CNB Access Control ProjectScope of Work

Project Scope:

Replace Cherokee Nation Business’s existing Picture Perfect Access Control system with a vendor solution that will provide additional flexibility in adding additional security levels/functions to meet Government contract regulations; ability to incorporate software man traps;ability to create ad hoc reports needed for Government Contracts and reaction to alarms with multiple levels of notification to CNB Security and Management.

Solution needs to work with CNB’s existing access cards, Pro Card II by HID, and door hardware configurations which includes:

  • Single and double door magnetic locks
  • I-Class readers
  • Push button exits
  • Motion detectors at doors

Project will cover:

  • Project planning with CNB personnel
  • Engineering and design for the solution proposed
  • Supplying the hardware/software necessary for solution
  • Installation of the hardware/ software as part of team with CNB personnel. NOTE: The hardware will include servers, if necessary, in the Data Center and door hardware needed for any new doors that are currently not included in Access Control.
  • Testing and validation of solution prior to cut-over in production
  • Activation and implementation in production
  • On-going hardware/software support through a 24X7 call center

The proposal should also include a training plan with recommendations of classes for CNB personnel. Training should include:

  • On-site training classes
  • Online training classes
  • Off-site training classes

Installation will cover:

  • Loading of all application software on the central host server
  • Loading of all software needed for hardware at door, area, etc. that will access control will cover
  • Loading of Reports module, if separate from application software
  • Loading of Archive module, if separate from application software
  • Loading of alarms module, if separate from application software
  • Supervise and assist in installations/wiring of hardware at door, Intermediate Distribution Frame (IDF) room, etc. with CNB personnel, as needed

Validation of installation:

  • Complete testing of system after completion of each location’s hardware/software to verify it is working according to agreed upon exit criteria established with CNB Personnel prior to implementation into production
  • Testing should include:
  • all hardware is connected and working at each location
  • all alarms work that are specified for that location
  • positive/negative testing for access criteria for users/groups at each location to ensure alarms trigger or not as expected
  • event logging is occurring as expected for events, alarms, etc. during testing
  • Man traps or 2 man traps are working as required for each location
  • Correct/fix any failures that occurred during testing
  • Re-test any failures until successful completion and validation as working within system
  • Submit written copies of test results as documentation and sign-off

Hardware/Software Requirements:

  • Solution should be able to run on a Client/server or web-based architecture
  • Solution should be able to provide system redundancy at an off-site property to eliminate single point of failure from impacting operation of locations
  • Client–side should be Windows based solution able to run on minimum platform of Windows XP 32 bit or Windows 7 32 bit with 1 CPU and 2G Ram; Enterprise III Client Software and Microsoft .NET Framework 3.0+
  • Solution should be able to run and interface with a Microsoft SQL Server R2 or later
  • Solution should beable to run on Microsoft Windows Server 2008 R2 or later
  • Solution should be able to interface with SMTP Mail server runningMicrosoft Exchange 2010
  • Solution should be compatible with virtual hardware solutions such as VMware vSphere
  • Solution should be able to run in a database cluster and/or mirror environment
  • Solution should be able to interface with Microsoft Office suite of products on Client side
  • Solution should be able to run on a LAN/WAN network.
  • Communication between workstations and servers should use TCP/IP standard over industry standard IEEE 802.3 (Ethernet).
  • Communications between server and workstations should be supervised and trigger alarm when this connection is lost/broken.
  • Solution shall provide multiple levels of data encryption
  • 128-bit AES data encryption between host and net controllers
  • Transparent database encryption, including log files and backups
  • SQL secure connections via SSL

Access Control Software Functionality:

  • Solution should be capable of controlling multiple remote sites
  • Solution should be network-enabled to connect to the multiple remote sites
  • Solution should be able to suspend an access control card, but not cancel or delete their access card privileges, if not used within a programmable timeframe, such as 21 days.
  • Need to be able to re-instate an access card’s privileges after the programmable timeframe above.
  • Solution should cover at a minimum the following events:
  • Disarm and unlock a door on card swipe
  • Arm and lock a door on a card swipe
  • Common area arm/disarm
  • Access denied for unauthorized card presented
  • Access denied if a specific alarm or system intrusion is in effect
  • Monitor and log system events for access granted, denied, alarms, etc.
  • If needed, associate events or alarms to video surveillance footage
  • Solution should be able to have alarm monitoring for minimum of:
  • Door attempts presented by an unauthorized person
  • Specified number of door attempts within a programmable timeframe by an unauthorized person
  • Door forced open without card presentation
  • Panic alarms
  • Door open over a specific timeframe and should be customizable by door
  • Lost connections with a door(s)
  • Power lost/outages to location’s hardware
  • Fire alarm triggered
  • Emergency alarm triggered
  • Unusual Activity/Door tricked to open without a card presented at reader
  • Solution should be able to email and/or text distribution lists specified when an alarm is detected. They should be flexible to handle multiple distributions lists based on the alarm detected or by location.
  • Solution should be able to escalate alarms to a separate distribution list by email and/or text if an alarm is not answered within a specified time period that is programmable by alarm.
  • Solution should be allow administrators/users with proper authorizations to initiate specific activities such as shut down areas, doors, entire facilities, etc. when an emergency or specific alarm is received
  • Access Control system should be able to be managed at one central location and then push out any changes to access areas, cards, etc. to the remote location.
  • Solution should be programmable to push any changes at specific intervals, such as every hour, or on a specific event as saving new access control/privileges for a user entered in the central site.
  • Solution should be able to set up role-based security options in templates that can be re-used for new users
  • Solution should be able to set up groups to include users and ability to set privileges by the groups, as needed
  • Solution should be able to import users/access control rights from current Picture Perfect system through an interface or in a CSV file format.
  • Solution should include a two way API that could interface withCNB’s corporate systems PeopleSoft and/or Kronos for user changes or time tracking; or any custom development for data exchange that may be needed with other CNB applications.
  • Solution should be able to integrate with CNB’s existing Surveillance systems, Milestone and Nice.
  • Solution should be able to interface with CNB’s Active Directory for authentication of usernames and passwords.
  • Solution needs to maintain minimum of 90 days information/logs in online system and up to 5 years in archive. Information included should be:
  • Access control users and their access privileges
  • Alarms encountered
  • Roles and templates created
  • Users with administrator and/or executive privileges
  • Doors or other locations access control has monitored, even if they have been deleted and are no longer in the system.
  • Solution needs ability to auto-archive from online system.
  • Solution should include major upgrades and maintenance fixes through maintenance/support agreement.
  • Solution should include/support software options to create:
  • Man Traps
  • 2 man rules with a minimum of one person from 2 separate departments or levels of access.
  • Solution should have option at the badge reader that tells the maglock to open without needing to go back to the controller
  • Solution should have complete set of documentation online including installation; operation; general user functionality and trouble-shooting.
  • Solution should have an online help key/function to do searches for operational answers; ask questions, etc. similar to Microsoft Office products.
  • Solution should create an audit log in the history file of any changes made by system administrator(s) or operational resources responsible for granting, changing or deleting access control within the application.
  • Solution should include ability to create hardware templates for doors, cages, etc. that can be re-used to create consistency with like hardware and reduce time to put new facilities into access control’s coverage
  • Solution should include functionality to set up automatic validations of covered facilities based on time of day; day of the week; holiday schedules; site code verifications, etc.
  • Should be flexible to allow multiple options for doors, areas, etc. based on CNB’s operational needs.
  • Set-up of these validations should be editable to add, delete or modify rules by users with proper authorization
  • Solution should include options to set up time zones to define hours of operations that a reader, cards, certain alarms or other features are active or inactive.
  • Solution should include the ability to add maps and/or diagrams to assign to hardware such as doors, IDFs, etc. within CNB’s facilities covered by Access Control to assist in identifying area and assist in quicker response times to alarms/events as needed

Reporting module:

  • Solution should have ability to schedule reports within system or through external scheduler
  • Solution should have canned reports for most commonly used by client base
  • Solution should have ability to run ad hoc reports on any field in database
  • Solution should have ability to run a report as an audit trail of a door, user, type of alarm, etc. for a specified period of time
  • Solution should have ability to run a historical report of access granted, denied, etc. for a specific period of time and a specific door, card, area, etc.

Facilities covered by project:

Interexchange - 10838 East Marshall Street North, Tulsa OK 74116:

  • 21 existing single mag lock doors with readers
  • 4 existing double mag lock doors with readers
  • 1 new single exterior door to install hardware and reader, approx. 400’ run to closest IDF
  • Numbers include 1 or 2 man traps.
  • All existing doors have readers on exterior wall and push button exits from interior
  • New door should be installed with reader on exterior wall and push button exits from interior

Total Doors Interexchange Building - 26 doors

Pryor Warehouse - 2277 Hwy 69A, Pryor, OK 74362

  • 9 existing single mag lock doors with readers
  • 2 existing double mag lock doors with readers
  • All doors have readers on exterior wall and push button exits from interior

Total Doors Pryor Building - 11 doors

Stilwell - 5 buildings included at 2 physical locations

Builidings 1 and 2

  • 5 existing single mag lock doors with readers
  • 1 existing double mag lock doors with readers
  • Two doors have readers on both entrance and exit, the other four doors have reader on exterior wall and push button exits from interior

Builiding 3

  • 7 existing single mag lock doors with readers
  • 3 new single exterior doors to install hardware and reader, 1 run approx. 75', 1 runs approx. 150’ and one run approx. 250' to closest IDF
  • All existing doors have readers on exterior wall and push button exits from interior
  • New doors should be installed with reader on exterior wall and push button exits from interior

Total Doors Stilwell campus 1 covering buildings 1 through 3 - 16 doors

Builidings 4 & 5

  • 1 existing single mag lock doors with readers
  • 2 existing double mag lock doors with readers
  • 2 new exterior doors to install hardware and reader, one is a single door with a run of approx. 50' and the other is a double door that has a run of approx. 100’.
  • All existing doors have readers on exterior wall and push button exits from interior
  • New doors should be installed with reader on exterior wall and push button exits from interior

Total Doors Stilwell campus 2 covering buildings 4 and 5 - 5 doors

Pricing should include:

  • Separate pricing options, providing 1 and 2 person teams to assist CNB in installations at all locations
  • Any recurring fees
  • Pricing for licensing for imaging/badging terminals
  • Training costs
  • Software licenses, annual or one-time cost
  • Software upgrades included in purchase options/maintenance agreements or one-time cost
  • Maintenance agreement options for 24X7 hour coverage