Networking Solution for CCTNS
TAKE YOUR BUSINESS TO NEW HEIGHTS
Submitted By
Bharat Sanchar Nigam Ltd. Unit of GM (EB-NCR II), NTR, CTS Compound Netaji Nagar, New Delhi - 110023 3rd Sep, 2010
Networking Solution for CCTNS
Document Control Information Release Date
3rd September, 2010
Version Number
1.1
Reference Code Submitted By
Enterprise Business NCR2 Unit, BSNL, New Delhi
Submitted To
NCRB,R K Puram, New Delhi
Project Name
Networking Solution for CCTNS
ii
Networking Solution for CCTNS
Table of Contents TABLE OF ABBREVIATIONS................................................................. v 1.
Executive Summary ................................................................... 1
2.
Background of the Project ........................................................... 3
3.
Introduction of BSNL .................................................................. 5
4.
CCTNS Requirement and BSNL Understanding ................................... 10
4.1 CCTNS networking requirement .................................................. 10 4.2 BSNL Understanding of CCTNS .................................................... 11 4.3 Scope of Work ....................................................................... 12 5.
Networking Solution for CCTNS .................................................... 13
5. 1 Options worked out ................................................................ 13 5.2 Design Considerations for CCTNS ................................................. 15 5.3 MPLS WAN technology .............................................................. 17 5.4 Network Security consideration in MPLS ........................................ 22 5.5 Network Solution Brief ............................................................. 24 5.6 Detailed Network Solution......................................................... 26 5.7 Approach for utilization of SWAN as backup of primary link ................. 31 6.
Site Readiness and Infrastructure requirement ................................. 33
7.
Project Implementation............................................................. 35
7.1 Project Implementation Strategy .................................................. 35 7.2 Project Schedule .................................................................... 37 7.3 Draft Acceptance & Testing Procedure .......................................... 38 8.
Support required from NCRB and the States ..................................... 39
8.1 Support required from NCRB ...................................................... 39 8.2 Requirement from States/ UTs ................................................... 40 9.
Operation, Maintenance & Support Plan ......................................... 41
9.1
NOC support (for MPLS VPN links) .............................................. 41
9.2
Fault reporting (MPLS VPN & VPNoBB) ......................................... 44
9.3
Helpdesk Management (MPLS VPN & VPNoBB) ................................ 45
9.4
Escalation Matrix .................................................................. 46
9.5
Flow Chart of Standard Help Desk .............................................. 47
10.
Service Level Monitoring Mechanism ........................................... 48
iii
Networking Solution for CCTNS 10.1
Service Level Monitoring and NMS details .................................. 48
10.2
NMS at NCRB ..................................................................... 52
11.
Responsibility Matrix .............................................................. 53
12.
Assumptions and Exclusions ...................................................... 55
12.2 Exclusions ........................................................................... 57 13.
Risk Management in CCTNS Project ............................................ 58
14.
Service enhancement and continuous improvement strategy .............. 59
15.
Commercials........................................................................ 60
15.2
Commercial conditions ......................................................... 62
15.3
Rates for enhancement of bandwidth ....................................... 63
15.4
Justification for the commercials ............................................ 64
15.5
Breakup for SDC/NDC Location wise Bandwidth Charges ................. 67
iv
Networking Solution for CCTNS
TABLE OF ABBREVIATIONS 3G BW CO CPE EVDO HO ISDN MPLS VPN NDC NMS POP SDC SI SO SWAN VPN VPNoBB VSAT WAN WiMAX
Third Generation Mobile Service Band Width Concerned Office Customer Premise Equipment Evolution for Data Optimised (it is advanced form of CDMA services which allows higher data speed) Higher Offices Integrated Service Digital Network Multi Protocol Label Switching Virtual private Network National Data Centre Network Management System Point of Presence State Data Centre System Integrator Smaller office State Wide Area Network Virtual Private Network Virtual Private Network over Broadband Very Small Aperture Terminal (It is a Satellite system with a small dish antenna of approx 1.2 m diameter) Wide Area Network Worldwide Interoperability for Microwave Access
v
Networking Solution for CCTNS
1. Executive Summary Ministry of Home Affairs (MHA) has conceptualized CCTNS (Crime & Criminal Tracking Network & System) as a Mission Mode Project towards enhancing outcomes in areas of Crime Investigation, Criminals detection; and enhancing effectiveness and efficiency of policing through creation of a nationwide, networked infrastructure for evolution of IT-enabled state-of-the-art system. National Crime Records Bureau (NCRB) is the central nodal agency that would manage the implementation of CCTNS under the overall supervision and guidance of MHA. MHA plans to implement CCTNS project (Crime and Criminal Tracking Network and System) which requires a highly secured and reliable wide area network (WAN). BSNL has worked out the details and submitted a proposal for providing WAN based on MPLS VPN and VPNoBB. This detailed proposed has been finally prepared after a series of discussion with MHA, NCRB and other agencies/ consultant on behalf of customer.
The details of the various stages of
deliberations are given in background section. The proposal starts with an introduction of the services of BSNL and explains the MPLS network of BSNL. As per this project proposal, MPLS VPN will be provided at 2,000 higher offices, 35 SDC and 1 NDC. These locations will be provided backup of WiMAX, EVDO, 3G, VPNoBB, ISDN depending on availability at the sites. An uptime commitment of 99% has been offered for these sites. In smaller offices and Police stations (18,392), the connectivity of VPNoBB will be provided as per this proposal. In case of non feasible sites, the connectivity will be provided by WiMAX/ EVDO/ 3G or by way of VSAT as last option. The explanation of the three options worked out are given in brief but the Options-2, which has been decided for the CCTNS project implementation, has been explained in detail. The details of the network connectivity are given in networking solution section. There is an option of upgrading VPNoBB links to MPLS VPN link as and when required by customer. The proposal also explains the mechanism for utilization of SWAN as backup to the links being provided by BSNL under this proposal in order to improve the overall reliability of the CCTNS network. [BSNL Confidential]
1
Networking Solution for CCTNS
Site readiness and Infrastructure requirement are important and have to be taken care of by NCRB. The project implementation plan explains about the project teams for service delivery at Circle level and National level from BSNL side.
Similarly there will be requirement of State level and National level
coordinators from NCRB/ MHA side, who should activity participate in various activities during project implementation and thereafter. The operations and maintenance section explains about the MPLS NOC support procedure, the fault booking/ reporting, helpdesk management, escalation matrix etc. Service level commitment has been offered even for VPNoBB sites as a special case. The proposal explains the SLA monitoring mechanism and about the NMS being offered under this proposal. The proposal has a section on responsibility matrix which explains the distribution of responsibilities among the various stakeholders for the proper implementation of the project. A number of assumptions have been made while preparing the proposal and are explained in the section titled ―Assumptions and Exclusions‖. The risks which could affect the CCTNS project have been discussed along with risk-mitigation. After the CCTNS project is implemented, there can be additional requirement which can be handled by BSNL and details are also given in the proposal. Although the proposal is brief, it covers the various issues required for the proper implementation and maintenance of the CCTNS.
[BSNL Confidential]
2
Networking Solution for CCTNS
2. Background of the Project Ministry of Home Affairs (MHA) has conceptualized CCTNS (Crime & Criminal Tracking Network & System) as a Mission Mode Project towards enhancing outcomes in areas of Crime Investigation, Criminals detection; and enhancing effectiveness and efficiency of policing through creation of a nationwide, networked infrastructure for evolution of IT-enabled state-of-the-art system. National Crime Records Bureau (NCRB) is the central nodal agency that would manage the implementation of CCTNS under the overall supervision and guidance of MHA. As part of CCTNS implementation, NCRB would provide all States and Union Territories with the CCTNS Core Application Software (CAS) that could be configured, customized, enhanced and deployed by the States and Union Territories (UTs). A robust wide area networking (WAN) platform is required to connect around 20,000 sites across India for integrated rollout of CCTNS. BSNL had been interacting with MHA, NCRB and NISG for working out the solution for WAN connectivity of CCTNS sites. After the initial discussions with MHA, NCRB and NISG, BSNL had proposed MPLS VPN based WAN (Wide Area Network) for the CCTNS project. There were certain concerns about the cost of MPLS VPN based WAN and about the non-utilization of SWAN. Accordingly, BSNL had discussed the alternatives with the concerned persons and also conducted field visits to Chandigarh and Bangalore to study the working and status of SWAN and police network on SWAN. Based on the discussions with MHA, NCRB & NISG, BSNL had worked out the proposal with three options and had requested NCRB/ MHA to decide which option is suitable for them so that further details can be worked out by BSNL. These three options are as under:a) Option-1: MPLS VPN for all sites. b) Option-2: MPLS VPN for higher offices (2,000) and VPNoBB for smaller offices & police stations.
[BSNL Confidential]
3
Networking Solution for CCTNS c) Option-3: MPLS VPN for only NCRB/ SCRB and SWAN connectivity for all other officer A meeting was called by MHA on 13-5-2010 under the chairmanship of Home Secretary which was attended by officers from MHA, NCRB, BSNL and others on behalf of MHA/ NCRB (e.g. CRIS, PWC, NISG, SBI etc.). A presentation was given by BSNL during the meeting about the three options and detailed discussions were held about the features and the advantages/ disadvantages of the various options. After the discussions inputs were takenby the Home Secretary from the various persons present during the meeting and it was decided that Option-2 should initially be adopted for implementation of CCTNS and then gradually upgraded to Option-1. The minutes of the meeting contain the details of the deliberations during the meeting. A follow-up meeting was conducted on 16-8-2010 & 23-8-2010 in NCRB and it was insisted that BSNL should provide SLA on sites with VPNoBB connectivity also. It was also desired that NCRB should have a view about the health of the complete network and they should be in a position to get details about any location for which a NMS will have to be provided to NCRB. As intimated earlier, the VPNoBB is a low cost service in which premium features of service e.g. monitoring, fault booking/ rectification & report generation is not available on centralised basis. Hence, for giving SLA on VPNoBB BSNL has to provide separate NMS to NCRB and to ask the sites to book complaints locally in the district/ state on a designated system through web-portal so that SLA report generation is possible. Service Level Agreement (SLA) is possible on VPNoBB as a very special case with limited parameter (only Uptime) monitoring. It was also insisted upon to provide backups either through SWAN or any other mechanism. In order to take care of the additional requirement, the commercials have got revised and have increased marginally.
[BSNL Confidential]
4
Networking Solution for CCTNS
3. Introduction of BSNL BSNL came into operations on October 1, 2000 by carving out the service providing functions from the erstwhile Department of Telecom, Government of India. The formation of Bharat Sanchar Nigam Limited (BSNL) on 1st October 2000 was one of the landmark events in the history of Telecommunications in India. Today, BSNL is the largest Public Sector Undertaking of the nation. It has the responsibilities to improve already impeccable quality of telecom services, expansion of telecom network, taking telecom services in all the villages and instilling confidence amongst its customers. Our mission is to provide world class State-of-art technology telecom services to its customers on demand at competitive prices and to Provide world class telecom infrastructure in its area of operation and to contribute to the growth of the country's
economy.
Changing
regulations,
converging
markets,
competing technologies and ever-demanding customer needs have generated enormous additional opportunities for BSNL and so are the challenges. There is a gradual shift in demand from telephone centric to data centric environment, which has defined a new paradigm in telecom business. The company with a sound financial base is ready to face the impact of the upcoming competition. BSNL has received an overwhelming response to its simultaneous launch of GSM cellular mobile Telephone services (CMTS) across the country. The introduction of DSL technology in the access network is another solution to meet the demand for high bandwidth considerably. Other technological innovations in the form of Managed Leased Line Networks (MLLN), LMDS, DLCs & RLC in the access network are in different phases of implementation. Commissioning of DWDM in the main routes through "Sanchar Sagar Project" has laid the foundation for the formation of National Information Super Highway. Introduction of MPLS based VPN services is yet another milestone. BSNL is being oldest and largest networking service provider in India has enough experience and capability to fulfil WAN requirement of CCTNS project.
[BSNL Confidential]
5
Networking Solution for CCTNS
5.5 lakhs Km of fibre within India,
Approx. 300 POPs across India
5 Regional Data Centre at Pune, Noida, Kolkata, Chennai, and Bangalore
Ability to extend MPLS cloud to 2,700+ locations
28,000 MPLS VPN links with around 500 customers
More than 70% market share in broadband services
Presently we are implementing two very prestigious national importance projects namely National Mission of Education (NME) project involving connectivity of around 10,000 Universities & Colleges and Employee State Insurance of India (ESIC) with 2200 sites.
We are an experienced, responsible, and professional provider of National Long Distance (NLD) service, Basic telephone services, Class ‗A‘ ISP & Mobile telephony service and other Telecom services, systems integration services and specialize in designing and delivering the solution as per individual Enterprise Business and government organisation. As a corporate, we understand government operations, principles, and practices and we take great pride in working for MHA. The company is committed to provide a combination of products and professional services with a wide choice of end-to-end solutions and self care to meet the aspiration of the customers and to give them the satisfaction. BSNL has footprint all over India on National telecom Network. BSNL has presence all over India and provides Telecom services even in remote places from Kashmir to Kanyakumari and from Kutch to North-East. Most of BSNL Telecom services are available throughout India covering full length and breadth.
[BSNL Confidential]
6
Networking Solution for CCTNS BSNL‘s Network: BSNL has a strong country wide network of transmission systems connecting the various telephone exchanges through a defined policy of networking the various levels of telephone exchanges and TAXs. BSNL (and erstwhile DOT) has setup a number of Public Data communication Networks starting from 1990 which are RABMN, HVNET, Inet, National Internet Backbone and core MPLS network. The brief description of the National Internet Backbone and core MPLS network are as follows: National Internet Backbone The National Internet Backbone of BSNL consists of 432 Point of Presence (POP) that gives it the capability of transporting IP traffic from every nook and corner of the country. BSNL commissioned a stateof-the-art Multi Protocol Label Switching (MPLS) NETWORK TAKING India into the next stage of the IP evolution. This network has more than 100 physical nodes and 200 virtual nodes. This network has opened up a new market segment of secure and reliable Virtual Private Networks (VPNs) for Corporate customers. The latest endeavor of BSNL is a world-class multi-gigabit multi-protocol, convergent IP infrastructure which will provide voice, data and video services through the same backbone. In terms of infrastructure for broadband services, this would put India at par with more advanced nations. Designated as NIB-II this will be implemented in the form of four projects.
Project 1 involves building up of MPLS backbone
Project 2.1 is for narrow band access
Project 2.2 is for broadband access
Project 3 (OSS/BSS) is to put systems and processes in place to integrate network built in the other projects and provide services like messaging, billing etc.
The services that are available to customers from NIB-II is in place: [BSNL Confidential]
7
Networking Solution for CCTNS
Narrowband and broadband Internet access.
Virtual Private Network.
Managed OPE
Value Added Services like firewall and NAT
Messaging: Plain Vanilla and feature rich
Data Centre Services: web hosting and web-collocation.
Content based Services: e.g. video multicast, video on demand, interactive gaming. BSNL is using routers like Cisco 12416, 12410 & 7613 and Juniper M40 & M20 in its MPLS backbone. The core of the network is having STM-16 backbone. A diagram of BSNL‘s core network is shown below:
A1 Nodes - 5 A2+A3 Nodes - 9 AmbalaFaridabad Gurgaon Noida Ghaziabad A4 Nodes - 10 AjmerJodhpur Varanasi Ludhiana B1 + B2 Nodes - 47 Kanpur Ferozpur Dehradun Allahabad Shimla Meerut Bhopal Chandigarh Agra Gwalior Amritsar Dimapur Lucknow Guwahat Shilong Patna i Jullundar Jabalpur Jaipur Mehsana Siliguri Ranchi Noida Ahmedabad Si
Si
Si
Si
Kalyan Rajkot
Indore Mumbai
Kolkata
Si
Bhubneshwa r
Si
Nagpu r
Surat Vadodara
Pune
Banglore
Manglore
Aurangabad
Si
Vijaywad a
Panjim
Si
Chennai
Madura i Raipu Trich r y Pondicherr y Palghat Trivandru Trichur m Kalikat
Hyderabad
Si
Kolhapur Nashik Vizag Rajmundar y Tirupati Belgaum
Jamshedpu r
Coimbtor e
Ernakulam
Si
Durgapu r
Hubli Mysor e
BSNL NIB-II A1,A2,A3,A4,B1& B2 ROUTER CONNECTIVITY DIAGRAM
[BSNL Confidential]
8
Networking Solution for CCTNS Characteristics of the Core Backbone:
Based on a Full mesh/ Partial Mesh
Involves 24 Core Routers connected using STM-1 or STM-16 links.
Adequate Alternate paths to ensure alternate routing in the event of failures
Load sharing can be easily achieved, as a number of equal cost paths exist.
The inner core of BSNL network is fully meshed over STM-16 links, while the outer core is dual homed to the inner core over STM links.
[BSNL Confidential]
9
Networking Solution for CCTNS
4. CCTNS Requirement and BSNL Understanding
4.1 CCTNS networking requirement The vision of CCTNS is ―To provide Nationwide networked ICT infrastructure for creating a state-of-the-art tracking system in real time that enables sharing of crime and criminals related information among all stakeholders at State/ Central level and streamline the investigation & prosecution processes while improving delivery of citizen services The scope of CCTNS includes the deployment of CCTNS application to the following location:
All 35 States and Union Territories
14,392 Police Stations
6000 higher offices, smaller offices including Circles, SubDivisions, Districts, Ranges, Zones, Commissionerats, State Headquarters
National Crime Records Bureau (NCRB)
35 State Crime Records Bureaus (SCRBx)
Critical external interfaces with: •
Citizens
•
Government
and
intelligence
agencies,
non-government passports,
entities road
such
as
transport
authorities, cell phone providers, etc.
[BSNL Confidential]
10
Networking Solution for CCTNS
4.2 BSNL Understanding of CCTNS As per our understanding of CCTNS as a network/bandwidth service provider, there is a requirement of a networking platform for deployment CCTNS application in uniform and integrated manner across around 20,000 police stations and offices having following features:
Highly Secure Network
Reliable Network
Managed Network
Scalable
Upgradable
Robust yet simple
As a network/bandwidth service provider BSNL have enough capabilities in terms of national coverage, networking Infrastructure, work experience and skilled manpower to serve the WAN requirement of CCTNS.
[BSNL Confidential]
11
Networking Solution for CCTNS
4.3 Scope of Work The scope of work broadly comprises of providing wide area network for CCTNS on turnkey basis which includes hardware supply and delivery at site, installation, network configuration, commissioning, testing,
acceptance,
maintenance and warranty. The details of scope of work are as under: i. Provisioning of Link for WAN connectivity at all locations on MPLS/Broadband VPN media. ii. Provisioning
of
Hardware/Modem
to
provide
WAN
connectivity at all locations iii. To provide link on Wireless media (i.e. EVDO/3G/WiMax or VSAT media) in case the main link is not feasible on MPLS/Broadband media. iv. To provide backup links for sites on MPLS VPN connectivity on Wireless media EVDO/ 3G/ WiMax or VPNoBB/ ISDN. v. To monitor links and maintain the network including hardware supplied for minimum period of 3 years. vi. BSNL will provide all equipment including accessories, cables etc up to the Router/ ADSL Modem to set-up the network.
[BSNL Confidential]
12
Networking Solution for CCTNS
5. Networking Solution for CCTNS 5. 1 Options worked out Understanding the criticality of the applications that are planned to be used on this network, all necessary measures have been taken to ensure that the technical solution is designed and built for CCTNS as per their requirements. BSNL has attempted to be clear and concise in addressing the requirements of the CCTNS project, avoiding extraneous material yet providing sufficient information. Based on the inputs received and the discussions with MHA, NCRB and NISG following options had been worked out. Option-1: MPLS VPN for all the sites of CCTNS
NDC, 35 SDC & 6000 offices and 14392 police stations, all has been taken on MPLS VPN
VSAT for non feasible sites
Routers at 35 SDC, 6000 office & 14392 police stations
Router, Switch, NMS at NDC
AMC of the supplied hardware
Service level assurance of 99% uptime for all links
Monitoring of all links
Option-2: Mix of MPLS VPN and VPNoBB
NDC, SDC & 2000 higher offices where the higher bandwidth is required has been taken on MPLS VPN
4000 Smaller offices and 14392 police stations where smaller bandwidth is required has been taken on VPNoBB
VSAT for non feasible Locations
Routers at SDC & 2000 higher office
Router, Switch, NMS at NDC
ADSL modem for VPNoBB sites
AMC of the supplied hardware
[BSNL Confidential]
13
Networking Solution for CCTNS
Service level assurance of 99% uptime only on MPLS links Monitoring of all the link
Option-3: NDC, SDC on MPLS VPN and rest of all connect through SWAN
MPLS VPN connectivity for 35 SDC and 1 NDC.
Point to point lease lines for the connectivity of police stations with the respective POP of SWAN at block HQ/District HQ.
Hardware (Router/Modems) required for bandwidth provisioning has to be procured separately by the respective States
Out of the three above mentioned options, BSNL had recommended for option-1 in its proposal as best solution in terms of overall manageability of the network and keeping in mind the future applications based on Voice and Video, which may be used over this network. Subsequently, BSNL had given presentation to Home Secretary mentioning all the three options. BSNL also presented the case study comparing the network readiness and features of Karnataka SWAN and connectivity infrastructure of Karnataka Police. Karnataka police have implemented their network as mix of MPLS VPN and VPNoBB. Same topology is mentioned in option-2 of BSNL‘s proposal. Although option-2 has inherent limitations in terms of SLA commitment, centralised monitoring & support etc. but due to the budget constraint it had been decided that initially option-2 should be adopted for implementation of CCTNS. Then CCTNS can be gradually upgraded to option1. Backups should be provided either through SWAN or any other mechanism. Due to the limitations of option-2 motioned above, this will not be suitable for following: i. Voice Over IP, ii. Video Conferencing iii. Finger print search iv. Applications such as Surveillance cameras v. Instant, Real-time Messaging [BSNL Confidential]
14
Networking Solution for CCTNS
5.2 Design Considerations for CCTNS For designing the solution, following points are taken into consideration:
Feasibility Available Technology for WAN Solution The technology which is considered in the approach methodology is BSNL MPLS VPN, VPN over Broadband and the same is available at most of the locations of CCTNS. Remaining sites are planned on other wireless connectivity or VSAT connectivity.
Scalability and Expandability The solution proposed is scalable from the perspective of bandwidth and connectivity. The routers provided have sufficient number of slots available to take care of the near future network requirements.
Security and Solution Management The complete WAN solution is based on MPLS-VPN/VPNoBB to enhance the security. The proposed solution takes care of the various aspects of the design parameters desired for the total solution to be deployed. The key features of CCTNS network are:
State-of art network
Security
Redundancy
Flexibility
Scalability
Video Conferencing (MPLS VPN site only with >384 Kbps of
bandwidth) The connectivity pattern will be such that all locations will directly connect to BSNL MPLS VPN/Broadband cloud. Since all POPs will be connected to MPLS/broadband cloud, in case any MPLS link goes down, then there will be no effect on connectivity, operations or security at any other POP.
[BSNL Confidential]
15
Networking Solution for CCTNS BSNL is offering managed Secured network services for, providing a truly onestop and a complete experience that significantly reduces risks and complexities involved in implementing and maintaining a robust IP network. It brings together all of a business' communications needs in an integrated offering. Comprehensive Service Package: The "One-Stop" promise delivered by BSNL Managed Network Services is beyond technical integration of the best-in-breed network and hardware setup. It offers truly executable technical and business propositions for your business today:
Scalable according to changing business needs
Helpdesk number for call for troubleshooting and fault resolution.
Integrated customer report (Web Based) giving you a complete view of your network
[BSNL Confidential]
16
Networking Solution for CCTNS
5.3 MPLS WAN technology MPLS as the emerging WAN technology brings in the following advantages: •
MPLS VPN for Traffic separation requirement to address the security concerns. IPSEC may be used on top of MPLS VPN for additional security through encryption.
•
Overlapping IP Addressing for Departments
•
Easy
and
flexible
provisioning,
better
scalable
&
manageable
architecture •
Traffic Engineering for – Better Utilization of Redundant Paths Bandwidth Guaranteed service for critical applications Fast Re-route for fast convergence
MPLS VPNs simplify the Central Site Design by avoiding the traditional Hub-andSpoke and bringing in any site to any site full mesh connectivity. MPLS VPN services Traditional IP networks have no means of labeling, categorizing or monitoring the packets that traverse them. MPLS technology works to solve the IP shortcomings placing labels on IP packets and providing that labelling function. And because MPLS is an overlay protocol it can operate over top of the IP protocol in the same network without interference. MPLS is not designed to replace IP. It is rather designed to add a set of rules to IP so that traffic can be classified, marked and policed. MPLS-equipped networks use MPLS-aware devices known as label edge routers (LERs), positioned at the network‘s edges.
These devices are designed to
inspect IP packets entering the network and add MPLS headers, as well as [BSNL Confidential]
17
Networking Solution for CCTNS removing the headers from packets leaving the MPLS network.
Inside the
boundaries of the MPLS network, devices known as Label Switch Routers (LSRs) look for an MPLS label on each packet that passes through them, looking up and following the instructions contained in those labels, routing them based on a list of instructions. MPLS allows administrators to define routes known as label switched paths (LSPs) from one LER to another, through a series of LSRS, across the MPLS network. These LSPs are pre-assigned and pre-engineered paths that packets with a certain label should follow. One of the most obvious advantages of MPLS is that it provides network administrators with a number of tools for traffic engineering. An MPLS network can offer the same sort of quality of service guarantees that data transport services like Frame Relay or ATM can, without requiring the use of any dedicated lines. An administrator, for example, can define a LSP that ensures VoIP traffic will be routed through the most reliable, highest performing sections of the network while less critical traffic, such as email, is sent across the slower sections. MPLS allows customer committed bandwidth which is difficult on other IP networks such as 25%, 50% and 99% committed Bandwidth depending on their applications.
They can also choose from flexible Bandwidth option ranging
from 64Kbps onwards. MPLS benefits
MPLS has the following benefits: -
ď ą
Traffic engineering: - Provides the ability to set the path that the traffic will take through the network, and the ability to set performance characteristics for different qualitative Classes of Service (CoS) and Quality of Service (QoS). MPLS is a key development in Internet technologies that
[BSNL Confidential]
18
Networking Solution for CCTNS will assist in adding a number of essential capabilities to today‘s best effort IP networks.
ď ą
Providing IP based Virtual Private Networks (VPNs): - Using MPLS service providers can create IP tunnels throughout their network, without the need for encryption or end-user applications.
Elimination of Multiple layers Typically most carrier networks employ an overlay model where ATM/ FR/ Ethernet is used at Layer 2 and IP is used at Layer 3. Using MPLS, carriers can migrate many of the functions of the ATM control plane to Layer 3, thereby simplifying network management and network complexity.
Network Architecture: -
The infra structure for the VPN Service shall be deployed in the following manner with a clear segregation of the devices in the following layers: I.
Customer Edge (CE) Router is the Router, which connects to the customer network and is the point of connection to the service provider.
II.
Provider edge (PE) Router is the Aggregation Router at BSNL/MTNL premises. It aggregates the connections from the customer Edge Routers identifies them, labels them to the appropriate VPN and further connects to the VPN provider Core.
III.
Provider (P) Router: Router in the Service Provider premise connecting to the Provider Edge device.
IV.
VPN Management System: VPN Management System is used for provisioning of VPN services across the network.
V.
Network Management System: The network management system is used for managing the network.
BSNL has commercially launched MPLS based VPN services for the first time in India. This historical moment fulfill long-standing desire of our corporate
[BSNL Confidential]
19
Networking Solution for CCTNS customers of having fast, absolutely secure and hassle-free networking on advance MPLS platform.
MPLS based VPNs reduce Customer networking complexity costs and reduce the requirement of in-house technical work force. The MPLS technology provides a diversified range of services like committed Bandwidth, Video Conferencing, Voice over IP (VoIP), Video streaming and a host of other value added services that could revolutionize the way a corporate business works. The advantages of the BSNL - Virtual Private Network are manifold which includes:
Wide Coverage and Reachability.
Highly economical, no maintenance cost.
Highly Secured Connectivity.
Easy Scalability.
High capacity transmission.
MPLS enabled Backbone
Cutting edge technology
Provides range of value Added Services like Committed Bandwidth, Video Conferencing, Voice over IP (VoIP) etc.
MPLS VPN Infrastructure The IP VPN Service is implemented over a high capacity (2.5 Gbps) Multiple layer robust MPLS network that has inherent redundancies in routing capabilities. The MPLS VPN allows complete control over critical parameters like Bandwidth, Throughputs, Latencies and Availabilities. The BSNL National Internet Backbone – Phase II network is primarily designed to be a high speed IP/MPLS network. The network is intended to be used for convergent services, integrating data, voice and video. It will provide services [BSNL Confidential]
20
Networking Solution for CCTNS like Internet bandwidth for ISPs, Corporate, Institutions, Government bodies and retail users. The BSNL network is designed to be capable of meeting a wide range of customer requirements, including security, Quality of Service (QoS), and any-toany connectivity. It is designed to be able to offer fully managed services to customers and allow BSNL to introduce additional services such as bandwidth on demand, etc. over the same network. The backbone infrastructure consists of an MPLS core with Internet services and VPN services edge networks. Cisco 12000 series and Juniper M40e Series routers are used to build the core network with the edge network consisting of Cisco 7600 series routers and M40e/M20 Routers of M/s Juniper. The network is designed to offer the following services: i. L3 MPLS VPN services 1. Intranet -Managed & Unmanaged 2. Extranet – Managed & Unmanaged 3. Internet Access services ii. Layer 2 MPLS VPN Services 1. Ethernet over MPLS 2. Frame relay over MPLS 3. PPP over MPLS 4. VPLS (Virtual Private LAN Service) 5. Layer 2 Any-to-Any Interworking (except ATM) iii. Encryption services iv. Firewall Services v. NAT Services vi. Multicast Services
[BSNL Confidential]
21
Networking Solution for CCTNS
5.4 Network Security consideration in MPLS BSNL‘s backbone infrastructure consists of an MPLS core and VPN services edge networks. Very High End Routers are being deployed to provide the Back Bone connectivity and the Customer connectivity. These core devices are connected with High Speed Transmission links of STM16, STM1 and through DWDM at critical locations.. The BSNL NIB2 network is primarily designed to be a Carrier Grade high speed IP/MPLS network. The backbone infrastructure consists of an MPLS core with Internet services and VPN services edge networks. Cisco 12416 GSR & Cisco 12410 GSR routers are used to build the core network with the edge network consisting of Cisco 7613 routers. The whole Network which comprises of the Networking Equipments and Servers are Governed by Standard Network Management, O&M, AMC Documentation and Practices with the best of breed software to take care of each and every operation of the Network and Services. The Security Management is in-built in the day to day routine process of Network and Resource Management. The Security Management comprises of the Access Control Mechanism, Password Management, Physical Access management with Users and Privileges.
The
Telnet Access control, SNMP Access control, Server and Application Access Control is also included in the Access Control Mechanism of the Policy Document. Over and above these we have subscribed to IOS Patching for CISCO Security Advisory. This enables us to get the patches from CISCO whenever there is any Security related vulnerability reported anywhere in the globe. Access Violation is being continuously monitored with the help of Device Log in CISCO EMS on a daily basis. We have separate Policies for Servers as well as Applications. Policy.
For the servers, we have the Password policy as well as SNMP
The SNMP Policy is being followed for Device Management.
SNMP
Community is being changed periodically. All the OSS is behind Firewall. The whole network elements have been deployed only after the thorough Validation of all the equipments as per standards and specifications by a Team of Experts from all these domains across the country. There is an Internal Audit team which monitors and conducts the audit on the Network and the policies [BSNL Confidential]
22
Networking Solution for CCTNS being deployed in the Network periodically. This Audit completely checks the Vulnerability Scan, Penetration Testing process & the Security Policy reviews and provides the report along with the points to the Top Management. Apart from this the Physical Security Audits and drills are conducted once in a quarter to ensure the physical security of the Building, Premises and the Network Locations. Based on these reports and results, the security policy, their frequency and its methodology is worked out to strengthen the Policies to cater for Event driven audits, to take care of the new vulnerabilities which are uncovered during system scans. For the customer VPNs, The Security is applied right from the configuration stages of the customer VPN. Each and every Customer is provided with specific and particular Route Distinguisher and Targets which form a part of the Policy. The Import and Export Policy of the specific customer is validated and put through before commissioning. Right from the NOC, the vulnerability scan is being performed on the customer network on a routine basis and the customer is taken in to confidence during the testing to understand their needs and environments.
The Principal of Extended Community ensures that there is
no security breach in the network of the customer. Over and above the Policies as per the standard specifications of the IETF/ IEEE is applied on the VPNs wherever necessary.
[BSNL Confidential]
23
Networking Solution for CCTNS
5.5 Network Solution Brief Looking at the criticality and confidentiality of the data that will flow on the network, BSNL had recommended state of art Multi Protocol Label Switching (MPLS) technology for the Wide Area Network (WAN) in the previous proposals. After detailed discussions with MHA, NCRB, NISG and the consultant and considering the budget the optimal solution for the CCTNS project is mix of MPLS VPN and VPNoBB. The same has been proposed as option-2 in BSNL‘s earlier proposal. The WAN services for CCTNS project will be provided utilising the MPLS backbone (Core) network of BSNL and Lease Lines/Broadband access network for connectivity of CCTNS site with BSNL POP. The Solution has been devised considering the optimal usage of the network for CCTNS with Data application only. In this option NDC, SDC & higher offices will be connected to MPLS cloud of BSNL directly via point to point leased lines i.e. MPLS VPN links. However the small offices & police stations where, less usage is expected will be connected via BSNL‘s broadband network i.e. VPNoBB. The suitable backup (EVDO/3G/WiMax, VPNoBB/ISDN) depending on the feasibility & bandwidth of the site will be provided for the locations connected over point to point lease line with MPLS cloud. The locations connected over the VPNoBB link may use SWAN as backup network as and when it get deployed. For integrating SWAN link with VPNoBB additional hardware (Router & Modem) will be required. The MPLS connectivity of NDC & SDCs links (>4 Mbps) has been proposed to be provided through OFC (in last mile) using SDH rings working on at least STM-1 (155Mbps), which has got the inherent capability of switching traffic to alternate path within 50 ms in case of optical fibre cable failure. BSNL deploys the various world standard technologies supplied by M/s Siemens, M/s Fibcom, M/s Marconi and M/s ICOMM etc. The OFC equipment e.g. ADMs (Add/Drop Multiplexer) which are proposed to be placed at customer premises can produce E1, STM and Ethernet outputs. These ADMs will be equipped with STM and Fast Ethernet ports and the CPE device (i.e. Router) at NDC/SDC will be directly connected to the Fast Ethernet/ STM port on the ADM. It is possible to configure multiple numbers of E1s from in the STM bandwidth and to the Ethernet port of ADM to provide the desired data rate to the customer [BSNL Confidential]
24
Networking Solution for CCTNS equipment. At the remaining sites last mile of the MPLS connectivity will be provided on either Managed Leased Line Network (MLLN) or using conventional Lease lines. CCTNS site which may not be technically feasible on terrestrial media, BSNL will provide Ku-band VSAT. NCRB will be required to provide suitable space for installing the OFC equipment along with UPS power supply for proper working of the WAN.
[BSNL Confidential]
25
Networking Solution for CCTNS
5.6 Detailed Network Solution The complete WAN diagram as per the CCTNS WAN requirement representing the overall network and the details of the connectivity at the NDC, SDCs, Offices and Police stations and for the other locations is given below:(A) Complete WAN Connectivity Details
Proposed solution by BSNL for CCTNS using MPLS VPN & VPNoBB The bandwidth of links for will be as per the table given below: S. No.
1. 2. 3. 4. 5. 6.
Site
Higher Offices Smaller Offices Police Stations NDC & SDC sites SDC, Andaman & Nicobar SDC, Andhra Pradesh SDC, Arunachal
[BSNL Confidential]
Qty
Type of Connectivity
2,000 4,000 14,392
MPLS VPN VPNoBB VPNoBB
1
MPLS VPN
1 1
MPLS VPN MPLS VPN
Bandwidth
512 Kbps 256 Kbps 256 Kbps
1 Mbps 100 Mbps 4 Mbps 26
Networking Solution for CCTNS
7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39.
Pradesh SDC, Bihar SDC, Assam SDC, Chandigarh SDC, Chhattisgarh SDC, Dadra & Nagar Haveli SDC, Daman & Diu SDC, Delhi SDC, Goa SDC, Gujarat SDC, Haryana SDC, Himachal Pradesh SDC, Jammu & Kashmir SDC, Jharkhand SDC, Karnataka SDC, Kerala SDC, Lakshwadeep SDC, Madhya Pradesh SDC, Maharashtra SDC, Manipur SDC, Meghalaya SDC, Mizoram SDC, Nagaland SDC, Orissa SDC, Pondicherry SDC, Punjab SDC, Rajasthan SDC, Sikkim SDC, Tamil Nadu SDC, Tripura SDC, Uttar Pradesh SDC, Uttarakhand SDC, West Bengal NDC, New Delhi
1 1 1 1 1
MPLS MPLS MPLS MPLS MPLS
VPN VPN VPN VPN VPN
1 1 1 1 1 1
MPLS MPLS MPLS MPLS MPLS MPLS
VPN VPN VPN VPN VPN VPN
45 Mbps 10 Mbps 512 Kbps 16 Mbps 256 Kbps 256 Kbps 10 Mbps 1 Mbps 16 Mbps 10 Mbps 4 Mbps
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 20,428
MPLS VPN MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS
VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN VPN
8 Mbps 16 Mbps 45 Mbps 16 Mbps 512 Kbps 45 Mbps 45 Mbps 4 Mbps 2 Mbps 2 Mbps 2 Mbps 16 Mbps 2 Mbps 16 Mbps 34 Mbps 1 Mbps 100 Mbps 2 Mbps 45 Mbps 4 Mbps 16 Mbps 155 Mbps
SDC= State Data Centre NDC= National Data Centre All the NDC/SDC & higher offices are connected to the MPLS network using Routers that will be installed at the CCTNS sites. For NDC & SDCs locations with bandwidth greater than 4 Mbps, optical fibre will be laid from the nearest
[BSNL Confidential]
27
Networking Solution for CCTNS exchange to the CCTNS site in the self-healing ring fashion. Bandwidth can be upgraded depending on the requirement of CCTNS. The Higher offices will be connected to the MPLS network through copper lines. Copper wire will be drawn from the nearest telephone exchange to the CCTNS site. A backup link will be provided to all higher offices on the different access media like 3G/BB/EVDO/WiMAX/CDMA. The smaller offices and police stations will be connected to the MPLS could of BSNL using broadband access network of BSNL. ADSL models will be installed at CCTNS sites and this will get connected to the nearest exchange over copper media. (B) Connectivity at National/State Data Centre (DC):
M P L S
STM-1 WAN Access Router ADM
Data Centre LAN Ethernet
ADM
Server s
OFC Ring Ethernet
BSNL Premises
STM -1/Fast Ethernet Connectivity
CCTNS site Premises
Connectivity diagram at NDC/SDC (at Noida) The WAN access routers planned for NDC/SDC will have inbuilt redundancies and are suitable for working in Data Centre environment. The ADM will be installed at both CCTNS and BSNL premises for providing optical connectivity to these locations. The ADM will be connected to each other through optical fibre in ring fashion for providing self-healing. The CCTNS premises router will be connected to the ADM using STM/Fast Ethernet ports. The ADM at BSNL premises is connected to the MPLS PE router. The above connectivity will be applicable for SDC where the MPLS bandwidth is equal to/ more than 4Mbps. [BSNL Confidential]
28
Networking Solution for CCTNS At other SDC (where MPLS bandwidth is less than 4Mbps), the connectivity diagram will be similar to that of Higher offices.
(C) Connectivity at Higher offices:
Connectivity diagram at higher offices The higher offices will be connected to the MPLS network through router and MLLN/ conventional modem. The MPLS connectivity of 512 kbps has been proposed and the connectivity will be on fibre from MPLS POP to the nearest Exchange and further on the copper line from Exchange to CCTNS site. The incoming line will terminate on Leased line modem (MLLN or Conventional nonMLLN) which will in turn be connected to the Serial port of the router. A backup link will be provided to all higher offices on the different access media like EVDO/3G/WiMAX/CDMA or VPNoBB/ ISDN. Suitable hardware (routers, ADSL, etc) required for commissioning of links with required number of ports will be provided alongwith the project. However, the ownership of such equipment will remain with BSNL.
[BSNL Confidential]
29
Networking Solution for CCTNS (D) Connectivity at Smaller offices and Police Stations:
The small offices and police stations will get connected to CCTNS WAN through MPLS Could and broadband access network. An ADSL modem will be installed at each site. This ADSL model will get connected to the DSLAM of nearest BSNL exchange on copper media. This DSALM is connected to the MPLS cloud through GE/FE/Dark fibre links.
[BSNL Confidential]
30
Networking Solution for CCTNS
5.7 Approach for utilization of SWAN as backup of primary link As decided during the meeting chaired by the Home Secretary on 13-05-2010, it was desired that each site should have a backup by way of SWAN or any other Network (e.g. POLENET).The technical solution being provided by BSNL under ‗Option-2‘ provides for MPLS VPN links in 2,000 higher offices, 35 SDCs and 1 NDC. At the other 4,000 smaller offices and 14,392 Police stations, BSNL is offering VPNoBB which is a cost effective solution to meet the CCTNS requirement. The methodology and the technical solution for utilising SWAN as backup link for CCTNS has been worked out so that NCRB gets the advantage of better reliability. The horizontal connectivity from Police stations/ smaller offices to SWAN POP will be provided by the States Department of IT. Since different States are at different stages of implementing SWAN for user Departments, it is felt that there may be delays in the implementation of SWAN as backup in some States. The technical issues and logistics required for implementation the SWAN backup links will have to be handled by the concerned States and not by BSNL. The routers being proposed at 2000 MPLS VPN locations have been provisioned with additional WAN port that may be used for terminating SWAN connectivity. However there will be requirement of additional Routers and Modems for the 18,000 VPNoBB sites. Apart from the hardware, there will be requirement of point to point lease at all the locations for connecting SWAN POP with CCTNS locations. The schematic connectivity diagram for utilisation of SWAN as backup is given below in this section.
[BSNL Confidential]
31
Networking Solution for CCTNS
24 x 7 NoC & Helpdesk
P2P link between SWAN POP & site
MPLS VPN/ VPNoBB links
SDC
SWAN
BSNL’s State of the Art VPN
P2P link between SWAN POP & site
SDC
SWAN
MPLS VPN/ VPNoBB links
Schematic connectivity diagram for utilization of SWAN as backup
[BSNL Confidential]
32
Networking Solution for CCTNS
6. Site Readiness and Infrastructure requirement i. Stable Power Supply: A Stable power Supply (of 230V AC) with UPS is required. Rating of UPS (at all the sites except NDC & SDC) should be preferably 0.5 KVA with suitable battery backup to be decided by NCRB depending on the power situation and the criticality of the site. The UPS capacity of NDC and SDC will be worked out separately. ii. Earthing: Proper grounding of electric supply should be available else it should be arranged for locally by making ―Earth pit‖. The voltage between ground and Neutral should be less than 2 Volt AC and voltage between Ground and Live should be approximately 230V AC. iii. Air conditioning: The equipment room of SDC & NDC must be Air Conditioned (Temp.20-25° C) and Relative humidity up to 70%. The equipment room of other sites should preferably be Air Conditioned (Temp.20-25° C) and Relative humidity up to 70%. Room offered should be dust free. iv. Illumination: Adequate lighting should be available in the equipment room. v. Space requirement: The following space is required for the installation of the equipment with adequate space for movement during testing & commissioning:
Adequate Space of inside the standard rack to be provided by the States/ UT for mounting of the Routers/ other equipment at the NDC & SDC. Alternately, space for placing new rack in the SDC/ NDC will be provided to BSNL. The details will have to be worked out after finalisation of the BOM.
Minimum 6U rack mounting Space on wall for installation of Router and Modem inside the rack to be provided by BSNL at MPLS VPN sites (except NDC/ SDC).
[BSNL Confidential]
33
Networking Solution for CCTNS 
Space in Rack/ Table to be provide
d by States/ UT for
installation/placing of ADSL modem at VPNoBB sites. 
Space for mounting VSAT antenna on Roof/Ground at suitable place with clear LOS (Line of Sight) with Satellite.
vi. Storage & security: The equipment supplied should be stored in a safe place away from rain & direct heat/sunlight. vii. LAN wiring: LAN wiring should be available at the field offices/ police stations with LAN switch located close to the place where the MLPS link/ VPNoBB link is to be terminated and router/ ADSL modem is to be installed. There should be at least one spare LAN port for connecting the Router/ ADSL. viii. VSAT Location: Customer is to arrange for rooftop rights and any civil work required. Regulated 1 KVA UPS with backup of sufficient period shall be arranged by customer. Provisioning of platform if required for LOS and Monkey cage for monkey menance area is also to be provided by the customer.
[BSNL Confidential]
34
Networking Solution for CCTNS
7. Project Implementation 7.1 Project Implementation Strategy BSNL has understood the requirements and the expectations of the customer. Customer care measures are being taken in all possible fields of the organization and its activities. At present, BSNL has around 3500 customer centres across the country. Right from the formation, BSNL has been working towards the Customer Satisfaction and is striving hard to provide the best services to our Customers. BSNL has formed Business Development Wings and Marketing Wings to accomplish this task of ensuring Customer Satisfaction. The Key Account Managers are nominated to understand the requirements of the Customer, Work out a methodology with which the customer satisfaction is ensured.
For the MPLS Project and for Data Projects, after studying the Processes involved in the provisioning and Maintenance of Services and its Criticality the Officers up to the Level of the Deputy General Managers / Area Managers have been designated as the Account Managers. The following points are the Salient features of the project: 
Single Window Access Points are being worked out for the Networking needs of the Corporate Companies / Customers.

Our officers meet the customers periodically to understand their requirements and provide solutions.
For this project, the same philosophy is being adopted under which an OVERALL PROJECT CO-ORDINATOR is nominated at National level under whom a team of professionals will be delivering the services. And there shall be Circle coordinators to coordinate at circle level for service delivery. Further there shall be implementation teams at every SSA level for parallel, speedy and prompt execution. National Project Coordinator: DGM (Service Delivery) Under GM (Enterprise) Circle Project Coordinators: DGM (Service Delivery) Under Respective CGM (Circle) [BSNL Confidential]
35
Networking Solution for CCTNS Implementation Teams : At Every SSA Level As soon BSNL receives confirm order and advance payment, BSNL will engage a system integrator (SI) through the tendering/empanelment process for providing routers for the 2,000 higher offices, 35 SDC & 1 NDC for implementing the Wide Area Network (WAN) for CCTNS project based on ‗option-2‘. The SI will install and configure routers. This SI will also configure the router for backup links being provided by BSNL under this proposal at the higher offices which would be WiMax, EVDO or 3G etc. depending on the availability of relevant services in those locations. BSNL will provide VPNoBB connectivity to the smaller offices/ Police Stations (18,392 Nos) through BSNL‘s in-house teams located in various Districts. At these locations the hardware i.e. ADSL modem cum router will also be provided through BSNL in-house resource. NCRB has already been requested to collect information related to the site locations address, contact Nos, site category/ connectivity required (MPLS VPN or VPNoBB) in a desired format and submit to BSNL, so that the details can be worked out in advance so that the project may be completed in time.
[BSNL Confidential]
36
Networking Solution for CCTNS
7.2 Project Schedule Draft Project Plan for Commissioning of CCTNS Network S. No.
Activities to be performed
Time Lines
1.
Confirmed order alongwith the site details by MHA/NCRB
X day
2.
Issue of Demand Note
X+7 day
3.
Payment received
―D‖ day
4.
Issues of advice note by BSNL
D+30 days
Freezing the Security Policies, IP Addressing schemes etc with 5.
NCRB/ MHA
D+30 days
Site readiness (alongwith LAN and other infrastructure) by 6.
NCRB/ MHA for VPNoBB sites
D+60 days
Finalisation of System Integrator for Procurement of 7.
Hardware
D+60 days
Site readiness (alongwith LAN and other infrastructure) by 8.
NCRB/ MHA for MPLS VPN sites
D+120 days
Procurement of Hardware: Delivery Router / Modems etc. at 9.
2000 higher office (MPLS VPN sites)
D+150 days
Procurement of Hardware: Delivery Router/ NMS/ etc. at 10.
SDC, NDC & 2000 higher office (MPLS VPN sites)
D+180 days
11.
Laying of optical fibre at NDC & SDC (>4Mbps site)
D+180 days
12.
Delivery of Add drop multiplexers at NDC & SDC (OFC Sites)
D+180 days
13.
Commissioning of OFC transmission link
D+210 days
14.
Ordering for VSAT for non-feasible sites
D+210 days
15.
Commissioning of NDC & SDC links
D+240 days
16.
Provisioning broadband links at 25% VPNoBB sites
D+240 days
17.
Commissioning of VPN at 25% of locations
D+240 days
18.
Provisioning broadband links at 50% VPNoBB sites
D+270 days
19.
Commissioning of VPN at 50% of locations
D+270 days
20.
Provisioning broadband links at 75% VPNoBB sites
D+300 days
21.
Commissioning of VPN at 75% of locations
D+300 days
[BSNL Confidential]
37
Networking Solution for CCTNS Provisioning broadband links at 100% VPNoBB sites (Except 22.
D+330 days
non-feasible VSAT locations) Commissioning of VPN at 100% of locations (Except non-
23.
D+330 days
feasible VSAT locations) Acceptance and handing over the complete project (Except
24.
non-feasible VSAT locations)
D+340 days
25.
Commissioning of VSAT locations
D+360 days
The achievement of the time lines defined will depend on site readiness as given in site requirement document and active response from all concerned agencies (MHA, NCRB etc.) and the site officials in terms of providing necessary documents (like Road Permit, site layout plan etc.) information, support and facilities.
7.3 Draft Acceptance & Testing Procedure The draft acceptance & testing procedure is given below. The detailed acceptance and testing procedure may be prepared in consultancy with NCRB & its consultant. S. No. 1.
Test
Performed by
Physical Inspection Test for the transmission
BSNL
devices offered 2.
Power On test for hardware supplied
BSNL
3.
Ping test from CPE to next hop (PE)
BSNL/SI
4.
Ping test from remote offices to SDC/NDC router
BSNL/SI
[BSNL Confidential]
38
Networking Solution for CCTNS
8. Support required from NCRB and the States Considering the importance and magnitude of the CCTNS Project, it is essential that all stakeholders should be actively participating and executing the activities for the timely implementation of CCTNS project and for proper operation & maintenance of the CCTNS. Although, NCRB will be the overall owner of the CCTNS Project but the various States/ UTs will also play an important role for the success of CCTNS project. The following support will be required from NCRB and the States/ UTs:-
8.1 Support required from NCRB A national level coordinator from NCRB will be required who will do the following activities:i.
Issue instructions to the States/ UTs regarding the CCTNS Project and for supporting BSNL in the implementation of Wide Area Network for CCTNS.
ii.
Issue instructions for making the various sites ready as per sites readiness conveyed by BSNL (for WAN). The details of site readiness and infrastructure requirements are mentioned in this proposal.
iii.
To periodically take reports from States/ UTs regarding the site readiness and pursue for getting all sites made ready so that BSNL work does not get delayed.
iv.
To issue instruction to States/UT or other agencies on periodic basis for expediting the project.
v.
To arrange for road permits/ other documents as required by BSNL in the name of BSNL/ BSNL‘s SI/ supplier for dispatch of equipment (Router, VSAT etc.) by SI/ supplier to the sites.
vi.
To interact with the other Govt. Agencies in case help/ permission are required in implementation, operations and maintenance of the CCTNS Projects.
[BSNL Confidential]
39
Networking Solution for CCTNS
8.2 Requirement from States/ UTs A coordinator will be required in each State/ UT who will conduct the following activities the expediting the projects:i.
To interact with national level coordinator of NCRB and take necessary action.
ii.
To issue instructions to the field units and pursue with a them for its implementation
e.g.
making
sites
ready,
arranging
road
permits/other documents for dispatch of equipments, compiling periodic reports. iii.
To interact with BSNL‘s circle level coordinator/ local offices.
iv.
To direct the field offices to issue proper receipt of the equipments immediately on its delivery at sites without asking courier agency to visit again.
v.
To arrange for safety and security of the equipment delivered by BSNL or its SI/ Supplier at the sites. This has to be arranged on continuous basis during project implementation phase and thereafter during the life of the project.
vi.
To organise permission for officers/ staff of BSNL/ BSNL‘s SI to enter the premises of the field offices during project implementation phase and subsequent phase, as and when require BSNL.
vii.
To interact with other Govt. Agencies in case help is required in connection with implementation, operations and maintenance of the CCTNS Project.
[BSNL Confidential]
40
Networking Solution for CCTNS
9. Operation, Maintenance & Support Plan BSNL understands the importance of ―Timely Support‖ in CCTNS so the MPLS VPN provided would be monitored and managed by BSNL through its central NOC. BSNL has built a support mechanism to support its customers and same will be offered to CCTNS network. A 24X7 Helpdesk will be available for attending calls at central level for MPLS VPN. Users can call or send email for any issues that they face. A ticket number will be issued which becomes a reference for further tracking. Also a proactive update may be sent to the end user and the administrator till the time the problem is resolved and ticket is closed. Ticket and monitoring tool archives are available for trend analysis and can be used for further improvement of the services. An escalation matrix will be shared which can be used for appropriate escalations during service issues. BSNL has already formed a Service Delivery (SD) and Service Assurance (SA) team at each circle level. The work of this SA team will be to assure the service levels and timely rectification of faults in their circle by coordinating with the concerned people.
9.1
NOC support (for MPLS VPN links)
CCTNS Network will be monitored from BSNL‘s NOC. This will:
Improve Service Availability
Enhance Service Quality
Improve Customer Satisfaction through 24 X 7 Single Point of Support Contact for Customers
Availability of Service Uptime Data for Compliance and Service Improvement Perspective
[BSNL Confidential]
41
Networking Solution for CCTNS
Transparency between MHA and BSNL regarding the offered Service Uptime
NOC Processes: Full FCAPS Functionality. –
F: Fault Management.
–
C: Configuration Management.
–
A: Accounting Management.
–
P: Provisioning Management.
–
S: Security Management.
SLA Monitoring Capacity Planning & Augmentation Fault booking –
Toll free number
–
Email (noc@BSNL.in or mplshelpdesk@BSNL.in)
–
Web portal
Identification of faults at NOC Level 1. Escalated to the Node in charges/ Field Units. Escalation to Level 2 and Level 3 Help Desk. Closure of faults Confirmation with the customer/ Network Manager Performance reports generation
[BSNL Confidential]
42
Networking Solution for CCTNS A
Remedy Service Desk which is deployed at the BSNL NOC as Helpdesk
management Solution, displays a list of trouble tickets with drill-down capability and allows the end user to view, modify, and submit service calls, as well as view and modify incidents, problems, changes, and work orders. This is integrated with the HP OV Service Information Portal to provide the web interface to the customer to check and monitor their SLA Details.
[BSNL Confidential]
43
Networking Solution for CCTNS
9.2
Fault reporting (MPLS VPN & VPNoBB)
The fault booking will have to be done by the police stations/ police control room in a decentralised manner by the concerned districts through BSNL recommended procedure which will be finalised and intimated later on. There are a number of police stations/ smaller offices which will have problem of erratic power supply and it is anticipated that the UPS may also get degraded and hence the power to the equipment may either get switched off or be switched off by the concerned staff (when CCTNS is not being used) to avoid damage to UPS battery. There are high chances of large numbers of ―False complaints‖ being generated in case the complaints are booked without verification from the concerned office/ police station which can be detrimental for the health of the whole CCTNS. Hence, the fault booking should be done by the police control room/ police station/ office after conducting preliminary checks as given under:a) The power supply is available and the equipments (Modem, Router etc.) are switched on. b) That the physically connectivity of the Router, Modem, LAN is not disturbed to eliminate problem at that local end. c) Observation
are
noted
about
the
indicators
on
modem
and
communicated to the BSNL staff while booking complaint or when asked by BSNL while trouble-shooting.
[BSNL Confidential]
44
Networking Solution for CCTNS
9.3
Helpdesk Management (MPLS VPN & VPNoBB)
The helpdesk features for VPNoBB will be available state wise. However, it is envisaged that the fault would be booked as per BSNL recommended procedure so that reports can be extracted. The reports regarding SLA of VPNoBB sites will be available state wise. The helpdesk features for MPLS VPN is centralized at National level where the complaints can be booked on phone/ email/ webportal. However, the NMS proposed to be deployed for CCTNS at NCRB will be able to display the health of the complete CCTS Network i.e. the main MPLS Links, VPNoBB Links and backup links being providing by BSNL under this proposals. BSNL shall provide dedicated manpower (2-4 persons) per State/ Circle for coordinating and pursuing the fault rectification activities. This manpower will operate during office working hours from the SDC location in the States/ Circle for which space/ infrastructure will have to be provided by NCRB. BSNL shall provide dedicated manpower (2-4 persons) at NDC or NCRB HQ for management of NMS installed. This manpower will operate during office working hours for which space/ infrastructure will have to be provided by NCRB.
[BSNL Confidential]
45
Networking Solution for CCTNS
9.4
Escalation Matrix
9.4.1 Escalation Matrix for MPLS VPN Sites The MPLS VPN may be booked on centralised number and the ESCALATION MATRIX FOR MPLS VPN links is as follows: LEVEL LEVEL 1 [0 -3
CONTACT PERSON NOC
hours]
EMAIL ID
CONTACT NO.
mplsnoc@bsnl.co.in
18004251957,08
mplsnoc@yahoo.com
0-25808810/ 12/14/15
LEVEL 2 [3-6
SDE(NOC)
hours]
Mr S Muniswamy
LEVEL 3 [6-9
DGM(MPLS)
Hours]
Ms Sangeeta Asrani
LEVEL 4 [after 9
GM
hours]
Sh S.K. Mishra
smuniswamy@bsnl.co.in
9449801899
sangeeta_bsnl@bsnl.co.in
080-25808844
mishrask@bsnl.co.in
080-25802000
9.4.2 Escalation Matrix for Broadband VPN Sites: In case of VPNoBB site, immediately report the problem to the concern BSNL Circle helpdesk/SSA IVRS system. In case problem is not resolved, NCRB is advice to escalate the problem to the DGM/GM of the concern district. The detailed will be communicated while implementation.
[BSNL Confidential]
46
Networking Solution for CCTNS
9.5
Flow Chart of Standard Help Desk
[BSNL Confidential]
47
Networking Solution for CCTNS
10. Service Level Monitoring Mechanism MHA is concerned about the CCTNS and strongly feels that BSNL should be offering Service level commitment for uptime even for sites with VPNoBB connectivity so that CCTNS gets acceptance among the field police staff. Although, BSNL is presently not offering Service Level Commitment for VPNoBB as the centralized system for monitoring, fault booking, fault rectification/ management and report generation is not implemented. However in view of MHA‘s specific request, BSNL agrees for providing the Service Level Assurance for uptime even for VPNoBB links for CCTNS by making some separate investment for NMS for centralized monitoring. However, the procedure for fault booking, fault rectification/ management and report generation will be decentralized at the level of States/ District so that we are able leverage on the existing system of BSNL and are also able to generate Service Level Achievement reports. BSNL would provide Service Level Assurance of 99% availability of the sites on MPLS VPN and 97% uptime on the VPNoBB links. The customer would be required to book a complaint on their toll-free/ other designated numbers and obtain a fault docket. BSNL will provide Service Level Assurance limited to only uptime supported by broadband CPEs of BSNL. For this purpose VPNoBB services with fixed IP will be provided to enable monitoring and a separate NMS will have to be provided by BSNL for CCTNS projects. In case required additional support of BSNL‘s partner may also be taken for Service Level monitoring purpose.
10.1 Service Level Monitoring and NMS details BSNL has a Network Operation Centre (NOC) at Bangalore. NOC is manned on 24x7 bases. All the NMS components are deployed in High Availability mode. To take care of any disaster, Pune has been made as the disaster recovery NOC of central NOC. Some of the components of NOC are deployed on regional basis at Chennai, Noida, Kolkata, Pune and Bangalore. BSNL NMS is having the capability to do MPLS L3/L2 VPN provisioning, Fault Management and Performance [BSNL Confidential]
48
Networking Solution for CCTNS Management. The NMS has the capability to display the performance parameters related to the customer network through a password protected website. The NMS Solution deployed at the BSNL NOC constitutes the following:-
TCC 3G NMS
SML/BML
HP OV SLA Manager
HP OV ServiceDesk
Service Information Portal
Performance Management System
TeMIP
NML HP OV Service Activator
Element managers
Infrastructure
EML NEL
Access Network
MPLS Network
Openview Network Node Manager
TeMIP Corba Runtime
Element managers
Element managers
Openview Operations
Element managers
IP Data Network ATM
MPLS
Transport Network
VAS Network
Systems, Storage, Applications
1> HP OpenView TeMIP 2> HP OpenView Network Node Manager 3> HP OpenView Operations 4> HP OpenView Performance Insight 5> HP OpenView Service Desk 6> HP Open SLA Manager 7> HP OpenView Service Information Portal The monitoring and management of the CCTNS network and devices, which is provided as a part of the solution, will be done from the centralized NOC of the BSNL which is deployed at Bangalore with DR at Pune. The CPE at the CCTNS Network, which forms Customer Edge Equipment for the MPLS network provided by the BSNL, can be configured as Managed CE Node. In [BSNL Confidential]
49
Networking Solution for CCTNS these configuration entire details pertaining to Network management of the CPE will be handled from the Centralized NOC. The various functionalities of the NMS are as follows: i)
Network View : -
HP OV TeMIP and HP OV NNM which are deployed at the BSNL NOC will be used for the creation of the Network level MAP‘s. The detailed Device View for the network equipment will be created using Cisco View which is a part of the Cisco RWAN solution. This is integrated with the HP OV Temip for providing the Centralized View. ii)
Network Level Faults and Events Monitoring : -
Hewlett-Packard (HP) OpenView TeMIP Fault Management and Real-Time Operations is an industry-proven, alarm-handling, event-logging, networkvisualization solution. HP OV TeMIP and HP OV NNM which are deployed at the BSNL NOC will also be used for the centrally collecting Faults and events from the various CE devices which will be integrated with the HP OV NNM. Fault related data and events will be transferred to the NSM system using SNMP protocols. HP OpenView TeMIP Real-Time Operations incorporates both fault management and topology displays with other functions, such as network configuration, application launch, and auto-discovery, through a common GUI. iii)
Configuration Management : -
Cisco RWAN which is provided for the Router management will take care of the network level inventory, Software images and configuration files. Inventory information of the Cisco Devices created on the Cisco RWAN will be transferred to the HP OV TeMIP for the centralized management. But for any policy changes desired by the NTPC, a change Management Request has to be provided by NTPC to BSNL. Due to security reasons no direct access to the MPLS configuration will be provided by the BSNL. As a part of the Proposal, Cisco Security Manager is being provided that can be used by the Customer for the End to End IPSEC VPN Creation and Configuration. [BSNL Confidential]
50
Networking Solution for CCTNS
iv)
Performance Management : -
HP OpenView Performance Insight for Networks monitors a wide range of network protocols and devices; in addition, it generates easy-to-understand reports that provide intelligent insight into BSNL network operations and offers BSNL the information required to work proactively—to anticipate, and then eliminate—network
bottlenecks.
HP
OpenView
Performance
Insight
for
Networks can help BSNL get ahead of the curve. HP OV PI along will HP OV NNM will facilitate the BSNL and NTPC to Optimize the availability and performance of the network Diagnose performance problems using recent and historical data, Identify over- and under-utilized links, Understand how device resources are affecting network performance.
Operator/Viewer level Access will be
provided by the BSNL to NTPC to find out their Daily, Weekly and Monthly performance Reports. v)
Helpdesk Management : -
An OpenView Service Desk which is deployed at the BSNL NOC as Helpdesk management Solution, displays a list of trouble tickets with drill-down capability and allows the end user to view, modify, and submit service calls, as well as view and modify incidents, problems, changes, and work orders. This is integrated with the HP OV Service Information Portal to provide the web interface to the customer to check and monitor their SLAM Details.
vi)
SLA Monitoring: -
An OpenView SLA Manager which is already deployed and integrate with the HP OV Service information portal will be providing to the customer to monitor their SLA agreements with the BSNL. Access to the same can be provided using the web based interface.
[BSNL Confidential]
51
Networking Solution for CCTNS
10.2 NMS at NCRB As per the requirement of the project, a separate NMS system will be deployed. The NMS can be setup by implementing the following components or its equivalent components: 1> HP OV NNM 2> HP OV PI 3> HP OVSD 4> Cisco LMS 5> Cisco Security Manager for VPN Configuration and Management This can be deployed at the NDC of CCTNS/ NCRB HQ. All the configuration and Management of the devices can be performed using this System.
[BSNL Confidential]
52
Networking Solution for CCTNS
11. Responsibility Matrix RACI Chart for CCTNS WAN project Activity Detail 1 General Requirement A Final Location List B Location Address & Contact Details C Rollout Plan D Site Survey for Feasibility Supply of WAN Link Equipments (Router, Modem, ADSL E CPE etc ) Finalization of Location of Rack for placing WAN F equipment G Installation of WAN Link H Testing of WAN Link I Handover(AT) of Link J Maintenance of WAN Link Documentation (Reports, Design Doc, Rollout Doc etc.) K related to WAN Rollout
R NCRB NCRB BSNL BSNL
A MHA MHA NCRB
BSNL
MHA
NCRB BSNL BSNL BSNL BSNL BSNL
C
I BSNL BSNL MHA NCRB NCRB
CO
BSNL NCRB NCRB CO/NCRB NCRB NCRB
2 A
Site Readiness/ Infrastructure Requirement for all sites (as per BSNL’s requirement mentioned in the proposal) Stable UPS Power Supply
NCRB
BSNL
BSNL
B
Proper Grounding of power supply
NCRB
BSNL
BSNL
C
Air conditioning at SDC & NDC
NCRB
BSNL
Air conditioning at other sites (Preferred) Lighting is proper in communication Room Space for wall-mounting of Rack (6U size) at all MPLS F VPN locations (except NDC/ SDC). Availability of Rack Space (More than 2U) for Router G and Modem / Converter (at NDC/ SDC) Availability of table top space for ADSL modem at H VPNoBB locations. Space for mounting of VSAT antenna for TNF sites and I small space for mounting IDU
NCRB rNCRB
BSNL BSNL
NCRB
BSNL
J
D E
NCRB
BSNL
BSNL
NCRB
BSNL
NCRB
BSNL
Storage and safety of equipment supplied by BSNL
NCRB
BSNL
K
Readiness of LAN
NCRB
BSNL
3 A B C
Maintenance of CCTNS WAN NMS deployment Monitoring of the network Fault booking
BSNL BSNL CO
[BSNL Confidential]
NCRB NCRB
MHA MHA BSNL 53
Networking Solution for CCTNS D E
Fault Rectification Fault Escalation
BSNL CO
F
Routine Reports generation
BSNL
G SLA parameter monitoring
BSNL
H
BSNL
SLA reports Generation R = Responsible - owns the activity/problem / project A = to whom "R" is Accountable - who must sign off (Approve) on work before it is effective C = to be Consulted - has information and/or capability necessary to complete the work I = to be Informed - must be notified of results, but need not be consulted CO=Concerned Office
NCRB BSNL NCRB/ MHA NCRB/ MHA NCRB/ MHA
Note: Responsibility matrix given above needs to be followed for all activities. If any activity is not listed, the same needs to be consulted and agreed between the project managers
[BSNL Confidential]
54
Networking Solution for CCTNS
12. Assumptions and Exclusions While preparing the detailed proposal for Networking for the CCTNS project we have made certain assumptions which are given in the following section. It is submitted that without the fulfilment of the requirements given in the assumptions, the success of the project shall be affected.
12.1 Assumptions made i.
NCRB shall co-operate with BSNL for any assistance BSNL may require for inspection, installation and maintenance.
ii.
Delay in performance of any of its obligations under this proposal shall not be counted for any purpose if such failure or delay is due to or attributable to any act of God, war, warlike conditions, hostilities,
riots,
civil
commotion,
or
any
other
cause
or
circumstance of whatsoever nature beyond the reasonable control of either Party. iii.
Site details and databases are provided by NCRB/MHA while issue of work order.
iv.
National level and State level coordinators are appointed by NCRB/MHA at the beginning of the project for proper coordination and timely completion of the project.
v.
Project details information flow to last point i.e. Police Station level shall be ensured by MHA/NCRB.
vi.
Road permits in the name of BSNL/SI/Equipment Supplier are issued by customer as per BSNL‘s requirement within one week of demand.
vii.
Material is received immediately on its delivery and receipt is given to concerned agency. The ownership of the equipment stands transferred immediately on delivery.
viii.
Material supplied is kept safe and secure against any damage and is not misplaced.
ix.
Permission to access the premises is given promptly to BSNL or its SI‘s staff whenever required for executing project related activities.
[BSNL Confidential]
55
Networking Solution for CCTNS x.
Site infrastructure is made ready and intimated to BSNL‘ National coordinator as per site readiness mentioned in this proposal.
xi.
Support is provided by MHA/NCRB for seeking permission from other Government agencies for activities like digging/ trenching etc. during execution of the project.
xii.
LAN at the offices/ police stations is made timely ready.
xiii.
NCRB allows use of its POLNET for backup purpose wherever feasible and arranges necessary permissions.
xiv.
BSNL shall provide telephone line with ―incoming only‖ feature for VPNoBB provisioning. However in case new telephone connection is non feasible then the existing telephone line shall be utilised to provide VPN over Broadband connection to that site.
xv.
NCRB/MHA shall provide space and infrastructure for BSNL team (2-4 persons) at State H/Q for carrying out operations and management activities, if required.
xvi.
SWAN link is to be terminated and put into operation by SI engaged by States/ SCRB.
xvii.
5-10% sites may remain pending beyond the project timelines given in the proposal due to reasons beyond control.
xviii.
Maximum number of VSATs required to be provisioned are 500 in this proposal. Additional requirement of VSATs shall be charged extra.
xix.
On commissioning of any site/link, the field offices shall give site commissioning report immediately to the representative of BSNL or its SI.
xx.
Faulty units/equipment is sent promptly for repair by field offices.
xxi.
Equipment at all sites shall be kept in ―power On‖ and ―connected‖ condition so that health of the equipment does not get deteriorated and ‗false alarms‖ are not generated in the NMS/ BSNL‘s NOC.
[BSNL Confidential]
56
Networking Solution for CCTNS
12.2 Exclusions Following will not be covered and are not in the present scope of work:i. The scope of work does not include installation and integration of the components not supplied under this order. ii. Development of Application and its deployment and any issues related to working of application is not included. iii. The integration of CCTNS applications which have been developed by different vendors are not under the scope of this project. iv. Backup on BSNL VSAT is not included in this proposal v. MHA will ensure availability of proper infrastructure at all locations for implementing the equipment supplied in this project. vi. UPS are required for un-interrupted power supply to all equipment. Customer shall ensure availability of UPS supply for equipment provided by BSNL under this project. vii. Additional Routers and Modems required for integration of this network with SWAN as backup are not included in this proposal. viii. Charges for Point to point Lease Line connectivity with SWAN. Configuration of Backup using SWAN shall be responsibility of NCRB/State ix. Burning of modems/ routers/ other equipment : Repair/Replacement in such cases shall be on chargeable cost basis.
[BSNL Confidential]
57
Networking Solution for CCTNS
13. Risk Management in CCTNS Project It is anticipated that while implementing CCTNS project, there is risk of project getting delayed in case various issue are not handled in advance. Some of the risks for the project implementation and operations of CCTNS are as under:i.
Delays in receipt materials: The equipment would be despatched by BSNL or its SI or supplier to the field offices. In case the field officers do not give proper receipt or refuse to receive the equipment there can be additional courier charges/ delivery charges payable by NCRB plus delays in implementation of the project.
ii.
Delays in permissions: In case of refusal of permission by local agencies (Government/ Municipal agencies/ Panchyat etc.) for trenching for laying new cable/ maintaining existing cable, there can be delays which shall not be attributed to BSNL. In such cases the local Police offices/ officers will be required to support BSNL in getting the permission from the concerned agencies.
iii.
Damage/ loss of equipment: There can be various reasons for damage/ loss of equipment which are not because of BSNL e.g. due to Riots, Natural calamity such as flood/ Earthquake, damage by misuse, misplacement/ theft, exposure to harsh environment etc. In such cases the repair/ replacement of equipment will be at additional cost.
iv.
Shortage of equipment: In case of shortage of any equipment the alternatives will be explored and project will be commissioned with alternatives under due intimation to NCRB.
These risks can be handled in case suitable instructions are issued in advance by NCRB/ MHA. An officer of NCRB should be designated as National level coordinator for the project implementation phase and thereafter for the life of the CCTNS project. Similarly, an officer of SCRB/ State Police HQ should
be
designated
as
State
level
coordinator
for
the
project
implementation phase and thereafter for the life of the CCTNS project.
[BSNL Confidential]
58
Networking Solution for CCTNS
14. Service enhancement and continuous improvement strategy BSNL has the capacity to handle growing volumes of business. BSNL undertakes to provide additional Services or other similar services in case a specific need arises. Such additional services would be for an additional charge. BSNL will offer suitable discounts over the list prices prevailing at that time. These enhancement options are detailed below:a. Up-gradation of bandwidth from one class to another class or upgradation of the bandwidth requirement at any of the sites. b. Additional sites can be added to the CCTNS as and when required by NCRB. The media for providing connectivity will depend on the feasibility of the new sites. c. Shifting of the sites is possible. However the connectivity at the new location would depend on the feasibility. d. Any other service of BSNL
[BSNL Confidential]
59
Networking Solution for CCTNS
15. Commercials 15.1 Budgetary Proposal S. No. 1
2
3
4 5
6
7
Items
Bandwidth (BW) RECURRING ITEMS MPLS VPN Aggregated bandwidth bandwidth charges for of NDC & SDCs. respective states. MPLS VPN 512 Kbps bandwidth charges for Higher offices. VPNoBB for 256 Kbps smaller offices VPNoBB for police stations NMS Operations, Management and AMC Annual cost
Manpower cost at SDC Locations for additional Help Desk support VSAT Charges for TNF locations
Qty.
Unit Price (Rs.)
Total price (Rs.)
1 NDC & 35 SDC
7,58,54,334
7,58,54,334
2,000
2,13,200
4,000
25,000
13,892
25,000
10,00,00,000 VPNoBB charges with fixed IP feature (Details at section 15.4, Point2) 34,73,00,000 -- do --
N/A
1 Lot
1,00,00,000
1,00,00,000
N/A
1 Lot
2,00,00,000
2,00,00,000
1,00,000
5,00,00,000
256 Kbps
CAR 32Kbps 500 MAR 256Kbps
[BSNL Confidential]
Justification
MPLS Bandwidth charges for National Data Center and State Data Centers (Details at section 15.4, Point-1) 42,64,00,000 MPLS bandwidth charges with routers, modems, backup and SLA
BSNL will deploy manpower for the O&M of NMS which is being provided to NCRB for monitoring the health of the complete CCTNS network. (Details at section 15.4, Point-3) BSNL will deploy manpower for the SDC for additional helpdesk support. (Details at section 15.4, Point-3) These include the VSAT bandwidth charges. (Details at section 15.4, Point-4)
60
Networking Solution for CCTNS S. No. 8
Items
Bandwidth (BW) ONE-TIME ITEMS VSAT One H/W time charges
Qty.
Unit Price (Rs.)
Total price (Rs.)
Justification
VSAT is required for sites which are not feasible on other media. (Details at section 15.4, Point-5) NMS is required at NDC/ NCRB HQ so as to get complete view. (Details at section 15.4, Point-6) These hardware are required for the NDC. (Details at section 15.4, Point-7)
500
80,000
4,00,00,000
9
NMS at Delhi
H/W
1
3,50,00,000
3,50,00,000
10
Additional H/W Hardware for National Data centre (Switch/ IPS/ Security Management solution/ LMS) Passive H/W equipment e.g. Racks
1
2,50,00,000
2,50,00,000
2,036
5,000
1,01,80,000
11
A B C D
SUMMARY OF COSTS One time Cost in First Year Recurring Cost for Year1 Recurring Cost for Year2 Recurring Cost for Year3 Total cost for 3 Years
[BSNL Confidential]
Details at section 15.4, Point-8
11,01,80,000 1,02,95,54,334 1,02,95,54,334 1,02,95,54,334 3,19,88,43,003
61
Networking Solution for CCTNS
15.2 Commercial conditions a. Taxes and octroi/entry tax charges etc shall be Extra. b. The rates are for a firm commitment of minimum three years. c. Annual recurring charges: 100% advance for 1st year. MHA shall release payment of recurring for subsequent years within 30 days of issue of Invoice. d. One Time Charges: 100% in advance e. Payments for all charges have to be made on centralised basis at New Delhi. f. Billing shall start on commissioning on link to link basis. g. The rates for Hardware charges for NMS, Data Centre, Racks and recurring charges for NMS O&M, Manpower are budgetary. BSNL will call for quotations from System Integrators for the BOM (bill of material) finalised in consultation with NCRB/ MHA and the final pricing (including BSNL‘s margin) would be based on the competitive price. h. The total pricing of the project will change in case of additions/ deletions of the sites and in case bandwidth is changed. i. Minimum period of commitment is 3 years. j. The special pricing is for the whole project and the number of sites will not reduce more than 10%. k. Any up-gradation of bandwidth can be ordered anytime but downgrading of bandwidth is allowed only after the commitment period.
[BSNL Confidential]
62
Networking Solution for CCTNS
15.3 Rates for enhancement of bandwidth After implementation of the CCTNS project, there may be a requirement to increase the bandwidth required at some sites. In such cases the demand for change of bandwidth will have to be made by NCRB to the BSNL national coordinator. The following unit rates will apply in such cases:Item
Bandwidth
Annual Rate (Rs.)
VPNoBB
256 Kbps
25,000
VPNoBB
512 Kbps
45,000
MPLS VPN
256 Kbps
1,63,792
MPLS VPN
512 Kbps
2,13,200
MPLS VPN
1 Mbps
2,63,250
MPLS VPN
2 Mbps
3,54,250
MPLS VPN
8 Mbps
9,26,250
MPLS VPN
34 Mbps
34,63,850
[BSNL Confidential]
63
Networking Solution for CCTNS
15.4 Justification for the commercials BSNL has worked out very special rates for the networking solution for CCTNS project as it a project of national importance. The initial proposal for Option-2 was for Rs 290 crores (for 3-year period) was based on BSNL‘s tariff with significant discounts. The networking solution has been customised to meet the requirement of CCTNS project and many additional premium features have been added in both MPLS VPN & VPNoBB over and above the standard service offerings of BSNL. Hence, considering various additional premium features that have been added especially for CCTNS, the commercials are really very low.
The item-wise
justification is as under:Point 1 (for Items 1 & 2): MPLS VPN bandwidth charges at the NDC, SDC & Higher Offices includes Routers and modems rentals. The details of the bandwidth at the various SDC/ NDC are given in section 5.6a (page 26- 27) of this proposal. At the NDC and SDC (> 4Mbps) BSNL will provide connectivity through OFC ring with automatic switch-over for better protection in case of an OFC cut. At the other offices, backup will be provided on a different access media like EVDO/ 3G/ WiMax/ CDMA etc. (details in Section- 5.6b, c; page 2829). Provision of an additional WAN port has also been kept in the routers being provided at the higher offices for connecting SWAN as a 2nd backup at these offices (details in Section 5.7; page 31-32). Point-2 (for Items 3 & 4): The VPN over Broadband being offered to CCTNS for Smaller offices and Police stations in this proposal is having additional feature of service level commitment of 97% uptime. This is premium feature which is presently available only for MPLS VPN links and not a standard service offering of BSNL for VPNoBB which is otherwise a low cost service. This is being provided for CCTNS based as a very special case on the request of NCRB/ MHA. This requires additional support system in BSNL for monitoring, pursuance and faster fault rectification so that uptime commitment is achieved. In order to be able to monitor the sites and for providing SLA commitment on uptime, BSNL will be [BSNL Confidential]
64
Networking Solution for CCTNS providing ―fixed IP‖ even for VPNoBB sites instead for dynamic IP. In case required, additional support of BSNL‘s partner may be taken for monitoring purpose (details in section-10, page 48). Point-3 (for Item 5 & 6): BSNL has made provision for deploying manpower for O&M of the NMS (Network Management System) being provided to NCRB at the NDC for helpdesk and escalation support. This is required so that that NCRB is able to get a full view of the complete CCTNS network which would include all sites which are even on VPNoBB links. NCRB will also be able to see details of any part of the network which will be helpful for monitoring and control over the States. In addition to the above, BSNL has made provision for deploying dedicated manpower at the States/ Circles for coordinating and pursuing the fault rectification activities for achieving good uptime (details in section-9.3, page 45). Point-4 (for Item 7): The VSAT bandwidth is a very costly resource. Hence, BSNL has proposed an optimum bandwidth taking into consideration that the sites requiring VSAT will be very remote and small sites. This includes the WPC charges and licence fees also. In case required the bandwidth can be upgraded after 3 months. Point-5 (for Item 8): The VSAT one time charges includes the cost of the VSAT hardware. It also includes the cost of transportation to the remote sites and the installation cost at the remote sites. Point-6 (for Item 9): BSNL has made Provision for NMS for NCRB for monitoring of the complete CCTNS network. This will give a view of the complete CCTNS network to NCRB. The NMS will comprise of a number of components (details in Section 10.2, page-52). Point-7 (for Item 10): BSNL has made provision for additional hardware for the National Data Centre as it a very important entity of the whole project. These additional
hardware‘s
are
Intrusion
Prevention
System
(IPS),
Security
Management Solution for Management of additional security Tunnels over WAN
[BSNL Confidential]
65
Networking Solution for CCTNS links, LAN Management System for managing LAN devices and switch for connectivity of LAN devices. These items are required for Data centres Setup and in case it is being provided to NCRB under some other project, the same may be dropped. The details will be finalised in consultation with NCRB. Point-8 (for Item 11): BSNL has made provision for passive equipment for the sites having MPLS VPN connectivity. These will be required for the proper installation of the routers/ modems and will be helpful for the safety of the equipment.
[BSNL Confidential]
66
Networking Solution for CCTNS
15.5 Breakup for SDC/NDC Location wise Bandwidth Charges S. No. Site 1 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 1.11 1.12 1.13 1.14 1.15 1.16 1.17 1.18 1.19 1.20 1.21 1.22 1.23 1.24 1.25 1.26 1.27 1.28 1.29 1.30 1.31 1.32 1.33 1.34 1.35 2
State Data Centre Andaman & Nicobar Andhra Pradesh Arunachal Pradesh Bihar Assam Chandigarh Chhattisgarh Dadra & Nagar Haveli Daman & Diu Delhi Goa Gujarat Haryana Himachal Pradesh Jammu & Kashmir Jharkhand Karnataka Kerala Lakshwadeep Madhya Pradesh Maharashtra Manipur Meghalaya Mizoram Nagaland Orissa Pondicherry Punjab Rajasthan Sikkim Tamil Nadu Tripura Uttar Pradesh Uttarakhand West Bengal National Data Centre
[BSNL Confidential]
Qty Band Width Discounted Charges in Rs. 35 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
1 Mbps 100Mbps 4Mbps 45Mbps 10Mbps 512Kbps 16Mbps 256Kbps 256Kbps 10Mbps 1 Mbps 16 Mbps 10Mbps 4Mbps 8Mbps 16 Mbps 45Mbps 16 Mbps 512Kbps 45Mbps 45Mbps 4Mbps 2Mbps 2Mbps 2Mbps 16 Mbps 2Mbps 16 Mbps 34Mbps 1 Mbps 100Mbps 2Mbps 45Mbps 4Mbps 16 Mbps 155Mbps
263250 8812050 565500 4230850 1006850 213200 1628250 163792.2 163792.2 1006850 263250 1628250 1006850 565500 926250 1628250 4230850 1628250 213200 4230850 4230850 565500 354250 354250 354250 1628250 354250 1628250 3463850 263250 8812050 354250 4230850 565500 1628250 12690600 67
Networking Solution for CCTNS
[BSNL Confidential]
68