GENERAL TECHNICAL SPECIFICATION - MANDATORY COMPLIANCE

ITEM
SR. NO SPECIFICATION Compliance Model
DESCRIPTION

ONT should support GPON G.984 and G.988 standards

Should have at least following interfaces:
4 Data 10/100/1000 Copper ports
1 GPON (SC/APC receptacle) port
Should support up to 11Gbps switching performance with 9 Mpps throughput
Should support 2,000 MAC addresses
Should support T-CONT/ Gem port 8/32
Should support transmission rate of 2.488Gbps Downstream and 1.244 Upstream
Should support QoS with 8 queues Cisco
33 GPON ONT FC
Should support SNMP v1, 2, 3 and RMON CGP-ONT-4TVCW-NA
Management through PON manager, local Web GUI or ONU Management Control Interface
Should supports IEEE 802.1Q, IEEE 802.1D and IEEE 802.1w
Should have AC power supply
Three year OEM’s support must be attached to the proposed product with the following entitlement. a. 24x7 access to Technical Assistance Center (TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
e. Broad solution view to identify and address any known issues beyond the original case scope
f. No triage required to open a case

OLT should support GPON G.984 and G.988 standards

Should have 105 Gbps of backplane capacity with at least 95 Mpps of throughput
Should support redundant AC power supplies
Should have following interfaces :
16 GPON ports
2 x 10G SFP+ ports with optics
4 x 1G RJ45 & SFP combo ports
Uplink interfaces should support IEEE 802.3ad for link aggregation and 802.3ad for QinQ
Should support 64K MAC addresses
Should support 4096 VLANs per ports
Should support 2k IPv4 route scale
Should support 9000Bytes jumbo frame
Should support T-CONT / Gem port 768/3000 per port
Should support type-B protection with fiber redundancy to the splitter
Should support 1:64 and lower split ratios
Cisco
34 GPON OLT Should support logical distance of 60Km and differential distance of 20Km FC
CGP-OLT-16T
Should support ONT authentication using SN mode, Password mode or combination of both
Should be able to provide bandwidth control and QoS in upstream and downstream direction
Should have at least 8-queues per port with strict priority scheduler
PON optics should be type C+ with transmit power of 3-7dBm
Should support 1480-1500nm wavelength downstream and 1290-1330nm upstream
The receiver sensitivity of the PON optics should be -30dBm
Should support SNMP v1, 2, 3 , RMON and syslog
Management through PON Manager, HTTPS and SSH
Three year OEM’s support must be attached to the proposed product with the following entitlement.
a. 24x7 access to Technical Assistance Center (TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates
c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
e. Broad solution view to identify and address any known issues beyond the original case scope
f. No triage required to open a case
 1. Ruggedized Layer 2 switches with AC power supply
2. Should support up to 5Gbps switching performance
3. Switch should be equipped with 8x1FE RJ45 PoE+ ports and 2x1G SFP ports (1xGLC-TE SFP)
4. Handoff between the access switch and provider is 1G RJ45
5. Switch should support PoE+ with atleast 180W PoE budget
6. Should support AAA, 802.1X, RADIUS, TACACS
7. Should support Syslog, SNMP v1, 2, 3 and RMON
Cisco
49 Site Switches 8. Management through CLI, Telnet, SSHv2, HTTP, HTTPS FC
IE-1000-8P2S-LM
9. Should support operating temperature of 70° C
10. Should supports IEEE 802.1Q, IEEE 802.1D, IEEE 802.1w, IEEE 802.1s Multiple Spanning Tree, LACP standard for Link aggregation
11. Three-year OEM’s support must be attached to the proposed product with the following entitlement. a. 24x7 access to Technical Assistance Center
(TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
e. Broad solution view to identify and address any known issues beyond the original case scope f. No triage required to open a case

1. Enterprise Class State-full Next Generation Firewall

2. Should have 8 x 1GE RJ-45 and 8 x 10GE SFP+ (SR optics included) Interfaces and one I/O expansion slot for future expansion
3. Required NGFW + NGIPS (threat protection) throughput 10 Gbps at 1024Bytes
4. Required maximum L7 concurrent session 1,500,000
5. Required redundant AC power supplies
6. Should have IPSEC throughput of 5.5Gbps with at least 2,000 IPSEC VPN peers
7. Should have stateful fail-over/high availability
8. NGIPS with full contextual awareness of users, infrastructure, applications, and content to detect multi-vector threats
9. Required NGIPS signature for at least 16,000 with the ability to add custom signatures
10. The firewall should have at least 900GB of storage event logs, malware files, IPS signatures, etc. and an additional storage slot
for future expansion
11. Should support for OSPF and BGP (v4 and v6)
12. The firewall should support SSL decryption to enforce NGFW & NGIPS policies
13. SSL decryption throughput of at least 3.2 Gbps (50% TLS 1.2 Traffic with AES256-SHA) should be supported
14. The proposed firewalls shall support standards-based link aggregation (IEEE 802.3ad)
15. Integrate with Microsoft Active Directory Server for implementing user-based application access control16. Full contextual awareness policy
enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities,
threats, and URLs
17. When an IPS signature is matched, the following configurable actions can be automatically taken:
Cisco
50 Firewall a. Detailed attack logging with hyperlink to IPS encyclopedia references b. In-built email alerts FC
FPR3105-NGFW-K9
c. SNMP traps
d. Packet logging for forensic studies
e. Pass, block or reset sessions
18. Should support Advance Malware Protection to prevent network breaches and rapidly detect, contain, and remediate threats if they evade front-line
defenses (Internet security layer). Bidder to explain how this will be achieved
19. Detect, store, track, analyze, and optionally block malware files being transmitted from Internet to internal corporate network
20. The solution should support file detection policies and blocking of files by types, protocols and directions. a. Protocols: FTP, HTTP, SMTP, IMAP, POP3
and NetBIOS
b. Direction: Upload, Download, both
c. File Types: Office Documents, Archive, Multimedia, Executable, PDF, Encoded, Graphics, and System Files
21. Should support SNMP, SYSLOG and NetFlow/ SFlow/ Jflow
22. The proposed firewalls shall have a reporting management system capable of generating reports on a manual ad-hoc or
schedule (daily, weekly, monthly, etc.) basis.
23. Should be able to integrate with the existing firewall management solution (FMC) to manage all the firewalls centrally.
24. Three Year Subscription required for all required features (NGFW, NGIPS and IPSEC)
25. Three-year OEM’s support must be attached to the proposed product with the following entitlement.
a. 24x7 access to Technical Assistance Center (TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
 1. L3 leaf switch with 48 x 1/10/25G SFP+ ports and 6 x 100/100G QSFP28 ports with the required optics (SFP-10G-AOC10M: 342,
GLC-TE: 342, QSFP-100G-CU3M: 38)
2. Redundant and hot-swappable AC power supplies and redundant fan modules
3. Should support 3.6 Tbps of switching capacity and 1.2Bpps packet forwarding capacity
4. Memory/Storage should be 16GB/128GB
5. Packet Buffers should be 40MB
6. Should support AAA, SSH v2, SNMPv3, Port Security and RADIUS support
7. Layer 2 features: 802.1D MAC Bridges, 802.1s Multiple Spanning Tree Protocol, 802.1w Rapid Spanning Tree Protocol, 802.1AE
MAC Security (Link-Layer cryptography), 802.3ad Link aggregation with LACP, 802.1Q VLAN Tagging, 802.1p Class-of-Service (CoS)
Tagging for Ethernet frames
8. Should support IEEE 802.1ae MAC Security (MACsec) on all ports
9. Should support PTP Telecom profile 8275.1 with SyncE
10. Comprehensive protocol support for Layer-3 (v4 and v6) unicast and multicast routing protocol suites, including BGP, Open
Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Routing Information Protocol Version 2 (RIPv2),
Protocol Independent Multicast Sparse Mode (PIM-SM), Source-Specific Multicast (SSM), VXLAN and Multicast Source Discovery
Protocol (MSDP)
11. Support for standards-based VXLAN EVPN fabrics, inclusive of hierarchical multisite support
12. Proposed switch should scale to:
a. 1.7Million IPv4 Routes
b. 512K MAC Entries
c. 3950 RPVST instances
d. 4096 VLANs
e. 16,000 VRFs
13. Virtual Port-Channel (v PC) Cisco
51 Core Switches FC
14. Programmability features: Ansible, Chef, Puppet, SALT, YANG and RESTCONF/NETCONF N9K-C93180YC-FX3H
15. Priority Flow Control (PFC) to prevent Ethernet frame drops by signaling, controlling, and managing Ethernet flows along the
path by sending pause frames to appropriate senders.
16. Explicit Congestion Notification (ECN), which provides end-to-end notification per IP flow by marking packets that experienced
congestion, without dropping traffic. The platform should be capable of tracking ECN statistics, including the number of marked
packets that have experienced congestion.
17. The platform should offer lossless transport for Remote Direct Memory Access (RDMA) over converged Ethernet (RoCE) with
support of Data-Center Bridging (DCB) protocols:
a. Enhanced Transmission Selection (ETS) to reserve bandwidth per priority class in network contention situations
b. Data Center Bridging Exchange Protocol (DCBX) to discover and exchange priority and bandwidth information with endpoints.
c. Weighted Random Early Detection (WRED) for congestion avoidance that allows the platform to detect and react to congestion in
the network by marking flows that could cause congestion.
18. Intelligent buffer management, which offers the capability to distinguish mice and elephant flows and apply different queue-
management schemes to them based on their network forwarding requirements in the event of link congestion.
19. Approximate Fair Dropping (AFD) with Elephant Trap (ETRAP).
20. Dynamic Packet Prioritization (DPP)
21. 64-way Equal-Cost Multipath (ECMP) routing.
22. In-Service Software Upgrades (ISSUs)
1. Three-year OEM’s support must be attached to the proposed product with the following entitlement. a. 24x7 access to Technical Assistance Center (TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates
c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
e. Broad solution view to identify and address any known issues beyond the original case scope
f. No triage required to open a case
 1. All Devices (rack, blade and hyperconverged) must be managed by single management tool this integration and management
into a single console simplifies administration tasks and operations, must be capable of managing the entire stack for hardware,
applications, automation/orchestration, workload optimization, storage and network automation, OS/VM/container installation.
2. Same exact API for any form factor and blades without requiring additional software or proxies.
3. Zero-Touch operations management option - no requirement to install software locally or use embedded appliances for
management operations.
4. Built-in orchestrator and automation framework with customizable workflows that support vendor and third-party systems
(storage, hypervisors)
5. The management software can be used to create resource pools that aggregate resources and have the compute device assigned
to the respective resource pools.
6. Servers can be assigned to the resource pool based on several properties and policies configured.
7. Supports a stateless environment where server identity is created by the administrator who defines the server configuration
such as: BIOS version, MAC ID, NIC firmware version, WWPN, FC-HBA firmware version, Adapter QoS, Management module
firmware version, UUIDs, Server Boot Policies, KVM IP etc.
8. Capability to enforce policies in the system BIOS settings and configuration, so once administrators define a common policy for a
server BIOS, all subsequent deployments use this policy
9. The embedded software management system must be able to deliver firmware to all compute nodes (either blades or racks) and
any networking or interconnect device in the system.
10. The server management port (CIMC / KVM) IP address is defined as part of the server profile / identity.
11. Support for software defined templates to quickly make changes to the infrastructure. Template should include server BIOS,
firmware, boot order, RAID, storage configs and network config of the infrastructure required for a given workload Cisco
52 Servers Type 1 FC
12. Able to create profiles for multiple server identities that can be deployed from a master server identity or a master template UCS-M7-MLB
regardless of server generation or form factor
13. Updating Templates for server identities that are created and linked to the master server, the identity inherits any modifications
done to the master template. Example, the version of the Server BIOS is changed in the master identity and all linked server
identities inherit the new modified Server BIOS version.
14. The proposed platform must support the re-purpose of a server, replace a failed blade/rack and to move OS/Application to
blade/rack w/ more resources by transferring the server identity/parameters to the new blade/rack through the server
management software without additional server configuration.
15. The system must be able to re-deploy the configuration associated to a blade or rack compute node as needed onto any other
blade or rack server in the existing domain or to a Disaster Recovery system in a separate domain
16. Servers should be 2U with redundant AC power supplies and FANs
17. Should have 2 x 10G Copper ports and 2 x 10G SFP+ ports with necessary optics
18. Should have Boot Optimized 2x960 GB SATA SSD with Raid controllers.
19. Server Specs:
a. 2 x 32Cores 2GHz Gold Processors
b. 64 GB DRAM
20. Three-year OEM’s support must be attached to the proposed product with the following entitlement.
a. 24x7 access to Technical Assistance Center (TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
e. Broad solution view to identify and address any known issues beyond the original case scope f. No triage required to open a case
 All Devices (rack, blade and hyper-converged) must be managed by single management tool this integration and management into
a single console simplifies administration tasks and operations, must be capable of managing the entire stack for hardware,
applications, automation/orchestration, workload optimization, storage and network automation, OS/VM/container installation.
2. Same exact API for any form factor and blades without requiring additional software or proxies.
3. Zero-Touch operations management option - no requirement to install software locally or use embedded appliances for
management operations.
4. Built-in orchestrator and automation framework with customizable workflows that support vendor and third-party systems
(storage, hypervisors)
5. The management software can be used to create resource pools that aggregate resources and have the compute device assigned
to the respective resource pools.
6. Servers can be assigned to the resource pool based on several properties and policies configured.
7. Supports a stateless environment where server identity is created by the administrator who defines the server configuration
such as: BIOS version, MAC ID, NIC firmware version, WWPN, FC-HBA firmware version, Adapter QoS, Management module
firmware version, UUIDs, Server Boot Policies, KVM IP etc.
8. Capability to enforce policies in the system BIOS settings and configuration, so once administrators define a common policy for a
server BIOS, all subsequent deployments use this policy
9. The embedded software management system must be able to deliver firmware to all compute nodes (either blades or racks) and
any networking or interconnect device in the system.
10. The server management port (CIMC / KVM) IP address is defined as part of the server profile / identity.
11. Support for software defined templates to quickly make changes to the infrastructure. Template should include server BIOS,
firmware, boot order, RAID, storage configs and network config of the infrastructure required for a given workload
12. Able to create profiles for multiple server identities that can be deployed from a master server identity or a master template
Cisco
53 Servers Type 2 regardless of server generation or form factor FC
UCS-M7-MLB
13. Updating Templates for server identities that are created and linked to the master server, the identity inherits any modifications
done to the master template. Example, the version of the Server BIOS is changed in the master identity and all linked server
identities inherit the new modified Server BIOS version.
14. The proposed platform must support the re-purpose of a server, replace a failed blade/rack and to move OS/Application to
blade/rack w/ more resources by transferring the server identity/parameters to the new blade/rack through the server
management software without additional server configuration.
15. The system must be able to re-deploy the configuration associated to a blade or rack compute node as needed onto any other
blade or rack server in the existing domain or to a Disaster Recovery system in a separate domain
16. Servers should be 2U with redundant AC power supplies and FANs
17. Should have 2 x 10G Copper ports and 2 x 10G SFP+ ports with necessary optics
18. Should have Boot Optimized 2x960 GB SATA SSD with Raid controllers.
19. Server Specs:
a. 2 x 32Cores 2GHz Gold Processors
b. 256 GB DRAM
c. 2 x 32Gbps FC HBA
d. A100 GPU 80GB
20. Three-year OEM’s support must be attached to the proposed product with the following entitlement. a. 24x7 access to Technical Assistance Center
(TAC)
b. Advance hardware replacement on Next-Business Day plus OS updates c. Software updates and upgrades
d. Service response objective for high-severity cases must be 30 minutes
e. Broad solution view to identify and address any known issues beyond the original case scope
f. No triage required to open a case
 1. Uplink and Access Ports – 48 Port 100/1000 Ports with Full POE+ and 4 x 10G Uplink (Loaded with 2 x 10G Base SR SFPs) +
dedicated stacking port with 320 Gbps local stacking bandwidth support
2. Console and USB Ports – 1 Nos. RJ-45 Console Port and 1 Nos. USB Port
3. RAM / FLASH – 8GB/16GB with optional additional SSD storage
4. Forwarding Capacity/Rate – 130 Mpps
5. Switching Capacity/Fabric – 176 Gbps Switching Capacity/Fabric
6. MAC Address Table Size – 32K
7. IEEE Standards Support – Must have support for IEEE 802.1d, IEEE 802.1w, IEEE 802.1s, IEEE 802.3ad, IEEE 802.1p, IEEE 802.1q, IEEE 802.1x, IEEE
802.1ab
8. Protocol Support – SNMP v1/v2 /v3 or Higher, Network Timing Protocol (NTP)
9. Multicast Routing Scale – Must support multicast routing functionality
10. Remote Login Support – Telnet, SSH v1 & v2
11. Security Features Support – Must Support - 802.1ae, TACACS+/RADIUS, MAC-Sec 128, should also be able to support MAC-Sec
256, Jumbo Frames
12. IP Unicast Routing Protocols – Routing Information Protocol Version 1 (RIPv1), RIPv2, RIPng, and Open Shortest Path First
(OSPF), BGP, IS-IS
13. QoS – IEEE 802.1p Class of Service (CoS) and Differentiated Services Code Point (DSCP) field classification, Committed
Information Rate (CIR)
14. NAC & Posture support Cisco
55 Network Switch FC
15. SDN Support – Support for SDN (Software Defined Network) Access (Must include but not limited to Yang, on box Python, g C9300L-48P-4X-E
RPC, Telemetry)
16. Power Supply – Dual Power Supply along with Power Cord (C14-C15 Connectors)
17. Programmable pipeline and micro-engine capabilities, along with template-based, configurable allocation of Layer 2 and Layer 3
forwarding, Access Control Lists (ACLs), and Quality of Service (QoS) entries.
18. The proposed switch must support integration with NAC as per the following.
- 802.1X, MAB, VLAN Assignment, DACL, RADIUS CoA, Profiling Probes, URL Redirection, Session ID and Local Web Auth
- Endpoint profiling must support identification of device category for e.g. <Brand> <IP Phone> etc.
- The Data and Voice VLAN should be dynamically pushed from the NAC.
- Session re-authentication, Session Termination with port shutdown/port bounce, Session Management, Session Query and
Session re-run should be supported with COA.
- Dynamic ACL should be pushed from NAC.
- Posture and periodic reassessment must be supported.
- Posture Unknown with Redirect ACL + DACL
19. The switch must support Flexible NetFlow
20. The switch must support NBAR2.
21. The switch must provide an open standards-based APIs such as NETCONF, RESTCONF, GNMI
22. Rack Mounting Kit – Must have standard rack mounting kit
23. 3 Years OEM backed next business day advance replacement warranty and 24x7x365 online technical support

* FC Stands for Fully Compliant