On 7 Dec 2011, at 17:17, Anderson, Ian wrote:
> We've been bitten by the /24 issue here as well... Would you be willing to share your procurement advice?
It includes things like:
"The University TCP/IP network is a very large IPv4 routed network utilising a private fibre
infrastructure running at 1Gbps or 10Gbps depending on location. The system also uses
VLANs to isolate different traffic. TCP/IP Communications between all parts of the system
shall be designed in such a way as to ensure that elements of the system do not have to
be collocated within a single subnet (e.g. no requirement for a single broadcast domain)."
We have tried to ensure the wording is suitable for the type of organisation who would be responding to the PQQ. This is taken from our recent ANPR tender.
We also include elements which are not strictly networking, but with a security hat on, things like this are important:
"Authorisation of operators and managers of the system from PCs shall either be carried
out by a single sign on methodology or via a fully encrypted data channel to the
management system (e.g. HTTPS) to avoid the transmission of user authentication
details over a clear text connection. If proxy authentication to existing University access
control systems, such as Active Directory/LDAP is utilised in the solution, there shall be
no persistent caching of password credentials on the system to avoid risk of these details
being out of date, or compromised by attack on the system."
There are chunks of text like this we have used in tenders for: ANPR, Door Access, CCTV, BMS, Emergency Lighting etc.
I've not got the master document to hand, so I've pulled these two out of PQQ/Tender responses. I'll try to dig it out tomorrow.
Matt
--
Matthew Cook
Head of Network Infrastructure & Telephony
Loughborough University, IT Services
[w] http://www.lboro.ac.uk/it/
|