• No results found

/ /Res Dated INVITATION FOR BIDS

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "/ /Res Dated INVITATION FOR BIDS"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

INVITATION FOR BIDS

Sub: Supply and installation of Internet Load balancing Switch and Firewall

Security Appliance at RRII.

The RRII invites sealed tenders for the supply and installation of Internet Load

balancing switch and Firewall Security Appliances from reputed vendors

The details are given below:

Tender Reference

27-12-05/2011-12/Res dated 21.12.2011

Price of Tender Document

NIL

Bid Security(EMD)

NIL

Last Time and Date for receipt of tender

offers

15.00 Hrs on 20.01.2012

Time and Date of Opening of tender

offers

15:30 Hrs on 20.01.2012

Venue of the acceptance and opening of

bids and address for communication

Rubber Research Institute of India,

Rubber Board P.O., Kottayam,

Kerala – 686 009.

Contact Telephone Numbers

Phone:0481-2353311,

Fax: 0481-2353327

List enclosures

1.

General work description & terms

2.

Schedule of requirement

Please read the general instructions attached carefully and furnish appropriate

details. Tenderer who satisfy the pre-qualification criteria need only to submit their

proposals. The Board reserves the right to accept or reject any tender offer without

assigning any reason thereof.

.

(2)

2

GENERAL WORK DESCRIPTION & TERMS

Data cabling work at RRII

GENERAL INFORMATION

Rubber Research Institute of India (RRII) under Rubber Board, a statutory body

constituted under Rujbber Act 1947, functioning under the Ministry of Commerce &

Industry of the Government of India. The RRII campus is a hill top nearly 8km away

from Kottayam town. Buildings in the RRII campus are fully networked through optic fibre

and copper for data connectivity.

SCOPE

Scope of the work include design, fabrication & supply of items at RRII, Kottayam-9,

handling at site, storage under safe custody, erection, testing and commissioning and

handing over of all items described in the SCHEDULE as per relevant standards of

installation.

Scope of the work includes

a. Obtaining all statutory approvals if required from M/s. BSNL/PWD/Other

service providers if required.

b. All Civil works including materials required for items such as chipping of

wall/ floor grouting, earth work excavations etc. to complete the

installation in all respects. Work has to be performed as per the

specifications and instructions given by the Engineer-in-charge from time

to time.

a. All terms and conditions listed in general instructions are covered.

CONTRACTOR EXPERIENCE & OBLIGATIONS

The bidder should be reputed supplier of networking components and Security

appliances to the public sector for a period of 3 years with contact offices in

Thiruvananthapuram – Kochi area and having certified Engineers to configure

networking and security appliances

OUTLINE OF THE WORK:

The request for the supply and maintenance of (1) Internet Load Balancing

Switch, to connect multiple leased line internet connections from different ISPs in load

balancing mode (2) Unified Thread Management (UTM) appliance with Firewall, IPS,

Gateway Antivirus, Antispam, Content filtering, Link Load Balancing and failover, support

for VPN.

A schedule for the execution plan shall be submitted against each work order. Service

escalation matrix and all contact details should be included in the basic proposal.

WARRANTY

Warranty expected is 5 years onsite comprehensive mode from the date of

installation All material/ equipment supplied should be guaranteed by the contractor for

satisfactory performance and all defective items shall be replaced from time to time.

(3)

3

.

All the material/ equipment supplied should be guaranteed by the vendor for

satisfactory performance. Should any item not perform as intended or should design

material or workmanship proved to be defective the item/ work should be promptly

corrected by the contractor to the satisfaction of the Board without delay and at no extra

cost failing which the Board will be free to take such corrective action at the contractors

expense and risk.

RoHS compliance and other standards complied by the components shall be

clearly stated in the offer.

TERMS AND CONDITIONS

1.

Validity

: The offer should be valid for acceptance for a period of 60 days from

the date of opening.

2.

Price, taxes and duties

: Price quoted shall be all inclusive of sales taxes and

other duties. Prices in the tender will kept firm and no escalation on any ground

will be admissible.

3.

EMD charges: Rs.5000/-

in the form of Demand draft in favour of ‘ Director

(Research), RRII, Rubber Board’ payable at Kottayam. Tender not

accompanying EMD will be rejected. On acceptance of the Tender, EMD of the

successful bidder shall be treated as Security Deposit.

4.

Completion period of work

: Normal course of completion of work is 30 days but

will change from time to time, based on work order in the case of repeat order.

5.

Delay in completion

: Time is the essence of the contract and period of

completion stipulated should be strictly adhered to. If contractor fails to complete

the work as per order in all respects and hand over the same within the stipulated

time, we may at our option either recover liquidity damages @ ½% of the

contract value per day of such delay with a maximum of 10% of the contract

value or terminate the order wholly or partially

6 PAYMENT TERMS

:

a. 90% against supply and satisfactory completion of the work and

b. 10% against BG as performance security for the warranty period

7.AGREEMENT

: The successful tender if so required by the RRII, shall execute an

agreement with the RRII in the form prescribed by the Board soon after the

acceptance of the tenders failing which the EMD will be forfeited and the

acceptance of the tender shall be treated as cancelled.

8. The Director (Research) RRII deserves the unrestricted right to reject any or all of

the tenders or to accept any tender in whole or part without assigning any reason

thereof.

(4)

4 SCHEDULE OF REQUIREMENT

Sl. No. Item Quantity

1. Internet Load Balancing Switch with monitoring application software

1 No. 2. Security Appliance with monitoring

software / Unified Thread Management appliance

1 No.

SPECIFICATION : Internet Load Balancing Switch 19” Rack mountable Internet load balancer with 2 GB or above RAM Capacity

Minimum 200 Mbps throughput Unlimited simultaneous sessions WAN port links – 4 nos. or above

WAN uplink using full duplex Gigabit Ethernet through SM OFC Modules to support the Fibre uplink

Minimum 4 LAN Ethernet ports

OSPF, RIP, RIP II or equivalent routing protocols Load balancing and failover algorithms

Support for VPN, RADIUS, LDAP etc NAT and IP forwarding capability

Integrated application level security support Integrated intrusion prevention

Application smart routing

SNMP support, Web / GIU based configuration and

Monitoring, RS 232 based command line support, VPN Support Bandwidth usage statistics, ISP health monitoring

Access permission management etc. Indian standard 100 – 250 V power input

EN 60950, UL 19050, EN 55022, CE etc. certifications

5 year onsite same business day replacement warranty support

Same series unit must be spared for one month performance testing before final selection.

(5)

SPECIFICATION OF SECURITY APPLIANCE Unified Thread Management Appliance Sl.

No.

Features Compliance Remarks Comments

1.1 General Requirements:

1 The Firewall must be appliance based and rack mountable

2 It should be modular to accommodate disk based storage or future interface growth.

3 Appliance should have provision for redundant power supply

4 Licensing: should be per device license for unlimited users for Firewall/ VPN (IPSec & SSL) and other features. There should not be any user/IP/host based licenses – Please specify if the product does not follow the required licensing policy

5 Support for Virtualization (ie Virtual Systems / Virtual Domains). Please mention what is the maximum number of virtual instances supported

6 Should support USB interfaces for config. Backup / restore, upgrading images and for connecting 3 G Modems as fall-back.

7 Should support more than one ISP with automatic ISP failover as well as ISP load sharing for outbound traffic. 8. Should have support for Explicit Proxy

with Web Caching (especially for the purpose of having session based policies for Citrix/ Terminal Server users)

1.2 Interface and Connectivity Requirements:

1 The platform must be capable of supporting a minimum of 8 gigabit interfaces with auto sensing

10/100/1000 capability

2 It should also support 8 x 10/100 Fast Ethernet interfaces

3 The platform should support the

standards based Multi –Link aggregation technology (IEEE 802.3ad) to achieve higher bandwidth

4 The platform should support VLAN tagging (IEEE 802.1q) with about 4096 VLANs supported ( in NAT / Route mode)

1.3 Performance Requirements:

1. Firewall must support at least 500,000 concurrent connections

(6)

2

The Firewall must support at least 15,000 new sessions per second processing

6

3 The Firewall should support throughputs of minimum 4 Gbps for all packet sizes (1518 byte packet, 512 byte packet and 64 byte packet)

4 The firewall should support a minimum of 2.5 Gbps of IPSec VPN Throughput and should be hardware accelerated 5 The Firewall should support a minimum

of 500 Mbps of IPS Throughput

1.4 Network / Routing Requirement:

1 Static routing must be supported

2 Policy based Routing must be supported 3 Dynamic Routing (RIP,OSPF,BGP &

IS-IS) must be supported for IPv4 4 Should support RIPng, OSPFv3 and

BGP4+

5 Multicast Routing must be supported

1.5 Firewall Features Requirement:

1 The Firewall should be ICSA Labs certified for Enterprise Firewall or EAL 4 certified, if not the same model

2. It should be possible to operate the firewall in “bridge mode” or “transparent mode” apart from the standard NAT mode

3 The Firewall must provide NAT functionality, including PAT

4 Should support “Policy-based NAT” 5 The Firewall should provide advanced

NAT capabilities, supporting NAT Traversal for services like

SIP/H.323/SCCP

6 Firewall should support Voice based protocols like H.323, SIP, SCCP,MGCP etc and RTP Pinholing

7 The Firewall should support User-Group based Authentication (Identity based Firewalling) & Scheduling

8 IPv6 support for both NAT and Transparent Mode

1.6 Authentication Requirements:

1 Support for authentication for Users and Firewall Administrators (Local and Remote – RADIUS, LDAP & TACACS+) 2 Support for RSA Secure ID or other

Token based products

3 Support for Native Windows Active Directory or Novell eDirectory Integration

(7)

4 based two-factor Authentication for both Users and Firewall Administrators

1.7 Encryption / VPN Requirements

1 The VPN should be integrated with firewall and should be ICSA Labs certified for both IPSec and SSL-TLS. Should support the following protocols a DES & 3DES

b MD5, SHA-1 & the more secure SHA – 256 authentication

c Diffie –Hellman Group 1, Group 2, Group 5 & the more secure Group 14 d Internet Key Exchange (IKE) vI as well

as IKE v2 algorithm

e The new encryption standard AES 128,192 & 256 (Advanced Encryption Standard)

2 IPSec VPN should support XAuth over RADIUS and RSA Secur ID or similar product

3 Should have integrated SSL. VPN with no user license restriction. Please specify if the product does not follow the required licensing policy

4 Should support SSL Two-factor

Authentication with Digital Certificates 5 Should support Single Sign-On

Bookmarks for SSL Web VPN

6 Should support Windows, Linux and MAC OS for SSL –VPN (should have always –on clients for these OS apart from browser based access)

7 Should support NAT within IPSec/SSL VPN tunnels

8 Should also support PPTP and L2TP over IPSec VPN protocols

1.8 High Availability Requirements

1 The device must support Active –Active as well as Active-Passive redundancy 2 The Firewall must support stateful

failover for both firewall and VPN sessions

3 The HA Architecture should have the ability for Device Failure Detection and Notification as well as Link Status Monitor

4 Should support VRRP and Link Failure Control

1.9 Data Center Optimization:

1. Should support Server Load Balancing with features like HTTP persistence 2 Should support TCP Multiplexing 3 Should support HTTPS Offloading with

(8)

4 Should have support for WCCP protocol 1.1

0

8 IPS,AV and Web Filtering

1 Should have integrated Network

Intrusion Prevention System (NIPS) and should be ICSA Labs certified

2 Should have a built-in Signature and Anomaly based IPS engine on the same unit

3 Should have protection for 3000+ signatures

4 Able to prevent denial of service and Distributed Denial of Service attacks 5 Supports user-defined signatures (ie

Custom Signatures)with Regular Expressions

6 Should Identify and control over 1000+ applications (ie Application control feature)

7 Should perform Traffic shaping of popular P2P applications like KaZaa, Gnutella, Bit Torrent, WinNY, eDonkey etc

8 Should control popular IM/P2P

applications regardless of port/protocol like Yahoo, MSN, Skype, AOL,ICQ etc 9 The appliance should facilitate

embedded anti virus support which is ICSA Labs certified

10 Gateway AV should be supported for real-time detection of viruses and malicious code for HTTP,HTTPS, FTP, SMTP, SMTPS, POP3 and IMAP, NNTP and IM

11 Should have configurable policy options to select what traffic to scan for viruses 12 Should have options to prevent user

downloads based on file extension as well as file type

13 Should have an ability of Antivirus scanning for IPv6 traffic

14 The appliance should facilitate

embedded Web Content Filtering feature 15 Web content filtering solution should

work independently without the need to integrate with External proxy server 16 URL database should have more than 2

billion URLs under 70+ categories 17 Should be able to block different

categories / sites based on User Authentication.

1.1

(9)

(ie Multi Zone support)

2 Should support DiffServ (Differentiated Services)

3

9 Should support Gateway Data Loss Prevention (DLP) feature for popular protocols like HTTP, HTTPS, FTP, POP3, IMAP, SMTP, POP3S, IMAPS, SMTPS 4 The DLP feature should support popular

file types like MS-Word, PDF etc

5 Should have support WAN Optimization from day 1 for common

applications like HTTP, HTTPS, MAPI, FTP, CIFS etc

6 WAN Optimization should be supported for bi-directional traffic in Gateway-to-Client / Gateway-to-Gateway topology 7 Should support Web caching for Explicit

proxy traffic

8 Should Support Packet Capture / sniffer to capture and examine the contents of individual data packets that traverse the firewall appliance for troubleshooting, diagnostics and general network activity 9 The vendor should supply a separate

logging platform

10 The vendor should take the

responsibility of supplying a licensed OS and Hardware if it is software based Logging solution

11 The logging platform should have a capacity of 1 TB

12 The logging platform should have atleast 2 x 10/100/1000 Gigabits ports 1.1

2 Certifications - Mandatory

1 Should have support for the following certifications:

a FIPS – 140-2 for Client VPN software b OS should be “IPv6 Phase II Ready”

certified War

rant y of the unit

Firewall / VPN /IPS/ AV/Web Filtering Appliance with Unlimited user licenses with 3 year warranty and Signature / Firmware / OS updates for 3 years 2 Logging, Statistics and Reporting

Platform with 3 year warranty 3 Warranty extension / AMC rate for

additional 2 years after the 3 year std. warranty

References

Download now ( PDF - 9 Page - 43.19 KB )

Related documents

In vitro screening of probiotic lactic acid bacteria and prebiotic glucooligosaccharides to select effective synbiotics

The first aim of our study was to screen some lactic acid bacteria on the basis of probiotic characteristics (resistance to intestinal conditions, inhibition of pathogenic

Achieving Zero Downtime for Apps in SQL Environments

ScaleArc gives organizations two ways to perform maintenance on a server while the server is still online: load balancing bias and reduced server connections. Both load balancing

Internet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide

Traffic will be distributed across all WAN links using load balancing and all bandwidth will be utilized as Peplink Balance distributes the traffic across your Internet links

Transcriptome analysis in Hevea brasiliensis latex revealed changes in hormone signalling pathways during ethephon stimulation and consequent Tapping Panel Dryness

Identification of expression profiles of tapping panel dryness (TPD) associated genes from the latex of rubber tree (Hevea brasiliensis Muell. Molecular identification

Compressed Natural Gas: The new alternative fuel for the Algerian transportation sector

The CNG is compressed to 200 Bar, this fuel has been already tested, since in 2009, it has been identified more than 10,5 millions vehicles running with this fuel in the

PERSONAL CARE & COSMETICS. The Skin Microbiome For a personalised beauty care

The proof of product effect on the selected panel of volunteers through an integrated and multi-tool approach MALDI-TOF based microorganism identification with

KIAI and ISLAMIC BANK (the Typology of Kiai Based on Their Perception and Behaviour Toward Islamic Bank)

[r]

CARREFOUR S.A. - Euro bonds

Carrefour’s investment bank has provided market borrowing rates in euros and three foreign currencies. Using the prevailing exchange rates, the borrowing alternatives for Carrefour