IIM a Bid Document Technical Bid

8/18/2019 IIM a Bid Document Technical Bid

1/55

Request For Proposal

No: IIMA/CCSP/072/2015-16

Dated March 11, 2016

Request for Proposal (RFP)

For

IIMA New Campus Wireless Local Area Network (WLAN)

Based on the IEEE 802.11ac Standard

STAGE 1

BID DOCUMENT 2

TECHNICAL BID

Version 1.0

Client

Head Information & Communications TechnologyIndian Institute of Management Ahmedabad

Vastrapur

Ahmedabad 380 015

Gujarat, India.

Telephone: +91 79 6632 4126

Fax: +91 79 6632 6896

Website : www.iima.ac.in

E-mail: [email protected]

http://www.iima.ac.in/http://www.iima.ac.in/http://www.iima.ac.in/mailto:[email protected]:[email protected]:[email protected]:[email protected]://www.iima.ac.in/


2/55

This document is the property of IIMA. It should not be used in any form except for bidding for theRFP No: IIMA/CCSP/072/2015-16 dated March 11, 2016

Technical Bid Version 1.0 Page 2 of 55

TABLE OF CONTENTS

CHAPTER 1.................................................................................................................................. 4

1.0 TECHNICAL BID REQUIREMENTS 4

CHAPTER 2.................................................................................................................................. 6

2.0 WLAN TECHNICAL SPECIFICATIONS 6

2.1 WLAN SYSTEM & CONTROLLER ............................................................................... 6

A. WLAN SYSTEM ARCHITECTURE ............................................................................ 6

B. WLAN SYSTEM QOS / VLAN FEATURES ................................................................ 8

C. WLAN SYSTEM ROAMING FEATURES .................................................................. 9

D. VOICE over WLAN FEATURES ............................................................................... 9

E. WLAN SYSTEM MANAGEMENT FEATURES ........................................................ 10

F. WLAN SYSTEM SECURITY FEATURES .................................................................. 12

G. WLAN SYSTEM REDUNDANCY, RELIABILITY & RESILIENCE FEATURES .............. 15

H. WLAN SYSTEM SCALABILITY FEATURES ............................................................. 16

J. NETWORK MANAGEMENT SYSTEM (NMS) ........................................................ 17

2.2 IN-ROOM WIRELESS ACCESS POINT ....................................................................... 192.3 INDOOR / CORRIDOR WIRELESS ACCESS POINT ..................................................... 20

2.4 OUTDOOR WIRELESS ACCESS POINT ...................................................................... 22

CHAPTER 3................................................................................................................................ 25

3. SWITCH SPECIFICATIONS 25

3.1 24 PORT L3 AGGREGATION SWITCH – 4 NOS REQUIRED ...................................... 25

3.1A ARCHITECTURE / PERFORMANCE ........................................................................ 25

3.1B STACKING ............................................................................................................. 26

3.1C POWER MANAGEMENT ....................................................................................... 26

3.1D PHYSICAL DIMENSIONS ....................................................................................... 27

3.1E LAYER 1 FEATURES ............................................................................................... 27

3.1F LAYER 2 FEATURES ............................................................................................... 27

3.1G LAYER 3 FEATURES............................................................................................... 28

3.1H SOFTWARE DEFINED NETWORKING (SDN) ......................................................... 293.1I QUALITY OF SERVICE (QoS) ................................................................................... 29


3/55



3.1J SECURITY ............................................................................................................... 30

3.1K HIGH AVAILABILITY .............................................................................................. 30

3.1L MANAGEMENT, DEPLOYMENT & CONTROL ........................................................ 31

3.1M MULTICAST PROTOCOLS ..................................................................................... 32

3.1N REGULATORY COMPLIANCE / CERTIFICATIONS .................................................. 33

3.2 48 PORT PoE/PoE+ L2 STACKABLE ACCESS SWITCH – 30 NOS REQUIRED ............ 34


3.2B LAYER 2 FEATURES ............................................................................................... 35

3.2C LAYER 3 IP ROUTING FEATURES ........................................................................... 36

3.2D SWITCH STACKING ............................................................................................... 36

3.2E POWER MANAGEMENT ....................................................................................... 37

3.2F PHYSICAL DIMENSIONS ........................................................................................ 38

3.2G QUALITY OF SERVICE (QoS) ................................................................................. 38

3.2H TRAFFIC MANAGEMENT & SMART OPERATIONS ................................................ 39

3.2I OPERATIONAL SIMPLICITY .................................................................................... 40

3.2J NETWORK & DEVICE MANAGEMENT ................................................................... 41

3.2K SECURITY .............................................................................................................. 42

3.2L HIGH AVAILABILITY, REDUNDANCY& RESILIENCY ................................................ 43

3.2M REGULATORY COMPLIANCE / CERTIFICATIONS ................................................. 44

3.3 24 PORT PoE/PoE+ L2 STACKABLE ACCESS SWITCH – 22 NOS REQUIRED ............. 45


3.3B LAYER 2 FEATURES ............................................................................................... 46

3.3C LAYER 3 IP ROUTING FEATURES ........................................................................... 47

3.3D SWITCH STACKING ............................................................................................... 47

3.3E POWER MANAGEMENT ....................................................................................... 48

3.3F PHYSICAL DIMENSIONS ........................................................................................ 49

3.3G QUALITY OF SERVICE (QoS) ................................................................................. 49

3.3H TRAFFIC MANAGEMENT & SMART OPERATIONS ................................................ 50

3.3I OPERATIONAL SIMPLICITY .................................................................................... 50

3.3J NETWORK & DEVICE MANAGEMENT ................................................................... 52

3.3K SECURITY .............................................................................................................. 53

3.3L HIGH AVAILABILITY, REDUNDANCY, & RESILIENCY .............................................. 543.3M REGULATORY COMPLIANCE / CERTIFICATIONS ................................................. 55


4/55



CHAPTER 1

1.0 TECHNICAL BID REQUIREMENTS

The technical requirements outlined here in Part 2 are designed to raise the bar on thefunctional capabilities needed to meet the Institute’s present and future demands on

connecting wireless users to network applications anywhere, anytime, and on any device.

The Bidder has to answer all questions truthfully and accurately in the Technical Bid. All

requirements are MANDATORY and there are no options whatsoever. Any deviations

should be clearly documented and explained in the Technical Bid. Failure to provide truthful,

accurate and factual answers can lead to disqualification of the concerned Bidder. The

Bidder cannot ask a third a party to prepare the same on his behalf.

The Technical Bid shall contain all the relevant information which forms part of the technicalspecifications. The information provided in the Technical Bid will be used for

understanding, assessing, and evaluating the technical superiority, quality, functionality,

fit, relevance, longevity, maintainability, scalability, and cost effectiveness of the solution

being proposed by the Bidder. The technical score for the Bidder will depend on the

information provided herein. This information should include items such as:

1. Provide an overview of the WLAN System and switching architecture and elements,

highlighting key features, advantages, USPs, investment protection characteristics, Total

Cost of Ownership (TCO), etc.

2. A Comprehensive Project Plan detailing project implementation phases, resources to be

deployed, timelines, assumptions, etc. to deliver the WLAN and switching solution

within budget and time. A significant concern is how the WLAN will be planned and

designed, incorporating both coverage and capacity needs and also future expectations.

After the site survey, the questions below will become crucial and the Bidder will be

expected to provide detailed answers to them:

2.1. To what extent will site surveys be required again when a floor plan or office layout

changes?

2.2. Does the WLAN System allow for the integration of floor plans (e.g. DXF / DWG /

JPEG / PNG) to spatially determine the number and placement of APs)?

2.3. How do the planning process and tools determine the number and placement of

APs to deploy? Describe how bandwidth and power requirements are incorporated

into this design. Please highlight where processes are automated.

2.4. Describe how “what-if” scenario planning is handled. Describe the ability to handle

network designs requiring more or less bandwidth capacity, various radio

technologies, and differences in office layout or other potential RF obstructions.

2.5. How does the planning process and tools determine the various APs’ RF channel

assignments, power levels, and association rates? Please highlight where processes

are automated.

2.6. How does the WLAN System help plan for redundancy?

2.7. The Institute Campus is a large and complex facility with many physical and natural

obstacles. In future we would like to run voice over Wi-Fi (soft phones). How will theWLAN System ensure seamless RF coverage in such an environment? Can the


5/55



System validate the RF?

2.8. Please describe how the system plan becomes incorporated (configured and

deployed) into the actual equipment. Please highlight where processes are

automated.

3. Complete technical specifications of all components such as Controller, AP,

Management Software, Ethernet POE/POE+ switches, etc. and whether compliant or not

as given in the tabular format below.

4. Details of very clearly defined milestones to be given for the entire Project.

5. Details about appropriate system, design, coverage diagrams, power budgets, and user

documentation to be provided.

6. Complete details related to manpower that will be deployed (number, ranks,

experience, reporting structure, qualification, etc.)

7. Explicit statements about any quality additive enhancements.

8. Any computing and/or networking equipment that will be stationed at IIMA for

delivering the needed services.

9.

Transition, migration, and any parallel runs that are proposed.10. Testing Plans and Test scenarios to be deployed.

11. A post-implementation plan to rectify any Wi-Fi/switching issues.

12. Any other relevant and pertinent information deemed fit by the Bidder.

In summary IIMA is looking for the following value proposition:

Best-in-Class Coverage, Capacity and Reliability resulting from superior antenna

technology incorporating advanced beam forming capabilities.

Unmatched user experience (UX) due to automated adaptation to client devices and

their orientation. Highly Scalable Solution with respect to Controller capacity. The WLAN System

should be capable of scaling up to and controlling at least 6,000 APs.

Lowest TCO Guaranteed – less number of APs, less cabling, lesser switch ports, lower

power consumption, simplest management & zero hidden costs.

A Carrier-Grade Solution.

All the above information should be organized in a logically structured form and submitted

as Technical Bid with an index. The Bidder is free to add any information that can help in

assessing technical quality, superiority, relevance, etc. of the solutions proposed and which

touches upon the parameters/attributes for technical assessment given in Chapter 6 inPart-1 of Pre-qualification document.

The following optics components are required in total for all the new switches being

proposed in this Technical Bid document:

4 x 10G SM SFP+ LC connectors

76 x 1G MM SFP LC connectors

10 x 1G Copper SFP (CAT6) connectors

Annexure C shows the proposed POE/POE+ and Aggregation switches layout and theexisting and proposed new cabling layout at the New Campus.


6/55



CHAPTER 2

Please note that in all the tables given below there are two types of questions given. The

first type is where you have to give either a Yes or No answer in the 3rd

column. The second

type of question requires that you provide a Descriptive / Explanatory Answer and here the3

rd column is marked as DEA. These points should be answered in a descriptive / explanatory

manner and you may provide them on separate sheets of paper with the correct numbering

scheme and headings given below OR if the answer is short you may provide it in the

REMARKS column. Please also note it will not be acceptable to simply provide a hyperlink of

the explanation.

2.0 WLAN TECHNICAL SPECIFICATIONS

SR

NO

SPECIFICATION / FEATURE COMPLY

YES or NO

REMARKS

2.1 WLAN SYSTEM & CONTROLLER

A. WLAN SYSTEM ARCHITECTURE

A1 The WLAN System is based on the IEEE 802.11ac Wave 2

standard and is backwards compatible with IEEE 802.11

a/b/g/n and ac Wave 1 standards.

A2 The WLAN System configuration is scalable with field

upgradeable licenses to add more APs in a granular fashion.

A3 What is the maximum number of APs supported by each

WLAN Controller without any degradation in performance?

DEA

A4 The WLAN Controller provides air-time fairness between

clients of different speeds. Slower clients are not starved by

the faster clients and faster clients are not adversely affected

by the slower clients.

A5 Explain the protocols / methodology used to achieve airtime

fairness.

DEA

A6 The WLAN System / Access Points support automatic channel

selection for interference avoidance.

A7 The WLAN System supports both encrypted (secure) and

unencrypted configuration. Please specify which protocols are

supported.

DEA

A8 If certain channels are known to be bad / unusable, is

blacklisting of these certain channels / channel ranges

supported?

DEA

A9 The WLAN System is certified by the Wi-Fi Alliance.

A10 The WLAN System supports Hotspot 2.0 (Wi-Fi Alliance

Passpoint).

A11 The proposed WLAN Architecture supports a distributed data

forwarding / local breakout architecture in which only controland voice traffic is tunnelled to the centralized WLAN


7/55



SR

NO


YES or NO

REMARKS

Controller while all client data traffic is forwarded directly

towards destination via the clients’ default gateway.

A12 There should be no loss of functionality, or caveats, or loss of

features/capacity/performance that is exhibited by the

solution in the distributed forwarding mode. If otherwise,

please explain.

DEA

A13 For each WLAN (SSID) segment, there should be an option to

tunnel traffic to the Controller either in an encrypted or

unencrypted format.

A14 Network traffic can be restricted, permitted or prioritized on

the following parameters:

A12.1 User

A12.2 Group of Users

A12.3 SSID

A12.4 Application

A12.5 Source / Destination IP

A12.6 Protocol

A12.7 and COS

Additionally such traffic restriction, permissions,

prioritizations, is supported by groups / users / roles using MS

Active Directory / LDAP / RADIUS implementations.

A15 The WLAN System architecture and design provides for

resiliency and redundancy wherein there is no single point of

failure.

A16 The WLAN System solution is a scalable 2 tier integrated

architecture, with centralized management, is highly secure

and auditable, and user friendly.

A17 Please describe any aspects of the architecture that help the

network scale on the following attributes:

Throughput

User and System Control

Management

Increasing Total Traffic

DEA

A18 The WLAN System supports centralized configuration,

provisioning, change management and reporting features

using a menu driven GUI.

A19 The WLAN System supports IPv4 and IPv6 from Day 1. The

OEM/Bidder must submit supporting documents for proof.

A20 The centralized WLAN Controller architecture is capable of

supporting intelligent/autonomous APs with encryption /

decryption of 802.11 packets being performed at the Access

Point itself, to enable a mesh deployment in future if

required.

A21 The WLAN System supports Band Steering wherein 5 GHz


8/55



SR

NO


YES or NO

REMARKS

clients are encouraged to connect over 5GHz radio to provide

better load balancing among 2.4GHz and 5GHz radios.

A22 The WLAN System supports multicast traffic. If so how does

the WLAN System determine the data rate when serving

many clients?

DEA

A23 The WLAN System supports the 802.11d standard.

A24 The WLAN System supports the 802.11h standard.

A25 The WLAN System supports compulsory automatic channel

selection to counter channel interference conditions.

A26 The WLAN System supports automatic transmit power

adjustments in order to reduce/avoid interference between

the deployed access points. The Bidder to describe any other

mechanisms inherent in their solution that helps in mitigatinginterference conditions.

DEA

A27 The WLAN System supports polarization diversity (adapts

signals to device orientation) to improve the transmission and

reception of Wi-Fi signals for low power mobile devices in

order to enhance overall performance and reliability. The

Bidder’s claim will have to be demonstrated during technical

evaluation/POC.

A28 The WLAN System supports advanced QoS traffic inspection

and handling, application-aware heuristics, and prioritizing of

sensitive traffic.

A29 The WLAN System supports plug-and-play multimedia

capability and is able to optimize voice and video reliability

and consistency.

B. WLAN SYSTEM QOS / VLAN FEATURES

A significant concern is the preservation of existing network engineering in the form of VLANs

and QOS parameters already deployed on the wired network. The questions below are focused

on understanding the VLAN and QOS implementation of the proposed system.

B1 The WLAN System supports advanced multicast features and

WMM support to provide best performance on video

applications.

B2 The WLAN System supports Voice Call Admission Control.

B3 The WLAN Controller is capable of prioritizing traffic for

different applications based on QoS parameters. Please

describe the mechanism that is deployed and supported to

achieve this.

DEA

B4 The WLAN Controller provides for self-healing on detection of

RF interference or loss of RF coverage.

B5 The WLAN Controller provides for dynamic client loadbalancing to automatically distribute clients to the least


9/55



SR

NO


YES or NO

REMARKS

loaded Channel or AP.

B6 The WLAN System supports multiple VLANs over the air.

B7 The WLAN System supports 802.1X dynamic VLAN policies.B8 The WLAN System allows IT personnel to limit multicast traffic

in the VLAN.

B9 What is the maximum number of VLANs that can be

supported on a single WLAN Controller?

DEA

B10 The WLAN Controller supports DSCP (Diffserve).

C. WLAN SYSTEM ROAMING FEATURES

Wireless is all about enabling mobility and roaming. Therefore it is critical that roaming does

not complicate deployment or troubleshooting, compromise security or create unnecessary

user hassles with multiple client logins and authentications. The following questions are

designed to gauge how the proposed system supports roaming.

C1 The WLAN System supports roaming between APs or between

WLAN Controllers when the APs or Controllers reside on

different IP subnets (across L3 domains).

C2 The users can maintain the same IP address as they roam.

C3 A roaming user does not need to re-authenticate or re-login.

C4 The user’s subnet attributes (VLAN, ACLs, route policies)

follow the user as he/she roams on the IIMA Campus.

C5 Describe mechanisms that aid in the smooth roaming ofvarious types of clients including “sticky clients” across the

campus / across APs / VLANs / subnets

DEA

D. VOICE over WLAN FEATURES

In future, there will be a need to support both voice and data services over the same WLAN

infrastructure. The following questions are designed to discover how the WLAN system

supports voice.

D1 Describe the systems design approach for optimising the

network for handling VoIP applications.

DEA

D2 Describe the suitability of this architecture for supporting

Voice over WLAN and how the architecture may help voice

service.

DEA

D3 The WLAN System supports 802.11e and related standards to

preserve voice prioritization. If so does it support:

WMM?

WMM Powersave (U-APSD)?

D4 Please specify the brands and models of the soft phones that

will be supported on the WLAN system.

DEA

D5 The WLAN System supports seamless roaming betweennetworks (e.g. FMC, Wi-Fi, and cellular roaming). Please

DEA


10/55



SR

NO


YES or NO

REMARKS

describe briefly how this is achieved.

D6 The WLAN System supports dual band handsets.

E. WLAN SYSTEM MANAGEMENT FEATURES

E1 The WLAN System allows Administrators to create device

groups, allocate device groups to users and display such

information on the IIMA topology map in real time.

E2 The topology map of the buildings can be imported to the

WLAN environment from popular formats like DWG, DXF,

Visio, etc.

E3 The WLAN System supports VLAN pooling that will ensure

dynamic assignment of VLANs to the same SSID. The VLAN

pool should be associated with multiple SSIDs.

E4 The WLAN System supports policy based forwarding. The

policy-based forwarding mode allows users to classify data

traffic based on ACL and choose local or centralized

forwarding. Policy-based forwarding can be applied based on

SSID or user-profile. That means a forwarding policy can be

applied on a SSID or a specific user or a group of users.

E5 The WLAN System supports AP grouping to enable an

Administrator to easily apply AP based or radio based

configurations to all the APs that are in the same group.

E6 The WLAN System supports staged firmware upgrades to

enable an Administrator to selectively upgrade APs or a group

of APs. This feature would help minimize the impact of

upgrading large deployments of APs to a new firmware

version.

E7 The WLAN System allows network managers to set, change,

and synchronize passwords and security features for CLI

access, web access, SNMP access, and RADIUS properties and

access policies.

E8 The WLAN System supports a seamless roaming facility across

the entire managed campus / LAN connected Access Points.

E9 The WLAN System supports Controller discovery across

Layer-3 network through DHCP or DNS option.

E10 The WLAN System supports the deployment of software

upgrades to one or more Access Points, or a group of Access

Points from a centralized console.

E11 The WLAN System provides comprehensive management

reports on wireless usage, downtime, performance, etc.

E12 The WLAN System supports a global search feature to easily

find information on various parameters such as stations (e.g.IP, MAC address, type) and Access Points.


11/55



SR

NO


YES or NO

REMARKS

E13 The WLAN System supports native Bonjour protocol for mDNS

in Apple devices in the most efficient manner.

E14 The Bidder to provide technical details on how the Bonjour

protocol is handled on the WLAN.

DEA

E15 The WLAN System supports monitoring of network

performance and client stations.

E16 The WLAN Controller supports BYOD features such as

Dynamic Pre-Shared key (PSK), simple on-boarding or Zero IT

activation, Role Based Access, complete device visibility,

control of device types, and ACLs based on device types, user

types, user roles, user groups etc.

E17 The WLAN System has full-fledged Radius functionality and

certificate management capabilities, without anydependencies on external PKI infrastructures.

E18 The WLAN System is able to on-board all types of devices

(Mac / iOS / Android / Linux / Ubuntu / Blackberry /Chrome

Books /etc.) including the upcoming IOT devices and wired

devices (desktops/laptops). This feature might need to be

demonstrated during the POC.

E19 The WLAN System is able to discriminate between Domain

devices and non-Domain devices and assign differential

policies accordingly.

E20 The Bidder to specify if any of the above mentioned BYODfeatures requires additional purchase (licensing) of any other

hardware and/or software and its licensing mechanism.

Bidder to include in his bid the BYOD solution for supporting

10,000 users (staff/students and Guests combined) and

20,000 devices.

DEA

E21 When a wireless mesh is enabled, the WLAN Controller is able

to show the mesh topology on IIMA floor plans in real time

and also facilitate troubleshooting by showing MESH link

strengths and MESH link throughputs.

E22 The Bidder should specify, supply and implement ALL features(full stack) that are available with the WLAN Controller

proposed. No other additional software requirements will be

accepted or allowed.

DEA

E23 The WLAN Controller supports SNMP for remote monitoring

and management. All components should be supplied with

MIBs for each such device which can be imported into a

central monitoring system which IIMA may buy un future. The

Bidder to specify all versions of SNMP supported.

E24 In order to have good visibility on the utilization of an Access

Point, the WLAN Controller provides the following statisticsfor each Access Point:


12/55



SR

NO


YES or NO

REMARKS

List of all the SSIDs deployed on each of the radio of

the Access Point

Average client RSSI

Data sent/received

Statistics on retransmitted packets

E25 In order to troubleshoot issues with a specific device, the

WLAN Controller shows the following statistics:

AP to which the client is associated

Signal strength of the client as measured by the AP

All alarm/event messages related to that client

including association and de-association

Amount of data received/transmitted by the client

E26 The WLAN system provides automated configuration

verification.

E27 Are there any configuration changes needed on aggregation

or edge switches or routers? Please provide details if yes.

DEA

E28 The APs automatically configure themselves for optimal

channel and transmit power when they become operational.

E29 The WLAN System allows an IT Administrator to force a user

off the network.

E30 The WLAN System allows an IT Administrator to setup a user

session timeout.

E31 The WLAN System is capable of monitoring a user’sbandwidth consumption, system performance, roaming path,

and time on the system and also provide historical reports of

all such parameters specified herewith.

E32 The WLAN System is capable of providing a breakdown of

bandwidth usage by user or any other groupings.

E33 The WLAN System ties to AAA accounting.

E34 The WLAN System is capable of printing randomly generated

username/passwords with predefined time or data limit for

Internet access to guests.

E35 The WLAN System is capable of enabling network-widechange management.

F. WLAN SYSTEM SECURITY FEATURES

A significant concern is the breadth of security measures supported by the proposed WLAN

System. The following questions are designed to determine standards adherence, range of

security protocols supported, and future-proofing the WLAN System. Another security goal is

use the system as a mechanism for detecting and locating rogue points and users and barring

them from the network.

F1 The WLAN Controller and AP communications are over anencrypted tunnel to ensure end-to-end security of user


13/55



SR

NO


YES or NO

REMARKS

information.

F2 The WLAN System supports detailed audit logging of

Administrator activities with date/time stamp and this

information is available from a central console.

F3 The WLAN System supports audit log export to an external

server using syslog functionality.

F4 The WLAN System supports Intrusion Detection and

Prevention (WIDS/WIPS) for all types of malicious and rogue

Access Points. Please specify where this Intrusion Detection is

done – at the AP level OR at the Controller level.

F5 The WLAN System provides for remediation against rogue APs

and denial of service attacks. Please specify where this

remediation is done – at the AP level OR at the Controllerlevel.

DEA

F6 The WIDS / WIPS features have integrated configuration and

management features.

F7 The intrusion alarms automatically roll up in the WLAN

System management console.

F8 The WLAN System management console provides a single

consolidated view of intrusion alarms and WLAN status.

F9 The WLAN System performs rogue AP detection

automatically. Please explain in detail how this is done.

DEA

F10 What countermeasures are employed against rogue APs thatare found?

DEA

F11 The WLAN Controller supports the functionality to verify

whether a client’s IP address can be dynamically allocated.

F12 The WLAN Controller automatically blocks manually assigned

IP addresses in both a distributed and centralized

architecture.

F13 The WLAN System provides mandatory L2/L3/L4 Access

Control.

F14 The WLAN System supports Access Control based on

device-types.F15 The WLAN System can ban/bar specific devices based on their

MAC address, IP, or other identifiable parameters.

F16 The WLAN System supports Application Visibility and Control

from the managed Access Points itself.

F17 The WLAN System supports the whitelisting / blacklisting of

certain popular applications.

F18 The WLAN Controller supports L2 Client isolation as a

configurable feature so that users cannot access each other’s

devices irrespective of whether they are connected to the

same SSID/same radio/same AP or different Access Points.F19 The WLAN System supports 802.1X.


14/55



SR

NO


YES or NO

REMARKS

F20 The WLAN System has full-fledged Radius functionality and

certificate management capabilities, without any

dependencies on external PKI infrastructures.

F21 The WLAN Controller supports the following standards for

Security, Authentication, and Encryption:

WIRELESS SECURITY: WEP, WPA-TKIP, WPA2-AES,

802.11i

AUTHENTICATION : 802.1X, local database

RFC 1321 MD5 Message-digest algorithm

RFC 2246 TLS protocol version 1.0

RFC 3280 Internet X.509 PKI certificate and CRL profile

External AAA servers: Active Directory, RADIUS, LDAP,

TACACS (AD should be supported out of the box. There

should be no need additionally implement

LDAP/RADIUS server /app/service on the Windows AD

server.)

ENCRYPTION: WEP 64 and 128 bit, TKIP, SSL, TLS, RC4

128 bit.

F22 The WLAN System is able to create a local database for a

minimum of 10,000 users / clients for the purpose of

role-based access.

F23 Please specify the maximum number of concurrent users

supported on the local database created by the WLAN

System.

DEA

F24 The WLAN System supports seamless direct integration with

Microsoft Active Directory without any use of additional

hardware or software to be installed on the Windows AD

server.

F25 Does the WLAN System require any additional hardware or

software for integration with Active Directory? If yes, please

state so and provide the necessary cost in the Commercial

Bid.

DEA

F26 The WLAN System provides a syslog for system monitoring.

F27 The WLAN Controller provides a captive portal to

authenticate users that are not part of the organization. The

solution should be able to provide a web-based application

that allows non-technical staff to create short-lived guest

accounts and passwords that expire automatically.

F28 The Secure Portal is able to provide secure time-bound or

data based limits access for Guests / Visitors/ Contract Staff /

Temporary Staff.

F29 The WLAN System supports Role Based Access features such

as WLAN access, VLAN assignment, rate limiting, device-types

permitted for use, guest access administration, Controller


15/55



SR

NO


YES or NO

REMARKS

administration, etc., based on roles created.

F30 The WLAN System permits access passwords to be sent

directly through SMS to the guests OR allow guests access to

the captive portal for credentials submission.

F31 The WLAN Controller supports a Guest Access feature, i.e. a

secure, time-bound, role specific Internet access to visitors

/guests / contractors etc. through a randomly generated

access key.

F32 The WLAN Controller supports communication of the Access

Key to a guest via either a printout or SMS message.

F33 The WLAN System supports self-provisioning by the visitor /

guest / contractor / temporary staff with or without needing

approval from the visited authority (sponsorship).F34 The WLAN System provides and ensures secure Guest

on-boarding and access through WPA2-Enterprise

mechanism, so that the Guest’s traffic (transactions) over the

air are encrypted.

F35 What methods of authentication are supported? DEA

F36 The WLAN System supports web-based AAA.

F37 Which EAP protocols are supported? DEA

F38 The WLAN Controller acts as an AAA server for its wireless

clients.

F39 Where does the system store user and network data? DEAF40 Is there any data stored locally on the APs? DEA

F41 The WLAN System supports direct access to the APs.

F42 The WLAN System supports per-user-in-bound and out-bound

extended ACLs? Per-port ACLs? Per-VLAN ACLs.

F43 The WLAN System includes a utility for a non-technical

designee (e.g. receptionist) to supply temporary credentials to

guests. If so, does the provisioning of the credentials affect

the Controller’s configuration?

DEA

F44 The WLAN System enables scalability through distributed

cryptography.F45 Does the WLAN System require centralized encryption of

wireless data at the Controller?

F46 Is any sensitive data stored locally on the APs? If so, what type

of data is stored there?

DEA

F47 The WLAN System is capable of connecting and / or

disconnecting a user session.

G. WLAN SYSTEM REDUNDANCY, RELIABILITY & RESILIENCE FEATURES

For IIMA, Wi-Fi is becoming the primary means of network access for students, faculty, andadministration staff. Therefore it is critical to understand the resilience, reliability, and


16/55



SR

NO


YES or NO

REMARKS

redundancy features of the proposed hardware.

G1 The WLAN Controller hardware has a minimum of two

numbers of 1 GigE ports and a console port connection via

either RS-232 or RJ-45 or mini USB.

G2 The WLAN Controller has hot swappable redundant power

supplies.

G3 The WLAN Controller can be offered as a hardware appliance

OR as a virtualized appliance; hardware to be a 19” Rack

mountable appliance. Hardware configuration needed for the

virtualized appliance and any virtualization software licenses

required to be specified by the Bidder.

DEA

G4 The WLAN Controller supports the following redundancy

topologies: Active-Active, Active-Standby and N+1redundancy.

G5 The WLAN Controller supports Spectrum Analysis feature to

detect interference from different Wi-Fi and non-Wi-Fi

sources.

G6 The WLAN System supports survivability features. In the

event the WLAN Controller fails, the managed Access Points

should continue to provide service to connected clients and

new clients for a configurable period of time.

G7 The WLAN System supports Controller discovery on the same

L2 domain without requiring any configuration on the AccessPoint.

G8 The WLAN System supports roaming between Access Points

deployed on the same subnet and different subnets as well.

G9 How fast is the failover in the case of a network outage?

Please specify in milliseconds.

DEA

G10 What happens to data clients in the event of a failover? DEA

G11 In the event of a failover, what is the delay period before the

data service is restored?

DEA

G12 What actions must the user take to re-obtain data service

(re-associate, re-authenticate, re-login, etc.)?

DEA

H. WLAN SYSTEM SCALABILITY FEATURES

A primary concern is the ability to scale and grow the wireless system easily over time, both in

terms of the number of total users, number of devices, and in overall capacity. The following

questions are aimed at eliciting details about what tools are available to scale the proposed

system.

H1 A single WLAN Controller is capable of managing a minimum

of 1000 APs and is scalable up to at least 3000 APs (campus /

LAN connected APs).H2 The WLAN Controller supports at least 20,000 MAC address


17/55



SR

NO


YES or NO

REMARKS

forwarding database entries.

H3 The WLAN Controller supports a minimum of 512 WLANs.

H4 Please specify the maximum number of WLANs supported. DEAH5 The WLAN Controller supports a minimum of 20,000

concurrent client devices.

H6 Please specify the maximum number of concurrent devices

supported.

DEA

H7 What is the maximum number of BSSIDs supported by each

AP?

DEA

H8 The WLAN Controller supports SSH/Telnet based access for

management purposes.

H9 The WLAN Controller supports NTP.

H10 The WLAN System supports and aids the IT personnel todesign for capacity as well as coverage.

H11 The WLAN System allows an IT Administrator to set minimum

or average bandwidth requirements per user.

H12 The WLAN System supports setup and enforcement of

minimum association rates to improve system performance.

Please provide details for the same.

H13 The WLAN System supports per-user QOS capabilities and

prioritization via per-user queuing in the APs.

H14 The WLAN System enables IT personnel to control an AP’s

transmit power level via software.H15 If so, is this process automated, or does each AP need to be

adjusted separately?

DEA

H16 What is the maximum number of WLAN Controllers that the

management application can accommodate?

DEA

H17 What is the maximum number of APs that the management

application can accommodate?

DEA

H18 The management application is able to monitor the WLAN

System campus wide.

J. NETWORK MANAGEMENT SYSTEM (NMS)

J1 The WLAN NMS provides flexible reporting tools to create,

customize, and view reports in various formats such as PDF,

XLS, and CSV.

J2 The WLAN NMS provides support for tools such as graphical

maps or CAD drawings for floor plans showing wireless

coverage, heat maps, devices and location in real time.

J3 The WLAN NMS supports user friendly troubleshooting tools

to resolve connectivity and performance issues.

J4 The WLAN NMS presents a customizable dashboard withinformation on the status of the WLAN network.


18/55



SR

NO


YES or NO

REMARKS

J5 The WLAN NMS raises critical alarms by sending an email

and/or SMS. The email client on the Controller should

preferably support SMTP outbound authentication and TLS

encryption.

J6 The WLAN NMS management tool is capable of scheduling

reports for automatic generation. If so how are the reports

generated and delivered?

DEA

J7 What type of configuration and monitoring reports can be

generated?

DEA

J8 The WLAN NMS allows IT personnel to track a user’s AP

associations, both current and historical.

J9 The WLAN NMS supports export of management graphs and

statistical files to other industry standard software like Excel,SPSS, etc. for further analysis.

J10 Describe the reporting capabilities of the proposed system. DEA

J11 The WLAN NMS supports the ability to drill down to real-time

and historical data.

J12 The WLAN NMS sends alerts when rogues are detected.

J13 Please specify the types of management logs and traps for

rogue activity that can be shown.

DEA

J14 The Access Points are able to scan for rogue Access Points and

the Controller is able to locate them on a floor map.

J15 The WLAN NMS sends a notification to the administratorwhen a rogue Access Point has been detected and its location.

J16 The management application supports centralized

management of APs and Controllers. If so does it require

accessing each Controller separately?

DEA

J17 The WLAN NMS provides tools for RF coverage, location

tracking, network performance, etc.

J18 The WLAN NMS provides location details of users, wireless

devices, etc. for trouble-shooting, planning, and asset

management.

J19 The WLAN NMS provides details of the last known location ofeach device and help in finding any lost or stolen devices.

J20 The WLAN NMS provides detailed performance statistics

related to bandwidth, coverage, average data rate, etc. on a

per AP basis.

J21 The WLAN NMS provides a current list of clients connected to

each AP and for what duration.

J22 The WLAN NMS is able to monitor third party edge switches

to which the wireless devices are connected.

J23 The WLAN NMS provides for administrative and access

controls for different types of users on the WLAN.


19/55



SR

NO


YES or NO

REMARKS

2.2 IN-ROOM WIRELESS ACCESS POINT

22.1 The in-room AP mandatorily complies with the IEEE 802.11ac

Wave 1 standard at a minimum and is backwards compatible

to IEEE 802.11 a/b/g/n standards.

22.2 The in-room AP has one number of POE-IN (802.3af) Port of

10/100/1000 Mbps capacity and a minimum of 3 numbers of

User ports of (10/100/1000 Mbps), one of which should also

support POE-OUT.

22.3 The in-room AP supports Dual Radios of 2.4 GHz & 5 GHz for

concurrent users.

22.4 The in-room AP supports a minimum of 2x2:2 MIMO on both

the radios/bands. Please specify the maximum supported.

22.5 The in-room AP supports explicit Transmit Beam Forming that

results in better focused signals to the client device and better

performance to the end-user.

22.6 The in-room AP supports Wi-Fi Location Based Services and

also has an interface for BLE sensors/readers and/or IOT

devices.

22.7 The in-room AP supports a minimum of 2 spatial streams.

22.8 The in-room AP aggregate data rate capability is a minimum

of 1267 Mbps (400 Mbps on 2.5 GHz and 867 Mbps on 5Ghz).

22.9 The in-room AP supports at least 25 concurrent users/clients.

Please specify the maximum number of concurrent

users/clients supported.

22.10 The in-room AP at a minimum supports 8 BSSIDs per radio for

a total of 16 BSSIDs per Access Point.

22.11 The in-room AP provides a minimum of 18dBm transmission

power for both the 2.4Ghz and 5 GHz bands. The Bidder to

specify values for both bands.

22.12 The in-room AP supports 802.1q VLAN tagging.

22.13 Please specify the Transmit Power control mechanism

supported: whether changes in Tx power are in 1dB or 3dB orany other decrements. Better granular control of the

coverage area would be highly desirable.

DEA

22.14 The Bidder should indicate the typical power consumption in

Watts for each model of the proposed in-room AP.

DEA

22.15 The in-room AP supports operating temperature ranges of 0°

to 45° C and humidity ranges of 10 to 90% non-condensing.

22.16 The in-room AP preferably has an integrated tamper-proof

mechanism to prevent users from damaging the equipment or

tampering with the installation. The Bidder to provide details

regarding this aspect.

DEA

22.17 The in-room Access Point is WPC type approved. The


20/55



SR

NO


YES or NO

REMARKS

Equipment Type Approved (ETA) should be enclosed by the

Bidder.

22.18 The in-room AP supports WPA with TKIP encryption.

22.19 The in-room AP supports WPA2 (802.11i) with AES encryption.

22.20 What POE power standard input (802.3?) is required to power

up all the radios in the in-room AP and operate in full 2x2:2

MIMO-mode without any loss of features or capabilities?

DEA

22.21 The in-room AP supports IEEE standard 802.3af POE.

22.22 The in-room AP supports IEEE standard 802.3at POE.


Watts for the proposed in-room AP.

DEA

22.24 The in-room AP supports 802.11i fast roaming.

2.3 INDOOR / CORRIDOR WIRELESS ACCESS POINT

23.1 The indoor/corridor AP mandatorily complies with IEEE

802.11ac Wave 2 standard at a minimum and is backwards

compatible to IEEE 802.11a/b/g/n standards.

23.2 The indoor AP has a minimum of two POE ports of

10/100/1000 Mbps capacity.

23.3 The Bidder should indicate if any additional redundant

Ethernet port/ports are provided.

DEA

23.4 The indoor or corridor AP supports at a minimum 4x4:4multiuser MIMO or better as there will be a higher user

density in these areas and more capacity is needed.

23.5 The indoor or corridor AP supports Wi-Fi Location Based

Services and also has an interface for BLE sensors/readers

and/or IOT devices.

23.6 The indoor AP supports Dual Radios of 2.4 GHz & 5 GHz for

concurrent users.

23.7 The indoor AP supports explicit Transmit Beam Forming that


performance to the end-user.23.8 The indoor AP at a minimum supports 4 spatial streams. The

Bidder to specify maximum spatial streams supported.

DEA

23.9 The indoor AP has at least two 10/100/1000 Mbps ports for

redundant data.

23.10 The indoor Access Point has an aggregate data rate capability

of a minimum of 2533 Mbps (800 Mbps on 2.5 GHz and 1733

Mbps on 5Ghz).

23.11 The indoor AP is able to handle a minimum of 300 concurrent

users (minimum 6 Mbps per user/client).

23.12 The Bidder to specify the maximum number of concurrentusers.

DEA


21/55



SR

NO


YES or NO

REMARKS

23.13 The indoor AP provides a minimum of 20dBm transmission

power for 2.4 GHz and min 20dBm for 5 GHz.

23.14 The Bidder should indicate the maximum transmission power

per indoor AP.

DEA

23.15 The indoor AP has Receive Sensitivity of -91dBm or better

@MCS0; 11n HT20; 2.4 GHz & 5 GHz.

23.16 The indoor AP supports 8 BSSIDs at a minimum per radio for a

total of 16 BSSIDs per Access Point.

23.17 The Bidder to indicate the maximum number of BSSIDs

supported.

DEA

23.18 The indoor AP supports 802.1q VLAN tagging.

23.19 The indoor AP supports Omni-directional / directional

patterns, with a minimum 3 dBi gain.23.20 The Bidder should specify and/or explain if their indoor AP

supports any technique/technology that in any way enhances

user experience for mobile clients considering that these

clients have much poorer radios and have no fixed orientation

during usage.

DEA

23.21 The indoor AP implements Wi-Fi alliance standards WMM,

WMM-PS, 802.11d, 802.11h and 802.11e.

23.22 The indoor AP supports Packet Capture facility on either of its

radios to aid in troubleshooting.

23.23 Please specify the Transmit Power control mechanismsupported: whether changes in Tx power are in 1dB or 3dB or

any other decrements. Better granular control of the

coverage area would be highly preferred.

DEA


Watts for the proposed indoor AP.

DEA

23.25 The indoor AP is able to operate in the temperature ranges of

-20° to 60° C and humidity ranges of 10 to 90%

non-condensing.

23.26 The indoor AP supports Honeypot Control for 2.4 and 5 GHz

radios.23.27 The indoor AP preferably has integrated tamper-proof

mechanisms to prevent users from damaging the equipment

or tampering with the installation. The Bidder to provide

details regarding this aspect.

DEA

23.28 The indoor AP has mandatory certifications such as

WEEE/RoHS, EN 60601-1-2, and Wi-Fi Alliance.

23.29 The indoor AP is WPC type approved. The ETA should be

enclosed by the Bidder.

23.30 What kind of antennas does the indoor AP support? DEA

23.31 The indoor AP supports WPA with TKIP encryption.23.32 The indoor AP supports WPA2 (802.11i) with AES encryption.


22/55



SR

NO


YES or NO

REMARKS


up all the radios in all models of the indoor AP and operate in

full 4x4:4 MIMO-mode without any loss of features or

capabilities?

DEA

23.34 The indoor AP has the option of being powered through

AC-DC power adaptor.

23.35 The indoor AP supports IEEE standard 802.3af POE.

23.36 The indoor AP supports IEEE standard 802.3at POE.

23.37 The indoor AP supports 802.11i fast roaming.

23.38 The indoor AP supports 256 QAM modulation.

2.4 OUTDOOR WIRELESS ACCESS POINT

24.1 The outdoor AP mandatorily complies with IEEE 802.11ac

Wave 2 standard at a minimum and is backwards compatible

to IEEE 802.11 a/b/g/n standards.

24.2 The outdoor AP has a minimum of two POE ports of

10/100/1000 Mbps capacity.

24.3 The outdoor AP has at least two 10/100/1000 Mbps ports for

redundant data.


up all the radios in the outdoor AP and operate in full 4x4:4

MU-MIMO mode without any loss of features or capabilities?

DEA

24.5 The outdoor AP supports explicit Transmit Beam Forming that


performance to the end-user.

24.6 The outdoor AP at a minimum supports 4 spatial streams. The

Bidder to specify maximum spatial streams supported.

DEA

24.7 The outdoor AP has Dual Radios to support 2.4 GHz & 5GHz

concurrent users.

24.8 The outdoor AP supports at a minimum 4x4:4 multiuser

MIMO on both the radios/bands or better as there will be a

higher user density in these areas and more capacity isneeded.

24.9 The outdoor Access Point has an aggregate data rate

capability of a minimum of 2533 Mbps (800 Mbps on 2.5 GHz

and 1733 Mbps on 5Ghz).

24.10 The outdoor AP is able to handle a minimum of 200

concurrent users (6 Mbps per user).

24.11 The Bidder should indicate the maximum client handling

capability of the outdoor AP.

DEA

24.12 The outdoor Access Point provides a minimum of 24dBm

transmission power on 2.4GHz and 5GHz.24.13 The outdoor AP supports at a minimum 8 BSSIDs per radio for


23/55



SR

NO


YES or NO

REMARKS

a total of 16 BSSIDs per AP.

24.14 The Bidder should indicate the maximum number of BSSIDs

supported.

DEA

24.15 The outdoor AP supports 802.1q VLAN tagging.

24.16 The outdoor AP supports an integrated sectoral/ directional

or external/integral omnidirectional antenna for both radio

bands.

24.17 Please specify the Transmit Power control mechanism

supported: whether changes in Tx power are in 1dB or 3dB or

any other decrements. Better granular control of the

coverage area would be highly preferred.

DEA

24.18 The outdoor AP supports operating temperature ranges of

-20° to 60° C and Humidity ranges of 15 to 90%non-condensing.

24.19 The WLAN Solution supports Honeypot control for 2.4 and 5

GHz radios.

24.20 The outdoor AP along with the antennas is IP67 certified for

outdoor deployment. Indoor Access Points inside 3rd party

enclosures/boxes would NOT be acceptable. Third-party

external antennas would also not be acceptable.

24.21 Please specify the dimensions of the outdoor AP (LxBxH) in

centimetres and the weight in kilograms including the

mounting bracket. Smaller form factor would be preferred.

DEA


Watts per outdoor AP model suggested.

DEA

24.23 The outdoor AP has mandatory certifications such as

WEEE/RoHs, EN 60601-1-2 Safety and Wi-Fi Alliance.

24.24 The outdoor AP is WPC type approved. The ETA should be

enclosed by the Bidder.

24.25 Does the outdoor AP support the same functionality and

features as the indoor AP? If not what are the limitations of

the outdoor AP?

DEA

24.26 The outdoor and in-door APs support mesh technology to linkto each other wirelessly.

24.27 What kind of antennas does the outdoor AP support? DEA

24.28 What are the environmental specifications of the outdoor AP? DEA

24.29 The outdoor AP supports WPA with TKIP encryption.

24.30 The outdoor AP supports WPA2 (802.11i) with AES

encryption.

24.31 The outdoor AP supports standard 802.3af POE.

24.32 The outdoor AP supports standard 802.3at POE.

24.33 Can a full 4x4:4 MIMO be powered via 802.3af? If not what

POE power input standard (802.3?) is required to power up all

DEA


24/55



SR

NO


YES or NO

REMARKS

the radios in a full 4x4:4 MIMO without any loss of features

and capabilities?

24.34 The outdoor AP has the option of being powered through

AC-DC power adaptor.

24.35 The outdoor AP supports 802.11i fast roaming.

24.36 The outdoor AP supports 256 QAM modulation.


25/55



CHAPTER 3

3. SWITCH SPECIFICATIONS

SRNO

SPECIFICATION / FEATURE COMPLYYES or NO

REMARKS

3.1 24 PORT L3 AGGREGATION SWITCH – 4 NOS REQUIRED

3.1A ARCHITECTURE / PERFORMANCE

A.1 The 24 Port Aggregation switch is a standalone 19'' rack

mountable with 1+1 Power Supply Unit (PSU).

A.2 The switch supports the following port configurations:

24 x 1/10G SFP/SFP+ ports with a provision to add 4 x 40G

QSFP+ ports in the future without having to replace the

switch.

A.3 The switch at a minimum supports the following optics:

100FX, 1000 SX, 1000 LX/LH, 10GE SR, 10GE LRM, 10GE LR,

10GE ER, 40G SR & LR. All optics installed should be from the

switching OEM only.

A.4 The switch supports unicast, multicast and broadcast IP traffic

A.5 The switch supports a minimum of 32MB Flash memory or

higher and a minimum of 256 MB SDRAM or higher. More

would be preferred.

A.6 The switch supports a minimum Non-Blocking Performance

Fabric >= 800 Gbps and Throughput >= 590 Mpps including

stacking bandwidth.

A.7 The switch supports a dynamic buffer size of at least 12.2 MB

A.8 The switch supports a packet throughput of 1.44 Bpps

A.9 The switch supports VLAN IDs >=4K, MAC >=96K, Routes

>=12K, ACL/QoS entries >= 4K, and 9216 Byte Max Packet Size

(Jumbo Frame)

A.10 The switch has a minimum latency of 550 ns.

A.11 The switch supports a fabric capacity of at least 2.56 Tbps.

A.12 The switch supports at least one 10/100/1000 Mbps

management port and one mini-USB serial console port for

management access.

A.13 The switch supports POST and embedded online/offline

diagnostics.

A.14 The switch supports IPv4 and IPv6 switching and routing in

hardware from day 1.

A.15 The switch supports OpenFlow v1.0 and v1.3 from day one


26/55



SR

NO


YES or NO

REMARKS

for SDN compatibility.

A.16 The switch supports OpenFlow with true hybrid port mode.

3.1B STACKING

B.1 The switch and Operating System Software offer true

stacking, with all switches in a stack acting as a single logical

switch unit.

B.2 The switch supports a stack that provides a unified data

plane, unified configuration, and single IP address for switch

management.

B.3 The switch supports stacking with a minimum throughput of

40 Gbps or more. Stacking ports are separate from uplinkports.

B.4 Specify the maximum aggregated stacking bandwidth. DEA

B.5 Specify the maximum stacking distance. DEA

B.6 The switch supports close loop stacking of a minimum of 8

switches. The Bidder to specify maximum number of switches

supported in a stack.

DEA

3.1C POWER MANAGEMENT

C.1 Specify power inlet (AC). DEA

C.2 Specify input voltage/frequency ranges of switch. DEA

C.3 Specify maximum rated power supply (AC). DEA

C.4 Specify typical power consumption of switch. DEA

C.5 Specify maximum power consumption of switch. DEA

C.6 Specify airflow (front-to-back or side-to-back). DEA

C.7 The switch supports reduced power consumption and

advanced energy management features like IEEE 802.3az.C.8 The switch supports power resiliency with optional

external/internal redundant power supplies.

C.9 The switch supports N+1 Redundant Hot swappable Internal

Power supplies and preferably Hot-swappable fan tray.

C.10 The switch supports Hibernation Mode. This feature puts the

ports/switch to an off mode or ultra-low power mode during

periods of non-operation such as nights or weekends.

Hibernation Mode can be scheduled using Universal Port

and/or a compliant Operating System management software.

Please specify if any additional software layer is required toachieve this and its component cost in the Commercial Bid.


27/55



SR

NO


YES or NO

REMARKS

C.11 The switch supports IEEE 802.3az EEE (Energy Efficient

Ethernet) that enables ports to dynamically sense idle periods

between traffic bursts and quickly switch the interfaces into a

low power idle mode, reducing power consumption.

C.12 The switch supports Intelligent Energy policies that can be

used to control the power consumed by PoE powered

endpoints, desktops, etc.

3.1D PHYSICAL DIMENSIONS

D.1 Specify weight in kilograms of switch. DEA

D.2 Specify weight of switch in kilograms with two power supplies

and four fans.

DEA

D.3 Specify dimensions in (width x depth x height) in inches and

millimetres and rack units.

DEA

D.4 Specify acoustics / operating noise in dB. DEA

D.5 Specify MTBF in hours at 25 degrees operating temp. DEA

D.6 Specify operating temperature in Centigrade. DEA

D.7 Specify non-operating temperature in Centigrade. DEA

D.8 Specify operating levels relative humidity. DEA

3.1E LAYER 1 FEATURES

E.1 The switch supports the following Layer 1 features:

IEEE 802.3ad Link Aggregation

IEEE 802.3x Flow Control

IEEE 802.3 10BASE-T

IEEE 802.3u 100BASE-TX

IEEE 802.3z 1000BASE-SX/LX

IEEE 802.3ab 1000BASE-T

802.3 CSMA/CD Access Method and Physical LayerSpecifications

IEEE 802.3ae 10 Gigabit Ethernet

IEEE 802.3ba 40 Gigabit Ethernet

Jumbo Frame

3.1F LAYER 2 FEATURES

F.1 The switch supports the following Layer 2 features:

IEEE 802.1D MAC Bridging/STP

IEEE 802.1p Mapping to Priority Queue

IEEE 802.1p Marking and DSCP


28/55



SR

NO


YES or NO

REMARKS

IEEE 802.1p Honoring QoS

IEEE 802.1Q VLAN Tagging

IEEE 802.1w Rapid Spanning Tree Protocol (RSTP)

IEEE 802.1s Multiple Spanning Tree Protocol (MSTP)

IEEE 802.1x Port Based Network Access Control

IEEE 802.1AB LLDP

IEEE 802.1AX Link Aggregation

IEEE 802.1p CoS Prioritization

IEEE 802.3az

PVST/RPVST/RPVST+

Port Loop Detection

STP Port Fast

STP Root Guard

802.1ad Q-in-Q

Uni-Directional Link Detection (UDLD)

Topology and VLAN Groups

3.1G LAYER 3 FEATURES

G.1 The switch supports basic IP unicast routing protocols (static,

RIPv1, RIPv2, and RIPng) from day one.

G.2 The switch supports inter-VLAN routing (IVR) from day one.

G.3

The switch supports from day one: OSPF

BGP v4

Policy-Based Routing (PBR)

VRRPv2

VRRPv3

G.4 The switch supports from day one:

Protocol Independent Multicast (PIM) - PIM-SM,

PIM-DM, and PIM sparse-dense mode

G.5 The switch supports from day one:

Integrated VLAN Bridging OSPFv2

OSPFv3

Auto RP

PIM-SM/SSM

PIM-DM

PIMv6

MSDP

Anycast-RP using PIM via addition of

hardware/software/license resources as and when

required etc.G.6 The switch supports from day one:


29/55



SR

NO


YES or NO

REMARKS

Internet Group Management Protocol (IGMP) v1, v2, v3,

IGMP Proxy, snooping for IPv4: multicast listener discovery

(MLD) v1 and v2 snooping provides fast client joins and leaves

of multicast streams and limits bandwidth-intensive video

traffic to only the requestors.

3.1H SOFTWARE DEFINED NETWORKING (SDN)

H.1 The switch supports OpenFlow v1.0 and v1.3 from day one.

H.2 The switch supports OpenFlow with true hybrid port mode.

3.1I QUALITY OF SERVICE (QoS)

I.1 The switch supports the following QoS features: Rate Limiting (per hardware queue)

BUM Rate Limiting

ACL-based Rate Limiting

Traffic Shaping

Symmetrical Flow Control

MAC Address Mapping to Priority Queues

ACL Mapping to ToS/DSCP

ACL Mapping and Marking ToS/DSCP

QoS Queue Management using Weighted Round

Robin (WRR), Strict Priority (SP), a combination ofWRR and SP, and Priority Flow Control

RFC 2475 An Architecture for Differentiated Services

RFC 3246 An Expedited Forwarding PHB

RFC 2597 Assured Forwarding PHB Group

RFC 2698 A Two-Rate, Three-Color Marker

I.2 The switch supports audio video stream reservation, 8

hardware queues per port, IEEE 802.1p, DSCP, Buffer queue

Management, WRR and traffic rate limiting with Configurable

bandwidth granularity of 64 Kbps.

I.3 The switch supports rate limiting based on source anddestination IP address, source and destination MAC address,

Layer 4 TCP/UDP information, or any combination of these

fields, using QoS ACLs (IP ACLs or MAC ACLs), class maps, and

policy maps. Strict priority queuing guarantees that the

highest-priority packets are serviced ahead of all other traffic.

I.4 The switch supports Automatic Quality of Service (Auto QoS)

/ EZ QoS / Equivalent for easy configuration of QoS features

for critical applications.


30/55



SR

NO


YES or NO

REMARKS

3.1J SECURITY

J.1 The switch supports the following security features and

specifications:

Access Control Lists (ACLs) for IPv4 and IPv6

AES Encryption for SSHv2, SNMPv3

Port Mirroring (MAC-, VLAN- and ACL-based)

sFlow

Authentication, Authorization, and Accounting (AAA)

Username/password (Challenge and Response)

Bi-level Access Mode (Standard and EXEC Level)

Secure Copy (SCP)

Secure Shell (SSHv2)

RFC 2865 RADIUS TACACS/TACACS+ Authorization

ACLs Port Security - MAC limit and locking

MAC Filter and Authentication

Port MAC Security

MAC Locking

802.1X Accounting

802.1X Change of Authorization

802.1X Dynamic VLAN assignment

802.1X Dynamic ACL

802.1X Multiple Host Authentication IP Security

ARP validation

Broadcast storm, multicast storm, and unicast storm

control IPv6 RA Guard

PVLAN

Port Isolation

Control-Plane Protection

RSPAN and Bidirectional SPAN, Multiple destination

port through single or multiple SPAN sessions

J.2 The switch provides protection against attackers through thefollowing features:

Port security to secure the access to an access or

trunk port based on MAC address.

DHCP snooping

Dynamic ARP inspection (DAI)

IP source guard

The Unicast Reverse Path Forwarding (uRPF)

3.1K HIGH AVAILABILITY

K.1 The switch supports hot-swappable internal power supplies


31/55



SR

NO


YES or NO

REMARKS

(1+1).

K.2 The switch supports hot-swappable fan trays (3+1).

K.3

The switch supports L3 VRRP protocol redundancy.K.4 The switch supports automatic failover from master to

standby stack controller. Please explain how this will work

and if there will be any loss of connectivity?

DEA

K.5 The switch supports dedicated ports on the back panel for

forwarding system health and control information across the

stack.

K.6 The switch supports protected link groups.

K.7 The switch supports hot insertion and removal of stacked

units.

K.8 The switch supports hot insertion and removal of optional 40GbE modules.

3.1L MANAGEMENT, DEPLOYMENT & CONTROL

L.1 The switch supports the following Management, Deployment

and Control features:

Industry-standard Command Line Interface (CLI)

Configuration Logging

LLDP

LLDP-MED

Cisco Discovery Protocol (CDP)

IEEE 802.3 MAU MIB

RFC 951 BootP

RFC 1542 BootP Extensions

RFC 2131 DHCP (client and server)

RFC 854 Telnet Client and Server

RFC 2865 RADIUS

RFC 1493 Bridge MIB

RFC 1643 Ethernet-like Interface MIB

RFC 1213 MIB-II

RFC 1516 Repeater MIB

RFC 1354 Forwarding Table MIB

RFC 1757 RMON MIB

RFC 2572 SNMP Message Processing and Dispatching

RFC 1573 SNMP MIB II

RFC 1157 SNMPv1/v2

RFC 3411 SNMPv3 Framework

RFC 3412 SNMPv3 Processing

RFC 3414 SNMPv3 USM

RFC 5905 NTPv4

SSHv2 access


32/55



SR

NO


YES or NO

REMARKS

HTTPS

SCP2

IPFIX or Netflow v9 or sFlow v5

Syslog

Embedded Event Manager (EEM) scripting to enable

automation

Generic online diagnostics and embedded based

interface that should have port bandwidth plotter

Embedded Smart Call for Proactive Services with

switch OEM directly.

L.2 The switch supports DHCP auto configuration of multiple

switches through a boot server that eases switch

deployment.

L.3

The switch supports Automatic QoS (Auto QoS) that simplifies

QoS configuration in voice over IP (VoIP) networks by issuing

interface and global switch commands to detect IP phones,

classify traffic, and help enable egress queue configuration.

L.4 The switch supports Auto negotiation on all ports that

automatically selects half- or full-duplex transmission mode

to optimize bandwidth.

L.5 The switch supports automatic media-dependent interface

crossover (MDIX) that automatically adjusts transmit and

receive pairs if an incorrect cable type (crossover or straight

through) is installed.

L.6 The switch supports multilevel security on console access to

prevent unauthorized users from altering the switch

configuration.

L.7 The switch provides a mechanism to check the health of

hardware components and verify proper operation of the

system data and control plane at run time and boot time.

L.8 The switch supports DHCP Server feature to enable a

convenient deployment option for the assignment of IP

addresses in networks that do not have a dedicated DHCP

server.

L.9 The switch is able to update images without bringing down

the stack or with minimal impact.

L.10 The switch stack re-convergence time is less than 200

milliseconds.

3.1M MULTICAST PROTOCOLS

M.1 The switch supports the following Multicast protocols

RFC 1112 IGMP

RFC 2236 IGMPv2

RFC 3376 IGMPv3


33/55



SR

NO


YES or NO

REMARKS

IGMP Proxy

RFC 1112 Host Extensions

RFC 3973 PIM-DM

Rfc 2362 PIM-SM/SSM

RFC 3618 MSDP

RFC 4610 Anycast-RP using PIM

3.1N REGULATORY COMPLIANCE / CERTIFICATIONS

N.1 The switch is compliant with the following Electromagnetic

emissions standards:

FCC Class A (Part 15), EN 55022/CISPR-22 Class A, VCCI Class

A, ICES-003 Electromagnetic Emission, AS/NZS 55022, EN

61000-3-2 Power Line Harmonics, EN 61000-3-3 Voltage

Fluctuation and Flicker, and EN 61000-6-3 Emission Standard

N.2 The switch is compliant with the following Safety standards:

CAN/CSA-C22.2 NO 60950-1-07, UL 60950-1 Second Edition,

IEC 60950-1 Second Edition, EN 60950-1-2006 Safety of

Information Technology Equipment, EN 60825-1 Safety of

Laser Products-Part 1, Equipment Classification,

Requirements and User Guide, EN 60825-2 Safety of Laser

Products Part 2, Safety of Optical Fibre Communication

Systems.

N.3 The switch complies with the following Immunity standards:

EN-61000-6-1 Generic Immunity and Susceptibility, EN 55024

Immunity Characteristics, EN 61000-4 -3 Radiated, Radio

Frequency Electromagnetic Field, EN 6100-4-4 Electrical Fast

Transient, EN 61000-4-5 Surge, EN 61000-4-6 Conducted

Disturbances induced by Radio Frequency Fields, EN

61000-4-8 Power Frequency Magnetic Field, EN 61000-4-11

Voltage Dips and Sags.

N.4 The switch complies with Environmental Regulatory

standards RoHS-compliant 96 (6 of 6) WEEE-compliant.

N.5 The switch complies with Vibration standards IEC 68-2-36 and

IEC 68-2-6.

N.6 The switch complies with Shock and drop standards IEC

68-2-27 and IEC 68-2-32.

N.7 The switch has the following certifications:

CE Markings 2004/108/EC and 2006/95/EC

UL 60950-1 Second Edition

Product Family must have IEC/ISO 15408 Common

Criteria EAL 3 or higher certified/applied for under

process

GR-63-CORE Level 3 compliant & ROHS Compliant.International Certifications pertaining to India will have to be


34/55



SR

NO


YES or NO

REMARKS

met in totality and other country specific certifications will

not be considered. All the Certifications should be EAL3 or

NDPP.

SR

NO


YES or NO

REMARKS

3.2 48 PORT PoE/PoE+ L2 STACKABLE ACCESS SWITCH – 30 NOS REQUIRED

3.2A ARCHITECTURE / PERFORMANCE

A.1 The switch supports a minimum switching capacity (data rate,

full duplex) of at least 256 Gbps.

A.2 Please specify Maximum switching capacity at data rate, full

duplex.

DEA

A.3 The switch supports a minimum forwarding capacity (data

rate, full duplex) of 190 Mbps

A.4 The switch supports a minimum of 48 10/100/1000 Mbps

RJ45 ports from day one and these should not be shared with

uplink ports.

A.5 The switch supports a minimum of 2 x 1G SFP ports from day

1.

A.6 The switch is capable of supporting 2 x 10G SFP+ ports in

future with only a change of optics and license if required to

enable the ports.

A.7 The switch is capable of being upgraded to advanced IPv4/v6

L3 routing (RIP, OSPF) with a software license.

A.8 The switch supports the following optics from day one:

2 x 1000Base-SX multimode LC SFP connector.

A.9 The switch supports a minimum dual core CPU of 500MHz,

Flash memory of 128 MB, and DRAM of 512 MB. Please

specify if otherwise.A.10 The switch supports a minimum of 16,000 MAC addresses.

The Bidder to specify maximum MAC addresses supported.

A.11 The switch supports a minimum of 4,095 VLANs. The Bidder

to specify the maximum no of VLANs supported.

A.12 The switch supports a maximum of 12,000 routes.

A.13 The switch supports a minimum of 16 Trunks.

A.14 The switch supports a maximum jumbo frame size of 9,216

bytes.

A.15 The switch supports at least 8 QoS priority queues.

A.16

The switch supports dedicated Ethernet management


35/55



SR

NO


YES or NO

REMARKS

interfaces for simplified operation

A.17 The switch supports sFlow or NetFlow-Lite from day one.

A.18

The switch supports OpenFlow v1.0 and v1.3 from day 1.

A.19 The switch supports OpenFlow with true hybrid port mode.

3.2B LAYER 2 FEATURES

B.1 The switch supports the following Layer 2 features and

protocols:

802.1s Multiple Spanning Tree

802.1x Authentication

Auto MDI/MDIX BPDU Guard Root Guard

Dual Mode VLANs

MAC based VLANs, Dynamic MAC-based VLAN

activation

Dynamic VLAN assignment

Dynamic Voice VLAN assignment

Fast Port Span

GARP VLAN Registration Protocol

IGMP Snooping (v1/v2/v3)

IGMP Proxy for Static Groups

IGMP Tracking

Inter-Packet Gap (IPG) adjustment

Link Fault Signalling (LFS)

MAC Address Locking; MAC Port Security

MAC-Layer Filtering

MAC Learning Disable

MLD Snooping (v1/v2)

Multi-device Authentication

Per-VLAN Spanning Tree (PVST/PVST+/PVRST

Mirroring – Port-based, ACL-based, MAC Filter based,

and VLAN based

PIM-SM v2 Snooping

Port Loop Detection

Private VLAN

Protected Link Groups

Protocol VLAN (802.1v), Subnet VLAN

Remote Fault Notification (RFN)

Single-instance Spanning Tree

Single-link LACP

Trunk Groups

Uni-Directional Link Detection (UDLD)


36/55



SR

Documents

IIM a Bid Document Technical Bid