sbicap securities limited - home | sbi smart · 2017-03-28 · sbicap securities limited marathon...
TRANSCRIPT
SBICAP securities limited
Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg,
Lower Parel, Mumbai 400013
NG FIREWALL
RFP NO. SSL/IT/RFP/2016-17/004
REQUEST FOR PROPOSAL FOR
SUPPLY, INSTALLATION, COMMISSIONING OF
NG FIREWALL
Tender Period: March 28, 2017 to April 07, 2017
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 2 C o n f i d e n t i a l & P r o p r i e t a r y
Introduction
SBICAP Securities Ltd (SSL) is the broking arm of the State Bank Group and a wholly owned
subsidiary of SBI Capital Markets Ltd. SSL commenced operations in the first quarter of
financial year of 2006-2007 with a view to providing primary and secondary capital market
access to investors both within the Group as also in the wider public domain. The Company
currently has in its fold a wide segment of clients including Banks, Financial Institutions, FIIs,
Mutual Funds, and Corporates, High Net worth Individuals, Non-Resident Indians and Retail
domestic investors. Its broking product range covers Institutional and Retail Equity,
Derivatives, Depository Participant services, On-Line trading and a wide variety of Third Party
Distribution products.
PART 1 INVITATION TO BID
1.1 About SSL:
1.1.1 SBICAP Securities Ltd is having its Corporate Centre at Mumbai.
In order to meet the hardware requirements of Internet infrastructure, SSL proposes to invite
tenders from established organizations (hereinafter referred to as “Bidder”) to undertake
supply, installation, testing, commissioning and maintenance of equipment as per details
listed out in this document.
The Bidding Document may be obtained from the SSL as under or downloaded from SSL’s
Website ‘www.sbismart.com’ and the bid should be submitted to the office of:
Head - IT,
SBICAP Securities Ltd. Marathon Futurex, 12th Floor,
N. M. Joshi Marg, Lower Parel (East), Mumbai 400013, Maharashtra.
1.2 Please note that all the information desired needs to be provided. Incomplete information may lead to non-consideration of the proposal.
1.3 All Bids must be accompanied by Earnest Money Deposit as specified in the Bid document.
1.4 SSL reserves the right to change the dates mentioned in this RFP document, which will be communicated to the bidders.
1.5 The information provided by the bidders in response to this RFP document will become the property of SSL and will not be returned. SSL reserves the right to amend, rescind or reissue this RFP and all amendments will be advised to the bidders and such amendments will be binding on them.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 3 C o n f i d e n t i a l & P r o p r i e t a r y
1.6 SCHEDULE OF EVENTS
Sr. No. Activity Details
1 RFP Number SSL/IT/RFP/2016-17/004
2 Release Of RFP March 28, 2017
3
Address for
Receipt/submission of Bid
document
Head – IT, SBICAP Securities Limited, A & B Wing, Marathon
Futurex, 12th Floor, N.M. Joshi Marg, Lower Parel, Mumbai –
400013.
4
Bid Submission Bids should be submitted in two different sealed envelopes.
a Envelop – I
Technical Bid For Procurement “Technical Bid for supply of NG
Firewall – Vide Tender No. SSL/IT/RFP/2016-17/004 dated 28-03-
2017” duly signed
b. Envelop – II
Commercial Bid For Procurement “Indicative Price Bid for supply
of NG Firewall – Vide Tender No. SSL/IT/RFP/2016-17/004 dated
28-03-2017” duly Signed
5 Pre-Bid Queries Queries regarding the RFP can be addressed to email ID’s
mentioned below.
6 Last Date & Time for
submission April 07, 2017 : Before 1500 HRS
7 Technical Bid Opening
Date, Time & Venue
April 07, 2017 : 1530 HRS
Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg, Lower
Parel , Mumbai 400013
8 Online Reverse Auction
Schedule Will be announced, communicated to bidders in due course
9 Contact Details Mr. Pradeep Mahadik (Manager-IT)
Ph.: 022 4227 3510
Email ID [email protected]
***The schedule is subject to change. Notice in writing of any changes will be provided wherever feasible.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 4 C o n f i d e n t i a l & P r o p r i e t a r y
PART 2 Disclaimer
The information contained in this Request for Proposal (RFP) document or information provided subsequently to Bidder(s) or applicants whether verbally or in documentary form/email by or on behalf of SBICap Securities Ltd, is subject to the terms and conditions set out in this RFP document and all other terms and conditions subject to which such information is provided.
This RFP is neither an agreement nor an offer and is only an invitation by the SSL to the interested parties for submission of bids. The purpose of this RFP is to provide the Bidder(s) with information to assist the formulation of their proposals. This RFP does not claim to contain all the information each Bidder may require. Each Bidder should conduct its own investigations and analysis and should check the accuracy, reliability and completeness of the information in this RFP and where necessary obtain independent advices/clarifications. SSL may in its absolute discretion, but without being under any obligation to do so, update, amend or supplement the information in this RFP. No contractual obligation whatsoever shall arise from the
RFP process until a formal contract is signed and executed by duly authorized officers of the SSL with the selected Bidder.
The SSL, its employees and advisors make no representation or warranty and shall have no liability to any person, including any Applicant or Bidder under any law, statute, rules or regulations or tort, principles of restitution or unjust enrichment or otherwise for any loss, damages, cost or expense which may arise from or be incurred or suffered on account of anything contained in this RFP or otherwise, including the accuracy, adequacy, correctness, completeness or reliability of the RFP and any assessment, assumption, statement or information contained therein or deemed to form part of this RFP or arising in any way for participation in this Bid Stage.
The SSL also accepts no liability of any nature whether resulting from negligence or otherwise, howsoever caused arising from reliance of any Bidder upon the statements contained in this RFP.
The issue of this RFP does not imply that the SSL is bound to select a Bidder or to appoint the Selected Bidder or Concessionaire, as the case may be, for the Project and the SSL reserves the right to reject all or any of the Bidders or Bids without assigning any reason whatsoever.
The Bidder shall bear all its costs associated with or relating to the preparation and submission of its Bid including but not limited to preparation, copying, postage, delivery fees, expenses associated with any demonstrations or presentations which may be required by the SSL or any other costs incurred in connection with or relating to its Bid. All such costs and expenses will remain with the Bidder and the
SSL shall not be liable in any manner whatsoever for the same or for any other costs or other expenses incurred by a Bidder in preparation or submission of the Bid, regardless of the conduct or outcome of the Bidding Process.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 5 C o n f i d e n t i a l & P r o p r i e t a r y
PART 3 Instructions For Bidders (IFB)
3.1 INTRODUCTION
3.1.1 Broad Scope of Work
a) Supply, installation, testing, commissioning and maintenance of Enterprise NG-Firewall
Solution, at the locations specified in this document.
b) To provide all necessary hardware and software required to make the solution work
strictly as per technical specifications. The specifications given are minimum. Bidders can
quote equivalent or higher technical specifications to meet the SSL requirements.
However no weightage would be given for higher configurations.
3.1.2 Eligibility Criteria
a) This tender is restricted to OEM authorised partners / Value Added Resellers/ System
Integrators of partners of OEMs as finalized in the technical specification annexure-B in
terms of product and service for supply of said product. The standard MAF as per the SSL
format should be submitted by all Bidders.
b) Bidders meeting the criteria (Annexure – H) are eligible to submit their. Bids along with
supporting documents. If the Bid is not accompanied by all the required documents
supporting eligibility criteria, the same would be rejected. Bid is open to all Bidders who
fulfil the eligibility criteria. The bidder has to submit the details of eligibility criteria as
per Annexure – H
3.1.3 Cost of Bidding
The Bidder shall bear all costs associated with the preparation and submission of its Bid, and
the SSL will in no case be responsible or liable for these costs, regardless of the conduct or
outcome of the Bidding process.
Commercial Specifications
Sr.No
Description Make,
Model/ Version
Part No. Location
Unit Price
Taxes Total
Amount Qty
1 NGFW Appliance specification Annexure -B
SSL, MUMBAI Lower Parel HO
2
2 Log analyzer as per specification Annexure-B
SSL, MUMBAI Lower Parel HO
1
Grand Total
Please Note: The above commercial includes Supply, Installation, Configuration and maintenance of the deliverables mentioned in description.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 6 C o n f i d e n t i a l & P r o p r i e t a r y
Above pricing will comprise of the total product cost including delivery, installation,
implementation/configuration along with 3 years comprehensive warranty and
support which will include the product subscription services for period of 3 years
pricing will be exclusive of taxes, octroi/entry which will be paid at actuals.
3.1.4 Bidding Process
a) A two stage bidding procedure will be followed. The response to the present tender will
be submitted in two parts i.e. the Technical Bid and the Commercial Bid.
b) In the first stage, only the ‘Technical Bids’ will be opened and evaluated. Those bidders
satisfying the technical requirements of the NG firewall as determined by the SSL and as
per the requirements/specifications and the terms and conditions of this document,
shall be short-listed.
c) In Second Stage, Commercial bids of technically qualified bidder will be opened. An
online reverse auction shall be conducted among the technically qualified bidders to
select the L1 bidder.
d) Schedule for online reverse auction will be communicated later with the technically
eligible bidders only
3.1.5 Bidders Eligibility Criteria
a) Bidders must meet the following eligibility requirements. Bids of non-compliant Bidders
will not be technically or financially evaluated.
b) The Bidder shall provide evidence that it is a current legal entity.
c) The Bidder should be an authorized & Registered OEM Partner. Bidder must furnish
authorization / registration letter for the same.
d) Bidder must have back-to-back support relation with the OEMs whose products are
offered by the bidder to SSL. The proof in support of the same must be enclosed.
e) The bidders and its associates should be able to arrange adequate inventory of the
spares and other related equipment to ensure minimum downtime.
f) The bidder should be profit-making company.
g) The Bidder must organize the bid in accordance with the format specified in the tender
document.
h) The cost of bidding and submission of tender documents is entirely the responsibility of
bidders, regardless of the conduct or outcome of the tendering process.
3.1.6 Period of Validity
All the prices and other terms and conditions of the offer proposed by the Bidder should be
Valid for a minimum period of three months.
3.1.7 Correction of Errors
Arithmetic errors in bids will be treated as follows:
a) Where there is a discrepancy between the amounts in figures and in words, the amount in
words shall govern.
b) Where there is a discrepancy between the unit rate and the line item total resulting from
multiplying the unit rate by the quantity, the unit rate will govern unless, in the opinion of
SSL, there is obviously a gross error such as misplacement of a decimal point, in which case
the line item total will govern.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 7 C o n f i d e n t i a l & P r o p r i e t a r y
c) Where there is a discrepancy between the amount mentioned in the bid and the line item
total present in the Bill of Material, the amount obtained on totalling the line items in the
Bill of Materials will govern.
d) The amount stated in the tender form, adjusted in accordance with the above procedure,
shall be considered as binding, unless it causes the overall tender price to rise, in which case
the bid price shall govern.
3.1.8 Acceptance or Rejection of the Bid
SSL reserves the right not to accept any bid, or to accept or reject a particular bid at its sole
discretion without assigning any reason whatsoever. The tenders not submitted in the
prescribed format or incomplete in any sense are likely to be rejected.
3.1.9 Confidentiality
Bidder / Vendor agrees that all mails, data, financial, mail architecture and personnel data
relating to SSL’ s business and other information identified as confidential by the SSL (SSL
Confidential Information), the same shall be kept confidential and shall not be shared with
any third party without prior written approval from SSL.
3.1.10 Site Visits
Visits to reference sites may be sought at the discretion of SSL. Bidder shall provide, in
addition to customer sites, an invitation to SSL to visit Bidder’s own site.
3.1.11 Right to Verification
The SSL reserves the right to verify any or all statements made by the Vendor in the tender
document and to inspect the Vendor’s facility, if necessary, to establish to its satisfaction
about the Vendor’s capacity to perform the job.
3.1.12 Insurance
a) Insurance for all the hardware components supplied under the contract shall be arranged
by the Bidder at his own risk and cost throughout the period of delivery, implementation
and final acceptance process.
b) SSL will not be responsible for any loss/damage/theft of any systems/goods due to any
reasons whatsoever, claims etc., if the Bidder himself will deal any. Evidence of the
insurance policy shall be submitted to SSL.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 8 C o n f i d e n t i a l & P r o p r i e t a r y
3.1.13 Submission of Bids
a) Sealing and Marking of Bids
b) The Bidders‘ shall seal the NON-WINDOW envelopes containing one copy of
―”Technical Bid” and one copy of ―”Indicative Price Bid” separately and the two NON-
WINDOW envelopes shall be enclosed and sealed in an outer NONWINDOW envelope.
c) Bids sealed in accordance may be sent by registered post or hand delivered so
as to be received at the following address:
Head - IT SBICAP Securities Limited,
A & B Wing, Marathon Futurex, 12th Floor, N.M. Joshi Marg, Lower Parel, Mumbai - 400013.
Contact Number: +91 22 42273300/330.
d) All envelopes should indicate the name and address of the Bidder on the cover.
e) If the envelope is not sealed and marked, SSL will assume no responsibility for the bid‘s
misplacement or its premature opening
3.1.14 Deadline for Submission of Bids
a) Bids must be received by SSL at the address specified, no later than the date & time
specified in the ―Schedule of Events‖ in Invitation to Bid.
b) In the event of the specified date for submission of bids being declared a holiday for
SSL, the bids will be received up to the appointed time on the next working day.
c) SSL may, at its discretion, extend the deadline for submission of bids by amending the
bid documents, in which case, all rights and obligations of SSL and bidders previously
subject to the deadline will thereafter be subject to the extended deadline.
d) Late Submission of Bids: Any Bid received after the deadline for submission of Bids
prescribed, will be rejected and returned unopened to the bidder.
3.1.15 Modification and Withdrawal of Bids
a) The Bidder may modify or withdraw its Bid after the Bid‘s submission, provided that
written notice of the modification, including substitution or withdrawal of the Bids, is
received by SSL, prior to the deadline prescribed for submission of Bids.
b) The Bidder‘s modification or withdrawal notice shall be prepared, sealed, marked and
dispatched. A withdrawal notice may also be sent by Fax, but followed by a signed
confirmation copy, postmarked, not later than the deadline for submission of Bids.
c) No Bid may be modified after the deadline for submission of Bids.
d) No Bid may be withdrawn in the interval between the deadline for submission of Bids
and the expiration of the period of Bid validity specified by the Bidder on the Bid Form.
Withdrawal of a Bid during this interval may result in the Bidder‘s forfeiture of its EMD.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 9 C o n f i d e n t i a l & P r o p r i e t a r y
PART 4 Opening and Evaluation of Bids
4.1 Opening of Technical Bids by the SSL a) The Bidders’ names, Bid modifications or withdrawals and the presence or such other
details as SSL, at its discretion, may consider appropriate, will be announced at the time of
technical Bid opening.
b) Bids and modifications sent, if any, that are not opened at Bid Opening shall not be
considered further for evaluation, irrespective of the circumstances. Withdrawn bids will
be returned unopened to the Bidders.
4.2 Preliminary Examination a) SSL will examine the Bids to determine whether they are complete, required formats have
been furnished, the documents have been properly signed, and the Bids are generally in
order.
b) Prior to the detailed evaluation, SSL will determine the responsiveness of each Bid to the
Bidding Document. For purposes of these Clauses, a responsive Bid is one, which conforms
to all the terms and conditions of the Bidding Document without any deviations.
c) SSL’s determination of a Bid’s responsiveness will be based on the contents of the Bid itself,
without recourse to extrinsic evidence.
d) If a Bid is not responsive; it will be rejected by SSL and may not subsequently be made
responsive by the Bidder by correction of the nonconformity.
4.3 Technical Evaluation a) Only those Bidders and Bids who have been found to be in conformity of the eligibility terms
and conditions during the preliminary evaluation would be taken up by SSL for further
detailed evaluation. Those Bids who do not qualify the eligibility criteria and all terms during
preliminary examination will not be taken up for further evaluation.
b) SSL reserves the right to evaluate the bids on technical & functional parameters including
factory visit and witness demos of the system and verify functionalities, response times,
etc.
c) SSL will evaluate the technical and functional specification of all the equipment’s quoted by
the Bidder.
d) During evaluation and comparison of bids, SSL may at its discretion ask the bidders for
clarification of its bid. The request for clarification shall be in writing and no change in prices
or substance of the bid shall be sought, offered or permitted. No post bid clarification at
the initiative of the bidder shall be entertained.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 10 C o n f i d e n t i a l & P r o p r i e t a r y
4.4 Evaluation of Price Bids and Finalisation a) Only those Bidders who qualify in pre-qualification and Technical evaluation would be
short listed for commercial evaluation via Reverse Auction conducted by SSL’s authorized
procurement team.
b) The L1 Bidder will be selected on the basis of net total of the price evaluation as quoted
in the Reverse Auction.
c) The successful bidder is required to provide price breakup within 48 hours of conclusion
of the Reverse Auction.
d) Arithmetic errors, if any, in the price breakup format will be rectified as under :
i. If there is a discrepancy between the unit price and total price which is obtained by
multiplying the unit price with quantity, the unit price shall prevail and the total price
shall be corrected unless it is a lower figure. If the bidder does not accept the
correction of errors, the bid will be rejected.
ii. If there is a discrepancy in the unit price quoted in figures and words, the unit price in
figures or in words, as the case may be, which corresponds to the total bid price for
the bid shall be taken as correct.
iii. If the vendor has not worked out the total bid price or the total bid price does not
correspond to the unit price quoted either in words or figures, the unit price quoted
in words shall be taken as correct.
iv. SSL may waive off any minor infirmity or non-conformity or irregularity in a bid, which
does not constitute a material deviation, provided such a waiving does not prejudice
or affect the relative ranking of any bidder.
4.5 Contacting SSL a) No Bidder shall contact SSL on any matter relating to its Bid, from the time of opening of
Price Bid to the time the Contract is awarded.
b) Any effort by a Bidder to influence SSL in its decisions on Bid evaluation, Bid comparison
or contract award may result in the rejection of the Bidder’s Bid.
4.6 Award Criteria a) SSL will award the Contract to the successful Bidder who has been determined to qualify
to perform the Contract satisfactorily, and whose Bid has been determined to be
responsive, and is the lowest evaluated Bid.
b) SSL reserves the right at the time of award of contract to increase or decrease the quantity
of goods and / or services or change in location where equipment’s are to be supplied
from what was originally specified while floating the RFP without any change in unit price
or any other terms and conditions.
c) SSL’s right To accept any Bid and to reject any or All Bids, SSL reserves the right to accept
or reject any Bid in part or in full or to cancel the Bidding process and reject all Bids at any
time prior to contract award, without incurring any liability to the affected Bidder or
Bidders or any obligation to inform the affected Bidder or Bidders of the grounds for SSL’s
action.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 11 C o n f i d e n t i a l & P r o p r i e t a r y
4.7 Notification of Award a) Prior to expiration of the period of Bid validity, SSL will notify the successful Bidder in
writing or by e-mail, that his Bid has been accepted.
b) The notification of award will constitute the formation of the Contract. The selected
Bidder should convey acceptance of the award of contract by returning duly signed and
stamped duplicate copy of the award letter within 7 days of receipt of the communication.
c) Upon notification of award to the L1 Bidder , SSL will promptly notify each unsuccessful
Bidder
4.8 Performance Bank Guarantee Performance bank Guarantee of 10% of the Bid Value to be submitted by the successful
Bidder for a period of 36 months from a Scheduled Commercial bank other than SBI within
10 days of receipt of formal communication/purchase order from the SSL about their
successful bid.
4.9 Signing of Contract a) In the absence of a formal contract, the Bid document, together with SSL’s notification of
award and the vendor’s acceptance thereof, would constitute a binding contract between
SSL and the successful Bidder.
b) Failure of the successful Bidder to comply with the requirement of Clause miscellaneous
(if required) shall constitute sufficient grounds for the annulment of the award and
forfeiture.
c) SSL reserves the right either to invoke the Performance Bank Guarantee or to cancel the
purchase order or both if the Bidder fails to meet the terms of this RFP or contracts
entered into with them
4.10 Miscellaneous a) The selected Bidder should carry out all installation tasks in coordination with the SSL IT
Department, depending on the SSL's requirement.
b) The selected Bidder should undertake, during the period of contract, if required by SSL,
the relocation / shifting of the equipment without any cost to the SSL.
c) The selected Bidder should undertake to implement the observations /recommendations
of SSL’s IS-Audit, Security Audit Team or any other audit conducted by the SSL or external
agencies and any escalation in cost on this account will not be accepted by the SSL.
Note: Not withstanding anything said above, the SSL reserves the right to reject the contract or
cancel the entire process without assigning reasons thereto
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 12 C o n f i d e n t i a l & P r o p r i e t a r y
PART 5 Terms & Conditions
5.1 All bids and supporting documentation shall be submitted in English.
5.2 SSL will not take into consideration, any variation in the $ price.
5.3 All costs and charges, related to the bid, shall be expressed in Indian Rupees only and the
above total cost is inclusive of installation charges and customization charges.
5.4 Entry/Octroi will be paid at actuals on production of invoices for the same and should not be
included in the total amount.
5.5 The supply of appliance should be done within 04 -05 weeks from the date of purchase order.
5.6 The Bidder is liable to be rejected if any commercial details are found along with the technical
bid.
5.7 The cost of bidding and submission of the bids is entirely the responsibility of the Bidders,
regardless of the conduct or outcome of the tendering process.
5.8 Three years on-site 24x7 comprehensive onsite support from OEM with maximum 4 hour
response time / 6 hour Call-to-Resolution.
5.9 The Vendors should be the authorized supplier/ representative in India. An Authorization
letter from the manufacturer to this effect should be duly furnished.
5.10 SSL reserves the right to reject all or any of the quotations without assigning any reason
thereof.
5.10.1 SSL reserves the right to split the order.
5.10.2 The decision of SSL shall be final.
5.10.3 All bids should be accompanied by:
a) A Pay order/demand Draft of ₹ 1000/- favouring “Sbicap Securities Ltd.” towards cost of
the tender documents.
b) A Pay order/demand Draft of ₹ 50,000/- favouring “Sbicap Securities Ltd.” towards EMD.
c) Technical bids not accompanied with the above Pay order/Demand Drafts are liable to be
rejected. . The EMD deposit so collected will be refunded to all the bidders except L1
Vendor after finalisation of the Tender. The deposit will be refunded to the L1 Vendor only
after the expiry of the validity of the tender price i.e. nine months or such extended and
upon satisfactory performance of the orders placed in terms of the subject tender
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 13 C o n f i d e n t i a l & P r o p r i e t a r y
PART 6 Payment Terms
6.1 A payment of Ninety percent (90%) of the contracted sum, would be payable on
successful installation, integration and issue of acceptance certificate to that effect by
the Institute.
6.2 A payment of 10% of the order value would be payable to the supplier on expiry of the
warranty period or against bank guarantee of the same amount valid till the last date
of the warranty period.
6.3 All payments will be released based on separate invoices submitted to SSL by the
vendor.
6.4 Order Cancellation SSL reserves its right to cancel the order in the event of one or more of the following situations:
a) Delay in delivery beyond the specified period.
b) Delay in installation beyond 03 weeks from the date of delivery.
6.5 Penalty for Delay in supply For any delay in installation and commissioning of the equipment’s beyond the specific
period, SSL will charge penalty @ 0.5% of the order per week or part thereof, subject to a
maximum of 6%. In case, the amount equal to 6% of the order value is deductible as penalty
and the vendor is still unable to complete successful Installation, the Institute reserves the
right to cancel the order and no payment will be made to the vendor.
6.6 Order Cancellation SSL reserves its right to cancel the order in the event of one or more of the following situations:
a. Delay in delivery beyond the specified period.
b. Delay in installation beyond 03 weeks from the date of delivery.
6.7 Penalty for Delay in supply For any delay in installation and commissioning of the equipment’s beyond the specific
period, SSL will charge penalty @ 0.5% of the order per week or part thereof, subject to a
maximum of 6%. In case, the amount equal to 6% of the order value is deductible as penalty
and the vendor is still unable to complete successful Installation, the Institute reserves the
right to cancel the order and no payment will be made to the vendor.
6.8 Penalty for downtime Any equipment that is reported to be down should be either fully repaired or replaced by
temporary substitute (of equivalent configuration) within 3 working days. In case vendor
fails to meet the above standards of maintenance, there will be a penalty chargeable in
rupees per day from 4th day of the problem complained as specified in the table below.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 14 C o n f i d e n t i a l & P r o p r i e t a r y
Sr No Item Penalty Chargeable per day (Rs)
1 NG Firewall Appliance 1000
2 Log Analyzer 1000
If the problem is not resolved even after a week from the day complained, then SSL
reserves the right to invoke the bank guarantee or the equivalent amount will be
deducted from the 30% of the total amount withheld by SSL till the completion of
warranty period.
The contractor shall provide onsite service of the equipment (except spares) once in every 3
months during the warranty period.
6.9 Repeated failure
If, during the warranty period, any system as a whole or any subsystem has any failure on
two or more occasions in a period of 3 months, it shall be replaced by equivalent new
equipment or any alternative steps are to be taken which would serve the purpose to the
Institute.
a) Every quarterly engineer has to visit and check the performance or any corrective
maintenance or patch updates required for smoother operation and also as and when
desired by the institute for technical help or installation help.
b) Three years on-site comprehensive warranty should be provided by the vendor for all the
equipment’s quoted.
c) The Vendors should be the original manufacturer of the equipment’s or authorized
supplier/representative in India. An Authorization letter from the manufacturer to this
effect should be compulsorily furnish as without which the bid may be rejected. d) Bidders are required to adhere to tendering norms and no undue explanation, request for
change in due date of bid modification, etc. will be offered by the Institute. Any request of
any kind from the vendor before the bid submission due date must be forwarded to the
undersigned in writing. The Institute reserves the right to accept or reject the vendor
request without offering any explanation or reason for the acceptance or rejection.
However, in case of any change/amendment in the tender content, all vendors participating
in the tendering process would be informed in writing and sufficient time would be
provided to adhere to such change/amendment.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 15 C o n f i d e n t i a l & P r o p r i e t a r y
PART 7 PREPARATION OF BIDS
7.1 Language of Bid
7.1.1 The Bid prepared by the Bidder, as well as all correspondence and documents relating to
the Bid exchanged by the Bidder and SSL and supporting documents and printed literature
shall be submitted in English.
7.2 Documents Comprising the Bid
7.2.1 DOCUMENTS COMPRISING THE TECHNICAL PROPOSAL ENVELOPE, should contain
following:
a) BID COVERING LETTER AS PER ANNEXURE – A
b) TECHNICAL SPECIFICATIONS & COMPLIANCE – ANNEXURE – B
c) UNDERTAKING OF AUTHENTICITY – ANNEXURE - C
d) SERVICE LEVEL AGREEMENT (SLA) – ANNEXURE - D
e) EMD SSL GUARANTEE – ANNEXURE - E
f) MANUFACTURERS’ AUTHORIZATION FORM (MAF) – ANNEXURE - F
g) MASKED PRICE BID LISTING ALL THE COMPONENTS AS PER PRICE BREAKUP SCHEDULE
WITHOUT INDICATING ANY PRICES - ANNEXURE – G
h) COMPLIANCE CERTIFICATE FOR ELIGIBILITY CRITERIA- ANNEXURE – H - ALONG WITH
ALL RELATED DOCUMENTS AS PER RFP REQUIRED TO ESTABLISH THE ELIGIBILITY.
i) BIDDER‘S ORGANIZATION PROFILE - ANNEXURE - I
7.2.2 While submitting the Technical Bid, literature on the software / hardware if any, should be
segregated and kept together in one section / lot. The other papers like EMD, Forms as
mentioned above etc. should form the main section and should be submitted in one lot,
separate from the section containing literature. All pages of this RFP document must be
stamped and initialled by the authorized signatory of the bidder confirming acceptance
to all terms and conditions of this RFP and should be submitted as part of the technical
bid.
7.2.3 Any Technical Proposal not containing the above will be rejected.
7.2.4 The Technical Proposal should NOT contain any price information. Such proposal, if
received, will be rejected.
7.2.5 DOCUMENTS COMPRISING THE INDICATIVE PRICE ENVELOPE, should contain a single
sheet as per ANNEXURE – J on the Bidder‘s letter head wherein the “All Inclusive Indicative
Price” except VAT / sales tax / service tax/ LBT / Octroi, which will be reimbursed upon
production of original receipts, at actual, under the signature and seal of the Bidder.
7.3 THE INDICATIVE PRICE MUST INCLUDE ALL THE PRICE COMPONENTS MENTIONED IN
ANNEXURE – G.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 16 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – A BID COVERING LETTER
(To be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)
Date: _________________________
To:
The Head, Information Technology
SBICAP Securities Ltd.
Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg,
Lower Parel, Mumbai 400013
Dear Sir,
Ref: SSL/IT/RFP/2016-17/004 dated: 28.03.2017
1. We have examined the RFP, the receipt of which is hereby duly acknowledged and subsequent
pre-bid clarifications/ modifications / revisions, if any, furnished by SSL and we offer to supply,
Install, test, commission and maintain the equipment/components detailed in Annexure B, as per
the terms and conditions spelt out in the RFP. We shall participate and submit the commercial
bid through online auction to be conducted by SSL‘s authorized service provider, on the date
advised to us.
2. While submitting this bid, we certify that:
The undersigned is authorized to sign on behalf of the BIDDER and the necessary
support document delegating this authority is enclosed to this letter.
Indicative prices submitted by us have been arrived at without agreement with any
other Bidder of this RFP for the purpose of restricting competition.
The indicative prices submitted by us have not been disclosed and will not be disclosed
to any other Bidder responding to this RFP.
We have not induced or attempted to induce any other Bidder to submit or not to
submit a bid for restricting competition.
The rate quoted in the indicative price bids for the Project are as per the RFP and
subsequent pre-bid clarifications/ modifications/ revisions furnished by SSL, without
any exception.
If our proposal is selected, we undertake to complete the formalities for supply of the
equipment/components within a period of 8 weeks from date of Purchase Order.
3. We agree to abide by the Bid and the rates quoted therein for the orders awarded by SSL up to
the period prescribed in the Bid, which shall remain binding upon us.
4. Until a formal contract is prepared and executed, this Bid, together with your written acceptance
thereof and your notification of award, shall constitute a binding Contract between us.
5. We undertake that, in competing for (and, if the award is made to us, in executing) the above
contract, we will strictly observe the laws against fraud and corruption in force in India namely
“Prevention of Corruption Act 1988”.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 17 C o n f i d e n t i a l & P r o p r i e t a r y
6. We also certify that the information/ data/ particulars furnished in our bids are factually correct.
We also accept that in the event of any information / data / particulars proving to be incorrect,
SSL will have the right to disqualify us from the bid.
7. We understand that you are not bound to accept the lowest or any Bid you may receive.
Dated this __________day of________________ 2017
____________________________________________________________________________ (Signature) (Name) (In the capacity of)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 18 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – B TECHNICAL SPECIFICATIONS & COMPLIANCE
A NG Firewall requirements Complied (Yes / No)
Remarks Deviations if any
1
The NG Firewall should be Hardware based, should support “Stateful” policy inspection technology. It should also have application intelligence for commonly used TCP/IP protocols like telnet, ftp etc.
2 NG Firewall appliance should have multi-bus/multi-core system architecture.
4 Appliance should support for Active connections in case of HA.
5 Device based licensing and not user/IP based licensing
6 Support for dynamic routing protocols, like RIP v2, OSPF, & BGP.
7 Support the multicast protocols as a multicast host, by participating in IGMP and PIMDM / PIM-SM.
8
NG Firewall should offer Bandwidth Management for every TCP, IPSEC, & VoIP protocols with attributes of Minimum Committed Bandwidth per protocol; Maximum Bandwidth per protocol; Priority for the queues and Throughput should be at least 16 Gbps
9
Proposed NG Firewall OEM should be in the Leaders & Challengers Quadrant of Gartner Magic Quadrant for the last 2 consecutive years for NG Firewall.
10 The NG Firewall should have an Ethernet interface for out-of-band device Management
11 NG Firewall should support VOIP traffic filtering.
12 Should support IPv4 and IPv6
13 ASIC Based architecture
B NGFW - Hardware and Interface requirements
1 NG Firewall appliance should have at least 10 x 10/100/1000 GE interfaces, 8x 10/100/1000 SFP
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 19 C o n f i d e n t i a l & P r o p r i e t a r y
2 NG Firewall Throughput should be at least 16 Gbps
3 NG Firewall should not introduce more than 3 microsecond latency
4 The NG Firewall solution should support NAT64, DNS64 & DHCPv6
5 The NGFW appliance should have console port and USB Ports
6 Appliance should be rack mountable and support side rails if required
7 Appliance should have redundant power supplies
8 The platform should support open architecture for security controls
9 Appliance should be supplied with 32GB RAM and can be upgradable to 64 GB in future if required
10 The proposed system should balance security decisions across multiple cores at any given time
11 Resource optimization technologies like utilizing multiple CPU Cores at any given time
12 Should offload security inspection to performance optimized software module
13 Platform should support VLAN tagging
14 Should support Internet Service Provider link load balancing.
15 Support for health LEDs, LCD etc. to indicate operational status of the NGFW module
C NGFW - Performance requirements
1 Firewall throughput of the NGFW should be minimum of 32 Gbps.
2 IPS throughput of the NGFW should be minimum of 4 - 8 Gbps
3 NGFW must support more than 6 - 8 million concurrent connections.
4 Support more than 1, 00,000 - 2, 00,000 new sessions per second processing.
5 Should have capability to support for more than 50 VLAN.
6 NGFW appliance should have internal storage of minimum 128GB.
7 Inbuilt support for IPSEC VPNs with DES/3DES and AES support
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 20 C o n f i d e n t i a l & P r o p r i e t a r y
8 The NGFW should support Active/Active High Availability feature.
9 Proposed NGFW solution must be capable to detect device failure, link and path failure
10 NGFW appliance failover should be complete stateful in nature without any manual intervention.
11
Proposed NGFW shall synchronize the following for HA: a) All sessions b) Decryption Certificates c) All threat and application signatures d) All configuration changes e) Forwarding Information Base (FIB) tables
D NG Firewall - Network Protocols/Standards Support Requirements
1 Should support at least 200 protocols
2 NG Firewall Modules should support the deployment in Routed as well as Transparent Mode.
3 NG Firewall must provide state engine support for all common protocols of the TCP/IP stack.
4 NG Firewall must provide NAT functionality, including dynamic and static NAT translations.
5
All internet based applications should be supported for filtering like Telnet, FTP, SMTP, http, DNS, ICMP, DHCP, ARP, RPC, SNMP, Lotus Notes, Exchange etc.
6 Local access to the NG Firewall modules should support authentication protocols – RADIUS & TACACS+.
7
NG Firewall should support authentication proxy for Remote VPN, HTTP/HTTPS Applications access and various other applications.
8
NG Firewall should support the authentication protocols RADIUS, LDAP, TACACS, PKI methods & single sign on for Windows AD, Novell eDirectory, Citrix and Terminal Server Agent
9 NG Firewall should support PKI Authentication with PCKS#7 & PCKS#10 standards.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 21 C o n f i d e n t i a l & P r o p r i e t a r y
10 Should support BGP, OSPF, RIPv1 &2, Multicast Tunnels.
11 Dynamic policy enforcement on VPN clients.
12 Should support telnet client and server functionality
E NG Firewall filtering requirements
1 Should support the filtering of TCP/IP based applications with standard TCP/UDP ports.
2 Should provide state engine support for all common protocols of TCP/IP stack.
3 Filtering capability that includes parameters like source & destination addresses, source & destination port numbers, protocol type.
4 NG Firewall should be able to filter traffic even if the packets are fragmented.
5 Should support the VOIP Applications Security by supporting to filter SIP, H.323, MGCP and Skinny flows.
6
NG Firewall should support authentication protocols like LDAP, RADIUS and have support for firewall passwords, smart cards, & token-based products like SecurID, LDAP-stored passwords, RADIUS or TACACS+ authentication servers and X.509 digital certificates.
7 NG Firewall should support database related filtering and should have support for Oracle, MS-SQL, and Oracle SQL-Net.
8
NG Firewall should provide advanced NAT capabilities, supporting all applications and services-including H.323 and SIP based applications.
9 Should support CLI & GUI based access to the NG Firewall modules.
10 Local access to NG firewall modules should support role based access.
11
QoS Support [Guaranteed bandwidth, Maximum bandwidth, Priority bandwidth utilization, QOS weighted priorities, QOS guarantee, QOS limits and QOS VPN].
12 Should be able to block Instant Messaging like Yahoo, MSN, Skype.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 22 C o n f i d e n t i a l & P r o p r i e t a r y
13 Should enable blocking of Peer-Peer applications, like Kazaa, Gnutella, Bit Torrent, IRC (over HTTP)
14 Should support IPv4 and IPv6 Rate based DOS protection
15 In-built token server that manages both physical and mobile tokens for use with IPsec (Client to site) & SSL VPN users.
16 Anti-bot capability using IP reputation DB, terminates botnet communication to C&C servers.
F Intrusion prevention system requirements
1 Intrusion prevention sensors delivering a minimum of 4-8 Gbps of context-aware , real-world traffic inspection
2
IPS device should perform stateful pattern recognition to identify vulnerability-based attacks through the use of multi-packet inspection across all protocols.
3 The proposed IPS must perform protocol decoding and validation for network traffic including: IP, TCP, UDP, and ICMP.
4
IPS should provide anomaly identification for attacks that may cover multiple sessions and connections, using techniques based on identifying changes in normal network traffic patterns.
5 Should support creation of baseline of normal network traffic and then uses baseline to detect worm-infected hosts
6 Proposed IPS should identify attacks based on observed deviations in the normal RFC behaviour of a protocol or service.
7 Must be able to identify Layer 2 Address Resolution Protocol (ARP) attacks and man-in-the-middle attacks.
8 The sensors should be able to detect attacks running inside of these tunnelling protocols such as GRE, IP-in-IP, MPLS, and IPv4/IPv6.
9 Should be resistant to IPS evasion and protection from anti-NIPS (Network Intrusion Prevention System) techniques.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 23 C o n f i d e n t i a l & P r o p r i e t a r y
10
Should support Vulnerability and Exploit signatures, Protocol validation, Anomaly detection, Behavior-based detection, Multi-element global correlation and reputation based filtering
11 IPS profile should have an option to select or re-select specific signatures that can be deactivated
12 Intrusion Prevention should have the option to add exceptions for network and services.
13
IPS should provide rate shaping to prioritize known, normal traffic flows and unknown traffic flows and proposed system should have integrated Traffic Shaping functionality.
14 IPS policy to block the traffic by country should have an option to configure in incoming direction, outgoing direction or both.
15 IPS events/protection exclusion rules should be created and the packet data should be viewed directly from log entries.
16 Application Intelligence should have controls for Instant Messenger, Peer-to-Peer, Malware Traffic etc.
17 Instant Messenger should have options to Block File Transfer, Block Audio, Block Video, Application Sharing and Remote Assistance
18 IPS should have an option to create your own signatures with an open signature language.
19
IPS should provide detailed information on each protection, including: Vulnerability and threat descriptions, Threat severity, Performance impact, Release date, Industry Reference, Confidence level etc.
20
Signatures should have severity level defined to it so that the administrator can understand and decide which signatures to enable for what traffic (e.g. for severity level: high medium low)
G Administration, Management and Logging
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 24 C o n f i d e n t i a l & P r o p r i e t a r y
1 NGFW Real-Time Monitoring, Management & Log Collection (with storage) should not be distributed to more than ONE server/appliance
2 Any changes or commands issued by an authenticated user should be logged to a database.
3 NGFW administration station must provide a means for exporting the firewall and IPS rules set and configuration.
4 Support for role based administration of firewall and IPS
5 NGFW administration software must provide a means of viewing, filtering and managing the log data.
6 NG firewall logs must contain information about the firewall policy rule that triggered the log.
7 NGFW must provide a minimum basic statistics about the health of the device and the amount of traffic traversing the NGFW device.
8 NGFW should have the functionality of Workflow and Audit for the Rule Change Management Process.
9
Should provide real time health status of all the firewall modules on the dashboard for CPU & memory utilization, state table, total number of concurrent connections and the connections/second counter.
10
NGFW must send mail or SNMP traps to Network Management Servers (NMS) in response to system failures or threshold violations of the health attributes.
H IPSec / SSL VPN Requirements
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 25 C o n f i d e n t i a l & P r o p r i e t a r y
1
The VPN should be integrated with firewall and should be ICSA Labs certified for both IPSec and SSL-TLS. Should support the following protocols: DES & 3DES MD5, SHA-1 & the more secure SHA-256 authentication Diffie-Hellman Group 1, Group 2, Group 5 & the more secure Group 14 Internet Key Exchange (IKE) v1 as well as IKE v2 algorithm The new encryption standard AES 128, 192 & 256 (Advanced Encryption Standard)
2 IPSec VPN should support XAuth over RADIUS and RSA SecurID or similar product.
3
The system should support 2 forms of site-to-site VPN configurations: a) Route based IPsec tunnel b) Policy based IPsec tunnel
4 Should have integrated SSL VPN with no user license restriction. Please specify if the product does not follow the required licensing policy
5 Solution must support at least 5000 concurrent SSL VPN users without any additional license purchase
6 Should support one time login per user options: prevents concurrent logins using same username
7 Should support SSL-VPN Two-factor Authentication
8 Should support single sign-on for FTP and SMB
9 Should support Windows, and MAC OS for SSL-VPN (Should have always-on clients for these OS apart from browser based access)
10 Should support Host integrity checking and OS check (for windows terminals only) prior to SSL tunnel mode connections
11 Should support MAC host check per portal
12 Should have Cache cleaning option just before the SSL VPN session ends
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 26 C o n f i d e n t i a l & P r o p r i e t a r y
13 Should also support Virtual desktop option to isolates the SSL VPN session from the client computer’s desktop environment
14
The proposed solution should support Virtualization (Virtual Firewall, Security zones and VLAN) with minimum 10 Virtual Firewall license.
15 Should able to view and manage current IPSEC and SSL VPN connections in details
16 Device should support client for both IPSec and SSL-VPN
17 Should support NAT within IPSec/SSL VPN tunnels
18 Should also support PPTP and L2TP over IPSec VPN protocols.
I Web Content Filtering
1 Should not be a home grown engine and web content filter should be from a well known manufacturer
2 The appliance should facilitate embedded web content filtering feature
3 Web content filtering solution should work independently without the need to integrate with proxy server.
4 Should have facility to block URL' based on categories.
5 URL database should have at least 200 million + sites and 100 categories.
6 Should be able to block different categories/sites based on users.
7 Should have configurable parameters to block/allow unrated sites
8 Should have configurable options to allow/deny access to web sites in case if the URL rating service is unavailable
9 Should have options to customize the block message information send to end users
10
Should have facility to schedule the configurations so that non work related sites are blocked during office hrs and allow access to all sites except non harmful sites during non office hrs.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 27 C o n f i d e n t i a l & P r o p r i e t a r y
11 The solution should have options to block java applets, ActiveX as well as cookies
12 The solution should be able to block URLs hosting spywares / adware’s etc.
13 Should have configurable policy options to define the URL exempt list
14
The proposed solution should be able to enable or disable Web Filtering per policy or based on authenticated user groups for both HTTP and HTTPS traffic.
J Anti-virus & Anti-bot
1
Should be able to block, allow or monitor only using AV signatures and file blocking based on per firewall policy based or based on firewall authenticated user groups with configurable selection of the following services: a) HTTP, HTTPS b) SMTP, SMTPS c) POP3, POP3S d) IMAP, IMAPS e) FTP, FTPS
2 Solution should offer both anti-virus scanning options - proxy mode and flow (streaming) mode.
3
Should be able to block or allow oversize file based on configurable thresholds for each protocol types and per firewall policy.
4
NG firewall must include Anti-bot capability using IP reputation DB, terminates botnet communication to C&C servers also. Vendor needs to add additional license if it is required.
5
NG firewall should have 35000+ botnet definitions in its database and should be updated on regular basis to protect from new definitions
6 Antivirus module should be ICSA certified
7 Antivirus solution vendor must have received "Recommended" rating of NSS lab's Adanvce Endpoint Protection report.
K Data Leakage Prevention
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 28 C o n f i d e n t i a l & P r o p r i e t a r y
1 NG Firewall should have in-built DLP functionality without requiring any additional hardware or software license
2
System should allow administrator to prevent sensitive data from leaving the network. Administrator should be able to define sensitive data patterns, and data matching these patterns that should be blocked and/or logged when passing through the unit.
3 Proxy solution must detect, protect and log sensitive data travelling through HTTP and HTTPS channles
4 DLP feature must offer watermarking functionality which allows organizers to apply document marking for DLP.
5 DLP actions should be : Log only, block, quarantine user/IP/Interface
6
It should have DLP fingerprinting feature which generates a checksum fingerprint from intercepted files and compare it to those in the fingerprint database.
L Other Requirements
1 Provision to create secure zones / DMZ (ie Multi-Zone support)
2
Should support Gateway Data Loss Prevention (DLP) feature for popular protocols like HTTP, HTTPS, FTP, POP3, IMAP, SMTP, POP3S, IMAPS, SMTPS
3 The DLP feature should support popular file types like MS-Word, PDF etc. Should also support DLP fingerprinting
4
Should support DLP watermarking: allows filter
files that pass through the unit and contain a corporate identifier (a text string) and a sensitivity level (Critical, Private, and Warning) hidden in a watermark.
5
Should Support Packet Capture/sniffer to capture and examine the contents of individual data packets that traverse the NG firewall appliance for troubleshooting, diagnostics and general network activity
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 29 C o n f i d e n t i a l & P r o p r i e t a r y
6
The device should belong to a family of products that attains NSS Approved Certification, IPv6 Ready Phase 2 and USGv6
IPv6 Certified
7 Should able to support Geo-IP block. It should able to block country wise traffic.
8 ICSA labs certification for Firewall, SSL, IPSEC VPN, AV, IPS
M Warranty
1
3 years 24x7 comprehensive onsite support from OEM with maximum 4 hour response time / 6 hour Call-to-Resolution Services & Support ever be a hardware failure replacement
N Training
1 Technical Training for two persons
___________________________________________________________________________________ (Signature) (Name) (In the capacity of)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 30 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – C UNDERTAKING OF AUTHENTICITY
(To be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)
Date: _________________________
To:
The Head, Information Technology
SBICAP Securities Ltd.
Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg,
Lower Parel, Mumbai 400013
Dear Sir,
Ref: SSL/IT/RFP/2016-17/004 dated: 28.03.2017
Sub: Undertaking of Authenticity for Hardware & Software Supplies
With reference to the equipment being quoted to you vide your RFP, we hereby confirm
that all the components /parts /assembly / software etc. used in the equipment to be
supplied shall be original new components / parts / assembly / software only, from
respective OEMs of the products and that no refurbished / duplicate / second hand
components /parts/ assembly / software shall be supplied or shall be used. We also
undertake to produce certificate from the Original Equipment Manufacturers (if
required by you) in support of the above statement at the time of delivery / installation.
We also confirm that in respect of licensed systems and other software utilities to be
supplied, the same will be procured from authorized sources and supplied with
Authorized License Certificate (e.g. Product keys from the respective OEM)
In case of default and SSL finds that the above conditions are not complied with, we
agree to take back the equipment/components supplied and return the money paid by
you, in full within seven days of intimation of the same by SSL, without demur or any
reference to a third party and without prejudice to any remedies SSL may deem fit.
In case of default and we are unable to comply with above at the time of delivery or
during installation, for the IT Hardware / Software already billed, we agree to take back
the equipment without demur, if already supplied and return the money if any paid to
us by you in this regard.
We also take full responsibility of both parts & Service SLA as per the content even if
there is any defect by our authorized Service Centre / Reseller / SI etc.
Dated this __________day of________________ 2017
______________________________________________________________________
(Signature) (Name) (In the capacity of)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 31 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE-D SLA Terms & Conditions for Hardware, Software & Maintenance Services
The Vendor warrants that the products supplied under the Contract are new, unused, of the most
recent or current model and they incorporate all recent improvements in design and / or features.
The Vendor further warrants that all the Products supplied under this Contract shall have no
defect, arising from design or from any act of omission of the Vendor that may develop under
normal use of the supplied products in the conditions prevailing in India.
Warranty for Hardware Components: Onsite comprehensive warranty for all the hardware
components including free replacement of spares, parts, kits as and when necessary will be 36
months from date of installation.
Warranty for the System Software/off-the-shelf Software will be provided to the SSL as per the
general conditions of sale of such software.
The Vendor shall in addition comply with the performance guarantees specified under the
Contract. If, for reasons attributable to th e Vendor, these guarantees are not attained in
whole or in part the Vendor shall make such changes, modifications and / or additions to the
Products or any part thereof as may be necessary in order to attain the contractual guarantees
specified in the Contract at its own cost and expense and to carry out further performance tests.
On-site comprehensive warranty: The warranty would be on-site and comprehensive in nature
and back to back support from the OEM. The vendor will warrant all the hardware and software
against defects arising out of faulty design, materials and media workmanship etc. for a period of
one or three years from the date of acceptance of the hardware and software. The vendor will
provide support for Operating Systems and other preinstalled software components during the
warranty period of the hardware on which these software & operating system will be installed.
The Vendor shall repair or replace worn out or defective parts including all plastic parts of the
equipment at his own cost including the cost of transport.
During the term of the contract, the VENDOR will maintain the equipment in perfect working order
and condition and for this purpose will provide the following repairs and maintenance services:
a) Free maintenance services during the period of warranty. Professionally qualified
personnel who have expertise in the hardware and system software supplied by the
vendor will provide these services.
b) The Bidder shall rectify any defects, faults and failures in the equipment and shall
repair/replace worn out or defective parts of the equipment on 24X7X365 basis. The
Vendor shall provide 3 years comprehensive onsite warranty with 24 X 7 X 365 support.
In case any defects, faults RFP for procurement of LB & SOA Gateway Solution and
failures in the equipment could not be repaired or rectified during the said period, the
engineers of the VENDOR are required to accomplish their duties beyond the said
schedules in case of any situation if it warrants. In cases where unserviceable parts of the
equipment need replacement, the VENDOR shall replace such parts, at no extra cost to
the SSL with brand new parts or those equivalent to new parts in performance. For this
purpose the VENDOR shall keep sufficient stock of spares at SSL‟s premises and at the
premises of The VENDOR.
c) The maximum response time for a maintenance complaint from the site of installation
(i.e. time required for Vendor’s maintenance engineers to report to the installations
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 32 C o n f i d e n t i a l & P r o p r i e t a r y
after a request call / fax /e-mail is made or letter is written) shall not exceed 4 (four)
hours.
d) The VENDOR shall ensure that faults and failures intimated by SSL as above are set right
within 6 (six) hours of being informed of the same. In any case the equipment should be
made workable and available not later than the Next Business Day.
e) The VENDOR shall ensure that the full configuration of the equipment is available to the
SSL in proper working condition viz. uptime of 99.9% of the time on a 24x7x365 basis.
f) In the event of the equipment not being repaired or a workable solution not provided
during Warranty period, a penalty of one (1) percent of the total consideration for delay
of each week or part thereof subject to maximum amount of ten (10) percent of the
total consideration will be charged to vendor. The vendor may provide temporary
equivalent replacement as a workable solution to avoid the above penalty.
g) Any penalty due during the Warranty period will be adjusted against the 10% retention
money retained by the SSL. For purpose of calculating penalty, uptime is calculated as
under :
Uptime (%) = Sum of total hours during month - Sum of downtime hours during month X 100
Sum of total hours during the month
Total hours during the month = No. of days in the month X 24
h) In case of any breakdown / malfunctioning of hardware, hardware components,
accessories, system software etc., the relevant defect should be attended to within 2
hours onsite of the receipt/ notice of the complaint and resolved within 4 hours i.e. the
total resolution time inclusive of response time will be 6 hours. Failing to do so, penalty
will be levied in case of every event of breakdown / defect/ malfunctioning of hardware,
hardware component, accessories, system software, due to patch download / upload or
for any reason, beyond the range of 6 hours as follows:
Sr No Period of delay Penalty amount
1 >Six hours up to eight hours Rs.10000 per hour or part thereof
2 > Eight hours up to twelve hours Rs.20000 per hour or part thereof
3 > Twelve hours up to twenty four Hours Rs. 50000 per hour or part thereof
4 > Twenty four hours Rs. 100000 per hour or part thereof
i) The maximum penalty on account of this will be 10% of the total value of the contract.
j) The VENDOR shall ensure that the meantime between failures (including any
malfunctioning, breakdown or fault) in the equipment or any part thereof, as calculated
during any and every quarter (period of three consecutive months) is not less than 90
days.
k) Preventive maintenance: the VENDOR shall conduct Preventive Maintenance (including but not limited to inspection, testing, satisfactory execution of all diagnostics, cleaning and removal of dust and dirt from the interior and exterior of the equipment, and necessary repair of the equipment) once within first 15 days of the installation once within the first 15 days of every alternate month during the currency of this agreement on a day and time to
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 33 C o n f i d e n t i a l & P r o p r i e t a r y
be mutually agreed upon. Notwithstanding the foregoing the VENDOR recognizes SSL’s operational needs and agrees that SSL shall have the right to require the VENDOR to adjourn preventive maintenance from any scheduled time to a date and time not later than 15 working days thereafter.
l) All engineering changes generally adopted hereafter by the VENDOR for equipment
similar to that covered by this AGREEMENT, shall be made to the equipment at no cost
to the SSL.
m) Qualified maintenance engineers totally familiar with the equipment shall perform all
repairs and maintenance service described herein.
n) The SSL shall maintain a register at its site in which, the SSL’s operator / supervisor shall
record each event of failure and / of malfunction of the equipment. The VENDOR’s
engineer shall enter the details of the action taken in such register. Additionally every
time a preventive or corrective maintenance is carried out, the VENDOR’S engineer shall
make, effect in duplicate, a field call report which shall be signed by him and thereafter
countersigned by the SSL’s official. The original of the field call report shall be handed
over to the SSL’s official.
o) The VENDOR shall provide replacement equipment if any equipment is out of the premises for repairs.
Any worn or defective parts withdrawn from the equipment and replaced by the VENDOR shall
become the property of the VENDOR and the parts replacing the withdrawn parts shall become
the property of SSL
The VENDOR’s maintenance personnel shall, be given access to the equipment when necessary,
for purpose of performing the repair and maintenance services indicated in this agreement
However if SSL desires to shift the equipment to a new site and install it thereof urgently, the
VENDOR shall be informed of the same immediately. The ssl shall bear the charges for such
shifting and the VENDOR shall provide necessary arrangement to ssl in doing so. The terms of this
agreement, after such shifting to the alternate site and reinstallation thereof would continue to
apply and binding on the VENDOR.
SSL shall arrange to maintain appropriate environmental conditions, such as those relating to
space, temperature, power supply, dust within the acceptable limits required for equipment
similar to that covered by this Agreement.
NO term or provision hereof shall be deemed waived and no breach excused, unless such waiver
or consent shall be in writing and signed by the party claimed to have waived or consented. Any
consent by any party to or waiver of a breach by other, whether express or implied, shall not
constitute a consent to or waiver of or excuse for another different or subsequent breach
. If, in any month, the VENDOR does not fulfill the provisions of clauses (b), (c),(d), (e) and (h) only the proportionate maintenance charges for that period during the month will be considered payable by ssl without prejudice to the right of the ssl to terminate the contract. In such event the VENDOR was credited without deducting the proportionate maintenance charges for that month, the ssl can deduct the same from future payments payable or the VENDOR shall refund the amount forthwith to ssl on demand by Bank.
On account of any negligence, commission or omission by the engineers of the VENDOR and if any loss or damage caused to the Equipment, the VENDOR shall indemnify/pay/reimburse the loss suffered by the SSL.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 34 C o n f i d e n t i a l & P r o p r i e t a r y
The SSL would have the right to:
a) Shift supplied systems to an alternative site of its choice. b) Disconnect / connect / substitute peripherals such as printers, etc. or devices or any equipment
/ software acquired from another vendor. c) Expand the capacity / enhance the features / upgrade the hardware / software supplied, either
from the vendor, or another vendor, or developed in-house. provided such changes or attachments do not prevent proper maintenance, from being performed or unreasonably increase the VENDOR cost of performing repair and maintenance service.
The warranty terms would not be considered as violated if any of (a), (b) or (c) above takes place. Should there be a fault in the operations of the system, the vendor, would not unreasonably assume that the causes lie with those components / software not acquired from them.
CONFIDENTIALITY:
a) The VENDOR acknowledges that all material and information which has and will come into its possession or knowledge in connection with this agreement or the performance thereof, whether consisting of confidential and proprietary data or not, whose disclosure to or use by third parties may be damaging or cause loss to SSL will all times be held by it in strictest confidence and it shall not make use thereof other than for the performance of this agreement and to release it only to employees requiring such information, and not to release or disclose it to any other party. The VENDOR agrees to take appropriate action with respect to its employees to ensure that the obligations of non-use and non-disclosure of confidential information under this agreement are fully satisfied. In the event of any loss to the SSL in divulging the information by the employees of the VENDOR, the SSL shall be indemnified. The VENDOR agrees to maintain the confidentiality of the SSL’s information after the termination of the agreement also.
b) The VENDOR/SSL will treat as confidential all data and information about the VENDOR/SSL/Contract, obtained in the execution of this tender including any business, technical or financial information, in strict confidence and will not reveal such information to any other party.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 35 C o n f i d e n t i a l & P r o p r i e t a r y
Transition Clause In the event of failure of the Service Provider to render the Services or in the event of termination of agreement or expiry of term or otherwise, without prejudice to any other right, the SSL at its sole discretion may make alternate arrangement for getting the Services contracted with another vendor. In such case, the SSL shall give prior notice to the existing Service Provider. The existing Service Provider shall continue to provide services as per the terms of contract until a ‘New Service Provider’ completely takes over the work. During the transition phase, the existing Service Provider shall render all reasonable assistance to the new Service Provider within such period prescribed by the SSL, at no extra cost to the SSL, for ensuring smooth switch over and continuity of services. If existing vendor is in breach of this obligation, they shall be liable for paying a penalty of Rs.___________on demand to the SSL, which may be settled from the payment of invoices for the contracted period.
___________________________________________________________________________________ (Signature) (Name) (In the capacity of)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 36 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – E EMD BANK GUARANTEE FOR SUPPLY, DELIVERY OF EQUIPMENTS/COMPONENTS AS ARE
SET OUT IN THE SBI RFP NO. SSL/IT/RFP/2016-17/004 DATED: 28.03.2017 (to be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)
WHEREAS Sbicap Securities Ltd. (SSL), having its Corporate Office at Lower Parel, Mumbai, and Regional
offices at other State capital cities in India has invited Request for Proposal for supply, delivery of
equipment/components to Sbicap Securities Ltd. and such services as are set out in the Sbicap Securities
Ltd., Request for Proposal SSL/IT/RFP/2016-17/004 dated: 28.03.2017.
2. It is one of the terms of said Request for Proposal that the Bidder shall furnish a Bank Guarantee for a
sum of Rs.__________/- (Rupees _____________________ Only) as Earnest Money Deposit.
3. M/s. ________________________, (hereinafter called as Vendor, who are our constituents intends to
submit their tender for the said work and have requested us to furnish guarantee in respect of the said
sum of Rs.__________/- (Rupees _____________________ Only)
4. NOW THIS GUARANTEE WITNESSETH THAT We _____________________________ (Bank) do hereby
agree with and undertake to the Sbicap Securities Ltd., their Successors, assigns that in the event of the
SBI coming to the conclusion that the Bidder has not performed their obligations under the said conditions
of the RFP or have committed a breach thereof, which conclusion shall be binding on us as well as the
said Vendor, we shall on demand by the SBI, pay without demur to the SBI, a sum of Rs.__________/-
(Rupees _____________________ Only) or any lower amount that may be demanded by Sbicap
Securities Ltd.. Our guarantee shall be treated as equivalent to the Earnest Money Deposit for the due
performance of the obligations of the Vendor under the said conditions, provided,
however, that our liability against such sum shall not exceed the sum of Rs.__________/- (Rupees
_____________________ Only).
We also agree to undertake to and confirm that the sum not exceeding Rs.__________/- (Rupees
_____________________ Only) as aforesaid shall be paid by us without any demur or protest, merely on
demand from the SBI on receipt of a notice in writing stating the amount is due to them and we shall not
ask for any further proof or evidence and the notice from the SBI shall be conclusive and binding on us
and shall not be questioned by us in any respect or manner whatsoever. We undertake to pay the amount
claimed by the SBI within a period of one week from the date of receipt of the notice as aforesaid. We
confirm that our obligation to the SBI under this guarantee shall be independent of the agreement or
agreements or other understandings between the SBI and the Vendor. This guarantee shall not be
revoked by us without prior consent in writing of the SBI.
We hereby further agree that
a) Any forbearance or commission on the part of the SBI in enforcing the conditions of the said
agreement or in compliance with any of the terms and conditions stipulated in the said tender
and/or hereunder or granting of any time or showing of any indulgence by the SBI to the
Vendor or any other matter in connection therewith shall not discharge us in any way our
obligation under this guarantee. This guarantee shall be discharged only by the performance
of the Vendor of their obligations and in the event of their failure to do so, by payment to us
of the sum not exceeding Rs.__________/- (Rupees _____________________ Only)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 37 C o n f i d e n t i a l & P r o p r i e t a r y
b) Our liability under these presents shall not exceed the sum of Rs.__________/- (Rupees
_____________________ Only)
c) Our liability under this agreement shall not be affected by any infirmity or irregularity on the
part of our said constituents in tendering for the said work or their obligations there under or
by dissolution or change in the constitution of our said constituents.
d) This guarantee shall remain in force up to 180 days provided that if so desired by the SBI, this
guarantee shall be renewed for a further period as may be indicated by them on the same
terms and conditions as contained herein.
e) Our liability under this presents will terminate unless these presents are renewed as provided
herein up to 180 days or on the day when our said constituents comply with their obligations,
as to which a certificate in writing by the SBI alone is the conclusive proof, whichever date is
later.
f) Unless a claim or suit or action is filed against us within six months from that date or any
extended period, all the rights of the SBI against us under this guarantee shall be forfeited and
we shall be released and discharged from all our obligations and liabilities hereunder.
Yours faithfully,
___________________________
Authorized official.
(NB: This guarantee will require stamp duty as applicable in the State where it is executed and
shall be signed by the official(s) whose signature and authority shall be verified)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 38 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – F MANUFACTURERS AUTHORISATION FORM
No.
Date:
To,
The Head, Information Technology SBICAP Securities Ltd. Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg, Lower Parel, Mumbai 400013
Dear Sir,
Sub: RFP No. SSL/IT/RFP/2016-17/004 dated: 28.03.2017
We………………..who are established and reputable manufacturers of ……………………...
Having factories at ……………and……………do hereby authorize M/s…………………
(Name and address of vendors) to submit a bid and sign the contract with you for the goods
manufactured by us against the above RFP No………….dated…………..
We hereby extend our full guarantee and warranty as per the clauses of contract based on the
terms and conditions of the RFP for the goods and services offered for supply by the above firm
against this RFP.
Yours faithfully,
( )
Name of the Manufacturer
Note: This letter of authority should be on the letterhead of the manufacturer and should
be signed by a person competent and having the power of attorney to bind the
manufacturer. It should be included by the bidder in its
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 39 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – G PRICE BREAKUP SCHEDULE
(to be printed on Bidder’s Letter Head)
To:
The Head, Information Technology
SBICAP Securities Ltd.
Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg,
Lower Parel, Mumbai 400013
Dear Sir,
Ref: SSL/IT/RFP/2016-17/004 dated: 28.03.2017
Sub: Price Breakup Schedule
Total Project Cost along with Equipment with 3 year warranty and 4th and 5th year AMC amount.
Details to be given AS PER THE Technical and functional requirement mentioned in
the RFP. Bidder need to specify the unit cost for each and every item.
Buyback offer for the existing Fort iGATE 310B (2 nos.) and Fort iGATE Analyzer (1
nos.)
Total Capex = Project Cost – Buyback Offer
Note: Pricing should be “All Inclusive” except VAT / sales tax / service tax/ LBT / Octroi, which will be
reimbursed upon production of original receipts, at actual, under the signature and seal of the Bidder.
Dated this __________day of________________ 2017
____________________________________________________________________________ (Signature) (Name) (In the capacity of) Note:
1. The ‘Price Breakup’ with Bill of Material need to be submitted without any pricing as part of the
Technical Bid proposal.
2. The ‘Price Breakup’ with Bill of Material need to be submitted with Indicative pricing as part of the
Indicative Price Bid proposal.
3. Same need to be submitted by the selected bidder with the final price breakup after the reverse
auction.
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 40 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – H COMPLIANCE CERTIFICATE FOR ELIGIBILITY CRITERIA
(To be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)
Sr. No.
Eligibility Criteria Compliance (Yes/No)
Documents to be submitted
1
The bidder must be an Indian firm/ company / organization registered under Companies Act.
Copy of the Certificate of Incorporation Companies and full address of the registered office
2
This tender is restricted to authorised partners / System Integrators of partners of OEMs.
A certificate from OEM needs to be submitted
3
The proposed product should be in the latest published Gartner’s Leaders Magic Quadrant for "NGFWs".
Copy of Gartner’s magic quadrant -2016
4
OEM should have: a) Registered office address and official URL
a) Office(s) in India b) b) Declaration by the OEM on letter head.
b) Having engaged minimum 20 specialized staff in India
5
The bidder must have a turnover of minimum Rs. 10 Crore during last three financial years.
Copy of the audited Balance Sheet and / or Certificate of the Charted Accountant for preceding three years
6 The bidder should be profitable organization for last 3 financial years
Copy of the audited balance sheet and / or Certificate of the Charted Accountant
7
Bidder should have experience of minimum 2 years in supply, configuration and maintenance of the proposed product.
Copy of the purchase order and / or Certificate of completion of the work by the customer
8 Client references and contact details(email/landline/mobile) of customers for whom the
1
2
3
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 41 C o n f i d e n t i a l & P r o p r i e t a r y
Bidder has executed similar projects( Start and End Date of the Project to be mentioned) in the past
9 Certification Requirements (as per scope of the project )
Copy of the Valid Certificate(s) to be provided
10 Project Management Methodologies
Profile of project Team / previous Assignments of similar nature / Details project plan to be submitted
11 Deployment Methodologies
Documents on deployment framework, tools, templates & utilities to be provided
12
Bidder should not supply hardware and software having End of support before December 2025
Write-up on product’s lifecycle
13 support infrastructure Document on support infrastructure to be provided
We confirm that we comply with the eligibility criteria mentioned above & the terms & conditions mentioned in the RFP Document are acceptable to us. Dated this __________day of________________ 2017
___________________________________________________________________________ (Signature) (Name) (In the capacity of)
SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW
Page. 42 C o n f i d e n t i a l & P r o p r i e t a r y
ANNEXURE – I BIDDER’S ORGANIZATION PROFILE
(to be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)
Date: _________________________
To:
The Head, Information Technology
SBICAP Securities Ltd.
Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg,
Lower Parel, Mumbai 400013
Dear Sir,
Ref: SSL/IT/RFP/2016-17/004 dated: 28.03.2017
Details of the Bidder:
1) Name
2) Date of Incorporation and / or commencement of business
3) Certificate of incorporation/Partnership deed
4) Brief description of the Bidder including details of its main line of business
5) Company /firms website URL
6) Particulars of the Authorized Signatory of the Bidder
a. Name
b. Designation
c. Address
d. Phone Number (Landline)
e. Mobile Number
f. Fax Number g. Email Address
Dated this __________day of________________ 2017 ___________________________________________________________________________ (Signature) (Name) (In the capacity of)