"- – "

.77
7.1
:
, .1
.
.2
Heat MAP
.
, Heat Map .3
.
.4
. 2
. .5
.6
.
(Fluke) (Fiber UTP ) .7
.
. .8
. .9
. .10
.11
.
.12
.
, .13

.
.Design Approval .14

96 25
 "- – "

.
.15
.
. 25 .16
. .17
. .18
.19
.

7.2

(Planning and Requirements Analysis) :1 7.5.1

:
: .1
.
.
.
: .2

(Design) :2 7.5.2
:
.
.
.

96 26
 "- – "

(Implementation) :3 7.5.3
:
:

:
.
:
.
:

(Delivery) :4 7.5.4

:
.
.
.

(Support and Maintenance) :5 7.5.5

7.3
:

96 27
"- – "

96 28
"- – "

.8
(1)

1 1

870 2

870 3

5 4

2 5

96 29
"- – "

(2)

870 1

31 24
2

12 48
3

870 3 UTP
4

870 1 UTP
5

96 30
"- – "

(3)

12
1500 1

35
2

55
3
pigtails
110
4
1
110 5
3
20
6
1
20
7
3

5 6

96 31
"- – "

(4)

48
24 1

24
13 2

20
4
SFP+ - LR
74
SFP+ - 5
LRM
30
U19 9

5
U42 10

96 32
"- – "

1
2
3
4

96 33
 "- – "

.99
9.1

: 9.1.1
: UTP

EMT

. (Patch Cords)
Single Mode
.OM3 OM4
. Fluke
. (Fluke)
(Distribution/Aggregation) Cabinets
.

(Distribution/Aggregation Cabinets
Access Point Switch Patch Panle Faceplate label
, ,
.

96 34
 "- – "

: (Outdoor Access Points) 9.1.2

.
2500/1000/100/10
(Single Mode)
.POE UTP Fiber

: 9.1.3

.
dbm 65-
:( )
Functional Requirements o
Coverage o
Adaptive Radio Management o
Resiliency o
Security and Authentication o
Roaming & Mobility Groups o
System Administration and Management o
Quality of Service o
Performance Requirements o

96 35
 "- – "

: 9.2

:
o
.
. o
. o
. o
. o
o
o

9.3

.1
+ + (Logical Diagram for Building) .a

) (Label) UTP (Fluke Test) .b

( CD UTP
: Passive .c
.i
.ii
.iii
.iv

96 36
 "- – "

UTP .v
UTP .vi
(Access Points) .2
Access Point Heatmap .a
(Access Point) NRFU (Network Ready For Use) .b
. heatmaps Final and Actual Heatmaps .c
: (Physical Installation) .d
.1
LED .2
10 .3

: (Coverage Testing) .e
dbm 65 .1
InSSider or AirMagnet WIFI Analyzer
2.4 5 .2

: (Connectivity Testing) .f
.1
Local, Internet, Server, ) (IP, VLAN)
(Speed & Bandwidth , Quota

: (Roaming Test)) .g
.1
.
(Redundancy Test) .h
.1

(Switches) .3
: Active .a
AP Label + Mac + Switch IP + Switch Name + Faceplate + Switch Port .b
NRFU (Network Ready For Use) .c
.4
Logical HLD & LLD .5
VM details (Resources, hosting location, VLans connectivity) .6

96 37
 "- – "

Backups (VM Backup, OS Backup, Configuration Backup) .7

License details (Number of license, license key, types of license and activation date) .8
Support Contract Details .9
OS Updated to Last Version and Patches applied .10
:Utilization progress .11
All Aps are discovered .a
All Controllers are connected and migrated(New & OLD) .b
VPN Controller is Connected .c
All Aps Named correctly as per the location .d
Aps are optimized and best configuration applied .e
All SSIDs are up and broadcasting as per the LLD & tested and verified .f
All Roaming testing and Hand Over testing applied .g

9.4
.

9.5

96 38
 "- – "

.10
10.1

(System Topology) 10.1.1

The network architecture will be based on Layer 2 and Layer 3 devices capable of supporting TCP/IP
communications.
The WLAN will provide functionality and integration into all major fixed switching and routing
platforms. This will be done through the provision of WLAN controllers that will support wireless
applications providing security policies, QoS (Quality of Service), intrusion prevention and RF (Radio
Frequency) management.
The system will consist of the following components:
Client Devices – Laptops, PDAs, Wi-Fi enabled mobile phones, wireless VoIP phones using the
WLAN for access to the LAN. These are provided by third parties.
Access Points –The Access Points provide the radio interface between the WLAN and any
connected devices. The Access Points can come in a number of different packages, for internal or
external installation (ruggedized/environmentally sealed) and with internal or external Antenna.
Wireless Network Management Tool – The WLAN Management Tool provides a central
management software facility to design, control and monitor the WLAN. It should also generate a
historical reports based on pre-configured time periods (daily, weekly, monthly or annually).
WLAN Controller – The WLAN Controller provides management, security, routing and switching
function for all wireless Access Points.
o Mobility Master Controller
o Managed WLAN Controllers
AAA server, Network Access Control System, guest Management system

96 39
 "- – "

(Managed WLAN Controllers) 10.1.2

It shall be configured to sync with the existing Mobility Master in IU.
It shall be configured in a single cluster with the existing WLAN controllers to provide hitless
failover, automatic user load balancing, automatic AP load balancing and seamless roaming.
The controller shall handle up to 2048 APs
The WLAN controllers shall have 40Gbps of firewall throughput
WLAN controller should have a 4 x 10GBASE-X (SFP+) ports and 2 dual-media ports (1000BASE-X or
10/100/1000BASE-T)
Two WLAN controller are required
The WLAN controller shall have enough access points and firewall licenses to manage the
proposed quantity of APs.
The WLAN controllers and access points shall support L3 redundancy and roaming.
It is the contractor responsibility to reconfigure the existing controller and APs to be part of the
same cluster of new controllers.
Shall include 3 years of advanced warranty that includes 24x7 support access and NBD
hardware replacement

(WLAN Management System) 10.1.3

The management solution of the WLAN should be able to be a professional easy to use tool that will help manage
the network across different campuses in a scalable manner. The WLAN Management will as a minimum
support the following features:

Shall be from the same vendor of the proposed wireless network infrastructure and integrated
with the existing setup.
It shall just be an extension license to the existing WLAN management system
Flexibility to manage multiple product generations and vendors from a single console.
The Contractor shall be responsible for integrating the management system with all the new
infrastructure and the existing WLAN and wired infrastructure of all existing vendors.
Can support thousands devices
Contractor to combine the existing license with the new extension license to manage the complete
WLAN infrastructure.
Supportability by equipping the Help Desk to efficiently handle most end-user issues.
Security through automated enforcement of key policies network-wide
Visibility to every user and device, spanning both your wireless and wired infrastructure
Manageability and reduced operating costs through the automation of routine tasks
Real-time monitoring of every wireless user and device connected to your network, with rapid drill-
down from network-wide to device-level monitoring views.
Centralized discovery and configuration management of controllers and wireless access points to
ensure that policies are applied uniformly across the entire network.

96 40
 "- – "

Multi-architecture support for autonomous (“thick”), lightweight (“thin”), and mesh access points
as well point-to-point and WiMax devices
Historical trend reporting with up to two years of data. All reports are exportable and customizable,
and can be distributed automatically via email
Alerts and diagnostics that tell you when potential problems are detected. Alerts can be sent via
email or SNMP traps.
Accurate location calculation for each wireless user and device.
Integrated ‘QuickView’ maps present location information for each individual user.
RF heatmaps and channel maps
Google Earth integration for depiction of outdoor coverage and device location.
Direct CAD and bulk floor plan import
Visual display of alerts and error conditions customizable on a per-user basis.
Enhanced location accuracy through the continuous recalculation of RF attenuation grid and
device locations based on real-time data
Flexible XML Location API for integration with other location-based services.
RFID tag tracking for enhanced asset management.
Flash-based interface for improved responsiveness and support across leading browsers.
Wireless rogue scanning using existing access points (thick or thin) to detect and locate rouge
devices within range.
Wireline rogue discovery by polling routers and switches
Enhanced correlation of wired and wireless scans
Display of rogue location on the VisualRF site map to help quickly locate and remove unauthorized
devices.
Enhanced and expanded rogue scoring system
Automated high-priority alerts contain all known information about the rogue, including SSID,
security settings, switch port, etc.
Logs IDS traps and alerts from leading infrastructure providers.
Centralized network-wide reporting
Scalable centralized configuration
Executive Level Reporting: Generates high-level executive reports depicting the performance of
the entire network as well as more detailed reports for groups, locations, or even individual devices
Efficient scheduling for local time zones: Schedules configuration changes and software updates
in local time, rather than simultaneously on a system-wide basis.
Root cause analysis and event correlation
Shall include 3 years of advanced warranty that includes 24x7 support access and NBD
hardware replacement

96 41
 "- – "

(Indoor Access Points) 10.1.4

The Indoor Wireless Access Points will conform to the specifications of IEEE 802.11a/b/g/n and IEEE
802.11ax
The Indoor Access Points will have a coverage overlap of 20% to allow proper transition of voice and
data over the University network. The indoor coverage is based on the average range of
802.11a/b/g/n/ac/axand will accommodate data rates of minimum 1.3Gbps.

Indoor Access Points will be dual-radio hybrid access point that provides concurrent operation of
802.11a/b/g/n/ac/ax services

The contractor shall connect the Indoor Access Points to the nearest 10/100/1000/2500 Mbps Access
Switch via Category 6A UTP cable.

The contractor shall supply the appropriate cables; run a cabling site survey, run cables to the Indoor
Access Points as per the industry best practices.

All UTP/Fiber cables must be protected in EMT/ Flexible pipes form end to end.

The Contractor will carry out measurement surveys to guarantee full coverage and acceptable signal
strength with high data rates within the University campuses.

The Contractor will verify all of the above requirements according to the results of required RF surveys.
Changes, instigated by the Contractor, will be made where necessary to maintain performance and
coverage requirements contained herein.

The Indoor Access Points will as minimum support the following features:

802.11ax indoor, thin, access points.

The same AP hardware shall support working with controller, controllerless, cloud managed or can be
configured as remote AP (VPN).
Thin Wireless Access Points with Built In Antenna
Dual Radio - software configurable, supporting 2.4GHz + 5GHz
Support the new ETSI regulatory standards to operate in Saudi Arabia
Shall be 802.11ax certified.
802.11ax: UL&DL OFDMA (up to 16 Resource Units), DL MU-MIMO, BSS coloring, 1024-QAM modulation
Implementing 4x4 MIMO-MU with 4 spatial streams, providing up to 4.8 Gbps on 5GHz and up 575 Mbps
on 2.4GHz
It shall be fully backwards compatible with 11abg, 11n, 11ac.
It shall have dual Ethernet: E0 is 100/1000/2500 (Smart Rate, IEEE802.3bz), E1 is 100/1000
Shall support 160MHz channel size.
It shall have an integrated BLE5.0 & 802.15.4 (ZigBee) radio, USB 2.0 host interface
Automatic transmit power and channel management control with auto coverage hole correction via
Adaptive Radio Management (ARM)
Integrated Trusted Platform Module (TPM) for secure storage of credentials and keys
It shall have an integrated advanced cellular coexistence (ACC) module for interference immunity, and
shall support Intelligent Power Monitoring (IPM)
Maximum power consumption: 21 Watts
Multifunction access point supporting wireless LAN access, Air Monitoring, Remote Networking, Mesh and

96 42
 "- – "

intrusion detection and prevention.

The Aps shall have call admission control capabilities for voice and video traffic Max. load and bandwidth
for voice and video traffic should be a configurable parameter
Support physical security using locking hooks or tamper proof enclosures.
Built in hardware spectrum analyzer
Shall have a secure mounting kit.
Shall have lifetime warranty

(Outdoor Access Points) 10.1.5

Outdoor Wireless Access Points will conform to the specifications of IEEE 802.11a/b/g/n/ac/ax

The outdoor Access Points will have a 20% coverage overlap to allow proper transition of voice and data
service in the University network.

The Contractor will carry out measurement surveys to guarantee full coverage and acceptable signal
strength with high data rates within the University campuses.

The Outdoor APs should support wireless mesh connectivity but it will be not accepted in this project to
connect the outdoor APs as mesh unless there is a clear exception and written permission to do so from
IT Dept.

Details of Outdoor AP Mounting and their connectivity plan should be submitted with the proposal or the
proposal will be considered unsatisfied.

The Outdoor Access Points will as minimum support the following features:
Fully hardened outdoor 802.11ax access point
The same AP hardware shall support working with controller, controllerless, cloud managed or
can be configured as remote AP (VPN).
Thin Wireless Access Points with Built In Antenna
Dual Radio - software configurable, supporting 2.4GHz + 5GHz
Support the new ETSI regulatory standards to operate in Saudi Arabia
Shall be 802.11ax certified.
802.11ax: UL&DL OFDMA (up to 16 Resource Units), DL MU-MIMO, BSS coloring, 1024-QAM
modulation
Implementing 4x4 MIMO-MU with 4 spatial streams, providing up to 4.8 Gbps on 5GHz and up
575 Mbps on 2.4GHz
It shall be fully backwards compatible with 11abg, 11n, 11ac.
It shall have dual Ethernet: E0 is 100/1000/2500 (Smart Rate, IEEE802.3bz), E1 is 100/1000
Shall support 160MHz channel size.
It shall have an integrated BLE5.0 & 802.15.4 (ZigBee) radio, USB 2.0 host interface
Automatic transmit power and channel management control with auto coverage hole correction
via Adaptive Radio Management (ARM)
Integrated Trusted Platform Module (TPM) for secure storage of credentials and keys

96 43
 "- – "

It shall have an integrated advanced cellular coexistence (ACC) module for interference
immunity, and shall support Intelligent Power Monitoring (IPM)
Maximum power consumption:26.1 Watts
Multifunction access point supporting wireless LAN access, Air Monitoring, Remote Networking,
Mesh and intrusion detection and prevention.
The Aps shall have call admission control capabilities for voice and video traffic Max. load and
bandwidth for voice and video traffic should be a configurable parameter
Support physical security using locking hooks or tamper proof enclosures.
Built in hardware spectrum analyzer
Shall have lifetime warranty

In case of Poles needed, the minimum requirements are:

Galvanized,
6m,
self-support with concrete base of 60x60x80 cm,
2.5-3 inch.

In case of battery system needed, the minimum requirements are:

It should be IP67 Junction box with battery, controller, DC Regulator Module, DC to AC inverter
(250W), Lightning Protection Module, output power 100-240 Volt 50/60Hz AC.
Battery shall be deep cycle of 12V, 100 amps.

In case of solar system needed, the minimum requirements are

Minimum 200 watts mono solar panel.
Pwm or mppt based solar controller
High Efficiency Polycrystalline Solar cells for higher module efficiency.
High quality, low iron, toughened glass to ensure high light transmittance.
Premium quality encapsulation material ensuring high quality lamination.
Robust, corrosion resistant anodized aluminum frame.
It should be IP67 Junction box with battery, controller, DC Regulator Module, DC to AC inverter
(250W), Lightning Protection Module, output power 100-240 Volt 50/60Hz AC.
Battery shall be deep cycle of 12V, 100 amps.

(SSL Certificate:) 10.1.6

The contractor shall provide the university with 2 types of certificate :

1- wildcard certificate for all university domain
2- SAN certificate for all the AAA servers
These certificates must be issued by Public CA such as VeriSign, GetoTrust, Comodo, DegiCert etc, that
will be used for AAA server to authenticate clients. The certificate shall have the following properties:
CSR Type: RSA
Key Size: 2048 bits
Valid for 3 years or 2 years (as per the maximum allowed years per certificate)

CSR will provided later

96 44
 "- – "

10.2

Professional Services 10.2.1

The professional services shall be provided by the Partner. The professional services includes but not limited to:
Indoor and outdoor site survey to define AP locations to meet the university coverage and
bandwidth requirements
Full WLAN design (HLD and LLD) including network, security, redundancy, mobility, QoS, etc.
Define the outdoor power requirements such as POE, AC
Initial configuration of WLAN controllers and APs
Integration of WLAN Controllers and APs with University Network
Integration of AAA server with WLAN controllers, APs, wired switches, VPN server and
University Network
Advanced configuration of WLAN security, NAC, Redundancy, Mobility, QoS, etc.
Network and RF tuning to meet the university coverage, bandwidth, capacity and QoS.
Configuration and Integration of WLAN Management system with WLAN services for both
existing and new WLAN infrastructure and wired infrastructures of all vendors.
Integration of Guest Management system with the existing SMS gateway.
Testing and Commissioning.
Providing Heat Maps that shows the WIFI Coverage of Each AP in each building Separately and
Outdoor Using Airmagnet Software
Final Documentation and Knowledge Transfer.

96 45
 "- – "

(UTP Points) :
:

UTP End Points

UTP Patch Panel
UTP Patch Cord

UTP End Points 10.3.1

UTP End Points with All Accessories CATEGORY 6A UTP CABLING SYSTEM REQUIREMENTS

Furnish and install, complete with all accessories, a Category 6A Unshielded Twisted Pair (UTP)
Structured Cabling System (SCS). The SCS shall serve as the transport infrastructure for data, video
and voice telephony signals throughout the network from designated demarcation points to outlets
located at various Desktop, Workstation, Data Centre, Intelligent Building facilities or other locations as
indicated on the contract drawings and described herein.

General Requirements

The structure cabling system products specified in this document shall be supplied and produced by a
single manufacturer.

Materials and equipment shall be the standard product of a manufacturer regularly engaged in the
manufacture of structure cabling products and not custom designed especially for this project.

The proper installation practices must be considered regarding the bending radius, pulling strength,
appropriate cable ties and length of untwisted conductors…etc.

Manufacture Qualifications
Manufacturing firms should be regularly engaged in manufacture of Structure cabling systems of type,
size and whose products have been in satisfactory use in similar services for not less than 5 years.
The manufacturer shall provide performance and component warranties for the installed structure
cabling system for 25 year.

Installer Qualifications
The Installer must have at least 5 years of experience in installation of similar projects. Installer should
be certified from the manufacturer to design, install and troubleshoot the provided structured
cabling system.

The structure cabling system must satisfy the following objectives:

- Backward compatible to previous categories.

- Open standard that allows products from different vendors to work together.

96 46