Date post: | 25-Nov-2015 |
Category: |
Documents |
Upload: | prakash-arthur |
View: | 16 times |
Download: | 2 times |
E-GOVERNANCE MISSION MODE PROJECT (MMP)
CRIME & CRIMINAL TRACKING NETWORK & SYSTEMS (CCTNS)
IMPLEMENTATION OF CCTNS IN GOA
RFP FOR SELECTION OF SYSTEM INTEGRATOR
ANNEXURE II INFRASTRUCTURE REQUIREMENTS
RELEASED BY:
Goa Police
Government of Goa
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 3
Contents .............................................................................................................................................................................. 2
1 INTRODUCTION ..................................................................................................................................... 5
2 PROPOSED NETWORK ARCHITECTURE ......................................................................................... 5
3 USER LOAD MATRIX ............................................................................................................................ 6
4 PRIMARY SITE ....................................................................................................................................... 7
4.1 HELPDESK AND NOC ............................................................................................................................... 7
4.2 DISASTER RECOVERY .............................................................................................................................. 9
4.2.1 The application shall be architected with Aspect ...................................................................... 9
4.2.2 DC Design Description ................................................................................................................ 11
4.2.3 Set-up at Data Centre and DR Site ........................................................................................... 11
4.2.4 Hardware and Security Components at Primary Data center ............................................... 12
4.2.5 Network Components at primary Data Centre......................................................................... 13
4.3 EXISTING SERVERS AND STORAGE IN DATA CENTER............................................................................ 13
5 CLIENT/USER LOCATIONS ............................................................................................................... 15
5.1 REQUIREMENTS AT CLIENT LOCATION................................................................................................... 15
5.2 INFRASTRUCTURE AT CLIENT LOCATION ............................................................................................... 17
5.2.1 IT INFRASTRUCTURE AT THE CLIENT SITE LOCATIONS (SUMMARY) ........................................................ 17
5.2.2 IT INFRASTRUCTURE AT THE CLIENT SITE LOCATIONS (DETAIL) ............................................................. 18
5.2. 4 SITE PREPARATION AT THE CLIENT SITE LOCATIONS (SUMMARY) ......................................................... 20
5.2. 5 SITE PREPARATION AT THE CLIENT SITE LOCATIONS (POLICE STATIONS, SCRB, SDPOS, DISTRICT
HQ AND PHQ) ................................................................................................................................................... 20
6 SOFTWARE REQUIREMENT ............................................................................................................. 22
6.1 ANTIVIRUS ................................................................................................................................................... 22
6.2 EMS ............................................................................................................................................................. 24
6.3 HIPS ............................................................................................................................................................ 28
6.4 STORAGE MANAGEMENT SOFTWARE (SMS).............................................................................................. 30
7 MINIMUM TECHNICAL SPECIFICATIONS ....................................................................................... 30
7.1 DESKTOP ...................................................................................................................................................... 31
7.2. MULTI-FUNCTION PRINTER ......................................................................................................................... 32
7.3 DUPLEX PRINTER ......................................................................................................................................... 33
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 4
7.4 DIGITAL CAMERA ......................................................................................................................................... 33
7.5 ELECTRONIC PEN ........................................................................................................................................ 34
7.6 FURNITURE ................................................................................................................................................... 34
7.7 SAN STORAGE ............................................................................................................................................ 36
7.8 RACK SERVER .............................................................................................................................................. 38
7. 9 UTM ............................................................................................................................................................ 39
7.10 SAN SWITCH .............................................................................................................................................. 41
7.11 L2 SWITCH ................................................................................................................................................. 42
7. 12 5KVA UPS .............................................................................................................................................. 45
7. 13 10 KVA UPS ........................................................................................................................................... 46
7.14 WEB BASED PMIS .................................................................................................................................... 47
7.15 32 INCH LCD TV ....................................................................................................................................... 47
7.16 ACCESS CONTROL SYSTEM ...................................................................................................................... 48
7.17 KVM SWITCH ............................................................................................................................................. 48
8 BOM FOR DC AND DR........................................................................................................................ 49
9 DETAILS OF TECHNOLOGY STACK ENHANCED G-COPS AND CAS (CENTER) ................... 50
9.1 ENHANCED G-COPS TECHNOLOGY STACK ................................................................................................. 50
9.2 CAS (CENTER) SOLUTION .......................................................................................................................... 52
9.3 EXISTING G-COPS TECHNOLOGY STACK .................................................................................................... 53
9.4 DC-DR INFRASTRUCTURE THAT WILL BE AVAILABLE TO SI ....................................................................... 54
9.5 SCOPE OF WORK ......................................................................................................................................... 55
9.6 EXISTING HARDWARE - TECHNICAL SPECIFICATION ................................................................................... 57
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 5
1 Introduction
This Annexure will outline the minimum technical specifications required for meeting the scope of
CCTNS Goa Project. This will cover, but is not limited to the
1) Data Center Site
2) Disaster Recovery Site
3) Client Sites
4) NOC and Helpdesk
The specifications given in this document are indicative and the System integrator is free to suggest a
different specification which could be over and above the minimum specification indicated here.
2 Proposed Network Architecture
Network architecture is a blueprint of the complete computer communication network, which provides a
framework and technology foundation for designing, building and managing a communication network.
It typically has a layered structure. Layering is a modern network design principle which divides the
communication tasks into a number of smaller parts, each part accomplishing a particular sub-task and
interacting with the other parts in a small number of well-defined ways. Layering allows the parts of a
communication to be designed and tested without a combinatorial explosion of cases, keeping design
relatively simple. In the centralized architecture, the main site is known and primary site and the
alternate site is known as Disaster recovery site. The fig below shows the recommended DC-DR
Diagram for Goa CCTNS Project
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 6
3 User load matrix
The calculation for estimated number of external users (citizens) who will be accessing the citizen
portal is as below.
Total Users Estimated is 1% of Internet Penetration 410
Total Internet penetration in Goa: 40997
Total Polpulation in Goa :13,43,998 (2001: Cencus Data)
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 7
The total number of external users expected to use the CCTNS is application is estimated at 410
and assuming a 10% concurrency, a total of 41 users at a time. This is just a suggested figure,
and the number may rise owing to stabilization of application, increased internet penetration and
increased public awareness.
The Government of Goa in India has made a foray into the world of hi-tech e-governance with the
implementation of an end-to-end IP backbone in the state, called the Goa Broadband Network, or
GBBN. This Super high speed network infrastructure will be leveraged to change the way
Administrative Services are delivered to citizens, businesses, and Government employees. The
GBBN has been designed to connect the State Headquarters, District Head Quarter with all 11
Talukas, Village Panchayats, Households, institution across the State. With this, Goa becomes
the first state in the country to have in place a truly converged Wide Area Network, the GBBN
which carries voice, video and data encapsulated in IP packets across the state.
The internal users of G-Cops application can be estimated to be approximately 4600 Police
Personnel, the number of concurrent users can be estimated to be around 200
4 Primary Site
Primary data center will be at Goa State NICs Data Center Facility at Margao, Goa and will be
established in a co-location model. Required modules of the CCTNS application will be
developed and deployed at this Primary DC. All the users across the locations will access this
data securely and store the database in main storage area at Primary DC. Details of indicative
project IT components architecture, required items and specifications are given in
succeeding paragraphs.
4.1 Helpdesk and NOC
In order to Monitor and control the Network of the entire state, Goa Police desire to setup a
Network Operation Centre (NOC) at the Mini Data Center in PHQ, Goa. In addition, the NOC will
also host a Helpdesk to facilitate users on their day to day activities.
NOCs are implemented to oversee complex networking environments that require little to no
downtime. NOC personnel are responsible for monitoring one or many networks for certain
conditions that may require special attention to avoid degraded service. This is required to
manage different networks or to provide geographic redundancy in the event of one site becoming
unavailable. The NOC will be manned 24X7X365 for the duration of the contract
Function:
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 8
NOCs analyze problems, perform troubleshooting, communicate with site technicians and
other NOCs, and track problems through resolution. When necessary, NOCs escalate
problems to the appropriate stakeholders. For severe conditions that are impossible to
anticipate, such as a power failure or a cut optical fiber cable, NOCs have procedures in place
to immediately contact technicians to remedy the problem.
Primary responsibilities of NOC personnel will include:
a. Network monitoring
b. Incident response
c. Communications management
d. Reporting
NOCs often escalate issues in a hierarchic manner, so if an issue is not resolved in a specific
time frame, the next level is informed to speed up problem remediation.
Helpdesks: The proposed Helpdesk Management System will provide the following function:
a. Flexibility of logging, viewing, updating and closing incident manually via web
interface.
Escalation Features
a. Flexibility of incident Assignment based on workload, Category, location etc.
b. Creates tickets when new request will come from operators/Dept
c. Tracking of SLA (CCTNS service level agreements) for call requests within the help
desk through service types
d. Updateable knowledge base for technical analysis and further help end-users to
search solutions for previously solved issues.
Description
The existing area of Mini Data-Center of Goa Police should be used to build the NOC and
Helpdesk Centre. The total area considered for the setup is approx.. 400 Sq. Feet.
The room shall be designed and built to seat 3 persons in NOC and 2 operators in Helpdesk.
SI is expected to provide all the necessary basic furniture and fixtures required in the NOC
room.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 9
Suggested BoM for HelpDesk and NOC
SI No. System Description Quantity
1 Desktops
`
4
2 Duplex Printer 1
3 Furniture 4 Computers Chairs, 4 Computer Table, 1 Printer
Table
4 32 LCD TV 1
5 Access Control System 1
4.2 Disaster Recovery
DR Site is decided by the department at Hyderabad. The proposed application will be on Web
services model.
4.2.1 The application shall be architected with Aspect
The proposed application will be N-tier Service oriented Architecture with separation of business
logic from application, database and presentation. The application will be on the central servers at
Data Center in Goa and the Disaster Recovery (DR traditional 3-tier architecture) will be at
Hyderabad
i. Database Tier: This shall be diagonally scaling and deployed on a DC class server as
specified in this document. Database servers shall be deployed in n+1 cluster. If n is 1 (as per
ISV sizing) then Data base servers shall be deployed in 1+1 cluster.
ii. Application Server: Application servers shall be deployed in multiple servers (horizontal
scaling) as specified in this tender document in n+1 cluster.
iii. Web Tier: Web servers shall be deployed in multiple servers (horizontal scaling) as specified
in this tender document in n+1 cluster.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 10
The application server shall be deployed in N+1 cluster mode with a common standby server for
multiple servers. There should be a database for application servers and web servers. The web
servers shall be deployed with external load balancers for high availability. There shall be at least
two load balancers for redundancy. The web servers shall be configured in n+1 redundancy mode.
The proposed network and security architecture solution and diagram for primary data center is only a
representative and is subject to the overall requirement of all functionalities listed in this section. The
feature of the proposed network and security architecture is as below.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 11
4.2.2 DC Design Description
The router at DC would also have capability to handle the data traffic and multiple SSL/VPN encapsulations for secured data transfer between any of the department offices. The router would also connect to the internet and would offer Server connectivity to external users. The router should be capable to handle both MPLS and Internet connectivity.
The DC- DR replication router shall replicate data across MPLS connectivity to the DR site and vice versa
Host Intrusion Prevention system (HIPS) should detect malicious traffic and further protects the DC DR sites. Intrusion system would also detect (and prevent) any intrusion from Internet/extranet network.
The Network Infrastructure (Switches , firewalls, IDS / IPS , routers, server load balancer, link load balancer etc) would be configured in active active and in high availability mode
Firewalls would provide next layer of protection between the extranets and DMZ (which has hosted the application server).
Web server Users: All the servers would be connected to high capacity L2 Switch, which can process million of packets within seconds, depending on the Users and Application and its contents.
The Application servers would be accessing the database from the backend in order to process the user / citizens queries/requests.
The Database servers (RDBMS) are further hosted in higher security layer, comprising of components such as Firewall and Intrusion Prevention system.
The SDC is required to provide Infrastructure Services such as Firewall Service, Directory Service, Web Service, Database Service, messaging and data storage services etc. which would be utilized for the application.
In this secure infrastructure it has to be ensured that the security devices in the network such as Firewalls, are in high-availability mode, and these devices should be evenly distributed to optimize performance.
The set up shall have the AAA , antivirus , web server , DNS servers connected and configured
The application can be accessed through VPN over broadband and through MPLS connectivity
The DR replication would happen through MPLS cloud
4.2.3 Set-up at Data Centre and DR Site
The DC & DR would be hosting the CCTNS application along with the other identified applications. The
following highlights the different server zone available at the Data Centre
Militarized and De-Militarized Zone at Data center
De-militarized zone will contain the following:
Server Zone
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 12
Militarized zone will contain the following:
Critical Server Zone
Server Zone: The server zone will host the following applications:
Mail and Messaging solution
Antivirus solution
Single Sign on
Directory Services
Portal Server
Critical Server Zone: The critical server zone will host the following applications:
CCTNS Application (CAS (State))
EMS Application
Enhanced G-Cops
4.2.4 Hardware and Security Components at Primary Data center
Following Server Components are proposed at the Primary Data Centre for the CCTNS application:
Portal Server: Web based applications are easily accessible from any sort of the network, Intranet,
internet or extranet. Therefore, portal server plays a vital role this initiative. The portal server would be
used for providing access to the CCTNS application through internet / intranet. Using portal, relevant
contents of the applications can be easily enabled, updated and deployed at the earliest. Portal would
provide a base template to users who want to access the application via internet. The portal server
shall allow users to access the application from internet and the same shall be configured in cluster
mode.
Application Server: Application would be required as middle tier for various web based applications.
Application server would take care of the necessary workflow and portal server would be required for
the interfacing with the end user. Both the portal and application server would be seamlessly
integrated to provide high availability and performance. With the use of load balancers, user requests
would be distributed among various clustered/common servers. The application servers will be
configured in active active and in cluster mode and shall also have the database configured
accordingly.
Database Servers: The database/repository provides all the relevant information required to process
the applications. Database server would be required to store and access data with ease. This would
also be integrated with multiple applications, residing at the DC.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 13
Email Server : The email server would provide emailing solution to the users of Goa Police
Enterprise Management Server: For overall management of the Data center components, an
Enterprise Management System (EMS) will be provided and would be integrated with the CCTNS
application. SI shall have to prepare a category wise detailed list of elements to be monitored,
monitoring parameters and the monitoring frequency in terms of critical, semi critical and non-critical
categories in each Data Center and the application.
4.2.5 Network Components at primary Data Centre
Router: Router will be installed in a redundant mode at the primary data center. There routers will be
the customer premises equipment which will be connected with an Intranet / VPN over Broad band link
HIPS: An intrusion detection system is used to detect several types of malicious behaviors that can
compromise the security and trust of a computer system. This includes network attacks against
vulnerable services, data driven attacks on applications, host based attacks such as privilege
escalation, unauthorized logins and access to sensitive files, and malware (viruses, Trojan horses, and
worms).
Firewall: A firewall will be a part of network that is designed to block unauthorized access while
permitting outward communication. Firewall will be installed in redundant mode at server zone and
critical server zone to provide features like high-availability and fault tolerance.
4.3 Existing Servers and Storage in Data center
The section below suggests the numbers and types of servers, storage and other hardware devices
available with Goa Police.
Co-location with NIC Data center
Primary Data center will be collocated in the data center facility at NIC Data Center at Margao, Goa.
The following components may be used commonly and hence will not be included in the cost:
Rack Space
Power and Cooling
SNMP based UPS, DG set power backup
Fire prevention
Physical security surveillance
Common Data Centre facility Maintenance and Support
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 14
The table given below describes the existing hardware available to support the proposed CCTNS
application for the project. For technical specifications of the existing hardware mentioned below
please refer to section 9.6
Existing Servers Infrastructure Information
Sl. No Server Name (Utility of the server)
Location Make & Model Unit HDD
1 Data Base server
Goa PHQ Dell Power Edge 2950
4 292 GB
2 Application server
Goa PHQ Dell Power Edge 2950
5 146 GB
3 Tape Library Goa PHQ 42 U VALRACK 4
4 Tape Auto Loader
Goa PHQ LTO Drive 6
5 Fiber Channel Storage Enclosure
Goa PHQ Dell PWERVAULT TL2000
1
6 SAN Switch Goa PHQ DELL BROCADE 200E
2
Existing WAN Infrastructure
Sl. No Network
Device Utility Location
Make & Model
Interface / Network
Cards Information
No. of Components
1 Core switch (layer 3)
Goa PHQ D-link Port 24, 10/100/1000 Base T with auto negotiation 4 shared SFP transceiver slots
1
2 Cable Goa Police HQ & Police stations
N/A Cat 6
3 Firewall Goa Police station Zywall Firewall
Unified Threat Management
1
4 KVM Switch Goa PHQ DKVM-8E KVM 3
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 15
Date of Purchase of all the above mentioned Items is Dec-07 and they are covered Under AMC till
May 2013 except for Firewall. SI has to factor the cost of AMC after June 2013
5 Client/User Locations
5.1 Requirements at Client Location
The following table highlights the number of locations at client side and also the primary scope at these
sites
Client Location Scope
Component Number Site Preparation
Client Site Infrastructure
Additional Hardware (Digital camera, Electronic pen)
Police Station CIPA Phase 1 4 No Yes Yes
Police Station 23 Yes As per section 6.2
As per Section 6.2
Other offices (Higher office/Training centres/FSL/FPB/District control rooms)
15 Yes As per Section 6.2
As per section 6.2
The complete breakup of the locations is given as below
Sl No. Name of police Stations & Higher Offices District
1 Panaji Police Station North Goa
2 Old Goa Police Station North Goa
3 Agacaim Police Station North Goa
4 Ponda North Goa
5 Collem Police Station North Goa
6 Valpoi Police Station North Goa
7 Bicholim Police Station North Goa
8 Mapusa Police Station North Goa
9 Calangute Police Station North Goa
10 Porvorim Police Station North Goa
11 Anjuna Police Station North Goa
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 16
12 Pernem Police Station North Goa
13 Margao Police Station South Goa
14 Cuncolim Police Station South Goa
15 Maina Curtorim Police Station South Goa
16 Colva Police Station South Goa
17 Quepem Police Station South Goa
18 Curchorem Police Station South Goa
19 Sanguem Police Station South Goa
20 Canacona Police Staion South Goa
21 Vasco Police Station South Goa
22 Verna Police Station South Goa
23 Marmagoa Police Station South Goa
24 Vasco Railway South Goa
25 Crime Branch (Dona Paula, Panaji) CID
26 Anti Narcotics cell Police Station CID
27 Women Police Station CID
28 SP North Porvorim North Goa
29 SP South Margao South Goa
30 Police Head Quarter North Goa
31 SDPO Panjim North Goa
32 SDPO Porvorim/ Mapusa ii North Goa
33 SDPO Mapusa North Goa
34 SDPO Bicholim North Goa
35 SDPO Ponda North Goa
36 SDPO Margao South Goa
37 SDPO Quepem South Goa
38 SDPO Vasco South Goa
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 17
39 SCRB North Goa
40 Police Control Room North Goa
41 Forensic Science Laboratory South Goa
42 Finger Print Bureau South Goa
5.2 Infrastructure at Client Location
It is to be emphasized here that Goa Police is looking at this engagement as asset of complete
services to be provided by the selected agency and not as a supply of hardware & software. To that
end the specifications laid out in RFP are indicative requirement and Bill of material is minimum,
whereas the bidder are expected to focus on the objectives and SLAs of this project and formulate
their solution offering in a manner that enables achieving those objectives both in letter as well as spirit
SI is requested to put due diligence while responding to this RFP and shall be responsible for
proposing other hardware (like racks etc)/ software components as part of their Bill of Material for the
successful implementation of this project. Operational expenses (paper/toner) in each location for 3
years is also under the scope of SI
5.2.1 IT Infrastructure at the Client site locations (Summary)
Locations Client Side Infra
Type Number PC Printer MFP 5KVA UPS
10KVA UPS
Digital Camera
Electronic Pen
Police Stations 27 108 27 27 27 27 27
SDPO 8 24 8 8
District Office 2 20 20 2
Police Control Room 1 5 1
Forensic Science Lab 1 5 1
Finger Print Bureau 1 2 1
State Crime records Bureau 1 8 8 1
Police Head Quarters 1 15 15 2
NOC 4 1
Total 42 191 28 81 35 5 27 27
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 18
5.2.2 IT Infrastructure at the Client site locations (Detail)
Locations Client Side Infra
Sl No.
Name of police Stations & Highes Offices District PC Printer MFP
5KVA UPS
10KVA UPS
Digital Camera
Electronic Pen
1 Panaji Police Station North Goa
4 1 1 1 1 1
2 Old Goa Police Station North Goa
4 1 1 1 1 1
3 Agacaim Police Station North Goa
4 1 1 1 1 1
4 Ponda North Goa
4 1 1 1 1 1
5 Collem Police Station North Goa
4 1 1 1 1 1
6 Valpoi Police Station North Goa
4 1 1 1 1 1
7 Bicholim Police Station North Goa
4 1 1 1 1 1
8 Mapusa Police Station North Goa
4 1 1 1 1 1
9 Calangute Police Station North Goa
4 1 1 1 1 1
10 Porvorim Police Station North Goa
4 1 1 1 1 1
11 Anjuna Police Station North Goa
4 1 1 1 1 1
12 Pernem Police Station North Goa
4 1 1 1 1 1
13 Margao Police Station South Goa
4 1 1 1 1 1
14 Cuncolim Police Station South Goa
4 1 1 1 1 1
15 Maina Curtorim Police Station
South Goa
4 1 1 1 1 1
16 Colva Police Station South Goa
4 1 1 1 1 1
17 Quepem Police Station South Goa
4 1 1 1 1 1
18 Curchorem Police Station South Goa
4 1 1 1 1 1
19 Sanguem Police Station South Goa
4 1 1 1 1 1
20 Canacona Police Staion South Goa
4 1 1 1 1 1
21 Vasco Police Station South Goa
4 1 1 1 1 1
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 19
22 Verna Police Station South Goa
4 1 1 1 1 1
23 Marmagoa Police Station South Goa
4 1 1 1 1 1
24 Vasco Railway South Goa
4 1 1 1 1 1
25 Crime Branch (Dona Paula, Panaji)
CID 4 1 1 1 1 1
26 Anti-Narcotics cell Police Station
CID 4 1 1 1 1 1
27 Women Police Station CID 4 1 1 1 1 1
28 SP North Porvorim North Goa
10 10 1
29 SP South Margao South Goa
10 10 1
30 Police Head Quarter North Goa
15 15 2
31 SDPO Panjim North Goa
3 1 1
32 SDPO Porvorim/ Mapusa ii North Goa
3 1 1
33 SDPO Mapusa North Goa
3 1 1
34 SDPO Bicholim North Goa
3 1 1
35 SDPO Ponda North Goa
3 1 1
36 SDPO Margao South Goa
3 1 1
37 SDPO Quepem South Goa
3 1 1
38 SDPO Vasco South Goa
3 1 1
39 SCRB North Goa
8 8 1
40 Police Control Room North Goa
5 1
41 Forensic Science Laboratory
South Goa
5 1
42 Finger Print Bureau South Goa
2 1
NOC 4 1
Total 191 28 81 35 5 27 27
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 20
5.2. 4 Site Preparation at the Client site locations (Summary)
Item
Sl.No
Locations Computer Table
Chair Printer Table
Electrical Points
LAN
1 Non CIPA Police Station:
(23 nos.) 92 92 23 2 115
2 SDPO Office: (8 Nos.) 24 24 1 32
3 SP (District) Office: (2
Nos.) 20 20 0 11
4 Police Head Quarter (1) 15 15 0 30
5 SCRB 8 8 8 16
6 NOC 4 4 1
Total 163 163 24 11 204
5.2. 5 Site Preparation at the Client site locations (Police Stations, SCRB, SDPOs,
District HQ and PHQ)
Item
Sl. No Locations Computer
table Chair
Printer Table
Electrical Points
LAN
Non CIPA Police Station: (23 nos.)
1 Collem Police Station 4 4 1 0 5
2 Canacona Police Station 4 4 1 0 5
3 Cuncolim Police Station 4 4 1 0 5
4 Anjuna Police Station 4 4 1 0 5
5 Verna Police Station 4 4 1 0 5
6 Anti-Narcotic Cell Police Station
4 4 1 0 5
7 Colva Police Station 4 4 1 0 5
8 Maina Curtorim Police Station
4 4 1 0 5
9 Marmagoa Police Station 4 4 1 0 5
10 Vasco Police Station 4 4 1 2 5
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 21
11 Vasco Railway Police Station
4 4 1 0 5
12 Crime Branch,Daunapaulo
4 4 1 0 5
13 Margao P.S. 4 4 1 0 5
14 Agacaim P.S. 4 4 1 0 5
15 Curchorem PS 4 4 1 0 5
16 Quepem PS 4 4 1 0 5
17 Women PS, Panaji 4 4 1 0 5
18 Panaji PS 4 4 1 0 5
19 Pernem PS 4 4 1 0 5
20 Bicholim PS 4 4 1 0 5
21 Sanguem PS 4 4 1 0 5
22 Valpoim PS 4 4 1 0 5
23 Old Goa PS 4 4 1 0 5
Total 92 92 23 115
SDPO (8 Nos)
1 SDPO, Ponda 3 3 1 4
2 SDPO, Bicholim 3 3 0 4
3 SDPO, Quepem 3 3 0 4
4 SDPO, Margaon 3 3 0 4
5 SDPO, Vasco 3 3 0 4
6 SDPO,Mapusa 3 3 0 4
7 SDPO, Porvarim 3 3 0 4
8 SDPO, Panjim 3 3 0 4
Total 24 24 1 32
SP District Office
1 SP(South),Margaon 10 10 0 11
2 SP North Office 10 10 0 11
Total 20 20 22
PHQ
1 PHQ 15 15 0 30
SCRB
1 SCRB 8 8 8 16
NOC
NOC 4 4 1
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 22
6 Software Requirement
6.1 Antivirus
Automatic centralized pattern updating and distribution
Ability to block the specific ports at desktop and servers to stop the spread of virus within the
network during the time of outbreak
Ability to block network shares at desktop and servers to stop the spread of virus within the
network during the time of outbreak
Restriction to un-installation of antivirus solution by users
Folder and file type scan exclusions for performance enhancement
Centralized AV management server is required for the following
Have ability to deploy antivirus clients from centralized location
Have ability to centrally download updates for AV software and deploy updates
automatically to the antivirus environment.
Have the ability to show up to the minute antivirus information across the entire
network including number of infections, whether clients are properly updated and
whether AV clients are running
Have ability to take action form the centralized consol including issuing commands to
antivirus clients and getting immediate responses
Have ability to apply appropriate settings to AV client from a centralized consol
Have ability to collect logs from all AV clients and provide information through log
queries or reports
Have ability to notify the administrator from a centralized location.
Ability to control network access based on a computers compliance with organization's
antivirus health policy, remediate the noncompliance to health or restrict the computer's
access to network resources
Anti-virus solution will be implemented on all desktops for CCTNS project.
Anti-virus solution will be implemented on gateways at both primary and DR site
Anti-virus server will be deployed at the primary Datacenter.
Anti-virus solution will also be implemented on all servers at primary site and DR site as part of
the overall solution
Packet Inspection
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 23
The solution should support virtual patching both known and unknown vulnerabilities until the
next scheduled maintenance window.
Virtual Patching should be achieved by using a high-performance inspection engine to
intelligently examine the content of network traffic entering and leaving hosts.
Should provide automatic recommendation of removing assigned policies if a vulnerability no
longer exists - For Example - If a patch is deployed
It should protect operating systems, commercial off-the-shelf applications, and custom web
applications against attacks such as SQL injections and cross-site scripting
The solution shall have the capability to inspect and block attacks that happen over SSL
Solution should be capable of Information gathering about network hosts and their activities,
such as operating system, services, open ports, client applications and vulnerabilities.
The solution must support IPv6 and must be capable of blocking and detecting of IPv6 attacks.
The solution OEM should deliver virtual patching updates within 24 hours of an application
vendor announcing vulnerability in their system
The Solution should have Smart rules provide broad protection, and low-level insight, for
servers and end-user systems. For operating systems and applications, the rules limit
variations of elements of traffic, limiting the ability of attackers to investigate possible attack
vectors since many attacks are based on exceeding expected characteristics. Smart rules are
also used to protect web applications (commercial and custom) from attack by shielding web
application vulnerabilities such as SQL Injection and Cross-Site Scripting.
Solution should provision inclusion of packet data on event trigger for forensic purposes
The solution shall protect against fragmented attacks
Integrity Monitoring
Integrity monitoring module should be capable of monitoring critical operating system and
application elements (files, directories, and registry keys) to detect suspicious behavior,
such as modifications, or changes in ownership or permissions.
The solution should be able to monitor System Services, Installed Programs and Running
Processes for any changes
Log Inspection
Solution should have a Log Inspection module which provides the ability to collect and
analyze operating system, databases and applications for security events.
The solution shall support installation of agents on Windows, Linux and Solaris Operating
Systems
Desktop Antivirus
Agentless Antivirus should support both Real Time and Schedule scan
Solution should support various Actions like, Clean, Delete, Quarantine,Pass
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 24
Solution should also support restoration of quarantined files.
The solution must support IPv6
Should be latest Edition, Should be manufactured not earlier than 2012
6.2 EMS
Enterprise Management System should provide for end to end performance, availability, fault
and event and impact management for all enterprise resources that encompasses the
heterogeneous networks, systems, applications and databases present in the system.
The Service Management solution namely Service desk (incident and problem mgmt),
Change, Asset, Self Service and Service level management should be built on the same
platform/code and leverage the same common, shared configuration database with a unified
architecture. The same platforms should be used across all modules, requiring no complex
integrations to leverage the combined benefits offered by the integrated platform.
Should be SNMP compliant, scalable, support distributed architecture and third party
integrations
Should provide fault and performance management for multi-vendor TCP/IP networks.
The service automation solution should be a unified solution supporting provisioning,
configuration management and compliance assurance across servers, networks and
applications and should support end to end full stack and dynamic server, network and
application provisioning.
Solution should provide for future scalability of the whole system without major architectural
changes.
Solution should be open, distributed, and scalable and open to third party integration.
The solution should provide Agent-based or Agentless Monitoring in a single architecture
that will allow an organization to choose the level of management required and deploys the
right-sized solution to meet those requirements.
The agent and agentless monitor should be able to collect event/fault, performance and
capacity data and should not require separate collectors.
The solution should reduce manual customization efforts and should speed-up problem
identification and resolution of the IT performance anomalies with intelligent events.
The solution should accelerate problem isolation through accurate analysis of probable cause
through end-to-end correlation.
The solution should have the capability to identify probable root cause using a variety of
filtering and statistical correlation methods to shift through every metric to determine their
relevance to the issue being researched.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 25
The solution should possess capabilities that deliver self-learning capabilities to virtually
eliminate the ongoing costs of manual threshold, rule, and script maintenance.
The solution should have the capability to minimize manual threshold management, by
performing automated dynamic threshold management.
The solution should carry out automated probable cause analysis by picking up feeds from
every infrastructure component being monitored and automating the correlation of these
alarms/events to point out the probable cause of an infrastructure error.
Should be configurable to suppress events for key systems/devices that are down for routine
maintenance or planned outage.
The solution should provide end users with the ability to search for known errors and
knowledgebase
Solution should be able to score the events and display the highest impacting events in
descending order
The Network Management function must monitor performance across heterogeneous
networks from one end of the enterprise to the other.
It should proactively analyze problems to improve network performance.
The Network Management function should create a graphical display of all discovered
resources.
The Network Management function should have extensive reporting facility, providing the
ability to format and present data in a graphical and tabular display
Should support discovery of Physical, virtual, network, application, storage and mainframe
resources
Solution should support complete agent-less discovery requiring no software to be installed on
devices to be discovered.
Should Automatically map IT infrastructure to business services
Should support troubleshooting and diagnostics for any discovery scan failures
Business owners should have a clear view of the extent of impact to their business and if
need be the reason behind the impact.
The IT organization should be able to view their tickets by business service and impact from
the same solution
Should support advanced filtering to eliminate extraneous data / alarms in Web browser and
GUI.
Should monitor various operating system parameters such as processors, memory, files,
processes, file systems etc. where applicable using agents on the servers to be monitored.
The agent should support execution of remote commands/scripts for troubleshooting and
diagnostics purposes
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 26
The Solution displays the complete ITIL process flow for Incident, problem, Change and
release Management
The solution should have Service Management Process Model in built based on ITIL v3 best
practices.
At each stage in the cycle of the incident, the system should prompt users on the status and
the missing information that is required to complete the flow
Solution should support multi-tenancy with complete data isolation as well as with ability for
analysts based on access rights to view data for one, two or more organizational units.
Solution should provide L1 engineer an ability to see the list of assets used by the end user.
This list should be displayed within the ticket (incident, change, problem etc).
L1 should be able to view detailed configuration of a selected asset (Eg - amount of CPU,
RAM, Disk Space, IP address, software installed, software used etc). Should be possible to do
this from within the ticket.
Flexibility of logging incidents via various means - web interface, client interface, phone, auto
integration with EMS tools
Service Desk solution should allow detailed multiple levels/tiers of categorization on the type of
incident being logged.
Service Desk solution should provide classification to differentiate the criticality of the security
incident via the priority levels, severity levels and impact levels.
It should allow SLA to be associated with a ticket based on priority, severity, incident type,
requestor, asset, location or group individually as well as collectively.
Should support unified change and release tools (planning, risk assessment, scheduling, and
execution tools) for complete enterprise across virtual & physical environments, applications,
etc
Should be integrated with Service Desk for maintenance and support of assets
Should be integrated with Change Management for deployment, changes.
Should support Integration with supplier, contract, e-procurement data
Should provide best in class integration capabilities with CMDB compliant APIs.
Solution should support comprehensive SLA management platform that cuts across
Infrastructure Management and Service Management. For e.g. monitors and reports across
different KPIs like infrastructure (CPU utilization, disk space), response times , resolution times
(eg. incident closed on 2 hours) performance and custom parameters of an enterprise
Have a consolidated, automated graphical report for SLA compliance with ability to drill down
to reason for non-compliance"
Manage service levels for delivery and support of business services
Fast, repeatable process for defining and capturing service level measurements
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 27
Real-time visualization of service level targets, agreement compliance data, penalties and
rewards
Deliver service level information and alerts directly to IT Operations and Service Support
consoles
Should support single service catalog for request-able services, spanning both IT and non-IT
domains
Should provide for Service Requests Workflows and Fulfillment definitions for commonly used
IT/non-IT services.
Catalog based on User profile
Ability to load dynamic information based on the field chosen
Ability to position both Custom-made and Standard Requests
Should have the ability to extend and create new service request
Should have predefined catalogues that cover specific use cases
Should be completely web based and should be accessible from an unified portal
The services should be integrated to SLAs and should be auto measured for adherence.
Should provide for OOB Reports for Service Support and Service Delivery processes through
a unified portal
Should have ability to have a consolidated view of data collected from different types of
operations (Eg - SLA compliance for a selected business service, it's dependent SLAs, OLA
and UPCs, it's changes by priority, open incidents by priority and status, it's assets and
individual asset compliance, patches installed and compliance to patches etc) and displayed in
a universal portal
Provide users (based on role) to drill down to specific report/data on a need basis
Ability to create custom KPI metrics and scorecard/compliance reports that are updated
automatically
Single dashboard provides the as-is scenario by consolidating the data across the
organization
Should be able to generate the reports for Server, Application, infrastructure services and
Network devices in DC/DR environment. Availability Reports:
o Availability and Uptime Daily, Weekly, Monthly and Yearly Basis
o Trend /Custom/MTBF and MTTR Reports
o Performance Reports of CPU and Memory Utilized
o Interface errors
o Server and Infrastructure service statistics
o Trend report based on Historical Information
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 28
o Custom Reports
o SLA Reporting and Computation of SLA for entire DC/DR Infrastructure
Automated Daily, Weekly, Monthly, Quarterly and Yearly SLA reports
End to end Management of applications (J2EE/.NET based)
Determination of the root cause of performance issues whether inside the Java / .Net
application in connected back-end systems or at the network layer.
Automatic discovery and monitoring of the web application environment and Ability to monitor
applications with a dashboard
Should have ability to correlate events across the entire infrastructure components of DC/DR.
Should support automatic event correlation in order to reduce events occurring in DC/DR.
Should be latest Edition, Should be manufactured not earlier than 2012
6.3 HIPS
The solution should support virtual patching both known and unknown vulnerabilities until the
next scheduled maintenance window.
Virtual Patching should be achieved by using a high-performance inspection engine to
intelligently examine the content of network traffic entering and leaving hosts.
Should provide automatic recommendations against existing vulnerabilities, dynamically tuning
IDS/IPS sensors (Eg. Selecting rules, configuring policies, updating policies, etc.)
Should provide automatic recommendation of removing assigned policies if a vulnerability no
longer exists - For Example - If a patch is deployed It should protect operating systems,
commercial off-the-shelf applications, and custom web applications against attacks such as
SQL injections and cross-site scripting
Solution should work in detect only mode and prevent mode.
Solution should support automatic and manual tagging of events.
Solution should provide policy inheritance exception capabilities.
Solution should provision inclusion of packet data on event trigger for forensic purposes
The solution shall protect against fragmented attacks
The solution should allow to block based on thresholds
The solution should be able to monitor System Services, Installed Programs and Running
Processes for any changes
The solution should be able to automatically recommend log inspection rules based on the OS
and applications running on a server
Log Inspection should work real time
Agent installation methods should support manual local installation, packaging with third party
software distribution systems and distribution through Active Directory
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 29
Any policy updates pushed to the agent should not require to stop the agent, or to restart the
system
The solution shall support installation of agents on Windows, Linux and Solaris Operating
Systems
Solution should have single centralized web based management console.
The solution shall allow grouping security configurations together and also allow to apply these
configurations to other similar systems
The solution should support forwarding of alerts through SNMP and E Mail
The solution should be minimum of EAL 3+ certified
The solution should be able to generate detailed and summary reports.
The solution shall allow scheduling and E Mail delivery of reports
The solution shall have a configurable dashboard that should allow the Administrator to see a
1 day or a 7 day summary
Solution should allow creating multiple dashboard views for different administrators
The solution shall allow creation of custom lists, such as IP Lists, MAC lists etc. that can be
used in the policies that are created.
Solution should support various Actions like, Clean, Delete, Quarantine, Pass
Solution should also support restoration of quarantined files.
Host intrusion prevention system will be deployed at all the servers at the Primary site and the
DR site.
HIPS will analyze all packets to and from the server for and propagation to detect and prevent
attacks.
HIPS solution should offer centralized policy management, and should allow creation of
custom and location based policies.
It should provide a user friendly interface.
It should provide multilayered defense against viruses, spyware, adware, rogue software and
other known and unknown threats.
It should allow tracking of incidents and look for patterns.
HIPS software should protect the end points even when they are off network.
HIPS software should be compatible with the chosen operating system and server hardware.
Should be latest Edition, Should be manufactured not earlier than 2012
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 30
6.4 Storage Management Software (SMS)
Storage management software should protect the organization from the risks of data loss and
will help in reducing complexity, managing costs and address compliance with data retention
and availability requirements.
Storage Management Software should improve the business continuity by shortening backup
and recovery times and maximizing application availability with advanced data recovery
management technologies.
Storage Management Software should employ data duplication and a hierarchy of storage to
increase efficiencies and conserve resources.
SMS should enhance data security with innovative access and encryption features.
SMS should help the department to adapt to changes within the IT infrastructure to minimize
service disruptions and speed restorations and backups.
SMS should increase the visibility into the data protection environment by providing advanced
features for operational monitoring and historical reporting.
SMS should allow Host based replication and failover to IP based network.
SMS should be able to create, manage and protect file shares and network application
storage.
7 Minimum Technical Specifications
All the technical Items covered under the scope of this RFP should be latest Edition and should
be manufactured not earlier than 2012. Warranty for 3 years also shall apply on all items listed
below. The minimum technical specification is as given below. The SI has to give compliance
against each technical parameter.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 31
7.1 Desktop
Desktop
Components Specifications
CPU AMD / Intel Pentium Core
No of Cores Minimum 2 or higher
CPU Speed Min 3 Ghz or higher
Chipset OEM Motherboard
Cache Memory Minimum 2 MB L2 or higher
FSB 800 MB/s-1064 MB/s
Memory 2 GB DDR3 RAM upgradeable upto 8 GB
HDD Minimum 250 GB , 7200 RPM SATA Hard Disk
Monitor 18.5" TFT Monitor
Keyboard (Requirement of bilingual keyboards with Hindi and English printed on the keyboard and not with stickers on the keyboard)
104 Keys, heavy-duty bilingual keyboard, having key life of 20 million keystrokes or more (same make and color as base PC) with India Rupee Symbol
Mouse Two Button Optical Scroll Mouse
Optical Drive DVDRW
Cabinet
Ports Min.6 USB 2.0 ( 2 In front), 1 Serial, 1 Parallel, PS/2 (For Keyboard & Mouse , Audio In/out (In front), Headphone/Mic, Ethernet
Display Controller Intel HD Graphics
Anti-virus Preloaded (licensed version of Antivirus with 3 years validity)
Patch Cord 1 mts CAT 6 cord
Power Management Energy star compliant for power saving
OS Windows 8 preloaded
Networking Features
10/100/1000 Network Card with remote booting facility, remote system installation, remote wake up
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 32
Others Office Productivity Suite applications (like document, spreadsheet, presentation etc) will also be supplied with the Desktop/PC. Office applications which the SI will propose in the solution should be industry standard and OEM supported
7.2. Multi-Function Printer
MFP
Components Specifications
Print speed, black (normal quality mode)
Up to 33 ppm, B/W, Legal (8.5 in x 14 in)
Print resolution, black 4800 x 1200 dpi
Print technology Laser
Duty Cycle 12000 pages
Duplex printing (printing on both sides of paper)
Automatic
Media sizes, standard A4, ISO B5, JIS B5, A5, A6, Executive, US Letter, US Legal, Oficio, Folio, DL Envelope, C5 Envelope, C6 Envelope, Monarch Envelope, No. 10 Envelope
Media types Paper (bond, color, letterhead, plain, preprinted, pre punched, recycled, rough, light), envelopes, labels, cardstock, transparencies, user-defined
Connectivity 1 Hi-Speed USB 2.0; 1 10/100 Ethernet network port
Scanner Flatbed with automatic document feed, upto 1200 dpi;; Scan size maximum (flatbed): 215.9 x 297 mm (8.5 x11.7 inches), Scan speed: upto 15 PPM
Copier Black-white Up to 600x600 dpi, Copy speed (black, draft quality, A4):Up to 25 cpm, Copy resolution (black graphics): Up to 1200 x 600 dpi, Copier resize: 25 to 400%
Power Device Power supply, internal
System Interface 1 USB (compatible with USB 2.0 specifications), 1 network port
Compatible operating systems
Windows 8
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 33
7.3 Duplex Printer
Laser Printer
Components Specifications
Print Speed: Up to 33 ppm, B/W, Legal (8.5 in x 14 in)
Connectivity Technology:
Interface: Hi-Speed USB 2.0 port
Max Resolution ( B&W ): 1200 dpi x 1200 dpi
Duplex Printout: Duplex
PostScript Support: Standard
First Print Out Time B/W: 8 sec
Fonts Included: 45 x TrueType , 35 x PostScript
Media Type: Envelopes, transparencies, labels, plain paper, glossy paper, cards
Max Media Size (Custom): 8.5 in x 14 in
Media Sizes: A4, ISO B5, JIS B5, A5, A6, Executive, US Letter, US Legal, Oficio, Folio, DL Envelope, C5 Envelope, C6 Envelope, Monarch Envelope, No. 10 Envelope
Expansion Slots Total (Free): 1 ( 1 ) x memory
Connections: 1 x Hi-Speed USB
Power Device: Power supply, internal
7.4 Digital Camera
Digital Camera
Components Specifications
Max resolution 4000 x 3000
Image ratio w:h 4:3, 16:9
Effective pixels 14.1 megapixels or above
Sensor type CCD/CMOS
Digital zoom Yes, 4x or above
Image stabilization Yes
Auto Focus Yes
Optical zoom Yes, 10x or above
Built-in Flash Yes
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 34
Battery Type Lithium (Rechargeable)(should also be charged externally and not just with USB)
Memory Card 8 GB
Accessories Should include any required accessories (Charger, USB cable, Drivers, etc)
Display Size 3" LCD
Recording Format HD Movie Recording
7.5 Electronic Pen
Electronic Pen
Components Specifications
Data communication
USB 2.0
Built-in battery Lithium Battery/Rechargeable battery
Continuous writing time 2 hours or longer Standby time:1 hours (min.)
Operating system support Windows7/ 8
Writing Area No Pad/No Special Paper, should able to write on most surfaces
Memory Storage device should store upto 100 A4 size papers
Pen Battery Life Approx. 60 hours or longer
Accessories Should include any required accessories (Charger, USB cable, Drivers, SDK/APIs etc)
7.6 Furniture
Detailed Specifications
Computer Table Size: L 910 x W 610 x H 728 mm
Top: Size 910 x 610 mm made of 18 mm thick pre laminated medium density fiber (MDF) board ISI Marked (IS: 14587-1998). The top shall be firmly screwed on 25x25x1 mm square tube frame as shown in figure
Upper side of laminated board shall be in natural teak shade while the bottom side shall be white/cream shade.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 35
Sliding key Board tray: A Sliding key Board tray shall be made of 18mm pre laminated medium density fiber board of size 725x450 mm. The gap between top and tray shall be 100mm.
The storage shelve for CVT : A storage shelve made of 18 mm particle board shall be provided along with the length of the table at bottom about 100 mm above from the ground level. Shelves shall be screwed on frame work of 25x25x1 mm square tube. The shelve shall be covered from back side with 18mm pre laminated medium density fiber board as shown in drawing.
Steel Structure: The rigid steel structure shall consist of two nos. rectangular base tubes of size 50x25x1.25 mm about 520 mm length placed along the width on vertical tubes of size 25x25x1 mm shall be welded for fixing up of side panels. A supporting frame of 25x25x1 mm square tube shall be welded on the top of the tubes for the side panels as shown for supporting the top of the table.
The base tube shall be provided with adjustable shoes 2 nos. on each side.
Painting: Complete frame of tubes shall be powder coated.
Printer Table Size: L 610 x W 610 x H 660
mm
Printer table shall be as per figure/ drawing.
Shelves : 3 no. made of 18mm thick pre laminated Medium Density Fiber Board(MDF) ISI marked (IS 14587 1998)
Top shelve size 610x610 mm for placing printing unit.
Middle Shelve size 460x330 mm for placing feet on stationary.
Bottom shelve size 460x380 mm for collecting print out.
The top faces of the shelve shall be natural teak wood shade.
The bottom faces shall be in plain white/cream shades.
Structure: The structure shall be made from square and rectangular steel tubes duly welded finished and powder coated
Vertical tubes shall be welded in two rectangular bottom tubes 50x25x1.25 mm as shown in drawing.
The horizontal tube 25x25x1 mm thick 330 m long shall be welded over vertical tubes 25 mm off the center width /depth wise.
Panels made of 18 mm pre laminated particle board shall be screwed rigidly between vertical tubes on both sides.
Two nos. bottom support tubes 50x25x1.25mm thick shall also be provided with two nos. of adjustment shoes.
A rectangular slot of size 455x25 mm shall be provided on top shelve along with length for feeding stationary as shown in figure. A slot shall be covered with PVC insertion for safely of paper.
The ends of bottom and top shall be plugged with PVC/ plastic caps.
Painting Complete steel structure shall be pretreated and powder coated with minimum thickness of 60 microns coating
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 36
Computer Chair with Handle Seat size shall be 430x430 mm on 10 mm. thick molded comm. ply with 60 mm thick 40 density molded PU foam
Back rest size shall be 400x300 mm on 10 mm thick molded comm. ply with 40 mm thick 32 density molded PU foam covered with tapestry.
The height of back rest shall be 900x500 mm for top and bottom edges respectively. The black rest shall be provided with lifting arrangement on flat iron & helical spring.
Two nos. suitable PU handles shall be proved.
The base stand should be made up of 5 prongs duly pressed welded together centrally with a pedestal bush with good quality twin wheel castors. The stand and other metal parts excluding central spindle shall be powder coated. Complete steel structure shall be pretreated and powder coated with minimum thickness of 60 microns coating.
A central spindle of 25mm diagonal rod without threads shall be provided with revolving arrangements. The adjustable height of chair shall be from 530 to 570 mm.
A good quality tapestry cloth shall be provided on seat & back in attractive color/ shade.
7.7 SAN Storage
Components Specifications
Offered Capacity
The Storage Array shall be offered with 5 TB Usable space after Raid 5/6 Implementation.
Global Hot Spare
Offered Storage Array shall support distributed Global hot Spare for offered Disk drives. At least 2 Global hot spare drives shall be configured for every 50 drives.
Disks support
Offered Storage Array shall support 4/6Gbps dual-ported 146/ 300 / 400 / 450GB / 600GB hot-pluggable Enterprise FC/ SAS & 1TB / 2TB SATA/SAS hard drives
Expandability Storage shall be scalable to min 200 TB after Raid 5/6 Implementation
Operating System Support
The storage array should support industry-leading Operating System platforms including: Windows Server 2003, 2008, Vmware, Sun Solaris, HP-UX, IBM-AIX and Linux Offered Storage Shall support all above operating systems in Clustering.
Cache Shall be configured with 8GB cache memory per controller scalable to 16GB cache per controller.
Protocols Supported
The storage system should support FC, IP / iSCSI, CIFS, TCP/IP, NFS and HTTP protocols.
RAID level support
RAID level 0, 1, 1+0, 5, 6.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 37
SNAP Copy The storage should have capability to creating instant online and consistent SNAP copy images.
Requisite license for creating at least TWO snap copies should be provided for the offered capacity of the system. And the space required for creating these SNAP copies shall be configured additionally from day one.
Redundancy The offered Storage system shall be configured in a No Single Point of Failure with respect to Control cards, Power supplies, Cooling fans, cache etc
System Console
Should support system management console
Management Interface
Should support browser based management GUI and web based remote management of SAN storage
Replication The storage at the controller level shall be configured for storage based asynchronous data replication to binary compatible remote storage through a WAN link.
Cables and Connectors
The storage shall be configured with 25 Mtrs LC-LC cables with connectors for each active port on SAN Switch
Other features
Non-disruptive Online microcode updates and remote diagnostic support should be supported. Storage should also support RAID group expansion and shrinking, LUN expansion and shrinking dynamically.
Ports Bandwidth
Offered storage shall be end to end 4/8Gbps where each drive and drive shelf shall be connected through dual active-active paths.
Global Hot Spare
Offered Storage Array shall support distributed Global hot Spare for offered Disk drives At least 2 Global hot spare drives shall be configured for every 50 drives.
Performance Offered Storage subsystem shall support more than 1,00,000 IOPS Shall have capability to use more than 30 drives per array group or raid group for better performance Shall support more than 800MB/sec sequential throughput.
Load Balancing & Multi-path
Multi-path and load balancing software shall be provided,
Re-build time For better re-build times in case of disk failure, offered storage rebuild operations shall not depends upon the number of drives in the raid group
Business Copy
Shall support Snapshot,
Remote Replication
Storage shall support both Synchronous and Asynchronous replication at controller level Shall support replication across all models of the offered family
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 38
Host Ports & Back-end Ports
Offered Storage shall have minimum of 4 host ports for connectivity to servers & minimum of 2 device ports for Disk shelf connectivity
No Single point of Failure
Offered Storage Array shall be configurable in a No Single Point of configuration including Array Controller card, Cache memory, FAN, Power supply etc. It should have Redundant power supplies, batteries and cooling fans and data path and storage controller.
Processing Power
Offered controllers shall be based on latest PCI-e/equivalent technology to ensure that there is no bottleneck for IO communication.
Architecture & Processing Power
The storage array should support dual, redundant, hot-pluggable, active-active array controllers
7.8 Rack Server
Components Specification
Form Factor Rack (U/2U)
Processor Latest Generation x86-64 Bit Intel Minimum 2 Quad core Processor scalable to 4 processors with Minimum 2.2 Ghz Clock Speed and 4 MB Cache or higher
Processor should be latest series/generation for the server model being quoted
Memory Min 32 GB DDR3 RAM with min 8 Nos. free slots for future expandability.
Storage Connectivity
The Blade should have redundant 8 Gbps Fiber Channel HBA/FC Port (only for database server)
Ports 2 X (1000BASE-T) Tx Gigabit LAN ports with TCP / IP offload engine support / dedicated chipset for network I/O on blade server
HDD 2 X 300/450GB HDD or more hot swap/ hot plug system disk with mirroring using integrated RAID 0,1 on internal disks, or min.16 GB compact flash card to be provided.
Controller VGA / Graphics Port / Controller
OS Should support heterogeneous OS platforms
OS Red hat Enterprise Linux Latest Edition
Clustering Should have Cluster support for high availability
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 39
7. 9 UTM
Sl No. General Technical Specifications
1 Hardware Platform:
a No built-in mechanical moving parts.
b Should be Hardened OS based Application Level Firewall
c Should have flash based configuration storage
2 Following IP Address Assignment should be supported by the XTM:
a Static
b PPPoE Client
c DHCP Server
d DHCP Client
e DHCP Relay
f Dynamic DNS Client
g Transparent Mode
h Bridge Mode
3 Performance:
a Performance upgradeable without replacing device
b Performance upgradeable without adding additional equipment
c Firewall Throughput
d XTM Throughput
e VPN Throughput
f Conncurrent Connections
g Ethernet Interface
h Should support Reputation Enabled Defense - Cloud Based Web Security
i Application Control
4 Encryption and certificates:
a AES 128bit, 196bit and 256bit
b 3DES and DES
5 Authentication servers/processes:
a Windows Active Directory
b LDAP one or more
c Local user group authorization
d Support two factor authentications.
6 Networking:
a Support Multi-WAN - Quantity supported
b Support IPSec VPN failover
c Support Server Load Balancing
d Support VLAN
e Support policy-based routing
f Support Traffic Shaping/QoS
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 40
g Compatible to Centralized Management
7 VPN function:
a Standard IPSec support.
b 3DES and AES
c Should Support Multicast over BoVPN
d Should support IPsec Pass-through
e Should support enabling Type of Service for Ipsec
8 Security:
a Application proxy capability
b Protocol Anomaly Detection
c Security policy can be selectively enable/disable based on time.
d Capability to protect from progressive DDoS.
e Detect and block malicious file when file extension change, such as capability to detect of original file type .exe renamed to .doc, which can be detected and blocked.
f Language independent anti-spam solution
g Advance Recurring Pattern Detection - anti-spam technology, not rely on RBL and scoring.
h With quarantine server capability.
i Web URL filtering with Maximum 54 category based database, with option to refer Online or can be stored on Local Management Station
j IPS and AV signature database keep on updating with hourly basis
k Provide protection against computer virus at gateway level.
l Selectively enable/disable instant messenger (IM) without blocking traditional network communication ports, such as Yahoo messenger, MSN and ICQ.
m Option to enable/disable peer to peer (P2P) application, such as BitTorrent, Kazaa and eDonkey.
n With yearly anti-spam/anti-virus and web filtering service subscription
o Should have Server/Client Quota based Distributed Denial of Service Prevention
p Should have option to create ALIASES to identify group of Hosts or networks with one Unique Name
9 Administration:
a Dedicated GUI management program for robust feature configuration.
b Option for Remote management, through WEBUI, CLI & Secure Management Software
c System log transfer encryption without replying on VPN.
d Administrative TCP/IP ports should be such that they prevent brute-force attack.
e When login with administrative privilege, other login to the device is denied for configuration integrity.
f Real-time network connection map for connection status.
g Drag-and-drop VPN configuration capability.
h Comprehensive reporting suite without additional software component.
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 41
i Offline policy files configuration and modification.
j SNMP management.
k Ability to make a full backup of the entire flash disk as image file.
l Ability to make/edit configuration file offline for better administrative management, without connecting to the operating security device.
m Should have option to Change Default Web UI Port
n Should have option to schedule rebooting
10 Monitoring, Logging and Reporting
a Live Traffic Monitor
b System Servises Status Monitor
c Authenticated User List Monitor
d VPN Connections Monitoring
e IP/Host/User based Traffic Watch with option Block Source/Destination
f Protocol based Traffic Watch
g HTML/PDF Audit Reporting
h Remote Logging Support
i Remote Reporting Support
j Remote Monitoring Support
k Out of Device Encrypted Log Channel
l Syslog Support
m SNMP Support
n Multi-Appliance Log Aggregation
11 Certifications
a Common Criteria EAL4
b ICSA IPSec
c ICSA Firewall
7.10 SAN switch
Parameter Description
Performance 8 Gbps Fibre Channel
Ports 16-24Fibre Channel
Aggregate Switch Bandwidth
384 Gbps Maximum
Protocol Support Fibre Channel
Availability No single point of failure.
Media Types No single point of failure. Hot code load. Ports on demand with no downtime
Upgradeability Standard 16 Ports; 8 Port on Demand upgrades
Required Software Advanced Fabric OS, Advanced Zoning, Web Tools
Form Factor 1U
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 42
7.11 L2 Switch
Physical Configuration
Expansion Slots Should have minimum 2 x 10 Gigabit SFP+ port and 1 x expansion slot
Fixed Ports 24 x 10/100/1000 Base-T ports
Out-of-Band Management Console Port
Packet Buffer 1.5MB
SDRAM for CPU 256MB
Performance
Forwarding Rate 95.23Mpps
MAC Address Table Size No. of MAC Address Supported 16K
Switching Capacity The Switch should support 128Gbps
L2 Features
Auto MDI/MDIX Should support Auto MDI/MDIX
Flow Control Should support flow control
IGMP Snooping should support IGMP Snooping v1 | v2
Link Aggregation Should support following link aggregation * IEEE 802.3ad with LACP (Dynamic) * Cisco Ether Channel Liked *Unicast / Multicast traffic Balance over Trunking port
Multicast (IGMP) Snooping Should support following Multicast (IGMP) Snooping *Queried Support *Immediate Leave *IGMP Filtering *IGMP Throttling *IGMP Leave Proxy *MVR Support
MVR Should support MVR
Q in Q Should support Q in Q
Spanning Tree IEEE 802.1D (STP) | IEEE 802.1w (RSTP) | IEEE 802.1s (MSTP) | Spanning Tree Fast Forward | BPDU Filter | BPDU Forward | Root Guard | BPDU Guard | Loopback Detection | Auto Edge Port
Storm Control Broadcast | Multicast
Unicast / Multicast traffic Balance over Trunking port
Yes
Mission Mode Project-CCTNS Annexure II Infrastructure Requirements
Goa Electronics Limited Page 43
VLAN IEEE 802.1Q Tagged Based | Private VLAN | GVRP | IEEE 802.1v | MAC Based | IP Subnet VLAN | Port Based | Voice VLAN | VLAN Trunking
VLAN Group 4K
QoS Features
CoS IEEE 802.1p | DSCP
DiffServ (RFC2474) Yes
H/W Queues 8
Priority Queue Scheduling WRR | Strict Priority | Hybrid
Rate Limiting Ingress | Egress
Security Features
ACL Time-Based
ACL L2/L3/L4 Yes
Dynamic ARP inspection (DAI) Yes
HTTP and SSL ( Secured Web) Yes
IEEE 802.1x Port-based | MAC-based | VLAN Assignment | Guest VLAN
Instruction lock (link detection) Yes
MAC Based Authentication Yes
MAC Filter Yes
Management Access Filteri