CDRC Network Section VI 04-06-2002 - World Bank

cloutedcoughΔίκτυα και Επικοινωνίες

28 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

184 εμφανίσεις


155

S
ECTION
VI.

T
ECHNICAL
R
EQUIREMENTS
(
INCLUDING
I
MPLEMENTATION
S
CHEDULE
)

156

Section VI. Technical Requirements

TABLE OF CONTENTS

A.

BACKGROUND

................................
................................
.................

162

A.1

T
HE
P
URCHASER
................................
................................
.........

162

A.1.1

A
GENCY

S
L
EGAL
B
ASIS
,

O
RGANIZATIONAL
R
OLE
,

C
ORE
O
BJECTIVES

................................
................................
..............................

162

A.2

B
USINESS
O
BJECTIVES OF THE
P
URCHASER

................................
.

162

A.2.1

O
VERWIEW

................................
................................
...............................

162

A.2.2

E
XPECTED BENEFITS OF
THE SYSTEM

................................
........................

163

A.3

A
CRONYMS
U
SED IN
T
HESE
T
ECHNICAL
R
EQUIREMENTS

............

164

B.

FUNCTIONAL PERFORMAN
CE REQUIREMENTS OF T
HE
SYSTEM

................................
................................
.............................

167

B.1

CDRC

NETWORK

................................
................................
...

167

B.2

C
ENTRAL
L
OCATION
................................
................................
...

167

B.3

GZAOP
................................
................................
......................

168

B.4

T
YPE
I

................................
................................
........................

168

B.5

T
YPE
II

................................
................................
.......................

169

B.6

T
YPE
III

................................
................................
.....................

170

B.7

T
YPE
IV
................................
................................
......................

170

B.8

VOICE

&

VIDEO

REQUIREMENTS

................................
......

170

B.8.1

V
OICE
R
EQUIREMENTS
................................
................................
..............

170

B.8.2

V
IDEO
R
EQUIREMENTS

................................
................................
.............

170

B.8.3

V
IDEO
S
URVEILLANCE

................................
................................
..............

171

B.9

VPN

................................
................................
...........................

171

B.10

T
HE
P
ROCESS OF MIGRATION

................................
......................

171

B.11

C
ROATIAN
C
USTOMS
C
OMMUNICATION
N
ETWORK
-
P
RESENT
D
AY

................................
................................
............................

175

B.11.1

X.25

T
RANSMISSION
R
OUTES
(S
NA
N
ETWORK
)

................................
........

1
75

B.11.2

T
HE
F
RAME
R
ELAY
N
ETWORK
(TCP/IP

AND
SNA)
................................
..

175

B.11.2.1

Description of remote locations
................................
................................
...............

175

B.11.2.2

Routing scheme

................................
................................
................................
..........

175

B.11.2.3

Traffic priority

................................
................................
................................
............

176

B.11.2.4

Topology
................................
................................
................................
......................

176

B.11.3

A
PPLICATION AND
N
ETWORK
I
NFRASTRUCTURE OF
CDRC

......................

176

B.12

T
HE
C
ROATIAN
T
ELECOMMUNICATION
I
NFRASTRUCTURE

..........

177

Section VI. Technical Requirements

157

B.12.1

D
ATA
T
RANSPORT
S
ERVICES OFFERED BY
HT

D
ATA
N
ETWORKS

.............

178

B.12.1.1

Frame Relay

................................
................................
................................
................

178

B.12.1.2

ATM

................................
................................
................................
.............................

178

B.12.1.3

Leased

Line

................................
................................
................................
.................

178

B.12.1.4

X.25

................................
................................
................................
..............................

178

B.12.1.5

ISDN
................................
................................
................................
.............................

179

C.

TECHNICAL SPECIFICAT
I
ONS

................................
.....................

180

C.1

G
ENERAL
T
ECHNICAL
R
EQUIREMENTS

................................
.......

180

C.1.1

L
ANGUAGE
S
UPPORT

................................
................................
................

180

C.1.2

D
ATES

................................
................................
................................
.......

180

C.1.3

E
LECTRICAL
P
OWER

................................
................................
.................

180

C.1.4

E
NVIRONMENTAL
................................
................................
......................

180

C.1.5

A
PPROVALS
................................
................................
...............................

180

C.1.6

E
QUIPMENT
M
ANUFACTURER

................................
................................
...

180

C.2

N
ETWORK AND
C
OMMUNICATIONS
S
PECIFICATIONS

...................

181

C.2.1

L
OCAL
A
REA
N
ETWORK
(
S
)

................................
................................
.......

181

C.2.1.1

General Requirements

................................
................................
...............................

181

C.2.1.2

Equipment and software on

CL site

................................
................................
........

181

Distribution switches

................................
................................
................................
.....

181

Access switches

................................
................................
................................
.............

181

C.2.1.3

Equ
ipment and software on GZAOP site
................................
...............................

181

C.2.1.4

Equipment and software on Type Ia, Type Ib, Type Ic, Type IIa, Type IIb,
Type IIc and Type III sites

................................
................................
.......................

181

Switches
................................
................................
................................
.........................

181

C.2.2

W
IDE
-
A
REA
N
ETWORK

................................
................................
.............

182

C.2.2.1

General requirements
................................
................................
................................
.

182

C.2.2.2

Equipment and software on CL site

................................
................................
........

182

Core routers

................................
................................
................................
...................

182

Access routers
................................
................................
................................
................

182

Gatekeeper routers
................................
................................
................................
.........

182

C.2.2.3

Equipment and software on GZAOP site
................................
...............................

182

Access router

................................
................................
................................
.................

182

C.2.2.4

Equipment and software on Type Ia, Type Ib, Type Ic, Type IIa, Type IIb,
Type IIc, Type III and Type IV sites

................................
................................
......

182

Type Ia router

................................
................................
................................
................

182

Type Ib router

................................
................................
................................
................

182

Type Ic router

................................
................................
................................
................

182

Type IIa router
................................
................................
................................
...............

182

Type IIb router
................................
................................
................................
...............

183

Type IIc router
................................
................................
................................
...............

183

Type III router

................................
................................
................................
...............

183

Type IV router

................................
................................
................................
...............

183

C.2.3

I
NTERNET
A
CCESS
N
ETWORK ON
CL

S
ITE

................................
................

183

C.2.3.1

Firewall Equipmen
t and software on CL site

................................
........................

183

Firewall
................................
................................
................................
..........................

183

C.2.3.2

WAN Equipment and software on CL site

................................
............................

183

Internet access router
................................
................................
................................
.....

183

C.2.3.3

LAN Equipment and software on CL site
................................
..............................

183

Switches
................................
................................
................................
.........................

183

Cache device
................................
................................
................................
..................

183

C.3

V
IDEOCONFERENCING
S
YSTEM
S
PECIFICATION

...........................

184

158

Section VI. Technical Requirements

C.3.1

E
QUIPMENT AND
S
OFTW
ARE

................................
................................
.....

184

C.3.1.1

Videoconferencing system

................................
................................
.......................

184

C.3.1.2

Cameras

................................
................................
................................
.......................

184

C.4

S
OFTWARE
S
PECIFICATIONS

................................
.......................

184

C.4.1

S
YSTEM
S
OFTWARE AND
S
YSTEM
-
M
ANAGEMENT
U
TILITIES
....................

184

C.4.1.1

Operating system
................................
................................
................................
........

184

C.4.1.2

Software for network control

................................
................................
...................

184

C.5

S
YSTEM
M
ANAGEMENT
,

A
DMINISTRATION
,

AND
S
ECURITY
S
PECIFICATIONS

................................
................................
.........

184

C.5.1

G
ENERAL
R
EQUIREMENTS

................................
................................
........

184

C.5.2

T
ECHNICAL
M
ANAGEMENT AND
T
ROUBLESHOOTING

...............................

185

C.5.3

U
SER AND
U
SAGE
A
DMIN
STRATION
................................
..........................

185

C.5.4

S
ECURITY
................................
................................
................................
..

185

C.5.5

WAN

M
ANAGEMENT
F
EATURES

................................
..............................

185

C.5.
6

LAN

M
ANAGEMENT
F
EATURES
................................
................................

185

C.5.7

U
SER
A
CCESS
M
ANAGEMENT
F
EATURES

................................
..................

185

C.5.8

N
ETWORK
M
ANAGEMENT
S
ERVER
S
PECIFICATIONS

................................
.

185

C.6

P
OWER
R
EGULATION

................................
................................
..

185

C.6.1

UPS

E
QUIPMENT AND
S
OFTWARE
................................
.............................

185

C.7

S
ERVICE
S
PECI
FICATIONS

................................
...........................

186

C.7.1

S
ERVICES UNDER THE
C
ONTRACT

................................
.............................

186

C.7.1.1

Technical Training

................................
................................
................................
.....

186

C.7.1.2

Upgrading and Updating
................................
................................
...........................

187

C.7.1.3

Technical Consultation
................................
................................
..............................

187

C.7.1.4

Warranty Repair

................................
................................
................................
.........

187

C.7.2

S
ERVICES TO BE PROVID
ED UNDER A SEPARATE
,

TO
-
BE
-
A
GREED
“C
USTOMER
S
ERVICES
C
ONTRACT

................................
..........................

188

C.7.2.1

Technical Training

................................
................................
................................
.....

188

C.7.2.2

Upgrading and Updating
................................
................................
...........................

188

C.7.2.3

Technical Consultation
................................
................................
..............................

188

C.7.2.4

Troubleshooting and
Maintenance

................................
................................
..........

18
9

C.8

D
OCUMENTATION
-

G
ENERAL
R
EQUIREMENTS

............................

189

C.8.1

R
EPORTS

................................
................................
................................
...

189

C.8.2

P
ERIODIC
S
UBMITTALS
/D
ELIVERABLES

................................
....................

190

C.9

D
OCUMENTATION
-
U
SER
D
OCUMENTATION

................................
.

190

C.10

D
OCUMENTATION
-
T
ECHNICAL
D
OCUMENTAT
ION

.......................

190

C.10.1

T
ECHNICAL
D
OCUMENTATION
G
ENERAL
R
EQUIREMENTS

........................

190

C.10.2

T
ECHNICAL
D
OCUMENTATION
S
PECIFIC
R
EQUIREMENTS

.........................

191

C.10.2.1

Routers

................................
................................
................................
.........................

191

C.10.2.2

Switches

................................
................................
................................
.......................

191

C.10.2.3

Firewalls

................................
................................
................................
......................

191

C.10.2.4

Load balancing devices

................................
................................
.............................

191

C.10.2.5

Network management (for each server)

................................
................................
.

191

C.10.2.6

Videoconferencing system

................................
................................
.......................

192

C.10.2.7

Communicat ion racks

................................
................................
................................

192

C.10.2.8

Cables

................................
................................
................................
...........................

192

Section VI. Technical Requirements

159

C.11

D
OCUMENTATION
-
T
RAINING
D
OCUMENTATION

..........................

192

C.11.1

T
RAINING
D
OCUMENTATION
G
ENERAL
R
EQUIREMENTS
...........................

192

D.

TESTIN
G AND QUALITY ASSURA
NCE REQUIREMENTS

.........

193

D.1

I
NSPECTIONS
................................
................................
...............

193

D.1.1

I
NSPECTIONS FOLLOWING

DELIVERY

................................
.........................

193

D.2

P
RECOMMISSIONING
T
ESTS
................................
.........................

193

D.3

O
PERATIONAL
A
CCEPTANCE
T
ESTS

................................
............

193

D.3.1

CENTRAL

LOCATION

................................
................................
..........

193

D.3.2

GZAOP

................................
................................
................................
....

194

D.3.3

TYPE

I

................................
................................
................................
.....

194

D.3.4

TYPE

II

................................
................................
................................
....

195

D.3.5

TYPE

III

................................
................................
................................
...

195

D.3.6

TYPE

IV
................................
................................
................................
...

196

D.3.7

V
IDEOCONFERENCING
S
YSTEM

................................
................................
.

196

D.3.8

N
ETWORK
M
ANAGEMENT

................................
................................
.........

197

D.3.9

T
HE
E
NTIRE
S
YSTEM
................................
................................
.................

197

E.

IMPLEMENTATION SCHED
ULE

................................
...................

198

E.1

S
ITE
(
S
)

T
ABLE
1

................................
................................
..........

199

E.2

S
ITE
(
S
)

T
ABLE
2

................................
................................
..........

200

E.3

S
YSTEM
I
NVENTORY
T
ABLE
-
P
RESENT
D
AY
:

N
ETWORK
E
QUIPMENT

................................
................................
................

208

E.4

S
YSTEM
I
NVENTORY
T
ABLE
-
P
RESENT
D
AY
:

PBX

........................

214

E.5

S
YSTEM
I
NVENTORY
T
ABLE
-
T
RADE IN
E
QUIPMENT
.....................

215

E.6

I
MPLEMENTATION
S
CHEDULE
T
ABLE

................................
..........

216

E.7

S
YSTEM
I
NVENTORY
T
ABLE
(S
UPPLY AND
I
NSTALLATION
C
OST
I
TEMS
)
-
R
EQUIRED
E
QUIPMENT

................................
...................

217

E.8

S
YSTEM
I
NVENTORY
T
ABLE
(R
ECURRENT
C
OST
I
TEMS
)
-
S
ERVICE
T
YPE
M
AINTENANCE

................................
....................

226

E.9

S
YSTEM
I
NVENTORY
T
ABLE
(R
ECURRENT
C
OST
I
TEMS
)
-
S
ERVICES
................................
................................
....................

231

E.10

P
URCHASER
W
ORKING
H
OURS
T
ABLE

................................
........

232

E.11

T
ABLE OF
H
OLIDAYS AND
O
THER
N
ON
-
W
ORKING
D
AYS

.............

233

160

Section VI. Technical Requirements

F.

REQUIRED FORMAT OF T
ECHNICAL BIDS

...............................

234

F.1

D
ESCRIPTION OF THE
I
NFORMATION
T
ECHNOLOGIES
,

M
ATERIALS
,

O
THER
G
OODS
,

AND
S
ERVICES
................................

234

F.2

I
TEM
-
BY
-
I
TEM
C
OMMENTARY ON THE
T
ECHNICAL
R
EQUIREMENTS

................................
................................
..........

234

F.3

P
RELIMINARY
P
ROJECT
P
LAN

................................
.....................

234

F.4

C
ONFIR
MATION OF
R
ESPONSIBILITY FOR
I
NTEGRATION AND
I
NTEROPERABILITY OF
I
NFORMATION
T
ECHNOLOGIES

................

235

G.

TECHNICAL RESPONSIVE
NESS CHECKLIST

............................

236

G.1

N
OTE TO
B
IDDERS
................................
................................
.......

236

G.2

L
OCAL
A
REA
N
ETWORKS
................................
............................

236

G.2.1

T
ABLE
TL
-
L1

................................
................................
...........................

236

G.2.2

T
ABLE
TL
-
L2

................................
................................
...........................

237

G.2.3

T
ABLE
TL
-
L3

................................
................................
...........................

237

G.2.4

T
ABLE
TL
-
L4

................................
................................
...........................

238

G.2.5

T
ABLE
TL
-
L5

................................
................................
...........................

239

G.2.6

T
ABLE
TL
-
L6

................................
................................
...........................

239

G.2.7

T
ABLE
TL
-
L7

................................
................................
...........................

240

G.2.8

T
ABLE
TL
-
L8

................................
................................
...........................

241

G.2.9

T
ABLE
TL
-
L9

................................
................................
...........................

242

G.2.10

T
ABLE
TL
-
L10

................................
................................
.........................

242

G.
3

W
IDE
A
REA
N
ETWORK

................................
...............................

244

G.3.1

T
ABLE
TW
-
CL1

................................
................................
.......................

244

G.3.2

T
ABLE
TW
-
CL2

................................
................................
.......................

245

G.3.3

T
ABLE
TW
-
CL3

................................
................................
.......................

247

G.3.4

T
ABLE
TW
-
GZ1

................................
................................
.......................

248

G.3.5

T
ABLE
TW
-
T1A

................................
................................
.......................

250

G
.3.6

T
ABLE
TW
-
T1B

................................
................................
.......................

251

G.3.7

T
ABLE
TW
-
T1C

................................
................................
.......................

253

G.3.8

T
ABLE
TW
-
T2A

................................
................................
.......................

255

G.
3.9

T
ABLE
TW
-
T2B

................................
................................
.......................

256

G.3.10

T
ABLE
TW
-
T2C

................................
................................
.......................

258

G.3.11

T
ABLE
TW
-
T3

................................
................................
..........................

259

G.
3.12

T
ABLE
TW
-
T4

................................
................................
..........................

261

G.4

I
NTERNET
A
CCESS
N
ETWORK ON
CL

S
ITE

................................
..

262

G.4.1

T
ABLE
TF
-
F1

................................
................................
............................

262

G.4.2

T
ABLE
TF
-
R1

................................
................................
...........................

263

Section VI. Technical Requirements

161

G.4.3

T
ABLE
TF
-
C1

................................
................................
...........................

264

G.5

V
IDEOCONFERENCING
S
YSTEM

................................
...................

264

G.5.1

T
ABLE
TV
-
S1

................................
................................
...........................

264

G.5.2

T
ABLE
TV
-
C1

................................
................................
...........................

265

G.6

S
YSTEM
M
ANAGEMENT
................................
...............................

266

G.6.1

T
ABLE
TM
-
L1

................................
................................
..........................

266

G.6.2

T
ABLE
TM
-
W1

................................
................................
.........................

267

G.6.3

T
ABLE
TM
-
U1

................................
................................
..........................

267

G.6.4

T
ABLE
TM
-
S1
................................
................................
...........................

267

G.7

P
OWER
R
EGULATION

................................
................................
..

268

G.7.1

T
ABLE
TP
-
U1

................................
................................
...........................

268

G.7.2

T
ABLE
TP
-
U2

................................
................................
...........................

269

G.7.3

T
ABLE
TP
-
U3

................................
................................
...........................

269

H.

ATTACHMENTS

................................
................................
...............

270

H.1

A
TTACHMENT
1:

C
ROATIAN
T
ELECOM
C
OMPANY
(H
ISTORY AND
B
RIEF
D
ESCRIPTION
)

................................
................................
..

271

H.2

A
TTACHMENT
2:

T
ARIFF
S
YSTEM OF
C
ROATIAN
T
ELECOM
C
OMPANY

................................
................................
...................

277

H.3

A
TTACHMENT
3:

L
AW ON
T
ELECOMMUNICATIONS
R
EPUBLIC OF
C
ROATIA

................................
................................
....................

350

162

Section VI. Technical Requirements

A.

BACKGROUND

A.1

THE PURCHASER

A.1.1

A
GENCY

S
L
EGAL
B
ASIS
,

O
RGANIZATIONAL
R
OLE
,

C
ORE
O
BJECTIVES

The Customs Directorate of the Republic of Croatia
is a legal enforcement entity
operating within the framework of the Ministry of Finance. Its mandate is defined by
law, and includes the enforcement of the legal provisions concerning the movement of
goods and people in and out of the country, with regards

to duty and tax payments,
tariffs, quotas, preferential rates, currency control, etc.

Headquarters are located in Zagreb, and it administers the 10 Customs Houses which
are located across the entire territory of the country. In turn, Customs Houses manage

the 158 individual Customs Offices, located within their jurisdiction (See
Figure
2
.
Site Locations of CDRC
).

The regulation of the Customs System in the Republic of Croatia is achieved through
the implementation of the following

legislative acts: the Customs Code, the Customs
Tariff Code and the Customs Service Code.

The Customs Directorate main functions and tasks are:



To protect the society by enforcing constraints and prohibition on imports,
exports and transit,



Continuosly to

provide support to economic development by maintaining
optimal balance between trade and an efficient application of domestic
regulations,



To collect customs duties and other revenues under the law,



To combat all types of customs fraud (smuggling, etc.),



To collect and anallyse statistics on international trade,



To propose to the Government initiatives and measures within its remit,



To carry out its tasks in a rational and effective manner.

A.2

BUSINESS OBJECTIVES
OF THE PURCHASER

A.2.1

O
VERWIEW

Existing Croatian Cu
stoms Directorate’s communication network is not adequate
enough to accommodate for all the tasks business processes require. Most of the
networking equipment is obsolete, which, in effect causes increased operation
-

and
maintenance expenses. The existing
equipment is also unable to handle all the
necessary bandwidth required to implement new application software solutions.

Section VI. Technical Requirements

163

Additionally, the large number of Croatian customs’ locations is not yet connected to
CDRC’s network, thus making customs’ business pro
cesses and control of customs
procedures somewhat difficult.

The need for larger data transfer rates and centralised network management, the arrival
of new services and technologies as well as introduction of newest Croatian Telecom’s
services are among th
e most important reasons for starting this project.

A.2.2

E
XPECTED BENEFITS OF
THE SYSTEM

In terms of the CDRC’s business processes, main objectives are:



Informatization all of non
-
computerized customs’ locations,



Introduction and development of new software sol
utions,



Elimination redundant data
-
entry,



Increasing employees’ efficiency by using the newest information
technologies,



Enabling exchange of data with other offices of the government
administration,



Decreasing exploitation costs of the information system,



Protecting previous IT
-
related investments already done by CDRC.

In terms of technical characteristics of CDRC’s IT system, main objectives are:



Modernisation of the existing communication network,



Integration of all of CDRC’s IT resources,



Increasing rel
iability, stability, manageability and bandwidth of computer
-

and communication network,



Unification of communication
-

and network equipment,



Integration of video
-
conferencing and telephone traffic throughout of the
network infrastructure.

Upon it’s comple
tion, the project has to enable connectivity of all Croatian customs’
locations (guaranteeing the required level of redundancy and minimal bandwidth), as
well as to raise the efficiency level of customs and office work.

Also, it should ensure ability of th
e information system to accept any future upgrades
and to support changes of business requirements.

The intention is to decrease operation and maintenance expenses and to increase
system’s usability, quality and functionality by integration of voice and da
ta streams,
incorporating the existing and future services as well.

Implementing a video
-
conferencing over the CDRC’s future network should enable
better communication and more efficient agreement process when adopting new
business procedures. Video
-
confer
encing is expected to cut the business travel
expenses as well.

164

Section VI. Technical Requirements

A.3

ACRONYMS USED IN THE
SE TECHNICAL
REQUIREMENTS

Term

Explanation

ACL

Access Control List

ATM

Asynchronous Transfer Mode

BACP

Bandwidth Allocation Control Protocol

BGP4

Border Gateway Protoc
ol version 4

BOD

Bandwidth on Demand

bps

bits per second

BRA

Basic Rate Access

BRI

Basic Rate Interface

CA

Certificate Authority

CACA

Customs House

CDRC

Croatian Directorate Republic of Croatia

CCP

PPP Compression Control Protocol

CHAP

Challenge

Handshake Authentication Protocol

CI

Customs Office

CL

Central Location (Customs House CACA Zagreb)

CO

Customs Posthouse

DDR

Dial on Demand

DES

Data Encryption Standard

DHCP

Dynamic Host Configuration Protocol

DLSw

Data
-
link switching

DNS

Domain
Name Server

DSPU

Downstream PU concentration

ECC

Error Correction Code

EIGRP

Enhanced Interior Gateway Routing Protocol

Ethernet

IEEE 802.3 Standard LAN protocol

FEP

Front
-
End Processor

FR

Frame Relay

Gb

Gigabyte

GRE

Generic Routing Encapsulation

GZAOP

IT Center (Present Day)

HQ

Customs Headquarters

HAS

High System Availability

HSRP

Hot Standby Routing Protocol

Hz

Hertz (cycles per second)

IEEE

Institute of Electrical and Electronics Engineers

Section VI. Technical Requirements

165

Term

Explanation

IGMP

Internet Group Management Protocol

IGRP

Interior Gateway Routing Protocol

IMA

Inverse Multiplexing over ATM

IP

Internet Protocol

IPCP

IP Control Protocol

IPSec

IP Security Protocol

IRB

Integrated routing and bridging

IRDP

ICMP Router Discovery Protocol

ISDN

Integrated Services Digital N
etwork

ISL

Inter
-
Switch Link

ISO

United Nations International Standards Organization

ISP

Internet Service Provider

Kb

Kilobyte

L2TP

Layer 2 Tunnel Protocol

LAN

Local
-
Area Network

LLC2

Logical Link Control, type 2

LU

Logical Unit

Mb

Megabyte

MDS

Multicast Distributed Switching

ML
-
PPP

Muti Link PPP

MPPC

Microsoft Point
-
to
-
Point Compression

MSCHAP

Microsoft Challenge Handshake Authentication Protocol

MTBF

Mean Time Between Failures

NAT

Network Address Translation

NIC

Network Interface Car
d

NTP

Network Time Protocol

ODR

On Demand Routing

OS

Operating System

OSPF

Open Shortest Path First

PAD

Public Dial Access

PAP

Password Authentication Protocol

PAT

Port Address Translation

PDC

Primary Domain Controller

PIM

Protocol Independent

Multicast

PPP

The Point
-
to
-
Point Protocol

PRA

Primary Rate Access

PRI

Primary Rate Interface

166

Section VI. Technical Requirements

Term

Explanation

PSTN

Public Switched Telephone Network

PU

Physical Unit

PVC

Permanent Virtual Circuit

QLLC

Qualified Logical Link Control

QoS

Quality
-
of
-
Service

RADIU
S

Remote Authentication Dial
-
In User Service

RA

Registry Authority

RAM

Random Access Memory

RH

Republic of Croatia

RIP

Routing Information Protocol

RMON

Remote Monitoring

RSVP

Resource Reservation Protocol

RTP

Real Time Protocol

SDLC

Supported Dat
a
-
Link Configuration

SNA

Systems Network Architecture

SNMP

Simple Network Management Protocol

SNTP

Simple Network Time Protocol

SRB

Source
-
route bridging

TACACS

Terminal Access Controller Access Control System

TCP/IP

Transmission Control Protocol/I
nternet Protocol

TFTP

Trivial File Transfer Protocol

V

Volt

VA

Volt Ampere

VBR

Variable Bit Rate

VoIP

Voice over IP

VPDN

Virtual Private Dial
-
up Network

WAN

Wide
-
Area Network

XOT

X.25 over TCP

Section VI. Technical Requirements

167

B.

FUNCTIONAL PERFORMAN
CE
REQUIREMENTS OF THE
SYSTEM

B.1

C
DRC NETWORK

The planned CDRC network consists of a central location (Customs House CACA
Zagreb), GZAOP and lower level locations, which are listed as Type I, Type II, Type
III and Type IV (See
Figure
2
. Site Locations of CDRC
). Lo
cations of Type I and
Type II are further divided according to required equipment as Ia, Ib, Ic, and IIa, IIb
and IIc, where the exact division is specified in the Node Type column of
System
Inventory Table (Supply and Installation Cost Items)
-
Required Equipment
. The
hierarchy of the network requires connection of types on a vertical scheme, according
to the following key:



GZAOP and Type I locations are linked to the Central location,



Locations of Type II, III and IV are linked to
Type I locations (See
Figure
1
.
Network Topology Scheme
).

While preparing the network project, emphasis should be placed on optimal network
exploitation, from the cost of use and resources standpoint. The chosen approach
should be

elaborated in the project. It is essential to achieve full compatibility of the
devices on different locations, and that these devices are complementary for
replacements, upgrades, add
-
ons, modules etc.

In the following text functional demands, concerning

equipment for each type, are
described, respectively.

B.2

CENTRAL LOCATION

The Central location is the central point of the network. It is physically located in the
Customs House CACA Zagreb building, which is planned for implementing a server
farm. The Centr
al location is the most important network point, and has to be
functional 99.99% of the time, so that redundancy of equipment
MUST

be planned
and implemented. Besides this, another key requirement is to separate the CDRC
internal network from the public ne
twork, i.e. Internet, which
MUST

be ensured using
physically separated devices.

It is necessary to ensure the number of active Ethernet ports as specified in the
System
Inventory Table (Supply and Installation Cost Items)
-
Required Equipment
, and the
network
MUST

convert totally from shared

to switching technology. Because of the
exceptionally high requirements concerning network availability, redundancy
MUST

be implemented on the central switches, which
MUST

support Layer 3 Switchi
ng. The
network equipment
MUST

also support load balancing in communication between the
central switches and server farm.

At the Central location it is necessary to ensure dial
-
in connectivity for mobile users
and small locations (Type IV), and dial
-
in con
nectivity for backup calls in case of
168

Section VI. Technical Requirements

failures. It is, therefore, necesary that the offered equipment can handle analog and
ISDN calls.

The main connection to the INTERNET shall also be implemented at the Central
location, enabling INTERNET access for all
other locations. As this is the connection
point of the Customs internal network with the outside world, i.e. INTERNET, a
system of protection and control
MUST

be implemented using firewall functions, on
physically separate devices. The firewall system
MUS
T

have the possibility of
handling and terminating VPN connections from the Internet (IPSec 3DES).

At the Central location VoIP technology
MUST

be implemented, to be used with
Type I, Type IIa and Type IIc locations. Hardware support for video conferencing

and
video control
MUST

be ensured (See Chapter
B.8
).

Active network equipment at the Central location includes FR/ATM connections from
all Type I locations, FR/ATM connections from CACA Zagreb subordinate Type II,
Type III and

Type IV locations and receiving ISDN calls in case of failure of primary
lines. All primary links
MUST

be ATM and
MUST

be based on HT infrastructure
(services offered by HT, which could be of interest for this project are listed in
Chapter
B.12
) The system
MUST

be redundant enouhg to be available 99,99% of the
time. Central routers
MUST

have the capability for VPN connection (IPSec 3DES &
DES).

In case of link failure between locations of the Types II and III, or Types I and II
, the
equipment should enable collecting of ISDN backup calls.

A 2x2 Mb/s permanent link with GZAOP
MUST

be enabled. In case of failure of this
primary link, it is necessary to have automated ISDN calls generated, at the same
speed.

B.3

GZAOP

Present network e
quipment support OSA connection on HOST. GZAOP site also has
TN3270 server with load balancing features. GZAOP will provide applications for
CURH through TCP/IP connections. All site is designed in High Availability design.

Active equipment receiving the p
ermanent 2x2 Mbit/s links from the Central location
MUST

be separated from central devices connected to the HOST, and
MUST

be
implemented with two separate routers, in view of the extremely high requirements on
the system availability. It
MUST

also ensure
the possibility of handling ISDN calls (2
x PRI) as redundant lines, in case of failure of the fixed 2x2 Mbit/s links. Routers
MUST

be able to work with a large number of VPN connections (IPSec 3DES) with
mid
-
density traffic.

B.4

TYPE I

Type I location include
s customs offices of CDRC and CDRC HQ. In administrative
terms is superior to Types II, III and IV, and also represents the last hop to the Central
location. At these locations, there mostly already exists an infrastructure, and at some
there is installed
active equipment (See
System Inventory Table
-
Present Day: Network
Equipment
). For the LAN a sufficient number of active Ethernet ports
MUST

be
Section VI. Technical Requirements

169

ensured. A migration plan should be devised to ensure the complete migration to
switchi
ng technology.

At these locations the communication equipment
MUST

have sufficient capacity for a
permanent link with high degree of availability towards the Central location. A
sufficient number of connections
MUST

be ensured, which can satisfy handling o
f
permanent links from lower types. Redundancy of these links is a necessary condition,
so at these location additional lines
MUST

be introduced (ISDN

PRA), which are
activated in case of failures.

Type I locations
MUST

satisfy requests of mulitiservicing,

primarily integration of
voice and data, to be interoperated between central location, Types I, IIa and IIc
locations, and in the future, video conferencing and video control.

The wanted solution includes a multiservice communication device, which integra
tes
functions of handling permanent links with Types I, II and III locations, as well as
handling additional links from the same types in case of failure of the primary link,
and the latest in data integration technology with time
-
sensitive services for vo
ice and
video.

Routers at Type I locations
MUST

ensure ATM/FR connection to the Central
location, with a capacity of 2 Mbit/s. In case of failure, an ISDN call (PRI) is
automatically started to the Central location, at the same speed. Network equipment,
ex
cluding equipment on HQ site,
MUST

handle ATM/FR connections from
subordinate Types II and III, and ISDN calls from Type IV locations. Routers at Type
I also
MUST

have the capability to handle and open VPN connections (IPSec

3DES)
to other routers in the n
etwork.

At Type I locations, it is necessary to ensure a number of active Ethernet ports , as
specified in the
System Inventory Table (Supply and Installation Cost Items)
-
Required
Equipment
. All active ports
MUST

be Ethernet 10/10
0.

Routers of Type I
MUST

have additional modules for connecting PBX, or other
modules with possibilities of connecting 8 analog telephone devices, for integration of
speech and data. Software content enabling video and voice integration with data
MUST

be
available (VoIP).

B.5

TYPE II

Type II is subordinated to Type I in the administrative hierarchy, and is intended for
locations situated at border crossings, customs offices and departments. At Type II
locations it is necessary to make the complete transition t
o switching LAN technology,
so the devices
MUST

be dimensioned according to requirements in the
System
Inventory Table (Supply and Installation Cost Items)
-
Required Equipment
.

Communication equipment at Type II locations should en
sure permanent links to a
higher, Type I locations. Connection to the network will be achieved through a
ATM/FR link. In case of failure of this link, the equipment
MUST

be capable of
automatic activation of an ISDN call (BRI) to the local higher node (Typ
e I node) or
Central location. All routers on Type II should support communication through VPN
channel (IPSec

3DES) to other locations.

Larger locations at Type II (See
System Inventory Table (Supply and Installation Cost
Items)
-
Required Equipment

denoted as IIa and IIc) should have VoIP technology
170

Section VI. Technical Requirements

implemented. The offered equipment
MUST

meet criteria for integration of voice and
data, and also support traffic priority techniques (QoS).

B.6

TYPE III

Type III is, like Type II, administr
atively subordinated to Type I, and consists of
locations at smaller border crossings and customs departments. Like in the earlier
cases it is necessary to transfer to switching technology. Based on the planned number
of active LAN ports, the devices
MUST

be properly dimensioned.

WAN links at Type III locations need a permanent link to local higher
-
type nodes,
with automatic start of the redundant link in case of failures. Routers
MUST

support
communication with other routers in the network through VPN chan
nel (IPSec

3DES).
Active network equipment
MUST

also support VoIP technology for future upgrades.

Permanent links to higher
-
type locations will be achieved through FR/ATM
connections. Automatic activation of backup links has to be identical as on the highe
r
types, i.e. by ISDN call (BRA).

B.7

TYPE IV

Type IV is, like Types II and III, in the administrative hierarchy subordinated to Type
I, and consists of locations at minor border crossings and customs departments.

WAN links of Type IV locations connect to the
network on request. They do not need
a permanent link with the local higher node, but a dial
-
out connection is made when
needed. To protect data exchanged with other routers in the network, Type IV routers
MUST

be capable of starting and terminating VPN co
nnections (IPSec

DES). Active
network equipment at these locations does not necessarily have to support VoIP
technology, because of the dial
-
out link.

B.8

VOICE & VIDEO REQUIR
EMENTS

B.8.1

V
OICE
R
EQUIREMENTS

All routers in the network at the CL, Types I, II and III
M
UST

have the ability to
receive modules for connecting analog telephone lines. At CL, Types I, IIa and IIc
locations voice modules shall be built in immediately, while at Type IIb and III
locations, there should be a possibility for later addition of voice

modules. The
modules
MUST

support direct phone or PBX connections, depending on the
specification in the
System Inventory Table
-
Present Day: PBX
.

B.8.2

V
IDEO
R
EQUIREMENTS

The Video conferencing system
MUST

be implemented at CL and Type

I locations.
At these locations a conference room should be equipped with video cameras, and the
possibility for later expansion of the system with desktop video conferencing solutions
should be provided. The central location
MUST

have video control and m
onitoring
capabilities. The video conferencing system
MUST

be able to display multiple
Section VI. Technical Requirements

171

participants simultaneously, as well as automatically switch between participants
based on sound detected. The video system
MUST

have data transmission
capabilities, as
well as the possibility to access certain applications (like Microsoft
Office (tm), Web pages, etc.) needed as additional data in the conference.

B.8.3

V
IDEO
S
URVEILLANCE

The video surveillance system shall not be implemented as part of this project, but at a
la
ter date. Routers and switches installed in this project
MUST

support QoS services,
with the aim to improve the quality of network services. Video surveillance would first
be installed at border crossings (See
System Inventory Table (Recurrent Cost Items)
-
Services
, column Site Type) and would later be expanded to other parts of the
network. The system shall be centrally controlled from the CL location.

B.9

VPN

It is necessary to implement communication through the public network infrast
ructure
by using VPN tunneling/encryption to achieve greater data protection. Routers
MUST

have the capability to encapsulate only some traffic into VPN tunnels. VPN tunnels
would be used in communication between routers, while the LAN traffic would be
con
sidered safe. Routers at CL, GZAOP, Types I, II and III
MUST

be able to open
and accept IPSec tunnels with 3DES and DES encryption, while routers at Type IV
locations
MUST

minimally support DES encryption.

Required performance of encryption for routers:



GZ
AOP
-
4 Mbps,



CL
-
20 Mbps,



Type Ia, Ic
-
3 Mbps,



Type Ib, IIa
-
2 Mbps,



Type IIb, IIc
-
768 kbps,



Type III
-
512 kbps,



Type IV
-
128 kbps.

All routers
MUST

support work with CA and RA. In the implementation phase
pre
-
shared keys shall be used, and later with the introd
uction of new technology, CA
and RA technology shall be utilized.

B.10

THE PROCESS OF MIGRA
TION

The Supplyer
MUST

submit a detailed migration plan for the network, from present to
future condition. The migration process
MUST

contain a description of the lab
-
tes
ting
plan, and a detailed description of the implementation of new equipment for all types
of locations. In the implementation phase for new equipment, the Supplyer should not
jeopardize functionality of the existing network infrastructure. For each planne
d
interruption of work of the network equipment, needed for the migration process,
consultations with the Purchaser are required and an appropriate time
-
span
MUST

be
approved (non
-
working days are listed in the
Table of Holidays and Other
Non
-
Working Days
, while the working hours at various locations are shown in the
172

Section VI. Technical Requirements

Purchaser Working Hours Table
). Existing equipment, specified in the
System
Inventory Table
-
Present Day: Network Equipment
, is to be removed from the network
and entered into the replacement program for new equipment (Trade In). Existing
equipment available for the trade
-
in process is listed in the
System Inventory
Table
-
Trade in Equipment
.

Th
e migration plan is a part of Preliminary Project Plan (See Chapter
F.3
) and it
should be presented with other installation information's in Preliminary Project Plan.


Section VI. Technical Requirements

173


Figure
1
. Network Topology Scheme

174

Section VI. Technical Requirements


Figure
2
. Site Locations of CDRC
Sectio
n VI. Technical Requirements

175

B.11

CROATIAN CUSTOMS COM
MUNICATION
NETWORK
-
PRESENT DAY

The CDRC network is based on usage of two types of transmission routes: X.25 and
Frame R
elay networks.

Today, LAN network infrastructure is based on UTP Cat 5e and coax cabling system.
Only 30% of specified locations have LAN cabling system at this moment but till
beginning of the Project ALL locations will have UTP Cat 5e, Cat 6 or multi
-
mod
e
optic LAN cabling system implemented.

B.11.1

X.25

T
RANSMISSION
R
OUTES
(S
NA
N
ETWORK
)

The X.25 network is used as a transmission route for connecting IBM 3745 FEP and
SDLC Gateways. In this network only the SNA protocol is used. At each distant node,
there are IB
M PCOM/3270 workstations connected in a local Ethernet network. The
SDLC Gateway connects to the host (central computer) through FEP 3745 using
public X.25 networks and PAD devices. For SDLC over X.25, only the SDLC
gateway behaves like a PU node. Communic
ation to the central computer is based on
the IEEE 802.2 protocol.

B.11.2

T
HE
F
RAME
R
ELAY
N
ETWORK
(TCP/IP

AND
SNA)

The Frame
-
Relay network is implemented through HT (Hrvatski Telekom=Croatian
Telecom) links and IBM routers 2210 and 2216. This technology enables a

multi
-
protocol network, which supports the SNA and TCP/IP protocols, giving
appropriate support to existing applications. This also means prioritizing of the
network traffic enabling smooth usage of key applications and introduction of new
ones.

For trans
portation of SNA packs the DLSw (Data Link Switching) protocol is used,
i.e. encapsulating SNA packs in TCP. IBM 2210 performs the DLSw encapsulation.
IBM 2210's receive DLSw packs, decapsulate and convert into LLC2 protocol, to the
local network.

B.11.2.1

Descript
ion of remote locations

At all remote locations there are IBM PCOM/3270 workstations, connected in a local
Ethernet. For DLSw
-
a over TCP/IP, each workstation behaves like SNA PU Type II
nodes, with an appropriate number of logical units (LU).

B.11.2.2

Routing schem
e

The network uses dynamic routing, with OSPF protocol. This method enables
dynamic routing in case of downtime for some links, and using alternate routes.

On the server side at the GZAOP location there is an IBM 2216 router linked by Escon
channel to the
S/390.

176

Section VI. Technical Requirements

B.11.2.3

Traffic priority

Traffic priority is based on QoS (Quality of Service) router functions. Traffic is
prioritized based on traffic type (IP or DLSW).

This enables separating traffic towards applications (for example: 3270 emulation,
Lotus Notes, Java
applications).

B.11.2.4

Topology

The network has star topology. At the GZAOP location there are two independent
IBM 2216 routers, linked by independent Escon channels to the IBM S/390 host.
Remote nodes are linked to them by means of two PVCs (Permanent Virtual Cir
cuits)
over the Frame
-
Relay network, and in case of crashdown of one of them, the link is
automatically routed to the backup.

As the entire network infrastructure at the GZAOP location is based on a Token
-
Ring
configuration
(S
ee
Figure
3
. Croatian Customs Communication Network
-
Present
Day
)
, the communication route of remote locations goes through an IBM 2210 router.

B.11.3

A
PPLICATION AND
N
ETWORK
I
NFRASTRUCTURE OF
CDRC

The main application used by the Customs Directorate resides on an IBM

S/390 Host.
Some other applications on a Microsoft NT server are also used. This server enables
Lotus Notes (Notes, Web, E
-
mail), DB2Connect, DNS, and PDC. At the central
location of the Customs Directorate there is one more Microsoft NT server running
BD
C and File & Print sharing. At the GZAOP location there is a server for network
administration with the IBM NetView software.

Section VI. Technical Requirements

177


Figure
3
. Croatian Customs Communication Network
-
Present Day

B.12

THE CROATIAN TE
LECOMMUNICATION
INFRASTRUCTURE

According to the Law on Telecommunications, Article 98, Item 4, Hrvatske
telekomunikacije d.d. (HT in further text) has the concession for providing
telecommunication services in the Republic of Croatia. HT has an established

infrastructure for providing such services (See
Attachment 3: Law on
Telecommunications Republic of Croatia
). For this reason it has been decided to use
the HT network for data transmission and the HT ISDN network for access to PSTN
.

Access to the Internet in the Republic of Croatia is currently provided by several ISPs
(Internet Service Providers), where the largest are HT
-
HiNet and Iskon Internet.

178

Section VI. Technical Requirements

B.12.1

D
ATA
T
RANSPORT
S
ERVICES OFFERED BY
HT

D
ATA
N
ETWORKS

Data transport Services offered b
y HT Data Networks are given below. For more
reference see
Attachment 1: Croatian Telecom Company (His
tory and Brief
Description)

and
Attachment 2: Tariff System of Croatian Telecom Company
.

B.12.1.1

Frame Relay

Hrvatsk
i Telekom offers to its users data transfer services by Frame Relay protocol,
through networks built on modern technologies, enabling high reliability and
accessibility of service. These networks are controlled through a central monitoring
and control syst
em, in order to ensure users guaranteed levels of service.

HT's transfer services by Frame Relay protocol enable users to transfer data at speeds
from 64 kbit/s to 34 Mbit/s, not only within Croatia, but also to international locations.
The digital transfe
r infrastructure guarantees high degrees of accuracy of transferred
data. Also a whole suite of QoS (Quality of Service) parameters guarantee high quality
services to users.

Users selecting Frame Relay services can lease terminal equipment from HT, or they

can use their own. In the latter case, the user
MUST

contact HT to procure equipment
compatible with equipment on the HT side.

B.12.1.2

ATM

Access to ATM services is enabled to users through standard ATM interfaces at
2Mbit/s, 34Mbit/s and 155Mbit/s. Besides, user
s can connect at 4Mbit/s, 8Mbit/s,
12Mbit/s, 16Mbit/s through IMA (Inverse Multiplexing ATM) interfaces.

Connection is achieved by direct link to the PDH/SDH infrastructure of HT or using
HDSL modems, which the user can lease from HT.

Users of HT's ATM ser
vices can link several locations through ATM connections, or
communicate directly with users of Frame Relay connections (
interworking
).

In the first phase of implementing new network services, users are offered CBR
(Constant Bit Rate) and VBR (Variable Bit

Rate) services, in two variations
-
with
policing parameters VBR.1 and VBR.3 according to “ATM Forum Traffic
Management 4.0”.

B.12.1.3

Leased Line

Leasing telecommunications lines enables quality connections, according to the user’s
needs. Such a line can be within
the Republic of Croatia or with a destination in
another country. The user of such a line implements the communication protocol of his
own choice.

B.12.1.4

X.25

Access to HT’s X.25 network is possible on the entire territory of the Republic of
Croatia, and because
of the nature of the protocol and implemented security
mechanisms within the network, the lower quality of access lines doesn’t cause data
transfer errors.

Section VI. Technical Requirements

179

The network that realizes the X.25 protocol services bears the commercial name
CROAPAK, and also ena
bles communication by X.28 and SNA/SDLC protocols.

B.12.1.5

ISDN

A completely digitized ISDN link through existing communication channels gives a
substantially larger transmission capability, and higher quality enabling:



Digital communication speeds of 64 kbit/s to

2Mbit/s,



Faster connections,



Access to all available networks.

180

Section VI. Technical Requirements

C.

TECHNICAL SPECIFICAT
IONS

The bid
MUST

contain all the technical information about the merchandise that is
being offered listed according to groups of equipment and each component in
particular
. On every data in a technical requirements tables (See Chapter
G
,
Technical
Responsiveness Checklist
) bidders have to answer with YES or NO.

C.1

GENERAL TECHNICAL RE
QUIREMENTS

C.1.1

L
ANGUAGE
S
UPPORT

All informa
tion technologies
MUST

provide support for the English language.

C.1.2

D
ATES

All information technologies
MUST

properly display, calculate, and transmit date
data, including, but not restricted to 21
st
-
Century date data.

C.1.3

E
LECTRICAL
P
OWER

All active (powered) equ
ipment
MUST

operate on 220V and 50Hz. All active
equipment
MUST

include power plugs standard in Croatia.

C.1.4

E
NVIRONMENTAL

Unless otherwise specified, all equipment
MUST

operate in environments of 0
-
40
degrees centigrade and 10
-
85 percent relative humidity.

C.1.5

A
P
PROVALS

All equipment to be connected to the HT infrastructure
MUST

have quality
certificates (EMC, Electrical Safety) for the area of the Republic of Croatia.

Bidder will have the opportunity to obtain the certifications if they are awarded the
contract.

C.1.6

E
QUIPMENT
M
ANUFACTURER

All devices are classified in five major groups:

1.

LAN equipment,

2.

WAN equipment,

3.

Network Management Software equipment,

4.

Videoconferencing equipment,

5.

Power supply equipment.

Section VI. Technical Requirements

181

All devices from each of the groups 1, 2, 3 and 5
MUST

be from

the same
manufacturer. This does not mean that equipment classified in different major groups
should come from one manufacturer. Rather, it means that all the devices in a given
major group should be made by one manufacturer.

C.2

NETWORK AND COMMUNIC
ATIONS
SP
ECIFICATIONS

The communication network has to be implemented according to principles of Intranet
technology and on the basis of the IP protocol. Various components of the network
have to be continuously connected in order to constantly exchange information
s. Other
components have to be provided on occasional, or daily basis, dial
-
in connection,
through ISDN/PSTN public network.

For some people from different parts of the network there is a need to log onto the
Internet. In order to implement this part, it i
s necessary to ensure that connecting to the
Internet is done by using the same equipment. The system has to implement a unique
and secure system of data protection and access with the use firewall technology.

C.2.1

L
OCAL
A
REA
N
ETWORK
(
S
)

C.2.1.1

General Requirements

All

memory modules, cables and other modules within the switches
MUST

be
supplied by the switch manufacturer.

C.2.1.2

Equipment and software on CL site

Distribution switches

2 x L3 switch with minimum 48 ports per switch. Minimal requirements for each
switch are desc
ribed in
Table TL
-
L10
.

Access switches

Minimum 144 ports in six or more switches. Minimal requirements for three switches
are described in
Table TL
-
L4

and for other three in
Table TL
-
L7
.

C.2.1.3

Equipment and software on GZAOP site

There is no LAN equipment for GZAOP site.

C.2.1.4

Equipment and software on Type Ia, Type Ib, Type Ic, Type IIa, Type IIb,
Type IIc and Type III sites

Switches

Minimal requirements for each switch, depending on
System Inventory Table (Supply
and Installation Cost Items)
-
Required Equipment

specifications, are described in
Table
182

Section VI. Technical Requirements

TL
-
L1
,
Table TL
-
L2
,
Table TL
-
L3
,
Table TL
-
L4
,
Table TL
-
L5
,
Table TL
-
L6
,
Table
TL
-
L7
,
Table TL
-
L8

and
Table TL
-
L9
.

C.2.2

W
IDE
-
A
REA
N
ETWORK

C.2.2.1

General r
equirements

All memory modules, cables and other modules within the routers
MUST

be supplied
by the router manufacturer
.

C.2.2.2

Equipment and software on CL site

Core routers

Minimal requirements for Core routers are described in
Table TW
-
CL1
.

Access routers

Minimal requirements for Access routers are described in
T
able TW
-
CL2
.

Gatekeeper routers

Minimal requirements for Gatekeeper routers are described in
Table TW
-
CL3
.

C.2.2.3

Equipment and softw
are on GZAOP site

Access router

2 x Access router with minimal requirements for each described in
Table TW
-
GZ1
.

C.2.2.4

Equipment and software on Type Ia, Type Ib, Type Ic,


Type IIa, Type IIb, Type IIc, Type III and Type IV sites

Type Ia

router

Minimal requirements for the Type Ia router are described in
Table TW
-
T1A
.

Type Ib router

Minimal requirements for the Type Ib router are described in
Table TW
-
T1B
.

Type Ic router

Minimal requirem
ents for the Type Ic router are described in
Table TW
-
T1C
.

Type IIa router

Minimal requirements for the Type IIa router are described in
Table TW
-
T2A
.

Section VI. Technical Requirements

183

Type IIb router

Minimal requirements
for the Type IIb router are described in
Ta
ble TW
-
T2B
.

Type IIc router

Minimal requirements for the Type IIc router are described in
Table TW
-
T2C
.

Type III router

Minimal requirements for the Type III rou
ter are described in
Table TW
-
T3
.

Type IV router

Minimal requirements for the Type IV router are described in
Table TW
-
T4
.

C.2.3

I
NTERNET
A
CCESS
N
ETWORK ON
CL

S
ITE

The firewall system at the CL site
MUST

ensure

continuous Internet connection.
Therefore, a redundant system has to be built, which will remain functional in case of
defects of some of the system devices. The redundancy
MUST

encompass the link to
the ISP. The system for connecting to the Internet
MUST

contain hardware support
for caching functions, as a separate device, including appropriate software.

C.2.3.1

Firewall Equipment and software on CL site

Firewall

The firewall system
MUST

contain at least two firewalls, which shall work in parallel
or failover mod
e. The minimal requirements for each are described in
Table TF
-
F1
.

C.2.3.2

WAN Equipment and software on CL site

Internet access router

2 x router, with minimal requirements for each described in
Table TF
-
R1
.

C.2.3.3

LAN

Equipment and software on CL site

Switches

2 x switch, with min. 24 ports per each. Minimal technical requirements for each are
described in
Table TL
-
L3
.

Cache device

A minimum of one cache device, with minimal technical requirem
ents described in
Table TF
-
C1
.

184

Section VI. Technical Requirements

C.3

VIDEOCONFERENCING SY
STEM SPECIFICATION

C.3.1

E
QUIPMENT AND
S
OFTWARE

C.3.1.1

Videoconferencing system

The system
MUST

provide real
-
time voice and video over IP conferencing services.
Minimal technical requirements
for the system are described in
Table TV
-
S1
.

C.3.1.2

Cameras

Minimal technical requirements for cameras in conferencing rooms are described in
Table TV
-
C1
.

C.4

SOFTWARE SPECIFICATI
ONS

C.4.1

S
YSTEM
S
OFTWARE AND
S
YSTEM
-
M
ANAG
EMENT
U
TILITIES

C.4.1.1

Operating system

The operating system on active network devices
MUST

support replacability, for the
purpose of improving functionality of the device. This does not apply to devices that
MUST

be installed by external service providers, and a
re essential for proper
functionality of the network.

C.4.1.2

Software for network control

Must be supported on all active network devices to be installed within the scope of this
project. This does not apply to devices that
must

be installed by external service
p
roviders, and are essential for proper functionality of the network.

C.5

SYSTEM MANAGEMENT, A
DMINISTRATION, AND
SECURITY SPECIFICATI
ONS

C.5.1

G
ENERAL
R
EQUIREMENTS

For all installed network devices, centralized control needs to be established, in order
to control dev
ice. The control
MUST

enable on
-
time detection of network congestion,
link failures, and all statistics of events significant to the network functionality
MUST

be locally stored, in a dedicated database. It is also necessary to offer servers (See
Chapter
C.5.8
) on which management software shall be installed. It is essential that the
installed software enables at least three simultaneous sessions. The system has to
allow for graphic representation of all the components of the ne
twork and several
levels of access that enable supervision and action on various levels.

Section VI. Technical Requirements

185

C.5.2

T
ECHNICAL
M
ANAGEMENT AND
T
ROUBLESHOOTING

C
ontrol encompasses network administration, monitoring, detecting link failures,
detecting errors and troubleshooting of the w
hole network. The management system
MUST

be furnished with a Web browser, which should enable access to critical
network parts from any point. All events
MUST

be registered and locally stored, and
there
MUST

be a possibility of posterior analysis.

C.5.3

U
SER AND

U
SAGE
A
DMINSTRATION

C
ontrol
MUST

register every user login for work on the network equipment. Login
attempts
MUST

be stored on the system.

C.5.4

S
ECURITY

All installed equipment
MUST

be protected from unauthorized access, by password.
The database of user names

and passwords
MUST

be stored locally, or be placed in a
separate location and accessed by RADIUS or TACACS+ protocol.

C.5.5

WAN

M
ANAGEMENT
F
EATURES

Minimal requirements for the WAN management system are described in
Table
TM
-
W1
.

C.5.6

LAN

M
A
NAGEMENT
F
EATURES

Minimal requirements for the LAN management system are described in
Table
TM
-
L1
.

C.5.7

U
SER
A
CCESS
M
ANAGEMENT
F
EATURES

Minimal requirements for the user access management system are described in
Table
TM
-
U1
.

C.5.8

N
ETWORK
M
ANAGEMENT
S
ERVER
S
PECIFICATIONS

Minimal requirements for the network management server are described in
Table
TM
-
S1
.

C.6

POWER REGULATION

C.6.1

UPS

E
QUIPMENT AND
S
OFTWARE

Minimal requirements for each UPS, depending

on
System Inventory Table (Supply
and Installation Cost Items)
-
Required Equipment

specifications, are described in
Table
TP
-
U1
,
Table TP
-
U2

and
Table TP
-
U3
.

186

Section VI. Technical Requirements

C.7

SERVICE SPECIFICATIO
NS

This sub
-
section specifies the services required by the Purchaser as part of: (a) the
obligations of the Supplier under the Contract (in accordance with GCC 7); and (b) the
obligations of the Supplier under the separate «Custom
er Service Contract».

For information, a description of the existing network is given in Chapter
B.11
. The
presently installed active network equipment is listed in the
System Inventory
Table
-
Present Day: Network Equipment
.

C.7.1

S
ERVICES UNDER THE
C
ONTRACT

C.7.1.1

Technical Training

As part of the Supplier’s supply and installation responsibilities under the Contract and
a condition of the Operational Acceptance of the Entire System,
the Supplier
MUST

organize training for 5 engineers of the Purchaser, covering minimally the following
contents:



Basic network devices (concentrator, router, switch),



Basics of networking (LAN protocols, WAN technologies, bridging, switching,
routed/routin
g protocols, network control),



OSI network model selecting appropriate network devices,



Physical connections and cabling of network devices,



Basics of work and configuring devices,



Switch functionality,



Configuring IP address space,



Basic IP routing protoc
ols,



Establishing point
-
to
-
point connections,



ISDN BRI dialing,



Establishing the Frame Relay PVC,



Advanced switch functionality,



Controlling the network neighborhood,



Using Windows 95/NT/W2000 and launching applications,



Basics of routing
-
class/classless r
outing, distance vector and link state routing