ADDENDUM No. 1 - Port of Oakland · ADDENDUM No. 1 RFP 14-15/06 – Common Use Self Service Kiosk...

RFP No. 14-15/06 – Addendum No. 1 of 6

Purchasing Department

530 Water Street

Oakland, CA 94607

Date: August 6, 2014

Revised: August 7, 2014

ADDENDUM No. 1

RFP 14-15/06 – Common Use Self Service Kiosk at Oakland International Airport

This Addendum modifies the original RFP Documents for the above RFP. Acknowledge receipt of this

addendum in the space provided on the RFP Acknowledgement and Signature Form (Attachment

3). Failure to do so may disqualify your proposal.

The following questions were submitted by the deadline and are answered in this addendum.

1. Question: Will the Port accept proposals from firms that offer operating lease/financing CUSS

Kiosk?

Answer: In order to make a true cost comparison, proposers will need to quote on cost for the

Port to purchase the equipment. Once a vendor has been selected, other options may be

discussed during the negotiation period.

2. Question: Can you confirm that the CUSS IATA V1.3 is what the Port is expecting to receive as

part of this solicitation?

Answer: While the Oakland Airport prefers a system that meets the current standard, the Port

will accept and review all proposals received that meet the minimum requirements. No additional

points will be awarded based on whether a proposed system meets or does not meet the standard.

It is the intent to select the best proposer and solution for the airport and its carriers.

3. Question: Will the airport assist and/or drive the Airlines to get their applications updated?

Answer: Yes.

4. Question: What will the airport’s response be to an airline that does not provide a CUSS v1.3

compatible check-in application?

Answer: The airport will evaluate and consider what airlines can and should be available on the

CUSS kiosks. For the purpose of this RFP, please assume all listed airlines will be made

available.


5. Question: Is there a requirement to have, in addition to the 12 CUSS Kiosks required, a Test or

Lab Kiosk at OAK? It is recommended that a unit be considered for this purpose.

Answer: Yes, items such as this will be discussed during the negotiations with the selected

vendor.

6. Question: What is the requirement for the Service Level Agreements (SLA), understanding

ServiceTec will be taking 1st Level Response?

Answer: Receive trouble reports and provide phone support to resolve issues from local first level

maintenance vendor (ServiceTec International) or OAK’s Aviation IT Department. Within normal

coverage hours the airport would expect immediate help, and a 2 hour response for afterhours

calls.

7. Question: What are the expected coverage hours from a service perspective; +/- First Flight and

Last Flight and response time?

Answer: Normal coverage hours for second level support would be 5:00am – 12:00pm PST.

8. Question: What is the interface for the Airport NMS (AccelOps) System? What is the message

format that is expected?

Answer: Accelops can use SNMP traps, syslogs, netflow, WMI metrics and other event/protocol

formats concerning availability, performance, security and change. For custom device support

Accelops uses an XML based parsing engine so if a device is not already supported it can be

added either by modifying an existing parser XML file or create a new one. See attached

datasheet for Accelops.

9. Question: "Southwest Airlines is not on the standard Airline network". Can you please describe

the network they are on, how their systems at the airport connect to airline corporate data centers

and/or provide passenger processing from this alternate network.

Answer: Currently Southwest airlines maintain a separate network here at Oakland Airport. If

Southwest airlines decides to take part in the CUSS project, the airport’s IT department will work

with them to provide either a connection to their existing network, or to provide an airline circuit

dedicated for CUSS.

10. Question: Is it the intent for Southwest to put in an Airline Circuit in the Core Server Room

(IDF/MDF) during this implementation?

Answer: See response to question 9.

11. Question: Do all of the listed 11 airlines have a CUSS application (e.g. in use elsewhere); and are

these airlines committed to use CUSS provided by the airport when CUSS is made available (i.e.

are the airlines willing to remove their proprietary kiosks?)

Answer: The airport is currently working with the airlines to determine if they would like to offer

their services on the CUSS platform. The Port has no plans to require the airlines to remove

their proprietary kiosks. These kiosks will be placed in common areas.

12. Question: We are aware that currently, there is no approved IATA standard for a Common Use

Payment service. Is OAK willing to act as an intermediate merchant; i.e. to ensure that a

passenger payment goes first into an account of OAK; and that OAK then, e.g. at the end of a


week, forward any received amount to the recipient airlines, service fees between the airlines and

OAK to be negotiated.

Answer: Yes, proposers should specify if this is their preferred process.

13. Question: Capturing and transmitting of APIS data is considered as part of the airline application.

The CUSS kiosk can only ensure that the peripherals, e.g. a passport reader) are available. Please

confirm.

Answer: Yes, the airport wanted to insure that there would be nothing in the offered solution that

would preclude the transmission of APIS data.

14. Question: Does passport reading only involve OCR reading; or is reading of ePassport or check

of document genuity also included in this requirement?

Answer: The Port makes no requirement for how passport data is read or verified. Each proposer

should demonstrate the functionality of their scanner and what makes their solution better than

their competitors.

15. Question: Will this service number be provided by OAK; and will it be operated by OAK?

Answer: Yes

16. Question: Please confirm the requested printer configuration for the CUSS kiosks: is it supposed

to be ATB Boarding pass printer plus bagtag printer (as suggested by section A), or a boarding

pass printer only (as suggested by Req 4o)

Answer: ATB boarding pass printer plus bagtag printer (as suggested by section A)

17. Question: Do Southwest / SATA have CUSS applications in use elsewhere in their network?

Answer: Not currently at OAK.

18. Question: Can OAK establish contact to Passenger Service and/or IT departments of Southwest

and SATA?

Answer: Yes.

19. Question: Is there already an intended date for the “Notice to proceed”?

Answer: Yes, tentatively November 14th.

20. Question: The schedule here shows that kiosks are to be supplied 60 days after “Notice to

proceed”, but page 1 indicates that OAK Terminal 1 will see relocation of airlines in Q1 / 2015.

Please clarify.

Answer: Correct, the airport would like to install the new kiosks prior to the airlines relocating.

21. Question: Will the Port of Oakland require any additional first level maintenance or installation

performances with the final vendor?

Answer: Yes, the selected vendor should expect to have staff onsite during the install to test all

kiosks once they are in place and assist in resolving any issues.


22. Question: What information will be required for the option to issue two (2) one year extensions

not to exceed a total period of 7 years other than quotes for extension?

Answer: Yes, the selected vendor should expect to have staff onsite during the install to test all

kiosks once they are in place and assist in resolving any issues.

23. Question: As the RFP notes that that the listed 11 carriers are on the Ports Shared use system, is it

correct to assume that the successful proponent will have access and the appropriate network

routing from the Port to access the individual airlines host circuits? This access would not

include Southwest Airlines and SATA, who are identified as not being on the Ports system.

Answer: Yes. Please also note, SATA is currently available on the airports shared use system.

Their current reservation system is an internet solution called MIS Choice.

24. Question: Does the requirement for the kiosk to meet ADA compliance include all hardware and

software including the EZ keyboard as well as compliance with DOT-OST-2011-0177?

Answer: The Port does not require or specify any particular hardware \ software to insure a

kiosk meets ADA compliance. It is up to the vendor to demonstrate how their solution meets

and\or exceeds these requirements.

25. Question: In item b, does the reference to the use of ATM cards indicate the need for a pin pad, or

just that it supports debit cards used without the input of a pin number?

Answer: If the kiosk can process ATM cards without the need for a physical pin pad, then none

would be required.

26. Question: In item d, is there a preference/requirement for a swipe passport reader, half page

reader or full page reader?

Answer: A vendor may propose what they feel is the best solution for OAK.

27. Question: In item e, can you provide clarification? Typically the function of gathering passenger

information for APIS or other purposes is done by the airline provided CUSS applications and

then pass for clearance by the DHS through the airline host.


28. Question: In item i, please confirm that the units are to be delivered with Windows 7 a CUSS

v1.3 compliant platform.

Answer: The kiosks are required to have a base OS of Windows 7 (or approved equal). Regarding

CUSS v1.3, see response to question 2.

29. Question: In item j, Is SNMP on Win7 (e.g. setup SNMP services). Can they provide any further

detail on what integration they’re expecting for CUSS with their NMS? Are there examples of

what “platform alerts” are expect from the CUSS units? Is there any other specialized data

required? If so, can is there a sample MIB?

Answer: AccelOps can collect SNMP as well as WMI for windows machines and also system logs

application logs and so forth. No defined program alerts have been defined, the Port just wishes

to understand what can be offered in the way of alerting. See attached datasheet for AccelOps.


30. Question: In item k, is there a minimum desired uptime for the kiosk when under UPS power?

The intent is to have the kiosks supported by the airport’s generator if there was a power outage.

Answer: Although not a requirement, a desired uptime would be 15 minutes.

31. The initial time frame for the “Order and Delivery of the Kiosk” is below the normal lead time for

the product. Is this a hard schedule or is there some latitude for product lead time?

Answer: Proposers should be prepared to specify how much lead time they will require if it is

outside the schedule specified by the Port.

32. Question: Does the Port require an initial stock of spare or replacement parts for the kiosks, if so

what qty?

Answer: Proposers should list their recommendations based on their experience with their

solution.

33. Question: What is the warranty requirement for the kiosks?

Answer: Please specify the warranty included with your solution.

34. Question: Should the kiosk include bagtag printers? There is a reference to baggage stock in

section A. If so single or dual?

Answer: See response to question 16. In regards to bagtag stock, the proposer should make a

recommendation based on what they feel is the best for OAK.

35. Question: If the kiosk include bagtag printers, should the stock be roll or fan fold?

Answer: The proposer should specify their preferred stock based on their experience with both.

The Port does not have a preference.

36. Question: The Contract for Professional Services does not include a clause or exhibit for software

licensing. Please advise if bidders should provide a standard software license as part of their

proposals?

Answer: If the proposed solution requires an annual software license, then yes please include

with your cost proposal.

37. Question: Can we attach additional technical material pertinent to this proposal such as brief

attachments that provide further explanation of our proposed solution in response to specific

requirements in the RFP?

Answer: The Port will allow for an additional 6 pages (double sided) for technical material as an

attachment to the proposal.

38. Question: Of the 11 airlines operating in Terminal One, which of them currently has an IATA

CUSS application?

Answer: For cost estimating, proposers should assume all 11 airlines have and will be made

available on CUSS. The airport is currently working with the airlines to determine if they have

and wish to offer a CUSS application on the new kiosks.


39. Question: Under section II (Scope of Services), Item B (Product Specification and Capabilities),

Line i. - Must be Windows 7 OS: Of those who have a CUSS application, which of them are

currently operating on Windows 7?

Answer: For cost estimating, proposers should assume all 11 airlines have and will be made

available on CUSS and are compatible with Windows 7. After vendor selection, a more defined

scope will be determined during negotiations.


Line j. – Must integrate with airport NMS (AccelOps): Can you please provide us with the

protocol or integration requirements for the interface to the NMS?



Line r. Provide system status refresh updates at least every 30 seconds: Would you accept system

status refresh updates every 60 seconds?

Answer: The minimal standard as stated in the RFP is 30 second refresh. If a vendors current

kiosk does not meet this requirement, it should be specified what would be involved from both

cost and schedule impact to meet this requirement.

Automated Discovery and Configuration Monitoring Database (CMDB)

f Discover network devices, servers, storage, users, and applications in both physical and virtualized environ-ments by combining SNMP, WMI, Telnet/SSH, LDAP, VMware VM-SDK, HTTP(S), Microsoft RPC, Cisco SDEE, JMX and JDBC

f Discover hardware and inventory in-formation, bios, configuration, installed applications, running processes and services, interfaces, storage, open ports, and installed patches

f Map layered relationships such as virtual to physical machines, wire-less access points to controllers, and network devices to log/management servers

f Automatically categorize discovered entities into groups using customiz-able knowledge base

• Functional device groups – fire-walls, router/switches, VPN gate-ways, storage, etc.

• Infrastructure application groups – DNS servers, DHCP servers, AAA servers, etc.

• User application groups – web servers, application servers, data-base servers, mail servers, etc.

f Dynamically create a configuration management database (CMDB) and automatically generate detailed layer 2 and layer 3 network topology maps

f Schedule periodic discovery to auto-matically detect new devices, network, server and directory service configu-ration changes, and maintain updated CMDB and network topology

f Fast adjacency-driven, smart discov-ery in addition to full IP range scan

f Create reports for inventory manage-ment, capacity planning and compli-ance

Multi-faceted Data Collection f Multi-faceted collection of SNMP and

WMI data, hardware status, system files, system logs, application logs, network device logs, directory service objects and network flow information

f Agent-less collection methods include SNMP, Syslog, WMI, Cisco SDEE, Checkpoint LEA, JDBC, VMWare VI-SDK, JMX, Telnet, SSH, network flow, and HTTP(S)

f Custom metrics can be collected via SNMP, WMI, JMX and JDBC

f Normalize data from multi-vendor, multi-technology devices into a com-mon format

f XML-encoded event handling technol-ogy for flexible high throughput event parsing without requiring software updates. Add custom parsers for new device support by writing XML files

f More than 100 pre-defined XML parsers with more than 1000 parsed

DATASHEET

Assure service availability and increase operational efficiency with integrated real-time data center monitoring, alerting, analysis, and reportingThe AccelOps monitoring application offers a seamlessly integrated platform for the collection, monitoring, analysis, alerting, and reporting of all IT event, log and performance data. A patented real-time analytics engine correlates events, logs, and performance metrics across the entire physical and virtual data center infrastructure including servers, storage, network, security devices, us-ers, location, and applications in a single application. Built-in rules, which may be easily customized by the user if desired, alert IT to malicious activity or performance-impacting events. From a “single pane of glass,” IT can monitor all data center activities and resources whether on-premise, remote, or in the cloud.

AccelOps Integrated Security, Performance, and Availability Monitoring ApplicationSimplifying complex real-time, cross-domain analytics for more secure, responsive and adaptive IT infrastructures

AccelOps 3.6 | DATASHEET

2

attributes provide rich coverage of tier 1 and tier 2 IT vendors across virtually all technology categories

Dynamic User Identity and Location Mapping

f Associate IP addresses to machine names, MAC, switch VLAN Id, logged on user name and directory identity

f Identify mobile devices logging into network by device type (i.e. iPhone, iPad, Android, Blackberry) correlated with User Identity

f Append geo-location information (i.e. city, state, country, longitude and latitude) to every log and event using a system-provided and periodically updated geo-location database

f Identify user location based upon nearest WLAN access point, Control-ler, VPN Gateway and layer 2 switch port

f Associate primary logins to second-ary logins to identify real user behind shared and administrative accounts

f Binds identity and location to events for real time correlation and post-event analysis

f Maintain an audit trail for each IP ad-dress identity and location mappings for historical analysis and compliance reporting

Event Search, Drilldown, and Robust Reporting

f Unified method to search events, logs, files and performance metrics across security, performance, availability and change management domains

f Real time search based on Google-like keywords and SQL-like structured queries on parsed event attributes

f Historical search with SQL-like filter-ing, result aggregation, and sorting

f Scalable parallel data-management architecture provides the ability to reduce search times by adding virtual appliances without any downtime

f Intuitive GUI simplifies search defini-tion

f XML-based search and report definition enables sharing within user community

f Ability to trend search results identi-fies spikes, dips and anomalies

f Ability to convert search results into reports and dashboard widgets

f One-click recursive drill down for refining search criterion streamlines root-cause analysis

f Over 1500 customizable reports, categorized into device groups (such as network devices, servers, storage, and applications) and into functional groups (such as performance, avail-ability, security, and change manage-ment)

f Ability to schedule a report to run at any time interval and period, and to be delivered via email and SMS

f Report results exportable to standard formats such as PDF and CSV

Real-Time Event Correlation, Statistical Profiling, Root-cause Analysis, and Alerting

f Unified method to predict security threats and IT operational issues by real-time cross-correlation of events and key performance metrics across security, performance, availability, and change management domains

f More than 250 built-in rules cover variety of scenarios spanning per-formance, availability, security, and change management

f Global cross-correlation using mul-tiple AccelOps virtual appliances to handle unlimited events, logs, metrics and rules

f Create new rules or customize built-in rules using intuitive GUI

f Manage alert suppression and excep-tions using rules GUI

f Rules can vary from simple thresholds to comprehensive patterns supporting full Boolean logic and allowing:

• Sub-patterns connected in time dimension by operators such as AND, OR, FOLLOWED_BY, AND_NOT, and NOT_FOL-LOWED_BY

• Each sub-pattern can filter and apply aggregation operators such as AVG, MAX, MIN, COUNT and COUNT DISTINCT

• Thresholds can be static or statis-tically derived from profiled data

f Statistical profiling to baseline network activity, system resource consumption, errors and user/service account activity

f User defined maintenance schedules ensure alerts are not sent out during maintenance windows

f Policy based notification handles en-terprise grade incident management

f Alerts delivered via console, email, SNMP trap, XML push and SMS includes metadata such as host/user identity, location details. Alerts can also trigger customizable notification scripts.

f XML-based rule definition enables sharing within user community

Business Service Discovery, Mapping and Impact Analysis

f Ability to define a business service as a smart container of devices and applications serving specific business purpose speeds troubleshooting and problem resolution

f Wizard to create business services by choosing relevant devices and ap-plications based on CMDB, topology and traffic flows

f Visualize business service compo-nents on the topology map

f Prioritize incidents by business service and assess service SLA by comparing against current metrics and trends


3

f Create reports and dashboards cus-tomized by business applications for specific departments and organiza-tions within the enterprise.

Virtualization Monitoring f Cross-correlates hardware, storage,

VM, v-Switch, Guest Host/OS and application health, performance and incidents

f Interactive VM dashboard: ESX and VM vitals, relationships, metrics, configurations, trends, events and location

f Tracks new VMs as they are intro-duced and monitors for excessive VM migration across different physical machines

f Identifies VM contention and issues regarding respective hardware and storage performance and resource utilization

f Links virtual and physical resources and relationships to business and business services

Cloud Service Monitoring f Monitor guest OS and applications

deployed in an EC2 cloud by deploy-ing an EC2 collector

f Monitor detailed system and applica-tion metrics and logs for cloud appli-cations in fine grained time intervals

f Validate cloud SLAs, monitor mali-cious cloud activities, and trigger alerts for out-of-bounds conditions

f Combine on-premise SLAs with cloud SLAs for effective hybrid cloud monitoring

Multi-tenancy for Managed Service Provider Deployments

f Multi-tenant software architecture permits logical separation between various customer data while simulta-neously sharing the same hardware

f Secure, customized alerts, reports, and visibility for each client customer

f Multi-tenancy allows enterprises to create secure partitioned business

unit, departmental or geographical views for security, confidentiality, and compliance purposes

Role and Function-based Integrated Monitoring Dashboard

f Built-in unified summary dashboard for a consolidated overview of per-formance, availability and security metrics for devices and applications; grouped by specific IT functional groups or a defined business service

f Obtain more context by launching device and application level overview, and by drilling down into specific events and incidents

f Built-in performance, availability, secu-rity and change dashboards; device and application level dashboards

f Ability to customize any dashboard by adding reports and metrics

f In-memory database technology al-lows fast, near real time auto refresh of dashboard data for a large number of devices and metrics

Incident Management With Trouble Ticketing

f Create, open, assign, change status and close tickets from incidents

f Ability to add notes and attachments to tickets, as well as conduct an audit trail of activity regarding a ticket

f Reports on overall ticket activity including ticket audit trail details, and by business service or user

f Two-way integration with major help desk applications such as Remedy. Custom email based integration with all help desk applications

Change Management f Monitor network device configurations

for startup configuration change and difference between startup and run-ning configuration

f Monitor servers for installed/unin-stalled application, file/directory, run-

ning application status, and network port up/down changes

f Monitor directory service user/group membership changes

f Configurations versioned and archived in change management database (CMDB)

f Alert on unauthorized configuration change – tie in user identity and location to provide true user identity, contact information, IP address and workstation name

f Report on configuration change his-tory by device or by business service

Security Information and Event Management (SIEM)

f Next generation SIEM that combines rich device support, scalable event collection, and global correlation with context from user identity, location, device, application configurations, availability, and performance metrics, to provide efficient, prioritized security analysis from a business service per-spective

f Collect, parse, normalize, correlate and store security related logs from virtually all IT silos including:

• Network activity logs from firewalls, routers, switches via net-work flow, VPN gateways, wireless LAN, Web/mail security gateways, and network IPS

• Server operating system activity logs, host AV, and host IPS

• Network infrastructure applica-tion logs: Domain Controllers, Authentication, DNS and DHCP servers, and vulnerability manage-ment servers

• User application logs from web, application, and database servers

f Flexible XML-encoded-event-handling technology for high throughput event parsing without requiring software update. New device support can be added by writing XML files


4

f Profile network traffic flow and firewall logs to detect network services and baseline communication patterns by days-of-month, days-of-week, and by business and off-business hours

f Built-in security threat detections include:

• Host scans, port scans, fixed-port host scans, denied scans, sudden increase/decrease of traffic from/to certain IPs, and other traf-fic anomalies from firewall and netflow logs

• Network device and server admin logon anomalies – excessive authentication failures, repeated authentication failures, authentica-tion failures during off business hours, and authentication failures from unusual IPs

• Network access anomalies from VPN, domain controller and wire-less logons

• Web server and database access anomalies, as well as account lockouts, password scans and unusual failed logon patterns

• Rogue workstations, PDAs, WLAN access points, etc. from DHCP logs

• Botnets, mail viruses, worms, DDOS and other day zero mal-ware by cross-correlating DNS, DHCP, web proxy logs and flow traffic

f Reduce network IPS false positives by comparing against installed patch information on servers

f Associate primary logins to second-ary logins to identify real user behind administrative and shared account usage

f Associate IP addresses to machine names, MAC, switch VLAN Id, logged on user name and directory identity

f Prioritize incidents by business service with the ability to manage incidents via an integrated trouble ticket system

f Built-in, customizable security dash-board and over 200 security related reports

f Broad event/log source collection: Syslog, SNMP, WMI, Netflow V5/V9, HTTP(S), JDBC, Checkpoint LEA, Cisco SDEE, Telnet, SSH

Log Management and Compliance Automation

f Logs compressed and archived for the amount of time permitted by the storage sub-system to meet data retention requirements

f On-demand access to all raw events and incidents with retrieval duration, of at least one year determined by license

f Ability to archive events to off-line storage. Ability to bring back off-line data for real time analysis. Ability to provision off-line storage for multiple customers with per-customer storage requirements

f Built-in compliance rules/reports for PCI, SOX, HIPAA, ISO, COBIT, FIS-MA and GLBA serve as foundation for a variety of privacy and governance mandates

Performance and Availability Monitoring

f Comprehensive end-to-end perfor-mance monitoring of all infrastructure elements (including routers, switches, firewalls, load balancers and storage) in the path from user to application, and by combining system and end-user perspectives

f VMware cross-correlation: ESX, hard-ware, storage, and VM performance and health metrics

f Integration with security, change management, network flow analysis, and VM to quickly detect changes in application behavior

f Monitor system availability and per-formance via ping, hardware status, device uptime metrics, CPU, memory, disk, interface, process counts and thread counts

f Monitor process level performance including CPU, memory, disk activity and uptime

f Monitor detailed application level performance metrics for DNS, DHCP, SQL Server and Oracle databases, IIS and Apache web servers, app servers, and Microsoft Exchange

f Synthetic transaction monitoring of DNS, FTP/SCP, Generic TCP/UDP, ICMP, JDBC, LDAP, SMTP, IMAP4, POP3, POP3S, SMTP, SSH and Web — HTTP, HTTPS (Single and Multi-Step)

f Built-in and customizable rules to detect device, application, and busi-ness service health spanning multiple metrics

f Rules can be based on thresholds on aggregated metrics; thresholds can be static or dynamic based on statisti-cal profiles of any metric

f Track performance and availability by business service. Track trends of metrics or of business service health and create reports

f Performance and availability data col-lected via SNMP, network flow, WMI, Telnet/SSH, JMX, HTTP(S), JDBC and VMware VI-SDK to cover wide range of applications, servers and network devices

Automated Remediation f Ability to execute user-defined scripts

when rules trigger – examples include

• Shun IP addresses in firewalls and network IPS upon detecting mali-cious activity or excessive denies

• Disable users from VPN gateways if logging from unauthorized loca-tions

• Disable users from WLANs upon detecting excessive traffic or policy violations

Inventory Management f Collect network device and server

inventory spanning all aspects of hardware and software information


5

f Hardware information includes speci-fications, license and serial numbers for bios, processor, memory, storage (local and remote), power supply, fan, RAID battery, etc.

f Software information includes items such as vendor, version, license information, usage for installed ap-plications, installed patches, run-ning/stopped services, and running processes

f Ability to associate inventory items such as department and user owner

f Automatically updated through repeated discovery at standard and user-defined intervals

f Ability to search and report on net-work inventory per device or group in both summary and detail

Administration f Wizard-based implementation guide,

online help and one-click upgrade

f Browser based GUI access with all communications secured via HTTPS

f Adobe Flex Web 2.0 implementation for desktop-like user experience

f Role based Access Control with user actions recorded via audit trail

Clustered Virtual Appliance Delivery

f Software on premise solution installed as a native virtual appliance running on VMware ESX or ESXi

f Deployable as a single, all-in-one virtual machine for simplicity or on a

cluster of virtual machines for scal-ability

f Scale-out architecture permits unlimited event collection throughput with instant search and correlation performance enhancement by adding virtual machines to the cluster

f Redundancy achieved by a com-bination of application failover and virtualization failover ensuring high availability

f Built-in hybrid data management comprised of flat file and embedded PostgreSQL database for unlimited online data analysis; determined by the amount of VMware or NFS reference storage and the AccelOps’ license

1 AccelOps virtual appliance can utilize any storage configured within VMWare ESX or can reference external NFS storage. The amount of storage listed is the amount typically required for one year of Online Data Access (ODA) and may vary depending upon device type and activity level. A license can be obtained to extend data retention and provide EPS elasticity to accommodate activity bursts.

AccelOps Model Devices

Events Per Second Host SW Processor Memory

Minimum Storage [1]

AO-VA-250 250 4500 VMWare ESX Quad core, 3GHz, 64 bit 16GB 2.4TB

AO-VA-500 500 7500 VMWare ESX Quad core, 3GHz, 64 bit 16GB 7.2TB

AO-VA-1000 1000 10000 VMWare ESX Quad core, 3GHz, 64 bit 16GB 12TB

AO-VA-2500 2500 18000 VMWare ESX Quad core, 3GHz, 64 bit 16GB 12TB

AO-VA-5000 5000 32000 VMWare ESX 2x Quad core, 3GHz, 64 bit 16GB 12TB

AO-VA-10000 10000 32000 VMWare ESX 2x Quad core, 3GHz, 64 bit 16GB 18TB

AO-Collector N/A N/A VMWare ESX Dual core, 2GHz, 64 bit 4GB 80GB

Security Information Event Management (SIEM)• SIEM knowledgebase, event log management, real-time

correlation, compliance management, identity access monitoring, change monitoring, netflow analysis, IDS filtering...

• Licensed by Events Per Second (EPS): 750, 1500, 4500, 7500, 10000, 25000

Performance / Availability Monitoring (PAM) • Performance and SLA monitoring knowledgebase,

change monitoring, VM management, network monitoring, business service management, performance monitoring...

• Licensed by Device Count: 10, 25, 100, 500,1000, 2500, 5000, 10000, Enterprise

AccelOps Foundation Module • Discovery, CMDB, Visualization, Service Mapping, Cross-correlation Engine, Alerting, Dashboards, Identity, Incident

Management, Search, Online Data Analysis. Licensed by Device Count: 250. 500, 1000, 2500, 5000, 10000, Enterprise

Foundation SP (Service Provider) • Multi-tenancy, Consolidated Console, Multi-Site Management, Elastic Capacity. Licensed by Maximum Device Count: 250,

1000, 2500, 5000

AccelOps Models and Installation Requirements


6

Antivirus• Cisco CSA• ESET Nod32• McAfee EPO• Sophos Endpoint

Control• Symantec Endpoint

Protection• Trend Micro IDF• Trend Micro OfficeScan

App Server• ASP.NET• GlassFish• Redhat JBOSS• Tomcat

Authentication Servers• Cisco ACS• Juniper Steel-Belted

RADIUS• Microsoft IAS

Backup

• Zenith ARCA

Blade Servers

• Cisco UCS

Cloud Services

• Amazon EC2

Database• Microsoft SQL Server• MySQL• Oracle Database Server• PostgreSQL

Directory• Microsoft AD 2000,

2003, 2008

DNS/DHCP Servers• BIND DNS• InfoBlox DNS/DHCP• Linux DHCP• Microsoft DHCP 2003,

2008• Microsoft DNS 2003,

2008

Email• Exchange• Postfix Mail Server• Sendmail

Environmental• APC UPS• Liebert UPS, HVAC,

FPC• NetBotz

External Monitoring

• Nagios

File Monitoring• Linux• Windows

Firewall• Astaro• CheckPoint FW-1,

Provider-1• Checkpoint VSX• Cisco ASA, IOS• Cisco FWSM, PIX• Fortinet • Juniper SSG, ISG• Linux ipchains• McAfee Enterprise

(Sidewinder)• Microsoft ISA• Palo Alto Networks• SonicWALL SonicOS• WatchGuard

Hardware Monitoring• Dell servers• HP servers• IBM servers• Network devices• Storage devices

Host OS• HP-UX• IBM AIX• IBM OS/400• CentOS• Fedora• Redhat• SUSE• SUN Solaris, SunOS • Windows 2000, 2003,

2008

Internet Security Gateways• Astaro Secure Gateway• Barracuda Spam Firewall• Blue Coat ProxySG• Cisco IronPort • McAfee Web Gateway

• Microsoft ISA Server• Squid• Untangle Secure

Gateway• WebSense MailFilter• WebSense WebFilter

IPS• Checkpoint • Cisco CSA, IPS • FireEye• ForeScout• Juniper IDP • McAFee Intrushield • Snort IPS • TippingPoint IPS

Load Balancers

• F5

Network Flow• netflow v5, v9

Remote Desktop

• Citrix ICA

Router/Switch• Alcatel-Lucent TiMOS,

AOS• Brocade Foundry

IronWare• Cisco CatOS, IOS, • Cisco MDS• Cisco NX-OS• ExtremeWare XOS• H3C Comware• HP ProCurve• Huawei VRP• Juniper Junos• Nortel ERS, Passport

Storage• Dell EqualLogic• EMC Clariion• Isilon OneFS• NetApp Data ONTAP• Host attached storage

Synthetic Transaction Monitoring • Web – HTTP/HTTPS• DNS• FTP/SCP• Generic TCP/UDP• ICMP• IMAP4

• JDBC• LDAP• POP3• POP3S• SMTP• SOAP• SSH• Telnet/SSH

Syslog

• Syslog-ng

Terminal Servers

• Microsoft ICA

Unified Threat Management (UTM) • SonicWALL• Fortinet

Virtualization• VMWare ESX, ESXi,

vSphere, vCenter

VoIP Servers• Cisco Call Manager• Cisco IOS IPSLA• Cisco CBQoS

VPN Gateway• Cisco ASA VPN3000• Juniper SSL VPN• Microsoft PPTP/L2TP• SonicWALL Aventail

Vulnerability Scanners• nCircle• QualysGuard• Rapid7 Nexpose• Tenable Nessus

WAN Accelerators

Riverbed Steelhead

Web Server• Apache Webserver• Microsoft IIS for

Windows 2000, 2003, 2008

• Nginx Webserver

Wireless• Aruba ArubaOS• Cisco WLAN• NetMotion Mobility XE

AccelOps Supported Vendor and Device Sources

© C

opyr

ight

201

2 A

ccel

Ops

, Inc

. Acc

elO

ps a

nd th

e A

ccel

Ops

logo

are

trad

emar

ks o

f Acc

elO

ps, I

nc. A

ll ot

her p

rodu

ct n

ames

refe

renc

ed a

re u

sed

for i

dent

ifica

tion

purp

oses

onl

y an

d be

long

to th

eir r

espe

ctiv

e co

mpa

nies

. All

info

rmat

ion

subj

ect t

o ch

ange

with

out n

otic

e.

Web: www.accelops.com Tel: 1 (408) 490-0903 Email: [email protected]

Rev. 113012

AccelOps, Inc. 2901 Tasman Drive, Suite 100 Santa Clara, CA 95054, USA

ADDENDUM No. 1 - Port of Oakland · ADDENDUM No. 1 RFP 14-15/06 – Common Use Self Service Kiosk...

Documents

Transcript of ADDENDUM No. 1 - Port of Oakland · ADDENDUM No. 1 RFP 14-15/06 – Common Use Self Service Kiosk...