ANNEXURE TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/2567 Page 1 of 6 ANNEXURE A ., ENTERPRISE VERSION OF ANTIVIRUS SOFTW f'.RE FOR "10 USERS

Technical specification

Anti- Virus Software should have the following features/capabilities conforming to the

specifications as given below:- ..0; The Antivirus should have a single key to activate the Licenses in systems which includes few Windows based Servers, Desktop and Laptops located on Multiple LANs, Standalone systems with different operating system. Enhanced Protection 1. The Antivirus solution should provide enhanced antivirus protection for desktops, laptops & servers of all the attacks originating from places inside/outside of the network due to virus and/or other malicious programming code and should give appropriate warning messages 2. Anti-Virus Software must have the capability to clean, Quarantine or delete Viruses and should be able to detect new classes of viruses by normal virus definition update mechanisms 3. The Antivirus Solution technology should include a behavioral based technology apart from providing the signatures for vulnerability add heuristic based approach. It should be able to score both good and bad behaviors of unknown applications, enhancing detection and reducing false positives without the need to create rule-based configurations to provide protection from unseen threats i.e. zero-day threats. Centralized management and graphical reporting 4. Should be capable of being managed via a centralized console, should be capable of deploying Antivirus on all desktop and servers attached to the network centrally and should provide reports such as AV Coverage, Virus Definition update reports, actions performed etc. 5. The Antivirus solution must provide a mechanism for developing and deploying policy to each system node with respect to scheduling scan jobs, rear-time scan settings, signature distribution, alerting and analysis etc. 6. Antivirus should provide centralized event logging to locate and cure virus problems. 7. Administrator should be able to initiate virus sweeps remotely in case of an outbreak. 8. Antivirus solution should have a Single, Configurable Installation with centralized configuration & policy management & should have a Common Distribution Mechanism via combination of push & pull Technology for better BW management 9. Antivirus should be capable of pushing client installation, distribute new and update anti- virus software, virus definitions and policies automatically to clients and servers from a centralized location and it should It should also support manual installation of client via network share . 10. Automatic update of Antivirus Server from Vendor Site & client should get update from the local Server & If updating from the Primary Server fails for any reason (such as the user being off the network) an attempt should be made to contact the Secondary Server (i.e Vendor site) Active Directory Support 11. Antivirus solution should support integration with Active directory for directory structure of computers for better management & should have logical group based on IP addresses (Subnets) & VLANs, 12. Should support scanning of Active Directory Database and also must scan compressed file formats like\ZIP, ARJ GZIP, BZ2, JAR, RAR,LHZ,TAR Microsoft compressed tile etc. I < \

\ ::-to ANNEXURE TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/2567 Page 2 of 6 Scans and antivirus ~ 13. The Antivirus solution must automatically scan external devices (Floppy disks, Compact " disks, USB devices and Network shares in real-time when accessed) as soon as they are attached to PC, Server, Laptop etc. 14. Should allow the user/administrator to initiate a scan on the memory as well as the HDD 15. Should have the ability to exclude specific files and directories from the on Demand Scanning 16. Should allow the user to define processes/files as high risk or low risk and thereby assign a scan policy on them 17. Solution should have File antivirus with following technologies a) Signature based analyses b) Heuristic based analyses c) iSwift & ichecker based scanning 18. Should allow the user/administrator to run at specific times or at scheduled intervals and update at the end points from central Server. 19. Solution should provide Web antivirus features which should analyze site address and block access to dangerous sites & Scan the object downloaded over HTTP 20. Should have the ability to include on demand or scheduled in-memory process scanning for viruses, worms and Trojans. Memory Scanning should use viral signatures instead of file names 21. Should protect from the threats that e-mail message may contain &Messages should be intercepted at the protocol level and by embedding into the most popular mail clients. 22. Should protect from the threats that e-mail message may contain &Messages should be intercepted at the protocol level and by embedding into the most popular mail clients. 23. Should provide scanning capabilities for POP3, SMTP, NNTP and IMAP mail traffic, protecting email communications from one of the most common channels of mal ware attack 24. Should allow the On Demand Scanner to recognize the last scanned file and resume scanning from that file if an "On demand Scan" is interrupted 25. Solution should provide IM antivirus features which should protect from the threats that IM attachment may contain & and it should support the following Instant mesaging applications: ICQ,MSN,AIM,MAIL.RU AGENT & IRC Spyware, adware and dialer detection 26. The proposed solution should be capable of detecting and removing unwanted programs in real time malicious software including viruses, worms, Trojan horses, spyware, Adware, Dialers, Joke programs, Remote administration tools, Password crackers, User defined programs and RootKit. 27. Should have the ability to detect and remove unwanted joke programs, toolbars, adware, spyware, dialers etc Post detection action 28. Post detection antiviral performs following action Alert / Notify, Clean, Delete / Remove, Move / Quarantine, Prompt for Action 29. The administrator should have the option of excluding specific programs that are detected as part of this detection. The exclusion can be set based on filenames or categories 30. Antivirus should provide a feature for the rollback of mal ware actions during

------5 ANNEXURE TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/2567 Page 3 of 6

"'-"disinfection( Roll back means rolling back the changes made to the file system (creating, •.relocating, renaming files) and registry keys Protection 3l. The proposed anti -virus solution should have the capacity to prevent infections from occurring by detecting and preventing the execution of malicious code that leverages, Java Scripts, Visual Basic (VB) Scripts 32. Solution should provide a web console feature that works via a browser (The web console should be used for creating reports and performing simple operations with computers i.e viewing the status, relocating, Installing Antivirus 33. Solution should provide Application Privilege Control to regulate the activities of the running programs, namely, access to the file system and registry as well as interaction with other programs. 34. The Firewall module in the software should have rule-base approach, with administrator defined rules 35. The Firewall module should have feature to allow or block certain network traffic, based on port-number / protocol and based on network address. 36. The Firewall module should monitor the traffic from the applications installed on that endpoint. Specific rules can be created to block certain application's network traffic. 37. The solution should have HIPS module, which could protect the endpoint from network based attacks. The signatures for HIPS should be regularly updates to identify latest network attacks for endpoints. 38. The endpoint solution should have a feature to detect network attacks originating from a computer, and then block the traffic from that computer. 39. The Firewall module should have option to create network subnets like Public, Trusted, Local etc, and accordingly the network traffic flowing rules should be created. 40. The firewall module should have option to automatically categorize the applications in Trusted, Low Restricted, High Restricted, Untrusted etc, and accordingly the application's network traffic should be allowed 41. Firewall should allow creation of inbound or outbound traffic restriction rules 42. Antivirus Solution should provide Application startup Control module with Application categorization, Dynamic White listing database consisting of programs that are constantly scrutinized to ensure they are legitimate, Golden Image support, Default deny' support, Trusted updater' support, and with the ability to grant block and audit application launch based on administrator applied policies. 43. Antivirus Solution should provide Device-control module with ability to control usage of unknown or unwanted devices, reducing the risk of data loss, White list categories ( based on serial numbers), Temporary grant access to block device over the Internet, Device inventory, Access time scheduling, 44. Antivirus Solution should provide Web control module with URL filtering and categorization, Access scheduling, Blocking by data type, Blocking by content, Web Action like Allow, Block & Warn, Integration with Active Directory for Users and Groups . .45. Antivirus should have Exploit Prevention which when detects any suspicious behaviour. the application will be blocked & report same to Server. 46. Solution should provide tamper protection features i.e user who does not know the password may not able to change the existing policy, exit or uninstall the antivirus solution. 47. The proposed solution should have Predefined rules for hundreds of the most commonly used applications reduce time spent on configuring the firewall ANNEXURE TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/2567 Page 4 of 6 48. Alertson virus activity should be passed on to administrator Supported Platforms 49. The Antivirus solution Should Support Multi -Platform operating system(Windows , Mac, Linux ) and the same should be managed from a single Centralized Management console Support for Feature/Compatibility Anti-Virus Software should also support the following features:-

50. It should support conversion to and from virtual environments like VMware, Microsoft Hyper & MicrosoftVirtual Server 51. Solution should provide Mobile device security & Mobile device Management (MDM) feature & it should supports Active Directory, MicrosoftExchange 52. Solution should provide management visibility and security for mobile endpoints - without the complexity of a separate solution. 53. Solution should provide Antimalware feature for Mobile devices and should use the power of the cloud to provide rapid protection against new and emerging threats. 54. Solution should provide Multi-level defense technologies for mobile devices (E.g. Anti­ spam technology to filter out unwanted calls and text messages) it should also have Safe Browser feature for iOS devices to protect against phishing websites. 55. Solution should have feature to Enforce encryption on each user's mobile device and should offer a convenient way to enforce the use of the encryption technologies that are resident within the mobile device - so we can easily ensure that all data on the device is encrypted or just encrypt all of the corporate data that's held within a special container on the user's device. 56. Solution should support Bring Your Own Device (BYOD) initiatives and should include containerization features - to help ensure corporate data and personal data are held in separate containers on the user's device. 57. Solution should have special Anti-theft features that should help to minimize the risk of security breaches that can result from a Jost or stolen device. 58. Solution should have Remote Lock, Find and Wipe features (E.g. Administrator can remotely lock a mobile device, findthe device's approximate location he can also choose to wipe corporate data fromthe device and returnthe device to its original factory settings. 59. Solution should have a Mobile device management (MDM) feature with extensive mobile device management functionality - to give administrator easy and rapid control over all mobile security functions. 60. Vendor Should have 24x7 anti-malware laboratory analysis centers to provide proactive rapid protection against known and unknown threats ANNEXURE TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/2567 Page 5 of 6

ANNEXUREB ..• TERMS AND CONDITIONS

a) The bidder must have support center with qualified personnel for the Antivirus product at Hyderabad. b) Completeness of Installation:The installation will be deemed as incomplete if any component of the Antivirus software or any documentation/media is not delivered or is delivered but not installed. c) Licensing Period, Warranty, Upgrades & Updates: The offer must cover a minimum Licensing/subscription period of one year from the date of installation including all upgrades and updates from the date. Upgrades would mean product upgrades, engine updates, virus definition updates as well as version updates. The facility of upgrades and updates must be available on OEM web-site and enabled for AMD, Hyderabad to download the upgrades and updates automatically as and when made available on the website. The warranty should include onsite support for problems arising due to the software at the centralized server and the nodes during the license period. The vendor needs to attend to the problem immediately. The firm should submit a letter of assurance /certificate indicating uninterrupted support for the supplied of anti virus product during the warranty perio� The vendor should install the new antivirus software on 70 systems after uninstalling the existing antivirus software on all the systems.

support service should be normally provided between 9.30 A.M to 5.45 PM on all workmg days (Monday to Friday excluding holidays) unless otherwise agreed. The service includes carrying out necessary repairs/updates/setting up and regular backup of antivirus server on multiple LANs, generation of virus_ activity reports and implementation of IT security through the antivirus product. Certified professional from the firm should visit the site at AMD, Hyderabad once in a month for handling above tasks apart from visits to attend the works whenever requested by AMD. No remote access to resolve problem is allowed Certified professional should attend the complaint at AMD, Hyderabad within 6 hours of receiving the call. The firm should coordinate with the with the firms maintaining the LANNPN, facilities at AMD, Hyderabad. Strict confidentialityof the Network Security and LAN/VPN facilityshould be ensured. d) Latest version of anti-virus system: The successful bidder should have quoted latest version of anti-virus system as available in the market. Moreover, in case any upgraded version is introduced by the OEM during validity of license of anti-virus supplied, upgraded version shall be implemented immediately in AMO, Hyderabad also without any extra cost. e) Indemnity: Vendor shall indemnify, protect and save AMD, Hyderabad against all claims, losses, cos�s, damages, expenses, action suits and other proceeding, resulting from infri11ge�ent of an)' patent, trademarks, copyrights etc. or such other statutory infringements in respect of all the software supplied by him. The vendor should not insist for end user agreement of the software. ANNEXURE TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/2567 Page 6 of 6 Payment terms: Payment hich o ina lude the li ense/ ubscriptio fo1/70 \nodes sha:I f) � � � � _ � � _ , be made after successful mstallatI � tmg, comm1ss1omng of Anti-V1��ftware or""\ · AMD LAN at Hyderabad along with: 70 ser License certificate. The vendor should submit Satisfactory installation certificate obtained from Incharge, AMDC.

c/ Eligibility Criteria : Bidder must have successfully supplied and provided the onsite support for the enterprise version of Antivirus system with minimum 300 licenses for three or more reputed organizations. Bidders must submit copies of Supply Order/work completion/satisfactoryletters that substantiate fulfillment of this qualification criterion. Technical Compliance. Bidder shall submit clause wise compliance with the technical specification as stipulated in Annexure "A" and it is the vendor's responsibility to demonstrate the compliance of the software as per the specification to the Software administrator at AMD, Hyderabad.

NOTE: MAKE/MODEL OF THE ITEM SHOULD BE CLEARLY MENTIONED IN YOUR QUOTATION.

- ----