DRAFT PERFORMANCE WORK STATEMENT

SECTION 3.0 - PERFORMANCE WORK STATEMENT (PWS)

3.1 INTRODUCTION

The primary goal of this acquisition is to migrate to a commercial data center co-location facility,
which will result in improvements in efficiency, agility, and potential cost savings. The purpose
of this PWS is to define the Peace Corps requirements associated with the Peace Corps Data
Center Co-location Project. This effort will culminate in the relocation of the Peace Corps data
center from the current computing environment at its present location, 1111 20th Street, NW,
Washington, DC to a full service co-location facility utilizing the Contractors provided power,
cooling, space, physical security and other physical facility infrastructure for Peace Corps
provided and managed hardware and software.

3.2 CURRENT DATA CENTER ENVIRONMENT

A description of the Peace Corps current data center hardware, and Wide Area Network (WAN)
and Internet access is as follows:

3.2.1 Hardware

a. 15 42U racks, with dual phase power

b. Multi-Contractor servers hosting a VMware ESXi virtual environment,
c. Structured Query Language (SQL) Server database cluster, and
d. Storage Area Network (SAN) Storage.
e. Unified Communication (UC) devices include Cisco Call Manager, Call Manage Unity,
UCCX, Voice Over Internet Provider (VoIP) gateway, VoIP switch, Video Conferencing
Gateway (VGW) and Video Teleconferencing (VTC) devices.
f. The wireless system includes Cisco Wireless Controller and Access Points (APs).
g. WAN, WAN optimizer and Virtual Private Network (VPN) devices include Cisco
Router, Cisco ASA, Contractor device and Encryptor.
h. Firewall appliances includes Cisco ASA series and Palo Alto as a main firewall/Intrusion
Prevention System (IPS) and Intrusion Detection System (/IDS) devices.
i. Cisco Nexus switches(7k, 5k, and 2k) with a redundant configuration to support server
farm and HQ network as a Core element.

3.2.2 WAN and Internet Access

The Peace Corps employs a Verizon dedicated Ethernet service for primary Internet connection
and providing VPN connections to all Peace Corps Posts and reginal offices in and outside of
USA. Also, Peace Corps is using Verizon Multiprotocol Label Switching (MPLS) network to
provide interconnectivity for all Peace Corps regional offices and the Disaster Recovery (DR)
site. For the redundant Internet connection service, Peace Corps has a Comcast dedicated
Internet service for all mission critical services.
Please see the inventory of Peace Corps IT equipment listed as Exhibit 1 List of Current
Hardware attached herein.

3.3 TECHNICAL REQUIREMENT

3.3.1 Operational Needs

The Contract shall provide a data center facility with cage space meeting Peace Corps
defined requirements and cage layout of specifications for racks and work space. The
cage space shall fulfill the following operational needs:
a. Equipment racks,
b. Conditioned power (main and Uninterruptible Power Supply (UPS)),
c. Environmental controls/protection (fire, flood, temperature, humidity etc.),
d. Security and access control,
e. WAN and internet connectivity

3.3.2 Secure Computing Space

3.3.2.1 Caged with locked entry and a minimum of 5 levels of biometric security.
3.3.2.2 Floor space accommodating 15 racks with growth potential to 20 racks over the life of
the contract.
3.3.2.3 Floor space accommodating workbench and small equipment storage unit.
3.3.2.4 Surrounding cages must not be occupied by foreign-owned entities.
3.3.2.5 Federal Information Security Management Act (FISMA) high-rated facilities within the
United States and abroad to accommodate our international sites.

3.3.3 Server Rack Requirements

3.3.3.1 The Contractor shall provide cabinets with the minimum specifications: 10 42U cabinets,
600mm wide and at least 950mm in depth.
3.3.3.2 All cabinets shall have lockable perforated doors at the back and the front with cable
management on the interior of each cabinet. Please provide make and model details for
cabinets in accordance with Section TBD.
3.3.3.3 Partition shelves should be available if required.
3.3.3.4 Cabling to each rack should be fed through ceiling cable tray.
3.3.3.5 Power & data cabling should be in separate tray.
3.3.3.6 Contractor shall provide the option of two Power Distribution Units (PDUs) per rack.
3.3.3.7 The Contractor shall provide structured cabling between server cabinet

3.3.4 Power Supply Requirements

3.3.4.1 Quantity of 10-12 (120/240V) 30-50AMP dual power feeds is required for racks (See
Exhibit 1- 1 List of Current Hardware under Section TBD ).
3.3.4.2 Flexibility to increase power supplied to cage as requirements increase.
3.3.4.3 Each power feed should not come from the same phase.
3.3.4.4 Each power feed should be fed from independent breaker L6-30R power connections.
3.3.4.5 All power feeds must be protected from brownout, spike and surge by Uninterrupted
Power (UP) with six 9s of audited up-time.
3.3.4.6 Power shall be supplied with the capacity to supply stable power up to 30 minutes after
power failure.
3.3.4.7 The data center power should switch instantly to Uninterrupted Power Supply (UPS) and
switched to backed up Power.
3.3.4.8 Generator transition from UPS shall be within 30 minutes of any power failure.
3.3.4.9 Power Generator should have fuel supply for at least 7-days of continuous operation.
3.3.4.10 Current power utilization listed in Exhibit 1- List of Current Hardware under
Section TBD.

3.3.5 Environmental Control And Protection

3.3.5.1 The Data Center facility shall be protected by fire suppression system with pre-active dry
pipe water fire suppression system at a minimum.
3.3.5.2 Fire detection system shall be in place. e.g. smoke and/or heat detection.
3.3.5.3 Water leakage detection system shall be in place to detect possible water damage due to
leakage or flooding.
3.3.5.4 Climate control and Anti-static flooring should be used to prevent excess static build up.
3.3.5.5 Air Conditioning system should provide 24x7 cooling and humidity control with
redundancy in case of break down.
3.3.5.6 Peace Corps must be provided access to monitors and reports for the environmental
controls within the facility.

3.3.6 Security And Access Control

3.3.6.1 Contractor shall supply a security plan in accordance with Section TBD, outlining their
access controls, monitoring, incident response, and security data archives processes and
procedures, and policies.
3.3.6.2 Security monitoring shall be in place 24-hours a day 365 days a year. Closed Circuit
Television (CCTV) monitoring and recording on common access area and entrances
should be provided. All access doors of entrances shall have a security lock with access
control system and bio metrics to record and control access.
3.3.6.3 All entries and accesses to the Peace Corps secured space shall be logged and reviewable
by Peace Corps cleared staff upon request. Access to datacenter access logs should be
available upon request.
3.3.6.4 All equipment delivery and removal from the Data Center shall be recorded.
3.3.6.5 Data Center shall provide Access Control only allowing authorized persons to access
secured areas.
3.3.6.6 Contractor shall include policies and procedures for administrative services in accordance
with Section TBD, such as shipping, receiving, and holding policies for shipments
received on behalf of Peace Corps.
3.3.6.7 Peace Corps shall be granted the ability to place their own security cameras within the
space at its discretion.
3.3.6.8 The facility shall be Federal Risk and Authorization Management Program (FedRamp)
certified.

3.3.7 Network And Communications Facilities

3.3.7.1 The facility shall provide easy access for any major telecom company to provide data
communication infrastructure and cross connect for Peace Corps.
3.3.7.2 The Contractor shall provide cross connects from at least four tier one Internet Service
Providers (ISPs) to provide data communication for Peace Corps.
3.3.7.3 The Contractor shall provide direct connectivity to Peace Corps current carrier (Verizon
and Comcast) and be capable of DC-Net direct connect.
3.3.7.4 The Contractors network infrastructure shall have process, procedure and capacity to
provide a secure path, that gives Peace Corps optimal route diversity, recoverability and
will allow for dual homing of Government services and carriers if desired.
3.3.7.5 Network performance reports/tools shall be available for monitoring the cross connects.
3.3.7.6 The Contractor shall provide three four post racks to accommodate all networking
infrastructure.
3.3.7.7 The Contractor shall provide structured cabling for cable plant and infrastructure. The
Contractor shall assume top of rack design.
3.3.7.8 The Contractors facility shall have a direct connection with Azure ExpressRoute service
within the facility.
3.3.7.9 The Contractor shall provide cloud boundary within the same facility as the Peace Corps
infrastructure for all cloud providers.
3.3.8 Service Levels

3.3.8.1 The Contractor shall guarantee Data Center uptime of 99.9999% per year.
3.3.8.2 The Contractor shall provide power with minimum requirements of Nominal Out Voltage
230V with less than 5% distortion at full load and frequency for 60 Hz nominal +/- 3Hz.
3.3.8.3 The Contractor shall provide networking cross connects within data center, with a
response time <3ms to any IP within data center and ping time to local network (Peace
Corps) <30ms.
3.3.8.4 The Contractor shall provide cooling and humidity control. Temperature shall be kept
within 15 to 20 degree Celsius and humidity shall be between 40% and 60%.
3.3.8.5 Peace Corps shall be notified of a compromise of any magnitude to the data center, Peace
Corps cage or racks contained within, affecting Peace Corps security or operations.
Compromises include but are not limited to datacenter break-in(s), racks break-in(s), un-
authorized access or vandalism to Peace Corps cage, racks, or equipment. For all security
related incidents, the Contracting Officers Representative (COR) shall be notified within
within 30 minutes according to an approved escalation list to be provided in accordance
with Section TBD.
3.3.8.6 Incident reports for all reported incidents shall be available within 8 hours from the report
of incident in accordance with Section TBD.
3.3.8.7 The Contractor shall notify the COR in writing (may be via email) at least10 calendar
days for all scheduled maintenance. For major service interruptions the COR shall be
notified in writing at least a four weeks in advance of major service interruption. The
COR shall be notified of all emergencies within 15 minutes of Contractor being aware.

3.3.9 Information Security

3.3.9.1 The Contractors Information Security Policy shall be provided for Peace Corps review in
accordance with Section TBD.
3.3.9.2 The Contractor minimum requirement is to provide FISMA- high level.
3.3.9.3 The Contractor shall provide a data center facility that meets or exceeds TIA Tier 3
requirements identified by the Uptime Institute.

3.3.10 CONTRACTOR PERSONNEL

3.3.10.1 Security Officer

The Security Officer shall be the primary point of contact for physical security of the data center
as well as network security for any connections provided by the data center. The Security
Officer or a designee shall be available to the COR via telephone 24 hours a day, 7 days a week
and 365 days a year (24x7x365) and shall respond to requests for discussion or resolution of
security problems within one (1)-hour of notification.
3.3.10.2 Qualified Personnel

The Contractor shall provide qualified personnel to perform all requirements specified in this
contract. All Contractor personnel who interface with the Government on this contract shall be
able to read, write, speak and understand English fluently. All personnel entering the Peace
Corps space must be United States citizens. The Contractor shall demonstrate that personnel
have necessary knowledge and backgrounds through technical certifications, specialized training,
or similar means.

3.3.10.3 Key Personnel

Before replacing any individual designated as a Key person by the Government, the Contractor
shall notify the KO no less than 15 business days in advance when possible, submit written email
justification for replacement, and provide the name and qualifications of any proposed
substitute(s). All proposed substitutes shall possess qualifications equal to or superior to those of
the Key person being replaced. The Contractor shall not replace Key Contractor personnel
without acknowledgment from the KO. The Security Officer and the Security Officers designee
are Key Personnel. The Government may designate additional Contractor personnel as Key
Personnel at the time of award.

3.3.10.4 Contractor Furnished Property

The Contractor shall furnish all facilities, materials, equipment and services necessary to fulfill
the requirements of this contract except for the Government Furnished Equipment specified in
Section 3.3.10.5 below. The provided secure space, power, environmental controls
(heating/cooling/humidity), and network connections shall be provided by the Contractor for the
Peace Corps data center space.

3.3.10.5 Government Furnished Property

The government will provide and maintain Peace Corps software and hardware within the
provided data center space located in the Contractors facility. Title to and ownership of the
software licenses and hardware warranties to these products remains with the government to
support the Peace Corps data center environment. The secure space, power, environmental
controls (heating/cooling/humidity), and network connections shall be provided, maintained and
operated by the Contractor.

The government will maintain the exclusive right to add or remove government furnished
property from the provided space at the data center located in the Contractors facility. Large
shipment deliveries will be coordinated with the COR or other representative as designated by
the COR with 24 hours advance notice