CHFA-263-RFP for Network Infrastructure Assessment

Agency: Connecticut Housing Finance Authority
State: Connecticut
Type of Government: State & Local
NAICS Category:
  • 541512 - Computer Systems Design Services
  • 541519 - Other Computer Related Services
Posted Date: Nov 6, 2023
Due Date: Nov 14, 2023
Bid Source: Please Login to View Page
Contact information: Please Login to View Page
Bid Documents: Please Login to View Page
RFP Post Date Due Date Additional Documents
CHFA-263-RFP for Network Infrastructure Assessment 10/23/23 11/14/23 4:00 p.m. Questions and Answers

Attachment Preview

Dear Interested Party:
Date: October 23, 2023
The Connecticut Housing Finance Authority (“CHFA”) requests written proposals from qualified firms
to conduct an independent, comprehensive, and detailed technology assessment and develop a road
map or action plan that guides future development remediation efforts and infrastructure investments.
CHFA will not reimburse for any expenses incurred in connection with this Request for Proposals
(“RFP”) including, but not limited to, the cost of preparing the initial response and any additional
information requested or travel expenses relating to an onsite presentation. Please be advised that
responses will be considered property of CHFA, are matters of public record, and may be publicly
disclosed by CHFA after the awarding of the contract.
CHFA, a body politic and corporate constituting a public instrumentality and political subdivision of the
State of Connecticut, was created in 1969 and operates pursuant to Chapter 134 of the Connecticut
General Statutes, as amended. CHFA’s purpose is to help alleviate the shortage of affordable housing
for low and moderate-income families and persons in Connecticut by providing single-family mortgages,
financing for rental housing, and mortgages for the purchase, development, and construction of housing.
For additional information about CHFA, please reference CHFA’s website at
CHFA information technology infrastructure is comprised of commercially available hardware. In
addition to commercial software, CHFA hosts in-house developed business applications that are mission
critical. There are over 50 virtual servers residing on VMWare hosts, HP, and Dell SANs. These servers
provide technical and businesses services and are located at CHFA’s office in Rocky Hill, Connecticut.
CHFA operates in a hybrid mode wherein users work part time in-house on desktop computers and part
time remotely on are assigned laptops. The CHFA Network consists of several internal virtual LANs
(VLANs) and associated IP subnets. These VLANs have been defined to segment the environment for
both security and performance and scalability purposes. CHFA operates from one location and has the
following existing network/connectivity:
Internet facing Cisco routers (two of which are configured with BGP peering service)
Cisco switches (Internet Edge/DMZ/LAN)
Cisco ASA firewalls
Cisco wireless controllers
Page 1 of 9
Cisco wireless APs
Rack mounted APC power units
Firepower advanced security features
FireSIGHT management Center
~ 60 Servers (Virtual/ VMWare)
~ 150 laptops
~ 150 desktops
Microsoft 365
CHFA is seeking proposals from qualified firms to perform a complete assessment and analysis of its
current network infrastructure to identify inefficiencies and risks. Based on these findings, the firm will
develop a road map or action plan with recommended improvements that guide future remediation efforts
and infrastructure investments. This assessment will be conducted through a series of site walkthroughs,
interviews with key IT personnel, hardware inventories, equipment configuration reviews, and network
design reviews. The assessment will measure, analyze, and document current network functionality,
performance, and security; and then make recommendations for future upgrades and improvements in a
prioritized format. The assessment must measure the effectiveness of the existing technology
infrastructure with current industry standards or optimal emerging technology.
The selected vendor will conduct a comprehensive review of equipment, systems, and programs to
compare the existing technology infrastructure with current industry standards and assess service
approach compared to best practices in the following areas, including but not limited to:
Network architecture and management
Datacenter power supply
LAN, desktop, and server management
Desktop/server application development/maintenance and data architecture
VOIP optimization
Disaster recovery
Documentation of policies and procedures
The following are CHFA’s objectives for this project:
Upgrade and refresh network switching equipment for both wired and wireless services.
Update the network design and the switching capabilities.
Significantly improved infrastructure with simplified management and serviceability.
Comply with GLBA/FTC security standards.
Develop a periodic life-cycle refresh (internet edge routers, switches, & firewalls)
Growth (increased performance / capacities)
Improved security posture - next-generation / firewall - IDS/IPS, anti-malware, AV/AS,
Page 2 of 9
Improved manageability & visibility / event management
Reporting (uptime, resource trending) / configuration management
Facilities management - data center / rack / environmental (power, cooling, humidity) / cable
At a minimum, the comprehensive systems analysis and assessment of CHFA’s present technology
infrastructure should consider the following activities:
Phase I – Discovery
Interviews and/or questionnaires with key IT staff members in charge of policy, administration,
day-to-day operations, system administration, network management, and facilities
An on-site walk-through and site assessment of communications closets (MDFs, IDFs, data
center) to review physical plant, capacities, and environmental(s).
Gather information on current server-side / high-availability and dependencies (NICs, proxy,
load balancing, identity/AD).
Obtain existing network documentation.
Obtain information on existing network management software, tools, and utilities.
Obtain business requirements of hosted web services.
Phase II – Assessment
Evaluate existing network management tools and perform gap analysis.
Review internet edge design (internet circuits, bandwidth, BGP routing)
Review high-availability posture (routing, switching, clustering, firewalling, proxying, and NIC
Firewall design review (evaluate complexity and capabilities compared to business
High-level review of physical and virtual server environment supporting hosted applications.
Design and feasibility review of preparedness for hosted web services.
Evaluate operational support levels for network infrastructure components.
Perform high-level gap analysis against industry or manufacturer best practices, and applicable
regulatory compliance driven practices.
Phase III – Documentation
Develop assessment report consisting of:
Discovery and Assessment observations/findings
Develop operational support recommendations (network systems maintenance and
monitoring, recommended 3rd-party support, manufacturer warranties, hardware
sparing strategy).
Document recommended upgrade paths for existing network products/solutions.
Recommended high-availability improvements with a specific focus on hosted
Develop recommended solutions to improve CHFA’s security posture to be more in line
with general and industry security best practices.
Page 3 of 9
Determine design and upgrade paths for Internet Edge, LAN and WAN services
Develop action-plan and investment roadmap to prioritize and guide future
infrastructure investments.
Revise current state high-level network architecture diagrams.
Prepare solution specifications (bill of materials list)
Complete future state high-level network architecture diagrams (based on bill of materials)
Phase IV – Assessment Delivery and Workshops
Presentation of assessment reports and deliverable documentation
Follow-up discussions and workshop(s)
CHFA significantly engages in the mortgage lending business and meets the definition of “financial
institution” under the GLBA and must comply with applicable legal requirements, specifically section
501(b). The Gramm Leach Bliley Act (GLBA) is a federal law affecting all financial institutions. The
law requires that financial institutions develop, implement, and maintain administrative, technical, and
physical safeguards to protect the security, integrity, and confidentiality of customer information. The
GLBA requirements include those set forth in the Privacy Rule (12 CFR 1016) and the Safeguards Rule
(16 CFR 314). The Safeguards Rule requires all financial institutions to develop an information security
program designed to protect “customer information." Information Security Program means the
administrative, technical, or physical safeguards used by a financial institution to access, collect,
distribute, process, protect, store, use, transmit, dispose of, or otherwise handle customer information.
Section 501(b) specifically states that financial institutions implement the administrative, technical, and
physical safeguards as follows:
Ensure the security and confidentiality of customer records and information.
Protect against any anticipated threats or hazards to the security or integrity of such records.
Protect against unauthorized access to or use of such records or information which could result
in substantial harm or inconvenience to any customer.
DELIVERABLES (PDF & source files)
Documented deliverables should include, but not be limited to:
Summary of findings and recommendations
Findings, design alternatives, and recommendations for optimal systems and network design
Bill of materials
Technical specifications
VLAN segmentation plan
Spreadsheet – Proposed bill of materials
Network diagrams (Current) - Visio & PDF
Network diagrams (Future) - Visio & PDF
CHFA Network infrastructure investment plan
Page 4 of 9
Site survey data collection worksheet
Estimation of costs
Implementation roadmap - annualized
Expected recommendations include, but are not limited to:
Environmental recommendations
Physical plant recommendations
Documentation recommendations
Standards, policies and procedures recommendations
Network management recommendations
Network security recommendations
Network LAN recommendations
Wireless LAN recommendations
Internet-edge high-availability recommendations
Server LAN high-availability recommendations
Server storage high-availability recommendations
Server hosting / web application firewall recommendations
GLBA applicability recommendations
Firms will be evaluated based on written response to this RFP, additional written information as
requested by CHFA, and oral interviews, if any, including but not limited to the following criteria:
1. Reputation and experience of the firm
2. Relevant experience
3. Organization and approach of the firm to complete the project
4. Qualifications of assigned personnel
5. Cost, including the firm’s willingness to provide price protection
6. Commitment to Affirmative Action and Diversity, Equity and Inclusion
7. Absence of conflicts or potential conflicts
8. Connecticut presence
All firms must address the following issues and questions in the response:
1. Documentation, brochures, or other collateral information such as sample assessments or
templates that may demonstrate how the services will be performed
Page 5 of 9
This page summarizes the opportunity, including an overview and a preview of the attached documents.
* Disclaimer: This website provides information about bids, requests for proposals (RFPs), or requests for qualifications (RFQs) for convenience only and does not serve as an official public notice. Individuals who wish to respond to or inquire about bids, RFPs, or RFQs should contact the relevant government department directly.

Sign-up for a Free Trial, Government Bid Alerts

With Free Trial, you can:

You will have a full access to bids, website, and receive daily bid report via email and web.

Try One Week FREE Now

See Also

MHA-1466 | Paving Replacement Harvey Drive DMHAS Middletown Campus Paving Replacement on Harvey

State Government of Connecticut

Bid Due: 8/21/2024

Bid Number: 2C25-001 Bid Title: Page Park Improvements Category: Construction (Site Work) Status:

City of Bristol

Bid Due: 8/16/2024

RFP 2025-03 | Municipal Virtual Net Metering (VNM) Offtake Solar Developer The Town

State Government of Connecticut

Bid Due: 7/30/2024

22670 | Request for Proposals - Rail Freight Operator and Maintainer - CTDOT

State Government of Connecticut

Bid Due: 8/23/2024