Request for Proposal

Request for Proposal For Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT DEPARTMENT Offices across Andhra Pradesh

Transport Department Government of Andhra Pradesh

Table of Contents

Page # Contents No. Notice Inviting Tender 5 Important Clarifications 7

1 Background 1.1 Background 8 1.2 Introduction 9 1.3 Information Provided 9 1.4 Recipients 10 1.5 Confidentiality 10 1.6 Disclaimer 10 1.7 Broad Scope of Work 10 1.8 Interpretation 20 1.9 Brief Description of the Bidding Process 20 1.10 Schedule of Bidding Process 22 1.11 Pre-proposed meeting 22 2 Instructions to Bidders 24

A General 24 2.1 General terms of Bidding 24 2.2 Requirements for Bidders 28 2.3 Proposal and its contents 33 2.4 Bid Security 34 2.5 Cost of Bidding 35 2.6 Verification of Information 35 2.7 Verification & Disqualification 36 B Documents 37 2.8 Contents of the RFP 37 2.9 Clarifications 38 2.10 Amendment of RFP 38 C Preparation and Submission of Bids 39 2.11 Format and Signing of Proposal 39 2.12 Sealing and Marking of Proposals 39 2.13 Proposal Due Date 40 2.14 Late Proposals 41 2.15 Modifications / substitution / withdrawal of Bids 41

2.16 Rejection of Bids 41 2.16 Validity & Extension of Proposals 41 2.17 Validity of Bids 41 2.18 Payment Terms 42 2.19 Applicable Law and jurisdiction of court 42 2.20 Liquidated Damages 42 2.21 Force Majeure 42 2.22 Indemnity 43 2.23 Authorized Signatory 43 2.24 Non-Payment of Agreed Price 43 2.25 Assignment 43 2.26 No employer-employee relationship 43 2.27 Subcontracting 44 2.28 Confidentiality 44 2.29 Correspondence with the Bidder 44 2.30 Appointment of Consultant 44 2.31 Cancellation of Contract and Compensation 44 2.32 Dispute Resolution 45 2.33 Ownership of Documents, data, Hardware and 46 Software 3 Evaluation of Bids 47 3.1 Opening and Evaluation of Proposals 47 3.2 Contacts during Evaluation 47 3.3 Test of Responsiveness 47 3.4 Evaluation of Technical Proposals 49 3.5 Evaluation of Financial Proposals 50 3.6 Selection of Successful Bidder 52 3.7 Issue of Letter of Award by the TRANSPORT 52 3.8 AcceptanceCOMMISSIONER of LOA 52 3.9 Income Tax Liability 52 3.10 Concessions permissible under statutes 52 4 Fraud and Corrupt Practices 54 5 Miscellaneous 56 Appendices

I. Functional Requirements of Network Firewall 57 List of TRANSPORT COMMISSIONER Branch Offices, 65 II. Locations and No. of users at each Branch III. Service Level Agreement (SLA) 68 IV. Format of the Letter of Proposal ( Covering Letter) 71 V. Application form for the Eligibility of the Bidder 73 VI. Format of the Power of Attorney for Signing the Proposal 77 VII. Format of the Anti-Collusion Certificate 79 VIII. Undertaking for Information Security 80 IX. Format of the Bank Guarantee for Bid Security 81 Format of the extracts from the audited Balance sheet 85 X. and Profit & Loss Account Format of the Self Certificate of Completion (Certified by 86 XI. the Statutory Auditor) Format of the completion certificate from the client 88 XII. XIII. Self -Declarations 89 XIV. OEM Authorization Form 90 XV. Format for Declaration regarding Non-Blacklisting 92 XVI. Format for Performance Bank Guarantee 93 XVII. Contents of Technical Proposal 95 XVIII. Contents of Financial Proposal 107 Procedure for Submission of bids 114 XIX.

Government of Andhra Pradesh Transport Department

Tender No: 401/IT/2017 Date: 20/02/2017

Notice Inviting Tender (NIT)

On behalf of the Government of Andhra Pradesh “GoAP”, the Transport Commissioner, Andhra Pradesh, invites eligible and competent vendors to submit their Eligibility cum Technical and Commercial offer separately for supply of Network Firewall for AP Transport Department in accordance with conditions and manner prescribed in this RFP which is floated by the Government of Andhra Pradesh. The complete RFP document can be downloaded from the following website: http://www.eprocurement.gov.in

The vendors participating for the first time in the e-procurement process on the GoAP e-procurement portal, will have to complete the online registration process. Details of the pre requirements for such registration are available on the abovementioned e-procurement website. FAQs in this regard may be accessed at (http://www.eprocurement.gov.in/faqs_contractors.asp).

The Transport Commissioner reserves the right to reject any or all proposals without assigning any reason.

The details f the Tendering Process are as mentioned below:

Sl. Information Details No. 1. RFP Reference Number and Date 401/IT/2017 2. Bid opening date on the website 20.02.2017 at 11:30 PM WWW.apeprocure.gov.in 3. Last date for receiving Queries 24.02.2017 at 11:00 A.M 4. Time and date of Pre-Bid 25.02.2017 at 11:30 A.M in O/o. Conference T.C, A.P, Hyderabad 5. Response to queries latest by the 01.03.2017 at 05:00 P.M Transport department 6. Bid document Download End Date 05.03.2017 at 04:00 P.M and Time 7. Bid Closing date & time 06.03.2017 at 10:30 A.M

8. Last date and time for receipt of 06.03.2017 at 11:30 A.M in O/o. hard copies of Bids T.C, A.P, Vijayawada 9. Time and date of opening technical 06.03.2017 at 12:00 P.M in O/o. bids and Oral presentations T.C, A.P, Vijayawada product demo and methodology 10. Time and opening of financial bids 06.03.2017 at 04:00 P.M in O/o. T.C, A.P, Vijayawada 11. Cost of RFP Document (non-refundable) Rs. 5,000/- (Five Thousand only) any by Demand Draft only. scheduled bank in favour of CAO & FA, O/o. T.C, A.P, Hyderabad 12. Earnest Money Deposit (EMD) / Bid Rs. 2,50,000/- (Rupees Twenty-Five Security – In the form of Demand Draft Thousand only) DD from any scheduled or Bank Guarantee bank in favour of CAO & FA, O/o. T.C, A.P, Hyderabad or Bank Guarantee mentioned in RFP 13. Bid validity period 180 days from the last date for submission of proposals. 14. Contact for the Project 9848045338 15. Addressee and Address at which proposal O/o Transport Commissioner, in response to RFP notice is to be 1st Floor, submitted NTR Administrative Block, RTC House, Pandit Nehru Bus Station complex, Vijayawada, AP

Note: 1. The above dates are tentative and subjected to change without any prior notice or intimation. Bidders should check website apeprocurement aprtransport.org for any changes / addendums to the above dates and / or any other changes to this RFP. Bidders to confirm with AP Transport Department the time & venue, one day prior to any of the above scheduled event.

2. Eligibility cum Technical bid will be opened, in the presence of the vendor’s representatives who choose to attend the opening of Technical bid. No separate communication shall be sent in this regard.

3. Commercial bid will be opened in the presence of the Vendor’s representatives who are technically qualified.

4. This invitation for bids is open to all Indian firms who fulfil pre- qualification criteria as specified in this RFP.

5. TRANSPORT COMMISSIONER reserves the right to terminate the RFP process at any time without assigning any reason and upon such termination, TRANSPORT COMMISSIONER shall not be responsible for any direct or indirect loss or damage arising out of such a termination.

Sd/- N. BALASUBRAMANYAM IPS Transport Commissioner Government of Andhra Pradesh Vijayawada

Important Clarifications

1. Department means AP Transport Department 2. Vendor or Service Provider means the selected bidder of the RFP document 3. RFP or Tender means the Request for Proposal document. 4. Recipient or Respondent or Bidder means to who the RFP document is issued by the Department. 5. Offer means response to RFP document submitted by Recipient to the Bank.

Abbreviations:

EMD Earnest Money Deposit SLA Service Level Agreement AMC Annual Maintenance Contract ATS Annual Technical Support TCO Total Cost of Ownership PA-DSS Payment Application – Data Security Standard VAT Value Added Tax OEM Original Equipment Manufacturer ISO International Organization for Standardization OWASP Open Web Application Security Project OSD Original Solution Developer Company that has developed the solution for VCR Application

This document is meant for the specific use by the Company / person(s) interested to participate in the current Tendering process. This document in its entirety is subject to Copyright Laws. AP Transport Department expects the bidders or any person acting on behalf of the bidders strictly adhere to the instructions given in the document and maintain confidentiality of information. The bidders shall be held responsible for any misuse of information contained in the document, and liable to be prosecuted by the Department in the event that such a circumstance is brought to the notice of the Department. By downloading/purchasing the document, the interested party is subject to confidentiality clauses.

Section 1 Introduction and Disclaimer

1.1 Background a. The Transport Department, Government of Andhra Pradesh, is responsible for the regulation of motor transport in the State of Andhra Pradesh. The Transport Department performs duties including grant of authorizations to drive (public/private) vehicles, issue of driving licenses, collection of vehicle taxes and taking action against permit/license holders who contravene the provisions of the Motor Vehicle Act, 1988, Andhra Pradesh Motor Vehicles Taxation Act, 1963 and the rules framed there under. b. This Department has its branch office at 96 locations across the state of Andhra Pradesh. TRANSPORT COMMISSIONER hosted all its services in the cloud and made available online to citizens, all its branch offices should connect securely to Internet so as to access the online applications. Hence, it is decided to procure Best network firewall for all its 96 Offices to protect the applications, processes, interfaces, hardware, networking equipment etc., already implemented at all above offices. c. The bidder should note that: a. The network Firewall should be appliance based and rack mountable. Software based solutions are not acceptable. b. The Functional Requirements and specifications specified in Annexure - I are the minimum specifications. d. For this purpose, the Transport Department has issued this RFP such that interested parties (“Bidders, which expression where applicable shall, unless repugnant to the context, jointly and severally include the members of a consortium) may submit their detailed proposals (“Proposals”) as per provisions of the RFP. e. The Proposals would be evaluated on the basis of the evaluation criteria set out in this RFP in order to identify the successful Bidder for the Project (“Successful Bidder”). f. The Successful Bidder shall, upon execution of the Development Agreement (hereinafter defined) (the “Service Provider”), be responsible for Delivery, installation, commissioning and configuration as per the development agreement prepared in accordance with the principles of contract specified hereto (the “Development Agreement”),to be entered into between the Successful Bidder and the Transport Department.

9 g. The Development Agreement shall set forth the detailed terms and conditions governing the Service Provider and the Transport Department, including the scope of the Service Provider’s services and obligations. h. The Transport Department shall receive Proposals pursuant to this RFP in accordance with the terms set forth in this RFP and other documents provided / to be provided by the Transport Department pursuant to this RFP, as modified, altered, amended and clarified from time to time by the Transport Department (collectively, the “Bidding Documents”), and all Proposals shall be prepared and submitted in accordance with such terms on or before the date specified in Clause 2.13for submission of the Proposals (the “Due Date”). It is clarified that the term ‘Bidding Documents’ includes the Development Agreement for the Project which shall be prepared in accordance with the principles of contract specified and executed with the Successful Bidder. The aforesaid documents and any addenda issued subsequent to this RFP will be deemed to form part of the Bidding Documents.

1.2 Introduction

This request for proposal document (‘RFP document’ or RFP) has been prepared solely for the purpose of enabling AP Transport Department (‘Department’) to select vendor/s for implementation of VCR Mobile Application for the Department.

The RFP document is not a recommendation, offer or invitation to enter into a contract, agreement or other arrangement in respect of the solution. The provision of the solution is subject to appropriate documentation being agreed between the Department and the eventual successful bidder.

1.3 Information Provided

The RFP document contains statements derived from information believed to be reliable at the date obtained; but does not purport to provide all the information that may be necessary or desirable to enable an intending contracting party to determine whether to enter a contract or arrangement with the Department in relation to the solutions. Neither the Department nor any of its employees, or advisers gives any representation or warranty, express or implied, as to the accuracy or completeness of any information or statement given or made in this RFP document.

1.4 Recipients

The RFP document is intended for the information of the party to whom it is issued (“the Recipient” or “the Respondent”) and no other person or organization.

1.5 Confidentiality

The RFP document is confidential and is not to be reproduced, transmitted, or made available by the Recipient to any other party without Department’s express written permission. The RFP document is provided to the Recipient on the basis of the undertaking of confidentiality given by the Recipient to the Department. The Department may update or revise the RFP document or any part of it. The Recipient acknowledges that any such revised or amended document is subject to the same terms and conditions as this original and subject to the same confidentiality undertaking.

1.6 Disclaimer

Subject to any law to the contrary, and to the maximum extent permitted by law, the Department and its officers, employees, and advisers disclaim all liability from any loss or damage (whether foreseeable or not) suffered by any person acting on or refraining from acting because of any information including forecasts, statements, estimates, or projections contained in this RFP document or conduct ancillary to it whether or not the loss or damage arises in connection with any negligence, omission, default, lack of care or misrepresentation on the part of the Department or any of its officers, employees, or advisers.

The Department and its officers, employees, and advisers disclaim any liability, pecuniary or otherwise that may accrue or arise from any loss or damage (whether foreseeable or not) suffered by any person acting on or refraining from acting due to the information contained herein and/or by virtue of copying, adopting, reproducing, any of the material which may be the copyright material or any other Intellectual Property of a third party who may claim ownership of the same.

1.7 Broad Scope of Work and Description of the Project

The broad scope of work as detailed in this section refers to the hardware /software licenses that is procured through this tender and used for implementing the network security at TRANSPORT COMMISSIONER head office and its 95 Branch locations.

11 a. Supply and installation of network Firewall complying with the technical specifications given in Annexure - along with accessories and necessary documentation at TRANSPORT COMMISSIONER Head Office, Vijayawada. b. Configuration and integration of Network Firewall with TRANSPORT COMMISSIONER existing LAN / WAN at its Head Office and 95 Branch Offices.

c. The successful Bidder shall be doing the Project Management for the entire Project from commencement to final handing over for live use. The proposed solution must be supported for a period of 5 years as per RFP and TRANSPORT COMMISSIONER’s requirement. d. Prior to configuration and Integration, Successful Bidder along with OEM must perform a review of the existing setup at all its offices and prepare detailed implementation plan to counter cyber risks time to time. On approval of the same by TRANSPORT COMMISSIONER, integration of network firewall needs to be carried out. They must certify the architecture once such recommendation is implemented. This task should be done with no extra cost to the TRANSPORT COMMISSIONER. e. The bidder shall be responsible for generation and submission of necessary documents required during various phases of project viz. planning, installation, commissioning, rollout, acceptance testing, project diagrams and other reports etc. All such documents shall commence only after the same is approved by TRANSPORT COMMISSIONER. f. Functional requirements of the Network firewall are furnished as Annexure I.

g. Delivery Terms & Conditions

a. The Delivery shall be done at TRANSPORT COMMISSIONER Head Office, Vijayawada within 15 days from the placement of order.

b. Physical Inspection and preliminary testing of the products shall be done at TRANSPORT COMMISSIONER Head Office in the presence of representatives of the vendor and will comprise of the following. i. Physical verification of equipment as per the supply contract. ii. Physical inspection of the equipment for any physical damage. iii. “Power on Self-test” to ascertain that no product is dead on arrival.

iv. Physical verification of licenses, software media, technical documentation as per purchase order. v. Registering the Hardware & software license with OEM for validation and desired technical support. vi. Should the inspected or tested components fail to confirm to the contract, the TRANSPORT COMMISSIONER may reject the components, and the Vendor shall with in a period of 14 (fourteen) days, replace the rejected components, so that it meets the Contract requirements free of cost.

c. After Physical verification, Vendor should deploy the firewalls to the Branch Offices of TRANSPORT COMMISSIONER for Physical installation, configuration as per the requirement at free of cost. h. The Successful bidder must analyze the existing production system and gather performance metrics. The successful bidder should review firewall system parameters such as sessions, resources, and drops to verify that the firewall is performing optimally. Additional checks should review traffic threat, and system logs to identify recommended changes as per best practices wherever applicable. i. Disaster Recovery Site: Vendor should be able to extend the solution to the DR site whenever the need arises. j. Security features: Should ensure secure on-boarding of users to Network Firewall from trusted as well as un trusted network. k. Availability: The solution should be configured in high availability mode and should ensure there is no single point of failure. Availability of the solution should be 99.9% uptime to be analyzed on quarterly basis. l. All the software licenses should be in the name of TRANSPORT COMMISSIONER and shall be genuine, perpetual, full use and should provide patches, bug fixes, security patches and updates directly from the respective OEM for the contract period. m. The proposed software must provide indemnification and indemnification must cover patent claims, copy right claims, legal fees and damages claim. System Integrator and / or developer / manufacturer must protect TRANSPORT COMMISSIONER from all such legal cost that may arise out of any claim by a third party alleging intellectual property infringement i.e., related to the software. n. Health and performance monitoring features:

a. The proposed solution should be managed centrally through a single management console.

b. The management platform should be configured to proactively detect the health issues and service degradation / interruptions and should be able to create event / alerts to the relevant administrators through email, SMS etc. o. Establishing a procedure / SOPs for offline / online management of patches and upgrades. p. Configuration & Testing of end to end connectivity using tunnel less IP Sec (Group Encrypted Transport VPN) at each location on new devices. q. As TRANSPORT COMMISSIONER has dual bandwidth connectivity, successful Bidder shall terminate both the links to the new network firewall with automatic failover and ensure proper functionality as per existing setup at no extra cost to TRANSPORT COMMISSIONER. r. The Successful Bidder shall be required to perform tasks, render requisite services and make available resources as may be required for the successful completion of the entire assignment at no additional cost to the TRANSPORT COMMISSIONER. s. Bidder shall supply all necessary cables and power cords to make the network firewall functional. t. In case of any change of location during the order & implementation, successful bidder must supply, install & configure accordingly without any extra cost to TRANSPORT COMMISSIONER. u. The bidder has to make his own arrangement to fulfill all delivery formalities like – Road permit, entry tax etc., and should not involve TRANSPORT COMMISSIONER in these activities. v. Implementation and Training

a. The Successful bidder shall provide a comprehensive Project Plan including Risk, Quality, Migration and conversion, Resource, Change and Communication Management Plan. The Bidder has to submit a detailed plan for migration and implementation of the solution.

b. Plan should include the full scope of the project as mentioned above. On acceptance of such plan by TRANSPORT COMMISSIONER, the successful Bidder is required to carry out the implementation, migration and customization as applicable including supply, installation and testing of solution etc.

c. The successful bidder should provide a detailed project plan in terms of activity and phase wise timelines (No. of days) required for executing the project with the details of deliverables and milestones including the delivery of components for this solution. The bidder shall inform the name of the Project Manager who would be the single point of contact during the complete project implementation.

d. The successful bidder shall also handle all matters relating to the configuration and operation of the system including but not limited to application, system interfaces, documentation, and user manual and training for the successful implementation of the system.

e. The Project plan updates to be published weekly till the project completion.

f. UPS Power, Air-conditioning, Safety closets will be make ready by TRANSPORT COMMISSIONER in all installation places.

g. Training: The bidder shall impart training to TRANSPORT COMMISSIONER identified IT personnel (Numbers will be decided by TRANSPORT COMMISSIONER) for 2 days on the following points at the venue decided by TRANSPORT COMMISSIONER.

i. Knowledge transfer training of the deployed solution architecture and design.

ii. Network firewall platform administration & Management.

iii. Basic user level troubleshooting.

iv. Necessary training facilities would be provided by TRANSPORT COMMISSIONER. The bidder will have to ensure that training is imparted in a professional manner through qualified personnel and course materials would have to be provided for the same. w. User Acceptance Test (UAT)

a. TRANSPORT COMMISSIONER reserves the right to carry out inspection and / or test any components of the supplied systems to confirm their good working order and / or conformity to the contract.

b. TRANSPORT COMMISSIONER and / or an outside agency nominated by TRANSPORT COMMISSIONER will conduct an acceptance test n the hardware within a period of four weeks from the date of completion of installation and commissioning

of hardware by the vendor. Acceptance test shall comprise of tests to verify conformity of technical requirements / specifications and performance. In case TRANSPORT COMMISSIONER is not satisfied with the above then, the vendor will upgrade / replace them with appropriate model. The exact details of acceptance test will be mutually decided after the installation of hardware. x. Warranty, Operation and maintenance support The scope under warranty and AMC shall cover to provide services as described below.

a. All delivered items Hardware and software in this tender should be monitored and serviced in such a manner to ensure maximum uptime and performance levels. The guarantee / warranty should be highest nature extended by the OEM on the date of participation in the Tender (Necessary documentary evidence to be submitted).

b. The bidder will have to submit undertaking from all OEM’s assuring availability of the equipment being sold would not be declared End of Sale (EoS) in the next 7 Years and that OEM shall supply similar or higher substitute in case EoS of equipment at no cost to TRANSPORT COMMISSIONER.

c. Also OEM should certify that the products being sold would be covered under Warranty / Support and support will be available for next five years from the date of installation at TRANSPORT COMMISSIONER.

d. Warranty of the hardware and subscription of the software will start from the date of Commissioning of last device.

e. Provide on-site comprehensive warranty for the supplied items – equipment / system / sub-systems (hardware / software) for a period of 5 years support on 24 x 7 basis from the date of acceptance. Defective equipment shall be replaced by the vendor at his own cost, including the cost of transport if any.

f. The hardware equipment (if any) should be guaranteed / warranted against all defects and failure and such guarantee / warranty shall include replacement of defective parts / equipment and / or repair of the same free of cost. In case of repetitive hardware failure (three times in a quarter), it shall be replaced by equivalent or higher new equipment by vendor at no extra cost to TRANSPORT COMMISSIONER. All warranty shall be onsite.

g. The bidder should confirm in their response that the support during warranty period would be carried out by the OEM for the respective equipment / peripheral. The bidder should also ensure that the highest level SLA (24 x 7) support with maximum resolution time of 4 hours is adhered to and this must be articulated in the bid response as well.

h. Any component in the Firewalls that are reported to be down on a given date should be replaced by substitute (of equivalent or higher configuration) in next business day in any location, the reporting will be through a telephonic message or any other mode as TRANSPORT COMMISSIONER may decide.

i. TRANSPORT COMMISSIONER reserves the right to levy / waive off penalty considering various circumstances at that point of time.

j. Warranty shall also cover the following:

i. Installation / re-installation / maintenance / reconfiguration system software and other supplied software.

ii. All system patches, critical hot fixed, upgrades, service packs etc. of the OS and all other software supplied must be made available free of cost.

iii. Support for integration and update of infrastructure / network configuration and change management of the entire solution (existing as well as that procured as scope of this tender) to meet requirements.

iv. Any change in the IP scheme, if required, limited to all the equipment installed at the TRANSPORT COMMISSIONER should be done.

y. Annual Maintenance Contract (AMC) / Remote Support a. The bidder would be responsible to undertake AMC for a period of 5 Years. The period of AMC will start from the date of warranty period starts.

b. The AMC for the hardware equipment would be awarded to the bidder at the rate as quoted as INR in the price bid. However, the AMC services for the above mentioned equipment would be procured by the bidder solely from the OEM at SLA’s matching those during warranty support. The bidder has to submit that an undertaking from the OEM that the quoted AMC rate will remain valid and unchanged during the AMC for 5 years.

c. Considering the fluctuation of INR against foreign currency, Bidder can share the current prevailing conversion rate on the day of bid submission. Any escalation / de-escalation would not be factored at the time of AMC contract.

d. The AMC should cover the services which the supplier provided under warranty.

e. The AMC shall include but not limited to : i. On-site, comprehensive, back-to-back from OEM for a period of 5 years from the date of starting warranty. ii. Software updates and upgrades at no cost to the TRANSPORT COMMISSIONER. iii. Configuration / re-configuration at the same location and / or any change of office location / premise as & when required to keep the equipment in working condition at free of cost. iv. Traffic Analysis for different application / services as & when required / requested. v. Co-ordinate with field staff & report progress of fault resolution to any branch office & Head office. Update should be given on every 4 hours during working days. vi. The bidder must provide technical resources as and when required for coordinating with TRANSPORT COMMISSIONER staff for day to day operational issues as and when arises on supplied equipment such as QoS change request, IP accounting, monitoring / report generation etc., as required by TRANSPORT COMMISSIONER. vii. Bidder should provide onsite preventive maintenance as per TRANSPORT COMMISSIONER Requirements. viii. Bidder has to submit that escalation matrix from L1 to L3 level support for warranty, support and AMC activities. z. Service Level Expectations (SLA) a. During the AMC period the following service levels are expected to be maintained by the Vendor / Successful Bidder. b. Breach of service levels consistently on part of the Vendor / Successful Bidder may lead to invocation of Clause for “Termination for Default”

c. 99.9% uptime is expected for all devices and would be calculated on quarterly basis. d. Any problem / issues / defects in Firewall appliances, enhancement requests reported to the Vendor / Successful Bidder should be categorized based on severity as follows: i. Issue resolution / Onsite visits within 4 hrs for level 0 issues. ii. Issues resolution / Onsite visits within 6 hrs for level 1 issues. iii. Issues resolution / Onsite visits within 8 hrs for level 2 issues. iv. Issues resolution / Onsite visits within 24 hrs for level 3 issues. v. Return Material Authorization (RMA) support vi. Annual Firewall Rule Base review (Audit)

Level 0: This level of criticality will arise when more than 50 users are affected and / or more than 3 locations are affected. Level 1: This level of criticality will arise when more than 25 users but less than 50 users are affected and / or less than 3 locations are affected. Level 2: This level of criticality will arise when more than 10 users but less than 25 users are affected and / or 1 location is affected. Level 3: This level of criticality will arise when less than 10 users affected.

System Maintenance & Support services will include the following activities.  24 x 7 online support  Onsite patch updation and major / minor software version  Onsite training to be provided to key users. For RMA (Return Material Authorization) the turnaround expected is as below. RMA Support should be valid for 24 x 7 with a response time of 4 hours and replacement within 1 business day. aa. Indicative Deliverables The following are indicative deliverables. However actual deliverables will depend upon project specific requirements and will be finalized in consultation with AP Transport Department.

a. Supply of Network Firewalls and allied peripherals.

b. Installation, configuration, integration of Network Firewalls.

c. Delivery and Installation report warranty certificates, License copies for all the items supplied along with the supplies.

d. Installation report should contain the part numbers of all the components supplied by the successful bidder.

e. Delivery of Manuals, Technical deliverables like configuration details, network diagrams, security details.

f. UAT

g. User Training

h. Annual Maintenance / Remote Support, warranty and support for five years.

bb. The indicative timelines for execution of the Project are as follows

Timelines (All days are in Deliverables reference to date of placement of order)

Supply Within 15 days from the date Supply of Network Firewalls and receiving the P.O. allied peripherals

Installation & Preliminary Acceptance Test 20 days from the date of P.O Power up and continuous operation of each system for 15 days

Commissioning

 Demonstration of scenarios  Delivery of manuals, technical deliverables Eg: configuration 30 days from the date of details, network diagrams, commission order. security details etc.  Issue of commissioning certificate

cc. The service level agreements to be adhered to by the Service Provider for the performance of its obligations in respect of the Project are as set out at Annexure A

dd. The features and requirements indicated above are bare minimum. It does not limit the Bidders to provide features or specifications which are better than those mentioned above.

1.8 Interpretation

The statements and explanations contained in this RFP are intended to provide a better understanding to the Bidders about the subject matter of this RFP and should not be construed or interpreted as limiting in any way or manner the scope of services and obligations of the Service Provider set forth in the Services Agreement or the Transport Department’s rights to amend, alter, change, supplement or clarify the scope of work. Consequently, any omissions, conflicts or contradictions in the Bidding Documents including this RFP are to be noted, interpreted and applied appropriately to give effect to this intent, and no claims on that account shall be entertained by the Transport Department.

1.9 Brief Description of the Bidding Process

a. The Transport Department has adopted a single stage – 3 (three) cover process for selection of the Successful Bidder for the Project. Bidders would need to submit the following 3 (three) sets of documents in separate sealed envelopes as part of their Proposal:

(a) Qualification Submissions (as hereinafter defined);

(b) Documents relating to the qualifications of the Bidder and technical aspects of the Project (“Technical Proposal”), consisting of the details mentioned in Annexure XVII of this RFP; and

b. Bidders are invited to examine the Project in greater detail, and to carry out, at their cost, such studies as may be required for submitting their respective Proposals including implementation of the Project.

c. The evaluation of the Proposals will be carried out in 3 (three) stages in the following manner:-

(a) The first stage would involve evaluation in accordance with Clause 3.3 of the RFP. Based on the evaluation under Clause 3.3 of the RFP, certain Bidders shall be shortlisted for further evaluation.

(b) In the second stage, the Technical Proposals from Qualified Bidders would be evaluated to ascertain conformance with the technical requirements of the Project. Only those Qualified Bidders who are declared to be technically qualified in accordance with Clause 3.4 (“Technically Qualified Bidders”) would be considered for evaluation in the next stage.

(c) In the third stage, the Financial Proposals of the Technically Qualified Bidders would be evaluated in accordance with Clause 3.5 of the RFP based on the evaluation criteria specified for evaluation of the Financial Proposal in order to identify the Successful Bidder.

d. Proposals are invited for the Project on the basis of the highest Composite Bid Score.

e. Generally, the Technically Qualified Bidder who is adjudged to have the highest Composite Bid Score shall be declared the ‘Successful Bidder’. In case such the Successful Bidder withdraws or is not selected for any reason, the reasons for the Successful Bidder not being selected shall be recorded in writing by the Transport Department and the Transport Department may, at its discretion, either invite fresh Proposals from the remaining Qualified Bidders or annul the bidding process.

f. Details of the process to be followed as part of the bidding process and the terms thereof are further spelt out in this RFP.

g. Any queries or request for additional information concerning this RFP shall be submitted in writing by speed post/ courier/ special messenger and by e-mail so as to reach the officer designated in Clause 2.12.7 by the date specified in Clause 1.10 below. The envelopes / communication shall clearly bear the following identification/ title:

“Queries/Request for Additional Information: RFP for Supply of Network Firewall for the Transport Department, Government of Andhra Pradesh”

1.10 Schedule of Bidding Process

The Transport Department shall endeavor to adhere to the following schedule. Sl. Information Details No. 1. RFP Reference Number and Date 401/IT/2017 2. Bid opening date on the website 20.02.2017 at 11:30 PM WWW.apeprocure.gov.in 3. Last date for receiving Queries 24.02.2017 at 11:00 A.M 4. Time and date of Pre-Bid 25.02.2017 at 11:30 A.M in O/o. Conference T.C, A.P, Hyderabad 5. Response to queries latest by the 01.03.2017 at 05:00 P.M Transport department 6. Bid document Download End Date 05.03.2017 at 04:00 P.M and Time 7. Bid Closing date & time 06.03.2017 at 10:30 A.M 8. Last date and time for receipt of 06.03.2017 at 11:30 A.M in O/o. hard copies of Bids T.C, A.P, Vijayawada 9. Time and date of opening technical 06.03.2017 at 12:00 P.M in O/o. bids and Oral presentations T.C, A.P, Vijayawada product demo and methodology 10. Time and opening of financial bids 06.03.2017 at 04:00 P.M in O/o. T.C, A.P, Vijayawada 11. Cost of RFP Document (non-refundable) Rs. 5,000/- (Five Thousand only) any by Demand Draft only. scheduled bank in favour of CAO & FA, O/o. T.C, A.P, Hyderabad 12. Earnest Money Deposit (EMD) / Bid Rs. 2,50,000/- (Rupees Twenty-Five Security – In the form of Demand Draft. Thousand only) DD from any scheduled bank in favour of CAO & FA, O/o. T.C, A.P, Hyderabad or Bank Guarantee mentioned in RFP 13. Bid validity period 180 days from the last date for submission of roposals. 14. Contact for the Project 9848045338 15. Addressee and Address at which proposal O/o Transport Commissioner, in response to RFP notice is to be 1st Floor, submitted NTR Administrative Block, RTC House, Pandit Nehru Bus Station complex,

Vijayawada, AP

1.11 Pre-Proposal Meeting

a. To clarify and discuss issues with respect to the Project and the RFP, the Transport Department may hold Pre-Proposal meeting(s). The Transport Department will endeavor to hold the Pre-Proposal meeting as per bidding schedule specified in Clause 1.5 above.

b. The date, time and venue of the Pre-Proposal Meeting shall be:

Date: [25.02.2017]

Time: 11:30 A.M

Venue: O/o Transport Commissioner, Dr.B.R.Ambedkar Transport Bhavan, Opp Eenadu, Kairatabad, Hyderabad, AP.

c. Prior to the Pre-Proposal meeting(s), the Bidders may submit a list of queries and propose deviations, if any, to the Project requirements and/or the Services Agreement. Bidders must formulate their queries and forward the same to the Transport Department as per the time schedule set out in Clause 1.5 above. The Transport Department may, in its sole discretion or based on inputs provided by Bidders that it considers acceptable, amend the RFP.

d. Bidders may note that the Transport Department will not entertain any deviations to the RFP at the time of submission of the Proposal or thereafter. The Proposal to be submitted by the Bidders would have to be unconditional and unqualified and the Bidders would be deemed to have accepted the terms and conditions of the Bidding Documents with all its contents including the draft Services Agreement. Any conditional Proposal shall be regarded as non-responsive and would be liable for rejection.

24 e. Attendance of the Bidders at the Pre-Proposal meeting is not mandatory. f. All correspondence / enquiries are to be submitted at the co- ordinates indicated below, in writing by facsimile/registered post/courier or by email:

Kind Attention Transport Commissioner Address O/o Transport Commissioner, 1st Floor, NTR Administrative Block, RTC House, Pandit Nehru Bus Station complex, Vijayawada, AP Facsimile 040 - 23321300 Email [email protected] [email protected] g. The Transport Department shall make available its responses, including a description of the enquiry, but without identifying its source, on the e-procurement website and/or its department’s website. In addition, the Transport Department may choose to send to all Bidders, written copies of such responses to all the Bidders. No interpretation, revision, or other communication from the Transport Department regarding this solicitation is valid unless it is in writing and is signed by a person not less than the rank of the Commissioner for the Transport Department.

2. INSTRUCTIONS TO BIDDERS

A. GENERAL

2.1 General terms of Bidding a. No Bidder shall submit more than one Proposal for the Project. A Bidder shall not be entitled to submit another Proposal, either directly or through its affiliate. b. This RFP and the Bidding Documents are being provided only as a preliminary reference document by way of assistance to the Bidders who are expected to carry out their own surveys, investigations and other detailed examination of the Project before submitting their Proposals. c. Notwithstanding anything to the contrary contained in this RFP, the detailed terms specified in the draft Services Agreement shall have overriding effect; provided, however, that any conditions or obligations imposed on the Bidder hereunder shall continue to have effect in addition to its obligations under the Services Agreement. d. The Proposal shall consist of (a) the Qualification Submissions; (b) Technical Proposals; and (c) the Financial Proposal, which shall inclusive of taxes and indicated separately, to be quoted by the Bidder as per the terms and conditions of this RFP. The Financial Proposal should indicate the amounts mentioned therein, in both figures and words, in Indian Rupees, and signed by the Bidder’s authorized signatory. In the event of any difference between figures and words, the amount indicated in words shall be considered. e. The Bidder shall deposit a Bid Security of Rs. 2,50,000/-(Rupees Two Lakhs and Fifty thousand only) in accordance with the provisions of this RFP. f. The Bidder should submit a Power of Attorney as per the format at Annexure VI, authorizing the signatory of the Proposal to commit the Bidder. g. Any condition or qualification or any other stipulation contained in the Proposal shall render the Proposal liable to rejection as non-responsive. h. The Proposal and all communications in relation to or concerning the Bidding Documents and the Proposal shall be in English language. i. The documents including this RFP and all attached documents, provided by the Transport Department are and shall remain or become the property

of the Transport Department and are provided to the Bidders solely for preparation and the submission of a Proposal in accordance herewith. Bidders are to treat all information as strictly confidential and shall not use it for any purpose other than for preparation and submission of their Proposal. The provisions of this Clause 2.1.9 shall also apply mutatis mutandis to Proposals and all other documents submitted by the Bidders, and the Transport Department will not return to the Bidders any Proposal, document or any information provided along therewith. j. A Bidder shall not have a conflict of interest (the “Conflict of Interest”) that affects the bidding process. Any Bidder found to have a Conflict of Interest shall be disqualified. In the event of disqualification, the Transport Department shall be entitled to encash and appropriate the Bid Security or Performance Security, as the case may be, as mutually agreed genuine pre-estimated loss and damage likely to be suffered and incurred by the Transport Department and not by way of penalty for, inter alia, the time, cost and effort of the Transport Department, including consideration of such Bidder’s Proposal (the “Damages”), without prejudice to any other right or remedy that may be available to the Transport Department under the Bidding Documents and/or the Services Agreement or otherwise. Without limiting the generality of the above, a Bidder shall be deemed to have a Conflict of Interest affecting the bidding process, if:

(a) The Bidder, or its Associate (or any constituent thereof) and any other Bidder, any of its Associates (or any constituent thereof) have common controlling shareholders or other ownership interest. Provided that this disqualification shall not apply in cases where the direct or indirect shareholding of a Bidder, its Associate (or any shareholder thereof having a shareholding of not more than 25% (twenty five percent) of the paid up and subscribed share capital of such Bidder or Associate thereof, as the case may be) in the other Bidder, or Associate thereof, as the case may be, is not more than 25% (twenty five percent) of the subscribed and paid up equity share capital thereof; provided further that this disqualification shall not apply to any ownership by a bank, insurance company, pension fund or a public financial institution referred to in section 4A of the Companies Act, 1956. For the purposes of this Clause 2.1.10, indirect shareholding held through one or more intermediate persons shall be computed as follows: (aa) where any intermediary is controlled by a person through management control or otherwise, the entire shareholding held by such controlled intermediary in any other person (the “Subject Person”) shall be taken into account for computing the shareholding of such controlling person in the Subject Person; and (bb) subject always to sub-clause (aa) above, where a person does not exercise control over an intermediary, which has shareholding in the Subject Person, the computation of

indirect shareholding of such person in the Subject Person shall be undertaken on a proportionate basis; provided, however, that no such shareholding shall be reckoned under this sub-clause (bb) if the shareholding of such person in the intermediary is less than 26% (twenty six percent) of the subscribed and paid up equity shareholding of such intermediary; or

(b) such Bidder or any Associate thereof receives or has received any direct or indirect subsidy, grant, concessional loan or subordinated debt from any other Bidder or Associate thereof, or has provided any such subsidy, grant, concessional loan or subordinated debt to any other Bidder or any Associate thereof; or

(d) such Bidder, or any Associate thereof, has a relationship with another Bidder, or any Associate thereof, directly or through common third party/ parties, that puts either or bothable to have access to each other’s information about, or to influence the Proposal of either or each other; or

(e) Such Bidder or any Associate thereof has participated as a consultant to the Transport Department in the preparation of any documents, design or technical specifications of the Project.

Explanation 1: For purposes of this RFP, the term ‘Associate’ means, in relation to the Bidder /, a person who controls, is controlled by, or is under the common control with such Bidder / (the “Associate”). As used in this definition, the expression “control” means, with respect to a person which is a company or corporation, the ownership, directly or indirectly, of more than 50% (fifty percent) of the voting shares of such person, and with respect to a person which is not a company or corporation, the power to direct the management and policies of such person by operation of law. k. A Bidder shall be liable for disqualification and forfeiture of Bid Security if any legal, financial or technical adviser of the Transport Department in relation to the Project is engaged by the Bidder or any Associate thereof, as the case may be, in any manner for matters related to or incidental to such Project during the bidding process or subsequent to the (i) issue of the LOA or (ii) execution of the Services Agreement. In the event any such adviser is engaged by the Successful Bidder or Service Provider, as the case may be, after issue of the LOA or execution of the Services Agreement for matters related or incidental to the Project, then

notwithstanding anything to the contrary contained herein or in the LOA or the Services Agreement and without prejudice to any other right or remedy of the Transport Department, including the forfeiture and appropriation of the Bid Security or Performance Security, as the case may be, which the Transport Department may have there under or otherwise, the LOA or the Services Agreement, as the case may be, shall be liable to be terminated without the Transport Department being liable in any manner whatsoever to the Successful Bidder or Service Provider for the same. For the avoidance of doubt, this disqualification shall not apply where such adviser was engaged by the Bidder or it’s Associate in the past but its assignment expired or was terminated prior to the issuance of this RFP. Nor will this disqualification apply where such adviser is engaged after a period of 5 (five) years from the date of commissioning of the Network Firewall in accordance with the Services Agreement. l. This RFP is not transferable. m. Any award of Project pursuant to this RFP shall be subject to the terms of Bidding Documents. n. Single Point of Contact: Vendor has to provide details of single point of contact Viz., name, designation, address, email address telephone / Mobile no., fax no. etc. o. Performance Bank Guarantee (PBG) a. The Successful Vendor has to provide an unconditional and irrevocable Performance Bank Guarantee for 10% of the Contract value towards due performance of the contract in accordance with specifications, Annual Maintenance Contract / Remote Support, terms and conditions of this RFP document, within 10 days from the date of Purchase Order. Format for submitting the Performance Bank Guarantee is furnished at Annexure XVI.

b. The required PBG should be submitted to TRANSPORT COMMISSIONER within 14 days from the date of issue of the Purchase Order by TRANSPORT COMMISSIONER. The PBG may be invoked for entire amount (or the portion as deemed fit by TRANSPORT COMMISSIONER to make good its losses) if the vendor backs-out of his obligations as per the contract including refusal to execute PO or excessive delay in execution of PO, refusal to undertake warranty, Provide support as mentioned in the SLA for the equipment supplied by Vendor etc. as required in this RFP.

c. If Vendor fails to submit the required PBG within 14 days period as mentioned above, penalty of Rs.5,000/- per day (subject to maximum penalty of Rs.1,00,000/-) will be imposed. In case the

Successful Vendor fails to submit PBG even after the elapse of 20 days from the date of letter issued for selection as the “successful Vendor”, TRANSPORT COMMISSIONER at its discretion may cancel the allotment of the contract to the concerned bidder and allot the contract to the L2 Bidder at L1 prices, so on and so forth. All the terms and conditions, stated in this RFP (and subsequent modifications, if any) will then be applicable to the L2 / L3 bidders, so on and so forth.

2.2 Requirements for Bidders a. Pre-Qualification Criteria

(a) The Bidder shall be required to comply with the following pre- qualification criteria for being eligible to submit the Proposal:

Documents to be submitted by the Description of the pre-qualification Bidder confirming # criteria the compliance of the pre-qualification criteria

Financial Capability

Extracts from the The aggregate sales turnover of the audited Balance sheet Bidder from providing software design, and Profit & Loss development, implementation, Account of the Bidder in application maintenance in the the format prescribed in immediately preceding 3 (three) financial Annexure X; OR 1. years ending 31.03.2016 should be Rs. 3 crores or more turn over. Certificate from the statutory auditor certifying the compliance of the pre- qualification criteria. Bidder should have made profit (before Details to be submitted tax) in any of the last three financial and attested copies of years preceding the date of this RFP. Audited Balance Sheet and Profit and Loss 2. account for the relevant years, duly signed by Authorised signatory of the Company along with Name and Seal.

Documents to be submitted by the Description of the pre-qualification Bidder confirming # criteria the compliance of the pre-qualification criteria Rs. in Crore with 3 decimals.

Technical Capability

The Bidder has to be submit either of the following in connection with compliance of each of the 3 (Three) pre- qualification criteria for Technical Capability:

Bidder should have at least 3 years of (a) Work Orders + experience in supplying, integrating and Completion supporting network gateway security and certificates from routing technology solutions. the client in format prescribed in Bidder must have provided Annexure XII; heterogeneous (2 or more security and routing technologies in each deployment) OR Network Gateway security and routing 3. solutions including firewall for at least 4 (b) Work Orders + Self clients globally / India. Certificate of Completion Out of these, at least 2 orders should be (Certified by the of value greater than Rs. 1 Crore (either Statutory Auditor) single or clubbed for the same customer) in the format within last 3 years in India immediately prescribed in preceding the date of this RFP, involving Annexure XI; OEMs figuring in Leaders and challengers quadrants of Gartner in any of the OR reports from 2013 onwards. (c) Work Orders + Phase Completion Certificate (for ongoing projects) from the client in format prescribed in Annexure XI.

Documents to be submitted by the Description of the pre-qualification Bidder confirming # criteria the compliance of the pre-qualification criteria Self-declaration signed The bidder should have significant client by the authorised base in Government, Banking, Financial signatory along with 4. and Insurance sector in India Name and Seal in Annexure- XIII

Others

The vendor / bidder must be Gold / Tier- Declaration for OEM to 5. 1 or Silver / Tier-2 partner of the OEM this effect should be for the proposed product. submitted. Proof of valid Certificate 6. The Bidder must be ISO 9001 Certified should be enclosed. The Bidder should have direct presence Support / Escalation & registered in Andhra Pradesh State 7. matrix documents to be and must have its own support offices provided. across the state of Andhra Pradesh The proposed firewall OEM should feature in the latest Gartner’s Magic Quadrant for Enterprise Network Supporting documents 8. Firewalls/ UTM under the “Leaders” or to be submitted “Challengers” quadrant for year 2015- 2016 Bidder should provide a The bidder should have back-to-back letter from OEMs, support with both the Firewall OEMs. issued to them after the Bidder should not be a mere reseller but date of this tender and 9. a systems integrator. Bidder must have should be valid for 5 prime and direct (selling, support, years mentioning their upgrade and service) partnership with back-to back/direct the solution / technology provider. support agreement with OEM Annexure- XIV The Bidder has to The Bidder shall be a single submit the following: private/public limited company, 10. incorporated under the Companies Act, (a) Certificate of 1956. incorporation; (b) Copy of PAN; and (c) Copy of the Service

Documents to be submitted by the Description of the pre-qualification Bidder confirming # criteria the compliance of the pre-qualification criteria Tax Registration

Self-declaration signed The bidder should have a dedicated by the authorised security practice in operation for over 3 signatory along with years and shall have minimum 30 skilled Name and Seal in 11. professionals in security domain, out of Annexure-XIII and whom at least 12each should be certified In Clause 2.2.1(d) for each of the Firewall OEMs proposed. below.

Self-declaration signed The bidder so selected should have the by the authorised proven capability to perform the entire signatory along with 12. scope of the assignment without Name and Seal in outsourcing the same to any third party. Annexure-XIII

The Bidder should submit self-certification confirming that Bidder The Bidder should not have been black- has not been black- 13. listed by any Government or any listed by any Governmental agency/department Government or any governmental agency/department. As per Annexure -XV The Bidder should submit Bid Security in The Bidder must have submitted the Bid 14. accordance with Clause Security. 2.4 and Clause 2.1.5 of this RFP.

(b) The team of employees meet with the following requirements in connection with execution of the project should be deployed by the Bidder for design, development, implementation and maintenance of Mobile application:

(i) Team Leader:The minimum qualification of the team leader shall be the following: ME/M.Tech in CSE/IT or MBA after BE/B.Tech in CSE/IT or MCA from many recognized university/Institution; 12 (twelve) years of experience with 5

(five) years as Team Leader in similar projects (development, implementation and maintenance of online web application software solutions).

(ii) Senior Quality Expert:The minimum qualification of the senior quality expert shall be the following: Graduate/Post Graduate with minimum 7 years of Experience; Preferably should have worked on laying down guidelines for getting ISO Certification, S/w development quality assurance frameworks; Exposure to finalization of the User Acceptance Process and Criteria.

(iii) Solution/ Technology Architect: The minimum qualification of the Solution/ Technology Architect shall be the following: Degree in Computer Science or Engineering; 10+ years of experience with at least five years as a Technology Architect; Certified as an Architect in the technologies / stack(s) proposed for the project.

(iv) Security Expert:The minimum qualification of the Security Expert shall be the following: B.E. /B.Tech (Preferably in CS/Electronics and Communications)/MCA ; 5 + years in IT security, Exposure to BS15000 process /ISO 27001/ BS 7799/ISO 20000/ ITIL or ITIL and CISSP, CISA certified.

(v) Training and Change Management Expert: The minimum qualification of the Training and Change Management Expert shall be the following: MBA with Specialization in HR/ Change Management; Minimum 3 year of experience in delivery of User Training Programs.

(vi) Network Administrator: The minimum qualification of the Network Administrator is Bachelor’s Degree in a computer- related field; Vendor-specific networking certification may be preferred; Minimum 3 years of experience in network administration.

(d) Bidders should submit the abovementioned details of qualifications of their employees, team wise, in the following format:

# Employ Designati Qualificati Experie Area of Period ee on ons nce experti of Name se associati

on with the Bidder

2.3 Proposal and its contents a. The Bidder shall submit the documents/information listed in sub-clauses (a) and (b) of this Clause 2.3.1 (collectively “Qualification Submissions”):

(a) The following documents shall be submitted by the Bidder:

(I) Bid costing fee, in the form of Demand Draft of Rs.5,000/-.

(II) Covering Letter, Application form and details asked as per as per Annexure IV;

(III) Power of Attorney as per Annexure VI, authorizing the signatory of the Proposal to commit the Bidder;

(IV) Anti-Collusion Certificate as per Annexure VII;

(V) Bid Security as per Annexure IX and Clause 2.4 below;

(VI) Proof of payment of cost towards Bidding Documents, in case downloaded from internet; and

(b) The Bidder shall submit all the documents specified in Clause 2.2.1(a) in support of the compliance of the pre-qualification criteria mentioned in Clause 2.2.1(a) above (“Qualification Documents”).

(c) The Bidder should also submit a compliance sheet listing out all the documents submitted by the Bidder as part of the Qualification Submissions and indicating whether the Bidder has submitted all the documents to be submitted as part of the Qualification Submissions.

(d) Soft copy of the entire eligibility bid document and all supporting documents on one Read-Only CD/DVD.

(e) Bid may be rejected if bids are not signed by the authorized signatory and designated official, as asked in the respective clauses / annexure of the RFP or if instructions are not followed. b. The Bidder shall submit the Technical Proposal as per Annexure XVII of the RFP. c. The Bidder shall submit the Financial Proposal as per Annexure XVIII of the RFP. d. The opening of Bidding Documents and acceptance thereof shall be undertaken substantially in accordance with this RFP.

2.4 Bid Security a. A Bidder is required to deposit, along with its Proposal, a bid security of Rs. 2,50,000/- (Rupees two lakhs and fifty thousand only) (the “Bid Security”), which shall be refundable within a period of 180 (one hundred and eighty) days from the date of opening of the Proposals in accordance with this RFP, except in the case of the Successful Bidder whose Bid Security shall be retained till such Successful Bidder has provided a Performance Security under the Services Agreement. b. The Bid Security shall be in the form of a bank guarantee in favor of Transport Commissioner, Government of Andhra Pradesh issued by any scheduled bank in India, payable at Hyderabad, as per the format specified at Annexure IX. The validity period shall not be less than 180 (one hundred and eighty) days from the Due Date. c. The Bid Security shall be kept valid throughout the Proposal Validity Period and shall be extended, if so required by the Transport Department, in case of any extension in Proposal Validity Period in accordance hereof. d. The Proposal shall be summarily rejected if it is not accompanied by the Bid Security. e. In addition to the grounds for forfeiture of the Bid Security specified elsewhere in this RFP, the Bid Security shall be forfeited in the following cases:

(a) If the Bidder modifies or withdraws its Proposal except as provided in Clause 2.15;

(b) If the Bidder does not provide, within the time specified by the Transport Department, any supplemental information sought by the Transport Department for evaluation of the Proposal;

(c) If the Bidder withdraws its Proposal during the interval between the Due Date and expiration of the Proposal Validity Period;

(d) If the Successful Bidder fails to provide the Performance Security and/or execute the Services Agreement with the Transport Department within the stipulated time or any extension thereof provided by the Transport Department; and

(e) If any information or document furnished by the Bidder is or discovered to be misleading, a misrepresentation, inaccurate or untrue in any material respect. f. Any such misrepresentation / inaccuracy / improper response etc. as specified in Clause 2.7.2 shall lead to the disqualification of the Bidder. If such disqualification / rejection occurs after the Proposals have been opened and the Shortlisted Bidder / Successful Bidder gets disqualified / rejected, then the Transport Department reserves the right to:

(a) invite the remaining Qualified Bidders to submit their Proposals for the selection of the Service Provider; or

(b) Take any such measure as may be deemed fit in the sole discretion of the Transport Department, including annulment of the bidding process.

2.5 Cost of Bidding

The Bidders shall be responsible for all of the costs associated with the preparation of their Proposals and their participation in the bidding process. The Transport Department will not be responsible or in any way liable for such costs, regardless of the conduct or outcome of the bidding process.

2.6 Verification of Information a. It shall be deemed that by submitting a Proposal, the Bidder has:

(a) made a complete and careful examination of the Bidding Documents;

(b) received all relevant information requested from the Transport Department;

(c) accepted the risk of inadequacy, error or mistake in the information provided in the Bidding Documents or furnished by or on behalf of the Transport Department relating to any of the matters referred to in this RFP;

(d) satisfied itself about all matters, things and information including matters necessary and required for submitting an informed Proposal, execution of the Project in accordance with the Bidding Documents and performance of all of its obligations there under;

(e) acknowledged and agreed that any inadequacy, lack of completeness or incorrectness of information provided in the Bidding Documents or ignorance of any of the matters referred to hereunder shall not be a basis for any claim for compensation, damages, extension of time for performance of its obligations, loss of profits etc. from the Transport Department, or a ground for termination of the Services Agreement by the Service Provider;

(f) acknowledged that it does not have a Conflict of Interest; and

(g) Agreed to be bound by the undertakings provided by it under and in terms hereof.

2.7 Verification and Disqualification a. The Transport Department reserves the right to verify all statements, information and documents submitted by the Bidder in response to the RFP and/or the other Bidding Documents and the Bidder shall, when so required by the Transport Department, make available all such information, evidence and documents as may be necessary for such verification. Any such verification, or lack of such verification, by the Transport Department shall not relieve the Bidder of its obligations or liabilities hereunder nor will it affect any rights of the Transport Department there under. b. In case it is found during the evaluation or at any time before signing of the Services Agreement or after its execution and during the period of subsistence thereof, that one or more of the pre-qualification conditions have not been met by the Bidder, or the Bidder has made misrepresentation or has given any incorrect or false information, the Bidder shall be disqualified forthwith if not yet appointed as the Service Provider either by issue of the LOA or entering into of the Services Agreement, and if the Successful Bidder has already been issued the LOA or has entered into the Services Agreement, as the case may be, the same shall, notwithstanding anything to the contrary contained therein or

in this RFP, be liable to be terminated, by a communication in writing by the Transport Department to the Successful Bidder or the Service Provider, as the case may be, without the Transport Department being liable in any manner whatsoever to the Successful Bidder or the Service Provider. In such an event, the Transport Department shall be entitled to encash and appropriate the Bid Security or Performance Security, as the case may be, as damages, without prejudice to any other right or remedy that may be available to the Transport Department under the Bidding Documents and/or the Services Agreement, or otherwise.

B. DOCUMENTS

2.8 Contents of the RFP 2.9

This RFP comprises the Disclaimer set forth hereinabove, the contents as listed below, and will additionally include any addenda issued in accordance with Clause 2.10.

Notice Inviting Tender

Section 1. Introduction Section 2. Instructions to Bidders Section 3. Evaluation of Proposals Section 4. Fraud and Corrupt Practices Section 5. Miscellaneous

And the following Annexures

Annexure – I Functional Requirements of Network Firewall List of TRANSPORT COMMISSIONER Branch Offices, Annexure – II Locations and No. of users at each Branch Annexure – III Service Level Agreement (SLA) Annexure – IV Format of the Letter of Proposal ( Covering Letter) Annexure – V Application form for the Eligibility of the Bidder Annexure – VI Format of the Power of Attorney for Signing the Proposal Annexure – VII Format of the Anti-Collusion Certificate Annexure – VIII Undertaking for Information Security Annexure – IX Format of the Bank Guarantee for Bid Security Format of the extracts from the audited Balance sheet and Annexure – X Profit & Loss Account Format of the Self Certificate of Completion (Certified by the Annexure – XI Statutory Auditor) Format of the completion certificate from the client Annexure – XII

Annexure – XIII Self-Declarations

Annexure – XIV OEM Authorization Form Annexure – XV Format for Declaration regarding Non-Blacklisting Annexure – XVI Format for Performance Bank Guarantee Annexure – XVII Contents of Technical Proposal Annexure – XVIII Contents of Financial Proposal

2.10 Clarifications a. Bidders requiring any clarification on the RFP may notify the Transport Department in writing by registered post acknowledgement due / courier / facsimile and/or by e-mail in accordance with Clause 1.4.7. The Bidders should send in their queries on or before the date mentioned in the schedule of bidding process specified in Clause 1.5. The responses will be sent by e-mail and shall also be made available at the e-procurement website and/or the website of the Transport Department, as specified in this RFP. b. The Transport Department shall endeavor to respond to the questions raised or clarifications sought by the Bidders. However, the Transport Department reserves the right not to respond to any question or provide any clarification, in its sole discretion, and nothing in this Clause shall be taken or read as compelling or requiring the Transport Department to respond to any question or to provide any clarification. c. The Transport Department may also on its own motion, if deemed necessary, issue interpretations and clarifications to all Bidders. All clarifications and interpretations issued by the Transport Department shall be deemed to be part of the Bidding Documents. Verbal clarifications and information given by the Transport Department or its employees or representatives shall not in any way or manner be binding on the Transport Department.

2.11 Amendment of RFP a. At any time prior to the Due Date, the Transport Department may, for any reason, whether at its own initiative or in response to clarifications requested by a Bidder, modify the RFP and/or provide additional documents by the issuance of addenda. b. Any addendum issued hereunder will be in writing and shall be sent to all the Bidders and shall also be made available at the e-procurement website and/or the website of the Transport Department, as specified in this RFP.

C. PREPARATION AND SUBMISSION OF PROPOSALS

2.12 Format and Signing of Proposal a. The Bidder shall provide all the information sought under this RFP/Bidding Documents. The Transport Department will evaluate only those Proposals that are received in the required formats and complete in all respects. b. The Bidder shall submit the proposal in 3 (three) separate covers, namely,

(a) Qualification Submissions as specified in Clause 2.3.1;

(b) Technical Proposal as per Annexure XVII; and

(c) Financial Proposal as per at Annexure XVIII. c. The Proposal and its copy shall be typed and signed by the authorized signatory of the Bidder who shall also initial each page, in blue ink. The Proposal and its copy, respectively, shall be bound in hard cover and the pages shall be numbered serially. All the alterations, omissions, additions or any other amendments made to the Proposal shall be initiated by the person(s) signing the Proposal. d. The Bidder shall submit 1 (one) original and 1 (one) copy of the entire Proposal. In the event of any discrepancy between the original and the copies, the original shall prevail.

2.13 Sealing and Marking of Proposals a. The Bidder shall seal each of the 3 (three) parts of the Proposal in separate covers. The 3 (three) sealed covers shall be placed in a single outer cover, clearly marking each of the envelopes as “ORIGINAL”. b. Similarly, the copies of 3 (three) parts of the Proposal shall be sealed in separate envelopes and placed in a single larger cover, clearly marking each of the envelopes as “COPY”. c. The documents accompanying the Proposal shall be placed in a separate envelope and marked as “ENCLOSURES OF THE PROPOSAL”. The documents shall include:

(a) Bid Security in the format at Annexure – IX; and

(b) Power of Attorney for signing of Proposal in the format at Annexure – VI.

41 d. A true copy of the documents accompanying the Proposal, shall be bound in hard cover and the pages shall be numbered serially. Each page thereof shall be initiated in blue ink by the authorized signatory of the Bidder. This copy of the documents shall be placed in a separate envelope and marked “Copy of Documents”. e. Both the ‘original’, the ‘copy’ and the ‘enclosures of the proposal’ shall be placed in a single larger envelope and sealed. f. Each of the envelopes (outer and inner) shall clearly bear the following identification:

Proposal for the Project for Design, Development, Implementation, Integration, Implementation and Maintenance of the Vehicle Check Report (VCR) Mobile Application for the Transport Department, Government of Andhra Pradesh” g. The envelopes shall be addressed and submitted to:

Kind Attention Commissioner for Transport, Government of Andhra Pradesh Address The Transport Commissioner, 1st Floor, NTR Administrative Block, RTC House, PNBS Complex, Vijayawada – 520 002.

40 h. If the envelopes are not sealed and are not marked as instructed above, the Transport Department shall assume no responsibility for the misplacement or premature opening of the contents of the Proposal submitted and consequent losses, if any, suffered by the Bidder. Further, such Proposal may, at the sole discretion of the Transport Department, be rejected.

2.14 Proposal Due Date a. Proposals should be submitted by 11:30 A.M IST on the Due Date specified in the schedule of the bidding process specified at Clause 1.10 at the address provided in Clause 2.12.7 in the manner and form as detailed in this RFP/Bidding Documents. A receipt of acknowledgement thereof should be obtained from the person specified at Clause 2.12.7 or his authorized representative. b. The Transport Department may in its sole discretion, in order to afford the Bidders a reasonable time for taking an addendum into account, or for any

other reason to be recorded in writing, by issuing an addendum in accordance with Clause 2.10, extend the Due Date uniformly for all Bidders.

2.15 Late Proposals

Proposals received by the Transport Department after the specified time on the Due Date shall not be eligible for consideration and shall be summarily rejected.

2.16 Modifications / substitution/ withdrawal of Proposals a. The Bidder may modify, substitute or withdraw its Proposal after submission, provided that written notice of the modification, substitution or withdrawal is received by the Transport Department prior to the Due Date. No Proposal shall be modified, substituted or withdrawn by the Bidder on or after the Due Date. b. The modification, substitution or withdrawal notice shall be prepared, sealed, marked, and delivered in accordance with Clause 2.12, with the envelopes being additionally marked “MODIFICATION”, “SUBSTITUTION” or “WITHDRAWAL”, as appropriate. c. Any alteration/ modification in the Proposal or additional information supplied subsequent to the Due Date, unless the same has been expressly sought for by the Transport Department, shall be disregarded.

2.17 Rejection of Proposals a. Notwithstanding anything contained in this RFP, the Transport Department reserves the right to reject any Proposal and to annul the bidding process and reject all Proposals at any time without any liability or any obligation for such acceptance, rejection or annulment, and without assigning any reasons therefore. If the Transport Department rejects or annuls all the Proposals, it may, in its discretion, invite all eligible Bidders to submit fresh Proposals hereunder. b. The Transport Department reserves the right not to proceed with the bidding process at any time, without notice or liability, and to reject any Proposal without assigning any reasons.

2.18 Validity and Extension of the Proposals

a. Proposal shall remain valid for a period not less than 180 (one hundred and eighty) days from the Due Date (“Proposal Validity

Period”). The Transport Department reserves the right to reject any Proposal, which does not meet this requirement.

b. In exceptional circumstances and for reasons to be recorded in writing, prior to expiry of the abovementioned Proposal Validity Period, the Transport Department may request Bidders to extend the Proposal Validity Period for an additional period of 90 (ninety) days.

2.19 Payment Terms

a. TRANSPORT COMMISSIONER will release the payment on delivery, installation & receipt of licenses for hardware, implementation, and support and on production of acceptance certificate and undisputed invoice after deduction of applicable taxes at source of the agreed price to the selected Vendor.

b. No Advance payments will be made for procurement of Network Firewall. Further, it may be noted that the below mentioned criteria is only for the purpose of effecting agreed price payment.

2.20 Applicable Law and jurisdiction of court

The contract with vendor shall be governed in accordance with the laws of India for the time being in force and will be subject to the exclusive jurisdiction of courts at Vijayawada, Andhra Pradesh.

2.21 Liquidated Damages (LD)

If Vendor fails to complete the due performance of the contract in accordance with the specifications and conditions agreed during the agreement, the TRANSPORT COMMISSIONER reserves the right to recover LD @ 0.5% of the Total Charges per week as per Commercial Bid Format or part thereof, subject to a maximum of 10 % of total charges as LD for non-performance/delayed performance.

2.22 Force Majeure

Any failure or delay by selected Vendor or Bank in the performance of its obligations, to the extent due to any failure or delay caused by fire, flood, earthquake or similar elements of nature, or acts of God, war, terrorism, riots, civil disorders, rebellions or revolutions, acts of governmental authorities or other events beyond the reasonable control of non- performing party, is not a default or a ground for termination. The affected party shall notify the other party of the occurrence of a Force Majeure Event forthwith.

2.23 Indemnity

Vendor shall indemnify TRANSPORT COMMISSIONER and keep the TRANSPORT COMMISSIONER indemnified for any loss or damage, cost or consequences that TRANSPORT COMMISSIONER may sustain, suffer or incur on account of violation of intellectual property rights of third party by the Vendor. Vendor shall always remain liable to the TRANSPORT COMMISSIONER for any Losses suffered by the TRANSPORT COMMISSIONER due to any technical error or negligence or fault on the part of the Vendor, and the Vendor also shall indemnify the TRANSPORT COMMISSIONER for the same.

2.24 Authorized Signatory

The selected Vendor shall indicate the authorized signatories who can discuss and correspond with the Bank, with regard to the obligations under the contract. Vendor shall submit at the time of signing the contract, a certified copy of the resolution of their Board, authenticated by Company Secretary/Director, authorizing an official or officials of the company or a Power of Attorney to discuss, sign agreements/contracts with the TRANSPORT COMMISSIONER. Vendor shall furnish proof of identification for above purposes as required by the TRANSPORT COMMISSIONER.

2.25 Non-payment of agreed price

If any of the items / activities as mentioned in the price bid and as mentioned in Commercial Bid format are not taken up by the TRANSPORT COMMISSIONER during the course of this implementation, the TRANSPORT COMMISSIONER will not pay the contracted agreed price quoted / agreed by the Vendor in the price bid against such activity / item.

2.26 Assignment

Neither the contract nor any rights granted under the contract may be sold, leased, assigned, or otherwise transferred, in whole or in part, by the Vendor without advance written consent of the TRANSPORT COMMISSIONER and any such sale, lease, assignment or transfer otherwise made by the Vendor shall be void and of no effect.

2.27 No employer-employee relationship

The selected Vendor or any of its holding / subsidiary / joint-venture / affiliate / group / client companies or any of their employees / officers / staff / personnel / representatives / agents shall not, under any

circumstances, be deemed to have any employer-employee relationship with the TRANSPORT COMMISSIONER or any of its employees / officers / staff / representatives / personnel / agents.

2.28 Subcontracting

The selected Vendor shall not subcontract or permit anyone other than its personnel to perform any of the work, service or other performance required of the vendor under the contract without the prior written consent of the TRANSPORT COMMISSIONER.

2.29 Confidentiality

a. The Bidder shall not, without Purchaser's prior written consent, disclose the Contract, or any provision thereof, or any specification, plan, sample or information or data or drawings / designs furnished by or on behalf of Purchaser in connection therewith, to any person other than a person employed by the Bidder in the performance of the Contract.

b. The Bidder shall not, without Purchaser 's prior written consent, make use of any document, data or information etc., enumerated in this Bid Documents save and except for due performance and observance of the Contract.

c. Any document, other than the Contract itself, enumerated in this Bid Documents shall remain the property of Purchaser and shall be returned (in all copies) to Purchaser on completion of the Bidder's performance under and in accordance with the Contract, if so required by Purchaser

2.30 Correspondence with the Bidder

Save and except as provided in this RFP, the Transport Department shall not entertain any correspondence with any Bidder in relation to acceptance or rejection of any Proposal.

2.31 Appointment of Consultant(s)

The Transport Department may utilize the services of consultant(s) or advisor(s) to assist the Transport Department in the examination, evaluation, and comparison of Proposals.

2.32 Cancellation of Contract and Compensation

The TRANSPORT COMMISSIONER reserves the right to cancel the contract of the selected Vendor and recover expenditure incurred by the TRANSPORT COMMISSIONER in any of the following circumstances. The

TRANSPORT COMMISSIONER would provide 30 days’ notice to rectify any breach / unsatisfactory progress if:

. Vendor commits a breach of any of the terms and conditions of the bid/contract; . Vendor becomes insolvent or goes into liquidation voluntarily or otherwise; . An attachment is levied or continues to be levied for a period of 7 days upon effects of the bid; . The progress regarding execution of the contract, made by the Vendor is found to be unsatisfactory; . If deductions on account of penalty and liquidated damages exceeds more than 10% of the total contract price; . If the Vendor fails to complete the due performance of the contract in accordance with the agreed terms and conditions.

After the award of the contract, if the selected Vendor does not perform satisfactorily or delays execution of the contract, the TRANSPORT COMMISSIONER reserves the right to get the balance contract executed by another party of its choice by giving one month’s notice for the same. In this event, the selected Vendor is bound to make good the additional expenditure, which the TRANSPORT COMMISSIONER may have to incur to select and carry out the execution of the balance of the contract. This clause is also applicable, if for any reason, the contract is cancelled.

The TRANSPORT COMMISSIONER reserves the right to recover any dues payable by the selected Vendor from any amount outstanding to the credit of the selected Vendor, including the pending bills and / or invoking Bank Guarantee / Security Deposit, if any, under this contract.

2.33 Dispute Resolution

If a dispute, controversy or claim arises out of or relates to the contract, or breach, termination or invalidity thereof, and if such dispute, controversy or claim cannot be settled and resolved by the Parties through discussion and negotiation, then the Parties shall refer such dispute to arbitration. Both Parties may agree upon a single arbitrator or each Party shall appoint one arbitrator and the two appointed arbitrators shall thereupon appoint a third arbitrator. The arbitration shall be conducted in English and a written order shall be prepared. The venue of the arbitration shall be Vijayawada, Andhra Pradesh. The arbitration shall be held in accordance with the Arbitration and Conciliation Act, 1996. The decision of the arbitrator shall be final and binding upon the Parties, provided that each Party shall at all times be entitled to obtain equitable, injunctive or similar relief from any court having jurisdiction in order to protect its intellectual property and confidential information.

2.34 Ownership of Documents, data, Hardware and Software

TRANSPORT COMMISSIONER shall own the documents, prepared by or for the Bidder arising out of or in connection with this Contract.

Forthwith upon expiry or earlier termination of this Contract and at any other time on demand by the TRANSPORT COMMISSIONER, the Bidder shall deliver to the TRANSPORT COMMISSIONER all documents provided by or originating from the TRANSPORT COMMISSIONER and all documents produced by or from or for the Bidder in the course of performing the Services, unless otherwise directed in writing by the TRANSPORT COMMISSIONER at no additional cost. The Bidder shall not, without the prior written consent of the TRANSPORT COMMISSIONER, store, copy, distribute or retain any such documents.

3. EVALUATION OF PROPOSALS

3.1 Opening and Evaluation of Proposals a. The Transport Department shall open the Proposals at 12:00 P.M on 06.03.2017 at the venue specified in Clause 1.11.2 and in the presence of the Bidders who choose to attend. b. The Transport Department will subsequently examine and evaluate the Proposals in accordance with the provisions set out in this Section 3. c. To facilitate evaluation of the Proposals, the Transport Department may, at its sole discretion, seek clarifications in writing from any Bidder regarding its Proposal. d. The Transport Department will constitute a committee to evaluate the responses of the Bidders (“Committee”). The Committee constituted by the Transport Department shall evaluate the Proposals and other responses to the RFP including all supporting documents / documentary evidence. The failure by any Bidder to submit requisite supporting documents / documentary evidence, may lead to rejection of the Proposal. The decision of the Committee in the evaluation of responses to the RFP shall be final. e. The Committee may ask for meetings with the Bidders to seek clarifications on the Proposals. The Committee reserves the right to reject any or all Proposals on the basis of any deviation(s) from requirements under the Bidding Documents. Each of the responses shall be evaluated as per the criterions and requirements specified in the Bidding Documents.

3.2 Contacts during Proposal Evaluation

Proposals shall be deemed to be under consideration immediately after they are opened and until such time the Transport Department makes official intimation of award/ rejection to the Bidders. While the Proposals are under consideration, the Bidders and/or their representatives or other interested parties must refrain, save and except as required under the Bidding Documents, from contacting by any means, the Transport Department and/or their employees/ representatives on matters related to the Proposals under consideration.

3.3 Test of responsiveness a. As part of evaluation of Proposals, the Transport Department will at first determine whether each Proposal is responsive to the requirements of the RFP. A Proposal shall not be considered responsive if the Proposal inter alia does not contain all the information/documents (complete in all

respects) requested as part of the Qualification Submissions as per this RFP and/or Bidding Documents (in formats as specified for the same). Without prejudice to the generality of the foregoing, the Transport Department will determine (whether or not any of the following is required to be submitted as part of the Qualification Submissions), whether the Proposal:

(a) is received/deemed to be received by the Due Date including any extension thereof pursuant to Clause 2.13;

(b) is prepared, signed, sealed and marked as stipulated in Clause 2.11 and Clause 2.12;

(d) is accompanied by the Power of Attorney, the format for which is specified in Annexure VI;

(e) contains any condition or qualification;

(f) is not non-responsive in terms hereof;

(g) is accompanied by a demand draft towards cost of the Bidding Documents, in case the same has been downloaded from the internet; and/or

(h) Such other conditions as the Transport Department may prescribe as part of the Bidding Documents. b. The Transport Department reserves the right to reject any Proposal:

(a) of a Bidder who fails to meet the pre-qualification criteria set out in Clause 2.2.1 of this RFP;

(b) of a Bidder who fails to provide the Qualification Submissions including the Qualification Documents in support of the pre- qualification criteria; or

(c) Which is non-responsive. c. The Technical Proposal(s) of only those Bidders whose Proposals are not rejected under Clause 3.3.2 (“Qualified Bidders”) will be evaluated by the Transport Department in accordance with 3.4 below. The Proposal(s) which are rejected under Clause 3.3.2 will not be further evaluated by the Transport Department.

3.4 Evaluation of Technical Proposals a. The Committee will evaluate the Technical Proposals of the Qualified Bidders for technical evaluation under Clause 3.3.3 of this RFP. The evaluation of the Technical Proposals shall involve the following stages:

(a) The Committee will first review the Technical Proposal to confirm whether the all the documents/information to be submitted by the Qualified Bidders as part of the Technical Proposal have been submitted by the Qualified Bidders. Only those Qualified Bidders who have submitted all such documents/information as part of the Technical Proposal in accordance with the requirements of the Bidding Documents in shall be deemed to be qualified for second stage of the technical evaluation. (b) The committee may seek oral clarifications from the Bidders. The primary function of clarifications in the evaluation process is to clarify ambiguities and uncertainties arising out of the evaluation of bidding documents. Oral clarifications provide the opportunity for the committee to state its requirements clearly and for the Bidder to state its proposal more clearly. The committee may seek inputs from their professional and technical experts in the evaluation process.

(c) TRANSPORT COMMISSIONER reserves the right to evaluate the bids on Technical and functional parameters including visit and witness demos of the system and verify functionalities etc.

(d) Bidder should quote only those appliances which can seamlessly integrate with other existing standard security appliances of TRANSPORT COMMISSIONER. Failure to do so may lead to bid being rejected and forfeiture of EMD / PBG.

(e) TRANSPORT COMMISSIONER may request for demonstration of interoperability of the various solutions provided. These demonstrations may be done at TRANSPORT COMMISSIONER Head Office Vijayawada or Hyderabad.

(f) To assist in Technical evaluation, TRANSPORT COMMISSIONER reserves the right to call for any clarification from any / all bidders during the evaluation of the bids. Such clarifications should be submitted only in writing. However, no other correspondence on bids will be entertained.

(g) Technical assessment shall broadly cover the following: i. Submission made by bidders in their response to this RFP as per the template provided.

ii. Presentation made by the bidder covering product features, support, implementation and maintenance strategy, company’s financial and project management capabilities etc. iii. Certificates and audit reports submitted by the Bidder.

(h) Mandatory Compliance for Technical Evaluation: The Technical response must meet all the following mandatory compliance requirements. Failure to meet any of the following criteria will result in the disqualification of the technical bid response. i. Submission of documents as specified in Technical bid as Annexure - XVII ii. Meet all the mandatory functional requirements of the product as furnished in Annexure - I (i) Commercial proposal shall be opened only for the short-listed bidders who have meet the product mandatory requirements as furnished in Annexure - XVIII& in clause 3.4.1. (h) (j) In case only one participant bidder fulfil the requirements as furnished in Annexure - I, take into consideration of the compliance of the optional features for commercial evaluation at the sole discretion of the Department. In case none of the participant bidders compliance to the mandatory requirements, the commercial bid of only top 2 bidders on the basis of the technical and functional assessment may be opened at the sole discretion of the Department. The difference between top two bidders should not be more than 5%. (k) After the evaluation of the eligibility criterion and technical compatibility, the price bid of only technically qualified bidders (as per the criteria mentioned herein) shall be considered for price bid evaluation. The Department reserves its right to seek and obtain substantiating data from the bidders for verification of the credentials submitted. The date of opening of Commercial Bid, if there is a change from the date mentioned, shall be advised separately to all technically qualified bidders, if required. 3.5 Evaluation of Financial Proposals a. The Financial Bids of Technically Qualified Bidders will be opened on the prescribed date. b. Commercial proposal should give all the relevant price information. No information should be kept blank. Offer should be in strict conformity with the format as given in Annexure –XVIII. i. The Successful Bidder will be decided based on L1 Criteria. ii. The bidder quoting the least commercial bids will be invited for negotiations for awarding the contract.

iii. The Best and firm price should only be quoted (as per the format enclosed). iv. The bidder must quote in Indian Rupees (INR) only. Bids in currencies other than INR would not be considered and the bid will be rejected forthwith. v. The prices and other terms offered by bidders must be firm for an acceptance period of 180 days from the last date of opening of commercial bid. vi. The Price Bid evaluation will be done item wise. vii. The value entered in the Price bid as per format specified in Annexure-XVIII-B will be taken as reference for evaluation of the price bid. viii. The list tenderers will be ranked in the ascending order i.e., tenderer quoting the lowest value of price bid will be ranked first and soon and lowest price bid offered tenderer will be called L1. Rates aquoted for AMC will be included while determining L1. ix. The Price bid evaluation shall include all central duties such as customs duty and central excise duty and sales tax / VAT as part of the price as detailed below. x. In evaluation of the price of an imported item, the price shall be determined inclusive of the customs duty. xi. In evaluation of the prices of articles that are subject to excise duty, the price shall be determined inclusive of such excise duty. xii. Against this tender where all the tenderers are from within the Andhra Pradesh State or where all the tenderers are from outside the Andhra Pradesh, the sales tax shall be included for the evaluation of the price. xiii. The prices offered shall be on a fixed price basis inclusive of all taxes and should not be linked to the foreign exchange or any other variable. The prices offered should be inclusive of the following. a. Installation, integration, implementation, customization and training to Department’s staff. b. Annual Maintenance Charges for each year over a span of 5 years under the warranty period.

3.6 Selection of the Successful Bidder a. The bidder who quotes the least price will be adjudicated as the Successful Bidder for award of the Project. b. In the event, more than one Qualified Bidder quotes the same price, Qualified Bidder who amongst them has the highest Technical Score will be adjudicated as the Successful Bidder. c. Refusal/failure to commit implementation of the application as per terms of RFP shall result in disqualification of the vendor from this process as well as future procurements of Department and forfeiture of EMD.

3.7 Issue of Letter of Award by the Transport Department

The Transport Department will notify the Successful Bidder by email and by issuance of a Letter of Award (“LOA”) that its Proposal has been accepted.

3.8 Acceptance of Letter of Award and Execution of the Services Agreement

Within 2 (two) weeks from the date of issue of the Letter of Award, the Successful Bidder shall sign the Letter of Award signifying its consent to the terms and conditions specified therein and return the signed copy of the same to the Transport Department. The Successful Bidder shall execute the Services Agreement for the Project, within 30 (thirty) days of the issue of LOA or within such further time as Transport Department may agree to in its sole discretion.

3.9 Income Tax Liability

The Bidder will have to bear all Income Tax liability both corporate and personal tax.

3.10 Concessions permissible under statutes

Bidder, while quoting against this tender, must take cognizance of all concessions permissible under the statutes including the benefit under any act, failing which it will have to bear extra cost where Bidder does not avail concessional rates of levies like customs duty, excise duty, sales tax etc. Transport Department will not take any responsibility towards this. However, Transport Department may provide necessary assistance, wherever possible, in this regard.

4. FRAUD AND CORRUPT PRACTICES

4.1 The Bidders and their respective officers, employees, agents and advisers shall observe the highest standard of ethics during the bidding process and subsequent to the issue of the LOA and during the subsistence of the Services Agreement. Notwithstanding anything to the contrary contained herein, or in the LOA or the Services Agreement, the Transport Department may reject a Proposal, withdraw the LOA, or terminate the Services Agreement, as the case may be, without being liable in any manner whatsoever to the Bidder or the Service Provider, as the case may be, if the Transport Department determines that the Bidder or the Service Provider, as the case may be, has directly or indirectly or through an agent, engaged in corrupt practice, fraudulent practice, coercive practice, undesirable practice or restrictive practice in the bidding process. In such an event, the Transport Department shall be entitled to encash and appropriate the Bid Security or Performance Security, as the case may be, as damages, without prejudice to any other right or remedy that may be available to the Transport Department under the Bidding Documents and/or the Services Agreement, or otherwise.

4.2 Without prejudice to the rights of the Transport Department under Clause 4.1 hereinabove and the rights and remedies which the Transport Department may have under the LOA or the Services Agreement, or otherwise, if a Bidder or the Service Provider, as the case may be, is found by the Transport Department to have directly or indirectly or through an agent, engaged or indulged in any corrupt practice, fraudulent practice, coercive practice, undesirable practice or restrictive practice during the bidding process, or after the issue of the LOA or the execution of the Services Agreement, such Bidder or the Service Provider, as the case may be shall not be eligible to participate in any tender or RFP issued by the Transport Department during a period of 2 (two) years from the date such Bidder or the Service Provider, as the case may be is found by the Transport Department to have directly or indirectly or through an agent, engaged or indulged in any corrupt practice, fraudulent practice, coercive practice, undesirable practice or restrictive practices, as the case may be.

4.3 For the purposes of this Clause 4, the following terms shall have the meaning hereinafter respectively assigned to them:

(a) “corrupt practice” means (i) the offering, giving, receiving, or soliciting, directly or indirectly, of anything of value to influence the actions of any person connected with the bidding process (for avoidance of doubt, offering of employment to or employing or engaging in any manner whatsoever, directly or indirectly, any official of the Transport Department who is or has been associated

in any manner, directly or indirectly, with the bidding process or the LOA or has dealt with matters concerning the Services Agreement or arising therefrom, before or after the execution thereof, at any time prior to the expiry of 1 (one) year from the date such official resigns or retires from or otherwise ceases to be in the service of the Transport Department, shall be deemed to constitute influencing the actions of a person connected with the bidding process); or (ii) save and except as permitted under this RFP, engaging in any manner whatsoever, whether during the bidding process or after the issue of the LOA or after the execution of the Services Agreement, as the case may be, any person in respect of any matter relating to the Project or the LOA or the Services Agreement, who at any time has been or is a legal, financial or technical adviser of the Transport Department in relation to any matter concerning the Project;

(b) “fraudulent practice” means a misrepresentation or omission of facts or suppression of facts or disclosure of incomplete facts, in order to influence the bidding process;

(c) “coercive practice” means impairing or harming, or threatening to impair or harm, directly or indirectly, any person or property to influence any person’s participation or action in the bidding process;

(d) “undesirable practice” means (i) establishing contact with any person connected with or employed or engaged by the Transport Department with the objective of canvassing, lobbying or in any manner influencing or attempting to influence the bidding process; or (ii) having a Conflict Of Interest; and

(e) “Restrictive practice” means forming a cartel or arriving at any understanding or arrangement among Bidders with the objective of restricting or manipulating a full and fair competition in the bidding process.

5. MISCELLANEOUS

5.1 The bidding process shall be governed by, and construed in accordance with, the laws of India and the Courts at Vijayawada shall have exclusive jurisdiction over all disputes arising under, pursuant to and/ or in connection with the bidding process.

5.2 The Transport Department, in its sole discretion and without incurring any obligation or liability, reserves the right, at any time, to:

(a) suspend and/ or cancel the bidding process and/or amend and/or supplement the bidding process or modify the dates or other terms and conditions relating thereto;

(b) consult with any Bidder in order to receive clarification or further information;

(c) retain any information and/or evidence submitted to the Transport Department by, on behalf of, and/ or in relation to any Bidder; and/or

(d) Independently verify, disqualify, reject and/ or accept any and all submissions or other information and/or evidence submitted by or on behalf of any Bidder.

5.3 It shall be deemed that by submitting the Proposal, the Bidder agrees and releases the Transport Department, its employees, agents and advisers, irrevocably, unconditionally, fully and finally from any and all liability for claims, losses, damages, costs, expenses or liabilities in any way related to or arising from the exercise of any rights and/or performance of any obligations hereunder, pursuant hereto and/or in connection with the bidding process and waives, to the fullest extent permitted by applicable laws, any and all rights and/or claims it may have in this respect, whether actual or contingent, whether present or in future.

ANNEXURE – I Functional Requirements of Network Firewall

The key functional requirement of the project is shown below:

1. Ability to create granular security policy definitions per user and groups to identify, block or limit usage of web applications and widgets like instant messaging, social networking, video streaming, VoIP, games and more. 2. Provide application function control to identify, allow, block or limit usage of applications and features within them. Enable safe internet use while protecting against threats and malware. 3. Scan for viruses and malware in allowed collaborative applications. 4. Should have ability to protect environments with social media and internet applications. 5. TRANSPORT COMMISSIONER should have the power to create detailed policies that should be based on the characteristics such as user identity, user role and specific aspects of a web application. 6. There should be advanced user and application controls such as ability to expand user groups, domain names as well as detailed user and application usage information in reports, logs and statistics. 7. Should offer threat intelligence, mobile device security, Active Directory integration. Provide protection from zero day attacks and unknown threats. 8. Ability to integrate seamlessly with Active Directory to provide complete user identification and enable application based policy definition per user or group. 9. Virtual Private Network (VPN) technologies should be part of the solution to provide resilient and flexible site-to-site connectivity. Should have management tools to deploy, configure and operate the VPNs. 10.Identify and control applications sharing the same connection. 11.Should be able to intercept, decrypt and re-encrypt SSL/TLS, SSH, and VPN traffic with low performance degradation. 12.Decrypt outbound SSL. 13.Enable the same application visibility and control for remote users. 14.Deliver the same production throughput and performance with application control active. 15.Updates and upgrades to remote sites should be automated and performed seamlessly with the ability to view and manage remote operations through the central management system.

16.The product should have capability of deep packet inspection (DPI) to ensure various pieces of packet are thoroughly examined to identify malformed packets, errors, known attacks and other anomalies. 17.It should rapidly identify and block Trojans, viruses, spam, intrusion attempts and other violation of normal protocol communications. 18.Should have ability to manage security environment through intuitive graphical interface which should provide views, details and reports on security health through a comprehensive, centralized security dashboard. 19.The user interface and system configuration of the management console should be comprehensive, flexible and easy to use such that it should be possible to exclude features that are needed in the enterprise environment.

Sr.No. Secure Network Termination Appliance Specifications 1 General Requirements & Industry Certifications The proposed architecture involves setting up of core application infrastructure on a Public cloud infrastructure (like Microsoft Azure) and configuring individual branch locations to connect to the application instances on the cloud for secure access. To this end, the solution proposed for network termination at the individual branches must also be available in a virtual form factor on Microsoft Azure and Amazon 1.1 AWS. The department may choose to provision VPN connectivity between the individual branches and the cloud instance of the network termination device. Hence, the required processing capacity for terminating all the branch locations, without a performance impact would need to be available to be provisioned on the cloud instance, on a need basis. The proposed solution must provide Layer 7 / Application Layer 1.2 security solution. The device proposed at the branch location must be able to natively identify and control applications, users and content The proposed application security solution must be in the Leader’s 1.3 quadrant in the Gartner "Magic Quadrant for Enterprise Network Firewalls" as per the latest available report. For high performance with low latency the proposed solution must 1.4 provide all application level inspection as real-time stream-based and not using file-based store-and-forward techniques The proposed appliance must provide high levels of reliability through 1.5 the use of SSD for storage and not using fans and other similar moving components The proposed solution must allow policy rule creation for application identification, user identification, host profile, threat prevention, content 1.6 filtering, QOS and scheduling in a single rule and not at multiple locations The Firewall appliance should have certifications like ICSA / EAL4 / 1.7 NDPP or more The Propose vendor must have track record continues improvement in 1.8 threat detection and unique identification technologies.

The proposed solution must have the provision of drawing power from 2 1.9 different sources, either with RPS or using redundant power inputs 1.10 The proposed appliance must have at least 8 x 1G versatile Ports 1.11 Firewall appliance should have console port and USB Ports 1.12 Appliance should be rack mountable and support side rails if required 1.13 Should support Internet Service Provider link load balancing. The proposed appliance must have 1 x 1G port for out of band 1.14 management. 2 Performance The appliance must provide a minimum of 500Mbps Application enabled Firewall throughput and minimum 150 Mbps of throughput with all security features enabled including Application Control + User 2.1 Identification + IPS + Anti Spyware + Antivirus with all signatures on the appliance turned ON. The performance must be based on 64Kb HTTP traffic and not UDP. The claim has to be supported by publicly available documents The proposed appliance must be able to handle minimum 4,200 new 2.2 sessions per second The proposed appliance must be able to handle minimum 64,000 2.3 concurrent sessions 2.4 The appliance must be capable of handling minimum 250 policies The proposed appliance must be able to handle minimum 100 Mbps 2.5 IPSEC VPN throughput 2.6 Storage option Minimum 32 GB SSD The proposed appliance must support minimum 250 Site to Site IPSEC 2.7 VPN tunnels. The proposed solution must support minimum 250 client to site VPN tunnels. All licenses needs to be provisioned from day one. 3 Operation Mode The proposed appliance must support, Tap Mode, Transparent, Layer 2 , Layer 3 mode providing flexible deployment. The proposed solution 3.1 must be able to support simultaneous deployment with interfaces servicing Layer 3, Layer 2, Transparent and Tap modes. 3.2 The proposed appliance must support 802.1Q VLAN tagging The proposed appliance must support Dual Stack IPv4 & IPv6 3.3 application control and threat inspection under various deployment modes from day one. The proposed appliance must support standards based Link aggregation 3.4 (IEEE 802.3ad) to achieve higher bandwidth The proposed appliance must support logical Ethernet sub-interfaces 3.5 tagged and untagged. The proposed appliance must support the following routing protocols 3.6 static, RIPv2, OSPF, BGP4 The proposed appliance must have Virtual Router capabilities that 3.7 supports all L3 capabilities.The proposed solution must have IPv6 Static Routing Support even for virtual routers. The proposed appliance must support DHCPv4 and DHCPv6 relay from 3.8 day one. 3.9 High Availability The proposed appliance must be able to support Active/Active 3.9.1 configuration 3.9.2 The proposed appliancemust be able to support Active/Passive HA

configuration The proposed appliance must be capable to detect device, link and path 3.9.3 failure and the ability to monitor health of the peer device without external network dependencies. The proposed appliance must be able to support session and 3.9.4 configuration synchronization The proposed appliance must synchronize the following for HA . 3.9.5 Sessions, Decryption Cert, Threat and Application Signature etc ensuring seamless operations The proposed appliance HA must support hitless upgrades for both 3.9.6 major and minor code releases The OEM must provide 24 X 7 X 365 technical support either directly or 3.10 via authorized partners, with back-line support from the OEM. The OEM must have a local TAC in India Every Gateway Security control (like Firewall or any other feature required to meet above specification) must not have any licensing 3.11 restriction on number of users and must be supplied for unlimited users unless specified otherwise. 3.12 Should support at least 200 protocols All internet based applications should be supported for filtering like 3.13 Telnet, FTP, SMTP, http, DNS, ICMP, DHCP, ARP, RPC, SNMP, Lotus Notes and Exchange etc. Firewall should support the authentication protocols RADIUS, LDAP, 3.14 TACACS, and PKI methods Local access to the firewall modules should support authentication 3.15 protocols – RADIUS & TACACS+. 3.16 Dynamic policy enforcement on VPN clients. Firewall must provide state engine support for all common protocols of 3.17 the TCP/IP stacks. 3.18 Should support telnet client and server functionality 4 Firewall Security Policy The proposed solution must support network traffic classification which identifies applications across all ports irrespective of 4.1 port/protocol/evasive tactic from day one. The proposed solution must have application and application function identification and decoding technology from day one. The proposed solution must be able to handle unknown/unidentified 4.2 applications e.g. alert, block or allow The proposed solution must be able to create custom application 4.3 signatures and categories based on customer environment. The proposed solution must delineate specific instances of peer2peer 4.4 traffic (Bittorrent, emule, neonet, etc.), messaging (AIM, YIM, Facebook Chat, etc.) & Proxies (ultrasurf, ghostsurf, freegate, etc.). The proposed solution must delineate different parts of the application 4.5 such as allowing Facebook chat but blocking its file-transfer capability etc. The proposed solution must support Voice based protocols (H.323, SIP, 4.6 SCCP, MGCP etc.) The proposed solution must support authentication services for user- 4.7 identification using any of the following technologies AD, LDAP, eDirectory, Radius, Kerberos, Client Certificate from day one.

The proposed solution must support the creation of security policy 4.8 based on Active Directory Users and Groups in addition to source/destination IP. The proposed solution must support user-identification in policy without 4.9 installing an agent on individual endpoints. The proposed solution must support user-identification over wireless by 4.10 integrating with Wireless controllers. The proposed solution must populate and correlate all logs with user 4.11 identity (traffic, IPS, URL, data, etc.) without any additional products or modules in real-time The Firewall must provide NAT functionality, including dynamic and 4.12 static NAT translations. Network address translation (NAT) must be supported so that the 4.12.1 private IP addresses of hosts and the structure of an internal network can be concealed by the firewall. Network Address Translation (NAT) must be configurable as 1:1, 1: 4.12.2 many, many: 1, many: many, flexible NAT (overlapping IPs). Reverse NAT must be supported. 4.12.3 Port address translation must be provided The proposed solution must support Policy Based forwarding based on 4.13 Zone, Applications , Source / Destination Address, User or User Group 5 Threat Prevention Features The proposed solution shall support IPS , Anti Virus and Anti Bot & 5.1 Spyware Protection features from day one. The proposed solution shall be supported by a world-class threat research organization dedicated to the discovery and analysis of 5.2 threats, applications and their respective network behavior. The threat and vulnerability information that is protected shall be publicly accessible on the internet. The proposed solution shall block known network and application-layer 5.3 vulnerability exploits The proposed solution shall block buffer overflow, DoS/DDoS , etc type 5.4 of attacks The proposed solution shall perform stream-based Anti-Virus & Anti- 5.5 Spyware and not store-and-forward traffic inspection The proposed solution shall support attack recognition for IPv6 traffic 5.6 the same way it does for IPv4 The proposed solution shall support Built‐in Signature and Anomaly 5.7 based Vulnerability Protection Engine The proposed solution shall support the ability to create custom user- 5.8 defined signatures The proposed solution shall support granular tuning with option to 5.9 configure overrides for individual signatures The proposed solution shall support automatic security updates directly 5.10 over a secure connection (i.e. no dependency of any intermediate device) The proposed solution Vulnerability / Virus / Spyware protection 5.11 signature updates shall not require reboot of the unit. The proposed solution must support different actions in the policy such 5.12 as deny, drop, reset client, reset server, reset both client and server.

Integrated IPS, Antivirus, Anti-Spyware & Anti-Bot functionality should 5.13 be available as a module that can be activated and de-activated as and when required. Activation of new IPS protections should be based on parameters like 5.14 Threat severity i.e. High, Medium, low risk etc. IPS Profile should have an option to select or re-select specific 5.15 signatures that can be deactivated. The proposed solution must have an option to add exceptions for 5.16 network, services and Users. The proposed solution must have functionality of Geo Protection to 5.17 Block the traffic country wise. The proposed solution must have an option to create your own 5.18 signatures with an open signature language. The proposed solution must provide detailed information on each 5.19 protection, including: Vulnerability and threat descriptions, including CVE details & Threat severity Solution must be able to identify malwares coming from incoming files 5.2 and malwares downloaded from Internet 5.21 Solution must be able to Discover bot outbreaks 5.22 Solution must be able to discover the Bot infected machine 5.23 Solution must be able to prevent bot damage Solution must have an Multi tier bot discovery ie Detect Command and 5.24 Control IP/URL and DNS Solution must be able to detect Unique communication patterns used by 5.25 Botnets. Solution must be able to block traffic between infected Host and Remote 5.26 Operator and not to legitimate destination Solution must be able to provide with Forensic tools which give details 5.27 like Infected Users/Device, Malware type, Malware action etc The proposed solution must support protection against credential 5.28 phishing of internal users. The framework being used for protection has to be provided. The Antivirus engine of the solution must be provided by the OEM itself 5.29 and must not depend on a third party OEM for signatures It must be possible for enhancing the services on the appliance to include Advanced Persistent Threat Protection at a later date, using a 5.3 license, without impacting the performance of the appliance. The APT solution of the OEM must provide 5 minute updates for discovered malware. 6 SSL Decryption The proposed solution shall be able to identify, decrypt and evaluate 6.1 SSL traffic in an outbound connection (forward-proxy) The proposed solution shall be able to identify, decrypt and evaluate 6.2 SSL traffic in an inbound connection The proposed solution must support decryption and inspection of SSL 6.3 traffic in an outbound connection, inbound connection across any port. The proposed solution shall support the ability to have a SSL inspection 6.4 policy differentiate between personal SSL connections i.e. bankin, shopping, health and non-personal traffic

The proposed solution must support on appliance Per policy SSL and 6.5 SSH decryption for both inbound and outbound traffic. The proposed must support on appliance SSL decryption policy based 6.6 on IP, User, web category. 7 URL Filtering The proposed solution shall support URL-Filtering, with the 7.1 categorization being done by the OEM of the device and not a third party OEM. The Proposed solution shall have the database located locally/ cache url 7.2 category on the device 7.3 The proposed solution shall support custom URL-categorization 7.4 The proposed solution shall support customizable block pages The proposed solution shall support logs populated with end user 7.5 activity reports for site monitoring within the local solution 7.6 The proposed solution shall support Drive-by-download control The proposed solution shall support URL Filtering policies by AD user, 7.7 group, machines and IP address/range The Threat intelligence of the OEM shall be capable of providing 5 minute updates specifically to URLs falling under the malicious URLs and 7.8 phishing URL categories from their APT analysis system. This would ensure that the URL categorization of malicious URLs is as current as possible, reducing the attack surface. The proposed solution must have the capability to provision additional 7.9 authentication for specific URL categories for enhanced security. 8 QOS 8.1 The proposed firewall must support the ability to create QoS policy 8.1.1 by destination address 8.1.2 by user/user group as defined by AD 8.1.3 by application (such as Skype, Bit torrent, YouTube, azureus) by static or dynamic application groups (such as Instant Messaging or 8.1.4 P2P groups) 8.1.5 by port 8.2 The proposed firewall must define QoS traffic classes with: 8.2.1 guaranteed bandwidth 8.2.2 maximum bandwidth 8.2.3 priority queuing The proposed firewall must support real-time prioritization of voice 8.3 based protocols like H.323, SIP, SCCP, MGCP and applications like Skype. The proposed firewall must support real-time bandwidth statistics of 8.4 QoS classes. 9 Management & Reporting The appliance shall provide local monitoring and reporting functionality, along with the ability to be managed and monitored from a remote 9.1 management server from the same OEM. The management server shall be available both in the virtual and physical form factor. The solution shall support the forwarding of logs to email, external 9.2 syslog servers and any other logging service / SIEM, as per customer requirements

The intelligence system of the OEM shall be publicly accessible (with applicable additionally procured licenses) to customers for threat analysis and proactive protection. This system shall provide historical data of all threats discovered by the OEM, it's indicators of compromise 9.3 and applicable URLs, IP addresses, domains and hashes in searchable, taggable formats. This would allow Security administrators to search for specific indicators and use these indicators for improving security posture of the environment. Firewall must support the user based logging. Log levels must be 9.4 configurable based on severity. 9.5 It must be able to Search and Filter the log. The Firewall logs must contain information about the firewall policy rule 9.6 that triggered the log. Should support google like search of logs within seconds It must be able to correlate logs from various modules such as Firewall, 9.7 Application Control, Antivirus & information at different periods of Time. It must support SNMP (Simple Network Management Protocol) v 2.0 9.8 and v 3.0. The firewall must be capable of integrating with other equipment like 9.9 SIEM tool or reporting tools etc. The solution must be commonly integrated with any of the SIEM 9.10 products, with no customization needed for integration. The proposed solution shall populate and correlate all logs with user 9.11 identity (traffic, IPS, URL, data, AV,AB etc.) without any additional products or modules in real-time 9.12 Application and user identify based bandwidth management 9.13 Guaranteed &Burstable bandwidth policy 9.14 Bandwidth monitoring The management system must support the ability to lock configuration 9.15 while modifying it, avoiding administrator collision when there are multiple people configuring the appliance

ANNEXURE – II

List of TRANSPORT COMMISSIONER Branch Offices, Locations and No. of users at each branch

Sl NAME OF NAME OF THE OFFICE TOTAL No THE DIST OFFICE TYPE SYSTEMS 1 Anantapur DTC 52 2 Hindupur RTO 20 10 3 Anantapur Tadipatri Unit 4 Guntakal MVI 7 5 Kadiri MVI 7 6 Penukonda Check Post 7 7 Chittoor DTC 28 8 Tirupathi RTO 34 9 Madanapalle Unit 8 10 Puttur MVI 8 11 Palamaner MVI 7 Chittoor 12 Srikalahasti MVI 8 13 Piler MVI 7 14 Naraharipeta Check Post 4 15 Reniguta Check Post 3 16 Palamaner Check Post 5 17 Kadapa DTC 39 18 Proddutur RTO 24 19 Rajampet MVI 10 Kadapa 20 Rayachoti MVI 9 21 Badvel MVI 9 22 Pulivendula MVI 8 23 Kakinada DTC 63 24 Rajahmundry RTO 42 25 Amalapuram RTO 15 26 Mandapeta Unit 13 27 Kathipudi Unit 8 28 East Godavari Ravulapalem MVI 11 29 Peddapuram MVI 5 30 Tetagunta Check Post 5 31 Rajangaram Track 2 32 Maredumilli Check Post 4 33 Chintoor MVI 4 34 Guntur DTC 62 35 Narasaraopet RTO 22 Guntur 36 Tenali Unit 10 37 Piduguralla Unit 8

38 Chilakaluripeta MVI 9 39 Baptla MVI 9 40 Mangalagiri MVI 9 41 Macherla MVI 6 42 Macherla Check Post 1 43 Dachepalli Check Post 2 44 Vijayawada DTC 107 45 Gudiwada RTO 27 46 Nandigama RTO 18 47 Machilipatnam Unit 12 48 Nuziveedu Unit 10 Krishna 49 Vuyyur Unit 9 50 Jaggaiahpet Unit 7 51 Garikapadu Check Post 2 52 Gannavaram Track 8 53 Tiruvuru Check Post 2 54 Kurnool DTC 41 55 Nandyal RTO 29 56 Adoni Unit 11 57 Kurnool Dhone MVI 8 58 Atmakur MVI 6 59 Kurnool Check Post 2 60 Sunnipenta Check Post 2 61 Nellore DTC 61 62 Gudur Unit 15 63 Kavali Unit 8 Nellore 64 Sullurpet Unit 7 65 Atmakur MVI 6 66 B.V.Palem Check Post 3 67 Ongole RTO 35 68 Markapur Unit 7 69 Chirala Unit 8 Prakasam 70 Darsi Unit 8 71 Kandukur MVI 8 72 Ongole - Track Track 4 73 Srikakulam DTC 37 74 Palasa MVI 6 75 Palakonda MVI 7 76 Srikakulam Itchapuram MVI 5 77 Tekkali MVI 7

78 Purushothapuram Check Post 5

79 Vizianagaram RTO 50 80 Vizianagaram Parvathipuram MVI 8 81 Salur MVI 11

82 Visakhapatnam DTC 79 83 Anakapalli RTO 35 84 Visakhapatnam Gajuwaka Unit 33 85 Narsipatnam MVI 12 86 Gambheeram Track 18 87 Eluru DTC 41 88 Bhimavaram RTO 22 89 Tadepalligudem Unit 10 90 Tanuku Unit 10 91 Kovvuru Unit 11 West Godavari Jangareddy 92 Unit 10 Gudem 93 Palkole Unit 9

94 Janampet (Eluru) Track 3

95 Jeelugumilli Check Post 4 96 SERVER ROOM STA STA 93 Total 1621

Annexure III

Service Level Agreement (SLA)

The vendor has to ensure adherence to time schedules given in this RFP. Non- adherence will attract penalties as given below.

Sl.No. Description of Delay Penalty 1. Delivery of all software & hardware security products needed as per 1 % of the total PO value per the expected deliverables within 15 week of delay or part thereof. days from the date of receipt of the purchase order. 2. Delay in implementation of all 1 % of the total PO value per devices beyond 9 weeks from the week of delay or part thereof. date of receipt of the purchase order. 3. Delay in submission documentation 0.2% of the total PO value for every week of delay or part thereof.

4. In case of a breakdown of 5% of the total PO value per appliances, hardware, hardware each hour of delay or part components accessories, systems thereof. software, and/or any products, the relevant defect should be attended immediately and rectified within 1 days of the receipt/notice of the complaint.

5. In case of a malfunctioning of 1% of the total PO value per appliances, hardware, hardware every 6 hours of delay or part components accessories, systems thereof. software, or any products, the relevant defect should be attended immediately and rectified within same day of business hours of the receipt/notice of the complaint.

6. In case both the 2% of the total PO value per appliances/hardware in the HA every 1 hour of delay or part mode are down and the system is thereof. completely down the defect should be attended and rectified within 4 hours of receipt of notice.

7. Ensure that any technical issues 5% of the Quarterly on-site escalated, but not resolved by the charges per each day of delay or vendor, should be closed/ resolved part thereof. within 1 day.

8. Failure to prevent attacks for which 20% of the Quarterly onsite and the solutions has been procured. offsite support charges for each attack reported.

9. Delay in posting of offsite support 0.5% of the purchase order Personnel beyond 4 weeks from value per week of delay or part the date of issue of purchase order thereof. for security products.

10. Delay in providing details for Rs.1,000/- per day. offsite support beyond 4 weeks from date of issue of PO

11. Rs.1,000/- per day. Delay in providing complete escalation matrix for offsite support beyond 4 weeks from date of issue of PO

12. Delay in installation of patches, If the patches/signature files are updates and upgrades not deployed within a period of 5 working days of TRANSPORT COMMISSIONER from the release of latest version/update by OEM, it will attract a penalty of 0.5% of the charges from yearly on-site & remote monitoring services for each week of delay or part thereof.

13. If the TRANSPORT COMMISSIONER 2% of the onsite and offsite firewall system uptime for any of support charges of every 0.1% the locations is below 99.9% decrease of system uptime. calculated on quarterly basis.

14. Level 0 Issues specified in clause Beyond 4 hrs and within the 1.7.25 same day Rs.1000/- Beyond same day Rs.5000 per day. 15. Level 1 Issues specified in clause Beyond 6 hrs and within the 1.7.25 same day Rs.1000/- Beyond same day Rs.3000 per day. 16. Level 2 Issues specified in clause Beyond 8 hrs and within the 1.7.25 same day Rs.1000/- Beyond same day Rs.2000 per day. 17. Level 3 Issues specified in clause Beyond same day Rs.2000 per 1.7.25 day. 18. Return Material Authorization Response within 4 hrs and (RMA) Support Replacement should be in next

Business day. Beyond next business day Rs.10000/- per day. 19. Annual Firewall Base Review Should be done Every year in the month of January. Beyond this month, Rs.10000 per week.

Exclusions from downtime calculation include the following

1. Downtime because of LAN cabling faults. 2. Scheduled downtimes (which are approved by TRANSPORT COMMISSIONER) on account of preventive maintenance, system testing, system upgrades etc. 3. All failures due to source power unavailability and power conditioning, UPS failure etc. beyond control of Vendor Managed Services. 4. Force Majeure conditions defined above or any condition not foreseen but mutually agreed by both the parties. 5. Link outages owing to ISPs. 6. Downtime due to any device/appliance not managed by the Vendor.

Penalty caps:  The total penalty for delivery and installation shall not exceed the PO value.  The total penalty for onsite and offsite support shall not exceed the PO value of onsite and offsite support.

ANNEXURE IV (On the Letterhead of the Bidder) Format of the Letter of Proposal

The Transport Commissioner Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC House Vijayawada.

Subject: Submission of the Proposal in accordance with the RFP dated [●]______

Dear Sir,

Having examined the RFP document, terms and conditions including all Annexures the receipt of which is hereby duly acknowledged we, the undersigned, offer to supply, deliver, install, maintain, manage equipment / devices / appliances, in conformity with the said RFP documents in accordance with the schedule of prices attached in the commercial bid and made part of this tender. We hereby agree and accept all the clauses/terms and conditions mentioned in the RFP document dated ______and also subsequent modifications dated ______.

We understand that,

1. We are hereby submitting our Proposal in accordance with the Bidding Documents. We understand you are not bound to accept any Proposal you receive.

2. If our Bid for this RFP/tender is accepted, we undertake to enter into and execute at our cost, when called upon by TRANSPORT COMMISSIONER to do so, a contract in the prescribed form. Unless and until a formal contract is prepared and executed, this bid together with your written acceptance thereof shall constitute a binding contract between us.

3. If our bid is accepted, we are to be jointly and severally responsible for the due performance of the contract.

4. We fully understand and agree to comply that on verification, if any of the information provided here is found to be misleading in any manner, we are liable to be dismissed from the selection process or will lead to the termination of our engagement during the implementation of the Project.

5. If we fail to accept the L1 price arrived at on the basis of commercial bid and/or reverse auction (despite having accepted the terms and condition for the same in our bid document), TRANSPORT COMMISSIONER has full rights to forfeit the earnest money deposit (EMD) of Rs.2,50,000/- (Rupees Two Lakhs and fifty thousand only) submitted to TRANSPORT COMMISSIONER by us after the bidding process is complete. TRANSPORT COMMISSIONER shall reserve the right for not informing us/seeking our permission before doing so.

6. We hereby declare that our Proposal submitted in response to the Bidding Documents is made in good faith and the information contained is true and correct to the best of our knowledge and belief.

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location Date]

ANNEXURE V (On the Letterhead of the Bidder) Application form for the Eligibility of the Bidder

The Transport Commissioner Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Bus station Vijayawada.

Subject: Submission of the Proposal in accordance with the RFP dated ______

Dear Sir,

A. Company Details

Name of the Company Type of the Company [ Govt/PSU/Pub.Ltd/Pvt ltd/JV etc .] Address of Corporate Office (HQ)

Sales Tax registration number and date of registration

VAT registration number and date of registration

Service Tax registration No. and date of registration

Year of Incorporation of the company

Turnover and profit of the Company Turnover (Rs. Up Profit Before tax to 3 decimals) (Rs. Upto 3 decimals.) Financial Years :

2013-14

2014-15

2015-16 Address for communication Official Web Site (URL)

Contact person details First Person Name Designation Phone (O) Fax (O) Mobile Email ID Name Second Person Designation Phone (O) Fax (O) Mobile Email ID Any other relevant information bidder would like to submit, which is not covered in the above points :

B. Details of EMD (Demand Draft)

Description Rs.2,50,000/- Demand Draft No: and Date Name and Address of the Bank

C. Eligibility Information / Compliance

Compliance # Description of the pre-qualification criteria (yes / no)

The aggregate sales turnover of the Bidder from providing software design, development, 1. implementation, application maintenance in the immediately preceding 3 (three) financial years ending 31.03.2016 should be Rs. 3 crores or more turn over.

Bidder should have made profit (before tax) in any of the 2. last three financial years preceding the date of this RFP.

Bidder should have at least 3 years of experience in supplying, integrating and supporting network gateway security and routing technology solutions.

3. Bidder must have provided heterogeneous (2 or more security and routing technologies in each deployment) Network Gateway security and routing solutions including firewall for at least 4 clients globally / India.

Compliance # Description of the pre-qualification criteria (yes / no) Out of these, at least 2 orders should be of value greater than Rs. 1 Crore (either single or clubbed for the same customer) within last 3 years in India immediately preceding the date of this RFP, involving OEMs figuring in Leaders and challengers quadrants of Gartner in any of the reports from 2013 onwards. The bidder should have significant client base in Government, Banking, Financial and Insurance sector in 4. India

The vendor / bidder must be Gold / Tier-1 or Silver /

5. Tier-2 partner of the OEM for the proposed product. 6. The Bidder must be ISO 9001 Certified The Bidder should have direct presence & registered in 7. Andhra Pradesh State and must have its own support offices across the state of Andhra Pradesh The proposed firewall OEM should feature in the latest Gartner’s Magic Quadrant for Enterprise Network

8. Firewalls/ UTM under the “Leaders” or “Challengers” quadrant for year 2015-2016 The bidder should have back-to-back support with both the Firewall OEMs. Bidder should not be a mere reseller 9. but a systems integrator. Bidder must have prime and direct (selling, support, upgrade and service) partnership with the solution / technology provider. The Bidder shall be a single private / public limited 10. company, incorporated under the Companies Act, 1956.

The bidder should have a dedicated security practice in operation for over 3 years and shall have minimum 30 skilled professionals in security domain, out of whom at

11. least 12each should be certified for each of the Firewall OEMs proposed.

The bidder so selected should have the proven capability to perform the entire scope of the assignment without

12. outsourcing the same to any third party.

The Bidder should not have been black-listed by any

13. Government or any Governmental agency/department

(Note : Any wrong or incorrect information or suppression of facts will lead to disqualification.)

I certify that the above mentioned information and the relevant annexure and enclosures are true and correct.

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location Date]

ANNEXURE VI

Format of the Power Of Attorney for Signing the Proposal1

[To be executed on stamp paper of appropriate value.]

Know all ye men by these presents, we, …………………………… (name of the Bidder and address of the registered office) do hereby irrevocably constitute, nominate, appoint and authorise Mr. / Ms. (name of the attorney), son/daughter/wife of ……………………………… and presently residing at ………………………………….., who is presently employed with us and holding the position of ………………………….., as our true and lawful attorney (hereinafter referred to as the “Attorney”) to do in our name and on our behalf, all such acts, deeds and things as are necessary or required in connection with or incidental to submission of our Proposal for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra Pradesh incidental thereto, in the manner specified in the Bidding Documents, for the Transport Department of the State of Andhra Pradesh (“Project”) proposed by the Transport Department, Government of Andhra Pradesh (the “Transport Department”) including but not limited to signing and submission of all applications, Proposals and other documents and writings, participate in Bidders’ and other conferences and providing information / responses to the Transport Department as per the Bidding Documents including the RFP dated [●], representing us in all matters before the Transport Department, signing and execution of all contracts in connection with the Project and undertakings consequent to acceptance of our Proposal, and generally dealing with the Transport Department in all matters in connection with or relating to or arising out of our Proposal for the said Project and/or upon award thereof to us and/or till the entering into of the Services Agreement with the Transport Department;

AND we hereby agree to ratify and confirm and do hereby ratify and confirm all acts, deeds and things done or caused to be done by our said Attorney pursuant to and in exercise of the powers conferred by this Power of Attorney and that all acts, deeds and things done by our said Attorney in exercise of the powers hereby conferred shall and shall always be deemed to have been done by us.

IN WITNESS WHEREOF WE, ………………………….., THE ABOVE NAMED PRINCIPAL HAS EXECUTED THIS POWER OF ATTORNEY ON THIS ……………………… DAY OF …………………….., 2016.

For……………………………..

1This POA needs to be submitted in original.

(Signature, name, designation and address) Witnesses:

1. 2.

Accepted Notarised

(Signature, name, designation and address of the Attorney)

Notes:

. The mode of execution of the Power of Attorney should be in accordance with the procedure, if any, laid down by the applicable law and the charter documents of the executant(s) and when it is so required, the same should be under common seal affixed in accordance with the required procedure.

Wherever required, the Bidder should submit for verification the extract of the charter documents and documents such as a board or shareholders resolution / power of attorney in favour of the person executing this Power of Attorney for the delegation of power hereunder on behalf of the Bidder.

ANNEXURE VII Format of the Anti-Collusion Certificate

(On the Letterhead of the Bidder)

The Transport Commissioner, 1st Floor, NTR Administrative Block, RTC House, PNBS Complex, Vijayawada – 520 002.

Reference: RFP No: dated

Dear Sir,

We hereby acknowledge, certify and confirm that in the preparation and submission of our Proposal our Proposal for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra Pradesh incidental thereto, in the manner specified in the Bidding Documents, for the Transport Department of the State of Andhra Pradesh (“Project”), we have not acted in concert or in collusion with any other Bidder or other person(s) and also not done any act, deed or thing which is or could be regarded as illegal, corrupt or anti-competitive or jeopardise our ability to implement the Project in accordance with the Bidding Documents and/or applicable law.

We further confirm that we have not offered nor will offer any illegal gratification in cash or kind to any person or agency in connection with our Proposal in respect of the Project.

Dated this ______Day of ______, 2016

______

(Name of the Bidder)

______

(Signature of the Authorised Person) Name: Designation: Official Company Seal

Annexure – VIII (On the Letterhead of the Bidder) Undertaking for Information security

The Transport Commissioner, 1st Floor, NTR Administrative Block, RTC House, PNBS Complex, Vijayawada – 520 002.

Reference: RFP No: dated

Dear Sir,

Sub: RFP our Proposal for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra Pradesh

We hereby undertake that the proposed hardware / software to be supplied will be free of malware, free of any obvious bugs and free of any covert channels (of the version of the application being delivered as well as any subsequent versions / modifications done)

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location Date]

ANNEXURE IX

Format of the Bank Guarantee for Bid Security Dated: [●]

Bank Guarantee No.:

1. In consideration of you, the Transport Department, Government of Andhra Pradesh, having its office at Dr. Baba Saheb Ambedkar Building Khairatabad, Hyderabad – 500004, (hereinafter referred to as the “Transport Department”, which expression shall unless it be repugnant to the subject or context thereof include its, successors and assigns) having agreed to receive the Proposal of …………………… (a company registered under the Companies Act, 1956) and having its registered office at ……………………… (hereinafter referred to as the “Bidder” which expression shall unless it be repugnant to the subject or context thereof include its/their executors, administrators, successors and assigns), for our Proposal for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra Pradesh incidental thereto, in the manner specified in the Bidding Documents, for the Transport Department of the State of Andhra Pradesh (“Project”) pursuant to the RFP dated ______issued in respect of the Project and other related documents including without limitation the draft services agreement (hereinafter collectively referred to as “Bidding Documents”), we [(Name of the Bank)] having our registered office at ……………………… and one of its branches at …………………….. (hereinafter referred to as the “Bank”), at the request of the Bidder, do hereby in terms of Clause 2.1.5 read with Clause 2.4 of the RFP, irrevocably, unconditionally and without reservation guarantee the due and faithful fulfilment and compliance of the terms and conditions of the Bidding Documents (including the RFP) by the said Bidder and unconditionally and irrevocably undertake to pay forthwith to the Transport Department an amount of Rs. ______/- (Rupees ______only) (hereinafter referred to as the “Guarantee”) as our primary obligation without any demur, reservation, recourse, contest or protest and without reference to the Bidder if the Bidder fails to fulfil or comply with all or any of the terms and conditions contained in the said Bidding Documents.

2. Any such written demand made by the Transport Department stating that the Bidder is in default of the due and faithful fulfilment and compliance with the terms and conditions contained in the Bidding Documents shall be final, conclusive and binding on the Bank.

3. We, the [please insert details of the bank issuing this bank guarantee] (hereinafter referred to as the “Bank”), do hereby unconditionally undertake to pay the amounts due and payable under this Guarantee without any demur, reservation, recourse, contest or protest and without any reference to the Bidder or any other person and irrespective of whether the claim of the Transport Department is disputed by the Bidder or not, merely on the first demand from the Transport Department stating that the amount claimed is due to the Transport Department by reason of failure of the Bidder to fulfil and comply with the terms and conditions contained in the Bidding Documents including failure of the said Bidder to keep its Proposal open during the Proposal Validity Period as set forth in the said Bidding Documents for any reason whatsoever. Any such demand made on the Bank shall be conclusive as regards amount due and payable by the Bank under this Guarantee. However, our liability under this Guarantee shall be restricted to an amount not exceeding Rs. ______/- (Rupees ______only)

4. This Guarantee shall be irrevocable and remain in full force for a period of 180 (one hundred and eighty) days from the Due Date or for such extended period as may be mutually agreed between the Transport Department and the Bidder, and agreed to by the Bank, and shall continue to be enforceable till all amounts under this Guarantee have been paid.

5. We, the Bank, further agree that the Transport Department shall be the sole judge to decide as to whether the Bidder is in default of due and faithful fulfilment and compliance with the terms and conditions contained in the Bidding Documents including, inter alia, the failure of the Bidder to keep its Proposal open during the Proposal Validity Period set forth in the said Bidding Documents, and the decision of the Transport Department that the Bidder is in default as aforesaid shall be final and binding on us, notwithstanding any differences between the Transport Department and the Bidder or any dispute pending before any Court, Tribunal, Arbitrator or any other authority.

6. The Guarantee shall not be affected by any change in the constitution or winding up of the Bidder or the Bank or any absorption, merger or amalgamation of the Bidder or the Bank with any other person.

7. In order to give full effect to this Guarantee, the Transport Department shall be entitled to treat the Bank as the principal debtor. The Transport Department shall have the fullest liberty without affecting in any way the liability of the Bank under this Guarantee from time to time to vary any of the terms and conditions contained in the said Bidding Documents or to extend time for submission of the Bids or the Proposal Validity Period

or the period for conveying acceptance of Letter of Award by the Bidder or the period for fulfilment and compliance with all or any of the terms and conditions contained in the said Bidding Documents by the said Bidder or to postpone for any time and from time to time any of the powers exercisable by it against the said Bidder and either to enforce or forbear from enforcing any of the terms and conditions contained in the said Bidding Documents or the securities available to the Transport Department, and the Bank shall not be released from its liability under these presents by any exercise by the Transport Department of the liberty with reference to the matters aforesaid or by reason of time being given to the said Bidder or any other forbearance, act or omission on the part of the Transport Department or any indulgence by the Transport Department to the said Bidder or by any change in the constitution of the Transport Department or its successor entity or any other matter or thing whatsoever which under the law relating to sureties would but for this provision have the effect of releasing the Bank from its such liability.

8. Any notice by way of request, demand or otherwise hereunder shall be sufficiently given or made if addressed to the Bank and sent by courier or by registered mail to the Bank at the address set forth herein.

9. We undertake to make the payment on receipt of your notice of claim on us addressed to [name of Bank along with branch address] and delivered at our above branch which shall be deemed to have been duly authorised to receive the said notice of claim.

10. It shall not be necessary for the Transport Department to proceed against the said Bidder before proceeding against the Bank and the Guarantee herein contained shall be enforceable against the Bank, notwithstanding any other security which the Transport Department may have obtained from the said Bidder or any other person and which shall, at the time when proceedings are taken against the Bank hereunder, be outstanding or unrealised.

11. We, the Bank, further undertake not to revoke this Guarantee during its currency except with the previous express consent of the Transport Department in writing.

12. The Bank declares that it has power to issue this Guarantee and discharge the obligations contemplated herein, the undersigned is duly authorised and has full power to execute this Guarantee for and on behalf of the Bank.

13. For the avoidance of doubt, the Bank’s liability under this Guarantee shall be restricted to Rs. ______/- (Rupees ______only) The Bank shall be liable to pay the said amount or any part thereof only if the Transport Department serves a written claim on the Bank in accordance with paragraph 9 hereof, on or before [●] (indicate date falling on the 180th day after the Due Date).

Signed and Delivered by ………………………. Bank

By the hand of Mr./Ms …………………….., its ………………….. and authorised official.

(Signature of the Authorised Signatory) (Official Seal)

ANNEXURE X

Format of the extracts from the audited Balance sheet and Profit & Loss Account [On the letterhead of the Bidder]

Annual turnover details of the Bidder from [insert relevant details]

# Financial Year Turnover in Indian Rupees

A 2013 – 2014 B 2014 – 2015 C 2015 – 2016 Aggregate Annual Turnover (A+B+C)

[Extra rows may be added, if required]

*Audited Balance sheet and Profit & Loss account statement of the Bidder for each of the above mentioned financial years shall submit as supporting evidence.

1. Please affix the signature of the authorized signatory of the Bidder with name, designation, seal and datehere.

2. Please affix the signature of the authorized signatory of the statutory auditor of the Bidder with name, designation, seal and datehere.

Note: IT related activities/ services should mean projects involving development of software, end to end Integrated IT Software Implementation, system integration, supply of hardware, provisioning hosting & maintenance services, providing networking support, providing operational and maintenance services for integrated IT software and IT infrastructure.

ANNEXURE XI

Format of the Self Certificate of Completion (Certified by the Statutory Auditor)

[On the letterhead of the Bidder]

RFP Reference No: Dated :

A. Completed Network Security Projects during the last five years (extra rows may be added if required):

Name, Designation Financial Name of and contact year the Client details of Order Project (based on for whom OEMs representing Value in Details Purchase projects the client Crore Order) undertaken for the purpose of reference

B. Ongoing Network Security Projects during the last five years (extra rows may be added if required):

I certify that the above mentioned information and the relevant Annexures and enclosures are true and correct.(Please attach documentary evidence like PO copy, certificate from the customers etc.)

[Please affix the signature of the authorized signatory of the Bidder and the statutory auditor of the Bidder with name, designation, seal and date]

Dated this ______Day of ______, 2016

______

(Name of the Bidder)

______

(Signature of the Authorised Person) Name: Designation: Official Company Seal

ANNEXURE XII

Format of the completion certificate from the client [On the letterhead of the client]

General Information Name of the project Client for which the project was executed Name, address and contact details of the client Project Details Description of the Project Scope of services Service levels being offered/Quality of Service (QOS) Technologies used Outcomes of the project Other Details Total cost of the project Total cost of the services provided by the Bidder Duration of the project (Number of months, start date, completion date, current status) Other Relevant Information Letter from the client to indicate the successful completion of the projects Copy of Work order

Signature: Name of the Authorized signatory: Company seal: Date:

ANNEXURE –XIII Self-Declarations

The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh Vijayawada.

Reference: RFP No: dated

Dear Sir,

We hereby declare and confirm that:

1) We have significant client base in Government, Banking, Financial and Insurance sector in India.

2) We have a dedicated security practice in operation for over 3 years and having more than 30 skilled professionals in security domain, out of whom more than 12 each are certified for each of the Firewall OEMs proposed.

3) We have the proven capability to perform the entire scope of the assignment without outsourcing the same to any third party.

Yours faithfully,

Authorized Signatory

Name of the person Designation Contact Details Address Fax email Date

Official Seal of the Company

ANNEXURE XIV OEM AUTHORIZATION FORM

To The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Complex Vijayawada.

Reference: RFP No: dated

Dear Sir,

We ______(OEM) who are established and reputed manufacturers of ______(Equipment) having factories/Depot at ______and ______confirms that, M/s ______(Name and address of bidder) herein after referred as “Partner” wishes to participate in the Bid or Project stated above and has entered into an agreement for the purchase and resale of ______(OEM) Products and/or Services. The Partner is entitled and authorized to do the following:

a) Resell and/or distribute ______(OEM) products and/or services in India to end users within that Territory.

b) Bid, negotiate and conclude a contract with TRANSPORT COMMISSIONER for the above products/services manufactured or supplied by ______(OEM).

______(OEM) will, within the scope of its agreement with its Authorized channels, provide product warranty services and support for ______(OEM) products obtained through its Authorized channels for a period mentioned in the RFP referred above, from the date of installation at TRANSPORT COMMISSIONER.

______(OEM) certify that, the equipment being sold would not be declared End of Sale (EoS) in the next 7 Years and that ______(OEM) shall supply suitable substitute in case EoS of equipment. Also ______(OEM) certifies that the products being sold would be covered under Warranty / Support and support will be available for next five years from the date of installation at TRANSPORT COMMISSIONER.

______(OEM) certify that the Annual Maintenance Contract (AMC) rate quoted will remain valid and unchanged during the AMC for 5 years.

If you need any additional information, please contact

Mr./Ms. ______at

______(Mobile no.) or

______(e-mail ID)

Yours faithfully,

For and on behalf of M/s ______(Name of the manufacturer)

Signature Name of the person Designation Contact Details Address Date

Seal of the OEM

ANNEXURE XV Format for Declaration regarding Non-Blacklisting

(On the Letterhead of the Bidder)

Date: [●]

The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh Vijayawada.

Reference: RFP No: dated

Dear Sir,

This has reference to the reference No: ______Dated ______, for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONERat locations specified by TRANSPORT COMMISSIONER.

We ______(name and address of the bidder) hereby confirm that we have not been black-listed/de-barred by any Govt./ PSU/ BFSI organization/ Government Departments in India, including TRANSPORT COMMISSIONER, as on date of submission of the bid. Also, there has been no occasion of disassociation with any of our customers in India on account of delayed/defaulted deliveries or services during last three years.

Dated this ______Day of ______, 2016

______

(Name of the Bidder)

______

(Signature of the Authorised Person) Name: Designation: Official Company Seal

ANNEXURE XVI

FORMAT FOR PERFORMANCE BANK GUARANTEE (To be typed on Non-judicial stamp paper of the value of Indian RS. 100/-)

(TO BE ESTABLISHED THROUGH ANY OF THE NATIONAL BANKS (WHETHER SITUATED AT VIJAYAWADA OR OUTSTATION) WITH A CLAUSE TO ENFORCE THE SAME ON THEIR LOCAL BRANCH AT VIJAYAWADA OR ANY SCHEDULED BANK (OTHER THAN NATIONALISED BANK) SITUATED AT VIJAYAWADA. BONDS ISSUED BY CO-OPERATIVE BANKS ARE NOT ACCEPTED.)

To The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Complex Vijayawada.

LETTER OF GUARANTEE

WHEREAS Andhra Pradesh Transport Department (Buyer) have invited Tenders vide RFP Referfence No...... Dt...... for for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra PradeshAND WHEREAS the said tender document requires that any eligible successful tenderer (seller) wishing to supply the equipment /machinery etc. in response thereto shall establish an irrevocable Performance Guarantee Bond in favour of “The Transport Commissioner, Transport Department, Government of Andhra Pradesh, Vijayawada” in the form of Bank Guarantee for Rs ...... and valid till five years from the date of issue of Performance Bank Guarantee may be submitted within 30 (Thirty) days from the date of acceptance as a successful bidder.

NOW THIS BANK HEREBY GUARANTEES that in the event of the said tenderer (seller) failing to abide by any of the conditions referred in tender document / purchase order / performance of the equipment / machinery, etc. this bank shall pay to The Transport Commissioner, Transport Department, Government of Andhra Pradesh, Vijayawadaon demand and without protest or demur Rs ...... (Rupees...... ). This bank further agrees that the decision of The Transport Commissioner, Transport Department, Government of Andhra Pradesh, Vijayawada(Buyer) as to whether the said Tenderer (Seller) has committed a breach of any of the conditions referred in tender document / purchase order shall be final and binding. We, ...... (name of the bank & branch) hereby further agree that the guarantee herein contained shall not be affected by any change in the constitution of the Tenderer (Seller) and/ or The Transport Commissioner, Transport Department, Government of Andhra Pradesh, Vijayawada(Buyer).

Notwithstanding anything contained herein:

1. Our liability under this Bank Guarantee shall not exceed Rs...... (Indian Rupees ...... only).

2. This Bank Guarantee shall be valid up to ...... (date) and 3. We are liable to pay the guaranteed amount or any part thereof under this bank guarantee only and only if Institute serve upon us a written claim or demand on or before ...... (date).

This Bank further agrees that the claims if any, against this Bank Guarantee shall be enforceable at our branch office at ...... situated at ...... (Address of local branch).

Yours truly,

Signature and seal of the guarantor: Name of Bank: Address: Date:

Instruction to Bank: Bank should note that on expiry of Guarantee Period, the Original Guarantee will not be returned to the Bank. Bank is requested to take appropriate necessary action on or after expiry of bond period.

ANNEXURE XVII

Contents of the Technical Proposal

Note to Bidders: Bidders are required to present sound, complete, and competent technical and functional architecture solution and are expected to address the various technical / functional parameters mentioned in the RFP document in their proposed solution. Bidders should also include the Bill of Materials (wherever applicable) for all the software and hardware components, products and tools that are proposed for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra Pradesh

1. The Bidder will have to compulsorily give compliance for the specifications defined in respective Technical annexures for technical specifications of each of the hardware/software.

2. The technical specifications should be thoroughly checked before quoting any model by the bidder.

3. The bidder has to submit Technical Brochures of the products in the form of soft copies on READ-ONLY CD/DVD and hard copies with required information properly highlighted along with the technical bid. (Soft copy does not mean reference to a link).

The Technical-Bid document should contain the following:

1. Covering letter (on bidder’s letterhead) giving reference of this RFP and consent for acceptance of all the Terms & Conditions of this tender (including modifications, if any, issued subsequently) and mentioning list of all the enclosures.

2. Technical specification compliance sheet as per Annexure-IX

3. Technical details/brochures of the product(s) as given in the Technical bid. No indications as to price aspect or financial stipulations are to be given in the technical bid, failing which the bid shall be rejected.

4. Undertaking and Declarations regarding Quality, warranty etc. as per Annexure-X.

5. Hard copy of the complete technical-bid document spirally bound (each page duly numbered, stamped and signed by the authorized signatory) in the exact format as given in this tender. The bid may not be evaluated by TRANSPORT COMMISSIONER in case of non-adherence to the format or partial submission of technical bids. There should be one common number serially running throughout the submitted document.

6. Soft copy of the complete Technical bid (along with all its annexure) in a separate READ-ONLY CD/DVD with all documents.

Appendix XVII - A

Letter of Technical Proposal [On the letterhead of the Bidder]

To The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Complex Vijayawada.

Dear Sir,

Subject: Submission of the Technical Proposal in accordance with the RFP dated [●]

We, the undersigned, offer for for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN For TRANSPORT COMMISSIONER locations across Andhra Pradesh accordance with the RFP/Bidding Documents.

We are hereby submitting our Technical Proposal in this regard.

We hereby declare that all the information and statements made in this Technical Proposal are true and accept that any misinterpretation contained in it may lead to our disqualification.

We agree to abide by all the terms and conditions of the Bidding Documents including the RFP dated [●] issued by the Transport Department. We would hold the terms of our Proposal valid for 180 (one hundred and eighty) days or any extension thereof as stipulated in the RFP.

We understand you are not bound to accept any Proposal including Technical Proposal you receive.

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location Date]

Appendix XVII - B

Declaration of Quality, Support and Man-Power [On the letterhead of the Bidder]

To The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Complex Vijayawada.

Dear Sir,

Subject: Submission of the Technical Proposal in accordance with the RFP dated

We hereby accept all the Term & Conditions of the above RFP for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN for TRANSPORT COMMISSIONER locations across Andhra Pradeshand extend complete warrantyand full guarantee for maintenance of the firewalls.

Further, we hereby undertake that:

1. The original equipment’s, spare parts, components required for maintaining the networking hardware supplied will be available for a minimum period of 5 years as per terms and conditions of the RFP.

2. All the equipment/components/parts/software(s) used in the Networking Firewall, etc. shall be original new equipment / components / parts / software(s) from respective OEMs of the products and that no refurbished / duplicate/second-hand-equipment / components/ parts / software(s) shall be used.

3. In respect of licensed software(s) if asked by TRANSPORT COMMISSIONER in the purchase order shall be supplied along with the authorized license certificate and also that it shall be sourced from the authorized source.

4. Should TRANSPORT COMMISSIONER require, we shall produce certificate from the OEM supplier in support of above undertaking at the time of delivery, if not already produced. It will be our responsibility to produce such letters from our OEM supplier’s within 7 days of your request.

5. In case we are found not complying with above at the time of delivery or during installation, for the equipment / components / server(s) already billed, we agree to take back the equipment / components / hardware, if already supplied.

6. We shall provide the required number of onsite Service-Delivery Manager, fulfilling the qualification criteria as defined in the RFP within the stipulated time.

7. We shall provide training for users specified in this RFP.

8. We shall deliver the items as specified in deliverables in this RFP.

9. We shall compliance to the Service Level Agreement as specified in Annexure– II.

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location Date]

APPENDIX XVII – C Specifications Compliance Sheet

Sr.No Secure Network Termination Appliance Full . Specifications Compainc e (Yes / N0) 1 General Requirements & Industry Certifications The proposed architecture involves setting up of core application infrastructure on a Public cloud infrastructure (like Microsoft Azure) and configuring individual branch locations to connect to the application instances on the cloud for secure access. To this end, the solution proposed for network termination at the individual branches must also be available in a virtual form factor on Microsoft 1.1 Azure and Amazon AWS. The department may choose to provision VPN connectivity between the individual branches and the cloud instance of the network termination device. Hence, the required processing capacity for terminating all the branch locations, without a performance impact would need to be available to be provisioned on the cloud instance, on a need basis. The proposed solution must provide Layer 7 / Application Layer security solution. The device proposed at the branch 1.2 location must be able to natively identify and control applications, users and content The proposed application security solution must be in the Leader’s quadrant in the Gartner "Magic Quadrant for 1.3 Enterprise Network Firewalls" as per the latest available report. For high performance with low latency the proposed solution must provide all application level inspection as 1.4 real-time stream-based and not using file-based store- and-forward techniques The proposed appliance must provide high levels of 1.5 reliability through the use of SSD for storage and not using fans and other similar moving components The proposed solution must allow policy rule creation for application identification, user identification, host profile, 1.6 threat prevention, content filtering, QOS and scheduling in a single rule and not at multiple locations The Firewall appliance should have certifications like ICSA 1.7 / EAL4 / NDPP or more The Propose vendor must have track record continues 1.8 improvement in threat detection and unique identification technologies. The proposed solution must have the provision of drawing 1.9 power from 2 different sources, either with RPS or using redundant power inputs The proposed appliance must have at least 8 x 1G 1.10 versatile Ports

100

1.11 Firewall appliance should have console port and USB Ports Appliance should be rack mountable and support side rails 1.12 if required Should support Internet Service Provider link load 1.13 balancing. The proposed appliance must have 1 x 1G port for out of 1.14 band managament. 2 Performance The appliance must provide a minimum of 500Mbps Application enabled Firewall throughput and minimum 150 Mbps of throughput with all security features enabled including Application Control + User Identification + IPS + 2.1 Anti Spyware + Antivirus with all signatures on the appliance turned ON. The performance must be based on 64Kb HTTP traffic and not UDP. The claim has to be supported by publicly available documents The proposed appliance must be able to handle minimum 2.2 4,200 new sessions per second The proposed appliance must be able to handle minimum 2.3 64,000 concurrent sessions The appliance must be capable of handling minimum 250 2.4 policies The proposed appliance must be able to handle minimum 2.5 100 Mbps IPSEC VPN throughput 2.6 Storage option Minimum 32 GB SSD The proposed appliance must support minimum 250 Site to Site IPSEC VPN tunnels. The proposed solution must 2.7 support minimum 250 client to site VPN tunnels. All licenses needs to be provisioned from day one. 3 Operation Mode The proposed appliance must support, Tap Mode, Transparent, Layer 2 , Layer 3 mode providing flexibile 3.1 deployment. The proposed solution must be able to support simultaneous deployment with interfaces servicing Layer 3, Layer 2, Transparent and Tap modes. The proposed appliance must support 802.1Q VLAN 3.2 tagging The proposed appliance must support Dual Stack IPv4 & 3.3 IPv6 application control and threat inspection under various deployment modes from day one. The proposed appliance must support standards based 3.4 Link aggregation (IEEE 802.3ad) to achieve higher bandwidth The proposed appliance must support logical Ethernet 3.5 sub-interfaces tagged and untagged. The proposed appliance must support the following 3.6 routing protocols static, RIPv2, OSPF, BGP4 The proposed appliance must have Virtual Router capabilities that supports all L3 capabilities.The proposed 3.7 solution must have IPv6 Static Routing Support even for virtual routers.

101

The proposed appliance must support DHCPv4 and 3.8 DHCPv6 relay from day one. 3.9 High Availability The proposed appliance must be able to support 3.9.1 Active/Active configuration The proposed appliancemust be able to support 3.9.2 Active/Passive HA configuration The proposed appliance must be capable to detect device, 3.9.3 link and path failure and the ability to monitor health of the peer device withOUT external network dependencies. The proposed appliance must be able to support session 3.9.4 and configuration synchronization The proposed appliance must synchronize the following 3.9.5 for HA . Sessions, Decryption Cert, Threat and Application Signature etc ensuring seamlees operations The proposed appliance HA must support hitless upgrades 3.9.6 for both major and minor code releases The OEM must provide 24 X 7 X 365 technical support either directly or via authorized partners, with back-line 3.10 support from the OEM. The OEM must have a local TAC in India Every Gateway Security control (like Firewall or any other feature required to meet above specification) must not 3.11 have any licensing restriction on number of users and must be supplied for unlimited users unless specified otherwise. 3.12 Should support at least 200 protocols All internet based applications should be supported for 3.13 filtering like Telnet, FTP, SMTP, http, DNS, ICMP, DHCP, ARP, RPC, SNMP, Lotus Notes and Exchange etc. Firewall should support the authentication protocols 3.14 RADIUS, LDAP, TACACS, and PKI methods Local access to the firewall modules should support 3.15 authentication protocols – RADIUS & TACACS+. 3.16 Dynamic policy enforcement on VPN clients. Firewall must provide state engine support for all common 3.17 protocols of the TCP/IP stacks. 3.18 Should support telnet client and server functionality 4 Firewall Security Policy The proposed solution must support network traffic classification which identifies applications across all ports irrespective of port/protocol/evasive tactic from day one. 4.1 The proposed solution must have application and application function identification and decoding technology from day one. The proposed solution must be able to handle 4.2 unknown/unidentified applications e.g. alert, block or allow The proposed solution must be able to create custom 4.3 application signatures and categories based on customer environment.

102

The proposed solution must delineate specific instances of peer2peer traffic (Bittorrent, emule, neonet, etc.), 4.4 messaging (AIM, YIM, Facebook Chat, etc.) & Proxies (ultrasurf, ghostsurf, freegate, etc.). The proposed solution must delineate different parts of 4.5 the application such as allowing Facebook chat but blocking its file-transfer capability etc. The proposed solution must support Voice based protocols 4.6 (H.323, SIP, SCCP, MGCP etc.) The proposed solution must support authentication services for user-identification using any of the following 4.7 technologies AD, LDAP, eDirectory, Radius, Kerberos, Client Certificate from day one. The proposed solution must support the creation of 4.8 security policy based on Active Directory Users and Groups in addition to source/destination IP. The proposed solution must support user-identification in 4.9 policy without installing an agent on individual endpoints. The proposed solution must support user-identification 4.10 over wireless by integrating with Wireless controllers. The proposed solution must populate and correlate all logs 4.11 with user identity (traffic, IPS, URL, data, etc.) without any additional products or modules in real-time The Firewall must provide NAT functionality, including 4.12 dynamic and static NAT translations. Network address translation (NAT) must be supported so 4.12.1 that the private IP addresses of hosts and the structure of an internal network can be concealed by the firewall. Network Address Translation (NAT) must be configurable 4.12.2 as 1:1, 1: many, many: 1, many: many, flexible NAT (overlapping IPs). Reverse NAT must be supported. 4.12.3 Port address translation must be provided The proposed solution must support Policy Based 4.13 forwarding based on Zone, Applications , Source / Destination Address, User or User Group 5 Threat Prevention Features The proposed solution shall support IPS , Anti Virus and 5.1 Anti Bot & Spyware Protection features from day one. The proposed solution shall be supported by a world-class threat research organization dedicated to the discovery and analysis of threats, applications and their respective 5.2 network behavior. The threat and vulnerability information that is protected shall be publicly accessible on the internet. The proposed solution shall block known network and 5.3 application-layer vulnerability exploits The proposed solution shall block buffer overflow, 5.4 DoS/DDoS , etc type of attacks The proposed solution shall perform stream-based Anti- 5.5 Virus & Anti-Spyware and not store-and-forward traffic inspection

103

The proposed solution shall support attack recognition for 5.6 IPv6 traffic the same way it does for IPv4 The proposed solution shall support Built‐in Signature and 5.7 Anomaly based Vulnerability Protection Engine The proposed solution shall support the ability to create 5.8 custom user-defined signatures The proposed solution shall support granular tuning with 5.9 option to configure overrides for individual signatures The proposed solution shall support automatic security 5.10 updates directly over a secure connection (i.e. no dependency of any intermediate device) The proposed solution Vulnerability / Virus / Spyware 5.11 protection signature updates shall not require reboot of the unit. The proposed solution must support different actions in 5.12 the policy such as deny, drop, reset client, reset server, reset both client and server. Integrated IPS, Antivirus, Anti-Spyware & Anti-Bot 5.13 functionality should be available as a module that can be activated and de-activated as and when required. Activation of new IPS protections should be based on 5.14 parameters like Threat severity i.e. High, Medium, low risk etc. IPS Profile should have an option to select or re-select 5.15 specific signatures that can be deactivated. The proposed solution must have an option to add 5.16 exceptions for network, services and Users. The proposed solution must have functionality of Geo 5.17 Protection to Block the traffic country wise. The proposed solution must have an option to create your 5.18 own signatures with an open signature language. The proposed solution must provide detailed information 5.19 on each protection, including: Vulnerability and threat descriptions, including CVE details & Threat severity Solution must be able to identify malwares coming from 5.2 incoming files and malwares downloaded from Internet 5.21 Solution must be able to Discover bot outbreaks Solution must be able to discover the Bot infected 5.22 machine 5.23 Solution must be able to prevent bot damage Solution must have an Multi tier bot discovery ie Detect 5.24 Command and Control IP/URL and DNS Solution must be able to detect Unique communication 5.25 patterns used by Botnets. Solution must be able to block traffic between infected 5.26 Host and Remote Operator and not to legitimate destination Solution must be able to provide with Forensic tools which 5.27 give details like Infected Users/Device, Malware type, Malware action etc

104

The proposed solution must support protection against 5.28 credential phishing of internal users. The framework being used for protection has to be provided. The Antivirus engine of the solution must be provided by 5.29 the OEM itself and must not depend on a third party OEM for signatures It must be possible for enhancing the services on the appliance to include Advanced Persistent Threat Protection at a later date, using a license, without impacting the 5.3 performance of the appliance. The APT solution of the OEM must provide 5 minute updates for discovered malware. 6 SSL Decryption The proposed solution shall be able to identify, decrypt 6.1 and evaluate SSL traffic in an outbound connection (forward-proxy) The proposed solution shall be able to identify, decrypt 6.2 and evaluate SSL traffic in an inbound connection The proposed solution must support decryption and 6.3 inspection of SSL traffic in an outbound connection, inbound connection across any port. The proposed solution shall support the ability to have a SSL inspection policy differentiate between personal SSL 6.4 connections i.e. bankin, shopping, health and non- personal traffic The proposed solution must support on appliance Per 6.5 policy SSL and SSH decryption for both inbound and outbound traffic. The proposed must support on appliance SSL decryption 6.6 policy based on IP, User, web category. 7 URL Filtering The proposed solution shall support URL-Filtering, with 7.1 the categorisation being done by the OEM of the device and not a third party OEM. The Proposed sholution shal have the database located 7.2 locally/ cache url category on the device The proposed solution shall support custom URL- 7.3 categorization The proposed solution shall support customizable block 7.4 pages The proposed solution shall support logs populated with 7.5 end user activity reports for site monitoring within the local solution The proposed solution shall support Drive-by-download 7.6 control The proposed solution shall support URL Filtering policies 7.7 by AD user, group, machines and IP address/range

105

The Threat intelligence of the OEM shall be capable of providing 5 minute updates specifically to URLs falling under the malicious URLs and phishing URL categories 7.8 from their APT analysis system. This would ensure that the URL categorisation of malicious URLs is as current as possible, reducing the attack surface. The proposed solution must have the capability to 7.9 provision additional authentication for specific URL categories for enhanced security. 8 QOS The proposed firewall must support the ability to create 8.1 QoS policy 8.1.1 by destination address 8.1.2 by user/user group as defined by AD by application (such as Skype, Bit torrent, YouTube, 8.1.3 azureus) by static or dynamic application groups (such as Instant 8.1.4 Messaging or P2P groups) 8.1.5 by port The proposed firewall must define QoS traffic classes 8.2 with: 8.2.1 guaranteed bandwidth 8.2.2 maximum bandwidth 8.2.3 priority queuing The proposed firewall must support real-time prioritization 8.3 of voice based protocols like H.323, SIP, SCCP, MGCP and applications like Skype. The proposed firewall must support real-time bandwidth 8.4 statistics of QoS classes. 9 Management & Reporting The appliance shall provide local monitoring and reporting functionality, along with the ability to be managed and 9.1 monitored from a remote management server from the same OEM. The management server shall be available both in the virtual and physical form factor. The solution shall support the forwarding of logs to email, 9.2 external syslog servers and any other logging service / SIEM, as per customer requirements The intelligence system of the OEM shall be publicly accessible (with applicable additionally procured licenses) to customers for threat analysis and proactive protection. This system shall provide historical data of all threats discovered by the OEM, it's indicators of compromise and 9.3 applicable URLs, IP addresses, domains and hashes in searchable, taggable formats. This would allow Security administrators to search for specific indicators and use these indicators for improving security posture of the environment. Firewall must support the user based logging. Log levels 9.4 must be configurable based on severity. 9.5 It must be able to Search and Filter the log.

106

The Firewall logs must contain information about the 9.6 firewall policy rule that triggered the log. Should support google like search of logs within seconds It must be able to correlate logs from various modules 9.7 such as Firewall, Application Control, Antivirus & information at different periods of Time. It must support SNMP (Simple Network Management 9.8 Protocol) v 2.0 and v 3.0. The firewall must be capable of integrating with other 9.9 equipment like SIEM tool or reporting tools etc. The solution must be commonly integrated with any of the 9.10 SIEM products, with no customization needed for integration. The proposed solution shall populate and correlate all logs 9.11 with user identity (traffic, IPS, URL, data, AV,AB etc.) without any additional products or modules in real-time Application and user identify based bandwidth 9.12 management 9.13 Guaranteed &Burstable bandwidth policy 9.14 Bandwidth monitoring The management system must support the ability to lock configuration while modifying it, avoiding administrator 9.15 collision when there are multiple people configuring the appliance

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location]

107

ANNEXURE XVIII

Contents of the Financial Proposal

The Technical-Bid document should contain the following:

1. Covering Letter to the Financial Proposal in Appendix 2. Commercial Bid in Appendix

108

Appendix XVIII - A Covering Letter to the Financial Proposal

[On the letterhead of the Bidder]

To The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Complex Vijayawada.

Dear Sir,

Subject: Submission of the Technical Proposal in accordance with the RFP dated

Our attached Financial Proposal is for the sum of [specify the amount in words and figures] (“Bid Price”). This amount is inclusive of the all applicable taxes.

1. PRICE AND VALIDITY

1.1 All the prices mentioned in the Financial Proposal are in accordance with the terms as specified in the Bidding Documents. All the prices and other terms and conditions of this Financial Proposal are valid for a period of 180 (one hundred and eighty) calendar days from the Due Date or any extension thereof as stipulated in the RFP.

1.2 We hereby confirm that the Bid Price includes all applicable taxes. However, all the taxes are quoted separately under relevant sections.

1.3 We understand that the actual payment would be made as per the existing indirect tax rates during the time of payment.

2. UNIT RATES

2.1 We have indicated in the relevant forms enclosed, the unit rates for the purpose of on account of payment as well as for price adjustment in case of any increase to / decrease from the scope of work under the contract.

109

2.2 We declare that all the services shall be performed strictly in accordance with the Bidding Documents.

3. PROPOSAL PRICING

We further confirm that the prices stated in our Financial Proposal are in accordance with the Bidding Documents.

4. QUALIFYING DATA

We confirm having submitted the information as required by you in accordance with the Bidding Documents. In case you require any other further information/documentary proof in this regard before evaluation of our Proposal, we agree to furnish the same in time to your satisfaction.

5. BID PRICE

We declare that our Bid Price quoted in the Financial Proposal is for the entire scope of the work as specified in the RFP.

6. OTHERS

6.1 We understand you are not bound to accept any Proposal you receive.

6.2 We hereby declare that our Financial Proposal is made in good faith, without collusion or fraud and the information contained in the Financial Proposal is true and correct to the best of our knowledge and belief.

6.3 We understand that our Proposal including the Financial Proposal is binding on us and that you are not bound to accept any Proposal you receive.

Sincerely,

[Bidder's name with seal]

[Authorized Signature (in full and initials) Name and Title of Signatory Address Location]

110

Appendix XVIII - B Format of Commercial Bid for Supply, Installation, Configuration and Commissioning of Network Firewall to Connect Cloud through VPN for TRANSPORT COMMISSIONER locations across Andhra Pradesh [On the letterhead of the Bidder]

To The Transport Commissioner, Road Transport Authority Government of Andhra Pradesh NTR Admin Block, APSRTC Complex Vijayawada.

Dear Sir,

RFP Reference No: dated

Sl. Item Description Qty. Unit Total No. Price Firewall Appliance Make ______and Model ______with 5 year Hardware 1 96 warranty and 5 years Software subscription with 24 x 7 online support and onsite Return Policy. 2 Cost for One time Implementation Lot A Total Cost of Hardware – A (1+2) Vendor Remote Support (AMC) for 1st 3 Year Vendor Remote Support (AMC) for 4 nd 2 Year Vendor Remote Support (AMC) for 3rd 5 Year Vendor Remote Support (AMC) for 4th 6 Year Vendor Remote Support (AMC) for 5th 7 Year Total Cost of Vendor Remote B Support – B (3 to 7) 8 CST (%) 9 Sales Tax (%) 10 VAT (%) 11 S.Tax for Product (%) 12 S.Tax for Service (%) 13 Education Cess (%)

111

14 Higher Education Cess (%) Other Taxes & duties ( as 15 applicable) 16 Any Other Charges (Pl. Specify) C Taxes & Duties – C (8 to 16) Total Cost with 5 years Remote D Support (A+B+C) ( Inclusive of taxes)

Note: All quotes to be in INR with no linkage with foreign currency fluctuations, external / internal dependencies etc. and should be inclusive of all taxes.

We unconditionally abide by all the terms and conditions of this invitation for quotes issued by TRANSPORT COMMISSIONER.

Place: AUTHORISED SIGNATORY

Date : Name:

Note:

 The Bidder shall quote for each component, the quotes should be inclusive of all costs except service tax, local tax, cess, levies, GST and VAT.

 Any other local sales Tax / Levies such as Octroi / Entry Tax, Local Body Tax, VAT, GST etc. which may be payable if and wherever applicable at the place of delivery will be paid extra on actual basis by TRANSPORT COMMISSIONER, subject to production of original documents / receipt issued by appropriate authority (CST will not be paid – only sales tax / VAT will be reimbursed).

 It will be the responsibility of the bidder to take care of all formalities, if any, necessary as per rules / regulations / orders of any government/non- government / regulatory authority in force.

 The price quoted shall not be subjected to variations in exchange rate, taxes, duties, levies or variation in labour rates etc.

112

 Bidders are advised to make a detailed study of the requirements of the project and ensure that the prices/rates quoted are all inclusive including the support required from the OEM in the execution and continuous monitoring of the project during the Contract period, as no deviation in any of the conditions would be permitted and nor would any increase in prices be allowed during the contract period.

 The Bidder should have the capability to implement and maintain the project during the contract period of 5 years. The vendor should also be able to carry out any changes, if necessitated by TRANSPORT COMMISSIONER during the contract period of 5 years.

 The vendor should propose only one product/solution for each of the requirements and quote for the same. If a vendor for any one of the stated technical requirements quotes multiple products/solutions, TRANSPORT COMMISSIONER will disqualify the entire response to the RFP by the vendor.

113

Annexure-XIX Procedure for Submission of bids

1. Registration with e-Procurement platform: For registration and online bid submission Bidders may contact HELP DESK of M/s Upadhi Techno services Pvt Ltd. or https://tender.apeprocurement.gov.in.

2. Digital Certificate Authentication: The Bidders shall authenticate the bid with their Digital Certificates for submitting the bid electronically on e-Procurement platform and the bids not authenticated by digital certificate of the Bidders will not be accepted on the e- Procurement platform

3. Submission of Hard Copies: Hard copies of the bids have to be filed in the tender box by 27.02.2017 by 11:00 A.M at O/o. T.C, 1st floor, NTR Administrative block, RTC house, Pandit Nehru Bus Station, Vijayawada, A.P 4. Payment of Transaction Fee: It is mandatory for all the participant Bidders from 1st January 2006 to electronically pay a Non-Refundable Transaction fee to M/s. APTS, the service provider through "Payment Gateway Service on E-Procurement platform". The Electronic Payment Gateway accepts all Master and Visa Credit Cards issued by any Bank and Direct Debit Facility/Net Banking of ICICI Bank, HDFC, Axis Bank to facilitate the transaction. This is in compliance of G.O. Ms. 13, dated 07.05.2006. A service tax of 12.36% + Bank Charges on the transaction amount payable to APTS shall be applicable.

5. Corpus Fund: As per GO Ms No. 4, User Departments shall collect 0.04% of ECV (estimated contract value) with a cap of Rs. 10,000 (Rupees Ten Thousand only) for all works with ECV up to Rs. 50 crores and Rs. 25,000/- (Rupees Twenty Five Thousand only) for works with ECV above Rs. 50 crores, from successful Bidders on eProcurement platform before entering into agreement / issue of purchase orders, towards eProcurement fund in favour of Managing Director, APTS. There shall not be any charge towards eProcurement fund in case of works, items and services with ECV less than and up to Rs. 10 lakhs. 6. RFP Document: The Bidders are requested to download the Tender Document and read all the terms and conditions mentioned in the Tender Document and seek clarification, if any, from the Tender Inviting Authority. The Bidders have to keep track of any changes by viewing the Addenda / Corrigenda issued by the Tender Inviting

114

Authority from time-to-time, in the eProcurement platform. The Department calling for Tenders shall not be responsible for any claims / problems arising out of this.

115