RFP: Security Maintenance and Repair Page 1 of 77
TRANSNET PIPELINES:
Document Title:
Request for Proposal:
Electronic Security Systems
Maintenance and Support
RFP: Security Maintenance and Repair Page 2 of 77
Name Title Signature Date
Compiled by Simon Spencer
Supported by Veni Kannigan
Supported by
Reviewed by
RFP: Security Maintenance and Repair Page 3 of 77
Contents
1. BACKGROUND ....................................................................................................................................... 7
2. SYSTEMS OVERVIEW ............................................................................................................................. 7
2.1 Operating philosophy ................................................................................................................... 7
2.2 Sites .............................................................................................................................................. 8
2.3 System Architecture ..................................................................................................................... 8
System Infrastructure ............................................................................................................... 8 2.3.1
Wide area network (WAN) ..................................................................................................... 11 2.3.2
Access control: ........................................................................................................................ 11 2.3.3
CCTV........................................................................................................................................ 13 2.3.4
Intercoms ................................................................................................................................ 14 2.3.5
Situation Management ........................................................................................................... 14 2.3.6
Operator workstations ........................................................................................................... 15 2.3.7
Active Directory ...................................................................................................................... 16 2.3.8
Anti-Virus / System updates ................................................................................................... 16 2.3.9
Centralised Systems (NOC/INOC) ....................................................................................... 16 2.3.10
NOC Specific systems.......................................................................................................... 16 2.3.11
Information Security Standards for systems ...................................................................... 16 2.3.12
3. SCOPE OF WORK ................................................................................................................................. 17
3.1 Hardware Maintenance and Repair ........................................................................................... 18
Corrective Maintenance ......................................................................................................... 18 3.1.1
Hardware Preventive Maintenance ....................................................................................... 18 3.1.2
3.2 System Availability and Administration ...................................................................................... 18
System Availability .................................................................................................................. 19 3.2.1
Preventative Maintenance of servers and systems ............................................................... 19 3.2.2
Password Reset Service .......................................................................................................... 19 3.2.3
Backups and restores, Business continuity ............................................................................ 19 3.2.4
Logical security and Vulnerability Management .................................................................... 20 3.2.5
Active directory management ................................................................................................ 20 3.2.6
RFP: Security Maintenance and Repair Page 4 of 77
Performance and capacity management ............................................................................... 20 3.2.7
Software updates ................................................................................................................... 20 3.2.8
Network Monitoring and Management ................................................................................. 20 3.2.9
3.3 Installations, Moves, Additions, Changes and Decommissioning (IMACD)................................ 21
3.4 Asset and Spares management .................................................................................................. 21
Asset management ................................................................................................................. 21 3.4.1
Spares Management............................................................................................................... 22 3.4.2
Procurement ........................................................................................................................... 23 3.4.3
Warranties .............................................................................................................................. 23 3.4.4
Software Licences ................................................................................................................... 23 3.4.5
Disposals ................................................................................................................................. 23 3.4.6
3.5 Sandbox Services ........................................................................................................................ 23
3.6 Electrical Maintenance ............................................................................................................... 25
3.7 Cross Functional Services ........................................................................................................... 25
Scheduling and site access ..................................................................................................... 25 3.7.1
Service desk ............................................................................................................................ 25 3.7.2
Documentation, Change and configuration Management .................................................... 28 3.7.3
Health and Safety ................................................................................................................... 28 3.7.4
Quality Control ....................................................................................................................... 29 3.7.5
Equipment and tools .............................................................................................................. 29 3.7.6
Supplier and sub-contractor relationships ............................................................................. 29 3.7.7
Reporting and Billing .............................................................................................................. 30 3.7.8
Resources ............................................................................................................................... 30 3.7.9
Statutory Certification and security clearances ................................................................. 30 3.7.10
Audits .................................................................................................................................. 30 3.7.11
3.8 Exclusions ................................................................................................................................... 31
4. SERVICE LEVELS AND PENALTIES ......................................................................................................... 31
5. CONTRACT TERMS ............................................................................................................................... 31
5.1 Sub-Contractors .......................................................................................................................... 31
RFP: Security Maintenance and Repair Page 5 of 77
5.2 Duration ...................................................................................................................................... 31
5.3 Travel .......................................................................................................................................... 32
6. HANDOVER / TRANSITION .................................................................................................................. 32
6.1 Contract Commencement .......................................................................................................... 32
6.2 Contract completion ................................................................................................................... 32
RFP: Security Maintenance and Repair Page 6 of 77
APPENDICES ................................................................................................................................................ 34
APPENDIX 1 SERVICE LEVELS AND PENALTIES ........................................................................................ 35
Section A: Services Detail ................................................................................................................... 35
Section B: Service Levels and Penalties ............................................................................................. 44
APPENDIX 2 STANDARD OPERATING PROCEDURES ............................................................................... 50
APPENDIX 3 SYSTEM AND EQUIPMENT SUMMARY ............................................................................... 71
Section A: Software ......................................................................................................................... 71
Section B: Hardware ........................................................................................................................ 71
APPENDIX 4 ASSUMPTIONS .................................................................................................................... 75
APPENDIX 5 CMDB FIELD LIST ................................................................................................................. 76
RFP: Security Maintenance and Repair Page 7 of 77
1. BACKGROUND
Transnet Pipelines (TPL) has installed electronic security systems at all sites on the New Multi-Product
Pipeline (NMPP). All Sites are classified as National Key Points and are secured as such.
The main objectives of the security system are to:
Create a safe and secure environment
Comply with legislation
Minimize operational disruption
Optimize security operational efficiency
In order to ensure maximum up time and system reliability, TPL requires a service provider for the
maintenance and support of all electronic security systems and associated equipment.
2. SYSTEMS OVERVIEW
Each site is equipped with equipment and systems to control the following aspects of security:
Access Control
Video Surveillance
Intrusion prevention and detection
Intercom communications
Fire Alarm monitoring
Site evacuation and muster
Guard tours
Situation Management
All sub-systems are integrated into, and managed by a centralised situation management system. This
application provides a centralised alarm queue and process guidance with remote control and
management of sub systems and end devices.
All sites are linked to the TPL National Operations Centre (NOC) via a Wide Area Network (WAN). The
NOC acts as the primary control room for all sites.
2.1 Operating philosophy
The system is designed as a centrally managed system, with the primary point of operation
located in the security nerve centre or NOC. In the event of a WAN or NOC systems failure, the
situation management system can be used as a stand-alone system at each site.
NOC operators respond to alarms in the situation management queue and follow process
guidance screens and view associated camera feeds to resolve the alarms. Each site has two
security guards per shift who may be dispatched by the central operator to assist in alarm
resolution.
All aspects of the security systems can be activated and managed from the NOC.
A number of sites are unmanned from an operations perspective with only security staff
present.
RFP: Security Maintenance and Repair Page 8 of 77
2.2 Sites
The security systems are installed at the following locations:
NMPP Site Site Name Location
INOC TPL Head Office 202 Anton Lembede Street, Durban
NOC NOC Pinetown
TM1 Island View Durban
PS1 Twini Amanzimtoti
PS3 Hilltop Pietermaritzburg
PS5 Mnambithi Ladysmith
PS7 Warden Warden
PS8 Villiers Villiers
TM2 Jameson Park Heidelberg
PS – Pump Station TM – Terminal NOC – National Operations Centre INOC – Interim National Operations Centre Each site consists of multiple buildings and floors and a number of gates; both automated and manual.
TPL is in the process of establishing the NOC and currently the central functions and operations are
being performed at the interim NOC (INOC).
2.3 System Architecture
Details of all components and quantities at each site are contained in Appendix 3 - System and
Equipment Summary
The following provides an outline of system components and connectivity.
System Infrastructure 2.3.1
The systems at each site adhere to the following build philosophy:
Edge devices in each building and perimeter section are terminated in a junction box / field node.
The Junction boxes host the following equipment o Access control processor and auxiliary cards o Perimeter intrusion detection controllers o Power supplies for Camera Housings and PTZ cameras o Power supplies for Access control controllers o Network Switches and surge protectors o A dedicated electrical distribution board for the components in each junction box
Electric fence energisers are located close to the perimeter junction boxes.
RFP: Security Maintenance and Repair Page 9 of 77
Communication between edge devices and the junction box uses: o Cat 6 Ethernet for IP communications to:
Cameras Intercoms Access control processors (ACP)
o Serial / CAN bus - All terminating at ACP Access control components Electric fence Booms Gates Turnstiles Passive Infra-red Detectors
o Fibre From ACP to Sabre Intrusion detection on perimeter fence (Multimode) Connectivity between junction box switch and control room (Single Mode)
All Ethernet connections terminate at a junction box switch, which is linked via fibre to the main switches in the server room, located in the control building.
Server rooms at each site host the following components: o Servers
Access control System (ACS) Situation Management (DM) Active Directory domain controller Intercom CCTV servers:
System Manager
Workstation
NSM Storage Arrays o KVM Console, monitor and keyboard o Switches o ACP, associated boards and power supplies for control building access control
RFP: Security Maintenance and Repair Page 10 of 77
Figure 1 - System Block Diagram
ACPEdge devices
SwitchCCTV Cameras Intercoms
Switches
Servers
NSMs(CCTV Footage)
WAN Connection
Server room
Field Node / Junction Box
Switches
Servers
Workstations
Time Server
WAN Connection
NOC/INOC
Backup Server
Workstation(Guard house and
control room)
RFP: Security Maintenance and Repair Page 11 of 77
Wide area network (WAN) 2.3.2
The system is based on a closed network. Each of the NMPP sites connects to the NOC via fibre,
terminating on a Cisco ONS layer 2 service on TPL’s Process Control network infrastructure (SCADA). The
security network resides on one of the ONS 10 gigabit lambdas.
LAYER 3 is configured on the network distribution switches which terminates to the ONS L2 network,
and to the network aggregation switches. Network multicasting is setup to support the CCTV system
multicasting requirements, from the aggregation switches to the CCTV services at the NOC.
Figure 2 - Network Overview
Distribution Switch
Head-end device
Equipment Switch
Edge Device network
Switch
Access Switches
(1GB ports)
Edge Device network
SwitchAccess Switches
(10/100MB ports)
Distribution Switch
Head-end device
Equipment Switch
Edge Device network
Switch
Access Switches
(1GB ports)
Edge Device network
Switch
Access Switches
(10/100MB ports)
NOC / INOC Level - LAN
WAN
WAN
Site Level - LAN
2.3.2.1 Remote management
All systems at sites can be remotely managed from the NOC / INOC. There is no provision for remote
access from outside the security network.
An engineering workstation will be provided at the NOC/INOC for remote management. No external or
unapproved computers or devices may be connected to the security network.
Access control: 2.3.3
The access control system is responsible for controlling all portal access. In addition, the following
systems are controlled and monitored through the access control system
Electric fence alarms
Vibration detection (Sabre System)
Passive infrared detectors
Gates, Booms and Turnstiles
RFP: Security Maintenance and Repair Page 13 of 77
2.3.3.1 Software Used:
Each site has an Access control server running Remsdaq Starwatch software.
2.3.3.2 Field devices
Field devices include the following:
Backplane with the following active control modules: Access Control Processor (ACP),Two Door
Expansion Module (TDEM) and Input/Output Module (IOM)
Sabre II Perimeter detection system is an optical fibre based Intruder Detection System (IDS) in
which the sensor cable is attached to the fence to detect the disturbance caused by attempted
intrusion.
Electric Fence energisers are mounted next to the perimeter junction boxes. The electric fence
is a Nemtek Merlin system with alarms linked to the IOM on the Starwatch system.
HID R30 Card readers utilising the Wiegand interface on the Remsdaq ACP
V Station 4G Biometric readers
Break Glass Units
Magnetic Door Locks
Door open monitors
Passive infrared detectors
Key switch override on selected doors
12v DC Power supply
Booms, gates and turnstiles are supplied by Boomgate systems.
A number of buildings are equipped with blast proof doors with integrated, powered locking
systems and in some cases, motorised opening and closing. These doors are supplied by Gunebo
at the pump stations and TM2 and, at Mutual Safes at TM1 .
CCTV 2.3.4
2.3.4.1 Software used
The CCTV system is a Pelco Endura system. WS5200 system management software is the viewing and
management software interface for the Endura system.
2.3.4.2 Server Devices
SM5200 The SM5200 system manager is an integrated hardware/software component that
provides distributed administration of multiple devices.
NSM5200 the NSM5200 network storage manager is a RAID disk array for the storage of video footage.
Multiple devices are arranged in a storage pool at each site.
WS5070 The WS5070 Endura workstation is used for viewing video and configuring the Endura
system
2.3.4.3 System Devices
Fixed cameras
o IDE10DN8-1 IP Indoor Fixed Dome Camera
o IDE20DN8-1 IP Indoor Fixed Dome Camera
RFP: Security Maintenance and Repair Page 14 of 77
o IX10DNIP Fixed Network Camera
o IXE10LW Extended Platform Network Camera
Help Point Cameras
o IME219-1EI MiniDome
o SYN-PHA-H100 Analog Pinhole Camera (Used with NET5301T Encoder)
PTZ cameras
o Spectra IV (SD4N35-PG-E1-X) IP Network PTZ High Speed Dome Camera
o Spectra IV (SD4E36-PG-E1-X) IP Network PTZ High Speed Dome Camera
Thermal Camera
o Sarix TI635-X Thermal IP Camera
Enclosures
o EH1512-2MTS Enclosure for IX10DN and IXE10LW
Lens
o YV4.3X2.8SA-SA2 Vari Focal Lens for IX10DN and IXE10LW
PSU
o MCS Multiple 24 VAC Power Supply
Camera Masts
o Perimeter and operational cameras are mounted on 6m fixed masts
Intercoms 2.3.5
2.3.5.1 Software used
The system uses Commend intercom software and hardware.
2.3.5.2 System components
GE 800 Server, with relevant subscriber, LAN and recording cards (NOC/INOC)
GE 300 Servers with relevant subscriber and LAN cards
Master Stations (EE900AS.C & EE972AS.C)
Call Stations
Situation Management 2.3.6
All systems are integrated into the situation management system.
2.3.6.1 Software used
The systems consists of an on-site server running CNL IP Security centre software synchronising with a
central master system. IP Security Center uses Microsoft SQL Server to store data.
The situation management software provides an interface via configurable drivers into all operations
and is the primary method of interacting with all related systems including:
Handling and resolving alarms from sub-systems
o Access control
o CCTV
o Fire
RFP: Security Maintenance and Repair Page 15 of 77
o Intercom
Viewing and controlling cameras
Reviewing recorded video
Providing process guidance and pre-set camera views when handling alarms
Interactivity with portals (Lock, Unlock doors, etc)
Recording alarm responses
Managing access control accounts
Additional functionality will be enabled with the implementation of NOC systems.
Operator workstations 2.3.7
Each site is equipped with two operator workstations. One located in the guardhouse and one located in
the control room. The guardhouse workstation is equipped with a printer for the generation of muster
reports.
The workstations are installed with Microsoft Windows 7, utilising IPSC situation management as a
primary interface. The Remsdaq and Pelco applications are installed and used as supporting interfaces.
An Enrolment station equipped with a fingerprint scanner and card printer is located at the NOC/INOC.
This workstation uses Remsdaq Starwatch as its primary interface.
ACS
CCTV
Intercom
System Managers
Network Storage
Managers
Encoders
Cameras
Servers
Master Station Door
Stations
Portals
PIRs
Perimeter Intruder
Detection
Active Directory
Situation Management
F&GBuilding
F&GHazardous
Figure 3 - Conceptual design of SM interfacing at site
RFP: Security Maintenance and Repair Page 16 of 77
Active Directory 2.3.8
Each site has its own Active Directory domain controller, synchronised to a primary domain controller
located at the NOC/INOC.
Anti-Virus / System updates 2.3.9
All computers are protected by Microsoft Forefront anti-virus. Virus definitions and operating system
patches are distributed by a central server located at the NOC/INOC.
Centralised Systems (NOC/INOC) 2.3.10
Until the NOC is completed central functions and operations will be performed at the interim NOC
(INOC)
The Centralised systems provide services to synchronise site specific sub-systems and consists of the
following servers:
Access control Publisher: This synchronises all on site access control systems and propagates any
account / card holder details throughout the system.
Active Directory Primary domain controller
CCTV system manager SM5200 allowing control and view of cameras at all sites.
Backup server: Hosts, backups of all system configurations and databases (See section 3.2.4)
NTP time server – The Meinberg SyncFire 1000 server synchronises with GPS satellites and
provides accurate time to all Active Directory domain controllers.
Situation management data server – synchronises all configuration and event information with
all sites
Situation management application server
Intercom server – Provides intercom and voice recording services.
The NOC/INOC also provides for the following:
Operator workstation
Enrolment Station with card printer
Engineering workstation
NOC Specific systems 2.3.11
The following additional features will be incorporated into the system at a later stage and must be
supported when complete:
Evidence Bank: This will allow for the archival storage of video, audio and other files associated
with security incidents. These files are automatically archived by the situation management
system.
Video Wall displays in main operations room.
Operator workstations: additional operator workstations will be installed in the ops room.
DMZ and firewall for integration with external systems
Monitoring tools
Information Security Standards for systems 2.3.12
All systems have been configured and aligned to the following approved Transnet Security Standards:
Transnet Information Classification Standard
RFP: Security Maintenance and Repair Page 17 of 77
Transnet ICT Physical and Environmental Security Standard - v1.1
Transnet Information Security Awareness - v1.1
Transnet SQL Security Configuration standard - v1.1
Transnet User Management Standard - v1.2
Transnet Windows 7 Security Configuration Standard
Transnet Windows 2008 standard - v1.1
The vendor will be responsible for ensuring the system adheres these standards and will subject to
periodic audits. On completion of the NOC further information security compliance criteria will be
necessary.
3. SCOPE OF WORK
The respondent is required to provide the following, separately priced services:
Hardware Maintenance and Repair
System Availability and Administration
Installations, Additions, Changes and Decommissioning
Asset and Spares management
Sandbox Services
Electrical Maintenance and Repair
Each priced service will be subject to performance metrics and targets. Failure to meet performance
standards will result in penalties in the form of service credits. Consecutive noncompliance with
performance measures will result in cancellation of the contract.
All above services will include the cross functional service components listed in Section 3.7.
All software installations may be subject to a installers defect period, therefore any fault rectification
must determine if the issue is a fault or a defect prior to commencing work. This information will be
shared with the successful vendor on the commencement of the contract
There is no warranty period remaining for any installed hardware devices.
The project is in the final stage of commissioning and handover and therefore, for the purposes of this
proposal, maintenance and support of all sites will be the vendors responsibility at the commencement
of the contract.
Additional system components or functionality, to align the system with TPL’s original NMPP project
requirements may be completed by the original contractor after the handover and implementation of
the maintenance agreement, therefore the vendor will need to liaise with the installer to ensure
alignment during these installations.
Any additional equipment and features that are installed as described in the paragraph above, will be
supported under the terms and conditions of this SLA.
Full requirements for each service are detailed in Appendix 1 – Section B: Service Levels And Penalties
An overview of each service is outlined below.
RFP: Security Maintenance and Repair Page 18 of 77
3.1 Hardware Maintenance and Repair
Corrective Maintenance 3.1.1
End Device Corrective Maintenance (CM) is defined as the support performed within a pre-defined
period of time to correct a breakdown or failure of any system hardware.
Under this agreement, CM shall include all tasks which are required to restore equipment to operational
status or correct a failure that has occurred or is in the process of occurring, and may consist of repair,
restoration and/or replacement of components, electrical, mechanical repairs and any civil works
required.
Service levels for this service are measured on a time to resolve basis.
Hardware Preventive Maintenance 3.1.2
Preventative Maintenance (PM) activities shall consist of visual inspections, minor repairs and
adjustments, cleaning and lubrication of installed end devices to ensure the integrity of the solution.
Areas of attention shall include:
Printer servicing
Cleaning and checking of end devices
Camera adjustments and cleaning
Cleaning, check and adjustment of gates, booms and turnstiles
Cleaning, checking and adjustment of blast proof doors
Cleaning and checking of equipment junction boxes and racks
Refer to Appendix 2 for a detailed description of activities to be completed for each device, and
frequency of activity. Time estimations are an average indication of work to be performed and a
checklist of all aspects. It should be noted that the time estimates include all tool and material
preparation and actions to meet of any relevant occupational health and safety requirements (e.g..
Working at heights). It is expected that all preventative maintenance will be completed in a block of
uninterrupted days.
The scheduled times for preventative maintenance visits will be mutually agreed to, with confirmation
at least two weeks prior to scheduled visit, and must be completed in 3-7 consecutive working days.
Minor repairs that cannot be completed at the time of the visit will be listed as part of the PM defects
report, for review by TPL. The report must indicate the recommendation for immediate rectification or
deferment to the next PM cycle with relevant costs.
3.2 System Availability and Administration
The server and system environment includes all software aspects of the security systems. “Software”
includes but is not limited to: applications (e.g. Starwatch), Databases, configurable drivers, firmware,
interfaces, operating systems, etc. This environment will require administrative tasks such as backups,
virus definition and patch management, account management, etc.
RFP: Security Maintenance and Repair Page 19 of 77
The administration of this environment must ensure maximum availability of all systems and services by
providing fault resolution, monitoring and preventative maintenance services to be regarded as a fixed
monthly service charge. Monitoring is regarded as a system administration function and includes health,
capacity and performance monitoring of hardware, software, networks, interfaces, applications and
databases.
The server and system environment must be correctly monitored to ensure maximum uptime and may
include additional or amended processes and tools related to applications, server and system
administration.
Any site visits to resolve system availability related faults is included in the scope of this service and in the fixed monthly service charges. In the case where a service failure is due to a hardware fault, hardware resolution procedures and SLA’s as outlined in section 3.1 – Hardware maintenance and repair will apply. Minimum service level requirements are specified in Appendix 1 – Section B: Service Levels And Penalties. The fault resolution procedure is described in section 3.7.2 below
System Availability 3.2.1
Ensure the maximum uptime for the security system and associated sub-systems.
The uptime status is measured as the availability of the overall security system at each site and would include failure of functions related to one or more subsystems (Intercoms, Access Control, CCTV) at the site or NOC.
Preventative Maintenance of servers and systems 3.2.2
Provide regular, scheduled maintenance on all software and the network environment, in accordance
with agreed schedules and procedures as listed in Appendix 2 to ensure minimum downtime due to
service interruptions.
System, database, operating system, application and network administration tasks should follow best
practice and are not explicitly outlined in the attached procedures.
Password Reset Service 3.2.3
Service desk calls for the reset of Security Supervisor and other passwords will be reset by the vendors
service desk. The management of user passwords for security guards are out of this scope of work as it
would be reset by TPL security supervisors.
Passwords must comply with Transnet security policies and changed as policies require. A hard copy of
all system and administrative passwords must be kept in a secure location on TPL’s premises.
Backups and restores, Business continuity 3.2.4
Backups and restores are to be conducted in accordance with TPL procedures which will include full
weekly and daily incremental backups . The following information must be backed up:
RFP: Security Maintenance and Repair Page 20 of 77
Server, workstation, application, and network configurations or images (all sites) - on system
changes
Access control databases (NOC/INOC) – Daily
SM System Database (NOC/INOC) - Daily
Temporary evidence stores - as designated by TPL
Test restores to the sandbox environment must be conducted regularly.
The current environment does not include redundant servers at the INOC/NOC or a disaster recovery
site, however in order to test effectiveness of stand-alone site operations, bi-annual failure tests will be
conducted at TPL’s request. (EG; WAN failure test)
The full backup strategy and design will be provided to the successful vendor on contract
commencement.
Logical security and Vulnerability Management 3.2.5
The vendor is responsible for all aspects of vulnerability management and logical security of all network
attached devices. This will include:
Virus scans and definition updates.
All patches and updates must be conducted monthly.
Configuration management
Vulnerability scans using recognised scanning software supplied by TPL
Note that all system updates must be tested in the sandbox environment prior to general deployment.
Active directory management 3.2.6
Management of all user accounts, groups and policies.
System integrity checks and corrective action when required.
Management of time synchronisation in the environment
Performance and capacity management 3.2.7
Vendor must ensure that end to end system performance and capacity requirements meets agreed
benchmarks. Performance and capacity information will be disclosed to the successful bidder.
Software updates 3.2.8
Vendor must be aware of all updates to software and firmware for all products in use, plan and deploy
any required patches or updates after testing in the sandbox environment. A periodical review of
software lifecycle and licence agreements is required to ensure compliance and OEM support.
Network Monitoring and Management 3.2.9
Monitor and manage network uptime and performance (LAN and WAN). The vendor will be responsible
for:
Resolution of LAN performance and availability faults. (The LAN is defined as the on-site network installation from all end devices to the port on the ONS equipment. )
RFP: Security Maintenance and Repair Page 21 of 77
Reporting WAN faults to the WAN service provider and monitoring logged incidents until
resolution.
3.3 Installations, Moves, Additions, Changes and Decommissioning (IMACD)
Any additional services required to ensure the optimal functionality, protection, compliance and
performance related to this security system environment as detailed in this document.
Perform hardware and software IMACDs in accordance with the specific Service Request, procedures
and other applicable policies. Service requests will be submitted through the vendor’s service desk by
TPL authorised staff via an official request form.
Such work shall be compensated on a time and materials basis. All changes that will invoke a cost for
TPL must be quoted for and approved by TPL before commencement of work. All labour required for
IMACD must be charged at rates agreed by both parties at the commencement of the contract.
All IMACD’s must align with the asset and spares service requirements outlined in section 3.4 Asset and
Spares management.
The vendor will provide all supervision, labour, administrative support, materials, tools, test equipment,
parts, supplies, equipment, and transportation necessary to perform the above service including Any
electrical, mechanical and any civil works required must be approved by TPL.
Ad-hoc user training at all levels of proficiency will be included as a requested service.
Depending on the scope of the request, separate SLA’s will be specified with associated service
penalties.
IMACD does not refer to any replacement or repairs of existing equipment or software carried out in the
course of fault rectification.
3.4 Asset and Spares management
Asset management 3.4.1
The vendor will be responsible for the management of all assets (hardware and software) and
configuration information relating to all system components. It should be noted that pending the
implementation of the NOC and associated systems, Asset and configuration databases will be provided
as flat file databases (Eg Excel spreadsheets)
3.4.1.1 Asset Database
The vendor will be responsible for the management and maintenance of an asset database of all
hardware and software assets.
The asset database shall track the entire lifecycle of all assets: Planning, Acquisition, Deployment,
Management, and Retirement and processes associated with each phase. See Figure 4 - Asset
Management Lifecycle
RFP: Security Maintenance and Repair Page 22 of 77
Figure 4 - Asset Management Lifecycle
3.4.1.2 Configuration Management Database
The Vendor will be responsible for the management and maintenance of the configuration management
database (CMDB).
Any changes to device or system configuration must be reflected in the CMDB as part of the change
control process.
The field layout for the hardware CMDB is outlined in Appendix 5
Spares Management 3.4.2
The vendor will be responsible for the management of spares including,
Storage
Procurement
Provision
Refurbishment and repair
Stock management
Note that spares stock holdings are to be approved by TPL and any changes to the holdings must be
approved.
Agreed minimum spares stock levels must be maintained at all times. In the case where required spares
are not in stock, procurement lead times as outlined below will apply
RFP: Security Maintenance and Repair Page 23 of 77
To minimise downtime of critical devices, configuration templates should be available to enable rapid
deployment of replacement equipment.
Procurement 3.4.3
The vendor will be responsible for the procurement of spares and equipment required for repairs,
changes and additions.
3Asset Management is provisioned as a monthly fixed fee service and therefore there will be no mark-
up on any hardware and software purchases. TPL reserves the right to request and review vendor
quotation processes.
Procurement of new assets will be based on TPL installed base with consideration for product
roadmaps, warranties and maintenance requirements. Deviance from agreed lead times, without proof
that delay is no fault of the vendor, will be subject to penalties.
Warranties 3.4.4
Vendor must manage any warranty claims and ensure all faults of equipment under warranty are
addressed accordingly.
Quotations for equipment must include options of extended warranty where applicable.
Software Licences 3.4.5
The vendor must ensure that all products are compliant with licence agreements. Licence renewal must
be addressed timeously to avoid re-instatement fees and / or downtime resulting from expiry or under
licenced implementations.
All Licences must be in the name of Transnet.
Intellectual property rights of any code and/ or scripting developed as part of the scope of work of this
agreement will remain with TPL.
Disposals 3.4.6
Asset disposal should be conducted regularly and is subject to approval and must be disposed of in an environmentally friendly manner (ISO 14000) relevant certification and documentation relating to disposals must be submitted to TPL.
3.5 Sandbox Services
The vendor will provide and maintain a sandbox environment to allow for a test platform for the
following:
Patches and anti-virus updates
Software updates
System Changes
Hardware specification changes
Additional systems integration
RFP: Security Maintenance and Repair Page 24 of 77
The sandbox must be an isolated system that replicates the distributed architecture of the live system,
and provides both site and centralised servers that mimic the live servers. All changes must be tested in
the sandbox prior to implementation in the field.
The Sandbox will be hosted on TPL premises.
The vendor will be responsible for the provision and establishment of this environment. TPL reserves the option to procure these assets (at book value) at the end of the contract or by mutual agreement. For the purpose of this proposal, the following schedule lists the hardware required for the sandbox, all
software licences are available and facilities are provisioned to host this equipment.
Required hardware list for Sandbox (Based on installed hardware)
Function Device RAM Disk
Access control Publisher IBM X3550 X5 64GB 2 x 146GB Raid 1 6 x 300GB Raid 5
Access Control Subscriber IBM X3550 M3 24GB 4x 300GB Raid 5
CCTV System Manager – Site Pelco Endura SM5200 8GB 2.8 TB
CCTV Workstation Pelco WS5070 4GB 240GB
CCTV NSM Pelco Endura NMS5200 N/A 24TB Raid 6
CCTV System Manager NOC Pelco Endura SM5200 8GB 2.8 TB
Active Directory / WSUS / Antivirus IBM-X3550 M4 32Gb 4 X 146 GB RAID 5
Situation manager – Site IBM X3550 M3 24GB 4x 146GB Raid 5
Situation Manager NOC IBM-X3550 X5 64GB 2 x 146GB Raid 1 6 x 300GB Raid 5
PC Workstation Monitor, Mouse & Keyboard
Lenovo Thinkstation S30 8GB 240GB
PTZ Camera Pelco Spectra IV
Fixed Camera Pelco IXE10LW
Access control Reader HID Card reader
Access Control ACS StarNet Controller
Access Control IOM StarNet Controller Expansion
Network Switch Cisco 3650
Rack 42 'u device rack
Cabling Fibre and Ethernet cabling
Keyboard, mouse and monitor Rack mounted KVM
RFP: Security Maintenance and Repair Page 25 of 77
3.6 Electrical Maintenance
The vendor will be responsible for the maintenance of the following:
Electric distribution boards in field junction boxes, and associated outlets.
Electric fences and associated equipment
EXD Rated equipment
Details of the specific procedures are contained in Appendix 2. SANS standards are applicable in this
environment. The Vendor must ensure statutory compliance of all installations at all times and ensure
any changes meet all compliance requirements and certification is provided.
All resources working on electrical installations must possess the relevant, up to date certification and
qualifications for their respective tasks.
Changes in electrical installations as a result of repairs, changes or additions to security related
equipment are included as part of the relevant services; Corrective Maintenance, IMACD, asset and
spares management.
3.7 Cross Functional Services
Where indicated, the following services shall be included in the scope of work for each service outlined
above.
Scheduling and site access 3.7.1
The vendor will be responsible for scheduling work timeously and arranging site access where required
including:
Scheduling of third parties including sub-contractors.
Ensuring that maintenance visits are aligned with TPL plans and schedules at the site where
maintenance will be performed.
Completion of works Authorisation Requests (WAR) and change control procedures outlining
the work which will be performed and highlighting the risks and the precaution taken to avoid
any risks which may be encountered.
Obtaining access and work permits where required
TPL will provide a contact list for each site.
Service desk 3.7.2
The vendor will be responsible for the provision of a service desk/call centre to perform the following
functions:
Logging of faults and service requests including the provision of a reference number.
Provide first line support.
Monitoring of faults and service requests to resolution.
Co-ordination with third party service providers where required.
First line support will address faults that do not require a site visit and can be resolved telephonically.
Hours of operation shall be: 24/7/365.
RFP: Security Maintenance and Repair Page 26 of 77
In respect to actions requiring TPL responses for critical requests, (e.g.: Change Control for critical fault
resolution), requests must be made via e-mail to two designated TPL employees with the understanding
that a response will be sent within 3 hours of receipt. For after-hours changes , approval can be sent and
granted telephonically or via SMS.
High priority faults will require an automated alert to be sent to key TPL personnel / management.
The service desk must be fully aware of TPL operations, locations and respective procedures to provide
an effective service.
Faults must be logged via e-mail or telephonically. Web portal services may be provided. All logged
faults must be provided with a reference number within the following time periods:
For telephonic logging – as part of the initial service desk call.
For E-mail logging – within 15 minutes of mail being received.
For Web portal logging within 5 minutes of fault logging.
SLA time to resolve metrics will be measured from the time a reference number is issued by the service
desk.
The fault resolution procedure is described below.
RFP: Security Maintenance and Repair Page 27 of 77
Figure 5 - Fault Resolution Process
Fault detected by
Security TeamTPL Staff Maintenance Team
Notifies
Tpl ops
Call Logged with Vendor Call Centre
Notifies
Create Fault Ticket
Repaired in cycle
No
Issue Quote and Work authorisation
Request to TPL
Quote & WAR Approved
YES
NoAdded to task list
for next cycle
Resolve remotely
NO
Assess faultFrom NOC
Dispatch team and spares
Allocate to support team
YES
Spares Required
Spares in Stock
Resolve fault
YES
NO NO Procure spares
YES
Yes
Assess fault On site
Request Site Visit Approval
NO
Approve Visit YES
Resolve Now?
YES
NO
Dispatch team
Work authorisation and change control
request to TPL
RFP: Security Maintenance and Repair Page 28 of 77
Documentation, Change and configuration Management 3.7.3
Any changes to the systems must follow Transnet change management policies and procedures.
Change control procedures will include an approval process whereby all specific information relating a
change will be detailed including but not limited to:
Detailed description of required change
Impact
Risk
Spares requirements
Rollback plans
Downtimes
All relevant documentation required to manage and maintain the systems will be provided by TPL at the
commencement of the contract.
The vendor is responsible for maintenance and management of all documentation related to the
systems. Where applicable, any new installations must provide full engineering documentation. The
integrity of documentation must be maintained at all times (e.g.: As-built documentation)
The Vendor will maintain, during the life of this agreement, hard and soft copies of all relevant
documentation, including scheduled and unscheduled maintenance activities. In addition, computerized
asset database records will be maintained on all hardware and software during its lifecycle.
Transnet policies regarding confidentiality and document classification must be adhered to at all times.
For any software and configuration changes, a snapshot of the current and future configuration must be
included as supporting documentation to the change request.
Health and Safety 3.7.4
The vendor shall ensure that all contractors and sub-contractors have been assessed as part of the
Health and Safety requirements and that the information is signed and stored in a hard copy available at
any time to be scrutinized by an inspection. A copy of the safety file must be provided to TPL as part of
the contract commencement process. The HSE file must adhere to the Transnet standards. Please refer
to the Health and safety documentation included in this document pack for further details.
The provider will provide all materials, and equipment necessary to protect their contractors
and sub-contractors, from injury.
Liability is carried by the contractor
The provider will ensure that all staff under their employ adhere to all safety regulations,
standards and procedures.
The provider will ensure that TPL staff, equipment, furnishings, buildings, and grounds are
protected from damage caused by their actions. Any such damage will be repaired, replaced, or
restored to its original condition at no additional cost to TPL.
RFP: Security Maintenance and Repair Page 29 of 77
The Vendor is responsible for ensuring that the HSE file is updated when changes occur and is
liable for non-performance credits if documentation is not up to date.
Failure to maintain the HSE file to the above requirements will be considered a breach of
contract.
Quality Control 3.7.5
The vendor must provide, implement and adhere to a QA program.
All workmanship shall meet TPL and industry standards as well as equipment manufacturers’ installation
instructions.
Completed work will be free of defects that would prevent it from functioning as originally intended and
designed.
While on site, during work activities, debris will not be spread unnecessarily into adjacent areas to the
work area. The service provider will clean up or remove all debris, excess material, and parts at the end
of each workday and/or at the completion of the work.
Any work that alters the original appearance of equipment covered under this agreement must be
approved in advance by TPL
Equipment and tools 3.7.6
The vendor shall maintain a full complement of required tools, test equipment, cherry pickers, ladders,
and other equipment necessary in the successful performance of this agreement.
All test equipment will have record of safety and calibration checks which will be available to TPL on
request.
TPL will not be held responsible for any tools or equipment left on site.
Supplier and sub-contractor relationships 3.7.7
The vendor will be responsible for maintaining any support relationships with suppliers/agents
necessary for the ongoing support of its products, (e.g. Warranties , Firmware updates, etc.) including
entering into any relevant support agreements.
It should be noted that SLA uptime and time to resolve requirements should be considered when the
Vendor is entering into agreements with suppliers.
Proof of partner relationships and technical accreditation must be provided as part of the submitted
proposal.
3.7.7.1 Vendor Accreditation
The vendor must be an accredited partner with the OEM or distributor of all following major system
components installed at the sites:
Cisco
Microsoft
IBM
RFP: Security Maintenance and Repair Page 30 of 77
Remsdaq
CNL Software
Pelco
Gunebo and Mutual Doors
Reporting and Billing 3.7.8
High Level reporting requirements for all services are included in Appendix 1.
There are currently no existing report and billing templates and formats. All templates must be
approved by TPL prior to implementation to ensure the effective management of the environment.
A daily morning fault report on the entire environment is required to be sent by the Vendor to TPL via e-
mail.
Monthly reporting should clearly indicate deviations from SLA criteria for all services.
Resources 3.7.9
Vendor staff must be adequately competent, trained and, where applicable, hold up to date
certification in the support and repair of all key system components (Hardware and software)
specifically:
Cisco - Switches and Routers
Microsoft – SQL Server, Windows Server, Windows , Active Directory
Remsdaq – Sabrephonic, StarNet Hardware and StarWatch software
Pelco - Cameras and Endura video management systems and hardware
CNL – IPSecurityCenter software
IBM – X Series Servers
It is the vendors responsibility to ensure all personnel are fit for work and are subject to the Transnet
code of ethics.
Any change in personnel must be communicated to TPL for their approval prior to the change.
Failure to apply with any of the above requirements will result in penalties or as a breach of contract.
Statutory Certification and security clearances 3.7.10
Vendors and sub-contractors must be in possession of all valid PSIRA registration.
The successful vendors and associated sub-contractors and associated personnel will be subject to State
Security Agency (SSA) clearance during the due diligence phase of the tender process.
The vendor must produce proof of current and valid PSIRA and SSA certification annually.
Resources working on electrical installations must be in possession of valid certification.
Audits 3.7.11
RFP: Security Maintenance and Repair Page 31 of 77
The entire security environment as outlined in the scope of work is subject to Transnet internal and
external audits to ensure compliance, corporate governance, and information security. These Audits can
be conducted on a bi-annual basis. To ensure compliance to policies procedures and standards, any
audit findings must be addressed in the timeframe determined by the severity of the relevant audit
finding.
All sites are National Key Points and may be subject to respective audits and/or inspections by the
relevant authorities. Any NKP audit findings must be addressed in the timeframe determined by the
severity of the relevant audit finding.
3.8 Exclusions
The vendor will not be responsible for the following:
Enterprise ICT installations and systems
Fire and Alarm panels other than the link to the situation management systems
Non security electrical installations
ONS WAN services and related fibre infrastructure
Doors, excluding blast proof doors
SCADA infrastructure and systems
4. SERVICE LEVELS AND PENALTIES
Refer to services details in Appendix 1 – Section B for details of required service levels and penalties.
5. CONTRACT TERMS
TPL has the option to limit the scope of work at commencement of the contract or at any time after
commencement subject to a six month notice period
5.1 Sub-Contractors
The vendor shall be responsible for the management, administration and remuneration of all 3rd party
vendors, and service providers who are required to provide support services. Any costs related to the 3rd
parties shall be included in primary vendor’s pricing and quotations.
Sub-contractors are subject to all rules, regulations and policies pertaining to the main contractor.
Transnet must be informed of all sub-contractors and shall have the right to direct the Service Provider
to replace any approved Subcontractor upon 30 (thirty) calendar days’ notice or such other time as may
be mutually agreed, if
Any acts or omissions of the Subcontractor cause a material breach of the confidentiality or
infringement provisions of the Agreement,
Material misrepresentations were made concerning the Subcontractor
Transnet, on any other reasonable grounds, requires such Subcontractor to be replaced, including,
but not limited to the following reasons: the Subcontractor is declared a security risk by the State
Security Agency; failure to provide a valid tax clearance certificate; the Subcontractor is convicted of
violating any Applicable Law, including the PCCA Act. “
5.2 Duration
RFP: Security Maintenance and Repair Page 32 of 77
The contract will be for a period of three years with an option for a two year extension. Any additions to the initial contract will terminate at the same date as the original contract.
5.3 Travel
All fixed price services must include travel and accommodation unless otherwise stated.
In cases where travel can be claimed, it will be subject to Transnet policies, including the following
constraints:
Road Travel Engine capacity less than or equal to 1800 cc Charged at AA rates per km
Accommodation a) bed and breakfast; b) guest house; c) self catering; or d) hotel having a star rating of 1, 2 or 3 as defined by the Tourism Grading Council of South Africa
Charged at proven cost (actual cost)
6. HANDOVER / TRANSITION
6.1 Contract Commencement
The Vendor must provide the following contract deliverables within 30 days from the date of their
appointment.
Preventive maintenance implementation plan
Quality Assurance plan
Establishment of service desk including all relevant service desk procedures
Organogram including contact details
Establishment of all processes required to meet all service requirements.
Contract management communications plan (Example: Meetings, billing dates, etc.)
Agreement on reporting templates
Safety files
Acceptance of handover pack, including passwords, from TPL or TPL assigned vendor.
Acceptance of current outstanding faults, if applicable.
Completion of site visits if required
Support and maintenance services must be active from contract commencement date.
Any faults at time of handover must be attended to within agreed timeframes.
All relevant documentation will be provided in digital format to the vendor on commencement of the
contract.
6.2 Contract completion
RFP: Security Maintenance and Repair Page 33 of 77
On completion of the contract the vendor will provide the following to TPL or its designated party within
30 days of the contract terminating or if required, prior to contract completion:
Asset and configuration databases including licences and warranties
Password list
Updated diagrams and documentation reflecting any changes made
All spares held in stock or awaiting repair
Site status reports
All maintenance reports
Outstanding faults and requests
Any other relevant information
All documentation must be up to date, correctly formatted, reflecting all changes made and in a
preferred electronic format.
On termination of the contract, any TPL design, configuration and SOP documentation help by the
vendor after handover must be returned or destroyed.
RFP: Security Maintenance and Repair Page 35 of 77
APPENDIX 1 Service Levels And Penalties
Section A: Services Detail
Service 1 Hardware Maintenance and Repair
Requirements Corrective Maintenance All tasks which are required to correct a hardware failure that has occurred or
is in the process of occurring, and may consist of repair, restoration and/or
replacement of components.
Preventative Maintenance Provide regular, scheduled maintenance on all on site physical equipment, in accordance with agreed schedules and Attached standard operating procedures, as listed in Appendix 2 to ensure maximum equipment life and minimum of downtime due to equipment failure. Perform minor corrective actions that can be completed as part of the PM
task and does not require approval or change management processes. E.G. –
loose device or device missing mounting screws.
Non Critical Fault Rectification Rectify non-critical faults identified in previous maintenance visits.
Scope Corrective Maintenance
Resolve faults within required SLA threshold
If fault cannot be immediately resolved, provide quotation for work to be done on site, including spares, where required
Submit Work authorisation request and schedule site access Scheduled maintenance
Clean and check all on site system components as per SOP’s in Appendix 2
Corrections of minor issues identified during visit.
Schedule rectification of identified problems - subject to approval by TPL.
The vendor will be responsible for the following associated actions as outlined
in the section “Cross functional requirements”
Scheduling and site access
Change Management
Health and safety
Adhere to policies, procedures and standards
Client
responsibilities
Provide access to site – issue permit
Approve quotes for repairs
Approve changes and repairs
Exclusions Electrical Maintenance to be addressed as a separate service.
Software faults are addressed as a separate service
Service Window Scheduled maintenance Service will be operational during normal office hours:
7:30 - 16:00 Monday to Friday
Fault rectification
RFP: Security Maintenance and Repair Page 36 of 77
24 hours a day / 365 days a year
Pricing Scheduled maintenance
Fixed Rate per visit based on agreed hourly rates.
Visits shall be priced individually for each site.
Rate shall include
Travel at AA rate
Accommodation
Provision of special equipment (e.g. Cherry Picker) Rate shall exclude
Spares
Fault rectification
Callout fee to include first 2 hours labour and travel to site.
All additional hours to be charged at agreed hourly rate on approval from TPL.
Visits to be approved by TPL prior to visit.
Quotations for additional visits and replacement parts is to be approved by TPL.
Rate shall include
Travel at AA rate
Provision of special equipment (e.g. Cherry Picker)
Rate shall exclude
Spares
Accommodation where applicable, to be reimbursed at proven cost.
Service levels &
Penalties Refer to Section B for required service levels and penalties
Reporting Description Frequency
Overall activity by
site
Work completed, Corrective Faults completed and
outstanding including spares usage.
PM Defects rectified, Outstanding PM Defects, Site
Status, changes implemented, SOPs completed,
SOP’s outstanding.
7 Days after month
end
Work Completed by
site
Work Planned vs completed
7 Days after month
end
Root cause analysis Detailed breakdown of reasons for fault and
preventative action taken after resolution
On Request
RFP: Security Maintenance and Repair Page 37 of 77
Service 2 System Availability and Administration
Requirements System availability will be based on the following definition of system downtime:
Failure of one or more functions affecting security operations at a site or NOC.
Scope
System Availability
The administration of this environment must ensure maximum availability of all systems and services by providing fault resolution, monitoring and preventative maintenance services. System downtime is classified as the unavailability of functional operations required to operate the security systems as designed from the NOC or site and includes situation management and sub system functionality. Refer to section 3.2 for further detail.
The vendor will also be responsible for the following associated actions as
outlined in the section “Cross functional requirements”
Scheduling and site access
Change Management
Health and Safety
Adhere policies, procedures and standards
Provide and manage spares where required as per the spares services definitions
Vendor should periodically review and revise maintenance SOP’s and recommend changes where relevant.
Exclusions WAN uptime is excluded and is managed by a separate service provider, however the time taken to report a WAN fault is included in service metrics.
In cases where a service failure is due to an on-site hardware fault, hardware resolution procedures as described in Service 1 will be followed.
Client
responsibilities
Provide access to site
Approve changes
Approve changes to SOPS
Provide SOPs
Perform periodic audits of work conducted
Service Window System Availability is measured as a continuous service, 7 days a week, 365 days a
year.
Preventative Maintenance services will be operational during normal office hours:
7:30 - 16:00 Monday to Friday
Pricing Service will be priced as a fixed monthly fee for all sites. Where a site visit is
necessary, the fault resolution will charged at agreed labour rates
RFP: Security Maintenance and Repair Page 38 of 77
Pricing will exclude:
Spares
Service levels &
Penalties Refer to Section B for required service levels and penalties
Reporting Description Frequency
Service Availability Service uptime per site Detail of faults received and resolved, per site per month
7 working days after month end.
Account
Management Passwords reset, access changes
7 working days after month end.
Root cause analysis Detailed breakdown of reasons for fault
and preventative action taken after
resolution
On Request
System Audit Details of users who made changes to
the system
On Request
Work Completed Work Planned vs completed Backup logs and checklists Antivirus and patching implemented
7 working days after month end.
Deviations from SLA Meeting or exceeding service level thresholds - global and per site (according to SLA criteria as listed in section B)
7 working days after month end.
System performance
and capacity
Performance benchmark scores – Monthly Details of failures to meet benchmarks
7 working days after month end.
Audit Reports Reports as requested by auditors As and when required
Vulnerability Scan
reports
Results of vulnerability scans 7 working days after month end
RFP: Security Maintenance and Repair Page 39 of 77
Service 3 Installations, Moves, Adds, Changes and Decommissioning (IMACD)
Requirements Perform any hardware and software IMACDs in accordance with the
specific Service Request.
Scope
Conduct pre-installation and site survey activities.
Design applicable solution
Provide quotation, schedule and relevant design information
Build, configure and test the changes related to the service request in the sandbox to ensure compatibility.
Execute work to fulfil requirements
Provide basic End-User or technical staff orientation as needed.
Provide full training for end users and technical staff when required.
Conduct data and applications migration where necessary.
Update asset and configuration databases and all documentation accordingly including engineering drawings.
The vendor will also be responsible for the following associated
actions as outlined in the section “Cross functional requirements”
Scheduling and site access
Change Management
Health and Safety
Quality management
Client responsibilities Provide requirements
Provide access to site or remote access location (NOC/INOC)
Approve quotes and design
Signoff of completed work
Pricing Pricing shall be based on quotation for each service request based on
fixed rates. Pricing is subject to periodic review and benchmarking by
TPL. Travel and accommodation is subject to Transnet policies.
Quotation shall include:
Travel at AA rates
Accommodation where applicable, to be reimbursed at proven cost.
Provision of special equipment (eg Cherry Picker)
Service Window Service will be operational during normal office hours:
7:30 - 16:00 Monday to Friday
Service levels & Penalties Depending on the scope of the request, separate SLA’s will be specified with associated service penalties
Reporting Description Frequency
Requests Requests completed and outstanding per site
with global summary
Monthly
Specific reports on requests Relevant report pertaining to request. As required
RFP: Security Maintenance and Repair Page 40 of 77
Service 4 Asset and Spares management
Requirements The vendor will be responsible for the management of all assets
(hardware and software) and configuration information relating to all
system components.
The Vendor will manage the supply of all spares and stock levels of an
agreed minimum spares list.
Scope Management and maintenance of asset register
Management and maintenance of configuration information
Provide recommended spares listing
Provide secure storage facilities
Asset procurement
Allocate assets as required
Device lifecycles
Manage stock levels
Asset Disposal according to environmental standards
Management of software licences
Asset upgrade paths
Client Responsibilities Approve all changes
Approve all procurement and renewals
Approve spares list
Perform audits
Review reports and asset register
Pricing Service will be priced as a fixed monthly fee
Service Window 24 hours a day / 365 days a year
Service levels & Penalties Refer to Section B for required service levels and penalties
Reporting Description Frequency
Asset changes Assets purchased and disposed. Monthly
Licence Status Status of all software licences Quarterly
Warranty Status Status of all equipment and software
warranties
Quarterly
Asset roadmap Software and hardware coming to end of life
at each site
Quarterly
Disposals pending Hardware to be disposed Quarterly
Asset schedule Register of all assets at all locations Bi – Annual
Equipment to be refurbished List of equipment removed from sites and Monthly
RFP: Security Maintenance and Repair Page 41 of 77
/ repaired awaiting repair or refurbishment
New equipment New equipment purchased in reporting period Monthly
Stock Current stock, issued, returned, disposed Monthly
Service 5 Sandbox Services
Requirements The vendor will provide and maintain a sandbox environment to
provide a test platform.
Scope Design, procure, build, maintain and manage a test environment that
will allow for testing of software changes and patches and the
addition of hardware to the live system.
The system must include servers and end devices to adequately
simulate the live security system environment.
Client Responsibilities Provide hosting space
Be part of testing processes where relevant.
Approve changes
Pricing Service will be priced as a fixed monthly fee.
Service Window Service will be operational during normal office hours:
7:30 - 16:00 Monday to Friday
Service levels & Penalties Refer to Section B for required service levels and penalties
Reporting Description Frequency
System activity and status Changes made and system status Monthly
RFP: Security Maintenance and Repair Page 42 of 77
Service 6 Electrical Maintenance and Repair
Requirements All tasks which are required to correct and prevent electrical failures
associated with the security system, and may consist of repair,
restoration and/or replacement of components and Preventative
maintenance
Ensure statutory compliance of all installations.
Scope Fault Resolution
Provide quotation for work to be done on site, including spares, where required
Submit Work authorisation request and schedule site access
Resolve faults
Provide electrical compliance certification where required.
Preventative Maintenance
Ensure integrity of EXD compliant equipment
Ensure all electrical compliance is maintained
Ensure electric fences are fully operational and compliant with statutory requirements
Scheduled Maintenance and repair of all electrical equipment
Report on status and condition of all electrical equipment Changes and Additions
Change and additions of electrical installations required for any work carried out in the scope of service 3.
Submit documentation related to changes for approval
Ensure compliance with regulations.
The vendor will be responsible for the following associated actions as
outlined in the section “Cross functional requirements”
Scheduling and site access
Change Management
Health and safety
Adhere to policies, procedures and standards
Electrical compliance and certification
Client responsibilities Provide access to site – issue permit
Provide policies, procedures and standards
Review status reports and job completed job cards
Oversee and verify work
Exclusions Security UPS and Main Security UPS distribution board-
maintenance and testing
All electrical installations other than security systems
Service Window 24 hours a day / 365 days a year
Pricing Fault rectification Agreed hourly rate – visits to be approved by TPL prior to visit. Quotations for additional visits and parts is to be approved by TPL. Rate shall include
Travel at AA rate
RFP: Security Maintenance and Repair Page 43 of 77
Provision of special equipment (e.g. Cherry Picker)
Rate shall exclude
Spares
Accommodation where applicable, to be reimbursed at proven cost.
Preventative Maintenance
Service will be priced as a fixed fee for all sites per maintenance cycle
Rate shall include
Travel at AA rate
Accommodation
Provision of special equipment (eg Cherry Picker)
Rate shall exclude
Spares
Service levels & Penalties Refer to Section B for required service levels and penalties
Reporting Description Frequency
Scheduled Maintenance
Completed by site
Defects rectified, Outstanding Defects, Site
Status, changes implemented.
7 working days after
each maintenance visit
at each site
Scheduled Maintenance
check sheets
Completed SOP’s signed by authorised
person
7 working days after
each visit at each site
Reactive Maintenance Detail of faults logged, resolved and outstanding per month - Global summary and per site
7 working days after
month end.
RFP: Security Maintenance and Repair Page 44 of 77
Section B: Service Levels and Penalties
Service Criteria / metric Threshold
Penalty
Note: all penalties are calculated as: result
of formula X Weight X penalised Service
Charge
Weight Assessment
frequency
Penalised
Service Charge
1. Hardware Maintenance and Repair
Fault
Resolution
Time to resolve – spares available: Visit
to site and resolution of fault where the
following apply:
No spares are required.
Spares required are on the
stock list
No additional site visits are
required to resolve fault.
24Hrs
Sliding scale (See below) applied to hours
over threshold X total cost of call out. 100% Per call out per call out
Hours over threshold 0 4 12 24+
Penalty 0% 5% 10% 15%
Time To resolve – additional works and
spares : Will only apply if fault cannot
be resolved with available spares or
additional works are required. Time to
resolve does not include quotation
approval, where applicable.
Deviance from time stipulated in
quotation will result in penalties
Quoted
Time
Deviation from quoted time on the
following sliding scale X Cost of call out 100% Per call out Per call out
Days over threshold 1 2 3 4+
Penalty 5% 10% 15% 20%
RFP: Security Maintenance and Repair Page 45 of 77
Service Criteria / metric Threshold
Penalty
Note: all penalties are calculated as: result
of formula X Weight X penalised Service
Charge
Weight Assessment
frequency
Penalised
Service Charge
Preventative
maintenance
Work Completed
Scheduled work measured as
completed SOP's completed in allotted
time
100% % incomplete work (against SOP'S) under
threshold per PM visit 100% Per visit per visit per site
2. System Availability and Administration
Service
Uptime
System Availability: Measured as
uptime of all systems at site level.
(Excluding planned downtime)
98%
Sliding scale below applied to average of all
site uptimes outside of threshold weight 75% Monthly
Total Service
costs for
assessment
period
% under Threshold at each site 1% 2% 5% 10% 15% 20% +
Penalty 5% 10% 15% 20% 30% 50%
System
Management
Account management:
Account management faults not
completed in threshold time
2 hours Account Management faults resolved over
threshold / Total faults 5% Monthly
Total Service
costs for
assessment
period
Backups and restores:
Backups completed
Test restores to Sandbox completed
(Data restoration conducted Bi –
annually )
100% % of completed backups and restores
below threshold 5% Monthly
Total Service
costs for
assessment
period
RFP: Security Maintenance and Repair Page 46 of 77
Service Criteria / metric Threshold
Penalty
Note: all penalties are calculated as: result
of formula X Weight X penalised Service
Charge
Weight Assessment
frequency
Penalised
Service Charge
Patches and virus updates: Time to
complete patches and virus definition
updates
4 weeks % Patches and definitions not installed in
allotted time 5% Monthly
Total Service
costs for
assessment
period
Logical Security : Score of Bi Annual
Security audit on policy compliance and
vulnerability
100% % Of devices deviating from minimum
security requirements 5% Bi-annually
Total Service
costs for
assessment
period
Performance: Amount of time systems
do not meet agreed performance
benchmarks
100% % Time in period system meets agreed
benchmarks 5% Monthly
Total Service
costs for
assessment
period
3. Installations, Moves, Adds, Changes and Decommissioning (IMACD)
IMACD To be determined at time of IMACD Request
4. Asset, configuration and Spares management
Spares
Management
Availability of Listed spare when
required for repair 100% Total Spares not in stock/ Spares required 15% Monthly
Fees for
Assessment
period
RFP: Security Maintenance and Repair Page 47 of 77
Service Criteria / metric Threshold
Penalty
Note: all penalties are calculated as: result
of formula X Weight X penalised Service
Charge
Weight Assessment
frequency
Penalised
Service Charge
Software
licences All software licenced 100% % of unlicensed software in use 30% Quarterly
Fees for
Assessment
period
Asset and
configuration
Management
Database accuracy 100% % of errors in asset database 45% Bi - Annually
Fees for
Assessment
period
Disposals All assets disposed of as per policies
and procedures 100% % of errors in asset disposals 10% Bi - Annually
Fees for
Assessment
period
5. Sandbox Services
Availability Availability of Sandbox 100% (Working days in month – Days
unavailable) * Service Fee 100% Monthly Monthly Fee
6. Electrical Maintenance and Repair
Fault
Resolution
Time to resolve – spares available: Visit
to site and resolution of fault where the
following apply:
No spares are required.
Spares required are on the
24Hrs
Sliding scale (See below) applied to hours
over threshold X total cost of call out. 100%
Per call
out per call out
Hours over threshold 0 4 12 24+
RFP: Security Maintenance and Repair Page 48 of 77
Service Criteria / metric Threshold
Penalty
Note: all penalties are calculated as: result
of formula X Weight X penalised Service
Charge
Weight Assessment
frequency
Penalised
Service Charge
stock list
No additional site visits are
required to resolve fault.
Penalty 0% 5% 10% 15%
Time To resolve – additional works and
spares : will only apply if fault cannot be
resolved with available spares or
additional works are required. Time to
resolve does not include quotation
approval, where applicable.
Deviance from time stipulated in
quotation will result in penalties
Quoted
Time
Deviation from quoted time on the
following sliding scale X Cost of call out 100% Per call
out Per call out
Days over threshold 1 2 3 4+
Penalty 5% 10% 15% 20%
Preventative
maintenance
Scheduled work measured as SOP's
completed in allotted time 100%
% incomplete work (against SOP'S) under
threshold per PM visit 100% Per visit Per visit
RFP: Security Maintenance and Repair Page 49 of 77
Additional Penalties
Additional penalties at 5% of the total monthly cost for all services billed in the respective month will be imposed for failures to meet the following service requirements.
Successive or severe failures may result in contract renegotiation.
Reporting Reporting Incomplete
Reports not delivered by agreed deadline
Incomplete Tasks
Quotations incorrect
Quotations not delivered in agreed timeframes
Excessive procurement lead times
Standards and Compliance
Completed work does not meet agreed standards,
procedures and policies.
Noncompliance with Health and Safety regulations or any
other relevant legal requirements
Service Desk Ineffective service desk, delays in logging faults, faults not
logged
RFP: Security Maintenance and Repair Page 50 of 77
APPENDIX 2 STANDARD OPERATING PROCEDURES
NOTE:
Estimated times based on average time to complete full SOP, including all OSH requirements (e.g. working at heights), for a single device.
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
CCTV
Indoor Fixed Dome Camera Select camera, check image quality on Situation Management Workstation -
Adjust if necessary X
Clean camera housing window, remove residue from housing X
Open housing. Check & clean for dirt, insects. moisture X
Adjust varifocal lens - Field of view & focus
X
Check exposed cabling & camera housing cabling glands
X
Check camera housing bracket mounting screws
X
Camera fixed Indoor 10.00 6.00 2.00
Colour Camera Outdoor Select camera, check image quality on Situation Management Workstation -
X
RFP: Security Maintenance and Repair Page 51 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Adjust if necessary
Clean camera housing window, remove residue from housing X
Open housing, check & clean for dirt, insects, moisture X
Adjust varifocal lens - Field of view & focus
X
Check Power supply voltage - Adjust or replace if necessary
X
Check exposed cabling & camera housing cabling glands
X
Check camera housing bracket mounting screws
X
Camera Fixed outdoor 10.00 8.00 2.00
PTZ Camera Select camera, check image quality on Situation Management W/S - Adjust if
necessary X
Clean camera housing window, remove residue from housing X
Open housing, check & clean for dirt, insects, moisture X
Adjust varifocal lens - Field of view & focus
X
Check Power supply voltage - Adjust or replace if necessary
X
RFP: Security Maintenance and Repair Page 52 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check exposed cabling & camera housing cabling glands
X
Check camera housing bracket mounting screws
X
Camera PTZ 10.00 8.00 2.00
Pinhole Camera (Analogue) &
Encoders
Select camera, check image quality on Situation Management W/S - Adjust if
necessary X
Clean camera housing window, remove residue from housing X
Adjust varifocal lens - Field of view & focus
X
Check Power supply voltage - Adjust or replace if necessary
X
Check exposed cabling & camera housing cabling glands
X
Check camera housing bracket mounting screws
X
Camera Help point 10.00 8.00 2.00
CCTV Power supply Ensure correct operation of external power supplies.
X
Verify that necessary outputs supply the correct output voltages and that all
fuses are intact. X
Any foreign matter or dust should be removed by the use of clean
X
RFP: Security Maintenance and Repair Page 53 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
compressed air.
CCTV Power supply 10.00 10.00
Endura System Manager Check unit for correct operation, that all services specified for the site are
running. This can be verified through the use of Endura Utilities. X
Ensure all cabling is securely attached to the SM5000.
X
All dust and foreign matter to be cleaned from machine by use of clean
compressed air. This includes the front panel air filters and power supply unit
of the System Manager. X
Front Panel LED's to be checked for any error conditions.
X
Server CCTV
6.00 15.00
Endura Workstation Check unit for correct operation. That the WS5000 application runs correctly,
connects to the SM5000 and can view all cameras. X
Ensure all cabling is securely attached to the WS5070.
X
All dust and foreign matter to be cleaned from machine by use of clean
compressed air. This includes the front panel air filters and power supply unit
of the WS5070. X
RFP: Security Maintenance and Repair Page 54 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Front Panel LED's to be checked for any error conditions.
X
Workstation CCTV
7.00 15.00
Endura Network Storage Manager
Check unit for correct operation. That all cameras have recorded footage and
that the footage can be accessed from WS5000 application X
remote status check
X
Check the unit for any fan failure, hard drive failure or power supply failure.
These will be highlighted with the afflicted part displaying red LED's in the
case of fans and hard drives and orange in the case of power supply units. X
Check that the Manager of the recording pool is accessible via web browser
and that all cameras are associated to recording pool. This can be done via
Endura Utilities. X
Ensure that all recording schedules exist and are correct: this is done through
WS5000 application. X
Ensure all cabling is securely attached to the NSM5200.
X
All dust and foreign matter to be cleaned from machine by use of clean
compressed air. This includes the front panel air filter and power supply units
of the NSM5200. X
RFP: Security Maintenance and Repair Page 55 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Front Panel LED's to be checked for any error conditions.
X
CCTV Network storage
7.00 40.00
Access Control
Proximity Reader
Badge reader to verify operational state
X
Check Buzzer and LED status
X
Clean housing
X
Check exposed cabling & glands
X
Check card reader housing bracket mounting screws and tag
X
Card reader
2.00
Biometric Reader
Badge reader and apply finger to verify operational state
X
Check LCD display and LED status
X
Clean optic lens and housing
X
Check exposed cabling & glands
X
Check card reader housing bracket mounting screws and tag
X
RFP: Security Maintenance and Repair Page 56 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Biometric Reader
4.00
Green Break glass
Check that BGU is operational
X
Check exposed cabling & glands
X
Test reset function
X
Check housing bracket mounting screws and tag
X
Break glass Unit
2.00
Roller Shutter Door Monitors
Check that Door Monitor is operational
X
Check housing bracket mounting screws
X
Check exposed cabling & glands and tag
X
Door Monitor
1.00
Magnetic Locks
Check bracket for correct alignment
X
Check that magnetic lock is operational
X
Check Power supply voltage - Adjust or replace if necessary
X
Check exposed cabling & glands
X
RFP: Security Maintenance and Repair Page 57 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Apply electric cleaner
Maglocks
2.00
Indoor Passive Infrared Detectors
Wall Mount Indoor
Check that PIR is operational
X
Check that PIR LED is activated on movement
X
Check housing bracket mounting screws
X
Check exposed cabling & glands and tag
X
PIR
3.00
Blast Proof Doors Check door lock / unlock operations X
Check door opens and closes X
Clear doorway and remove obstructions X
Lubricate where required X
Blast Proof Doors 10.00
RFP: Security Maintenance and Repair Page 58 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Starnet Backplane
Open housing, check & clean for dirt, insects. moisture
X
Check Power supply voltage - Adjust or replace if necessary
X
Check that Backplane is mounted securely
X
Check exposed cabling & glands
X
Check housing bracket mounting screws, lock and rubber grommets and tags
X
Starnet Backplane
3.00
Starnet ACP
Check that ACP is seated securely in backplane
X
Check that Network Cable is secured
X
Check all states light on the ACP: This must be done to ensure that the
Processor is functioning correctly- A heart beat- Database present- Host
present- RS485 Communication to slave- Status lights for the doors are
correct
X
Starnet ACP
2.00
Starnet TDEM - 2 Door Expansion
Module
Check that TDEM is seated securely in backplane PCI slot.
X
Check all states lights on the TDEM: This must be done to ensure that the
TDEM is functioning correctly.- A heart beat- All status lights for the doors X
RFP: Security Maintenance and Repair Page 59 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
are correct
Starnet TDEM
1.00
Starnet IOM
Check that IOM is seated securely in backplane PCI slot.
X
Check all states lights on the IOM: This must be done to ensure that the IOM
is functioning correctly.- A heart beat- All inputs that are connected to the
IOM have the correct lights displayed X
Starnet IOM
1.00
Starnet PSU
Check & clean for dirt. insects, moisture
X
Check Power supply voltage - Adjust or replace if necessary
X
Check that PSU is mounted securely
X
Check exposed cabling & glands
X
Check housing bracket mounting screws, lock and rubber grommets and tags
X
Starnet PSU
5.00
Sabre II - Dual Zone
Check housing mounting bolts
X
Check exposed cabling & glands
X
RFP: Security Maintenance and Repair Page 60 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check housing is mounted securely
X
Check that the SabreFonic cable is attached to the wall. Fence or other
structure that is been detected. Also check the status of the cable X
Check that the RS 485 communication is up and running with its host
X
With the assistance of the control room security officer, tests to ensure that
the SPU is reporting activations back to the ‘Starwatch Monitoring Screen' X
Check that the levels on the Configuration Engineering tab are constant as
per the original setup. Use the setup chart to check X
Using a field sounder attached to the SPU conduct Hammer Calibration tests
on the Wall, Fence or other stretcher to ensure that the alarm is been
detected and is activating the relay output at the SPU X
Using the Sabre Config software to ensure that the 'Event Threshold 'level is
still within limits of the 'Peak signal' X
Sabre - Dual Zone
15.00
ACS Server — Starwatch
Confirm NetKey License server running
X
Confirm SSDI running, communicating and database loaded
X
Confirm Starwatch runs
X
RFP: Security Maintenance and Repair Page 61 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Confirm daily backups are running
X
Copy database backups to removable medium for safekeeping
X
Perform database purge
X
Monitor Windows Event Logs- Application- System- Remsdaq- Security
X
Performance Checks - CPU -Memory - Page File - Network
X
Confirm time synchronisation between all Starwatch servers
X
Confirm adequate free disk space
X
Disk clean up and defrag
X
Check Anti-Virus is operational and perform full system scan
X
Scheduled re-boot
X
Server - ACS
30.00
Gates, Booms and Turnstiles
Turnstile
Check locking mechanism. clean and lubricate
X
Check exposed cabling & glands
X
RFP: Security Maintenance and Repair Page 62 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check mounting bolts
X
Check corrosion
X
Turnstile
10.00
Sliding Gates
Check operation
X
Check wear on all moving parts
X
Check exposed cabling & glands
X
Check mounting bolts and track damage
X
Gates
10.00
Gate motor
Check operation including limit switches
X
Check mechanism, clean and lubricate
X
Check condition & damage
Check gear oil levels
Check exposed cabling & glands
X
Gate Motor
15.00
RFP: Security Maintenance and Repair Page 63 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Spike Barrier and Boom
Check mechanism, clean and lubricate
X
Check exposed cabling & glands
X
Check spike tray to be securely imbedded in roadway
X
Clean spike tray
X
Spike Barrier and Boom
15.00
Traffic Lights Clean Lenses X
Check operation X
Tighten Bolts X
Check for damage X
Traffic Lights 10.00
Junction Boxes, Field Nodes and
Server Racks
Junction box and Field Nodes
Check operation of Fans
X
Check tamper switch operation
X
RFP: Security Maintenance and Repair Page 64 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check mechanism, clean and lubricate if necessary
X
Check exposed cabling & glands
X
Check for damages and rust
X
Junction Box
4.00
Server Racks
Check operation of Fans
X
Check operation of Lights and push button release
X
Check tamper switch operation
X
Check mechanism, clean and lubricate if necessary
X
Check exposed cabling & glands
X
Check for damages and rust
X
Racks
2.00
Rack Mount Monitor and Keyboard
Check Operation
X
Check exposed cabling & glands
X
Check for damages
X
RFP: Security Maintenance and Repair Page 65 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Monitor And Keyboard
1.00
KVM Switcher and Accessories
Check Operation
X
Check exposed cabling & glands
X
Check for damages
X
KVM
1.00
Environment
Ambient temperature in IT and EPN
Rooms
Check HVAC is fully functional in IT and EPN Rooms X
Record room temperature inside IT and EPN rooms X
Ambient temperature in Junction
Boxes and Field Nodes Record temperature inside Junction boxes and field nodes X
Temperature Checks 5.00
Intercom System
Intercom IP Outlet (Remote Station)
Check operation
X
Check & clean housing for dirt. insects, moisture
X
RFP: Security Maintenance and Repair Page 66 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check exposed cabling & glands
X
Check housing bracket mounting screws
X
Intercom Station
10.00
Intercom IP Master Station
Check operation
X
Check & clean housing for dirt, insects, moisture
X
Check exposed cabling & glands
X
Check housing bracket mounting screws
X
Intercom master
10.00
LAN
Cisco Switches
Check operation
X
Check LED's on unit for correct operation
X
Check that all SFP connectors are secured
X
Check that all fibre connectors are in good condition. operational and free of
damage X
Check that all network cables are inserted into the correct ports and secured
X
RFP: Security Maintenance and Repair Page 67 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check exposed cabling & glands
X
Check & clean housing for dirt, insects. Moisture
X
Check housing bracket mounting screws
X
Cisco Switch
2.00
Servers and Workstations
Situation Management Workstation
Confirm Situation Management client is running
X
Confirm daily backups are running
X
Monitor Windows Event Logs- Application- System- Security
X
Performance Checks- CPU- Memory- Page File- Network
X
Anti-virus scan and results check
X
Confirm adequate free disk space
X
Disk clean-up and defrag
X
Workstation
25.00
Time Synchronization
RFP: Security Maintenance and Repair Page 68 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Time Synchronization Check that time server is running.
X
Check all components for the correct time
X
Time Server
11.00
Active Directory Server Check event and performance logs
X
Check available disk space
X
Check memory and processor utilisation
X
Check running services
X
Perform Anti-virus and patch updates as per SOP
X
Check replication logs
X
AD Server
30.00
Situation Management Server Check event and performance logs
X
Check available disk space
X
Check memory and processor utilisation
X
Check running services
X
RFP: Security Maintenance and Repair Page 69 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
Check Database health and performance
X
Confirm all IPSEC services are running
X
Perform Anti-virus and patch updates as per SOP
X
Confirm daily backups are running
X
SM Server
45.00
Access Control Publisher Check event and performance logs
X
Check available disk space
X
Check memory and processor utilisation
X
Check running services
X
Confirm NetKey License server running
X
Confirm SSDI running, communicating and database loaded
X
Confirm Starwatch runs
X
Confirm daily backups are running
X
Perform Anti-virus and patch updates as per SOP
X
RFP: Security Maintenance and Repair Page 70 of 77
Frequency / Avg Time per unit
On Site Remote
Device / Task Description Preventative Maintenance Tasks
Six
Mo
nth
s
An
nu
al
Mo
nth
ly
ACS Publisher
30.00
SPECIALIST ELECTRICAL TASKS
EX rated Equipment Check enclosure and gland integrity X
EX Equipment 5.00
Distribution Boards Check Board structure, cables & cable glands and circuit breakers for damage
or wear X
Distribution Boards 5.00
Electric Fences Inspect fence wire and isolators X
Clear vegetation and debris X
Check energiser for faults and condition X
Electric Fences (Per Zone) 15
RFP: Security Maintenance and Repair Page 71 of 77
APPENDIX 3 SYSTEM AND EQUIPMENT SUMMARY
Section A: Software
Function Vendor Product Version
CCTV Backend Pelco Endura 2.
Access control Ramsdaq Starwatch 5.0.1
Situation management CNL IPSecurity Centre 4.9
System Software
Access control DBMS Microsoft SQL 2008 2008 R2
Server OS Microsoft Server 2008 2008 R2
CCTV DBMS Linux Pelco Proprietary
Storage subsystem O/S Linux Pelco Proprietary
Section B: Hardware
Sites
Short Description HTP MBT TNI VLR WRN TM1 TM2 INOC
Biometric Reader 4 4 4 4 4 2 4
Break glass Unit 29 29 29 10 8 33 73
RFP: Security Maintenance and Repair Page 72 of 77
Sites
Short Description HTP MBT TNI VLR WRN TM1 TM2 INOC
Camera fixed Indoor 14 14 14 6 6 17 26
Camera Fixed outdoor 47 43 42 16 17 52 98
Camera Help point 3 3 3 1 1 5 7
Camera PTZ 10 7 8 4 3 8 14
Card reader 71 70 73 21 19 77 169
CCTV Encoder 3 3 3 1 1 5 7
CCTV Network storage 15 14 14 6 6 17 29
CCTV Power supply 9 8 6 5 5 9 16
Cisco Switch 19 18 16 7 7 17 34 1
Door Monitor 7 7 7
4 10
Electric Fence Energisers 3 2 2 2 2 2 6
Electric Fence Zones 6 4 4 4 4 4 12
Fire system Field Server 1 1 1 1 1 1 1
Gate Motor 2 2 2 2 2 7 3
Intercom master 1 1 1 1 1 1 1 1
Intercom Station 6 6 6 3 3 8 10
RFP: Security Maintenance and Repair Page 73 of 77
Sites
Short Description HTP MBT TNI VLR WRN TM1 TM2 INOC
KVM 1 1 1 1 1 1 1 1
Maglocks 50 40 52 16 16 49 109
PIR 24 24 24 8 8 26 59
Printer 1 1 1
1 1 1
Card Printer
1
Sabre - Dual Zone 7 6 4 3 3 19 31
Server – ACS 1 1 1 1 1 1 1 1
Server – AD 1 1 1 1 1 1 1 1
Server - Backup
1
Server – SM 1 1 1 1 1 1 1 1
Server CCTV 1 1 1 1 1 1 1 1
Time Server
1
Spike Barrier and Boom 1 1 1 1 1 1 1
Starnet ACP 15 14 12 5 5 12 29
Starnet Backplane 17 16 14 6 6 15 35
Starnet IOM 5 4 4 2 2 5 11
RFP: Security Maintenance and Repair Page 74 of 77
Sites
Short Description HTP MBT TNI VLR WRN TM1 TM2 INOC
Starnet PSU 25 24 22 9 9 18 35
Starnet TDEM 19 16 18 5 5 23 41
Time Server 1
Turnstile 1 1 1
1 2
Workstation - Operator 2 2 2 1 1 2 3 1
Workstation – Enrolment 1
CCTV Workstation 1 1 1 1 1 1 1 1
Electrical Db’s 13 16 16 4 4 11 33 1
Junction Boxes 9 11 11 1 1 7 29
Racks 4 4 4 3 3 4 4 1
EXD readers 3 3 3 3
EXD Cameras 4 4 4 3
Blast Proof Doors 22 22 22 25 36
RFP: Security Maintenance and Repair Page 75 of 77
APPENDIX 4 ASSUMPTIONS
All pricing calculations should be based on the following assumptions:
Numbers are for evaluation purposes only and should not be taken as a commitment for work
orders.
This is a new environment and no current statistics are available for trending purposes.
Number of callouts per site per month
Site Software System
Hardware
Gates,
Booms, Etc
Electrical Total
Callouts
per month
Per year
PS1 0.5 1 0.5 0.5 2.5 30
PS3 0.5 1 0.5 0.5 2.5 30
PS5 0.5 1 0.5 0.5 2.5 30
PS7 0 0.25 0.25 0.25 0.75 9
PS8 0 0.25 0.25 0.25 0.75 9
TM1 0.5 1 0.5 0.5 2.5 30
TM2 2 3 1 2 8 96
INOC 5 1 0 0 6 72
Totals 9 8.5 3.5 4.5 25.5 306
Note: Incidents counted under INOC includes remote resolution of site issues.
TRANSNET SOC LIMITED
DRAFT
RFP: Security Maintenance and Repair Page 76 of 77
APPENDIX 5 CMDB FIELD LIST
Field Description Example
Site Name of site PS1
Site_Code 3 letter site code TNI
Area Area where equipment is located (Building Name or perimeter) GHS
Location Physical location of equipment (Portal or Junction box) RCK1
Full_Tag Full reference tag used in software - includes: Site, Location, Device tag PS1-GHS-SW1
Device_Tag Includes device type and reference number (Eg SRV1, CAM9019, etc) SW1
Physical_Tag Tag included on device: Location, Termination, Device GHS-SW1
Drawing_Tag Short Tag used in connection diagrams and rack layouts GHS-SW1
Equip_type Generic Equipment Type Network Switch
Equi_Description Specific Equipment Type 24 Port Switch
Make Manufacturer Cisco
Model Model Name 3560-PS
IP_ADDRESS Device IP address (where applicable) 10.1.59.33
POE_Client Does device make use of POE power No
Exd Is the device EXD protected No
TRANSNET SOC LIMITED
DRAFT
RFP: Security Maintenance and Repair Page 77 of 77
IP_Rating Device IP rating (Where Applicable) N/A
RES Camera Resolution N/A
Mbps Bandwidth requirements N/A
RAM Amount of RAM installed N/A
CPU CPU type and speed N/A
Disk_Space Total installed disk space N/A
O/S Installed O/S and version N/A
DB Installed DB and version N/A
Power
requirements Power consumption in Watts 145