Docstoc

Punjab National Bank Foreign Exchange

Document Sample
Punjab National Bank Foreign Exchange Powered By Docstoc
					Request for Proposal – Punjab National Bank

___________________________________________________________




                         PUNJAB NATIONAL BANK

                       REQUEST FOR PROPOSAL (RFP)
                                  FOR
     INSTALLATION, UPDATION AND MAINTENANCE OF SYMANTEC MULTI-TIER
         PROTECTION (SMP), SYMANTEC MAIL SECURITY WITH ANTI SPAM



PUNJAB NATIONAL BANK
INFORMATION TECHNOLOGY DIVISION,
HEAD OFFICE, 5, SANSAD MARG,
NEW DELHI - 110 001
Tel : (011) - 23710483/23714804/23352024
23710021 Extn. 230,301
Fax: (011) - 23321305




                                           1
 Request for Proposal – Punjab National Bank

 ___________________________________________________________


                              TABLE OF CONTENTS
Sl.                             SUBJECT                       PAGE NO
No.
1.     INTRODUCTION                                               5
2.           TECHNICAL SPECIFICATION (ANNEXURE-I)                28

3.              TERMS AND CONDITION (ANNEXURE-II)                39

4.     PRE QUALIFICATION CRITERIA FOR VENDOR (ANNEXURE-III)      41

5.     BIDDER’S INFORMATION (ANNEXURE-IV)                        43

6.     COMPLIANCE STATEMENT (ANNEXURE-V)                         44

7.     SERVICE SUPPORT DETAIL (ANNEXURE-VI)                      45

8.     PERFORMANCE STATEMENT (ANNEXURE-VII)                      46

9.     COMMERCIAL STATEMENT (ANNEXURE-VIII)                      47

10.    CHECK LIST (ANNEXURE-IX)                                  49

11.    LIST OF CIRCLE OFFICES (ANNEXURE-X)                       50
12.    CONFIDENTIALITY –CUM- NON-DISCLOSURE AGREEMENT            52
       (ANNEXURE-XI)
13.    INSTALLATION REPORT FORMAT (ANNEXURE –XII)                57
14.    RRB DETAILS AND Anti Virus SETUP (ANNEXURE –XIII)         58




                                        2
Request for Proposal – Punjab National Bank

___________________________________________________________

                                    BID DETAILS
Bid Details - Installation, updation and maintenance of Symantec Antivirus Suite
(latest version of SMP) for PCs and Servers of the Bank.
  1    Date of commencement of sale of                         20/01/2010
       Bidding Document
  2    Last date and time for sale of                          16/02/2010
       Bidding Documents                                        1600 HRS
  3    Last date and time for receipt Of                       17/02/2010
       Bidding Document                                         1700 HRS
  4    Date and time of Technical Bid                          18/02/2010
       Opening                                                  1600 HRS
 5     Place of opening of Bids                Punjab National Bank,
                                               Information Technology Division, 2nd
                                               floor, HO, 5 Sansad Marg,
                                               New Delhi - 110 001
  6    Address for communication               As above
                                               Tel:(011) 23710483/ 23714804/23352024
                                               23710021 Ext: 230/301
                                               Fax:(011) 23321305

 7    Earnest Money Deposit                   Rs. 1.0 Lacs in the form of Demand Draft
                                              in favour of Punjab Nation Bank, IT
                                              Division payable at New Delhi. EMD
                                              should be enclosed with Technical Bid.
                                              EMD can also be paid online using the e-
                                              procurement system of the Bank.
 8    Cost of RFP                             Rs. 5000.00 in the form of Demand Draft
                                              in favour of Punjab National Bank, IT
                                              Division payable at New Delhi. The
                                              DD/Cheque should be submitted in
                                              person at the time of bid submission. It
                                              can be also paid online using the e-
                                              procurement system.
 9    Contact to Bidders                      Interested Bidders are requested to send
                                              the     email     to   itdaudit@pnb.co.in,
                                              mansingh@pnb.co.in,
                                              hkmahindru@pnb.co.in            containing
                                              following information, so that in case of
                                              any clarification the same may be issued
                                              to them. Name of Company, contact
                                              person, Mailing address with Pin Code,
                                              Telephone No., Fax No. e-mail, Mobile
                                              No. etc.



                                       3
Request for Proposal – Punjab National Bank

___________________________________________________________

To,
The Asst General Manager
IT Procurement Deptt.
Punjab National Bank
Information Technology Division
HO: 5, Sansad Marg
New Delhi-110001

Sir,
Reg.: Our bid for Installation, updation and maintenance of Symantec Multi-tier
       Protection (SMP) for PCs and Servers of the Bank

We submit our Bid Document herewith.
We understand that
  1. You are not bound to accept the lowest or any bid received by you, and
     you may reject all or any bid.
  2. If our Bid for the above job is accepted, we undertake to enter into and
     execute at our cost, when called upon by the purchaser to do so, a
     contract in the prescribed form. Unless and until a formal contract is
     prepared and executed, this bid together with your written acceptance
     thereof shall constitute a binding contract between us.
  3. If our bid is accepted, we are to be jointly and severally responsible for
     the due performance of the contract.
  4. You may accept or entrust the entire work to one vendor or divide the
     work to more than one vendor without assigning any reason or giving any
     explanation whatsoever.
  5. Vendor means the bidder who is decided and declared so after
     examination of commercial bids.
  6. The names of short listed bidders after the completion of first stage
     (Technical Bid), and the name of successful bidder to whom the contract
     is finally awarded after the completion of second stage (Commercial
     Bid), shall be displayed on the Notice Board of the purchaser at Punjab
     National Bank, Information Technology Division, 2nd Floor, Head Office, 5,
     Sansad Marg, New Delhi-110001.
     Dated at____________this _______________day of __________2010.

                                                Yours faithfully
                                                For______________________
                                                Signature:________________
                                                Name:___________________




                                       4
Request for Proposal – Punjab National Bank

___________________________________________________________

1. INTRODUCTION

      Punjab National Bank, one of the leading nationalized Bank of the
      country has a national presence through a widespread network of over
      5000 Service Out-Lets(SOLs) in branches/Offices spread across the
      country. It has established specialized branches to cater to the needs of
      key customer segments in the core areas of Agriculture, Industrial Finance
      and Foreign Exchange.

      With more than 114 years of customer services, the Bank has a large
      satisfied clientele throughout the country. For enhancing customer
      convenience levels and overall inter-branch efficiency, the bank has
      heavily invested in Information Technology.

      The bank has already implemented a core banking solution (Finacle),
      which provides anywhere any time banking to all its customers of more
      than 5000 Service Outlets in more than 2600 Centers across the country.
      Internet Banking Service is being provided to the customers of these
      Service Outlets / branches. All the Branches / offices of the Bank are
      having Intranet dual network connectivity mainly on lease-line then ISDN,
      Radio Frequency (RF) & VSAT for accessing various applications.

      Complementing these services, the bank also offers a modern,
      competitive full service to its commercial, retail and corporate customers
      through its service outlets like Branches / ATMs / Extension counters etc.
      The design of the network enables the bank to have operational
      capabilities, which is at par with international business practices. Various
      Mail Servers have been located at different controlling offices to provide
      corporate email facility to its staff. To secure its network from threats like
      viruses, malware, spyware, network threats, Trojan Horse, adware, rootkits,
      Worm, Intrusion, Hacking etc. Bank has implemented comprehensive
      solution with deployment of Symantec Antivirus Enterprise Edition Security
      Suite. This version is renewed and being migrated to new version of
      Symantec Endpoint Protection (SEP ver 11.x) with new MR4. Bank is having
      its branches/offices in London, Hong Kong, Bhutan and Kabul and has
      expansion plans in other countries.

      Besides this, PNB has six Regional Rural Banks (RRBs) sponsored by it, which
      are spread in different states of India. Along with PNB, the rates for
      support services for these 6 RRBs also would be finalized through this RFP.




                                         5
Request for Proposal – Punjab National Bank

___________________________________________________________

2. PURPOSE OF THE RFP

      2.1   This document is a Request For Proposal (RFP) for On-site
      maintenance & support for installation/uninstallation/reinstallation/
      version/definition update/upgrade of Symantec Multi-tier Protection
      (SMP) in all the branches/offices of the Bank. Bank is procuring necessary
      Licenses and subscription renewals directly from M/s Symantec.

      2.2    The above purpose of RFP is also applicable for 6 RRBs sponsored
      by PNB, having total approx 1400 branches and 4000 PCs. No anti virus
      has been deployed in these branches PCs. Fresh (new) on-site installation
      and on-site maintenance in all the PCs/Servers in all the branches of all 6
      RRBs by successful vendor’s engineering support services will be required
      to be done. The rates for fresh SMP licenses and subscription renewals are
      already finalized for these RRBs also, which are same as PNB. Necessary
      fresh and subsequent subscription (ATS) renewals SMP Licenses will be
      procured by each RRB individually as per their requirement through a
      different vendor suggested by M/s Symantec directly. Details for these
      RRBs are enclosed in Annex-XIII.

      The latest Symantec Anti Virus solution such as Symantec Multi-Tier
      Protection (SMP) available or version compatible to Bank’s hardware
      environment shall be installed by the vendor in all PCs of all
      branches/offices.

      This document provides vendors the Symantec Antivirus Solution set up
      and expectations from the bidder. The bidder is invited to submit a
      proposal for support services of the required quantity of the products to
      meet the said objective. The bidder will offer support services on following
      security products:
                  1. Symantec Multi-Tier Protection (SMP) (latest compatible
                  version).
                  2. Symantec Critical System Protection (latest version)
                  3. Symantec Antivirus protection with Anti Spam Licenses for
                      Mail Servers, SMTP, Exchange Server, Domain Controllers
                      (latest version which is part of SMP)

  A. Symantec Multi Tier Protection;

  Symantec Multi-tier Protection 11.0.5 (or latest) Suite comprising of following
  solutions:
     • Antivirus for Desktops, Servers, Windows mobiles, e-mail, SMTP &
         Exchange including Anti Spam having following features –
     1. Symantec Endpoint Protection 11.0 (latest version)


                                        6
Request for Proposal – Punjab National Bank

___________________________________________________________

                         1. Antivirus    (Windows/Macintosh/Linux/ Windows
                            Mobile)
                         2. Antispyware, Adware Removal tools
                         3. Desktop firewall
                         4. Desktop IPS
                         5. Device control
                         6. Application Control
                         7. Network access control ready
                         8. Trojan/Worms detection and removal tools

      2.   Symantec AntiVirus for Macintosh & Linux
      3.   Symantec Mail Security for Domino & MS Exchange
      4.   Symantec Mobile AntiVirus for Windows Mobile
      5.   Symantec Brightmail Gateway Software Subscription
      6.   Symantec Premium Antispam

  Symantec Multitier Protection (SMP) is to be installed, updated and
  maintained in the following operating systems being currently used in the
  Bank:
  1. All Flavours of Windows Operating Systems like WIN 2000, WIN ME,
     WINDOWS XP, WINDOWS SERVER 2003, Windows Server 2007, WINDOWS
     VISTA, Windows 7 etc.- covering laptops, Desktops and Server Class
     Machines
  2. Novell Netware 4.x, 5.x (Servers and Work Stations), Linux- All flavours
     (Server Class & Client Class).

B. Installation, Maintenance, Updation and Support
   • Bank has procured approx 29000 Symantec Antivirus licenses renewed to
       Symantec Multi-tier Protection (SMP) and being migrated to this version.
       All such existing/remaining migration to SMP to be completed by
       successful bidder.
   • For the contract year 2010-11, Bank is expected to buy approximately
       5000 new licenses for PNB and approx 4000 new licenses for RRBs directly
       from Symantec which the successful bidder has to install/give
       maintenance support. However, this requirement is only indicative and
       requirement may vary depending upon actual requirement.
   • On-site installation, maintenance, Updation and trouble shooting support
       on new systems and existing systems in bank branches / offices across the
       country.
   • Proposed bidder should support all existing licenses and new licenses
       procured.
   • The updation of definitions should be automatic; however on non-
       updation of the same due to any reason, vendor will be required to
       provide on-site manual installation of updates.


                                       7
Request for Proposal – Punjab National Bank

___________________________________________________________

   •   On availability of new software version or Maintenance release by
       Symantec, vendor will be required to deploy new version/release across
       PNB within 3 months on compatible PCs.

   3. ELIGIBLE BIDDER

      The bidder should be the authorized dealer / channel partner
      representative of Symantec in India, and should fulfill the minimum
      eligibility criteria as mentioned in bid document (Annexure- III). A letter of
      authorization to this effect from Symantec must be furnished. Joint bid will
      not be accepted by Bank.
      Those bidders, whose performance in completing any of the earlier
      contracts with Bank has not been found to be satisfactory, will not be
      eligible for participation in this tender.
   4. PRESENT SETUP OF SYMANTEC ANTIVIRUS SOLUTION IMPLEMENTATION:

       4.1 In case of Branches/Offices as part of Enterprise Wide Network
       The architecture for updating of anti virus has been defined in a 3 tier
       manner wherein the Central Antivirus Server updates the Secondary
       Servers installed at the different Circle Offices/Networking Centres which
       further updates the branch office client machines. Different modes of
       network connectivity like Lease Line, ISDN, VSAT, RF links have been hired
       by the Bank. The detailed setup is as follows:

       Updation of Primary Server:

       Primary Antivirus Server or Central Server for the Network is situated at ITD:
       HO, New Delhi. The Primary Server gets updated automatically from
       Symantec website.

       Updation at Circle Office Servers/ Secondary Servers:

       Each Circle Office (ANNEXURE X) has Antivirus Server, which gets
       automatically updated from the Primary Server situated at New Delhi.

       Updation at Branch level:

          •   Each branch has dual link connectivity of normally 64 kbps
              bandwidth.
          •   For Lease-line, ISDN Link Branches have antivirus clients, which get
              updated from the Secondary Server situated at respective Circle
              Offices or Network Centre.
          •   For all VSAT & RF Link branches, PCs take updates from Central
              Server at Delhi.


                                          8
Request for Proposal – Punjab National Bank

___________________________________________________________



                           EXISTING ARCHITECTURE


                           Primary Server                 Internet
                             ITD HO


                                                RF/VSAT
               Leased Line(LL)



                     Secondary Servers
                     At Circle Office(1)                         Secondary Servers
                                                                 At Circle Office(n)




                                                 Branch PCs
        Branch PCs

The successful bidder may also review the existing architecture and propose
and demonstrate the implementation which will enhance the effectiveness &
efficiency of the deployment without enhancing the implementation or
operational cost or impacting the performance of network.

   4.2 In case of Branches/Offices which are not part of Enterprise Wide Network

The offices which are not part of Enterprise Wide Network, Antivirus software are
to be deployed on-site and definition updates are to be configured automatic
for Internet connected PCs and manually updated on monthly basis for stand-
alone PCs.

   5. The RFP calls for two types of proposal mentioned as follows:
a) Pre-Qualification and Technical proposal: The vendor’s proposal should
contain the general organizational details, which is required for pre-
qualification.




                                            9
Request for Proposal – Punjab National Bank

___________________________________________________________

b) Commercial proposal: The vendor’s proposal should contain per support
engineer cost for installation/maintenance/trouble shooting of Symantec
products during contract period.

This RFP will not address the following:

        Design and positioning of the security products architecture other than
        the antivirus solution.
        The Hardware and Network infrastructure required for implementing the
        required Symantec Antivirus solution, however successful vendor may be
        asked to give view on the existing hardware and if up-gradation of
        hardware is required or not.

6.    Scope of work - Bidder Responsibilities:

     1. Successful Bidder is fully responsible for installation, uninstallation/re-
        installation, configuration, back-up, maintenance & troubleshooting of
        Anti Virus console & centralized update server software as per the
        architecture defined by PNB. Bank may add/remove Anti virus Servers as
        per requirement of the Bank, which has be to installed/maintained by
        vendor.
     2. Successful Bidder is fully responsible for anti virus installation,
        uninstallation/re-installation,   configuration,         maintenance        &
        troubleshooting of SMTP Server, Exchange Server, and Domain Controllers
        servers at Head Office & Circle office security software as per the
        architecture defined by PNB.
     3. Successful Bidder shall be fully responsible for installation, configuration,
        maintenance & troubleshooting of Anti Virus software at all identified PCs
        at all branches and offices throughout India, which are connected to the
        enterprise wide network of PNB and which has connectivity to the
        Centralized Anti Virus Server. All the PCs shall be configured to get
        automatic updates from the Circle Office Anti Virus Server / Central
        console with proper scheduling so as to avoid traffic congestion. The
        update mechanism should be configured in efficient manner by fixing
        micro sizing and update frequency in such a way that it does not cause
        bandwidth issues.
     4. The successful bidder shall be responsible to generate summary & detail
        centralized report from AV Server Console showing version, definition
        updates, scan engine, virus attack/clean history etc.
     5. The successful bidder shall be responsible for installation, configuration,
        maintenance, support and troubleshooting of Anti Virus Software on all
        PCs / Servers in all non-networked branches / offices of the bank.
     6. Successful Bidder shall be responsible for re-architecture /reconfiguring/
        reinstalling of the complete / partial Anti virus infrastructure to take care


                                           10
Request for Proposal – Punjab National Bank

___________________________________________________________

       of the latest threat scenarios or to take care of the version upgrades as
       desired by the Bank.
   7. Successful Bidder shall be responsible for Symantec Antivirus Solution
       including all features like Anti Virus, Desktop Firewall and Intrusion
       Prevention System product software version updates on all these servers
       and PCs as is relevant.
   8. The updates of definitions and version updates shall also be carried out
       by the bidder at all non-networked branches manually on monthly basis.
   9. The successful bidder shall be responsible for on-site completing latest
       software version & updates/upgrades on all PCs within 3 months. These
       details must be appearing on AV Server console.
   10. The successful bidder shall be responsible for integrating the AV Servers
       logs to Bank’s Security Operations Center (SOC) and make reports of SOC
       requiring AV engineer from vendor to comply and remove observation of
       SOC points across PNB.
   11. The successful bidder shall be responsible for attending issues as per
       Bank’s Network Integrator (NI) and analysis/calls of NI requiring AV team
       to comply across PNB.
   12. The vendor shall be responsible for
           Ensuring on on-going basis that Symantec Multitier Protection (SMP) is
           installed & enabled on all the PCs / Servers of the bank in all its
           branches / offices throughout the country whether connected in its
           enterprise wide network or not.
           Ensuring on on-going basis that all the PCs / Servers installed in all
           branches / offices of the bank remain updated with latest definitions /
           patches/version of Symantec Multitier Protection (SMP).
   13. Successful Bidder shall provide dedicated support personnel at all
       locations as mentioned in ANNEXURE X and Annex – XIII (for RRBs), who
       must be available at these locations from 09.00 hrs to 18.00 hrs and on call
       on 24 * 7 basis over Telephone and Email.
   14. The vendor will ensure support from OEM over e-mail and telephone on
       call on 24*7 basis for the issues escalated to OEM.
   15. The vendor shall have a help-line open for the Bank on 24X7 basis.
   16. The vendor shall respond to the calls from the bank. The turn around time
       for the vendor is 2 hour at location mentioned in ANNEXURE X and within
       4 hrs for other remote locations within Circle.
   17. The vendor shall provide an active response to all virus related incidents
       that happen within PNB and will have to visit the sites if the problem issue
       is serious.
   18. The vendor shall adhere to the Anti Virus response guidelines provided by
       PNB.
   19. The vendor shall have skilled and experienced personnel for
       implementation & consultation. Adequate training should be provided to
       the personnel who are involved in the installation & implementation.


                                        11
Request for Proposal – Punjab National Bank

___________________________________________________________

         Vendor shall have to maintain adequate number of extra support
         engineers so that no vacant position remains at any location beyond two
         days due to leaving of job/sickness/unsatisfactory performance of
         present engineers.
     20. Additional engineer(s) at average cost per engineer as finalized through
         the bid will have to be provided by vendor in case of Circle(s) asking for
         the same. For this, Vendor shall have to maintain adequate number of
         extra support engineers so that additional engineers are provided at the
         earliest.
     21. Proportionate deduction from any due payment will be imposed for
         absentee of engineer (s) without leave from PNB, and non-performance
         of upgrades/updates/installations.
     22. For its subsidiaries, RRBs, sponsored Banks, additional engineer(s) at
         average cost per engineer as finalized through the bid will have to be
         provided by vendor.
     23. The successful bidder shall be responsible to train Bank officials by
         providing training faculty support at Bank’s HO / COs / Training Centres.
     24. The vendor shall be responsible to provide all the functionalities, which
         the Symantec Multitier Protection (SMP)/Symantec Mail Security (SMS) /
         Symantec critical system protection Software Supports.
     25. For each visit to site, vendor will give call report and obtain sign-off for
         satisfactory working of PC/Server.
     26. The Vendor has to provide the Escalation Matrix in respect of calls that
         need to be attended for installation/support and maintenance.
     27. All the above points are applicable in respect of all branches / offices of
         the bank throughout the country, whether networked or non-networked.
     28. All the above scope of work is applicable for all branches / offices of the
         Regional Rural Banks (RRBs) throughout the country, whether networked or
         non-networked.


7.      RELIABILITY

        Since the product shall be installed at critical PCs and Servers, the
        product installation and maintenance shall be done by experienced
        personnel having basic knowledge of all current Operating Systems,
        Networking and deep Symantec Anti virus product knowledge.

8.      COST OF BIDDING

        The Bidder shall bear all the costs associated with the preparation and
        submission of its bid and Punjab National Bank, hereinafter referred to as
        the Purchaser/Bank, will in no case be responsible or liable for these costs,
        regardless of the conduct or outcome of the bidding process.


                                          12
Request for Proposal – Punjab National Bank

___________________________________________________________


9.    BIDDING DOCUMENT

      The Bidder is expected to examine all instructions, forms, terms and
      conditions and technical specifications in the Bidding Documents. Failure
      to furnish all information required by the Bidding Documents or submission
      of a bid not substantially responsive to the Bidding Documents in every
      respect will be at the Bidder’s risk and may result in the rejection of its bid.

10.   AMENDMENT OF BIDDING DOCUMENTS

      At any time prior to the deadline for submission of bids, the Purchaser
      may, for any reason, modify the Bidding Documents through
      amendments at the sole discretion of the Bank.

      Amendment will be published on the e-Procurement portal of the Bank
      and the amendments will be binding on bidders. In order to provide
      prospective Bidders a reasonable time to take the amendments into
      account in preparing their bid, the Purchaser may, at its discretion,
      extend the deadline for submission of bids.

11.   PERIOD OF VALIDITY

      Bids shall remain valid for one year after the date of bid opening
      prescribed by the Purchaser. A bid valid for shorter period shall be
      rejected by purchaser as non-responsive.

      In exceptional circumstances, the Purchaser may solicit the Bidders’
      consent to an extension of the period of validity. The request and
      response thereto shall be made in writing or by fax. The Bidder may refuse
      the request. A bidder granting the request will not be required nor
      permitted to modify its bid.

12.    BID CURRENCIES

Prices shall be expressed in the Indian Rupees only.

13. LANGUAGE OF BID

All bids and supporting documentation shall be submitted in English.

14. BIDDING PROCESS (TWO STAGE)




                                         13
Request for Proposal – Punjab National Bank

___________________________________________________________

For the purpose of the present job, a two-stage bidding process will be
followed. The response to the present tender will be submitted in two parts:

      Technical bid             (Part-l)
           TECHNICAL BID will contain the bidder’s information in the format
           (Annex IV) given in bid document.

            TECHNICAL BID will not contain any pricing or commercial
            information at all. The bid shall be signed using his Digital Certificate
            by the Bidder to bind the bidder to the contract.


      Commercial bid              (Part-ll)

            The COMMERCIAL BID will be submitted separately on the format
            (Annex VIII). Under the second stage, the COMMERCIAL BID of only
            those bidders, whose technical bids are responsive, will be opened.
            The bid shall be signed using his Digital Certificate by the Bidder to
            bind the bidder to the contract.

The bidder will have to submit the Technical bid and Commercial portion of the
bids online sealed and signed with their digital certificate.


15. BID EARNEST MONEY

      Bidder to submit the EMD of Rs.100000/- (Rupees One lac only) as Bid
      Security in the form of Demand Draft or Pay Order/ Cash Order in favor of
      Punjab National Bank –Information Technology Division drawn on Delhi
      OR through online payment mode of e-procurement system. This security
      is required to protect interest of PNB against the risk of conduct of the
      bidder, which may warrant the forfeiture of the security in the following
      scenario:
                    a. In the event of withdrawal of bid during the period of bid
                       validity;
                                    OR
                    b. In the case of a successful bidder, if the bidder fails to sign
                       the contract in accordance with              the Terms and
                       Conditions and other requirement as specified in RFP.
                                 OR
                    c. Any act of bidder, which is not in line with contract
                       obligations.

      Any bid not accompanied with requisite EMD shall be treated as non-


                                          14
Request for Proposal – Punjab National Bank

___________________________________________________________

      responsive and is liable to be rejected.

      The EMD of the unsuccessful bidder shall be returned as early as possible,
      but not earlier than 30 days from the date of executing the contract with
      successful bidder, against acknowledgment from the bidder. Successful
      bidder’s EMD will be returned upon the bidder signing the contract and
      submitting the required Performance Bank Guarantee.

      No interest is payable on the amount of EMD even if delay in refund is
      beyond 30 days.

      This EMD amount (DD/PO) should be kept in the envelope containing
      Technical Bid. In the absence of EMD, bid will be rejected.

16. PERFORMANCE GURANTEE

      Successful Bidder will submit a Performance Bank Guarantee as per
      prescribed Performa equivalent to Rs. 5,00,000/- (Rs. Five lac Only) for the
      contract period within 30 days of signing of contract.

      17. SUBMISSION OF BIDS

      The bidders shall submit their bids online using the Bank’s e-procurement
      site www.pnb.org.in as per the specified tender schedule.

18. DEADLINE FOR SUBMISSION OF BIDS

      Bid must be received by the Purchaser as per the schedule specified in
      tender Document.

      The purchase may, at its discretion, extend this deadline for submission of
      bids by amending the bid documents, in which case all rights and
      obligations of the purchaser and bidders previously subject to the
      deadline will thereafter be subject to the deadline as extended.

19.   LATE BIDS

      Late bids will not be accepted by the System in any case.

20.   MODIFICATION AND/OR WITHDRAWAL OF BIDS

      Bids once submitted will be treated, as final and no modification will be
      permitted. No correspondence in this regard will be entertained.




                                        15
Request for Proposal – Punjab National Bank

___________________________________________________________

         No bidder shall be allowed to withdraw the bid after the deadline for
         submission of bids.

In case of the successful bidder, he will not be allowed to withdraw/back out
from the bid commitments. The bid earnest money in such eventuality shall be
forfeited and all interests/claims of such bidder shall be deemed as foreclosed

21.      CONTENTS OF DOCUMENTS TO BE SUBMITTED

The bidder shall submit the following documents:

Documents required in Technical Bid (Sealed Cover)

      1. Check List (Annexure-IX)
      2. Supporting documents in respect of minimum qualification criteria as per
          Annexure-III.
      3. Bidders Information as per format as per Annexure IV.
      4. Acceptance of the terms and conditions and compliance of technical
          specifications as contained in Annexure-V.
      5. Any other document indicating the feature of the product.
      6. Last three years audited balanced sheet and profit and loss account
          statement.
      7. Bid Earnest Money in the form of Demand Draft.
      8. Service Support set up details across India as per Annexure VI.
      9. Performance Statement of projects carried out as per Annexure VII.
      10. Technical Offer indicating competence on the Symantec product to the
          Banks as per Annexure-I.
      11. Power of attorney of signing official of bidder.

Document required in Commercial Bid (Sealed and signed Digitally)

      1. Commercial offer as per Annexure-VIII.

22.      BID OPENING AND EVALUATION

         The purchaser will open the bids, in the presence of Bidders’
         representative who choose to attend, at the time and date mentioned in
         Bid document.

         The bidders’ representatives who are present shall sign register evidencing
         their attendance. In the event of the specified date of bid opening being
         declared a holiday for purchaser, the bids shall be opened at the
         appointed time and place on next working day.



                                          16
Request for Proposal – Punjab National Bank

___________________________________________________________

      The commercial bid shall be opened in the presence of Bidders’
      representative, whose bids are considered as responsive as per the
      technical and other qualification criteria as underlined in the bid
      document. The purchaser will prepare the minutes of bid opening.

23.   CLARIFICATIONS ON BIDS

      To assist in the examination, evaluation and comparison of bids the
      purchaser may, at its discretion, ask the bidder for clarification and
      response shall be in writing and no change in the price or substance of
      the bid shall be sought, offered or permitted.

24.   PRELIMINARY EXAMINATION

      The Purchaser will examine the bids to determine whether they are
      complete, whether any computational errors have been made, whether
      required information have been provided as underlined in the bid
      document, whether the documents have been properly signed, and
      whether bids are generally in order. Bids from agents without proper
      authorization from the bidder as per authorization form shall be treated as
      non-responsive.

      Arithmetical errors will be rectified on the following basis. If there is a
      discrepancy between unit price and the total price that is obtained by
      multiplying the unit price and quantity, the unit price shall prevail and
      total price shall be corrected. If the bidder does not accept the
      correction of the errors, its bid will be rejected. If there is discrepancy
      between words and figures, the amount in the words will prevail.

      The bid determined as not substantially responsive will be rejected by the
      purchaser and may not be made responsive by the bidder by correction
      of the non-conformity.

      The purchaser may waive any minor informality or non-conformity or
      irregularity in a bid, which does not constitute a material deviation,
      provided such waiver does not prejudice to affect the relative ranking of
      any bidder.

25.   Evaluation Criteria for deciding the lowest eligible bidder

      Lowest eligible vendor (L-1) will be decided based on total years’ on-site
      maintenance support cost of existing approx 29000 licenses. The total
      project cost will be calculated considering the requirement of: -



                                        17
Request for Proposal – Punjab National Bank

___________________________________________________________


       S No     Item                              Total Cost [Rs]
       1        For 65 engineers One-year’s
       For      install/     upgrade/     on-site
       PNB      maintenance support charges
                for existing/new Licenses
       2        For 34 engineers One-year’s
       For      install/     upgrade/     on-site
       RRBs     maintenance support charges
                for existing/new Licenses
                TOTAL COST (1 + 2) [ criteria ]:
      The above License quantity is only for calculation of L-1 purpose. Actual
      quantity may vary depending upon the requirement.

      The L1 bidder will be decided on the basis of cost quoted by the bidder in
      the commercial offer (Annexure-VIII). In case of two or more bidders
      being technically eligible, bank may exercise option of Reverse Auction.

26.   CONTACTING THE PURCHASER

      Any effort by bidder to influence the purchaser in the purchaser’s bid
      evaluation, bid comparison or contract award decision may result in the
      rejection of the Bidders’ bid.

27. PURCHASER’S RIGHT TO ACCEPT OR REJECT ANY BID OR ALL BIDS

      The purchaser reserves the right to accept or reject any bid and annul
      the bidding process and reject all bids at any time prior to award of
      contract, without thereby incurring any liability to the affected bidder or
      bidders or any obligation to inform the affected bidder or bidders of the
      ground for the purchaser’s action.

      GUIDELINES FOR REVERSE AUCTION:
      Initiation on the Bid Process

      Opening bid price and bid decrements will be intimated at the start of
      the bidding process by the means of on-line messages. In case of not
      receiving the details, the bidder has to inform PNB system administrator
      one hour before the scheduled event time through email and request for
      the details.

      Opening Price




                                       18
Request for Proposal – Punjab National Bank

___________________________________________________________

Opening price is the upper/ceiling price of the contract value fixed by PNB for
the lot / item. Bidders can bid only lower than the opening price in case of
Reverse Auctions (Bid price would be based on the total price arrived at
multiplying specified quantities with unit rates and summing up for the entire
requirement).

Weightage / Loading Factor

This factor shall be incorporated by the System Automatically during the event.
This factor is the effect of financial implication arising out of the deviation taken
by the Bidder in his Bid.

Auction Types

Bank may either go for Price Base Auction when the price quoted by each
bidder is shown to all the participants or Rank Base Auction when only rank of
the particular bidder is visible instead of price.

Alias Name

Each bidder will be given a unique alias name, generated by the system and
informed by system generated email. Bidders can see the bids of other bidders
but the real name will not be visible on the screen. Complete, schedule of the
auction will be intimated through a system generated emails to the
participating bidders. Flash messages between the event and at the end of the
events. The normal duration of Reverse auction will be 1 hour (60 minutes) with
provision of auto extension as per auction rules to be decided by Negotiation
Committee before start of auction. The Bid Extension rules shall be governed
after the expiry of the Auction Time earlier set & decided before start of Event.
In the event a bidder is placing his bid in last 5 minutes of the scheduled end
time of the event, the event will get automatically extended for next 5 minutes
infinitely. The auction time will get automatically extended so as to allow other
the bidders an opportunity to participate and give better offer to win the bid.
In the event of any typographic error while posting the bid, the auction would
still get extended so as to allow the bidder an opportunity to correct the
mistake. Screen will refresh automatically in every seven (7) second. It is
recommended to manually refresh screen by pressing F- 5 from keyboard, if no
changes are seen on screen for unusual period.

Bid Decrement

Bid Decrement is the minimum fixed amount by which, or by multiples of which,
the next bid value can be decreased. Bid decrement is usually calculated
0.25% of the opening price. However PNB reserves the right to decide
appropriate bid decrement factor. Bidders should enter the next bid price



                                         19
Request for Proposal – Punjab National Bank

___________________________________________________________

considering the Bid Decrement, with reference to self bid for Rank Auction and
L1 bid with reference to Price Auction. However in no case would the system
accept modification to a higher value.

Auto Bid

Auto Bid is enabled from the start time of bidding. Once the vendor activates
this feature in the system, the system places bid on behalf of the vendor as per
the next bid decrement until the time the auto bid amount gets out-bided by
another participating vendor. In case more than one vendor is using the auto
bid facility, then the vendor who first initiated the auto bid functionality would
be considered the active bidder. • In the event of auto bid feature when prices
are equal, under such possibilities the bidder, who has first initiated / invoked the
option of auto bid, shall be considered the active bidder and given preference.

Surrogate Bidding

Surrogate bidding is not allowed.

Price Break Up
Bidders are required to submit the price break up of the final bid price just after
the event on to the formats/ price breakup sheet.

Mistake Proofing

If a bid placed X times below or higher of the bid decrement / increment as
decided by PNB, a warning message will be flashed on screen to confirm the
placed bid, Bid once placed will not be deleted in any circumstances and the
bidder will be bond to deliver the services on the quoted bid.

The following term and conditions are deemed as accepted by vendor on participation in
the bid event

1. Bidders/ participants are deemed to have accepted the auction rules on
   participation at the bid event. Participation in a bid event is by invitation from
   PNB. Any other bidder does not automatically qualify for participation. PNB
   will make every effort to make the bid process transparent. However, the
   award decision by PNB would be final and binding on bidder.
2. You agree to non-disclosure of trade information regarding the purchase,
   identity of PNB, bid process, bid technology, bid documentation and bid
   details.
3. You cannot change price or quantity or delivery terms (or any other terms
   that impact the price) post the bid event.
4. You agree to furnish the item rate form within the stipulated time after the bid
   event.



                                         20
Request for Proposal – Punjab National Bank

___________________________________________________________

5. You cannot divulge either your bids or those of other bidders to any other
   external party.
6. Technical and other non-commercial queries (not impacting price) can be
   routed to the respective PNB contact personnel indicated in the RFP.
7. You are advised that you will understand auto bid process to safeguard
   yourself incase of technical failure. Inability to bid due to telephone line
   glitch, Internet response issues, software or hardware hangs will not be the
   responsibility of PNB.
8. You should be prepared with competitive price quotes on the day of the
   bidding event. Participate in the online bidding event as per the schedule.
   Submit the item wise price break up for all the items as per your last bid price
   in the stipulated time as per the schedule immediately after the online
   sourcing event. The bidder has to necessarily quote for all the items listed in
   the BOQ. In case of incompleteness of the bid, same may be rejected.
9. NOTE –
      1. If two or more bidders are technically eligible, we may also initiate the
         process of reverse auction
      2. Bank reserves the right to hold Reverse Auction / or call L-1 bidder for
         negotiation.


28.   SIGNING OF CONTRACT

      The successful bidder(s) shall be required to enter into a agreement with
      PNB, within 7 days of the award of the tender or within such extended
      period as may be specified by Chief Manager, Information Technology
      Division, Punjab National Bank, HO: 5, Sansad Marg, New Delhi, on the
      basis of the Tender Document, the Tender of the successful bidder, the
      letter of acceptance and such other terms and conditions as may be
      determined by the Bank to be necessary for the due performance of the
      work in accordance with the Bid and the acceptance thereof, with terms
      and conditions shall be contained in a Memorandum of Understanding to
      be signed at the time of execution of the Form of Contract. The rate
      contract will be valid for one year, unless terminated by the Bank before
      that date. The Bank may extend the contract period for a further period
      of up to one year.

29. GOVERNING LAW             AND    DISPUTES     (APPLICABLE     IN   CASE    OF
SUCCESSFUL BIDDER)

      All disputes or differences whatsoever arising between the parties out of
      or in relation to the construction, meaning and operation or effect of
      these Tender Documents or breach thereof shall be settled amicably. If,
      however, the parties are not able to solve them amicably, the same shall


                                        21
Request for Proposal – Punjab National Bank

___________________________________________________________

         be settled by arbitration in accordance with the applicable Indian Laws,
         and the award made in pursuance thereof shall be binding on the
         parties. The Arbitrator/Arbitrators shall give a reasoned award. Any
         appeal will be subject to the exclusive jurisdiction of courts at Delhi.

         The vendor shall continue work under the Contract during the arbitration
         proceedings unless otherwise directed in writing by the Bank or unless the
         matter is such that the work cannot possibly be continued until the
         decision of the arbitrator or the umpire, as the case may be, is obtained.
         The venue of the arbitration shall be Delhi.

   30.         USE OF CONTRACT DOCUMENTS AND INFORMATION

         The Vendor shall not, without the Bank's written consent, disclose the
         Contract or any provision thereof, or any specification or information
         furnished by or on behalf of the Bank in connection therewith, to any
         person(s) other than a person(s) employed by the Vendor in the
         performance of the Contract. Disclosure to any such employed person(s)
         shall be made in confidence against Non-disclosure contracts completed
         prior to disclosure and disclosure shall extend only so far, as may be
         necessary for purpose of such performance.

         Any document, other than the Contract itself, shall remain the property of
         the Bank and all copies thereof shall be returned to the Bank on
         termination of the Contract, if so required by the Bank.

         The Vendor shall not, without the Bank's prior written consent, make use of
         any document or information except for purposes of performing the
         Contract.

   31. PATENTS RIGHTS

         The bidder shall indemnify the purchaser against all third party claims of
         infringement of patent, trademark or industrial design rights arising from
         use of the Goods, or any part thereof in India.
         -The bidder shall, at their own expense, defend and indemnify the Bank
         against all third party claims or infringement of intellectual Property Right,
         including Patent, trademark, copyright, trade secret or industrial design
         rights arising from use of the products or any part thereof in India or
         abroad.

         -The bidder shall expeditiously extinguish any such claims and shall have
         full rights to defend itself there from. If the Bank is required to pay
         compensation to a third party resulting from such infringement, the bidder


                                           22
Request for Proposal – Punjab National Bank

___________________________________________________________

      shall be fully responsible for, including all expenses and court and legal
      fees.

      -The Bank will give notice to the Bidder of any such claim without delay,
      provide reasonable assistance to the Bidder in disposing of the claim, and
      shall at no time admit to any liability for or express any intent to settle the
      claim.

 32. ASSIGNMENT

      The bidder shall not assign, in whole or in part, its obligations to perform
      under the contract, except with the Purchaser’s prior written consent.


33. DELAYS IN PERFORMANCE

      Any delay in performing the obligation by the bidder will result in
      imposition of liquidated damages and/or termination of rate contract for
      default.

34. LIQUIDATED DAMAGES

      If the bidder fails to perform services within stipulated time schedule, the
      purchaser shall, without prejudice to its other remedies under the rate
      contract, deduct from the amount payable to the bidder under the
      contract as liquidated damages, a sum equivalent to 1.5 times the pro-
      rata rates for non-performance to the satisfaction of the Bank or
      absentee due to any reason. The purchaser has right to cancel the order
      in case delivery/services not performed within stipulated time schedule.

      The purchaser is entitled to withhold (deduct) from the purchase price or
      any other amount that is due to bidder from this contract or any other
      contract.

35. INDEMNIFICATION

      The Successful Bidder shall, at their own expense, defend and indemnify
      the Bank against any claims due to loss of data / damage to data arising
      as a consequence of anti virus solution implementation or non-
      maintenance or not providing the service within the requisite time at any
      of the designated location(s).

36.FORCE MAJEURE



                                         23
Request for Proposal – Punjab National Bank

___________________________________________________________

The Vendor or the Bank is not responsible for delays or non-performance of any
contractual obligations, caused by war, blockage, revolutions, insurrection, civil
commotion, riots, mobilizations, strikes, blockade, acts of God, plague or other
epidemics, fire, flood, obstructions of navigation by ice of port of dispatch, acts
of Govt. or public enemy or any other event

Beyond the control of either party which directly, materially and adversely
affect the performance of any contractual obligation.

If a force majeure situation arises, the Vendor shall promptly notify the Bank in
writing of such conditions and the change thereof. Unless otherwise directed by
the Bank, in writing, the Vendor shall continue to perform his obligations under
the contract as far as reasonably practiced and shall seek all reasonable
alternative means for performance not prevented by the force majeure event.


37. SERVICE LEVEL AGREEMENT

The Successful Bidder will also have to enter into a Service Level Agreement for
Service, Support and maintenance of Solution as per terms and conditions of
the RFP and covering the Scope of work of Successful Bidder. SLA shall be
elaborated to assure:
          On-site deployment of Symantec Multitier Protection (SMP) on 100% of
          the PCs / Servers of the bank in all of its branches / offices within three
          months of contract signing & again on new releases of new
          version/MR by Symantec.
          Regular Updation of definitions, versions on all PCs / Servers without
          adverse impact on the network efficiency.
          Support and trouble shooting on the products at all branches / offices

38. NON DISCLOSURE AGREEMENT:

Successful Bidder should sign non-disclosure agreement as per ANNEXURE XI.

39. TERMINATION:

   (i). By PNB:
   PNB shall be entitled to terminate this contract by giving 3 months notice to
   Successful Bidder in case:

      a.     Successful Bidder fails to integrate/implement the project as per the
             requirements of PNB. In such eventuality, Successful Bidder will
             refund to PNB any advance received in respect of licenses for
             Symantec Multitier Protection (SMP), which are not implemented.


                                         24
Request for Proposal – Punjab National Bank

___________________________________________________________


      b.     Successful Bidder fails to provide maintenance services as per terms
             and conditions agreed hereunder and/or fails to fulfill any of its
             obligations enumerated hereunder. In such eventuality, Successful
             Bidder shall refund to PNB the proportionate maintenance charges
             received in advance, if any, for the remaining period. In such
             eventuality, PNB shall have the right to avail the services of any
             other person for the purpose without any let or hindrance from
             Successful Bidder.

      c.     In the eventuality of termination of contract, PNB shall have the
             right to avail the services of any other person for the purpose
             without any let or hindrance from Successful Bidder.


     d.      In the eventuality of termination of contract, besides claiming
             refund of amount as above, PNB shall have a right to claim
             liquidated damages as decided by arbitrator.

   ii. By Successful Bidder:

   Successful Bidder shall have the right to terminate this contract by giving 3
   months notice to PNB, in case PNB fails to pay the fees/charges to Successful
   Bidder as per terms agreed hereunder.

40. Obligations of PNB:

      a.     PNB shall provide appropriate access, to the extent required for
             handling Anti-Virus related issues, on the computer system to
             provide service hereon. PNB shall be responsible for providing
             proper power source and other environmental conditions as
             prescribed by Successful Bidder.

      b.     During the period of this maintenance contract the setup shall not
             be relocated without prior intimation to Successful Bidder.

      c.     PNB shall be responsible for communicating PNB’s own users of the
             network security services and for handling all complaints, trouble
             reports made by such users.

      d.     PNB staff will always accompany Successful Bidder engineer(s) for
             carrying out any activity on PNB’s critical security network / setup.

41. Obligations of Successful Bidder:


                                        25
Request for Proposal – Punjab National Bank

___________________________________________________________


      a.     Successful Bidder will always send trained and experienced
             engineers to provide service at PNB offices. Their name, contact
             address and phone nos. will be advised in writing to PNB before
             hand. They will carry Photo Identity-card of company to prove their
             identity.

      b.     Whenever any designated Successful Bidder engineer is leaving his
             job, Successful Bidder will give prior information about this to PNB.

      c.     Successful Bidder engineer(s) will always work on PNB servers /
             networks from PNB premises and will NEVER enter into PNB network
             from any other Public or Private network under any circumstance.

      d.     Successful Bidder engineer(s) will not change the password of Anti
             Virus software / tools without the knowledge of PNB’s Information
             Security Team. In case they are aware about any password(s), they
             will not share it with any one other than PNB’s Information security
             team without written communication from PNB’s Information
             Security Team.

      e.     Successful Bidder engineer(s) will always give a duly signed call
             report, at all locations, describing the activities carried out by them
             before leaving PNB premises.

      f.     Whenever any new threats / vulnerabilities become public,
             Successful Bidder will bring this to the notice of PNB immediately
             and help / guide PNB in plugging these. The requisite configurations
             for plugging the threats /vulnerabilities will be done by Successful
             Bidder.

           g. Successful Bidder consultants would provide telephonic and e-mail
              support for the problems reported from any of the PNB locations
              within two hours from the reporting time. The type of calls which
              could be resolved through phone and e-mail may include (for
              example) updation of the anti virus, adding a rule base to the
              firewall, making minor configuration changes on the IPS and
              restarting the firewall service etc.

           h. For all the problems which could not be resolved through
              telephone or e-mail and which requires the presence of Successful
              Bidder engineer, the response time would be 2 hours from the
              reporting time at Head offices & Circle offices and at other
              locations outside the Circle Office city within 4 hours.


                                        26
Request for Proposal – Punjab National Bank

___________________________________________________________


         i. Once the call has been attended, Successful Bidder engineers will
            put their maximum efforts and deploy their best resources to resolve
            all calls at the earliest possible time frame at all locations.

         j. Successful Bidder shall be responsible for any act of its employees
            that may result in security breach in respect of PNB network.




                                       27
Request for Proposal – Punjab National Bank

___________________________________________________________

ANNEXURE-I

Technical Specifications for Symantec Multi-tier Protection (SMP)
Symantec Multi-tier Protection 11.0.x (or latest) Suite comprising of following solutions
     •Symantec Endpoint Protection 11.0
     •Symantec AntiVirus for Macintosh & Linux
    •Symantec Mail Security for Domino & MS Exchange
     •Symantec Mobile AntiVirus for Windows Mobile
     •Symantec Brightmail Gateway Software Subscription
     •Symantec Premium Antispam

The bidder must have competent engineers in deploying/maintaining following features of
Symantec product:
End Point Security Protection Features capabilities                                          Competent
                                                                                             (Yes / No)
    •   OPERATING SYSTEMS SUPPORTED - Should be able to support the
        following. Platforms:
    •    All flavors of Windows viz WIN 2000, WIN XP, Win-Vista, Windows 7 etc.
    •    Windows Server 2003, Windows Server 2007 etc.
    •    Linux
    •    All flavors of Browser based applications servers.
PRE-SCAN EXCLUSIONS - Should be able to add files, folders or extensions to an
'exclude' list so that they are not scanned on access
The antivirus software should be able to automatically detect and update definitions &
scan engine from the nearest parent server in the network
Should allow for incremental virus definition and scan engine updates

Solution should able to Detect and block malicious software in real time, including
viruses, worms, Trojan horses, spyware, Adware, and RootKit.
Endpoint solution technology should include a behavioral based technology apart from
providing the signatures for known threats, vulnerability add heuristic based approach. It
should be able to score both good and bad behaviors of unknown applications,
enhancing detection and reducing false positives without the need to create rule-based
configurations to provide protection from unseen threats i.e. zero-day threats.
Solution firewall engine should have option to allow or block support of network
protocols, including Ethernet, Token Ring, IPX/SPX, AppleTalk, and NetBEUI. Can
block protocol drivers (example: VMware, WinPcap) and should have Adapter specific
rules – e.g. Ethernet , Wireless, VPN
Proposed IPS solution should allow customer to edit and create the IPS signature using
snort/custom based format if required.
Solution should able to block devices based on Windows Class ID. These devices
should include
    • USB, Infrared,
    • Bluetooth,
    • Serial Port
    • Parallel Ports,
    • fire wire,
    •    SCSI and
    • PCMCIA.
 Solution should also be able to block and give read/write/execute permission for
mentioned devices.
Solution should provide application analysis, process control, file and registry access



                                                    28
Request for Proposal – Punjab National Bank

___________________________________________________________

control, module and DLL control.
Proposed Solution should be able to deploy flexible and different security policies
depending upon the AND/OR relationship of following network triggers -
 - IP address (range or mask)
 - DNS Server
 - DHCP Server
 - WINS Server
 - Gateway Address
 - TMP Token Exists (hardware token)
 - DNS Name Resolves to IP
 - Policy Manager Connected
 - Network Connection (wireless, VPN, Ethernet, dialup)
The solution should be scalable to include the options which may be used by the Bank
in future.
Proposed IPS solution should combines NIPS (network) and HIPS (host) both with
Generic Exploit Blocking (GEB) for one signature to proactively protect against all
variants, Granular application access control and behavior based technology mentioned
above.
Proposed solution should be able provide superior root kit detection and removal. This
should have access below the operating system to allow thorough analysis and repair.
System Lock Down - it should be able to “Locks down” the system by fingerprinting
every executable file on the system. It should then monitor all running applications and
terminate any application for which the agent does not have a matching fingerprint.
Denial of service detection and protection - Should Protects the system from multiple
forms of anomalous network behavior that is designed to disrupt system availability
and/or stability.
Anti-spoofing - Should Protects the transmission of data from being sent to a hacker
system who has spoofed their IP or Mac Address
 Agent should have the ability to detect and block process execution chains. It is able to
detect when a malicious application tries to execute a trusted application, and then use
the trust privileges of that application to access the network.
Anti-application hijacking - Should prevent hackers and web sites from identifying the
operating system and browser of individual computers.
Code insertion attack prevention - Prevent malicious applications from inserting code
into trusted application to bypass outbound application fire walling.
Protocol adapter attack prevention - Prevent malicious applications from using their own
protocol adapter to bypass outbound fire walling.
Antivirus and Antispyware policy can have options by default to choose High Security
and High performance to have a right balance while deployment in the production
network.
Antivirus schedules scans should get delayed/ rescheduled while laptops are running on
batteries.
Antivirus should have behavior based technology to scan for Trojans, worms and key
stroke loggers to protect from zero day threats. Sensitivity level of this should get
adjusted with customized scanning frequency.
Antivirus Solution should have internet browser protection and home page should be
configurable if security risk changes that.
Antivirus solution should be able to Scan POP 3 email traffic including email clients
Microsoft outlook , lotus notes and outlook express.
Desktop Firewall rules should be configurable depending upon the adapters including
Ethernet, Dialup, VPN (Microsoft PPTP, Nortel, Cisco). The solution should be scalable
to wireless networks in case bank wants to.




                                                    29
Request for Proposal – Punjab National Bank

___________________________________________________________

Desktop Firewall rules should be configurable depending upon the state of screen saver
"ON" & "Off".
Desktop Firewall Policies should be configurable depending upon the time and day.
The solution must have readymade policies including –
    a) To Make all removable drives read only ,
    b) To block program from running from removable drives ,
    c) Protect clients files and registry keys ,
    d) Log files written to USB drives ,
    e) Block modifications to host files
Management server should have the capabilities to add multiple domains/groups if
required for the different locations to assign the different administrators for other
locations. Each domain should shares the same management server and database.
This separation prevents administrators in one domain/group from viewing data in other
domains. These administrators can view and manage the contents of their own domain,
but they cannot view and manage the content of other domains.
The solution should allow integrating network access control functionality without any
modifications to antivirus agent or deploying a separate agent should bank feel to go for
network access control in future.


To conserve the network bandwidth clients should be configurable to upload the
maximum records of logs to the management server.
Specification for Antispam and Antivirus for Mail                                           Competent
                                                                                            (Yes / No)
Proposed Antivirus and Anti SPAM solution should be for the SMTP gateway
and as well as for the messaging servers. This protection should include content
filtering and Data Loss prevention. Antivirus and AntiSPAM engines should be
tightly integrated from a single vendor to avoid any integration and
administrative burden.
The proposed solution should have an integrated MTA, and should include standard
features such as overlapping message delivery for high-volume sustained delivery,
onboard DNS caching, support for virtual domains, and load balancing via MX DNS.
The proposed solution should be secured against unauthorized relaying and secured
against buffer overrun vulnerabilities.
The proposed solution should have proprietary URL technology, which should
seek out spam URLs in messages, includes specific filters against fraud URLs.
This technology should also remove the obfuscation and URL-relaying tactics
that spammers can employ to conceal the target fraudulent URL.
The vendor should have inhouse infrastructure and capabilities to monitor
worldwide spams and viruse and also create accurate anti-spam filters
developed and delivered by the solution vendor every 10 minutes to ensure
continuous protection. This should include an existing honey pot network (over
2 million decoy email addresses and domains). This should also include
submissions and statistics from over 300 million email inboxes.
The proposed solution should enable transformation of address information for inbound
recipients and outbound senders. The rewriting should occur as follows:
The solution should Rewrite recipient and sender addresses in both envelope and
headers (Inbound Recipients and Outbound Senders)
The proposed solution should extend address rewriting capabilities by replacing one
inbound recipient address with one or more email addresses. With aliasing, rewriting
should occur only for the recipient addresses and only in the envelope (Inbound
Recipients)



                                                   30
Request for Proposal – Punjab National Bank

___________________________________________________________

The proposed solution should append a default domain for outbound traffic. This should
aid deployments in which multiple anti-spam appliances are sending outbound mail.
The proposed solution should optionally drop invalid recipients from a given message.
When an invalid recipient is recognized it should be dropped from the given message.
This will be protecting the internal mail server from exposing invalid name space to
directory harvest attacks.
The proposed solution should allow customization of the SMTP banner text, which is the
“connection greeting” message.
The proposed solution should have a setting for configuring delivery bounce message
timeout. This setting should control how long bounce messages stay in the delivery
queue.
The Solution should support architecture which must be scalable. It should have ability
to separate the scanner and management so that there is no single point of failure.
Solution should provide support to install solution on virtual environment.
The proposed solution should be based on technologies which provide validated spam
catching rates of over 95%
The proposed solution should have a false positive rate of less than 1 in one million
messages
The proposed solution should identify and filter a spammer’s intended URL, which is
often disguised and leads to spam Web pages.
The proposed solution should have URL technology, which should seek out spam URLs
in messages, includes specific filters against fraud URLs. This technology should also
remove the obfuscation and URL-relaying tactics that spammers can employ to conceal
the target fraudulent URL.
The proposed solution should have filters that proactively target patterns common in
spam and viruses.
The proposed solution should target a specific MIME attachment, for example, a ZIP file
that contains a virus.
The proposed solution should have signature technology that eliminates randomization
and HTML-based filter evasion techniques.
The proposed solution should have tight, targeted, regular expression-based filters
based on real-time attacks or derived based on commonalities or trends present in
spam messages.
The proposed solution should have first-generation signature/body hash technology

The proposed solution should have language identification option in which the text of the
message should be identified as belonging to one of 11 international languages. The
proposed solution should then run only the filters that apply to the message’s language.
Users should be given an option to adjust language preferences to deny or allow email
based on language identification by the solution vendor
The proposed solution must have specially tuned heuristics to detect and block span in
non-English language. The supported languages could include Chinese, Dutch, English,
French, German, Italian, Japanese, Korean, Portuguese, Russian, and Spanish.
The proposed solution should vendor should have technicians deployed across the
globe to analyze spam and create targeted filters in over 15 languages.
Filters should automatically be downloaded from the proposed solution vendor to
customer sites via secure HTTPS every 5–10 minutes. Should have no need for server
restart or administrator intervention.
The proposed solution vendor should have the largest honeypot network (large decoy
email addresses and domains (more than 1 million). This should also include
submissions and statistics from millions of email inboxes. This should help the customer
to have accurate anti-spam filters developed and delivered by the solution vendor every
10 minutes to ensure continuous protection



                                                   31
Request for Proposal – Punjab National Bank

___________________________________________________________

The proposed solution should have an option using which end users can log into the
Spam Control Center, a Web-based interface, to submit missed spam to the solution
vendor. If warranted, the vendor should adjust filters.
Using convenient submission tools, The proposed solution vendor’s user community—
million strong—can quickly inform the vendor as soon as possible in the event of a
misidentified message
Based on the submissions, The proposed solution vendor should adjust filters if
warranted to improve filtering quality.
The proposed solution should provide Directory Harvest protection to protect internal
mail server from attacks
Based on objective analysis of sending patterns at the network level, the Sender
Reputation Service can identify abusive senders and prevent abusive senders and
spammers from connecting to the appliance.
Should automatically collect local sender reputation data to support skipping a subset of
antispam filters for those with no history of sending spam. It should also regularly re-
evaluates senders granted a pass
Solution must have local reputation with SMTP traffic shaping technology

End user tools and Preferences                                                              Competent
                                                                                            (Yes / No)
Users should have an option to specify addresses that will always be blocked. These
entries should be in addition to organization-wide block lists defined by administrators.
Users should have an option to designate senders who will allow bypassing antispam
filtering. This should include convenient auto-population of trusted senders from the
Microsoft Outlook address book.
Users should have an option to either specify languages in which they want to receive
email or in which they don’t want to receive email. Users should be allowed to choose
from 11 supported international languages.
Users should have an option to submit missed spam or false positives to the solution
vendor for analysis.
Using an Internet browser, end users should be able to log in to their personal
quarantine at any time and view their quarantined messages.
Mail Antivirus Scanning                                                                     Competent
                                                                                            (Yes / No)
The proposed solution should provide Day Zero virus protection which will help
organization protect infrastructure from new threat.
The proposed solution should incorporate the award-winning antivirus engine by the
same vendor and backed by the vendor's security response team.
The proposed solution should use rapid release definitions. These definitions, which
should undergo basic vendor reliability checks, and should be designed to head off
emerging threats.
The proposed solution should have AV scan engine which should update virus
definitions and scan engines without having to redeploy the software or restart services.
This will ensure that there is no interruption in virus scanning to get new definitions.
The proposed solution vendor should have an option give to customers where they can
pick whether to use Rapid Response or Platinum antivirus definitions
The antivirus definitions created by the proposed solution vendor should be updated at
customer sites every hour or as soon as they are available
The proposed solution should be able to choose from multiple actions to handle
messages with viruses. For example, clean and deliver the message, deliver the
message normally, delete the message, notify the sender, and more.




                                                     32
Request for Proposal – Punjab National Bank

___________________________________________________________

The proposed solution should automatically remove not only the mass-mailing worm but
also the associated spawned emails, which can number in the hundreds and serve no
valuable purpose.
The proposed solution should have adjustable heuristics for more or less aggressive
identification of viruses.
The proposed solution should have an option to specify maximum size and scanning
depth levels to reduce exposure to zip bombs that tax processing
To handle emerging threats for which a definition has not been created, administrators
should be able to use the option in the proposed solution to block based viruses that
employ a distinctive subject line.
Should also have Integrated Instant Messaging security and outbound protection out of
the box
Email Message Integrity                                                                       Competent
                                                                                              (Yes / No)
The included MTA in the proposed solution should support the ability for encrypted
connections between other MTAs using TLS. Using this feature an administrator should
be able to choose whether TLS is permitted and/or required for all the appliances in the
network. TLS delivery should be regardless of MX/Static.
The proposed solution should authenticate messages using the Sender Policy
Framework (SPF), allowing administrators to drop connections or perform other actions
for senders that fail authentication.
Policy and Content Compliance                                                                 Competent
                                                                                              (Yes / No)
The proposed solution should help organizations manage the risks associated with data
leakage, regulatory compliance, and internal governance.
In the proposed solution Customers should quickly implement the policies needed to
ensure that they are compliant with the laws that govern their region or industry.
The Solution should have pre-built templates reduce the risk of error in building the rules
needed to ensure compliance
The solution should Allow the creation of compound policies that use logical
relationships to group them together. This increases the power of the filters and reduces
the number of individual rules that are needed.
The proposed solution should enable administrators to define or import a pre-defined
dictionary of prohibited words. This feature can be used to enforce organizational email
content policies. For example:
Scanning inbound messages against a default or customized offensive word dictionary
to prevent employees from receiving messages with objectionable content
Scanning outbound mail against a list of project code names, NDA topics, or other
confidential information
The proposed solution should allow administrators to create custom filters using a
graphical interface. These global, server-level filters must be used to enforce company
policies.
The solution must allow administrators to quickly activate and deactivate individual
filters, display their activation status, and organize the order in which rules are run.
There should be no limit to the number of conditions administrators can create in the
content filter.
The proposed solution should allow administrators to automatically add text to outbound
email, such as a legal disclaimer or commercial information.
The proposed solution should allow administrators to scan for attachments with specific
size or content attributes.
The Solution must allow administrators to specify a maximum attachment size. There
should also be provision to create filters to match against a specific MIME type, file



                                                    33
Request for Proposal – Punjab National Bank

___________________________________________________________

name, or file extension.

The proposed solution should allow administrators to send a copy a message to a
designated email address. This feature should allow administrators to configure their
third party archival solutions to accept and handle the message.
The proposed solution should allow administrators to create a configurable email
notification based on the disposition or category of a message.
In the solution administrator should have an option to define the text of the notification
message, the recipients, and whether to include the original attachment.
Should have seamless integration with Data Loss Prevention technology with a single
admin GUI, policy console, and quarantine
Should support both local and global reputation based management to block threats
before they enter the messaging systems.
Email Management                                                                             Competent
                                                                                             (Yes / No)
Administrators should be able to view the emails in the Inbound queue, Outbound
Queue and Delivery Queue through the GUI
The proposed solution should be able to apply policies at the Email Firewall level,
before the messages is accepted for processing. These policies should apply to all
users at the site. Some examples would be “Reject connections from all Open Proxy
Senders” or “Quarantine all messages from senders who fail SPF authentication.”
Administrators should be able to specify user groups, identified by email addresses,
domain names, or LDAP groups and customize mail filtering for each group. For
example, we might choose to quarantine spam and suspected spam for review by the
legal department, but delete spam for the human resources department.
The proposed solution should be available on appliances and virtual machines for
scalability.
The proposed solution should perform one- way LDAP synchronization from existing
directory stores. (This eliminates the need for dual entry of user information). The
supported source directories should include:
    a) Windows 2000 Active Directory,
    b) Windows 2003 Active Directory,
    c) iPlanet/Sun Messaging Server 5.1/Java Directory Server
The LDAP Synchronization service should also support the import of organization data
in LDIF files format, in case directory owners want to restrict direct access to the
directory. The LDAP option should be for Authentication or Synchronization or for both
authentication and synchronization
LDAP Synchronization must be enabling to utilize the existing group structure within the
LDAP source for implementing group policies.
         Used For: Group Policies
         Supported Platform: Active Directory, Exchange 5.5 Sun JES, Lotus Domino
         LDAP Interaction: Synchronization and replication
The proposed solution should enable administrator to assign a variety of actions to
policies, based on the verdict a message.
Add header—Adds a configurable X-header to a message, for example, X-spam or X-
newsletter.
Annotate—Adds custom text, such as a legal disclaimer to message.

Archive—Sends a copy of the mail to a specified email address.

BCC—Sends a blind carbon copy of the message to a specified email address.




                                                     34
Request for Proposal – Punjab National Bank

___________________________________________________________

Bounce—Creates new messages with customizable non delivery content, and emails it
to the sender.
Clean—Message Cleaned of viruses and delivered to the recipient. Any worms are
deleted.
Delete—Message removed from email stream, discarded. Worms automatically deleted.

Deliver Normally —Delivers message to recipient’s with no filtering inbox.

Forward—Sends message to a single administrative account for further scrutiny.

Modify subject—Appends or prepends configurable subject line to a a message
(example: [Spam])
Quarantine—Sends the message to the Web-based Quarantine.

Send notification—Sends an email with customizable text to a specified email address.

Strip attachment—Removes attachment from message and sends message on to the
recipient
The proposed solution should have an option for combining actions. For example, for
message triggering a compliance filter, we should be able to configure multiple actions
in response
The proposed solution should have configurable definition of suspected spam for more
aggressive filtering. The administrator should be able to use policies to set up a unique
action for messages identified as suspected spam.
The proposed solution should have an option using which messages can be classified
as one of the following: Spam
     a) Suspected spam (matching the adjustable Spam Scoring range you specify)
     b) Email from blocked senders
     c) Emails infected with viruses
     d) Mass-mailing worms
     e) Unscannable emails (could not be scanned due to size restrictions or other
         variables)
     f) Custom-filtered emails (matching content filters created by the administrator)
Administrators should be able to log in and review spam messages that the proposed
solution had quarantined for all users in our organization.
Using an Internet browser, end users should be able to log in to their personal
quarantine at any time and view their quarantined messages.
Quarantine should send a periodic email summary to users, listing the newly
quarantined spam messages, and including links for users to immediately release
messages to their inbox or log in to their personal quarantines.
Recipients of spam quarantine digest should be able to click links to immediately
release or view caught spam messages—without having to log in.
The proposed solution quarantine should automatically resolve all aliases and deliver
messages to the appropriate quarantine account for the underlying email address.
Messages identified by administrators and users as missed spam or false positives
should be automatically sent to the vendor for analysis.
Administrators should be able to receive a copy of all misidentified messages sent by
users to Vendor.
The proposed solution should have configurable retention period for spam messages.
The other features included should be thresholds to control the quarantine database
size and the messages number limit on a global and per-user basis.




                                                    35
Request for Proposal – Punjab National Bank

___________________________________________________________

Users and administrators should be able to search messages in quarantine using
multiple criteria, including To Headers, From Headers, message body, Subject Headers,
Message ID Headers, and time range.
The proposed solution should have customizable delivery frequency, message content,
content type (HTML, text, or both). The proposed solution should have an option to
specify whether digest should include embedded view message and release message
links to enable users to access messages without logging in. There should be a choice
whether to deliver this spam/quarantine digest to distribution lists.
The proposed solution should be able to expand archive configuration by sending
archived mail to a specific archive server.
The proposed solution should be able to extend the Archive action by adding an
optional and configurable x-header on archived mail. Our email archive solution could
apply further archival policies based on the x-header.
The proposed solution should be able to add our corporate legal disclaimer to all
outbound messages
There should be an option to assign specific certificates to specific Scanner appliances.

The proposed solution should have an option to allow administrators to optionally
specify a static IP-based route between their firewalls and the anti-spam
With the proposed solution we should be able to specify a list of computers authorized
to administer the anti-spam appliances. We should be able to define this list using IP
addresses, CIDR notation, subnets, or DNS name. Administrators should be able to
access the root of the anti-spam appliances via SSH
Using the proposed solution the administrators should be able to choose to enable or
disable logging for reverse DNS lookup, on inbound or outbound SMTP settings.
The proposed solution should generate alerts when the following hardware components
fail:
 a) Disks
 b) Fans
 c) Power Supply
The proposed solution should allow the administrator to specify a remote syslog Server.
The administrator should be able to enable/disable the syslog feature, and configure the
host, port & protocol for the syslogs.
The proposed solution should support management via Simple Network Management
Protocol (SNMP) V2c.
Should be able to prevent backscatter attacks by identifying fake non delivery report
(NDR)
                                                                                            Competent
eMail Security Management                                                                   (Yes / No)
Secure HTTPS polling from customer sites should initiate download of updated filters.
The same process should transmit statistics from customer sites to the solution vendor,
allowing the solution vendor to gauge the performance and effectiveness of deployed
filters. The process should require no administrator intervention and filtering should
never be stopped during the update process.
The Web based Management should let administrators use a Web browser to view a
real-time dashboard of consolidated filtering performance and centrally administer
multiple Anti-Spam appliances from the same vendor.
From one central location, administrators should be able to view quarantine information,
the configured anti-spam scanners in the network, and basic system status.
Administrators should be able to configure, manage, and monitor multiple appliances
(deployed in Scanner mode), all from a central location using a Web browser.
The proposed solution should have a feature to view consolidated filtering performance
statistics for all anti-spam appliances operating as anti-spam scanners.



                                                   36
Request for Proposal – Punjab National Bank

___________________________________________________________

The proposed solution should provide comprehensive real-time reporting of filtering
performance and email attacks with over 50 preset reports
The proposed solution should support export report data for use in any reporting or
spreadsheet software for further analysis.
The proposed solution should have and option to schedule reports for generation and
email delivery.
Administrators should be able to easily apply the latest security and software updates.
Vendor should provide updates and security enhancements to the operating system,
MTA, and supporting software when they become available.
We should be able to define multiple administrator accounts to divide up administrative
tasks.
We should be able to configure each administrator account with the desired level of
management privileges for different components. Administrators should be assigned
view or modify access to any or all of the following functions: reporting, policies,
appliance settings, administration, and quarantine.
Alerts should be sent to administrators or other parties when the following conditions
arise: a component is not responding or working; antispam filters are older than a
specified time; antivirus filters are older than a specified time; quarantine is low on disk
space
Logging levels should be set on a point sliding scale, and the settings can apply to
individual filtering computers or to all. Administrators should also be able to designate
the maximum size and retention period for entries in the log database and save logs to
a text file for further review.
The proposed solution should automatically back up all configuration and quarantine
databases on the appliance at specified intervals. Administrators should be given an
option to store data on the local machine or a remote server.
The proposed solution should have an option to restore an appliance configuration from
a previous backup.
Administrators should able to manage using a command line interface also. The task
could be shutting down the appliance, reboot appliance, and perform a variety of system
management tasks. Administrators should also be able to use the command line
interface to check for, download and install software updates.
The proposed solution should have an option to restore an appliance to its original
image configuration.
The solution should have Global sender reputation and local sender reputation analysis
to reduce email infrastructure costs by restricting unwanted connections.
Solution must be scalable to incorporate the following with no installation of component
on clients should need be in future:
     a) Email archiving, mail box archiving, file archiving, personal folders (.pst files)
          consolidation, journaling, discovering mails
     b) Integration with data loss prevention technologies to check loss of data through
          mails at gateway
Solution must ensure that worst senders do not degrade the connection experience of
your best senders. It should assign every inbound IP address to connection classes that
are based on local reputation data. It should dynamically manage connection load
based on automatically collected local reputation data.
Reporting                                                                                      Competent
                                                                                               (Yes / No)
The proposed solution should have the following reporting options on which filter may
be applied either inbound or outbound or both inbound and outbound and should be
able to display either in chart format or table format or both
Following report must be generated from the solution:
    a) Content compliance



                                                     37
Request for Proposal – Punjab National Bank

___________________________________________________________

   b) SPAM History
   c) Virus History
   d) Overview of email message threat counts and types of threats.
   e) Overview of your security profile, which includes total messages and threats
      processed, and virus and compliance summaries.
   f) Recipient domains for which the most compliance matches have been detected.
      For each recipient domain, the total messages processed and number and
      percentage of content-compliance policies triggered are listed. Specify the
      maximum number of recipient domains to list for the specified time range.
   g) The total number of files transferred, and number and percentage of files that
      contained a virus, were blocked, could not be scanned, had a scanner error,
      contained malware, or were encrypted.
   h) Includes multiple threat-specific and overview reports
   i) Identifies Email/IM security trends
   j) Schedule generation and delivery of reports
   k) Export to PDF, CSV, and HTML




                                                38
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                       ANNEXURE-II

                            TERMS AND CONDITIONS

1. ACCEPTANCE OF ORDER:-

    Purchase Orders for support services will be placed by each Circle Office of
    PNB and each RRB separately. Bank has right to cancel the order if same is
    not accepted within a period of 7 days from the date of order.

2. TAXES

    The prices are inclusive of all charges, Statuary levies except Service Tax,
    Sales Tax/VAT, Octroi/Entry Tax etc. Bank will not pay any additional cost
    during validity of Rate Contract on any account except as agreed at the
    time of contract.

3.PAYMENTS

       A. New Licenses: (applicable only in case of authorized billing from M/s
      Symantec)

       -100% cost on completion of per block of new (additional) 100
       installations and showing these on CO/HO consoles. This 100 license will
       be additional to existing renewals total available to PNB. Payment will be
       released by HO: ITD Centrally after verifying from the Central/Circle
       office console and supported by hard copy of installation sheet in case
       of Installation in PCs/Servers in Enterprise Wide Network. In case of others
       i.e. non-networked, payment will be released after submission of
       installation report as per ANNEXURE XII.

      B. Subscription (ATS) charges (applicable only in case of authorized
      billing from M/s Symantec)

       - 100% yearly payment in advance Centrally by HO: ITD on production of
       Bank Guarantee of 25% amount of yearly payment.

      C. Maintenance Support (Applicable for successful bidder)
      - Quarterly payments in advance by Circle Offices/HO for engineer’s
      support services on-site in their Circles/ HO Divisions. Next Payment will be
      released after verifying from the Central/Circle Office console in case of
      upgrades/updation in PCs/Servers in Enterprise Wide Network.
      Proportionate penalty will be imposed for absentee of engineer (s)
      without     leave      from       PNB,      and      non-performance        of


                                        39
Request for Proposal – Punjab National Bank

___________________________________________________________

       upgrades/updates/installations. Due to technical reasons, tolerance of a
       5% of total number of PCs may be given by PNB.

4. License Cost for New Licenses - (applicable for billing from M/s Symantec)

    The license cost for new licenses shall include :
            a. License fee with life time validity
            b. Installation on-site by successful bidder
            c. Subscription for definitions, updates, version / engine upgrades
               etc. for one year

5 Subscription Charges - (applicable for billing from M/s Symantec)

                 Subscription charges shall include Subscription renewal charges
                 for definitions, updates, software version / engine upgrades etc.
                 for one year.
6. Support for Trouble-Shooting

         Successful Bidder shall provide dedicated support personnel at all
         locations as mentioned in ANNEXURE X and Annex - XIII, which must
         be available at these locations from 09.00 hrs to 18.00 hrs and on call
         on 24 * 7 basis over Telephone and Email.
         On-Site trouble shooting, installation / un-installation / re-installation
         support shall be provided at no extra cost.

7. DELIVERY/INSTALLATION DATE

    The date on which installation completed exceeds 100 licenses additional
    to total 28678 license renewals, will be taken as the date of
    installation/delivery. Bidder shall be responsible for installation/delivery of
    Symantec Multitier Protection (SMP)/Symantec Mail Security in PCs/Servers
    within six weeks for fresh (new) Licenses and within 3 months for renewals on
    all PCs/Servers.

8. PENALTY
     Penalty for non fulfillment of the obligations under contract / SLA by the
     successful bidder shall be charged as under:
        For late installation / renewals of Anti Virus solution @ 1% of total order
        value per week beyond given time, with maximum penalty up to 10% of
        calculated CO/HO order value.
        For engineer’s absentee without leave granted from PNB and where no
        replacement given by bidder, a sum equivalent to 1.5 times the pro-rata
        rates will be deducted.



                                        40
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                      ANNEXURE III

PRE QUALIFICATION CRITERIA FOR INSTALLATION, UPDATION & MAINTENANCE OF
SYMANTEC MULTITIER PROTECTION (SMP)/ SMS/ SEP SOLUTIONS:

The minimum qualification criteria for the bidders are as under: -

                      Pre Qualification Criteria                  Compliance   Document
                                                                   (Yes/No)    Attached
                                                                               (Yes/No)




1. The        bidder        should         be        authorized
   representative/channel partner of M/s Symantec in
   India. A letter of authorization to this effect from
   Symantec must be furnished.
2. The bidder should have supplied at least 5000 licenses
   of Anti Virus Solution during the last financial year or
   should have been currently maintaining minimum 5000
   licenses. Necessary documentary evidence to this
   effect should be submitted.
3. The turn over of the bidder should be minimum Rs 1
   crore in each year during last three financial years and
   the firm should have reported net profit in the last
   financial year. Audited financial statements for last
   three financial years should be submitted.
4. The bidder should have exclusive support infrastructure
   for maintenance in all the major cities in India and be
   able to provide and maintain product through their
   competent support engineers in all these cities. The
   bidder should have or will place their own support
   setup or resident support engineers at all the Circle
   Offices (ANNEXURE X) of the Bank.
5. The bidder should be able to provide efficient and
   effective support at all Circle Office so as to meet 7
   days x 24 hrs service support with 2 hrs response time
   and within 4 hrs at other remote locations within Circle.
   A commitment to this effect should be furnished.
6. The bidder should have provided Anti Virus solution /
   services to at least 3 Financial Institutions in the country
   out of which minimum 1 should be a PSU Bank. Detail of
   these FIs / Banks should be provided along with letters
   from these FIs / Banks.


                                         41
Request for Proposal – Punjab National Bank

___________________________________________________________

7. The bidder should have the experience of operating in
   the Anti Virus market for at least for last 3 years.



                                                           SIGNATURE

                                                       Seal of Company




                                       42
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                             ANNEXURE-IV

                                 Bidders Information


Name                ___________________________________________

Constitution        ___________________________________________

Address             ___________________________________________

Names & Addresses of the Partners if applicable

                    ___________________________________________

Contact Person(s)        ______________________________________

Telephone, Fax, e-mail        _________________________________

Number of years of experience in Antivirus business    _________

Please give brief financial particulars of your firm for the last 3 years along with the
volume of business handled.
(The information will be kept confidential)

Year
Net Profit
Total Turnover
Revenue earned from
Antivirus business

Is company ISO Certified? If yes, provide information alongwith true copy of certificate.
________________________________________________




                                                                Signature:

                                                             Seal of company




                                           43
Request for Proposal – Punjab National Bank

___________________________________________________________


                                                                               ANNEXURE-V
                                 COMPLIANCE STATEMENT

                                       DECLARATION

All Terms and Conditions including scope of work except technical specifications

We hereby undertake and agree to abide by all the terms and conditions stipulated by
the Bank in this RFP including all addendum, corrigendum etc. (Any deviation may
result in disqualification of bids).


Signature:
Seal of company


Technical Specification

We certify that the systems/services offered by us for tender confirms to the
specifications stipulated by you with the following deviations:

List of deviations

1) ___________________________________________________________

2) ___________________________________________________________

3) ___________________________________________________________

4) ___________________________________________________________



Signature:
Seal of company


(If left blank it will be construed that there is no deviation from the specifications given
above)




                                             44
 Request for Proposal – Punjab National Bank

 ___________________________________________________________

                                                                 ANNEXURE-VI

                           EXISTING SERVICE SUPPORT DETAILS

      Location       Status of        No. of Anti Virus   Number of
Telephone Fax No.    Office working   maintenance         maintenance staff
                     days & hours     Engineers




 Signature and Seal of Bidder




                                          45
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                            ANNEXURE-VII

                 PROFORMA FOR ANTI VIRUS PERFORMANCE STATEMENT
                         (FOR A PERIOD OF LAST 3 YEARS)


NAME OF BID


NAME OF FIRM



Order          Order   Description   Value        Date of             Remark     Performance of
Placed by      No.     and           of           Completion          reason     the Product
Full Address   and     Quantity of   Order                            for late   (Attach
of             Date    ordered                                        delivery   certificate from
Purchaser              Product                    As per     Actual              customer)
                                                  contract




                        SI GNATURE AND SEAL OF BI DDER




                                             46
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                              ANNEXURE-VIII
COMMERCIAL OFFER

Name of the Vendor :
Address and Contact Details of the Vendor :
Product Name and Version :

On-site maintenance support engineers cost as per Locations in Annex- X and
Annex - XIII

S    Item                    Per         Number    Duration       Total Amount
No                           engineer    of        [T]           in Rs
                             per         engineers               [@ x n x T]
                             month       [n]
                             cost [@]
1   Total for 65 engineers               65        12
PNB cost including total                 engineers months
    expenditure for them
    for 1 year (including
    on-site     visit   to
    branches/offices)
2   Total for 34 engineers               34        12
RRB cost including total                 engineers months
    expenditure for them
    for 1 year (including
    on-site     visit   to
    branches/offices)
                                                    Total cost

      Note:
      1. Support includes on -site visit to any branch/office, e-mail, telephonic
      support of the successful bidder, will be as per requirement of Bank/RRBs
      2. Software Version Up-gradation should be done at all
      locations across the Bank.
      3.   Bidder will be required to provide additional engineers at above
      quoted monthly rate (@) whenever Bank/CO/RRBs request for the same.

The renewal of the contract beyond one year for support services will be at the
sole discretion of the Bank with consent of vendor.




                                        47
Request for Proposal – Punjab National Bank

___________________________________________________________


Evaluation Criteria for deciding the lowest eligible bidder

Separate rates for PNB and RRBs are to be quoted. However, Lowest eligible
vendor (L-1) will be decided based on engineer’s total support cost (PNB +
RRBs) to deploy 5000 Symantec Multitier Protection (SMP) new additional
licenses currently required for PNB and also on-site maintenance support cost of
existing approx 29000 licenses. For all 6 RRBs, approx 4000 new installation to be
done and maintained by successful bidder. The total project cost will be
calculated considering the requirement of: -

       S No       Item                              Total Cost [Rs]
       1          For 65 engineers One-year’s
       For        install/     upgrade/     on-site
       PNB        maintenance support charges
                  for existing/new Licenses
       2          For 34 engineers One-year’s
       For        install/     upgrade/     on-site
       RRBs       maintenance support charges
                  for existing/new Licenses
                  TOTAL COST (1 + 2) [ criteria ]:


The above quantity is only for calculation of L-1 purpose. Actual quantity may
vary depending upon the requirement.

In case of two or more bidders being technically eligible, Bank may exercise
option of Reverse Auction.




Signature:
Seal of company




                                        48
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                        Annexure-IX

Check List for Technical Bids

Sl.    Documents                                    Attached in Bid   Page No
No.                                                 (Yes/No)
                                                                      From      To
1      Supporting documents in respect of
       minimum qualification criteria as per
       Annexure – III
2      Bidders Information as per format as per
       Annexure IV
3      Bid Earnest Money in the form of Demand
       Draft
4      Acceptance of the terms and conditions
       and compliance of Technical specifications
       as contained in Annexure V
5      Last three years audited balanced sheet
       and profit and loss account statement.
6      Service Support Details as per Annexure VI
7      Performance Statement as per Annexure VII
8      Technical Offer indicating competence to
       the Bank’s requirement as per Technical
       specifications - Annexure I
9      Any other document indicating the feature
       of the product
10     ISO Certification document, if any
11     Power of attorney


Check list for Commercial bids

Sl.    Documents                                        Attach in     Page No
No.                                                     Bid
                                                                      From      To
                                                        (Yes/No)
1.     Commercial bids as per Annexure-VIII




                                        49
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                ANNEXURE X
  Sr No   Name of Circle Office                Name of State
   1      Hyderabad                            Andhra Pradesh
   2      Muzaffarpur
   3      Darbhanga
   4      Patna
                                                    Bihar
   5      Arrah
   6      Bihar Sharif
   7      Gaya
   8      Raipur                                Chhattisgarh
   9      Delhi                               Delhi (2 persons)
   10     Ahmedabad                                Gujarat
   11     Chandigarh
   12     Hissar
                                                  Haryana
   13     Karnal
   14     Rohtak
   15     Shimla
   16     Dharamshala
                                              Himachal Pradesh
   17     Hamirpur
   18     Mandi
   19     Jammu                                     J&K
   20     Ranchi                                 Jharkhand
   21     Bangalore                              Karnataka
   22     Kozhikode                                Kerala
   23     Bhopal
   24     Indore                               Madhya Pradesh
   25     Jabalpur
   26     Mumbai
   27     Nagpur                                Maharashtra
   28     Pune
   29     Guwahati                               North East
   30     Bhubaneshwar                            Orissa
   31     Amritsar
   32     Hoshiarpur
   33     Jalandhar                                Punjab
   34     Bhatinda
   35     Ludhiana
   36     Jaipur
   37     Bharatpur
                                                  Rajasthan
   38     Jodhpur
   39     Sri Ganganagar



                                       50
Request for Proposal – Punjab National Bank

___________________________________________________________

  Sr No   Name of Circle Office                         Name of State
   40     Chennai
                                                         Tamil Nadu
   41     Trichy
   42     Agra
   43     Bareilly
   44     Bulandshahr
   45     Jhansi
   46     Lucknow
   47     Gorakhpur                                     Uttar Pradesh
   48     Varanasi
   49     Kanpur
   50     Meerut
   51     Moradabad
   52     Muzaffarnagar
   53     Dehradun
   54     Haridwar                                      Uttarakhand
   55     Kashipur
   56     Kolkata
   57     Burdwan                                       West Bengal
   58     Midnapore
                                                        HEAD OFFICES

                                                (TOTAL 6 EXPERT PERSONS AT
                                                  HO LOCATIONS AT BCP, RAJ
           HO ITD, HO Bhikhaiji, HO Rajendra     PLACE, ATMA R HOUSE, 3 ITD)
   59          Place, HO Atma Ram Bldg

___________________________________________________________




                                           51
             Request for Proposal – Punjab National Bank

             ___________________________________________________________


                                                                  ANNEXURE XI

                   CONFIDENTIALITY - CUM - NON DISCLOSURE AGREEMENT

                 This Confidentiality –cum- Nondisclosure Agreement is entered into
If it is not a   at_______ on this_________day of________2010,     between___________(Insert
company,         Name of the Service Provider) a company within the meaning of
Constitution     Companies       Act,    1956,    having     its   Registered     Office    at
and address      _________________(herein after called ‘Service Provider’) and Punjab
be       stated  National Bank, a Body Corporate constituted under the Banking Companies
appropriately.   (Acquisition & Transfer of Undertakings) Act, 1970 having its Head Office at
             7 Bhikhaiji Cama Place, New Delhi – 110 066 and inter-alia, its Information &
             Technology Division at 5 Sansad Marg, New Delhi – 110 001 (herein after referred
             to as ‘PNB’).

             The Service Provider and PNB would be having discussions and negotiations
             concerning the establishment of and during continuance of a business
             relationship between them as per Contract dated ___________(hereinafter
             referred to as ‘Contract’). In the course of such discussions and negotiations, it
             is anticipated that either party may disclose or deliver to the other party certain
             of its trade secrets or confidential or proprietary information for the purpose of
             enabling the other party to evaluate the feasibility of such a business
             relationship. The parties have entered into this Contract, in order to assure the
             confidentiality of such trade secrets and confidential and proprietary
             information in accordance with the terms of this Contract. As used in this
             Contract, the party disclosing Proprietary Information (as defined below) is
             referred to as the ‘Disclosing Party’ and will include its affiliates and subsidiaries,
             the party receiving such Proprietary Information is referred to as the ‘Recipient’,
             and will include its affiliates and subsidiaries.

             Now this Contract witnesseth:-

             1.    Proprietary Information: As used in this Contract, the term ‘Proprietary
                   Information’ shall mean all trade secrets or confidential or Proprietary
                   Information designated as such in writing by the Disclosing Party, whether
                   by letter or by the use of an appropriate prominently placed Proprietary
                   stamp or legend, prior to or at the time such trade secret or confidential or
                   Proprietary Information is disclosed by the Disclosing Party to the
                   Recipient. Notwithstanding the forgoing, information which is orally or
                   visually disclosed to the recipient by the Disclosing Party or is disclosed in
                   writing unaccompanied by a covering letter, proprietary stamp or legend,
                   shall constitute proprietary information if the disclosing party, within 10
                   (ten) days after such disclosure, delivers to the Recipient a written


                                                       52
Request for Proposal – Punjab National Bank

___________________________________________________________

        document or documents describing such Proprietary Information and
        referencing the place and date of such oral, visual or written disclosure
        and the names of the employees or officers of the Recipient to whom
        such disclosure was made.

   2.      Confidentiality:

   a)      Each party shall keep secret and treat in strictest confidence all
           confidential information it has received about the other party or its
           customers and will not use the confidential information otherwise than
           for the purpose of performing its obligations under this Contract in
           accordance with its terms and so far as may be required for the proper
           exercise of the Parties’ respective rights under this Contract.

   b)      The term ‘confidential information’ shall include all written or oral
           information (including information received from third parties that the
           ‘Disclosing Party’ is obligated to treat as confidential) that is (i) clearly
           identified in writing at the time of disclosure as confidential and in case
           of oral or visual disclosure, or (ii) that a reasonable person at the time
           of disclosure reasonably would assume, under the circumstances, to
           be confidential. Confidential information shall also include, without
           limitation, software programs, technical data, methodologies, know-
           how, processes, designs, new products, developmental work,
           marketing requirements, marketing plans, customer names,
           prospective customer names, customer information and business
           information of the ‘Disclosing Party’.

   3.      Non-Disclosure of Proprietary Information: For the period during the
           Contract or its renewal, the Recipient will:

        (a) Use such Proprietary Information only for the purpose for which it was
            disclosed and without prior written authorization of the Disclosing
            Party shall not use or exploit such Proprietary Information for its own
            benefit or the benefit of others.

        (b) Protect the Proprietary Information against disclosure to third parties
             in the same manner and with the reasonable degree of care, with
             which it protects its confidential information of similar importance:
             and

        (c) Limit disclosure of Proprietary Information received under this
           Contract to persons within its organization and to those 3rd party
           contractors performing tasks that would otherwise customarily or
           routinely be performed by its employees, who have a need to know


                                           53
Request for Proposal – Punjab National Bank

___________________________________________________________

           such Proprietary Information in the course of performance of their
           duties and who are bound to protect the confidentiality of such
           Proprietary Information.

4.    Limit on Obligations:    The obligations of the Recipient specified in
      clause 3 above shall not apply and the Recipient shall have no further
      obligations, with respect to any Proprietary Information to the extent that
      such Proprietary Information:

      a)     is generally known to the public at the time of disclosure or
             becomes generally known without any wrongful act on the part of
             the Recipient,

      b)     is in the Recipient’s possession at the time of disclosure otherwise
             than as a result of the Recipient’s breach of a legal obligation;

      c)     becomes known to the Recipient through disclosure by any other
             source, other than the Disclosing Party, having the legal right to
             disclose such Proprietary Information.

      d)     Is independently developed by the Recipient without reference to
             or reliance upon the Proprietary Information; or

      e)     Is required to be disclosed by the Recipient to comply with
             applicable laws or governmental regulation, provided that the
             recipient provides prior written notice of such disclosure to the
             Disclosing Party and takes reasonable and lawful actions to avoid
             and/or minimize the extent of such disclosure.

5.     Return of Documents: The Recipient shall, upon the request of the
Disclosing Party, in writing, return to the Disclosing Party all drawings, documents
and other tangible manifestations of Proprietary Information received by the
Recipient pursuant to this Contract (and all copies and reproductions thereof)
within a reasonable period. Each party agrees that in the event it is not inclined
to proceed further with the engagement, business discussions and negotiations,
or in the event of termination of this Contract, the Recipient party will promptly
return to the other party or with the consent of the other party, destroy the
Proprietary Information of the other party.

6.     Communications: Written communications requesting or transferring
Proprietary Information under this Contract shall be addressed only to the
respective designees as follows (or to such designees as the parties hereto may
from time to time designate in writing)



                                        54
Request for Proposal – Punjab National Bank

___________________________________________________________

     M/S___________________                         (PNB)


     Attn:_________________                    Attn---------------

7. Term:     The obligation pursuant to Clause 2 and 3 (Confidentiality and
   Non-Disclosure of Proprietary Information) will survive for ----- years following
   the term of the Contract dated ________.

     Nothing herein contained shall be construed as a grant by implication,
     estoppel, or otherwise or a license by either party to the other to make, have
     made, use or sell any product using Proprietary Information or as a license
     under any patent, patent application, utility model, copyright or any other
     industrial or intellectual property right covering same.

8. Damages
      The provisions of this Contract are necessary for the protection of the
      business goodwill of the parties and are considered by the parties to be
      reasonable for such purposes. Both the parties agree that any breach of
      this Contract will cause substantial and irreparable damages to the other
      party and, therefore, in the event of such breach, in addition to other
      remedies, which may be available, the party violating the terms of
      Contract shall be liable for the entire loss and damages on account of
      such disclosure.

        Each party agrees to indemnify the other against loss suffered due to
        breach of contract and undertakes to make good the financial loss
        caused directly or indirectly by claims brought about by its customers or
        by third parties.

9.      Miscellaneous

a)      This Contract may not be modified, changed or discharged, in whole or in
        part, except by a further Contract in writing signed by both the parties.

b)      This Contract will be binding upon and ensure to the benefit of the parties
        hereto and it also includes their respective successors and assigns

c)   The Contract shall be construed and interpreted in accordance with the
     laws prevailing in India.
In witness whereof, the parties hereto have agreed, accepted and
acknowledged and signed these presents, on the day, month and year
mentioned herein above.



                                         55
Request for Proposal – Punjab National Bank

___________________________________________________________

                                     For M/s_____________

                                     Authorised Signatory

                                     Shri _______________

                                     Designation__________



                                     For Punjab National Bank

                                     Authorised Signatory

                                     Shri _______________

                                     Designation




                                       56
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                      ANNEXURE XII

      Installation / Renewal report – Punjab National Bank
             ( To be used for RRBs also with due modification in this sheet)
Branch Manager to ensure that you have tested the PCs/Network after the installation
of the software as mentioned below and that you have found the Business Critical
Application Software and the PCs/Network to be functioning satisfactorily.
               Upgradation/ New Installation /Renewal report - PNB (ITD-HO)
Sl                             Virus       Threats          Remark
No. IP ADDRESS User Name     Definition            Initials   s         Branch
   1
   2
   3
   4                                                                 Circle Office
   5
   6
   7
   8                                                               Distinctive No.
   9
 10
 11
 12                                                                     SOL ID
 13
 14
 15
                                                                    AV Server IP
 16                                                                      Addr.
 17
 18
 19
 20                                                                Total No. of PCs
 21
 22
                                                                     Total No. of
 23                                                                  Thin-clients
 24
 25


       ……………………………………                            ……………………
              .                                           …                   ……………………………
                                                 Officer In Charge,
               Circle Coord                            Branch                 CSE

                                                 ……………………
                                                 Date


                                        57
Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                               ANNEXURE XIII

Regional Rural Banks (RRB) Details:
       For each of these 6 RRBs, initial Anti virus server set up at Zonal Network
Center (ZNC), GUP Server at each Network Center (NC) and SEP anti virus on-
site deployment in each PC of all the branches to be done by vendor.
Subsequent maintenance visits to these branches/offices will be on required
basis. Resident AV engineers would be placed and operating through each NC
for the branch PCs falling under that NC.

Sl    Name of RRB        RRB HO        Number Total        No. of     Licenses     No. of AV
No.                      Location      of       PCs        NCs        already      engineers
                                       branches                       purchased    demanded
                                                                      / deployed

1     Rajasthan          Alwar         205           600   5          NIL          5
      Gramin Bank        (Rajasthan)

2     Punjab Gramin      Kapurthala    197           392   4          NIL          4
      Bank               (Punjab)

3     Haryana            Rohtak        195           756   7          NIL          7
      Gramin Bank        (Haryana)

4     Himanchal          Mandi (HP)    122           406   3          NIL          3
      Gramin Bank

5     Sarva UP Gramin    Meerut        300           904   4          NIL          4
      Bank               (UP)

6     Madhya Bihar       Patna         410           900   10         NIL          10
      Gramin Bank        (Bihar)


Positioning of AV Engineers at Network Center (NC) locations –
        1. Rajasthan Gramin Bank (5) - Alwar , Bharatpur, Sikar, Jhunjhunu, Dholpur
        2. Punjab Gramin Bank (4) – Kapurthala, Firozpur, Amritsar, Hoshiarpur
        3. Haryana Gramin Bank (7) – Ambala, Kuruksetra, Rohtak, Dadri, Bhiwani, Sirsa, Hisar
        4. Himanchal Gramin Bank (3) - Mandi , Kangra, Shimla
        5. Sarva UP Gramin Bank (4) - Meerut, Budaun, Gonda, Jhansi
        6. Madhya Bihar Gramin Bank (10) – Patna, Biharsharif, Nawada, Gaya, Jehanabad,
            Aurangabad, Sasaram, Bhabhua, Buxar, Arrah
         *PNB HO: PSLB, New Delhi (1 person) –for upkeep of Server of RF-VSAT branches of all RRBs

The above details are tentative indication and may vary marginally. In future,
the branches/offices & PCs/Servers may increase or decrease depending on
RRB requirement, and the successful vendor will be required to give support.



                                                58
Request for Proposal – Punjab National Bank

___________________________________________________________


Purchase Order and payments will be made by each RRBs individually at rates
finalized through this RFP.

Scope of work and all other Terms and conditions similar to PNB and applicable
to RRB Setup would apply to vendor.

Architecture for Anti Virus deployment in each RRB:

                                                               RF-VSAT AV Server
                                                                At PNB ITD: HO

           Internet
                                                                        RF/VSAT
                           Primary Server
                             at RRB ZNC



                 Leased Line(LL)
                 /ISDN



                                                                   Branch PCs
                    GUP Servers (PC)
                    At Network Center                          GUP Servers (PC)
                                                               At Network Center




                                                  Branch PCs
         Branch PCs


For improvement of network usage & anti virus performance, the vendor may
suggest any other set up without binding RRBs and any extra cost for the same.
The necessary PC & Anti virus Server Hardware will be procured by the RRBs
themselves.

For RF-VSAT Branches of all 6 RRBs, a common Server class machine will be
placed at PNB ITD: HO New Delhi, to update definitions in these branches. One
person for maintaining and upkeep of this Server to be provided by bidder. The
person deputed will take necessary action and send anti virus report to all six
RRBs.



                                            59

				
DOCUMENT INFO
Description: Punjab National Bank Foreign Exchange document sample