Date post: | 03-Apr-2018 |
Category: |
Documents |
Upload: | nguyenkhanh |
View: | 214 times |
Download: | 1 times |
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 1 of 41
UNITED INDIA INSURANCECOMPANY LTD
Department of Information Technology
HEAD OFFICE: 24 WHITES ROAD, CHENNAI 600 014.
REQUEST FOR PROPOSAL (RFP) FOR THE PROCUREMENT,
INSTALLATION AND MAINTENANCE OF DESKTOP MANAGEMENT
SOLUTION
Release Date of RFP 24.12.2013
Tender form fees (Non refundable)
Rs. 10,000/-
Earnest Money Deposit
Rs. 40,00,000/-
Pre-bid meeting Date 06.01.2014
Last date for submission 20.01.2014
Address for Communication and Submission of Bids:
Deputy General Manager
IT Dept, First Floor,
United India Insurance Co. Ltd., Head Office,
24 Whites Road, Chennai 600 014.
email: [email protected]
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 2 of 41
INDEX S# TOPIC PAGE NO
SECTION I - INSTRUCTIONS/GUIDELINES TO BIDDERS 1 The Tender Offer 2 Earnest Money Deposit (E.M.D) 3 Forfeiture Of E.M.D 4 Refund Of E.M.D 5 The Company Reserves The Right To (Conditions) 6 Rejection Of Tenders 7 Validity Of Tenders 8 Price 9 Format And Signing Of Bid 10 Performance Guarantee 11 Project Schedule 12 Introduction 13 Scope Of Work 14 Trouble Ticketing System 15 Facility Management Services 16 Warranty 17 Service Level Agreement 18 Penalty Table 19 Payment Terms 20 Documentation 21 General Terms 22 Royalties And Patents 23 Deviation From Specification
SECTION II 1 Technical Bid 2 Commercial Bid
SECTION III - GENERAL TERMS & CONDITIONS
1 Procedure For Processing The Tender Document 2 Agreement
ANNEXURES 1 Eligibility Criteria For Bidders 2 Technical Specifications 3 Unprized Bill Of Quantity 4 Commercial Bid Performa 5 Current Infrastructure 6 Wan Diagram 7 List Of Distribution Point (DP) Locations 8 Classification Of Cities 9 Queries Format 10 Deviation Format 11 Maf Format 12 Agreement Draft 13 Non Disclosure Agreement Draft
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 3 of 41
SECTION I
INSTRUCTIONS/GUIDELINES TO BIDDERS
The UNITED INDIA INSURANCECo. Ltd. invites bids for the procurement, installation and maintenance of
Centralized Desktop Management Solution comprising of 3 main components namely directory services, client
management solution and antivirus solution to effectively manage its Desktops and Laptops spread across its Offices
across the country.
Complete set of bidding documents is to be purchased by any interested eligible bidders on payment of non-refundable
fee of Rs 10,000/-(Rs. Ten Thousand Only), in the form of NEFTto our company account as mentioned below:
Beneficiary Name
United India Insurance Company Ltd.
IFSC Code BOFAOCN6215 (Please distinguish alphabet O with 0 (Zero).
Account No
UIIC000100 <Remittance details / Depositors name>Ex.
UIIC0001000EMAILEMDxxxxxxx (From EMAIL max of 29 characters allowed, xxxxxx
shall be replaced with your Company name)
Bank Details Bank of America, 748, Anna Salai, Chennai 600 002.
However, in case the bidders downloading the document from the UIIC website, the bidder should submit the document
along with the NEFT Details.
Technical pre-bid meeting will be held on dd/mm/2013 for discussing the technical specifications. Any
clarification/modification discussed during the technical pre-bid meeting would be circulated by the company to all the
through e-mail only, to the contact person whose details are provided in the eligibility criteria document. The Tender offer should be submitted in one sealed envelope mentioning ‗OFFER FOR THE PROCUREMENT,
INSTALLATION AND MAINTENANCE OF CENTRALIZED DESKTOP MANAGEMENT SOLUTION which
should in turn contain two sealed covers super scribed as Cover ‘A’ and Cover ‘B’. Cover ‘A’ should contain NEFT
Detailsregarding the transfer ofRs.40, 00,000/- (Rupees Forty Lakh Only)along with the Technical bid and Cover ‘B’
should contain the Commercial bid.
1. THE TENDER OFFER
a. The Tender Offer as indicated above addressed to Deputy General Manager, Information Technology
department and shall be submitted at the Information Technology Department, First Floor, and
UNITED INDIA INSURANCE Head office, 24 Whites Road, Chennai-600 014 on or before
20/01/2013. If the last date for submission of tenders happens to be a holiday due to some unforeseen
circumstances, then the tender can be submitted by 11 a.m. on the next working day.
b. Cover ‗A‘ containing the technical bids will be opened in the presence of those bidders who wish to
remain present at the above address.
c. Cover `B‘ commercial bids would be opened by the Committee constituted by the Company in the
presence of bidders who are present at the address given above. The time and date would be intimated to
the bidders. In case, the date happens to be a holiday, then the tenders would be opened on a subsequent
date, which will be intimated.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 4 of 41
2. EARNEST MONEY DEPOSIT (E.M.D)
The intending bidders should pay an Earnest Money Deposit of Rs. 40,00,000/- (Rupees Forty Lakhs
Only).
The E.M.D shall be electronically credited to our Bank Account as given below:
Beneficiary Name
United India Insurance Company Ltd.
IFSC Code BOFAOCN6215 (Please distinguish alphabet O with 0 (Zero).
Account No
UIIC000100 <Remittance details / Depositors name>Ex.
UIIC0001000EMAILEMDxxxxxxx (From EMAIL max of 29 characters allowed,
xxxxxx shall be replaced with your Company name)
Bank Details Bank of America, 748, Anna Salai, Chennai 600 002.
The EMD will not carry any interest.
The electronic credit should be affected positively on the day prior to the tender submission date and
proof of remittance of EMD amount should be submitted along the tender document as per instructions
given in ―Instructions to Bidders‖ above.
3. FORFEITUREOF E.M.D
The EMD made by the bidder will be forfeited if:
i. the bidder withdraws the tender after acceptance.
ii. the bidder withdraws the tender before the expiry of the validity period of the tender.
iii. the bidder violates any of the provisions of the terms and conditions of this tender specification.
iv. the selected L1 vendor does not submit the BG and agreement within 21 days from the date of letter of
acceptance.
4. REFUNDOF E.M.D
a) EMD will be refunded to the successful bidder, only after signing of the contract and payment of Security
Deposit, completion of formality etc. in all respects to the satisfaction of the Purchaser.
b) In case of unsuccessful bidders, the EMD will be refunded to them after intimation is sent to them about
rejection of their tenders.
5. THECOMPANY RESERVES THE RIGHT TO: a) Accept / Reject any of the Tenders.
b) Revise the quantities at the time of placing the order.
c) Add, Modify, Relax or waive any of the conditions stipulated in the tender specification wherever deemed
necessary.
d) Reject any or all the tenders without assigning any reason thereof.
e) Award contracts to one or more bidders for the item/s covered by this tender.
6. REJECTIONOF TENDERS: The tender is liable to be rejected interalia:
a) If it is not in conformity with the instructions mentioned herein,
b) If it is not accompanied by the requisite EMD,
c) If it is not properly signed by the bidder,
d) If it is received after the expiry of the due date and time,
e) If it is evasive or in complete including non-furnishing the required documents.
f) If it is quoted for period less than the validity of tender.
g) If it is received from any blacklisted bidder or whose past experience is not satisfactory.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 5 of 41
7. VALIDITY OF TENDERS
Tenders should be valid for acceptance for a period of at least 180 (One Hundred and Eighty) days from the
last date of tender submission. Offers with lesser validity period would be rejected.
8. PRICE a) The bidders should quote only the base price. All applicable taxes/Octroi will be paid as actuals. b) The price shall be all inclusive of labour cost, ex-factory price per unit, packing, forwarding, freight, transit
insurance, Excise duty, road permit charges ,other duties, if any, including state levy, delivery, installation,
commissioning and testing charges. c) There shall be no escalation in the prices once the prices are fixed and agreed to by the Company and the
bidders. But, any benefit arising out of any subsequent reduction in the prices due to reduction in duty & taxes
after the prices are fixed and before the agreement should be passed on to the Purchaser /Company. d) Prices for all the components are valid for the period of 5years from the date of first Purchase order from UIIC. e) All the items should be quoted in INR (Indian Rupees) only.
9. FORMAT AND SIGNING OF BID a) Letter of power of attorney or authorization should be submitted along with the bid. b) Proposals submitted in response to this RFP must be signed by (in all the pages) the Authorized signatory of the
Bidder‘s organization as mentioned in the Power of Attorney or Letter of Authorization.
c) The bid shall be numbered with index and highlighted with technical specification details and shall be signed by
the Bidder or a person duly authorized to bind the Bidder to the Contract. d) Any interlineations, erasures or overwriting shall be valid only if the person signing the bid counter signs
them. e) Bids should be spirally bound or fastened securely before submission. Bids submitted in loose sheets will be
rejected as non-compliant.
f) Bidders responding to this RFP must comply with the format requirements given in various annexure of the RFP,
bids submitted in any other format/type will be treated as non-compliant and may be rejected. g) SOLUTION DOCUMENT: Bidder should submit solution document as a part of technical bid. The contents of
solution document should include but not limited to i. Solution architecture with detailed explanation of all components.
ii. Backup mechanism/Policy.
iii. MPLS Bandwidth requirement at DC/DR/operating office.
iv. Make/Model/Version of all hardware/software/License components used for the solution.
v. IPV6 Compliance (Refer point 13.1.8, page 7).
h) ADDITIONAL INFORMATION: Include additional information which will be essential for better understanding
of the proposal. This might include diagrams, excerpts from manuals, or other explanatory documentation,
which would clarify and/or substantiate the bid. Any material included here should be specifically
referenced elsewhere in the bid. i) GLOSSARY: Provide a glossary of all abbreviations, acronyms, and technical terms used to describe the services
or products proposed. This glossary should be provided even if these terms are described or defined at
their first use in the bid response. j) PRESENTATION: Bidder may have to give Technical presentation and/or demonstration to supplement their
bids. The Technical presentations shall form part of the final Technical evaluation and the resulting contract if
any.
10. PERFORMANCE GUARANTEE: a) The successful bidder will have to furnish a performance guarantee to the tune of 15% of the value of the
Contract for proper fulfilment of the contract in the form of a Bank Guarantee for a period of 5 years obtained
from a nationalized/scheduled bank.
b) The performance guarantee has to be submitted within 8 weeks from the date of Purchase order from UIIC.
c) This Bank Guarantee shall be released on the expiry of the contract period.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 6 of 41
11. PROJECT SCHEDULE a) The Installation & Commissioning of Hardware /Software at various locations and deployment of
solution has to be completed as per the below schedule.
SN Description Duration 1 Deployment of infra in DC/DR and LAB Testing 2 months 2 Completion of rollout in pilot offices 2 months 3 Completion of rollout in remaining offices 5 months 4 Post deployment stabilization period. 3 months Implementation duration 12 months
a) If the Bidder does not deliver /deploy goods/services as per the above project schedule, or such authorized
extension of delivery /deployment period as may be permitted in writing by UIIC shall impose a penalty @ 0.5%
of the total value of the Purchase Order for each week‘s delay to a maximum of 5% of the total value of the
Purchase Order. Penalty shall be recovered for delayed deliveries/deployment, without prejudice to any other
right or remedy available under the Purchase Order. b) Post deployment stabilization period: UIIC shall monitor the performance of the Solution for a period
of 3 months after the implementation, said period will be treated as stabilization Period and the
implementation closure/Sign off shall be initiated by UIIC only upon satisfactory performance of the
Solution. The Bidder should take care of all necessary corrective steps, fine tuning and trouble shooting
of the Systems during this period. However it is to be noted that the UIIC reserves the right to use the
system/ solution and such usage shall not be construed as acceptance of the System/Solution by the
successful Bidder.
c) During this period the Bidder has to attend to all support related issues including visiting and trouble-shooting
(onsite Support) if required at various Offices. d) The Company reserves the right to cancel the tender if the above delivery schedules are not adhered to by the
selected bidder.
12. BACK GROUND: a) UNITED INDIA INSURANCE Co Ltd (UIIC) is one of the largest General Insurance Company in India having
1700+ offices across the country which would increase by another 200 offices over a period of next 5 years.
b) UIIC currently have 13,000+ PCs and 1700 laptops all over India running Windows XP or later (refer Current
Infra-Annexure-5).
c) In order to manage these endpoints efficiently UIIC intend to have a suitable Desktop Management Solution as a
whole.
d) UIIC offices are connected through BSNL MPLS links, HO is connected with 2 MPLS pipes of 32 Mbps each
and 2 Internet Leased Line of 8 Mbps each.
e) ROs are having 2 Mbps connectivity (2 pipes of 2 Mbps each) and Operating offices are connected with MPLS
links of 64/128Kbps bandwidth (refer Network Diagram-Annexure -6).
13. SCOPE OF WORK (SOW)
The broad scope of work to be executed on the turnkey basis -End To End implementation of Directory Services
(DS), Client Desktop Management Solution (CMS), Antivirus (AV) software, Infrastructure Services and ATS
(Annual Technical Support) for Software/License for a period of 5 years from the date of installation of
hardware/software/licenses.
13.1. General
a) The Bidder shall be responsible for the implementation & support of Directory Services, Client management
solution and Antivirus in 1000+ UIIC Offices across India(Location address are available in the company
website-http://uiic.co.in).
b) The support for maintenance of entire solution (DS, CMS, AV and any other application software..etc)
supplied should be available for a minimum period of 5 years.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 7 of 41
c) The solution architecture and design has to be as per the respective OEM‘sbest practice and the same has to
be certified by OEMs (DS, CMS and AV) and to be submitted along with the technical bid.
d) The solution has to be designed and proposed as per existing infrastructure of UIIC.
e) The bidder shall provide the most recent version of Licenses for all software in the proposed solution.
f) All the software/Licenses has to be delivered after the completion of infra deployment in DC/DR
g) The proposed solution covering all hardware, Software, Operating System and other related software must be
IPv6 compliant. Compliance in this regard should be submitted along with the technical bid documents.
The solution complete in all respect should be either IPV6 Compliant or should be IPV6 supported.
h) The bidder should visit the UIIC offices across the country with prior notice, coordinate with Office
In-Charge/Designated Official and ensure that the normal operations of the office is not affected.
i) Successful bidder may be required to sign NDA as per Annexure-12 with UIIC to maintain and
protect the confidentiality of Data.
j) At all points of time vendor should integrate, coordinate with all our existing System Integrators
(SI) for smooth implementation.
k) The bidder shall obtain road permit and other required approvals for the delivery of the products
without any additional cost to UIIC.
13.2.Services
13.2.1. Project Management : a) The Bidder shall be doing Project Management for the entire Project from
commencement to final handing over for live use on turnkey basis.
b) The bidder shall be responsible for generation and submission of necessary documents
required during various phases of project viz. planning, installation, commissioning,
rollout, acceptance testing, project diagrams ,administrator manuals, implementation
guidelines, user manuals, presentations and other reports etc. All such activities detailed
in the documents submitted shall commence only after the same is approved by UIIC.
c) The bidder should provide a detailed project plan in terms of activity and timelines
required for executing the project with the details of deliverables and milestones
including the delivery of components for DS, CMS &AV Solution. The bidder shall
inform the name of the Project Manager who would be the single point of contact during
the complete project implementation.
d) Preparing and handing over the PERT Chart or any relevant document to UIIC till Sign
off.
13.2.2. Infrastructure as a Service a) The bidder should host the solution in UIIC Data centre or data centre site identified by
UIIC.
b) Disaster Recovery (DR) site Hyderabad is in a different seismic zone which will be used
only in the event of catastrophic failure of entire Data Centre(DC) facility which cannot
be rectified and service from the DC are unavailable for all customers .
c) The successful bidder to design, provide and configure appropriately sized server,
storage and networking for implementing scalable Desktop Management Solution(the
solution should be sized to support maximum 20,000 endpoints) configured in a High-
Available mode(not necessarily at DR Site). The proposed solution should comply with
the technical specifications given in annexure 2.
d) The successful bidder shall provide dedicated infrastructure for the solution.
e) Backup and Restore: Successful bidder should provide robust and reliable backup mechanism
based on industry best practice for the entire solution. i. The successful bidder should also be responsible to design efficient backup policy in
consultation with UIIC.
ii. The backup policy should be flexible enough to accommodate changes suggested by
UIIC as and when required.
iii. Bidder shall carry out restoration drill and test the recovery process half yearly.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 8 of 41
iv. No tapes/backup media will be provided by UIIC. f) Bidder has to propose the required MPLS link Bandwidth to be terminated at DC and DR.
Complete bandwidth calculation should be enclosed as part of the technical response detailing
the methodology of the calculation.
g) Disaster recovery service should allow the resumption of Directory Services and AV within 2
Hours and Client Management Service within 12Hours of the identification of the disaster. h) In case of disaster, the service is to be resumed to provide 100 % of the capacity and
performance(in terms of the number users)
i) Procedure for announcing disaster and Operation from DR Site: Bidder shall clearly define
the procedure for announcing disaster based on the proposed DR solution. Bidder shall also
clearly specify the implications of disaster.
j) Disaster Trial: Bidder shall conduct disaster trial half yearly, wherein the Data-Centre has to be
deactivated and complete operations shall be carried out from disaster recovery site. k) Bidder should provide detailed document about DR process and fall back process in the solution
document. l) The services from DR site will be governed by SLA applicable to Data-Centre Site m) Server Monitoring Tool: The Bidders shall deploy a Monitoring tool capable of generating
daily/weekly/monthly reports to monitor DC and DR servers running DS,CMS and AV solution
24*7. The bidder should also provide an interface to UIIC officials to monitor the SLA. n) Stress Test: Bidder has to do stress tests using appropriate tool after the completion of
infra deployment and once in a year during the contract period. UIIC will not provide
any tools/hardware/software for the stress test.
13.2.3. One time installation: a) Bidder shall be responsible for arranging FMS Engineer/s from 10:00 AM to 6:00 PM at
Regional Offices from Pilot start date to Implementation Signoff date for the smooth
completion of one time installation. The FMS Engineer/s should be deputed as and when
implementation is started in offices under that particular Regional Office.
b) Bidder shall be responsible for arranging Helpdesk at HO with sufficient manpower to
co-ordinate with FMS engineers /users from Pilot start date to Implementation Signoff
date.
c) During one time installation bidder has to reinstall/update/upgrade operating
system(Windows XP to Windows 7 professional) if required(provided hardware
configuration is capable of the same), configure IP, install antivirus, scan for viruses,
join domain , install CMS client, migrate profile, backup user data and restore, configure
printer & additional peripheral devices and Install & Configure any other applications.
d) Creation of Standard Operating Environment –Should include the UIIC‘s policy &
applications used by the users.
e) Application testing: UIIC‘s standard applications such as Core Insurance Solution
(CORE), Genisys Business application, Email (mithiconnect-opensource), Antivirus,
office suite and other common applications etc., has to tested appropriately after the
Migration. The end user should have required access for using all the applications of the
company as deployed time to time.
f) The bidder shall ensure that end user should not have administrative privileges on all
end-points.
g) Basic user awareness training to be given to the users and appropriate project
communication & documentation needs to be provided and co-ordinated.
13.2.4. One time installation after the project sign off: a) If Desktops/Laptops/Mobile Devices are added/replaced at ROs/OOs (anywhere in
India), the bidder shall complete the one time installation of DS,CMS,AV of those many
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 9 of 41
Desktops/Laptops/Mobile with the price identified in the Annexure 4 during the contract
period (Commercial Bid Performa,(line item2.2))
b) One time installation of Desktops/Laptops/Mobile Devices at head office after the
project sign off will be done by FMS team deployed at HO during the contract period
without any additional charges other than FMS charges.
c) Payments will be made on the actual additional quantity procured during the contract
period.
13.2.5. Project Lab Testing: a) Bidder shall be responsible for Installing and configuring Directory Services, Client
management solution and Antivirus in UIIC Lab environment.
b) Bidder shall be responsible for arranging temporary Server hardware(s) with appropriate
configuration and 4 No‘s of Desktops (of equivalent configuration of UIIC desktops) at
HO during the testing phase.
c) Test phase will start after 2 weeks of issuing the PO.
d) UIIC will not provide any hardware/software/applications for this activity.
e) During the testing phase, Bidder has to implement Directory Management, Client
Management and Antivirus solution and demonstrate all the features mentioned in the
Technical Specification section.
f) Application testing: UIIC‘s standard applications such as Core insurance solution
(CORE), Email, Antivirus, office suite and other common applications etc., has to tested
appropriately.
13.2.6. Pilot Implementation: a) Bidder shall be responsible for Installing and configuring various services and features
of Desktop Management Solution at 50 UIIC Offices (400 desktops approx) across
India.
b) UIIC will share the Office list with the successful bidder.
c) Bidder shall get a signoff from UIIC authorized official from each location and from
Head Office.
13.2.7. Training: a) The bidder shall impart one time training from a qualified trainer to UIIC identified
Head-Office IT officials (not more than 10) at bidders premises covering the following
topics.
b) Knowledge Transfer Training of the Deployed Solution Architecture and Design
c) Directory Design, Deployment, Administration, Maintenance & Troubleshooting
d) CMS Solution, Architecture and maintenance.
e) Antivirus solution, Architecture and maintenance.
f) The bidder will have to ensure that training is imparted in a professional manner through
Qualified Personnel and Course Materials would have to be provided for the same.
g) Hands-on training to the Regional office IT Officials / Divisional in-charges/ Branch-in-
chargeand other officials of the Region/Division/Branch offices at the time of roll out of
the new solution. The necessary proof for successful completion of the training program
by the Region/Division/Branch should be produced invariably at the time of claiming
implementation charges.
13.3.Products
13.3.1. Directory Services The primary objective of design and implementation Directory services is to bring all the end-
points/servers located at the existing 1000+ Branches /Offices located across the country from
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 10 of 41
workgroup to Single domain architecture along with Standard Operating Environment rolled out across
its desktops and laptops. Implementation should take care of Desktop PCs/Laptops/Servers getting
installed at the upcoming branches also. The activity also includes setting up Group policies and
all the necessary configurations as per the OEM best practices.
a) Bidder shall submit detailed Architecture, Design Documentation, and Installation&
Configuration Documentation.
b) Design & implement the logical and physical structure of Directory services,
Organization Unit.
c) Design and implementation of Group policy, domain policy, Naming conventions of the
Organization Unit‘s/Groups as per UIIC specifications.
d) The bidder should provide the complete Group policy settings for user, computer and
servers. Bidder should propose and implement various policies such as password policy,
power management policy, device policy, backup policy, software policy, access rights
to the users and groups, etc.
e) Bidder should provide the Strategy for joining of desktops/ laptops/servers across the
country to the domain.
f) Design and Implement containers to segregate Laptops, Desktops and Servers.
g) The bidder should design and deploy sites and services with V-LAN Information
wherever the network equipments support v-lan.
h) Bidder shall also submit procedural documents related to day to day operations, backup,
restoration.
i) Bidder should assist UIIC in integrating directory services with other applications.
j) Bidder shall also customize the solution to generate daily/weekly/monthly reports as
required by UIIC. The details will be shared to the successful bidder.
k) The bidder should propose and Implement user/desktop/laptop/server naming
convention based on best practices.
l) The Bidder should configure designated ports (selected ports) of communication
between Domain Controllers and Client machines.
m) Install and configure Certificate Authority and enable auto enrolment for certificates.
n) Design and configure the solution to support use of bio-metric authentication devices.
13.3.2. Client Management Solution UIIC requires that all Desktops which are already connected or getting connected as and when
required comply with UIIC‘s IT security policy and fully protected in respect of security and
operational aspects for smooth running of UIIC‘s core insurance application.
a) The bidder should design centralized client management solution optimized for UIIC‘s
network architecture which segregates the desktops for the patches, with granular and
flexible grouping mechanism. Bidder should configure and implement all the patches
without user intervention.
b) The vendor shall ensure the CMS client installation on all end-points (servers and
desktops) at locations.
c) Bidder has to provide customized fields to report details of AMC on Desktops, UIIC
Asset ID, Desktops and other Hardware items connected with Desktops, AMC Renewal
Date, AMC Expiry Date, Name of AMC Service Provider, AMC Amount, and AMC
Amount Paid details, AMC Year etc. shall be provided in the system by way of a report
or view.
d) Bidder should install and configure Hardware and Software Asset Inventory
e) Bidder should install and configure Remote Control option
f) Bidder should install and configure Operating System Deployment.
g) Bidder should install and configure Power management on all Desktops
h) Bidder should install, Configure and test patch management and application distribution.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 11 of 41
i) UIIC has the rights to add/remove customized fields for reporting and the
solution/bidder should support the same using custom fields or solution customization.
j) Bidder has to download all the latest patches/updates from the OEM servers to DC/DR
servers with in a day for deployment to end-points across all offices of UIIC.
13.3.3. Antivirus solution: a) Vendor shall completely uninstall and remove traces of any existing antivirus software
and its components before installing the new antivirus software.
b) The vendor shall ensure the AV client installation on all end-points (servers and
desktops) at locations.
c) The bidder should design centralized Antivirus solution optimized for UIIC‘s network
architecture which segregates the end-points for the patches, with granular and flexible
grouping mechanism. Bidder should configure and implement all the AV updates
without user intervention.
d) Bidder shall also submit procedural documents related to day to day operations, backup,
restoration and DR.
e) Bidder should Integrate Antivirus solution with proposed Directory solution
f) Proposed Antivirus solution should utilize the proposed Directory solution objects such
as Desktops/Laptops/Servers for distributing Antivirus updates
g) Bidder should customize the solution to generate daily/weekly/monthly reports as
required by UIIC. The details will be shared to the successful bidder.
h) Bidder should distribute Antivirus updates on Daily basis from the first day AV client
gets deployed at UIIC.
i) Bidder has to download all the latest patches/updates/signatures from the OEM servers
to DC/DR servers with in a day.
13.3.4. Distribution Points a) UIIC has 500 + users in its Head office. Bidder has to supply, configure and maintain
Distribution Servers along with the appropriate Operating system in High Availability
mode for Directory Services, AV and CMS for this location. The minimum technical
specification of this Distribution Point (Distribution Point 1) is given in annexure - 2.
b) UIIC has multiple regional office locations with more than 50+ users. Bidder has to
supply, configure and maintain Distribution point for AV and CMS at these locations.
The locations are mentioned in Annexure-7 and minimum technical specification of
Distribution Points (Distribution Point 2) is given in annexure - 2.
c) The bidder shall configure one desktop as a distribution point in the operating office for
distribution of components to all other desktops in that location.
14. SLA MONITORING& TROUBLE TICKETINGSYSTEM 14.1.Bidder shall provide a web-based ITIL complied complaint booking interface available in real-time
which will issue a trouble ticket once a complaint is booked successfully.
14.2.The bidder shall be able to record a complaint and generate a trouble ticket on this system based on
intimation by the user through telephone/fax/email /mobile/ web-based interface.
14.3.The system shall be able to provide a trouble ticket status tracking mechanism, whereby the user can
be aware and communicated of the latest status of a case logged.
14.4.This trouble ticket system shall generate monthly/quarterly/half yearly / yearly reports.
14.5.Bidder shall ensure that these calls are fully responded by the FMS and the Docket number is allotted.
14.6.UIIC officials shall be able to monitor the SLA using this tool.
14.7.The Ticketing system should have following fields including but not limited to.
14.8.Fault Details: a) Date/Time of fault reporting with Bidder.
b) Docket No
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 12 of 41
c) Fault & its details as per observation.
d) Name of contact person of Bidder to whom fault is reported by UIIC.
e) Date/Time of fault being rectified with brief description how problem was resolved.
f) Remarks
14.9.Fault Response Details: a) Bidder Response Date/Time
b) Docket No allotted to UIIC representative
c) Nature of fault reported
d) Name of Engineer attending fault
e) Date/Time of fault being rectified with brief description of how problem was resolved
f) Total Time taken to rectify the fault
g) Remarks
14.10. Change Management a) Change Requester details
b) Change type
c) Severity and priority
d) Impact
e) Approver details
15. FACILITY MANAGEMENT SERVICES 15.1.The successful bidder should depute qualified dedicated manpower (FM support Engineer(s)) from
project sign off date to contract expiry date(2ndyear to contract expiry date) at UIIC Head Office from
9:00 am to 8:00pm from Monday to Saturday, and should come urgently to premises at other times
whenever called.
15.2.FM engineer(s) should be trained & experienced professional having excellent communication skills.
UIIC IT team will take interview of the engineer(s) before being posted in Head office. This process
will be followed in case engineer(s) is replaced during the contract period.
15.3.The FM resource(s) should be minimum graduate/diploma holder in engineering (IT/electronics/
Comp) having good knowledge on Directory Services, Client Management Solution & Anti-Virus
(AV) Solution. The FM resource(s) should be having Certification on Proposed Directory
Services/Client Management solution/AV solution.
15.4.The onsite helpdesk resources should be supported by backend/remote support team of the bidder
during working hours of onsite FMS.
15.5.In case the engineer goes on leave/absent, suitable replacements to be arranged by the bidder to ensure
that regular functioning of the offices does not hamper.
15.6.FMS shall be responsible for following activities.
a) Providing a Single Point of Contact (SPOC) for assistance with IT services under scope.
b) Log IT related tickets (incidents, service requests, events) from users(received through phone,
mail, logged tickets in the tool)
c) Acknowledge the tickets, allocate appropriate category.
d) Provide remote support for end user at RO/OO.
e) Provide onsite support for end users at HO (The FMS engineer has to physically visit users in
head office to resolve the problems).
f) Allocate the ticket to the respective Regional Offices and coordination till call closure.
g) Route service requests to the appropriate teams in HO/RO (viz. user management group, mail
management group etc) Offices and coordination till call closure.
h) One time installation of Directory services, CMS and AV on new/formatted PCs at HO.
i) Escalate issues pertaining to user non-availability or non-cooperation.
j) Generate service management reports from the ticketing tool.
k) Maintenance of SLA matrix, severity and categorization matrix.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 13 of 41
16. WARRANTY(HARDWARE)/ANNUALTECHNICAL SUPPORT (SOFTWARE/ LICENSES) 16.1.Bidder shall provide all the hardware mentioned in the Annxure-2,Table -3 with 5 year warranty and
all the software/Licenses mentioned in the Annxure-3,Table-1, 4 with 1 year ATS with a provision to
renew for minimum 4 years.
16.2.Successful bidder has to mandatory back line all Service with the respective OEM during ATS period,
and letter from OEM as a proof should be submitted within 8 weeks from the date of delivery.
16.3.The scope of Warranty and ATS shall include but not limited to
a) Up gradation and installation of all software components (updates/upgrades/ new version)
Rectification of Bugs/defects if any
b) Fine tuning of application and database
c) Maintenance of application and database
d) Reinstallation of software /database whenever required.
16.4.UIIC shall not be responsible for any non-support from OEM's.
17. SERVICE LEVEL AGREEMENT The selected Bidder shall guarantee a quarterly uptime of 99.5%for the Backend Infrastructure
(hardware/software from the date of commencement of the proposed solution. (Any planned shutdown
will not be considered for calculating SLA).The percentage of uptime is calculated on quarterly basis as
follows:
(Total contracted minutes in a quarter –downtime during contracted minutes) * 100/ Total contracted
minutes in a quarter.
The table below specifies support/maintenance matrix along with mean time to respond (MTTR1) and
mean time to resolve (MTTR2).
S# Services MTTR1
(HH:MM)
MTTR2
(HH:MM)
17.1 Backend Infra(hardware/software/entire solution) 00:10 Should maintain
99.5%uptime
17.2 AV signature updation ***** One day
17.3 Case logged to FMS from HO(For onsite support) 00:15 2 hour
17.4 Case logged to FMS from RO/OO(For remote support) 00:15 4 hours
17.5 Onsite Support for Class-A cities 00:15 8 hours
17.6 Onsite Support for Class-B cities 00:15 NBD
17.7 Onsite Support for Class-C cities 00:15 NBD+1 Day
17.8 Onsite Support for Class-D cities 00:15 NBD+2 Day
Note:
i. Refer Annexure-8 for classification of cities. NBD- Next business day.
ii. SLA window for line items17.3, 17.4and 17.5will be 10.AM to 6 PM.
iii. 95% of the user login, apart from one time profile creation should happen within 5 seconds. Non-adherence to
the same will lead to penalty as per the SLA clause (S#1 Backend Infra (hardware/software / entire solution)) and
will be used to calculate downtime.
iv. Bidder has to give Onsite support to OO/RO in case the problem is not resolved remotely. In that case, the bidder
has to give confirmation within4 hours.
v. MTTR1 (Mean Time to Response):-Defined as time taken by the help desk to respond the concerned user over
the service desk tool, phone/Email/FAX or in person and acknowledge the problem.
vi. MTTR2 (Mean Time to Resolve): -Defined as time taken to resolve a problem.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 14 of 41
18. PENALTY TABLE
In case the vendor fails to meet the above SLA, penalty will be imposed as specified in the table below.
S# Services Up Time Penalty 18.1 Backend Infra(hardware/software/entire
solution) 99.5% Rs.1, 000/-per Minute.
18.2 AV signature update Not updated with in One
day of patch release from
DC/DR
Rs.20/-per day/per
endpoint
18.3 Case logged to FMS from HO(For onsite
support) Not resolved within 2
hours. Rs.200/-per hour/per case
18.4 Case logged to FMS from RO/OO(For remote
support) Not resolved within 4
hours. Rs.200/-per hour/per case
18.5 Onsite Support for Class-A cities Not resolved within 8
hours. Rs.200/-per hour/per case
18.6 Onsite Support for Class-B cities Not resolved within Next
business day Rs.1000/-per day/per case
18.7 Onsite Support for Class-C cities Not resolved within Next
business day + 1 Day Rs.1000/-per day/per case
18.8 Onsite Support for Class-D cities Not resolved within Next
business day + 2 Day Rs.1000/-per day/per case
Note:
i. The down time will be calculated on quarterly basis.
ii. Server monitoring and ticketing tool reports will be used to calculate penalty.
iii. The downtime calculated shall not include the following:
a. Any planned shutdown.
b. Failure or malfunction of any equipment or services not supplied/provided by the bidder.
c. Negligence or other conduct of UIIC or its agents, including a failure or malfunction resulting from
applications or services provided by UIIC or its vendors. However, it is the responsibility/ onus of the
selected bidder to prove that the outage is attributable to UIIC. The selected bidder shall obtain the proof
authenticated by the UIIC's official that the outage is attributable to the UIIC.
d. The maximum penalty will be up to 10% of quarterly FMS and Infrastructure services charges.
e. In case maximum penalty is imposed for more than two times in a year, UIIC may revise the SLA
penalty cap to 10% of quarterly FMS and infrastructure services charges.
19. PAYMENT TERMS: The various payments due for implementation of the solution shall be as per the table given below. The company
also reserves the right to prescribe additional documents for release of payments and the bidder shall comply with
the same.
Item Payment Documents to be submitted Software/Licenses
50% against the Software/Licenses delivery
and hardware delivery at DC/DR. Confirmation letter/mail from OEM,
Delivery Certificate, Performance Bank
Guarantee, Agreement. 50% on completion of implementation Implementation sign-off
One time installation cost 20 % on the completion of pilot offices Completion certificate, Certificate from
authorized UIIC official. 35%on the completion of 50% offices. Completion certificate, Certificate from
authorized UIIC official.
35% on the completion of remaining
offices.
Completion certificate, Certificate from
authorized UIIC official.
10 % on the signoff of the project Certificate from authorized UIIC
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 15 of 41
official.
FMS and Infra Services 50% of Annual charges once in every
six months.
Quarterly call reports, MIS reports
OEM Direct(Anti-Virus)
support subscription
charges
Will be paid annually Call reports.
Additional, optional
software/Licenses
100% on delivery &installation. Completion certificate, Certificate from
authorized UIIC official.
Software/Licenses-ATS Will be paid annually Confirmation letter/mail from OEM
Hardware(DP1 and DP2) 80% on delivery Delivery Certificate
20% on installation Installation Certificate
Additional per Desktop
one time installation cost
(for RO/OO) after the post
deployment stabilization
period.
100% on completion at the end of each
quarter along with FMS/OEM direct
support charges.
Completion certificate, Certificate from
authorized UIIC official
20. DOCUMENTATION The following information should be furnished along with the technical bid.
i. Solution Document refer pt. 9.6,page 6
ii. Technical Brochures/Data Sheets of quoted products showing all features of the products.
iii. Manufacturer Authorization Form as per the Annexure 11.
iv. OEM certificate for solution architecture.
v. Power of attorney /Authorization Letter.
vi. Eligibility Criteria as per annexure-1
vii. Technical Compliance as per Annexure -2
viii. Unpriced Bill of Quantity (BOQ) as per Annexure-3
ix. Deviations as per Annexure-10The proposal and all the supporting documentation submitted by the
bidder as part of the tender response shall become the property of UIIC.
21. GENERAL TERMS 21.1.The agreement shall be in force for a period of 5years.
21.2.The successful bidder shall sign and return the Contract (Annexure-12) within 8 weeks from the date
of first purchase order from UIIC.
21.3.Queries may be communicated only through e-mail and response to query will be by return e-
mail. No queries will be accepted on telephone or through any means other than e-mail. The
queries should be sent in .pdf/.xls/.xlsx format as per annexure 9 only. 21.4.The offer containing erasures or alterations will not be considered. There shall be no handwritten
material, corrections or alterations in the offer. Technical details must be completely filled in. Correct
technical information of the product being offered must be filled in. Filling up of the information
using terms such as ―OK‖,‖Accepted‖,‖Noted‖,‖As given in Brochure/Manual‖, ‖Negotiable‖, ‖to be
discussed‖ is not acceptable. UIIC may treat such offers as not adhering to tender guidelines and as
unacceptable.
21.5.Addendum/Amendments/Corrigendum, if any, will be posted on our website only under
http://uiic.co.in. Prospective Bidders should check the website frequently to get updates on any such
changes. UIIC reserves the right to cancel the RFP at any time without incurring any penalty or
financial obligation to any bidder or potential bidder.
21.6.UIIC reserves its right to carry out factory inspection of the equipment‘s to be supplied to UIIC at
bidder‘s factory/site/centre. There shall not be any additional charges for such inspection.
22. ROYALTIES AND PATENTS
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 16 of 41
Any royalties or patents or the charges for the use or infringement thereof that may be involved in the
contract shall be included in the price. Bidders shall protect the Company against any claims thereof.
23. DEVIATION FROM SPECIFICATION
If the bidder wishes to depart from any terms and conditions of the tender in any respect he shall draw the
attention to such points of departure explaining fully the reasons thereof and furnish separately adopting
the form given Annexure 10. Unless this is done, the requirements of the eligibility criteria will be
deemed to have been accepted in every respect. The Company reserves the right to accept/reject any or
all of the deviations shown by the bidder.
SECTION II
PART A –TECHNICAL BID
The following documents along with the Soft copy of all requirements for technical compliance on a CD have
to be submitted in Cover A (in the same order)neatly filed with proper indexing. The contents of the CD and
the hard copies in the technical bid should be identical. The CD should not contain any information other than
Technical Bid and will be only used as reference materials for verification by UIIC. Submissions in Hard
copy will be treated as final for all legal matters.
i. Tender document Fees Rs10, 000/-(Rs Ten Thousand only) (Non-refundable)
ii. RTGS Transfer details of EMD for Rs. 40, 00,000/-(Rs Forty Lakh Only)
iii. Power of attorney/Authorization Letter.
iv. Eligibility Criteria as per annexure-1
v. Technical Compliance as per Annexure -2
vi. Unpriced Bill of Quantity (BOQ) as per Annexure-3
vii. Documents as per page 18 & 19.
viii. Manufacturers Authorization Letter as per Annexure –11
ix. Deviations Annexure-10
x. Softcopy in CD
PART –B COMMERCIAL BID
The bidders have to submit commercial bids along with the Soft copy (in .pdf / .xls/.xlsx) as per Annexure-4.
The contents of the CD and the hard copies in the commercial should be identical. The CD should not contain
any information other than Commercial Bid. Incomplete commercial bid will be rejected. If amount is not
mentioned it will be considered as Rs 0/-(Rupees Zero only).Submissions in Hard copy will be treated as
final for all legal matters.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 17 of 41
SECTION III
GENERAL TERMS & CONDITIONS
i. PROCEDURE FOR PROCESSING THE TENDER DOCUMENT:
i. The IT Operations Committee will open the Cover ‗A‘. In case the cover ‗A‘ does not contain a
EMD Details for Rs. 40,00,000/-(Rs. Forty Lakh only)towards Earnest Money Deposit and Rs.
10,000/-towards tender document fees, their offer would be rejected. The bids not meeting the
eligibility criteria would also be rejected.
ii. The commercial bids of only technically qualified bids will be opened by the committee in presence
of all the bidders and the lowest commercial bid (L1) would be identified.
iii. While evaluating the bid, if in the opinion of UIIC the price of such licenses is found to be
excessive, UIIC reserves the right to either accept the offer from the bidders (or) to directly
negotiate a lower license fee with the respective OEM/Dealer.It is therefore imperative that the
bidders quote license fee separately for all components of the solution.
iv. The integration and/or any other relevant cost will also have to be spelt out separately as line items
since such integration shall remain the responsibility of the bidders.
v. In case the offer from OEM and/or dealer is accepted for direct placement of the order, the TCA
based on actual cost quoted by the bidder will only be reckoned to arrive at the L1 for the
technically qualified bidders.
vi. After selection of L1 bid, UIIC has the right to procure any component of the solution directly from
the OEM wherever UIIC has an existing arrangement for procurement of licenses.
vii. The bidders who fail to present themselves at the time of Commercial bid opening on the specified
place, date and time may be disqualified.
viii. Any commercial bid incomplete in any respect would not be considered.
ix. This procedure is subject to changes, if any, and the procedure adopted by the Company for opening
the tender shall be final and binding on all the parties.
x. Every page/document provided by the bidder in the technical/ commercial bid should be stamped
and signed by the competent authority of the bidder.
2. AGREEMENT The successful bidder shall enter into a detailed Agreement. A Performa / Draft Agreement as mentioned in
Annexure-12. However, the Company reserves the right to alter/vary/amend/modify all or any of the terms
set out in the said Performa/ Draft Agreement.
Encl:
Annexure-1(Eligibility Criteria for bidders)
Annexure-2(Technical Specification)
Annexure-3(Unpriced Bill of Quantity)
Annexure-4(Commercial Bid Performa)
Annexure-5(Current Infrastructure)
Annexure-6(WAN Diagram)
Annexure-7(List of distribution point locations)
Annexure-8(Classification of cities)
Annexure-9(Queries Format)
Annexure-10(Deviation Format)
Annexure-11(MAF format)
Annexure-12(Agreement Draft)
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 18 of 41
Annexure-13(NDA format)
ANNEXURE 1 - ELIGIBILITY CRITERIA
Only those bidders fulfilling the following criteria should respond to the RFP.
S# Eligibility Criteria
1 The Bidder must be a registered company having
presence all over India.
Copy of Certificate of Registration / Certificate
of Commencement of Business.
2 Bidder must have a minimum average turnover of Rs.
1000Crores per year during last three financial years
i.e. 2009-10, 2010-11, 2011-12 or later in IT related
business in India.
Audited Balance Sheet and P & L Account for
the last three years. Certificate from Chartered
Accountant certifying the IT related business
turnover of last three years i.e. 2009-10 and
2010-11, 2011-12 or later
2009-10
2010-11
2011-12
2012-13
3 The Bidder should have supplied and implemented
the proposed Directory Services similar to UIIC
environment for more than 10000 desktops in at least
2 reputed organizations in which one should be a
PSU BFSI organization during the period from 1-1-
09 till date.
Purchase Order copies issued by
Organizations since 01-01-2009
Customer 1 (Name, Dateof PO;
No.of Desktops) :------------------------------------
---
Customer2 (Name; Dateof PO;
No of Desktops) :------------------------------------
---
4 The Bidder should have supplied and implemented
the proposed Client Management Solution (during
the period from 1-1-09 till date) for more than 10000
desktops in at least2 reputed organizations in which
one should be a PSU BFSI organization.
Purchase Order copies issued by
Organizations since 01-01-2009
Customer 1 (Name, Date of PO;
No of Desktops) :----------------
Customer 2 (Name, Date of PO;
No of Desktops) :-------------
5 The Bidder should have supplied and implemented
the proposed Anti Virus Solution for more than
10000 desktops in at least2 reputed organizations in
which one should be a PSU BFSI organization during
the period from 1-1-09 till date.
Purchase Order copies issued by
Organizations since 01-01-2009
Customer 1 (Name, Date of PO;
No of Desktops) :----------------
Customer 2 (Name, Date of PO;
No of Desktops) :----------------
6 The Bidders should be an authorized partner for the
proposed OEM solutions.
Manufacturers authorization letter
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 19 of 41
1)Directory Services OEM Name :-------------
2)Desktop Management Solution OEM Name :-------------
3)Anti Virus Solution OEM Name :-------------
7 The SI should have at least 1000 full time Technical
Support professionals on its permanent rolls in India
Annual report or self-declaration from bidder
OEM Eligibility Criteria-Directory Services
10 The proposed Directory Services OEM application
software should have been implemented (a minimum
of 10,000 users) and successfully running in any one
of the PSU BFSI organizations in India for the last 2
financial year
Copy of the evidence need to be submitted.
11 The proposed Directory Services OEM application
software should be an enterprise class, commercially
available and should have a version history and
future roadmap for next 2 years.
Declaration letter from OEM should be
attached
OEM Eligibility Criteria-Client Management Solution
12 The proposed Client Management Solution should be
globally renowned and must be in Leader‘s Quadrant
for ―Gartner Magic Quadrant for Client Management
2012/2013
Gartner document.
13 The proposed Client Management Solution should
have been implemented (a minimum of 10,000 users)
and successfully running in any one of the PSU BFSI
organizations in India for the last 2 financial year
Copy of the evidence need to be submitted.
14 The proposed Client Management Solution should be
an enterprise class, commercially available and
should have a version history and future roadmap for
next 2 years.
Declaration letter from OEM should be
attached
OEM Eligibility Criteria-Antivirus Solution
15 The proposed Antivirus Solution should be globally
renowned and must be in Leader‘s Quadrant for
―Gartner Magic Quadrant for Client Management
2012/2013
Gartner document.
16 The proposed Antivirus Solution should have been
implemented (a minimum of 10,000 users) and
successfully running in any one of the PSU BFSI
organizations in India for the last 2 financial year
Copy of the evidence need to be submitted.
17 The proposed Antivirus Solution should be an
enterprise class, commercially available and should
have a version history and future roadmap for next 2
years.
Declaration letter from OEM should be
attached
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 20 of 41
ANNEXURE 2 - TECHNICAL SPECIFICATION
1.0) Software/Licences
1.1)Directory Services Specification
Various systems that are existing or in future (Email, Proxy, IP telephony, email, Portal, Policies, and DNS
etc) should use the same centralized LDAP v3 compliant directory services for authentication, authorization
and single sign-on. There should not be a duplication of user stores for separate systems, to reduce
complexity and increase productivity. Proposed solution should support LDAP v3 compliant directory
services that should be the focal point of interoperability, security & manageability.
Should support for X.500 naming standards
Support for integrated LDAP compliant directory services to store information about users, computers, and
network resources and making the resources accessible to users and applications.
Should support directory services integrated DNS zones for ease of management and
administration/replication.
Should Support for DNS as the locator service (service records & dynamic updates).
The directory service should provide support for User/Computer policies and software restriction policies.
The directory service shall provide support for modifiable and extensible schema.
Should support multi-master directory service replication features, Directory Server should be scalable and
should have multi-master & multi-site capabilities.
Should support security features, such as support for smart cards, Built in public key infrastructure (PKI),
and x.509 certificates.
The Directory Object types supported should include:
Users Object Type;
Groups (Security & Distribution Groups which can be static or dynamic)
Foreign Users (Non-employees/Business partners etc.)
Computer Accounts ( Desktops/laptops/Pads. Etc)
Printers
Containers for purposes of grouping, administration and policy control
Search capability to query all directory objects.
Search capability to query network resources by attributes.
Should support recovery of a Single Object as well as the entire directory.
Loss of a single directory server should not affect ability for users to logon.
Should support that password reset capabilities for a given group or groups of users can be delegated to any
nominated user.
Should support that user account creation/deletion rights within a group or groups can be delegated to any
nominated user.
Should support that group membership management within a group can be delegated to any nominated user.
Should support multiple password and account lockout policies for different set of users.
Directory services should be extensible & should have capability to be extended for custom development.
Should provide the audit capability to log old and new values when changes are made to objects and their
attributes; should provide delete protection for directory objects.
Should support the deployment of a read only additional directory server which may be deployed in a
different location so as to prevent any changes from the other location.
Directory services should support directory database snapshot tool, which should support creating snapshots
of the directory database & should allow directory administrator to view the objects within the snapshot to
determine the restore requirements when necessary.
Should support built-in 2000+ Security policies that can be directly applied on Desktops/Laptops/users, UIIC
should have the rights to activate all/selected policies based on regulatory requirement
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 21 of 41
The Directory system should support differential replication
The solution should support for synchronization with various directory system
The Directory system should provide multi-level passwords to ensure that no single administrator may have
full control of important credentials.
The Directory system should provide the following authentication methods Encrypted passwords,
Certificates.
The Directory system should have support for implementing policy based access control for access of the
directory data for every user and also should replicate the same.
The Directory system should have password policy management like retry attempts, lockout, min/max length
and password history as per standard enterprise policy and Bank‗s password policy. Password Policy
management should be part of directory Services for end users.
The Directory system should support on line administrative operation on the directory data such as backups,
schema updates, and configuration.
Ability to delegate the administrative rights at different levels depending upon the server, users and task
level.
The Directory system should have a GUI console and Web Based console for performing the administrative
tasks.
The Directory system should permit monitoring directory server in real time using the Simple Network
Management Protocol (SNMP)
The Directory system should provide support for different log levels, log rotation policies and log analysis
tools.
The Directory system should be capable for on line import, export, backup and restore of data.
Solution should be able to scale up to managing the local policies of the client systems.
Solution should be able to provide different set of policies based on the groups/users as per UIIC's
requirement
Solution should be able to manage the account and audit polices based in various user groups, Containers.
Directory Service should support fine-grained password policy as per the UIIC's IT Security policy like
different restrictions for password and account lockout policies etc.
The solution should support for synchronization with various directory system
The Directory system should provide multi-level passwords to ensure that no single administrator may have
full control of important credentials.
The Directory system should provide the following authentication methods Encrypted passwords,
Certificates.
The Directory system should have support for implementing policy based access control for access of the
directory data for every user and also should replicate the same.
The Directory system should have password policy management like retry attempts, lockout, min/max length
and password history as per standard enterprise policy and Bank‗s password policy. Password Policy
management should be part of directory Services for end users.
The Directory system should support on line administrative operation on the directory data such as backups,
schema updates, and configuration.
Ability to support delegation of the administrative rights at different levels depending upon the server, users
and task level.
The Directory system should have a GUI console and Web Based console for performing the administrative
tasks.
The Directory system should permit monitoring directory server in real time using the Simple Network
Management Protocol (SNMP)
The Directory system should provide support for different log levels, log rotation policies and log analysis
tools.
The Directory system should be capable for on line import, export, backup and restore of data.
Solution should be able to scale up to managing the local policies of the client systems.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 22 of 41
Solution should be able to provide different set of policies based on the groups/users as per UIIC's
requirement
Solution should be able to manage the account and audit polices based in various user groups, Containers.
Directory Service should support fine-grained password policy as per the UIIC's IT Security policy like
different restrictions for password and account lockout policies etc.
Solution should be able to create policy setting to control access to devices like USB, CD and other
removable media‗s and also control device driver installation.
Location Awareness: The proposed solution must be roaming user friendly. Users who have travelled to
different locations must have applications delivered to them from Local Distribution sources (Server or
desktop) and must avoid traversing the WAN to pick up applications
1.2)Client Management Solution Specification
General Client management solution should support the following capabilities out of the box a. Centralized Patch Management b. Centralized Application Deployment c. Centralized Hardware and Software inventory and reporting d. Software Usage metering e. Desired security baseline management f. OS Deployment g. Power Management h. Internet based Management All capabilities mentioned in point 1 above, must be delivered using a single agent installed on the desktops or servers
being managed All agent to management server communications for the capabilities in point 1, must be through port 80/443 by
default. Must allow for ability to customize the port required for communication in case need for this arises in the future
The agent must not register its presence in ―Add/Remove programs. This is to prevent users from uninstalling the
agent from the ARP control panel applet
The solution must support integration with Directory Services natively. This will allow easy discovery and re-use
UIIC's infrastructure to create groupings of servers and users
Agent‘s health must be monitored from central console. Client health remediation must be possible in case of
dependent services or components missing or non-functioning.
Solution should support Desktops with 512 Mb RAM. Patch Management The Patch Management solution must support all supported versions of Windows Desktops Operating Systems
The solution must leverage the existing Windows Update Agent, which is natively present in the Windows Operating
System. Patches for managed systems must be available for deployment, on the same date as the release of these patches
Patches must be deployed in the form as supplied/made available by the OEM vendor. The solution must have the ability to package multiple patches into a single package Must provide the flexibility to suppress reboots for servers, while forcing reboots for desktops Reports must be comprehensive and must include at least the following a. Compliance status of specific patches in computers b. All Computers with a specific patch or patches missing c. Granular status update for deployed patch package – Installed successfully, Pending reboot, Failed, Installing, etc.
d. Report on reasons for failure, in case of failed deployments Deployment status must be available as reports from the time of deployment Check for presence of patches must be carried out, before running a patch deployment. If a patch being deployed is
detected, that patch must not be installed
Management console must include information around size of the patches, description of the patch, content download
location
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 23 of 41
Management console must be able to indicate supersedence information for patches. This will allow administrator to
know if a particular patch is no longer required and which patch will replace the old patch
Ability to specify a Patch Management Time Window‗. Patches must be installed and reboots must be carried out only
in this time window, irrespective of when the patch was actually made available for download. For e.g. – All patches
must be installed on server and reboots carried out only on Friday 12pm to 2 pm
Ability to maintain minimum patch lists. All machines must be patched to this minimum list at all times. If a patch is
manually removed from the machine, the same should be detected and re-patched automatically
Solution should provide automated patch management capabilities and it should provide multi platform patch
management from single management server. The tool should help tracking and evaluating the appropriate software updates depending on operating system and
products installed. The desktop management agent on the distributed workstation should not be reflected as part of ―Add / Remove
program‖ if the solution is agent based. The solution should take advantage of the Organization Unit Structure. Comprehensive reporting must be available out of the box that indicates application delivery successes, failures, etc.
Solution should support patch distribution to workstations based on multiple parameters such as IP Subnets, hardware
criteria, directory containers, groups, users, etc.
Wake-on-LAN feature should be available that enables distributions to occur after business hours by sending wake-up
packets to desktops that require software updates.
The solution should offer Pre-defined Patch Compliance reports Application deployment Administrators must be able to select and centrally deploy applications to specific servers and desktops. Targeting of
this software must be based on specifiable criteria such as – all machines in a particular RO, belonging to an IP subnet,
users of an AD group, etc.
It must be possible to exclude specific machines or group of machines from a specified target
The system must have the ability to deploy any executable to the servers and desktops, including but not
limited to .msi, .exe, .bat, .vbs, .cmd, etc.
Before each application is deployed, the system must have the ability to check for other dependent
applications, such as .NET framework, etc., If dependent software are found missing, the same should be
installed automatically, before the actual application is deployed.
It should be possible to specify minimum system requirements for deployment of individual applications, for
e.g. application should be installed only if a minimum of 1GB RAM and 500GB free hard disk space, etc.
The system must include a web based interface for users to manually select and deploy applications of their
choice, as made available for manual install by the administrator. However, such software must still obey
any pre-conditions for install set by the administrator, as called out in the previous two points.
The application deployment mechanism must follow a model based approach such that applications can have
multiple deployment methods, including Physical installs, virtual applications, Remote App based
applications, etc., yet be referenced from a single object
Must be able to define device relationship with user, i.e. associating a particular user with a particular
desktop
Must be able to reuse created application packages with OS deployment tasks, such as associate specific
application with OS deployment for a user belonging to specific directory group.
Application must use BITS download technology, which will allow prioritizing other traffic over desktop
and server management traffic.
Ability to throttle bandwidth usage for traffic between agents and management server
Applications must be installed irrespective of whether a user is logged in or not, as well as irrespective of
whether the logged in user has administrative privilege or not
Comprehensive reporting on application deployment activities including but interface
ted to Deployment status, failures, reasons for failures, etc.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 24 of 41
Must support Out of Band management using Wake on LAN and Intel Active Management Technology
Hardware and Software Inventory
The system must report on hardware installed on all servers and end-points. This is irrespective of the make
and model of the servers or end-points.
The system must report on software inventory of all installed software on servers and end-points, including
in-house developed applications.
Raw software inventory must be compared against a central database with application signatures, to obtain
intelligent inventory information. For e.g.- instead of reporting winword.exe instances, system must be able
to report no. of Microsoft Office Standard editions, or Professional editions , etc.
System must allow for custom tagging of software inventory line items as per the departments requirements,
for eg – Approved software, blacklisted software, etc.
The system must allow usage tracking of software. This should allow reports such as
a. Specific software installed on a machine, but not used for the last 3 months
b. Average use duration of a particular software in a network
c. Maximum concurrent usage of a particular software in a network
Hardware inventory must use the WMI interface to gather inventory information
Solution should support customization of hardware inventory items, for e.g.- enable hardware for Firmware
ports, or disable inventory for physical disks, etc.
It must be possible to define custom department specific information to the end nodes, such as cubicle no.,
building name, etc., and the same must be inventoried by the inventory solution
The solution must be capable of inventorying all software installed on the workstation with their versions
etc. Installed software / Applications should be available from multiple methods like file information on the
workstation, Registry contents and Add/Remove Programs.
Identify software and hardware configurations from a central location. Provide complete hardware and
software information from all the desktops and desktops.
Solution should be able to centrally control the Power management of the client systems wherever feasible.
Software metering: The solution should be able to track application usage. Track which users are running
applications, for how long, and how many instances concurrently.
OS Deployment
Must allow provisioning of Supported Windows Desktops Operating systems for both bare metal as well as
upgrade scenarios.
Must allow PXE based installations of OS.
Must allow creation of bootable DVD with full OS install, so that desktops in remote locations can be
installed with minimum user/administrator intervention
OS Deployment must support Application distribution Packages and software update packages (referenced in
previous sections ), to be tied to base images to reduce the size and number of images that need to be created
Must support a hardware independent image for Windows, to reduce the no. of images to be created.
Must allow migration of profile data during OS installation and restoration of the same after the new OS is
installed, without user or administrator intervention.
Others
Must allow creation of compliance baselines that allow administrators to check for compliance of servers
and desktops to specific security settings as decided by security team.
Must allow for reporting of computers that deviate or are in compliance to above baselines.
Must allow for remediation of non-compliant settings.
Give a measure of all desktop data-movement in and out at all times (Desirable).
The solution must be able to report power capabilities of servers and desktops in the environment, for e.g.-
No. of machines capable of sleep, No. of machines capable of hibernate, etc.
Should support different power management settings across the environment, based on peak and non-peak
hours. Power settings examples are – suspend machine after 30 min of inactivity, hibernate after x minutes,
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 25 of 41
etc.
Solution should support different power management setting based on end node, for e.g.- a separate policy
for server and a different policy for desktops.
Must have power consumption reports that also allow to study power consumption before power settings
deployment and after settings deployment.
Power management must be performed from the same management console as all other activities described
in preceding sections.
Management console must allow for role based access control.
The solution should natively and out of Box integrate with Directory services.
Ability to target patches / Updates directly to Directory services objects and Organization Units: It should
have the capability of discovering machines, users, Groups using query and to distribute any software
packages or patches to those Directory services Objects.
The proposed solution should support that The Administrator should be able to take remote control of client
workstations.
It shall support security related features for taking the control of remote PCS, based on pre-defined policy
and authorization.
Asset Lifecycle Management
Proposed asset management solution should provide the features specified below:
• Asset tracking
• Vendor details.
• Maintenance and repair information.
• Purchasing and contracts information.
• System location, and user or owner contact information.
It should be designed on standards based Web architecture to leverage the most cost effective technologies.
It should provide a centralized, graphical user interface (GUI) or Custom defined workflow that provides the
ease of operation while defining & creating workflow.
The asset management solution must support automated asset life-cycle management. It must provide
management of assets from requisitioning, through delivery, installation and configuration, servicing and
maintenance over the life of the asset, to finally decommissioning and returning or disposing of the asset.
Asset Management solution should combine maintenance, procurement and contract management for IT
assets into one easy-to-use Web interface.
It should provide means to automatically track and efficiently manage the complete life cycle of assets. This
asset lifecycle functionality should permit the tracking and management of IT assets through initial request,
approval, procurement, contract, receipt, deployment, asset installations, moves, additions, changes and
removals.
Asset management solution should follow standards-based approach and should provide the capability to
integrate with key financial and HR systems (ERP), as well as automated asset discovery applications from
other vendors.
It should facilitate IT operations staff to use Asset Management to proactively plan IT needs. The software
should help plan, review and report on work, resources and costs associated with implementing IT
infrastructure changes.
Asset Management should help to maintain and document internal, contractual and regulatory compliance
issues for hardware leases.
It should provide end-to-end IT asset management solution that should be available from Web interface and
helps to enhance service levels and response times.
Asset management solution must manage assets from purchase to salvage i.e. from the beginning to the end
of an asset‘s life cycle. It should provide the facility to track assets at a temporary location or even in transit
between locations.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 26 of 41
Asset management solution should be such that it can be used to create and store asset numbers and
corresponding information and maintenance costs for each asset.
Solution should track requests for purchases of materials and services.
Solution should allow creating different types of contracts.
Asset management solution should provide capability to manage spare parts inventory which is an important
part of maintaining any asset. The Inventory module should tracks materials needed for maintenance. It
should keep track of items in stock, indicates when stock falls below user-defined reorder points and create
alerts.
Asset management solution should provide capabilities to manage preventive maintenance (PM) work that
needs to be done on regular schedule in order to keep assets running efficiently. The applications in the
Preventive Maintenance module should help to plan and budget for regular maintenance work.
It should provide software license management so as to track your software license entitlements and
compare those entitlements to deployed inventory.
It should provide the facility of reconciliation to match deployed hardware and software.
IT Asset Discovery Tool to gather data about deployed assets. It should provide discovery tool to scan
computers, network devices, and network printers deployed in an enterprise and record the information about
the hardware and software it finds on those assets.
IT Asset Reporting: It should provide a powerful reporting engine that enables administrators to schedule
large batch reports, which can be automatically e-mailed to multiple recipients and should support multiple
formats.
The built-in reports engine provides the ability to build audit reconciliation reports for vendors, contracts,
and license types. This will, in turn, provide visibility to our software costs and spending efficiency.
Reporting tool should be part of the offering under same licenses without any additional cost.
It should support spread-sheet functionality which can be used to create and generate on-the-fly reports and
queries that may be exported to multiple formats.
1.3)Anti Virus Solution Specifications Must offer comprehensive client/server security by protecting enterprise networks from viruses, Trojans, worms,
hackers, and network viruses, plus spyware and mixed threat attacks.
Must be able to reduce the risk of virus/malware entering the network by blocking files with real-time compressed
executable files. Must include capabilities for detecting and removing rootkits Must provide Real-time spyware/grayware scanning for file system to prevent or stop spyware execution
Must have capabilities to restore spyware/grayware if the spyware/grayware is deemed safe Must have Assessment mode to allow first to evaluate whether spyware/grayware is legitimate and then take action
based on the evaluation Must clean computers of file-based and network viruses plus virus and worm remnants (Trojans, registry entries, viral
files)—through a fully-automated process
To address the threats and nuisances posed by Trojans, the solution should be able to do the following:
Terminating all known virus processes and threads in memory
Repairing the registry
Deleting any drop files created by viruses
Removing any Microsoft Windows services created by viruses
Restoring all files damaged by viruses
Includes Cleanup for Spyware, Adware etc Must be capable of cleaning viruses/malware even without the availability of virus cleanup components. Using a
detected file as basis, it should be able to determine if the detected file has a corresponding process/service in memory
and a registry entry, and then remove them altogether
Must provide Outbreak Prevention to limit/deny access to specific shared folders, block ports, and deny
write access to specified files and folders on selected clients in case there is an outbreak
Must have behaviour monitoring to restrict system behaviour, keeping security-related processes always up
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 27 of 41
and running
Enable Certified Safe Software Service to reduce the likelihood of false positive detections
Must provide Real-time lock down of client configuration – allow or prevent users from changing settings or
unloading/uninstalling the software.
Users with the scheduled scan privileges can postpone, skip, and stop Scheduled Scan.
CPU usage performance control during scanning: Checks the CPU usage level configured on the Web
console and the actual CPU consumption on the computer. Adjusts the scanning speed if:
The CPU usage level is Medium or Low; Actual CPU consumption exceeds a certain threshold.
Should have a manual outbreak prevention feature that allows administrators to configure port blocking,
block shared folder, and deny writes to files and folders manually.
Should have Integrated spyware protection and cleanup.
Should have the capability to assign a client the privilege to act as a update agent for rest of the agents in the
network.
Shall be able to perform different scan Actions based on the virus type (Trojan/ Worm, Joke, Hoax, Virus,
other).
Safeguards endpoint mail boxes by scanning incoming POP3 email and Outlook folders for Threats.
Shall be able to scan only those file types which are potential virus carriers (based on true file type).
Should be able to detect files packed using real-time compression algorithms as executable files.
Shall be able to scan Object Linking and Embedding (OLE) File.
Must have the cloud based protection and support for Online and Offline mode client protection.
Must provide real-time protection by referencing online database with millions of rated Web domains.
Must provide File reputation service.
Must be able to check the reputation of the files hosted in the internet.
Must be able to check the reputation of the files in webmail attachments.
Must protect clients and servers on the network using stateful inspection, high performance network virus
scanning, and elimination.
Must provide the flexibility to create firewall rules to filter connections by IP address, port number, or
protocol, and then apply the rules to different groups of users
Must have smart feedback to enable feedback from the client agents to the threat research centre of the
vendor. This will enable it to deliver automatic, real-time protection against the latest threats and provides
"better together" security.
Uses any alternate method other than the conventional pattern based scanning with the following features:
Provides fast, real-time security status lookup capabilities in the cloud
Reduces the overall time it takes to deliver protection against emerging threats
Reduces network bandwidth consumed during pattern updates. The bulk of pattern definition updates
only need to be delivered to the cloud or some kind of repository and not to many endpoints
Lowers kernel memory consumption on endpoints. Consumption increases minimally over time.
Should have granular device control with the following control actions:
Read only
Read and write
Read, write and execute
disable
Should be able to deploy the Client software using the following mechanisms:
Client Packager (Executable & Microsoft Installer (MSI) Package Format)
Web install page
Login Script Setup
Remote installation
From a client disk image
Must provide a secure Web-based management console to give administrators transparent access to all
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 28 of 41
clients and servers on the network.
The management server should be able to download updates from different sources if required, which could
be the vendor's update server, any other server or a UNC path.
If the update from the Management server fails, the security clients with the privilege should be able to get
updated directly from the vendor's server
Must reduce network traffic generated when downloading the latest pattern by downloading only
incremental patterns
Must have the flexibility to roll back the Virus Pattern and Virus Scan Engine if required via the web console
Should have role based administration with active directory integration
To create custom role type
To add uses to a predefined role or to a custom role
Should have integration with the Active directory
Shall support grouping of clients into domains for easier administration
Establish separate configuration for internally versus externally located machines ( Policy action based on
location awareness )
Shall offer centrally managed Client Firewall and IDS
Must be capable of uninstalling and replacing existing client antivirus software (Provide the detailed list)
Must support plug-in (without the need to add new infrastructure) modules designed to add new security
features without having to redeploy the entire solution, thereby reducing effort and time needed to deploy
new security capabilities to clients and servers across the network. E.g. Data Loss Prevention, Mobile
Security, Intrusion Defence Firewall, Security for MAC etc.
All features (antivirus, anti-spyware, Intrusion Defence Firewall, damage cleanup Service and Data Loss
Prevention) are installed at the same time via client deployment methods and managed centrally via the web-
based management console.
Windows XP/2003 32-bit Edition
Windows XP/2003 64-bit Edition
Windows Vista (32-bit & 64-bit)
Microsoft Windows Storage Server 2003
Windows 7, 32-bit version & 64-bit version
Microsoft Cluster Server 2003
Windows Server 2008 and Windows Server 2008 R2, 64-bit version
Client /management console installation on guest Windows 2000/2003/2008 operating systems hosted on the
following virtualization applications:
VMware ESX/ESXi Server 3.5 or 4 (Server Edition)
VMware Server 1.0.3 or later (Server Edition)
VMware Workstation and Workstation ACE Edition 6.0
Should support Intel x64 processor & AMD x64 processor.
Should support wireless /mobile devices such as BB, Android,Windows, Symbian, and Apple at no extra
cost.
Virtual Desktop Support: Solution should support Virtual Desktop for the following platforms:
VMware vCenter™ 3.5 and 4 (VMware View™ 4)
Citrix™ XenServer™5.5 and 5.6 (Citrix XenDesktop™ 4)
Must be able to send notifications whenever it detects a security risk on any client or during a security risk
outbreak, via E-mail, Pager, SNMP trap or Windows NT Event log
Should have a feature similar to Firewall Outbreak Monitor which sends a customized alert message to
specified recipients when log counts from IDS, personal firewall, and/or network virus logs exceed certain
thresholds, signalling a possible attack.
Must be able to send a customized notification message to specified recipients when firewall violations
exceed certain thresholds, which may signal an attack.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 29 of 41
Shall offer customizable & standard notifications via - SMTP, SNMP, Pager, and NT Event Log.
Solution should have the ability to immediately protect data by enabling Data Loss Prevention option in the
same antivirus Server and Client using the administration console, directory, and user groups.
Should Monitor, report, or block all network channels such as email clients, FTP, HTTPand HTTPS, instant
messaging, SMB and webmail in terms of Data Loss.
Should have pre-defined templates for common compliance requirements such as HIPAA, PCI-DSS, US PII,
SB-1386, GLBA
Solution should have the capability to generate alert in case of following events:
Virus outbreak alert
Special virus alert
Virus found - first and second actions unsuccessful
Virus found - first action successful
Virus found - second action successful
Network virus alert
Suspicious vulnerability attack detected
Solution should have the capability to manage following:
Outbreak Prevention Mode started
Outbreak Prevention Mode stopped
Outbreak Prevention Policy update unsuccessful
Outbreak Prevention Policy update successful
2.) Services
2.1)OEM support –Anti Virus Solution Services
Support UIIC and System Integrator chosen by UIIC for implementation, maintenance, management and bug fixes of
products from OEM. (Supported by letter from OEM specifying level of support for this engagement).
Support for resolution of product incidents and an unlimited virus incidents resolution should be available during the
service subscription period of 1 year. Give number of product incidents and virus incidents
Personalized Account Management
Orientation & Planning for upgrades etc (Can be done over conference call)
Schedule Status Meetings
Annual Escalation Management Review
Monthly Incidents Status Reports
Assigned Technical Account Manager.
Dedicated TAM Access during business hours
Packaged Services
Support SI in Outbreak Prevention Services(OPS)
Resource Based Services
Planning and Preventive Services [Threat Health Check]
Design & Deployment Services (Can be done over conference call)
Implementation & Status Review [Product Health Check]
Quarterly Supportability & Service Migration Reviews
Product Upgrade Availability (Can be sent on mail)
Priority Virus Case Handling
Personal Virus Outbreak Alert & Notification
Responsive Services
Emergency Onsite Virus Handling Services during office hours
Access to vendor Support Centre online
Direct Access to Support Representatives
Incident Based Support
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 30 of 41
Phone Based Support [24x7]
Online Support
Priority Email Handling
24x7 online case submission
Real-Time Problem Tracking
Private Download Servers
Secure Upload Servers
Active Support Tools
Premium Knowledge Base
Electronic Support Newsletter
3.) Hardware
Item Min. Required Specifications Distribution Point 1 Processor: 3GHz Hex Core and above; RAM: 16 GB Min; HDD: 600GB SATA2 @ 7200 RPM
HDD (This is usable space required)OS: Windows Server 2012 Std.2
Distribution Point 2 Processor: 2.3GHz i3 and above; RAM: 8GB, HDD: 320GB, OS: Win 7 with Latest Service
Pack
4.)Optional
4.1) Endpoint Encryption (Should be from same Anti Virus OEM)
Specifications Encryption Algorithms: AES 256 bit. Solution must have centralized control and can be integrated with the Directory Services for authentication. Solution should have feature to push forceful User Lockout through Console. Should allow setting for limit of logon attempts and invoke lockout for failed logon attempts after exceeding the limit
(for administrators).
Solution should be able to audit these types of events and provide alerts / notifications.
Solution should be able to encrypt local disk.
Solution should provide encryption and access control for other storage media such as USB memory keys,
removable external hard drives etc.
Data encrypted should be done in real time and also be protected from controlled power down or abrupt loss of
power.
Solution should provide single sign on capability.
Solution should able to synchronize passwords with domains.
Solution should allow for the recovery of password for a remote user who has forgotten it. There should not be
any network dependencies in this situation.
A user leaves the organization and returns the machine for redeployment within the organization. Necessary
steps should be provided by the solution to enable the machine for subsequent use.
In case of protected machine is stolen. Product should provide options to aid in machine recovery, or
neutralizing the asset.
Solution should not have any limitation on configuring maximum number of administrators, or concurrent
administrators.
Solution should allow logging all the activities of administrators.
Solution should log encryption activity and state
Should support Windows XP Professional, Windows Vista 32 or 64 bit, Windows 7 32 or 64 bit,
Solution should allow to reset the password of a user remotely who is waiting at the Pre-Boot authentication
screen.
Solution should perform hardware compatibility check prior to endpoint encryption software activation.
Encryption policies can be updated post client installation with Central Server.
There should be mandatory Pre Boot logon environment for encrypted endpoints.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 31 of 41
Solution should be FIPS 140-2 compliant.
4.2) Host Data Loss Prevention(Should from same Anti Virus OEM)
Specifications The solution should Detect keywords/patterns. The solution should detect and validate a wide range of sensitive data types. The solution should be capable of defining DLP Policy based on content, file characteristics. Solution should have out of the box Rule Sets that can be enabled or disabled as required.
Events generated by the solution should be able to retain source IP address, destination IP address, protocol & port. Solution should be able to maintainlogs based on policy violation. Solution should be able to display and highlight a summary content that violated the policy for any incident.
Reports built around stakeholder requirements should be easily created in the solution. Solution should be manageable from a single management console. Host DLP solution should be able to integrate with SIEM solution. The agent should Monitor content traversing across the endpoint by I/O channel LPT, email, webmail, USB,etc.)
It should identify content based on content/document type.
It should identify mass storage device by vendor specific identification numbers.
It should identify content using regular expressions, key words, and pattern matching.
It should monitor& block transactions without notifying the end user.
It should notify the end user of a policy violation using a customizable pop-up message.
It should Block transactions across any of the egress methods mentioned above.
It should block open PGP/PGP encrypted content from leaving the endpoint.
The endpoint agent should log all violations and into the central database when a connection to the corporate
network is established.
It should log all transactions to the central database.
It should support deployment of agent using central management console or common software deployment
methods.
The agent should protect endpoint agent from unauthorized removal.
It should use Minimal system resources for enforcing DLP policies
ANNEXURE-3: UNPRICED BILL OF QUANTITY (BOQ)
1.) Software/Licenses
SN Software/Licenses Make 1.1 Directory Services 1.2 Client Management Solution 1.3 Anti Virus Solution 1.4 Others…
2.)Services
SN Services OEM Level/Type of support 2.1 OEM support -Anti Virus Solution(per year) 2.2 Others …
3.)Hardware
SN Hardware including OS(with 5 year
warranty) Make
1 Distribution Point 1
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 32 of 41
2 Distribution Point 1
4.)Optional
SN Software/Licenses Make 1 Endpoint Encryption 2 Host Data Loss Prevention
ANNEXURE-4: COMMERCIAL BID
For additional quantities, the payment would be made on per unit cost basis for all components as listed below.
1.) Software/Licenses
S# Software/Licenses Cost Price with
one year ATS
ATS charges
after completion
of first year
Cost Price
with 5 year
support
Quantity Total
A B C = A + (B * 4) D
1.1 Directory Services*
1.2 Client Management
Solution
1.3 Anti Virus Solution
1.4 Others
TOTAL
Services
S# Services Unit Price Quantity Total
A B C D=B*C
2.1 One time installation 2.2 Infrastructure as Service(per year) 2.3 FMS Charges(per year) 2.4 OEM support -Anti Virus Solution(per year) 2.5 *Additional one time installation per
Desktop/Laptop after the project sign off.
Total charges
Hardware
S# Hardware including OS(with 5
year warranty) Unit Price Quantity Total
1 Distribution Point 1 2 Distribution Point 2
Total
Optional
S# Item Unit Price Quantity Total 1 Windows 8 Professional
S# Software/Licenses Cost Price with
one year ATS ATS charges
after completion
of first year
Cost Price
with 5 year
support
Quantity Total
A B C D=B+(C*4) E F=E*D
2 Endpoint
Encryption
3 Host Data Loss
Prevention
Total-Optional
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 33 of 41
Summary
Ref Item Total Cost(Rs) 1.0 Software/Licenses 2.0 Services 3.0 Hardware 4.0 Optional
Grand Total
Note: 1) Company reserve the right to revise the quantities at the time of placing the order.
2) L1 will be identified on the Grand Total of the Commercial Bid summary. 3) The price should be as per Section I, Sr no 9.0
ANNEXURE-5: CURRENT INFRASTRUCTURE
i) Total Number of PCs
Year O/s Specification Quantity 2008-09 Win Vista 6500
2009-10 Win Vista 2000
2010-11 Win Vista 10
2010-11 Win 7 Pro 1899
2011-12 Win 7 Pro 394
2012-13 Win 8 Pro 2000
Total 12803
ii)Total Number of Laptops
Year O/s Specification Quantity 2008-09 Win Vista 2009-10 Win Vista 2010-11 Win Vista 2010-11 Win 7 Pro 2011-12 Win 7 Pro 2012-13 Win 8 Pro Total *Laptops are connected via internet and do not require DS and CMS licenses.
iii)Total Number of Locations with bandwidth available
Band Width No of Locations Avg No of PCs/Location 64 Kbps 1040 6 128 kb/s 50 6 2 Mb/s(ROs ,Training College,LargeCorporate Offices) 26 50 32Mb/s(Head Office) 1 500 TOTAL(1000+) Note: 1) Please refer annexure –for WAN Diagram
iv)Current Antivirus Solution Total Defense r 14 with a single update/Management server at Head Office.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 34 of 41
ANNEXURE-6 WAN DIAGRAM
ANNEXURE- 7 LISTS OF DISTRIBUTION POINT (DP) LOCATIONS
Distribution Point 1: Head Office, 24, Whites Road, Chennai.
Distribution Point 2: Regional offices list.
S# Regional office Location S# Regional office Location
1 Chennai 14 Vizag
2 Mumbai (2 Regions) 15 Pune
3 Kolkata 16 Coimbatore
4 Delhi (2 Regions) 17 Vadodara
5 Hyderabad 18 Bhopal
6 Ahmedabad 19 Ludhiana
7 Banglore 20 Patna
8 Lucknow 21 Nagpur
9 Madurai 22 Hubli
10 Kochi 23 Dehradun
11 Chandigarh 24 Bhubaneswar
12 Guwahatti 25 Raipur
13 Jaipur
MPLS CLOUD
Head Office
DR Site
Regional Office (26 No’s)
Operating Office (1000+)
32 Mb
20 Mb
2 Mb
64/128 kbps Mb
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 35 of 41
ANNEXURE- 8 CLASSIFICATIONS OF CITIES (MAJOR CITIES, CLASS A, CLASS B)
S# Type of City Cities / Location
1 Metro Ahmedabad , Chennai , Bangalore , Hyderabad , Calcutta, Mumbai and New Delhi
2 Class-A Agra Bhopal Coimbatore Faridabad Gandhinagar Gaziabad Goa Gurgaon Indore Jaipur Kanpur Kochi Nagpur Noida Patna Pune Secundrabad Surat Trivandrum UllasNagar Vadodara Varanasi Vashi Vizag
3 Class B Agartala Aizwal Aligarh Allahabad Amaravathi Amritsar Asansol Aurangabad Bareilly Belgaum Bhavnagar Bubaneshwar Bikaner Chandigarh Cuttak Dehradun Dhanbad Dharwad Durg-Bhilai Gangtok Gorakpur Guntur Guwahati Gwalior Hubli Imphal Itanagar Jabalpur Jalandar Jammu JamNagar Jamshedpur Jharia Jodhpur Kohima Kolapur Kota Mangalore Meerut Mohali Moradabad Mysore Nasik Panchkula Pondicherry Raipur Rajkot Ranchi Salem Shillong Solapur Sasnagar Simla Srinagar Tirupur Trichi Vijayawada Warangal
4 Class C / remote All other cities.
ANNEXURE-9:QUERIES FORMAT
S# Page No Clause Description Query / Clarification
1
2
ANNEXURE-10: DEVIATIONS FORMAT
Bidder Name:
S# Page # Clause Description in the
tender Deviation
Details Reasons for deviation
1
2
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 36 of 41
ANNEXURE -12: MANUFACTURER AUTHORIZATION FORM
No:
Date:
To:
Dear Sir,
Re: Your RFP Ref: HO: IT/DMS/02-13/55
We who are established and reputable manufacturers / producers of ____________________ having factories /
development facilities at (address of factory / facility) do hereby authorize M/s ___________________ (Name and
address of SI) to submit a Bid, and sign the contract with you against the above Bid Invitation.
We hereby extend our full warranty for the Solution, Products and services offered by the above firm against this Bid
Invitation. We also undertake to provide any or all of the following materials, notifications, and information pertaining to
the Products manufactured or distributed by the Supplier:
(a) Such Products as UNITED INDIA INSURANCE Co Ltd (UIIC) may opt to purchase from the Supplier, provided,
that this option shall not relieve the Supplier of any warranty obligations under the Contract; and
(b) In the event of termination of production of such Products:
i. advance notification to UIIC of the pending termination, in sufficient time to permit the UIIC to procure needed
requirements; and
ii. Following such termination, furnishing at no cost to UIIC, the blueprints, design documents, operations manuals,
standards and specifications of the Products, if requested.
We duly authorize the said firm to act on our behalf in fulfilling all installations, Technical support and maintenance
obligations required by the contract.
Yours faithfully,
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 37 of 41
ANNEXURE -13
AGREEMENT DRAFT (Should be on Rs.100/-stamp paper)
This agreement made on this ________ day of ________ between __________ hereinafter called the
"BIDDER" and THE UNITED INDIA INSURANCECO. LTD., hereinafter called "THE COMPANY"
sets forth the terms and conditions for the procurement,installation and maintenance of DMS solution at
all UIIC locations.
ANNEXURE -14NDA FORMAT
This confidentiality and non-disclosure agreement is made on the....................day of...................., 20.....
BETWEEN (Bidder), (hereinafter to be referred to as ―-------‖) which expression shall unless repugnant to the
subject or the context mean and included its successors, nominees or assigns a company incorporated under the
Companies Act, 1956 and having its principal office at ....................(address) AND THE UNITED INDIA
INSURANCECOMPANY LIMITED (hereinafter to be called ―UIICL‖) which expression shall unless
repugnant to the subject or the context mean and included its successors, nominees or assigns having its
Registered Office at ……….(address) on the following terms and conditions:
WHEREAS, in the course of the business relationship between the aforesaid parties, both the parties
acknowledge that either party they may have access to or have disclosed any information, which is of a
confidential nature, through any mode and recognize that there is a need to disclose to one another such
confidential information, of each party to be used only for the Business Purpose and to protect such
confidential information from unauthorized use and disclosure;
NOW THEREFORE, in consideration of the mutual promises contained herein, the adequacy and sufficiency
of which consideration is hereby acknowledged and agreed, the parties hereby agree as follows:—
This Agreement shall apply to all confidential and proprietary information disclosed by one party to the other
party, including information included in the caption ‗Definitions‘ of this Agreement and other information
which the disclosing party identifies in writing or otherwise as confidential before or within thirty days after
disclosure to the receiving party (―Confidential Information‖). Information may be in any form or medium,
tangible or intangible, and may be communicated/disclosed in writing, orally, electronically or through visual
observation or by any other means to one party (the receiving party) by the other party ( the disclosing party).
1. DEFINITIONS (a) CONFIDENTIAL INFORMATION means all the information of the Disclosing Party which is disclosed to
the Receiving party pursuant to the business arrangement whether oral or written or through visual observation
or in electronic mode and shall include but is not limited to trade secrets, know-how, inventions, techniques,
processes, plans, algorithms, software programs, source code, semiconductor designs, schematic designs,
business methods, customer lists, contacts, financial information, sales and marketing plans techniques,
schematics, designs, contracts, financial information, sales and marketing plans, business plans, clients, client
data, business affairs, operations, strategies, inventions, methodologies, technologies, employees,
subcontractors, the contents of any and all agreements, subscription lists, customer lists, photo files,
advertising materials, contract quotations, charity contracts, documents, passwords, codes, computer programs,
tapes, books, records, files and tax returns, data, statistics, facts, figures, numbers, records, professionals
employed, correspondence carried out with and received from professionals such as Advocates, Solicitors,
Barristers, Attorneys, Chartered Accountants, Company Secretaries, Doctors, Auditors, Surveyors, Loss
Assessors, Investigators, Forensic experts, Scientists, Opinions, Reports, all matters coming within the purview
of Privileged Communications as contemplated under Indian Evidence Act, 1872, legal notices sent and
received, Claim files, Insurance policies, their rates, advantages, terms, conditions, exclusions, charges,
correspondence from and with clients/ customers or their representatives,, Proposal Forms, Claim-forms,
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 38 of 41
Complaints, Suits, testimonies, matters related to any enquiry, claim-notes, defences taken before a Court of
Law, Judicial Fora, Quasi-judicial bodies, or any Authority, Commission, pricing, service proposals, methods
of operations, procedures, products and/ or services and business information of the Disclosing Party. The
above definition of Confidential Information applies to both parties equally; however in addition, without
limitation, where the Disclosing Party is the UIICCL, no information that is exempted from disclosure under
section 8 or any other provision of Right to Information Act, 2005 shall at any time be disclosed by the
Receiving Party to any third party.
(b) MATERIALS means including without limitation, documents, drawings, models, apparatus, sketches,
designs and lists furnished to the Receiving Party by the Disclosing Party and any tangible embodiments of the
Disclosing Party‘s Confidential Information created by the Receiving Party.
2. COVENANT NOT TO DISCLOSE The Receiving Party will use the Disclosing Party‘s Confidential Information solely to fulfil its obligations as
part of and in furtherance of the actual or potential business relationship with the Disclosing Party. The
Receiving Party shall not use the Confidential Information in any way that is directly or indirectly detrimental
to the Disclosing Party or its subsidiaries or affiliates, and shall not disclose the Confidential Information to
any unauthorized third party. The Receiving Party shall not disclose any Confidential Information to any
person except to its employees, authorized agents, consultants and contractors on a need to know basis, who
have prior to the disclosure of or access to any such Confidential Information agreed in writing to receive it
under terms at least as restrictive as those specified in this Agreement.
In this regard, the agreement entered into between the Receiving Party and any such person/s shall be
forwarded to the Disclosing Party promptly thereafter. Prior to disclosing any Confidential Information to such
person/s, the Receiving Party shall inform them of the confidential nature of the information and their
obligation to refrain from disclosure of the Confidential Information. The Receiving party shall use at least the
same degree of care in safeguarding the Confidential Information as it uses or would use in safeguarding its
own Confidential Information, and shall take all steps necessary to protect the Confidential Information from
any unauthorized or inadvertent use. In no event shall the Receiving Party take all reasonable measures that are
lesser than the measures it uses for its own information of similar type. The Receiving Party and its
Representatives will immediately notify the Disclosing Party of any use or disclosure of the Confidential
Information that is not authorized by this Agreement. In particular, the Receiving Party will immediately give
notice in writing to the Disclosing Party of any unauthorized use or disclosure of the Confidential Information
and agrees to assist the Disclosing Party in remedying such unauthorized use or disclosure of the Confidential
Information.
The Receiving Party and its Representatives shall not disclose to any person including, without limitation any
corporation, sovereign, partnership, company, Association of Persons, entity or individual
i. the fact that any investigations , discussions or negotiations are taking place concerning the actual or
potential business relationship between the parties,
ii. that it has requested or received Confidential Information, or
iii. any of the terms, conditions or any other fact about the actual or potential business relationship.
iv. This confidentiality obligation shall not apply only to the extent that the Receiving Party can
demonstrate that:
v. the Confidential Information of the Disclosing Party is, or properly became, at the time of disclosure,
part of the public domain, by publication or otherwise, except by breach of the provisions of this
Agreement; or
vi. was rightfully acquired by the Receiving Party or its Representatives prior to disclosure by the
Disclosing Party;
vii. was independently developed by Receiving Party or its Representatives without reference to the
Confidential Information; or
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 39 of 41
viii. the Confidential Information of the Disclosing Party is required to be disclosed by a Government
agency, is the subject of a subpoena or other legal or demand for disclosure; provided, however, that the
receiving party has given the disclosing party prompt written notice of such demand for disclosure and
the receiving party reasonably cooperates with the disclosing party's efforts to secure an appropriate
protective order prior to such disclosure.
ix. is disclosed with the prior consent of or was duly authorized in writing by the disclosing party.
3. RETURN OF THE MATERIALS Upon the disclosing party's request, the receiving party shall either return to the disclosing party all
Information or shall certify to the disclosing party that all media containing Information have been destroyed.
Provided, however, that an archival copy of the Information may be retained in the files of the receiving party's
counsel, solely for the purpose of proving the contents of the Information.
4. OWNERSHIP OF CONFIDENTIAL INFORMATION The Disclosing Party shall be deemed the owner of all Confidential Information disclosed by it or its agents to
the Receiving Party hereunder, including without limitation all patents, copyright, trademark, service mark,
trade secret and other proprietary rights and interests therein, and Receiving Party acknowledges and agrees
that nothing contained in this Agreement shall be construed as granting any rights to the Receiving Party, by
license or otherwise in or to any Confidential Information. Confidential Information is provided ―as is‖ with all
faults.
By disclosing Information or executing this Agreement, the disclosing party does not grant any license,
explicitly or implicitly, under any trademark, patent, copyright, mask work protection right, trade secret or any
other intellectual property right.
In no event shall the Disclosing Party be liable for the accuracy or completeness of the Confidential
Information. THE DISCLOSING PARTY DISCLAIMS ALL WARRANTIES REGARDING THE
INFORMATION, INCLUDING ALL WARRANTIES WITH RESPECT TO INFRINGEMENT OF
INTELLECTUAL PROPERTY RIGHTS AND ALL WARRANTIES AS TO THE ACCURACY OR UTILITY
OF SUCH INFORMATION. Execution of this Agreement and the disclosure of Information pursuant to this
Agreement do not constitute or imply any commitment, promise, or inducement by either party to make any
purchase or sale, or to enter into any additional agreement of any kind.
5. REMEDIES FOR BREACH OF CONFIDENTIALITY The Receiving Party agrees and acknowledges that Confidential Information is owned solely by the disclosing
party (or its licensors) and that any unauthorized disclosure of any Confidential Information prohibited herein
or any breach of the provisions herein may result in an irreparable harm and significant injury and damage to
the Disclosing Party which may be difficult to ascertain and not be adequately compensable in terms of
monetary damages. The Disclosing Party will have no adequate remedy at law thereof, and that the Disclosing
Party may, in addition to all other remedies available to it at law or in equity, be entitled to obtain timely
preliminary, temporary or permanent mandatory or restraining injunctions, orders or decrees as may be
necessary to protect the Disclosing Party against, or on account of, any breach by the Receiving Party of the
provisions contained herein, and the Receiving Party agrees to reimburse the reasonable legal fees and other
costs incurred by Disclosing Party in enforcing the provisions of this Agreement apart from paying damages
with interest at the market rate prevalent on the date of breach to the Disclosing Party.
The Receiving Party agrees and acknowledges that any disclosure, misappropriation, conversion or dishonest
use of the said Confidential Information shall, in addition to the remedies mentioned above, make the
Receiving Party criminally liable for Breach of Trust under section 405 of the Indian Penal Code.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 40 of 41
6. TERM This Agreement shall be effective on the first date written above and shall continue in full force and effect at all
times thereafter. This Agreement shall however apply to Confidential Information disclosed by the Disclosing
Party to the Receiving Party prior to, as well as after the effective date hereof. The Receiving Party
acknowledges and agrees that the termination of any agreement and relationship with the Disclosing Party
shall not in any way affect the obligations of the Receiving Party in not disclosing of Confidential Information
of the Disclosing Party set forth herein. The obligation of non-disclosure of Confidential Information shall bind
parties, and also their successors, nominees and assignees, perpetually.
7. GOVERNING LAW & JURISDICTION This Agreement shall be governed by and construed with solely in accordance with the laws of India in every
particular, including formation and interpretation without regard to its conflicts of law provisions. Any
proceedings arising out of or in connection with this Agreement shall be brought only before the Courts of
competent jurisdiction in Mumbai.
8. ENTIRE AGREEMENT This Agreement sets forth the entire agreement and understanding between the parties as to the subject-matter
of this Agreement and supersedes all prior or simultaneous representations, discussions, and negotiations
whether oral or written or electronic. This Agreement may be amended or supplemented only by a writing that
is signed by duly authorized representatives of both parties.
9. WAIVER No term or provision hereof will be considered waived by either party and no breach excused by the Disclosing
Party, unless such waiver or consent is in writing signed by or on behalf of duly Constituted Attorney of the
Disclosing Party. No consent or waiver whether express or implied of a breach by the Disclosing Party will
constitute consent to the waiver of or excuse of any other or different or subsequent breach by the Receiving
Party.
10. SEVERABILITY If any provision of this Agreement is found invalid or unenforceable, that part will be amended to achieve as
nearly as possible the same economic or legal effect as the original provision and the remainder of this
Agreement will remain in full force.
11. NOTICES Any notice provided for or permitted under this Agreement will be treated as having been given when (a)
delivered personally, or (b) sent by confirmed telecopy, or (c) sent by commercial overnight courier with
written verification of receipt, or (d) mailed postage prepaid by certified or registered mail, return receipt
requested, or (e) by electronic mail, to the party to be notified, at the address set forth below or at such other
place of which the other party has been notified in accordance with the provisions of this clause. Such notice
will be treated as having been received upon actual receipt or five days after posting. Provided always that
notices to the UIICCL shall be served on the Information Technology Department of the Company‘s Head
Office at Mumbai and a CC thereof be earmarked to the concerned Branch, Divisional or Regional Office as
the case may be by RPAD & email.
UIIC: RFP –DMS: HO: IT: 55/12-13
Page 41 of 41
IN WITNESS WHEREOF, the parties hereto have executed this Agreement asof the day and the year first
above written.
a) SIGNED SEALED & DELIVERED BY THE b) SIGNED SEALED & DELIVERED BY THE WITHIN
NAMED INSURANCE COMPANYWITHIN NAMED (BIDDER)
Deputy General Manager
------------------------------------------------------------
In the presence of
Witness: 1 ---------------------------------
Witness: 2 ---------------------------------
In the presence of
Witness: 1 ---------------------------------
Witness: 2 ---------------------------------