National University Corporation - Kyoto Issues Procurement Notice for Computer Infrastructure System 1 Set

Tokyo, March 25 -- National University Corporation - Kyoto has issued a Notice of request for submission of materials on Mar 24, 2026. Here are other related details:

Classification: 0014 Office Machines & Automatic Data Processing Equipment

Summary: ⑴ Classification of the products to be procured : 14 ⑵ Nature and quantity of the products to be purchased : Computer Infrastructure System 1 Set ⑶ Type of the procurement : Rent ⑷ Basic requirements of the procurement : A The system is comprised of a server infrastructure, infrastructure services, email services, seminar room environments, a group of shared portable terminals for education, e-learning services, file sharing services, document sharing services, user registry services, user portal services, security management systems, server management system infrastructure, terminal management system infrastructure, software management systems, printing systems, and a variety of services such as website hosting, as well as comprehensive licenses, and is capable of operating as the information infrastructure of the university, providing not only general education for the entire university, but also the service functions of information science education and office systems in a unified manner. B The server infrastructure will allow for easy migration from existing virtualized server instances running on VMware, will enable (almost) seamless operation and management of scalable server functions located on campus, in data centers rented by the university, and in data centers directly connected to SINET, and will also enable (almost) non-stop maintenance of equipment and firmware. Construction will be based on the concept of infrastructure as a code, using tools such as Ansible Playbook. Furthermore, the services provided by this system will be configured with multiple instances, allowing for updates without service interruption. C The underlying services shall include at least DNS, NTP, Web servers, Proxy, LDAP, RADIUS, Active Directory, IdP such as SAML, CAS, OpenID Connect, and file servers have high availability, and have APIs that enable control and operation management through open mechanisms. In addition to authentication using usernames and passwords, the authentication-linked IdP shall include a multi-factor authentication function using digital certificates, magnetic cards, IC cards, etc. It is desirable for the function to comply with standards such as FIDO. Furthermore, in addition to supporting the authentication of both the Center for Information Services Account (CIS account) corresponding to academic and professional records and the lifetime account uniquely corresponding to an individual, it shall have the function to return the corresponding lifetime account as the authentication result using the CIS account. The SAML IdP shall comply with the GakuNin Technical Application Standard (Ver.2.8). D In the services to be provided, data that is intended to be made public must be capable of stable provision using cloud services, etc., and must be controllable, auditable, and operationally manageable using published mechanisms. E In the services to be provided, the data whose disclosure should be limited should be configured as a service infrastructure that can be audited by security devices under the management of the University. This security function may be implemented by using the UTM device, such as Fortinet Fortigate 700G, already installed at the university. F The e-mail service supports at least the Webmail, IMAP4S, POP3S, and SMTPS protocols, can accommodate all of KIT's subdomains, has transparent virus scanning and SPAM countermeasures, and has the ability to handle e-mail exchanges involving large files, the throttling function that can limit the amount of mass mail sent, and the ability to set up flexible mailing lists according to user attributes. It is also capable of sending, receiving, and storing e-mails with digital signatures for all university members, and of managing the sending and forwarding of e-mails for all users with KIT personal IDs. To prevent fraudulent email use, it must be possible to perform domain-based email authentication, restrict email relays and forwarding, and enable advanced authentication for email clients (e.g., OAuth, multi-factor authentication). It is highly desirable to operate in accordance with DMARC, which supports SPF and DKIM. It can also support a configuration that mixes SaaS-based email services and on-premises email services. G The seminar room environment must be configured in at least three seminar rooms, each equipped with a sub-monitor (Full HD or higher, preferably 4K), wired LAN, and USB Type-C power supply for approximately 70 to 80 bring-your-own devices (BYOD devices), and must be capable of both sub-monitor and intermediate monitor functions (for displaying lecture materials from the teacher's area). Furthermore, at least three study rooms must be equipped with facilities to support a sub-monitor, wired LAN, and USB Type-C power supply, accommodating approximately 50 BYOD devices. H The shared portable devices for educational use are intended to serve as temporary replacements for BYOD devices. They must be at least 70 devices in number and be able to simultaneously perform security updates, install and update operating systems and software, reset user usage status, and run scripts on all devices while connected to the network. Administrators must be able to specify whether they are operational only when connected to the university network or in an offline mode. It is desirable to have control devices capable of maintaining and managing the rental of approximately 10 devices in each of the three seminar rooms. Furthermore, they must be able to conduct speaking tests for the university's English language training program and provide mathematical data science education using Python. They must also be available with both Windows 11 and Linux, and include at least Microsoft Office, antivirus functionality, online meeting functionality, a software development environment (Eclipse, Visual Studio Code), and a virtual machine execution environment (Oracle VM VirtualBox, VMware Academic Program, etc.). Basic applications must be licensed for use in lecture rooms or at home, and it is desirable that they run in a virtualized environment. Furthermore, it is desirable to be able to run Adobe Illustrator, Adobe Photoshop, PTC Creo, and Mathematica. I As an e-Learning infrastructure, Moodle LTS with the patches specified by the university should be able to run on the server infrastructure, withstand at least 300 users taking quizzes simultaneously, and deliver online materials to 300 users simultaneously. The system should be able to immediately reflect the pass/fail status of online tests set up for user training courses in the user sourcebook system as "service usage qualification information." The system also includes an online conference function that supports synchronous online lectures for 100 people and enables document sharing (PC screen, webcam, PDF documents), chatting, and two-way video calls. Furthermore, it is highly desirable to build a system that can be integrated with services such as Microsoft Teams via LTI (Learning Tools Interoperability) and provide operational support, including security measures. J As an electronic data repository infrastructure, it should be equipped with a file-sharing service equivalent to Nextcloud and a document-sharing service equivalent to XWiki or Atlassian's Confluence. It provides secure, convenient file-sharing with university members and users inside and outside the university, as well as an authenticated content management and sharing repository with flexible authorization based on user attributes. It can also perform full-text searches of stored data in both Japanese and English and prevent information leaks based on the information's rating. Even when building with open source software, it is highly desirable to provide operational support, including security measures. K The system should have a user registry system, a group registry system, and a provisioning mechanism that can provide account information to multiple authentication systems based on the registry information. The license system should account for the accumulation of accounts, such as KIT personal IDs. In addition, the system should be capable of importing student information from the academic affairs system and faculty information from the human resources system, and issuing and managing lifetime accounts that uniquely correspond to individuals and CIS accounts that correspond to academic and professional records. The CIS account and the lifetime account are linked via a personal ID (KIT Personal ID). Users can change their own passwords on the user portal. In addition, the registry data can be managed securely using an encrypted file system. L As a user portal function, it should be able to provide information according to the user's attributes and have a function to specify the service to be used in conjunction with the service usage qualification information on the e-learning infrastructure. It is desirable to have a smartphone UI. M As a security management system, it will be possible to operate a comprehensive security software management system (ESET from Canon Marketing Japan, procured separately by the university) that can be installed on devices of university members, including at least BYOD devices. N As a server management system infrastructure, the system shall be equipped with functions that enable the operation and management of devices within a specified range across multiple departments, including log analysis and configuration management. It is desirable that the configuration take into consideration not only the devices included in this procurement, but also the operation and management of devices already present within the university, including BYOD devices. O As a terminal management system infrastructure, the system should be equipped with functionality to comprehensively understand and visualize setting information, OS and application installation status, security update status, etc., for all terminals in the system, and to centrally manage security and software assets. It must also be possible to simultaneously distribute and apply OS and application updates, security patches, setting changes, etc., via the network. It is desirable to have a configuration that allows the unified management of not only new terminals procured by the university but also existing office terminals, which will be described later, to the greatest extent possible. P The software management system must be configured to enable centralized license management, including update management, for the licensed software included in this system and the Microsoft comprehensive licenses separately contracted by the university. It is desirable that the configuration take into consideration not only the license management of the devices included in this procurement, but also the license management of the licensed software on devices used by university members, including BYOD devices. Q The printing and scanning system equipment is designed to save energy, including running costs, by counting the number of pages printed by each user and limiting the total number of pages printed. It must be able to approve print requests not only from common portable educational terminals but also from authorized university members, including BYOD terminals. It must also be equipped with large-format printing equipment capable of printing on roll paper up to oversize B0. R As a basis for providing specialized information engineering education, the facility must be able to smoothly accommodate experiments and exercises using students' own PCs. This will primarily be used for experiments and exercises (programming using development environments such as Eclipse, network programming experiments, use of the office environment, learning activities using web browsers, etc.), and must be able to supply LAN and power to at least 80 terminals simultaneously, with monitors shared by approximately four adjacent seats, allowing students to switch between them. The facility must have an authentication server for students to use when conducting experiments and exercises in an external cloud environment. This authentication server must centrally authenticate users within the organization and provide the functionality to enable users to access each service with a single authentication method (SSO) by linking authentication with external cloud-based services. The authentication server may be the same as that for CIS. S As an office information system infrastructure, approximately 30 systems, including existing authentication infrastructure (Active Directory, etc.), file sharing infrastructure, web services, etc., will be migrated or newly constructed based on a hybrid configuration that combines cloud and on-premises environments, and shall operate securely and stably in conjunction with the system's server equipment, etc. T As a website hosting service, we provide at least one highly available Wordpress site (annual uptime of 99.99%) for public access, as well as an isolated execution environment using container functions for virtual websites created using a combination of Apache, Perl, and PHP, allowing migration from existing environments. U This system is connected to the KITnet network as the upper network, and is accessible to the Internet through the KITnet network. The system shall be integrated with the existing connection authentication and firewall devices and designed with sufficient security in mind. V All equipment should be designed to save space and energy. All equipment with input devices must be disinfected with alcohol to prevent infection. ⑸ Time limit for the submission of the requested material : 17 : 00 24 April, 2026 ⑹ Contact point for the notice : Koji Osada, Section Chief, Financial Accounting Office, Kyoto Institute of Technology, 1 Hashigami-cho Matsugasaki Sakyo-ku Kyoto-shi 606-8585 Japan, TEL 075-724-7075

Disclaimer: Curated by HT Syndication.