PRE-BID MEETING WITH SHORT
No. : ASRB/COLE/42
Minutes of pre-bid meeting
with participating bidders, held on 14.09.2011 at 2:30 PM
in respect of procurement of Equipments/Goods/Services
DEVELOPING, COMMISSIONING, OPERATING AND MANAGING AN ONLINE SYSTEM
FOR NET/ARS-PRELIM EXAMINATION IN ASRB ICAR
against Invitation of Bidder (IFB) NO. ASRB/COLE/42
1.
The following Officers were present on 14.09.2011 at 02.30 PM in the pre-bid meeting :(a)
From NAIP/ICAR/CDC
1.
Shri R.C. Agrawal, NC, Comp-I,NAIP, ICAR
2.
Shri Kumar Rajesh, US, NAIP, ICAR
3.
Shri S.K. Sharma, Head (BD), CDC
4.
Shri Lokesh Ruhal, CDC.
5.
Shri G.P. Sharma, DD (F), ASRB
(b)
Firm‟s representative.
Sl. No.
1.
WIPRO
Name of the Firm(M/s)
2.
IC &FS
3.
HP INDIA
4.
HCL TECHNOLOGIES
5.
CA TECHNOLOGIES
6.
MICROSOFT
7.
ORACLE
8.
9.
NSEIT LTD
PWC
10.
SIFY TECH. LTD.
Representative’s Name (Shri)
AASHISH KOHLI
KULDEEP SINGH
SHAILESH MATHUR
PRASHANT RANJAN
KEYOOR P. DIWAKER
HIMESH
SACHIN NAGPAL
PAWAN SACHDEVA
ANKUR GUPTA
AZHAR ANSARI
FANISH HASAN
NISHANT KUMAR
SANJEEV GULATI
RAKESH KR. SINGH
SANJEEV GUPTA
PARITOSH GUPTA
VIVEK PRAKASH
GAUTAM JOARDAR
HARDEEP SINGH
RAKESH SOHONI
ALOKE BAIDYA
NIDHI SHARMA
SACHIN KALRA
JATIN BAJAJ
ASHISH SHARMA
PRAMOD DAS
HARDIK RAVAT
GAURAV GUPTA
ARPIT ARORA
SACHIN BODWAL
1
2.
11.
SATVAT INFOSOL
12.
13.
INTEL
EDU QUITY
14.
CMC LIMITED
15.
MERITRAC
16.
17.
VAYAM TECHNOLOGIES
IBM INDIA
18.
TRIMAX IT
19.
APTECH
20.
TULIP TELECOP
21.
22.
PEARSON VUE
SHARVANI INFISOLUTION
SUMIT DHINGRA
KABILAN
S. PRASAD
B.G.PRASAD
DIBYA RANI
ARUN RAO
NIRMAL KANNAN
PRIYANKA
LAKHWINDER.S.LAMBA
PRASHANT
NAVEEN
ASHEESH
SUMIT
NIDHI ANAND
MANOJ SHARMA
RAJEEV
RAJAN WADHWA
KASHIF M
PARAMJIT SINGH
PANKAJ CHOUDHARY
SANDEEP DUA
V.S.SHUKLA
Representatives of the firms made several queries relating to hardware specifications of Bid Document.
The details of queries raised by the representatives and its replies are enclosed in Annexure-1.
2
Annexure-1
Replies to the queries raised by the prospective bidders
during Pre-bid meeting held on 14.09.2011
against Invitation of Bids (IFB) NO. ASRB/COLE/42
S. No.
1
2
Bid reference No.
5.9.1 Primary HQ Site
Servers (Blade
technology)
Hard
disk
Page No: 166
5.9.1 Primary HQ Site
Servers (Blade
technology)
Database servers
As per Bid Document
5 X 300 GB SAS Hot-Swappable Hard
Drives per Server with 64 MB Cache
supporting RAID 1.
Query/ Suggestion
Blade Servers comes standard with two
Hard Disks only. No OEM blade server
supports more than 2 Hard disks in 2
processor servers
Remarks by the Company
2 X 300GB SAS Hot
Swappable HDD per server
configured in RAID 1
Reply to the query
Accepted and the Clause can
be read as: 2 X 300GB SAS
Hot Swappable HDD per
server configured in RAID 1.
128 GB PC3-10600 DDR3 RDIMMs
and UDIMMs, DIMM Slots should be
available to scale up to 256 GB within
the Same Server
Blade Servers have compact architecture
to give high computing power while
consuming lesser space. Hence it
supports only 12 DIMM slots.
No Change
At least 8 interconnect bays per blade
chassis.
To connect 4 LAN ports and 2 FC ports,
6 Interconnect bays are sufficient.
Hence would request you to modify the
same to 6 Interconnect bays
Other than special purpose servers all
Blade Servers architecture supports only
2 Hard disk drives.
128GB PC3-10600 DDR3
RDIMMs Expandable upto
192GB. Only 1 OEM
supports memory DIMM of
32GB capacity. Hence would
request you to change
expandability to 192GB using
16GB DIMM which all
OEM's support
Atleast 6 Interconnect bays
per blade chassis
2 X 300GB SAS Hot
Swappable HDD per server
configured in RAID 1
Accepted and Clause is
changed to: 2 X 300GB SAS
Hot Swappable HDD per
server configured in RAID 1.
We request for a amendment
in this clause as CISC
technology is able to deliver
much higher and better
performance as compared to
RISC in light of the recent
developments on CISC
technology, whereas RISC
technology is headed toward
abolition as such and most of
the OEM adopt CISC
technology to deliver
performance better than
No Change
Page No: 167
3
4
5
5.9.2 Blade Enclosure
(Chassis)- Interconnect
Bays
Page No: 168
5.9.4 BCP/ DR Site
Servers: Server
Infrastructure for Data
Base servers
Page No: 171
5.9.3 Primary Site
Storage specifications,
& 5.9.5 BCP/ DR
Storage Specifications
Page-169/172
5 X 300 GB Hot-Swappable Hard
Drives per Server with 64 MB Cache
supporting RAID 1.
1. The storage array should support and
be configured with dual, redundant, hotpluggable, active-active array
controllers with RISC based processors
for high performance and reliability
2. Separate Circuitry for Raid
Processing. It shall not be done by core
controller CPU.
3. Storage Array shall have Real Time /
Embedded Unix Operating system to
avoid frequent Firmware upgrades.
1. The storage array should support and
be configured with dual, redundant, hotpluggable, active-active array
controllers with RISC/CISC based
processors for high performance and
reliability
2. Separate Circuitry for Raid
Processing. It shall not be done by core
controller CPU.
3. Storage Array shall have Real Time /
Embedded Unix/Linux Operating
system to avoid frequent Firmware
upgrades.
1
No Change
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
6
5.9.3 Primary Site
Storage specifications,
& 5.9.5 BCP/ DR
Storage Specifications
Page-172
Disk Drive Support
Page No: 169 and 172
Offered Storage Array shall support
minimum 2 Gbps dual-ported 36 / 72 /
146/ 300GB hot-pluggable Enterprise
FC hard drives along with S-ATA/FATA (400GB / 500GB) drives in the
same device shelf.
heterogeneous storage and operating
systems from different OEMs
Offered Storage Array shall support
minimum 2 Gbps dual-ported
300GB/450GB/600GB hot-pluggable
Enterprise FC/SAS2 hard drives.
7
5.9.3 Primary Site
Storage specifications,
& 5.9.5 BCP/ DR
Storage Specifications
Page-172
Host Ports & Back-end
Ports
Page No: 169 and 173
5.9.6 Backup Solution:
(One set each for
Primary and DR Site)
Page No: 174
Offered Storage shall have minimum of
4 host ports for connectivity to servers
& minimum of 4 device ports for Disk
shelf connectivity
Offered Storage shall have minimum of
4 host ports for connectivity to servers
& minimum of 4 device ports / SAS
links for Disk shelf connectivity
8
9
5.9.6 Backup Solution:
(One set each for
Primary and DR Site)
Page No: 174
10
Page no. 165
The proposed Backup Solution should
support tape Mirroring running
concurrently with primary backup. e.g.
With the primary volume Backup 4
additional tape copies can be created
simultaneously without the need to
duplicate 4 copies after the main
backup.
The proposed backup solution should
allow creation of additional backup
copies, run concurrently with primary
backup, within the same Library or over
the network to another tape library/stand
alone drive of different format medium
(e.g. Ultrium to SDLT etc..) to allow
easy valuating operation.
5.8 Enterprise Management Solution
As per the RFP Network Management
Solution is Required but there are no
detailed specifications for the desired
functionality of the Solution.
2
Remarks by the Company
RISC.
We request to amend the
clause as request, as the
Drives of 36GB/146GB are
obsolete and not supported by
many OEM in their latest
generation storage arrays.
SAS drives are the latest best
performance drives at 6Gbps,
hence request you to
incorporate these changes.
The SAS drives have SAS
links each operating at 6Gbps
as compared to 4Gbps FC.
Hence request you to
incorporate the changes.
Reply to the query
Accepted with modifications
and the clause is changed to:
Offered Storage Array shall
support minimum 2 Gbps
dual-ported 300GB/450GB
hot-pluggable Enterprise
FC/SAS2 hard drives along
with S-ATA/F-ATA (400GB
/ 500GB) drives in the same
device shelf.
heterogeneous storage and
operating systems from
different OEMs.
No Change
This feature is proprietary to
a particular vendor and
should better be removed to
keep the specification neutral
and compliable to every other
vendor too.
No Change
This feature is proprietary to
a particular vendor and
should better be removed to
keep the specification neutral
and compliable to every other
vendor too.
No Change
Please provide detailed
specifications for Network
Management. As per the
good practice it is advised to
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
11
Page no. 165
5.8 Enterprise Management Solution
The Agency may also propose the other
modules in the EMS like Inventory
Management, Performance
Management, Remote Management and
SLA monitoring.
General Query
Please suggest whether EMS Solution
will be deployed at DR which allows
DR EMS to be made active in case EMS
at DC is down.
Please remove Data Back from EMS
Section.
12
13
Page no. 165
5.8 Enterprise Management Solution
14
Page no. 165
5.8 Enterprise Management Solution
Please remove Post exam RTI/Legal
Information Management from EMS
Section.
15
Page no. 165
5.8 Enterprise Management Solution
Please remove Website Development
and Management from EMS Section.
16
Page no. 165
5.8 Enterprise Management Solution
Please remove Query Management from
EMS Section.
3
Remarks by the Company
have Network Fault and
Performance Manager
integrated to have end to end
network visibility.
The requirement is generic
please provide detailed
specifications for the
mentioned EMS modules
which will enable to propose
industry standard EMS
Solution.
"Data back" is generally not
part of EMS Solution.
Request you to remove this
from EMS and ask separately
" Post exam RTI/Legal
Information Management" is
not part of EMS Solution.
Request you to remove this
from EMS section and
elaborate it's meaning so that
proper solution may be
offered for this.
As per Industry best practices
"Website Development and
Management" is not part of
EMS Solution. Request you
to elaborate it's functional
meaning
As per Industry best practices
Query Management is not
part of EMS solution.
Request you to elaborate it's
functional meaning so that
accordingly correct solution
may be proposed to perform
desired activity
Reply to the query
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
To be covered under section
5.9.6 on Page No 174 under
the head: Backup Software
Specifications
To be covered under Section
3.2 i.e. ASRB‟s Proposed
Examination System on Page
No. 150
To be covered under Section
3.2 i.e. ASRB‟s Proposed
Examination System on Page
No. 150
To be covered under Section
3.2 i.e. ASRB‟s Proposed
Examination System on Page
No. 150
S. No.
17
Bid reference No.
Page no. 165
As per Bid Document
5.8 Enterprise Management Solution
18
Page no. 165
5.8 Enterprise Management Solution
Query/ Suggestion
As per the RFP ITIL based IT Service
Management processes are required but
there are no detailed specifications for
the desired functionality of the Solution.
As per the RFP Database and Server
Management Solution are Required but
there are no detailed specifications for
the desired functionality of the Solution.
Remarks by the Company
Please provide the detailed
specifications for ITIL Based
Helpdesk Solution.
As the application will be
accessed by the users located
at various location the
performance of application
can be measured by the end
user response. In case of
performance degradation at
the application layer this tool
may help pinpointing the root
cause of the problem which
may help to reduce MTTR
and adhere to the defined
SLA
19
General Query
It is advised to have Application
Performance Monitoring Solution to
monitor all the end user transaction for
all the web based transactions in case of
ASRB application Portal
20
General Query
As per the good practice EMS should
provide proactive traffic analysis
capability. Such Proactive traffic
analysis will provide near real time
bandwidth utilization on the basis of
protocols/ IP addresses traversing
through the link.
21
Page no. 181
General Query
Do you require proactive traffic analysis
to come as a bundled feature with the
proposed EMS?
Do you require host based security
system to protect Windows, Unix &
Linux OS based servers which will
monitor and provide audit trails /
controls on who has accessed the OS
directly and what activities were
performed at the OS layer?
4
Please provide the detailed
specifications for Database
and Server Performance
Management.
Reply to the query
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
Please refer to Annexure 1
on detail specifications for
“Enterprise Management
System”
No Change
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
Database is a critical component of the
application, it‟s very important to
control access to the database and
playback the changes to the database
done by DBA/ operators.
22
Pg 131 GCC 7.3 iii)
Changeover to higher version of the
offered standard software and operating
system during warranty period
If backward compatibility is not
supported by the third-party vendor,
then will the consultant have to be
responsible for any upgradation work?
No Change
23
3.10 Essential
Requirements for test
publishing/ Question
paper software. Point
no 23
Page No: 156
3.10 Essential
Requirements for test
publishing/ Question
paper software. Point
no 24
The Agency should be able to supply a
Full TRIAL VERSION for the
committee to evaluate
Please confirm if historical data have to
be migrated ? If yes, what is the scope
of data migration?
There is no historical data to
be migrated.
Cost of Annual Maintenance including
updates and upgrades for 3 years after
warranty period along with onsite
comprehensive maintenance (if not
included in AMC) should be quoted
with the cost
Is onsite support required / essential
during the warranty support period?
Yes.
Please refer Clause GCC 7.3
(ii) at page no 130.
The Agency will supply, install and
commission required Hardware, System
Software, Networking equipments etc.
Also, SI would require integrating all
the components with any existing
equipments under consultation with
ASRB IT team and/or its designated
consultants.
The agency is required to carry out
following major tasks:
· Supply & Installation of Clustered
database servers with RDBMS
clustering configuration.
· Supply & Installation and
configuration of Backup server for SAN
based backup and RDBMS backups.
Do we need to supply, install all the
required hardware, system software etc?
Yes.
Does the consultant need to supply and
install all these components?
Yes.
24
Remarks by the Company
Reply to the query
Page No: 156
25
Pg 162 3rd Para
26
Pg 162 Last Para
5
S. No.
Bid reference No.
27
Generic
28
Generic
29
Specific to the business
scope
30
Specific to the business
scope
31
Specific to the business
scope
32
Specific to the business
scope
Specific to the business
scope
33
As per Bid Document
· Supply & Installation and
configuration of SAN storage as per
requirement of the cluster and RDBMS
software
· Supply & Installation and
configuration of various blade servers in
line with their use
163
· Supply & Installation and
configuration of required software for
remote deployment and management of
the blade servers. The Software should
be capable of managing the entire server
infrastructure from a single console.
Query/ Suggestion
Remarks by the Company
Does the solution need to be on Open
Source?
Does ICAR have preference for any
Specific deployment platform in terms
of Operating System, Database and
Application server software? Is ICAR
ok if solution is proposed on Microsoft
environment with SQL Server as the
database? In case of the latter are the
required production licenses for the
software already available with ICAR?
Is there any existing question bank
which ICAR would like to migrate to
the envisaged exam system or will the
questions be created within the system
itself?
What all kind of questions will be there?
Will there be any mathematical equation
types of questions?
Will there be any structure for the
question bank? E.g. Subject --> Chapter
--> Sub-Chapter-->Questions?
Will there be any complexity associated
with each and every question?
While setting up the question paper, will
the user select particular questions for
the exam or they will set the pattern for
the same and then while preparing the
6
Reply to the query
No preference
No preference.
The bidder/JV
Partner(s)/Consortium
Partner(s) may propose the
best model which will be
evaluated. ASRB does not
possess any license or
software.
No
No
No
No
No
S. No.
Bid reference No.
34
Specific to the business
scope
Specific to the business
scope
35
36
Specific to the business
scope
37
Specific to the business
scope
38
Specific to the business
scope
Specific to the business
scope
39
As per Bid Document
40
Pg. 149 Clause 3.1
Checking candidate eligibility and
authenticity
41
Pg. 149 Clause 3.1
Formatting Question Paper provided by
ASRB on the day of scheduled
examination.
42
Specific to the business
scope
43
Pg152 Clause 3.2.1.2
The scanned photographs, signatures,
biometric information to be captured.
Query/ Suggestion
question paper, system will pick
questions randomly based on the pattern
set?
Is there any concept of re-sits for
students who failed the exam?
In case a student is found not eligible
(due to some reasons) after the payment
is received, will there be any provision
for Refund?
Is there any requirement for printing the
question papers and answer papers in
pdf format, to conduct the examination
on pen-paper in case of any system
failure?
Is there any kind of approval required at
any point of time during exam
registration or any other activities? Will
there be any cancellation / rescheduling
of exams at centers?
Is there any requirement for the site to
support multi-lingual features?
Please confirm if historical data have to
be migrated ? If yes, What is scope of
data migration?
Is the checking based on the information
provided by the student himself? Or is
there any need to integrate with external
services for checking?
Remarks by the Company
Reply to the query
No
No
No
Exam as per the schedule
approved by ASRB. No rescheduling.
English/Hindi
No
As per the information
provided by the candidates
Can we assume that the question paper
will be available in digital format?
Yes
SMS support and payment gateway is
required in the system. Will the vendor
have to provide these?
1. What is the exact requirement
regarding biometric
information of students?
2. Does this means that scanned
photographs, signature,
biometric information to be
captured and stored in an
ASRB has a payment
gateway but integration will
be required.
1. As per bid document
7
2.
Yes, in RDBMS
S. No.
Bid reference No.
As per Bid Document
44
Specific to the business
scope
45
Pg. 154 Clause 3.8.1
Crisis Management
46
Pg. 155 Clause 3.8.2
47
Pg. 158 Clause 4.1
48
Page 154 Sec 3.2
Verification of the signature in
attendance sheet vis-à-vis the signature
in the admit card
Agency can suggest Business Process
Improvements to ASRB while executing
the assignment. ASRB will approve the
improvements and/or may provide
additional Business Process
Improvements to the Agency. The
Agency will have to incorporate the
approved/additional improvements in
application system.
The Online Web Based Portal will have
the features to be integrated with the
Online Test Delivery Portal.
49
Page 156 Sec 3.3
Question Bank Portal
50
Page 162 Sec 4.5
51
Page 167 Sec 5.3
The maximum numbers of users at a
given test time will be around 2,000
only
Data Center Design for DR Site
52
Page 167 Sec 5.3
Test and Development Environment
53
Page 162 Sec 4.5
Total registered users
54
Page 154 Sec 3.2
SLA's
Query/ Suggestion
RDBMS and not in a
DMS(Document Management
System).
What is the scalability requirement for
the examination portal? How many
concurrent users are we looking at?
What crisis management opportunities
are we looking at?
We assume that this will be done
manually. Is any software-based
verification required here?
Please define the scope of reengineering the existing business
processes. The process changes can be
only made during the implementation
phase or will they include the
maintenance phase as well. Please set a
clause to certify this.
Is there an existing Online Test Delivery
Module? What is the type of integration
required between Online Web Based
Portal and Online Test Delivery Portal?
Pl. confirm that the Question Bank
Portal will have a linkage to the Online
Web Based Portal.
Pl. confirm the concurrency to be
assumed for sizing of the online webbased portal.
What is the Service Level expected at
the DR Site with respect to software and
application deployment? IS it 100%
DR? Pl. confirm.
Pl. confirm the license requirement for
Test and Development environments
apart from Primary and DR Sites?
Please let us know total users will get
registered with central portal
Please provide more details in terms of
SLA's both for Central Portal &
Question bank Portal
8
Remarks by the Company
Reply to the query
Not more than 2050 users at
a time
All types w.r.t. operations
Only manual checks at the
examination sites.
Minor changes with mutual
consent.
No.
No live online examination
is envisaged
No.
There is no Question Bank
portal at all.
No online web based live
examination. It is only CBT.
100% hardware, software,
applications, operations and
manpower
All licensed versions of
softwares.
Currently, 35 to 40 thousand
No
There is no Question Bank
portal at all.
S. No.
55
Bid reference No.
Page 154 Sec 3.2
As per Bid Document
Sizing
Remarks by the Company
Intel i3-540 processor or equivalent
(3.00 GHz, 4MB or higher)
Query/ Suggestion
Please confirm for how many years
sizing need to be done in terms of
infrastructure (e.g. 3 year, 5 year)
Please provide details in terms of how
many disciplines, subjects etc while
doing sizing.
Please provide peak load details like
months, days, hour.
What mail messaging and SMS
gateways currently being used in
ASRB?
Please confirm registered users? 3 years,
5 years
Since ldap's are proposed only for HQ,
how will the test taker's be autheticated
by the Test Application in case of
failure at HQ.
What is the Verisign Payment Gateway
method or protocol to be implemented?
EMS has to be implemented for both
HQ and DR?
Intel Core i3-2100 Processor 3.10 GHz,
3M cache.
56
Page 154 Sec 3.2
Sizing
57
Page 154 Sec 3.2
Sizing
58
Page 154 Sec 3.2
59
Page 154 Sec 3.2
Provision to send individual common or
customized messages through email or
SMS to the candidates
Sizing
60
Page 168 Sec 5.9
LDAP
61
Page 158 Sec 3.2
Payment Gateway
62
Page 165 Sec 5.1
Enterprise Management Solution
63
Processor
Sec 5.13.2 Desktop
Machines/ terminals
Intel has launched second
generation series and we
suggest department should
buy the latest technology.
Accepted with modifications
and the clause is changed to:
Intel Core i3-2100 Processor
3.10 GHz, 3M Cache (or
equivalent)
Chipset
Sec 5.13.2 Desktop
Machines/ terminals
Page No: 178
Memory
Sec 5.13.2 Desktop
Machines/ terminals
Page No: 178
Intel P55 chipset or Higher
Intel Q65 or higher chipset
Accepted and the clause is
changed to: Intel Q65 or
higher chipset
4GB NECC DDR3 1066MHz SDRAM
Memory scalable upto 8 GB
2 x 2GB Non ECC DDR3 1333MHz
SDRAM Memory scalable upto 16 GB
Graphic
Sec 5.13.2 Desktop
Machines/ terminals
Page No: 178
HDD
Sec 5.13.2 Desktop
Integrated Intel Graphics Media
Accelerator 4500 or higher
Intel HD Graphics
For Enterprise & Government
customers Intel recommends
Q6 series chipset. Intel
doesn't have a P55 chipset.
Dual Channel memory is
recommended for better
performance. The Q series
chipset supports 16 GB
memory expandability.
The Q series chipset supports
High Definition Graphics
250 GB 7200RPM SATA II
500-GB 7.2K rpm SATA 6.0Gb/s
Maximum 30 disciplines
Not available now
None
New users every time
Not Applicable
ASRB has a payment
gateway
Yes
Page No: 178
64
65
66
67
9
Reply to the query
5 years
The latest HDD support
6.0Gb/s in comparison to the
No Change
Accepted with modifications
and the clause may be read
as: Intel Integrated HD
Graphics 2000
Accepted
S. No.
68
69
Bid reference No.
Machines/ terminals
Page No: 178
Monitor
Sec 5.13.2 Desktop
Machines/ terminals
Page No: 178
As per Bid Document
Query/ Suggestion
Remarks by the Company
older HDD with 3.0 Gb/s
Reply to the query
Minimum 17‖ Widescreen Flat Panel
1366x768 resolution or better, Tilt
adjustment capability, response time : 5
ms, FCC, UL, TFT-TCO-03 Certified
(Same make as OEM)
18.5" LED Widescreen Monitor with
1366x768 resolution or better, Tilt
adjustment capability, response time : 5
ms, FCC, UL, TFT-TCO-05 Certified
(Same make as OEM)
LCD Monitors are End of
Life and the market has
moved to LED and we
suggest department should
buy the latest technology.
Number of Bays
Sec 5.13.2 Desktop
Machines/ terminals
2 internal 3.5‖ 1 internal 3.5‖
(2) 5.25" External Bay for Optical Drive
(1) 3.5" External Bay for Media Card
Reader
(2) 3.5" Internal Bays for HDD
Keeping in mind the
expandability we have
suggest the 5 no. of bays.
Standards Blue Angel, CECP,
ENERGY STAR® 4.0, TCO 05,
WEEE, RoHS,
ENERGY STAR®, TCO 05, RoHS
Certain Standards
documented are available
with specific vendors, we
have requested only few
which are Industry common.
Accepted and the clause may
be read as: 18.5" LED
Widescreen Monitor with
1366x768 resolution or
better, Tilt adjustment
capability, response time : 5
ms, FCC, UL, TFT-TCO-05
Certified (Same make as
OEM)
Accepted and the clause may
be read as: (2) 5.25" External
Bay for Optical Drive
(1) 3.5" External Bay for
Media Card Reader
(2) 3.5" Internal Bays for
HDD
Accepted with modifications
and the clause may be read
as: ENERGY STAR® (or
equivalent), TCO 05, RoHS
Network : Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy
Network : Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy in case of Active Mid plane
or Passive Mid Plane to be offered.
System Diagnostics: Blade server
should have Light indicators to the
failing component in order to reduce
System Diagnostics: Blade server
should have Light indicators or LCD
display for the failing component in
Different vendors offer
different technology i.e some
vendors offers Active
Midplane in Blades
Technology wherein there is
a tendency of failure due to
the presence of active
components on the midplane,
whereas some vendors offers
Passive Midplane where there
are no active components,
hence no failure. So we
suggest that the clause to be
modified to allow maximum
vendor participation.
Different vendors offer
different technology, LED is
old method of detecting
Page No: 178
70
72
73
Environmental and
Regulatory Standards
Sec 5.13.2 Desktop
Machines/ terminals
Page No: 178
5. TECHNICAL
SPECIFICATIONS :
5.9.1 Primary HQ Site
Servers (Blade
technology
Page No: 166
5. TECHNICAL
SPECIFICATIONS :
5.9.1 Primary HQ Site
10
Accepted and the clause may
be read as: Network: Dual
gigabit 10/100/1000 Ethernet
controllers Wake on LAN /
Serial over LAN /Full
Duplex/TCP/IP Offload
Engine / Load balancing or
streaming. Blade Server
should have dual
Connections to the mid plane
for redundancy in case of
Active Mid plane or Passive
Mid Plane to be offered.
Accepted and the clause may
be read as: System
Diagnostics: Blade server
S. No.
Bid reference No.
Servers (Blade
technology
Page No: 166
74
5. TECHNICAL
SPECIFICATIONS :
5.9.1 Primary HQ Site
Servers (Blade
technology)
As per Bid Document
downtime and Pre Failure alert
mechanism to highlight the deteriorating
health of the components like Hard
Drives, processors, memory.
Query/ Suggestion
order to reduce downtime and Pre
Failure alert mechanism to highlight the
deteriorating health of the components
like Hard Drives, processors, memory.
Remarks by the Company
failures, blades system
technology allows monitoring
through interactive display
i.e. LCD. So we suggest that
the clause to be modified to
allow maximum vendor
participation.
Hard Disk : 5 X 300 GB SAS HotSwappable Hard Drives per Server with
64 MB Cache supporting RAID 1.
Hard Disk : 2 X 300 GB SAS HotSwappable Hard Drives per Server with
64 MB Cache supporting RAID 1.
Network: Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy
Network : Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy in case of Active Mid plane
or Passive Mid Plane to be offered.
System Diagnostics: Blade server
should have Light indicators to the
failing component in order to reduce
downtime and Pre Failure alert
mechanism to highlight the deteriorating
health of the components like Hard
Drives, processors, memory.
System Diagnostics: Blade server
should have Light indicators or LCD
display for the failing component in
order to reduce downtime and Pre
Failure alert mechanism to highlight the
deteriorating health of the components
like Hard Drives, processors, memory.
Blade Servers Offers Max. 2
HDDs. These HDDs are
primarily used for OS &
Swap. The required
configuration as per RFP has
FC HBA which will connect
to storage. Hence we suggest
that the internal HDDs in
servers should be reduced to
qty 2.
Different vendors offer
different technology i.e some
vendors offers Active
Midplane in Blades
Technology wherein there is
a tendency of failure due to
the presence of active
components on the midplane,
whereas some vendors offers
Passive Midplane where there
are no active components,
hence no failure. So we
suggest that the clause to be
modified to allow maximum
vendor participation.
Different vendors offer
different technology, LED is
old method of detecting
failures, blades system
technology allows monitoring
through interactive display
i.e. LCD. So we suggest that
the clause to be modified to
allow maximum vendor
Database Server
Page No: 167
75
5. TECHNICAL
SPECIFICATIONS :
5.9.1 Primary HQ Site
Servers (Blade
technology)
Database Server
Page No: 167
76
5. TECHNICAL
SPECIFICATIONS :
5.9.1 Primary HQ Site
Servers (Blade
technology)
Database Server
Page No: 167
11
Reply to the query
should have Light indicators
or LCD display for the
failing component in order to
reduce downtime and Pre
Failure alert mechanism to
highlight the deteriorating
health of the components
like Hard Drives, processors,
memory.
Accepted and Clause is
changed to: 2 X 300GB SAS
Hot Swappable HDD per
server configured in RAID 1.
Accepted and the clause may
be read as: Network: Dual
gigabit 10/100/1000 Ethernet
controllers Wake on LAN /
Serial over LAN /Full
Duplex/TCP/IP Offload
Engine / Load balancing or
streaming. Blade Server
should have dual
Connections to the mid plane
for redundancy in case of
Active Mid plane or Passive
Mid Plane to be offered.
Accepted and the clause may
be read as: System
Diagnostics: Blade server
should have Light indicators
or LCD display for the
failing component in order to
reduce downtime and Pre
Failure alert mechanism to
highlight the deteriorating
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
Remarks by the Company
participation.
77
5. TECHNICAL
SPECIFICATIONS :
5.9.2 Blades Enclosure
(Chassis)
Fiber Channel Switches: Fiber Channel
Switches with 4 Gbps ports fitted into
Enclosure to cater to 2 FC Ports per
Blade in Redundant Configuration.
Fiber Channel Switches: Fiber Channel
Switches with 8 Gbps ports fitted into
Enclosure to cater to 2 FC Ports per
Blade in Redundant Configuration.
The latest FC switches are 8
Gbps enabled, so we suggest
that latest technology i.e. 8
Gbps be offered.
Page No: 168
78
5. TECHNICAL
SPECIFICATIONS :
5.9.2 Blades Enclosure
(Chassis)
SAN Connectivity: 8Gbps SAN
switches / 4Gbps pass through modules
to be provided in redundant
configuration for option of connecting
all the blades to External San Fabric
Configuration. It should help minimize
the Fiber Channel Cables Coming out of
the chassis and the Ports to be used in
external SAN Fabric.
SAN Connectivity: 8Gbps SAN
switches to be provided in redundant
configuration for option of connecting
all the blades to External San Fabric
Configuration. It should help minimize
the Fiber Channel Cables Coming out of
the chassis and the Ports to be used in
external SAN Fabric.
Since SAN Switches has
already asked as a part of the
requirement. This clause
creates ambiguity, hence we
suggest that this should be
removed or Pass thru
modules should be removed
from the existing clause.
79
5. TECHNICAL
SPECIFICATIONS :
5.9.3 Primary Site
Storage Specifications
Capacity & Scalability: 1. The Storage
Array shall be offered with 5TB raw
Capacity using 146GB 10K rpm drives.
Capacity & Scalability: 1. The Storage
Array shall be offered with 5TB raw
Capacity using 300GB 10/15K rpm
drives.
146 GB HDDs in FC are End
of Life hence we suggest to
change this to 300GB.
Investment Protection : Customer shall
have the flexibility to migrate to next
higher model of same series with data in
Place and without replacing the Storage
Array controller.
Investment Protection : Customer shall
have the flexibility to migrate to next
higher model of same series with data in
Place and with / without replacing the
Storage Array controller.
As per our understanding
ASRB is looking for the
investment protection during
the storage upgrade to meet
the drives , cache , ports etc
which without having a
powerful controller will not
be of any use to the ASRB.
Secondly, Higher Model
storage comes with the high
performance controller with
enhanced performance to
Page No: 169
80
5. TECHNICAL
SPECIFICATIONS :
5.9.3 Primary Site
Storage Specifications
Page No: 170
12
Reply to the query
health of the components
like Hard Drives, processors,
memory.
Accepted and the clause may
be read as: Fiber Channel
Switches: Fiber Channel
Switches with 8 Gbps ports
fitted into Enclosure to cater
to 2 FC Ports per Blade in
Redundant Configuration.
Accepted and the clause may
be read as: SAN
Connectivity: 8Gbps SAN
switches to be provided in
redundant configuration for
option of connecting all the
blades to External San
Fabric Configuration. It
should help minimize the
Fiber Channel Cables
Coming out of the chassis
and the Ports to be used in
external SAN Fabric.
Accepted with modifications
and the clause may be read
as: Capacity & Scalability: 1.
The Storage Array shall be
offered with 5TB raw
Capacity using
300GB/400GB 10/15K rpm
drives.
Accepted and the clause may
be read as: Investment
Protection: Customer shall
have the flexibility to
migrate to next higher model
of same series with data in
Place and with / without
replacing the Storage Array
controller.
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
81
5. TECHNICAL
SPECIFICATIONS :
5.9.4 BCP/DR Site
Servers
Hard Disk : 5 X 300 GB SAS HotSwappable Hard Drives per Server with
64 MB Cache supporting RAID 1.
Hard Disk: 2 X 300 GB SAS HotSwappable Hard Drives per Server with
64MB Cache supporting RAID 1
Network : Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy
Network : Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy in case of Active Mid plane
or Passive Mid Plane to be offered.
System Diagnostics: Blade server
should have Light indicators to the
failing component in order to reduce
downtime and Pre Failure alert
mechanism to highlight the deteriorating
health of the components like Hard
Drives, processors, memory.
System Diagnostics: Blade server
should have Light indicators or LCD
display for the failing component in
order to reduce downtime and Pre
Failure alert mechanism to highlight the
deteriorating health of the components
like Hard Drives, processors, memory.
Capacity & Scalability: 1. The Storage
Array shall be offered with 5TB raw
Capacity using 146GB 10K rpm drives.
Capacity & Scalability: 1. The Storage
Array shall be offered with 5TB raw
Capacity using 300GB 10/15K rpm
drives.
Page No: 171
82
5. TECHNICAL
SPECIFICATIONS :
5.9.4 BCP/DR Site
Servers
Page No: 171
83
5. TECHNICAL
SPECIFICATIONS :
5.9.4 BCP/DR Site
Servers
Page No: 171
84
5. TECHNICAL
SPECIFICATIONS :
5.9.4 BCP/DR Storage
Specifications
13
Remarks by the Company
meet the higher workload
requirements.
Blade Servers Offers Max. 2
HDDs. These HDDs are
primarily used for OS &
Swap. The required
configuration as per RFP has
FC HBA which will connect
to storage. Hence we suggest
that the internal HDDs in
servers should be reduced to
qty 2.
Different vendors offer
different technology i.e some
vendors offers Active
Midplane in Blades
Technology wherein there is
a tendency of failure due to
the presence of active
components on the midplane,
whereas some vendors offers
Passive Midplane where there
are no active components,
hence no failure. So we
suggest that the clause to be
modified to allow maximum
vendor participation.
Different vendors offer
different technology, LED is
old method of detecting
failures, blades system
technology allows monitoring
through interactive display
i.e. LCD. So we suggest that
the clause to be modified to
allow maximum vendor
participation.
146 GB HDDs in FC are End
of Life hence we suggest to
change this to 300GB.
Reply to the query
Accepted and Clause is
changed to: 2 X 300GB SAS
Hot Swappable HDD per
server configured in RAID 1.
Accepted and the clause may
be read as: Network: Dual
gigabit 10/100/1000 Ethernet
controllers Wake on LAN /
Serial over LAN /Full
Duplex/TCP/IP Offload
Engine / Load balancing or
streaming. Blade Server
should have dual
Connections to the mid plane
for redundancy in case of
Active Mid plane or Passive
Mid Plane to be offered.
Accepted and the clause may
be read as: System
Diagnostics: Blade server
should have Light indicators
or LCD display for the
failing component in order to
reduce downtime and Pre
Failure alert mechanism to
highlight the deteriorating
health of the components
like Hard Drives, processors,
memory.
Accepted with modifications
and the clause may be read
as: Capacity & Scalability: 1.
The Storage Array shall be
S. No.
Bid reference No.
Page No: 172
As per Bid Document
Query/ Suggestion
Remarks by the Company
Reply to the query
offered with 5TB raw
Capacity using
300GB/400GB 10/15K rpm
drives.
85
5. TECHNICAL
SPECIFICATIONS :
5.9.4 BCP/DR Storage
Specifications
Investment Protection : Customer shall
have the flexibility to migrate to next
higher model of same series with data in
Place and without replacing the Storage
Array controller.
Investment Protection : Customer shall
have the flexibility to migrate to next
higher model of same series with data in
Place and with / without replacing the
Storage Array controller.
As per our understanding
ASRB is looking for the
investment protection during
the storage upgrade to meet
the drives, cache, ports etc
which without having a
powerful controller will not
be of any use to the ASRB.
Secondly, Higher Model
storage comes with the high
performance controller with
enhanced performance to
meet the higher workload
requirements.
Accepted and the clause may
be read as: Investment
Protection: Customer shall
have the flexibility to
migrate to next higher model
of same series with data in
Place and with / without
replacing the Storage Array
controller.
ASRB requires 99% or more availability
of its Centralized Examination System //
System Integration & Commissioning >
Supply & Installation of Clustered
database servers with RDBMS
clustering configuration
Should the database support native,
active-active clustering with objectives
of scalability and availability of 24x7,
solution which is highly available?
Active-Active mode will help achieve
the SLA(>99.5%)
Are you looking that solution should
support vertical & horizontal scalability
with no downtime and without
repartitioning or changes to the database
objects transaction routing mechanisms
?
Is there a visibility on activities on
database infrastructure? For example
who is accessing what information?
(specially privilege user activity
monitoring) ?
Is your critical database protected
against external threats? for example
sql-injections
Should the solution restrict DBAs and
Privilege users to update application
data from backend?
Page No: 174
86
Pg 159/ 162
87
88
89
90
Pg 163
Security at all layers
As the data will be highly confidential
we would like to know about security
perspective
14
No Change
Not Required
Refer Annexure I
Not Required
Not Required
S. No.
91
Bid reference No.
As per Bid Document
92
Pg 152
3.2.1.2 Database Module
93
94
95
96
97
Pg165
Enterprise Management Solution
Query/ Suggestion
Is your data encrypted in the database
and tapes?
Should the data travelling between
database server and application server
be encrypted? Justification: To secure
sensitive data being tapped when on the
move it should be encrypted in
throughout the network path?
Should the solution capability to restrict
administrators and privileged IT users
from accessing and altering the
confidential application data?
As per plans the application will be
available at 23 locations so should the
database be capable of handling the data
growth over a period of time without
adversely impacting the application
throughput?
Should the database solution allow such
data to be stored onto different partitions
on different types of storage media
thereby cutting down storage costs as
well as increasing the overall
application performance?
Would you like to use Database
compression capability that not only
reduces disk space requirements by
Compress table, file, network, and
backup data but also improves
application performance and enhances
memory and network efficiency?
Should the database have built-in
provision to administer database /
database clusters, Monitor performance,
Maintain database, Backup and
recovery, Disaster recovery
management along with options to do
diagnosis, performance tuning with the
SQL analysis, finding the events,
advisory based tuning mechanisms with
the history?
15
Remarks by the Company
Reply to the query
Not Required
Not Required
Yes, as per best practices
followed in the industry and
will be discussed with the
selected vendor at the
implementation stage.
Storage scalability has been
considered and sized
accordingly
Not Required
Not Required
Refer Annexure I on detail
specifications for “Enterprise
Management System”
S. No.
98
Bid reference No.
As per Bid Document
99
Pg 174
DR Site Servers: Server Infrastructure
for Backup Server
100
3.3 Question Bank
Portal
General
101
3.3 Question Bank
Portal
3.2.1.1.2 Offline
Registration
General
Section 3.7
Security with respect to the data and
infrastructure
102
103
General
Query/ Suggestion
As the solution will be rolled out at
multiple locations running in clustered
mode so are you looking for some GUI
based database integrated method
which can diagnose the issues
beforehand ?
Would you like the DR site to be
utilized for Reporting/ Read Only
Access and taking Backups? ( This will
free up resources on primary database
for performing other tasks, Idle
hardware and software resources at DR
site will be utilized )?
The Question Bank Portal is to be used
to accept and digitize the question
received by SMEs and put in the system.
ASRB team will then pick and choose to
design multiple question sets. While the
randomization of Questions and
Answers at the CBT will be activity of
the Test Software not the Question Bank
Portal ? Please clarify.
Please share the type of questions which
can be the part of question paper.
Does the Application Forms submitted
by applicants for registration needs to be
scanned for future reference. Please
confirm
Please detailed out the security needs of
the proposed application system .
16
Remarks by the Company
Reply to the query
Not Required
Not Required
No Question Bank Portal.
Question Bank is with
ASRB which will provide
each day‟s digitized
encrypted Question Paper for
that day‟s examination
Objective Type with
multiple choice answers
Online applications only. No
postal applications.
1. Make Certain that system
used in performing
examinations are protected
by strict technical controls
and receive periodic
validations
2.
Implement process
that require all examinations
be conducted on special-use
computers that are used
SOLELY for online
examination. No other use of
the machine should be
permitted – no e-mail, no
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
104
3.10 Essential
Requirements for test
publishing/Question
paper software
Section - 3.7
"Establishment of 23
Examination Centres"
Section - 3.7
"Establishment of 23
Examination Centres"
General
107
5.2
Local Area Network Architecture
108
5.3
Data Centre Design
In order to develop the question papers
what kind of symbols, characters and
Fonts may be required in Question
Paper Designer. Please suggest.
Kindly provide the breakup of no. of
endpoints required in each of the 23
centers.
Please define if this shall be an on
demand internet service which shall be
only required during the examination
period or it should be available at all
days.
Does Lan include structured cabling
also
Does the Activity only include
designing of DC or Does it include
turnkey implementation, Including
105
106
Capacity to accommodate
20/50/100/120 computer terminals by
LAN
Broadband Connectivity with adequate
speed and bandwidth
Remarks by the Company
17
Reply to the query
web browsing, no generalpurpose business use
3.
Make certain that
personnel involved in
performing online
examinations configurations
have the necessary security
awareness and training.
Those persons should
receive targeted training on
Phishing and this threat
4.
Have written policies
defining the controlled
environment in which online
examinations can be
conducted, e.g. what systems
can be used, how they must
be maintained, required
personnel training, etc.
5.
Data transfer should
be in encrypted form
6.
Various access
controls for unauthorized
access
7.
Trial runs
The Question Paper will be
developed by ASRB and not
the Agency
Details listed at Annexure -II
Max 6 mbps only needed.
The range is 4 to 6 mbps
during the year.
Yes
No civil or electrical work.
LAN cabling and switches
may be needed
S. No.
Bid reference No.
109
110
Data center At NOEC
5.9.3 - Sr. No. 1.0.1
Page No: 169
111
5.9.3 - Sr. No. 1.0.5
Page No: 170
112
5.9.3 - Sr. No. 1.1.4
Page No: 170
113
5.9.3 - Sr. No. 1.0.1
115
1. The storage array should support
industry-leading Operating System
platforms including: Windows Server
2008 (Enterprise Edition), HP Tru64
UNIX, OpenVMS, Sun Solaris, HP-UX,
IBM-AIX, Linux and Novell NetWare.
2. Offered Storage Shall support all
above operating systems in Clustering.
1. Shall support Snapshot, Capacity free
snapshot without locking the disk space,
Full physical copy (Clone). 2. Shall
support incremental re-synchronization
of business copy with Primary volume.
3. Shall support more than 12 business
copy of a given production volume. 4.
Shall be able to create business copy on
different raid set as compared to
Production volume. 5. Shall provide
license for above listed capacity.
Agency shall also offer the performance
management software for Storage
Array.
Page No: 170
1. The storage array should support
industry-leading Operating System
platforms including: Windows Server
2008 (Enterprise Edition), HP Tru64
UNIX, OpenVMS, Sun Solaris, HP-UX,
IBM-AIX, Linux and Novell NetWare.
2. Offered Storage Shall support all
above operating systems in Clustering.
Agency shall also offer the performance
management software for Storage
Array.
5.9.3 - Sr. No. 1.1.6
Customer shall have the flexibility to
Page No: 169
114
As per Bid Document
5.9.3 - Sr. No. 1.1.4
Query/ Suggestion
Civil, Electrical, Cooling etc.
Does the DC site Preparation activities
only include Supply Of UPS and
Biometric access control.
Supported Windows2008, HPUX, IBM
AIX , Linux. Solaris and OS clustering
for HPUX, IBM AIX, Windows 2008.
OpenVMS, Novell NetWare are not
supported please exclude the same
Remarks by the Company
Reply to the query
No. All as defined.
No change
4 business copies of a given production
is quite adequate. Hence request you to
change it to 4 or more business copies.
No Change
Please include to show statistic
information for the storage OR Agency
shall also offer the performance
management software for Storage
Array.
Supported Windows2008, HPUX, IBM
AIX , Linux. Solaris and OS clustering
for HPUX, IBM AIX, Windows 2008.
OpenVMS, Novell NetWare are not
supported please exclude the same
Refer Annexure I
Please include to show statistic
information for the storage OR Agency
shall also offer the performance
management software for Storage
Array.
Flexibility of migration of data to higher
Refer Annexure I
18
No Change
No Change
S. No.
Bid reference No.
Page No: 170
116
5.9.2
As per Bid Document
migrate to next higher model of same
series with data in Place and without
replacing the Storage Array controller.
The chassis should accommodate
Intel/AMD Blades simultaneously
Page No: 162
117
Section 3.7, Page no
157
This activity involves the activation of
23 test centres at 23 locations developed
and established by the ASRB for the
conduct of the Computer Based Test.
The test is designed for a period of 30
days at the rate of one subject per day
across the country at the 23 centers.
118
Section 5.10
119
Section 3.8.2
The Data Center is to be staffed and
monitored 24x7 to ensure at least 99%
uptime during the examination process.
Scheduled maintenance windows are
conducted at times when usage is lowest
to ensure patches and updates are
applied when available.
Invigilation and Verification
120
Section 5.12
Testing centers should have broadband
connections that ensure fast and reliable
communications with the Data Center.
Speeds are typically a minimum of 6
mbps for 60 days at the time of conduct
of CBT
121
General Query
General Query
Query/ Suggestion
model
Remarks by the Company
All the blades asked for in the RFP are
Intel blades, there is no AMD blade
requirement. Please remove the clause
for Intel/AMD blades simultaneously
Please clarify following:
1. How many time test will be
conducted in a year
2. What will be the duration of test per
day?
What will be the service window for
support during the days when test are
not scheduled.
Bidder assumes, required manpower is
to be provided across the test centers for
invigilation and verification. Please
clarify is the understanding is correct.
RFP demands for disconnecting the
network during exam days once
question paper is downloaded on local
server. It will be difficult to monitor the
servers using EMS during this period,
please clarify if entire communication
with the datacenter is to be stopped or
stopping Specific examination
application communication will do.
1. Page 165 glorifies the requirement of
helpdesk; please clarify if the helpdesk
is required.
2. What call volumes is to be assumed
to land at Helpdesk
3. What will be service window of
Helpdesk? Please clarify
19
Reply to the query
No Change
1.
Twice every year, may
increase the frequency.
2. Each test will be for 2
hours. In a day, there
could be maximum of 3
batches. Each series of
exam may last for 60
days.
Data Center will operate on
all working days except
Gazetted
Holiday/Saturday/Sunday
Yes
Once Question Paper is
downloaded, the Servers will
be de-linked from internet.
Other modes of connectivity
to be used for monitoring
Helpdesk with at least 7 lines
with Round Robin is needed.
All required facilities for
helpdesk are to be provided
on-site or off-site including
telephones.
S. No.
Bid reference No.
As per Bid Document
122
Section 6
123
Section 7
Physical security Measures:
o Access Control and Alarm Monitoring
Systemo CCTV Surveillanceo Alarm Monitoring
§ Rack door is to be fitted with
movement sensor.
Supervisors 25 Nos
124
5.13.2. Desktop
machines/terminals
(Qty: 2020)
125
5.13.2. Desktop
machines/terminals
(Qty: 2020)
Page No: 178
5.9.2 Blades Enclosure
(Chassis)
Page No: 168
126
127
5.13.3. Technical
specifications for
10KVA online UPS
system at each test
centre and NOEC
Page No: 179
Monitor: Minimum 17‖ Widescreen Flat
Panel 1366x768 resolution or better, Tilt
adjustment capability, response time : 5
ms, FCC, UL, TFT-TCO-03 Certified
(Same make as OEM)
Ports: 8 USB 2.0
The chassis should accommodate
Intel/AMD Blades simultaneously
Environment - Standards
EN50091-1 for safety
EN50091-2 for EMC
Conformity: UL 1778, cUL 107.1,
107.2, (120V models),
CE (230V Models)
Transient Immunity (120V): Per IEEE
62.41 (formerly IEEE 587)
Transient Immunity (220V): Per IEEE C
61000-4-5 level 3
Query/ Suggestion
4. Bidder Assumes, required
infrastructure including phones, seats
and chairs for the helpdesk will be
provided by ASRB for helpdesk. Please
confirm
Is the bidder expected to provide
manpower for physical security also, or
manpower will be provided by ASRB.
Remarks by the Company
Reply to the query
Physical security will be the
responsibility of ASRB.
Bidder assumes these resources are
required during the exam days only not
dedicatedly throughout the contact
period.
Requested to remove the tilt option from
Monitor specification as this is not
standard across reputed brands and it is
OEM specific.
Yes
You are requested to consider 6 USB
2.0 Ports (4 Rear and 2 Front) as this is
Industry standard.
Accepted and the clause may
be read as: Ports: 6 USB 2.0
Ports (4 Rear and 2 Front) as
this is Industry standard.
No Change
All the blades asked for in the RFP are
Intel blades, there is no AMD blade
requirement. Please remove the clause
for Intel/AMD blades simultaneously
Requested to mention CE/UL or
equivalent Indian Standards. Because
mentioned ratings may not applicable to
Indian Manufactured Items.
20
Tilt is only forward and
backward slant position. Not
rotation.
Accepted with modifications
and the clause may be read
as: Environment - Standards
EN50091-1 for safety
EN50091-2 for EMC
Conformity: UL/ CE
certified or equivalent 1778,
cUL 107.1, 107.2, (120V
models),
CE (230V Models)
Transient Immunity (120V):
Per IEEE 62.41 (formerly
IEEE 587)
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
128
5.13.3. Technical
specifications for
10KVA online UPS
system at each test
centre and NOEC
Page No: 180
5.13.3. Technical
specifications for
10KVA online UPS
system at each test
centre and NOEC
Page No: 179
5.13.3. Technical
specifications for
10KVA online UPS
system at each test
centre and NOEC
Page No: 179
F. GUARANTEES
AND LIABILITIES/
33 Limitation of
Liability
Protection Class - IP-31
Requested you to consider "IP20 or
better" for protection class because it is
standard for indoor applications.
Accepted with modifications
and the clause may be read
as: Protection Class - IP-21
Battery - Minimum VAH rating24AH, no. of batteries for 60 minutes
backup with appropriate racks
Please give option to quote "24 AH or
Higher".
Battery Makes - Global-Yuasa/Amara
Raja/ Exide
Please add "or equivalent" make
because there are many other battery
makes which are equal/better than
mentioned brands. Also specific brands
makes bidder uncompetitive in pricing.
Accepted with modifications
and the clause may be read
as : Battery - Minimum
13440 VAH rating (28AH X
40 nos. batteries X 12 volt
each )
Accepted and the clause may
be read as: Battery Makes Global-Yuasa/Amara Raja/
Exide or equivalent
Provided the following does not exclude
or limit any liabilities of either party in
ways not permitted by applicable law:
(a) the Supplier shall not be liable to the
Purchaser, whether in contract, tort, or
otherwise, for any indirect or
consequential loss or damage, loss of
use, loss of production, or loss of profits
or interest costs, provided that this
exclusion shall not apply to any
obligation of the Supplier to pay
liquidated damages to the Purchaser;
and
(b) the aggregate liability of the
Supplier to the Purchaser, whether
under the Contract, in tort or otherwise,
shall not exceed the total Contract Price,
provided that this limitation shall not
apply to any obligation of the Supplier
to indemnify the Purchaser with respect
to intellectual property rights
The bidder request clarification in
regard to the unlimited liability in case
of intellectual property rights
infringement.
129
130
131
Remarks by the Company
The bidder would like to suggest that
the liability of the supplier to the
purchaser, should be limited to total
contract price without any exception.
21
Reply to the query
Transient Immunity (220V):
Per IEEE C 61000-4-5 level
3
No change as these are as
per standard clauses
S. No.
Bid reference No.
As per Bid Document
infringement.
As per IFB
132
3.5.8 Litigation History
133
3.5.4 Current Contract
Commitments/ Works
in Progress
As per IFB
134
As per IFB
135
G. Risk Distribution/
34. Transfer of
Ownership
Change of Taxes
136
Saving Clause
Not mentioned to be added
137
Title Trasfer
Not mentioned to be added
138
Deemed Acceptance
Not mentioned to be added
Not mentioned to be added
Query/ Suggestion
Remarks by the Company
Bidder request to provide a declaration
instead of the format prescribed.
As the bidder is one of top SI, there are
lots of projects underway, for which
bidder request to give a declaration for
the same.
Bidder request more clarity on the
transfer of ownership of softwares,
equipments and materials supplied.
Any change in tax structure or Statutory
amendment subsequent to submission
resulted into any change in taxes ,duties
shall be borne by customer
Wipro‟s failure to perform its
contractual responsibilities, to perform
the services, or to meet agreed service
levels shall be excused if and to the
extent Wipro‟s non-performance is
caused by Customer‟s omission to act,
delay, wrongful action, failure to
provide inputs, or failure to perform its
obligations under this Agreement.
We request you to consider the fact that
title and risk transfer happens on
dispatch of goods from the vendors
factory / warehouse as the same has
been billed in the name of the customer.
The bidder / vendor would be liable to
take transit insurance till the equipment
gets delivered to customers premises.
The vendor / bidder would also take
necessary insurance with department as
beneficiary till the site gets
implemented.
All Products/ services rendered
hereunder shall be deemed accepted, if
Customer does not provide a written
notice of any rejection/confirmation of
acceptance or when Customer uses the
Product/deliverable in its business,
whichever occurs earlier. In the event of
22
Reply to the query
No change as these are as
per standard clauses
No change as these are as
per standard clauses
No change as these are as
per standard clauses
No change as these are as
per standard clauses
No change as these are as
per standard clauses
No change as these are as
per standard clauses
No change as these are as
per standard clauses
S. No.
Bid reference No.
As per Bid Document
139
Bid submission form
(page 220)
We accept the appointment of Sh. R.K.
Gupta, Deputy Director General,
National Informatics Center (NIC) –
HQ, New Delhi, as in the Bid Data
Sheet ] as the Adjudicator
140
Severity Classification
(page 205)
Deduction in payment @ of 5% per
week beyond the tolerance period (up to
25% maximum beyond which it will
lead to Severity 1)
141
27.2 Operational
Acceptance Tests (page
99)
The Operational Acceptance Tests (and
repeats of such tests) shall be the
primary responsibility of the Purchaser
142
Page No 44/285 - ITB
6.1 (a) Qualification
requirements for
Bidders are:
Point No 3
Bidder or its JV partner should be an
established online solution providing
company, should have successfully
executed two assignments of similar
nature during the last four financial
during the last four financial years
(Supply and installation of Computer
Hardware and/or servers comprising of
Query/ Suggestion
any rejected product/service, Wipro
shall be given a 30 day period to correct
the same.
GCC 6.2.3 Page no 129
suggests that the arbitrator are mutually
appointed, however the present
narration are in contradiction
This is in addition to liquidated damage,
thus the cap on liability being on higher
side. Need to cap the same at 10% of the
contract value. However we suggest
total LD & Penalty should not be exceed
10% of contract value.
Request you to kindly consider Deemed
Acceptance clause. DEEMED
ACCEPTANCE The deliverables
installed shall be deemed as accepted
after the seven days of its Installation.
In case of any Acceptance test, the
procedure shall be mutually agreed at
the time of award and the test shall carry
out within seven days of the Installation.
In case of failure to conduct the test
within stipulated time period, the
deliverables shall be deemed as
accepted. The certificate of acceptance
shall be released within seven
days of the acceptance. In case of
failure to release the acceptance
certificate within stipulated time
period, the acceptance certificate
shall be deemed as released.
Please consider Consortium Partnership
also along with JV
23
Remarks by the Company
Reply to the query
This will be discussed
mutually with the successful
Bidder/JV
Partner(s)/Consortium
Partner(s). Current indication
is as per World Bank
requirement.
No change as these are as
per standard clauses
No change as these are as
per standard clauses
A firm can bid for a project
either as a Sole Bidder or in
the form of Joint Venture/
Consortium.
S. No.
Bid reference No.
143
Qualification Criteria
(Point No 2 of Page no
1)
144
Single Stage Bidding
As per Bid Document
at least 1000 peripherals and
Conducting Online cum Computer
Based Test Examinations of which at
least one assignment of should be of Rs.
300 Lakhs or more).
Bidder or its JV partner should be an
established online solution providing
company, should have successfully
executed two assignments of similar
nature during the last four financial
years (supply and installation of
Computer Hardware and/or Servers
comprising of at least 1000 peripherals
and Conducting Online cum Computer
Based Test Examinations of which at
least one assignment should be of Rs.
300 Lakhs or more)
Single Stage Bidding
Query/ Suggestion
Remarks by the Company
Authorities are requested to lighten up
this clause as : The Bidder (Single
Bidder or its JV) should be CMMi Level
5 Company. They should have
following experience :
“A”
They should have successfully
completed OR under implementation at
least two
Online Result Processing Projects in the
last five financial years in which at least
one assignment should be of Rs. 300
Lakhs or more)
OR
“B”
They should have successfully
completed OR under implementation at
least two system integration projects
including Software Development
globally in last 5 years. The total value
of each of such projects should at least
INR 300 lakhs. For each of these
projects the value of the component of
Application Design & Development
and for covering Configuration &
Customization, Testing, Installation,
Training, Hand-holding and support
activities within the project should be at
least INR 100 Lakhs
to give equal chance to prospective
bidders who have rich experience in
executing large complex system
integration and software development
projects
Please elaborate Single Stage Bidding?
Do we submit our Technical bid along
with Commercial Bid in single envelope
OR Technical bid would be sealed
24
Reply to the query
No change
This is single stage bidding.
Please refer to ITB 13 at Pg
16-18 regarding
“Documents Comprising the
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
separately and Commercial bid will be
sealed separately
145
Annexure-1, Page 282
Connectivity
146
Request for Extension
Request for Extension
Does connectivity/bandwidth from Data
Centre to all Examination Centre will be
provided by ASRB OR Vendor needs to
provide the same? Please clarify
We would request the Authorities to
extend the due date for at least 6 weeks
from the date of Pre bid clarifications
issued by ASRB
We refer to clause 14.4 (a) of the ITB
section “……. the prices shall be quoted
on a CIP (named place of destination)
basis, exclusive of all taxes, stamps,
duties, levies, and fees imposed in the
Purchaser„s country”, read with SCC
clause 14 wherein ASRB represents to
the Bidder that ASRB would avail
Custom Duty Exemption and the
necessary Documents to this effect shall
be provided by ASRB, New Delhi to the
bidder on demand such that the bidder
shall be saved from paying Custom
Duty component for imported
equipment and goods. Kindly clarify the
following questions in this regard:
147
a. Whether the aforesaid Custom Duty
exemption documents provided by
ASRB make the Bidder statutorily
eligible to claim the waiver from levy of
Custom Duty on goods supplied from
outside the Purchaser‟s country?
b. In the event the Supplier is unable to
receive the aforesaid Custom Duty
waiver benefits in spite of its best
efforts, will ASRB compensate the
Supplier for the aforesaid whole or the
shortfall in the waiver amount realized
from the Government Authority?
c. The SCC clause 14 refers to a GCC
25
Remarks by the Company
Reply to the query
Bid” and also ITB-20 at Pg
26 regarding “Sealing and
Marking of Bids”
Vendor shall be responsible
for providing
connectivity/bandwidth
Please refer Amendment-I
ASRB will provide custom
duty exemption.
GCC clause 14.5 is an
additional clause.
S. No.
Bid reference No.
As per Bid Document
148
149
Section II: Bid Data
Sheet, Clause ITB 28.1
(b);
a supplier cannot bid for subsystems,
lots, or slices
150
Scope of Services, Page
148
Answer papers to be uploaded to NOEC
immediately after the exam each day
and evaluated at NOEC and results
declared on the website same day
evening.
151
Query/ Suggestion
clause 14.5, which is missing from the
“Bidding Document”, possibly due to a
printing error. Kindly supply the
contents of GCC clause 14.5.
We wish to draw your attention to a
usual practice wherein large corporate
like us take out Global Insurance
policies, usually outside of Purchaser‟s
country, of relatively large sums
sufficient to cover their large businesses
across the globe with no other entity as
co-insured. In view of this, and with
reference to GCC clause 37.2, kindly
clarify if the existing insurance policies
of global coverage would qualify the
Bidder without needing to acquire fresh
Insurance coverage with Purchaser as
co-insured. We also draw your attention
to the cost advantage a Bidder shall
bring to the Purchaser by saving the
duplication of insurance costs
On the same lines, may we assume that
ASRB will not be awarding subsystems,
lots, or slices to different suppliers?
Please confirm.
We request you to elaborate on the
definition and scope of evaluation of the
results. This information will help us
streamline our solution effectively.
In the interest of security of content and
data, we segregate the question bank
portal and test delivery servers. To best
align ASRB‟s requirements as stated in
RFP with the globally acceptable best
practice in testing, we recommend
installing the question paper software at
the ASRB data center at NOEC, Delhi,
while the test delivery software resides
in our secured facilities. This approach
adheres to global security and
operational standards that are used by
leading government and defense bodies
26
Remarks by the Company
Reply to the query
No change
Not awarding subsystems or
subcontracts.
Standard guidelines as per
the document
The vendor must read and
S. No.
Bid reference No.
As per Bid Document
Query/ Suggestion
to run their test delivery modules
through our systems. We wish to check
if this approach is acceptable to ASRB?
Please confirm.
Note: We respectfully request that you
keep the following information
confidential (Request you to omit note
and point i, ii and iii when including our
questions to be shared with all bidders
as this contains sensitive information
only for ASRB‟s consideration)
152
153
Page 156
The Agency should be able to supply a
Full TRIAL VERSION for the
committee to evaluate.
i. In order to maintain our
internationally approved data security &
privacy protocols, we are not permitted
to run separate instances of test delivery
servers outside of our secured facilities
thus same can‟t be installed on ASRB
server. This requirement from ASRB
cannot be met by us and we require an
exception on this. However, ASRB
(purchaser) is welcome to visit our
facilities and audit our systems &
processes. We expect this visit/audit will
satisfy the ASRB technical team in
meeting its requirements.
ii. While we may discuss extending
license of our test delivery software
beyond the term of the contract, we are
unable to give full rights to the
purchaser.
For higher utilization of the NOEC + 23
centers, does ASRB plan to sign new
contracts with other government R&D
departments? If yes, then what are the
timelines for the same and how do you
envisage to include this in the contract?
Please clarify whether the evaluation of
the Trail version is post award process
or it is required before for the technical
evolution of the bids.
27
Remarks by the Company
Reply to the query
understand the requirements
properly. There is no
Question Paper Portal. The
QP is the IPR of ASRB.
ASRB takes the
responsibility of preparing
the digitized QP for each
subject.
The job requires a
standalone exam system
exclusively for ASRB on a
turnkey mode. All servers
(data, application, security)
are to be procured, installed
and operated from ASRB
HQ. Perpetual license for
software including QP
software is needed. ASRB
does not ask for the source
code.
Not at present
Trial version to be supplied
on demand at any time.
S. No.
154
Bid reference No.
Page 161
As per Bid Document
155
SECTION VI.
TECHNICAL
REQUIREMENTS
,section 5.2 page 157
Local Area network
156
157
158
SECTION VI.
TECHNICAL
REQUIREMENTS,
section 5.1 pg 166
SECTION VI.
TECHNICAL
REQUIREMENTS
Section 5.2 page 157
159
Generic
160
Generic
NOEC: PROPOSED SYSTEM
REQUIREMENTS
Local Area network
Query/ Suggestion
The license of COTS application
provided should be of perpetual nature
with 3 years five updates.
Please mention the quantity and specs
for the networking devices Core
switches ,Access switches for the
formation of LAN
At the Gateway of DC & DR router
needs to be provided please mention the
quantity and specifications.
as per diagram, please clarify load
balancer needs to provided or not if yes
then please mention the quantity and
specs.
As per the requirement 23 exam centres
needs to be connected to please mention
LAN formation at these centres is
required or not? If yes then please
mention quantity and specs of
networking devices like switches,
routers modems, structured cabling etc
at each of these locations.
Please give the detailed specifications of
Web Portal for registration, payment,
scheduling, Hall tickets, Scorecards,
Query handling module,
Administration module,
Examination
portal (with video handling capability),
Database Module, Result Declaration
Module
Pl explain the meaning of Time
management options to be available in
the question designer, Assuming
responsibility for plotting of missing
features, scanning, indexing, etc., and
data entry, conversion or migration
required for the application system, The
packages/software is to be totally
customizable by ASRB where ASRB
can set startup image, organization„s
logo image, background image,
background color, fonts and style and
28
Remarks by the Company
Reply to the query
Yes,
Updates could be yearly.
The vendor can work out
from the details already
provided.
The vendor can work out
from the details already
provided.
Diagram is only for clarity of
concepts.
LAN needed.
Details can be worked out by
the successful vendor from
the specifications already
provided. Switches, cabling
etc are already in place at 23
locations.
There are no detailed
specifications at this stage.
Normal standard protocols
apply.
Normal Examination
Question Paper protocols
apply
S. No.
Bid reference No.
161
Generic
162
Generic
163
Memory
Pg 166
As per Bid Document
64 GB PC3-10600 DDR3 RDIMMs and
UDIMMs, DIMM Slots should be
available
Query/ Suggestion
many other such attributes, We have to
keep the system flexible and scalable
enough to cater for the changes in
objectives, procedures and processes
that will occur due to other
studies/consultancies/project that are
being undertaken/planned in ASRB,
ASRB may provide additional Business
Process Improvements to us. We will
have to incorporate the
approved/additional improvements in
application system, vendor should be
able to supply a Full TRIAL VERSION
for the committee to evaluate, RTI
handling for a period of 6 months post
exams, Scope of LMS delivery.
What is the scope of training delivery to
End users, Application system support
group, database administrative group,
operations and facilities management
group, application usage, Instructor Led
classroom trainings/Computer Based
trainings
What level of details should the
technical documentation cover for
Database Manual, Application
System, Requirement Specification
(SRS), Application Customization
Requirements Specification (CRS), Gap
Analysis Document (if applicable), Plan
for data entry, conversion and
migration, Application Software Design
Document (SDD) , Coding standard
guidelines, Trouble Shooting document,
Installation Manual, Operational
Procedures Manual, Acceptance Test
Plan, Acceptance Test Specifications,
Other relevant technical documentation,
etc.
Please reword it as "64 GB PC3-10600
DDR3RDIMMs/UDIMMs as both
cannot be mixed together in same
configuration also .Please specify how
29
Remarks by the Company
Reply to the query
Scope is as detailed in the
document.
Maximum details possible so
as to enable proper
evaluation, grading and
comparison.
No Change
S. No.
Bid reference No.
As per Bid Document
164
OS Compatibility
Pg 166
Compatible with Microsoft Windows
2008(Standard, Enterprise and Data
Center Editions 32 & 64 bits) and
RHEL 4 & 5.
165
database Server
Pg 167
128 GB PC3-10600 DDR3 RDIMMs
and UDIMMs, DIMM Slots should be
available to scale up to 256 GB within
the Same Server
166
database
Server>memory
Pg 171
64 GB PC3-10600 DDR3 RDIMMs and
UDIMMs, DIMM Slots should be
available
167
5.13.1>2 Socket
Servers X 2
Pg 177
168
Compatible operating
systems
Pg 177
External I/O ports Serial - 1; Pointing
Device (Mouse) - 1; Graphics - 1;
Keyboard - 1; VGA - 2 (1 front, 1
back); Network RJ-45 - 2; Remote
management port - 1; USB 2.0 ports - 5
(2 front, 2 back, 1 internal)
Microsoft Windows Server 2008 32 &
64 bits, RHEL 4
169
Page No.44, ITB 6.1 (a)
point no.2 of
Qualification
requirements for
Bidders
Bidder or its JV partner should be an
established online solution providing
company, should have successfully
executed two assignments of similar
nature during the last four financial
years (Supply and installation of
Computer Hardware and/or servers
comprising of at least 1000 peripherals
and Conducting Online cum Computer
Query/ Suggestion
many slots need to be available
Reword it as Compatible with Microsoft
Windows 2008(Standard, Enterprise and
Data Center Editions 32 & 64 bits) and
RHEL 4 or 5. as RHEL is the Latest
version of the O.S
Please reword it as "64 GB PC3-10600
DDR3RDIMMs/UDIMMs as both
cannot be mixed together in same
configuration. Please relax max memory
to 192 GB instead of 256 GB As 192
GB is the maximum memory scalability
available for 2CPU 5600 series as per
intel guidelines and industry standard
without compromising on the overall
RAM performance
Please reword it as "64 GB PC3-10600
DDR3 RDIMMs/UDIMMs as both
cannot be mixed together in same
configuration also .Please specify how
many slots need to be available
IBM rack server support only 1 VGA
port, USB connectivity for Mouse and
keyboard.
Remarks by the Company
Reply to the query
No Change
No Change
No Change
No Change
Please remove microsoft windows 2003
32 & 64 bit from the O.S support list as
microsoft is not supporting this O.S
now. Latest version of redhat is RHEL
5or 6
No Change
Please clarify whether single order is
required containing hardware and online
test experience or two separate orders
will comply to the tender clause - one
for hardware with 1000 peripherals and
one for on line examination. Since you
have allowed JV so we request you to
kindly consider orders from JV partners.
Order from JV
Partner(s)/Consortium
Partner(s) will be accepted.
30
S. No.
Bid reference No.
170
Generic
171
5.9.1/167
As per Bid Document
Based Test Examinations of which at
least one assignment of should be of Rs.
300 Lakhs or more).
DBMS :
Microsoft SQL Server 2008
Enterprise Edition with media and
appropriate licenses or equivalent.
172
Generic
Eligibility Clause
173
Generic
174
Generic
175
5.13.2, Desktop
Intel Core i3 540 processor or
equivalent (3.0 GHz, 4MB or Higher)
176
SECTION VI.
TECHNICAL
REQUIREMENTS
,5.13.4. Additional
Technical
Specifications
The test centres should have an Internet
connect ion capable of supporting the
server requirements.
Query/ Suggestion
Remarks by the Company
The authentication and validation of
student records will it be done by ASRB
or is this the responsibility of the vendor
We understand that ASRB will use
SQL Server for the testing application
and intranet. It is therefore
recommended that the licensing mode
be called out. Hence it is
recommended that the statement be
changed to:
Microsoft SQL Server 2008
Enterprise Edition (Proc License) with
media and appropriate licenses or
equivalent.
How would the Eligibility Clause with
regards to Turnover be evaluated in case
of a consortium or JV? Would any one
member need to have turnover > 100
Crores or Would the turnover of all the
members be clubbed while evaluation
this clause?
Would ASRB have an objection to a
Consortium / JV partner with lower
Turnover becoming the “Lead Partner”
for this project?
Is the Quotation on Capital Equipment
to be paid in first year in full or is there
an option to spread it over three years as
is the case with the quotation for
Services?
Intel Core i3 540 processor or
equivalent (SPEC_Int_Base 2006 of 75
or better)
please clarify internet connectivity for
all 23 exam centres will be the
scope of SI or not.
31
Reply to the query
No verification to be done
before the test.
No Change
Turnover can be of a Sole
Bidder or its JV Partner(s)/
Consortium Partner(s) as a
whole.
Please refer to enclosed
Amendment.
No, ASRB has no condition
in this regard
Payment will be made as per
the terms already mentioned
in the document.
No Change
This will come under scope
of work of SI
S. No.
177
Bid reference No.
As per Bid Document
178
Page no. 165
5.8 Enterprise
Management Solution
As per the IFB, Asset Management
Solution is required but there are no
detailed specifications for the desired
functionality of the Solution
179
Section/ Page
No.
5.9.1/ Pg#
169
Operating System:
Preloaded Microsoft 2008
Enterprise Edition with media
and appropriate licenses for the
Server or equivalent.
180
5.13.2/ Pg#
181
Antivirus:
Pre-loaded Anti-Virus (etrust/Trend
Micro/Symantec/Norton/Macafee)
software with upgrade and
spyware protection with 3 years
license.
Query/ Suggestion
we recommend for adoption of a
Performance Rating/ Parameters (basis
some of the third party Benchmarks
available in the market ) instead of
Frequency/ Clock Speed/ Cache
Memory to define the comparison basis
of being “ Equivalent” in nature.
Please provide the detailed
specifications for Asset Management
Solution.
Operating System:
We understand that ICAR wants
perpetual licenses of Microsoft
that is not machine dependent and
can be used for other machine in
case of replacement of original
machine along with updates,
patches and upgrades. Suggest
please frame the existing RFP
statement as “Preloaded
Volume License of Microsoft
Windows 2008R2 Enterprise
Edition with media and
software assurance for the
contract period for the
Servers.”
It is proposed that ASRB also should
consider Microsoft‟s antivirus
“Forefront” that is among the top
antivirus brands as per Gartner quadrant
and other industry reviews.
Also being from Microsoft, it would be
best suited for ASRB
infrastructure that is mostly on MS
platform. Suggest please consider reframing the statement as:
“Pre-loaded Anti-Virus (Forefront/ etru0020st/Trend
Micro/Symantec/Norton/Macafee)
software with upgrade and
32
Remarks by the Company
Reply to the query
Not required
Please refer to
Annexure 1 on
detail specifications
for “Enterprise
Management
System”
No change
Accepted
S. No.
181
Bid reference No.
As per Bid Document
Operating System:
Microsoft® Windows® 7
Professional or latest Preloaded
with recovery CD media from a
Direct Named OEM Account of
Microsoft Licensing, Inc. The
Certificate of Authenticity or the
COA should have OEMs name
printed on it.
Query/ Suggestion
spyware protection with 3 years
License.”
We understand that the proposed
system requires very high
security because the desktops
would be used for examinations
and would require them to be
hardened. Therefore, we suggest
ASRB considers Windows 7
Enterprise Edition upgrade over
Windows 7 Professional Edition
that can provide added security
features like:
a. Bitlocker and Bitlocker to
go: Help protect data on PCs and
removable drives, with
manageability to enforce
encryption and backup of recovery
keys.
AppLocker: Specify what
software is allowed to run on a
user's PCs through centrally
managed but flexible Group
Policies.
b.This will enable the system to be
highly secure, hence suggest that
ASRB considers the same. May
we please suggest to reframe the
statement to:
Microsoft® Windows® 7
Professional or latest Preloaded
with recovery CD media from a
Direct Named OEM Account of
Microsoft Licensing, Inc. The
Certificate of Authenticity or the
COA should have OEMs name
printed on it. The bidder should
upgrade the desktops to Microsoft
Windows 7 Enterprise for
deploying additional security
features as desired by ASRB.
33
Remarks by the Company
Reply to the query
No Change
S. No.
182
183
184
185
186
Bid reference No.
As per Bid Document
Security:
TPM 1.2 support, Chassis loop
lock support (with cable locks
available), Setup/BIOS Password,
I/O Interface Security
Query/ Suggestion
Relevant licenses for the same
should be quoted along with
upgrades for the contract period.
As higher security has been
proposed for desktops, an
additional level of security can be
achieved using Bitlocker. Suggest
the statement be reframed to:
“Bitlocker Support, TPM 1.2
support, Chassis loop lock support
(with cable locks available),
Setup/BIOS Password, I/O
Interface Security”
Will we get a complete BRS with
specifications on registration portal
development etc or do we have to
undertake a granular level product
requirement study with a requirement
gathering team at their office? There are
no details with respect to candidate
validations, registration fields, workflow
etc to be followed while registering
candidates etc. Can we propose our own
methodology or follow a workflow
provided by client.
For the Data Center setup, do we need
to deploy hardware/software as per the
specifications detailed or can we deploy
hardware/Software capable of delivering
the required solution.
Do we have the entire right to create, set
and execute process at their examination
center as per our laid down processes?
We need center premises and facilities
(IT and non-IT) as per our decided
processes and guidelines to deliver
examinations in a smooth and
standardized fashion.
Will the setup be used for ASRB only or
will it be used for other examination
purposes also? This is required for us to
understand the maintenance
34
Remarks by the Company
Reply to the query
No Change
ASRB will provide
workflow protocol to the
selected Agency
As per the specifications
only
AS per the scheduled
protocols and time frame
under the guidance of ASRB
only.
The systems will be used by
ASRB/ICAR for similar
other purposes. Test will be
conducted about 60 days
S. No.
187
188
189
190
191
192
193
Bid reference No.
As per Bid Document
Query/ Suggestion
commitment for us. Please clarify.
To conduct the "Online Examination",
how many technical persons are to be
deployed by the bidder? Please specify
minimum number of technical persons
required for each of the centre. We
suggest that a total 2 technical persons
(1 Network Engineers and 1 Software
Engineer) are required from the agency
side, apart from the regular invigilators
provided by ASRB. Please clarify.
Are the bidders required to submit the
source code after the contract period of
3 years? If yes, kindly clarify whether
the contract will be extended to the
same party after 3 years or new tender
will be floated or who will conduct the
"Online Examination"? Please give clear
answer for this question as this is very
important from the point of bidder and
ASRB. Please clarify.
As per the tender the software is
required to be customized to suit the
requirement of ASRB. Does that mean
the software is to be handed over to
ASRB after the completion of 3 years?
Is redundancy for the proposed 6 MBps
Leased line required?
In case the consortium or JV companies
eligible for the contract, on whose name
will the contract be given? Will it be
given in the name of the authorized
member of Consortium/JV? Or will it be
given in the name of the consortium?
Will the tender norms permit a Joint
venture of 2 or more companies or
Consortium of Companies? If yes, what
are all the documents required to be
produced?
In the tender you have given that the
bidder should have 100 Crore turnover.
Kindly clarify that the turnover is for the
35
Remarks by the Company
Reply to the query
each twice every year.
ASRB will provide only
local invigilators only at the
test sites.
No source code is needed.
But perpetual licenses with
free upgrades are needed.
Yes
Yes
Please refer to ITB 6.2 and
other relevant clauses under
ITB 6 of Bid Document
Please refer ITB 6.1 of Bid
Document
Same as 123
S. No.
Bid reference No.
As per Bid Document
194
3.5 Establishment of
Server and Software Test Delivery Services
Pg 153
Well protected from any threats through
Firewall
195
3.2.1.2 Database
Module
The access to the database to be highly
secure.
Pg 152
196
3.2.1.1.1 Online
Registration
Provision to send individual common or
customized messages through email or
SMS to the candidates.
Pg 151
197
2. SCOPE OF
SERVICES - An
outline of tasks to be
carried out
Pg 147
198
ITB 28.5
Pg 49
ASRB is expecting a complete ‗turnkey systems„ delivery under this
assignment. The Agency will provide
Hardware, Software, Firewall,
manpower both technical and nontechnical, complete system supply,
installation and integration services
including all hardware, software and
networking requirements. Service
provider will be required to perform
following tasks:
"Completed Online cum Computer
Based Test Examinations across India
having over 25000 candidates in each
assignment (Online cum CBT) during
last four financial years
# 2 assignments = 5marks
# 3 assignments = 10 marks
# 4 or more assignments = 20 marks"
Query/ Suggestion
Prime bidder or the consortium turnover
or can it be the turnover of the joint
venture/consortium member?
Firewall is one of the components of the
Security System. It is requested that
detailed security architecture and
requirements be provided by ASRB
which would be a benchmark for the
bidders to quote.
The answers submitted by the
candidates during CBT would be stored
in the database. These answers could be
read for the evaluation and should not
be changed even by ASRB or
System/Database Administrators. Is
ASRB looking for the Data Vault
feature for the database?
Does ASRB want to send the candidate
information or intimation thru SMS
also? Who would provide the SMS
gateway?
Can you please details out the scope of
non-technical manpower both at NOEC
and examination centres.
We are conducting online CBT based
tests for our own employees as a part of
their skill upgradation. It is suggested
that ASRB considers the CBT based
tests being conducted by the
organizations for their internal purposes
also.
36
Remarks by the Company
Reply to the query
Refer annexure I
No Change
Yes, the Bidder or JV
Partner(s)/Consortium
Partner(s) will provide SMS
gateway. Candidates must
agree for SMS to be sent on
their phones
NIL
No
S. No.
199
Bid reference No.
200
Page no 166
201
202
203
204
205
206
Page no 166
As per Bid Document
Query/ Suggestion
The requirement of CCTV in all the 23
locations has to be elaborated. The
following suggestions may be useful:
a) The CCTV System should be an IP
based CCTV System with IP cameras.
b) Please specify the locations & no.
of the cameras for which the site survey
would be required.
c) Can we quote HCL make Cameras
as well.
d) The location of control room and
recording duration is also required.
The network architecture layout diagram
is showing Load Balancer, Firewall, IPS
etc whereas specification and Bill of
material for the same have not been
defined in the RFP. Request you to
please provide the details
No specifications mentioned in the bid
document (in terms of sizing,
throughput, no of ports requirement etc.)
for Firewall, IPS etc.
Number of users/Nodes required who
would be accessing Internet for the
Antispam, URL filterting licences, AV
etc.
Quantity for components like Firewall,
IPS, AV, Antispam etc. not mentioned.
“Security at all layers” is an open
statement. We need to clarify the Scope
of the Security required to fulfill the
needs of ASRB
What would be the location of the DR
site as proposed in the RFP, also will it
be a hot link or a cold link with the data
center
The security against fire hazards at the
DC site needs to be
re-reviewed as per the latest standards.
37
Remarks by the Company
Reply to the query
IP Based CCTV is not
required
Refer annexure I
Refer annexure I
Refer annexure I
Refer annexure I
Refer annexure I
The location of the DR Site
will be the ASRB Campus
itself and it will be a cold
link with the Data Centre
ASRB will work out with
the successful Bidder or JV
Partner(s)/Consortium
Partner(s).
S. No.
207
Bid reference No.
As per Bid Document
Query/ Suggestion
The RFP talks of 2 servers at each test
center, will both these be application
servers or one each of application and
database server.
208
Refer Section 5.13.4, Additional
Technical Specifications, “Must have
crisis management protocols”? Are
these the procedures and policies or
reference to communication protocol,
please clarify?
209
Refer Section 6, Security System
Requirement, “Protect Assets and
Information “, we understand this refers
only to the data security.
Remarks by the Company
Reply to the query
Each of the two servers will
act as Application and
Database Server, but in
Cluster.
The Bidder or JV
Partner(s)/Consortium
Partner(s) should ensure the
maximum uptime of the
entire IT Infrastructure
inline to the Tender
requirement.
The Bidder or JV
Partner(s)/Consortium
Partner(s) should enable
ASRB in defining the
policies to safe guard entire
IT infrastructure from any
physical and logical
intrusion. However
safeguard Personnel will be
provided by ASRB for
physical Security
(G.P. Sharma)
Controller (Online Exams) & DD (F),
For & on behalf of ASRB, ICAR
38
Annexure - II
No. of Computers at 23 Locations
S. No.
Name of the Partners
No. of Computers Required
1
IARI, New Delhi
120
2
NAARM, Hyderabad
120
3
NDRI, Karnal
120
4
IVRI, Bareilly
120
5
CIFE, Mumbai
120
6
PDMAP, Anand
100
7
IISR, Lucknow
100
8
CIAE, Bhopal
100
9
TANUVAS, Chennai
100
CIFRI, Barrackpore
100
CIFA, Bhubaneshwar
100
10
11
12
CSRCRTI, Dehradun
100
13
CMFRI, Cochin
100
14
CAZRI, Jodhpur
100
15
ICAR RC NEH, Barapani
100
16
NIANP, Bangalore
100
ICAR RCER, Patna
50
CPRI, Shimla
50
17
18
19
CIPHET, Ludhiana
50
20
CICR, Nagpur
50
21
CITH, Srinagar
50
22
SKUAST, Jammu
50
23
CARI, Port Blair
20
Total Computers
2020
39
Annexure - III
No. : ASRB/COLE/42
Dated : 25-10-2011
Addendum No. 1
Addendum in the Bid Document (IFB) NO. ASRB/COLE/42 due on 14.10.2011 and extended upto 30.11.2011 for procurement of
Equipments/Goods/Services for “DEVELOPING, COMMISSIONING, OPERATING AND MANAGING AN ONLINE SYSTEM FOR
NET/ARS-PRELIM EXAMINATION IN ASRB ICAR”
Sub :
1.
The following specifications in the „Section – VI – Technical Specifications’ of subject Bid Document are amended as under :-
S.No
1
2
3
Ref. SI. No.
5.9.1 Primary HQ Site Servers (Blade technology)
Hard disk
Page No: 166
5.9.4 BCP/ DR Site Servers: Server Infrastructure for
Data Base servers
Page No: 171
5.9.3 Primary Site Storage specifications, & 5.9.5
BCP/ DR Storage Specifications
Disk Drive Support
Page No: 169 and 172
4
5.8 Enterprise Management Solution
Existing
5 X 300 GB SAS Hot-Swappable Hard
Drives per Server with 64 MB Cache
supporting RAID 1.
2 X 300GB SAS Hot Swappable HDD per server
configured in RAID 1.
5 X 300 GB Hot-Swappable Hard
Drives per Server with 64 MB Cache
supporting RAID 1.
2 X 300GB SAS Hot Swappable HDD per server
configured in RAID 1.
Offered Storage Array shall support
minimum 2 Gbps dual-ported 36 / 72 /
146/ 300GB hot-pluggable Enterprise
FC hard drives along with S-ATA/FATA (400GB / 500GB) drives in the
same device shelf..Heterogeneous
storage and operating systems from
different OEMs
None
Offered Storage Array shall support minimum 2 Gbps
dual-ported 300GB/450GB hot-pluggable Enterprise
FC/SAS2 hard drives along with S-ATA/F-ATA
(400GB / 500GB) drives in the same device shelf.
Heterogeneous storage and operating systems from
different OEMs.
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Page no. 165
5
As per the RFP Network Management Solution is
Required but there are no detailed specifications for
the desired functionality of the Solution.
5.8 Enterprise Management Solution
Page no. 165
To be read as
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
40
S.No
6
Ref. SI. No.
Existing
The Agency may also propose the other modules in
the EMS like Inventory Management, Performance
Management, Remote Management and SLA
monitoring.
General Query
None
Please suggest whether EMS Solution will be
deployed at DR which allows DR EMS to be made
active in case EMS at DC is down.
7
5.8 Enterprise Management Solution
To be read as
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
To be covered under section 5.9.6 on Page No 174
under the head: Backup Software Specifications
None
To be covered under Section 3.2 i.e. ASRB‟s Proposed
Examination System on Page No. 150
None
To be covered under Section 3.2 i.e. ASRB‟s Proposed
Examination System on Page No. 150
None
To be covered under Section 3.2 i.e. ASRB‟s Proposed
Examination System on Page No. 150
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Page no. 165
8
Please remove Data Back from EMS Section.
5.8 Enterprise Management Solution
Page no. 165
9
Please remove Post exam RTI/Legal Information
Management from EMS Section.
5.8 Enterprise Management Solution
Page no. 165
10
Please remove Website Development and
Management from EMS Section
5.8 Enterprise Management Solution
Page no. 165
11
Please remove Query Management from EMS
Section.
5.8 Enterprise Management Solution
Page no. 165
As per the RFP ITIL based IT Service Management
processes are required but there are no detailed
41
S.No
12
Ref. SI. No.
specifications for the desired functionality of the
Solution.
5.8 Enterprise Management Solution
Existing
To be read as
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
13
As per the RFP Database and Server Management
Solution are Required but there are no detailed
specifications for the desired functionality of the
Solution.
General Query
None
14
It is advised to have Application Performance
Monitoring Solution to monitor all the end user
transaction for all the web based transactions in case
of ASRB application Portal
General Query
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Intel i3-540 processor or equivalent
(3.00 GHz, 4MB or higher)
Intel Core i3-2100 Processor 3.10 GHz, 3M Cache (or
equivalent)
Intel P55 chipset or Higher
Intel Q65 or higher chipset
Integrated Intel Graphics Media
Accelerator 4500 or higher
Intel Integrated HD Graphics 2000
Page no. 165
As per the good practice EMS should provide
proactive traffic analysis capability. Such Proactive
traffic analysis will provide near real time bandwidth
utilization on the basis of protocols/ IP addresses
traversing through the link.
15
Do you require proactive traffic analysis to come as a
bundled feature with the proposed EMS?
Sec 5.13.2 Desktop Machines/ terminals
Processor
16
Page No: 178
Sec 5.13.2 Desktop Machines/ terminals
17
Chipset
Page No: 178
Sec 5.13.2 Desktop Machines/ terminals
Graphic
Page No: 178
42
S.No
18
Ref. SI. No.
Sec 5.13.2 Desktop Machines/ terminals
Monitor
19
Page No: 178
Sec 5.13.2 Desktop Machines/ terminals
Existing
Minimum 17‟‟ Widescreen Flat Panel
1366x768 resolution or better, Tilt
adjustment capability, response time : 5
ms, FCC, UL, TFT-TCO-03 Certified
(Same make as OEM)
2 internal 3.5‟‟ 1 internal 3.5‟‟
18.5" LED Widescreen Monitor with 1366x768
resolution or better, Tilt adjustment capability,
response time : 5 ms, FCC, UL, TFT-TCO-05
Certified (Same make as OEM)
Standards Blue Angel, CECP,
ENERGY STAR® 4.0, TCO 05,
WEEE, RoHS
ENERGY STAR® (or equivalent), TCO 05, RoHS
Network: Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy
System Diagnostics: Blade server
should have Light indicators to the
failing component in order to reduce
downtime and Pre Failure alert
mechanism to highlight the
deteriorating health of the components
like Hard Drives, processors, memory.
Hard Disk: 5 X 300 GB SAS HotSwappable Hard Drives per Server with
64 MB Cache supporting RAID 1.
Network: Dual gigabit 10/100/1000 Ethernet
controllers Wake on LAN / Serial over LAN /Full
Duplex/TCP/IP Offload Engine / Load balancing or
streaming. Blade Server should have dual Connections
to the mid plane for redundancy in case of Active Mid
plane or Passive Mid Plane to be offered.
Network: Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
Network: Dual gigabit 10/100/1000 Ethernet
controllers Wake on LAN / Serial over LAN /Full
Duplex/TCP/IP Offload Engine / Load balancing or
streaming. Blade Server should have dual Connections
to the mid plane for redundancy in case of Active Mid
Number of Bays
20
Page No: 178
Sec 5.13.2 Desktop Machines/ terminals
Environmental and Regulatory Standards
21
Page No: 178
5. TECHNICAL SPECIFICATIONS :
5.9.1 Primary HQ Site Servers (Blade technology)
Page No: 166
22
5. TECHNICAL SPECIFICATIONS :
5.9.1 Primary HQ Site Servers (Blade technology)
Page No: 166
23
5. TECHNICAL SPECIFICATIONS :
5.9.1 Primary HQ Site Servers (Blade technology)
To be read as
(2) 5.25" External Bay for Optical Drive
(1) 3.5" External Bay for Media Card Reader
(2) 3.5" Internal Bays for HDD
System Diagnostics: Blade server should have Light
indicators or LCD display for the failing component in
order to reduce downtime and Pre Failure alert
mechanism to highlight the deteriorating health of the
components like Hard Drives, processors, memory.
Hard Disk: 2 X 300GB SAS HotSwappable HDD per
server configured in RAID 1.
Database Server
24
Page No: 167
5. TECHNICAL SPECIFICATIONS :
5.9.1 Primary HQ Site Servers (Blade technology)
Database Server
43
S.No
Ref. SI. No.
Page No: 167
25
5. TECHNICAL SPECIFICATIONS :
5.9.1 Primary HQ Site Servers (Blade technology)
Database Server
Page No: 167
26
5. TECHNICAL SPECIFICATIONS :
5.9.2 Blades Enclosure (Chassis)
Page No: 168
27
5. TECHNICAL SPECIFICATIONS :
5.9.2 Blades Enclosure (Chassis)
28
5. TECHNICAL SPECIFICATIONS :
5.9.3 Primary Site Storage Specifications
29
Page No: 169
5. TECHNICAL SPECIFICATIONS :
5.9.3 Primary Site Storage Specifications
Page No: 170
30
5. TECHNICAL SPECIFICATIONS :
5.9.4 BCP/DR Site Servers
Existing
To be read as
dual Connections to the mid plane for
redundancy
System Diagnostics: Blade server
should have Light indicators to the
failing component in order to reduce
downtime and Pre Failure alert
mechanism to highlight the
deteriorating health of the components
like Hard Drives, processors, memory.
Fiber Channel Switches: Fiber
Channel Switches with 4 Gbps ports
fitted into Enclosure to cater to 2 FC
Ports per Blade in Redundant
Configuration.
SAN Connectivity: 8Gbps SAN
switches / 4Gbps pass through modules
to be provided in redundant
configuration for option of connecting
all the blades to External San Fabric
Configuration. It should help minimize
the Fiber Channel Cables Coming out
of the chassis and the Ports to be used
in external SAN Fabric.
Capacity & Scalability: 1. The Storage
Array shall be offered with 5TB raw
Capacity using 146GB 10K rpm drives.
plane or Passive Mid Plane to be offered.
Investment Protection: Customer shall
have the flexibility to migrate to next
higher model of same series with data
in Place and without replacing the
Storage Array controller.
Investment Protection: Customer shall have the
flexibility to migrate to next higher model of same
series with data in Place and with / without replacing
the Storage Array controller.
Hard Disk: 5 X 300 GB SAS HotSwappable Hard Drives per Server with
64 MB Cache supporting RAID 1.
Hard Disk: 2 X 300GB SAS Hot Swappable HDD per
server configured in RAID 1.
Network: Dual gigabit 10/100/1000
Ethernet controllers Wake on LAN /
Network: Dual gigabit 10/100/1000 Ethernet
controllers Wake on LAN / Serial over LAN /Full
System Diagnostics: Blade server should have Light
indicators or LCD display for the failing component in
order to reduce downtime and Pre Failure alert
mechanism to highlight the deteriorating health of the
components like Hard Drives, processors, memory.
Fiber Channel Switches: Fiber Channel Switches with
8 Gbps ports fitted into Enclosure to cater to 2 FC
Ports per Blade in Redundant Configuration.
SAN Connectivity: 8Gbps SAN switches to be
provided in redundant configuration for option of
connecting all the blades to External San Fabric
Configuration. It should help minimize the Fiber
Channel Cables Coming out of the chassis and the
Ports to be used in external SAN Fabric.
Capacity & Scalability: 1. The Storage Array shall be
offered with 5TB raw Capacity using 300GB/400GB
10/15K rpm drives.
Page No: 171
31
5. TECHNICAL SPECIFICATIONS :
5.9.4 BCP/DR Site Servers
44
S.No
Ref. SI. No.
Page No: 171
32
5. TECHNICAL SPECIFICATIONS :
5.9.4 BCP/DR Site Servers
Page No: 171
33
34
5. TECHNICAL SPECIFICATIONS :
5.9.5 BCP/DR Storage Specifications
Page No: 172
5. TECHNICAL SPECIFICATIONS :
5.9.5 BCP/DR Storage Specifications
Page No: 174
35
Security at all layers
Existing
Serial over LAN /Full Duplex/TCP/IP
Offload Engine / Load balancing or
streaming. Blade Server should have
dual Connections to the mid plane for
redundancy
Duplex/TCP/IP Offload Engine / Load balancing or
streaming. Blade Server should have dual Connections
to the mid plane for redundancy in case of Active Mid
plane or Passive Mid Plane to be offered.
System Diagnostics: Blade server
should have Light indicators to the
failing component in order to reduce
downtime and Pre Failure alert
mechanism to highlight the
deteriorating health of the components
like Hard Drives, processors, memory.
Capacity & Scalability: 1. The Storage
Array shall be offered with 5TB raw
Capacity using 146GB 10K rpm drives.
System Diagnostics: Blade server should have Light
indicators or LCD display for the failing component in
order to reduce downtime and Pre Failure alert
mechanism to highlight the deteriorating health of the
components like Hard Drives, processors, memory.
Investment Protection: Customer shall
have the flexibility to migrate to next
higher model of same series with data
in Place and without replacing the
Storage Array controller.
None
Investment Protection: Customer shall have the
flexibility to migrate to next higher model of same
series with data in Place and with / without replacing
the Storage Array controller.
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Page No: 163
36
Is there a visibility on activities on database
infrastructure? For example who is accessing what
information? (Specially privilege user activity
monitoring)?
Enterprise Management Solution
Page No: 165
To be read as
Capacity & Scalability: 1. The Storage Array shall be
offered with 5TB raw Capacity using 300GB/400GB
10/15K rpm drives.
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Should the database have built-in provision to
administer database / database clusters, Monitor
performance, Maintain database, Backup and
recovery, Disaster recovery management along with
options to do diagnosis, performance tuning with the
SQL analysis, finding the events, advisory based
45
S.No
37
38
39
Ref. SI. No.
Existing
To be read as
Page No: 170
Agency shall also offer the
performance management software for
Storage Array.
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Please include to show statistic information for the
storage OR Agency shall also offer the performance
management software for Storage Array.
5.13.2. Desktop machines/terminals (Qty: 2020)
Ports: 8 USB 2.0
Ports: 6 USB 2.0 Ports (4 Rear and 2 Front) as this is
Industry standard.
Environment - Standards
EN50091-1 for safety
EN50091-2 for EMC
Conformity: UL 1778, cUL 107.1,
107.2, (120V models),
CE (230V Models)
Transient Immunity (120V): Per IEEE
62.41 (formerly IEEE 587)
Transient Immunity (220V): Per IEEE
C 61000-4-5 level 3
Protection Class - IP-31
Environment - Standards
EN50091-1 for safety
EN50091-2 for EMC
Conformity: UL/ CE certified or equivalent 1778, cUL
107.1, 107.2, (120V models),
CE (230V Models)
Transient Immunity (120V): Per IEEE 62.41 (formerly
IEEE 587)
Transient Immunity (220V): Per IEEE C 61000-4-5
level 3
Protection Class - IP-21
Battery - Minimum VAH rating24AH, no. of batteries for 60 minutes
backup with appropriate racks
Battery - Minimum 13440 VAH rating (28AH X 40
nos. batteries X 12 volt each )
tuning mechanisms with the history?
5.9.3 - Sr.No. 1.1.6 Performance management
Page No: 178
5.13.3. Technical specifications for 10KVA online
UPS system at each test centre and NOEC
Page No: 179
40
5.13.3. Technical specifications for 10KVA online
UPS system at each test centre and NOEC
41
Page No: 180
5.13.3. Technical specifications for 10KVA online
UPS system at each test centre and NOEC
42
Page No: 179
5.13.3. Technical specifications for 10KVA online
UPS system at each test centre and NOEC
Battery Makes - Global-Yuasa/Amara
Raja/ Exide
Battery Makes - Global-Yuasa/Amara Raja/ Exide or
equivalent
Page No: 179
5.8 Enterprise Management Solution
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
43
Page no. 165
As per the RFP Asset Management Solution is
required but there are no detailed specifications for
the desired functionality of the Solution
46
S.No
44
Ref. SI. No.
3.5 Establishment of Server and Software - Test
Delivery Services
Existing
To be read as
Well protected from any threats
through Firewall
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
Pg 153
Firewall is one of the components of the Security
System. It is requested that detailed security
architecture and requirements be provided by ASRB
which would be a benchmark for the bidders to
quote.
45
General Query
None
46
The network architecture layout diagram is showing
Load Balancer, Firewall, IPS etc whereas
specifications and Bill of material for the same have
not been defined in the RFP.
General Query
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
47
No specifications mentioned in the bid document (in
terms of sizing, throughput, no of ports requirement
etc.) for Firewall, IPS etc.
General Query
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
48
Number of users/Nodes required who would be
accessing Internet for the Antispam, URL filtering
licences, AV etc.
General Query
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
49
Quantity for components like Firewall, IPS, AV,
Antispam etc. not mentioned.
General Query
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
Please refer Annexure A to be added at Page No 191
as “10.12. Other Specifications” under the heading 10.
General Specifications
None
New Section to be added under Section 10. General
Specifications as Sub – Section 10.12. Other
Specifications on Page No 191. Details of the section
are enclosed as annexure.
“Security at all layers” is an open statement. We
need to clarify the Scope of the Security required to
fulfill the needs of ASRB
50
10. General Specifications
Page No 188
47
S.No
51
52
53
Ref. SI. No.
Existing
To be read as
HDD
Sec 5.13.2 Desktop
Machines/ terminals
Page No: 178
Section 3.7
250 GB 7200RPM SATA II
500-GB 7.2K rpm SATA 6.0Gb/s
Security with respect to the data and
infrastructure
5.13.2/ Pg#
181
Antivirus:
Pre-loaded Anti-Virus (etrust/Trend
Micro/Symantec/Norton/Macafee)
software with upgrade and
spyware protection with 3 years
license.
. Make Certain that system used in performing
examinations are protected by strict technical controls
and receive periodic validations
2.
Implement process that require all examinations
be conducted on special-use computers that are used
SOLELY for online examination. No other use of the
machine should be permitted – no e-mail, no web
browsing, no general-purpose business use
3.
Make certain that personnel involved in
performing online examinations configurations have
the necessary security awareness and training. Those
persons should receive targeted training on Phishing
and this threat
4.
Have written policies defining the controlled
environment in which online examinations can be
conducted, e.g. what systems can be used, how they
must be maintained, required personnel training, etc.
5.
Data transfer should be in encrypted form
6.
Various access controls for unauthorized access
7.
Trial runs
“Pre-loaded Anti-Virus (Forefront/ e-tru0020st/Trend
Micro/Symantec/Norton/Macafee)
software with upgrade and
spyware protection with 3 years
License.”
48
NOTE: Bidders have used the word “RFP” in place of “IFB” in their queries. The term “RFP” may please be read as “IFB”.
Installation site:
The hardwares will be installed at ASRB, KAB-I, Pusa, New Delhi – 110 012 and 23 locations (Annexure attached). The prospective
Bidders may visit the sites for assessing the requirements/estimates.
3. The following corrigendum issued to the subject IFB may also be noted wherever applicable in the bid document.
Description
Last date and time for receipt of bids
Time & date of opening of bids
Qualification Criteria Point 2
Existing
14.10.2011 by 11.00 AM
14.10.2011 at 02.30 PM
Bidder or its JV partner should be an established
online solution providing company, should have
successfully executed two assignments of similar
nature during the last four financial years (supply and
installation of Computer Hardware and/or Servers
comprising of at least 1000 peripherals and
Conducting Online cum Computer Based Test
Examinations of which at least one assignment
should be of Rs. 300 Lakhs or more)
Qualification Criteria Point 3
The Bidder or its JV Partner must have on its roll at
least 50 technically qualified professionals in
Networking
System,
System
Integration,
Programmers, Project Management Professionals and
prior experience in conducting Online Cum
Computer Based Test (CBT) Examinations and
System Integration.
The bidder should have turnover of at least Rs. 100
crores per year for last 3 Financial Years ending on
31.03.2011.
Qualification Criteria Point 4
ITB 6.1 (a) S.No. 2
Bidder or its JV partner should be an established
online solution providing company, should have
successfully executed two assignments of similar
nature during the last four financial years (supply and
installation of Computer Hardware and/or Servers
comprising of at least 1000 peripherals and
Conducting Online cum Computer Based Test
Examinations of which at least one assignment
Amended to
13.01.2012 by 2:30 PM
13.01.2012 by 3:00 PM
Bidder or JV partner(s) / Consortium Partner(s)
should be an established online solution providing
company, should have successfully executed two
assignments of similar nature during the last four
financial years (supply and installation of
Computer Hardware and/or Servers comprising of
at least 1000 peripherals and Conducting Online
cum Computer Based Test Examinations of which
at least one assignment should be of Rs. 300
Lakhs or more)
The Bidder or JV Partner(s) / Consortium
Partner(s) must have on its roll at least 50
technically qualified professionals in Networking
System, System Integration, Programmers, Project
Management Professionals and prior experience
in conducting Online Cum Computer Based Test
(CBT) Examinations and System Integration.
The Bidder or JV Partner(s) / Consortium
Partner(s) should have turnover of at least Rs. 100
crores per year for last 3 Financial Years ending
on 31.03.2011.
The Bidder or JV partner(s) / Consortium
Partner(s) should be an established online solution
providing company, should have successfully
executed two assignments of similar nature during
the last four financial years (supply and
installation of Computer Hardware and/or Servers
comprising of at least 1000 peripherals and
Conducting Online cum Computer Based Test
49
should be of Rs. 300 Lakhs or more)
ITB 6.1 (a) S.No. 3
ITB 6.1 (a) S.No. 4
ITB 6.2 (h)
The Bidder or its JV Partner must have on its roll at
least 50 technically qualified professionals in
Networking
System,
System
Integration,
Programmers, Project Management Professionals and
prior experience in conducting Online Cum
Computer Based Test (CBT) Examinations and
System Integration.
The bidder should have turnover of at least Rs. 100
crores per year for last 3 Financial Years ending on
31.03.2011.
The Joint Venture Agreement should be registered in
India, so as to legally valid and bidding on partners;
and
Examinations of which at least one assignment
should be of Rs. 300 Lakhs or more)
The Bidder or JV Partner(s) / Consortium
Partner(s) must have on its roll at least 50
technically qualified professionals in Networking
System, System Integration, Programmers, Project
Management Professionals and prior experience
in conducting Online Cum Computer Based Test
(CBT) Examinations and System Integration.
The Bidder or JV Partner(s) / Consortium
Partner(s) should have turnover of at least Rs. 100
crores per year for last 3 Financial Years ending
on 31.03.2011.
The Joint Venture Agreement should be registered
in India, so as to legally valid and binding on
partners; and
Note: The term "Joint Venture" is a term used to describe a partnership among two or more prospective bidders for the purpose of carrying out
the contract with the understanding that all partners of such undertakings shall be liable jointly and severally for the execution of the Contract
in accordance with the Contract terms, and a statement to this effect shall be included in the power of attorney authorizing the partner in charge
to sign on behalf of the JV, in the bid as well as in the Contract (in case of a successful bid). In other words, the semantics should not obviate
the meaning of the provisions of the bidding documents and the contract terms. Please note that the term JV or Consortium shall have the same
meaning and that all provisions of the bidding documents that refer to JV or JV agreement shall also apply to consortium-type arrangements.
All other terms and conditions of the subject bid document will remain unchanged.
(G.P. Sharma)
Controller (Online Exams) & DD (F),
For & on behalf of ASRB, ICAR
50
Annexure A
Schematic Diagram:
ISP-1
ISP-2
Router
Link Load
Balaner
Link Load
Balaner
Layer2
Switch
DMZ Switch
Firewall
Firewall
DMZ
Web Servers
Layer3 CORE
Switch
Layer3 CORE
Switch
DB Servers
Appl Servers
AntiVirus
LDAP
EMS
Backup
Management
Server
51
Schematic Diagram:
Data center
S No
Item Description
1
2
3
4
5
6
7
8
9
10
Servers - LDAP
Servers - Application
Servers - Web Layer
Servers – Database
Back-up Servers – Database
Storage
Tape Library
Backup Software
Firewall
NIPS
11
HIPS +AV
12
AV
13
Link Load Balancer
Enterprise Managemant System ( To monitor It Infrfrastructure
across DC, DR & Locations)
Router
Layer-3 Core Switch
Layer-2 Switch
14
15
16
17
Quantity
1
2
2
2
2
1
1
1
2
2
As per number of
Servers
As per number of
desktops
2
1 Set
2
2
4
Disaster Recovery Site
S No
Item Description
DR
52
1
2
3
4
5
6
Servers – Database
Storage
Backup Software
Tape Library
Firewall
NIPS
7
HIPS + AV
8
Antivirus
2
1
1
1
1
1
As per number of
Servers
As per number of
desktops
9
Link Load Balancer
10
Router
11
Layer-3 Core Switch
12
Layer-2 Switch
Locations
S No
1
2
3
3
4
5
1
1
1
1
Item Description
Servers – Application
Desktops / Terminals
UPS
AV
Location Router
Layer-2 Switch
Quantity
2 per Location
2020
As required
2020
23
86
53
Specifications:
Tape Library:















Offered Tape Library shall support Native data capacity of 36TB (uncompressed) expandable to 72TB (2:1 compressed).
Tape Library shall provide web based remote monitoring capability.
The Tape Library unit shall be configured with one FC LTO Gen5 Tape Drives and minimum of 24 slots.
Tape Library shall be scalable to 5 drives and 120 slots either within the same frame or by cascading another frame.
Tape Drive Architecture in the Library shall conform to Ultra3 SCSI standards.
Offered LTO5 drive in the Library shall conform to the Continuous and Data rate matching technique for higher reliability.
Offered LTO5 drive in the library shall offer optional WORM support and embedded AES 256 bit Encryption support.
Offered Library shall be provided with a hardware device like USB key, separate appliance etc. to keep all the encrypted keys in a redundant
fashion.
Offered LTO5 drive shall have native speed of 140MB/sec and a compressed speed of 280 MB/sec for 2:1 compression.
Tape Library shall provide Fiber connectivity to SAN Environment.
For optimal Performance. Tape Library shall provide 8Gbps Native FC interface connectivity to SAN switches.
Tape Library shall be offered with minimum of 24 slots and barcode reader.
Tape library shall support removable magazine and mail slot.
Tape Library shall be supplied with software which can predict and prevent failures through early warning and shall also suggest the required
service action.
Offered Software shall also have the capability to determine when to retire the tape cartridges and what compression ratio is being achieved.
Specification for Firewall:
Sl. no
Specifications
Compliance
(Yes/No)
General Requirements:
1
2
Firewall should support “Stateful” policy inspection technology. It should also have
application intelligence for commonly used TCP/IP protocols like telnet, ftp etc.
It should support the Firewall, IPSEC VPN & Bandwidth Management as integrated
security functions which should be available based on software blade architecture
54
3
Firewall & Integrated IPSEC VPN Applications should be ICSA Labs certified for ICSA
4.0, FIPS 140-2 certified and OPSEC Certified
5
Appliance should support for Active – Active connections. It should not depend
upon any 3rd party product or alliance for the same.
Licensing should be a per device and not user/IP based (should support unlimited
users)
6
Firewall Architecture should be on multiple tiers (firewall module, logging & policy
and WebUI Console) and should be centrally managed.
4
7
8
9
10
11
The communication between all the components of Firewall System (firewall
module, logging & policy and WebUI Console) should be encrypted with SSL or PKI.
Complete firewall management solution including real-time monitoring, event logs
collection, & policy enforcement should be from a single device only (mgt
server/appliance).
Firewall should be supplied with the support for dynamic routing protocols, like RIP
v2, OSPF, & BGP.
Firewall should support the multicast protocols as a multicast host, by participating
in DVMRP, IGMP and PIM-DM / PIM-SM
Firewall system should have a provision to handle the bandwidth management, if
the same is required without additional cost It should offer the Bandwidth
Management for every TCP, IPSEC, & VoIP protocols with attributes of Minimum
Committed Bandwidth per protocol; Maximum Bandwidth per protocol; Priority for
the queues; ToS; etc
13
The firewall system should have at least 100 GB local hard-disk in order to keep the
event logs in the event of management server connection failure, etc.
All UTM features like Antivirus, Web filtering, Messaging Security & Intrusion
Prevention should be supported as Software blades & should be independent,
modular & centrally managed
14
Integrated IPS should be NSS Certified
15
It should support the VOIP traffic filtering
16
Appliance should provide simple and secure remote access to corporate application
over Internet via Smartphone, iPad or PC's
17
Appliance should have Identity Awareness Capabilities
18
Appliance should support Application control functionalities
12
55
19
20
21
22
23
Application Control should be integrated with Identity Awareness
Firewall should have a provision to support Network DLP for SMTP,HTTP and SMTP if
required in future.
Network DLP should support User Check, Ask, Inform functionality along with Detect
and Prevent mode
Firewall should support the functionality of Workflow and Audit for the Rule Change
Management Process and if required can be integrated with Centralized
management.
The Rule Change Management process should support Tracking and Audit trails with
Graphical comparison of Rule change with Session management and Change
approval
Hardware and Interface Requirements
The platform must be supplied with at least 4 10/100/1000Mbps interfaces on
1
Copper
The Appliance should have 10/100/1000 Mbps Dedicated interface for Management
2
and Sync.
3
Firewall appliance should have Console port and USB Ports
4
8
Appliance should be rack mountable
The platform should support open architecture for security controls and doesn’t
deploy proprietary ASIC, limiting the solution capability for expansion of the same
against evolving threats, etc.
The firewall should balance security decisions across multiple cores at any given
time.
The resource optimization technologies like utilizing multiple CPU Cores at any given
time for functions like Firewall and IPS.
Firewall should offload security inspection to performance optimised software
module
9
Firewall should have Hardware Sensor Monitoring capabilities.
10
The platform should support VLAN tagging (IEEE 802.1q)
11
The firewall should support ISP link load balancing
12
Active – Active Load Balancing: The firewall must support Stateful active-active load
balancing and high availability for redundancy.
5
6
7
56
13
14
Firewall should support Link Aggregation functionality to group multiple ports as
single port.
Firewall should support Ethernet Bonding functionality for Full Mesh deployment
architecture.
Performance Requiremnets
1
Firewall Throughput should be 1.5 Gbps
2
Integrated VPN throughput should be more than 120 Mbps
3
The Firewall must support at least 600,000 concurrent sessions
4
Appliance should have a capability to support for more than 1000 VLANs
5
IPS thoughput support should be be more that 1 Gbps
Architecture Features
1
Proposed Solution should be distributed on multiple tiers, with separate
components Firewall Modules, Firewall Management & Monitoring Server and GUI
Console
2
The communication between all the components of Firewall System (firewall
module, logging & policy management server, and the GUI/WebUI Console) should
be encrypted with SSL or PKI.
3
Firewall Real-Time Monitoring, Management & Log Collection (with storage) should
be a SINGLE Appliance / Server
4
It should support the system authentication with TACACS+, RADIUS
5
Firewall Appliance should have a feature of holding multiple OS images to support
resilience & easy rollbacks during the version upgrades
Network Protocols/Standards Support Requirements
1
2
3
4
5
It should support at least 200 protocols
Firewall Modules should support the deployment in Routed as well as Transparent
Mode
The Firewall should also support the standard Layer 3 mode of configuration with
Interface IP’s.
The Firewall must provide state engine support for all common protocols of the
TCP/IP stack
The Firewall must provide NAT functionality, including dynamic and static NAT
57
translations
6
10
All internet based applications should be supported for filtering like Telnet, FTP,
SMTP, http, DNS, ICMP, DHCP, ARP, RPC, SNMP, Lotus Notes, Ms-Exchange etc
Local access to the firewall modules should support authentication protocols –
RADIUS & TACACS+
Firewall should support authentication proxy for Remote VPN, HTTP/HTTPS
Applications Access, and various other applications
Firewall should support the authentication protocols RADIUS, LDAP, TACACS, and
PKI methods
Firewall should support PKI Authentication with PCKS#7 & PCKS#10 standards
11
It should support BGP, OSPF, RIPv1 &2, Multicast Tunnels, DVMRP protocols
7
8
9
Firewall Filtering Requirements
1
2
3
4
5
6
7
8
9
It should support the filtering of TCP/IP based applications with standard TCP/UDP
ports or deployed with customs ports
The Firewall should also support the standard Layer 3 mode of configuration with
Interface IP’s. It should be possible to protect the firewall policies from being
compromised.
The Firewall must provide state engine support for all common protocols of the
TCP/IP stack
The Firewall must provide filtering capability that includes parameters like source
addresses, destination addresses, source and destination port numbers, protocol
type
The Firewall should be able to filter traffic even if the packets are fragmented.
All internet based applications should be supported for filtering like Telnet, FTP,
SMTP, http, DNS, ICMP, DHCP, ARP, RPC, SNMP, Lotus Notes, Ms-Exchange etc
It should support the VOIP Applications Security by supporting to filter SIP, H.323,
MGCP and Skinny flows.
It should be able to block Instant Messaging like Yahoo, MSN, ICQ, Skype (SSL and
HTTP tunneled)
It should enable blocking of Peer-Peer applications, like Kazaa, Gnutella, Bit Torrent,
IRC (over HTTP)
58
12
The Firewall should support authentication protocols like LDAP, RADIUS and have
support for firewall passwords, smart cards, & token-based products like SecurID,
LDAP-stored passwords, RADIUS or TACACS+ authentication servers, and X.509
digital certificates.
The Firewall should support database related filtering and should have support for
Oracle, MS-SQL, and Oracle SQL-Net.
The Firewall should provide advanced NAT capabilities, supporting all applications
and services-including H.323 and SIP based applications
13
Should support CLI & GUI based access to the firewall modules
14
15
Local access to firewall modules should support role based access
Local access to the firewall modules should support authentication protocols –
RADIUS & TACACS+
16
QoS Support [Guaranteed bandwidth, Maximum bandwidth, Priority bandwidth
utilization, QOS weighted priorities, QOS guarantees, QOS limits and QOS VPN]
10
11
Administration,Management and Logging Functionality
1
Firewall Real-Time Monitoring, Management & Log Collection (with storage) should not
be distributed to more than ONE server/appliance.
2
Secondary (SLAVE) Management Server should support the MASTER role once the
Disaster recovery is triggered for any or multiple management domains in the
Management Server.
3
Any changes or commands issued by an authenticated user should be logged to a
database.
4
Firewall Management system should also provide the real time health status of all the
firewall modules on the dashboard for CPU & memory utilization, state table, total # of
concurrent connections and the connections/second counter.
5
Firewall must send mail or SNMP traps to Network Management Servers (NMS) in
response to system failures or threshold violations of the health attributes.
6
The Firewall must provide simplified provisioning for addition of new firewalls where by a
standard firewall policy could be pushed into the new firewall
7
The Firewall administration station must provide a means for exporting the firewall rules
set and configuration.
Support for role based administration of firewall
8
59
9
The Firewall administration software must provide a means of viewing, filtering and
managing the log data.
10
The Firewall logs must contain information about the firewall policy rule that triggered the
log.
The Firewall must provide a minimum basic statistics about the health of the firewall and
the amount of traffic traversing the firewall.
11
Specification for Intrusion Prevention System: 1Gbps

IPS (Intrusion Prevention Systems) should detect and actively prevent attacks in real-time and should be placed in INLINE mode scanning
bidirectional traffic

IPS Device should have minimum 1Gbps throughput scalable to 3-Gigabit IPS performance.

IPS system should provide protection for minimum 6 Gigabit inline copper segments and two fiber gigabit inline segments in a single Device.

IPS system should have dedicated out-of-band management port.

IPS and firewall should be from different OEM to achieve layered security approach.

IPS system should have concurrent session handling capacity of 2-Million sessions.

IPS system should have configurable fail-open/fail-close mechanism for minimum 6 gigabit inline copper segments.

IPS system should support MPLS and 802.1 Q tagged VLAN environment. IPS system should be capable to scan VLAN tagged frames bi-directionally
for malicious content.

IPS system should have Signatures for Virus, worms, backdoors, trozans & malwares signatures developed in-house to avoid dependency on third
party for signatures updates.

NIPS should be a dedicated appliance and not a Unified Threat Management (UTM).

NIPS should be able to monitor IPV6 traffic and block attacks in IPV6 packets.

Should have 100v-240V 50-60Hz AC Power Supply
60

IPS system should have following network wide protections
o Protect against DoS/DDoS flood attacks using behavioral analysis technology
o Syn flood protection with Syn Cookies
o Fuzzy logic based Adaptive Behavioral protection for Zero day attack mitigation
o Protect against zero-minute malware spread
o Protect against port scanning, host scanning and ping sweeps
o Mass propagating worm protection

IPS system should have following Server based protections
o Protect against HTTP Page flood attacks
o Protect against Brute force attacks
o Protect against web application vulnerability scanning
o Protect against VoIP service misuse attacks
o Protect against connection flood attacks
IPS system should have Static and dynamic Access control list
Security policies
o Security policies per segment
o Security policies per VLAN
o Security policies per Source/ Destination subnet



Actions on Attack Detection
o Block attacks in real time
o Drop Attack Packets
o Reset Connections
o Packet Logging
o Action defined per Attack

Integrated bandwidth management and traffic shaping to provision dedicated bandwidth and burst bandwidth, enabling full control and
optimization of application performance and SLAs.

IP System should have comprehensive Application level Bandwidth Management capability for end to end QoS
o Rate shaping capability for provisioning Guaranteed and burst bandwidth
o Rate shaping policies per segment, per source/destination subnet, source/destination port, VLANID, Application header and Content based
o TOS bits marking and reading
o Should have capability for scheduling Bandwidth management Policies with option of date, time and day of week.
Alerts
o Alerting SNMP

61









o Log File
o Syslog
o E-mail
Security Maintenance
o IPS Should support 24/7 Security Update Service
o IPS Should support Real Time signature update
o IPS Should support Automatic signature synchronization from database server on web
o IPS Should support Provision to add static own attack signatures upto 1000.
For each attack the system should send a complete capture of the filtered packet along with the attack event report to management station
IPS system should have Centralized configuration, management & Reporting station with provision for secure communication & authentication
between IPS & management station.
Provision for structured reporting to reduce security events messages floods when the device is under attack. Instead of sending an event per each
security event, the device should send an event within a pre-defined reporting period.
Provision to generate customize reports according to
o Date and Time
o Subnets (Networks/ IP Address)
o Attack Type
o Attack groups
Management station should provide extensive event logging.
Should provide following reporting mechanism
o User defined report
o Executive reports (graphical with top ten Source, destination, attacks, etc.)
o Pre defined reports for top sources/destination/attack/attack type, etc.
Offered IPS product line should be minimum EAL-3 certified.
Device Management
o SNMP V1, 2C, 3
o HTTP, HTTPS
o SSH, Telnet, Console
62
Specification for HIPS
Host Intrusion Prevention System (To be provided on all the servers)
Slno
1
1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
1.9
1.10
1.11
1.12
2
Compliance
(Yes/No)
Specifications
Firewall
The firewall shall be bidirectional (both inbound and outbound)
Firewall shall have the capability to define different rules to different network interfaces.
Firewall should support Stateful Configurations.
Firewall rules should filter traffic based on source and destination IP address, port, MAC address, etc.
Firewall should detect reconnaissance activities such as port scans.
Solution should provide policy inheritance exception capabilities.
Solution should have the ability to lock computer (prevent all communication) except with management server.
Firewall should integrate with Vmware ESXi hyperviser and need not to install agents on the guest VMs
The firewall should be able to detect protocol violations of standard protocols
Solution should have Security Profiles allows Firewall rules to be configured for groups of systems, or individual
systems. For example, all Windows 2003 servers use the same operating system rules which are configured in a
single Security Profile which is used by several servers.
Solution should provision inclusion of packet data on event trigger for forensic purposes.
2.1
The solution should protect against Distributed DoS attacks
Deep Packet Inspection
Deep Packet Inspection (IDS/IPS) should support virtual patching both known and unknown vulnerabilities until
the next scheduled maintenance window.
2.2
Virtual Patching should be achieved by using a high-performance deep packet inspection engine to intelligently
examine the content of network traffic entering and leaving hosts.
63
2.3
Should provide automatic recommendations against existing vulnerabilities, Dynamically tuning IDS/IPS sensors
(Eg. Selecting rules, configuring policies, updating policies, etc...)
2.4
Should provide automatic recommendation of removing assigned policies if a vulnerability no longer exists - For
Example - If a patch is deployed
2.5
Deep Packet Inspection should protect operating systems, commercial off-the-shelf applications, and custom
web applications against attacks such as SQL injections and cross-site scripting
2.9
The solution should allow imposing HTTP Header length restrictions
The solution shall have the capability to inspect and block attacks that happen over SSL
The solution should allow to block and allow resources that are allowed to be transmitted over http or https
connections
2.9
Detailed events data to provide valuable information, including the source of the attack, the time, and what the
potential intruder was attempting to exploit, shall be logged
2.10
Solution should be capable of Information gathering about network hosts and their activities, such as operating
system, services, open ports, client applications and vulnerabilities.
2.6
2.8
2.11
2.12
Solution should be capable of blocking and detecting of IPv6 attacks.
Solution should offer protection for virtual or physical, or a combination of both the environment
2.13
DPI should have Exploit rules which are used to protect against specific attack variants providing customers
with the benefit of not only blocking the attack but letting security personnel know exactly which variant the
attacker used (useful for measuring time to exploit of new vulnerabilities)
2.14
The solution OEM should deliver virtual patching updates within 24 hours of an application vendor announcing
a vulnerability in their system
2.15
DPI should have Smart rules provide broad protection, and low-level insight, for servers and end-user systems.
For operating systems and applications, the rules limit variations of elements of traffic, limiting the ability of
attackers to investigate possible attack vectors since many attacks are based on exceeding expected
characteristics. Smart rules are also used to protect web applications (commercial and custom) from attack by
shielding web application vulnerabilities such as SQL Injection and Cross-Site Scripting.
64
2.16
DPI should have Application Control rules provide increased visibility into, or control over, the applications that
are accessing the network. These rules will be used to identify malicious software accessing the network and
provide insight into suspicious activities such as allowed protocols over unexpected ports (FTP traffic on a mail
server, HTTP traffic on an unexpected server, or SSH traffic over SSL, etc.) which can be an indicator of malware
or a compromise.
2.17
2.18
2.19
2.20
Solution should work in detect only mode and prevent mode.
Solution should support automatic and manual tagging of events.
Solution should provide policy inheritance exception capabilities.
Solution should support creation of custom DPI rule.
Solution should provision inclusion of packet data on event trigger for forensic purposes
2.21
2.22
2.23
Product should support CVE cross referencing when applicable?
2.24
2.25
3
3.1
The solution shall protect against fragmented attacks
The solution should allow to block based on thresholds
DPI should integrate with Vmware ESXi hyperviser and need not to install agents on the guest VMs
Solution should have Security Profiles allows DPI rules to be configured for groups of systems, or individual
systems. For example, all Windows 2003 servers use the same operating system rules which are configured in a
single Security Profile which is used by several servers
Integrity Monitoring
Integrity Monitoring module should be capable of monitoring critical operating system and application
elements (files, directories, and registry keys) to detect suspicious behavior, such as modifications, or changes
in ownership or permissions.
3.2
The solution should be able to monitor System Services, Installed Programs and Running Processes for any
changes
3.3
Solution should have extensive file property checking whereby files and directories are monitored for changes
to contents or attributes (ownership, permissions, size, etc).
3.4
3.5
The frequency for detecting a change should be configurable
Solution should be able to track addition, modification, or deletion of Windows registry keys and values, access
control lists, or web site files are further examples of what can be monitored.
65
3.6
3.7
3.8
3.9
3.9.1
3.9.2
3.9.3
3.9.4
3.9.5
3.9.6
3.10
3.11
3.12
4
Auditable reporting should generate within the solution, along with alert generations, and automated report
creation and delivery.
Solution should have Security Profiles allows Integrity Monitoring rules to be configured for groups of systems,
or individual systems. For example, all Windows 2003 servers use the same operating system rules which are
configured in a single Security Profile which is used by several servers. However, each server has unique
requirements which are addressed at the individual Host configuration level.
Solution should have an intuitive rule creation and modification interface includes the ability to include or
exclude files using wildcards filenames, control over inspection of sub-directories, and other features.
Solution should support the following:
Multiple groups of hosts with identical parameters
Regex or similar rules to define what to monitor
Any pre-defined lists of critical system files for various operating systems and/or applications (web servers, dns,
etc..)
Ability to apply a host template based on a regex of the hostname
Ability to exclude some monitoring parameters if they are not required
Ability to generate E Mail and SNMP alerts in case of any changes
Solution should support creation of custom Integrity monitoring rule.
Solution should provide an option for real time or scheduled Integrity monitoring.
Solution should be able to recommend the rules to be applied on individual hosts/endpoints.
4.1
Log Inspection
Solution should have a Log Inspection module which provides the ability to collect and analyze operating
system, datbases and applications for security events.
4.2
Solution should provide predefined out of the box rules for log collection from standard applications like OS,
Database, Web Servers etc.
4.3
The solution should allow creation of custom log inspection rules to collect logs from customized applications
4.4
The solution should be able to automatically recommend log inspection rules based on the OS and applications
running on a server
4.5
The solution should allow assignment of severity levels to logs and then store logs only above a specific severity
level. This is useful to reduce noise
66
4.6
4.7
The solution shall have the capability to notify an administrator if any particular log is collected more than a
predefined number of times in a set time interval. For example - if three unsuccessful login events happen in
less than 60 seconds. These alerts should show up on Central Administration console and should be E Mailed to
the Administrator. The capability to forward these events to a SNMP manager is also important
The solution shall allow tagging of events and also sorting and filtering of events based on the tags
4.8
The solution should be able to collect logs from Unix systems also
Solution should be able to support various log types like, syslog, Windows events, IIS , apache,nmap,mysql_log,
postgresql_log,snort,djb-multilog, squid, single log text file
4.10
The solution should allow creation of custom log parsers and decoders
Solution should have Security Profiles allows Log Inspection rules to be configured for groups of systems, or
individual systems. For example, all Windows 2003 servers use the same operating system rules which are
configured in a single Security Profile which is used by several servers
4.11
4.12
5
5.1
5.2
Log Inspection should work real time
Management and Other Features
Management Server should be installed on Windows Server 2003 and above
Management Server should support Active Passive high availability configuration for DC/DR setup
5.3
The solution shall be able to deliver all the above mentioned Firewall, DPI, Integrity Monitoring and Log
Inspection features through a single agent
5.4
Once the policies are deployed, the agents should continue to enforce the policies whether the management
server is available or not
5.5
Agent installation methods should support manual local installation, packaging with third party software
distribution systems and distribution through Active Directory
5.6
5.7
5.8
An Agent install should not require a restart of the system
Solution should provide ability to hide agent icon from getting displayed in system tray
Any policy updates pushed to the agent should not require to stop the agent, or to restart the system
The solution should be able to automatically discover if any new agents are installed on any servers
67
5.9
5.10
5.11
The solution shall support installation of agents on Windows, Linux and Solaris Operating Systems
Solution should have single centralized web based management console.
The solution shall have the capability to disable the agents temporarily from the Central Management console.
Such action should be logged
5.12
Can the application of policies be scheduled for a specific day/time (i.e., a policy for 9:00 PM to 6:00 AM)?
The solution shall allow to do all configurations from the central management console including, but not
limited to enabling/disabling agents, selecting and applying new policies, creating custom policies, reports etc.
5.13
The solution should have comprehensive Role Based Access Control features including controlling who has
access to what areas of the solution and who can do what within the application
5.14
Host and agent management and should have integration with Microsoft Active directory and virtual
environment management consoles (Eg. VMware vCenter and V Shield Manager)
5.15
The solution should allow grouping of system protected for easy management
Solution should support the logging of events to a non-proprietary, industry-class database such as MS-SQL,
Oracle
5.16
The solution shall allow grouping security configurations together and also allow to apply these configurations
to other similar systems
5.17
Solution should support remote installation of DSVA ( Security VM )on to ESX server
5.18
5.19
5.20
5.21
The solution should support forwarding of alerts through SNMP and E Mail
The solution should be minimum of EAL 3+ certified
5.22
The solution shall have a configurable dashboard that should allow the Administrator to see a 1 day or a 7 day
summary
Solution should allow creating multiple dashboard views for different administrators
5.23
5.24
The solution should be able to generate detailed and summary reports.
The solution shall allow scheduling and E Mail delivery of reports
The solution should support Web Services if it is required to export data out to other custom reporting
solutions
68
5.25
5.26
5.27
5.28
5.29
6
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9
6.10
The solution shall allow creation of custom lists, such as IP Lists, MAC lists etc. that can be used in the policies
that are created.
Administrators should be able to selectively rollback rules applied to agents.
Solution should have an override feature which would remove all the applied policies and bring the client back
to default policies
Solution should maintain full audit trail of administrator's activity
The solution shall allow updates to happen over the internet, or shall allow updates to be manully imported in
the central management system and then distributed to the agents
Antivirus
Solution should be able to integrate with vshield endpoint API ( EPSEC) and provide agentless antivirus for
guest VMx
Agentless Antivirus should support both Real Time and Schedule scan
Solution should have flexibility to configure different real time and schedule scan times for diff guest VMs
Solution should support excluding certain file, directories, file extensions from scan ( real time/schedule)
Agentless Antivirus Solution should have cloud-based threat intelligence combined with traditional endpoint
security technologies.
Solution should support Intelliscan ( True File Type Detection, File extension checking)
Solution should support Intellitrap ( heuristic technology blocking files containing real-time
compressed executable code)
Solution should be able to scan compressed files within guest Vms
Solution should support various Actions like, Clean, Delete, Quarantine, Pass
Solution should also support restoration of quarantined files.
69
Specification for Antivirus
Antivirus (To be provided on all the desktops)
Sl. no
Compliance
(Yes/No)
Specifications
Antivirus Protection and Other features
1
Must offer comprehensive client/server security by protecting enterprise networks from viruses, Trojans,
worms, hackers, and network viruses, plus spyware and mixed threat attacks.
2
3
Must be able to reduce the risk of virus/malware entering the network by blocking files with real-time
compressed executable files.
Must include capabilities for detecting and removing rootkits
4
Must provide Real-time spyware/grayware scanning for file system to prevent or stop spyware execution
5
Must have capabilities to restore spyware/grayware if the spyware/grayware is deemed safe
6
7
8
8.1
8.2
8.3
8.4
8.5
8.6
9
Must have Assessment mode to allow first to evaluate whether spyware/grayware is legitimate and then take
action based on the evaluation
Must clean computers of file-based and network viruses plus virus and worm remnants (Trojans, registry
entries, viral files)—through a fully-automated process
To address the threats and nuisances posed by Trojans, the solution should be able to do the following:
Terminating all known virus processes and threads in memory
Repairing the registry
Deleting any drop files created by viruses
Removing any Microsoft Windows services created by viruses
Restoring all files damaged by viruses
Includes Cleanup for Spyware, Adware etc
Must be capable of cleaning viruses/malware even without the availability of virus cleanup components. Using a
detected file as basis, it should be able to determine if the detected file has a corresponding process/service in
memory and a registry entry, and then remove them altogether
70
10
11
Must provide Outbreak Prevention to limit/deny access to specific shared folders, block ports, and deny write
access to specified files and folders on selected clients in case there is an outbreak
Behavior Monitoring
11.1
Must have behavior monitoring to restrict system behavior, keeping security-related processes always up and
running
11.2
enable Certified Safe Software Service to reduce the
likelihood of false positive detections
12
Must provide Real-time lock down of client configuration – allow or prevent users from changing settings or
unloading/uninstalling the software
13
14
Users with the scheduled scan privileges can postpone, skip, and stop Scheduled Scan.
CPU usage performance control during scanning
14.1
14.2
14.2a
14.2b
Checks the CPU usage level configured on the Web console and the actual CPU consumption on the computer
Adjusts the scanning speed if:
The CPU usage level is Medium or Low
Actual CPU consumption exceeds a certain threshold
15
16
Should have a manual outbreak prevention feature that allows administrators to configure port blocking, block
shared folder, and deny writes to files and folders manually
Should have Integrated spyware protection and cleanup
17
Should have the capability to assgin a client the privilege to act as a update agent for rest of the agents in the
network
19
Shall be able to perform different scan Actions based on the virus type (Trojan/ Worm, Joke, Hoax, Virus, other)
20
Safeguards endpoint mail boxes by scanning incoming POP3 email and Outlook folders for Threats
21
shall be able to scan only those file types which are potential virus carriers (based on true file type)
22
Should be able to detect files packed using real-time compression algorithims as executable files.
71
23
shall be able to scan Object Linking and Embedding (OLE) File
Manageability and integration
1
Must provide Comprehensive Support for Cisco Network Admission Control (CISCO NAC 1 & 2) with HCAP
support
1.1
Must provide seamless integration of the Cisco™ Trust Agent,
enabling effective policy enforcement within a Cisco Self-Defending Network
1.2
Must include a Policy Server for automated communication with Cisco Access Control Servers
2
2.1
2.2
2.3
2.4
2.5
2.6
Should be able to deploy the Client software using the following mechanisms:
Client Packager (Executable & Microsoft Installer (MSI) Package Format)
Web install page
Login Script Setup
Remote installation
From a client disk image
Support MS Systems Management Server (SMS)
3
Must provide a secure Web-based management console to give administrators transparent access to all clients
and servers on the network
4
The management server should be able to download updates from different source if required, which could be
the vendor's update server, any other server or a UNC path
5
If the update from the Management server fails, the security clients with the privilege should be able to get
updated directly from the vendor's server
6
Must reduce network traffic generated when downloading the latest pattern by downloading only incremental
patterns
7
8
8.1
8.2
9
10
Must have the flexibility to roll back the Virus Pattern and Virus Scan Engine if required via the web console
Should have role based administration with active directory integration
To create custom role type
To add uses to a predifined role or to a custom role
Should have integration with the Active directory
Shall support grouping of clients into domains for easier administration
72
11
12
Establish separate configuration for internally versus externally located machines ( Policy action based on
location awareness )
Shall offer centrally managed Client Firewall and IDS
13
Must be capable of uninstalling and replacing existing client antivirus software (Provide the detailed list)
14
Must support plug-in modules designed to add new security features without having to redeploy the entire
solution, thereby reducing effort and time needed to deploy new security capabilities to clients and servers
across the network
15
All features (antivirus, anti-spyware, Enterprise Client Firewall and damage cleanup) are installed at the same
time via client deployment methods and managed centrally via the web-based management console
16
Security Compliance leverages Microsoft Active Directory services to determine the security status of the
computers in the network
Platform Support
1
Windows 2000
2
Windows XP/2003 32-bit Edition
3
Windows XP/2003 64-bit Edition
4
Windows Vista (32-bit & 64-bit)
5
Microsoft Windows Storage Server 2003
6
Windows 7, 32-bit version & 64-bit version
6
Microsoft Cluster Server 2003
7
Windows Server 2008 and Windows Server 2008 R2, 64-bit version
8
8.1
8.2
8.3
9
client installation on guest Windows 2000/2003/2008 operating systems hosted on the following virtualization
applications:
VMware ESX/ESXi Server 3.5 or 4 (Server Edition)
* VMware Server 1.0.3 or later (Server Edition)
* VMware Workstation and Workstation ACE Edition 6.0
Should support Intel x64 processor & AMD x64 processor
10
Should support wireless devices such us Palm, Pocket PC, and EPOC at no extra cost
73
Notification, Reporting and logging
1
Must be able to send notifications whenever it detects a security risk on any client or during a security risk
outbreak, via E-mail, Pager, SNMP trap or Windows NT Event log
2
Should have a feature similar to Firewall Outbreak Monitor which sends a customized alert message to
specified recipients when log counts from IDS, personal firewall, and/or network virus logs exceed certain
thresholds, signaling a possible attack.
3
Must be able to send a customized notification message to specified
recipients when firewall violations exceed certain thresholds, which may
signal an attack
4
Shall offer customizable & standard notifications via - SMTP, SNMP, Pager, NT Event Log
Certifications
1
Must be certified by Microsoft to support the Windows™ Vista™ platform (32-bit and 64-bit).
2
Must be Checkmark certified by WestCoast Labs for Anti-Spyware Desktop, Anti-Trojan & Anti-Virus Desktop
Specification for Link Load Balancer:
Link Load Balancer with 200Mbps Throughput
Sl. no
1
a
b
c
d
e
f
Compliance
(Yes/No)
Specifications
Architecture
Should have minimum 6Copper Gig ports and option for 2 Lx Fiber ports
Should provide minimum 200Mbps load balancing throughput and should be scalable to 4 Gbps with
license key without changing the hardware
Should have minimum 4 GB RAM
Should support minimum 2,000,000 Simultaneous sessions
Should support Dynamic routing protocols like OSPF, RIP and static routing
Should have Client session logging on syslog and local hard disk
74
g
h
2
a
b
c
d
OEM should be in leader quadrant in latest Gartner report for Application Delivery Controller
Offered product should be RoHS-6 Compliant
Load Balancing Features
Should support for minimum 10 ISP links
Should have DNS capability for inbound load balancing
Selection of shortest path to Destination based on load/Hops/response time
Should support static & dynamic proximity based outbound as well as inbound load balancing
e
i
ii
iii
iv
Should support load balancing algorithms
Least amount of Bytes
Least number of users/session.
Cyclic.
Weighted Cyclic
3
4
5
6
7
a
Should support Static NAT, PAT & Dynamic NAT
In case of link failure device should detect it in not more than 30 seconds
Should support port mirroring
Should support port aggregation
Link Management Feature
Should able to redirect traffic based on Source/Destination IP & port
Should have an option to define inbound/outbound Kbps limit of throughput of any given link
b
c
Should provide details of client routed to each link with IP & port details
8
a
ISP Health Monitoring
Shall provide individual health check for each link
Should have predefined health check on protocols like HTTP, SMTP, POP3, DNS, Ping, FTP, SNMP etc
b
c
Should provide AND & OR mechanism between health check
9
a
Redundancy
Should support open standard redundancy protocol e.g. VRRP
75
b
10
a
b
c
d
e
f
g
h
11
a
b
c
d
e
12
a
b
c
Should support transparent & stateful failover between 2 devices using client table mirroring
QoS, Traffic Shaping & Bandwidth Management
Should support bandwidth management based on any L3-L7 information
Should support CBQ, WRR, RED mechanism for QoS
Should support Minimum & Maximum bandwidth allocation limit for traffic shaping
Should support Two-Way bandwidth management
Should support traffic classification on the basis of layer-3 to layer-7 information
Should able to classify & limit P2P bandwidth & protocol like Kazaa, Bit-Torrent, eDonkey, etc
Should also support to define bandwidth per session in any gven policy defined on
source/destination/application
Should have support for day and time based Bandwidth Management policy scheduling
Device Management & Reporting
Should provide GUI interface for configuration & reporting
Should provide HTTP / HTTPS interface management
Should provide SSH / Telnet / CLI interface
Should support SNMP V1, V2c, V3
Should have option for packet capture on device
Certifications
Safety: EN 60950;
EMI: EN 55022 Class A, EN 50024 FCC, Part 15B Class A CE, VCCI
RoHS 6
76
Specification for Data Center Router:
Compliance
(Yes/No)
S. No
Specifications
1
Router Architecture: The router architecture should have following features
Modular Chassis ,the architecture should be based on high performance, distributed forwarding
architecture.
Should support Voice, Video, Security
It should support Single Operating System which includes all the feature set
Interface Support
Ethernet LAN Ports -> 2 x 10/100/1000 Mbps Combo Ethernet port. It should support additional Gigabit
Ethernet modules i.e. both 10/100/1000 or SFP type (upgradable )
It should support the industries widest range of wired and wireless connectivity options such as T1/E1,
ISDN, T3/E3, xDSL, 3G, copper and fiber GE
Performance & Memory Required:
Performance Requirements for 64 byte packet -> Minimum 360 kbps
Hardware:
Should support minimum default DRAM = 256 MB, maximum DRAM =1 GB
External Compact Flash minimum default = 256 MB, maximum External Compact Flash = 1GB
Two USB port
One Serial console port
One Serial auxiliary port
Should support AC power supply and Should support external RPS
Should have 2 encryption slot
Should have 4 high density port WAN interface Slots
Should support 3G standards High-Speed Packet Access (HSPA)
Should have Min two Gigabit Ethernet Port
Voice DSP support
Voice DSP support
Support Voice interface i.e FXS, FXO, PRI, BRI
Router Functional Requirements
QoS -> ToS, CoS, Queuing, prioritizing, Resource Reservation Protocol (RSVP)
NAT -> NAT, PAT
Access Control -> Required
Protocol Support Required:
2
3
4
5
6
77
7
8
9
10
RIP, BGP4, Policy based Routing, PPP, HDLC, OSPF Version 2, Support for IPV6.
Re-distribution of routes from on Routing protocol should not be a bottleneck. All the above features
should be provisioned in the router from day 1.
Congestion Management:
The router should have proper congestion management to eliminate Network congestion when the link
is overloaded.
Random Early Detection, Weighted Fair/priority Queuing,
IP precedence or DSCP.
IP Multicasting: Type Forwarding -> MBGP/PIM-DM/PIM-SM
Bandwidth Optimization:
The following bandwidth optimization features should be
Dial-Backup
Dial-on-Demand
Accounting:
The following accounting features should be supported:
Packet & Byte Counts
Start Time Stamp & End Time Stamps.
Network Time Protocol
Input & Output interface ports.
Type of service, TCP Flags & Protocol
Source & Destination IP addresses
Source & Destination TCP/UDP ports
Security Requirements:
The offered router should have following security features:
Support for Standard Access Lists to provide supervision and control.
Controlled SNMP Access through implementation of Access Lists on the router to ensure SNMP access
only to the SNMP manager or the NMS workstation
Controlled SNMP access through the use of SNMP with MD5 authentication.
Multiple Privilege Levels for managing & monitoring
Support for Remote Authentication User Service (RADIUS) and AAA
PPP CHAP support
Management Features :
The offered router should have the following Management Features:
The Router shall support Telnet, SSH, Console access.
The router shall support FTP or TFTP for easy software upgrades over the network.
Network Management services shall be provided using open standards based protocols like SNMP V2/V3
78
Configuration Management: The Router shall support configuration management through the command
line interface. GUI based software configuration utility shall be provided. Support of configuration on
web interface shall be available.
Event and System logging: Event and system history logging functions shall be available. The Router shall
generate system alarms on events. Facility to put selective logging of events onto a separate hardware
where the analysis of log shall be available.
Pre-planned scheduled Reboot Facility: The Router shall support the preplanned timed reboot to
upgrade their hardware to a new software feature and plan the rebooting as an off-peak time.
Power: Internal Redundant Power supply 230 V AC 50 Hz,
Mounting:
The offered router should be 19" rack mountable
Accessories:
Should come with all necessary power cords, adapters, data cables, connectors, CDs, manuals, brackets
accessories, wire managers, etc, required for installation and commissioning of the equipment.
Specification for Test Center Router:
Slno
1
2
3
4
Specifications
Router Architecture: The router architecture should have following features
The Router should be a Single Box configuration and modular, so that the Company has the flexibility to
use the appropriate choice of interfaces as and when required
Should support Voice, Video, Security
It should support Single Operating System which includes all the featureset
Interface Support
Ethernet LAN Ports -> 2 x 10/100 Mbps Ethernet port (WAN)
Should support two expansion Slot for WAN interface
It should support the industries widest range of wired and wireless connectivity options such as
T1/E1,ISDN, v.35, xDSL, copper GE,3G
Perfromance & Memory Required:
Performance Requirements for 64 byte packet -> Minimum 180 Kpps
Hardware:
Should support minimum DRAM = 256 MB and should support Max 1 GB
One USB port
79
Compliance
(Yes/No)
5
One Serial console port
One Serial auxiliary port
Should support AC Power-supply.
Router Functional Requirements
QoS -> ToS, CoS, Queuing, prioritizing, Resource Reservation Protocol (RSVP)
NAT -> NAT, PAT
Access Control -> Required
Protocol Support Required:
RIP, BGP4, Policy based Routing, PPP, OSPF Version 2, Support for IPV6.
Re-distribution of routes from on Routing protocol should not be a bottleneck. All the above features
should be provisioned in the router from day 1.
Congestion Management:
Random Early Detection, Weighted Fair/priority Queuing,
IP precedence or DSCP.
6
7
8
IP Multicasting: Type Forwarding -> MBGP/PIM-DM/PIM-SM
Bandwidth Optimization:
The following bandwidth optimization features should be
Dial-Backup
Dial-on-Demand
Accounting:
The following accounting features should be supported:
Packet & Byte Counts
Start Time Stamp & End Time Stamps.
Network Time Protocol
Input & Output interface ports.
Type of service, TCP Flags & Protocol
Source & Destination IP addresses
Source & Destination TCP/UDP ports
Security Requirements:
The offered router should have following security features:
Support for Standard Access Lists to provide supervision and control.
Controlled SNMP Access through implementation of Access Lists on the router to ensure SNMP access
only to the SNMP manager or the NMS workstation
80
9
Controlled SNMP access through the use of SNMP.
Multiple Privilege Levels for managing & monitoring
Support for Remote Authentication User Service (RADIUS) and AAA
PPP CHAP support
Management Features :
The offered router should have the following Management Features:
The Router shall support Telnet, SSH, Console access.
The router shall support FTP or TFTP for easy software upgrades over the network.
Network Management services shall be provided using open standards based protocols like SNMP V2/V3
Configuration Management: The Router shall support configuration management through the command
line interface. GUI based software configuration utility shall be provided. Support of configuration on
web interface shall be available.
Event and System logging: Event and system history logging functions shall be available. The Router shall
generate system alarms on events. Facility to put selective logging of events onto a separate hardware
where the analysis of log shall be available.
Pre-planned scheduled Reboot Facility: The Router shall support the preplanned timed reboot to
upgrade their hardware to a new software feature and plan the rebooting as an off-peak time.
Power: Internal Redundant Power supply 230 V AC 50 Hz,
Accessories:
Should come with all necessary power cords, adapters, data cables, connectors, CDs, manuals, brackets
accessories.
Specification for Layer 3 Switch:
Category
Hardware
Architecture
Description
Compliance
Multiple services (Data, voice, video)
24 x 10/100/1000 Base T ports with 4 combo gigabit port for uplink and two SFP should populated with
Switch
Shall support 1000 Base-SX, LX, BX, LH SFP Transceiver.
81
Support for 4 ports of 10 Gig Slot
Shall support XFP, SFP+ and CX4 local connections
High back plane speed minimum 140 Gbps
Forwarding rate should be minimum 100 Mpps
should support stacking up to 9 units per stack with up to 40G(full duplex) Bandwidth
High MTBF Support
The Switches must be able to generate Syslog Messages with timestamp and Severity codes, which can
be exported to a Syslog Server.
The Switches must be able to Build up its own inventory (like Device Name, Chassis Type, Memory, Flash,
Software ver. Etc)
Hardware-based wire-speed access control lists (ACLs)
Support External Redundant Power Supply
L2 Features
Layer 2 switch ports and VLAN trunks
IEEE 802.1Q VLAN encapsulation
Support for at least 4K VLANs .
Vlan information can be negotiated through standard based GVRP protocol or equivalent
VLAN Trunking Protocol or equivalent
802.1s, 802.1w
Minimum 30 K Mac addresses
IGMP snooping v1 and v2, v3
should support Voice VLAN, Dynamic VLAN,QinQ, Selective QinQ
Support STP/RSTP/MSTP,STP Root Guard
IP Routing
Protocols
Static IP Routing
OSPF
BGP
RIP
Hot Standby Routing Protocol/VRRP/VRRPv3
ISIS
82
RIPng, OSPFv3, IS-ISv6, and BGP4+ for IPv6
Support Policy Based Routing
ECMP
L3 features
L3 Multicase
Protocol
Security
ICMP support, Ipv4,IPv6 Support
support routing table - 12,000 entries
Support PIM-SSM, PIM-DM, and PIM-SM for IPv4and IPv6
Standard and extended ACLs on all ports
Dynamic Host Configuration Protocol (DHCP) snooping
AAA and RADIUS authentication enable centralized control of the switch and restrict unauthorized users
from altering the configuration.
Secure Shell (SSH) Protocol and Simple Network Management Protocol Version 3 (SNMPv3) to provide
network security by encrypting administrator traffic during Telnet and SNMP sessions.
Support storm suppression based on port rate percentage
Support AAA, Radius, and HWTacacs+ authentication
Support 802.1X authentication
Support centralized MAC address based authentication
Support SSH 2.0
Support port isolation
QoS
Support port security
Support binding of IP+MAC+port
Support IP Source Check, ARP detection
Support HTTPS
Traffic classification
Should be capable of identifying Class of service
Ingress/Egress CAR with the granularity of 64 kbps
802.1P/DSCP priority marking and remarking
SP, WRR, SP+WRR and WFQ
8 queues per port
83
Manageability Switch needs to have console port for administration & management
& Up
gradation
Must have support SNMP v1, v2, v3
Management using CLI, GUI using Web interface
FTP/TFTP for upgrading the operating System
Minimum 32 supplicant of 802.1x per port
Support for port mirroring measurement using a network analyzer or RMON probe.
RMON: 4 Group (Statistics, Alarm, Events, History), on every port, no impact to performance
Support NTP
Standards
IEEE 802.1x support
IEEE 802.3x full duplex on 10BASE-T and 100BASE-TX ports
IEEE 802.1D Spanning-Tree Protocol
IEEE 802.1p class-of-service (CoS) prioritization
IEEE 802.1Q VLAN
IEEE 802.3 10BASE-T specification
IEEE 802.3u 100BASE-TX specification
802.3ae Should support 10 Gbps Ethernet
IEEE 802.1ad Q-in-Q
Specification for Layer 2 Switch:
Sl No
1
Specification
Compliance
Architecture
ü The switch should have 20 10/100/1000BaseT ports with 4 dual-personality ports (fiber or copper).
ü Shall support 1000 Base-SX, LX, BX, LH and 100Base-FX Mini-GBICs
ü The Switch should be 1U 19” Rack-Mountable
84
ü
ü
ü
ü
ü
2
Up to 48 Gbps switching capacity
Switching throughput of Up to 35.7 million pps
MAC Address table size of 8,000 entries
All the switch ports shall offer non-blocking, wirespeed performance
The switch shall have a maximum depth of 325 mm.
Resiliency and high availability
ü Shall support IEEE 802.3ad Link Aggregation Control Protocol (LACP) with up to 8 links (ports) per trunk
ü Shall support IEEE 802.1s Multiple Spanning Tree Protocol and provide legacy support for IEEE 802.1d STP
and IEEE 802.1w RSTP
ü Shall have Dual-flash images for redundant switch software images
ü Shall support RADIUS VLAN for voice using standard RADIUS attribute and LLDP-MED to automatically
configure VLAN for IP phones
3
Layer 2 switching
ü Shall support IEEE 802.1Q VLANs, up to 64 port-based VLANs
ü Shall support GARP VLAN Registration Protocol (GVRP) allowing automatic learning and dynamic
assignment of VLANs
ü Shall support Jumbo packets up to 9,216-byte frame size to improve performance of large data transfers
4
Security
ü Shall support protected ports to isolate specified ports from all other ports on the switch
ü Shall support Port security, MAC Lockdown and MAC lockout
ü Shall support IEEE 802.1X user authentication using an IEEE 802.1X supplicant in conjunction with a
RADIUS server
ü Shall support multiple IEEE 802.1X users per port preventing user “piggybacking” on another user’s IEEE
802.1X authentication
ü Shall support Web-based authentication providing a browser-based environment to authenticate clients
that do not support the IEEE 802.1X supplicant
85
ü Shall support MAC-based authentication allowing client to be authenticated with the RADIUS server
based on client’s MAC address
ü Shall support BPDU port protection preventing forged BPDU attacks
ü Shall support TACACS+ authentication for secure switch CLI logon
ü Shall support management access (CLI, Web, MIB) securely encrypted through SSHv2, SSL, and SNMPv3
ü Shall support Authorized IP Managers feature to determine which stations (PCs or workstations) can
access the switch through the network
5
Convergence and QoS
ü Shall support IEEE 802.1AB Link Layer Discovery Protocol (LLDP)
ü Shall support IEEE 802.1p Traffic prioritization delivering data to devices based on the priority and type of
traffic
ü Shall support IP multicast (data-driven IGMP) to automatically prevent flooding of IP multicast traffic
6
Manageability
ü Shall support SNMPv1/v2c/v3
ü Shall support RMON providing advanced monitoring and reporting capabilities for statistics, history,
alarms, and events
ü Shall have Full-featured console port providing complete control of the switch with a familiar commandline interface (CLI)
ü Shall support single IP address management for a virtual stack of up to 16 switches
ü Shall support command-line interface (CLI) and Web Interface for switch configuration
ü Shall find and fix common network problems automatically, then inform administrator
ü Shall allow assignment of descriptive names to ports
7
Warranty and Support
ü Lifetime warranty with next-business-day advance replacement
ü The vendor shall support for software fixes and upgrades to the switch available free of cost till the life of
the product
86
Enterprise Management System (EMS)
The proposed EMS solution should monitor fault, availability and performance of network devices across IT infrastructure. This should provide central
performance monitoring for network, server and database along with integrated fault and performance monitoring for IT infrastructure. All the proposed
tools should be from same OEM to facilitate out of the box, seamless & tight integration and should be industry recognized by Gartner/Forrester/IDC/Bloor
Research agencies.
The proposed EMS solution should he inclusive of Hardware and software required to offer following functionalities to ASRB IT infrastructure –





The proposed solution should provide end-to-end, comprehensive, modular and integrated management of IT infrastructure components to
maximize the availability of IT services and SLA performance.
The management system needs to aggregate events and performance information from the domain managers and tie them to service definitions.
This capability is critical for the administrators to have a complete view of the performance and availability of various application services being
managed.
The proposed tools should automatically document problems and interruptions for various IT services offered and integrate with the service level
management system for reporting on service level agreements (SLAs).
The proposed unified solution must also generate a comprehensive view of a service with real-time visibility into service status and identify the root
cause of various infrastructure problems as well as prioritize resources based on impact
The proposed enterprise management system must enable proactive performance management of IT Infrastructure wherein all the technology
domains are monitored for threshold violations.
The proposed EMS solution should consist of the following core modules:
-
-
Network Fault Management System
Performance Management System for i. Network Performance Monitoring
ii. Server Performance Monitoring
iii. Database Performance Monitoring
Integrated Helpdesk System
1.1 Network Management –
The proposed Network Fault Management System will provide the following features:

The Network Fault Management consoles must provide the topology map view from a single central console.
87

The proposed Network Fault Management console must also provide network asset inventory reports and SLA reporting for the managed network
infrastructure.
1.1.1 Network Discovery and Reporting
















The proposed solution must automatically discover manageable elements connected to the network and map the connectivity between them.
The proposed system must support multiple types of discovery including the following:
o IP range discovery – including built-in support for IPv6
o Import data - from pre-formatted files (IPs, ranges, strings or ports)
o Seed router based discovery – Using route tables and SNMP MIBs
o Trap-Based Discovery – whenever new devices are added with capability to exclude specific devices based on IP addresses / IP Address
range
The proposed fault management system must also utilize IPNetToMedia (ARP) table during router discovery for quick subnet discovery.
The proposed fault management system must support exclusion of specific IP addresses or IP address ranges from trap based discovery.
The system should provide discovery & inventory of heterogeneous physical network devices like Layer-2 & Layer-3 switches, Routers and other IP
devices and do mapping of LAN & WAN connectivity with granular visibility up to individual ports level.
The system must be able to support mapping and modeling of the infrastructure grouped by network connectivity, physical location of equipment
and user groups or departments
The modeling of network connectivity must be performed using standard or vendor-specific discovery protocols to ensure speed and accuracy of
the network discovery
The discovery should be able to identify and model router redundancy using vendor–specific protocols (like VRRP and HSRP support for Cisco
devices) so that alarms generated from these virtual addresses are automatically excluded.
The system should support maps grouped by network topology, geographic locations of the equipments and user group/departments. These should
help in understanding physical Network, virtual Network services and the relationships between them.
It shall be possible to reduce the set of displayed devices in the topology views by flexible rules, based on the attribute contents stored with each
device.
The system must also support manual modeling adjustments to allow administrators to customize the structure, the layout and relationship
between modeled elements.
The system must provide visualization tools to display network topology and device to device connectivity. The system must also be able to
document connectivity changes that were discovered since the last update.
The system must provide user-configurable discovery control to manage the frequency and scope network discovery, configured using a graphical
user interface
The system must provide a user-configurable event to alarm mapping system that sets a differentiation that events do not necessarily need an
alarm to be generated
The proposed solution must support Network segmentation by supporting IPSEC / GRE Tunnels as well MPLS Layer 3 VPNs (e.g. VRF) & VLANS.
The proposed solution must provide a firmware exception report that identifies devices within a group with a user-specified firmware level.
88




The proposed solution must provide a detailed asset report, organized by vendor name and device, listing all ports for all devices. When a report is
run the administrator must have an option of specifying the number of consecutive days the port must be “unused” in order for it to be considered
“available”.
The proposed solution must provide sufficient reports that identify unused ports in the managed network infrastructure that can be reclaimed and
reallocated. The proposed management system must also intelligently determine which ports are operationally dormant.
The proposed solution must poll all the ports to determine if any traffic has passed through it. If not the port must be marked unused for that day.
The proposed solution must determine device availability based on whether the device was reachable via SNMP or ICMP. The proposed solution
must also provide an outage editor that will be used to exclude outages from the availability calculation with an option to indicate the reason.
1.1.2 Fault Analysis










The proposed solution should provide out of the box root cause analysis with multiple root cause algorithms inbuilt for root cause analysis.
The system must use advanced root-cause analysis techniques like Inductive Modeling Technology and policy-based condition correlation
technology for comprehensive analysis of network faults.
It should have a strong event correlation engine which can correlate the events on the basis of event pairing, event sequencing etc.
The system must be able to ‘filter-out’ symptom alarms and deduce the root cause of failure in the network automatically
The system should support creating and monitoring of rising or falling thresholds with respect to basic key performance indicators for network,
system and application infrastructures and provide immediate notification when service metrics fall outside the baselines.
The proposed system must include the ability to monitor and visualize a virtualized system infrastructure by discovering and monitoring virtual
machines and providing ability to depict the logical relationships between virtual servers and virtual machines.
The proposed solution must detect virtual server and virtual machine configuration changes and automatically update topology
The proposed system must support enhanced fault isolation to suppress alarms on logical VMs when physical servers fail
The proposed solution must have the ability to collect data from the virtual systems without solely relying on SNMP
The proposed solution must support a an architecture that can be extended to support multiple virtualization platforms and technologies
1.1.3 Configuration Management



The system should be able to clearly identify configuration changes as root cause of network problems
The system should support secure device configuration capture and upload and thereby detect inconsistent “running” and “startup” configurations
and alert the administrators.
The proposed system should be able to administer configuration changes to network elements by providing toolkits to automate the following
administrative tasks of effecting configuration changes to network elements:
o Capture running configuration
o Capture startup configuration
o Upload configuration
o Write startup configuration
o Upload firmware
89





The proposed fault management solution must able to perform “load & merge” configuration changes to multiple network devices
The proposed fault management solution must able to perform real-time or scheduled capture of device configurations
The proposed fault management solution must able to store historical device configurations captured in the database and thereby enable
comparison of current device configuration against a previously captured configuration as well as compare the current configuration against any
user-defined standard baseline configuration policy.
The proposed fault management solution must also support a self-certification option to support device configuration load and capture thereby
enabling users to “self-certify” devices not supported.
The proposed system should be able to monitor compliance & enforce change control policies within the diverse infrastructure by providing data &
tools to run compliance reports, track & remediate violations, and view history of changes.
1.1.4 Advanced IP Services Management





The proposed fault management solution must also support a self-certification option to support device configuration load and capture thereby
enabling users to “self-certify” devices not supported.
The proposed system should be able to monitor compliance & enforce change control policies within the diverse infrastructure by providing data &
tools to run compliance reports, track & remediate violations, and view history of changes.
The proposed solution should be able to support response time agents to perform network performance tests to help identify network
performance bottlenecks.
The proposed solution should be able to monitor QoS parameters configured to provide traffic classification and prioritization for reliable VoIP
transport. The proposed solution should discover and model configured QoS classes, policies and behaviors.
The proposed solution should provide the ability to discover, map & monitor multicast sources & participating routers wherein the system should
be able visualize the distribution tree in the topology map.
1.1.5 Service Level Management






The proposed service management system should provide a detailed service dashboard view indicating the health of each of the departments /
offices in the ASRB and the health of the services they rely on as well as the SLAs.
The proposed Service Dashboard should provide a high level view for executives and other users of the system
The system should provide an outage summary that gives a high level health indication for each service as well as the details and root cause of any
outage.
The system must be capable of managing IT resources in terms of the business services they support, specify and monitor service obligations, and
associate users/Departments/ Organizations with the services they rely on and related Service/Operational Level Agreements. Presently, business
services shall include E-mail, Internet Access, Intranet and other business services hosted.
The Users definition facility must support defining person(s) or organization(s) that uses the business Services or is a party to a service level
agreement contract with a service provider or both. The facility must enable the association of Users with Services and SLAs.
The Service Level Agreements (SLAs) definition facility must support defining a set of one or more service Guarantees that specify the Service
obligations stipulated in an SLA contract for a particular time period (weekly, monthly, and so on). Guarantees supported must include one that
90






monitors service availability (including Mean Time to Repair (MTTR), Mean Time between Failure (MTBF), and Maximum Outage Time thresholds)
and the other that monitors service transaction response time.
Root cause analysis of infrastructure alarms must be applied to the managed Business Services in determining service outages.
SLA violation alarms must be generated to notify whenever an agreement is violated or is in danger of being violated.
The system must provide the capability to designate planned maintenance periods for services and take into consideration maintenance periods
defined at the IT resources level. In addition the capability to exempt any service outage from impacting an SLA must be available.
The system must provide the capability of Advanced Correlation for determining Service health, performing root cause analysis, and fault isolation.
This must include applying complex Boolean logic on multiple attributes and infrastructure alarms.
The system must provide a real time business services Dashboard that will allow the viewing of the current health of required services inclusive of
real-time graphical reports.
The system must provide a historical reporting facility that will allow for the generation of on-demand and scheduled reports of Business Service
related metrics with capabilities for customization of the report presentation.
1.1.6 Deployment Features






The operations console and associated management system should be deployable in a separate physical web-server to reduce the load on the
primary management server.
The security must be able to permit or restrict operator access to different areas of information based on user security rights assigned by the
administrator.
The system needs to support concurrent multi-user access to the management system, enabling multiple read-write access to different areas of the
management domain and support operator workflows.
The system should have self-certification capabilities built into the product so that it can easily add support for new traps and automatically
generate alarms
The proposed network fault management system must support SNMPv3-based network discovery and management out-of-box without the need
for any external third-party modules.
The tool should provide sufficient reports pertaining to asset and change management, alarms and availability of critical network resources as well
as network response times for critical links
1.1.7 Integrations



The proposed NMS should provide unified workflow between the fault and performance management systems including bi-directional and
context-sensitive navigation, such as
o Navigate from the Topology View to At-a-Glance or Trend Reports for any asset
o Navigate from the Alarm View to At-a-Glance, Trend or Alarm Detail Reports
The proposed fault management system should integrate with the performance management system using a synchronized discovery and single
sign-on for operators / administrators between them to enable unified Administration and ease of workflow
The system must support seamless bi-directional integration to helpdesk or trouble ticketing system
91


The proposed network fault management system should integrate with the helpdesk system by updating the Asset with CI information to support
viewing history or open issues in helpdesk on the particular managed asset and associate an SLA to the ticket in the helpdesk
The proposed network fault management system should attach an asset identifier when submitting a helpdesk ticket. In case the asset is not found
in the helpdesk database, it should be automatically created prior to submitting the ticket.
1.2 Performance Management – Provide comprehensive end-to-end performance management across key parts of the network infrastructure. It
should allow identifying trends in performance in order to avert possible service problems.



The proposed performance management system shall integrate network, server and database performance information and alarms in a single
console and provide a unified reporting interface for network components. The current performance state of the entire network & system
infrastructure shall be visible in an integrated console.
The proposed solution must scale to large networks while supporting a single web interface for access to reports. The system must support
multiple locations and a distributed deployment for collection and monitoring. Primary instrumentation should exist in the data center.
The performance management system is to provide all of the following capabilities for the ongoing performance monitoring, troubleshooting and
reporting in the network and applications:
1.2.1 Network Performance Management and Performance Reporting System:









The Network Performance Management consoles must provide a consistent report generation interface from a single central console.
This central console will also provide all required network performance reports (including latency, threshold violations, packet errors, availability,
bandwidth utilization etc.) for the network infrastructure.
The proposed system shall collect, analyze and summarize management data from LAN/WAN, MIB-II interfaces and various servers for performance
management.
The proposed system shall identify over-and under-utilized links and assist in maximizing the utilization of current resources
The proposed system shall provide Performance of Network devices like CPU, memory & buffers etc, LAN and WAN interfaces and network
segments.
It shall provide comprehensive health reporting to identify infrastructure in need of upgrades and immediate attention. Capacity planning reports
shall identify network traffic patterns and areas of high resource utilization, enabling to make informed decisions about where to upgrade capacity
and where to downgrade or eliminate capacity. It should also support ‘What if’ analysis and reporting to enable understanding the effect of growth
on available network resources.
The proposed system shall provide easy to read representations of health, utilization, latency and availability.
It shall provide Real time network monitoring and Measurement offend-to-end Network performance & availability to define service levels and
further improve upon them.
The proposed solution should provide the following performance reports out-of-the-box:
92
o







Executive Summary report that gives an over all view of a group of elements, showing volume and other important metrics for the
technology being viewed.
o Capacity Planning report which provides a view of under-and-over-utilized elements.
o Service Level report that shows the elements with the worst availability and worst response time-the two leading metrics used to monitor
SLAs.
The proposed system must have a Cognos-based report authoring tool built-in which will enable complete customization flexibility of performance
reports for network devices and monitored servers.
The tool should provide a live trend diagram that continuously charts critical statistical performance variables as they are collected ad displaying the
resource utilization levels of various critical devices and links in the managed infrastructure.
The tool should provide a live exceptions list displaying the various health and threshold exceptions that are occurring in the managed
infrastructure.
The tool should provide an integrated performance view for all the managed systems and networks along with the various threshold violations
alarms in them. It should be possible to drill-down into the performance view to execute context specific reports
The tool should have the capability to configure different polling speeds for different devices in the managed infrastructure with capability to poll
critical devices using 30 second poll periods.
The system must provide the following reports as part of the base performance monitoring product out-of-the-box to help network operators
quickly identify device problems quickly:
At-A-Glance Reports to present a single page report on vital device statistics like for routers could display:
o Backplane Utilization
o Buffer Create Failures
o Buffer Hits
o Buffer Misses
o Buffer Utilization
o Bus Drops
o CPU Utilization
o Fan Status
o Free Memory
o Memory Utilization
o Packets Out
o Power Supply Status
o Temperature Status
o Total Bytes
o Total Discards In & Out
o Total Faults In &,Out
o Total Packets
o Total Queue Drops & Discards In &Out.
93










Trend Reports to present a single graph of a single variable (e.g. CPU utilization) for multiple devices across time. This would help network
operators & IT managers plan or capacity and identify long drawn problems
Top N Reports to present a list of elements that exceed / fall below a particular threshold value. This would help network operators to identify
elements that share specific performance characteristics (for example, to identify over utilized elements, you would run a Top-N report for all
elements whose bandwidth utilization exceeds 90% or availability falls below 95%)
What-If Reports to perform capacity planning by observing the effect of changes in capacity & demand (for example, the report should indicate
what the bandwidth utilization would be if the demand was double the historical value)
Service Level Reports to analyze & display service level information for an enterprise, region, department or business process for e.g. a typical
business unit service level report for finance department should indicate evaluation of the performance of all the systems, routers, LAN/WAN
segments, and applications within that department
Health Reports to analyze trends calculate averages and evaluate the health of the infrastructure. With this information, operators should be able
to determine how efficiently applications and systems are running, whether critical resources are available, and what capacity planning initiatives
make sense.
The system must provide capability to measure & generate detailed performance reports for the following common TCP/IP applications:
o DHCP: Measure the round trip latency required to obtain an IP address.
o DNS: Measure the DNS lookup time including Latency and Packet Loss
o FTP : Measure the time it takes to connect and transfer a file including Latency and Packet Loss
o ICMP Ping : Measure round trip source to destination including Latency and Packet Loss
o HTTP: Measure the time it takes to serve up a web page including the following parameters:
 Latency
 Http DNS resolution
 Http TCP Connection Time
 Http download time
o HTTPS: Using SSL, Measure the time it takes to serve up a web page
o Latency and Packet Loss for:
 POP3
 SMTP
 TCP
 UDP Echo Test
The proposed system should be able to auto-calculate resource utilization baselines for the entire managed systems and networks and allow user
to set corresponding upper and lower threshold limits.
The tool should provide Latency (both one way and round trip times) report for critical devices and links
The proposed system should use intelligent alarm de-duplication algorithms like Deviation from Normal and Time over Threshold to learn the
behavior of the network infrastructure components over a period of time.
The proposed system should be able to run jitter tests to generate both latency and losses between a test host and a voice enabled end point. The
following parameters must be measured and reported on:
94
o
o
o
o
o
o

Latency
Source to Destination Packet Loss
Destination to Source Packet Loss
Missing in Action Packet
Late Packet Arrival
Positive and Negative Jitter
 Source to Destination
 Destination to Source
o MOS etc.
The proposed service availability system must be able support the following tests out-of-the-box:
o Active Directory – Verify that Windows directory services are working properly to manage shared files and resources.
o Dynamic Host Configuration Protocol (DHCP) – Confirm that DHCP servers are responding to address requests.
o Domain Name System (DNS) – Verify that DNS servers are processing hostname-to-address resolution requests.
o File I/O – Verify that operations such as read, write, and compare work across file systems.
o File Transfer Protocol (FTP) and TFTP – Confirm that users can log in to specified servers to upload and download files.
o Hypertext Transfer Protocol (HTTP) and (HTTPS) – Verify that users can connect to business Web servers and determine whether specific
text displays on a Web page.
o Lightweight Directory Access Protocol (LDAP) – Verify that connection can be established to LDAP servers and process user requests and
LDAP queries.
o Network Information System (NIS)/NIS+ – Confirm that NIS map requests are being processed.
o Network News Transfer Protocol (NNTP) – Ensure that users can connect to their Usenet newsgroup servers and bulletin boards.
o Simple Network Management Protocol (SNMP) – Confirm that SNMP agents are responding to SNMP GET requests.
o Ping (ICMP echo) – Ensure that network devices exist and are reachable across the network.
o E-mail services, including Internet Message Access Protocol (IMAP), Messaging Application Program Interface (MAPI), Post Office Protocol
3 (POP3), Simple Mail Transfer Protocol (SMTP), and round-trip e-mail that originates from an SMTP server and retrieves messages from
IMAP, MAPI, or POP3 accounts and confirm that the e-mail servers are available and are processing e-mail effectively.
1.2.2 Flow-based Traffic Analysis, Reporting and Capacity Planning System:

The bidder must provide a solution for collecting Flow data from multiple devices simultaneously across the network. The solution must provide the
following Flow-based metrics:
o Rate
o Utilization
o Byte Count
o Flow Count
o IP hosts with automatic DNS resolution
o IP conversation pairs with automatic DNS resolution
95













o Router/interface with automatic SNMP name resolution
o Protocol breakdown by host, link, ToS or conversation.
o Utilization by bit pattern matching of the TCP ToS field.
o AS number
o BGP next hop address
o IPv6 addresses
The system and all user interfaces must be protected by a login system capable of multiple users and unique passwords for each user. Each user ID
must be individually configurable to determine unique access rights to specific reports and network components. A system for creating unique
pages based on user ID must be available where each user has the ability to configure what information, including specific network performance
graphs, is displayed upon login. Where security allows all monitored interfaces and applications must be available for inclusion in each users
custom web based page.
The proposed solution must keep historical rate and protocol data for a minimum of 12 months (most recent) in its current long term operating
database. All data in that database must have a maximum 15 minute window granularity. A user must be able to select any 15 minute window
over the last 12 months and display unique utilization and protocol data for every monitored interface.
The proposed solution must keep historical rate and protocol data for a minimum of 30 days (most recent) in its short term operating database. All
data in that database must have a maximum 1 minute window granularity. A user must be able to select any 1 minute window over the last 30 days
and display unique utilization and protocol data for every monitored interface.
The proposed solution must be able to monitor and report on a minimum of 15000 unique protocols per day and display utilization data for each
protocol individually. This capability must be available for each monitored interface uniquely.
The proposed solution must keep and report on a minimum 25000 unique hosts per day for each monitored interface.
The proposed solution must keep and report on a minimum 25000 unique conversations per day for each monitored interface.
The system must support the ability to report on traffic based on the IP ToS field using a bit pattern matching method that will allow reporting on
any variation of usage within this 8 bit field including, but not exclusive to, DSCP and IP Precedence. The system must maintain this custom ToS
based information for each interface for at least 12 months at a minimum 15 minute granularity.
The system must support the ability to specify which hosts, conversations, IP ports, custom ToS matches and interfaces are included or excluded
from the web based report.
The system must allow date range selection for the reporting period. The system must also allow the defined custom reports to be saved
indefinitely for future use.
All reports should be generated and displayed directly by the system from a common interface.
The system must be able to restrict views for defined users to specific routers, interfaces, and reports.
The user must be able to generate reports from the long term database based on specific thresholds defined by the user where the threshold can
be compared to rate, utilization or volume of every monitored interface as a filter for inclusion in the report.
The system must support the ability to create reports that allow the user to search all IP traffic over a specified historical period, for a variety of
conditions. The system must have the ability to search all IP traffic without loss or exclusion of any traffic. The system must support search within
this period for the following at a minimum;
o Search for any traffic using a specific configurable destination port, or port range. The system should list all clients and servers meeting
these criteria.
96
o
o
o
o
o
o








Search for any traffic using a specific autonomous system (AS) number. The system should list all network traffic meeting this criterion.
Search for any traffic using a specific BGP next hop IP address. The system should list all network traffic meeting this criterion.
Search for any traffic using a specific IP subnet mask. The system should list all network traffic meeting this criterion.
Search for any traffic using a specific IP ToS bit. The system should list all network traffic meeting this criterion.
Search for any clients or servers communicating with more than a specific number of other unique clients or servers.
Search for any clients or servers that are communicating on more than a specified number of TCP or UDP ports within a specified reporting
period.
o Search for any clients or servers that are experiencing more than a specified number of TCP resets per hour within a specified reporting
period.
o Search for any IPv4 or IPv6 conversation across the entire network in a single report.
o Search for any protocol in use by a specific host or list of hosts in a single report.
o Search for any protocol in use on a specific interface or list of interfaces in a single report.
o Search for every host that is accessing a specific host or list of hosts. The search should include the ability to limit the scope to a specific
interface or list of interfaces.
The proposed system must be capable of automatically detecting anomalous behavior such as virus attacks or unauthorized application behavior.
The system should analyze all Flow traffic and alert via SNMP trap and syslog of any suspicious activity on the network.
Flow collection systems must support a minimum of 5 million flows per minute and be capable of storing gathered information in a common
database where all long term reporting information is held.
The proposed system must be capable of providing the following detailed analysis:
o Top utilized links (inbound and outbound) based on utilization of every link being monitored by every collection device.
o Top protocols by volume based on utilization of every link being monitored by every collection device.
o Top host by volume based on utilization of every link being monitored by every collection device.
o A listing of interfaces exceeding either of 2 configurable utilization thresholds and a configurable percentage of time over threshold value.
This listing must not be limited in number or scope. The system must check all interfaces it monitors for inclusion in this listing.
The solution must automatically populate a list of interfaces exporting Flow traffic to any of its collection devices without user intervention or
individual configuration of the reporting interfaces on the system. The system must automatically SNMP poll the Cisco devices for, device name,
interface name, interface speed and interface descriptions. The solution must incorporate that information into its default reports without user
intervention. The system must also support manual edit of the automatically polled information.
The system must provide the ability to group interfaces into functional groups based on any user criteria. The grouping function must allow users
to create group names and add interfaces into that grouping for reporting purposes. Once created, these groups must be available for selection
within custom reports as a mechanism to include multiple interfaces without individual selection for inclusion.
The system must support interface specific report generation for every monitored interface in the network. The network interface selection must
also provide a search function that allows the user to search for interfaces based on text based pattern matching of the device name, interface
name, description and active status of all interfaces in the list.
The proposed system must spot potential bottlenecks with color-coded indicators for interfaces that breach defined thresholds and durations
The proposed system must enable planning of future capacity needs and customize bandwidth projection calculations by utilization, protocol and
Type of Service (ToS)
97










The proposed traffic monitoring system must help solving performance problems faster using real-time reports and alarms for every interface on
the network for the past 30 days with one-minute granularity
The proposed system must provide details of applications, hosts, and conversations consuming WAN bandwidth to isolate and resolve problems
The proposed system must use host-based Anomaly Detection capabilities for early warning of malware, tunneling, rogue user behavior, host misconfiguration and other performance threats
The proposed traffic monitoring system must provide real-time reports and alarms at one-minute granularity for every interface on the network
The proposed system must provide eight-hour, daily, weekly, monthly, yearly, or customizable reporting time periods
The proposed traffic monitoring system must comprise of baseline views and anomaly detection capabilities to identify abnormal traffic and analyze
trends in applications, hosts, and conversations per QoS policy
The proposed traffic monitoring system must be able to track 100% of all flow traffic on the network and identify malicious behavior with all IP
conversations
The proposed traffic monitoring system must be designed to retain and access over a year of enterprise-wide flow data with no data roll-ups
The proposed traffic monitoring system must be capable of reporting on 100% of flow traffic for the entire network for 30 days
The proposed system must use appliance based monitoring to reduce the impact on the monitored network and improve scalability.
1.2.3 Server Performance Monitoring:
The proposed Server Performance Management System must provide the following features:









The proposed server performance management system shall integrate network performance management systems and provide the unified
performance state view in a single console. The current performance state of the entire network and server infrastructure shall be visible in an
integrated console.
The proposed tool must provide lightweight server agents to ensure availability and performance for target server nodes and deliver scalable, realtime management of critical systems.
The proposed tool should be able to monitor various operating system parameters such as processors, memory, files, processes, file systems, etc.
where applicable, using agents on the servers to be monitored.
It should be possible to configure the operating system monitoring agents to monitor based on user-defined thresholds for warning/critical states
and escalate events to event console of enterprise management system.
The proposed tool should integrate with network performance management system and support operating system monitoring for various platforms
including Windows, UNIX and Linux.
It should also be able to monitor various operating system parameters depending on the operating system being monitored yet offer a similar
interface for viewing the agents and setting thresholds.
The proposed tool must provide provision for performance scoping and trending to provide real-time as well as historical reporting, where
specified.
The proposed tool should be able to gather information about resources over a period of time and provide historical performance and usage
information through graphical reports, which will quickly show performance trends.
The proposed solution should support management following parameters:
98
o






Processors: Each processor in the system should be monitored for CPU utilization. It should compare Current utilization against user
specified warning and critical thresholds.
o File Systems: Each file system should be monitored for the amount of file system space used, which should be compared to user-defined
warning and critical thresholds.
o Log Files: Logs should be monitored to detect faults in the operating system, the communication subsystem, and in applications. System
agents should also analyze log files residing on the host for specified string patterns.
o System Processes: System agents should provide real-time collection of data from all system processes. Using this it should help identify
whether or not an important process has stopped unexpectedly. It should provide an ability to automatically restart Critical processes.
o Memory: System agents should monitor memory utilization and available swap space and should raise an alarm in event of threshold
violation.
The proposed solution should provide automated management to detect, isolate, and resolve problems autonomously
The proposed solution should provide self-monitoring wherein it will track critical status such as
o CPU utilization
o Memory capacity
o File system space and other important data.
The proposed tool should provide Process and NT Service Monitoring wherein if critical application processes or services fail, administrators are
immediately alerted and processes and services are automatically re-started
The proposed solution should provide quick at-a-glance reports on systems and applications, disk and file system statistics, hardware/software
inventories and more. The tool should be able to identify CPU hogs, and detect memory-leaking processes and I/O bottlenecks before they bring
down the server.
The proposed tool should be able to provide Log File Monitoring which enables administrator to watch system logs and text log files by specifying
messages to watch for. When matching messages gets logged, the proposed tool should notify administrators and enable to take action like sending
an email.
The proposed server performance management system shall integrate network performance management systems and provide the unified
performance state view in a single console. The current performance state of the entire network and server infrastructure shall be visible in an
integrated console.
1.2.4 Database Performance Monitoring
The proposed Database Performance Management System must provide the following features:



The proposed database performance management system shall integrate network and server performance management systems and provide
the unified view of the performance state in a single console.
It should be able to automate monitoring, data collection and analysis of performance from single point.
It should also provide the ability to set thresholds and send notifications when an event occurs, enabling database administrators (DBAs) to
quickly trace and resolve performance-related bottlenecks.
99







Database performance management solution for Distributed RDBMS must include hundreds of predefined scans for monitoring various
database, operating system and network resources. This should minimize the need to write and maintain custom scripts. If a special monitoring
situation exists, you can modify an existing script to meet your requirements.
With respect to user-defined parameters, the tool should report conditions that exceed thresholds and automatically takes corrective actions.
The event management system must send alerts for an array of server conditions, including inadequate free space, runaway processes, high
CPU utilization and inadequate swap space.
The tool should have the ability to create real-time or historical custom graphs and stacks for comparison, correlation and trending across any
collected database or database server
The database performance management solution must support historical archive store for performance information in a compressed timeseries form. DBAs should be able to drill down through layers of data to discover the cause of a condition occurring with the databases,
operating system or network. These historical reports must also be usable to perform trend analysis and capacity planning.
The database performance management solution must be able to trace, analyze and tune resource-consuming SQL statements.
The database performance management solution must have a console to enable users to monitor, analyze and take corrective action from a
centralized point. It should also include a platform-independent, browser-based console to monitor performance from remote locations.
1.3 Helpdesk Management
The proposed ITIL-based Helpdesk Management System must provide the following features:













The proposed helpdesk solution must provide flexibility of logging, viewing, updating and closing incident manually via web interface.
The web interface console would also offer power-users tips.
The proposed helpdesk solution must provide seamless integration to log incident automatically via system and network management.
The proposed helpdesk solution must provide classification to differentiate the incident via multiple levels/tiers of categorization, priority levels,
severity levels and impact levels.
The proposed helpdesk solution must be able to provide flexibility of incident assignment based on the workload, category, location etc.
Each escalation policy must allow easy definition on multiple escalation levels and notification to different personnel via window GUI/console with
no programming.
The escalation policy would allow flexibility of associating with different criteria like device/asset/system, category of incident, priority level,
organization and contact.
The proposed helpdesk solution must provide web-based knowledge database to store useful history incident resolution.
The proposed helpdesk solution must contain built-in knowledge tools system that can provide grouping access on different security knowledge
articles for different group of users.
The proposed helpdesk solution must have a strong Business Objects based reporting module built in it.
The proposed helpdesk solution must integrate with EMS event management and support automatic problem registration, based on predefined
policies.
The proposed helpdesk solution must be able to log and escalate user interactions and requests.
The proposed helpdesk solution must be able to provide status of registered calls to end-users over email and through web.
100













The proposed helpdesk solution must have an updateable knowledge base for technical analysis and further help end-users to search solutions for
previously solved issues.
The proposed helpdesk solution must have the ability to track work history of calls to facilitate troubleshooting.
The proposed helpdesk solution must support tracking of SLA (service level agreements) for call requests within the help desk through service
types.
The proposed helpdesk solution must support request management, problem management, configuration management and change order
management.
The proposed helpdesk solution must be capable of assigning call requests to technical staff manually as well as automatically based on predefined
rules, and should support notification and escalation over email, web etc.
Knowledge tools and CMDB should be integral built-in components of Helpdesk and should be accessible from the same login window to enable
seamless access.
The proposed helpdesk solution must allow the IT team to see the CI relationships in pictorial format, with a specified number of relationships on
single window.
Workflow must provide the ability of being Non-linear workflow with decision based branching and the ability to perform parallel processing. It
should also have a graphical workflow designer with drag & drop feature for workflow creation and updation.
The proposed helpdesk solution must have an integrated CMDB for better configuration management & change management process. CMDB
should have more than 50 CI families, 140 CI Classes and 70 CI Relationship Types out of the box. Both helpdesk & CMDB should have same login
window for seamless access.
The proposed helpdesk solution must have a top management dashboard for viewing the helpdesk KPI in graph & chart formats.
The proposed helpdesk solution must support remote management for end-user & allow analysts to do the desktop sharing for any system located
anywhere, just connected to internet.
Remote desktop sharing in helpdesk tool should be out-of-the-box, agent-less & all activities should be automatically logged into the helpdesk
ticket.
The proposed helpdesk solution must allow IT teams to create solution & make them available on the end – user login window for the most
common requests.
101
8/24 FC SAN Switch Specifications:
S.No.
Specifications
Architecture/Scalability/Performance/Management:
1
Minimum Dual SAN switches shall be configured where each SAN switch shall be configured with minimum of 16 Ports scalable to 24
ports.
2
Required scalability shall not be achieved by cascading the number of switches and shall be offered within the common chassis only
3
Should deliver 8 Gbit/Sec Non-blocking architecture with 1:1 performance for up to 24 ports in a energy-efficient fashion
4
Should protect existing device investments with auto-sensing 1, 2, 4, and 8 Gbit/sec capabilities.
5
The switch shall support different port types such as FL_Port, F_Port, M_Port (Mirror Port), and E_Port; self-discovery based on switch
type (U_Port); optional port type control in Access Gateway mode: F_Port and NPIV-enabled N_Port
6
The switch should be rack mountable
8
Non disruptive Microcode/ firmware Upgrades and hot code activation.
9
The switch shall provide Aggregate bandwidth of 192 Gbit/sec: 24 ports × 8 Gbit/sec (data rate) end to end.
10
Switch shall have support for web based management and should also support CLI.
11
The switch should have USB port for firmware download, support save, and configuration upload/download.
12
Offered SAN switches shall be highly efficient in power consumption. Bidder shall ensure that each offered SAN switch shall consume less
than 60 Watt of power.
13
Switch shall support POST and online/offline diagnostics, including RAStrace logging, environmental monitoring, non-disruptive daemon
restart, FCping and Pathinfo (FC traceroute), port mirroring (SPAN port).
Intelligent Networking:
14
Offered SAN switch shall support services such as Quality of Service (QoS) to help optimize application performance in consolidated,
virtual environments. It should be possible to define high, medium and low priority QOS zones to expidite high-priority traffic
15
The switch shall be able to support ISL trunk up to 64 Gbit/sec between a pair of switches for optimal bandwidth utilization and load
balancing.
16
SAN switch shall support to restrict data flow from less critical hosts at preset bandwidths.
17
It should be possible to isolate the high bandwidth data flows traffic to specific ISLs by using simple zoning
18
The Switch should be configured with the Zoning and shall support ISL Trunking features when cascading more than 2 numbers of SAN
switches into a single fabric.
19
Offered SAN switches shall support to measure the top bandwidth-consuming traffic in real time for a specific port or a fabric which
should detail the physical or virtual device.
102
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising