Loading...
Agenda 06/22/2021 Item #11A (RFP#20-7777 w/Presidio Networked Solutions Group, LLC)06/22/2021 EXECUTIVE SUMMARY Recommendation to award Request for Proposal No. 20-7777, Intelligent Transportation Systems (“ITS”) Integrate Standardize Network Communications, to Presidio Networked Solutions Group LLC in the amount of $1,108,362.94 for the purchase, configuration and installation of Cisco network and security equipment, requisite accessories, licensing, maintenance, and technical support (per LAP Agreement FPN 435013-1-98-01) and authorize the Chair to sign the attached Agreement. This contract is companion to Agenda Item 16A1, "Interlocal Agreement with the City of Naples", as required by LAP project 435013-1-98-01. OBJECTIVE: To replace Traffic Operations’ existing network communication and security infrastructure, enabling standardized communication between the Florida Department of Transportation (“FDOT”), the City of Naples, and the Collier County Traffic Operations’ network. CONSIDERATIONS: Seven years ago, staff identified and planned for the replacement of the County’s Traffic Operation network, security infrastructure and associated components (working through the Collier Metropolitan Planning Organization), culminating in the completion of a study in December 2015, known as Project FPN 430868-1, Collier County Network Study & Analysis (Contract #14-6246). By updating the County’s environment to a standardized network, the local agencies and the FDOT will be able to share data, stream video and relocate control of the Advanced Traffic Management Systems to the Emergency Operations Center when required. On June 16, 2020, the FDOT authorized the County to proceed with project number 435013-1-98-01, ITS Integrate/Standardize Network Communication, pursuant to a Local Agency Program Agreement (the “LAP”) with the County. The LAP agreement provided for a project cost in the amount of $1,108,409 and specified a December 31, 2022, completion date. On October 7, 2020, the Procurement Services Division released Request for Proposal (“RFP”) 20-7777 for the “Intelligent Transportation System (ITS) Integrate Standardize Network Communications - Grant Funded Project.” County received two submittals (and two No Bid submittals) by the November 6, 2020, deadline. Procurement staff found both proposers responsive and responsible, and contacted each of them to resolve minor irregularities in their submittals. A selection committee met on December 10, 2020, scored both of the proposals, and ranked them based on the criteria outlined in the solicitation. The evaluation criteria included: (1) Cover Letter/Management Summary, (2) Statement of Work, (3) Cost of Services, (4) Experience and Capacity of the Firm, and (5) Specialized Expertise of Team Members. Both proposers provided a minimum of three references, from clients of a similar size, for which that firm provided services similar in scope and complexity within the past three years. After review of the proposals and deliberation, the selection committee ranked the proposals as follows: Company Name City County State Final Ranking Responsive/Responsible Presidio Network Solutions LLC Oakland Park Broward FL 1 Yes/Yes Netsync Network Solutions Inc. Miami Beach Miami-Dade FL 2 Yes/Yes American Safety Utility Corp Shelby Cleveland NC N/A No Bid IVS, Inc. AngelTrax Dothan Houston AL N/A No Bid Staff is recommending the award of this “RFP” to Presidio Network Solutions LLC. The grantor agency has reviewed the recommendation and deemed it acceptable. Presidio has provided technology solutions for over 20 years and has was awarded Premier partnership with Cisco, which upgraded them to a “Gold Partner” status in 2001. Over the last 18 months, they have accomplished similar work within Collier 11.A Packet Pg. 36 06/22/2021 County with the Collier County Sheriff, Networking consulting for the Collier County Board of County Commissioners and the Collier County School District. FISCAL IMPACT: Funding for this contract, in the amount of $1,108,362.94, is available within the Transportation Grant Fund 711, Project 33666. The funding source is grant funds from the Federal Highway Authority with those grant dollars being passed through the FDOT under the LAP agreement. There is no local match required. GROWTH MANAGEMENT IMPACT: This recommendation is consistent with the County’s Growth Management objectives and produces no negative impact. LEGAL CONSIDERATIONS: This item is approved as to form and legality and requires majority vote for Board approval. -SRT RECOMMENDATION: To award Request for Proposal No. 20-7777, Intelligent Transportation Systems (ITS) Integrate Standardize Network Communications, to Presidio Networked Solutions Group LLC in the amount of $1,108,362.94 for the purchase, configuration and installation of Cisco network and security equipment, requisite accessories, licensing, maintenance, and technical support (per LAP Agreement FPN 435013-1-98-01) and authorize the Chair to sign the attached Agreement. Prepared by: Pierre-Marie Beauvoir, Signal Systems Network Specialist, Transportation Engineering Division Presenter: Anthony Khawaja ATTACHMENT(S) 1. 20-7777 - Presidio-Proposal (PDF) 2. 20-7777 PresidioNetworked_Insurance_5-10-21 (PDF) 3. 20-7777 Solicitation (RFP) 10-6-20 (PDF) 4. 20-7777 Final Rank (PDF) 5. 20-7777 NORA (Flattened) (PDF) 6. 20-7777 PresidioNetworkedSolutions_Contract_VendorSigned (PDF) 7. [Linked] 435013-1 Executed LAP Agreement & NTP (PDF) 11.A Packet Pg. 37 06/22/2021 COLLIER COUNTY Board of County Commissioners Item Number: 11.A Doc ID: 15842 Item Summary: Recommendation to award Request for Proposal No. 20-7777, Intelligent Transportation Systems (ITS) Integrate Standardize Network Communicat ions, to Presidio Networked Solutions Group LLC in the amount of $1,108,362.94 for the purchase, configuration and installation of Cisco network and security equipment, requisite accessories, licensing, maintenance, and technical support (per LAP Agreement FPN 435013-1-98-01) and authorize the Chair to sign the attached Agreement. (This contract is companion to Agenda Item 16A1, "Interlocal Agreement with the City of Naples", as required by LAP project 435013-1-98-01). (Anthony Khawaja, Chief Engineer Traffic Operations) Meeting Date: 06/22/2021 Prepared by: Title: Signal Systems Network Specialist – Transportation Engineering Name: Pierre Beauvoir 05/11/2021 12:18 PM Submitted by: Title: Division Director - Transportation Eng – Transportation Engineering Name: Jay Ahmad 05/11/2021 12:18 PM Approved By: Review: Procurement Services Ana Reynoso Level 1 Purchasing Gatekeeper Completed 05/11/2021 1:34 PM Growth Management Department Lissett DeLaRosa Growth Management Department Completed 05/11/2021 4:24 PM Procurement Services Barbara Lance Additional Reviewer Completed 05/12/2021 9:46 AM Transportation Engineering Jay Ahmad Additional Reviewer Completed 05/12/2021 11:06 AM Procurement Services Sue Zimmerman Additional Reviewer Completed 05/12/2021 10:31 PM Procurement Services Sandra Herrera Additional Reviewer Completed 05/13/2021 12:40 PM Growth Management Department Anthony Khawaja Additional Reviewer Completed 05/13/2021 3:21 PM Growth Management Department James C French Growth Management Skipped 05/13/2021 4:00 PM Growth Management Operations Support Christopher Johnson Additional Reviewer Completed 05/18/2021 9:29 AM Growth Management Department Lisa Abatemarco Additional Reviewer Completed 05/18/2021 9:34 AM Grants Valerie Fleming Level 2 Grants Review Completed 05/20/2021 11:14 AM Growth Management Department Trinity Scott Transportation Completed 05/28/2021 10:00 AM County Attorney's Office Scott Teach Additional Reviewer Completed 06/01/2021 10:28 AM 11.A Packet Pg. 38 06/22/2021 Grants Carrie Kurutz Additional Reviewer Completed 06/07/2021 3:18 PM Office of Management and Budget Debra Windsor Level 3 OMB Gatekeeper Review Completed 06/07/2021 4:05 PM County Attorney's Office Jeffrey A. Klatzkow Level 3 County Attorney's Office Review Completed 06/07/2021 4:35 PM Grants Erica Robinson Additional Reviewer Completed 06/14/2021 10:24 AM Office of Management and Budget Susan Usher Additional Reviewer Completed 06/14/2021 10:37 AM County Manager's Office Amy Patterson Level 4 County Manager Review Completed 06/14/2021 3:57 PM Board of County Commissioners Geoffrey Willig Meeting Pending 06/22/2021 9:00 AM 11.A Packet Pg. 39 SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF, NOTICE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS. INSURER(S) AFFORDING COVERAGE INSURER F : INSURER E : INSURER D : INSURER C : INSURER B : INSURER A : NAIC # NAME:CONTACT (A/C, No):FAX E-MAILADDRESS: PRODUCER (A/C, No, Ext):PHONE INSURED REVISION NUMBER:CERTIFICATE NUMBER:COVERAGES IMPORTANT: If the certificate holder is an ADDITIONAL INSURED, the policy(ies) must have ADDITIONAL INSURED provisions or be endorsed. If SUBROGATION IS WAIVED, subject to the terms and conditions of the policy, certain policies may require an endorsement. A statement on this certificate does not confer rights to the certificate holder in lieu of such endorsement(s). THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW. THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER. OTHER: (Per accident) (Ea accident) $ $ N / A SUBR WVD ADDL INSD THIS IS TO CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICATED. NOTWITHSTANDING ANY REQUIREMENT, TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN, THE INSURANCE AFFORDED BY THE POLICIES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES. LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS. $ $ $ $PROPERTY DAMAGE BODILY INJURY (Per accident) BODILY INJURY (Per person) COMBINED SINGLE LIMIT AUTOS ONLY AUTOSAUTOS ONLY NON-OWNED SCHEDULEDOWNED ANY AUTO AUTOMOBILE LIABILITY Y / N WORKERS COMPENSATION AND EMPLOYERS' LIABILITY OFFICER/MEMBER EXCLUDED? (Mandatory in NH) DESCRIPTION OF OPERATIONS below If yes, describe under ANY PROPRIETOR/PARTNER/EXECUTIVE $ $ $ E.L. DISEASE - POLICY LIMIT E.L. DISEASE - EA EMPLOYEE E.L. EACH ACCIDENT EROTH-STATUTEPER LIMITS(MM/DD/YYYY)POLICY EXP(MM/DD/YYYY)POLICY EFFPOLICY NUMBERTYPE OF INSURANCELTRINSR DESCRIPTION OF OPERATIONS / LOCATIONS / VEHICLES (ACORD 101, Additional Remarks Schedule, may be attached if more space is required) EXCESS LIAB UMBRELLA LIAB $EACH OCCURRENCE $AGGREGATE $ OCCUR CLAIMS-MADE DED RETENTION $ $PRODUCTS - COMP/OP AGG $GENERAL AGGREGATE $PERSONAL & ADV INJURY $MED EXP (Any one person) $EACH OCCURRENCE DAMAGE TO RENTED $PREMISES (Ea occurrence) COMMERCIAL GENERAL LIABILITY CLAIMS-MADE OCCUR GEN'L AGGREGATE LIMIT APPLIES PER: POLICY PRO-JECT LOC CERTIFICATE OF LIABILITY INSURANCE DATE (MM/DD/YYYY) CANCELLATION AUTHORIZED REPRESENTATIVE ACORD 25 (2016/03) © 1988-2015 ACORD CORPORATION. All rights reserved. CERTIFICATE HOLDER The ACORD name and logo are registered marks of ACORD HIRED AUTOS ONLY 3/30/2021 McGriff Insurance Services 2500 Renaissance Blvd Suite100 King Of Prussia PA 19406-2639 Cheryl Fala 610-279-8550 610-279-8543 cfala@mcgriff.com Federal Insurance Company 20281 150PRESIINC Great Northern Insurance Company 20303BCEC-Port Holdings (Delaware)LP Presidio Inc. 12100 Sunset Hills Road -Suite 300 Reston VA 20190 Chubb Custom Insurance Company 38989 American Zurich Insurance Company 40142 Allied World Specialty InsuranceCompany 16624 641283244 B X 1,000,000 X 1,000,000 X Contractual Liab 10,000 1,000,000 2,000,000 X Y 35852422 10/1/2020 10/1/2021 2,000,000 B 1,000,000 X X Comp $1,000 X Coll $1,000 73543321 10/1/2020 10/1/2021 A X X 25,000,0007985702310/1/2020 10/1/2021 25,000,000 X 0 D XWC9809259073/1/2021 3/1/2022 1,000,000 1,000,000 1,000,000 C E Prof,E&O,Cyber Excess Prof,E&O,Cyber D95452796 03125449 10/1/2020 10/1/2020 10/1/2021 10/1/2021 Per claim/Agg Per claim/Agg $10,000,000 $10,000,000 Named Insureds: BCEC-Port Holdings (Delaware)LP Port Holdo Inc. Port Midco,LLC Presidio,Inc. Presidio Holdings Inc. Presidio IS LLC Presidio LLC See Attached... Collier County 3295 Tamiami Trail East Bldg.C2 Naples FL 34112 11.A.2 Packet Pg. 40 Attachment: 20-7777 PresidioNetworked_Insurance_5-10-21 (15842 : 20-7777 Presidio Contract) ACORD 101 (2008/01) The ACORD name and logo are registered marks of ACORD © 2008 ACORD CORPORATION. All rights reserved. THIS ADDITIONAL REMARKS FORM IS A SCHEDULE TO ACORD FORM, FORM NUMBER:FORM TITLE: ADDITIONAL REMARKS ADDITIONAL REMARKS SCHEDULE Page of AGENCY CUSTOMER ID: LOC #: AGENCY CARRIER NAIC CODE POLICY NUMBER NAMED INSURED EFFECTIVE DATE: 150PRESIINC 1 1 McGriff Insurance Services BCEC-Port Holdings (Delaware)LP Presidio Inc. 12100 Sunset Hills Road -Suite 300 Reston VA 20190 25 CERTIFICATE OF LIABILITY INSURANCE Presidio Capital Funding LLC Presidio Networked Solutions LLC Presidio Technology Capital,LLC Presidio Government Solutions LLC Presidio Networked Solutions Group,LLC 3rd Ave.Creative Marketing &Branding LLC Collier County is included as additional insured for the general liability policy if required by written contract and subject to policy terms and conditions. 11.A.2 Packet Pg. 41 Attachment: 20-7777 PresidioNetworked_Insurance_5-10-21 (15842 : 20-7777 Presidio Contract) COLLIER COUNTY BOARD OF COUNTY COMMISSIONERS REQUEST FOR PROPOSAL (RFP) FOR INTELLIGENT TRANSPORTATION SYSTEM (ITS) INTEGRATE STANDARDIZE NETWORK COMMUNICATIONS - GRANT FUNDED- SOLICITATION NO.: 20-7777 BARBARA LANCE, PROCUREMENT STRATEGIST PROCUREMENT SERVICES DIVISION 3295 TAMIAMI TRAIL EAST, BLDG C-2 NAPLES, FLORIDA 34112 TELEPHONE: (239) 252-8998 Barbara.Lance@colliercountyfl.gov (Email) This solicitation document is prepared in a Microsoft Word format (Rev 8/7/2017). Any alterations to this document made by the Vendor may be grounds for rejection of proposal, cancellation of any subsequent award, or any other legal remedies available to the Collier County Government. 11.A.3 Packet Pg. 42 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 2 SOLICITATION PUBLIC NOTICE REQUEST FOR PROPOSAL (RFP) NUMBER: 20-7777 PROJECT TITLE: ITS Integrate Standardize Network Communications PRE-PROPOSAL CONFERENCE: October 20, 2020 @ 11:00 am LOCATION: PROCUREMENT SERVICES DIVISION, CONFERENCE ROOM A, 3295 TAMIAMI TRAIL EAST, BLDG C-2, NAPLES, FLORIDA 34112 DUE DATE: November 6, 2020 @ 3:00 pm PLACE OF RFP OPENING: PROCUREMENT SERVICES DIVISION 3295 TAMIAMI TRAIL EAST, BLDG C-2 NAPLES, FL 34112 All proposals shall be submitted online via the Collier County Procurement Services Division Online Bidding System: https://www.bidsync.com/bidsync-cas/ INTRODUCTION As requested by the Transportation Engineering Division (hereinafter, the “Division”), the Collier County Board of County Commissioners Procurement Services Division (hereinafter, “County”) has issued this Request for P roposal (hereinafter, “RFP”) with the intent of obtaining proposals from interested an d qualified vendors in accordance with the terms, conditions and specifications stated or attached. The vendor, at a minimum, must achieve the requirements of the Specificat ions or Scope of Work stated. Historically, County departments have spent approximately $1,108,409; however, this may not be indicative of future buying patterns. BACKGROUND The County has received approval from the Board of County Commissioners, approving a Local Area Program (LAP) Agreement with the Florida Department of Transportation (FDOT) to update and standardize the Intelligent Transportation System (ITS). The purpose of the project is to procure, install and configure Network Equipment and Networ k Professional Engineering services from a vendor, to update the existing network architecture and standardize on a single manufacturer platform , with consistent network design. By creating a standardized network design, the local agencies and the Florida Department of Transportation (FDOT) will be able to relocate Automated Traffic Management System (ATMS) control and video feeds to the Emergency Services Center (ESC) in emergency situations. The requested equipment and services are for network connectivity between each of the state agencies’ network environments FDOT, the City of Naples and Collier County as per the “FDOT Recommendations Report, Regional (Intelligent Transportation System) ITS Network Review, FDOT District One/Collier County/City of Naples June 14 2019|Version 3.0” (report available upon request). TERM OF CONTRACT The contract term, if an award(s) is/are made is intended to be for three (3) years with two (2) one (1) year renewal options. Prices shall remain firm for the initial term of this contract. The County Manager, or designee, may, at his discretion, extend the Agreement under all of the terms and conditions contained in this Agreement for up to one hundred eighty (180) days. The County Manager, or designee, shall give the Contractor written notice of the County's intention to extend the Agreement term not less than ten (10) days prior to the end of the Agreement term the n in effect. All goods are FOB (Freight On Board) destination and must be suitably packed and prepared to secure the lowest transportation rates and to comply with all carrier regulations. Risk of loss of any goods sold hereunder shall transfer to the COUNTY at the time and place of delivery; provided that risk of loss prior to actual receipt of the goods by the COUNTY nonetheless remain with VENDOR. 11.A.3 Packet Pg. 43 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 3 DETAILED SCOPE OF WORK Procurement of Network Professional Engineering services are to develop and implement an updated Network Architecture for the County’s Regional Wide Area Network (WAN) to include the following agencies: • Collier County Traffic Operations Data Center • Collier County Emergency Operations Center (EOC) • FDOT District 1 Regional Traffic Management Center (TMC) The services, equipment, labor and vendor requirements are listed below: • Engineering Services is listed under “EXHIBIT A: Project Description and Responsibilities” • Network Equipment List is listed under section “EXHIBIT B: Proposed Equipment List” • Breakdown of labor requirements per technology and service is listed under section “EXHIBIT C: Labor Requirements” • Vendor requirements are listed under “EXHIBIT D: Vendor Requirements” 11.A.3 Packet Pg. 44 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 4 EXHIBIT “A” PROJECT DESCRIPTION AND RESPONSIBILITES Due to the complexity and interoperability of the proposed solution , Collier County Traffic Operations (CCTO) is seeking a single vendor to provide all products and services requested. The vendor is expected to complete a turnkey solution and perform all required duties, resulting in a fully functional system. The vendor will coordinate and manage the entire project and engage all necessary parties including, but not limited to, CCTO staff and network equipment manufacturers. The vendor will coordinate a thorough site survey of each location prior to installation. The vendor will coordinate scheduling with consideration of impact on business operations, to include, after normal work hours. Except as otherwise specifically provided in the Request for Proposal (RFP), the vendor will design, develop, and deliver a fully operable, comprehensive, integrated network solution which meets all of the requirements set forth in this RFP. The vendor may present their proposed solution and implementation methodology for acceptance by the County as set forth in this RFP. CCTO operates the Counties’ traffic system and management of traffic systems within Collier County, Florida. The CCTO currently utilizes a network consisting of Cisco and non -Cisco network devices to manage and operate the traffic systems. Several of the network switching, routing and security components have been in operation for several years and have reached End -of-Support milestones from the manufacturer. CCTO has chosen to standardize with a single manufacturer for security hardware/applications and network devices. Included with this RFP is the approved recommended hardware replacements for the equipment refresh. In addition to the equipment refresh, CCTO needs assistance with reconfiguring the current network topology. CCTO is looking to transition from a flat layer 2 to a scalable layer 3 network. Pushing routing architecture on the hubs will provide faster application response for traffic light devices and sensors. In addition, the newly ruggedized Cisco IE3300 switches will provide robust management functions. Locations: Work will be done at the following locations. Site Name Address On-Site / Remote Services Collier Traffic TMC 2885 Horseshoe Drive South, Naples, FL Onsite/Remote Six (6) Hub locations Identified in design and planning Onsite/Remote 215 Traffic Lights Identified in design and planning Onsite/Remote The current CCTO network is made up of a combination of Cisco Catalyst switches, including models from the 6500 series, ME3400 series, and 2950 series. Most of these models have passed End -of-Sale (EOS) status with Cisco and many have passed their End-of- Life (Last Day of Support) milestone. CCTO is requesting to replace all EOS equipment with current switching solutions. At the network core, the recommended replacement of the current single 6509 switch located at the TMC building, with a pair o f Catalyst 9500-24YC4 model switches and a pair of Catalyst 9300 model switches for replacing the current single 48 ports 6509 copper blade. Two Catalyst 9500-24YC series switches will be deployed to replace the current 6509 series switch. The 9500 -24YC series switches will be deployed with two 100-gigabit interconnects between them, using passive copper and provisioned with logical stacking via Cisco Stackwise Virtual (single 10G passive copper used for Dual Active). The 9500 -24YC series core switches will interconnect all downstream distribution 9500-16X hub switches at 10Gbit (split 3 9500-16X’s to one 9500-24YC and 3 to the other 9500-24YC in a StackWise configuration), firewalls, data center servers and services. Downstream of the hub switches are the traffic lights leveraging the IE3300 ruggedized switches connected using 1Gbit single mode fiber. At the hub distribution layer, existing six ME3400 switc hes will be replaced with Catalyst 9500-16X switches. Each of the six (6) hub 9500-16X switches will be a layer 3 boundary for “n” number for traffic lights, directly interconnected and loopback the respective hub. Each hub will interconnect the neighbor ing hub for redundancy back to the core. The hub switches will migrate from a layer 2 to a layer 3 topology, reducing the fault domains for traffic lights connected to the respective hub. An IGP will be used to interconnect the hub to the core. Hub to core will also be routed. In addition to the hardware refresh, CCTO has requested assistance to reconfigure the current logical network topology that u ses flat layer-2 switching to the core with a routed layer -3 topology that brings IP routing features closer to the access-layer. New VLANs (Virtual Local Area Network) and IP subnets will be implemented to segment each the IE3300 switches per respective hub 9500 - 16X with unique IP subnets and switched VLANs, reducing layer 2 VLANs spanned between multiple ac cess layer switches. To accomplish this requirement, the new distribution layer switches will be configured with dynamic routing of localized network segments using either OSPF or EIGRP routing protocols. Downstream IE3300 switches will still be serviced via layer-2 VLAN switching from the distribution layer. A total of 215 IE3300 switches will be configured in this effort, aligning new VLAN assignments to access ports and uplink trunks as needed for network uplinks. 11.A.3 Packet Pg. 45 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 5 Network security will be upgraded, currently using a single ASA5506 firewall for internet access and remote access VPN, a pair of Cisco FTD2130’s will used to provide security transport to the internet, in addition , provide granular control using Firepower services, leveraging Next Generation services for URL, IPS and AMP. URL filtering provides content control for user access, NGIPS and Anti-Malware (AMP). Cisco ISE will be leveraged for network access, authentication and authorization. In addition to the AD integrated access so lution, ISE will also be used for TACACS for device administration. The EOC building, provides CCTO connectivity to FDOT and Collier B oard of County Commissioners’ networks. An updated network switching, and security infrastructure will provide access and secure access to these networks. A Catalyst 9300 will be installed and configured; segmentation will be leveraged back via TMC. The vendor will work with the CCTO team to conduct design and staging work in advance of migration efforts. Due to the operational requirements of the facility, installation and migration efforts will need to occur during scheduled maintenance windows that may include nights and weekends. The vendor’s team will provide day one (1) support for post-migration operations per milestones. 11.A.3 Packet Pg. 46 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 6 Please note the “Service Duration Term” (in months) column for each part listed in the below. The “Proposed Equipment List” is a minimal representation of the parts needed and may not reflect the latest technology. The Support quoted Must match the duration term. EXHIBIT “B” PROPOSED EQUIPMENT LIST Qty Part Number Description Service Duration (Months) TMC FTD Security Edge 1 FPR2130-FTD-HA-BUN Cisco Firepower 2130 Threat Defense Chss,Subs HA Bundle - 2 FPR2130-NGFW-K9 Cisco Firepower 2130 NGFW Appliance, 1U, 1 x NetMod Bay - 2 CON-SNT-FPR2130W SNTC-8X5XNBD Cisco Firepower 2130 NGFW Appliance, 1U, 36 2 FPR2K-PWR-AC-400 Firepower 2000 Series 400W AC Power Supply - 2 FPR2K-SSD200 Firepower 2000 Series SSD for FPR-2130/2140 - 2 FPR2K-PWR-AC-400 Firepower 2000 Series 400W AC Power Supply - 2 SF-F2K-TD6.3-K9 Cisco Firepower Threat Defense software v6.3 for FPR2100 - 2 FPR2K-SLIDE-RAILS Firepower 2000 Slide Rail Kit - 2 FPR2K-NM-BLANK Firepower 2000 Series Network Module Blank Slot Cover - 2 FPR2K-SSD-BBLKD Firepower 2000 Series SSD Slot Carrier - 4 CAB-AC AC Power Cord (North America), C13, NEMA 5-15P, 2.1m - 2 FPR2K-FAN Firepower 2000 Series Fan Tray - 2 L-FPR2130T-TMC= Cisco FPR2130 Threat Defense Threat, Malware and URL License - 2 L-FPR2130T-TMC-3Y Cisco FPR2130 Threat Defense Threat, Malware and URL 3Y Subs 36 Remote Users Secure Access- VPN 25 L-AC-PLS-LIC= Cisco AnyConnect Plus Term License, Total Authorized Users - 25 L-AC-PLS-3Y-S1 Cisco AnyConnect Plus License, 3YR, 25-99 Users 36 TMC Core Replacement 2 C9500-24Y4C-A Catalyst 9500 24x1/10/25G and 4-port 40/100G, Advantage - 2 CON-SNT-C95024YA SNTC-8X5XNBD Catalyst 9500 24-port 25/100G only, Adva 36 4 C9K-T1-FANTRAY Catalyst 9500 Type 4 front to back cooling Fan - 2 C9K-PWR-650WAC-R/2 650W AC Config 4 Power Supply front to back cooling - 2 NETWORK-PNP-LIC Network Plug-n-Play Connect for zero-touch device deployment - 2 S9500UK9-169 UNIVERSAL - 4 CAB-9K12A-NA Power Cord, 125VAC 13A NEMA 5-15 Plug, North America - 2 C9500-DNA-24Y4C-A C9500 DNA Advantage, Term License - 2 C9500-DNA-L-A-3Y Cisco Catalyst 9500 DNA Advantage 3 Year License 36 2 C9K-PWR-650WAC-R 650W AC Config 4 Power Supply front to back cooling - 6 PI-LFAS-T Prime Infrastructure Lifecycle & Assurance Term - Smart Lic - 6 PI-LFAS-AP-T-3Y PI Dev Lic for Lifecycle & Assurance Term 3Y 36 2 C9K-F1-SSD-BLANK Cisco pluggable SSD storage - 2 C9500-NW-A C9500 Network Stack, Advantage - 2 C9300L-48P-4X-E Catalyst 9300L 48p PoE, Network Essentials ,4x10G Uplink - 2 CON-SNT-C93004X4P SNTC-8X5XNBD Catalyst 9300L 48p P 36 2 S9300LUK9-1612 Cisco Catalyst 9300L XE 16.12 UNIVERSAL - 2 PWR-C1-715WAC-P/2 715W AC 80+ platinum Config 1 SecondaryPower Supply - 2 PWR-C1-715WAC-P 715W AC 80+ platinum Config 1 Power Supply - 2 C9300L-DNA-E-48 C9300L Cisco DNA Essentials, 48-port license - 2 C9300L-DNA-E-48-3Y C9300L Cisco DNA Essentials, 48-port, 3 Year Term license 36 2 C9300L-NW-E-48 C9300L Network Essentials, 48-port license - 2 NETWORK-PNP-LIC Network Plug-n-Play Connect for zero-touch device deployment - 4 C9300L-STACK-BLANK Catalyst 9300L Blank Stack Module - 11.A.3 Packet Pg. 47 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 7 EXHIBIT “B” (continued) PROPOSED EQUIPMENT LIST 4 CAB-TA-NA North America AC Type A Power Cable - 2 C9300L-SSD-NONE No SSD Card Selected - 6 FAN-T2 Cisco Type 2 Fan Module - 4 SFP-H10GB-CU2M= 10GBASE-CU SFP+ Cable 2 Meter - 2 SFP-H10GB-CU1M= 10GBASE-CU SFP+ Cable 1 Meter - 2 QSFP-100G-CU1M= 100GBASE-CR4 Passive Copper Cable, 1m - 12 SFP-H10GB-CU3M= 10GBASE-CU SFP+ Cable 3 Meter - 8 GLC-TE= 1000BASE-T SFP transceiver module for Category 5 copper wire - TMC ISE (NAC) 2 R-ISE-VMS-K9= Cisco ISE Virtual Machine Small - 2 CON-ECMUS-RISEV9SM SOLN SUPP SWSS Cisco ISE Virtual Machine Small 36 1 L-ISE-BSE-PLIC Cisco ISE Base License - 300 L-ISE-BSE-P2 Cisco ISE Base License - Sessions 250 to 499 - 300 L-ISE-PLS-LIC= Cisco ISE Plus License - 300 L-ISE-PLS-3Y-S2 Cisco ISE Plus License, 3Y, 250 - 499 Sessions 36 2 L-ISE-TACACS-ND= Cisco ISE Device Admin Node License - Intersection Hubs Aggregation Switches 6 C9500-16X-A Catalyst 9500 16-port 10Gig switch, Advantage - 6 CON-SNT-C95K16XA SNTC-8X5XNBD Catalyst 9500 16-por 36 6 S9500UK9-169 UNIVERSAL - 12 CAB-TA-NA North America AC Type A Power Cable - 6 C9500-NM-BLANK Catalyst 9500 network module blank cover - 6 C9500-DNA-16X-A C9500 DNA Advantage, Term licenses - 6 C9500-DNA-L-A-3Y Cisco Catalyst 9500 DNA Advantage 3 Year License 36 6 PWR-C4-950WAC-R/2 950W AC Config 4 Power Supply front to back cooling - 6 C9500-NW-A C9500 Network Stack, Advantage - 6 PWR-C4-950WAC-R 950W AC Config 4 Power Supply front to back cooling - 6 NETWORK-PNP-LIC Network Plug-n-Play Connect for zero-touch device deployment - 18 PI-LFAS-T Prime Infrastructure Lifecycle & Assurance Term - Smart Lic - 18 PI-LFAS-AP-T-3Y PI Dev Lic for Lifecycle & Assurance Term 3Y 36 30 SFP-10G-ZR-S= 10GBASE-ZR SFP Module, Enterprise-Class - Intersection Switches 250 IE-3300-8T2S-E Catalyst IE3300 with 8 GE Copper and 2 GE SFP, Modular, NE - 1 CON-SNT-IE33008E SNTC-8X5XNBD Catalyst IE3300 Rugged Series Modular Sy 36 250 IOT-TRANSPORTATION Transportation Industry Solutions; For tracking only. - 250 IOT-MASS-TRANSIT Mass Transit; For tracking only. - 250 PWR-IE50W-AC-IEC AC Power Module w/ IEC Plug - 250 IE3300-DNA-E Cisco DNA Essentials license for IE3300 Series - 250 IE3300-DNA-E-3Y IE 3300 DNA Essentials, 3 Year Term license 36 250 IEM-3300-8T= Catalyst IE3300 with 8 GE Copper ports, Expansion Module - 435 GLC-LX-SM-RGD= 1000Mbps Single Mode Rugged SFP - 20 GLC-ZX-SM-RGD= 1000BASE-ZX Single Mode RuggedSFP - Collier BOCC (EOC) Switch upgrade 1 C9300L-24T-4X-E Catalyst 9300L 24p data, Network Essentials ,4x10G Uplink - 1 CON-SNT-C92TXEL0 SNTC-8X5XNBD Catalyst 9300L 24p data, Network Essenti 36 1 C9300L-SSD-NONE No SSD Card Selected - 11.A.3 Packet Pg. 48 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 8 EXHIBIT “B” (continued) PROPOSED EQUIPMENT LIST 1 S9300LUK9-1612 Cisco Catalyst 9300L XE 16.12 UNIVERSAL - 1 C9300L-STACK-KIT Cisco Catalyst 9300L Stacking Kit - 1 C9300L-DNA-E-24 C9300L Cisco DNA Essentials, 24-port license - 1 C9300L-DNA-E-24-3Y C9300L Cisco DNA Essentials, 24-port, 3 Year Term license 36 1 NETWORK-PNP-LIC Network Plug-n-Play Connect for zero-touch device deployment - 1 PWR-C1-350WAC-P/2 350W AC 80+ platinum Config 1 Secondary Power Supply - 1 PWR-C1-350WAC-P 350W AC 80+ platinum Config 1 Power Supply - 2 CAB-TA-NA North America AC Type A Power Cable - 2 C9300L-STACK Catalyst 9300L Stack Module - 1 STACK-T3-50CM 50CM Type 3 Stacking Cable for C9300L - 1 C9300L-NW-E-24 C9300L Network Essentials, 24-port license - 3 FAN-T2 Cisco Type 2 Fan Module - DNA Management Appliance 1 DN2-HW-APL Cisco DNA Center Appliance (Gen 2) - 44 Core - 1 CON-SSSNT-DN2HWPL SOLN SUPP 8X5XNBD DNA Center Appliance (Gen 2) 36 2 DN2-SD480GM1X-EV 480 GB 2.5 inch Enterprise Value 6G SATA SSD - 8 DN2-SD19TM1X-EV 1.9TB 2.5 inch Enterprise Value 6G SATA SSD - 2 DN2-PSU1-770W Cisco UCS 770W AC Power Supply for Rack Server - 1 DN2-PCIE-IQ10GF Intel X710 quad-port 10G SFP+ NIC - 1 DN2-PCIE-ID10GF Intel X710-DA2 dual-port 10G SFP+ NIC - 1 DN2-MSTOR-SD Mini Storage Carrier for SD (holds up to 2) - 2 SFP-H10GB-CU3M 10GBASE-CU SFP+ Cable 3 Meter - 2 DN2-CPU-6152 2.1 GHz 6152/140W 22C/30.25MB Cache/DDR4 2666MHz - 2 CAB-9K12A-NA Power Cord, 125VAC 13A NEMA 5-15 Plug, North America - 1 DN2-SD-64G-S 64GB SD Card for UCS Servers - 1 DNA-SW-1.3 Cisco DNA Center SW 1.3 - 8 DN2-MR-X32G2RS-H 32GB DDR4-2666-MHz RDIMM/PC4-21300/dual rank/x4/1.2v - 1 DN2-RAID-M5 Cisco 12G Modular RAID controller with 2GB cache - 1 DN2-TPM2-002 Trusted Platform Module 2.0 for UCS servers - City of Naples Switching upgrades 3 C9200L-24T-4X-E Catalyst 9200L 24-port data, 4 x 10G ,Network Essentials - 3 CON-SSSNT-C920L24X SOLN SUPP 8X5XNBD Catalyst 9200L 24-port data, 4 x 10G ,Ne 36 3 C9200L-DNA-E-24 C9200L Cisco DNA Essentials, 24-port Term license - 3 C9200L-DNA-E-24-3Y C9200L Cisco DNA Essentials, 24-port, 3 Year Term license 36 3 C9200L-NW-E-24 C9200L Network Essentials, 24-port license - 6 CAB-TA-NA North America AC Type A Power Cable - 3 STACK-T4-50CM 50CM Type 4 Stacking Cable - 3 NETWORK-PNP-LIC Network Plug-n-Play Connect for zero-touch device deployment - 3 PWR-C5-125WAC/2 125W AC Config 5 Power Supply - Secondary Power Supply - 6 C9200-STACK Catalyst 9200 Stack Module - 3 C9200L-STACK-KIT Cisco Catalyst 9200L Stack Module - 20 GLC-LX-SM-RGD= 1000Mbps Single Mode Rugged SFP - City of Naples Firewall 1 FPR1140-FTD-HA-BUN Cisco Firepower 1140 Threat Defense Chss,Subs HA Bundle - 2 FPR1140-NGFW-K9 Cisco Firepower 1140 NGFW Appliance, 1U - 2 CON-SSSNT-FR11P40N SOLN SUPP 8X5XNBD Cisco Firepower 1140 NGFW Appliance, 1U 36 2 FPR1000-ASA Cisco Firepower 1000 Standard ASA License - 2 CAB-AC AC Power Cord (North America), C13, NEMA 5-15P, 2.1m - 11.A.3 Packet Pg. 49 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 9 EXHIBIT “B” (continued) PROPOSED EQUIPMENT LIST 2 SF-F1K-TD6.5-K9 Cisco Firepower Threat Defense software v6.5 for FPR1000 - 2 FPR1K-RM-ACY-KIT Cisco Firepower 1K Series Accessory Kit for FPR-1120/1140 - 2 FPR1K-RM-SSD200- Cisco Firepower 1K Series 200GB for FPR-1120/1140 - 2 L-FPR1140T-TMC= Cisco FPR1140 Threat Defense Threat, Malware and URL License - 2 L-FPR1140T-TMC-3Y Cisco FPR1140 Threat Defense Threat, Malware and URL 3Y Subs 36 FirePower Management Center (FMC) Firewall Management 1 SF-FMC-VMW-10-K9 Cisco Firepower Management Center, (VMWare) for 10 devices - 1 CON-ECMUS-SFFMCK9V SOLN SUPP SWSS Cisco Firepower Management Center, (VMWa 36 Training Credits 300 TRN-CLC-004 1 Training credit. Expires in 1 yr. Team Captain required 12 Summary of Infrastructure Hardware - CCTO Qty. 2 Firepower 2130 firewalls Qty. 1 Firepower Management Console Qty. 25 AnyConnect VPN Access Licenses Qty. 2 Catalyst 9500 24 port switches for Core Qty. 2 Catalyst 9300 48 port switches for Core blade replacements Qty. 2 ISE Virtual Appliances Qty. 300 ISE Base License Qty. 300 ISE Plus License Qty. 6 Catalyst 9500 16 port switches for HUB sites Qty. 250 (215 intersections; 35 spares) IE 3300 with 8port modules for a total of 16 ports switches Qty. 1 Catalyst 9300 24 port for DR site (EOC Bldg.) Qty. 2 Firepower 1140 firewalls (City of Naples) Qty. 3 9200-24T (City of Naples) 11.A.3 Packet Pg. 50 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 10 EXHIBIT “C” LABOR REQUIREMENTS Scope of Service This service provides for the installation and implementation of Cisco network switch(es) and security devices, purchased in conjunction with this service, up to the quantity as defined by the proposed equipment list. This service includes the following: Physical installation and configuration of each Supported Product in accordance with specific CCTO’s environmental needs to ensure that the device is ready for implementation in the CCTO’s IP network environment. Services to include (but not limited to): • Configure the equipment according to the County’s requirements • Create device configuration templates based on planning/design sessions • Develop naming convention, VLAN, IP addressing and routing schemes • Develop and define Network segmentation, e.g. VRF light • Develop IP routing information to include IGP (e.g. OSPF v2/v3, summarization, BFD, adjacency authentication MD5/IPSEC, etc.) • Develop QoS plan and identify systems and application requirements • Migration of existing systems to new network design • Security of the network equipment, including AAA, SSH/TELNET and local user accounts • TACACS integration with Cisco ISE • Integration with existing and new management systems, Solarwinds, DNA Center, etc. • Integration with ISE for authentication and authorizat ion via MS AD • Develop secure access e.g. VPN • Vendor to provide pricing options for intersection switches, e.g. all, some or DYI Network Hardware Staging (racking not required): • Place the switch(es) in an-approved area. • Connect County-provided power cables • Connect switch(es) into the County’s existing network (if applicable). • Inspect switch for physical damage (e.g. dents, bent pins, etc.). • Install all optional cards/modules into the switch(es) for rack installation: • Verify switch(es) DOA. • Dispose of packing material and other debris (keep few boxes for each device type). • Document serial number, switch name, and proposed location of new device. • Install any optics based on design and planning. • Define copper cabling requirements and lengths based on design and planning for deployment. Network configuration staging: • Configure network devices based on planning sessions. • Configure routing/switching, security devices based on design and planning . • Create network diagrams and detailed design documentation. • Create testing plans with the County and vendor. Network Hardware implementation and testing: • Physical Switch Installation (including proper rack installation) • Validate power and sufficient physical space for installation. • Install all optional cards/modules into the switch(es) for rack installation: • Mount any necessary rack related hardware to support respective device(s) • Install and route all County-provided power cables • Install devices based on staging • Document serial number, model and location of device removed • Place removed device in location that is specified by the County Network implementation validation: • Validate systems based on test plan defined in planning sessions • Record all results (pass/fail) • Resolve failed results 11.A.3 Packet Pg. 51 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 11 DNA Center Appliance Installation Cisco DNA Center (DNAC) is a centralized management application. Cisco DNAC simplifies network management by utilizing the automation features for ease of management, IOS updates, device monitoring, policy enforcements and analytics to improve network performance, and security to reduce risk. The Scope of This Service • Physical Appliance Installation • Unpack and inspect all hardware prior to installation for DOA • Verify correct power and sufficient physical sp ace for rack installation (e.g. 4 post rack, cabinet) • Install optics in appliance • Mount any necessary rack related hardware e.g. rails • Install and route all County-provided power, fiber and copper cabling • Configure CIMC IP for out of band management • Configure DNAC for network management functions • Perform basic discovery • Import network devices • Integrate with external applications e.g. Cisco ISE • Configure Network configuration (SNMP, SSH, etc.) • Create one (1) Plug-and-Play profile • Populate the Image Repository with up to 5 software images. (9500, 9300, IE3000) • Create Configuration Templates respective device models listed in the proposed equipment list • Create dashboards for CCTO o End-To-End Network Visibility: o Health Views, 360 Views, AP Analytics, and Dashboard Library o Predictive/Proactive Insights: o Global insights o Network insights o Wired network insights o Guided Remediation and Suggested Actions ISE configuration (Virtual Appliances) • Deploy ISE virtual appliances into the County’s existing virtual environment, e.g. HyperFlex with VMWare • Configure ISE appliances with IP, subnet, gateway according to planning • Configure local and AD administrative accounts for ISE management (administrative and alarm notifications) • Apply software upgrades or patches as necessary • Configure network devices • Configure 802.1x and MAB policies per design and planning sessions • Create policy and policy sets based on design and planning sessions ISE Implementation (Traffic) The Scope of This Service • Vendor and CCTP to develop a design document which includes: o How ISE will be implemented to meet network security requirements o Identify the business policies driving the access control o Define User and device policies to meet requirements • Define Network Integration • Define Wireless Integration • Define ISE nodes and personas • Determine Base/Plus/APEX license counts and Smart Licensing registration • Determine ISE Persona locations and deployment strategy • Upgrade to latest recommended stable software release • Define Active Directory Integration • Create endpoint evaluation and control group • Provide hardware and software requirements for Virtual Appliance installation • Create configuration templates for network devices, e.g. RADIUS, TACACS, CTS, etc. • Identify ISE compatibility for network switches, wireless, etc. • Identify current or create new VLAN, IP scheme • Document MAC Authentication Bypass (MAB) requirements, e.g. IP Phones • Determine identity stores and validate ISE readiness • Identify PKI readiness, e.g. internal MS CA 11.A.3 Packet Pg. 52 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 12 • Identify Multi-domain/multi-access requirements, e.g. multiple AD environments • Create Scalable Group Tags and SGT Matrix for secure group mappings (if applicable) • Integrate ISE via pxGrid with external devices, e.g. FTD/FMC • Determine default pACL (Port ACL) for network operations (if applicable) • Identify if Wake on Local Area Network (LAN) (WoL) is leveraged in the environment • Identify ISE probes e.g. DHCP, Netflow, SPAN, HTTP, SNMP, etc. • Identify the use of Passive Identity (AD integration required) • Determine identity integration requirements, e.g. pxGrid with FTD/FMC, etc. • Document required certificates and sources • Create authentication/authorization readiness and flow documents • Client readiness: o 802.1x supplicant support on end-devices, e.g. Native, AnyConnect o NAC client support, if required, on end-devices, e.g. AnyConnect Posture client • Identify desired software distribution for supplicant, posture, etc. (if applicable) • Document up to 5 non-802.1x devices, e.g. IP phones, AP’s, etc. • Identify Guest access requirements (if applicable) • Identify BYOD access requirements (if applicable) • Create captive portals for guest/BYOD • Policy and Policy Sets: o Create Policy sets based on service, e.g. employee access, guest, etc. o Create policies based on planning sessions o Create Authentication/Authorization policies per policy set o Create Results and conditions required • Determine and document CCTO training requirements: o User training o Administrator training o Help-desk training Document implementation plan • ISE validation documentation: o Test and verify high availability o Test client authentication/authorization o Test client results, e.g. dACL, SGT, etc. o Test portal redirection, e.g. guest, BYOD, etc. • Consider ISE policy enforcement: o Open mode, data collection approximately two weeks o Low Impact/Closed mode (enforcement) • Provide training as determined in planning phase • Provide Day-1 support for post-cutover issues verified to be the result of ISE deployment Network Layer 2 and Layer 3 VLAN Design The Scope of This Service o Layer-2 (TMC, NAPLES, BOCC, HUBs, intersection lights) ▪ Develop and integrate (New and Current) VLAN scheme. ▪ Use of port-channels at all phases of the Layer-2 network where applicable. ▪ Layer-2 design as far as Layer-2 loop prevention protocols and additional features; e.g., bridge assurance, BPDU guard, loop guard, and root guard. ▪ Develop a plan for use of port-channels and VSS technologies in a Data Center or main campus env ironment. ▪ Define the use of BFD (Bidirectional Forwarding Detection) for routing protocol failover and resiliency. ▪ Spanning-tree root placement for any traditional switches ▪ Any traditional layer-2 enhancements that may be necessary with devices in scope. o Layer-3 ▪ IP addressing scheme, including proper planning for the use of route summarization. ▪ IP routing protocol (OSPF, EIGRP (numbered and named), BGP), interaction, and connectivity with network(s) outside of administrative domains, e.g. FDOT, state agencies, etc. ▪ Define Layer-3 design as it relates to redistribution points and connections to legacy network. ▪ Review stub areas or stub routers depending on routing protocol (where applicable). ▪ Determine if the use of MD5 or IPSec routing adjacency authentica tion and encryption where possible. ▪ Document basic IP protocol features; e.g., path MTU discovery, ICMP usage or limitations as far as directed broadcasts, unreachable address notification, usage of proxy ARP. ▪ Define control plane policing. 11.A.3 Packet Pg. 53 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 13 ▪ Determine what basic IP protocol features, path-mtu discovery, ICMP messages, etc. will be implemented. ▪ Document the design where each site falls into a separate Layer-3 boundary, completely routed network backbone. ▪ Develop a plan for prevention of assymetric routing and traffic tromboning where possible. ▪ Develop a plan for improvement of current routing design as it pertains to new build if necessary . ▪ Develop a plan for optimazation and least-cost path usage for relevent traffic patterns. ▪ Develop a plan for WAN integration with application providers. ▪ Develop a design for multicast available network, including : • IGMP querier on all applicable segments. • PIM (Protocol Independent Design) for current and new application requirements. • RP (Rendezvous Point) placement for optimal multicast forwarding. • Determine if the use of BSR (Bootstrap Router) for RP announcement and redundancy is necessary. • Determine if the use of Anycast RP for RP redundancy is necessary. • Determine if the use of SSM (Source Specific Multicast) for cleaner and more scalable design is necessary. • Determine if application to support IGMPv3 is necessary. ▪ Agree and develop a test plan on how the final network design will be tested. ▪ Discuss and develop a migration plan for migrating existing systems to new network design including the schedule. ▪ Discuss and develop a plan for management network and out-of-band access to devices. ▪ Develop a plan for time synchronization using Network Time Protocol (NTP). ▪ Develop a Security plan for the network equipment, including AAA, SSH/TELNET and user accounts. ▪ Document the plan naming conventions. ▪ Develop and document new IP scheme and subnets. ▪ Discuss and review current network design and configuration . ▪ Discuss, review, document and implement new network design and configuration. Firepower Firewalls Implementation (Traffic/City of Naples) The Scope of This Service • Implementation and migration from one (1) ASA 5506 series firewall to two (2) High -Availability pair of FirePower Threat Defense (FTD) 2130s (Traffic) • New implementation, two (2) High-Availability pair of FirePower Threat Defense (FTD) 1140s (City of Naples) • Implementation of one (1) virtual Firepower Management Center (FMC) into existing virtual infrastructure add FTD2130 HA and FTD1140 HA firewalls • Upgrade to latest stable version of OS, e.g. FTD/FMC 6.6.x • Review existing firewall configuration, e.g. ACL, NAT, VPN (L2L, RA) • Creation of up to ten (10) new non -migrated objects (e.g. networks, hosts, user groups, etc.). • Migrate NAT and ACL rules to new firewalls (FTD/FMC) o Configure New FTD IPS (Balanced Security/Connectivity), up to 2 policies o Configure FTD URL Filtering (Basic Rule Set), up to 2 policies o Create redirection custom response page o Configure AMP for Networks and File inspection, up to 2 policies o Configure logging to FMC • Migrate and configure new VPN (L2L/RA) , up to 4 VPN (L2L, RA) • Create testing plan: o Verify inbound and outbound traffic flows o Verify NAT and ACL changes are working as expected o Verify VPN tunnels are up and passing traffic as expected o Verify connectivity o Verify sensor is receiving and inspecting traffic o Validate HA • Cutover firewall during maintenance window • Perform testing procedure determined during planning and document results • Review how to access and manage the firewalls the FMC 11.A.3 Packet Pg. 54 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 14 Core Switches -Catalyst 9500s and Catalyst 9300s (Traffic/City of Naples) The Scope of This Service • Establish link for migration of 6500 to two (2) 9500 -24 core switches (StackWise Virtual) • Migrate configuration from existing 6500 switch to new switches • Install switch(es) and rack accordingly to hardware guidelines • Implement New Core switches in both the TMC data center (2-9500 and 2-9300s), EOC DR location (1-9300) and (3) 9200L in City of Naples, connecting to CCTO’s network. • Design includes low and high level diagrams, migration plan, routing protocols, integration and access control management for devices etc. • Design high availability for the CORE and DR network devices and review various failovers scenarios that should be considered. • Design, migrate and Implement perimeter network security, establishing secure communication architecture between data center and DR site. • Configure switches based on design and planning sessions mentioned in this document Aggregation and Intersection Switches -Catalyst 9500s and Catalyst IE3000’s (Intersection Services) The Scope of This Service • Install/Replace existing (6) ME3400’s with (6) 9500-16 switches • Create appropriate L2/L3 network based on subnet planning per hub/intersection • Install aggregation switch(es) in hub respective locations • Install ruggedized IE3000 switches per intersection connected to respective hub or interconnected intersection • Design includes diagrams, migration plan, routing protocols, integration and access control management for devices etc. • Design routed high availability for hubs and intersection switches • Configure switches based on design and planning sessions mentioned in this document Collier County Traffic Operations Responsibilities • CCTO will Designate a single point of contact to act as the primary technical . • CCTO will make available key personnel (such as: architecture, design and planning, network engineering, network operations staff and site contacts) to participate during the course of the design, planning, implementation and network testing services. • CCTO will provide requirements (business and technica l) and high-level network architecture design specifications. • CCTO will provide documentation on existing network infrastructure design including routing, IP addressing, security policies, network management and operational processes. • CCTO will provide the vendor with information related to the following during the design review: o Business and technical design goals o Operational requirements o System and application interoperability requirements o Disaster recovery processes o IP addressing and VLAN scheme, o Network physical and logical diagrams and documentation o Security policies and compliance requirements o Other necessary data prior to or during the design review 11.A.3 Packet Pg. 55 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 15 EXHIBIT “D” VENDOR REQUIREMENTS • All proposed hardware, software and support must be Cisco Certified New, cannot be refurbished and must be supported through Cisco Direct TAC support. • The vendor must be a certified Cisco Gold Partner with CCIEs on staff. • Vendors who submit a proposal in response to this RFP may be required to attend oral presentations, to provide a demonstration of their products/services offered. This provides an opportunity for the vendor to clarify or elaborate on their proposal. This is a fact finding and explanation session only and does not include neg otiation. The County Procurement Strategist will schedule the time and location of the oral presentations. All oral presentations shall be held on site at a County location, and all costs involved shall be the responsibility of the vendor. Oral presentations are an option of the County and may or may not be conducted. Project Management: • The project management components, the vendor is responsible for include, but are not limited to, project work plans, project deliverables, schedules and budgets, risk management, change management, issue management, and quality management. • Vendor will provide a Project Manager experienced with the proposed solution to serve as the CCTO’s single point of contact in all aspects of this engagement including, but not limited to, scheduling, defining requirements, change control, risk mitigation, escalation, implementation planning, and acceptance. • Vendor will provide a Project Manager who shall work in accordance with, and under the direction of, the CCTO’s Project Manager to verify design specifications and end user requirements. • Participate in planning meetings, weekly status meetings, weekly conference calls and e -mail communications with the CCTO’s team to discuss the project and coordinate activities. • Maintain the Project Plan/Schedule, track dependencies between vendor and the CCTO team tasks, identify and manage vendor initiated project risks, and alert both project teams of any timeline slips and their effect on the project’s target end date. • Work in partnership with the designated CCTO Project Manager to coordinate vendor tasks with the County’s tasks throughout all phases of the project. • Provide on-site project management, technical and user support during cut -over, to include up to 3 days of post-live assistance and project management. The vendor’s Project Manager will use an organized incident management process to track, document and resolve all identified issues. • No modification to a scope of work shall become effective until both parties have mutual ly agreed. When chargess are necessary in order to analyze a modification, the vendor will provide a written estimate and begin the analysis upon written authorization from CCTO. The terms of a mutually agreed upon modification will prevail. • Additional required tasks discovered after the execution of this SOW that are not listed, will require mutual agreement between both parties once a quoted price is received. • Any modifications to the SOW shall be in compliance with the County’s Procurement Ordinance and Procurement Procedures in effect at the time such modifications are authorized. Vendor’s Kickoff Meeting: The project kickoff meeting should be attended in person and attended by the vendor and the CCTO project teams, along with any key resources from both the County and the vendor. The kickoff meeting is intended to: • Identify key contacts including definition of roles, responsibilities, and authority • Review scope of work and scope change process • Review project acceptance document • Discuss the project plan/schedule • Review the CCTO’s IT change control procedures • Identify key timeline objectives Vendor shall not subcontract any portion of the SOW to be performed under this resultant Agreement without advance written approval by the CCTO team. The vendor shall notify CCTO’s representative of the names of any subcontractors, persons or entities proposed for each of the principal portions of the SOW. The vendor shall not contract with any subcontractor, person or entity to which the County has made reasonable objection. 11.A.3 Packet Pg. 56 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 16 Implementation Coordination: Vendor shall be responsible for the following: • Vendor’s travel and expenses will be included with quoted labor and will not be billed separately. • Vendor shall work with the CCTO’s Project Manager to determine site installation of any required equipment, deployment schedule, migration plan, and coordination of any required equipment delivery. Migration work will need to be carefull y scheduled and performed with minimal disruption to the CCTO operations. • Vendor shall assume all responsibility for delivery, installation, and testing of all required equipment and services. • Vendor shall test and verify device connectivity. • Vendor shall test and verify Disaster Recovery (DR) failover and recovery. • Vendor shall provide onsite technical assistance during migration events throughout the migration schedule. • Vendor’s Project Manager shall work with the CCTO’s Project Manager to determine timeline and schedule for migration to new devices. • The proposed equipment shall provide all features and capabilities required by the specifications . • All features and capabilities shall operate trouble free under operational traffic loads . Vendor requirements include the following: • Vendor shall supply adequate resources for all post-migration issues including training, knowledge transfer, troubleshooting, and user programming adjustments. Vendor shall supply a Test and Acceptance document for revi ew and approval by the CCTO. • Vendor shall work with the CCTO’s resources to conduct and document test acceptance and site sign off. • The knowledge transfer strategy proposed by the vendor, to prepare the County’s staff to maintain the solution after it is placed into production. • Detailed description of system documentation and resources that will be included as part of the roll-out by the manufacturer including, but not limited to, detailed system user manuals, “Quick Reference” guides, online support, help desk support, user group community resources, and others as available. • It is the CCTO intention that the vendor will coordinate the training of County’s personnel in the use of its system(s) and that satisfactory implementation of an approved training plan, will be a key component of this project’s deliverables. • Documentation, including training manuals and agendas, will be provided by the vendor before each training session with the CCTO staff. Post Implementation: The Proposed Solution is considered as a mission critical system. It is expected that the successful vendor will provide a solution that meets the classification of "mission critical". Therefore, it is the intent to encourage the successful vendor to support the system in a suitable manner. • Vendor will replace defective materials and repair faulty workmanship within 24 hours of notification at no cost to the Owner during warranty period. • Vendor warrants that all maintenance staff who shall service the system have been fully trained and certified by the manufacturer as qualified to service the system. • Vendor shall provide all labor, materials, and transportation necessary to correct defective programs, applications including any reprogramming, replacement, and/or change out as may be necessary. • Vendor shall provide all labor, materials and transportation necessary to correct or replace defective or non -conforming parts or components. • Performance testing shall verify the ability of the system equipment components (hardware and software) and modules to perform the service functions specified are complete and functioning properly. • The performance test shall determine performance under a day to day operation during a 30 -day period immediately following cutover. The test shall be performed until a consecutive 30 -day period has elapsed, during which performance is satisfactory. Acceptance - CCTO requires an acceptance period of at least 30 days subsequent to the completion of the Cutover. During this 30-day period the system must perform without interruption of services and in compliance with all representations offered in the proposal. Should the system or other associated devices fail to perform satisfactorily, the 30 -day time frame for acceptance will start over until such time as, the system performance is satisfactory for a period of 30 consecutive days. Final payment will be withheld, and the warranty period will not begin, until system acceptance. Documentation of the satisfactory completion of this test shall be provided to CCTO. Each system shall operate continuously for 24 hours per day. During the acceptance test, demonstrate the correct operation of features and capabilities specified herein. The County will accept the installed integrated systems when each designated CCTO’s personnel have witnessed that the acceptance 11.A.3 Packet Pg. 57 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 17 tests have been satisfactorily completed and the specified criteria have been satisfied and the system operates without failu re or vendor’s intervention for the entire burn-in period. Training & Knowledge Transfer: Vendor will provide up to 16 hours of instruction to staff to explain the settings and day -to-day management for the following components, in addition to the standard knowledge transfer provided throughout the implementation: • FirePower Management Center (FMC) • ISE • Catalyst Switching • DNA Management Console REQUEST FOR PROPOSAL (RFP) PROCESS 1.1 The vendor will submit a qualifications proposal which will be scored based on the criteria in Evaluation Criteria for Development of Shortlist, which will be the basis for short-listing firms. The vendor will need to meet the minimum requirements outlined herein in or der for their proposal to be evaluated and scored by the COUNTY. The COUNTY will then score and rank the firms. The COUNTY reserves the right to issue an invitation for oral presentations to obtain additional information after scoring and before the final ranking. A contract will be developed with the selected firm, based on the price and scope of services and submitted for approval by the Board of County Commissioners. 1.2 The COUNTY will use a Selection Committee in the Request for Proposal selection process. 1.3 The intent of the scoring of the proposal is for respondents to indicate their interest, relevant experience, financial capability, staffing and organizational structure. 1.4 The intent of the oral presentations, if deemed necessary, is to provide the vendors with a venue where they can conduct discussions with the Selection Committee to clarify questions and concerns before providing a final rank. 1.5 Based upon a review of these proposals, the COUNTY will rank the Proposers based on the discussion and clarifying questions on their approach and related criteria, and then request the assembly of an Agreement with the top ranked Proposer. 1.6 If, in the sole judgment of the COUNTY, a contract cannot be successfully agreed upon with the top-ranked firm, the COUNTY will move on to the firm ranked second. If a contract cannot be successfully agreed upon with the firm ranked second, the COUNTY will move on to the third ranked firm, and so on. RESPONSE FORMAT AND EVALUATION CRITERIA FOR DEVELOPMENT OF SHORTLIST: 1.7 For the development of a shortlist, this evaluation criterion will be utilized by the COUNTY’S Selection Committee to score each proposal. Proposers are encouraged to keep their submittals concise and to include a minimum of marketing materials. Proposals must address the following criteria: Evaluation Criteria Maximum Points 1. Cover Letter / Management Summary 5 Points 2. Statement of Work 15 Points 3. Cost of Services 10 Points 4. Experience and Capacity of the Firm 30 Points 5. Specialized Expertise of Team Members 40 Points TOTAL POSSIBLE POINTS 100 Points Tie Breaker: In the event of a tie, the Committee will be asked to break the ties based on the evaluation criteria as presented in this RFP. ---------------------------------------------------------------------------------------------------------------------------------------------------------- Each criterion and methodology for scoring is further described below. ***Proposals must be assembled, at minimum, in the order of the Evaluation Criteria listed or your proposal may be deemed non-responsive*** 11.A.3 Packet Pg. 58 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 18 EVALUATION CRITERIA NO. 1: COVER LETTER/MANAGEMENT SUMMARY (5 Total Points Available) Provide a cover letter, signed by an authorized officer of the firm, indicating the underlying philosophy of the firm in providing the services stated herein. Include the name(s), telephone number(s) and email(s) of the authorized contact person(s) concerning proposal. Submission of a signed Proposal is the vendor's certification that the vendor will accept any awards as a result of this RFP. EVALUATION CRITERIA NO. 2: STATEMENT OF WORK (15 Total Points Available) In this criteria, include, but not limited to: • Provide an implementation plan of the project: • Provide a detailed timeline for completion of the project: o The vendor will be responsible for the development and maintenance that must include, but is not limited to, the identification and definition of all project phases, stages, tasks and the respective start dates, duration of tasks, dependencies of tasks, milestones, deliverable due dates, and responsible party. • Include project controls and processes that will ensure a smooth implementation. Clearly outline the methodology that supports implementation. • Describe their Project Management Approach used to manage the design, configuration, and implementation of the proposed solution including, but are not limited to, the number and roles of staff (both on -site and off-site), time commitments of each, and length of service. • Include a project plan identifying tasks where the CCTO’s project manager and technical staff will be working independently or collaboratively with the vendor’s staff during the design, development, configuration, and implementation phases of the proposed solution. o A project deliverable includes the ability to produce a documentation package comprising of: ▪ Detailed Design Document • Configuration templates • Topology Maps • Naming conventions ▪ Detailed Connections and IP Scheme • Infrastructure connections only (i.e. – switch to switch, switch to router) • IP Subnets and VLAN mappings • VLAN Segments (where necessary) ▪ Network Ready for Use Document – NRFU • Cisco Training Credits will be included with proposal for designated CCTO’s project team to be considered as first line of defense in supporting proposed solution. EVALUATION CRITERIA NO. 3: COST OF SERVICES (10 Total Points Available) In this criteria, include, but not limited to: • Provide the projected total costs associated with this integrated network solution, must include all supervision, labor, materials, equipment, training and testing required for the work associated with the implementation project, as well as any overtime that may occur. EVALUATION CRITERIA NO. 4: EXPERIENCE AND CAPACITY OF THE FIRM (30 Total Points Available) In this criteria, include, but not limited to: • Provide information that documents your firm’s and subcontractors’ qualifications to produce the required deliverables, including abilities, capacity, skill, financial strength, and number of years of experience in providing the required services. • Describe the various team members’ successful experience in working with one another on previous projects. • Include quantity of certified technicians/support staff and specify their dispatch location. • Submit a minimum of three (3), maximum of five (5) completed relevant references for which the vendor has provided a similar solution within the last three (3) years. The systems must be currently in full production use and be of similar size and complexity to the County. The solution must be presently in full production use (sales pending implementation of key components do not qualify). References from all vendors may be contacted at any time throughout the quote review process. (use the “Reference Template” for each relevant reference (Attachment A – Reference Template). 11.A.3 Packet Pg. 59 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) 19 EVALUATION CRITERIA NO. 5: SPECIALIZED EXPERTISE OF TEAM MEMBERS (40 Total Points) In this criteria, include, but not limited to: • The vendor must be a certified Cisco Gold Partner with CCIEs on staff. • Description of the proposed contract team and the role to be played by each member of the team. • Attach brief resumes of all proposed project team members who will be involved in the management of the total package of services, as well as the delivery of specific services. • Attach resumes of any sub-vendors and attach letters of intent from stated sub-vendors must be included with proposal submission. VENDOR CHECKLIST ***Vendor should check off each of the following items as the necessary action is completed (please see, Vendor Check List)*** 11.A.3 Packet Pg. 60 Attachment: 20-7777 Solicitation (RFP) 10-6-20 (15842 : 20-7777 Presidio Contract) Selection Committee Scoring Sheet (STEP 1) RFP #: 20-7777 Title: Intelligent Transportation System (ITS) Integrate Standardize Network Communications - Grant Funded Name of Firm Haris Dommond Joe Rauktys Randy Ensell Bret Sorling Total Scores Final Rank Presidio Network Solutions LLC 69 91 99 60 319.00 1 Netsync Network Solutions, Inc.36 84 97 40 257.00 2 Procurement Professional Barbara Lance Step 1: Upon direction by the Procurement professional, the individual selection committee member should provide their scoring of the proposals. Step 2: The procurement professional will review the mathematically tabulated scores. Step 3: The Committee will determine the number of proposers to bring back for oral presentations. Page 1 of 1 11.A.4 Packet Pg. 61 Attachment: 20-7777 Final Rank (15842 : 20-7777 Presidio Contract) 11.A.5 Packet Pg. 62 Attachment: 20-7777 NORA (Flattened) (15842 : 20-7777 Presidio Contract)