7K20--FY25-EBU-HW-DataProtectionStorage (VA-25-00065033)

Active

Contract Opportunity

Page 1 of 39

Page 54 of 54

Page 1 of 39

PRODUCT REQUIREMENTS
Infrastructure Operations Enterprise Backups (EBU) is a subdivision of the Department of Veterans Affairs (VA) IO Storage Management Service Line (SMSL). The EBU mission is to provide Data Protection for Veterans' data on Health and Benefits Information Technology (IT) Systems. The Data Protection mission functions include Data Backup Management, Disaster Recovery Planning, Data Restoration Services, Security Compliance and Risk Management, Monitoring and Reporting, User Training and Awareness Programs, Incident Response Coordination, Technology Evaluation and Implementation, Vendor Management, and Documentation Management associated with our customers' protected data. EBU s data protection service enhances and improves VA team s success associated with data center consolidation, improvements to service delivery, cost competitiveness, increasing system/service availability, support for cross-organization capability and understanding, and maintaining the highest standards for current and future goals.
These product requirements establish the government s need for adding two Commvault (CV) Hyperscale X (HSX) compliant clusters to the existing Commvault-based data protection environment. The clusters shall be installed, one at the Austin Information Technology Center (AITC) and one at the Philadelphia Information Technology Center (PITC). The AITC cluster shall consist of seven storage node servers and be capable of expanding to 12 nodes per cluster. The PITC cluster shall consist of eight storage node servers and be capable of expanding to 12 nodes per cluster. Each Node in the cluster shall provide a minimum of 480 Terabytes (TB) of raw capacity and be fully capable of expanding cluster capacity via the addition of additional Nodes. These data protection storage clusters shall provide storage for EBU customers protected data copies, both local copies and offsite auxiliary copies, which are managed by the EBU CV environment.
These clusters and their expansion capabilities are necessary to ensure the continued Data Protection services and associated mission function for our Veterans data. EBU needs to begin deploying the next-generation replacement storage immediately to ensure 100% of EBU data is fully migrated to new storage hosts by May 2028.
Each implementation shall provide the required storage capacity necessary to migrate designated portions from the aging vendor-owned storage to new government-owned storage and mitigate risks associated with the approaching May 2028 contract termination date. Additional benefits are gained by allowing phased customer data migrations and lowering risks to their operations.
Using Hyperscale architecture, EBU will be able to provide high-performance backup and recovery with automatic load balancing that optimizes the efficiency per node and enables enhanced recovery capabilities. These efficiencies allow VA to achieve Recovery Point Objectives (RPO) as low as minutes and greater data availability while reducing Recovery Time Objectives (RTO) and minimizing mission disruption. Integrating this storage architecture into the EBU Commvault Cloud Autonomous Recovery Software environment secures data operations continuity and recovery capabilities throughout the EBU-supported enterprise.
The clusters shall include built-in resiliency, allowing the ability to tolerate a node failure or multiple hard drive failures within a cluster, providing optimal storage efficiency. The contractor shall provide the required Commvault File System (CVFS) 12-month subscription for each Node, allowing full integration into the EBU Commvault CommCell, and one year Original Equipment Manufacturer (OEM) 24x7x365 / Next Business Day parts and labor onsite support for hardware.
The Contractor shall deliver all required hardware, in the quantities and to the locations detailed below no later than 90 days after Award.
Contractor shall provide, in PDF format all applicable OEM installation, maintenance and operating guides.
The Government requires hardware to be delivered to the following VA locations:
Austin Information Technology Center (AITC) Austin, Texas
Philadelphia Information Technology Center (PITC) Philadelphia, Pennsylvania

The Government requires the following products:
Description
Part no.
Quantity
AITC Data Protection Storage Cluster - Seven Node:
In accordance with (IAW) Section 1.1 and 1.4 of the PD
NA
1
PITC Data Protection Storage Cluster - Eight Node:

In accordance with (IAW) Section 1.1 and 1.4 of the PD
NA
1
Commvault Cloud Hyperscale X (HSX) Reference Architecture 24-Drive Node subscription:
IAW Section 1.2 of the PD
CV-HSRA-24-1N-31
15
Hardware Support Service (One Year per Node)
IAW Section 1.3 of the PD
NA
15
Additional System Requirements
IAW Section 1.4 of the PD
NA
NA

COMMVAULT COMPLIANT HYPERSCALE X DATA PROTECTION STORAGE CLUSTER
A CV compliant HSX data protection storage cluster is a sophisticated, scale-out architecture designed to provide robust data management and protection across hybrid cloud environments. Its primary purpose is to ensure the availability, security, and recoverability of critical business data while simplifying the complexities associated with data backup and recovery processes.
Purpose
The primary objective of the CV HSX cluster is to modernize data protection strategies for our organization which operates in increasingly complex IT environments. This includes on-premises systems, hybrid clouds, and multi-cloud setups. These clusters achieve this by integrating storage capabilities with comprehensive data protection features, allowing businesses to manage their data lifecycle efficiently.
Key Features
Scalability: The HSX architecture allows organizations to expand their storage capacity seamlessly as their data needs grow. This scalability is achieved by adding nodes incrementally to the existing cluster without disrupting ongoing operations.
High-Performance Backup and Recovery: With built-in features such as automatic load balancing and efficient data caching, the HSX ensures rapid backup and recovery processes. This minimizes downtime during critical operations and enhances overall system performance.
Enhanced Security: The cluster incorporates multiple layers of security, including immutable storage designed to protect against ransomware attacks. This feature ensures that once data is written, it cannot be altered or deleted until a specified retention period has expired.
Data Mobility: The HSX facilitates cost-effective cloud data mobility, enabling users to back up, recover, and transfer data between various cloud platforms without vendor lock-in issues. This flexibility supports diverse business needs and optimizes operational costs.
Centralized Management: A single-view dashboard simplifies monitoring and management tasks across all nodes in the cluster. IT personnel can easily track hardware performance, receive alerts for service level agreement (SLA) breaches, and manage backups from one interface.
Compliance Support: The architecture adheres to industry regulations such as HIPAA, FISMA, NIST 800-53 and 800-37, ensuring that our organization can meet compliance requirements related to data retention and protection.
Hardware Specifications:
AITC Cluster initial deployment shall consist of seven storage node servers with a minimum of 3.3 PB Raw Total Capacity.
PITC Cluster initial deployment shall consist of eight storage node servers with a minimum of 3.8 PB Raw Total Capacity.
Clusters shall be capable of expanding to 12 nodes per cluster.
Clusters shall be CV HSX Architecture compliant.
Cluster Nodes shall contain two each 480 Gigabyte (GB) minimum Solid-State Drive (SSD) drives compliant with HCX Appliance Model N24 technical specifications for Boot.
Cluster Nodes shall contain two each 6.4 Terabyte (TB) minimum SSD or Non-Volatile Memory Express (NVMe) drives compliant with HCX Appliance Model N24 technical specifications for CVFS and Index/Deduplication Database (DDB) cache.
Cluster shall be capable of providing a minimum of 5.5 PB or greater of raw capacity in a 12 Node configuration.
Cluster Nodes shall contain a minimum of 480 TB Raw Capacity per node.
Cluster Nodes shall be an N24 type server with 24 Hard Disk Drive (HHD).
Cluster Node drives shall contain a minimum of 20 TB Raw capacity per HHD drive.
Initial Configuration shall include all hardware and software to permit expansion to 100% capacity via the addition of compatible drives.
Additional Cluster per Node Characteristics:
Network:
Minimum four each Dual Port 10/25 Gigabit Ethernet (GbE) Network Interface Card (NIC) supporting 10/25GbE Small Form-factor Pluggable Plus (SPF+) Connections.
Eight each Lucent Connector (LC) connection 10/25GbE Small Form-factor Pluggable 28 (SFP28) Transceivers supporting multimode fiber.
On-Board Ports (as a minimum):
One each RJ-45 Management for remote administration.
One each system port to allow Command Line Interface (CLI) connection.
Support for crash cart keyboard, video, and mouse (KVM) connection.
RAM:
Minimum 768 GB per Node.
Power/Cooling:
Fully populated, redundant, and hot-swappable power supply units and cooling fans.
COMMVAULT CLOUD HYPERSCALE X (HSX) REFERENCE ARCHITECTURE 24-DRIVE NODE SUBSCRIPTION
The OIT EBU platform uses the Commvault Cloud Autonomous Recovery Software as the platform's core data protection application. This core application requires all HSX Nodes to be equipped with CV Cloud HSX software. The CV Cloud HSX Reference Architecture 24-Drive Node subscription authorizes the use and maintenance support for the Commvault-provided HSX Appliance software. This software package includes the Nodes Linux Operating System and the CVFS. This software subscription service grants users authorized access to the software, including all subsequent maintenance releases and patches, ensuring that the EBU Platform always has the latest features and security updates.
Purpose
CV s HSX solution automates and simplifies the overall administration of backup management. It includes enhancements that simplify deployment for complex, security-focused networks, accelerating your time to first backup. In addition, CV follows zero-trust principles to help address the security challenges using security initiatives that include hardened OS, automated monthly security updates, ransomware protection/multi-layered immutability, and malicious activity security alerting features. CV Cloud HSX has enhanced ransomware protection built-in and enabled by default. It provides multiple layers of immutability across the software, OS, and file system. These layers are designed with zero-trust principles to prevent protected data from being accidentally or maliciously encrypted, modified, or deleted. This provides data recovery in the event of an attack, reducing the risk of financial loss and business interruption due to a software breach while protecting backups from unauthorized data access.
Key Features
Operating System: SELinux (Security Enhanced Linux kernel extension) enhances immutability by providing access policies that restrict file modifications on mount paths and disk-level activities, such as reformatting drives. This protection at the OS level blocks unauthorized users and ransomware attacks through access controls that determine which actions can be performed by which users. With SELinux enabled, only specific and authorized CV processes can access stored data for necessary operations.
File System: CV s integrated scale-out file system (CVFS) provides immutability at the storage layer to prevent files in the backup mount path from being modified or encrypted at the file system level. This safeguards data at the storage IO level by preventing the bypass of security controls by accessing protected data directly from the Operating System.
Software Immutability: This software secures protected data from inadvertent misconfigurations and deletions, which remain common issues for organizations. CV software supports WORM (Write Once Read Many) storage policies to prevent the accidental deletion of backup data from an authorized user, including a CV backup administrator. By leveraging CV s WORM capabilities, backup jobs that haven t met the defined retention rules cannot be deleted, even by a master user within the environment.
Security Alerts: This software has implemented security alerts to detect rogue activity and validate that all events and activities are from known authorized users and processes. The software provides security alerts, critical to system administrators, for events to include FboNotice access attempts via SSH, enablement of FboNotice access, disablement of ransomware protection, etc.
HARDWARE SUPPORT SERVICE (ONE YEAR)
The Contractor shall provide a one-year OEM hardware service agreement that encompasses comprehensive maintenance and support for the Data Protection Storage Cluster Nodes. This agreement mandates that the contractor provide 24-hour per day and 7-day per week support availability, ensuring that any issues related to the hardware can be addressed at any time. The service shall include a structured response protocol: an initial notification response time of one hour is required for troubleshooting issues, allowing for rapid identification and resolution of problems as they arise. In cases of catastrophic failures, which could severely impact operations, the contractor must ensure an on-site response within four hours to mitigate downtime and restore functionality as swiftly as possible. For non-catastrophic failures, the agreement stipulates that parts and service must be provided on-site by the next business day, ensuring minimal disruption to government operations.
Additionally, the contractor shall provide the government of all recordable media associated with the hardware. All data and records generated during the operation and maintenance of the Storage Server Nodes shall remain under government control, safeguarding sensitive information and maintaining compliance with relevant regulations.
The period of performance for this order is explicitly defined to commence upon the expiration of OEM parts and warranty. It is crucial to note that the OEM warranty shall not begin until successful delivery to both AITC and PITC. This stipulation ensures that there is a clear understanding of when maintenance responsibilities shift from OEM coverage to contractor obligations, thereby establishing a timeline for when government support services will take effect. Overall, this OEM hardware service agreement aims to provide robust support mechanisms while ensuring accountability and data security throughout its duration.
ADDITIONAL SYSTEM REQUIREMENTS
The Contractor shall deliver all necessary hardware, software, cables, instructions, and accessories to install and configure the Commvault-compliant HSX data protection storage clusters.
The Contractor shall provide storage nodes that are compatible with the CV HSX architecture.
The Contractor shall provide standard 19-inch rack mounts for each storage node and include appropriate mounting hardware to ensure secure installation within existing government-provided server racks.
The Contractor shall provide any additional and OEM included management tools or plugins necessary for optimal operation and monitoring of the storage cluster.
The Contractor shall provide sufficient power cables (IEC C14 to C13) for each storage node, ensuring compatibility with local electrical standards.
The Contractor shall provide applicable Node interconnect and high-quality network cables to connect each node to the government-owned network switches.
The Contractor shall include any necessary cooling accessories, such as fans or thermal pads, if required by specific hardware configurations.
The Contractor shall provide comprehensive installation manuals detailing step-by-step procedures for setting up hardware components.
The Contractor shall provide detailed configuration guides outlining how to set up the CV software on the HSX cluster, including best practices for performance optimization.
The Contractor shall provide troubleshooting guides that address common issues encountered during installation and configuration processes.
The Contractor shall include warranty details for all hardware components delivered as part of this contract.
The Contractor shall ensure that all delivered components comply with relevant industry standards (e.g., ISO/IEC 27001) regarding data protection and security.

Attachments/Links