Shall administer the network equipment, either on-site or remotely, which shall minimally include the following:
(a) Checking the logs of the network equipment and network links every morning to ensure no abnormal activities;
(b) Install, maintain and upgrade all hardware, firmware and software used;
(c) Apply software and security patches as prescribed in Part 2C Patch Management Requirements;
(d) Fine-tune the network or system parameters;
(e) Patch/Re-Patch cables in patch panels, network points and all network equipment;
(f) Labelling of cables, patch panels, racks and equipment;
(g) Create, delete or modify access rights for the network equipment related user accounts in terms of authentication, authorisation and accounting;
(h) Connect Customer-approved network equipment to the Customer’s network;
(i) Manage IP addresses and IP assignment scheme;
(j) Manage firewall rules setting and security configuration e.g. add, delete or modify firewall rules, change encryption keys;
(k) Perform troubleshooting to resolve network issues;
(l) Manage incidents as specified in Part 2D Service Management Requirements;
(m) Document and maintain configurations of all network hardware, cabling information and software used in the operating environment;
(n) Perform routine backup of network configuration for network equipment including firewall rules;
(o) Perform NAC ClearPass administration for security posture check enforcement which minimally includes the following tasks:
· Review NAC error logs for failed authentications;
· Verify the NAC service is enabled and policies are active;
· Import Customer LDAP Data Interchange Format (LDF) file into the NAC local user database;
· Housekeep the NAC local users and static host list;
· Update posture policies for endpoint protection and Windows patches;
· Perform NAC software updates and patching;
· Verify validity of certificates, trust lists and update status of Certificate Revocation Lists (CRLs); and
· Downloading and viewing of authentication and posture reports.
(p) Analyse network utilization pattern and problems, recommend and implement corrective and preventive measures;
(q) Recommend new or improved hardware, software, configurations, etc. to enhance the existing system performance and management;
(r) Assist the Customer to evaluate new hardware and software for implementation in the operating environment, when required by the Customer;
(s) Enforce physical access controls to the network room and the equipment, including escorting its own Sub-Vendors and the Customer-appointed Supplier, and maintaining proper management of keys and access logs at all times; and
(t) Provide standby and support service for network upgrades, network implementation or building maintenance activities such as testing and servicing of building power generators, Uninterruptible Power Supply (UPS), air-conditioning and fire suppression systems, which may affect the
operation of the equipment in the network rooms.
Requirement – Network Administration
Minimum Requirement:
(a) The Vendor’s support personnel who are managing the network must be trained and minimally be proficient in the following areas:
· Network technologies and protocols;
· Network configuration;
· Network utilization and performance monitoring;
· Network fine-tuning, incident troubleshooting, interpretation of statistics and traffic pattern;
· Firewall rules configuration and security setting; and
· IDS/IPS, CDN implementation and IPv6;
· Familiar with Cisco and Alcatel and Palo Alto
(b) The Vendor network support engineer shall have at least three (3) years of hands-on experience in configuring routers/switches (e.g., Cisco and Alcatel), firewalls, and intrusion detection/protection systems.
(c) The network support engineer shall minimally have the Cisco Certified Network Engineer
certification, or equivalent, and have experience in WAN implementation.