Tender for Wireless Network and Network Access Control

Tender for Wireless Network and Network Access Control

Wireless Network Solution. This may be an expansion or a replacement of the current Juniper system (215 APs). It is envisaged that a total in excess of 1 000 APs will be necessary to provide the coverage and capacity required.

United Kingdom-Stirling: Ethernet network

2013/S 228-396176

Contract notice

Supplies

Directive 2004/18/EC

Section I: Contracting authority

I.1)Name, addresses and contact point(s)

University of Stirling
Procurement Services, Finance Office, Room 2B10, Cottrell Building
For the attention of: Colin Elliott
FK9 4LA Stirling
UNITED KINGDOM
Telephone: +44 1786467104

Internet address(es):

General address of the contracting authority: http://www.stir.ac.uk

Address of the buyer profile: http://www.publiccontractsscotland.gov.uk/search/Search_AuthProfile.aspx?ID=AA00112

Electronic access to information: www.publiccontractsscotland.gov.uk

Electronic submission of tenders and requests to participate: www.publiccontractsscotland.gov.uk

Further information can be obtained from: The above mentioned contact point(s)

Specifications and additional documents (including documents for competitive dialogue and a dynamic purchasing system) can be obtained from: The above mentioned contact point(s)

Tenders or requests to participate must be sent to: The above mentioned contact point(s)

I.2)Type of the contracting authority

Body governed by public law
I.3)Main activity

Education
I.4)Contract award on behalf of other contracting authorities

The contracting authority is purchasing on behalf of other contracting authorities: no

Section II: Object of the contract

II.1)Description
II.1.1)Title attributed to the contract by the contracting authority:

Wireless Network and Network Access Control.
II.1.2)Type of contract and location of works, place of delivery or of performance

Supplies
Purchase
Main site or location of works, place of delivery or of performance: Stirling, Scotland, UK.
NUTS code UK

II.1.3)Information about a public contract, a framework agreement or a dynamic purchasing system (DPS)

The notice involves the establishment of a framework agreement
II.1.4)Information on framework agreement

Framework agreement with a single operator
Duration of the framework agreement

Duration in years: 4

II.1.5)Short description of the contract or purchase(s)

The University of Stirling has a requirement to update and expand the coverage and capacity of its Wireless Network infrastructure and introduce a Network Access Control (NAC) system.
A key theme of the University of Stirling Information Strategy is enabling users to access core University services via their own mobile devices, at any time, from any location. Since wireless networking is often the sole connectivity option for such devices, it is imperative that the University offers a comprehensive, high-quality wireless service in all its buildings which include teaching, administration and residence buildings. Now that Wi-Fi offers throughput exceeding that of wired Fast Ethernet, many users choose it instead of a fixed network connection, whilst still demanding comparable levels of performance and reliability. The University already has ‘hot-spot’ wireless coverage in selected areas of some buildings, but now requires the coverage to encompass all areas mentioned above, and capacity in teaching spaces to be increased to satisfy the possible maximum demand.
Another high priority for the University is preserving the security of the network, and data held on systems connected to it. It is required that only authorised users and devices are allowed to connect to the wired and wireless networks and that any device which is found to be a threat to network security can be suitably quarantined to prevent possible disruption to other users, whilst offering the user options for remediation. To achieve this goal, the University requires a flexible Network Access Control (NAC) system to be introduced, that will be integrated with the wired and wireless network infrastructure, and user authentication databases.
Both aspects of this project – Wireless Network and Network Access Control – are to be completed by the end of July 2014.
Wireless Network Solution
This may be an expansion or a replacement of the current Juniper system (215 APs). It is envisaged that a total in excess of 1 000 APs will be necessary to provide the coverage and capacity required. It is required that the solution that is implemented will be supported for a minimum of five years and can be expanded by the addition of the most current hardware available at the time of the expansion throughout the lifetime of the original system. It is estimated that a further 250 APs may be required for new builds during this period. This, and any other expansion requirements, will be purchased via the framework.
The minimum standard for the solution is IEEE 802.11n though there may be a case for “pockets” of IEEE 802.11ac. Bidders are expected to propose the appropriate AP and antenna hardware for the coverage and capacity specified for each defined location.
The key objective for the wireless network is that the end result is a single manufacturer system, administered by only one management product. The solution will provide a minimum basic coverage throughout virtually every building on the Stirling campus, and some off-campus residential accommodation in Stirling and Bridge of Allan. The scope of this tender excludes the Inverness and Stornoway campuses.
In some specified parts of the included properties the wireless infrastructure will need to provide adequate capacity (over and above basic coverage) for the numbers of users who may require concurrent connectivity e.g. lecture theatres. For these spaces the required capacities will be provided in the ITT.
The solution must be a centrally managed system such that:
— firmware updates and configuration information can be distributed to APs from a single source using the management tool
— client roaming is possible wherever there is contiguous wireless coverage
— automatic load balancing of clients amongst adjacent APs
— APs operate collaboratively to ensure optimal performance for clients of the system as a whole, for example in response to localised changes in the RF environment
Network Access Control Solution
This is required to:
— work on both wired and wireless networks and cover all points of access to the University network
— provide a mechanism for posture checking any device connected to the network but allow granularity of specification (e.g. by device type, functionality, or specific device) as to what devices must be posture checked, what checks must be performed, and what actions should be taken according to the results including placing the device into a remedial network
— identify when a device that is connected is a domain machine and allow a user of it free access to network resources to which they are entitled on submission of their user credentials
— for non-domain devices (BYOD), provide for:
o devices being used by individuals with logon credentials – in these circumstances the device will be ‘associated’ to the user the first time they log on using their credentials. They will be offered the opportunity to ‘onboard’ the device (providing the device is capable of it) so that in future they will not necessarily be required to enter their personal credentials when they reconnect to the network. University IT security policy may require that even users of onboard devices must personally authenticate periodically.
o devices being used by individuals unknown to the University for network access purposes. The users of these devices must register (provide a minimum amount of personal information e.g. mobile phone number or email address) and accept an AUP statement in order to obtain limited access to network resources
o all of the above functionality to be implemented on a self-service basis
— for network attached equipment, such as printers, CCTV cameras, IP telephone handsets, a facility to pre-register the devices within the NAC system such that they will work immediately on first connection
— completely deny access to any device/user combination which does not conform to one of the above requirements
— provide for an appropriate number of authenticated devices (based on initial user numbers of approximately 12 731 staff and students, plus an unknown number of sponsored users to whom logon credentials will be issued, and a further unknown number of casual users who will not be granted logon credentials. Each user may wish to authenticate up to three devices simultaneously). The NAC solution must be capable of expanding above this number by 20 % per annum over its lifetime, and such expansion with be catered for through the framework
— process authentications from a minimum of 600 wired network switches plus the number of authenticators provided as part of the wireless network solution
— have a role-based configuration and management interface which provides for multiple levels of admin users, such as the network team, help desk staff, and guest account sponsors each having different system control permissions.
General Requirements
The wireless network and NAC solutions must work together and ideally share a common management platform for configuration and monitoring.
Both wireless network and NAC solutions must fully integrate with, and exploit the functionality of, the existing Cisco wired network infrastructure.
In addition to wireless hardware and the NAC solution the successful bidder will be providing the overall solution design, project management services, structured cabling installation (Brand-Rex, Cat5e) for the wireless access points, equipment and software configuration, training, and post installation maintenance services.
The appointed framework supplier is not required to supply edge switching equipment.
Infrastructure hardware on which the software components of the solutions will run may be supplied to the University as appliances. Alternatively bidders may provide detailed system requirements (minimum and recommended) for server hardware which the University will then procure independent of this tender. The University will not accept proposals for “servers” to be provided by the bidder.
There should be no loss of Wireless Network coverage in the event of the failure of any single AP.
Likewise, there should be no failure of Wireless Network service owing to the failure of a component other than an AP (e.g. an appliance, a server, an edge network switch, or the power supply to a network cabinet). Therefore high availability of appliances/servers and diversity of cabling routes must be considered.
NOTE: To register your interest in this notice and obtain any additional information please visit the Public Contracts Scotland Web Site at http://www.publiccontractsscotland.gov.uk/Search/Search_Switch.aspx?ID=283064

The buyer has indicated that it will accept electronic responses to this notice via the Postbox facility. A user guide is available at http://www.publiccontractsscotland.gov.uk/sitehelp/help_guides.aspx

Suppliers are advised to allow adequate time for uploading documents and to dispatch the electronic response well in advance of the closing time to avoid any last minute problems.

II.1.6)Common procurement vocabulary (CPV)

32415000, 48210000

II.1.7)Information about Government Procurement Agreement (GPA)

The contract is covered by the Government Procurement Agreement (GPA): yes
II.1.8)Lots

This contract is divided into lots: no
II.1.9)Information about variants

Variants will be accepted: yes
II.2)Quantity or scope of the contract
II.2.1)Total quantity or scope:

Scope of wireless
— System design including specification of AP types for each location, appropriate cabling routes to meet resilience requirements, specification of edge port numbers and power requirements
— Prior to installation, a comprehensive RF survey of the site to validate the proposed design
— Supply, installation and configuration of Wireless Access Points, any associated additional hardware and required structured cabling as per the University’s Generic Cabling Specification
— A Wireless Network Management System to configure, administer and monitor the Wireless Network
— A post-installation RF survey to provide evidence that the coverage meets the stated requirements
— Seamless integration with the NAC solution
Scope of NAC
— System design
— Supply, installation and configuration of the hardware and software components
— A Network Access Control Management System to configure, administer and monitor the NAC solution
— Implement new NAC system to replace legacy VPN NAC solution (all of the wireless network, and the wired network in residences and public access locations) by the end of July 2014
— Demonstrate operation of the solution on the wired network infrastructure to members of the Systems and Network Services team, such that this element can be deployed on the remainder of the wired network beyond the end of the initial project
— Seamless integration with the wireless solution
For both elements
— In conjunction with the Systems and Network Services team, develop an IP addressing and VLAN plan
— Conduct pre-staging of all equipment as necessary
— Train relevant staff in the use of the Management Software package(s) for the management, administration and troubleshooting of the systems
— Provide comprehensive system and configuration documentation
— Provide comprehensive hardware and software maintenance services as specified
— Provide a comprehensive technical support service
II.2.2)Information about options

Options: no
II.2.3)Information about renewals

This contract is subject to renewal: no
II.3)Duration of the contract or time limit for completion

Section III: Legal, economic, financial and technical information

III.1)Conditions relating to the contract
III.1.1)Deposits and guarantees required:

A parent-company guarantee or performance bond may be required.
III.1.2)Main financing conditions and payment arrangements and/or reference to the relevant provisions governing them:
III.1.3)Legal form to be taken by the group of economic operators to whom the contract is to be awarded:

Joint and several liability where applicable.
III.1.4)Other particular conditions

The performance of the contract is subject to particular conditions: no
III.2)Conditions for participation
III.2.1)Personal situation of economic operators, including requirements relating to enrolment on professional or trade registers

Information and formalities necessary for evaluating if the requirements are met: All information required will be stipulated in the pre-qualification questionnaire (PQQ) which should be downloaded at the address of the buyer profile shown at 1.1 of this notice. The PQQ must be completed and returned together with all the supporting documents no later than the deadline shown at IV3.4 of this notice.
III.2.2)Economic and financial ability

Information and formalities necessary for evaluating if the requirements are met: All information required will be stipulated in the pre-qualification questionnaire (PQQ) which should be downloaded at the address of the buyer profile shown at 1.1 of this notice. The PQQ must be completed and returned together with all the supporting documents no later than the deadline shown at IV3.4 of this notice.
III.2.3)Technical capacity

Information and formalities necessary for evaluating if the requirements are met:
All information required will be stipulated in the pre-qualification questionnaire (PQQ) which should be downloaded at the address of the buyer profile shown at 1.1 of this notice. The PQQ must be completed and returned together with all the supporting documents no later than the deadline shown at IV3.4 of this notice.
III.2.4)Information about reserved contracts
III.3)Conditions specific to services contracts
III.3.1)Information about a particular profession
III.3.2)Staff responsible for the execution of the service

Section IV: Procedure

IV.1)Type of procedure
IV.1.1)Type of procedure

Restricted
IV.1.2)Limitations on the number of operators who will be invited to tender or to participate

Envisaged minimum number 5: and maximum number 8
Objective criteria for choosing the limited number of candidates: Financial capacity, technical capacity, relevant experience, accreditations and business probity.
IV.1.3)Reduction of the number of operators during the negotiation or dialogue
IV.2)Award criteria
IV.2.1)Award criteria

The most economically advantageous tender in terms of the criteria stated in the specifications, in the invitation to tender or to negotiate or in the descriptive document
IV.2.2)Information about electronic auction

An electronic auction will be used: no
IV.3)Administrative information
IV.3.1)File reference number attributed by the contracting authority:
IV.3.2)Previous publication(s) concerning the same contract
IV.3.3)Conditions for obtaining specifications and additional documents or descriptive document
IV.3.4)Time limit for receipt of tenders or requests to participate

23.12.2013 – 12:00
IV.3.5)Date of dispatch of invitations to tender or to participate to selected candidates

17.1.2014
IV.3.6)Language(s) in which tenders or requests to participate may be drawn up

English.
IV.3.7)Minimum time frame during which the tenderer must maintain the tender
IV.3.8)Conditions for opening of tenders

Section VI: Complementary information

VI.1)Information about recurrence
VI.2)Information about European Union funds
VI.3)Additional information

PQQs will be issued via the Public Contracts Scotland Web Site.
Prior to any contract award, the Contracting Authority reserves the right to verify that the economic and financial standing of the economic operator which submitted the most economically advantageous tender has not materially deteriorated from that disclosed by that economic operator’s responses to the pre-qualification questionnaire. Where such verification identifies that the economic and financial standing of that economic operator is no longer as previously described to the Contracting Authority and that any of the grounds for rejection specified in Regulation 23 of the Public Contracts (Scotland) Regulations 2006 apply to the economic operator or the economic operator no longer satisfies the intimated minimum standard of economic and financial standing required, then the Contracting Authority shall be under no obligation to award a contract to that economic operator and will have the right to award a contact to the economic operator whose tender following evaluation received the next highest score.
(SC Ref:283064)
VI.4)Procedures for appeal
VI.4.1)Body responsible for appeal procedures

University of Stirling
Procurement Services, Finance Office, Cottrell Building
FK9 4LA Stirling
UNITED KINGDOM

VI.4.2)Lodging of appeals
VI.4.3)Service from which information about the lodging of appeals may be obtained

VI.5)Date of dispatch of this notice:22.11.2013