TENDER NO: 1213 Due Date 22/06/2012
NAME OF JOB: INSTALATION OF UNIFIED THREAT MANAGEMENT DEVICES
Page 1 of 5
TECHNICAL PART (ENVELOPE - A)
Pre-Qualification Criteria for Installation of Unified Threat Management Device:
The Eligible bidder should satisfy the below mentioned criteria and should submit valid
documentary evidence for the below mentioned points:
1. The bidder should be a company registered under the Companies Act, 1956 and submit the
a. Copy of Certificate of Incorporation
b. Copy of Memorandum & Articles of Association
2. The bidder should have registered an average turnover of Rs. 50 Lakh or above, during last
three completed audited financial years and submit the following:
a. Self certified copies of the audited balance sheet and profit & loss statement for the
last 3 completed financial years
b. Copy of Service Tax Registration Certificate
c. Copy of PAN Card
d. Copy of VAT Certificate
3. The bidder should have executed (during last 5 years) at least 5 such projects for
implementation of UTM devise.
4. Bidder should have experience of implementing group wise bandwidth management for the
users of an Active Directory though the UTM.
5. Bidder has to submit their clientele.
6. Bidder should be authorized partner / service provider of the UTM manufactures
7. The bidder must have single fully functional contact support centre with 24 X 7 support.
8. Bidder must ensure Single point of contact for troubleshooting or a helpdesk team will
function as a single point of contact for all sorts of problem for this system.
9. Bidder have to assist Institution with proper support, if required, in case there is change in
Guidelines on Bid submission:
1. The language of the documentation & details in the Bids must be in English.
2. All bids to be submitted in single stage two envelope in separate covers .
i) Technical Bid :- Envelope A should be superscribed Tender No and Name of Job
and word “TECHNICAL BID” along with earnest money in envelope A
ii) Financial Bid :- Envelope should be superscribed Tender No and Name of Job
and word “FINANCIAL BID” containing rate coated by the party duly signed by
3. These two bids to be placed in separately large envelope superscribed with Tender No and
Name of Job
4. Earnest Money Deposit: Rs 10,000/- (Rs Ten thousand) only by way of demand draft in
favour of The Institution of Engineers (India) payable at Kolkata, to submitted along with
Technical Bid in envelope A. Envelope A not containing earnest money shall be rejected anf
Financial Bid ahall not be considered further.
5. Security Deposit: 10% of the total bill value (adjusting from the Earnest Money Deposit)
shall be retained as security deposit during performance warranty period which is one year.
However, same shall be seleased after expiry of warranty period if no outstanding complain is
Page 2 of 5
on record on performance of the system. Penalty against non-performance shall be realized
from the security deposit.
6. Completed tenders should be submitted to the Receiving Cell of IEI by 16.00 hrs. on or before
22.06.2012. For further details, please contact Executive (Stores & Purchase)
(Phone no. – 033-40106239).
Technical Compliance for UTM (Unified Threat Management):
Appliance based, should be ICSA certified for Firewall & VPN,Antivirus, IPS. Should
1 have 4 x10/100/1000 & 8 x 10/100 Copper ports, console and USB intefaces. UTM
should have the capability to terminate the optical fibre link
The firewall should have 4 Gbps Firewall throughput with the support of atleast
2 4.5L concurrent sessions and atleast 12000 new sessions per second & 2 Gbps of
More than 2 number of WAN/ISP support :should support automatic ISP failover as
3 well as ISP load sharing for outbound traffic. Should have separate interfaces for
terminating the ISP ethernet connectivity.
The Firewall must be capable of clustering multiple firewalls configuration without
4 any extra license cost.
Integrated purpose built in Firewall and VPN: This feature should be easy to
configure and use. Should have a support inbuilt for IPSEC VPNs, should support
5 DES, 3 DES and AES (128,192, 256) and should be hardware accelerated
encryption.. The VPN should be certified by renouned international organization.
Gateway level Antivirus/Antispam solution in the product should support scanning
6 of HTTP, FTP, SMTP, POP3 etc. The same can be certified by ICSA. Incase of any
virus outbreak, the AV signature should be automatically updated on the product.
More than 2000 IPS Signatures should be available on the appliance. The same
7 should be automatically updated. Custom signatures should be made available
incase of any requirement.
URL filtering and data leak prevention (DLP) feature on the product should assist in
controling user internet access based on URL categories and type. Provision to block
8 instant messagers, anonymous proxies, applications like Skype, Ultrasurf etc which
work on stanard ports should be possible. User data upload and download using
HTTP, FTP, IM should be blocked depending on requirement.
Extensive Logging, reporting for all the UTM functionalities offered should be
available. qurantining of blocked or infected files should be supported. A minimum
storage capability of 500GB or more (can be a built in solution or a separate
9 appliance based solution)should be provided with the product. There should not be
any device based license for adding more of these UTM products for logging,
reporting etc into it.
Page 3 of 5
10 The firewall admin account should be protected by strong two factor authentication.
11 Can work in a proxy mode, gateway mode & transparent mode.
Should have the option to upload the logs in a separate FTP server in plain text
13 Should have the option to upgrade the firmware without reboot the appliance.
There should be a modular option to use the redundant power supply (should
14 purchase separately)for future requirement.
Dynamic routing protocols like OSPF, BGP, RIP1 & 2 should be support. Traffic
15 shaping should also be part of the solution. It should be possible to allocate
bandwidth and priortize traffic.
UTM should have the capability of group wise bandwidth management for the users
16 of an Active Directory
17 UTM should be RACK mountable
1 Year comprehensive onsite warranty with upgrade of all signature files and
17 patches with online support from the vendor should be available.
18 Administrator panel of UTM should be GUI based
Scope of Work for UTM (Unified Threat Management):
1. The vendor has to install the UTM in the premises of the Institution of Engineers (India), HQ
2. The vendor has to configure the firewall and other security features of UTM.
3. The vendor has to implement the group wise bandwidth management for the users of an
Active Directory though the UTM
4. The vendor has to configure the UTM for generating the reports.
5. The vendors has to ensure the updation of UTM in respect of all software related patches/
4. The vendor must provide single fully functional contact support centre with 24 X 7 support.
5. The vendor must ensure Single point of contact for troubleshooting or a helpdesk team will
function as a single point of contact for all sorts of problem for this system.
6. The vendor have to assist Institution with proper support, if required, in case there is change
in Internet connectivity.
7. Vendor has to mention the Escalation procedure and matrix for customer complaints
8. Any fault in the UTM will need to be resolved by the vendor within 4 hours of fault booking.
9. Incase of hardware failure the vendor has to provide a standby UTM device within 8 hours of
diagnosis of problem as hardware fault.
10. If the problem not resolved within the 4 hours then penalty will be charged @ Rs 2000/- per
day to the Vendor. The same penalty will be applicable if a stand by UTM device is not
provided in case of hardware failure.
11. Training to be provided by the vendors to the IEI personnel for performing day to day
operation of the device.
12. The vendor has to provide onsite support, when required.
13. The vendor has to ensure one year full support and warranty.
Commercial Terms and Conditions:
Payment within one month from the date of satisfactory completion of job.
Standard LD clause for delay in supply/completion of job 2% per week subject to max
Receipt of material is subject to inspection.
Page 4 of 5
FINANCIAL PART (ENVELOPE - B)
Sl No Description of Item /Work Rate
Unified Threat Management
1 (as per technical details and specification quoted in Envelope A)
Signature of Authorized Representative
Page 5 of 5