NEW RFP

E-GOVERNANCE MISSION MODE PROJECT (MMP)

CRIME & CRIMINAL TRACKING NETWORK & SYSTEMS (CCTNS)

IMPLEMENTATION OF CCTNS IN GOA

RFP FOR SELECTION OF SYSTEM INTEGRATOR

ANNEXURE II INFRASTRUCTURE REQUIREMENTS

RELEASED BY:

Goa Police

Government of Goa

Mission Mode Project-CCTNS Annexure II Infrastructure Requirements

Goa Electronics Limited Page 3

Contents .............................................................................................................................................................................. 2

1 INTRODUCTION ..................................................................................................................................... 5

2 PROPOSED NETWORK ARCHITECTURE ......................................................................................... 5

3 USER LOAD MATRIX ............................................................................................................................ 6

4 PRIMARY SITE ....................................................................................................................................... 7

4.1 HELPDESK AND NOC ............................................................................................................................... 7

4.2 DISASTER RECOVERY .............................................................................................................................. 9

4.2.1 The application shall be architected with Aspect ...................................................................... 9

4.2.2 DC Design Description ................................................................................................................ 11

4.2.3 Set-up at Data Centre and DR Site ........................................................................................... 11

4.2.4 Hardware and Security Components at Primary Data center ............................................... 12

4.2.5 Network Components at primary Data Centre......................................................................... 13

4.3 EXISTING SERVERS AND STORAGE IN DATA CENTER............................................................................ 13

5 CLIENT/USER LOCATIONS ............................................................................................................... 15

5.1 REQUIREMENTS AT CLIENT LOCATION................................................................................................... 15

5.2 INFRASTRUCTURE AT CLIENT LOCATION ............................................................................................... 17

5.2.1 IT INFRASTRUCTURE AT THE CLIENT SITE LOCATIONS (SUMMARY) ........................................................ 17

5.2.2 IT INFRASTRUCTURE AT THE CLIENT SITE LOCATIONS (DETAIL) ............................................................. 18

5.2. 4 SITE PREPARATION AT THE CLIENT SITE LOCATIONS (SUMMARY) ......................................................... 20

5.2. 5 SITE PREPARATION AT THE CLIENT SITE LOCATIONS (POLICE STATIONS, SCRB, SDPOS, DISTRICT

HQ AND PHQ) ................................................................................................................................................... 20

6 SOFTWARE REQUIREMENT ............................................................................................................. 22

6.1 ANTIVIRUS ................................................................................................................................................... 22

6.2 EMS ............................................................................................................................................................. 24

6.3 HIPS ............................................................................................................................................................ 28

6.4 STORAGE MANAGEMENT SOFTWARE (SMS).............................................................................................. 30

7 MINIMUM TECHNICAL SPECIFICATIONS ....................................................................................... 30

7.1 DESKTOP ...................................................................................................................................................... 31

7.2. MULTI-FUNCTION PRINTER ......................................................................................................................... 32

7.3 DUPLEX PRINTER ......................................................................................................................................... 33



7.4 DIGITAL CAMERA ......................................................................................................................................... 33

7.5 ELECTRONIC PEN ........................................................................................................................................ 34

7.6 FURNITURE ................................................................................................................................................... 34

7.7 SAN STORAGE ............................................................................................................................................ 36

7.8 RACK SERVER .............................................................................................................................................. 38

7. 9 UTM ............................................................................................................................................................ 39

7.10 SAN SWITCH .............................................................................................................................................. 41

7.11 L2 SWITCH ................................................................................................................................................. 42

7. 12 5KVA UPS .............................................................................................................................................. 45

7. 13 10 KVA UPS ........................................................................................................................................... 46

7.14 WEB BASED PMIS .................................................................................................................................... 47

7.15 32 INCH LCD TV ....................................................................................................................................... 47

7.16 ACCESS CONTROL SYSTEM ...................................................................................................................... 48

7.17 KVM SWITCH ............................................................................................................................................. 48

8 BOM FOR DC AND DR........................................................................................................................ 49

9 DETAILS OF TECHNOLOGY STACK ENHANCED G-COPS AND CAS (CENTER) ................... 50

9.1 ENHANCED G-COPS TECHNOLOGY STACK ................................................................................................. 50

9.2 CAS (CENTER) SOLUTION .......................................................................................................................... 52

9.3 EXISTING G-COPS TECHNOLOGY STACK .................................................................................................... 53

9.4 DC-DR INFRASTRUCTURE THAT WILL BE AVAILABLE TO SI ....................................................................... 54

9.5 SCOPE OF WORK ......................................................................................................................................... 55

9.6 EXISTING HARDWARE - TECHNICAL SPECIFICATION ................................................................................... 57



1 Introduction

This Annexure will outline the minimum technical specifications required for meeting the scope of

CCTNS Goa Project. This will cover, but is not limited to the

1) Data Center Site

2) Disaster Recovery Site

3) Client Sites

4) NOC and Helpdesk

The specifications given in this document are indicative and the System integrator is free to suggest a

different specification which could be over and above the minimum specification indicated here.

2 Proposed Network Architecture

Network architecture is a blueprint of the complete computer communication network, which provides a

framework and technology foundation for designing, building and managing a communication network.

It typically has a layered structure. Layering is a modern network design principle which divides the

communication tasks into a number of smaller parts, each part accomplishing a particular sub-task and

interacting with the other parts in a small number of well-defined ways. Layering allows the parts of a

communication to be designed and tested without a combinatorial explosion of cases, keeping design

relatively simple. In the centralized architecture, the main site is known and primary site and the

alternate site is known as Disaster recovery site. The fig below shows the recommended DC-DR

Diagram for Goa CCTNS Project



3 User load matrix

The calculation for estimated number of external users (citizens) who will be accessing the citizen

portal is as below.

Total Users Estimated is 1% of Internet Penetration 410

Total Internet penetration in Goa: 40997

Total Polpulation in Goa :13,43,998 (2001: Cencus Data)



The total number of external users expected to use the CCTNS is application is estimated at 410

and assuming a 10% concurrency, a total of 41 users at a time. This is just a suggested figure,

and the number may rise owing to stabilization of application, increased internet penetration and

increased public awareness.

The Government of Goa in India has made a foray into the world of hi-tech e-governance with the

implementation of an end-to-end IP backbone in the state, called the Goa Broadband Network, or

GBBN. This Super high speed network infrastructure will be leveraged to change the way

Administrative Services are delivered to citizens, businesses, and Government employees. The

GBBN has been designed to connect the State Headquarters, District Head Quarter with all 11

Talukas, Village Panchayats, Households, institution across the State. With this, Goa becomes

the first state in the country to have in place a truly converged Wide Area Network, the GBBN

which carries voice, video and data encapsulated in IP packets across the state.

The internal users of G-Cops application can be estimated to be approximately 4600 Police

Personnel, the number of concurrent users can be estimated to be around 200

4 Primary Site

Primary data center will be at Goa State NICs Data Center Facility at Margao, Goa and will be

established in a co-location model. Required modules of the CCTNS application will be

developed and deployed at this Primary DC. All the users across the locations will access this

data securely and store the database in main storage area at Primary DC. Details of indicative

project IT components architecture, required items and specifications are given in

succeeding paragraphs.

4.1 Helpdesk and NOC

In order to Monitor and control the Network of the entire state, Goa Police desire to setup a

Network Operation Centre (NOC) at the Mini Data Center in PHQ, Goa. In addition, the NOC will

also host a Helpdesk to facilitate users on their day to day activities.

NOCs are implemented to oversee complex networking environments that require little to no

downtime. NOC personnel are responsible for monitoring one or many networks for certain

conditions that may require special attention to avoid degraded service. This is required to

manage different networks or to provide geographic redundancy in the event of one site becoming

unavailable. The NOC will be manned 24X7X365 for the duration of the contract

Function:



NOCs analyze problems, perform troubleshooting, communicate with site technicians and

other NOCs, and track problems through resolution. When necessary, NOCs escalate

problems to the appropriate stakeholders. For severe conditions that are impossible to

anticipate, such as a power failure or a cut optical fiber cable, NOCs have procedures in place

to immediately contact technicians to remedy the problem.

Primary responsibilities of NOC personnel will include:

a. Network monitoring

b. Incident response

c. Communications management

d. Reporting

NOCs often escalate issues in a hierarchic manner, so if an issue is not resolved in a specific

time frame, the next level is informed to speed up problem remediation.

Helpdesks: The proposed Helpdesk Management System will provide the following function:

a. Flexibility of logging, viewing, updating and closing incident manually via web

interface.

Escalation Features

a. Flexibility of incident Assignment based on workload, Category, location etc.

b. Creates tickets when new request will come from operators/Dept

c. Tracking of SLA (CCTNS service level agreements) for call requests within the help

desk through service types

d. Updateable knowledge base for technical analysis and further help end-users to

search solutions for previously solved issues.

Description

The existing area of Mini Data-Center of Goa Police should be used to build the NOC and

Helpdesk Centre. The total area considered for the setup is approx.. 400 Sq. Feet.

The room shall be designed and built to seat 3 persons in NOC and 2 operators in Helpdesk.

SI is expected to provide all the necessary basic furniture and fixtures required in the NOC

room.



Suggested BoM for HelpDesk and NOC

SI No. System Description Quantity

1 Desktops

`

4

2 Duplex Printer 1

3 Furniture 4 Computers Chairs, 4 Computer Table, 1 Printer

Table

4 32 LCD TV 1

5 Access Control System 1

4.2 Disaster Recovery

DR Site is decided by the department at Hyderabad. The proposed application will be on Web

services model.

4.2.1 The application shall be architected with Aspect

The proposed application will be N-tier Service oriented Architecture with separation of business

logic from application, database and presentation. The application will be on the central servers at

Data Center in Goa and the Disaster Recovery (DR traditional 3-tier architecture) will be at

Hyderabad

i. Database Tier: This shall be diagonally scaling and deployed on a DC class server as

specified in this document. Database servers shall be deployed in n+1 cluster. If n is 1 (as per

ISV sizing) then Data base servers shall be deployed in 1+1 cluster.

ii. Application Server: Application servers shall be deployed in multiple servers (horizontal

scaling) as specified in this tender document in n+1 cluster.

iii. Web Tier: Web servers shall be deployed in multiple servers (horizontal scaling) as specified

in this tender document in n+1 cluster.



The application server shall be deployed in N+1 cluster mode with a common standby server for

multiple servers. There should be a database for application servers and web servers. The web

servers shall be deployed with external load balancers for high availability. There shall be at least

two load balancers for redundancy. The web servers shall be configured in n+1 redundancy mode.

The proposed network and security architecture solution and diagram for primary data center is only a

representative and is subject to the overall requirement of all functionalities listed in this section. The

feature of the proposed network and security architecture is as below.



4.2.2 DC Design Description

The router at DC would also have capability to handle the data traffic and multiple SSL/VPN encapsulations for secured data transfer between any of the department offices. The router would also connect to the internet and would offer Server connectivity to external users. The router should be capable to handle both MPLS and Internet connectivity.

The DC- DR replication router shall replicate data across MPLS connectivity to the DR site and vice versa

Host Intrusion Prevention system (HIPS) should detect malicious traffic and further protects the DC DR sites. Intrusion system would also detect (and prevent) any intrusion from Internet/extranet network.

The Network Infrastructure (Switches , firewalls, IDS / IPS , routers, server load balancer, link load balancer etc) would be configured in active active and in high availability mode

Firewalls would provide next layer of protection between the extranets and DMZ (which has hosted the application server).

Web server Users: All the servers would be connected to high capacity L2 Switch, which can process million of packets within seconds, depending on the Users and Application and its contents.

The Application servers would be accessing the database from the backend in order to process the user / citizens queries/requests.

The Database servers (RDBMS) are further hosted in higher security layer, comprising of components such as Firewall and Intrusion Prevention system.

The SDC is required to provide Infrastructure Services such as Firewall Service, Directory Service, Web Service, Database Service, messaging and data storage services etc. which would be utilized for the application.

In this secure infrastructure it has to be ensured that the security devices in the network such as Firewalls, are in high-availability mode, and these devices should be evenly distributed to optimize performance.

The set up shall have the AAA , antivirus , web server , DNS servers connected and configured

The application can be accessed through VPN over broadband and through MPLS connectivity

The DR replication would happen through MPLS cloud

4.2.3 Set-up at Data Centre and DR Site

The DC & DR would be hosting the CCTNS application along with the other identified applications. The

following highlights the different server zone available at the Data Centre

Militarized and De-Militarized Zone at Data center

De-militarized zone will contain the following:

Server Zone



Militarized zone will contain the following:

Critical Server Zone

Server Zone: The server zone will host the following applications:

Mail and Messaging solution

Antivirus solution

Single Sign on

Directory Services

Portal Server

Critical Server Zone: The critical server zone will host the following applications:

CCTNS Application (CAS (State))

EMS Application

Enhanced G-Cops

4.2.4 Hardware and Security Components at Primary Data center

Following Server Components are proposed at the Primary Data Centre for the CCTNS application:

Portal Server: Web based applications are easily accessible from any sort of the network, Intranet,

internet or extranet. Therefore, portal server plays a vital role this initiative. The portal server would be

used for providing access to the CCTNS application through internet / intranet. Using portal, relevant

contents of the applications can be easily enabled, updated and deployed at the earliest. Portal would

provide a base template to users who want to access the application via internet. The portal server

shall allow users to access the application from internet and the same shall be configured in cluster

mode.

Application Server: Application would be required as middle tier for various web based applications.

Application server would take care of the necessary workflow and portal server would be required for

the interfacing with the end user. Both the portal and application server would be seamlessly

integrated to provide high availability and performance. With the use of load balancers, user requests

would be distributed among various clustered/common servers. The application servers will be

configured in active active and in cluster mode and shall also have the database configured

accordingly.

Database Servers: The database/repository provides all the relevant information required to process

the applications. Database server would be required to store and access data with ease. This would

also be integrated with multiple applications, residing at the DC.



Email Server : The email server would provide emailing solution to the users of Goa Police

Enterprise Management Server: For overall management of the Data center components, an

Enterprise Management System (EMS) will be provided and would be integrated with the CCTNS

application. SI shall have to prepare a category wise detailed list of elements to be monitored,

monitoring parameters and the monitoring frequency in terms of critical, semi critical and non-critical

categories in each Data Center and the application.

4.2.5 Network Components at primary Data Centre

Router: Router will be installed in a redundant mode at the primary data center. There routers will be

the customer premises equipment which will be connected with an Intranet / VPN over Broad band link

HIPS: An intrusion detection system is used to detect several types of malicious behaviors that can

compromise the security and trust of a computer system. This includes network attacks against

vulnerable services, data driven attacks on applications, host based attacks such as privilege

escalation, unauthorized logins and access to sensitive files, and malware (viruses, Trojan horses, and

worms).

Firewall: A firewall will be a part of network that is designed to block unauthorized access while

permitting outward communication. Firewall will be installed in redundant mode at server zone and

critical server zone to provide features like high-availability and fault tolerance.

4.3 Existing Servers and Storage in Data center

The section below suggests the numbers and types of servers, storage and other hardware devices

available with Goa Police.

Co-location with NIC Data center

Primary Data center will be collocated in the data center facility at NIC Data Center at Margao, Goa.

The following components may be used commonly and hence will not be included in the cost:

Rack Space

Power and Cooling

SNMP based UPS, DG set power backup

Fire prevention

Physical security surveillance

Common Data Centre facility Maintenance and Support



The table given below describes the existing hardware available to support the proposed CCTNS

application for the project. For technical specifications of the existing hardware mentioned below

please refer to section 9.6

Existing Servers Infrastructure Information

Sl. No Server Name (Utility of the server)

Location Make & Model Unit HDD

1 Data Base server

Goa PHQ Dell Power Edge 2950

4 292 GB

2 Application server

Goa PHQ Dell Power Edge 2950

5 146 GB

3 Tape Library Goa PHQ 42 U VALRACK 4

4 Tape Auto Loader

Goa PHQ LTO Drive 6

5 Fiber Channel Storage Enclosure

Goa PHQ Dell PWERVAULT TL2000

1

6 SAN Switch Goa PHQ DELL BROCADE 200E

2

Existing WAN Infrastructure

Sl. No Network

Device Utility Location

Make & Model

Interface / Network

Cards Information

No. of Components

1 Core switch (layer 3)

Goa PHQ D-link Port 24, 10/100/1000 Base T with auto negotiation 4 shared SFP transceiver slots

1

2 Cable Goa Police HQ & Police stations

N/A Cat 6

3 Firewall Goa Police station Zywall Firewall

Unified Threat Management

1

4 KVM Switch Goa PHQ DKVM-8E KVM 3



Date of Purchase of all the above mentioned Items is Dec-07 and they are covered Under AMC till

May 2013 except for Firewall. SI has to factor the cost of AMC after June 2013

5 Client/User Locations

5.1 Requirements at Client Location

The following table highlights the number of locations at client side and also the primary scope at these

sites

Client Location Scope

Component Number Site Preparation

Client Site Infrastructure

Additional Hardware (Digital camera, Electronic pen)

Police Station CIPA Phase 1 4 No Yes Yes

Police Station 23 Yes As per section 6.2

As per Section 6.2

Other offices (Higher office/Training centres/FSL/FPB/District control rooms)

15 Yes As per Section 6.2

As per section 6.2

The complete breakup of the locations is given as below

Sl No. Name of police Stations & Higher Offices District

1 Panaji Police Station North Goa

2 Old Goa Police Station North Goa

3 Agacaim Police Station North Goa

4 Ponda North Goa

5 Collem Police Station North Goa

6 Valpoi Police Station North Goa

7 Bicholim Police Station North Goa

8 Mapusa Police Station North Goa

9 Calangute Police Station North Goa

10 Porvorim Police Station North Goa

11 Anjuna Police Station North Goa



12 Pernem Police Station North Goa

13 Margao Police Station South Goa

14 Cuncolim Police Station South Goa

15 Maina Curtorim Police Station South Goa

16 Colva Police Station South Goa

17 Quepem Police Station South Goa

18 Curchorem Police Station South Goa

19 Sanguem Police Station South Goa

20 Canacona Police Staion South Goa

21 Vasco Police Station South Goa

22 Verna Police Station South Goa

23 Marmagoa Police Station South Goa

24 Vasco Railway South Goa

25 Crime Branch (Dona Paula, Panaji) CID

26 Anti Narcotics cell Police Station CID

27 Women Police Station CID

28 SP North Porvorim North Goa

29 SP South Margao South Goa

30 Police Head Quarter North Goa

31 SDPO Panjim North Goa

32 SDPO Porvorim/ Mapusa ii North Goa

33 SDPO Mapusa North Goa

34 SDPO Bicholim North Goa

35 SDPO Ponda North Goa

36 SDPO Margao South Goa

37 SDPO Quepem South Goa

38 SDPO Vasco South Goa



39 SCRB North Goa

40 Police Control Room North Goa

41 Forensic Science Laboratory South Goa

42 Finger Print Bureau South Goa

5.2 Infrastructure at Client Location

It is to be emphasized here that Goa Police is looking at this engagement as asset of complete

services to be provided by the selected agency and not as a supply of hardware & software. To that

end the specifications laid out in RFP are indicative requirement and Bill of material is minimum,

whereas the bidder are expected to focus on the objectives and SLAs of this project and formulate

their solution offering in a manner that enables achieving those objectives both in letter as well as spirit

SI is requested to put due diligence while responding to this RFP and shall be responsible for

proposing other hardware (like racks etc)/ software components as part of their Bill of Material for the

successful implementation of this project. Operational expenses (paper/toner) in each location for 3

years is also under the scope of SI

5.2.1 IT Infrastructure at the Client site locations (Summary)

Locations Client Side Infra

Type Number PC Printer MFP 5KVA UPS

10KVA UPS

Digital Camera

Electronic Pen

Police Stations 27 108 27 27 27 27 27

SDPO 8 24 8 8

District Office 2 20 20 2

Police Control Room 1 5 1

Forensic Science Lab 1 5 1

Finger Print Bureau 1 2 1

State Crime records Bureau 1 8 8 1

Police Head Quarters 1 15 15 2

NOC 4 1

Total 42 191 28 81 35 5 27 27



5.2.2 IT Infrastructure at the Client site locations (Detail)

Locations Client Side Infra

Sl No.

Name of police Stations & Highes Offices District PC Printer MFP

5KVA UPS

10KVA UPS

Digital Camera

Electronic Pen

1 Panaji Police Station North Goa

4 1 1 1 1 1

2 Old Goa Police Station North Goa

4 1 1 1 1 1

3 Agacaim Police Station North Goa

4 1 1 1 1 1

4 Ponda North Goa

4 1 1 1 1 1

5 Collem Police Station North Goa

4 1 1 1 1 1

6 Valpoi Police Station North Goa

4 1 1 1 1 1

7 Bicholim Police Station North Goa

4 1 1 1 1 1

8 Mapusa Police Station North Goa

4 1 1 1 1 1

9 Calangute Police Station North Goa

4 1 1 1 1 1

10 Porvorim Police Station North Goa

4 1 1 1 1 1

11 Anjuna Police Station North Goa

4 1 1 1 1 1

12 Pernem Police Station North Goa

4 1 1 1 1 1

13 Margao Police Station South Goa

4 1 1 1 1 1

14 Cuncolim Police Station South Goa

4 1 1 1 1 1

15 Maina Curtorim Police Station

South Goa

4 1 1 1 1 1

16 Colva Police Station South Goa

4 1 1 1 1 1

17 Quepem Police Station South Goa

4 1 1 1 1 1

18 Curchorem Police Station South Goa

4 1 1 1 1 1

19 Sanguem Police Station South Goa

4 1 1 1 1 1

20 Canacona Police Staion South Goa

4 1 1 1 1 1

21 Vasco Police Station South Goa

4 1 1 1 1 1



22 Verna Police Station South Goa

4 1 1 1 1 1

23 Marmagoa Police Station South Goa

4 1 1 1 1 1

24 Vasco Railway South Goa

4 1 1 1 1 1

25 Crime Branch (Dona Paula, Panaji)

CID 4 1 1 1 1 1

26 Anti-Narcotics cell Police Station

CID 4 1 1 1 1 1

27 Women Police Station CID 4 1 1 1 1 1

28 SP North Porvorim North Goa

10 10 1

29 SP South Margao South Goa

10 10 1

30 Police Head Quarter North Goa

15 15 2

31 SDPO Panjim North Goa

3 1 1

32 SDPO Porvorim/ Mapusa ii North Goa

3 1 1

33 SDPO Mapusa North Goa

3 1 1

34 SDPO Bicholim North Goa

3 1 1

35 SDPO Ponda North Goa

3 1 1

36 SDPO Margao South Goa

3 1 1

37 SDPO Quepem South Goa

3 1 1

38 SDPO Vasco South Goa

3 1 1

39 SCRB North Goa

8 8 1

40 Police Control Room North Goa

5 1

41 Forensic Science Laboratory

South Goa

5 1

42 Finger Print Bureau South Goa

2 1

NOC 4 1

Total 191 28 81 35 5 27 27



5.2. 4 Site Preparation at the Client site locations (Summary)

Item

Sl.No

Locations Computer Table

Chair Printer Table

Electrical Points

LAN

1 Non CIPA Police Station:

(23 nos.) 92 92 23 2 115

2 SDPO Office: (8 Nos.) 24 24 1 32

3 SP (District) Office: (2

Nos.) 20 20 0 11

4 Police Head Quarter (1) 15 15 0 30

5 SCRB 8 8 8 16

6 NOC 4 4 1

Total 163 163 24 11 204

5.2. 5 Site Preparation at the Client site locations (Police Stations, SCRB, SDPOs,

District HQ and PHQ)

Item

Sl. No Locations Computer

table Chair

Printer Table

Electrical Points

LAN

Non CIPA Police Station: (23 nos.)

1 Collem Police Station 4 4 1 0 5

2 Canacona Police Station 4 4 1 0 5

3 Cuncolim Police Station 4 4 1 0 5

4 Anjuna Police Station 4 4 1 0 5

5 Verna Police Station 4 4 1 0 5

6 Anti-Narcotic Cell Police Station

4 4 1 0 5

7 Colva Police Station 4 4 1 0 5

8 Maina Curtorim Police Station

4 4 1 0 5

9 Marmagoa Police Station 4 4 1 0 5

10 Vasco Police Station 4 4 1 2 5



11 Vasco Railway Police Station

4 4 1 0 5

12 Crime Branch,Daunapaulo

4 4 1 0 5

13 Margao P.S. 4 4 1 0 5

14 Agacaim P.S. 4 4 1 0 5

15 Curchorem PS 4 4 1 0 5

16 Quepem PS 4 4 1 0 5

17 Women PS, Panaji 4 4 1 0 5

18 Panaji PS 4 4 1 0 5

19 Pernem PS 4 4 1 0 5

20 Bicholim PS 4 4 1 0 5

21 Sanguem PS 4 4 1 0 5

22 Valpoim PS 4 4 1 0 5

23 Old Goa PS 4 4 1 0 5

Total 92 92 23 115

SDPO (8 Nos)

1 SDPO, Ponda 3 3 1 4

2 SDPO, Bicholim 3 3 0 4

3 SDPO, Quepem 3 3 0 4

4 SDPO, Margaon 3 3 0 4

5 SDPO, Vasco 3 3 0 4

6 SDPO,Mapusa 3 3 0 4

7 SDPO, Porvarim 3 3 0 4

8 SDPO, Panjim 3 3 0 4

Total 24 24 1 32

SP District Office

1 SP(South),Margaon 10 10 0 11

2 SP North Office 10 10 0 11

Total 20 20 22

PHQ

1 PHQ 15 15 0 30

SCRB

1 SCRB 8 8 8 16

NOC

NOC 4 4 1



6 Software Requirement

6.1 Antivirus

Automatic centralized pattern updating and distribution

Ability to block the specific ports at desktop and servers to stop the spread of virus within the

network during the time of outbreak

Ability to block network shares at desktop and servers to stop the spread of virus within the

network during the time of outbreak

Restriction to un-installation of antivirus solution by users

Folder and file type scan exclusions for performance enhancement

Centralized AV management server is required for the following

Have ability to deploy antivirus clients from centralized location

Have ability to centrally download updates for AV software and deploy updates

automatically to the antivirus environment.

Have the ability to show up to the minute antivirus information across the entire

network including number of infections, whether clients are properly updated and

whether AV clients are running

Have ability to take action form the centralized consol including issuing commands to

antivirus clients and getting immediate responses

Have ability to apply appropriate settings to AV client from a centralized consol

Have ability to collect logs from all AV clients and provide information through log

queries or reports

Have ability to notify the administrator from a centralized location.

Ability to control network access based on a computers compliance with organization's

antivirus health policy, remediate the noncompliance to health or restrict the computer's

access to network resources

Anti-virus solution will be implemented on all desktops for CCTNS project.

Anti-virus solution will be implemented on gateways at both primary and DR site

Anti-virus server will be deployed at the primary Datacenter.

Anti-virus solution will also be implemented on all servers at primary site and DR site as part of

the overall solution

Packet Inspection



The solution should support virtual patching both known and unknown vulnerabilities until the

next scheduled maintenance window.

Virtual Patching should be achieved by using a high-performance inspection engine to

intelligently examine the content of network traffic entering and leaving hosts.

Should provide automatic recommendation of removing assigned policies if a vulnerability no

longer exists - For Example - If a patch is deployed

It should protect operating systems, commercial off-the-shelf applications, and custom web

applications against attacks such as SQL injections and cross-site scripting

The solution shall have the capability to inspect and block attacks that happen over SSL

Solution should be capable of Information gathering about network hosts and their activities,

such as operating system, services, open ports, client applications and vulnerabilities.

The solution must support IPv6 and must be capable of blocking and detecting of IPv6 attacks.

The solution OEM should deliver virtual patching updates within 24 hours of an application

vendor announcing vulnerability in their system

The Solution should have Smart rules provide broad protection, and low-level insight, for

servers and end-user systems. For operating systems and applications, the rules limit

variations of elements of traffic, limiting the ability of attackers to investigate possible attack

vectors since many attacks are based on exceeding expected characteristics. Smart rules are

also used to protect web applications (commercial and custom) from attack by shielding web

application vulnerabilities such as SQL Injection and Cross-Site Scripting.

Solution should provision inclusion of packet data on event trigger for forensic purposes

The solution shall protect against fragmented attacks

Integrity Monitoring

Integrity monitoring module should be capable of monitoring critical operating system and

application elements (files, directories, and registry keys) to detect suspicious behavior,

such as modifications, or changes in ownership or permissions.

The solution should be able to monitor System Services, Installed Programs and Running

Processes for any changes

Log Inspection

Solution should have a Log Inspection module which provides the ability to collect and

analyze operating system, databases and applications for security events.

The solution shall support installation of agents on Windows, Linux and Solaris Operating

Systems

Desktop Antivirus

Agentless Antivirus should support both Real Time and Schedule scan

Solution should support various Actions like, Clean, Delete, Quarantine,Pass



Solution should also support restoration of quarantined files.

The solution must support IPv6

Should be latest Edition, Should be manufactured not earlier than 2012

6.2 EMS

Enterprise Management System should provide for end to end performance, availability, fault

and event and impact management for all enterprise resources that encompasses the

heterogeneous networks, systems, applications and databases present in the system.

The Service Management solution namely Service desk (incident and problem mgmt),

Change, Asset, Self Service and Service level management should be built on the same

platform/code and leverage the same common, shared configuration database with a unified

architecture. The same platforms should be used across all modules, requiring no complex

integrations to leverage the combined benefits offered by the integrated platform.

Should be SNMP compliant, scalable, support distributed architecture and third party

integrations

Should provide fault and performance management for multi-vendor TCP/IP networks.

The service automation solution should be a unified solution supporting provisioning,

configuration management and compliance assurance across servers, networks and

applications and should support end to end full stack and dynamic server, network and

application provisioning.

Solution should provide for future scalability of the whole system without major architectural

changes.

Solution should be open, distributed, and scalable and open to third party integration.

The solution should provide Agent-based or Agentless Monitoring in a single architecture

that will allow an organization to choose the level of management required and deploys the

right-sized solution to meet those requirements.

The agent and agentless monitor should be able to collect event/fault, performance and

capacity data and should not require separate collectors.

The solution should reduce manual customization efforts and should speed-up problem

identification and resolution of the IT performance anomalies with intelligent events.

The solution should accelerate problem isolation through accurate analysis of probable cause

through end-to-end correlation.

The solution should have the capability to identify probable root cause using a variety of

filtering and statistical correlation methods to shift through every metric to determine their

relevance to the issue being researched.



The solution should possess capabilities that deliver self-learning capabilities to virtually

eliminate the ongoing costs of manual threshold, rule, and script maintenance.

The solution should have the capability to minimize manual threshold management, by

performing automated dynamic threshold management.

The solution should carry out automated probable cause analysis by picking up feeds from

every infrastructure component being monitored and automating the correlation of these

alarms/events to point out the probable cause of an infrastructure error.

Should be configurable to suppress events for key systems/devices that are down for routine

maintenance or planned outage.

The solution should provide end users with the ability to search for known errors and

knowledgebase

Solution should be able to score the events and display the highest impacting events in

descending order

The Network Management function must monitor performance across heterogeneous

networks from one end of the enterprise to the other.

It should proactively analyze problems to improve network performance.

The Network Management function should create a graphical display of all discovered

resources.

The Network Management function should have extensive reporting facility, providing the

ability to format and present data in a graphical and tabular display

Should support discovery of Physical, virtual, network, application, storage and mainframe

resources

Solution should support complete agent-less discovery requiring no software to be installed on

devices to be discovered.

Should Automatically map IT infrastructure to business services

Should support troubleshooting and diagnostics for any discovery scan failures

Business owners should have a clear view of the extent of impact to their business and if

need be the reason behind the impact.

The IT organization should be able to view their tickets by business service and impact from

the same solution

Should support advanced filtering to eliminate extraneous data / alarms in Web browser and

GUI.

Should monitor various operating system parameters such as processors, memory, files,

processes, file systems etc. where applicable using agents on the servers to be monitored.

The agent should support execution of remote commands/scripts for troubleshooting and

diagnostics purposes



The Solution displays the complete ITIL process flow for Incident, problem, Change and

release Management

The solution should have Service Management Process Model in built based on ITIL v3 best

practices.

At each stage in the cycle of the incident, the system should prompt users on the status and

the missing information that is required to complete the flow

Solution should support multi-tenancy with complete data isolation as well as with ability for

analysts based on access rights to view data for one, two or more organizational units.

Solution should provide L1 engineer an ability to see the list of assets used by the end user.

This list should be displayed within the ticket (incident, change, problem etc).

L1 should be able to view detailed configuration of a selected asset (Eg - amount of CPU,

RAM, Disk Space, IP address, software installed, software used etc). Should be possible to do

this from within the ticket.

Flexibility of logging incidents via various means - web interface, client interface, phone, auto

integration with EMS tools

Service Desk solution should allow detailed multiple levels/tiers of categorization on the type of

incident being logged.

Service Desk solution should provide classification to differentiate the criticality of the security

incident via the priority levels, severity levels and impact levels.

It should allow SLA to be associated with a ticket based on priority, severity, incident type,

requestor, asset, location or group individually as well as collectively.

Should support unified change and release tools (planning, risk assessment, scheduling, and

execution tools) for complete enterprise across virtual & physical environments, applications,

etc

Should be integrated with Service Desk for maintenance and support of assets

Should be integrated with Change Management for deployment, changes.

Should support Integration with supplier, contract, e-procurement data

Should provide best in class integration capabilities with CMDB compliant APIs.

Solution should support comprehensive SLA management platform that cuts across

Infrastructure Management and Service Management. For e.g. monitors and reports across

different KPIs like infrastructure (CPU utilization, disk space), response times , resolution times

(eg. incident closed on 2 hours) performance and custom parameters of an enterprise

Have a consolidated, automated graphical report for SLA compliance with ability to drill down

to reason for non-compliance"

Manage service levels for delivery and support of business services

Fast, repeatable process for defining and capturing service level measurements



Real-time visualization of service level targets, agreement compliance data, penalties and

rewards

Deliver service level information and alerts directly to IT Operations and Service Support

consoles

Should support single service catalog for request-able services, spanning both IT and non-IT

domains

Should provide for Service Requests Workflows and Fulfillment definitions for commonly used

IT/non-IT services.

Catalog based on User profile

Ability to load dynamic information based on the field chosen

Ability to position both Custom-made and Standard Requests

Should have the ability to extend and create new service request

Should have predefined catalogues that cover specific use cases

Should be completely web based and should be accessible from an unified portal

The services should be integrated to SLAs and should be auto measured for adherence.

Should provide for OOB Reports for Service Support and Service Delivery processes through

a unified portal

Should have ability to have a consolidated view of data collected from different types of

operations (Eg - SLA compliance for a selected business service, it's dependent SLAs, OLA

and UPCs, it's changes by priority, open incidents by priority and status, it's assets and

individual asset compliance, patches installed and compliance to patches etc) and displayed in

a universal portal

Provide users (based on role) to drill down to specific report/data on a need basis

Ability to create custom KPI metrics and scorecard/compliance reports that are updated

automatically

Single dashboard provides the as-is scenario by consolidating the data across the

organization

Should be able to generate the reports for Server, Application, infrastructure services and

Network devices in DC/DR environment. Availability Reports:

o Availability and Uptime Daily, Weekly, Monthly and Yearly Basis

o Trend /Custom/MTBF and MTTR Reports

o Performance Reports of CPU and Memory Utilized

o Interface errors

o Server and Infrastructure service statistics

o Trend report based on Historical Information



o Custom Reports

o SLA Reporting and Computation of SLA for entire DC/DR Infrastructure

Automated Daily, Weekly, Monthly, Quarterly and Yearly SLA reports

End to end Management of applications (J2EE/.NET based)

Determination of the root cause of performance issues whether inside the Java / .Net

application in connected back-end systems or at the network layer.

Automatic discovery and monitoring of the web application environment and Ability to monitor

applications with a dashboard

Should have ability to correlate events across the entire infrastructure components of DC/DR.

Should support automatic event correlation in order to reduce events occurring in DC/DR.


6.3 HIPS

The solution should support virtual patching both known and unknown vulnerabilities until the

next scheduled maintenance window.

Virtual Patching should be achieved by using a high-performance inspection engine to

intelligently examine the content of network traffic entering and leaving hosts.

Should provide automatic recommendations against existing vulnerabilities, dynamically tuning

IDS/IPS sensors (Eg. Selecting rules, configuring policies, updating policies, etc.)

Should provide automatic recommendation of removing assigned policies if a vulnerability no

longer exists - For Example - If a patch is deployed It should protect operating systems,

commercial off-the-shelf applications, and custom web applications against attacks such as

SQL injections and cross-site scripting

Solution should work in detect only mode and prevent mode.

Solution should support automatic and manual tagging of events.

Solution should provide policy inheritance exception capabilities.

Solution should provision inclusion of packet data on event trigger for forensic purposes

The solution shall protect against fragmented attacks

The solution should allow to block based on thresholds

The solution should be able to monitor System Services, Installed Programs and Running

Processes for any changes

The solution should be able to automatically recommend log inspection rules based on the OS

and applications running on a server

Log Inspection should work real time

Agent installation methods should support manual local installation, packaging with third party

software distribution systems and distribution through Active Directory



Any policy updates pushed to the agent should not require to stop the agent, or to restart the

system

The solution shall support installation of agents on Windows, Linux and Solaris Operating

Systems

Solution should have single centralized web based management console.

The solution shall allow grouping security configurations together and also allow to apply these

configurations to other similar systems

The solution should support forwarding of alerts through SNMP and E Mail

The solution should be minimum of EAL 3+ certified

The solution should be able to generate detailed and summary reports.

The solution shall allow scheduling and E Mail delivery of reports

The solution shall have a configurable dashboard that should allow the Administrator to see a

1 day or a 7 day summary

Solution should allow creating multiple dashboard views for different administrators

The solution shall allow creation of custom lists, such as IP Lists, MAC lists etc. that can be

used in the policies that are created.

Solution should support various Actions like, Clean, Delete, Quarantine, Pass

Solution should also support restoration of quarantined files.

Host intrusion prevention system will be deployed at all the servers at the Primary site and the

DR site.

HIPS will analyze all packets to and from the server for and propagation to detect and prevent

attacks.

HIPS solution should offer centralized policy management, and should allow creation of

custom and location based policies.

It should provide a user friendly interface.

It should provide multilayered defense against viruses, spyware, adware, rogue software and

other known and unknown threats.

It should allow tracking of incidents and look for patterns.

HIPS software should protect the end points even when they are off network.

HIPS software should be compatible with the chosen operating system and server hardware.




6.4 Storage Management Software (SMS)

Storage management software should protect the organization from the risks of data loss and

will help in reducing complexity, managing costs and address compliance with data retention

and availability requirements.

Storage Management Software should improve the business continuity by shortening backup

and recovery times and maximizing application availability with advanced data recovery

management technologies.

Storage Management Software should employ data duplication and a hierarchy of storage to

increase efficiencies and conserve resources.

SMS should enhance data security with innovative access and encryption features.

SMS should help the department to adapt to changes within the IT infrastructure to minimize

service disruptions and speed restorations and backups.

SMS should increase the visibility into the data protection environment by providing advanced

features for operational monitoring and historical reporting.

SMS should allow Host based replication and failover to IP based network.

SMS should be able to create, manage and protect file shares and network application

storage.

7 Minimum Technical Specifications

All the technical Items covered under the scope of this RFP should be latest Edition and should

be manufactured not earlier than 2012. Warranty for 3 years also shall apply on all items listed

below. The minimum technical specification is as given below. The SI has to give compliance

against each technical parameter.



7.1 Desktop

Desktop

Components Specifications

CPU AMD / Intel Pentium Core

No of Cores Minimum 2 or higher

CPU Speed Min 3 Ghz or higher

Chipset OEM Motherboard

Cache Memory Minimum 2 MB L2 or higher

FSB 800 MB/s-1064 MB/s

Memory 2 GB DDR3 RAM upgradeable upto 8 GB

HDD Minimum 250 GB , 7200 RPM SATA Hard Disk

Monitor 18.5" TFT Monitor

Keyboard (Requirement of bilingual keyboards with Hindi and English printed on the keyboard and not with stickers on the keyboard)

104 Keys, heavy-duty bilingual keyboard, having key life of 20 million keystrokes or more (same make and color as base PC) with India Rupee Symbol

Mouse Two Button Optical Scroll Mouse

Optical Drive DVDRW

Cabinet

Ports Min.6 USB 2.0 ( 2 In front), 1 Serial, 1 Parallel, PS/2 (For Keyboard & Mouse , Audio In/out (In front), Headphone/Mic, Ethernet

Display Controller Intel HD Graphics

Anti-virus Preloaded (licensed version of Antivirus with 3 years validity)

Patch Cord 1 mts CAT 6 cord

Power Management Energy star compliant for power saving

OS Windows 8 preloaded

Networking Features

10/100/1000 Network Card with remote booting facility, remote system installation, remote wake up



Others Office Productivity Suite applications (like document, spreadsheet, presentation etc) will also be supplied with the Desktop/PC. Office applications which the SI will propose in the solution should be industry standard and OEM supported

7.2. Multi-Function Printer

MFP


Print speed, black (normal quality mode)

Up to 33 ppm, B/W, Legal (8.5 in x 14 in)

Print resolution, black 4800 x 1200 dpi

Print technology Laser

Duty Cycle 12000 pages

Duplex printing (printing on both sides of paper)

Automatic

Media sizes, standard A4, ISO B5, JIS B5, A5, A6, Executive, US Letter, US Legal, Oficio, Folio, DL Envelope, C5 Envelope, C6 Envelope, Monarch Envelope, No. 10 Envelope

Media types Paper (bond, color, letterhead, plain, preprinted, pre punched, recycled, rough, light), envelopes, labels, cardstock, transparencies, user-defined

Connectivity 1 Hi-Speed USB 2.0; 1 10/100 Ethernet network port

Scanner Flatbed with automatic document feed, upto 1200 dpi;; Scan size maximum (flatbed): 215.9 x 297 mm (8.5 x11.7 inches), Scan speed: upto 15 PPM

Copier Black-white Up to 600x600 dpi, Copy speed (black, draft quality, A4):Up to 25 cpm, Copy resolution (black graphics): Up to 1200 x 600 dpi, Copier resize: 25 to 400%

Power Device Power supply, internal

System Interface 1 USB (compatible with USB 2.0 specifications), 1 network port

Compatible operating systems

Windows 8



7.3 Duplex Printer

Laser Printer


Print Speed: Up to 33 ppm, B/W, Legal (8.5 in x 14 in)

Connectivity Technology:

Interface: Hi-Speed USB 2.0 port

Max Resolution ( B&W ): 1200 dpi x 1200 dpi

Duplex Printout: Duplex

PostScript Support: Standard

First Print Out Time B/W: 8 sec

Fonts Included: 45 x TrueType , 35 x PostScript

Media Type: Envelopes, transparencies, labels, plain paper, glossy paper, cards

Max Media Size (Custom): 8.5 in x 14 in

Media Sizes: A4, ISO B5, JIS B5, A5, A6, Executive, US Letter, US Legal, Oficio, Folio, DL Envelope, C5 Envelope, C6 Envelope, Monarch Envelope, No. 10 Envelope

Expansion Slots Total (Free): 1 ( 1 ) x memory

Connections: 1 x Hi-Speed USB

Power Device: Power supply, internal

7.4 Digital Camera

Digital Camera


Max resolution 4000 x 3000

Image ratio w:h 4:3, 16:9

Effective pixels 14.1 megapixels or above

Sensor type CCD/CMOS

Digital zoom Yes, 4x or above

Image stabilization Yes

Auto Focus Yes

Optical zoom Yes, 10x or above

Built-in Flash Yes



Battery Type Lithium (Rechargeable)(should also be charged externally and not just with USB)

Memory Card 8 GB

Accessories Should include any required accessories (Charger, USB cable, Drivers, etc)

Display Size 3" LCD

Recording Format HD Movie Recording

7.5 Electronic Pen

Electronic Pen


Data communication

USB 2.0

Built-in battery Lithium Battery/Rechargeable battery

Continuous writing time 2 hours or longer Standby time:1 hours (min.)

Operating system support Windows7/ 8

Writing Area No Pad/No Special Paper, should able to write on most surfaces

Memory Storage device should store upto 100 A4 size papers

Pen Battery Life Approx. 60 hours or longer

Accessories Should include any required accessories (Charger, USB cable, Drivers, SDK/APIs etc)

7.6 Furniture

Detailed Specifications

Computer Table Size: L 910 x W 610 x H 728 mm

Top: Size 910 x 610 mm made of 18 mm thick pre laminated medium density fiber (MDF) board ISI Marked (IS: 14587-1998). The top shall be firmly screwed on 25x25x1 mm square tube frame as shown in figure

Upper side of laminated board shall be in natural teak shade while the bottom side shall be white/cream shade.



Sliding key Board tray: A Sliding key Board tray shall be made of 18mm pre laminated medium density fiber board of size 725x450 mm. The gap between top and tray shall be 100mm.

The storage shelve for CVT : A storage shelve made of 18 mm particle board shall be provided along with the length of the table at bottom about 100 mm above from the ground level. Shelves shall be screwed on frame work of 25x25x1 mm square tube. The shelve shall be covered from back side with 18mm pre laminated medium density fiber board as shown in drawing.

Steel Structure: The rigid steel structure shall consist of two nos. rectangular base tubes of size 50x25x1.25 mm about 520 mm length placed along the width on vertical tubes of size 25x25x1 mm shall be welded for fixing up of side panels. A supporting frame of 25x25x1 mm square tube shall be welded on the top of the tubes for the side panels as shown for supporting the top of the table.

The base tube shall be provided with adjustable shoes 2 nos. on each side.

Painting: Complete frame of tubes shall be powder coated.

Printer Table Size: L 610 x W 610 x H 660

mm

Printer table shall be as per figure/ drawing.

Shelves : 3 no. made of 18mm thick pre laminated Medium Density Fiber Board(MDF) ISI marked (IS 14587 1998)

Top shelve size 610x610 mm for placing printing unit.

Middle Shelve size 460x330 mm for placing feet on stationary.

Bottom shelve size 460x380 mm for collecting print out.

The top faces of the shelve shall be natural teak wood shade.

The bottom faces shall be in plain white/cream shades.

Structure: The structure shall be made from square and rectangular steel tubes duly welded finished and powder coated

Vertical tubes shall be welded in two rectangular bottom tubes 50x25x1.25 mm as shown in drawing.

The horizontal tube 25x25x1 mm thick 330 m long shall be welded over vertical tubes 25 mm off the center width /depth wise.

Panels made of 18 mm pre laminated particle board shall be screwed rigidly between vertical tubes on both sides.

Two nos. bottom support tubes 50x25x1.25mm thick shall also be provided with two nos. of adjustment shoes.

A rectangular slot of size 455x25 mm shall be provided on top shelve along with length for feeding stationary as shown in figure. A slot shall be covered with PVC insertion for safely of paper.

The ends of bottom and top shall be plugged with PVC/ plastic caps.

Painting Complete steel structure shall be pretreated and powder coated with minimum thickness of 60 microns coating



Computer Chair with Handle Seat size shall be 430x430 mm on 10 mm. thick molded comm. ply with 60 mm thick 40 density molded PU foam

Back rest size shall be 400x300 mm on 10 mm thick molded comm. ply with 40 mm thick 32 density molded PU foam covered with tapestry.

The height of back rest shall be 900x500 mm for top and bottom edges respectively. The black rest shall be provided with lifting arrangement on flat iron & helical spring.

Two nos. suitable PU handles shall be proved.

The base stand should be made up of 5 prongs duly pressed welded together centrally with a pedestal bush with good quality twin wheel castors. The stand and other metal parts excluding central spindle shall be powder coated. Complete steel structure shall be pretreated and powder coated with minimum thickness of 60 microns coating.

A central spindle of 25mm diagonal rod without threads shall be provided with revolving arrangements. The adjustable height of chair shall be from 530 to 570 mm.

A good quality tapestry cloth shall be provided on seat & back in attractive color/ shade.

7.7 SAN Storage


Offered Capacity

The Storage Array shall be offered with 5 TB Usable space after Raid 5/6 Implementation.

Global Hot Spare

Offered Storage Array shall support distributed Global hot Spare for offered Disk drives. At least 2 Global hot spare drives shall be configured for every 50 drives.

Disks support

Offered Storage Array shall support 4/6Gbps dual-ported 146/ 300 / 400 / 450GB / 600GB hot-pluggable Enterprise FC/ SAS & 1TB / 2TB SATA/SAS hard drives

Expandability Storage shall be scalable to min 200 TB after Raid 5/6 Implementation

Operating System Support

The storage array should support industry-leading Operating System platforms including: Windows Server 2003, 2008, Vmware, Sun Solaris, HP-UX, IBM-AIX and Linux Offered Storage Shall support all above operating systems in Clustering.

Cache Shall be configured with 8GB cache memory per controller scalable to 16GB cache per controller.

Protocols Supported

The storage system should support FC, IP / iSCSI, CIFS, TCP/IP, NFS and HTTP protocols.

RAID level support

RAID level 0, 1, 1+0, 5, 6.



SNAP Copy The storage should have capability to creating instant online and consistent SNAP copy images.

Requisite license for creating at least TWO snap copies should be provided for the offered capacity of the system. And the space required for creating these SNAP copies shall be configured additionally from day one.

Redundancy The offered Storage system shall be configured in a No Single Point of Failure with respect to Control cards, Power supplies, Cooling fans, cache etc

System Console

Should support system management console

Management Interface

Should support browser based management GUI and web based remote management of SAN storage

Replication The storage at the controller level shall be configured for storage based asynchronous data replication to binary compatible remote storage through a WAN link.

Cables and Connectors

The storage shall be configured with 25 Mtrs LC-LC cables with connectors for each active port on SAN Switch

Other features

Non-disruptive Online microcode updates and remote diagnostic support should be supported. Storage should also support RAID group expansion and shrinking, LUN expansion and shrinking dynamically.

Ports Bandwidth

Offered storage shall be end to end 4/8Gbps where each drive and drive shelf shall be connected through dual active-active paths.

Global Hot Spare

Offered Storage Array shall support distributed Global hot Spare for offered Disk drives At least 2 Global hot spare drives shall be configured for every 50 drives.

Performance Offered Storage subsystem shall support more than 1,00,000 IOPS Shall have capability to use more than 30 drives per array group or raid group for better performance Shall support more than 800MB/sec sequential throughput.

Load Balancing & Multi-path

Multi-path and load balancing software shall be provided,

Re-build time For better re-build times in case of disk failure, offered storage rebuild operations shall not depends upon the number of drives in the raid group

Business Copy

Shall support Snapshot,

Remote Replication

Storage shall support both Synchronous and Asynchronous replication at controller level Shall support replication across all models of the offered family



Host Ports & Back-end Ports

Offered Storage shall have minimum of 4 host ports for connectivity to servers & minimum of 2 device ports for Disk shelf connectivity

No Single point of Failure

Offered Storage Array shall be configurable in a No Single Point of configuration including Array Controller card, Cache memory, FAN, Power supply etc. It should have Redundant power supplies, batteries and cooling fans and data path and storage controller.

Processing Power

Offered controllers shall be based on latest PCI-e/equivalent technology to ensure that there is no bottleneck for IO communication.

Architecture & Processing Power

The storage array should support dual, redundant, hot-pluggable, active-active array controllers

7.8 Rack Server

Components Specification

Form Factor Rack (U/2U)

Processor Latest Generation x86-64 Bit Intel Minimum 2 Quad core Processor scalable to 4 processors with Minimum 2.2 Ghz Clock Speed and 4 MB Cache or higher

Processor should be latest series/generation for the server model being quoted

Memory Min 32 GB DDR3 RAM with min 8 Nos. free slots for future expandability.

Storage Connectivity

The Blade should have redundant 8 Gbps Fiber Channel HBA/FC Port (only for database server)

Ports 2 X (1000BASE-T) Tx Gigabit LAN ports with TCP / IP offload engine support / dedicated chipset for network I/O on blade server

HDD 2 X 300/450GB HDD or more hot swap/ hot plug system disk with mirroring using integrated RAID 0,1 on internal disks, or min.16 GB compact flash card to be provided.

Controller VGA / Graphics Port / Controller

OS Should support heterogeneous OS platforms

OS Red hat Enterprise Linux Latest Edition

Clustering Should have Cluster support for high availability



7. 9 UTM

Sl No. General Technical Specifications

1 Hardware Platform:

a No built-in mechanical moving parts.

b Should be Hardened OS based Application Level Firewall

c Should have flash based configuration storage

2 Following IP Address Assignment should be supported by the XTM:

a Static

b PPPoE Client

c DHCP Server

d DHCP Client

e DHCP Relay

f Dynamic DNS Client

g Transparent Mode

h Bridge Mode

3 Performance:

a Performance upgradeable without replacing device

b Performance upgradeable without adding additional equipment

c Firewall Throughput

d XTM Throughput

e VPN Throughput

f Conncurrent Connections

g Ethernet Interface

h Should support Reputation Enabled Defense - Cloud Based Web Security

i Application Control

4 Encryption and certificates:

a AES 128bit, 196bit and 256bit

b 3DES and DES

5 Authentication servers/processes:

a Windows Active Directory

b LDAP one or more

c Local user group authorization

d Support two factor authentications.

6 Networking:

a Support Multi-WAN - Quantity supported

b Support IPSec VPN failover

c Support Server Load Balancing

d Support VLAN

e Support policy-based routing

f Support Traffic Shaping/QoS



g Compatible to Centralized Management

7 VPN function:

a Standard IPSec support.

b 3DES and AES

c Should Support Multicast over BoVPN

d Should support IPsec Pass-through

e Should support enabling Type of Service for Ipsec

8 Security:

a Application proxy capability

b Protocol Anomaly Detection

c Security policy can be selectively enable/disable based on time.

d Capability to protect from progressive DDoS.

e Detect and block malicious file when file extension change, such as capability to detect of original file type .exe renamed to .doc, which can be detected and blocked.

f Language independent anti-spam solution

g Advance Recurring Pattern Detection - anti-spam technology, not rely on RBL and scoring.

h With quarantine server capability.

i Web URL filtering with Maximum 54 category based database, with option to refer Online or can be stored on Local Management Station

j IPS and AV signature database keep on updating with hourly basis

k Provide protection against computer virus at gateway level.

l Selectively enable/disable instant messenger (IM) without blocking traditional network communication ports, such as Yahoo messenger, MSN and ICQ.

m Option to enable/disable peer to peer (P2P) application, such as BitTorrent, Kazaa and eDonkey.

n With yearly anti-spam/anti-virus and web filtering service subscription

o Should have Server/Client Quota based Distributed Denial of Service Prevention

p Should have option to create ALIASES to identify group of Hosts or networks with one Unique Name

9 Administration:

a Dedicated GUI management program for robust feature configuration.

b Option for Remote management, through WEBUI, CLI & Secure Management Software

c System log transfer encryption without replying on VPN.

d Administrative TCP/IP ports should be such that they prevent brute-force attack.

e When login with administrative privilege, other login to the device is denied for configuration integrity.

f Real-time network connection map for connection status.

g Drag-and-drop VPN configuration capability.

h Comprehensive reporting suite without additional software component.



i Offline policy files configuration and modification.

j SNMP management.

k Ability to make a full backup of the entire flash disk as image file.

l Ability to make/edit configuration file offline for better administrative management, without connecting to the operating security device.

m Should have option to Change Default Web UI Port

n Should have option to schedule rebooting

10 Monitoring, Logging and Reporting

a Live Traffic Monitor

b System Servises Status Monitor

c Authenticated User List Monitor

d VPN Connections Monitoring

e IP/Host/User based Traffic Watch with option Block Source/Destination

f Protocol based Traffic Watch

g HTML/PDF Audit Reporting

h Remote Logging Support

i Remote Reporting Support

j Remote Monitoring Support

k Out of Device Encrypted Log Channel

l Syslog Support

m SNMP Support

n Multi-Appliance Log Aggregation

11 Certifications

a Common Criteria EAL4

b ICSA IPSec

c ICSA Firewall

7.10 SAN switch

Parameter Description

Performance 8 Gbps Fibre Channel

Ports 16-24Fibre Channel

Aggregate Switch Bandwidth

384 Gbps Maximum

Protocol Support Fibre Channel

Availability No single point of failure.

Media Types No single point of failure. Hot code load. Ports on demand with no downtime

Upgradeability Standard 16 Ports; 8 Port on Demand upgrades

Required Software Advanced Fabric OS, Advanced Zoning, Web Tools

Form Factor 1U



7.11 L2 Switch

Physical Configuration

Expansion Slots Should have minimum 2 x 10 Gigabit SFP+ port and 1 x expansion slot

Fixed Ports 24 x 10/100/1000 Base-T ports

Out-of-Band Management Console Port

Packet Buffer 1.5MB

SDRAM for CPU 256MB

Performance

Forwarding Rate 95.23Mpps

MAC Address Table Size No. of MAC Address Supported 16K

Switching Capacity The Switch should support 128Gbps

L2 Features

Auto MDI/MDIX Should support Auto MDI/MDIX

Flow Control Should support flow control

IGMP Snooping should support IGMP Snooping v1 | v2

Link Aggregation Should support following link aggregation * IEEE 802.3ad with LACP (Dynamic) * Cisco Ether Channel Liked *Unicast / Multicast traffic Balance over Trunking port

Multicast (IGMP) Snooping Should support following Multicast (IGMP) Snooping *Queried Support *Immediate Leave *IGMP Filtering *IGMP Throttling *IGMP Leave Proxy *MVR Support

MVR Should support MVR

Q in Q Should support Q in Q

Spanning Tree IEEE 802.1D (STP) | IEEE 802.1w (RSTP) | IEEE 802.1s (MSTP) | Spanning Tree Fast Forward | BPDU Filter | BPDU Forward | Root Guard | BPDU Guard | Loopback Detection | Auto Edge Port

Storm Control Broadcast | Multicast

Unicast / Multicast traffic Balance over Trunking port

Yes

Date post:	25-Nov-2015
Category:	Documents
Upload:	prakash-arthur
View:	16 times
Download:	2 times

NEW RFP

Documents