Skip to main content

Permissions

Add user
Done

Start your AI search

AI search
Outbound call compliance Gamification for customer service Outsourcing services

How to write an RFP for managed WiFi

Requirements, questions, and evaluation criteria specific to managed WiFi procurement

6 min read

Managed WiFi is a critical infrastructure component, making RFPs essential for ensuring reliable connectivity, robust security, and seamless user experiences. Procuring Managed WiFi requires careful consideration of technical capabilities, service level agreements, and integration with existing network infrastructure.

What makes managed WiFi RFPs different

Managed WiFi RFPs differ significantly from generic software RFPs due to the unique blend of hardware, software, and services involved. Unlike purely digital solutions, Managed WiFi requires consideration of physical infrastructure, radio frequency (RF) environment, and ongoing network optimization. Organizations must address factors like building layout, user density, interference sources, and the increasing demand for bandwidth-intensive applications.

Compliance requirements like PCI-DSS for retail and HIPAA for healthcare add further complexity.

  • Scalability to accommodate future growth and increasing device density
  • Security protocols and compliance with industry regulations
  • Integration with existing network infrastructure and security tools
  • Service Level Agreements (SLAs) for uptime, performance, and support

RFP vs RFI vs RFQ

Here's when to use each document type when procuring managed WiFi software.

RFI

Request for Information

Use early in your search to understand what vendors offer and narrow your list. Gather general capabilities, company background, and high-level pricing ranges.

RFP

Request for Proposal

Use when you know your requirements and want detailed vendor solutions and pricing. This is your main evaluation document for shortlisted vendors.

RFQ

Request for Quote

Use when requirements are fixed and you just need final pricing. Often used after RFP when you're ready to negotiate with finalists.

For Managed WiFi, an RFI is useful for initial research into available technologies and vendor capabilities. An RFP is essential for detailed evaluation of proposed solutions, including technical specifications, deployment plans, and service level agreements. An RFQ is generally not suitable due to the complexity of the requirements and the need for customized solutions.

Technical requirements checklist

Use this checklist when defining your RFP scope.

Wireless Standards & Performance

  • Support for Wi-Fi 6E (minimum) and Wi-Fi 7 (preferred)
  • Multi-Link Operation (MLO) for reduced latency
  • 4K QAM for higher data throughput
  • Minimum throughput and latency requirements for critical applications
  • Support for MU-MIMO and OFDMA technologies

Security Requirements

  • Support for WPA3-Enterprise encryption
  • 802.1X authentication for user access control
  • Micro-segmentation for network isolation
  • Guest network isolation with captive portal
  • Integration with existing security information and event management (SIEM) systems

Management & Monitoring

  • Cloud-based management platform with centralized control
  • Real-time network monitoring and alerting
  • Automated troubleshooting and remediation capabilities (AIOps)
  • Zero-touch provisioning for easy deployment
  • Role-based access control for administrative functions

Service Level Agreements (SLAs)

  • Uptime guarantee (e.g., 99.99%)
  • Mean Time to Resolution (MTTR) for network issues
  • Guaranteed bandwidth and latency for critical applications
  • 24/7/365 support with defined escalation procedures
  • Proactive network monitoring and optimization

Integration Requirements

  • Integration with existing network switches and firewalls
  • Integration with identity and access management (IAM) systems
  • API for integration with third-party applications
  • Integration with ITSM tools (e.g., ServiceNow)
  • Support for RADIUS authentication

Questions to include in your RFP

Architecture & Deployment

  • Describe your proposed network architecture, including access point placement and network topology.
    Ensures proper coverage and capacity planning.
  • What is your approach to site surveys and predictive modeling?
    Validates vendor's ability to assess the environment correctly.
  • What deployment options are available (cloud-managed, on-premise controller, hybrid)?
    Determines flexibility and control over the solution.
  • Describe your approach to minimizing interference from other wireless devices.
    Ensures reliable performance in crowded environments.

Security & Compliance

  • Describe your security features, including encryption protocols, access controls, and intrusion detection.
    Ensures data confidentiality and integrity.
  • What compliance certifications do you hold (e.g., PCI-DSS, HIPAA, SOC 2)?
    Verifies adherence to industry standards.
  • How do you ensure guest network isolation and prevent unauthorized access to corporate resources?
    Protects sensitive data from external threats.
  • Describe your approach to vulnerability management and security patching.
    Maintains a secure network environment over time.

Management & Monitoring

  • Describe your cloud-based management platform and its key features.
    Centralized management simplifies administration.
  • What real-time network monitoring and alerting capabilities do you offer?
    Proactive monitoring enables rapid issue detection and resolution.
  • Describe your AIOps capabilities for automated troubleshooting and remediation.
    Automated solutions reduce IT workload and improve network performance.
  • How do you provide visibility into network performance and user experience?
    Helps optimize network performance and ensure user satisfaction.

Service Level Agreements (SLAs)

  • What uptime guarantee do you offer, and what are the penalties for failing to meet it?
    Ensures network availability and business continuity.
  • What is your Mean Time to Resolution (MTTR) for network issues?
    Minimizes downtime and disruption.
  • What guaranteed bandwidth and latency do you offer for critical applications?
    Ensures reliable performance for business-critical services.
  • Describe your support services, including response times, escalation procedures, and support hours.
    Determines the level of support available when issues arise.

Integration & Interoperability

  • How does your solution integrate with existing network switches, firewalls, and other infrastructure components?
    Ensures seamless integration with existing network infrastructure.
  • Does your solution integrate with our existing Identity and Access Management (IAM) system (specify platform)?
    Streamlines user authentication and access control.
  • Does your solution offer an API for integration with third-party applications?
    Enables customization and integration with other business systems.
  • How does your solution support RADIUS authentication?
    Ensures secure authentication with existing RADIUS servers.

Pricing & Licensing

  • Provide a detailed breakdown of all costs associated with your solution, including hardware, software, installation, and ongoing support.
    Avoids hidden costs and surprises.
  • What are your licensing options (e.g., subscription, perpetual)?
    Determines the long-term cost and flexibility of the solution.
  • Are there any usage-based fees or data egress charges?
    Avoids unexpected cost spikes due to high traffic.
  • What are your payment terms and cancellation policies?
    Clarifies the financial obligations and risks.

Compliance and security requirements

Depending on your industry, you may need to require proof of these certifications and standards.

PCI-DSS

Required if processing or transmitting payment card data. If applicable, request a current PCI-DSS Attestation of Compliance (AOC).

HIPAA

Required if handling protected health information (phi). If applicable, request a Business Associate Agreement (BAA) and documentation of HIPAA compliance measures.

SOC 2 Type II

Required for organizations requiring assurance of security, availability, processing integrity, confidentiality, or privacy. If applicable, request a recent SOC 2 Type II report.

GDPR

Required if processing personal data of eu citizens. If applicable, inquire about GDPR compliance measures and data protection policies.

Evaluation criteria

Here is the suggested weighting for managed WiFi RFPs.

Functionality Fit How well the solution meets the organization's specific requirements and use cases.
25%
Security & Compliance The strength of the solution's security features and compliance with relevant regulations.
20%
Management & Monitoring Capabilities The ease of use and effectiveness of the solution's management and monitoring tools.
15%
Service Level Agreements (SLAs) The comprehensiveness and enforceability of the SLAs.
15%
Total Cost of Ownership (TCO) The overall cost of the solution, including hardware, software, installation, and ongoing support.
15%
Integration & Interoperability How well the solution integrates with existing network infrastructure and other systems.
10%

Some weights were adjusted based on your priorities.

  • Increase if the organization has unique or complex needs.
  • Increase for organizations in highly regulated industries.
  • Increase for organizations with limited IT resources.
  • Increase for organizations with mission-critical applications.
  • Increase for organizations with complex integration requirements.

Red flags to watch

  • Vague or incomplete responses to technical questions

    Indicates a lack of expertise or a reluctance to disclose limitations.

  • Lack of experience with similar deployments

    Suggests a higher risk of implementation challenges and delays.

  • Unwillingness to commit to specific SLAs

    Raises concerns about the vendor's confidence in their ability to deliver reliable service.

  • Proprietary technology or vendor lock-in

    Limits flexibility and increases the cost of switching providers in the future.

  • Negative customer references or online reviews

    Signals potential problems with product quality, support, or service delivery.

Key metrics to request

Ask vendors to provide benchmarks from similar customers.

Average implementation time for similar deployments

Sets realistic expectations and identifies potential delays.

Customer satisfaction scores

Indicates the vendor's commitment to customer service.

Network uptime and availability

Measures the reliability of the solution.

Mean Time To Resolution (MTTR) for network issues

Shows how quickly the vendor resolves problems.

Number of successful deployments

Demonstrates the vendor's experience and expertise.