PUNJAB NATIONAL BANK (PDF) by jizhen1947

VIEWS: 166 PAGES: 62

									                   Request for Proposal – Punjab National Bank

___________________________________________________________




                         PUNJAB NATIONAL BANK

                         REQUEST FOR PROPOSAL (RFP)
                                    FOR
 INSTALLATION, UPDATION AND MAINTENANCE OF SYMANTEC PROTECTION SUITE
               (SPS), SYMANTEC MAIL SECURITY WITH ANTI SPAM



PUNJAB NATIONAL BANK
INFORMATION TECHNOLOGY DIVISION,
HEAD OFFICE, 5, SANSAD MARG,
NEW DELHI - 110 001
Tel : (011) - 23710483/23714804/23352024
23710021 Extn. 230,301
Fax: (011) - 23321305




                                           1
                 Request for Proposal – Punjab National Bank

 ___________________________________________________________


                           TABLE OF CONTENTS
Sl.                          SUBJECT                           PAGE NO
No.
1.    INTRODUCTION                                                 5
2.          TECHNICAL SPECIFICATION (ANNEXURE-I)                  28

3.            TERMS AND CONDITION (ANNEXURE-II)                   42

4.    PRE QUALIFICATION CRITERIA FOR VENDOR (ANNEXURE-III)        44

5.    BIDDER’S INFORMATION (ANNEXURE-IV)                          46

6.    COMPLIANCE STATEMENT (ANNEXURE-V)                           47

7.    SERVICE SUPPORT DETAIL (ANNEXURE-VI)                        48

8.    PERFORMANCE STATEMENT (ANNEXURE-VII)                        49

9.    COMMERCIAL STATEMENT (ANNEXURE-VIII)                        50

10.   CHECK LIST (ANNEXURE-IX)                                    52

11.   LIST OF CIRCLE OFFICES (ANNEXURE-X)                         53
12.   CONFIDENTIALITY –CUM- NON-DISCLOSURE AGREEMENT              55
      (ANNEXURE-XI)
13.   INSTALLATION REPORT FORMAT (ANNEXURE –XII)                  60
14.   RRB DETAILS AND Anti Virus SETUP (ANNEXURE –XIII)           61




                                     2
                   Request for Proposal – Punjab National Bank

___________________________________________________________

Bid Details - Installation, updation and maintenance of Symantec Antivirus Suite
(latest version of SPS) for PCs, Servers and Laptops of the Bank.
  1   Date of commencement 05/04/2011 16:00 HRS
      of Bidding Process
  2   Last date and time for 02/05/2011 15:00 HRS
      downloading of Bidding
      Documents
  3   Last date and time for 15/04/2011 15:00 HRS
      receipt of queries for
      clarification from bidders
  4   Last date and time for 02/05/2011 16:00 HRS
      Hash submission and Bid
      preparation
  5   Last date and time for Bid 03/05/2011 17:00 HRS
      submission
  6 Date and time of Technical          04/05/2011 16:00 HRS
      Bid Opening
  7   Place of opening of Bids        Punjab National Bank,
                                      Information Technology Division, 2nd floor, HO, 5
                                      Sansad Marg,
                                      New Delhi - 110 001
  8   Address for                     As above
      communication                   Tel:(011) 23710483/ 23714804/23352024
                                      23710021 Ext: 230/301
                                      Fax:(011) 23321305
  9   Earnest Money Deposit           Rs. 1.0 Lacs in the form of Demand Draft in favour
                                      of Punjab Nation Bank, IT Division payable at New
                                      Delhi. EMD should be enclosed with Technical Bid.
                                      EMD can also be paid online using the e-
                                      procurement system of the Bank.
 10 Cost of RFP                       Rs. 5000.00 in the form of Demand Draft in favour
                                      of Punjab National Bank, IT Division payable at
                                      New Delhi. The DD/Cheque should be submitted
                                      in person at the time of bid submission. It can be
                                      also paid online using the e-procurement system.
 11 Contact to Bidders                Interested Bidders are requested to send the email
                                      to     itdaudit@pnb.co.in,    mansingh@pnb.co.in,
                                      hkmahindru@pnb.co.in        containing      following
                                      information, so that in case of any clarification the
                                      same may be issued to them. Name of Company,
                                      contact person, Mailing address with Pin Code,
                                      Tele No., Fax No. e-mail, MobileNo. etc.




                                         3
                  Request for Proposal – Punjab National Bank

___________________________________________________________

To,
The Asst General Manager
IT Procurement Deptt.
Punjab National Bank
Information Technology Division
HO: 5, Sansad Marg
New Delhi-110001

Sir,
Reg.:   Our bid for Installation, updation and maintenance of Symantec
        Protection Suite (SPS) for PCs, Servers and Laptops of the Bank

We submit our Bid Document herewith.
We understand that
  1. You are not bound to accept the lowest or any bid received by you, and
     you may reject all or any bid.
  2. If our Bid for the above job is accepted, we undertake to enter into and
     execute at our cost, when called upon by the purchaser to do so, a
     contract in the prescribed form. Unless and until a formal contract is
     prepared and executed, this bid together with your written acceptance
     thereof shall constitute a binding contract between us.
  3. If our bid is accepted, we are to be jointly and severally responsible for
     the due performance of the contract.
  4. You may accept or entrust the entire work to one vendor or divide the
     work to more than one vendor without assigning any reason or giving any
     explanation whatsoever.
  5. Vendor means the bidder who is decided and declared so after
     examination of commercial bids.
  6. The names of short listed bidders after the completion of first stage
     (Technical Bid), and the name of successful bidder to whom the contract
     is finally awarded after the completion of second stage (Commercial
     Bid), shall be displayed on the Notice Board of the purchaser at Punjab
     National Bank, Information Technology Division, 2nd Floor, Head Office, 5,
     Sansad Marg, New Delhi-110001.
     Dated at____________this _______________day of __________2011.

                                                 Yours faithfully
                                                 For______________________
                                                 Signature:________________
                                                 Name:___________________




                                      4
                  Request for Proposal – Punjab National Bank

___________________________________________________________

1. INTRODUCTION

     Punjab National Bank, one of the leading nationalized Bank of the
     country has a national presence through a widespread network of over
     5200+ Service Out-Lets(SOLs) in branches/Offices spread across the
     country. It has established specialized branches to cater to the needs of
     key customer segments in the core areas of Agriculture, Industrial Finance
     and Foreign Exchange.

     With more than 115 years of customer services, the Bank has a large
     satisfied clientele throughout the country. For enhancing customer
     convenience levels and overall inter-branch efficiency, the bank has
     heavily invested in Information Technology.

     The bank has already implemented a Core Banking Solution (Finacle),
     which provides anywhere any time banking to all its customers of more
     than 5200 Service Outlets in more than 2700 Centers across the country.
     Internet Banking Service is being provided to the customers of these
     Service Outlets / branches. All the Branches / offices of the Bank are
     having Intranet dual network connectivity mainly on lease-line then ISDN,
     Radio Frequency (RF) & VSAT for accessing various applications.

     Complementing these services, the bank also offers a modern,
     competitive full service to its commercial, retail and corporate customers
     through its service outlets like Branches / ATMs / Extension counters etc.
     The design of the network enables the bank to have operational
     capabilities, which is at par with international business practices. Various
     Mail Servers have been located at different controlling offices to provide
     corporate email facility to its staff. To secure its network from threats like
     viruses, malware, spyware, network threats, Trojan Horse, adware, rootkits,
     Worm, Intrusion, Hacking etc. Bank has implemented comprehensive
     solution with deployment of Symantec Endpoint Protection (latest
     version). Bank is having its branches/offices in London, Hong Kong, Bhutan
     and Kabul and has expansion plans in other countries.

     Besides this, PNB has six Regional Rural Banks (RRBs) sponsored by it, which
     are spread in different states of India. Along with PNB, the rates for
     support services for these 6 RRBs also would be finalized through this RFP.




                                        5
                  Request for Proposal – Punjab National Bank

___________________________________________________________

2. PURPOSE OF THE RFP

     2.1    This document is a Request For Proposal (RFP) for On-site
     maintenance & support for installation/uninstallation/reinstallation/
     version/definition update/upgrade of Symantec Protection Suite (SPS) in
     all the branches/offices of the Bank. Bank is procuring necessary Licenses
     and subscription renewals directly from M/s Symantec.

     2.2     The above purpose of RFP is also applicable for 6 RRBs sponsored
     by PNB, having total approx 1400 branches and 4000 PCs. On-site
     installation and on-site maintenance of existing licenses in all the
     PCs/Servers in all the branches of all 6 RRBs by successful vendor’s
     engineering support services will be required to be done. The rates for
     fresh SPS licenses and subscription renewals are already finalized for these
     RRBs also, which are same as PNB. Necessary fresh and subsequent
     subscription (ATS) renewals SPS Licenses will be procured by each RRB
     individually as per their requirement through a different vendor suggested
     by M/s Symantec directly. Details for these RRBs are enclosed in Annex-
     XIII.

     The latest Symantec Anti Virus solution such as Symantec Protection Suite
     (SPS) available or any latest version compatible to Bank’s hardware
     environment shall be installed by the vendor in all PCs of all
     branches/offices.

     This document provides vendors the Symantec Antivirus Solution set up
     and expectations from the bidder. The bidder is invited to submit a
     proposal for support services of the products to meet the said objective.
     The bidder will offer on-site support services on following security products:
           1. Symantec Protection Suite (SPS) (latest compatible version)
           2. Symantec Critical System Protection (latest version)
           3. Symantec Antivirus protection with Anti Spam Licenses for Mail
              Servers, SMTP, Exchange Server, Domain Controllers (latest
              version which is part of SPS)

  A. Symantec Protection Suite;

  Symantec Protection Suite (latest version) Suite comprising of following
  solutions:
         Antivirus for Desktops, Servers, Windows mobiles, e-mail, SMTP &
         Exchange including Anti Spam having following features –
     1. Symantec Endpoint Protection (latest version)
                        1. Antivirus    (Windows/Macintosh/Linux/ Windows
                           Mobile)


                                        6
                   Request for Proposal – Punjab National Bank

___________________________________________________________

                         2.   Antispyware, Adware Removal tools
                         3.   Desktop firewall
                         4.   Desktop IPS
                         5.   Device control
                         6.   Application Control
                         7.   Network access control
                         8.   Trojan/Worms detection and removal tools

     2.   Symantec AntiVirus for Macintosh & Linux
     3.   Symantec Mail Security for Domino & MS Exchange
     4.   Symantec Mobile AntiVirus for Windows Mobile
     5.   Symantec Brightmail Gateway Software Subscription
     6.   Symantec Premium Antispam

  Symantec Protection Suite (SPS) is to be installed, updated and maintained
  in the following operating systems being currently used in the Bank:
  1. All Flavours of Windows Operating Systems like WIN 2000, WIN ME,
      WINDOWS XP, WINDOWS SERVER 2003, Windows Server 2007, WINDOWS
      VISTA, Windows 7 etc.- covering laptops, Desktops and Server Class
      Machines
  2. Novell Netware 4.x, 5.x (Servers and Work Stations), Linux- All flavours
      (Server Class & Client Class).

B. Installation, Maintenance, Updation and Support
       Bank has procured approx 29000 Symantec Antivirus licenses renewed to
       Symantec Protection Suite (SPS) and being migrated to this version.
       Installation /Migration to latest version of SPS on all PCs/Servers/Laptops is
       to be completed by successful bidder.
       For the contract year 2011-2012, Bank is expected to buy approximately
       5000 new additional licenses for PNB and approx 4000 licenses for RRBs
       directly from Symantec which the successful bidder has to install/give
       maintenance support. However, this requirement is only indicative and
       requirement may vary depending upon actual requirement.
       On-site installation, maintenance, Updation and trouble shooting support
       on new systems and existing systems in bank branches / offices across the
       country.
       Proposed bidder should support all existing licenses and new licenses
       procured/to be procured.
        The updation of definitions should be automatic; however on non-
       updation of the same due to any reason, vendor will be required to visit
       and provide on-site manual installation of updates.
       On availability of new software version or Maintenance release by
       Symantec, vendor will be required to deploy new version/release across
       PNB/RRBs within 3 months on compatible PCs.


                                         7
                  Request for Proposal – Punjab National Bank

___________________________________________________________


  3. ELIGIBLE BIDDER

     The bidder should be the authorized dealer / channel partner
     representative of Symantec in India, and should fulfill the minimum
     eligibility criteria as mentioned in bid document (Annexure- III). A letter of
     authorization to this effect from Symantec must be furnished. Joint bid will
     not be accepted by Bank.
     Those bidders, whose performance in completing any of the earlier
     contracts with Bank has not been found to be satisfactory, will not be
     eligible for participation in this tender.
  4. PRESENT SETUP OF SYMANTEC ANTIVIRUS SOLUTION IMPLEMENTATION:

     4.1 In case of Branches/Offices as part of Enterprise Wide Network
     The architecture for updating of anti virus has been defined in a 3 tier
     manner wherein the Central Antivirus Server updates the Secondary
     Servers installed at the different Circle Offices/Networking Centres which
     further updates the branch office client machines. Different modes of
     network connectivity like Lease Line, ISDN, VSAT, RF links have been hired
     by the Bank. The detailed setup is as follows:

     Updation of Primary/LiveUpdate Server:

     Primary Antivirus Server or Central LiveUpdate Server for the Network is
     situated at ITD: HO, New Delhi. The Primary Server is configured for getting
     updated automatically from Symantec website.

     Updation at Circle Office Servers/ Secondary Servers:

     Each Circle Office (ANNEXURE X) has Antivirus Server, which gets
     automatically updated from the Primary Server situated at New Delhi.

     Updation at Branch level:

           Each branch has dual link connectivity of normally 64 kbps
           bandwidth.
           For Lease-line, ISDN Link Branches have antivirus clients, which get
           updated from the Secondary Server situated at respective Circle
           Offices or Network Centre.
           For all VSAT & RF Link branches, PCs take updates from Central
           Server at Delhi.




                                        8
                     Request for Proposal – Punjab National Bank

___________________________________________________________

                          EXISTING ARCHITECTURE


                          Primary Server                 Internet
                            ITD HO


                                               RF/VSAT
               Leased Line(LL)



                  Secondary Servers
                  At Circle Office(1)                           Secondary Servers
                                                                At Circle Office(n)




                                                Branch PCs
        Branch PCs

The successful bidder may also review the existing architecture and propose
and demonstrate the implementation which will enhance the effectiveness &
efficiency of the deployment without enhancing the implementation or
operational cost or impacting the performance of network.

   4.2 In case of Branches/Offices which are not part of Enterprise Wide Network

The offices/PCs which are not part of Enterprise Wide Network, Antivirus software
are to be deployed on-site and definition updates are to be configured
automatic for Internet connected PCs and manually updated on monthly basis
for stand-alone PCs.

   5. The RFP calls for two types of proposal mentioned as follows:
a) Pre-Qualification and Technical proposal: The vendor’s proposal should
contain the general organizational details, which is required for pre-
qualification.




                                           9
                     Request for Proposal – Punjab National Bank

___________________________________________________________

b) Commercial proposal: The vendor’s proposal should contain per support
engineer cost for installation/maintenance/trouble shooting of Symantec
products during contract period.

This RFP will not address the following:

      Design and positioning of the security products architecture other than
       the antivirus solution.
      The Hardware and Network infrastructure required for implementing the
       required Symantec Antivirus solution, however successful vendor may be
       asked to give view on the existing hardware and if up-gradation of
       hardware is required or not.

6.    Scope of work - Bidder Responsibilities:

     1. Successful Bidder is fully responsible for installation, uninstallation/re-
        installation, configuration, back-up, maintenance & troubleshooting of
        Anti Virus console & centralized update server software as per the
        architecture defined by PNB. Bank may add/remove Anti virus Servers as
        per requirement of the Bank, which has be to installed/maintained by
        vendor.
     2. Successful Bidder is fully responsible for anti virus installation,
        uninstallation/re-installation,   configuration,         maintenance        &
        troubleshooting of SMTP Server, Exchange Server, and Domain Controllers
        servers at Head Office & Circle office security software as per the
        architecture defined by PNB.
     3. Successful Bidder shall be fully responsible for installation, configuration,
        maintenance & troubleshooting of Anti Virus software at all identified PCs
        at all branches and offices throughout India, which are connected to the
        enterprise wide network of PNB and which has connectivity to the
        Centralized Anti Virus Server. All the PCs shall be configured to get
        automatic updates from the Circle Office Anti Virus Server / Central
        console with proper scheduling so as to avoid traffic congestion. The
        update mechanism should be configured in efficient manner by fixing
        micro sizing and update frequency in such a way that it does not cause
        bandwidth issues.
     4. The successful bidder shall be responsible to generate summary & detail
        centralized report from AV Server Console showing version, definition
        updates, scan engine, virus attack/clean history etc.
     5. The successful bidder shall be responsible for installation, configuration,
        maintenance, support and troubleshooting of Anti Virus Software on all
        PCs / Servers in all non-networked branches / offices of the bank.
     6. Successful Bidder shall be responsible for re-architecture /reconfiguring/
        reinstalling of the complete / partial Anti virus infrastructure to take care


                                           10
                  Request for Proposal – Punjab National Bank

___________________________________________________________

      of the latest threat scenarios or to take care of the version upgrades as
      desired by the Bank.
  7. Successful Bidder shall be responsible for Symantec Antivirus Solution
      including all features like Anti Virus, Desktop Firewall and Intrusion
      Prevention System product software version updates on all these servers
      and PCs as is relevant.
  8. The updates of definitions and version updates shall also be carried out
      by the bidder at all non-networked branches manually on monthly basis.
  9. The successful bidder shall be responsible for on-site completing latest
      software version & updates/upgrades on all PCs within 3 months. These
      details must be appearing on AV Server console.
  10. The successful bidder shall be responsible for integrating the AV Servers
      logs to Bank’s Security Operations Center (SOC) and make reports of SOC
      requiring AV engineer from vendor to comply and remove observation of
      SOC points across PNB.
  11. The successful bidder shall be responsible for attending issues as per
      Bank’s Network Integrator (NI) and analysis/calls of NI requiring AV team
      to comply across PNB.
  12. The vendor shall be responsible for
       Ensuring on on-going basis that Symantec Protection Suite (SPS) is
          installed & enabled on all the PCs / Servers of the bank in all its
          branches / offices throughout the country whether connected in its
          enterprise wide network or not.
       Ensuring on on-going basis that all the PCs / Servers installed in all
          branches / offices of the bank remain updated with latest definitions /
          patches/version of Symantec Protection Suite (SPS).
  13. Successful Bidder shall provide dedicated support personnel at all
      locations as mentioned in ANNEXURE X and Annex – XIII (for RRBs), who
      must be available at these locations from 09.00 hrs to 18.00 hrs and on call
      on 24 * 7 basis over Telephone and Email.
  14. The vendor will ensure support from OEM over e-mail and telephone on
      call on 24*7 basis for the issues escalated to OEM.
  15. The vendor shall have a help-line open for the Bank on 24X7 basis.
  16. The vendor shall respond to the calls from the bank. The turn around time
      for the vendor is 2 hour at location mentioned in ANNEXURE X and within
      4 hrs for other remote locations within Circle.
  17. The vendor shall provide an active response to all virus related incidents
      that happen within PNB and will have to visit the sites if the problem issue
      is serious.
  18. The vendor shall adhere to the Anti Virus response guidelines provided by
      PNB.
  19. The vendor shall have skilled and experienced personnel for
      implementation & consultation. Adequate training should be provided to
      the personnel who are involved in the installation & implementation.


                                       11
                      Request for Proposal – Punjab National Bank

___________________________________________________________

         Vendor shall have to maintain adequate number of extra support
         engineers so that no vacant position remains at any location beyond two
         days due to leaving of job/sickness/unsatisfactory performance of
         present engineers.
     20. Additional engineer(s) at average cost per engineer as finalized through
         the bid will have to be provided by vendor in case of Circle(s) asking for
         the same. For this, Vendor shall have to maintain adequate number of
         extra support engineers so that additional engineers are provided at the
         earliest.
     21. Proportionate deduction from any due payment will be imposed for
         absentee of engineer (s) without leave from PNB, and non-performance
         of upgrades/updates/installations.
     22. For its subsidiaries, RRBs, sponsored Banks, additional engineer(s) at
         average cost per engineer as finalized through the bid will have to be
         provided by vendor.
     23. The successful bidder shall be responsible to train Bank officials by
         providing training faculty support at Bank’s HO / COs / Training Centres.
     24. The vendor shall be responsible to provide all the functionalities, which
         the Symantec Protection Suite (SPS)/Symantec Mail Security (SMS) /
         Symantec critical system protection Software Supports.
     25. For each visit to site, vendor will give call report and obtain sign-off for
         satisfactory working of PC/Server.
     26. The Vendor has to provide the Escalation Matrix in respect of calls that
         need to be attended for installation/support and maintenance.
     27. All the above points are applicable in respect of all branches / offices of
         the bank throughout the country, whether networked or non-networked.
     28. All the above scope of work is applicable for all branches / offices of the
         Regional Rural Banks (RRBs) throughout the country, whether networked
         or non-networked.


7.      RELIABILITY

        Since the product shall be installed at critical PCs and Servers, the
        product installation and maintenance shall be done by experienced
        personnel having basic knowledge of all current Operating Systems,
        Networking and deep Symantec Protection Suite product knowledge.

8.      COST OF BIDDING

        The Bidder shall bear all the costs associated with the preparation and
        submission of its bid and Punjab National Bank, hereinafter referred to as
        the Purchaser/Bank, will in no case be responsible or liable for these costs,
        regardless of the conduct or outcome of the bidding process.


                                          12
                   Request for Proposal – Punjab National Bank

___________________________________________________________


9.    BIDDING DOCUMENT

      The Bidder is expected to examine all instructions, forms, terms and
      conditions and technical specifications in the Bidding Documents. Failure
      to furnish all information required by the Bidding Documents or submission
      of a bid not substantially responsive to the Bidding Documents in every
      respect will be at the Bidder’s risk and may result in the rejection of its bid.

10.   AMENDMENT OF BIDDING DOCUMENTS

      At any time prior to the deadline for submission of bids, the Purchaser
      may, for any reason, modify the Bidding Documents through
      amendments at the sole discretion of the Bank.

      Amendment will be published on the e-Procurement portal of the Bank
      and the amendments will be binding on bidders. In order to provide
      prospective Bidders a reasonable time to take the amendments into
      account in preparing their bid, the Purchaser may, at its discretion,
      extend the deadline for submission of bids.

11.   PERIOD OF VALIDITY

      Bids shall remain valid for two year after the date of bid opening
      prescribed by the Purchaser. A bid valid for shorter period shall be
      rejected by purchaser as non-responsive.

      In exceptional circumstances, the Purchaser may solicit the Bidders’
      consent to an extension of the period of validity. The request and
      response thereto shall be made in writing or by fax. The Bidder may refuse
      the request. A bidder granting the request will not be required nor
      permitted to modify its bid.

12.    BID CURRENCIES

Prices shall be expressed in the Indian Rupees only.

13. LANGUAGE OF BID

All bids and supporting documentation shall be submitted in English.

14. BIDDING PROCESS (TWO STAGE)




                                         13
                   Request for Proposal – Punjab National Bank

___________________________________________________________

For the purpose of the present job, a two-stage bidding process will be
followed. The response to the present tender will be submitted in two parts:

    Technical bid             (Part-l)
          TECHNICAL BID will contain the bidder’s information in the format
          (Annex IV) given in bid document.

            TECHNICAL BID will not contain any pricing or commercial
            information at all. The bid shall be signed using Digital Certificate
            by the Bidder to bind the bidder to the contract.


    Commercial bid               (Part-ll)

            The COMMERCIAL BID will be submitted separately on the format
            (Annex VIII). Under the second stage, the COMMERCIAL BID of only
            those bidders, whose technical bids are responsive, will be opened.
            The bid shall be signed using Digital Certificate by the Bidder to
            bind the bidder to the contract.

The bidder will have to submit the Technical bid and Commercial portion of the
bids online sealed and signed with their digital certificate.


15. BID EARNEST MONEY

      Bidder to submit the EMD of Rs.100000/- (Rupees One lac only) as Bid
      Security in the form of Demand Draft or Pay Order/ Cash Order in favor of
      Punjab National Bank –Information Technology Division drawn on Delhi
      OR through online payment mode of e-procurement system. This security
      is required to protect interest of PNB against the risk of conduct of the
      bidder, which may warrant the forfeiture of the security in the following
      scenario:
                    a. In the event of withdrawal of bid during the period of bid
                       validity;
                                    OR
                    b. In the case of a successful bidder, if the bidder fails to sign
                       the contract in accordance with              the Terms and
                       Conditions and other requirement as specified in RFP.
                                 OR
                    c. Any act of bidder, which is not in line with contract
                       obligations.

      Any bid not accompanied with requisite EMD shall be treated as non-


                                          14
                  Request for Proposal – Punjab National Bank

___________________________________________________________

      responsive and is liable to be rejected.

      The EMD of the unsuccessful bidder shall be returned as early as possible,
      but not earlier than 30 days from the date of executing the contract with
      successful bidder, against acknowledgment from the bidder. Successful
      bidder’s EMD will be returned upon the bidder signing the contract and
      submitting the required Performance Bank Guarantee.

      No interest is payable on the amount of EMD even if delay in refund is
      beyond 30 days.

      This EMD amount (DD/PO) should be kept in the envelope containing
      Technical Bid. In the absence of EMD, bid will be rejected.

16. PERFORMANCE GURANTEE

      Successful Bidder will submit a Performance Bank Guarantee as per
      prescribed Performa equivalent to Rs. 5,00,000/- (Rs. Five lac Only) for the
      contract period within 30 days of signing of contract.

17.   SUBMISSION OF BIDS

      The bidders shall submit their bids online using the Bank’s e-procurement
      site www.pnb.org.in as per the specified tender schedule.

18.   DEADLINE FOR SUBMISSION OF BIDS

      Bid must be received by the Purchaser as per the schedule specified in
      tender Document.

      The purchase may, at its discretion, extend this deadline for submission of
      bids by amending the bid documents, in which case all rights and
      obligations of the purchaser and bidders previously subject to the
      deadline will thereafter be subject to the deadline as extended.

19.   LATE BIDS

      Late bids will not be accepted by the System in any case.

20.   MODIFICATION AND/OR WITHDRAWAL OF BIDS

      Bids once submitted will be treated, as final and no modification will be
      permitted. No correspondence in this regard will be entertained.




                                        15
                     Request for Proposal – Punjab National Bank

___________________________________________________________

         No bidder shall be allowed to withdraw the bid after the deadline for
         submission of bids.

In case of the successful bidder, he will not be allowed to withdraw/back out
from the bid commitments. The bid earnest money in such eventuality shall be
forfeited and all interests/claims of such bidder shall be deemed as foreclosed

21.      CONTENTS OF DOCUMENTS TO BE SUBMITTED

The bidder shall submit the following documents:

Documents required in Technical Bid (Sealed Cover)

      1. Check List (Annexure-IX)
      2. Supporting documents in respect of minimum qualification criteria as per
          Annexure-III.
      3. Bidders Information as per format as per Annexure IV.
      4. Acceptance of the terms and conditions and compliance of technical
          specifications as contained in Annexure-V.
      5. Any other document indicating the feature of the product.
      6. Last three years audited balanced sheet and profit and loss account
          statement.
      7. Bid Earnest Money in the form of Demand Draft.
      8. Service Support set up details across India as per Annexure VI.
      9. Performance Statement of projects carried out as per Annexure VII.
      10. Technical Offer indicating competence on the Symantec product to the
          Banks as per Annexure-I.
      11. Power of attorney of signing official of bidder.

Document required in Commercial Bid (Sealed and signed Digitally)

      1. Commercial offer as per Annexure-VIII.

22.      BID OPENING AND EVALUATION

         The purchaser will open the bids, in the presence of Bidders’
         representative who choose to attend, at the time and date mentioned in
         Bid document.

         The bidders’ representatives who are present shall sign register evidencing
         their attendance. In the event of the specified date of bid opening being
         declared a holiday for purchaser, the bids shall be opened at the
         appointed time and place on next working day.



                                          16
                   Request for Proposal – Punjab National Bank

___________________________________________________________

      The commercial bid shall be opened in the presence of Bidders’
      representative, whose bids are considered as responsive as per the
      technical and other qualification criteria as underlined in the bid
      document. The purchaser will prepare the minutes of bid opening.

23.   CLARIFICATIONS ON BIDS

      To assist in the examination, evaluation and comparison of bids the
      purchaser may, at its discretion, ask the bidder for clarification and
      response shall be in writing and no change in the price or substance of
      the bid shall be sought, offered or permitted.

24.   PRELIMINARY EXAMINATION

      The Purchaser will examine the bids to determine whether they are
      complete, whether any computational errors have been made, whether
      required information have been provided as underlined in the bid
      document, whether the documents have been properly signed, and
      whether bids are generally in order. Bids from agents without proper
      authorization from the bidder as per authorization form shall be treated as
      non-responsive.

      Arithmetical errors will be rectified on the following basis. If there is a
      discrepancy between unit price and the total price that is obtained by
      multiplying the unit price and quantity, the unit price shall prevail and
      total price shall be corrected. If the bidder does not accept the
      correction of the errors, its bid will be rejected. If there is discrepancy
      between words and figures, the amount in the words will prevail.

      The bid determined as not substantially responsive will be rejected by the
      purchaser and may not be made responsive by the bidder by correction
      of the non-conformity.

      The purchaser may waive any minor informality or non-conformity or
      irregularity in a bid, which does not constitute a material deviation,
      provided such waiver does not prejudice to affect the relative ranking of
      any bidder.

25.   Evaluation Criteria for deciding the lowest eligible bidder

      Lowest eligible vendor (L-1) will be decided based on total years’ on-site
      maintenance support cost of existing approx 29000 licenses. The total
      project cost will be calculated considering the requirement of: -



                                        17
                      Request for Proposal – Punjab National Bank

___________________________________________________________


         S No     Item                              Total Cost [Rs]
         1        For 71 engineers Two-year’s
         For      install/     upgrade/     on-site
         PNB      maintenance support charges
                  for existing/new Licenses
         2        For 27 engineers Two-year’s
         For      install/     upgrade/     on-site
         RRBs     maintenance support charges
                  for existing/new Licenses
                  TOTAL COST (1 + 2) [ criteria ]:
        The above License quantity is only for calculation of L-1 purpose. Actual
        quantity may vary depending upon the requirement.

        The L1 bidder will be decided on the basis of cost quoted by the bidder in
        the commercial offer (Annexure-VIII). In case of two or more bidders
        being technically eligible, Bank will conduct Reverse Auction to select the
        final L1 vendor.

26.     CONTACTING THE PURCHASER

        Any effort by bidder to influence the purchaser in the purchaser’s bid
        evaluation, bid comparison or contract award decision may result in the
        rejection of the Bidders’ bid.

27. PURCHASER’S RIGHT TO ACCEPT OR REJECT ANY BID OR ALL BIDS

        The purchaser reserves the right to accept or reject any bid and annul
        the bidding process and reject all bids at any time prior to award of
        contract, without thereby incurring any liability to the affected bidder or
        bidders or any obligation to inform the affected bidder or bidders of the
        ground for the purchaser’s action.

         GUIDELINES FOR REVERSE AUCTION:
      Initiation on the Bid Process

      Opening bid price and bid decrements will be intimated at the start of the
      bidding process by the means of on-line messages. In case of not receiving
      the details, the supplier has to inform PNB system administrator one hour
      before the scheduled event time through email and request for the details.

      Opening Price




                                          18
                   Request for Proposal – Punjab National Bank

___________________________________________________________

   Opening price is the upper/ceiling price of the contract value fixed by PNB
   for the lot/item. Suppliers can bid only lower than the opening price in case
   of Reverse Auctions (Bid price would be based on the total price arrived at
   multiplying specified quantities with unit rates and summing up for the entire
   requirement).

   Weightage / Loading Factor

   This factor shall be incorporated by the System Automatically during the
   event. This factor is the effect of financial implication arising out of the
   deviation taken by the Bidder in his Bid.

   Auction Types

   Bank may either go for Price Base Auction when the price quoted by each
   bidder is shown to all the participants or Rank Base Auction when only rank
   of the particular bidder is visible instead of price.

   Alias Name

   Each bidder will be given a unique alias name, generated by the system
   and informed by system generated email. Bidders can see the bids of other
   suppliers but the real name will not be visible on the screen. Complete,
   schedule of the auction will be intimated through a system generated
   emails to the participating suppliers. Flash messages between the event
   and at the end of the events. The normal duration of Reverse auction will
   be 1 hour (60 minutes) with provision of auto extension as per auction rules
   to be decided by Negotiation Committee before start of auction. The Bid
   Extension rules shall be governed after the expiry of the Auction Time earlier
   set & decided before start of Event. In the event a bidder is placing his bid
   in last 5 minutes of the scheduled end time of the event, the event will get
   automatically extended for next 5 minutes infinitely. The auction time will get
   automatically extended so as to allow other the bidder an opportunity to
   supplier to participate and give better offer to win the bid. In the event of
   any typographic error while posting the bid, the auction would still get
   extended so as to allow the bidder an opportunity to correct the mistake.
   Screen will refresh automatically in every seven (7) second. It is
   recommended to manually refresh screen by pressing F- 5 from keyboard, if
   no changes are seen on screen for unusual period.

   Bid Decrement

   Bid Decrement is the minimum fixed amount by which, or by multiples of
   which, the next bid value can be decreased. Bid decrement is usually



                                        19
                    Request for Proposal – Punjab National Bank

___________________________________________________________

   calculated 0.25% of the opening price. However PNB reserves the right to
   decide appropriate bid decrement factor. Bidders should enter the next
   bid price considering the Bid Decrement, with reference to self bid for Rank
   Auction and L1 bid with reference to Price Auction. However in no case
   would the system accept modification to a higher value.

   Auto Bid

   Auto Bid is disabled from the start time of bidding.

   Surrogate Bidding

   Surrogate bidding is not allowed.

   Price Break Up

   Bidders are required to submit the price break up of the final bid price just
   after the event on to the formats/ price breakup sheet.

   Price Variation Factor

   If a bidder quoting higher prices, higher by more than 40% as compared to
   the average quoted prices (of all technically qualified bidders) for all items
   in aggregate, the same bidder shall not be called for reverse auction
   process.

   Mistake Proofing

   If a bid placed X times below or higher of the bid decrement / increment as
   decided by PNB, a warning message will be flashed on screen to confirm
   the placed bid, Bid once placed will not be deleted in any circumstances
   and the supplier will be bound to deliver the item on the quoted bid.

   The following term and conditions are deemed as accepted by vendor on
   participation in the bid event

   Bidders/ participants are deemed to have accepted the auction rules on
   participation at the bid event. Participation in a bid event is by invitation
   from PNB. Any other supplier does not automatically qualify for
   participation. PNB will make every effort to make the bid process
   transparent. However, the award decision by PNB would be final and
   binding on supplier.

   1. Bidders agrees to non-disclosure of trade information regarding the
      purchase, identity of PNB, bid process, bid technology, bid
      documentation and bid details.



                                        20
                     Request for Proposal – Punjab National Bank

___________________________________________________________

      2. Bidder cannot change price or quantity or delivery terms (or any other
         terms that impact the price) post the bid event.
      3. Deed to furnish the item rate form within the stipulated time after the bid
         event.
      4. Bidder cannot divulge either his bids or those of other suppliers to any
         other external party.
      5. Technical and other non-commercial queries (not impacting price) can
         be routed to the respective PNB contact personnel indicated in the RFP.
      6. Bidder is advised that he will understand auto bid process is to safeguard
         them in case of technical failure. Inability to bid due to telephone line
         glitch, Internet response issues, software or hardware hangs will not be the
         responsibility of PNB.

      7. Bidder should be prepared with competitive price quotes on the day of
         the bidding event. Participate in the online bidding event as per the
         schedule. Submit the item wise price break up for all the items as per his
         last bid price in the stipulated time as per the schedule immediately after
         the online sourcing event. The bidder has to necessarily quote for all the
         items listed in the BOQ. In case of incompleteness of the bid, same may
         be rejected.

      8. NOTE –
       1. If two or more bidders are technically eligible, we will initiate the process
          of reverse auction


28.     SIGNING OF CONTRACT

        The successful bidder(s) shall be required to enter into a agreement with
        PNB, within 7 days of the award of the tender or within such extended
        period as may be specified by Chief Manager, Information Technology
        Division, Punjab National Bank, HO: 5, Sansad Marg, New Delhi, on the
        basis of the Tender Document, the Tender of the successful bidder, the
        letter of acceptance and such other terms and conditions as may be
        determined by the Bank to be necessary for the due performance of the
        work in accordance with the Bid and the acceptance thereof, with terms
        and conditions shall be contained in a Memorandum of Understanding to
        be signed at the time of execution of the Form of Contract. The rate
        contract will be valid for two year, unless terminated by the Bank before
        that date. The Bank may extend the contract period for a further period
        of up to one year with re-negotiation with vendor.

29. GOVERNING LAW                AND    DISPUTES     (APPLICABLE      IN   CASE    OF
SUCCESSFUL BIDDER)


                                           21
                     Request for Proposal – Punjab National Bank

___________________________________________________________


        All disputes or differences whatsoever arising between the parties out of
        or in relation to the construction, meaning and operation or effect of
        these Tender Documents or breach thereof shall be settled amicably. If,
        however, the parties are not able to solve them amicably, the same shall
        be settled by arbitration in accordance with the applicable Indian Laws,
        and the award made in pursuance thereof shall be binding on the
        parties. The Arbitrator/Arbitrators shall give a reasoned award. Any
        appeal will be subject to the exclusive jurisdiction of courts at Delhi.

        The vendor shall continue work under the Contract during the arbitration
        proceedings unless otherwise directed in writing by the Bank or unless the
        matter is such that the work cannot possibly be continued until the
        decision of the arbitrator or the umpire, as the case may be, is obtained.
        The venue of the arbitration shall be Delhi.

  30.         USE OF CONTRACT DOCUMENTS AND INFORMATION

        The Vendor shall not, without the Bank's written consent, disclose the
        Contract or any provision thereof, or any specification or information
        furnished by or on behalf of the Bank in connection therewith, to any
        person(s) other than a person(s) employed by the Vendor in the
        performance of the Contract. Disclosure to any such employed person(s)
        shall be made in confidence against Non-disclosure contracts completed
        prior to disclosure and disclosure shall extend only so far, as may be
        necessary for purpose of such performance.

        Any document, other than the Contract itself, shall remain the property of
        the Bank and all copies thereof shall be returned to the Bank on
        termination of the Contract, if so required by the Bank.

        The Vendor shall not, without the Bank's prior written consent, make use of
        any document or information except for purposes of performing the
        Contract.

  31. PATENTS RIGHTS

        The bidder shall indemnify the purchaser against all third party claims of
        infringement of patent, trademark or industrial design rights arising from
        use of the Goods, or any part thereof in India.
        -The bidder shall, at their own expense, defend and indemnify the Bank
        against all third party claims or infringement of intellectual Property Right,
        including Patent, trademark, copyright, trade secret or industrial design



                                          22
                  Request for Proposal – Punjab National Bank

___________________________________________________________

     rights arising from use of the products or any part thereof in India or
     abroad.

     -The bidder shall expeditiously extinguish any such claims and shall have
     full rights to defend itself there from. If the Bank is required to pay
     compensation to a third party resulting from such infringement, the bidder
     shall be fully responsible for, including all expenses and court and legal
     fees.

     -The Bank will give notice to the Bidder of any such claim without delay,
     provide reasonable assistance to the Bidder in disposing of the claim, and
     shall at no time admit to any liability for or express any intent to settle the
     claim.

32. ASSIGNMENT

     The support persons must be from the bidder company. The bidder shall
     not assign, in whole or in part, its obligations to perform under the
     contract, except with the Purchaser’s prior written consent.


33. DELAYS IN PERFORMANCE

     Any delay in performing the obligation by the bidder will result in
     imposition of liquidated damages and/or termination of rate contract for
     default.

34. LIQUIDATED DAMAGES

     If the bidder fails to perform services within stipulated time schedule, the
     purchaser shall, without prejudice to its other remedies under the rate
     contract, deduct from the amount payable to the bidder under the
     contract as liquidated damages, a sum equivalent to 1.5 times the pro-
     rata rates for non-performance to the satisfaction of the Bank or
     absentee due to any reason. The purchaser has right to cancel the order
     in case delivery/services not performed within stipulated time schedule.

     The purchaser is entitled to withhold (deduct) from the purchase price or
     any other amount that is due to bidder from this contract or any other
     contract.

35. INDEMNIFICATION




                                        23
                   Request for Proposal – Punjab National Bank

___________________________________________________________

      The Successful Bidder shall, at their own expense, defend and indemnify
      the Bank against any claims due to loss of data / damage to data arising
      as a consequence of anti virus solution implementation or non-
      maintenance or not providing the service within the requisite time at any
      of the designated location(s).

36.FORCE MAJEURE

The Vendor or the Bank is not responsible for delays or non-performance of any
contractual obligations, caused by war, blockage, revolutions, insurrection, civil
commotion, riots, mobilizations, strikes, blockade, acts of God, plague or other
epidemics, fire, flood, obstructions of navigation by ice of port of dispatch, acts
of Govt. or public enemy or any other event

Beyond the control of either party which directly, materially and adversely
affect the performance of any contractual obligation.

If a force majeure situation arises, the Vendor shall promptly notify the Bank in
writing of such conditions and the change thereof. Unless otherwise directed by
the Bank, in writing, the Vendor shall continue to perform his obligations under
the contract as far as reasonably practiced and shall seek all reasonable
alternative means for performance not prevented by the force majeure event.


37. SERVICE LEVEL AGREEMENT

The Successful Bidder will also have to enter into a Service Level Agreement for
Service, Support and maintenance of Solution as per terms and conditions of
the RFP and covering the Scope of work of Successful Bidder. SLA shall be
elaborated to assure:
       On-site deployment of Symantec Protection Suite (SPS) on 100% of the
          PCs / Servers of the bank in all of its branches / offices within three
          months of contract signing & again on new releases of new
          version/MR by Symantec.
       Regular Updation of definitions, versions on all PCs / Servers without
          adverse impact on the network efficiency.
       Support and trouble shooting on the products at all branches / offices

38. NON DISCLOSURE AGREEMENT:

Successful Bidder should sign non-disclosure agreement as per ANNEXURE XI.

39. TERMINATION:



                                        24
                    Request for Proposal – Punjab National Bank

___________________________________________________________

   (i). By PNB:
   PNB shall be entitled to terminate this contract by giving 3 months notice to
   Successful Bidder in case:

      a.     Successful Bidder fails to integrate/implement the project as per the
             requirements of PNB. In such eventuality, Successful Bidder will
             refund to PNB any advance received in respect of licenses for
             Symantec Protection Suite (SPS), which are not implemented.

      b.     Successful Bidder fails to provide maintenance services as per terms
             and conditions agreed hereunder and/or fails to fulfill any of its
             obligations enumerated hereunder. In such eventuality, Successful
             Bidder shall refund to PNB the proportionate maintenance charges
             received in advance, if any, for the remaining period. In such
             eventuality, PNB shall have the right to avail the services of any
             other person for the purpose without any let or hindrance from
             Successful Bidder.

      c.     In the eventuality of termination of contract, PNB shall have the
             right to avail the services of any other person for the purpose
             without any let or hindrance from Successful Bidder.


     d.      In the eventuality of termination of contract, besides claiming
             refund of amount as above, PNB shall have a right to claim
             liquidated damages as decided by arbitrator.

   ii. By Successful Bidder:

   Successful Bidder shall have the right to terminate this contract by giving 3
   months notice to PNB, in case PNB fails to pay the fees/charges to Successful
   Bidder as per terms agreed hereunder.

40. Obligations of PNB:

      a.     PNB shall provide appropriate access, to the extent required for
             handling Anti-Virus related issues, on the computer system to
             provide service hereon. PNB shall be responsible for providing
             proper power source and other environmental conditions as
             prescribed by Successful Bidder.

      b.     During the period of this maintenance contract the setup shall not
             be relocated without prior intimation to Successful Bidder.



                                        25
                   Request for Proposal – Punjab National Bank

___________________________________________________________

      c.     PNB shall be responsible for communicating PNB’s own users of the
             network security services and for handling all complaints, trouble
             reports made by such users.

      d.     PNB staff will always accompany Successful Bidder engineer(s) for
             carrying out any activity on PNB’s critical security network / setup.

41. Obligations of Successful Bidder:

      a.     Successful Bidder will always send trained and experienced
             engineers to provide service at PNB offices. Their name, contact
             address and phone nos. will be advised in writing to PNB before
             hand. They will carry Photo Identity-card of company to prove their
             identity.

      b.     Whenever any designated Successful Bidder engineer is leaving his
             job, Successful Bidder will give prior information about this to PNB.

      c.     Successful Bidder engineer(s) will always work on PNB servers /
             networks from PNB premises and will NEVER enter into PNB network
             from any other Public or Private network under any circumstance.

      d.     Successful Bidder engineer(s) will not change the password of Anti
             Virus software / tools without the knowledge of PNB’s Information
             Security Team. In case they are aware about any password(s), they
             will not share it with any one other than PNB’s Information security
             team without written communication from PNB’s Information
             Security Team.

      e.     Successful Bidder engineer(s) will always give a duly signed call
             report, at all locations, describing the activities carried out by them
             before leaving PNB premises.

      f.     Whenever any new threats / vulnerabilities become public,
             Successful Bidder will bring this to the notice of PNB immediately
             and help / guide PNB in plugging these. The requisite configurations
             for plugging the threats /vulnerabilities will be done by Successful
             Bidder.

           g. Successful Bidder consultants would provide telephonic and e-mail
              support for the problems reported from any of the PNB locations
              within two hours from the reporting time. The type of calls which
              could be resolved through phone and e-mail may include (for
              example) updation of the anti virus, adding a rule base to the


                                        26
                Request for Proposal – Punjab National Bank

___________________________________________________________

          firewall, making minor configuration changes on the IPS and
          restarting the firewall service etc.

       h. For all the problems which could not be resolved through
          telephone or e-mail and which requires the presence of Successful
          Bidder engineer, the response time would be 2 hours from the
          reporting time at Head offices & Circle offices and at other
          locations outside the Circle Office city within 4 hours.

       i. Once the call has been attended, Successful Bidder engineers will
          put their maximum efforts and deploy their best resources to resolve
          all calls at the earliest possible time frame at all locations.

       j. Successful Bidder shall be responsible for any act of its employees
          that may result in security breach in respect of PNB network.




                                    27
                       Request for Proposal – Punjab National Bank

___________________________________________________________

ANNEXURE-I
Technical Specifications for Symantec Protection Suite Enterprise Edition (SPS)
Symantec Protection Suite 11.0.x (or latest) Suite comprising of following solutions
     •Symantec Endpoint Protection latest version
     •Symantec AntiVirus for Macintosh & Linux
    •Symantec Mail Security for Domino & MS Exchange
     •Symantec Mobile AntiVirus for Windows Mobile
     •Symantec Premium Antispam
     •Symantec Brightmail Gateway Software Subscription (aka Symantec Messaging Gateway)
     •Symantec Web Gateway Software Subscription
     •Symantec Network Access Control (Self Enforcer)
     •Symantec Backup and System Recovery for Desktops to any hardware


The bidder must have competent engineers in deploying/maintaining following features of
Symantec (SPS) product:
End Point Security Protection Features capabilities                           Competent
                                                                              (Yes / No)
         OPERATING SYSTEMS SUPPORTED - Should be able to support
         the following. Platforms:
          All flavors of Windows viz WIN 2000, WIN XP, Win-Vista, Windows 7
         etc.
          Windows Server 2003, Windows Server 2007 etc.
          Linux
          All flavors of Browser based applications servers.
PRE-SCAN EXCLUSIONS - Should be able to add files, folders or extensions
to an 'exclude' list so that they are not scanned on access
The antivirus software should be able to automatically detect and update
definitions & scan engine from the nearest parent server in the network
Should allow for incremental virus definition and scan engine updates

Solution should able to Detect and block malicious software in real time,
including viruses, worms, Trojan horses, spyware, Adware, and RootKit.
Endpoint solution technology should include a behavioral based technology
apart from providing the signatures for known threats, vulnerability add
heuristic based approach. It should be able to score both good and bad
behaviors of unknown applications, enhancing detection and reducing false
positives without the need to create rule-based configurations to provide
protection from unseen threats i.e. zero-day threats.
Solution firewall engine should have option to allow or block support of
network protocols, including Ethernet, Token Ring, IPX/SPX, AppleTalk, and
NetBEUI. Can block protocol drivers (example: VMware, WinPcap) and should
have Adapter specific rules – e.g. Ethernet , Wireless, VPN
Proposed IPS solution should allow customer to edit and create the IPS
signature using snort/custom based format if required.
Solution should able to block devices based on Windows Class ID. These
devices should include
         USB, Infrared,
         Bluetooth,
         Serial Port
         Parallel Ports,
         fire wire,



                                                 28
                         Request for Proposal – Punjab National Bank

___________________________________________________________

          SCSI and
         PCMCIA.
 Solution should also be able to block and give read/write/execute permission
for mentioned devices.
Solution should provide application analysis, process control, file and registry
access control, module and DLL control.
Proposed Solution should be able to deploy flexible and different security
policies depending upon the AND/OR relationship of following network triggers
-
 - IP address (range or mask)
 - DNS Server
 - DHCP Server
 - WINS Server
 - Gateway Address
 - TMP Token Exists (hardware token)
 - DNS Name Resolves to IP
 - Policy Manager Connected
 - Network Connection (wireless, VPN, Ethernet, dialup)
The solution should be scalable to include the options which may be used by
the Bank in future.
Proposed IPS solution should combines NIPS (network) and HIPS (host) both
with Generic Exploit Blocking (GEB) for one signature to proactively protect
against all variants, Granular application access control and behavior based
technology mentioned above.
Proposed solution should be able provide superior root kit detection and
removal. This should have access below the operating system to allow
thorough analysis and repair.
System Lock Down - it should be able to ―Locks down‖ the system by
fingerprinting every executable file on the system. It should then monitor all
running applications and terminate any application for which the agent does
not have a matching fingerprint.
Denial of service detection and protection - Should Protects the system from
multiple forms of anomalous network behavior that is designed to disrupt
system availability and/or stability.
Anti-spoofing - Should Protects the transmission of data from being sent to a
hacker system who has spoofed their IP or Mac Address
 Agent should have the ability to detect and block process execution chains. It
is able to detect when a malicious application tries to execute a trusted
application, and then use the trust privileges of that application to access the
network.
Anti-application hijacking - Should prevent hackers and web sites from
identifying the operating system and browser of individual computers.
Code insertion attack prevention - Prevent malicious applications from
inserting code into trusted application to bypass outbound application fire
walling.
Protocol adapter attack prevention - Prevent malicious applications from using
their own protocol adapter to bypass outbound fire walling.
Antivirus and Antispyware policy can have options by default to choose High
Security and High performance to have a right balance while deployment in
the production network.
Antivirus schedules scans should get delayed/ rescheduled while laptops are
running on batteries.
Antivirus should have behavior based technology to scan for Trojans, worms
and key stroke loggers to protect from zero day threats. Sensitivity level of this



                                                     29
                            Request for Proposal – Punjab National Bank

___________________________________________________________

should get adjusted with customized scanning frequency.


Antivirus Solution should have internet browser protection and home page
should be configurable if security risk changes that.
Antivirus solution should be able to Scan POP 3 email traffic including email
clients Microsoft outlook , lotus notes and outlook express.
Desktop Firewall rules should be configurable depending upon the adapters
including Ethernet, Dialup, VPN (Microsoft PPTP, Nortel, Cisco). The solution
should be scalable to wireless networks in case bank wants to.
Desktop Firewall rules should be configurable depending upon the state of
screen saver "ON" & "Off".
Desktop Firewall Policies should be configurable depending upon the time and
day.
The solution must have readymade policies including –
     a) To Make all removable drives read only ,
     b) To block program from running from removable drives ,
     c) Protect clients files and registry keys ,
     d) Log files written to USB drives ,
     e) Block modifications to host files
Management server should have the capabilities to add multiple
domains/groups if required for the different locations to assign the different
administrators for other locations. Each domain should shares the same
management server and database. This separation prevents administrators in
one domain/group from viewing data in other domains. These administrators
can view and manage the contents of their own domain, but they cannot view
and manage the content of other domains.
The solution should allow integrating network access control functionality
without any modifications to antivirus agent or deploying a separate agent
should bank feel to go for network access control in future.
The Host-based, self-enforcement - It should use a desktop firewall (built
into the agent) to permit or deny managed endpoints access to the network.
This method should offer the fastest and easiest implementation as it requires:
No infrastructure changes and No additional deployment efforts.
Solution should have the integration with various client management & patch
management solution
It must have compliance check policy templates for client management agent
to ensure that agent is always installed, running and updated.
Solution must have the ability to validate the users connecting to the Enterprise
network by determining the following:


        a)    Their host-firewall policy matches the policy defined on the
management server.
           b)    Host-IPS is running. And HIPS signature files are up to date
           c)    Anti-Virus is running and Anti-Virus definitions/.DAT files are up-to-
date according to enterprise security policy.
           d)    Custom or third-party security applications are running.
           e)    The patch level of the operating system meets enterprise security
policy.
           f)    The patch level of applications meets enterprise security policy.
           g)    Registry values are present.
           h)    The password strength meets minimum requirements.




                                                           30
                          Request for Proposal – Punjab National Bank

___________________________________________________________
          i)    Windows Update tool is enabled and running.
          j)    They are permitted to alter their network configuration settings.
          k)    Minimum service pack requirements are met.
          l)    Anti-Spyware is running.
          m)    The agent is a valid agent
          n)    Determine if a custom or third-party files are present..
          o)    Add/Remove Programs is enabled for the user
          p)    Enforce the presence and update status of Anti-Spyware products.
Solution should have following policies templates to check & enforce the
security of workstations –
            a) Minimum password age, password length, complexity and
history.
            b) To Disable Guest account, registry editing, add or remove
program, remote desktop, IP change, windows CD and windows auto play.
Host Integrity rule priorities and conditions enable administrators to create
interdependencies between rules such as ―if/then/else‖ conditions and
determine the order in which rule are executed. For Example, rule conditions
allow administrator to create policies such as ―the host must be running either
anti-virus 1 or anti-virus 2.‖ Rule priorities ensure the Host Integrity rules are
run in the correct order. For example, Agent could download and install a
required operating system patch before initiating the update of a hot fix.

To conserve the network bandwidth clients should be configurable to upload
the maximum records of logs to the management server.
Specification for Antispam and Antivirus for Mail                                    Competent
                                                                                     (Yes / No)
Proposed Antivirus and Anti SPAM solution should be for the SMTP
gateway and as well as for the messaging servers. This protection
should include content filtering and Data Loss prevention. Antivirus and
AntiSPAM engines should be tightly integrated from a single vendor to
avoid any integration and administrative burden.
The proposed solution should have an integrated MTA, and should include
standard features such as overlapping message delivery for high-volume
sustained delivery, onboard DNS caching, support for virtual domains, and
load balancing via MX DNS. The proposed solution should be secured against
unauthorized relaying and secured against buffer overrun vulnerabilities.
The proposed solution should have proprietary URL technology, which
should seek out spam URLs in messages, includes specific filters
against fraud URLs. This technology should also remove the
obfuscation and URL-relaying tactics that spammers can employ to
conceal the target fraudulent URL.
The vendor should have inhouse infrastructure and capabilities to
monitor worldwide spams and viruse and also create accurate anti-
spam filters developed and delivered by the solution vendor every 10
minutes to ensure continuous protection. This should include an
existing honey pot network (over 2 million decoy email addresses and
domains). This should also include submissions and statistics from
over 300 million email inboxes.
The proposed solution should enable transformation of address information for
inbound recipients and outbound senders. The rewriting should occur as
follows:



                                                         31
                        Request for Proposal – Punjab National Bank

___________________________________________________________

The solution should Rewrite recipient and sender addresses in both envelope
and headers (Inbound Recipients and Outbound Senders)
The proposed solution should extend address rewriting capabilities by
replacing one inbound recipient address with one or more email addresses.
With aliasing, rewriting should occur only for the recipient addresses and only
in the envelope (Inbound Recipients)
The proposed solution should append a default domain for outbound traffic.
This should aid deployments in which multiple anti-spam appliances are
sending outbound mail.
The proposed solution should optionally drop invalid recipients from a given
message. When an invalid recipient is recognized it should be dropped from
the given message. This will be protecting the internal mail server from
exposing invalid name space to directory harvest attacks.
The proposed solution should allow customization of the SMTP banner text,
which is the ―connection greeting‖ message.
The proposed solution should have a setting for configuring delivery bounce
message timeout. This setting should control how long bounce messages stay
in the delivery queue.
The Solution should support architecture which must be scalable. It should
have ability to separate the scanner and management so that there is no
single point of failure. Solution should provide support to install solution on
virtual environment.
The proposed solution should be based on technologies which provide
validated spam catching rates of over 95%
The proposed solution should have a false positive rate of less than 1 in one
million messages
The proposed solution should identify and filter a spammer’s intended URL,
which is often disguised and leads to spam Web pages.
The proposed solution should have URL technology, which should seek out
spam URLs in messages, includes specific filters against fraud URLs. This
technology should also remove the obfuscation and URL-relaying tactics that
spammers can employ to conceal the target fraudulent URL.
The proposed solution should have filters that proactively target patterns
common in spam and viruses.
The proposed solution should target a specific MIME attachment, for example,
a ZIP file that contains a virus.
The proposed solution should have signature technology that eliminates
randomization and HTML-based filter evasion techniques.
The proposed solution should have tight, targeted, regular expression-based
filters based on real-time attacks or derived based on commonalities or trends
present in spam messages.
The proposed solution should have first-generation signature/body hash
technology
The proposed solution should have language identification option in which the
text of the message should be identified as belonging to one of 11
international languages. The proposed solution should then run only the filters
that apply to the message’s language. Users should be given an option to
adjust language preferences to deny or allow email based on language
identification by the solution vendor
The proposed solution must have specially tuned heuristics to detect and
block span in non-English language. The supported languages could include
Chinese, Dutch, English, French, German, Italian, Japanese, Korean,
Portuguese, Russian, and Spanish.



                                                   32
                        Request for Proposal – Punjab National Bank

___________________________________________________________

The proposed solution should vendor should have technicians deployed
across the globe to analyze spam and create targeted filters in over 15
languages.
Filters should automatically be downloaded from the proposed solution vendor
to customer sites via secure HTTPS every 5–10 minutes. Should have no
need for server restart or administrator intervention.
The proposed solution vendor should have the largest honeypot network
(large decoy email addresses and domains (more than 1 million). This should
also include submissions and statistics from millions of email inboxes. This
should help the customer to have accurate anti-spam filters developed and
delivered by the solution vendor every 10 minutes to ensure continuous
protection
The proposed solution should have an option using which end users can log
into the Spam Control Center, a Web-based interface, to submit missed spam
to the solution vendor. If warranted, the vendor should adjust filters.
Using convenient submission tools, The proposed solution vendor’s user
community— million strong—can quickly inform the vendor as soon as
possible in the event of a misidentified message
Based on the submissions, The proposed solution vendor should adjust filters
if warranted to improve filtering quality.
The proposed solution should provide Directory Harvest protection to protect
internal mail server from attacks
Based on objective analysis of sending patterns at the network level, the
Sender Reputation Service can identify abusive senders and prevent abusive
senders and spammers from connecting to the appliance.
Should automatically collect local sender reputation data to support skipping a
subset of antispam filters for those with no history of sending spam. It should
also regularly re-evaluates senders granted a pass
Solution must have local reputation with SMTP traffic shaping technology

End user tools and Preferences                                                    Competent
                                                                                  (Yes / No)
Users should have an option to specify addresses that will always be blocked.
These entries should be in addition to organization-wide block lists defined by
administrators.
Users should have an option to designate senders who will allow bypassing
antispam filtering. This should include convenient auto-population of trusted
senders from the Microsoft Outlook address book.
Users should have an option to either specify languages in which they want to
receive email or in which they don’t want to receive email. Users should be
allowed to choose from 11 supported international languages.
Users should have an option to submit missed spam or false positives to the
solution vendor for analysis.
Using an Internet browser, end users should be able to log in to their personal
quarantine at any time and view their quarantined messages.
Mail Antivirus Scanning                                                           Competent
                                                                                  (Yes / No)
The proposed solution should provide Day Zero virus protection which will
help organization protect infrastructure from new threat.
The proposed solution should incorporate the award-winning antivirus engine
by the same vendor and backed by the vendor's security response team.
The proposed solution should use rapid release definitions. These definitions,
which should undergo basic vendor reliability checks, and should be designed



                                                    33
                         Request for Proposal – Punjab National Bank

___________________________________________________________

to head off emerging threats.

The proposed solution should have AV scan engine which should update virus
definitions and scan engines without having to redeploy the software or restart
services. This will ensure that there is no interruption in virus scanning to get
new definitions.
The proposed solution vendor should have an option give to customers where
they can pick whether to use Rapid Response or Platinum antivirus definitions
The antivirus definitions created by the proposed solution vendor should be
updated at customer sites every hour or as soon as they are available
The proposed solution should be able to choose from multiple actions to
handle messages with viruses. For example, clean and deliver the message,
deliver the message normally, delete the message, notify the sender, and
more.
The proposed solution should automatically remove not only the mass-mailing
worm but also the associated spawned emails, which can number in the
hundreds and serve no valuable purpose.
The proposed solution should have adjustable heuristics for more or less
aggressive identification of viruses.
The proposed solution should have an option to specify maximum size and
scanning depth levels to reduce exposure to zip bombs that tax processing
To handle emerging threats for which a definition has not been created,
administrators should be able to use the option in the proposed solution to
block based viruses that employ a distinctive subject line.
Should also have Integrated Instant Messaging security and outbound
protection out of the box
Email Message Integrity                                                             Competent
                                                                                    (Yes / No)
The included MTA in the proposed solution should support the ability for
encrypted connections between other MTAs using TLS. Using this feature an
administrator should be able to choose whether TLS is permitted and/or
required for all the appliances in the network. TLS delivery should be
regardless of MX/Static.
The proposed solution should authenticate messages using the Sender Policy
Framework (SPF), allowing administrators to drop connections or perform
other actions for senders that fail authentication.
Policy and Content Compliance                                                       Competent
                                                                                    (Yes / No)
The proposed solution should help organizations manage the risks associated
with data leakage, regulatory compliance, and internal governance.
In the proposed solution Customers should quickly implement the policies
needed to ensure that they are compliant with the laws that govern their
region or industry.
The Solution should have pre-built templates reduce the risk of error in
building the rules needed to ensure compliance
The solution should Allow the creation of compound policies that use logical
relationships to group them together. This increases the power of the filters
and reduces the number of individual rules that are needed.
The proposed solution should enable administrators to define or import a pre-
defined dictionary of prohibited words. This feature can be used to enforce
organizational email content policies. For example:
Scanning inbound messages against a default or customized offensive word
dictionary to prevent employees from receiving messages with objectionable



                                                     34
                          Request for Proposal – Punjab National Bank

___________________________________________________________

content

Scanning outbound mail against a list of project code names, NDA topics, or
other confidential information
The proposed solution should allow administrators to create custom filters
using a graphical interface. These global, server-level filters must be used to
enforce company policies.
The solution must allow administrators to quickly activate and deactivate
individual filters, display their activation status, and organize the order in which
rules are run. There should be no limit to the number of conditions
administrators can create in the content filter.
The proposed solution should allow administrators to automatically add text to
outbound email, such as a legal disclaimer or commercial information.
The proposed solution should allow administrators to scan for attachments
with specific size or content attributes.
The Solution must allow administrators to specify a maximum attachment size.
There should also be provision to create filters to match against a specific
MIME type, file name, or file extension.
The proposed solution should allow administrators to send a copy a message
to a designated email address. This feature should allow administrators to
configure their third party archival solutions to accept and handle the
message.
The proposed solution should allow administrators to create a configurable
email notification based on the disposition or category of a message.
In the solution administrator should have an option to define the text of the
notification message, the recipients, and whether to include the original
attachment.
Should have seamless integration with Data Loss Prevention technology with
a single admin GUI, policy console, and quarantine
Should support both local and global reputation based management to block
threats before they enter the messaging systems.
Email Management                                                                       Competent
                                                                                       (Yes / No)
Administrators should be able to view the emails in the Inbound queue,
Outbound Queue and Delivery Queue through the GUI
The proposed solution should be able to apply policies at the Email Firewall
level, before the messages is accepted for processing. These policies should
apply to all users at the site. Some examples would be ―Reject connections
from all Open Proxy Senders‖ or ―Quarantine all messages from senders who
fail SPF authentication.‖
Administrators should be able to specify user groups, identified by email
addresses, domain names, or LDAP groups and customize mail filtering for
each group. For example, we might choose to quarantine spam and
suspected spam for review by the legal department, but delete spam for the
human resources department.
The proposed solution should be available on appliances and virtual
machines for scalability.
The proposed solution should perform one- way LDAP synchronization from
existing directory stores. (This eliminates the need for dual entry of user
information). The supported source directories should include:
     a) Windows 2000 Active Directory,
     b) Windows 2003 Active Directory,
     c) iPlanet/Sun Messaging Server 5.1/Java Directory Server



                                                      35
                         Request for Proposal – Punjab National Bank

___________________________________________________________

The LDAP Synchronization service should also support the import of
organization data in LDIF files format, in case directory owners want to restrict
direct access to the directory. The LDAP option should be for Authentication
or Synchronization or for both authentication and synchronization
LDAP Synchronization must be enabling to utilize the existing group structure
within the LDAP source for implementing group policies.
         Used For: Group Policies
         Supported Platform: Active Directory, Exchange 5.5 Sun JES, Lotus
Domino
         LDAP Interaction: Synchronization and replication
The proposed solution should enable administrator to assign a variety of
actions to policies, based on the verdict a message.
Add header—Adds a configurable X-header to a message, for example, X-
spam or X-newsletter.
Annotate—Adds custom text, such as a legal disclaimer to message.

Archive—Sends a copy of the mail to a specified email address.

BCC—Sends a blind carbon copy of the message to a specified email
address.
Bounce—Creates new messages with customizable non delivery content, and
emails it to the sender.
Clean—Message Cleaned of viruses and delivered to the recipient. Any
worms are deleted.
Delete—Message removed from email stream, discarded. Worms
automatically deleted.
Deliver Normally —Delivers message to recipient’s with no filtering inbox.

Forward—Sends message to a single administrative account for further
scrutiny.
Modify subject—Appends or prepends configurable subject line to a a
message (example: [Spam])
Quarantine—Sends the message to the Web-based Quarantine.

Send notification—Sends an email with customizable text to a specified email
address.
Strip attachment—Removes attachment from message and sends message
on to the recipient
The proposed solution should have an option for combining actions. For
example, for message triggering a compliance filter, we should be able to
configure multiple actions in response
The proposed solution should have configurable definition of suspected spam
for more aggressive filtering. The administrator should be able to use policies
to set up a unique action for messages identified as suspected spam.
The proposed solution should have an option using which messages can be
classified as one of the following: Spam
     a) Suspected spam (matching the adjustable Spam Scoring range you
         specify)
     b) Email from blocked senders
     c) Emails infected with viruses
     d) Mass-mailing worms
     e) Unscannable emails (could not be scanned due to size restrictions or



                                                     36
                         Request for Proposal – Punjab National Bank

___________________________________________________________

         other variables)
    f)   Custom-filtered emails (matching content filters created by the
         administrator)
Administrators should be able to log in and review spam messages that the
proposed solution had quarantined for all users in our organization.
Using an Internet browser, end users should be able to log in to their personal
quarantine at any time and view their quarantined messages.
Quarantine should send a periodic email summary to users, listing the newly
quarantined spam messages, and including links for users to immediately
release messages to their inbox or log in to their personal quarantines.
Recipients of spam quarantine digest should be able to click links to
immediately release or view caught spam messages—without having to log in.
The proposed solution quarantine should automatically resolve all aliases and
deliver messages to the appropriate quarantine account for the underlying
email address.
Messages identified by administrators and users as missed spam or false
positives should be automatically sent to the vendor for analysis.
Administrators should be able to receive a copy of all misidentified messages
sent by users to Vendor.
The proposed solution should have configurable retention period for spam
messages. The other features included should be thresholds to control the
quarantine database size and the messages number limit on a global and per-
user basis.
Users and administrators should be able to search messages in quarantine
using multiple criteria, including To Headers, From Headers, message body,
Subject Headers, Message ID Headers, and time range.
The proposed solution should have customizable delivery frequency, message
content, content type (HTML, text, or both). The proposed solution should
have an option to specify whether digest should include embedded view
message and release message links to enable users to access messages
without logging in. There should be a choice whether to deliver this
spam/quarantine digest to distribution lists.
The proposed solution should be able to expand archive configuration by
sending archived mail to a specific archive server.
The proposed solution should be able to extend the Archive action by adding
an optional and configurable x-header on archived mail. Our email archive
solution could apply further archival policies based on the x-header.
The proposed solution should be able to add our corporate legal disclaimer to
all outbound messages
There should be an option to assign specific certificates to specific Scanner
appliances.
The proposed solution should have an option to allow administrators to
optionally specify a static IP-based route between their firewalls and the anti-
spam
With the proposed solution we should be able to specify a list of computers
authorized to administer the anti-spam appliances. We should be able to
define this list using IP addresses, CIDR notation, subnets, or DNS name.
Administrators should be able to access the root of the anti-spam appliances
via SSH
Using the proposed solution the administrators should be able to choose to
enable or disable logging for reverse DNS lookup, on inbound or outbound
SMTP settings.




                                                    37
                         Request for Proposal – Punjab National Bank

___________________________________________________________

The proposed solution should generate alerts when the following hardware
components fail:
 a) Disks
 b) Fans
 c) Power Supply
The proposed solution should allow the administrator to specify a remote
syslog Server. The administrator should be able to enable/disable the syslog
feature, and configure the host, port & protocol for the syslogs.
The proposed solution should support management via Simple Network
Management Protocol (SNMP) V2c.
Should be able to prevent backscatter attacks by identifying fake non delivery
report (NDR)
                                                                                      Competent
eMail Security Management                                                             (Yes / No)
Secure HTTPS polling from customer sites should initiate download of
updated filters. The same process should transmit statistics from customer
sites to the solution vendor, allowing the solution vendor to gauge the
performance and effectiveness of deployed filters. The process should require
no administrator intervention and filtering should never be stopped during the
update process.
The Web based Management should let administrators use a Web browser to
view a real-time dashboard of consolidated filtering performance and centrally
administer multiple Anti-Spam appliances from the same vendor.
From one central location, administrators should be able to view quarantine
information, the configured anti-spam scanners in the network, and basic
system status.
Administrators should be able to configure, manage, and monitor multiple
appliances (deployed in Scanner mode), all from a central location using a
Web browser.
The proposed solution should have a feature to view consolidated filtering
performance statistics for all anti-spam appliances operating as anti-spam
scanners.
The proposed solution should provide comprehensive real-time reporting of
filtering performance and email attacks with over 50 preset reports
The proposed solution should support export report data for use in any
reporting or spreadsheet software for further analysis.
The proposed solution should have and option to schedule reports for
generation and email delivery.
Administrators should be able to easily apply the latest security and software
updates. Vendor should provide updates and security enhancements to the
operating system, MTA, and supporting software when they become available.
We should be able to define multiple administrator accounts to divide up
administrative tasks.
We should be able to configure each administrator account with the desired
level of management privileges for different components. Administrators
should be assigned view or modify access to any or all of the following
functions: reporting, policies, appliance settings, administration, and
quarantine.
Alerts should be sent to administrators or other parties when the following
conditions arise: a component is not responding or working; antispam filters
are older than a specified time; antivirus filters are older than a specified time;
quarantine is low on disk space




                                                      38
                         Request for Proposal – Punjab National Bank

___________________________________________________________

Logging levels should be set on a point sliding scale, and the settings can
apply to individual filtering computers or to all. Administrators should also be
able to designate the maximum size and retention period for entries in the log
database and save logs to a text file for further review.
The proposed solution should automatically back up all configuration and
quarantine databases on the appliance at specified intervals. Administrators
should be given an option to store data on the local machine or a remote
server.
The proposed solution should have an option to restore an appliance
configuration from a previous backup.
Administrators should able to manage using a command line interface also.
The task could be shutting down the appliance, reboot appliance, and perform
a variety of system management tasks. Administrators should also be able to
use the command line interface to check for, download and install software
updates.
The proposed solution should have an option to restore an appliance to its
original image configuration.
The solution should have Global sender reputation and local sender reputation
analysis to reduce email infrastructure costs by restricting unwanted
connections.
Solution must be scalable to incorporate the following with no installation of
component on clients should need be in future:
     a) Email archiving, mail box archiving, file archiving, personal folders
          (.pst files) consolidation, journaling, discovering mails
     b) Integration with data loss prevention technologies to check loss of
          data through mails at gateway
Solution must ensure that worst senders do not degrade the connection
experience of your best senders. It should assign every inbound IP address to
connection classes that are based on local reputation data. It should
dynamically manage connection load based on automatically collected local
reputation data.
Reporting                                                                          Competent
                                                                                   (Yes / No)
The proposed solution should have the following reporting options on which
filter may be applied either inbound or outbound or both inbound and
outbound and should be able to display either in chart format or table format
or both
Following report must be generated from the solution:
      a) Content compliance
      b) SPAM History
      c) Virus History
      d) Overview of email message threat counts and types of threats.
      e) Overview of your security profile, which includes total messages and
         threats processed, and virus and compliance summaries.
      f) Recipient domains for which the most compliance matches have been
         detected. For each recipient domain, the total messages processed
         and number and percentage of content-compliance policies triggered
         are listed. Specify the maximum number of recipient domains to list
         for the specified time range.
      g) The total number of files transferred, and number and percentage of
         files that contained a virus, were blocked, could not be scanned, had
         a scanner error, contained malware, or were encrypted.
      h) Includes multiple threat-specific and overview reports
      i) Identifies Email/IM security trends
      j) Schedule generation and delivery of reports



                                                    39
                           Request for Proposal – Punjab National Bank

___________________________________________________________

    k) Export to PDF, CSV, and HTML

Web Security
                                                                                  Competent (Yes/no)
The solution should be self-contained hardware and software solution that
should include all necessary components to secure the Web gateway,
eliminating the need to introduce other technology into a network.

Handle all the Web traffic by a single device. Device should scale to 1Gbps
inline.
Minimal perceivable user delay required. Optimal delay is zero.
See and act on all ports and all protocols and internal traffic/scans.

One consistent policy engine across all modules.
The product can perform as Blocking mode for full protection or as Monitoring
mode for complete silent auditing and detection.
The product can be installed to perform in Inline Mode as a transparent
bridge or as Active Tap mode off port span.
Best of breed AV signatures (Trojans, Worms, Viruses) included. Must
provide zero-day detection (heuristic) technology.
Anti Virus scan of bi-directional file transfers are performed for: HTTP, FTP
over HTTP, Native FTP, IRC, SOCKS, and various IM.
A database of outbound malware ‘phone home’ network signatures is
included.
Infections are identified by name, category and severity (xyz-Trojan,
keylogger, etc.).
Infected clients are identified by Host or User and the severity of infection.

Dedicated behavioral algorithm for the detection of bots is included.

Infected clients are identified by Host or User and level of Bot activity.

Bot incidents are reported on by specific malicious activity (Spam, Spyware, IP
Scanning, etc…).
Bot Net Command and Control (C&C) channels and external hosts are
identified.
Reports file uploads by domains and file types.
Ability to specify certain file types to block.
Ability to log certain events and ignore others.
Reports can be customized by Administrator with minimal training through
product GUI.
Reports can be set to be emailed to recipients at a regular interval.

Alerts can be delivered over a number of channels such as email, SNMP and
Syslog.
Reports can be exported to log management or database servers at regular
intervals.
The solution should well integrate with any proxy




                                                      40
                          Request for Proposal – Punjab National Bank

___________________________________________________________

The solution should offer in built URL filtering with flexible policy controls, and
in-depth reporting and alerts. The solution should have URL category wise
blocking of websites e.g. pronographic websites etc., time based, user based,
IP based policies.
Should have in built intelligence & coorelation capability to inspect for, detect,
and block active and dormant botnets
The solution should have advanced application control capabilities with ability
to monitor and control usage by end-users spanning multiple applications

The administrator should have feature to prevent peer-to-peer sharing,
streaming media, games, and other Internet applications from accessing the
Internet.
The solution should be able to detect compromised endpoints by network
fingerprinting and behavioral modeling and should be able to block these
infected end points by resetting the connection attempts to their phone home
sites
The solution should support backup & restore of configuration to a file on
your local computer.
Backup and Recovery of Desktops and Laptops
                                                                                      Competent (Yes/No)
System Recovery solution should support for Dissimilar Hardware
recovery in case of a complete system crash.
It should support conversion to and from virtual environments like
VMware, Microsoft Hyper & Microsoft Virtual Server
It should support scheduling of recovery points
It should auto-detect hardware and install appropriate drivers while
recovering a system from complete crash situation.
Solution should support saving of recovery points at FTP locations,
DAS, NAS, USB Drive, DVD drives
The solution must be able to initiate automatic threat con driven
backups as soon as the threat landscape increases.
The solution should provide a complimentary disaster recovery for
critical servers and clients.
The solution must provide bare metal recovery to the existing or
dissimilar hardware possible in minutes
The solution must provide physical to virtual and virtual to physical
conversion. With this functionality, administrators can have can follow
best-practices, such as testing deployments in virtual environments or
using virtual environment as an immediate disaster recovery site.
An optional Granular Restore should also be part of solution.
Should support for windows 2000,2003,2008 R2,Red Hat and SUSE
Linux
Should support for 32 bit & 64 bit windows




                                                      41
                   Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                       ANNEXURE-II

                            TERMS AND CONDITIONS

1. ACCEPTANCE OF ORDER:-

    Purchase Orders for support services will be placed by each Circle Office of
    PNB and each RRB separately. Bank has right to cancel the order if same is
    not accepted within a period of 7 days from the date of order.

2. TAXES

   The prices are inclusive of all charges, Statuary levies except Service Tax,
   Sales Tax/VAT, Octroi/Entry Tax etc. Bank will not pay any additional cost
   during validity of Rate Contract on any account except as agreed at the
   time of contract.

3.PAYMENTS

       A. New Licenses: (applicable only in case of authorized billing from M/s
      Symantec)

      -100% cost on completion of per block of new (additional) 100
      installations and showing these on CO/HO consoles. This 100 license will
      be additional to existing renewals total available to PNB. Payment will be
      released by HO: ITD Centrally after verifying from the Central/Circle
      office console and supported by hard copy of installation sheet in case
      of Installation in PCs/Servers in Enterprise Wide Network. In case of others
      i.e. non-networked, payment will be released after submission of
      installation report as per ANNEXURE XII.

      B. Subscription (ATS) charges (applicable only in case of authorized
      billing from M/s Symantec)

      - 100% yearly payment in advance Centrally by HO: ITD on production of
      Bank Guarantee of 25% amount of yearly payment.

      C. Maintenance Support (Applicable for successful bidder)
      - Quarterly payments in advance by Circle Offices/HO for engineer’s
      support services on-site in their Circles/ HO Divisions. Next Payment will be
      released after verifying from the Central/Circle Office console in case of
      upgrades/updation in PCs/Servers in Enterprise Wide Network.
      Proportionate penalty will be imposed for absentee of engineer (s)
      without     leave      from       PNB,      and      non-performance        of


                                        42
                   Request for Proposal – Punjab National Bank

___________________________________________________________

       upgrades/updates/installations. Due to technical reasons, tolerance of a
       5% of total number of PCs may be given by PNB.

4. License Cost for New Licenses - (applicable for billing from M/s Symantec)

    The license cost for new licenses shall include :
            a. License fee with life time validity
            b. Installation on-site by successful bidder
            c. Subscription for definitions, updates, version / engine upgrades
               etc. for one year

5 Subscription Charges - (applicable for billing from M/s Symantec)

              Subscription charges shall include Subscription renewal charges
                 for definitions, updates, software version / engine upgrades etc.
                 for one year.
6. Support for Trouble-Shooting

       Successful Bidder shall provide dedicated support personnel at all
        locations as mentioned in ANNEXURE X and Annex - XIII, which must
        be available at these locations from 09.00 hrs to 18.00 hrs and on call
        on 24 * 7 basis over Telephone and Email.
       On-Site trouble shooting, installation / un-installation / re-installation
        support shall be provided at no extra cost.

7. DELIVERY/INSTALLATION DATE

    The date on which installation completed exceeds 100 licenses additional
    to total 28678 license renewals, will be taken as the date of
    installation/delivery. Bidder shall be responsible for installation/delivery of
    Symantec Protection Suite (SPS)/Symantec Mail Security in PCs/Servers
    within six weeks for fresh (new) Licenses and within 3 months for renewals on
    all PCs/Servers.

8. PENALTY
     Penalty for non fulfillment of the obligations under contract / SLA by the
     successful bidder shall be charged as under:
      For late installation / renewals of Anti Virus solution @ 1% of total order
        value per week beyond given time, with maximum penalty up to 10% of
        calculated CO/HO order value.
      For engineer’s absentee without leave granted from PNB and where no
        replacement given by bidder, a sum equivalent to 1.5 times the pro-rata
        rates will be deducted.



                                        43
                   Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                      ANNEXURE III

PRE QUALIFICATION CRITERIA FOR INSTALLATION, UPDATION & MAINTENANCE OF
SYMANTEC PROTECTION SUITE (SPS)/ SMS/ SEP SOLUTIONS:

The minimum qualification criteria for the bidders are as under: -

                      Pre Qualification Criteria                  Compliance   Document
                                                                   (Yes/No)    Attached
                                                                               (Yes/No)




1. The        bidder        should         be        authorized
   representative/channel partner of M/s Symantec in
   India. A letter of authorization to this effect from
   Symantec must be furnished.
2. The bidder should have supplied at least 5000 licenses
   of Anti Virus Solution during the last financial year or
   should have been currently maintaining minimum 5000
   licenses. Necessary documentary evidence to this
   effect should be submitted.
3. The turn over of the bidder should be minimum Rs 1
   crore in each year during last three financial years and
   the firm should have reported net profit in the last
   financial year. Audited financial (P & L) statements for
   last three financial years should be submitted.
4. The bidder should have exclusive support infrastructure
   for maintenance in all the major cities in India and be
   able to provide and maintain product through their
   competent support engineers in all these cities. The
   bidder should have or will place their own support
   setup or resident support engineers at all the Circle
   Offices (ANNEXURE X) of the Bank.
5. The bidder should be able to provide efficient and
   effective support at all Circle Office so as to meet 7
   days x 24 hrs service support with 2 hrs response time
   and within 4 hrs at other remote locations within Circle.
   A commitment to this effect should be furnished.
6. The bidder should have provided Anti Virus solution /
   services to at least 3 Financial Institutions in the country
   out of which minimum 1 should be a PSU Bank. Detail of
   these FIs / Banks should be provided along with letters
   from these FIs / Banks.


                                         44
                 Request for Proposal – Punjab National Bank

___________________________________________________________

7. The bidder should have the experience of operating in
   the Anti Virus market for at least for last 3 years.



                                                               SIGNATURE

                                                        Seal of Company




                                     45
                    Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                             ANNEXURE-IV

                                  Bidders Information


Name                ___________________________________________

Constitution        ___________________________________________

Address             ___________________________________________

Names & Addresses of the Partners if applicable

                    ___________________________________________

Contact Person(s)        ______________________________________

Telephone, Fax, e-mail        _________________________________

Number of years of experience in Antivirus business     _________

Please give brief financial particulars of your firm for the last 3 years along with the
volume of business handled.
(The information will be kept confidential)

Year
Net Profit
Total Turnover
Revenue earned from
Antivirus business

Is company ISO Certified? If yes, provide information alongwith true copy of certificate.
________________________________________________




                                                                Signature:

                                                              Seal of company




                                           46
                     Request for Proposal – Punjab National Bank

___________________________________________________________


                                                                                ANNEXURE-V
                                 COMPLIANCE STATEMENT

                                       DECLARATION

All Terms and Conditions including scope of work except technical specifications

We hereby undertake and agree to abide by all the terms and conditions stipulated by
the Bank in this RFP including all addendum, corrigendum etc. (Any deviation may
result in disqualification of bids).


Signature:
Seal of company


Technical Specification

We certify that the systems/services offered by us for tender confirms to the
specifications stipulated by you with the following deviations:

List of deviations

1) ___________________________________________________________

2) ___________________________________________________________

3) ___________________________________________________________

4) ___________________________________________________________



Signature:
Seal of company


(If left blank it will be construed that there is no deviation from the specifications given
above)




                                             47
                     Request for Proposal – Punjab National Bank

 ___________________________________________________________

                                                                   ANNEXURE-VI

                           EXISTING SERVICE SUPPORT DETAILS

      Location       Status of        No. of Anti Virus   Number of
Telephone Fax No.    Office working   maintenance         maintenance staff
                     days & hours     Engineers




 Signature and Seal of Bidder




                                          48
                       Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                              ANNEXURE-VII

                 PROFORMA FOR ANTI VIRUS PERFORMANCE STATEMENT
                         (FOR A PERIOD OF LAST 3 YEARS)


NAME OF BID


NAME OF FIRM



Order          Order     Description   Value        Date of             Remark     Performance of
Placed by      No.       and           of           Completion          reason     the Product
Full Address   and       Quantity of   Order                            for late   (Attach
of             Date      ordered                                        delivery   certificate from
Purchaser                Product                    As per     Actual              customer)
                                                    contract




                           SI GNATURE AND SEAL O F BI DDER




                                               49
                  Request for Proposal – Punjab National Bank

___________________________________________________________

                                                              ANNEXURE-VIII
COMMERCIAL OFFER

Name of the Vendor :
Address and Contact Details of the Vendor :
Product Name and Version :

On-site maintenance support engineers cost as per Locations in Annex- X and
Annex - XIII

S    Item                    Per         Number    Duration       Total Amount
No                           engineer    of        [T]           in Rs
                             per         engineers               [@ x n x T]
                             month       [n]
                             cost [@]
1   Total for 71 engineers               71        24
PNB cost including total                 engineers months
    expenditure for them
    for 2 years (including
    on-site     visit   to
    branches/offices)
2   Total for 27 engineers               27        24
RRB cost including total                 engineers months
    expenditure for them
    for 2 years (including
    on-site     visit   to
    branches/offices)
                                                    Total cost

      Note:
      1. Support includes on-site visit to any branch/office, e-mail, telephonic
      support of the successful bidder, will be as per requirement of Bank/RRBs
      2. Software Version Up-gradation should be done at all
      locations across the Bank.
      3.   Bidder will be required to provide additional engineers at above
      quoted monthly rate (@) whenever Bank/CO/RRBs request for the same.

The renewal of the contract beyond two year for support services will be at the
sole discretion of the Bank with consent of vendor.




                                        50
                    Request for Proposal – Punjab National Bank

___________________________________________________________


Evaluation Criteria for deciding the lowest eligible bidder

Separate rates for PNB and RRBs are to be quoted. However, Lowest eligible
vendor (L-1) will be decided based on engineer’s total support cost (PNB +
RRBs) to deploy 5000 Symantec Protection Suite (SPS) new additional licenses
currently required for PNB and also on-site maintenance support cost of existing
approx 29000 licenses. For all 6 RRBs, on-site installation and maintenance
support cost of existing approx 4000 licenses by successful bidder. The total
project cost will be calculated considering the requirement of: -

       S No       Item                              Total Cost [Rs]
       1          For 71 engineers Two-year’s
       For        install/     upgrade/     on-site
       PNB        maintenance support charges
                  for existing/new Licenses
       2          For 27 engineers Two-year’s
       For        install/     upgrade/     on-site
       RRBs       maintenance support charges
                  for existing/new Licenses
                  TOTAL COST (1 + 2) [ criteria ]:


The above quantity is only for calculation of L-1 purpose. Actual quantity may
vary depending upon the requirement.

In case of two or more bidders being technically eligible, Bank will conduct
Reverse Auction.




Signature:
Seal of company




                                        51
                    Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                        Annexure-IX

Check List for Technical Bids

Sl.    Documents                                    Attached in Bid   Page No
No.                                                 (Yes/No)
                                                                      From      To
1      Supporting documents in respect of
       minimum qualification criteria as per
       Annexure – III
2      Bidders Information as per format as per
       Annexure IV
3      Bid Earnest Money in the form of Demand
       Draft
4      Acceptance of the terms and conditions
       and compliance of Technical specifications
       as contained in Annexure V
5      Last three years audited balanced sheet
       and profit and loss account statement.
6      Service Support Details as per Annexure VI
7      Performance Statement as per Annexure VII
8      Technical Offer indicating competence to
       the Bank’s requirement as per Technical
       specifications - Annexure I
9      Any other document indicating the feature
       of the product
10     ISO Certification document, if any
11     Power of attorney


Check list for Commercial bids

Sl.    Documents                                        Attach in     Page No
No.                                                     Bid
                                                                      From      To
                                                        (Yes/No)
1.     Commercial bids as per Annexure-VIII




                                        52
                   Request for Proposal – Punjab National Bank

___________________________________________________________

                                                    ANNEXURE X
  Sr No   Name of Circle Office                    Name of State
   1      Hyderabad                                Andhra Pradesh
   2      Muzaffarpur
   3      Darbhanga
   4      Patna
                                                       Bihar
   5      Arrah
   6      Bihar Sharif
   7      Gaya
   8      Raipur                                    Chhattisgarh
   9      Delhi - North
                                                       Delhi
   10     Delhi - South
   11     Ahmedabad                                   Gujarat
   12     Chandigarh
   13     Hissar
   14     Karnal                                      Haryana
   15     Kurukshetra
   16     Rohtak
   17     Shimla
   18     Dharamshala
                                                  Himachal Pradesh
   19     Hamirpur
   20     Mandi
   21     Jammu                                         J&K
   22     Ranchi                                     Jharkhand
   23     Bangalore                                  Karnataka
   24     Kozhikode
                                                       Kerala
   25     Ernakulam
   26     Bhopal
   27     Indore                                   Madhya Pradesh
   28     Jabalpur
   29     Mumbai
   30     Nagpur                                    Maharashtra
   31     Pune
   32     Guwahati                                   North East
   33     Bhubaneshwar                                Orissa
   34     Amritsar
   35     Hoshiarpur
   36     Jalandhar
                                                       Punjab
   37     Bhatinda
   38     Patiala
   39     Kapurthala



                                       53
                     Request for Proposal – Punjab National Bank

___________________________________________________________

  Sr No   Name of Circle Office                         Name of State
   40     Ludhiana
   41     Jaipur
   42     Bharatpur
                                                          Rajasthan
   43     Jodhpur
   44     Sri Ganganagar

   45     Alwar
   46     Chennai
                                                         Tamil Nadu
   47     Trichy
   48     Agra
   49     Bareilly
   50     Bulandshahr
   51     Jhansi
   52     Lucknow
   53     Gorakhpur
   54     Faizabad                                      Uttar Pradesh
   55     Varanasi
   56     Kanpur
   57     Meerut
   58     Moradabad
   59     Muzaffarnagar
   60     Dehradun
   61     Haridwar                                      Uttarakhand
   62     Kashipur
   63     Kolkata
   64     Midnapore                                     West Bengal
   65     Burdwan
                                                        HEAD OFFICES

          HO: ITD, HO Bhikhaiji, HO Rajendra    (TOTAL 6 EXPERT PERSONS AT
          Place, HO Atma Ram Bldg                 HO LOCATIONS AT BCP, RAJ
                                                 PLACE, ATMA R HOUSE, 3 ITD)




                                           54
                                 Request for Proposal – Punjab National Bank

             ___________________________________________________________


                                                                  ANNEXURE XI

                   CONFIDENTIALITY - CUM - NON DISCLOSURE AGREEMENT

                 This Confidentiality –cum- Nondisclosure Agreement is entered into
If it is not a   at_______ on this_________day of________2011,     between___________(Insert
company,         Name of the Service Provider) a company within the meaning of
Constitution     Companies       Act,    1956,    having     its   Registered     Office    at
and address      _________________(herein after called ‘Service Provider’) and Punjab
be       stated  National Bank, a Body Corporate constituted under the Banking Companies
appropriately.   (Acquisition & Transfer of Undertakings) Act, 1970 having its Head Office at
             7 Bhikhaiji Cama Place, New Delhi – 110 066 and inter-alia, its Information &
             Technology Division at 5 Sansad Marg, New Delhi – 110 001 (herein after referred
             to as ‘PNB’).

             The Service Provider and PNB would be having discussions and negotiations
             concerning the establishment of and during continuance of a business
             relationship between them as per Contract dated ___________(hereinafter
             referred to as ‘Contract’). In the course of such discussions and negotiations, it
             is anticipated that either party may disclose or deliver to the other party certain
             of its trade secrets or confidential or proprietary information for the purpose of
             enabling the other party to evaluate the feasibility of such a business
             relationship. The parties have entered into this Contract, in order to assure the
             confidentiality of such trade secrets and confidential and proprietary
             information in accordance with the terms of this Contract. As used in this
             Contract, the party disclosing Proprietary Information (as defined below) is
             referred to as the ‘Disclosing Party’ and will include its affiliates and subsidiaries,
             the party receiving such Proprietary Information is referred to as the ‘Recipient’,
             and will include its affiliates and subsidiaries.

             Now this Contract witnesseth:-

             1.    Proprietary Information: As used in this Contract, the term ‘Proprietary
                   Information’ shall mean all trade secrets or confidential or Proprietary
                   Information designated as such in writing by the Disclosing Party, whether
                   by letter or by the use of an appropriate prominently placed Proprietary
                   stamp or legend, prior to or at the time such trade secret or confidential or
                   Proprietary Information is disclosed by the Disclosing Party to the
                   Recipient. Notwithstanding the forgoing, information which is orally or
                   visually disclosed to the recipient by the Disclosing Party or is disclosed in
                   writing unaccompanied by a covering letter, proprietary stamp or legend,
                   shall constitute proprietary information if the disclosing party, within 10
                   (ten) days after such disclosure, delivers to the Recipient a written


                                                       55
                    Request for Proposal – Punjab National Bank

___________________________________________________________

       document or documents describing such Proprietary Information and
       referencing the place and date of such oral, visual or written disclosure
       and the names of the employees or officers of the Recipient to whom
       such disclosure was made.

  2.      Confidentiality:

  a)      Each party shall keep secret and treat in strictest confidence all
          confidential information it has received about the other party or its
          customers and will not use the confidential information otherwise than
          for the purpose of performing its obligations under this Contract in
          accordance with its terms and so far as may be required for the proper
          exercise of the Parties’ respective rights under this Contract.

  b)      The term ‘confidential information’ shall include all written or oral
          information (including information received from third parties that the
          ‘Disclosing Party’ is obligated to treat as confidential) that is (i) clearly
          identified in writing at the time of disclosure as confidential and in case
          of oral or visual disclosure, or (ii) that a reasonable person at the time
          of disclosure reasonably would assume, under the circumstances, to
          be confidential. Confidential information shall also include, without
          limitation, software programs, technical data, methodologies, know-
          how, processes, designs, new products, developmental work,
          marketing requirements, marketing plans, customer names,
          prospective customer names, customer information and business
          information of the ‘Disclosing Party’.

  3.      Non-Disclosure of Proprietary Information: For the period during the
          Contract or its renewal, the Recipient will:

       (a) Use such Proprietary Information only for the purpose for which it was
           disclosed and without prior written authorization of the Disclosing
           Party shall not use or exploit such Proprietary Information for its own
           benefit or the benefit of others.

       (b) Protect the Proprietary Information against disclosure to third parties
            in the same manner and with the reasonable degree of care, with
            which it protects its confidential information of similar importance:
            and

       (c) Limit disclosure of Proprietary Information received under this
          Contract to persons within its organization and to those 3rd party
          contractors performing tasks that would otherwise customarily or
          routinely be performed by its employees, who have a need to know


                                          56
                   Request for Proposal – Punjab National Bank

___________________________________________________________

           such Proprietary Information in the course of performance of their
           duties and who are bound to protect the confidentiality of such
           Proprietary Information.

4.    Limit on Obligations:    The obligations of the Recipient specified in
      clause 3 above shall not apply and the Recipient shall have no further
      obligations, with respect to any Proprietary Information to the extent that
      such Proprietary Information:

      a)     is generally known to the public at the time of disclosure or
             becomes generally known without any wrongful act on the part of
             the Recipient,

      b)     is in the Recipient’s possession at the time of disclosure otherwise
             than as a result of the Recipient’s breach of a legal obligation;

      c)     becomes known to the Recipient through disclosure by any other
             source, other than the Disclosing Party, having the legal right to
             disclose such Proprietary Information.

      d)     Is independently developed by the Recipient without reference to
             or reliance upon the Proprietary Information; or

      e)     Is required to be disclosed by the Recipient to comply with
             applicable laws or governmental regulation, provided that the
             recipient provides prior written notice of such disclosure to the
             Disclosing Party and takes reasonable and lawful actions to avoid
             and/or minimize the extent of such disclosure.

5.     Return of Documents: The Recipient shall, upon the request of the
Disclosing Party, in writing, return to the Disclosing Party all drawings, documents
and other tangible manifestations of Proprietary Information received by the
Recipient pursuant to this Contract (and all copies and reproductions thereof)
within a reasonable period. Each party agrees that in the event it is not inclined
to proceed further with the engagement, business discussions and negotiations,
or in the event of termination of this Contract, the Recipient party will promptly
return to the other party or with the consent of the other party, destroy the
Proprietary Information of the other party.

6.     Communications: Written communications requesting or transferring
Proprietary Information under this Contract shall be addressed only to the
respective designees as follows (or to such designees as the parties hereto may
from time to time designate in writing)



                                        57
                    Request for Proposal – Punjab National Bank

___________________________________________________________

     M/S___________________                         (PNB)


     Attn:_________________                    Attn---------------

7. Term:     The obligation pursuant to Clause 2 and 3 (Confidentiality and
   Non-Disclosure of Proprietary Information) will survive for ----- years following
   the term of the Contract dated ________.

     Nothing herein contained shall be construed as a grant by implication,
     estoppel, or otherwise or a license by either party to the other to make, have
     made, use or sell any product using Proprietary Information or as a license
     under any patent, patent application, utility model, copyright or any other
     industrial or intellectual property right covering same.

8. Damages
     The provisions of this Contract are necessary for the protection of the
     business goodwill of the parties and are considered by the parties to be
     reasonable for such purposes. Both the parties agree that any breach of
     this Contract will cause substantial and irreparable damages to the other
     party and, therefore, in the event of such breach, in addition to other
     remedies, which may be available, the party violating the terms of
     Contract shall be liable for the entire loss and damages on account of
     such disclosure.

        Each party agrees to indemnify the other against loss suffered due to
        breach of contract and undertakes to make good the financial loss
        caused directly or indirectly by claims brought about by its customers or
        by third parties.

9.      Miscellaneous

a)      This Contract may not be modified, changed or discharged, in whole or in
        part, except by a further Contract in writing signed by both the parties.

b)      This Contract will be binding upon and ensure to the benefit of the parties
        hereto and it also includes their respective successors and assigns

c)   The Contract shall be construed and interpreted in accordance with the
     laws prevailing in India.
In witness whereof, the parties hereto have agreed, accepted and
acknowledged and signed these presents, on the day, month and year
mentioned herein above.



                                         58
               Request for Proposal – Punjab National Bank

___________________________________________________________

                                 For M/s_____________

                                 Authorised Signatory

                                 Shri _______________

                                 Designation__________



                                 For Punjab National Bank

                                 Authorised Signatory

                                 Shri _______________

                                 Designation




                                   59
                   Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                      ANNEXURE XII

      Installation / Renewal report – Punjab National Bank
             ( To be used for RRBs also with due modification in this sheet)
Branch Manager to ensure that you have tested the PCs/Network after the installation
of the software as mentioned below and that you have found the Business Critical
Application Software and the PCs/Network to be functioning satisfactorily.
               Upgradation/ New Installation /Renewal report - PNB (ITD-HO)
Sl                             Virus       Threats          Remark
No. IP ADDRESS User Name     Definition            Initials   s         Branch
   1
   2
   3
   4                                                                 Circle Office
   5
   6
   7
   8                                                               Distinctive No.
   9
 10
 11
 12                                                                     SOL ID
 13
 14
 15
                                                                    AV Server IP
 16                                                                      Addr.
 17
 18
 19
 20                                                                Total No. of PCs
 21
 22
                                                                     Total No. of
 23                                                                  Thin-clients
 24
 25


       ……………………………………                            ……………………                     ………………………
                                                 Officer In Charge,
               Circle Coord                            Branch                 CSE

                                                 ……………………
                                                 Date



                                        60
                        Request for Proposal – Punjab National Bank

___________________________________________________________

                                                                               ANNEXURE XIII

Regional Rural Banks (RRB) Details:
      For each of these 6 RRBs, Anti virus server set up at Zonal Network Center
(ZNC), GUP Server at each Network Center (NC) and SPS anti virus on-site
deployment in each PC of all the branches to be done by vendor. Subsequent
maintenance visits to these branches/offices will be on required basis. Resident
AV engineers would be placed and operating preferably through NC for the
branch PCs falling under that NC.

Sl    Name of RRB        RRB HO        Number Total        No. of     No. of AV
No.                      Location      of       PCs        NCs        engineers
                                       branches                       demanded

1     Rajasthan          Alwar         205          600    5          5
      Gramin Bank        (Rajasthan)

2     Punjab Gramin      Kapurthala    197          392    4          4
      Bank               (Punjab)

3     Haryana            Rohtak        195          756    7          7
      Gramin Bank        (Haryana)

4     Himanchal          Mandi (HP)    122          406    3          3
      Gramin Bank

5     Sarva UP Gramin    Meerut        300          904    4          4
      Bank               (UP)

6     Madhya Bihar       Patna         410          900    10         3
      Gramin Bank        (Bihar)


Network Center (NC) locations –
      1. Rajasthan Gramin Bank (5) - Alwar , Bharatpur, Sikar, Jhunjhunu, Dholpur
      2. Punjab Gramin Bank (4) – Kapurthala, Firozpur, Amritsar, Hoshiarpur
      3. Haryana Gramin Bank (7) – Ambala, Kuruksetra, Rohtak, Dadri, Bhiwani, Sirsa, Hisar
      4. Himanchal Gramin Bank (3) - Mandi , Kangra, Shimla
      5. Sarva UP Gramin Bank (4) - Meerut, Budaun, Gonda, Jhansi
      6. Madhya Bihar Gramin Bank (10) – Patna, Biharsharif, Nawada, Gaya, Jehanabad,
            Aurangabad, Sasaram, Bhabhua, Buxar, Arrah
         *PNB HO: PSLB, New Delhi (1 person) –for upkeep of Server of RF-VSAT branches of all RRBs
The above details are tentative indication and may vary marginally. In future,
the branches/offices & PCs/Servers and number of engineers required may
increase or decrease depending on RRB requirement, and the successful
vendor will be required to give support.




                                               61
                      Request for Proposal – Punjab National Bank

___________________________________________________________

Purchase Order and payments will be made by each RRBs individually at rates
finalized through this RFP.

Scope of work and all other Terms and conditions similar to PNB and applicable
to RRB Setup would apply to vendor.

Architecture for Anti Virus deployment in each RRB:

                                                               RF-VSAT AV Server
                                                                At PNB ITD: HO

          Internet
                                                                        RF/VSAT
                           Primary Server
                             at RRB ZNC



                 Leased Line(LL)
                 /ISDN



                                                                    Branch PCs
                   GUP Servers (PC)
                   At Network Center                           GUP Servers (PC)
                                                               At Network Center




                                                  Branch PCs
         Branch PCs


For improvement of network usage & anti virus performance, the vendor may
suggest any other set up without binding RRBs and any extra cost for the same.
The necessary PC & Anti virus Server Hardware will be procured by the RRBs
themselves.

For RF-VSAT Branches of all 6 RRBs, a common Server class machine is placed at
PNB ITD: HO New Delhi, to update definitions in these branches. One person for
maintaining and upkeep of this Server to be provided by bidder. The person
deputed will take necessary action and send anti virus report to all six RRBs.




                                            62

								
To top