Amount in USD

Item Description Qty Unit Remark

Unit Price Amount

1 Redesign Security for internal and external Access work scope 1 Lot 2,550.00 2,550.00 One Time

- Outline: Redesigning, Install Firewall , Security policy ,Reconfigure for L3 L2

on Enterprise Area Networks
: Firewall (specifically Mikrotik and Fortinet)
: Documentations and Operational Tansfer to Local IT Teams
Redesigning, installing, and configuring Enterprise Area Networks

-Resetup and configure L2 and L3 swtich for relocation server to DMZ

-Modify DHCP setting for DMZ

-Create addtion DMZ vlan and make connectivity for all internal and external
access
-Install two firewall to exiting network
-Create firewall policy for DMZ to internet and DMZ to external access .

-Firewall conectivity and Redunant for routing (OSPF and SLA)

-For internal traffic filttering on (Fortinet)
-Remodify and reconfigure for Access-list on Internal L2 and L3 Switch

-Configure for secure firewall access on fortinet.

-Remodify for VPN conectivity on Fortinet.

-Implement policy base routing on Fortinet

Firewall Fortinet (2X)
-Migtrate Firewall on Exiting Network
-Create DMZ Vlan for internal access

-Implement dynamics routing for redunacy to internal access

-Configure traffic policy for Internal access and external access

-Setup Statics default route for monitoring traffic for Redunancy

-Prohibit with Firewall filter rule for intenal user ( Facebook , Youtube )
-Create NAT for internet access .
-Implement Portforwarding for ouside to internal access . ( Hawei monitoring
system)
-Construct firewall policies to control traffic passing through the Firewall unit.
-Implement threat management filtering including URL, App filtering, web filtering

Core Switch ( cisco 3850 x2)

-Remodify and make connectivity with two Fortinet firewall .

-Remodify vlan setting .

-Remodify Failover setting .
-Remodify ACL(access control list ) for security

-Setup Dynamics Host Configuration Protocol to

-Implement for prevent internal security feacture (DHCP snooping , IP source
Guard , DAI )
Mikrotik Firewall (CCR 1016 x 2)
-Check and modify VPN access and VPN client access
-Configure connectivity for Forinet firewall and Mikrotik firewall

-Reassign IP address and Dynamics routing

Layer 2 (cisco and Mikrotik)

-Check and implement vlan ( if require )
-Implement cisco switch for prevent internal security feacture (DHCP snooping ,
IP source Guard , DAI )
-Check connetivity for access .

Connectivity and Failover Test

-Port Testing
-Redundant testing

-High Avality testing

-Business Continuity Testing

Total Amount in USD 2,550.00