Your SlideShare is downloading. ×
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
imss_final.doc.doc
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

imss_final.doc.doc

426

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
426
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Seven NATIONAL INSTITUTE OF TECHNOLOGY, DURGAPUR MAHATMA GANDHI AVENUE DURGAPUR –713 209, WEST BENGAL, INDIA FAX: 0343-2547375;E-mail:director@nitdgp.ac.in; Website: www.nitdgp.ac.in Telephones: 0343-2546397 (Director) BID REFERENCE: NITD/ITIC/IMSS/ 2008/08/ 07.08.2008 To ___________________________________ ___________________________________ Dear Sir, Sub: INVITATION FOR QUOTATIONS FOR INFRASTRUCTURE MANAGEMENT AND SECURITY SERVICES GENERAL 1. You are invited to submit your most competitive quotation for the goods as per annexure-I 2. Bid Price a) The contract shall be for the full quantity as described above. Corrections, if any, shall be made by crossing out, initialing, dating and re writing. b) All duties, taxes and other levies payable by the contractor under the contract shall be included in the total price F.O.R. NIT Durgapur. c) The rates quoted by the bidder shall be fixed for the duration of the contract and shall not be subject to adjustment on any account. d) The bid price must be quoted in Indian Rupees. 3. Each bidder shall submit only one quotation for each item. Manufacturer/authorized dealers of reputed brands of high technical quality with adequate after-sales support facilities are eligible to apply. The bidder must have supplied similar good to reputed organization to their full satisfaction and furnish a list of the same. 4. The bid submitted by the bidder must comprise the following: Part – I (Techno-commercial Bid) (a) Detailed technical specifications and literature/drawings/manuals of the goods/services to be supplied. (b) Compliance report on quoted goods in accordance with Annexure – I. (c) Detail Implementation plan in accordance with Annexure – I. (d) Authorized dealership certificate from the original manufacturer as per the Annexure – III. (e) Credentials and list of organizations where the bidder supplied similar items (f) Warranty Certificate (comprehensive on-site). (g) Valid sales-tax / VAT clearance certificate. Part – II (Price Bid) Price bid as per Annexure-II 5. Validity of Quotation Quotation shall remain valid for a period not less than 60 days after the deadline date specified for submission. 6. Evaluation of Quotations The Purchaser will evaluate and compare the quotations determined to be substantially responsive i.e. which (a) are properly signed and (b) conform to the terms and conditions, and specifications. 7. Award of contract The Purchaser will award the contract to the bidder whose quotation has been determined to be substantially responsive and who has offered the lowest evaluated quotation price.
  • 2. 7.1 Notwithstanding the above, the Purchaser reserves the right to accept or reject any quotations and to cancel the bidding process and reject all quotations at any time prior to the award of contract. 7.2 The bidder whose bid is accepted will be notified of the award of contract by the Purchaser prior to expiration of the quotation validity period. The terms of the accepted offer shall be incorporated in the purchase order. 8. Delivery shall be made at NIT, Durgapur 9. Payment shall be made immediately within 30 days after satisfactory installation, commissioning and acceptance of the good. 10. Comprehensive onsite warranty shall be applicable to the supplied goods for a period of thirty six months from the date of acceptance. 11. The Institute is exempted from payment of custom and excise duty on items mentioned below: a) Scientific and technical instruments, apparatus, equipment (including computers); b) Accessories, spare parts and consumables thereof; c) Computer software, CD-ROM, recorded magnetic tapes, microfilms, and microchips. d) Sales Tax, if applicable, should be charged @ 4% against ‘D’ form. 12. The successful bidder must submit before the release of payment a valid bank guarantee on any nationalized bank of 10% of the order value towards Performance Security during the warranty period. 13. Liquidated Damage will be applicable at the rate of 0.5% per week. The purchaser has the right to cancel the purchase order when LD accumulates to 10 %. 14. A bank draft of Rs.1000/- towards the Bid Document price payable to “Director, NIT Durgapur” at Durgapur will be enclosed with the bid by the bidder. 15. A bank draft or bank guarantee worth 2% of the quoted value payable to “Director, NIT Durgapur” at Durgapur will be enclosed with the bid by the bidder towards the Earnest Money Deposit (EMD). The EMD shall remain valid for a period of 45 days beyond the final bid validity period. 16. Quotations are to be submitted in two separate sealed covers marked PART-I (Techno-commercial bid) and PART-II (Price bid) containing relevant documents, superscripting “Bid No. - NITD/ITIC/IMSS/2008/08”. These two sealed covers are to be placed in a separately sealed larger cover. Further the sentence ‘Not to be opened before 16-00 hours on 28.08. 2008’ is also to be put on these envelopes. 17. Settlement of any dispute will be made under the jurisdiction of Durgapur Court. 18. You are requested to provide your offer latest by 16-00 hours on 28.08. 2008. 19. The purchaser will open the bids at 16:30 hours on 28.08. 2008. 20. Pre – Bid Conference on the bid will be on 21.08.2008 at 10:30 AM at Library Building 1st floor. 21.1 At any time prior to the deadline for submission of bids, the Purchaser may, for any reason, whether at its own initiative or in response to a clarification requested by a prospective bidder, modify the bidding documents by amendment. 21.2 In order to allow prospective bidders reasonable time in which to take the amendment into account in preparing their bids, the Purchaser, at its discretion, may extend the deadline for the submission of bids. 22. The bid document must be signed and sealed and enclosed with the bid as a token of acceptance of all terms and conditions in the bid document by the bidder. 23. The items/services must be delivered within 60 days from the date of placement of purchase order at the respective department. 24. All other terms and conditions of GFR 2005 of the Government of India will be applied. 25. We look forward to receiving your quotations and thank you for your interest in this project. NIT Durgapur
  • 3. Chairman, IT Infrastructure Committee National Institute of Technology The bid must be addressed to: Durgapur, West Bengal – 713209 Prof. A. K. Mitra Mobile: +91-97347-34317, Email: akmrecdgp@yahoo.com NIT Durgapur
  • 4. Annexure - I Technical Specifications Infrastructure Management and Security Services for Campus Wide Networking NIT Durgapur is having an extensive network consisting of over 3500 nodes. The network is built over two core switches of Extreme Networks and a combination of distribution access switches of 51 Extreme Networks and 95 DAX Switches. There are 4 Wireless Access Points to link Wireless enabled Laptops. Part of this Network is even extended to the Student Hostels. A high efficiency Internet bandwidth is taken from BSNL & Reliance. BSNL is providing 32 + 2 Mbps and Reliance is providing 20 Mbps. Internet browsing access is provided throughout the network through Proxy Services. Email Server and Email Service are hosted from respective servers. Further the IT infrastructure of NIT Durgapur is well equipped with number of servers, software and LRs, which are used for several academic and management purpose. NIT Durgapur being an academic institute of INI status must have open approach with focus on clean and efficient access of web, institute email, resources and other services (like Office Automation, Update and patch management services and INDEST services). We must see that network resource is not being wasted due to anomalous activities and the resources are provided with protection for basic sanity. A good monitoring facility is also required for a responsible network. Recent IT Act had given legal status to digital data and digital identity. Therefore, maintaining compliance diligence is becoming necessary responsibility for large networks like NIT Durgapur. In view of the above facts NIT Durgapur must set the strategy for infrastructure management and security at gateway as well as endpoint level to have a clean, efficient and responsible network. Strategy 1. Gateway Level Security As a structure of infrastructure and security management we must divide the network logically into Zones. Each zone shall have defined levels of accessibilities depending on their functions. Zones are as follows, • External Untrusted Zone • De-Militerised Zone (DMZ) • Administrative Zone • Academic Zone • Hostel Zone • Residential Zone A firewall should be used at gateway level to segregate External Untrusted Zone, DMZ and Internal LAN. VLAN should be defined based on this zone division to limit broadcast at Layer 2. The firewall must be evaluated based on the following criteria: - • Firewall having IPS with deep packet inspection • Creation of Security Zones • Intelligent Intrusion Detection System • Gateway antivirus engine on web and email traffic • Cryptography Public Key & VPN Infrastructure • Host Security • Application Security • Access Control • Disaster recovery and Continuity Plan • Event Log Management As a policy no service from Internal LAN should go directly to Internet. All out going services must go through respective proxy services. The DMZ should host all services that are in direct connection to the Internet. Therefore, DMZ should host Web Server, Mail Server, Proxy Server etc. The policy in the firewall should be defined that will allow only the services offered. The performance of the firewall also should be sufficient function in full load. Intrusion Detection capability is also an important criteria for the firewall (Fig – I).
  • 5. Firewall, Antivirus, Anti-spam, IPS etc. Fig – I: Gateway Security II. Resource and Access Management A resource management application will be of immense help for the manageability of the nodes. Such a centralized facility will bring in manageability, accountability and compliance. The first strategy to defending nodes is to have an antivirus, anti-spam and personal firewall installed in every node by policy. Measures must be in place to keep them updated with latest patches. Therefore, more than just installing, an update enforcement policy is also imperative. Secondly, every threat that poses a network utilizes the weakness in the applications themselves to break in. The application and operating system OEMs constantly remedies these weaknesses whenever they are discovered and posts them as patch updates. The OS and the applications update are to be given equal importance to have a safe and clean working environment. Centralized patch update facility can push install the updates by policy. The Third and most important issue is policy based access control mechanism for network resource and services with the compatibility with IEEE802.1X standard. If a user is not authenticated they will not be allowed entry into the network from the Layer 2 switch ports. If the user is not compliant by the policy (including the security policies), the user will be connected but without the access to regular resources, rather he will quarantined to a remedial VLAN, where he get access to the redial Server for Patch update, personal antivirus update and client application update. IEEE 802.1x Compatible Switch Fig – II: Access Management
  • 6. Specification 1. Gateway Level Security Feature Description Performance Maximum Performance Multi-bus System Architecture Preferable and Capacity Firewall throughput (large packets) 1+ Gbps Advanced DES/AES throughput 500 Mbps (min) Maximum concurrent sessions 2,50,000 (min) New sessions/second 15,000 (min) Maximum security policies, Packets Per Second, Specify Antivirus Throughput. Maximum users supported. Unrestricted Network Connectivity 10/100/1000 GBE Ports 10 SFP (Mini GBIC) Ports 2 USB (preferable) 2 Firewall Network attack detection, DoS and D DoS Required protection, TCP reassembly for fragmented packet protection, SYN cookie protection, Zone-based IP spoofing, Malformed packet protection. Unified Threat IPS: Protocol anomaly detection, Stateful protocol Required Management signatures, IPS/DI attack pattern obfuscation. Gateway Antivirus: Signature database based with Required automatic update ficilities, Anti-spyware, Anti- adware, Anti-keylogger, Protocols to be scanned POP3 – HTTP –SMTP – IMAP – FTP Gateway Anti-spam Required Integrated URL filtering Required External URL filtering Required IPSec VPN Concurrent VPN tunnels 1000 (Min) Encryption: DES, 3DES and AES (256-bit) MD-5 Required and SHA-1; Manual key, Internet Key Exchange (IKE), public key infrastructure (PKI) (X.509); Perfect forward secrecy (DH Groups) 1,2,5; Prevent replay attack; Remote access VPN; Layer 2 Tunneling Protocol (L2TP) support within IPSec; Auto-Connect VPN; Redundant VPN gateways support User Authentication and Local Database support; Third-party user Required Access Control authentication RADIUS and LDAP; Windows Domain Control & Active Directory Integration; Support for Single Sign On, VPN authentication, Web-based authentication, 802.1X authentication; User/ Group access control; Networking Virtualization: Support of min 50 nos security Required zones, min 150 nos pf VLNs; Routing: OSPF routes, RIP v1/v2 Routes, Static routes, Policy based routes, Multicasting, Multicast inside IPSec tunnel; IP Address Assignment: Static IP, DHCP, PPPoE; Address Translation: NAT / PAT, Policy-based NAT/PAT, Support for MIP, Virtual IP, VLAN 802.1Q Trunking, MIP/VIP Grouping. Preferable: IGMP v1/v2, IGMP Proxy, Standard Encapsulation Mechanism. Mode of Operation Support for Layer 2 (transparent) and Layer 3 (route Required and/or NAT) mode Traffic and Bandwidth Policy based Guaranteed and Maximum bandwidth; Required Management Quality of Ingress traffic policing; Priority-bandwidth Service (QoS) utilization; Committed and burstable bandwidth by hierarchy/ departments/ groups & users
  • 7. High Availability (HA) Active/passive Mode (at L3 or Transparent Level) Required with Configuration synchronization, Session synchronization for firewall and VPN, Session failover for routing change, Device failure detection, Link failure detection Multiple ISP Link Management and Load Balancing Required Voice over IP (VoIP) Security (H.323. Application-level gateway (ALG), Network Preferable Address Translation (NAT) for VoIP protocols) System Management WebUI (HTTP and HTTPS) , Command line Required interface (console, SSH and telnet), SNMP, OEM Specific management Studio/console/interface Administration Support for Local administrator database, External Required administrator database through RADIUS, RSA SecureID, LDAP, Restricted administrative networks, multiple level of users, software upgrades through WebUI. Logging/Monitoring System log (multiple servers), Email Reports, Required Graphical real-time and historical monitoring, Traceroute, SNMP, VPN tunnel monitor. On Appliance Reporting Intrusion events reports, Policy violations reports, Required Web Category reports (user, content type), Search Engine Keywords reporting, Virus reporting by User and IP Address, Compliance Reports. Certification ICSA Firewall, VPN, FCC, CE, UL Required 2. Infrastructure Management (a) Centralized Resource Management: Policy based resource management; Support for Windows desktop Imaging; Application management; Application self-healing; IT asset discovery, inventory & classification; Remote control, Enterprise web reporting based on BusinessObject. (b) Centralized Patch Management Should support Individual application vulnerability scanning, E-mail agent configuration for sending vulnerability notifications, Comprehensive vulnerability and compliance reporting, Role-based administrative account creation, Automatic vulnerability package downloads—as soon as they are available, System vulnerability base lining for an agent group containing a validated group of mandatory patches, Vulnerability package deployment to groups of clients, Server tuning guidelines, Successful patch deployment verification using reporting functions. OS Patch should support Redhat Linux 2.1 to 4.0 Enterprise Edition, Windows 9xWindows XP SP1 / SP2, Windows 2000 and 2003 server, Windows Vista, Sun Solaris 10.0, IBM AIX 5.1 to 5.3, Novell, Novell SuSe Linux etc. Application Patch should support Adobe Acrobat Reader, Adobe Flash Player for Internet Explorer, Adobe Flash Player for FireFox/Netscape, Adobe Macromedia Plug-In (Internet Explorer, Firefox), Apple QuickTime, Computer Associates eTrust Antivirus, McAfee VirusScan Engine, McAfee VirusScan Enterprise Engine, McAfee VirusScan DAT, Microsoft .NET Framework, Microsoft ActiveSync, Microsoft Content Management Server, Microsoft Data Access Components (MDAC), Microsoft DirectX, Microsoft Frontpage Server Extension (FPSE), Microsoft Internet Explorer, Microsoft Internet Security and Acceleration Server (ISA), Microsoft Jet, Microsoft Malicious Software Removal Tool, Microsoft MSDE Microsoft MSN Messenger, Microsoft MSN Messenger Exchange IM Client, Microsoft Internet Information Service (IIS), Microsoft MSXML, Microsoft Office 2003 and 2007 (Access, Excel, FrontPage, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word), Microsoft Outlook 2003 Junk E- mail Filter, Microsoft Outlook 2007 Junk E- mail Filter, Microsoft Outlook Express Microsoft SharePoint Service, Microsoft SQL Server Microsoft Visual Studio .NET Microsoft Visual Studio, Microsoft Windows Installer, Microsoft Windows Mail Junk E- mail Filter, Microsoft Windows Media Player, Microsoft Windows Messenger, Microsoft Windows Update, Mozilla Firefox, Real Networks RealPlayer for RedHat, Real Networks RealPlayer for Windows, Sophos Antivirus Sun Java Runtime Engine Sun Java for Mac OS X, Symantec Antivirus Corporate Edition for 64 bits, Symantec Norton Antivirus Symantec Norton Antivirus Trend Micro OfficeScan Trend Micro ServerProtect, WinZip etc.
  • 8. 3. Implementation: (i) Implementation and Integration of the item 1 and item 2 must be done at NIT Durgapur with the scalability provision of adding more resources, services and users in the network. (ii) Provision of virtualization of server resources must be present. (iii) User policy and Access policies of different resources and services must be made as per the instruction given by the competitive authority from NIT Durgapur. (iv) Implementation must be done with the perspective of atleast 5000 users. (v) Resource Management must be implemented for atleast 2000 users (Hostel and Residential zone will not get this facility). 4. Techno – Commercial Requirements: (i) THREE YEARS on site warranty of the supplied goods from the date of acceptance. For Software the license and support will be for 3 years including updates and version upgrade with unlimited web and telephonic support from the OEM. (ii) Services should be provided with posting of ONE no of Qualified, Certified and Experienced engineer at NIT Durgapur for the period of THREE years. (iii) Bidder must have performed atleast THREE numbers of similar type of jobs with atleast 75% of the valuation of this quotation. (iii) Equipments and Software must be with licenses and will be in the name of NIT Durgapur. Software licensing will be perpetual licensing. (iv) Delivery Period: 60 days from the date of placement of purchase order (v) Place of Delivery: Internet Server Room, NIT Durgapur (vi) Installation / commissioning / demonstration requirement: Installation, commissioning, complete demonstration and successful running at Internet Server Room, NIT, Durgapur
  • 9. Annexure - II PRICE BID 1 2 3 4 5 6 7 8 Schedul Item Country Quantity Price for each unit Unit Price Total Price Sales & other e Description Of Origin & Unit taxes payable No. Ex-factory /ex Excise duty Packing and Inland Incidental services if contract is warehouse/ex- if any forwardi Transportation, Insurance as listed in clause awarded showroom of the ng & other local costs 8 of SCC shelf incidental to Delivery (a) (b) © (d) (e) a+b+c+d+e 4X6 We agree to supply the above goods in accordance with the technical specifications and the terms and conditions mentioned in the bid document at prices mentioned above within the period specified in the Invitation for Quotations. We also confirm that the comprehensive onsite warranty of 36 months shall apply to the offered goods. In case of discrepancy between unit price and total price, the unit price shall prevail Place: Signature of Bidder __________________________ Date: Name ____________________________ Business Address ___________________________
  • 10. Annexure – III MANUFACTURERS' AUTHORIZATION FORM To Date: Prof. A. K. Mitra Chairman, IT Infrastructure Committee National Institute of Technology Durgapur, West Bengal - 713209 Mobile: +91-97347-34317 Email: akmrecdgp@yahoo.com Dear Sir: Bid No.: We who are established and reputable manufacturers of (name and descriptions of goods offered) having factories at (address of factory) do hereby authorize M/s (Name and address of Agent) to submit a bid, and sign the contract with you for the goods manufactured by us against the above Bid. We hereby extend our full guarantee and warranty as per Clause 10 of the General section and Clause 4.(i) of Technical Specification for the goods and services offered for supply by the above firm against this bid. Yours faithfully, (Name)
  • 11. (Name of manufacturers)

×