Part II - Esic.nic.in
Transcription
Part II - Esic.nic.in
Request for Proposal Selection of Service Provider For Panchdeep 2.0 Annexure (Part II) (Annexure 19 to 23, 25 to 29 and also Annexure ‘X’ & ‘XX’) Note: This is Annexure Part II 1. Annexure (Part I) contains Annexure 1 & 3 to 13 2. Annexure (Part II) contains Annexure 19 to 23 and 25 to 29 and also Annexure X and XX. 3. Annexure (Part III) contains Annexure 2, 14 to 18 and 24 as attachment. Page1of 531 This page is intentionally left blank Page2of 531 Table of Contents Annexure 19 - ESIC Location Address with Site Code --------------------------------------------- 4 Annexure 20 - ESIC Location Address with Site Code --------------------------------------------- 26 Annexure 21 - ESIC Location Address with Site Code --------------------------------------------- 54 Annexure 22 - ESIC Location Address with Site Code --------------------------------------------- 75 Annexure 23 - ESIC Location Address with Site Code --------------------------------------------- 99 Annexure 24 Installation and Delivery Report ----------------------------------------------------- 121 Annexure 25 Bandwidth Requirements-------------------------------------------------------------- 121 Annexure 26 End User Requirement -----------------------------------------------------------------122 Annexure XX – Helpdesk as Is Process --------------------------------------------------------------- 182 Annexure X Overall Process Deliverables -----------------------------------------------------------191 Annexure 27 DC and DR Requirements ------------------------------------------------------------ 289 Annexure 28 Current SLA with the current Service Provider ---------------------------------489 Annexure 29 New SLA to be followed from T0+3 months till end of Contract ------------ 507 Note: This is Annexure Part II 1. Annexure (Part I) contains Annexure 1 & 3 to 13 2. Annexure (Part II) contains Annexure 19 to 23 and 25 to 29 and also Annexure X and XX. 3. Annexure (Part III) contains Annexure 2, 14 to 18 and 24. Page3of 531 Annexure 19 - ESIC Location Address with Site Code Sr. No. Address State Zone Location Type 1 AG-20,Shalimar Bagh ,Ring Road,(Ashok Vihar local office) Delhi -88 Delhi BO 2 New Address :- ESIC Branch Office, ESIC Disp Premises, Sec-5, Rohini, Delhi-85 Delhi Delhi Delhi 3 ASHRAM Manager, Branch Office ESI Corporation Behind Nikko Hotel.,Bhogal NEW DELHI-49. 4 Plot No. 20, ESI Dispensary Complex, Oppostie shruti apartment,dwarka sec-7 BO Delhi Delhi BO Delhi Delhi BO Delhi 5 6 KALKAJI Manager, Branch Office ESI Corporation ESI Dispensary complex, Kalkaji, Near Desh Bandhu College, NEW DELHI-19 KARAM PURA (NAJAF GARH)Manager, Branch Office ESI Corporation Behind Holy Child School, ESI Dispensary Complex, Raghubir Nagar, NEW DELHI. Delhi BO Delhi Delhi BO Delhi 7 KISHAN GANJ Manager, Branch Office ESI Corporation Near Gulabi Bagh Traffic Intersaction Vivekanand Puri, NEW DELHI-7 8 MAYAPURI Manager, Branch Office ESI Corporation DDA Shopping Centre-III 1st Floor Phase-I, Mayapuri NEW DELHI-64 9 Branch Office ESI Corporation Opposite Mori Gate Bus Terminal 10 New Address :- ESI Disp Complex, Room No. 14, 16 & 17, Nand Nagri, New Delhi 11 New Address :- A-5, Naresh Park Ext , Plot no. 34, Kh. No. 24, Nangloi, New Delhi-41 12 D- 102, Okhla Industrial Area, phase -1 New Delhi-110020/- Mukesh Ranjan 7838832534/ Pankaj 8860358755 13 SUBZI MANDI Manager, Branch Office ESI Corporation Behind Birla Mill, Roshanara Road,XScheme, Shakti Nagar, Near Nagia Park, Sabzi Mandi, DELHI -7 Delhi BO Delhi Delhi BO Delhi Delhi BO Delhi Delhi BO Delhi Delhi BO Delhi Delhi BO Delhi Delhi BO Delhi 14 Shop no: 208-209, Second Floor, MSP Mall, FC-1, B-Block, DSIIDC, Narela Industrial Park, Delhi110040 Delhi 15 Data Center Rohini Sec-15 Delhi BO Delhi Page4of 531 DC Delhi 16 Parsvnath, Metro Mall, Iind Floor, New Shahdara metro station, Shahdara, New Delhi Delhi 17 C-2/35 MODEL TOWN III AZAD PUR Delhi 18 NEAR MASJID INDERLOK Delhi 19 JANG PURA EXT. OPP RLY CROCING(NEAR EROS CINEMA) 20 A-79, Badli Extension, outer ring road,new delhi110042 DO Delhi Delhi Dispensary Dispensary Delhi Delhi Dispensary Delhi Delhi Dispensary Delhi 21 RESETTLEMENT COLONY PHASE-IV JWALAPURI Delhi 22 G- BLOCK OPP CGHS DISPENCERY KALKAJI Delhi 23 I-BLOCK KARAMPURA Delhi Dispensary Delhi Delhi Dispensary Dispensary Delhi 24 6010/b/2 Near Vikas Hospital Ward-3 Maharuli Delhi 25 BLOCK O MANGOLPURI Delhi Dispensary Delhi Dispensary Delhi 26 MIG FLATES 183A,183B,184A,184B Mayur Vihar Delhi Dispensary Delhi 27 22 FACILITY AREA NEAR P & S BANK MAYAPURI-2 28 B-309 MAYAPURI-1 IND. AREA,near police station and petrol 29 OPP MORI GATE NEAR TIS HAZARI Delhi Dispensary Delhi Delhi Delhi 30 N.I.A. NEAR MOTI NAGAR POLICE STATION Delhi 31 1st floor, THANA ROAD NAJAFGARH Delhi Delhi 32 ESI Disp Nandnagri, Adj to DTC Depoand ITI, New Delhi Dispensary Delhi Delhi Delhi Dispensary Dispensary Dispensary Delhi Delhi 33 U-103 VIJAY NAGAR NARELA Delhi 34 C-58 OKHLA IND AREA MODI MILL Delhi 35 DSIDC SHEDS OKHLA IND AREA Delhi Dispensary Delhi Delhi Delhi Dispensary Dispensary Dispensary Delhi 36 GURDWARA STREET CHUNAMANDI ,PAHAR GANJ Delhi 37 RZ-316,F-1 NEAR MAIN DWARKA CHOWK,MAHAVIR ENCLAVE ,PAPPANKALA Delhi 38 POCKET-3 PASCHIMPURI MADIPUR Delhi Dispensary Delhi Dispensary Delhi Dispensary Delhi 39 NEAR HOLI CHILD SCHOOL ,RAGUBIR NAGAR 40 POCKET B-9 SEC-V ,ROHINI SEC-V 41 BEHIND BIRLA COTTON & GEN. MILL,Sabzi Mandi,Nangia Park New Delhi Delhi Delhi Dispensary Delhi Dispensary Delhi Delhi Dispensary Page5of 531 Delhi 42 43 OPP SAROJANI NAGAR DEPOT ,Sarojani Nagar PHASE--IV WELCOME COLONY SEELAMPUR Delhi Delhi 44 AMBEDKER NAGAR BEHIND SBI,TIGRI Delhi 45 NERA WORKS DEPTT,OPP POLICE STATION TILAK VIHAR Delhi 46 SHASTHRI NAGAR NEAR VIVEKANAND PURI Delhi Dispensary Delhi Delhi Dispensary Dispensary Delhi Dispensary Delhi Dispensary Delhi 47 HN-181-184,186-191,LABOUR COLONY VK NAGAR Delhi 48 WAZIRPUR IND. AREA Delhi 49 Panchdeep Bhawan, C.I.G. Road, New Delhi110002 Dispensary Delhi Dispensary Delhi Delhi HO Delhi 50 BASAIDARAPUR ,Ring Road,New Delhi-110 015 51 2. JHILMIL Medical Superintendent, ESI Hospital, Jhilmil, Delhi 22151329 52 4. OKHLA Medical Superintendent ESI Hospital, Phase-II Okhla 26814161 53 5. ROHINI Medical Supdt. ESI Hospital Rohini, Sec - 15 New Delhi. 54 National Trailning Academy NRPO Building,EPFO complex Near Police Station Dwarka sec-23,New Delhi-110075 55 ESIC Office, 1st Floor, Indian Express Building, Annexe 9 - 10, Bhadur Shah Zafar Marg, New Delhi-110 002 Delhi Hospital Delhi Delhi Hospital Delhi Delhi Hospital Delhi Delhi Hospital Delhi Delhi NTA Delhi Delhi PMD Delhi 56 ESI Corporation, 3rd & 4th Floor, DDA Office Complex, Rajendra Place, New Delhi-110008 57 ESI Complex, Near Tilak Vihar Ploce Station,tilak Vihar New Delhi 58 C-149, Okhla Industrial Area, Phase I New Delhi 110020 Delhi RO Delhi Delhi SD Delhi Delhi SRO Delhi 59 ESI Corporation,Sector 7, Near Sai Baba Mandir, Rohini, New Delhi Delhi 60 61 New Address: ESI Corporatio, 7,8,9 Palika Bazar,Mahesh Nagar, Amabala Cant. Ambala. 134001 Near HDFC Bank , Bahadurgarh Haryana Haryana North North BO BO 62 63 Inside Disp No 1 &2 Bldg, Mela Grnd, Near Rlwy Station Bhiwani(New address=ESIC Bhiwani BO, 2nd floor, ESIS Hospital Premises, Jail Road, BHIWANI) NH5, NIT Haryana Haryana North North BO BO SRO Page6of 531 64 16/6 Mathura Road, Oja's Niwas,Rajiv Chowk, fbd Haryana North BO 65 66 67 68 69 New Address : Branch Office, ESI Corporation,House No-28D, 1st Floor, Sector-2324, Main Road,Opp. SPL Factory, Faridabad, Haryana Sector 27B , Branch Office Sector-8 , Faridabad Branch Off Near Civil Lines Branch Off Dundahera Haryana Haryana Haryana Haryana Haryana North North North North North BO BO BO BO BO 70 New Address :- NH-8, Manesar, Near NSG Gate Haryana North BO 71 72 Opp. Haryana Tin Factory IDC HISSAR(ew address=C/O ESIS diagnostic center, Disp No 5, Near Dainik Jagran Office, Hisar) Inside ESI Hospital Jagadhari Haryana Haryana North North BO BO 73 Near Main Post office, Bholi Stand ,Tikona Park,Panipat(New address=House 109, Adarsh Nagar, Near Anand Hospital, Near Main Post office, , Panipat. ) Haryana North BO 74 75 PLOT NO 417, PH-1 PANCHKULA-134410,Land loard - JIYA LAL JAIN 9815866226 Main G.T Road Rai Haryana Haryana North North BO BO 76 77 78 142 A, HIG,Housing Board Colony, Sector-6 DHARUHERA (REWARI) BO,Panchdeep Bhawan, Rohtak ESI Branch office, Near Kalu Pur Chungi Haryana Haryana Haryana North North North BO BO BO 79 80 New Address: ESI Corporatio, 7,8,9 Palika Bazar,Mahesh Nagar, Amabala Cant. Ambala. 134001 old civil hospital Buliding ,Ambala City Haryana Haryana North North DO Dispensary 81 H.No;-238,Mahesh Nagar Near Tender Heart School Ambala Cantt. Haryana North Dispensary 82 83 ESI Dispensary , Dhulkot, Old Nursing Hostel , Palika Vihar, Ambala City ESI Disp,Bahadurgarh Haryana Haryana North North Dispensary Dispensary 84 New building at Naichana Road Near Vishav Bharti School Bawal Haryana North Dispensary 85 S.M.O I/c ESI Disp No.1, Bhiwani, Mela Ground, Near railway station Haryana North Dispensary 86 S.M.O I/c ESI Disp No.2 , Bhiwani, Mela Ground, Near railway station Haryana North Dispensary 87 Dispensary No-03, Sector-21, Ind. Area, Bhiwani Haryana North Dispensary Page7of 531 88 Garhi Bolni Chowk, DHARUHERA, REWARI(Tahsil raod) Haryana North Dispensary 89 Near Old Dispensary Building, Jawahar Colony, Faridabad -121001 Haryana North Dispensary 90 91 92 ESI Dispensary , No. 3 , NH-3 , Fbd NEAR MACHLI MARKET, NH-3 ESI Dispensary , No. 4 , NH-1 , Fbd NH-1 ESI Dispensary , No. 5 , Fbd NH-2 Haryana Haryana Haryana North North North Dispensary Dispensary Dispensary 93 New Address :- ESIC Disp. Palwal, Panchwati Hospital Building, Near Panchwati Mandir, Palwal Haryana North Dispensary 94 ESI Dispensary , No. 2 ,Fbd, M.O I/c ESI Dispensary , no. 2 Sec 19 ,Fbd Haryana North Dispensary 95 ESI Dispensary , No. 1 ,Sec -8 ,Fbd, M.O I/c ESI Dispensary , No . 1 Sec 27 B ,Fbd Haryana North Dispensary 96 ESI Dispensary , No. 7 ,Sec -8 ,Fbd, M.O I/c ESI Dispensary , No . 1,Fbd Haryana North Dispensary 97 ESI Dispensary , Tigaon , Fbd, M.O I/c ESI Dispensary , Tigaon,Fbd Haryana North Dispensary 98 ESI Dispensary , No. 2 Plot No. 380-81 , Phase 2 , Udyog Vihar , Gurgaon Haryana North Dispensary 99 ESI Dispensary , No. 1 Near Sharma Restaurant , Gurgaon Haryana North Dispensary 100 ESI Dispensary , No. 3 Near Shama Restaurant , Gurgaon Haryana North Dispensary 101 H.No. 417/7,Near Bhaiji Dhaba , Hisar road Hansi Haryana North Dispensary 102 ESI Dispensary No. 1, DCM Textile road ,Hisar(Govt. Building) Haryana North Dispensary 103 ESI Dispensary No. 2, DCM Textile road ,Hisar(Govt. Building) Haryana North Dispensary 104 In front of HP Cotton, Delhi Road , Mayer ,Hisar Haryana North Dispensary 105 90 -w Model Town ,near Jindal Chowk , Hisar(New Address=ESIC dispensary fronk of Dainik Jagran Press,Watertak Overhead ,Industrial area Delhi road Haryana North Dispensary 106 ESI Dispensary , No. 1 & 2 ,In the part of Civil Hospital , Jagadhari Haryana North Dispensary 107 108 ESI Dispensary , No. 3 & 4 , In the part of Civil Hospital , Jagadhari H. NO 1634 , Urban Estate , Jind Haryana Haryana North North Dispensary Dispensary 109 110 NEW ADDRESS: sec-13 near water tank karnal,132001 Esi Dispensary, Manesar at Kasan Village Haryana Haryana North North Dispensary Dispensary Page8of 531 111 ESI Dispensary , No . 1, Near Bus Stand , panipat Haryana North Dispensary 112 113 ESI Dispensary , No. 2 , Panipat, E40/41 , Industrial Area , Model Town , panipat Near Pinjore Garden Haryana Haryana North North Dispensary Dispensary 114 ESIC Dispensary, sec-19, near railway fatak, Panchkula Haryana North Dispensary 115 116 NEW ADDRESS: Old BDPO Office Khol,Near Girls Sr.Secondary School,Opposite Maharaja Place,Naiwali Choke,Rewari. Dispensary,Panchdeep Bhawan, Rohtak Haryana Haryana North North Dispensary Dispensary 117 Opp. Bijli board, Near Byepass, Sampla(New Address=ESI Dispensary, Opp Police station Sampla , Haryana) Haryana North Dispensary 118 Guru ravi Das , GT Road , Opp Bus Stand ,Samalkha Haryana North Dispensary 119 H. No. 13/1112, Shiva Sweets Street , Vil. Kahirpur , Sirsa Haryana North Dispensary 120 ESI Dispensary, Near Police Chowki,Bahalgarh Sonipat Haryana North Dispensary 121 ESI Dispensary,Main G.T.Road, Kundali Sonipat Haryana North Dispensary 122 123 124 125 Plot No. 20, HSIIDC industrial Area, Murthal131001( 2-3 KM from GT Road) ESI Dispensary,Main G.T Road , Rai Sonipat Esi Dispensary, Roz ka Meo at sohna ESI Dispensary , Kachche Quarter, Sonipat Haryana Haryana Haryana Haryana North North North North Dispensary Dispensary Dispensary Dispensary 126 ESI Dispensary , no. 7 , Jagadhari(Private Building) , B6-1319 , Modern Colony , Near ITI Park Haryana North Dispensary 127 ESI Dispensary , no. 5 , Jagadhari(Private Building) E-29 Paper Mill Building ,YNR Haryana North Dispensary 128 129 ESI Dispensary , no. 6 , Jagadhari(Private Building) Near Gurudwara , Old Hamida YNR Med. Supdt ESI Hospital Jail Road BHIWANI Haryana Haryana North North Dispensary Hospital 130 Med. Supdt. ESI Hospital, NH-3, ESIC Building, NIT FARIDABAD Haryana North Hospital 131 132 Med. Supdt ESI Hospital Sector -8 ESIC Building FARIDABAD ESIC Hospital Sec-9 Gurgaon Haryana Haryana North North Hospital Hospital 133 Med. Supdt, ESI Hospital ESIC Building JAGADHARI Haryana North Hospital 134 ESIC Manesar Hospital, Plot No 41, sector 3, IMT Manesar. Haryana North Hospital 135 Med. Supdt, ESI Hospital ESIC Building PANIPAT Haryana North Hospital Page9of 531 136 137 ESI Corporation, H.No.5, N.I.T Sector – 16, Faridabad-121002 Haryana SCO 1083 , NAC Manimajara Haryana Haryana North North RO SD 138 Sub Regional Office, ESI Corporation, Plot No. 47, Sector 34, Near Hero Honda Chowk, Gurgaon 122001 Haryana Haryana North SRO 139 New Address : Branch Office, First Floor, Sai Road, Baddi HP North BO 140 vil Manthappal , Nahan Road , Kala amb,disttSirmour,HP HP North BO 141 NH-21 , Bhangrotu Ner Chowk Mandi HP North BO 142 Vill Daddi Bhola , Near Akash Hotel Nalagarh HP North BO 143 PAONTA SAHIB Branch Manager, Branch Office, ESI Corporation, Ward No. 4, Devi Nagar, Near Baweja House PAONTA SAHIB HP North BO 144 New Address : ESI Hospital Complex, Sec 2, Parwanoo HP North BO 145 146 c/o ESI Dispensary Building, Distt Industry centre , MEHATPUR, Distt UNA ESI Dispensary, Malwa Cotton Mills,Patlian HP HP North North BO Dispensary 147 148 CHAMBAGHAT, SOLAN DISTT\ESIC Disp , Near DEO and HFCL office, CHAMBAGHAT Distt.SOLAN NALAGARH, SOLAN DISTT HP HP North North Dispensary Dispensary 149 150 151 ESIC Dispensary, Near Baddi Bus Stand,Bhuj Dental College Building Deen Dayal Upadhyaya Hospital ESI Dispensary jabli HP HP HP North North North Dispensary Dispensary Dispensary 152 153 Export Park at Jharmajri P.O. Barotiwala, Tehsil Kasauli, Near Sneh Hospital , Nahan Raod Kalaamb HP HP North North Dispensary Dispensary 154 The President Satish Goel Chamber of Commerce Building Gondpur ( Industrial area) Poanta Sahib HP North Dispensary 155 Distt Indusctry centre , MEHATPUR, Distt UNA HP North Dispensary 156 ESIC Model Hospital Baddi, village: katha, District : Solan , Himachal Pradesh. Land mark :In Between Gellete factory and Vardhaman Mills HP North Hospital 157 ESI Hospital Sec 2 , Near Bus Stand , Parwanoo HP North Hospital Page10of 531 158 New Address : Regional Office, Second Floor, Sai Road, Baddi HP North RO 159 NEW ADDRESS: Red Cross Building, Near Raj Bhawan , Chota Shimla, HP HP North SD 160 ESIC Medical College & Hospital, Near Chowk, Mandi (H.P.) HP North Hospital 161 H.No- 31/A Sector-1, Sanjay Nagar Jammu 180004 J&K North BO 162 OM Shakti Bhawan Near Chenab Textiles Mills , on National Highway J&K North BO 163 164 Old Address : old Barzulla Road , New National Automibiles,Srinagar New Address : Branch Office ESI Corporation, Room no. 306-307, inside hotel Green Mountain, Palapora, Sonawar,Srinagar. Khanmoo, NEAR J& K BANK , SRINAGAR J&K J&K North North BO Dispensary 165 SIDCO INDUSTRIAL ESTATE, BAGH-E-ALI MARDAN KHAN, SRINAGAR J&K North Dispensary 166 ESI Dispensary,RANGRETH,SIDCO Ind. Complex ,SRINAGAR J&K North Dispensary 167 SICOP INDUSTRIAL ESTATE HMT, ZAINAKOTE J&K North Dispensary 168 Labour Comm. Office , near Bus Stand ,Batamalu J&K North SD 169 Labour Comm. Office , Labour sarai , Dogra hall near Shakuntla Talkies Jammu J&K North SD 170 NEW ADDRESS: House No.JMC 1065, Jawahar Nagar, Talab Tillo Jammu PIN CODE-180002 J&K North Dispensary 171 SIDCO Commercial Complex, BARI BRAHAMANA, JAMMU J&K North Dispensary 172 H.No. 217, Sector-1 Sanjay Nagar Jammu 180004 J&K North Dispensary 173 ESIC Model dispensary, opposite CTM GATE NO 7 ramnagar colony NH 1 A KATHUA J&K North Dispensary 174 ESIC MODEL HOSPITAL, SIDCO INDUSTRIAL COMPLEX BARI BRAHMA, JAMMU (J&K) J&K North Hospital 175 ESI Corporation, Panchdeep Bhawan, Ground Floor,10-B, Shastri Nagar , Jammu J&K North RO 176 ESI Dispensary railway Road, near CTM, labour colony SIDCO complex kathua jammu J&K North Dispensary 177 Dr. S.L. Phutela Building, Lajpat Nagar, Near Dr. Talwar Hospital, Sahitya Sadan, Abohar. Pin Code 152116 Punjab North BO Page11of 531 178 Branch Managar, ESI Corporation, Japani Mills Gate, G.T. Road, Chheharata, AMRITSAR (PUNJAB) Punjab North BO 179 Branch Manager, ESI Corporation, Majitha Road, Opp. ESI Hospital, AMRITSAR Punjab North BO 180 Branch Manager, ESI Corporation, Above Mortgage Bank, Near Bus Stand, BATALA Punjab North BO 181 ESIC, Trident Complex, Raikot Road, Barnala Punjab North BO 182 Branch Manager, ESI Corporation, H.No. 2977, Gali No. 4, Ajit Road, Near Old Bus Stand, BHATINDA Punjab North BO 183 Branch Manager, ESI Corporation, ESI Dispensary Complex, Sector 29, Chandigarh Punjab North BO 184 Branch Manager, ESI Corporation, ESI Dispensary, Dhandari Road, Mandi Gobindgarh(Punjab) Punjab North BO 185 Branch Manager, ESI Corporation, H.No. 180, Near Govt. S.S. School, Mohalla Tulsi Nagar, Hoshiarpur(Punjab) Punjab North BO 186 Branch Manager, ESI Corporation, ESI Dispensary No.4, Focal Point, Jalandhar(Punjab) Punjab North BO 187 Branch Manager, ESI Corporation, ESI Hospital Complex, Shaheed Udham Singh Nagar, Jalandhar Punjab North BO 188 Branch Manager, ESI Corporation, Inside ESI Dispensary, Kurali Road, Kharar(PUNJAB) Punjab North BO 189 Branch Manager, ESI Corporation, Saini Market, LALRU(Punjab) Punjab North BO 190 B.O Ind. Area ,Focal Point PH-5. GT Ambala Road Ludhiana Punjab North BO 191 BO- Giaspura , Swarn Complex , GT road Ludhiana Punjab North BO 192 BO - Kohara Raod , Street No. 3, Machiwara Road Ludhiana Punjab North BO 193 Gill Road , Above Canara Bank , Miller Ganj Ludhiana Punjab North BO 194 New Address :- BO- Sh.Gurmeet Singh #209, Rahon Road Ludhiana Punjab North BO 195 Branch Manager,Branch Office, ESI Corporation, #316, Ward No.8, Near Karbla Green Avenue, Dana Mandi Road, Near Bus Stand, Malerkotla Punjab North BO 196 Branch Manager, ESI Corporation, ESI Hospital Complex, Industrial Area Phase-7, MOHALI(Punjab) Punjab North BO Page12of 531 197 Branch Manager, ESI Corporation, 481, Shanti Nagar, Near Sales Tax Office, Majestic Road, MOGA(Punjab) Punjab North BO 198 Branch Manager, ESI Corporation, Kothi No. 18, 1st Floor, Gali No.1, Desi Mehmandari, PATIALA(Punjab)(New Address=Branch Manager, ESI Corporation, Kothi No. 17, 1st Floor, Gali No.1, Desi Mehmandari, PATIALA) Punjab North BO 199 Patel Nagar , Gurdaspur Road, Pathankot, tel0186-2228708 Punjab North BO 200 Branch Manager, ESI Corporation, Flat No. C1, ESIC Hospital Complex , Phagwara(Punjab) Punjab North BO 201 Branch Manager, ESI Corporation, H.No. 16-B, Gobind Colony, Rajpura(Punjab) Punjab North BO 202 203 Branch Manager, ESI Corporation, H.No. 28, Shaheed-e-Azam Bhagat singh Nagar, Near D.C. Residence, Ropar(Punjab) 2. ESI Dispensary,Sector 23, Chandigarh Punjab Punjab North North BO Dispensary 204 Medical Officer Incharge, ESI Dispensary, Abohar Punjab North Dispensary 205 JALLANDHAR - DISP. NO. II Medical Officer Incharge, ESI Dispensary, Ladowali Rd., Jallandhar Punjab North Dispensary 206 Director Health Services (SI), Punjab, Sec. 34, Chandigarh Punjab North SD 207 Medical Office Incharge, ESI Dispensary, Ahmedgarh Punjab North Dispensary 208 Medical Officer Incharge, ESI Dispensary, Majitha Road Hospital Complex ,Amritsar Punjab North Dispensary 209 Medical Officer Incharge, ESI Dispensary, Chheharata, Distt. Amritsar Punjab North Dispensary 210 ESI Dispensary GT Road , Manawala Kalan , Distt Amritsar Punjab North Dispensary 211 VERKA - Medical Officer Incharge, ESI Dispensary, Verka, Distt. Amritsar Punjab North Dispensary 212 DISP. NO. II Medical Officer Incharge, ESI Dispensary, C/o Malwa Textile Mills, Barnala. Punjab North Dispensary 213 Medical Officer Incharge, ESI Dispensary, GT Jalandhar Road near civil Hospital ,Umarpura , Batala Punjab North Dispensary 214 DISP. NO. 1 Medical Officer Incharge, H.No. 17038 , Gali No.5/A , Aggarwal Colony ESI Dispensary, Bhatinda Punjab North Dispensary Page13of 531 215 DISP. NO. III Medical Officer Incharge , ESI Dispensary, Galaxy Building, Dabwali Road, Bhatinda. Punjab North Dispensary 216 DISP. NO. II Medical Officer Incharge, ESI Dispensary, Guru Nanak Thermal Plant, Bhatinda Punjab North Dispensary 217 Medical Officer Incharge, ESI Dispensary, Guru Hargobind Super Thermal Power Plant , Lehra Mohabbat Distt. Bathinda Punjab North Dispensary 218 Medical Officer Incharge,ESI Dispensary,Sector 29, Chandigarh,0172 – 657793 Punjab North Dispensary 219 MANDI GOBINDGARH - DISP. NO. 1 Medical Officer Incharge, ESI dispensary, Mandi Gobindgarh Punjab North Dispensary 220 MANDI GOBINDGARH - DISP. NO. II Medical Officer Incharge, ESI Dispensary, Kukad Majra , Mandi Gobindgarh Punjab North Dispensary 221 Medical Officer Incharge, ESI Dispensary, Dhariwal, Near Bebe Nanki School ,Distt. Gurdaspur Punjab North Dispensary 222 Medical Officer Incharge, ESI Dispensary, Chhohal, Distt. Hoshiarpur. Punjab North Dispensary 223 Hoshiarpur No.2 shifted at nasrala, Near Railway station , Nasrala , Hoshiarpur Punjab North Dispensary 224 225 Medical Officer Incharge, ESI Dispensary, H.No. R-32, VPO Rahimpur, New Sabjimandi, Purhirah, Distt. Hoshiarpur ESI Dispensary , Saila Khurd , Hoshiarpur Punjab Punjab North North Dispensary Dispensary 226 JALLANDHAR - DISP. NO. III Medical Officer Incharge, ESI Dispensary, Basri Ganj, Jallandhar Punjab North Dispensary 227 228 JALLANDHAR - DISP. NO. IV Medical Officer Incharge, ESI Dispensary, Industrial Area, Dada Colony, Jallandhar ESI Dispensary , Jalandar , Goraya Punjab Punjab North North Dispensary Dispensary 229 DISP. NO. I Medical Officer Incharge, ESI Dispensary Hospital Complex ,Sahid Udham Singh Nagar, Jallandhar Punjab North Dispensary 230 231 JALLANDHAR - DISP. NO. V Medical Officer Incharge, ESI Dispensary, H.No. 8291, Near Hear Hospital, Street No. 1, Avaid Nagar, Makshuda Rd., Jallandhar ESI Dispensary , philluar,Jalandar Punjab Punjab North North Dispensary Dispensary 232 Medical Officer Incharge, ESI Dispensary, Hamira, Jagatjit Nagar, Distt. Kapurthala Punjab North Dispensary Page14of 531 233 KAPURTHALA - Medical Officer Incharge, ESI Dispensary, Kapurthala Punjab North Dispensary 234 KHARAR - Medical Officer Incharge, ESI Dispensary, Kharar Punjab North Dispensary 235 236 KHANNA - Medical Officer Incharge, ESI Dispensary, Khanna Near Saini Market Lalru Punjab Punjab North North Dispensary Dispensary 237 Ludhiana Dispensary XI, Medical Officer Incharge, ESI Dispensary, Hambra Road, Hambra, Ludhiana. Punjab North Dispensary 238 239 LUDHIANA - DISP. NO. II Medical Officer Incharge, ESI Dispensary, Wardhman Mills, Chandigarh Rd., Ludhiana ESI DIspensary, GT Road, Doraha, LudhiaNR Punjab Punjab North North Dispensary Dispensary 240 LUDHIANA - DISP. NO. VIII Medical Officer Incharge, ESI Dispensary, Gali No. 3 , Near CMC Hospital Gate no. 3 , Brown road Ludhiana Punjab North Dispensary 241 LUDHIANA - DISP. NO. X Medical Officer Incharge, ESI Dispensary, R.No.10, Gurmukh Singh & Sons, Ludhiana Punjab North Dispensary 242 LUDHIANA - DISP NO. XII Medical Officer Incharge, ESI Dispensary, Jalandhar By Pass, Ldh. Punjab North Dispensary 243 244 LUDHIANA - DISP. NO. VII Medical Officer Incharge, ESI Dispensary, Civil Rd., Janta Nagar, Ludhiana DMC Hospital Complex, Ludhiana Punjab Punjab North North Dispensary Dispensary 245 LUDHIANA - DISP. NO. 1 Medical Officer Incharge, ESI Dispensary, C/o ESI Hospital, Ludhiana Punjab North Dispensary 246 LUDHIANA - DISP. NO. IV Medical Officer Incharge, ESI Dispensary, C/o ESI Hospital, Ldh. Punjab North Dispensary 247 LUDHIANA - DISP. NO. V Medical Officer Incharge, ESI Dispensary, Ralson Nagar, G.T.Rd, Opp. D.K. Railway Stn., Ldh. Punjab North Dispensary 248 MALERKOTLA - Medical Officer Incharge, ESI Dispensary, Urban Slum Area, Lal Bazar, Malerkotla Punjab North Dispensary 249 MALOUT - Medical Officer Incharge, ESI Dispensary, Machiwara Punjab North Dispensary 250 MOGA - Medical Officer Incharge, ESI Dispensary, Nanak Nagri, Moga Punjab North Dispensary 251 MOHALI - DISP. NO. II Medical Office Incharge, ESI Dispensary, Phase-II, Mohali Punjab North Dispensary Page15of 531 252 253 MOHALI - DISP. NO. I Medical Officer Incharge, ESI Dispensary, Phase-VII, Mohali ESI Dispensary Banah Distt Nawan Sahar Punjab Punjab North North Dispensary Dispensary 254 NABHA - Medical Officer Incharge, ESI Dispensary, C/o Civil Hospitals, Nabha Punjab North Dispensary 255 Medical Office Incharge, ESI Dispensary, Vill. Asron, P.O. Rail Mazra, Asron, Near Ropar Punjab North Dispensary 256 Medical Officer Incharge, ESI Dispensary, Bishan Nagar, Bahadurgarh, Distt. Patiala Punjab North Dispensary 257 Medical Officer Incharge, ESI Dispensary, Dera Bassi, Distt. Patiala Punjab North Dispensary 258 259 ESI Dispensary No.2 at Lalru(P2-Unit) Nahar Factory, Lalru Pin Code-140501 Kothi no. 169 , Punjabi Bahg , Patiala Punjab Punjab North North Dispensary Dispensary 260 PHAGWARA - DISP. NO. II Medical Officer Incahrge, ESI Dispensary, Civil Hospital Complex, Phagwara Punjab North Dispensary 261 PHAGWARA - DISP. NO. I Medical Officer Incharge, ESI Dispensary, Opp. JCT Mill, Phagwara Punjab North Dispensary 262 ESI Dispensary No.I, Old ESI Hosptal Compex, Rajpura Punjab North Dispensary 263 Medical Officer Incharge ESI Dispensary, NUHON , Ropar Thermal Power Station. Near Ropar Punjab North Dispensary 264 Medical Officer Incharge, ESI Dispensary, C/o Civil Dispensary, Akbarpur, Distt. Sangrur Punjab North Dispensary 265 New Address :- IMO Incharge ESI Dispensary C/o. Darshan Singh S/o. Sh. Mohinder Singh Near Nahar Fibers Ltd. Jitwal Kalan Distt. Sangrur Punjab North Dispensary 266 SANGRUR - Medical Officer Incharge, ESI Dispensary, Sangrur Punjab North Dispensary 267 SIRHIND - Medical Officer Incharge, ESI Dispensary, Sirhind Punjab North Dispensary 268 Medical Superintendent, ESI Hospital, Majitha Road Amritsar Punjab North Hospital 269 Medical Superintendent, ESI Hospital, Ind. Area , Ph-VII < Mohali Punjab North Hospital 270 Medical Superintendent, ESI Hospital, Ram Darbar , Ph-II Chandigarh Punjab North Hospital 271 Medical Superintendent, ESI Hospital, Rajpura Now shifted to Mandi Gobindgarh Punjab North Hospital Page16of 531 272 Medical Superintendent, ESI Hospital, Hoshiarpur Punjab North Hospital 273 Medical Superintendent, ESI Hospital,Behind Civil Hospital, Jalandhar Punjab North Hospital 274 Medical Superintendent, ESI Hospital, Bharat Nagar, Ludhiana Punjab North Hospital 275 Medical Superintendent, ESI Hospital, Phagwara Punjab North Hospital 276 Regional Director, ESI Corporation, Panchdeep Bhawan, Sector 19-A, Madhya Marg, Chandigarh Punjab North RO 277 ESIC Model Dispensary, Sanjeevni Complex, Rajkot road, Barnala Punjab North Dispensary 278 DHS( UT ) Building , General Hospital Sec-16 Chandigarh Punjab North SD 279 Sub Regional Office ESIC HOSPITAL COMPLEX shaheed udham singh Nagar ,near civil Hospital ,Jallandhar Punjab North SRO 280 SCF 22-23, Urban EstatePh-2 , Near Samrala Chowk, Focal Point, LDH Punjab North SRO 281 FATEHABAD Branch Office, ESI Corporation, Fatehabad Road, AGRA UP North BO 282 SIKANDARA Branch Office, ESI Corporation, Goswami Market, SIKANDARA AGRA (esi hospital complex,1 floor near cenetral jail halwai ki bagichi,agra-282002 ) UP North BO 283 NAINI Branch Office, ESI Corporation, Chak Raghu Nath,Mirzapur Road Nani Allahabad UP North BO 284 ALIGARH,Branch Office, ESI Corporation, 1st Floor, Building No.2, ALIGARH UP North BO 285 286 New Address : 40/22, P.D.TONDON ROAD, CIVIL LINES, ALLAHABAD-211001 17, Malti Bhawan, deva Road, Barabanki UP UP North North BO BO 287 BAREILLY,Branch Office, ESI Corporation, Rampur Road, BAREILLY (New Address=esic BAREILLY,Branch Office, ESI Corporation,ist floor,4th kilo mtr., Rampur Road, c.b. ganj,near tata conmmercial,BAREILLY) UP North BO 288 FIROZABAD Branch Office, ESI Corporation, Trust Bhawan, Jain Nagar, FIROZABAD UP North BO 289 GHAZIABAD Branch Office, ESI Corporation, Navyug Market GHAZIABAD UP North BO 290 GORAKHPUR Branch,Branch Office, ESIC, 85-D, Civil Lines, Park Road, Gorakhpur UP North BO Page17of 531 291 New Address : PRABHU KRIPA, GUPT BHAWAN, NEAR GUPTA PETROL PUMP, NH-28 , SAHJANWA, GORAKHPUR-273209 UP North BO 292 362/12, behind Hotel Chanda civil lines Jhansi UP North BO 293 Branch Office - Chaubeypur, ESI Corporation, 1Bandi Mata Marg,Opp.Chaubeypur Block,Chaubeypur-209203 UP North BO 294 Meerpur Branch Office ,Second floor Jajmau Hospital UP North BO 295 . VINOBANAGARBranch Manager, Branch Office, ESI Corporation, Juhi 2, Complex, KANPUR 2605925 UP North BO 296 297 SAROJINI NAGAR Branch Manager, Branch Office, ESI Corporation, Opp. Mariyampur Hospital, KANPUR 2231557 Naveen Market ,Parede kanpur UP UP North North BO BO 298 PRATAPGANJ Branch Manager, Branch Office, ESI Corporation, Pratap Ganj KANPUR 2215559 UP North BO 299 LUCKNOW Branch Office,ESI Corporation, Kapoorthala Aliganj LUCKNOW UP North BO 300 AMAUSI Branch Office, ESI Corporation,Nakahindola, LUCKNOW UP North BO 301 Mathura Branch Office, ESI Corporation, Mathura UP North BO 302 ESIC Branch Office,Maunath Bhanjan 155,pratibha kutir near roadways maunath bhanjan UP North BO 303 MEERUT Branch Office, ESI Corporation,346/16 kamala nagar Bagpat Road, MEERUT UP North BO 304 Modinagar,Branch Office, ESI Corporation, opp.modi pon factory Hapur Road, Modinagar UP North BO 305 MURADABAD , Branch Office, ESI Corporation, Opp. Kunwar Cinema MORADABAD UP North BO 306 NOIDA-III,Branch Office, ESI Corporation,B-150 First Floor Phase II NOIDA UP North BO 307 NOIDA-I Branch Office, ESI Corporation, B-38 B First floor SEC. 57 NOIDA UP North BO 308 NOIDA-II, Branch Office, ESI Corporation,G-118 Sector-9 NOIDA UP North BO Page18of 531 309 NOIDA-IV,Branch Office, ESI Corporation,Surajpur Dadri Road near JK Bank Greater Noida UP North BO 310 Branch Office, ESI Corporation, Mahipal nagar RAI BAREILLY 2202228 UP North BO 311 ESIC Branch Office, Renukoot,Near Mansa Cinema Hall renukoot UP North BO 312 2/1432, jain digree college road near treasurery/police lines saharanpur UP North BO 313 SAHIBABAD, Branch Office, B1,B4 First floorShyam Park Extn. B Block Market Sahibabad UP North BO 314 Sikohabad Branch Office557/2 Near Station Raod, ESIC Sikohabad UP North BO 315 Branch Office, E.S.I. Corporation, Sikandrabad, C/o Sh. Kuber Dutt Sharma, Opp. Agrasen P.G. College, Main Railway Road, Sikandrabad, District- Bulandshahar (Near old Branch Office) UP North BO 316 UNNAOBranch Manager, Branch Office, ESI Corporation, 42, Atul Bihar Nagar, UNNAO 2820206 UP North BO 317 House no. S-5/38-129, Vindhyawashni Nagar Colony, Orderly Bazar, Varanasi UP North BO 318 ESI Dispensary,Jivini Mandi, takiya lal masjid Agra UP North Dispensary 319 ESI Dispensary, Mobile-A, under ESI hospital Agra (Site-c Sikandra Agra) UP North Dispensary 320 ESI Dispensary, Chhipitola Fathehabad Road near mugal sereton Agra UP North Dispensary 321 ESI Dispensary, Nanuai, State Nunhai, Near Saiad trans Yamuna, Agra UP North Dispensary 322 ESI Dispensary, Geoge Towan Amarnath jha Marg Civil Lines Allahabad UP North Dispensary 323 ESI Dispensary, Nani -I Near Swadeshi Cootton Mill naini Allahabad UP North Dispensary 324 ESI Dispensary, Nani -II Behind ITI Company naini Allahabad UP North Dispensary 325 ESIC Dispensary PPS Vidyalaya, Deva road, Brabanki U.P. pin code-225001 UP North Dispensary 326 ESI Dispensary, CB ganj, bareilly (Presently in ESI Hospital Pemisses) UP North Dispensary 327 ESI Dispensary, Ezzatnagar, Near Manohar, Bhusan Inter College, bareilly UP North Dispensary 328 ESI Dispensary, Najibabad Bijnaur near District eye hospital najibabad UP North Dispensary Page19of 531 329 ESI Dispensary, Bulandshahar near District hospital Bulandshahar UP North Dispensary 330 NEW ADDRESS: ESI Dispensary , Near Dadu ki patti Khurja Moic ESI, Dispensary Khurja UP North Dispensary 331 ESI Dispensary, Sikandrabad Industrial Area jokhabad Sikandrabad, Bulandshahar UP North Dispensary 332 ESI Dispensary, Etawh purana Jila chikitsalya Etawah UP UP North Dispensary 333 334 ESI Dispensary, Mobile Block No-37,labour Colony, Firozabad 77/2, Mahaveer Nagar, Firozabad UP UP North North Dispensary Dispensary 335 Sri mati. Rekha rani W/o Sri ashok kumar gyan bharti Inter collage in front of awntika nagar gajraula. UP North Dispensary 336 ESI Dispensary,Kiran colony 505 kamala quartor(first floor) near Bhatia mode G.T. Road UP North Dispensary 337 ESI Dispensary, Mohannagar Near Gate of Mohan Meakins bhavan, Ghaziabad UP North Dispensary 338 ESI Dispensary, pasonda,Near rajendranagar police chauki Sahibabad Ghaziabad UP North Dispensary 339 ESI Dispensary,Rajnagar,Sector-7/182 rajnagar Ghaziabad UP North Dispensary 340 ESI Dispensary, C-64-A, Surya Nagar, Ghaziabad(at present in sahibabad hospital) UP North Dispensary 341 ESI Dispensary, Futhawa SardarNRgar, Gorakhpur UP North Dispensary 342 ESI Dispensary, Near Jubli talkies, Distt Hospital Bhavan, Gorakhpur UP North Dispensary 343 ESI Dispensary, Mahavir Jute Mills, Sahjanwa, Gorakhpur UP North Dispensary 344 ESI Dispensary, Kila Station, Near Mall Godam, Medu gate, hathras UP North Dispensary 345 ESI Dispensary, Hapur modinagar mode meerut road Hapur UP North Dispensary 346 ESI Dispensary, civil lines near allieed talkies Jhansi UP UP North Dispensary 347 ESI Dispensary, Block No.21, Benajhabar, Kanpur UP North Dispensary 348 ESI Dispensary,Chaubeypur Kanpur nagar kanpur UP North Dispensary 349 ESI Dispensary, Dalelpurva, nai Sadak, kanpur UP North Dispensary Page20of 531 350 ESI Dispensary, Alopathic Near Govind Nagr Police Station, Govind nagar, kanpur UP North Dispensary 351 352 ESI Dispensary-Homeopathic, Near Govind Nagr Police Station, Govind nagar, kanpur ESI Dispensary, Jajmau, JK Colony, Kanpur UP UP North North Dispensary Dispensary 353 ESI Dispensary, Baradevi Crossing, Vinobanagar, Juhi,-2 kanpur UP North Dispensary 354 ESI Dispensary, Gwaltoli/Khlasi Line, 10/477, Khalasi Line, Kanpur UP North Dispensary 355 ESI Dispensary, nawabganj, 14/5, Visnupur, Near labour Colony, kanpur UP North Dispensary 356 ESI Dispensary, Raipurva Achrya nagar, NearSangeet Talkies,kanpur UP North Dispensary 357 ESI Dispensary,Raniya Kanpur Dehat kanpur(near Allhabad Bank) UP North Dispensary 358 ESI Dispensary, Ayurvedic, Near mariampur Hosp, Kanpur UP North Dispensary 359 ESI Dispensary-Alopathic, Near mariampur Hospital UP North Dispensary 360 Mobile-A, Aishbagh, Attached with Aishbagh Hosp., Lucknow UP North Dispensary 361 Dispensary, GolaGanj 37-pryag narayn road,Lucknow UP North Dispensary 362 363 529-E/90, Indraprasth Nagar, Mahanagar, Lucknow Aishbagh,94-A Malviya nagar, Lucknow UP UP North North Dispensary Dispensary 364 Esi hospital Premisses Dispensory Sarojini nagar,Lucknow UP North Dispensary 365 129, Anand-1 colony, in front of Anand-1 public school, Mathura UP North Dispensary 366 ESI Dispensary, Mainpuri radharaman road bhagavat Chauraha Mainpuri UP North Dispensary 367 ESI Dispensary, Shantinagar, rly. Road, Thapa nagar near rohta bus stand,Meerut UP North Dispensary 368 ESI Dispensary, Meerut Ind. Area, Nr. SBI, Partapur, Meerut UP North Dispensary 369 ESI Dispensary, Mirzapur T.B. Hospital premisses Mirzapur UP North Dispensary 370 New address :- ESIC Disp. Govindpuri Modinagar , ESIC Hospital Campus Modinagar) UP North Dispensary 371 ESI Dispensary,Oil Mill gate,Modinagar (at present in Modinagar hospital) UP North Dispensary 372 ESI Dispensary,muzzaffarnagar sazadu Chungi near Navyug market MuzzaffarNagar UP North Dispensary Page21of 531 373 374 375 376 377 Plot No.41,knowledge park-1,NIMT Hospital, Near Pari Chowk,Greater Noida,Pin Code-201310 D-26,Hoisery conplex,Phase-2,Noida201305 ESI Dispensary, Sec-12, Noida ESI Dispensary, Sec-57, Noida GGIC Police line Chauraha Raebarely UP UP UP UP UP North North North North North Dispensary Dispensary Dispensary Dispensary Dispensary 378 ESI Dispensary, Quila Area, ESI Annex BLDG, Rampur UP North Dispensary 379 ESI Dispensary, Birla Market Renukoot Sonbhadra UP North Dispensary 380 ESI Dispensary, KCI Renukoot kanauria Chemical Residensal Building Renukoot UP North Dispensary 381 382 ESI Dispensary, Bahadurganj Shahganj, Sahajahanpur industrial Area Sandeela UP UP North North Dispensary Dispensary 383 ESI Dispensary,Nehru market, Saharanpur (Presently in ESI Hospital Pemisses) UP North Dispensary 384 ESI Dispensary, Civil Lines,Panjab national bank compound,civil lines Saharanpur UP North Dispensary 385 386 ESI Dispensary,RNM Hospital Campus Station Road, Shikohabad District Hospital, Campus Sitapur UP UP North North Dispensary Dispensary 387 388 CFC Building industrial area jagdishpur Sultanpur ESI Dispensary,District hospital, Unnao UP UP North North Dispensary Dispensary 389 ESI Dispensary,Ravindrapuri Colony,Lane No.10 Bhelupur Varanasi UP North Dispensary 390 ESI Dispensary,Town Hall,Dulhin Ji road Varanasi UP North Dispensary 391 ESI Dispensary,Chandauli DulhiPur Sahupuri dist Varansi UP North Dispensary 392 393 ESI Dispensary,Sasni Champabagh Sasni Aligarh ESI Dispensary, Mamfordganj Allahabad UP UP North North Dispensary Dispensary 394 395 ESI Dispensary,Sasni Gate ESI Hospital Campus Sasni Gate Aligarh ESI Dispensary, Bhadohi Gudpi Patti Badohi UP UP North North Dispensary Dispensary 396 ESI Dispensary,Farukhabad 4/30 adatiyan muhalla Farukhabad UP UP North Dispensary 397 ESI Dispensary, Chaudagara Bindaki Road Chaudagara Fathehpur UP North Dispensary 398 ESI Dispensary, Jindal nagar Village-Galand,opp ajanta Factory Jindal nagar, Ghaziabad UP North Dispensary 399 ESI Dispensary, Block No-51, Labour Colony, Side no-1, Babupurva, kanpur UP North Dispensary Page22of 531 400 ESI Dispensary, Bardahiya Bazar khalilabad sant kabir nagar UP North Dispensary 401 ESI Dispensary, F-41, Shanti nagar, Nr. Allahabad Rly. Crossing, Mirpur,kanpur UP North Dispensary 402 ESI Dispensary, Panki Powrhouse, Gate No-2, Panki,Kanpur UP North Dispensary 403 ESI Dispensary, Ayurvedic, Pandu Nagar, atatched with Pandunagar Hosp, Kanpur UP North Dispensary 404 ESI Dispensary, 58/36, Berhana Road, Patkapur, Kanpur UP North Dispensary 405 ESI Dispensary, 104-A-1, Rambagh, Brhamnagar,kanpur UP North Dispensary 406 407 ESI Dispensary, Old LIC Bhavan, Maunath Bhanjan, ESI Dispensary, Mahbullaganj, Moradabad UP UP North North Dispensary Dispensary 408 ESI Dispensary, 2/94, Amha Mandal, nr. Praksh talkies, lahuravir, Varanasi UP North Dispensary 409 410 ESI Dispensary, Industrial Area,Mandua Dieh,Mahmoor Ganj Varanasi ESI Hospital pandunagar,KANPUR UP UP North North Dispensary Hospital 411 ESI CMO Office Under ESI Hospital Sarojini Nagar Lucknow UP North CMO 412 413 414 ESI Dispensary chinhat c/o sanjay Kumar Srivastava 635/838 Brij Mohanpuri Colony near Aryan Academy, Kanchanpur Matiyari Chinhat Lucknow ESI Hospital halwai ka bagicha AGRA ALLAHABAD ESI Hospita naini ALLAHABAD UP UP UP North North North Dispensary Hospital Hospital 415 416 ALIGARH ESI Hospital SASNIGATE Agra Road, ALIGARH ESI Hospital Rampur Road Bareilly UP UP North North Hospital Hospital 417 SAHIBABAD,ESI Hospital Near aradhana takies SAHIBABAD UP North Hospital 418 419 AZADNAGAR ESI Hospital Azadnagar KANPUR ESIC Hospital JAJMAU, KANPUR UP UP North North Hospital Hospital 420 KIDWAINAGAR ESI Hospital Kidwai nagar KANPUR UP North Hospital 421 SARVODAYA NAGAR ESI Hospital Sarvodaya Nagar KANPUR UP North Hospital 422 LUCKNOW ESI Hospital Sarojani nagar near purani chungi LUCKNOW UP North Hospital 423 424 425 ESI Hospital Modinagarnear raj chaupala G.T. Road, Modinagar NOIDA, ESI Hospital, Sector-24, Noida. Renukoot ESI Hospital Pipari Renukoot UP UP UP North North North Hospital Hospital Hospital Page23of 531 426 ESI Hospital Saharanpur sharda nagar saharanpur UP North Hospital 427 ESI Hospital Varansi, ESI Hospital Complex, pandeypur, Varansi UP North Hospital 428 ESI Corporation,Panchdeep Bhawan, Sarvodaya Nagar, Kanpur-208005 UP North RO 429 ESI Dispensary, Shastri nagar, 197, Near Housing Inspector Off, Shastri nagar, kanpur UP North Dispensary 430 Labour Medical Services, ESI Scheme, ESI General Hospital, Sarvodya Nagar, Kanpur UP North SD 431 ESI Dispensary, Homeopathic, Pandu Nagar, atatched with Pandunagar Hosp, Kanpur UP North Dispensary 432 Sub Regional Office A 11, Sector J, Aliganj, Lucknow UP North SRO 433 Sub Regional office ESI Corporation, C22/12,Sector-57, NOIDA UP North SRO 434 SRO,Varansi, Ist Floor, ESI Hospital Complex, pandeypur, Varansi UP North SRO 435 Gopal Niwas, 8, Vasundhara Kunj, (R.O. Khadi Bhawan ki Samne), G.M.S Road post kanvali, Dehradun Uttaranchal North BO 436 Quarter No.1-2, opp. Khel Bhawan, Sector-2, BHEL, Ranipur, Haridwar Uttaranchal North BO 437 New Address :- Nagar Palika, Bhawan No. 255/43, Kashipur City, Muradabad Road, Near Jaspur Stand, Opp. Richaria Hospital, Kashipur. Uttaranchal North BO 438 Sahani Building, Bareliey-Nanital Road, Opp PWD Guest House, lalkaun Uttaranchal North BO 439 U K Sadan, Engineers Enclave(Green Park), Ashraf Nagar, Near Seventh Day School, Delhi Road, Roorkee pin- 247667 Uttaranchal North BO 440 19, Kalyani Vieu, Shyam Talkes Road, Rudrapur Uttaranchal North BO 441 ESIC Branch office, Selaqui, Opposite Ballon Restaurant , NH-72, Chakrata Road, VillageHaripur, Selaqui -248197 Uttaranchal North BO 442 ESI Dispensary ,East Patelnagar,Near SGRR Medical College ,Dehradun Uttaranchal North Dispensary 443 Khubbannpur Choli, Near Gurukul University, Bhagwanpur, roorkee distt Haridwar Uttaranchal North Dispensary Page24of 531 444 Near S.M.J.M Degree College, ESI Dispensary,Ranipur Maud,Govindpur, Haridwar Uttaranchal North Dispensary 445 Roshanabad, Sec-5/B, Opp- Deep Ganga Appartment, Sidcul, Haridwar Uttaranchal North Dispensary 446 ESI Dispensary. H.No. 173 BSM Tiraha National Highway No.73 Rookee Nehru Nagar, GT Road, Rookee, Uttaranchal North Dispensary 447 Near Fire Station, Bazpur Road, Kashipur, Udhamsingh Nagar Uttaranchal North Dispensary 448 Near bus stop, Selaqui bazar, Selaqui, Dehradun Uttaranchal North Dispensary 449 Ward No2, Gandhi Nagar,LALKUAN(NAINITAL). Uttaranchal North Dispensary 450 451 452 Gandhi Eye Hospital, Hill Mount Kamal Back Road,MASOORI. 29/30, Ramje Road, Nainital 60, Shastri Nagar, Kale-Ke-Dhal, Rishikesh Uttaranchal Uttaranchal Uttaranchal North North North Dispensary Dispensary Dispensary 453 Awas Vikas Colony, Jagatpura, Rudrapur, U.S.Nagar Uttaranchal North Dispensary 454 Panchdeep Bhawan, Wing No.4, Shivpuri, Prem Nagar,Dehradun Uttaranchal North RO 455 Director Medical and health Services, 21/9, EC Road, Dehradun Uttaranchal North SD Page25of 531 Annexure 20 - ESIC Location Address with Site Code Sr. No. Address State Zone Location Type 1 BONGAIGAON, CHAPAGURI ROAD,NEAR R.N.B MOTORS,BONGAIGAON-783380 Assam East & Nort East BO 2 New Address:- Branch Manager, ESIC Corporation, Vevakanda Road, Tetultala, Dhubri, Assam Assam East & Nort East BO 3 GUWAHATI, BAMUNIMAIDAM,M.R.D.ROAD ,GUWAHATI781021 Assam East & Nort East BO 4 ESIC Branch Office , ADABARI TINIALI, NEAR PETROL PUMP, NEW BLDG, II FLOOR, GHY12; Assam East & Nort East BO 5 CHANDRAPUR, NARENGI,NATUN NAGAR, GUWAHATI-781026 Assam East & Nort East BO 6 NEW ADD:-JORHAT, NEHRU PARK,OPP. BISHNU YAGYA MANDIR,P.O,JORHAT785001/AT Road, Tarajan, Near NR Travels, Jorhat Assam East & Nort East BO 7 A R B Road, Khutikatia, Ward no. 19, PO: Khutikatia, Nagaon-782002 Assam East & Nort East BO 8 SILCHAR, DESHBANDHU ROAD,SILCHAR788005 Assam East & Nort East BO 9 TEZPUR, BISHNU RABHA PATH,KUMAR CHUBURI, KACHARIGAON, BISNURABHA PATH,TEZPUR-784001 Assam East & Nort East BO 10 ESIC Branch Office ,SUKANT PUKURI, MAKUM ROAD, OPPOSIT ASSAM GAS AGENCY, P.O: SUKANT PUKURI, TINSUKIA, ASSAM Assam East & Nort East BO 11 Uzanbazar, M. C. Road, Near Kamrup Academy School, P. O. Chenikuthi, Guwahati -03 Assam East & Nort East Dispensary 12 BONGAIGAON, P.O. DHALIGAON. Dist. BONGAIGAON Assam East & Nort East Dispensary 13 E.S.I.Dispensary, Dr.Zakir Hussain Road Ward No.9 (Near Bidyapara Jame Masjid) P.O. DHUBRI-783301,Name of Land Lord :Md. Maniruz Zaman Tel.No. 99540-66268 Assam East & Nort East Dispensary Page26of 531 14 Duliajan, Indian Bank Complex,Near Assam Gas Co..P.O.Duliajan,Dist: Dibrugarh Assam East & Nort East Dispensary 15 DIBRUGARH, P.O.C.R. BUILDING, MILANNAGAR. F.LANE. DIBRUGARH PIN786125 Assam East & Nort East Dispensary 16 New Address :- ESI Dispensary, NH-37 ( Newar Indian Oil Petrol Pump), P.O. : Numaligarh, PS : Bokhakhat, Dist : Golaghat Assam East & Nort East Dispensary 17 AMINGAON, P.O. AMINGAON. Ghy-31 Assam East & Nort East Dispensary 18 NOONMATI, Govt. PRESS ROAD, MADHUBAN HILL SIDE, P.O. BAMUNIMAIDAM.Ghy-21 Assam East & Nort East Dispensary 19 SECTOR-2, GUWAHATI REFFINARY. Ghy.20(esi dispensary,ghy-refinery ,sec3,noonmati,ghy-20) Assam East & Nort East Dispensary 20 NEW ADDRESS: ESI Disp Dispur, c/o- Smt Devajani Borgohain (Land Lady), 8 Usha Nagar, Super Market, Ghy-06 Assam East & Nort East Dispensary 21 1st first flood, ESI Kalapahar Dispensary, Guwahati-781016 Assam 22 JALUKBARI, P.O. DHARAPUR. Ghy-33 Assam East & Nort East East & Nort East 23 Khanapara,G.S.Road,Eight Miles,Near Kali Mandir,P.O. Amerigog,Dist: Kamrup(M)Guwahati Assam East & Nort East Dispensary 24 LOKHRA, NEAR BORA GAON L.P. SCHOOL , P.O. GARCHUK. Ghy-33 (New Address=Pachim Boragoan,Gandhi Para, House No.2, Near L.P.School, P.O. Garchuk,Dist. Kamrup, Pin-781 035) Assam East & Nort East Dispensary 25 ESI DISPENSARY NARENGI OPPOSITE PUBLIC HEALTH OFFICE PATHAR QUARI GUWAHATI Assam East & Nort East Dispensary 26 ESIC Dispensary, Nehru Park, Near Janam Boomi, Jorhat - 785001 Assam 27 ESIS Disp NIZARAPAR, Jagiroad Assam East & Nort East East & Nort East 28 NAWGAON, P.O. HABARGAON. LAKHINAGAR Dist. NAWGAON Assam East & Nort East Dispensary Dispensary Dispensary Dispensary Dispensary Page27of 531 29 TEZPUR, USHANAGAR. P.O. TEZPUR. Dist. SONITPUR Assam East & Nort East Dispensary 30 DIGBOI, DIGBOI TINIALI. P.O. DIGBOI Dist. TINSUKIA Assam East & Nort East Dispensary 31 DOOMDOMA, P.O. RUPAI. DOOMDOMA Dist. TINSUKIA(New Address=esi dispensary,joypur(doomdoma),distt. Tinsukia,po doomduma,ganga dhar choudhury road ,doomdoma-786151) Assam East & Nort East Dispensary 32 ESIC DispensaryMAKUM, P.O. MAKUM. Dist. TINSUKIA Assam East & Nort East Dispensary 33 MARGHERITA, P.O. MARGHERITA. CHEGUNBARI TINALI . Dist. TINSUKIA Assam East & Nort East Dispensary 34 Addl. E.S.I. DISPENSARY TSK, P.O. SUKANPUKHURI, PARBOTIYA Dist> TINSUKIA Assam East & Nort East Dispensary 35 BORDOLOI NAGAR, TINSUKIA786125\TINSUKIA, P.O. TINSUKIA Dist. TINSUKIA PIN. 786125 Assam East & Nort East Dispensary Hospital 36 ESIC Hospital,Jayanagar,Beltola,Guwahati Assam East & Nort East 37 REGIONAL OFFICE,N. E. REGION , ESI CORPORATION, REGIONAL OFFICE, MRD ROAD, H/ NO. 16, BAMUNIMAIDAN, GUWAHATI-781021 Assam East & Nort East RO 38 Office of the Administrative Medical Officer, ESI Scheme , House No.-185, Bagarbari, Panjabari, Guwahati-78103 Assam East & Nort East SD 39 Numaligarh BO, Vill.No.-1, Pongka Grant, Telgaram, PO- Kanaighat, Dist- Golaghat, Assam.- 785699. Assam East & Nort East BO 40 Harpur, Tilrath North Saint Williams Academy School District - Begusarai851122 Bihar East & Nort East BO 41 Kajiwali Chowk, Bhagalpurnear yateem khana bhagalpur city, post office-812002 Bihar East & Nort East BO 42 ESIC Branch OfficeAziz Ghat St Road Khand More Biharsharif 1st Floor,Sagar Suman Palace,Khandak Mor(Station Rd.),Bihar Sharif, Nalnda) Bihar East & Nort East BO 43 sinha homeopathic meduical college bakarganj lahariya sarai Bihar East & Nort East BO Page28of 531 44 Near Dumraon Station , Block Office Road,Dumraon Bihar East & Nort East BO 45 H/O Shri Deo Narayan Singh, Near Kurji Pool , Digha, Patna-10 Bihar East & Nort East BO 46 H/o Late M.M Singh, Durga Ashthan Tutwari, Gaya Bihar 47 Anwarpure, station Road Hajipur Bihar 48 Argara Chowk , Katihar Bihar East & Nort East East & Nort East East & Nort East 49 Gurudeo Tola Mokama(esi branch office,Gurudev Tola near bharat began eng. Works, Mokama(they shifted just right road to left road)parshuram asthan ward number 1 Bihar East & Nort East BO 50 Behind S.B.I. Bhagwanpur Chowk Muzaffarpur/Power House, Madipur,Muzaffarpur. Bihar East & Nort East BO 51 Topkhana Bazar, Munger(Konark Sinema Sastri Nagar Gali No 01 Near Utsav Bhawan,Munger( Bihar East & Nort East BO BO BO BO 52 Panchdeep Bhawan, J.L.Nehru Marg ,Patna Bihar 53 Morcha Road,Patna City Bihar East & Nort East East & Nort East 54 ESI Dispensary Building Banjari Rohtas Bihar East & Nort East BO 55 H/O Shri R.N. Singh, Advocate Near K.E. Girls School Samastipur Bihar East & Nort East BO 56 IMO In-Charge ,Mogal Kuan, Opp. Water Tank, Biharsharif(ESI Dispensary, Biharsharif, Moghul Kuan, P.O. Sohsarai, Distt Nalanda 803118 ) Bihar East & Nort East Dispensary 57 IMO In-Charge ,Argara Chowk,Daheria Road, Katihar Bihar East & Nort East Dispensary 58 IMO In-Charge ,Talpatra Road, Budh Marg, Near Ashok inema Patna-1 Bihar 59 IMO In-Charge ,Banjari, Rohtas Bihar East & Nort East East & Nort East BO BO Dispensary Dispensary Page29of 531 60 IMO In-Charge ,Muktapur, Campus Shram Kalyan Kendra, Samastipur(New address=ESI Dispensary, Samastipur, Vill & PO Muktapur, PS-O P Mathurapur Bazaar Samiti, Kalyanpur, Distt Samastipur ) Bihar East & Nort East Dispensary 61 IMO In-Charge ,C/O Smt Nani Devi,Gurumani Sadan,NTPC Road, Ganga Nagar,Kahalgaon, Bhagalpur Bihar East & Nort East Dispensary 62 IMO In-Charge ,Ma Medica,Lahari Tola, Bhagalpur Bihar East & Nort East Dispensary 63 IMO In-Charge ,New Area, Piparpati, Gaya Bihar East & Nort East Dispensary 64 IMO In-Charge ,Kalambagh Chowk,Muzaffarpur Bihar East & Nort East Dispensary 65 IMO In-Charge , Shouji Ghat,Near fort, Munger Bihar East & Nort East Dispensary 66 ESI Dispensary, Mahabir Nagar, Main Road, Bihta, Patna. Bihar East & Nort East Dispensary 67 ESI Dispensary, Bata Ganj, Digha,Nasariganj Patna. Bihar East & Nort East Dispensary 68 ESI Dispensary, Bata Factory Campus, Hatidah,Mokameh. Patna. Bihar East & Nort East Dispensary 69 IMO In-Charge ,Ashok Nagar, Road No 7, Kankarbagh, Patna-800020. Bihar East & Nort East Dispensary 70 IMO In-Charge , Balupur, Patliputra, Patna Bihar East & Nort East Dispensary Bihar East & Nort East Dispensary Dispensary 71 IMO In-Charge , Phulwarisharif, Patna 72 IMO In-Charge ,Ranipur Khirki, Near Nath Cold storage, Patna city, Patna/ESI Dispensary, In front of Raj Cold Storage, Jallagali, Ranipur, Patna. Bihar East & Nort East 73 C/O Sh. Anil tiwari, Maharan pratap colony, station road,hajipur,vaishali Bihar East & Nort East Dispensary 74 Medical Superintendent, E.S.I. Hospital, Phulwarisharif, Patna. Bihar East & Nort East Hospital 75 Regional Office, Panchdeep Bhawan, J L Nehru Marg, Patna Bihar East & Nort East RO Page30of 531 76 ESIC SD Office, Room no-337, Esic,medical services, Employees state insurance scheme, Vikash Bhawan, New secretariat. Patna-800001. Bihar East & Nort East SD 77 Type- III, Quarter No. 202, TTS, Contractors Colony, NTPC Campus, KAHALGAON, PIN813214 Bihar East & Nort East BO 78 6/4,Priyedarshani Parishar,Opp.Bajaj Showroom,G.E. Road,Supela,Bhilai, Distt. urg (CG) Chhattisgarh 79 Shiv Chowk Vidya Nagar Bilaspur Chhattisgarh East & Nort East East & Nort East 80 Near SBI, BALCO Township, KorbaNew Address=ESIC Branch Office First Floor Vikash Bhawan Old Bus Stand Korba) Chhattisgarh East & Nort East BO 81 Near Kelo Brigde ,Chakradhar Nagar Raod ,Raigarh(New Address=Branch Office, E.S.I. Corporation, Plot No. 286, First Floor, Near water tank, Chakradhar Nager Uttar Raigarh ) Chhattisgarh East & Nort East BO 82 23, College Road, Choubey Colony, Raipur (CG) Chhattisgarh East & Nort East BO 83 96, Vardhman Nagar G E Road Opp. Utsav Hotel Rajnandgoan(CG) Chhattisgarh East & Nort East BO 84 Insurance Medical Officer, I/c E.S.I. Services, Patrapali, In front ofJindalElectric Power Limited., Patrapali, Jindal road, Raigarh, Chhattisgarh East & Nort East Dispensary 85 Insurance Medical Officer, I/c E.S.I. Services Taraimal, Near Nalwa factory, Jashpur road, Taraimal, Raigarh Chhattisgarh East & Nort East Dispensary 86 Insurance Medical Officer I/CE.S.I. Services Tedesara, Rajnandgaon Chhattisgarh East & Nort East Dispensary 87 Gandhi Chouk, Hathkhoj, Bhilai Distt. Durg (CG) Chhattisgarh East & Nort East Dispensary 88 ESIC Dispensary, Khursipar Zone2, OPP BSP Health Centre, Bhilai Chhattisgarh East & Nort East Dispensary Chhattisgarh East & Nort East Dispensary Chhattisgarh East & Nort East Dispensary Chhattisgarh East & Nort East Dispensary Opp. Bhilai Nursing Home, Sirsa Road, Supela, Bhilai, Distt. Durg 89 90 Kumhar Para Talapara Road Jarhabhata Bilaspur 91 Near Avtar Agency, Barpali Chowk, Station Road Champa, Chattisgarh BO BO Page31of 531 92 Opp.Housing Board Colony,M.G.Road, Kumhari Distt.Durg (CG) Chhattisgarh East & Nort East Dispensary 93 ESIC Dispensary. Opp. Surabhi Restaurent, Near SBI bank, Balco, Dist korba Chhattisgarh East & Nort East Dispensary 94 rainbasera building 1 floor Old Busstand, Korba Chhattisgarh East & Nort East Dispensary Chhattisgarh East & Nort East Dispensary 96 ESI Dispensary, House of Shri Raghunath Patel, Near patel Bhawan, Krishna Chouk, Ward No.15, Mandir Hasud, Teh:Arang. Dist Raipur Chhattisgarh East & Nort East Dispensary 97 18- South Avenue, Choubey Colony, Raipur (CG) Chhattisgarh East & Nort East Dispensary 98 Jetwa Building, Opp. State Bank,Above Kamra Medical, Bilaspur road Fafadi, Raipur (CG) Chhattisgarh East & Nort East Dispensary 99 Kabeer Chowk, Mohar Jutemill Road, Raigarh Chhattisgarh East & Nort East Dispensary 100 New Address: IMO I/c, Esi Dispensary, Purana jila Hospital, Jamatpura Rajnandgaon, Chhattisgarh East & Nort East Dispensary 101 House no- H.D.D-2, 76 Housing Bord colony. Kabeer Nagar, Phase-3, Raipur-492001 Chhattisgarh East & Nort East Dispensary 102 New Address : ESIC Regional Office, Jagahnath Chowk, Kota Ram Nagar, Near Deepa Dairy, Kota Raipur Road, Raipur Chhattisgarh East & Nort East RO 103 ESI Dispensary, House of Doman Prasad Joshi, Near Railway Station chouck, Baikunth, Tilda, Dist: Raipur Chhattisgarh East & Nort East Dispensary 104 ESI Dispensary,House of Prem Chandra Mishra, Village/Po: Rasmara, Dist:Durg Chhattisgarh East & Nort East Dispensary 105 ESI Dispensary, House of Smt. Devendrajeet Kaur, Bastar Road, Dhamtari, Teh: Dhamtari, Dist: Dhamtari Chhattisgarh East & Nort East Dispensary 106 D-290/5 Taigore Nagar Raipur (CG) Chhattisgarh East & Nort East SD B-43 to 46, Madhav Raw Sapre Sagar,Advani Colony, Opp. Beenu Petrol Pump, Beergaon, Raipur (CG) 95 Page32of 531 107 BO ESIC Bokaro 1st floor, Rajlaxmi tower, Above Honda Show room, By Pass road, Chas, Bokaro Pin Code: 827013 Jharkhand East & Nort East BO 108 Nehru Road,Laikadih, Post Chirkunda,Kumardhubi,DHANBAD. Jharkhand East & Nort East BO 109 ESIC BO Nirsachatty GT Road opposite SBI ATM, DHANBAD Jharkhand East & Nort East BO 110 Durga Mandir Road,Near Town Hall, Hirapur,DHANBAD Jharkhand East & Nort East BO 111 tikarmali ghot,Bilasi Town,“B” DEVGHAR (Gesidih). Jharkhand East & Nort East BO 112 H/O Sunita Burnwal, Wife of Dr. Ramratan Barnwal, Argha Ghat Road, Makatpur,Giridih Jharkhand East & Nort East BO 113 C/o Punam Singh, W/o Dr. K.K. Singh, R.K.P. house, Nai Sarai, Opposite Essar Petrol Pump,Near By Kshatriya Dharmshala, Ramgarh, Jharkhand Jharkhand East & Nort East BO BO BO 114 39, Namda Basti,Golmuri,JAMSHEDPUR. Jharkhand East & Nort East 115 H/o Smt Sushma Devi, W/o Sri Amir Das1st flooorSamriddhvyasHouse number1782Beside jaiprakash udyanTata kandra main roadAdityapurDist- saraikela kharsawan Jharkhand East & Nort East 116 H/o Sh. Chhote Modi,Near Old Bus Stand,JHUMRI TILAIYA Jharkhand 117 Hazari Bagh Road, Kokar,RANCHI Jharkhand East & Nort East East & Nort East 118 Medical Officer Incharge, ESI Dispensary,704,Bari , Co-Operative colony, P.O-Sivandih, Bokaro-827010 Jharkhand East & Nort East Dispensary 119 NEW ADDRESS: Smt. Amod Bala Pandit, W/O Sri Punu Pandit,Kundu Bangla,Ward no.-07, Plot no-272,Madhupur, , P.O.Madhupur,Distt. Deoghar,PIN-815353 Jharkhand East & Nort East Dispensary 120 NEW ADDRESS: Smt. Niwedita Jayaswal,C/O-Sri Shivnarayan Jayaswal, Anand Bhawan, Kajaria colony, PODeoghar,PIN-814142 Jharkhand East & Nort East Dispensary BO BO Page33of 531 121 M.I.Complex, Near VOLVO Showroom,N.H 32,Millat Nagar, P.O -K.G.Ashram, PS Gobindpur, Dist.- Dhanbad 122 Medical Officer Incharge, ESI Dispensary, opp Sakti Mandir , Jora Phatak Road , Dhanbad - 826001 Jharkhand East & Nort East Dispensary Jharkhand East & Nort East Dispensary 123 Sri Naresh Prasad Jaiswal, HOTEL SUMAN Building, G. T. Road, Kumardhubi, P.O.Kumardhubi, P. S.- Chirkunda, Distt.Dhanbad-828203 Jharkhand East & Nort East Dispensary 124 NIRSACHATTY & THAPAR NAGAR Medical Officer Incharge. ESI Dispensary, Sindri colony, Nirsa, Dhanbad-828205 (Old address=ESI Dispensary,Sirsa Jamtara Road Sindari more Road Dhanbad. ) Jharkhand East & Nort East Dispensary 125 NEW ADDRESS: Sri Indrojit Mukherji, Shanti Bhawan Road, Makatpur Near S.B.I.,Overseas Bank & Sadar Hospital, P.O.Makatpur, Giridih-815301 Jharkhand East & Nort East Dispensary 126 Sri Ramsevak Malakar,Kalyani complex,Thana chowk(28),Ramgarh cantt.,PS&Distt.- Ramgarh-829122 Jharkhand East & Nort East Dispensary Jharkhand East & Nort East Dispensary Jharkhand East & Nort East Dispensary Jharkhand East & Nort East Dispensary Jharkhand East & Nort East Dispensary IMO Incharge, ESI dispensary,Adityapur near pan dukan MP tower, Adityapur, Jamshedpur-831013(New Address=Medical Officer Incharge, ESI Dispensary, Adityapur S-1/1,Jamshedpur-831013 ) 127 128 Medical Officer Incharge, ESI Dispensary, Mahto Para Road , Jugsalai , Jamsedhpur – 831006 129 SAKCHI Medical Officer Incharge. ESI Dispensary,Thakurbari Road, Old DRDA Bhawan, Sakchi, Jamshedpur-831001 130 Near Block Colony,Gamharia,PSAdiyyapur,Distt.-Saraikela-Kharsawan(Land Lord-SRI Ganesh Mahto-mo. no.9431381887) Page34of 531 131 Medical Officer Incharge, ESI Dispensary, Jhumri Talaiya ( Near old bus stand ) Kodarma - 825409 Jharkhand East & Nort East Dispensary 132 MAANGO Medical Officer Incharge. ESI Dispensary,Road No.4, Jawahar Nagar,Maango-831012 Jharkhand East & Nort East Dispensary 133 Medical Officer Incharge, ESI Dispensary, HEC, Sector-4 , Dhurwa, Ranchi - 834003 Jharkhand East & Nort East Dispensary 134 Medical Officer Incharge ESI Dispensary, Kokar, (ESI Model Hospital Campus, Namkum)Ranchi-834010 KOKAR Jharkhand East & Nort East Dispensary 135 TATI SILWAY Medical Officer Incharge. ESI Dispensary,Hari Nagar , Ranchi-845103 Jharkhand East & Nort East Dispensary 136 TUPU DANA Medical Officer Incharge. ESI DispensaryTupu Dana, Ranchi- 334003 Jharkhand East & Nort East Dispensary 137 Maithan,Medical Superintendent, ESI, Hospital,Maithan,Dhanbad-828207 Jharkhand East & Nort East Hospital 138 Adityapur, Medical Superintendent, ESI, Hospital, Saldih, Adityapur, Saraikela, Kharsawan-831013 Jharkhand East & Nort East Hospital 139 Namkum,Medical Superintendent, ESI, Hospital,Namkum,Ranchi-834010 Jharkhand East & Nort East Hospital 140 New Address :- Regional Office, Employees' State Insurance Corporation, ESIC Model Hospital Campus, Namkum, Ranchi- 834010 Jharkhand East & Nort East RO 141 Directorate of ESI (MB) Scheme , Nepal House , Ranchi - 834002 Jharkhand East & Nort East SD 142 BYRNIHAT, BRANCH OFFICE, ESI CORPORATION, AMIJOK ROAD, DIST-RIBHOI, ABOVE UBI BYRNIHAT Meghalaya East & Nort East BO 143 New Address : Lower Lachumiere, near Office of the Khadi Industries next to Old Meghalaya Guardian Press, Shillong-793001 Meghalaya East & Nort East BO 144 BYRNIHAT, EPIP, BYRNIHAT. ( Imp systerm )(New Address=Rajabagan Road, Near Star Cement, BYRNIHAT ) Meghalaya East & Nort East Dispensary 145 146 SHILLONG,LOWER LACHU MIERE, SHILLONG – 793001. Lower Lachumieri,Shillong Meghalaya Meghalaya East & Nort East East & Nort Dispensary SD Page35of 531 East 147 Opp. Orient Paper Mill-- Amlai (Shahdol) M.P.,ESIC Branch Office MP East & Nort East BO 148 ESIC Complex Sonagiri Bhopal,ESIC Branch Office MP East & Nort East BO 149 Panchadeep Bhawan New Subhash Nagar Bhopal,ESIC Branch Office MP East & Nort East BO 150 ESIC Bhavan Labor Colony Lal Bagh Burhanpur,ESIC Branch Office MP East & Nort East BO 151 BO,Kalani Bagh, A B Road Dewas,ESIC Branch Office MP East & Nort East BO 152 Pradhikaran Market, Ujjain Road Dewas,ESIC Branch Office MP East & Nort East BO 153 Near Krisha Mandir, Falke Sab ka Bada, Falke Bazar,ESIC Branch Office MP East & Nort East BO 154 Mahesh Bhawan Baradari Chouhara Murar Gwalior,ESIC Branch Office( New Location=Kushwaha Kothi, Hariom Colony, 7 No. Chouraha, Murar, Gwalior) MP East & Nort East BO 155 BO,Marimata Chouhara-- Indore,ESIC Branch Office MP East & Nort East BO 156 BO,Opposite Christian Eminent School, Near Atal Dwar, Nehru Nagar-- Indore,ESIC Branch Office MP East & Nort East BO 157 BO,Mil Area, 15 Yashwant Niwas Road,Opp. Patel Motors-- Indore,ESIC Branch Office MP East & Nort East BO 158 BO,Poorbi Ghamapur, Kanch Ghar Colony-Jabalpur,ESIC Branch Office MP East & Nort East BO 159 A-38, Indira Nagar, Mandideep-462046 MP East & Nort East BO 160 Puja Housing Colony, Nai Abadi Mandsaur,ESIC Branch Office MP East & Nort East BO 161 New Address=Kansara Bhawan Nagarpalika Chauiraha AB road bamore near SBI Bank) MP East & Nort East BO 162 BO,Opposite Birla Gram Petrol Pump, Nagda M.P.,ESIC Branch Office MP East & Nort East BO 163 BO,2 Bhojpuri Colony, Sector 3-4, Nerma Road Pithampur,ESIC Branch Office MP East & Nort East BO 164 BO,Near Rajshree Hotel, Sector-1,Eicher Chouhara-- PithampurESIC Branch Office MP East & Nort East BO Page36of 531 165 ESIC Bhawan, Polo Ground Ratlam M.P.ESIC Branch Office MP East & Nort East BO 166 ,Birla Nagar-- Satna,ESIC Branch Office MP East & Nort East BO 167 Patel Nagar, Ankpath Road-- Ujjain M.P.,ESIC Branch Office MP East & Nort East BO 168 Central Inchage Office,ESI services,Nanadnagar Indore MP East & Nort East CMS 169 ESIC Dispensary indranagar next building of Center office MP East & Nort East Dispensary 170 Dy.Director Office,ESI Services,Kanch ghar, Jabalpur MP East & Nort East DO 171 Orient Paper Mill Area-- Amlai (Shahdol) M.P.ESIC Dispensary MP 172 BHEL Bhopal-ESIC Dispensary MP 173 Etwara Bhopal,ESIC Dispensary MP East & Nort East East & Nort East East & Nort East 174 ESIC Dispensary Malanpur,ESIC Dispensary MP East & Nort East Dispensary Dispensary Dispensary Dispensary 175 New Subhash Nagar Bhopal,ESIC Dispensary MP 176 Lal Bagh Burhanpur,ESIC Dispensary MP East & Nort East East & Nort East 177 Dispensary,Kalani Bagh, A B Road Dewas MP East & Nort East Dispensary 178 Shramik Basti, Balgarh,-- Dewas,ESIC Despensary MP East & Nort East Dispensary 179 Pradhikaran Market, Ujjain Road Dewas,ESIC Dispensary MP East & Nort East Dispensary 180 Birla Nagar No 1 Gwalior,ESIC Dispensary MP East & Nort East Dispensary 181 CH-21,Dindyal Nagar Gwalior,ESI Despensary(Old Name Birlanagar-2) MP East & Nort East Dispensary 182 Gola Ka mandir Gwalior,ESIC Dispensary MP East & Nort East Dispensary Dispensary Dispensary Dispensary 183 Jawahar Colony Gwalior,ESIC Dispensary MP East & Nort East 184 ESIC Dispensary Murar,ESIC Dispensary MP East & Nort East Dispensary 185 Phalke Bajar Gwalior,ESIC Dispensary MP East & Nort East Dispensary 186 Radhaswami, Anand Nagar, Chatawad Road- Indore,ESIC Dispensary MP East & Nort East Dispensary 187 Pardeshipura Community Hall, Damroo Ustad Ka Chauraha-- Indore,ESIC Dispensary MP East & Nort East Dispensary Page37of 531 188 Dispensary,Marimata Chouhara-Indore,ESIC Dispensary MP East & Nort East Dispensary 189 ESI Despensary Manglia Dugh Dairy Sangh Colony,Mangliya,Indore MP East & Nort East Dispensary 190 Dispensary,Opposite Christian Eminent School, Near Atal Dwar, Nehru Nagar-Indore,ESIC Dispensary MP East & Nort East Dispensary 191 Dispensary,Mil Area, 15 Yashwant Niwas Road,Opp. Patel Motors-- Indore,ESIC Dispensary MP East & Nort East Dispensary 192 Rajmohalla Main Road-- Indore,ESIC Dispensary MP East & Nort East Dispensary 193 Narmada Nagar, Raddi Chouki, Aadhartaal-Jabalpur,ESIC Dispensary MP East & Nort East Dispensary 194 Dispensary,Poorbi Ghamapur, Kanch Ghar Colony-- Jabalpur,ESIC Dispensary MP East & Nort East Dispensary 195 Opposite Erabat Complex, Near Housing Board Office, Hathi Taal-- Jabalpur ,ESIC Dispensary MP 196 31,shatalpuri ukhari road jabalpur MP East & Nort East East & Nort East 197 Guman Singh Thakur Ka Makan, Gaytri Nagar-- Katni,ESIC Dispensary MP East & Nort East Dispensary 198 Near Railway Station-- Niwar,ESIC Dispensary MP East & Nort East Dispensary 199 Indira Nagar Mandideep,ESIC Dispensary MP 200 Satlapur Mandideep,ESIC Dispensary MP East & Nort East East & Nort East 201 Gayatri Nagar, Bamore, Distt. Morena M.P.,ESIC Dispensary MP East & Nort East Dispensary 202 Dispensary,Opposite Birla Gram Petrol Pump, Nagda M.P.,ESIC Dispensary MP East & Nort East Dispensary 203 Nagda Mandi, Jawahar Marg-- Nagda,ESIC Dispensary MP East & Nort East Dispensary 204 dharamkunj colony,betma road shiv mandir, near garden kali billod , near pithampur sagor kutti choraha pithampur MP East & Nort East Dispensary 205 Dispensary,Near Rajshree Hotel, Sector-1 PithampurESIC Dispensary MP East & Nort East Dispensary 206 Jawahar Nagar-- Ratlam,ESIC Dispensary MP East & Nort East Dispensary Dispensary Dispensary Dispensary Dispensary Page38of 531 207 Hospital Campus,Polo Ground- Ratlam,ESIC Dispensary MP East & Nort East Dispensary 208 Dispensary,Birla Nagar-- Satna,ESIC Dispensary MP East & Nort East Dispensary 209 ESIC Dispensari Sagar,IMOI/C ESIC Servises 7 civil line near dubey auto servicing M.P. pin code no.47001,ESIC Dispensary MP East & Nort East Dispensary 210 Esic Hospital Campus, Ager Road-Ujjain,ESIC Dispensary MP 211 Desai Nagar Ujjain,ESIC Dispensary MP East & Nort East East & Nort East East & Nort East East & Nort East East & Nort East East & Nort East Dispensary Dispensary 212 ESIC General Hospital Sonagiri BHL Bhopal MP 213 Ujjain Road Dewas MP 214 ESIC Hospital Gwalior MP 215 T B Hospital, Nanda Nagar Indore MP 216 Adarsh Hospital, Tin Manjila Nanda Nagar Indore MP 217 Anexi Ward Mandsaur Hospital MP 218 ESIC Hospital Nagda MP 219 Esic Hospital Campus, Ager Road-Ujjain,ESIC Hospital MP 220 Regional Office Nanda Nagar Indore MP East & Nort East East & Nort East 221 Director of Medical Services Nanda Nagar Indore MP East & Nort East SD 222 New Address : ESIC Branch Office, New Building in DDRC building, District hospital Campus, Dimapur Nagaland East & Nort East BO 223 New Address : ESI Dispensary, New Building in DDRC building, District hospital Campus, Dimapur Nagaland East & Nort East Dispensary 224 Branch Manager, Branch Office,E.S.I. Corporation,House of B.B. Biswal,Banarpal, Dist: Angul. Pin-759128 Orissa East & Nort East BO 225 c/o- Mamata Satpathi, Satpathi Villa, Khajur Tikra, Near Balu tikra chowk, Bargarh, Odisha - 768028 Orissa East & Nort East BO East & Nort East East & Nort East East & Nort East Hospital Hospital Hospital Hospital Hospital Hospital Hospital Hospital RO Page39of 531 226 Branch Manager, Branch Office,E.S.I. Corporation,House of Dr. S.S. Acharya (First Floor),At: Ranipatna (Ranipatna Chak) Near Vetenary Office, BALASORE-756001 Orissa East & Nort East BO 227 Branch Manager, Branch Office,ESI Corporation,Plot No.A/22,Near Railway Level Crossing, BHUBANESWAR-751007. Orissa East & Nort East BO 228 Branch Office,E.S.I. Corporation, House of Sri Artarana Babu, Braja Bhumi,NH-224, Sudapada, Dist: BOLANGIR Orissa East & Nort East BO 229 Branch Manager, Branch Office, E.S.I. Corporation,ESIC Complex,PO: Charbatia (Choudwar) Dist: CUTTACK-754028 Orissa East & Nort East BO 230 Branch Manager, Branch Office,E.S.I. Corporation,TPM Area Campus,PO: Daulatabad, Choudwar, Dist: CUTTACK754028 Orissa East & Nort East BO 231 Branch Manager, Branch Office,E.S.I. Corporation,House of Sri N. Banerjee,Pithapur,Dist: CUTTACK-753001 Orissa East & Nort East BO 232 Branch Manager, Branch Office,E.S.I. Corporation,Kalyaninagar, Near Ganapati Temple,Rajendra Nagar, CUTTACK-753003 Orissa East & Nort East BO 233 Branch Manager, Branch Office,E.S.I. Corporation,House of Sri B.K. Pattnaik,Meena Bazar, Jagannath Road,Dist: DHENKANAL Pin-759001 Orissa East & Nort East BO 234 Branch Manager, Branch Office,E.S.I. Corporation,2nd Lane, Anant Nagar, BerhampurDist: GANJAM-760005 Orissa East & Nort East BO 235 Branch Manager, Branch Office,E.S.I. Corporation,Priya Complex,Chandikhol Chhak,PO: Sunguda, Dhanmandal, Dist: JAJPUR-754024 Orissa East & Nort East BO 236 Branch Manager, Branch Office,E.S.I. Corporation,Natapada, Jajpur Road,Dist: JAJPUR-755019 Orissa East & Nort East BO 237 Branch Manager, Branch Office,E.S.I. Corporation,At: Atharabanki, Qrs. No.BB/11,Paradeep Port Trust, Dist: JAGATSINGHPUR 754142 Orissa East & Nort East BO Page40of 531 238 NEW ADDRESS: Branch Office, ESI Corporation, Bombay Chowk. Jharsuguda.Pin-768203 239 Branch Manager, Branch Office,E.S.I. Corporation,At: Kalinga Nagar, Plot No.A/22,PO: Matkambeda, Barbil, Dist: KEONJHAR-758028. Orissa East & Nort East 240 Branch Manager, Branch Office,E.S.I. Corporation,House of Sri A.K. Pattnaik, Advocate, PO: Lane, Near Bus Stand, Dist: KHURDA-752055.(New Address=H/OSriKrupachandra Sahu,AT- Madhusudan Nagar (Near New Bus Stand & Behind Syndicate Bank,) PO: Pallahat, Dist: Khurda,PIN-752056. Orissa East & Nort East BO 241 NEW ADDRESS: Branch Office, E.S.I. Corporation,House of Sri T.C.Patro(1st. Floor),Sunari Street, Near Panchanan Temple,By-Pass Road,Jeypore,Dist:Koraput,Odisha-764001 Orissa East & Nort East BO 242 Branch Manager, Branch Office,E.S.I. Corporation,At: Atharnala, Sikhyarthi Lane, Puri. Pin-752002 Orissa East & Nort East BO 243 Branch Manager, Branch Office,E.S.I. Corporation,At/PO: J.K. Pur (Rayagada)Dist: RAYAGADA-675017 Orissa East & Nort East BO 244 ESIC Model Hospital Complex,jail road, Rourkela Orissa East & Nort East BO 245 Branch Manager, Branch Office,E.S.I. Corporation,At/PO: HirakudDist: SAMBALPUR-786016 Orissa East & Nort East BO 246 House Of Sri Sani Chabra & Sri Shashi singh Chabra, At-Brahmani Tarang, Po-Vedvyas, Ps-Brahmani Tarang, Rourkela, DistSundargarh(Odisha) Orissa East & Nort East BO 247 Branch Manager, Branch Office,E.S.I. Corporation,At/PO: Rajgangpur,Dist: SUNDERGARH- Orissa East & Nort East BO 248 Branch Manager, Branch Office,E.S.I. Corporation,E.S.I. Specialist Centre,Rourkela-4,Dist: SUNDERGARH769004 Orissa East & Nort East BO Orissa East & Nort East BO BO Page41of 531 249 Insurance Medical Officer I/CE.S.I. Dispensary, Meramundali, At/Post. Meramundali ( Near BSNL Telephone Exchange), Dist. Dhenkanal Orissa East & Nort East Dispensary 250 Medical Officer Incharge, E.S.I. Dispensary,Ganjaml,At/PO-Ganjam,Dist:Ganjam Orissa East & Nort East Dispensary 251 Medical Officer Incharge, E.S.I. Dispensary,Kalunga,At/PO-Kalunga,Dist:Sundargarh Orissa East & Nort East Dispensary 252 Medical Officer Incharge, E.S.I. Dispensary, Near Estate Office, Nalco Nagar, Dist:Angul Orissa East & Nort East Dispensary 253 Medical Officer Incharge, E.S.I. Dispensary, At/P.O. Remuna, Balagopalpur-756019, Dist: Balasore Orissa East & Nort East Dispensary 254 Medical Officer Incharge, E.S.I. Dispensary, At/P.O.: Bardol, Dist: Bargarh, Orissa East & Nort East Dispensary 255 Medical Officer Incharge, E.S.I. Dispensary, At/Kuruda Chhack, Dist : Balasore, Orissa East & Nort East Dispensary 256 New Address: Shri Subhashish Ghosh, S/o - Sh. Biswanath Ghosh, Satsang Colony, Angaragadia, Balasore Orissa East & Nort East Dispensary 257 Medical Officer Incharge, E.S.I. Dispensary, At/P.O.: Randiahat, Via/Dist: Bhadrak, Orissa East & Nort East Dispensary 258 Medical Officer Incharge, E.S.I. Dispensary, Sahid Nagar, Bhubaneswar-7, Orissa East & Nort East Dispensary 259 Medical Officer Incharge, E.S.I. Dispensary,At/P.O.: Sudapada, Dist: Bolangir, Orissa East & Nort East Dispensary 260 Medical Officer Incharge, E.S.I. Dispensary,Dhanamandal,At/POSanguda,Chandikhol,Dist:-Cuttack Orissa East & Nort East Dispensary 261 Medical Officer Incharge, E.S.I. Dispensary,Rajabagicha,At/PoJhanjirimangal,Dist:-Cuttack Orissa East & Nort East Dispensary 262 Medical Officer Incharge, E.S.I. Dispensary,Kapuria,At/PO-Kalyan Nagar,Dist:-Cuttack Pin-753013 Orissa East & Nort East Dispensary 263 Medical Officer Incharge, E.S.I. Dispensary, At: Tangi, P.O.Kotasahi, Cuttack, Orissa East & Nort East Dispensary Page42of 531 264 Medical Officer Incharge, E.S.I. Dispensary,Jagatpur,At/PONimpur(Jagatpur),Dist:-Cuttack Orissa East & Nort East Dispensary 265 Medical Officer Incharge, E.S.I. Dispensary,T P M, At/Po- TPM , PO-Daulatabad,Dist:Cuttack Orissa East & Nort East Dispensary 266 Medical Officer Incharge, E.S.I. Dispensary,Gobindapur,At/POGobindapur,Dist:-Dhenkanal Orissa East & Nort East Dispensary 267 Medical Officer Incharge,E.S.I. Dispensary, At/P.O.: Aska, Near Spinning Mill,Dist: Ganjam, Orissa East & Nort East Dispensary 268 Insurance Medical Officer I/CE.S.I. DispensaryDuburi, At/Post. Pankapal Bangala, P.O. Pankapal Sasan, Dist. Jajpur 75506) Orissa East & Nort East Dispensary 269 Medical Officer Incharge, E.S.I. Dispensary,Jajpur RD,At/PO-Ferrochrome project,Dist:-Jajpur Orissa East & Nort East Dispensary 270 Medical Officer Incharge, E.S.I. Dispensary,Paradeep,At/Po. Atharbanki Via: Paradeep Port Dist: Jagatsinghpur Orissa East & Nort East Dispensary 271 Medical Officer Incharge, E.S.I. Dispensary,Brajarajnagar, Dist: Jharsuguda. Orissa East & Nort East Dispensary 272 Medical Officer Incharge, E.S.I. Dispensary,At : Saerada Bhawan, Cooperative Colony, Kamapalli, Berhampur4, Ph : 2203220 Orissa East & Nort East Dispensary 273 Medical Officer Incharge, E.S.I. Dispensary,P.O.: Matkambeda, Barbil Dist: Keonjhar, Orissa East & Nort East Dispensary 274 Medical Officer Incharge, E.S.I. Dispensary, At/P..: Brahmanipal, Dist: Keonjhar, Orissa East & Nort East Dispensary 275 Medical Officer Incharge, E.S.I. Dispensary,Khurda,At/PO-P.N.College,Dist:Khurda Orissa East & Nort East Dispensary 276 Medical Officer Incharge, E.S.I. Dispensary,Jaipore,At-Nuasahi,POJaipore,Dist:-Koraput Orissa East & Nort East Dispensary 277 Medical Officer Incharge, E.S.I. Dispensary, At : Palbani (In front of Labour Office), P.O.:Baripada,Mayurbhanj, Orissa East & Nort East Dispensary Page43of 531 278 Medical Officer Incharge, E.S.I. Dispensary,Puri,At/PoKhakimothi,Nuasahi,Near Gundicha Temple,Dist:-Puri Pin;-75200 279 Medical Officer Incharge, E.S.I. Dispensary, CISF Colony, P.O. Bisra Chack, Rourkela, Sundergarh, Orissa East & Nort East Dispensary Orissa East & Nort East Dispensary 280 Medical Officer Incharge, E.S.I. Dispensary,FCI Colony ,At/PO-Uperbalijadi Rourkela-16 Sundergarh Orissa East & Nort East Dispensary 281 Medical Officer Incharge, E.S.I. Dispensary,Hirakud,At/PO-Hirakud,Dist:Sambalpur Orissa East & Nort East Dispensary 282 IMO Incharge At: IFtEBEL,ESI Disp.Dhcnkanal,P.O.-Station Road Orissa East & Nort East Dispensary 283 Medical Officer Incharge, E.S.I. Dispensary,Kansbahal,At/POKansbahal,Dist:-Sundargarh(L$T limited and colony) Orissa East & Nort East Dispensary 284 Medical Officer Incharge, E.S.I. Dispensary,Kuarmunda,At/PO-Block Road Kuarmunda Dist-Sundargarh Orissa East & Nort East Dispensary 285 Medical Officer Incharge, E.S.I. Dispensary,Rourkela-r,At/Po-Industrial Estate Pan Posh,Dist-Sundargarh Orissa East & Nort East Dispensary 286 Medical Officer Incharge, E.S.I. Dispensary,Rajgangpur,At/PoRajgangpur,Dist:-Sundargarh Orissa East & Nort East Dispensary 287 Medical Officer Incharge, E.S.I. Dispensary,Sambalpur,At/Po-Minsir Rd LIC, Near S Dankaram ChhakDist-Sundargarh Orissa East & Nort East Dispensary 288 Medical Officer Incharge, E.S.I. Dispensary,Sunaparbat, RourkelaAt/Po:IDL Chemical, Dist-Sundargarh Orissa East & Nort East Dispensary 289 Medical Superintendent, E.S.I. Hospital, Near Mayfair Lagoon, ChandraSekhar Pur, Bhubaneswar, Dist: Khurda,() Orissa East & Nort East Hospital 290 Jt.Director-Cum-Supdt.ESI Hosp. Choudwar,At/PO Charbati,Dist-Cuttack Pin754028 Orissa East & Nort East Hospital 291 Medical Superintendent, E.S.I. Hospital, At/PO: Jaykaypur, Dist: RAYGADA. Orissa East & Nort East Hospital Page44of 531 292 Medical Superintendent, E.S.I. Hospital,Near I.T.I. Industrial Estate, Jail Road, ROURKELA-4. 293 Medical Superintendent, E.S.I. Hospital,At/PO: Kansbahal, Dist: SUNDERGARH. Orissa East & Nort East Hospital Orissa East & Nort East Hospital 294 ESI Dispensary Damanjodi, I.M.O. I/C, At Saraswati Vihar, PO-Damanjodi-763008, Dist-Koraput, Orrisa Orissa East & Nort East Dispensary 295 ESI Dispensary Badmal, I.M.O. I/C, POBadmal, Dist-Jharsuguda, Orrisa Orissa East & Nort East Dispensary 296 ESI Dispensary Jharsuguda, I.M.O. I/C, POJharsuguda-768203, Dist-Jharsuguda, Orrisa Orissa East & Nort East Dispensary 297 Employees State Insurance Corporation, Regional Office, ODISHA, Panchdeep Bhawan, Janpath, Unit-IX,Bhubaneswar751022 Orissa East & Nort East RO 298 Directorate of ESI Scheme, Orissa,At/PO;Plot No. A/122,Nayapalli (Near Kalyanmandap,Unit-8), Bhubaneswar Orissa East & Nort East SD 299 House of Rajkumari Agarwalla, Plot No.513/3416, Village - Patharmunda, P.S. NTPC Township, Dist. Anugul (ODISHA) PIN – 759117 Orissa East & Nort East Dispensary 300 ESIC Br Office ,Gangtok c/o Mr. Palzor Lama, Palzor Stadium Road, ( Near Dew Pond) Upper Sichey, Gangtok (Sikkim) Pin :737101 Owner :- Mr. Palzor Lama, Mob. 9800000043, Fax-03592 202564. Sikkim East & Nort East BO 301 Rangpo ESIC Dispensary, C/o Shri Ganesh Sharma IBM , P.O. - Rangpo, East Sikkim Pin Code 737132 Sikkim East & Nort East Dispensary 302 Tadong ESIC Dispensary, C/o Ms Thinley Wangme,5th Mile, Tadong, Near Entel, P.O. - Tadong , Gangtok, East Sikkim Pin Code 737102 Sikkim East & Nort East Dispensary 303 New Address: ESIC BO AGARTALA. SHYAMALI BAZAR KUNJABAN. AGARTALA WEST TRIPURA. PIN 799006 Tripura East & Nort East BO Page45of 531 304 New Address: NEW ADD. ESIC DISPENSARY AGARTALA. SHYAMALI BAZAR KUNJABAN. AGARTALA WEST TRIPURA. PIN 799006 Tripura East & Nort East Dispensary 305 32, East Ghosh Para Road, 2nd Floor, Authpore, 24 Parganas (N), PIN – 743128 WB East & Nort East BO 306 181 BT Road, vivekanand apartment first floor kolkata WB East & Nort East BO 307 50/1, R.B.C. Road, 1st Floor, Naihati, 24 Parganas (N), PIN – 743165, Ph.- 2580 5503, Bhatpara WB East & Nort East BO 308 Birlapore Bazar, Post – Birlapore, 24-Pgs(S) ( Pay Offc ) WB East & Nort East BO 309 534, M.G.Rd, Budge Budge, 24-Pgs (S) WB East & Nort East BO 310 7/1, Desh Bandhu Chittaranjan Road, Budge Budge, S/Chitrigunge, 24-Pgs. (S) WB East & Nort East BO 311 23, East Ghosh Para Road, Authpore, 24 Parganas (N), PIN – 743128, Jagatdal WB East & Nort East BO 312 Ground Floor, 103/2/1, ANRnda Banerjee Road,Rathtala, KankiNRra, P.O.- Fingapara Dist- 24 PargaNRs North PIN-743129 WB East & Nort East BO 313 13/1, Desh Bandhu Chittaranjan Road Budge Budge, Kalipore, Kol. - 700 137. 24-Parganas (N) WB East & Nort East BO 314 B.T. Road, Nutan Bazar, Khardah, 24 Parganas (N), PIN – 700115 WB East & Nort East BO 315 70, Arabinda Road, Garifa, Naihati, 24 Parganas (N), PIN – 743165, Ph.- 2581 2632 WB East & Nort East BO 316 70, Arabinda Road, Hazinagar, Naihati, 24 Parganas (N), PIN – 743165, Ph.- 2502 1117 WB East & Nort East BO 317 2, Sanjib Chatterjee Road, Naihati, 24 Parganas (N),PIN – 743165 WB East & Nort East BO 318 53, Amrabati, Barasat Road, Sodepur, 24 Parganas (N), Panihati, PIN- 700110 WB East & Nort East BO 319 619, Ghosh Para Road, Shyamnagar, Dt. 24 Parganas(North) WB East & Nort East BO Page46of 531 320 24/19, S.N. Banerjee Road, 2nd Floor, Ward No. 20, Barrackpore, Titagarh, 24 Parganas (N), PIN – 700120/New Address:- 2nd Fl, 183,Old Calcutta Rd, P.O. Talpukur, 24PGS(N) 321 Juin Bithi , Burnpore Road , Asansol - 4 WB East & Nort East BO WB East & Nort East BO 322 “Mainak Apartment”. Gr. Floor, Nungi Stn Road., Chitrigunge, Post- Batanagar. WB East & Nort East BO 323 ESI Hospital , Bidhannagar Durgapur - 6 WB East & Nort East BO 324 Branch Office Kulti 'Jog Pharmacy' G T Road, Neatmatpur more, Dist: Burdwan WB East & Nort East BO 325 Manjushree Complex, Purba Medinapur, Haldia. WB East & Nort East BO 326 8, R.B. Avenue, Sarane Barane, Bhadreswar, Hooghly, Ward No.3, Baidyabati WB East & Nort East BO 327 ESI Bendal Hospital Complex, Bendal, Hooghly Bansberia WB East & Nort East BO 328 “Kalyani Bhawan”, Domjur Road, Post– Burikhali (W), Howrah, Bauria WB East & Nort East BO BO 329 28, G.T. Road, Belur Math, Howrah Liluah WB East & Nort East 330 Palika Bazar , Market Complex , 2nd Floor Hooghly , Chanadanagore WB East & Nort East BO 331 Makardah Road, Post – Dasnagore, (Near Sujata Cinema Hall) Dist. – Howrah WB East & Nort East BO 332 66,G.T. Road, 1st Floor, Konnagore, Hooghly. WB East & Nort East BO 333 Vill – Monoharpore, Post – Nalpur, Dist – Howrah, Burikhali WB East & Nort East BO 334 47, G.T. Road, Neemtala, Bally, Howrah – 711 202. WB East & Nort East BO 335 NEW ADDRESS: Sh. Gangadhar Mondal, (landlord) T.N. Mukherjee Road,South Subhash Pally Dankuni, Hooghly - 712311 WB East & Nort East BO 336 61, Arabinda Road, Salkia, Howrah. Ghusury WB East & Nort East BO 337 Sankrial Stn. Bazar, PS – Sankrial, Dist – Howrah, (Near 77 Bus Stand) WB East & Nort East BO Page47of 531 338 ESI Hospital Complex Serampore, Hooghly. WB East & Nort East 339 5/2, L.N. Chatterjee Road,Shibpur, HOWRAH-736172 WB East & Nort East BO 340 8, R.B. Avenue, Sarane Barane, Bhadreswar, Hooghly, Ward No.-3,Telenipara WB East & Nort East BO 341 Bhanga Ghat , Kalna Road , Tribeni , Hooghly 712503 WB East & Nort East BO 342 ESIC BO, Siliguri, Paribahan Nagar, Behind IOC Office, PO- Matigara, Siliguri. Disit: Darjeeling Pin-734010 WB East & Nort East BO 343 2nd Floor , UBI Building , Puratan Bazar Kharagpur 721301 WB East & Nort East BO 344 New Address :- Jeevan Tara Bldg.(Ground floor of LICI KMDO)Diamond Harbour Rd Taratola Kolkata -53 WB East & Nort East BO 345 195. R.B. Avenue, Ballygunge, Kolkata – 700 019 WB East & Nort East BO 346 ESIC Hospital Complex, Joka, D.H. Road, Behala WB East & Nort East BO 347 9, Nafar Koley Road, Beliaghata, Kolkata – 15 WB East & Nort East BO 348 118, Feeder Road, Belghoria, Kolkata. PIN – 700056, South Belgharia WB East & Nort East BO 349 South Belgharia BO, Flat No. 1 & J, Block-3 1st floor, FI2, Modhusudhan Banerjee RD, P.O.- Belghoria, Kol-56 WB East & Nort East BO 350 Barahanagar BO, 1st floor,181,B.T. Road, Kol-700108 WB East & Nort East BO 351 46/1, G.B.T. Road, Cossipore , Kolkata – 700 002. WB East & Nort East BO 352 1, K.B. Sarani (Manument Road), Dum Dum, Kolkata. PIN – 700028 WB East & Nort East BO 353 44/1, B.L. Ghosh Road, Kamarhati, Kolkata. PIN – 700057 WB East & Nort East BO 354 26, Dr. Sudhir Bose Road, Kidderpore, Kolkata – 700 023. WB East & Nort East BO 355 24, Bellilious Road, Howrah Maidan– 711 101. WB East & Nort East BO 356 P-4, Raja Raj Krishna St. Kolkata – 700 006 (N Kolkata) WB East & Nort East BO 357 P-4, Raja Raj Krishna St. Kolkata – 700 006 Traning Center WB East & Nort East BO Page48of 531 BO 358 P-4, Raja Raj Krishna St. Kolkata – 700 006 Vigilance WB East & Nort East BO 359 3A/3B, Maharani Sarnamoyee Road, Kol – 9, Besdie ESI Hosp Sealdah. WB East & Nort East BO 360 GB Block, Sector- III, ESI Hospital Staff Qtrs.Kol-97 Near 13 Nos.Tank,Kolkata700097 WB East & Nort East BO 361 P-7, Lake Road, Tollygunge, Kolkata – 700 029. WB East & Nort East BO 362 2nd Floor, Manglik Bhawan, 900, GT Road. Burdwan WB East & Nort East BO 363 A-1/5, Ground Floor, Kalyani, District- Nadia (West Bengal), PIN-741265 WB East & Nort East BO 364 Rishra BO, 36,G.T. Road, Rishra, Hoogly WB East & Nort East BO 365 Baidyabati South,1st Floor, 55/98, G.T. Road, Sheoraphully, Hooghly, West Bengal WB East & Nort East BO 366 East Changail,P.O. Sizberia,Village:Baikunthapur,Dist. Howrah,Rail Station:Phuleswar,UCO Bank Building WB East & Nort East BO 367 H/O-Kalidas Roy,Brickfield Road,Baruipur, South 24 Parganas Kol-700144 WB East & Nort East Dispensary 368 8A,South Goalapara Road, Kankinada Bhatpara Municipality Pin-743123 WB East & Nort East Dispensary 369 Model Labour Welfare Centre, P.OBirlapur,24 PGS(S) Kol-743319 WB East & Nort East Dispensary 370 8/2, DBC Road, Budge Budge 24 PGS (S) Kol700137 WB East & Nort East Dispensary 371 Residential Complex, Tometo Bagan. Opposite Gate No-2. Falta Special Economic Zone. PO: Kalatalahat. PS:Ramnagar. 24PGS South WB East & Nort East Dispensary 372 H/O-Sudhir Hazra,Amtala,Baruipur Road, Kanyanagar 24 PGS(S) WB East & Nort East Dispensary 373 New Address : H/o-Mrs. Swapna Dey, 131, Lenin Sarani, Kanchrapara, North 24-Pgs, Pin -743145 WB East & Nort East Dispensary 374 Budge Budge ESI Hospital Campus, P.OMahestala 24 PGS(S).Kol-700137-1(Shift to Batanagar SD inside bata factory) WB East & Nort East Dispensary Page49of 531 375 Batanagar SD, Near Batanagar PO, Inside Bata Factory, 24 PGS(S) WB East & Nort East Dispensary 376 507,RBC Road, P.O-Garifa,Dist-24 Pgs (N)Pin -743166 WB East & Nort East Dispensary 377 Banavilla, Pratapgarh Narendrapur, 24 PGS(S), Kol-700103 WB East & Nort East Dispensary Dispensary 378 Asansol ESI Hospital Campus, Burdwan WB East & Nort East 379 Super Bazar Complex, Near-Burnpur Railway Stn. Burdwan WB East & Nort East Dispensary 380 Durgapur number 1 ESI Hospital Campus Distt burdwan WB East & Nort East Dispensary 381 ESI Service Dispensary1.Prantika Health Center Complex. Near Prantika Five Point Crossing. A-Zone. Durgapur 713 204 WB East & Nort East Dispensary 382 House of Mr. Gourishankar Agarwal 106, Madhu Sarani P.O- Searsole, Ranigunj DistBurdwan PIN- 713358 WB East & Nort East Dispensary 383 Baltikuri ESI Hospital Campus, Bankra, Howrah-711403 WB East & Nort East Dispensary 384 Bandel ESI Hospital Campus, Bandel, Hoogly-712213 WB East & Nort East Dispensary 385 229 GT Road, Belur Bazar, PO-Belurmath, How-711202 WB East & Nort East Dispensary Dispensary 386 25, GT Road, Bhadreswar, Hoogly-712124 WB East & Nort East 387 Buckland Bridge, HIT Complex, Howrah711101 WB East & Nort East Dispensary 388 Uluberia ESI Hospital Campus POJaduberia,How- 711316 WB East & Nort East Dispensary 389 3/175/31, Dr. BC Roy Saranee, 8th Lane, Mor Pukur, Rishra, Dist-Hoogly WB East & Nort East Dispensary 390 Belur ESI Hospital Campus P.O-Sapuipara, How-711227 WB East & Nort East Dispensary 391 Chitra Gupta Sabha Bhawan, Andul Road (near Mourigram Rly. Station),Vill & PODuillya, Howrah, Pin-700302 WB East & Nort East Dispensary 392 Maniktala ESI Hospital Campus 54, Bagmuri Road, Kol-700054 WB East & Nort East Dispensary 393 Adjacent Building: Kamarhati ESI Hospital Campus, 1 Graham Lane, kol-58 WB East & Nort East Dispensary 394 8A, K. B. Bose Road, Barasat Chanpadali More, Pin-700124 WB East & Nort East Dispensary Page50of 531 395 26, Dr Sudhir Bose Road, Kidderpur, Kol700023 WB East & Nort East Dispensary 396 3A & B, Maharani Swarnamoyee Road, Kolkata-700009 WB East & Nort East Dispensary 397 Serampore ESI Hoapital Campus POMallikpara, Pin-712203 WB East & Nort East Dispensary 398 Gourhati ESI Hospital Campus POMallickpara, Pin-712221 WB East & Nort East Dispensary 399 19/1 Manujendra Dutta Road(1st floor),Kol700028 WB East & Nort East Dispensary 400 196 E/1, PICNIC GARDEN ROAD, KOLKATA 700039 WB East & Nort East Dispensary 401 37 Gopal Lal Thakur Road, RKM Campus, Kol-700036 WB East & Nort East Dispensary 402 Sri Krishna Villa , 22/B Shibapriya Chatterjee Road Kol-700061 WB East & Nort East Dispensary 403 3,S.N.Roy Road, Supermarket Kol-700038 WB East & Nort East Dispensary 404 ESI Hospital Staff Qtrs.Kol-97 Near 13 Nos.Tank,GB Block, Sector- III, B11/1,2&4,Kolkata WB East & Nort East Dispensary 405 32 Banerjee Para Road, P.O.Talpukur,Pin700123 WB East & Nort East Dispensary 406 H/o Sri Jogesh Das, Near: Kesoram Rayon Bus Stand, P.O.- Nayasarai, Hoogly WB East & Nort East Dispensary 407 ADM Building (Ground floor),Haldia VillBasudebpur, Dist-Purba Medinipur Pin721602 WB East & Nort East Dispensary 408 Kalyani ESI Hospital Campus Kalyani, Nadia, Pin-741235 WB East & Nort East Dispensary 409 ESIC Dispensary, Siliguri, Paribahan Nagar, Behind IOC Office, PO- Matigara, Siliguri. Disit: Darjeeling Pin-734010 WB 410 Gourati, P.O. Angus WB 411 Kanyapur , Asansol, Dist. Burdwan WB East & Nort East East & Nort East East & Nort East Hospital Dispensary Hospital Hospital 412 Durgapur, PO - Bidhannagar , Durgapur - 6 WB East & Nort East 413 Baltikuri ESI Hospital , P.O: Bankra, Dist. Howrah WB East & Nort East Hospital 414 Bandel ESI Hospital, Vill & P.O.- Bandel dist. Hooghly WB East & Nort East Hospital 415 Belur ESI Hospital, PO: Sapuipara , Dist. Hooghly WB East & Nort East Hospital Page51of 531 416 Serampore ESI Hospital, G.T Road(W), P.o. Mollick Para 712203 Hooghly WB East & Nort East Hospital 417 Uluberia ESI Hospital,P.O.:-Jaduberia, Howrah WB East & Nort East Hospital 418 Budge Budge ESI Hospital, B.B.T Road , Kol139 WB 419 Kamarhati ESI Hospital, kol - 58 WB East & Nort East East & Nort East 420 Manicktala ESI Hospital , Baghmari Road , Kol-54 WB East & Nort East Hospital 421 Sealdah ESI Hospital, 301/3 A.P.C Road,Kol-9 WB East & Nort East Hospital 422 Thakurpukur ESI Hospital, D.H Road , Joka , Kol-743512 WB East & Nort East Hospital 423 ESI Hospital, P.O.- Kalyani, Dist:- Nadia WB 424 GB -6, Salt lake City , Kolkata -700097 WB East & Nort East East & Nort East 425 Directorate of ESI (MB) Scheme , P-233 CIT Scheme , VIII-M , Baghmari Road , Kol-54 WB East & Nort East SD 426 RBO LAKE DEPOT, CSTC Depot, Dr. Dewdar Rahaman Road, Kolkata – 700 033 WB East & Nort East RBO 427 RBO SHIBPORE,CSTC Howrah Depot, 12, Probodh Banerjee Road, Howrah – 1 WB East & Nort East RBO 428 RBO BAURIA,Borikhali, Bauria, Howrah WB East & Nort East RBO 429 RBO UTTARPARA, 9B, G.T. Road, Bhadrakali, Hooghly WB East & Nort East RBO 430 RBO CHANDANNAGAR, Barasat Tematha Super Market, Swapna Bazar, Chandannagar, Hooghly WB East & Nort East RBO 431 RBO BELGHORIA, CSTC, Belghoria Depot, 5, Nilganj Road, Belghoria, 24-Pgs (N) WB East & Nort East RBO 432 RBO GARDEN REACH, J – 252/1, Paharpore Road, Garden Reach, Kolkata –700 024 WB East & Nort East RBO 433 RBO HALISAHAR, Ghosh Para Road, Baidyapara, Halisahar, 24-Pgs (N) WB East & Nort East RBO 434 House of Arun Datta, Fulbarihat, Fulbari, Binnaguri, Jalpaiguri. WB East & Nort East Dispensary 435 C/o M/s Rajhans Plot No C-50, City centre Durgapur. Pin - 713216 WB East & Nort East SRO Hospital Hospital Hospital RO Page52of 531 436 ESIC Mezia BO, P.O & Vill -Durlavpur, DistBankura, West Bengal, Pin722133.(Junction of Durgapur Road & NH60). H/O: Sri Subal Chandra Jana, M9475268541 WB East & Nort East BO 437 New Park, G T Road, Bandel, Hooghly, PS: Chinnsura, PIN-712123 WB East & Nort East BO 438 Address = ESIC-SRO Kolkata,Sanchi Tower ,177B, B.T. Road , P.O: Sodepur (Beside Panihati Municipality),Kolkata-700114 WB East & Nort East SRO Page53of 531 Annexure 21 - ESIC Location Address with Site Code Sr. No. Address State Zone Location Type 1 NEW ADDRESS: ESI Hospital Compound, Adoni, Kurnool Dist.-518301 AP South1 BO 2 New address:H.no.5-104,ESI branch office,opp registration office main road,Bibi nagar AP South1 BO 3 Branch Manager,Branch Office,ESI Corporation,,Chittivalasa-531 162 AP South1 BO 4 Branch Manager,Branch Office,ESI Corporation,D.No.27-184,Municipal Colony,Palamaner Road,Chittor-517002 AP South1 BO 5 Door No: 20C-8-6, First Floor, Raja Nilayam, Paidetivari Street, Powerpet,Eluru, West Godavari (D) - 534 002. AP South1 BO 6 NEW ADDRESS: D.no. 6-10-28, Arandalpet 10/1, Guntur-522002, Guntur Dist AP South1 BO 7 Branch Manager,Branch Office,ESI Corporation,D.No.26-4-744/1,Near Shanti Talkies,Hindupur-515201 AP South1 BO 8 Branch Manager,Branch Office,ESI Corporation,Mrs M. Shanta Reddy,Ist Floor, Besides RTC Bus Stop Ferozguda, Balanagar(New Address=Branch Manager,Branch Office,ESI Corporation,Fatehnagar,Balanagar,Hyderabad-500018) AP South1 BO 9 H.No.5-5-35/18/1 & 3: 1st floor,Prashanthi nagar,Kukatpally, Hydarebad AP South1 BO 10 Branch Manager,Branch Office,ESI Corporation,D.No.34-152.First Floor,Opp. Anjaneya Swamy Temple,L.B. Nagar,Hyderabad-500 035 AP South1 BO 11 Branch Manager,Branch Office,ESI Corporation,DIMS Office Premises,Musheerabad,Hyderabad500003(Chikkadpally) AP South1 BO Page54of 531 12 Branch Manager,Branch Office,ESI Corporation,E.S.I. Hospital Premises,Sanathnagar,Hyderabad500038(New Address=Branch Manager,Branch Office,ESI Corporation,Plot No: 54, Opp Sundhar Nagar community hall,Sanathnagar,Hyderabad-500038) AP South1 BO 13 D.No-8-13-67/1/3,Plot No: 58C,Raghavendra nagar Colony,Shivaramapally, Hyderabad. AP South1 BO 14 Branch Manager,Branch Office,ESI Corporation,Beside HMT Overhead Water Tank,Jeedimetla-500656 AP South1 BO 15 Branch Manager,Branch Office,ESI Corporation,D.No.5/1482,G.F Madras Road,Kadapa516002 AP South1 BO 16 ESI Dispensary, Sambamurthy Nagar, Kakinada AP South1 BO 17 New ADDRESS:D.No: 45/142/8, Ist floor, Venkatramana Colony, Kurnool AP South1 BO 18 Branch Manager,Branch Office,ESI Corporation,H.No.111-153-4-1,Upstairs,Opp.AP.S.R.T.C Bus Stand,Madanapally-517325 AP South1 BO 19 Branch Manager,Branch Office,ESI Corporation,H.No. 1-4-134/16/J,Mettugadda,Mahaboobnagar-509002 AP South1 BO 20 Branch Manager,Branch Office,ESI Corporation,Sri R.Sai Reddy, Ist Floor,Door No : 25-35/13/2, Wd No 25,RC Reddy Nagar, RC Puram, Hyderabad (Patancheru) AP South1 BO 21 Branch Manager,Branch Office,ESI Corporation,ESI Dispensary Compound,A.K.Nagar,Nellore-524 004 AP South1 BO 22 Branch Office, Nellimarla, ESIC., Opposite APGVB Bank, Opposite Gollaveedhi, Nellimarla-535217 AP South1 BO 23 Branch Manager,Branch Office,ESI Corporation,E.S.I. Hospital Compound,Nyalkal Road,Nizamabad-503001 AP South1 BO 24 The Manager,Branch Office,ESI Corporation,Plot No 1,Central Park,M/S Anuradha Complex,2nd Floor,Kompally,Ranga Reddy District AP South1 BO 25 Branch Manager,Branch Office,ESI Corporation,E.S.I Dispensary Compound,Ramagundam-505208 AP South1 BO Page55of 531 26 Branch Manager,Branch Office,ESI Corporation,ESI Hospital Campus,Opp. A.P.Paper Mills,Sriramnagar,Rajahmundry-533 106 AP South1 BO 27 Branch Manager,Branch Office,ESI Corporation,H.No.38-142,Beside SBI,Sadasivpeta-502291/(new add=Smt Chinta Padma,H No 3-8-121, Beside Bombay Talkies,Sy No 408, Rahmath Nagar, Sadasivapet ) AP South1 BO 28 Branch Manager,Branch Office,ESI Corporation,H.No.12-13-416/1/B, Plot No.35, Mani Mansion, Nea Tarnaka welfare Association, St.No: 1, Tarnaka, Secunderabad-500 017 AP South1 BO 29 Branch Manager,Branch Office,ESI Corporation,E.S.I Hospital Premises,III Set,Sirpurkaghaznagar-504296 AP South1 BO 30 Branch Manager,Branch Office,ESI Corporation,Sri Appanna Shopping Complex,Opp. Town Hall Gate,Tanuku-534 211 AP South1 BO 31 Branch Manager,Branch Office,ESI Corporation,H.No.871,Tuda Plots,Rayalacheruvu Road,Tirupathi-517501 AP South1 BO 32 NEW ADDRESS: Auto Nagar, Near BSNL Exchange, 100 ft Road, Auto Nagar, Vijayawada – 520007 AP South1 BO 33 Patnaik Chambers, Door. No 7-9-22, Panthulugari meda, NH-5 Road, Opp. Electrical Sub-Station, Old GAjuwaka Post, Visakhapatnam AP South1 BO 34 ESIC Branch Office, 26-22-30, Mudunurivari Street, Nutan Towers, Gandhinagar, Vijayawada-520 003 AP South1 BO 35 Branch Manager,Branch Office,ESI Corporation, Dr No: 11-106A , LIC Ram Naidu Building, Near Water Tank,Main Road, Vizianagaram District,Garvidi-535 101 AP South1 BO 36 Branch Manager , ESI Corporation,NTR Sahakara Bhawan, D.No.58-14-57/1, II Floor, Marripalem, Vuda Layout, NAD (Post) VISAKHAPATNAM, PIN: 530009 AP South1 BO 37 Plot No.1, Srinivasa Nilayam, Simhadrinagar Ring Road, Besides: Surya Hospital, Near: Sai Baba Temple, VIZIANAGARAM - 535 001 AP South1 BO 38 Branch Manager,Branch Office,ESI Corporation,E.S.I.Hospital Compound,Labour Colony,Warangal-506013 AP South1 BO Page56of 531 39 ESIC Corporation,Panchdeep Bhawan,5-9-23 Hill Fort Road,Hyderabad-500483. AP South1 DR 40 Bellampally”X” Roads,, Mancherial, Adilabad Dist- 504 208 AP South1 Dispensary 41 H.No.8-1-76/146, Post: Venkatapur, Nirmal, Adilabad Dist-504 106 AP South1 Dispensary 42 ESI Hospital Campus, S.P.M Colony,Sirpurkagaznagar,,Dist. Adilabad-504 296 AP South1 Dispensary 43 7-276, Court Road,Ananthapur-515001 AP South1 Dispensary 44 Hindupur,Ananthapur Dist- AP South1 Dispensary 45 H.no. 5/292,Allabakash street, Tadipatri. AP South1 Dispensary 46 NO.3-85 Medara Street, Bangarupalem,Chittoor Dist517 416 AP South1 Dispensary 47 2/82, Dr. Cousins Road, B.K. Palli, Madanapalli-517 325, Chittor Dist. AP South1 Dispensary 48 No.8/220, Mahatmanagar, Nagari,Chittor Dist.-517 590 AP Dispensary 49 Near Nutrine Factory, Palamaner Road,Chittor. AP South1 South1 50 16/681, Sri Ram Nagar Colony, Panagal Post Office Building,Srikalahathi, Chittoor Dist. AP South1 Dispensary 51 6/1482, 1st Floor,Sankarapuram,Cuddapah -516 002 AP South1 Dispensary 52 DOWLESWARAMEast Godavari Dist. 533 121 AP South1 Dispensary AP South1 Dispensary AP South1 Dispensary Dispensary 54 Insurance Medical Officer, ESI Dispensary, D.No.19-514/1, Gun Bazar, ELURU - 534 005, West Godavari Dist. Co-Operative Society Building , Near Panchayath Board back side, Panchayath street , old co-operative central bank building, Kadiam,Rajahmundry,East Godavari dist 55 Sambamurthynagar, KAKINADAEast Godavari Dist.533 007 AP South1 Dispensary 56 D.No.15-3-13/1,Near Rly Station, Old DSP office, Bapuji Nagar, KOVVURUWest Godavari Dist. 534 350 AP South1 Dispensary 57 H.No.11-4-32, Near SBINIDADAVOLUWest Godavari AP South1 Dispensary 58 Lalacheruvu, H.No.8-444, RAJAHMUNDRY. East Godavari Dist. AP South1 Dispensary 59 H.No.39-9-1,Innispeta;RAJAHMUNDRY, East Godavari Dist. 533 101 AP South1 Dispensary 60 Opp. To Paper Mills,Seethampeta, RAJAHMUNDRY.East Godavari Dist. 533 105 AP South1 Dispensary 61 H.No.16-4-80, SAMALKOTEast Godavari Dist. 533 440 AP South1 Dispensary 53 Page57of 531 62 NEW ADDRESS: D.NO: 70-2-170/1, Ramanayyapeta, Kakinada-533005 AP South1 Dispensary 63 H.No.9-13-1/A, Tanuku Road,TADEPALLIGUDEMWest Godavari Dist. 534 102 AP South1 Dispensary 64 H.No.22-124/4, Sajjapuram,TANUKU, West Godavari Dist. 534211 AP South1 Dispensary 65 H.No.3-68, VENDRA, West Godavari Dist. 534 210 AP South1 Dispensary 66 New Address : H.no. 17/1174-A,Rajendra Nagar,Guntakal,Ananthapur dist-515801 AP South1 Dispensary 67 Insurance Medical Officer, ESI Dispensary(K.Nagar), ,Devapuram,Ist line, GUNTUR 522 006 AP South1 Dispensary 68 esi dispensary,house no. 2-99,NALLAPADU,near wine shop,Guntur Dist. 522 005 AP South1 Dispensary 69 PEDAKAKANI, Guntur Dist.522 503 AP South1 Dispensary 70 ESI Medical Office,Devapuram 1st line, Krishn nagar, Guntur-522002. Contact Name: Mr. Prakash Number: 9966701154. AP South1 Dispensary 71 H.No.11-55/1, UNDAVALLIGuntur Dist. AP South1 Dispensary 72 Kotnur,Hindupur-515201 AP South1 Dispensary 73 ESI Dispensary- Balanagar (old), H.NO: 6-1-1/a, Near Sobha Theatre, Raju colony, near lions club building, Hyderabad-42 AP South1 Dispensary 74 1-9-522/27&27/1, Beside Jai Mahaveer Colour Lab,Chikkadapally, Hyd-20. AP South1 Dispensary 75 D.No.9-8-193/12, Near Golconda Fort, Hyd-08 AP South1 Dispensary 76 11-2-555/2/A-1, Seetharam Bagh, Near Boiguda Kaman, Goshamahal,Hyd-01 AP South1 Dispensary 77 D.No.2-2-387/8&9, at Purana Haveli,Himmathpura, Hyd-02(New Address=D.No. 22-7-472/A/B/C, Situated at Near Princes Esin High School, Purani Haveli, Hyderabad. ) AP South1 Dispensary 78 3-1-319/A, Nimboliadda, Chappal Bazar,Kachiguda, Hyd-27 AP South1 Dispensary 79 11-2-555/2/A-1, cpccp Seetharam Bagh, Near Boiguda, Karwan, Hyd-01 AP South1 Dispensary 80 6-2-919/1/1, Metro Water House Lane, Opp: State Bank Of India, Khairatabad, Hyderabad-500004 AP South1 Dispensary 81 D.No.658, MIG.II, APHB Colony,Kukatpally Hyd-72. AP South1 Dispensary Page58of 531 82 New Address :- Dr NO.16-8-931/12, Nalgonda x roads , Beside Bharat petrol pump,) AP South1 Dispensary 83 H.No 23-21, RK nagar, Near to uttamnagar,Anand bagh, Malkajgiri. AP South1 Dispensary 84 Door No.6-4-6/8, Opp: Gandhi HospitaL(New),Kavadiguda Road, Musheerabad, Secbad.-03 AP South1 Dispensary 85 11-2-555/2/A-1, Seetharam Bagh, Near Boiguda Kaman,Nampally, Hyd-01 AP South1 Dispensary 86 New address:H.no 3-4-104/F6, Laxmi Nagar street No.8,Ramanthapur AP South1 Dispensary 87 New address:H.no 3-4-104/F6, Laxmi Nagar street No.8,Ramanthapur AP South1 Dispensary 88 ESI Hospital Campus, Sanathnagar-I, Hyderabad38(New Address=H.No: 7-1-282/C88, Near MCH Park, B.K.Guda, SanathNagar-38) AP South1 Dispensary 89 Near B.K Guda park, behind the compound wall of ESI Hospital sanathnagar hyderabad AP South1 Dispensary 90 No.1-179/4, Snehapuri Colony, Borabanda, Hyd-18. AP South1 Dispensary 91 H.no.1-2-34.plot no.E9/3,street no.3,kakatiya nagar colony,habsiguda,hyderabad-39 AP South1 Dispensary 92 Door No.1-9-800 & 801, Adikmet,Vidyanagar, Hyderabad. AP South1 Dispensary 93 H.No.4-68/2 Rama Mandir Area Basanthnagar, Karimnagar Dist-505 187 AP South1 Dispensary 94 7-295 Mandal Parishad Complex, Rly. Kodur,Kadapa Dist-516 101 AP South1 Dispensary 95 New address:Esi dispensary,In the premises of A.P Vydyavidhana parishad,Proddutur. AP South1 Dispensary 96 4/1292, OPPOSITE ZILLA PARISHAD BOYS HIGH SCHOOL, ICL ROAD, YERRAGUNTLA-516309 AP South1 Dispensary 97 H.No.15-1-10 Ramavaram, Kothagudem Mandal,Ramavaram, Khammam Dist-507 118(New Addres=H.No.14-1-3, Subhas Chandra Bose Nagar,Ramavaram, Dist. Khammam.) AP South1 Dispensary 98 (Naer Govt Hospital, Veeravalli. ,BAPULAPADU. Krishna Dist.)Insurance Medical Officer, ESI Dispensary, D.No.4-133, oppR.TG.C Bus complexVEERAVALLI, Bapulapadu Mandalam, Krishna Dist. AP South1 Dispensary 99 H.No.4-62, GANGOOR,Ganguru,Krishna Dist. 521 139 AP South1 Dispensary Page59of 531 100 Incharge Medical Officer, ESI Dispensary, Dr. No.3-73, Near Grama Panchayathi, CHILLKALLU – 521 175, Jaggaiahpeta Mandal. Krishna District (A.P.) AP South1 Dispensary 101 H.No.7-28, KONDAPALLIKrishna Dist. 521 228(New Address:D.No.9-148, Samrajya Bhavan, Near Praja Vaidyashala, Station Road, KONDAPALLI, Krishna Dist. 521 228 ) AP South1 Dispensary 102 H.No.17-299,SidimbiAgraharam,MACHILIPATNAM Krishna District 521 001 AP South1 Dispensary 103 40-13-3, BESIDE VARUNMOTORSBENZ CIRCLE,VIJAYAWADA(West)Krishna District. AP South1 Dispensary 104 E.S.I HospitalCampus,Gunadala,VIJAYAWADA,Krishna Dist. 520 004 AP South1 Dispensary 105 SuryaraopInsurance Medical Officer, ESI Dispensary( East), D.No.29-8-6, Sagar Bar Duildings, VIJAYAWADA - 520 002, Krishna Distet,VIJAYAWADA(East), Krishna Dist.520 002 AP South1 Dispensary 106 Insurance Medical Officer, ESI Dispensary(Town), D.No.29-8-6, Sagar Bar Duildings, VIJAYAWADA - 520 002, Krishna Dist. AP South1 Dispensary 107 H.No.23-6-45, KommuvariStreet,VIJAYAWADA-11, Vijaywada(ACC)KrishnaDist.520 011(esi dispensary,hanuman street,upstairs of sbi,satyanarayana puram ,vijay wada-520002) AP South1 Dispensary 108 Need to shift all infrastructures to 1st floor on the same building NEW ADDRESS:- D.No: 75-7-1, Nagar Junanagar, Near Bhavani Hospital, Bhavanipuram, Vijayawada. Contact person: Mrs. Kamala, Contact NO: 8985715733, AP South1 Dispensary 109 Madhavaram Road, 518301, Adoni(West),Kurnool Dist. AP South1 Dispensary 110 NEW ADDRESS: E.S.I.Dispensary, Adoni (east), E.S.I. Dispensary, Adoni (west)compound, Madhavavaram Road,Adoni-518001 Kurnool District A.P.State AP South1 Dispensary 111 H No: 46/105, Bhudvarpet, Kurnool- 518001 AP South1 Dispensary 112 64-158, Fort Near Old Bus Stand, at Kurnool-518 001 AP South1 Dispensary 113 22/F6, SPY Reddy Quarters, Industrial Estate, Bommala Satram, -518 002, Nandyal,Kurnool Dist AP South1 Dispensary 114 1-143-15, Gandhinagar, Opp: RTC Bus Stand, -518 360,Yemmiganur, Kurnool Dist AP South1 Dispensary Page60of 531 115 ss. Esi dispensary Door no 4-25/1/a Chaitanya nagar Near masjid Yedira road Yenu gonad Mahaboob nagar : 509 002 AP South1 Dispensary 116 H.no 1-1/2,Penjerla 'x' roads,Kothur IDA,Kothur bipass road,Mahaboobnagar Dist. 509 228 AP South1 Dispensary 117 NEW ADDRESS : K.Srinivas Rao,Polt.No.68,Behind HOT SPOT BAR & RESTAURANT,Bachupally Village,R.R.Dist AP South1 Dispensary 118 D.No.11-86, Main Road, Gummadidala, Jinnaram Mandal, Bonthapally,Medak Dist. AP South1 Dispensary 119 No.8-54, 1st Floor, Isnapur X Roads, Medak Dist- 502 300 AP South1 Dispensary 120 New addres:H.No. 141-26/1,Sri Ram nagar colony,Pattancheru,Medak dist. AP South1 Dispensary 121 New address: H.No. 4-45/1,Vasavi Nagar colony,opposite Sangeeth theatre,RC puram main road, Hyderabad AP South1 Dispensary 122 3-7-83/101/1, Guru Nagar Colony, N.H. Road No.9, Sadasivpet, Medak Dist-502 291(New Address=Plot No 6, Behind Market yard, Near Hanuman Temple, Sadasivpet, Medak Dist) AP South1 Dispensary 123 H.No.4-96/8, Near Poturajpally at Toopran,Shabaspally, Medak Dist-502 334 AP South1 Dispensary 124 D.No.1-6-76, Beside Sishu Mandir, Dattagiri colony, Zaheerabad,Medak District – 502 220 AP South1 Dispensary 125 H.No.6-112, Near Harika Public School, Bibinagar, Nalgonda Dist-508 126(New Address=H.No.6136/1,Teachers colonoy, Bibinagar, Dist.Nalongda.) AP South1 Dispensary 126 Incharge medical officer,Esi dispensary choutuppal,H.no-3-373/7 Ganesh nagar,Beside swaraj show room,Main road, Choutuppal, Dist.Nalgonda. AP South1 Dispensary 127 Street Opposite to Treasury Office Hanumanwada Bhongir, Nalgonda Dist-508 126(New Address=H.No.15-150/2, Sangeevanagar, Bhongiri,Dist. Nalgonda.) AP South1 Dispensary 128 2/208, Narsingraopet, Near Ramalayam, Gudur,Nellore Dist. AP South1 Dispensary 129 1/37, L.B.Nagar, Nawabpet,Nellore-2 AP South1 Dispensary 130 Insurance Medical Officer, ESI Dispensary, China Padgupadu, NELLORE - 524 004 AP South1 Dispensary 131 8/280 Shar Road, -524121, Sullurpeta,Nellore Dist. AP South1 Dispensary 132 3-309, Opp: R&B Guest House, GNT Road,Tada, Nellore Dist. AP South1 Dispensary Page61of 531 133 ESI Diagnostic Centre compound,Shivajinagar, Dist.NZB-503 001 AP South1 Dispensary 134 Near Kanteswar Temple NZB, Dist. Nizamabad-503 001 AP South1 Dispensary 135 ESI Medical Office, Back side of Prasad Theater, Chirala-523155 AP South1 Dispensary 136 nsurance Medical Officer, ESI Dispensary, D.No.14-1286, MACHERLA- 522 426, Guntur Dist. (New Address=ESI Dispensary, Opp. HP Petrol Bunk,Sagar Road, MACHERLA-522426) AP South1 Dispensary 137 New Address :- H.No. 10-507B, GVRamayya Street, Near Mqbul Bashah Clinic, Markapurum-523 316 AP South1 Dispensary 138 Old Health(Medical) Center,Beside Radio Station,N.T.P.C ,Ramagundam AP South1 Dispensary 139 14-172, Gowri Nagar, 2nd Street,Renigunta-517520. AP South1 Dispensary 140 H.No.6-10-6/D, Vinayak Nagar, Fatehnagar,Balanagar, R.R. Dist – 500 042 AP South1 Dispensary 141 D.No.1-6-8/13, N.R. Sadan, Sri Ram NagarColony, Annapuram Kapra, Cherlapally,R.R.Dist. AP South1 Dispensary 142 Industrial Area, Shapur, Opp: Police Station, Jeedimetla-I, R.R.Dist.-54 AP South1 Dispensary 143 Industrial Area, Shapur, Opp: Police Station, Jeedimetla-II, R.R.Dist.-54 AP South1 Dispensary 144 H.No: 8-13-7/1/a, Ganesh Nagar, Kattedan, R.R.Dist.77 AP South1 Dispensary 145 D.No.11-21, Koheda-X Road, Sanghi Nagar Post, Hayathnagar Mandal, Koheda,R.R. Dist. AP South1 Dispensary 146 D.No.5-247 Opp: Z.P Boys High School, Medchal,R.R.Dist.501 401 (L.S.Arcade, Plot No: 58A, Vinayak Nagar 2, Opp to Bus dipo line, Medchal,R.R.Dist.501 401) AP South1 Dispensary 147 No.160/3,Rudra Road,Lothukunta,Alwal,Sec-15 AP South1 Dispensary 148 NEW ADDRESS: Site code:ESICDSAPSELAL0 Area:South lalaguda Site address:12-535/c/17&18,Bathkammakunta,vijayapuri colony,south lalaguda,sec-bad(Moulali) AP South1 Dispensary 149 Door No.6-4-6/8, Opp: Gandhi HospitaL(New),Kavadiguda, Musheerabad, Sec-bad.-03 AP South1 Dispensary 150 New Address : House bearing NO.1-2-607/27/17, Gagan Mahal Village, L1C Colony, adjacent lane to Gow shala, Lower Tank Bund, Secunderabad-500003 AP South1 Dispensary Page62of 531 151 H.NO 23-177/3/1. Plot no.155 Madhura Nagar colony,shamshabad.-501218 AP South1 Dispensary 152 New Address :- H.No. 2-88, vasu Building, Panchayat Office Road, Sarapaka, Burkampaka, Dist:- Khammam507111 AP South1 Dispensary 153 ESI Dispensary , Pydibhimavaram, SVS complex, NH 5 Road, Pydibhimavaram, srikakulam district, Andhra Pradesh AP South1 Dispensary 154 No. Type-V, No.4, ESI Hospital Staff Quarters, Avilala Post,Tirupathi North-517506 AP South1 Dispensary 155 D.No.760/1,BOBBILIVizianagaram Dist. 532 558(New Address=ESI Dispensary, (C/O) S. Venkata Rao, Govt Hospital Road Near prajavidya sala, BOBBILIVizianagaram Dist. 532 558 ) AP South1 Dispensary 156 CHITTIVALASAVisakhapatnam Dist. 531 162 AP South1 Dispensary 157 D.No.8-1-58,Near pantulugari meda, OldGajuwaka, Visakhapatnam.530 026 AP Dispensary 158 Gandhigram,VISAKHAPATNAM 530 005 AP South1 South1 159 D.No.75, , Main Road, Opp to lakshmi kalyana mandapam,Naidu Thota bus stop,Gopalapatnam, VISAKHAPATNAM530 028 AP South1 Dispensary 160 D.No.57-26-2, Kancheralapalem,IndustrialEstate,VISAKHAPATNaM 530008(New Address=D.No.39-14-8,Beside SBH Bank, Murali Nagr ,VISAKHAPATNaM 530008) AP South1 Dispensary 161 New Address : Near iyyapa swamy temple,araku-vizag road, kothavalasa AP South1 Dispensary 162 ESI Dispensary,D.No 31-27-48,Prince Enclave,Duwada Station Road,Kurmannapalem,Vizag AP South1 Dispensary 163 NELLIMARLAVizianagaram Dist. 535 217 AP South1 Dispensary 164 D.NO 22-91-20,Balla Vilas,Above Sub Register Office,Pedagantyaada,Visakhapatnam(New Addrss=ESI dispensary,Building No. 19-24-24, Ayyannapalem, Pedagantyada, R.H.Colony, VISHAKHAPATNAM -44) AP South1 Dispensary 165 In charge medical officer,Esi dispensary, H.no. 50-5035/4,Gurupriya,Seethmmadaram(west),Balayya sastry layout, vizag-13 AP South1 Dispensary 166 SREERAMNAGAR (GARIVIDI)VizianagaramDist.535101 AP South1 Dispensary Dispensary Page63of 531 167 Contonment Area, Near post office, VIZIANAGARAMVizianagaram Dist. 535 202 AP South1 Dispensary 168 Beside SSS-Apartment Building LB.Nagar, Girmajipet,Warangal-508 002(New Address=H.No.1110-1130, Vivekananda Nagar, Kasibugga, Dist. Warangal.(Girmajipet)) AP South1 Dispensary 169 H.No.3-9-608, Reddy Colony, Hanmakonda, Dist. Warangal-506 001 AP South1 Dispensary 170 New Address : ESI Hospital buliding, Industrial Colony, Warangal-506 013 AP South1 Dispensary 171 H.No.17-11242/1 Ours, Rangasaipet Road, Karemabad,Warangal AP South1 Dispensary 172 Insurance Medical Officer, ESI Dispensary, HIG-54, AP Housing Board Colony, BHIMAVARAM, West Godavari District AP South1 Dispensary 173 Med Superintendent,ESI Hospital,Sirpurkagaznagar504 296,Adilabad distt. AP South1 Hospital 174 Med Superintendent,ESI Hospital,Avilala Post,R C Rd.,Tirupathi-517 507,Chittoor Dist. AP South1 Hospital 175 Med Superintendent,ESIC Model Hospital,Nacharam,Hyderabad-500076, AP South1 Hospital 176 Med Superintendent,ESI Hospital,Sanathnagar,Hyderabad-500 038 AP South1 Hospital 177 ESI Super Specialty Hospital, Opp to B. K. Guda park Sanathnagar,Hyderabad-500 038 AP South1 Hospital 178 In Charge-Civil Surgeon,ESI Diagnostic Centre,Jeedimetla-500 855,R.R Dt. AP South1 Hospital 179 In Charge-Civil Surgeon,ESI Diagnostic Centre,Adoni518 301,Kurnool Dist. AP South1 Hospital 180 Med Superintendent,ESI Hospital,Ramachandrapuram502 032,Medak district AP South1 Hospital 181 In Charge-Civil Surgeon,ESI Diagnostic Centre,Nizamabad-503 002 AP South1 Hospital 182 Med Superintendent,ESI Hospital,Rajahmundry-533 105,E.G Dist. AP South1 Hospital 183 Med Superintendent,ESI Hospital,Gandhigram,Visakhapatnam-530 005. AP South1 Hospital 184 Med Superintendent,ESI Hospital,Gunadala,Vijaywada520 004. AP South1 Hospital 185 Med Superintendent,ESI Hospital,Labour Colony,Warangal-506 013 AP Hospital 186 JD IMS,Dr no: 6-1471, Sankarapuram, kadapa AP South1 South1 187 Door No.6-4-6/8, Opp: Gandhi HospitaL(New),, Musheerabad, Sec-bad.-03 AP South1 JD Page64of 531 JD 188 JD IMS, ESI Hospital Campus,Gunadala,Vijaywada-520 004. AP South1 JD 189 JDIMS,E.S.I.Hospital Compound,Labour Colony,Warangal-506013 AP South1 JD 190 ESIC Corporation,Panchdeep Bhawan,5-9-23 Hill Fort Road,Hyderabad-500483. AP South1 RO 191 6-4-6/8 Opp. New Gandhi Hospital.Musheerabad,Secunderabad AP South1 SD 192 near saibaba temple, GANAPAVARAM, CHILAKALURIPET MANDAL, GUNTUR DIST.AP AP South1 Dispensary 193 ESI Corporation,Second Floor,Padmanabha Buildings,14.20.27,Gandhi Nagar,Vijaywada-520 003 AP South1 SRO 194 ESI Corporation,58-14-57/1,Marripalem,VUDA Layout,NH-5 Road,NAD Post,Visakhapatnam-530009 AP South1 SRO 195 H. No: 1/77 & 1/78, located at backside of Municipal court, (Signal gadda area) Badepally (V), Jadcharla Mandal, Mahaboobnagar-509302. AP South1 Dispensary 196 Bannerghatta Road, Next to Marble Centre International, Adugodi, Bangalore KN South1 BO 197 Bannerghatta Road, Next to Marble Centre International, Adugodi, Bangalore KN South1 BO 198 First Floor, ESIC Dispensary Channapatna.Thattakere, Channapatna Bangalore Rural District.Channapatna – 571501. KN South1 BO 199 Yeshhwanthpur,No.12, II Floor, 1st Cross, 2nd Main, VRL Complex, Kannada Kasturi Road, T.Dasarahalli, Bangalore( KN South1 BO 200 H.A.L. Township,No.8, Apprentice School, HAL Colony, Bangalore KN South1 BO 201 Mysore Road,IstFloor,ESIDisp.Bldg,Kasturbanagar, Mysore Road, Bangalore KN South1 BO 202 Magadi Road,ESID Bldg, Ist Cross, Magadi Road, Bangalore KN South1 BO 203 Malleswaram,Opp. Mysore Lamps, Malleswaram, Bangalore KN South1 BO 204 N.G.E.F,NGEF Premises, Old Madras Road, Bangalore KN South1 BO 205 Majestic,Ist Floor, ESID Bldg. IInd Cross, OTC Road, Bangalore KN South1 BO 206 Peenya - 1 ,92,6th main Road,near SBM,3rd phase.Peenya KN South1 BO Page65of 531 207 Branch Office Peenya-II, Sy. No.76 & 88, 14th Cross, 4th Phase, Peenya Industrial Area, BANGALORE - 560 058 KN South1 BO 208 Queens Road, No.15, Ist Floor, Opp.Sanjevani, Queens Road, Bangalore KN South1 BO 209 Rajajinagar,24/3, Ist Floor, E Block, Ist Main Road, IInd Stage, Rajajinagar, Bangalore KN South1 BO 210 Seshadripuram,2nd Floor, ESID Bldg. Sirur Park Road, Sesdhadripuram, Bangalore KN South1 BO 211 New Address : ESI Branch Office, Tumkur "Sumukh" (1st Floor) 3rd Cross, Opp. Gandhinager Park, Tumkur-572102 KN South1 BO 212 New Address: -ESI Branch office Yehlanka , NO— 1592/1 Behind yehlanka police station. Yehlanka. bangalore-560064 KN South1 BO 213 BELLARY,ESIC Building No2.Mig Building Hd Colony,Cantonment.PIN:583-014 KN South1 BO 214 BELGAUM Branch Manager, Branch Office, 08312470137, ESI Corporation, No.7/B-1, Kangrali Industrial Area, P.B.Road, Belgaum-10. KN South1 BO 215 BIJAPUR,Branch Office.E.S.I Corporation.191/6,Behind Allmail House,Station road.Bijapur-586-101 KN South1 BO 216 HUBLI Branch Manager, Branch Office, ESI Corporation, No.H-42, Ground Floor, Niketan Dollars Colony, Adjoining New Central Bus Stand, Gokul Road, Hubli580 030. KN South1 BO 217 CHITRADURGA,1st floor,Sri Gangadharaia building,4th Cross,Holalkere RD.Opposite Savita Bhavan Rd.PIN:577-501 KN South1 BO 218 DAVANGERE Branch Manager, Branch Office, ESI Corporation, No.628/30, Near Shivayogi Mandir, Nituvalli Road, K.B.Extension, Davanagere-577 002. KN South1 BO 219 DHARWAR Branch Manager, Branch Office, ESI Corporation, Near Hubli Toll Naka, Saraswathipuram, Dharwar-580 002 KN South1 BO 220 Branch office(Gadag),ESI Corporation,Chetana circle,K.C.Rani Road,Gadag -582101 KN South1 BO 221 New Address :GOKAK Branch Manager, Branch Office, ESI Corporation, CTS No.3191/B/4-A, Kittur Chawl, Hospet Galli, Near Bennadi Hospital, Shri. Payasagar Nagar Road, Gokak – 591 307. KN South1 BO Page66of 531 222 GULBARGA,Branch Office.E.S.I Corporation.C.I.B Colony.Behind Central Bus Stand.Gulbarga-585 103. KN South1 BO 223 Hasan ,Flat no 38-39,B.katihally,Industrial Area,Arasikere rd,hasan,573201 KN South1 BO 224 HARIHAR (Gandhinagar) Branch Manager, Branch Office, ESI Corporation, No.70, Ist Floor, ESI Dispensary Bldg., Gandhinagar, Harihar-577 601. KN South1 BO 225 Bommasandra, No. 145/A, Bommasandra Industrial Area, KN South1 BO 226 KGF Branch Manager, Branch Office, 08153-364012 ESI Corporation, Qtrs. No.273/274, BEML Nagar, KGF(Kolar Dist.). KN South1 BO 227 flat 6,Ist main road,4th cross,Industrial Area,New mangalore,575011 KN South1 BO 228 BO,Mangalore,ESIH Premises, Kadri Shivabagh, Mangalore KN South1 BO 229 Mysore (D.R.Mohalla),ESID Bldg. Krishnavilas Road, Mysore KN South1 BO 230 Mysore (Subashnagar),Bademakan extension, Bangalore-Mysore Road, Mysore KN South1 BO 231 Nanjangud,Mysore-Ooty Road, Sujathapuram, Nanjangud KN South1 BO 232 SHIMOGA Branch Manager, Branch Office, ESI Corporation, Uzma Complex, Ist Floor, Opposite Brahmin’s Hostel, B.H. Road, Shimoga -577 201. KN South1 BO 233 New Address: H. No. 15/64, Laxmi Nagar,near vrandawan Dham,Shahabad, District- Gulbarga ,Karnataka 585228 KN South1 BO 234 Udupi,Lions Marg, Brahmagiri, Udupi KN South1 BO KN South1 BO DANDELI Branch Manager, Branch Office, ESI Corporation, Plot No. 304, Ist Floor, J.N. Road, Dandeli. Dist. Uttara Kannada(New Address= DANDELI Medical Superintendent, 08284-289220 ESI Hospital, Dandeli, DIST. UTTAR KANNADA.) 235 236 Malkhed.No.11-58 Governemnt High School, Malkhed, Sedam Taluk, Gulbarga District. KN South1 Dispensary 237 Attibelle,ADB Complex Building,Attibele Industrial Area,Hosur Road,Bangalore–562 107. KN South1 Dispensary 238 Banashankari.II Cross, Purandahara Road, Thyagarajanagar Main Road, Banashankari, II Stage, Channamannakere,Bangalore - 506 028 KN South1 Dispensary Page67of 531 239 Basavanagudi.Ground Floor, ESI Building,North Anjaneya Temple Street Bangalore–560 004 KN South1 Dispensary 240 Binnypet.Near Sri.Karikal Anjaneya Swamy Temple Building, Mysore Road, Bangalore-18 KN South1 Dispensary 241 Roopena Agrahara 2, 1st cross, NGEF Layout, opp. To Reddy School, Bangalore - 560 068 KN South1 Dispensary 242 Bommasandra.ndustrial Area, Bommasandra, Anekal Taluk, Bangalore District KN South1 Dispensary 243 Channapatna.Thattakere, Channapatna Bangalore Rural District.Channapatna – 571501. KN South1 Dispensary 244 Cottonpet.2nd Cross, O.T.C Road, Cottonpet,Bangalore – 560 053. KN South1 Dispensary 245 Dasarahalli,No.24, Hesaragatta Road,8th Mile,Dasarahalli,Bangalore – 560 057. KN South1 Dispensary 246 Dodaballapura.No.2668 "D" Cro Road, opp. To Hoakaraga Temple,Dodaballapura, Bangalore Rural District. KN South1 Dispensary 247 Dyavasandra.Doddanakundi Industrial Estate,Near Capsteel Plant,Whitefield Road,Bangalore 560 048. KN South1 Dispensary 248 Frazer Town.Opp. to East Railway Station,Bangalore 560 005 KN South1 Dispensary 249 Hanumantha Nagar.No.19, 10th Cross,1st Main Road Girinagar,Bangalore 560 019 KN South1 Dispensary 250 C/O Mallesh RrasadNo.116/6 , Shiva Krupa5th cross,T.G. Extension,Hoskote(Hoskote.No.1907, Thimmegowda Extension, Near Canara Bank, Bangalore District) KN South1 Dispensary 251 New Address : New Building, KIADB complex, jigani Industrial area, Jigani KN South1 Dispensary 252 New Address:No:324, 6th 'A' Cross, Anjanappa Building, Bhahubhalinagara, Jalahalli Village, Bangalore- 560013 Land Mark: Behind Governament School Jalahalli village, Hoysala Circle KN South1 Dispensary 253 Thavanappa Kallappa Ravale Building, Behind SubTreasury, Lakshminagar Road, Banahatti, Jamakhandi Taluk, Bagalkot District. KN South1 Dispensary 254 Jayanagar.31st, Cross, 4th ‘T’ Block, Jayanagar, Bangalore. KN South1 Dispensary 255 Mysore Road.Karithimmanahalli,Mysore Road,Bangalore – 560 026 KN South1 Dispensary 256 Kengeri.# 340, Kuvempu Road (Anganawadi Road),Bangalore-60. KN South1 Dispensary Page68of 531 257 Konanakunte.Sri Ramamandira Road, Yelachennahalli,Bangalore-76. KN South1 Dispensary 258 K.R.Puram - I.Near Bus Stand, Dooravani Nagara, Bangalore. KN South1 Dispensary 259 Lakshmipura main road, Madanayakanahlli, Dasampura hobli, Bangalore, North-562123 KN South1 Dispensary 260 Magadi Road.I Cross, Magadi Road,Bangalore – 560 023. KN South1 Dispensary 261 Yeshhwanthapura.Opp. to Mysore Lamps Works, Malleswarm West,Bangalore – 560 055. KN South1 Dispensary 262 Marathahalli.H.A.L New Township, Marathahalli,Bangalore – 560 037. KN South1 Dispensary 263 Bagalkot.Muchakhandi Road, Bagalkot District. KN South1 Dispensary 264 N.G.E.F(K.R.Puram II).Krishnaiahna Palya,Behind N.G.E.F,Byappanahalli, Bangalore. KN South1 Dispensary 265 Nelamangala.No. 353, Subhas Nagar, Bangalore District. KN South1 Dispensary 266 Peenya.No.107, 3rd Phase,6th Main Road, Near K.I.A.D.Housing Quarters, Near SRS Power Station, Peenya,Bangalore-560 059 KN South1 Dispensary 267 Rajajinagar – I.8/3, ‘E’ Block, I Block,I Stage,Rajajinagar,Bangalore – 560 010. KN South1 Dispensary 268 Rajajinagar – II,No.641, West of Chord Road, 2nd Stage, Basaveswaranagar, Bangalore. KN South1 Dispensary 269 Ramanagara.No:1378/4, Ijur Extn.Next to Shan Theatre, Ramanagara, Bangalore Rural District. KN South1 Dispensary 270 R.T.Nagar, (Munireddypalya).11th Main Road,I Block, R.T.Nagar, Bangalore – 560 032. KN South1 Dispensary 271 Russel Market – II.Queen’s Road, Bangalore. KN South1 Dispensary 272 Sheshadripuram.Sirurpark Road, Sheshadripuram,Bangalore – 560 020. KN South1 Dispensary 273 Singasandra.No.47, Opp. to P.H.C.Singasandra Village,Bangalore – 560 068. KN South1 Dispensary 274 Sriramapuram.7th Cross, Ramakrishna Sevanagar, Corporation High Schlool Ground, Sriramapuram,Bangalore – 21. KN South1 Dispensary 275 Subramanyapura.Krishna Weaving Mills Premises, Subramanyapura, Bangalore –560 061 KN South1 Dispensary 276 Ulsoor.Cambridge Layout, Ulsoor, Bangalore – 560 008. KN South1 Dispensary 277 Vijayanagara.No.67, Maruthi Layout, NCR Extn.,Vijayanagar,Bangalore - 560 040.(New Location=Vijayanagar1707 maruti temple Service raod Viajayanagar) KN South1 Dispensary Page69of 531 278 Vishwaneedam.Kamaskhi Palya,Vishwaneedam Post,Bangalore-79 KN South1 Dispensary 279 Viveknagar.Viveknagar,Bangalore – 560 047. KN South1 Dispensary 280 White Field.Main Road,White Field, Bangalore-66. KN South1 Dispensary 281 Wison Garden.Adugodi, Next to Mico Factory, Bangalore Diary circle,Wilson Garden,Bangalore – 560 030. KN South1 Dispensary 282 Yelahanka.NO.2001, 4th 'B' Cross, HIG, Yelahanka,Bangalore –560 064. KN South1 Dispensary 283 Anandawadi (Shahapur).Corporation Building,Goa – Ves, Belgaum - 3. KN South1 Dispensary 284 (ESIC DISPENSARY DOOR NO 48 First floor gandhi nagar)Bellary.District Hospital Compound, Bellary. KN South1 Dispensary 285 Gokak.C.T.S. No,3085 Raviwarpet, Gokak, Belgaum District. KN South1 Dispensary 286 Konnur.Konnur village, Gokak Taluk, Belgaum District. KN South1 Dispensary 287 K.S.R.T.C. Belgaum.Kotwal galli,shstri chowki.New Address= Kittur Chennamma circle,horticulture office compound beside kada office Belgaum KN South1 Dispensary 288 Peeranwadi.No- 1071, Killa Building, Sidashwara Nagar, Peeranwadi, Belgaum District.(New Address=Patil buildind second floor,Brammanagar,khanapur road,Belgaum District) KN South1 Dispensary 289 T.B.Dam.Dr. Ambedkar nagar, Venka Camp Dam Road, T.B.Dam Bellary District, Bellary. KN South1 Dispensary 290 Udayambagh.Plot No. 502, Angolarm. Bhagyanagar, Belgaum. KN South1 Dispensary 291 Yamunapura.(Indal) , B.K.Industrial Area, Yamunapur (India) Belgaum KN South1 Dispensary 292 sri Vijay rao adiga, s/o srinivas, no. 515, 7th cross, 3rd ward,B.H Road, bhadravathi KN South1 Dispensary 293 Bijapur.Almel House, Station Road, Bijapur. KN South1 Dispensary 294 Chitradurga.Nehru Nagar, II Cross,III Blcok,Holalkere Road, Chitradurga. KN South1 Dispensary 295 Davangere City.13th Cross, Devaraj Urs Layout, ‘B’ Block, Davangere – 577 006. Davangere District. KN South1 Dispensary 296 New Address : ESI dispensary Davangere near Jantha Bazaar. beside family court opp high schoolfield Davangere – 577 002 KN South1 Dispensary Page70of 531 297 KIADB Commercial complex Building first floor Belur Dharwad 580007 KN South1 Dispensary 298 Dharwad.No.1169, Navajeevan, Station Road,Saraswathi Puram,Dharwar – 582101. KN South1 Dispensary 299 Tarihal.Industrial Area, Hubli Tq., Dharwar District. KN South1 Dispensary 300 esi dispensary puttur,Hiranya Complex,Main Road,Bolwar DK District ,PUTTUR 574 201 KN South1 Dispensary 301 Hulikote.Kadhi Gramodyoga Ltd., Building Gadag Ditrict. KN South1 Dispensary 302 Gadag.Hakkapakki Building Vivekananda Road, Gadag. KN South1 Dispensary 303 kuvempunagar/M.S.K.Mills, Gulbarga.CIB Colony, Behind Central Bus Stand,Gulbarga –585 103. KN South1 Dispensary 304 Sedam.No. 3-5-87, Old Ganj Road, Sedam 585 222. Gulbarga Ditrct.New Address=patil complex chincholli cross near old petrol bunk sedam.Gulbarga District. KN South1 Dispensary 305 ESI Dispensary Shahabad Town vrindavan Dham Laxmi Gunj Shahabad pin 585228 KN South1 Dispensary 306 Wadi.No.12, 17 Junction, Chitapur Taluk, Gulbarga Dist. KN Dispensary 307 Hassan.B.Kattehalli, B.M.Road, Hassan - 573 201. KN South1 South1 308 Harihara.No.70, 2nd Cross, Gandhinagar,Harihara – 577 601. KN South1 Dispensary 309 Hubli – I.Lakhmi Plaza, Commercial Complex, P.B.Road,Hubli – 580 028. KN South1 Dispensary 310 Kunigal.No:1680, Mahaveer Nagar, Opp. Muncipal Park, Tumkur Road, Kunigal KN South1 Dispensary 311 # 1601, Murali Nilaya, Ganesha Temple Road, Viddya NRgar, Mandya-571401. KN South1 Dispensary 312 ESI Belagola dispensary, #22/-1, Hulikere, Belagola Hobli, S.R.Patna, Mandya-571428 KN South1 Dispensary 313 ESI Hospital compond, Kadri, Shivabag, Mangalore 3/(Karangalpadi.Medical care centre,Bejai church Road Karangalpadi Mangalore-3) KN South1 Dispensary 314 No. 2-21-4 1st floor, Silver Gate, Kulshekar, angalore-4 KN South1 Dispensary 315 Maddur,No.D-1-144, Leelavathi Extension, L IC Road, Maddur Town. KN South1 Dispensary Dispensary Page71of 531 Manipal Dispensary near KMC Hospital Industiral area Udupi,Manipal Pot, Manipal-576 119(New Address=ESI Manipal Dispensary ,District small Industries association, building Plot No.36-c(p),shivally Industrial Area,Alevoor road,Manipal-576104,karnataka 316 ) KN South1 Dispensary 317 Margan’s Gate.Abalya Building, No-2, Near Jeppu Margons Gate, Mangalore-2.(New Address=Irfan Center Morgan Gate MangloreIrfan Centre,Jeppu Market road,Margon gate,Mangalore-) KN South1 Dispensary 318 Panambur.1st Main Road, 4th Cross, Opp.Somayaji Factory, Industrial Estate, Bykampady,Mangalore – 575 0011 KN South1 Dispensary 319 ESID MallurNo.4138/3891,Maruthi Extension main road,Mallur KN South1 Dispensary 320 148, above Chescom office, Mysore-Hunsur road, Hootgalli. KN South1 Dispensary 321 436-E, A.V.Complex, Hebbal Ring Road, Near Royal In Hotel, Hebbal Industrial Area. Mysore KN South1 Dispensary 322 Hunsur.No.3617,Court Road, Hunsur, Mysore District, Myore-571 105.(New address=1833/27 R.Ramu house, hotel gokul road , hunsur,mysore district). KN South1 Dispensary 323 Mysore Central.Krishnavilas Road,Mysore – 24. KN South1 Dispensary 324 C/O NATRAJ # 03,"SUSHEELA",5TH PHASE,JTK LAYOUT,ADICHUNCHANAGIRI MAIN ROAD,KUVEMPU NAGAR,MYSORE KN South1 Dispensary 325 N.R.Mohalla.Bademakan Area, N.R.Mohalla, Mysore. KN South1 Dispensary 326 V.V.Puram.83 A, 8th Main Raod, Vinayaka Nagar, Mysore - 570 012.(New addressV.V.Puram,4B,3rd main road,Mysore, ph: 821-2512089 ) KN South1 Dispensary 327 Nanjangud – I. ESI Dispensary Complex,Sujatha puram,Near Appolo Circle,Nanjangud – 571 302. KN South1 Dispensary 328 Raichur.Sree Hotel Complex, No.11.09-13, Patel Road,Raichur – 584 101. KN South1 Dispensary Page72of 531 329 Robertsonpet.Robertsonpet, District Hospital, K.G.F KN South1 Dispensary 330 Shimoga.B.H. Road Cross, Galib Saheb Street, Lashkar Mohalla, Shimoga-577201. KN South1 Dispensary 331 Tumkur.No.106, 1st Main Road, St. Marry's Convent Road, Gandhinagar,Tumkur - 572 102 KN South1 Dispensary 332 Udupi. Kannimulki,Udupi - 576 101. KN South1 Dispensary 333 Karkala.City Nursing Home, , Karkala, Udupi Dist. KN South1 Dispensary 334 New Address : E.S.I DISPENSARY, "SANIDHYA"KNDHESHWA A TEMPLE ROAD , KUNDAPURA KN South1 Dispensary 335 BASAVANDAGUDI DIAGNOSTIC CENTRE,North Anjaneya Temple Street, Basavanagudi, BANGALORE560004. KN South1 Hospital 336 ESI Hospital, Indranagar,Bangalore-38 KN South1 Hospital 337 esi hosptal peenya,peenya 1st stage.near fti industrial area KN South1 Hospital 338 II Black, Rajajinagar Bangalore, KN India- Same as before, site is just shifting from existing to new premises KN South1 Hospital 339 BELGAUM Medical Superintendent, ESI Hospital, Ashok Nagar, Nr. BUDA Office, At Post Shivajinagar, BELGAUM-16. KN South1 Hospital 340 DAVANAGERE Medical Superintendent, ESI Hospital, 08192-227963 Nituvalli Extension, DAVANAGERE. KN South1 Hospital 341 Kharwar road,Hubli KN South1 Hospital 342 Hospital,Mangalore,ESIH Premises, Kadri Shivabagh, Mangalore KN South1 Hospital 343 ESI Hospital, KR Rd,Mysore,570020 KN South1 Hospital 344 DANDELI Medical Superintendent, 08284-289220 ESI Hospital, Dandeli, DIST. UTTAR KANNADA. KN South1 Hospital 345 ESI Corporation, Panchdeep Bhawan, No.10, Binny Peth, Binny Fields Bangalore-560023 Karnataka KN South1 RO 346 Bommasandra,No-23,9thb,C main Btm Ring road.Opposite IOC Petrol Bunk.Pin:560029 Bangalore KN South1 SRO 347 Peenya SRO,Harini Towers, 3rd Main, 3rd Cross, Opposite ring Road, Near FTI Industrial Area, 1hwantpur, Bangalore. KN South1 SRO 348 No. 160/7, 837/02 Avaragere Road, Bidadi, Ramanagar district KN South1 Dispensary 349 Directorate of ESICMedical Services S.Nijali nagappa road ,Rajajinagar KN South1 SD Page73of 531 350 3rd and 4rth floor,Dallas Heights,Dollar Colony ,Gokul Rd,Hubli-580030Correct Address - ESI Corporation, Sub regional office, Sarvodaya circle, Keshwapur, Hubli 580023) KN South1 SRO 351 ESIC SRO I floor, Citypoint Navbharat Circle, Kodialbail Manglore KN South1 SRO 352 ESI SRO,First Floor, Above ESI Dispensary Bademakan area,N.R.Mohalla Mysore. KN South1 SRO 353 Divisional Office.E.S.I Corporation,Swagat,Plot no.15,Arihant Nagar,Sedam Road,Gulbarga-585105 KN South1 SRO 354 Laggere main road, peenya post, Bangalore KN South1 Dispensary 355 ESI Dispensary,D.R Venkadesh,DRV Plaza,Old Bus Stop,BB road,Devanahalli,Bangalore KN South1 Dispensary 356 ESIC Hospital,Dean Office,Medical college,Sedam Road,Gulbarga. KN South1 Hospital 357 Plot No.8-5-488/55, Laxmi Narayana Krupa, Near Water Tank, Indrakila Nagar, Gadag Road, Koppal KN South1 BO 358 ESIC College of Nursing, No. 70, Appareddy Palya, 7th Main, Indiranagar, Bangalore-560 008. KN South1 Hospital Page74of 531 Annexure 22 - ESIC Location Address with Site Code Sr. No. Address State Zon e Location Type BO BO 1 BO, Factory Ward Dispensary Compound,Alappuzha-688 001 Kerala Sout h2 2 BO, Near KSRTC Bus Station, N.H.,Kayamkulam,Alappuzha Kerala Sout h2 3 ESIC BO, KAP Commercial Centre, Railway Station Road, Alwaye – 683101 Kerala 4 ESIC BO, Near St Johns College, Anchal - 691306 Kerala 5 ESIC BO, Building No 29, M/XVI, 1st Floor, Puthussery Towers, Angamaly-683 572 Kerala 6 Karippai Complex, South Junction, Chalakudy .680307 Kerala Sout h2 Sout h2 7 ESI BO,“Mukthi”, Building No 005,Ward No 13, Near Thirumukk, Chathannur(P.O) Kerala Sout h2 8 2nd FLOOR, BROTHERS COMPLEX, BPL KOOTTUPATHA, PALAKKAD, 678007 Kerala 9 BO, 110B/22, Nadakkav, Cherthala, Alappuzha District Kerala Sout h2 Sout h2 10 ESI HOSPITAL PREMISES ERNAKULAM NORTH ERNAKULAM - 682 018 Kerala Sout h2 11 New Address : ESIC Branch Office Thoppumpady, Shenoy Bhavan , Odampally lane , Thoppumpady, Ernakulam.) Kerala 12 BO,Vettoor Building, MC Road, Ettumanoor Kerala 13 ESI BO, Vadakkemuri Building, Ezhukone -691 505 Kerala 14 Calicut-Shornur Road,Cheruvannur,Feroke-673 631 Kerala Sout h2 Sout h2 Sout h2 Sout h2 15 Bldg. No.XI/212,1st Floor, Municipal Bus Stand Building,Irinjalakuda-680121 Kerala Sout h2 BO 16 ESIC BO, 1st Floor,Holy Angel Shopping Centre, Kalamassery South Junction, Kalamassery- 683 104 Kerala Sout h2 BO 17 ESIC BO, Pallikandy Buildings, Opp. Basic Training School, Kannur 670002 Kerala Sout h2 BO 18 BO,Rama Nilayam, Pada Nair Kulangara North, Karunagappalli Kerala 19 ESIC BO, Fort Road, Thyalangadi, Kasargod Kerala 20 21 PAV Building, Varkala Road, Kallambalam 695606 Chakkarothukulam, Kannur Road, Kozhikode - 673006 Kerala Kerala Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout Page75of 531 BO BO BO BO BO BO BO BO BO BO BO BO BO BO BO BO h2 22 Unity Building, IInd Floor, Opp.to M.D.Commercial Centre, K K Road, Kottayam." Kerala 23 Puthiyapalam,Kallayi, Kozhikode Kerala Sout h2 Sout h2 24 ESIC BO, Sabari Complex, Munnam Kutti, Kilikollur, Kollam691004 Kerala Sout h2 BO 25 ESIC BO, First Floor, Door No 11/587, Hospital Road, Kunnumpuram, Fort Kochi - 682001(1/1907/A-1, Rajagiri Building, Kunnumpuram, Fort Kochi, Pin - 682001) Kerala Sout h2 BO 26 Bldg. No. 6/239,Kanniparamba Road, Mavoor,Kozhikode- 673 661 Kerala 27 BO, Edathamara Building, Mele Vellur P O, Kottayam Kerala 28 J.P.Tourist Home, Paikada,Kollam- 691 001 Kerala 29 ESI Dispensary , Kottarakkara,Chandamukku P O , Kottarakara Pin code : 691506 Kerala 30 ESIC BO, Perumpuzha P.O, Kundara - 691504 Kerala 31 Building No. XVIII-401E, 1st Floor, Mankarathodi Building, Perinthalmanna Road, Up Hill, Malappuram Kerala 32 Convent road, Aallumoodu Jn, Neyyatinkara Kerala Sout h2 Sout h2 33 Bldg. No.XI/584,Ollur Panchayat Shopping Complex,Ollur- 680 306/BO, ESI Dispensary Compound, Near KSEB Office,Ollur P O, Thrissur - 680306 Kerala Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 BO BO BO BO BO BO BO BO BO BO 34 ESIC BO, Dickson Tourist Home, Adoor.P.O, Pathanamthitta Kerala 35 Jainmedu,Palakkad- 678 012 Kerala 36 ESIC BO, ESI Compound, Near Railway Station, Pappinissery Kerala 37 ESIC BO, SM Complex, Near Police Station, Payyannur Kerala 38 ESI BO, ESI Road, Perumbavoor - 683542 Kerala 39 ESIC BO, Near ESI Dispensary, Punaloor -691305 Kerala 40 ESIC BO, Near ESI Dispensary, Puthur - 691507 Kerala 41 ESIC BO,Ravi Mandiram, Manakkara, Sasthancotta Kerala Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 42 NEW ADDRESS: Building No.7/5-D1; Owned by Shri V. Gireesh, Vattapprambil house, Amayur Post office Road, Shoranur, Kerala Pin 679 121 (Just opposit the old Building). Kerala Sout h2 BO 43 ESIC BO, 2nd Floor, Pee Vee Complex,M M Road,Near Bus Stand, Talassery-670101 Kerala Sout h2 BO Page76of 531 BO BO BO BO BO BO BO BO 44 ESI Dispensary Compound,Algappanagar-680 302, Thrissur Kerala Sout h2 45 ESI BO,Opp. ICICI Bank, First Floor, Market Junction, Hill Palace Road, Thripunithura -682301 Kerala Sout h2 46 Shiva's Building (II 588/B & C),Mamatha Nagar,P.O. Kazhakuttom,Trivandrum - 695 582. Kerala 47 Kinfra Compound, Nalukettu Road, Koratti, Thrissur Kerala 48 BO,Panchadeep Bhavan, North Swaraj Round, Thrissur Kerala 49 ESI Compound, Near Guest House, Thycaud, Trivandrum Kerala 50 ESIC BO, UP X/383, Udyogamandal - 683501 Kerala Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 51 ESIC-BO, H. NO: 19/224, G3 & G4, Regency Tower, Vadakara673104 Kerala Sout h2 BO BO BO BO BO BO BO BO BO 52 ESIC BO, Upstairs of IOB, Station Road, Valapattanam 670010 Kerala Sout h2 53 ESIC SRO Kozhikode, Housefed Complex ( 3rd Floor ), Eranjipalam, Kozhikode Kerala Sout h2 DO 54 ESI Dispensary,Walayar,Velathavalam Road,Chandrapuram P.O, PIN-678624 Kerala Sout h2 Dispensary 55 New Address : ESI Dispensary Aroor, Thandu G Kamath Building, Puthen Arackal, Chandiroor, Cherthala P O, Alappuzha Kerala Sout h2 Dispensary 56 ESI Dispensary, Beach Ward, Thiruvambadi (PO), Alapuzha688013 Kerala Sout h2 Dispensary Dispensary Dispensary 57 ESI Dispensary Cherthala, Cherthala(PO), Alapuzha-688524 Kerala Sout h2 58 ESI Dispensary Chenganoor, Near Railway station, Chenganoor (PO), Alapuzha-689121 Kerala Sout h2 59 ESI Dispensary, Ezhupunna, cherthala, P.O,Alappuzha - 688537 Kerala 60 ESI Dispensary Factory Ward, Alapuzha-688001 Kerala Sout h2 Sout h2 61 ESI Dispensary Karimulakkal, LS(PO), Nooranadu, Alapuzha690504 Kerala Sout h2 Dispensary 62 New Address : ESI Dispensary, Kayankulam.P.O, KMC 20/221 A Palackal House Kayankulam - Punalur Road Kerala Sout h2 Dispensary 63 NEW ADDRESS: ESI Dispensary, Anugraha, Eruva West, Karilakulangara P O, Kayamkulam Kerala Sout h2 Dispensary 64 ESI Dispensary Attingal, Kizhuvalam(PO), Mamam,Attingal,Trivandrum-695104 Kerala Sout h2 Dispensary 65 ESI Dispensary Mannar, Kuttemperoor(PO), Chenganoor, Alapuzha-689623 Kerala Sout h2 Dispensary 66 ESI Dispensary Mavelikkara, Mavelikkara (PO), Alapuzha-690101 Kerala 67 ESI Dispensary, Muhamma.P.O, Alappuzha - 688 525 Kerala Sout h2 Sout h2 Page77of 531 Dispensary Dispensary Dispensary Dispensary 68 ESI Dispensary Palamel, Palamel (PO), Nooranadu, Alapuzha690479 Kerala 69 ESI Dispensary, Pathirappally, Alappuzha-688521 Kerala Sout h2 Sout h2 70 ESI Dispensary,Azhikode , Ward No: 5, Building No: 5,Near Pertrol Pump , Vankulath Vayal, Azhikode P O , Pin Code : 670009 Kerala Sout h2 Dispensary 71 Esi Dispensary Chalappuram , Esi Compound , Chalappuram (P.O) , Kozhikode, PIN-673002 Kerala Sout h2 Dispensary 72 ESI Dispensary,Chakkrothukulam,Calicut-Kannur Road, Opposite KVR-Bajaj Showroom, West Hill - 673005 Kerala Sout h2 Dispensary 73 ESI Dispensary,Chittoor,Post Office Junction, Opp. SBT ATM Centre. Chittoor PO. PIN678101 Kerala Sout h2 Dispensary 74 ESI Dispensary, Kodungaloor Road, Orumanayoor.P.O, Chavakkad - 680512 Kerala Sout h2 Dispensary 75 ESI Dispensary,Aluva No.1, Near BSNL Exchange, Alwaye - 683101 Kerala Sout h2 Dispensary 76 ESI Dispensary ,Aluva No;2 , ESI Compound, Near North Railway Station, Ernakulam-682018 Kerala Sout h2 Dispensary 77 New Address:- Dispensary, Old Railway Station Road, Angamaly, Ernakulam – 683572 Kerala Sout h2 Dispensary 78 ESI Dispensary , Athani, St Antony's Roman Catholic Church , Building No: 7/518, Chengamanadu P O , Pin - 683578 Kerala Sout h2 Dispensary 79 ESI Dispensary, Near Binanipuram Post Office, Edayar, Binanipuram.P.O, Ernakulam-683502 Kerala Sout h2 Dispensary 80 ESI Dispensary,Edappally , Building No: CC:35/1452 B&B2, Kochaleth Building , Palarivattom , Cochin – 682025 Kerala Sout h2 Dispensary 81 ESI Dispensary,Eranjipalam,Wayanad Road, Eranhipalam Junction, Eranhipalam.P.O. PIN-673006 Kerala 82 ESI Dispensary, CSEZ, Kakkanad, Kochi-682037 Kerala Sout h2 Sout h2 83 ESI Dispensary,Municipal Building, (Above SBT), Opp. BP Petrol Pump,North Kalamassery, Kalamassery Kerala Sout h2 Dispensary 84 ESI Dispensary,Karimugal, Ambalamedu Thekkinethu Building,Karimugal , Pin - 682303 Kerala Sout h2 Dispensary 85 ESI Dispensary,Near Government Hospital & ITC, Koonammavu.P.O, Ernakulam Kerala Sout h2 Dispensary 86 ESI Dispensary , North Vazhakkulam, Opposite Cathalic Syrian Bank, South Vazhakkulam , Pin Code : 683105 Kerala Sout h2 Dispensary 87 ESI Dispensary,Njarakkal Service Coop Bank Building,Njarakkal P.O. Ernakulam - 682505 Kerala Sout h2 Dispensary 88 ESI Dispensary,Opposite St.Mary's Church, Thoppumpady, Palluruthi.P.O, Kochi - 6 Kerala Sout h2 Dispensary 89 ESI Dispensary,Next to Bank of India, Bank of India Building, Market Road,North Paravoor Kerala Sout h2 Dispensary Page78of 531 Dispensary Dispensary Dispensary Dispensary 90 ESI Dispensary,Opposite INS Dronacharya, Pattalam Road, Fort Kochi - 682001 Kerala Sout h2 Dispensary 91 ESI Dispensary,Near Seemas Textiles, ESI Road, Perumbavoor – 683542 Kerala Sout h2 Dispensary 92 ESI Dispensary,ESI Compound, Near North Railway Station, Ernakulam-682018 Kerala Sout h2 Dispensary 93 ESI Dispensary, Next to AR Camp, Hill Palace P.O, Thrippunithura, Ernakulam - 682301 Kerala 94 ESI Dispensary, Udyogamandal P.O, Ernakulam -683501 Kerala Sout h2 Sout h2 95 ESI Dispensary Beypore , ESI Cheruvannur Dispensary Building, Feroke.P.O, PIN-673631 Kerala Sout h2 Dispensary 96 ESI Dispensary Cheruvannur , ESI Cheruvannur Dispensary Building, Feroke.P.O, PIN - 673631 Kerala Sout h2 Dispensary 97 ESI Dispensary Meenchanda,Cheruvannur ESI Dispensary Building, Feroke.P.O. PIN-673631 Kerala Sout h2 Dispensary 98 Esi Dispensary Chungam, Near Sales-Tax Check-post, Feroke (P.O) , PIN-673631 Kerala Sout h2 Dispensary 99 ESI Dispensary,Kallel Shopping Complex, Near Private Bus Stand, Pala Road, Thodupuzha 685584 Kerala 100 ESI Dispensary,Palakkad,Jainamedu.P.O, 678012 Kerala Sout h2 Sout h2 101 ESI Dispensary,Kakkad,Ariyal Thara, Kannur.P.O, PIN-670004 Kerala Sout h2 Dispensary 102 ESI Dispensary Kazhakoottam,Kazhakoottam(PO) Trivandrum695582 Kerala Sout h2 Dispensary 103 Sree Ganesh Complex,Near District Ayurveda Hospital,Sharada Nagar,Anangoor,Kasaragod-671121 Kerala Sout h2 Dispensary 104 ESI Dispensary Kilimanoor,Athiraanjali, Valnjeri, Kilimanoor(PO) Trivandrum-695602 Kerala Sout h2 Dispensary 105 ESI Dispensary Vilakudy, Aavaneeshwaram R S (PO), Kollam691517 Kerala 106 ESI Dispensary Anchal, Anchal (PO), Kollam-691306 Kerala Sout h2 Sout h2 107 ESI Dispensary , Asramam,Near Govt Ayurveda Hospital Asramam Kollam Pin : 691002 Kerala Sout h2 Dispensary 108 ESI Dispensary,Near Thirumukk, Karamcode.P.O, Chathannur, Kollam - 691529 Kerala Sout h2 Dispensary 109 ESI Dispensary, Puthen Thura P.O, Chavara,Kollam – 691588 Kerala Sout h2 Dispensary 110 ESI Dispensary,Perinad , Alumoodu Junction , Perinad P O , Pin – 691601 Kerala Sout h2 Dispensary 111 ESI Dispensary, Thrippalazhikam, Edakkidom P.O, Ezhukone, Kollam – 691505 Kerala Sout h2 Dispensary 112 ESI Dispensary,Erayilkadavu Kopparath Temple Road, Near Vidyadhiraja School,Kottayam,686001 Kerala 113 ESI Dispensary, Mylom.P.O, Inchakkad, Kollam - 691571 Kerala Sout h2 Sout h2 Page79of 531 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 114 ESI Dispensary Kadakkal, Asha Bhavan, Ettinkadavu,Kadakkal (PO),Kollam-691539 Kerala Sout h2 Dispensary 115 ESI Dispensary, Near Elamkulam Kunjanpillai Memorial, Kalluvathukkal.P.O, Kollam-691578 Kerala Sout h2 Dispensary 116 ESI Dispensary, Kilikollur, Kollam-Chenkotta Road, Kilikollur.P.O, Kollam 691004 Kerala 117 ESI Dispensary Kottiyam, Kottiyam(PO), Kollam-691002 Kerala Sout h2 Sout h2 118 ESI Dispensary , Kottarakkara,Chandamukku P O , Kottarakara Pin code : 691506 Kerala Sout h2 Dispensary 119 Esi Dispensary Kottakkal, Kottakkal Road, Near Mini Industrial, Kottakkal (P.O) PIN-676503 Kerala Sout h2 Dispensary 120 ESI Dispensary , Kulasekharapuram, "Kanjikkal House,Pada North,Pallimukku , near Puthiyakavu Junction, Karunagappally P O , Pin Code : 690518 Kerala Sout h2 Dispensary 121 ESI Dispensary Thrikovilvattom, Mukhathala (PO), Kollam-691577 Kerala 122 ESI Dispensary, Mulavana, Kollam - 691503 Kerala 123 ESI Dispensary,Civil Station Building, Mudavoor.P.O, Muvattupuzha Kerala 124 ESI Dispensary, Mynagappally.P.O, Kollam - 690519 Kerala 125 ESI Dispensary Nedumbana, Nallila (PO), Kollam-691515 Kerala 126 ESI Dispensary Kovalam, (Near Amma Hospital), Nedumon, Kovalam(PO), Trivandrum-695527 Kerala 127 ESI Dispensary, Paripally, Kollam - 691574 Kerala 128 ESI Dispensary, Pattathanam, ESI RDD Compound, Pattathanam, Kollam – 691001 Kerala 129 ESI Dispensary Pattazhy, Pattazhy (PO), Kollam-690522 Kerala Sout h2 Sout h2 130 ESI Dispensary,Ettumanoor,Palliparambu Buldg.,Peroor Jn.,686631 Kerala Sout h2 Dispensary 131 New Address : ESI Dispensary Pooyapally, Building No.PP4/465 ,Plavila Puthenveedu, Pooyappally, Venkode,Kollam Dist. Kerala Sout h2 Dispensary 132 ESI Dispensary, Poruvazhy P. O, Bharanickavu, Kollam(Dist.), Pin Code: 690520 Kerala 133 ESI Dispensary, Punaloor, Kollam - 691305 Kerala 134 ESI Dispensary, Puthur PO, Kollam - 691507 Kerala Sout h2 Sout h2 Sout h2 135 New Address : ESI Dispensary “GAZAL”, Mathethara Nagar, (Near Mathrubhumi Office), Kureepuzha-56, Kavanadu.P.O, Kollam691003. Kerala Sout h2 Dispensary 136 ESI Dispensary,Sachivothamapuram, Near Puthenpalli, Neelamperoor.P.O., PIN-686534 Kerala Sout h2 Dispensary Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Page80of 531 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 137 ESI Dispensary,Sadanandapuram.P.O, Kottarakkara,Kollam 691550 Kerala Sout h2 Dispensary 138 C/o Sreekala.S, Kalathoor Thekkethil, Padinjatte Kizhakke muri, Sooranadu North.P.O., Kollam -Pin - 690522 Kerala Sout h2 Dispensary 139 New Address : ESI Dispensary Thodiyoor, Gokulam, Near Driver Junction, Kallelibhagam P O, Karunagapally Kerala Sout h2 Dispensary 140 ESI Dispensary, ESI Compound, Next to ESI Hospital,Vadavathur,686010 Kerala Sout h2 Dispensary 141 ESI Dispensary Kunnathupalam, ESI Compound ,Kozhikode14 ,PIN-673014 Kerala Sout h2 Dispensary 142 NEW ADDRESS: ESI Dispensary , Kuttippuram, Near Huttippuram Mosques(near Kuttippuram High School), Malappuram , Pin code : 679571. Kerala Sout h2 Dispensary 143 ESI Dispensary,Kuthuparamba, Naravoor Road, Behind T K Petrol Pump, Kuthuparamba. PIN- 670702 Naravoor, Kerala Kerala Sout h2 Dispensary 144 ESI Dispensary,Keralapuram, Ezhamkutty, Keralapuram, Perumpuzha (P.O), Kundara – 691504 Kerala Sout h2 Dispensary 145 ESI Dispensary Malappuram, No.18/1490G&H,Varikodan tower, AK.Road, Near civil station, Malappuram Kerala Sout h2 Dispensary 146 ESI Dispensary,Mangattuparamba, Opposite Police Camp, University Road, University P.O 670561(Aquarius,8/474,Kalliyasseri Panchayath,kalliasseri,mangalathuparamb.Kannur District. IMODr.K.babu Raj- 9495416430) Kerala Sout h2 Dispensary 147 ESI Dispensary,Mavoor,Near ESI Office, ESI Compound, Mavoor.P.O. Pin -673661 Kerala Sout h2 Dispensary 148 ESI Dispensary,Mele chowa, Near Bishop House, Chowwa P.O, PIN- 670006 Kerala Sout h2 Dispensary 149 ESI Dispensary Neyyatinkara, Vlangamury Junction, Poovar Road, Neyyattinkara(PO), Trivandrum-695121 Kerala Sout h2 Dispensary Dispensary 150 ESI Dispensary,Nilambur,Kovilakam Road, Nilambur. PIN - 679329 Kerala Sout h2 151 ESI Dispensary,Near Chenathur Temple,Ottapalam,679101 Kerala Sout h2 Dispensary 152 ESI Dispensary, Pallimukk Junction No 17, EP 4/377,Enathu PO, Pathanamthitta -691526 Kerala Sout h2 Dispensary 153 ESI Dispensary,Kadampanad South.P.O, Pathanamthitta - 691553 Kerala Sout h2 Dispensary 154 ESI Dispensary,Chekkanthara Bus Stop, Parali.P.O. Pin – 678612 Kerala Sout h2 Dispensary 155 ESI Dispensary,Payyannur, Temple Road, Payyannur P.O,Pin670307 Kerala Sout h2 Dispensary 156 ESI Dispensary,ESI Compound, Near Railway Station, Pappinissery 670561 Kerala Sout h2 Dispensary Page81of 531 157 ESI Dispensary,Vrindavan Building, Above Supplyco, Kizhakkan Muthoor.P.O, Thiruvalla - 689103 Kerala Sout h2 Dispensary 158 ESI Dispensary,Chemmancherry,Pookkad,Thoraikadav Road, Near KSEB Office, Chemmanchery P.O673305 Kerala Sout h2 Dispensary 159 ESI Dispensary Puthiyara,Mankavu Road, Bypass Junction, ESI compound ,Chalappuram(P.O), PIN-673002 Kerala 160 ESI Dispensary,Vaikom,Pulinchuvadu Jn.,686141 Kerala Sout h2 Sout h2 161 NEW ADDRESS: ESI Dispensary , Kanjikode, House No: 910/18 Chadayankalay,Kanjikode west Post,Pin code – 678623 Palakkad District Kerala Sout h2 K.H Complex, Shornur - 2 Dispensary Dispensary 163 ESI Dispensary, Alagappanagar P.O- 680302 Kerala 164 ESI Dispensary,Market Road, Chalakudy.P.O - 680307 Kerala Sout h2 Sout h2 Sout h2 165 ESI Dispensary,Dharmadam, Melur Road, Near KSEB Office, Dharmadam P.O- 670106 Kerala Sout h2 Dispensary 166 ESI Dispensary,Irinjalakuda, Near LIC Office, Irinjalakkuda PO, PIN -680308 Kerala Sout h2 Dispensary 167 Building No: 10/258 F,Chalakkudy Road, aloor P O, Trichur ,Pin .. 680683 Kerala Sout h2 Dispensary 168 ESI Dispensary, Near Popular Showroom,Kunnamkulam,Kanippayyoor, Thrissur - 680517 Kerala Sout h2 Dispensary Dispensary 162 Kolappully Bus Stand Pin - 679122 Dispensary Kerala Dispensary Dispensary Dispensary 169 ESI Dispensary Karamana, Karamana(PO), Trivandrum-695002 Kerala Sout h2 170 ESI Dispensary,Karuvannur, Cheriapalam Stop, Karuvannur.P.O, PIN-680711 Kerala Sout h2 Dispensary 171 ESI Dispensary,Near Railway Gate, Koratty -680308/ESI Dispensary,Khanna Nagar, Koratty -680309 Kerala Sout h2 Dispensary 172 ESI Dispensary, Wadakkancherry, Kunnamkulam Road, Kumaranellur P O, Thrissur -680589 Kerala Sout h2 Dispensary 173 ESI Dispensary, Kuttanellur, Inside ESIC Quarters, Block No 26, Kuttanellur P O, Thrissur - 680014 Kerala Sout h2 Dispensary Dispensary 174 ESI Dispensary Madavoor, Madavoor(PO) Trivandrum-695602 Kerala Sout h2 175 ESI Dispensary, Mulamkunnathukavu, Near Medical College, Peringandoor.P.O, Thrissur - 680581 Kerala Sout h2 Dispensary 176 ESI Dispensary Navaikulam, Navaikulam(PO), Trivandrum-695603 Kerala Sout h2 Dispensary 177 ESI Dispensary, Madeera Muscan, Opp. Obl KSEB, Nedumangad, Trivandrum Kerala Sout h2 Dispensary 178 ESI Dispensary, Near ESI Hospital, Pullazhi, Olarikkara P.O, Thrissur - 680012 Kerala Sout h2 Dispensary Kerala Sout h2 Dispensary 179 ESI Dispensary, Near KSEB Office,Ollur P O, Thrissur - 680306 Page82of 531 180 ESI Dispensary,Mala, Near KSRTC Bus Stand, PO Mala Pallippuram – PIN 680732 Kerala Sout h2 Dispensary 181 ESI Dispensary,Peroorkada.P.O, Thiruvananthapuram - 695003 Kerala Sout h2 Dispensary 182 ESI Dispensary Chakkai, Pettah.P.O, Thiruvananthapuram 695024 Kerala Sout h2 Dispensary 183 ESI Dispensary,Chonadam , Moyaram Buildings , E P -8109/110/111, Pincode - 670107 Kerala Sout h2 Dispensary 184 ESI Dispensary, Poonkunnam, Opp. Sreerama Temple, Thrissur 680002 Kerala Sout h2 Dispensary 185 ESI Dispensary,Thaliparamba,7th Mile Stone, Thaliparambu P.O, PIN-670141(New Ddress=P.V Pushpavally,TMC-20/1,Thaliparamb P O ,Thrichambaram.PH No-0460-2208035. IMO-Dr.P.P Shylaja9496192388) Kerala Sout h2 Dispensary 186 ESI Dispensary , Balaramapuram,Smrithy", Vedivechankovil , Bhagavathy Nada P O, Pin Code : 695501 Kerala Sout h2 Dispensary 187 ESI Dispensary,Changanasserry, Near Vazhapalli Temple, Changanasseri - 686103 Kerala 188 ESI Dispensary,Kainatty,Opposite SBI,Vadakara, 673104 Kerala Sout h2 Sout h2 189 ESI Dispensary, Valapattanam, IOB Building, Valapattanam.P.O, PIN-670610 Kerala Sout h2 Dispensary 190 ESI Dispensary, Vazhakkad, Opposite Police Station, Vazhakkad,673640 Kerala Sout h2 Dispensary 191 ESI Dispensary,Vellur,Newsprint Nagar.P.O.,Kottayam - 686616 Kerala 192 ESI Hospital, Thiruvampadi P.O, Alappuzha 688002 Kerala 193 Olarikkara, Thrissur-680 012 Kerala Sout h2 Sout h2 Sout h2 194 ESI Hospital, Near North Railway Station, Eranakulam-682018 Kerala Sout h2 195 ESI Hospital, Pathalam Junction, Udyogamandal, Eranakulam 683101 Kerala 196 ESI Hospital, Thottada, Kannur - 670007 Kerala 197 ESI Model Super Speciality Hospital, Asramam, Kollam-691002 Kerala 198 ESI Hospital, Cheerankavu, Ezhukone, Kollam -691 505 Kerala 199 Feroke, Kozhikode - 673 631 Kerala 200 ESI Hospital, Pampuram, Parippally, Kollam - 691574 Kerala 201 202 ESI Hospital, Vadavathur, KOTTAYAM-686 010. Jainamed, Palakkad - 12 Kerala Kerala Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout Page83of 531 Dispensary Dispensary Dispensary Hospital Hospital Hospital Hospital Hospital Hospital Hospital Hospital Hospital Hospital Hospital 203 Peringandoor (P.O), Mulankunnathkavu, Thrissur Kerala 204 ESI Hospital, Peroorkkada, Trivandrum-695005 Kerala 205 RO,Panchadeep Bhavan, North Swaraj Round, Thrissur Kerala 206 ESIC Branch Office Thodupuzha, Shri Laxmi towers, Opp to Hotel Ambady, Thodupuzha-Muvattupuzha highway. Kerala 207 New building ESIC state directorate Kerala 208 RDD's Office (North Zone), Chalappuram.P.O h2 Sout h2 Sout h2 Sout h2 Hospital Hospital RO Kerala Sout h2 Sout h2 Sout h2 SRO 209 1st Floor, Door No.43/385, Paul Abrao Road, Ernakulam North, Pin - 682018. Kerala Sout h2 SRO 210 ESIC SRO, Malu's Complex, St. Francis Church Road, Kaloor, Kochi682017 Kerala Sout h2 SRO 211 RDD's Office(South Zone), ESI Compound, Polayathode, Kollam 691001 Kerala Sout h2 SRO 212 NEW ADDRESS: ESI Corporation, Sub Regional Office-Kollam, Panchdeep Bhavan, Asramam, Kollam – 691002 Kerala Sout h2 SRO 213 Ground Floor, DIMS Office, Opposite PWD Guest House, Thycaud, Thiruvananthapuram Kerala Sout h2 SRO 214 ESI Dispensary Pala, Opposite Alphonsa College, Sree Vardhan Building,Arunapuram,Pala,Kottayam – Pin Code : 686575 215 Karaikal,1st floor,housing Board Complex,Bharatiar Rd 216 Gandhinagar,puducherry,Vazhudarus rd 217 No. 9/123, Aurobindo Street, Puducherry - 605 001. 218 BO,Bouvancare Street,Mudaliarpet 219 Plot No-2,Padmini Nagar,near aanjeyar temple,Villianur Kerala Pondich erry Pondich erry Pondich erry Pondich erry Pondich erry Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 220 Medical officer incharge,ESI dispensary,149,kamarajsalai,Nedungadu,karaikal 221 Medical officer incharge,ESI dispensary,Pallor,Mahe. Pondich erry Pondich erry Sout h2 Sout h2 222 Medical officer incharge,ESI dispensary,Ariyankuppam,Puducherry Pondich erry Sout h2 Dispensary 223 Medical officer incharge,ESI dispensary,Muthialpet,No1,Debassympet,Puducherry Pondich erry Sout h2 Dispensary 224 Medical officer incharge,ESI dispensary,Vazhudavour Road,Gandhinagar,Puducherry Pondich erry Sout h2 Dispensary 225 No.29, Ist main road,Perumal Raja Gardens,Reddiarpalayam,Puducherry Pondich erry Sout h2 Dispensary Page84of 531 BO SD Dispensary BO BO BO BO BO Dispensary Dispensary 226 Medical officer incharge,ESI dispensary,Ngappanar Road,Kirumampakkam,Puducherry Pondich erry Sout h2 Dispensary 227 Medical officer incharge,ESI dispensary,Bouvankare Street,Mudaliarpet,Puducherry Pondich erry Sout h2 Dispensary 228 Medical officer incharge,ESI dispensary,No-82,Bajanai Madam street,Muthirapalyam,Puducherry 229 No.7, II Cross, Raja Rajeswar Nagar, Puducherry- 011 Pondich erry Pondich erry Sout h2 Sout h2 230 ESI Dispensary, No.72,Main Road, Sedarapet,Puducherry- Pondich erry Sout h2 Dispensary 231 Medical officer incharge,ESI dispensary,PHC building,Thirubuvanai,Puducherry. Pondich erry Sout h2 Dispensary 232 No:29,Nehru Street,Vasantha Nagar,Villianur,Puducherry-605110 Pondich erry Sout h2 Dispensary 233 NEW ADDRESS: ESI Dispensary,Draksharama road,near ITI,opposite to Yanam sub jail,Yanam,Andhra Pradesh-533464. 234 Godimedu,Pondicherry-6 Pondich erry Pondich erry Sout h2 Sout h2 235 RO,Bouvancare Street,Mudaliarpet ( New Address=REGIONAL OFFICE : PUDUCHERRYEMPLOYEES' STATE INSURANCE CORPORATION100 Feet Road, Opp. to RTO Office, Mudaliarpet,Puducherry-605004) Pondich erry Sout h2 RO 236 No. 1/104, First Floor AKDS Complex Pondy – Villupuram NH Main Road Thiruvandarkoil, Puducherry – 605 102 Pondich erry Sout h2 BO 237 Deputy Director (ESI) 1st Floor, Govt. Pharmacy Complex, Indira Nagar, Gorimedu, Puducherry Pondich erry Sout h2 SD 238 New Address : ESI Disp complex, Valakara Street, Poonthotam, Ambur TN Sout h2 BO 239 New Address :- Branch Manager,Branch Office (Aruppukottai),E.S.I. Corporation,34/11, S.R.S. Plaza (I-oor), PuthukadaiBazar, Aruppukottai - 626 101. TN Sout h2 BO Sout h2 BO Dispensary Dispensary Dispensary Hospital 240 E.S.I.Corporation, 198, Gandhi Road-III, Arakkonam-631001 TN 241 Attur.Branch Office(Attur).177.Vinayagapuram.Attur-636-102 TN 242 Ambattur.ESI Dispensary Campus.Ambattur.CHN-53 TN 243 New Address :- E.S.I.Corporation, No.1,Sunguvar Street, E.S.I.C.Dispensary Complex, Triplicane, Chennai-600005 TN 244 Avadi.ESIC.Avadi.chennai-54. TN Sout h2 Sout h2 245 George town.ESI dispensary complex.Kondithope.1st floor.No68.Dasinbridge Rd.Chennai-21 TN Sout h2 BO TN Sout h2 BO 246 E.S.I.Corporation, Plot No.95, D/14 Ind Estate, Chennai-600058 Sout h2 Sout h2 Page85of 531 BO BO BO BO 247 Kaladipet.ESIC,1049 T.H Road,ESI Dispensary Campus.Chennai-19 TN Sout h2 248 NEW ADDRESS: Sri Sai Towers, Ist Floor, New No. 102, Old No. 337, Arcot Road, Kodambakkam Chennai 600024 TN Sout h2 BO 249 E.S.I.Corporation, MIG Plot, NHI, 263/13, Bharathiar Street, Maraimalai Nagar, Chennai-603209 TN Sout h2 BO 250 E.S.I.Corporation,2-B, Mount Poonamalli Road, Nandambakkam, Chennai-600089 TN Sout h2 BO 251 E.S.I.Corporation, E.S.I.Dispensary Building(I Floor), No.111.G.S.T. Road, Pallavaram,Chennai-600044 TN Sout h2 BO 252 Villivakkam.ESI dispensary complex.Korattur.Periyar Nagar.CHN80 TN Sout h2 BO 253 No. 57A, Cooks Road, Near Church (Behind B&C Mills), Perambur, Chennai - 600 011 TN Sout h2 BO 254 No.17/A Muthiah Street (2nd Floor), near & opp. to Chinnamalai Church/L&T Office, Saidapet, Chennai-600015 TN Sout h2 BO BO BO 255 RED Hills.ESI dispensary Compund.GNT Rd.Puzhal.Chennai-66 TN Sout h2 256 E.S.I.Corporation, Mudichur road, Tambaram, Chennai-600045 TN Sout h2 BO 257 E.S.I.Corporation, Shree Venkateshwara Complex, 112,Thiruvalluvar Salai,(II Floor), Thiruvanmaiyur, Chennai600041 TN Sout h2 BO 258 E.S.I.Dispensary, Tondiarpet Complex, No.18/1, Kummalamman Koil Street, Tondiarpet, Chennai - 600 081 TN Sout h2 BO 259 E.S.I.Corporation, No.1,Sunguvar Street, E.S.I.C.Dispensary Complex, Triplicane, Chennai-600005 TN Sout h2 BO 260 Kaladipet.ESIC,1049 T.H Road,ESI Dispensary Campus.Chennai-19 TN Sout h2 BO 261 GANAPATHY.Branch Manager, Branch Office, ESI Corporation,Branch Manager, Branch Office, Panchdeep Bhawan,747-A,Dr.Radhakrishna Road,Tatabad,COIMBATORE641012. TN Sout h2 BO 262 KATTOOR.BranchManager,BranchOffice,ESICorporation,Panchde epBhawan,Kaaleswara Nagar,Kattoor,COIMBATORE-641 009. TN Sout h2 BO 263 ESIC,Ondipudur branch, 1st Floor, ESI Dispensary, 2393 Trichy Road, Ondipudur, Coimbatore -641016 TN Sout h2 BO 264 ESIC, Othakkalmandapam branch,Pollachi road, Eachanari,Coimbatore-641021( New Address-92B, Ayyappa Nagar, Om Sakthi Illam, Eachanari Post, Pollachi Main Road, Coimbatore - 641 021.) TN Sout h2 BO 265 PN PALAYAM.Branch Manager, Branch Office.ESI Corporation.Door No. 384.2nd Floor,Dr. Nanjappa Road,Coimbatore - 641 018. TN Sout h2 BO Page86of 531 266 New Address : 59J,VKR road,peelamedu,coimbatore-641004 TN Sout h2 267 Periyanaickenpalayam.Lingammal Complex, L.M.W.Road, Periyanaickenpalayam, Coimbatore - 641020. TN Sout h2 BO 268 SINGANALLUR Branch Manager, Branch Office, ESI Corporation, Panchdeep Bhawan, Near ESI Dispensary.Trichy Road, Singanallur, COIMBATORE 641 005. TN Sout h2 BO 269 SULUR Branch Manager, Branch Office, ESI Corporation, Swami Sivanandha Complex, 15B Siruvani Tank Road, Nanjappa Layout, Sulur, COIMBATORE 641402. TN Sout h2 BO 270 UDUMALPET.Branch Manager, Branch Office.ESI Corporation.Panchdeep Bhavan.Thali Road.Opp. to Panchayat Union Office, Udumalpet.COIMBATORE – 642126. TN Sout h2 BO 271 2/27 LORDS AVENUE, GANAPATHY POLYCLINIC (OPP), GANDHINAGAR, SUNDARAPURAM, COIMBATORE-641024 TN Sout h2 BO 272 E.S.I.Corporation, No.2/9, Bathrachalam Street, Manjakuppam, Cuddalore - 607001. TN Sout h2 BO 273 E.S.I.Corporation, ESI Dispensary Complex, Natham road,Dindigul - 624003 TN 274 8,mari Amman Kovil St,, KG Palayam,, Erode-638003 TN 275 PALLIPALAYAM.Branch Office(Pallipalayam).ESIC.S.P.B Colony.ERODE-638010 TN 276 Hosur.Branch Office,ESICComplex,Sipcot.Hosur-635126 TN Sout h2 Sout h2 277 Branch Office,(Dalmiapuram).ESIC.83-C Main Road,Kallakudi621651 TN Sout h2 278 KARUR.Branch Offfice(Karur.ESIC).NO-492,Jawahar Bazar(2nd floor).Head Post Office(Karur).Karur-639001 TN 279 KOVILPATTY.Branch office,ESI corp.New Road,Kovilpatti TN Sout h2 Sout h2 280 New Address :- ESI BO 11/44 HILL WARD THRIUVANANTHAPURAM MAIN ROAD KUZHITHURAI TN Sout h2 BO 281 Kumbokonam,Branch office,ESIC Building,Pidarikulam Rd.Kumbokonam-612001. TN Sout h2 BO 282 Branch Office(Munichalai),ESIC, ESI Munichalai Dispensary Building,Madurai - 620009 TN Sout h2 BO 283 Branch Office (Palanganatham),Employees State Insurance Corporation,E.S.I. Dispensary Complex,Palanganatham,Madurai 625003 TN Sout h2 BO 284 Branch Office (Thirunagar),Employees State Insurance Corporation,G.S.T.Road,Thirunagar,Madurai TN Sout h2 BO Sout h2 Sout h2 Page87of 531 BO BO BO BO BO BO BO BO 285 Branch office mettupalayam,near Bharath Bhavan,opp. old Branch office,Mettupalayam TN Sout h2 BO 286 Branch Office (Melur),Employees State Insurance Corporation,58A,Mill Road, (Near Municipal Office),Melur-625106 TN Sout h2 BO 287 METTUR.Branch Office.ESIC.ESIC Complex.Salem Camp.Mttur Dam-636-456 TN Sout h2 BO 288 New Address :- New No 26/Old No 85,86, Thalavai Street,Meenakshipuram, Nagercoil 629001 TN 289 New Address : 61/K/11,BANK LANE OOTY TN 290 Branch Office (Paravai),Employees State Insurance Corporation,E.S.I. Dispensary Complex,Ammankoil street. Paravai - 625404. TN 291 E.S.I.Corporation,73-A,Dindigul Road,Palani-624602 TN 292 Palladam BO No110, mangalam road palladam-641664 TN Sout h2 Sout h2 Sout h2 293 Branch Office Poonamalle, No. 14, Trunk Road, Dhanasn Building, Poonamalle, Chennai 600056 TN Sout h2 BO 294 POLLACHI.Branch Manager, Branch Office.ESI Corporation.Panchdeep Bhawan.Coimbatore Road, Thillai Nagar.POLLACHI-642002. TN Sout h2 BO 295 E.S.I.Corporation, 160/11,Thirumayam road (Near Anna Statue), Satyamoorthi complex, Pudukottai - 620001 TN Sout h2 BO 296 E.S.I.Corporation,ESI Dispensary Upstairs, P.S.K.Nagar,Rajapalayam-626108 TN Sout h2 BO 297 E.S.I.Corporation, E.S.I.Dispensary Complex, Sipcot, Ranipet. TN Sout h2 BO 298 E.S.I.Corporation,No.1-A, Chidambaram Nagar,Sattur626203(New Address 127, Bye-Pass Road, Sattur.) TN Sout h2 BO 299 New Address : 21/1 rangasamy pillai street NO.3 thondikaradu, thiruchengode-637211 TN Sout h2 BO 300 4th floor 29/57,theerthamalai vanigavalagam three roads salem TN Sout h2 BO 301 E.S.I.Corporation,No.8,Shield road,(near police colony),ESI Dispensary(Upstairs), Sivakasi - 625123 TN Sout h2 BO 302 TENKASI, Branch office, E.S.I corp, 1 st floor, 221-D, Amman Sannathi, Tenkasi-627811 TN Sout h2 BO 303 New address=Branch Managaer,Branch Office (Theni),E.S.I. Corporation,Jayamaruthi Towers II floor,Periyakulam Road,NearRailway Station,Theni. TN Sout h2 BO 304 Thanjavur ,II nd Floor, 61/2694, south Main Street, Thanjavur 613009 TN Sout h2 BO 305 KNP PURAM.Branch Manager, Branch Office.ESI Corporation, No.39 Kaveri Street, Mahala House, Odakkadu, KNP Puram, Tiruppur 638 602. TN Sout h2 BO Sout h2 Sout h2 Page88of 531 BO BO BO BO BO 306 Tiruppur Branch Manager, Branch Office, ESIC, Panchdeep Bhawan, 416, Kongu Main Road, Tiruppur 638009 TN Sout h2 BO 307 New address :- TIRUNELVELI.Branch Office.ESIC,182/E-6/B, SN High Road, Tirunelveli ) TN Sout h2 BO 308 Trichy Branch office,ESIC.No.1,1st floor,Abdul Salam Street.kaja Nagar,Trichy-620020 TN Sout h2 BO 309 TUTICORIN.Branch office.ESI corp,164-N,North Beach Road.Tuticorin-628001 TN Sout h2 BO 310 TUDIYALUR.Branch Manager, Branch Office, ESI Corporation, Panchadeep Bhawan, ESI Disp. Compound, Viswanathapuram, TUDIALUR. TN Sout h2 BO 311 E.S.I.Corporation, No.13, IIIrd Cross Street, Vadivel Nagar, Sankaranpalayam, Vellore - 632001. TN Sout h2 BO 312 ESIC BO, S.No.805,Allampatti Village, Near Head Post Office, Virudhunagar 626001 TN Sout h2 BO 313 V.K.Puram.Branch Office.ESIC.NO-1068,Main Rd.Vikramasingapuram-627428 TN Sout h2 BO 314 Office of the RegioNRl Administrative Medical Officer ESI dispensary SingaNRllur campus, singaNRllur, coimbatore-5. TN 315 ALANGULAM.1/103,main rd,alangulam TN 316 AMBUR.21,kakachandan street,Ambur-635802 TN Sout h2 Sout h2 Sout h2 317 ANDIPATTI.6-1-363.Jakkampatti,Theni road,Andipatti-626512 TN Sout h2 318 K.Kumutha w/o Dr. narsing malu, MIG-1A-9, TNHB jothi nagar, arakonam-631001. Land mark: near talk office TN 319 ARANI.29/A,Subramanis shstri street.Arani-632301. TN Sout h2 Sout h2 320 ARALVOIMOZHI.10/60,VOC street,vadakakkur,aralvoimozhiK.K dist TN Sout h2 Dispensary Dispensary SRO Dispensary Dispensary Dispensary Dispensary Dispensary 321 ATTUR,196-A,Dr.Amritaswamy rd.Gandhipuram,Attur-636102 TN Sout h2 322 Old No.2/22M, New No.177/5, Avinashilingampalayam Street, Kaikattipudur Post, Avinashi. TN Sout h2 Dispensary 323 BAGALUR,3/18-1,Melur main rd,pelathur postbagalur-635124 TN Sout h2 Dispensary Dispensary 324 ESI dispensary,Ambattur-I,MTH RD,Ambattur,chn-600053. TN Sout h2 325 ESI dispensary,Ambattur-II,MTH RD,Ambattur,chn-600053. TN Sout h2 Dispensary 326 327 Mount Road Dispensary, EGMORE,Sathyamurty RD,Chetput,chn600031 ESI dispensary,AVADI,MTH RD,Avadi,chn-600054 TN TN Sout h2 Sout Dispensary Dispensary Page89of 531 328 EGMORE,Sathyamurty RD,Chetput,chn-600031 TN h2 Sout h2 Dispensary Sout h2 Dispensary 329 HARBOUR,39,Aiyaapa Naicken Street.george town.Chn-600001 TN 330 CHENNIMALAI.no-42,kasimuniappan koil street.chennimalai638502 TN 331 KILPAUK-I,No-1,Kilapuk garden rd.CHN-600010 TN Sout h2 Sout h2 332 KODUNGAIYUR.133.3rd Main rd.M.R Nagar.kodungayiyur.CHN600118 TN Sout h2 Dispensary 333 KONDITHOPE-I.86,Basin Bridge Road.kondithope.CHN-600003 TN Sout h2 Dispensary 334 KONDITHOPE-II.86,Basin Bridge Road.kondithope.CHN-600003 TN Sout h2 Dispensary Sout h2 Dispensary 335 KORATTUR.Perriyar Nagar,2nd Street,korattur.CHN-600080 TN 336 MANALI.No-9.Arignar ana street.5th lane,manali.CHN-600068 TN 337 MINJUR,3,gandhi Rd,minjur,Chennai,Ponneri taluk. TN 338 NANADAMBAKKAM,E-I & E-II,surgical Instrument,Plant colony,CHN-89 TN 339 PALLAVARAM,G.S.T Road.Crompet.CHN-600044 TN 340 ESI dispensary,CHOOLAI,126,Angalamman koil street,Pattalam,chn-600112 TN 341 Merged with ESICDSTNCHPER2 TN 342 PERAMBUR-II,99,Perambur High Road,CHN-600012 TN 343 6/84, avadi road, seneerkuppam, poonamallee, chennai-56 TN 344 RED HILLS.Gst Road.Red hills at Puzhal.Chennai-600066 TN 345 SAIDAPET-I.No.7 Kumaran street palavanthangal chennai6001114 TN 346 SAIDAPET-II.Richards Park.Saidapet.CHN-600015 TN 347 SEMBIUM.Near Thiru-vi-ka nagar.sembium.CHN-11 TN 348 TAMBARAM.Mudichur rd.Tambaram.CHN-600045 TN 349 ESI dispensary,ADYAR,No-3,Thiruvallur street,thiruvanmiyur,chn600041(New address= ESI despensary AdyarSholinganallure) TN 350 THIRUVOTTRIYUR-I.Thiruvottriyur high rd.CHN-600019 TN Sout h2 Sout h2 351 TONDIARPET-I.18/1,Kummalamman koil street.Tondiarpet.CHN81 TN Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Page90of 531 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 352 Sunkuvar Agraharam st, Triplicane, Chennai TN Sout h2 Dispensary Dispensary Dispensary 353 VILLIVAKKAM>9/21,Reddy street.villivakkam.CHN-600049 TN Sout h2 354 CHINNIYAMPALAYAM. AVINASHI ROAD, 1/356, CHINNATHOTTAM, CHINNIAMPALAYAM, COIMBATORE 641062 TN Sout h2 355 GANAPATHY.Dr.Radhakrishnan Road, 9th Street Corner, Tatabad,Coimbatore-641012 TN 356 KARAMADAI.34,D.M.G rd.coimbatore. TN Sout h2 Sout h2 357 KATTOR-I.7/5A.Near Tamilnadu hotel.coimbatore-641018. TN Sout h2 Dispensary Dispensary Dispensary Dispensary 358 KATTOR-II.7/5A.Near Tamilnadu hotel.coimbatore-641018. TN Sout h2 359 MADATHUKULAM. 90/91, MAIN ROAD, MADATHUKULAM, COIMBATORE 642113 TN Sout h2 Dispensary 360 504 A ,TEACHERS COLONY , NEAR CTC DEPOT, KARAMADAI ROAD , METTUPALAYAM TN Sout h2 Dispensary Dispensary 361 No.2/205, Thamaraikulam, Pollachi Main road, Pollachi TK TN Sout h2 362 ONDIPUDUR.400.Trichy road.ondipur post.coimbatore-641016. TN Sout h2 Dispensary 363 CHETTIPALAYAM ROAD, UNIVERSAL RADIATOR OPP. 1/114. PALANISAMY NAGAR, COIMBATORE-641050 TN Sout h2 Dispensary 364 NEW ADDRESS: Esi dispensary, periyar nagar,near d.s.p office, west palladam, tirupur district,palladam- 641664 TN Sout h2 Dispensary 365 PALLADAM.1/226.Kuppusamy Naidupuram,Palladam,Coimbatore Dist.-641662 TN Sout h2 Dispensary 366 NEW ADDRESS: 29, parameswarn pillai layout, pappanaickenpalayam, coimbatore- 641018 TN Sout h2 Dispensary 367 PEELAMEDU.No-6.mgr rd.peelamedu.coimbatore-641004 TN Sout h2 Dispensary 368 PERIANAICKENPALAYAM.53,Kuppuchipalyam Road, Opp. Panchayat Union, SRKV Post, Coimbatore-641020 TN Sout h2 Dispensary 369 PODANUR.132-B-2.Bharathi nagar.podanur.coimbatore dist:641023 TN Sout h2 Dispensary 370 POLLACHI THILLAI NAGAR, Coimbatore Road, Pollachi 642002 TN Sout h2 Dispensary 371 NO-16, SELVAPURAM HOUSE PERUR MAIN ROAD.COIMBATORE 641026 TN Sout h2 Dispensary 372 RAMANATHAPURAM.38,T.nagar.I floor.Trichy road.ramanthapuram.coimbatore dist. TN Sout h2 Dispensary 373 374 ESI MOBILE DISPENSARRY TRICHY ROAD, ONDIPUDHUR ( FIRST FLOOR OF ONDIPUDUR ESI BUILDING) COIMBATORE DIST SINGANALUR.30A Trichy rd.coimbatore-641045 TN TN Sout h2 Sout Dispensary Dispensary Page91of 531 TN h2 Sout h2 375 SOMANUR,8/41,church rd.somanur.coimbatore-641668 376 SOWRIPALAYAM.Upplipalayam,main rd.sowripalyam.coimbatore641028 TN 377 4/61 A & 61 B, UKN Street, Sulur TN Sout h2 Sout h2 378 THUDIALUR.20, Viswanathapuram, Thudialur, Coimbatore 641034 TN Sout h2 379 KODAMBAKKAM.No.68 4th Avenue.Ashok nagar, chennai 600083 TN 380 TIRUPPUR-I.Kongunagar.tiruppur post.tiruppur-641607 TN 381 No.5, College Road 2nd Street, OKS Building, Tiruppur - 641 602 TN 382 UPPLIPALAYAM.Varadarajapuram,coimbatore-641015 TN Sout h2 Sout h2 Dispensary Sout h2 Sout h2 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 383 VELLALUR.Park Round Road, Vellalore, Coimbatore-641111 TN Sout h2 384 No.:15-D, Ramadass Naidu Street, Puthupalayam, Cuddalore N.T., Cuddalore - 607 001 TN Sout h2 Dispensary 385 DHARMAPURI.4.130,chinnethayammal street,dharmapuri636701 TN Sout h2 Dispensary 386 DHARAPURAM NO.15, NN PETTAI STREET, POOKADAI CORNER, DHARAPURAM TN Sout h2 Dispensary 387 BEGAMBUR.no.19,Mohamadhiyapuram,NVTJ building,madurai rd,begambur,dindigul dist TN Sout h2 Dispensary Sout h2 Dispensary 388 KULATHUR.1-18-c,kulathur vill,vedasnthur talukdindigul dist TN 389 NEIKARAPATTI.8/6,qua skc nagar,neikarapatti,pallani taluk,dindigul dist TN 390 DINDIGUL.Natham rd,dindigul TN Sout h2 Sout h2 391 THADIKOMBU.136,D-1 north street,thadikombu,dindigul dist TN Sout h2 Dispensary 392 VADAMADURAI.8/1,59-B rrailway station rd,vadamadurai dindigul dist TN Sout h2 Dispensary 393 VEDASANDHUR.70-A,salai street,vadasanthur,dindigul dist TN Sout h2 Dispensary 394 EDAICODE.18/82-A,Kumaravilasam,Tambartalputan house,Edaicode TN Sout h2 Dispensary 395 NEW ADDRESS: MUTHU CASTLE, No. 70, Pappathi Kadu 2nd Street, Municipal Colony, ERODE - 638004 TN Sout h2 Dispensary 396 GOPICHETTIPALYAM.no-63,subbanan street,pariyur road,erode dist-638452 TN Sout h2 Dispensary TN Sout h2 Dispensary 397 PERUNDURAI.37,nehruji street,perundurai,erode district-638502 Page92of 531 Dispensary Dispensary Sout h2 398 GUDIYATHAM.19,periappa mudali street.Gudiyatham-632601 TN 399 IRUGUR.Ondipudur Road, NGR Puram, Irugur, Coimbatore 641103 TN 400 No 18, New st, Market road, karur TN Sout h2 Sout h2 401 ESI Dispensary, No.18/28C, Brojone Cottage, Poovanchanthi,Karungal, Kanniyakumari District, Tirunelveli Sub Region, Tamil Nadu. TN Sout h2 Dispensary 402 MARAIMALAINAGAR.28,vallal ori street.nh-1.M M Nagar.Kancheepuram District. TN Sout h2 Dispensary 403 NITHRAIVIZHAI.St. Therasa's Church Campus,,Kanjampuram, Nithravilai, K.K. dist TN Sout h2 Dispensary 404 SRIPERUMPUDUR.19-Nethaji street.D K naidu nagar.Kancheepuram District. TN Sout h2 Dispensary 405 KELAMBAKKAM.3/140-A.Pillayiar koil street.near bus stand.kelambakkam-603103 1st floor TN Sout h2 Dispensary 406 ETTAYAPURAM.Nadar Uravinmurai building,Main Road, Naduveerpatti, Ettyapuram,Kovilpatty Taluk TN Sout h2 Dispensary 407 44/I-1, East Colony, Vetneray Hospital Road, KOMARAPALAYAM, Namakkal - 638 183 TN 408 HOSUR.Sipcot colony,hosur,krishnagiri-635001 TN 409 KRISHNAGIRI,4th cross street,co-operative colony,krishnagiri635001 TN 410 KULITHURAI.18/52,Kaluvanthattai,kulithurai,K.K. dist TN Sout h2 Sout h2 411 KUNNIYAMUTHUR.8/2 cross cut rd.kunniyamuthur-641008. TN Sout h2 Dispensary 412 KUMBOKONAM.1,Pidarikulam street.Kumbokonam-612001 TN Sout h2 Dispensary 413 MADUKARAI.17-258A.Pallakat rd.Gandhinagar.Madukrai641105.9443064324 TN 414 MANINAGARAM.no-31,north veli streetmadurai-625010 TN 415 MELUR.31,new agraharammelur,madurai TN 416 MUNICHALAI.Balarangapuram,munichalai rd,madurai-625009 TN 417 PALANGANATHAM.TDK,Madurai-625007 TN 418 PARAVAI.paravai,madurai-625007 TN 419 PONNAGARAM,t.b rd,madurai TN 420 TALLAKULAM.ramo office comp,vinyakanagar,k.k. nagar.madurai20 TN 421 MANAPARAI.Thensagar alai post.manaparai-621312 TN Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Page93of 531 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 422 THIRUMANGALAM.15,8 th st,jwahar nagar,thirumangalam,madurai dist TN 423 THIRUNAGAR.thirunagar.madurai-625006 TN 424 ESI Dispensary, Door no: 322, 323, Anna Nagar, Silaiman. TN 425 KONURno-318/260.konur,mettur-636404 TN Sout h2 Sout h2 Sout h2 Sout h2 426 CAUVERY NAGAR.sathya murhy nagar,muthudyanpatty-622501 TN Sout h2 427 MYLALADUTHURAI.17,ayyarappan south streetmyladuthurai609001 TN 428 88,East Raja st Big Kancheepuram -603103 TN Sout h2 Sout h2 429 ESI Dispensary Complex, H-7, Cauvery Nagar. Namakkal - 637001 TN Sout h2 Dispensary 430 ESI Dispensary ,No: 28/85,86 Thalavai Street,,Meenakshipuram,,Nagercoil, 629 002,Kanyakumari District. Ph: 04652-231348 TN Sout h2 Dispensary 431 NAGAPATTINAM.273,sivan koil street,near GH,Nagur,Nagapattinam dist-621001 TN 432 PALLIPALYAM.s.p.b colony.namakkal dist-638010 TN 433 ESI dispensary, Veppodai : D.No 4/91-13, E. Kattur Pirivu, Elanthaikottai Post, Veppodai. thiruchengodu Taluk Namakkal Dist TN 434 NELLIKUPPAM.64,gandhi rd,nellikuppam-607105 TN 435 261/K, State Bank Lane, Ooty-1. TN 436 PALANI.dindigul rd.palani-624601 TN Sout h2 Sout h2 Sout h2 Sout h2 437 PETTAI(STATIC).1710/2a//1-1.Veeravagu nagarcheran madevi rd.pettai. TN Sout h2 Dispensary 438 PETTAI(MOBILE).277/A, Cheranmadevi rd. pettai.Tirunelveli District TN Sout h2 Dispensary 439 PEETHAPPMPATTI.6/97 A, Udumalpet Road, Pethappampatti, Coimbatore 642002 TN 440 PUDUKOTTAI.993,third north street,pudukottai-622001 TN 441 RASIPRAM.no-17,agraharam street,rasipuram-637408 TN 442 RANIPET.SIPCOT ranipet-632103 TN Sout h2 Sout h2 Sout h2 Sout h2 443 AMMAPET.118-G.cuddalore main rd,Kamaraj colony.salem-4. TN Sout h2 444 10/210-2, Gandhi Nagar, Edanganasalai, Salem Main Road, Near Old Bus Stand, ELAMPILLAI, SALEM - 637 502 TN 445 METTUR(U).Mettur dam,RS,Salem-636456 TN Sout h2 Sout h2 Sout h2 Sout h2 Page94of 531 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary TN Sout h2 Dispensary 447 Plot No. A - 36, Do No. 62/135 Y, Godavari Street, Nedunchalai Nagar, SALEM - 636005. TN Sout h2 Dispensary 448 Plot No. A - 36, Do No. 62/135 Y,Godavari Street, Nedunchalai Nagar,SALEM – 636005. TN 449 SATHUR.27-A/17,ward no-1,puravazhisalai,sathur TN 446 METTUR(L).Mettur dam,RS,Salem-636456 Sout h2 Sout h2 Dispensary Dispensary 450 SANKARI.234,Traveler's bungalow rd,Sankari.Salem dist:637301 TN 451 SEELANAICkENPATTI.9,plot 73,MGR nagar,salem-636201 TN 452 SHENCOTTAH.5, Main Road,Shencottah TN Sout h2 Sout h2 Sout h2 453 KARAIKUDI.8 & 9,mahar nnombu pottal north,karaikudi po,sivagangai-630001 TN Sout h2 Dispensary 454 NEW ADDRESS: 184b,Bye pass road,Near P.Venkateshwara mara mill ,Manamadurai-630606 TN Sout h2 Dispensary 455 SINGAMPUNERI.17,133-B,ramarkoil street,Thannakadu,annanagar,singampuneri,sivangai dist TN Sout h2 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 456 SOLINGAR,No-29,Indira nagar,wallajah rd,solingar631102 TN Sout h2 457 SRIVILLIPUTHUR.61/1.gandhi nagar,st.19th ward,srivilliputhur626125 TN Sout h2 458 PULIYUR.Cement factory building.Puliyur,karur taluk.639114 TN 459 TENKASI.57B, Railway Feeder Road,Tenkasi-627811 TN Sout h2 Sout h2 460 THIRUVELLORE.6/15,6/16.Lal Bahadur Shastri treet.Periakuppam.Thiruvellore TN Sout h2 Dispensary 461 THENI.no.9maria joseph building,govt.hospital rd.theni dist TN Sout h2 Dispensary Dispensary Dispensary Dispensary 462 THIRUCHENCODE.north mada street.Thiruchencode-637221 TN Sout h2 463 new building at No.5/1 Rajappa Nagar 1st Cross Street, near Annai Sathya Stadium, Thanjavur-613007 TN Sout h2 Dispensary 464 AMABASAMUDRAM.no-33,north car street,ambasamudram,tirunelveli dist TN Sout h2 Dispensary Dispensary 465 13, Ramanujapuram Street NANGUNERI.Tirunelveli dist TN Sout h2 466 SANKARANKOIL.143/B,main rdsankarankoil,tirunelveli dist TN Sout h2 Dispensary 467 THALAIYUTHU.82/D/20,Madurai main road,Sankar nadar post,Tirunelveli dist TN Sout h2 Dispensary 468 11, Everest Lodge Street, North High Ground, Opp - High Ground Hospital, Maharaja nagar, Tirunelveli 627011 TN 469 VIKRAMASINGAPURAM.1068,Main Road,Tirunelveli dist TN Sout h2 Sout h2 Page95of 531 Dispensary Dispensary 470 MATHUR,3/215,plot-7,ramalinga nagar,guntur-burma colony,Mathur,trichy-620007 TN Sout h2 Dispensary 471 TRICHY(STATIC).Esi hospital compound,periyamelaguparai,Trichy TN Sout h2 Dispensary 472 TRICHY(MOBILE).Esi hospital compound,periyamelaguparai,Trichy TN 473 RAMJINAGAR.Trichy-620004 TN Sout h2 Sout h2 474 ESIC Dispensary Thuvakudi SPICOT industrial estateBHEL nagar.Trichy-621015 TN Sout h2 Dispensary 475 ARUMUGANERI.15,Athangkarai Road, Attur (North) Arumaganeri, Tuticorin district TN Sout h2 Dispensary 476 KAZHUGUMALAI 27, Sankarankoil Main Road, Kazhugumalai,tuticorin dist TN 477 KOVILPATTY.new rd,tutikorin dist.628501 TN 478 TUTICORIN.164/A,north beach rd,tuticorin-628001 TN 479 UDUDMALPET(mobile).THALEE ROAD, UDUMALPET 642126 TN 480 UDUMALPET(static) THALEE ROAD, UDUMALPET 642126 TN 481 VADALUR.Plot no 30,opr plot,vadalur-607303 TN 482 VELLORE.pwd building.fort rd,vellore-632001 TN Sout h2 Sout h2 Sout h2 Sout h2 483 PERNAMBET.295,high road.perambet,vellore dist-635810 TN Sout h2 484 VANIYAMBADI.542,Maideen sahib rd,vaniyambadi,vellore dist:635751 TN 485 GUMMUDIPOONDI,No-9,G.G Nagar,Thiruvellore District TN Sout h2 Sout h2 486 AMATHUR.2-34,middle street,amathur,virudhanagar dist TN Sout h2 Dispensary 487 ARUPPUKOTTAI.21-sivasamy nadar street,aruppukottaivirudhunagar dist TN Sout h2 Dispensary 488 KARAIPATTY.2-6-41,subramaniar koil street.virudhunagar dist(New address=New Address: Nivetha Illam, Muthalamman Koil Street(east), Achampatti, karaipatty,Virudhunagar district.) TN Sout h2 Dispensary 489 PERNAICKENPATTY.3/19,south street,pernaickenpatty,virudhanagar dist TN Sout h2 Dispensary 490 VIRALIMALAI>1/207-B,Pichhai kothanar street,virallimalai621316 TN Sout h2 Dispensary 491 RAJAPALYAM.Kumarasamy raja nagar.,rajapalyam,Virudhanagar dist TN Sout h2 Dispensary 492 493 SANKARALINGAPURAM..3-115,south street,sankaralingapuram,virudhunagar dist SIVAKASI.sivakasi west,virudhanagar dist TN TN Sout h2 Sout Dispensary Dispensary Sout h2 Sout h2 Sout h2 Page96of 531 Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary h2 494 THAYILPATTI.1/131,nadar nadu street,patchyapuram,thyalpatti,sivakasi Tk,virudhanagar dist TN Sout h2 Dispensary 495 TIRUTHANGAL.12-D-2,E & F pandian nagarsundaram IIIam,virudhanagar dist TN Sout h2 Dispensary 496 VANUR.2/40,gandhi nagar,thiruchitrambalam koot rd,vanur,villupuram dist-605111 TN Sout h2 Dispensary 497 1/6 AA Road, Head post office back side, Virudhunagar 626001 TN Sout h2 Dispensary 498 MELVISHARAM.120,annsalai,opp.tel exchange.walajah taluk632509 TN 499 ESI Hospital, Varadharajapuram, Coimbatore-641015 TN 500 Vinayaga nagar talakulam madurai TN Sout h2 Sout h2 Sout h2 501 RAMO office ESI Hospital, Varadharajapuram, Coimbatore641015 TN Sout h2 RAMO Sout h2 RAMO 502 RAMO office ESI Hospital,Kolapatty,Salem. TN 503 RAMO office No,22,Perambur High Road,CHN-600012 TN 504 ESI hospital.Aiyanavaram.CHN-23 TN 505 KK nagar.ESI hospital.Chn-78 TN 506 ESI Hospital,Hosur,Sipcot,Hosur-635126 TN 507 Madurai - ESI Hospital, Thathaneri,Madurai - 18 TN 508 ESI Hospital,Kolapatty,Salem. TN 509 ESIC Tirunveli Hospital, Salai street vannar Pethai, Tirunveli 627003 TN 510 E.S.I.Hospital,Milaguparai,trichy,Tamilnadu TN Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Sout h2 Dispensary Hospital RAMO RAMO Hospital Hospital Hospital Hospital Hospital Hospital Hospital 512 Govt. ESI Hospital,Sivakasi-626124,Virudhunagar District TN Sout h2 Sout h2 513 Regional office, 143, Sterling Road, Nungambakkam, Chennai TN Sout h2 RO 514 SALEM,ESIC,2nd& 3rd Floor,Theerthamalai Vaniga Valagam.29/57,Three Roads,Salem-636009. TN Sout h2 SRO 515 20/25, Thennampalayam Road, Ammani Aruna Complex, Annur 641653 TN 516 2/3C, Sathy Main Road,Sarkar Samakulam 641107 TN 511 E.S.I.Hospital, Vellore - 632001, Vellore District. TN Sout h2 Sout h2 Page97of 531 Hospital Hospital Dispensary Dispensary 517 Directorate of Medical and rural, 359 annasalai teynampet, chennai TN Sout h2 Sout h2 TN 518 E.S.I.Corporation,2nd West Street,K.K.Nagar,Madurai-20 SRO 519 ESIC Sub RegioNRl Office, (Adj. to ESIC Hospital) Salai Street, VanNRrpettai, Tirunelveli - 627 003 TN Sout h2 SRO 520 ESI dispensary -Panjati : No141B, Mettu st, Panjati . Thiruvallur Dist, PINCODE- 601201 TN Sout h2 Dispensary 521 ESI Dispensary - Oragadam :11, A-Block, First floor, Suryadevi Complex, Vandalur- Walajabad main rd, Oragadam Junction.Kancheepuram-602105 TN Sout h2 Dispensary 522 ESI dispensary, Padapai :Block no15, Vandalur- Walajabad main rd,Hajiar Nagar, Padapai Post,Kancheepuram dist -601301 TN Sout h2 Dispensary 523 .ESI dispensary, Mathuranthagam: 68, Car street., Mathuranthagam, Kancheepuram dist TN Sout h2 Dispensary 524 ESI dispensary, sivagangai :Door no 49/118, Sathyamurthi Nagar, sivagangai 620 581 TN Sout h2 Dispensary 525 .ESI dispensary, Kodaikanal : 9, Black Bun compound . Naidupuram, Kodaikanal TN Sout h2 Dispensary 526 .ESI dispensary,Manavalankurichi: SUS Building, Mandaikadu Rd, Lakshmi puram, Near college,Manavalankurichi, Kanyakumari Dist TN Sout h2 Dispensary 527 ESI dispensary, Thackalay, SUS Building,1st floor opposite to police station, Thackalay,, Kanyakumari Dist TN Sout h2 Dispensary 528 ESI dispensary, Pallikonda : Plot no 25/1, Trunk rd, Pallikonda, Vellore dist TN Sout h2 Dispensary Page98of 531 SD Annexure 23 - ESIC Location Address with Site Code Sr. No. Address State Zone Location Type 1 Margaon BO, ESIC Branch office,, MargaonGoa. Goa West BO 2 NEW ADDRESS: : c/o Mr. Hamid M. Mulla Alto Duler, Opp. Sai Service, Mapusa Industrial Estate, Mapusa Goa Goa West BO 3 ESIC Panaji Branch Office, Ground floor, Panchadeep Bhavan, Ground floor, EDC Plot No 23, Patto Panaji, Goa Goa West BO 4 Phonda BO, JJ Apartment, shanti nagar, opp corporation bank, phonda, Goa Goa West BO 5 Vasco BO, ESIC Corporation,opp court high school, placino building, patromg, baina Goa.ESIC Vasco Branch Office, Opp Middle High school, Patron Baina, Vasco, Goa. Goa West BO 6 Bicholim Dispensary, ESIC Dispensary, Plot no 112, Bicholim industrial estate, Goa. Goa West Dispensary 7 Corlim Dispensary, ESIC dispensary, MGM building, corlim, Ilhas - Goa Goa West Dispensary 8 Curchorem Dispensary, ESIC Dispensary, Makay Building, 1st floor, near, railway station, Goa Goa West Dispensary 9 ESI Dispensary Honda Sattari, Sunder Complex, Ground Floor, Honda Market, Sattari, Goa Goa West Dispensary 10 KUNDAIM ESI DISPENSARY,1st FLOOR, GIDC ADMN BUILDING, KUNDAIM INDUSTRIAL ESTATE, KUNDAIM GOA. Goa West Dispensary 11 Mapusa Dispensary, ESIC Dispensary, GIDC building, 1st floor, industrial estate, dattawadi, Mhapusa - Goa (IDC) Goa West Dispensary 12 MARGAO ESI DISPENSARY TYPE IV QUARTERS ESI HOSPITAL COMPLEX, NR. RAJENDRA PRASAD STADIUM, MARGAO GOA. Goa West Dispensary 13 Panji Dispensay, ESIC Dispensay, Panchadeep bhavan, 1st fl, patto plaza, CO- RO office bldg.Panji - Goa Goa West Dispensary 14 Phonda Dispensary, ESIC Dispensary, Shop No 80, comerce center, phonda, Goa Goa West Dispensary 15 Sancoale Dispensary, ESIC Dispensary, Plot No 72, Industrial estate, sancoale - Goa Goa West Dispensary 16 Dr ozler forum,1st floor, Near saint endrew church,Vascodagama,Goa-403802 Goa West Dispensary Page99of 531 17 ESI Dispensary Verna, Plot no. 63, Upper Ground Floor, " SAIRAJ " building, Kesarval, Verna, Marmugao GOA. Goa West Dispensary 18 ESI Hospital, ESI Hospital Complex, Near Rajendra Prasad, Stadium, Margao Goa. Goa West Hospital 19 Regional Office, ESIC Corporation, Plot No 23, Panchdeep Bhavan,Patto Panji, Goa. Goa West RO 20 New Address: AMO, ESI Scheme, 2nd floor, Regional Office building, ESIC Corporation, Plot No. 23, Panchdeep Bhavan, Patto Panji, Goa Goa West SD Gujarat West ADMS Gujarat Gujarat West West AMO ADMS 22 23 ESI D-2 Dispenary Compound,8 -Manhar Plot, Godown Road, Rajkot AMO Office, ESI Corporation, Opp. Resham Bhavan, Modicon Godown, Lal Darwaja, Surat ADMS,General Hospital, Gotri Road, Baroda 24 New Building,ESI Corporation, ESI D-6, Near Girdharnagar Post Office, Near Municipal Primary School Ahmedabad, Gujarat India Gujarat West BO 25 D-21, Swamynarayan Society, Industrial Estate, Bapu Nagar, AHMEDABAD Gujarat West BO 26 Dariyapur,ESI Corporation, ESI D-8, Dispensary, Opposite Dariyapur Gate, Dariyapur, Ahmedabad Gujarat West BO 27 Gomtipur,ESI Corporation, Kalidas Mill Compound, Near Hasmukh Stores, Near Gomtipur Police Station, Gomtipur, Ahmedabad Gujarat West BO 28 ESI Corporation, Near Akran Estate, Avtar hotel, Noroda-Norol Highway, Isanpur, AHMEDABAD Gujarat West BO 29 Branch Office,D-37 Compound, Opp. Neelkanth Mahadev,Old Pilot Dairy,Near Shreyas Store, Kankaria Area, Jamalpur, Ahmedabad Gujarat West BO 30 Khokhara, ESI Corporation, Near Dhramajivan Flats , Bal Bhavan Rod, Municipal Snanagar, Khokhara, Ahmedabad Gujarat West BO 31 Naroda Road, Near Asarwa railway station,Opp arvind mill, naroda road , Ahmedabad Gujarat West BO 32 Branch Office, ESI Corporation, B-11, GIDC Auqrter, Opp. Shreenath Packaging Pvt.Ltd.,Naroda Industrial Estate, Ahmedabad Gujarat West BO 33 D-44 , ESI Dispensary campus, Near Odhava police station , Odhav , AHMEDABAD Gujarat West BO 21 Page100of 531 34 City Banch Office, Near Narsingh Bhagat Chhatralaya, Paldi, Ahmedabad Gujarat West BO 35 Branch Office, ESI Corporation, ESI Dispensary Compound, Nr Vinzol Railway Crossing,Vatwa, Ahmedabad Gujarat West BO 36 Rented premises at IInd floor, Rajkamal Arcade, Ankleshwar Gujarat West BO 37 Branch Manager,Branch Office,Gorwa,ESI Corporation,D-2 Disp. Building Gorwa, Baroda Gujarat West BO 38 Branch Office, Near Vivekanand School, GIDC, Manjalpur Road, Makarpura Baroda Gujarat West BO 39 Panigate, Branch Manager, Branch Office,ESI Corporation,Dispensary-5, Vaashia,BARODA Gujarat West BO 40 ESI Corporation, Chavadi Gate, Opp. Police Station, Bhavnagar Gujarat West BO 41 Branch Office, B-52, 1st Floor, Falsrutinagar, Nr. ONGC Hospital, B/h Aditi Kidney Hospital,Bharuch Gujarat West BO 42 67/8, CHH Type, 2nd Floor, Old MLA Quarter, Sector-17, Gandhinagar Gujarat West BO 43 Branch Manager, Branch Office, Halol, ESI Corporation, Near Hotel Yuvraj, Halol (P.M.) Gujarat West BO 44 ESI Corporation, Ranjitnagar, B/h Post Office, Nr. Pranami School, Jamnagar Gujarat West BO 45 Latif Memon Building, Nr. ST Stand, Station Road, Kalol Gujarat West BO 46 Branch Office, ESI Corporation, 15, Chandroday Society, Bhavpura, Kadi Gujarat West BO 47 Branch Manager, Branch Office,Kalol (PM),Vrundavan Park Society, Opp. Taluka Panchayat, Distt. Panchmahasls - 389330 Gujarat West BO 48 Branch Office, ESI Corporation, Opp. Old Telephone Exchange, Pilajigunj, Mehsana Gujarat West BO 49 ESI Corporation, Street no. 3 Mahendrapara Main Road, Morbi Gujarat West BO 50 Branch Office, Ashok Nagar, Dahyabhai Vakil Bunglow, Opp. Nadiad Panchayat, Nadiad Gujarat West BO 51 52 Branch Office, ESI Corporation, Opp. Radha Krishna Temple, Nilanjan Complex, Nr. Vallabh Estate, Navsari ESI Corporation, Kotharia Colony, Rajkot Gujarat Gujarat West West BO BO Page101of 531 53 ESI Corporation, Ghanshyamnagar, Near Meghani Baug, Opp. New Housing Board, Surendranagar(New Address=ESI Corporation, Gayatri Chambers,Nr Hotel Shiv, STRoad,Beside GEB Power station,Surendranaga) Gujarat West BO Gujarat West BO Gujarat West BO 55 Branch Office, ESI Corporation, Malini Wadi, Nr. Ratan Talkies, Opp. Gopal Chambers, Surat Branch Office, ESI Corporation, Opp. Resham Bhavan, Modicon Godown, Lal Darwaja, Surat 56 Branch Office, ESI Corporation, Room no. 144, ESIC General Hospital, Selvas Road, Chanod, Vapi - 396445 Gujarat West BO 57 ESI Corporation, Gin Para, Wankaner, Dist. Rajkot Gujarat West BO 58 ESIS, D-4 Dispensary compound, Near Police Stadium, Sahibaug, Ahmedabad Gujarat West ADMS 59 Central Medical Store,O-8, Building, New Mental Hospital Compound, Meghaninagar, Ahmedabad Gujarat West CMS 60 61 Central Medical Store, D-12 Dispensary Compound, New Mental Hospital Compound, Asarwa, Ahmedabad CMS , General Hospital, Gotri Road, Baroda Gujarat Gujarat West West CMS CMS 62 D-45, Sartanbhai house, near nagarvel hanuman amraiwadi ,Ahmedabad Gujarat West Dispensary 63 D-32, ESI Dispensary, Amraiwadi Bage-Firdos, Near Muncipal Staff Quarters, Amraiwadi, Ahmedabad Gujarat West Dispensary 64 D-7/9, Opp munjushri mill, Near petrol pump, balia limdi, Asarwa,Ahmedabad Gujarat West Dispensary 65 D-10 , Ohmnagar , old Chamanpura, Asarwa, Ahmedabad Gujarat West Dispensary 66 D-12, Meghaninagar,ESI Dispensary, New Mental Hospital Compound, Asarwa, Ahmedabad Gujarat West Dispensary 67 New Address along with pin code: - D-21, ESI Dispensary, Industrial Estate , Bapu Nagar, Ahmedabad-380024 Gujarat West Dispensary 68 D-19, Gurrat housing board, Bapunagar, Ahmedabad Gujarat West Dispensary 69 D-21, ESI Dispensary, Industrial Estate , Bapu Nagar, Ahmedabad Gujarat West Dispensary 70 D-11, Housing board colony, Chamanpura, Ahmedabad Gujarat West Dispensary 54 Page102of 531 71 Dariyapur,ESI Corporation, Dispensary D3/5/8, Opposite Dariyapur Gate, Dariyapur, Ahmedabad Gujarat West Dispensary 72 D-27/28, ESI scheme , Near Govt 'G' colony, code no 835, Gomtipur, Ahmedabad Gujarat West Dispensary 73 D-29, ESI Dispensary, Usha Talkies, Gomtipur, Ahmedabad Gujarat West Dispensary 74 D-25,Hathikhai post office, Gomtipur, Ahmedabad Gujarat West Dispensary 75 D23/24, Chartoda kabarstan, Kalidas mill compound, Gomtipur Gujarat West Dispensary 76 D-6 , Behind municipal school, Gridhanagar, Ahmedabad Gujarat West Dispensary 77 Dispensary,D-37 Compound, Opp. Neelkanth Mahadev,Old Pilot Dairy,Near Shreyas Store, Kankaria Area, Jamalpur, Ahmedabad Gujarat West Dispensary 78 D-33, ESIS, Near Madrasi Mandir, Khokhra, Ahmedabad Gujarat West Dispensary 79 D-34, ESIS, Near Madrasi Mandir, Khokhra, Ahmedabad Gujarat West Dispensary 80 D-35,Ramkrishna Mission Road , Near Railway Crossing , Mani Nagar ( East) Gujarat West Dispensary 81 D-13/14, Near Ashoka Mill , Naroda Road , Ahmedabad Gujarat West Dispensary 82 D-15, Opp. Kalyan Mill, Naroda Road, Naroda, Ahmedabad Gujarat West Dispensary 83 84 D-18, Near indian humepipe saraspur,Ahmedabad-380018 D-49, GIDC Estate, Naroda Ahmedabad Gujarat Gujarat West West Dispensary Dispensary 85 D-43,Medical Officer Incharge, ESI Dispensary, Block No. 27, Mahibhakt Society,Naroda, Ahmedabad Gujarat West Dispensary 86 D-44 , ESI Dispensary,Near chhotalalni chali,Vidyotejak, Odhav, Ahmedabad Gujarat West Dispensary 87 D-42, Near paldi bus stand , Pladi, Ahmedabad Gujarat West Dispensary 88 D-38/41, Near Laxmi Cotton Mill, opp raipur gate, Ahmedabad Gujarat West Dispensary 89 D-31, Near sewa vidyalaya, Rajpur, Ahmedabad Gujarat West Dispensary 90 D-26, Rakhial Muncipal Ayurvedik Hospital, Rakhial charrasta, Ahmedabad Gujarat West Dispensary 91 D-1 ESI Dispensary, Acher National Highway, Near Police Station, Sabarmati, Ahmedabad Gujarat West Dispensary 92 D-17, ESI Dispensary , Manchhani Maszid Saraspur , Ahmedabad Gujarat West Dispensary Page103of 531 93 D-22,Near Ambedekar hall, Saraspur,Ahmedabad Gujarat West Dispensary 94 D-18, Near indian humepipe saraspur,Ahmedabad Gujarat West Dispensary 95 D-4, Opp bombay garage , Shahibag ,Ahmedabad Gujarat West Dispensary 96 ESIS D-39/46 Kankaria Dispensary, Astodia Darwaja, Near Petrol Pump, ST Road, Ahmedabad Gujarat West Dispensary 97 D-36, Jawahar chowk, Uttamnagar,Maninagar, Ahmedabad Gujarat West Dispensary 98 D-2, Near vadaj Bus stand, Ashram Road Vadaj, Ahmedabad Gujarat West Dispensary 99 D-47 , ESI Dispensary, phased to GIDC Estate, Near vinzol railway crossing, Vatva, Ahmedabad Gujarat West Dispensary 100 D-48, Dr, Sayed House, Qutub Clinic, Nr.Golden Cinema, Vatwa Gujarat West Dispensary 101 D-30, ESI Dispensary, Near Zalta Minara, Gomtipur Gujarat West Dispensary 102 D-1, Ankleshwar ,Near Bus Stand, Station Road, Ankleshwar Gujarat West Dispensary 103 D-2, Ankleshwar ,Old Colony, GIDC, Valia Road, Ankleshwar Gujarat West Dispensary 104 Dispensary,Urmil Society, Productivity Road, Nr. Khandelwal show room, Alkapuri Baroda Gujarat West Dispensary 105 D-17 ,B/H: Swaminarayan Mandir, Atladara, Baroda Gujarat West Dispensary 106 107 108 D-8/7/13/9 ,Near Yamuna Mill, Dabhoi Road, Baroda D-18 ,C.D.Hosp. Building, Gotri Road, Baroda D-2 ,Near Gorwa Gam, Baroda Gujarat Gujarat Gujarat West West West Dispensary Dispensary Dispensary 109 D-16 ,20/105, Makarpura Gam, Makarpura, Baroda Gujarat West Dispensary 110 D-10/11 ,B/9, Block 81-83 GIDC Manjalpur,Baroda. Gujarat West Dispensary 111 D-1, Nandesari ,E.S.I.Scheme, Nandesari, Baroda Gujarat West Dispensary 112 113 D-12/3 ,Near City Bus Stand, Nawa Yard, Baroda D-15/6 ,Dandia Bazar, Nayay Mandir, Baroda Gujarat Gujarat West West Dispensary Dispensary 114 115 D-5/14/4 ,Popular Bakery, Fatehpura Char Rasta, Panigate, Baroda D-3, Bhavnagar, Anand Nagar, Bhavnagar Gujarat Gujarat West West Dispensary Dispensary 116 D-1, Bhavnagar , Vijay Automobile, Ganga Jalia Talao, Bhavnagar Gujarat West Dispensary Page104of 531 117 D-1, Bharuch ,Seva Shram Hospital Compound Bharuch Gujarat West Dispensary 118 D-4, Bhavnagar , Near Sukhadia Hanuman, Bhavnagar Gujarat West Dispensary 119 D-2, Bhavnagar , Near Petrol Pump, Vitthal Wadi, Bhavnagar Gujarat West Dispensary 120 D-1, Dhrangadhra , Old Govt.Hospital, Dhrangadhra Gujarat West Dispensary Gujarat West Dispensary Gujarat West Dispensary 122 D-1, Dispensary, Block No. 186/4, GH Type, Sector-17, Gandhinagar D-1, Halol ,Block-6, GIDC Qrt., Halol, Dist.P.M. 123 D-1, Kalol , Hotal yuvrajNear Panchmahal Steel, GIDC Kalol P.M. Gujarat West Dispensary 124 Shri Ramanbhai B. Patel's House, VillageMora Tekra, Hazira, Surat Gujarat West Dispensary 125 D-3, Jamnagar , Patel Colony, Nr.Vikash Gruh, Jamnagar Gujarat West Dispensary 126 D-1/2, Jamnagar , GIDC Udyognagar, Jamnagar Gujarat West Dispensary 127 New Add: Dr. Chapadia’s Hospital, First floor, Star Complex, ST Bus station road, Junagdh. Gujarat West Dispensary 128 D-1. Chhatraj ,Near Denish Chem. Malavkrupa Soc. Chhatral, Tal.Kalol Gujarat West Dispensary 129 130 D-1, Kadi, 1st Floor, Bhagyoday General Hospital, Station Road, Kadi D-1/3, Kalol,Near Mahendra Mill, Kalol(NG) Gujarat Gujarat West West Dispensary Dispensary 131 D-2, Kalol ,152/26, Mathurinagar Soc., Kalol(NG) Gujarat West Dispensary 132 D-1, Mehsana ,Silver Complex,Opp. Shilpa Garage,Mehsana Gujarat West Dispensary 133 KRISNA COMLEX MORBI 2 NEAR GENDA CIRCLE Pin - 363642 Gujarat West Dispensary 134 D-1/2, Nadiad ,Dahyabhai Vakil's House, Mission Rd., Nadiad Gujarat West Dispensary 135 D-1, 1st Floor Jamshed Shopping Center, B/h Ashapuri Temple, Navsari Gujarat West Dispensary 136 D-1, Porbandar , Nursing School, Dist. T.B.Centre, Porbandar Gujarat West Dispensary 137 D-3/4, Rajkot , 80 Ft. Road, Aji Vasahat, Rajkot,New Address=ESI General Hospital Rajkot Gujarat West Dispensary 138 D-2,Rajkot,8 -Manhar Plot, Godown Road, Rajkot Gujarat West Dispensary 139 D-1, Rajkot ,Kotharia Colony, 80 Ft. Road, Rajkot Gujarat West Dispensary 121 Page105of 531 140 Dispensary , D-7/4, Surat ,Gen.Hospital Bldg.,Opp. Kadiwala High School, Ring Road, Jail Darwaja, Surat Gujarat West Dispensary 141 D-1 ESI Dispensary, Sargam Complex, Near Sanjeevani Hospital, Kadodara, Surat Gujarat West Dispensary 142 D-6/9/8, Surat ,B/H: Modipon Godown, Lal Darwaja, Surat Gujarat West Dispensary 143 D-3, Salabatpura,Malini Wadi, Nr. Ratan Talkies, Opp. Gopal Chambers,Surat Gujarat West Dispensary 144 D-10, Surat ,GIDC, Plot no. 407,Opp Radhika Mill, Pandesara, Surat Gujarat West Dispensary 145 New building at 1st-2nd floor, B/h old power house, near railway under bridge, Surendranagar Gujarat West Dispensary 146 D-2, Surendranagar , GIDC Qrt.-49, Wadhvan City, Surendranagar Gujarat West Dispensary 147 D-1, Sachin ,L889-L892,Slum Clearance Qtr,.Sachin (South Guj.) Gujarat West Dispensary 148 D-2/5, Surat , B/H: Salabatpura Ploice Chowky, Surat Gujarat West Dispensary 149 D-1, Salabatpura, Malini Wadi,Nr. Ratan Talkies,Opp. Gopal Chambers, Surat Gujarat West Dispensary 150 Raj Complex, Near Hotel Gagan, Nr. Tajpur Patia, Sarkhej-Bavla Highway Road, Changodar. Ph No - 02717-250870 Gujarat West Dispensary 151 D-1, Vapi ,Near Water Tank, GIDC, Char Rasta, Vapi Gujarat West Dispensary 152 D-2/3, Vapi ,Gen.Hos.,GIDC Chanod-Silvasa Rd., Vapi Gujarat West Dispensary 153 Dhiraj Hospital,AT& Post Piparia, Ta. – Waghodiya, Dist - Vadodara, Gujarat West Dispensary 154 ESIC Hospital, Model Hospital, Nr. Hardasnagar Police Station,Bapunagar, Ahmedabad Gujarat West Hospital 155 Rajpur Hirpur Hospital, Gomtipur,Ahmedabad Gujarat West Hospital 156 Chest Disease Hospital, Nr. Naroda Railway Crossing, Naroda, Ahmedabad Gujarat West Hospital 157 158 General Hospital, Old Colony, G I D C, Valia Road, Ankelshwar General Hospital, Gotri Road, Baroda Gujarat Gujarat West West Hospital Hospital 159 General Hospital, Nr. Laxmi Floor Mill, Vitthalwadi, Bhavnagar Gujarat West Hospital 160 General Hospital, Ranjitnagar Colony, Nr. Post Office, Jamnagar Gujarat West Hospital 161 General Hospital - Kalol, National Highway,Ahmedabad, Kalol Gujarat West Hospital Page106of 531 162 General Hospital, Dudhsagar Road, Bhavnagar Road, Opp. H J Steel, Rajkot Gujarat West Hospital 163 General Hospital, Nr. New Civil Hospital, Ring Road, Surat Gujarat West Hospital 164 General Hospital, Selvas Road, Chanod, GIDC, Vapi Gujarat West Hospital 165 166 Panchdeep Bhavan, Gnd, 1st, 2nd,4th Floor, Near Income Tax Circle, Ashram Road, Ahmedabad OPD Building, Civil Hospital, Ahmedabad Gujarat Gujarat West West RO Diagnostic Center 167 Panchdeep Bhavan, 3rd Floor,Near Income Tax Circle, Ashram Road, Ahmedabad Gujarat West SD 168 SRO,Urmil Society, Productivity Road, Nr. Khandelwal Show room, Alkapuri Baroda Gujarat West SRO 169 SRO, D-7/4, Surat ,Gen.Hospital Bldg.,Opp. Kadiwala High School, Ring Road, Jail Darwaja, Surat Gujarat West SRO 170 Old income tax sqaure, Gaurakshan Road,Nidhi Plaza,Mukta Plaza Akola Maharashtra West BO 171 SH. Sudeep S jain, vidhya villa,behind hotel vanda,modholkar peth,Amravati:- 444601 Maharashtra West BO 172 AURANGABAD, Branch Manager, Branch office, ESI corporatio, ESI Hospital Complex, East wing, P-16, MIDC, Naregaon Road, SIDCO, Aurangabad-431003 Maharashtra West BO 173 BO , Near Saraswat Bank, X-25 MIDC, Waluj, Aurangabad Maharashtra West BO 174 ESIC BO Chandrapur Dr. Khan's building Bharat Bhavan Ramnagar Chandrapur Maharashtra West BO 175 Shri Mukund Kashinath Kolwale, Plot No. 97/2, 80 foot Road Near Lokmanya Hospital Chauk, Behind Canosa Convent School, Dhule Maharashtra West BO 176 ESIC BO Higanghat C/o Mohammad Istiyak Abdul Rehman Building Dr. Ambedkar Chauk Gautam ward 442301 Maharashtra West BO 177 Idgah Shopping complex, Shop no 162, Near Ajanta Chowkey, Jalgaon Maharashtra West BO 178 ESIC, ‘Panchdeep Bhavan’ ESI Hospital Premises, Behind Circuit House, KOLHAPUR411 003. Maharashtra West BO 179 C/o Shri Rajaram G.Lokare Plot No.31, Vakhar Bhag, Ichalkaranji 416115. Maharashtra West BO 180 ESIC, 4764/4765, Guruwar Peth,Gurukrupa Hospital Building, MIRAJ-416 410. Maharashtra West BO 181 B-5, Near MIDC Office, Badlapur-Kalyan Road, Ambernath. Maharashtra West BO Page107of 531 182 Sakinaka,ESIC,Panchdeep Bhavan,Plot No.7,Road no. 7,M.I.D.C. Marol,Andheri (East),Mumbai Maharashtra West BO 183 Andheri,ESIC,Panchdeep Bhavan,Plot No.7,Road no. 7,M.I.D.C. Marol,Andheri (East),Mumbai Maharashtra West BO 184 Bakul + Naigaon Branch ESIC Corporation Makrand Co-op Hosing Society Ltd.Senapati Bapat Marg,Mumbai Maharashtra West BO 185 New Address :- Borivali, ESIC, Staff quarters, Type IV-A Block 1 & 2 ESIS Hospital, Kandivali(E) Mumbai. Maharashtra West BO 186 Byculla Branch, ESI corporation,Swata Mali Bhavan,Dr. Ambedkar Road,Byculla,Mumbai Maharashtra West BO 187 New Address :- KRISHNA CHAMBERS, GROUND FLOOR, 59, NEW MARINE LINES, OPPOSITE CHURCH GATE STATION, CHURCHGATE (E), MUMBAI - 400 020 Maharashtra West BO 188 Dadar Branch, ESI Corporation.sharadashram,bhavani shankar Road,Dadar,Mumbai Maharashtra West BO 189 Delisle Road Branch, ESI corporation 126128,Shivaji nagar N.M Joshi Marg Parel,Mumbai.(New address=Delisle Road Branch,5G & 6G, Thacker Industrial Estate, N.M Joshi Marg, Delisle Road, Mumbai. ) Maharashtra West BO 190 Janhavi Building, 'A' wing, Shop no. 788, Ahire Road, Near Madhavi School, Dombivali (E), Dist. Thane. Maharashtra West BO 191 New Adddress :- 'VISION HOUSE', 14-D, Kurla Industrial Estate, Off LBS Marg, Narayan Nagar, Ghatkoper (West), Mumbai - 400086 Maharashtra West BO 192 Goregaon, ESIC, 10 Jawahar Nagar S.V.Road Goregaon(W) Mumbai. Maharashtra West BO 193 Irla, ESIC Corporation, 14/258, ESIC Nagar,New Link Road, Andheri (west),Mumbai Maharashtra West BO 194 Jogeshwari ESIC, 10 Jawahar Nagar S.V.Road Goregaon(W) Mumbai. Maharashtra West BO 195 Joshi Marg+Lower Parel Branch, ESIC 2 & 3 Irani Chawl,76/78 N.M joshi Marg,Lower Parel Mumbai.(Joshi Marg+Lower Parel Branch ,Ground floor, RO building, Panchdeep Bhavan, Lower Parel, Mumbai ) Maharashtra West BO Page108of 531 196 Kalyan,Bhagwandas Mansion, 1st floor, Shivaji Chowk, Kalyan, Dist.Thane. Maharashtra West BO 197 BRANCH OFFICE KANDIVALI, E.S.I. CORPORATION, TYPE IV-A, FLAT NO. 1 &2, ESIC HOSPITAL COMPLEX, BEHIND BEST BUS DEPOT, AKURLI ROAD, KANDIVALI EAST, MUMBAI-400 101 Maharashtra West BO 198 Branch Office ESI Corporation Vision House 14-D, Kurla Industrial Estate N.S.S. Road, Off L.B.S. Marg, NRrayan NRgar Ghatkopar (West), MUMBAI - 400 086 Maharashtra West BO 199 Lalbaug Branch,ESI Corporation M.G.M Hospital Complex, Dr S.S.Rao Road,Parel,Mumbai.(New address=Lalbaugh Branch, 5G & 6G, Thacker Industrial Estate, N.M Joshi Marg, Delisle Road, Mumbai. ) Maharashtra West BO 200 New Address :- 126/129, Shivaji Nagar, Near Bawla Masjid, N. M. Joshi Marg, Delisle Road, Mumbai Maharashtra West BO 201 Mahim Branch,ESI corporation,Dhiraj Sneh Building 1st floor ,30th road pali naka Bandra (W) mumbai. Maharashtra West BO 202 Marol,ESIC,Panchdeep Bhavan,Plot No.7,Road no. 7,M.I.D.C. Marol,Andheri (East),Mumbai Maharashtra West BO 203 ESIS Hospital Complex, L.B.S. Marg, Mulund(W), Mumbai. Maharashtra West BO 204 Primary School Building, ESIS Hospital compound, Mulund, Bhandup, Mumbai. Maharashtra West BO 205 Yashonarayan, 'C' Wing, first floor, Plot No. 403/A, Opp. Panvel Railway Station, PANVEL, Raigad Dist, Pin- 410206. Maharashtra West BO 206 NEW ADDRESS: Parel Branch,ESI corporation M.G.M Hospital complex,S.S.Rao Road,Parel,Mumbai. Mumbai, Maharashtra India Maharashtra West BO 207 New Address : Matunga Telephone Exchange, 2nd Floor, Kings Circle, Matunga (East), Mumbai - 400 019 Maharashtra West BO 208 Nurses Hostel Building, Ground Floor, ESIS Hospital Complex,Wagle Estate, Road no. 33, Thane-(W), Mumbai Maharashtra West BO 209 New Add: Mahanagar Telephone Nigam Ltd. Telephone Exchange, Charai, Thane(W). Maharashtra West BO Page109of 531 210 Mira Road ESIC Shanti Nagar Building NO. E34 Flat no. 001 Sector-1 Mira Road(E)(New Address=Mira Road ESIC Shanti Nagar Building NO. A-3 Flat no. 101 Sector-2 Mira Road) Maharashtra West BO 211 ESIS Hospital Complex, 2nd Floor. Ulhasnagar-3 Maharashtra West BO 212 ESI Scheme Hospital Compound, Nurses Hostel, Ground Floor, Sector-5, Kalwa,Vashi, Navi Mumbai Maharashtra West BO Maharashtra West BO Maharashtra West BO 214 Shivam K. V. Apartment Flat No. 12, 13, 1st Floor, Near Saibaba Mandir, Nirav Housing Society, Anand Nagar, Near BSNL Office, Vasai (W), Dist -Thane Anand Nagar, Vasai(W) Pin - 401202 Dist Thane Pin - 401202 Godrej Branch,ESI corporation,23/106,phiroj shah nagar Gogrej colony vikroli (E) Mumbai. 215 Worli Branch,ESI corporation,Atur House ,Dr annie Besent Road ,Worli naka ,mumbai. Maharashtra West BO 216 Pashan Pushpa, Patherdi fata, Ambad, Nasik422010 Maharashtra West BO 217 New Address :- Madhav Madankar ward no. 3, Navin Washat nr. Shri Gajanan maharaj Mandir. Butibori Nagpur-441108 Maharashtra West BO 218 c/o Smt Rekha Pimperkhede, Plot No 10, Madhav Nagar, Behind Dominoz Pizza outlet, Matey Square, Nagpur-440010 Maharashtra West BO 219 Esic Kalmeshwar BO, Mr. Ravindre Ganar, C/0 1st floor, Katol Road, Brahmi, Kamleshwar, Dist Nagpur Maharashtra West BO 220 Sharma House No 774, Netaji Chowk, Raibahadur Oil, KAMPTEE, Nagpur-441102 Maharashtra West BO 221 New Address : Old SRO Building, Ganesh Peth, Near Vidharbh Bazar, Nagpur Maharashtra West BO 222 NANDED, Branch Manager, Branch office, ESI Corporation, Nagina Ghat Road, Opp.city P.O. Nanded-431 601 Maharashtra West BO 223 New Address :- Sainath complex, 2nd floor Kamal chowk ,Dr. Ambedkar road Nagpur. 440017 Maharashtra West BO 224 Pachadeep Bhavan,Plot NO-4 Tribak Road, Satpur, Nasik - 422007 Maharashtra West BO 225 New Address : ESI BO, Shubh Vinayak Building, Badkas chowk, Mahal, Nagpur 440002 Maharashtra West BO 213 Page110of 531 226 Akurdi BO, Survey No 130/9, Mohan Nagar Chinchwad, Pune Maharashtra West BO 227 ESIC Branch Office- Aundh, Lavender Classic, Duplex Apartment No.4, Near Ganraj Manager Karyalaya, Baner, Aundh, Pune - 411 045 Maharashtra West BO 228 229 210/5A, Near Maharashtra chowk, Bhosari-Pune 689-690 Panchdeep Bhavan, Bibewedi, Pune Maharashtra Maharashtra West West BO BO 230 NEW ADDRESS: Plot No. C/4Mumbai Pune Highway, Near Jawahar Petrol Pump, Chinchwad, Pune- 411 019 Maharashtra West BO 231 M/s.Vaibhav Chitra Mandir Complex,Survey No. 28,Shop No. 202 to 207,Second Floor,Solapur Road, Hadapsar,Pune-411028 Maharashtra West BO 232 NEW ADDRESS: KTA Apartment,Flat No. 3 and 4, 1st Floor, Elphiston Road, Opp. Kirloskar Oil Engines, Bopodi,Pune - 411 003 Maharashtra West BO 233 NEW ADDRESS: Survey No. 201/5K/1, Pharande Chambers, First Floor, Nr. Om Hospital, Alandi Road, Bhosari, Pune 411039 Maharashtra West BO 234 Near Parmar Hospital,Mahatma Gandhi Road Lonavala-410401 Maharashtra West BO 235 Maharashtra Commercial House, OPP KSB pumps, Old Mumbai-Pune highway PimpriPune Maharashtra West BO 236 OPP Income Tax office, PMT commerical Building, Swargate Pune Maharashtra West BO 237 CTS No. 1412-1413, J.J. Chambers, (Old Chitra Talkies) Nagar Road, Yerwada, Maharashtra West BO 238 239 ESIC, S. No.311/20/21-B, “Kanchan Apartment” Radhika Road, Next to Radhika Hotel, SATARA-415 002 BO,ESIC, Rajawada Chowk, Sangli Maharashtra Maharashtra West West BO BO 240 ESI Corporation, 1553, Aalamgaon Marg, Subhash Nagar,Barshi(330, Kasaba, Kasab peth, Brahmin Galli, Balaji Building, Barshi) Maharashtra West BO 241 159-160, Laxmi Peth, Damani Nagar, SOLAPUR-413 001. Maharashtra West BO 242 Block 12/13, Asara Housing Society, Hotagi Road Solapur -- 413003(New Address=Patel Palace Ashra 4/1/12 GajrajNagar Hotagi Road Solapur ) Maharashtra West BO 243 94/1, Siddeshwar Peth, Near Begaumpeth, Police Chowky, Solapur Maharashtra West BO Page111of 531 244 ESIC BO, Row house No. A-6, New jeevan shanti co-operative society, plot no. 3 & 4, sector 3, opp. Airoli railway station (Thane end), Thane Maharashtra West BO 245 Divisional Office- Nasik, Panchdeep Bhavan, Plot no. - 4, Trimbak Road, Satpur, Nasik Maharashtra West DO 246 Dr. Shri Kamble's Building, Juna City, Bhagirathi Wadi,Dispensary no 2 Harihar Peth, AKOLA Maharashtra West Dispensary 247 Shri Gajanan Wakodkar's Building M.I.D.C. Phase No.2, Plot No. 1, Near Gajanan Uphar Gruha, Near Police Chowki,Akola. Maharashtra West Dispensary 248 SHRI K.K.Baghel's BUILDING , Shanti Niwas Station Road, Ramdas Peth, Akola. Maharashtra West Dispensary 249 ESIS Dispensary Dr. Mudliyar Compound Khaparde garden Kalantri building Amravati Maharashtra West Dispensary 250 ESIS Dispensary no. 4, Near S.T. Workshop, Chikalthana, Aurangabad Maharashtra West Dispensary 251 ESIS Dispensary no. 3, Near Mayuri Hoetel, Jalgaon road, N-11, Hadco, Aurangabad Maharashtra West Dispensary 252 ESIS Dispensary no. 2 , Khadkeshwar road, Mill Corner, Aurangabad - 431001 Maharashtra West Dispensary 253 ESIS Dispensary no. 1 , Mahaveer Complex, Maharana Pratap Chowk, Bajaj nagar, Waluj, Aurangabad Maharashtra West Dispensary 254 ESIS Chandrapur Dispensary Ramnagar Civil Line Vasekar Layout Chandrapur ,ramnagar Maharashtra West Dispensary 255 pratisham building near church station road Dhule.424001 Maharashtra West Dispensary 256 ESIS Dispensary Amalner, P. Hasmaji Premaji Shopping centre, opp. Mangalmurthi Patpedhi first floor, Amalner. 425401 Maharashtra West Dispensary 257 ESIS Dispensary Chalisgaon, Plot No. 225, Ward No. 19.Opposite Pardeshi Boarding Laxmi Nagar chalisgaon.424101. Maharashtra West Dispensary 258 ESI Dispensary no.2, Plot no. 61A, Ayodhya Nagar, Near National Seeds Corporation, Old MIDC, Jalgaon pin 425003. Phone 02571122219 Maharashtra West Dispensary 259 INDUSTRIAL ESTATE , ICHALKARANJI416115 , (DIST. KOHLAPUR) Maharashtra West Dispensary 260 261 262 Nagala Park, 443 Sitaram Bldg, Nagla Park Kolhapur. 1391/E, Shau Nagar, Rajampuri, Kolhapur. 1827/B, A-Ward, Tarabai Park, Kolhapur. Maharashtra Maharashtra Maharashtra West West West Dispensary Dispensary Dispensary Page112of 531 264 Esic Dispensary No. 1, Plot No.3, Heam kamal, opposite civil court jilha peth Jalgaon. 425001. Swamiraj Shikhare Bldg, Behind Balantrao Marathe kanya vidyalaya, Shivaji Nagar, Miraj 265 ESI Sion Dispensary, 202 Royal Apartment, 2nd floor, Bhau Daji Road, Extn, Opp north Indian Association Hall, Behind Sion Hospital, Sion West Maharashtra West Dispensary 266 EISS Specialist Center, Masjid Plaza Building, Nr. Pathare Nursery, Dr. Ambedkar Road, Kalyan (West) Maharashtra West Dispensary 267 Charkop Inds.Estate,ESIC,Local Offi Dispensary Kandivali (W) Mumbai Maharashtra West Dispensary 268 ESIS Dispensary Mulund,L.B.S Marg ,Mulund (W) Mumbai. Maharashtra West Dispensary 269 Vile Parle Dispensary,Near Nanavati Hospital, Sarojninaidu road,Vile Parle (W) Maharashtra West Dispensary 270 Esic Dispensary Ambad, CFC building midc area Ambad.Nasik-10 Maharashtra West Dispensary 271 Esic Dispensary, Ashokstumbh, Ashokstumbh near adnar ashram, Gharpure ghat, Ashokstumbh-Nasik-422002 Maharashtra West Dispensary 272 ESIS Butibori Dispensary Mr. Isuf Suban Shaikh ward no.2 Juni Vasahat Butibori Nagpur Maharashtra West Dispensary 273 Nanded,-No.1 Dispensary, Dhumpalwar building, SID No.1, Cidco nanded-431601 Maharashtra West Dispensary 274 ESIS New Subhedar Dispensary Dattatray Nagar C/o Rashid Khan Near NIT Plot No142Garden Nagpur Maharashtra West Dispensary 275 ESIS Central Store Immamwada Near Ganesh Peth Nagpur-4000003 Maharashtra West CMS 276 ESIS Bagadganj Dispensary Juna Bagadganj Garoba Maidan Dande building plot no.95 Nagpur Maharashtra West Dispensary 277 135 A, Sharma Building, Opposite Mata Mandir, Gokulpeth Nagpur. Maharashtra West Dispensary 278 IMO Shri Mudliyar's building, Gaddi Godam Chowk, Kamptee Road, Nagpur Maharashtra West Dispensary 279 ESIS Higanghat Dispensary C/o Dr. Abhay Mude Near Lakshmi Talkies Shivaji Ward Tahasil Kacheri Road Higanghat-Nagpur Maharashtra West Dispensary 280 ESIS Dispensary Sandeep Kashyap near Hockey building Kalmanna Road Kamptee Nagpur Maharashtra West Dispensary 263 Maharashtra West Dispensary Maharashtra West Dispensary Page113of 531 281 ESIS Disp. Wanadongari C/o Narendra Pachpor Plot No. 7 Rahi Treadiig Company Toll Tax Wanadongari Hingana Road Nagpur Maharashtra West Dispensary 282 Esic Dispensary, Cidco N-32\F-1 sector, saptashringi chowk, lekha nagar cidco-nasik422009. Maharashtra West Dispensary 283 ESIS Somwari Peth Dispensary Nursing Hostel Building opp. ESIS Hospital Manewada Road Nagpur Maharashtra West Dispensary 284 IMO Sellokar Bhavan, Plot No.2, Hanuman Nagar, Nagpur-09 Maharashtra West Dispensary 285 Higna Road Common Serive Center M.I.D.C Road Higna road Nagpur Maharashtra West Dispensary 286 IMO, C/o Shri Vijay Lambat's Building, Plot No. 187, Nandanvan Layout Nagpur Maharashtra West Dispensary 287 Esic Dispensary, Nashik Road- 1st-floor Administrative Building nasik municiple corporstion, nasik road-422001 Maharashtra West Dispensary 288 289 ESIS Dispensary Shri Jaiswal building Kamal Chauk Pachpawli Nagpur ESIs DispensaryHOSPITAL COMPLEX ,SATPUR Maharashtra Maharashtra West West Dispensary Dispensary 290 ESIS Mahal Dispensary Near Hindu Girls Highschool Near Shyam Talkies Nagpur Maharashtra West Dispensary 291 NANDED,No.-3 Dispensary,Narayanrao pandurangrao channawar,Building No.29/215. Somesh colony behind karla mandirNanded-461601 Maharashtra West Dispensary 292 ESIS Medical officers Ganesh Peth Vidharbha Bazar Nagpur-18 Maharashtra West Dispensary 293 NEW ADDRESS: C/o. Mrs. Kaushalya Chintaman Mankar, House no. 3172. Plot no, 16, Near Durga Mandir, Amravati Road, Wadi,Nagpur - 440023 Maharashtra West Dispensary 294 Esic Dispensary, Badage Building, Survey No. 2-61/62 Gadital hadpsar-Pune-28 Maharashtra West Dispensary 295 296 Esic Dispensary, Gavane estate, Near Thane sahkari bank landewadi bhosary-39 Old Civil Hospital, Satara Maharashtra Maharashtra West West Dispensary Dispensary 297 298 Shri Devgond Kalgond Patil, Bldg no -276, Ulhasnagar, Mahadavnagar Road, Kupwad Dist :-Sangli, Dispensary,ESIC, Rajawada Chowk, Sangli Maharashtra Maharashtra West West Dispensary Dispensary 299 300 Jawahar Hospital compond, Ist Floor, Priyadarshani Maternity Hall, Barshi 159/160, Laxmi peth Solapur Maharashtra Maharashtra West West Dispensary Dispensary Page114of 531 301 Flat no-16, MIDC,Chikalthana, Aurangabad Maharashtra West Hospital 302 ESIC Hospital,Central Road,MIDC,Andheri(E),Mumbai Maharashtra West Hospital 303 ESIS Hospital ,Near Thakur Village,Kandivali (E) Mumbai. Maharashtra West Hospital 304 ESIS Hospital ,Mulund ,L.B.S Marg ,Mulund (W) Mumbai. Maharashtra West Hospital 305 ESI corporation M.G.M Hospital Complex,S.S.Rao Road,Parel,Mumbai. Maharashtra West Hospital 306 MGM Medical College,ESI corporation M.G.M Hospital Complex,S.S.Rao Road,Parel,Mumbai. Maharashtra West PGIMSR 307 ESIS Hospital Vashi, Sector-5, Navi Mumbai, Dist. Thane. Maharashtra West Hospital 308 309 310 Gnd, 1st & 2nd floor, ESIS Hospital Complex,Wagle Estate, Road no. 33, Thane(W), Mumbai ESIS Ulhasnagar Hospital, Medical section on the same floor Maharashtra Maharashtra Maharashtra West West West Hospital Hospital AMO 311 ESIS Hospital Worli,Dr Annie Besant Road,Worli, Mumbai Maharashtra West Hospital 312 ESI Hospital, Tribak Road, Satpur. Nasik 422007 Maharashtra West Hospital 313 SOMWARIPETH NAGPUR , Medical Suprintendant,ESI Hospital, Opp. Nurse Hostel, Manewada road, Somwaripeth, Nagpur-440009 Maharashtra West Hospital Maharashtra West Hospital Maharashtra Maharashtra West West Hospital Hospital 315 316 Administrative Medical officer,ESIS-WMR Survey No.6/90. Panchdeep Bhavan, Ground Floor Bibewadi-Pune-37. Hospital,Medical Superintendent 0207462514, ESI Hospital cum ODC 0207462486,Block D-3 Survey S.No.130, Plot NO. 9.10.11 Mohan Nagar.Chichwad. Pune411019 Hotagi Road, Near Vikas nagar Solapur 317 ESI Corporation, Panchdeep Bhawan, 108, N M Joshi Marg, Lower Parel, Mumbai Maharashtra West RO 318 ESIS RO Immamwada Near Ganesh Peth Nagpur Maharashtra West AMO 319 Smt. Ushabai Vimalchand choudhary, 121, Krishana puara Ward, Near durga mandir, Durga chowk gondia Maharashtra West BO 320 C/O Vikram G Nagwani Behind sharma Hospital Near Bas Stop Railease Plot, Khamgao 444303 Maharashtra West BO 314 Page115of 531 321 Office of Commissioner ,ESIS M.G.M Hospital complex,3rd floor ,S.S.Rao Road,Parel,Mumbai(New Address=.ESI Corporation, Panchdeep Bhawan, 108,6 th Floor N M Joshi Marg, Lower Parel, Mumbai) Maharashtra West SD 322 Sub Regional Office, ESIC Corporation, Panchadeep bhavan, P-82, Naregaon Road, MIDC, Chikhalthana, Aurangabad, Maharashtra 431001 Maharashtra West SRO 323 Panch Deep Bhavan P9, Road 7, Andheri (East), Mumbai Maharashtra West SRO 324 Sub Regional Office, Thane,Employee's State Insurance Corporation,5th floor,ESIS Hospital Complex,Wagle Estate, Thane-(W) Maharashtra West SRO 325 New Address : New Bulding, Panchdeep Bhavan, Ganesh Peth, Near Vidharbha Bazar, Nagpur - 440018 Maharashtra West SRO 326 Panchdeep Bhavan, Site No.689/690, Bibewadi,Pune-411037 Maharashtra West SRO 327 Service Dispensary Bivandi, House No.381/1234 shrikrupa Apartment ,Temghar 3, pipeline naka,Kalyan Road, Bhivandi. Maharashtra West Dispensary 328 A-130, RIICO Housing, Board Colony ABU ROAD(New addrss=B-43,RIICO Housing Colony,Aburoad) Rajasthan West BO 329 Panchdeep Bhawan, Phull Bagh, Rico Industrial Area, Bhiwadi ALWAR Rajasthan West BO 330 331 Panchdeep Bhawan, Mangal vihar, Opp. All INdia Radio Hament Sadan, College Road, Rajasthan Rajasthan West West BO BO 332 333 Shri K.K. Sharma (Advocate) House, K.K Colony, National Highway, Bahror Panchdeep Bhawan, Tat Garh Road, Rajasthan Rajasthan West West BO BO 334 Panchdeep Bhawan, Ricco Industrial Area, Pachpahar Road Rajasthan West BO 335 Panchdeep Bhawan, Near E.S.I.Dispensary No.1, Pratap Nagar, Pur Road Rajasthan West BO 336 337 ESI Dispensary No-1, 'B' Block Ranjeet Nagar, Bharatpur (Rajasthan)-321001 e: Same address (In the building of dispensa Rajasthan Rajasthan West West BO BO 338 House no. 26, Kirti Nagar, Behind Chanderia Police Station, Chanderia, Chittorgarh 312001 Rajasthan West BO 339 Sugan Chand Jee Ka Nohra, Near Jain Hostel., Bhilwara Road Rajasthan West BO Page116of 531 340 341 Plot NO. 213, New Dhan Mandi,Ganganagar Road, Hanumangarh Juction Kamdhenu Complex, Ajmer Road Rajasthan Rajasthan West West BO BO 342 343 344 36/105, Pratap Nagar Housing Board Colony, Tonk Road, Jaipur Nehru Place, Tonk road,Jaipur Road No. 9, Near 32, Shop, Vishvkarma Ind Rajasthan Rajasthan Rajasthan West West West BO BO BO 345 Panchdeep Bhawan, Opp. Sati Mata Ka Than, Airforce Road Rajasthan West BO 346 NEW ADDRESS: BRANCH OFFICE H NO-1 SRINATH NAGAR,NEAR J K CIRCLE,KANKROLI,DIST-RAJSAMAND-313324 Rajasthan West BO 347 Bose Building, Near Manish Hotel, Ajmer Road, Madanganj Rajasthan West BO 348 Panchdeep Bhawan, Udyog Nagar, Near Police Station, KOTA Rajasthan West BO 349 350 Near Railway Post Office, Jodhpur Road, Pali Marwar Panchdeep Bhawan, Near Microwave Tower Rajasthan Rajasthan West West BO BO 351 Panchdeep Bhawan,Behind Kar Bhawan, Todar Mal Marg Rajasthan West BO 352 Panchdeep Bhawan Hiran Magri, Sec.4, Tagore Nagar Rajasthan West BO 353 1/3 and 1/4, Pal Link Road, First Floor, Jodhpur Rajasthan West DO 354 355 Shri Jain Shwetambar Terapathi Sabha Bhawan Balotra BEHIND FCI GODAM, BHAWANI MANDI Rajasthan Rajasthan West West Dispensary Dispensary 356 SH RAM KISHOR YADAV KA MAHAAN, AHIRO KI DHANHI, BUS STAND KE PAS , JAITPURA VAYA CHOMU , JAIPUR JAITPURA Rajasthan West Dispensary 357 DISP 11 , NO.1167 /200 , PRATAP NAGAR , HOUSING BOARD JAIPUR Rajasthan West Dispensary 358 NEW ADDRESS: Gandhi Bhawan Old satellite hospital Adarsh nagar Ajmer (305008) Rajasthan West Dispensary 359 360 New Address :- ESIC Disp no. 2, Gandhi Bhawan, Old Satellite Hospital, Adarsh Nagar, AJMER RIICO Industrial area BHIWADI ,ALWAR Rajasthan Rajasthan West West Dispensary Dispensary 361 362 363 364 365 DISP 1 ,ESIC QUARTER , SOUTH WEST BOLCK , KALA KUA,ALWAR ESI Dispensary,Matsya Industrial Area No 2 Industrial Area Dahod Road, Opp Milk Diary BEWAR COLLEGE ROAD , BEWAR DISP 3 , ESI HOSPITAL CAMPUS,Bapu Nagar Rajasthan Rajasthan Rajasthan Rajasthan Rajasthan West West West West West Dispensary Dispensary Dispensary Dispensary Dispensary Page117of 531 366 Bapu Nagar Campus, Hospital, Bhilwara Rajasthan Rajasthan West Dispensary 367 368 369 370 371 372 373 Kendriya Pariasptal Parisar GANGAPUR GEN HOSP PREMISES, GANGAPUR,Bhilwara ESI Dispensary-2,Ramdwar Road ESIC DESPENSARY Ranjeet Nagar Super bazar ,near old power station DISP 1,BIKANER KOLAYAT ROAD , BIKANER DISP 2 , RANI BAZAR , INDL AREA , BIKANER Industrial Area Chanderia Rajasthan Rajasthan Rajasthan Rajasthan Rajasthan Rajasthan Rajasthan West West West West West West West Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary Dispensary 374 375 House of Shri Rajesh prashar, Near Ghanta Ghar ,PRATAP NAGAR COLONY , DHOLPUR OLD General Hospital Rajasthan Rajasthan West West Dispensary Dispensary 376 377 OPP WEATHER DEPT ,KHEENCHI CHOWK , S. GANGANAGAR LABOUR COLONY S , GANGANAGAR Rajasthan Rajasthan West West Dispensary Dispensary 378 SH. KISHAN LAL SHARMA KA MAKAAN, NER PANCHAYAT SAMITI , NEW AABADI , VGUNJOL. THE. NATHDAWARA RAJSAMAND ,GUNJOL Rajasthan West Dispensary 379 380 c/o Gyan Swaroop Jain,Tushar Villa,Adinath Colony ,Bhilwara Road ,Gulabpura ESI Dispensary,opp Central Warehouse Rajasthan Rajasthan West West Dispensary Dispensary 381 Plat No 66, CHIROTA RD ,NARAYAN NAGAR,RIICO INDL AREA ,BAGRU,JAIPUR Rajasthan West Dispensary 382 C- 95- A, Jagraaj marg, Bapu nagar, Jaipur. 302015 Rajasthan West Dispensary 383 DISP 7 , TOPKHANA DESH ,CHANDPOLE BAZAR , JPR Rajasthan West Dispensary 384 PLT NO 35 ,SH LADU RAM TANWAR HSE ,HARDI ROAD,KANOTA , JAIPUR Rajasthan West Dispensary 385 (New building same campus)DIPS 4 , ESI HOSP. CAMPUS , LAXMI NRGAR , AJMER RD ,JAIPUR Rajasthan West Dispensary 386 387 388 (New building same campus)DIPS 8 , ESI HOSP. CAMPUS , LAXMI NRGAR , AJMER RD ,JAIPUR DISP 10 , 2/18 ,MALVIYA NAGAR , JPR DISP NO 3 , RAMGANJ CHOPA , JAIPUR Rajasthan Rajasthan Rajasthan West West West Dispensary Dispensary Dispensary 389 ESI DISP. NO. 2 , A-35,SHASTRI NAGAR , JAIPUR Rajasthan West Dispensary 390 ESI Dispensary, Plot No.91/92, Shivaji Nagar, Civil lines Jaipur, Rajasthan India Rajasthan West Dispensary 391 392 DISP 6 ,NEAR TAR GHAR ,CHOMU PULIA , SIKAR RD , JPR Road No.9 Near 32 Dukan V K I Area Rajasthan Rajasthan West West Dispensary Dispensary Page118of 531 393 394 DISP 2 , BEHIND AKASHWANI BHAWAN,JODHPUR DISP 3 , BASNI , JODHPUR Rajasthan Rajasthan West West Dispensary Dispensary 395 SH. BHIMA RAM HOUSE , MAIN CHOWK , CHURAHA BORANADA JODHPUR Rajasthan West Dispensary 396 397 398 DISP 4 , KAMLA NEHRU NAGAR,IST EXTENSION SCHEME , JODHPUR DISP 1,OPP MEDICAL CLG, JODHPUR BHILWARA ROAD , KANKROLI,RAJSAMND Rajasthan Rajasthan Rajasthan West West West Dispensary Dispensary Dispensary 399 400 PINGLOW HSE , CITY ROAD , OPP INCOME TAX BUILDING , KISHANGHAR DISP 4 , INDL AREA , KOTA Rajasthan Rajasthan West West Dispensary Dispensary 401 DISP 2 &3 , ESI HOSPITAL CAMPUS , Jhalawar Road , KOTA Rajasthan West Dispensary 402 403 DISP 1,GOVT HOSPITAL BLDG , RAMPURA KOTA ALWAR ROAD , MATILA Rajasthan Rajasthan West West Dispensary Dispensary 404 SAYED MAUKHTAR ALI KA BHAWAN NOORANI COLONI , HOTEL PRESIDENT KE BEHIND , MAKRANA Rajasthan West Dispensary 405 406 P. N.12,NEW COLONY , BEHIND PANCHAYAT SAMITI , NEEMRANA DISP , FALNA , PALI Rajasthan Rajasthan West West Dispensary Dispensary 407 DISP 1 , JODHPUR RD ,Near LMJ maruti showroom PALI Rajasthan West Dispensary Rajasthan Rajasthan West West Dispensary Dispensary Rajasthan West Dispensary 410 DISP 2 , JODHPUR RD ,Mahaveer Nagar near BSNL office, PALI Mandiya Road. RIICO INDL AREA , RD NO 6 , ABU RD , SIROHI SH B T CHULETA HOUSE BUS STAND , REEGUS 411 412 H. NO. 511 , KALI PALTAN , NEAR KRISHI UPAJ, AGARWAL BHAWAN , TONK DISP 1 , ASHOK NAGAR , UDAIPUR Rajasthan Rajasthan West West Dispensary Dispensary 413 PRAMUKH RAJASTHAN VIDHYAPEETH DABOK UDAIPUR Rajasthan West Dispensary 414 DISP 2 , NEAR KHICHI IND. INDL AREA, MADRI , UDAIPUR Rajasthan West Dispensary 415 SH. ROSHAN LALA BHANAWAt KA MAKAAN , MKHAVIR NAGAR, BAPU BAZAAR , RISHBDEV , UDAIPUR Rajasthan West Dispensary 416 DISP 3 , MIA FATEHPURA BADlA ROAD , SUKHER, UDAIPUR Rajasthan West Dispensary 417 418 ESIC Hospital,Ricco Industrial Area,Opp BKT,Near Ajanta Chowk Bapu Nagar Rajasthan Rajasthan West West Hospital Hospital 419 ESIC Hospital Laxmi Nagar Ajmer Road Jaipur(Rajasthan) 302006 Rajasthan West Hospital 408 409 Page119of 531 420 421 422 Kamla Nehru Nagar I Extension Scheme Jhalawar Road Mandiya Road Rajasthan Rajasthan Rajasthan West West West Hospital Hospital Hospital 423 Employees’ State Insurance Corporation , REGIONAL OFFICE, PANCHDEEP BHAWAN, BHAWANI SINGH MARG, JAIPUR 3020001 Rajasthan West RO 424 ESI Dispensary, Bank and Post office Building, RIICO Industrial area, Kukas, Dist. Jaipur Rajasthan West Dispensary 425 426 ESI Dispensary-khushkera, Goyal shopping complex, Tapukara tehsil Tizara, Distt. Alwar Laxmi nagar, Ajmer Road, Jaipur Rajasthan Rajasthan West West Dispensary SD 427 Sub Regional Office, E.S.I. Corporation,5, R.K. Plaza, Near Shahstri Circle, Bhupalpura, Udaipur Rajasthan West SRO 428 ESIC MODEL dispensary c/o ompraksh Abusaria, station road, new colony JHUNJHUNU Rajasthan West Dispensary Page120of 531 Annexure 24 Installation, Refreshment and Delivery Report (This Annexure is available at - Annexure (Part III) Annexure 25 Bandwidth Requirements Type Of Location Total Minimum Bandwidth to be Provisioned HO 1 Two Links of 5 Mbps BO 628 Two Links of 4 Mbps Dispensary 1301 Two Links of 2 Mbps Hospital 152 Two Links of 5 Mbps RO/SRO 59 Two Links of 4 Mbps SD 26 Two Links of 4 Mbps Other 38 Two Links 2 Mbps DC 1 Two MPLS Links of 120 Mbps, Two Internet Links of 120 Mbps Two Links between DC-DR of 60 Mbps for replication DR 1 Two MPLS Links of 120 Mbps, Two Internet Links of 120 Mbps Total Locations 2207 Page121of 531 Annexure 26 Annexure END USER LOCATION – REQUIREMENT Minimum Technical Requirements Specifications Table of Contents 1. GENERAL INSTRUCTIONS TO BIDDER ................................................................................................... 124 2. LAPTOP SPECIFICATION ....................................................................................................................... 124 3. DESKTOP SPECIFICATION ..................................................................................................................... 125 4. PRINTER/SCANNER/PHOTOCOPY SPECIFICATION ................................................................................ 126 4.1 MONO MULTIFUNCTION PRINTER SPECIFICATIONS – LOW END .......................................................... 126 4.2 MONO MULTIFUNCTION PRINTER SPECIFICATIONS – HIGH END .......................................................... 126 5. BARCODE SCANNER SPECIFICATION ..................................................................................................... 127 6. WIRELESS ACCESS POINT SPECIFICATION:........................................... ERROR! BOOKMARK NOT DEFINED. 7. ROUTER – BO &DISPENSARIES SPECIFICATION ..................................................................................... 128 8. ROUTER – ALL LOCATION OTHER THAN BO & DISPENSARIES SPECIFICATIONS ..................................... 132 9. WAN SWITCH– BO & DISPENSARIES SPECIFICATION ............................................................................ 133 10. WAN SWITCH- ALL LOCATION OTHER THAN BO & DISPENSARIES SPECIFICATION ................................ 135 11. LAN SWITCH FOR ALL LOCATION OTHER THAN BO & DISPENSARIES SPECIFICATION ............................ 137 12. LINK LOAD BALANCER SPECIFICATION ................................................................................................. 138 13. WAN OPTIMIZER ................................................................................................................................. 139 14. TABLET SPECIFICATION ........................................................................................................................ 141 15. IP-EPABX AND TELEPHONY FUNCTIONAL REQUIREMENT: .................................................................... 142 16. VOIP PHONES SPECIFICATION .............................................................................................................. 143 16.1 16.2 16.3 17 BASIC IP PHONES SPECIFICATION ............................................................................................................................ 143 ADVANCE IP PHONE SPECIFICATION ........................................................................................................................ 144 WIRELESS IP PHONE SPECIFICATION ........................................................................................................................ 144 VIDEO CONFERENCE: ........................................................................................................................... 146 17.1 VIDEO CONFERENCE END POINT SPECIFICATION .................................................................................. 146 17.2 VIDEO SCREEN/PLASMA SCREEN SPECIFICATION .................................................................................. 147 18 POWER UPS/GENSET SPECIFICATION ................................................................................................... 149 18.1 UPS SPECIFICATION ............................................................................................................................. 149 18.2 DG SET:................................................................................................................................................. 157 19 TELEMEDICINE: .................................................................................................................................... 163 19.1 PICTURE ARCHIVING AND COMMUNICATION SYSTEM (PACS) SPECIFICATION ......................................................................... 163 Page122of 531 20 LAN CABLING SPECIFICATION .............................................................................................................. 169 21 BANDWIDTH UPGRADATION: .............................................................................................................. 174 22 EARTHING AND GROUNDING REQUIREMENT ...................................................................................... 175 23 RELOCATION PROVISIONING ............................................................................................................... 175 24 ENDPOINT SECURITY MANAGEMENT REQUIREMENTS: ....................................................................... 176 25 MANDATORY MONITORING REQUIREMENT FOR ENDPOINT MANAGEMENT ...................................... 178 26 RFID FOR PATIENT AND MATERIAL TRACKING ..................................................................................... 181 27 IP ADDRESS MANAGEMENT SPECIFICATION ........................................................................................ 185 28 DATA BACKUP SOLUTION SPECIFICATION............................................................................................ 185 29 NEW LOCATION PROVISIONING .......................................................................................................... 187 30 SOFTWARE/APPLICATION SUPPORT AND UPGRADE ........................................................................... 187 31 SERVICE DESK, END USER, NETWORK AND APPLICATION OPERATION SUPPORT – L1 & L2 SUPPORT: .188 32 EXCEPTION ........................................................................................................................................ 188 33 HARDWARE OEM CRITERIA.................................................................................................................. 189 Page123of 531 1. General Instructions to Bidder: Solution and Services offered may be implemented directly by OEM. Factory acceptance test will be carried out at OEM premises. The end user module has to ensure that any hardware and software compatibility issue with central location need to be addressed by end user module. By deploying a compatible solution at central location. 2. Laptop Specification: Laptop Feature Make and Model Processor Chipset Wireless Memory Hard Disk Drive Graphics Optical Disk Drive Chassis Cover Display Webcam Keyboard Ethernet Interface Ports Integrated Media Card Reader Weight Security Speaker / Microphones Battery Operating System OS Certification Warranty AC Adapter Mandatory Industry Standard Certifications Minimum Requirement Description Make, Model, Part Number and details must be specified by bidder Latest Generation Intel Core i5 5200U, should be 64 bit compliant System on Chip Integrated wireless 802.11 b/g/n with Bluetooth 4.0 4 GB DDR3L SDRAM (1600 MHz) upgradable to 16 GB 500 GB HDD or higher 7200 rpm Drives Integrated Graphics media accelerator HD Internal / External DVDRW Latest thin & light Design with scratch resistance and Metallic body Not more than 14-inch diagonal LED-backlit (1366 x 768 resolution) Minimum integrated 720p HD webcam Backlit Full size spill resistant keyboard with gesture support, English blacklit keyboard with standard touchpad Integrated Ethernet 10/100/1000 NIC 1 x VGA 1 x HDMI 1.4a / DVI / Display Port 1 x Headphone / microphone Combo 1 x Power connector 1 x RJ-45/Ethernet Minimum 3 USB Ports with at least 2 USB 3.0 Multi-format digital media reader Not more than 2.0 Kgs with battery Integrated Fingerprint Reader, TPM 1.2 Integrated stereo speakers; HD audio Integrated dual array microphone Internal 4 cell battery with minimum 4 Hours of battery back-up time Preloaded Genuine Windows 10 Professional 64 bit. Laptop should support minimum two previous versions of the quoted operating system Must be certified for Linux, Windows 10 3 Years Comprehensive Warranty including battery Standard Indian Adaptor UL, FCC Compliance, EPEAT-Gold, BEE, Energy Star Page124of 531 3. Desktop Specification: Desktop Feature Minimum Requirement Description Processor Intel® Core™ i5-4570 Processor - 3.2 GHz, 6 MB cache, 4 cores, 4 threads Chipset Motherboard Memory Hard Disk Drive & controller Optical Drive Graphics Audio Intel® Q87 Express OEM Motherboard 4GB DDR3 1600 MHz Non ECC Expandable to 32GB with 4 DIMM Slots 500 SATA 6.0-Gb/s Hard Drive (16MB Cache, 7200 RPM, NCQ, SMART IV / IOEDC) Slim Super Multi DVD Writer (Optional) Intel HD Graphics 4600 Integrated HD audio (all ports are stereo) Intel Gigabit Network Connection. Desktop should have internal Intel Centrino Wi-Fi card - 802.11 a/b/g/n. Total 4 internal / external drive bays Total 4 low profile PCI slots with minimum (1) PCI Express x16 Ethernet Bays Slots Ports Form Factor Power Supply Display Keyboard Mouse Security Features Rear I/O 2 x USB 3.0 ports; 4 x USB 2.0 ports 1 x VGA video port; 2 x DisplayPort with multi-stream video ports 1 x RJ-45 network connector 1 RS-232 serial port 3.5mm audio in/out jacks 2 x PS/2 keyboard and mouse port Front I/O 2 x USB 3.0 ports 3.5mm headphone output and microphone jack Small Form Factor (SFF)/MT 250W Active PFC standard 90% efficient Power supply. 18.5" Color TFT with minimum 1366 x 768 @60 Hz resolution, 5 ms response rate, VESA External Mount, FCC, UL, TCO 06 certified. 104 keys keyboard (Same make as PC) 2 Button Scroll Mouse (Same make as PC) 1. Standard Embedded TPM 1.2 compliant security. 2. Serial, parallel, USB enable/disable (via BIOS) 3. Removable media write/boot control Serviceability Tool Less Chassis Intel Advanced Management Technology (AMT) v9.0 - An advanced set of remote management features and functionality which provides network Out of Band Management administrators the latest and most effective tools to remotely discover, heal, and protect networked client systems regardless of the system's health or power state Operating System Pre-installed Microsoft Windows 10 Professional (64-bit) Windows 10 Professional has an inbuilt backup and recovery tool. Desktop Recovery Tool should support minimum two previous versions of the quoted operating Page125of 531 system Certifications Windows 10 Professional. Linux Certification. ENERGY STAR 5.2 compliant. ISO 9001:2008 & ISO 14001: 2004 for the manufacturing plant Desktop Software Microsoft Office 2013 standard or higher MOLP with multilingual support, Mozilla Firefox, Acrobat reader 4. Printer/Scanner/Photocopy Specification: 4.1 Mono Multifunction Printer Specifications – Low End S. No. 1 Minimum Requirement Description Function Print, Scan, Copy, Fax and Digital sending Print 2 3 4 5 6 7 8 9 Speed Memory Print Resolution Duplex Duty Cycle Paper Capacity Print Languages Interface Scan 25 Pages Per Min 256 MB Memory Upto 1200 x 1200 DPI Automatic Duplex (Standard) 30,000 pages per month 250 sheets Input capacity and 150 sheets output capacity PCL5, PCL 6 and Postscript 3 USB, Network and Wireless 10 11 12 13 14 Scan Type ADF Capacity Duplex Scan Scan Size (Flatbed and ADF) Scan Resolution Copy Flatbed ADF 50 sheets Automatic Duplex Scanning (Standard) 8.5 inches x 14 inches 1200 x 1200 DPI 15 16 17 18 19 Copy Speed Copy Resolution No. of copies (max) Production Cycle Original Consumables 25 Pages Per Min 600 x 600 dpi 99 copies Shall be in Production for next 18 Months Original Consumables to be provided throughout the contract 4.2 Mono Multifunction Printer Specifications – High End S.No. 1 Minimum Requirement Description Function Print, Scan, Copy, Fax and Digital sending Print 2 Speed 50 Pages Per Min Page126of 531 3 4 5 6 7 8 9 Memory Print Resolution Duplex Duty Cycle Paper Capacity Print Languages Interface Scan 512 MB Memory Upto 1200 x 1200 DPI Automatic Duplex (Standard) 75,000 pages per month 500 sheets Input capacity and 150 sheets output capacity PCL5, PCL 6 and Postscript 3 USB, Network and Wireless 10 11 12 13 14 Scan Type ADF Capacity Duplex Scan Scan Size (Flatbed and ADF) Scan Resolution Copy Flatbed ADF 50 sheets Automatic Duplex Scanning (Standard) 8.5 inches x 14 inches 1200 x 1200 DPI 15 16 17 18 19 Copy Speed Copy Resolution No. of copies (max) Production Cycle Original Consumables 50 Pages Per Min Upto 600 dpi 99 copies Shall be in Production for next 18 Months Original Consumables to be provided throughout the contract 5. Barcode Scanner Specification: Feature Minimum Requirement Description 1 2 Support for next generation 2d imager resets the bar for scanning performance, scanning range, versatility and ease-of-use. Support for Blood product administration 3 4 5 6 Support for Specimen tracking & Medication tracking in the pharmacy and on the pharmacy cart Support for Electronic healthcare record access Patient identification Electronic healthcare record access 7 8 Support for laptops on workstation-on-wheels (wows) and other types of carts in your hospital. PRZM Intelligent Imaging technology for next generation performance 9 10 Megapixel sensor and advanced algorithms enable first time capture of any bar code, on any medium ' in virtually any condition Support for scan virtually any 1D, 2D or PDF417 bar code 11 12 Support for tiny dense codes wrapped around the curved surface of a vial to bar codes that are stained or smudged. Support for omni-directional scanning 13 14 Crisp and bright aiming dot has the reach and brightness needed to ensure the fast capture of data Day and night 'do-not-disturb' modes 15 Support for light that is emitted is soft and unobtrusive, preventing eye fatigue and improving the environment for patients and healthcare workers Page127of 531 16 Light Source : Aiming pattern: 617 nm LED ,Illumination: 660 nm LEDs 17 18 19 20 Minimum Resolution SR: Code 39 4 mil, UPC 60% 7.8 mi , PDF417 5 mil, Data matrix 7.5 mil HD: Code 39 3 mil, UPC 60% 7.8 mil, PDF417 4 mil, Data matrix 5 mil Imager Field of View 36° (H) x 22.5° (V) Print Contrast should be 20% minimum reflective difference Motion Tolerances should be Up to 30 in. / 76.2 cm per second 21 Interfaces Supported : USB , RS232, Keyboard Wedge, RS485 (IBM 46xx) , SS I 22 Scanner should supports the following protocols over USB : HID Keyboard (default mode), SNAPI, IBM Sure POS (Yellowstone) (IBM Handheld, IBM Tabletop, OPOS ), USB CDC, SS I over USB CDC, Toshiba TEC 23 scanner supports the following protocols over RS232: Standard, Wincor Nixdorf, ICL, Fujitsu, Olivetti, Omron and CUTE 24 25 Electrical Safety UL60950-1 2nd ed, CSA C22.2 No . 60950-1 2nd ed, EN60950-1/IEC60950-1 2nd ed. LED Safety : IEC 62471:2006 and EN 62471: 2008 26 27 EMI/RFI : FCC Part 15 Class B, ICES-003 Class B, EN55022 Class B, EN55024, Medical Electrical Equipment: EN60601-1-2 Environmental Compliant with RoHS directive 2011/65/EU 6. Wireless Access Point Specification: Bidder shall provision for Wireless access point at each location Wi-Fi Feature 1 Minimum Requirement Description Hardware Specifications: 1.1 Access Points proposed must include radios for 2.4 GHz and 5 GHz with 802.11ac Wave 2 1.2 Must have a robust design for durability, without visible vents 1.3 1.4 Mounting kit should be standard from OEM directly Must have dedicated memory and CPU for each radio apart from the shared Memory and CPU of the access point 1.5 High-speed spectrum intelligence across 20-, 40-, and 80-MHz-wide channels to combat performance problems due to wireless interference 1.6 Must have 2x10/100/1000BASE-T autosensing (RJ-45) ports 1.7 2 Must have at least 3 dBi Antenna gain on both radios 802.11ac features: 2.1 2.2 2.3 Must support 4x4 multiple-input multiple-output (MIMO) with four spatial streams Must support simultaneous 802.11n on both the 2.4 GHz and 5 GHz radios Must support 802.11ac Wave 1 on the integrated 5-GHz radio Page128of 531 2.4 2.5 3 3.1 Must support data rates up to 600Mbps 802.11n and 1.7 Gbps on 802.11ac respectively Must support up to 23dbm of transmit power on 5GHz Radio Other features The Wireless AP should have the technology to improve downlink performance to all mobile devices including one-, two-, and three spatial stream devices on 802.11n and 802.11ac. The technology should work without requiring feedback from clients and should work with all existing 802.11 clients 3.2 Should support detecting and classifying non-Wi-Fi wireless transmissions while simultaneously serving network traffic 3.3 Should support configuring the access point as network connected sensor to access any network location covered by the access point to get real-time Spectrum analysis data Must support AP enforce load-balance between 2.4Ghz and 5Ghz band 3.4 3.5 3.6 3.7 4 4.1 5 5.1 5.2 5.3 5.4 6 6.1 6.2 7 7.1 7.2 8 Must incorporate radio resource management for power, channel, coverage hole detection and performance optimization Should be able to detect at least 20 sources of non 802.11 interference within 30 seconds Must have -95 dB or better Receiver Sensitivity. Roaming features: Must support Proactive Key Caching and/or other methods for Fast Secure Roaming Security features: Must support Management Frame Protection Should support locally significant certificates on the APs using a Public Key Infrastructure (PKI) Must operate as a sensor for wireless IPS Should support non-Wi-Fi detection for off-channel rogues and Containment for both radio Encryption features: Access Points must support a distributed encryption/decryption model Access Points must support Hardware-based DTLS encryption on CAPWAP Standard or equivalent Monitoring features: Must support the ability to serve clients and monitor the RF environment concurrently. Same model AP that serves clients must be able to be dedicated to monitoring the RF environment Flexibility features: 8.1 AP model proposed must be able to be both a client-serving AP and a monitor-only AP for Intrusion Prevention services. 8.2 Should support mesh capabilities for temporary connectivity in areas with no Ethernet cabling Mesh support should support QoS for voice over wireless. Must support 16 WLANs per AP for SSID deployment flexibility. Must continue serving clients when WAN link to controller is down 8.3 8.4 8.5 Page129of 531 8.6 8.7 8.8 9 9.1 10 10.1 11 11.1 11.2 11.3 11.4 Must continue serving clients when WAN link to controller is back up again, should not reboot before joinin Must support Controller-based and standalone (autonomous) deployments Should support Local authentication at the AP level in case of WAN outage Operational features: Must support telnet and/or SSH login to APs directly for troubleshooting flexibility Power Requirement: Must support PoE/PoE+, local power and power injectors Quality of Service features: 802.11e and WMM Must support reliable multicast to unicast conversion to maintain video quality Must support QoS and Video Call Admission Control capabilities. Access Point should 802.11 DFS certified 7. Router – BO &Dispensaries Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Router should be chassis based and modular architecture with multicore processor for scalability. 1.2 Router should have 2 nos. of 10/100/1000 Base-T ports and 2 nos. of 2 Mbps with V.35 serial interface. 1.3 Router should have at least 1 open slots for additional LAN/ WAN modules other then asked ports. 1.4 Router should support Fast Ethernet, Gigabit Ethernet, V.35 and G.703 modules in asked slot. 1.5 Router should have DES, 3DES and AES Standards through dedicated encryption module/processor. Should support IPSec with IKEv2 and Suite-B Encryption 1.6 Router should support internal/external redundant power supply. 1.7 The router should have minimum 512MB DRAM from day one and scalable to support minimum 2GB. 1.8 The Router should have minimum 256MB Compact Flash from day one and scalable to support minimum 2GB. 2 2.1 3 3.1 Performance Requirements Router should have a minimum performance of 300 Kpps Routing Protocols Router should support static Routes, OSPFv2, OSPFv3, BGP4, MBGP, BFD, Policy based routing, Page130of 531 IPv4 and IPv6 tunneling 3.2 Router should support IGMP v1/v2/v3 and PIM multicast routing 3.3 Should support other IP Services like GRE tunnel, IPv4 tunnel, IPv6 tunnel, Virtual Router Redundancy Protocol (VRRP), Network Address Translation (NAT), Access Control Lists (ACLs), Zone based Firewall. 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence. 4.2 Routers should support marking, classification, policing and shaping. 4.3 The router should support application acceleration and compression capabilities to reduce WAN bandwidth usage in its operating system. 4.4 The router application acceleration should be transparent and integrated so as to make use of security, quality of service (QoS) and other native services 4.5 Application acceleration and compression features at BO/Dispensaries should support at least 100 TCP connections and WAN bandwidth up to 4 Mbps. 5. System Management and Administration 5.1 Router should support SSHv2, SNMPv2c, SNMPv3 and NTP. 5.2 Routers should support AAA using RADIUS and TACACS+ 5.3 Routers should support configuration rollback. 5.4 Router should support software upgrades via TFTP or FTP. 5.5 Support for accounting of traffic flows for network planning and security purposes. Router shall provide application recognition through analysis of flows. 5.6 Should support extensive support for IP SLA and best path selection for metrics like delay, latency, jitter, packet loss to assure business-critical IP applications. 5.7 Router should support monitoring of network traffic with application level insight with deep packet visibility into web traffic, RTP-Based VoIP traffic and cRTP 5.8 Router shall have traffic load balancing capability on dual WAN Links based on based on advanced criteria, such as reachability, delay, loss, jitter and bandwidth utilization. 5.9 The network should support Multipoint to multipoint IPSec encryption tunnels and Static IPSec solution for faster configuration and better management with zero touch provisioning during operations. 6 Regulatory Compliance 6.1 Router shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 6.2 Router shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. Page131of 531 7 Evaluation Compliance 7.1 Router / Router’s Operating System should be tested and certified for EAL 4/NDPP or above under Common Criteria Certification 7.2 Router should be IPv6 Certified/IPv6 logo ready 8. Router – All location other than BO & Dispensaries Specifications: S.No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Router should be chassis based and modular architecture with multicore processor for scalability. 1.2 Router should have 3 nos. of 10/100/1000 Base-T ports out of which 1 nos. should be SFP based ports.and 2 nos. of 2 Mbps with V.35 serial interface. 1.3 Router should have at least 4 open slots for additional LAN/ WAN modules other then asked ports. 1.4 Router should support Fast Ethernet, Gigabit Ethernet, V.35 modules, G.703 modules, Channelized E1/T1, ISDN PRI, FXO, FXS and E&M modlues in asked slot. 1.5 Router should have DES, 3DES and AES Standards through dedicated encryption module/processor. Should support IPSec with IKEv2 and Suite-B Encryption 1.6 Router should support internal redundant power supply. 1.7 The router should have minimum 512MB DRAM from day one and scalable to support minimum 2GB. 1.8 The Router should have minimum 256MB Compact Flash from day one and scalable to support minimum 2GB. 2 Performance Requirements 2.1 Router should have a minimum performance of 1.5 Mpps 3 Routing Protocols 3.1 Router should support static Routes, OSPFv2, OSPFv3, BGP4, MBGP, BFD, Policy based routing, IPv4 and IPv6 tunnelling 3.2 Router should support IGMP v1/v2/v3 and PIM multicast routing 3.3 Should support other IP Services like GRE tunnel, IPv4 tunnel, IPv6 tunnel, Virtual Router Redundancy Protocol (VRRP), Network Address Translation (NAT), Access Control Lists (ACLs), Zone based Firewall. 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence. Page132of 531 4.2 Routers should support marking, classification, policing and shaping. 4.3 The router should support application acceleration and compression capabilities to reduce WAN bandwidth usage in its operating system. 4.4 The router application acceleration should be transparent and integrated so as to make use of security, quality of service (QoS) and other native services 4.5 Application acceleration and compression features at BO/Dispensaries should support at least 400 TCP connections and WAN bandwidth up to 10 Mbps. 5. System Management and Administration 5.1 Router should support SSHv2, SNMPv2c, SNMPv3 and NTP. 5.2 Routers should support AAA using RADIUS and TACACS+ 5.3 Routers should support configuration rollback. 5.4 Router should support software upgrades via TFTP or FTP. 5.5 Support for accounting of traffic flows for network planning and security purposes. Router shall provide application recognition through analysis of flows. 5.6 Should support extensive support for IP SLA and best path selection for metrics like delay, latency, jitter, packet loss to assure business-critical IP applications. 5.7 Router should support monitoring of network traffic with application level insight with deep packet visibility into web traffic, RTP-Based VoIP traffic and cRTP 5.8 Router shall have traffic load balancing capability on dual WAN Links based on based on advanced criteria, such as reachability, delay, loss, jitter and bandwidth utilization. 5.9 The network should support Multipoint to multipoint IPSec encryption tunnels and Static IPSec solution for faster configuration and better management with zero touch provisioning during operations. 5.10 Should have fall back capability to support IP Phones so that local communication within the premises can be done in case WAN connectivity is totally down. 6 Regulatory Compliance 6.1 Router shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 6.2 Router shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 7 Evaluation Compliance 7.1 Router / Router’s Operating System should be tested and certified for EAL 4/NDPP or above under Common Criteria Certification 7.2 Router should be IPv6 Certified/IPv6 logo ready 9. WAN Switch– BO & Dispensaries Specification: Page133of 531 Switch Feature 1 Minimum Requirement Description General Hardware and Interface requirements 1.1 Switch should have minimum 24 nos. 10/100/1000 Base-T ports with PoE+ capability and minimum 370W of PoE Power, additional 4 nos. SFP uplink ports. 1.2 Switch should have one dedicated slot/port for stacking and should support minimum 48 Gbps of stacking bandwidth with dedicated stacking ports and cables with minimum 8 switch in stack. 1.3 Switch should support internal/external redundant power supply 2 Performance Requirements 2.1 Switch shall have minimum 56 Gbps of switching fabric and 41 Mpps of forwarding rate 2.2 Shall have minimum 12K MAC Addresses 2.3 Shall have minimum 1000 Active VLANs 3 IEEE Standards Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.1x, 802.3ad, 802.3x, 802.1p, 802.1Q, 802.3, 802.3u, 802.3ab, 802.3z, 802.3af, 802.3at 3.1 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence 4.2 Switch should support marking, classification, policing and shaping. Should support strict priority queuing 5. System Management and Administration 5.1 Switch should support SSHv2, SNMPv2c, SNMPv3 and NTP. 5.2 Switch should support AAA using RADIUS and TACACS+. 5.3 Switch should support port security, DHCP snooping, Dynamic ARP inspection, IP Source guard, BPDU Guard, Spanning tree root guard and IPv6 First Hop Security. 5.4 Switch should support software upgrades via TFTP or FTP. 5.5 Should support 802.1x authentication and accounting, IPv4 and IPv6 ACLs and Dynamic VLAN assignment 5.6 Switch Shall have Switch Port Analyzer (SPAN) and Remote Switch Port Analyzer (RSPAN) 5.7 Switch shall have secure VTP with MD5 /equivalent protocol to reduce administrative burden of configuring VLANs on multiple switches in turn eliminating the configuration errors & troubleshooting in secure manner or equivalent. 5.8 Switch shall have Layer 2 trace route or equivalent for ease of troubleshooting by identifying the physical path that a packet takes from source to destination 5.9 Switch shall have Internet Group Management Protocol (IGMP) Snooping for IPv4 and IPv6, Page134of 531 MLD v1 and v2 Snooping and Multicast VLAN Registration protocol 5.10 Switch shall have Per-port broadcast, multicast and unicast storm control 5.11 Unidirectional Link Detection Protocol (UDLD), Aggressive UDLD, Link Aggregation Control Protocol (LACP), Port Aggregation Protocol (PAgP) and Dynamic Trunking Protocol (DTP). 6 Regulatory Compliance 6.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 6.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements 7 Evaluation Compliance 7.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification 7.2 Switch should be IPv6 Certified and IPv6 logo ready 10. WAN Switch- All location other than BO & Dispensaries Specification: Switch Feature Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Switch should have minimum 24 nos. 10/100/1000 Base-T ports and additional 4 nos. SFP uplink ports 1.2 Switch should have one dedicated slot for stacking and should support minimum 48 Gbps of stacking bandwidth with dedicated stacking ports and cables with minimum 8 switch in stack 1.3 Shall have hot swappable 1:1 redundant internal power supply and hot swappable fan modules 2 Performance Requirement 2.1 Switch shall have minimum 56 Gbps of switching fabric and 41 Mpps of forwarding rate 2.2 Shall have minimum 12K MAC Addresses 2.3 Shall have minimum 1000 Active VLANs 2.4 Shall have static routing, OSPF, OSPFv3, BGPv4, IS-ISv4 in hardware 2.5 Shall have policy based routing(PBR), VRF (Virtual routing and forwarding) and HSRP for IPv6/VRRPv3 2.6 Should support IGMP v1/v2/v3 and PIM multicast routing like PIM-SM, PIM DM and PIM-SSM 3 IEEE Standards 3.1 Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.1x, 802.3ad, Page135of 531 802.3x, 802.1p, 802.1Q, 802.3, 802.3u, 802.3ab, 802.3z, 802.3ae 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence. 4.2 Switch should support marking, classification, policing and shaping. Should support strict priority queuing 5. System Management and Administration 5.1 Switch should support SSHv2, SNMPv2c, SNMPv3 and NTP 5.2 Switch should support AAA using RADIUS and TACACS+ 5.3 Switch should support port security, DHCP snooping, Dynamic ARP inspection, IP Source guard, BPDU Guard, Spanning tree root guard and IPv6 First Hop Security 5.4 Switch should support software upgrades via TFTP or FTP 5.5 Should support 802.1x authentication and accounting, IPv4 and IPv6 ACLs and Dynamic VLAN assignment. 5.6 Switch Shall have Switch Port Analyser (SPAN) and Remote Switch Port Analyser (RSPAN) . 5.7 Switch shall have secure VTP with MD5 protocol to reduce administrative burden of configuring VLANs on multiple switches in turn eliminating the configuration errors & troubleshooting in secure manner or equivalent 5.8 Switch shall have Layer 2 trace route for ease of troubleshooting by identifying the physical path that a packet takes from source to destination 5.9 Switch shall have Internet Group Management Protocol (IGMP) Snooping for IPv4 and IPv6 and MLD v1 and v2 Snooping 5.10 Switch shall have Per-port broadcast, multicast and unicast storm control 5.11 Unidirectional Link Detection Protocol (UDLD), Aggressive UDLD, Link Aggregation Control Protocol (LACP), Port Aggregation Protocol (PAgP) and Dynamic Trunking Protocol (DTP). 6 Regulatory Compliance 6.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment 6.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements 7 Evaluation Compliance 7.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification 7.2 Switch should be IPv6 Certified and logo ready Page136of 531 11. LAN Switch for all location other than BO & Dispensaries Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Switch should have minimum 24 nos. 10/100/1000 Base-T ports with PoE+ capability and minimum 370W of PoE Power, additional 4 nos. SFP uplink ports 1.2 Switch should have one dedicated slot for stacking and should support minimum 48 Gbps of stacking bandwidth with dedicated stacking ports and cables with minimum 8 switches in stack. 1.3 Switch should support internal/external redundant power supply. 2 Performance Requirement 2.1 Switch shall have minimum 56 Gbps of switching fabric and 41 Mpps of forwarding rate. 2.2 Shall have minimum 12K MAC Addresses 2.3 Shall have minimum 1000 Active VLANs 3 IEEE Standards 3.1 Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.1x, 802.3ad, 802.3x, 802.1p, 802.1Q, 802.3, 802.3u, 802.3ab, 802.3z, 802.3af, 802.3at 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence 4.2 Switch should support marking, classification, policing and shaping. Should support strict priority queue 5. System Management and Administration 5.1 Switch should support SSHv2, SNMPv2c, SNMPv3 and NTP 5.2 Switch should support AAA using RADIUS and TACACS+ 5.3 Switch should support port security, DHCP snooping, Dynamic ARP inspection, IP Source guard, BPDU Guard, Spanning tree root guard and IPv6 First Hop Security. 5.4 Switch should support software upgrades via TFTP or FTP. 5.5 Should support 802.1x authentication and accounting, IPv4 and IPv6 ACLs and Dynamic VLAN assignment 5.6 Switch Shall have Switch Port Analyser (SPAN) and Remote Switch Port Analyser (RSPAN) 5.7 Switch shall have secure VTP with MD5 protocol to reduce administrative burden of configuring VLANs on multiple switches in turn eliminating the configuration errors & troubleshooting in secure manner or equivalent 5.8 Switch shall have Layer 2 trace route for ease of troubleshooting by identifying the physical path that a packet takes from source to destination. 5.9 Switch shall have Internet Group Management Protocol (IGMP) Snooping for IPv4 and IPv6, MLD Page137of 531 v1 and v2 Snooping and Multicast VLAN Registration protocol. 5.10 Switch shall have Per-port broadcast, multicast and unicast storm control. 5.11 Unidirectional Link Detection Protocol (UDLD), Aggressive UDLD, Link Aggregation Control Protocol (LACP), Port Aggregation Protocol (PAgP) and Dynamic Trunking Protocol (DTP). 6 Regulatory Compliance 6.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment 6.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements 7 Evaluation Compliance 7.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification 7.2 Switch should be IPv6 Certified and IPv6 logo ready 12. Link Load balancer Specification: Sr.No Minimum Requirement Description 1 Architecture The LLB should be a dedicated purpose built in hardware device. It should not be a part of UTM or Firewall or Router modular functionality 2 3 Should support 8 x 10/100 Ethernet Ports Should provide minimum 25 Mbps load balancing throughput and should be scalable to 50 Mbps with license key without changing the hardware 5 Device must have Dynamic routing protocols like OSPF, RIP and RIP II The proposed device must have DNS capability for inbound load balancing from Day 1 6 Should support static & dynamic proximity based outbound as well as inbound load balancing 7 10 Device should support Proximity that enables to determine which is thefastest pathavailable Server Load Balancer and Link Load Balancer should be from same OEMin order to avoid compatibilityissue Redundancy ShouldsupportVirtual Router RedundancyProtocol(VRRP--RFC 2338)or equivalent ThedeviceshouldsupportInterfaceGrouping 11 Should havepredefined healthcheckonprotocols likeHTTP, SMTP, POP3,DNS, Ping, FTP, SNMPetc 12 Should provideAND/OR mechanism betweenhealthcheck 4 8 9 Page138of 531 13. WAN Optimizer: 13.1 WAN Optimization requirements Wan optimizer should be proposed as dedicated appliance based solution. Objective is to overcome issues like latency, Packet loss, and application congestion in order to enhance application delivery from remote locations. WAN optimization solution should support optimization technologies including compression, caching, single instance, TCP optimization, application blueprint in order to ensure accelerated application delivery. WAN optimization must provide seamless integration with other component to avoid any interoperability issues. Moreover If WAN optimizer goes out of service it should not impact flow of traffic at location and must support bypass functionality. 13.2 Specifications WAN Optimizer Feature 1 2 3 4 5 6 7 8 9 10 11 12 Minimum Requirement Description Design Parameters - Remote Locations Dispensaries and other locations Should be dedicated appliance based solution with purpose built hardware for high performance or integrated with WAN Solution Branch device should support 4Mbps of optimized bandwidth and 100 optimized TCP flows Network Interface: 2 numbers of Inline 10/100/1000 Base-T Gigabit Ports and 2x 10/100/1000 for management Scalability: The Appliance must be able to scale to support 06 Mbps of optimized bandwidth and 250 TCP flows scalable upto 1000 TCP connections by without changing the physical appliance to a larger appliance Branch offices/RO/SRO’s Should be dedicated appliance based solution with purpose built hardware for high performance or integrated with WAN solution Branch device should support 10 Mbps of optimized bandwidth and 1000 optimized TCP flows Network Interface: 2 numbers of Inline 10/100/1000 Base-T Gigabit Ports and 2x 10/100/1000 for management Scalability: The Appliance must be able to scale to support 20 Mbps of optimized bandwidth and 250 TCP flows scalable upto 2200 TCP connections by without changing the physical appliance to a larger appliance Hospitals locations should be dedicated appliance based solution with purpose built hardware for high performance or integrated with WAN solution Branch device should support 20 Mbps of optimized bandwidth and 4000 optimized TCP flows Network Interface: 2 numbers of Inline 10/100/1000 Base-T Gigabit Ports and 2x 10/100/1000 for management Scalability: The Appliance must be able to scale to support 50 Mbps of optimized bandwidth and 15,000 TCP flows by without changing the physical appliance to a larger appliance General Features Page139of 531 13 Should support TCP optimization for efficient data transfer across WAN, higher bandwidth utilization, faster recovery after any packet loss. TCP optimization must include Windows Scaling, Slow start with congestion avoidance, Fast Convergence & Selective acknowledgements to ensure efficient throughput in Long FAT Networks 14 Should support standard compression mechanism and stream based differencing to avoid transmission of content that has been previously received in the local data store 15 The solution should be able to support & recognize repetitive byte patterns, and be able to replace the repetitive data with reference records and other metadata. 16 Network de-duplication to avoid the repeated content across the WAN and to ensure efficient utilization WAN bandwidth. content should be stored on disk at both ends of the network and when similar content is seen again, messages are sent to the peer device to replay the content locally rather than re-transmitting the data across the WAN Content aware de-duplication: solution should able to distinguish protocol used to transfer the contents for efficient disk utilization and better performance. 17 18 Single instance store: Solution should support single universal dictionary for maintaining larger histories without requiring per peer data store. Architecture of the solution must ensure that single copy of any content is maintained irrespective of the peer is being sent to. 19 Application acceleration blueprints: Solution should provide Layer 7 application intelligence to mitigate not only the chattiness of legacy protocols but also to improve the performance of protocols like HTTP or iSCSI when they are used over a WAN. Should support real time payload identification for de-duplication. HTTP acceleration : Solution must support HTTP application blueprint address the protocol chattiness issues that affect the HTTP performance 20 21 22 23 24 25 26 27 28 29 30 31 Should support “Pre-Cache Acceleration” (PCA) which helps speed up the rendering of Web pages by eliminating repetitive trips over the WAN connection to validate the freshness of content. client’s browser must query the remote server with an HTTP 304 request for the “freshness value” of the object HTTPs acceleration: Support for HTTPS application acceleration blueprint to address protocol chattiness and performance issues. Solution must able to intercept the HTTPS traffic for content deduplication and protocol optimization. HTTPS acceleration blueprint should to break the end to end security trust model, certificates must be only loaded on datacenter/Hub location device and not on the remote location devices. MAPI acceleration: The solution should natively address protocol chattiness issues for the MAPI protocol used by Exchange servers and Outlook clients using application specific blueprints CIFS acceleration: The WAN optimization solution must address protocol chattiness issues for the CIFS protocol The CIFS Blueprint should support multiple techniques including read-ahead, write-behind and directory optimizations in order to improve the throughput The solution should be able to define classes of application traffic and apply Quality-of-Service policies to each class The solution should support traffic shaping and provision to allocate Guaranteed Bandwidth to each class of applications The solution should be able to allocate a maximum bandwidth usage cap to each class of traffic. The solution must allow usage to burst above the maximum bandwidth usage cap if no other traffic classes attempt to utilize the available bandwidth Deployment Should support various deployment modes including inline mode, out-of-line mode & out-ofpath for seamless integration with other network devices Page140of 531 Out-of-line mode operation must support WCCPv2 for traffic redirection. WCCP forwarding & return methods must include Generic routing encapsulation (GRE) and layer2 switching 32 Must have built-in black hole detection support - should not impact traffic flow if optimization appliance is not in service. Out-of-line mode operation should also support VRRP and policy based routing (PBR) to redirect traffic to Wan optimization appliances. should support correct addressing mode of operation for out-of-path deployment Solution should be deployed transparently into the existing/proposed WAN environment and should not modify any network characteristics like IP addresses, headers or port numbers etc. 33 34 35 Should support correct addressing with server side transparency (CAST) mode of operation. Correct Addressing with Server-Side Transparency should provide Correct Addressing mode on the WAN and Transparent Addressing on the LAN The solution must support auto-discovery of remote peer devices and dynamically detect the presence of any other WAN optimization devices. Peers are automatically removed from the discovered list if a connection cannot be made within 24 hours Management Solution should provide centralized management tool for centralized configuration; monitoring provisioning and reporting. Instead managing individual devices. 36 37 38 39 40 41 Should allow centralized software management across an entire network Each appliance must have an integrated performance dashboard displaying traffic types, acceleration levels per traffic type, usage of the WAN link, and traffic statistics over time 42 A performance data export feature using Net Flow must be supported to send data to existing network management tools. The solution must support RADIUS. The solution must support SSH for access to the management Command Line Interface. Should support remote notification capabilities, including SNMP v2c, v3, SMTP notification, and syslog notifications. 43 44 45 14. Tablet Specification: Sr.No. 1 Feature Operating System 2 Processor 3 4 RAM Graphics 5 Display 6 Connectivity 7 Camera Minimum Requirement Description Android 5.0 L (or higher) out of the box and auto upgradable to higher versions of Android. Quad Core ARM 1.3 Ghz ORx86 Quad Core 1.3 GHz or better with min 2MB Cache so as to meet the benchmark score criteria listed below. Minimum 2 GB DDR3 or higher with 1600Mhz or Better Should support HD , 2D and 3D Graphics At least 10 inch (diagonal) TFT LCD based Capacitive with Multi Touch Screen with resolution of 1280x800 pixels, Toughened glass Built in GPRS, EDGE & 3G DATA Capability Bluetooth v 4.0 or higher Wi-Fi IEEE 802.11 a/b/g/n(2X2) Dual Band Micro USB 2.0 with OTG or higher A-GPS /GPS or Better Minimum 5 MP Autofocus Rear Camera Page141of 531 8 HD Video 9 Memory 10 Ports 11 Battery 12 13 Sensor Weight 14 Pre-Loaded Applications 15 16 17 18 19 Front Facing camera: 1 MP or higher Minimum 720p/30fps On board Memory – Minimum 16 GB or higher. External micro SD slot expandable up to at least 32 GB Micro USB 2.0 or higher Integrated micro HDMI Port or MHL Compliance 3.5mm Audio Jack with Mic Support Li-Po battery 4000 mAh or Higher with Battery Charging/Completed LED Status Indicator Built in Accelerometer Less than 900gms with Protection Google™ Mobile Services including google Fingerprint Certification and Full GMS Services Google Play, Gmail™, YouTube™, Google Maps™, Syncing with Google Calendar™, Google Search, Google+ Integrated PEN Style Stylus Fast Battery Charger User Manual and documentation Printing Wireless printing without need of installing drivers (i) Quadrant score of 10000 or higher Overall Performance (ii)Tu score of 20000 or higher BIS(INDIA), Energy STAR, ISO9000, EMC Compliance, Android CTS, Certifications IEC 60950-1 Warranty 3 Year Onsite Device Replacement Warranty In the Box Items 15. IP-EPABX and Telephony Functional Requirement: 1. The IP phones should support Survivable Call Control functionality through the existing IP PBX at ESIC, so that it registers to the fall back server in case the primary server goes down 2. It should be possible for the IP phone to be connected on the same line which is connected to the computer i.e. Single wire to desk. 3. The proposed IP Phones should directly register to the existing IPPBX at ESIC with profile creation of these SIP endpoints onto it and perform all functions of Proxy/ Registrar / Redirect 4. The IP phones should provide functionality for simultaneous Ring on IP phone and user defined alternate phone for all the IP phone users through the existing IP PBX at ESIC. 5. The bidders should provide a "presence" application for all IP Phones users, so that they can see the availability status of his contacts in their buddy list. 6. The video IP Phones should provide integrated video telephony features with the existing IP PBX at ESIC to the users so that user with IP Phone / Soft phone and video telephony end point should be able to place video calls with the same user model as audio calls. Page142of 531 7. The IP video phone after integrating with existing IP PBX should provide call control capabilities to handle CODEC and video capabilities of the endpoints, bandwidth negotiation to determine video/audio call take place. 8. The Basic IP Phones, wireless IP Phones and Advanced Video IP phones should register to the Cisco Unified Communication Manager version 10.x existing with ESIC. New procured phones must be able to register to Cisco Call Manager 10.x without any technical issues & all functionality as well as features mentioned in the Project Panchdeep RFP published by ESIC in 2008. SI should make sure there is no interoperability issue with newer procured phones & existing setup. The basic IP phone, video phone and wireless IP phone should be from same OEM. 16. VOIP Phones Specification: A) Basic IP Phone B) Advance End Point Video Phones C) Wireless Phone 16.1Basic IP Phones Specification Basic VoIP Phone Feature 1 2 Minimum Requirement Description 3 Pixel-based display---Should support pixel based display 3.5" 396×162 pixels Four soft keys should dynamically present calling options to the user. The phone should support backlit indicators for the audio path keys (handset, headset and speakerphone), select key, line keys, and message waiting 4 A volume-control toggle should provide easy decibel-level adjustments of the handset and ringer. 5 6 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 7 7.1 7.2 7.3 7.4 7.5 7.6 XML Applications should be delivered to the display. Calling Features Should support 4 lines Calling name and number display Call waiting Call forward Call transfer On- and off-network distinctive ringing Three-way calling (conference) Plus Dialing (E.164) Network Features Automatic IEEE 802.1Q (voice virtual LAN [VVLAN]) configuration IEEE 802.1Q /p VLAN tagging and traffic prioritization 802.1Q VLAN-based switching of traffic between the phone and access switch Differentiated Services Code Point (DSCP) tagging G.711a/μ, G.722, G.729ab, iLBC (codec’s) Integrated Ethernet switch Page143of 531 10/100/1000 BASE-T Ethernet connection through an RJ-45 interface for LAN connectivity Software upgrade supported using a Trivial File Transfer Protocol (TFTP) server Provisioning of network parameters through Dynamic Host Configuration Protocol (DHCP) Voice activity detection, comfort noise generation Should support SRTP TLS Encrypted configuration files 7.7 7.8 7.9 8 9 9.1 9.2 9.3 9.4 9.5 802.1X authentication Cryptography 16.2 Advance IP Phone Specification Advance Vo IP Phone Feature Minimum Requirement Description Should have 7-inch screen capacitive touch screen, which includes support for various multitouch gesture commands to interact with contacts, collaboration applications, voice and video calling, and third-party applications. 1 Should be a fully integrated unit with Codec, Camera, Display and microphones. The integrated HD-capable front camera should support up to 1080p 30-fps video encoding and decoding Should support HDMI and USB interfaces Should have a memory of 2GB with flash memory of 8GB Should have 2 port 10/100/1000 Ethernet switch with Bluetooth and WI-FI support 2 3 4 5 Should be Android Based so that all the applications from Google Play can be downloaded which enhances user experience Should support POE Class 4 6 7 8 Should support SIP for signaling, SDP, DNS, PPDP, GARP, SRTP, IPV4, IPV6, NTLM, RTCP and BFCP. It should be IPV6 ready from day one 9 Should Support Contact synchronization with Bluetooth-paired, Android or iOS mobile device that supports PBAP, Call history synchronization to view placed or missed calls from mobile device and Audio path routing sends audio through the endpoint for a mobile device-connected call 10 11 Should support formats up to maximum 1920 x 1080 @ 30 fps (HD1080p30), Narrowband audio compression codecs: G.711a, G.711u, G.729a, G.729ab, and Internet Low Bitrate Codec (iLBC), Wideband and full-band audio compression codecs: G.722, Internet Speech Audio Codec (iSAC), and AAC-LD (MP4A-LATM) audio compression codecs Should support features like Extension mobility, PLAR, Mobility, + Dialing, Privacy and Service URL, URI Dialing 16.3Wireless IP Phone Specification Page144of 531 1. Should have Two-inch color display, 2D image bar-code scanner, Bluetooth 2.0 support with enhanced data rate, IP54 rated for protection against dust and splashing water. 2. Should have MIL-STD-810F standard for shock resistance, Long battery life (up to 240 hours of standby time or 13 hours of talk time), Support for a wide range of applications through XML and Java Mobile Information Device Profile (MIDP) 3. Should have following Features Six line appearances Abbreviated dialling Adjustable ringing and volume levels Adjustable display brightness and timeout Any-key answer Audible and vibrating ringers Auto-answer Auto-detection of headset and auto-answer from headset Automatic keypad lock Barge Call back Call forward Call history lists Call park Call pickup Call timer Call waiting Caller ID cBarge Corporate directory Conference Direct transfer Extension mobility service Fast-dial service Font-size adjustment Group call pickup Hold Hotkey for keypad lock, vibration and ring toggle, and voicemail access Immediate divert Join Last-number redial Malicious-caller ID 4. Should support G.711a, G.711u, G.729a, G.729ab, G.722, and Internet Low Bitrate Codec (iLBC) audio compression codecs Page145of 531 5. Should support TLS, SRTP, Image Authentication, File Authentication, Device Authentication and certificates 6. Should support IEEE 802.11a, 802.11b, and 802.11g 7. Should Support EAP-TLS, PEAP, 802.1X 17 Video Conference: 17.1 Video Conference End point Specification: The video conferencing endpoint should be supporting the latest industry standards and resolutions. The video conferencing endpoint should be interoperable with the existing Polycom RMX MCU. For a unified communication with ESIC, it is desired that the video conferencing solution should seamless integrate with the proposed IP telephony platform for seamless calls between video conference endpoints and IP phones. As part of this integration, ESIC desires to have a common dial plan for all the IP Phones, Video IP Phones, wireless IP Phones and Video conference endpoints. Video End points should be totally all-in-one unit (including the PTZ) camera for simple installation with a TV / Plasma for use over RJ-45 IP network H.323 upto 3 Mbps speed It should have the capability for SIP upto 3Mbps from day one It should support 30 fps and 60fps (frames per second) with 1080p resolution from day one It should have H.239 and BFCP protocols with 1080p resolution for presentation sharing It should haveH.261, H.263 and H.264 video compression standards It should have G.711, G.722,G.722.1 or equivalent audio compression standards The system should have two HD Video input ports – one HDMI/DVI for connecting the 1080p camera and second DVI/HDMI for connecting the PC/Laptop along with PC audio The system should have two HD video outputs for connecting two display devices The system should have audio features such as Noise Reduction, Automatic Gain control, Acoustic Echo Canceller, Active Lip synchronization The system should display both far and near site on the single screen The system should have 1x LAN /Ethernet--10/100/1000 Mbps full duplex The system should be IPV4 and IPV6 day one The system should be supplied with 2 Microphones day one, with microphones of cable length 7.5Mts or 10Mts It should have a 12x optical zoom 1080p60fps camera with +/- 90 degrees PAN and +/-10 degrees TILT. The codec and camera should be from same OEM It should support standards-based AES 128bit standard such as H.235 Automatic key generation and exchange and the same should be supported onfull bandwidth of the video endpoint. It should come with easy to use infra-red hand held remote control with operating distance of at least 15 feet Page146of 531 17.2 Video Screen/Plasma Screen Specification: Feature Minimum Requirement Description Panel Diagonal Size 40" Type 60Hz LED BLU Resolution 1366x768 (16:9) Pixel Pitch(mm) 0.51075(H) x 0.17025(V) Active Display Area(mm) 886.168(H) x 497.664(V) Brightness(Typ.) 250nit Contrast Ratio 5000:1 Viewing Angle(H/V) 178:178 Response Time(G-to-G) 8ms Display Colors 16.7M Color Gamut N/A Dynamic C/R 50,000 : 1(AV Mode) H-Scanning Frequency 30 ~ 61kHZ V-Scanning Frequency 60 ~ 75HZ Maximum Pixel Frequency 84MHz INPUT RGB Analog D-Sub VIDEO HDMI, Composite AUDIO Stereo mini Jack RGB N/A VIDEO N/A AUDIO N/A Power Out N/A Display Connectivity OUTPUT Power EXTERNAL CONTROL RS232C(In) thru stereo jack EXTERNAL SENSOR N/A Type Internal Power Supply AC 100 - 240 V~ (+/- 10 %), 50/60 Hz Power Consumption Mechanical Spec Dimension (mm) Weight (kg) Max[W/h] 66 Typical[W/h] 50 BTU(Max) 225.06 Stand-by mode 0.5 Set (w/o Stand) 914.2 x 547.9 x 90.9 Set (with Stand) 914.2 x 586.4 x 196.4 Package 1060 x 606 x 142 Set (w/o Stand) 7 Page147of 531 Operation Feature Accessories 7.6 Package 9.9 VESA Mount 200*200mm Protection Glass N/A Stand Type Foot Stand (Included) Media Player Option Type N/A Bezel Width (mm) 12mm Recommended Usage Hours 16hrs/day Operating Temperature Humidity 0℃~ 40℃ 10~80% Key HD Resolution with MagicInfo E Special MagicInfo E, Built in Speaker(10W + 10W) Internal Player (Embedded H/W) Certification Set (with Stand) Processor MIPS 24K On-Chip Cache Memor yClock Speed L1 : 16KB/16KB L2 : 128KB Main Memory Interface 512MB 16bit DDR3-800(1600MHz) Graphics 2D Graphic Storage (FDM) Multimedia 256MB Available IO Ports USB2.0 Operating System Samsung Proprietary OS(VDLinux) 650MHz Video Decoder - MPEG-1/2, H.264/AVC - VC-1, JPEG Audio DSP (Decoder) - AC3 (DD), MPEG, DTS and etc Safety CB (Europe) : IEC60065 EMC CE (Europe) : EN55022:2006+A1:2007, EN55024:1998+A1:2001+A2:2003 Environment ErP TV Included Stand, Quick Setup Guide, Warranty Card, Power Cord, Remote Controller, Batteries Page148of 531 Optional Media Player Stand Included Mount Not Included Specialty N/A CPU N/A N/B S/B GPU FDM/HDD Memory Ethernet Connectivity USB Output Others 18 Power UPS/GENSET Specification: Description The purpose of the enclosed specification is to define minimum design, construction and testing criteria relating to the supply of Uninterruptible Power Systems (UPS). - Bidder shall provision for Power UPS at each location. Genset only on need based can be taken separately. UPS battery needs to be replaced at every 2 years. 18.1 UPS Specification: 02Nos of 6 KVA UPS in hot standby mode at Branch office: Specifications Technology True On Line UPS with double conversion technology Rectifier and inverter should be based on IGBT Power Rating Input 6000 VA / 4800 W Voltage Range 160 VAC – 300 VAC @ 100% Load, 110 VAC – 300 VAC @ 50% Load Frequency 40 Hz ~ 70 Hz Power Factor ≥ 0.95 Output - Voltage Range 220/230/240 VAC +/- 3% Output - Voltage Distortion ≤ 3% (Linear Load), ≤ 6% (Non Linear Load) Frequency 47.5 ~ 52.5 Hz Power Factor 0.8 Crest Factor 3:1 Page149of 531 Transient Response Less or equal to 3% for 100% nonlinear load (Battery mode) Battery Type Sealed Maintenance Free, Valve Regulated Lead Acid Battery cells rating Battery cell of 12V Rated Voltage Minimum 180 VDC Backup Time 60 min10080 VAH Protection Inbuilt protection for surge suppression and EMI/RFI filter provided as well as the unit shall have Surge Current Capacity of min. 10kA with two mode of protection &<0.5 ns Response time. UPS shall be provided with only externally connected SPD as per IEEE Standard 1100-2005 Audible Noise Less than 45dB at 1 meter Operating temp & Humidity 20 – 90%RH @ 0 – 40°C (non condensing) LCD Display UPS Status, Load level, Battery level, Input / Output voltage, Discharge Timer & Fault conditions SMART RS 232 Supports Windows, Linux SNMP Power Management from SNMP manager should be provided and web browser option should be present Credentials Manufacturer Should be ISO 9001:2000 certified Manufacturer Should be ISO 14001 certified OEM should provide latest Type Test Certificate (TTC) from Government laboratory like ETDC. 2Number of 3 KVA UPS in hot standby mode at Dispensaries: Specifications Technology True On Line UPS with double conversion technology Rectifier and inverter should be based on IGBT Power Rating Input 3000 VA / 2400 W Voltage Range 160 VAC – 300 VAC @ 100% Load, 110 VAC – 300 VAC @ 50% Frequency 40 Hz ~ 70 Hz Power Factor ≥ 0.95 Output - Voltage Range 220/230/240 VAC +/- 3% Output - Voltage Distortion ≤ 3% (Linear Load) ≤ 6% (Non Linear Load) Frequency 47.5 ~ 52.5 Hz Power Factor 0.8 Crest Factor 3:1 Transient Response Less or equal to 3% for 100% nonlinear load (Battery mode) Battery Type Sealed Maintenance Free, Valve Regulated Lead Acid Battery cells rating Battery cell of 12V Page150of 531 Rated Voltage Minimum 96 VDC Backup Time 60 min VAH 4992 Protection Inbuilt protection for surge suppression and EMI/RFI filter provided as well as The unit shall have Surge Current Capacity of min. 10kA with two mode of protection &<0.5 ns Response time. UPS shall be provided with only externally connected SPD as per IEEE Standard 1100-2005 Audible Noise Less than 45dB at 1 meter Operating temp & Humidity 20 – 90%RH @ 0 – 40°C (non condensing) LCD Display UPS Status, Load level, Battery level, Input / Output voltage, Discharge Timer & Fault conditions SMART RS 232 Supports Windows, Novell, Linux and FreeBSD SNMP Power Management from SNMP manager should be provided and web browser Power Outlet Power Outlet: Should have programmable power management outlet for independent control of load segment. Credentials Manufacturer Should be ISO 9001:2000 certified Manufacturer Should be ISO 14001 certified OEM should provide latest Type Test Certificate (TTC) from Government laboratory like ETDC. Technical specifications of 2x 60 KVA at SRO and 2X120 KVA UPS at HO in parallel mode with 60 min back up. Uninterruptible Power System(s) (hereinafter referred to as UPS) rated at 60/120 kVA, featuring valveregulated lead-acid batteries (VRLA), housed in self-supporting battery racks. The present specifications contain minimum requirements. All offers must be completed strictly in accordance therewith, either by confirming data or by filling in the spaces provided, where requirements are not met. Any deviations or exceptions to the minimum requirements must appear in the offer. Where no exceptions are shown, the requirements of the present specifications will be considered as accepted. RELEVANT REFERENCE STANDARDS The choice of materials and components, engineering developments and the construction of the equipment must comply with current directives and standards. The UPS will have a CE mark as specified by Directives 73/23, 93/68, 89/336, 92/31 and 93/68. The UPS will be designed and produced according to the following specifications: IEC/EN 62040-1-1 "General and safety requirements for UPS used in operator access areas." EN 62040-2 “Electromagnetic compatibility (EMC) requirements” IEC/EN 62040-3 “Performance requirements and test methods” Design Specifications Page151of 531 The Uninterruptible Power System (UPS) will include the following operational components: Full IGBT Rectifier/battery charger IGBT Inverter Maintenance bypass switch Static switch K 13 Galvanic Isolation transformer at output. Batteries (12 V SMF) IGBT Rectifier/Battery charger: The IGBT Rectifier/Battery charger will have an input isolating switch and a PWM digital vector control system (DSP based) which, in addition to normal functions (AC/DC conversion), will automatically correct the input power factor to a value > 0.99 and limit the harmonic rejection to the mains at a THD I value < 3% at full output load, and a THDi value < 5% for any other condition. For the battery charger function, this converter will include built-in fuses and a control circuit for the voltage and battery recharging current. The ripple current to the batteries will be less than 0.05 C10. A microprocessor control function will perform the following operations: Test the battery by automatically performing a partial battery discharge at weekly intervals or at intervals defined by the user Adjust battery float voltage as a function of ambient temperature Calculate the remaining battery autonomy time during discharge Automatically compensate battery shutdown voltage as a function of the time for prolonged discharges. IGBT Inverter The IGBT inverter will have a PWM digital vector control system (DSP based), capable of converting DC voltage from the IGBT rectifier or battery into AC voltage. A rated output filter will create an output voltage sinusoidal envelope. The control circuit, in addition to normal functions, will automatically adjust nominal output power in accordance with ambient temperature. Inverter should be able to deliver full active power at Unity power factor(KVA=KW) 8.6 Inbuilt Full rated K 13 type Galvanic isolation transformer to be provided at output. UPS compatibility to Load Power factor UPS should support the full Power factor range (Lagging& leading) of load without any deration in power rating Static bypass switch The static bypass switch will feature a separate power input and will consist of the following: Static switches (SCR type), which can support overloads and short circuits downstream of the UPS A back feed detection circuit as specified by IEC/EN 62040-1-1, clause 5.1.4 A bypass and maintenance bypass input isolating switch with auxiliary indicator contact An output load switch. The control logic will be handled by digital algorithms (using vector control techniques), similar to those used for the rectifier and the inverter. The static bypass shall be equipped with a back feed protection device compliant with clause 5.1.4 of IEC/EN 62040-1-1; and a relay signal contact for the control of the external back feed isolator to be installed on the bypass line upstream from the UPS. Page152of 531 # Batteries (VRLA 12 V SMF) Battery Backup duration required with each UPS system: 60 Min While sizing the battery, the following are to be considered. End Cell Voltage: 1.75 V Inverter Efficiency: 94 % Output Power Factor: Unity (i.e. KVA = KW) OPERATING MODES This section describes the different operating modes of the Uninterruptible Power System. The UPS, using the above-mentioned digital vectorial control (DSP system), will be able to operate both in double conversion and digital interactive modes. Double conversion Operation In this operating mode, under normal service conditions, the load will always be supplied from the inverter, guaranteeing maximum protection for the load. Digital interactive mode In this operating mode, under normal service conditions, the load will always be supplied from the direct line through the bypass static switch. The quality of the direct line will be monitored constantly using algorithms operated in real time by the DSP control system. If the direct line is outside the permitted tolerances, the load will be automatically transferred to the conditioned line (inverter) without interruption. In the absence of power supply to the direct and conditioned lines, the battery will supply power to the loads through the inverter. During this phase, power will be drawn from the battery and the battery charge will be reduced. Visible and audible signals will alert the user to this operating state. The remaining autonomy time will be calculated by a diagnostic algorithm. When the quality and reliability of the direct line return within permitted limits, the UPS will automatically start supplying the load from the direct line. Maintenance bypass switch The UPS will be equipped with a bypass switch capable of transferring the load to the bypass supply without interruption so as to enable the UPS to be switched off and isolated for maintenance operations. The supply to the load will be maintained. Controls and diagnostics The controls for the electronic power supply modules will guarantee the following: A three-phase power supply which is ideal for the load Controlled battery recharging Minimum harmonic rejection to the upstream mains power supply (THDi<3% at full load, THDi<5% in any other condition). The UPS will feature a digital vector control based on a DSP (Digital Signal Processor). The special DSP algorithms must be designed to ensure rapid and flexible processing of the detected data, allowing rapid generation of controlled variables. It must also be possible to run the control for the electronic inverter devices in real time to: Page153of 531 Have a synchronized (precise phase) angle between UPS output and bypass network, in the event of mains voltage distortion Highly flexible parallel operation. Microprocessor control and diagnostics Operation and control of the UPS should be provided through the use of microprocessor-controlled logic. Indications, measurements and alarms, together with battery autonomy, will be shown on a graphic liquid crystal display (LCD). The procedures for startup, shutdown and manual transfer of the load to and from bypass will be explained in clear step-by-step sequences on the LCD display. Warning/fault: this page contains information regarding various anomalies concerning power converters such as the bypass, rectifier, inverter and booster/charger. In addition to this there is also warning and fault information relating to the battery and the load. Events log: displays the date and time of important UPS events, alarms and other warnings. Measurements: this page holds the full set of measurements for each functional block (rectifier, bypass, booster/charger, batteries, inverter and load). Battery: displays the battery status/values including temperature, cell voltage, capacity and run time as well as commands for allowing the user to configure battery testing. Tools: this page allows users to customize the settings of the LCD display and to select the desired language, choosing between 15 languages. Controls The UPS will be provided with the following controls: Inverter start Inverter stop Reset faults Buzzer/mute alarm Measurements The UPS will provide the measurements (voltage, current and frequency) for every single internal functional block and this information will be directly accessible on the display, via the measurements button. Signals and alarms The UPS must provide signals and alarms for every single functional block. These signals must be directly accessible via the display, by clicking the warning and fault button. The UPS will also: Clearly display, upon mains failure, the remaining battery autonomy which will be a function of battery status and charge (discharge curve, degradation, operating temperature, etc.) Have three serial RS232 ports for compatibility and communications with special peripheral units and for remote connections Be able to support remote graphic measurement and signaling software Be able to interface with a network monitoring system using SNMP slot-in cards A voltage-free input will also be provided to disable the static switches and all power converters (EPO) in case of emergency. Programmable I/O contacts (at least 4 voltage-free outputs and 2 inputs). Remote Monitoring Page154of 531 Suitable monitoring software shall be provided to monitor the system at remote location. A voltage-free input will also be provided to disable the static switches and all power converters (EPO) in case of emergency. Programmable I/O contacts (at least 4 voltage-free outputs and 2 inputs). # Remote Monitoring . Suitable monitoring software shall be provided to monitor the system at remote location. # UN INTERRUPTIBLE POWER SYSTEM TECHNICAL DATA Parameter Unit of measure Specification data Supplier's data Nominal voltage (V) 400 V three-phase + ……………… N Tolerance on voltage (%) 250 V 460 V ……………… Nominal frequency (60 Hz selectable) (Hz) 50 ……………… Tolerance on frequency (%) ± 10 ……………… > 0.99 ……………… (%) <3 ……………… distortion (THDi) in all other (%) <5 # Input characteristics Input power factor @ nominal voltage Total harmonic distortion (THDi) @ full load Total harmonic conditions Walk in /Soft start (Sec) Rectifier Hold OFF (Sec) (Sec) ……………… ……………… 10 (1 to 90 10 (1 to 180 Selectable) ……………… # Inverter output characteristics Nominal voltage (380/415 selectable) (V) 400 three-phase + N ……………… Nominal frequency (60 Hz selectable) (Hz) 50 ……………… Nominal power @ 40°C (kVA) Nominal Power @40°C (kW) 60/120 ……………… 60/120 ……………… Automatic adjustment of nominal output power as a function of temperature (%) (%) (%) @ 25°C = 110% ……………… @ 30°C = 105% ……………… @ 40°C = 100% ……………… Output voltage stability in steady-state condition for input within permitted limits and load variations from 0 to 100% (%) ±1 Stability in dynamic conditions for 100% load step Complies ……………… with Page155of 531 Parameter Unit of measure Specification data variations (%) IEC/EN 62040-3, ……………… Class 1 (VFI, SS, 111) Load crest factor without derating Supplier's data 3:1 ……………… ……………… Output voltage distortion with 100% linear load (%) 1 Output voltage distortion with non-linear load as specified by IEC/EN 62040-3 (%) <3 Output frequency stability in synchronization with mains (± 2 ± 3 ± 4 selectable) (%) ±1 Output frequency stability with internal clock (%) ± 0.1 ……………… ……………… ……………… Frequency slew rate (Hz/sec) Permitted . for . for 60 seconds Short . . 150% In overload: minutes (%) (%) 10 circuit current: In (ms) (s) 300% <1 ……………… 125 150 ……………… ……………… 10 5 ……………… ……………… # Characteristics of electronic static changeover switch Nominal voltage (380/415 selectable) (V) 400 ……………… Tolerance on voltage (± 5 ± 15 selectable) (%) ±10 ……………… Nominal frequency (60 Hz selectable) (Hz) 50 ……………… Tolerance on frequency (± 2 ± 3 ± 4 selectable) (%) ±1 ……………… Permitted overload: for 10 . for 1 . for 600 . for 100 milliseconds minute (%) minute (%) milliseconds (%) AC/AC efficiency – double conversion mode @ 100% (%) (%) ……………… 125 ……………… 700 ……………… ……………… 150 1000 >93.5 Page156of 531 ……………… Parameter Unit of measure Specification data Supplier's data (%) 98 ……………… load Efficiency in digital interactive mode @ 100% load EMC compatibility as per EN 62040-2 Class C3 Degree of protection IP 20 Frame colour RAL……. Battery SMF No of Cells ...................... To be specified by the vendor AH -- do -- ……………… ...................... ...................... # TVSS ( Transient Voltage Surge Suppression ) with each UPS system input. The TVSS shall be constructed of Metal Oxide Varistor (MOV) technology and Internal surge capacitors. The surge protective devices shall be sized per IEEE Std C62.41-1991 and IEEE Std C62.45-1992.. All Modes Protection : L-L, L-N, L-G, N-G Surge Current Capacity : adequate rarting Connection Type : Parallel Protection Level : < 1 kV MCOV Response Time : < 0.5 nanoseconds Status Indication : LED, Dry contacts EMI/RFI Attenuation : 40 dB typical Certification : UL 1449-3 : Min. 320 Volts 18.2 DG Set: 10 KVA -1 Ph Silent DG Set Specification DIESEL ENGINE: Page157of 531 Engine consists of 2 cylinders, inline, 4 stroke cycles, Water cooled turbo charged after cooled, developing 23 BHP at 1500 RPM under NTP conditions of BS: 5514. The engine shall be provided with electrical starting arrangement & shall give the electrical output of 10 KVA/ 8 KW at 0.8 power factor, 240 Volts at the alternator terminal. A. ALTERNATOR: Single bearing alternator suitable for continuous operation generating 10 KVA at 1500 RPM, 240 Volts , 0.8 power factor (lag) suitable for 50 Hz, 1 phase, 4 wire system, confirming to BS 5000/ IS 4722. The alternator is brushless type, screen protected, revolving field, self-excited, self-regulated through an AVR. The alternator has the following features: - ± 1.0% voltage regulation (max.) in static conditions - IP: 23 protection with insulation class H - Permissible overload of 10% for one hour in 12 hours of operation. ENGINE CONTROL PANEL: The Power Start control is a microprocessor-based generator set monitoring and control system. The control provides a simple operator interface to the generator set, manual and remote start/stop control and shutdown fault indication. The integration of all control functions into a single control provides enhanced reliability and performance compared to conventional generator set control systems. This control has been designed and tested to meet the harsh environment in which genets are typically applied. LCD displays - 16 character x 2 lines alphanumeric LED backlight LCD. B. Generator set monitoring and protection. 12 VDC battery operations. Engine Starting - Includes solid state output to operate external relays start the engine, fuel shut off (FSO), and glow plugs. Start disconnect is achieved by monitoring main alternator frequency. Remote Start Capability – Interface to transfer switch Environmental protection – The control is designed for reliable operations in harsh environments. Warranty and service - Backed by a comprehensive warranty and worldwide distributor service network. Certification - Suitable for use on generator sets that are designed, manufactured, tested and certified to relevant ISO, IEC Mil Std. and CE standards. C. Base control functions: LED indicating lamps - For genset running, remote start, shutdown, warning, manual, auto and stop. Operation interface - Six tactile-feel membrane switches for LCD navigation, genset operation and control setup. These switches are indicated by internationally accepted symbols and English text. Operator adjustments - The LCD includes provisions for necessary set up and adjustment functions. Control data - Access to the control software part number and software version are provided from the LCD or InPowerTM. Data logs - Includes engine run time and controller on time. Fault history - Provides a record of the most recent fault conditions with control hours’ time stamp. Up to Page158of 531 5 events are stored in the control non-volatile memory. Alternator data - Voltage (single or three phase line-to-line and line-to-neutral) - Current (single or three phase) - KVA (three phase and total) - Frequency Engine data - Starting battery voltage - Engine speed - Engine temperature - Engine oil pressure - Partial Full Authority Engine (FAE) data (where applicable) Service adjustments - The HMI includes provisions for adjustment and calibration of generator control functions. Adjustments are protected by a password. set Functions include: - Engine speed governor adjustments - Voltage regulation adjustments - Cycle cranking - Configurable fault set up - Configurable output set up - Meter calibration - Units of measurement D. ESSENTIAL ACCESSORIES: Fuel tank: Sub Base Fuel tank of 14 SWG MS sheet of adequate capacity. Base Rail: Base Rail with integral fuel tank is provided. Batteries: For electrical control circuit 1 no., 12 Volts, 45 AH batteries for electrical starting of DG set. E. Acoustic Enclosure: Sound Proof, Weather Proof enclosure. Confirms to statutory Govt. noise level norms. The Enclosure is of modular construction with the provision to assemble and dismantle easily. The Enclosure is fabricated in 16 SWG-CRCA-sheet. All Nuts-bolts, hardware are of Stainless Steel for longer life. Battery is provided in a tray inside the Enclosure. Doors are gasketted with high quality EPDN gaskets to avoid leakage of sound. Page159of 531 Sound proofing of enclosure is done with high quality foam of suitable thickness and density for better sound attenuation. A special Critical grade silencer is provided to control exhaust noise. Specially designed sound attenuators are provided to control sound at air entry & exit points inside the Enclosure. To make the system vibration free, engine and alternator are mounted on specially designed antivibration pads mounted on base frame. The enclosure is designed and layout of the equipment is such that there is easy access to all serviceable parts. Adequate ventilation is provided to meet air requirement for combustion & heat removal. There is an arrangement for illumination inside the Enclosure. Standard Control Panel is mounted inside Enclosure itself. With UV resistant powder coating, can withstand extreme environments Noise level is 75 dB(A) at distance of 1 mtrs. in open free field environment as per ISO 8528 part 10 CPCB-II specifications. Fluid drains for lube oil and fuel filling point 70 KVA-3 Ph Silent DG Set Specifications DIESEL ENGINE: Engine Consists of 4 cylinders, inline, 4 stroke cycle, Water cooled turbo charged after cooled, developing 99 BHP at 1500 RPM under NTP conditions of BS:5514. The engine shall be provided with electrical starting arrangement & shall give the electrical output of 70KVA/56KW at 0.8 power factor, 415Volts at the alternator terminal. ALTERNATOR: Single bearing alternator suitable for continuous operation generating 70KVA at 1500 RPM, 415Volts , 0.8 power factor (lag) suitable for 50 Hz, 3 phase, 4 wire system, confirming to BS 5000/ IS 4722. The alternator is brushless type, screen protected, revolving field, self excited, self-regulated through an AVR. The alternator has the following features: - ± 1.0% voltage regulation (max.) in static conditions - IP: 23 protection with insulation class H - Permissible overload of 10% for one hour in 12 hours of operation. ENGINE CONTROL PANEL: The Control Panel is manufactured with 14/16 gauge CRCA sheet and is powered coated for a weatherproof and long lasting finish. The Control Panel consists of the following parts: - Genset Controller - Aluminum Bus Bars with suitable capacity with in/outgoing terminals - Indicating Lamps for ‘Load On’ and ‘Set Running’ - Instrument fuses duly wired and ferruled Page160of 531 - MCCB of suitable rating with overload and short circuit protections. Genset Controller: Control is a microprocessor based generator set monitoring and control system. The control provides a simple operator interface to the generator set, manual and remote start/ stop control, shutdown fault indication, and an LCD hour counter. The integration of all functions into a single control system provides enhanced reliability and performance compared to conventional generator set control systems. The control has been designed and tested to meet harsh environment in which gensets are typically applied. Technical Specification of Controller: 16 character x 2 line alphanumeric LCD display with LED backlight Operator interface Provide a record of most recent fault conditions. Fault history stored in the control nonvolatile memory Provide Alternator data -Voltage (line to line and line to neutral voltage) -Current (1 ph or 3 ph) -kVA (3 ph and total) -Frequency Provide Engine data -Starting Battery Voltage -Engine running hours - Engine Temp. - Engine oil pressure Control includes provision for Service adjustment and calibration of DG control functions -Voltage, frequency selection -Configurable input and output set up -Meter calibration Engine controls Power Start operates on 12 VDC batteries Auto start mode accepts a ground signal from remote devices to automatically start the DG set. The remote start will also wake up the control system from sleep mode. Engine Starting – The control system supports automatic engine starting, Primary and back up start disconnects are achieved by battery charging alternator feedback or main alternator output frequency. Controller provide configurable time delay of 0-300 sec to start after remote start signal and time delay of 0-600 secs prior to shut down after stop signal. Sleep mode increase battery life. Configurable current settings from low to minimize current draw when genset is not working. Engine Protective Functions includes Configurable alarm output Emergency stop: Annunciated whenever an emergency stop signal is received by the control. Page161of 531 Low Lube oil pressure warning and shutdown High engine water temperature warning/ shutdown Low coolant temp warning Sensor failure indication Low and high battery voltage warning Weak battery warning Fail to start shut down Cranking lockout: Control will not allow the starter to engage or to crank the running engine Cyclic cranking: Configurable for the number of starting cycle (1 to 7) and duration of crank and rest periods. Alternator Protective functions includes High and Low AC voltage shut down Under and over frequency shutdown / warning Loss of sensing voltage input shut down A. ESSENTIAL ACCESSORIES: Fuel tank: Sub Base Fuel tank of 14 SWG MS sheet of adequate capacity. Base Rail: Base Rail with integral fuel tank is provided. Batteries: For electrical control circuit 1 no., 12 Volts, 45 AH batteries for electrical starting of DG set. B. Acoustic Enclosure: Sound Proof, Weather Proof enclosure. Confirms to statutory Govt. noise level norms. The Enclosure is of modular construction with the provision to assemble and dismantle easily. The Enclosure is fabricated in 16 SWG-CRCA-sheet. All Nuts-bolts, hardware are of Stainless Steel for longer life. Battery is provided in a tray inside the Enclosure. Doors are gasketted with high quality EPDN gaskets to avoid leakage of sound. Sound proofing of enclosure is done with high quality foam of suitable thickness and density for better sound attenuation. A special Critical grade silencer is provided to control exhaust noise. Specially designed sound attenuators are provided to control sound at air entry & exit points inside the Enclosure. To make the system vibration free, engine and alternator are mounted on specially designed antivibration pads mounted on base frame. Page162of 531 The enclosure is designed and layout of the equipment is such that there is easy access to all serviceable parts. Adequate ventilation is provided to meet air requirement for combustion & heat removal. There is an arrangement for illumination inside the Enclosure. Standard Control Panel is mounted inside Enclosure itself. With UV resistant powder coating, can withstand extreme environments Noise level is 75 dB(A) at distance of 1 mtrs. in open free field environment as per ISO 8528 part 10 CPCB-II specifications. Fluid drains for lube oil and fuel Fuel filling point Installation and Commissioning of DG sets: 1. Foundation: Suitable Foundation shall be of PCC type to meet length & breadth of genset. 2. Earthing: Suitable earthing station and necessary connections shall be done in case of single phase DG sets, the total number of earthing station shall be 2 GI (10KVA)/4 GI (70KVA) and it shall be used for bodyearthing. The consignee should choose installation site in such a way that the earthing stations can be made within 1 metres of the DG set. 3. Unloading and placement of DG set on foundation. 4. Exhaust piping, extra civil work, distribution board shall be provided byConsignee / user. 5. Note: Necessary approvals, if any, shall be obtained by the consignees. S.No. Description 1 Supply of 10 KVA Silent DG set comprising of Engine coupled to 10 KVA alternator mounted on a common Base frame along with other accessories i.e., Fuel tank, Battery with leads, Acoustic Enclosure, Manual Panel as per specifications 2 Installation & Commissioning of 10 KVA Silent DG set as per Specifications 3 Supply of 70 KVA Silent DG set comprising of Engine coupled to 70KVA alternator mounted on a common Base frame along with other accessories i.e., Fuel tank, Battery with leads, Acoustic Enclosure, Manual Panel as per specifications 4 Installation & Commissioning of 70 KVA Silent DG set as per Specifications 19 Telemedicine: 19.1 Picture archiving and communication system (PACS) specification: Minimum Requirement Description Image Acquisition Page163of 531 1. System shall support direct DICOM storage of images from the following modalities: • Computed Tomography(CT) • Magnetic Resonance Imaging (MRI) • Ultrasound (US) • Nuclear Medicine (NM)(Gamma Camera) • Computed Radiography(CR) • Digital X-Ray machine (1000mA) • Existing500mA X-ray machine • Digital Microscope • Video Colposcope • Video Endoscope • Ortho pantogram • Conventional Simulator machine • CT Simulator machine • Future PET Scan • Mammography • Computerized Treatment Planning system 2. 3. The system shall provide support for US cineloops. Support audit trails for identifying and recovering failed transmissions 4 The system shall support the ability to digitize paper documents (i.e., consent forms, tech notes, etc.) and associate with appropriate exam. 5 The system shall include the DICOM Modality Worklist Management SCP 6 The system shall provide worklists by modality and support either a push or pull approach to worklist management PACS DICOM Connectivity Requirements Minimum Requirement Description PACS DICOM Connectivity Requirements 1. It shall function as a "Provider" of a Storage Service class (SCP) and communicate with the Remote Storage Service Class User (SCU) at the modality for receiving the images. 2. The PACS system shall provide a Modality Worklist as a SCP to the modality providing schedule information and the required patient demographic information so that the modality should not have to re-enter these. 3. The PACS communicates scheduling and Patient demographic data using the Modality Work list as a SCP. Database Page164of 531 Minimum Requirement Description Database The archive must be able to store in its database all the data hierarchy for the DICOM objects 1. at the patient, study and series level. 2. The system shall support the retrieval of images by: • Exam ID Number • Patient Name • Patient ID Number • Exam Date • Modality Type 3. The system shall provide an access control mechanism That enables assignment of unique access privileges to individual users and user-groups to access or alter system resources and data. Examples of such functions are: • Display approval reports • Display unapproved (unsigned)reports • Display images • Printed images 4. When the database is backed up and verified by an Automated procedure, it shall not impact the system noticeable to the experienced user. Storage Minimum Requirement Description Storage 1. System shall provide on-line storage 2. System must have open architecture to allow flexibility for connectivity to data center, for central storage of images at a remote location and sharing of data between different locations of ESIC 3. 4. 5. 6. 7. The system shall not store any image on storage system with Non-reversible compression. The on-line storage system shall support RAID configuration (Specify RAID level and configuration). The storage system shall tolerate the failure of a single disk drive, without loss of data The storage system shall provide means for notifying the system administrator in the event of a failure in the storage system (e.g., SNMP) System shall be possible to export images to removable media in a variety of formats (e.g., TIFF, GIFF, DICOM, JPEG, other) Image Display Workstations Diagnostic Workstation Page165of 531 Minimum Requirement Description Image Display Workstations 1. Workstations should be FDA approved. 2. A worklist entry for an exam shall include at least the patient Name and ID, examination procedure, exam date and time. 3. The system shall support worklists which display a list of exams based on queries of: Patient name Patient ID Modality Exam Status Date and time of acquisition 4. A user shall be able to mark an image "key or important toSomething”to indicate that this image of a series of images is important to the patient evaluation. 5. 6. A user shall be able to print a collage of" key" images The workstation shall allow a user with the proper privileges toDisplay the report for any reported exam without requiring the display of its associated images 7. The workstation shall support the display of multiple imagesfrom one exam on one or more displays It shall be possible to choose among multiple image displayformats for the displays of a workstation, for example1:1, 2:1,4:1, 6:1, 9:1, and 12:1 8. 9. The workstation shall allow a user to display of the images of An exam, including window width and level, display sequence, orientation, magnification, pan position, and any annotations. 10. The workstation shall support the display of multiple examinations on the same patient 11. The system shall support rapidly moving to the next or Previous exam in a worklist 12. If multiple image series are viewed, it shall be possible to page through the series independently. The workstation shall support linking image stacks and moving through them synchronously so that the same anatomic position or image sequence position is displayed in each stack 13. 14. The cine function shall support the display of multiple stacks synchronously 15. 16. The workstation shall provide dynamic window width and level through the entire image gray scale data set. The window width and level function shall be applicable to asingle image, selected images, all images. Satisfaction of the region of interest requirement maybe accomplished through, for example, the magnifying glass function 17. When applying the magnifying glass to an image, the originalImage data set shall be used 18. The workstation shall support region of interest mean (in image units, e.g., Hounds field units for CT), are a measurement It shall be possible to toggle the display of image annotation on and off 19. Page166of 531 20. The workstation shall display, along with each image, at least the following patient data: Patient name Patient ID Patient date of birth Exam date and time Image or slice number Radiologyreport 21. The workstation shall provide a function to display the entire contents of the DICOM header for a selected image. 22. The workstation shall include automatic screen blanking and power saving with a selectable time limit. Requests for printing shall not compromise workstation operation or performance 23. 24. 25. 26. The workstation shall support DSR(Dicom Structure report) The workstation shall allow the user to arrange the images of the examination within the selected image format The workstation shall provide a function that displays the status of image printers on the network, including the print queue 27. The system shall support the DICOM Print Service Class as a Service Class User(SCU) 28. All Workstation must conform to the DICOM image quality standard 29. Workstations support the DICOM query and retrieve SCU 30. The system shall support standard IHE profiles, ie Consistent Presentation of Images (CPI), Key Image Note(KIN), Presentation of Grouped procedures (PGP) and Grayscale Presentation States (GSPS) 31. Single Workstation should be able to support upto5 monitors. ((4 High resolution monitors +1forworklistand reporting)),specially for CT, MR images MIPIMRP 3D Volume rendering 3D enhanced lumen tracing and a complete package of flexible measurement tools, provides the following clinical tools: a) Surgical Planning b) Post-Surgical Assessment c)Disease Progression d) Stent Planning e) Directional vessel tortuosity visualization 32. 33. 34. 35. Lung VCAR clinical application a) Synchronized 2D, DCA and segmentation analysis. b) Automatic nodule visualization and localization. c) Nodule detection sensitivity. d) Accurate and repeatable segmentation analysis (volume, doubling time, %growth). e) All nodule type segmentation and analysis(Solid, Non- Solid and Part Solid) Security and Reliability Minimum Requirement Description Security and Reliability 1. All passwords shall be encrypted. Page167of 531 2. The system shall provide a mechanism for automatic log off of a user at a workstation after a configurable period of workstation inactivity 3. Remote Service diagnose facility on the PACS server 4. Active service management-Error logs, server events , automatic mail to the IT admin for server logs and to the vendor service HARDWARE PACS SERVER with 5 TB of usable storage Dual Xeon2.0GHzXeonQuad-coreProcessors 6GB RAM(6X1GB Kit) 5x300GB15kRPMSATA Hard Drives Internal CD-ROM Embedded GB Ethernet NIC Tape drive for DB backupLTO4 Microsoft®Windows2012 Enterprise Edition Server OS Microsoft®SQLServer2012 Processor based license 1xKeyboard 1xMouse 1x19”DisplayMonitor TFT Redundant Power Supply Workstation Intel Xeon2.0GHz ormoreI1066MHzFSB,4MBL2CacheProcessor, 4GBRAM,500GB Hard Drive, 100\1000EthernetCard Nvidia Quadro 280NVSPCI-E, DVD-RW Drive 1xDVDRW 1xKeyboardandMouse Microsoft®Windows7 professional license Display Monitors Specifications Minimum Requirement- 3MP Color LED Backlight Diagnostic display + 2MP clinical review ( 1+1 configuration) Resolution - 3MP (2048x1536) Screen - Diagnostic single Head Color LED Backlight Protective, non-reflective glass cover Should do Color imaging and Gray imaging DICOM calibrated luminance of 400cd/m2 and Max Luminance 800cd/m2. Contrast ratio (ULT off) 1400:1, Response time (Tr + Tf) 40 ms Should offer backlight warranty @400cd.m2 for 20000 hrs or 5 years which ever is earlier. Power consumption 50 w. All components display, graphic card and QA software should come from the same company. Along with cables for Video, USB and Displays. Front consistency sensor, uniform luminance technology, Backlight Output Stabilization. Second display - 21" 2MP Medical Grade Review display with DICOM calibrated luminance of 250cd/m2 and Maximum luminance of 440cd/m2 Power consumption 23w. This display should have LED backlight Graphic card should support upto three displays Video Input - DVI and DisplayPort Display should support these images - CT, MR, US, DR, CR, NM, Film Certifications - VCCI, FCC class B, ICES001 Level B, ROHS, IEC 60601, EN 60601, FDA approved Minimum Requirement- 2MP Color LED Backlight Diagnostic display + 2MP clinical review ( 2+1 Page168of 531 configuration) Resolution - 2MP (1600 x 1200) Screen technology LCD - Diagnostic single Head Color LED Backlight Protective, non-reflective glass cover Should do Color imaging and Gray imaging DICOM calibrated luminance of 400cd/m2 and Max Luminance 800cd/m2. Contrast ratio (ULT off) 1400:1, Response time (Tr + Tf) 20 ms Should offer backlight warranty @400cd.m2 for 20000 hrs or 5 years which ever is earlier. Power consumption 36 w All components display, graphic card and QA software should come from the same company. Along with cables for Video, USB and Displays. Front consistency sensor, uniform luminance technology, Backlight Output Stabilization. Second display - 21" 2MP Medical Grade Review display with DICOM calibrated luminance of 250cd/m2 and Maximum luminance of 440cd/m2 Power consumption 23w. This display should have LED backlight Video Input - DVI and DisplayPort Graphic card should support upto three displays Display should support these images - CT, MR, US, DR, CR, NM, Film Certifications - VCCI, FCC class B, ICES001 Level B, ROHS, IEC 60601, EN 60601- FDA approved. 20 LAN Cabling Specification: - Bidder shall provision LAN cabling & MDF room creation, where ever necessary. Bidder shall provide Support of existing LAN cabling & I/O port repairing. LAN Cabling - The Bidder will also identify the works required to ensure Structured Cabling with Cat6 cable, I/O Port, Jack Panel, labeling etc. in order to make the site suitable for functioning in the ESIC architecture envisaged. - The Bidder will ensure that Cabling is done concealed inside the conduit and no cables or patch cords should be visible. The work should be done under the supervision of technical staff. - The cabling shall be properly labeled and ferruled so as to facilitate easy identification and maintenance. The labeling and ferruling shall be documented. - The cabling job should be carried out under the supervision of certified engineers. - All civil work like cutting, chiseling, drilling, etc. shall be finished to ensure smooth leveled surfaces matching the existing surface finish without disturbing the existing aesthetics of the office to the extent possible. - Testing, in conformance to measurement procedures and test parameters for V.35, CAT 6 and other communication cables installation as defined in TIA/EIA-568-B standards, of each node at each site. The certified test results are to be submitted to ESIC. Page169of 531 Minimum Specifications / Functionalities / Capabilities of Passive Cabling: S.No I Cat 6A FTP LSZH Cable, TIA-568C.2, (305 Mtrs./1000 feet per Box) 1 Minimum Specifications 1.1 Shall be of 4 twisted pairs of 23 AWG solid conductors 1.2 Shall support network line speeds up to 10 gigabits per second. 1.3 Shall be 4-pair overall Foiled twisted pair to restrict alien crosstalk & should have a cross filler pair separator, meeting Category 6A tested to 500 MHz or more as per TIA-568C.2. (Shall not have individual pairs foiled) 1.4 Shall support IEEE 802.3, 10 Gigabit Ethernet (10GBase –Tx), Gigabit Ethernet (1000Base –Tx), 10/100 Base-Tx, Token ring, 155 Mbps ATM, 100 Mbps TPPMD, ISDN, analog and digital vide and analog and digital voice (VoIP) 1.5 The Alien Crosstalk performance of the Solution shall be guaranteed for 10 Gbps transmission for the complete channel (not just cable) across the entire swept frequency (1-500 MHz) and tested in a stringent 6-around-1 configuration that is representative of worst-case installation conditions. Test Certificate from independent labs like ETL shall be required for the same. 1.6 The Category 6A Solution shall fully comply with the IEEE 802.3an link segment specifications for 10G Base-T, in addition to the ANSI/TIA and ISO/IEC Category 6A requirements 1.7 Shall support up to 100 meter channel configuration with at least 4 connections and meet PSANEXT, PSACR-F and Insertion Loss specifications extrapolated to 500 MHz or better per IEEE 10GBase-T standard. 1.8 Shall have the length printed on the outer jacket of the cable after every meter. 1.9 Shall be RoHS Compliant The Nominal Velocity of Propagation should be 1.10 72 % 1.11 Shall be Fire-Retardant, Low-Smoke & Zero-Halogen as per IEC 60332, IEC 61034-2 & IEC 60754-2 respectively 1.12 Shall be certified by independent international labs like ETL for compliance to EIA/TIA-568C.2 (Report required) 1.13 Shall be supplied in Reel of 305 Meters/ 1000 feet packed in Boxes S.No II Cat 6A FTP LSZH Patch Cable, TIA-568C Category-6A 1 Minimum Specifications Page170of 531 1.1 Length shall be available in 1/2/3/5 meters or equivalent length in feet 1.2 All patch cords shall conform to Category 6A 1.3 Shall support network line speeds up to 10 Gbps 1.4 Shall have RJ-45 plugs with matching color molded boot at both the ends 1.5 All patch cords shall be factory crimped and packed. 1.6 Shall be RoHS Compliant 1.7 Shall be LSZH for safety measures 1.8 Shall support applications such as ISDN, POE, token ring & VOIP. 1.9 Shall be certified by independent labs like ETL/GHMT/UL. 1.10 Shall have minimum 25-Year Extended Product Warranty and system warranty 1.11 The conductor should be stranded copper for flexibility of the patch cable 1.12 Colors- White, Blue, Grey, Yellow, Red & Green S.No III PCB based shielded Information Outlet (I/O) RJ45, TIA-568C Category-6A, Termination of Catergory-6A FTP Cable 1 Minimum Specifications 1.1 Shall conform to Category-6A as per the EIA/TIA-568C.2 1.2 Shall support network line speeds up to 10 Gbps 1.3 Shall have RJ-45 type connector 1.4 Shall Snap into standard faceplates, surface-mount boxes, consolidation point boxes, and Modular Panels 1.5 Shall not have integrated spring loaded shutter as the shutter over a period of time malfunctions and causes operational issues. 1.6 Shall be mountable either at 90 degrees (straight) or 45 degrees (angled) in any faceplate. 1.7 Shall be certified by independent labs like ETL/GHMT (Report required) 1.8 Options should be available for terminating the FTP cable at 90 degrees and at 180 degrees 1.9 Shall be RoHS Compliant 1.10 Shall have minimum 25-Year Extended Product Warranty and system warranty Page171of 531 IV Faceplate Dual Port (Work Area End) 1 Minimum Specifications 1.1 Shall be Dual Port (RJ45) square plate, dimension as per commercially available modular office furniture. 1.2 Shall have spring shuttered front access for preventing ingress of dust, shall have no connection with the performance of the jack. 1.3 Shall be supplied with Gang Box of the same size by System Integrator or OEM. 1.4 Shall have Write on labels in transparent plastic window along with the plate 1.5 Shall have Screw hole covers along with the plate 1.6 Shall be able to support variety of jacks – UTP and STP information outlets S.No V FTP Jack Panel UL listed, Unloaded with 24 nos. FTP ports for PCB based shielded IO Jacks (RJ45, TIA568C Category-6A, Installation and Termination of all 24 nos. Catergory-6A FTP Cable 1 Minimum Specifications 1.1 Shall be unloaded with individually replaceable 24 nos. Category-6A I/O shielded Jacks complying with TIA-568.C.2 1.2 Shall be 19” rack mountable and of 1U height & complete with all mounting accessories, UL listed (UL Certificate required) 1.3 Shall have labels for identification of ports 1.4 Should have integrated bonding bar for grounding of each individual jack 1.5 Shall be RoHS Compliant 1.6 Shall have minimum 25-Year Extended Product Warranty and System Warranty 1.7 Shall be having a 6 port module construction for better cable dressing at the rear 1.8 Shall have Comprehensive port numbering on front 1.9 Shall be suitable for loading shielded & unshielded jacks .for different category systems (CAT 6 & CAT 6A) 1.10 Shall be certified by independent labs like ETL/UL etc. S.No. IV Fiber Optic Cable, ISO/IEC-1180, 9/125μ, OS2 Indoor/Outdoor, IEC 60332-3, IEC 61034-2, IEC 607542 1 Minimum Specifications 1.1 Shall be 9μ, 6-core Single mode OS2 metallic armored cable as per ISO/IEC-11801 Page172of 531 1.2 Shall be able to meet Gigabit & 10 Gigabit Ethernet performance (1000 Base-X) & IEEE 802.3ae (10G Base-X) 1.3 Shall be suitable for using in the building shaft and outdoor laying 1.4 Shall be gel filled with loose tube construction 1.5 Shall have water blocked construction to prevent water absorption and consequent damages 1.6 Optical Fibers should be in multitube/Unitube type of cables 1.7 Fiber cable shall be RoHS Compliant. 1.8 Shall be certified third party labs for IEC 60332-3 & IEC 61034-2 standards. 1.9 The cable type shall be suitable for indoor/outdoor applications 1.10 Tensile load should be 2700 Newton or higher and crush resistance should be 3000 Newton or higher S.No V Fiber Optic LC style fully loaded Patch Panel (FOPP), 19" Rack Mount with 12/24/48 nos. of OS2 9/125μ Pigtails. 1 Minimum Specifications 1.1 Shall have 12/24/48/96 nos. of ISO/IEC-11801-OS2 Pigtails with LC Type Connectors 1.2 Shall have all accessories including coupler plates pre-loaded with duplex LC couplers (OS2), pigtails for terminating fibers on the FOPP 1.3 Shall be Front Patching Type, 1U high for 12/24/48 fiber and 2U high for 96 fiber and rack mountable on standard 19” rack with mounting arrangements 1.4 Shall be supplied with fusion splicing sleeves for termination of fiber. 1.5 Shall be made of powder coated steel 1.6 Shall be slide-out type drawer enclosure for Easy access to splicing tray, Easy access to back side of the connector and have labels for better identification 1.7 Shall have trays with hinges(book type) which allows facilitates easy Fiber management and greater access during installation and rework 1.8 Shall have all necessary accessories for fiber management inside such as Fiber guides, radius controls & secure tie downs within the FOPP Page173of 531 S.No VI Fiber Optic Patch Cable (LC-LC), 1/2/3 Mtrs. Long, ISO/IEC-11801-OS2 9μ Duplex, LSZH 1 Minimum Specifications 1.1 Length shall be 1/2/3 meters 1.2 All patch cords shall conform to EIA/TIA-568C.3 and ISO/IEC-11801 1.3 Shall be Duplex Single Mode Fiber Optic Patch Cords OS2 9μ 1.4 Shall support network line speeds up to 10 Gbps or more 1.5 Shall have LC Connector jacks at both the ends 1.6 All patch cords shall be factory terminated and packed. 1.7 Shall be RoHS Compliant 1.8 Shall be Low-Smoke & Zero-Halogen 1.9 Shall have minimum 20-Year Extended Product Warranty and system warranty 21Bandwidth Upgradation: Type Of Location Total Minimum Bandwidth to be Provisioned HO 1 Two Links of 5 Mbps each BO 628 Two Links of 4 Mbps each Dispensary 1301 Two Links of 4 Mbps each Hospital 152 Two Links of 10 Mbps each RO/SRO 59 Two Links of 4 Mbps each SD 26 Two Links of 4 Mbps each Other 38 Two Links 2 Mbps DC 1 Two MPLS Links of 120 Mbps, Two Internet Links of 120 Mbps Two Links between DC-DR of 60 Mbps for replication DR 1 Two MPLS Links of 120 Mbps, Two Internet Links of 120 Mbps Total Locations 2207 Page174of 531 Service Provider is required to provision separate ISP, if wired connection is not feasible VSAT shall be provisioned. 22 Earthing and Grounding Requirement: Earth Electrode – The earth electrode shall be made of high tensile low carbon steel circular rods, molecularly bonded with copper on outer surface to meet the requirements of Underwriters Laboratories (UL) 467-2007 or latest. Such copper bonded steelcored rod is preferred due to its overall combination of strength, corrosion Resistance, low resistance path to earth and cost effectiveness. The earth electrode shall be of minimum 17.0mm diameter and minimum 3.0mtrs long. The minimum copper bonding thickness shall be of 250 microns. Earth electrode can be visually inspected, checked for dimensions and thicknessof copper coating using micron gauge. Backfill material The excavated soil is suitable as a backfill but should be sieved to remove any large stones and placed around the electrode taking care to ensure that it is well compacted. Material like sand, salt, coke breeze, cinders and ash shall not be used because of its acidic and corrosive nature Shall mainly consist of Graphite and Portland cement. Bentonite content shall benegligible. Shall have high conductivity, improves earth’s absorbing power and humidity Retention capability. Shall be non-corrosive in nature having low water solubility but highlyhygroscopic. Shall be suitable for installation in dry form or in a slurry form. Shall not depend on the continuous presence of water to maintain itsconductivity. Shall be permanent & maintenance free and in its “set form”, maintains constant earth resistance with time. Shall be thermally stable between -100 C to +600 C ambient temperatures. Shall not dissolve, decompose or leach out with time. Shall not require periodic charging treatment nor replacement and maintenance. Shall be suitable for any kind of electrode and all kinds of soils of different resistivity. Shall not pollute the soil or local water table and meets environmental friendly requirements for landfill. Shall not be explosive. Shall not cause burns, irritation to eye, skin etc. 23 Relocation Provisioning: Following are scope of work to taken by service Provider under office relocation request Dismantling of all IT infrastructures such as Desktop, Printer, and Router & Switch etc. Building up the complete new infrastructure at new location such as cabling, ISP provisioning, MDFroom (If necessary) etc. Page175of 531 Installation of dismantled Infrastructure at new location. Any additional components required for provisioning of relocated site, should be provisioned by Service Provider. Bring back the location to be part of Panchdeep 2.0 It is expected that there will be no down time for users while relocating to new site. 24 Endpoint Security Management Requirements: A comprehensive solution/tool consisting of 24.1 24.2 24.3 24.4 24.5 Anti-Virus Hardening Data encryption Identify & Access Management Patch Management Compliance to the Information Security is of upmost importance for ESIC. Service Provider is expected to ensure compliance to the defined process (& policies), ensure alignment from operational responsibilities perspective. The Information Security policies and process has to be adhered by Service Provider and ensure support on below: 1. It is Service Provider responsibility to report any security incident and support any security requirement. 2. Vulnerability Management support activity will involve: • Vulnerability closure in adherence with Vulnerability Management process • Reporting on vulnerability closure as per vulnerability closure SLA matrix • Extending necessary support in providing co-ordination support with business for downtime Availability 3. Security Patch Management support activity will involve: • Patch SLA Management as per Patch Management process Central Deployment Solution • Follow up till closure of all patch roll out including applications • All exception of not installation of patches on server needs to be communicated to Info Sec team with in agreed time. Minimum Requirement Description Solution should support automate the deployment of patches. The out of the box process can be modified based on needs. Solution should Support the automatic patching of antivirus solutions like: AVG, Computer Associates, Centos, ESET, eTrust, Kaspersky, Mc-Afee, Sophos, Symantec, Trend-Micro and Microsoft Forefront. Solution should support feature, If a reboot is necessary, there are reboot controls that can be configured to gracefully handle a reboot. Page176of 531 Solution should have Application updates that are handled using the scanning technology that discovers versions based on a number of potential different factors, such as file version, size, checksum, existence, registry settings, etc. The scheduled task that is executing the application update will provide feedback as to the success of the update. If an update is in progress, it will simply queue up the update behind the update in progress. Solution should support for Windows , Windows, Macintosh, Linux, iOS, embedded operating systems, Macintosh Mountain Lion release, Linux and mobile Osesetc Solution should have Updates to the Patch Database are updated on a scheduled basis. Server downloads the patch details to the Core server. System can alert when new content is available. The system can alert when specific vulnerabilities as defined by the administrator are detected. Solution should support Deployment can be scheduled. Solution allows for very granular control over the reboot process. Options include prompting the user, allowing the user to defer the reboot, rebooting immediately if no one is logged in, etc. A custom reboot message can be configured to display in the reboot dialog. Configuration is also available to lessen the impact of the patching to the end user. For example, you can configure the repair for after the user is logged off the system Solution should allow administrators have the ability to create any number of custom groups. Any definition can be put in a group and devices can be scanned against the list of vulnerabilities in that group Solution allows Each machine will keep a record of the missing patches and service packs As a step of the patch process, proactive notifications can be sent. The email template can be modified as desired Solution should support feature allows rolled back if supported by the vendor of the patch 4. Identity and Access Management support will involve:- All users and system shall be authenticated via directory services • Normal user account management is part of service provider responsibility • Reviewing Identity and Access Management advisory analytics shared by IT security team. • Management of individual principals, their authentication, authorization and privileges within or across system and enterprise boundaries such as Single Sign-On, Security Token Services, Access Control etc. • Comply with the existing access management process & policies. • Ensuring security of digital assets, backup and recovery etc. as per the policies • Provide knowledge and control of identities and permissions to business data owners and custodians. • Minimize the burden imposed on IT by compliance demands and help improve compliance through automation and reporting consolidation. 5. System base lining Page177of 531 • All passwords must conform to the set minimum password standards as laid out by IT Security Team. • Verify user's identities before performing password resets. • A process must be in place to deactivate user accounts under emergency circumstances such as termination, compromise, or infection. • System backup media must be stored in a secure location or encrypted. • Facilitate Information Security to enable access to network jacks in public areas requires authentication. • Tracking of all SSL Certificate is responsibility of Service Provider. 6. Anti-virus operations management (Not limited to pattern file deployment/engine version/appropriate setting, dormant viruses, console management etc) • Malware Protection: • Central Deployment Solution o Installed and Running: Make sure that every end-user compute device (desktops / laptops) has the Company-supported anti-virus software installed and set to auto-run on OS boot. Real Time : The antivirus shall protect the devices and applications with real time threat’s and zero day attacks 25 Mandatory Monitoring Requirement for Endpoint Management: 1. The proposed solution shall provide a comprehensive client automation solution that provides the following functionality – a. Hardware / Software inventory b. Software delivery of operating systems, applications and patches c. Remote administration of desktops/laptops d. Patch management (including patch subscriptions) 2. The proposed solution shall provide reporting, tracking and management capabilities across an extensive list of platforms including Windows Server and Client Platforms, PDAs, Smartphones, Linux x86, Mac, HP-UX, AIX and Solaris environments, both physical and virtual. 3. The proposed solution shall provide a single agent (with multiple-plugins) for specific functionality such as inventory management, software delivery and remote control. 4. The proposed solution shall generate precise hardware inventory (using agent technology) by detecting and reporting on detailed inventory factors such as serial numbers, CPU information, total RAM, internal and peripheral disc drives, OS versions and service packs, network settings, and power settings. 5. The proposed solution shall provide appropriate software detection methodologies that allow detection of all applications and software programs, including virtualized applications, with a higher level of accuracy than traditional software inventory scanning solutions. 6. The proposed solution shall store inventory information with date stamps. When a value changes, the color of the icon shall change to track changes as well as previous values. Key inventory items such as software installation/ uninstallation, changes in configuration, and others shall also be tracked over time and reported on. 7. The proposed solution shall provide detailed and accurate information about the OS, including version, language settings, service packs, and patches installed and so on, to allow quick remediation when patching OS for desktops. Page178of 531 8. The proposed solution shall provide a scripting language that allows changing settings, including registry information, on any desktop from a central location, increasing efficiency. This script language can also be used to build customized inventory modules for collecting company-specific information (such as department/project number). 9. The proposed solution shall detect changes to computers. If a threshold is passed and an event happens, actions can be triggered, including sending emails or messages to an external system, such as a Service Desk / Help Desk. 10. The proposed solution shall provide a self-service software catalog that contains a list of all the applications a user is authorized to install based on policies. It should be accessible from a web browser and wizards to make it easy for users to install at their own convenience. In addition, the catalog can be easily customized and localized by administrators. 11. The proposed solution shall provide OS Installation Management functionality that utilizes PXE to build up a new machine “from bare metal” to install, configure an OS and download a predefined application set. 12. The proposed solution shall centrally control and manage installing, reinstalling, configuring and uninstalling software on the full range of enterprise devices. 13. The proposed solution shall provide checkpoint restart technologies, allowing packages to be transferred over a longer period of time for end user convenience. 14. The proposed solution shall allow sequential jobs to occur only if previously dependent jobs succeed. If an installation in a sequence fails, all steps should be automatically rolled back, returning the system to its previous working state 15. The proposed solution shall provide the facility to setup dependencies between different software items deployed on the same system (and dependent software to be automatically installed as appropriate). For instance, if a software package requires SP2 to be installed, it should first install SP2 on systems that do not have it. 16. The proposed solution shall allow any number of computers and/or users to be grouped together in a distribution group, making it easy to schedule a software package for a certain group. Any system or user can be a member of multiple groups. 17. The proposed solution shall allow creation of dynamic distribution groups based on relevant criteria. They can be built using search parameters presented to the asset/inventory management component. 18. The proposed solution shall manage the lifecycle of each patch, from monitoring and discovery of available patches, through patch research, patch packaging, package testing, and eventual deployment, as well as the necessary framework to manage the process effectively. 19. The proposed solution shall provide a simple, task-oriented, user interface that combines with a web-based reporting portal to provide the controls and information needed to administer the patch management process. 20. The proposed solution shall facilitate and enforce a formal patch testing phase. Packages (patch and metadata) should be assessed against the required system configurations; impact should be assessed and analyzed before the package is approved for enterprise deployment. 21. The proposed solution shall simplify the remote control deployment by having agents that automatically register with the specified management server upon installation. 22. The proposed solution shall provide various modes of remote control including a classroom mode (to allow multiple connections to simultaneously view the desktop of a host system. In addition, the host can grant keyboard and mouse control of the system to a selected user.) 23. The proposed solution shall provide chat, file transfer and recording facility for all active sessions. 24. The proposed solution shall Protects data stream, file transfers, chat sessions, keyboard and mouse input with DES3 encryption using 128-bit keys. The below points should be “policy driven” 1. Install / Uninstall any software on their local machines 2. Changing IP Address of their local desktop unless allowed by a policy 3. Apply Patch & Software Upgrades on their local desktops. 1 Page179of 531 4. Use CD/DVD, USB Storage on their local desktops. 5. Perform tasks like Registry Edit, Policy file edit etc. on their local desktop unless allowed by a policy. 6. View the running Services or start / stop services on their local desktop unless provided by a policy. 7. View the Running Process & Kill the same on their local desktops 8. Use Command Prompt, Terminal, which ever applicable on their local desktop. 9. Perform the tasks related to User Account Management like Creating, modifying or deleting users on their local desktop. 10. Perform the any tasks related to Local Firewall Management - Enabling / Disabling the Firewall on their local desktops, 11. Change the date & time settings on their local desktops. 12. Install or Uninstall device drivers on their local desktops. 13. The proposed system must have the feature to define the black listed websites at the central level and propagate the same to all the desktops in the network. 14. Change Hard Disk partitions on their local desktops. 15. Access the control panel and perform any tasks unless provided by a policy. 16. Perform any tasks related to local Computer Management. 17. Change the local Computer Properties unless provided by a policy. 18. Desktop Settings like changing the Menu settings, menu items, changing the wall paper, screen saver on their local desktop. 19. Alerts & Notifications – System should generate an alert & notify the administrators (policy managers) in case of any violations against the policy. 20. The proposed system should define a System quarantine policy in case of violations. 21. User should be allowed to request for change in policy setting, notify the policy administrator of such request and based on approval should make change to defined policy. 22. Keep record on the files copied to USB or vice versa 23. Keep track on the Prints gone from the endpoint 24. Browser settings changes protection 25. Endpoint Image backup and deployment 26. Remote and / or mass deployment of software, patch, screen saver etc. 27. Endpoint Data Backup The solution should comply with the following Device Management Features 1. Flexible and Scalable Architecture that provides organization wide control and enforcement using scalable client-server architecture with a central database that is optimized for performance. 2. Be capable of enforcing security policies for Removable Devices, Media & Data Card 3. Centrally manages the security policies for Removable devices and Media. 4. Capable of preventing Malware intrusion via external drives like USB, CDs and DVDs. 5. Provides the visibility, forensics and reporting needed to demonstrate compliance with applicable laws. 6. It should control access at Device Class, Device Group, Device Model and/or unique ID Level. 7. It should have flexible policy structure with Granular Control that have Permission settings for individual users, group of users, machines, ports and devices that include. 8. Read/ Write Premises 9. Forced Encryption 10. Scheduled/Temporary Access. 11. Online/Offline 12. Port Accessibility Page180of 531 13. Hard Disks/Non Hard Disks Devices. 14. It should provide flexibility while enforcing the encryption policies when copying the data to removable storage devices like USB, CDs/DVDs 15. Solution should be able to block data cards on USB Port 16. It should be possible to keep the copy of all the files read from the written to removable devices/media and can also keep track of file types and file names. 17. It should be capable of restricting and manage file types to be moved on the removable devices/media on per user basis. 18. It should be capable of restricting the amount of data to be transferred to removable devices/media on per user basis. 19. The permissions and restrictions should remain active even when endpoint is offline. 20. The agents installed on endpoints in network can't be removed by users itself even with administrative rights only the administrator may deactivate this protection. 21. Solution should have Enabled Anti hybrid network bridging viz. simultaneous connection to more than 1 network 22. Solution should have Ability to control and monitor wireless ports besides physical ports 23. Solution should have the Ability to monitor (shadow) files/ content while copying/ opening the devices 24. It should have Temporary suspension of policy for user in case of business reasons for example one can easily suspend policy for blocking USB for specific users for a period of 1 week 25. Quickly and non-intrusively audit an endpoint for past and present connected devices and Wi-Fi Network 26. Flexible and intuitive management - automatically synchronizes with Microsoft active Directory and Novell e Directory 27. The solution should have U3 and auto run control -It should turns U3 USB drives into regular USB drives while attached to organization endpoints, protecting against autolaunch programs by blocking auto run. 26 RFID for Patient and Material Tracking: General Scope: 1. An identified area shall be selected in consultation with the site in-charge for implementation of the RFID system. 2. Total identified area shall be divided into segments and the list of items available in each segment shall be shown to the user in form of reports and on the map in the application. 3. The handheld reader should be used for Tag association and issue of material at the site. Contents of the tag and the tags should be updated after the transaction is completed. 4. Software should fulfill the minimum requirements of updating the inventory details, search facility to display the required items with minimum effort. 5. Download of data into the handheld can happen manually (by docking the handheld into cradle that is connected to a PC), GPRS and Wi-Fi. Minimum Server Configuration: Windows 2012 server, Intel i5 3rd generation processor, 8GB RAM, 500 GB Hard Drive Hardware Requirement: RFID Asset Tags (2.4 GHz) Page181of 531 1. Tags (2.4 GHz) with read – write facility with sustainable in-built battery life of at least 18 months. 2. Tag should be encased with IP 67 as it will be exposed to all weather conditions. 3. The status of inbuilt battery of the tag may be indicated whenever the tag is read by the reader. 4. The tag should have 512 bytes memory to store the material information. 5. RFID Tags should have, Buzzer and LED options as an indication of tag being read. 6. Tag should have a read range of 20 meters or higher. 7. Tags should also have the replaceable battery options. Preferably a separate chamber for batteries for easy replacement option. 8. Shock Resistance 10~2000Hz, 20mm/15g, Triaxial 9. Tag output power should be -6dBm and sensitivity -85dBm 10 The tag weight should be 32 g 11. The tag dimensions should be 88mm × 42mm × 9mm RFID Asset Tags (2.4 GHz) 1. Tags (2.4 GHz) with read facility with sustainable in-built battery life of at least 18 months. 2. Tag should be encased with IP 68 as it will be exposed to all weather conditions. 3. The status of inbuilt battery of the tag may be indicated whenever the tag is read by the reader. 4. Tag should have a read range of 15 meters or higher. 5. The tag should have the ability to fit wrist just like wrist watches with holes. 6.Shock Resistance 10~2000Hz, 20mm/15g, Triaxial 7. Tag output power should be -6dBm and sensitivity -85dBm 8. The tag weight should be 40 g 9. Tag dimensions should be 250mm × 31mm × 15mm Handheld RFID Reader (2.4 GHz): 1. The handheld reader should have 128 MB RAM with 256 MB flash to sufficiently store the master data required on the handheld. As the handheld readers are expected to have GSM modem to exchange the data over air, therefore it is not essential to store large amount of data into handheld devices. Since user can download the data for processing whenever there is a need. User can also submit the data over air once the processing is performed. 2. The handheld reader should have sufficient battery backup to cater at least for a 8 hours of working. Handheld readers with GPS, GSM, and RFID modules working together will consume lot of power from battery; therefore battery might not withstand entire day operations. It’s always suggested to users to have spare battery incase primary goes down 3. All the handheld reader should have the GSM module available to utilize the over the air data communication using GPRS connectivity. 4. The data from the handheld readers should be transferred and saved in the server using GPRS /Wi-Fi automatically. Page182of 531 5. Provision for wired data transfer from reader to host PC / Sever and vice versa should be available. 6. Should support RS-232 and USB interfaces 7. Should have Built-in Marvell Xscale PXA 270 624MHz CPU 8. Should be IP65, (IEC60529 standard) 9. Should have 3.7V lithium battery, 4400mAh 10. Should have dimensions of 223mm×75/100mm×31/42mm 11. Weight should be 400g (including standard battery) Fixed RFID Reader (2.4 GHz) 1. The reader should support RS-232, 10/100M Adaptive Ethernet; customized RS-485, Wiegand 26/34 interface( optional) 2. External interface and power supply should be configurable according to users' need 3. Multi-group I/O ports: Input interface can detect the TTL or pulse signals of connected devices', used for controlling the working status of the reader. Output interface should control other devices according to TTL or pulse signals through predetermined conditions 4. Aluminum shell, high-tension, IP Rating IP55 5. Reading distance should be adjustable using software. 6. It should have LED and Buzzer Indicator 7. The reader dimension should be 190mm×120mm×40mm(excluding antenna) 8. Shock resistance should be 10~500Hz, 100mm/15g, triaxial 9. Tag sensitivity should be -95dBm 10. Out power should be +15dBm (adjustable by software) Software Requirement: 1. Server application should be developed for Windows 2008 Server, 64 bit 2. Application should allow users to import site images and calibrate the image as per requirements. 3. Server application should have the capability to import, calibrate the yard image and then divide the yard image into smaller segments for better visibility. Application should allow user to create as many regions in any shape (circular, rectangle, polygon, etc…) to cover the entire yard. 4. The server software should be developed using Java and front end (screens) to be developed in Adobe Flex. Handheld application should be developed in .Net. 5. Server application should support MySQL / SQL / Oracle databases. 6. Material arriving at the site will have a Packing / Shipping assigned with them. A separate screen on the server application will be provided to enter the details of the materials that needs to be tracked using RFID. These material details will then be downloaded to the handheld for RFID tag association. Page183of 531 7. Entire quantity of a material (crate material) may not arrive at once at the site. Need ability in both server and handheld application to increase the quantity of a material (in case of bulk material) as and when received physically in the yard without breaking the tag association. 8. RFID tags shall be mounted on the identified components / crates / boxes / bunches etc… and the item wise data shall be written in the RFID tags. a. In case of an individual material, one tag will be associated to on material only. b. In case of a bulk material, one tag will be associated to the group/bundle/crate and the quantity of that material will be written c. For boxed items with multiple materials inside it, one RFID tag will be associated with the box serial number (unique),after which user can assign one or more material along with the respective quantity. 9. Application on the handheld device shall have the capability to read-write information to the tag. Example: Update of material quantity whenever some material is issued / added, etc… 10. Server application needs to raise alerts in the system for the assets whose tags are not read in the last few days, configurable in the system. 11. Authorized user should have a provision to update / correct the status of mismatch. Example: To change the status of the material to Lost or Quarantine from ‘Available’. 12. Handheld application should have the utility to auto update the co-ordinates of the assets that move randomly during the day to day operation and are picked during the next periodic scan. A new location to the Assets that are picked in the periodic scan performed using the handheld reader that were moved from its original location will be derived by the server application when handheld submits the scanned data (periodic scan of the entire yard by the handheld reader) to the server. Scanning periodicity to be decided by the users. 13. Whenever a material is required to be issued, user can create a material pick document in the server application with all the material assigned to it that needs to be picked and issued to the user/ contractor. The same document is then downloaded to the handheld for user to search the assets (using yard image) in the yard and mark them issued. As part of data download in the handheld, relevant yard images will also be downloaded to search and locate assets. 14. Both the handheld, reader and RFID tag should beep during search and locate is performed for a particular tag. When the reader starts reading the desired tag there should be an indication on the reader to guide on whether the reader is approaching towards the tag or moving away. While searching for the assets in the yard the respective tags should respond to the query with the inbuilt beep and LED. 15. When material is issued from or added to a particular tag using the handheld reader, it should automatically update the tag by updating the necessary contents of the tag. User can confirm the quantity by reading the tag once again for a counter check. Handheld application should capture the geo coordinates during tagging and material issuing process to make for any change in location. 16. Application on the handheld reader will have the capability to read-write facility. 17. Handheld application should have a utility to read the tag and display the details stored in the RFID Tag. 18. When the reader is connected to the desktop / server PC, the material issues / additions should be automatically updated in the database. Reporting: Following reports are required in the server application: Page184of 531 Asset Inventory Report Asset History Report Material Issue Report Material Tagging Report Material Issued Report (vendor / contractor wise) Item wise Status Report The software should allow saving the contents of the reports CSV / PDF format. 27 IP Address Management Specification: Minimum Requirement Description Separation of Management (IPAM) from Core services, i.e., DNS and DHCP. The solution should not offer all services on same appliance in order to meet availability, scalability and security requirement under consideration. Continuity of Core services like DNS and DHCP even when IP address management server fails Support for Referential Integrity so that IP address, MAC, DNS forward and reverse records are all tied together. Changing one updates all the others using DDNS In-Built IP discovery and reconciliation using PING, SNMP v1, v2 and v3 Centralized IPAM that has a single database containing all records throughout the entire organization Automatic validation of DNS/DHCP configurations before going live. This helps to catch user misconfigurations. New initiatives like IPv6, DNSSEC and BYOD will increase the number of database objects stored in the IPAM. The solution should allow such objects to grow without any limitation in software 1U form factor that can provide at least 100,000 QPS in terms of DNS performance and at least 500 LPS Simple DNSSEC implementation without the need to re-architecture Ease of adding DNS or DHCP Raw options. These help to perform any workaround that cannot be done directly on the UI Customized workflow with integration with 3rd party databases 28 Data Backup Solution Specification: Data Backup Feature 1 Minimum Requirement Description The proposed end user backup solution must be mature, tested and widely deployed. Page185of 531 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 The proposed backup solution should support heterogeneous Operating system platforms including Microsoft Windows Server 2008/2012, Windows XP, Vista & Windows 7, RHEL, Solaris OS, SUSE Linux Enterprise Server, Apple Macintosh, CentOS, Debian, HP-UX, IBM AIX, Novell Open Enterprise Server, Oracle Enterprise Linux, & other standard operating systems. The Backup solution should have capabilities for Data De-duplication and de-duplication must occur at the source (client), before transfer data across the network Backup data must be broken into sub-file, variable length data segments for optimum efficiency and savings. Proposed solution must provide fast, efficient daily full backups Proposed solution must be able to de-duplicate backup data globally across sites, desktop, laptops and servers, applications and databases. Proposed solution should de-duplicate across sites and servers, reducing total backup disk storage by up to 50 times. Proposed backup solution should be capable for taking daily full backup for 5000 users per zone with 4GB of data per user retained for 30 days. Proposed backup solution should be designed with replication of data from all 5 zones to DR site. Solution should be capable for taking daily full backup for 300 users at HO with 40GB of data per user retained for 30 days with replication to DR site Proposed solution should be scalable to cater data growth of 5x or more by adding data nodes only. The proposed solution must reduce backup impact on client CPU. The proposed solution should be capable of throttling Bandwidth and CPU to customize the need. The proposed solution should be capable of doing server and Laptop and Desktop backup without the need to have any additional software license or hardware The proposed solution licensing should not be dependent on number of Desktop/Laptops, server hosts, applications or databases and should be cpacity based. The proposed solution client agent should be capable of getting installed on Desktop/Laptops and Servers without asking for any restart. The proposed solution must have centralized management providing Intuitive, web-based interface, At-a-glance dashboards, Capacity reporting and alerting. The proposed solution should provide a specialized management interface for Desktop/Laptop clients. The proposed solution must provide robust integrated reporting The proposed solution must be capable of providing immediate, single-step browsable recovery. The proposed solution must be highly available and should be capable of building into not having any single point of failure using RAIN architecture to provide high availability and fault tolerance across nodes. The proposed solution must automatically provide daily verification, that backup data is fully recoverable Page186of 531 21 The proposed solution should have the ability to deploy software agents on systems to be protected (no extra local hardware required) The proposed backup solution should provide comprehensive encryption capabilities, including the ability to encrypt backup data while in transit and at rest. 22 The proposed backup solution should support SSL encryption utilizing the 128-bit Advanced Encryption Standard (AES) algorithm and should be used for any external network communications. 20 29 New Location Provisioning: Following are scope of work to taken by service Provider under office relocation request 29.1 Provisioning of all IT infrastructures such as Desktop, Printer, and Router & Switch etc. 29.2 Building up the complete new infrastructure at new location such as cabling, ISP provisioning, MDF room (If necessary) etc. 29.3 Installation of Infrastructure at new location. 29.4 Any additional components required for provisioning of relocated site, should be provisioned by Service Provider. 29.5 Bring back the location to be part of Panchdeep 2.0 30 Digital Writing Pad Minimum Requirement Description Digital Pad Specifications Size 12.17" (length) x 8.23" (width) 309 mm (length) x 209 mm (width) Thickness The thinner part 0.39" (9.8 mm). The thicker part 0.62" (15.7 mm) Weight Approx. 1.13 lbs (512 g) without batteries, Approx. 1.24 lbs (560 g) with batteries Writing Area 8.5" x 11.0" Writing Thickness 0.47" (12 mm); approx. 120 sheets of paper Notepad Holder 8.5" x 11.0" Storage Medium Built-in 32 MB storage device Optional Storage Medium Type I CompactFlash (CF) memory card (FAT file system) Power Source Four (4) Batteries (1.5volt, size AAA) Power Voltage: 3V Power Current: Approx. 25 mA Page187of 531 Power Consumption: Approx. 75 mW Battery Life Approx. 100 hours Power Source Supplied from USB port when connecting the digital pad to PC. Interface to PC USB port Digital Pen Specifications Size 5.28" (length) x 0.45" (diameter) 34 mm (length) x 11.3 mm (diameter) Weight 0.03lbs (3.8g) with Battery Power Source One (1) 1.55V button cell battery (SR626SW, 377 or IEC-SR66) Battery Life Approx. 14 months Ink Cartridge 0.09" (diameter) x 2.64" (length) 2.3mm (diameter) x 67mm (length) System Requirements Operating System Windows 7, Windows 8, Windows 10 CPU 500 MHz Pentium III or better RAM 128 MB or more recommended Equipment Available USB port, CD-ROM drive Hard Disk Space 32 MB 31 Software/Application Support and Upgrade: During the tenure of contract all software/application shall be upgraded as per software/Application upgrade cycle defined by OEM. 32 Service Desk, End User, Network and Application Operation Support – L1 & L2 SUPPORT: It will act as L1 and L2 Support for centralized/phase wise application rollout and any new central rollout, on site Hands and Leg support to be provided for meeting SLA. 33 Exception: Any deviations or exception from the minimum requirements will be rejected. Page188of 531 34 Hardware OEM Criteria: 1. OEM should have done E-governance Govt. project in India. 2. OEM should have presence in India form last 05 consecutive years. 3. OEM should provide minimum 03 references of E Governance Govt. Project in India with multiple locations in India.Details should be provided on OEM letter head. 4. OEM Should have TAC support in India. Details of the India based TAC should be provided on OEM letter head. 5. OEM should provide mission critical manpower resource and material for ESIC locations for the entire period of contract. 6. The product being offered by the OEM should not be declared End of support till at least 3 Years from date of bidding. OEM shall provide confirmation on their letter Head. 7. OEM should certify deployed solution effectiveness at ESIC end user location. 8. SI should have a back to back support arrangement with the OEM. Support contract should be shared with customer post bid closure. 9. OEM should be a profit making entity from last three years. 10. OEM should have minimum 5 Spare depo across Five Zone. Software OEM Criteria 1. For all software’s the updates, patches, bug fixes should be available for the entire period of contract. 2. Minimum 200 hours of direct OEM support for the software product supplied to be included per year for the entire period of the contract. Annexure xx Helpdesk as Is Process Scope& Definitions Scope in ESIC IT Management includes any events which disrupt the normal operation, which are communicated by Users, Service Desk, auto alerts, technical staff and tools. Below depicted deliverable are included in the scope of incident management at Employee State Insurance Corporation (ESIC): Call needs to be logged within 5 minutes from the information provided by user. As per the SLA (Schedule-Exhibit II d) Resolve incidents within 30 minutes for calls pertaining to Data Centre, DR Site & Hospital and for rest of the locations resolution should be provided in 120 minutes. Resolution can be provided with a work around or permanent fix. Raise the major incident and follow major incident process as applicable. (Please refer Major Incident Process). Functional escalation needs to be made if required, as per the escalation matrix. Log and coordinate with internal and external vendors / suppliers for resolution of incidents Raise requests for change, problem and service whenever required. Incident Calls to be closed with the user confirmation in the service desk tool. Page189of 531 Calls related to VIP user will be handled by senior resources of Service Desk. (Refer: VIP Users List under templates section). Help desk should notify the end user within 30 min after resolution of problem. All calls will which are pending for response from user will be closed within 7 days of logging the call. Call notification should be send to stakeholders and domain for all major incidents P1 calls. Definitions Incident: Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service. Major Incident: Major incident is an incident which has a high potential business impact or High user span, which may not be handled in same way as a normal incident. Configuration Management System (CMS): The process of planning for, identifying, controlling and verifying the Configurations Items (CIs) within a service, recording their status and, in support of Change Management, assessing the potential IT impact of changing those items. Definition of FCR (First-Call Resolution): Percentage of incoming calls that can be resolved without the use of a callback or without having the caller call back the helpdesk to finish resolving the case Pls ref. Attachment FCR_incident_ESIC_v0 FCR_Incidents_ESIC _v0.xls Clauses:Calls resolved by Same Engineer / L-1 team. Call is expected to resolved within TAT Closure of calls by referring appropriate knowledge base. Closure of call after taken user confirmation either on phone or through E-mail. Entry Criteria / Inputs Phone Web E-mail Incident raised by Staff/Service Desk Inputs from other IT Systems / process Inputs from Event Management (BMC Patrol, EMC) Top of Form. Page190of 531 Process Flow Page191of 531 Incident Detection Incident calls will be logged by the employees of ESIC and ESIS: By Sending email at 'IT Helpdesk' <[email protected]> By sending email at [email protected] By Calling to the Service Desk <IT Support Number> 7001 from VOIP Phones. Web portal ( Self Service portal ) Incidents will be detected and logged from Monitoring tools deployed in Data Center; Support team will be performing the proactive monitoring and filter the qualifying Incidents from the received Alerts. Incident logged through Centralservicedeskin will belogged asService request. As per userdescription, team will change “Incident Type” to restoration\ WO \ Service Request. Incident logged through Web Portal (Self Service portal) will be logged as Service request \ WO based on the selected category. As per description (provided by users), team will change “Incident Type” to restoration \WO \ Service Request. Incidents will be identified by the Field Engineers / IT Support Staff / Service Desk Engineer. Page192of 531 This is the accumulation point where all the inputs are arrived for further action. Register and Record Service Desk Coordinates with user to gather the basic details to understand the requirements Service Desk registers and records the input with necessary / Mandatory information which is required to assist the support staff in BMC Remedy (Call Ticketing Tool) Service desk identifies the defective CI (from Configuration Management system – ADDM Remedy) and its attributes to understand the overall impact and other information. Service Desk assigns the Call to the respective engineer or to self for the resolution. Auto Notification mail will be sent the concerned group/assignee the call. “Prioritization of all Security Related calls to be logged as per matrix “. Service Desk will be updating the following information in the ticketing tool along with other required information: Incident Details (with Unique Reference Number which is auto generated) Categorization Prioritization Date/Time User Details Description of the Symptoms Assignee information Is it an Incident or a Service Request or a Security Incident? Service Desk will assess the inputs received from User and various sources based on IM / SRF / Change guidelines and identify whether it is an incident, service request or a security incident. Based on the nature of call and assessment service desk routes the call to appropriate process ex: SRF, Information security Management If Service Desk finds that call is out of scope or does not belong to SOW (Scope of Work), Service Desk will inform the user and Inform Other Process (wherever provided by ESIC) If the input received is an incident then proceed for “Classification” Service Request? If the received input qualifies for service request as per Service Request guidelines, it should be routed to SRF process. Inform Other Process If the received input is out of Scope (as defined in SOW), then request is routed to the respective process based on the nature of the call (wherever provided by ESIC) Classification (Categorize, Prioritize & Assign) Service Desk team will be following the Categorization & Prioritization matrix to categories and priorities the identified / qualified Incident Call. Categorization helps incident staff for identifying the service impacted, and assigning the call to right resource for quicker resolution Prioritization is done based on the urgency and impact to business. Post categorization and prioritization incident is assigned to respective team for necessary action Call assignment and allocation is taken internally by domain teams. Page193of 531 Service Desk (L1 Support) will attempt to restore the services for the categories defined in FCR call category and have defined solution in KM. Service Desk team will be given 15mins time to search Knowledge Base, if the team is able to find the solution, it will attempt to resolve it otherwise escalate to respective bin owner after 15 minutes. Any call pertaining to DC and DR where SLA is 30 minutes, service desk will directly route the call to L2 or above staff. Pls ref. Attachment TP_ESIC_INM_Incident_Categorization_M TP_ESIC_INM_Incide nt_Categorization_M Is It a Major Incident? Based on the Major Incident definition provided, service desk identifies and decides whether it is a major incident and routes through the major incident process. Pls ref. Attachment TP_ESIC_INM_Priority Matrix Ver16_Revis TP_ESIC_INM_Priorit y Matrix ver1 6_Revis Initial Support Service Desk / Incident Staff provides the initial support to the effected user by assessing the information and checking whether the solution exists in KEDB Service Desk checks if “Repeated incidents” are logged for the same configuration item to link to appropriate ticket. Service Desk / Incident Staff should explore possibilities to assist user remotely for resolution Incident staff may also route issues to Problem Management for assistance Solution in KEDB? Service Desk team to check whether solution is available in KEDB. If the solution is available in KEDB Service Desk and IT Support Teams shall proceed for Resolution and Recovery If the solution is not available in KEDB , refer 4.11 for the further investigation and diagnosis Investigation and Diagnosis and Escalate Incident staff should try to provide a work around as soon as possible to restore the service and to minimizing the impact on the business When incident staff is not able to resolve or provided work around to the incident, it has to be escalated functionally for the next level of support as per the escalation matrix to get the solution. Incident shall be escalated to the appropriate support groups (vendor support team / ESIC management). Page194of 531 Change Request The Incident staff will route the Incident to the Change Management Process in case of any change required to resolve the Incident. Resolution and Recovery The identified solution is implemented to restore the effected services to the agreed level Incident Record should be updated with resolution provided. User Satisfied? On the final resolution of the call, Service Desk tool/ticketing tool will send auto mail to the user (to the email ID provided by the user) for the confirmation of the restoration of the services/resolution of the incident. User feedback will be check about the services provided by the IT support Team. Update & Close If the user is satisfied, the incident record should be updated and closed (if user does not provide the information, call status will be auto changed to “Closed” from “Resolved” after 72 hours in the ticketing tool). In case of User non-satisfaction, user can re-open the call until the call status is changed to “Closed”; else user can log a fresh call with Service Desk. Service Desk / Incident Manager to take appropriate action: If the user is not satisfied with the resolution provided the incident can be re-opened or escalated to service desk or Incident Manager for appropriate action. Note 1. Call Creation and relating to Incident Tickets: If service request/ change request /problem tickets needs to be opened to resolve an incident ticket, a child ticket should be created for the same by Service Desk. 2. Incident re-open criteria: Incident can be re-opened with in 72 hrs. Of resolution if user is not satisfied on resolution provided and incident can’t be re-opened once the incident is closed. However, ticket can be closed on user feedback only. No fresh SLA will assign to the reopen call and resolution SLA will continue from the where time it was stopped 3. Incident closing criteria: Incident will be considered as closed if user doesn’t revert in 72 hours after call resolution and call will be auto closed by the ticketing tool. 4. SLA Violation In case of any SLA violation a flag will be set in BMC Remedy so that violated calls can be tracked through reports. 5. Email Notification Email notifications should be sent to respective stakeholders at important stage of call resolution: Page195of 531 Triggered on following Status Changes o o o o o Open Pending for user - Manual Reopen Resolved Cancel 6. Call Status Reason where SLA clock will stop (pls. refer the excel sheet SLA Clock.xls attached) SLA Clock.xls Vendor SLA & ESIC SLA stops on status reason "Issue Resolved, waiting for RCA". Customer / Peer / Vendor Follow-Up & Update Process Pending incident tickets are followed-up for latest updates with entities such as end- users, vendors, peer groups (other resolver groups) etc. as per the following ways Follow-up over e-mails Follow-up over phone/VOIP calls Both of the above Web Incident Management personnel will update the ticket with details of follow up. In case of follow-up over mail, the personnel will embed the mail communication in the ticket history. If the follow-up is over phone, the personnel will update the ticket with the person he/she spoke to and the summary of conversation in the ticket history. Vendor Coordination Process Follow up done with the Vendor as a part of co-ordination towards the resolution/closure of the ticket shall be followed as per above step no. 1.6 (Customer / Peer / Vendor Follow-up & update process). Any vendor related escalation will be done as per vendor escalation matrix. Refer: Vendor contact List and Vendor escalation matrix Relationship with Other Process Page196of 531 Work Items / Outputs Effective Incident Closure Communication to the users / other processes Feedback from users Reports & Reviews of Incidents Major Incident Report Reports Monthly Site Wise Trend Analysis Customer Satisfaction Report Ticket Audit Report First Call Resolution Report Weekly/Monthly incident categorization Call Support Process Flow Overall call flow process is depicted below: Page197of 531 Page198of 531 ANNEXURE X: Overall Process Deliverables Incident Management Goals & Objective The goal of Incident Management (IM) is to restore the normal service operation as quickly as possible and to minimize the impact on the business. There by ensuring the availability of the services is maintained within the Service Level Agreement (SLA). Scope & Definitions Scope Scope in ESIC IT Management includes any events which disrupt the normal operation, which are communicated by Users, Service Desk, technical staff and tools. Below depicted deliverable are included in the scope of incident management at Employee State Insurance Corporation (ESIC): Call needs to be logged within 5 minutes from the information provided by user. As per the SLA (Schedule-Exhibit II d) Resolve incidents within 30 minutes for calls pertaining to Data Centre, DR Site & Hospital and for rest of the locations resolution should be provided in 120 minutes. Resolution can be provided with a work around or permanent fix. Raise the major incident and follow major incident process as applicable. (Please refer Major Incident Process). Functional escalation needs to be made if required, as per the escalation matrix. Log and coordinate with internal and external vendors / suppliers for resolution of incidents Raise requests for change, problem and service whenever required. Incident Calls to be closed with the user confirmation in the service desk tool. Calls related to VIP user be handled by senior resources of Service Desk. (Refer: VIP Users List under templates section). Help desk should notify the end user within 30 min after resolution of problem. All calls which are pending for response from user be closed within 7 days of logging the call. Call notification should be send to stakeholders and domain for all major incidents P1 calls. Page199of 531 Definitions Incident: Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service. Major Incident: Major incident is an incident which has a high potential business impact or High user span, which may not be handled in same way as a normal incident. Configuration Management System (CMS): The process of planning for, identifying, controlling and verifying the Configurations Items (CIs) within a service, recording their status and, in support of Change Management, assessing the potential IT impact of changing those items. Definition of FCR (First-Call Resolution): Percentage of incoming calls that can be resolved without the use of a callback or without having the caller call back the helpdesk to finish resolving the case Clauses:Calls resolved by Same Engineer / L-1 team. Call is expected to resolved within TAT Closure of calls by referring appropriate knowledge base. Closure of call after taken user confirmation either on phone or through E-mail. Entry Criteria / Inputs Phone Web E-mail Incident raised by Staff/Service Desk Inputs from other IT Systems / process Inputs from Event Management (BMC Patrol, EMC)T op of Form. Measurement System Name of the ticketing tool: BMC Remedy Name of the monitoring tool: EMC Networker SLA Ticket Priority P1, P2, Metric solution Formula (To l num of ti ts los d ithin Unit of Measurement Computation Method D Reference points Sou ti Page200of 531 solution = Da P3, P4 SLA target) / (Total number of tickets closed) SLA Remedy Tool Method: Raw dataimported from backend database into Excel Worksheet is used for SLA computation &Time at the creation of ticket at Service Desk – Date & Time when ticket was moved to “Resolved” state (Excluding customer dependence time) Activity Details Incident Detection Incident calls be logged by the employees of ESIC and ESIS: By Sending email at 'IT Helpdesk' <[email protected]> By sending email at [email protected] By Calling to the Service Desk <IT Support Number> 7001 from VOIP Phones. Web portal ( Self Service portal ) Incidents be detected and logged from Monitoring tools deployed in Data Center; Support team be performing the proactive monitoring and filter the qualifying Incidents from the received Alerts. Incident logged through Central servicedeskin be logged as Service request. As per user description, team change “Incident Type” to restoration\ WO \ Service Request. Incident logged through Web Portal (Self Service portal) be logged as Service request \ WO based on the selected category. As per description (provided by users), team change “Incident Type” to restoration \WO \ Service Request. Incidents be identified by the Field Engineers / IT Support Staff / Service Desk Engineer. This is the accumulation point where all the inputs are arrived for further action. Is it a VIP Call? Service desk allocate all VIP calls to VIP Support Team (who are part of the same team). VIP user be identified from master list of VIP users. VIP user list shall be reviewed by the Incident Manager on semiannual basis and any addition/deletion/modification be captured in this review. Page201of 531 Register and Record Service Desk Coordinates with user to gather the basic details to understand the requirements Service desk filter request from VIP users (Refer: VIP Users List under Template Section), Service Desk registers and records the input with necessary / Mandatory information which is required to assist the support staff in BMC Remedy (Call Ticketing Tool) Service desk identifies the defective CI (from Configuration Management system – ADDM Remedy) and its attributes to understand the overall impact and other information. Service Desk assigns the Call to the respective engineer or to self for the resolution. Auto Notification mail be sent the concerned group/assignee the call. “Prioritization of all Security Related calls to be logged as per matrix “. o Service Desk be updating the following information in the ticketing tool along with other required information : Incident Details (with Unique Reference Number which is auto generated) o Categorization o Prioritization o Date/Time o User Details o Description of the Symptoms o Assignee information Is it an Incident or a Service Request or a Security Incident? Service Desk assess the inputs received from User and various sources based on IM / SRF / Change guidelines and identify whether it is an incident, service request or a security incident. Based on the nature of call and assessment service desk routes the call to appropriate process ex: SRF, Information security Management If Service Desk finds that call is out of scope or does not belong to SOW (Scope of Work), Service Desk inform the user and Inform Other Process (wherever provided by ESIC) If the input received is an incident then proceed for “Classification” Service Request? If the received input qualifies for service request as per Service Request guidelines, it should be routed to SRF process. Inform Other Process Page202of 531 If the received input is out of Scope(as defined in SOW), then request is routed to the respective process based on the nature of the call (wherever provided by ESIC) Classification (Categorize, Prioritize & Assign) Service Desk team be following the Categorization & Prioritization matrix to categories and priorities the identified / qualified Incident Call. Categorization helps incident staff for identifying the service impacted, and assigning the call to right resource for quicker resolution Prioritization is done based on the urgency and impact to business. Post categorization and prioritization incident is assigned to respective team for necessary action Call assignment and allocation is taken internally by domain teams. Service Desk (L1 Support) attempt to restore the services for the categories defined in FCR call category and have defined solution in KM. Service Desk team be given 15mins time to search Knowledge Base, if the team is able to find the solution, it attempt to resolve it otherwise escalate to respective bin owner after 15 minutes. Any call pertaining to DC and DR where SLA is 30 minutes, service desk directly route the call to L2 or above staff. Is It a Major Incident? Based on the Major Incident definition provided, service desk identifies and decides whether it is a major incident and routes through the major incident process. Initial Support Service Desk / Incident Staff provides the initial support to the effected user by assessing the information and checking whether the solution exists in KEDB Service Desk checks if “Repeated incidents” are logged for the same configuration item to link to appropriate ticket. Service Desk / Incident Staff should explore possibilities to assist user remotely for resolution Incident staff may also route issues to Problem Management for assistance Solution in KEDB? Service Desk team to check whether solution is available in KEDB. If the solution is available in KEDB Service Desk and IT Support Teams shall proceed for Resolution and Recovery If the solution is not available in KEDB , refer 4.11 for the further investigation and diagnosis Investigation and Diagnosis and Escalate Page203of 531 Incident staff should try to provide a work around as soon as possible to restore the service and to minimizing the impact on the business When incident staff is not able to resolve or provided work around to the incident, it has to be escalated functionally for the next level of support as per the escalation matrix to get the solution. Incident shall be escalated to the appropriate support groups (vendor support team / ESIC management). Change Request The Incident staff route the Incident to the Change Management Process in case of any change required to resolve the Incident. Resolution and Recovery The identified solution is implemented to restore the effected services to the agreed level Incident Record should be updated with resolution provided. User Satisfied? On the final resolution of the call, Service Desk tool/ticketing tool send auto mail to the user (to the email ID provided by the user) for the confirmation of the restoration of the services/resolution of the incident. User feedback be check about the services provided by the IT support Team. Update & Close If the user is satisfied, the incident record should be updated and closed (if user does not provide the information, call status be auto changed to “Closed” from “Resolved” after 72 hours in the ticketing tool). In case of User non-satisfaction, user can re-open the call until the call status is changed to “Closed”; else user can log a fresh call with Service Desk. Service Desk / Incident Manager to take appropriate action: If the user is not satisfied with the resolution provided the incident can be re-opened or escalated to service desk or Incident Manager for appropriate action. Note Call Creation and relating to Incident Tickets: If service request/ change request /problem tickets needs to be opened to resolve an incident ticket, a child ticket should be created for the same by Service Desk. Incident re-open criteria: Page204of 531 Incident can be re-opened if user is not satisfied on resolution status and incident can’t be reopened once the incident is closed. However, ticket can be closed on user feedback only. No fresh SLA assign to the reopen call and resolution SLA continue from the where time it was stopped Incident closing criteria: Incident be considered as closed if user doesn’t revert in 72 hours after call resolution and call be auto closed by the ticketing tool. SLA Violation In case of any SLA violation a flag be set in BMC Remedy so that violated calls can be tracked through reports. Email Notification Email notifications should be sent to respective stakeholders at important stage of call resolution: Triggered on following Status Changes o Open o Pending for user - Manual o Reopen o Resolved o Cancel Call Status Reason where SLA clock stop (pls. refer the excel sheet attached) Customer / Peer / Vendor Follow-Up & Update Process Pending incident tickets are followed-up for latest updates with entities such as end-users, vendors, peer groups (other resolver groups) etc. as per the following ways Follow-up over e-mails Follow-up over phone/VOIP calls Both of the above Web Incident Management personnel update the ticket with details of follow up. In case of follow-up over mail, the personnel embed the mail communication in the ticket history. If the follow-up is over phone, the personnel update the ticket with the person he/she spoke to and the summary of conversation in the ticket history. Vendor Coordination Process Page205of 531 Follow up done with the Vendor as a part of co-ordination towards the resolution/closure of the ticket shall be followed as per above step no. (Customer / Peer / Vendor Follow-up & update process). Any vendor related escalation be done as per vendor escalation matrix. Ticket Audit Process To assuring the quality of the ticket update, quality team shall perform a sample ticket audit on closed incidents. Ticket Audit Sampling Plan Incident S.No Tickets nci 1 n Ti Role of verifiers ualit Man E cu i Sample size for Frequency of verification verification / i s Daily Work Items / Outputs Effective Incident Closure Communication to the users / other processes Feedback from users Reports & Reviews of Incidents Major Incident Report Key Performance Indicators (KPI) S. No. Key Performance Indicators Reports 1. Percentage of Incidents handled within agreed response time Monthly site wise trend analysis 2. Percentage of Incidents handled within agreed resolution time Monthly site wise trend analysis 3. Percentage of Incidents categorized and assigned correctly Weekly/Monthly incident categorization and trend analysis Page206of 531 4. Percentage of Incidents resolved by the Service Desk, first call resolution by using KEDB First call resolution report 5. User Satisfaction Customer satisfaction report (Transaction CSAT Report) 6. Number of feedbacks logged and acted within appropriate timelines Monthly MIS Summary Tasks Responsibility Incident detection Service Desk-Onsite or GSM /User Register and Record Service Desk-Onsite/GSM Is it an Incident Service Desk-Onsite/GSM Classification & Prioritization Service Desk-Onsite/GSM Is it a Major Incident Technical Support staff Major Incident Report Technical Support staff –GSM Major Incident Review Incident Manager Initial Support Service Desk-Onsite/GSM Solution in KEDB Service Desk-Onsite/GSM Assignment & Investigate / Diagnosis Technical Support staff –Onsite/ GSM Resolution and recovery Incident Manager-Onsite/GSM Page207of 531 Reports Monthly Site Wise Trend Analysis Customer Satisfaction Report Ticket Audit Report First Call Resolution Report Weekly/Monthly incident categorization References: Service Request Fulfillment Change Management Supplier Vendor Management Problem Management Business Relationship Management Knowledge Management Major Incident Management : Goals & Objective The goal of Major Incident Management is to restore the high potential business impact service operation as quickly as possible and to minimize the impact on the business, thereby ensuring the availability of the services are maintained within the SLA Scope Scope includes any incidents which has a high potential business impact which may not be handled in same way as an normal incident, which are communicated by Users, Service Desk, technical staff and tools. Entry Criteria / Input End User / Customer via email, phone or web Incident Staff Inputs from other IT Systems / process Inputs from Event Management Page208of 531 Measurement System Name of the ticketing tool: BMC Remedy Name of the monitoring tool: EMC Networker Process Flow Please refer attached major incident process in template section. Activities A Major incident is defined as: The potential for severe disruption or impact to business critical process, critical service provided to the customer, and meet one or more of the following: A single incident results in total business critical service failure A Service impact occurs on a major business critical system and extends for more than a given period of time, as agreed upon in SLA. If the entire operations at ESIC is majorly impacted Communication to Stakeholders Necessary communication be done with stakeholders as per the communication plan agreed with customer. There is a process for the identification of incident Manager & the resolver team and the stakeholders. There is a Pre-defined Conference Bridge No. to Discuss with the various resolver groups. incident Manager is accountable for the Major Incident Process The Stakeholders be updated on the progress of the resolution on periodic basis. Discuss and Gather information for Point of Action All relevant information regarding a Major Incident be discussed with stakeholder for deriving the Point of Action The discussion include Business Impact, Services Impacted, Expected resolution time, Accountability and Dependency Solution in KEDB Major Incident Management Team check if a work around / solution available in Known Error Database Major Incident Management Team coordinate with problem Management Team for workaround / solution KEBD be referred to check call history on configuration item and further analysis Page209of 531 Investigation and Diagnosis If workaround / solution are not available in KEDB and root cause remains unknown, the Major Incident management team invoke Problem Management process, else continue to troubleshoot and diagnose for resolution and recovery. If the solution is available in KEDB, MIM Team decides if any change is required to implement the solution If any change is required for implementation of NEW solution than change management process be invoked for seeking appropriate approval RFC goes go as an input to Change Management Process and Approved RFC comes for resolution and recovery. Resolution and Recovery The identified solution is implemented to restore the service for the agreed level. Incident record be updated with all relevant information and details so that a full history is maintained. Review Major Incident Major incident review is initiated on completion of Major incident Report. After the review the action points be identified, assigned to the concerned to owner and tracked for closure Update details in KM Portal Update the MIM and RCA details every week (Thursday) till 6:00 PM in KM Portal. KPI Percentage of Major Incidents resolved within agreed resolution time Summary Tasks Responsibility Is it a Major Incident Major Incident Staff Major Incident Report Major Incident Staff Major Incident Review Major Incident Manager Initial Support Major Incident Staff Page210of 531 Solution in KEDB Major Incident Staff Reports S.No Report 1 MIM Effectiveness Content Participants / Distribution List Frequency Responsibility Monthly Incident Manager Internal Reference Following are the documents which have reference to this Process Process – Major Incident Management process Guidelines - Nil Templates - Incident Priority Matrix, Major Incident Report, Major Incident Communication Tools – BMC Remedy Checklist – Nil Service Request Fulfillment Process : Goals and Objective To provide a channel for users to request and receive standard services. To provide information to users and customers about the availability of services and the procedure for obtaining them To source and deliver the components of requested standard services To assist with general information, complaints, appreciations or comments. Handle Request and deliver requested Services To provide quick and effective access for standard service to the users. To provide a window to the users to submit and view Service Requests. Scope At ESIC, Current Service provider is responsible to define a process to respond and resolve service requests / work orders with best efforts. Page211of 531 Current Service provider is responsible to provide all kind of IT support to ESIC employees, this also includes availability of IT equipment’s. Entry Criteria / Inputs Phone Web Request raised by Staff/Service Desk Email Direct Walk-In Measurement System Name of the ticketing tool: BMC Remedy Procedure (Activity description) Classify & Assign Service Desk receives Service Request based on the Service Request Approval Matrix (as depicted in Incident Management process flow) Service Desk validates the correctness of the Service Request to deliver the required services. (Refer: “Service Request Approval Matrix” under Template Section) Service request is assigned to appropriate engineer for request fulfillment. All team members in the group are skilled enough to provide the first level of support. All Service request logged in BMC Remedy be classified for Categorization (as per Service Request Approval Matrix) and then assigned. ASSESS the Request The Service Desk assesses the ticket for its completeness and approvals. If the information provided by the user is incomplete, the requester is contacted for more information. On receipt of necessary details and approval the request details are updated and proceeded further for fulfillment On Assessing the request support staff checks whether the request is within the scope of support or not, with the help of “Service Request Approval Matrix”. Support Staff also checks with service desk manager to verify whether the request is in scope. For out of scope request a notification is addressed to the user updating the details for rejection. Is the Request in Scope Approval Required Service Request should be checked by the service desk for all required approval with the help of approval matrix and the requester is advised to get all required approval if in case of non-availability of any approval. Page212of 531 Status Update Service Desk Engineer collects and provides the requested information to the user and also assesses the approval of the Service Request, if require service desk engineer takes inputs from service desk engineer to assess the approval. Users be notified through a complete update of the ticket in the BMC Remedy Tool. Service Request fulfillment Service Desk provides the appropriate solution to fulfill the request and updates the request from “Work In Progress” to “Pending for User”. User Confirmation User confirmation is taken on the resolution provide to the Service Request. If the user is not satisfied with the provided solution, user is expected to revert. If the user confirmation is not obtained within 72 hrs the request is closed in the BMC Remedy tool by the tool, considering the request is fulfilled as per the user’s expectation. Confirmation needs to be obtained from requestor whether the service request is fulfilled. If the user is satisfied the status of the service request is updated and closed Service request records shall be closed by support staff after obtaining user confirmation. Update & Close Service Desk for appropriate action If the user is not satisfied with IT services provided, service desk / support staff should escalate to the next level to re-look into the solution provided based on feedback. Note: Scheduled jobs/tasks need not require service request to be raised e.g. Scheduled backups, scheduled transfer of tape inventory to offsite location etc. Work-items / Outputs Resolved service request raised by ESIC RFC for service request fulfillment Communication to ESIC The total number of Service Request The size of current backlog of outstanding Service Requests KPI Summary Page213of 531 Tasks Responsibility Classify & Assign Service desk Assess the request Service Desk Is it in Scope Service Desk Approval Required Service Desk Status Update Service Desk Service Request Fulfillment Service Desk User Confirmation Service desk Update & Close Service desk Service Desk / Support Staff for Appropriate Action Service Desk References: Incident Management Service Request Fulfillment Process Change Management Event Management Goals and Objectives The Objective of this process is to define the approach for all monitoring and management as per scope of work. Detects Events, makes sense of them, and determines the appropriate control action Automating routine Operations Management Activities Compares performance and behavior against design standards and SLAs Basis for Service Assurance & Reporting and Service Improvement Scope To manage all events that occur in IT infrastructure To assist in detecting and escalating exception conditions Entry criteria and inputs Events / Alerts from the monitoring management tools System generated Logs/Events Page214of 531 Events/alerts from environmental conditions. Measurement System Name of the ticketing tool: BMC Remedy Name of the monitoring tool: EMC Networker Activity Details Event Occurrence, Detection and Notification Events are received through event management tool, automated alerts, system generated Logs/ Events / alerts from Environment conditions etc Support Function should monitor IT infrastructure and services for abnormal situations, conditions that either affect (or may affect) the end user, preferably predicting situations and conditions, generating automated responses(notification), thereby avoiding possible service and element failures. While monitoring any occurrence that has significance for the IT infrastructure management or the delivery of IT service are captured using various tools and termed as “Event” Event Filtering and Correlation Event filtering is to decide whether any action or communication is required from the support staff. Support staff should ensure that only those events that have significance are filtered and communicated. Filtering step determines whether the event is information, warning or an exception. Event correlation is a decision made to assess the significance of the event and what action needs to take on the event Correlation is done with a set of criteria and rules in a pre-described order Based on the logic for Event correlation, it can trigger one or combination of o logging or generating of alerts requiring human intervention, o logging events o Incident, Problem or Change Management procedures. o Reduce a Warning to an Information o Escalate an Information to warning or exception Event Significance Support Staff should classify the events according to their significance. Classified Events can be : Page215of 531 o Information o Exception o Warning Ref: Event Significance Matrix Information: o Mostly Informational events do not require any action and such events should be archived and stored in CMS (Configuration Management System) for potential analysis. In case any action is required appropriate steps would be taken as per the information. o For example: capacity data, batch job completion etc. Exceptions: o Exception means the service or a device is operating abnormally, which could trigger for an Incident, Problem or Change Management process. o Exception includes the events such as device failing, SLA breached, server down, Network segment is not responding etc. Warning: o Warning is an event which is generated when the threshold set has arrived o Warnings are intended to notify the relevant team/group to take a appropriate action, thereby preventing an exception to occur o Warnings needs to be further intelligently assessed for its significance as a part of Event management. o Responses for Warnings can be manual or could be automated Archive Mostly Informational events do not require any action, are archived and stored in CMS for future reference to help in analysis Auto Response Typically events that are understood well enough, that the appropriate response has already been defined and automated. The trigger initiate the action and then evaluate whether it was completed successfully. Ex of auto response includes: o o scheduled batch jobs, restarting a service Alert Page216of 531 The purpose of an alert is to ensure that the support staff with appropriate skill is notified to deal with the event. Manual Intervention The generated alert contain all the information for the support staff to determine the appropriate action. The alert requires support staff to perform a specific action based on the information provided by alert. The event can be logged as an event record, or as an entry in the system log of the device or application that generated the event. Event Logged Does it QUALIFY? When an exception event occurs, it represent a situation where the appropriate response be handled through the Incident / Problem / Change management process Event Resolution Event resolution is based on the response selection which happens based on the significance of the event Support staff provides solution to the event and updates the event record. Review Action Review should ensure that the handover between the Event management process and other processes took place as expected. Event actions are reviewed to check that any significant events or exceptions have been handled appropriately Event Closure Events are closed when the appropriate action is taken by the support staff. The record is updated with the solution provided before closing the event record. Work items/ Outputs: Resolved Event Incident / Problem / Change ticket RFC for Event resolution Communication to customer Event Log KPIs Number of events by category Page217of 531 Number of events by significance Number and percentage of events that resulted in incidents or changes Number and percentage of each type of event per platform or application Summary Tasks Responsibility Event Occurrence, Detection and Notification Service desk Event Filtering and Correlation Service desk Event Significance Service desk Event Logged Service desk Does it qualifies Service desk Event Resolution Service Desk Review Actions Technical Support Staff Effectiveness Service Desk / Technical Support Staff Event Closure. Service desk Reference Event Management Process Incident Management Procedure Problem Management Procedure Change Management Procedure Event Management Guidelines Problem Management Page218of 531 Goals and Objectives The Objective of Problem Management is to prevent problems and resulting Incidents from happening, eliminating recurring incidents and to minimize the impact of the incidents that cannot be prevented. Scope The Scope of Problem Management includes detection, recording, allocation, investigation & diagnostics to determine the root cause of the problem and to find out a workaround or solution to the reported problems. The scope is applicable to the services as agreed in the SOW. Entry Criteria/Inputs Problem Management has 2 types of inputs Reactive Triggers o Repeat / Recurring Incidents o Service Desk & ESIC. o Workarounds from Incident Management o Events, Major Incidents o Suppliers Proactive Triggers o Trend Analysis from Service Management Process (E.g.: Incident, Problem, Availability, Capacity etc) Measurement System Name of the ticketing tool: BMC Remedy Name of the monitoring tool: EMC Networker Activities of Problem Management Problem Detection Problem Management has multiple ways of detecting the problems in line with the problem definition criteria. These include: o Detection of an unknown cause of repeated / reoccurring incidents, where the incident may have been resolved but there is no definitive root cause that is identified and hence suspects of reoccurring the incident is very high. o A periodic trend analysis done by the problem management team or technical support group that could lead to identification of certain failure pattern in the technology infrastructure. These patterns need a detailed analysis and corrective actions to arrest future occurrences of similar incidents. Such problem detection is categorized under Proactive Problem Management Page219of 531 o Analysis of Incidents from Technical Support group which reveals likelihood of Potentials problems o Automated detection of an infrastructure or application fault, using event/alert tools automatically to raise an incident which may reveal the need for a Problem Record. o A notification from a supplier communicating that a problem exists in the product supplied / supported by them (E.g.: a security patch from Microsoft or a bug fix from Oracle etc) Meaningful and detailed categorization of incidents/problems and regular reporting of patterns and areas of high occurrence help in effective problem detection ‘Top ten’ reporting, with drill-down capabilities to lower levels, is useful in identifying trends. Please refer Problem Priority Definition Matrix. Problem Recording Prior recording the problem ticket, check the tool to ensure the same problem ticket is not already logged. In case so, do not log a fresh problem ticket, alternatively you could update the log of already open ticket. Relevant details of the problem must be recorded in the Service Management tool. These details could be; User details Details of the impacted CI (CI attributes) Date / Time Details Priority and Category Incident Description & no of associated incidents. Details of all diagnostic or attempted recovery actions taken. Categorization, Prioritization and Allocation Problem Categorization must be done to clearly distinguish the domain/s that are impacted and forms the basis of problem allocation. Hence accuracy of problem allocation is widely dependant on problem categorization. Problem Prioritization defines the priority with which a detected problem is attempted for resolution. It is purely dependant on the impact and urgency of the problem. A priority matrix based on impact & urgency must be defined and signed-off with customer well in advance. As per the categorization, every problem must be allocated to respective team who would attempt to resolve the problems as per the priority matrix. Page220of 531 Pain-Value analysis method can be used for prioritization of the problem as well as attacking the most important part of action which needs attention Problem prioritization should also take into account the severity of the problems. Severity in this context refers to how serious the problem is from an infrastructure perspective During a Major Incident, the Problem Management team could be called upon to resolve the major incidents due to nature of the skills and tools they have. Investigation, Diagnosis & Identification of root cause A detailed investigation and diagnosis is carried out by the respective team. The priority matrix is referred to understand the urgency of problem resolution and hence diagnostic actions are taken accordingly. An escalation matrix must be referred to by the team whenever required to involve stakeholders from internal team, customers or supplier to assist resolution of problem. During the course of Investigation and Diagnosis, the underlying root cause of the problem must be identified that could lead to provision of a workaround or a permanent fix to the detected problems. The KEDB and CMS should be referred to during investigation and diagnosis to check a prior occurrence of the problem so that the corresponding workaround / permanent fix could be referred to for an applicable resolution There are various methods that assist identifying a root cause. Any one or multiple methods could be adapted to fast-track the root cause identification and analysis. Some of the techniques include; o Chronological Analysis o Brainstorming o Ishikawa (fish-bone) Diagram o Pareto Analysis Check for solution An immediate result of investigation and diagnosis is identification of a work-around or a permanent fix to the detected problem. Change Required? As soon as a solution is found, check whether a change is required in the infrastructure, if so a RFC is to be raised and routed through Change Management Process. As soon as the diagnosis is complete, and particularly where a workaround has been found or Root cause is known (even though it may not yet be a permanent resolution), a Known Error Record must be raised and placed in the Known Error Database – so that if further incidents or problems arise, they can be identified and the service restored more quickly. Apply Solution Page221of 531 Ideally, as soon as a solution has been found, it should be applied to resolve the problem. If a workaround is found, it is important to keep the problem record open so as to arrive at a permanent fix. Post the RFC approval from the CAB, the workaround or the permanent fix is implemented into the production environment through Release & deployment process. It is mandatory to update the KEDB post applying the solution to assist a speedy resolution of any future incident / problem recurrence of similar nature It is possible that at times where a permanent fix is available, the customer is reluctant to implement the solution. This could be due to an unjustified business case where the business is ready to live with the problem. In such scenario, the Problem Record should be kept open and the Known Error Record needs to be updated so that any recurrence of the same problem can be detected and resolved in future. A decision to this effect is taken by the CAB once the change implementation comes to CAB for approval. Care should be taken appropriately flag such cases in the open Problem Record so that any future rework on the problem is avoided. Update Problem Details The Problem record is updated with necessary details like description of the work-around / permanent fix, KEDB, CMS updations status and other details if any. The status of the problem record also is changed. Check whether the solution is a Permanent Fix It is mandatory to check whether the applied solution is a permanent fix or a workaround. In case the workaround is given, the Problem ticket needs to kept open and reinvestigation and diagnosis needs to be done to arrive at a permanent fix. (Go back to step 4.4) Once the Problem solution has met the intended objective and the solution given is a permanent fix, the Problem management team could go ahead towards the closure of the problem ticket Review the Problem solution Post applying the solution (permanent fix), problem ticket needs to be reviewed, involving the problem management team and chaired by the Problem Manager. The review could check the correctness and accuracy the update in KEDB. The KEDB should be updated with all the activities carried out to resolve the problem against the problem. The review should focus to check whether the problem solution has met the objective and what better can be done in future. A check should be performed at this time to ensure that the record contains a full historical description of all events – and if not, the record should be updated. Problem Closed Page222of 531 The problem record should be formally closed; a check should be performed to ensure that the record contains a full historical description of all events performed chronologically. The learning’s and the solution from this problem has to be updated into the CMS and KEDB respectively. A closure of the problem should also lead to closure of related open known errors. Related open incidents need to be closed before the closure of problem ticket. Investigation and Diagnosis In case the solution applied is a work-around (refer step 4.9), further investigation and diagnosis need to be carried out to obtain a permanent fix to the said problem. The problem management team could follow functional escalation and involve respective team, supplier to help find a permanent fix. Permanent Solution Found? Once further investigation and diagnosis is carried out and a permanent solution is found, the same is routed to change management for application of the fix into the production environment Check feasibility Any problem ticket for which permanent fix is not identified, the same is discussed with Director System of ESIC and further decision to this effect is taken. Ideally such problem tickets are closed with appropriate comments. The problem log is also attached with the Director System- ESIC approvals for such closures. Few reasons for non-identification of a permanent fix could be; Supplier unable to identify a permanent fix Internal technical team competency issues The underlying product is out of support or is already end-of-life Major Problem Review Check if the problem is categorized as Major problem. Refer to for Major problem Definition. In such a case, a Major Problem Review is conducted chaired by the Problem Manager. The objective of the review is to identify and record all learning’s that could be beneficial for future review and examinations. Such review should be conducted involving internal, ESIC and supplier stakeholders. Few points that cold form a part of the review could be; The effectiveness of the resolution i.e. Whether the resolution has fetched the expected outcome / result Things done Correctly Things that have gone wrong What could have been better Page223of 531 How to prevent recurrence Supplier actions that would need a re-look and further follow-up Any open actions that need closure from the stakeholders Responsibility matrix and rewarding, if any. Monitor, Track, update and communicate It’s the responsibility of Problem Manger along with problem management team to monitor, review and update on every problem management call. Along with this responsibility Problem Managers also responsible to communicate the problem updates to respective stake holders. Review of all problem calls be done on fortnightly basis by problem manager along with problem management team through teleconference or by any other mode of communication and problem review tracker be filled. Throughout the activities, continuous monitoring needs to be done so as to detect the problem proactively. Continuous Trend analysis helps in identifying the problem proactively. One should not keep the problem within himself. Any problem once identified should be communicated back to the relevant stakeholders. Once identified, the problem should be continuously monitored and tracked to closure till a permanent fix is found. KEDB should be updated on a regular basis so that any repeat occurrence of the same problem can be resolved immediately. KPI’s The total number of problems recorded in the period The percentage of problems resolved within agreed timelines The number and percentage of problems that exceeded their target resolution times The backlog of outstanding problems and the trend The number of major problems The percentage of Major Problem Reviews successfully performed The number of Known Errors added to the KEDB Work Items / Outputs RCA Report RFC Updated KEDB Metrics Management Information - Weekly Progress Status Report and SLA Adherence Report Page224of 531 Problem Management Review Checklist Tasks Responsibility R: Problem Team A: Incident Manager C: Customer, NPM, PD Problem Detection I:Customer R: Problem Team A: Domain lead Problem Recording C: Customer, NPM, PD R: Problem Team Categorize, Prioritize & Allocation A: Domain lead C: Customer, NPM, PD R: Problem Mgt Team Investigation, Diagnosis and Identification of root cause A: Domain lead/ Incident Manager C: Customer, NPM, PD I: Customer/PM R: Problem Mgt Team A: Domain lead C: Customer, NPM, PD Solution Identification I: Domain Lead/PM R: Problem Mgt Team A: Domain lead C: Customer, NPM, PD Check feasibility I: Customer R: Problem Mgt Team A: Domain lead Review Problem Solution C: Customer, NPM, PD Page225of 531 I: Customer R: Problem Mgt Team A: Domain lead C: Customer, NPM, PD I: Customer/PM Problem Closure R: Problem Mgt Team A: Domain lead C: Vendor, Customer, NPM, PD I: Customer/PM Vendor Coordination process R: Problem Mgt Team A: Domain lead C: Customer, NPM, PD Known Error Identification and Recording I: Incident Management Team R: Problem Mgt Team A: Domain lead Known Error Assessment, Known Error Resolution & Monitoring C: Customer, NPM, PD I: Customer R: Problem Mgt Team A: Domain lead C: Customer, NPM, PD Communication and Training I: respective stakeholder Change Management Goals and Objectives Only approved, cost effective changes made with an acceptable amount of risk Page226of 531 Ensure standardized methods and procedures are used for efficient, prompt and authorized handling of all changes in the IT Infrastructure. To Maintain close relationship with Configuration Management and Release Management. Scope Life cycle approach of Change Management facilitates to handle changes from Change request initiation till closure in controlled manner, such as change registration, classification, allocation, prioritization, Change Approval, Coordination for Build, test and change Implementation, change review and closure. This includes all change requests related to IT Infrastructure, application support, services, and Registered Documents. Entry Criteria / Inputs New Services New or Changed Services and contractual changes Changed services RFC by other process Any change to existing IT infrastructure including configuration / hardware / software / Application Changes arise for a variety of reasons: o Proactively, e.g. seeking business benefits such as reducing costs or improving services or increasing the ease and effectiveness of support o Reactively as a means of resolving errors and adapting to changing circumstances. o Policy and strategies for change and release o Change proposal o Plans – change, transition, release, deployment, test, evaluation and remediation o Current change schedule and PSO o Current assets or configuration items, e.g. baseline, service package, release package o As-planned configuration baseline o Test results, test report and evaluation report. Activity Details Raise RFC A change is “an event that results in a new status of one or more configuration items (CI's)” Page227of 531 Request for change is requested, by the initiator on a CI or a Service asset or on a service as whole through request for change form RFC are triggered for a wide variety of reasons and from a wide variety of sources. Some of the possible reasons includes: o Change required for resolution of an Incident or Problem o Proposal to introduce or remove a component o Proposal to upgrade some component of the infrastructure or add an application o Changes business requirements or new direction or change legislation o Change of location o Product or service change from vendors or contractors RFC to be initiated online by logging a call in Ticketing Tool in an agreed format Requests for Change should be routed through Service Desk and change manager/coordinator Verify RFC and Filter Change Each Change request logged is verified by change coordinator/change manager for the completeness of information like: o Change Implementation Plan o Change Implementation window o Whether the CI or the Service Asset or the service would be up during the change implementation duration or not and so on. Filter the RFC based on the information provided to proceed further, It is recommended to consider the following questions while Verifying / Filtering the change request Who RAISED the Change? What is the REASON for the Change? What is the RETURN required for the Change? What are the RISKS involved in the Change? What RESOURCES are required to deliver the Change? Who is RESPONSIBLE for the build, test and implementation of the Change? What is the RELATIONSHIP between this change and other changes? Based on Impact and Urgency Change requests be prioritized Page228of 531 Change details verified and found OK Change Manager may consider each request referring Organizational policy (If any) and filter out any requests that seems to be o Repetition of already raised RFC that are accepted, rejected or still under consideration o Does not contain full information to take it forward Reject RFC RFC can be rejected in the absence of complete/required information as per Change Manager/ Change Coordinator Fresh RFC needs to be raised with complete information, if it is rejected because of any reason. Communicate to Stakeholder When the RFC is rejected, it be communicated with the reason of rejection to the requestor by change coordinator/change manager. Register RFC The RFC is registered with a unique identification number, The unique identification number of the Registered RFC is communicated to the Change Initiator/Requester. Categorize the Change Request All the changes raised by requestor be categorized by the change coordinator/change manager with inputs of respective stake holders. Categorizing is a means to identify the Service for which the change is proposed for, which is the Service asset within the service that has been identified to be changed. Please refer categorization matrix attached in templates section. Prioritize the change request All the changes raised by requestor be prioritized by the change coordinator/change manager with inputs of respective stake holders. The identified way to prioritize is based on Urgency versus Impact. The relative agreement on prioritization further leaves a clear understanding as to which change to be implemented sooner than the other changes. Prioritization may also be carried out considering the element of release planning to prioritize the Change requests Type of change (Emergency, Expedited, Latent, Normal, No impact and Standard) The types of changes are identified on account of categorizing and prioritizing the RFC received. Page229of 531 Depending on the types of changes, the approval mechanism is associated and would proceed further to seek approvals. Standard type of changes is considered as pre-approved changes. These types of changes essentially may not require any separate approvals; IMAC Process go through Standard Change. Submit Change for approval A formal approval must be obtained from the Change Authority for each change. Change Requests should be reviewed by change manager, in case change manager is not available for any reason, alternate approving authority should approve the change. Alternate approving authority be authorized either by change manager. In Case of Emergency Change, If Change Approving Authority is not available / reachable for 15 mins, Change Manager has to designate next qualified and authoritative person in the hierarchy to approve / reject the Emergency Change Request within 10 mins of raising the ECR, and if in case L2 is not reachable for another 10 mins, L3 be authorized to Approve/Reject the ECR (Emergency Change Request). “After internal approval, Customer’s (Mr. S K Garg - AC Sys) Approval be taken (Over the phone or email) in case of all kind of Emergency Changes and in his absence he can nominate someone from his team” The issue of risk to business has to be considered prior to approval of the Change Request. Details of risks associated with the Change should be updated in RFC. All the Changes be discussed in the CAB before rolling out in the production except Emergency Changes where Separate Approvals be taken with ESIC Sys Div. Participation in CAB from ESIC is compulsory, in the absence of ESIC Designated Officials, no change be carried out until it is Standard or Pre-Approved Change. For any major change where CAPEX is required approval from steering CAB should be attained. Note: - For any blanket CR’s; it needs to be presented to CAB and approval to be taken from Change Manager + Program Director+ PMO + Gov +Quality+ ESIC sys div. For any DOWNTIME ACTIVITY where change is concerned, we need to communicate to customer 72 hrs in advance… Change Approved The changes are approved based on the change approval and assessment guidelines which are based on the Impact on business. Approval authority includes primarily Change Manager and CAB respectively which is based on need basis. Page230of 531 The approved changes are further allowed to proceed for building and testing of those changes. However, in case of Emergency, these approvals can be verbally received and documented later. It may be mandatory for any change to be formally approved by the agreed approvers, RFC status shall be communicated to the all the stakeholders before implementation along with the time-frame, risk, impact, cost and other parameters which may have a business impact in future. Whenever a change request is moved to the next phase BMC Remedy send notification to respective owners and send reminder notifications to the owner if the respective phase is not finished. Coordinate for Building and testing The approved changes are taken forward by Release and Deployment Process for built and tested. This may be applicable to the IT environment being supported, as for some of these areas might have been carried out by the principals. If it is a Normal Change (Major, Minor),then the test cases are supplied to the Release and Deployment process and the results of the tests conducted are received If it is an Emergency change, if time permits, the test cases are supplied to the Release and Deployment process and the results of the tests conducted, are received. For e.g.: Antivirus patches are being built and tested by the Principals before releasing it to their application users. The applicability and the compatibility are tested and building may not be applicable in this case. In case of Emergency Change, build and test are performed only if time required to perform these activities are available. The change results are further submitted to approval authority for the change to be authorized For implementation Change authorized for Implementation The results of the build which were tested are shared with the approval authority to seek authorization. The authorization is required for the Release and Deployment process to carry out the change in the agreed manner. The changes may be rejected, if the test results are not satisfactory. RFC can be rejected if back out plan is not incorporated. Co-ordinate with the Change Manager for appropriate actions There may be instances where even after multiple attempts of testing, the test results may not be satisfactory. Page231of 531 In such cases, Change manager co-ordinates with the stake-holders for appropriate actions. The Change Manager may decide whether to go for another round of build and test or to allow the change, or to reject the change (Decision might vary on case-to-case basis). Change Manager may in turn check with the relevant domain owners, service owners for his decision. Similarly, the emergency changes, which have legal, regulatory, financial or business impact in any other form, may be allowed even if the test results do not meet the desired objective of the change fully / partially. Co-ordinate for Change Implementation Change implementation needs to be taken forward for implementation by Release and Deployment process. Site conditions should be checked before change implementation For changes where the change implementation window is spread across many calendar days and where multiple geographical locations are involved during implementation, it is wise to send periodic change update notifications at the agreed time intervals or at completion of significant stages to all the stake holders. If the need arises, the change management also takes the decision of when to back out the change. Post Implementation Review After completion of change activity, Post Implementation Form (as enclosed template) be filled. Change Successful The changes that are implemented are being confirmed by Release Deployment (RDP) process to ensure that every step mentioned in the change implementation plan is carried out the same way as planned The changes implemented successfully, are communicated to the stake holders and a Post Implementation review is conducted based on the type of change, complexity of the change, lessons to be learnt as a part of the change lifecycle. Release and Deployment process may log an incident Ticket for failure cases to take them forward for tracking Review Evaluation of a implemented change is done by Service Evaluation process and evaluation report is submitted back to Change management The changes those backed out are also referred to undergo the Post Implementation review. Based on the evaluation report submitted Post Implementation review (PIR) is conducted by inviting all the relevant stakeholders of the change. Page232of 531 This is typically done to understand Whether the objective of the change is met, the lessons to be learnt as a part of the change lifecycle which may be useful for further improvements of change process, communication, co-ordination, planning and so on. Evaluation report is received from the Release and Deployment process A document is prepared in an agreed format and is circulated to the stakeholders, indicating target dates of actions if identified. Change Objective met Change can be rescheduled if: Change has not been implemented. Example; - the patch update not started on a server as power / hardware failed prior to implementation. Change implementation has not been completed. Example; - the patch update started but could not be completed on a server due to hardware failure in between. If the change initiator verifies that the change request that was raised had met its objective, the change request further is documented with this information and is closed. If the Change initiator confirms that the change has not met its objective, the suggestion is to raise another change request. New RFC needs to be raised if the change objectives are not met after the implementation. Communicate to stakeholders and close the Change request Communication about the status of the change completion is notified to all the relevant stakeholders indicating the confirmation received from the initiator. Further the Change record is closed. Stakeholders should include Change Requester, Domain experts, Change Manager and Customer. After receiving requestor confirmation on change implementation change request should be closed Close the RFC and Update CMS / SACM Closed Changed request should be updated in the CMS database for future reference and to get history on a particular configuration item. During the lifecycle of Change Management, wherever relevant, and applicable, the Change Management system is updated with the status updates, decisions about priority, category, and risk levels, approvals, Authorizations and so on. Work Items / Outputs Rejected Change Request details Implemented Change Request details Post Implementation Review Page233of 531 Communication of changes to the stakeholders and CMDB update New, changed or disposed assets or configuration items, e.g. baseline, service package, release package Revised PSO (Projected Service Outages) Change documents and records Change Management Report KPI: Number of disruptions to services, defects and re-work caused by inaccurate specification, poor or incomplete impact assessment Number of unauthorized changes Backlog of change requests for a period Number and percentage of unplanned changes and emergency fixes Change success rate (percentage of changes deemed successful at review/number of RFCs approved) Number of changes where remediation is invoked in a particular period Number of failed changes in a period Average time to implement based on urgency / priority / change type Incidents attributable to changes Percentage accuracy in change estimate Summary: Tasks Responsibility Raise RFC Requestor/Domain Leads Verify and filter change Change Management Team Reject RFC Change Manager Register RFC Change Management Team Categorize / Prioritize the Change request Change Management Team Change Approval Change Manager Change authorization Change Management Team Post Implementation Review Change Management Team/Change Manager Page234of 531 Reports Performance is tracked and reported on Monthly basis. Performance is reviewed on a periodic basis during the Reviews Service Validation Testing Goals and Objectives To plan and implement a structured and defined test and validation procedure through which the releases support the business requirements and also meet the agreed service levels To provide confidence to that a release add value to ESIC within the projected capacity, cost and constraints. Scope To design and verify the test plan in line with the budget availability, skill availability and timelines requirements. To provide appropriate information on the evaluation process on delivering the release with the necessary risk profile included. Entry Criteria / Inputs Build, test and release plan and schedule Deployment and remediation plan Testing strategy Service design package Actual release like patches, bug fixes etc. Activity Details Below are the activities against each of the process step in line with the Service validation and testing process. Plan and Test Design The necessary resources including the hardware, staffs and skills need to be analyzed and planned for carrying out the testing and necessary validation. Understanding and planning for the relevant business and ESIC requirements. Clear plan on roles and responsibilities between the ESIC, suppliers and Current Service provider need to be designed. Plan for the milestones, timelines and delivery dates for completion of the testing. Financial, budgeting, remediation possibility, technical feasibility requirements to be analyzed and planned. Page235of 531 Review, Verify Test Plan and Design Review the risk involved in the test plan. Review the budgets, resources including the hardware & software requirements, skills, timelines planned. Review the milestones and evaluate the risk on meeting the milestones. Prepare Test Environment The test environment needs to be made available with the similar condition of a production environment for carrying out the validation and for bring out the effective testing and validation result. This would include availability of all the relevant applications, programs running in the production environment along with the similar configuration conditions. During the condition of non-availability of test environment at ESIC, some test can be carried out directly into production environment on case to case basis after getting clear concurrence from the customer. Perform Test The testing of the release need to be carried out as per the plan. The availability of the respective personnel from ESIC, suppliers need to be available for analyzing and capturing the test result as per the test plan. The timelines and the milestones should be adhered during the activity of performing the test. There are many types of operational testing depending on the nature of the test being performed. Below are few test models which can be used appropriately at relevant testing activity. Load and stress – These tests establish if the release perform to the required levels on the capacity likely to be available. The capacity elements may include any anticipated bottlenecks within the infrastructure that might be expected to restrict performance, including: Load and throughout Behavior at the upper limits of system capability Network bandwidth Data storage Processing power or live memory Service desk resources – people and technology such as telephone lines and logging Available software licenses/concurrent seats Support staff – both numbers and skills Overnight batch processing timings, including backup tasks. Security – All services should be considered for their potential impact on relevant security concerns, Page236of 531 and subsequently tested for their actual likely impact on security. Any release that has an anticipated security impact or exposes an anticipated security risk have been assessed at design stage, and the requirement for security involvement built into the service package. Recoverability – Every significant change have been assessed for the question ‘If this change is made, the Disaster Recovery (DR) plan need to be changed accordingly’. Notwithstanding that consideration earlier in the lifecycle, it is appropriate to test that the new or changed service is catered for within the existing (or amended with the changed) DR plan. Typically, concerns identified during testing should be addressed to the service continuity team and considered as active elements for future DR tests. Regression tests - Regression testing means ‘repeating a test already run successfully, and comparing the new results with the earlier valid results’. On each iteration of true regression testing, all existing, validated tests are run, and the new results are compared with the already-achieved standards. Regression testing ensures that the release/change does not introduce errors into aspects of the services or IT infrastructure that previously worked without error. Simple examples of the type of error that can be detected are software contention issues, hardware and network incompatibility. Result Recording Capture and collate the test results. Check for the output to meet the quality and technological requirements Consolidate all the findings to arrive at the risk involved in applying the release in the production environment. The inputs from Service validation and testing need to be carried forward to service evaluation for further evaluation in line with the acceptance criteria’s and the testing and evaluation plan. Work Items/Outputs Test results Risk log Recommendations Updated release note Summary Tasks Responsibility Plan and Test Design Release Manager Review, Verify Test Plan and Design Release Manager Prepare Test Environment Technical Staff Perform Test Technical Staff Page237of 531 Result Recording Technical Staff, Suppliers KPI’s Delays in testing that impact the business Number of successful UAT’s(increased) References Service Validation and Testing Process Service Evaluation Procedure Change Management Procedure Release and Deployment Procedure Service Evaluation Management Goals and Objectives To gauge the actual performance of the release against the predicted performance. To understand the deviation between the predicted performance and the actual performance to manage the release and provide correct recommendations on the release to the change management. Scope The evaluation has to be carried out for all the releases which have been tested in the test bed. The identification of the deviation between predicted performance and the actual performance enable Service Evaluation process to provide the necessary inputs/recommendations to the change management. Entry Criteria / Inputs RFC Test results from Service Testing and Validation Process Activity Details Evaluation Plan Evaluation of a change or release need to be carried out for identifying the unintended effect of the change or release which be looked with different dimensions/perspectives. Unintended effect would be primarily those effects observed which is potential issue creating or unacceptable effect in the IT setup. Page238of 531 The plan needs to be exhaustive in terms of covering entire aspects of the change before releasing to the production environment. The plan needs to cover upon those unintended aspects of the changes which are not beneficial for the ESIC services and business etc. The acceptance criteria need to be planned. The evaluation process would be carried out based on the effects observed in line with the acceptance criteria’s planned. Evaluate the predicted performance Predicted performances are the expected output as a result of the completion of the test plan for release or change in the test environment. The change management process needs to clearly articulate the details of the measures which be used to evaluate the performance of the release. Evaluation of the predicted performance need to be carried out using the acceptance criteria’s including the ESIC requirements. A risk assessment is carried out and the output of the risk assessment is captured in an interim evaluation report is generated. The interim evaluation report would be generated while identifying that the predicted performance would create unacceptable outcome. Identification of risk due to unacceptable outcome would end the evaluation process after communicating the report to change management. Evaluation of the actual performance Evaluation of the actual performance is carried out upon releasing or implementing the change in the production environment. Using the acceptance criteria’s defined and the actual performance, a risk assessment is carried out. Identification of any unacceptable effects during the actual performance, an interim evaluation report is prepared. This would be cascaded to the change management process. Identification of unacceptable effects/elements would end the process of evaluation after communication to the change management through the interim evaluation report. Evaluation Report Upon completion of the evaluation of the actual performance with the acceptance criteria’s, evaluation report is prepared. However this report would be prepared only on identification of acceptance criteria matching with the actual performance. The evaluation report is cascaded to the change management process for further processing. The evaluation report ideally needs to include the recommendations for implementation of the change/release. Service evaluation as a process can be applied at any process step during the release and deployment irrespective of the planning or execution. It primarily depends on the cost, budget, resource availability and other factors and elements related to the site for carrying out the evaluation. Page239of 531 Work Items/Outputs Interim Evaluation Report during identification of unacceptable risks during change/release implementation. Evaluation report when the actual performance is in line with the acceptable criteria’s and ESIC requirements. Variance from service performance Number of incidents against the service Number of failed designs that have been transitioned Cycle time to perform an evaluation KPI Summary Tasks Responsibility (RACI) Evaluation Plan Release Manager R: Implementation Team Evaluation of the predicted performance A: Domain Lead C: I: CAB R: Implementation Team Evaluation of the actual performance A: Domain Lead C: I: CAB R: Implementation Team Evaluation Report A: Domain Lead C: I: CAB References Service Evaluation Process Change Management Procedure Page240of 531 Service Validation and Testing Procedure Release Management Procedure Abbreviations RFC – Request for Change CI - Configuration Item CAB – Change Approval Board RDP – Release & Deployment Process PIR - Post Implementation Review CMS - Configuration Management System CMDB – Change, Modify, Delete Continuos Service Improvement Goals and Objectives Review, analyze and make recommendations on improvement opportunities in each lifecycle phase: Service Strategy, Service Design, Service Transition and Service Operation. Review and analyze Service Level Achievement results. Identify and implement individual activities to improve IT service quality and improve the efficiency and effectiveness of enabling ITSM processes Improve cost effectiveness of delivering IT services without sacrificing customer satisfaction Ensure applicable quality management methods are used to support continual improvement activities Scope To manage all qualified events To improve the effectiveness and efficiency of service delivery and management that occur in IT infrastructure Entry criteria and inputs Customer Complaints Customer Feedback Service Review Action Items Internal/ External Audit and Assessment Findings Page241of 531 RCAs Trend Analysis Service Assurance Reports Activity Details Collect Data & Improvement Opportunities Before collecting the data the service owners defines what they should measure, it is driven by the business requirements, vision, mission, Goals & Objective etc.. to perform this activity: o Map the activities of the service or service management processes that need to be measured. o Consider what measurements would indicate that each service and service management activity is being performed consistently and can determine the health of the process. Identify the measurements that can be provided by the existing tools (service Management tools, Monitoring tools, reporting tools etc), Process Maturity & Organizational G&O CSI would use this as input to identify the Improvement opportunities: o Service Reviews: Feedback from Service Reviews and Service Reports should to be reviewed periodically (quarterly recommended) for Service Improvement opportunities. This should include service breaches that have occurred for a given period of time. o RCA and Trend Analysis o Customer Feedback: Consider engagement Specific feedback and customer satisfaction responses for improvement opportunities. Significant variations in satisfaction levels should be investigated and understood and should be considered as an input to service improvement. o Customer Complaints : Customer complaints should be analyzed periodically (quarterly recommended) to identify trends and improvement opportunities o Internal/External Audits and Assessments: Non Conformances and Observations reported as a part of internal/ external assessments have to be analyzed to feed into Service Improvement programs. o Organizational/ Group Level Improvement Plans: Organizational/ Group Level improvement goals and objectives should form an input to service improvement program. o Process Metrics: these metrics are captured in the form of CSFs, KPIs, Service assurance and activity metrics for the service management processes. These metrics can help determine the overall health of a process. CSI would use these metrics as input in identifying improvement opportunities for each process. Page242of 531 o Process Compliance, Quality & Value: Are the process being followed? How well the processes working? To meet its objective, Is this making an difference in terms of effectiveness and perceived value of the process to the stakeholders and IT Staff. Plans for Service Improvements Analyze and Evaluate Service Improvement Opportunities The data gathered is processed & Analyzed to identify the service improvements Positive/Negative trends and the cause for the trend are identified Corrective & Preventive actions are identified Analysis should include cost benefit analysis of implementing the improvement proposals Evaluation of Service Improvement proposal should also consider : o Contribution of the proposal towards meeting engagement’s Service Improvement objectives o Improving productivity, reduced cycle time and greater customer satisfaction o Potential barriers and risks in implementing o Cost and impact of service breaches Evaluation of Service Improvement proposals should lead to : o the proposal being submitted for improvement of Quality System o the proposal being recommended for implementation o the proposal being rejected o the proposal being transformed to a large process improvement initiative at a group level or organizational level Prepare Service Improvement Plan Based on the analysis and evaluation, if the proposal has been recommended for implementation, prioritize and categorize improvement initiatives. Prepare/ Update Service Improvement Plan to include the Service Improvement actions based on priority. Service Improvement Plan should typically include the following : o Area for improvement o Predicted service quality goals and objectives/ service targets o Schedule for implementation o Resources responsible for implementation o Data Collection requirements Page243of 531 o Additional monitoring requirements if any Service Improvement targets/ goals should measurable. If required, process/ technology metrics should to be designed. Service Management tools, ticketing tools, reporting tools, existing reports should be enabled to collect data on Service Improvement. Implement, Monitor and Review Service Improvements Before implementing the Corrective & Preventive action plan for improving the service, service performance details and service levels should be recorded as a baseline against which the actual improvements can be compared. Service Improvement actionable should be deployed as per plan. Monitor the Service Improvement activities and collect required data as per planned frequency and compare against established targets. Review progress of Service Improvement actions during Service Reviews (Monthly/ Quarterly) and draw up action plans if there are any foreseen issues. Analyze trends of processed data to verify o If service improvement actionable is operating as per plan and targets are achievable o If there are any corrective actions required o Implement corrective actions wherever required to meet service improvement targets. o Reports should also be produced on the progress and success of the SIP, such as the number of SIP actions that were completed and the number of actions that delivered their expected benefit and presented during Service Reviews. Measure Service Improvement Results Measure the actual effort, schedule and cost (if applicable) for deploying the service improvement. Record final service Level targets and performance Maintain records of these metrics The consolidated results/benefits of implementation of service improvement actions should be reviewed in the QICs / MRMs Work Items/Outputs Service Improvement Plan Service Reports on Service Improvements Minutes of Meetings Page244of 531 KPIs Number of Service Based Improvement Initiatives as agreed Number of Service Based Improvement Initiatives as agreed Number of initiatives planned and Implemented, at least 2 SIP’s related to services per annum Number of process Improvement Initiatives as agreed Number of initiatives planned and Implemented, at least 2 PIP’s related to IQSMS per annum Number of received customer complaints Number of complaints received each month Number of received customer complaints which Number of complaints received each month were accepted as justified Summary Tasks Responsibility Identification of Improvement areas Delivery Manager Plan for service Improvement Delivery Manager Monitor and review implementation Plan Delivery Manager Abbreviations IQSMS - Integrated Quality and Service Management System CSI - Continual Service Improvement SIP - Service Improvement Plan PIP – Process Improvement Plan Knowledge Management Goals and Objectives The Goal of Knowledge Management is to be a globally admired Learning Organization that enables seamless exchange of Knowledge across our diverse Workforce, Partners and Customers, thereby fostering Innovation and Efficiency. Page245of 531 The purpose of Knowledge Management (KM) is to ensure that right information is delivered to Staff & business users at the right time. The objective of the SKMS is to enable decision making ability by ensuring reliable and secure information & data is available. Scope Scope includes the management of knowledge, distribution and maintenance of knowledge which derives from Knowledge Management System. This process is applicable to all Information & knowledge listed in KMS E.g.: Best practices Re-useable components Proposals Whitepapers Case studies Sales documents Technical and troubleshooting documents Pre-Sales Material Entry criteria and inputs Information or artifacts submitted for inclusion into Knowledge management system. Below mentioned are the few inputs into KMS: Business Unit Staff Business Users External Source Tools Below mentioned are the few inputs to the system: Best practices/whitepapers from various business units Project artifacts/deliverables Project closure documents Proposals Links to external Manuals/Journals Page246of 531 Technical Trouble shooting Tips Activity Details Information Submission Submission of Information / Knowledge artifacts into Knowledge Management System (KMS) be performed by Staff, Business Users & Service Providers. The Information flows from different business units, Process, tools etc into KMS. Valuable information flows into KMS from external sources in the form of links to Journals and Manuals Information is submitted into KMS tool via web submission Information Categorization and Classification Information / Knowledge submitted into KMS system is classified and categorized according to business unit and defined data model of KMS. MIT Eg: o White papers o Best Practice o Proposals o Project Closures o White papers o Best Practice o Proposals o Project Closures o Technical Write-up o White papers o Best Practice o TIS/SI IAS ES Information and Validity Capture Page247of 531 Information submitted is captured in the KMS tool by providing the below mentioned metadata details. These metadata defines the search mechanism inside the KMS tool. Metadata Fields: Title Validity of the document Brief Description Keywords Information / Artifact Approval The information / artifact submitted be reviewed, based on technicality of the document, and approved by the preset approver who is configured in KMS tool A mail is triggered for the approver to review and approve the document Approver rates the document and either approves or rejects the document providing the justification A mail triggered to the submitter updating the status of the document Approver mapping Matrix (not exhaustive): Content Experts Technical Content Technical expert of respective domain Quality Document(business specific) Respective Quality head PMO PMO head Project Specific Submitter Supervisor On app Dupli db a o h fo ation f it is duplica d info ion o has a op h p rmission h n h info and a o unic ion ail is d fo h submit r. a ion submit d is alid Copyright o al h info R i T Knowledge Available for Use d and appro d info nfo ion is d le d ation is ade a ailabl in MS tool fo usa ation a ailabl fo us fo h u s an be us d onl the autho i d us s Customer specific information is masked by the KMS team before it is made available for use Page248of 533 Knowledge Transfer Knowledge transfer is a activity which focuses on sharing and utilizing the knowledge available on KMS. Once the document is available for use, Knowledge Transfer happens in different ways Document showcased and listed in respective folder. E.g. Services -> MIT -> MIT Best Practices, Sales docs, Case Studies, White papers, etc Value Packs – Documents of same group (technology) are clubbed together and mailed to target audience belonging to respective technology. E.g. ASP documents are clubbed together and mailed to ASP users Communities – Communities exist inside KM system, Communities is a place where likeminded people or people working in same technology get together online and discuss and debate on any topic Chats – Chat sessions are conducted on a regular basis on and need basis where an expert is available online at a pre set time and date to answer any queries. People login to the chat and ask questions to the expert. All chats are moderated chats i.e. all questions raised go to a moderator who in turn passes these question one after the other to the expert. This process is done to avoid irrelevant questions going to expert. A transcript is created after the chat and is made available in the KM system for reuse later Blogs – Blog is a place where people get together and share their opinions on any topic, the difference between community and a blog is communities and normally closed which means that I need to be a part of the community to contribute/discuss inside a community whereas blog is open to all Knowledge Maintenance A report is run in the background by the technical team of KMS on a quarterly basis The Validity date provided by the submitter be used to archive the expiring data from the tool Upon request the archived data is made available for the requestor Report checks for documents residing in the KM system and pulls out documents with same Title, same File size KM team then checks these documents to validate the content if these documents are the same Duplicate documents are then deleted from the KM system Knowledge Evaluation & Improvements Rating & Feedback is the method which is used to measure the information / knowledge used Report is generated in the backend based on the rating & feedback method to get the list of documents which are not in use Page249of 533 The list is evaluated by the regional KM Team to retain the documents or to delete During this process the regional KM Team members take the list to the respective authors and take a feedback from the author, the author then decides whether to retain or delete the document. The rating system is also used during the search; the maximum rated document is first searched to match the keyword Once the document is used and closed by the user there is a pop-up which captures the comments from the user Work Items/Outputs Service Improvement Plan Service Reports on Service Improvements Minutes of Meetings Information Architecture The information is classified and stored as per the business unit and the metadata classification available in the KMS tool The below snapshot provides the brief structure of the KM architecture Exit Criteria / Output All assets are collated and made accessible in the KMS Tool Updated Knowledge Management Database Expired Information Archival KPIs Improved accessibility and management of standards and policies Knowledge dissemination Reduced time to find information for diagnosis and fixing incidents and problems Summary Tasks Responsibility Data/ Information Identification Business users, Knowledge Management Team Information Categorization & Classification Business Users, KM Team Information & Validity Capture Business Users, KM Team Page259of 533 Information/ Artifact Approval Authorized Approver Knowledge Available for Use KM Team Knowledge Transfer KM Team, User Knowledge Maintenance KM Team Knowledge Evaluation and Maintenance Km Team Verification Review of Collated inputs for Knowledge Management Database Release & Deployment Goals and Objectives The goal & objective of Release and Deployment Management is to deploy releases effectively into the production environment with minimal impact on the production services and operations. Scope: The scope of release and deployment management is to plan, build, package and deploys releases effectively into the production environment. The scope is applicable to the services as agreed in the SLA / SoW. Entry Criteria / Inputs Registered RFC Release Policy Activity Details Planning phase Develop plan for Deployment A detailed plan is to be derived prior to deploying the release into the production environment. While designing the plan, the following points should be considered to; Scope and the reasons for the release (eg: Scope is to roll-out Microsoft OS patches to all the Windows servers in the Datacenter to minimize the security threat aroused due to the “ABC” vulnerability) Page251of 533 Risk assessment of the planned release- Refer risk management process Various services, departments and users (internal/external) who might be impacted with the release Effort and cost perspective of deploying the release Team that is responsible for deploying the release into production environment Stakeholders that approved the change request for the release & or deployment Engagement plan with various stakeholders to design the deployment strategy, resource planning and controlling changes in the plan. Pass / Fail Criteria to be defined at identified phases E.g.: o Pass Criteria: OS Test Patch passed its test successfully o Fail Criteria: Service Acceptance Criteria are not met, Mandatory o Documents not signed off It may be noted that for an emergency release (the change approved through an emergency CAB), the implementation plan may not be as detailed as compared to other releases. Also, the testing might be done as per applicability and as per the policy of the customer. In similar lines, the implementation plan for any minor release also might not be exhaustive Develop plan for Build and test A detailed plan needs to be drawn to derive; What and how to develop the build What and how to test Identifying a controlled test environment (test-lab) The test planning must be in sync with the planning carried out during the service validating and testing process The activities for this might include; Developing the build plans, design the specifications and environment configuration requirements (for test lab) Establishing logistics requirements and lead time to setup the test environment Testing and build procedures Scheduling the build and test activities Assigning resources and defining Roles and Responsibilities to perform key tasks such as; technical support, plan for build and test environment, security procedures & checks, software asset & license management, maintaining test data / results etc Page252of 533 Configuration build and base lining Develop Plan for Pilot Developing a plan for pilot can be appropriately planned and is carried out as a sample test involving a limited user base / CI before the actual release is rolled out across the whole user / asset community. Ensure appropriate scope for pilot is chosen as it actually reflects the success of a full rollout (like how much of the CI is to be included in the pilot, size of department or user base etc). Too small scope might result into insufficient functionality and a too large scope might not meet time-lines and flexibility. Post the pilot, it is always advisable to collect feedback on the effectiveness of the deployment plan. The feedback can be sought by; Surveying views from users, customer, supplier and service desk Analyzing statistics from service desk calls, capacity and availability Planning for a pilot might be influenced by factors like Speed, cost, risk, correct representation of the population etc. Develop plan for Release Packaging Planning release packaging would define activities needed to develop a mechanism, plan and procedure for the following elements; Managing communication by maintaining a list of contact and their details Training plan for the resources Ensuring relevant agreements and contracts are in place Agreeing the delivery schedules and handling any changes and delays Developing the service management capabilities and resources for: o updating service information Eg: Service Catalogue, release documentation o Operating & Handling the predicted Capacity required for support o Capabilities to support new or changed services Developing procedures for Build, copy, promote, distribute, audit, install, activate a release and Managing software licenses Assessing the readiness of the target deployment group to take a release(CI, Customers, users and Service operations staff) Develop plan for deployment, rollback/remediation Below are few of the basic points that need to be thought through and planned while planning for deployment; Page253of 533 What, why, where, how and when to be deployed, which includes the logistics and delivery plans Who are the impacted users / CI’s Typical Lead Times and Managing the delays What are the various components that make up the release Do we have a concrete remediation plan Does a detailed communication charter in place Has the deployment schedule is planned taking into consideration of business criticalities, holidays, shutdown etc. Who needs to be prepared well in advance for the release Sufficient awareness / technical competency is built for the team responsible for release A detailed rollback and remediation plan is prepared to ensure that in case of any eventuality, the respective system/service is brought back to earlier state (rolled-back) or brought back to a stage which is acceptable to the business (remediation), respectively. While designing a rollback/remediation plan, the following elements need to be taken into account; You have a complete and relevant understanding of the “last known good stage” (baseline) Appropriate back-up of the data is in place The rollback/remediation plan is tested and verified Appropriate technical and operational documents are available The rollback/remediation plan take into account adequate time to address any eventuality Once the above planning is prepared, the RFC along with the plans are passed to Evaluation process for evaluating the predicted performance levels. The report of evaluation process is provided to the Change Management process for approval of the RFC. Prepare for build, test and deployment Once the RFC is approved from the CAB/change manager, the preparation stage for for build, test and deployment is initiated. The preparation stage involves preparing and planning for adequate hardware / software, human resources, training schedules for the identified resources, preparation of release notes, assign and scheduling the release activities. Build During the build stage, the following key points needs to be managed to; Acquire configuration items and components necessary for build & Test Usage & Effective Management of the build and test environment Page254of 533 Managing the configurations like; o Version control o Recording the complete build to rebuild, if needed o Maintaining evidence of test result and reports o Managing environmental issues like space, cooling, power etc o Ensuring pre-requisite are met before the build and test activities Eg: Security Requirements, access rights etc Purchase request & Ordering All required documentation to be prepared / Collected form relevant Internal or External Stake Holders, supplier etc which are necessary and required to handover for operations team Once the release is built, the same is passed on to Service Validation and testing process. During the Validation and testing stage, the release build is tested for its appropriateness. The change management process is invoked for further authorization to go ahead with the release packaging. Release Package The release is packaged post incorporating relevant inputs from the validation and testing process. The Release packaging would be done in line with the release policy of the customer and also the type of releases. The key activities while building a release package are; Create the build and release documentation having; Build, installation and test plan How to monitor and check the quality of release The automated or manual process and procedure to distribute, deploy and install the release into the targeted environment Rollback/Remediation procedure Install and verify the release package Communication to relevant team on the readiness of release package Perform Pilot The actual pilot rollout is carried out during this stage as per the pilot plan drawn earlier. The pilot deployment would allow detecting failure / malfunctioning of any of the component that makes up the full release thereby reducing the risk and pre-empting the performance issues that could come up while doing a full deployment into the production environment. During the pilot, the release and deployment team should consider the following points; Page255of 533 Readiness to invoke a contingency/recovery procedure Invoke key people involved in the full release Ensure the team involved in pilot and adequately trained and they are aware of their roles & responsibilities Availability of necessary operational and technical documents pertaining to the release Discover and fix issues and errors that might come up during the pilot stage to arrest future errors or issues in full deployment Prepare Deployment This stage readies the deployment group for actual deployment of the release. During this preparation stage, the implementation plan is tweaked/modified as per various inputs from earlier process steps. The entry criteria for preparing the deployment group might include whether the deployment stakeholders are committed to their respective task in the complete deployment cycle. The activities might include; Risk mitigation plans Developing transfer/transition, upgrade, conversion, disposal & retirement plans Assigning resources for early-life support, if any Logistics and delivery planning like availability of right spare at the right time, availability of media / software / licenses. Site preparation wrt environment like cooling, power, access, security etc Communication to the stakeholders on the change and the expected benefits Mobilizing the Service Operations and Support staff Mobilizing the users to be ready to use the service Deploy the Release Deploy the release into the target environment and carry out activities to distribute and deploy the release. This include; Deploying the release at the correct location and time Building, installing and integrating the release into the production environment Testing the system and services according to the acceptance tests and producing the necessary reports Recording any incidents, unexpected events, issues or deviations from the plans and take appropriate actions The actual performance is evaluated through the evaluation process. Page256of 533 Execute rollback/remediation A decision to whether a roll-back is required is taken by the Change Management (CAB) post evaluation report from the evaluation process In case the deployed release needs a rollback/remediation, the roll-back/remediation plan is executed to bring back the system/service into the earlier state or to bring the system/service into a more acceptable level. Various reasons that could initiate a roll-back/remediation plan could be; The release is crossing the change timelines The release is unable to be deployed due to technical reasons The release has failed to meet the expected results Handover and Communicate Post the release is successful and the early-life support is provided, appropriate communication is released as per the communication plan to respective stakeholders. A detailed handover and knowledge transfer along with relevant documentation and training as applicable is passed on the service operations team to support the changed infrastructure in the sustenance stage. Change Management process is invoked for a formal closure of the release and PIR Recommendations While deciding the release and deployment timelines (change window), it is suggested to incorporate the time duration that might be needed for executing roll-back/remediation activities Work Items / Outputs Release and deployment plan Build and Test Plan Rollback/Remediation plan Handover documents Risk Management Template KPI’s Variance from service performance Summary Tasks Responsibility Develop plan for Deployment Release Staff Develop plan for Build and test Page257of 533 Release Staff Develop Plan for Pilot Release Staff Develop plan for Release Packaging Release Staff Develop plan for deployment, rollback/remediation Release Staff Prepare for build, test and deployment Release Staff, Customer Build Test Team, Users Release Package: Test Team, Users Perform Pilot Release Staff Prepare Deployment Test Team, Users, Release staff Deploy the Release Release Staff, Customer Execute rollback/remediation: Release Staff, Handover and Communicate Release Staff, Service Asset and Configuration Management Goals & Objective The objective of Services Asset & Configuration Management process is to maintain a database and tracking movement of all the IT Assets in ESIC from acquisition to disposal of the product. To set a process for Inventory management & effective tracking of Assets. Scope&Definition To Prepare CMP, identification, labeling recording, maintaining, reporting and verifying of CI and IT Service Assets, including their versions All IT assets of ESIC, including hardware, software, licenses and data communication components in scope. Scope for the IT FM operation be limited to all IT assets deployed by Current Service provider Ltd. or through any vendor of Current Service provider Ltd. Page258of 533 Definitions Service Asset Any component of a business process Process (Incident Management, Change Management etc.) Organization (Experience, Reports) People, Information, Applications, Infrastructure Financial Capital Configuration Item (CI) A CI is an asset, service component or any other item under control of Configuration Management. CI can be hardware, licenses, software, active/passive network devices, servers, Services, documents and other IT components controlled by IT,. CI can be any of the following types: Internal CIs – Software that is required to maintain and delivery the service & Infrastructure External CIs, e.g., agreements with customers, releases/Services/Sub-Contractors from Suppliers Interface CIs; Required for service delivery across service provider interface Organizational CIs, e.g., Business Policies. Service CIs, e.g., Processes, Knowledge, Financial Capital, Release packages Service lifecycle CIs, e.g., Business case, Release plans, test plans, Service Lifecycle Plans etc. . Entry Criteria / Inputs Service Request (IMAC) Approved RFC Missing CI Information Verification and Audit Gaps Configuration Management Plan Measurement System Name of the Measurement Tool: BMC Remedy tool / Asset Register Page259of 533 Activity Details Prepare / Update CMP The SACM Manager (Asset Manager) decides the framework and the level of configuration management required for the service and the project. The Plan provides the guidelines which help SACM Staff (Engineers)to start off with the activities. Refer the CMP Plan attached herein template section. Identification / labeling All IT assets be tagged with unique Asset TAG. Asset Tracking be done through the unique Asset Tag. Naming Convention for Unique Asset Tag. o Asset Tag contain 21 characters o Asset Tag is split in to 3 parts as mentioned below : Site Code Asset Type Sequence Number 14 Characters 2 Characters 5 Numeric Numbers o Site Code ( A unique number) o Asset Type For : Server (Windows); SW Server (Linux): SL Network Switch : NS Router : RT Firewall : FL Tape Drive : TD Storage : SD Backup Devices: BD IPS/IDS/Gateway/Load Balancer: IS (IPS); S(IDS),IG(Gateway),LB(Load Balancer) Printer: PI Scanner: SC Page260of 533 Biometrics: BM Voice Phone: VP N-Computing: NC Desktops: DT UPS: US Inverter: IR o Sequence Number : o 5 digit numeric number in running series Recording After Classification and Labeling, the new CI is updated in the BMC Remedy Tool or asset register by Asset Manager. It is now considered under Configuration Management control for any further modifications the Configuration Control procedure involves notification of the changes in the IT Infrastructure Components (CIs) by the Operations Manager through RFC. Configuration Control Asset Engineer should perform the following activities as a part of Configuration Control; o Updating Asset Register on monthly basis, BMC Tool with regard to: o Status change that occurs to CIs o Attributes o Changes in ownership of CI o License control o Deletion of Asset/CI. Asset Engineer updates asset register/BMC Remedy on the basis of SR calls logged for new installation, Movement and deletion of CI’s and on the basis of approved RFC to ensure accurate information is available and records the baseline. Backup of CMDB data is taken every fortnight. Relevant Policies and procedures is adhered to while adding, modifying, replacing or removing a CI/Asset record (Please refer CMP) Status Accounting & Reporting Page261of 533 Configuration status accounting & reporting activities be performed by Asset Engineer throughout the lifecycle of the service in order to support and enable an efficient Configuration Management process. The status of items under Configuration Management be made available throughout the lifecycle CMDB database be owned by SACM manager and Asset Engineer maintain configuration records through the service lifecycle and store them according to Service level Agreements. The different status of the CI’s & Service asset has been defined and agreed with the customer The Typical status of CI’s including one or more of the following: Production / Live Test Under Procurement EOL ( End of Life) / Disposal Development Under Transfer Status reporting provides the current and historical data concerned with each CI that in turn enables tracking of changes to CIs and their records, i.e. tracking the status as a CI changes from one state to another, e.g. development to Live to EOL Managing the recording, tracking, retrieval and consolidation of the current configuration status and the history of all preceding status to confirm the information correctness, integrity, completeness & Security. Ensuring that changes to configuration baselines are properly documented. SACM record and document changes made to CIs in the section of its lifecycle agreed be controlled by SACM. Customized report be provided to Customer as per the agreed requirement; Service Asset wise report / CI wise report Base lined Reports as applicable Details of Current status and history of the CI Variation from CMDB database to Physical CI’s reports Page262of 533 Reports on unauthorized usage of Hardware and Software Verification & Audit Physical Verification activity to be done on a frequency of bi-annual basis and discrepancy found should be updated in <tool>. The Configuration management Audit is to be planned on a quarterly basis. Please refer Configuration Management Plan, as the Audit Plan has been incorporated over there. Configuration verification & audits is been carried out by Asset Manager at site to verify the CI’s attributes and historical recorded in the <tool> match with those attributes that are actually available. Audit summary report is prepared on the audit conducted. Exceptions be noted and asset manager present the audit report to National Program Manager/Program Manager/ Program Lead. Audits should verify that correct and authorized versions of CIs exist in operation. To ensure that any change to the CI is performed through Change Management Process. Any deviation & discrepancies observed during the Audit should be recorded & reported. The relevant Corrective and preventive actions should be taken against this as a part of continual service improvement Monitoring & Tracking The asset engineer or the configuration Manager continuous monitor the CMDB / Asset Register for any changes and ensure appropriate updates to the CMDB / Asset Register The SACM process owner monitor the process for efficiency, correctness and effectiveness by means of follow ups on reports & KPIs. Ensure that the gaps identified as audit reports are closed by making appropriate updates in database in case of minor gaps or by referring them to CAPA for all gaps. The configuration manager also recommend the appropriate changes to Change management for updating procedures, guidelines, or policy if deemed necessary. KPI Exceptions Reported during Physical Verification Reduction in number of non conformances/ exceptions raised in successive audits. Expiry of hardware and software licenses Hardware and software information from all the desktops and servers on monthly basis Total install count of software products in the enterprise on monthly basis. Differences during the scan on monthly basis Page263of 533 Reports Physical Verification Report of IT Assets Hardware and Software Compliance Report Asset Register Software Inventory Report IMAC trend Report Summary Tasks/Activities Prepare CMP Plan Responsibility (RACI) R – Asset engineer A-Configuration Manager R – Asset engineer Identification & Labeling A - Configuration Manager I –Program Lead R – Asset engineer Recording A - Configuration Manager I –Program Lead R – Asset engineer Configuration Control A - Configuration Manager I –Program Lead R – Asset engineer Status Accounting & Reporting A - Configuration Manager I –Program Lead Page264of 533 Tasks/Activities Responsibility (RACI) R – Asset engineer Verification & Audit A - Configuration Manager I –Program Lead Supplier/ Vendor Management Goals and Objectives The Goal of the Supplier Management process is to manage suppliers and the services they supply, to provide seamless quality of IT service to the business, ensuring value for money is obtained. The Supplier Management process should ensure the roles & responsibilities of all the suppliers are clearly defined and adhered to provide the IT service. Supplier management process should include the management of all under pinning contracts and agreements needed to support the IT service and also to ensure they perform to the targets contained within the contracts and agreements. Scope The scope of supplier management includes the management of all suppliers needed to support the IT services to ESIC. Entry Criteria/Inputs SLA, OLA & UPC Changes in Business policy, Strategies Supplier plans & Strategies Supplier Contracts & Agreements Incident Management Problem Management Capacity Management Activity Details Page265of 533 Identify Services which needs supplier support All IT services required by ESIC at any point. However, Current Service provider has a right to identify and qualify the requirements. Program lead/manager can only initiate the request along with the business case and approval be taken from Program Director. In case of Device replacement/ up gradation which is not in scope of Current Service provider/ESIC where vendor is solely responsible for the activity. Current Service provider Team take the customer concurrence 80hrs. Before the activity & notification mailer to be sent 72 hrs.in advance to all stakeholders which includes customer too. Identify supplier from supplier data base Based on the feasibility study and ESIC requirement. Current Service provider identify the supplier from the existing supplier contract database (SCD) which is available with Current Service provider backend team. If the existing supplier does not meet the requirements, Vendor Manager and/or Program Lead with approval of National Program Manager/Program Manager /Program Director to facilitate in finding a new supplier. Request for a proposals (RFP) are obtained by Asset Manager and/or Program Lead from multiple suppliers, perform screening and shortlist the suppliers. Submit the service requirements Based on the business needs the requirements Current Service provider place to the prospective vendor and the proposals be obtained. The RFP shall include o Detailed Service Requirements Service Support Window Service Delivery and Provisioning Details Service Level Requirements o Proposal Submission date (Latest by) o Proposal document format o Number of print copies required o Client contact o Supplier/vendor Selection Process o Type of billing response expected - Time & Material or FPP o Acceptance Criteria o Penalty clauses Page266of 533 Receive RFP and perform supplier screening The proposals/responses to RFP from Supplier/Vendors should be collated. Each proposal should contain Supplier/vendor contact person and contact details Supplier/Vendor's Execution Approach Schedule Terms and Conditions Cost details for the activities Payment schedule for the above cost Billing details like billing address, address to, bank details, etc. Adherence to Penalties, Warranty, Acceptance Criteria Dependencies and assumptions The Supplier/Vendor(s) screening is performed, the parameters should be based on the factors that are important to the success of the program. Typical selection criteria for comparing similar ranked suppliers include but not limited to o Technology requirement of project, o Service Level Agreements with ESIC, o Cost o Advantages, disadvantages of suppliers o Company profile o Past experience o Adherence to RFP instructions o Project Management Approach o Service Quality o Risk Identification Based on the evaluation and review process, supplier/vendor(s) should be selected for providing the service. Discuss & Negotiate (SLA, OLA & UPC) Supplier is assessed based on the selection Criteria and called for discussion. SLA/ OLA & UPC and commercial which include pricing, payments and penalty clause are discussed during the phase of negotiation. Review/Validate SLA Page267of 533 The RFP received is reviewed by concerned authority in consultation with National Program Manager/Program Manager/ Program Director and approved before sign off and implementation of the agreement. Sign contract with Supplier NDA has to be signed by both the parties subject to legal approval before signing the contract agreement. In cases where the supplier/vendor is already with the organization and an amendment to the existing work or a new work is allocated to the vendor/supplier, the SOW should be amended / signed as an acceptance by both parties. The Business Finance Manager/Vendor Manager shall develop the contract /SOW to be signed with the supplier/vendor as per SOW template. The contract should typically include o Standards and procedures that be followed o Contact details of both project and supplier, on who are responsible and authorized to make changes to the SOW o Procedures for handling changes in requirements; o Roles and responsibilities & escalation mechanisms for resolution of issues(from both Current Service provider and Supplier/vendor Side) o List of issues, risks, dependencies between project and supplier/vendor o Procedures and evaluation criteria for monitoring supplier/vendor performance o SLAs for services being offered o Type of reviews that be conducted with supplier (both technical and status reviews) o Warranty, ownership, and usage rights for the acquired products o Acceptance criteria and acceptance review procedures for deliveries from the Supplier/Vendor o Procedures/action plan for deliverables that do not pass acceptance test Update Supplier database Supplier database shall be updated by Vendor Manager/Current Service provider backend team as and when required and new identified supplier has to be updated simultaneously in the SCD on signing the contract. Monitor & Report SLA performance The performance be measured on a monthly basis; the supplier meet and share the performance report. Discrepancies be addressed in the monthly review and arrive the corrective action to improve the service. Monthly reviews should include senior management from supplier. MOM to be documented and released for monitoring and closing the open issues. Page268of 533 Note: For vendor review tracker please refer template section. Any Deviations Any deviation on the SLA by the supplier be tracked and brought to the notice of the supplier in the event of non performance, meeting should be conducted along with Program Lead/Program Manager/National Program Manager and opportunity be given to the Supplier to improve the service. Issue a notice to a supplier In the event of continuous non performance/breaches Supplier should be issued with early termination notice by Current Service provider. Initiate a termination after a next review After a review, contract may terminate with necessary formalities. Contract due for renewal Based on the performance of the supplier during the calendar year/agreed periodicity decision on retaining the supplier be decided and feedback be provided. KPI’s Number of service breaches caused by suppliers SLA adherence by the vendor/supplier Number of review meetings on time Work Items/Outputs SLA and UPC Supplier review MOM Supplier improvements plans (RCA, CAPA) Supplier performance reports. Summary Tasks Responsibility Identify Services which needs supplier support Program Lead Identify supplier from supplier data base Program Lead Submit the service requirements Program Lead Page269of 533 Request for RFP and perform supplier screening Program Lead/Asset Manager Discuss & Negotiate (SLA & Cost) Program Lead Review/Validate SLA Sign contract with Supplier Update Supplier database Asset Manager Monitor & Report SLA performance Asset Manager Issue a notice to a supplier Program Lead Initiate a termination after a next review Asset Manager Contract due for renewal Program Lead Business Relationship Management Goals and Objectives The purpose of this procedure is to understand the business needs of ESIC and thereby enrich ESIC satisfaction and build a sustaining good relationship with ESIC. Scope Regular interaction for devising ESIC focused service and maintaining it consistently. Inputs, Outputs Inputs SLA: The service level targets (Incident Management, Change Management, Service Requests etc.) which is used to seek feedback from ESIC. Customer requirement: The various requirements from the customer form a crucial input for this process. These inputs form the basis of delivering the services accordingly to ESIC. Incident & Problem Management: This process would give inputs on the incidents and problems reported for discussion with ESIC Business Relationship Manager shall discuss and agree with the customer the structure of the Governance Board, which shall govern the stakeholders, reviews, Roles & Responsibilities etc. The Business Relationship Management comprises of 3 Blocks Service Review Customer Complaints & Customer Satisfaction Page270of 533 The details of various types of Service reviews, schedule of reviews, frequency of reviews & their participants are available in communication plan, which is provided in templates section in this document. Service Review Understand ESIC Requirements, Discuss & Finalize on Schedule & Review Understand the scope of the service to be rendered to the ESIC, the service level targets expected by ESIC. The next step is to discuss and finalize the scope & Schedule of the review with ESIC. The scope should include the service being provided to ESIC. Communicate Confirmed Scope & Schedule The scope & schedules of the reviews have already been mutually decided by Current Service provider & ESIC. (BRM Communication Attached herein in templates section) Conduct Service Reviews The review with ESIC conducted with respect to the service delivered, Issues and risk involved in delivery the service or meeting the service levels. The feedback/complaints received from ESIC on the services delivered are crucial input which shall be recorded and tracked for further improvement in Service Delivery. The review should be based on factual data. Prepare MOM / Action Plans & Circulate to the Attendees Minutes of Meeting (MoM) is prepared capturing the main points of the discussion. The action plan for the areas of improvement based on the feedback/complaint is prepared. The action plan should clearly state the action items for each of the improvement areas (feedback) with the responsibilities and the timeline. If agreeable to change scope of work and the improvement is possible then Include Changes in SLA. If the change is not agreed/ not possible, update the customer and continue to perform. ESIC Complaints Finalize Process to receive and resolve ESIC complaints ESIC/ Internal customer-facing employee raise concern/ complaint, those which remain unresolved through regular channel of Service Delivery, either through phone/ email/ web/ letters. Awareness of Escalation Team (Customer Advocacy) is communicated through various communication media to both ESIC & internal ESIC-facing employees. Complaints regarding Internal Support Functions not be a part of PITSTOP. Record customer complaint in a complaint log Page271of 533 The complaint is registered in “Pit stop”, Complaint Log Register, with necessary details i.e., the name of person who raised the complaint, contact details, complaint details, date etc. The complaint is classified according to Divisions/ Service lines and allocated to the respective service line for resolution. Customer Advocacy Team register the complaint in Pit stop & acknowledge the customer whereas account team maintain a separate complaint tracker for internal and management review. Note: All complaints be logged in complaint log as per the attached format in templates section. Analyze ESIC complaint and draw out action plans An initial investigation is conducted on the complaint to ascertain the issue, which helps analyze as to what type of issue it is and hence assist in drawing out action plans to resolve the complaint along with stakeholder/s. Schedule to close the complaint and provide resolution. Share action plans with customer The schedule and action plan for resolution of the complaint is shared with the customer and stakeholder/s. Monitor Resolution progress. Update ESIC and management The ESIC is informed about the status of the complaint and also with tentative duration for resolution of the complaint. Customer Advocacy team monitor the progress on the complaint resolution to ensure the complaint is resolved as agreed by the stakeholder & his team. Once complaint is resolved, a closing communication mail is sent to customer. Pit stop is updated accordingly. Conduct RCA on each of the customer complaints. Communicate CAPA to all relevant stakeholders The stakeholder from business/ service line owner along with his/ her team perform an analysis (if required) to ascertain the Root cause of the issue. Once the root cause is identified, the corrective & preventive measure to plug future recurrence is identified by business. Re poll on sample closed cases (min 75%) of previous Qtr is done to check for satisfaction levels & to calculate the Satisfaction Index (Net Promoter Score) Customer (ESIC) Satisfaction Define Scope The scope of the survey has to be clearly defined by the management at Current Service provider IMS. This is applicable for both transactional as well as perception surveys. A clear guideline on how to interpret the survey questions, how to measure each question with the weightages has to be explained. Page272of 533 Conduct Survey & Generate Report The survey is conducted with the scope clearly defined. Both transactional as well as perception surveys are conducted Once the survey is conducted, the data received in the survey is collected and then collated in a desirable report format. Analyze customer feedback, conduct RCAs and draw out CAPA. The data is analyzed to understand the customer perception and the satisfaction level. The method of analyzing both the transactional survey and the perception survey must be different. RCA is performed to identify the improvement areas and action plan for corrective & Preventive measures are taken to improve the customer experience. The Action Plan is circulated all the stake holders & ESIC management The Perception Survey, to arrive at Customer feedback (as per attached template in Template Section) need to be conducted every six months. Monitor Progress and Provide updates to customer and management Business Relationship Manager monitors the progress of the action plan to ensure the closure of the action plan as per the agreed timelines and keeps customer & management updated on the progress. Perform Trend Analysis. Draw out CAPA and Initiate Service Improvement Programs. Share findings in QICs Business Relationship Manager performs a trend analysis on SLA achieved, based on service delivery, ESIC complaint log and C-Sat data. He/ She identifies the improvement areas, the corrective & preventive action plan are shared with QIC, Integration with Other Service Management Processes Service Level Management The review with the customer requires data from this process. Incident Management Information from Incident Management process and major incidents form vital inputs for the Business Management Process. Problem Management Outputs from Problem management process form vital inputs for the Business Management Process. The information on the problems (critical) is discussed during the review with the customer. Key Performance Indicators Page273of 533 KPI Measurement Reports Number of review meetings Planned review vs. Actual review A report should be generated every month Review actionable tracked till closure MOM and status update MOM Customer complaints closed against raised Customer Complaint Reports This should be a report which be generated every month No. of repeat complaints from ESIC in a quarter Customer Complaint Reports A report indicating the number of customer complaints should be generated every month. Number of repeat complaints needs to be tracked. C-sat rating C-Sat Analysis Report Overall rating for transactional or perception survey results Roles and Responsibilities Role Responsibilities Authorities Business Relationship Manager Ensure that the Process is meeting its Key Goal Recommend any improvements regarding processes, reporting, communication and training Plan process improvement activities and Maintain and enhance the process documents as and when there are changes to the process. Take necessary corrective action based on the feedback from the customer Monitoring and Reporting related activities Conduct reviews with the customer Report to the management regarding the status of the customer satisfaction Ensure the relationship with the customer is maintained and all issues are resolved within Page274of 533 Role Responsibilities Authorities acceptable time Ensure the reviews are conducted and the feedback taken Ensure the action plan generated after the review is implemented Ensure that the customer complaints are closed on time and necessary corrective action taken Business Management Coordinator Ensure that the action plan is implemented for the corrective measures Access to necessary documents and resources on service performance levels Participate in the Customer review Provide the necessary inputs in chalking out the implementation of the corrective measures Outputs C-Sat reports: These reports are a very important output of the BRM process. They are the cornerstone for further improvement in the services. Action Plan: Based on the feedback from the client the action plans for the corrective measures be generated. Net Promoter Score: Definition to be corrected. Abbreviations/ Definition C-Sat: Customer Satisfaction MOM: Minutes of Meetings SDM: Service Delivery Manager SLA: Service Level Agreement Service Level Management Goals and Objectives The Goals and Objective of Service Level monitoring, report and review are: To ensure that IT service is provided as per the agreed targets. Proactive measures are taken to identify and initiate service improvements Page275of 533 Monitor and improve ESIC satisfaction with the quality of service Scope The scope of this procedure is to monitor report and periodically review the service level performance vis-à-vis the agreed SLA. To deliver value to ESIC by consistently reviewing the performance and initiating corrective and preventive actions to minimize service variations where-ever necessary. Entry Criteria / Inputs SLA’s & UPCs SIPs RFCs New or changed service report requirement Process Flow Activity Details Service Level Monitoring and report (M) The service level monitoring is done on a regular basis to ensure that the agreed service levels are maintained. There might be various technical and operational reports which are generated on a daily / weekly / monthly / quarterly/semi annually and yearly basis to check the service deliverables and performance of the service levels as agreed Various inputs for defining the report requirements could be; 1. Mandate from SLA defined during the service level definition process. (Please refer contract document) 2. As an output from service Level changes which might happen from time to time through-out the service delivery programme 3. Business driven needs which could be business centric in nature and could be for a shorter time-period 4. Internal reporting needs for driving various improvement programme or for measuring the performance levels of teams/individuals/IT components etc While designing the service level reports, the following points need to be considered and ensured to; 1. The reports can easily be generated. 2. Explore possibility of report automation to minimize the manual effort thereby enhancing the report authenticity 3. The source of the report is so chosen that any low impact change on the source does not impact the report generation 4. The measurement metrics used for designing the service level reports are in line with SLA agreed upon. Page276of 533 5. The report generation time is so chosen that it does not load the IT infrastructure thereby degrading IT services 6. The reporting frequency and distribution methodology should be treated as a mandatory parameter while designing the Service Level reports 7. Business requirements 8. Internal Quality requirements 9. Is focused on improvements as well 10. There has to be sufficient intelligence built into the report so that further manual intervention is averted 11. The report provides sufficient enablers for decision making While publishing the reports, the following points needs to be taken care of and adhered to and signed off mutually; o Owner who would publish the report o Intended Audience (with names of the audience members) o Data source (eg: from which tool) o Validity of the report o Restriction on circulation o Reporting methodology; like e-mail, printouts etc Hence, it is ideal to maintain a Service Reporting Matrix that has all the above points captured in the same. It should be always taken care to provide statistical analysis while developing the reports. Appropriate analysis tools could be used for the same; some of them could be; o Pareto analysis o Minitab o Statistical sampling etc. o Bar / Pie Charts NOTE: All complaints and complements received during the sustenance stage is managed and acted upon through Business Relationship Management process. Review Service Levels, SLA, OLA and UPC Site In charge/ Program Lead /Program Manager should conduct weekly review meeting with internal team and / or ESIC management as required to understand any outstanding issues and incidents / problem / change tickets. A detailed minutes of meeting (MoM) to be prepared, circulated to stakeholders and action items to be tracked for closure as per the timelines defined for each action items. Page277of 533 Internal Service Reviews shall also track current Service Levels against agreed Service Levels. If threshold have been designed for certain SLA, then the same should be evaluated for any early warnings. The MoM action status of the activities as defined at the respective site should be reviewed against the plan. Plan for subsequent agreed period should be discussed with the team. Service Reviews with ESIC should be conducted at the agreed frequency (monthly). Respective reports and dashboards should be circulated to all relevant stakeholders in advance, within the defined timelines as agreed up-on, so that any queries can be addressed and discrepancies corrected to make the performance review effective. Service Reviews could also be conducted on event driven basis and actionable of such reviews should be tracked and closed for. Such reviews may not necessarily follow the standard review process. Service Reviews should also monitor Service Levels against Underpinning Agreements with respective suppliers as applicable. During Service Reviews, the following points could ideally be reviewed; but not limited to ; o Service Delivery performance against planned agreements o Current Service Levels against SLA o Customer Complaints, Appreciations and Escalations o Status against the identified risks and any additional risks foreseen o Critical / Outstanding issues to be addressed by ESIC for ensuring effective execution of the project o Supplier Management Report o Problem Management report o Configuration Audits o Change Management and Release Management summary o Action Items arising out of previous Service Monitoring Reviews Action items, which are not closed from the previous Service Monitoring Reviews, should also be tracked. Any issues and concerns which require to be resolved and which are not under the control of Service Delivery Manager / Program Head should be escalated to BU-Head. Minutes of the Service Performance Review meeting should be recorded and action items identified as appropriate. Action items for the support groups, Suppliers / Partners shall be identified if the SLA breach has been caused because of a failure of Underpinning Agreement. The consolidated SLA performance reports should be discussed with NPM. Page278of 533 The SLA and UPC should be reviewed periodically, at-least annually to ensure that they are still current and comprehensive, and are still aligned to business requirements Revise SLA and UPC Based on the review of SLA and UPC to check the relevancy of the targets, appropriate actions could be initiated to revise respective agreements, contracts and service scope. This would be initiated through the change management process. Handling temporary service breaches: Any temporary breach in service ( due to reasons like introducing a temporary or a new service, major planned shutdowns, a major change in the infrastructure etc that might cause temporary service breaches) should be formally agreed and communicated to the customers sufficiently in advance. These variations should be noted in the SLA reports which be discussed with the customers. These temporary variations in services should follow the standard change management procedure. Check for service level DEVIATION During the review, a check is made to ascertain whether there is a deviation in the service levels. If so an exception report would be prepared. – Service wise exception report (to be developed) Prepare Exception reporting If there is a breach in the SLA, then an exception report should be prepared for the specific breaches and a consolidated report should be published during the service review. Any service level breaches by a supplier (UPC) or internal team (OLA) should also be included in the exception report. The exception reports should be circulated to respective stakeholders and customer as per the defined timeline for them to initiate actions accordingly. Conduct RCA and initiate Service Improvement Determine the areas of service level breaches and identifying root cause for such breaches. There are various tools which could assist doing an effective Root cause analysis. Few such tools could be; o Ishikawa Diagram (Fish-bone diagram) o Pain-value analysis o Pareto analysis (for prioritization of causes identified) Based on the RCA and identified actions, initiate a corrective action for SLA breaches and preventive actions to arrest potential causes Page279of 533 For an OLA and UPC, necessary actions should be initiated through the respective owners who are responsible to identify and carry out the CAPA. All such actions to be tracked and recorded for effectiveness. Recommendations If there is a breach of service level and if the ESIC/Current Service provider management decides that the service level has become, unachievable based on RCAs and Service Improvement actions, it may be necessary to review, renegotiate and agree different service targets. The same needs to be mutually agreed with customer representative and signed-off. Any report which needs to be shared with ESIC should be approved by Program Director/Governance head and reviewed by Quality Head for the ESIC project. KPI’s SLA targets missed SLA breaches caused Because of third party support contracts (Underpinning Contracts) Identified risk to service delivery Work Items / Outputs SLA Adherence report with trend analysis Service Management Review (weekly / monthly / quarterly) Request for Changes of services Review meeting MoM’s RCA with action plan Summary Tasks Responsibility Service Level Monitoring and report Program Lead Review Service Levels, SLA and UPC Program Lead Page280of 533 Revise SLA and UPC Program Lead Handling temporary service breaches Operations Manager Check for service level deviation Operations Manager Prepare Exception reporting Operations Manager Conduct RCA and initiate Service Improvement Operations Manager Availability Management Goals and Objectives The Goals and objectives of Availability Management Process are: The aim of Availability Management is to ensure continuous availability of the systems and services in accordance with the Service Levels documented in the proposal. This is achieved by ensuring all services are underpinned by sufficient, reliable and properly maintained infrastructure. To define, analyze, plan, measure and improve all aspects of the availability of IT services. Availability Management is responsible for ensuring that all IT infrastructure, processes, tools, roles etc are appropriate for the agreed availability targets. Produce and maintain availability Plan that reflects the current and future needs of the business Provide advice and guidance to all other areas of the business and IT on all availabilityrelated issues Ensure that service availability achievements meet or exceed all their agreed targets, by managing services and resources-related availability performance Assist with the diagnosis and resolution of availability related incidents and problems Assess the impact of changes on the Availability Plan and the performance and capacity of all services and resources Ensure that proactive measures to improve the availability of services are implemented wherever it is cost-justifiable to do so. Page281of 533 Scope Availability Management is concerned with the design, implementation, measurement and management of IT Infrastructure Availability and Application availability, to ensure the agreed business requirements for Availability are consistently met. Availability Management: Should be applied to new IT Services and for existing services, where Service Level Agreements (SLAs) have been established with internal or external suppliers. Appropriately include those Services deemed to be business critical e.g. power supply (UPS), links in Network monitoring even if formal SLAs does not exist. Should include the suppliers (internal and external) that form the IT support organization as a precursor to the creation of a formal SLA. Includes all aspects of the IT Infrastructure and supporting organization which may impact Availability. This also includes appropriate aspects such as training, skills, policy, process effectiveness, procedures and tools. Entry criteria and inputs: The Availability requirements of the business for either a new or enhanced IT Service The Availability, reliability and maintainability requirements for the IT Infrastructure components that underpin the IT Service(s) Data on achievement of Service Level vis-à-vis agreed targets for each IT Service that has an agreed SLA Information from Incident and Problem records regarding failing Services or Components and frequency of failure of Services or Components. Monitoring and configuration data pertaining to agreed IT Services Activity details Identify Availability Requirements Requirements needs to be identified based on the following inputs SLA/SLR Functional and Technical Specification from service design Service Reports New Availability Requirement? Check if there is any new requirement for Availability from above points This can be done by verifying the availability requirement against SLA. (For example, any new Business requirement, change in existing services etc). Verify SLA for new availability requirements Verify the SLA for the following: Page282of 533 Verify SLA for current capability or availability provisioning abilities Understand if any new functions need to be covered under VBFs Understand the impact of new availability requirements on existing availability design. Identify Vital Business Functions Identify if any new VBFs or business critical elements of the business process supported by the IT services are being added as a part of the availability requirements. Design for Availability Prepare technical design of IT service and align the internal and external suppliers required to meet the availability requirements of the business. Technical design include infrastructure, environment, data and applications. One should conduct a Risk Assessment of the environment to ensure that all factors of the environment are considered as a part of the Availability Design. The design for Availability should also encompass the planned and preventative maintenance activities which enable the IT support organization to provide: Preventative maintenance to avoid failures Planned software or hardware upgrades to provide new functionality or additional capacity Business requested changes to the business applications Implementation of new technology and functionality for exploitation by the business Design for Recovery Prepare technical design of IT service to ensure that in the event of an IT service failure, the service and its supporting components can be reinstated to enable normal business operations to resume as quickly as possible. This can be done with the help of following methods: In order to remain effective, the maintainability of IT services and components should be monitored, and their impact on the ‘expanded incident lifecycle’ understood, managed and improved. This can be achieved by one or more of the following methods: Component Failure Impact Analysis (CFIA) Single Point of Failure (SPoF) Analysis Fault Tree Analysis (FTA) Service Failure Analysis (SFA) Risk Analysis and Mgmt Current Service provider uses component Failure Impact Analysis (CFIA) as a standard methodology to design recovery models for availability of a service or component. (Refer to the Recovery Design Guidelines document for more information) (Refer to the Expanded Incident Lifecycle Guidelines document for more information) Page283of 533 (Refer to Component Failure Impact Analysis (CFIA) Template for more information) Test Availability Design Once the design and the recovery criterion are Availability mechanisms needs to be tested in a regular and scheduled manner to ensure that they be available when actually needed. Some availability mechanisms, such as ‘load balancing’, ‘mirroring’ and ‘grid computing’, are used in the provision of normal service on a day-by-day basis; others are used on a fail-over or manual reconfiguration basis. It is essential; therefore, that all availability mechanisms are tested in a regular and scheduled manner to ensure that when they are actually needed for real they work. This schedule needs to be maintained and widely circulated so that all areas are aware of its content and so that all other proposed activities can be synchronized with its content, such as: The change schedule Release plans and the release schedule All transition plans, projects and programs Planned and preventative maintenance schedules The schedule for testing IT service continuity and recovery plans Business plans and schedules Requirements to be gathered again In the event of failure of Availability tests, Check if the requirements are to be gathered again to ensure that the design for availability meets the requirements and therefore ensure that the tests are conducted successfully. Monitor Availability as per defined matrices Monitor the actual service and component availability delivered versus the agreed targets and store all monitoring related data in the AMIS for further analysis and reporting. Analyze service and component availability Based on the data gathered and stored on the monitoring of service and component availability in AMIS, a detailed analysis should be performed on the availability targets versus the actual performance. Investigation of the monitoring data should also bring out the contribution of events and incidents to the impact unavailability of services and components, with remedial actions being implemented within either the Availability plan or the overall SIP (Service Improvement Plan) Trends should be produced from this analysis to direct and focus activities such as Service Failure Analysis (SFA) to those areas causing the most impact or disruption to the business and the users. Trends related to the unavailability of a service or component should also focus on the cost of unavailability. The monetary value can be calculated as a combination of the tangible costs associated with failure, but can also include a number of intangible costs. The monetary value should also reflect the cost impact to the whole organization, i.e. the business and IT organization. Page284of 533 Tangible costs can include: o Lost user productivity, Lost IT staff productivity, lost revenue, Overtime payments, wasted goods and material, Imposed fines or penalty payments. Intangible costs can include: o Loss of customers, Loss of customer good (customer dissatisfaction), Loss of business opportunity (to sell, gain new customers or revenue, etc.), Damage to business reputation, Loss of confidence in IT service provider, Damage to staff morale. Report service and component availability The data gathered from AMIS on the monitoring of services or components are analyzed and mapped to the Key Performance Indicators of the Availability Management Process and reported accordingly to the identified stakeholders. Any Trends identified in unavailability of service or component From the reports that are generated, check if there are any trends identified in the unavailability of the Service or Component. There might also be a need for the Availability Management team to revisit the design for Availability to re-check the parameters that are configured. This ensures that meaningful trends on the availability data can be generated within the limitations of the design of Availability for the Service or Component. Update service improvement plan If there are any trends identified in the unavailability of service or component, any identified steps for improvement of the availability should be documented as a part of the Service Improvement Plan. However, the identified trends could also lead to changes to the availability design or Solution Proposal. It is the responsibility of the Availability Manager to point out such inputs to the right process owner to ensure corrective actions that are identified for improvement of availability are addressed. Create/Update availability plan The Availability plan is created for new availability requirements or updated for existing services or components. The basic contents of the Availability Plan, may include, but not restricted to: Actual levels of availability versus agreed levels of availability as per SLA. Details of the availability requirements for forthcoming new IT services. The plan should document the options available to meet these new requirements. Where investment decisions are required, the associated costs of each option should be included. (Refer to the Availability Plan Template for more information) Implement availability plan Once the Availability plan is created / updated, implementation of the methodologies mentioned in the availability plan is carried out by raising a request for change and following the change management process for an authorized implementation of availability parameters or changes to the infrastructure / Page285of 533 component design to suit availability requirements thereon. Post Implementation, the services and components become a part of existing operations and the regular monitoring of the availability of these services and components commence accordingly in an iterative methodology. Identify Risks Identify potential failure modes and their impact on Service Availability. A series of risk categories is identified and for each category a suite of potential risks is listed. Identify potential causes of failure, current process controls Identify the likely causes of risks for the availability. Each risk cause is a particular aspect of the availability which is likely to experience a risk during the lifecycle of the operations. Assign severity of Risks, occurrence of Risks and Detection of Risks Quantify the Severity, probability of occurrence and likelihood of detection of risks on a scale of 1 to 10. (Refer to the Guideline mentioned in Risk Register Template) Define Risk priority number Risk Priority Number (RPN) is product of Severity, probability of occurrence and likelihood of detection of the identified risk. The higher the RPN, higher is the impact of the Risk on Availability of services. Identify counter measures and recommended actions For each risk identified and in priority order, list The preventative actions to be taken to reduce/avoid the likelihood of occurrence of risk. The contingent actions to be taken to reduce the impact should the risk eventuate Create/Update Risk Register Once Risk has been identified, prioritized and counter measures are proposed, Availability Manager needs to keep a track of these Risks by creating/updating the Risk Register. Implement Counter Measures Once Risk has been identified and recorded in the Risk Register, the counter measures that have been identified should be implemented by following the Change Management Process (wherever required). Once the counter measures are implemented, proceed to 5.1 to update the identified Risk in the Risk Register. KPIs Percentage improvement in overall end-to-end availability of service Work Items/Outputs Page286of 533 Availability Reports Risk Register Summary Tasks Responsibility Identify Vital Business Function Operations Team Design for Availability Operations Team Design for Recovery Operations Team Test Availability Design Operations Team Preparation of Availability Plan Implement Availability Plan Monitoring of services Analyze Service and Component Availability Operations Team Operations Team Operations Team Operations Team Generation of Availability Reports Operations Team Update Service Improvement Plan Operations Team Capacity Management Goals and Objectives The goal of the Capacity Management process is to ensure that cost-justifiable IT capacity in relevant areas of IT exists appropriately and is matched to the current and future agreed needs of the business, in a timely manner. Produce and maintain an appropriate and up-to-date Capacity Plan, which reflects the current and future needs of the business. Provide advice and guidance to all other areas of the business and IT on all capacity- and performance-related issues. Page287of 533 Ensure that service performance achievements meet or exceed all of their agreed performance targets, by managing the performance and capacity of both services and resources. Assist with the diagnosis and resolution of performance and capacity related incidents and problems. Assess the impact of all changes on the Capacity Plan, and the performance and capacity of all services and resources. Ensure that proactive measures to improve the performance of services are implemented wherever it is cost-justifiable to do so. Scope Includes all relevant areas of technology in terms of hardware and software, for technology components and environments. Capacity Management needs to understand the total IT and business environment including current business operations and its requirements, future business plans and requirements, service targets. Space planning and environmental systems capacity as well as certain aspects of human resources which could result in a breach of SLA or OLA targets. Scheduling of human resources, staffing levels, skill levels and capability levels. Entry Criteria / Inputs Business Patterns Business Requirements New Service Design / New and existing Service Levels Capacity Performance Reports and Trend Reports Forward Schedule of Changes Activity Details Assist SLM in understanding Service Level Requirements Identify business requirements in terms of service level requirements. Capacity Management would assist SLM in understanding the customers’ capacity and performance requirements, in terms of required service/system response times, expected throughput, patterns of usage and volume of users. Capacity Management may also provide inputs relating to the current utilization and the capabilities. The SLA may include, but not limited to the details of the anticipated service throughputs and the performance requirements. Recommendation for Design, Procure / Amend the Service Configuration Page288of 533 Get involved in designing new or changed services. Make recommendations for procurement of hardware (may use modeling technique) and software (may use application sizing). Verify proposed service levels (SLA) Verify anticipated service throughputs and the performance requirements. Capacity Management advises SLM on achievable targets that can be monitored and on which the Service Design has been based. Using predictive techniques verify service performance and support SLA negotiation. Support SLA Negotiation Control and Implementation Follow Change Management process for changes to service and resources capacity. Identify and understand IT Service Performance & Resource requirements (M) The Service Capacity Management sub-process ensures that the services meet the agreed capacity service targets. Understand their use of resource, working patterns, peaks and troughs, and to ensure that the services meet their SLA targets, i.e. to ensure that the IT services perform as required. To understand the use of the resources, working patterns, peaks and troughs, the capacity utilization reports, existing service thresholds may be considered. Manage Service Performance as determined by the targets contained in the agreed SLAs or SLRs. Monitor, Measure and Report on Service and Performance & Resource Utilization (M) Establish agreed service levels from monitored data. Compare monitored data with normal levels and report exceptions and near misses. The monitoring activities set the thresholds at which warnings and alarms may be raised and exception reports may be produced. Monitor service workloads and transaction to ensure that they remain within agreed limitations and thresholds. Information on resource utilization needs to be collected on a continuous basis. Monitors should be installed on the individual hardware and software components, and then configured to collect the necessary data which may be historic in nature, capturing trends which is accumulated and stored in CMIS over a period of time. Analyze and Review Service Performance & Resource Utilization (M) The Service and resource capacity may take support of the analysis techniques (performed as an iterative activity). Page289of 533 Review of the analysis may be carried out against the service performance as determined by the targets contained in the agreed SLAs or SLRs. Any Threshold Deviations? In case of no deviation observed go back as per process flow chart. In case of deviation is found proceed with next activity Identify areas of improvements and take necessary action. The analysis of the monitored data may identify areas of the configuration that could be tuned to better utilize the service, system and component resources or improve the performance of the particular service. Design cost effective solution which meets business, service and component requirements. Plan for the development of IT capacity to meet the needs in the growth of both existing service and any agreed new services. Forecast issues wherever possible by monitoring changes in the performance and monitoring the impact of changes. Forecast issues wherever possible, and it therefore has to be proactive and predictive as well. However, there are times when component capacity management has to react to specific problems that are caused by a lack of capacity, or the inefficient use of the component. Future component and service capacity and performance must be forecasted. This can be done in a variety of ways, depending on the techniques and the technology used. Changes to workloads by the development and implementation of new functionality and services must be considered alongside growth in the current functionality and services driven by business growth. A simple example of a capacity forecast is a correlation between a business driver and component utilization, e.g. processor utilization against the number of customer accounts. This data can be correlated to find the effect that an increase in the number of customer accounts have on the processor utilization. If the forecasts on future capacity requirements identify a requirement for increased resource, this requirement needs to be input into the Capacity Plan and included within the IT budget cycle. Often capacity reports are consolidated together and stored on an intranet site so that anyone can access and refer to them. Define threshold limits to ensure new design identify and resolve issues in operational services rapidly. New design need to match current and future requirements. Page290of 533 Consider Demand Management while preparing capacity plan. Physical constraints: for example, it may be possible to stop some services from being available at certain times, or to limit the number of customers who can use a particular service Financial constraints: if charging for IT services is in place, reduced rates could be offered for running work at times of the day when there is currently less demand for the resource. This is known as differential charging. Modeling is an activity that can be used to beneficial effect in any of the sub processes of Capacity Management Various Modeling techniques may be used to predict the behavior of IT Services which would help in preparing the capacity plan. o Base lining o Trend Analysis o Analytical Modeling o Simulation Modeling Capacity Plan: (M) The Capacity Plan is used by all areas of the business and IT management and is acted on by the IT service provider and senior management of the organization to plan the capacity of the IT infrastructure. It also provides planning input to many other areas of IT and the business. It contains information on the current usage of service and components, and plans for the development of IT capacity to meet the needs in the growth of both existing service and any agreed new services. The Capacity Plan should be actively used as a basis for decision-making regarding performance, capabilities, growth and so on. Iterative activities (M) The activities described in this section are necessary to support the sub-processes of Capacity Management, and these activities can be done both reactively or proactively, or even pre-emptively. The major difference between the sub-processes is in the data that is being monitored and collected, and the perspective from which it is analyzed. o For example, the level of utilization of individual components in the infrastructure – such as processors, disks, and network links – is of interest in Component Capacity Management, while the transaction throughput rates and response times are of interest in Service Capacity Management. For Business Capacity Management, the transaction throughput rates for the online service need to be translated into business volumes – for example, in terms of sales invoices raised or orders taken. Page291of 533 The biggest challenge facing Capacity Management is to understand the relationship between the demands and requirements of the business and the business workload, and to be able to translate these in terms of the impact and effect of these on the service and resource workloads and utilizations, so that appropriate thresholds can be set at each level Tuning and Optimization These activities provide the basic historical information and triggers necessary for all of the other activities and processes within Capacity Management. Monitors should be established on all the components and for each of the services. The data should be analyzed using, wherever possible, expert systems to compare usage levels against thresholds. The results of the analysis should be included in reports, and recommendations made as appropriate. Some form of control mechanism may then be put in place to act on the recommendations. This may take the form of balancing services, balancing workloads, changing concurrency levels and adding or removing resources. All of the information accumulated during these activities should be stored in the Capacity Management Information System and the cycle then begins again, monitoring any changes made to ensure they have had a beneficial effect and collecting more data for future actions. The analysis of the monitored data may identify areas of the configuration that could be tuned to better utilize the service, system and component resources or improve the performance of the particular service. Tuning techniques that are of assistance include: o Balancing workloads and traffic – transactions may arrive at the host or server at a particular gateway, depending on where the transaction was initiated; balancing the ratio of initiation points to gateways can provide tuning benefits o Balancing disk traffic – storing data on disk efficiently and strategically, e.g. striping data across many spindles may reduce data contention o Definition of an accepted locking strategy that specifies when locks are necessary and the appropriate level, e.g. database, page, file, record and row – delaying the lock until an update is necessary may provide benefits o Efficient use of memory – may include looking to utilize more or less memory, depending on the circumstances. Before implementing any of the recommendations arising from the tuning techniques, it may be appropriate to consider testing the validity of the recommendation. Utilization Monitoring The monitors should be specific to particular operating systems, hardware configurations, applications, etc. Page292of 533 It is important that the monitors can collect all the data required by the Capacity Management process, for a specific component or service. Typical monitored data includes: o Processor utilization o Memory utilization o Per cent processor per transaction type o IO rates (physical and buffer) and device utilization o Queue lengths o Disk utilization o Transaction rates o Response times o Batch duration o Database usage o Index usage o Hit rates o Concurrent user numbers o Network traffic rates. In considering the data that needs to be included, a distinction needs to be drawn between the data collected to monitor capacity (e.g. throughput) and the data to monitor performance (e.g. response times). Data of both types is required by the Service and Component Capacity Management subprocesses. This monitoring and collection needs to incorporate all components in the service, thus monitoring the ‘end-to-end’ customer experience. The data should be gathered at total resource utilization level and at a more detailed profile for the load that each service places on each particular component. This needs to be carried out across the whole technology, host or server, the network, local server and client or workstation. Similarly the data needs to be collected for each service. Part of the monitoring activity should be of thresholds and baselines or profiles of the normal operating levels. If these are exceeded, alarms should be raised and exception reports produced. These thresholds and baselines should have been determined from the analysis of previously recorded data, and can be set at both the component and service level. Page293of 533 All thresholds should be set below the level at which the component or service is overutilized, or below the targets in the SLAs. When the threshold is reached or threatened, there is still an opportunity to take corrective action before the SLA has been breached, or the resource has become overutilized and there has been a period of poor performance. It may be difficult to get the data on the current business volumes as required by the Business Capacity Management sub-process. These statistics may need to be derived from the data available to the Service and Component Capacity Management sub-processes. Monitoring Useful information on service response times can be obtained by distributing agent systems with monitoring software at different points of a network (e.g. within different countries on the internet). These systems can then be used to generate transactions from a number of locations and give periodic measurements of an internet site as perceived by international users of an internet website. However, again the times received are only indications of the response times and are not the real user response times. Apart from these automated systems, monitoring may also happen manually due to reasons of compatibility, cost agreement for usage of automated monitors etc. Analysis The data collected from the monitoring should be analyzed to identify trends from which the normal utilization and service levels, or baselines, can be established. By regular monitoring and comparison with this baseline, exception conditions in the utilization of individual components or service thresholds can be defined, and breaches or near misses in the SLAs can be reported and actioned. Also the data can be used to predict future resource usage, or to monitor actual business growth against predicted growth. Analysis of the data may identify issues such as: o 'Bottlenecks’ or ‘hot spots’ within the infrastructure o Inappropriate distribution of workload across available resources o Inappropriate database indexing o Inefficiencies in the application design o Unexpected increase in workloads or transaction rates o Inefficient scheduling or memory usage. Page294of 533 The use of each component and service needs to be considered over the short, medium and long term, and the minimum, maximum and average utilization for these periods recorded. Typically, the short-term pattern covers the utilization over a 24-hour period, while the medium term may cover a one- to four-week period, and the long term a year-long period. Over time, the trend in the use of the resource by the various IT services become apparent. The usefulness of this information is further enhanced by recording any observed contributing factors to peaks or valleys in utilization – for example, if a change of business process or staffing coincides with any deviations from the normal utilization. It is important to understand the utilization in each of these periods, so that changes in the use of any service can be related to predicted changes in the level of utilization of individual components. The ability to identify the specific hardware or software components on which a particular IT service depends is improved greatly by an accurate, up-to-date and comprehensive CMS. When the utilization of a particular resource is considered, it is important to understand both the total level of utilization and the utilization by individual services of the resource. KPI’s Work Items / Outputs SLA and SLR recommendations. Capacity Plan. Capacity Management Information System. Service Performance Information & Reports. Forecasts. Thresholds, Alerts & Events. Costs and recommendations for further calculations. Proactive changes and Service improvements. Revised maintenance windows. Summary Tasks/Activities Responsibility (RACI) Identify and understand IT service performance and resource requirements Capacity staff Page295of 533 Monitor, measure, and report on the service and performance and resource utilization Capacity staff Analyze and review service performance and resource utilization Capacity staff Identify areas of improvements and take appropriate actions Capacity staff Iterative activities Capacity staff Current Network Architecture (Pls ref. Existing Network Diagram Architecture) Existing Network Diagram Architecture Current ERP Application Diagram (Pls ref. ERP-APP_flow_diagram.jpg) ERP-App_flow_diagr am.jpg Current website (Esic.in) internet flow diagram esic.in_Internet flow diagram.jpg (Pls ref. esic.in_Internet flow diagram.jpg) Page296of 533 Annexure: 27 DC-DR Requirement Specification Page297of 533 Table of Contents 1. INDICATIVE SETUP AT DC-DR ............................................................................................................... 302 2. NETWORK DEVICES .............................................................................................................................. 307 2.1 ROUTERS AND SWITCHES ....................................................................................................................... 307 2.2 LINK LOAD BALANCER FOR INTERNET AND INTRANET SEPARATELY SPECIFICATION ............................... 319 2.3 APPLICATION/ SERVER LOAD BALANCER SPECIFICATION INTERNET AND INTRANET SEPARATELY ........ 319 2.4 SSL VPN SPECIFICATION .......................................................................................................................... 319 2.5 PERFORMANCE OPTIMIZATION .............................................................................................................. 322 2.6 WAN OPTIMIZATION SYSTEM SPECIFICATION FOR DC-DR:................................................................... 322 2.7 WIRELESS LAN SPECIFICATION: .......................................................................................................... 324 2.8 FORWARD PROXY SPECIFICATION: ........................................................................................................ 328 2.9 REVERSE PROXY SPECIFICATION: ..........................................................................................................329 2.10 FLOW CONTROL MANAGER SPECIFICATION: ........................................................................................ 330 3. IP TELEPHONY ...................................................................................................................................... 331 3.1 VOICE CALL MANAGER (UCM) SPECIFICATION ..................................................................................... 331 3.2 MEDIA GATEWAY SPECIFICATION ........................................................................................................ 331 4. VIDEO CONFERENCING (V.C) SPECIFICATION: .....................................................................................333 5. SECURITY ............................................................................................................................................................ 335 5.1 FIREWALL: .......................................................................................................................................................... 336 5.2 NETWORK BEHAVIOR ANALYSIS SPECIFICATION .................................................................................... 345 5.3 NETWORK ACCESS CONTROL& AUTHENTICATION SPECIFICATION: ...................................................... 346 5.4 NEXT GENERATION INTRUSION PREVENTION SYSTEM FOR INTERNET AND INTRANET SPECIFICATION:.352 5.6SECURE WEB GATEWAY SPECIFICATION: ............................................................................................... 352 5.7 SECURITY INTELLIGENCE, ANALYTICS AND, FORENSICS SOLUTION SPECIFICATION: ............................... 353 5.8 DATA LEAKAGE PREVENTION (DLP) SPECIFICATION ................................................................................ 353 5.9 EMAIL SECURITY SPECIFICATION ............................................................................................................ 361 5.10 DISTRIBUTED DENIAL OF SERVICES (DDOS) SPECIFICATION FOR INTRANET AND INTERNER SEPRATLY:364 5.11 IDENTITY MANAGEMENT TECHNICAL SPECIFICATION ........................................................................... 371 5.12 PRIVILEGED USER MANAGEMENT TECHNICAL SPECIFICATION: .......................................................... 379 5.13 WEB ACCESS MANAGEMENT & SINGLE- SIGN ON SPECIFICATION: ..................................................... 380 5.14 ENTERPRISE VULNERABILITY MANAGEMENT (EVM) SPECIFICATIONS: ................................................ 381 5.15 WEB VULNERABILITY SCANNER SPECIFICATIONS ............................................................................... 384 6. PENETRATION TESTING ........................................................................................................................ 385 Page298of 533 7. SERVER SPECIFICATION ...................................................................................................................... 385 8. DATA WARE HOUSING SERVER SPECIFICATION ................................................................................391 9. VIRTUALIZATION SPECIFICATION: ................................................................................................................ 392 10. STORAGE & BACKUP SPECIFICATION: .................................................................................................396 10.1 UNIFIED STORAGE TECHNICAL SPECIFICATIONS: ................................................................................ 397 10.2 SAN SWITCH TECHNICAL SPECIFICATIONS ...........................................................................................398 10.3 BACKUP SPECIFICATION FOR DC-DR AND END USER: ......................................................................... 399 11. NETWORK OPERATION CENTER (NOC) ................................................................................................. 400 11.1 ENTERPRISE MANAGEMENT SYSTEM (EMS) ..................................................................................... 402 11.2 SERVICE LEVEL REPORTER .................................................................................................................. 407 11.3 IT LOG MANAGEMENT: ...................................................................................................................... 408 11.4 SERVICE MANAGEMENT (HELP DESK) AND SLA MANAGEMENT .......................................................... 412 11.5 NETWORK FAULT MANAGEMENT ...................................................................................................... 414 11.6 NETWORK PERFORMANCE MANAGEMENT ........................................................................................ 414 11.7 SERVER MONITORING ........................................................................................................................415 11.8 ASSET MANAGEMENT .................................................................................................................................... 417 11.9 NOC ROOM DISPLAY SPECIFICATIONS: ............................................................................................... 418 11.10 APPLICATION CHANGE MANAGEMENT SPECIFICATION: ................................................................... 420 11.11 DATABASE MONITORING SPECIFICATION: ..................................................................................... 422 12. SECURITY OPERATIONS CENTRE (SOC): .................................................................................................. 425 13. GOVERNANCE RISK AND COMPLIANCE SPECIFICATION: .................................................................... 430 14. SERVICE DESK: ....................................................................................................................................435 15. ANTIVIRUS AND HOST INTRUSION PREVENTION SERVICES SPECIFICATION: ...................................... 436 16. PATCH MANAGEMENT SOLUTION SPECIFICATION:............................................................................ 438 17. PAM/DNS/DHCP TECHNICAL SPECIFICATION: .................................................................................... 439 18. MAIL MESSAGING SPECIFICATION: .................................................................................................... 440 19. DIRECTORY SERVICES SPECIFICATION: ................................................................................................450 20. AUTOMATED DR MANAGEMENT SPECIFICATION: ........................................................................... 451 21. DATA BASE ENCRYPTION SPECIFICATION: ......................................................................................... 453 22. BUILDING MANAGEMENT SYSTEM (BMS): .........................................................................................454 22.1 SPECIFICATIONS OF INTEGRATED DATA CENTER RACKS: .................................................................... 454 22.2 UPS SPECIFICATION ............................................................................................................................ 455 22.3 AIR CONDITION SPECIFICATION: .......................................................................................................458 22.4 BIOMETRIC BASED ACCESS CONTROL ..............................................................................................462 22.5 FIRE ALARM & FIRE SUPPRESSION SYSTEM .......................................................................................462 22.6 DATA CENTER INFRASTRUCTURE MANAGEMENT (DCIM) SOLUTION .................................................. 463 Page299of 533 22.7 KVM SWITCHES SPECIFICATION: .........................................................................................................472 22.8 DG SET:............................................................................................................................................... 478 22.9 EARTHING SPECIFICATIONS: ........................................................................................................................ 481 22.10 CCTV SURVEILLANCE: .....................................................................................................................481 23. MIGRATION PLAN: ........................................................................................................................... 481 24. APPLICATION RELATED DC/DR REQUIREMENTS:................................................................................ 486 25. HARDWARE OEM CRITERIA FOR SERVICES AND PRODUCT:................................................................ 487 27. EXCEPTION: ....................................................................................................................................... 488 27. GENERAL INSTRUCTIONS.................................................................................................................... 488 Page300of 531 This page is intentionally left blank Page301of 531 1. Indicative Setup at DC-DR Page302of 531 Page303of 531 Page304of 531 Page305of 531 Page306of 531 2. Network Devices: 2.1 Routers and Switches: Page307of 531 Scope of work: The Network should have fall back capability to support IP Phones at RO and Hospitals, so that local communication within the premises can be done in case WAN connectivity is totally down. The network should support Multipoint to multipoint IPSec encryption tunnels and Static IPSec solution for faster configuration and better management with zero touch provisioning during operations. All communications happening over the various links within the network shall be encrypted using standard protocols like IPSec with IKEv2 using 3DES, AES and Suite B Encryption to ensure highly secure communication. Routing and Switching solution shall be from the same OEM in order to avoid interoperability issues. Internet Router Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Router should be chassis based and modular architecture with multicore processor for scalability 1.2 Router should have 4 nos. of 10/100/1000 Base-T ports out of which 2 nos. should be SFP based ports. 1.3 Router should have at least 1 open slots for additional LAN/ WAN modules other then asked ports. 1.4 Router should support STM-1, STM-4, Gigabit Ethernet and 10 Gigabit Ethernet modules in asked slot. 1.5 Router should have DES, 3DES and AES Standards through dedicated encryption module/processor. Should support IPSec with IKEv2 and Suite-B Encryption 1.6 Router shall have hot swappable 1:1 redundant internal power supply 2 Performance Requirements 2.1 Router should have a minimum performance of 3 Mpps 2.2 Router should have a minimum throughput of 2 Gbps with all services enabled. 3 Routing Protocols 3.1 Router should support static Routes, OSPFv2, OSPFv3, BGP4, MBGP, BFD, Policy based routing, IPv4 and IPv6 tunneling 3.2 Router should support IGMP v1/v2/v3 and PIM multicast routing 3.3 Should support other IP Services like GRE tunnel, IPv4 tunnel, IPv6 tunnel, Virtual Router Redundancy Protocol (VRRP), Network Address Translation (NAT), Access Control Lists (ACLs) Page308of 531 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence 4.2 Routers should support marking, classification, policing and shaping 5. System Management and Administration 5.1 Router should support SSHv2, SNMPv2c, SNMPv3 and NTP 5.2 Routers should support AAA using RADIUS and TACACS+ 5.3 Routers should support configuration rollback 5.4 Router should support software upgrades via TFTP or FTP. 5.5 Support for accounting of traffic flows for network planning and security purposes. Router shall provide application recognition through analysis of flows. 5.6 Should support extensive support for IP SLA and best path selection for metrics like delay, latency, jitter, packet loss to assure business-critical IP applications. 5.7 Router should support monitoring of network traffic with application level insight with deep packet visibility into web traffic, RTP-Based VoIP traffic and cRTP 6 Regulatory Compliance 6.1 Router shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 6.2 Router shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 7 Evaluation Compliance 7.1 Router / Router’s Operating System should be tested and certified for EAL 4/NDPP or above under Common Criteria Certification 7.2 Router should be IPv6 logo Certified Internet Switch Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Switch should have minimum 24 nos. 10/100/1000 Base-T ports and additional 4 nos. SFP uplink ports 1.2 Switch should have one dedicated slot for stacking and should support minimum 48 Gbps of stacking bandwidth with dedicated stacking ports Page309of 531 1.3 Shall have hot swappable 1:1 redundant internal power supply and hot swappable fan modules 2 Performance Requirements 2.1 Switch shall have minimum 56 Gbps of switching fabric and 41 Mpps of forwarding rate 2.2 Shall have minimum 12K MAC Addresses 2.3 Shall have minimum 1000 Active VLANs 3 IEEE Standards 3.1 Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.1x, 802.3ad, 802.3x, 802.1p, 802.1Q, 802.3, 802.3u, 802.3ab, 802.3z, 802.3ae 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence. 4.2 Routers should support marking, classification, policing and shaping. Should support strict priority queuing. 5. System Management and Administration 5.1 Switch should support SSHv2, SNMPv2c, SNMPv3 and NTP. 5.2 Switch should support AAA using RADIUS and TACACS+. 5.3 Switch should support port security, DHCP snooping, Dynamic ARP inspection, IP Source guard, BPDU Guard, Spanning tree root guard and IPv6 First Hop Security. 5.4 Switch should support software upgrades via TFTP or FTP. 5.5 Should support 802.1x authentication and accounting, IPv4 and IPv6 ACLs and Dynamic VLAN assignment. 5.6 Switch Shall have Switch Port Analyzer (SPAN) and Remote Switch Port Analyzer (RSPAN) . 5.7 Switch shall have secure VTP with MD5/ Equivalent protocol to reduce administrative burden of configuring VLANs on multiple switches in turn eliminating the configuration errors & troubleshooting in secure manner or equivalent 5.8 Switch shall have Layer 2 trace route for ease of troubleshooting by identifying the physical path that a packet takes from source to destination. 5.9 Switch shall have Internet Group Management Protocol (IGMP) Snooping for IPv4 and IPv6 and MLD v1 and v2 Snooping 5.10 Switch shall have Per-port broadcast, multicast and unicast storm control. 5.11 Unidirectional Link Detection Protocol (UDLD), Aggressive UDLD, Link Aggregation Control Protocol (LACP), Port Aggregation Protocol (PAgP) and Dynamic Trunking Protocol (DTP). 6 Regulatory Compliance 6.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. Page310of 531 6.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 7 Evaluation Compliance 7.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification. 7.2 Switch should be IPv6 logo Certified Core MPLS WAN Routers Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Router should be chassis based and modular architecture with multicore processor for scalability 1.2 Router should have 4 nos. of 10/100/1000 Base-T ports out of which 2 nos. should be SFP based ports. Router should be scalable to minimum 3 nos. of 10 Gig ports. 1.3 Router should have at least 3 open slots for additional LAN/ WAN modules other then asked ports 1.4 Router should support Channelized E1/T1, Gigabit Ethernet and 10 Gigabit Ethernet Modules in asked slots. 1.5 Router should have DES, 3DES and AES Standards through dedicated encryption module/processor. Should support IPSec with IKEv2 and Suite-B Encryption 1.6 Router shall have hot swappable 1:1 redundant internal power supply 2 Performance Requirements 2.1 Router should have a minimum performance of 3 Mpps and same chassis should be scalable to 15 Mpps. 2.2 Router should have a minimum throughput of 2 Gbps with all services enabled and same chassis should be scalable to 10 Gbps with all services enabled. 3 Routing Protocols 3.1 Router should support static Routes, OSPFv2, OSPFv3, BGP4, MBGP, BFD, Policy based routing, IPv4 and IPv6 tunnelling 3.2 Router should support IGMP v1/v2/v3 and PIM multicast routing 3.3 Should support other IP Services like GRE tunnel, IPv4 tunnel, IPv6 tunnel, Virtual Router Redundancy Protocol (VRRP), Network Address Translation (NAT), Access Control Lists (ACLs) 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP Page311of 531 precedence 4.2 Routers should support marking, classification, policing and shaping 5. System Management and Administration 5.1 Router should support SSHv2, SNMPv2c, SNMPv3 and NTP 5.2 Routers should support AAA using RADIUS and TACACS+ 5.3 Routers should support configuration rollback. 5.4 Router should support software upgrades via TFTP or FTP. 5.5 Support for accounting of traffic flows for network planning and security purposes. Router shall provide application recognition through analysis of flows. 5.6 Should support extensive support for IP SLA and best path selection for metrics like delay, latency, jitter, packet loss to assure business-critical IP applications. 5.7 Router should support monitoring of network traffic with application level insight with deep packet visibility into web traffic, RTP-Based VoIP traffic and cRTP 5.8 Router shall have traffic load balancing capability on dual WAN Links based on based on advanced criteria, such as reachability, delay, loss, jitter and bandwidth utilization. 6 Regulatory Compliance 6.1 Router shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 6.2 Router shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 7 Evaluation Compliance 7.1 Router / Router’s Operating System should be tested and certified for EAL 4/NDPP or above under Common Criteria Certification 7.2 Router should be IPv6 logo Certified MPLS WAN Switch Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Switch should have minimum 24 nos. 10/100/1000 Base-T ports and additional 4 nos. SFP uplink ports. Same chassis should be scalable to 4 nos. of SFP+ uplinks ports 1.2 Switch should have one dedicated slot/port for stacking and should support minimum 48 Gbps of stacking bandwidth with dedicated stacking ports. Page312of 531 1.3 Shall have hot swappable 1:1 redundant internal power supply and hot swappable fan modules 2 Performance Requirements 2.1 Switch shall have minimum 128 Gbps of switching fabric and 95 Mpps of forwarding rate. 2.2 Shall have minimum 12K MAC Addresses. 2.3 Shall have minimum 1000 Active VLANs. 3 IEEE Standards 3.1 Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.1x, 802.3ad, 802.3x, 802.1p, 802.1Q, 802.3, 802.3u, 802.3ab, 802.3z, 802.3ae 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence. 4.2 Routers should support marking, classification, policing and shaping. Should support strict priority queuing. 5. System Management and Administration 5.1 Switch should support SSHv2, SNMPv2c, SNMPv3 and NTP. 5.2 Switch should support AAA using RADIUS and TACACS+. 5.3 Switch should support port security, DHCP snooping, Dynamic ARP inspection, IP Source guard, BPDU Guard, Spanning tree root guard and IPv6 First Hop Security. 5.4 Switch should support software upgrades via TFTP or FTP. 5.5 Should support 802.1x authentication and accounting, IPv4 and IPv6 ACLs and Dynamic VLAN assignment. 5.6 Switch Shall have Switch Port Analyzer (SPAN) and Remote Switch Port Analyzer (RSPAN) 5.7 Switch shall have secure VTP with MD5/Equivalent protocol to reduce administrative burden of configuring VLANs on multiple switches in turn eliminating the configuration errors & troubleshooting in secure manner or equivalent 5.8 Switch shall have Layer 2 trace route for ease of troubleshooting by identifying the physical path that a packet takes from source to destination. 5.9 Switch shall have Internet Group Management Protocol (IGMP) Snooping for IPv4 and IPv6 and MLD v1 and v2 Snooping 5.10 Swich shall have Per-port broadcast, multicast and unicast storm control. 5.11 Unidirectional Link Detection Protocol (UDLD), Aggressive UDLD, Link Aggregation Control Protocol (LACP), Port Aggregation Protocol (PAgP) and Dynamic Trunking Protocol (DTP). 6 Regulatory Compliance 6.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. Page313of 531 6.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 7 Evaluation Compliance 7.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification. 7.2 Switch should be IPv6 logo Certified. Core Switches Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements Existing core switches should be upgradable to following capabilities. 1.1 Switch should have minimum 96 no. of 10/100/1000 Base-T ports, 24 nos. 10 Gig SFP+ ports loaded with MM fibre. 1.2 All critical components like Supervisor modules, fabric modules, controller modules should be 1:1 redundant. Failure of one component must not degrade performance of switch. 1.3 Switch should have hot swappable 1:1 redundant internal power supply and hot swappable fan modules 1.4 Switch should be modular chassis Should be capable of 80 Gbps of switching capacity per slot. There should not be any performance degradation in slot throughput in case of any switching/routing engine failure. 2 Performance Requirements 2.1 Switching system shall have minimum 600 Gbps of switching fabric and minimum performance of 450 Mpps 2.2 Switching system shall have minimum 64K MAC Addresses 2.3 Switching system shall have minimum 4K Active VLANs 3 IEEE Standards 3.1 Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.3ad, 802.3x, 802.1p, 802.1Q, 802.3, 802.3ae, 802.3ba, 802.3ab, 802.3z 4 Routing Protocols 4.1 Shall have static routing, OSPF, OSPFv3, BGP, IS-ISv4, HSRP for IPv6/VRRPv3 and VRF (Virtual routing and forwarding) 4.2 Shall support IGMP v1/v2/v3 and PIM multicast routing 4.3 Shall support minimum 16K IPv4 and 16K IPv6 unicast entries 4.4 Shall support minimum 16K IPv4 and 16K IPv6 multicast entries Page314of 531 5 Quality of Service (QoS) requirements 5.1 Switching system shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence 5.2 Switching system should support marking, classification, policing and shaping. Should support strict priority queuing. 5.3 Shall have minimum 16K Security and QoS hardware entries. 6 System Management and Administration 6.1 Switching system should support SSHv2, SNMPv2c, SNMPv3 and NTP 6.2 Switching system should support AAA using RADIUS and TACACS+ 6.3 Switching system should support software upgrades 6.4 Switching system should IPv4 and IPv6 ACLs 6.5 Switching system shall have local and remote port mirroring 6.6 Switching system should support configurtion rollback 7 Internal Firewalls Specification 7.1 Core Switches should have 1 no. of internal firewall modules and supports at least 2 nos. of firewall modules in single chassis 7.2 Should support atleast 15 Gbps of production performance / multiprotocol firewall throughput 7.3 Firewall should support atleast 4,500,000 concurrent sessions 7.4 Firewall should support at least 240,000 connections per second 7.5 Firewall should support at least 1000 vlans 7.6 Firewall should support 10 virtual firewalls from day one & support licensed based scalability upto 20 virtual firewalls 7.7 Firewall should provide application inspection for DNS, FTP, HTTP, SMTP,ESMTP, LDAP, MGCP, RTSP, SIP, SCCP, SQLNET, TFTP, H.323, SNMP 7.8 Firewall should support creating access-rules with IPv4 & IPv6 objects simultaneously 7.9 Firewall should support operating in routed & transparent mode. Should be able to set mode independently for each context in multi-context mode 7.10 In transparent mode firewall should support arp-inspection to prevent spoofing at Layer-2 7.11 Should support Static, RIP, OSPF v2 & v3,BGP Protocol 7.12 Firewall should support SLA monitoring for static routes 7.13 Should support Non Stop Forwarding in HA during failover and Graceful Restart 7.14 Firewall should support static nat, pat, dynamic nat, pat & destination based nat 7.15 Firewall should support Nat66 (IPv6-to-IPv6), Nat 64 (IPv6-to-IPv4) & Nat46 (IPv4-to-IPv6) Page315of 531 functionality 7.16 Firewall should support stateful failover of sessions in Active/Standby or Active/Active mode 7.17 Firewall should support failover of IPv4 & IPv6 sessions 7.18 Firewall should replicate Nat translations, TCP,UDP connection states, ARP table, ISAKMP &IPSec SA's, SIP signalling sessions 8 Regulatory Compliance 8.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 8.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 9 Evaluation Compliance 9.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification. 9.2 Switch should be IPv6 logo Certified. Replication Routers for DC-DR Specification: S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Router should be chassis based and modular architecture with multicore processor for scalability. 1.2 Router should have 3 nos. of 10/100/1000 Base-T ports out of which 1 nos. should be SFP based ports. 1.3 Router should have at least 4 open slots for additional LAN/ WAN modules other then asked ports. 1.4 Router should support Fast Ethernet, Gigabit Ethernet, V.35 modules, G.703 modules, Channelized E1/T1 modules in asked slot. 1.5 Router should have DES, 3DES and AES Standards through dedicated encryption module/processor. Should support IPSec with IKEv2 and Suite-B Encryption 1.6 Router should support internal redundant power supply. 2 Performance Requirements 2.1 Router should have a minimum performance of 1.5 Mpps 3 Routing Protocols Page316of 531 3.1 Router should support static Routes, OSPFv2, OSPFv3, BGP4, MBGP, BFD, Policy based routing, IPv4 and IPv6 tunneling 3.2 Router should support IGMP v1/v2/v3 and PIM multicast routing 3.3 Should support other IP Services like GRE tunnel, IPv4 tunnel, IPv6 tunnel, Virtual Router Redundancy Protocol (VRRP), Network Address Translation (NAT), Access Control Lists (ACLs), Zone based Firewall. 4 Quality of Service (QoS) requirements 4.1 Shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence. 4.2 Routers should support marking, classification, policing and shaping. 4.3 Router should support application accerlation and compression capability to reduce WAN bandwidth usage in its operationg system 4.4 Router Application accerlatation should be transparent and integrated so as to make use of security, quality of service (QOS) and other native services. 5. System Management and Administration 5.1 Router should support SSHv2, SNMPv2c, SNMPv3 and NTP. 5.2 Routers should support AAA using RADIUS and TACACS+ 5.3 Routers should support configuration rollback. 5.4 Router should support software upgrades via TFTP or FTP. 5.5 Support for accounting of traffic flows for network planning and security purposes. Router shall provide application recognition through analysis of flows. 5.6 Router should support monitoring of network traffic with application level insight with deep packet visibility into web traffic, RTP-Based VoIP traffic and cRTP 5.7 Should support extensive IP SLA and best path selection for metrics like delay, latency,Jitter,packet loss to ensure business critical IP application. 6 Regulatory Compliance 6.1 Router shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 6.2 Router shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 7 Evaluation Compliance 7.1 Router / Router’s Operating System should be tested and certified for EAL 4/NDPP or above under Common Criteria Certification 7.2 Router should be IPv6 logo Certified Server Farm Switch Specification: Page317of 531 S. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 Switch should have minimum 48 nos. 10 Gig SFP+ ports loaded with MM fibre. 1.2 Switch should have hot swappable 1:1 redundant internal power supply and hot swappable fan modules 2 Performance Requirements 2.1 Switching system shall have minimum 960 Gbps of switching fabric and minimum performance of 700 Mpps 2.2 Switching system shall have minimum 32K MAC Addresses 2.3 Switching system shall have minimum 4K Active VLANs 3 IEEE Standards 3.1 Should support IEEE Standards of Ethernet: IEEE 802.1D, 802.1s, 802.1w, 802.3ad, 802.3x, 802.1p, 802.1Q, 802.3, 802.3ae, 802.3ba, 802.3ab, 802.3z 4 Routing Protocols 4.1 Shall have static routing, OSPF, OSPFv3, BGP, IS-ISv4, HSRP for IPv6/VRRPv3 and VRF (Virtual routing and forwarding) 4.2 Shall support IGMP v1/v2/v3 and PIM multicast routing 4.3 Shall support minimum 4K IPv4 and 4K IPv6 unicast entries 4.4 Shall support minimum 4K IPv4 and 4K IPv6 unicast entries 5 Quality of Service (QoS) requirements 5.1 Switching system shall have 802.1p class of service, IP differentiated service code point (DSCP) and IP precedence 5.2 Switching system should support marking, classification, policing and shaping. Should support strict priority queuing. 5.3 Shall have minimum 4K Security and QoS hardware entries. 6 System Management and Administration 6.1 Switching system should support SSHv2, SNMPv2c, SNMPv3 and NTP 6.2 Switching system should support AAA using RADIUS and TACACS+ 6.3 Switching system should support software upgrades 6.4 Switching system should IPv4 and IPv6 ACLs 6.5 Switching system shall have local and remote port mirroring 6.6 Switching system should support configuration rollback Page318of 531 7 Regulatory Compliance 7.1 Switch shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 7.2 Switch shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements. 8 Evaluation Compliance 8.1 Switch / Switch’s Operating System should be tested and certified for EAL 2/NDPP or above under Common Criteria Certification. 8.2 Switch should be IPv6 logo Certified. 2.2 Link Load Balancer for internet and intranet separately specification: S.No Minimum Requirement Description Architecture 1 The LLB should be a dedicated purpose built hardware device. It should not be a part of UTM, Firewall module or Router functionality. 2 Should support 6 x 10/100/1000BaseT Ports and 2xGigabit Fiber Ports(SFP-GBIC Mini) 3 Should provide minimum 1 Gbps load balancing throughput and should be scalable to 4 Gbps with license key without changing the hardware 4 Device must have Dynamic routing protocols like OSPF, RIP and RIPII 5 The proposed device must have DNS capability for inbound load balancing from Day 1 6 Should support static & dynamic proximity based outbound as well as in bound load balancing 7 Device should support Proximity that enables to determine which is the fastest path available Redundancy 1 Should support Virtual Router Redundancy Protocol (VRRP--RFC 2338)or equivalent 2 The device should support Interface Grouping 3 Should have predefined health check on protocols like HTTP, SMTP, POP3,DNS, Ping, FTP, SNMP etc 4 Should provide AND/OR mechanism between health check 2.3 Next generation Application/ Server Load Balancer specification Internet and intranet separately: S.no Minimum Requirement Description Page319of 531 1 2 Server Load Balancer and Link Load Balancer should be from same OEM in order to aviod compatibility Issue Architecture Should support 20 x 10 GbE SFP+ 4 Should provide minimum 30 Gbps throughput and can be scalable to 80 Gbps throughput without changing the hardware (license upgrade only). Device must have Dynamic routing protocols like OSPF, RIP1, RIP2, BGP from Day 1 5 Load Balancing Features 3 The SLB should support the below metrics: — Minimum Misses, — Hash, — Persistent Hash, — Tunable Hash, — Weighted Hash, — Least Connections, — Least Connections Per Service, — Round-Robin, — Response Time, — Bandwidth, VIRTUALIZATION: The proposed SLB should have ADC-VX/Virtualization feature that virtualizes the Device resources—including CPU, memory, network, and acceleration resources. 6 Each virtual ADC instance contains a complete and separated environment of the Following: a) Resources, b) Configurations, c) Management. The proposed device should have 5 Virtual Instances from Day 1 and scalable upto 45 Virtual Instances. 7 The vADC management should have two management roles: • The Global Administrator creates, initially configures, and monitors vADCs. The Global Administrator should be able to dynamically allocate CPU and throughput resources by assigning capacity units and adjusting throughput limits to a vADC. • The vADC Administrator is responsible for the day-to-day configuration and maintenance of vADCs using the same tasks as with traditional ADCs, except for those vADC tasks that only the Global Administrator performs. 8 The device should support DNS SEC Global Server load Balancing functionality. Page320of 531 A framework for customizing application delivery should be provided using user-written scripts that provides the flexibility to control application flows and fully meet business requirements in a fast and agile manner. 9 The proposed framework should enables to: • Extend Server Load Balancer Fabric services with delivery of new applications • Quickly deploy new services • Mitigate application problems without changing the application • Preserve infrastructure investment by adding new capabilities without additional equipment investment • SSL VPN must be integrated module on load balancer with multi factor authentication support 11 Should support Web Performance Optimization feature that should employ different acceleration treatments for different application and browser Global Load Balancing licence to be provided from Day 1 12 The Server Load balancer should support the Application Performance Monitoring feature 13 Should support server side web compression and proximity based LLB 14 Server Management Feature (SLB, Proxy devices should be managed through common centralized management) Redundancy Should Support standard VRRP (RFC - 2338) or Equivalent 10 15 2.4 SSL VPN Specifications: 1 Minimum Requirement Description Hardware Architecture Thesecurity platform should be capable of providing high performance SSL VPN functionality functionality with multifactor authentication (soft tokens) for remote users The appliance should support at least 4 * 10/100/1000 Gigabit ports and 2 x 10G ports loaded from day one. 2 The appliance hardware should be a multicore CPU architecture with a hardened 64 bit operating system to support higher memory Proposed Appliance should not be proprietary ASIC based in nature & should be open architecture based on multi-core cpu's to protect & scale against dynamic latest security threats. Performance & Scalability Support ort 3Des/AES VPN throughput of atleast 1000 Mbps Appliance should support atleast 25000 concurrent VPN users and platform should be scalable to support upto 50,000 users from day one Should support at least 5 virtual portals in order to support multiple communities/instances on same appliance and should be scalable to handle 20 virtual portals on same device. SSL VPN solution must provide machine authentication based on combination of HDD ID, CPU info and OS related parameters i.e. mac address to provide secure access to corporate resources. SSL VPN solution should provide provision for auto collect, auto approve functions for Page321of 531 automated collection and approval of hardware ID's without any manual intervention Appliance should support ether channel functionality for the failover control & date interfaces for provide additional level of redundancy Appliance should support redundant interfaces to provide interface level redundancy before device failover SSL VPN solution should be 100% client less for web based applications, Should have secure access solutions for mobile PDAs, Android smart phones, IPad, IPhone Should support following Authentication methods: - LDAP, Active directory, Radius, secure ID, local database, certificate based authentication and anonymous access. SSL VPN solution should be proposed as dedicated virtual instance on server load balancer hardware Appliance should have integrated redundant power supply 3 Management Appliance should support management of Appliance policies via Cli, SSH & GUI management capabilities Appliance should support syslog with the functionality of sending syslog’s messages Appliance should support SNMP v1,2c & 3 simultaneously 2.5 Performance Optimization: The WAN network design should support application acceleration and compression capabilities to reduce WAN bandwidth usage in its operating system. The application acceleration should be transparent and integrated so as to make use of security, quality of service (QoS) and other native services The application acceleration and compression system should be manageable from application acceleration and compression management solution. WAN optimization solution should support optimization technologies including compression, caching, single instance, TCP optimization, application blueprint in order to ensure accelerated application delivery. Objective is to overcome issues like latency, Packet loss, and application congestion in order to enhance application delivery. 2.6 WAN Optimization System Specification for DC-DR: Sr. No. Minimum Requirement Description 1 General Hardware and Interface requirements 1.1 The WAN Optimization system should be based on appliance 1.2 Should have on board minimum 2 x 10/100/1000 Base-T port for management Page322of 531 1.3 Should have minimum 4 x 10/100/1000 Base-T inline ports with fail to wire capabilities in all 4 ports from day one. These ports should be in addition to Management ports on the system. Page323of 531 1.4 Should support symmetric optimization for minimum 60,000 concurrent TCP connections from day one in a single device. 1.5 Should support a minimum compressed WAN throughput of 1 Gbps from day one 1.6 Should have 48 GB DRAM from day one. 1.7 Should have minimum 3 TB storage space with RAID-5. All the data written on HDD should be secured with 256-bit AES encryption & automatic key management. 1.8 The system must be rack mountable and rack mounting kit should be supplied along with it. 1.9 The system must have redundant power supply. 2 WAN Optimisation Features 2.1 Should support Transport flow optimization, Advance network compression & Symmetric Data Caching to improve application packet flow under unfavourable WAN Condition such as packet loss and small initial windows. Should support any TCP based applications. 2.2 The Device should have Context Aware de-duplication mechanism where caching can be configured in bidirectional & unidirectional mode to accommodate storage replication protocols 2.3 The device should have unified data storage for storing data bytes which can be shared across multiple branch offices. 2.4 The device must support Microsoft windows print service optimization and acceleration to help centralize print services in Data Center without compromising performance 3 Advance Application Optimisation Features 3.1 The solution should support advance optimization for CIFS protocol including SMB V1 & SMB V2. 3.2 The device must support Safe data & Meta Data Caching for higher optimization, data coherency Read-ahead & message Pipelining to mitigate send-and-wait behaviour of CIFS 3.3 Microsoft Windows Print Server acceleration to help centralize print services in Data Center without compromising performance 3.4 Should optimize and accelerate applications including SAP, CIFS, Email, File Transfer etc. 3.5 proposed solution should seamless able to integrate with industry leading data recovery solutions including, but not limited to ,CA XOSoft, Commvault, Dell Compellent, Dell EqualLogic, Double-Take 3.6 -EMC Celerra Replicator, EMC SRDF/A, FalconStor, Hitachi HDS, HP & HP Left Hand (HP P4000), IBM Tivoli Fast Back, IBM Tivoli Storage Manager, NetApp Snap Mirror, Symantec NetBackup Application acceleration blueprints: Solution should provide Layer 7 application intelligence to mitigate not only the chattiness of legacy protocols but also to improve the performance of protocols like iSCSI and FCIP when they are used over a WAN. 3.7 The solution should provide HTTP & HTTPS Acceleration with local response based on cached metadata from previously seen server responses & should support Server Compression. 3.8 The solution should preserve trust boundaries by not distributing private SSL keys beyond the data center device while optimizing SSL/HTTPS traffic 3.9 Should support easy addition of WAN optimization capacity to the data center without having to make any changes to network configurations Page324of 531 3.10 Should support expansion of WAN Optimization capacity to 1 million concurrent TCP connections by addition of additional WAN Optimization devices 4 Network Integration and Deployment 4.1 Should integrate with existing network devices like router & firewalls transparently. Should be completely transparent to different type of routing including Static routing, Dynamic routing, optimized routing etc 4.2 Should preserve network information like Source IP, Destination IP, Source Port, Destination Port, QoS marking throughout the network. Should automatically discover remote peers, reducing configuration steps 4.3 Should support multiple deployment model to suite any Branch environment including Inline Deployment, WCCP V2 & Policy Based Re direction. 5. Security Features 5.1 Should support security of data stored in local disk by using 256-bit AES encryption and automatic key management 5.2 Should offers authentication, authorization, and accounting (AAA) integration with external authentication providers such as Microsoft Active Directory, RADIUS, and TACACS+ and supports RBAC to help ensure security 6. Management Features 6.1 Should support local management using telnet, SSH, console etc. Should support XML API to integrate with network management and monitoring systems 6.2 Centralized management solution must provide template option to apply common set of configuration settings to multiple devices within the network 7 Regulatory Compliance 7.1 System shall conform to UL 60950 or IEC 60950 or CSA 60950 or EN 60950 Standards for Safety requirements of Information Technology Equipment. 7.2 System shall conform to EN 55022 Class A/B or CISPR22 Class A/B or CE Class A/B or FCC Class A/B Standards for EMC (Electro Magnetic Compatibility) requirements 2.7 Wireless LAN Specification: Minimum Requirement Description for Wireless System: 1. Wireless system requires a centralized DHCP server for IP address allocation. Wireless system requires a centralized AD/LDAP user authentication server for authentication of wireless users. Wireless system requires a centralized Certificate Authority server if Certificate Authentication is required along with username and password for user authentication. Wireless Access Point Specifications Page325of 531 Hardware Specifications: Access Points proposed must include radios for 2.4 GHz and 5 GHz with 802.11ac Wave 1 Must have a robust design for durability, without visible vents Mounting kit should be standard from OEM directly Must have dedicated memory and CPU for each radio apart from the shared Memory and CPU of the access point High-speed spectrum intelligence across 20-, 40-, and 80-MHz-wide channels to combat performance problems due to wireless interference Must have 2x10/100/1000BASE-T autosensing (RJ-45) ports Must have at least 3 dBi Antenna gain on both radios 802.11ac features: Must support 3x3 multiple-input multiple-output (MIMO) with three spatial streams Must support simultaneous 802.11n on both the 2.4 GHz and 5 GHz radios. Must support 802.11ac Wave 1 on the integrated 5-GHz radio Must support data rates up to 450 Mbps 802.11n and 1.3 Gbps on 802.11ac respectively Must support up to 23dbm of transmit power on 5GHz Radio. RF features: The Wireless AP should have the technology to improve downlink performance to all mobile devices including one-, two-, and three spatial stream devices on 802.11n and 802.11ac. The technology should work without requiring feedback from clients and should work with all existing 802.11 clients. Should support detecting and classifying non-Wi-Fi wireless transmissions while simultaneously serving network traffic Should support configuring the access point as network connected sensor to access any network location covered by the access point to get real-time Spectrum analysis data. Must support AP enforce load-balance between 2.4 Ghz and 5Ghz band. Must incorporate radio resource management for power, channel, coverage hole detection and performance optimization Should be able to detect at least 20 sources of non 802.11 interference within 30 seconds Must have -95 dB or better Receiver Sensitivity. Roaming features: Must support Proactive Key Caching and/or other methods for Fast Secure Roaming. Security features: Must support Management Frame Protection. Should support locally significant certificates on the APs using a Public Key Infrastructure (PKI). Must operate as a sensor for wireless IPS Should support non-Wi-Fi detection for off-channel rogues and Containment for both radio Encryption features: Access Points must support a distributed encryption/decryption model. Access Points must support Hardware-based DTLS encryption on CAPWAP Standard or equivalent Page326of 531 Monitoring features: Must support the ability to serve clients and monitor the RF environment concurrently. Same model AP that serves clients must be able to be dedicated to monitoring the RF environment. Flexibility features: AP model proposed must be able to be both a client-serving AP and a monitor-only AP for Intrusion Prevention services. Should support mesh capabilities for temporary connectivity in areas with no Ethernet cabling. Mesh support should support QoS for voice over wireless. Must support 16 WLANs per AP for SSID deployment flexibility. Must continue serving clients when WAN link to controller is down Must continue serving clients when WAN link to controller is back up again, should not reboot before joining Must support Controller-based and standalone (autonomous) deployments Should support Local authentication at the AP level in case of WAN outage Operational features: Must support telnet and/or SSH login to APs directly for troubleshooting flexibility. Power Requirement: Must support PoE/PoE+, local power and power injectors. Quality of Service features: 2. 802.11e and WMM Must support reliable multicast to unicast conversion to maintain video quality Must support QoS and Video Call Admission Control capabilities. Access Point should 802.11 DFS certified Wireless Controller Specifications Hardware Specifications: Must be compliant with IEEE CAPWAP or equivalent for controller-based WLANs Should have at least 4 x 10 Gigabit Ethernet interface. Should support both centralized as well as distributed traffic forwarding architecture with L3 roaming support from day 1. Should have IPv6 ready from day one. Controller should have hot-swappable redundant power supplies Controller should support minimum 40,000 users per chassis WLAN Controller should support minimum of 6000 Access points in a single chassis or equivalent hardware from day 1. Proposed controller should support N+N redundancy from day one Must support WIPS, and spectral analysis from day 1. Should be rack-mountable. Required accessories for rack mounting to be provided. WLC should support AVC functionality on local switching architecture WLC should support AP License Migration from one WLC to another Page326of 531 Should support minimum 4000 VLANs Wireless Controller features: Must support state full switchover between active and standby controller in a sub second time frame. WLC should support L2 and L3 roaming for IPv4 and IPv6 clients WLC should support guest-access functionality for IPv6 clients. Should support IEEE 802.1p priority tag. Should ensure WLAN reliability by proactively determining and adjusting to changing RF conditions. Should provide real-time radio power adjustments based on changing environmental conditions and signal coverage adjustments. Should support automatic radio channel adjustments for intelligent channel switching and realtime interference detection Should support client load balancing to balance the number of clients across multiple APs to optimize AP and client throughput. Should support policy based forwarding to classify data traffic based on ACLs Should support dynamic VLAN assignment To deliver optimal bandwidth usage, reliable multicast must use single session between AP and Wireless Controller. Should able to do dynamic channel bonding based on interference detected on particular channel. Must support coverage hole detection and correction that can be adjusted on a per WLAN basis. Must support RF Management with 40 MHz and 80 Mhz channels with 802.11n & 802.11ac Should provide visibility to Network airtime in order to set the airtime policy enforcement Must support dynamic Airtime allocation on per WLAN, per AP, Per AP group basis. Must be able to restrict the number of logins per user. Security features: Should support web-based authentication to provide a browser-based environment to authenticate clients that do not support the IEEE 802.1X supplicant Should support port-based and SSID-based IEEE 802.1X authentication Should support MAC authentication to provide simple authentication based on a user's MAC address. WLC should support Rogue AP detection, classification and standard WIPS signatures. WLC should be able to exclude clients based on excessive/multiple authentication failure. Shall support AES or TKIP encryption to secure the data integrity of wireless traffic Shall support the ability to classify over 20 different types of interference with in 5 to 30 seconds. Shall able to provide an air quality index for ensuring the better performance Shall able to provide real time chart showing interference per access point on per radio and perchannel basis. Should support AP location-based user access to control the locations where a wireless user can access the network Must be able to set a maximum per-user bandwidth limit on a per-SSID basis. Management and QoS features: Should support SNMPv3, SSHv2 and SSL for secure management. Should support encrypted mechanism to securely upload/download software image to and from Wireless controller. Should support AP Plug and Play deployment with zero-configuration capability Page327of 531 Should support AP grouping to enable administrator to easily apply AP-based or radio-based configurations to all the APs in the same group Should support selective firmware upgrade APs, typically to a group of APs minimize the impact of up-gradation Should have a suitable serial console port. Should have Voice and Video Call Admission and Stream prioritization for preferential QOS Controller should have Deep Packet Inspection for Layer 4-7 traffic for user for all traffic across the network to analyses information about applications usage and prioritization Should able do the application visibility for the application, which run behind HTTP proxy Controller should have profiling of devices based on protocols like HTTP, DHCP and more to identify the end devices on the network. Should support visibility and control based on the type of applications 2.8 Forward Proxy Specification: S.no Minimum Requirement Description Forward Proxy 1 Architecture The proposed Proxy solution should be a standalone solution. It should not be a part/feature of any other proposed solution. Should have minimum 6 x 1GbE RJ45 & support for 2 x 1GbE SFP Should provide minimum 1 Gbps throughput and can be scalable to 5 Gbps throughput. Device must have Dynamic routing protocols like OSPF, RIP1, RIP2, BGP 2 Proxy Features Client Network Address Translation Hiding the Client IP address from the servers for increased security. Support for non-transparent proxy functionality. Solution works as a non-transparent proxy in the following cases: — When performing connection management (multiplexing). — When performing as an IPv4/IPv6 gateway. The solution should optimize content by compressing it in order to speed up loading times. The solution should hide the existence and characteristics of the origin The solution should distribute the load from incoming requests to several servers, with each server serving its own application area. 3 4 The solution should reduce load on its origin servers by caching the content/web acceleration and support proximity based LLB Server Management Feature Should support Graceful shutdown of Servers Should support Graceful Activation of Servers Should able to redirect traffic based on Source IP, Destination IP & TCP PORT Health Monitoring Should provide individual health check for each Server & Application Should be able to do health check on protocols like HTTP, SMTP, POP etc Should able to check the health of Server OS, Application & contents as well Should provide AND & OR Grouping mechanism between health check for granular approach for detecting path failure in multi-tier application architecture Page328of 531 5 Health Check configuration should be via simple GUI interface and easy to understand, it should not require any scripting or CLI configuration. Redundancy Should Support standard VRRP (RFC - 2338) or equivalent Should support transparent failover between 2 devices Should support VIP advertisement via Dynamic Routing 2.9 Reverse Proxy Specification: S.No Minimum Requirement Description Reverse Proxy 1 2 Architecture The proposed Proxy solution should be a standalone solution. It should not be a part/feature of any other proposed solution Should have minimum 6x 1GbE RJ45 & support for 2 x 1GbE SFP Should provide minimum 1 Gbps throughput and can be scalable to 5 Gbps throughput Device must have Dynamic routing protocols like OSPF, RIP1, RIP2, BGP Proxy Features Server Network Address Translation Hiding the Server IP address from the clients for increased security Support for non-transparent proxy functionality. Solution works as a non-transparent proxy in the following cases: — When performing connection management (multiplexing). — When performing as an IPv4/IPv6 gateway. The solution should optimize content by compressing it in order to speed up loading times. The solution should hide the existence and characteristics of the origin 3 4 The solution should distribute the load from incoming requests to several servers, with each server serving its own application area. The solution should reduce load on its origin servers by caching the content/web acceleration and support proximity based LLB. Server Management Feature Should support Graceful shutdown of Servers Should support Graceful Activation of Servers Should able to redirect traffic based on Source IP, Destination IP & TCP PORT Health Monitoring Should provide individual health check for each Server & Application Should be able to do health check on protocols like HTTP, SMTP, POP etc Should able to check the health of Server OS, Application & contents as well Should provide AND & OR Grouping mechanism between health check for granular approach for detecting path failure in multi-tier application architecture 5 Health Check configuration should be via simple GUI interface and easy to understand, it should not require any scripting or CLI configuration. Redundancy Should Support standard VRRP (RFC - 2338) or Equivalent Should support transparent failover between 2 devices Page329of 531 Should support VIP advertisement via Dynamic Routing 2.10 Flow Control Manager Specification: S. no 1 Minimum Requirement Description Architecture Should support minimum 2 x 10 GbE SFP+, 8 x 1 GbE RJ45 Should provide minimum 6 Gbps throughput and can be scalable to 26 Gbps throughput without changing the hardware (license upgrade only). Should must have Dynamic routing protocols like OSPF, RIP1, RIP2, BGP Should support server side web compression and proximity based LLB Should Support Flow/Filter Management capability Should allow sequentially redirect client traffic to different farms transparently Should allow to set traffic redirection policies based on the URL content in the HTTP GET request 2 Should support a mechanism where URLs can be manually configured or they can be loaded from the list Should support IDS and firewall Load balancing Health Monitoring Should provide individual health check for each Server & Application Should able to check the health of Server OS, Application & contents as well Health Check configuration should be via simple GUI interface and easy to understand, it should not require any scripting or CLI configuration. VIRTUALIZATION: The proposed SLB should have ADC-VX/Virtualization feature that virtualizes the Device resources— including CPU, memory, network, and acceleration resources. Each virtual ADC instance contains a complete and separated environment of the Following: a) Resources, b) Configurations, c) Management. The proposed device should have 2 Virtual Instances from Day 1 and scalable upto 24 Virtual Instances 3 4 The vADC/Virtual instances management should have two management roles: • The Global Administrator creates, initially configures, and monitors vADCs. The Global Administrator should be able to dynamically allocate CPU and throughput resources by assigning capacity units and adjusting throughput limits to a vADC. • The vADC Administrator is responsible for the day-to-day configuration and maintenance of vADCs using the same tasks as with traditional ADCs, except for those vADC tasks that only the Global Administrator performs Redundancy Should Support standard VRRP (RFC - 2338) or equivalent Should support transparent failover between 2 devices Should support Global Server Load Balancing feature (DNS SEC) Device Management Page330of 531 Should provide GUI interface for configuration Should provide HTTP / HTTPS interface management Should provide SSH / Telnet / CLI interface Should support SNMP 3. IP Telephony 3.1 Voice Call Manager (UCM) Specification: Minimum Requirement Description: 1. Providing DID and DOD from the IP Phones itself so that maximum utilization of the present Voice Infrastructure can be showcased. Initially 4 PRI’s would be considered at the Head Office and later this functionality would be deployed across all the Branch Locations 2. Cisco CUCM would work as a Single Call Control Platform for Voice and video infrastructure which means users having a Video Phone at their desk can call a Video Conferencing endpoint and can also join a Video Conferencing session. Also the users having an IP Phone can also call a video conferencing endpoint. 3. CUCM Version Upgrades and Updates for the next 3 years should be managed by the SI and the Costing should be included in the proposal accordingly 4. The IP phones should support Survivable Call Control functionality through the existing IP PBX at ESIC, so that it registers to the fall back server in case the primary server goes down 5. It should be possible for the IP phone to be connected on the same line which is connected to the computer i.e. Single wire to desk. 6. The proposed IP Phones should directly register to the existing IPPBX at ESIC with profile creation of these SIP endpoints onto it and perform all functions of Proxy/ Registrar / Redirect 7. The IP phones should provide functionality for simultaneous Ring on IP phone and user defined alternate phone for all the IP phone users through the existing IP PBX at ESIC. 8. The bidders should provide a "presence" application for all IP Phones users, so that they can see the availability status of his contacts in their buddy list. 9. The video IP Phones should provide integrated video telephony features with the existing IP PBX at ESIC to the users so that user with IP Phone / Soft phone and video telephony end point should be able to place video calls with the same user model as audio calls. 10. The IP video phone after integrating with existing IP PBX should provide call control capabilities to handle CODEC and video capabilities of the endpoints, bandwidth negotiation to determine video/audio call take place. 3.2 Media Gateway Specification: Page331of 531 Minimum Requirement Description General Specifications Media gateway should have a modular architecture. Media gateway should be 1/2RU high, 19-inch wide rack mountable. Media gateway should have DSP based architecture with no performance degradation when converting TDM to SIP trunks with enabled voice compression coders. Media gateway should work standalone and process calls without any external call server. Media gateway should have inbuilt dial plan execution capabilities. Media gateway should have inbuilt voice routing capabilities to various SIP and TDM trunks. Media gateway should have capability to support different voice codec for different trunk / channels or same codec for all trunks Media gateway should have DSPs and SIP Stack Media gateway should have flexible and inbuilt number manipulation capabilities before and after routing the call Media gateway should be future ready and able to utilize DSPs (Digital Signal Processor) for IP-IP transcoding of voice calls to perform voice compression. Media gateway should support local Survivability feature. Media gateway should have capability to register IP phones in survivability mode Media gateway should have inbuilt capability to route calls to PSTN (Public Switched Telephone Network). Media gateway should have capability to terminate FXS, FXO, E1/T1 lines by inserting modules on the same chassis Media gateway should have capability to upgrade to SBC in future with a license upgrade so that the same device can integrate with IP PBXs Media Gateway should have capabilities to integrate with the multiple PBX's with different TDM variants over these E1's Media gateway should have support of IPv4, RTP/IP Transport, TCP, and UDP. Hardware and interface requirements Media gateway should have dual redundant 10/100/1000 LAN ports to connect to IP network. Media gateway should provide minimum 4 E1's digital voice interface with the provision of further scalability of additional 2 E1’s on the same hardware. Media gateway should have support of ISDN, PRI, QSIG and SIP as TDM/IP protocol variants Media gateway should support ISDN QSIG services Media gateway should support SIP as a control protocols. Media gateway should have clock generation and synchronization on TDM interfaces. Media gateway should have internal redundant AC power supply. Voice over IP features Media gateway should provide following voice coders enabled on all channels without any capacity reduction. a) G.711 a/mu b) G.723.1 c) G.726/8 d) G.729A e) G.729B Media gateway should have capability of Independent dynamic voice coder selection per channel. Page332of 531 Media gateway should have capability to support echo cancellation on PSTN side Media gateway should have QoS (quality of service) with 802.1p/Q VLAN tagging and Diff Serv. Media gateway should provide voice quality enhancement. e.g. packet loss concealment. Media gateway should support voice call quality monitoring of calls passing through the device. Media gateway should have capability to support echo cancellation on IP side Media gateway should have dynamic jitter buffer. Media gateway should have CNG (Comfort Noise Generation) feature. Media gateway should have VAD (Voice activity detection) feature. Media gateway should have Silence Suppression feature to save bandwidth. Media gateway should have DTMF/MF detection and generation capability towards IP-side and PSTN-side. Device should support call progress tones detection and generation. Media gateway should have MLPP support over E1 trunk to PBX. Media gateway should have TLS and SRTP support for signaling and media security. Media gateway should have IPsec support for control and management protocols/interfaces. Management and Troubleshooting Media gateway should have SNMP, SNMPv2c, SNMPv3 based alarming and monitoring. Media gateway should have CLI, Telnet, and HTTP (web page) management. Media gateway should have easy to use standalone GUI (web page) based configuration and management. Media gateway should support troubleshooting on all TDM and IP call protocols Safety and EMC standards UL60950, FCC part 15 Class A, CE Mark (EN55022 Class A, EN60950, EN55024, EN300 386) 4. Video Conferencing (V.C) Specification: Multipoint Control Unit (MCU): Minimum Requirement Description The MCU must be a hardware based MCU providing at least 50 ports of 1080p 30fps Capacity or 100 ports HD 720p 30fps in a single chassis The MCU should be a slot based chassis with a redundant power supply. The MCU should be scalable in future by adding additional blades only. The MCU should have the capability to bridge 50 ports @ 1080p or 100 ports HD720p @30fps participants as part of the single conference as well as support multiple conferences. There should not any limit on the number of concurrent Capability conferences. Additionally, advanced features such as Continuous Presence of all participants should be available so that any 16 sites can be selected to appear on the screen in CP mode. Should support H.264 even in Continuous presence Should support H.263, H.263+, H.263++, H.264 AVC video algorithms/H.264 high Video Standards profile Video Resolution Should support video resolution from QCIF to 1080p without losing ports Page333of 531 Audio Standards IP protocols Transcoding & Rate Matching Dual Video Along with the Support for basic algorithms like G.711 and G.722.1 the MCU should also support wideband Audio protocols to provide HD quality audio during video meetings using protocols such as MPEG 4 AAC -LC and MPEG 4 AAC - LD or equivalent It must be possible to have both SIP and H323 devices in the same conference call The MCU should support transcoding of different Audio/video Protocols MCU should be able to combine HD and SD in the same conference without degrading the HD resolution from and to the HD endpoints. The MCU should have a video encode resource per participant with support for both dial in and dial out conferences. The MCU should have H.239 / BFCP protocol for sending and receiving dual video streams (Presenter + Presentation). This should be available for all the ports. The MCU should support both scheduled and adhoc conferences. Conference Capacity Network Capabilities Network Interface Security The MCU must support multiple layouts and must support active speaker along with second last active speaker both visible in bigger panes. The MCU should allow Far End Camera Control It should be possible to create at least 10 different conferences of which 5 should be of permanent nature i.e with no end time defined. Should have ability to connect each site @ 4 Mbps per port The MCU should support both scheduled and adhoc conferences. The MCU should support both dial in and dial out conferences. It should be possible to password protect the conferences for a secure access. Should support intelligent down speeding, packet pacing and packet loss concealment 2x 10/100/1000 Mbps Ethernet Ports , which should work to support both Internet and Intranet networks The MCU should support 2 x ISDN PRI Gateway capability either internal or external to the MCU. The ISDN Gateway should be supplied day one. Should have the ability to work on both IPV4 and IPV6 without any degradation of performance from day one. The MCU must be a secure Non-PC Hardware with a strong operating system. The MCU should support 128 Bit strong AES /SRTP encryption for calls and H.235 for authentication The MCU must support encryption for calls on SIP. MCU should be equipped with packet loss handling algorithm for video and audio Firewall Traversal Solution Interoperability with Firewalls Dial plan and call connectivity Should support firewall traversal solution using the H.460.18 and H.460.19 protocol. The solution should be standards based and work with all firewalls and not bypass the ESIC's firewalls. Video conferencing endpoints deployed at ESIC must be able to take part in video conferencing /dial into the MCU and dial out from the MCU. The solution should support ability to call to public IP addresses. Should support the ability for devices on the internet to be reached using a H323 ID or E.164 alias. Should support the ability for devices on the internet to be reached on H323 using a H323 ID and URI. E.g. h323 id ([email protected]) or SIP URI ([email protected]) Page334of 531 Integration with DNS Capacity Protocols Security Authentication and Registration Soft Clients The Firewall Traversal Solution must have integration with DNS using SRV records or AAA records so as to have domain name based calling. Should support at least 20 concurrent calls in 1080p 30fps from day one and must have the scalability to upgrade to 100 calls in future. Internet traffic with H.264 video compression and 20 Khz audio compression protocol in the future in the same unit. Should support all the H323 and SIP functionalities such as: H.239, BFCP, AES encryption Must support H.460 multiplexed media for H323 calls so as to reduce ports used by the calls to traverse the firewall The solution must support the ability to create authentication credentials for a VC device to be registered and make calls. The solution should be accompanied with 100 soft clients’ users which should work on desktop / laptop (MAC and windows), iPhone, iPad and android operating system. The soft clients should be HD720p client that should register with the existing IP PBX existing with ESIC. The solution should support Instant messaging, presence, voice and video calling. The client should work on Internet and Intranet. Web conferencing: Technical Specifications: The solution should be a web based tool allowing students to connect with teachers over Internet/ Secure Intranet. The tool should enhance individual and team productivity and collaboration with high-quality audio, video, and web conferencing The tool should enable mobile students to be more productive and be engaged with the ability to participate in lectures/training using a variety of mobile devices such as smartphones, tablets, iphone The tool should have the capability for document, application, and desktop sharing The tool should have the capability for annotation and collaboration tools The tool should have Personal Conferencing Number capabilities provide persistent host and attendee access codes for planned and ad-hoc audio-centric conferencing. The tool should have blast Dial Out capabilities that rapidly dials to multiple participants automatically at a meeting’s start. Blast Dial meetings include customizable greetings and admin-defined access codes and security parameters. The tool should provide High-quality video screen resolution; full-screen video; up to seven simultaneous webcam video feeds and voice-activated switching The tool should training and lecture recording capabilities including downloadable recordings and playback The tool should have consistent cross-platform experience on Windows, Mac, smartphones, and tablets The tool should have the capability for the hosts can schedule meetings directly from their Microsoft Outlook for Windows calendars The tool should have Start, join, schedule, and attend online meetings from mobile devices The tool should have mobile functions such as chat, audio, call me, calendar, and ability to pass presenter privileges to others on call The tool should be a simple virtualized application running in the network The tool should work on HTTP port 80. The solution should be sized for 250 concurrent users to join a single meeting 5. Security: Page335of 531 5.1 Firewall: Internet Firewall Specification: Minimum Requirement Description 1 Hardware Architecture The appliance based security platform should be capable of providing firewall, IPS, and VPN (both IPSec and SSL) functionality in a single appliance The appliance should support at least 8 * 10/100/1000 Gigabit ports from Day one and should be scalable to 4 * 10G ports in future The appliance hardware should be a multicore CPU architecture with a hardened 64 bit operating system to support higher memory Page336of 531 Proposed Firewall should not be proprietary ASIC based in nature & should be open architecture based on multi-core cpu's to protect & scale against dynamic latest security threats. 2 3 Performance & Scalability Should support atleast 1 Gbps of production performance / multiprotocol firewall throughput Should support combined firewall and IPS throughput of 1 Gbps Support support 3Des/AES IPSec VPN throughput of atleast 1 Gbps Should support atleat 5000 concurrent VPN peers IPSec/SSL. Firewall should support atleast 500,000 concurrent sessions Firewall should support atleast 40,000 connections per second Firewall should support atleast 1000 VLANs Firewall should support 2 virtual firewalls from day one & support licensed based scalability upto200 virtual firewalls Firewall Features Firewall should provide application inspection for DNS, FTP, HTTP, SMTP,ESMTP, LDAP, MGCP, RTSP, SIP, SCCP, SQLNET, TFTP, H.323, SNMP Firewall should support creating access-rules with IPv4 & IPv6 objects simultaneously Firewall should support operating in routed & transparent mode. Should be able to set mode independently for each context in multi-context mode In transparent mode firewall should support arp-inspection to prevent spoofing at Layer-2 Should support Static, RIP, OSPF v2 & v3,BGP Protocol 4 Firewall should support SLA monitoring for static routes Should support Non Stop Forwarding in HA during failover and Graceful Restart Firewall should support static nat, pat, dynamic nat, pat & destination based nat Firewall should support Nat66 (IPv6-to-IPv6), Nat 64 (IPv6-to-IPv4) & Nat46 (IPv4-to-IPv6) functionality Should support Remotely Triggered Black Hole for Border Gateway protocol security High-Availability Features Firewall should support stateful failover of sessions in Active/Standby or Active/Active mode Firewall should support ether channel functionality for the failover control & date interfaces for provide additional level of redundancy Firewall should support redundant interfaces to provide interface level redundancy before device failover Firewall should support 802.3ad Ether channel functionality to increase the bandwidth for a segment. 5 Firewall should support failover of IPv4 & IPv6 sessions Firewall should replicate Nat translations, TCP,UDP connection states, ARP table, ISAKMP &IPSec SA's, SIP signalling sessions Firewall should have integrated redundant power supply VPN Features Firewall should support RFC 6379 based Suite-B Cryptography Suites/algorithms like AESGCM/GMAC support (128-, 192-, and 256-bit keys), ECDH support (groups 19, 20, and 21), ECDSA support (256-, 384-, and 521-bit elliptic curves) for enhanced VPN security. Firewall should support latest IKEv2 standards for supporting SHA-2 256, 384 & 512 bit message integrity algorithms in hardware to ensure there is no performance bottleneck & higher security. Page337of 531 For Mobile devices the SSL IPSEC client software should also be available for download from the Mobile Application Store/Market/OEM website other than the Firewall/Device. Should support pre-shared keys & Digital Certificates for VPN peer authentication Should support perfect forward secrecy & dead peer detection functionality Should support Nat-T for IPSec VPN 6 Management Firewall should support management of firewall policies via Cli, SSH & GUI management capabilities Firewall should support syslog with the functionality of sending syslog’s messages Firewall should support SNMP v1,2c & 3 simultaneously The Firewall appliance should have certifications like NDPP or ICSA or EAL4 or more The proposed vendor must have a track record of continuous improvement in threat detection and must have successfully completed NSS Labs’ NGFW Methodology v5.4 testing with a minimum exploit blocking rate of 97% MPLS Firewall Specification: Minimum Requirement Description ofNext Generation Firewall 1 Hardware Architecture The appliance based security platform should be capable of providing firewall, and VPN (both IPSec and SSL) functionality in a single appliance The appliance should support at least 6 * 10/100/1000 Gigabit ports and 4 x 10G ports loaded with MM fiber modules from Day one and should be scalable to 8 * 10G ports in future The appliance hardware should be a multicore CPU architecture with a hardened 64 bit operating system to support higher memory Proposed Firewall should not be proprietary ASIC based in nature & should be open architecture based on multi-core cpu's to protect & scale against dynamic latest security threats. 2 3 Performance & Scalability Should support at least 10,000 Mbps of production performance / multiprotocol firewall throughput Support support 3Des/AES IPSec VPN throughput of at least 1000 Mbps Firewall should support atleast 4000,000 concurrent sessions Firewall should support atleast 200,000 connections per second Firewall should support at least 1000 vlans Firewall should support 2 virtual firewalls from day one & support licensed based scalability upto 200 virtual firewalls Firewall Features Firewall should provide application inspection for DNS, FTP, HTTP, SMTP,ESMTP, LDAP, MGCP, RTSP, SIP, SCCP, SQLNET, TFTP, H.323, SNMP Firewall should support creating access-rules with IPv4 & IPv6 objects simultaneously Firewall should support operating in routed & transparent mode. Should be able to set mode independently for each context in multi-context mode Page338of 531 4 In transparent mode firewall should support arp-inspection to prevent spoofing at Layer-2 Should support Static, RIP, OSPF v2 & v3,BGP Protocol Firewall should support SLA monitoring for static routes Should support Non Stop Forwarding in HA during failover and Graceful Restart Firewall should support static nat, pat, dynamic nat, pat & destination based nat Firewall should support Nat66 (IPv6-to-IPv6), Nat 64 (IPv6-to-IPv4) & Nat46 (IPv4-to-IPv6) functionality Should support Remotely Triggered Black Hole for Border Gateway protocol security High-Availability Features Firewall should support stateful failover of sessions in Active/Standby or Active/Active mode Firewall should support ether channel functionality for the failover control & date interfaces for provide additional level of redundancy Firewall should support redundant interfaces to provide interface level redundancy before device failover Firewall should support 802.3ad Ether channel functionality to increase the bandwidth for a segment. Firewall should support failover of IPv4 & IPv6 sessions Firewall should replicate Nat translations, TCP,UDP connection states, ARP table, ISAKMP &IPSec SA's, SIP signaling sessions 5 Firewall should have integrated redundant power supply VPN Features Firewall should support RFC 6379 based Suite-B Cryptography Suites/algorithms like AESGCM/GMAC support (128-, 192-, and 256-bit keys), ECDH support (groups 19, 20, and 21), ECDSA support (256-, 384-, and 521-bit elliptic curves) for enhanced VPN security. Firewall should support latest IKEv2 standards for supporting SHA-2 256, 384 & 512 bit message integrity algorithms in hardware to ensure there is no performance bottleneck & higher security. 6 Should support pre-shared keys & Digital Certificates for VPN peer authentication Should support perfect forward secrecy & dead peer detection functionality Should support Nat-T for IPSec VPN Management Firewall should support management of firewall policies via Cli, SSH & GUI management capabilities Firewall should support syslog with the functionality of sending syslog’s messages Firewall should support SNMP v1,2c & 3 simultaneously The Firewall appliance should have certifications like NDPP or ICSA or EAL4 or more Web Application Firewall Specification: Minimum Requirement Description Sr. No 1 2 Specifications General and Performance The device should be a hardware based appliance with support for redundant power supply The device should provide an overall throughput of min 5Gbps of application layer throughput with 32KB size and 2000,000 concurrent connections Page339of 531 3 Appliance should support 9 Gbps of layer 4 throughput 4 The device should have minimum of 4X 10/100/1000 ports & should support 6 inline bypass interfaces for fail safe operation and should have option to accommodate additional interfaces if required to cater future requirements 5 Support for various deployment scenarios including bridge mode, transparent proxy mode, router mode, reverse proxy and passive/promiscuous mode 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 WAF appliance solution should be quoted separately for public facing web servers and intranet /internal serves. Features The device should have abuse detection, tracking, Profiling and should support Abuse response and real time incident management Device e should be able inspect HTTP and HTTPS traffic on TCP port 80 & 443 Should be able to detect attempts to abuse form inputs and establish vectors for injection and cross-site scripting attacks Must protect web application against Cookie Poisoning, cookie injection command injection. Must protect web application against buffer overflow and layer7 DDOS attacks. Must protect web application against parameter tampering and must have inbuilt controls to block invalid files, filtering of sensitive words in HTTP request and response. Should be able to detect suspicious application errors that indicate abuse including illegal and unexpected response codes. Should be able to detect when an attacker is attempting to request files with suspicious extensions, prefixes, and tokens Should support creation of the policies for HTTP/HTTPS headers to ensure critical infrastructure information is not exposed. Response and request headers can be stripped, mixed, or filtered Should be able to detect and prevent attackers from finding hidden directories. inbuilt security control to limit the action of crawling and scanning Should be able to detect attempts to abuse non-standard HTTP/HTTPS methods such as TRACE. Should be able to detect attempts to manipulate application behaviour through query parameter abuse. Solution must support behaviour analysis to detect and prevent day 0 attacks Should maintain a profile of known application abusers and all of their malicious activity against the application Should enable application administrators to re-identify abusive users and apply persistent responses across sessions Should be able to process SSL traffic using passive decryption or using equivalent technology Customized response Should enable administrators to respond to application abuse with session specific warnings, blocks abusive application and undertake additional checks for the same. Block connection and return arbitrary error/custom message Should support network based security controls including ACL’s, IP blacklist/whitelist and URL blacklist/Whitelist Anti-DDOS protection with syn flood, UDP flood, ICMP flooding, command and control protection Reporting, Logging & Monitoring Page340of 531 27 28 29 30 31 32 33 34 35 36 Sends alert emails when specific incidents or incident patterns Occur Enable command line interface for custom reporting Should capture, log and display traffic related data to analyze for security incidents. Should enable SNMP system logging and able to send alerts to a centralized EMS solution Should support auditing - Tracks changes to the system made by the administrators in the configuration interface, security monitor and report generation. Should be able to send security incidents via syslog Management Should support simplified configuration with wizards Should support web-based configuration. Should support web-based monitoring and analysis interface Should have real-time and historical system monitoring Should support role based access control 5.2 Network Behavior Analysis Specification: S. No Minimum Requirement Description 1 Should have an automated discovery function to identify network devices and capture information such as IP address, OS, services provided, other connected hosts. 2 3 Should capture signature / heuristics based alerts and block the same Should Identify the source of an attack and should not block legitimate users 4 Should identify worms through techniques such as identifying the use of normally inactive ports or identification of network scanning activities 5 The solution must detect denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks including floods of all types (ICMP, UDP, TCP SYN, TCP NULL, IP NULL etc.), identify the presence of botnets in the network, identify DNS spoofing attack etc. 6 Should be able to conduct protocol analysis to detect tunneled protocols, backdoors, the use of forbidden application protocols etc. 7 Should utilize Anomaly detection methods to identify attacks such as zero-day exploits, selfmodifying malware, attacks in the ciphered traffic or resource misuse or misconfiguration. 8 Should be able to instruct network security devices such as firewalls to block certain types of traffic or route it to quarantine VLANS 9 Should be able to run an administrator specified script if a certain malicious activity is detected 10 The system should be able to monitor flow data between various VLANS 11 The solution must identify network traffic from high risk applications such as file sharing, peer-to-peer, etc. 12 Should be able to link usernames to IP addresses for suspected security events. Page341of 531 13 The solution should extract user defined fields (including source and destination IPs, source and destination MAC address, TCP/UDP ports or ICMP types and codes, no. of packets and no. of bytes transmitted in a session, timestamps for start and end of session etc.) from captured packet data and then utilize fields in correlation rules. 14 15 Solution should be compatible with a virtual environment. The solution should provide access to raw as well as processed logs Page342of 531 16 Dashboard should have the facility to be configured according to user profile 17 System should support event forwarding for SMTP, SYSLOG & SNMP for high risk issues 18 The solution must allow analysis by grouping of network segments such as User VLAN, Management VLAN, Server Farms etc. 19 Solution should be able to track user’s activities locally and remote network sites and should be able to report usage behavior across the entire network. 20 Solution should support ubiquitous access to view all reporting functions using an internet browser. 21 The solution should support the identification of applications tunneling on other ports 22 Solution should be able to collect security and network information of servers and clients without the usage of agents 23 The solution should be able to conduct de-duplication of redundant flow identified in the network to improve performance 24 The solution should support all forms of flows including but not limited to cisco net flow, juniper jflow, sflow, ipfix for udp etc. Network performance 1 Solution should provide application bandwidth utilization graph for various applications which should include bandwidth consumption for top hosts and trends on network bandwidth utilization. 2 Solution should probe the network in a manner so that impact on network performance is minimal. 3 4 Should support both in line and offline modes. The tool should have a system for interactive event identification and rule creation 5 Devices / applications those do not support flows, the solution should be able to generate its own flows for monitoring. 6 7 Solution should have facility to assign risk and credibility rating to events. Solution should support traffic rate up to 1Gbps or higher. 5.3 Network Access Control& Authentication Specification: S. No. 1 Minimum Requirement Description The Solution should provide a highly powerful and flexible attribute-based access control solution that combines authentication, authorization, and accounting (AAA); posture; profiling; and guest management services on a single platform. 2 It should allow enterprises to authenticate and authorize users and endpoints via wired, wireless, and VPN with consistent policy throughout the enterprise 3 Provides complete guest lifecycle management by empowering sponsors to on-board guests Solution should be scalable enough to support 50,000 endpoints in the network. 4 Delivers customizable self-service portals as well as the ability to host custom web pages to ease device and guest on-boarding, automate endpoint secure access and service provisioning, and enhance the overall end-user experience inside business-defined workflows Page346of 531 5 6 Offers comprehensive visibility of the network by automatically discovering, classifying, and controlling endpoints connected to the network to enable the appropriate services per endpoint Addresses vulnerabilities on user machines through periodic evaluation and remediation to help proactively mitigate network threats such as viruses, worms, and spyware 7 Enforces security policies by blocking, isolating, and repairing noncompliant machines in a quarantine area without requiring administrator attention 8 Offers a built-in monitoring, reporting, and troubleshooting console to assist helpdesk operators and administrators streamline operations 9 Allows you to get finer granularity while identifying devices on your network with Active Endpoint Scanning 10 Augments network-based profiling by targeting specific endpoints (based on policy) for specific attribute device scans, resulting in higher accuracy and comprehensive visibility of what is on your network 11 Manages endpoint access to the network with the Endpoint Protection Service, which enables administrators to specify an endpoint and select an action - for example, move to a new VLAN, return to the original VLAN, or isolate the endpoint from the network entirely - all in a simple interface 12 Utilizes standard RADIUS protocol for authentication, authorization, and accounting (AAA). 13 Supports a wide range of authentication protocols, including PAP, MS-CHAP, Extensible Authentication Protocol (EAP)-MD5, Protected EAP (PEAP), EAP-Flexible Authentication via Secure Tunneling (FAST), and EAP-Transport Layer Security (TLS). 14 Offers a rules-based, attribute-driven policy model for creating flexible and business-relevant access control policies. Provides the ability to create fine-grained policies by pulling attributes from predefined dictionaries that include information about user and endpoint identity, posture validation, authentication protocols, profiling identity, or other external attribute sources. Attributes can also be created dynamically and saved for later use 15 Provides a wide range of access control mechanisms, including downloadable access control lists (dACLs), VLAN assignments, URL redirect, and Security Group Access (SGA) tagging. 16 Should have predefined device templates for a wide range of endpoints, such as IP phones, printers, IP cameras, smartphones, and tablets. 17 It should allow Administrators to create their own device templates. These templates can be used to automatically detect, classify, and associate administrative-defined identities when endpoints connect to the network. Administrators can also associate endpoint-specific authorization policies based on device type. 18 The Solution should have capability to collect endpoint attribute data via passive network telemetry, querying the actual endpoints, or alternatively from the infrastructure via device sensors on switches. Page347of 531 19 Solution should allow end users to interact with a self-service portal for device on-boarding, providing a registration vehicle for all types of devices as well as automatic supplicant provisioning and certificate enrolment for standard PC and mobile computing platforms. 20 Should support full guest lifecycle management, whereby guest users can access the network for a limited time, either through administrator sponsorship or by self-signing via a guest portal. Allows administrators to customize portals and policies based on specific needs of the enterprise. 21 Verifies endpoint posture assessment for PCs connecting to the network. Works via either a persistent client-based agent or a temporal web agent to validate that an endpoint is conforming to a company's posture policies. Provides the ability to create powerful policies that include but are not limited to checks for the latest OS patches, antivirus and antispyware software packages with current definition file variables (version, date, etc.), registries (key, value, etc), and applications. Solution should support auto-remediation of PC clients as well as periodic reassessment to make sure the endpoint is not in violation of company policies. Allows administrators to quickly take corrective action (Quarantine, Un-Quarantine, or Shutdown) on risk-compromised endpoints within the network. This helps to reduce risk and increase security in the network. 22 23 Enables administrators to centrally configure and manage profiler, posture, guest, authentication, and authorization services in a single web-based GUI console, and greatly simplifying administration by providing consistency in managing all these services. 24 Includes a built-in web console for monitoring, reporting, and troubleshooting to assist helpdesk and network operators in quickly identifying and resolving issues. Offers comprehensive historical and real-time reporting for all services, logging of all activities, and real-time dashboard metrics of all users and endpoints connecting to the network. 25 Should support consistent policy in centralized and distributed deployments that allows services to be delivered where they are needed 26 Solution should have capability to determine whether users are accessing the network on an authorized, policy-compliant device. 27 Solution should have capability to establish user identity, location, and access history, which can be used for compliance and reporting 28 Solution should have capability to assign services based on the assigned user role, group, and associated policy (job role, location, device type, and so on) 29 Solution should have capability to grant authenticated users with access to specific segments of the network, or specific applications and services, or both, based on authentication results 30 Solution should have capability which allows users to add a device on a portal, where the device goes through a registration process for network access. Should allow users to mark as lost any device that you have registered in the network, and blacklist the device on the network, which prevents others from unauthorized network access when using the blacklisted device. Should have capability to reinstate a blacklisted device to its previous status in Device Portal, and regain network access without having to register the device again in the Devices Portal. Should also support removing any device in the enterprise network temporarily, then register the device for network access again later. Page348of 531 31 The portal used for Device registration should be customizable, allowing to customize portal theme by changing text, banners, background colour, and images 32 Should provide a Registered Endpoints Report which provides information about a list of endpoints that are registered through the device registration portal by a specific user for a selected period of time. The report should provide the following details •Logged in Date and Time •Portal User (who registered the device) •MAC Address •Identity Group •Endpoint Policy •Static Assignment •Static Group Assignment •Endpoint Policy ID •NMAP Subnet Scan ID •Device Registration Status Solution should classify a client machine, and should support client provisioning resource policies to ensure that the client machine is set up with an appropriate agent version, up-todate compliance modules for antivirus and antispyware vendor support, and correct agent customization packages and profiles, if necessary 33 34 Solution should support automatic provisioning of NAC agents 35 37 38 39 Solution should support periodic reassessment for clients that are already successfully postured for compliance Solution should support the following endpoint checks for compliance for windows endpoints: Check operating system/service packs/hotfixes Check process, registry, file & application check for Antivirus installation/Version/ Antivirus Definition Date 40 check for Antispyware installation/Version/ Antispyware Definition Date 41 42 Check for windows update running & configuration Solution should support following remediation options for windows endpoints: 43 File remediation to allow clients download the required file version for compliance 44 link remediation to allow clients to click a URL to access a remediation page or resource 45 Antivirus remediation to update clients with up-to-date file definitions for compliance after remediation. Antispyware remediation to update clients with up-to-date file definitions for compliance after remediation. Launch program remediation for NAC Agent to remediate clients by launching one or more applications for compliance. 36 46 47 48 Windows update remediation to ensure Automatic Updates configuration is turned on Windows clients per security policy Page349of 531 49 50 51 Solution should integrate with the following MDM vendors like: Air watch , Good, Mobile iron, Zenprise, etc Solution should support configuring MDM policy based on the attributes lie: Device Register Status, Device Compliant Status, Disk Encryption Status, Pin Lock Status, Jail Broken Status, Serial Number, Manufacturer, IMEI, Os Version & phone number, etc Solution should support receiving updated endpoint profiling policies and the updated OUI database as a feed from the OEM database. 52 Should support native supplicant profiles to enable users to bring their own devices into network. When the user logs in, based on the profile that you associate with that user's authorization requirements, solution should provide the necessary supplicant provisioning wizard needed to set up the user's personal device to access the network. This should be supported over Microsoft windows, Apple Mac and iOS and Android devices. 53 When endpoints are discovered on the network, they can be profiled dynamically based on the configured endpoint profiling policies, and assigned to the matching endpoint identity groups depending on their profiles. 54 Should support using a simple filter that you can use to filter endpoints. The quick filter filters endpoints based on field descriptions, such as the endpoint profile, MAC address, and the static status that is assigned to endpoints when they are created in the Endpoints page. 55 Should support an advanced filter that you can preset for use later and retrieve, along with the filtering results, The advanced filter filters endpoints based on a specific value associated with the field description. You can add or remove filters, as well as combine a set of filters into a single advanced filter. 56 Should support importing endpoints from a comma-separated values (CSV) file in which the list of endpoints appears with the MAC address and the endpoint profiling policy details separated by a comma. 57 Support for importing endpoints from LDAP server. Should allow importing MAC addresses and the associated profiles of endpoints securely from an LDAP server. Should support an LDAP server to import endpoints and the associated profiles, by using either the default port 389, or securely over SSL, by using the default port 636. 58 Should support multiple Admin Group Roles and responsibilities like Help Desk Admin, Identity Admin, Monitoring Admin, Network Device Admin, Policy Admin, RBAC Admin, Super Admin and System Admin 59 Should support Role-based access policies which are access control policies which allow you to restrict the network access privileges for any user or group. Role-based access policies are defined when you configure specific access control policies and permissions. These admin access policies allow you to customize the amount and type of access on a per-user or pergroup basis using specified role-based access permission settings that apply to a group or an individual user. Page350of 531 60 Should support Identity source sequences which define the order in which the solution will look for user credentials in the different databases. Solution should support the following databases: •Internal Users •Internal Endpoints •Active Directory •LDAP •RSA •RADIUS Token Servers •Certificate Authentication Profiles 61 Must be able to differentiate policy based on device type + authentication 62 Should have Ability to authenticate at least one phone and multiple users on the same switch port without interrupting service 63 Solution should support MAB and can further utilize identity of the endpoint to apply the proper rules for access. Mac Address Bypass is typically used for devices which do not support 802.1x Solution must support Non 802.1x technology on assigned ports and 802.1x technology on open use ports 64 65 Solution should provide support policy enforcement through VPN gateways 66 Solution must allow users access to the network in a worst case scenario in case of AAA server outages or any other reasons like WAN failure. 67 Should support authenticating Machines and users connected to the same port on the switch in a single authentication flow 68 Should support authenticating IP phones and users connected behind IP phones on the same physical port. 69 Solution should have profiling capabilities integrated into the solution in order to detect headless host. The profiling features leverage the existing infrastructure for device discovery. Should support the use of attributes from the following sources or sensors: * Profiling using MAC OUIs * Profiling using DHCP information * Profiling using RADIUS information * Profiling using HTTP information * Profiling using DNS information * Profiling using NetFlow information * Profiling using SPAN/Mirrored traffic 70 Solution should support troubleshooting authentication issues by triggering session re authentication to follow up with an attempt to re authenticate again. 71 Should support session termination with port shutdown option to block an infected host that sends a lot of traffic over the network. Page351of 531 72 Should support the functionality to force endpoint to reacquire IP address that do not support a supplicant or client to generate a DHCP request after a vlan change. 73 74 Troubleshooting & Monitoring Tools Should support tools to run SHOW command on the network device. 75 Should support evaluation of the configuration of the device with the standard configuration. 76 Should support TCP dump utility & also support saving a TCP dump file. 77 Solution should support schedule reports to run and re-run at specific time or time intervals & send and receive email notifications once the reports are generated. 5.4 Next Generation Intrusion Prevention System for Internet and Intranet Specification: Sr. No Minimum Requirement Description Network Intrusion Prevention 1 OEM Eligibility Criteria: NIPS should be EAL4 certified or higher/NDPP certified 2 NIPS should be from different manufacturer as of Network Firewall OEM Hardware specifications: 3 The IPS should be dedicated purpose built hardware, not a part of Router, Firewall module and UTM solution with Real World Throughput 2 Gbps scalable upto 12 Gbps. 4 All the signatures update subsrciption should be provided from Day1 Inspection Ports: 8 x 10/100/1000 Copper Ethernet, 4 (SFP) 1 GE, 4 (XFP) 10GE support Deployment Modes supported: 5 6 In-line; SPAN Port Monitoring; Copy Port Monitoring; The proposed device should support High Availability (Active-Passive). The INSPECTED throughput of the appliance should NOT DEGRADE in the High Availability mode deployment. Appropriate throughput should be considered while sizing the device. Security Protections: Intrusion Prevention Protections: 7 Signatures: Prevents known application vulnerabilities, exploitation attempts, and protects against known DoS/DDoS flood attacks. Anti-Scanning: Prevents zero-day self-propagating network worms, horizontal scans, and vertical scans. Page352of 531 Mitigation Capabilities and Actions support: 8 Real Time Signatures TCP Challenge & Response HTTP Challenge & Response Advanced HTTP Challenge & Response HTTPS Mitigation Support SSL performance not impacted, in Peace time The proposed NIPS should be able to utilize and integrate with the existing SSL Offloaders, in case of SSL based attack inspection. The OEM has to provision for knowledgeable and specialized security experts who provide Professional Services for the network attacks and provide the following: 9 10 1) Monitoring of the customer’s service 2) Threat response to any attack detected 3) Sending the customer a summary of attack case 4) Sending the customer a monthly report containing all threats 5) Periodically reviewing the network-security configuration Centralized Monitoring and Reporting solution should be provided from Day 1 5.5 Secure Web Gateway Specification: S.No. Minimum Requirement Description 1 The Web gateway offering should be a purpose build dedicated appliance based solution 2 Appliance should be capable to handle total 30000 users scalable to 50000 users 3 The appliance should be supplied with minimum 64GB RAM and scalable to 128GB 4 Appliance should have minimum 8TB HDD for caching and scalable to 15TB 5 6 The appliance should have minimum 4 number of 1G and 02 number of 10G interfaces The solution should support redundancy in active passive mode. Solution can be provided in combination of multiple boxes to achieve the functionality The solution should protect against Web 2.0 threats, including malicious URLs, spyware, bot nets, viruses, and other types of malware, and provides controls for web and application use 7 8 The solution should provide Web filtering based on category as well as web reputation 9 The Solution should be able to provide application level control for minimum 100 web2.0 applications 10 11 The solution should support the following proxies- HTTP, FTP, ICAP The solution should provide Live streaming splitting to provide bandwidth saving and Quality of experience for end users 12 The solution should support proxy forwarding or proxy upstream. Page353of 531 13 14 The solution should support inbuilt SSL interception for HTTPS traffic. The solution should support policy based SSL interception to avoid decryption for banking and health category URL's/ sites 15 The solution should have a simple control mechanism to deny all traffic control to deactivate all internet services to be used in case of an outbreak, hacking attempt, etc 16 All appliances should have dual power supply WEB PROTECTION The solution in addition to category based filtering should support reputation based technology. It should have the capability to provide reputation based score on the security risk posed, enabling administrators to apply very granular rules about what to permit or deny 1 2 The solution should have multiple URL database sources, for blacklists like Phishing, Malicious, etc URL categories. 3 The solution should provide malware scanning for inbound and outbound traffic. 4 The Solution should have dual Antivirus engines on separate dedicated purpose build appliance for scanning Viruses and other malwares on the web traffic. Web filtering and antivirus scanning should not be on the same appliance Solution should have capability to scan and block malicious objects in large files (file size upto 5GB) 5 6 Solution should have capability to scan and block malicious objects in compressed and nested compressed files (upto 99 times compressed) 7 Solution should have capability to scan and block unwanted/malicious objects and file types in nested compressed files 8 9 10 11 12 The solution should identify and block web pages with: a. Malicious JavaScript / VB Script b. Malicious (or unauthorized) ActiveX applications c. Block Potentially Unwanted Programs (PUPs) The solution should have the ability to do a cloud based lookup to check for malicious content for any suspicious file/ object received from internet 13 Solution should have ability to integrate with on-premise dynamic analysis tools for unknown files 14 The solution should have multiple URL database sources, for blacklists like Phishing, Malicious, etc URL categories 15 The solution should provide file filtering for upload/download. It should be able to filter specific media files from being downloaded or uploaded 16 The solution should provide HTML filtering. It should filter HTML pages and removes embedded objects from them. 17 The solution should be updated automatically with the new signatures from the web at frequent interval including but not limited to -Virus, malware database -File Whitelist database -Whitelist/Blacklist URLs database -System patches Page354of 531 18 The solution must detect and protect against anonymizing websites, anonymizing tools 19 The solution should immediately alert the user if the content being downloaded/ uploaded/ accessed is found to contain virus/other malware 20 The solution should provide decryption of unverified encrypted traffic for scanning and then reencrypt it before sending (SSL decryption). 21 The solution should terminate the session with the client and establishes another session with the Web server, thereby offloading this process from the Web server 22 The solution should have Granular policies with authentication, authorization, and logging. 23 Reverse SSL proxy should provide the following: - Configuring the SSL Keyring and Certificate - Configuring Advanced Forwarding Hosts - Add Web Access to Allow HTTPS Traffic - Configuring Advanced Forwarding Rules 24 It should also have feature of Reverse proxy and also support Terminal services /Citrix Client. 1 USER MANAGEMENT AND POLICY ADMINISTRATION The solution should integrate with LDAP directory like Active Directory, Novell e-Directory and Radius server for user authentication and authorization. 2 The solution should have ability to create Local User Database: Creation of user / multiple users / Group / Multiple Groups - based on user-ID & password for authentication 3 4 The solution should have the ability to create user defined URL Category The solution should have the capability to manage internet access for specific user / users / group/groups /client /clients to access internet on specific Time/Day / Date / Weekly /Monthly etc. 5 The solution should have the ability to allow access to certain websites /URLs without user authentications 6 The solution should allow allocation of Bandwidth limit: Assign download/upload, internet browsing bandwidth limit to user / users / group /groups /client/clients etc. 7 The solution should provide customizable (but not limited to) - default error pages, - Messages to users, - Alerts 8 The solution should provide authenticated session control to configure how long users can browse once authenticated. 9 The solution should provide to identify and configure intranet domains (IP/URL), for which requests should not go to the internet. (To specify all intranet sites at a single point, rather than at client level) 1 2 CACHING AND PROXY FUNCTION The solution should do caching of web content. The solution should selectively cache internet content. Page355of 531 3 4 1 2 3 The solution should be to bypass cache for certain URL The solution should include service from OEM to suggest what content should be cached to improve the user experience. POLICY CREATION AND MANAGEMENT The solution should provide detailed policy definition and management such as (but not limited to): - Assign Users/User group - Assign Allowed and Denied URL categories - Assign Time of access The solution should provide policy compliance triggers such as (but not limited to) -Alert user and Allow -Allow and Log -Block and Log The solution should intimate users when they attempt to access unauthorized sites during work hours. 1 APPLIANCE ADMINISTRATION AND MANAGEMENT The solution should provide remote management for the device and administrative purposes. 2 The solution should perform regular configurable health check to verify status of the device 3 The solution should provide multiple administrator roles for configurable administrative functions 4 The solution should provide Command-Line access for administrative purposes. 5 The solution should support secure SNMP V3 for administrative purposes. 6 7 The solution should have Hot-swappable hard drives. The solution should have the capability store logs in the appliance memory for a minimum of 30 days before being pushed into an external syslog server. 8 The solution should log all configuration/changes made by administrators (Audit Trail) and should be configurable to be pushed into a central log server 1 REPORTING The solution should provide real time System/Appliance Monitoring / Utilization - HDD/RAM utilization - Cache used - Memory status - Web Traffic 2 The solution should provide pre- configured reports like (but not limited to): - Top URLs visited, - Top bandwidth users, - Policy violations, - URL Categories 3 The solution should provide ad hoc reports including histories and trends 4 The solution should provide automated Real- Time Live reports to assess the performance and volume of traffic being utilized. Page356of 531 5 The solution should provide Real- Time reporting to track - Volume of HTTP, - HTTPS 6 The solution should create custom reports on a granular and/or enterprise level such a s (but not limited to): - Usage Report of Specific User/IP/Group based on Time/Date - Report for all users who have been accessed the specific URL - Usages report based on Time & Date - Top service user - Most requested service 7 The solution should be able to generate & export or email reports automatically to assigned users in various formats, at minimum: - PDF, - Excel/CSV - HTML 5.6 Security Intelligence, Analytics and, Forensics Solution Specification: 1. Complete network visibility through high speed packet capture and analysis. 2. Should provide minimum 5Gbps sustained performance with 10Gbps peak with multiple ingress interfaces for capturing from multiple network points. 3. Should be able to classify, extract and reconstructs network activity. 4. Should be able to provide complete packet-by-packet details pertaining to one or more session of interest including voice/video replay, page reconstruction, image views, artifact & raw packet extractions. 5. Solution should support analytics and forensics over IPv4 and, IPv6. 6. Solution should support password extraction from popular protocols and be able to represent userid/password combination in addition to any related session executed from the node in a time-window moving forward or going back from the point of password capture. 7. Solution should be able to identify social networking protocols and be able to provide insight into user activity using the social persona handle. 8. Solution should permit creation of static or sequence-based rules and be able to take action such alerting, logging or, interfacing with a specific third-party tool to better process information for providing meaningful insights into “activities of interest”. 9. Solution should be able to delve into the encrypted traffic stream to identify malicious activity or, utilize the data for forensics using transparent inline SSL interception mechanism. 10. Solution should be available in multiple options (software, VM, physical appliance) to suit a multitude of deployment needs and be manageable from a centralized console. 11. Should have Directly Attached Storage with minimum 60 Terabytes capacity Scalable to 200TB. 12. Should have minimum 6 x 1 GbE & 2 x 10 GbE interfaces. 13. Should have 128GB RAM. 14. Should be sized for 20000 concurrent users. 15. Should be able to do deep packet inspection for minimum 2Gbps ssl encrypted (including HTTPS traffic) traffic by intercepting and decrypting it in inline transparent mode. 16. SSL interception and decryption should be policy based for following minimum criteria: a. Source & Destination IP address b. HostName Category with frequent updates c. Custom URL & Host name list 17. Should be able to identify and block SSL traffic to botnets and malicious servers. 18. Should give option to allow only valid SSL certificate traffic and block SSL traffic with invalid certificate. 19. Offered product family should have achieved Common Criteria EAL-3 certification. Page358of 531 20. Should be able to filter the captured packets based on layer-2 to layer-7 header information. 21. Should provide network traffic insight by a. Classifying 2000+ protocols and applications b. Reconstructed file such as a Word document, image, Web page, system files c. Locating each network host on world map d. Deep-packet inspection. e. Malicious traffic in Web, Mail & FTP traffic. 22. Should provide following investigative techniques: a. Establish a timespan b. Apply Advanced Filters c. Apply filters to the resulting display d. Reconstruct sessions and analyze artifacts: i. Preview artifacts and attachments ii. Review reputation information iii. Explore root cause e. Set real-time alerts and actions 23. Should provide Reports with Single-attribute views with extensive sorting and filtering capabilities. 24. Solution should give alert on any malicious object found in web, mail and ftp traffic. 25. Solution should be integrated with internal or external intelligence source and be able to provide insight into reputation of artifacts automatically for most prevalent attack vectors and be able to provide real-time alerts. 26. The solution should support integration with Virus-Total and be able to offer visual indicators with respect to artifact timelines, root-cause explorer from within the same console 27. Should have capability to upload packet captures (PCAP’s) captured elsewhere for analysis. 28. Should have capability to download specific captured in PCAP format. 29. Should do multi-dimension indexing of packets based on layer-2 to layer-7 header information. 30. Should have following Boolean operation modes for attributes: AND, OR, RANGE, NOT, CONTAINS, NULL 31. Should provide classification, search and real-time file extraction for instant delivery of recognizable evidence of a security breach or malware attack. 32. Direct integration with best-of-breed IPS, DLP, SIEM, log management, next-generation firewalls and malware detonation products. 33. Should have REST-API for integration with other Security Solutions or, for use by administrative scripts. 34. Solution should provide root (super-user) access out-of-the-box to the buyer and be able to provide access to packet captures and forensics information from within the root shell. 35. Should have inbuilt packet analyzer accessible in single console to see the data. 36. Should provide comprehensive deep packet inspection (DPI) to classify 2000+ protocols & applications. 37. Should provide a variety of analytics to strengthen security incident response with comprehensive and conclusive analysis. 38. Should provide security-related analytics such as session reconstruction, reputation look up, media panel, root cause explorer and artifacts etc. 39. Should have integration with Virus-Total for artifact analysis. 40. Should have inbuilt tools for static-analysis (such as jsunpack, yara, etc.) of files/artifacts. 41. Solution should be able to integrate with open-source or commercial dynamic-analysis tools to detect unknown threats. 42. Should provide configurable and pre-defined timespan filter for reporting. 43. Should have capability to send scheduled report to pre-specified mail-id’s on defined time line. Dynamic Analysis Capabilities 44. The solution must possess Malware Analysis functionality, which makes the analysis of files accessed by Malware Analysis engines on dedicated physical appliance. 45. Solution design should consider that all new objects, for which any intelligence is not available, will be Page359of 531 analyzed by Static & Dynamic analysis engine. The objects/artifacts may be delivered manually to the system by human analysts or, be delivered via an automation mechanism such as API by capturing objects of interest in Web, Mail, File-Transfer or any other protocol. 46. Solution should detect stealthy and polymorphic malware which evades traditional AV/ IPS. 47. The analysis solution must create an analysis result cache, reusing these cached results if the same file needs to be analyzed within a short time period. 48. Solution should provide behavior based malware classification and risk‐based scoring to generate actionable threat intelligence. 49. Solution should have minimum following virtual client OS environment for malware detonation: Win XP, Win 7 - 32 bit & 64 bit, Win 8 and Android 50. Solution should be able to process minimum 6000 analysis tasks per hour (assuming 8 working Hour per day since the load would be maximum at these times) for malwares. 51. Solution should have horizontal scalability option to meet future expansion requirements. 52. Solution should have customize-able virtualized environment for detonating unknown malwares. 53. Solution should have Bare-Metal-Emulator for analysis and detection of VM-evasive malware 54. Should have capability to create virtual machine profiles to mimic organizations computing environments (that is putting the system into use) to detect anomalies and differences in behavior that unveil advanced malware evasion techniques. 55. Solution should provide an environment wherein artifacts or objects can run within the virtual execution environment as they would on a real system, loading into real memory, or communicating with any other physical system components. 56. Solution should simulate working at the kernel level, exercise the malware, intercepting behavior and converting it into step-by-step forensic intelligence. 57. Solution should provide a map of the damage the threat would cause if allowed to run on a real machine. 58. The solution should support detonation of artifacts in approximately 6000 dynamic analysis environment. 59. The solution should facilitate the interaction of artifacts with the real world using a side channel for Internet or public network communication so as to enable the analysis environment record the true nature and identify the second or third level payload for future references/use. 60. The solution should support Gigabit Ethernet interfaces for out of band management and API integration and, the other Gigabit Ethernet for communication with real world of the traffic originating from the dynamic analysis environments (dirty link). 61. The solution should support dual redundant power supplies. 5.7 Data Leakage Prevention (DLP) Specification: Page360of 531 S.NNo Minimum Requirement Description The solution should be able to enforce policies by URL's, domains or URL categories either natively or by integr Web Security solution. The solution should be able to monitor FTP traffic including fully correlating transferred 1 control information and should be able to monitor IM traffic even if its tunneled over HTTP protocol The solution should be able to prevent content getting posted or uploaded to specific geo-destinations and The 2 should monitor and control sensitive emails downloaded to mobile devices through ActiveSync The end point solution should inspect data leaks over HTTP , HTTPs and SMTP.The solution should be able to in traffic and HTTPs traffic either natively or by integrating with third party SSL engine . Provide both build-in SSL and destination awareness capability on the gateway to identify any sensitive content uploading to all “Online 3 properties, even when it is tunnel over SSL. The solution should be able to block outbound emails sent via SMTP if its violates the policy. The proposed solu work as a MTA to receive mails from mail server and inspect content before delivering mails to next hop and sh 4 quarantine emails that are in violation of company policy. The endpoint solution should have pre-defined applications and application groups and allow each application/ 5 group to monitor operations like Cut/Copy, Paste, File Access and Screen Capture. The endpoint solution should be able to monitor data copied to network file shares and should enforce structu 6 unstructured fingerprint policies even when disconnected from corporate network. The endpoint would be able to store both structured and unstructured fingerprints on the endpoint itself and s perform all analysis locally and not contact network components to reduce WAN overheads. The solution shou 7 enforce different policies for desktops and laptops. The endpoint solution should have capabilities to monitor applications and ensure unauthorized applications d access to sensitive files. The endpoint solution should be able to perform discovery only when the endpoint is c 8 external power. The solution should Provide “Cloud Storage Application” group which monitor sensitive content accessed by th 9 storage application on the endpoint and prevent sensitive data from uploading to the cloud. The endpoint solution should Blocking of non-Windows CD/DVD burners, it should also Inspect and optionally 10 Explorer writes to WPD class devices.The endpoint solution should encrypt information copied to removable m 11 Endpoint solution should support win 32 and 64 bit OS, Mac & Linux OS,Support wide variety of platforms: • Windows 7 • Windows 8 • Windows Vista • Windows XP • Windows server 2003 • Windows server 2008 • Windows server 2008 R2 • Windows server 2012 • Mac OS X • Red Hat Linux/Cent OS The solution should have a comprehensive list of pre-defined policies and templates with over 1700+ patterns and classify information pertaining to different indutry like Energy, Petroleum industry vertical etc and India IT solution should provide capabilities to identify data based on keywords or dictionaries and the solution should 12 enforce policies based on file types, size of files and also the name of the file HW for the proposed solution should be on physical servers or appliances and not virtual appliances or servers. required to run the proposed solution should be included).The proposed solution should be able to inspect dat over SSL by decrypting SSL natively or by integrating with a third party SSL decrypting devices over ICAP. The SS solution should be proposed as part of the solution. 13 Page361of 531 14 15 16 17 18 19 20 21 22 23 The proposed solution should be able to encrypt content copied to removable media natively or through third integration(cost for the third party solution should be included as part of proposal) and The proposed solution support to automatically encrypt sensitive emails based on content natively or through third party integration The proposed solution should provide pre-defined policies for identifying possible for identifying possible expre are indicative of cyber bullying , self destrictive pattern or employee discontent The solution should be able to detect encrypted and password protected files. The solution should be able to d fingerprint of files and also should be able to detect even if partial information gets leaks from fingerprinted fil folders.The solution should be able to recursively inspect the content of compressed archives The solution should be able to fingerprint only specific fields or columns within a database and should be able t information from databases by correlating information residing in different columns in a database The Solution should have advanced Machine Learning – Ability to automatically learn sensitive information fro information that needs to be protected and also automatically learn false positives. The solution should enforce policies to detect low and slow data leaks and The solution should have printer age servers to detect data leaks over print channel. The solution should be able to enforce policies to detect data leaks even on image files through OCR technolog The solution should be able to identify data leaked in the form unknown and kwon encrypted format like passw protected word document and The solution should be able to identify malicious traffic pattern generated by M infected PC in order to prevent future data leakage by the malware The solution should be able to alert and notify sender, sender's manager and the policy owner whenever there violation, Different notification templates for different audience should be possible. The solution should support quarantine as an action for email policy violations and should allow the sender's m review the mail and provide permissions for him to release the mail without logging into the UI The incident should include a clear indication of how the transmission or file violated policy (not just which pol violated), including clear identification of which content triggered the match and should allow opening of origin attachment directly from the UI.The solution should provide in-built or 3rd party tool to classify the data. This d classification tool shall help the organization in in-depth data classification and tagging the confidential data.Th 24 should support integrating with Microsoft file classification infrastructure (FCI) for data classification. The incident should display the complete identity of the sender(Full name, Business unit, manager name etc.) a destination of transmission for all network and endpoint channels. The solution should also allow assigning of i 25 specific incident manager The solution should provide automatic notification to incident managers when a new incident is assigned to th incident should not allowed for deletion even by the product administrator.The solution should allow a specific 26 manager to manage incidents of specific policy violation, specific user groups etc. 27 The solution should have options for managing and remediating incidents through email by providing incident options in the email.The system should allow a role only to view incidents but not manage or remediate them The system should control incident access based on role and policy violated. The system should also allow a rol 28 for not having rights to view the identify of the user and the forensics of the incident The system should create separate roles for technical administration of servers, user administration, policy cre 29 editing, incident remediation, and incident viewing for data at rest, in motion, or at the endpoint The system should have options to create a role to see summary reports, trend reports and high-level metrics 30 ability to see individual incidents The solution should have a dashboard view designed for use by executives that can combine information from motion (network), data at rest (storage), and data at the endpoint (endpoint) in a single view.The solution shou 31 single policy framework for not just Network and Endpoint DLP as well as Web and Email Security as well. Page360of 531 The system should allow reports to be mailed directly from the UI and should allow automatic schedule of repo identified recipients.The system should allow incident managers and administrators to use their Active director 32 to login into the console 33 The system should provide options to save specific reports as favorites for reuse and The reports should be exp least CSV, PDF, HTML formats.The system should have lots of pre-defined reports which administrators can lev The system should allow automatic movement or relocation of file, delete files during discovery and The syste 34 display the original file location and policy match details for files found to violate policy The system should leave the "last accessed" attribute of scanned files unchanged so as not to disrupt enterpris processes.The system should support incremental scanning during discovery to reduce volumes of data to be s 35 36 The OEM should have own TAC center in India. The solution should Support PrtSc blocking on endpoint when configurable list of specific application are runnin it is in the foreground or background. The actual PrtSc capture will also be submitted to the DLP system as fore 37 evidence. The system provide remediation workflow which allow not just the sender, but also the manager of the sender owner and the system administrator, to release quarantined email. The manager of a given sender is identified 38 respective Active Directory attribute. 39 Incident manage the workflow of the selected incident, then select one of the following options Assign,Change Status,Change Severity,Ignore Incident,Tag Incident,Add Comments,Delete,Download Incident,Lock,unlock A single event should trigger only one incident, even if it trigger multiple policy and violation. For example, an o email could trigger 5 policies, e.g. PCI-DSS, PII, etc, but only one single incident will be created.Solution should 40 display in violation trigger to be masked in order to stay compliance with PCI-DSS requirement. The solution should Support multiple conditions by combining different data classifier, including Policy Templat RegEx, Keyword, Dictionary, Natural Language Policy ( NL) as well as Fingerprinting. For example : (A) ID# by policy template (B) CCN# by policy template (C ) Name by fingerprinting (D) Address by fingerprinting 41 And then create a policy with multiple matching conditions including (A and B) or (A and C ) or (A and D) The solution should enforce fingerprinting policy on both network and endpoint channel, even when the endp network By using Python, complex logic, rating and algorithm can be developed as a custom data classifier whe 42 can use in compound with any existing data classifier to identify sensitive data which is unique to an organizati 5.8 Email Security Specification: Sr.No Minimum Requirement Description 1 The proposed system should be an dedicated appliance based solution or Virtual Application image for email security 2 The Solution should have feature of virus scanning engine strip the infected attachments and The Solution should detect known or suspect secure-risk URLs embedded in the email, which are reliable indicators of spyware, malware or phishing attacks. Page361of 531 4 The solution should have performance capability of processing more than 2, 00,000 messages per hour. The Solution should have close to 100% virus detection rate for known viruses. The Solution should have multiple AV engines for anti-virus and malware scanning. The Solution should provide proactive virus detection methods for new email-borne virus. The Solution should have feature of virus scanning engine strip the infected attachments. 5 The solution virus engine should support scanning by inbound, outbound and internal direction and configure the policy per direction. The Solution has the management on virus quarantine and should have the access and manipulate the quarantined virus emails. 6 The Solution should provide an attachment scanning capability to detect file-based spam messages. The solution should also allow users to report SPAM mails. 7 The Solution should support URL classification of the embedded links and it contributes for SPAM detection. The solution should support image based spam detection capability, such as the pornography images within the email and it allow customer to adjust the sensitivity level. 8 The solution should support dictionaries scanning and dictionaries are built-in the product and allow customer to create his own dictionary. The solution should have at least 500+ predefined content rules inbuilt with Email Security & embedded in the product 9 The Solution should report the false positive email and a button in the quarantine queue thus customer can simply click to have a report 10 The solution should be able to look for content in the email header, body of message and also attachments 11 The solution should be able to restrict incoming, outgoing and internal mails based on file types, file size and also by file name and also through a combination of them. 3 13 The solution should be able to fingerprint files, folders, databases and prevent the information from being sent over outbound mails. The solution should have pre-defined dictionaries, key phrases to detect financial terms, offensive language etc. The solution should have capabilities to quarantine mails with content that violates the policy and notify sender or sender's manager automatically. The mails that are quarantined because of content control policies should be released if the sender's manager replies to the notification mail 14 The solution should perform image based filtering. It’s should use sophisticated analytical algorithm to analyze image to determine attributes that indicate the image may be of a pornographic or non-pornographic nature in known and unknown spams emails. 15 The solution should have capability to analyze text inside image going through email. The solution should monitor and control sensitive email download to mobile devices through active sync 16 The solution should allow setting SMTP greeting message, delay time and the full qualified domain name for SMTP session establishment. 17 The solution should provide the capability of connection control and message rates control for inbound and outbound respectively. The solution should support policy based TLS encryption between mail domains. 12 Page362of 531 18 The solution should have directory harvesting and DoS prevention capabilities. The solution should support internal sender authentication. 19 The solution should provide real time IP reputation system. The solution should allow the administrator to specify the re-try time for a delivery failure. 20 The solution should support IP/address/domain based whitelist and blacklist. The solution should support user group (LDAP) or domain based routing and delivery. 21 The solution should support message stamping by adding notes or disclaimer in the message. 22 The solution should have capability for Outbound throttling by IP/address. 24 The solution should support Inbound mail routing delivery preferences to accommodate larger, more complex network The solution should support centralized management, including policy configuration, quarantines and logs/reporting. The solution should support the real-time graphical and chart-based dashboard for the summary of email filtering activities. 25 The Solution should support quarantine administrator role. Thus only the delegated administrator is allowed to access the message in specific queue. 26 The solution should search a message in the queue and should have multiple options. 27 The Solution should have option for end user notification for email quarantining letter to be customized and click boxes that enable the user to release e-mail, report false positives, add senders to allow-or block lists and direct links to personal email management portal. 28 The solution should allow where Administrator can specify which queues can be accessed by end user 29 The Personal management portal should be a web-based UI for end users. The solution should allow email reply to release the email quarantined by solution. 30 The solution should support native system backup and software update functionality. 31 The solution should pre-built report templates which the administrator can use for generating reports. The solution should support real time graphical and chart based dashboard for the summary of email filtering activities. 32 The solution should support custom report creation in HTML, Excel and PDF. 33 The solution should be able to consolidate reports from multiple boxes for centralized logging and reporting. The solution should have capabilities to automatically deliver reports based on schedule to selected recipients 34 The solution should provide detailed information on messages to comprehensively track messages. The solution should allow parameters to be defined for searching message logs. 35 The solution should have True Source IP Detection and Connection Blocking feature should work even if Email Security is deployed behind Corporate Email Relay Server/Firewall SMTP 23 Page363of 531 37 The solution should have option to monitor traffic in real time for easier troubleshooting. The solution should have a central end user management portal for multiple appliances. The solution should allow end users to release mails from quarantine if approved. The solution should provide capabilities for end users to search on quarantined messages specific to them. 38 Automatic notifications should be sent to end users whenever mails are quarantined for them. The notification message to end users should be completely customizable. 39 The solution should allow end users to create their own personal allow and block lists. The solution should allow administrators to define which queues can be accessed by end user 36 5.9 Distributed Denial of Services (DDoS) Specification for Intranet and Internet Seprately: DDoS Solution : Must support the following parameters Throughput Latency 2-10 Gbps < 100 Micro seconds Max Concurrent Sessions 6 Million Maximum DDoS Flood Attack Prevention Rate No of 10/100/1000 Copper /Fiber Ethernet ports No of 10 G Ethernet Ports. (ordering option) SSL Performance 10Mpps^ 8 4 (Should have both (LR and SR option.) 2-5 Gbps, 40k Connections/second @1K Page364of 531 Sr.No 1 Minimum Requirement Description Details: 1.1. Item No. 1.2. OEM 1.3. Model 1.4. Throughput 1.5. Max Concurrent Sessions 1.6. Max DDoS Flood Attack Prevention Rate 1.7. Latency 1.8. Size (1U, 2U, etc.) 1.9. Power Requirement in Watts DDoS SPECIFICATION (Mandatory) 4 Architecture & Interface 4.1 The device must be purpose-built appliance for DDoS. 4.2 The device must be deployable in layer 2 transparent mode. 4.3 The device must support inbuilt or external hardware bypass to forward traffic in case of device failure. 4.4 The device must have a dedicated management interface 4.5 The device must support redundant power supply. 4.6 The device must work in following Deployment Modes. 4.6.1 SPAN 4.6.2 Inline Active (Blocking Enabled) 4.6.3 Inline Monitoring (Without Blocking) 5 Performance & Scalability 5.1 The device must be configurable to support. 6 5.1.1 Fail-open 5.1.2 Fail-close Feature Requirement Page365of 531 6.1 The device must be transparent to following protocols 6.2 6.1.1 VLAN Tagging 6.1.2 L2TP (L2 tunneling protocol) 6.1.3 GRE The device must support the following 6.3 6.2.1 IPv6 stack 6.2.2 IPV4 stack 6.2.3 Dual stack The device must support 6.4 6.3.1 Self-learning mechanism. 6.3.2 Anti-spoofing. The device must support Black-list 6.5 6.4.1 IP 6.4.2 Subnet The device must support White-list 6.6 6.5.1 IP 6.5.2 Subnet The device must be able to protect against DDoS in both inbound and outbound direction. 6.7 The device must Protect against 6.8 6.7.1 Volumetric DDoS attacks 6.7.2 Flood Attacks 6.7.3 Fragmentation Attacks 6.7.4 TCP Stack Attacks 6.7.5 Application Attacks 6.7.6 Resource exhaustion attacks 6.7.7 Slow request and BOTNET based attacks Web Server protections: 6.8.1 TCP Connection limit Protects against session-based attacks, such as half open SYN attacks, request attacks and connection attacks 6.8.2 Application misbehavior protection— Protect against application interrupts, brute-force and dictionary attacks) 6.8.3 HTTP flood mitigation— Mitigates HTTP flood attacks 6.9 Signature-based protections— Protects against known Botnets and attack tools 6.10 Out of Sequence SYN Flood protection— Ensures that TCP SYN flood is mitigation by client connection authentication mechanism 6.11 Out-of-Sequence SYN Protection Parameters: 6.12 6.12.1 Out-of-Sequence SYN Attack Protection 6.12.2 Activate (Without Reboot) 6.12.3 Ignore specific source and destination ports Page366of 531 6.13 Bandwidth Management: 6.13.1 .Maximum BPS value allowed 6.13.2 Maximum pps value allowed 6.13.3 Set rules to rate limit specific traffic types. 6.14 Slow Request Attack Protection parameters: 6.14.1 6.14.2 6.14.3 6.14.4 Signature based protection TCP Connection Reset mechanism Tracking option like idle timeout and data transferred Blocking sources that violate the rule 6.15 Network-flood protection 6.16 6.15.1 TCP floods—which include SYN Flood, TCP Fin + ACK Flood, TCP Reset Flood, TCP SYN + ACK Flood, and TCP Fragmentation Flood 6.15.2 UDP flood 6.15.3 ICMP flood 6.15.4 IGMP flood SYN Flood Protection Parameters: 6.17 6.18 6.16.1 SYN Flood Protection 6.16.2 Tracking Time/ Idle Timeout 6.16.3 TCP SYN authentication mechanism 6.16.4 Maximum Allowed SYN to ACK Delta rate HTTP Flood Protection The HTTP Mitigation should detect and mitigate HTTP request flood attacks. The HTTP Mitigation should baseline the http URL per second and request per second and build a statistical model of the protected server traffic, and then, detects traffic anomalies and identifies and blocks the malicious sources. 6.17.1 HTTP Mitigation 6.17.2 Maximum URL per second setting 6.17.3 Maximum request per second setting 6.17.4 Block host exceeding the threshold SIP protection Should provide VoIP protection against the following types of threats: 6.18.1 Brute-force and dictionary attacks—On registrar and proxies SIP servers by limiting number of SIP messages per source 6.18.2 SIP application scanning activities—On SIP servers and SIP phones by limiting number of SIP messages per source 6.19 Security Features – Intelligence feed Protections support Page367of 531 6.20 6.19.1 Both Inbound and outbound threat protection 6.19.2 Email threats 6.19.3 Location based threats 6.19.4 Targeted attacks 6.19.5 Command and control 6.19.6 DDOS 6.19.7 Malware 6.19.8 Mobile DNS Flood Protection parameters 6.21 6.20.1 DNS Regular expression 6.20.2 DNS authentication mechanism 6.20.3 DNS query limit per source 6.20.4 DNS NX domain protection 6.20.5 Malformed DNS traffic blocking The device must support the following Block Actions. 7 6.21.1 Source blocking 6.21.2 Source dynamic blacklisting 6.21.3 Per packet blocking The DDoS solution Accuracy 7.1.1 8 The DDoS solution shall block DoS/DDoS flood attacks without blocking legitimate user traffic. 7.1.2 The DDoS solution shall support prevention for HTTP flood without blocking legitimate users 7.1.3 The DDOS solution should provide protection against encrypted SSL based attack thru on-board SSL module Monitoring and Reporting (The management appliance should provide Historical security reporting engine, which includes the following) 8.1.1 8.1.2 8.1.3 8.1.4 9 Customizable dashboards, reports, and notifications Advanced incident handling for security operating centers (SOCs) and network operating centers (NOCs) Standard security reports In-depth forensics capabilities Management Solution 9.1.1 The management solution should have Real Time monitoring for: Dash Board Attack Alert, Traffic Monitoring, , DNS, HTTP, and Attack details. 9.1.2 The management system must provide historical incident tracking, daily activity reporting, and the capability to configure and produce report summaries 9.1.3 Security reports must have selectable output formats including HTML, PDF. 9.1.4 The management solution shall provide real-time dashboards such as top attacks view, traffic monitoring view, SLA reports (bandwidth consuming attack) view, etc. Page368of 531 10 Reporting and Logging 11 The device must support reporting through email 12 The device must support 12.1.1 Syslog 12.1.2 SNMP V3 13 The device must provide 13.1.1 Historical incident tracking, 13.1.2 Daily activity reporting 13.1.3 Produce report summaries 14 Security reports must have selectable output formats including 14.1.1 HTML 14.1.2 PDF 15 The device must provide real-time dashboards including 15.1.1 Top attacks view 15.1.2 Top attack Sources / attack Destination. 15.1.3 Traffic monitoring view 16 The solution should support SYSLOG for integration with SIEM solution 17 17.1 18 Mitigation Capabilities and Actions support: 17.1.1 Industry recognized threat feed 17.1.2 TCP Challenge & Response 17.1.3 HTTP Challenge & Response 17.1.4 HTTPS Mitigation Support 17.1.5 High SSL inspection performance Integration with ISP’s Cloud based Scrubbing Centres, in case of Bandwidth Saturation attacks. 19 Certifications 19.1 The device must have EAL2 certification. 20 Authentication Administration and Configuration Requirement 20.1 The device must support the following authentication schemes. 20.2 20.1.1 LDAP 20.1.2 RADIUS 20.1.3 Local Password authentication. The device must support Remote administration using 20.3 20.2.1 SSH 20.2.2 GUI (Encrypted channel)/Web based using SSL. The device must have separate Administrators and Operators. The required licenses must be included to facilitate role based administration and monitoring of each of the device Page369of 531 deployed in the network by their respective Administrators / Operators. 20.4 OEM TAC support must be in India. 21 Warranty, Software Subscription& Support 21.1 Five years on-site comprehensive warranty support with advance replacement of faulty device on site 21.2 Five years software subscription support 21.3 Five years instantaneous support services by knowledgeable and specialized security experts on 24x7 basis. 21.4 On-site professional service support for Ten days per year. 21.5 One Resident Engineer (Sr Administrator) in NIC Hq DDOS CENTRALIZED MANAGEMENT SOLUTION Sr.No 1 Minimum Requirement Description Details: 1.1. Item No. 1.2. OEM 1.3. Model 1.4. Rack Size (1U, 2U, etc.) 1.5. Power Requirement in Watts 2 Specification for DDoSCENTRALIZED MANAGEMENT SOLUTION SPECIFICATION (Mandatory) 3 The device must be accessible through GUI. 4 The device must be accessible over secure channel 5 The device must be rack mountable. 6 A single Centralized management solution must support management of: 6.1 All DDOS models quoted in the tender 7 Role based administration : 7.1 Must facilitate administrator to manage multiple DDOS devices over network. 7.2 Must facilitate administration using secured channel. 7.3 Must support multiple roles like administrator, operator etc 8 The device must support Audit log facility. Page370of 531 9 The device must support protection settings changes across all devices thru the centralized console. 10 The device must support intelligence feed from OEM to correlate the threats 11 The OEM must update its attack signature database regularly and it should be configurable to update the signatures automatically without manual intervention 12 The device must have the facility to display: 12.1 Real-time Log 12.2 Historical log for a given period 13 The device must support a wide variety of pre-built as well as custom reports. 14 The device must be able to output report data into a variety of different file formats like HTML, PDF , etc. 15 The device must support auto-email of Pre-defined & Customized Reports at a scheduled time.: 16 The real-time Dashboard should have the following Graphical display. 16.1 Top Source/Destinations countries. 16.2 Top attacks 16.3 Top Source/Destination DDOS. 16.4 Top Targets 17 The solution should support integration with SIEM solution thru SYSLOG messages. 18 Warranty, Software Subscription& Support 18.1 Five years on-site comprehensive warranty support with advance replacement of faulty device on site 18.2 Five years software subscription support 5.10 Identity Management Technical Specification: Minimum Requirement Description of Identity Management 1 Authorization Solution should provide the ability to make real-time course-grained authorization decisions such as a whether to grant access to an application Solution should allow access and authorization permission criteria to be linked to role definitions rather than to individual user accounts so that these decisions are driven by a user’s membership of a role Page371of 531 Solution should respond to requests from applications for authorization decisions, based on user role membership and other user properties Solution should “push” role membership and other authorization information to an application after an event in the solution (e.g. user log-in) and enable this information to be “pulled” by applications as required Solution should able to join together access rules and roles with specific access actions to form access policies that can be applied to specific users or groups of users Solution should support the implementation of Role Based Access Controls (RBAC) for controlling access to functions within an application Solution should support nested roles and the dynamic assignment of roles (based on user attributes) Solution should provide the configurable ability to restrict or allow concurrent logins by the same user Solution should allow for the prioritization and ordering of authorization rules Solution should deny assignment of one role to a user, based on their existing role assignment (mutually exclusive roles) Solution should provide a mechanism to authorize users based on data sources outside the main solution identity data repository Solution should support time based access controls (e.g. acquiring temporary access rights for admin) Solution should allow for dynamic authorization rules (for example based on time, IP Address, etc) 2 End User systems (Desktop/Laptop/access point) Id creation/ Deletion should be done through centralization administration. The identity and access governance, the single sign-on and the privileged user management suite of products including the directory services should be provisioned from one vendor. Delegated Administration Delegated internal administration: Solution should provide the configurable ability for a solution administrator to delegate a defined subset of administration tasks (e.g. password reset) to another solution administrator Delegated external administration: Solution should provide the configurable ability to delegate the administration of certain aspects of a defined set of external user accounts to other specified external users Delegated external access: Solution should provide the configurable ability to allow specified external users to delegate the access that their account gives them, to another external user Solution should provide an integrated web interface to perform delegated administrative tasks Solution should support fine-grained delegated internal administration (e.g. tasks relating to management of users, policies, workflow) Solution should support limiting delegated administration to a user based on date and time 3 Solution should provide authorized help desk administrators the ability to impersonate an end user in order to troubleshoot a problem User Account Registration, Activation and Disabling/Deletion Solution should provide the capability for a user to self-register (create an external user account) by providing some business-determined proof of identity to the solution Solution should provide the capability for a user to self-register (activate their external user account) by implementing a configurable function that requires the user to provide some business-determined proof of identity to the solution Solution should provide out-of-the-box identity proofing Page372of 531 Solution should support identity proofing by generating one-time tokens to be physically exchanged with the user (e.g. letter to the user’s address) Solution should support identity proofing by checking a secret known only to the individual (e.g. business data from a back-end application)? (please specify) Solution should allow access back-end applications to retrieve and check business data for identity proofing Solution should provide automated creation (registration) of user accounts, according to configurable provisioning rules, triggered by an event in another application (e.g. the purchase of a product in a business application) Solution should support disablement/deletion of unused or expired accounts (accounts which have not been used for a set period of time) Solution should provide a configurable facility to require a user to recertify (to provide further proof of identity and explicitly state that they continue to require access), based on the occurrence of a particular event (e.g. a change to role definition or the elapse of a certain amount of time since original registration) Solution should provide role-based facilities (registration based on customizable roles) Solution should provide rule-based facilities (registration based on user attribute-based customizable rules) Solution should provide criteria besides roles and rules be employed for registration (e.g. accreditation, location in a position hierarchy, geographic location etc.) Solution should support entitlement exclusions (e.g., separation of duties) Solution should resolve registration conflicts when rules/roles conflicts occur Solution should detect orphaned accounts (accounts that have no associated record in a specified authoritative data source) and perform an action such as “suspend” or “notify” Solution should detect unauthorized changes to a user account and send a notification and roll back the changes Solution should provide automation to leverage data that is already entered into an HR system, or some other system of record, to automatically provision new users with at least basic systems access. 4 Solution should provide pre-approved Role-Based Access Control (RBAC) lists / templates to automatically provision business function changes for user groups, bypassing the normal approval workflow. Solution should be highly scalable to manage >5 million users with one single instance of IDM Identity Vault/user store User Account Administration and Support Solution should provide the facility for an administrative user (e.g. helpdesk staff) to look up a forgotten login ID, using other identity information, and automate the sending of an email to the email address associated with the user in the solution identity data repository Solution should provide the facility for an administrative user (e.g. helpdesk staff) to “impersonate” an external user, i.e. log in using different authentication credentials but be able to perform a defined set of activities and obtain the same results as the impersonated user would Solution should provide a clear audit log of “impersonation” events to enable investigation of who has performed the functions or changed data using an external user’s account Solution should be capable of automatically sending a notification email to the user when changes are made to their role membership or the definition of a role of which they are a member Solution should have the ability to dynamically assign and revoke access rights based on user role changes Page373of 531 Solution should handle rights in special circumstances (based on user context or special access rights) 5 Solution should provide the ability to specify exclusionary roles that prevent assignment of conflicting roles Solution should provide several solution administrators to administer user accounts at the same time (with the necessary transaction controls in place to prevent simultaneous editing of the same user account) Solution should provide the means to batch administer groups of user accounts (e.g. assign a new role to a batch of users) Solution should provide mechanism to consolidate routine user management to at least eliminate the possibility that several different administrators will have to work on a single request for a single user. Solution should incorporate a consolidated user management facility to "front-end" a variety of systems, allowing a security administrator to manage one user across a variety of systems with a single program / GUI User Account Self-Service Solution should provide users with the ability to self-manage their user profile (e.g. general identity information) Solution should provide user interface with information that users can self-manage configurable, and be driven by role membership. Solution's self-service interface should be customizable Solution should provide users the ability to change their login IDs Solution should detect when the user attempts to choose a login ID that is already taken and disallow that choice Solution should suggest available login Ids to a user who has attempted to choose one that is already taken Solution should provide the ability for an external user who has forgotten his/her login ID to trigger an automated resending of it to the email address associated with their user account Solution should provide the ability for an external user who has forgotten his/her password to trigger a password reset and receive a new solution-generated password sent to the email address associated with their user account Solution should provide the ability for an external user to self-reset their password by successfully answering challenge/response questions and then choosing a new password using the web interface Solution should allow the challenge response questions to be configurable by the user 6 Solution should support different, configurable password reset policies, based on user role membership or other identity data Solution should enforce password policies during user self-service password resets Solution should provide an integrated web self-service interface Solution should provide a tool whereby users can view the current status of requests they have made to solution administrators using the self-service interface Identity Data Management Solution should have the configurable ability to synchronize user account data with other authoritative data sources or repositories? (specify if in real-time or scheduled and if can synchronize one-way or two-way) Solution should be an event driver architecture which can make the changes as it happens in almost real time Solution should be triggered to synchronize data in the solution identity data repository by an event in another authoritative data source Page374of 531 Solution should automatically discover data in the other identity data sources, defined by us (e.g. detect new user accounts in back-end applications and retrieve their associated attributes) Solution should have functions or features to support, for a given user, the association or consolidation of back-end application login Ids with the solution login ID Solution should support identification of orphaned accounts (accounts in the solution identity data repository which are no longer tied to a user application login ID) Solution should generate a unique user ID – a unique and permanent identifier to unambiguously identify every user in the solution identity data repository (irrespective of changes in other user attributes) Solution should have the unique user ID specified rather than generated (e.g. by either manual input or by data transferred from another authoritative data source) Solution should provide user account object in the solution identity data repository store the following attributes: login ID, Password, Name attributes, including First Name, Last Name and Middle Name, Full Name, Email address, Phone Number, Fax Number (optional), Address attributes, including Country, Province, Postal Code, City, Street Name and Number, Company Name, Language Preference Solution should have the ability to customize mappings of key attributes (for example, map unique user ID to email or password to alternate attribute) Solution should be capable of identifying individuals who have more than one user account in the solution identity data repository, and merging these accounts into one 7 Solution should identity data repository be searched according to any user attribute Solution should validate data entered both manually and through data feeds (through user interaction and bulk loads) Solution should offer mapping tools for initial synchronization of the solution identity data repository with authoritative data sources. Solution should coordinate various systems of record, such as HR, to automation, which automatically changes systems access (Terminate and Re-add), based on job function changes, changes in pre-approved RBAC lists, and/or User ID changes. Logging and Reporting Solution should perform basic audit and logging capabilities Solution should offer customizable logging Solution should produce log data files in a format that can be viewed and manipulated using 3rd party reporting tools Solution should provide operational and user activity reports provided out of the box Solution should provide an interface to develop customized reports Solution should allow for the automatic archival of audit logs after a given period of time Solution should provide alerts for password failure and other security violations. Solution should allow connector/agents log all activities with the solution to a flat file or database accessible from a centralized logging solution Solution should allow agents/connectors prevent logging sensitive information and replace them by wildcards if necessary Solution should support a master record built to record which systems each user has access to, who approved the user access and on which systems each user has a record. Solution should provide reporting capabilities include periodic reports from each system to capture what local privileges users have Page375of 531 Solution should maintain a master record to track which systems each user has access, and on which systems each user has a record. For example, the use of a periodic process to extract user data from each system, search for discrepancies, and respond either by applying corrections directly or by requesting authorization for change requests. Solution should facilitate the assignment of consistent login IDs on each system. Solution should reconcile login IDs across systems, and batch-rename IDs so that users have the same ID everywhere. Solution should actively rename login IDs on non-compliant systems, to reduce the problem and/or provide password synchronization, to eliminate multiple hard-to-remember passwords. Solution should be used to facilitate the implementation of a global password policy, and encourage users to maintain a single password to all systems, in compliance with this one policy. Solution should maintain user demographics in a master record and track change history for key data elements (Name, Location, Department, Role, contact information). Specifically, Solution should provide automation to leverage data changes initiated in the HR system on key user demographic and organization information (First Name, Middle Initial, Last Name, User IDs, Employee ID, Location, Department, Job Title / Role, email, etc). 8 Solution should provide administrative screens and self-service pages be branded in accordance with "look and feel" guidelines. Workflow Solution should offer an intuitive and user friendly GUI to design and modify workflows Solution should provide a tracing utility for managing and tracking workflow functions Solution should allow for the co-existence of several, different workflows for user registration, each servicing different business areas or user types/roles. Solution should support changes to automated workflow transactions prior to completion Solution should support automatic escalation for stalled workflows Solution should allow for a hold on executing a workflow until a given future date and time Solution should support roll-back to undo the result of the last action (i.e. an "undo button") Solution should provide “preview” mode functionality in workflow and registration, i.e. a workflow testing mode wherein account changes are not committed, just output to the screen Solution should support customizable approvals, including multiple approval points, or multiple approvers for the same check-point in a workflow Solution should support approval routing to different approvers, based on user, or requested resource, or level of access requested Can the request be "locked-down" to prevent further changes after the request has been approved? Solution should support parallel and serial workflows Solution should provide a workflow system to accept change requests from users directly, request and track authorization, and provision access once requests are submitted and approved. 9 User Interface Customization Solution should provide solution administrator interfaces be configured to display in multiple languages. Solution should support simultaneous different external user interface designs and styling for different secure services. Page376of 531 Solution should provide customizable error messages for responses to external user interface-related errors. Solution should provide external user-facing interfaces be styled and/or branded for our requirements, including the ability to “re-brand” the interface to match a 3rd party’s styling when we host a website on behalf of a 3rd party. Solution should use a browser-based interface for all data input and other external-user interactions. Solution should use a browser-based interface for all solution administrator and other configuration operations. Solution should permit the specification of custom fields for user information. Solution should support masking for the input of sensitive information for any user interface control (i.e. in additional to password fields). Solution should have same interface for designing and management of IDM Solution in online and offline mode. Same interface should be use for on premise or cloud setup as well. Solution should provide an SDK to develop connector/drivers for different connected systems. Solution should permit the specification of a required format for data input into any given field. 10 Integration Solution should provide authentication and authorization functionality separate from the business applications being secured, so that they remain logically separate entities that exchange information rather than require elements of solution to be integrated into the applications. Solution should gracefully and securely handle the unavailability of the application it secures, and return a “not available” message to the external user. Solution should provide reconciliation to enforce data integrity/consistency between connected systems. Solution should limit what objects are synchronized between systems. Solution should provide password synchronization. Solution should provide user data synchronization with data stores in real time. Solution should provide bi-directional synchronization between data stores using graphical interface without programming. Solution should provide the ability to manage identities through policies. Solution should utilize policy to manage work flows. Solution should provide the ability to grant system "authority" to particular Identity attributes, i.e. designate different authoritative sources for different attributes. Solution should provision users and grant entitlements based on user “Role”. Solution should allow users provisioned to a target system based on a “Rules”, “Roles” or “Workflow”. Solution should provide a single connected system allow for more than one method simultaneously. Solution should have Role Mining functionality and Ongoing Role Certification. Solution should provide the ability to manage groups, individual users or both. Solution should provide system Audit functionality. Solution should provide end-users initiate workflow requests. Workflow requests should be used for non-connected systems as well. Solution should provide the ability to limit systems end users may request access to. Solution should provide the delegation functionality in Workflow tool. Solution should also provide an Approver select specific Delegates feature. Solution should provide Workflow system that support individual, group, or quorum approvals. Page377of 531 11 Solution should provide the ability to provide a White Pages based on the Organizational Chart in the user interface. Solution should provide Self Service Password functionality. Solution should have the ability to enforce password policy in a challenge-response fashion. Solution should provide the ability to run correlation analysis with log-generated data from nonIdentity connected systems. Security Vulnerabilities Solution should aid in documenting clearly all systems access in a global repository, to make it easier to terminate access in the future. Solution should tie systems of record, such as HR, to automation, which automatically terminates systems access to ensure that HR, contractor management and others clearly and promptly communicate to IT whenever staff are terminated. Solution should be flexible in its password assignment functions to initialize new passwords either to secret personal data, drawn from a system of record, or to values entered by the manager of the new person. Solution should allow for report generation to periodically review each user's systems access and provide them to managers, for review. Solution should support existing IT Compliance reporting for User Access Verification by periodically auditing the account setup on each system, to measure compliance with standards. Solution should allow an administrator use the system to review access request / authorization / provisioning processes, to ensure that they meet business needs, and that they are adhered to. 12 Monitoring User Activity Solution Should maps multiple system entitlements back to a specific user. This information should be displayed in an intuitive user interface that gives business managers a complete view of a user's privileges and help them make informed decisions about provisioning and access requests. Solution should monitors user activity in key systems that Identity Management solution provisions to and takes immediate action if out-of-policy events occur. Solution should have the feature/module to see who has access to what key systems, and what they are doing with that access, all in real-time. Solution should tie identity management information to security events, giving comprehensive compliance and security across key systems that Identity Management provisions to. 13 Self Service Password Management Solution should allow users can reset or change forgotten passwords and access or unlock locked accounts Solution should provide an easy to use wizard for installing and configuring the application. Even the most complex password rules—including prohibited word lists, character requirements, challenge question options, and change frequency—can be configured and implemented quickly and easily. Solution should enforce password strength. Solution should be able to enforce virtually any combination of password rules to ensure compliance with security policy. Solution should be generating real time alerts. Solution should be able to allow administrators to configure and enable real-time alerts for events such as start-up, shutdown, configuration modification, intruder attack and fatal events. Solution should support SMS support which allows one-time tokens via text message for user verification, activation and new passwords. Solution should provide Captcha support which prevents unauthorized automated attempts to reset passwords. Page378of 531 Solution should be able to generate audit logs for security and troubleshooting purposes, including user activities and system events. It should also be capable of forwarding audit events to syslog and compatible servers. 5.11 Privileged User Management Technical Specification: Minimum Requirement Description 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 The solution should centrally define the commands that privileged users are able to execute on any Linux and UNIX platform, ensuring that only authorized users can perform specific administration tasks. The solution should allow granular controlling of access to all system resources including data files, devices, processes/daemons and audit files. The solution should record administrative activities that authorized IT personnel perform in managing Linux system resources. The solution should protect systems by knowing what action was taken, who did it and when it was done. The solution should be integrated with the Identity Management solution and have the option of creating and managing the policies through the identity management solution. The solution should Intuitive drag-and-drop visual interface makes it easy to create rules that are enforced across all managed UNIX and Linux systems. Updates and changes should immediately applied across the entire set of hosts in the enterprise. The solution must track the "real user" even in case of surrogates. The solution should support “Centralized policy definition and distribution. Should provide capability to allow access to sensitive resources only through approved programs. The solution should provide an integrated test-suite tool to allow administrators to model and test new rule combinations before committing them to production use. The solution should easily identify security risks. The solution should analyze each command as it is typed and assigns it a risk level from 0 to 9 based on the command, the user who executed it and the location at which the user executed it. The solution should provide Process Controls - Administrator must be able to control the circumstances, under which authorized users may terminate sensitive processes (daemons), including time and day, where from, etc. The Solution should have Enterprise Credential Vault for secured password vaulting The Solution should have Risk based session control to enable automatic session termination or access revocation The solution should have smart risk ratings built on potential threat analysis The solution should support "Break Glass" scenario The solution should be able to do the CCTV type video recording for windows even if user does a direct RDP or console access. The solution should be integrated with Identity Management solution and all the resource access request and provisioning should be done from Identity Management. The entire solution should be of one single vendor and none of the components should be from third party The solution should have risk-based privileged session control through which it should be able to identify any unauthorized activity and automatically terminates the session or revokes access. The solution should have separate audit zones which should consist of separate audit information 20 based on the geography, offices, DC’s, server types etc. 19 Page379of 531 21 The solution should be able to manage passwords remotely on network devices. 5.12 Web Access Management & Single- Sign On Specification: S.No 1 2 3 Minimum Requirement Description of Web Access Management and Single-Sign On Solution should include a web-based GUI to create policies using simple wizards. Solution requires any manual scripting or programming knowledge to build and develop authentication and authorization policies? Solution should be Integra table with a desktop MS AD Kerberos authentication to provide a full SSO experience. 4 Solution should have a unified dashboard to instantly see the status of the overall WAM solution at a glance with the ability to progressively dive deeper into issues. 5 Solution should have a web-based administration console that manages all of your WAM components all at once or is each component individually managed (e.g. Federation, SSO, SSL VPN, web authentication, web authorization). 6 7 8 9 Solution should be an soft appliance based on Linux. Solution should be built on a federation standards-based architecture. Solution should have federation support. Solution should support federation protocols: SAML, Liberty, WS-Federation, ADFS, Oauth, OpenID Connect 10 Solution should provide risk-based access control, authentication and authorization of users based on the context, pattern, location and various other attributes 11 Solution should be integratable with other IAM technologies (e.g. Identity Management, Workflows, Auditing, Role Management). 12 Solution should have its own user store or should leverage existing directories such as Active Directory, Sun One, eDirectory or other LDAP directories. 13 14 Solution should enables secure access to applications from mobile devices without modification of applications Solution should enables social login and supports personalization and customization of web pages based on user identity 19 20 21 Solution should have SDK and APIs that support authentication management and integration with external applications Solution should include an automatic rewriter feature Solution should provide single sign-on (SSO) for external users. Solution should have user’s SSO session remain secure and usable if one or more of the backend applications they require access to are unavailable. Solution should support SSO across multiple web domains. Solution should support single sign-out. Solution should provide both agent based and reverse proxy based options. 22 Solution should support SSO using Internet Explorer and Windows integrated security. 23 Solution should support storing of application-specific proxy-credentials, for applications that cannot be integrated with the SSO solution. 15 16 17 18 Page380of 531 24 Solution should have wizard-based code promotion utility to allow bringing up a new server, making a backup or migrating your policies from test environment to production environment in a least possible time. 25 Solution should provide strong authentication and step up authentication to web and federated applications 26 Solution should provide risk-based access control, authentication and authorization of users based on the context, pattern, location and various other attributes 27 Solution should enables secure access to applications from mobile devices without modification of applications 28 Solution should enable social login and supports personalization and customization of web pages based on user identity 29 Solution should provide strong authentication and stepup authentication to web and federated applications 30 Solution should have a Wizard-based code promotion utility which should allow to bring up a new server, make a backup or migrate policies from your test environment to production environment 31 Solution should also provide thick client SSO capability for client server based application architecture 5.13 Vulnerability Management (EVM) specifications: Minimum Requirement Description Basic Requirements Should be a appliance or software based solution The solution should be capable of identifying assets/OS via both active scanning and passive listening of traffic in the real time. The solution should be capable of identifying mobile OS Should identify asset type’s out-of-the-box, including desktops, servers, routers, switches, applications and operating systems. The Solution should be able to track individual assets By IP address, By name and By MAC address. • Should use following Asset identification techniques o Ping sweep o User Datagram Protocol (UDP) probe o Asset fingerprinting o Rapid discovery o NetBIOS-based discovery o Transfer Control Protocol (TCP) discovery Page381of 531 o UDP port discovery o Operating system (OS) fingerprinting o Application fingerprinting Should Identify newly connected devices and previously undiscovered assets on the network The solution should support Non-intrusive checks as well intrusive checks The Solution should be able to classify assets according to business value The Solution should perform a targeted scan (i.e. check for a specific set of vulnerabilities) The real-time (immediate) scans should provide ability to be stopped or paused The Solution should support storage of credentials for systems, for use in authenticated scanning The Solution should support integration with threat feeds, allowing vulnerabilities to be correlated against real-time threat information. The solution should be able to integrate with third party trouble ticketing systems for tracking remediation The reports should include data from multiple scans The Solution should have policy compliance features, such as identifying empty or improperly configured ACLs, audit settings, password policies, etc Should do discovery-based assessment – Efficient, high-performance vulnerability assessment It should use industry standard vulnerability lists such as CVE, CERT, SANS20, BS 7799/ISO 17799 (International Standard for Information Security Management) and other private sources and should allow custom checks to be created in open standard format, such as OVAL. Should include checks for DoS, buffer overflow, network device vulnerabilities, potential unwanted programs, web vulnerabilities, virus, malware, spyware, printer and print server vulnerabilities The solution should be able to correlate latest threat feed and provide information risk level at each segment and organization level The solution should support risk-based scoring metrics The solution should allow the tickets to be closed automatically when vulnerabilities are remediated. The solution should help in creating groups of business units based on location or operation or function and run scans / generate reports for each BU. The proposed solution should maintain a real-time inventory of the devices connected to the network, their profiles, and the identities of those using the devices. The solution should have an inventory module to list down devices as Online (i.e. devices which are currently connected to the network) and Offline Devices (i.e. devices which have been connected in the past, but are not connected now) Page382of 531 The proposed solution should work in real time to detect, identify, profile, and audit all devices connected to a network, whether physical or virtual, managed or unmanaged The proposed solution should be able to identify susceptibility to database-specific risks, including SQL injection, buffer overflow and malicious or insecure PL/SQL code and with ability to perform database scanning, conducting maximum amount of vulnerability checks against leading database systems such as Oracle, Microsoft SQL Server, IBM DB2 and MySQL databases The solution should be able to detect weak password for databases and point out accounts with simple, weak and shared passwords Should be a appliance or software based solution The solution should be capable of identifying assests/OS via both active scanning and passive listening of traffic in the real time Web Application Scanning The Solution should have the ability to perform web application scanning The solution should provide scan configuration, vulnerability checks and scan report for web applications It should identify susceptibility to database-specific risks, including SQL injection, buffer overflow, and malicious or insecure PL/SQL code It should be able to set the entry URL, path to include, exclude and parameters to exclude during a web application scan It should search for vulnerabilities and weaknesses in the web code that could lead to an exploit such as SQL injection where a URL request with specific text could allow direct access to the SQL database. It should be shipped with checks to detect vulnerabilities in web platforms like Microsoft Internet Information Server, Apache, Websphere, Lotus Domino, Novell, iPlanet, and Netscape Enterprise Server The Solution should have the ability to test web applications for poor coding practices, weak input checking, configuration mistakes exposing unintended data, and data manipulation. It should include the following areas of testing: Authentication, Buffer Overflows, CGI Attacks, Cross Site Scrupting, Database, ECommerce, HTTP Header It should include required checks for PCI as well as provides coverage of the OWASP Top 10 categories The Solution should have the ability to perform web application scanning Management The solution should be managed from a centralized console It should integrate with host security solution It should integrate with network intrusion prevention solution It should have granular and detailed report as well as provide dash board of executive summery Page383of 531 showing security posture of entire network or selected BU Security Management Bidder must provide single point of contact for management, escalation backed by senior product specialists Bidder must provide 24/7 availability for Severity 1 & 2 issues on all security products being offered Bidders must address Problems in equipment which cause downtime/degradation of services and resolution of which require development of patches, bug fixes etc. shall be treated, by Security products OEM, on priority basis Bidder must provide Schedules and performs Quarterly on-site visits; completes Protection Analysis and offers best practices recommendations Bidder must provide Proactive notification of security threat advisories and product updates Bidder must deliver support status updates and business reviews 5.14 Web Vulnerability Scanner Specifications: Minimum Requirement Description Solution Should support HTML5 - Advanced HTML5 Parsing ,deep Scanning that implements a rendering engine that is in widespread use Solution Should support JavaScript - Advanced HTML5 Parsing Should support Google tool kit Solution should support test for DNS Vulnerabilities Solution should support for content spoofing Solution should support for Reflected & Persistent Cross site Scripting Solution should support Widespread DOM-based cross-site scripting detection Solution should support Blind cross site scripting Solution should support Cross frame scripting Solution should support Cross-site request forgery & Clickjacking Solution should support HTTP header injection/response splitting, including Host Header based attack detection Solution should support for Detection of mobile friendly version of website Solution should support Mail Header Injection Solutions should support OS command injection , SQL injection , Blind SQL injection Solutions should support SSI injection , Xpath injection , LDAP injection Solution should support for Google Hacking Database (GHDB) Page384of 531 Solution should support for Native Scan Scheduler that does not rely on OS Scheduler (e.g. Windows Scheduler or Unix Cron) with Dedicated Scheduler Application and Optimized Task Queuing. support for Regular updates for the application Support for Advanced Command Line Interface able to fully automate scanning of several hosted applications without the need of any pre-configuration, complete with Scan from Crawl parameters and Login Automation. Solution should support for Scan API & Integrates with bug-tracking systems Solution should support for Dedicated tool to scan the sub-domains (Sub-domain Scanner) Solution should support for ISO-8859-1 , UTF-7/8/16 & Parser tolerance 6. Penetration Testing: Penetration testing vendor must be CERT-IN empanelled vendor. 7. Server Specification: S. No. Minimum Requirement Description for Production Database & Application servers Parameter Functionality The offered rack server should be Enterprise class E7Xeon CPU based server. The server should be Minimum 4 socket scalable. Full server enclosure/chassis for meeting the scalability to be offered upfront 1 Processors 2 Cache Minimum 45 MB On-Chip L3 Cache per Processor 3 Memory Type & Memory RAS Proposed system should support Advanced Memory RAS features 4 Memory Scalability 5 Virtualization & Operating System support 6 Disk 7 I/O 8 Removable Media Proposed servers should be capable of minimum 6 TB RAM without changing the configured Memory DIMMs. Server should support VMware/KVM/XEN virtualization hypervisors. Server should support Redhat/SUSE Linux and Windows Operating System. All the partitions / virtual machines should be booted from SAN. Each Server should be configured with minimum 2* 10G Network ports and 2* 16Gbps FC ports Internal or External DVD Drive Page385of 531 9 No Single point of failure 10 Server RAS Features: 11 System 12 13 14 15 16 17 I/O slots RAS Processor Clustering Monitoring software Manageability interface Server RACK System I/O Interconnect, I/O path, Power supplies and Fans, all should be redundant. The system should have the following RAS features on respective resources N+1 redundant fans N+N Power Supply Redundancy Support in server enclosure Error detection / correction Enhanced I/O error recovery Multi-pathing PCIe Cache ECC coverage Memory single device error correct Self Monitoring High availability clustering should be provided for DB layer Clustering Software should be provided with License & Implementation service for Monitor, Start, Stop of cluster. Provided clustering software should have single management of GUI to monitor & manage of all clusters. The clustering software should be provided with the functionality to implement the DR (Disaster Recovery) solution by integrating with Storage Replication technology and providing automated site failover in case of any disaster. System should be provided with monitoring software to enable proactive health monitoring of CPU, Memory, IO and any hardware fault in the system. Redundant management Interface / Controller on server / enclosure. IPMI based remote management Remote management should be capable of web browser based Virtual media capability should be provided Power management & measurement capability Each server / Rack should have minimum 2* 10G switches for port consolidation and connect to core network. Each of this Switch should have minimum 4* 10G uplink ports. Each server Rack should not house more than 1 Production server. Configuration for Compute Layer 18 19 20 CPU Type Number of Active CPU Cores Number of Stand-by CPU Cores 21 RAM 22 Consolidation of DB & APP Layer Intel Xeon E7-8890 v3 18-core CPU Total 864 Cores across multiple instances Total 216 Cores across multiple instances Per Core 24GB Memory should be configured. All the configured memory DIMMs should be of same capacity. Vendor can consolidate DB and APP layer cores to optimize the server foot-print. Page386of 531 Server Blade Specification: S. No. Item Minimum Requirement Description Solution to house the required number of blade servers in smallest number of enclosures. Industry standard suitable for housing in Standard Server Racks Should have support for full height and half height blades in the same enclosure, occupying a max of 10U rack height Same enclosure should support Intel Xeon and AMD Opteron 1 Blade Chassis Should support Hot Pluggable & Redundant Management Modules with on board KVM functionality. Should provide an highly reliable and high performance midplane/back-plane design in the blade enclosure. Should provide detailed technical information. Support simultaneous remote access for different servers in the enclosure. 2 Interconnect 3 Blade Server Interconnect to LAN/ Network 4 Blade Server Interconnect to Fiber Channel SAN 5 Power Supply 6 Cooling 7 System Software Should support simultaneous housing of Ethernet and FCinfiniband interconnect fabrics offering Hot Pluggable & Redundancy as a feature The enclosure should support network switches with at least 2* 10G uplink ports, up-linkable to the data center switch. The enclosure should support Fiber Channel SAN switches with at least 16 Gb auto-negotiating FC uplinks and also at least 16 Gb autonegotiating downlinks to all server bays. The enclosure should be populated fully with power supplies of the highest capacity available with the vendor. Power supplies should support N+N as well as N+1 redundancy configuration, where N is greater than 1. Should offer a single phase power subsystem enabled with technologies for lower power consumption and offering high energy efficiency levels. Vendors should provide documents certifying the claims. Each blade enclosure should have a cooling subsystem consisting of redundant hot pluggable fans or blowers enabled with technologies for improved power consumption and acoustics Management/controlling software’s have to be from the OEM. Must provide a remote management functionality to operate the server in both in-band and out-of-band. Must be part of the server without the need to install any additional hardware or software. 8 Remote Management Must have real time Virtual KVM functionality and be able to perform a remote Power sequence. Must provide both Java & Java-free browsing options. Page387of 531 Must have the ability to map the remote media to the server and ability to transfer files from the user’s desktop/laptop folders to the remote server with only the network connectivity. Must have the ability to capture the video sequence of the last failure and the boot sequence and also playback the video capture or equivalent technology. Must have the ability for multiple administrators across remote locations to collaborate on the remote session in a server with multiple sessions even in server powered OFF mode. 9 Power Management 10 Compliance Must be able to show the actual power usage and actual thermal measurement data of the servers. Vendors must submit supporting documents stating RoHS compliance. 2P Blade Server Specification: S. No. Item 1 CPU 2 CPU Cache 3 Motherboard 4 Memory 5 Memory Protection 6 Hard disk drive 7 Storage Controller 8 Networking features 9 Interfaces 10 Blade Server Connectivity to SAN 11 I/O Slots 12 Graphics Minimum Requirement Description Two numbers of latest generation Intel E5-2600 v3 series processors, Minimum 8-core 2.4 GHz Minimum 20MB L3 cache Intel® C610 Series Chipset Minimum 256GB scalable to 512GB, using DDR4 memory modules. Advanced ECC with multi-bit error protection and memory online spare mode 2 * 600 GB hot plug SFF SAS drives. Integrated PCIe 3.0 based 12G SAS Raid Controller with RAID 0, 1 with 1GB of Flash backed write cache on board. Dual port 10Gbps Ethernet ports Minimum of 1 * internal USB 3.0 port and 1* internal SD card slot Should be capable of supporting 16 Gbps Dual port Fiber Channel HBA internal to the Server Blade. Minimum 2 Number of PCIe 3.0 x16 based mezzanine slots supporting Converged Ethernet, Ethernet, FC adapters, SAS and IB adaptors Integrated video controller Page388of 531 13 14 15 16 Industry Standard Compliance Embedded system management Security OS Support ACPI 2.0 Microsoft® Logo certifications USB 3.0 Support IPMI 2.0 Secure Digital 2.0 TPM 1.2 Support IEEE (specific IEEE standards depending on Ethernet adapter card(s) installed) Advanced Encryption Standard (AES) Triple Data Encryption Standard (3DES) SNMP SSL 2.0 DMTF Systems Management Architecture for Server Hardware Command Line Protocol (SMASH CLP) Active Directory v1.0 PCIe 3.0 Should support monitoring ongoing management, service alerting, reporting and remote management with embedded Gigabit out of band management port Server should support configuring and booting securely with industry standard Unified Extensible Firmware System should support RESTful API integration System management should support provisioning servers by discovering and deploying 1 to few servers with Intelligent Provisioning System should support embedded remote support to transmit hardware events directly to OEM or an authorized partner for automated phone home support Power-on password Administrator's password Out of band remote management Chipset with: SSL encryption Secure Shell version 2 Advanced Encryption Standard (AES) and Triple Data Encryption Standard (3DES) on browser, CLP and XML scripting interface External USB port enable/disable Network server mode Serial interface control TPM (Trusted Platform Module) 1.2 option Advanced Encryption Standard (AES) Intel® Advanced Encryption Standard-New Instructions (AES-NI) FIPS 140-2 Level-2 certification pending Microsoft Windows Server MOLP Red Hat Enterprise Linux (RHEL) SUSE Linux Enterprise Server (SLES) Oracle linux VMware Citrix Xen Server Page389of 531 17 Provisioning Essential tools, drivers, agents to setup, deploy and maintain (not the OS) the server should be embedded inside the server. There should be a built -in update manager that can update these tools online. System remote management should support browser based Graphical Remote Console along with Virtual Power button, Remote boot using USB / CD/ DVD Drive. It should be capable of offering upgrade of software and patches from a remote client using Media / image/folder; It should support server power capping and historical reporting and should have support for multifactor authentication. The server should support Active Health System which monitors and records continuously every hardware change, every configuration change, temperature and voltage variations, and alerts changes in the server hardware and system configuration without impacting server performance. This assists in diagnosing problems and delivering rapid resolution when system failures occur. 18 Remote Management Should support managing multiple servers as one via Group Power Control Group Power Capping Group Firmware Update Group Configuration Group Virtual Media Group License Activation Should support remote console sharing multiple users simultaneously during pre-OS and OS runtime operation, Console Replay that captures and stores and supports replay of the console video during a server's last major fault or boot sequence, Microsoft Terminal Services Integration, 128 bit SSL encryption and Secure Shell Version 2 support. Should provide support for AES and 3DES on browser should provide remote firmware update functionality should provide support for Java free graphical remote console. Software should support dashboard view to quickly scan the managed resources to assess the overall health of the data center. It should provide an at-a-glance visual health summary of the resources user is authorized to view. 19 Server Management The Dashboard minimum should display a health summary of the following: • Server Profiles • Server Hardware • Enclosures • Logical Interconnects • Appliance alerts The Systems Management software should provide Role-based security Software should support search for resource-specific information such as specific instances of resource names, serial numbers, WWNs, IP and Page390of 531 MAC addresses to help manage infrastructure better Management software should support integration with popular virtualization platform management software like vCenter, SCVMM and RedHat RHEV Should help provide proactive notification of actual or impending component failure alerts on critical components like CPU, Memory and HDD. Should provide an online portal that can be accessible from anywhere. The portal should provide one stop, online access to the product, support information and provide information to track warranties, support contracts and status. The Portal should also provide a Personalized dashboard to monitor device heath, hardware events, contract and warranty status. Should provide a visual status of individual devices and device groups. The Portal should be available on premise (at our location - console based) or off premise (in the cloud). Should help to proactively identify out-of-date BIOS, drivers, and Server Management agents and enable the remote update of system software/firmware components. The Server Management Software should be of the same brand as of the server supplier. 8. Data Ware Housing Specification S. No. 1 2 3 4 5 6 7 8 9 10 11 12 Minimum Requirement Description The proposed EDW (Enterprise Data Warehousing) solution should deliver the following: Provide an improved method of storing and retrieving data enabling business user to make informed decision. It should have the ability to capture and analyze unstructured data from varied sources such as social sites. Provide management with the ability to access, analyze and explore information, and develop insights and understanding of availability data to achieve improved, informed and fact based decision-making. Realize operational efficiencies primarily for reduction in the time and effort required in requesting, extracting and analyzing data. Provide senior management with access to information including the ability to present information in sophisticated, graphical way and support intuitive exploration of data. Provide support for both structured and unstructured data Provide MPP (Massively Parallel Processing) and shared nothing architecture Provide Data mining capabilities to offer Advanced Analytics and predictability. Provide parallel load and Unload of data while reports /analytics are being executed. Provide ability to incrementally add hardware for near-linear scale to support Multiple Terabytes to multiple Petabytes in a single instance. Provide ability to handle query complexity and concurrency at scale. Provide ability to store data in columnar format for massive compression. Page391of 531 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 Provide flexibility to Query data from both Structured and unstructured (Big Data) sources through a single interface using standard SQL queries. Provide built-In support to store and process Unstructured Data Analysis (Big Data Analytics) without the need for additional appliance. Provide ability to extract data from source systems at multiple frequencies during Business Hours, to support near real-time data loads into Data Warehouse. Provide flexibility to load data into the Data Warehouse at the same time while users are executing queries or viewing reports or analytics. Provide High compression ratios for quicker query result transfer. Provide ability to scale linearly and predictably by adding preconfigured racks. Provide one single unit across multiple racks, as opposed to several database environments. Database offered as part of the solution should be listed in the TOP 5 of TPCC’s TPC-H Query Performance Metric for 10 TB or higher database size. Provide all the required components to connect to various databases and unstructured data sources to load data into Data warehouse. Provide In-memory data analytics for faster query performance. Provide support for high data compression ratio. Provide integration with Hadoop allowing users to Query and join to data stored on Hadoop Distributed File System. Provide ability to load Data Via batch, Streaming and incremental Load. Provide support for standard ANSI SQL. Provide inbuilt Cost based query optimizer to take advantage of Parallel processing of queries. Provide support for Indexing of data in large tables for faster transaction level retrieves. Provide support for a High availability benchmark of 99% or more. Provide support for Hot Backups and Restores of Data. Provide management software for backup and Restore of Data, fault tolerance for Disk failure and can be supported by one full time Database Administrator. Provide ongoing support for hardware, Operating System, Software and utilities for 3 years. Provide all licensing for the database and Management Utilities. Provide support for Software upgrades with minimal regression testing of existing processes. Provide a minimum of 2 Physical Environments consisting of a Production Environment and Non Production Environment. Provide utilities for moving/Synching data between Environments. Provide integration with LDAP security for Internal Hosting and approved Security Authentication for Cloud based options. Provide ability to manage security via Roles and Groups. Provide the ability to allocate resources (compute and memory) to workload based on their relative priority. Seamless integration of Relational data warehouse and Non Structured data 9. Virtualization Specification: Page392of 531 General Specifications The virtualization layer must help create and manage a virtualized server computing environment The virtualization layer must support hosting of multiple Operating Systems on the Virtual Machines The virtualization layer must support high availability feature irrespective of the Guest Operating System The virtualization layer must support hot plug-in and removal of storage including virtual hard disks and physical disks while a Virtual Machine is running The virtualization layer must support multiple physical processor cores The virtualization layer must support running of both 32 bit and 64 bit virtual machines concurrently The virtualization layer should support management of servers, storage and network as a single fabric The support for network virtualization should be present in the solution The solution should support live migration without setting up cluster The solution should understand dependency of virtual machines and migrate them accordingly The solution should have the capability of Disaster Recovery feature The solution should also be able to enhance the functionality of the hypervisor with offloading hardware capability The solution should support runtime memory configuration. The tool shall provide image library, where Software and server images can be maintained. Facilities shall be there to import new server templates to the library and registering, so as to use the same for provisioning the new virtual servers.These VM images should be automatically synchronized between primary and DR site for ease of management The Solution shall be capable of orchestrating compute and storage resource placements based on flexible policies to maximize hardware utilization The Solution shall be able to abstract compute, network, and storage resources for the virtual machine regardless of server, network and storage hardware The Solution shall continuously monitor utilization across Virtual Machines and shall intelligently allocate available resources among the Virtual Machines The Virtualized Machines shall be able to boot from iSCSI, FCoE and fiber channel SAN The Virtualized Infrastructure shall be able to consume Storage across various protocols like DAS, NAS , SAN Page393of 531 The Solution shall allow for taking snapshots of the Virtual Machines to be able to revert back to an older state, if required The Solution shall cater for the fact that if one server fails all the resources running on that server shall be able to migrate to another set of virtual servers as available The Solution shall provide support for cluster services between Virtual Machines The Solution shall provide patch management capabilities such that it shall be able to update patches on its own hypervisor. The Solution shall have the ability to thin provision disks to avoid allocating all storage space upfront The Solution shall allow configuring each Virtual Machine with one or more virtual NICs. Each of those network interfaces can have its own IP address and even its own MAC address. The Solution shall support VLAN isolation by supporting multiple networks per resource pool The Solution shall have capabilities to create workflows to automate common admin challenges The Solution shall have the ability to develop customized workflows and easy user interface. Integrated Management It should also provide timely system compliance and tracking capabilities Integrated Management should be able to take corrective actions based on the nature of alert received. Integrated Management should have an optional capability to enable automation of certain commonly run tasks in the server environment. The solution should support Dynamic optimization capability so resources are optimally utilized. The solution should have the capability to support power management of servers The solution should have capability to showcase the environment on a live tile as dashboards The solution should provide Rapid Deployment of Virtual Machines by using Virtual Machine Templates. The solutions should provide a Role-based-Security model or delegated Administrator Role. The solution should provide automation platform for orchestrating and integrating IT tools to drive down the cost of data center operations, while improving the reliability of IT processes The solution should have building blocks in library for drag and drop workflow development Provisioning Data center virtualization should provide for provisioning as it is an integral part of dynamic datacenter environment wherein virtual machines can be provisioned based on requirements Provisioning system should have an option to select virtual machine specifications or workload definitions for virtual machine provisioning Virtual Machine management system should allow automation of virtual machine provisioning Provisioning system should address the Live Migration scenario as well wherein a virtual machine from one node of a Server can be failed over to another node in the same cluster without any downtime The solution should support minimum 64 node clusters The solution can go minimum 8000 virtual machines in cluster Virtual machine disk should support up to 64 TB The solution should support unlimited live migrations The solution should support Website density and multitenancy Solution to support CPU Throttling The solution to have the capability of NUMA-Aware Scalability The solution to support VDI solution The virtualization layer should support management of servers, storage and network as a single fabric The support for network virtualization should be present in the solution The solution should support live migration without setting up cluster The solution should understand dependency of virtual machines and migrate them accordingly Page394of 531 The solution to support Private VLAN The solution should have the capability of Disaster Recovery feature The solution should also be able to enhance the functionality of the hypervisor with offloading hardware capability The solution should support runtime memory configuration Virtualization software shall provide a Virtualization layer that sits directly on the bare metal server hardware with no dependence on a general purpose OS for greater reliability and security. Reduction in hypervisor codebase due to no dependence on OS also reduces patching requirement due to unreleated OS components Virtualization software should have the provision to provide zero downtime, zero data loss and continuous availability for the applications running in virtual machines in the event of physical host failure, without the cost and complexity of traditional hardware or software clustering solutions. The solution should support for increasing capacity by adding CPU,Memory or virtual NIC and stoarge to virtual machines on an as needed basis without any disruption in working or downtime for the virtual machines The solution should provide option for securing virtual machines with offloaded antivirus and antimalware solutions without the need for agents inside the virtual machine with integration with 3rd party AntiVirus/Anti-Malware solutions The Virtualization solution should provides APIs for integration with backup solution for agent less and lan free backup thereby reducing backup windows and providing integrated backups. The solution should allow common management across storage tiers and dynamic storage class of service automation via a policy-driven control plane. This is enabled by APIs provided by the Virtualization Solution that enables it to recognise the capabilities of the storage arrays.This insight enables virtualization and storage administrators to automate and easily make decisions. Hypervisor should support memory deduplication which would help increase utilization of available memory by storing identical memory pages within the same virtual machine or across multiple virtual machines only once. The solution should provide prebuilt and configurable operations dashboards to provide realtime insight into infrastructure behavior, upcoming problems, and opportunities for efficiency improvements The solution should provide capacity analytics which can identify over-provisioned resources so they can be right-sized for most efficient use of virtualized resources. The solution should provide self-learning performance analytics and dynamic thresholds which can adapt to the environment to simplify operations management and eliminate false alerts The solutoin should provide integrated smart alerts for health, performance and capacity degradation to identify building performance problems before they affect end users The solution should be able to Create and manage recovery plans directly from Virtualization Manager Console and able to automatically discover and display virtual machines protected by either host based replication or storage based replication The solution should be able to initiate recovery plan execution from virtualization manager with a single click and able to support automated boot of protected virtual machines with pre-specified boot sequence The solution should be able to automate failback to original production site using original recovery plan and also able to atomatically re-protect virtual machines by reversing replication to the original site The solution should be able to store, view and export results of test and failover execution from virtualization manager The solution should provide out of the box disaster recovery automation integration with array based replication from all major storage array vendors. The solution should provide stateful inspection firewall that can be centerally applied either at the perimeter of the virtual datacenter or at the virtual network interface card level directly. The Solution should provide Distributed stateful firewall with ALG (FTP, CIFS, ORACLE TNS, MS-RPC, SUNRPC) The distributed firewall should be embedded in-kernel and should provide line rate performance. The solution should provide Industry-standard IPSec and SSL VPN capabilities that enables securely extending the virtual datacenter. This Site-to-site VPN support would link virtual data center and enable Page395of 531 hybrid cloud computing at low cost. The SSL VPN capability would deliver remote administration into the virtual datacenter through a bastion host, the method that is favoured by auditors and compliance regulators The solution should provide a virtual load balancer to scale application delivery without the need for dedicated hardware. The load balancer should support Web, SSL and TCP-based scale-out for high-volume applications. Support should be from Original OEM with no limit on the number of Support Requests along with free updates and upgrades while the products are under active support. 10. Storage & Backup Specification: Page396of 531 Business Requirements:ESIC is looking for a robust storage solution from leading storage technology providers, which would enable ESIC to provide uninterrupted and seamless user experience to their end users and service providers. Apart from the flexibility of future growth in terms of both capacity and performance, the storage solution should also provide a fool proof disaster recovery mechanism. The storage solution should enable ESIC to have local as well as remote recovery capabilities, going back to multiple point-in-times, thus enabling ESIC to recover from a data corruption scenario as well. 10.1 UNIFIED Storage Technical Specifications: S.No Items 1 Storage controller 2 Cache required/ cache protection 3 Storage capacity Minimum Requirement Description The storage system must be a unified storage array, having at least two SAN controllers running in an active-active mode with automatic failover to each other in case of one controller failure. The offered storage system should have at least 48 GB of cache across the dual “SAN” controllers with ability to protect data/de-stage the data of the cache if the system fails. NAS controllers should additionally have at least 24GB cache across the solution. SAN controller cache should be scalable to a minimum of 128GB with controller upgrade within the same family. The offered storage should also have the capability to support SSD drives based extended Read and Write cache. The offered array should also be configured with at least 400GB SSD based read and Write cache. The same should be scalable to at least 4TB. The storage shall be supplied with 400 TB of net usable data capacity, out of which, 10TB should be on 400GB/800GB/1.6TB SSD drives on Raid 5, 120TB on 900GB/1.2TB 10K RPM SAS drives on RAID 5, and remaining capacity on Page397of 531 4 Protocol Support 5 Front-End & BackEnd Connectivity 6 RAID Configuration 7 Storage Scalability 8 De-Duplication & compression. 9 Thin Provisioning 10 Snapshot and Full copy/ clone functionality 11 Storage built-in functionality 12 Licensing 13 Upgradeability/Inv estment Protection 14 Auto Tiering 15 Mirroring/Replicat ion 16 17 Cables & Accessories Warranty and support 4TB NL-SAS drives on RAID 6. The storage should have minimum 6 Gbps SAS interface for drives connectivity. The offered storage should support following protocols from day one – FC, iSCSI, FCoE, NFS, CIFS, NDMP, FTP, SNMP The storage should be configured End to End with SAS 2.0 with at least 16 Back-End lanes. The same should be scalable to 24 back-end SAS lanes in the same offered storage system. The storage should be configured with minimum of 16 X 8Gbps FC Front-end Ports for block connectivity & 8 x 10GbE ports for File connectivity configured in the storage array The system should support RAID 1, 3, 5, RAID 1+0 & RAID6 The offered storage should be scalable to minimum of 500 disks without any controller upgrade The storage system should have both “file and block-level” DataDeduplication with compression for efficient storage of data on both NAS and SAN. The cost of perpetual license should be included in the product cost The storage system should have thin provisioning and thin reclamation. Storage system should also have compression for NAS and SAN. The proposed storage should be configured with Snapshot License with both create & restore functionality 1. Online Data Migration across different storage disk types. This feature should be used for situations like hardware/software upgrade without downtime of host and application. 2. The proposed array should also support controller based data encryption for the data security. 3. The array must support WORM/equivalent feature to keep data safe from changes, deletions and malicious activities. All the licenses on the storage system should be for usable capacity supported by the system from day one The proposed system should be field upgradable to a higher model in the family by performing the controller upgrade. The existing data on the array should be in place while performing such upgrades, and there should be no need for any data migration following this upgrade The storage should have the capability of Sub-LUN auto-tiering to optimize workload performance by moving highly active blocks to SSDs and less active to SAS and then to NL-SAS/SATA dynamically and non-disruptively. Any required license should be offered for the same Storage array should be configured with storage based synchronous and Asynchronous data replication license across all models of the offered family for the entire capacity. Should also support storage replication to heterogeneous storage arrays All necessary cables, rack mountable kit and other accessories must be provided 3 years onsite comprehensive warranty 10.2 SAN Switch Technical Specifications: Page398of 531 Minimum Requirement Description Fibre Channel Ports – 48 active ports per switch, upgradable to 96 Ports Port Speed of 16Gbps, 8 Gbps, 4 Gbps, 2 Gbps, and 1 Gbps autosensing with at least 8 Gbps of dedicated bandwidth per port Classes of service: Class 2, Class 3, Class F The switch shall support the following: RADIUS,TACACS+, port security, fabric binding, Fibre Channel security Protocol (FC-SP) host-to-switch and switch-to-switch authentication, Secure FTP (SFTP), Secure Shell Version 2 (SSHv2), Simple Network Management Protocol Version 3 (SNMPv3), VSANs, hardwareenforced zoning, broadcast zones, User-defined Role-Based Access Control (RBAC) SAN switch should have capability to interface with HBA of different makes and model from multiple OEMs, supporting multiple Operating Systems, including, but not limited to Red Hat/Suse Linux, MSWindows, Oracle Solaris etc Management Console: Ethernet Diagnostics: POST and embedded online & offline diagnostics Hot-swappable redundant power supplies with redundant cooling fan Mounting: Rack mountable 10.3 Backup Specification for DC-DR and End User: Virtual Tape Library Specification: Sr. No. 2 3 Minimum Requirement Description Must support LAN/SAN based D2D backup and VTL backup simultaneously via NFS v3, CIFS, FC and NDMP protocols Must support global and inline data duplication using variable block length deduplication technology. Must support integration with existing backup software (EMC Networker) 4 5 Should Support deduplication at backup server/ host level Must have the ability to perform different backup or restore jobs simultaneously. 6 Must support single management pane for backup software and multiple backup devices for ease of management. 7 Must supports communications and data transfers through 8GB SAN, 10 Gb & 1 Gb Ethernet LAN over copper and SFP+ 1 8 9 10 11 Should support capacity on demand feature that allows the storage allocation associated with a virtual tape cartridge to be consumed upon write and not creation. Should support backup throughput of at least 20TB/hr for single deduplication pool Should have min 250 TB usable capacity and scalable to 500 TB usable in the same appliance by just adding disk enclosures. Must support 60 virtual tape libraries, 250 virtual drives, 25,000 slots & 50,000 virtual tapes or more Page399of 531 12 13 14 15 16 17 18 19 20 21 22 23 Should support different retentions for primary and DR backup storage and should support instant copy creation on remote site for better DR readiness. Bidder should provide backup appliances at DC and DR with same capacity and licenses Proposed solution should be designed to clone data to offsite location as well for long term retention with search capability for backed up data across multiple sites. Bidder must provide object based backup storage at offsite location with 250TB capacity with inbuilt data protection capability which can be used as data protection storage with existing backup software Must have inbuilt capability for de-duplicated and encrypted replication of data over Local or Wide Area Networks Replication Should support bi-directional, many-to-one, one-to-many, and one-to-one replication Should support Link Aggregation Control Protocol (LACP) and VLAN tagging Should support IP Aliasing, Ethernet failover and aggregation Should have 256 bit AES encryption for data at rest and data-in-flight during replication. Should support retention lock feature which ensures that no data is deleted accidently. Should be able to construct full backup with existing blocks of data on VTL to eliminate need for periodic full backups. 24 25 26 27 Must support RAID 6 technologies with 3TB or more disk drives on SATA/SAS technology. Must have continuous file system check to ensure data integrity with auto detection and self healing mechanism. Must protect against lost data in power fail and software crashes. Must support point-in-time copies of a LUN or volumes with minimal performance impact. Should support automatic remote health check for OEM to monitor the system health. 28 Should Support Enterprise Applications and Database Backups without integration with Backup Software, for better visibility of Backups to Application and database Owners, thus ensuring faster and direct recovery on application/database level. 29 Bidder need to provide all required licenses to integrate the proposed backup appliance with existing backup software. Offsite Data Backup Storage Specification: Sr.No. 1 2 3 4 5 6 7 8 9 10 Minimum Requirement Description Proposed protection storage at offsite for long term retention should be able to store petabytes of unstructured data and to store it over longer periods of time. Should be able to configure to deliver backup-as-a-service. Should support customizable polices to automate data placement protection and lifecycle Should have built-in automation, and self-service access to cloud storage for unstructured distributed Big Data. Should be able to scale up or down seamlessly with zero impact to the backup service. System should support data preservation in the form of an “Object” System should not need to manage the complexities of storage technologies like RAID Groups, LUNs or File systems. Should support Multi-Site Active/Active architecture for distribution of objects & access across all sites. Should not require dedicated replication or further backup. Adding capacity should have zero impact and requires zero reconfiguration or development. Page400of 531 11 12 13 14 15 Should also serve platform to use the backed up data for reporting and analytics. Should allow an application to gain access to data from a different geography for DR reasons. Should support compression, de-duplication, spin down, auto-configuration and auto-healing features. Should support data striping within nodes or across nodes for higher throughput. Should support access through CIFS,NFS End User Data Backup Specification: Sr. No. 1 Minimum Requirement Description The proposed end user backup solution must be mature, tested and widely deployed. 2 The proposed backup solution should support heterogeneous Operating system platforms including Microsoft Windows Server 2008/2012, Windows XP, Vista & Windows 7, RHEL, Solaris OS, SUSE Linux Enterprise Server, Apple Macintosh, CentOS, Debian, HP-UX, IBM AIX, Novell Open Enterprise Server, Oracle Enterprise Linux, & other standard operating systems. 4 5 The Backup solution should have capabilities for Data De-duplication and de-duplication must occur at the source (client), before transfer data across the network Backup data must be broken into sub-file, variable length data segments for optimum efficiency and savings. Proposed solution must provide fast, efficient daily full backups 6 Proposed solution must be able to de-duplicate backup data globally across sites, desktop, laptops and servers, applications and databases. 7 Proposed solution should de-duplicate across sites and servers, reducing total backup disk storage by up to 50 times. 8 Proposed backup solution should be capable for taking daily full backup for 5000 users per zone with 4GB of data per user retained for 30 days. 3 12 Proposed backup solution should be designed with replication of data from all 5 zones to DR site. Proposed solution should be scalable to cater data growth of 5x or more by adding data nodes only. The proposed solution must reduce backup impact on client CPU. The proposed solution should be capable of throttling Bandwidth and CPU to customize the need. The proposed solution should be capable of doing server and Laptop and Desktop backup without the need to have any additional software license or hardware The proposed solution licensing should not be dependent on number of Desktop/Laptops, server hosts, applications or databases and should be capacity based. 13 The proposed solution client agent should be capable of getting installed on Desktop/Laptops and Servers without asking for any restart. 9 10 11 14 15 16 17 18 The proposed solution must have centralized management providing Intuitive, web-based interface, At-a-glance dashboards, Capacity reporting and alerting. The proposed solution should provide a specialized management interface for Desktop/Laptop clients. The proposed solution must provide robust integrated reporting The proposed solution must be capable of providing immediate, single-step browsable recovery. The proposed solution must be highly available and should be capable of building into not having any single point of failure using RAIN architecture to provide high availability and fault tolerance across nodes. Page401of 531 19 20 21 22 The proposed solution must automatically provide daily verification, that backup data is fully recoverable The proposed solution should have the ability to deploy software agents on systems to be protected (no extra local hardware required) The proposed backup solution should provide comprehensive encryption capabilities, including the ability to encrypt backup data while in transit and at rest. The proposed backup solution should support SSL encryption utilizing the 128-bit Advanced Encryption Standard (AES) algorithm and should be used for any external network communications. 11. Network Operation Center (NOC): 11.1 Enterprise Management System (EMS) : For effective operations and management of IT Operations at ESIC, there is a need for an industry-standard Enterprise Management System (EMS). Given the expanse and scope of the project, EMS becomes very critical for IT Operations and SLA Measurement. Some of the critical aspects that need to be considered for operations of IT setup of ESIC are: Centralized and Integrated Dashboard View Centralized and Customizable Service Level Reporting Centralized Log Management Automatic Remediation of Common IT issues (Runbook Automation) Server Change, Provisioning & Configuration Network Automation Application Performance Management Desktop Management Analytics based Service Management (Helpdesk) & SLA Management Centralized IT Asset Inventory discovery & tracking Server Monitoring Network Fault Management Network Performance Management Asset Management The image below shows the logical schematic of the EMS components to be deployed within NOC. Page402of 531 Role Based Access Discovery/Inventory Custom Event Dashboard BSM connectors Tablets and Smartphones Open BSM connector XML, SNMP Service Health Views Domain Connectors DESIGN CONSIDERATIONS of EMS for ESIC There should be a tight integration between NOC and SOC to have the single consolidated console of Infrastructure & security events. Consolidate IT event management activities into a single operations bridge that allows NSOC operator quickly identify the cause of the IT incident, reduces duplication of effort and decreases the time it takes to rectify IT issues. The Operator should be able to pull up security events related to a given Configuration Item, from a single console which also has NOC events, and use the security events to triage the problem. This way the Operator gets consolidated system/network event details and security events (current and historical) from the same console and save time in troubleshooting / isolating the issue. The operator should be able to build correlation rules in a simple GUI based environment where the Operator should be able to correlate cross domain events like events with network infrastructure with security events should correlate and create one event, this will help in reducing the unwanted or symptom events and leave the root cause event in the console. This will improve the operator’s efficiency and will be able to quickly respond to a situation. Scalability – The central console should be capable of supporting atleast ten million Configuration Items (CIs) and two million CIs with status in the Run-time Service Model. Scalability – Service Level Reporting solution should be scalable , it should be capable of supporting up-to 20000 system nodes , 20000 network nodes with capability to support in excess of 700K CIs if need be. Scalability – the log management solution should be scalable , it should be able to support upto 200 GB/day and also be able to support beyond 200 GB/day by Linearly adding more servers of either reference system type, depending on the size of the expected load Features – Automation tool in order to have good time to value should support over 4000+ workflows Scalability – a single instance should be capable of managing the entire lifecycle of servers for at least 1000 servers Scalability – the CMDB should be capable of storing atleast 40 million CIs Scalability – The APM should be highly scalable, real user monitoring should be capable of handling upto 2000 pages a second and upto 150K concurrent mobile devices per probe. Scalability – Network Management Tool should be capable of managing upto 30K devices from a single instance , should be able to have 1 mil discovered interfaces Page403of 531 Software Asset Management should be capable of doing software compliance of atleast 600+ software titles and versions , 3000+ license skus Software Asset Management should be capable of doing license compliance for vendors like HP, Microsoft , IBM (PVU), Oracle, VMware, Symantec, Autodesk ,Adobe, TIBCO, RedHat, BMC etc ESIC Skilled Manpower Requirement for NOC: NOC L1 Support Engineer: - B.E. /B.Tech/ MCA - Minimum of two years’ experience in NOC services conducting network device administration & management, Application and end user performance administration and management. -Minimum 1 year experience in operating a NOC product, EMS, NMS, Network and Application Fault, performance management and other NOC tools. - CCNP certified Preferred. NOC L2 Support Engineer: B.E. /B.Tech / MCA - Total 5 Years of experience out of which, minimum 3 years’ experience in NOC services conducting network device administration & management and minimum 2 years in NOC tool, Network and Application Fault, performance management and other NOC tools. - Certification in at least one industry leading NOC product and other leading certifications inNetworkfault management, Performance Monitoring (Application, Network, End User) such as CCIE. DETAILED SPECIFICATIONS: EMS General: The Solution shall provide future scalability of the whole system without major architectural changes. Solution shall support Web Interface Solution shall be distributed, scalable, and multi-platform and open to third party integration All the proposed EMS solution should be from a single OEM vendor Proposed EMS solution support architecture that is consistent with standard High Availability and Disaster Recovery scenarios. In that HA provides redundancy to protect from local management server outages, and DR provides a method to re-locate the management server to a new site in the event of severe weather, fire, earthquake, or other type of situation where the entire original site is rendered un-available. Single integrated dash board to provide line of business views and drill down capabilities to navigate technical operators right from services to last infrastructure components Consolidated dashboard of the proposed EMS solution shall be the manager of managers and capable of receiving events/alerts from multiple monitoring systems including system, network, storage, hardware, and application. System should be the single pane of glass for enterprise monitoring Consolidated dashboard of the proposed EMS solution must be able to do dynamic service modelling of all business critical production services & use near-real Time Service Model for efficient cross domain topology based event correlation. Consolidated Dashboard The tool should provide complete cross-domain visibility of IT infrastructure issues o Integrate events from ALL domain managers o Automatically relate events to impacted CIs Page404of 531 o Automated discovery of the infrastructure CIs and relationships o Dynamic discovery maintains Run-time Service Model accuracy e.g. virtualization and clusters The tool should Classify events based on business impact Offer relevant tools, run books, graphs in context of a selected event Configure additional single click actions Instruction Text (knowledge base) integrated into events. Guided creation of correlation rules for administrators Tool should provide superior view of infrastructure health across system, networks, IT infrastructure and end-user into a consolidated, central console Integrated UI workflows, mash-up GUI, one dashboard, common KPIs, single event subsystem Tool should allow for customizable operator perspectives Powerful correlation capabilities to reduce number of actionable events. Topology based and event stream based correlation should be made available. Optimized user workflows for doing efficient event management. Enhanced tool and run book support Tool should provide support for maintenance windows and scheduled downtimes Events and discovery / topology data are brought together End-to-end visibility of infrastructure and alerts by showing relationships of events to CIs and business services that are impacted Shows CIs in context One should be able manually relate events also, and also build new correlation rules from selected events using the correlation generator. Tool should be able to highlight Priority of an event. Priority is based on both the event severity and the business impact. CI Business Impact is calculated based on Business Criticality of all affected business services, applications and business process CIs and eg. SLAs. Business Criticality is a property of the CI. The operator should be able to analyze priority, business impact and affected CIs by selecting each event and checking the automatically updated Health Top View, Business Impact View etc. Tool should be able to address following questions while troubleshooting an event :• Health indicators show what‘s the current health: How many indicators show bad health? • KPI over time Report: Is it a re-occurring problem? • Changes and Incidents: Was there a recent change? • Event details: Title & Description • Instructions: Operator guidance shows possible causes & how to solve problem. • Event type indicator related CI & node, related events further complete the picture. Tool should allow to browse performance metrics by selecting CIs or events. New Performance Perspectives allow you to compare graphs of different CIs in the Model Explorer. Graphs should be displayed in context of the CI or neighbourhood. Different metrics can be combined in a single chart, options to hide metrics, or change the display time window. Additional pre-defined graphs can be launched in addition to default graphs. Multiple charts can be set side-by-side – compare graphs for multiple CIs. At times, the operator is doing a fixed sequence of steps related to events, eg. own an event, add some annotation, add a CMA (e.g. customer name) etc. These can be combined and launched via a single click. Page405of 531 The solution should utilize a Near Real Time Data Repository as its underlying database that is automatically populated by various discovery components of the monitoring solution. This repository should allow for a layered topology view of all the services across the enterprise, including dynamic infrastructures such as virtualization and cloud. This repository should also be able to federate with other repositories (CMDBs) i.e. third party CMDB The solution should support mobility devices (ex. iPhone) to allow for role based views that can be accessed while away from the office. Ex. Line of business managers can track and analyze transactions while travelling and engineers can receive alerts and status information while traveling, enabling them to handle issues promptly without returning to their desks. Ability to launch in-context to performance graphs or reports. Ability to automatically calculate the threshold values based on the available historical performance data for previous days. This eliminates the need to set threshold values manually for each policy to suit a different environment. The adaptive threshold capability automatically calculates a baseline from the historic samples to identify previous trends in performance. Based on these trends the threshold values are automatically and dynamically calculated. Once the automatic threshold values are set, comparing the current performance data with the adaptive thresholds indicates if the current infrastructure resource utilization is normal or not. An alert is generated when abnormal behaviour is detected. " Collection of performance data should average no more than 3%-5% system overhead Ability to collect metrics per process to facilitate troubleshooting of system resource overhead on a process basis. The Event Correlation Engine must be based on the discovered information and relationships present in a central Service Dependency Database that contains infrastructure elements from all IT Domains, namely network, storage, hosts, applications and business services. The Correlation Engine shall use detailed, comprehensive, and automatically updated discovery and relationship information to analyze alerts and events and ultimately determine the event that is most likely the cause of an incident. Correlation rules must be based on configuration item (CI) types, not on components themselves, so that they can be automatically applied to each new CI as the Service Dependency Database dynamically discovers and captures the new CI and its interrelationships. In short, there should not be any changes to the rules when topology changes. The system shall allow administrators to create new Event Correlation rules by simply selecting events in the browser and indicating which event is the cause and which are the symptoms. The system should automatically validate Configuration Items in the selected events against the Service Topology Dependency Database to ensure they are connected and hence such a correlation rule can be created. The system should support concepts of Accelerator Packs. These accelerator packs should provide preconfigured correlation rules, tools, and KPIs for specific managed domains such as J2EE, Database, System Infrastructure and Microsoft Infrastructure When many a combination of many events occurs in the monitored environment, the system must be able to automatically categorize them into causes and symptoms. The system needs to provide a single interface to view multiple layers of cause and symptoms. The system should provide automatic chaining of Correlation Rules, meaning if I have a rule relating a database problem to a file system problem, and another rule that relates a file system problem to a storage problem, the system should be to link these rules together and link the database problem to the storage problem during execution time The Event Management system must share the same Data Model as the Service Dependency Database, so that the events in the Management Console can be seamlessly mapped to related configuration items (CIs) in the Service Dependency Database. The Event Management system should be able to filter events that mapped to a particular CI, a host of CI or a entire tree of CI representing a Service Model in the Service Dependency Database. For e.g, Page406of 531 show me all the events relating to any systems, applications, networks and components supporting the online banking Service. The system must allow modification and enhancement events during event processing. An event processing interface must be provided to enable event processing scripts to be integrated into the event processing pipeline and allow operations to enrich events programmatically. e.g, to provide additional information by querying asset databases during event processing time and adding additional hints from the query to facilitate event correlation. Scalability – The central console should be capable of supporting at least ten million Configuration Items (CIs) and two million CIs with status in the Run-time Service Model. 11.2 Service Level Reporter: • Out of the box reporting templates for performance, availability, inventory, operation, virtualization and configuration • Should provide reports that can prove IT service quality levels, such as application response times and server resource consumption • Reports should be accessible via web browser • Reports should be platform independent • Reports can be scheduled to publish automatically or they can be produced on demand • Reports can be applied to all systems, to a group of systems, to a customer group of systems, or to a single system. • Reports can be published in HTML, PDF, Microsoft Word, and Microsoft Excel formats. • Should be possible to send reports via email from the Reporter GUI or from command line. • Automated report generation and publishing • Server reporting tool should be able to collect and collate specific information regarding the relationships between the IT elements and the business services. • Tool should be able to report in the context of the business services that the infrastructure elements support—clearly showing how the infrastructure impacts business service levels • Tool should be able to deliver comprehensive, long-term, and customizable cross-domain reporting. • Tool should support metrics gathered from agent-based and agentless solutions. • Response time and availability metrics should be made available. • Tool should support long-term data retention and aggregation. • Tool should provide a library of out-of-the-box reports that can be cross-launched in the context of business services. • Tool should have minimal setup requirements. • Tool should support additional data collection and reporting entitlements • Tool should support large number of out of the box reports delivers fast time to value • Tool should support report contents which can be customized without expert intervention • Tool should provide reports from both Network devices and Servers from the same console. • Tool should provide development environment where more Content/Reports can be created and data sources such as — Generic .csv files, and, — Databases supporting JDBC. Should also be included to pull data and create reports from such data. • Tool should provide a data collector that enables direct collection of virtualization data • Tool should allow to configure downtime for Configuration Items and view the configured downtime in the reports • Scalability – Service Level Reporting solution should be scalable , it should be capable of supporting upto 20000 system nodes , 20000 network nodes with capability to support in excess of 700K CIs if need be. Page407of 531 11.3 IT Log Management: • The solution should be able to seamlessly collect logs from multiple sources in a highly compressed form, to facilitate and accelerate all data searching. • Typically IT logs need to be retained for long period like seven years for audit compliance and problem management • It should provide the ability to search through large amount of log data using simple query language as well as analytical query language • It should provide high compression ratio and fast retrieval of logs for operational use • Scalability – the log management solution should be scalable , it should be able to support upto 200 GB/day and also be able to support beyond 200 GB/day by Linearly adding more servers of either reference system type, depending on the size of the expected load Automatic Remediation of Common IT Issues (Runbook Automation): • Should create automated IT process workflows. User should be given options to execute workflows in one of three modes: automated, visually guided or operator initiated, and prescheduled. • Should provide a web-based management dashboard for visibility into ITIL incident management and problem management data. Includes out-of-the-box reports, such as MTTR trending, cumulative return on investment (ROI), most frequent resolution workflow, and incident and alert trending correlated to ITIL configuration items. Users should be allowed to create custom reports. • The solution must provide a user with read only access privileges on all flows to ensure the security, reliability and integrity of the system and Should support detailed audit trails of the workflow, including detailed operations and outcomes of each task • Should support creation of charts that offer different views of information obtained from flows • Should support Web Based management dashboard for visibility into ITIL Incident management and problem management data • Simple report creation that answer things such as: o Which applications and servers had fatal errors at a specific location? o How many alerts of various severities were there? o How many alerts there are of each kind of severity (Informational, Warning, Error, Critical, Fatal) o How many alerts of fatal severity were there for each server and application? • Should automate sequence of common operations performed upon applications, computers and network systems. • Should integrate with Data Center Automation tools like Server, Storage Automations and with common ticketing systems, Monitoring systems and Databases • Flexible architecture that supports various deployment topology requirements, i.e. across WANs, inside DMZ • All communications within the workflow environment from flow creation to flow deployment should be encrypted. • Standard flow templates that can be easily modified or reused to perform common operation • Ability to be kicked off in a self-healing or automatic mode from monitoring alerts initiated from monitoring tools • Runs on a wide array of operating systems (Windows, LINUX, and UNIX) and provides native command Support and in-depth operations for reboot, copy, delete etc...Examples o Check the status of a service on a computer o Place or retrieve a file with the ftp put or get commands Page408of 531 o Launch an installing program on a list of computers simultaneously. o Query a URL for its availability (using an HTTP Get operation). o Run a SQL query against a particular database table (using a SQL Query operation)." o Should automate sequence of common operations performed upon applications, computers and network systems. o Should integrate with common ticketing systems, Monitoring systems and Databases • Must provide a way to automatically generate documentation for IT process workflows • Must be able to assign ROI value to each workflow step to calculate total cost savings • The product must provide flexible modes of workflow execution and should support at least 600 concurrent processes. • Features – Automation tool in order to have good time to value should support over 4000+ workflows Server Change, Provisioning, Configuration: Should detect, collect and maintain information about Managed Servers, including packaged, unpackaged software, runtime state, host/guest relationships and more. Should have capability to auto install agent onto target server Visualizes server, network, storage, and logical application environments and dependencies and compliance state. Provides Layer 2 and virtual LAN (VLAN) network information. Intuitive visual snapshot comparison reduces troubleshooting time. Defines server build sequences for provisioning, incorporating operating systems, patches, and software policies. Supports Solaris, Linux, and Windows®. Integrates with HP-UX and AIX. Supports provisioning of VMware Hypervisor and Solaris Zones. Identifies server vulnerabilities quickly and easily and reduces the time needed to patch multiple servers. Enables patch policy creation and flexible patch deployments. Supports native patch formats for all major operating systems. Provides out-of-the-box integration with Microsoft® Patch Network and Red Enables rapid troubleshooting and configurable compliance management by comparing servers to reference servers, most golden reference snapshots, industry best practices, or user-defined scripts. Provides comprehensive compliance dashboard with consolidated servers and cross-tier compliance views. Enables code and application deployment on servers in single or multiple instances without proprietary packaging. Imports files, objects, and scripts to define configuration best practices with graphical user interface (GUI) ordering or deployment and uninstall. Uses a granular permissions model to share applications with developers and administrators. Uses the communications channel with enhanced security features, audit logs, and access control policies to provide direct connections to servers in any location. Supports remote desktop connections, Windows PowerShell, and any shell for UNIX® and Linux environments. Improves automation efficiency by managing remote systems and executing tasks from a command line interface. Also supports Windows PowerShell to provide a command line interface (CLI) to Windows servers. Provides dynamic, real-time, and historical reports into hardware, software, patches, and operations activities in complex, heterogeneous data centers. Includes out-of-the-box compliance reports and ata-glance compliance status with actionable links to servers, policies, and other objects. Exports reports to HTML and comma-separated values (CSV) formats. Manages all servers in any location with Multimaster and Satellite architectures. Uses Multimaster technology to perform safe and real-time replication of critical server and software information to all Page409of 531 data center. Communicates over a common network port for easy and safe network firewall configuration. The system should support automation of servers across multiple data center, with overlapping IP addresses, create and manage policies in any location and apply them to the entire environment. The audit trails should be stored centrally and should be digitally signed to prevent tampering. Will support automated enforcement of policies through fully automated check and remediation process Will support audit and remediation against industry best practice content such as CIS, MSFT. Tool should provide a powerful yet flexible solution that lets users capture and leverage a shared application and deployment model. Users can enter information such as configurations and settings once which can be used each time the application enters that phase of the lifecycle which helps speed the deployment cycle. The system should enable users to manage any server from any facility (in other words, users should not have to login to separate management consoles to manage servers in remote facilities). Open a remote terminal or get complete server history directly in the application visualization interface System should provide a shell interface to let users operate through a command line across multiple servers simultaneously. Scalability – a single instance should be capable of managing the entire lifecycle of servers for at least 3000 servers Network Automation: Should be able to generate a graphical representation of your network. Identify which devices are inactive or out of compliance. Use filters to immediately view isolated specific network segments. Capture a snapshot of the current state of the network, including topology and virtual LAN (VLAN) information. Identify the hosts connected to specific switches or interfaces by MAC address. Manage network compliance by comparing devices to defined, best-practice standards. Speed audit processes with out-of-the-box network compliance reports for ITIL and more. Validate device operating states in real time to stay in compliance. In real time, detect configuration and asset information changes made across a multi-vendor device network, regardless of how each change is made and also support configuration deployment/rollback and configuration templates Manage dual-stack and pure IPv6 environments. Manage SNMPv3 configurations and communicate over SNMPv3. In real time, store a complete audit trail of configuration changes, (hardware, and software,) made to network devices, including critical change information. Configure granular, customizable user roles to control permissions on device views, device actions, and system actions. Support common authentication systems, such as TACACS+, Radius, SecurID, Active Directory and LDAP. Manage device access and authorization through a centralized control model that is integrated with your standard workflow and approval processes. Automate routine configuration tasks for updates, such as password or community string changes. Reduce the time needed to build automation scripts and increase accuracy with auto-generated scripts derived from device sessions. Deploy and monitor operating system images from a centralized network management system. Page410of 531 Create a repository, and synchronize all device software images across your enterprise network. Use image management to automatically identify, downloads, and install the recommended software image for your network devices." Enforce change processes in real time. Model complex approval processes with flexible rules. Force approvals for changes, including changes made by a direct command line interface (CLI) session. Implement high-availability and disaster-recovery solutions with Multimaster and Satellite deployments. Administrators can effectively manage geographically dispersed networks without a single point of failure. The system must support heavily NAT environment and environments where network devices may have the same IP address. The system must provide an automated method to configure devices for real-time change detection via syslog (either direct syslog or syslog via a relay). Scalability – The network configuration management solution should be highly scalable with the largest tier capable of supporting upto 100K devices and carrying out upto 400K tasks per day. Application Performance Management: • End to end Management of applications (J2EE/.NET based) with deep-dive diagnostics • Determination of the root cause of performance issues whether inside the Java / .Net application in connected back-end systems or at the network layer. • Automatic discovery and monitoring of the web application environment and ability to monitor applications with a dashboard. • Should have capability to monitor the third-party applications without any source code change requirements. • Proactive monitoring of all end user transactions; detecting failed transactions; gathering evidence necessary for problem diagnose. • Monitoring of application performance based on transaction type. • Data, reports and views from the synthetic monitoring solution should be able to be incorporated into common dashboard views along with real user monitoring and infrastructure monitoring. • The solution must be able to scale to reflect performance and availability from many geographical locations where business services are accessed without a significant increase in solution • Dashboards should be easily customizable using visual editing capabilities and no coding they should be role-based so that business and IT stakeholders get the necessary visibility into the health of business and provide out-of-box KPIs that can be used to Present different aspects of business service health • Should provide ability for Diagnostics Monitors as complementing extension for current provided load test solution – Able to breakdown the time spent on each component across presentation, business and database layers • The Diagnostics tool should be coming from the same OEM vendor product suite providing the Load Testing product and should have seamless integration with Load Test Solution • Should drill down from slow, end-user transactions to the bottlenecked component, method or SQL statement, helping to solve memory, exception and other common problems • Should automatically detect all components touched by a business process across layers and traces them with no user intervention • Should display the detailed call-tree that pinpoints the exact slow method within method call stack • Should support J2EE, .NET, SAP, SOA or Siebel Applications Page411of 531 • The proposed solution should expose performance of individual SQL statements within problem transactions • Scalability – The APM should be highly scalable, real user monitoring should be capable of handling upto 2000 pages a second and upto 150K concurrent mobile devices per probe. Desktop Management: • The software should have capability to discover software and hardware inventory across all computing devices enterprise-wide and have accurate, up-to-date IT asset information. • The tool should provide the ability to capture hardware information such as BIOS, hard drives, memory, etc…The tool should be able to capture software inventory. • The Configuration Management software should have a single agent which is capable of inventory as well as software management (software pull / push) and including patch management. • The agents should store a local copy of the inventory for comparison on next scan and send only the differential data on inventory scan. • The tool should provide the ability to capture software information such as Add/Remove Programs, WBEM, WMI software classes, etc… The tool should provide the ability to capture registry entries • Provide out-of-the-box normalized reports of detailed hardware configurations and software installations. • Allows administrators to determine the impact of a set of package components, including all files and registry keys, on other packages and components BEFORE deployment. Conflicts and relationship between existing software and ‘to be deployed’ software must be clearly seen BEFORE deployment. • The software should ensure that subsequent changes to policies and entitlements cause software and content to be automatically installed, changed or un-installed for all affected users and PCs. • The tool must have the ability to cache and repair application content locally, for remote locations. • The tool must allow users to install software from a self-service interface. • The configuration management solution must be able to repair or reinstall the application back to its original desired state. • The tool must be able to show how many times an application has been repaired or reinstalled. • The software shall automatically sense and apply changes (install, uninstall, repair, self-healing) on the clients, eliminating the need to create lists and administrator jobs. This means that the software manage change on the clients without administrator intervention. • The desired-state management should also hold true for patch management. If a certain patch is deleted or un-installed from any desktop by the user, it should automatically be repaired / re-installed without the intervention of the Administrator to reduce helpdesk calls • The tool must have a direct online integration to Active Directory without the need to import data. • The Patch Management module should manage the entire lifecycle of patches, hot-fixes, updates and service packs from automatic discovery, download and collection, thorough testing, conflict analysis, and vulnerability assessment, to policy-based targeting and deployment and ongoing management to ensure that patches stay applied as prescribed by policy. • Tool must provide detailed application usage statistics so as to effectively manage the risk of unauthorized usage or under-licensing of software. 11.4 Service Management (Help Desk) and SLA Management: • Should be OGC Gold level certified for ITILv3 in at least 11 processes. • Should be able to control access rights to modules and information by user profiles. Page412of 531 • The CMDB should provide visualization (graphical view) as well as support federation (seamlessly federates information from other distributed data sources), reconciliation and synchronization. • Should provide out-of-the-box categorization, as well as routing and escalation workflows that can be triggered based on criteria such as SLA, impact, urgency, CI, location or customer. • The tool should allow the user to take a screenshot of the error message and sends it to the service desk. The user can type in a couple of text lines to describe the error in simple language. All of the details are completed automatically from the picture taken or the text description provided. The service desk agent then can pick up the ticket with the information already filled in (category, impact, and assignment). • When receiving a call from an end user, the user’s description of the issue can be entered as is by the help desk agent. Then, the system should be capable to suggest the most likely categories and service for the help desk agent to choose. Any of the fields that were auto-generated can then be adjusted or corrected, if needed, also enabling the system to learn adaptively to be smarter in the future. • Tool should help in Problem hunting to reduce time to problem isolation, displays impact of potential problems based on cluster size of related incidents, determine patterns in thousands of incidents for faster problem isolation, discover incident trends based on analysis of unstructured data for proactive management, Problem Managers should get a clustered view of recurring themes hidden in the huge quantities of unstructured data. Tool should provide incident title and description text, including the option to filter and zoom into smaller sets of data as needed. • Tool Analytics should be completely configurable in terms of source data and results, enabling Process Managers and other IT Users to proactively identify trends that can be used to drive action. Multiple instances shall be allowed to be configured in different ways in different modules for different outcomes - for example one should be able to identify trends in one set of data and subsequently develop linkages with other data, or Analytics can run on top of reporting results to provide further insights from unstructured data. • The Change Management module should provide a rule-based workflow system for controlling changes throughout their lifecycle: from initial request to approval, to planning and implementation, and to monitoring and evaluation. • Should include automated impact analysis, calculated risk analysis, collision detection, and unplanned change detection and validation. • The Change Management module should provide the capability for Release Control Analysis inbuilt providing the stakeholders with automated decision-support to help make more informed assessment and approval decisions during the review process. It should also be able to provide the implementation team with real-time visibility into all in-flight change activity to reduce downtime risks and increase communication between different teams during execution. • Should support closed loop incident process to more quickly and accurately discover incidents and execute triage and remediation • The tool should automatically alert the responsible persons when a maintenance task is due or a scheduling conflict arises. • Must allow users to create sophisticated or detailed maintenance tasks. • Must include a cost estimation tool that enables users to select a subset of maintenance tasks, and then calculate the estimated cost to run those tasks within a specified time frame. • If multiple SLAs are triggered, the strictest one must drive the workflow • The product must monitor SLAs against Service, Problem, and Change Management • The solution should show immediate (real-time) status of tickets for eg: • Should support KCS (Knowledge Centered Support) best practices. • Should provide out-of-the-box change category to manage KCS workflow. • Provide out of box and customizable reporting and personalized dashboard Page413of 531 11.5 Network Fault Management: • The solution should allow for Spiral discovery to be run on a continuous basis which tracks dynamic changes near real-time; in order to keep the topology always up to date. This discovery should run at a low overhead, incrementally discovering devices and interfaces. • The NMS must allow immediately determining the impact of a component failure and thus helping in prioritizing problem-solving efforts. • The NMS should provide very powerful event correlation engine and thus must filter, correlate & process, the events that are created daily from network devices. It should assist in root cause determination and help prevent flooding of non-relevant console messages • Polling intervals should be configurable on a need basis through a GUI tool, to ensure that key systems are monitored as frequently as necessary. • The topology of the entire Network should be available in a single map along with a Network state poller with aggressive/customizable polling intervals The NMS application should provide a Unified Fault, Availability and Performance function from a single station only to reduce network and device loads with unified fault & performance polling. The NMS performance system must provide out-of-the-box and highly customizable reporting across the network domain. The Network performance operator console should provide operators with seamless transitions from fault data to performance reports and back. For example - select a node in NMS fault mgmt system and cross launch it for historical and near real time data. Should have MIB browsing, MIB loading, and MIB expression collection features. NMS should be cloud ready, should have dynamic Root Cause Analysis capability NMS should have Global Management capability, where in it can work in distributed environment. NMS should support application based failover over the WAN. NMS should have support for SNMPv3 & IPv6, including dual-stack IPv4 & IPv6 to provide flexibility in protocol strategy and implementation. It should be able to correlate multiple occurrences of a specific fault on a device within a specified time frame to enable detection of chronic problems. At any given point in time there may not exist a fault for a chronic issue, but we need to know that the condition continues to happen. For example: Circuit down 20 times in last 24 hour, bandwidth thresholds exceeded 30 times in last month, etc. It should support discovery of virtual switches and contexts. Virtual switches and virtual contexts, like Cisco FSWM and Cisco ACE contexts, should be discoverable from their physical hosted system, especially when they are added and removed, for full network visibility. The system should support a variety of discovery protocols. The system should take advantage of available information to aid in discovery of the network. Protocols should include ARP, DNS, SNMP, BGP, EIGRP, OSPF, CDP (Cisco), EDP (Extreme), NDP (SONMP-Nortel), FDP (Foundry), EnDP (Enterasys), and LLDP (link-level discovery protocol). Support for discovering and monitoring router redundancy groups using HSRP (Hot Standby Router Protocol) & VRRP (Virtual Router Redundancy Protocol) & recognizing situations that can result in multi-path conditions. Support for port aggregation protocols like PAGP (Port Aggregation Protocol), MLT (Multi-Link Trunking), and SMLT (Split MLT), including visual map-based views & automatic impact assessment based on the relationships between physical and virtual links. Scalability – Network Management Tool should be capable of managing upto 30K devices from a single instance , should be able to have 1 mil discovered interfaces 11.6 Network Performance Management: Page414of 531 Should establish the status of network devices and interfaces with unified status calculation and visualization of network fault & performance data. Should enable efficient workflows using contextual navigation between reports and rich interactive report configuration capabilities Network Performance reporting tool must provide the following capabilities: Data collection and thresholding of network device ports (any that support MIB2 including virtual interfaces): Bytes In, Bytes Out, Discards, Errors, Network Delay Data collection and threshold setting of network devices: , CPU, Memory, Buffers, Component statistics A variety of reports summarizing the data including: Home page summary, Calendar, Heat chart, Headline, Dashboard, Managed inventory report, Top ten, Most changed, Data explorer Should honours network fault management tools’ secure grouping and multi-tenancy settings o Secure reports by group o Secure reports by tenant Should support following single server scalability Should be able to schedule key reports for automated delivery Distribute reports by email in HTML, Excel or pdf formats. 11.7 Server Monitoring: Should offer service driven operations management of the IT environment to manage distributed, heterogeneous systems - Windows, UNIX & LINUX from a single management station. Should provide a centralized point of control with out-of-the-box policy-based management intelligence for easy deployment for the servers, operating systems, applications and services for correlating and managing all the IT infrastructure components of a business service Should support Virtual platforms - VMware and Microsoft Virtual Server, Citrix and provide capability to manage both Microsoft .NET and J2EE applications from the same platform Should provide simplified service / process monitoring and have the capability for distributed management functions and based on time zones have the capability of follow the sun model Should provide in built correlation to reduce the number of messages presented to the operators and to determine the root cause. The system must be agent based for managing the nodes and have the capability of storing events / data locally if communication to the management server is not possible due to some problem. This capability will help to avoid losing critical events. EMS must support the backup server concept, which enables switching management responsibility from one management center to another in case of system failure. This eliminates single points of failure in the management system The System Should have automated service discovery, policy deployment and actions to enable busy IT personnel to focus on more strategic initiatives and manage business-critical application services from the end-user perspective, and to be immediately aware of the business impact of lower level component failures or performance degradations Complex dependencies between managed elements must be captured, allowing IT management staff to interpret lower level data in terms of its importance to the higher-level service. An advanced real-time status propagation mechanism in the Services view must allow IT management staff to immediately determine the impact of a component failure on the overall application service. Problem-solving efforts can then be prioritized. Alarms with meaningful message text, instruction text, operator / automatic actions / linked graphs, duplicate message suppression Page415of 531 Should be configurable to suppress events at the agent or managed node level itself and be configurable to suppress events for key systems/devices that are down for routine maintenance or planned outage. The system should allow for enriching of messages with incremental information and should allow for customization of message attributes. There should be a single agent on the managed node that provides the system performance data, and for event management it should be able to prioritize events, do correlation & duplicate suppression ability to buffer alarms and provide automatic actions with capability to add necessary annotations The system must support multiple built in discovery mechanisms for eg: Active Directory, Windows Browser, DNS with capability to discover and services discovery The discovered services should be displayed in service dependency maps automatically for consolidating different IT management views into a single workbench, which ensures the health of end-to-end IT services across IT infrastructure and domains Should provide console and a web browser interface that can be accessed from anywhere using industry-standard web browsers. Each operator should be provided with user roles that should include operational service views enabling operators to quickly determine impact and root cause associated with events. Highly scalable, and can manage in excess of 1000 managed nodes from a single server with ability push deployment of agents and monitoring policies to a variety of heterogeneous platforms enabling fast and controlled roll out and maintenance The agents should be extensible and customizable allowing incorporation of any required monitoring source not included in the extensive out-of-the-box monitoring policies. With capabilities to collect and analyze performance data from the operating system and installed applications and use historical patterns to establish performance baselines. Agents on the managed node should be autonomous and can undertake automated corrective actions in isolation from the Management server. This will provide management by exception for only forwarding actionable events to the Management server. The system must include very powerful event management and correlation services technology, providing correlation capabilities on the agents in addition to the central manager station to filter, correlate, process, and respond to the thousands of events that are created daily from systems, databases, and applications. There should be secured communication between Management server and Managed nodes avoiding the need to open unsecure firewall ports. The system must provide a Manager-to-manager communication allowing management hierarchies to be established, such as several regional management centres linked to one central location, and to forward or escalate alerts depending on escalation rules. Escalation and forwarding must be fully automatic or handled through manual selection by Customer management staff. The system must support the backup server concept, which enables switching management responsibility from one management centre to another in case of system failure. This eliminates single points of failure in the management system. The system may have its native database and capability to use external database like MS-SQL, Oracle etc. The system should integrate with Helpdesk / Service desk tool for automated incident logging and also notify alerts or events via e-mail or SMS. The system should have management polices to monitor and manage WMI, Performance, SNMP, Application, Log Files and Event logs and support automatic action in various forms like running a script to be taken on alerts from managed nodes Page416of 531 The system should have context-based analysis and forecasting based on performance data with automated policy deployment with detailed, intelligent monitoring of performance and availability data collection Centralized view for Agent-based and agent-less monitoring managed from one central console 11.8 Asset Management: • Asset Manager enables IT organizations to manage the physical, financial and contractual aspects of all IT assets—from request and procurement to retirement and disposal—making it easy to optimize costs, mitigate security and compliance risks and drive business decisions. It should automatically discover and inventory enterprise IT assets which reduces compliance risks, enable software license optimization & chargeback & constantly track changing asset configurations • AM should provide a built-in workflow to suggest to the software asset managers in user organization that they should request more licenses or remove installed software that is not in use or assign rights to others users rather than procuring more licenses • AM will directly alert users whenever a software installation exceeds the purchased volume. AM will also automatically ensure that no additional users are able to subscribe to that software until additional licenses are made available. • Inventory Management • • o Able to manage inventory as individual or bulk items, set re-order levels and amounts and keep a history of transactions o Able to provide ability to account for assets and components in inventory and facilitates maintaining appropriate levels of stock Asset record detail: o Provide a general tab that stores specific information about the device depending on the device type. o Provide a Components tab that stores sub-components information of the asset. E.g. ID, Serial Number, Licenses, Version, Status, Category, Type, Item. o Provide an Additional Details tab that stores various types of detail for the respective type of asset. E.g. how much memory the printer has which might assist in a Help Desk call. o Provide a Contracts tab that stores different types of contracts: Lease, Support, Warranty, Software, Maintenance o Provide a People tab that stores individuals or groups who are owners and users of the asset. o Provide a Financials tab that stores associated costs by cost center, budget code, project. Static and incident costs. Provide Straight line depreciation cost calculation. o Able to track the total cost of ownership for an asset Software License Management o Should manage all types of software license and hence software compliance. o Should be able to recover software licenses when hardware is retired, returned (for leases). o Should track version, status, and upgrade information for each installed software package. o The tool must be able to reconcile the number of installed copies of an application with the number of permitted licenses. o Should be able to track the end-user’s right to utilize software or hardware assets. o Should be able to manage and count software entitlement separately from license counters as software is installed, removed and auto discovered. o Software Asset Management should be capable of doing software compliance of at least 600+ software titles and versions , 3000+ license skus Page417of 531 o • Software Asset Management should be capable of doing license compliance for vendors like HP, Microsoft , IBM (PVU), Oracle, VMware, Symantec, Autodesk ,Adobe, TIBCO, Red Hat, BMC etc Auto-Discovery o Proposed solution should have the auto-discovery tool, which should have tight Integration with the proposed ITAM (IT Asset Management) solution. o Should be able to collects information from desktops, laptops, workstations, network, and servers. o Should have the ability to verify inventory data changes with current asset details before permanently updating the system of record. o Discovery should be automatic and continuous to detect real time changes in the IT infrastructure o Discovery should work without requiring agent installation (that is, agent-less discovery) while discovery Layers 2 through Layers 7 of OSI model o Should use Industry-standard protocols such as WMI, SNMP, JMX, SSH to perform discovery without requiring the installation of an agent o Discovery system should have ability to modify out-of-box discovery scripts, create customized discovery scripts o Discovery system should have the ability to capture configuration files for the purposes of comparison and change tracking o Discovery system should be capable of supporting role-based access to various aspects of CMDB administration o Scalability – the CMDB should be capable of storing atleast 40 million CIs 11.9 NOC Room Display Specifications: Minimum Requirement Description Feature Minimum Requirement Description Panel Diagonal Size 55" Type 120Hz LED BLU Resolution 1920x1080 (16:9) Pixel Pitch(mm) 0.21(H) x 0.63(V) Active Display Area(mm) 1209.6(H) x 680.4(V) Brightness(Typ.) 350nit Contrast Ratio 5000:1 Viewing Angle(H/V) 178:178 Response Time(G-to-G) 8ms Display Colors 16.7M Color Gamut 70% Dynamic C/R 50,000 : 1(AV Mode) H-Scanning Frequency 30 ~ 81kHZ V-Scanning Frequency 48 ~ 75HZ Maximum Pixel Frequency 148.5MHz Display Page418of 531 Sound Speaker Type Connectivity INPUT OUTPUT Built in Speaker(10W + 10W) RGB Analog D-SUB, DVI-D VIDEO CVBS, Component, HDMI AUDIO Stereo mini Jack RGB N/A VIDEO N/A AUDIO Stereo mini Jack Power Out N/A EXTERNAL SENSOR RS232C(in/out) thru stereo jack N/A Type Internal Power Supply Max[W/h] AC 100 - 240 V~ (+/10 %), 50/60 Hz 165 Typical[W/h] 120 BTU(Max) 562.65 Sleep mode less than 0.5W Off mode less than 0.5W Set 1247.7 x 722.9 x 94.8 Package 1381 x 838 x 170 Set 18.3 Package 23.4 EXTERNAL CONTROL Power Power Consumptio n Mechanical Spec Dimension (mm) Weight (kg) VESA Mount 400*400mm Protection Glass N/A Stand Type Foot Stand (Optional) N/A Media Player Option Type Bezel Width (mm) Operation Feature Operating Temperature 17.0mm(Bottom 21.5mm) 0℃~ 40℃ Humidity 10~80% Key LED LFD Special Built in Speaker(10W + 10W), PIP/PBP, Narrow Bezel, Light Weight, RS232 In/Out 1 D-Sub & 1 HDMI, No function key Page419of 531 Internal Player (Embedded H/W) Certification Accessories Processor N/A On-Chip Cache Memor yClock Speed N/A Main Memory Interface Graphics N/A Storage (FDM) Multimedia N/A IO Ports N/A Operating System N/A N/A N/A Safety EN60950-1 EMC Class A Environment ENERGY STAR 6.0 (USA) Included Quick Setup Guide, Warranty Card, D-Sub cable, Power Cord, Remote Controller, Batteries Optional Stand STN-L4055AD, STNL4655E Mount WMN4270SD WMN250MD CML450D (Ceiling Mount) Specialty Media Player N/A CPU N/A N/B S/B GPU FDM/HDD Memory Ethernet Connectivity USB Output Others 11.10 Application Change Management Specification: Page420of 531 Sr. No. Minimum Requirement Description Application Control for Servers The Solution should ensure that Only authorized software is allowed to run and it cannot be 1 tampered Solution should be capable of creating white list for each server dynamically and no manual 2 intervention in creating this list Solution should consider executables, activeX, Java, Perl scripts, bat files, VBS files, com files, dll 3 files, sys files while creating the white list 4 Solution should be capable of locking down the server on the white list created above Solution should prevent tampering of applications which are white listed above either on disk 5 or on memory when running Solution should prevent execution of any file which is not whitelist as above, either initiated 6 from disk or from memory directly Solution should be capable of viewing all the white list from centralised management solution 7 and should be able to modify the list as required The Solution should automatically accepts new software added through authorized process 9 only The solution should not require updates to the policies to be rolled to client system in order to 10 approve new applications to be executed Prevents execution of all unauthorized software, scripts, and dynamic-link libraries (DLLs) and 11 further defends against memory exploits 12 Solution should help ready inter operate with existing change management process 13 Easily accommodates existing change processes across connected or disconnected endpoints Users with Admin privilege, with physical or remote access to the machine cannot override 14 protection The Solution should augment blacklisting, real-time reputation awareness, and behavioural 15 approaches, helping IT to consistently enable the known good, block the known bad, and properly handle the new and unknown 17 The Solution should have a small overhead footprint which includes: 18 19 20 21 • Easy setup and low initial and ongoing operational overhead • Minimal impact on CPU cycles and uses less than 10 MB of RAM • No file system scanning that could impact system performance • Designed to work in disconnected and in “offline “mode solution should be able to inventory and report on installed software and applications on client machines The solution should be agent based solution and support multiple favor of OS such as: • Microsoft Windows 2000/2003/2008 • Microsoft Windows XP/Vista • Microsoft Windows XPE • Microsoft Windows XP/Vista (64-bit) • Microsoft Windows 2003/2008 (64-bit) • Red Hat Enterprise Linux 3/4/5 • CentOS 4/5 • SUSE Enterprise Linux 9/10 • Oracle Enterprise Linux 5 • Solaris 8/9/10 The solution should offer Application control based on Application information (name, checksum) Solution keeps white list created on the local agent only and work on line or off line Page421of 531 The solution apart from allowing only authorised applications to run, should block any changes from being done to authorised applications, like DLL's, System files, registry etc., thus providing application treat protection Change Control for Servers The proposed change control solution shall support Real-time Change Tracking Audit log should 23 Include File, User, Program name and contents that have changed 24 The proposed Change control solution shall provide for Change Prevention also In the Event of unauthorized file change, the proposed solution shall reports WHAT changed, 25 WHO made the change, HOW they made it and precisely WHEN they did so The solution should offer intelligent filters which are pre-configured to track the relevant 26 objects on the system, for each standard Operating System covering systems files including Windows, Solaris, HPUX, Linux and AIX. It should also include application filters for Apache, Tomcat, Websphere and JBOSS, IIS, Weblogic, Websphere , etc., and should be customizable. Solution should provide options to authorise processes and users who can make changes to log 27 files and pre identified files 28 Solution should offer granular read, read-write or no access to identified process or users 29 Solution should integrate with AD for user based policies 30 Solution should offer exceptions to policies based on users or processes 31 Solution should be capable of inter operating with existing change management process Solution should prevent users with admin privileges from overriding the policy and tamper with 32 the control. 33 Change control should be able to provide report as per PCI standards 22 11.11 Database Monitoring Specification: Sr.No. Minimum Requirement Description Architecture 1 Solution should be appliance based or virtual appliance based or agent based solution Agent installed should process the logs locally and without sending it to the central appliance for 2 processing The product should be capable to log all the database related activity. And it should also keep 3 both the realtime and historical logs within the management system If So, There should be only one agent to monitor all DB activities including local DB traffic and 4 network DB traffic All agents regardless of deployment mode should be managed from the centralized management 5 console 6 Agents should have only minimal overhead for the production DB servers 7 Agent should support AIX,HPUX, LINUX, Solaris and Windows platforms 8 Should not be any any 3rd party Software to be installed for agents 9 Audit trail should be stored within the solution and it should not be stored in any database 10 Audit trail should be tamperproof and should be stored in encrypted flat files. 11 Solution component should be managed centrally. Page422of 531 Solution Should support below DB platforms Oracle MS-SQL (Microsoft SQL Server) DB2 (LUW, z/OS and DB2/400) 12 Sybase Informix MySQL Teradata Database Discovery Solution should discover both new and existing database systems and should map all on the 1 network. 2 product should provide automated discovery of both new and existing Database tables The product should be capable to log all the database related activity. And it should also keep 3 both the realtime and historical logs within the management system 4 Product should show changes since the last scan for DB Discovery and configuration 5 Solution support identification of rogue or test databases Data Classification 1 The product should perform data discovery and classification Solution detect sensitive data types, such as credit card numbers, social security numbers, etc., in 2 database objects List supported out of the box sensitive data types 3 The solution should locate CUSTOM data types in database objects The Solution should have the ability to perform database scanning, conducting more than 2500 4 vulnerability checks against leading database systems such as Oracle, Microsoft SQL Server, IBM DB2, and MySQL databases. 5 It should scan multiple databases across the enterprise from a centralized console. 6 It should automatically discover database in the network. 7 It should locate sensitive information in table and identify them. 8 It should provide the Database version and patch status by doing quick port scan. It should be able to detect weak password for databases and point out accounts with simple, 9 weak and shared passwords. 10 The solution should be able to discover weak password within the Database. It should identify susceptibility to database-specific risks, including SQL injection, buffer overflow, 11 and malicious or insecure PL/SQL code. Vulnerability Assessments Solution should have DataBase vulnerability assessment tests for assessing the vulnerabilities and 1 mis-configurations of database servers, and their OS platforms. OSs and RDBMSs are tested for known exploits and mis-configurations. Solution should have a comprehensive list of pre-defined assessment policies and tests.Vulnerabilities specific for SAP, Oracle EBS, and PeopleSoft databases can also be detected. In addition, the following tests should be included: - Latest patches and releases installed 2 - Changes to database files - Default accounts and passwords - Newly created/updated logins - Remote OS authentication enabled - Escalated user privileges granted 3 Should be able to add custom assessments to the solution? 4 Solution should support user created scripts for assessment tests. 5 The product should identify missing patches Page423of 531 6 The solution verify that default database accounts do not have a “default” password 7 The product should be used to measure compliance with industry standards and regulations Vulnerability Assessment Result Analysis and Reporting 1 The product should present a view of risk to data – by vulnerability and the sensitivity of the data Solution should have Data Base vulnerability assessment tests for assessing the vulnerabilities and 2 mis-configurations of database servers, and their OS platforms. OSs and RDBMSs are tested for known exploits and mis-configurations. Solution should have a comprehensive list of pre-defined assessment policies and tests. Vulnerabilities specific for SAP, Oracle EBS, and PeopleSoft databases can also be detected. In addition, the following tests should be included: - Latest patches and releases installed 3 - Changes to database files - Default accounts and passwords - Newly created/updated logins - Remote OS authentication enabled - Escalated user privileges granted 4 The Solution should have pre-defined reports. 5 the product should support custom report generation. The product should compare the results of a discovery, classification or assessment job with a 6 previous run 7 Should have an option to distribute reports on demand and automatically (on schedule) Remediation 1 The product can be upgraded to for mitigating risk to sensitive data stored in databases? Should have an option to upgrade the product to actively prevent attempts to exploit known 2 vulnerabilities The solution can be upgraded to offer virtual patching capabilities (protecting the database from 3 known vulnerabilities without deploying a patch or script on the system) Database Activity Monitoring Solution Should have Appliance/virtual appliance/agent based solution to monitor network based 1 DataBase activity and should have agents to monitor Local DB activity Agent installed should process the logs locally and without sending it to the central appliance for 2 processing Should have DBMS product to be used as part of the appliance package to store configuration and 3 alert logs, not for storing Audit data 4 The solution should support high-availability Solution should support below Data Bases 5 Oracle, MS SQL, DB2, Informix, Sybase, MySQL, Teradata 6 The solution should not use the native database audit functionality. 7 Solution should log all the database related activities 8 Should be able to integrate with leading SIEM tools 9 The product should have means to archive and restore data 10 The agent should not require a reboot after installation/configuration 11 The solution should not require any changes to monitored database and/or application 12 The Solution should not require a database restart after installation/configuration? The audited data transferred between the agent and the appliance should be through an 13 Encrypted channel 14 The solution should capture before and after image of data that is being manipulated 15 Product should identify differences in baseline user activity. 16 The solution should capture Select activity by user/role 17 The solution should capture update, insert, delete (DML) activity by user/role 18 The solution should capture schema/object changes (DDL) activity by user/role 19 The solution should capture manipulation of accounts, roles and privileges (DCL) by user/role Page424of 531 DAM Should monitor privileged operations including both SQL and Protocol level operations be monitored. 21 DAM Should monitor MS SQL statements where caching is used DAM solution be able to monitor activities at new DB interface/ connector created by any user/ 22 system without any manual intervention 23 Solution should Identify abnormal Data Based access based on profiling. 24 Solution should be able to Identify the real end-user for enterprise application activity. Solution should not be based on timed sampling of the database shared memory. This results in 25 lost traffic when the load is high. Solution should use agents only for monitoring the data base traffic. Traffic analysis and policy 26 engines should not run on agents, if so this will introduce overhead to the database server. 27 Solution should have Data Base profiling feature to identify abnormal DB activities. Alerting and Blocking Capabilities 1 The solution should provide automated, real-time event alert mechanism 2 The solution should have an option to upgrade to database attack in real-time 3 The solution should monitor privileged users 4 The solution should have an option to upgrade to block privileged users activity if required the Solution should monitor for all DB attacks like SQL injection and alert despite the traffic is not 5 audited. 6 The Solution should have an option to upgrade to block DB attacks like SQL injections in real time. 7 Solution should not use Data Base triggers to block the traffic. 8 Solution should Identify and block non-SQL access such as export table direct. Solution should have an option to integrate with anti-malware solution to block infected systems 9 accessing Data Base Servers. The solution should 100% monitor the DB traffic for all DB violation and attacks despite the traffic 10 is not being audited Reporting 1 Solution should have packaged reporting capabilities 2 product should support use of pre-configured policies/reports for ensuring regulatory compliance 3 Product should have a functionality to assist with security event forensics 20 12. Security Operations Centre (SOC): Service Provider shall provide skilled manpower for Security Operations Center (SOC) operations for a period of Three years. Service provider shall ensure uptime & availability of SIEM & Security Tools. Service provider resources are expected to deliver SOC services including but not limited to performance monitoring, performance tuning, optimization, and maintenance of SIEM & security tools, also SIEM log backup, troubleshooting, security monitoring, security product management, Malware Monitoring. This service will help ESIC to monitor for security events throughout its network by analysis of logs from servers, infrastructure devices and applications. The security monitoring service will have following components: a. 24X7 log monitoring for identified devices and applications. b. Rapid response to incidents & forensics. Page425of 531 Design Principles for SOC: The Intent for implementing a SOC at ESIC is covered below:1. Identification & Prevention of Information Security Vulnerabilities: The SOC should be able to identify information security vulnerabilities in environment and prevent these vulnerabilities through implementation of adequate security solutions. 2. Incident Management: Reporting and logging of information security incidents through the use of appropriate ticketing tools. Track and monitor the closure of these information security incidents and Escalation of these incidents to appropriate teams/ individuals in ESIC if required. 3. Continuous Improvement: Continuously improve SOC operations. A) Security Information and Event Management: The Service Provider will offer, in terms of Security incident and event monitoring, the following: 1. 24/7 security monitoring 2. Log collection and management 3. Event correlation 4. Threat intelligence 5. Security incidence response 6. SOC Program Management Monitoring Security Incidents: Monitor all security incidents using SIEM solution deployed at DC & Monitoring of DC & DR sites and integrated with various infrastructure devices of ESIC. The solution should integrate with Network/ Security / Servers / Applications / database of ESIC. Log Management: Log has to be retained for a period of 1 year Online and additional 1year Offline. B) Network Forensics: Today's threats are multi-faceted, dynamic and stealthy. The most dangerous attacks have never been seen before, rendering signature-based technologies ineffective. These threats often don't leave a footprint in logs, so security teams must augment their existing security technologies with network packet-based detection and investigations. Augment your existing SIEM’s capabilities with better visibility, analysis and workflow. Discover attacks missed by other tools. Inspect every packet session for threat indicators at time of collection with capture time data enrichment Instantly pivot from incidents into network packet detail to perform network forensics and understand the true nature and scope of the issue Solution should augment the existing security technologies like SIEM, APT with network packet-based detection and investigation capabilities. It uses the solution's metadata framework to organize the data in a clear and navigable way. The metadata from the packets is normalized so the analyst can focus on the security investigation instead of data interpretation. Having full network packet data allows you to readily reconstruct exactly what happened. In addition, the incident management capability built in lets investigators collaborate, annotate and manage response activities around a particular issue. Security Management Dashboard: Page426of 531 The bidder is required to provide a Security Management Dashboard which seamlessly orchestrates people, process and technology to effectively detect and respond to security incidents. This will be accessible to ESIC analysts. The dashboard solution should be on premise and not a hosted solution. The solution should be able to manage the entire lifecycle with integrated business context and best practices aligned from industry standards. It should full visibility into the entire process lifecycle with focus on work flow, dashboards and reports. The ESIC and Service provider should be able to define the overall effective ness of the SOC program because of full visibility into security incidents and data breaches whenever they happen. From a remediation perspective any security incident requiring actions from IT operators could be automated with integrating with ticketing management system. Reporting and Escalation: Providing various levels of management reports to ESIC and implementing Escalation Matrix in order to handle Information Security Incidents efficiently. The bidder should provide periodic reports to ESIC as per the following requirements: 1. Daily Reports 2. Weekly Reports 3. Monthly Reports Training: The service provider is expected to provide training to the identified ESIC personnel/SOC team team on the services and product architecture, functionality and the solution design. Provide hands-on training to the participating NIC personnel /SOC team on SIEM operations, alert monitoring, policy configuration for all solutions etc. The training needs to be provided by OEM and the requisite training material needs to be provided. The training material should cover installation, operation, integration, maintenance, troubleshooting and other necessary areas for each solution. ESIC Skilled Manpower Requirement for SOC: SOC L1 Support Engineer: - B.E. /B.Tech/ MCA. - Minimum of two years’ experience SOC services conducting security device administration & management. -Minimum 1 year experience in operating a SIEM product, Firewall, APT and other security tools. - CEH certified Preferred. SOC L2 Support Engineer: B.E. /B.Tech / MCA. - Total 5 Years of experience out of which, minimum 3 years’ experience in SOC services conducting security device administration & management and minimum 2 years in SIEM tool, Firewall, APT& other security tools. - Certification in at least one industry leading SIEM product and other leading certifications in security, such as CISA, CEH, CISSP, CISM, CRISC. Architecture of the solution: SOC Framework/SIEM Tools Management/Business Context/ Framework Firewall/IPS Investigation, Correlation, Reporting& Alerting AV/AntiSpamm Switch/Router Endpoint Threat Management Log Archive Page427of 533 Applic ion Da bas SIEM Technical Specifications: S.No. 1 Minimum Requirement Decription The Proposed solution should be appliance based solution. All components should be appliance based. 2 The SIEM platform should be based on a Hardened Operating System Based solution with a clear physical separation of the collection engine, the logging engine and the co-relation engine.The solution should have a scalable architecture, catering multi-tier support and distributed deployment. 3 The proposed SIEM soluiton should be deployed to collect and correlate data from multiple locations spread across India. 4 The solution should support both agent based and agent less architecture to collect the security logs across various resources and assets 5 The SIEM solution should be able to handle a minimum of 15000 EPS and should be scalable up to 20,000 EPS overall over a period of 5 years by introducing more receiverrs/collectors. The proposed solution should take into account upgrades of hardware, software, licenses as applicable over the 5 Years at no additional cost. 6 The SIEM solution licensing should be by the number of events per second and not based on number of assets/devices forwarding the logs to the SIEM Solution. 7 The SIEM solution should not require the addition of agents or software on the monitored assets, except if the asset being monitored does not provide any means native log shipping. 8 For assets not natively supported, the SIEM solution should provide the collection of events through customization of connectors or similar integration; Must support event collection using at least the following industry standards: syslog, OPSEC, WMI, SDEE, ODBC, JDBC , FTP, SCP, HTTP, text file, CSV and XML file. 9 The SIEM solution must supply own API and graphical tools for creating new connectors or similar parsing solution. The solution provides ease of use regular expression based ability to create custom parsers. 10 The SIEM receiver or log collection component must store the data locally if communication with centralized correlators is unavailable. 11 The SIEM Solution should provide the capacity to maintain the logs online for six months. 12 Must allow correlating events and alerts to existing data in lists (watchlist), also allows the creation of new and editing existing lists, both as an automated and manual. Must allow creation of static or dynamic Lists. 13 The SIEM solution should support RADIUS and Active Directory and Common Access Card for Authentication. Page428of 531 14 The solution should provide a single pane of glass view for all events and incidents across the organisation and should provide Real Time Analysis and Reporting. 16 The proposed SIEM Solution should be at least FIPS 140-2, Level 2 Validated. Solution should be capable of retrieving the archived logs for analysis, correlation and reporting and for forensic purposes. 17 The solution should be able to collect data from new devices added into the network, without any disruption to the ongoing data collection. 18 Receiver appliance should have the capability to collect flows. If receiver/collector does not have the capability to collect flows, third party product can be utilized 15 B 1 Log Collection & Management The SIEM solution should support Integration with Firewalls, IPS, Antivirus Solution, Gateways routers, switches etc. 2 The SIEM solution should be able to collect logs via the following ways as inbuilt into the solution: SYSLOG, OPSec, Agent-Less WMI, SDEE, Calls to MS-SQL Systems via ODBC, FTP, SCP, External Agents such as Snare or Adiscon etc. 3 The solution should provide the capability to integrate with a SAN to store events for historical reporting and analysis. 4 The SIEM solution should provide a data aggregation technique to summarize and reduce the number of events stored in the master database. 5 Solution should have capability to audit any tampering of log collection in the SIEM solution. 6 The data collected from the receiver or the log collector should be forwarded in an encrypted manner to SIEM log storage. 7 The proposed solution should provide a minimum log compression for raw logs ensuring log compression to reduce overall log storage space for the raw log format. 8 The solution should be able to collect data from new devices added into the network, without any disruption to the ongoing data collection. 9 The solution should be able to decode an entire application session up to Layer 7, providing a full analysis of everything from the underlying protocols and session integrity all the way up to the contents of the application (such as the text of an email or its attachments). C 1 2 3 D 1 2 3 4 Incident Management The solution should provide flexible and customizable reporting and dashboard environment. The SIEM solution should provide Native support for Incident Management Work Flow. The SIEM solution should be able to integrate with a Trouble Ticketing system. Reporting The solution should use an adaptable and intuitive rules based interface for correlation The solution should provide pre-defined report templates. The reports should also provide at least the following reports out of the box or customized for: NERC, ISO 27001-2, Basel II. Etc. The solution should allow scheduling of creation of reports The solution must provide fully customizable queries and report library to define report and alert combinations. Page429of 531 5 The solution should support automated scheduled archiving functionality into file system on an offline device. 6 The proposed SIEM solution should support customised reporting functionality and should be available in PDF, CSV etc. 1 Correlation The SIEM solution should provide content aware correlation both rule based and rule less correlation against data collected from multiple devices across the network. 2 The SIEM Solution should provide real time threat intelligence from Own or other third party trusted feed vendors. 3 The solution should have pre-defined correlation rules out of the box, so as to provide correlation on the fly. 4 The solution shall provide a user friendly graphical user interface to create/edit/delete correlation rules. 5 The filtering options should support Boolean operations including "OR, "NOT" and "AND" logic operations. 6 The solution should support Identity-Oriented Monitoring- real time views and reporting preferably integration with Identity and Access Management Solution. 7 The SIEM must allow the creation of an unlimited number of new correlation rules, as well as the customization of existing rules. 8 The SIEM solution should provide a formula of threat which should be customized to allow increasing or decreasing the level of risk with at least the following types of correlation: Geo Location Based correlation , Historical Based Correlation , Vulnerability Based Correlation 9 The relative risk of each activity should be calculated based on values assigned by the Asset Administrator within the SIEM solution. 10 The activities should be separated by levels of risk for the company. For example, Risk very high, high, medium, low and very low. 11 The SIEM solution must support multiple mechanisms of correlation and the correlated events from these, to carry out activities of correlation and located centrally. E 12 The solution should include pre-built detection rules for regulated and sensitive data 13 The solution should generate a complete audit trail of application events for compliance requirements like ISO 27001 etc. 14 The Application Monitor functionality of the SIEM solution should operate out of band (Span Port) so as that it will not interfere with application performance or reliability or introduce latency. 15 The Solution should be able to detect a variety of unauthorized activity, policy violations, theft, and fraud 13. S.No. Governance Risk and Compliance Specification: Minimum Requirement Decription General Requirement Page430of 531 1 2 3 4 5 6 7 8 9 10 11 12 The Application should support the following GRC Activities:1. Monitoring Compliance to regulations, Standards and internal policies 2. Conducting Risk Assessments and Control Assessment (Vendors, Privacy related etc) 3. Control Testing (Design and Operating Effectiveness) 4. Issue Remediation (Open Issues identified during Risk Assessments and Control Testing) 4. IT Resource Management(Classification of Assets) 5. Incident Management (Recording of Incidents and Performing the root cause of Incidents) 6. Key Performance Indicators / Key Risk Indicators (KPI/KRI). The application should support an integrated framework for all applicable standards like ISO 27001 PCI DSS etc. The Solution should have a capability to maintain the library of all the applicable standards; It should have capability to link all the applicable standards to various entities in the organization for assessing the level of compliance. The Application should provide a Graphical User Interface (GUI) based integration with other Security applications like SIEM/Vulnerability Assessment/Penetration Testing/ Code Reviews for recording all IT Risk related information into a single repository after eliminating the false positives for initiating further actions. The integration can be through incident reporting in case of SIEM and Issue and Remediation plan for other applications as described. The application should provide a user interface for the creation of users/importing user list who are involved in the GRC Activities. Application should provide the capability to define standard roles that can be mapped to various users. The user privilege should be restricted based on the area of operations he is involved in or on the type of GRC activity he is involved in. The Application should have an integrated report/dashboard facility which can provide a unified view on the Information Security position across the organisation. The Dashboards should have a set of predefined set of reports with drill down or roll-up capabilities to navigate to various organizational elements. The Application should provide a facility to customize the reports/dashboards that are available by default. The Application should also restrict the viewing of the reports based on the user's role & privilege. The Application should provide a wizard-based interface to create reports/dashboards to meet any new or adhoc requirements. The report format could be either graphical or tabular. The application should also have a feature to import data for any analysis based on the requirements of the organisation. Application should have a feature to publish reports in various formats like Word, PPT, and Excel. The access to this feature should be based on user privileges. Application should provide an audit trail feature as required by standards or regulations. This should include an interface to record reasons for changes and maintain the history of activities performed on any transaction/record. Application should provide a user interface to create/manage workflows. The workflow should enable electronic movement of data in performing risk assessments, incident management, key risk indicators, issue remediation, control testing etc. It should also support alert notification on the user home page for tasks he is assigned to. Application should provide an interface to enable standard Email Notification (if any) for an initiated work item. Application should provide an interface to customize the text of the Email notification to support new requirements The Application should provide a User interface to record various information related to incidents, issues etc. However if there are multiple records, the application should support import facility into various modules using data formats like excel. The Application should provide a search functionality across all the modules wherein records could be searched by using standard fields, key words etc. The Application should also have a feature to assign labels to frequently used search criteria’s. Page431of 531 13 14 15 16 17 18 19 20 21 22 23 24 25 26 Business Structure The Application should be able to maintain a library of Business Structures/ IT Resources (business units, processes, assets, vendors etc.). It should also provide a feature to maintain a hierarchy of business structure/IT Resources. Application should be able to accommodate changes in the organizational structure without the loss of historical information. The Changes could be by virtue of introduction of new processes in the organization, discontinuance or realignment of existing processes or due to any other change in the organization. The Application should provide a feature to create associations between different business structures (For example, applications should be mapped to the business units they belong to.) Application should provide an user interface to maintain all necessary information w.r.t to each node of the business structure/IT Resource. . In the Case of an IT resource, it should provide a feature to capture the Asset criticality Index based on user inputs pertaining to the identified parameters (through drop downs or other similar features). Application should support seamless integration with sources in updating the business structures (For Example the Asset hierarchy should be updated from CMDB in a seamless manner for the changes that are made in the CMDB for a given time period.) Risk Assessment The Application should provide an interface to capture the Risk Assessment Plan for performing Assessments of IT Assets and vendors by the Process/Asset owners. The Application should also provide an interface to view the status of the Risk Assessment Plan The Application should provide an interface to map various business structures (Management Organization, Process, Asset, and Vendor etc) based on the type of risk assessment performed or the control testing’s planned. The Risk Assessment could be an Application Risk Assessment, Process Based Risk/Control Assessment, Vendor Risk Assessment, Project Risk Assessment, Privacy Risk Assessment, etc. Control Testing could be to validate the design effectiveness or operating effectiveness in line with polices or procedures. The Application should provide a library of predefined Risk Assessment templates (Questionnaires) for various assessments. The application should also provide a flexibility to customize the predefined questionnaires as per the local policies. The Application should provide wizard based user interface to create/modify/append questionnaires to facilitate risk/Control assessments. The Application should have a feature for creation of multiple questionnaires based on the objectives of the assessment. The Application should provide a user interface to create/modify/append response scales to questions attached to the Questionnaires. The Application should provide the flexibility to capture objective-based responses or text-based responses. In the case of objective responses, the application should provide colour codification to convey a business meaning (for example, red for high risk and green for low risk). The Application should also support an offline administration of the Risk Assessments. This could be excel-based/ word-based templates which can be used for responding to questions during risk assessments. The application should have a feature for uploading the results of such risk assessments back into the application. The Application should have the capability to automatically calculate the risk levels based on inputs/answers submitted by users in response to the Questions. The Application should provide an ability to attach weights to questions in calculation of these Risk Levels. The Application should have an interface for users to upload documents (if any) in support of their responses provided to the questionnaires. The Documents shall provide a documentary evidence for supporting why a specific response was provided for the Risk Assessment. The Application should have an interface to link remediation plans (issues and actions) for Page432of 531 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 mitigating the risks or control improve the design effectiveness and control effectiveness where ever applicable while performing the Risk Assessment/Control Assessment or control testing The Application should support configuration of workflows, The workflow should be based on the type of risk assessments, responses to the questions of risk assessments etc. The Application should provide an aggregated risk score at the business structures level. There should be features which support defining the aggregation logic based on the client’s policies. The application should provide a feature to map controls to the relevant context (Context means the underlying business structure). Also, the Application should provide a feature to document control test plan, test steps and capture testing results for facilitating the control testing activity. KEY Risk Indicator/Key Performance Indicator (KRI/KPI) The Application should provide an interface to map key risk indicators to various business structures (Management Organization, Process, and Asset, Vendor etc). The Application should provide a library of Information Security-related KRI. The Application should provide an interface to link KRI's in the library to Business Structures. The Application should also provide an interface to change the definition of the KRI's that are linked from the library. The Application should provide a GUI interface to input key attributes like type of Risk Indicator, thresholds that classify the results of the Key Risk Indicator (into high, medium, low), frequency for monitoring the KRI. etc. The Application should provide a seamless GUI based integration with any identified source system for sourcing the data required for publishing the results of the KRI The Application should support configuration of workflows that will enable raising requests and recording the submitted responses for the same. The Application should support initiation of notification based on the results (thresholds) of the Key Risk Indicators. The Application should have an interface to link issues and action plans (wherever applicable) while recording the results of the Key Risk Indicators. The Application should have an interface to upload documents (if any) in support of responses provided for the Key Risk Indicator questionnaire. Incident Management (IM) Application should provide an interface to map various business structures to the incidents. Application should provide an interface to record/modify incident. The user interface should allow linking the incidents to relevant information like risks, threats and vulnerabilities. Application should provide a detailed workflow to route the incident to the relevant person who would do the root cause analysis of the incident based on the nature of incidents. Application should have a facility to link issue and action plan (wherever applicable) post the completion of the root cause analysis. Application should have a facility to attach documents with respect to the incidents while carrying out investigation. Application should have a facility to record incident-specific information and the fields for the same should be populated based on the type of incident. Policy and Compliance Management (PCM) Application should provide flexibility to users to upload a list of legislations, regulations, policies and standards and should thus be able to maintain a single repository of policies & compliances. The Application should also facilitate recording of changes in the policy/ standard changes when required. Application should provide a facility to map compliance requirements to relevant business structures. Application should be able to plan compliance programs and record the frequency of monitoring Page433of 531 47 48 49 50 51 52 53 the adherence to compliance requirements. Application should provide a facility to create risk assessment questionnaires based on compliances to assess the level of compliances. Application should provide a facility to create a workflow across organization to facilitate assessment of compliance levels. Issue and Action Plans (IAP) Application should provide an interface to map issues and action plans to business structures Application should be able to integrate with other systems to create a log of issues and action plans. This should facilitate the linking of Owners to each issue & associated action plan and target dates against each issue. Application should provide an interface to record waiver requests and seek necessary approvals for obtaining the same. Application should provide an interface to link issues and action plans to various other modules like incident management/key risk indicators risk assessment and policy and compliance management module Application should provide an interface to record responses to the issues Page434of 531 14. Service Desk: Service Desk will be an important function within the service support set. It will be first and ideally single point of contact for users (SPOC). Man maned 24X7X365 days a centralized DC/DR & End Module service Desk. The two main focuses of the Service Desk -Incident Control and Communication. The Service Desk handles all incoming calls and only escalates them to the second or third tier support when necessary. Ideally, the Service Desk will have access to a Knowledge Base, which will contain a list of known solutions for common incidents. This way queries or incidents can be solved by the Service Desk staff without taking time from skilled IT technicians. The Service Desk will be responsible for keeping the customer informed on the status of their request. Service Desk Function Overview Provide a strategic central point of contact for customers and support the Incident Management process by Page435of 531 providing an operational single point of contact to manage incidents to resolution. Function Goal Achieve the function mission by implementing: • ITIL-aligned Service Desk function • Dedicated Service Desk Function Owner • Centralized function for incident and request handling • Ongoing monitoring and management of customer satisfaction • Strong levels of incident communications and ownership • Right level of support and customer care skills among Service Desk staff and management Critical Success Factors (CSFs) The Critical Success Factors (CSFs) are: • Ensure long term Customer retention and satisfaction • Assist in the identification of business opportunities. • Reduce support costs by the efficient use of resource and technology Key Activities The key activities for this function are: • Provide advice and guidance to customers • Communicate and promote IT services • Manage and control service communications to customers, suppliers and the business • Coordinate Incident Management activities • Manage people, processes and technologies that form the contact infrastructure • Provide management information about Service Desk quality and operations Key Performance Indicators (KPIs) Examples of Key Process Performance Indicators (KPIs) are shown in the list below. Each one is mapped to a Critical Success Factor (CSF). Ensure Long Term Customer Retention and Satisfaction • Percent of Customers Given Satisfaction Surveys • Customer Satisfaction Rating Of Service Desk • Percent of Caller Hold Times within Service Targets • Percent of Calls Responded To Within Service Targets • Number of Incident Records Not Yet Closed • Number of Calls Abandoned 15. Antivirus and Host Intrusion Prevention Services Specification: Endpoint Protection (Antivirus) for Desktops/Servers MSP needs to provide the HIPS for all the servers placed in DMZ and antivirus solution for all applications and web servers hosted in the Data center as part of the scope of this RFP All ESIC System Data Center servers within DMZ should be enabled with Host based Intrusion Prevention System The HIPS should protect against common classes of attacks, including port scans, buffer overflows, Trojan horses, malformed packets, malicious HTML requests, and e-mail worms. It should support Signature as well as behavioural based detection Page436of 531 HIPS Solution should block execution of unwanted applications 1. Endpoint Protection should provide 5-layers of protection1.1. Network: Network threat protection should analyze incoming data and blocks threats while they travel through the network before hitting the system. Rules-based firewall and browser protection should be included to protect against web-based attacks. 1.2. File: Signature-based antivirus should eradicate malware on a system to protect against viruses, worms, Trojans, spyware, bots, adware, and rootkits. 1.3. Reputation: It should correlate tens of billions of linkages between users, files, and websites to detect rapidly mutating threats. By analyzing key file attributes, Endpoint protection should accurately identify whether a file is good and assign a reputation score to each file, effectively protecting against targeted attacks while reducing scan overhead by up to 70%. 1.4. Behavior: It should leverage artificial intelligence to provide zero-day protection and stop new and unknown threats by monitoring nearly 1,400 file behaviors while they execute in real-time to determine file risk. 1.5. Repair: Power Eraser to aggressively scans infected endpoints to locate Advanced Persistent Threats and remove tenacious malware. Remote support enables the administrator to trigger the Power Eraser scan and remedy the infection remotely from the Endpoint Protection management console. 2. End point Protection should provide granular policy controls, including: 2.1. System Lockdown: Should enhance protection for business critical systems by only allowing whitelisted applications (known to be good) to run or by blocking blacklisted applications (known to be bad) from running. Finger printing of applications should from centralized console. 2.2. Application and Device Control: Should help prevent internal and external security breaches by monitoring application behavior and controlling file access, registry access, processes that are allowed to run, and devices information can be written to. 2.3. Host Integrity Checking & Policy Enforcement: Should allow administrator to run script on their endpoints to verify and report compliance; quarantine location and peer-to-peer enforcement lockdown and isolate a non-compliant or infected system. 2.4. Location Awareness: Should automatically detects what location a system is connecting from, such as a hotel, hotspot, wireless network, or VPN and adjusts the security to offer the best protection for the environment. 3. Endpoint Protection should able to block devices based on Windows Class ID and should include USB, Infrared, Bluetooth, Serial, Parallel, fire wire, SCSI and PCMCIA. Solution should also be able to block and give read/write/execute permission for mentioned devices. 4. Endpoint Protection should be able to deploy flexible and different security policies depending upon the AND/OR relationship of following network triggers – e.g. IP address (range or mask) , - DNS Server , DHCP Server , WINS Server , Gateway Address , TMP Token Exists (hardware token) , DNS Name Resolves to IP, Policy Manager Connected, Network Connection (wireless, VPN, Ethernet, dialup) 5. Endpoint Protection should combine NIPS (network) and HIPS (host) both with Generic Exploit Blocking (GEB) for one signature to proactively protect against all variants, Granular application access control and behaviour based technology mentioned above. 6. If the host is non-compliant with security policies, Endpoint Protection must automatically initiate a restoration action, which can include running command line, downloading and executing/inserting a file, Page437of 531 running scripts , remediating by setting required registries keys , rechecking the host for compliance, and ultimately granting access for the compliant host to the network. 7. Endpoint Protection must have reports that incorporate multi-dimensional analysis and robust graphical reporting in an easy-to-use dashboard. 8. Endpoint Protection must have group update provider reduces network overhead and decreases the time it takes to get updates by enabling one client to send updates to another, enabling more effective updates in remote locations. 9. Endpoint Protection solution should scan POP 3 email traffic including email clients Microsoft outlook, lotus notes and outlook express. 10. Endpoint Protection’s Desktop Firewall rules should be configurable depending upon the adapters including Ethernet, wireless, Dialup, VPN (Microsoft PPTP, Nortel, Cisco) 11. Endpoint Protection Desktop Firewall rules should be configurable depending upon the state of screen saver "ON" & "Off". 12. Endpoint Protection must prevent clients from downloading full definition packages. 13. Endpoint Protection must have reduced-size windows client package for embedded systems and VDI environments with a static base and function. The reduced-size should be 80% to 90% smaller than the standard-size client. 14. Virtual Optimization Endpoint Protection protects your high-density virtual environment while maintaining performance levels superior to agentless solutions and providing end-to-end security visibility. 14.1. VMware vShield Integration to allow higher VM density and reduces I/O and CPU usage. 14.2. Virtual image exception to whitelists files from a standard virtual machine image to optimize scanning 14.3. Resource leveling to randomize scan and update schedules to prevent resource utilization spikes. 14.4. Shared Insight cache to scans files once, shares the results between clients, and de-duplicates file scanning to reduce bandwidth and latency. 14.5. Virtual client tagging to automatically detects and reports whether the client is running in a virtual environment, making it easier to set different policies for virtual machines. 14.6. Offline image scanning to find threats in offline virtual machine images. 14.7. Scan throttling for virtualization to detect disk load and reduces scan speed to prevent utilization spikes. 15. Endpoint Protection solution should provide early launch anti-malware (ELAM) protection for the computers in network when they start up and before third-party drivers initialize. 16. Endpoint Protection solution should provide Clean Wipe tool to remove itself only on demand 16. Patch Management Solution Specification: Page438of 531 Solution should support automate the deployment of patches. The out of the box process can be modified based on needs. Solution should Support the automatic patching of antivirus solutions like: AVG, Computer Associates, Centos, ESET, and eTrust, Kaspersky, Mc-Afee, Sophos, Symantec, Trend-Micro and Microsoft Forefront. Solution should support feature, If a reboot is necessary, there are reboot controls that can be configured to gracefully handle a reboot. Solution should have Application updates that are handled using the scanning technology that discovers versions based on a number of potential different factors, such as file version, size, checksum, existence, registry settings, etc. The scheduled task that is executing the application update will provide feedback as to the success of the update. If an update is in progress, it will simply queue up the update behind the update in progress. Solution should support for Windows , Windows, Macintosh, Linux, iOS, embedded operating systems, Macintosh Mountain Lion release, Linux and mobile Osesetc Solution should have Updates to the Patch Database are updated on a scheduled basis. Server downloads the patch details to the Core server. System can alert when new content is available. The system can alert when specific vulnerabilities as defined by the administrator are detected. Solution should support Deployment can be scheduled. Deployment can be performed manually by right clicking the patch and selecting "Repair". Solution allows for very granular control over the reboot process. Options include prompting the user, allowing the user to defer the reboot, rebooting immediately if no one is logged in, etc. A custom reboot message can be configured to display in the reboot dialog. Configuration is also available to lessen the impact of the patching to the end user. For example, you can configure the repair for after the user is logged off the system. Solution should allow administrators have the ability to create any number of custom groups. Any definition can be put in a group and devices can be scanned against the list of vulnerabilities in that group. Solution allows Each machine will keep a record of the missing patches and service packs. As a step of the patch process, proactive notifications can be sent. The email template can be modified as desired. Solution should support feature allows rolled back if supported by the vendor of the patch. 17. IPAM/DNS/DHCP Technical Specification: Minimum Requirement Description Separation of Management (IPAddress Mgmt) from Core services, i.e., DNS and DHCP. The solution should not offer all services on same appliance in order to meet availability, scalability and security requirement under consideration. Continuity of Core services like DNS and DHCP even when IP address management server fails Support for Referential Integrity so that IP address, MAC, DNS forward and reverse records are all tied together. Changing one updates all the others using DDNS In-Built IP discovery and reconciliation using PING, SNMP v1, v2 and v3 Page439of 531 Centralized IPAM that has a single database containing all records throughout the entire organization Automatic validation of DNS/DHCP configurations before going live. This helps to catch user misconfigurations. New initiatives like IPv6, DNSSEC and BYOD will increase the number of database objects stored in the IPAM. The solution should allow such objects to grow without any limitation in software 1U form factor that can provide at least 100,000 QPS in terms of DNS performance and at least 500 LPS Simple DNSSEC implementation without the need to re-architecture Ease of adding DNS or DHCP Raw options. These help to perform any workaround that cannot be done directly on the UI Customized workflow with integration with 3rd party databases 18. Mail Messaging Specification: SI No General Conditions 1 The Proposed Messaging solution should be Enterprise Grade. It should have a proven deployment track record 2 Product/Product Family/Messaging Suite should be a COTS (Commercial off-the Shelf Software) Solution. The OEM should have minimum implemented 25,000 user base at one project 4 The Proposed Product “Messaging Suite” should have been implemented by at least 3 (three) organizations of similar environment. 5 The OEM of offered products must have their own Technical Assistance Center (TAC) support in India. MAIL SERVER 1 The proposed mail solution software quoted should be commercially available software.The Bidder should indicate the latest version no, when it was released. Kindly provide a version history.Latest Version to be provided 2 The proposed messaging solution architecture should be centralized and in-premise solution 3 The messaging solution should be actively supported by bug fixes to the existing solution by the OEM. 4 The Proposed Messaging solution should not include any individual components running on Beta version 5 The proposed Messaging Solution should support any one of the leading platforms like Windows, AX, HP-UX, SUN SOLARIS, SUSIE LINUX, and RHEL. 6 The proposed messaging solution should provide high availability and load Balancing capability. Page440of 531 7 The Proposed messaging solution should provide access of mails via secured internet access and mobiles. 8 The Proposed messaging solution should provide facility for incoming email notification from internal business application like HRMS,Payroll etc. 9 The messaging store should be database driven 10 The proposed messaging solution should have built in server side filtering rule for messages. 11 The proposed messaging solution should have option to define the maximum mail message size on a global/group/user level basis. 12 The proposed messaging solution should support enhanced version of Mail Relay - TLS based relay 13 The proposed messaging solution should support recalling/resending of messages sent and also should notify the user on the success or failure of the message recall. This facility should be available to users and administrators. 14 On reaching quota limit, user should be able to delete mails but cannot send or forward mails on both Web and Native Clients. 15 The proposed solution should provide Gateway servers for user access functions with capabilities like portal based Web Mail; push based mobile mail access, VPN less email access from internet. 16 Email Server should have self healing mechenism to automatically detect service depreciated or unavailabile states and take automatic remedial steps like restarting the affected services, failing over user maibox data to heathy servers etc without admin intervention. 17 Messaging store should provide for support for using SAN, DAS using SCSI or SATA disks. AUTHENTICATION 1 The proposed messaging solution should relay mails only from authenticated users. 2 The proposed messaging solution Should relay the mails from the clients in the trusted network or to the domains that are configured as authorized relay destination. 3 The proposed messaging solution should have Delivery Status Notification providing an e-mail sender ability to specify success, failure, delay or none of the message. 4 The proposed messaging solution should support standard protocols like POP3/IMAP/HTTP and SMTP /MIME over normal and secure channels 5 The proposed messaging solution should support multiple domains on a single system. MAIL CLIENT 1 Should provide an intuitive user interface 2 Should support POP3, IMAP, HTTP, LDAP, SMTP based messaging servers 3 Should support multiple email accounts in the same user interface for sending and receiving mails Page441of 531 4 5 Client should support rich editing features like: - Tables - Support for embedded OLE objects - Horizontal line - Support for both Bullets and Number lists - Undo - Support a word Processing Application like MS Word as the default E-mail editor Should support productivity enhancing features such as: - Allow the user to raise a "flag" to alert the user that there is follow up action on the e-mail - Automatic background name resolution and type-ahead resolution prior to sending the mail -Multiple auto-signatures - Comprehensive message tracking details on a per message basis - Voting buttons with customizable selection criteria. Should support tracking of the responses received after the vote is over - Should notify a user visually or by sound, at user’s choice, when a new message arrives. Should support message preview. - Should support Spell check and thesaurus integrated with the word-processing application installed on the clients computer - Should support preview 6 Should support rich attachments and interaction including: - Viewing of file attachments from within message - Should support multiple attachments per email item. - Blocking of harmful, executable attachments (the extensions of which can be administratively controlled) - Allow attachment of text files, Word/Excel/PowerPoint documents, multimedia content, graphic files and non-Email documents 7 Should support common messaging folders such as inbox, sent items, deleted items and productivity folders such as calendar, to-do list and personal addresses 8 Should provide rich stand-alone/off-line access. The system should provide the same features available in either mode including access to the current corporate directory and all messages - Should store a copy of each item (including calendar, mail, to-do, personal addresses etc) on the server and the client (while synchronizing with server in background) - Client should have the ability to rapidly and easily synchronize users’ messages from the central message store to multiple stand-alone devices (i.e. laptop, desktop, handheld) securely over various network transports such as LAN, WAN, Dial-up, GPRS/GSM, Internet/VPN 9 Should support personal user created folders which are portable from one system to another 10 Should provide auto-archival support: - Users should have a capability to create local archival of the mails on their email client -Should support auto-archival on messaging folders and productivity folders - Should prompt the user before auto-archival starts. - Should provide the option of defining the time period to archive the mails - Should support the ability to add and delete from archives Page442of 531 11 Should provide easy methods for users to delegate or redirect inbox processing to others including support for: - Delegating rights to other users on Inbox, Tasks, and Calendar Folders - Read, create, modify, no access permissions to the above mentioned folders. - Option of providing access for the delegate to items marked as private Should support Rich Search capability: 12 - Find e-mail messages more easily by grouping messages by date, size, conversation, subject, importance, or other criteria - Save the results of commonly used searches instead of having to re-run common searches each time user need them providing an automated way to keep relevant e-mails together without moving them to other folders 13 Rich offline synchronization capability which includes: - Support smart bandwidth awareness by switching message view to headers only or full message body depending on the connection speed - Client side caching where all messaging related tasks are performed from the local client machine to reduce number of requests to the server and reduce network bandwidth consumption between the client and server - Enable Incremental change synchronization so that client will start the synchronization process from where it left off last time saving time and resources - The user should be able to continue work in case of network unavailability without changing profile or closing the application. 14 Should support user controlled filtering and message manipulation rules including: - Auto-archiving - Forwarding of, and response to, messages with a specified message template etc. - Client side and Server Side rules - Should support exporting and importing of rules from one computer to another. 15 Should support Email Delegation/Auto Vacation Message Reply while keeping a copy in user’s inbox 16 Messaging Client should should provide Out-Of-Office notification of the recepients which composing the email so that sender doesn't waste time and can take informed decesion on best method to communicate 17 Messaging client should provide Recepient Mailbox full notification (as applicable) while composing the email, so that sender doen't waste time in composing the mail 18 Messaging client should support combining a sequence of tasks to a single click action to save time. For Eg. Composing a mail to pre-defined recipients with a specific subject line - is a set of activities which can be combined to achieve a single click action to achieve it. User should be able to associate a custom button to the task sequence on the Toolbar. 19 The Solution should offer a feature where a users could also restore a deleted mail by themselves within a set of specified days 20 The messaging system should provide for connectors to common social networking sites. Page443of 531 21 The messaging solution should be support for ignoring the messages tagged as SPAM/JUNK by the headers/subject or automatically SPAM/JUNK Message should go to SPAM/JUNK Folder. WEB INTERFACE 1 All Web mail functionality should be accessible through all supported web browsers including Internet Explorer, Mozilla Firefox in the proposed messaging solution 2 The Web mail client should provide access to email over low bandwidth connection using Basic / Light Mail client functionality. 3 The proposed messaging solution should support timeout to automatically sign off an user if the system detects a prolonged period of inactivity. 4 The proposed messaging solution should have rich, interactive, web-based interface for end user functions (accessible via HTTP or HTTPS) 5 The proposed messaging solution web interface should have Secure logout from Web mail client to prevent unauthorized access to mail pages after sign out. 6 The proposed messaging solution should support customization of look and feel with different color themes of the web mail client 7 The proposed messaging solution should allow users to search from within the web client. 8 The proposed messaging solution should support auto address completion including stored email addresses as they are being typed, including a dynamically updated selection dialog when multiple addresses match. 9 The proposed messaging solution should provide the ability to assign tags/categories to To Do, Contacts, and Calendar entries. Ability to assign tags to mail messages 10 The user should be able to append a text signature. 11 The proposed messaging solution Web Interface should have user definable personal folders to organize mail. 12 The proposed messaging solution web interface should support email addressing and look up from Global address book for wide list of contacts, group mailing etc. 13 The proposed messaging solution web interface should support read receipt request - while composing a message, user can mark the message to request for a read receipt notification from the recipient and delivery status notification. 14 The proposed messaging solution should support Message Priority feature - to set priority of messages while composing them 15 The proposed messaging solution should support filtering of incoming mails based on user definable filtering rules. 16 Webmail interface should have features for notification of new mails 17 The user should be able to change the password through web interface 18 User should be able to mark mails as read or unread and maintain flags for follow ups Page444of 531 19 The Webmail interface should provide feature to search messages based on: From, To, Cc, Subject and body but not limited to these, search in the folders and also advance search capabilities. 20 User should be able to flag importent email items for the purpose of follow-up, indicated by a flag in the inbox. 21 Web Mail Client should let users track their message to ensure success of delivery to the recipient 22 Web Mail Client should let users remotely wipe data from their Mobile devices without IT intervention, in case of device lost situations etc. 23 The mail messaging solution Should support basic authentication, session authentication, secure logoff, Secure Sockets Layer encryption 24 Users should be able to access web mail using a common URL published for the email site. 25 Users should be capable of viewing the total size and available space of their mail boxes 26 The Web Mail client should provide ability to access delegated mailbox from the logged on web mail client. 27 The Web Mail client should provide ability to add sender to Blocked Sender list or Safe sender list. 28 The Web mail client should provide an alert for any external recepients whenever forwarding or replying to email, so user can take self precautions of not sending any sensitive content. 29 The Web mail client should provide an alert for any external recepients whenever forwarding or replying to email, so user can take self precautions of not sending any sensitive content. CALENDARING 1 Should natively support server-side and client-side calendaring and scheduling, including: - Checking the online availability of intended attendees for a meeting - Sending of request for meetings - Accept or reject meeting requests - Provide conflict management for meetings - Reply to requests for meeting with a newly proposed time and date - Should automatically recommend ideal meeting times when all/most people are available. 2 Should Support Meeting Requests, Forward Meeting Requests and Generate Alerts. 3 Should support accessing a group calendar to view simultaneously the free time schedules of 2 or more users or resources 4 It should be able to suggest best timing for meetings based to participant’s availability by using Scheduling Assistant, Attendance Confirmation. 5 Should support tracking of responses from the meeting invitees with information on the number of accepted and rejected responses. 6 Should support vCalendar standard 7 User should be able to view selected days or series of days apart from default views like Daily, Weekly, Monthly, Calendar List, to do List. Page445of 531 8 An incoming meeting request should be stored in the calendar as “Tentative” automatically. Once the user accepts the meeting invite, an automatic reminder with audio/visual alarm should be added into the calendar 9 User should be able to customize a work week by Days and hours. 10 Should support Schedulable Out of Office. Out of Office messages should be scheduled to begin and end at given dates/times. It should support for separate out-of-office messages to be set for internal and external recipients, Should support Blocking Out of Office messages from distribution lists-Out of Office messages should not be sent to the entire membership of a distribution list that is listed in the To or Cc boxes. 11 The Messaging solution should support the ability to create shared team Calendar and tasks TASKS 1 Should support server-side and client-side Tasks (or To Do List) and should support assigning tasks to other users in the messaging system 2 Should provide the ability to assign due dates to “To Do” items. 3 Should provide the ability of accepting, rejecting or updating the “To Do” item that has been received from other associates. ADDRESS BOOK 1 The Mail Messaging Solution Ability to index Corporate Address book and personal address book alphabetically. All address books must available to the users through rich client, web client and supported mobile devices. 2 Should provide Offline Address Book Support as follows: - The Directory Services should provide an interface for messaging clients to download the address book to their local machine and work offline - The client should also offer the functionality of partial or full download of the address book locally - The synchronization should download only the new information and not re-download the old information already present on the client end 3 The user should be able to add/delete/modify the contacts in address book via email client, web client and mobile client 4 Should support personal directory apart from the offline address book 5 When user copies a contact from Corporate Address book to their local contact store in email client, then any critical changes (like address, phone number etc.) to the contact at Corporate address book level, it should automatically get updated to user's copy of the contact in their Personal Address Book. 6 Users can add addresses from other organizations or individuals to their private address book 7 Messaging soution should support server-side and client-side contact management including integration of contacts with word processing applications MOBILE ACCESS 1 The proposed messaging solution should support and be configured for push based emails on Page446of 531 popular mobile platforms: Windows, Andriod and IOS 2 The mobile platform should provide native support for connnectivity to Messaging server and should not require additional client software to be installed. 3 The Mobile client should support SSL based authentiction 4 Should support synchronization of calendar items, contact items, and mail items between smartphone devices and the messaging server over Mobile data network over the Internet 5 The users should be able to synchronize tasks between their mobile devices and the messaging solution 6 The users should be able to search the corporate contacts directory from their mobile devices 7 The users should have the functionality to search through their mailbox from their mobile devices. 8 The user should be able to configure Out of office messages from their mobile devices 9 The proposed messaging solution should be configured for security policy (Password policies) enforcement and remote erase capability for smartphones to protect data on supported mobile devices 10 The solution should support encryption on device and memory card to prevent unauthorized access of data on supported mobile devices 11 Mobile Security policies should support capabilities to disable Camera and Browser on supported devices. SYSTEM ADIMINSTRATION & MAINTENANCE FEATURES 1 Should be capable of administration through a single window interface to provide server level control and configuration of the messaging system for all servers including: - Create / rename / delete mail accounts - Reset / set user passwords for both Directory & Messaging platform - List all users in the messaging system - Search for a user and modification of user object attributes - Enable / disable user accounts - Change delegated administration passwords - Add alias e-mail address for a user 2 The proposed messaging solution should avoid mail loops when auto responding – ie., should not send auto responder to every mail received from a particular sender with in the defined vacation duration. 3 The messaging solution should be support for ignoring the messages tagged as SPAM/JUNK by the headers/subject or automatically SPAM/JUNK Message should go to SPAM/JUNK Folder. 4 The proposed Messaging Solution should allow end Users to create and delete specific distribution groups, as well as manage memberships and ownership as a self-help service. 5 The User should be able to change their password 6 The proposed messaging solution should have the ability to enforce following features of a Page447of 531 password 7 Password length should be minimum 8 characters 8 Password should support Alpha numeric & Special characters like a-z, A-Z,0-9,!@#$%^&* 9 Change of Password at regular interval feature should be provided 10 The proposed messaging solution should allow for password lockout for Web Users when they input the wrong password 11 The proposed messaging solution should maintain the password history. 12 The proposed messaging solution should support the ability for administrators to age e-mail for deletion. 13 The proposed messaging solution should prevent any script written by a user (internal / external ) from executing on the client machine unless the same has been certified by the system administrator 14 The proposed messaging solution should provide administrator’s ability to perform queue handling tasks such as delete, redirect, flushing. 15 System should be able to generate exception reports on mailbox access by non-owners to ensure admin/delegation permissions in line with the security standards. 16 The proposed Messaging solution should allow to track message delivery MESSAGE ROUTING 1 Should support SMTP as the default messaging protocol for mail transfer between messaging servers. 2 Should support fault-tolerant SMTP routing between servers. 3 Should be a messaging system that works with the existing network topologies and has the ability to customize the mail delivery routes between messaging servers in various physical locations over the WAN setup. 4 Should support least cost, load balanced and dynamic mail routing 5 The messaging Server should support redundancy of incoming SMTP email queue by replicating it to another server in the cluster or site. In case of primary server failure, the redundant queue can be used to resubmit email, to ensure no data is lost. MAIL SECURITY 1 The proposed messaging solution should provide SSL/TLS and MIME support for encrypted communication. 2 The proposed messaging solution should be able to validate sender domain in DNS (Sender Policy Framework) 3 The proposed messaging solution should be protected from Denial of Service Attacks 4 The Proposed Messaging Solution should automatically warn users if recepiets outside the organization are present in the email they are responding to, so they can take informed decesion about any information being sent to external parties. Page448of 531 5 The messaging solution should be able to take specific corrective action like blockiing or redirecting email based on different criteiria such as email from specific users, with specific keywords, with specific attachments/file extensions 6 The messaging system should encrypt message exchange between the messaging client and the messaging server, including support for : Native S/MIME Encryption of the client-server and server-server communication 7 The system should provide ability to block communications between two different users/groups in the same organization and should be able to send notification. 8 The Proposed messaging solution should have capability to automatically insert disclaimers for emails going outside the organization. Email Archival and Compliance Compliance Journaling 1 The proposed messaging solution should provide journaling capabilities (compliance archival) for all mail boxes on the server side to be used by Compliance officer , Auditors and Administrator for Audit and Backup/restore purpose. Email Data retention is for << Year Count>> year(s) 2 The system should allow server side rules for retention of internal, external mails to be journaled/saved to a spearate database 3 Based on administrator defined rules,a copy of he mail should go to Journaling database & retained there for desired time for audit purposes 4 Only authorized administartors will have access to search the mails rom the compliance database 5 Administartor should be able to search individual or all mailboxes based on keywords,date,from,To/cc/bcc etc 6 The solution should support access to Archive both from email client and Web Based email access. 7 Messaging solution can be able to enforce email retention settings on users so emails can be retained/archived/deleted as per compliance policies. 8 The system should allow server side rules for retention of all or specific items in the Email default folders like Inbox. 9 Messaging solution can be able to enforce email retention settings on users so emails can be retained/archived/deleted as per compliance policies. 10 The proposed messaging solution should provide ediscovery capabilities to set Search filters for quick searching data within multiple Mailboxes, Personal Archives & data held via tamperproofing through single interface. Page449of 531 The messaging solution should have following: - Pre-built and customizable email filtering capabilities like credit card info detection etc. - Ability to scan for sensitive information data patterns within standard document formats like Office documents, PDF, HTML, XML, Text and compressed archive files like .zip & .cab. - Solution should have sufficent controls to alert users or admins if any data leakage incident happens and take appropriate action. - Solution should also provide capability to monitor Data Leakage leakage attempts across the email system and provide analytical view of the same via methods like dashboard etc. 11 19. Directory Services Specification: LDAP directory solution MSP must design and implement LDAP directory solution for authentication, authorization and accounting of network resources including all end points at branch. Open LDAP solution must be used for machine authentication, user authentication, and group based authorization and should provide access to resources on need to know basis. SI No 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 Specification Should provide support for X.500 naming standards and should support Kerberos for logon and authentication. Support for integrated LDAP compliant directory services to store information about users, computers, and network resources and making the resources accessible to users and applications. Should support directory services integrated DNS zones for ease of management and administration/replication. Should Support for DNS as the locator service (service records & dynamic updates). The directory service should support features for health monitoring and verifying replication. The directory service should provide support for Group policies and software restriction policies. The directory service shall provide support for modifiable and extensible schema. Should support multi-master directory service replication features, Directory Server should be scalable and should have multi-master & multi-site capabilities. Should support security features, such as support for Kerberos, smart cards, public key infrastructure (PKI), and x.509 certificates. The Object types supported should include: o Users Object Type; o Groups (Security & Distribution Groups which can be static or dynamic) o Foreign Users (Non-employees/Business partners etc.) o Printers o Containers for purposes of grouping, administration and policy control Search capability to query all directory objects. Search capability to query network resources by attributes. Should support recovery of a Single Object as well as the entire directory. Loss of a single directory server should not affect ability for users to logon. Should have single integrated directory for OS and Messaging with unified management capabilities. Should support that password reset capabilities for a given group or groups of users can be delegated to any nominated user. Should support that user account creation/deletion rights within a group or groups can be Page450of 531 SI No Specification 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 delegated to any nominated user. Should support that group membership management within a group can be delegated to any nominated user. Should support multiple password and account lockout policies for different set of users. Directory services should be extensible & should have capability to be extended for custom development. Support for integrated LDAP compliant directory services to store information about users, computers, and network resources, file shares, printers and making the resources accessible to users and applications. The Object types supported should include: Users Object Type; Groups (Security & Distribution Groups which can be static or dynamic), Printers and Containers for purposes of grouping, administration and policy control. Should provide the audit capability to log old and new values when changes are made to objects and their attributes; should provide delete protection for directory objects. Should support the deployment of a read only additional directory server which may be deployed in a different location so as to prevent any changes from the other location and provide unidirectional replication. Directory services should support directory database snapshot tool, which should support creating snapshots of the directory database & should allow directory administrator to view the objects within the snapshot to determine the restore requirements when necessary. Directory Architecture: should have at least 2 servers for load balancing and ensuring high availability. Directory services should provide capabilities to undo an accidental deletion of object. Directory Services should provide command-line scripting for administrative, configuration and diagnostic tasks with a consistent vocabulary and syntax. Directory Services should provide an Administrative Center console for providing a taskoriented administration model, with support for larger datasets. Directory services should provide a built-in mechanism for Best Practice Analyzer (BPA) to identity deviations from best practices to help IT professionals better manage their Directory Service deployments. Directory Services should provide a built-in authentication mechanism assurance. Directory services should provide with Offline-domain joining functionality. Directory services should provide features to manage service accounts where by the passwords of the service account could be managed automatically. 20. Automated DR Management Specification: Sl. No. Minimum Requirement Description 1 The proposed solution should be in the form of software which is rated/mentioned in independent analyst reports from either Gartner or IDC. 2 The proposed solution must offer a workflow based management & monitoring capability for the real time monitoring of a DR solution parameters like RPO (at DB level), RTO, replication status and should provide alerts on any deviations 3 The proposed solution should provide a single dashboard to track DR Readiness status of all the applications under DR Page451of 531 4 The proposed solution should be capable of reporting important health parameters like disk space, password changes, file addition/deletion etc to ensure DR readiness and facilitate policy based actions for events with ability to cancel out polar events 5 The proposed should have inbuilt ready to use library of recovery automation action for heterogeneous databases and replication environment. This must significantly reduce custom development of scripts and speedy deployment of DR solutions. 6 The proposed solution should facilitate out-of-the-box, workflow based switchover and switchback for DR drills for standard applications based on industry best practices 7 The proposed solution should be capable of doing pre-flight checks to ensure conditions are met to ensure a successful DR Drill 8 9 The proposed solution should facilitate workflows for bringing up the applications and all the components it depends on at DR while it is up at primary site without pausing/stopping the replication The proposed solution should have granular, role based administration and should use existing Active Directory/LDAP for identity management without the need of its own, separate identity management database 10 The proposed solution should be capable of generating reports and email/SMS alerts on RPO deviation, RTO deviation and DR Drills from a centralized location 11 The proposed solution should be able to manage hosts by either deploying agents or without deploying any agent and should seamlessly integrate with existing environment without the need to replace/change configuration including existing clusters. 12 13 The proposed solution must support all major platforms including Linux, Windows, Solaris, HPUX, and AIX with native high availability options. It must support both physical and virtual platforms The proposed solution should have file level replication for associated application servers and DB log replication which is supported on the commonly used OS platforms and has inbuilt bandwidth compression 15 The proposed solution should have a file system analytics tool to give total file/directory count, typical scan time, number of open files, time of last replication for a file, file size and time stamp The proposed solution must have pre-packaged support for all popular databases Oracle, MSSQL, Sybase, PostGre SQL and DB2 16 The proposed solution should facilitate workflow based, single-click recovery mechanism for single or multiple applications. 17 The proposed solution should facilitate workflow management from creation in draft phase to final publishing of the workflow 18 The main management server of the proposed should have a mechanism to have a local HA and remote, real time replica to eliminate any single point of failure and should not have any impact on the production in case the main management server fails. 19 The DR Management solution should be certified by Standardisation Testing and Quality Certification (STQC) Directorate or equivalent A2LA accredited organization to ensure that there are no security vulnerabilities which can be exploited 20 The DR Management solution should have a reporting module which provides out-of-the-box BCP/DR readiness reports like BCP testing, DR Readiness, application readiness, DR Integrity etc. It should have an advanced reporting module which should be able provide custom reports which can be exported to popular reporting engines. 21 The Automated DR Solution must be running successfully in at least 3 PSU's in India and running successfully for the past one year 14 Page452of 531 22 The proposed product should have minimum experience of seven years in providing Disaster Recovery Management Solutions in industry. 23 Support for the solution should be available for at least 03 years from the date of implementation/sign-off 24 The proposed solution should have a validation tool to verify DC-DR equivalence for OS, databases and applications with both out-of-box and custom templates 21. Data Base Encryption Specification: Database Encryption Hardware specification: Minimum Requirement Description Should support column level encryption Should support 3DES, DES, AES, RSA (signatures and encryption), RC4, SHA-1, HMACSHA-1 Should support asymmetric key size 512, 1024, 2048 Should support symmetric key size 128, 168, 192, 256 Should have support for Multiple certificates, built-in certificate authority, revocation list (CRL) support Should have Secure Web-based GUI, secure shell (SSH), and console Should have out-of-the box support for IBM DB2, Microsoft SQL Server, Oracle, and Teradata Should have support for storing 1M keys in the appliance Should have support for BEA, IBM, IIS, Oracle, Apache Should have File servers support on Windows, Linux Should be a TCP/IP based FIPS certified appliance Should Support delegated admin, “M of N” keys Should have support for standard libraries and API's like KMIP 1.1, PKCS #11, JCE, MS-CAPI, ICAPI, and.NET Hardware Security Module: Should have support for Windows, Linux, Solaris, AIX, HP-UX, Virtual: VMware, Hyper-V, Xen TCP/IP Network based appliance Should comply to standards like FIPS 140-2 Level-3, CC EAL4+,ROHS,FCC part 15 Class B Keys are always in Hardware and never stored in Software in any form Compatibility: PKCS#11 , CAPI, OpenSSL, JCE/JCA Full Suite B support Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brain pool curves Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode) Published API for various above functionalities for integrating with the Application software Remote PED Support for Authentication Contents can be securely stored on Backup Tokens to simplify backup, cloning, and disaster recovery Onboard key generation, Digital Signing & Verification process to be done inside the HSM only for better performance and security 24/7 tel/email OEM support infrastructure based out of India Page453of 531 22. Building Management System (BMS): Technical Specifications 22.1 Specifications of Integrated Data Center Racks: Company wouldliketo establishthe IntegratedDataCenterRackswhichcomplieswiththebelowparameters:1. Thisspecification coversintelligentintegrated/inbuiltinfrastructure,standalonesystemdesign, engineering, manufacture,assembly,testing at manufacturer’s works,supply,deliveryatsite, unloading,handling,properstorageatsite, erection,testingandcommissioningatsite ofcomplete infrastructure for the proposed Integrated Data Centre to be installed at Company, as detailedin thespecification,complete withallaccessoriesrequiredforefficientandtroublefree operations 2. Thedetailspecifications of theintelligentintegrated/inbuiltinfrastructure,standalonesystemshall beinadherencetoTIA942,UptimeInstituteguidelinesthusshallbecomposedof multipleactive powerandcoolingdistributionpaths.Shallhaveredundantcomponents, andisconcurrentlymaintainable. 3. TheIntelligentIntegrated InfrastructureessentiallyincludesinternalredundantUninterruptedpower supplies,environmental controls (e.g., precisionair conditioning, fire suppression, smokedetection, Water leakdetection, humiditysensor etc),securitydevicesetc.Criticalsystemslike UPS andPrecisionAir-conditioningsystemwillhaveN+N topologyrespectively 4. TheIntelligentintegratedinfrastructureshall have approx.310Uusablespace(distributed in 8racks),toaccommodateITandnetwork equipment&devices. Thisfootprintshouldincludeseparatepanelhousingfiresuppressionand power distribution preferably. 5. TheIntelligentintegratedinfrastructurewouldprovidemuchfunctionalityand someofthekey functionalitiesare-Coldaisle&Hotaisle,Firerated cabinet,insulation,remote managementand single pointof service/contact. 6. TheIntelligentintegratedInfrastructureshallhavefollowingcomponents:a. PrecisionAirconditionerwithvariablecapacitycooling,heaterandhumidifiertocaterIT loadapproximately35KWandinN+Ntopology. The compressor should be variable scroll based for maximum energy savings. b. 2x 20KVA-2 setsrack mountUPSwithP.F.upto0.9&efficiency =>94%. Thereshouldbe 15minbatteryback-up. Batteriesshouldbemounted oustsidethe cabinetonly. c. NOVEC1230 Gasbasedfiresuppressionsystemas per NFPAguidelines d. Smokedetectors,Waterleaksdetectionsystem,Temperature/Humiditysensor,CCTV Surveillancesystem,Motionsensor,DoorSensorandAlarmbeacon. e. 42U racksof dimension 600mmx1000mm x 2000mm f. Remote MonitoringSystem–CapableforEmailalerts. g. Biometricaccesscontrolsystem whichshouldbecontrolbyfirefightingaccesspanel Page454of 531 h. 32AVerticalRack mount intelligent PDUoftypeIECC13& IECC19 combination,Eachrack shallhave twosuchPDU’s i. RedundantElectricalsystemwithessentialBreakingMCCB,provisioningofincomer(3.5c /35Sq.mm) cableandcommissioningofthesame shallbethe scope of customer. 22.2 UPS Specification: UninterruptedPowerSupply(UPS)System-2x 20KVA – GeneralDescription: Supply,install,testandcommissioning oftrueonline,doubleconversion,highefficiency,highpowerfactor Uninterruptible PowerSystems(UPS). UPS Shall be provision based on the actual power load requirements at DC-DR. Scope: Thescopeshallincludedesign,supply,installation,testingandcommissioningofthecompleteUPS o systemandrelated accessories Allsystemsshouldbetestedinfactoryasperthemanufacturesrecommendedprocedureforall operatingparametersandthe testresults shouldbeprovidedduringtheinstallation. Deliveryatsite,unloading,handling, installationofcompletesystemincludinginterconnectionfrom theUPSsystemtobatteriesandtoinput/outputpanelsswitches.Allinterconnectionsshallbe doneusingmulti-strandFlexible Copperconductorcables ofappropriatesizes. Scopeincludesbatterybankconnectionsandprovidingsafetybarriersforallbusbarsandcable connectionleadsonbatteryracks. Energizing of UPS andBatterybankcommissioning. UPS control parameterssettingandcompletetestingof system onload. Service backup by engineer till system is fully operational and subsequently training is to be providedtotheconcernedpersonsofthe Institute. Anyupgradeofthesystemhardwareandassociatedothersoftwareduringthewarrantyperiod shouldbesuppliedatfreeof charge. Acceptancetestswillbecarriedoutafterinstallationandthesystemswillbetakenoveronlyafter successfulcompletionof theacceptancetests. Operationandservicemanualsofthesystemscontainingtechnical/Electronicdrawings/circuit diagrams completeinall respectsshouldbesupplied. Specification/featuresoftheEachUPSsystem areas follows: Wideinput voltage range. Online Double conversionandIGBTtechnology. Full IGBTRectifier/ Batterycharger IGBTbased Inverter RemoteEmergency Poweroff Facilityfor remoteviewing Parallelredundancywithoutextra hardwareneeded. Easyto expandin acosteffectiveway 20KVAUPS otherTechnicalSpecification: Minimum Requirement Description OUTPUTPARAMETERS Page455of 531 Capacity PowerFactor 20kVA/18kW 0.9 Configuration Three phase: 380/400/415 Vac NominalVoltage Single Phase: 230/220 Vac 380/400/415V VoltageRegulation (+/-1%) VoltageTHD <=2%-Linear load<=5%-Non-linearload Frequency 50/60Hz Frequency Regulation - Free run (+/-0.25%) frequency (Unsynchronized with bypass) Frequency Regulation (synchronized with bypass) Slew Rate (+/-2Hz) 0.2Hz/s CrestFactor 3:1max. Transient responseat100%stepload +/-5%for100%load Recoverytime 60millisecond Overloadcapacity <105% - continuous; 105-125% - <5 min; 125-150%-<1min >150%-<200ms overloadshiftedtobypass) AC-AC Efficiency 94% Transfertime-Mainstobattery ~0millisecond Transfer time-Inverter to bypass- ~0millisecond (after Synchronizationmode ParallelRedundancy N+N Page456of 531 INPUTPARAMETERS Configuration 3- ph, 3-wire,N+PE NominalVoltage 380/400/415V Voltagerange +15% -20%of415vac Frequency 50/60Hz Frequencyrange-Hz 40to 70HZ PowerFactor >0.99 CurrentDistortion(I-THD) <5% BYPASS Voltage 380/400/415V VoltageRange +15%-20% Frequency 50/60Hz FrequencyRange +/-20% BATTERY CHARGER NominalVoltage– Float 405-486V selectable Regulation NA BATTERYPARAMETERS Type SMF No. ofbattery blocks 32-40 Battery Voltage 384-480Vdc ENVIRONMENTAL PARAMETERS Operatingtemperature 0to40deg.Centigrade Storagetemperature -40to 70deg.Centigrade Relative Humidity 95%RH Employees’ State Insurance Corporation Confidential Page 457 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Altitude 2000 meters Temperaturede-rating 30-40deg de-rating Altitude de-rating NA Noiselevel <55db Annexures (Part-II) MECHANICALPARAMETERS Height XwidthXDepth (MM) 130(3U) X 435X750 Weight 35Kg Ventilation Forced-Air cooled Cable Entry terminalblock Color/Panel finish EG7021 Protection IP20 Parallel 3+1, Built inProvision LBS Builtin MONITORING SOFTWARE SNMP, Drycontactcard,sitemonitoring/shutdownfor STANDARDS multipleservers CE/TUV (EN62040-1-1) 22.3 Air Condition Specification: PrecisionAirConditioningSystem – 35 kW – 2 nos. Configuration: Supply, installation, testing and commissioning of DX Type Air-conditioning Units designed specificallyforhighsensibleheatratiowithvariablecoolingtechniquetomatchthelowlatent loadsof systemstobeinstalledintheintegratedcabinetforeffectiveanduniformdistribution of cooling. Coldairwillbesuppliedtothecoldaislecontainmentoftheintegratedcabinetandthehotairwill betaken fromthe hotaislecontainmentofthecabinet. Cooling Circuits Directexpansion Employees’ State Insurance Corporation Confidential Page 458 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) One refrigeration circuit, incorporating a high efficiency, fully hermetic variable capacity compressorwithcrankcaseheater,safetyvalve,filterdrier,moistureindicatingsightglass,liquid linesolenoidvalveandanexternallyequalizedexpansion valve. Eachcompressorisequippedwithpre-sethighandlowpressureswitchesforprotectionagainst highcondensingandlowevaporatingtemperatures. Thelowpressureswitchfeaturesanautomatic reset(withan adjustabledelayforwinterstart-up). Theunitshallbeprovidedwithadditionalprotectionagainsthighambienttemperature.Whenthe temperaturegoesoverthe designconditions, theunitremainsin operationwithpartialload(20% decreaseagainstrequired).IfsuchprotectionisnotsufficientHighPressureswitchshallgenerate anhighpressurealarmandtheunit shuts down-manual resetshall be required. The inclined evaporator coil is manufactured from copper tubes, mechanically bonded to hydrophilicpaintedaluminiumfins,withastainlesssteelcondensatedrainpan. Thelargeface area/low velocitycoilallowsprecisecontrol oftemperatureandhumidity* duringcoolingand dehumidification*,andisdesigned tooptimisefluidvelocityandminimise pressuredrop. Themoistureindicatingsightglass,liquidlinesolenoidvalveandexpansionvalveforeachcircuit aremountedin aservicecompartment,isolated fromtheair stream,toallowcheckingand adjustmentwhiletheunit is in operation. Fan section Units is offered with two plug EC Direct Drive Fan, High efficiency, external rotor electronicallycommutated(EC)motor withintegratedelectronics,Truesoftstart characteristics(inrushcurrentlowerthanoperatingcurrent),Backwardcurve,corrosion resistantaluminiumfanwheel,Maintenancefreedesignandconstruction.The fansection shallbedesignedforhigherairflow.Thefanshallbeprotectedovertemperatureof motor, electronics,lockedrotorprotection,shortcircuit of motor output.FansareIP54,Protection class F. Cabinetand Frame Theunitshallbepowderpaintedsteelpanelswith½”(or10mm)insulation.Ahinged controlaccess panel opens toa secondfrontpanel whichisa protection enclosurefor high voltagecomponents.Theframeispaintedwithapowdercoatfinishtoprotectagainst corrosion.Theunitistotallyfrontandrearaccessibleincludinganycomponentremoval. Unitshallbeprovidedwithcastersandlevelingfeetforaneasyunitplacementintothe row of racks. Air Filtration Thefiltercellsaremadeoftwodeeppleated4”filtersratedMERV8followingASHRAE52.2 (45%byASHRAE52.1)orG4followingEN779,locatedwithin thecabinet,andaccessible fromtherearofthe unit. Frameofthefilter shallbemadeof galvanized steel. Optionalfiltersareavailable:MERV11followingASHRAE52.2-1999(45%byASHRAE52.11992)orF5followingEN779. Cloggedfilteralarmisavailableforstandardandforoptionalfilter.Itsendsavisualalarm todisplay. Employees’ State Insurance Corporation Confidential Page 459 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Refrigerant All units equipped withdirectexpansioncircuitaresuitable for R407C/R134A/R410A refrigerant. Microprocessor Controller Air conditioningmodelsshouldbecontrolledbymicroprocessor based controller. It can be programmedtocontrolthefunctionofeverydevicewithintheunitvia I/O. The controller allows setting and monitoring of the room parameters. Unit utilises multiple temperaturesensors placedat therackinlet,to ensure management andcontrolof temperatureby rack. Each unitshouldbe connected upto10Sensors. Thecontrollershouldallow settingandmonitoringof thefollowingspaceparameters: oAir inletTemperature oAir supplyTemperature (remotesensors atrackinlet) oReturn Temperatureset-point oSupplyTemperatureset-point oReturn Temperatureband oSupplyTemperatureband oHumidity(inlet) oHumidityset-point oHumidityband oRackMin,MaxandAveragetemperature Theexampleof available warnings /alarms: oHighsupplytemperature oLowsupplytemperature oHighreturnhumidity oLowreturnhumidity oLossofairflow oCompressorLowPressure oCompressorHighPressure oElectricalheaterhightemperature(When applicable) oClogged filter oCustomerinput(No4inputs) oLPtransducerfail oCallservice(customerinput) oHightemperature(customerinput) Employees’ State Insurance Corporation Confidential Page 460 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) oUnit hoursexceeded oCompressor hours exceed oHumidifierhoursexceed oSupplysensorfailure oNetwork failure oHumidifierproblem oVariable scroll scroll hightemperature oSmokedetected oFirealarm oRacksensorfailure etc Followingfeaturesshouldbeincorporated inthecontroller: Status Reportofthe latest400event-messagesoftheunit. Inputforremoteon-offandvolt-freecontactsforsimpleremotemonitoringoflowand high priority alarms: high/low temperature, high/low refrigerant pressure, fan/control failure,compressor/control failureand othersare available LAN management:functionsprovidedas standardincludestand-by(incaseoffailureofthe unitinoperation,thesecondonestartsautomatically),andautomaticrotation.Atleast oneunit intheLNA has to beequipped withColdFire largedisplay Automatic restart is provided afterapowerfailure. Monitoring ThereshouldbeSNMPandHTTP/Web-managementcapabilityforenhancedcommunicationsand controlofHPMsystems.ThecardsmakeuseofanEthernetnetwork(10/100Mbit)tomonitorand controlawiderangeof operatingparameters,alarmsandnotifications thankstoastandardweb browser(InternetExplorer).Thecard utilizesstandardEthernetcables(differentcablelengthsare available foryourconvenience onthe Connectivitypricelist). The unit shall also include input for remote on-off and volt-free contacts for simple remote monitoring oflowandhighpriorityalarms:high/lowtemperature,high/lowrefrigerantpressure, fan/controlfailure,compressor/controlfailureandothersareavailable. Condenser The condenser should be with fan speed controller designed &set for usages of R134A/R407C/R410A refrigerant. Condenser shouldbe worked -20 deg C to 46 deg C ambienttemperature.Thecondenserframeshall be madeup ofasturdyaluminium structure. The main disconnector shall be IP65. The entire unit shall be IP54 type of protection.Themotorizedfanshall be IP54, protectionclass F. Employees’ State Insurance Corporation Confidential Page 461 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Additional Features- Humidifier Theunitisfittedwithancanistertypesteamhumidifiersuitableforusewithwaterof varying degrees of hardness, provided that the water is not treated or demineralized (Conductivityrange125500 S/cm). Thehumidifier iscompletewitha water inletvalve, water outlet valve and a maximum water level sensor, disposable cylinder, steam distributorandelectronic controls.HumidifiercontrolisoftheON-OFFtype,canbealso disabledby remotecontact(Optionalhumidifier andreheatlockout).Humidifieris removable fromtherearofthecabinet. Safety&SecuritySystems 22.4 Biometric based Access Control TheIPbasedAccessControlSystemshallbeusedtoservetheobjectiveofallowingaccesstoauthorized personnel only. The system deployedwillbebasedon BiometricTechnology.Thedoorswillbeprovidedwithadditionalelectriclocks, andwill operateonfailsafeprinciple. Thesystemwouldbedesigned andimplementedtoprovidefollowingfunctionality: Configurable system for user defined access Built-in Real Time Clock (RTC), calendar; complete Database stored locally and shall be capable of operating offline on standalone mode Record, report and archive each and every activity (permission granted and / or rejected) with log formats Fail safe operation in case of no-power condition and abnormal condition such as fire, theft, intrusion, loss of access control, etc. At the biometric reader, user presents the finger to the biometric reader which is unique to each employee. The pattern is read and compared with stored data to grant / deny access. 22.5 Fire Alarm & Fire Suppression System Thesolutionshouldbedesignedasacompletestand-aloneunitwithsecurity,firedetectionandfire suppressionsystems.Eachof thesystems is inter-operableandinterconnected. Environmentally friendly NOVEC 1230 agent is used to ensure that no harm to human beings and environmentis caused. Followingsystemsshouldbeinstalled. NOVEC1230Clean Agent for firesuppressionsystem Firedetectionandalarmsystems,with detectorsandpanel. Accesscontrol system. Protectedarea:Theentireenclosedvolumeoftherackcabinisprotectedwithfiredetectionandfire suppressionsystem.Thedoorsaresecured byAccessControl system. Employees’ State Insurance Corporation Confidential Page 462 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 1. TheNOVEC1230systemisdesignedandinstalledasperNFPA2001-2012Edition.SMPV, PetroleumandSafetyExplosivesOrganization(PESO)approvedcylinderfilledwithNOVEC 1230is installedinspeciallydesignedModularrack. Installation: The entire system shall be installed as per manufacturer’s recommendations &instructions includingall interconnections for supply&controlcircuits. All componentsshall beclearlyidentified usinglabels includingbatterycellsindividually. Servicesofauthorizedrepresentativeormanufacturerforsupervisionofinstallation,connections, testing,&adjustments shall be provided. Testing &Commissioning: Undersupervisionofmanufacturer’srepresentativeallsystemfunctions,operations,protective featuresshall bechecked&pre-settoensurecomplianceor specifications. Loadsimulation. Simulationofmalfunctionsto verifyprotectivedeviceoperations. Durationofsupplyonemergency.Lowbatteryvoltagealarm&shutdown,transfer&restorationof normalsupply. Remotestatus&alarmtests. Incaseoftestanyshortfalls/faults,thesameshallberectified&testprocedureshallbeagain repeatedtoestablishsatisfactoryperformance. Transient voltage surge suppressor: Transient voltage surge suppressor (quantity -1) of adequate capacity with response time of 0.5 nano seconds with UL1449-3 certification is required. This will be mounted at the input of the Integrated data center rack to protect the Rack from surge spikes. 22.6 Data Center Infrastructure Management (DCIM) solution The Data Center Infrastructure Management solution shall have the following capabilities and features: General 1.1. An enterprise class platform solution, consisting of hardware appliances and software, that is designed to integrate IT and facilities management of the data center. 1.2. The DCIM solution should be vendor equipment agnostic. 1.3. Support multi-browser access for Microsoft Internet Explorer, Firefox and Chrome. 1.4. Have a click-and-drag, easy to use user interface. 1.5. The DCIM solution must be able to support multi-sites. 1.6. The DCIM solution must be able to represent the data center in the following hierarchy structure: Employees’ State Insurance Corporation Confidential Page 463 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 1.7. The solution must have a top-down view of the data center. This enables the user to visualize and perform placement of racks and other floor-mounted assets. Capacity visualization should be available from the top-down view. 1.8. The solution must have a rack view that allows the user to view the front and back of the rack design with a detailed level of clarity and reliability. Rack properties and capacity visualization must be available from the rack view. 1.9. The solution must have an asset view that allows the user to view a single asset. Asset properties and capacity visualization must be available from the asset view. 1.10. The solution must have a connection view that allows the user to create cable-based connections between data center equipments 1.11. The DCIM solution platform should have modules that supports: a. Inventory Management. b. Facility Management. c. Change Management. d. Power Management. e. Energy Management. f. Remote Access Management. 1.12. The DCIM solution should have a quick launch menu enabling easy access to commonly used modules. 1.13. The module should have a navigation tool that track the data floor and equipment access. 1.14. The DCIM solution should be able to show the data center and its containment in a tabular view. 1.15. The module should be have the following layers: a. Ceiling Employees’ State Insurance Corporation Confidential Page 464 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 b. c. d. e. f. g. 1.16. Annexures (Part-II) Floor Under raised floor Grid Background Text Status The module should have to capability to hide unwanted layers. 1.17. The module should have the capability for inventory to be placed on different layers for correct representation. 1.18. The module should have the capability for multiple zones definition within the data center floor. The zones definition can be of different shapes and sizes. 1.19. The DCIM solution should have tools that allow for: a. Drawing of new floor space in a square or rectangular shape. b. Drawing of new floor space in a user defined shape format. c. Zone definition. d. Textual annotations. e. Wizards for floor grids creation. 2. Inventory Management 2.1. Ability to visually model the data center, the racks and individual IT elements within a rack. The models must be drawn to scale and not limited to just one (1) data center. 2.2. The DCIM solution will have a product catalog that contains: a. Floor mounted equipment’s like UPS, CRAC and rack. b. Rack mounted data center equipments like server’s equipments and network equipments. c. Server and network equipment components. 2.3. For each of the equipment in the product catalog, it should have, but not limited, to the following properties: a. Graphical picture of the equipment. b. Manufacturer name. c. Product Line. d. Model. e. Physical Dimensions. f. Power data. Employees’ State Insurance Corporation Confidential Page 465 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 2.4. There must be the capability to create new custom property fields for the data center equipments. 2.5. The product catalog can be updated to contain the latest data center equipments. 2.6. The DCIM solution will allow searching within the product catalog using: a. Manufacturer's name. b. Product Line. c. Model name. d. Type. 2.7. The DCIM solution must have a click-and-drag capability from the product catalog to the data center floor or the rack itself. 2.8. The data equipment repository must be able to differentiate equipments that are deployed in the data center and those that are in the inventory warehouse. 2.9. Must be able to import existing data center equipment information that is stored in Microsoft Excel format. 2.10. To be able to quickly locate the data center equipments, the DCIM solution must, at minimum, be able to search by: a. Manufacturer's name. b. Product Line. c. Model name. d. Type. 2.11. The solution must be able to recommend equipment placement within the data center base of the equipment characteristics of, but not limited to, a. Equipment dimension. b. Power requirements. 2.12. The DCIM solution should have, at minimum, the following equipment information panels for: a. Properties. b. Port. c. Capacity. d. Position. e. Connections. f. Control. g. Placement. Facility Management 2.13. The DCIM solution must supports the following protocol: a. Modbus b. BACnet Employees’ State Insurance Corporation Confidential Page 466 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) c. SNMP 2.14. The DCIM solution is able to receive alarm notification from the different facilities equipments and display the alarms in a centralize console. 2.15. Base on the incoming alarm, the DCIM solution should be able to differentiate the alarm to be a service or non-service impacting. For service impacting alarm, the DCIM solution will indicate the event as an critical event. 2.16. The DCIM solution should be able to display alarms in: a. Tabular format with: i. Severity level. ii. Event start time. iii. Alarm description. iv. Device name. Calendar format showing the event duration in day, week and month view. b. Topology view map. 2.17. Allows the operator to have the ability to filter events base on severity and event type. 2.18. Able to suppress unwanted events. 2.19. The DCIM solution is able to allow a space or equipment to be place in maintenance mode. This will suppress notifications from equipments that is in maintenance, reducing alarm floods. 2.20. Able to set operational threshold for selected data points of the facility equipments. Alarm will be generated upon threshold breech. 2.21. Able to select facility equipment data points and display trend graphs that will show the have facility equipment performance. 2.22. a. b. c. d. Able to create customized notification events to be able: To be send out via Email or SMS. To be associated with a user role. To have notification delay before sending. Forward as an SNMP trap to a third party system. 3. Change Management 3.1. The DCIM solution must be able to create projects for data center install, move, add and change activities. This allows the changes that are happening within the data center to be plan track and audited. 3.2. The DCIM solution allows the project to be display in either tabular format or Gantt chart format. Employees’ State Insurance Corporation Confidential Page 467 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 3.3. Within each project, the DCIM solution will allow the operator to create and manage: a. System tasks. b. User defined tasks. 3.4. The DCIM solution must be able to detect and highlight project conflicts and allow the operator to resolve them. 3.5. The DCIM solution is able to notify the operator when a project is initiated, changed or completed. 3.6. The DCIM solution should have a project timeline to track and show the changes that are occurred in the data center. Power Management 3.7. The DCIM solution must be able to dynamically visualize the energy path through the power system and breaker state. 3.8. Have electrical one-line diagram of the data center power system connectivity from the utility entrance to the rack PDU. 3.9. Able to trigger alarms on reaching individual equipment capacity reservations. 3.10. Able to trigger alarms on reaching multi-equipment capacity reservations. 3.11. Able to trigger alarms on reaching aggregated capacity reservations. 4. Energy Management 4.1. The DCIM solution must have a default Power Usage Effectiveness (PUE) reporting matrix for Category 0, 1 and 2. This reporting matrix can be customize to reflect the customer's environment. 4.2. The DCIM solution must have a dashboard to display matrices for: a. Resource consumption, such as electricity. b. Efficiency matrices. c. Stranded capacity 4.3. The DCIM solution is able to calculate electrical usage cost and water cost. 5. Remote Access Management 5.1. The DCIM solution should have the capability to manage: a. Server KVM sessions. Employees’ State Insurance Corporation Confidential Page 468 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) b. Serial console sessions. c. Service processor sessions. This will allow the operator to manage the in-rack equipment remotely without entry into the data center. 5.2. The DCIM data collection appliance should have the capability to support KVM, serial and service processor management. DCIM Data Collection Appliance 5.3. The DCIM solution must have a data collection appliance module. The appliance module must be able to communicate for the following protocol: a. Modbus b. BACnet c. SNMP 5.4. The DCIM data collection appliance module must be capable of real time data collection for a maximum of 10,000 data points. 5.5. The DCIM data collection appliance module can collect data from: a. Temperature sensor. b. Humidity sensor. c. Motion sensor. d. Smoke sensor. e. Water leakage sensor f. Digital output from buzzer, beacon and door lock. 6. Planning/Reporting 6.1. Provides at-a-glance view of available capacity of space, power, weight, heat/cooling and network ports. 6.2. Provides at-a-glance view of potential issues of space, power, weight, heat/cooling and network ports. 6.3. The DCIM solution must be able to provides: a. Impact assessment and analysis of IMAC. b. Visibility into the business cost. c. Capacity utilization. for all the requests for data center infrastructure and equipment changes. 6.4. The DCIM solution must be able to create and organize project groups that contain IMAC tasks Employees’ State Insurance Corporation Confidential Page 469 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) that will be executed together. 6.5. For planning, the DCIM solution must have the capability to create “what-if” scenarios to understand the impact of a IMAC (Install, Move, Add, Change) to the data center infrastructure and assets. 6.6. The DCIM solution must have a project timeline that reports on the past, current and future state of the data center and its equipment. 6.7. The DCIM solution must be able to perform rack space reservations for equipments for future projects. 7. Powerful three-dimensional software tool for simulating cooling performance of data centers. State-of-the-art computational fluid dynamics (CFD) techniques, and applicable to both raisedfloor and non-raised-floor data centers. Construct a computer model of the data center and uses the technique of Computational Fluid Dynamics (CFD) to calculate the airflow pattern and pressure/temperature distributions. Designing efficient data centers, Evaluating options for positioning new equipment, Examining "what if" scenarios, Streamlining installation and commissioning, Preventing heat related outages of computer equipment, Making cost-effective investments in cooling-related hardware. DCIM Mobile Operations • • • • • • • Innovative image recognition technology and bar code scanning capabilities Update information in real time or offline Search for racks and devices View the DCIM platform reports in real time View device capacities and port Place, remove and move devices Update and view power connections • Download app from iTunes and enable mobile module • iPad 2, iPad 3 iPad 4* running iOS 6.0 or higher 8. Management Appliance The appliance is supplied with dual power supplies. 1.1. Must be able to have users of different permission levels for system administration and usage. List the available categories 1.2. Support external authentication of Microsoft Active Directory and LDAP. 1.3. The solution must have the capability to interface with third party solutions through its API. The available APIs must be web services, SOAP and XML. Employees’ State Insurance Corporation Confidential Page 470 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 1.4. The appliance supports dual stack IPv4 and IPv6 protocols. The administrator can use the web UI or CLI to configure support for IPv4 addresses only or for both IPv4 and IPv6 addresses. The following list describes the IPv4 and IPv6 support provided in the appliance: Appliance should support IPv4 and IPv6 support • DHCP • Central Management software integration • Ethernet interfaces, GB1 (eth0) and GB2 (GB2 (eth1)) • Firewall (IP tables) • HTTPS • Linux kernel • Remote authentication: AD and LDAP servers • SSH and Telnet access, Syslog Server The Management appliance should enables users who are authorized for rack power distribution units (IPDU) and service processor (SP) power management to turn power on, turn power off and reset servers via their embedded SP devices plugged into a connected rack power distribution unit. The Management appliance should allow you to view, move or copy data located on virtual media to and from any target device. Manage remote systems more efficiently by allowing operating system installation, operating system recovery, hard drive recovery or duplication, BIOS updating and target device backup. The Management appliance, has eight autosensing ports that can be used for either service processor (SP) or serial connectivity and management. It has an additional 32 RJ45 ports which are intended solely for SP connectivity and management. The Management appliance should have 40 autosensing ports that can be used for service processor (SP) or serial connectivity and management. The Management appliance should support upto 40 simultaneously KVM sessions, upto 1024 service processors and data collection upto 10,000 data point per minute. An administrator can enable auto discovery to find the hostname of a target connected to a port. Auto discovery’s default probe and answer strings have a broad range. An administrator can configure sitespecific probe and answer strings The appliance should supports rack and blade server SPs from the following vendors: Dell®, HP, IBM®, CISCO®,Fujitsu®, Oracle® Sun and additional IPMI implementations. Standards Approved: Standards Approved Agency UL, FCC, cUL, ICES-003, CE, VCCI, KCC, C-Tick, GOST Employees’ State Insurance Corporation Confidential Page 471 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Service Processor Support • IPMI 1.5 (incl. nonstandard SoL support), IPMI 2.0 • HP integrated Lights Out (iLO, iLO3) HP IPMI, HP Blade System • Dell Remote Access Cards (DRAC3, 4, 5), Dell Blade Center DRAC MC, DELL 10G, M1000e Blade Chassis Controller, Blade Chassis Management Controller/iDRAC for blades/iDRAC6 for blades •Cisco UCS-C Rack Mount servers •FSC iRMC, iRMC S2 • IBM RSA (RSA II), IBM Blade Center • Sun ALOM, Sun ILOM, Sun eLOM Server Management •Console access via SoL and vKVM • Console data logging (local, NFS, Syslog) •Power on/off/cycle/status support • Graceful shutdown support (IPMI only) •System event logs (SEL) •Hardware environmental sensors •Alert management •Platform event traps (PET) 22.7 KVM Switches Specification: Minimum Requirement Description KVM- quantity - 5 KVM 10.4.15 KVM Switches It should have a minimum of 16 ports. Employees’ State Insurance Corporation Confidential Page 472 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 10.4.16 IT infrastructure management software Annexures (Part-II) It should support minimum of two remote users and one local user at each switch. This switch should have the following functionalities. It should take control of servers at BIOS Level It should facilitate both in-band & out-of band access. It should have dedicated 2 ports to integrate with intelligent power strips to reset power of remote device at port level. Remote console level access of both Servers and serial devices such as routers. Serial adaptor should support supports SSH connections pin out to make connections to Cisco equipment quick and easy without the need for any additional external wiring adapters or special wiring. Should support IPV6 It should have facility to integrate with secure management devices. It should support Virtual media enables remote USB connections and support for smart card/CAC readers. Shall have 2 gigabit Ethernet ports and support 10/100/1000Mbps. Virtual Media Support of multiple media including .iso image files Shall have redundant power supplies installed. 19 inch rack mountable design. Browser based Management’ for both remote and local using standard browsers on Windows and/or Linux. Should support display resolution of 1600 X 1200 or better. Single window access to all the equipment connected to the switch, equipment access logs, and event history and should send email alerts based on log details as triggers. Absolute mouse synchronization. To connect all the ports of the supplied KVM switches to servers / network elements, the required cables / accessories should be provided. The connectivity between the KVM and servers should be UTP using a compatible server interface module with dual USB and has to support BIOS level virtual media. Compliance from Approved Agency: UL, FCC, cUL, CE, VCCI,C-Tick, CB The management software should provide unified, secure access to KVM, serial and power ports of Data Centre devices via a Web browser. The centralized management software can be installed on dedicated Physical or virtual server having specific operating system providing the administrator to put restrictions onto the server as per policies and manage it. The software should work have open editable database. Centralized management software should provide “Hub and Spoke” architecture allows for high availability and distributed access across locations. Hub and spoke architecture based solution for failover and replication of management database across locations It should provide policy and security based management of users and devices connected to KVM,IPDUs Employees’ State Insurance Corporation Confidential Page 473 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) It should be able to assign specific node access to a specific user. It should allow the administrator to access, manage and view all equipment, users and access permissions from a single remote device. It should be able to integrate and manage the Virtual infrastructure. Should allow to integrate the RDP,VNC viewer, telnet and SSH services to access the target servers and network appliances over IP. The system should provide the ability to monitor and measure the power consumption of the datacenter. Generate reports on the power consumption, comparative reports between individual racks, rows of racks or a data center as well. Also The system should provide the ability to calculate the cost of power consumption by a rack, a row of racks or the data center as a whole in different currency values like US$ and INR The Management software should natively integrate with ESX servers, VMware Virtual Infrastructure, including Virtual Centre and Virtual Machines and Citrix Zen virtual servers provide the ability to manage them. It should provide a federated view of the virtual servers The system should easily integrate with the existing security infrastructure, authenticating against our internal or external standards-based services. Integration with LDAP, NT /AD, TACACS+, RADIUS and RSA Secure ID is required It should support Virtual Media Deny, View and Control access policies. Centralized management software will provide Access Control List (ACL) and role segmentation for target equipment including Virtual media access to individual server. Should be able to create unlimited users and allow a minimum of ten concurrent users. It should log user activities (login/logout, connect/disconnect), configuration changes at both appliance and managed devices, and status changes of the connected appliances. All of these logs should be forwarded to a network management system or enterprise notification system via SNMP or syslog. Shall have security features that enable integration with Active Directory or any other external authentication tools. Flexible session time-outs. It should allow: TCP/IP, HTTP/HTTPS, SSL, DNS, and LDAP/LDAPS through network interfaces. It should be able to do Auto-discovery with devices connected for their availability status, and alarms. Shall have flexible logging and reporting options with audit trails for diagnostics and troubleshooting. Shall support viewing and management of active user sessions and active ports in real time. Shall support authentication mechanism in active-active mode on a hub and spoke architecture. The system should have the ability to measure and collect historic data per rack, based on power consumed over period of time with graphical reports on Employees’ State Insurance Corporation Confidential Page 474 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 10.4.17 Serial console management Annexures (Part-II) Kilowatt per hour. Should allow clients with all standard operating systems including Windows 2003/2008 Server/XP, Windows Vista, RHEL AS 5.0 and Fedora Core 4. The contractor should design a Serial over IP Management System, which can control all the appliances which provide the access through RS232 like Network devices, CLI based Servers. The physical unit shall be rack mountable and not more that 1U height. It shall be able to connect to not less than 48 servers per unit. The physical connection between the local server room site and the remote access site shall be thru a CAT 5/6 Cable. It shall use industry standard TCP/ IP (Ethernet) connections and software encryption to transmit Serial signals and provides IT administrators with a consolidated view of all connected devices. The system should support DES,3DES,AES or 128 bit SSL encryption The solution need to have offline data buffering and data logging feature, which can capture the data flow through the ports and this also need to support NFS/FTP file transfer. should provide multiple system management options o Configuration wizard for first time users o Command line interface (Linux Shell) o Web Management Interface (HTTP/HTTPS) It should support Auto discovery of target devices for automatic deployment. The solution must provide a centralized management for Serial based access and power management. A Single browser access to the equipments connected The solution should provide a dial in option as redundancy in case of primary link failure. The serial solution should have built-in modem support for given out of band access in case of the device is not accessible over IP. The serial solution should comprise of dual 32–bit PCMCIA support, for wireless/modem/dial-in cards support. Must have the capability to do be daisy-chained, and should support up to 1024 ports to be daisy-chained. The Serial solution must support dual power source for redundancy. The serial solution has to have option for http / https / telnet / SSH access, and must have fail-over support for Ethernet. The solution should support the following features: Preset security profiles – secure, moderate and open Should support Custom security profiles as per user requirements. Support SSHv1 and SSHv2 Support DHCP for dynamic IP address assignment Support PPP/SLIP for dial-up Support NTP for time server synchronization Support RFC2217 support for remote serial port access Employees’ State Insurance Corporation Confidential Page 475 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 10.4.19 Rack mounted LCD panel Annexures (Part-II) Should support integration with RADIUS, TACACS+, LDAP/AD, NIS and Kerberos authentication Local backup user authentication support PAP/CHAP and Extensible Authentication Protocol (EAP) authentication Group authorization like TACACS+, RADIUS, and LDAP, Port Access System event syslog IP forwarding support & IPsec with NAT traversal support Secure factory default Strong password enforcement LCD Display area should be 17 inches 1U Formfactor Rack Mountable Design with mounting brackets fitting into 19" rack Should integrate with Standalone IP based KVM switch for Rack level local access Support PS2 & USB, Also SUN & Serial devices is supported through different suitable server interface modules Should be simple plug and play auto-configure installation. Support for On-Screen Display inmultiple languages Should have LCD Resolution 1280x1024 Should have LCD Color 16.7 M true colors 16.7 M true colors Should have LCD Viewing Angle 80° horiz/vertical/left/right Should have LCD Contrast Ratio 1000:1 Should have LCD Brightness TYP. 250cd/m2 Approved agencies : RoHs, China RoHs, UL, Ulc, CB, CE, FCC/EMC, BSMI, CCC, VCCI IPDU technical Specifications Intelligent rack PDUs Adaptive ( Modular ) Powerstrips Outlets : 4 to 36 ( can be customized and Configurable ). IEC outlets combination of IEC C13 and IEC C19. Vertical Form Factor. Single & 3-Phase Versions With NA & European Standards Provides PDU / Strip level metering. Highest Operating Temperature @ 55 Degree Centigrade.( This is good because you are going to have cold-aisle containment so the temperature will be very high in hot aisle were your power strips(PDU) will be located. Measurement Accuracy: +/-5% Volts & Amps Employees’ State Insurance Corporation Confidential Page 476 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) The rack power distribution shall be a zero U mounting unit Rack power distribution should have at least 21nos of C-13 outlets & 6 nos of C-19 outlets Rack power distribution offerings meet the needs a way to monitor the current draw at each rack and at each outlet level IPDU should have capacity upto 8KW. Has capability to measure current drawn at strip level. PDU Can be managed through Telnet/SSH, SNMP, IP, Serial through Centralized Management Software as well. The Contractor has to design a Power Management System to perform remote power management of the server room appliances thru IP network. The Power Management unit must support 16 Amp/32 Amp power sockets. The Power Management Unit should be accessible over IP Address. The Power Management Unit should have 10/100/1000 Ethernet and 2 Ethernet ports for connecting external temperature and humidity sensors. The physical connection between the server and the appliance should be using C13 standard IEC cables. Must have the capability to do be daisy-chained, and should support up to 120 ports to be daisy-chained. Must have an option for serial access to the appliance. Sequential power on per outlet to avoid more consumption of power. The integrated Power Management solution should allows the administrator to remotely control the power of the server (Switch ON/OFF/Cycle), the power management solution should also allow the administrators to LOCK/UNLOCK the power outlets which are and have no target devices connect to the outlet. Power management unit should support SNMP trap enabled. The power management solution should have an in-built temperature sensor and current sensor, which alerts the administrator based on the threshold values set. It should provide the reports for power consumption on IPDU level, Rack level and should be scalable enough to provide the graphs, comparison sheets for defined time stamp in near future. The feature of setting min and max. Threshold should be available and a proper reporting system should be in place to provide the alerts (email) in case any threshold value exceeds. Rack Power Manager allows you to create significant energy savings by – Allowing you to analyze your energy trends – Identify peak and off-peak trends – Scheduling outlet level power control to disable redundant servers during off-peak hours Employees’ State Insurance Corporation Confidential Page 477 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 – Annexures (Part-II) Automatically schedule non-essential hardware to be powered down during off-peak hours 22.8 DG Set: 125 A-3 Ph Silent DG Set shall comprise of the following : A. DIESEL ENGINE: 6 cylinders, 4 stroke cycle, Water cooled turbo charged after cooled, developing 159 BHP at 1500 RPM under NTP conditions of BS:5514. The engine shall be provided with electrical starting arrangement & shall give the electrical output of 125KVA/100KW at 0.8 power factor, 415Volts at the alternator terminal. B. ALTERNATOR: Single bearing alternator suitable for continuous operation generating 125KVA at 1500 RPM, 415Volts , 0.8 power factor (lag) suitable for 50 Hz, 3 phase, 4 wire system, confirming to BS 5000/ IS 4722. The alternator is brushless type, screen protected, revolving field, self-excited, selfregulated through an AVR. The alternator has the following features: - ± 1.0% voltage regulation (max.) in static conditions IP: 23 protection with insulation class H Permissible overload of 10% for one hour in 12 hours of operation. C. ENGINE CONTROL PANEL: The Control Panel is manufactured with 14/16 gauge CRCA sheet and is powered coated for a weather-proof and long lasting finish. The Control Panel consists of the following parts: - Controller Aluminium Bus Bars with suitable capacity with in/outgoing terminals Indicating Lamps for ‘Load On’ and ‘Set Running’ Instrument fuses duly wired and ferruled MCCB of suitable rating with overload and short circuit protections. Genset Controller: Employees’ State Insurance Corporation Confidential Page 478 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Controller is a microprocessor based generator set monitoring and control system. The control provides a simple operator interface to the generator set, manual and remote start/ stop control, shutdown fault indication, and an LCD hour counter. The integration of all functions into a single control system provides enhanced reliability and performance compared to conventional generator set control systems. The control has been designed and tested to meet harsh environment in which gensets are typically applied. Features, Functions, Protections 16 character x 2 line alphanumeric LCD display with LED backlight Operator interface Provide a record of most recent fault conditions. Fault history stored in the control nonvolatile memory Provide Alternator data -Voltage (line to line and line to neutral voltage) -Current (1 ph or 3 ph) -kVA (3 ph and total) -Frequency Provide Engine data -Starting Battery Voltage -Engine running hours - Engine Temp. - Engine oil pressure Control includes provision for Service adjustment and calibration of DG control functions -Voltage, frequency selection -Configurable input and output set up -Meter calibration Engine controls Power Start operates on 12 VDC batteries Auto start mode accepts a ground signal from remote devices to automatically start the DG set. The remote start will also wake up the control system from sleep mode. Engine Starting – The control system supports automatic engine starting, Primary and back up start disconnects are achieved by battery charging alternator feedback or main alternator output frequency. Controller provide configurable time delay of 0-300 sec to start after remote start signal and time delay of 0-600 secs prior to shutdown after stop signal. Sleep mode increase battery life. Configurable current settings from low to minimize current draw when genset is not working. Engine Protective Functions includes Configurable alarm output Emergency stop: Annunciated whenever an emergency stop signal is received by the control. Low Lube oil pressure warning and shutdown High engine water temperature warning/ shutdown Low coolant temp warning Sensor failure indication Low and high battery voltage warning Employees’ State Insurance Corporation Confidential Page 479 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Weak battery warning Fail to start shut down Cranking lockout: Control will not allow the starter to engage or to crank the running engine Cyclic cranking: Configurable for the number of starting cycle (1 to 7) and duration of crank and rest periods. Alternator Protective functions includes High and Low AC voltage shut down Under and over frequency shutdown / warning Loss of sensing voltage input shut down D. ESSENTIAL ACCESSORIES: Fuel tank: Sub Base Fuel tank of 14 SWG MS sheet of adequate capacity. Base Rail: Base Rail with integral fuel tank is provided. Battery For electrical control circuit 1 no., 12 Volts, 65 AH batteries for electrical starting of DG set. E. Acoustic Enclosure: Sound Proof, Weather Proof enclosure. Confirms to statutory Govt. noise level norms. The Enclosure is of modular construction with the provision to assemble and dismantle easily. The Enclosure is fabricated in 16 SWG-CRCA-sheet. All Nuts-bolts, hardware are of Stainless Steel for longer life. Battery is provided in a tray inside the Enclosure. Doors are gasketted with high quality EPDN gaskets to avoid leakage of sound. Sound proofing of enclosure is done with high quality foam of suitable thickness and density for better sound attenuation. A special Critical grade silencer is provided to control exhaust noise. Specially designed sound attenuators are provided to control sound at air entry & exit points inside the Enclosure. To make the system vibration free, engine and alternator are mounted on specially designed anti-vibration pads mounted on base frame. The enclosure is designed and layout of the equipment is such that there is easy access to all serviceable parts. Adequate ventilation is provided to meet air requirement for combustion & heat removal. There is an arrangement for illumination inside the Enclosure. Standard Control Panel is mounted inside Enclosure itself. With UV resistant powder coating, can withstand extreme environments Noise level is 75 dB(A) at distance of 1 mtrs. in open free field environment as per ISO 8528 part 10 CPCB-II specifications. Fluid drains for lube oil and fuel Fuel filling point Employees’ State Insurance Corporation Confidential Page 480 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 22.9 Earthing Specifications: Vendor will provide class A earthing for communication equipment’s at locations as listed in annexure, The earthing pit will be maintenance free earth pit as per specifications mentioned below. Proper grounding protection system shall be designed and provided as per the system requirements and relevant safety standards. The system should have (at least) two distinct types of grounding system. One for the body earthing of all the metallic parts of the system and the other for providing clean earth to servers. Each type of grounding shall have at least 3 nos. of earth electrodes and shall form a grid. All non-current carrying metal parts of the electrical installation shall be earthed as per IS: 3043. All metal enclosures, cable armour, switch gears, meters etc. shall be bonded together by two separate and distinct conductors to earth electrodes. Earthing shall also be in conformity with the provisions of rules 32,61,62,67 and 88 of IER 1956. These specifications apply to both copper and GI earthing system. Earthing electrodes shall be designed as per requirements of clause 17.2 of IS: 3043. The resistance of earth electrode shall be as low as possible, the maximum allowable value being one ohm. Earthing electrode of plate type shall be adopted. 22.10 CCTV Surveillance: The system should be fitted with an IP enabled CCTV based surveillance system for monitoring of activity within the DC and DR. The system must be supplied with suitable number of cameras and control system to cover each nook and corner of the DC -DR and the access door.The system should have the facility of remote viewing over IP network and recording facility. 23. Migration Plan: Guidelines to fill in the compliances Compliance levels to be used under the "Compliance" column 1 Fully Comply The Solution proposed by the Supplier in its Proposal is fully compliant with this requirement “today”. Once it is fully compliant there should not be any remarks against the same. Employees’ State Insurance Corporation Confidential Page 481 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Partially Comply Annexures (Part-II) The Solution proposed by the Supplier in its Proposal is not fully compliant with this requirement “today”. The Supplier must also clearly indicate, which clauses/sub clause of the functional requirements are partial compliant and if the same can be compliant in the product roadmap along with the timelines. The Solution proposed by the Supplier in its Proposal is not compliant with this requirement. Complete description is expected under the "Compliance Response" for each requirement especially for items which are partially or non-compliant with reasons for the same For each requirement provide the module name of the solution that will enable the functionality under the "Module Name" column Non-comply 2 3 Requirements List of Servers/Applications in scope for DATA CENTER & DR Site To migrate 'Antivirus' server To migrate 'Antivirus/DHCP' server To migrate 'App-FTP' server To migrate 'Backup' server To migrate 'BI' server To migrate 'CSA' server To migrate 'DB' server To migrate 'dc-ins-db7' server To migrate 'dc-ins-db9' server To migrate 'dc-mes-proxy3' server To migrate 'DMS' server To migrate 'EBIZ' server To migrate 'EMS' server To migrate 'ERP' server To migrate 'HIS' server To migrate 'Impress Server' server To migrate 'Insurance' server To migrate 'Messaging' server To migrate 'Mess-test' server To migrate 'MW' server To migrate 'NA' server To migrate 'Novell' server To migrate 'Pehchan' server Employees’ State Insurance Corporation Confidential Page 482 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) To migrate 'PID Plus' server To migrate 'Portal' server To migrate 'Remedy Test' server To migrate 'Solar wind' server To migrate 'SSO' server To migrate 'SSO1' server To migrate 'Syslog' server To migrate 'Test' server To migrate 'VM-Test' server Requirements To provide & deploy the End to End Solution to Consolidate or Virtualize the 229 INTEL Servers in DC on High End x86 Servers or Intel Servers. To provide & deploy the End to End Solution to Consolidate or Virtualize the 104 INTEL Servers in DR on High End x86 Servers or Intel Servers. Supply of new Servers along with the required Software's and other associated equipment’s or accessories to deploy the end to end proposed Solution Site Requirement Specifications about the cabling (LAN, SAN, Power) and if any work related to passive components the same shall be taken care by Supplier Carry out site inspection and co-ordinate with Operation team to ensure site readiness for the installation Any type of site readiness w.r.t to cabling (Power, Lan, SAN etc) to be taken care by Supplier Site requirements Specifications, Study of the Current Infrastructure & Study of the current database, applications requirements Gathering information about current installation, configuration & HA Setup (ips, hostname, virtual ips, paths, storage) Defining the cluster type for various database like Active-Active Active/passive os cluster. (As per existing setup) Employees’ State Insurance Corporation Confidential Page 483 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Database design of acceptance for database and related database test plan for tests to be conducted enabling the successful completion and handover Design of acceptance test plan for new servers Overall design architecture w.r.t to deployment Physical inspection for transport damage etc., if any. Power ON test for all active components to detect 'Dead On Arrival" symptom, if any. Raise shipment related alerts and escalate, if any. Planning Host names, IP addressing and Disk Storage etc. If any changes are required in the applications to be migrated to new solution, suppliers must coordinate with application team and get them done. If any support is required from the OEM to migrate the applications to the new Solution, suppliers must co-ordinate and get it done. File Systems and Application level Storage planning and availability (Mirroring, RAID, HA) Supply of any hardware's & software's required in implementing the Solution The Project management till handover to the Operation team Any kind of application software deployment required for implementing the Solution Any kind of scripting/ customization if required for migrating the applications to the new Solution Any kind of product training Any kind of hardware movement for rack space optimization Any kind of backup/restoration till handover to the Operation team Employees’ State Insurance Corporation Confidential Page 484 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Dismantling of existing hardware Implementation Assembling of all server components and Installation of Servers in Racks Operating system installation and configuration Installation of the recommended OS Patch Cluster Installation of application specific OS level patches ( if any ) as suggested by application sub-system User and group creation as per existing setup Assigning permission on the file system as per application's requirement Storage Integration The existing storage or new storage will be used for host integration. OS Cluster & DB Implementation Installation of the recommended OS Patch Cluster Installation of application specific OS level patches ( if any ) as suggested by application sub-system Database installation and configuration Data migration from existing database to new instance (using storage features wherever possible) Backup Software The new instances will get integrated with existing backup master server & backup licenses will be provided by ESIC if required Data backup before the migration activity has to be taken by Supplier with the help of the Operation team Integration Any changes in the production network & security components will be carried out by Supplier with the help of the Operation team Employees’ State Insurance Corporation Confidential Page 485 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Network Ports for the new hardware will be installed by the Supplier with the help of Operation team Ports on the Fabric switches will be installed by Supplier with the help of Operation team to Connect the Server to the SAN Storage Any other activities required in deploying the proposed Solution shall be taken care by Supplier Migration of application's to new Solution Migration of the in scope application's to the new deployed solution and monitoring the same till handover to Operation team HAND-OVER PHASE Acceptance Testing Testing of the hardware as ATP defined in designed phase Documentation on the implemented setup Handholding to support team and final sign-off 24. Application related DC/DR requirements: DR should be replica of DC. Application version at both the places viz Data Center and Data Recovery Center must be same. There should not any degradation in application performance if it runs from DR center. Database at both the places should be in sync, so that at any point in time integrity of database is intact. Services like load balancing; caching and performance-enhancing services need to fit into a highly distributed, application-focused environment. This ensures isolation, such that failure is limited to an individual application stack. A lightweight footprint of load balancing for application services also serves to increase service density and efficient resource use so that all applications and services receive the attention to security, scalability and performance they not only deserve but the business demands. In the current automated application environment, it is critical that application services are supported by orchestration-friendly APIs to ensure easy integration with the tools and frameworks used to automate and manage deployments. These APIs also enable auto scaling up and back down, which supports the need for efficient resource use in these increasingly dense deployments. End User related DC/DR requirements: Employees’ State Insurance Corporation Confidential Page 486 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) From an End User perspective, Application Services should ensure creation of value for the enterprise by providing enhanced mobility and end-user experience by enabling easy and secure access from any device through increased virtualization of business and desktop applications. End users should have the freedom to choose their own device, promoting productivity and flexibility. Create a fit-for-purpose workplace environment by deploying the solution to cater to specific user personas by taking into consideration work roles, user behaviour and extent to which technology is leveraged. End-user services to ensure workplace support augmented with self-help, self-service and self-healing migration to newer operating environments. 25. Hardware OEM Criteria for Services and product: 1. OEM should have done E-governance Govt. project in India. 2. OEM should have presence in India from last 05 consecutive years. 3. OEM should provide minimum 03 references for product being offered for DC and DR E Governance or govt. Project in India. Details should be provided on OEM letter head 4. OEM Should have India based TAC support. Details of the India based TAC should be shared on OEM letter head. 5. OEM Should be able to provide mission critical manpower resource and 5 spare depot across pan India for the entire period of contract. 6. The product being offered by the OEM should not be declared End of support till at least 3 Years from date of bidding. OEM must confirm on their letter Head. 7. OEM should certify deployed solution effectiveness at ESIC DC-DR. 8. SI should have a back to back support arrangement with the OEM. Support contract should be shared with customer post bid closure. 9. OEM should be a profit making entity from last three years. Software OEM Criteria 1. For all software’s the updates, patches, bug fixes should be available for the entire period of contract. 2. Minimum 200 hours of direct OEM support for the software product supplied to be included per year for the entire period of the contract. Employees’ State Insurance Corporation Confidential Page 487 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) 26. Exception: 1. Any Deviation or exception from the minimum requirement description will be rejected. 27. General Instructions: Solution and Services offered may be implemented directly by OEM. Factory acceptance test will be carried out at OEM premises. Employees’ State Insurance Corporation Confidential Page 488 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Annexure 28 Current SLA with the current Service Provider Dated [06-03-2009] Service Level Agreement Service Provider Limited Prime Services Agreement dated [06-03-2009] BETWEEN the Employees State Insurance Corporation (“ESIC”), and Service Provider Limited (the “Service Provider”). 1. This Service Level Agreement (“SLA”) is issued pursuant to and forms an integral part of the above referred Prime Services Agreement dated [06-03-2009] (the “Prime Services Agreement”) for provision of Services as described therein by the Service Provider to the ESIC and Stakeholders and accordingly the provisions of the Prime Services Agreement shall be applicable hereto. Any term not otherwise defined herein, shall have the meaning specified in the Prime Services Agreement. 2. Service Provider shall pursuant to and in accordance with the Prime Services Agreement and this SLA provide to ESIC (including Stakeholders) the [Base Services*/Additional Services*] described in Exhibit I to this SLA, which contains a complete description of the services, deliverables and/or other tasks to be accomplished, the milestones and implementation schedule. These are in addition to and not in derogation of the Prime Employees’ State Insurance Corporation Confidential Page 489 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Services Agreement and shall be deemed to be under the Prime Services Agreement and the Service Provider shall accordingly provide all personnel, resources and finances for the performance and delivery of the same pursuant hereto. 3. The methodology and measures to be used for management of the [Base Services/Additional Services*] including for performance, tracking, monitoring and reporting of Services and System performance on a regular basis during the Term of the Prime Services Agreement including any extensions thereof shall be as set forth in this SLA. The provisions herein contained are in addition to and not in derogation of the provisions contained in Prime Services Agreement. 4. Without prejudice to the foregoing in relation to the provision pursuant hereto of Services and related Systems the Project Management shall be in accordance with Exhibit II A. Availability Management shall be in accordance with Exhibit II B hereto; Performance Management shall be in accordance with Exhibit II C; and Service Management shall be in accordance with Exhibit II D hereto. 5. All Intellectual Property Rights in the System and in all the Deliverables produced pursuant to this SLA shall belong to the ESIC and the Service Provider shall not have any claim, right, title or interest whatsoever therein. 6. Breach of SLA 6.1 Any breach of this SLA shall be deemed to be a breach of the Prime Services Agreement and any breach of the Prime Services Agreement shall be deemed to be breach of this SLA and accordingly any termination of this SLA shall be deemed to be termination of this Prime Services Agreement. 6.2 Without prejudice to Clause 6.1 above, in the event of the Service Provider being in breach of this SLA including failure to meet any of its obligation under this SLA for a continuous period of 14 days affecting adversely the operations of ESIC and fails to remedy the same and the effects thereof within 21 days of the date of issue of notice in this behalf from ESIC (the “Notice”), the same shall constitute a breach of this SLA and shall entitle ESIC to take, without prejudice to the rights and remedies which ESIC may have under the Prime Services Agreement or otherwise, the following actions: (a) Require the Service Provider to reply to the Notice by return email within 24 hours of the issue thereof but in no event later than 7 days of the date of issue thereof by ESIC to the Service Provider, setting out in detail the reasons therefor, and Employees’ State Insurance Corporation Confidential Page 490 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 (b) Annexures (Part-II) If (i) the Service Provider fails to reply to the above referred Notice within the period setforth in sub-clause (a) above, or (ii) the ESIC is not satisfied with the reply of the Service Provider to the Notice, then ESIC may in its sole and absolute discretion terminate the Prime Services Agreement and all SLA’s (including this SLA) and to have the breach remedied/rectified at the risk and cost of the Service Provider. 6.3 The delay or default by the Service Provider in meeting its obligations under this SLA if solely due to (i) Delay of ESIC in execution and/or approval, if any required, from ESIC, and/or (ii) Occurrence of a Force Majeure Event, shall not be deemed to be a breach of this SLA by the Service Provider provided the Service Provider had advised ESIC in writing, immediately upon occurrence of any such delay by ESIC and/or occurrence of a Force Majeure Event and before the issue of notice pursuant to clause 6.2 above, the consequences of any such delay on the part of ESIC and/or occurrence of a Force Majeure Event. 6.4 The ESIC’s right of termination set forth in this SLA is in addition to and not in derogation of the right of termination which ESIC may have under the Prime Services Agreement. 7. SLA Supervision. 7.1 ESIC will review the performance of the Service Provider against the SLA at any given time or duration. The supervision report about the performance of any Services pursuant to this SLA by the Service Provider or any other agency as appointed by ESIC shall form the basis for imposing Damages for breach of contract. The results of said review will be shared by ESIC with the Service Provider. ESIC reserves the right to appoint a third-party auditor / agency to validate the deliverables under this SLA. 8. Reporting Procedures 8.1 The Service Provider’s representative will prepare and distribute SLA performance reports in the format prescribed by ESIC in consultation with the Service Provider by the first of every month for the entire Term (including renewal, if any, thereof) of the Prime Services Agreement. These reports will include “actual versus target” SLA performance, a variance analysis and discussion of appropriate issues or significant events. 9. Issue Management Procedures 9.1 General a) The issue management process for resolution of any issues arising under this SLA during the entire Term (including renewal, if any, thereof) of the Prime Services Employees’ State Insurance Corporation Confidential Page 491 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 9.2 Annexures (Part-II) Agreement shall be as setforth in Clause 9.2 below. It is expected that this predefined process will only be used on an exception basis if issues are not resolved at lower management levels. All damages mentioned in this SLA are independent of each other and will have cumulative effect. Issue Management Process. The issue management process under this SLA, briefly stated, would be as under: (a) Either the Service Provider or ESIC may document any issue(s) which arises at anytime during the performance of this SLA (the “Issue(s)”) and communicate the same to the other Party hereto within 3 days of it arising; (b) The document referred to in sub-clause (a) above shall contain an objective summary of the Issue(s), the view points of both Service Provider and ESIC and possible solutions thereof; (c) Both the Parties will mutually select an appropriate issue resolution authority to resolve the Issue(s); (d) A meeting or conference call will be conducted between the Parties and the issue resolution authority to resolve the Issue(s) in a timely manner. The documented Issue(s) will be distributed to the participants at least 24 hours prior to the discussion if the Issue(s) is not of an emergent nature requiring immediate attention; (e) The selected issue resolution authority will resolve the Issue(s) communicate the same to the Parties; and (f) In the event any significant business Issue(s) is still unresolved, either Party may have recourse to the Dispute Resolution Procedure set forth in the Prime Services Agreement shall apply. and 10. SLA Change Control 10.1 The SLA has to keep changing as per ESIC information technology requirements during the course of Project. The Change Control Process applicable shall be as set forth in the Prime Services Agreement. In addition and not in derogation of the said Change Control Process the following management processes may be followed with respect to changes: (a) The process for negotiating changes to the SLA as setforth in Schedule K (Article 7 of Prime Service Agreement) hereto; (b) An Issue management process for documenting and resolving particularly difficult Issues as set forth in (Article 19 of Prime Service Agreement hereto; and Employees’ State Insurance Corporation Confidential Page 492 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 (c) Annexures (Part-II) A management escalation process to be used if an Issue is not resolved in a timely manner as briefly described in Para 11 hereto. Any changes to the levels of Service pursuant to this SLA provided during the Term (including renewals) of the Prime Services Agreement will be requested and documented. Either Party can request a change. All changes will be documented as an addendum to this SLA. 10.2 Any amendments to the SLA will be identified through a version control number. In case there are minor changes to the SLA, these can be cumulated and released as a combined SLA. 11. Management Escalation Procedures. 11.1 The purpose of this escalation process is to provide a quick and orderly method of notifying both parties that an Issue is not being successfully resolved at the lowest possible management level. Implementation of this procedure will ensure that ESIC and Service Provider are communicating at the appropriate levels. It is agreed that escalation should take place on an exception basis and only if successful Issue resolution cannot be achieved in a reasonable time frame. 11.2 All Issues would be raised to the Project Management team (referred to in Article 7 of the Prime Services Agreement), which will be completely responsible for the day to day management of the implementation of Services and deliverables under the Prime Services Agreement including this SLA. The Project Management team shall classify the Issues based on their severity level and resolve them within appropriate timelines ensuring that there are no delays in provision of Services. 11.3 If the Project Management team is unable to resolve an issue, the Issue would be escalated to the Project steering committee with options/ risks detailed for decision. The ESIC will make decisions based on the options/ risks presented by the Project Management team. 12. This SLA is supplemental to and not in derogation of the Prime Services Agreement and shall be construed accordingly and in the event of any conflict between provisions of this SLA and the Prime Services Agreement, the provisions of this SLA will prevail only with respect to the Services pursuant to SLA and save and except as aforesaid the provisions of the Prime Services Agreement will prevail. The Service Provider is requested to acknowledge and confirm this SLA. EMPLOYEES STATE INSURANCE CORPORATION By: Name: Employees’ State Insurance Corporation Confidential Page 493 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Title: Address Acknowledged and confirmed [SERVICE PROVIDER] By : Name : Title : Address: Exhibit II A. Project Management for Information Technology Software Services Parameter Description Target Penalty Validation tools / method Project setup time Service Provider is expected to mobilize the team for commencement of work With in the 30 days from date of award of contract. Project kick off meeting with in 2 week from date of issue of LOI. ESIC reserves the right to terminate the contract on failure. Project team to be available as indicated in the proposal, Project kick off meeting , Project management office setup Delivery , Location Installation, wise Go Live Training, plan for all integration & locations testing of all and components / components equipments as given by required for the Service Employees’ State Insurance Corporation Confidential From the 16th Day: 1. Post delivery inspection reports (signed by ESIC official /Nominated Agency & Service Provider). Page 494 of 531 S.no 1 2 Installation , Delivery and Training 1 day is calculated as 24 hours from 1st working hour till the RFP for Selection of Service Provider for Panchdeep 2.0 3 Project implementation timeline for integrated solution Project Panchdeep at all ESIC offices (& concerned locations) Provider. Service Provider is expected to complete the entire Project Panchdeep with in the stipulated time as mentioned in the RFP / Go live plan / Project Plan agreed upon. 100 % adherence to the timelines given by Service Provider in the project plan. No variation will be accepted by ESIC except those time over runs which have been caused directly due to reasons Employees’ State Insurance Corporation Target is be achieved / and any shortfall is to be made up within time lines failing which a grace of 15 days would be given, else penalty mentioned alongside be invoked. Confidential Annexures (Part-II) beginning of the next day’s working hour. For 1st day or part thereof= Rs 50,000/(Rupees fifty thousand) per day 2nd day to 7th days = Rs 100000/(Rupees one lakh) per day More than 7 days (from 8th day) = Rs 500000/(Rupees five lakhs) per day 1 day is calculated as 24 hours from 1st working hour till the beginning of the next day’s working hour. For 1 day or part thereof = Rs 50,000/(Rupees fifty thousand) per day 2nd day to 7th day = Rs 100000/(Rupees one lakh) per day. 2. Training completion certificate along with attendance sheets by Service Provider. 1. Project Plan & schedule 2. Actual Deliverables 3. User Acceptance completion 4. Implementation completion report submitted by Service Provider and duly countersigned by authorized ESIC official. Page 495 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 4. Punch List Items Annexures (Part-II) attributable to ESIC. From 8th day = Rs 500000/(Rupees five lakhs) per day The list To be provided to the cleared with Service Provider in 90 days. along with Provisional Certificate. 1 day is calculated as 24 hours from 1st working hour till the beginning of the next day’s working hour. Post delivery inspection reports (signed by ESIC official /Nominated Agency & Service Provider). For 1 day or part thereof = Rs 50,000/(Rupees fifty thousand) per day 2nd day to 7th day = Rs 100000/(Rupees one lakh) per day. From 8th day = Rs 500000/(Rupees five lakhs) per day Employees’ State Insurance Corporation Confidential Page 496 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Exhibit II B Availability Management ‘A’ Availability & support level for hardware / software / network components in relation to Information Technology Software Services S.No Components 1 Availability (uptime) of solution & all components including hardware /software / network/ storage / power system / cables , etc. located in Data Center, Disaster Recovery centre. Uptime will be calculated on a basis of 24 / 7 * 365 or 366 days availability as applicable Desired Uptime Penalty 99.741% A consolidated report on the up time will be generated through the system. 1 day is calculated as 24 hours from day’s working hour start. Data center or DRC: 1st day = Rs 50,000 per day 2nd& 3rd days = Rs 1,00,000/- (one lakh) per day 4th day onwards = Rs 5,00,000/- (five lakh) per day Data center and DRC: 1st day = Rs 5,00,000/- (five lakh)per day 2nd& 3rd days = Rs 10,00,000/- (ten lakh) per day 4th day onwards = Rs 50,00,000/(fifty lakh) per day 2 Availability (uptime) of solution & all components including hardware /software / network/ storage / power system / cables , etc. located in Data Center, Disaster Recovery centre, Hospitals .Uptime will be calculated on a basis of 24 / 7 * 365 or 366 days availability as applicable 99% A consolidated report on the up time will be generated for all locations through the system and the following formula will be used to calculate the reduction of the Quarterly Annuity Payment (QAP) by a factor Rf(H). given by ( Actual up time/Desired uptime)*( No of hospitals/Total number of locations) 3 Availability (uptime) of solution & all components including hardware /software / network/ storage / power system (UPS) / cables, etc. at all ESIC offices / . Uptime will be 98% A consolidated report on the up time will be generated for all locations through the system and the following formula will be used to calculate the reduction of the Quarterly Annuity Employees’ State Insurance Corporation Confidential Page 497 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Payment (QAP) by a factor Rf(O). given by ( Actual up time/Desired uptime)*( No of Offices/Total number of locations) calculated on a basis of 12 / 7 * 365 or 366 days availability as applicable, the days period beginning with the start of working hours from 9.00 A.M. 4 Availability (uptime) of solution & all components including hardware /software / network/ storage / power system (UPS) / cables , etc. at dispensaries Uptime will be calculated on a basis of 12 / 7 * 365 or 366 days availability as applicable, the days period beginning with the start of working hours from 7.00 A.M. Employees’ State Insurance Corporation Annexures (Part-II) 99% Confidential A consolidated report on the up time will be generated for all locations through the system and the following formula will be used to calculate the reduction of the Quarterly Annuity Payment (QAP) by a factor Rf(D). given by ( Actual up time/Desired uptime)*( No of Dispensaries/Total number of locations): Page 498 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Exhibit II C Performance Management in relation to Information Technology Software Services S.no Parameter 1 Application response time Description Acceptable transaction response time Target Penalty 90% of the 1. Less than response 90% of time to the response end users times to for any end users transaction for any across all ESIC ESIC location locations penalty should be of Rs. less than 1000/30 seconds (Rs one executed thousand over ) per day (day =24 MPLS hours) per location . Validation tools / method Measured daily, penalty applicable on monthly basis. Automated tool to be provided byService Providerfor pre defined transaction response time testing. 2. If greater than 24 hors than penalty will be Rs. 5000/(Rs five thousand per day) per location. Employees’ State Insurance Corporation Confidential Page 499 of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Exhibit II D Information Technology Software Service Management Information Technology Software Service Management Service Provider should setup a helpdesk at DC and DRC. Service Provider shall arrange and maintain within the contract value and throughout the contract period, all infrastructure necessary for managing the Help Desk including manpower cost at the Help Desk location. Manpower deployed for providing Information Technology support services should be equipped with mobile phones. Cost of the same, throughout the contract period shall be borne by the Service Provider within the contract value. Service Provider should provide multiple channels to log a complaint such as cell phones, VoIP, E-mail, Intranet, fax, direct walk-in etc. Service Provider should complete the Issue escalation matrix given below: S.no Contact person Designation Employees’ State Insurance Corporation Contact details Confidential Escalation time Page 500of 531 RFP for Selection of Service Provider for Panchdeep 2.0 Annexures (Part-II) Support level definition S.no Service Area Description 1 Service desk Resident engineers to be provided by Service Provider for all DC, DRC 24 / 7 * 365 or 366 days availability as applicable to do the following activities in relation to Information Technology Software Services : 1. Basic call handling through help desk 2. Configuration management 3. Incident Management 4. Change Management 5. Inventory & Asset management 6. Release Management Penalty 1 day is calculated as 12 hours from beginning of the working hours: 1st day=Rs 5000/(Rs five thousand) per day 2nd & 3rd days = Rs 10000/- (Rs ten thousand) per day From 4th day = Rs 25000/- (Rs twenty-five thousand) per day Validation tool / method Measured on monthly basis as per calls logged / trouble tickets and resolution timelines 7. Patch Management 8.Remote Management 2 Service desk Resident engineers to be provided by Service provider for all hospitals 24 / 7 * 365 or 366 days availability as applicable and at each Regional Office on 12 / 7 * 365 or 366 days basis to do the following activities in relation to Information Technology Software Services: 1. Basic call handling through help desk 2. Configuration management 3. Incident Management 4. Change Management Employees’ State Insurance Corporation Confidential 1 day is calculated as 12 hours from beginning of the working hours: 1st day=Rs 1000/(Rs one thousand) per day 2nd & 3rd days = Rs 2000/- (Rs two thousand) per day From 4th day = Rs 5000/- (Rs five Measured on monthly basis as per calls logged / trouble tickets and resolution timelines Page 501of 531 RFP for Selection of