sbicap securities limited - home | sbi smart · 2017-03-28 · sbicap securities limited marathon...

SBICAP securities limited

Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg,

Lower Parel, Mumbai 400013

NG FIREWALL

RFP NO. SSL/IT/RFP/2016-17/004

REQUEST FOR PROPOSAL FOR

SUPPLY, INSTALLATION, COMMISSIONING OF

NG FIREWALL

Tender Period: March 28, 2017 to April 07, 2017

SSL/IT/RFP/2016-17/004 RFP for Supply, Installation, Commissioning Of NGFW

Page. 2 C o n f i d e n t i a l & P r o p r i e t a r y

Introduction

SBICAP Securities Ltd (SSL) is the broking arm of the State Bank Group and a wholly owned

subsidiary of SBI Capital Markets Ltd. SSL commenced operations in the first quarter of

financial year of 2006-2007 with a view to providing primary and secondary capital market

access to investors both within the Group as also in the wider public domain. The Company

currently has in its fold a wide segment of clients including Banks, Financial Institutions, FIIs,

Mutual Funds, and Corporates, High Net worth Individuals, Non-Resident Indians and Retail

domestic investors. Its broking product range covers Institutional and Retail Equity,

Derivatives, Depository Participant services, On-Line trading and a wide variety of Third Party

Distribution products.

PART 1 INVITATION TO BID

1.1 About SSL:

1.1.1 SBICAP Securities Ltd is having its Corporate Centre at Mumbai.

In order to meet the hardware requirements of Internet infrastructure, SSL proposes to invite

tenders from established organizations (hereinafter referred to as “Bidder”) to undertake

supply, installation, testing, commissioning and maintenance of equipment as per details

listed out in this document.

The Bidding Document may be obtained from the SSL as under or downloaded from SSL’s

Website ‘www.sbismart.com’ and the bid should be submitted to the office of:

Head - IT,

SBICAP Securities Ltd. Marathon Futurex, 12th Floor,

N. M. Joshi Marg, Lower Parel (East), Mumbai 400013, Maharashtra.

1.2 Please note that all the information desired needs to be provided. Incomplete information may lead to non-consideration of the proposal.

1.3 All Bids must be accompanied by Earnest Money Deposit as specified in the Bid document.

1.4 SSL reserves the right to change the dates mentioned in this RFP document, which will be communicated to the bidders.

1.5 The information provided by the bidders in response to this RFP document will become the property of SSL and will not be returned. SSL reserves the right to amend, rescind or reissue this RFP and all amendments will be advised to the bidders and such amendments will be binding on them.



1.6 SCHEDULE OF EVENTS

Sr. No. Activity Details

1 RFP Number SSL/IT/RFP/2016-17/004

2 Release Of RFP March 28, 2017

3

Address for

Receipt/submission of Bid

document

Head – IT, SBICAP Securities Limited, A & B Wing, Marathon

Futurex, 12th Floor, N.M. Joshi Marg, Lower Parel, Mumbai –

400013.

4

Bid Submission Bids should be submitted in two different sealed envelopes.

a Envelop – I

Technical Bid For Procurement “Technical Bid for supply of NG

Firewall – Vide Tender No. SSL/IT/RFP/2016-17/004 dated 28-03-

2017” duly signed

b. Envelop – II

Commercial Bid For Procurement “Indicative Price Bid for supply

of NG Firewall – Vide Tender No. SSL/IT/RFP/2016-17/004 dated

28-03-2017” duly Signed

5 Pre-Bid Queries Queries regarding the RFP can be addressed to email ID’s

mentioned below.

6 Last Date & Time for

submission April 07, 2017 : Before 1500 HRS

7 Technical Bid Opening

Date, Time & Venue

April 07, 2017 : 1530 HRS

Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg, Lower

Parel , Mumbai 400013

8 Online Reverse Auction

Schedule Will be announced, communicated to bidders in due course

9 Contact Details Mr. Pradeep Mahadik (Manager-IT)

Ph.: 022 4227 3510

Email ID [email protected]

[email protected]

***The schedule is subject to change. Notice in writing of any changes will be provided wherever feasible.

mailto:[email protected]



PART 2 Disclaimer

The information contained in this Request for Proposal (RFP) document or information provided subsequently to Bidder(s) or applicants whether verbally or in documentary form/email by or on behalf of SBICap Securities Ltd, is subject to the terms and conditions set out in this RFP document and all other terms and conditions subject to which such information is provided.

This RFP is neither an agreement nor an offer and is only an invitation by the SSL to the interested parties for submission of bids. The purpose of this RFP is to provide the Bidder(s) with information to assist the formulation of their proposals. This RFP does not claim to contain all the information each Bidder may require. Each Bidder should conduct its own investigations and analysis and should check the accuracy, reliability and completeness of the information in this RFP and where necessary obtain independent advices/clarifications. SSL may in its absolute discretion, but without being under any obligation to do so, update, amend or supplement the information in this RFP. No contractual obligation whatsoever shall arise from the

RFP process until a formal contract is signed and executed by duly authorized officers of the SSL with the selected Bidder.

The SSL, its employees and advisors make no representation or warranty and shall have no liability to any person, including any Applicant or Bidder under any law, statute, rules or regulations or tort, principles of restitution or unjust enrichment or otherwise for any loss, damages, cost or expense which may arise from or be incurred or suffered on account of anything contained in this RFP or otherwise, including the accuracy, adequacy, correctness, completeness or reliability of the RFP and any assessment, assumption, statement or information contained therein or deemed to form part of this RFP or arising in any way for participation in this Bid Stage.

The SSL also accepts no liability of any nature whether resulting from negligence or otherwise, howsoever caused arising from reliance of any Bidder upon the statements contained in this RFP.

The issue of this RFP does not imply that the SSL is bound to select a Bidder or to appoint the Selected Bidder or Concessionaire, as the case may be, for the Project and the SSL reserves the right to reject all or any of the Bidders or Bids without assigning any reason whatsoever.

The Bidder shall bear all its costs associated with or relating to the preparation and submission of its Bid including but not limited to preparation, copying, postage, delivery fees, expenses associated with any demonstrations or presentations which may be required by the SSL or any other costs incurred in connection with or relating to its Bid. All such costs and expenses will remain with the Bidder and the

SSL shall not be liable in any manner whatsoever for the same or for any other costs or other expenses incurred by a Bidder in preparation or submission of the Bid, regardless of the conduct or outcome of the Bidding Process.



PART 3 Instructions For Bidders (IFB)

3.1 INTRODUCTION

3.1.1 Broad Scope of Work

a) Supply, installation, testing, commissioning and maintenance of Enterprise NG-Firewall

Solution, at the locations specified in this document.

b) To provide all necessary hardware and software required to make the solution work

strictly as per technical specifications. The specifications given are minimum. Bidders can

quote equivalent or higher technical specifications to meet the SSL requirements.

However no weightage would be given for higher configurations.

3.1.2 Eligibility Criteria

a) This tender is restricted to OEM authorised partners / Value Added Resellers/ System

Integrators of partners of OEMs as finalized in the technical specification annexure-B in

terms of product and service for supply of said product. The standard MAF as per the SSL

format should be submitted by all Bidders.

b) Bidders meeting the criteria (Annexure – H) are eligible to submit their. Bids along with

supporting documents. If the Bid is not accompanied by all the required documents

supporting eligibility criteria, the same would be rejected. Bid is open to all Bidders who

fulfil the eligibility criteria. The bidder has to submit the details of eligibility criteria as

per Annexure – H

3.1.3 Cost of Bidding

The Bidder shall bear all costs associated with the preparation and submission of its Bid, and

the SSL will in no case be responsible or liable for these costs, regardless of the conduct or

outcome of the Bidding process.

Commercial Specifications

Sr.No

Description Make,

Model/ Version

Part No. Location

Unit Price

Taxes Total

Amount Qty

1 NGFW Appliance specification Annexure -B

SSL, MUMBAI Lower Parel HO

2

2 Log analyzer as per specification Annexure-B

SSL, MUMBAI Lower Parel HO

1

Grand Total

Please Note: The above commercial includes Supply, Installation, Configuration and maintenance of the deliverables mentioned in description.



Above pricing will comprise of the total product cost including delivery, installation,

implementation/configuration along with 3 years comprehensive warranty and

support which will include the product subscription services for period of 3 years

pricing will be exclusive of taxes, octroi/entry which will be paid at actuals.

3.1.4 Bidding Process

a) A two stage bidding procedure will be followed. The response to the present tender will

be submitted in two parts i.e. the Technical Bid and the Commercial Bid.

b) In the first stage, only the ‘Technical Bids’ will be opened and evaluated. Those bidders

satisfying the technical requirements of the NG firewall as determined by the SSL and as

per the requirements/specifications and the terms and conditions of this document,

shall be short-listed.

c) In Second Stage, Commercial bids of technically qualified bidder will be opened. An

online reverse auction shall be conducted among the technically qualified bidders to

select the L1 bidder.

d) Schedule for online reverse auction will be communicated later with the technically

eligible bidders only

3.1.5 Bidders Eligibility Criteria

a) Bidders must meet the following eligibility requirements. Bids of non-compliant Bidders

will not be technically or financially evaluated.

b) The Bidder shall provide evidence that it is a current legal entity.

c) The Bidder should be an authorized & Registered OEM Partner. Bidder must furnish

authorization / registration letter for the same.

d) Bidder must have back-to-back support relation with the OEMs whose products are

offered by the bidder to SSL. The proof in support of the same must be enclosed.

e) The bidders and its associates should be able to arrange adequate inventory of the

spares and other related equipment to ensure minimum downtime.

f) The bidder should be profit-making company.

g) The Bidder must organize the bid in accordance with the format specified in the tender

document.

h) The cost of bidding and submission of tender documents is entirely the responsibility of

bidders, regardless of the conduct or outcome of the tendering process.

3.1.6 Period of Validity

All the prices and other terms and conditions of the offer proposed by the Bidder should be

Valid for a minimum period of three months.

3.1.7 Correction of Errors

Arithmetic errors in bids will be treated as follows:

a) Where there is a discrepancy between the amounts in figures and in words, the amount in

words shall govern.

b) Where there is a discrepancy between the unit rate and the line item total resulting from

multiplying the unit rate by the quantity, the unit rate will govern unless, in the opinion of

SSL, there is obviously a gross error such as misplacement of a decimal point, in which case

the line item total will govern.



c) Where there is a discrepancy between the amount mentioned in the bid and the line item

total present in the Bill of Material, the amount obtained on totalling the line items in the

Bill of Materials will govern.

d) The amount stated in the tender form, adjusted in accordance with the above procedure,

shall be considered as binding, unless it causes the overall tender price to rise, in which case

the bid price shall govern.

3.1.8 Acceptance or Rejection of the Bid

SSL reserves the right not to accept any bid, or to accept or reject a particular bid at its sole

discretion without assigning any reason whatsoever. The tenders not submitted in the

prescribed format or incomplete in any sense are likely to be rejected.

3.1.9 Confidentiality

Bidder / Vendor agrees that all mails, data, financial, mail architecture and personnel data

relating to SSL’ s business and other information identified as confidential by the SSL (SSL

Confidential Information), the same shall be kept confidential and shall not be shared with

any third party without prior written approval from SSL.

3.1.10 Site Visits

Visits to reference sites may be sought at the discretion of SSL. Bidder shall provide, in

addition to customer sites, an invitation to SSL to visit Bidder’s own site.

3.1.11 Right to Verification

The SSL reserves the right to verify any or all statements made by the Vendor in the tender

document and to inspect the Vendor’s facility, if necessary, to establish to its satisfaction

about the Vendor’s capacity to perform the job.

3.1.12 Insurance

a) Insurance for all the hardware components supplied under the contract shall be arranged

by the Bidder at his own risk and cost throughout the period of delivery, implementation

and final acceptance process.

b) SSL will not be responsible for any loss/damage/theft of any systems/goods due to any

reasons whatsoever, claims etc., if the Bidder himself will deal any. Evidence of the

insurance policy shall be submitted to SSL.



3.1.13 Submission of Bids

a) Sealing and Marking of Bids

b) The Bidders‘ shall seal the NON-WINDOW envelopes containing one copy of

―”Technical Bid” and one copy of ―”Indicative Price Bid” separately and the two NON-

WINDOW envelopes shall be enclosed and sealed in an outer NONWINDOW envelope.

c) Bids sealed in accordance may be sent by registered post or hand delivered so

as to be received at the following address:

Head - IT SBICAP Securities Limited,

A & B Wing, Marathon Futurex, 12th Floor, N.M. Joshi Marg, Lower Parel, Mumbai - 400013.

Contact Number: +91 22 42273300/330.

d) All envelopes should indicate the name and address of the Bidder on the cover.

e) If the envelope is not sealed and marked, SSL will assume no responsibility for the bid‘s

misplacement or its premature opening

3.1.14 Deadline for Submission of Bids

a) Bids must be received by SSL at the address specified, no later than the date & time

specified in the ―Schedule of Events‖ in Invitation to Bid.

b) In the event of the specified date for submission of bids being declared a holiday for

SSL, the bids will be received up to the appointed time on the next working day.

c) SSL may, at its discretion, extend the deadline for submission of bids by amending the

bid documents, in which case, all rights and obligations of SSL and bidders previously

subject to the deadline will thereafter be subject to the extended deadline.

d) Late Submission of Bids: Any Bid received after the deadline for submission of Bids

prescribed, will be rejected and returned unopened to the bidder.

3.1.15 Modification and Withdrawal of Bids

a) The Bidder may modify or withdraw its Bid after the Bid‘s submission, provided that

written notice of the modification, including substitution or withdrawal of the Bids, is

received by SSL, prior to the deadline prescribed for submission of Bids.

b) The Bidder‘s modification or withdrawal notice shall be prepared, sealed, marked and

dispatched. A withdrawal notice may also be sent by Fax, but followed by a signed

confirmation copy, postmarked, not later than the deadline for submission of Bids.

c) No Bid may be modified after the deadline for submission of Bids.

d) No Bid may be withdrawn in the interval between the deadline for submission of Bids

and the expiration of the period of Bid validity specified by the Bidder on the Bid Form.

Withdrawal of a Bid during this interval may result in the Bidder‘s forfeiture of its EMD.



PART 4 Opening and Evaluation of Bids

4.1 Opening of Technical Bids by the SSL a) The Bidders’ names, Bid modifications or withdrawals and the presence or such other

details as SSL, at its discretion, may consider appropriate, will be announced at the time of

technical Bid opening.

b) Bids and modifications sent, if any, that are not opened at Bid Opening shall not be

considered further for evaluation, irrespective of the circumstances. Withdrawn bids will

be returned unopened to the Bidders.

4.2 Preliminary Examination a) SSL will examine the Bids to determine whether they are complete, required formats have

been furnished, the documents have been properly signed, and the Bids are generally in

order.

b) Prior to the detailed evaluation, SSL will determine the responsiveness of each Bid to the

Bidding Document. For purposes of these Clauses, a responsive Bid is one, which conforms

to all the terms and conditions of the Bidding Document without any deviations.

c) SSL’s determination of a Bid’s responsiveness will be based on the contents of the Bid itself,

without recourse to extrinsic evidence.

d) If a Bid is not responsive; it will be rejected by SSL and may not subsequently be made

responsive by the Bidder by correction of the nonconformity.

4.3 Technical Evaluation a) Only those Bidders and Bids who have been found to be in conformity of the eligibility terms

and conditions during the preliminary evaluation would be taken up by SSL for further

detailed evaluation. Those Bids who do not qualify the eligibility criteria and all terms during

preliminary examination will not be taken up for further evaluation.

b) SSL reserves the right to evaluate the bids on technical & functional parameters including

factory visit and witness demos of the system and verify functionalities, response times,

etc.

c) SSL will evaluate the technical and functional specification of all the equipment’s quoted by

the Bidder.

d) During evaluation and comparison of bids, SSL may at its discretion ask the bidders for

clarification of its bid. The request for clarification shall be in writing and no change in prices

or substance of the bid shall be sought, offered or permitted. No post bid clarification at

the initiative of the bidder shall be entertained.



4.4 Evaluation of Price Bids and Finalisation a) Only those Bidders who qualify in pre-qualification and Technical evaluation would be

short listed for commercial evaluation via Reverse Auction conducted by SSL’s authorized

procurement team.

b) The L1 Bidder will be selected on the basis of net total of the price evaluation as quoted

in the Reverse Auction.

c) The successful bidder is required to provide price breakup within 48 hours of conclusion

of the Reverse Auction.

d) Arithmetic errors, if any, in the price breakup format will be rectified as under :

i. If there is a discrepancy between the unit price and total price which is obtained by

multiplying the unit price with quantity, the unit price shall prevail and the total price

shall be corrected unless it is a lower figure. If the bidder does not accept the

correction of errors, the bid will be rejected.

ii. If there is a discrepancy in the unit price quoted in figures and words, the unit price in

figures or in words, as the case may be, which corresponds to the total bid price for

the bid shall be taken as correct.

iii. If the vendor has not worked out the total bid price or the total bid price does not

correspond to the unit price quoted either in words or figures, the unit price quoted

in words shall be taken as correct.

iv. SSL may waive off any minor infirmity or non-conformity or irregularity in a bid, which

does not constitute a material deviation, provided such a waiving does not prejudice

or affect the relative ranking of any bidder.

4.5 Contacting SSL a) No Bidder shall contact SSL on any matter relating to its Bid, from the time of opening of

Price Bid to the time the Contract is awarded.

b) Any effort by a Bidder to influence SSL in its decisions on Bid evaluation, Bid comparison

or contract award may result in the rejection of the Bidder’s Bid.

4.6 Award Criteria a) SSL will award the Contract to the successful Bidder who has been determined to qualify

to perform the Contract satisfactorily, and whose Bid has been determined to be

responsive, and is the lowest evaluated Bid.

b) SSL reserves the right at the time of award of contract to increase or decrease the quantity

of goods and / or services or change in location where equipment’s are to be supplied

from what was originally specified while floating the RFP without any change in unit price

or any other terms and conditions.

c) SSL’s right To accept any Bid and to reject any or All Bids, SSL reserves the right to accept

or reject any Bid in part or in full or to cancel the Bidding process and reject all Bids at any

time prior to contract award, without incurring any liability to the affected Bidder or

Bidders or any obligation to inform the affected Bidder or Bidders of the grounds for SSL’s

action.



4.7 Notification of Award a) Prior to expiration of the period of Bid validity, SSL will notify the successful Bidder in

writing or by e-mail, that his Bid has been accepted.

b) The notification of award will constitute the formation of the Contract. The selected

Bidder should convey acceptance of the award of contract by returning duly signed and

stamped duplicate copy of the award letter within 7 days of receipt of the communication.

c) Upon notification of award to the L1 Bidder , SSL will promptly notify each unsuccessful

Bidder

4.8 Performance Bank Guarantee Performance bank Guarantee of 10% of the Bid Value to be submitted by the successful

Bidder for a period of 36 months from a Scheduled Commercial bank other than SBI within

10 days of receipt of formal communication/purchase order from the SSL about their

successful bid.

4.9 Signing of Contract a) In the absence of a formal contract, the Bid document, together with SSL’s notification of

award and the vendor’s acceptance thereof, would constitute a binding contract between

SSL and the successful Bidder.

b) Failure of the successful Bidder to comply with the requirement of Clause miscellaneous

(if required) shall constitute sufficient grounds for the annulment of the award and

forfeiture.

c) SSL reserves the right either to invoke the Performance Bank Guarantee or to cancel the

purchase order or both if the Bidder fails to meet the terms of this RFP or contracts

entered into with them

4.10 Miscellaneous a) The selected Bidder should carry out all installation tasks in coordination with the SSL IT

Department, depending on the SSL's requirement.

b) The selected Bidder should undertake, during the period of contract, if required by SSL,

the relocation / shifting of the equipment without any cost to the SSL.

c) The selected Bidder should undertake to implement the observations /recommendations

of SSL’s IS-Audit, Security Audit Team or any other audit conducted by the SSL or external

agencies and any escalation in cost on this account will not be accepted by the SSL.

Note: Not withstanding anything said above, the SSL reserves the right to reject the contract or

cancel the entire process without assigning reasons thereto



PART 5 Terms & Conditions

5.1 All bids and supporting documentation shall be submitted in English.

5.2 SSL will not take into consideration, any variation in the $ price.

5.3 All costs and charges, related to the bid, shall be expressed in Indian Rupees only and the

above total cost is inclusive of installation charges and customization charges.

5.4 Entry/Octroi will be paid at actuals on production of invoices for the same and should not be

included in the total amount.

5.5 The supply of appliance should be done within 04 -05 weeks from the date of purchase order.

5.6 The Bidder is liable to be rejected if any commercial details are found along with the technical

bid.

5.7 The cost of bidding and submission of the bids is entirely the responsibility of the Bidders,

regardless of the conduct or outcome of the tendering process.

5.8 Three years on-site 24x7 comprehensive onsite support from OEM with maximum 4 hour

response time / 6 hour Call-to-Resolution.

5.9 The Vendors should be the authorized supplier/ representative in India. An Authorization

letter from the manufacturer to this effect should be duly furnished.

5.10 SSL reserves the right to reject all or any of the quotations without assigning any reason

thereof.

5.10.1 SSL reserves the right to split the order.

5.10.2 The decision of SSL shall be final.

5.10.3 All bids should be accompanied by:

a) A Pay order/demand Draft of ₹ 1000/- favouring “Sbicap Securities Ltd.” towards cost of

the tender documents.

b) A Pay order/demand Draft of ₹ 50,000/- favouring “Sbicap Securities Ltd.” towards EMD.

c) Technical bids not accompanied with the above Pay order/Demand Drafts are liable to be

rejected. . The EMD deposit so collected will be refunded to all the bidders except L1

Vendor after finalisation of the Tender. The deposit will be refunded to the L1 Vendor only

after the expiry of the validity of the tender price i.e. nine months or such extended and

upon satisfactory performance of the orders placed in terms of the subject tender



PART 6 Payment Terms

6.1 A payment of Ninety percent (90%) of the contracted sum, would be payable on

successful installation, integration and issue of acceptance certificate to that effect by

the Institute.

6.2 A payment of 10% of the order value would be payable to the supplier on expiry of the

warranty period or against bank guarantee of the same amount valid till the last date

of the warranty period.

6.3 All payments will be released based on separate invoices submitted to SSL by the

vendor.

6.4 Order Cancellation SSL reserves its right to cancel the order in the event of one or more of the following situations:

a) Delay in delivery beyond the specified period.

b) Delay in installation beyond 03 weeks from the date of delivery.

6.5 Penalty for Delay in supply For any delay in installation and commissioning of the equipment’s beyond the specific

period, SSL will charge penalty @ 0.5% of the order per week or part thereof, subject to a

maximum of 6%. In case, the amount equal to 6% of the order value is deductible as penalty

and the vendor is still unable to complete successful Installation, the Institute reserves the

right to cancel the order and no payment will be made to the vendor.

6.6 Order Cancellation SSL reserves its right to cancel the order in the event of one or more of the following situations:

a. Delay in delivery beyond the specified period.

b. Delay in installation beyond 03 weeks from the date of delivery.

6.7 Penalty for Delay in supply For any delay in installation and commissioning of the equipment’s beyond the specific

period, SSL will charge penalty @ 0.5% of the order per week or part thereof, subject to a

maximum of 6%. In case, the amount equal to 6% of the order value is deductible as penalty

and the vendor is still unable to complete successful Installation, the Institute reserves the

right to cancel the order and no payment will be made to the vendor.

6.8 Penalty for downtime Any equipment that is reported to be down should be either fully repaired or replaced by

temporary substitute (of equivalent configuration) within 3 working days. In case vendor

fails to meet the above standards of maintenance, there will be a penalty chargeable in

rupees per day from 4th day of the problem complained as specified in the table below.



Sr No Item Penalty Chargeable per day (Rs)

1 NG Firewall Appliance 1000

2 Log Analyzer 1000

If the problem is not resolved even after a week from the day complained, then SSL

reserves the right to invoke the bank guarantee or the equivalent amount will be

deducted from the 30% of the total amount withheld by SSL till the completion of

warranty period.

The contractor shall provide onsite service of the equipment (except spares) once in every 3

months during the warranty period.

6.9 Repeated failure

If, during the warranty period, any system as a whole or any subsystem has any failure on

two or more occasions in a period of 3 months, it shall be replaced by equivalent new

equipment or any alternative steps are to be taken which would serve the purpose to the

Institute.

a) Every quarterly engineer has to visit and check the performance or any corrective

maintenance or patch updates required for smoother operation and also as and when

desired by the institute for technical help or installation help.

b) Three years on-site comprehensive warranty should be provided by the vendor for all the

equipment’s quoted.

c) The Vendors should be the original manufacturer of the equipment’s or authorized

supplier/representative in India. An Authorization letter from the manufacturer to this

effect should be compulsorily furnish as without which the bid may be rejected. d) Bidders are required to adhere to tendering norms and no undue explanation, request for

change in due date of bid modification, etc. will be offered by the Institute. Any request of

any kind from the vendor before the bid submission due date must be forwarded to the

undersigned in writing. The Institute reserves the right to accept or reject the vendor

request without offering any explanation or reason for the acceptance or rejection.

However, in case of any change/amendment in the tender content, all vendors participating

in the tendering process would be informed in writing and sufficient time would be

provided to adhere to such change/amendment.



PART 7 PREPARATION OF BIDS

7.1 Language of Bid

7.1.1 The Bid prepared by the Bidder, as well as all correspondence and documents relating to

the Bid exchanged by the Bidder and SSL and supporting documents and printed literature

shall be submitted in English.

7.2 Documents Comprising the Bid

7.2.1 DOCUMENTS COMPRISING THE TECHNICAL PROPOSAL ENVELOPE, should contain

following:

a) BID COVERING LETTER AS PER ANNEXURE – A

b) TECHNICAL SPECIFICATIONS & COMPLIANCE – ANNEXURE – B

c) UNDERTAKING OF AUTHENTICITY – ANNEXURE - C

d) SERVICE LEVEL AGREEMENT (SLA) – ANNEXURE - D

e) EMD SSL GUARANTEE – ANNEXURE - E

f) MANUFACTURERS’ AUTHORIZATION FORM (MAF) – ANNEXURE - F

g) MASKED PRICE BID LISTING ALL THE COMPONENTS AS PER PRICE BREAKUP SCHEDULE

WITHOUT INDICATING ANY PRICES - ANNEXURE – G

h) COMPLIANCE CERTIFICATE FOR ELIGIBILITY CRITERIA- ANNEXURE – H - ALONG WITH

ALL RELATED DOCUMENTS AS PER RFP REQUIRED TO ESTABLISH THE ELIGIBILITY.

i) BIDDER‘S ORGANIZATION PROFILE - ANNEXURE - I

7.2.2 While submitting the Technical Bid, literature on the software / hardware if any, should be

segregated and kept together in one section / lot. The other papers like EMD, Forms as

mentioned above etc. should form the main section and should be submitted in one lot,

separate from the section containing literature. All pages of this RFP document must be

stamped and initialled by the authorized signatory of the bidder confirming acceptance

to all terms and conditions of this RFP and should be submitted as part of the technical

bid.

7.2.3 Any Technical Proposal not containing the above will be rejected.

7.2.4 The Technical Proposal should NOT contain any price information. Such proposal, if

received, will be rejected.

7.2.5 DOCUMENTS COMPRISING THE INDICATIVE PRICE ENVELOPE, should contain a single

sheet as per ANNEXURE – J on the Bidder‘s letter head wherein the “All Inclusive Indicative

Price” except VAT / sales tax / service tax/ LBT / Octroi, which will be reimbursed upon

production of original receipts, at actual, under the signature and seal of the Bidder.

7.3 THE INDICATIVE PRICE MUST INCLUDE ALL THE PRICE COMPONENTS MENTIONED IN

ANNEXURE – G.



ANNEXURE – A BID COVERING LETTER

(To be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)

Date: _________________________

To:

The Head, Information Technology

SBICAP Securities Ltd.



Dear Sir,

Ref: SSL/IT/RFP/2016-17/004 dated: 28.03.2017

1. We have examined the RFP, the receipt of which is hereby duly acknowledged and subsequent

pre-bid clarifications/ modifications / revisions, if any, furnished by SSL and we offer to supply,

Install, test, commission and maintain the equipment/components detailed in Annexure B, as per

the terms and conditions spelt out in the RFP. We shall participate and submit the commercial

bid through online auction to be conducted by SSL‘s authorized service provider, on the date

advised to us.

2. While submitting this bid, we certify that:

The undersigned is authorized to sign on behalf of the BIDDER and the necessary

support document delegating this authority is enclosed to this letter.

Indicative prices submitted by us have been arrived at without agreement with any

other Bidder of this RFP for the purpose of restricting competition.

The indicative prices submitted by us have not been disclosed and will not be disclosed

to any other Bidder responding to this RFP.

We have not induced or attempted to induce any other Bidder to submit or not to

submit a bid for restricting competition.

The rate quoted in the indicative price bids for the Project are as per the RFP and

subsequent pre-bid clarifications/ modifications/ revisions furnished by SSL, without

any exception.

If our proposal is selected, we undertake to complete the formalities for supply of the

equipment/components within a period of 8 weeks from date of Purchase Order.

3. We agree to abide by the Bid and the rates quoted therein for the orders awarded by SSL up to

the period prescribed in the Bid, which shall remain binding upon us.

4. Until a formal contract is prepared and executed, this Bid, together with your written acceptance

thereof and your notification of award, shall constitute a binding Contract between us.

5. We undertake that, in competing for (and, if the award is made to us, in executing) the above

contract, we will strictly observe the laws against fraud and corruption in force in India namely

“Prevention of Corruption Act 1988”.



6. We also certify that the information/ data/ particulars furnished in our bids are factually correct.

We also accept that in the event of any information / data / particulars proving to be incorrect,

SSL will have the right to disqualify us from the bid.

7. We understand that you are not bound to accept the lowest or any Bid you may receive.

Dated this __________day of________________ 2017

____________________________________________________________________________ (Signature) (Name) (In the capacity of)



ANNEXURE – B TECHNICAL SPECIFICATIONS & COMPLIANCE

A NG Firewall requirements Complied (Yes / No)

Remarks Deviations if any

1

The NG Firewall should be Hardware based, should support “Stateful” policy inspection technology. It should also have application intelligence for commonly used TCP/IP protocols like telnet, ftp etc.

2 NG Firewall appliance should have multi-bus/multi-core system architecture.

4 Appliance should support for Active connections in case of HA.

5 Device based licensing and not user/IP based licensing

6 Support for dynamic routing protocols, like RIP v2, OSPF, & BGP.

7 Support the multicast protocols as a multicast host, by participating in IGMP and PIMDM / PIM-SM.

8

NG Firewall should offer Bandwidth Management for every TCP, IPSEC, & VoIP protocols with attributes of Minimum Committed Bandwidth per protocol; Maximum Bandwidth per protocol; Priority for the queues and Throughput should be at least 16 Gbps

9

Proposed NG Firewall OEM should be in the Leaders & Challengers Quadrant of Gartner Magic Quadrant for the last 2 consecutive years for NG Firewall.

10 The NG Firewall should have an Ethernet interface for out-of-band device Management

11 NG Firewall should support VOIP traffic filtering.

12 Should support IPv4 and IPv6

13 ASIC Based architecture

B NGFW - Hardware and Interface requirements

1 NG Firewall appliance should have at least 10 x 10/100/1000 GE interfaces, 8x 10/100/1000 SFP



2 NG Firewall Throughput should be at least 16 Gbps

3 NG Firewall should not introduce more than 3 microsecond latency

4 The NG Firewall solution should support NAT64, DNS64 & DHCPv6

5 The NGFW appliance should have console port and USB Ports

6 Appliance should be rack mountable and support side rails if required

7 Appliance should have redundant power supplies

8 The platform should support open architecture for security controls

9 Appliance should be supplied with 32GB RAM and can be upgradable to 64 GB in future if required

10 The proposed system should balance security decisions across multiple cores at any given time

11 Resource optimization technologies like utilizing multiple CPU Cores at any given time

12 Should offload security inspection to performance optimized software module

13 Platform should support VLAN tagging

14 Should support Internet Service Provider link load balancing.

15 Support for health LEDs, LCD etc. to indicate operational status of the NGFW module

C NGFW - Performance requirements

1 Firewall throughput of the NGFW should be minimum of 32 Gbps.

2 IPS throughput of the NGFW should be minimum of 4 - 8 Gbps

3 NGFW must support more than 6 - 8 million concurrent connections.

4 Support more than 1, 00,000 - 2, 00,000 new sessions per second processing.

5 Should have capability to support for more than 50 VLAN.

6 NGFW appliance should have internal storage of minimum 128GB.

7 Inbuilt support for IPSEC VPNs with DES/3DES and AES support



8 The NGFW should support Active/Active High Availability feature.

9 Proposed NGFW solution must be capable to detect device failure, link and path failure

10 NGFW appliance failover should be complete stateful in nature without any manual intervention.

11

Proposed NGFW shall synchronize the following for HA: a) All sessions b) Decryption Certificates c) All threat and application signatures d) All configuration changes e) Forwarding Information Base (FIB) tables

D NG Firewall - Network Protocols/Standards Support Requirements

1 Should support at least 200 protocols

2 NG Firewall Modules should support the deployment in Routed as well as Transparent Mode.

3 NG Firewall must provide state engine support for all common protocols of the TCP/IP stack.

4 NG Firewall must provide NAT functionality, including dynamic and static NAT translations.

5

All internet based applications should be supported for filtering like Telnet, FTP, SMTP, http, DNS, ICMP, DHCP, ARP, RPC, SNMP, Lotus Notes, Exchange etc.

6 Local access to the NG Firewall modules should support authentication protocols – RADIUS & TACACS+.

7

NG Firewall should support authentication proxy for Remote VPN, HTTP/HTTPS Applications access and various other applications.

8

NG Firewall should support the authentication protocols RADIUS, LDAP, TACACS, PKI methods & single sign on for Windows AD, Novell eDirectory, Citrix and Terminal Server Agent

9 NG Firewall should support PKI Authentication with PCKS#7 & PCKS#10 standards.



10 Should support BGP, OSPF, RIPv1 &2, Multicast Tunnels.

11 Dynamic policy enforcement on VPN clients.

12 Should support telnet client and server functionality

E NG Firewall filtering requirements

1 Should support the filtering of TCP/IP based applications with standard TCP/UDP ports.

2 Should provide state engine support for all common protocols of TCP/IP stack.

3 Filtering capability that includes parameters like source & destination addresses, source & destination port numbers, protocol type.

4 NG Firewall should be able to filter traffic even if the packets are fragmented.

5 Should support the VOIP Applications Security by supporting to filter SIP, H.323, MGCP and Skinny flows.

6

NG Firewall should support authentication protocols like LDAP, RADIUS and have support for firewall passwords, smart cards, & token-based products like SecurID, LDAP-stored passwords, RADIUS or TACACS+ authentication servers and X.509 digital certificates.

7 NG Firewall should support database related filtering and should have support for Oracle, MS-SQL, and Oracle SQL-Net.

8

NG Firewall should provide advanced NAT capabilities, supporting all applications and services-including H.323 and SIP based applications.

9 Should support CLI & GUI based access to the NG Firewall modules.

10 Local access to NG firewall modules should support role based access.

11

QoS Support [Guaranteed bandwidth, Maximum bandwidth, Priority bandwidth utilization, QOS weighted priorities, QOS guarantee, QOS limits and QOS VPN].

12 Should be able to block Instant Messaging like Yahoo, MSN, Skype.



13 Should enable blocking of Peer-Peer applications, like Kazaa, Gnutella, Bit Torrent, IRC (over HTTP)

14 Should support IPv4 and IPv6 Rate based DOS protection

15 In-built token server that manages both physical and mobile tokens for use with IPsec (Client to site) & SSL VPN users.

16 Anti-bot capability using IP reputation DB, terminates botnet communication to C&C servers.

F Intrusion prevention system requirements

1 Intrusion prevention sensors delivering a minimum of 4-8 Gbps of context-aware , real-world traffic inspection

2

IPS device should perform stateful pattern recognition to identify vulnerability-based attacks through the use of multi-packet inspection across all protocols.

3 The proposed IPS must perform protocol decoding and validation for network traffic including: IP, TCP, UDP, and ICMP.

4

IPS should provide anomaly identification for attacks that may cover multiple sessions and connections, using techniques based on identifying changes in normal network traffic patterns.

5 Should support creation of baseline of normal network traffic and then uses baseline to detect worm-infected hosts

6 Proposed IPS should identify attacks based on observed deviations in the normal RFC behaviour of a protocol or service.

7 Must be able to identify Layer 2 Address Resolution Protocol (ARP) attacks and man-in-the-middle attacks.

8 The sensors should be able to detect attacks running inside of these tunnelling protocols such as GRE, IP-in-IP, MPLS, and IPv4/IPv6.

9 Should be resistant to IPS evasion and protection from anti-NIPS (Network Intrusion Prevention System) techniques.



10

Should support Vulnerability and Exploit signatures, Protocol validation, Anomaly detection, Behavior-based detection, Multi-element global correlation and reputation based filtering

11 IPS profile should have an option to select or re-select specific signatures that can be deactivated

12 Intrusion Prevention should have the option to add exceptions for network and services.

13

IPS should provide rate shaping to prioritize known, normal traffic flows and unknown traffic flows and proposed system should have integrated Traffic Shaping functionality.

14 IPS policy to block the traffic by country should have an option to configure in incoming direction, outgoing direction or both.

15 IPS events/protection exclusion rules should be created and the packet data should be viewed directly from log entries.

16 Application Intelligence should have controls for Instant Messenger, Peer-to-Peer, Malware Traffic etc.

17 Instant Messenger should have options to Block File Transfer, Block Audio, Block Video, Application Sharing and Remote Assistance

18 IPS should have an option to create your own signatures with an open signature language.

19

IPS should provide detailed information on each protection, including: Vulnerability and threat descriptions, Threat severity, Performance impact, Release date, Industry Reference, Confidence level etc.

20

Signatures should have severity level defined to it so that the administrator can understand and decide which signatures to enable for what traffic (e.g. for severity level: high medium low)

G Administration, Management and Logging



1 NGFW Real-Time Monitoring, Management & Log Collection (with storage) should not be distributed to more than ONE server/appliance

2 Any changes or commands issued by an authenticated user should be logged to a database.

3 NGFW administration station must provide a means for exporting the firewall and IPS rules set and configuration.

4 Support for role based administration of firewall and IPS

5 NGFW administration software must provide a means of viewing, filtering and managing the log data.

6 NG firewall logs must contain information about the firewall policy rule that triggered the log.

7 NGFW must provide a minimum basic statistics about the health of the device and the amount of traffic traversing the NGFW device.

8 NGFW should have the functionality of Workflow and Audit for the Rule Change Management Process.

9

Should provide real time health status of all the firewall modules on the dashboard for CPU & memory utilization, state table, total number of concurrent connections and the connections/second counter.

10

NGFW must send mail or SNMP traps to Network Management Servers (NMS) in response to system failures or threshold violations of the health attributes.

H IPSec / SSL VPN Requirements



1

The VPN should be integrated with firewall and should be ICSA Labs certified for both IPSec and SSL-TLS. Should support the following protocols: DES & 3DES MD5, SHA-1 & the more secure SHA-256 authentication Diffie-Hellman Group 1, Group 2, Group 5 & the more secure Group 14 Internet Key Exchange (IKE) v1 as well as IKE v2 algorithm The new encryption standard AES 128, 192 & 256 (Advanced Encryption Standard)

2 IPSec VPN should support XAuth over RADIUS and RSA SecurID or similar product.

3

The system should support 2 forms of site-to-site VPN configurations: a) Route based IPsec tunnel b) Policy based IPsec tunnel

4 Should have integrated SSL VPN with no user license restriction. Please specify if the product does not follow the required licensing policy

5 Solution must support at least 5000 concurrent SSL VPN users without any additional license purchase

6 Should support one time login per user options: prevents concurrent logins using same username

7 Should support SSL-VPN Two-factor Authentication

8 Should support single sign-on for FTP and SMB

9 Should support Windows, and MAC OS for SSL-VPN (Should have always-on clients for these OS apart from browser based access)

10 Should support Host integrity checking and OS check (for windows terminals only) prior to SSL tunnel mode connections

11 Should support MAC host check per portal

12 Should have Cache cleaning option just before the SSL VPN session ends



13 Should also support Virtual desktop option to isolates the SSL VPN session from the client computer’s desktop environment

14

The proposed solution should support Virtualization (Virtual Firewall, Security zones and VLAN) with minimum 10 Virtual Firewall license.

15 Should able to view and manage current IPSEC and SSL VPN connections in details

16 Device should support client for both IPSec and SSL-VPN

17 Should support NAT within IPSec/SSL VPN tunnels

18 Should also support PPTP and L2TP over IPSec VPN protocols.

I Web Content Filtering

1 Should not be a home grown engine and web content filter should be from a well known manufacturer

2 The appliance should facilitate embedded web content filtering feature

3 Web content filtering solution should work independently without the need to integrate with proxy server.

4 Should have facility to block URL' based on categories.

5 URL database should have at least 200 million + sites and 100 categories.

6 Should be able to block different categories/sites based on users.

7 Should have configurable parameters to block/allow unrated sites

8 Should have configurable options to allow/deny access to web sites in case if the URL rating service is unavailable

9 Should have options to customize the block message information send to end users

10

Should have facility to schedule the configurations so that non work related sites are blocked during office hrs and allow access to all sites except non harmful sites during non office hrs.



11 The solution should have options to block java applets, ActiveX as well as cookies

12 The solution should be able to block URLs hosting spywares / adware’s etc.

13 Should have configurable policy options to define the URL exempt list

14

The proposed solution should be able to enable or disable Web Filtering per policy or based on authenticated user groups for both HTTP and HTTPS traffic.

J Anti-virus & Anti-bot

1

Should be able to block, allow or monitor only using AV signatures and file blocking based on per firewall policy based or based on firewall authenticated user groups with configurable selection of the following services: a) HTTP, HTTPS b) SMTP, SMTPS c) POP3, POP3S d) IMAP, IMAPS e) FTP, FTPS

2 Solution should offer both anti-virus scanning options - proxy mode and flow (streaming) mode.

3

Should be able to block or allow oversize file based on configurable thresholds for each protocol types and per firewall policy.

4

NG firewall must include Anti-bot capability using IP reputation DB, terminates botnet communication to C&C servers also. Vendor needs to add additional license if it is required.

5

NG firewall should have 35000+ botnet definitions in its database and should be updated on regular basis to protect from new definitions

6 Antivirus module should be ICSA certified

7 Antivirus solution vendor must have received "Recommended" rating of NSS lab's Adanvce Endpoint Protection report.

K Data Leakage Prevention



1 NG Firewall should have in-built DLP functionality without requiring any additional hardware or software license

2

System should allow administrator to prevent sensitive data from leaving the network. Administrator should be able to define sensitive data patterns, and data matching these patterns that should be blocked and/or logged when passing through the unit.

3 Proxy solution must detect, protect and log sensitive data travelling through HTTP and HTTPS channles

4 DLP feature must offer watermarking functionality which allows organizers to apply document marking for DLP.

5 DLP actions should be : Log only, block, quarantine user/IP/Interface

6

It should have DLP fingerprinting feature which generates a checksum fingerprint from intercepted files and compare it to those in the fingerprint database.

L Other Requirements

1 Provision to create secure zones / DMZ (ie Multi-Zone support)

2

Should support Gateway Data Loss Prevention (DLP) feature for popular protocols like HTTP, HTTPS, FTP, POP3, IMAP, SMTP, POP3S, IMAPS, SMTPS

3 The DLP feature should support popular file types like MS-Word, PDF etc. Should also support DLP fingerprinting

4

Should support DLP watermarking: allows filter

files that pass through the unit and contain a corporate identifier (a text string) and a sensitivity level (Critical, Private, and Warning) hidden in a watermark.

5

Should Support Packet Capture/sniffer to capture and examine the contents of individual data packets that traverse the NG firewall appliance for troubleshooting, diagnostics and general network activity



6

The device should belong to a family of products that attains NSS Approved Certification, IPv6 Ready Phase 2 and USGv6

IPv6 Certified

7 Should able to support Geo-IP block. It should able to block country wise traffic.

8 ICSA labs certification for Firewall, SSL, IPSEC VPN, AV, IPS

M Warranty

1

3 years 24x7 comprehensive onsite support from OEM with maximum 4 hour response time / 6 hour Call-to-Resolution Services & Support ever be a hardware failure replacement

N Training

1 Technical Training for two persons

___________________________________________________________________________________ (Signature) (Name) (In the capacity of)



ANNEXURE – C UNDERTAKING OF AUTHENTICITY


Date: _________________________

To:





Dear Sir,


Sub: Undertaking of Authenticity for Hardware & Software Supplies

With reference to the equipment being quoted to you vide your RFP, we hereby confirm

that all the components /parts /assembly / software etc. used in the equipment to be

supplied shall be original new components / parts / assembly / software only, from

respective OEMs of the products and that no refurbished / duplicate / second hand

components /parts/ assembly / software shall be supplied or shall be used. We also

undertake to produce certificate from the Original Equipment Manufacturers (if

required by you) in support of the above statement at the time of delivery / installation.

We also confirm that in respect of licensed systems and other software utilities to be

supplied, the same will be procured from authorized sources and supplied with

Authorized License Certificate (e.g. Product keys from the respective OEM)

In case of default and SSL finds that the above conditions are not complied with, we

agree to take back the equipment/components supplied and return the money paid by

you, in full within seven days of intimation of the same by SSL, without demur or any

reference to a third party and without prejudice to any remedies SSL may deem fit.

In case of default and we are unable to comply with above at the time of delivery or

during installation, for the IT Hardware / Software already billed, we agree to take back

the equipment without demur, if already supplied and return the money if any paid to

us by you in this regard.

We also take full responsibility of both parts & Service SLA as per the content even if

there is any defect by our authorized Service Centre / Reseller / SI etc.

Dated this __________day of________________ 2017

______________________________________________________________________

(Signature) (Name) (In the capacity of)



ANNEXURE-D SLA Terms & Conditions for Hardware, Software & Maintenance Services

The Vendor warrants that the products supplied under the Contract are new, unused, of the most

recent or current model and they incorporate all recent improvements in design and / or features.

The Vendor further warrants that all the Products supplied under this Contract shall have no

defect, arising from design or from any act of omission of the Vendor that may develop under

normal use of the supplied products in the conditions prevailing in India.

Warranty for Hardware Components: Onsite comprehensive warranty for all the hardware

components including free replacement of spares, parts, kits as and when necessary will be 36

months from date of installation.

Warranty for the System Software/off-the-shelf Software will be provided to the SSL as per the

general conditions of sale of such software.

The Vendor shall in addition comply with the performance guarantees specified under the

Contract. If, for reasons attributable to th e Vendor, these guarantees are not attained in

whole or in part the Vendor shall make such changes, modifications and / or additions to the

Products or any part thereof as may be necessary in order to attain the contractual guarantees

specified in the Contract at its own cost and expense and to carry out further performance tests.

On-site comprehensive warranty: The warranty would be on-site and comprehensive in nature

and back to back support from the OEM. The vendor will warrant all the hardware and software

against defects arising out of faulty design, materials and media workmanship etc. for a period of

one or three years from the date of acceptance of the hardware and software. The vendor will

provide support for Operating Systems and other preinstalled software components during the

warranty period of the hardware on which these software & operating system will be installed.

The Vendor shall repair or replace worn out or defective parts including all plastic parts of the

equipment at his own cost including the cost of transport.

During the term of the contract, the VENDOR will maintain the equipment in perfect working order

and condition and for this purpose will provide the following repairs and maintenance services:

a) Free maintenance services during the period of warranty. Professionally qualified

personnel who have expertise in the hardware and system software supplied by the

vendor will provide these services.

b) The Bidder shall rectify any defects, faults and failures in the equipment and shall

repair/replace worn out or defective parts of the equipment on 24X7X365 basis. The

Vendor shall provide 3 years comprehensive onsite warranty with 24 X 7 X 365 support.

In case any defects, faults RFP for procurement of LB & SOA Gateway Solution and

failures in the equipment could not be repaired or rectified during the said period, the

engineers of the VENDOR are required to accomplish their duties beyond the said

schedules in case of any situation if it warrants. In cases where unserviceable parts of the

equipment need replacement, the VENDOR shall replace such parts, at no extra cost to

the SSL with brand new parts or those equivalent to new parts in performance. For this

purpose the VENDOR shall keep sufficient stock of spares at SSL‟s premises and at the

premises of The VENDOR.

c) The maximum response time for a maintenance complaint from the site of installation

(i.e. time required for Vendor’s maintenance engineers to report to the installations



after a request call / fax /e-mail is made or letter is written) shall not exceed 4 (four)

hours.

d) The VENDOR shall ensure that faults and failures intimated by SSL as above are set right

within 6 (six) hours of being informed of the same. In any case the equipment should be

made workable and available not later than the Next Business Day.

e) The VENDOR shall ensure that the full configuration of the equipment is available to the

SSL in proper working condition viz. uptime of 99.9% of the time on a 24x7x365 basis.

f) In the event of the equipment not being repaired or a workable solution not provided

during Warranty period, a penalty of one (1) percent of the total consideration for delay

of each week or part thereof subject to maximum amount of ten (10) percent of the

total consideration will be charged to vendor. The vendor may provide temporary

equivalent replacement as a workable solution to avoid the above penalty.

g) Any penalty due during the Warranty period will be adjusted against the 10% retention

money retained by the SSL. For purpose of calculating penalty, uptime is calculated as

under :

Uptime (%) = Sum of total hours during month - Sum of downtime hours during month X 100

Sum of total hours during the month

Total hours during the month = No. of days in the month X 24

h) In case of any breakdown / malfunctioning of hardware, hardware components,

accessories, system software etc., the relevant defect should be attended to within 2

hours onsite of the receipt/ notice of the complaint and resolved within 4 hours i.e. the

total resolution time inclusive of response time will be 6 hours. Failing to do so, penalty

will be levied in case of every event of breakdown / defect/ malfunctioning of hardware,

hardware component, accessories, system software, due to patch download / upload or

for any reason, beyond the range of 6 hours as follows:

Sr No Period of delay Penalty amount

1 >Six hours up to eight hours Rs.10000 per hour or part thereof

2 > Eight hours up to twelve hours Rs.20000 per hour or part thereof

3 > Twelve hours up to twenty four Hours Rs. 50000 per hour or part thereof

4 > Twenty four hours Rs. 100000 per hour or part thereof

i) The maximum penalty on account of this will be 10% of the total value of the contract.

j) The VENDOR shall ensure that the meantime between failures (including any

malfunctioning, breakdown or fault) in the equipment or any part thereof, as calculated

during any and every quarter (period of three consecutive months) is not less than 90

days.

k) Preventive maintenance: the VENDOR shall conduct Preventive Maintenance (including but not limited to inspection, testing, satisfactory execution of all diagnostics, cleaning and removal of dust and dirt from the interior and exterior of the equipment, and necessary repair of the equipment) once within first 15 days of the installation once within the first 15 days of every alternate month during the currency of this agreement on a day and time to



be mutually agreed upon. Notwithstanding the foregoing the VENDOR recognizes SSL’s operational needs and agrees that SSL shall have the right to require the VENDOR to adjourn preventive maintenance from any scheduled time to a date and time not later than 15 working days thereafter.

l) All engineering changes generally adopted hereafter by the VENDOR for equipment

similar to that covered by this AGREEMENT, shall be made to the equipment at no cost

to the SSL.

m) Qualified maintenance engineers totally familiar with the equipment shall perform all

repairs and maintenance service described herein.

n) The SSL shall maintain a register at its site in which, the SSL’s operator / supervisor shall

record each event of failure and / of malfunction of the equipment. The VENDOR’s

engineer shall enter the details of the action taken in such register. Additionally every

time a preventive or corrective maintenance is carried out, the VENDOR’S engineer shall

make, effect in duplicate, a field call report which shall be signed by him and thereafter

countersigned by the SSL’s official. The original of the field call report shall be handed

over to the SSL’s official.

o) The VENDOR shall provide replacement equipment if any equipment is out of the premises for repairs.

Any worn or defective parts withdrawn from the equipment and replaced by the VENDOR shall

become the property of the VENDOR and the parts replacing the withdrawn parts shall become

the property of SSL

The VENDOR’s maintenance personnel shall, be given access to the equipment when necessary,

for purpose of performing the repair and maintenance services indicated in this agreement

However if SSL desires to shift the equipment to a new site and install it thereof urgently, the

VENDOR shall be informed of the same immediately. The ssl shall bear the charges for such

shifting and the VENDOR shall provide necessary arrangement to ssl in doing so. The terms of this

agreement, after such shifting to the alternate site and reinstallation thereof would continue to

apply and binding on the VENDOR.

SSL shall arrange to maintain appropriate environmental conditions, such as those relating to

space, temperature, power supply, dust within the acceptable limits required for equipment

similar to that covered by this Agreement.

NO term or provision hereof shall be deemed waived and no breach excused, unless such waiver

or consent shall be in writing and signed by the party claimed to have waived or consented. Any

consent by any party to or waiver of a breach by other, whether express or implied, shall not

constitute a consent to or waiver of or excuse for another different or subsequent breach

. If, in any month, the VENDOR does not fulfill the provisions of clauses (b), (c),(d), (e) and (h) only the proportionate maintenance charges for that period during the month will be considered payable by ssl without prejudice to the right of the ssl to terminate the contract. In such event the VENDOR was credited without deducting the proportionate maintenance charges for that month, the ssl can deduct the same from future payments payable or the VENDOR shall refund the amount forthwith to ssl on demand by Bank.

On account of any negligence, commission or omission by the engineers of the VENDOR and if any loss or damage caused to the Equipment, the VENDOR shall indemnify/pay/reimburse the loss suffered by the SSL.



The SSL would have the right to:

a) Shift supplied systems to an alternative site of its choice. b) Disconnect / connect / substitute peripherals such as printers, etc. or devices or any equipment

/ software acquired from another vendor. c) Expand the capacity / enhance the features / upgrade the hardware / software supplied, either

from the vendor, or another vendor, or developed in-house. provided such changes or attachments do not prevent proper maintenance, from being performed or unreasonably increase the VENDOR cost of performing repair and maintenance service.

The warranty terms would not be considered as violated if any of (a), (b) or (c) above takes place. Should there be a fault in the operations of the system, the vendor, would not unreasonably assume that the causes lie with those components / software not acquired from them.

CONFIDENTIALITY:

a) The VENDOR acknowledges that all material and information which has and will come into its possession or knowledge in connection with this agreement or the performance thereof, whether consisting of confidential and proprietary data or not, whose disclosure to or use by third parties may be damaging or cause loss to SSL will all times be held by it in strictest confidence and it shall not make use thereof other than for the performance of this agreement and to release it only to employees requiring such information, and not to release or disclose it to any other party. The VENDOR agrees to take appropriate action with respect to its employees to ensure that the obligations of non-use and non-disclosure of confidential information under this agreement are fully satisfied. In the event of any loss to the SSL in divulging the information by the employees of the VENDOR, the SSL shall be indemnified. The VENDOR agrees to maintain the confidentiality of the SSL’s information after the termination of the agreement also.

b) The VENDOR/SSL will treat as confidential all data and information about the VENDOR/SSL/Contract, obtained in the execution of this tender including any business, technical or financial information, in strict confidence and will not reveal such information to any other party.



Transition Clause In the event of failure of the Service Provider to render the Services or in the event of termination of agreement or expiry of term or otherwise, without prejudice to any other right, the SSL at its sole discretion may make alternate arrangement for getting the Services contracted with another vendor. In such case, the SSL shall give prior notice to the existing Service Provider. The existing Service Provider shall continue to provide services as per the terms of contract until a ‘New Service Provider’ completely takes over the work. During the transition phase, the existing Service Provider shall render all reasonable assistance to the new Service Provider within such period prescribed by the SSL, at no extra cost to the SSL, for ensuring smooth switch over and continuity of services. If existing vendor is in breach of this obligation, they shall be liable for paying a penalty of Rs.___________on demand to the SSL, which may be settled from the payment of invoices for the contracted period.

___________________________________________________________________________________ (Signature) (Name) (In the capacity of)



ANNEXURE – E EMD BANK GUARANTEE FOR SUPPLY, DELIVERY OF EQUIPMENTS/COMPONENTS AS ARE

SET OUT IN THE SBI RFP NO. SSL/IT/RFP/2016-17/004 DATED: 28.03.2017 (to be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)

WHEREAS Sbicap Securities Ltd. (SSL), having its Corporate Office at Lower Parel, Mumbai, and Regional

offices at other State capital cities in India has invited Request for Proposal for supply, delivery of

equipment/components to Sbicap Securities Ltd. and such services as are set out in the Sbicap Securities

Ltd., Request for Proposal SSL/IT/RFP/2016-17/004 dated: 28.03.2017.

2. It is one of the terms of said Request for Proposal that the Bidder shall furnish a Bank Guarantee for a

sum of Rs.__________/- (Rupees _____________________ Only) as Earnest Money Deposit.

3. M/s. ________________________, (hereinafter called as Vendor, who are our constituents intends to

submit their tender for the said work and have requested us to furnish guarantee in respect of the said

sum of Rs.__________/- (Rupees _____________________ Only)

4. NOW THIS GUARANTEE WITNESSETH THAT We _____________________________ (Bank) do hereby

agree with and undertake to the Sbicap Securities Ltd., their Successors, assigns that in the event of the

SBI coming to the conclusion that the Bidder has not performed their obligations under the said conditions

of the RFP or have committed a breach thereof, which conclusion shall be binding on us as well as the

said Vendor, we shall on demand by the SBI, pay without demur to the SBI, a sum of Rs.__________/-

(Rupees _____________________ Only) or any lower amount that may be demanded by Sbicap

Securities Ltd.. Our guarantee shall be treated as equivalent to the Earnest Money Deposit for the due

performance of the obligations of the Vendor under the said conditions, provided,

however, that our liability against such sum shall not exceed the sum of Rs.__________/- (Rupees

_____________________ Only).

We also agree to undertake to and confirm that the sum not exceeding Rs.__________/- (Rupees

_____________________ Only) as aforesaid shall be paid by us without any demur or protest, merely on

demand from the SBI on receipt of a notice in writing stating the amount is due to them and we shall not

ask for any further proof or evidence and the notice from the SBI shall be conclusive and binding on us

and shall not be questioned by us in any respect or manner whatsoever. We undertake to pay the amount

claimed by the SBI within a period of one week from the date of receipt of the notice as aforesaid. We

confirm that our obligation to the SBI under this guarantee shall be independent of the agreement or

agreements or other understandings between the SBI and the Vendor. This guarantee shall not be

revoked by us without prior consent in writing of the SBI.

We hereby further agree that

a) Any forbearance or commission on the part of the SBI in enforcing the conditions of the said

agreement or in compliance with any of the terms and conditions stipulated in the said tender

and/or hereunder or granting of any time or showing of any indulgence by the SBI to the

Vendor or any other matter in connection therewith shall not discharge us in any way our

obligation under this guarantee. This guarantee shall be discharged only by the performance

of the Vendor of their obligations and in the event of their failure to do so, by payment to us

of the sum not exceeding Rs.__________/- (Rupees _____________________ Only)



b) Our liability under these presents shall not exceed the sum of Rs.__________/- (Rupees

_____________________ Only)

c) Our liability under this agreement shall not be affected by any infirmity or irregularity on the

part of our said constituents in tendering for the said work or their obligations there under or

by dissolution or change in the constitution of our said constituents.

d) This guarantee shall remain in force up to 180 days provided that if so desired by the SBI, this

guarantee shall be renewed for a further period as may be indicated by them on the same

terms and conditions as contained herein.

e) Our liability under this presents will terminate unless these presents are renewed as provided

herein up to 180 days or on the day when our said constituents comply with their obligations,

as to which a certificate in writing by the SBI alone is the conclusive proof, whichever date is

later.

f) Unless a claim or suit or action is filed against us within six months from that date or any

extended period, all the rights of the SBI against us under this guarantee shall be forfeited and

we shall be released and discharged from all our obligations and liabilities hereunder.

Yours faithfully,

___________________________

Authorized official.

(NB: This guarantee will require stamp duty as applicable in the State where it is executed and

shall be signed by the official(s) whose signature and authority shall be verified)



ANNEXURE – F MANUFACTURERS AUTHORISATION FORM

No.

Date:

To,

The Head, Information Technology SBICAP Securities Ltd. Marathon Futurex, 12th Floor, A –Wing, N M Joshi Marg, Lower Parel, Mumbai 400013

Dear Sir,

Sub: RFP No. SSL/IT/RFP/2016-17/004 dated: 28.03.2017

We………………..who are established and reputable manufacturers of ……………………...

Having factories at ……………and……………do hereby authorize M/s…………………

(Name and address of vendors) to submit a bid and sign the contract with you for the goods

manufactured by us against the above RFP No………….dated…………..

We hereby extend our full guarantee and warranty as per the clauses of contract based on the

terms and conditions of the RFP for the goods and services offered for supply by the above firm

against this RFP.

Yours faithfully,

( )

Name of the Manufacturer

Note: This letter of authority should be on the letterhead of the manufacturer and should

be signed by a person competent and having the power of attorney to bind the

manufacturer. It should be included by the bidder in its



ANNEXURE – G PRICE BREAKUP SCHEDULE

(to be printed on Bidder’s Letter Head)

To:





Dear Sir,


Sub: Price Breakup Schedule

Total Project Cost along with Equipment with 3 year warranty and 4th and 5th year AMC amount.

Details to be given AS PER THE Technical and functional requirement mentioned in

the RFP. Bidder need to specify the unit cost for each and every item.

Buyback offer for the existing Fort iGATE 310B (2 nos.) and Fort iGATE Analyzer (1

nos.)

Total Capex = Project Cost – Buyback Offer

Note: Pricing should be “All Inclusive” except VAT / sales tax / service tax/ LBT / Octroi, which will be

reimbursed upon production of original receipts, at actual, under the signature and seal of the Bidder.

Dated this __________day of________________ 2017

____________________________________________________________________________ (Signature) (Name) (In the capacity of) Note:

1. The ‘Price Breakup’ with Bill of Material need to be submitted without any pricing as part of the

Technical Bid proposal.

2. The ‘Price Breakup’ with Bill of Material need to be submitted with Indicative pricing as part of the

Indicative Price Bid proposal.

3. Same need to be submitted by the selected bidder with the final price breakup after the reverse

auction.



ANNEXURE – H COMPLIANCE CERTIFICATE FOR ELIGIBILITY CRITERIA


Sr. No.

Eligibility Criteria Compliance (Yes/No)

Documents to be submitted

1

The bidder must be an Indian firm/ company / organization registered under Companies Act.

Copy of the Certificate of Incorporation Companies and full address of the registered office

2

This tender is restricted to authorised partners / System Integrators of partners of OEMs.

A certificate from OEM needs to be submitted

3

The proposed product should be in the latest published Gartner’s Leaders Magic Quadrant for "NGFWs".

Copy of Gartner’s magic quadrant -2016

4

OEM should have: a) Registered office address and official URL

a) Office(s) in India b) b) Declaration by the OEM on letter head.

b) Having engaged minimum 20 specialized staff in India

5

The bidder must have a turnover of minimum Rs. 10 Crore during last three financial years.

Copy of the audited Balance Sheet and / or Certificate of the Charted Accountant for preceding three years

6 The bidder should be profitable organization for last 3 financial years

Copy of the audited balance sheet and / or Certificate of the Charted Accountant

7

Bidder should have experience of minimum 2 years in supply, configuration and maintenance of the proposed product.

Copy of the purchase order and / or Certificate of completion of the work by the customer

8 Client references and contact details(email/landline/mobile) of customers for whom the

1

2

3



Bidder has executed similar projects( Start and End Date of the Project to be mentioned) in the past

9 Certification Requirements (as per scope of the project )

Copy of the Valid Certificate(s) to be provided

10 Project Management Methodologies

Profile of project Team / previous Assignments of similar nature / Details project plan to be submitted

11 Deployment Methodologies

Documents on deployment framework, tools, templates & utilities to be provided

12

Bidder should not supply hardware and software having End of support before December 2025

Write-up on product’s lifecycle

13 support infrastructure Document on support infrastructure to be provided

We confirm that we comply with the eligibility criteria mentioned above & the terms & conditions mentioned in the RFP Document are acceptable to us. Dated this __________day of________________ 2017

___________________________________________________________________________ (Signature) (Name) (In the capacity of)



ANNEXURE – I BIDDER’S ORGANIZATION PROFILE

(to be printed on Bidder’s Letter Head and included with the Technical Bid Envelope)

Date: _________________________

To:





Dear Sir,


Details of the Bidder:

1) Name

2) Date of Incorporation and / or commencement of business

3) Certificate of incorporation/Partnership deed

4) Brief description of the Bidder including details of its main line of business

5) Company /firms website URL

6) Particulars of the Authorized Signatory of the Bidder

a. Name

b. Designation

c. Address

d. Phone Number (Landline)

e. Mobile Number

f. Fax Number g. Email Address

Dated this __________day of________________ 2017 ___________________________________________________________________________ (Signature) (Name) (In the capacity of)