided in the subsequent sections of this document. TECHNICAL SPECIFICATIONS 2.0 2.0.1 TECHNICAL REQUIREMENTS Language Support: All information technologies must provide support for the English and/or Hindi language .Specifically; all display technologies and software must support the ISO character set and perform sorting. The application system MUST be Unicode Compliant. Dates: All information technologies MUST properly display, calculate, and transmit date data, including, but not restricted to 21stCentury date data. . Electrical Power: All active (powered) equipment must operate on voltage range and frequency range, 220v +/- 20v, 50Hz +/- 2Hz. All active equipment must include power plugs standard in India. Environmental: Unless otherwise specified, all equipment must operate in environments of. 10-45 degree centigrade, 20-90 percent relative humidity, and 0-40 grams per cubic meter of dust.
2.0.2 2.0.3 2.0.4 2.0.5
Safety: 2.0.5.1 Unless otherwise specified, all equipment must operate at noise levels no greater than 55 decibels. RFP for appointment of Vendor for Distribution Mechanism for PDS 45
2.0.5.2 All electronic equipment that emits electromagnetic energy must be certified as meeting, US FCC- class B and UL or equivalent, emission standards. 2.1 DATA CENTER (DC) AT HEAD OFFICE & DISASTER RECOVERY SITE (DR)
2.1.1 Data Center (DC) At Head Office: The vendor has to supply, install, configure and maintain the systems at the same location at the data center and disaster recovery site as decided by the FCS. FCS will provide the space, ac power & backup (generator only), physical security, fire detection and control and vendor need to provide racks, security, bandwidth, networking & networking equipments (firewall, router, etc) & remote access. It would be the vendors responsibility to meet the SLA requirements as defined in this RFP. The proposed FCS overall data center architecture appears as shown in the following diagram on next page.
46
2 Mbps LL
ISP-2 Leased Line Modems
Internet Links 2 Mbps LL ISP-1
Router
Internet
Router Load Balancer
External Segment WAN Links For DR Site (2 Mbps or above) Modems

Routers Firewall with SSL VPN in HA Mode
10/100 Mbps
DMZ WAN
Web Server
SAN
Core Switches in HA Mode Internal Network
FCIP Gateway LTO Tape Autoloader
1/10 Gbps
Application Server (Cluster)
Database Server
Backup Directory or RADIUS Server Server
FC for Disk RFP for appointment of Vendor for Distribution Mechanism SAN PDS Array
FC SAN Switch
47
WAN Links will terminate on core router and it will configure for failover via HSRP (Hot Stand by routing Protocol or GLBP (Gateway Load Balancing Protocol). Two Firewalls configured in HA (High Availability) mode, which could act as web SSL, IPS, VPN and firewall unit. Firewall will be connected to core switches. The core switches will be running HSRP to eliminate single point of failure. The switches that are used for connectivity to the servers will be configured in transparent mode to introduce a level of security and isolate them from the user segment. The users will connect to an access switch as shown. All uplinks from user segment and the server access switch to the core switches will be a fiber Gigabit connection. All servers will be placed under server farm for centralized access and maintenance. Internal LAN would be segregated through different VLAN or subnet. Wide-Area Network WAN Router for Data Center Function The WAN router is responsible for connecting Primary Data center with the DR site. The interface offered in the equipment should match with the interface provided by service provider. Router Architecture i. Architecture should be based on high speed CPU with high port densities ii. Router should be single box configuration and modular so that the for the flexibility to use appropriate choice of interfaces as and when required iii. Router shall have minimum two spare interface slots after accommodating required interfaces, for future expandability. iv. Router should support standard interfaces such as E3, Ch-E3, Ch-E1, 1000BaseSX, 1000Base LX, 1000Base TX, ISDN PRI, Fast Ethernet and Gigabit Ethernet. Router should support these interfaces at the time of bidding. v. Router should be capable of functioning as the Customer Premise Equipment (CPE) for MPLS VPN networks. Router Hardware i. Should be compact rack mountable chassis ii. Health LED for all modules to indicate operational status of the module iii. The router must support the flash file system to easily store and load multiple images. iv. Router must have minimum of 256MB expandable to 512 MB flash memory. v. Should ensure storage of multiple router software images. vi. Router must have minimum of 1GB DRAM. vii. Extensive debugging capabilities to assist in hardware problem resolution RFP for appointment of Vendor for Distribution Mechanism for PDS
48
High Availability i. Redundant AC Power Supply Unit ii. Capability to support redundant CPU / routing engine for High Availability iii. Hot swappable control and individual Interface Modules/ Online Insertion and removal of individual interface cards / modules iv. Support for Virtual router redundancy protocol (VRRP) (RFC 3768) or equivalent v. Router software must have on line reconfiguration facilities to ensure that the changes made to its configuration take place with immediate effect vi. Link aggregation using LACP as per IEEE 802.3ad vii. It must be possible to fast boot the router to ensure that software updating can be done with minimum network down time. viii. High Mean Time Between Failure values should be available to ensure long life of router hardware. ix. Configuration changes should be done without rebooting the router or modules. Router Performance i. Shall support dual CPU configuration with distributed forwarding ii. State-full switch-over so that forwarding performance of the router shall not be impacted due to one CPU failure. iii. Shall have performance enhancement through hardware based acceleration of IP Services like GRE tunneling or equivalent IEEE standard, ACLs, IPSEC VPNs, Firewall , NAT or equivalent. iv. Shall support multiple physical WAN links into single logical interfaces, to increase bandwidth. v. Shall support load balancing across multiple unequal WAN links to the same destination network. vi. Shall have packet forwarding rate of 2 Mpps @ 64 byte packets per second or more on single chassis. vii. Shall have 2 Gbps back plane or higher. Router Interface Requirement i. E3 2 Nos ii. Ch-E1 2 Nos iii. E1 2 Nos iv. 10/100/1000 Mbps Ethernet Port 2 Nos v. ISDN PRI (Can be Internal or External) 2 Nos Router Protocol i. RIPv1 (RFC 1058) ii. RIPv2 (RFC 2453) iii. OSPF v2 (RFC 2328) iv. BGP v4 (RFC 1771) Quality of Service (QoS) RFP for appointment of Vendor for Distribution Mechanism for PDS
49
i. ii. iii. iv. v.
Traffic Conditioning: A class-based scheduling/queuing mechanism that provides configurable minimum bandwidth allocation to each class for assigning priority to critical traffic. RSVP: Resource Reservation Protocol (RSVP) as per RFC 2205 Policy Routing support: It shall be possible to affect the normal routing process for specific mission critical traffic through specified alternate routes in the network. The router should be able to recognize applications, including Web-based and other difficult-to-classify protocols that use dynamic TCP/UDP port assignments. When an application is recognized and classified by router, a network can invoke services for that specific application. Support for Per VLAN QoS
Debug, Alarms & Diagnostics i. Support for monitoring of traffic flows for network planning and security purposes. ii. Display of input and output error stats on all interfaces. iii. Display of Dynamic Arp table. iv. Display of physical layer line status signals like DCD, DSR, DTR, RTS, CTS on all serial interfaces. v. Trace-route, Ping and extended Ping. vi. Should have extensive support for SLA monitoring for metrics like delay, latency, jitter and packet loss. Management i. The router should be manageable from any open management systemo. ii. Shall have support for Web based/GUI based management, FTP/TFTP, CLI, Telnet and SNMP/SNMPv3 and RMON. iii. Shall support Secure Shell. iv. Shall support out of band management through Console and external modem for remote management. v. The router shall support Network Time Protocol (NTP) (RFC 1305). Security i. IPSEC with 3DES/AES encryption ii. GRE Tunneling or equivalent iii. IPSEC (Site-to-Site) and Remote Access. iv. MD-5 route authentication for RIP, OSPF, IS-IS and BGP v. SSHv2. vi. Logs (access and service). vii. Access Control Lists (ACL) / IP Access list to limit Telnet and SNMP access to router. viii. AAA support using Radius and/or TACACS. ix. NTP with authentication features. RFP for appointment of Vendor for Distribution Mechanism for PDS 50
x. xi.
CHAP authentication for P-to-P links. DoS/DDoS protection.
Internet Router for Data Center Function The Internet router at Data Center is responsible for providing connection to the Internet Service Provider. Two routers load balanced in High Availability configuration provide internet connectivity. The interface offered in the equipment should match with the interface provided by service provider. Router Architecture i. Architecture should be based on high speed CPU. ii. Router should be single box configuration and modular so that the for the flexibility to use appropriate choice of interfaces as and when required iii. Router shall have minimum one spare interface slots after accommodating required interfaces, for future expandability. iv. Router should support standard interfaces such as E1, Fast Ethernet and Gigabit Ethernet. Router should support these interfaces at the time of bidding. Router Hardware i. Should be compact rack mountable chassis ii. Health LED for all modules to indicate operational status of the module iii. The router must support the flash file system to easily store and load multiple images. iv. Router must have minimum of 128MB expandable to 256 MB flash memory. v. Should ensure storage of multiple router software images. vi. Router must have minimum of 512 DRAM. vii. Extensive debugging capabilities to assist in hardware problem resolution High Availability i. Redundant AC Power Supply Unit ii. Hot swappable control and individual Interface Modules/ Online Insertion and removal of individual interface cards / modules iii. Support for Virtual router redundancy protocol (VRRP) (RFC 3768) or equivalent iv. Router software must have on line reconfiguration facilities to ensure that the changes made to its configuration take place with immediate effect v. Link aggregation using LACP as per IEEE 802.3ad vi. It must be possible to fast boot the router to ensure that software updating can be done with minimum network down time. vii. High Mean Time Between Failure values should be available to ensure long life of router hardware. RFP for appointment of Vendor for Distribution Mechanism for PDS 51
viii.
Configuration changes should be done without rebooting the router or modules.
Router Performance i. Shall support dual CPU configuration with distributed forwarding ii. Shall support load balancing across multiple unequal WAN links to the same destination network. iii. Shall have packet forwarding rate of 500 Kbps @ 64 byte packets per second or more on single chassis. iv. Shall have 2 Gbps back plane or higher. Router Interface Requirement i. ISDN - PRI 2 Nos ii. 10/100/1000 Mbps Ethernet Port 2 Nos Router Protocol i. RIPv1 (RFC 1058) ii. RIPv2 (RFC 2453) iii. OSPF v2 (RFC 2328) iv. BGP v4 (RFC 1771) Quality of Service (QoS) i. Traffic Conditioning: A class-based scheduling/queuing mechanism that provides configurable minimum bandwidth allocation to each class for assigning priority to critical traffic. ii. RSVP: Resource Reservation Protocol (RSVP) as per RFC 2205 iii. Policy Routing support: It shall be possible to affect the normal routing process for specific mission critical traffic through specified alternate routes in the network. iv. Support for Per VLAN QoS Debug, Alarms & Diagnostics i. Support for monitoring of traffic flows for network planning and security purposes. ii. Display of input and output error stats on all interfaces. iii. Display of Dynamic Arp table. iv. Display of physical layer line status signals like DCD, DSR, DTR, RTS, CTS on all serial interfaces. v. Trace-route, Ping and extended Ping. vi. Should have extensive support for SLA monitoring for metrics like delay, latency, jitter and packet loss. Management RFP for appointment of Vendor for Distribution Mechanism for PDS
52
i. ii. iii. iv. v.
The router should be manageable from any open Management system platform. Shall have support for Web based/GUI based management, FTP/TFTP, CLI, Telnet and SNMP/SNMPv3 and RMON. Shall support Secure Shell. Shall support out of band management through Console and external modem for remote management. The router shall support Network Time Protocol (NTP) (RFC 1305).
Security i. IPSEC with 3DES/AES encryption ii. GRE Tunneling or equivalent iii. IPSEC (Site-to-Site) and Remote Access. iv. MD-5 route authentication for RIP, OSPF, IS-IS and BGP v. SSHv2. vi. Logs (access and service). vii. Access Control Lists (ACL) / IP Access list to limit Telnet and SNMP access to router. viii. AAA support using Radius and/or TACACS. ix. NTP with authentication features. x. CHAP authentication for P-to-P links. xi. DoS/DDoS protection.
Local Area Network(S): Core Switch for Data Site Function Core switch at the Primary Data Center acts as Core/Distribution layer and provides aggregation of server farm and user access switches. It provides multilayered, high speed scalable and fault tolerant connectivity to various access layers. Performance The suggested core switch should have features as under: i. High back plane speed (30 GBPS or more) ii. The forwarding rate should be 20 Mbps or more. High Availability i. Redundant Power Supplies RFP for appointment of Vendor for Distribution Mechanism for PDS
53
ii. iii. iv. v. vi. vii. viii. ix. x.
Hot swappable control and individual Interface Modules/ Online Insertion and removal of individual interface cards / modules. Switching engine: The switch should have capability to support redundant Control Modules. The switching & routing performance claimed on the chassis should not degrade with failure of switching/routing engine module. The switch should support server load balancing internally or with third party boxes /products. Shall support Non-Stop forwarding with State-full Switch Over, allows packet forwarding to continue until route re-convergence is complete. Shall support multiple storage of multiple images and configurations Shall support link aggregation using LACP (IEEE 802.3ad). On power up the platform should use built-in system monitoring & diagnostics before going online to detect failure of hardware. Switch should support 10 G ports. Switch Port requirement: 10/100/1000 Mbps port 48 Nos 1000 Base SX port 16 Nos
Layer 2 Features i. Layer 2 switch ports ii. IEEE 802.1Q VLAN encapsulation iii. Support for VLANs. iv. Dynamic Trunking Protocol (DTP) or equivalent. v. VLAN Trunking Protocol or equivalent. vi. Multiple Spanning Tree (802.1s) vii. Rapid Spanning Tree Protocol (802.1w) viii. Port Trunking technology across line cards Layer 3 Features i. Hot Standby Routing Protocol (HSRP)/VRRP (RFC 3768) or equivalent ii. IPv6 support in hardware iii. Static IP routing. iv. IP routing protocols OSPF v2 (RFC 2328) RIP v1 (RFC 1058) and v2 (RFC 2453) BGP v4 (RFC 1771) v. Internet Control Message Protocol (ICMP) support vi. ICMP Router Discovery Protocol Standards RFP for appointment of Vendor for Distribution Mechanism for PDS
54
i. ii. iii. iv. v. vi. vii. viii. ix. x. xi. xii. xiii. xiv.
Ethernet: IEEE 802.3, 10BASE-T Fast Ethernet: IEEE 802.3u, 100BASE-TX, 100BASE-FX. Gigabit Ethernet: IEEE 802.3z, 802.3ab 10 Gigabit: IEEE 802.3ae IEEE 802.1D Spanning-Tree Protocol IEEE 802.1w rapid reconfiguration of spanning tree IEEE 802.1s multiple VLAN instances of spanning tree IEEE 802.1p class-of-service (CoS) prioritization IEEE 802.1Q VLAN encapsulation IEEE 802.3af (Using Internal or external device). IEEE 802.1x user authentication. 1000BASE-X (GBIC) (Support for SX, LX, ZX). 1000BASE-X (small form-factor pluggable) RMON I standards
Advanced Security i. RADIUS, which enable centralized control of the switch and restrict unauthorized users from altering the configuration ii. Standard and extended ACLs on all ports. iii. STP and VTP security e.g. BPDU Guard and Root Guard MD5 authentication etc. iv. SSHv2. v. AAA support. vi. NTP with authentication features. vii. Dynamic Host Configuration Protocol (DHCP) snooping. Management i. The router should be manageable from any open management system platform. ii. Shall have support for Web based/GUI based management, FTP/TFTP, CLI, Telnet and SNMP/SNMPv3 and RMON. iii. Shall support Secure Shell SSH v2 iv. Shall support out of band management through Console and external modem for remote management. v. Shall support Network Time Protocol (NTP) (RFC 1305). Layer 2 switch i. Nos. GBIC ii. Ports required: 48 10/100 Mbps port iii. Ethernet, Fast Ethernet support RFP for appointment of Vendor for Distribution Mechanism for PDS
55
iv. v. vi. vii. viii. ix. x. xi. xii. xiii. xiv. xv.
Support for VLANs Spanning tree/Rapid Spanning Tree support Per VLAN Spanning Tree or equivalent support The switch must support Dynamic VLAN Registration Dynamic Trunking Protocol or equivalent. VLAN Trunking Protocol or equivalent Must have support for SNMP/SNMPv3/RMON Prioritization support SNMP, Telnet and SSH v2 support Web-based and CLI management Additional features: Advanced QoS, Rate limiting Standard and extended IP security router ACLs to define security policies on routed interfaces for control-plane and data-plane traffic.
Security Devices Firewall with SSL VPN Gateway, content security and URL filtering and for Data Center Function The Firewall at the Primary Data Center is responsible for acting as a Gateway Protection to defend FCS network from virus, phishing, spamming, worms and other malicious traffic. Also Firewall is responsible to act as a SSL VPN Gateway. Firewall Architecture with features i. Architecture should be based on high speed CPU with high port densities ii. Firewall should be modular so as to have flexibility to use appropriate choice of interfaces and security modules as and when required. iii. Firewall should support interfaces such as Fast Ethernet and Gigabit Ethernet. iv. Firewall should be capable of functioning as SSL VPN Gateway. v. Firewall should have either an integrated module with Anti-spam/Spamblocker or separate content filtering appliance with Anti spam/Spamblocker that removes unsolicited e-mail and other malicious content before it hits the mail server or any other servers. vi. Firewall should have either an integrated Intrusion Prevention Service module or should be integrated with a separate Network Intrusion Prevention appliance to protect FCS network from any intrusion/malicious content at the main gateway. vii. Firewall should either have a content-based inspection module or separate content-based inspection appliance for inspecting web, e-mail and ftp content for virus, phishing, spamming, worms and other malicious content. viii. Firewall should either have a content-based inspection module or separate content-based inspection appliance for inspecting web, e-mail and ftp content for virus, phishing, spamming, worms and other malicious content. RFP for appointment of Vendor for Distribution Mechanism for PDS
56
ix.
x.
Firewall should either a URL filtering capabilities or a separate URL filtering appliance to block malicious sites that FCS does not want their employees to access. URL Filtering should have capability to filter URL traffic according to predefined categories such as adult or mature content, games, phishing, movies/songs, chat or instant messaging or gambling and any other pirated software downloading sites. SSL VPN functionality with authentication using Dual Factor Authentication with support for SSO /RADIUS/ LDAP/Microsoft AD server or any other directory server.
Firewall Hardware i. Should be compact rack mountable chassis ii. Health LED for all modules to indicate operational status of the module. iii. The Firewall must support the flash file system to easily store and load multiple images. iv. Firewall must have minimum of 256MB expandable to 512 MB flash memory. v. Firewall must have minimum of 1GB DRAM. vi. Extensive debugging capabilities to assist in hardware problem resolution. High Availability i. Redundant AC Power Supply Unit ii. Two firewall units with support for High Availability (Active and Active failover) with Internet Service provider (ISP) failover protection. iii. Hot swappable security Modules/ Online Insertion and removal of security modules. iv. Firewall software must have on line reconfiguration facilities to ensure that the changes made to its configuration take place with immediate effect. v. It must be possible to fast boot the firewall to ensure that software updating can be done with minimum network down time. vi. High Mean Time between Failure values should be available to ensure long life of Firewall hardware. vii. Configuration changes should be done without rebooting the firewall or its modules. Firewall Performance i. Firewall throughput 700 Mbps to 1 Gbps ii. Maximum firewall connections 400,000 to 500,000 iii. 3DES/AES IPSec support with 500 Mbps throughput. iv. Firewall with Antivirus/Anti-Spam integration should support 3000 concurrent users. v. Firewall as SSL VPN Gateway should support 3000 concurrent SSL VPN sessions. vi. URL and content filtering for 600-700 concurrent users. vii. Shall have 2 Gbps back plane or higher Firewall Interface Requirement RFP for appointment of Vendor for Distribution Mechanism for PDS
57
i. ii.
Gigabit Ethernet 4 Nos Fast Ethernet 2 Nos
Routing Protocol i. RIPv1 (RFC 1058) ii. RIPv2 (RFC 2453) iii. OSPF v2 (RFC 2328) Quality of Service (QoS) i. Traffic Conditioning: A class-based scheduling/queuing mechanism that provides configurable minimum bandwidth allocation to each class for assigning priority to critical traffic. ii. The firewall should be able to recognize applications, including Web-based and other difficult-to-classify protocols that use dynamic TCP/UDP port assignments. When an application is recognized and classified by firewall, a network can invoke services for that specific application. iii. Support for Per VLAN QoS Debug, Alarms & Diagnostics i. Support for monitoring of traffic flows for network planning and security purposes ii. Display of input and output error stats on all interfaces. iii. Display of Dynamic NAT/Arp table iv. Trace-route, Ping and extended Ping v. Should have extensive support for SLA monitoring for metrics like delay, latency, jitter and packet loss Management i. The Firewall should be manageable from any open management system . ii. Shall have support for secure web based/GUI based management, CLI, Telnet/SSH and SNMP/SNMPv3 and RMON. iii. Shall support out of band management through Console port iv. The firewall shall support Network Time Protocol (NTP) (RFC 1305) Other Security i. IPSEC with 3DES/AES encryption ii. IPSEC (Site-to-Site ) and Remote Access iii. MD-5 route authentication for RIP and OSPF iv. SSHv2 v. Logs (access and service) vi. Access Control Lists (ACL) / IP Access list to limit Telnet and SNMP access to firewall RFP for appointment of Vendor for Distribution Mechanism for PDS 58
vii. viii.
AAA support using Radius and/or TACACS NTP with authentication features
2.1.2 Remote Disaster Recovery (DR) Site: The DR database must be in sync and be mirror image of the database at FCS Datacenter at any given point of time and be online. There should be redundancy at network components level and security appliances level. The bidder has to propose the solution for the same including minimum number of servers & other hardware from given specifications in this document. However the bidder may propose the optimal solution for meeting this requirement.
59
60
Proposed DR Architecture 2.2 COMPUTING HARDWARE REQUIREMENTS
The indicative minimum configurations for the servers, storage unit and tape library unit, etc is provided later The specifications are indicative and the bidder MUST fine-tune to upgrade the specifications and the numbers as per requirements of the system proposed. The bidder MUST also propose the specifications of any additional servers that will be required for the system. The bidder MUST provide the architecture of the solution, which it is proposing. 2.2.1 Server Requirement: To run the FCS application successfully on the network, Web Server, Application Server, Database Server, etc will be required. Some other servers like MIS, Antivirus, and EMS Server etc will be required for their different purposes. The detailed specification of each server is given in this document. Application, Web & Portal Server Application would be required as middle tier for various web based applications. Application server would take care of the necessary workflow and Web and Portal server would be required for the interfacing with the end user / department user. All of these servers would be seamlessly integrated to provide high availability and performance. It would be required to cluster these Servers to ensure high availability and reliability
Database Server The FCS application will be hosted on a centralized common database which will contain all the data of the application. Since this data is centralized and is very critical, it would be required to cluster this Server to ensure high availability and reliability. The data would be physically stored on an External FC based Storage (SAN). These will be RISC/EPIC based servers. Management Server
61
The management server would help in administration of distributed systems at the server farm. The management server would help in efficient and reliable administration of all the distributed computing devices. It would provide Inventory Management, Fault Management and Performance Management and Patch management and it would monitor the availability of Services. EMS will be installed on this system. Backup Server A backup server would be required for installation of backup software which will take care of backup activity. Antivirus & Anti-Spam Server A separate server for Anti Virus and Anti Spam would be required to keep the other servers and application secure from the attack of virus, Trojans and spam. This will also act as a centralized system for updating the virus definitions on the systems across FCS offices.
2.2.2 Backup, External Storage (SAN) & Tape Library & Restoration A SAN (Storage Area Network) will be required for storage of data from all the locations. This will act as central repository for data, documents and records. The specification for SAN is given in subsequent Section. Backup is an important aspect of recovering the lost data due to any loss. A Tape Library is proposed for taking the regular backup of centralized storage (SAN). The FCS setup would be configured with SAN for external storage of data for faster access and would be implemented on RAID 1+0 for redundancy and high availability. The Database cluster connects to SAN through a redundant fiber switch to ensure no single point of failure. Tape Library would also be deployed for auto backup, which would have automated robot to place the tapes for backup. The detail specification of each server is given in This document. The backup solution should address the following Assuring that the production servers data is available in an offline storage device, and can be restored as and when required. The backup of the production systems to be performed in an LAN free manner for the Database Server, a LAN based backup for other APP and WEB Servers. Online full and incremental backups for the main database To ensure a policy driven data-protection through scheduled backup and recovery. Replication of complete backup data to a remote site, so that in case of any disaster at the Server Farm, the backup may be recovered from the remote site. RFP for appointment of Vendor for Distribution Mechanism for PDS 62
Single, centralized management for data protection and disaster recovery. Backup of operating system, database and application as per stipulated policies at the Server Farm. Monitoring and enhancement of the performance of scheduled backups, schedule regular testing of backups and ensure adherence to related retention policies. Ensuring prompt execution of on-demand backups of volumes, files and database applications whenever required by User Departments or in case of upgrades and configuration changes to the system. Real-time monitoring, log maintenance and reporting of backup status on a regular basis. Prompt problem resolution in case of failures in the backup processes. Media management including, but not limited to, tagging, cross-referencing, storing, logging, testing, and vaulting in fire proof cabinets. Physical security of the media stored in cabinets. Ongoing support for file and volume restoration requests at the Server Farm. All proposed hardware MUST be of proven technology and be current /recent in the Supplier's product line. Equipment MUST not be obsolete and MUST be fully supported by the product supplier. The bidder is expected to analyze the processes for the offices, geographic locations, and network in order to determine the best hardware and systems requirements. Proposed Server Configuration to Support World Class Systems and Data Sharing The specifications of servers, provided by the bidder should include following characteristics: Scalability- The configuration proposed is expected to have adequate upgrade capability in terms of processors, memory, disk storage, etc. This should be achievable with minimum disruptions to processes and Users with minimum additional investment. Reliability- FCS will consider installation of equipment manufactured by reputed companies committed to product improvement and new product development. Security- The equipment should have good security features, both physical (lockable, etc.) and operational (security/administration systems). Backup- The bidder should also recommend and provide an appropriate archiving system i.e. tape cartridge library or optical backup equipment or better alternative to be installed at the server sites. In the event of serious failure, the backed up data MUST be restored in the quickest possible time to ensure continuity. RFP for appointment of Vendor for Distribution Mechanism for PDS
63
Open Systems Standards - The hardware MUST be such that FCS will not have restrictions on software application solutions interacting across Servers & client platforms. The specification of the servers should be designed to ensure high availability of servers (clustering) at the central site. The servers should be configured in such a way that there is no single point of failure. This means that RAID technology may be used and configured as a multistorage system cluster. The bidder is to ensure the high availability for these servers (clustering) also. The option of having clustered servers is to allow for redundancy and load sharing for both database management and applications. The bidder has to provide and install associated computing hardware apart from the servers, required for the installation, operation, management and administration of the solution provided e.g. hardware for Hindi User Interface. Note: The bidder will be responsible for the compatibility requirements. 2.2.3 Desktops (with UPS), Printers The bidder has to provide all necessary desktops, printers along with UPS (3hrs backup) for desktops. The specifications of the same are given in this document.
64
2.3
NETWORK AND COMMUNICATIONS SPECIFICATIONS
FCS Datacenter will have all critical applications and servers deployed at FCS Bhopal. All services shall be web based so that HO and field offices users are able to access it through internet.
Figure: Proposed Network architecture of FCS Datacenter 2.3.1 Local Area Network(s):
2.3.1.1 Equipment and software: RFP for appointment of Vendor for Distribution Mechanism for PDS
65
The bidder has to establish the LAN in various offices of FCS including integration with existing LAN. The list of offices with LAN requirement is provided in this document. The list shows the minimum requirement of FCS. The bidder has to conduct the site survey of FCS offices and propose the optimal solution. 2.3.1.2 Cabling: Vendor is required to do cabling in Data Centre and LAN cabling in various offices as needed till final equipment (desktop, printer, etc.). Vendor shall ensure existing LAN is integrated with the respective hardware setup envisaged. Vendor needs to provide all necessary cabling at Datacenter & various offices for Routers, Switches, RAS, Servers, etc. Vendor should provide structured WAN cabling from distribution box of Connectivity Provider till final equipment. Vendor shall also provide necessary electrical cabling for the required infrastructure.
2.3.2 Wide-Area Network All FCS offices will be connected to the centralized datacenter through internet. All critical offices (regional offices) will have redundant WAN links for application access in case of failure of the primary link. WAN connection at each location would terminate at router or firewall with serial port for wan termination. In this centralized architecture framework, all major application or services will be deployed at centralized datacenter. The proposed WAN diagram is depicted below; the specifications of Networking Equipments are given in This document. The list of offices with WAN requirement is provided in Annexure B. The list shows the minimum requirement of FCS. The bidder has to conduct the site survey of FCS offices and propose the optimal solution. 2.3.3 Network Security Considerations
Overall network environment has to follow a well-defined security policy. The framework needs to ensure the information availability, integrity, and confidentiality of FCS infrastructure and data. The security policy should be comprehensive and shall address the security needs of the network and the Network Operations for the Servers kept at Data Centre and for the end-users in various offices. Following are the key recommendations to secure the FCS network: IT Security is very crucial since IT has become a key tool for the business. The overall security has to be achieved based on the IT Security policies of the Government of India. The vendor shall ensure that the policy guidelines are followed in the daily activities.
66
The security services shall be delivered, and that the technologies implemented, in conjunction with a set of best practices guidelines, and industry standards. The technology solution should comply with BS7799/ISO27001standard or any other standard adopted as a policy by the Government of India. Appropriate security components/devices shall be selected to protect FCS network and assets from any security threats and intrusion activities from the unknown, un-trusted networks Internet and any third party connectivity, which can affect its business operations. The FCS network shall have firewall in High Availability and integrated with Gateway Antivirus/Intrusion Prevention Service with antispyware/ Spam Blocker to ensure network protection from security threats, e.g. viruses, worms, bots, spyware, phishing,Trojans, webbased exploits and other malicious threats. All such security threats can be stopped at the FCS gateway before it reaches inside its network. The Network shall have Web/URL filtering for creating lists of trusted web sites, or blacklist specific URLs or IP addresses. Blocks malicious sites to keep network protected from risky web content such as spyware, adware and phishing sites. The Network shall have SSL VPN gateway functionality to be included in the firewall to ensure secure remote access connectivity to applications and resources inside FCS network. Security Infrastructure should provide comprehensive identification, authentication, authorization/access control, administration, and audit mechanism in the Hardware and network with relevant technologies, best practices, guidelines, and standards. The security services used to protect the information infrastructure shall include: Identification Process of distinguishing individual users Authentication Process of verifying the identity of a user. Authorization and Access Control Process of establishing and enforcing user rights and privileges. Administration Process of managing, and maintaining infrastructure. Audit Process of monitoring above mentioned processes, to make sure that suitable security has been established and maintained. A security audit shall be done for the FCS APPLICATIONS after the completion of implementation phase and regularly during the Operations and Maintenance phases on annual basis, to assess whether appropriate security procedures are being followed. Methods of mitigating a security breach from within the intranet or extranet should be addressed by the security policy. The bidder should design appropriate network solution so that a security breach/ virus do not spread throughout the network if originating at the end-user level.
67
The Network shall have Anti-Virus corporate edition to protect desktops/laptops from viruses, Trojans, network worms, spyware and root kits. The Network shall have ISP Failover Protection either by firewall in high availability or using link load balancer. Mission critical servers such as application and database server shall have Host-based Intrusion Prevention System to stop well-known attacks, new, unknown attacks and encrypted-tunnel based attacks that target the application/ database servers. This will reduce the risk of downtime caused by malware, spyware and other malicious content and helps to keep your critical application up and running.
Security administration activities shall include the following Monitoring of various security devices such as firewall, intrusion detection, content filtering and blocking, virus protection, and vulnerability protection through implementation of proper patches and rules Ensuring that patches / workarounds for identified vulnerabilities are patched / blocked immediately Responding to security breaches or other security incidents and coordinate with respective OEM in case of a new threat is observed to ensure that workaround / patch is made available for the same. Monitor the Anti-Virus tool installed on daily basis and ensure that the latest patches are updated in all the systems. Alert users on new virus breakouts based on the info received from the IT industry. Monitoring the efficiency and effectiveness of the Anti-Virus and updating the Anti-Virus signatures on the server and the clients periodically.
Firewall integrated with SSL VPN Gateway In the proposed setup, if users need to access FCS corporate network from the internet, to ensure ease of manageability and uniform security controls, it is recommended to configure all existing web-based incoming access through an SSL VPN gateway. SSL VPN (Web VPN) allows secure access to the corporate network from any location. The remote client/PC needs only an SSLenabled web browser to access http or https enabled web servers on the corporate LAN. Access is also available to browse for Windows files with the Common Internet File System (CIFS).
68
SSL VPN on firewall should have following features: Firewall with SSL VPN should support following authentication mechanisms for secure remote-access
Popular authentication services e.g. Microsoft Active Directory, Lightweight RADIUS, Directory Access Protocol (LDAP), and RSA SecurID. Single sign-on support RFP for appointment of Vendor for Distribution Mechanism for PDS 69
HTTPS to access internal web servers of FCS network
70
Anti-Virus (AV) Server It is recommended to use AV server to protect FCS network from viruses, Trojans, network worms and spyware/phishing attacks. RFP for appointment of Vendor for Distribution Mechanism for PDS
71
This server should download latest AV updates/ patches from the vendor website (Internet) on a daily basis and loads it locally. These updates should then push to each desktop/laptop and server of FCS. All clients should be configured for a weekly scheduled scanning over and above real-time virus scanning feature. The vendor should install personal firewall on all desktops/laptops. This will prevent employees desktop/laptop from exchanging data without their approval and defend against attacks from the Internet. The Anti-Virus Server should have following features: Protects against web-based and blended attacks Stops viruses, Trojans, worms, plus new variants Detects, removes spywareeven hidden root kits Supports plug-ins that add new security capabilities Streamlines administration and simplifies management.
Internet Browsing Access AV / Content Scanning for Web Firewall should be integrated with content security and URL filtering. This integration ensures following benefits: Filter URL traffic according to predefined categories that you allow or disallow, such as adult or mature content, games, chat or instant messaging, or gambling sites. Filters offensive or inappropriate content from the internet and blocks incoming file types that can damage the corporate network. Provides approved senders and blocked senders functionality for file and URL blocking. Blocks connections to URLs or FTP sites prohibited by the FCS Information Security policy.
72
INTERNET
Filtered and Qualified contents Discarded contents
Firewall with URL Filtering integration
Pornography Sites Gaming Sites
Unknown contents Racism and Hate Sites Hacking Sites Drugs Sites Militancy and Extremist Sites Violence Sites Pirated software Websites Dust Bin
User DMZ
Gambling Sites Time Wasting Sites (shopping / entertainment) Phishing and Frauds Sites
` `
Malicious Websites
73
2.4 2.4.1
SOFTWARE SPECIFICATIONS System Software and System-Management Utilities:
The bidder MUST provide the associated system software and system management utilities including clustering software for the hardware provided. 2.4.1.2 Processing unit type 1 (Higher End Servers): The operating system on server should be preferably UNIX. The operating system on desktops will be Windows. Bidder MUST also provide the associated system software and system management utilities. 2.4.1.3 Processing unit type 2 (Lower End Servers): The operating system on server should be Linux/Windows. The operating system on desktops will be Windows. Bidder MUST also provide the associated system software and system management utilities. 2.4.1.4 System Upgrade: The support infrastructure layer software (operating system, database management system and software tools intended to support application systems) should be easily upgradeable when required. 2.4.2 Enterprise Management System (EMS) :
EMS need to be deployed at the servers kept at FCS Data Centre to perform the following functions: Measure the performance Manage and monitor the Servers (e.g. Database, Application, Backup and Anti-Virus etc.) Manage non-functional requirements of FCS applications Manage connectivity speed and Network components (including Routers, Switches, links, etc.) EMS should help in pro-actively diagnosing and support in resolution of any technical hindrance for smoother operations. In addition to fault detection, these tools should be capable enough in providing reports for: Server Statistics Server Performance Alerts from Virus Attack RFP for appointment of Vendor for Distribution Mechanism for PDS
74
Storage Status of database/SAN User Access details/logs Network Monitoring and Network Availability Link utilization Network device performance SLA reports etc. This could be used for analysis and future capacity building. The detail specification of EMS is given in this document 2.4.3 General-Purpose Software:
The bidder MUST provide and install the software for Hindi User Interface and all necessary software/s required for development, management, testing or maintenance of the systems e.g. software required for front end, middle tier technology and those required to interact with database layer etc. The supplied software MUST be closely coupled with the developed application system. All the application developed MUST be UNICODE compliant. 2.4.4 IPR (Intellectual Property Rights)
FCS requires retaining IPR, for all proposed applications (packages and custom-made developments) as follows: A copy of the application with current source code (and the means of compiling that code) A copy of all applications and all versions of source code (and the means of compiling that code) A copy of the source code for each application upgrade acquired (and the means of compiling that code) Copies of the current and upgrade design documents or technical documents that can be used by IT staff in supporting the applications or in making modifications to existing code. Any other artifacts created for/during the assignment
75
2.4.5
Database Software and Development Tools:
The bidder MUST procure and install database software. The bidder MUST also provide the user-friendly tools with GUI features to interact with Database. 2.4.6 Business Application Software:
The proposed modules in the application have been identified. However, the modules to be deployed in FCS may or may not have same modular demarcation; but it should certainly cater to all the functionalities identified in Scope and FRS of the RFP. The application software components should be simple to use. The total set of software components MUST be uniform in their User interface, being consistent in their use and meaning of keystrokes and sequences and in their visual presentations to the User. The User interface should be graphical (i.e. GUI) in nature. The indicative list of operational functionality, the application MUST provide is as follows: The application MUST be multi-user Help facility through use of Function keys Prompt facility in searching for the correct code for coded parameters Ability to discard all data when the transaction is incomplete (Should not save) Ability to carry forward data from a previous screen An audit trail for all transactions Procedures for data exchange with interfaced applications Must have the facility for Edit During the implementation and commissioning, circumstances may arise when some of the functions (applications) at site have been computerized and some are still manual. The bidder MUST state how the proposed applications will function in this interim period and how the applications will cater for circumstances where a site that is computerized or manual will communicate with other computerized or manual sites
76
2.5 2.5.0
SYSTEM MANAGEMENT, ADMINISTRATION, AND SECURITY SPECIFICATIONS General Requirements:
In addition to the management, administration, and security requirements specified in each sections covering the various hardware and software components of the System, the System must also provide for the following management, administration, and security features at the overall system level. System installation procedures should be self explanatory, menu driven and should require minimum user interaction. A detail on-line help for installation should also be provided. Installation procedure should set all the required system parameters for successful installation of the system. The bidder should take into account ease of deployment for while proposing a solution. The Bidder shall preferably follow best practices of BS7799 Certification or equivalent for security. 2.5.1 Facility Management and Administration
The Facility Management operations shall include the following tasks Configuration of server parameters, operating systems administration and tuning Operating system administration, including but not limited to management of users, processes, resource contention, preventive maintenance and management of upgrades including migration to higher versions and patches to ensure that the system is properly updated. Re-installation in the event of system crash/failures Maintenance of a log of the performance monitoring of servers including but not limited to monitoring CPU, disk space, memory utilization, I/O utilization, etc. Event log analysis generated in all the sub systems including but not limited to servers, operating systems, databases, applications, security devices, messaging, etc. Ensuring that the logs are backed up and truncated at regular intervals Periodic health check of the systems, troubleshooting problems, analyzing and implementing rectification measure Ensuring the upkeep of existing systems that would be reused and also incorporate necessary changes for new applications if any during the tenure of the contract RFP for appointment of Vendor for Distribution Mechanism for PDS
77
Troubleshooting issues in the infrastructure, network and application to determine the areas where fixes are required and ensuring resolution of the same. Identification, diagnosis and resolution of problem areas pertaining to the Server farm infrastructure and application and maintenance of assured SLA levels. Implementation and maintenance of standard operating procedures for maintenance of the infrastructure. Management of the user names, roles and passwords of all the relevant subsystems, including, but not limited to servers, applications, devices, etc. System administration activities shall include the following tasks but not limited to the following Configuring and apportioning storage space Management and integration of databases Implementing security on the Internet / Intranet Setting up of firewalls and authorization systems Performing periodic backup and archiving of data and automating reporting tasks Executing hardware and software updates when necessary. The Facility management activities shall also include the following configuration management processes to track IT assets Providing Information on the IT infrastructure o To all other processes o IT Management Enabling control of the infrastructure by monitoring and maintaining information on o All the resources that need to deliver services o Status and history of Configuration Items (CI) or IT Assets and their relationship with other IT Assets 2.5.2 Storage and Database Administration
The vendor shall administer the databases which have been setup in the server farm and provide a repository of information for Business Critical applications. Database Administration involves data backups & restores and monitoring the database server. RFP for appointment of Vendor for Distribution Mechanism for PDS
78
Storage and Database administration activities shall include the following Installation and configuration of the storage system. Management of storage environment to maintain performance at desired optimum levels. Development of storage management policy, configuration and management of disk array, SAN fabric / switches, tape library, etc. Configuration of SAN whenever a new application is hosted at the server farm. This shall include activities such as management of storage space, volume, RAID configuration, zone, security, business continuity volumes, NAS, performance, etc. End-to-end management of database on continuous basis to ensure smooth functioning of the same Management of any changes to database schema, disk space, storage, user roles Review of Code of Conduct and configuration to improve performance of the application or to resolve bottlenecks if any. Performance monitoring and Databases on a regular basis including, preventive maintenance of the database as required. Applying patches and database upgrades as and when required with minimal downtime. Regular backups for all databases in accordance with the backup and archive policies and conduct recovery whenever required with appropriate permissions. Use of DBA tools related to performing database creation, maintenance, and database monitoring tasks 2.5.3 Network Monitoring and Administration Network Monitoring and administration activities shall include the following Monitoring and administering the LAN up to the integration points with WAN. Creation and modification of LANs, assignment of ports to appropriate applications and segmentation of traffic. Coordination with vendor for break fixes maintenance of the LAN cabling. 2.5.4 Backup and restore
The backup and restore functions will comprise of the following activities Backup of operating system, database and application as per stipulated policies at the Server Farm. Monitoring and enhancement of the performance of scheduled backups, schedule regular testing of backups and ensure adherence to related retention policies. RFP for appointment of Vendor for Distribution Mechanism for PDS 79
Ensuring prompt execution of on-demand backups of volumes, files and database applications whenever required by User Departments or in case of upgrades and configuration changes to the system. Real-time monitoring, log maintenance and reporting of backup status on a regular basis. Prompt problem resolution in case of failures in the backup processes. Media management including, but not limited to, tagging, cross-referencing, storing, logging, testing, and vaulting in fire proof cabinets. Physical security of the media stored in cabinets. Ongoing support for file and volume restoration requests at the Server Farm. 2.5.5 Server Management
The vendor shall perform all system administration tasks like server management and operating system administration, user management, device management etc. The vendor shall ensure high availability of System resources to the users and to maximize the uptime of the system by diagnosing, detecting and rectifying the faults in time. The Server Administration for any platform will comprise of the following activities Starting/Shutdown servers or services at Server Farm Monitoring performance of server resources (CPU Usage, Memory, disks) Monitoring access logs and application logs Purging of files and logs Taking data backup and restoration Applying service packs, fixes, updates and security patches Providing helpdesk related administrative support The minimum qualification of the person will be degree / equivalent with 2 years relevant experience Server Management operations will comprise of the following Monitoring of software licenses and identification of software license procurement or up-gradation Providing and maintaining user access controls creation, modification or deletion of access/authentication and administrative rights on servers as per defined access policy. Maintaining data access security RFP for appointment of Vendor for Distribution Mechanism for PDS
80
Deployment, Monitoring and updating of Anti-virus software on servers Coordinating with Anti-virus service provider for support for virus attacks and resolution. 2.5.6 Change Management
As the organization goes through changes IT infrastructure will also change from time to time to meet the changing needs of the businesses. Proper change management will ensure that approved changes are implemented efficiently and with acceptable risk to the existing and to the new IT Services with minimal impact on the operations of FCS. Change management would include the following tasks Change management has to be approved by the authorized officials of FCS Tracking the changes in hard / soft configurations, changes to applications, changes to policies, applying of upgrades / updates / patches, etc. Plan for changes to be made - draw up a task list, decide on responsibilities, coordinate with all the affected parties, establish and maintain communication between parties to identify and mitigate risks, manage the schedule, execute the change, ensure and manage the port change tests and documentation. 2.5.7 Technical management and troubleshooting: The bidder MUST provide a detailed plan for technical management and troubleshooting. Recovery and auto-roll back of data: There should also be re-scheduling capabilities for automatic retries and restart logic (e.g. batch processing) Audit trails and logs maintenance capabilities The bidders will provide the backup frequency and recovery plan. The application system should also support the replication of the centralized system to the disaster recovery site, as and when the site comes up. A combination of full (on Tape Media) and incremental (Day-time) backups should be employed to ensure disaster tolerance. The bidder MUST provide the backup and recovery plan. The bidder MUST provide an Industry Standard BCP/Disaster Recovery plan. 2.5.8 User and usage administration:
The bidder MUST clearly state the access controls, for on-line PCs applications connected to the centralized server, which ensures that: RFP for appointment of Vendor for Distribution Mechanism for PDS
81
Only authorized personnel are allowed to access the system; access being restricted via the use of user names/identifications and associated password. Access to each application is restricted to specified authorized users The user in the application system is logged off automatically if the user is idle for more than a specified and variable period, to prevent access to the system, applications etc. by unauthorized third parties when a terminal is left unattended.
2.6 2.6.1
SERVICE SPECIFICATIONS System Integration:
The application and systems have been identified based on the existing structure of FCS and its existing IT applications. The bidder is required to design the system in such a way so as to provide fully integrated system with functionalities, at the minimum, as mentioned in the FRS in this RFP. It is expected that the application system will cater to the workflow requirements, wherever necessary. The system will be developed and implemented as a turnkey project, and thus bidder will also have to perform the role of systems integrator. The bidder MUST provide for integrating the existing/proposed systems with the solution provided. The bidder will coordinate and provide all necessary support to any vendor whenever needed during the execution of this assignment. Bidders MUST also specify the infrastructure requirements, if any, for the successful execution of the assignment. 2.6.2 Infrastructure Service requirements:
Software Updates: An important requirement of the FCS project is to update the system software, patch installation etc. This services is not only limited to system software but also includes all the software required to run the system successfully. 2.6.3 Training and Training Materials:
2.6.3.1 User Training: The indicative training needs, but not limited to, depending on the role of user of the systems, is as follows: RFP for appointment of Vendor for Distribution Mechanism for PDS
82
End users: o o o o o o Application usage Intranet Basic Computer Training. Training on Basic Hardware & Network Problems and their solutions. Defect logging system Etc.
Helpdesk: o o o o o o Application usage Intranet Defect logging system Defect tracking and resolution Troubleshooting Etc.
2.6.3.2 Technical: Technical training will ensure that the FCS staff is well trained to manage the system in long run. The indicative training need, depending on the role of personnel or technical groups: Application System support group: o o o o o o o o o Installation of application system Parameter tuning Application design, logic and usage Configuration Management Performance tuning of applications Client server architecture Structured system development methodology Language used for coding Etc.
Database Administration Group: RFP for appointment of Vendor for Distribution Mechanism for PDS
83
o o o o o o o o o o o
Database installation Security maintenance Parameter tuning Creating and maintaining the database objects Performance tuning Database design Backup/recovery/restart procedures System start-up/shutdown procedures Client/Server architecture Database administration Data Conversion, Migration and Validation and their tools, if any
Operations and Facilities Management group: o o o o o o o Server management System administration System operations and maintenance Backup and recovery management Security maintenance Installation of hardware and software Etc.
Network Administration Group: o o o o o o o Network installation Network performance tuning Network configuration management Network configuration backup and restoration Network architecture and zoning Network administration Network monitoring
Security Administration Group: o Security devices installation o Security configuration management o Secure network architecture RFP for appointment of Vendor for Distribution Mechanism for PDS
84
o Monitoring security logs o Installation of security patches o Applying AV signatures updates 2.6.3.3 Management: The management training will include project management, operation of the new system and functions of the new system. The indicative training needs are as follows: Application usage MIS Report analysis Query Generation Defect Prevention Quality Management System Etc. The Final training plan will be prepared by the selected vendor in consultation with FCS. FCS will assess the quality, relevance and comprehensiveness of the training materials/tools. 2.6.4 Technical Support: 2.6.4.1 Warranty Service: The bidder MUST warrant that all the deliverables provided under this bid will be free from defects in design, materials and workmanship for the warranty period. If any issues remain outstanding at the end of the warranty period, the warranty period will be extended until FCS is satisfied with the resolution of the issues. The bidder MUST identify a Warranty Manager who will be the primary point of contact for FCS during the warranty period and who will have the authority to take any action necessary to resolve any warranty related issues. Throughout the acceptance and warranty period the bidder MUST provide, but not limited to the following: RFP for appointment of Vendor for Distribution Mechanism for PDS
85
Provide resources at strategic location at various sites of FCS Provide resources that are on call to support the developed application for 24 X 7. Provide onsite or on call resources as required by FCS for other special situations. The bidder MUST provide reporting strategy plan in the bid. This plan should include the actions that the bidder will take, on daily basis (if needed), to resolve all the identified problems. 2.6.4.2 User support / Hot line: The bidder MUST nominate staff at Bhopal for their permanent support centre at FCS. The support centre will be responsible for, but not limited to the following: Performing effective maintenance during and after the warranty period. Acting as a help desk to provide operational support. Coordinating with other vendors, if required, for the resolution of the reported problems. 2.6.4.3 Maintenance services: The bidder will provide comprehensive maintenance service for these systems after the warranty has ended. The AMC period will be for 2 years, on expiry of warranty for initial 3 years from the Go-Live date. The maintenance service will include, but not limited to: Equipment maintenance, such as repairs, changes, modifications etc. Application system maintenance such as changes, modifications, bug fixing etc All Software maintenance such as upgrades, reinstallations Provide resources that are on call to support the developed application for 24 X 7. Provide onsite or on call resources as required by FCS for other special situations. The bidder MUST provide reporting strategy plan in the bid. This plan should include the actions that the bidder will take, on daily basis (if needed), to resolve all the identified problems etc. RFP for appointment of Vendor for Distribution Mechanism for PDS
86
2.7 2.7.1
DOCUMENTATION REQUIREMENTS End-User documents:
Documentation will be supplied and maintained by the bidder during different stages of the project. The ownership of all documents, supplied by the bidder, will be with FCS. The electronic copies will be supplied with all the documents and manuals, required for operating and configuring the hardware and software at the user specific environment. The documents have to be provided in English and Hindi and MUST include at least: User Documentation including user guide and procedures manuals for hardware and software Software installation guide including the configuration of the database etc User will have the rights to duplicate the hardcopy and soft copy for the documents created by the bidder without any financial and legal implications. Note: At least 2 soft copies (in CD) and three hard copies of all the documents to be provided by the bidder. 2.7.2 Technical Documents:
The bidder shall supply operation and maintenance manuals together with the drawings of goods and equipments. These shall be in such details as to enable FCS to operate, maintain, adjust and repair the parts of the works as stated in the specifications. The manuals and drawings, for all supplied equipments, shall be in English and/or Hindi and in soft and/or hard copy and equal to the number of supplied equipments. Indicative list of documents, not limited to, that will be supplied and maintained by the bidder during different stages of the project are: System Manual for Server, Storage & other hardware. Operating System Manual Database Manual Application System Requirement Specification (SRS)/Application Customization Requirements Specification (CRS) Application Integration Requirements Gap Analysis Document (if applicable) Plan for digitization and data entry RFP for appointment of Vendor for Distribution Mechanism for PDS
87
Application Software Design Document (SDD) Coding standard guidelines Trouble Shooting document Installation Manual Operational Procedures Manual Acceptance Test Plan Acceptance Test Specifications Detailed Network diagram which includes both LAN and WAN Secure Network architecture diagram Documented configuration of all network devices e.g. routers, switches etc. Documented configuration of all security devices e.g. firewall, IDS/IPS etc. Other relevant technical documentation etc. Any updates to the documents MUST be made available to FCS to support any changes to requirements, design, etc. All deliverables prepared by the bidder for this assignment and submitted to FCS will be final after the approval provided by FCS. 2.8 OTHER NON-IT GOODS
2.8.1 Power Supply and Backup UPS Requirement Power should be supplied from dual redundant parallel UPS with input and output isolation transformers. The electrical system should be designed to incorporate 100% spare capacity in-order to provide for adequate redundancy for continuous and uninterrupted Power Supply. Power redundancy should be available up to the rack level i.e. from two power sources. The UPS should be located at close proximity to the server room to limit the neutral to earth potential to fewer than 2 volts, which is essential for the clean power requirements for servers. Minimum 3hrs battery back-up is required. The tentative scope of equipments & items under this head of works includes the following: RFP for appointment of Vendor for Distribution Mechanism for PDS
88
Copper power cabling from Main LT panel to the UPS, UPS output to UPS distribution panel, UPS distribution panel to PDU and to server racks. UPS input, output & distribution panel.
TESTING & QA REQUIR EMENTS 3.1 3.1.1 INSPECTIONS Factory Inspections:
Bidder shall provide the factory inspection report for quality assurance as per prevailing industry standards and practices for each type of item. The goods will be accepted only after verifying the factory inspection report by FCS. 3.1.2 Inspections following delivery:
FCS will conduct a thorough physical inspection of all the products delivered to ensure that they arrive at the sites in good condition and are free from physical damage including but not limited to crushed or broken equipments, missing seals, opened packages and incomplete shipments. FCS reserves the right to return the products to the bidder at the bidders expense. Physical inspection of hardware will also include physical checking, unpacking and counting of the delivered equipment by FCS staff in presence of the bidder. This equipment will only be acceptable as correct when each received item corresponds with the checklist that will be prepared by the bidder prior to shipment. Any shortfalls in terms of number of items received may render the delivered equipments incomplete. . 3.2 PRE-COMMISSIONING TESTS
89
3.2.0
In addition to the Suppliers standard check-out and set-up tests, the Supplier (with the assistance of FCS) must perform the following tests on the System and its Subsystems before Installation will be deemed to have occurred and the FCS will issue the Installation Certificate(s).
Testing is an important part of the delivery process at FCS. FCS requires thorough and well-managed tests to be conducted. The bidder MUST build up an overall plan for testing and acceptance of system, in which specific methods and steps should be clearly indicated and approved by FCS. The acceptance test of hardware and software will be defined by the bidder, agreed and approved by FCS and include all the necessary steps to ensure complete functionality, operation and performance of the system. Testing will be conducted at the installation sites. Testing of hardware and software MUST demonstrate that the new systems: Perform according to detail functional requirements Meet the basic system concepts Satisfy the operational and technical performance criteria Fit with FCS operations i.e. provide right information to each user group or provide the efficient system navigation to process various queries or process transactions Convert data from the existing system Interfaces with the existing systems and new systems, as and when they are installed. Upload data from various source It is bidders responsibility during the tests to evaluate and recommend any further changes to the infrastructure. Any recommendations for change will be discussed with FCS. Testing Methodology/Techniques The bidder MUST outline the methodology that will be used for testing the software and hardware. The bidder MUST define the various levels or types of testing that will be performed for software and hardware. The bidder MUST provide necessary checklist/documentation that will be required for testing the software and hardware The bidder MUST describe any technique that will be used for testing for software and hardware. The bidder MUST describe how the testing methodology will confirm to requirements of each functional area. RFP for appointment of Vendor for Distribution Mechanism for PDS 90
The bidder MUST indicate how one will demonstrate to FCS that all applications installed in the system have been tested.
3.3 OPERATIONAL ACCEPTANCE TESTS 3.3.0 FCS (with the assistance of the bidder) will perform the following tests on the System and its Subsystems following Installation to determine whether the System and the Subsystems meet all the requirements mandated for Operational Acceptance. 3.3.1 Testing Methodology/Techniques
Please refer section 3.2.0 for testing methodology/techniques. Successful completion of the contract will be gauged through a series of formal acceptance tests performed on all aspects of the system/sub systems as mentioned in 3.3.1. Database Test Verify complete and correct installation of Database Management System Data Integrity Testing Data Sampling Database Back-up & Recovery Testing Query Testing Database Connection Test (Determine if the database server will be able to sustain the expected number of connections) etc. Functionality Test Test that the functional requirements specified in all the modules are met. All functions MUST be tested when user provide inputs with correct and incorrect inputs Testing of Formats etc. Unit Test Each module or Component should to be fully tested independently before integration etc. System Test RFP for appointment of Vendor for Distribution Mechanism for PDS
91
All specified functionality should exist. This testing verifies the as-built program's functionality and performance with respect to the requirements for the software product. All System functions that are accessed through menus should be tested Defect test: Test software defects before implementation House Keeping functions like archiving Easy to use: Graphical user interface as per requirement specification Server, Storage system etc. shutdown and power up test System backup and restoration test etc. Security Test IT audit of application from External auditors. Real Time Security monitoring. Reviewing and Evaluating the Security Controls etc. Security Attempt to break the password Time out facility on dormant menu/screen. To continue using the open screens the user MUST re-login. Reviewing and Evaluating the Security Controls etc. Stress Test Finding errors that will show themselves under certain combinations of events or data values Heavy repeating of certain actions or inputs Time Test To determine if individual business transactions run to completion in a reasonable amount of time etc. Reliability Testing Testing the system for prolonged use at varying levels, or, possibly, constant value at peak level etc. RFP for appointment of Vendor for Distribution Mechanism for PDS
92
Performance Testing Testing to probe the system against prescribed timing etc. Consistency Testing Test the consistency of data and results across the applications etc. Recovery Testing Testing the response of the system to failures of all sorts including but not limited to power failure etc. Audit Trail Tracking critical transactions Logging all critical errors etc. Multi-User Capability Test that the application system can support several users etc. Help Information Testing Testing for help information that will be verified for detail and presentation etc. Limit Testing Test as to how the system reacts to data which is maximal or minimal in the sense of attaining limit The system will be tested beyond the limits specified to verify whether sufficient margins have been built in etc. Volume Test Test to submit the system to large volumes of data etc. System Integration Test Testing Components and Component Integration Testing System Interfaces RFP for appointment of Vendor for Distribution Mechanism for PDS
93
After each system has been fully integrated to create a larger system, each module or sub-system MUST have a defined interface which will be used to call another program component Parameter interface: Data and function references are passed from one component to another. Procedure interface: One sub-system encapsulates a set of procedure which is called by other sub-system Message passing interface: One sub-system request a service from another sub-system. Validation (Completeness) Robustness Testing Testing for 24x7 availability Error Detection & Recovery Testing Measuring response time, throughput and availability Monitoring Resource Utilization Data Conversion Compatibility and Configuration Testing Operating System and Data Base Compatibility Hardware and Network Compatibility Checking Compliance with Standards Test the compatibility of data to the higher version, as and when applicable Storage Testing Testing to detect instances when the system exceed the specified limits (e.g. processing or supplying large volume of data) etc. Installation Testing The ease of installation will be checked Where installation counts are applicable, the number of installations specified will be tested. The system will be checked for a higher number of installations than specified, also to uninstalled to check if the installation count is reduced RFP for appointment of Vendor for Distribution Mechanism for PDS
94
Environment Testing The application will be tested whether it works under different environments e.g. application will be tested on different networks Graphical User Interface (GUI) Test The system will be tested for GUI which will include but will not be limited to: Menus Message Boxes Keyboard Interface Cursor Management Visual Design Manual Procedures Testing If the system works only with manual aid, an archive utility that requires the manual loading of tapes or a system requiring manual switching of remote devices during processing etc. User Information Testing The user documents will be reviewed for clarity, ease of use, details of all required system facilities, and details of all system error messages together with sufficient information to allow the replications of errors etc. Maintainability Reviewing and Evaluating Maintainability etc. Documentation Test procedures, test data and test results should be documented in a manner permitting objective pass/fail decisions to be reached. They should also be suitable for review and objective decision making subsequent to running the test, and they should be suitable for use in any subsequent regression testing. Errors detected during testing should be logged, classified, reviewed and resolved prior to release of the software. Software error data that is collected and analyzed during a development life cycle may be used to determine the suitability of the software product for release for installation. Test reports should comply with the requirements of the corresponding test plans.
95
The acceptance tests shall demonstrate that the bidder has met each and every requirement specified within the contract and has delivered an effective operational system. Complete System Acceptance (UAT) At the end of the System Acceptance period, FCS will acknowledge complete system acceptance in writing to the bidder upon completion of the following: All required activities as defined in the bid document including all changes agreed by FCS and delivered by the bidder and accepted by FCS All required system functionality as defined in the bid document including all changes agreed by FCS and delivered by the bidder and accepted by FCS All required documentation as defined in this bid document including all changes agreed by FCS and delivered by the bidder and accepted by FCS All required training as defined in this bid document including all changes agreed by FCS and delivered by the bidder and accepted by FCS All identified shortcomings/defects in the systems have been addressed to complete satisfaction of FCS The bidder MUST agree to above criteria for complete system acceptance and further agree that: In order to accept the system, FCS MUST be satisfied that all of the work has been completed and delivered to complete satisfaction of FCS and that all aspects of the system perform acceptably. The functional/logical acceptance of the system will only be certified when the proposed system is installed and configured at the sites according to the design and that all the detailed procedures of operating them have been carried out by the bidder in the presence of FCS staff NOTE: The acceptance test of the application system will be conducted with the live/actual data.
96
HARDWARE SPECIFICATIONS & PHYSICAL REQUIREMENTS (DC)

Following are the minimum indicative specifications for each component at DC.The infrastructure required at DR would be replica of DC without high
availability.
1. Web Server (Blade Server): Make And Model To be specified by the vendor Processor 2.5Ghz or higher latest generation x86 based processor `` Up to 2 Nos. Processors Cache Maximum cache available with the processor Expansion Slots Minimum 2 PCI-E I/O Expansion Slots Main Memory Capacity Scalable to 64 GB fully buffered DDR2 memory (Scalability) Main Memory 16 GB fully buffered DDR2 RAS Features Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support Hard Disks 2 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. RAID Integrated RAID offering Striping, Mirroring (RAID 0, 1) Network Interface Card Minimum 2Nos. 10/100/1000 Mbps Ethernet ports USB Minimum 1 USB 2.0 ports or a facility for connecting USB devices Operating System Windows/Linux Support 3 year Onsite Warranty with Parts exchange/replacement, Same Business Day Response basis, regular working hours/days
97
2. Application Server (Blade Server) Make And Model To be specified by the vendor Processor 2.5Ghz or higher latest generation x86 based processor `` Up to 2 Nos. Processors Cache Maximum cache available with the processor Expansion Slots Minimum 2 PCI-E I/O Expansion Slots Main Memory Capacity Scalable to 64 GB fully buffered DDR2 memory (Scalability) Main Memory 32 GB fully buffered DDR2 RAS Features Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support Hard Disks 2 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. RAID Integrated RAID offering Striping, Mirroring (RAID 0, 1) Network Interface Card Minimum 2Nos. 10/100/1000 Mbps Ethernet ports USB Minimum 1 USB 2.0 ports or a facility for connecting USB devices Operating System Windows/Linux Support 3 year Onsite Warranty with Parts exchange/replacement, Same Business Day Response basis, regular working hours/days
98
3. Database Server Make And Model Processor No of Processors Cache Expansion Slots Main Memory Capacity (Scalability) Main Memory RAS Features To be specified by the vendor RISC/ EPIC based 64-bit processor latest generation processor Minimum 4 Processors scalable to 8 processors Maximum as available with the processor Minimum 4 PCI-E I/O Expansion Slots supporting a mix of 4 lane and 8 lane PCI-E Slots Scalable to 64 GB fully buffered DDR2 memory 32 GB fully buffered DDR2 Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support 4 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. 8 hot swap SAS/SCSI HDD Integrated on-board RAID offering Striping, Mirroring (RAID 0, 1) Internal DVD Drive Minimum 4 Nos. 10/100/1000 Mbps Ethernet ports Support for 10Gbps Technology 2 x 4 Gb Dual port Fiber Channel HBAs (should be compatible with SAN Infrastructure) One DB-9 port Minimum 2 USB 2.0 ports or provision to connect with USB devices Dual Redundant Hot-Swappable Power Supplies Enterprise class Unix operating system for 64-bit RISC/ EPIC processor Service Processor providing: DMTF CLP-based CLI over SSH, Web-based GUI over HTTPS/HTTP, IPMI 2.0, SNMP
99
Hard Disks Hard Disk Scalability RAID Optical Drive Network Interface Card HBA Serial USB Power Supply Operating System Design standard and Safety standard
Support
V1, v2c and v3, remote graphical access over Ethernet and remote storage over Ethernet 3 year Onsite Warranty with Parts exchange/replacement,Same Business Day Response basis, regular working hours/days
4. Portal Server (Blade Server) Make And Model To be specified by the vendor Processor 2.5Ghz or higher latest generation x86 based processor `` Up to 2 Nos. Processors Cache Maximum cache available with the processor Expansion Slots Minimum 2 PCI-E I/O Expansion Slots Main Memory Capacity Scalable to 64 GB fully buffered DDR2 memory (Scalability) Main Memory 16 GB fully buffered DDR2 RAS Features Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support Hard Disks 2 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. RAID Integrated RAID offering Striping, Mirroring (RAID 0, 1) Network Interface Card Minimum 2Nos. 10/100/1000 Mbps Ethernet ports USB Minimum 1 USB 2.0 ports or a facility for connecting USB devices Operating System Windows/Linux Support 3 year Onsite Warranty with Parts exchange/replacement, Same Business Day Response basis, regular working hours/days
100
5. Test & Development Server (Blade Server) Make And Model To be specified by the vendor Processor 2.5Ghz or higher latest generation x86 based processor `` Up to 2 Nos. Processors Cache Maximum cache available with the processor Expansion Slots Minimum 2 PCI-E I/O Expansion Slots Main Memory Capacity Scalable to 64 GB fully buffered DDR2 memory (Scalability) Main Memory 16 GB fully buffered DDR2 RAS Features Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support Hard Disks 2 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. RAID Integrated RAID offering Striping, Mirroring (RAID 0, 1) Network Interface Card Minimum 2Nos. 10/100/1000 Mbps Ethernet ports USB Minimum 1 USB 2.0 ports or a facility for connecting USB devices Operating System Windows/Linux Support 3 year Onsite Warranty with Parts exchange/replacement, Same Business Day Response basis, regular working hours/days
101
6. Backup Server (Blade Server) 1 No. Make And Model To be specified by the vendor Processor 2.5Ghz or higher latest generation x86 based processor `` Up to 2 Nos. Processors Cache Maximum cache available with the processor Expansion Slots Minimum 2 PCI-E I/O Expansion Slots Main Memory Capacity Scalable to 64 GB fully buffered DDR2 memory (Scalability) Main Memory 16 GB fully buffered DDR2 RAS Features Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support Hard Disks 2 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. RAID Integrated RAID offering Striping, Mirroring (RAID 0, 1) Network Interface Card Minimum 2Nos. 10/100/1000 Mbps Ethernet ports USB Minimum 1 USB 2.0 ports or a facility for connecting USB devices Operating System Windows/Linux Support 3 year Onsite Warranty with Parts exchange/replacement, Same Business Day Response basis, regular working hours/days
102
7. Other Servers (EMS, Load Balancer etc.) (Blade Servers) Make And Model To be specified by the vendor Processor 2.5Ghz or higher latest generation x86 based processor `` Up to 2 Nos. Processors Cache Maximum cache available with the processor Expansion Slots Minimum 2 PCI-E I/O Expansion Slots Main Memory Capacity Scalable to 64 GB fully buffered DDR2 memory (Scalability) Main Memory 16 GB fully buffered DDR2 RAS Features Hot Pluggable Disk Drives Redundant Power Supply Redundant hot swappable fans Error Correction and Parity Checking RAID 0 and 1 Support Hard Disks 2 Nos. Hot-swap 146 GB SAS/SCSI Disk Drives. RAID Integrated RAID offering Striping, Mirroring (RAID 0, 1) Network Interface Card Minimum 2Nos. 10/100/1000 Mbps Ethernet ports USB Minimum 1 USB 2.0 ports or a facility for connecting USB devices Operating System Windows/Linux Support 3 year Onsite Warranty with Parts exchange/replacement, Same Business Day Response basis, regular working hours/days
103
8. Blade Chassis The Blade Chassis should be configured with minimum 10 Nos. of Blades. Accordingly the No. of Chassis to be quote with interoperability Support for Quad CPU and Dual CPU blades in the same enclosure Chassis Same enclosure should support Intel Xeon/AMD Opteron/RISC/EPIC based blades Should support simultaneous housing of Ethernet,FC,iSCSI, offering Hot Pluggable & Redundancy as a feature for the mentioned I/O devices System Management Port to allow simultaneous management access of multiple Blade Servers in the Chassis. GUI, console-based deployment server to set up multiple OS and application configurations The enclosure should be populated fully with power supplies of the highest capacity available with the vendor. Power supplies should support N+N or N+1 redundancy configuration Should offer choice of a single phase or 3 phase power subsystem for flexibility in connecting to datacenter power enabled with technologies for lower power consumption Guaranteeing complete availability even on failure of any 2 power units across the enclosure. Each blade enclosure should have a cooling subsystem consisting of redundant hot pluggable fans or blowers enabled with technologies for improved power consumption and acoustics
Management Module
Power Modules
Cooling
104
Should be able to perform comprehensive system data collection and enable users to quickly produce detailed inventory reports for managed devices. Software should save the Reports for further analysis. Should provision for a single console to monitor multiple enclosures Should support simultaneous remote access for different servers in the enclosure The management/controlling software's must be from the OEM itself Management Software Licenses for a fully populated Blade Enclosure should be given The software should provide Role-based (admin, user, operator, etc) security which allows effective delegation of management responsibilities by giving systems administrators granular control. The management software should provide proactive notification of actual or impending component failure alerts. Should support automatic event handling that allows notification of failures via e-mail. Should be able to perform comprehensive system data collection and enable users to quickly produce detailed inventory reports for managed devices. Software should save the Reports in some format for further analysis. Should help to proactively identify out-of-date BIOS, drivers, and Server Management agents and enable the remote update of system software/firmware components. The server performance monitoring software should be able to detect, analyzes, and explain hardware bottlenecks. Also it should be able to log the data over time and allow it to replay the same in a short time frame for performance analysis. The Deployment software should provide for User friendly GUI/ consolebased deployment to set up and install multiple OS and application RFP for appointment of Vendor for Distribution Mechanism for PDS
105
Management Software
configurations in individual blade server. The blade system should have the capability of managing all the blades in the Enclosures simultaneously capable of monitoring both physical and virtualized environments with single signon capability for all devices in the enclosure
9. SAN Architecture Controller cache Host Ports RAS Features End to End 4Gb/s Total 4 GB cache with 72 Hr battery backup 8 x 4Gb/s Host Ports Dual redundant RAID controllers Dual redundant Power Supplies Dual redundant Fans Hot Swappable Bays and Disks Up to 112 drives supported RAID 5 6TB Usable using 146GB 15k RPM FC Disks 1TB SATA Disks should be used for snapshot / volume copy Windows, Linux, AIX, HP-UX, Solaris Licenses for Snapshot/ Volume Copy RoHS and NEBS 0, 1, 0+1, 5, ,6 Supports 4/2/1 Gb/s Host Interface Link speed Switched Drive Module Type Solid RAS cabling Single Common Array Manager
Max Drives Supported RAID Level required Required Storage OS Support Licenses Compliance RAID Levels Supported Features
10. SAN Switches 4 GBPS Fire Switches, 12 ports or more & relevant S/w with Licenses for integration of Servers with Storage
106
11. Tape Library(Will be connected to SAN) Drive Type Drives Drive throughput Native capacity Interface RAS Features LTO Generation 4Full Height 2 120 MB/s 19.2 TB 4 Gb/s Native FC Hot-swappable drives; Ethernet and serial ports for diagnostics and reporting; redundant hot-swappable power supplies with redundant fans HP-UX, AIX, Linux, Solaris, Windows
Supported Host Platform Bar-coded 50 LTO4 Media Cartridges with one set of cleaning Cartridges (to be supplied with Library) 12. Backup Software as per specifications
Necessary Backup software for Automatic backup and recovery of data to be provided. Agents for backing up database server and Other server SAN and LAN based Backups and Restores should be supported. Fully automatic scheduled backup should be supported. Backup software should support all major operating systems and databases File system and raw device backups must be supported. Incremental backups must be supported for applications and file-systems. Cluster environment should be supported for backup server configuration. Multi streaming and multiplexing drives should be supported. Backup software must support sharing of drives between hosts. Tape vaulting must be supported. Backup software should support catalog database Backup. LTO drives must be supported. Libraries from major Vendors must be supported. Please attach interoperability data sheet. Backup software should support Full and incremental backups along with data compression. RFP for appointment of Vendor for Distribution Mechanism for PDS
107
Backup software should have mechanism to check the integrality of the backup catalog database 13. Firewall S. No. 1 2 3 Item Description
Users/nodes Unlimited Firewall throughput 300 Mbps or more Concurrent threat mitigation throughput 150 Mbps or more with AIP-SSM-10 (firewall + IPS services) & 300 Mbps or more with AIP-SSM20 3DES/AES VPN throughput New sessions/second Integrated network ports Virtual interfaces (VLANs) High availability Expansion slot USB 2.0 ports Serial ports Rack-mountable 170 Mbps or more 6000 or more 3 Fast Ethernet or more + 1 management port 10 or more Active/Active and Active/Standby 1, SSM or substantially equivalent or better 2 or more 2 RJ-45, console and auxiliary or more Firewall should be Rack mountable. Bidder should propose firewall with RACK and necessary accessories. 256 MB or more 64 MB or more Multi-bus architecture or substantially equivalent or better.
108
4 5 6 7 8 9 10 11 12
13 14 15
Memory Minimum system flash System bus
S. No. 16 17
Item Power System Advanced Features
Description Should be able to work in Indian Power conditions. Firewall should have the features of industry-leading threat protection and content control at the Internet edge, providing comprehensive antivirus, anti-spyware, file blocking, anti-spam, anti-phishing, URL blocking and filtering, and content filtering-in an easy-to-manage solution. Bidder will be responsible for installation and configuration of all required features in the firewall. Bidder will also be responsible for all updates and upgrades to ensure smooth and trouble free functioning during warranty and post-warranty periods.
14. Core Switch Minimum 9 slots Chassis ( 7 Payload Slots) The Switch should be modular layer 3 Switch. Interface modules should be multi layer and should be hot swappable. Layer 3 switching (routing) and L2 L4 services. Should have support for Multi-Gigabit services modules
Chassis Based Modular Switch
109
Switching Capacity
More than 50 Gbps for the chassis. Consistent Passive Backplane / switching fabric, without populating pay-load slots. I/O module connectivity to the Switching fabric must be nonblocking. No performance degradation in event of one supervisor / CPU failure in chassis. It should support switching Performance throughput of minimum 400 Mpps at Layer 2/3 for the entire chassis. Primary + Redundant Switching Fabric with Redundant Power Supplies. 80 x 10/100/1000 Mbps Ethernet ports distributed over 2 line cards required 4 x 1000 BaseSX ports distributed over 2 Cards required Firewall Module Minimum 30 % payload slots should be empty for future expandability after populating the Chassis with above port requirement. Chassis should support 10G Technology Can have server load balancing and wan optimization module IEEE 802.1Q VLAN, support for at least 4000 VLANs Automatic VLAN configuration per port based on user. CPU & Power Supply redundancy, no single point of failure for the chassis.
Performance Throughput Current Hardware / Minimum Port Requirement These are minimum requirements the bidder should take into account for additional ports (if required) for fully integrated solution.
VLAN Support
Redundancy Should have redundant Switching Fabric with 1:1 redundancy. Sub-second failover time. RMON 4 groups of RMON & RMON I and II standards
110
Provide Protocols support for
Advance Security
Network Management
RIPv1, v2, OSPF, BGP-4, EIGRP, ISIS, IPX IGMP v3, DVMRP, PIM, SSM, CGMP, MBGP, NSF awareness, DHCP relay, HSRP/VRRP IGMP filtering on access and trunk ports, UDLD, Dynamic Trunking Protocol (DTP), VLAN Trunking Protocol (VTP) Spanning Tree protocol 802.1s, Spanning-tree root guard, 802.1w, 802.3ad, 802.1-in-802.1 (QinQ) in hardware Ipv4 & Ipv6 in hardware with Wire-Rate MPLS Support. Network Address Translation support RADIUS & TACACS+, which enable centralized control of the switch and restrict unauthorized users from altering the configuration Standard and extended ACLs on all ports Router ACLs (RACLs) on all ports (no performance degradation) and support VLAN ACLs (VACLs) Dynamic Host Configuration Protocol (DHCP) snooping Single console port and single IP address to manage all features of the system SNMP( v1, v2, and v3 ) Command-line interface (CLI)-based management console Remote Monitoring (RMON) software agent to support four RMON groups Analysis support, including ingress port, egress port, and VLAN SPAN Simple Network Management Protocol (SNMP) Version 1 (RFCs 1155-1157) and SNMP Version 2c Workgroup MIB, Ethernet MIB (RFC 1643) Remote Monitoring (RMON) RMON II Standard Software security capabilities: passwords and TACACS+ It should be compatible with SNMP v1, v2, v3 base devices, Layer 2 trace route, Traces Layer 2 and Layer 3 connectivity between two points, Remote SPAN (RSPAN)
111
Technology Support
Layer 3 Features
Layer 2 Features support
Ethernet: IEEE 802.3 and 10BASE-T Fast Ethernet: IEEE 802.3u, 100BASE-TX, and 100BASE-FX Gigabit Ethernet: IEEE 802.3z and 802.3ab IEEE 802.3af Power over Ethernet (PoE) IEEE 802.1D Spanning Tree Protocol IEEE 802.1w rapid reconfiguration of spanning tree IEEE 802.1s multiple VLAN instances of spanning tree IEEE 802.3ad LACP IEEE 802.1p class-of-service (CoS) prioritization IEEE 802.1Q VLAN IEEE 802.1x user authentication 1000BASE-X (GBIC), 1000BASE-X (SFP), 1000BASE-SX, 1000BASE-LX/LH, 1000BASE-ZX DWDM/CWDM Static IP routing IP routing protocols Open Shortest Path First Routing Information Protocol Enhanced Interior Gateway Routing protocol Border Gateway Protocol Version 4 Multicast Border Gateway Protocol IGMP v1, v2, and v3 IGMP filtering on access and trunk ports Distance Vector Multicast Routing Protocol Web Cache Control Protocol (WCCP) support Internet Control Message Protocol (ICMP) support ICMP Router Discovery Protocol Layer 2 switch ports and VLAN trunks IEEE 802.1Q VLAN encapsulation Dynamic Trunking Protocol (DTP) VLAN Trunking Protocol (VTP) and VTP domains Spanning-tree root guard IGMP snooping v1 and v2 Port trunking technology across line cards
112
MAC Address Support Spanning support Tree Protocol
Support for 55,000 unicast + 16,000 multicast MAC addresses Should have IEEE 802.1D/w/s specification
QoS Support
Security
Other
Features
Per-port QoS configuration Support for four queues per port Strict priority queuing IP differentiated services code point (DSCP) Classification and marking based on IP type of service (ToS) or DSCP Classification and marking based on full Layer 3 and Layer 4 headers Input and output policing based on Layer 3 and Layer 4 headers Support for 8000 polices on ingress and 8000 polices on egress configured as aggregate or individual Shaping and sharing output queue management DBL: Congestion-avoidance feature No performance penalty for granular QoS functions Auto-QoS command-line interface (CLI) for VoIP deployments Standard and extended ACLs on all ports 802.1x user authentication (with VLAN assignment, voice VLAN, port security, and guest VLAN extensions) 802.1x accounting and Trusted boundary support Router ACLs (RACLs) on all ports (no performance penalty) VLAN ACLs (VACLs) and Port ACLs (PACLs) Private VLANs (PVLANs) on access and trunk ports DHCP snooping Port security with Sticky port security SSHv1 and SSHv2 VLAN Management Policy Server (VMPS) client Unicast MAC filtering Unicast port flood blocking Dynamic Address Resolution Protocol (ARP) inspection IP source guard and Community PVLAN Support Support for Firewall Module in the Chassis. With min throughput
113
required for
of 5Gbps up-gradable to 20Gbps. Support for Intrusion Detection Module in the Chassis. Support for Content Switching Module in the Chassis. Support for VPN Services Module in the Chassis. Support for POE Line Card Modules in the Chassis. Support for Telco Line Card Modules (RJ-21). Support for Anomaly Detection Module in the Chassis. WAN Interface Support : T1, T3, OC3, OC12, OC48 ATM, Packet over SONET, and Frame Relay Protocols. LAN/MAN/WAN integration IP Telephony Support Supports In-line power for Wireless Access Points and IP Telephones Supports IP Telephony T1 Trunking and Analog interfaces
15. Internet Router Hardware Architecture High Performance CPU Modular Chassis Power supply 230 Volt 50Hz input Memory* RAM 64 MB, upgradeable to 128 MB
114
Flash 32 MB, upgradeable to 64 MB Performance 0.2 Mpps (64byte packet) Interface / Slots Ethernet 2 x 10/100/1000Mbps E1 Ports 4 ports, V.35-4 ports ISDN BRI - 8 Ports. The ISDN will used for auto dial-back in case of lease line failure. The auto dial backup can also be given on separate device, if OEM does not support on a single device. Minimum 2 Free slots Console port 1 number Routing Protocols Static Routing RIPv1, RIPv2 OSPF with demand Circuits BGP4 Policy Routing Protocols PPP, Multi link PPP HDLC MPLS IPv4 and IPv6 NAT, PAT Multicasting PIM or MOSPF VPN/Tunnel RFP for appointment of Vendor for Distribution Mechanism for PDS
115
GRE tunnelling and IP Sec 3DES/AES VPN for configuration of VPN tunnels. 200 concurrent tunnels Encryption IP Sec 3DES/AES Dialling capability ISDN Dial backup. The ISDN will used in case of lease line failure for auto dialback from Internet router. The auto dial backup can also be given on separate device, if OEM does not support on a single device In-active hang-up Security NAT, PAT Multilevel Access control Support for ACL to provide supervision and control. Controlled SNMP Access through implementation of Access Lists on the router to ensure SNMP access only to the SNMP manager
Controlled SNMP access through the use of SNMP with MD5 authentication. Support for Remote Authentication User Service (RADIUS) and AAA RFP for appointment of Vendor for Distribution Mechanism for PDS
116
PPP CHAP support. PAP (optional) Management & Upgradeability Accessibility using Telnet, SSH, Console access for administration and configuration Support FTP or TFTP for easy software upgrades over the network. SNMPv1, snmpv2/v3 Support configuration management through the CLI, GUI or web interface shall be available. Event and system history logging functions shall be available. Support Syslog Support pre-planned timed reboot to upgrade their Hardware to a new software feature and plan the rebooting as an offpeak time Physical Router should be mountable on 19 Rack Accessories All necessary power cords, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc. RFP for appointment of Vendor for Distribution Mechanism for PDS
117
* If the Router (proposed by bidder) does not match the Flash memory requirement, they need to ensure that the built in memory of router is capable of keeping multiple software as required during the FCS operation in a very efficient manner. 16. Core WAN Router Features/Components Make & Model Offered Router Architecture: The router architecture should have following features Services required (Voice, Video & Data) Architecture should support Voice and Data Services Modular Chassis Interface Support Required: The router architecture should have following features Ethernet LAN Ports required -> 2x10/100/1000 Mbps E1 ports 4 ((Bidder must ensure the integration of E1 ports with leased line Modems) E1 ports upgradable up to 6. ISDN PRI required -> 2 ISDN PRI upgradeable -> 4 Console Port -> 1 Memory Required: RAM Required -> 128 Mb RAM Upgradeable -> 256 Mb Flash Memory Required * -> 32 Mb Flash Memory Upgradable * -> 64 Mb * For the BOOT Operator whos Router does not match the Flash memory requirement, should ensure to provide adequate memory to accommodate all OS features required at present or in future. Performance Requirements for 64 byte packet ->Minimum 600 Kpps Throughput should be 1Gbps Router Functional Requirements RFP for appointment of Vendor for Distribution Mechanism for PDS
118
Compliance/ deviation
Features/Components Tunneling & Encryption -> IP tunneling and IP Sec 3DES/AES VPN for configuration of VPN tunnels. QoS -> ToS, CoS, Queuing, prioritizing NAT, PAT Access Control Protocol Support Required: RIP, OSPF, BGP4, Policy based Routing, PPP, HDLC, IP/MPLS, Multilink Point-to-Point Protocol (MLPPP), IP Version 6 routing support (along with IPv6 RIP, OSPFv3,) as and when required, VRRP or equivalent Re-distribution of routes from on Routing protocol should not be a bottleneck Congestion Management: The router should have proper congestion management to eliminate Network congestion when the link is overloaded. Random Early Detection, Weighted Fair Queuing Selective Packet Discard based on IP precedence or DSCP. IP Multicasting: Type Forwarding ->MBGP/DVMRP, PIM-SM Bandwidth Optimization: The following bandwidth optimization features should be Dial-Backup Dial-on-Demand Inactivity timeouts Accounting: ** The following accounting features should be available: Packet & Byte Counts Start Time Stamp & End Time Stamps. Network Time Protocol RFP for appointment of Vendor for Distribution Mechanism for PDS
119
Features/Components Type of service, TCP Flags & Protocol Source & Destination IP addresses Source & Destination TCP/UDP ports Security Requirements: The offered router should have following security features: Support for Standard Access Lists to provide supervision and control. Controlled SNMP Access through implementation of Access Lists on the router to ensure SNMP access only to the SNMP manager Controlled SNMP access through the use of SNMP. Multiple Privilege Levels for managing & monitoring Support for Remote Authentication User Service (RADIUS) and AAA PPP CHAP support Management Features : The offered router should have the following Management Features: The Router shall support Telnet, ssh, Console access. The router shall support FTP or TFTP for easy software upgrades over the network. Network Management services shall be provided using open standards based protocols like SNMP V1/V2/V3 Configuration Management: The Router shall support configuration management through the command line interface. GUI based software configuration utility shall be provided. Support of configuration on web interface shall be available. Event and System logging: Event and system history logging functions shall be available. The Router shall generate system alarms on events. Facility to put selective logging of events onto a separate hardware where the analysis of log shall be available. RFP for appointment of Vendor for Distribution Mechanism for PDS
120
Features/Components There should be one main Power supply, So in case of any Power supply is switched off, then Router should be able to work without any kind of failure. Mounting : The offered router should be rack mountable Accessories : Should come with all necessary power cords, adapters, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc, required for installation and commissioning of the equipment.
17. KVM Switch Computer Connections LEDs Client/Host Connectors Mouse: Monitor: Daisy-Chain Connector: Monitor Resolution Support: Display Data Channel: Keyboard State: On Screen Display: PC Control: Switching Confirmation: Daisy-Chain Level: Max. PC Control: Bandwidth: Form Factor: 16 Bank and Active Port Display Keyboard: 6-pin Mini-DIN Female PS/2/USB 6-pin Mini-DIN Female PS/2/USB HDDB 15-pin Female VGA, SVGA, XGA,Multisync Two 6-pin Mini-DIN + One 15-pin HDDB (Standard KVM Cable minimum 12 feet) Up to 1920 x 1440 DDC1, DDC2B, DDC2AB Saved and Restored Yes; Password Protected Keyboard, Hot Key, Push Button Buzzer 8 64 200MHz Rack Mountable
121
Dimension (LxWxH in): Weight: Enclosure Material: Operating Temperature: Storage Temperature: Operating Humidity: Power Requirements: Compliances: Safety: Warranty: 18. Remote Access Router for Offices Particulars Make & Model Hardware Architecture
16.14 x 6.5 x 1.85 4.85 lbs. Metal 32F ~ 104F 0F ~140F 0% ~ 80 % RH non-condensing DC 12V, 1A CE, FCC Class B, VCCI UL 5 Years on site warranty
Specifications
Compliance / Deviations
Multiple services (Data, voice, video) Technologies like IP, MPLS etc Modular Chassis Power supply 230 V AC 50 Hz Interface / Slots Ethernet Ports 2 x 10/100 Mbps Shall support variety of interfaces like V.35 Serial E1 Port ISDN BRI Fast Ethernet E1 Interfaces 2 ports BRI 1 Ports Console port 1 numbers Memory RFP for appointment of Vendor for Distribution Mechanism for PDS
122
RAM 128 MB Inbuilt / Flash Memory to 64 MB or more Security
24 MB, upgradeable
GRE and IP Sec 3DES/AES VPN for configuration of VPN tunnels. Encryption IP Sec 3DES/AES NAT, PAT Access control Multilevel Support for Standard Access Lists to provide supervision and control. Controlled SNMP Access using ACL on router to ensure SNMP access only to identified NMS/EMS Controlled SNMP access through the use of SNMP with MD5 authentication. Multiple Privilege Levels for managing & monitoring Support for RMON 1 & 2 groups as and when required Support for Remote Authentication User Service (RADIUS) and AAA PPP CHAP support. PAP (optional) Routing Protocols Static Routes RIPv1, RIPv2 OSPFv2 and v3. BGP4, IS-IS Route redistribution between any of the above protocols Protocols PPP, Multi-link PPP HDLC IPv4, IPv6 MPLS RFP for appointment of Vendor for Distribution Mechanism for PDS
123
VRRP / HSRP IP Accounting Using external Hardware/software infrastructure Packet & Byte Counts Start & End Time Stamp Network Time Protocol Input & Output interface ports. Type of service, TCP Flags & Protocol Source & Destination IP addresses Source & Destination TCP/UDP ports Management Accessibility using Telnet, SSH, Console access. Easier Software upgrades through network, using FTP, TFTP, etc. SNMPv1, snmpv2/v3 Configuration management through CLI, GUI based software utility and using web interfaces. GUI tools shall be provided. Event and system history logging functions shall be available. Support for Syslog Server required Support pre-planned timed reboot to upgrade Hardware to a new software feature and plan the rebooting as an off-peak time. Shall support boot options booting from remote Network node. QoS ToS, CoS, Queuing, prioritizing IP Precedence, Policy based routing Debug & Diagnostics Display of input and output error status on all interfaces Display of Dynamic ARP table Display of physical layer line status signals like RFP for appointment of Vendor for Distribution Mechanism for PDS 124
DCD, DSR, DTR, RTS, CTS on all interfaces Display of Routing table Trace-route, Ping, extended PING Physical Router should be mountable on 19 Rack All necessary power cords, adapters, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc. should be provided 19. LAN Switch (24 Port) for FCS Data Centre Particulars Interface /Slots 1 x 24 ports 10x100 FE 2 x 1000Mbps ports base single mode or GE VLAN features IEEE 802.1Q VLAN encapsulation Dynamic Trunking Protocol (DTP) or equivalent Minimum 255 VLAN Management RS-232 Console port Accessibility using Telnet, SSH, Console access. SNMPv1, snmpv2/v3 Standards IEEE 802.1x support IEEE 802.3x full duplex on 10BASE-T and 100BASETX ports IEEE 802.1d Spanning-Tree Protocol Power Supply Internal power supply 230 Volt 50Hz input Miscellaneous RFP for appointment of Vendor for Distribution Mechanism for PDS
125
Specifications
Compliance Deviations
All necessary power cords, adapters, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc. should be provided 20. LAN Switch (8 Port) for FCS offices Particulars Make & Model Interface /Slots VLAN features Specifications 1 x 8 ports 10x100 FE IEEE 802.1Q VLAN encapsulation Dynamic Trunking Protocol (DTP) or equivalent Minimum 255 VLAN RS-232 Console port Accessibility using Telnet, SSH, Console access. SNMPv1, snmpv2/v3 Standards IEEE 802.1x support IEEE 802.3x full duplex on 10BASE-T and 100BASE-TX ports IEEE 802.1d Spanning-Tree Protocol Power Supply Internal power supply 230 Volt 50Hz input Miscellaneous All necessary power cords, adapters, data cables, connectors, CDs, manuals, brackets accessories, wire managers, etc. should be provided Compliance Deviations /
Management
126
21. G.703 & V.35 lease line modem (2 MBPS) Description According to ETSI HDSL / G.SHDSL to ITU T G991.2 Standard Leased Unconditioned copper 2 / 4 Wire N*64 Kbps up to 2048 Kbps (Synchronous) Standalone to Standalone Management through 10/100 base TX out of band management port, Internal BERT option for diagnostics, Telnet & Web browser for configuration and diagnostics, Dipswitches for loop back, Line protection circuits against lightning and power surges and follow ITU K.21 and UL 1950 standards. DCE interface G.703, DTE interface V.35. Should support to 10KM for 64 KBPS and 5 KM for 2048 KPBS over 24 AWG (0.5mm) or higher All necessary cables including power cord Inbuilt support to work in both 230V 50 Hz AC and -48VDC from a single socket and not to be an ordering option Power, Test, Alarm/Loss, Sync Stand alone unit Should be TEC approved.
COMPLIANCE Mode of operation SELECTABLE DATA RATE MANAGEMENT FEATURES
INTERFACE OPERATING RANGE CABLES POWER SUPPLY INDICATORS Architecture Approval
127
22. Specification for Desktops S. No. 1 2 3 4 5 6 7 8 9 10 11 ITEM Micro- processor Mother Board Chipset Front side Bus Bus Architecture Expansion Slot Memory Graphics Sound Bays Hard Disk Drive Monitor DESCRIPTION Intel Core 2 Duo Processor E6300 or subsequently equivalent/better Intel G965 Express chipset or subsequently equivalent/better 800 MHz or better PCI & PCI Express or better 2PCI, 1PCI Ex, 1PCI EX graphics or more 2GB DDR/SD RAM 266 MHz upgradeable up to 4 GB 256 MB PCI Express NVIDIA or subsequently equivalent/better Integrated 16 bit sound or better with in built speaker 2 internal and 1 external or better 160GB SATA HDD or subsequently equivalent/better 17" Color TFT (1148 cm2 Viewable) Monitor
12 13 14 15 16 17
Key Board Mouse Network Card Power Management Intelligent Manageability features OS
105 keys bilingual (Hindi and English) key board Two Button Optic Scroll Mouse or better with Anti static pad 10/100/1000 Network card with WOL Power supply shall be surge protected and should be able to operate in Indian power condition. Remote System Management & Administration. Pre failure warning on Hard Disk Drive / memory. Preloaded Windows Vista. OS should be capable of working on software as given in software section of Setup Requirement.
128
S. No. 18 19 Antivirus Other Software
ITEM
DESCRIPTION Latest Version of Norton Antivirus or subsequently equivalent/better in sink with data center. Preloaded Hindi fonts (20 or more with Kritdev, Agra, Chandni and Amar ) and Preloaded Latest Version of Microsoft Office.
23. Specification for PDA Processor Memory Intel PXA270 Processor 624Mhz or latest in class 384 MB total memory (320 MB RAM and 64MB SDRAM) Upto 256MB user available persistent storage memory or latest Atleast 2GB Micro SD Card Support available Biometric Fingerprint Reader 3.5" Transflective TFT QVGA color, 64k colors with 240x320 resolution, LED backlight with power save mode, portrait and landscape mode or latest WiFi, Bluetooth Microsoft Windows Mobile 6.0 or equivalent latest. Mobile versions of Microsoft software are included (word, excel, power point etc.) LED indicators for Fully charged, ongoing charging, even alarm notification
Security Display Integrated wireless Operating System Indicators
Memory Expansion ( SD Integrated compact flash type II ( CF) and Secure Digital (SDIO) slot or CF card) Application Design Features Latest security tools, utilities Programmable application quick-launch buttons, navigation buttons, rechargeable / removeable battery , touch sensitive display for stylus or fingertip, USB syncrhonization cradle
129
Battery Life
Removable rechargeble 1,100mAh lithium-ion battery
130
24. Rack 42 U Particulars Physical Attributes Height Rack Type Wire managers Power distribution Door Fan trays Depth Metal Side panels Width Castors Others Specifications Compliance Deviations /
42U Floor mount with caster wheels Two vertical and four horizontal (10 points 5Amp sockets) power distribution Glass door in front with lock With 4 fans 1000 mm Aluminium extruded profile Detachable side panels 19 equipment mounting, extra width is recommended for managing voluminous cables Suitable castors with brakes. The unit shall provide mounting option for PDUs The unit shall provide multi-vendor equipment compatibility All enclosure panels and rack-mounted equipment shall be inherently earthed or grounded directly to the frame. The unit shall provide adequate ventilation to provide airflow required by the major server manufacturers. The unit shall provide a minimum total ventilation area for the front door, split rear doors, and roof
25. Network Racks Specifications Should be EIA compliant Should have proper cable management Provision for tool-less installation of cable spool Floor Mounted Free Standing rack along with Cable Manager RFP for appointment of Vendor for Distribution Mechanism for PDS
131
AC Distribution Box Accessories & Screws Cooling Fans Deviations/ Compliance
26. DMZ Switch Description Make & Model Offered: Technical capability 8 Gbps switching capacity 4 Mpps forwarding performance 512 KB packet buffer memory architecture 16 MB DRAM and 8 MB Flash memory Configurable up to 8000 MAC addresses Support for SNMP V2/V3 IEEE 802.1x support
Management Standards
132
IEEE 802.3x full duplex on 10BASE-T and 100BASE-TX ports
IEEE 802.1D Spanning-Tree Protocol
IEEE 802.1p class-of-service (CoS) prioritization IEEE 802.1Q VLAN IEEE 802.1w IEEE 802.3 10BASE-T specification IEEE 802.3u 100BASE-TX specification The internal power supply supporting 230 Volt 50Hz input
Power
27. Network Printers (Black & White) Head Office Description Print speed, black Print speed, black (normal quality mode) Monthly duty cycle Print quality Paper tray(s) Input capacity, standard Duplex printing (printing on both sides of paper) Up to 35 ppm Up to 35 ppm Up to 100000 pages Up to 1200 x 1200 dpi 3 Up to 1100 sheets Yes (automatic)
133
Specification
Media sizes, standard Memory, standard Processor speed Print languages Connectivity
A3, A4, Letter, legal, executive, 8.5 x 13 in, envelopes Min 80 MB Up to 400 MHz PCL 5e, PCL 6, etc Hi-Speed USB port (compatible with USB 2.0 specifications), EIO slot, Ethernet
28. Network Printer for FCS Officials (Other Locations) Description Print speed, black Print speed, Color Print quality Duplex printing (printing on both sides of paper) Media sizes, standard Memory, standard Processor speed Print languages, standard Up to 12 ppm Up to 8 ppm Up to 600 x 600 dpi Yes (automatic) A4, Letter, legal, executive, envelopes min 16 MB Min 264 MHz PCL 6, PCL 5c, etc Specification
29. Specifications for EMS Vendor will have to provide EMS Solution as per latest industry standards. I. Network Performance & Service Level management: 1. The system must be capable of managing Information Technology (IT) resources in terms of the business Services they support, specify and monitor service obligations, and associate Persons/Customers/Organizations with the services they rely on and related Service Level Agreements. 2. The Services definition facility must include business transaction processes supported by IT resources and allow for specification of rules-based monitoring policies that infers the health of the Service based on the collective values of resource attributes. In addition RFP for appointment of Vendor for Distribution Mechanism for PDS 134
3. 4.
5. 6. 7. 8. 9.
more precise monitoring by using policy groups, which provides the capability to watch multiple attribute values of IT resources must be available. The Customers definition facility must support defining person(s) or organization(s) that uses the business Services or is a party to a service level agreement contract with a service provider or both. The facility must enable the association of Customers with Services and SLAs. The Service Level Agreements (SLAs) definition facility must support defining a set of one or more service Guarantees that specify the Service obligations stipulated in an SLA contract for a particular time period (weekly, monthly, and so on). Guarantees supported must include one that monitors service availability (including Mean Time to Repair (MTTR), Mean Time Between Failure (MTBF), and Maximum Outage Time thresholds) and the other that monitors service transaction response time. Root cause analysis of infrastructure alarms must be applied to the managed Business Services in determining service outages SLA violation alarms must be generated to notify whenever an agreement is violated or is in danger of being violated. The system must provide the capability to designate planned maintenance periods for services and take into consideration maintenance periods defined at the IT resources level. In addition the capability to exempt any service outage from impacting an SLA must be available. The system must provide the capability of Advanced Correlation for determining Service health, performing root cause analysis, and fault isolation. This must include applying complex Boolean logic on multiple attributes and infrastructure alarms. The system must provide a real time business services Dashboard that will allow the viewing of the current health of required services inclusive of real-time graphical reports.
10. The system should provide intelligent analysis of network performance threshold violations using algorithms for e.g. Raise an alarm only of the value if more than the threshold for a given period of time in a sliding time window and for e.g. Raise an alarm when a variable deviates too much from the historical norm. This will ensure that alarms are provided only for critical performance alerts 11. The Network Performance management system must provide a poller based performance management system that is capable of collecting performance statistics from a wide variety of sources including SNMP MIBs and formatted ASCII log files 12. The system must provide capability to store the collected data in a repository based on an RDBMS.
II. Network Management Reporting Requirements: 1. The system must provide a historical reporting facility that will allow for the generation of on-demand and scheduled reports of Business Service related metrics with capabilities for customization of the report presentation. 2. Granular access control facilities must be available to control users access to information in both the real-time dashboard and historical reporting facilities RFP for appointment of Vendor for Distribution Mechanism for PDS
135
3. The system must provide the following reports as part of the base product:At-A-Glance Reports to present a single page report on vital device statistics like for routers could display:

Backplane Utilization CPU Utilization Fan Status Free Memory Memory Utilization Packets by Protocol Power Supply 1 Status Temperature Status Total Bytes Total Discards In & Out Total Faults In &,Out Total Packets Total Queue Drops & Discards In &Out.
This would help network operators quickly identify device problems 4. Trend Reports to present a single graph of a single variable (e.g. CPU utilization) for multiple devices across time. This would help network operators & IT managers plan for capacity and identify long drawn problems 5. Top N Reports to present a list of elements that exceed / fall below a particular threshold value. This would help network operators to identify elements that share specific performance characteristics (for example, to identify over utilized elements, you would run a Top-N report for all elements whose bandwidth utilization exceeds 90% or availability falls below 95%) 6. What-If Reports to perform capacity planning by observing the effect of changes in capacity & demand (for example, the report should indicate what the bandwidth utilization would be if the demand was double the historical value) 7. Service Level Reports to analyze & display service level information for an enterprise, region, department or business process for e.g. a typical business unit service level report for finance department should indicate evaluation of the performance of all the systems, routers, LAN/WAN segments, and applications within that department 8. Health Reports to analyze trends calculate averages and evaluate the health of the infrastructure. With this information, operators should be able to determine how efficiently applications and systems are running, whether critical resources are available, and what capacity planning initiatives make sense. 9. The system should provide capability to measure & report on availability / response time for common TCP/IP applications such as a. HTTP b. HTTPS RFP for appointment of Vendor for Distribution Mechanism for PDS 136
10. 11. 12. 13. 14. 15. 16.
c. DNS d. FTP e. SNMP f. TCP Connect The system should provide a single solution for both historical and live reporting The system should be able to chart single / multiple elements or variables on a real-time chart The system should provide out-of-box integration with the proposed fault management system for forwarding critical performance alerts and updating the topology map with the information The system should provide capability to graphically depict various element groups (from multiple technologies such as LAN / WAN / Systems etc) in a single window to depict performance alerts. This will help in graphical isolation of performance issues. The system should provide capability to schedule batch reports that can be saved in various common formats (including PDF,HTML and CSV) The system should be capable of polling devices at flexible polling intervals, the minimum being 5 minutes. This will ensure that there is no device performance degradation during polling The system should provide a distributed architecture to ensure scalability
29 b. Service Desk Systems Specifications I. Installation and setup 1. The installation procedure for the centralized helpdesk system should be extremely simple and should be possible to install the basic product within half a day. Besides the pre-requisites i.e. Operating System and database everything else should be installed automatically as part of the basic install 2. It should be possible to architect the solution as a single or multiple server setup for scalability and fail over 3. It should have integrated customer service module so that the same solution can be extended in an integrated manner to serve customers, partners and vendors for supporting IT infrastructure without the need to buy it separately 4. It should be possible to backup the configuration files and database for restoring from a crash 5. The solution should have a single unifying platform and repository for the components or modules of the solution. All the modules of the solution suite must sit on a single same database. 6. It should be possible to deploy the solution using different disaster recovery and high availability architectures like cluster, load balancer, server groups II. Call Logging RFP for appointment of Vendor for Distribution Mechanism for PDS
137
1. The helpdesk executive shall take calls over phone, email or via login to web page (part of the offered software). It should offer an interface like a scratchpad to the executive to register quick complaints instead of asking multiple questions immediately to fill all the fields. 2. The call logging shall be done by the helpdesk person using system call logging's screen. The screen shall have interface to the assets master for identifying the faulty assets 3. The same screen/sub-screen shall give complete information about vendor responsible for the asset/service and accordingly generate email for him. The email shall have all details of assets/service faulty, location and contact details at the location. The copy shall go to location also. 4. The trouble-ticket should be generated for each complaint and given to asset owner immediately as well as part of email. 5. The details of vendor with all local contact details should be emailed to location/person for local follow-up. The emails sent should be customizable to add any comments, if required. 6. Each of the assignment category shall view all calls assigned to them, on on-line basis (refreshing automatic, if screen already open). These groups can in-turn again view assets/service details and reassign or generate email to the service provider with copies to concerned location/person. 7. It should be possible to attach file(s) with the email sent to location. Similarly the complaint logging by the locations through Web page should also support file attachments. 8. The supervisor shall have right to change severity of any call. For some identified locations, it should be possible to mark copies of emails generated against the complaint to Supervisor/head. 9. It should be possible for internal employees and external customers, partners, vendors to login to the same service desk and see different web pages based on their contact type. 10. The solution should allow segregating these two types of contacts and their requests/issues. 11. The solution to allow defining different categories for internal employees and external customers, partners and vendors. 12. The solution should integrate with any other Enterprise Management tool to automatically log requests within Service Desk incase of critical events 13. It should be possible to automatically log calls via email instead of somebody keying in the contents of the mail manually 14. It should be possible to automatically assign the requests based on the category of request, location of the person logging the call and workload of the helpdesk executives within a group. 15. The solution should support accessing helpdesk over https for secure access 16. In a solution where multiple web servers are implemented for scalability the solution should support web load balancing so that there is a common URL for end users and in the background the load gets distributed equally among all the web servers 17. Provision for a secure historical audit log of all incident updates and resolution activities. 18. Facility for Incident closures by utilizing customizable incident closure codes 19. Provision for search facility for closed incidents. 20. Should support incident open, status checking, confirmation, and re-open by end user. 21. Should support attachment of files and URLs as part of the incidents by end users RFP for appointment of Vendor for Distribution Mechanism for PDS 138
III. Notification 1. It should be possible to notify key personnel about call activities like researching, escalation or events using mail, inbuilt notification log reader, fax, pager or SMS provided basic infrastructure for the mode of notification is in place 2. Is should be possible to define type of notification against a contact (user) based on severity i.e. if it is a low priority issue it should be sent via mail and if it is emergency it should be via pager/sms 3. It should be possible to setup notification based on a particular activity type like escalation, transfer or based on some of the field value change like status change from open to researching. 4. It should be possible to setup notification for particular contact, group or object type (e.g. group managers) 5. It should be possible to add hyperlinks to the notification so that the end user/helpdesk executive can click on the same which will directly take him to that request. IV. Knowledge-base 1. The system shall records details of all verities and details of the complaints. Similarly the resolution details shall also be entered into the system. The system shall use all this information to develop knowledge-base for the remote users. These users can access the knowledgebase on appropriate search criteria's and explore possible solutions. 2. The solution should seamlessly integrate with knowledge management solution so that the helpdesk executive can switch between the service desk application and the knowledge management solution without re-authenticating 3. The publishing of knowledge should be a two step process wherein the helpdesk executive who provides the solution projects the solution provided by him as a candidate for knowledge and then the knowledge administrator publishes the same after reviewing it. Thus the accuracy and quality of the knowledgebase is maintained. 4. It should be possible to include attachments as part of the knowledge document 5. It should allow the administrators to search for knowledge from the request detail window for searching in context of the request description 6. The knowledge engineer should have the capabilities to create various knowledge categories and assign the documents to these categories 7. It should be possible to specify an expiration date to a document so that if the same becomes irrelevant for an organization it will be unpublished 8. It should be optionally possible to create request from the knowledge window incases where you have started the session with a keyword search. V. Change Management RFP for appointment of Vendor for Distribution Mechanism for PDS
139
1. The system shall have capability of recording change management information like up-gradation/change/replacement of hardware/ configuration details/software added. Any change shall be on cumulative basis with historical information retained. 2. It should be possible to attach requests with their corresponding change orders wherever required 3. The solution should allow to define complicated workflow tasks with multiple branching and conditions VI. SLA Management 1. The assets master shall maintain the SLA for each item/service. The system should be able to generate report on the SLA violation or regular SLA compliance levels. 2. It should be possible to define SLAs for Categories, Assets, Organization/Departments, priority etc.individually 3. It should allow the helpdesk executives to display how much time is left before the request will violate the defined SLA 4. It should allow all the SLAs to be applied viz. a Printer asset may have a SLA that requires a technician to be dispatched within 2 days. A priority object's (viz. priority 2) SLA may require a callback within 1 hour. With both SLAs applied, these required actions should be enforced. 5. It should be possible to sort requests based on how close are the requests to violate their defined SLAs 6. It should allow to further segregating the SLAs so that appropriate automated actions like status/priority change, escalation, transfer, notification etc. can be taken to try and meet the SLAs. 7. These actions can be based on occurrence of an event that matches certain conditions within specific time condition e.g. Notifies assignee if issue is active for more than 1 hour and the priority is 1. 8. It should also be possible to manually assign such events manually to a request if required 9. It should be possible to calculate the SLAs only during committed service hours say from 9:00 am to 6:00pm 10. It should allow to stop the SLA clock and specify the reason for the same if the request is pending for information from the end user 11. It should indicate differently all requests that have violated their SLAs 12. Provision to automate service delivery threshold monitoring against defined service agreements. 13. Provision for production of service summaries including identification of threshold breaches. VII. Feedback pages 1. The system shall have facility for conducting online survey/feedback on the portal and collecting users' feedbacks. 2. It should provide a very easy to use and intuitive form based interface to create surveys and look at the final outcome by viewing the survey before finalizing the same 3. There should be no restriction on the number of surveys that can be created 4. The solution should allow assigning different surveys to different categories of requests so that relevant questions can be asked specific to a particular request category instead of asking generic questions. These surveys are specific to the request that was resolved RFP for appointment of Vendor for Distribution Mechanism for PDS
140
5. The solution should also allow to define a generic survey and send it to relevant selected people independent of any particular request or change order e.g. a quarterly satisfaction to all department heads VIII. Reports/Views 1. The following shall be available as screen views as well as printable reports format. 2. Based on the access privileges, users/helpdesk staff/supervisor shall be able to view details on pending calls open for a specific time period, critical/high severity calls, details about any open/close call, service history of any asset/service. 3. MIS generation for all calls during any period (day/yesterday/last 2 days/weekly/monthly/ specified period etc.) 4. The system shall generate Exceptional MIS on certain criteria like no. of failures, no. of complaints from same location/of same asset/service etc. 5. Generation of views/reports on the change management I.e. changes in assets etc. over a certain period. All changes shall be reflected in the chronological order. 6. Exceptional/regular SLA status report for all/selected assets/service. 7. Availability/uptime reports. 8. Facility to analyze the incident and call data to identify trends. 9. Database/s must be accessible by 3rd party reporting tools. IX. Archival and purge 1. The solution should have a continuous rule-based archive and purge facility. rule such as archive and purge all requests closed for over one year. The system should then perform the archival operation in the background as the items age out. This approach will remove unnecessary records from the database and improve overall performance without taking the system off-line. X. ITIL compliance 1. The solution should be ITIL compliant in at least 7 of the 10 areas and verified by an authorized third party organization like pink elephant. Please submit the verification document for the same 29 c. Server Management System Specification The server operating systems management solution should be based on the following key principles: I. MDB Configuration Management Database RFP for appointment of Vendor for Distribution Mechanism for PDS
141
A common schema should be used as a single definition and access strategy to all data managed by EMS product solutions. The asset-centric MDB should be shareable entity so that the collective knowledge can be mined and acted upon by the various management specialties. II. Common Transport Mechanism Solution should have a single and secure mode of communications that simplifies the configuration and management of communication in complex network environments. All communications (between manager and agents) should take advantage of standard features such as Secure Sockets, encryption, port consolidation, and dynamic configuration. III. Standard User Interface It should provide a common user interface with standardized colors and procedures that simplifies interaction between all the management products. It should provide role-based, dynamic, and personalized views of management information securely over the Web. The web portal should be capable of consolidating data from numerous and disparate data sources, querying, reporting, and presenting the data in a unified view that suits the unique needs of each viewer IV. Discovery It should provide an on demand discovery process that lets you decide which subnets you want to discover and when. It should also have a continuous discovery process which can be event-driven and ongoing. This should employ a manager and agents that continuously scan your network in real-time mode for new devices or changes in IP addressing of existing IP devices. V. SNMP v3 Proposed solution should be able to provide complete support for SNMP v3 versions. The solution should offer the following functionalities: 1. It should also offer functionality of proactively monitoring various server operating system parameters such as processor (load or loss ), memory (physical, virtual, paging file), files (number, size, delta, timestamp), processes (number, threads, children, memory, CPU usage), file systems (throughput, fragmentation, free space, used space), etc. where applicable, depending on the operating system being monitored, using agents on the target servers to be monitored, and should offer a similar interface for viewing the agents and setting thresholds. It should support operating system monitoring for various platforms including Windows 2003,2008 and various flavours of UNIX and Linux. 2. It should be possible to configure the operating system monitoring agents to monitor based on user-defined thresholds for warning/critical states and escalate events to event console provided by the system. For example, it should be able to monitor CPU utilization and it should be possible to compare current utilization with user-specified warning and critical thresholds. It should be able to monitor memory utilization, which should be compared to user-defined warning and critical thresholds. 3. In addition to providing proactive monitoring functionality for target servers, provision should also exist for performance scoping and trending to provide real time as well as historical reporting for critical servers, where specified. RFP for appointment of Vendor for Distribution Mechanism for PDS 142
4. It should provide performance configuration to enable agent configuration to be done from a central point of control, using intuitive GUIs that provide a common look and feel across various platforms in the enterprise. Performance profiles should be defined in this GUI, and, using drag-and-drop techniques, delivered to the various specified machines in the enterprise running performance agents. These agents should then dynamically reconfigure themselves to use the profiles they receive. 5. Performance scope should provide a real-time view of performance for the components of critical specified systems. It should seamlessly join real-time and historical data to merge current and past performance information for any monitored resource. It should also be able to gather information about resources over a period of time and provide historical performance and usage information through graphical reports, which should quickly show performance trends. 6. Historical performance agent should be responsible for long-term data collection and data management. It should collect historical performance data for a wide range of resources on supported platforms, such as Windows, UNIX etc.. Supported resources should include a wide range of system and system related resources, and SNMP-based resources. The collected data should be available for the purpose of detailed trend analysis and capacity planning if required. It should provide out of the box, Web-Based Reporting (WRS). Using the WRS mentioned above, standard reports for many aspects of system performance analysis should be provided. Simple to complex reports should be possible to build quickly using point and click methodologies A drill-down capability should be provided from summary to detailed for outstanding root cause analysis. It should be possible to schedule, execute, generate and view reports on HTML, PDF and CSV formats. 7. It should provide hardware level metric monitoring (CPU temperature, fan speed, USP state etc.) and the monitoring should also be extensible so that site specific information can be monitored through a programmatic interface. 8. The systems management agents should have facility to monitor all operating system resources, assess which are most critical to monitor on a particular server and then determine a roving baseline for these elements. Through ongoing measurement and analysis, a dynamic policy should be established which takes into account normal working conditions and only issues warnings for true abnormal circumstances. 9. It should provide an advanced event correlation (AEC) engine which includes a simplified policy editor with a web front-end. AEC should do the following: 10. Distinguish between failure messages 11. Determine the root cause of failure 12. Provide an impact analysis of a failure 13. Diagnose and filter unwanted messages 14. Respond to dynamically changing environments 15. It should provide facility to add SNMP traps to the knowledgebase and revise cryptic SNMP messages into something more meaningful messages 16. It should provide a centralized event management system, the focal point for integrated message management throughout the network, which can monitor and consolidate message activity from a variety of sources. It should let us identify event messages that require special handling and initiate a list of actions for handling an event. It should provide centralize management of many servers and ensure the detection and appropriate routing of important events. It should provide an alert management system (AMS); a tool for organizing and tracking the most important events in the enterprise or a logical segment of the enterprise. It should let us focus on and manage the RFP for appointment of Vendor for Distribution Mechanism for PDS 143
highest severity IT events. AMS should provide tools for defining alert policies and multiple panes in the visualization front-end for viewing alerts. It should also have support for notification services that will let us send wired and wireless messages using various protocols and devices to get the attention of operators or administrators, wherever they are, who must resolve problems or attend to emergencies. It should provide more notification options out-of-box like Instant Messenger (SameTime), pager (SNPP), text messaging (SMS via HTTP), phone based (TAP), email , wireless (WCTP) via commands, GUI. 17. It should have facility to integrate with industry standard trouble-ticketing systems (Help Desk). 18. The systems management system should provide a role-based approach so that the management station is not a point of concern for today's security-conscious IT environments. It should define security policies for the preferred way of connecting to and accessing database objects in the MDB. 19. It should provide dashboard view that display real-time information from systems monitoring agents. A dashboard should let us combine on one screen, multiple metrics from one or many agents and one or many hosts. These dashboards should poll the data from the agents and show the metrics "as is."
144

Annexure 7.4 Technical Specification Ver 6.0

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Annexure 7.4 Technical Specification Ver 6.0

Transféré par

Droits d'auteur :

Formats disponibles

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

2.0.2 2.0.3 2.0.4 2.0.5

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

ISP-2 Leased Line Modems

Internet Links 2 Mbps LL ISP-1

External Segment WAN Links For DR Site (2 Mbps or above) Modems

Core Switches in HA Mode Internal Network

FCIP Gateway LTO Tape Autoloader

Application Server (Cluster)

Backup Directory or RADIUS Server Server

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

i. ii. iii. iv. v.

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

CHAP authentication for P-to-P links. DoS/DDoS protection.

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

Configuration changes should be done without rebooting the router or modules.

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

i. ii. iii. iv. v.

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

ii. iii. iv. v. vi. vii. viii. ix. x.

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

Gigabit Ethernet 4 Nos Fast Ethernet 2 Nos

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

Proposed DR Architecture 2.2 COMPUTING HARDWARE REQUIREMENTS

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

NETWORK AND COMMUNICATIONS SPECIFICATIONS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

HTTPS to access internal web servers of FCS network

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)

Filtered and Qualified contents Discarded contents

Firewall with URL Filtering integration

Pornography Sites Gaming Sites

RFP for appointment of Vendor for Distribution Mechanism for PDS

FCS EGOVERNANCE PROJECT - RFP - ANNEXURE 7.4 (T ECHNICAL SPECIFICATIONS)