Bids Are Invited For Procurement and Installation of Items for Integrated Communication Network Project - Firewall Appliance , Security Subscription License for 3 years , 10 G Short range Transceivers , 1G Short range Transceivers , Log and Reporting Solution Appliance , License for Log Reporting , Anti Virus 25 endpoints , Anti Virus Server , Domain Controller Server , 24 Port SFP Switch, Cat 6 UTP Cable, 12 Core Single Mode Optical Fibre Cable , Installation and Commissioning - Hardware 1 The Firewall must be hardware appliance with ASIC based Security Processing Processors 2 Should support 12 or more gigabit RJ45 interfaces and 8 or more 1G SFP slots 3 Should have 4 no of 10G SFP+ slots or more 4 Should have 1 console port (RJ45) and 1 or more Number of USB ports 5 Should have internal dual power supply from day one Firewall Performance 6 Should have Firewall throughputs of minimum 20 Gbps or more 7 IPSec VPN throughput should be 10 Gbps or more 8 NGFW throughput should be 3.5 Gbps with enterprise mix traffic real world traffic 9 Threat protection throughput should be 3 Gbps with enterprise mix traffic real world traffic 10 Must support at least 3,000,000 or more concurrent connections 11 Must support at least 250,000 or more new sessions per second processing. 12 Should Support Virtualization (ie Virtual Systems / Virtual Domains). Should be having 10 or more virtual system license from day one Firewall Features 13 Should support both “bridge mode” or transparent mode” apart from the standard NAT mode 14 Should provide NAT functionality, including PAT. Should support NAT 66, NAT 64, Static NAT IPv4 to IPv6 and vice versa and IPv6-IPv4 tunneling or dual stack. 15 Should support IPv4 & IPv6 policies 16 Should have provision to create secure zones / DMZ (ie Multi‐ Zone support) 17 Should support the standards based Multi‐Link aggregation technology (IEEE 802.3ad) to achieve higher bandwidth. 18 Should support VLAN tagging (IEEE 802.1q) in NAT/Route mode 19 Should support Static routing and Dynamic Routing (RIP, OSPF & BGP) 20 Should support Active‐Active/ Clustering as well as Active‐ Passive redundancy. 21 Should support ISP Load balancing/ Link Sharing and Failover 22 Should have SD-WAN feature to choose better link for continuing to achieve a high level of application availability and predictable performance. 23 Proposed Appliance should support native SD WAN features and Necessary licenses, if required, need to be provisioned from day 1. 24 Should support multi-path intelligence based on link quality criteria 25 Should support link performance check based on packet loss, latency & jitter 26 Should support configuring multiple SLA rules 27 Should support application specific rules based on SLA strategy 28 Should support high performance deep packet inspection for application identification and control Authentication 29 Should support User‐Group based Authentication (Identity based Firewalling) & Scheduling 30 Should support authentication servers – RADIUS, LDAP & Active Directory 31 Support for RSA Secure ID or other Token based Products. Should have 2 tokens included for enabling MFA for admin logins VPN 32 Should support protocols such as DES & 3DES, MD5, SHA‐1, SHA‐256 authentication, Diffie‐ Hellman Group 1, Group 2, Group 5, Group 14, Internet Key Exchange (IKE) v1 as well as IKE v2 algorithm, The new encryption standard AES 128, 192 & 256 33 Should support minimum 200 IPSec Site-to-Site and 500 no of IPSec Site-to- Client VPN tunnels. 34 Should have integrated SSL VPN with license for 500 concurrent SSL VPN users from day one 35 Support for Client based VPN is mandatory and support for SSL Web VPN is preferable. 36 Should support Windows, Linux and MAC OS for SSL‐VPN 37 Should support NAT within IPSec/SSL VPN tunnels 38 Should support Stateful failover for both Firewall and VPN sessions. IPS 39 Should have a built‐in Signature and Anomaly based IPS engine on the same unit 40 Should have protection for 10000+ signatures 41 Able to prevent denial of service and distributed Denial of Service attacks. 42 Supports user‐defined signatures (i.e., Custom Signatures) with Regular Expressions. Application Control 43 Should have Application control feature with 3000 or more application signatures 44 Should perform Traffic Shaping based on applications 45 Should control popular IM/P2P, proxy applications regardless of port/protocol Gateway Antivirus 46 The appliance should facilitate embedded anti-virus/ anti-malware support 47 Gateway AV/ Anti-malware should be supported for real‐time detection of viruses and malicious code for HTTP, HTTPS, FTP, SMTP, SMTPS, POP3 and IMAP protocols 48 should also include Botnet filtering and detecting and preventing Botnet command and control traffic 49 Should have configurable policy options. Possible to select traffic to scan for viruses Web Filtering 50 The appliance should facilitate embedded Web Content and URL Filtering feature 51 Web content and URL filtering solution should work independently without the need to integrate with External proxy server. 52 URL database should have 200 million or more URLs under more than 70 categories 53 Should be able to block different categories/sites based on User Authentication. Management, Log & Reporting 54 Firewall should support management through GUI (Web-based) or CLI. 55 Firewall should support logging to multiple syslog servers. 56 Log & Reporting should be a dedicated solution out of the Firewall 57 The log & reporting platform must have a storage of 2 TB 58 The solution should provide comprehensive security event logging, reporting Support 59 OEM should be present in India from at least 3 years and should be proposed with 24x7x365 days TAC support, RMA, software updates and subscription update support. The NGFW should be proposed with 3 years subscription licenses for NGFW, NGIPS, Anti Virus , Anti Spyware, Threat Protection, URL Filtering, as mentioned above from day 1. 60 Bidder has to take care of Installation, commissioning of the NGFW. Bidder has to provide training to the team on NGFW 48 should also include Botnet filtering and detecting and preventing Botnet command and control traffic 49 Should have configurable policy options. Possible to select traffic to scan for viruses Web Filtering 50 The appliance should facilitate embedded Web Content and URL Filtering feature 51 Web content and URL filtering solution should work independently without the need to integrate with External proxy server. 52 URL database should have 200 million or more URLs under more than 70 categories 53 Should be able to block different categories/sites based on User Authentication. Management, Log & Reporting (Log & Reporting Solution Appliance) 54 Firewall should support management through GUI (Web-based) or CLI. 55 Firewall should support logging to multiple syslog servers. 56 Log & Reporting should be a dedicated solution out of the Firewall 57 The log & reporting platform must have a storage of 2 TB 58 The solution should provide comprehensive security event logging, reporting Support. (Licence for Log & Reporting Appliance) 59 OEM should be present in India from at least 3 years and should be proposed with 24x7x365 days TAC support, RMA, software updates and subscription update support. The NGFW should be proposed with 3 years subscription licenses for NGFW, NGIPS, Anti Virus , Anti Spyware, Threat Protection, URL Filtering, as mentioned above from day 1. 60 Bidder has to take care of Installation, commissioning of the NGFW. Bidder has to provide training to the team on NGFW 10G/1G Short Range Tranceivers 61 Protocol Standard 10G/1G Base-SR 62 IEEE Standard 802.3ae 63 Module Type SFP+ 64 Data Link Rate for Ethernet 10G/1G Gbps 65 Transmission Range 300m 66 Operating Temperature 0°C to 70°C Anti-virus Server 67 Chassis: 1U Rack Mountable 68 CPU : One or two numbers of 4th Generation Intel® Xeon® Scalable Processor 16 Cores. 69 Chipset : Intel® C741 Chipset 70 Memory : 32DIMM slots. 32 GB DIMMS scalable upto 8.0 TB using DDR5 Registered DIMM (RDIMM) operating at 4800 MT/s 71 Bus Slots : Server should support upto eight PCI-Express 5.0 x16 slots. Additional two x8 or higher PCIe 5.0 slots 72 BOOT optimized storage : 4 x 2TB SAS HDD RAID 0,1,5 74 HDD Bays : Upto 30 SFF SAS/SATA/SSD/NVMe or Upto 16 LFF SAS/SATA/SSD or Upto 36 1T EDSFF or 18 2T EDSFF (FUTURE) 75 Controller : Server should support one of the below controllers, must support Mixed Mode which combines RAID and HBA mode operation simultaneously : Embedded / PCIe based x16 RAID controller with 8GB Flash backed write cache, supporting RAID 0, 1, 5, 6, 10, 50, 60. Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 12G SAS, 16G NVMe. or Embedded / PCIe based x16 RAID controller supporting RAID 0, 1, 10. Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 12G SAS, 16G NVMe. or Embedded / PCIe based RAID controller with 4GB Flash backed write cache supporting RAID 0, 1, 5, 6, 10, 50, 60 s Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 12G SAS, 16G NVMe. Above mentioned controller must support following : 1. Hardware root of trust and secure encryption and decryption of critical drive data 2. Online Capacity Expansion (OCE) 3. Configurable stripe size up to 1 MB 4. Global and dedicated Hot Spare with Revertible Hot 5. Instant Secure Erase 6. Migrate RAID/Stripe Size 7. Modifying Cache Write Policy 8. Move Logical Drive 9. Re-enable Failed Logical Drive or PCIe based x32 RAID controller with 8GB Flash backed write cache, supporting RAID 0, 1, 5, 6, 10, 50, 60, 1T, 10T supporting up to 32 direct-connected storage devices (SAS/SATA/NVMe). Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 24G SAS, 16G NVMe. Controller must support following : 1. Expand Logical Drive 2. Instant Secure Erase 3. Migrate RAID/Stripe Size 4. Modifying Cache Write Policy 5. Move Logical Drive 6. Re-enable Failed Logical Drive 76 Networking features : Server should support below networking cards: 1. 1Gb 4-port network adaptors 2. 10Gb 2-port Ethernet adaptor 3. 10GBaseT 2-port Ethernet adaptor 4. 10/25Gb 2-port SFP28 Ethernet adaptor 5. 10/25Gb 4-port SFP28 Ethernet adaptor 6. 100Gb 2-port QSFP28 Ethernet 7. 100Gb 1-port QSFP56 Ethernet 8. 100Gb 2-port QSFP56 Ethernet 9. 200Gb QSFP56 Ethernet Infiniband Options: 100Gb or 200Gb Single or Dual port Adapter 77 Interfaces : Serial - 1 (Optional) USB support with Up to 5 total: 1 front, 2 rear, 2 internal. 1GbE Dedicated management port 78 Power Supply : Should support hot plug redundant low halogen power supplies with minimum 94% efficiency 79 Fans : Redundant hot-plug system fans 80 Industry Standard Compliance : ACPI 6.3 Compliant PCIe 5.0 Compliant WOL Support Microsoft® Logo certifications PXE Support Energy Star SMBIOS 3.2 UEFI 2.7 Redfish API IPMI 2.0 Secure Digital 4.0 Advanced Encryption Standard (AES) Triple Data Encrytion Standard (3DES) SNMP v3 TLS 1.2 DMTF Systems Management Architecture for Server Hardware Command Line Protocol (SMASH CLP) Active Directory v1.0 ASHRAE A3/A4 81 System Security: UEFI Secure Boot and Secure Start support Tamper-free updates - components digitally signed and verified Immutable Silicon Root of Trust Ability to rollback firmware FIPS 140-2 validation Secure erase of NAND/User data Common Criteria certification TPM (Trusted Platform Module) 1.2 option Configurable for PCI DSS compliance TPM (Trusted Platform Module) 2.0 option Advanced Encryption Standard (AES) and Triple Data Encryption Standard (3DES) on browser Bezel Locking Kit option Support for Commercial National Security Algorithms (CNSA) Chassis Intrusion detection option Secure Recovery - recover critical firmware to known good state on detection of compromised firmware 82 Operating Systems and Virtualization Software Support : Windows Server. Red Hat Enterprise Linux (RHEL) SUSE Linux Enterprise Server (SLES) VMware ESXi. Canonical Ubuntu Oracle Linux and Oracle VM Citrix 83 Provisioning : 1. Should support tool to provision server using RESTful API to discover and deploy servers at scale 2, Provision one to many servers using own scripts to discover and deploy with Scripting Tool (STK) for Windows and Linux or Scripting Tools for Windows PowerShell 84 Firmware security : 1. For firmware security, system should support remote management chip creating a fingerprint in the silicon, preventing servers from booting up unless the firmware matches the fingerprint. This feature should be immutable 2. Should maintain repository for firmware and drivers recipes to aid rollback or patching of compromised firmware. Should also store Factory Recovery recipe preloaded to rollback to factory tested secured firmware 85 Embedded Remote Management and firmware security : 1. System remote management should support browser based graphical remote console along with Virtual Power button, remote boot using USB/CD/DVD Drive. It should be capable of offering upgrade of software and patches from a remote client using Media/image/folder; It should support server power capping and historical reporting and should have support for multifactor authentication 2. Server should have dedicated 1Gbps remote management port 3. Server should have storage space earmarked to be used as a repository for firmware, drivers and software components. The components can be organized in to install sets and can be used to rollback/patch faulty firmware 4. Server should support agentless management using the out-of-band remote management port 5. The server should support monitoring and recording changes in the server hardware and system configuration. It assists in diagnosing problems and delivering rapid resolution when system failures occur 6. Two factor Authentication 7. Local or Directory-based user accounts with Role based access control 8. Remote console sharing upto 6 users simultaneously during pre-OS and OS runtime operation, Console replay - Console Replay captures and stores for replay the console video during a servers last major fault or boot sequence. Microsoft Terminal Services Integration, 128 bit SSL encryption and Secure Shell Version 2 support.Should provide support for AES and 3DES on browser.Should provide remote firmware update functionality.Should provide support for Java free graphical remote console. 9. Should support managing multiple servers as one via Group Power Control Group Power Capping Group Firmware Update Group Configuration Group Virtual Media and Encrypted Virtual Media Group License Activation 10. Should support RESTful API integration 11. System should support embedded remote support to transmit hardware events directly to OEM or an authorized partner for automated phone home support 12. Server should have security dashboard : displaying the status of important security features, the Overall Security Status for the system, and the current configuration for the Security State and Server Configuration Lock features. 13. One-button Secure Erase designed to decommission/repurpose servers 14. NVMe wear level display 15. Workload Performance Advisor - Provides server tuning recommendations to improve server performance 86 Server Management : Software should support dashboard view to quickly scan the managed resources to assess the overall health of the data center. It should provide an at-a-glance visual health summary of the resources user is authorized to view. 87 The Dashboard minimum should display a health summary of the following: • Server Profiles • Server Hardware • Appliance alerts 88 The Systems Management software should provide Role-based access control 89 Zero Touch Provisioning (ZTP) using SSDP with remote access 90 Management software should support integration with popular virtualization platform management software like Vmware vCenter & vRealize Operations, and Microsoft System Center & Admin Center 91 Should help provide proactive notification of actual or impending component failure alerts on critical components like CPU, Memory and HDD. 92 Should provide an online portal that can be accesible from anywhere. The portal should provide one stop, online access to the product, support information and provide information to track warranties, support contrats and status. The Portal should also provide a personalised dashboard to monitor device heath, hardware events, contract and warranty status. Should provide a visual status of individual devices and device groups. The Portal should be available on premise (at our location - console based) or off premise (in the cloud). 93 Should help to proactively identify out-of-date BIOS, drivers, and Server Management agents and enable the remote update of system software/firmware components. 94 Should have dashboard for firmware baselines while performing minimum required firmware checks and highlighting out-of-compliance devices for updates with the selected firmware baseline 95 The Server Management Software should be of the same brand as of the server supplier. 96 Cloud Enabled Monitoring and Management : 1. Secure connection from customer sites to HPE cloud service 2. Unified Identity & Access Management 3. Manages and controls servers regardless of physical location 4. Subscription-based entitlement 5. Efficient Device Onboarding 6. Firmware Update Awareness with Intelligent delta-only based updates 7. Set Group firmware Baseline and Compliance monitoring and notification 8. Group based firmware management that can be scheduled or on-demand 9. Remote Site management with low bandwidth/high latency network connectivity 10. Role-based access and views for managed customer environments 11. GUI and Rest APIs for core features Anti-Virus 97 The solution must utilize Client Server architecture where Central Endpoint Management Console can be used for creating and distributing policies. Central Endpoint Management Console should be able to create, manage and monitor all the endpoints across the organization centrally. Central Endpoint Management Server should utilize On-Premise architecture and no SaaS / Cloud model. 98 The solution should support All-in-One Centralized Management — deploy, manage and monitor Clients on-premise or off-premise. Management Server console also should help to provide real-time control and visibility into endpoints when they are either on or off corporate networks. 99 Solution should support integration and synchronization with Microsoft Active Directory (AD) 100 Solution should support installing and managing agents on Microsoft Windows 10 / 11 & Windows Server 2012+, Mac OS 11+ 101 Solution should support Endpoint Protection features of Anti-Malware, Anti-Exploit, Web Filter, Application Firewall, Vulnerability Assessment and Management, Software Inventory Management and USB Control . 102 Solution should be able to Block Access to Malicious Websites, Scan Compressed Files, Scan Network Files, Scan Removable Media on Insertion, Scan Email attachments. 103 Solution should support easy creation of security profiles with customizable features such as Antimalware, Exploit Prevention, Application Firewall, Web Filter, USB Control etc. applied to specific set of devices or for all devices. 104 The management server should support creation of Custom Installer Packages with included Security Profiles to help simplify deployment and management of endpoints from a single console. 105 Custom Installer Package should be available from web-link of Management Console in MSI / EXE / DMG packages. 106 The centralized management console should be web-based and should support Role Based Access (RBAC). 107 Solution must offer comprehensive client/server security by protecting enterprise networks from Viruses, Trojans, Worms, Network Viruses, Spyware and Rootkits. 108 Solution must provide real-time on-access scanning for file systems to prevent or stop malicious code execution. 109 The proposed solution should provide tamper protection to prevent end-users or malicious actors from disabling the endpoint protection software. 110 Tamper protection should support configurable password in case emergency override is required. 111 The proposed system shall be able to querie a real time database of over 50 million+ rated websites categorized into 70+ unique content categories. 112 Should support Endpoint Quarantine to quickly disconnect a compromised endpoint from the network and stop it from infecting other assets. 113 Solution should be able to detect and prevent communication patterns used by Bots like information about botnet family. 114 Solution should be able to block traffic between infected host and remote C&C operator but at the same time allow traffic to legitimate destinations. 115 The solution should detect and prevent various exploit techniques providing protection against memory-based attacks. 116 Solution should monitor behaviour of applications like Web Browsers (IE, Chrome, Firefox, Opera), Java/Flash plug-ins, Microsoft Office applications, and PDF reader as part of anti-exploit feature. 117 Endpoint solution should have vulnerability scanning feature to check for known vulnerabilities in the endpoints. 118 The solution must support creation of exclusions / exceptions from Central Console and pushing them to the endpoints. It should not require creation of exclusions on individual endpoints. 119 The solution must be provided for 50 endpoint licenses including software updates, upgrades and technical support for 3 years. 120 Bidder has to take care of Installation, commissioning of the End point Agents. Bidder has to provide training to the team. Domain Controller Server 121 Chassis : 1U Rack Mountable 123 CPU : One or two numbers of 4th Generation Intel® Xeon® Scalable Processor 16 Cores. 124 Chipset : Intel® C741 Chipset 125 Memory : 32DIMM slots. 64 GB DIMMS scalable upto 8.0 TB using DDR5 Registered DIMM (RDIMM) operating at 4800 MT/s 126 Bus Slots : Server should support upto eight PCI-Express 5.0 x16 slots. Additional two x8 or higher PCIe 5.0 slots 127 BOOT optimized storage : 4 x 2TB SAS HDD RAID 0,1,5 128 HDD Bays : Upto 30 SFF SAS/SATA/SSD/NVMe or Upto 16 LFF SAS/SATA/SSD or Upto 36 1T EDSFF or 18 2T EDSFF (FUTURE) 129 Controller : Server should support one of the below controllers, must support Mixed Mode which combines RAID and HBA mode operation simultaneously : Embedded / PCIe based x16 RAID controller with 8GB Flash backed write cache, supporting RAID 0, 1, 5, 6, 10, 50, 60. Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 12G SAS, 16G NVMe. or Embedded / PCIe based x16 RAID controller supporting RAID 0, 1, 10. Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 12G SAS, 16G NVMe. or Embedded / PCIe based RAID controller with 4GB Flash backed write cache supporting RAID 0, 1, 5, 6, 10, 50, 60 s Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 12G SAS, 16G NVMe. Above mentioned controller must support following : 1. Hardware root of trust and secure encryption and decryption of critical drive data 2. Online Capacity Expansion (OCE) 3. Configurable stripe size up to 1 MB 4. Global and dedicated Hot Spare with Revertible Hot 5. Instant Secure Erase 6. Migrate RAID/Stripe Size 7. Modifying Cache Write Policy 8. Move Logical Drive 9. Re-enable Failed Logical Drive or PCIe based x32 RAID controller with 8GB Flash backed write cache, supporting RAID 0, 1, 5, 6, 10, 50, 60, 1T, 10T supporting up to 32 direct-connected storage devices (SAS/SATA/NVMe). Must support mix-and-match SAS, SATA, and NVMe drives to the same controller. Controller must support 6G SATA, 24G SAS, 16G NVMe. Controller must support following : 1. Expand Logical Drive 2. Instant Secure Erase 3. Migrate RAID/Stripe Size 4. Modifying Cache Write Policy 5. Move Logical Drive 6. Re-enable Failed Logical Drive 130 Networking features : Server should support below networking cards: 1. 1Gb 4-port network adaptors 2. 10Gb 2-port Ethernet adaptor 3. 10GBaseT 2-port Ethernet adaptor 4. 10/25Gb 2-port SFP28 Ethernet adaptor 5. 10/25Gb 4-port SFP28 Ethernet adaptor 6. 100Gb 2-port QSFP28 Ethernet 7. 100Gb 1-port QSFP56 Ethernet 8. 100Gb 2-port QSFP56 Ethernet 9. 200Gb QSFP56 Ethernet Infiniband Options: 100Gb or 200Gb Single or Dual port Adapter 131 Interfaces : Serial - 1 (Optional) USB support with Up to 5 total: 1 front, 2 rear, 2 internal. 1GbE Dedicated management port 132 Power Supply : Should support hot plug redundant low halogen power supplies with minimum 94% efficiency 133 Fans : Redundant hot-plug system fans 134 Industry Standard Compliance : ACPI 6.3 Compliant PCIe 5.0 Compliant WOL Support Microsoft® Logo certifications PXE Support Energy Star SMBIOS 3.2 UEFI 2.7 Redfish API IPMI 2.0 Secure Digital 4.0 Advanced Encryption Standard (AES) Triple Data Encrytion Standard (3DES) SNMP v3 TLS 1.2 DMTF Systems Management Architecture for Server Hardware Command Line Protocol (SMASH CLP) Active Directory v1.0 ASHRAE A3/A4 135 System Security : UEFI Secure Boot and Secure Start support Tamper-free updates - components digitally signed and verified Immutable Silicon Root of Trust Ability to rollback firmware FIPS 140-2 validation Secure erase of NAND/User data Common Criteria certification TPM (Trusted Platform Module) 1.2 option Configurable for PCI DSS compliance TPM (Trusted Platform Module) 2.0 option Advanced Encryption Standard (AES) and Triple Data Encryption Standard (3DES) on browser Bezel Locking Kit option Support for Commercial National Security Algorithms (CNSA) Chassis Intrusion detection option Secure Recovery - recover critical firmware to known good state on detection of compromised firmware 136 Operating Systems and Virtualization Software Support : Windows Server. Red Hat Enterprise Linux (RHEL) SUSE Linux Enterprise Server (SLES) VMware ESXi. Canonical Ubuntu Oracle Linux and Oracle VM Citrix 137 Provisioning : 1. Should support tool to provision server using RESTful API to discover and deploy servers at scale 2, Provision one to many servers using own scripts to discover and deploy with Scripting Tool (STK) for Windows and Linux or Scripting Tools for Windows PowerShell 138 Firmware security : 1. For firmware security, system should support remote management chip creating a fingerprint in the silicon, preventing servers from booting up unless the firmware matches the fingerprint. This feature should be immutable 2. Should maintain repository for firmware and drivers recipes to aid rollback or patching of compromised firmware. Should also store Factory Recovery recipe preloaded to rollback to factory tested secured firmware 139 Embedded Remote Management and firmware security : 1. System remote management should support browser based graphical remote console along with Virtual Power button, remote boot using USB/CD/DVD Drive. It should be capable of offering upgrade of software and patches from a remote client using Media/image/folder; It should support server power capping and historical reporting and should have support for multifactor authentication 2. Server should have dedicated 1Gbps remote management port 3. Server should have storage space earmarked to be used as a repository for firmware, drivers and software components. The components can be organized in to install sets and can be used to rollback/patch faulty firmware 4. Server should support agentless management using the out-of-band remote management port 5. The server should support monitoring and recording changes in the server hardware and system configuration. It assists in diagnosing problems and delivering rapid resolution when system failures occur 6. Two factor Authentication 7. Local or Directory-based user accounts with Role based access control 8. Remote console sharing upto 6 users simultaneously during pre-OS and OS runtime operation, Console replay - Console Replay captures and stores for replay the console video during a servers last major fault or boot sequence. Microsoft Terminal Services Integration, 128 bit SSL encryption and Secure Shell Version 2 support.Should provide support for AES and 3DES on browser.Should provide remote firmware update functionality.Should provide support for Java free graphical remote console. 9. Should support managing multiple servers as one via Group Power Control Group Power Capping Group Firmware Update Group Configuration Group Virtual Media and Encrypted Virtual Media Group License Activation 10. Should support RESTful API integration 11. System should support embedded remote support to transmit hardware events directly to OEM or an authorized partner for automated phone home support 12. Server should have security dashboard : displaying the status of important security features, the Overall Security Status for the system, and the current configuration for the Security State and Server Configuration Lock features. 13. One-button Secure Erase designed to decommission/repurpose servers 14. NVMe wear level display 15. Workload Performance Advisor - Provides server tuning recommendations to improve server performance 140 Server Management : Software should support dashboard view to quickly scan the managed resources to assess the overall health of the data center. It should provide an at-a-glance visual health summary of the resources user is authorized to view. 141 The Dashboard minimum should display a health summary of the following: • Server Profiles • Server Hardware • Appliance alerts 143 The Systems Management software should provide Role-based access control 144 Zero Touch Provisioning (ZTP) using SSDP with remote access 145 Management software should support integration with popular virtualization platform management software like Vmware vCenter & vRealize Operations, and Microsoft System Center & Admin Center 146 Should help provide proactive notification of actual or impending component failure alerts on critical components like CPU, Memory and HDD. 147 Should provide an online portal that can be accesible from anywhere. The portal should provide one stop, online access to the product, support information and provide information to track warranties, support contrats and status. The Portal should also provide a personalised dashboard to monitor device heath, hardware events, contract and warranty status. Should provide a visual status of individual devices and device groups. The Portal should be available on premise (at our location - console based) or off premise (in the cloud). 148 Should help to proactively identify out-of-date BIOS, drivers, and Server Management agents and enable the remote update of system software/firmware components. 149 Should have dashboard for firmware baselines while performing minimum required firmware checks and highlighting out-of-compliance devices for updates with the selected firmware baseline 150 The Server Management Software should be of the same brand as of the server supplier. 160 Cloud Enabled Monitoring and Management : 1. Secure connection from customer sites to HPE cloud service 2. Unified Identity & Access Management 3. Manages and controls servers regardless of physical location 4. Subscription-based entitlement 5. Efficient Device Onboarding 6. Firmware Update Awareness with Intelligent delta-only based updates 7. Set Group firmware Baseline and Compliance monitoring and notification 8. Group based firmware management that can be scheduled or on-demand 9. Remote Site management with low bandwidth/high latency network connectivity 10. Role-based access and views for managed customer environments 11. GUI and Rest APIs for core features 24 PORT SFP SWITCH 161 The switch should have minimum 24 x ports 10/100/1000 BASE-T ports and 4 x 1/10 SFP ports. 162 The switch should have 128 Gbps of Switching Capacity 163 Switch shall have minimum 512MB SDRAM, 256MB flash and 1.5MB Packet buffer size 164 The Switch should support 8000 MAC address 165 Switch shall support Dual stack (IPv4 and IPv6) transitions, MLD snooping, IPv6 ACL/QoS 166 The Switch should support Uni-directional Link Detection (UDLD) or equivalent feature 167 Switch should support IEEE 802.1Q VLANs with 4096 VLANs simultaneously, GVRP 168 The Switch should support Zero-Touch Provisioning (ZTP) or equivalent technology support. 169 Switch shall support sFlow/ Netflow or equivalent 170 The Switch should have support Rapid Per-VLAN Spanning Tree (RPVST+)/PVRST+, RSTP, MSTP 171 The Switch should have support for Static IP routing 172 Switch shall have support for CLI, GUI, SSHv2, SSL and SNMP v3 173 Proposed switches, transceivers and wireless equipment should from same OEM for interoperability and ease of management. 174 3 -year NBD support should be provided directly from OEM Cat 6 UTP Cable 175 23 AWG Annealed bare solid copper, CAT-6 UTP Cable 176 PAIRS Color code: Blue / White-Blue, Orange / White-Orange Green / White-Green, Brown / White – Brown 177 Type Of Conductors: 4 pair 23 AWG Conductors and star separator. 178 Cable Pull Tension Thread & FR Grade PVC 179 Jacket : Fire Retardant PVC 180 Frequency : Characterized to 600 MHz 181 Standard length: 305 Mtrs (1000 ft.) 182 Outer Sheath Colour : Blue 183 Standards: UL Listed, ETL Tested & Verified 184 Gigabit Requirements’: Should meet or exceed Gigabit Ethernet requirements at 100 Mtrs. 185 Insulation : Polyethylene 186 Star Separator should be provided for the 4 Pairs 187 Jacket : Flame Retardant PVC 188 Performance Characteristics- Category 6 EIA/TIA 568.C.2 189 ETL Verified up to 400 MHz 190 ROHS Complaint 191 25 years Warranty 12 Core Single Mode Optical Fibre Cable 192 Optical fibres in water blocked loose tube, taped, corrugated steel tape armoured (STA) polyethylene (HDPE) outer sheathed embedded with two steel wires on the periphery. The cables are with UV Stabilized PE Jacket and protected from Rodent attacks. 193 Fiber Type: Complying to ISO/IEC 11801, EN50173, ANSI/TIA 568-C.3, Telcordia GR-20; suitable for use in indoor / outdoor ducts, direct burial and backbone cabling. 194 Construction type : Single Mode, 9/125 micron primary coated buffers, OS2 (IEC 60793-2-50, B1.3 and ITU T G652.d). Shall be manufactured using Vapor Axial Deposition technology. 195 No of fibres: 3.0/2.0 mm nominal OD/ID 196 Fibre colour sequence : 12 Blue, Orange, Green, Brown, Slate (Grey), White, Red, Black, Yellow, Violet, Pink, Aqua 197 Water Blocking 198 Core Wrapping : Thixotropic Gel (Tube) Petroleum Jelly (Interstices) 199 Armouring: Polyethylene Terephthalate Corrugated Steel Tape Armour (ECCS Tape) 200 Peripheral Strength Member Thickness > 0.125mm 201 Ripcord : Two Steel wires (0.9 mm dia) 202 Standards : The cable should be anti-termite and antirodent. 203 Complying to ISO/IEC 11801 2nd Edition, type OS1/OS2; AS/ACIF S008; AS/NZS 3080 ; TIA/EIA 568.C.3; IEC-60793-1, 60793-2 204 Mechanical characteristics : EN50173, ANSI/TIA 568-C.3, Telcordia GR-20; suitable for use in indoor / outdoor ducts, direct burial and backbone cabling 205 Mass (Nominal): 9.0 MM8 0 kg/km 206 Cable length2 km ± 10% 207 Max. Bending Radius (during installation) 20 X Overall diameter 208 Max. Bending Radius (during full load): 10 X Overall diameter 209 Max. Tensile Strength-Short Term1500N 210 Max. Crush Resistance-Short Term: 2000N/10 cm 211 Operating Temperature range-40°C ±70°C 212 Optical characteristics Core Diameter @ 1310nm 213 RoHS Complaint Total Quantity : 3543
