__________________________
Electoral Commission
Auction # 10220759
Patch Management Solution
IMPORTANT NOTICE
Failure to comply with the completion of the auction conditions and the required
information (i.e. Make, model and size of Hardware) or submission of the
required stipulated documents indicated above (i.e. non submission of the
required reseller authorisation details and warranty stipulations) shall invalidate
Auction 10220759 -Patch Management Solution
2
1
Introduction
The Electoral Commission is looking for a centralized patch management solution to mitigate
vulnerabilities and stabilize the environment. The patch management solution must have the following functionality:
Patching of Multiple Operating system – Windows, Mac, and other Linux and Unix distributions Patching and updating of 3rd party software and applications – Adobe, Java, Winzip, etc.
Scheduling and prioritizing – The ability to prioritize certain patches like Critical patches and streamlining the process of patching.
Application whitelisting – The capability to lock down the environment to make sure that only business approved applications and software will be used.
Reporting – The ability to have a clear view of the environment before and after a patching. The Electoral Commission (EC) has invested extensively in ICT technologies, which provide a platform to effectively support and enable its business processes and to meet its goal of providing a free and fair election process in an open and transparent environment. The EC’s ICT Department intends to continue running a highly efficient and stable ICT environment making full use of industry standards, best
practices and disciplines based upon stable and reliable technologies.
Suppliers must place a bid on the Votaquotes (e-Procurement) system and then provide all the required documentation before the due dates as specified in this document and on the
Votaquotes web site.
2
Requirements
The EC seeks a solution that is a complete manufactured product, i.e. a solution that an OEM has expressly designed as an integrated deliverable unit.
Please note that the EC will supply server hardware as set out in section 3.4.
The EC wishes to acquire a fully functional patch management solution with integrated application whitelisting functionality. The proposed solution is for a maximum of 2000 devices and must be quoted for that number. The bid must include full maintenance licencing and support for 1 year. The solution is required to be able to run on standard IBM server hardware or a VMware virtual server.
3
Technical Specifications
The technical specification for the required products is as specified below. It must be noted that the technical specifications below are the minimum requirements; the only deviation that may be accepted will be in case where the bidder’s specification is better. Anything below specification may be disqualified.
Auction 10220759 -Patch Management Solution
3
It’s the suppliers’ responsibility to provide summarized line by line confirmation to all
specifications, implementation and training requirements. The summarized confirmation
should cross reference to other submission material for validation and additional
details.
3.1 Functionality
Solution Architecture
Technical Architecture and Capabilities
Management console
Scalable architecture
Standard Communication Protocols
Scalable, Agent-Based Architecture
Flexible architecture supports integration of
future company acquisitions/ partnerships/
alliances
Minimal impact to endpoint performance
(agent monitors product modules and
ensure no one similar task runs at the
same time to maintain system
performance)
Application Control
Whitelist Creation and Management
Policy can be set to allow an application
based on a trusted user
Policy can be set to allow certain users to
locally approve applications - with ability to
accept or reject centrally
Policy can be set to allow an application to
execute based on a trusted path
Policy can be set to allow an application
based on a trusted group (users)
Policy can be set to allow applications to
run if they were deployed by a trusted
process (e.g. 3rd party software distribution
tool)
Policy can be configured to allow updates
to software and or the operating system
that are deployed by a trusted updater (e.g.
3rd party patch management solution)
Solutions provides a mechanism to lock
down an environment based on what
software is currently installed
Auction 10220759 -Patch Management Solution
4
Policy can be applied to allow software to
be deployed if it is from a trusted vendor/
publisher
Solution can scan an existing clean system
to help build an initial whitelist or baseline
policy
Solution can provide information pertaining
to whether or not the application is believed
to be good from a community "white list"
subscription database
Granular policy can be configured to allow
different users to run different software that
is already installed on a system
Application reporting supports prevalence
of applications to help make policy decision
Central log data can be used to easily
identify why an application did not run and
assist in defining updates to policy
Blacklist Updates and Management
Policy can be configured for computers or
computer groups
policy supports exclude paths
Ability to add custom applications for
removal (e.g. not known bad, but
considered to be bad by an organisation)
Centralised logging
Administrator alerts
Patch/ Vulnerability
Management
Solution Capabilities
Configuration Management
Inventory Management
Software Distribution/ Packaging
Ability to identify and remove unwanted
software
Remote Tools
Remote Management Console
Multiple OS Platform Support Non
Microsoft
Power management
Wake on LAN
Patch & Remediation Capabilities
Patch Detection and Remediation
Patch/ Software/ Configuration Baselines
Secure, Flexible Content Delivery
Auction 10220759 -Patch Management Solution
5
Bandwidth Throttling
Custom Content Development
Integrated Client (Agent) Deployment Tool
Patch Relay Servers (Cache)
Multiple Operating Systems Support -
Microsoft / Unix / Mac
Multiple Application Software Support
Flexible Assessment and Deployment
Options
Application Reporting (Canned Reports)
Scheduled Deployment
Reporting
Security Configuration Management Capabilities
Ability to create custom Configurations
Ability to add configurations to mandatory
baselines
Standards-based Security Configuration
Management
Ability to Integrate National Vulnerability
Database (NIST Content)
Administrative features
Automated Download of Critical Patches
Active Directory Integration
End User Notification/Action
Role-Based Administration
Policy-Based Administration
Computer attribute auto grouping
Nested Groups
3.2 Training
Full training to be provided for four (4) IEC support staff personnel as well as complete documentation
required for maintaining and implementing the centralized patch management solution.3.3 Maintenance and support
1 year licensing, maintenance and support to be included into the price.
3.4 Current IEC environment
The IEC is running a VM Cluster environment using the physical hardware mentioned below. If the current hardware configuration is not to the specification of the Patch Management solution then a separate quote must supplied.
The EC will make available to the successful bidder the following components: Windows Server 2008 R2 (64 Bit)
Windows 7 x64
Auction 10220759 -Patch Management Solution
6
o 2 x Intel Xeon X7350 2.9 GHz Quad core processorso 32 GB RAM
o 400 GB hard drive space (Raid 5) o 2 x 1Gbps network interfaces
4
General Auction Conditions
The following standard auction conditions must be adhered to and complied with, failing of which the bid will be disqualified.
1. A letter of proof of the reseller agreement must accompany the written documentation; and must be submitted to the Electoral Commission’s Procurement and Asset Management Department.
2. The bidder is required to provide proof of available local (South African) support for the proposed equipment.
3. Detailed description of the software and functionality of the software must be provided in the written submission.
4. A draft implementation plan must be submitted as part of the written submission. 5. 1 year software maintenance and support must be included in the bid price.
6. The % cost of software maintenance opposed to the original purchase price must be clearly indicated.
7. Software maintenance must be based on an OEM’s standard offering. Additional services should not be included.
8. Details of the sub-contractor must be included in the written submission should a sub-contractor be used for the implementation.
9. Server requirements must be clearly stated. 10. All delivery costs will be for the bidder.
11. The Commission will issue a formal purchase order to the successful bidder before any services or equipment can be delivered.
12. Delivery of the required software shall only be accepted by the Commission on the basis of presentation of the bidder’s own delivery note. Such notes shall not be substituted by another bidder’s or supplier’s delivery notes.
13. Awarding of the auction to any successful bidder shall be subject to the Commission’s due diligence audit requirements.
14. No payment shall be made until full and final delivery has taken place and the product has been confirmed to be delivered in accordance with the specifications.
15. Completed CERTIFICATE OF INDEPENDENT BID DETERMINATION 16. Completed Declaration of Interest form
Auction 10220759 -Patch Management Solution
7
5
Quality Control
The following quality control conditions must be adhered to and complied with, failing of which the bid may be disqualified.
1. The bidder must undertake and warrant that the solution adheres to the auction specifications. 2. The successful bidder will have the primary responsibility of ensuring that the proposed solution
complies with the required specification in term functionality and technical specification including quantity and quality.
3. The proposed solution must be complete, fully functional and ready for deployment without dependencies on additional equipment, software or components that may be required to make it work.
4. It must be noted that the Commission seeks to gain the best solution technically, functionally and financially, and will select the solution that it deems to give the best investment.
5. Preference will be given to solutions that are based on a standard existing product in the market
and not products specifically designed and/or cloned for this bid. The Commission requires
market penetration indicators and references. Reference sites and their contact details, such as company name, contact number, contact person and physical address, must be submitted in the written submissions. The EC prefers details of open reference sites where contact does not have to be arranged via the bidder.
6. Upon the successful bid being accepted, the Commission reserves the right to request an inspection of the successful bidder’s facilities by undertaking a due diligence exercise. 7. The successful bidder has the primary responsibility to ensure that quantity and quality are in
accordance with the specifications.
In addition, the Commission may also call on suppliers to make further submissions and/or presentations in order for the Commission to ensure full compliance with all its requirements and as part of the auction evaluation process prior to the conclusion of the adjudication of the auction.
6
Pricing requirements
When pricing bid proposals, bidders are advised to take into account that the following issues are factored into the price. The Electoral Commission will not entertain additional charges on these items.
1. Hardware costs (if any); 2. Software costs;
3. Installation and configuration costs; 4. Training costs;
5. 1 year maintenance and support;
Auction 10220759 -Patch Management Solution
8
7
Delivery Requirements
The required auction documentation must be delivered at the Electoral Commission’s national office at the following address:
Election House 1303 Heuwel Avenue Riverside Office Park Centurion
Delivery of the solution should also be based on delivering to this address; any other changes and arrangements will be negotiated with the successful bidder and should be factored into the bid price. The closing date and time is as stated on the auction on the e-Procurement website
https://votaquotes.elections.org.za
All Auctions Conditions must be complied with at all times.
8
Special Requirements
1. Latest version(s) of software should be supplied when providing the solution.
9
Award of Order
1. The selection process may include short-listing, presentation and demonstration of the equipment/software and services by the short-listed finalists.
2. The order will be awarded to a bidder whose solution successfully conforms to specifications and is able to deliver and support the product, and in terms of the provisions of the Preferential Procurement Policy Framework Act, 2000.
3. The successful bidder shall also be required to enter into a Service Level Agreement (SLA/Contract) with the Commission in order to formalize and confirm the exact solutions to be delivered.
4. The Commission will issue a formal order before any services or equipment can be delivered 5. It should be noted that the Commission seeks to gain the best solution technically and
financially and will select from the results of the auction a solution it deems to give the best investment.
6. The 90/10 scoring principle will applied in the award of this bid.
10 Delivery and Implementation Timeframe
1. The successful bidder will be required to complete delivery by the 28th March 2013 from receipt of the order for these services.
2. If that is not possible the bidder must state in the bid conditions and in the written submission the reasons and the earliest date that implementation may start and be completed.
Auction 10220759 -Patch Management Solution
9
11 Written Submissions
A written proposal on the proposed equipment with all supporting documentation is required. The written submission must be clear on what bidders are offering through their bids and must address and explain at least the minimum requirements highlighted in the specifications. The submission must be comprehensive and adequate to enable the Electoral Commission to assess the bid and verify compliance with auction conditions and specifications.
All submissions must be received before 16H00 on the 18th February 2013. Submissions received after
the final date and time may lead to bids being disqualified and not considered.
Written submissions must be delivered to the Commission’s Procurement & Asset Management Department. Delivery can be through any of the following means:
Fax to (012) 622-5713
E-mail to [email protected]
Place in the Commission’s tender box situated in the foyer of the Commission’s national office in Pretoria at the following address:
Election House 1303 Heuwel Avenue Riverside Office Park Centurion
Note: Clearly mark your submission: For the attention of Procurement and Asset Management – Auction 10220759
In addition, the Commission may also call on suppliers to make further submissions and/or presentations in order for the Commission to ensure full compliance with all its requirements and as part of the auction evaluation process and prior to the conclusion of the adjudication of the auction.
Failure to submit all of the required documentation (See Annexure A) before the closing time will invalidate the bid. It remains the responsibility of the bidder to confirm receipt of the required documentation with the EC Procurement department.
12 Closing Date
The final closing date and time of this auction will be specified on the e-Procurement (Votaquotes) website in accordance the bidding requirements. The closing date and time is determined by the clock on the Electoral Commission’s servers and is not negotiable. Bidders must also take note supporting documentation must be delivered before 16h00 on the 18th February 2013.
Auction 10220759 -Patch Management Solution
10
Annexure A
The following documentation checklist must be completed and submitted as part of the written proposal:
Required Documentation Item Have submitted (Yes/No)
Details on the make and model of each of the components proposed in the bid
Detailed software specifications
Proof of available local (South African) support for the proposed equipment
Detailed pricing breakdowns (breakdown of the bid price into equipment purchase price, delivery cost, warranty, installation and configuration, training, 1 year maintenance and support and any other element if any).
A letter of proof of the reseller agreement either from the OEM or an authorized distributor (i.e. if the reseller is authorized by a Distributor)
This documentation checklist Sub-contractor details (if applicable) Detailed Implementation plan
Supplier provided summarized line by line confirmation that Patch management solution meets all technical specification, implementation and training requirements.
