Public Works Department Tender

[23.7.6.3]PVC CONDUIT PIPE ONLY (SURFACE OR RECESSED) FOR ELECTRICAL POINTS 6.3. Supply and erection of PVC CONDUIT ISI marked (Medium) recessed in wall/ceiling etc. including the cost of PVC bends, inspection boxes, iron hooks and cement concrete etc. complete in all respect up to the entire satisfaction of Engineer-in-Charge of work. PVC pipe of 32 mm dia.

[24.4.8.3]STREET LIGHT 8.3. Supply and erection of Hot Dip Galvanized octagonal pole of 3mm thickness, with base plate including cost of nut and bolts , earthing studs, Integral Cable termination arrangement 5 mm thick Bakelite base plate on suitable welded MS/GI bracket 32 A four way connector 2 no 10 A SP MCB , end cover and all accessories as supplied by the manufacture including Providing RCC foundation of M25 grade (1 Cement:1 Stone aggregate: 2 Coarse sand) i/c excavation, steel reinforcement (Fe 500) @80 kg/cum of concrete contents, concrete cover 50mm, anchor bolts etc. over a bed of PCC 1:5:10 of required dimensions for octagonal poles of various heights as per following specifications complete in all respects and as per directions of Engineer-in-charge 5 Metre Long pole with top dia 65 mm and bottom dia 130mm with base plate of size 250 x 250 x 16 mm

[24.5.2.1]MISCELLANEOUS ITEMS 2.1. S/E mark double walled corrugated (DWC) HDPE, pipe 10 Kg/Cm2 ,laid 0.75 Metre below ground level including digging and refilling of earth including cost of suitable size socket/coupler for HDPE pipe including the cost of labour and material required to complete the job in all respect up to the entire satisfaction of Engineer in charge of the work. DWC/HDPE pipe 40/32 mm outer dia/ inner dia

[24.8.3]RCC FOUNDATIONS FOR OCTAGONAL POLES 3. Providing RCC foundation of M25 grade (1 Cement:1 Stone aggregate: 2 Coarse sand) i/c excavation, steel reinforcement (Fe 500) @80 kg/cum of concrete contents, concrete cover 50mm, anchor bolts etc. over a bed of PCC 1:5:10 of required dimensions for octagonal poles of various heights as per following specifications complete in all respects and as per directions of Engineer-in-charge 5m high pole

`Supply Installation Testing and Commissioning of 15U rack for switch Mounting with Fan and power Strip, PDU, Hardware Mounting Kit complete in all respect upto the entire satisfaction of Engineer-in-charge of work. Make: Comrack/HCL/Hive Networks`

`Supply Installation Testing and Commissioning of 15U Outdoor rack for switch Mounting with Fan and power Strip, PDU, Hardware Mounting Kit complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Comrack/HCL/Hive Networks`

`Supply Installation Testing and Commissioning of 22U rack for switch Mounting with Fan and power Strip, PDU, Hardware Mounting Kit complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Comrack/HCL/Hive Networks`

`Supply Installation Testing and Commissioning of Workstation with i5 Processor, 16GB RAM, 1 TB HDD,Windows OS or better specs, as recommended by VMS Software. The server shall be suitable for any open platform software, as required as per specification and at site of work in line with the Engineer in Charge instructions. Make: HP, Dell, IBM.`

`Supply Installation Testing and Commissioning of 42`` LED Monitor, Full HD, HDMI Port, Component Video Inputs, 1 Digital Audio Out, VGA Port complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Sony/LG/Samsung`

Supply Installation Testing and Commissioning of 3 Core Power Cable 1.5 sqmm complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Finolex/Polycab/Havells

`Supply Installation, testing and commissioning of FO Cable 6 core Type Armoured CSTA SM FOR SERVER ROOM to Each Network Rack Backbone connectivity. As per specification complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: RandM/Penduit/Simon`

`Supply Installation Testing and Commissioning of 12F, 1U, LC, LIU Loaded with Pigtails, Splice tray, Couplers As per specification complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: RandM/Penduit/Simon`

`Supply Installation, testing and commissioning of PATCH CORD LC-LC SM DUPLEX LENGTH- 3mtr.As per specification complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: RandM/Penduit/Simon`

`Supply, Installation, Testing and Commissioning of 16 port Core Switch (L3 switch) with 16x10G 1000 Base-Tx ports and 2x10G/40G SFP plus slots with minimum switching capacity of 480Gbps , should support stacking up to 8 switches with stacking bandwidth of 160Gbps. It should have internal single Power Supply, AC voltage: 90 to 260V (auto-ranging), IPv6 logo ready, Tri-authentication: MAC-based, web-based and IEEE 802.1x, Access Control Lists (ACLs) based on layer 3 and 4 headers, EPSRing (Ethernet Protection Switched Rings) with SuperLoop Protection (SLP) and enhanced recovery for extra resiliency, Switch should be EU RoHS compliant, Operating temperature range: 0°C to 45°C (32°F to 113°F) Derated by 1°C per 305 meters (1,000 ft), Certification: UL, cUL, TUV, FIPS 140-2, Stacking cables and associated accessories will be provided with switch complete etc. as required. Make: Extreme Networks / Cisco / Allied Telesis`

`Supply, Installation, Testing and Commissioning of 24 Port Access Switch with 24x 1G Base-T POE plus and 4x10G SFP Slots and 2 nos stacking ports, with minimum switching capacity of 56 Gbps, 40Gbps of stacking bandwidth when using front panel, 4094 configurable VLANs, 10G SFP plus ports , min forwarding rate of 119Mpps, Policy-based QoS based on VLAN, port, MAC and general packet classifiers, 1GB DDR3 SDRAM, 256MB NAND flash memory, Maximum Power Consumption on NO POE load is 77 watt and Maximum Power Consumption on Full POE load is 900 watt, support 802.1D, 802.1S, 802.1w, 802.1Q Tagged VLAN, port based VLANs and Private VLAN, Should Support IEEE 802.1v VLAN, IEEE 802.1ac VLAN tagging, IEEE 802.1ad, console port for management via a console terminal or PC, SNMP V1, V2c and V3, GUI based software utility or using web interface, Support DHCP snooping, IP source guard and Dynamic ARP Inspection (DAI), Operating Temperature- 0°C to 50°C (32°F to 122°F), Stacking cables and associated accessories will be provided with switch complete etc. as required. Make: Extreme Networks / Cisco / Allied Telesis`

`Supply, Installation, Testing and Commissioning of 24 Port Access Switch with 24x 1G Base-Tand 4x10G SFP Slots and 2 nos stacking port, with minimum switching capacity of 56 Gbps, 40Gbps of stacking bandwidth when using front panel, 4094 configurable VLANs, 10G SFP plus ports , min forwarding rate of 119Mpps, Policy-based QoS based on VLAN, port, MAC and general packet classifiers, 1GB DDR3 SDRAM, 256MB NAND flash memory, support 802.1D, 802.1S, 802.1w, 802.1Q Tagged VLAN, port based VLANs and Private VLAN, Should Support IEEE 802.1v VLAN, IEEE 802.1ac VLAN tagging, IEEE 802.1ad, console port for management via a console terminal or PC, SNMP V1, V2c and V3, GUI based software utility or using web interface, Support DHCP snooping, IP source guard and Dynamic ARP Inspection (DAI), Operating Temperature- 0°C to 50°C (32°F to 122°F), Stacking cables and associated accessories will be provided with switch complete etc. as required. Make: Extreme Networks / Cisco / Allied Telesis`

Supply, Installation, Testing and commissioning of NGFW meeting following specs with 5 years of Support License Proposed Solution should be in Gartner Quadrant as a leader for atleast 9 consecutive years since 2013 The firewall should be x86 architecture based, giving it the flexibility to be used in NFV deployment Proposed Solution appliance should have minimum Intel 4 core Processor. Proposed solution appliance should have atleast 16 GB DRAM. Proposed solution appliance should have atleast 128 GB SSD. Proposed Solution Should be upgradable to Secure SDWAN with true SD-WAN architecture `Firewall appliance should have at least 6x10/100/1000 RJ45 Mbps, 4 x10/100/1000/10G SFP plus Mbps 1x10/100/1000 Mbps Console port 2 x NIM slots (for port expansion) 2 x USB/LTE Dongle` The firewall needs to have dedicated compute resources for control/management and data plane Application Visibility Throughput Minimum 3 Gbps. Firewall should support minimum 1.0 Gbps of IPSEC VPN throughput. Firewall should support 1000 site-to-site and client to site VPN Tunnels. Firewall should support minimum 15,000 Connections per second. Firewall should support Max sessions upto 2,50,000 The solution should support minimum 1.5 Gbps of Threat Prevention (FW plus IPS plus AVC plus AV) throughput for Mix / production traffic. The proposed system shall be able to operate on either Transparent (bridge),Layer 3 Mode,Monitoring Mode. The proposed system should have integrated Traffic Shaping functionality. The Firewall and IPSEC VPN module shall belong to product family, which   minimally   attain   Internet   Computer   Security   Association (ICSA) Certification. Other certifcations needed would be ISO 27001, SOC2, FedRAMP, Common Criteria, FIPS 140-2, National Cyber Security Centre, ANSSI top-level certification, DoDIN Approved Product List, Commercial Solutions for Classified (CSfC), USGV6, ICSA, NEBS The device shall utilize a) IPSEC (DES, 3DES, AES) encryption/decryption. b) SSL encryption/decryption. The system shall support the following IPSEC VPN capabilities: a) Multi-zone VPN supports. b) IPSec, ESP security. c) Supports NAT traversal d) Supports Hub and Spoke architecture e) Supports Redundant gateway architecture The solution should be true NGFW where the security services are not aligned in multipath processing architecture as in a UTM device. The solution should be able to support AD integration with LDAP or Active Directory The solution should be able to support dynamic user group creation that gives temporary time based access to contract employees and also restricts the access rights of internal users or devices temporarily that are identified to be compromised The system shall support IPSEC site-to-site VPN and remote acccess user VPN The system shall provide IPv6 IPSec feature to support for secure IPv6 traffic in an IPSec VPN. Web Security features Firewall should have integrated Antivirus solution Firewall should support Antispyware The proposed system should be able to block, allow or monitor only using  AV  signatures and file  blocking  based  on  per firewall  policy based or based on firewall authenticated user groups with configurable selection of the following services: a) HTTP, HTTPS b)  SMTP, SMTPS c) POP3, POP3S d) IMAP, IMAPS e) FTP, FTPS The solution needs to protect the users against malicious Domains The solution should be capable of providing fiel protection against data loss It should protect against evasive techniques such as cloaking, fake CAPTCHAs, and HTML character encoding based attacks from day 1 Device should be able to call 3rd party threat intelligence data on malicious IPs, URLs and Domains to the same firewall policy to block those malicious attributes and list should get updated dynamically with latest data The solution must be able to define AV scanning on per application basis such that certain applications may be excluded from AV scan while some applications to be always scanned The solution must have data loss prevention capabilities by defining the categories of sensitive information that is required to filter. Should be able to perform Anti-virus scans for HTTP, smtp, imap, pop3, ftp, SMB traffic with configurable AV action such as allow, deny, reset, alert etc The proposed solution shall perform content based signature matching beyond the traditional hash base signatures Intrusion prevention signatures should be built based on the vulnerability itself, A single signature should stop multiple exploit attempts on a known system or application vulnerability. The solution should have protocol decoder-based analysis which can statefully decodes the protocol and then intelligently applies signatures to detect network and application exploits The device must have the capability to create DOS prevention policy to prevent against DOS attacks on per zone basis (outbound to inbound, inbound to inbound and inbound to outbound) and ability to create and define DOS policy based on attacks like UDP Flood, ICMP Flood, SYN Flood(Random Early Drop and SYN cookie), IP Address Sweeps, IP Address Spoofs, port scan, Ping of Death, Teardrop attacks, unknown protocol protection etc The proposed solution NGFW shall delineate different parts of the application such as allowing Facebook chat but blocking its file-transfer capability inside the chat application base on the content. The proposed solution should have the ability to create custom application signatures and categories directly without the need of any third-party tool or technical support. Also the device should have capability to provide detailed information about dependent applications to securely enable an application The proposed solution shall be able to handle (alert, block or allow) unknown/unidentified applications like unknown UDP and TCP The proposed vendor must have a track record of continuous improvement in threat detection (IPS) and must have successfully completed NSS Labs’ NGFW Methodology with security effectiveness of 97.5% or more in the latest report The solution should be capable of protecting against Zero day attacks. The solution should be capable of detetecting unknown file and update it disposition within 5 minutes in the threat intelligence The solution needs to detect infected devices that does the DNS query through the internal DNS server to a malicious domain The proposed system shall allow administrator to prevent sensitive data from leaving the network. Administrator shall be able to define sensitive data patterns, and data matching these patterns that will be blocked and/or logged when passing through the unit. The proposed system should be able to block or allow oversize file based  on  configurable thresholds for  each  protocol  types and  per firewall policy. Web Content Filtering The proposed system should have integrated Web Content Filtering solution without external solution, devices or hardware modules. The proposed solution should be able to enable or disable Web Fil- tering  per  firewall  policy  or  based  on  firewall  authenticated  user groups for both HTTP and HTTPS traffic. The proposed system shall provide web content filtering features: a)  Which  blocks  web  plug-ins  such  as  ActiveX,  Java  Applet,  and Cookies. b) Shall include Web URL block c) Shall include Web Exempt List The proposed system shall be able to queries a real-time database of over 110 million plus rated websites categorized into 70 plus unique content categories. Application Control The proposes firewall should be native layer 7 solution that doesn’t depend on Layer 3 and Layer 4 parameters like IP address and port for application identification, rather app signatures must be used for application identification The solution shoud be capable of creating signatures for home grown applications The solution needs to have granular control over the application where the parent application can be allowed in the network but few of the microservices of the application should be blocked. The application identification feature of the solution shouldn’t be a subscription but perpetual The proposed system shall have the ability to detect, log and take action against network traffic based on over 3000 application signatures The application signatures shall be manual or automatically updated The administrator shall be able to define application control list based on selectable application group and/or list and its corresponding actions High Availability The proposed  system  shall  have built-in high availability (HA) features without extra cost/license or hardware component The device shall support stateful session maintenance in the event of a fail-over to a standby unit. High Availability Configurations should support Active/Active or Active/ Passive Makes: IL Palo-Alto / CheckPoint / Cisco

Supply, Installation, Testing and commissioning of SD-WAN meeting following specs with 5 Years of Support License The solution components should include Software Defined WAN(SD-WAN) Network Controller, Central management and Central Log management, SDWAN Edge Devices running at the branches and Gateway Hub Devices at the DC The solution needs to be a True SD-WAN that is purpose built right from the foundation based on SDN architecture and should not be a simple feature activated through license activation on a generic UTM like solution. The solution should be able to leverage multiple links simultaneously for a single application session such that traffic can move across all the links. The solution needs to be flexible to add the CPE device at the gateway not necessarily having to terminate the WAN links directly on to the device for its monitoring and other SD-WAN functions. The WAN links could be routed through any other gateway device like WAN switch, router, firewall etc. SDWAN devices must be able to identify and classify atleast 800 plus applications at Layer 7 through SNI rather than DPI The solution needs to be flexible enough to support customization in case of any unique requirements with the availability of the OEM engineering/support team in India Solution should provide transport independence and should allow to use any transport like MPLS, Internet, 3G/4G, Point to Point link, PPPoE Solution needs to provide realtime streaming analytics on the CPE health status, WAN links status, application wise bandwidth utliization status The solution needs to be futuristic where in case of DIA(Direct Internet Access) all the NGFW features like IPS, URL filtering, Content filtering, Malware protection, DNS protection needs to be enabled through license activation and not CPE device revamp. The solution then should be supported through a single point of contact The architecture should be scalable to allow local internet breakout in the future based on the type of applications and the policy defined in the SDWAN controller. The solution should be able to load balance across mutiple discrete links simultaneously through per packet or per session load sharing The solution should be able to support LTE primary and LTE aggregation where wired WAN links may not be a feasible option The system should support QoS for packet classification, marking, and bandwidth allocation. The communication between the Secure SD-WAN controller and the SDWAN CPE devices should be secure and encrypted and preferrably TLSv1.2 or above The SDWAN solution should support single pane of glass management with zero-touch deployment of the CPE appliances The WAN path Selection at the branch locations should be based on the near real time analytics of the WAN Links Capacity and Quality (Latency, Jitter, Volume, Hopcount, Packet Loss etc.). The WAN path selection should be dynamic based on the policy set from the SDWAN controller. The solution must be able to provide DMVPN capability where the tunnels between spoke sites are created dynamically at the time of traffic initation. The tunnels shouldn’t be manually created in advance. The solution must be able to dynamically control data packet forwarding decisions by looking at application type, performance, policies, and WAN path status. The solution must be able to monitor the network performance—jitter, packet loss, and delay—and make decisions to forward critical applications over the best performing path based on the defined application policy. The solution must provide QoS by TCP/UDP rate limiting low priority traffic The solution must provide Ongoing assessment and troubleshooting tool from central GUI and also provide the quality metric on links like latency, jitter and packet loss The solution must provide Remote diagnostics tools to validate reachability of both WAN and LAN side, Packet Capture, Packet flow CLI tracer etc. NAT- The branch SDWAN devices should have the ability to do address translation between private and public IP address spaces and support source based NAT and destination based NAT The SDWAN Controller should support integration with third party ITSM tool for the workflow management for audit and compliance to review, approve and audit policy changes from the controller The branch devices should support IPsec VPN tunnels with third-party gateway appliances to enable transport of data from BRANCH to DC/DR in a secure fashion. It should support AES-256 or higher encryption coupled with Internet Key Exchange Version 2 (IKEv2). The VPN tunnel created between the solution CPE devices should use more refined version of IPSec technology like Wireguard technology which results in better VPN performance The system should provide a mechanism to monitor the performance for Virtual Private Network The Branch edge should support various load balance algorithms like per packet, sessions, source-destination IP, Source IP across multiple ISP links. The branch edge should support load balancing to balance branch traffic across multiple ISP links using different means like weight based, flow based, SLA based etc. The system must be able to monitor ISP link parameters like link quality, link usage and link congestion and should be able to provide historical data on the same. The branch edge should also support policy based routing, SLA based routing The system should be able to dynamically steer traffic from one WAN link to another based on policy The system should be able to track the reliability and performance of WAN links The system should allow administrators of the network to be grouped with well-defined roles assigned to them. The system should support monitoring only user role, network change administrator role and a overall system administrator role with permissions to manage the software defined network controller. The system should allow monitoring of Packet loss ratio, Delay, Jitter, and Bandwidth utilization of each WAN link Configurational changes made at the individual CPE devices locally through the management / console port of the device should be replicated to the controller The SDWAN solution should support Path awareness intelligence and link remediation delivers best application performance by automated fail-over and fail-back mechanism There should not be any impact on SDWAN data forwarding capability in case of complete disconnection of controllers Central Management The system should be an image based NFV hosted SD-WAN Controller and Management components. The server appliance specification will have to be shared The Centralized SDWAN Controller installed at DC / DR must provide a single, unified platform for network service provisioning, monitoring and assurance, change and compliance management. The software defined controller must be able to support minimum 1000 devices All the components like Controller, Gateway Hub, Edge devices etc. of SDWAN Solution proposed should be from the same OEM. The proposed SD-WAN solution should have capacity to log a minimum of 150 GB network/user logs per day and 30TB of inbuilt storage. The system should support functionality to manage the performance of Internet links. The system should determine that Internet performance is degrading and notify the administrators The system should provide a dashboard that provides state of new appliances (Online, Offline) Should support granular device and role based administration for deploying multi-tenancy architecture The SDWAN Controller solution must be able to monitor and report all applications by usage across all branch locations, in a branch location along with the data rate and flow usage. This data must be stored by the Central SDWAN Log Management solution for a minimum 1 Year. Vendors to make sure that the log management solution should have the sufficient storage with the HW RAID enabled. The system must be able to send e-mail and SMS notification for events and alerts Should support Certificate management Support management access based on AAA, RADIUS, local authentication SDWAN Manager will have to authenticate the branch SDWAN devices based on serial number for tight control on SDWAN. Branch SDWAN Devices which can pass authentication will be allowed to connect on SDWAN network. The SDWAN devices should be enabled with zero touch provisioning or shall be sent to branches un-configured so that the device can download its policy and automatically start to learn traffic patterns from centralized controller The solution must be able to collect and aggregate traffic statistics for all WAN paths. Traffic statistics include path utilization, application-specific utilization and path performance. The SDWAN controller must have REST APIs available for 3rd party integration or integration with custom automation tools To steer the traffic based on application. The traffic forwarding capability shall be set in place at the centralized controller level and then pushed out to all SDWAN devices. All the policies shall be based on IP addresses, application profiles, port number, quality-of-service markings, time of day, or any other number of variables. Unlike traditional WAN solutions, which handle security through multiple appliances at each branch office, SDWAN solution should be scalable in the future to include all of these functions in-box to lower cost by integrating with web content filtering service, and offer malware defences and botnet command-and-control intervention, Intrusion Prevention Solution for every branch and remote devices. The proposed SD_WAN solution must support following SD-WAN Reporting:- Statistics of bandwidth usage of available links. Statistics of bandwidth usage of each application Network statistics, including continuous performance monitoring of loss, latency, packet ordering for all network paths and link utilization. Report for traffic statistic of all the included path. Must provide automated, real-time event alert mechanism. The SD-WAN Controller must contain single dashboard which includes all other device status like CPU, link status, event logs, etc. Should run reports on-demand or on a schedule with automated email notifications Makes: IL Palo-Alto / CheckPoint / Cisco

`Supplying, installing, testing and commissioning of 24 port Cat 6A patch panels available with block of four equipped with tool less IO, Rack Mountable. 19`` Modular Patch Panel, loaded CAT6A U/UTP 24 port LCS2 rack mountable to be compatible in 4nos of 6 X RJ 45 Tool less connector U/UTP unit in a block complete with all labour and material required to complete the job in all respect upto the entire satisfaction of the Engineer -incharge of work. Make : CORNING/ RandM /PANDUIT / SIEMON`

`Supplying, installing, testing and commissioning of Cat 6A , Tool less Information outlet for Voice/Data. Cat6A U/UTP built in crimping hands-free, minimum 5 times reconnection possibilities. LCS2 Toolless RJ45 Information outlet where insertion test (in and out) must be 2500 times (I/O) along with front side Label holded and transparent shutter for category white in colour, including front plate and anodised GI box in concealed manner of adequate sizes,including all fixing accessories complete with all labour and material required to complete the job in all respect upto the entire satisfaction of the Engineer -in-charge of work. Make : CORNING/ RandM /PANDUIT / SIEMON`

`Supplying and fixing following Modular base and cover plate including anodised GI box in concealed manner of adequate sizes,including all fixing accessories complete with all labour and material required to complete the job in all respect upto the entire satisfaction of the Engineer -in-charge of work. Make : CORNING/ RandM /PANDUIT / SIEMON`

`Supplying, installing, testing and commissioning of following length of Cat - 6a patch cord. 4 Feet : CAT6A UTP 23 AWG Patch Cord - 1 mtr - Rack End. Factory crimped LCS2 Patch cord. Make : CORNING/ RandM /PANDUIT / SIEMON`

`Supplying, installing, testing and commissioning of following length of Cat - 6a patch cord. 7 Feet : CAT6A UTP 23 AWG Patch Cord - 2 mtr - Rack End. Factory crimped LCS2 Patch cord. Make : CORNING/ RandM /PANDUIT / SIEMON`

`Supplying and fixing of PVC Cable Manager finger duct type complete the job in all respect upto the entire satisfaction of Engineer-in-charge of work. Make : CORNING/ RandM /PANDUIT / SIEMON`

`SITC of 42RU, 800w x 1000d, 19`` Comms equipment rack with front 19`` rails and dual 8 to 12-outlet PDUs, and mesh-screen front and rear lockable doors, ventilated top cover with cable glands complete the job in all respect upto the entire satisfaction of Engineer-in-charge of work Make: HiveNetwork / Comrack / Netrack`

`SITC of 15RU, 800w x lOOOd, 19`` Comms equipment rack with front 19`` rails and dual 8 to 12-outlet PDUs, and mesh-screen front and rear lockable doors, ventilated top cover with cable glands complete the job in all respect upto the entire satisfaction of Engineer-in-charge of work Make: HiveNetwork / Comrack / Netrack`

`SITC of 12U,19`` Outdoor Network rack with front 19`` rails and dual 12-outlet PDUs, and mesh-screen front and rear lockable doors, ventilated top cover with cable glands complete the job in all respect upto the entire satisfaction of Engineer-in-charge of work Make: HiveNetwork / Comrack / Netrack`

`SITC of 2.5 sq mm 3 Core Power cable for all Services to complete the job in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Polycab / Havells / Finolex`

`Supply Installation Testing and Commissioning of online 30 KVA UPS for 30 minutes backup and in Redundancy Mode with all accessories required to do so. As per specification and at site of work in line with the Engineer in Charge instructions. Includig cost of 26 nos. batteries. Make: Eaton / APC / Emerson`

Supply Installation Testing and Commissioning of Suitable Sever Based Network Video Recording and Management System with required Licences for all the above ONVIF Compliant Cameras. complete with all necessary required software`s PC hardware ,Storage accessories ,civil ,electrical works and peripheral items as required as per specification and at site of work in line with the engineer in charge instructions. The System proposed should have minimum usable 30 days recording suitable hard disk as per requirement. Certifications UL hard disk complete in all respect upto entire satisfaction Engineer in charge of work. Video Recording Server should have 32 Channels from day one The Video Management System (VMS) shall be a Microsoft Windows-based video management and surveillance system consisting of two primary components, as follows: An IP video management system. This application shall: Maintain the database of cameras and recording devices and to provide a web-based administrative portal to manage the video surveillance system route video traffic to users as requested and appropriate record and store video from resources on the network A client presentation application to allow users to view and manage live and recorded video.The Video Management System (VMS) shall be a Microsoft Windows-based video management and surveillance system consisting in a single server performing the following functions: Allow users to define users and assign sets of permissions (known as roles) to each user Record and store video per user-defined retention settings for up to 32 cameras per server Serve live and recorded video to clients on demand The IP video management system shall record video and audio streams from IP cameras and video encoders on the network Video: H.264 in High, Main, or Base Profile streams from both standard resolution and megapixel cameras The system shall support recording schedules, including the ability to record based on motion, analytic, and alarm events The IP video management system shall be capable of continuous scheduled alarm/event and motion recording. Pre- and postalarm recording shall also be available and shall be fully programmable on a per channel basis. The IP video management system shall have the ability to record and playback audio streams along with associated video. The IP Video Management System shall support recording of primary or secondary streams. The IP Video Management System shall support video bookmarking, such that users can identify and recall important moments in recorded video The IP video management system shall allow the administrator to set minimum and maximum retention periods for recorded video The IP video management system shall support network health and monitoring utilizing third-party SNMP monitoring tools. The IP video management system shall indicate system performance and operation status utilizing a variety of reports The system shall be configurable remotely or over a network. The system shall discover 3rd-party cameras on the network. The system shall allow users to manually add cameras and devices by IP address. The system shall allow users with sufficient rights to control cameras (pan, tilt, and/or zoom). The system shall support aggregation by a higher-level system , tying multiple VMS servers together in a single, unified environment The system shall support third-party cameras using ONVIF profiles S ,G,Q and T. The IP VMS shall support Lightweight Directory Access Protocol (LDAP) to authenticate users VMS can Imports users and roles from existing LDAP servers to reduce administrative overhead, and enables single sign-on (SSO) The IP video management system shall allow archival of video data to external network locations or NAS devices over a network connection. The archival schedule shall be either automatic at user-defined intervals or manually executed. The video management system shall be available as a hardware server with capacity to record 8 cameras at up to 200 mbps recording throughput. The video management system shall be available as a software product that can be installed on COTS hardware. The server shall support semantic grouping and organization of cameras/devices into groups using “tags”. The system shall allow users to export video on request: exported video shall be stored locally on the server or on another network location selected by the administrator. The system shall support aggregation by a higher-level environment, allowing the IP video management system to belong to a confederation of servers. Check on VMS and camera health using SNMP Hardware Configuration Processor: Intel Core i5-9500 Operating System: Microsoft Windows 10 IoT Enterprise 64-bit (LTSB) RAM: 16GB DDR4 SSD Storage: M.2 SSD 256 GB HDD: 2 Slots( Upto 32 TB) Video Output: 4x Mini DisplayPort 1.4 Video System: NVIDIA Quadro P620 (2 GB memory) Networking: 1x 1 Gigabit Ethernet (1000 Base-T), 1x 10 Gigabit Ethernet (10 G Base-T) Maximum Video Resolution: mDP 1.4 direct connect, HDR 5120 x 2880 at 60 Hz (30-bit color) Throughput: 250 Mbps Security Certifications Supports IPV4 and IPV6 Client Authentication password stored with cryptographic protection TLS-based encryption over HTTPS Supports video and data encryption using AES-128-256 through third-party disk encryption software. Incorporates FIPS 140-3 validated cryptographic modules VMS Should be compliant to FISMA/NIST Configuration Guidance Make: AXIS/PELCO/ MOBOTIX/ AVIGILION

Supply Installation Testing and Commissioning of Suitable Sever Based Network Video Recording and Management System with required Licences for all the above ONVIF Compliant Cameras. complete with all necessary required software`s PC hardware ,Storage accessories ,civil ,electrical works and peripheral items as required as per specification and at site of work in line with the engineer in charge instructions. The System proposed should have minimum usable 30 days recording suitable hard disk as per requirement. Certifications UL hard disk complete in all respect upto entire satisfaction Engineer in charge of work. Video Recording Server should have 128 Channels from day one The Video Management System (VMS) shall be a Microsoft Windows-based video management and surveillance system consisting of two primary components, as follows: An IP video management system. This application shall: Maintain the database of cameras and recording devices and to provide a web-based administrative portal to manage the video surveillance system route video traffic to users as requested and appropriate record and store video from resources on the network A client presentation application to allow users to view and manage live and recorded video.The Video Management System (VMS) shall be a Microsoft Windows-based video management and surveillance system consisting in a single server performing the following functions: Allow users to define users and assign sets of permissions (known as roles) to each user Record and store video per user-defined retention settings for up to 128 cameras per server Serve live and recorded video to clients on demand The IP video management system shall record video and audio streams from IP cameras and video encoders on the network Video: H.264 in High, Main, or Base Profile streams from both standard resolution and megapixel cameras The system shall support recording schedules, including the ability to record based on motion, analytic, and alarm events The IP video management system shall be capable of continuous scheduled alarm/event and motion recording. Pre- and post- alarm recording shall also be available and shall be fully programmable on a per channel basis. The IP video management system shall have the ability to record and playback audio streams along with associated video. The IP Video Management System shall support recording of primary or secondary streams. The IP Video Management System shall support video bookmarking, such that users can identify and recall important moments in recorded video The IP video management system shall allow the administrator to set minimum and maximum retention periods for recorded video `The IP video management system shall support network health and monitoring utilizing third-party SNMP monitoring tools. ` The IP video management system shall indicate system performance and operation status utilizing a variety of reports The system shall be configurable remotely or over a network. The system shall discover 3rd-party cameras on the network. The system shall allow users to manually add cameras and devices by IP address. The system shall allow users with sufficient rights to control cameras (pan, tilt, and/or zoom). The system shall support aggregation by a higher-level system , tying multiple VMS servers together in a single, unified environment The system shall support third-party cameras using ONVIF profiles S and G or native drivers. The IP VMS shall support Lightweight Directory Access Protocol (LDAP) to authenticate users VMS can Imports users and roles from existing LDAP servers to reduce administrative overhead, and enables single sign-on (SSO) The IP video management system shall allow archival of video data to external network locations or NAS devices over a network connection. The archival schedule shall be either automatic at user-defined intervals or manually executed. The video management system shall be available as a hardware server with capacity to record 64 cameras at up to 450mbps recording throughput. The video management system shall be available as a software product that can be installed on COTS hardware. The server shall support semantic grouping and organization of cameras/devices into groups using “tags”. The system shall allow users to export video on request: exported video shall be stored locally on the server or on another network location selected by the administrator. The system shall support aggregation by a higher-level environment, allowing the IP video management system to belong to a confederation of servers. Check on VMS and camera health using SNMP Hardware Configuration Processor: Intel® Xeon® Silver 4210 Operating System: Microsoft Windows 10 IoT Enterprise 64-bit (LTSB) RAM: 16GB DDR4 `SSD Storage: 2x SSD 480 GB (RAID 1)` HDD: 12 Slots RAID Level: RAID 5 and RAID 6 Video Output: 4x Mini DisplayPort 1.4 Video System: NVIDIA Quadro P620 (2 GB memory) Networking: 2x Gigabit Ethernet (1000Base-T) Ports `Power supply: Dual Hot Swappable 750 W (Platinum)` Throughput: 450 Mbps Certification: CE (Class A) FCC, Part 15 (Class A), ICES-003 (Class A), UL/cUL Listed, RCM, CCC, KCC, NOM Security Certifications Supports IPV4 and IPV6 Client Authentication password stored with cryptographic protection TLS-based encryption over HTTPS `Supports video and data encryption using AES-128-256 through third-party disk encryption software.` Incorporates FIPS 140-3 validated cryptographic modules VMS Should be compliant to FISMA/NIST Configuration Guidance Make: AXIS/PELCO/ MOBOTIX/ AVIGILION

Supply Installation testing commissioing of IP IR PTZ DOME Camera POE enabled (High Definition) lmage device/Sensor - 1/3` Progressive Scan CCD/ Progressive scan CMOS or better PTZ camera Resolution - 2 Megapixel, 1080p (1920x1080) or better Optical Zoom 30X and Digital Zoom: 12X lR Light and Distance - lR range up to 150 Mtrs. Or better Signal to Noise Ratio - )_50 dB (AGC OFF ) PAN and Tilt travel - Pan 360 endless Tilt 0 to -90 (Auto Flip) Minimum lIIumination - 0.3Lx Color and B/W 0.01Lx Day Night - Auto Day/Night with Auto lR-CUT fitter with auto switch Encoding Video Compression - H.265 MJPEG Triple Stream encoding Frame Rate - Main Frame 30 FPS in all resolution or better Audio Compression - G.711/G.726 Edge Based Analytics Storage - SD Card shoutd be expandabte up to 128 GB Protocols - lPv4/lPv6, TCP/lP, UDP, RTP,RTSP, HTTP, HTTPS, ICMP,SMTP, NTP, DHCP, UPnP, IGMP,SNMP,IEEE 802.1 X System Compatibitity - ONVlF Profite S and G Privacy Zone - Minimum 4 Privacy zones or higher Additional Features Noise Reduction-Digitat Noise Reduction on/off . WDR -90dB True WDR or better Alarm Input,/ Alarm Output-1 Alarm Input, 1 Alarm Output Audio Input,/ Audio Output-1 Audio Input, 1 Audio Output Environment- Operating Environment-Outdoor Operating Temoerature- 0`C to 50`C lngress protection lP66 or better. Certificates: UL, FCC, EN complete in all respect upto entire satisfaction Engineer in charge of works. Make: AXIS/PELCO/ MOBOTIX/ AVIGILION

Supply, installation, Testing and Commissioning of HD 2 MP IR Bullet/Box IR Camera. in all respect upto entire satisfaction Engineer in charge of works. Specification:- Image device/ Sensor - 1/3` Progressive Scan CCD/ Progressive Scan CMOS or Better Resolution - 2 Megapixel (1920x1080) or better Frame Rate upto 30 Fps or better Lens type - 3 to 9 mm auto varifocal lens motorized IR Light and Distance - Ir Range upto 30 mtrs or better Signal to Noise Ratio -)50db Minimum Illumination - 0.3Lx Color, IR LED ON 0 .0 Lux or better Day Night - Auto Day/ Night with switchable IR cut filter Video Compression - H.265, H.264, M-JPEG Camera Should have multiple Streaming- Min. Triple Edge Based Analytics Storage- SD card slot should be expandable upto 128 GB System Compatibility- ONVIF profile SandG Privacy Masking- Minimum 4 Privacy zones or Higher Protocols - IPv4/ IPv6, HTTP, HTTPS, TCP/IP, UDP, UPnP, ICMP, RTSP, RTP, SMTP, NTP, DHCP, DNS, DDNS Additional Features Noise Reduction - Digital Noise reduction on/off. WDR- 120dB WDR Alarm Input/ Output - 1 Alarm Input, 1 Alarm Output Audio Input/ Output - 1 Audio Input, 1 Audio Output Environment Operating Environment - Indoor/ Outdoor Operating Temperature -0C to 50C Ingress protection and Vandal resident Standards - IP66 or Better IK10 or better Certificates: UL, FCC, EN Make: AXIS/PELCO/ MOBOTIX/ AVIGILION

Supply, installation, Testing and Commissioning of Fixed Dome Indoor 1080p True Day/Night Switching IP camera. Complete in all respect upto entire satisfaction Engineer in charge of works. Specification :- Image device/ Sensor - 1/3` Progressive Scan CCD/ Progressive Scan CMOS or Better Resolution - 2 Megapixel (1920x1080) or better Frame Rate upto 30 Fps or better Lens type - 3 to 9 mm auto varifocal lens motorized IR Light and Distance - Ir Range upto 30 mtrs or better Signal to Noise Ratio -)50db Minimum Illumination - 0.3Lx Color, IR LED ON 0 .0 Lux or better Day Night - Auto Day/ Night with switchable IR cut filter Video Compression - H.265, H.264, M-JPEG Camera Should have multiple Streaming- Min. Triple Edge Based Analytics Storage- SD card slot should be expandable upto 128 GB System Compatibility- ONVIF profile SandG Privacy Masking- Minimum 4 Privacy zones or Higher Protocols - IPv4/ IPv6, HTTP, HTTPS, TCP/IP, UDP, UPnP, ICMP, RTSP, RTP, SMTP, NTP, DHCP, DNS, DDNS Additional Features Noise Reduction - Digital Noise reduction on/off. WDR- 120dB WDR Alarm Input/ Output - 1 Alarm Input, 1 Alarm Output Audio Input/ Output - 1 Audio Input, 1 Audio Output Environment Operating Environment - Indoor/ Outdoor Operating Temperature -0C to 50C Ingress protection and Vandal resident Standards - IP66 or Better IK10 or better Certificates: UL, FCC, EN Make: AXIS/ PELCO/ MOBOTIX/ AVIGILION

`Supply, Installation, Testing and comissioning of 1G SFP module as required (For All Switches) complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Cisco/Extreme/Allied Telesis`

Supply, Installation, Testing and comissioning of Layer -2 Switch with Power on Ethernet (PoE) enabled, with 8 nos. 10/100/1000 base Tx PoE port, 2 no. dual personality Gbe Port for copper/fiber uplink, 3.7 Gbps switching capacity, 2.7 MPPS forwarding rate, maximum power consumption 135 watt. (For All Floors) complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Cisco/Extreme/Allied Telesis

Supply, Installation, Testing and comissioning of Layer -2 Switch with Power on Ethernet (PoE) enabled, with 24 nos. 10/100 base Tx PoE port, 2 no. dual personality Gbe Port for copper/fiber uplink, 3.7 Gbps switching capacity, 2.7 MPPS forwarding rate, maximum power consumption 135 watt. (For All Floors) complete in all respect upto the entire satisfaction of Engineer-in-charge of work Make: Cisco/Extreme/Allied Telesis

Supply Installation and Commissioning of IP66 outdoor Junction box with all necessary accessories, civil, electrical works and peripheral items complete in all respect upto the entire satisfaction of Engineer-in-charge of work. Make : ISI and Standard