enterprise infrastructure solutions (eis) - l3harris
TRANSCRIPT
Volume I Network Architecture and Technical Response
Enterprise Infrastructure Solutions (EIS)
The original document was submitted as Harris Corporation, prior to becoming L3Harris Technologies. The following pages are as submitted.
Government Communications Systems
Submission No.: HA00105.1a
HRS_EIS_VOL 1_Technical Response_FEB2019_Redacted_FOIA_Exemption_4.docx
RFP No. QTA0015THA3003
To Be Determined
Volume 1—Network Architecture and Technical Response
Enterprise Infrastructure Solutions(EIS)
For:General Services Administration
Office of Integrated Technology Services1800 F Street, NW
Washington, DC 20405
Attention:Mr. Timothy Horan
FAS EIS Contracting Officer
Telephone (703) [email protected]
Contractor Bid or Proposal information - See FAR 3.104. This proposal or quotation includes data that shall not bedisclosed outside the Government (or in the case of a proposal submitted to a Prime contractor, outside the Prime orthe Government) and shall not be duplicated, used or disclosed- in whole or in part- for any purpose other than toevaluate this proposal or quotation. If, however, a contract is awarded to this offeror or quoter as a result of- or inconnection with- the submission of this data, the Government shall have the right to duplicate, use or disclose the datato the extent provided in the resulting contract. This restriction does not limit the Government’s right to use informationcontained in this data if it is obtained from another source without restriction. The data subject to this restriction arecontained in sheets or displayed on screens as marked. This document or electronic file contains Harris Corporationproprietary information, which is exempt from disclosure under the Freedom of Information Act (5 USC 552). See FAR24.202. Copyright 2016, Harris Corporation.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-ii
APPROVAL
The undersigned have read this plan and agree with its contents.
Harris Corporation:
DateProgram Manager
DateChief Systems Engineer
DateQuality Assurance
DateContracts Manager
DateConfiguration Management
General Services Administration:
Timothy Horan DateFAS EIS Contracting Officer
Name DateTitle
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-iii
TABLE OF CONTENTS
Paragraph Title Page
INTRODUCTION .................................................................................... 1-1
1.0 NETWORK ARCHITECTURE ................................................................ 1-5
2.0 TECHNICAL RESPONSE....................................................................... 1-8
2.1 Mandatory EIS Services ....................................................................... 1-11
2.1.1 Mandatory Data Services...................................................................... 1-12
2.1.1.1 Virtual Private Network Service (VPNS) ............................................... 1-13
2.1.1.1.1 Service and Functional Description (C.2.1.1.1 & C.2.1.1.1.1)............... 1-13
2.1.1.1.2 Standards (C.2.1.1.1.2)......................................................................... 1-16
2.1.1.1.3 Connectivity (C.2.1.1.1.3) ..................................................................... 1-16
2.1.1.1.4 Technical Capabilities (C.2.1.1.1.4) ...................................................... 1-16
2.1.1.1.5 Features (C.2.1.1.2).............................................................................. 1-21
2.1.1.1.6 Interfaces (C.2.1.1.3) ............................................................................ 1-23
2.1.1.1.7 Performance Metrics (C.2.1.1.4)........................................................... 1-23
2.1.1.2 Ethernet Services ................................................................................. 1-25
2.1.1.2.1 Service and Functional Description (C.2.1.2.1 & C.2.1.2.1.1)............... 1-25
2.1.1.2.2 Standards (C.2.1.2.1.2)......................................................................... 1-28
2.1.1.2.3 Connectivity (C.2.1.2.1.3) ..................................................................... 1-29
2.1.1.2.4 Technical Capabilities (C.2.1.2.1.4) ...................................................... 1-29
2.1.1.2.5 Features (C.2.1.2.2).............................................................................. 1-32
2.1.1.2.6 Interfaces (C.2.1.2.3) ............................................................................ 1-32
2.1.1.2.7 Performance Metrics (C.2.1.2.4)........................................................... 1-32
2.1.2 Mandatory Voice Services .................................................................... 1-34
2.1.2.1 Internet Protocol Voice Service............................................................. 1-34
2.1.2.1.1 Service and Functional Description (C.2.2.1.1 & C.2.2.1.1.1)............... 1-36
2.1.2.1.2 Standards (C.2.2.1.1.2)......................................................................... 1-40
2.1.2.1.3 Connectivity (C.2.2.1.1.3) ..................................................................... 1-41
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-iv
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.1.2.1.4 Technical Capabilities (C.2.2.1.1.4) ...................................................... 1-41
2.1.2.1.5 Features (C.2.2.1.2).............................................................................. 1-43
2.1.2.1.6 Interfaces (C.2.2.1.3) ............................................................................ 1-45
2.1.2.1.7 Performance Metrics (C.2.2.1.4)........................................................... 1-45
2.1.2.1.8 Managed LAN Service (C.2.2.1.5) ........................................................ 1-46
2.1.2.1.9 Session Initiation Protocol Trunk Service (C.2.2.1.6)............................ 1-47
2.1.2.1.10 Technical Capabilities (C.2.2.1.6.1) ...................................................... 1-47
2.1.2.1.11 Features (C.2.2.1.6.2)........................................................................... 1-47
2.1.3 Mandatory Managed Services .............................................................. 1-48
2.1.3.1 Managed Network Services (MNS)....................................................... 1-48
2.1.3.1.1 Service and Functional Description (C.2.8.1.1 & C.2.8.1.1.1)............... 1-49
2.1.3.1.2 Standards (C.2.8.1.1.2)......................................................................... 1-52
2.1.3.1.3 Connectivity (C.2.8.1.1.3) ..................................................................... 1-52
2.1.3.1.4 Technical Capabilities (C.2.8.1.1.4) ...................................................... 1-53
2.1.3.1.5 Features (C.2.8.1.2).............................................................................. 1-59
2.1.3.1.6 Interfaces (C.2.8.1.3) ............................................................................ 1-65
2.1.3.1.7 Performance Metrics (C.2.8.1.4)........................................................... 1-65
2.1.4 Mandatory Access Arrangements (AA)................................................. 1-66
2.1.4.1 Service and Functional Description (C.2.9.1 & C.2.9.1.1)..................... 1-66
2.1.4.2 Standards (C.2.9.1.2)............................................................................ 1-70
2.1.4.3 Connectivity (C.2.9.1.3) ........................................................................ 1-70
2.1.4.4 Technical Capabilities (C.2.9.1.4) ......................................................... 1-70
2.1.4.5 Access Diversity and Avoidance (C.2.9.2) ............................................ 1-72
2.1.4.6 Interfaces (C.2.9.3) ............................................................................... 1-77
2.2 OPTIONAL EIS SERVICES.................................................................. 1-77
2.2.1 Optional Data Services ......................................................................... 1-78
2.2.1.1 Optical Wavelength Service (OWS)...................................................... 1-79
2.2.1.1.1 Service and Functional Description (C.2.1.3.1 & C.2.1.3.1.1)............... 1-79
2.2.1.1.2 Standards (C.2.1.3.1.2)......................................................................... 1-81
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-v
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.1.1.3 Connectivity (C.2.1.3.1.3) ..................................................................... 1-82
2.2.1.1.4 Technical Capabilities (C.2.1.3.1.4) ...................................................... 1-82
2.2.1.1.5 Features (C.2.1.3.2).............................................................................. 1-83
2.2.1.1.6 Interfaces (C.2.1.3.3) ............................................................................ 1-84
2.2.1.1.7 Performance Metrics (C.2.1.3.4)........................................................... 1-84
2.2.1.2 Synchronous Optical Network (SONET) Services ................................ 1-85
2.2.1.2.1 Service and Functional Description (C.2.1.5.1 & C.2.1.5.1.1)............... 1-86
2.2.1.2.2 Standards (C.2.1.5.1.2)......................................................................... 1-89
2.2.1.2.3 Connectivity (C.2.1.5.1.3) ..................................................................... 1-89
2.2.1.2.4 Technical Capabilities (C.2.1.5.1.4) ...................................................... 1-89
2.2.1.2.5 Features (C.2.1.5.2).............................................................................. 1-90
2.2.1.2.6 Interfaces (C.2.1.5.3) ............................................................................ 1-91
2.2.1.2.7 Performance Metrics (C.2.1.5.4)........................................................... 1-91
2.2.1.3 Internet Protocol Service....................................................................... 1-92
2.2.1.3.1 Service and Functional Description (C.2.1.7.1 & C.2.1.7.1.1)............... 1-92
2.2.1.3.2 Standards (C.2.1.7.1.2)......................................................................... 1-95
2.2.1.3.3 Connectivity (C.2.1.7.1.3) ..................................................................... 1-96
2.2.1.3.4 Technical Capabilities (C.2.1.7.1.4) ...................................................... 1-96
2.2.1.3.5 Features (C.2.1.7.2).............................................................................. 1-98
2.2.1.3.6 Interfaces (C.2.1.7.3) ............................................................................ 1-99
2.2.1.3.7 Performance Metrics (C.2.1.7.4)........................................................... 1-99
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-vi
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.4 Optional Collocated Hosting Service .................................................. 1-100
2.2.4.1 Functional Definition (C.2.4.1) ............................................................ 1-100
2.2.4.2 Standards (C.2.4.2) ............................................................................ 1-102
2.2.4.3 Connectivity (C.2.4.3) ......................................................................... 1-102
2.2.4.4 Technical Capabilities (C.2.4.4) .......................................................... 1-102
2.2.4.5 Features (C.2.4.5)............................................................................... 1-106
2.2.4.6 Performance Metrics (C.2.4.5.1)......................................................... 1-106
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-vii
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.6 Optional Wireless Services ................................................................. 1-107
2.2.6.1 Service and Functional Description (C.2.6.1 & C.2.6.1.1)................... 1-108
2.2.6.2 Standards (C.2.6.1.2).......................................................................... 1-110
2.2.6.3 Connectivity (C.2.6.1.3) ...................................................................... 1-111
2.2.6.4 Technical Capabilities (C.2.6.1.4) ....................................................... 1-111
2.2.6.5 Features (C.2.6.2)............................................................................... 1-111
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-viii
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.6.6 Interfaces (C.2.6.3) ............................................................................. 1-113
2.2.6.7 Performance Metrics (C.2.6.4)............................................................ 1-113
2.2.7 Optional Commercial Satellite Communications Service .................... 1-114
2.2.7.1 Service and Functional Description (C.2.7.1 & C.2.7.1.1)................... 1-114
2.2.7.2 Standards (C.2.7.1.2).......................................................................... 1-115
2.2.7.3 Technical Capabilities (C.2.7.1.3) ....................................................... 1-116
2.2.7.4 Features (C.2.7.2)............................................................................... 1-117
2.2.7.5 Performance Metrics (C.2.7.3)............................................................ 1-120
2.2.8 Optional Managed Services................................................................ 1-121
2.2.8.1 Web Conferencing Service (WCS) ..................................................... 1-122
2.2.8.1.1 Service and Functional Description (C.2.8.2.1 & C.2.8.2.1.1)............. 1-122
2.2.8.1.2 Standards (C.2.8.2.1.2)....................................................................... 1-124
2.2.8.1.3 Connectivity (C.2.8.2.1.3) ................................................................... 1-124
2.2.8.1.4 Technical Capabilities (C.2.8.2.1.4) .................................................... 1-125
2.2.8.1.5 Features (C.2.8.2.2)............................................................................ 1-127
2.2.8.1.6 Interfaces (C.2.8.2.3) .......................................................................... 1-127
2.2.8.1.7 Performance Metrics (C.2.8.2.4)......................................................... 1-128
2.2.8.2 Unified Communications Service (UCS) ............................................. 1-128
2.2.8.2.1 Service and Functional Description (C.2.8.3.1 & C.2.8.3.1.1)............. 1-131
2.2.8.2.2 Standards (C.2.8.3.1.2)....................................................................... 1-136
2.2.8.2.3 Connectivity (C.2.8.3.1.3) ................................................................... 1-136
2.2.8.2.4 Technical Capabilities (C.2.8.3.1.4) .................................................... 1-136
2.2.8.2.5 Features (C.2.8.3.2)............................................................................ 1-137
2.2.8.2.6 Interfaces (C.2.8.3.3) .......................................................................... 1-137
2.2.8.2.7 Performance Metrics (C.2.8.3.4)......................................................... 1-137
2.2.8.3 RESERVED........................................................................................ 1-138
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-ix
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.8.4 Managed Security Service (MSS)....................................................... 1-138
2.2.8.4.1 Service and Functional Description (C.2.8.5.1 & C.2.8.5.1.1)............. 1-138
2.2.8.4.1.1 Managed Prevention Services ............................................................ 1-138
2.2.8.4.1.2 Vulnerability Scanning Services.......................................................... 1-139
2.2.8.4.1.3 Incident Response Service ................................................................. 1-139
2.2.8.4.2 Standards (C.2.8.5.1.2)....................................................................... 1-140
2.2.8.4.3 Connectivity (C.2.8.5.1.3) ................................................................... 1-140
2.2.8.4.4 Technical Capabilities (C.2.8.5.1.4) .................................................... 1-140
2.2.8.4.4.1 Managed Prevention Service (MPS)................................................... 1-141
2.2.8.4.4.2 Vulnerability Scanning Service (VSS)................................................. 1-144
2.2.8.4.4.3 Incident Response Service (INRS) ..................................................... 1-146
2.2.8.4.5 Features (C.2.8.5.2)............................................................................ 1-148
2.2.8.4.5.1 Managed Prevention Service (MPS)................................................... 1-148
2.2.8.4.5.2 Vulnerability Scanning Service (VSS)................................................. 1-152
2.2.8.4.5.3 Incident Response Service (INRS) ..................................................... 1-153
2.2.8.4.6 Interfaces (C.2.8.5.3) .......................................................................... 1-153
2.2.8.4.7 Performance Metrics (C.2.8.5.4)......................................................... 1-153
2.2.8.5 Managed Mobility Service (MMS) ....................................................... 1-153
2.2.8.5.1 Service and Functional Description (C.2.8.6.1 & C.2.8.6.1.1)............. 1-154
2.2.8.5.2 Standards (C.2.8.6.1.2)....................................................................... 1-157
2.2.8.5.3 Connectivity (C.2.8.6.1.3) ................................................................... 1-157
2.2.8.5.4 Technical Capabilities (C.2.8.6.1.4) .................................................... 1-157
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-x
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.8.5.5 Features (C.2.8.6.2)............................................................................ 1-161
2.2.8.5.6 Interfaces (C.2.8.6.3) .......................................................................... 1-161
2.2.8.5.7 Performance Metrics (C.2.8.6.4)......................................................... 1-161
2.2.8.6 Audio Conferencing Service (ACS)..................................................... 1-162
2.2.8.6.1 Service and Functional Description (C.2.8.7.1 & C.2.8.7.1.1)............. 1-162
2.2.8.6.2 Standards (C.2.8.7.1.2)....................................................................... 1-164
2.2.8.6.3 Connectivity (C.2.8.7.1.3) ................................................................... 1-164
2.2.8.6.4 Technical Capabilities (C.2.8.7.1.4) .................................................... 1-164
2.2.8.6.5 Features (C.2.8.7.2)............................................................................ 1-165
2.2.8.6.6 Interfaces (C.2.8.7.3) .......................................................................... 1-166
2.2.8.6.7 Performance Metrics (C.2.8.7.4)......................................................... 1-166
2.2.8.7 Video Teleconferencing Service (VTS)............................................... 1-166
2.2.8.7.1 Service and Functional Description (C.2.8.8.1 & C.2.8.8.1.1)............. 1-167
2.2.8.7.2 Standards (C.2.8.8.1.2)....................................................................... 1-169
2.2.8.7.3 Connectivity (C.2.8.8.1.3) ................................................................... 1-169
2.2.8.7.4 Technical Capabilities (C.2.8.8.1.4) .................................................... 1-170
2.2.8.7.5 Features (C.2.8.8.2)............................................................................ 1-171
2.2.8.7.6 Interfaces (C.2.8.8.3) .......................................................................... 1-172
2.2.8.7.7 Performance Metrics (C.2.8.8.4)......................................................... 1-172
2.2.8.8 DHS Intrusion Prevention Security Service (DHS Only) ..................... 1-172
2.2.8.8.1 Service and Functional Description (C.2.8.9.1 & C.2.8.9.1.1)............. 1-173
2.2.8.8.2 Standards (C.2.8.9.1.2)....................................................................... 1-173
2.2.8.8.3 Connectivity (C.2.8.9.1.3) ................................................................... 1-173
2.2.8.8.4 Technical Capabilities (C.2.8.9.1.4) .................................................... 1-174
2.2.8.8.5 Features (C.2.8.9.2)............................................................................ 1-178
2.2.8.8.6 Interfaces (C.2.8.9.3) .......................................................................... 1-179
2.2.8.8.7 Performance Metrics (C.2.8.9.4)......................................................... 1-179
2.2.9 Service-Related Equipment (C.2.10) .................................................. 1-179
2.2.10 Service-Related Labor (C.2.11) .......................................................... 1-182
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xi
TABLE OF CONTENTS (continued)
Paragraph Title Page
2.2.11 Cable and Wiring (C.2.12) .................................................................. 1-183
2.2.11.1 Installation Services............................................................................ 1-184
2.2.11.2 Required Connectivity......................................................................... 1-184
2.2.11.3 Site Preparation .................................................................................. 1-184
2.2.11.4 Wiring/Cabling Warranty ..................................................................... 1-185
3.0 SECTION 508 REQUIREMENTS ....................................................... 1-185
3.1 Background......................................................................................... 1-185
3.2 Voluntary Product accessibility Template ........................................... 1-185
3.3 Section 508 Applicability to Technical Requirements ......................... 1-185
3.4 Section 508 Provisions Applicable to Technical Requirements .......... 1-185
3.5 Section 508 Provisions Applicable to Reporting and Training............. 1-186
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xii
LIST OF ATTACHMENTS
Attachment Title Page
1 Program Management Plan .................................................................1-1-1
2 SCRM Plan ..........................................................................................1-2-1
3 Draft BSS Verification Test Plan ..........................................................1-3-1
4 EIS Verification Test Plan ....................................................................1-4-1
5 Climate Risk Management Plan...........................................................1-5-1
6 Financial Status Report (Sample) ........................................................1-6-1
7 BSS Risk Management Framework Plan.............................................1-7-1
8 NS/EP Functional Requirements Implementation Plan........................1-8-1
LIST OF ILLUSTRATIONS
Figure Title Page
2.1.1.1.1 Harris VPN Service Types .................................................................... 1-15
2.1.1.1.4-1 Best Effort QoS..................................................................................... 1-17
2.1.1.1.4-2 Interface Based QoS............................................................................. 1-18
2.1.1.1.4-3 End-to End QoS.................................................................................... 1-18
2.1.1.1.4-4 IntServ QoS .......................................................................................... 1-19
2.1.1.1.5-1 Load sharing example........................................................................... 1-21
2.1.1.1.5-2 Diverse Access Examples .................................................................... 1-22
2.1.1.2.1-1 Harris Ethernet Transport Service Types.............................................. 1-26
2.1.2.1.1-2 Harris Point-to Point ETS E-LINE Service ............................................ 1-27
2.1.2.1.1-3 Harris Multipoint ETS E-LAN Service ................................................... 1-27
2.1.2.1.1-4 Harris Rooted-to-Multipoint ETS Service .............................................. 1-28
2.1.2.1-1 The Harris Solution Provides Full Service Coverage
for all IPVS Needs ................................................................................ 1-35
2.1.2.1-2 Harris Assures Agency Users Superior Service.................................... 1-36
2.1.2.1.1 Harris IPVS Delivery Platform............................................................... 1-38
2.1.3.1.1 Harris MNS Delivery System ................................................................ 1-50
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xiii
LIST OF ILLUSTRATIONS (continued)
Figure Title Page
2.1.3.1.5 Instrumentation for Measuring SLA/KPIs with
EINSTEIN Enclave Loopbacks ............................................................. 1-66
2.1.4.5-1 Example of single Access Arrangement ............................................... 1-73
2.1.4.5-2 Example of Carrier and Geographic Diversity Access Arrangement..... 1-73
2.1.4.5-3 Example of On-Net and Carrier Diversity Access Arrangement............ 1-74
2.2.1.1.1 Harris Optical Wave Service ................................................................. 1-81
2.2.1.2.1 Harris SONET Service .......................................................................... 1-86
2.2.1.3.1-1 Harris IPS Solution ............................................................................... 1-93
2.2.1.3.1-2 Harris IPS Internet Access Solution...................................................... 1-94
2.2.1.3.1-3 Harris IPS Extranet Solution ................................................................. 1-94
2.2.1.3.1-4 Harris IPS Intranet Solution .................................................................. 1-95
2.2.1.3.4 Harris IPS Peering Arrangements......................................................... 1-97
2.2.4.1 The Harris Collocated Hosting Service ............................................... 1-101
2.2.4.4 Harris Data Center locations per RLSAs............................................. 1-103
2.2.6.1 Harris MWS Delivery Platform ............................................................ 1-109
2.2.7 Harris’ Portfolio of Satellite Capacity Access. Our access to satellite
capacity provides unparalleled global coverage. ................................ 1-114
2.2.7.4 Harris CMSS Information Assurance Boundary.................................. 1-119
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xiv
LIST OF ILLUSTRATIONS (continued)
Figure Title Page
2.2.8.1.1 Harris WCS Delivery Platform............................................................. 1-123
2.2.8.2 Our MS Skype for Business/MS Office 365 Solution
Supports UCS and all Related Agency Conferencing Requirements.. 1-130
2.2.8.2.1 Harris UCS Delivery Platform ............................................................. 1-132
2.2.8.4.4.2 Integration of Harris VSS and INRS services
into a cohesive, proactive security environment ................................. 1-146
2.2.8.6.1 Harris ACS Delivery Platform.............................................................. 1-163
2.2.8.7.1 Harris VTS Delivery Platform .............................................................. 1-168
LIST OF TABLES
Table Title Page
2.1 Harris Mandatory Service Summary ..................................................... 1-11
2.1.1.1 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-13
2.1.1.1.4 VPNS QoS Modes ................................................................................ 1-17
2.1.1.1.6 Harris VPNS SDP Interfaces ................................................................ 1-23
2.1.1.1.7 Harris VPNS Key Performance Metrics ................................................ 1-24
2.1.1.2 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-25
2.1.1.2.4-1 Harris ETS Technical Capabilities (3 – 11) ........................................... 1-30
2.1.1.2.4-2 Harris ETS Technical Capabilities (15 – 26) ......................................... 1-31
2.1.1.2.7 Harris ETS Key Performance Metrics ................................................... 1-33
2.1.2.1 Correlation of Technical Evaluation Criteria and Harris Solution .......... 1-34
2.1.2.1.4 Harris IPVS Technical Capabilities ....................................................... 1-41
2.1.2.1.5 Harris IPVS Features............................................................................ 1-43
2.1.2.1.7 Harris IPVS Key Performance Metrics.................................................. 1-45
2.1.3.1 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-48
2.1.3.1.1-1 The Harris Managed Service Portfolio .................................................. 1-51
2.1.3.1.1-2 Harris Managed Network Services Coverage
for non-domestic locations ...................... 1-Error! Bookmark not defined.
2.1.3.1.4-1 Protocols used and Supported by Harris .............................................. 1-53
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xv
LIST OF TABLES (continued)
Table Title Page
2.1.3.1.4-2 Harris Network and Security Management Monitoring Branded Tools 1-55
2.1.3.1.4-3 Harris Monitoring, Troubleshooting, and Reporting Capabilities
for MNS................................................................................................. 1-57
2.1.3.1.5 Services including C.1.8.8 National Policy Requirements.................... 1-61
2.1.4 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-66
2.1.4.4 Harris Access Arrangements & Associated Technical Capabilities....... 1-70
2.2 Harris Optional Service Summary......................................................... 1-78
2.2.1.1 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-79
2.2.1.1.4 Harris OWS Technical Capabilities....................................................... 1-82
2.2.1.1.5 Harris OWS Features............................................................................ 1-83
2.1.1.2.7 Harris OWS Key Performance Metrics.................................................. 1-85
2.2.1.2 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-85
2.2.1.2.4 Harris SONET Technical Capabilities ................................................... 1-89
2.2.1.2.5 Harris SONET Features........................................................................ 1-90
2.2.1.2.7 Harris SONET Key Performance Metrics.............................................. 1-91
2.2.1.3 Correlation of Technical Evaluation Criteria and Harris Offer ............... 1-92
2.2.1.3.4 Harris IPS Technical Capabilities.......................................................... 1-96
2.2.1.3.7 Harris IPS Key Performance Metrics .................................................... 1-99
2.2.4 Correlation of Technical Evaluation Criteria and Harris Offer ............. 1-100
2.2.4.1 Collocated Hosting Service Functional Definition ............................... 1-101
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xvi
LIST OF TABLES (continued)
Table Title Page
2.2.4.4-1 Harris EIS Collocated Hosting Service:
Facilitating Regional LSA Transitions and Cloud Enablement ............ 1-103
2.2.4.4-2 Harris Primary Colocation Data Center: Full Spectrum Of Services ... 1-104
2.2.6 Correlation of Technical Evaluation Criteria and Harris Solution ........ 1-107
2.2.6.4 Harris MWS Technical Capabilities..................................................... 1-111
2.2.6.5 Harris MWS Features ......................................................................... 1-112
2.2.6.7 Harris MWS Key Performance Metrics ............................................... 1-113
2.2.7.2 Harris CMSS Standards Compliance.................................................. 1-116
2.2.7.3 Harris CSCS Technical Capabilities ................................................... 1-117
2.2.7.4 Harris CSCS Features ........................................................................ 1-117
2.2.7.5 Harris CSCS Key Performance Metrics .............................................. 1-120
2.2.8.1 Correlation of Technical Evaluation Criteria and Harris Solution ........ 1-122
2.2.8.1.4 Harris WCS Technical Capabilities ..................................................... 1-125
2.2.8.2 Correlation of Technical Evaluation Criteria and Harris Solution ........ 1-128
2.2.8.2.4 Harris UCS Technical Capabilities...................................................... 1-136
2.2.8.2.7 Harris UCS Key Performance Metrics................................................. 1-137
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xvii
LIST OF TABLES (continued)
Table Title Page
2.2.8.4 Correlation of Technical Evaluation Criteria and Harris Solution Offer 1-138
2.2.8.4.4.1 Harris MPS Technical Capabilities...................................................... 1-141
2.2.8.4.4.2-1 Components Probed by Harris VSS ................................................... 1-145
2.2.8.4.4.2-2 Protocols and Applications Scanned by Harris VSS ........................... 1-145
2.2.8.4.4.2-3 Types of Attacks Addressed by the Harris VSS.................................. 1-145
2.2.8.5 Correlation of Technical Evaluation Criteria and Harris Solution ........ 1-153
2.2.8.5.4-1 Harris MDM Technical Capabilities..................................................... 1-157
2.2.8.5.4-2 Harris MAM Technical Capabilities ..................................................... 1-158
2.2.8.5.4-3 Harris MMS Managed Security Technical Capabilities ....................... 1-159
2.2.8.6 Correlation of Technical Evaluation Criteria and Harris Solution ........ 1-162
2.2.8.6.4 Harris ACS Technical Capabilities ...................................................... 1-164
2.2.8.6.5 Harris ACS Features........................................................................... 1-165
2.2.8.7 Correlation of Technical Evaluation Criteria and Harris Solution ........ 1-167
2.2.8.7.4 Harris VTS Technical Capabilities ...................................................... 1-170
2.2.8.7.5-1 Harris VTS Features ........................................................................... 1-171
2.2.8.8 Correlation of Technical Evaluation Criteria and Harris Offer ............. 1-172
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xviii
LIST OF ACRONYMS
AAD Azure Active Directory
ACL Access Control Lists
ACS Audio Conferencing Service
ACS Authenticated Configuration Scanner
AES Advanced Encryption Standard
ALM Agile Lifecycle Management
AMP Automated Malware Protection
ANI Automatic Number Identification
ARIN American Registry for Internet Numbers
AS Autonomous System
ASON Automatically Switched Optical Networks
ATIS Alliance for Telecommunications Industry Solutions
AVS Audio Visual Interleave
AWS Amazon Web Services
BAMS-D Broad Area Maritime Surveillance-Demonstrator
BCI Bit Count Integrity
BDPaas Big Data Platform as a Service
BER Bit-Error-Rate
BGP Border Gateway Protocol
BLSR Bi-directional Line Switched Ring
BSS Business Support System
BSS Business System Solution
BYOD Bring Your Own Device
CA Computer Associates
CAP Compliance and Assurance Program
CBS Committed Burst Size
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xix
LIST OF ACRONYMS (continued)
CBSA Core Based Statistical Area
CBSA Core Based Statistical Areas
CBWFQ Class Based Weighted Fair queueing
CCV Common Computer Vulnerability
CDN Content Delivery Network
CE Customer Edge
CFSS Commercial Fixed Satellite Service
CGI-BIN Common Gateway Interface-Binary
CHS Collocated Hosting Services
CIR Committed Information Rate
CLEC Competitive Local Exchange Carriers
CMSS Commercial Mobile Satellite Service
CNM Customer Network Management
CODEC Coder-Decoder
COMSATCOM Communications Satellite
CONUS Continental United States
COOP Continuity of Operations
CoS Class of Service
COTS Commercial-off-the-Shelf
CPE Customer Premise Equipment
CRM Customer Relationship Management
CSCS Commercial Satellite Communications Service
CTI Computer Telephony Integration
CVE Common Vulnerabilities and Exposures
DA Data Aggregator
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xx
LIST OF ACRONYMS (continued)
DATS DISA Access Transport Services
DCOM Distributed Component Object Model
DHS Department of Homeland Security
DiffServ Differentiated Services
DISA Defense Information Systems Agency
DLA Defense Logistics Agency
DLP Data Loss Prevention
DLR Design Layout Record
DMZ Demilitarized Zones
DNS Domain Name Service
DNS Domain Name System
DoD Department of Defense
DoS Denial of Service
DR Disaster Recovery
DTMF Dual-tone multi-frequency
DWDM Dense Wavelength Division Multiplexed
DWDM Dense Wavelength Division Multiplexing
EAP Enterprise Application Platform
EESS Eutelsat Earth Station Standards
EIS Enterprise Infrastructure Services
EMI Electro-Magnetic Interference
ERM E-mail Response Management
ERP Enterprise Resource Planning
ESI Electronically Stored Information
ETS Ethernet Transport Services
ETS Ethernet Transport Service
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxi
LIST OF ACRONYMS (continued)
EVC Ethernet virtual connection
EWS Enterprise Web Server
EXP Experimental
FAA Federal Aviation Administration
FAR Federal Acquisition Regulation
FCC Federal Communications Commission
FedRAMP Federal Risk and Authorization Management Program
FIPS Federal Information Processing Standards
FISMA Federal Information Security Management Act
FTI FAA Telecommunications Infrastructure
FTP File Transfer Protocol
GFI Government Furnished Information
GFP Government Furnished Property
GMPLS Global MPLS
GO Geostationary Orbit
GRE Generic Route Encapsulation
GSA General Services Administration
HA High Availability
HCM Human Capital Management
HNAT Harris Network Availability Tool
HSPD Homeland Security Presidential Directive
IaaS Infrastructure-as-a-Service
ICB Individually Case Based
ICD Intelligence Community Directive
IESS Intelsat Earth Station Standards
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxii
LIST OF ACRONYMS (continued)
IETF Internet Engineering Task Force
IFC In-Flight Connectivity
IFE In-Flight Entertainment
INRS Incident Response Service
IOF Inter Office Facilities
IPS Intrusion Prevention Systems
IPS Internet Protocol Service
IPSS Intrusion Prevention Security Services
IPVS Internet Protocol Voice Service
ISDN-BRI Services Digital Network- Basic Rate Interface
IT Information Technology
ITAR International Traffic in Arms Regulations
ITIL Information Technology Infrastructure Library
ITSM Information Technology Service Management
ITU International Telecommunications Union
IVR Interactive Voice Response
JAB Joint Authorization Board
JIT Just-in-Time
KPI Key Performance Indicators
KPIS Key Performance Indicators
KuSS Ku Spread Spectrum
LDAP Ligntweight Directory Access Protocol
LDP Label Distribution Protocol
LEC Local Exchange Carriers
LEED Leadership in Facility Energy and Environment Design
LNP Local Number Portability
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxiii
LIST OF ACRONYMS (continued)
loT Internet of Things
LSA Local Service Agreements
LTE Long-Term Evolution
LUN Logical Unit Number
MAM Mobile Application Management
MARSS Medium Altitude Reconnaissance Surveillance System
MAS/UAS Manned/Unmanned Aerial Systems
MBS Maximum Burst Size
MCM Mobile Content Management
MDM Mobile Device Management
MEF Metro Ethernet Forum
MIME Multimedia Internet Mail Extension
MMS Mobility Managed Service
MNS Managed Network Service
MOS Mean Opinion Score
MPLS Multi-Protocol Label Switching
MPS Managed Prevention Service
MR Maintenance Request
MS Microsoft
MSO Multiple Service Operators
MSS Mobile Satellite Services
MSS Managed Mobility Service
MTIPS Managed Trusted Internet Protocol Service
MW Megawatts
NANP North American Numbering Plan
NAS National Airspace System
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxiv
LIST OF ACRONYMS (continued)
NAT Network Address Translation
NFA Netflow Analyzer
NFV/SDN Network Function Virtualization and Software Defined Network
NMS Network Management System
NNI Network-to-Network Interfaces
NOC Network Operation Center
NOC/SOC Network and Security Operations Center
NS/EP National Security and Emergency Preparedness
NSS National Security Systems
NTSC National Television Standards Committee
O&M Operations and Maintenance
OA Office Automation
OADM Optical Add-Drop Multiplexers
OC Pptical Carrier
OCO Ordering Contracting Officer
OCONUS Outside the Continental United States
OIF Optical Internetworking Forum
OMB Office of Management and Budget’s
OSS Operations Support System
OWS Optical Wavelength Service
PAL Phase Alternation by Line
PAT Port Address Translation
P-ATO Provisional Authorities to Operate
PBX Private Branch Exchange
PC Performance Center
PCL Physical Concentration Location
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxv
LIST OF ACRONYMS (continued)
PDU Protocol Data Units
PIR Peak Information Rate
PM Performance Monitoring
POC Point of Contact
PoE Power over Ethernet
POP Point-of-Presence
PS/ALI Private Switch/Automatic Location Identification
PSAP Public Safety Answering Point
PSTIN Public Switched Telephone Network
QoS Quality of Services
QTS Quality Technology Services
RADIUS Remote Authentication Dial-In User Service
RBAC Role Based Access Controls
RF Radio Frequency
RFC Requests for Comments
RPC Remote Procedure Call
RSVP Resource Reservation Protocol
RTP Real-Time Transport Protocol
SAN Storage Area Network
SATCOM Satellite Communications
SBC Session Border Controller
SCAP Secure Content Automation Protocol
SCIF Sensitive Compartmented Information Facilities
SCR SIP Core Routing
SDK Software Development Kit
SDN Software Defined Networks
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxvi
LIST OF ACRONYMS (continued)
SDP Service Delivery Point
SEC Security
SECAM Système Electronique Couleur Avec Memoire
SF Square footage
SHD Service Health Dashboard
SIEM Security Information and Event Management
SIP Session Initiation Protocol
SLA Service Level Agreement
SMB Server Message Block
SME Subject Matter Experts
SMS Short Messaging Services
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SOAP Simple Object Access Protocol
SOC Security Operations Center
SOH Section Overhead
SONET Synchronous Optical Networking
SOW Statement of Work
SP Special Publication
SRE Service Related Equipment
SRL Service Related Labor
SSAE Service Organization Management Controls
SSL Secure Socket Layer
SSMT Site and Service Management Tool
SSO Single Sign-on
TaaS Testing as a Service
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxvii
LIST OF ACRONYMS (continued)
TACACS Terminal Access Controller Access Control System
TIC Trusted Internet Connection
TDD Test Driven Development
TDM Time Division Multiplexed
TIA Telecommunications Industry Association
TICAP Trusted Internet Connection Access Provider
TO Task Order
TTR Time to Restore
ToS Type of Service
TS/SI Top Secret/Sensitive Information
TSP Telecommunication Service Priority
UCS Unified Communication Service
UIM Unified Infrastructure Manager
UM Unified Messaging
UNI User Network Interface
UPSR Uni-directional Path Switched Ring
US-CERT United States Computer Emergency Response Team
VADER Vehicle and Dismount Exploitation Radar
VAR Value Added Reseller
VESDA Very Early Smoke Detection Apparatus
VoD Video on Demand
VolP Voice Over Internet Protocol
VPN Virtual Private Network
VPNS Virtual Private Network Service
vR vRealize
VTS Video Teleconferencing Service
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-xxviii
LIST OF ACRONYMS (continued)
WAN Wide Area Networks
WCS Web Conferencing Service
WFM Workforce Management
WPS Wireless Priority Services
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-3
services in the areas of Service Related Equipment (SRE), Service Related Labor (SRL),
and Cable and Wiring services with the intent to broaden their work scope and expand
their responsibility and authority as task orders are awarded to Harris. In addition, we
have established a core group of small businesses with next-generation capabilities to
ensure we stay abreast of emerging technologies that may be introduced to the GSA and
our Federal Government Customers as missions, goals, and objectives change and new
capabilities are required (i.e., Software Defined Networking (SDN) and Network
Functional Virtualization (NFV)).
Our core network backbone natively supports data, voice, and video as well as
network services such as Optical Wave Service (OWS), SONET services, co-located
hosting, , wireless communications, satellite communications and other ancillary services,
e.g., web, voice and video conferencing. Our comprehensive services and global reach
enable us to support an ideal mix of services across an expansive coverage area. We are
fully prepared to leverage our core network and essential security service capabilities on
EIS to ensure cost-effective procurements of superior end-to-end solutions for all federal
agencies.
Harris also offers GSA an extensive set of in-place, global network assets and
services to ensure that we can readily provide services to OCONUS and non-domestic
locations. Harris will partner with the GSA to shape the next-generation of
telecommunications and IT infrastructure services that provide high levels of availability,
reliability, flexibility and agility, ease of implementation and continued evolution. Our
offering, which includes transition assistance support, also yields high quality
services that will meet federal agency needs while maintaining cost competiveness.
We achieve these objectives by understanding and using proven operational processes
and establishing valid service performance monitoring and measurement of key network
parameters such as bandwidth utilization, latency, jitter, and packet loss.
To succeed, EIS needs a Critical Network Provider that understands the customer
missions, adopts those missions as their own, and focuses on innovative, customized,
low cost end-to-end infrastructure solutions. EIS needs a team with the proven capability
to design, procure, deploy, transition, and operationally manage a telecommunications
network and a broad range of telecommunications services. And, EIS needs a partner
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-4
that has a proven record of meeting all KPIs/SLAs and delivering major cost savings
through cost effective services and optimization efforts.
Harris offers GSA and each Agency user a best-value, low-risk, cost-effective EIS
solution that leverages existing network infrastructure, diverse domain experts,
and a robust portfolio of IT services to ensure end-to-end integrated solutions.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-5
1.0 NETWORK ARCHITECTURE
. This customization
and tailoring of our private network yields focused security solutions, high throughput, and
low latency by eliminating bandwidth resource contention with multiple customers.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-6
Ethernet services,
complying with the Metro Ethernet Forum (MEF) standards for E-LINE, E-LAN and
E-TREE services. Voice services are implemented using Voice over IP (VoIP) technology.
Our Internet Protocol Voice Service (IPVS) supports Session Initiation Protocol (SIP)
Trunking and interoperability with the Public Switched Telephone Network (PSTN).
Managed Network Services (MNS) supports all EIS-provided services through the design,
engineering, implementation, transport, access, and management necessary to deploy,
operate, and maintain agency-specific networks. The Harris core network can also be
augmented, if required, by implementing our optional data services such as Optical
Wavelength Service (OWS) and SONET services.
Harris’ offer includes cellular wireless 3G/4G, Long-Term Evolution (LTE) services,
WiFi, and satellite communications fixed and mobile services. These services can be
provided as stand-alone services and/or as alternative access services integrated with
our core backbone architecture.
The Harris core network is also architected to support future technologies and services
as they evolve, including enhancements and upgrades to continuously improve
telecommunications, network services, and associated support. As a Critical Network
Provider, Harris is hardware and software agnostic, enabling us to objectively design,
deploy, and manage private and virtually private network services.
The combined Harris global infrastructure features a comprehensive set of operations
support services. The NOC/SOC facilities, tools, and staff will monitor and maintain all
agency networks on a 24/7/365 basis for best-in-class availability and proactive security.
The NOC and SOC answer help desk phones, provide Tier-1 support to customer-specific
network users, and provide Tier 1 through 3 support to customer NOCs for access and
transport services across our backbone as well as for customer equipment. The Harris
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-8
consists of routing protocols that control how packets are forwarded, and the data plane
forwards packets based on the control plane’s direction. The control plane can be thought
of as the “brains” of the network and is distributed throughout the nodal equipment
(routers/switches) of the network. SDN alters this model by separating the control plane
and data plane functions and centralizing the control plane of the network. Centralizing
the control plane allows applications to have greater control of network resources and the
forwarding function of the data plane. It also provides greater situational awareness of the
overall state of the network from a centralized location. With this increased awareness
new capabilities such as the dynamic allocation of resources and bandwidth on demand
are enabled. Although SDN is still early in its evolution, it is being deployed in some data
center architectures. The inherent benefits of SDN can lead to new and innovative
security designs, processes, and procedures, enhancing the security posture across the
enterprise, , data center, mobile and wide area network, and the Internet of Things (IoT).
NFV is a more near-term capability and the focus of telecommunications and network
service providers today because it is considered to be a first step towards a future SDN
architecture. NFV allows for the control plane to be virtualized and separated from the
nodal equipment, but it is not necessarily centralized. The goal of telecommunication
service providers is to simplify and speed up the implementation of new services as well
as scale their networks when needed. These processes have become increasingly
complex and costly because more space, power and nodal equipment is usually required.
By virtualizing the control plane, simpler and smaller network devices can replace larger
and more costly nodal equipment. For these reasons, Harris and our teammates have
been actively investigating these emerging technologies for the past several years and
have built preliminary roadmaps into our IT infrastructures and Wide Area Networks
(WAN) to natively support these next-generation capabilities. We are advocates of NFV
and transitioning network equipment functions onto industry-standard servers, switches,
and storage devices to reduce capital and agency expenditures, improve network
efficiency, and increase agility, scalability, and security.
2.0 TECHNICAL RESPONSE
Harris’ robust ‘high quality’ services portfolio provides the flexibility and agility to
support agency transitions to future technologies. Our high quality service offerings will
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-9
enable interoperability and help agencies further transition from legacy technologies to a
converged IP environment with common, core security standards through an expansive
array of modern telecommunications and IT service offerings.
As a Critical Network Provider, Harris has decades of experience in the design of
customized services and solutions and their integration with new or existing hardware,
packaged and custom software, and our backbone infrastructure; optimizing the value of
commercial services. We also manage the complexity inherent with change and evolving
technologies, from requirements planning to architecture, testing, deployment, operations
and maintenance and beyond.
Our offer ensures best value services and real improvements in service continuity for
the GSA and federal agencies. As a Critical Network Provider and full service vendor,
Harris strives to provide the necessary planned services, transition assistance, and
support at the best price and of the ‘highest quality’. Our best value, low risk, cost effective
services’ portfolio is based on our proven processes, people and tools augmented with
directly relevant experience and lessons learned from past managed service network
efforts.
Harris brings unmatched experience as a Critical Network Provider to providing
telecommunication and network services for government agencies. Our experience with
managing and integrating multiple carrier networks into a seamless high quality service
solution is proven on large successful programs like the FAA Telecommunications
Infrastructure (FTI). Harris’ carrier neutral and vendor neutral approach provides highly
reliable and affordable network and telecommunication services because we create
“managed competition” between hundreds of Local Exchange Carriers (LECs) and
broadband Multiple Service Operators (MSOs) with every network design. This approach
provides great flexibility in our network designs as we can add new service providers
and/or equipment suppliers when it provides benefits to the Government.
Harris’ disciplined engineering practice utilizes the Service Design lifecycle phase
outlined in the Information Technology Infrastructure Library (ITIL)v3 which has been
successfully implemented on our network programs. Our disciplined processes,
management expertise and technical prowess ensure the delivery of optimized network
and services’ solutions as well as a seamless transition approach that is non-disruptive
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-10
to ongoing operations for all federal agency task orders. Harris has a reputation of being
a trusted partner that provides operational excellence predicated on a comprehensive
solution-based vehicle addressing all aspects of federal agency information technology
and infrastructure requirements.
The Harris process for evolving and continuous incorporation of new technologies
starts with the Harris Lab certification program. This service continuity process is an in-
depth process to ensure the new functionality not only provides the desired benefit but
also does not adversely affect other currently deployed services. Impact to the overall
network is evaluated to ensure that all potential network and security impacts are known
and mitigated. Examples of potential network impacts include excessive bandwidth
utilization, router capacity issues and IOS upgrade issues. The Harris Security Team
checks to see if any security modifications are required to support the new feature and
evaluates the impact the new service may have on the security posture of the network. In
parallel with the technical testing, the new feature is also integrated into the management
system to ensure the new feature has complete operations support before deployment.
The Harris Network Operations Team evaluates the new feature to ensure that the
network management system can monitor the performance and availability of the service.
If a new SNMP MIB is provided with the feature, it is tested during the integration process.
Once a service has been fully tested and integrated into the management system the
support staff is trained, and the new feature and required operational support procedures
are documented. Before the service is deployed, the customer is also given the
opportunity to monitor integration testing in the Lab. After lab testing, a beta site is
selected for the first deployment of the new service. The test site is typically a small site
that is not very critical to the mission. The duration of the test at the beta site is based on
the overall complexity of the new service being implemented. If the solution requires an
architecture change then the test may last for several days. If it is a simple configuration
change then it may only need a few hours. The time of the test will be jointly determined
by the Harris Test Team and the customer. After the test is completed, a deployment
schedule is jointly developed between the Harris Deployment organization and the
customer.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-12
2.1.1 Mandatory Data Services
The Harris solution for Mandatory Data Services meets and exceeds the current and
future GSA requirements within the EIS RFP (Paragraph 2.1). The Harris Mandatory Data
Services solution is available in all of the CONUS CBSAs, 3 OCONUS regions, and 25
non-domestic locations (countries) and provides solutions for all mandatory requirements
and most optional features described in Paragraph 2.1. Mandatory data services are also
supported in the following OCONUS regions:
Alaska Hawaii Puerto Rico
Harris anticipates these mandatory services and solutions will be enhanced and
upgraded throughout the life of the contract. Before deploying new technologies, Harris
will work with vendors, monitor standards development and implement a rigorous testing
and certification program(s). Due to our Critical Network Provider heritage, Harris has
mature detailed processes and procedures developed and proven over time to maintain
service continuity during the upgrade process.
Harris’ experience working with government agencies such as DoD, FAA, service
providers, and telecommunications providers gives Harris an understanding of what
needs to be accomplished to provide the GSA and its customers with high quality data
services. Harris is a full service vendor that will provide experienced transition
assistance and support of critical and routine data services. Being a Critical Network
Provider, Harris has the ability to optimize solutions and provide highly competitive
prices while providing high quality best in class services.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-14
management with both IPv4 and IPv6 support. Load sharing, fail-over protection, and
diverse access options are also provided.
The Harris solution will use Quality of Service (QoS) to accommodate and optimize
an agency’s applications to enable the network to accurately and consistently allow for
traffic prioritization and cost efficiencies. The Harris QoS solution supports both Intserv
and Diffserv models.
QoS will provide support for the following types of network traffic:
1. Time-critical traffic such as voice and video.
2. Business-critical traffic such as transactions.
3. Non-critical traffic such as email.
The Harris VPNS solution coverage includes all of the CONUS CBSAs, three
OCONUS locations and 25 non-domestic locations (countries). The Harris VPNS solution
provides low latency and high availability VPN services. The Harris VPNS solution fully
complies with OMB-11-11 “Continued Implementation of Homeland Security Presidential
Directive (HSPD-12) Policy for a Common Identification Standard for Federal Employees
and Contractors”, NIST Special Publication (SP) 800-46 Revision 1 “Guide to Enterprise
Telework and Remote Access Security” and CNSSP-15, National Information Assurance
Policy on the Use of Public Standards for Secure Sharing of Information Among National
Security Systems. The security features of this solution support multiple encryption and
tunneling methods. Figure 2.1.1.1.1 shows how the three VPN types are implemented.
The three basic traffic types for VPNS are:
1. sites, using broadband or
dedicated access. Figure 2.1.1.1.1 illustrates an Intranet VPN on the right side of
the drawing. The brown line shows the communication path between two sites
within the same agency. Intranet VPN’s provide secure communications between
two different sites within the same agency. The encryption of the service is premise-
to-premise providing secure end-to-end transport. The premises equipment
providing encryption will be provided by the Harris solution and will support multiple
encryption options.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-16
2.1.1.1.2 Standards (C.2.1.1.1.2)
The Harris VPNS solution is standards based and complies with all specifications,
Government Policy’s, IETF Requests for Comments (RFC) and Working Groups listed in
Paragraph C.2.1.1.1.2 of the RFP. The Harris solution includes a mature and proven
process for infusing new standards based technology into a network infrastructure that
will be used by EIS customers.
Harris continuously monitors standards bodies, Government policies, vendor
specifications and working groups for new features and the development of new
standards. Harris has strong relationships with equipment vendors and works closely with
them when investigating promising new features and technologies. Harris’ experience
building mission critical networks requires us to be meticulous and deliberate when
deploying new technologies and we have developed detailed processes and procedures
when deploying new features. Harris uses the same process for implementing new VPNS
technology and services described above in Paragraph 2.0.
2.1.1.1.3 Connectivity (C.2.1.1.1.3)
The Harris VPNS solution will connect Government locations and trusted business
partners for site-to-site access or broadband services for remote access to provide direct
connectivity between all sites as a partially or fully meshed WAN. The Harris VPNS
solution complies with all listed connectivity instances in the EIS RFP for VPNS. In
Figure 2.1.1.1.1 shown earlier, the connectivity is depicted in the green blocks.
2.1.1.1.4 Technical Capabilities (C.2.1.1.1.4)
The Harris solution will meet all the requirements stated in the RFP SOW
Section C.2.1.1.1.4 (Technical Capabilities).
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-19
In response to technical capability 7d, signaled QoS is applicable to applications
that require a specific service level. IntServ QoS shown in Figure 2.1.1.1.4-4 is where
every router in the system implements and guarantees the service receives the required
bandwidth along the entire path. IntServ is a mechanism that provides Signaled QoS and
uses Resource Reservation Protocol (RSVP) to explicitly signal the prioritization needs
of an application's traffic along the network nodes in the end-to-end path through the
network. If every network node along the path can reserve the necessary bandwidth, the
originating application can begin transmitting. Besides end-to-end signaling, IntServ
requires capabilities on all routers and switches along the path to support Admission
Control, Classification, Policing, Queuing and Scheduling.
In response to technical capability 7e and the DiffServ QoS model, a packet's
"class" can be marked directly in the packet, which contrasts with the IntServ model where
a signaling protocol (RSVP) is required to tell the routers and switch which flows of
packets require QoS treatment. DiffServ achieves better QoS scalability, but IntServ
provides tighter control QoS for real-time traffic. Harris has experience with both methods
and will implement the appropriate QoS mechanism (IntServ or DiffServ) based on the
specific requirements of each Task Order (TO).
Figure 2.1.1.1.4-4. IntServ QoS
In response to technical capability 8, the QoS methods described above are not
limited to a specific access network technology. These are features of the equipment
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-20
providing access and can be supported on all of the access methods listed within this
RFP.
In response to technical capability 9, the Harris solution will support customer
marking of packets for QoS (Diffserv) purposes. If the Government Agency prefers for
Harris to mark packets, then we will mark packets at the edge of the VPNS core network
on the agency’s behalf. The Harris solution also supports customer signaled QoS (Intserv)
as long as the signaling protocol used is RSVP.
In response to technical capability 10
The advantage of using a VPN is that it
provides isolation of traffic and limits the exchange of traffic and routing information to
only those sites that are authenticated and authorized members of the VPN. Harris will
provide a layered security architecture to ensure that potential threats will be challenged
with multiple levels of security.
In response to technical capability 11, the Harris solution supports permanent and
temporary VPN users across the network. The Harris solution will reuse an existing
process developed for the nation’s Air Traffic Control network for implementing short
duration services.
In response to technical capability 12, the Harris solution will provide secure routing
services with MD5 authentication using a key chain. MD5 message-digest algorithm is a
widely used cryptographic hash function, typically expressed in text format as a 32 digit
hexadecimal number. The key chain functionality provides a mechanism for storing a
number of different electronic keys, and the key string value is associated with a specific
key for the lifetime that the key is valid. Before routers can pass routing information, the
keys are verified. The Harris solution also implements Access Control Lists (ACL) at the
edge of the network to provide additional protection from routing storms, bogus routes,
and prevention against unauthorized access to the network components.
In response to technical capabilities 13, 14 and 15, the Harris security
management system provides full encryption services which include encryption,
decryption, authentication, key management and security monitoring and reporting.
Authentication services for temporary access users can be either Harris provided, third
party provided or agency provided. The Harris security team, using proven
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-22
routes can be given the same cost and both routes would be inserted into the routing
table as equal cost routes.
In response to feature ID 1.2, a failover protection feature will be provided through
the use of dynamic routing. Dynamic routing is designed to route traffic over the lowest
cost path through the network. During a failure, dynamic routing will reroute traffic over
the next best available path. Without tuning failover parameters, route convergence can
take several seconds dependent on network conditions when the failure occurs.
In response to feature ID 1.3, diverse access points to the core network Point-of-
Presence (POP) will be implemented using two approaches. If a location has dual
entrances to a building, then logical and physically diverse access can be provided over
100% of the path. If a single entrance to the building is available, the last mile will
physically be shared for part of the path. When the shared access path enters the first
node in the access network, the two logical paths are split into two physically diverse
access paths to the Harris backbone. For single access paths, traffic will be logically
separated over the last mile by using either different channels on the access circuit (T1,
DS3, OC3 or etc.), or by using different VLANs for Ethernet access. Figure 2.1.1.1.5-2
shows examples of both methods for providing this feature.
Figure 2.1.1.1.5-2. Diverse Access Examples
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-28
Rooted multipoint configurations are also called E-Tree services. E-Tree connects
several sites, similar to multipoint-to-multipoint configuration. The difference is that E-Tree
connects one or more root sites to a set of leaf sites and then prevents inter-leaf
communication. An E-Tree example is shown in Figure 2.1.2.1.1-4. More than one site
can be configured as the root site and other sites can communicate with each other
through multiple root sites; for example, connecting disparate LAN segments into a single
agency-wide virtual LAN. E-LAN can be offered over the MAN and/or WAN.
Figure 2.1.2.1.1-4. Harris Rooted-to-Multipoint ETS Service
2.1.1.2.2 Standards (C.2.1.2.1.2)
Harris is a full service vendor and provides a fully compliant standards based ETS
solution. Harris will comply with all specifications, Government Policy’s, IETF Requests
for Comments (RFC) Working Groups, and the MEF Architecture Framework listed in
Paragraph C.2.1.2.1.2 of the RFP. The Harris ETS solution complies with all standards
identified in the EIS RFP for ETS.
Harris continuously monitors standards bodies, Government policies, Metro Ethernet
Forum, vendor specifications and working groups for new features and the development
of new standards. Harris also has strong relationships with equipment vendors and works
closely with them when investigating promising new features and technologies on the
horizon. Harris’ experience building mission critical networks enables us to be meticulous
and deliberate when deploying new technologies and we have developed detailed
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-29
processes and procedures for deploying new features. Harris uses the same process for
implementing new ETS technology and services described earlier in Paragraph 2.0.
2.1.1.2.3 Connectivity (C.2.1.2.1.3)
The Harris ETS solution complies with all listed connectivity instances in the EIS RFP
for ETS as described below:
Intra-agency LAN-LAN Connectivity. The Harris ETS solution provides connectivity for
an agency’s LANs located in the same city or different cities, thereby extending the LAN
to the MAN and WAN. This is achieved by connecting the agency’s SDP(s) in one location
to another SDP(s) in one or more locations as shown earlier in Figure 2.1.1.2.1-1.
Interconnection is possible over transoceanic links, if required.
2.1.1.2.4 Technical Capabilities (C.2.1.2.1.4)
The Harris Ethernet Transport Service (ETS) solution provides high quality service for
the customer while meeting all the following mandatory and optional technical capabilities
identified in Section C.2.1.2.1.4 of the EIS RFP:
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-37
IPVS Service Elements
IPVS Core Network:
The Core IPVS network configuration shown in Figure 2.1.2.1.1 will provide redundant
paths to SIP Trunking Facilities (Soft Switches) in redundant Data Centers to carry normal
daily traffic with redundant “hot stand-by” backup trunks in case of congestion, blockage
or failure on the primary routes. By splitting EIS traffic evenly to both SIP Trunking
Facilities, and providing an appropriate amount of “hot stand-by” backup trunks in each
direction, the Harris solution can ensure the network is fully survivable and meets all
Government requirements for Routine and Critical Availability.
Within this redundancy, Session Border Controllers (SBC) are added at the Data
Centers and external meet points to allow more efficient routing to PSTN and other
external networks by routing the media or call data directly to the external network instead
of through the IPVS Core Network Data Centers to reduce the overall latency of multiple-
network routes.
The quantity of SIP trunks will be based on the unique calling patterns and volume of
individual users such as:
User locations sorted by time zone
Headcount by location
Hours of operation
Peak busy hour and call distribution by hour for each location
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-39
Harris will monitor the peak combined simultaneous call volume for all of the customer
locations in each time zone. On an on-going basis we will combine the call volume so
that, on an hour-by-hour basis, simultaneous call volumes occurring across the time
zones are characterized and trended. This approach ensures SIP Trunk allocation always
exceeds the minimum value required to meet EIS Grade of Service specifications.
VoIP Switches providing all switching capabilities and features specified in the EIS
SOW for Network-based (Hosted) IPVS operation are interspersed within the SIP
Trunking network cloud. These switches will service the needs of multiple Agency IPVS
User Enclaves accessing the SIP Trunking Service through multiple Gateways. Access
to the profiles and features of each Agency Enclave’s IPVS Users will be restricted to the
Harris Team and Agency IPVS administrators.
Our SIP Trunking Service Gateways will accept all specified EIS interfaces and traffic
levels and all off-net participant interfaces, which may be PSTN, Internet, Wireless
Providers, Satellite Gateways, PSAP Networks and other Agency or public networks in
the U.S. or abroad. The Gateways are composed of Routers, Firewalls, Switches, SBCs
and other devices required to maintain robust and secure access. The Gateways provide
all required format, standard and rate conversion to the user sources to ensure end-to-
end compatibility.
Centralized Auto-Attendant assistance is available 24/7 to accept user directory
requests via inbound calls from the PSTN or IPVS network.
The Management and Security Servers at each Data Center will monitor the IPVS
provider’s network to ensure that the IPVS Service is operating properly and associated
EIS performance and security requirements are met, including those of the user premises
managed LAN. These servers are connected to the Harris OSS so that the same status
information is available at the Harris NOC to ensure that any issues are addressed
immediately and required escalation procedures are followed.
The IPVS Provisioning Server configures the IPVS Service hardware and software for
user services based on service orders received from the Harris OSS and requests for
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-40
authorized real-time or near real-time configuration activity performed by an IPVS Agency
administrator through a secure provider website. There is a bi-directional bridge between
the IPVS Provisioning Server and the Harris OSS to accept orders and report IPVS
activity that is billed on a metered basis.
Host-Based IPVS: Hosted IPVS consists of a group of users with IP-compatible phones
or other analog and ISDN-BRI instruments in a building or campus location. Users with
IP-compatible instruments are typically connected by dedicated Switches on the
Managed LAN to the access interface consisting of a Router and Session Border
Controller (SBC). Analog and ISDN-BRI user interfaces are connected to the SBC, which
provides mediation into IP/SIP. The SBC also provides remote PSTN dial in lines for
remote in/out access to the local IPVS network. Management and Security interfaces for
the LAN are combined with user traffic at the Router access interface. The Router and
SBC provide routing, signaling and firewall functions to access the IPVS Core network
and Host Switch using SIP Trunking over the EIS VPN Service. An Agency administrator
coordinates authorized ‘adds, moves and changes’ of Agency IPVS services through the
EIS Internet portal.
Premises-Based IPVS: Premises IPVS services are similar to Hosted services, except
a local VoIP switch is provided, so that the local IPVS service can operate with full
technical capabilities and features without connection to the Host network. In the example
shown in Figure 2.1.2.1.1, the Premises IPVS is connected through our SIP Trunking
Service to the IPVS Core network for external SIP Trunk Access, Management and
Security Services.
For both Host-Based and Premises-Based IPVS, SIP Trunking is the standard for
network transmission and PSTN interoperability.
2.1.2.1.2 Standards (C.2.2.1.1.2)
The Harris IPVS solution complies with all standards identified in the EIS RFP for IPVS
and we will support the optional G.729a coding standard as part of our standard offering:
1. ITU-T G.711
2. (Optional) ITU-T G.723.x, G.726, G.728, or G.729.x
3. ITU-T H.323, H.350
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-47
sets or other PoE devices. We will provide, manage, maintain and repair or replace all
equipment necessary to provide the Managed LAN Service, except for those portions of
the service for which the Government is responsible (e.g., power, facilities, rack space,
cabling/wiring).
The Harris Managed LAN Service will comply with industry standards for the
equipment and interface types and will employ no proprietary technology.
Our Managed LAN Service will meet or exceed each of the technical capabilities
specified in EIS SOW C.2.2.1.5.
2.1.2.1.9 Session Initiation Protocol Trunk Service (C.2.2.1.6)
The Harris IPVS solution is fully compliant with all Session Initiation Protocol Trunk
Service requirements.
We will provide Session Initiation Protocol (SIP) Trunking that interoperates with any
Private Branch Exchange (PBX) systems that support SIP-based IP Trunk interfaces as
shown earlier in Figure 2.1.2.1.1.
2.1.2.1.10 Technical Capabilities (C.2.2.1.6.1)
2.1.2.1.11 Features (C.2.2.1.6.2)
The Harris IPVS solution will provide the following specified SIP Trunk Service
features:
1. Automatic call routing – The Harris solution will provide the caller ANI to the
customer terminating location via SIP Messaging.
2. Bandwidth QoS management – Harris will monitor if concurrent call volume peaked
above their standard trunk totals to estimate current bursting calls and add network
trunk resources
3. Trunk bursting – Our bursting functionality will allow users to have additional,
concurrent calls up to 25% above their configured total SIP Trunks to prevent call
blocking during times of increased traffic. This provides a business continuity
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-54
Because of our experience in designing, implementing and transitioning safety critical
networks like FTI, Harris brings established processes, tools and discipline to the
implementation and transition phase for each network Task Order.
Implementation, Management and Maintenance: In response to item 1, Harris
develops and implements compliant comprehensive solutions for each Task Order that
are tailored to meet agency-specific requirements. Customized solutions are a hallmark
of Harris network solutions due to our Critical Network Provider mentality focused on
meeting all customer requirements. Commercial telecommunication and network service
offerings are designed to accommodate as many customers as possible and necessitate
a common design where “one size fits all”. In contrast, Harris tailored network solutions
are optimized to a specific agencies unique set of requirements and based on a best
value business and technical managed service model.
These solutions include both wireline and wireless access service solutions described
in our response in Paragraph 2.1.4 of this response. Implementation, management and
maintenance of the mandatory transport solutions for both data and voice are described
in Paragraphs 2.1.1 and 2.1.2. Optional transport services for both data and voice are
described in Paragraphs 2.2.1 and 2.2.2.
Harris also provides tailored customer premise solutions designed to meet all agency-
specific interface requirements including modern standards based interfaces as well as
legacy serial data interfaces (e.g., RS-232).
Harris customizes and tailors security solutions for each agency based on their
specific requirements, policies and practices. Harris performs security risk assessments
for each specific government agency and implements, manages and maintains these
tailored security solutions.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-59
information on the health and status of the agency-specific network. The web portal
supports SNMP read-access data feeds that provide the status for all network equipment
and services including agency-specific equipment. The web portal provides near real time
status on the installation schedule of all provisioning activities such as equipment
installation, access circuits, and transport services including ports. Network performance
statistics including equipment availability, network throughput, network latency, and
application level performance information are available on the web portal. The web portal
provides agency-specific visibility to configuration data associated with Class of Service
(CoS) and Quality of Service (QoS) information. Trouble ticket status and reporting as
well as security logs are also provided to the Government Agency through the web portal.
In response to item 14, the web portal provides access to the Harris Site and Service
Management Tool (SSMT) for tracking agency-specific access circuit, transport service,
equipment inventory and provisioning status information.
In response to item 15, other current and historical information provided through the
web portal secure access includes, but is not limited to the following:
a) Bandwidth utilization
b) Burst Analysis
c) Data errors
d) Network delays (latency), reliability
and data delivery summaries
e) End-to-end network service views
f) Exception analysis
g) Link, port and device utilization
h) Network statistics
i) Protocols used
j) CPU utilization
k) Network traffic, port and protocol views
2.1.3.1.5 Features (C.2.8.1.2)
Harris will support all service features identified for Managed Network Services:
1. Maintenance and repair of Government Furnished Property (GFP) and Service
Related Equipment (SRE).
2. Agency-Specific NOC/SOC services when required by specific Task Orders. The
processes, tools and capabilities supported by the Harris NOC/SOC are described
earlier in Paragraph 2.1.3.1.4. Harris also supports testing as specified and
required by individual Task Orders.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-61
outside the validated address range are considered potential attack indicators and
become dropped network traffic.
In the east we will use a secure location
in Northern Virginia to provide connectivity to facilities in the east and some locations in
the central United States.
Both of these POP facilities have three degrees of diversity meaning they have three
physically diverse backbone paths traveling east/west and north/south to improve service
survivability. These locations also support all transport service types and speeds for all of
the required services identified in SOW Section C.1.8.8. Additionally, both locations are
near Internet Exchange Points (IEP) for all major Tier 1 Internet Service Providers (ISPs)
in the United States. The IEPs are local (in the same Metropolitan area) in both cases
and a single hop away. The round-trip delay to these local IEPs is negligible, meaning
that it is less than a couple of milliseconds (ms).
Additionally, any Extranet service can be connected to any POP on our nationwide
backbone footprint and reach our Traffic Aggregation Service in Denver and/or Northern
Virginia. On average, any customer service located in the west will be about two backbone
hops away from our POP in Denver. In the west, the average round-trip delay per hop is
about 8 ms making the average round-trip delay 16 ms (or 8 ms one-way). In the eastern
part of the country our POP density is greater compared to the west, but the average
delay per hop is lower – about 5 ms. On average, any customer service in the east will
be about 3 hops away from northern Virginia for an average round-trip delay of about
15 ms (7.5 ms one-way).
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-64
Instrumentation to measure transport SLA KPIs (as if traffic passes through
loopbacks in EINSTEIN Enclaves with no impact within DHS GFP being counted
against the offeror’s performance).
Harris uses commercially available instrumentation and provides metrics to DHS, GSA
and the customer agency to measure transport SLA KPIs, excluding the redirection route
through the DHS Enclaves. Harris uses iPerf or Test TCP (TTCP) in client/server
configurations to measure network quality of service. Latency, or round trip response
time, is measured via the Ping command. Jitter, or latency variation, is measured with a
UDP protocol test, and datagram loss can also be measured with a UDP diagnostic.
Available bandwidth is measured through TCP testing between the client and the server.
Network and service availability is monitored and measured using Ping commands as a
heartbeat signal.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-67
solutions including terrestrial and wireless with custom reliability requirements. Harris has
extensive experience formulating unique access arrangement solutions for a broad range
of requirements.
The Harris solution encompasses a consortium of Competitive Local Exchange
Carriers (CLECs), Incumbent Local Exchange Carriers (ILECs), Multiple System
Operators (MSOs), and national service providers. In addition, Harris has business
relations through aggregators for access arrangements from smaller carriers with network
coverage to rural/remote locations. With a united diverse consortium of service providers,
Harris has formed a comprehensive network footprint to provide integrated solutions
through a single contractual arrangement. Harris is capable of adding additional access
arrangement providers to meet end user requirements for diversity and expanded network
coverage.
The first approach of establishing access connectivity is via an interconnection
between the CLEC teammate and within a collocated POP. In this approach, assuming
the end-user location is On-Net to the CLEC, the CLEC will provision an access
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-68
arrangement circuit from the end-user location to the CLEC equipment within the
collocated POP.
.
The second approach of establishing access connectivity is via an interconnection
with a CLEC teammate. The CLEC teammate transports the access circuit to the end-
user SWC, where it is handed to the ILEC. The ILEC will provision an access arrangement
circuit from the end-user location to the SWC, which is handed off to the CLEC and the
CLEC teammate transports the circuit to the Harris
This array of Harris solutions is well positioned to deliver a selection of access
arrangements to the GSA and its customers to meet their intended goals for service
continuity, availability, reliability and mission critical communications/applications.
.
Harris will provide special construction to meet service delivery and/or performance
requirements in the following cases:
1. An access arrangement does not exist or does not have sufficient capacity, and
special construction will need to be provided through the implementation,
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-69
rearrangement or relocation of physical plant solely to satisfy the requested access
arrangement.
The Harris solution will take the necessary steps to fulfill each access arrangement/
special construction project by collaborating with the agency/facility owner/property
management, and Ordering Contracting Officer (OCO) to coordinate and schedule site
surveys. Preliminary access arrangements design(s) will be developed and site survey
data will be captured on the Site Survey Estimate Template for special construction.
Harris will provide all of the artifacts to the applicable stakeholders to review, provide
feedback, suggestions and/or point out any concerns. Harris will collaborate with the
stakeholders to address any concerns and make any necessary changes to the special
construction design to ensure a cohesive approach.
Harris has spearheaded and managed numerous access arrangement and inside
facility special construction projects, each with its own unique challenges. Such
challenges are comprised of working with a variety of contractors, design consideration
for wildlife reserves, permitting, X-ray of concrete walls and floors, safety, OSHA etc.
From an access arrangement service ordering and management perspective, a
service delivery platform will be established and integrated with a web portal. This
platform will have an Access Arrangement component which will allow GSA and/or
agencies to select the desired access technologies with diversity options. To provide
seamless order entry and service lifecycle management, Harris with its teammates and
partners have implemented communication links between the various functional systems
which includes; Business Support System (BSS), Operations Support System (OSS) and
Network Management System (NMS) to provide a holistic workflow for service
provisioning and service activation with active monitoring capabilities, reference
Figure 2.1.3.1.1 Service Delivery Platform provided in the Managed Network Services
(MNS) description.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-70
Harris will lead the scheduling and coordination of
performing site acceptance testing with all the stakeholders including end user(s).
2.1.4.2 Standards (C.2.9.1.2)
The Harris Access Arrangements solution complies with all standards identified in the
EIS RFP for network access.
2.1.4.3 Connectivity (C.2.9.1.3)
The Harris Access Arrangements solution complies with all listed connectivity
instances in the EIS RFP for network access
The Harris solution is comprised of strategically selected telecommunications network
service providers. Each team member was selected based on their geographical network
coverage area(s) i.e., local, regional, national and non-domestic to ensure end-to-end
connectivity within each CBSA
2.1.4.4 Technical Capabilities (C.2.9.1.4)
. The technical capabilities which will be encompassed with
the range of line speeds for access arrangements will include integrated access of
different services with transparency to any protocol. The Harris solution will provide
various type of access arrangements via commercially available equipment operating with
the latest software release and with technical capabilities based on industry standards.
Table 2.1.4.4 shows the type of access arrangements and associated technical capability
options that will be available and supported.
Table 2.1.4.4. Harris Access Arrangements & Associated Technical Capabilities
1. T1. This category of AA will support line rate of 1.544 Mbps, which can be configured to provide channelized or un-
channelized T1 access arrangement as follows:
a) Channelized T1. In this mode, 24 separate DS0s clear channels of 56/64 kb/s will be supported.
b) Unchannelized T1. In this mode, a single 1.536 Mbps information payload will be supported.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-75
2. Maintain a minimum separation of 30 feet throughout all diverse routes between
premises/buildings where an SDP and its associated network connecting point are
housed.
3. Maintain a minimum vertical separation of two feet, with cables encased
(separately) in steel or concrete for cable crossovers.
In instances where minimum separation and/or diversity and/or avoidance is not
achievable, Harris will exert best effort to propose an acceptable access arrangement
solution as well as a special construction option to meet agency requirements.
Furthermore, during the development of TO proposals, Harris will work with the
ordering agency to understand their routing preferences for access circuits connecting
agency SDPs to associated connecting network points. These special routing requests
are captured in the specific agency TO and associated provisioning records. Recognizing
that uncompromised (i.e., adhering to the explicit route conditions requested at time of
TO) may not be available in some locations, Harris will apply best effort to propose an
acceptable arrangement along with documentation describing any necessary
compromise. If the specific route is not possible or the compromised solution is not
acceptable to the agency, it will be negotiated on an individual case basis.
In addition to physically diverse access arrangements, the CLEC, ILEC, MSO, national
service provider’s equipment installed at agency facilities is carrier grade (i.e., Redundant
Power Supplies, Redundant Processor modules, Redundant Switch Fabric and
Redundant Line Cards). The redundant capabilities carrier grade equipment provides
coupled with diverse access arrangements allows for automatic switching of transmission
in real-time. The systems are configured to operate in primary mode and transmit data
via the primary access link. In the event of a network issue on the primary route/path, the
system will automatically switch to the redundant mode and transmit data via the diverse
route/path. Once the issue on the primary mode and/or primary route/path is resolved the
system can be configured to automatically or manually switch back to the primary path.
The switching of transmission should not result in a network outage or be noticeable by
the end users.
From time to time CLECs, ILECs, MSOs and Long Distance carriers perform
configuration changes, network grooming and/or maintenance on their network elements
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-76
due to changes in their network topology and routing. These configuration, grooming and
maintenance activities can affect the operational integrity of access circuits as well as
produce diversity or avoidance violations. If the proper controls and processes are not
established the configuration, maintenance and grooming activity may cause unexpected
operational issues. Operational issues that arise due to configuration and maintenance
activities within the access/transport path will be immediately noticeable. However,
grooming activities which affect circuits flagged with diversity or avoidance are not as
noticeable. Grooming activities which cause diversity or avoidance violations will only be
discovered during a network outage when the diverse and/or avoided circuit needs to be
operational due to a failure on the primary path or circuits that were flagged to be avoided
experience a simultaneous interruption based on a network outage experienced by the
service provider. To circumvent such unexpected interruptions and violations, Harris has
established control measures and processes to proactively review and identify the
circuit(s) that will be affected by configuration changes, maintenance and/or grooming
activities. The control measures and processes that have been established with the
teammates/carriers include tagging a circuit with a flag which annotates the circuit with
the applicable classification i.e., diverse path, avoidance and/or Telecommunication
Service Priority (TSP).
The DLRs are entered into the diversity and avoidance system/database as well as a
graphical baseline representation is developed.
Prior to any proposed access reconfigurations, maintenances and network grooming
activities affecting routes previously implemented with access route/path diversity or
avoidance, Harris will provide to the agency written notification and revised PCLs for OCO
approval in accordance with the requirements in the TO. Such communication will include;
type of event, duration, start and stop time. Harris will provide maintenance and grooming
activity notifications to the OCO 30 days prior to the event. The final steps Harris will
perform is the review of the updated DLRs, perform a comparison and validation to insure
there are no diversity or avoidance violations, update the system/database, re-baseline
the route/path and produce an updated graphical representation of the access solution.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-77
Harris has a dedicated diversity and avoidance team whose sole responsibility is to
interface with service providers and monitor and review DLRs to ensure that diversity and
avoidance violations are prevented. The diversity and avoidance team will provide a
graphical representation (e.g., diagrams, and maps) of access circuit routes to show
where diversity has been implemented to the OCO within 30 calendar days of the
implementation of access diversity and again thereafter when a change is made.
2.1.4.6 Interfaces (C.2.9.3)
The Harris Access Arrangements solution is compatible with all listed interfaces
identified in the EIS RFP for network access including all listed User Network Interface
(UNI) types and standards including the payload data rate and signaling type at the SDP
for access arrangements.
2.2 OPTIONAL EIS SERVICES
Wireless Communication Services are provided based on specific Task Order
requirements and can be implemented as a standalone service or as an alternative
access service such as out-of-band network management for agency-specific Service
Related Equipment (SRE). Other optional services such as the provisioning and
operations and maintenance of SRE, Service Related Labor (SRL), and Cable and Wiring
services will be provided to support design and engineering as well as the implementation
of all services. Table 2.2 summarizes the Harris optional service offerings:
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-80
wavelengths. A Customer Network Management access connection is shown providing
alarm monitoring capabilities as well as capabilities for set up, modification, and tearing-
down of connections.
The Harris offering for Optical Wave Service (OWS) provides government agencies
with dedicated broadband, framing-independent transport networks for interconnecting
offices throughout domestic locations. The Harris solution provides optical electronics
equipment and fiber connectivity representing local and long-haul transport network
infrastructure. Local Transport solutions are developed using a comprehensive set of
vendors and resources available to Harris in its role as System’s Integrator.
Harris offers highly available, low latency solutions and in its role as a Critical Network
Provider, ensures every solution is specifically designed and implemented to meet
customer needs.
Access connections to agency locations are provided using appropriate Access
arrangements, as described in the Access Arrangements section of this proposal volume.
Management of the OWS Transport infrastructure is performed by a trained and
experienced staff of Network Operators and Technicians with a proven track record of
provisioning, transitioning, optimizing and maintaining critical customer services on major
National networks such as FTI Operations and Mission Support. As requested, Customer
Network Management (CNM) access to monitoring and management views and tools
associated with dedicated network transport elements can be provided to requesting
agencies using user-friendly, secured Web portal or remote user interface arrangements.
As a proven Critical Network Provider for multiple federal Government networks,
Harris has a unique relationship with telecommunications service and equipment
providers. Because we have the latitude to use a wider range of solution providers than
typical Carriers, a competitive relationship between vendors and providers is established
and maintained, driving innovation and adoption of technology upgrades and
enhancements.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-87
The Harris optical solution in the example illustrated in Figure 2.2.1.2.1 is
As requested, the Harris solution allows agency access to the Data Communications
Channel (DCC), allowing agencies to establish communication between its edge devices.
Harris SONET service is available in Metro areas and long haul CONUS
implementations and select OCONUS regions. Harris SONET services support
connection to and interoperability with Government specified terminations (e.g., SDP-to-
SDP, POP-to-POP) and any other EIS Provider’s network compliant with industry
standards.
The Harris solution for SONET service enables Agencies to build optical transport
networks that are high bandwidth, with a high level of reliability and traffic isolation. These
transport networks are built using facilities from the Harris optical backbone infrastructure.
SONET services provide proactive performance monitoring and enable self-healing
functions with robust network management.
Additionally, Agency locations can be provisioned with Access Arrangements
to connect into SONET topologies via Optical Add-Drop Multiplexers (OADMs).
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-98
accordance with, but not limited to, the NIST SP 800-54. MD5 will be used to
authenticate router peering and ACL’s will be used to protect both the agency and
the network from being flooded with bogus routing information.
2.2.1.3.5 Features (C.2.1.7.2)
The Harris IPS solution supports the mandatory Class of Service (CoS) feature. Harris
will support prioritization of three classes of service: Premium, Enhanced, and Standard.
To provide the network layer prioritization feature,
DiffServ classifies and marks packets so they
receive a specific per-hop forwarding behavior at network devices along a route. The ToS
bit is set once, based on policy information, and then read and acted on by network
devices. Because IP is an internetworking protocol, DiffServ works across networks,
including carrier and service provider networks that support the service. Therefore,
DiffServ will support CoS on the Internet, Extranets, and Intranets.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-105
enact the technical capabilities for the collocated hosting service to manage the migration
of Government furnished property (GFP), and to strictly administer the ITIL framework for
comprehensive IT service management.
GFP Management: Our EIS Colocation Migration Approach consists of four (4) phases
that complete pre-delivery preparation, equipment relocation and provisioning, and set up
and readiness of equipment interoperability—constituting well-defined strategy and
comprehensive planning for non-disruptive migration to colocation environments,
positioning Harris to safely assume responsibility for all damage or injury to persons or
property occasioned in the delivery of collocated hosting service delivery.
Preparation: manages change and manages the move—assisting GSA and the Agency
CO/COR in task order and service order management, CLIN pricing, and contract
deliverables review. We also confirm functional requirements for service level
management.
Discovery: meticulously documents the pre-migration environment consisting of GFP
and other equipment, cataloging make and models, serial numbers, asset tags, MAC
addresses, rack requirements, and detailed cabling maps for both power and networks.
The Move: we move non-critical systems first, then systems with smaller downtime
windows. In a “forklift” move, we shut down all equipment and move them to the collocated
facility all at once. During this phase we provision the necessary physical space,
environmental systems, security systems, network connectivity, and 24x7 service
management.
Post-Migration: with equipment racked and cabled, we undertake the same meticulous
documentation process executed in the Discovery phase. We verify that every GFP asset
is moved, plugged-in, configured, and monitored. A second post-migration activity tests
for environment compatibility and interoperability. SLA performance readiness is
confirmed through a post-move audit.
Service Management Our EIS Customer Service Portal for Collocated Hosting
Services provides agency customers with remote, real-time status alarming and reporting
of collocated facilities and GFP, to include the status of power to each rack, environmental
cooling, smoke detection, facility entry/exit logs and service connectivity. Our automated
control systems manage facility environments, continually sensing conditions and
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-106
sending real-time alerts to trained facility engineers when conditions approach defined
environmental thresholds. At the same time, our control systems present alarms to
agency users registered in our management console and visible from the EIS Customer
Service Portal. Additionally, our trained and certified operations support staff ensure the
availability of agency systems and GFP at all times, employing the ITIL framework
comprehensively.
2.2.4.5 Features (C.2.4.5)
The Harris collocated facilities deliver secure environments for the protection of
information and resources for federal agencies complying with the physical and technical
security standards set forth by Intelligence Community Directive (ICD) 705, Sensitive
Compartmented Information Facilities: deliver spaces that prevent compromising
emanations, inadvertent observation or overhearing, disclosure by unauthorized persons,
forced entry, and the detection of surreptitious and covert entry.
s. Harris
is prepared to construct or configure SCIF spaces to meet task order requirements within
the United States or overseas data centers in Europe and Asia Pacific.
2.2.4.6 Performance Metrics (C.2.4.5.1)
The Harris Colocation Hosting Services will meet and exceed each of the listed Key
Performance Indicators (KPIs), in accordance with the associated notes to the KPI Table
provided in EIS SOW C.2.4.5.1. NS2020 Agency customers are 100% guaranteed of
continuously available collocated hosting services through secure, reliant, fully
redundant, carrier-neutral data center communications and operations.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-110
The Mobility Switch connects to the RAN, which is a wide area network of cellular
repeater sites, through a fiber and microwave radio backbone. The placement of the
cellular repeater sites is carefully engineered to provide superior coverage factoring in
terrain and man-made features. The RAN directly connects to the user radio devices
through an RF (Radio Frequency) air interface.
Centralized operator assistance is available 24/7 to accept user directory requests via
inbound calls from the PSTN or MCS network.
The Management and Security Servers at each Voice Switching Center will monitor
the MCS provider’s hardware and software to ensure that the MCS Service is operating
properly and associated EIS performance and security requirements are met.
The MCS catalog-based ordering items specified in EIS Section B will be available to
NCS users via a public Internet portal provided by the Harris OSS.
Users — MCS users consist of individual cell phones, PDAs, data modems, M2M devices
and WiFi hotspot and Femto cell repeaters to enhance indoor coverage. The MCS will be
compatible with all standards-based user BYOD devices, and equivalent MCS provider
devices are included by us in Service Related Equipment (SRE) as specified in EIS
SOW C.2.10.
2.2.6.2 Standards (C.2.6.1.2)
The Harris MWS solution fully complies with all identified standards and their subparts
identified in the EIS RFP for MWS. The Harris solution will also comply with new versions,
amendments, and modifications made to the above-listed documents/standards including
beyond 4G.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-115
and recommends to customers the best way to achieve the most efficient use of that
resource. The Harris advantage, as the second largest customer of satellite services, is
a strong working knowledge of how to get the service requirements of its customers
satisfied.
Harris has the ability to leverage its volume purchasing to the benefit of EIS customers.
An Agency mission can require satellite bandwidth, equipment, installation, operations
and maintenance (O&M) and support services globally. Harris’s robust managed satellite
service offering, with over 1300 satellite engineers, ensures meeting all SLA’s, timely
service delivery through continuous dialog with satellite vendors or through our own ready
pool of capacity to provide rapid response to bandwidth on demand requirements. Harris’
engineers and bandwidth partners will design, implement, and operate leased bandwidth
services and leverage our core expertise in space segment optimization and satellite
operator management in every solution we provide to GSA agency customers.
Harris also offers Mobile Satellite Services (MSS) and Aeronautical SATCOM services
to the U.S. Government. We are currently a Value Added Reseller (VAR) of Iridium
services and through our channel partners/vendors, U.S. SecureNet, SATCOM Direct
and U.S. Space, BGAN, Global Xpress, and Thuraya services. In addition, we partner
with SATCOM Direct for aeronautical services such as In-Flight Connectivity (IFC) or In-
Flight Entertainment (IFE) for U.S. Government aircraft. Harris currently provides 1 GHz
of Ku-band bandwidth only to support manned/unmanned aerial systems (MAS/UAS)
such as Predator, Reaper, Warrior-A, Global Hawk, Broad Area Maritime Surveillance-
Demonstrator (BAMS-D), Grey Eagle, Ku Spread Spectrum (KuSS), Medium Altitude
Reconnaissance Surveillance System (MARSS), and Vehicle and Dismount Exploitation
Radar (VADER). With Harris, EIS customers will have one toll free number to call for
ordering and operational service issues. Our satellite solutions employ no proprietary
technologies to provide the proposed technical capabilities and features.
2.2.7.2 Standards (C.2.7.1.2)
Harris and its suppliers comply and will continue to comply with all performance
standards applicable to the delivery of mobile and fixed satellite services.
Commercial Fixed Satellite Service (CFSS):
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-124
proprietary technology to provide the proposed capabilities and features. Upon Agency
request, Harris will offer alternative technologies, for example Cisco WebEx, as part of a
TUC (Task Order Unique CLIN) with similar capabilities and implementation
architectures.
MS Cloud — Our Cloud-Based MS Office 365 with Skype for Business WCS offering is
provided by MS Data Centers as SaaS (Software as a Service). Our WCS MS Cloud
offering provides all the features and benefits of our proposed UCS Cloud offering fully
described in Paragraph 2.2.8.2.1. Agency WCS users and other Internet users will
generally interface to the MS Data Centers through the Internet, although each Data
Center is equipped with a substantial Gateway capability to accept all Agency IP
interfaces and all off-net Internet participants in the U.S. or abroad.
WCS Operations Help Desk — WCS Help Desk, Management, Security and
Provisioning functions are identical to those described for our UCS offering described in
Paragraph 2.2.8.2.1, except the WCS Help Desk is equipped with Internet and public
telephone access.
Users — WCS Service users are not one location or network, but an instance of multiple
users at many locations and on many networks joining a conference. Users may access
a WCS conference using any Web Browser equipped device. Most WCS Agency users
will access the Data Centers through a TIC, but alternative EIS IP services may be used.
Off-net, world-wide WCS access will be through the Internet. Any Web Browser plug-in
required for users to play back, participate in, or lead a Web Conference session will be
provided with the service.
2.2.8.1.2 Standards (C.2.8.2.1.2)
The Harris WCS solution complies with all standards identified in the EIS RFP for
WCS.
2.2.8.1.3 Connectivity (C.2.8.2.1.3)
The Harris WCS solution complies with all listed connectivity instances in the EIS RFP
for WCS.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-129
The MS Cloud Offering will provide the needed modernization platform to launch the
collaboration, social media, unified communications, audio, video and innovative tools of
the future at a reduced price point from current agency environments. Our offering
optimizes the value of commercial MS software services and ensures evolving/continuous
incorporation of new technologies through intrinsic growth of the MS products.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-131
The MS Cloud Offerings will:
Deliver an “evergreen” service with the latest innovative solutions for end users. (The
term “evergreen” describes a service that maintains technological currency and
innovation, including the latest messaging and productivity solutions. Agencies,
therefore, do not have to wait for years, potentially, for new capabilities that address
their mission.
Deliver cloud services to enterprise businesses with a 99.9% Service Level
Agreement (SLA).
Provide advanced security solutions, such as Just-in-Time (JIT) access management
for Microsoft personnel. Microsoft does not believe that it has to have access to
customer data to maintain the availability and continuity of the environment.
Prevent “configuration drift” of the environment with procedures that rebuild all servers
at fixed intervals to protect the environment from configuration, incident, and intrusion
threats.
Provide customers with timely, targeted, and accurate reporting through the Service
Health Dashboard (SHD), which provides alerts and communications on the health of
the service.
These types of solutions are unique to the MS Cloud Offerings and cannot be
replicated with scale and accuracy on other platforms.
Currently, MS Cloud Solutions are being used by the U.S. Naval Reserve, U.S. Air
Force, and Defense Logistics Agency (DLA), and is hosted in MS Data Centers serving
more than 600,000 users.
2.2.8.2.1 Service and Functional Description (C.2.8.3.1 & C.2.8.3.1.1)
We offer our UCS as a Cloud-Based, Premises-Based or Hybrid solution. Our UCS
service delivery platform is shown in Figure 2.2.8.2.1.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-133
UCS service delivery requires the interfacing of several EIS components:
EIS Access and Transport Services
The Harris Operations Support System (OSS) providing management oversight, and
The UCS Service itself, composed of MS Cloud, UCS Operations Help Desk and user
elements
The EIS Access and Transport Services are provided under other EIS contract
components and the OSS is provided by Harris as part of our value added service. This
description concentrates on the UCS Service elements and their relationship to the other
components in providing the UCS Service. Our UCS Service will not employ any
proprietary technology to provide the proposed capabilities and features. Upon Agency
request, Harris will offer alternative technologies, for example Cisco WebEx/Spark, as
part of a TUC (Task Order Unique CLIN) with similar capabilities and implementation
architectures.
Office 365 for Government combines a browser-based productivity solution, combined
with the uptime and availability of an enterprise-grade cloud platform in the core plan,
across multiple browsers, including the current and the immediate previous version of
Internet Explorer and Firefox, and the latest version of Chrome and Safari.
In addition to the requirements for UCS in EIS SOW C.2.8.3, the MS Cloud-Based
and Hybrid UCS MS Skype/Office SaaS offerings will comply with the applicable
requirements of C.2.5.3 Software as a Service, including referenced system security
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-134
requirements. The MS Office 365 Multi-Tenant & Supporting Services is a compliant
Cloud Service offering with Agency FedRAMP Authorization.
The MS Data Centers hosting the Cloud Service are HA/HR facilities employing the
latest technologies for the utmost in service availability:
Software Defined Networking (SDN)
Purpose designed servers
Multiple, redundant power sources
Redundant Data Centers with dedicated high bandwidth fiber facilities
Agency UCS users will generally interface to the MS Data Centers through a TIC Each
Data Center is equipped with a substantial Gateway capability to accept all Agency IP
interfaces and traffic levels and all off-net Internet and PSTN SIP Trunk participants in the
U.S. or abroad.
UCS Operations Help Desk — The Harris OSS will provide 24/7 Tier 1 Help Desk
assistance for UCS problem reporting and trouble ticketing. The UCS Operations Help
Desk function is available 24/7 to provide Tier 2 and Tier 3 technical support and
operational assistance for UCS configuration and reporting. The UCS Operations Help
Desk has an on-line IP connection to the user device interfaces to satisfy the requirements
of EIS SOW C.2.8.3.1.4 -4 (r) that it be part of the UNI. The UCS Operational Help Desk
is also equipped with public telephone.
The Management and Security Servers will monitor any UCS user premises provider
hardware and software, and maintain a replica of MS Data Center SaaS performance and
security monitoring to ensure that the UCS Service is operating properly and associated
EIS performance and security requirements are met. The servers are connected to the
Harris OSS so that the same status information is available at the Harris NOC to ensure
that any issues are addressed immediately and required escalation procedures are
followed.
The Provisioning Server provides portal translation from the Harris OSS to the MS
Cloud and configures any user premises hardware and software for user services based
on service orders received from the Harris OSS and requests for authorized real-time or
near real-time service activity coordinated through the UCS Operations Help Desk. There
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-135
is a bi-directional bridge between the UCS Provisioning Server and the Harris OSS to
accept orders and report UCS activity that is billed on a metered basis.
Users — The User end of the UCS service is specified to be implemented as an
application hosted by the contractor that supports multiple users over an IP network
(agency- or contractor-provided), or as a premises-based, hosted, or hybrid solution. We
propose a Cloud-Based (multiple-user) solution with alternatives for a Premises-Based or
Hybrid solution.
Premises-based Solution: In a Premises (Managed) solution, UCS Management
and Client Servers running MS Skype for Business and MS Office 365 are added to the
user enclave (e.g., at an Agency location). This configuration allows all of the UCS
functionality to operate autonomously within an Agency location. In this case, the
connection to the MS Cloud is not required, but the connection to the UCS Operations
Help Desk location is still required for support, performance monitoring and provisioning
assistance. Harris will offer the Premises solution as an Individually Case Based (ICB)
CLIN.
Hybrid Solution: Harris considers two principal cases of a Hybrid solution (other
cases are possible):
Premises/Cloud Hybrid Solution:
Legacy Hybrid Solution: A case where an existing Digital PBX with existing
subscriber devices are connected to the MS Cloud for UCS services similar to the Cloud-
Based configuration through a SIP Gateway. This case is occasionally used for Legacy
to UCS transition.
Harris will offer the Hybrid solution as an Individually Case Based (ICB) CLIN.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-139
Security Information and Event Management (SIEM) technology, and understands the
importance of an accurate, correlated, common operational picture for security situational
awareness. Our MPS solution includes a flexible monitoring framework, various devices,
and tools that can only be created from years of experience providing real time monitoring
for large critical infrastructures.
2.2.8.4.1.2 Vulnerability Scanning Services
Our vulnerability scanning service is Secure Content Automation Protocol (SCAP)
compliant. To secure an infrastructure, one must discover the vulnerabilities within it and
mitigate them to reach an acceptable risk posture for an enterprise. Harris, as a provider
of mission critical networks, routinely scans its own and our customer’s networks. We
build a picture of the network vulnerabilities, and recommend appropriate mitigations to
our customers. The vulnerability database and scanning service we use can also be used
to prepare an organization for cyberwarfare, as the vulnerabilities in an infrastructure
frequently become points of attack. These scans may originate within the network, or on
the other side of a network perimeter. We also understand that legacy software
environments may not allow some vulnerabilities to be mitigated directly, and work with
our customers to define appropriate countermeasures when required.
2.2.8.4.1.3 Incident Response Service
Most organizations using a Managed Security Service Provider began using one in
response to an incident or possible intrusion. Incident Response Services include
proactive, pre-emptive services that protect a network and prevent successful intrusions.
These activities include onsite consulting, analysis of the enterprise security policy,
processes, tools, and existing countermeasures, and audits of the operational security
environment. From a baseline security posture, a plan can be built for an enterprise that
includes continuous monitoring with vulnerability scanning, network mapping, policy
reviews, and cyber awareness training. These activities are conducted in preparation for
Reactive Incident Response Services, which provide telephone and on-site support to
react to potential security incidents, with an emphasis on damage containment and
control. The objective is to prevent any single incident from crippling an enterprise
network infrastructure. This includes detection and containment of Denial of Service
(DoS) attacks, viruses, worms, Trojan horse infections, data exfiltration attempts, and
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-140
insider threat activities such as espionage. Harris provides the capabilities to enhance
cyber resiliency within an organization, and can provide the forensic services required to
successfully prosecute offenders. Our forensic services group has a 100% conviction rate
when called to testify in cyber-attack prosecutions.
2.2.8.4.2 Standards (C.2.8.5.1.2)
Our Managed Security Service Solution complies with all applicable security
standards, including FISMA (44 U.S.C. Section 301. Information security), NIST FIPS
Pub 140-2, NIST FIPS Pub 199, and all NIST security guides and special publications.
As a Managed Security Services Provider, Harris is continually benchmarking its
capabilities against evolving security technology standards. These include the United
States Computer Emergency Response Team (US-CERT) reporting standards and the
Internet Engineering Task Force (IETF) RFC 2350, Expectations for Computer Security
Incident Response. Harris is an active participant in NIST Security Standards Working
Groups and various industry security organizations, including the Cloud Security Alliance.
We constantly monitor the standards bodies for new developments and maturing
technologies that could impact our services. Harris frequently brings these requirements
to our customers’ attention, and uses these standards to ensure interoperability between
legacy network devices and emerging capabilities such as software defined networking.
2.2.8.4.3 Connectivity (C.2.8.5.1.3)
The Harris Solution offers managed security services that connect and interoperate
within the agency networking environment, as defined by the agency in the Task Order.
In our role as a Critical Network Provider we have designed and implemented network
Demilitarized Zones (DMZ) and secure LAN segments as well as Extranet Gateways and
Internet Gateways, for various customers. For example, on FTI Harris maintains the
Extranet Gateway for trusted third parties to support structured data exchange
capabilities.
2.2.8.4.4 Technical Capabilities (C.2.8.5.1.4)
The Harris MSS solution complies with all MSS technical capabilities. Our technical
capabilities for each Managed Security Service Offering are described in the following
paragraphs.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-147
A key feature of incident response is the capability to provide investigative and
forensic services to the agency. Forensic data collection includes capturing data,
maintaining the chain of analysis used to determine the origin and actions of a potential
attacker, and collecting the information while preserving the chain of custody. Harris has
been called upon to assist in administrative actions and legal proceedings, including
testifying in court if necessary to assist in prosecution.
The best defensive measure for an INRS is security awareness and training. In
conjunction with the agency customer, Harris provides security awareness training on an
as-requested basis. This training can include classroom or computer based courses,
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-148
mock attack drills, emerging trends in threats and vulnerabilities workshops, and
refinements to incident response processes such as new tools and capabilities.
2.2.8.4.5 Features (C.2.8.5.2)
Our MPS, VSS, and INRS capabilities provide flexible, tailorable solutions to support
agency requirements effectively. The Harris MSS fully complies with all required MSS
features.
2.2.8.4.5.1 Managed Prevention Service (MPS)
a) Firewall
. Our firewall solutions provide Network Address Translation
(NAT) and Port Address Translation (PAT) to disguise internal IP addresses. Agency
specified security policies such as packet blocking and session termination of
nonconforming traffic are supported through the use of the firewall rulesets.
b) Personal Firewalls –
For instances where
hardware deployment is not possible, the McAfee Endpoint Protection product is
applied as a software firewall solution.
c) Network Intrusion Prevention System –
. It provides the
ability to analyze network and application protocols and packet content. Suspicious
activity is identified, monitored and mitigated through the blocking or termination of a
session based on known attack signatures and behavior patterns.
d) Endpoint Protection –
This capability provides application firewall, endpoint
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-149
recording, whitelisting, blacklisting (banning), threat detection, and remediation
recommendations to protect agency endpoint systems as required.
e) Secure Web Proxy – the
This includes protection against spyware,
phishing attacks, peer-to-peer services, and streaming applications. URL blocking is
supported.
f) Inbound Web Filtering – This capability
filters inbound web sessions at the HTTP/HTTPS/SOAP/XML-RPC/Web Service
application layers and protects against cross site scripting, SQL injection attacks,
session tampering, buffer overflow errors, and malicious web crawlers.
g) Application Level Gateway – the
h) Network Behavior Analysis –
These three capabilities profile “normal” behavior and identify anomalies
such as DDoS attacks, scanning, and some types of malware such as botnets.
Anomaly detection allows Harris to identify potential attacks before they can become
pervasive throughout the agency. Source, destination, and estimated size of encrypted
connections are maintained in logs for further analysis.
i) Network Traffic Content Analysis and Sandboxing – Harris uses the CISCO
Automated Malware Protection (AMP) Threat Grid Appliance in conjunction with the
CISCO Intrusion Detection/Prevention capabilities of the ASA 5500 series firewalls to
provide traffic content analysis. Static and dynamic analysis engines can be applied in
conjunction with threat intelligence indicators to identify suspicious objects in near real
time. A sandbox is used to contain the object until it can be rendered harmless and
released into the network.
j) Email Forgery Protection and Filtering –
This appliance applies digital fingerprinting,
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-150
lexical analysis, and clustering techniques to supplement keyword and pattern
matching and applies these techniques to both structured and unstructured data. The
gateway identifies regulated content (HIPAA, SOX, GLBA); and personally identifiable
information, such as credit cards, Social Security numbers, and regional-specific
identifiers. Upon detection, a wide range of policy based actions can be applied,
including forced encryption (push, pull, TLS), alerting, re-routing, quarantining,
blocking, and other custom actions defined by the agency. Intel’s Email Gateway
identifies and blocks incoming spam while providing integrated protection against
viruses, malware, phishing, directory harvest, denial-of-service attacks (DoS), and
bounce-back attacks. These capabilities include protection of information about an
agency’s networks or domains through the use of proxy information to protect the
actual sender/recipient domains and user IDs, as well as filtering based on the domain
and header-based information. Email filtering rules are established in conjunction with
the agency to maximize protection of their domains and to establish an effective email
management policy.
k) Email Content Analysis and Sandboxing – Intel’s email gateway provides these
capabilities to the agency. Objects and attachments to emails are extracted from the
message and Intel’s threat intelligence engines provide static and dynamic analysis of
the content to determine if the content is malicious. If malicious content is detected, it
is handled according to the email security policy established by the agency.
l) User Authentication Integration – integration of the Intel email gateway’s threat
mitigation service with the agency’s authentication service is an inherent feature of the
gateway architecture.
The objective is to make user authentication transparent to the email
gateway architecture while maximizing the protection provided.
m) DNSSEC –
This solution includes protection
against Distributed DOS attacks, DNS tunneling, cache poisoning, NXDomain, and
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-151
DNS/DHCP attacks. At the same time, whitelisting technology is used to support
connectivity to the top 1,000 sites through reputation analysis.
n) DNS Sinkholing –
The
appropriate response to DNS query manipulation is determined in conjunction with the
agency to ensure the agency’s security policy is correctly implemented and enforced.
o) Data Loss Prevention (DLP) – Harris provides DLP capabilities through a
combination of services
Our goal is to enforce
the agency’s security policies while protecting its data from deletion, destruction, or
unauthorized disclosure.
p) Demilitarized Zones (DMZs) Support – Harris is very familiar with DMZ architectures
for various agency applications. DMZs are used to provide buffer areas between
private agency internal networks and public network domains such as the Internet. Our
DMZ architectures support Web (HTTP), FTP, email (SMTP and MIME) and DNS
servers. The objective of the DMZ architecture is to protect the agency’s network
information from unauthorized disclosure and potential malicious attacks.
q) Extranet Support – Harris has implemented extranet architectures and connections
to protect our customer’s internal networks while facilitating connectivity to trusted third
parties or other government agencies. Extranet architectures are supported with
appropriate firewalls, DMZs, and gateways in accordance with the security policy of
the agency.
r) Firewall-to-Firewall VPNs –
This allows the SOC to maintain a secure connection for monitoring the health and
security status of the firewalls and their tunnels.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-152
s) Remote Client VPNs –
Network Connect runs as the client-side VPN capability that is
downloaded to the remote agency user’s device. Upon successful two factor
authentication, the encrypted VPN connection is established. Upon termination of the
connection, the VPN is disconnected.
t) EINSTEIN 2
u) Short term Storage – Harris provides the storage capacity for at least 24 hours of
agency-specific data generated by the MPS through the use of the ArcSight Logger
appliance. Logger provides the capability to store up to 8Tb of data. This data is
compressed and correlated prior to storage, and can be accessed by the agency in
near real time through the SOC console.
v) Long Term Storage – Harris provides a storage area network (SAN) for long term
storage of agency specific security information. When the ArcSight Logger
environment is nearing capacity, the data is offloaded to the SAN for long term storage.
SAN storage is accessible by request to the SOC operators on an as-needed basis.
2.2.8.4.5.2 Vulnerability Scanning Service (VSS)
Our VSS
products have received NIST SCAP 1.2 validations, for Common Vulnerabilities and
Exposures (CVE) and as an Authenticated Configuration Scanner (ACS). Tenable
supports XML, PDF, HTML, and CVS APIs to facilitate export of vulnerability scan results
into reports and other utilities to make the VSS as useful as possible to the subscribing
agency.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-154
The Harris Managed Mobility Service (MMS) will provide EIS users with superior
support for agency-owned and personal mobile handheld devices (smartphones and
tablets, based on smartphone OSs) to access Agency networks and applications in
accordance with the agency’s IT security policy. We will fully support security, network
services, and software and hardware management for mobile handheld devices, including
the increasing use of Bring Your Own Device (BYOD) initiatives and advanced wireless
computing that is becoming an important part of Agency strategies.
We will support all aspects of MMS, including mobile device management (MDM),
mobile application management (MAM), mobile content management (MCM), mobile
security management and Deployment.
MMS is one of the most complex GSA service offerings, and Harris’ historical
competence as a mission critical Critical Network Provider and transition/migration proven
experience will ensure its successful implementation and operation.
2.2.8.5.1 Service and Functional Description (C.2.8.6.1 & C.2.8.6.1.1)
We offer our MMS as a Cloud-Based, Premises-Based, or Hybrid solution. MMS is
essentially a value-added overlay on the MWS service specified in EIS SOW C.2.6.
MMS service delivery requires the interfacing of several EIS components:
EIS Access and Transport Services
EIS MWS Service
The Harris Operations Support System (OSS) providing management oversight, and
The MMS Service itself, composed of Data Center and user elements
The EIS MWS, Access and Transport Services are provided under other EIS contract
vehicles and the OSS is provided by Harris as part of our value added service. This
description concentrates on the MMS Service elements and their relationship to the other
components in providing the MMS Service. Our MMS Service uses AirWatch software to
provide the proposed capabilities and features.
Cloud-Based Solution
Data Center The core of our MMS Cloud-Based Service is redundant MMS Data
Centers with centralized MMS Mobility Servers. The Data Centers are identically
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-155
configured and geographically dispersed to provide load balancing of expected user traffic
and protection against single points-of-failure during man-made and natural disasters.
Each Data Center is equipped with a substantial Gateway capability to interface with
the EIS MWS Mobility Switches and to accept all specified EIS interfaces and traffic levels
from MMS Agency users. The Gateway is composed of Routers, Firewalls, Switches and
other devices required to maintain robust and secure access. The Gateway also provides
a connection to all other Data Centers in the MMS Service to synchronize the transfer of
user services in case of local failures or capacity limitations.
The Cloud Mobility Servers provide the MDM, MAM, MCM and Security functions
specified in the EIS SOW.
The principle Cloud Mobility Server interface is IP MMS data which is routed by the
Gateway to both the target MWS Providers and the subscribing Agency networks. The
connection to the MWS is distributed over the MWS RAN to all mobile devices in the
same manner as any other IP connection (e.g., the Internet). The Terrestrial IP
Connection is distributed over a secure VPN to the Agency network to provide an
alternate access to the RAN as a route for MMS data to the mobile devices.
Other Cloud Mobility Server interfaces to the secure VPN are:
A multipurpose Agency terrestrial network extension for mobile users
A local ‘Apps Store’ containing both commercial Apps and Agency Apps uploaded
over the VPN for distribution to mobile users
A reporting interface to Agency administrators
The Harris OSS will provide 24x7 Tier 1 Help Desk assistance for problem reporting
and trouble ticketing. The MMS Operations Help Desk function at each Data Center is
available 24x7 to provide Tier 2 and Tier 3 technical support and operational assistance
for MMS configuration and reporting. The MMS Operations Help Desk has an on-line IP
connection logically separated from user traffic on the secure VPN connection to the
Agency administrator. The MMS Operations Help Desk is also equipped with public
telephone and internet connection for general use.
The Management and Security Servers at each Data Center will monitor the MMS
provider’s hardware and software to ensure that the MMS Service is operating properly
and associated EIS performance and security requirements are met. These servers are
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-156
connected to the Harris OSS so that the same status information is available at the Harris
NOC to ensure that any issues are addressed immediately and required escalation
procedures are followed.
The MMS Provisioning Server configures the MMS Service hardware and software for
user services based on service orders received from the Harris OSS and authorized real-
time or near real-time Agency administrator changes to user profiles and features
communicated over the secure VPN. There is a bi-directional bridge between the MMS
Provisioning Server and the Harris OSS to accept orders and report MMS activity that is
billed on a metered basis.
Users The user end of the Cloud-Based MMS service are the mobile devices which
receive MMS data over either RAN or Agency network extensions. Users will be provided
an application to install on their devices to enable MSS as part of the MMS Service. An
Agency administrator has access to MMS Data Center facilities over a secure VPN for
the following:
Access to MMS Provisioning Server for authorized ‘Adds, moves and changes’ of user
profiles, features and privileges
MMS reports from the Cloud Mobility Servers
Access to the Mobile Apps store for content management
Access to Help Desk functions
Premises-Based and Hybrid Solutions
Data Center For a Premises-Based or Hybrid solution, the Mobility Servers, Apps Store
and reporting functions are moved to an Agency location. Data Center connectivity
remains the same as the Cloud-Based service for Gateway, Management, Security,
Provisioning and Help Desk. These functions will operate in the same manner as a Cloud-
Based implementation, but their connections will be to the Mobility Servers at the Agency
location through a proxy over the secure VPN.
Users Like the Cloud-Based MMS Service, the user end of the Premises-Based or
Hybrid MMS service are mobile devices which receive MMS data over either the RAN or
Agency network extensions. Users will be provided the same application to install on their
devices to enable MSS as part of the MMS Service. The Mobility Server and Mobile Apps
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-169
Voice only participants can join the MS Cloud video teleconference by IPVS, CSVS
and MCS dial-in through PSTN meet points as described for ACS in
Paragraph 2.2.8.6.1.
Off-net Internet participants will join the MS Cloud video teleconference through a TIC
and non-Internet Off-net participants will join the MS Cloud video teleconference by
external network dial-in through PSTN meet points.
Each MS Data Center will be equipped with a substantial Gateway capability to accept
all IP and TDM interface types.
VTS Operations Help Desk VTS Operations Help Desk, Management, Security and
Provisioning functions are identical to those described for our UCS offering in
Paragraph 2.2.8.2.1, except the VTS Operations Help Desk is equipped with Internet and
public telephone access and the Operations Help Desk function includes the ability for an
attendant to join in and facilitate the Video Teleconference at user request.
Users VTS Service users are not one location or network, but an instance of multiple
users at many locations and on many networks joining a conference. Users will access a
VTS conference using standards-based audio and video enabled devices. Our VTS will
enable point-to-point and multi-point conferencing with audio conference add-on
capabilities to support the following three user configurations: 1) desktop, 2) portable roll
about, and 3) fixed conference room locations on dial-in, IP/SIP or dedicated connections.
2.2.8.7.2 Standards (C.2.8.8.1.2)
The Harris VTS solution complies with all standards identified in the EIS RFP for VTS.
2.2.8.7.3 Connectivity (C.2.8.8.1.3)
The Harris VTS solution complies with all listed connectivity instances in the EIS RFP
for VTS.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-173
2.2.8.8.1 Service and Functional Description (C.2.8.9.1 & C.2.8.9.1.1)
The DHS Intrusion Prevention Security Service (IPSS) consists of 4 distinct functions:
1. Indicator management – work necessary to manage and share cyber threat indicators
and countermeasures.
2. Detection – access to network traffic and the application of a range of capabilities to
inspect the traffic and identify malicious activity.
3. Response and Protection covers capabilities that apply countermeasures to prevent
and manage malicious activities.
4. Alerting and reporting covers event notification and forensic artifact handling.
Essentially, this service provides intrusion prevention, detection, and response
capabilities to facilitate the coordination and sharing of threat information across
agencies. As a provider of incident response capabilities for the last 15 years, Harris
is well versed in the processes and procedures required to coordinate incident
response functions.
2.2.8.8.2 Standards (C.2.8.9.1.2)
The Harris IPSS fully complies with the following standards and guidance:
ICD 703 – Protection of Classified National Intelligence, Including Sensitive
Compartmented Information
NSA Security Guidelines for IPSS/ECS
CNSSI 1253 – Security Categorization and Control Selection for National
Security Systems, 27 March 2014
NIST SP800-53 Rev 4, Security and Privacy Controls for Federal Information
Systems and Organizations
US-CERT Standard Operating Procedures (SOPs) SOP 108 – Identifying
Sensitive Information: PII Handling and Minimization, and SOP 110 - PII
Handling & Minimization
2.2.8.8.3 Connectivity (C.2.8.9.1.3)
Harris provides connectivity with EINSTEIN Enclaves through our Traffic Aggregation
Service. The detailed design of the Traffic Aggregation Service and EINSTEIN Enclave
is described Section 2.1.3.1.5(4) in response to the RFP SOW requirements C.2.8.1.2(4).
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-174
We examine Participating Agency traffic that meets the definition of “External Traffic”
in TIC v2.0, and can connect to DHS US-CERT data centers.
2.2.8.8.4 Technical Capabilities (C.2.8.9.1.4)
Harris is fully compliant with DHS IPSS mandatory capabilities as follows:
1. A process that allows DHS to provide cyber threat indicators and define desired
effects in the protection of covered network traffic is not a new capability to Harris.
Harris has been working with DHS cyber threat indicators from our FAA customer for
over 12 years on the FAA Telecommunications Infrastructure (FTI) program. The
establishment of a process can only be done in collaboration with DHS to provide
the most responsive capability to the Government. As the provider of the TIC Portal
and SOC capabilities, Harris is uniquely positioned to assist DHS in obtaining the
desired effect in the most effective manner. For example, if content scanning can be
performed through various tools, Harris can advise the Government on the
respective performance impacts and assist in selection of the most effective
capability.
2. Before the activation of new or modified indicators and their associated actions Harris
tests IDS/IPS sensor indicators in a laboratory environment. Modification of IDS/IPS
sensors in a large enterprise takes time to propagate the change without impacting
the mission. It is essential that the threat indicators work as intended prior to wide
scale deployment.
3. A process that allows DHS to direct actions on network traffic to gather additional
information on cyber threats, stop cyber-attacks, and respond to cyber incidents can
be created in partnership with DHS. On FTI, the FAA directs actions and coordinates
the incident response process in conjunction with the SOC.
4. Harris can receive, accept, utilize and secure GFI up to the TS/SCI level, including
PII, in accordance with DHS-approved security guidelines. Harris has cleared
personnel and Secure Telephone Equipment to support coordination activities. We
have several ICD 703 compliant Sensitive Compartmented Information Facilities on
campus that could provide an appropriate cleared facility for sensitive
communications.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-175
5. DHS could share GFI via VPN access and/or Secure Telephone Instrument
download to Harris. This information could then be uploaded to the DHS IPSS
sensors. After validation of digital signature to ensure the integrity and authenticity of
the data, the GFI could be placed into production.
6. Additional commercially available cyber threat information from various threat
intelligence sources could be leveraged or correlated with DHS GFI to provide
additional protections. These threat intelligence services include services from Cisco,
FortiNet, Intel, and Palo Alto. The synthesis of commercially available threat
information with GFI provides validation of intelligence indicators.
7. Only indicators and associated actions approved and requested by DHS are applied
to traffic streams from Participating Agencies. Harris does not modify sensor settings
and/or security rules unless we receive direction from an authorized person.
8. The ability to apply different sets of mitigation capabilities to a Participating Agency’s
traffic that does not affect which mitigations are applied to a separate Participating
Agency’s traffic is accommodated through virtualized firewall and IDS/IPS
capabilities. Each agency has its own security policies that are enforced through their
own unique rule sets.
9. Ensure that GFI is not disclosed or shared with any third part or used for any purpose
that DHS has not specifically authorized. Disclosure of GFI that reflects classified
information is protected by traditional individual security agreements with SOC
personnel. Use of GFI for other than its intended purpose would be a violation of
security policy that could jeopardize Harris’ position as a provider of classified
security solutions. As such, we are strongly incentivized to only use information for
its intended purpose and not disclose it to unauthorized third parties.
10. Harrishas access to Participating Agency Federal System Network traffic if said
federal agency uses Harris to provide Internet services.
11. We have trained SOC incident response analysts available 24X7 providing DHS with
a capability to gather additional contextual information via phone, instant message,
or email if desired.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-176
12. Our IDS/IPS sensors support signature based and heuristic based detection
capabilities. Emerging detection methods, such as data mining and machine
learning, can be deployed as they become operationally mature.
13. Solutions that allow for detection of malicious activity within encrypted traffic are
dependent upon the type of malicious activity. Indicators that do not involve
decryption provide a higher probability of near real time detection. Decryption
capabilities would be dependent upon identification of the encryption algorithm
applied, and other contextual indicators associated with the information.
14. Harris, as a SOC operator, is well versed in a broad variety of protection measures.
Our IPSS capabilities include:
The ability to collect more detailed information for a specific session after
malicious activity has been detected, including full packet capture.
The ability to prevent or block a detected threat by terminating the network
connection or blocking access to the target. This capability is implemented in
various gateways and firewall rulesets.
Change the attack’s content by removing or replacing malicious portions of an
attack to make it inoperable. Harris has applied packet scrubbing capabilities to
support this type of countermeasure.
Harris has used Honeynets in conjunction with Moving Target Technologies to
track evasion strategies and duplicate the processing performed by a
compromised target host.
Over time, Harris has tuned detection accuracy on IDS/IPS sensors so the
optimum ratio of false positives to false negatives that reflect the organization’s
risk tolerance level can be obtained.
15. Redirection of traffic to a safe or uncompromised server can be supported if Harris
has access to the routing tables involved, or if the Participating Agency will make the
necessary modifications.
16. Capture and storage of analytically relevant data associated with potentially harmful
traffic specific to some indicators but not necessarily applied to all indicators involves
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-177
selective storage of contextual information. This capability can be triggered by rules
associated with various IDS/IPS sensor technologies.
17. Ensuring that DHS IPSS technology does not retain traffic other than traffic
associated with suspected malicious activity would require Harris to develop traffic
inspection capabilities to validate that only traffic associated with suspected
malicious activity was retained. This would involve analysis of various logs and
indicators associated with IPSS sensors.
18. In conjunction with DHS and the Participating Agency, Harris would define a process
to apply DHS-directed prevention services, as defined and approved by US-CERT.
19. In conjunction with DHS, Harris would develop procedures to apply DHS directed
prevention services to only designated, Federal System network traffic that passes
through the TIC Portal.
20. Operation of the DHS IPSS as an in-line service that performs mitigation actions as
traffic traverses the ISP network is possible. In this case, IPSS services would be
performed as part of Portal operations, transparent to the end user. All Internet traffic
delivered to the Participating Agency’s SDP would be monitored and subject to
mitigation services before delivery. All Participating Agency traffic delivered to the
Internet through the Participating Agency’s SDP would be subject to monitoring and
mitigation prior to delivery.
21. Defining and applying the full range of existing and future DHS IPSS functional
capabilities to counter cyber threats and attacks at cyber relevant speed would be a
unique capability that would further enhance the TIC Portal capabilities.
22. Quarantined malware can be provided to the Participating Agency and DHS via the
US-CERT malware lab or other specified entities upon request.
23. Before deployment of threat indicators, signatures, or countermeasures, Harris
maintains a laboratory to ensure the countermeasures operate as intended prior to
deployment. Testing ensures that unintentional consequences are not released into
an agency network.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-178
24. DHS and Participating agencies can be provided with detection alerts and associated
contextual information about suspicious traffic that is sufficient to identify the facts of
an incident or attempted incident in accordance with DHS guidance.
25. Data supporting network traffic pattern assessment to detect and address anomalous
patterns that may be indicators of malicious activity can be provided by Harris SOC
analysts to DHS and Participating Agencies upon request.
26. DHS and Participating Agencies can be provided with information related to
indicators, signatures, associated actions, and/or alerts over a given time period.
This information can be used to determine if the countermeasure deployment was
successful, or if the attack spread throughout a network.
27. Agency network traffic is not disclosed to anyone other than authorized DHS and
agency personnel. Participating agency data is secured against unauthorized
access, use, disclosure, and retention through SOC security procedures.
28. Harris routinely tests new detection capabilities and indicators. In conjunction with
DHS and the participating agencies, a process that allows the Government to
participate and observe tests, and that provides test results to authorized personnel,
can be defined and placed into practice.
29. Within 15 minutes of discovery, DHS is notified of any unauthorized access, use,
disclosure, or retention of Participating Agency data, and of any breach of any
security or information handling requirements provided by DHS regarding handling
of Participating Agency network traffic. Harris will provide DHS sufficient information
to assess the scope of a data breach and/or conduct a damage assessment.
2.2.8.8.5 Features (C.2.8.9.2)
Harris is fully compliant with DHS IPSS features as follows:
1. Harris can provide capabilities that apply sensitive and classified (up to TS/SCI)
indicators and countermeasures to email messages and with real time secure
information exchange with DHS for global awareness. Harris uses the Intel Secure
Email Gateway and the Fortinet Email scanning service.
2. Harris can provide capabilities that apply sensitive and classed (up to TS/SCI)
indicators and countermeasures offered by DOD/DHS to DNS queries and
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-179
responses with real time secure information exchange with DHS for awareness.
Harris uses the Infoblox DNSSec security appliances.
3. Additional countermeasures as defined and specified by DHS can be
accommodated through negotiated processes and procedures with the Harris
SOC.
2.2.8.8.6 Interfaces (C.2.8.9.3)
Harris will support the UNI at the SDP to connect the DHS IPSS services as Ethernet
Access Services as defined in Section C.2.1.2.
2.2.8.8.7 Performance Metrics (C.2.8.9.4)
Performance Metrics for this service are defined on a task order basis.
2.2.9 Service-Related Equipment (C.2.10)
When identified in a Task Order, the Harris solution will provide networking and
security equipment such as, but not limited to, Switches, Routers, PBXs, Telephones,
Servers, Firewalls, Conferencing-Related Equipment, Microwave Systems, Free-space
Optics Systems, Surveillance Systems, Sensors, Radio-related Equipment, Satellite
Earth Stations and Wireless Phones.
Harris will also ensure all agency requirements not specifically detailed within the Task
Order are addressed.
Equipment may also need to meet the Federal Information Security Management Act
(FISMA) requirements. The goal of FISMA is to promote the development of key security
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-180
standards and guidelines to support the implementation of and compliance with the
Federal Information Security Management Act including:
Standards for categorizing information and information systems by mission impact
Standards for minimum security requirements for information and information systems
Guidance for selecting appropriate security controls for information systems
Guidance for assessing security controls in information systems and determining
security control effectiveness
Guidance for the security authorization of information systems
Guidance for monitoring the security controls and the security authorization of
information systems
Harris will review the technical requirements identified in each Task Order, specific
agency requirements, Government security requirements and site specific requirements
to ensure that the agency is requesting the proper make, model and operating system of
each SRE item. If the SRE selected does not meet all the technical or agency
requirements, Harris will make alternative recommendations when replying to the specific
task order.
New Equipment Assurance
Harris is committed to providing only new equipment under this contract. Refurbished
or used equipment will not be provided. The Harris solution uses brand name equipment
supplied from proven leaders in the industry.
The equipment providers are the best in class providers in VoIP such as Cisco,
SONUS, Polycom, Mitel and AVAYA. The wireless phones and tablets are provided by
leading suppliers such as Apple, Samsung and HTC. Security equipment is provided by
Palo Alto, Cisco Systems and Juniper Networks. Data equipment suppliers include
equipment such as Cisco, Adtran, Dell and Juniper Networks.
The vendors in the equipment list all have equipment that has been JTIC and FISMA
approved for use in Government networks. JTIC certification is important because many
government agencies will only allow JTIC certified equipment to be used within their
agency IT infrastructure and it insures that customers of GSA are receiving the high
quality service from proven brand name suppliers.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-181
Warranty Service
The Harris solution will provide, at no additional cost to the Government, a minimum
one-year system warranty (or the warranty provided by the OEM, whichever is longer) for
all hardware and software purchased under this contract, including all equipment
supplied, installed, and integrated by Harris.
Harris will provide warranty information
associated with each product and service delivered to the GSA CO or OCO if requested.
Warranty Response Time
The Harris solution will provide hardware and software support on all SRE for the first
year of service. Most equipment manufacturer warranties do not meet this requirement.
. There
will be no additional cost for the first year of maintenance.
Warranty Point of Contact (POC)
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-182
2.2.10 Service-Related Labor (C.2.11)
Harris offers comprehensive support for EIS Service-Related Labor, offering access
to directly applicable domain expertise across the entire range of EIS telecommunications
services. Harris has a 30-year record of success providing mission-tailored support labor
to Government customers implementing communications-based solutions.
Today, given our core competency as a Critical Network Provider, Harris is ideally
suited to provide EIS Service-Related Labor. Our resource pool comprises over 9,000
technical professionals across a broad range of relevant technologies and technical
disciplines. For EIS, our teammates complement and add technical professionals as
needed with EIS Service domain expertise. The result is that, collectively, the Harris Team
offers a robust capability to provide qualified Service-Related Labor support for all 21 of
the RFP Section J.5-defined labor categories, across all three levels, i.e., Junior,
Journeyman, and Senior/Subject Matter Expert (SME).
As a leading provider of Managed Network Services, Harris has optimized our
business model for the effective delivery of technical assistance to government agencies.
This assistance takes the form of service-related labor for service planning, solution
engineering, service provisioning, end-to-end service management, and service
assurance. The support provided enables our government agency customers to focus
more effectively on their mission operations through strategic outsourcing of specific
management functions. The Harris service-related labor augments the agencies’
capabilities and helps ensure the viability of their increasingly complex networks.
On EIS, Service-Related Labor will be critical to supporting key elements of
government agency objectives, including:
Transition of legacy contract telecommunications services onto more cost-effective
EIS services, without operational disruption
Design and engineering, implementation, management, and maintenance services
providing the technical and operational capabilities that ensure the availability and
reliability of agencies’ increasingly complex networks
Evolution to a new IT shared-services paradigm that streamlines enterprise-wide
delivery of IT services, significantly reduces costly duplication across business units,
and facilitates use of more-efficient, innovative IT technology
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-183
Support for consolidation of Agency data centers to optimize existing data center
utilization by leveraging purpose-built commercial data center hosting services
Exploring strategies for utilizing state-of-the-art cloud computing technology and
migrating Government IT resources to the cloud
Achievement of these objectives will transform how Government Agencies plan,
purchase, deploy, operate, and maintain their IT assets across the enterprise.
Agencies that require Service-Related Labor assistance will issue Task Orders (TO)
that include labor to support EIS services, including construction, alteration, and repair
labor required to complete a telecommunications solution if it is integral to and necessary
for the effort defined in the TO. The types of labor services to be delivered may vary
widely by TO; as a result, KPIs and SLAs will be specific to and defined in each TO.
Harris will assess each such TO and, based on the requirements and Services
involved, determine the optimal Service-Related Labor expertise necessary to address
the TO scope. The assessment will include a determination of the optimal combination of
Harris and teammate labor services as necessary for Service-specific expertise, including
Small Business teammates to the extent practicable to support Small Business goals. As
part of our TO response, measurement methods, SLA credit formulations, and tracking
methodology will be defined in response to the TO requirements.
2.2.11 Cable and Wiring (C.2.12)
In order to be a full service vendor to the Government, Harris offers the optional Cable
and Wiring services listed below.
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-184
Our installation practices
have been refined and proven over many years of installation work for FAA and other
mission critical agencies with the most demanding requirements for quality, adherence to
specifications and protection of collocated equipment and services.
2.2.11.1 Installation Services
Harris will provide installation services for equipment necessary to provide
telecommunications services and related supporting IT services. Our installation
practices will conform to all local agency standards and best commercial practice.
2.2.11.2 Required Connectivity
Harris will provide required connectivity using appropriate cabling and wiring, and
related trenching, ducting, grounding, and lightning protection systems in accordance with
the TO and appropriate standards.
2.2.11.3 Site Preparation
Site preparation work done by Harris under this contract will conform to applicable
federal, regional and local codes and will conform to accepted industry installation and
construction practices. Our understanding is that all planned work and code compliance
will be subject to OCO review and approval prior to the start of work.
Tools and Test Equipment Harris will provide the tools and test equipment to
perform the site preparation as specified in the TO and will retain ownership of the
tools and test equipment unless otherwise specified in the TO.
Temporary Utilities Harris understands that the Government will furnish facilities
and utilities to Harris that already are installed at the site, including light, heat,
ventilation, and power. Harris will provide temporary utilities that are not available in
the work area and coordinate any disconnection of utilities.
Building Additions/Changes Harris will provide building additions and/or changes
as required, provided that they are integral to and necessary for the effort stated in the
TO. HVAC and electrical construction will be limited to new or upgraded installations
necessary to support telecommunications and IT equipment. Harris will expand or
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-185
modify power systems to provide appropriate environmental controls to support the
installation.
2.2.11.4 Wiring/Cabling Warranty
Harris will provide a warranty period of one (1) year for the premises wiring/cabling
after service acceptance.
3.0 SECTION 508 REQUIREMENTS
Harris is familiar with Section 508 requirements which make electronic and information
technologies accessible to people with disabilities.
3.1 Background
Section 508 was enacted to eliminate barriers to information technology, to make
available new opportunities for people with disabilities, and to encourage development of
technologies that will help achieve these goals.
3.2 Voluntary Product accessibility Template
Harris will post Voluntary Product Accessibility Templates (VPAT) for each service
offered to our EIS web site within 30 days after NTP that offerings
comply with Section 508 standards. The applicable services are; Data Services, Voice
Services, Managed Services, Services, Colocated Hosting Services and Cloud Services
and compliant to the Harris Business Support System (BSS).
3.3 Section 508 Applicability to Technical Requirements
Services that execute mission operations shall meet the relevant provisions of
Section 508, Subparts B, C, and D as identified in Section 3.4 or shall provide equivalent
facilitation. Harris validated that we fully comply with these provisions. Compliance of the
Harris BSS with these provisions is covered in Volume 2 Management, Section 1.5.3.1.3
Web Interface – Accessibility.
3.4 Section 508 Provisions Applicable to Technical Requirements
The relevant provisions of Subpart B, Technical Standards, paragraph 1194.21,
Software Applications and Operating Systems, apply to the appropriate services, to
include but not be limited to the following:
Data Service
Voice Service
Managed Service Data Center Service
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-186
The relevant provisions of Subpart B, Technical Standards, paragraph 1194.22, Web-
based Intranet and Internet Information and Applications, apply to the appropriate EIS
services, to include but not be limited to the following:
Data Service
Managed Service
Data Center Service
The relevant provisions of Subpart B, Technical Standards, paragraph 1194.23,
Telecommunications Products, apply to the appropriate EIS services, to include but not
be limited to the following:
Voice Service
Data Service
Managed Service Data Center Service
The relevant provisions of Subpart C, Functional Performance Criteria, paragraph
1194.31, apply to appropriate services provided under the EIS contract. For the relevant
services, one of the following two capabilities will be provided:
1. Support for assistive technologies used by disabled individuals.
2. At least one mode of operation and information retrieval that:
a) For blind users, does not require vision.
b) For vision impaired users, does not require visual acuity greater than 20/70.
c) For deaf users, does not require hearing.
d) For hearing impaired users, does not require enhanced auditory capability.
e) For users with no speech capability or with impaired speech, does not require user
speech.
f) For users without fine motor control or simultaneous action capability, does not
require fine motor control or simultaneous action and is operable without limited
reach and strength.
The relevant provisions of Subpart D, Information, Documentation, and Support,
paragraph 1194.41, shall apply to the appropriate services provided under the EIS
contract.
3.5 Section 508 Provisions Applicable to Reporting and Training
Compliance with the government’s information reporting requirements are addressed
by providing the required information via the Internet, email, or telephone. Services
Contract No.: EIS GS00Q17NSD3005Modification No.: To Be Determined
Effective Date: To Be Determined
Enterprise Infrastructure Solutions (EIS) Volume 1 – Network Architecture and Technical Response
Contractor Bid or Proposal Information – See FAR 3.104. Use or disclosure ofdata contained on this sheet or displayed on this screen is subject to therestriction on the title page or opening view screen of this Proposal documentor electronic file. This document or electronic file contains contractor tradesecrets and commercial or financial information obtained from a person in aprivileged or confidential position, and is exempt from disclosure under FOIA(5 USC 552). See FAR 24.202.
Submission No.: HA00105.01a
HRS_EIS_VOL 1_TechnicalResponse_FEB2019_Redacted_FOIA_Exemption_4.docx
1-187
providing the required information will meet the relevant provisions of Section 508,
Subparts B, C, and D or shall provide equivalent facilitation.
Training will be delivered via meeting and briefings, classroom, seminars, instructor-
led and non-instructor on-line web based self-study, and manuals or desk top guides. For
training delivered via meeting and briefings, classroom, and seminars, assistance such
as signers and Braille products will be provided to disabled trainees when requested in
advance by the Government. For training delivered via instructor-led and non-instructor
on-line web based, the same capabilities provided for Internet reporting will be provided
to disabled trainees.