Queries Response by lpPDmn

VIEWS: 2 PAGES: 680

									Sl No   Page #    Point /
                 Section #




 1       19         2.3.9




 2       22      2.3.9.10.14




 3       26       2.3.16.1




 4       28         2.4.5




 5       32       3.1.1.11




 6       33        3.1.2.3
7    35   3.1.2.7.7.




8    36    3.1.3.4




9    36    3.1.3.9




10   40   3.1.4.13



11   40   3.1.4.16




12   43    3.1.5.1




13   44    3.2.2.




14   46    3.2.2.
15   47     3.2.5




16   48   3.2.5.1.3.5




17   51    3.2.5.5.




18   52     3.2.6




19   52     3.2.8




20   53     3.2.10
21   55      3.2.12.3




22   57       3.2.18




23   60       3.2.23




24   60       3.2.24




25   65       3.2.36



26   66       3.2.37



27   66      3.2.38.2


     13   1.5.4
28
     17   Project Scope


29



     19   2.3.5
30

     34   3.1.2.7.5
31
     47   3.2.5.1.1


32




33   17




34   21      2.3.9.10




35   22    2.3.9.10.18


36   22      2.3.10.1


37   26      2.3.15.1


38   28       2.4.5




39   47     3.2.5.1.3




40   88       6.2.2



41   89       6.2.5
42      20           2.3.9.3




43      20           2.3.9.4




44      20           2.3.9.6

                   Appendix 3
45   row no 21
                   Form B03
     row no 8 ,    Appendix 3
46
      9 , 12,13    Form B03



47      20          2.3.9.9.4




48      21          2.3.9.10

                   Appendix 3
49   row no 6
                   Form B03
                   Appendix 3
     row no 16     Form B03 ,
50
       to 23        DC -DR
                     sheet
       VSAT        Appendix 3
51
       sheet       Form B03

                  2.4.5 Roll Out
52      29
                       Plan

                  2.4.5 Roll Out
53      29
                       Plan

      Branch       Appendix 3
54
       sheet       Form B03

                Appendix 3
     Bandwidth
55              Form B01 ,
       sheet
               row no 11, 12
                Appendix 3
       NW ,
                Form B02 ,
56    Security
                row no 24 ,
     (DC- DR )
                    60
                  Appendix 3
       NW ,
                  Form B02 ,
57    Security
                  row no 24 ,
     (DC- DR )
                      60


                   6.13.15 ,
58    26 , 122
                   2.3.16.1


                  Appendix 3
       NW ,
                  Form B02 ,
59    Security
                  row no 24 ,
     (DC- DR )
                      60
       NW ,
                Appendix 3
      Security
60              Form B02 ,
     (Branches
                 row no 12
         )
       NW ,
                Appendix 3
      Security
61              Form B02 ,
     (Branches
               row no 8 - 12
         )
                Appendix 3
62    FM Cost Form B02 ,
                 row no 4 ,

     Availability Annexture 7
63    Measure Service Level
       ments      , Page no 6

     20          2.3.9.9.5
64


65   Annexure Service levels
66   07

67
     Annexure Service levels
68
     07
     Annexure KU        Band
     05       VSAT and Ext
              C         Band
              VSAT,
69
              Environmenta
              l
              specifications
              of ODU
     20       2.3.9.8.1,
              2.3.9.9.3
70


     20          2.3.9.10


71
     20   2.3.9.10


71




     90   6.2.10.5.12

72


     51   3.2.6
73

     51   3.2.5.6
74

           Annexure 5,
           Minimum IT
75
          infrastructure
          specifications

           Annexure 5,
           Minimum IT
76
          infrastructure
          specifications

           Annexure 5,
           Minimum IT
77
          infrastructure
          specifications

           Annexure 5,
           Minimum IT
78
          infrastructure
          specifications

           Annexure 5,
           Minimum IT
79
          infrastructure
          specifications

           Annexure 5,
           Minimum IT
80
          infrastructure
          specifications


           Annexure 5,
           Minimum IT
81
          infrastructure
          specifications


           Annexure 5,
           Minimum IT
82
          infrastructure
          specifications
            Annexure 5,
            Minimum IT
83
           infrastructure
           specifications


            Annexure 5,
            Minimum IT
84
           infrastructure
           specifications


            Annexure 5,
            Minimum IT
85
           infrastructure
           specifications


            Annexure 5,
            Minimum IT
86
           infrastructure
           specifications




87   120    6.13.14.5.2




88   120    6.13.14.5.7



89   121     6.13.14.6



90   57       3.2.20




91
92




93


94    91       6.3.5


95    91      6.3.3.2


96    91      6.3.3.1


97

98
99
           6.1.10




100




101

102




103          2.3.14.8




           Application
           Implementati
104        on


           Application
105        Implementati
           on
      14 Application
         Implementati
106
         on

      14 Application
         Implementati
         on
107



      15 Application
         Implementati
108
         on

      15
109        #VALUE!


      19 Service Level
110
         Credit
         CIF GL MIS

121




122            1


123            4

124            5


125            9




126           11




127           13



128           16
129   18




130   20
131   21
132   22



133   25



134   26



135   27




136   31




137   32


138   44


139   48



140   66


141   67

142   68


143   70

144   76
145           79



145           85


145           87


145           93

146           98

       1.17
 147


       1.19
 148

       1.46
 149

 150

       1.50
 151
       1.51
 152

       1.88
 153

       1.73
 154
 155
 156


 157


       1.1

 158

       1.5
 159

       1.25
 160
      1.34
161

      1.41
162
163   1.46


      1.48
164
      1.52
165
      1.68
166
      1.83
167


168


169
             1
170
171          2
172          4

             5
173
             9
174

             4
175

             3
176


177


178

      3.2
179

      3.3
180
      3.12

181
      3.21
182
183




184




185




186


187


188

189


190               1
      18   2.3.1.5




191
      28   2.4.4.1



192
      23   2.3.12.1
       23    2.3.12.1




 193
       28    2.4.4.1

 194
       26    2.3.17




195

       26    2.3.16.2


196

 197 113     6.13.8.18




 198
       121   6.13.15.1



 199

       7     3. Project
             Overview
             Clause 3.1




       81    6.1.4
             Interfaces
             clause -
             6.1.4.6
      21
                2.3.9.11 Bank
                Wide
                Corporate
                Network
                (“BWCN”)
200             2.3.9.11.9
      23        2.3.11
                Deployment
                of Network &
                Security
                Solution at
                Data Centre
                (“DC”) &
                Disaster
                Recover
                Centre
                (“DRC”)
197             2.3.11.4
      24        2.3.11
                Deployment
                of Network &
                Security
                Solution at
                Data Centre
                (“DC”) &
                Disaster
                Recover
                Centre
                (“DRC”)
198             2.3.11.2
    6.1.2 Gap
    Identificati
      on and
199 Resolutio 6.1.2.6
      Pg 79

200             6.1.2.7

201             6.1.2.8
      87        6.1.10 Audit Tools




202
    6.3         clause - 6.3.2
    Network
    Security,
203 pg 81
       82             clause -
 204                  6.3.3.3
       93             6.3.7.2
                      Access Level:
 205
       51             3.2.5.6
 215
                      3.1.1
 216             31
                      3.2.26


                 61

217

 218             53 3.2.9
 219        55          3.2.13



 220        56            3.2.15



 221        58            3.2.22

 222        60            3.2.25




 223             62       3.2.28
 224             98                6.7




                      Appendix 2
                      02 - Core
                      Banking
                      Technical,
 225                  Point 1.8
                      Appendix 2
                      02 – Core
                      Banking
                      Technical,Poi
 226                  nt 1.4
227 3.1.4.5       Escrow




228 6.3.6.1.3     92 of 130




229 92 of 130 6.3.6.1.3




230 92 of 130     6.3.6.1.3
    Appendix
    3 Form B
    02 -
    Technical
    Bid Bill of
    Material.xl
231 s             Worksheet- "Checklist"
    Appendix
    3 Form B
    02 -
    Technical
    Bid Bill of
    Material.xl
232 s             Worksheet- "Checklist"
    Appendix
    3 Form B
    02 -
    Technical     Worksheet -
    Bid Bill of   "NW &
    Material.xl   Security-
233 s             Branches"

234 Annexxure 2
  235               21 2.3.9.11.12


  236               24 2.3.13




   237              97
238    79                Data
                         Migration
                         6.1.3
                         6.1.3.1
239     Training  The Vendor
                  will         be
        5.4.1.1,  responsible to
        6.1.5.3 & train all users
        6.1.5.13 in           the
                  proposed
                  branches as
                  identified by
240     81        the Bank.
                  Interfaces
                  6.1.4.1
241     NA               Appendix 1-
                         HO Functions
                         Government
                         Securities

242     NA               Appendix 1-
243     3. Project
        Overview




                          Clause 3.1
                          page no - 7
 244    Nil              NA
 245    Appendix # 1: Financial Inclusion
 246          105          6.13.4.7
247


248
              2.3.11.5,
249   23,24
              2.3.12.4

250    89      6.2.5
                  Clarification point as stated in the tender document

                                                                                                  Request for Proposal - RFP
Bank intends to implement a VSAT and leased line based Wide Area Network (WAN). The
Vendor shall be responsible to design, size, install commission and maintain the WAN
based on the business volumes. The deployment of the network links should be in line with
the branch/office rollout plan. The Branches will directly be on leased line/F as the primary
connection based on the location feasibility report shared by BSNL and VSAT as the
secondary connection and wherever Leased line is not feasible, VSAT would be treated as
the only link
The SI is expected to have complete responsibility of the Network and will be responsible
for uptime and other related service levels as is in Annexure 09. The vendor will liaise with
BSNL for expediting LL connectivity in nonfeasible locations.



While bidding for providing facilities management services to the Bank the SI needs to
consider that all the solutions provided by the SI by way of this RFP should come with 3
(Three) year free Product warranty, onsite service/support warranty and all software
updates/upgrades. The SI should also provide AMC thereafter for a period of 2 years on
similar terms, which will be included under FM.
The Bank expects the SI to roll out the branches on CBS as mentioned in Annexure 02 of
this document. However the Bank reserves the exclusive right to change any of the
branches mentioned in Annexure 02 at any point in time. Further it is assumed that any
new branch opened by the Bank may be brought under CBS.


The Bank is not responsible for any assumptions or judgments made by the vendors for
arriving at any type of sizing or costing. The Bank at all times will benchmark the
performance of the Vendor to the RFP documents circulated to the vendors and the
expected service levels as mentioned in these documents. In the event of any deviations
from the requirements of these documents, the Vendor must make good the same at
no extra costs to the Bank in order to achieve the desired service levels as well as
meeting the requirements of these documents. The Bank shall not be responsible for
any assumptions made by the Vendor. The Bank’s interpretation will be final.
The prices quoted by the Vendor shall include all costs such as, taxes, levies, cess, excise
and custom duties, installation, insurance etc. that need to be incurred. The prices quoted
will also include transportation to respective sites, insurance till supervision, commissioning
and final acceptance by the Bank. Any delay in installation of the hardware for whatsoever
reason shouldnot entail in expiry of insurance and the same should be continued to be
extended up-to the date of installation and acceptance of the hardware and other
infrastructure by the Bank.

The price payable to the Vendor shall be inclusive of carrying out any modifications
changes / upgrades to the CBS or other software or equipment that is required to be made
in order to comply with any statutory or regulatory requirements or any industry-wide
changes arising during the subsistence of this agreement, and the Bank shall not pay any
additional cost for the same.

Though the equipment would be at the Bank premises, Vendor shall be responsible for the
installation, implementation and acceptance testing and the ownership would not have
The insurance (as more particularly dealt with in Clause 3.1.2.7.8.5) shall be for an amount
equal to 110% of the total value of equipments on "all risks" basis, including war risks and
theft and robbery clauses, valid for a period upto the delivery of the equipments in the Bank
shared addresses and would remain valid until the successful User acceptance testing,
supervision of commissioning and acceptance of the equipments by the Bank;



If the contract is awarded, the Vendor should furnish a Performance Guarantee to the
extent of 10% of the value of the contract within 10 days of the date of receipt of the
purchase contract. The performance guarantee can be renewed once every year on
reducing balance basis (equivalent to the value delivered and accepted) till the expiry or
termination of the contract. If the Performance guarantee is not submitted, the Bank
reserve the right to cancel the contract and forfeit the Bid Security. Until the Performance
Guarantee is given, the validity of Bid Security will continue. The Performance Guarantee
would be returned to the Vendor after the expiry or termination of the contract otherwise
then by breach thereof.
The Vendor must strictly adhere to the delivery dates or lead times identified in their
proposal. Failure to meet these delivery dates, unless it is due to reasons entirely
attributable to the Bank, may constitute a material breach of the Vendor’s performance. In
the event that the Bank are forced to cancel an awarded contract (relative to this RFP) due
to the Vendor’s inability to meet the established delivery dates, that Vendor will be
responsible for any re-procurement costs suffered by the Bank. The liability in such an
event would be limited to the equal amount actually spent by the Bank for procuring similar
deliverables and services including the tax and any additional shipment charges

Right to Alter Quantities – The Bank reserve the right to alter the requirements specified in
the tender. The Bank also reserves the right to delete one or more items from the list of
items specified in the tender. The Bank will inform all vendors about changes, if any.




The payment towards network equipment will be released only on production of the
manufacturer's certificate.
Vendors may form a consortium and bid for the RFP, as it is the Bank expectation to
implement the most appropriate hardware and software products and maintain policies and
procedures to serve the Bank. However, in this case the Bank will deal with only the Vendor
as a single point of contact who shall have the sole responsibility for the entire assignment
irrespective of the fact that it is only the part of the consortium. Each consortium shall name
the Vendor who shall have the single point responsibility for the consortium in their bid
responses.
The Vendor shall procure and provide a non-exclusive, non-transferable,
perpetual license to the Bank for all the software to be provided as a part of
this project. The Bank can use the software at any of their branches and
locations without restriction and use of software by service providers on
behalf of the Bank would be considered as use thereof by the Bank and the
software should be assignable / transferable to any successor entity of the
Bank.
The Centralised Banking Software would be procured by the Bank from the 3rd
party software vendor through a tri-partite agreement, to which the Vendor would be a party
also. This is because the Vendor is the Prime Vendor for purposes of all deliverables and
services under the master agreement, with the single-point responsibility for the same.
                                     Payment Terms




Balance 10% of the delivered hardware cost would be payable on completion of 12 months
from the date of delivery of the hardware, which may be released against a Bank guarantee
for an equivalent amount
Bandwidth Payment




Delivery, Implementation & Roll out
In the event of Vendor’s failure to deliver and / or implement all required components of a
fully functional system (pertaining to the scope of the project) within the stipulated time
schedule or by the date extended by the Bank, unless such failure is due to reasons
entirely attributable to the Bank, it will be a breach of contract.
Acceptance Testing




Assignment
In case of cancellation of order, any payments made by the Bank to the Vendor
would necessarily have to be returned to the Bank with interest @15% per annum,
further the Vendor would also be required to compensate the Bank for any direct
loss suffered by the Bank due to the cancellation of the contract and any additional
expenditure to be incurred by the Bank to appoint any other Vendor. This is after
repaying the original amount paid.
Inability of the Vendor to meet the timelines as specified would be treated as breach of
contract and would invoke the penalty clause. The proposed rate of penalty would be INR 1
Lakh per week of delay or non-compliance, with respect to delay in branch network or core
banking roll-out. These are exclusive events.




At any point in time during the contract period, for these locations, the system resource
utilization should not exceed 70% nor should the Hard Disk utilization exceed 70% at the
data centre. In case the above requirement is not met, the additional hardware would
have to be provided by the Vendor at no further cost to the Bank.

The Vendor shall take reasonable and suitable action, taking into account economic
circumstances, at mutually agreed increase / decrease in charges, and the Service Levels,
to provide the Services to the Bank at a technological level that will enable the Bank to take
advantage of technological advancement in the industry from time to time.

Addition/Deletion of Qualified Offerings
The Vendor shall agree that the price for incremental offering cannot exceed the original
proposed cost and the Bank reserve the right to re-negotiate the price. At the unit rates
provided for TCO calculations the Bank have the right to order as much as it wants at those
rates.
Termination

The Vendor agrees that after completion of the Term or upon earlier termination of the
assignment the Vendor shall, if required by the Bank, continue to provide maintenance
services to the Bank at no less favourable terms than those contained in this RFP. In case
the Bank wants to continue with the Vendor's services after the completion of this contract
then the Vendor shall offer the same or better terms to the Bank. Unless mutually agreed,
the rates shall remain firm. shows certain branches as highlighted and not having any
Txn per day table - The table
transaction count.
The Bank expressly stipulates the System Integrator’s (SI) selection under this RFP is on
the express understanding that this RFP contains only the principal provisions for the entire
assignment and that delivery of the deliverables and the services in connection therewith
are only a part of the assignment. The SI shall be required to undertake to perform all such
tasks, render requisite services and make available such resources as may be required for
the successful completion of the entire assignment at no additional cost to the Bank.

As per RFP


The Bank will calculate total cost of ownership for a 5-year period, which will include cost of
100 man-days of additional customisation effort for CBS and proposed 3rd party solutions
for the purpose of equating all the bids;
CBS software application costs




Considering the enormity of the assignment and the envisaged relationship with the
SI, any service, which forms a part of facilities management that is not explicitly
mentioned in this RFP as excluded would form part of this RFP, and the SI is
expected o provide the same at no additional costs to the Bank.




Vendor to size bandwidth of entire WAN network, that includes Link between DC and DRC
• Link between MPLS cloud to DC and DRC,
• Link between Branches and MPLS VPN cloud.
• Link between Zonal Offices to MPLS VPN Network
• Link between VSAT Hub location to DC and DRC from two seperate SP’s
• The shared pool bandwidth (for VSAT shared locations).

Branches on VSAT Network – For any Antivirus updation, Patch updation,
and EMS polling traffic at branches, will take update from the Servers
located at DC and DRC.
All the
proposed active network components should be from same OEM (Original
equipment manufacturer)
Structured cabling for the nodes in one extension counter

Table # 15 - Branch Roll out and Network rollout


The Vendor
will provide and install only the hardware required at that particular
point in time based on the speed of the roll out and the payment would
be released only for the hardware installed. As and when the balance
hardware is required the Vendor would have to provide the same and
the payment would be released after re-negotiations in case of price
reductions for such hardware. The Vendor agrees that in case the
price/cost for hardware at the time of implementation is less than the
price quoted for the project in response to this RFP/final negotiation,
then such saving in cost by the Vendor shall be passed on to the Bank.
Any benefit accruing to the Vendor as a result of decrease in costs of
any equipment delivered as a part of this RFP should also be passed on
to the Bank.
The network should have the capability of expanding to other office
locations of BANK in due course. The network link (WAN links) to the
Banks build data centre and other locations should be scalable.
The SI is expected to supply, install and commission the internet link of 128
Kbps (1:1 compression) Internet bandwidth which would be required to
provide Internet services to download updates for the antivirus, security
patches and other applications, if required. The internet link (bandwidth)
should be scalable up to 1 Mbps; as and when the Bank intend to do so
Deploy two links between DC and Service Provider’s MPLS VPN Network,
Primary link from one service provider 1 and secondary link from service
provider 2.




Deploy two links as last mile between MPLS clud and DC, DRC from 2
separate service providers. The link should of equal capacity across DC and
DRC.




The connectivity between the technical and application Help Desk and the data
centre would be through the replication link between the DC and DRC with
redundency in the connectivity and at the switch and port level.
2. Vendor to factor all costs as per Network diagram and architecture mentioned in
Addendum.
LL and ISDN for Techncial and application helpdesk


The service providers VSAT hub
location should be connected to DC (primary) using one Leased line Link one
from the service provider.



The shared pool bandwidth (for VSAT shared locations).


DC - DR sheet row no 6         a. DC (Kolkata) to DR (Mumbai)

DC-MPLS as Primary and DR -MPLS as Backup



Pilot Bandwidth for 3 Months

Bank reserves the exclusive right to
change any of the branches mentioned in Annexure 02 at any point in time.
Further it is assumed that any new branch opened by the Bank may be brought
under CBS.
Table # 15 - Branch Roll out and Network rollout

Pilot Bandwidth for 3 Months




Helpdesk


Structure Lan Cabling
Network and Security Components



Warranty : The offer must include a minimum comprehensive on-site free warranty of 3
years from the date of installation and acceptance of the solution. RFP should come with 3
(Three) year free Product warranty, onsite
service/support warranty and all software updates/upgrades. The SI should
also provide AMC thereafter for a period of 2 years on similar terms, which
will be included under FM.
Network and Security Components




Structured Cabling



Router , VASAT , Swicth , Rack and Structured Cabling



Pilot Phase - Till 12 Branches are Implemented


Minimum Service Levels : Critical -99.95 and Key 99.5




There should be end to end IP Sec Encryption. The IP Sec should be configured on
Branch, DC and DRC Routers. The data should traverse over the WAN Network through IP
Sec Tunnel. IPSec should be configured and operational across all branches irrespective of
LL or VSAT
MTTR for Primary and Secondary VSATs




Uptime for VSATs: Primary and Secondary

Storage Temperature




MPLS backed by VSAT for the remaining branch locations
Finally if MPLS is not feasible, VSAT should be used for the primary connectivity; and at
later stage if the LL is made feasible, LL should be used as a primary mode of connectivity
backed up by VSAT Network.
Vendor to size bandwidth of entire WAN network
Vendor to size bandwidth of entire WAN network




Vendor has to factor and provide the requisite band (KU-or Ex C)




Delivery, implementation and roll out

Branch network component payment terms (including VSATs)

The specifications for various devices - Router, Switch , firewall, IPS and AAA




The specifications for various devices - firewall - WebVPN Peers of upto 2500




The specifications for various devices - firewall - Support for Virtual Firewalls of upto 50
logical firewalls so that the Central site can have a individual firewalling for every remote
site in future


The specifications for various devices - firewall - v Support for inspection of various TAPI-
and JTAPI-based applications that use CTIQBE



The specifications for various devices - firewall - Network Containment and Control
Services



The specifications for various devices - firewall - Dynamic downloading and enforcement
of ACLs on a per-user basis, upon user authentication with the firewall



Should be able to Push VPN policy dynamically to Easy VPN Remote-enabled solutions
upon connection, eliminating the need to manage each client separately and therefore
helping ensure enforcement of the latest corporate VPN security policies




NIPS and HIPS should be from the same product suite
The IPS should be a dedicated hardware module or hardware appliance




The IPS device must have specific engines for protocols that have special detection needs,
or for protocols that we have large number of signatures for (e.g. HTTP). Specifically the
following list services and applications must be controlled - HTTP, port 80
misuse/application tunneling, FTP, and mime type filtering. , DHCP, DNS, FTP, File
Sharing (peer-to-peer), Finger, HTTP, HTTPS, IMAP, IDENT, LPR,NNTP, NTP, POP, R-
Services, RPC, MSRPC, SMTP, SNMP, SOCKS, SQL, SSH, TELNET, TFTP,, H323,
H225, SSH, WINS, MSSQL, IRC, LDAP, SMB, TNS.
Appliance should not use hard disks or other high failure rate components




Minimum IPS Signature support for following signature titles:




The Vendor shall implement the Information Systems Security Policies
(‘ISSP”) that address the security policies of the Bank as they exist at
the time of Agreement initiation and adopt any updated, revised or
expanded policies that the Bank implements during the tenure of the
RFP. The activities that the Vendor shall address include but are not
limited to:
• user ID creation / deletion,
• password setting / resetting,
• creation of limited access shared space on servers,
• secured installation of assets, secured backup tape storage,
• destruction of data on failed hardware components (for example,
data on a server hard drive that fails) and
• Confidential data protection methodologies.
Vendor shall control the security/administration of user ID’s for network applications and
tools

Security Incident Reporting: If an incident is confirmed, the Facility Manager shall provide
all necessary assistance and access to the affected systems so that a detailed
investigation can be conducted and solutions applied are documented.

Sensitive Information: Any information considered sensitive must be protected by the CBS
Facility Manager from unauthorized disclosure, modification or access

General
General




General


Two layers of security (firewalls from different service providers) between the
Internet & centralized applications, between the 3rd party networks &
centralized applications
Intrusion Prevention System – Host-based and Network-based; The make /
model at the DC & DRC should be different

Firewalls – Stateful inspection, packet etc; The make / model at the DC & DRC
should be different

Managed EMS


Appendix B form B02
Appendix B form B03, NW and Security - Branches, line 11
The Vendor is expected to provide various audit tools for auditing all the
components proposed by the Vendor as part of the solution. These should
include:
• Tools for Auditing Operating Systems
• Tools for Auditing Database Systems
• Tools for Auditing the Application Systems
The Vendor is expected to develop Application audit tools (for example
identifying income leakages, non compliance to policies and procedures, etc.),
as requested by the Bank internal auditors/departments from time to time,
within the contract period.
Training scope

Training scope
The vendor will have to size the SAN storage capacity based on the
numbers of accounts both at DC and DR. The SAN storage utilization
should not exceed 70%. In case the above requirement is not met, the
additional hardware would have to be provided by the Vendor at no further
cost to the Bank. If the individual solutions suggested by the SIs
necessitate additional capacity, then the SI would need to provide
accordingly to meet the RFP and SLA requirements. Replication between
DC & DRC should be Storage-to-Storage based replication with automatic
role reversal
The VENDOR shall prepare a detailed functional specification documents for all products /
services offered by the bank, which will have to be agreed with each bank for
completeness and accuracy. The functional specification document will have to be
prepared, signed and agreed upon within 20 working days from the date of awarding the
contract
The VENDOR shall update all the functional specifications within 4 working days after a
modification, enhancement, upgradation / new functionality has to been incorporated in the
application systems.
The VENDOR shall ensure that all bugs reported by the users / testing team in the testing
environment will be duly resolved maximum within 7 calendar days


The VENDOR shall ensure that the entire exercise of data migration will be performed
within 10 hours




The VENDOR shall provide a minimum of 5 full time support staff at the branch for a
minimum of 12 working days after branch implementation of the CBS. Any technical
problems or errors faced by the user will be resolved by the VENDOR within 2 hours of
problem identification / reporting
The VENDOR will identify and develop interfaces to the existing / proposed systems so as
to meet the functional requirements of the bank. The interface identification will have to
done by the VENDOR and agreed with the bank within 10 days from awarding the contract.

The example as explained in the document

Financial Inclusion




The architecture should be based on high performance, multi-core Processor


The router should support switching throughput of 900 Kpps or more
It should support high powered service modules with improved availability, Gigabit Ethernet
switching with enhanced POE

It should support the industries widest range of wired and wireless connectivity options
such as T1/E1, T3/E3, xDSL, 3G, copper and fiber GE



Should support high speed WAN deployment requirement up to 350Mbps or more, should
support 800 Mbps of IPSec performance and support 200 nos of SSL VPN Tunnels


The architecture should provide energy-saving features like intelligent power management
and shouls allow the Bank to control power to the modules based on the time of the day,
optimizing consumption of raw materials and energy usage, high efficiency power supplies
and scalable power consumption

Should provide out of band management access via USB, Aux or console
Should be NEBS compliant




It should allow hosting of 3rd Pary & custom applications on a service module which can be
easily integrated in to the router
Should support hot plug of service modules
Should support Energy saving intelligent power management feature to control power to
the modules based on the time of day

The router should support TCL based scripting mechanism to automate tasks and
customize the behavior of various sybsystems and the operation of the device in order to
respond to real-time events


It should support online diagnostics on various system components


It should support XML-based data encoding for managing network device, retrieve
configuration data information, and upload and manipulate new configuration data


Should support distributed and customized approach to event detection and recovery
offered directly in the OS Software device to offer the ability to monitor events and take
informational, corrective, or any desired action when the monitored events occur or when a
threshold is reached.


Router OS should be EAL4+ certified


L2TPv3

Secure collaborative communications with Group Encrypted Transport VPN, Dynamic
Multipoint VPN, or Enhanced Easy VPN


Should support WAN Optimization features such as TCP optimization, caching,
compression, and application acceleration in hardware modules


Should support minimum default DRAM = 1 GB, maximum DRAM =2GB
External Compact Flash minimum default = 256MB, maximum External Compact Flash =
8GB

One USB Console port (Type B) (up to 115.2 kbps)

One service module slot
Should be able to manage & administer point-to-point VPNs by actively pushing new
security policies from a single headend to remote sites


IOS IPS and customisable signatures


Should support stateful firewall throughput of 3000 Mbps and 300,000 concurrent sessions


Intrusion Prevention

VXML

Temperature Alarm and Power Monitoring


The Switches must be able to Build up its own inventory (like Device Name, Chassis Type,
Memory, Flash, Software ver. Etc)


IPv4 Total Routes should be 256,000 and IPv6 route entires should be 128,000


The switch should have 32,000 Multicast Routes

Support for ease of configuration of VLANs across switches (Virtual Trunking Protocol or
GUI based)
Support for auto-configuring trunks between switches (Dynamic Trunking Protocol or GUI,
etc.)
Automation through Embedded Event Manager (EEM), AutoQoS and Auto SmartPorts for
fast provisioning, diagnosis, and reporting


Configuration Change Tracking

The switch should support Dynamic Hardware Route Table Allocations
The switch should support uRPFv6: Strict Mode in hardware

The switch should support Flexible NetFlow for optimized application visibility


Minimum of 24 port 10/100Mbps Fast Ethernet auto sensing ports and 2 nos of 10/100/100
Mbps Uplink ports, with 16 Gbps of Forwarding Bandwidth, 32 Gbps of Switching
Bandwidth and 6.5 Mpps forwarding rate


Minimum of 64 MB DRAM and 32 MB Flash memory


Weighted Tail Drop (WTD) for congestion avoidance
Configuration Change Tracking


Layer 2 traceroute to ease troubleshooting by identifying the physical path that a packet
takes from the source device to a destination device.

Unicast MAC filtering, unknown Unicast and multicast Port blocking

The software should have a mechanism to proactively detect and address potential
hardware and software faults during runtime.

Management for atleast 100 devices through a single IP address. Should support
automatic upgrade of system software across all these devices
Status – Watch/Inspect

1519

Integration of Device Profiling Technology and Guest Access handling with LAN switching
to significantly improve security while reducing deployment and operational challenges
802.1X Supplicant with Network Edge Access Transport (NEAT) should enable extended
secure access where LAN switches have the same level of security as switches inside the
locked wiring closet
Minimum of 176 Gbps switching fabric
Minimum forwarding bandwidth - 88 Gbps
Spanning-tree PortFast and PortFast guard for fast convergence
UplinkFast & BackboneFast technologies to help ensure quick failover recovery, enhancing
overall network stability and reliability.
Port Aggregation Protocol (PAgP), Link Aggregation Protocol (LACP)


Weighted tail drop (WTD) to provide congestion avoidance


Layer 2 trace route to ease troubleshooting by identifying the physical path that a packet
takes from source to destination.

Integration of Device Profiling Technology and Guest Access handling with LAN switching
to significantly improve security while reducing deployment and operational challenges
802.1X Supplicant with Network Edge Access Transport (NEAT) should enable extended
secure access where LAN switches have the same level of security as switches inside the
locked wiring closet

The router should support a default DRAM of at least 512 MB


Internal USB flash RAM of 256 MB must be offered for proper operation under the
proposed solution and as per the requirements of the Company.
Firewall Services with Standard Access Lists, Extended Access Lists and Time based
Access lists and Intrusion Detection system to provide supervision and control,

Should be able to manage & administer point-to-point VPNs by actively pushing new
security policies from a single headend to remote sites
The architecture should provide energy-saving features like intelligent power management
and shouls allow the Bank to control power to the modules based on the time of the day,
optimizing consumption of raw materials and energy usage, high efficiency power supplies
and scalable power consumption


The router should have the following protocols support - IPv4, IPv6, static routes, Open
Shortest Path First (OSPF), Enhanced IGRP (EIGRP), Border Gateway Protocol (BGP),
BGP, Router Reflector, Intermediate System-to-Intermediate System (IS-IS), Multicast
Internet Group Management Protocol (IGMPv3), Protocol Independent Multicast sparse
mode (PIM SM), PIM Source-Specific Multicast (SSM), Distance Vector Multicast Routing
Protocol (DVMRP), IPsec, generic routing encapsulation (GRE), Bidirectional Forwarding
Detection (BVD), IPv4-to-IPv6 Multicast,, MPLS, Layer 2 Tunneling Protocol Version 3
(L2TPv3), 802.1ag, 802.3ah, and Layer 2 and Layer 3 VPN


The router should have the following Traffic Management features - QoS, Class-Based
Weighted Fair Queuing (CBWFQ), Weighted Random Early Detection (WRED),
Hierarchical QoS, Policy-Based Routing (PBR), Performance Routing (PfR), and Network-
Based Advanced Routing (NBAR


Should support distributed and customized approach to event detection and recovery
offered directly in the OS Software device to offer the ability to monitor events and take
informational, corrective, or any desired action when the monitored events occur or when a
threshold is reached.

Router OS should be EAL4+ certified


Secure collaborative communications with Group Encrypted Transport VPN, Dynamic
Multipoint VPN, or Enhanced Easy VPN

Should have stateful firewall throughput of 500 Mbps and 60,000 concurrent sessions

Should be a hardware based appliance solution for Authentication, Authorization and
Accounting and 802.1x implementation.
Implement an Application Help Desk and Technology Help Desk (for min. of 6




Agents) for the Bank in Agartala, Head Office

Help Desk – The application and technology Help Desks should be fully functional



from the day the first Pilot branch is successfully implemented
The SI is expected to Co-locate the Data Centre preferably in Kolkata. The

SI is expected to implement the servers at the Data Centre, of 250 sq. Ft.
The vendor should also have his resources ( 5 for Application Help Desk and
4 for Technology Help Desk ) and needs to factor such costs separately.
The table below shows how exactly the technology components are expected
to be structured
Help Desk – The application and technology Help Desks should be fully functional from the
day the first Pilot branch is successfully implemented

SI to Build the technical and application help desk at the designated place
identified by the Bank and provide for desktop PCs and other IT
infrastructure as would be required for application related queries and
provide a 9 seat technology help desk as part of the managed data center
services. The bank would expect a call manager to be implemented which
will provide MIS on a hourly, daily, weekly, monthly, yearly basis such as



calls handled, calls dropped, average talk time, average speed of answer etc.
Maintain the IT infrastructure for all the components provided as part of
this RFP. The Bank expects the facilities management function to be carried
out from the Bank premises on 24 * 7 basis.

The Vendor shall provide complete technical support for software problems
(all licensed software provided by the Vendor as a part of this RFP or
maintained by the Vendor as a part of this RFP) and or questions, defect and
non-defect related to Bank office automation products, systems and licensed
Applications.
The offer must include a minimum comprehensive on-site free warranty
of 3 years from the date of installation and acceptance of the solution by
the Bank including all software, hardware, parts, media, patches,
updates and licences. No parts, accessories of the systems like print
heads etc. should be excluded from such warranty;
Implement a Core Banking Solution including Retail, Corporate and other
Applications namely
• Core Banking Solution including KCC, Micro-Finance
• Share Management solution
• Loan processing, corporate GL, fixed asset management and salary processing
• Advances, Deposits, Locker, General Ledger,
• Collection/Payment Services
• AML, ALM & Transfer Pricing customized solution under CBS
• Comprehensive Financial Inclusion module including standard external interface
• Closing related :-
a. P & L initialization
b. Balance Sheet
The Vendor must ensure that all interfaces are automated with minimal
manual intervention. All 3rd party Applications proposed by the Vendors to
meet the functional requirements of the Bank should provide an on-line
interface with the Core Banking Solution.
SI to ensure the data hosting setup requirements are mentioned along with
the details of components and activities involved at DC and DRC.




Provide an Enterprise Management Solution (“EMS”) –encompassing the
products proposed as a part of this tender and other existing/proposed
technology infrastructure of the Bank.




The proposed Network & Security solution should comply with standards, the
Banks security policy as approved by the board, IT Act 2000 and
NABARD/State Government Guidelines/Co-operative act. The Bank will share
their security policies with the selected SI as available at the time of project
commencement. The SI should make sure that the solutions being provided
are complying with the Security Policies of the Bank, regulatory compliances
and the Industry’s leading practices.




The Vendor shall provide all statutory, regulatory and adhoc MIS
(management Information System) and EIS (Executive Information System)
reports as required by the Bank in the desired format during the initial phase
of customisation process.
The Vendor shall provide for all subsequent changes to reports as suggested
by the statutory and regulatory bodies from time to time immediately to the
Bank at no additional cost to the Bank.
The Vendor shall provide for a flexible report writer utility and train the Bank
personnel in using the same.
The Vendor is expected to provide various audit tools for auditing all the
components proposed by the Vendor as part of the solution. These should
include:
• Tools for Auditing Operating Systems
• Tools for Auditing Database Systems
• Tools for Auditing the Application Systems
The Vendor is expected to develop Application audit tools (for example
identifying income leakages, non compliance to policies and procedures, etc.),
as requested by the Bank internal auditors/departments from time to time,
within the contract period.
At the Application layer (Layers 5 - 7 of OSI), the CBS must ensure
appropriate methods to maintain confidentiality & integrity of data at the
application level.
Data Encryption including IPSec/3DES/AES;

Access controls mechanisms, as defined in the security policy of the Bank,
must be implemented at network, operating system, database and application
system levels.
Branch network component payment terms (including VSATs)

General

Vendors Liability




Compliance with Laws:

Indemnity



Escrow Mechanism



Confidentiality

Intellectual Property Rights



Guarantees
 DRC Requirements The DRC would be hosted out of the Tripura SDC. The DRC will be
required to host the core banking infrastructure at 100% redundancy.
The Vendor is expected to provide the DC – DRC strategy/BCP for recovery in
case of a disaster with necessary procedures for the same in the solution.
The DRC should be operational in case of a disaster at the DC, with a
maximum downtime of 60 minutes and after declaration of the disaster at the
DC by the Bank. Data at the DRC in such a scenario should be maximum of
15 minutes behind the data at the DC.




The core banking solution should have the ability to allow electronic interactions with other
banks / brokers / custodians / DPs / etc. for communicating / confirming rates, calculations,
etc.




Should support 5,000 users at any given point in time.
Vendor should provide documentation for the code being deposited as part of the Escrow
arrangement. The documentation should have been verified for completeness and
accuracy vis-à-vis the code by an independent, reputed third party agency.

This sub-network must be deployed to manage the entire network including the branch
network. This network must have workstations to manage the Firewalls, Intrusion
Prevention Systems and Anti-Virus Systems. An shared Enterprise Management System
(EMS) is required to be implemented to monitor critical servers of the entire network
including the branches for sizing etc., to monitor network components of the LAN & WAN,
Fault Management, Performance Management of the network components and servers,
Inventory Management, automatic discovery of network components etc. and generate
reports to monitor the service levels as specified in Annexure 9 of this RFP.

This sub-network must be deployed to manage the entire network including the branch
network. This network must have workstations to manage the Firewalls, Intrusion
Prevention Systems and Anti-Virus Systems. An shared Enterprise Management System
(EMS) is required to be implemented to monitor critical servers of the entire network
including the branches for sizing etc., to monitor network components of the LAN & WAN,
Fault Management, Performance Management of the network components and servers,
Inventory Management, automatic discovery of network components etc. and generate
reports to monitor the service levels as specified in Annexure 9 of this RFP.

This sub-network must be deployed to manage the entire network including the branch
network. This network must have workstations to manage the Firewalls, Intrusion
Prevention Systems and Anti-Virus Systems. An shared Enterprise Management System
(EMS) is required to be implemented to monitor critical servers of the entire network
including the branches for sizing etc., to monitor network components of the LAN & WAN,
Fault Management, Performance Management of the network components and servers,
Inventory Management, automatic discovery of network components etc. and generate
reports to monitor the service levels as specified in Annexure 9 of this RFP.




Internet Router




Firewalls Internet




Branch Switches
            The Colocated Data Centre should be of Data Centre level 3 standards. The minimum
            specifications of the Hosted Data Centre is in Annexure 4.

            Disaster Recovery Centre (“DRC”) - The Bank would use a space in the Tripura State Data
            Centre ( SDC ), Agartala.




            requirements for the data hosting centre
            The vendor will be responsible for successful data migration from the legacy systems and
            other electronic data which is converted from the manual ledgers to the new environment.


            a.     Under Point No. 5.4.1.1 total of 400 people have to be trained under various
            streams.
            b.    Under point no.6.1.5.3 training is given for unlimited users.



            c.      Under Point No. 6.15.13 proposed training schedule is provided.
            Clarification required as to the exact training requirements.
            The Vendor will be responsible for identifying the detailed interface requirements for
            integrating the proposed packages to the systems as mentioned in Annexure 03 and for all
            other functionalities as mentioned in this RFP.
            Government Securities




            Loan with Agriculture Module
                     Implement a Core Banking Solution including Retail, Corporate and other
                                                Applications namely
                              • Core Banking Solution including KCC, Micro-Finance
                                          • Share Management solution
                 • Loan processing, corporate GL, fixed asset management and salary processing
                                 • Advances, Deposits, Locker, General Ledger,
                                          • Collection/Payment Services
                          • AML, ALM & Transfer Pricing customized solution under CBS
                 • Comprehensive Financial Inclusion module including standard external interface
                                                 • Closing related :-
                                               a. P & L initialization
                                                  b. Balance Sheet

            Bid Validity Period
Financial Inclusion
                         Average Speed to Answer, First call resolution, call abondon rate
                                      Data Migration


                                           Training
Provide training to the Banks information technology users on implementation and
management of the Security solution.
The SI is expected to supply, install and commission the internet link of 128 Kbps (1:1
compression) Internet bandwidth which would be required to provide Internet services to
download updates for the antivirus, security
                                 Comment/ Suggestion/ Deviation

    Request for Proposal - RFP



Bandwidth performance not to be in the scope of SI but the network service provider to be responsible
directly. It is suggested and requested to confine the scope of SLA and performance related to
Bandwidth within the NW Service Provider's Contract , however SI will laise with NSPs for Link
commissioning activity .



Bandwidth performance not to be in the scope fo SI but the network service provider to be responsible
directly.

On unavailability of bandwidth in locations by BSNL, Bank not to penalize SI.
We would request to offer any warranty for third party products on "as-is" basis.
Waranty to commence on delivery of the product.




The changes post contract need to be captured under change request. Will have to factor addln costs
like logistics etc accordingly. It is requested to give an approximation of change volume and new
branch projection Yr on Yr.


In case of material deviaion in requirement from the original RFP, a change request to be floated. And
revised price to be discussed and mutually agreed upon.




We would request for not to provide any project specific insurance
We also request any stamp duties to be paid on actual by the Bank




Any future upgrade to be discussed and mutually agreed and revised prices.

Products (h/w or s/w) that we may supply to be accepted on delivery. On acceptance, title and risk to
be transferred to the bank
we request that we are not asked to provide any project specific insurance




We request PBG to be capped at 10% of Annual Contact Value.
We request PBG to be renewed every year for Annual contract value.
We request PBG to be valid till expiry of contract/Contract termination.

PBG to be invoked only in cases of material breach of our obligations post providing a
reasonable cure period .




Material breach to be solely attributable to bidder for any such considerations (Force majeur, failure of
network provider etc to be duely considered)

SI submits tht risk purchase only to be valid during implementation period an not warranty or FMS
SI to pay only the difference in amount agreed.
Payment to be capped to 10% of the value of the delayed product.


It is requested to change any quantity prior to final Bid submission .




We request the clause to be deleted

In case of consortium, each member to be responsible for respective scope of servcies alone




May not be able to transfer/reassign/provide source code etc




Bank is requested to share the Agreement copy.
Request payment terms:       Product (h/w or s/w):
80% on delivery
20% on implementation

Implementation servcies:
50% in advance
50% on implementation acceptance

Training
To be paid ratable during the respective periods

FMS:
Quarterly in advance

Payments to be made NT 30 days from date of invoice
Payments not bound on Final Acceptance clause

Payment withholding and payment deduction onto invoice is not allowed as it create collection
challenge. HP have given BG to invoke or to compensate separately.
One BG is being given prior to commencement of work. Hence delay of 12 months to release payment
is unreasonable and create collection challenges for aging. Request Bank to replease this payment
within 3 months of Installation.
It is understood that Bank will do direct commercial transaction with Bandwidth service provider
however BW cost as per the quote given by BSNL / Other Service provider will be part of TCO . It may
be noted that SI can't sell Bandwidth under Telecome guidelines . SI only can liason the activities with
BW Service Providers . Pl comment

SI not liable for any performance breach by network provider. We would request bandwidth payment
to be directly be accepted from the service provider as the law of the land doesn’t allow reselling of
bandwidth
Legal to comment
Material breach to be solely attributable to bidder for any such considerations (Force majeur, failure of
network provider etc to be duely considered)


We would request as insurance to be removed from the acceptance testing phase

Acceptance of any product (hardware or software) that wemay supply will be on delivery of the product
mentioned.

Warranty for each product to commence on delivery of the product

The acceptance criteria or procedures for Deliverables set forth in this agreement will only apply to the
services provided herein

Any refund/return or penalty rights as set forth hereon apply only to the services provided

Neither party shall assign its rights or obligations under the contract without the consent of the other
party.
Request for removal of the clause
Comprehensive Liquidated Damage (LD) to be levied during implementation period to be capped to
5% of the value of the affacted delayed product/service
LD to be applicable only during implementation phase
Once LD cap is breached customer may terminate the contract post a cure period of 30 days.

Comprehensive SLA penalty to be applicable during support phase to be capped at 5% of annual
service value




Request for removal of the clause



No reduction in price to be provided during contract period unless through a change request due to
lower BoQ/support




Termination only on material breach of bidder's obligation post providing a reasonable cure period




Legal to comment on services beyond contract termination
Pl clarify as to what these branches/extension counters have to be considered for?

 Having an open scope makes it impractical to price the bid suitably resulting in either under or over
pricing by vendors. Request that the statement be modified to cap the requirements or limit the time
by which all possible requirements from the bank can be identified and recorded.




Training at all 57 locations may lead to issue about infrastructure availability and time consumption.
Does the bank intend to conduct Training at all 57 locations?
Can vendor suggest a centralized Training program?
Appendix 3 Form B 01 – CBS sheet mentions 150 days of additional customization effort. This does
not match with 100 days being considered in arriving at TCO. Please clarify which of the two figures
will be used for TCO calculations.
We would like to state that the given payment terms are akin to new development project while this
project is for readily available Core Banking Solution that requires some customization effort to meet
bank’s requirement.

Since the bank gets almost 70% - 80% product as ready-to-use, there should be upfront payment
towards the License cost of the solution. In view of the above, we suggest that the payment terms be
modified to cover payment on contract award and sign-off.




Pl clarify what all are the Fascility managemnt services envisaged which are not mentioned in RFP . It
would be helpful for the bidder to consider cost buffer appropriately .




It is requested that BW sizing should come from Bank as this will be an Open area Bidders will size
BW as per their own will may be higher or lower and it will have adverse impact on TCO if BW cost will
be considered within the TCO for commercial evaluation . Pl comment


Pl specify BW required for each VSAT branch

This will restrict bidder to stick single OEM . This clause should be removed so that bidder could
propose a hybrid solution.

Pl confirm that structure Cabling is required only in one extention counter out of 9 no other branches .

Pl explain the exact meaning under Golive 1st CBS Branch - 1 branch under Branchrollout Vis a Vis
10 branches under Networkrollout




Bidder is expected to honor the price point as per the Price submitted during the Bid and
supply the Equipments in a single phase . It is requsted that no further price negotiation would
take place post L1 announcment .
Pl specify the extent of scalability , does it imply the bandwidth sizing at DC , DR as the numer of
branches is likely to get increased . How the Bidder will provision the cost when the projection in
incremental branches or office locations are not cleared .




Is Bidder expected to provision Internet link at DR also .
When the Branches are connected through a Single Service Provider (BSNL) what is the requirment of
having Aggregate MPLS link from another service Provider (SP2) . In case of failure of Primary LL link
, branches will get connected through VSAT wherein there is no LL connectivity present at Branch
level through SP2. Suggested to remove the line "secondary link from service provider 2" .




What is the need of having last mile from a sencond service provider when branches are connected
only through BSNL single service provider . Suggested to have two last mile from BSNL through
different phyical path to have the reduadancy on aggregate links .

It is contrdictory with the Appendix 3 Form B03 , helpdesk sheet where as separate Link BW is asked
for Technical and Application Help desk . Pl clarify

No Addendum attched in RFP for Network diagram and Architecture . Pl publish

Pl specify the BW size for LL as primary and ISDN as secondary if the links between Technology and
application helpdesk is not part replication link between DC & DR


It is contradicting with Appendix 3 Form B03 VSAT sheet wherein row no 15 , 16 under backhaul
connectivity shows the link from HUB to DC through SP1 and SP2. a. What is the size of Backhaul
BW from HUB to DC and DR b. whether there are two separate links from two SPs required from
HUB to DC c . Can they be through MPLS ratherthan p2p LL


What is the size of Pool BW and will it be in Duplex mode (1:1 ) Pl specify

Suggest for correction : DR ( Mumbai ) to DR (Agartala)


This is again contradicting with the RFP statement 2.3.9.3 and 2.3.9.4 page no 20 of the RFP . Pl
give a clarity by proving the Architectrual diagram of connectivity .
Pl clarify whether Pilot Bandwidth (3 months ) is required in case of VSAT Pool BW and Backhaul BW
as well . If so pl incorporate the coulmn as indicated in DC -DR sheet

Any change in existing Branches or induction of new branches will hamper the Rollout timeline for
which Bidder /SI will not be responsible and hence penalty on account of delay should not be imposed
on SI . Pl comment

Pl specify the time frame for the Rollout of the Pilot phase of 8 branches

Pl insert a column for Pilot Bandwidth in Branch sheet of Appendix 3 Form B03 . As pilot BW (3
months ) is being provisioned for Aggregate link in DC -DR sheet which is for Pilot rollout phase of 8
Branches hence it is required to mention Pilot BW for branches in Branche sheet also.

Pl remove these rows from Bandwidth sheet if Helpdesk ( Techncial and Application ) location link to
DC will be part of replication link


Pl indicate the no of nodes for which Structured Lan Cabling required at DC and DR other than DC DR
Equipments
Pl indicate the exact quantity for each network and security component . This is essential to control
the competetion otherwise bidders will quote hayware.




As the Pilot phase in excluding 5 Yrs , is the bidder expsected to consider the warranty for the Pilot
phase if so what is the period for this .
if it is assumed the Pilot phase is for 3 months , Bidder will be forced to consider the product for 1 yr (
besides 3 Yrs warranty and 4th 5th AMC ) this will add up the cost to a greater extent hence requested
to consider the Pilot pahse within 1st Year which will help to reduce the BW cost and Equipment cost
substantially .



Pl specify the number of LAN nodes required at each branch



Pl specify the quantity for the Pilot Pahse and Y1 -Y5 .

It is contrdicting with RFP Table #14 page no 28 wherein no of pilot branches given as 8 . Pl clarify
which is correct

As bsnl or any other BW service provider even VSAT service provider does not commit beyond 99.5
then how it is expected from SI wherein SI doesn’t have any control on Service provider Infrastructure .
Hence request not to impose any SLA citeria and penalty related to Bandwidth on SI beyond the figure
given from BW Service Providers . Pl change the SLA under critical to 99.5 .
Currently, VSAT Satellite Modems are capable enough to provide IP Sec feature without use of CPE
router. We suggest to include the same in technical specifications of Satellite modem rather than
procuring additional equipment for the purpose, hence cost for router can be saved by the bank

Please provide MTTR details for VSAT network connectivity, for primary and secondary VSAT.
We suggest MTTR for 48hrs for Tripura state, keeping in mind the tough terrain & Logistics
We suggest one dedicated field engineer to be based in TRIPURA for VSAT support in the State

Please provide Network uptime for VSAT connectivity considering Critical and Key Elements.

Recommended -20 to +70 Deg C




Considering VSAT as backup service, we propose that bank should include VRRP feature in VSAT
modem specifications. VRRP feature helps to take over the network and will make Satellite modem
acts as primary, in case of MPLS link fails. Satellite modem here acts as local router and will process
the traffic routing part really fast.
As per tender, feasibility will decide whether VSAT will act as primary or Secondary media.
Request to define clearly the quantity & QOS.
For pool model, please mention how much bandwidth is needed for TCO calculation. Bank may
increase / decrease the bandwidth based on usage patterns or user loads.
 Also as mentioned applications required by bank are Video, Voice and Data.
Please provide the bandwidth requirements for bank application wise for primary and secondary VSAT
network.
Total locations projected are 57 scalable to 100.
Ku / XC band is to be selected based on SLA. Please specify the Ku band VSAT & XC VSAT BOM
and quantify them
Please specify if 1.2 Ku antennas are required or 1.8 EX C antennas needed?
Road permits to be provided by Customer, since VSAT delivery requires road permits in Tripura.

We suggest payment terms for VSAT hardware as80% of hardware payment is requested on delivery.
Balance on Installation per location

The speficitiaons are are currently having some proprierty specifications and are also having some
favourable points towards an OEM.We would kindly request the bank to review these technical
specifications so that industry standard products can qualify. A revised more consise specification as
desirable for the bank to function is requested to be published.




WebVPN is proprierty term for OEM in firewall. Kindly suggest.
This is not desirable in banking environment. Different rules for different branches has never been
done in the history of any Bank or any RBI mandates.



CTIQBE is OEM specific implementation. Kindly suggest




ACL, Time based ACL , are OEM specific usage. Please use industry standards and key words.Kindly
suggest




Dowonloadable ACL is OEM specific terminology. Kindly suggest




Easy VPN is OEM specific terminology. Kindly suggest.



NIPS and HIPS should be from different OEMS to support defence in depth. This is how this done in
most banks. Kindly suggest
Vendor favouring. Why not software module ? Kindly suggest
Kindly suggest why only these protocols. Please avoid such list as they are vendor favouring.




IPS needs huge log space and archiving. This specification is for older IPS models.
The specification given is very long - 272 lines. Such extensive signature pattern is pointing to one
OEM as different vendors have different ways of detecting and is not specific signature dependent.
This is a very old type of detecting attacks whenRBI IS AKSING DYNAMIC CLOUD AND
COLABRATION BASED TECHNIQUE now to detect attacks. Kindly suggest funtional specifications
rather than OEM specific implementations




In the wake of this requirment of maintaing the seuciryt policies, does the bidder need to have
functionality in its security management devices to have a worflow for approval of any changes to
rules/ policies. RBI mandates that any rule changes needs approval from bank.
In the wake of these requirments, Should the bidder consider its security solutions like firewall and IPS
to be identity aware ? Only then can facility manager be able control security based on user ID for
network access

In order to capture the details as required in this clause , the security devices such as Firewalls should
log user information for internal activity. Also for external activity it should be able to log geo of the
original user. Should bidder consider these requimements while selecting the firewall

Is bidder expected to consider solution around data leakage to stop sensitive information from going
out of the system? There is no mention around Data leakage solution in Bill of materials.
Please suggest if we have to take care of Protection aggainst advance and current generation threats
as in Specification it warrants for very basic firewall and IPS and does not really be able to protect
aggainst those attacks and Bidder will not be mandated to give solution regarding the same seeing the
ambiguity.We request Bank to come up with clear scope statement and functional specifications to
address the same.
Compliance is also manadated as one of the major requirement in the guidelines and does Bank want
Bidder to manage the same and if yes how as the range of the complaince managment solution
ranges form manual to automate variious compliance using GRC framework. Please suggest how the
bidder take care of the same.We request Bank to come up with clear scope statement and functional
specifications to address the same.
There is no mention of very important controlling Web 2.0 Borne attack as this is becoming no 1
Attack vector but this aspect is left untouched does Bank want Bidder to address that as one of the
important objective. we request Bank to clarify
Do we need to give two separate firewall at the two layers. Under the current designs of banks , we
can consolidate this fuction and save cost and give differnet instance of firewall to the different
functions. Kindly suggest.
This is not adviseable as this hinders DR process. The policy and functionaity changes may affetec
smooth transition to DR as this will impact business. The need is to have better DR control for
business.
This is not adviseable as this hinders DR process. The policy and functionaity changes may affetec
smooth transition to DR as this will impact business. The need is to have better DR control for
business.
We would request the EMS be purchased in Capex along with other items. The support will be bidded
on opex. This will unnecessarily create complications in the pricing where the rest of the items are in
capex.
Application cost for e-mail solution has been wanted. Is Email required?
Active directory has been wanted. Is this required?




Do we need to procure audit tools . If yes, what is the specification and number?
Could you elaborate on the training scope. Do we need to give training only at the central location?
Who will be providing the logistical cost like space, furniture , etc for the training.
Do we need to give IT infrastructure training as well?




We would request that the bidder be allowed to select the replication method on basis of the
application architecture and RPO. Kindly let it not be mandated to use storage - to storage replciation
Given the scope of the solution, iterations for review, etc. the time allocated is too less. We suggest
that such timelines be defined at Project kick-off stage. Request to remove this condition from SLAs
at this stage.


Same as the point above
The resolution time will vary with complexity involved. Also the severity should be considered while
assigning resolution time. It is not advisable to make frequent releases. As a generally acceptable
practie, the development and UAT plan are prepared jointly at Project kick-off stage, which provides
clear milestones and metrics for issue management.
It may not feasible to complete data migration at one shot. It is practical to plan it in batches of 5-10
branches. Does the bank intend to complete entire data migration activity in one instance?

Is the bank open to discuss timelines for data migration and base the SLA on joint plan of action?


Allocation of such high number of resources for extended period will escalate costs. Please clarify
whether 5 resources are needed per branch.

Does the bank want such support for only Pilot phase or for entire 57 branches?
After contract sign-off, next logical steps are allocation of resources, project planning meeting which
may take more than 10 days. It is not feasible to study the existing internal & external systems and
define integration needs in short span of 10 days from the date of signig the contract. Suggest that
this timeline be joitnly discussed with the vendor before finalization.
Please clarify as to how will the Company (i.e. vendor) get a credit even in the situation where
minimum service level of 99.5% is not complied with.
There will be additional efforts required for UAT on field devices such as PDAs, POS HHTs. Please
confirm that supply of these devices is not part of scope.

Pleas clarify expectations on testing of application on these devices.


The architecture should be based on high performance and high performance CPU based.Different
OEM follows different Architecture. The router's performance is decided by the pps value (Packets per
second) . We will provide a router which can support more the requisite forwarding rate with a single
high end processor. So requesting to remove the requirement of Multi-Core Processor.
Kindly change this to 800 Kpps800 Kpps is sufficient for this requirement.
Kindly remove thisService module is specific to a particular OEM.
As we understand the POE devices (IP Phone or WiFI AP) are not directly connected to the Core
Router. POE devices are generally connected to the Access Switches / Core switches.
Kindly remove xDSL Support from the router.xDSL ports are needed to connect Broadband link.
Brodabank links are needed at remote sites not at the Core Router.

Should support high speed WAN deployment requirement up to 200Mbps, should support 200 Mbps of
IPSec performance and support 200 nos of SSL VPN TunnelsIf we consider that in future the total No
of remote location will be 100 and each site will get connected to the central site over 2Mbps link. Then
also the max WAN BW will be needed at the Central site will be 200 Mbps. So at any case
(considering 30x scalability) the IPSec performance requirement will not be more than 200 Mbps.


Kindly remove thisThis is specific to a particular OEM.


Kindly remove management via USB.USB port in a router is mainly required for connecting external
Flash or 3G Dongles. For management Console or AUX port is enough for out of band management.
Kindly remove thisNEBS (Network Equipment-Building System) describes the environment of a typical
United States RBOC Central Office. NEBS is the most common set of safety, spatial and
environmental design guidelines applied to telecommunications equipment in the United States.
Since this Router will not be installed in a telecom environment hence there is no relevance of this
standard. However the proposed router has support for nescessary Safety Standands: UL 60950-1;
AS/NZS 60950; EN 60825-1 Safety of Laser Products-Part 1; EN 60825-2 Safety of Laser Products-
Part 2; IEC 60950-1; EN 60950-1; CAN/CSA-C22.2 No. 60950-1-03; FDA 21 CFR Subchapter J


Kindly remove mobility services. This is specific to a particular OEM.
Kindly remove thisThis is specific to a particular OEM.
Kindly remove "intelligent power management" featureThis is specific to a particular OEM.

The router should support TCL based scripting mechanism to automate tasks and customize the
behavior of various sybsystems and the operation of the device in order to respond to real-time events.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
It should support online diagnostics on various system components.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
It should support XML-based data encoding for managing network device, retrieve configuration data
information, and upload and manipulate new configuration data.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
Should support distributed and customized approach to event detection and recovery offered directly in
the OS Software device to offer the ability to monitor events and take informational, corrective, or any
desired action when the monitored events occur or when a threshold is reached.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
Router OS should be EAL certifiedThere are multiple EAL certifications available like EAL2, EAL4+,
etc. and different vendors have their products certified to different EAL levels. We would request this
change to enable more OEMs to participate
Kindly change this to L2TPL2TP is an accepted and widely used standard and is implemented by most
OEMs.
Kindly remove these or allow other OEMs to quote equivalent open standard protocolThis is specific to
a particular OEM.
Should support WAN Optimization features such as TCP optimization, caching, compression, and
application acceleration in hardware modules or external appliance.These are WAN Optimization
procol and asking this feature in the form of hardware modules makes it specific to a particular OEM.
This can be supported using external appliance.
Sufficient DRAM should be provided from day-1Requirement of memory differs from OEM to OEM
because of the device architectural difference.
Sufficient Flash should be provided from day-1Requirement of memory differs from OEM to OEM
because of the device architectural difference.
Kindly remove management via USB.USB port in a router is mainly required for connecting external
Flash or 3G Dongles. For management Console or AUX port is enough for out of band management.
Kindly remove this.This is specific to a particular OEM.
Should be able to manage & administer point-to-point VPNs by actively pushing new security policies
from a single headend to remote sites.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
Kindly remove this.Intrusion Prevention should be performed in a dedicated appliance and the same
has been asked for in the RFP. By enabling IPS feature in a Router, the routing performance of the
router will be degraded.
Kindly remove this.If we enable a firewall with 3Gbps throughput & 300000 Concurrent sessiion in a
Router then the routing performance of the router will be degraded. Separate firewall appliances have
anyway ben asked for in the RFP
Kindly remove this.Intrusion Prevention should be performed in a dedicated appliance and the same
has been asked for in the RFP. By enabling IPS feature in a Router, the routing performance of the
router will be degraded.
Kindly remove this.This feature is needed in an IP PBX, and not a router.
Temperature Alarm and Power Monitoring.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
The Switches must be able to Build up its own inventory (like Device Name, Chassis Type, Memory,
Flash, Software ver. Etc)
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
IPv4 Total Routes should be 128000 and IPv6 route entires should be 64000256K IPv4 Routes & 128K
IPv6 Routes are needed in a Core Router. The main purpose of a Core Switch is switching. So 128K
IPv4 Routes & 64K IPv6 Routes will be enough for this solution.
The switch should have 1000 Multicast RoutesMulticast routes are mainly needed for Video Streaming
or Video Surveillance. 1000 Multicast routes are enough for this solution.
Support for ease of configuration of VLANs across switches (Virtual Trunking Protocol or GUI based or
Equivalent open standard protocol.)This is specific to a particular OEM.
Support for auto-configuring trunks between switches (Dynamic Trunking Protocol or GUI, etc. or
Equivalent open standard protocol.This is specific to a particular OEM.

Kindly remove thisThis is specific to a particular OEM.

Configuration Change Tracking.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
Kindly remove thisThis is specific to a particular OEM.
Kindly remove thisThis is specific to a particular OEM.
The switch should support Flexible NetFlow / or equivalent for optimized application visibilityFlexible
NetFlow is specific to a particular OEM. We can achieve the same functionality using open standrds
based protocols
Minimum of 24 port 10/100Mbps Fast Ethernet auto sensing ports and 2 nos of 10/100/100 Mbps
Uplink ports, with 8.8 Gbps of Switching Bandwidth and 6.5 Mpps forwarding rateA switch with these
port counts will need 8.8 Gbps of Switching Bandwidth and 6.5 Mpps forwarding rate to work in non
blocking mode. 16 Gbps of Forwarding Bandwidth, 32 Gbps of Switching Bandwidth will not be
required.
Sufficient DRAM & FLASH should be provided for all functionality to be enabled without any
performance penaltyDifferent OEM follows different hardware architecture. So the memory
requirement differs Router to Router.
Weighted Tail Drop (WTD) or equivalent for congestion avoidance Different OEM Follows different
congestion avoidance method like strict priority queuing (SP), weighted round robin (WRR)
Configuration Change Tracking.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
Layer 2 or layer 3 traceroute to ease troubleshooting by identifying the physical path that a packet
takes from the source device to a destination device.There are multiple troubleshooting methods
available
Kindly remove thisThis is specific to a particular OEM.
The software should have a mechanism to proactively detect and address potential hardware and
software faults during runtime.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using our NMS software.
Kindly remove thisThis is specific to a particular OEM.
This should be an NMS feature. Kindly remove this from a switch spec.We can support this feature
using our NMS software.
Yes. kindly remove thisThis refers to Classless Inter-domain Routing (CIDR). This is available in a L3
switch. But here L3 switch is not needed as an access switch

Kindly remove thisThis is specific to a particular OEM.


Kindly remove thisThis is specific to a particular OEM.

Kindly remove thisThe switch with 24 x 1G ports & 20 Gbps stacking BW will work in non blocking
mode with 88 Gbps switching throughput.
Minimum Switching Capacity - 88 Gbps forwarding bandwidth is decided by mpps value
Kindly remove thisThis is specific to a particular OEM.

Kindly remove thisThis is specific to a particular OEM.
Port Aggregation Protocol (PAgP) or Link Aggregation Protocol (LACP)Port Aggregation Protocol
(PAgP) is specific to a particular OEM.
Weighted Tail Drop (WTD) or equivalent for congestion avoidance Different OEM Follows different
congestion avoidance method like strict priority queuing (SP), weighted round robin (WRR)
Layer 2 or layer 3 traceroute to ease troubleshooting by identifying the physical path that a packet
takes from the source device to a destination device.There are multiple troubleshooting methods
available

Kindly remove thisThis is specific to a particular OEM.


Kindly remove thisThis is specific to a particular OEM.

Sufficient DRAM should be provided for all functionality to be enabled without any performance
penaltyRequirement of memory differs from OEM to OEM because of the device architectural
difference.
Sufficient Flash memory should be provided for all functionality to be enabled without any performance
penaltyRequirement of memory differs from OEM to OEM because of the device architectural
difference.
Firewall Services with Standard Access Lists, Extended Access Lists and Time based Access
listsIntrusion Detectionshould be performed in a dedicated appliance. By enabling IDS feature in a
Router, the routing performance of the router will be degraded.
Kindly remove thisThis is specific to a particular OEM.
Kindly remove thisThis is specific to a particular OEM.



The router should have the following protocols support - IPv4, IPv6, static routes, Open Shortest Path
First (OSPF), Enhanced IGRP (EIGRP) or equivlavent, Border Gateway Protocol (BGP), BGP, Router
Reflector, Intermediate System-to-Intermediate System (IS-IS), Multicast Internet Group Management
Protocol (IGMPv3), Protocol Independent Multicast sparse mode (PIM SM), PIM Source-Specific
Multicast (SSM), Distance Vector Multicast Routing
Protocol (DVMRP) or equivalent, IPsec, generic routing encapsulation (GRE), Bidirectional Forwarding
Detection (BVD), IPv4-to-IPv6 Multicast,, MPLS, Layer 2 Tunneling Protocol Version (L2TP), 802.1ag,
802.3ah, and Layer 2 and Layer 3 VPNEIGRP is specific to particular OEM.
DVMRP is a old technology which replaced by PIM.
L2TP is supported by more OEMs than L2TPv3.


Kindly remove Performance Routing (PfR), and Network-Based Advanced Routing (NBAR)This is
specific to a particular OEM.


Should support distributed and customized approach to event detection and recovery offered directly in
the OS Software device to offer the ability to monitor events and take informational, corrective, or any
desired action when the monitored events occur or when a threshold is reached.
If this feature can be supported using NMS software, that need to be provided.We can support this
feature using IMC.
Router OS should be EAL certifiedThere are multiple EAL certifications available like EAL2, EAL4+,
etc. and different vendors have their products certified to different EAL levels. We would request this
change to enable more OEMs to participate
Kindly remove these or allow other OEMs to quote equivalent open standard protocolThis is specific to
a particular OEM.
Kindly remove this.If we enable a firewall with 500 Mbps throughput & 60000 Concurrent sessiion in a
Router then the routing performance of the router will be degraded.
Should be a solution for Authentication, Authorization and Accounting and 802.1x
implementation.Software based AAA solutions are available from many reputed OEMs and will allow
more vendors to participate
In Point/Section 2.3.12.1, the number of resource are mentioned as 5 for Application Help Desk and




4 for Technology Help Desk and co-located at Kolkatta DC.
Is this a different requirement.
FMS support won’t be fully operation till the final acceptance. Hence need clarity on the scope
expected from Helpdesk team on the first pilot branch rollout.



Is application Help desk and technology help desk support can be provided remotely? or 50-50 onsite-
offshore Model.
Already there is one help desk team which will position in Agartala, Head Office, and this is extra help
desk. Can we clarity between these 2 help desk ?
After implementation the implementation team needs to provide knowledge transfer to help desk and
support team. This is not clear in the RFP. Please clarify.
Is the Payment for the Helpdesk teams can start from First Pilot Implementation?
Where is this 9 seats required?. Is in DC site or DR site or Agartala, Head Office ??




24X7 support Technology Help desk is already considered at DC location. Need clarity on the 24*7
support expectation at Bank premises



The vendor/partner cannot provide software/product support for code fixes. Software/Product team
needs to do this. The vendor can provide L1 or L2 level of support for such software. Hope this is
correct, if not please clarify.



Warranty start date of the equipment be considered based on the Rollout Phase completion.




Pls clarify if integration/interfacing in real time and bi-directional is required , as core banking is
generally source of data for the application like AML etc .
Please clarify If bank wants data to be replicated in encripted form over the network between DC and
DR.                                                                                          Please
clarify whether bank wants the proposed solution to provide Single system management view for DC
and DR database including backup & Recovery management, Disaster recovery management, monitor
and manage database.                                                                    Please clarify if
Database should have built-in DR solution to replicate the changes happening in the database across
DR Sites.
Please clarify whether bank wants capability in the tool for proactive diagnosis of the database –
providing the root cause analysis, active sessions history, top queries, performance issues and
advisories.




please clarify if bank wants to implement centralized audit policy management , preventing ad-hoc
access to application data and access to application data by privileged users like system
admin,database admin etc.




Pls clarify if Bank wants to implement MIS such a way that consolidated view is provided to Executive
management instead of manual consolidation of data from multiple appliactions like CBS,AML etc.
Pls clarify if bank wants to implement automated process of extraction of
data,transformation/cleansing and loading to MIS with capability to handle batch or real time replication
need.                                                                            Please clarify if banks
wants following capability in MIS:                                           1. Ability to publish reports as
.pdf / html pages through a portal/mobile devices            2. Personalization Features across reports
and dashboards giving users complete
   flexibility to modify the reports as per their requirements.                                      3.
Please clarify if bank wants a centralized audit policy management mechanism,repository to store
audit data and provide reporting and alerting with details like who did,what,to which data and when.




Please clarify if bank wants that database should support native optional database level encryption on
the table columns, table spaces or backups as well as the network traffic between the applications and
across DC & DR.
Please clarify if bank wants that database should support native optional database level encryption on
the table columns, table spaces or backups as well as the network traffic between the applications and
across DC & DR.



Please clarify if bank wants to enforce strong operational security controls to preventing ad-hoc access
to application data, changes to application structures, and access to application data by privileged
users like SYS admins or DBA's.
We suggest payment terms for VSAT hardware as75% of hardware payment is requested on delivery.
Balance on Installation per location
It is requested that the Bank and HP may enter into an agreement based on mutually agreeable terms
which shall be binding on both the parties.
HP proposes that its total aggregate liability in connection with obligations undertaken as a part of the
Project regardless of the form, or nature of the action shall not exceed (a) the amount paid for the
products; or (b) the amount paid for the service for a period not exceeding 12 months; or (c) the
professional services that is the subject of the claim.
In no event will HP be liable for any indirect, consequential, incidental loss or damage or loss of profits;
loss of revenue.
HP agrees to abide by and comply with all applicable laws. However, no such indemnities sought for in
the clause can be provided.
HP shall defend and settle all third party claims against HP products for IPR infringement only provided
the Bank notifies HP immediately of any such claim and allows HP with full freedom to defend and
settle such claims.

HP cannot provide for any such escrow mechanism for the source code. HP Delivery team to confirm
if the third party software Vendor can enter into an agreement with the Bank for the provision of the
escrow
The Bank is requested to make rights and obligations under this clause to be mutual.

All pre- existing IP shall remain with the existing respective owners. Any third party software used as
deliverables shall be procured through legitimate licenses from the respective owners.
Any customisation or grounds up development that HP does for the purposes of the project shall be
owned by HP and perpetual royalty free licenses shall be granted to the Bank.
HP requests the Bank for deletion of this clause.
1. Please clarify the 100% redundancy required for DRC section.
2. The given specification indicates RPO = 15 Minutes and RTO = 60 Minutes. We request you to
please relax the RPO and RTO as RPO = 60 Minutes and RTO = 120 Minutes. Otherwise kinldy detail
the storage specification the same RPO calls for Highest end enterprise storage only.




Please elaborate the interactions that would be required in the CBS


The bank may have 100 branches within next 5 years but the number of users as per the details
provided in the RFP is very less. Please confirm 5000 users are to be supported at any given point in
time.
As a normal practice, the source code is compiled at the Pilot site, tested and then the same source is
stored in the locker under escrow agreement. Also please clarify who would bear the cost of third
party.




Is bank looking for training from OEM's personnel for EMS Solution ?




Is EMS solution has to be integrated with the Helpdesk tool ?




Is the Helpdesk tool (as part of the EMS Solution) supposed to be single point of contact and signle
solution for the entire bank infrastructure or bank is expecting separate helpdesk for technical
problems and separate helpdesk for application related problems ? please clarify




Under Disaster Recovery Site (DRS) components, we have a line item named "Internet Router", but no
specs for the same are provided. Please confirm if the Branch router specs would be applicable for the
same or are there any add-on/modified requirement for the asked product.




Under Data Center components, we have a line item named "Firewalls Internet", but no specs for the
same are provided. Please confirm if the "Firewalls" specs would be applicable for the same or are
there any add-on/modified requirement for the asked product.




Please provide Users/Nodes details of the respective branches to size the quantity of the Branch
switches, structured cabling etc. required at each branch level.
Request you to provide complete address with pin code and landline number for HO and branch
offices. We need this for feasibility study for WAN
No specification for Hosted DC is mentioned in Annexure 4. Request you to include the same.
We understand that DC will be hosted at Tripura State Data Centre ( SDC ), Agartala and bidder will
use power, security, floor space of the SDC. There will be no physical infrastructure built scope for the
bidder.




Ambiguity in floor space ( 250/150 sq ft)
Providing data in CBS vendor’s format for migration and checking data integrity will be the
responsibility of the Bank.




Annexure 03 Sheet does not give details of interfaces. Please provide.

– Is this related to repo/reverse repo related transactions and meeting SLR requirements




Will priority sector loan definition be provided by the Bank.




Please clarify if integration/interfacing in real time and bi-directional is required , as core banking is
generally source of data for the application like AML etc .
Please confirm the period for which the Bid should remain valid
Device Specification is not mentioned. For UAT, the same is needed
To measure these SLAs, we would need a specialized telecom Infra. Please confirm if the bank shall
provide the same.
How many years of data is to be migrated?


The training material to be provided in how many languages?
How many days training for how many users. Is it L1 level training?
Is internet required at DR also? IS redundant perimeter firwall and IPS also require?
Please provide the specification for internet router, firewall & IPS.
                            Reply




This is a consortium bid wherein the overall delivery and
performance and sustainance of the solution rests with the SI.
The coverage for the availability, workability of bandwidth,
needs to be provisioned by the the SI thereby owning the
responsibility for the overall project SLA

This is a consortium bid wherein the overall delivery and
performance and sustainance of the solution rests with the SI.
The coverage for the availability, workability of bandwidth,
needs to be provisioned by the the SI thereby owning the
responsibility for the overall project SLA




RFP requirement stays


Please refer RFP "Project objective" in page 19 : wherein the
overall projection of branches across 5 years has been
provided


The requirement has been expressed in the RFP document
wherein the configuration to meet the requirement needs to
be done by the SI. The Bank during its process of ATP and
Benchmakring would check all relevant information and
highlight to the SI for deviations. In such case the SI will
mitigate the deviation at it's own responsibility and no
commercial impact to the Bank




RFP requirement stays
Transit insuarnce needs to be undertaken by the vendor and
adequate certificate for the same needs to be shared with the
Bank with Bank as the beneficiary




RFP requirement stays




Agreegate penalty is capped at 10% of TCV
The chaged Cluase is - Right to Alter Quantities – The Bank
reserve the right to alter the requirements specified in the
tender. The Bank also reserves the right to delete one or
more items from the list of items specified in the tender before
the submission of the final tender. The Bank will inform all
vendors about changes, if any.

RFP requirement stays




This is a SI opportunity wherein the aggregate responsibility
needs to be undertaken by the bidder




Refer RFP 3.2.15 "Escrow Mechanism" - wherein the SI is
expected to arrange for the mechanism for sharing the source
code of the CBS software from the ISV with the Escrow agent



This wil be shared with the final shortlisted vendor through the
process of evaluation
RFP requirement stays whereas the payment realization
window to the vendor would be adequately discussed and
finalized during contract finalization with the shortlisted vendor


RFP requirement stays


RFP requirement stays




RFP requirement stays




RFP requirement stays




RFP requirement stays



RFP requirement stays
RFP requirement stays




RFP requirement stays




RFP requirement stays




RFP requirement stays




RFP requirement stays




RFP requirement stays
The transaction for the extension counters has been factored
with the branches with which it's linked




The requirement is well defined wherein the project I sbased
on fixed timeline and fixed cost

All trainings would be conducted in the central training facility
of the Bank

The requirement in the Appendix 3 Form B 01 takes
precedance over the body of the RFP
RFP requirement stays

It is the responsibility of the SI to identify from the
compehensive RFP document for any additional FM scope
which might be necessary. The SI needs to provision for such
services as part of the technical write up (highlighting the
same) and the cost for the same needs to be factored in the
commercials in the section of "Others"




This is an application driven scope wherein the size of the
bandwidth is to be ascertained based on per transaction
requirement of the client
This is an application driven scope wherein the size of the
bandwidth is to be ascertained based on per transaction
requirement of the client


RFP requirement stays

RFP requirement stays
By the time 1st branch Goes Live, the SI needs to setup the
network across additional 10 branch locations as parallel
activity




RFP requirement stays


The bidders to consider bandwidth sizing for 57 branches




No
The SP2 is to provide the last mile from the BSNL MPLS. For
situations wherein it's not feasible the vendors are expected to
share a letter from BSNL citing resons for not being able to
allocate the same and provision for last mile from other POP
terminating to the DC

The SP2 is to provide the last mile from the BSNL MPLS. For
situations wherein it's not feasible the vendors are expected to
share a letter from BSNL citing resons for not being able to
allocate the same and provision for last mile from other POP
terminating to the DRC


Revised Appendix 3 Fomr B03
Ignore the statement wherein the Bidder needs to furnish the
document
This is an application driven scope wherein the size of the
bandwidth is to be ascertained based on per transaction
requirement of the client




Revised Appendix 3 Fomr B03
This is an application driven scope wherein the size of the
bandwidth is to be ascertained based on per transaction
requirement of the client (1:1)

Revised Appendix 3 Fomr B03



Revised Appendix 3 Fomr B03

Yes. Please furnish



RFP requirement stays

This will be discussed with the final shorlisted bideer




SI will do it as required


Revised Appendix 3 Fomr B03



Revised 'Annexure 02 - List of CBS branches_Revised.xls'
The solution factorization needs to be done by the SI




The Warranty on the product needs to be provisioned as per
the contract of 5 years including Pilot phase




RFP requirement stays



Revised 'Annexure 02 - List of CBS branches_Revised.xls'



RFP requirement stays


Pilot is for 7 branches




SI needs to work with the Service Provider



Functional requirement stands
The solution factorization needs to be done by the SI
The solution factorization needs to be done by the SI

The solution factorization needs to be done by the SI

The solution factorization needs to be done by the SI




RFP requirement stays




                      Requirement stays




                    RFP requirement stays
                    RFP requirement stays




                    RFP requirement stays

                    RFP requirement stays




     Refer "Annexure 05 - Minimum IT Infrastructure
    Specifications Compatibility Mode_Revised.xlsx"



Refer "Annexure 05 - Minimum IT Infrastructure Specifications
Compatibility Mode_Revised.xlsx"




Uniform Firewall policy across all barnches



Refer "Annexure 05 - Minimum IT Infrastructure Specifications
Compatibility Mode_Revised.xlsx"



ACL, Time based ACL , are OEM specific usage. Please use
industry standards and key words or equivalent




Dowonloadable ACL or functionally equivalent

Should be able to Push security policies and manage them
centrally as defined at the central site to the remote CPE
devices in the branches so that it has upto date policies
defined at the central site to the remote devices so that it has
upto date policies before the the connection is established.




NIPS and HIPS should be from two different OEM's
The IPS should be a dedicated hardware module or hardware
appliance or Software module with adequate server sized to
run the same




RFP requirement stays



Vendor to provision for solution based on the minimum IT
specefications defined or functionally equivalent




or functionally equivalent




To be implemented by the Bidder


To be implemented by the Bidder




To be implemented by the Bidder


To be implemented by the Bidder




RFP Stands
RFP Stands


RFP Stands


Yes


Defense-in-depth has to be maintained


Defense-in-depth has to be maintained

EMS tool Will be procured in CAPEX model Refer "Appendix
3 Form B 02 - Technical Bid Bill of Material_Revised.xls"
Yes
Yes




The Solution at all relevant points should be auditable wherein
no separate audit tool needs to be considered in the bid
proposed

RFP requirement stays
RFP requirement stays




RFP requirement stays




RFP requirement stays


RFP requirement stays
RFP requirement stays




RFP requirement stays

The vendor is to provision for 2 such handholding resources
across each branch for two successive weeks post migration
and roll out



RFP requirement stays




The FI solution as provisioned needs to have standard
interfacing and messaging formats which will be interfaced
with BC solution in future wherein the client agent for the BC
implementation needs to be provided as part of the solution



The architecture should be based on high performance,
Processor
RFP requirement stays

It should support high powered service modules with
improved availability, Gigabit Ethernet switching
It should support the industries widest range of wired and
wireless connectivity options such as T1/E1, T3/E3, 3G,
copper and fiber GE



Should support high speed WAN deployment requirement up
to 200Mbps or more, should support 200 Mbps of IPSec
performance



RFP requirement stays


RFP requirement stays
NEBS not needed

Removed
Should support hot plug of modules

RFP requirement stays




Vendor to integrate based on it's solution landscape


Vendor to integrate based on it's solution landscape



Vendor to integrate based on it's solution landscape




Vendor to integrate based on it's solution landscape


Router OS should be EAL certified

Accepted - L2TP
Secure collaborative communications with Group Encrypted
Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy
VPN or equivalent

Should support WAN Optimization features such as TCP
optimization, caching, compression, and application
acceleration internal / external

Should support minimum default DRAM = 1 GB

External Compact Flash minimum default = 256MB


Removed
Removed
Vendor to integrate based on it's solution landscape

IOS IPS



Accepted - Firewall feature would be utilised seperately


Removed
Removed


Vendor to integrate based on it's solution landscape



Vendor to integrate based on it's solution landscape


Removed

The switch should have 1000 Multicast Routes

Support for ease of configuration of VLANs across switches
(Virtual Trunking Protocol or GUI based) or equivalent
Support for auto-configuring trunks between switches
(Dynamic Trunking Protocol or GUI or equivalent
Automation through Embedded Event Manager (EEM),
AutoQoS, and Auto SmartPorts or equivalent for fast
provisioning, diagnosis, and reporting


Vendor to integrate based on it's solution landscape
RFP Requirement stays
Removed

The switch should support Flexible NetFlow or equivalent for
optimized application visibility


Minimum of 24 port 10/100Mbps Fast Ethernet auto sensing
ports and 2 nos of 10/100/100 Mbps Uplink ports, with 8.8
Gbps of switching Bandwidth, 6.5 Mpps forwarding rate

Switch should have adequate DRAM & Flash to support wire
spped non-blocking performance

Weighted Tail Drop (WTD) for congestion avoidance or
equivalent
Vendor to integrate based on it's solution landscape
Layer 2 or layer 3 traceroute to ease troubleshooting by
identifying the physical path that a packet takes from the
source device to a destination device.
RFP Requirement Stays



Vendor to integrate based on it's solution landscape
Management for atleast 100 devices through a single IP
address or through any equivalent software

Vendor to integrate based on it's solution landscape

Removed


Removed


Removed

non blocking mode with 88 Gbps switching throughput
RFP Requirement stays
Removed
UplinkFast & BackboneFast technologies to help ensure quick
failover recovery or equivalent
Port Aggregation Protocol (PAgP)/ Link Aggregation Protocol
(LACP)


Weighted Tail Drop (WTD) or equivalent
Layer 2 / 3 trace route to ease troubleshooting by identifying
the physical path that a packet takes from source to
destination.


Removed


Removed

Sufficient DRAM should be provided for all functionality to be
enabled without any performance penalty

Sufficient Flash memory should be provided for all
functionality to be enabled without any performance penalty


RFP requirement stays

Vendor to integrate based on it's solution landscape
RFP requirement stays




RFP requirement stays wherein L2TPV3 is replaced by L2TP,
DVMRP is replaced by PIM and EIGRP is removed
The router should have the following Traffic Management
features - QoS, Class-Based Weighted Fair Queuing
(CBWFQ), Weighted Random Early Detection (WRED),
Hierarchical QoS, Policy-Based Routing (PBR)




Vendor to integrate based on it's solution landscape


already clarified
Secure collaborative communications with Group Encrypted
Transport VPN, Dynamic Multipoint VPN, Enhanced Easy
VPN or equivalent




Appliance based or ported on recommended hardware




 The Helpdesk will be provisoned with Minimum 9 number of
    resources wherein 5 such resources would be in the
   Application Help Desk and 4 resources would be in the
  Technology Helpdesk. Any resource increase needs to be
      mutually discussed with the Bank and finalized.
          SDC will house in the Helpdesk function


 Helpdesk operations will intiate from the day the first Branch
 goes live wherein comprehensive FM starts post aceptance
                     and signoff of Pilot



         Helpdsk operations is only in SDC Agartala
This is implied. Yes the bidder is to quote for the PILOT HD
                         agent cost




                      already clarified




                      already clarified




                 RFP Requirement stays




                 RFP Requirement stays




 We seek customized solution under CBS for AML, ALM,
Shares etc. and not independent solutions interfacing with
                          CBS
Solution needs to be articulated by the SI as defined within the
RFP scope




Solution needs to be articulated by the SI as defined within the
RFP scope




NO




                   RFP Requirement Stays




NO




     Vendor to integrate based on it's solution landscape
     Vendor to integrate based on it's solution landscape


RFP stands

RFP Requirement stays

RFP Requirement stays



RFP Requirement stays

RFP Requirement stays

RFP Requirement stays
RFP Requirement stays



RFP Requirement stays



RFP Requirement stays


RFP Requirement stays

RFP Requirement stays
RFP Requirement stays
1. 100% redundancy is in terms of the system availability to
sustain equivalent workload to the DC server environment
2. RPO and RTO stays unchanged as per the requirement of
the Bank and the best practise across the banking industry




The application needs to have a built in Middleware layer
which should communicate in Standard ISO message format
with built in interfaces as well provision for new interface build




Refer RFP body clause 3.1.4.28. 250 concurrent users
RFP requirement stands




Refer revised 6.1.5.13 6.1.5.13 The proposed training
schedule is:




Yes




SI to define the solution




Revised Annexure 05 - Minimum IT Infrastructure
Specifications Compatibility Mode_Revised.xlsx




Yes but has to be form two different OEMs

Refer Annexure -02 - List of CBS branches revised.xls
The Formula for identifiying the Switch port requirement is :
Number of User + 4 ( 1 port each for Router, Enterrpise PC &
Printer + 1 Redundant port) considering minimum of 7 ports
for each branches wherein the Minimum number of ports in
the switch should be 16 ports

Refer Annexure -02 - List of CBS branches revised.xls
The DC should be level 3 refer to minimum specs
requirement "Annexure 11 - minimum level 3 Data Centre
Specifications_Revised.xlsx"

The bidder is to associate with the SDC personnel and
discuss and finalize on any Civil work if necessary
250 Sq Ft of hosting space in the DC whereas additional 150
Sq.ft of hosting space. PMO & NOC space of 500 sq ft as will
be provisioned by the Bank in one an identified location in
Agartala needs to be provisioned for scalability without being
factored in the TCO



  Vendor has to provide migration tool for convertion to CBS




 Vendor Needs to provide training to 250 users including HO

    Interface requirement is to be analyzed by the bidder




It is for meeting SLR
As per RBI and NABARD




                Customized solution under CBS
The Bid is valid for 6 months from the date of submission of
the bid refer RFP
Application specific sizing needs to be derived by the SI

     NO, such feature would be incorporated at later time
        Savings, CCOD - Interest acquiral details
                  Loan complete history
       Term deposit Interest acquiral and payment
Other than the balance of migration date including curremt
             Bilingual - English and Bengali
                       L1 training
                       NO. Yes
                 Revised Annexure 05
            Those locations which are having VSAT as a primary mode of
            connectvity, there should be a common bandwidth pool. The
            service providers VSAT hub location should be connected to DC
            (primary) using one Leased line Link one from the service
2.3.9.9.4   provider.
Revised




All the VSAT locations which share a common bandwidth pool will connect
with SP1 and SP2 from the VSAT hub Station to the DC.

								
To top