The vendor is required to provide the access control system and the visitor management system shall ensure data integrity.
- Processing interruptions due to incidents such as aborted transactions, hardware failures, or network unavailability shall not result in inaccurate or inconsistent data.
- The system shall provide a method of audit validation to ensure all data sent are received in the target application.
- Software updates shall be accomplished through an automated network facility and not require manual procedures.
- An update utility shall be configurable by multiple parameters (e.g., server type) and support the scheduling of update activities in batch and non-batch modes.
- Data migration shall include formatting and should have the capability of transferring the database of existing users and access roles from the existing access control system database to the new system.
- All employee, contractor, visitor, and retiree information shall be ingested and usable by the new access control system.
- The system shall provide full, bidirectional synchronization between primary and backup servers.
- Users shall not experience service degradation.
- Hardware/ software performance shall not exceed sixty percent utilization when at capacity.
- The system shall maintain 99.99 percent “up-time”.
- Routine maintenance or administrative procedures shall require neither “downtime” nor a system restart to take effect.
- Those specifically include—but are not limited to—database, security, and administrator actions.
- Cyber security requirements
• The software shall support 256-bit encryption for communications among clients and servers.
• The software shall employ encryption for data in transit, FIPS 140-2 certified, and a symmetric cipher key of 256-bit strength.
• The software shall support encryption at data rest using a symmetric cipher that is FIPS 197 certified (advanced encryption standard) for 256-bit strength.
• The software shall employ certification technology to secure communications among all elements.
• The software shall support FIPS 140-2 encrypted VPN tunnel over the internet.
• The software shall support data integrity to ensure tamperproof messages and records.
• The software shall support non-repudiation providing evidence of a message or transaction and ensure indisputable contents.
- Authorization levels: based on each user’s authorization level, the software shall permit/restrict access to available devices; events, files, and records; and control actions and functions.
- User groups: to simplify authorization, the software shall assign users to groups.
- All users in a particular group shall be accorded equivalent authorization as ascribed to that group.
- The software shall allow a user to be assigned to multiple groups
- Device groups: to simplify administration, the software shall assign devices to clusters.
- The software shall authorize access by user, or user group, to clusters in addition to individual devices.
- Microsoft windows active directory: the software shall support log-in authorization as administered via windows active directory and windows single sign-on (SSO) or their equivalents.
- The software also shall support dual-factor authentication and restrict access by single-point PIV and the like.
- Internal security database: the software shall store user and device authorizations and administer those functions using internally maintained security and data encryption.
- Administrator control: the software shall support user permissions to divide and control administrative capabilities.
- Password management: the software shall allow a user to change his/her password and permit administrators to configure the said capability via remote authentication.
- The Technical Support & Call Center is available by phone 24 hours a day, 7 days a week, and 365 days a year and will provide remote or onsite support beginning the date the system is installed.
- Contract Period/Term: 5 years
- Pre-Proposal Conference Date: April 17, 2025
- Questions/Inquires Deadline: April 23, 2025
