Equipment’s Project “National Proceeding MPLS_15.01.13.pdfShri K.P.S Gautam, SAO, IASRI, New Delhi. 6. ... Wipro Ltd, 1. Prashant Ranjan 2.Chander Shekhar 2. M/s. HP 1. Azhar Ansari

File. No. : 36(26)/2010-CPS Dated: 15/01/2013

Minutes of pre-bid meeting with participating bidders, held on 22.10.2012 at 11.00 AM

in respect of procurement of

Equipment’s / Goods/ Services for Establishment, operation, maintenance of MPLS network under

National Agriculture Innovation Sub-Project “National Agricultural Bioinformatics Grid

in ICAR” at IASRI New Delhi.

Against Credit 4161-IN/4162-IN

1. The following Officers were present on 22.10.2012 at 11.00 AM in the pre-bid meeting :- (a) From NAIP/ICAR

1. Dr. P.K. Malhotra, Chairman, IASRI, New Delhi. 2. Dr. Anil Rai Co-Chairman and PI, NAIP-NABG, IASRI New Delhi. 3. Shri S.K. Sublania, T-9, IASRI, New Delhi. 4. Shri S.B Lal, Scientist, IASRI, New Delhi. 5. Shri K.P.S Gautam, SAO, IASRI, New Delhi. 6. Shri Amit Kumar Marwari, AF&AO, IASRI, New Delhi. 7. Shri R.K.Koli, AAO, IASRI, New Delhi.

(b) Firm’s representative

Sl. No. Name of the Firm (M/s) Representative’s Name (Shri)

1. M/s. Wipro Ltd, 1. Prashant Ranjan 2.Chander Shekhar

2. M/s. HP 1. Azhar Ansari 2. Nishisth Saxsena 3. Alok Mohan Gupta

3. M/s. Reliance 1. Alok Acharya 2. Anket Chandra 3. Alok Anand

4. M/s. INSPIRA 1. Vijay Damani

5. M/s. Tata Communication Ltd. 1. Amit Singh 2. Sandeep Kamall 3. Vivek Aggarwal

6. M/s. MCAFEE 1. Vikas Harjai 2.

7. M/s. HCL Info. Systems. 1. Syed Mudassir 2. Sourabh Gupta

8. M/s. Juniper Networks 1. Puneet Ahuja 2. Gaurav Bajpai

9. M/s. Tulip Telecom Ltd. 1. Sanjeev Khurana 2. Manish Gupta

10. M/s. Bharti Airtel Ltd. 1. Sherry Kalra

11. M/s. Rail Tel 1. Ms. Aanchal 2. Himanshu Kumar 3. Mukesh Guatam

12. M/s. CSIPL 1. Ashish Tandon

13. M/s. MTNL New Delhi 1. J. Ram

14. M/s. Sify Technology Ltd. 1. Chandan Kr. Sharma

15. M/s. BSNL 1. Sunil Mishra

16. M/s. Dimension Data 1. Amarpreet Singh

2. Representatives of the firms made several queries relating to hardware specifications, GCC, SCC, and Qualification Criterion of Bid Document. The details of queries raised by the representatives and its replies are enclosed in Annexure-I and the Amendment is enclosed in Annexure-II.

(P.K. Malhotra) (Anil Rai) (S.K.Sablania) (S.B. Lal)

(K.P.S Gautam) (Amit Kumar Marwari ) (R.K.Koli)

Annexure-I

Pre-Bid Queries with Clarification

Sl

No

.

Pag

e No Section

/ Clause

No.

Sub-

Section

Original Specification No

Change

Requested revised

specifications

Clarifications /

Modifications requested

with

Justification/reasons

IASRI COMMENTS

Routers

1. 191,1

93 C3.0-(I)

and C3.0-

(II)

Router for

Internet

Connectivity

and MPLS

Connectivity

Should provide 4 x 10/100/1000

( Combo interfaces)

Please clearly define the

interfaces requirement from

Day 1? Please also list total

number of LAN/ WAN Giga

Ethernet ports required.

Please clarify the word

Combo mentioned in

statement, as this doesn't

specify anything technically

rather it’s creating

confusion whether the

requirement is for 2 GE

ports or 4 GE ports. So

request you to clarify this

statement and mention

clearly the requirement of 2

x 10/100/1000 GE ports and

2 x SFP GE ports with single

mode/ multimode fiber

transceivers.

Router should have 4 Nos. of

10/100/1000 mbps Combo

Ports ( Combo port mean that

ports can support both fiber and

copper channels to connect)

2. 193,

206 C3.0-(II)

and

D2.0-(I)

Router for

MPLS

Connectivity

STM-1 support Please amend this to : STM-1

support/ Gigabit Ethernet port

(STM-1 can be considered as

optional interfaces)

Please note STM1 can

support up to maximum of

155 Mbps of bandwidth. So

this doesn't suffice the

scalability in case the

bandwidth requirement

goes beyond 100 Mbps. So

we recommend you to

rather ask for additional

Giga Ethernet interface to

ensure that Department has

sufficient scalability for

future requirement.

Feature Deleted, Please refer to

Addenda.

3. 206 D2.0-(I) Router for

MPLS

Connectivity

Should provide performance of

upto1000 Kpps

Please amend this to: Should

provide performance of

upto1500 Kpps

For the scalability, it is

recommended the increase

the performance to

minimum 1500 Kpps

No Change

4. 194,2

06 C3.0-(II)

and

D2.0-(I)

Router for

MPLS

Connectivity

Should have 1GB DRAM & 256

MB FLASH and should be

upgradeable.

Please amend this to : Should

have 1GB DRAM & 256 MB

FLASH and should be

upgradeable to 2GB DRAM & 4

GB FLASH

_ No Change.

5. 194,2

06 C3.0-(II)

and

D2.0-(I)

Router for

MPLS

Connectivity

Addition for Voice & Video

support

Router should support

embedded hardware encryption

acceleration, voice- and video

capable digital signal processor

(DSP) slots

_ No Change

6. 194,2

06 C3.0-(II)

and

D2.0-(I)

Router for

MPLS

Connectivity

Addition for Voice & Video

support

Router should support

embedded Voice and video-

capable digital signal processor

(DSP) slots

_ No Change

7. 194,2

06 C3.0-(II)

and

D2.0-(I)

Router for

MPLS

Connectivity

Quality of Service (QoS )

requirements

Should support hierarchical QoS

for voice and video

Hierarchical QoS will enable

the ability to provide

multiple levels of packet

scheduling and support for

integrated class-based

shaping and queuing. And

will also provision fair

queuing and drop policies

on a per-class basis

No Change

8. 194,2

06 C3.0-(I) ,

C3.0-(II)

and

D2.0-(I)

Router for

Internet and

MPLS

Connectivity

Encryption The router should have a

minimum IPSec forwarding

performance of 1.5 Gbps

Router should support IP

Sec VPN functionality for

providing secure, encrypted

connectivity to remote

locations. So please define

the encryption throughput

of routers to ensure

required performance is

provided by routers

No Change

9. 192

194

206

C3.0-(I) ,

C3.0-(II)

and

D2.0-(I)

Router for

Internet and

MPLS

Connectivity

Encryption The router should support

minimum 2500 VPN tunnels

Considering that the full-

mesh architecture

establishes a direct IPSec

connection between every

site in the VPN. Effectively,

every IPSec router in the

VPN must serve as a hub for

its site, so considering this

minimum tunnel count of

No Change

2500 tunnels should be

considered for these type of

routers.

10. 193

194

206

C3.0-(I) ,

C3.0-(II)

and

D2.0-(I)

Router for

Internet and

MPLS

Connectivity

Security features The Router should be able to

support a State full and Zone

Based Firewall.

As routers are going to be

first point of contact, so it is

recommended to have first

level of security with in

routers itself. Zone-Based

Policy Firewall changes the

OS State full Inspection

model from `interface-

based' model to a more

flexible, easier-understood

zone-based configuration

model. Router interfaces are

assigned to security zones,

and firewall inspection

policy is applied to traffic

moving between the zones

No Change

11. 193

194

206

C3.0-(I) ,

C3.0-(II)

and

D2.0-(I)

Router for

Internet and

MPLS

Connectivity

Routing Feature The router should support

adaptive routing adjustments by

doing routing path selection

based upon advanced criteria

like Response time, packet loss,

delay, jitter, MOS, path

availability, traffic load and cost

policies to intelligently control

the traffic to maximize the

quality of the user experience.

With this feature router can

select an egress or ingress

WAN path based on

parameters that affect

application performance,

including reachability, delay,

cost, jitter, and Mean

Opinion Score (MOS). The

technology can also select

an egress or ingress WAN

path to intelligently load

balance traffic based on

usage or circuit cost to

No Change

reduce costs incurred by

enterprises. To achieve this

balance, PfR selects a WAN

path based on interface

parameters such as

reachability, load,

throughput, and link cost of

using a path. Classic routing

(Enhanced IGRP [EIGRP],

Open Shortest Path First

[OSPF], Routing Information

Protocol Version 2 [RIPv2],

Border Gateway Protocol

[BGP], etc..) protocols

generally focus on providing

reachability by creating a

loop-free topology based on

shortest or least-cost path.

Cisco PfR focuses on

providing application

performance by

understanding application

requirements and current

network performance

characteristics.

12. 195

196

209

C3.0-(I) ,

C3.0-(II)

& D2.0

C3.0-(I)

Router for

Internet

Connectivity

C3.0-(II) &

D2.0 MPLS

Router In

High

Availability

Should support cRTP to

compress voice (RTP) streams

There also few mechanism other

than cRTP which are used for

voice streaming compression

Such as LFI. Hence we request

you to amend the clause as

“Should support cRTP/LFI to

compress voice streams"

_ Read as "Should support

cRTP/LFI to compress voice

streams". Please refer to

Addenda.

13. 195

196

209

C3.0-(II) ,

D2.0-(I)

C3.0-(II) &

D2.0-1(I)

MPLS

Router In

High

Availability

Mode

IPSec VPN

SSL VPN

Tunnel-less VPN

SSL VPN consumes high CPU

utilization therefore many OEMs

don’t support it on their router.

Tunnel-Less VPN perform the

same functionality as SSL VPN

does. Concurrently running all

these feature set on Router will

result in high CPU utilization

which will degrade the

performance. hence kindly

amend the clause " Tunnel-less

VPN/SSL VPN/IpSec VPN"

_ Read as "Tunnel-less VPN/SSL

VPN/IpSec VPN". Please refer to

Addenda.

14. 191 C3.0-(I) Router for

Internet

Connectivity

Router should have 2 or more

Service Module slot with hot

swappable modules.

Kindly modify this clause as

"Router should have 2 or more

Service/Network Module slot

with hot swappable modules."

_ Read as "Router should have 2

or more Service/Network

Module slot with hot

swappable modules". Please

refer to Addenda.


Internet

Connectivity

Non-Stop forwarding on the

routing protocols NSF

Awareness

Kindly modify this clause as "NSF

Awareness/ Gracefull Restart

(GR) /non-stop-routing (NSR)"

_ Read as "NSF Awareness/ Grace

full Restart (GR) /non-stop-

routing (NSR)". Please refer to

Addenda.


Internet

Connectivity

Should support hardware or

software assisted flow-based

traffic analysis of applications,

hosts, performance-based

measurements on application

and network latency, quality of

experience metrics for network-

based services such as voice

over IP (VoIP) and video.

Request you to delete this

clause as its specific to single

OEM


hardware or software assisted

flow-based traffic analysis such

as net flow / sflow or

equivalent." Please refer to

Addenda.


Internet

Connectivity

Should support a module

providing WAN optimization

function internally or externally.


"Should support a module/

Appliance providing WAN

optimization function internally

or externally."

_ No Change


Internet

Connectivity

Should have the ability to

monitor events and take

informational, corrective, action

when the monitored events

occur or when a threshold is

reached.


"Should have the ability to





reached through NMS/IMC"

_ Read as "Should have the ability

to monitor events and take

informational, corrective,

action when the monitored

events occur or when a

threshold is reached through

NMS". Please refer to Addenda.

19. 193 C3.0-(II) MPLS

Router In

High

Availability

Mode

Tunnel-less VPN Kindly modify this clause as

"Tunnel-less VPN /Dynamic

VPN"

_ Read as “Tunnel-less VPN

/Dynamic VPN". Please refer to

Addenda.

20. 194 C3.0-(II) MPLS

Router In




Awareness/ Graceful Restart

_ Read as "NSF Awareness/

Graceful Restart (GR) /non-

High

Availability

Mode

Awareness. (GR) /non-stop-routing (NSR)" stop-routing (NSR)". Please

refer to Addenda.

21. 194 C3.0-(II) MPLS

Router In

High

Availability

Mode

Support for Auto-QoS Kindly modify this clause as

"Support for Auto-QoS

/Equivalent"

_ Read as “Support for Auto-QoS

/Equivalent". Please refer to

Addenda.

22. 194 C3.0-(II) MPLS

Router In

High

Availability

Mode

It should be possible to

recognize a wide variety of

applications, including web-

based and other difficult-to-

classify protocols that utilize

dynamic TCP/User Datagram

Ports (UDP) port assignments.

When an application is

recognized and classified, a

network should be able to

invoke services for that specific

application

Kindly delete this clause as

specific to single OEM

_ Accepted, The feature is

deleted. Please refer to

Addenda.

23. 195 C3.0-(II) MPLS

Router In

High

Availability

Mode

Should support

hardware/Software assisted

flow-based traffic analysis of

applications, hosts,

performance-based






Kindly delete this clause as its





as net flow /sflow or

equivalent." Please refer to

Addenda.

24. 195 C3.0-(II) MPLS

Router In

High

Availability

Mode

Should support a module

providing WAN optimization

function internally or externally.


"Should support a module/

Appliance providing WAN

optimization function internally

or externally."

_ No Change

25. 195 C3.0-(II) MPLS

Router In

High

Availability

Mode

Should have the ability to





reached.


"Should have the ability to





reached through NMS/IMC"

_ Read as "Should have the ability

to monitor events and take

informational, corrective,

action when the monitored

events occur or when a

threshold is reached through

NMS". Please refer to Addenda.


MPLS

Connectivity

In High

Availability

Mode - 02

Nos



Awareness.






stop-routing (NSR)". Please

refer to Addenda.


MPLS

Connectivity

In High

Availability

Mode - 02

Nos

Support for Auto-QoS Kindly change this clause as

"Support for Auto-QoS

/Equivalent"

_ Read as "Support for Auto-

QoS/Equivalent". Please refer

to Addenda.


MPLS

Connectivity

In High

Availability

Mode - 02

Nos

Should provide a provision to

analyze IP service levels for IP

applications and services by

using active traffic monitoring

(the generation of traffic in a

continuous, reliable, and

predictable manner) for

measuring network

performance

Should support integration of

NMS for providing a provision to

analyze IP service levels for IP






measuring network

performance


integration of NMS for

providing a provision to analyze

IP service levels for IP






measuring network

performance". Please refer to

Addenda.


MPLS

Connectivity

In High

Availability

Mode - 02

Nos

Should support hardware or

software assisted flow-based

traffic analysis of applications,

hosts, performance-based











as net flow /sflow or

equivalent". Please refer to

Addenda.

30. Page

194 C3.0- I, Router for

Internet

Connectivity

In High

Availability

Mode - 02

Nos


up to 2000 Kpps.


up to 1000 Kpps for both IPv4

and IPv6.

2000 Kpps performance is

on a very high side

compared the interfaces

asked on the router. Even

terminating a E3/DS3 which

provides 45 Mbps of wan

throughput don’t require

more than 1 Mpps

forwarding rate at wire

speed. We request to

reduce the same to 1000

Kpps.

Also, It is appreciated that

IPv6 is considered by ISARI

as the future network

protocol, We assume that

there no performance

degradation is desired in

case of migration from IPv4

to IPv6. Router should have

the capability to deliver

same performance

throughput in case of IPv6

traffic. It must support the

same without any hardware

upgrade. Pls. clarify if

performance mentioned is

for IPv6.

Read as "Should provide

performance of up to 2000

Kpps for ipv4 and ipv6" Please

refer to Addenda.

31. Request for Addition Router should have integrated

support for firewall & IPS with

min 100 Mbps IPS performance

To prevent the chocking of

network with malware and

adware, integrated security

features like firewall and IPS

will act as 1st line of

protection against

external/internal traffic. As

per DOT guidelines branch

communication should be

secure and inspected for

any illegitimate traffic and

thus providing a clear pipe

solution.

No Change

32. Request for addition: Router should support modular

software & hardware

architecture

Modular architecture will

ensure that each line

module will have local L2

and L3 capabilities. The

failure of any module will

not affect the performance

of others. Thus ensuring the

maximum up time.

No Change

33. Request for Addition Should have option to add

redundant CPU as needed, to

have minimum downtime for

the router due to CPU failure.

Since only a single quantity

for the router is asked in the

BOQ, it may have

dependency on the single

CPU. To have high level of

reliability and availability ,

Redundant CPU/RE will

ensure high availability and

continuous operations for

the internet router

No Change

34. Request for Addition Route hardware and software

should be min EAL 3 certified

Router hardware and the OS

suggested to be min EAL 3

certified. EAL3 ensures

better assured security

parameters considered for

the hardware and software

development and ensures

that no

malware/backdoor/spyware

programs while developing

these hardware/software

components.

Read as "Router should have

common criteria certification

and EAL Certification”. Please

refer to Addenda.

35. Page

194 C3.0- I, Router for

Internet

Connectivity

Shall support performance

enhancement through hardware

based encryption.

Shall support

hardware/software based

encryption. Should support min

500Mbps of IPsec throughput

Different OEM has different

architecture hardware

/software based encryption

with no performance

degradation. Router with 2

Mpps throughput requires a

high performance IPSec

throughput also. Wan router

suggested having min 500

Mbps of IPSec performance.

No Change

36. Page

196 C3.0- II, Router for

MPLS

Connectivity


up to 2000 Kpps.


up to 1000 Kpps.

2000 Kpps performance is

on a very high side

compared the interfaces

asked on the router and will

only overkill the product

positioning and thus load

the budget. We request to

reduce the same to 1000

Kpps.

No Change

37. Page

196 C3.0- II, Router for

MPLS

Connectivity

V.35 Sync Serial (2 Mbps), Async

Serial, E1 G.703.

V.35 Sync Serial (2 Mbps), Async

Serial, E1 G.703.

Since most of the MPLS

termination is done on

Ethernet interface and is

also preferred by most of

the service providers, we

request you to allow the

same

Read as "V.35 Sync Serial (2

Mbps), E1 G.703". Please refer

to Addenda.

38. Page

196 C3.0- II,

Page 196

Router for

MPLS

Connectivity

Ch-E1, E3 and STM-1 should be

supported.

DS3/ E3, Gig 1000 Base-x , 10

Gig should be supported.

Since the DC MPLS router

will terminated with the

MPLS cloud on the Ethernet

interface which can also

support bandwidth

requirement of STM . STM-1

interface provisioning in the

architecture here will be

redundant and may not be

utilized for a HPC

environment. Pls. consider

and remove the same. The

router should have provision

of 1Gig and 10 Gig support

for future scalability Also

pls. clarify if a different

architecture consideration is

assumed.

Read as "Ch-E1/E1, E3 ". Please

refer to Addenda.

39. Page

196 C3.0- II,

Page 196

Router for

MPLS

Connectivity



based encryption.

Shall support




Different OEM have

different architecture

hardware /software based

encryption with no

performance degradation..

Considering the high routing

performance of 2000Kpps as

No Change

asked, min 500Mbps of

encrypted IPsec throughput

is suggested.

40. Page

196 C3.0- II,

Page 196

Router for

MPLS

Connectivity

SSL VPN Pls. remove the same VPN are generally

terminated and processed

on the perimeter firewall

device. Also, since SSL VPN

remote access solution is a

CPU intensive process it is

recommended as best

practices to provision it as a

dedicated solution. Quest

you to pls. ask the same as a

separate dedicated solution

to maintain high device

performance.

Read as " IPsec VPN/ SSL VPN

/Tunnel-Less VPN/Dynamic-

VPN". Please refer to Addenda.

41. Request for addition Router Operating system should

have modular software and

hardware architecture.

Modular OS architecture will

ensure that the system will

be up and running even in

case of any single process

failure. It will ensure

graceful restart of system

processes and protocols

thereby increasing the

system uptime.

No Change

42. Request for Addition Route hardware and software

should be min EAL 3 certified

Router hardware and the OS

suggested to be min EAL 3

certified. EAL3 ensures

better assured security

parameters considered for

the hardware and software

development and ensures

that no

malware/backdoor/spyware

programs while developing

these hardware/software

components.

Read as “Route should have

common criterion certification

and EAL certification”. Please

refer to Addenda.

43. Page

209 D2.0- I, Router for

MPLS

Connectivity

Router should have 6 Module

slot

Router should have 2 Module

slot

The MPLS router at central

location is asked with 2 slots

only whereas branch router

is asked with 6 slots

scalability whereas the port

requirement is almost same

for both the routers.

Request you to pls. change

the same to 2 slots

No Change

44. Page


MPLS

Connectivity

Ch-E1, E3 and STM-1 should be

supported.

1000 Base X, E3 and STM-1

should be supported. Should

also support 10Gig

Since the branch domain

centres will be terminated

with the MPLS cloud on the

Ethernet interface which

can also support bandwidth

requirement of STM. STM-1

interface provisioning in the

architecture here will be

redundant and may not be

utilized for a HPC

environment. Pls. consider

No Change

and remove the same,

considering the future

scalability 1 Gig and 10 Gig

support is desirable on the

box.

45. Request for Addition Router should have integrated

support for firewall & IPS with

min 100 Mbps IPS performance

To prevent the chocking of

network with malware and

adware, integrated security

features like firewall and IPS

will act as 1st line of

protection against

external/internal traffic. As

per DOT guidelines branch

communication should be

secure and inspected for

any illegitimate traffic.

No Change

46. Page


MPLS

Connectivity



based encryption

Shall support




Different OEM has different

architecture hardware

/software based encryption

with no performance

degradation. Considering

the high routing

performance of 2000Kpps as

asked , min 500Mbps of

encrypted IPsec throughput

is suggested.

No Change

47. Page


MPLS

Connectivity

SSL VPN pls. remove the same VPN remote access solution

is a CPU intensive process it

is recommended as best


dedicated solution. Request




performance.

Read as " IPsec VPN/ SSL VPN

/Tunnel-Less VPN/Dynamic-

VPN". Please refer to Addenda.

48. Page


MPLS

Connectivity

Support for Auto-QoS pls. remove the same This is specific to OEM. Read as "Support for Auto-

QoS/Equivalent". Please refer

to Addenda.

49. page

206 D2.0-(I)

on

Router for

MPLS

Connectivity

Router for MPLS Connectivity In

High Availability Mode

When Single MPLS link is

required at the Domain centers

why dual router is required

_ No Change


Internet

Connectivity

Router should have 2 or more

Service Module slot with hot

swappable modules.


"Router should have 2 or more

Service/Network Module slot

with hot swappable modules."

_ Read as "Router should have 2

or more Service/Network

Module slot with hot

swappable modules". Please

refer to Addenda.


Internet

Connectivity



Awareness






stop-routing (NSR)". Please

refer to Addenda.

Firewall

Sl

No.

Page

No Section /

Clause

No.

Sub-Section Original Specification No

Change

Requested revised

specifications

Clarifications /


with Justification/reasons

IASRI COMMENTS

52. Page

No.

198

C3.0-(III) Firewall In

High

Availability

Mode

Internal redundant power

supply

All OEMs have one internal

primary power supply but

redundant power supply can be

either externally or internally.

Hence we request you to kindly

amend the clause as"

External/Internal Redundant

power supply"

_ Read as “Redundant power

supply". Please refer to

Addenda.

53. Page

No.

198


High

Availability

Mode

Please mention the real world

Firewall Throughput also

Please include: Firewall should

provide real world performance

of 5` Gbps. Real world profile

should include but not limited to

HTTP, Bit Torrent, FTP , SMTP

and IMAPv4

In large enterprise Internet

Edge environments the

majority of the traffic

patterns seen are more than

95% TCP traffic. Pure UDP

based performance nos.

would not scale & provide

the required throughput in

real-world environment of

TCP traffic. Hence strongly

suggest to not accept UDP

based performance nos. and

put the real world

requirement of throughput

No Change

54. Page

No.

198


High

Availability

Mode

Memory : Minimum RAM 1024

MB, Upgradeable to 2048 MB

RAM

Please amend this to : Minimum

RAM 6 GB, Upgradeable to 12

GB RAM

_ No Change

55. Page

No. C3.0-(III) Firewall In

High

Flash 256 MB Upgradeable to Flash 2 GB Upgradeable to Flash _ No Change

198 Availability

Mode

Flash 512 MB 4 GB

56. Page

No.

198


High

Availability

Mode

Encrypted throughput:

minimum 800 Mbps

Please amend this to : Encrypted

throughput: minimum Gbps

Please note considering the

7 Gbps of asked firewall

throughput and expected

traffic, 800 Mbps of

throughput is extremely

low. Further as each packet

that is encrypted must

traverse the encryption

engine, So it is

recommended to consider

the bidirectional throughput

capacity of the IPsec

encryption engine for both

headed and branch devices.

So request you to please ask

minimum of 2 Gbps of

encryption

Read as "Encrypted throughput:

minimum 1500 Mbps". Please

refer to Addenda.

57. Page

No.

198


High

Availability

Mode

Concurrent connections: up to

1,000,000

Please amend this to:


2,000,000


7 Gbps of asked throughput,

1 Mil concurrent connects

are too low, request you to

amend this and ask

minimum 2 Mill concurrent

sessions

Read as "Concurrent

connections: up to 2,000,000".

Please refer to Addenda.

58. Page

No.

198


High

Availability

Mode

New connection per second Please include: Firewall should

support minimum 100,000 new

connections per second

Please note extremely

important performance

parameter of firewall is

missing, news connection

per second plays a very

crucial role while sizing the

firewall, request you to

please include the e same.

New Added feature "Firewall

should support minimum

50,000 new connections per

second". Please refer to

Addenda.

59. Page

No.

198


High

Availability

Mode

Simultaneous VPN tunnels: 2000 Please amend this to :

Simultaneous VPN tunnels:

10000

Considering current and

future requirement,

minimum 10000 VPN tunnel

should be supported.

No Change

60. Page

No.

208

D2.0-(II) Firewall In

High

Availability

Mode

Firewall throughput: Up to 01

Gbps

Please include: Firewall

throughput: Up to 03 Gbps Clear

text

Please note 1 Gbps of clear

text throughput is very low,

request you to please

amend this to 3 Gbps

Read as "Firewall throughput:

Up to 02 Gbps". Please refer to

Addenda.

61. Page

No.

208


High

Availability

Mode

Please mention the real world

Firewall Throughput also

Please include: Firewall should

provide real world performance

of 2 Gbps. Real world profile

should include but not limited to

HTTP, Bit Torrent, FTP , SMTP

and IMAPv4

In large enterprise Internet

Edge environments the

majority of the traffic

patterns seen are more than

95% TCP traffic. Pure UDP

based performance nos.

would not scale & provide

the required throughput in

real-world environment of

TCP traffic. Hence strongly

suggest to not accept UDP

based performance no. and

put the real world

requirement of throughput

No Change

62. Page

No.

208


High

Availability

Mode

Memory : Minimum RAM 512

MB, Upgradeable to 1024 MB

RAM

Please amend this to : Minimum

RAM 2 GB, Upgradeable to 4 GB

RAM

_ No Change

63. Page

No.

208


High

Availability

Mode

Flash 256 MB Upgradeable to

Flash 512 MB

Flash 1 GB Upgradeable to Flash

2 GB

_ No Change

64. Page

No.

208


High

Availability

Mode

Encrypted throughput:

minimum 300 Mbps

Please amend this to : Encrypted

throughput: minimum1 Gbps


3 Gbps of asked firewall

throughput and expected

traffic, 300 Mbps of

throughput is extremely

low. Further as each packet

that is encrypted must

traverse the encryption

engine, So it is

recommended to consider

the bidirectional throughput

capacity of the IPsec

encryption engine for both

headed and branch devices.

So request you to please ask

minimum of 1 Gbps of

encryption

Read as "Encrypted throughput:

minimum 500 Mbps". Please

refer to Addenda.

65. Page

No.

208


High

Availability

Mode


1,000,00

Please amend this to:


1,000,000


3 Gbps of asked throughput,

1 Lakh concurrent connects

are too low, request you to

amend this and ask

minimum 1 Mill concurrent

Read as "Concurrent

connections: up to 500000".


sessions

66. Page

No.

208


High

Availability

Mode

New connection per second Please include: Firewall should

support minimum 50,000 new

connections per second

Please note extremely

important performance

parameter of firewall is

missing, news connection

per second plays a very

crucial role while sizing the

firewall, request you to

please include the e same.

New Added feature "Firewall

should support minimum

25,000 new connections per

second".

67. Page

No.

208


High

Availability

Mode

Simultaneous VPN tunnels: 1000 Please amend this to :

Simultaneous VPN tunnels: 5000

Considering current and

future requirement,

minimum 5000 VPN tunnel

should be supported.

No Change

68. C3.0-(III)

and

D2.0-(II)

Firewall In

High

Availability

Mode

Addition request Please Add : Firewall should

support IPSEC and SSL VPN

functionality simultaneously.

Please include the SSL VPN

requirement.

No Change

69. C3.0-(III)

and

D2.0-(II)

Firewall In

High

Availability

Mode

Addition request Please Add: The Firewall should

support SSL Clientless access

No Change

70. C3.0-(III)

and

D2.0-(II)

Firewall In

High

Availability

Mode


support SSL access via a Client

No Change

71. C3.0-(III)

and

D2.0-(II)

Firewall In

High

Availability

Mode


support SSL and IPsec

encryption performed by

dedicated hardware processors

No Change

72. Page

No.

208


High

Availability

Mode/Page

No. 212

Firewall throughput: Up to 01

Gbps

The no. of concurrent users will

increase in future, so for that

point of view the asking

performance is low. Keeping in

mind the future scalability there

should be provision for

performance up gradation.

Hence request you to amend

the clause as “Firewall

throughput: up to 01 Gbps &

upgradable to 2 Gbps in future"

_ Read as "Firewall throughput:

Up to 02 Gbps". Please refer to

Addenda.

73. Page

195 C3.0-(III) Firewall In

High

Availability

Mode

Internal redundant power

supply

All OEMs have one internal

primary power supply but

redundant power supply can be

either externally or internally.

Hence we request you to kindly

amend the clause as"

External/Internal Redundant

power supply"

_ Read as "Redundant power

supply". Please refer to

Addenda.

74. Page

195 C3.0- III, Firewall In

High

Availability

Mode


1,000,000


5,00,000

1,000,000 sessions are on a

higher side. Considering

1000 simultaneous users

with each having average 25

connections with each

connection having 8 to 10

sessions requires max

25,00,000 sessions on the

Read as "Concurrent

connections: up to 2,000,000".


firewall. Even considering

100% scalability, max of 5,

00,000 concurrent sessions

are required. Pls. consider

the same

75. Page


High

Availability

Mode

Interfaces: 4 x GE, upgradable

to 8 GE

Interfaces: 4 x GE, upgradable

to 8 GE. Should also support

min 2x10G interface for

scalability

Considering the HPC

environment for IASRI, 10-

Gig interfaces will ensure

future scalability options

and also eliminate any

bottleneck on integration

with high backbone on 10G.

No Change

76. Page


High

Availability

Mode

RTP, L2TP RTP, L2TP L2TP is a legacy protocol and

also doesn’t provide any

security, tunneling at L2 and

L3 can also be provisioned

through GRE and IPsec

tunnels. Pls. consider the

same

Accepted, Deleted the Word

"L2TP". Please refer to

Addenda.

77. Page


High

Availability

Mode

PPPoE, EAP-TLS, RTP PPPoE, EAP-TLS, RTP EAP-TLS is a LAN protocol,

generally required on the

network switches and not

the core functionality of the

firewall. Pls. consider and

remove the same


"EAP TLS" Please refer to

Addenda.

78. Page


High

Availability

Mode

•Routing Protocols: Static

Routes,RIPv1, RIPv2,OSPF


Routes,RIPv1, RIPv2,OSPF,

BGPv4,OSPF v3, RIPng, BGP4+

along with other IPV6 protocols

Since IPv6 protocols are

considered for the routing

platforms, we request you

to please consider the same

for firewall also. Firewall

Read as " Routing Protocols:

Static Routes, RIPv1, RIPv2,

OSPF, BGP4, OSPF v3, RIPng".


must support the IPv4 &

IPv6 functionality

simultaneously to achieve

IPv6 migration smoothly in

the near future

79. Page

196 C3.0- III,

Page 199

Firewall In

High

Availability

Mode

Virtual Firewall Pls. remove the same Since this is a HPC data

center integration with the

different domain specific

branch institutions and not

a service provider

environment, virtual

firewalls may not be

required. Since creating

virtual firewalls will affect

the overall performance of

the hardware, it is

suggested to remove the

same to keep the functional

requirement intact.

Feature Deleted. Please refer to

Addenda.

80. Page

196 C3.0- III,

Page 199

Firewall In

High

Availability

Mode

Remote Access VPN Pls. remove the same VPN remote access solution

is a CPU intensive process it

is recommended as best






performance.

Deleted the "Remote Access

VPN" feature and add the "IPsec

VPN" feature. Please refer to

Addenda.

81. Page

196 C3.0- III,

Page 199

Firewall In

High

Availability

Mode

URL Filtering Pls. remove the same URL filtering is a CPU

intensive process it is

recommended as best






performance.

Feature Deleted. Please refer to

Addenda.

82. Page

208 D2.0- II, Firewall In

High

Availability

Mode

RTP, L2TP RTP, L2TP L2TP is a legacy protocol and

also doesn’t provide any

security, tunneling at L2 and

L3 can also be provisioned

through GRE and IPsec

tunnels. Pls. consider the

same


"L2TP", Please refer to

Addenda.

83. Page


High

Availability

Mode

PPPoE, EAP-TLS, RTP PPPoE, EAP-TLS, RTP EAP-TLS is a LAN protocol,

generally required on the

network switches and not

the core functionality of the

firewall. Pls. consider and

remove the same


"EAP TLS". Please refer to

Addenda.

84. Page


High

Availability

Mode


Routes,RIPv1, RIPv2,OSPF


Routes,RIPv1, RIPv2,OSPF,

BGPv4,OSPF v3, RIPng, BGP4+

along with other IPV6 protocols

Since IPv6 protocols are

considered for the routing

platforms, we request you

to please consider the same

for firewall also. Firewall

must support the IPv4 &

IPv6 functionality

simultaneously to achieve

IPv6 migration smoothly in

Read as "Routing Protocols:

Static Routes, RIPv1, RIPv2,

OSPF, BGPv4, OSPF v3, RIPng".


the near future

85. Page


High

Availability

Mode

Firewall In High Availability

Mode

When there is no Internet

bandwidth required at the

Domain center please clarify the

purpose of firewall at Domain

centers

_ No Change

86. 195 C3.0-(III) Firewall In

High

Availability

Mode

4 x GE, upgradable to 8 GE As the requirement of up

gradation to 8 GE ports will

consumed at maximum limit,

request you please change the

section with "4 x GE, upgradable

to 12 GE "

_ No Change

87. 208 D2.0-(II) - Firewall In

High

Availability

Mode

Should be mountable on 19”

Rack0

Please replace the requirements

of these device; as it need to be

installed at small remote

location, hence "Desktop Form

Factor" unit for such

requirements can be

introduced.

_ No Change

IPS

Sl

No.

Page

No Section /

Clause

No.


Change

Requested revised

specifications

Clarifications /



IASRI COMMENTS

88. Page

No.2

00

C3.0-(IV) IPS

(Intrusion

Prevention

System) in

High

Availability

Mode

The vendor shall proposed a IPS

system capable of supporting a

traffic inspection throughput of

up to 5.0 Gbps

The network throughput has

been already asked in earlier

clause. Hence we request you to

kindly remove this clause

_ Read as “The vendor shall

propose an IPS system capable

of supporting a traffic

inspection throughput of up to

1.5 Gbps". Please refer to

Addenda.

89. Page

No.2

00

C3.0-(IV) IPS

(Intrusion

Prevention

System) in

High

Availability

Mode

The proposed IPS should

provide the ability to protect up

to 10 x 1GE segments + 1 x 10GE

network segment. 5 x

10/100/1000 Copper segments

and 5 x 1GE SFP segments plus 1

x 10GE XFP segment.

As per the solution, the IPS will

connect with firewall on Gig

port as 10 GiG ports are not

asked on Firewall. Therefore

there is also no requirement of

10 G ports on IPS. hence we

request you to kindly amend the

clause as "The proposed IPS

Should provide the ability to

protect up to 10 x 1 GE

Segment. 5x10/100/1000

copper segments and 5 x 1 GE

SFP segment.

_ Read as "The proposed IPS

should provide the ability to

protect up to 6 x 1GE segments.

3 x 10/100/1000 Copper

segments and 3 x 1GE SFP

segments ". Please refer to

Addenda.

90. Page

No.1

99

C3.0-(IV) IPS

(Intrusion

prevention

system) In

High

Availability

Mode

The proposed IPS solution must

support Digital vaccine update

of at least 2 times a week or at

least 100 update per year.

Kindly modify this clause as "The

proposed IPS solution must



least 100 update per year."


solution must support signature

updates of at least 1 times a

week or at least 100 update per

year". Please refer to Addenda.

91. Page

No.2

00

C3.0-(IV) IPS

(Intrusion

Prevention

System) in

The vendor shall proposed a IPS

system capable of supporting a

traffic inspection throughput of

up to 5.0 Gbps

The network throughput has

been already asked in earlier

clause. Hence we request you to

kindly remove this clause

_ Read as "The vendor shall

propose an IPS system capable

of supporting a traffic

inspection throughput of up to

High

Availability

Mode

1.5 Gbps". Please refer to

Addenda.

92. Page

No.2

00

C3.0-(IV) IPS

(Intrusion

Prevention

System) in

High

Availability

Mode







x 10GE XFP segment.

As per the solution, the IPS will

connect with firewall on Gig

port as 10 GiG ports are not

asked on Firewall. Therefore

there is also no requirement of

10 G ports on IPS. hence we

request you to kindly amend the

clause as "The proposed IPS

Should provide the ability to

protect up to 10 x 1 GE

Segment. 5x10/100/1000

copper segments and 5 x 1 GE

SFP segment.




3 x 10/100/1000 Copper


segments”. Please refer to

Addenda.

93. 197 C3.0-(IV) IPS

(Intrusion

prevention

system)







x 10GE XFP segment.

For most vendors have a

solution for 5Gbps IPS, the 1G

interface available is 8 nos. The

no of interface requested is

specific to one single vendor. In

addition looking at future

scalability there should be a

equal no of interface

requirement for 1G and 10G

interface. Please change it to

"The proposed IPS should



network segments. It should

have 6 x 10/100/1000

Copper/SFP interface plus 6 x




3 x 10/100/1000 Copper


segments”. Please refer to

Addenda.

10GE XFP interface"

94. 197 C3.0-(IV) IPS

(Intrusion

prevention

system)

The proposed IPS should able to

provide security context for up

to 100,000 sessions

This point does not have any

relevance and is specific to one

single vendor. Please remove

the point

_ Feature Deleted. Please refer to

Addenda.

95. 197 C3.0-(IV) IPS

(Intrusion

prevention

system)


support 100,000 connection per

seconds setup

The 100,000 connection per

second request is too high for

the 1000000 maximum

concurrent session request. This

would mean that the capacity of

the IPS would be reached within

10 sec. Request you to please

change it to a lower value "The

proposed IPS should support

50,000 connection per seconds

setup"


should support 60,000

connections per second’s

setup". Please refer to

Addenda.

96. 197 C3.0-(IV) IPS

(Intrusion

prevention

system)

The proposed IPS must able to

operate in Asymmetric traffic

environment with DV filters

protection

This is specific to HP Tipping as

DV filters is a proprietary term.

Please remove


Addenda.

97. 197 C3.0-(IV) IPS

(Intrusion

prevention

system)


support Adaptive Filter

Configuration which will alert or

disable ineffective filter in the

event of congestion condition

This is again a proprietary

feature from a particular

vendor. This feature could lead

to a security compromise

wherein a attacker could create

a DOS condition and then

ensure a filter is disabled, thus

moving to the next stage of the

attack. Please remove


Addenda.

98. 198 C3.0-(IV) IPS

(Intrusion

prevention

system)


passed in ICSA Labs IPS

certification

An ICSA lab is nowhere a

defector standard for testing IPS

solution. They expertise lies in

AV certification. The defector

standard for NIPS testing and

certification today is NSS labs.

Please change it to NSS Labs

Certification


solution must pass in ICSA Labs

IPS certification / NSS Lab

Certification”. Please refer to

Addenda.

99. 199 C3.0-(IV) IPS

(Intrusion

prevention

system)




least 100 update per year.


Digital Vaccine is a proprietary

term. Please remove


solution must support signature

updates of at least 1 times a

week or at least 100 update per

year". Please refer to Addenda.

100. 199 C3.0-(IV) IPS

(Intrusion

prevention

system)

The proposed management

system shall allow the update of

latest Digital Vaccine to be

manually, automatically or

based on schedule



term. Please remove

_ Read as "The proposed

management system shall allow

the update of latest Digital

Vaccine / Signature to be


based on schedule". Please

refer to Addenda.

101. 199 C3.0-(IV) IPS

(Intrusion

prevention

system)

The proposed management

system shall allow the distribute

of latest Digital Vaccine update


based on schedule to the

various IPS devices



term. Please remove

_ Read as "The proposed

management system shall allow

the distribute of latest Digital

Vaccine/Signature update


based on schedule to the

various IPS devices". Please

refer to Addenda.

102. C3.0-(IV) IPS

(Intrusion

prevention

system)

Addition IPS should have the ability to

control traffic based on

geographical locations. For e.g. a

policy can be created to block

traffic coming or going to a

particular country

This is super critical today to

have geo-location

awareness and blocking

capability as part of the next

generation IPS. For e.g. if

there is an attack/intrusion

originating from a non-

favorable country or if

traffic is going to that

country ,the IPS should have

the ability to block traffic

based on that particular

country or geo-location

Accepted, Add the feature "IPS

should have the ability to

control traffic based on

geographical locations. For e.g.

a policy can be created to block

traffic coming or going to a

particular country". Please refer

to Addenda.

103. C3.0-(IV) IPS

(Intrusion

prevention

system)


block connection to or from

outside based on the reputation

of the IP address that is trying to

communicate with the network

using global threat intelligence

Today there is millions of IP

address which are

constantly being used by

bad actors to infiltrate

organizations or use it for

other malicious activity.

Intelligence has become

crucial to identify those bad

actors and block it before

they are able to make

inroad into the organization.

Using threat intelligence

feed/database to block

unwanted traffic is one of

the key features of next

generation IPS

Accepted, Add the Clause as

"IPS should have the ability to

block connection to or from

outside based on the

reputation of the IP address

that is trying to communicate

with the network using global

threat intelligence". Please

refer to Addenda.

104. C3.0-(IV) IPS

(Intrusion

prevention

system)

Addition IPS should protect against SSL

based attacks. IPS should have

built-in SSL decryption Engine

for SSL Traffic decryption to

support prevention of encrypted

attacks . In case IPS does not

support SSL inspection ,a

thirdparty solution should be

proposed as part of the overall

IPS solution

As there has been a massive

increase in the amount of

SSL based attacks, it is

important that the intrusion

prevention system has the

capability to inspect traffic

within SSL and block

malicious activities

Accepted, Add the feature as

"The IPS should have SSL traffic

inspection capability through

internal / external SSL

appliance”. Please refer to

Addenda.

105. C3.0-(IV) IPS

(Intrusion

prevention

system)


identify application traversing

on the network so that you can

allow or block specific

application on the network. It

should provide layer 7 visibility

of more than 1000 applications

and protocols and have the

ability to granularly block them

For example, you can block just

the connections to Orkut, from

your network while allowing all

other HTTP and HTTPS traffic

With the proliferation of

Web 2.0, they are hundreds

of application that traverses

the network using standard

protocol such as HTTP,

HTTPS etc. It is important

that the IPS has visibility of

all those Web 2.0

applications that passes

through standard ports and

block in case required

No Change

106. C3.0-(IV) IPS

(Intrusion

prevention

system)

Addition High Availability solution should

support High Protection i.e.

state full failover without the

use of third party software and

no degradation of service

This provides continuous

protection with state

maintenance against

advance attacks. This helps

in a scenario where an

attack packets within a

session passes through

secondary IPS sensor in the

event of failure of primary.

No Change

Secondary sensor can only

detect the malicious packet

if it has the knowledge of

the complete state of the

particular session which it

gets from the primary

sensor

107. C3.0-(IV) IPS

(Intrusion

prevention

system)

Addition IPS should support provide

advanced botnet protection

using heuristic detection

methods

Today attackers use Botnets

to automatically control and

launch attack. As the

methodology of the botnet

herders constantly changes

it is important that the

detection and prevention

mechanism does not only

rely on signatures to protect

against them.

Accepted, Add the feature as

"IPS Should support provide

advanced botnet protection

using heuristic/annually

detection methods". Please

refer to Addenda.

108. 197 C3.0-(IV) IPS

(Intrusion

prevention

system)

General Point Addition It is suggested that following

clause should be added "The IPS

should be deployed as

transparent, in-line independent

appliance and as best industry

security standards, the Firewall

and NIPS should be from

different OEM for layered

security approach.

_ No Change

109. 199 C3.0-(IV) IPS

(Intrusion

prevention

system)

Global Threat Intelligence:

-- The proposed IPS vendor must

provide a global threat

intelligence portal that provide

real-time monitoring and

Its requested to remove this

section as this is the named

technology specific to one OEM,

suggested to add a this

requirement as "Proposed

_ No Change

statistics of malicious threats

and attacks

-- Must have the ability to view

attack activities base on

continent and countries

-- Must allow drill-down to view

detailed threat source and

destination data on each attack

type

-- Must have the ability to

monitor and highlight recent

new and growing threats

-- Must have the ability to

correlate the monitored attacks

to the IPS filters number and

recommended action

device must support Real-Time

Threat Intelligence".

L2-Switches

Sr

No.

Page

No Section /

Clause

No.


Change

Requested revised

specifications

Clarifications /



IASRI COMMENTS

110. 201 C3.0-(V) L2 switch Up to 355 VLANs per switch and

up to 4000 VLAN Ids

Please amend this to : Up to 255

VLANs per switch and up to

4000 VLAN Ids

Please note 355 VLAN are

high

No Change

111. 202 C3.0-(V) L2 switch Physical Specification: Should be

rack mountable with 16-port

10/100/1000Mbps and 2

1000BaseT or SFP slots

Physical Specification: Should be

rack mountable with 24-port

10/100/1000Mbps and 2

1000BaseT or SFP slots

16 ports are not standard

port densities offered by the

vendors, instead, all the

OEM's have standardized

24/48 Gigabit interfaces as

Read as "Physical Specification:

Should be rack mountable with

24-port 10/100/1000Mbps with

4 combo ports". Please refer to

standard port densities

offering. To have a level play

field, we request you to

change the same to 24

10/100/1000 ports.

Addenda.

112. 202 C3.0-(V) L2 switch 11.9 million packets per second

forwarding rate on 64-byte

packets

min 24 million packets per

second forwarding rate on 64-

byte packets

Even with 16 10/100/1000

ports , min of 16*1.488= 24

Mpps approx. of forwarding

performance is require for

non-blocking operations, as

per industry standard

calculations. We suggest

changing the same to 35

Mpps of forwarding

performance w.r.t 24

standard switch ports.

Read as “35 million packets per

second forwarding rate on 64-

byte packets". Please refer to

Addenda.

113. 202 C3.0-(V) L2 switch Centralized VLAN Management.

VLANs created on the Core

Switches should be propagated

to all the other switches

automatically, thus reducing the

overhead of creating /

modifying / deleting VLANs in all

the switches in turn eliminating

the configuration errors &

troubleshooting.

Pls. remove the same Every OEM has different

criteria to manage VLAN’s;

this depends upon the

deployed network

architecture. Automatic

VLAN’s propagation may

lead to security loopholes

and cannot be standardized

for all network scenarios.

Accepted, feature Deleted

114. 202 C3.0-(V) L2 switch Request for addition Support for IP source guard and

Dynamic Arp Inspection

DAI and IP Source guard are

the important security

aspects to be considered for

a L2 switch. We request to

include the same

No Change

115. 203 C3.0-(V) L2 switch Support SNMPv1, SNMPv2c, and

SNMPv3 and Telnet interface

support delivers comprehensive

in-band management, and a CLI-

based management console

provides detailed out-of-band

management.

clarification needed Dedicated Ethernet

interface for out of band

management helps to

protect against various DOS

and DDOS attacks on switch,

Should we assume the same

is asked here.

Feature read as "Support

SNMPv1, SNMPv2c, and

SNMPv3 and Telnet interface

support delivers comprehensive

in-band management, and a

CLI-based management

console". Please refer to

Addenda.

116. 202 C3.0-(V) L2 switch Unknown unicast and multicast

port blocking to allow tight

control by filtering packets that

the switch has not already

learned how to forward

Kindly change this as " Unknown

unicast and multicast port

blocking to allow tight control

by filtering packets "

_ Accepted, Read as “Unknown

unicast and multicast port

blocking to allow tight control

by filtering packets ". Please

refer to Addenda.

117. 203 C3.0-(V) L2 switch BPDU Guard feature, to shut

down Spanning Tree Protocol

Port Fast enabled interfaces

when BPDUs are received to

avoid accidental topology loops.


"BPDU Guard feature, to shut

down Spanning Tree Protocol

Port Fast enabled interfaces

when BPDUs are received to

avoid accidental topology loops

/ Equivalent”. Since BPDU Guard

and Port Fast enabled interfaces

is specific to single OEM

_ Accepted, Read as “BPDU /

Equivalent Guard feature, to

shut down Spanning Tree

Protocol Port Fast enabled

interfaces when BPDUs /

Equivalent feature are received

to avoid accidental topology

loops.” Please refer to Addenda.

118. 203 C3.0-(V) L2 switch Remote Monitoring (RMON)

software agent to support four

RMON groups (history, statistics,

alarms, and events) for

enhanced traffic management,

monitoring, and analysis.

Support for all nine RMON

groups through the use of a

mirrored port, which permits

traffic monitoring of a single

port, a group of ports, or the

entire switch from a single

network analyzer or RMON

probe

Kindly Modify this as "Remote

Monitoring (RMON) software

agent to support four RMON

groups (history, statistics,

alarms, and events) for

enhanced traffic management,

monitoring, and analysis"

_ No Change

NMS

Sr.

No.

Page

No Section /

Clause

No.


Change

Requested revised

specifications

Clarifications /



IASRI COMMENTS

119. 204 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Display the total traffic, max.

rate, min. rate, average rate and

link utility in the incoming and

outgoing directions within a

given time span in the form of

table statistics.




Addenda.

120. 204 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Manage the applications

without fixed ports, for

example, P2P, BT, and eDonkey.

This type of applications is

identified based on the features

of the data of the packet

application layer.




Addenda.

121. 204 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Provide LAN trouble shooting

capabilities at the network and

application packet levels

(display single or multi-segment,

real-time performance

information at the data link,

network and application layers

with intuitive drill downs)


"Provide LAN trouble shooting





information network and

application layers )"

_ Read as “Provide LAN trouble

shooting capabilities at the

network and application packet

levels (display single or multi-

segment, real-time

performance information

network and application

layers)". Please refer to

Addenda.

122. 204 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Device support requirements :

Preferably 3rd party networking

devices from other OEM's must

also be supported

Please amend this to : Device

support requirements : NMS has

to be from the same OEM of

router and switches, NMS

should be able to integrate with

3rd party EMS

With our understanding

here the requirement is for

element manager for

Routers and switches, so

this has to be from the same

OEM as of routers and

switches, NMS should be

further integrated with 3rd

party OPEN EMS.

No Change

123. 203 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Provide tools for performing

path analysis for the Layer 2 and

Layer 3 devices (server, devices,

IP Pones) using the device’s host

name or IP address.

Please remove this clause Path analysis functionality

can be achieved network

analysis tools and server are

not require to be managed

by Network elementary

management system

No Change

124. 203 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Provide tools for creating,

deleting and editing VLANs.

Provide functionality to

correlate MAC address and IP

address to switch port, user

location & phone tracking

Support for inventory

management- Inventory

management is a time

consuming effort, especially if

the job has to be performed on

every single device separately.

Detailed hardware and software

characteristics for the device

must be stored and analyzed for

better management.

The system must manage and

deploy configuration changes to

multiple network devices

Allow configuration changes to

be performed against multiple

switches in the network

4. Manage the applications

without fixed ports, for

example, P2P, BT, and eDonkey.

This type of applications is

identified based on the features

of the data of the packet

application layer.

Provide LAN trouble shooting




Why IASR is looking for all these

features when they are asking

bidders to perform all these

activities .Bidder request IASRI

to relax this to provide a NMS

which will shall be capable of

offering live view of all

networking components asked

in the bid with the desired

reporting functionality of every

parameter

_ No Change


information at the data link,

network and application layers

with intuitive drill downs)

Provide troubleshooting and

diagnostic tools including Ping,

Trace, Route, Connections,

Statistics, and

Hostname/Address Lookup,

which simplifies

It should offer fault and

performance management

tools, enable multi-device alarm

It should include the ability to

aggregate faults and provides

detailed descriptions

Network management services

should be provided using

standard based protocols like

SNMP & SNMP V2, Sflow etc.

A single installation of the NMS

must support up to 200

networking devices with

requites hardware server and

database.

125. 205 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Support for inventory

management- Inventory

management is a time

consuming effort, especially if

the job has to be performed on

every single device separately.

Detailed hardware and software

characteristics for the device

must be stored and analyzed for

better management.

Is the inventory management

tool required only for network

devices or for the desktop and

laptops?

_ Inventory management tool

required only for network

devices.

126. C3.0-(VI) C3.0-(VI) -

Network

Managemen

t

System/Pag

e 206

The system must manage and

deploy configuration changes to

multiple network devices

Requirement is more of an

element manager, please clarify

if we need to factor an

integrated umbrella NMS also.

_ No Change

127. 205 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

Preferably 3rd party networking

devices from other OEM's must

also be supported

Suggestion: Change the line as

umbrella NMS should support

all the SNMP enabled devices.

_ Add in Clause "The proposed

NMS Solution should support

seamless Integration with the

existing EMS (HP-Open View) ".


128. 205 C3.0-(VI) NMS

(Network

Managemen

t System) -

1Nos.

A single installation of the NMS

must support up to 200

networking devices with

requites hardware server and

database.

Is IASRAI looking for the NMS

server to be in DR also or in High

availability with Active - Passive?

_ Clause is self-Explanatory.

General, GCC, SCC and Eligibility Queries

Sl

No.

Page

No Section /

Clause

No.


Change

Requested revised

specifications

Clarifications /



IASRI COMMENTS

129. Page

43 (Qualificatio

n

requirement

s for Bidders

- Clause 1)

The bidder should have 50 crore

turnover in each last three

Financial Years ending on

31.03.2012.and also should

have been profitable for all

these years

We request the clauses to be

amended as:

"The bidder should have 50

crore turnover in each last

three Financial Years ending on

31.03.2012 and also should

have had a positive net worth

as on Financial Years ending

2009-10, 2010-11 and 2011-12"

In our endeavor to keep

pace with the latest

technology and growing

infrastructural needs our

organization is currently in

the process of expanding its

ICT infrastructure. We are

investing significantly into

ICT infrastructure assets,

which reflect in growing net-

worth of our company. We

are confident that our

investments will create more

value for our customers and

will translate into profits in

coming years.

Moreover, as per guidelines

issued by Department of

Information Technology,

Govt. of India, for design of

ICBs for IT/ICT projects, only

Turnover and Net Worth

(not profitability) should be

the criteria for designing the

Eligibility Criteria. (Refer

Clause 2.4.1; available at

Department of its website

http://www.mit.gov.in/cont

ent/ICB-standardization-

Read as "The bidder or one of

its JV Partner should have 50



31.03.2012." Please refer to

Addenda.

model-ICBs-and-guidance-

notes of the Guidelines

Notes for Preparation of

Model Requests for

Proposals (ICBs), Toolkit and

Guidance Notes.)

We therefore request you to

kindly consider our positive

net-worth as a parameter to

assess our financial strength,

in lieu of profitability.

130. Page

43 Page 43

(Qualificatio

n

requirement

s for

Bidders)- EC

Clause 7

Also on

Pages 3 and

187

The bidder should have NOC

(Network Operation Centre)

with at least 100 engineers

minimum 2 NOCs in different

seismic zones in India with at

least 100 engineers each. At

least one NOC should be DoT

Certified.

We request the clause to be

amended as:

The bidder should have at least

2 NOCs (Network Operation

Centres), in different seismic

zones in India, with at least 50

technical personnel each.

1. We have multiple NOCs

across the country and the

technical personnel manning

these NOCs are distributed

across different locations.

Every service provider

balances its manpower

distribution in NOCs,

depending upon the

links/devices being managed

from each NOC. Therefore,

having a minimum of 100

engineers in each NOC may

not be a true representation

of the bidder’s capability.

We therefore request you to

kindly reduce the minimum

required personnel at each



NOCs in different seismic zones

in Global and at least one in

India with at least 50 engineers

each". Please refer to Addenda.

NOC from 100 to 50.

2. We have ISO Certifications

for our infrastructural

facilities. Our NOCs run on

well-defined and audited

processes. We request you

to kindly remove the

requirement of having at

least one NOC to be DoT

certified.

131. 3 6 The bidder should have

delivered and working with

MPLS VPN network of minimum

1000 links.

Single customer with 1000 links

or multiple customers

combined together 1000 links?

_ With Multiple customers

combined together have 500

Nos. MPLS Links. Please refer to

Addenda.

132. 3 7 At least one NOC should be DoT

certified.

There is no DOT certification for

NOC. Request IASRI to remove

this clause.

_ Accepted, Qualification is

Deleted. Please refer to

Addenda.

133. 46 1 The bidder should have 50 crore

turnover in each last three

Financial Years ending on

31.03.2012.and also should have

been profitable for all these

years

Instead of "Profitable in last 3

years "it should be replaced by

"should have earned profit in at

least

one year in the last three

financial

years ending 31/03/2012".

Bidder should have earned

profit in at least one year in

the last three financial

years ending 31/03/2011

and should

have positive net worth as

on31/03/2011.





31.03.2012". Please refer to

Addenda.

134. 47 6 Joint venture Eligibility for JV partners? _ Details are already mentioned

in ITB

135. 169 1.2 Clean Internet Service:

Clean Internet Service means

that the Internet traffic coming

from anywhere towards

customer CPE shall be free from

malware like virus, spam. The

provider should provide

following services under Clean

Internet Service:

These features are configured &

controlled by Firewall & IPS,

which are already part of

tender. So why these kind of

service is required from the ISP.

We request IASRI to drop this

clause.

_ Accepted read as "Plan

Internet". Please refer to

Addenda.

136. 193 C1.0-(I) Internet Connection is on the

dedicated fiber channel.

It should be last mile on fiber.

Fiber channel is a protocol used

for very high bandwidth used in

DC-DR replication kind of

application.

The last mile shall be on OFC

in self-healing ring

architecture. Wherever Fiber

is absolutely not feasible, the

bidder should provision last

mile over RF media. The last

mile at IASRI, Delhi (Hub)

must be on a fiber optic

cable in self-healing ring

architecture.

Read as "The last mile shall be

on OFC in a self-healing ring

architecture (for only Kusmaur,

Maunath Bhanjan location if

last mile on OFC is not possible

then firm can provide last

miles on RF with the same

SLA". Please refer to Addenda.

137. C2.0-(I) MPLS Ring Fiber channel is

connected to The bidder Pop

It should be fiber in ring

architecture.

_ Yes. Please refer to Addenda.

138. 194 MPLS bandwidth can virtually be

shared the link as the dedicated

internet connection as well as

the dedicated MPLS connection.

Not clear about IASRI

expectation.

_ Read as "MPLS bandwidth

should be dedicated MPLS

connection between the

Primary Data center and

Regional Data Centre ". Please

refer to Addenda.

139. 196 C3.0 MPLS Router In High Availability

Mode

Does IASRI requires dual last

mile connected to two routers ?

Please explain the expectation.

_ For High Availability. Please

refer Network Implementation

Diagram.

140.

The secondary link will be from

OSP or in other media (link RF)

of same service provider or

wired media in a different

route?

_ IASRI required one link from

MPLS ISP on fiber in ring

architecture. Please refer to

Addenda.

141. 206 D2.0-(I) Router for MPLS Connectivity In

High Availability Mode

At Domain Centres MPLS

Connectivity routers are asked

in High Availability mode. It

means two parallel links

terminated to two routers. The

two routers in turn are

connected to each other. Do

IASRI require two last miles &

two routers at Spoke sites?

_ One router is use for NKN

Connection and other one

router for MPLS service

provider.

142. 270 Summarize professional

experience over the last twenty

years, in reverse chronological

order.

20 Years’ experience will be too

high. Request to make it 5- 8

years

_ Read as "Summarize

professional experience over

the last 7 years, in reverse

chronological order". Please

refer to Addenda.

143. 3 4 The bidder should have National

Long Distance License (NLD)

/UASL…..

It should be NLD & UASL to

encourage serious service

providers only.

_ No Change

144. What application will run on the

MPLS network?

The proposed network

should provide different

Class Of Services (CoS) for

each type of traffic. Critical

applications like VOIP &

Video, ERP should get

priority over other less

critical application. Priority

of applications and

1. Applications related to Bio-

Informatics

145. CoS/QoS requirement? 2. Yes, Critical applications need

Traffic Prioritization like Voice

over IP and CoS/QoS etc. Please

refer to Addenda.

bandwidth to be dedicated

for each application would

be communicated at the

time of implementation.

146. Page

176 Annexure-I

SLA

Commitmen

ts ( Latency

Matrix)

Latency for Hong Kong

<=140 ms

Bidder requests IASRI to relax

this to 175ms as this latency

figure to Hong kong is

practically not possible

_ Accepted, Read as "Latency for

Hong Kong <=175 ms ".


147. Page

181 2.3 5(i)

SERVICE

LEVEL

PARAMETER

S

MTTR repair

3 hours

Bidder requests IASRI to relax

the MTTR repair to be 4 Hours

_ Accepted, Read as "MTTR repair

4 hours ". Please refer to

Addenda.

148. Page

214 E.

IMPLEMENT

ATION

SCHEDULE

on

E. IMPLEMENTATION SCHEDULE Please clarify if IASRI is looking

for delivery of the entire

solution within 7 weeks ?

Bidder request IASRI to relax

this to 8 to 12 weeks

_ Accepted, Tentative

IMPLEMENTATION SCHEDULE

to 15 Weeks. Please refer to

Addenda.

149. 38 Section 1 -

Instruction

to Bidders -

Clause 28

Evaluation & Comparison of Bids Bidder requests IASRI to please

explain the evaluation process

as stated in the tender doc.

_ After satisfying minimum

qualification it on the basis of L1

150. 38 Section 1 -

Instruction

to Bidders -

Clause 33,

Purchaser's right to vary

Quantities are Time of Award

Bidder requests IASRI to keep

the quantities constant

_ No Change

151. 47 Section 1 -

Instruction

to Bidders -

ITB 14.4(e),

Recurrent costs to be incurred

either during the three years

Warranty period, and/or

during the Post-Warranty

Service Period of 3 years that

commences at the end of the

Warranty Period on the

recurrent Costs form

The Contract term is 3 Years, as

such the total recurring charges

shall also be for contract term

and Bidder shall be responsible

only for the contract term

_ No Change

152. 127 Section IV

GCC; Clause

41,

Termination for Purchaser's

Convenience

Bidder requests IASRI to

remove Termination for

Convenience Clause

_ No Change

153. Section V

SCC; Clause

13

Performance Security for an

amount of 10% of the contract

price in the currency of the

contract excluding any recurrent

cost, valid for a period of 42

months from the date of signing

of contract agreements by the

two parties to cover total period

of project completion, three

years of operations &

maintenance services.

Performance security of a JV

shall be in the name of JV

Since the contract term is 3

Years, the Performance security

shall also be valid for 3 Years

only

_ No Change

154. Section V

SCC; Clause

14

GCC 14.4 In line 12, delete the

words “Sub-contractors or their

employees”.

- Add the following at the end of

the Sub-clause:-

“However, these adjustments

would be restricted to direct

transactions between the

Purchaser and the Supplier and

not on procurement of raw

materials, intermediary

components, etc. by the

Supplier. Further, no

adjustments of the Contract

Price shall be made on account

of variation in deemed export

benefits.”

If any Tax rates are increased or

decreased, a new Tax is

introduced, an existing Tax is

abolished, or any change in

interpretation or application of

any Tax occurs in the course of

the performance of the

Contract, an equitable

adjustment to the Contract

Price shall be made to fully take

into account any such change

by addition to or reduction

from the Contract Price, as the

case may be

_ No Change

155. Section VII

Sample

Forms

Notes to Bidders on working

with the Sample Forms

If a bid does not separate prices

in the prescribed way, and, as a

result, the Purchaser cannot

apply the domestic preference

provision described in ITB Clause

29 (ITB Clause 41 in the two-

stage SBD), if they are applicable

in this bidding, the Bidder will

lose the benefit of the

preference. Once bids are

opened, none of these problems

Please provide details of ITB

Clause 41

_ No Change as it is already

available in the document

can be rectified.

156. 4 11 The attention of prospective

Bidders is drawn to (i) the fact

that they will be required to

certify in their bids that all

software is either covered by a

valid license or was produced by

the Bidder

Since we are not providing any

software, this certifications is

not required to be given

_ No Change

157. 8 1.1 The Purchaser named in the BDS

and the SCC for GCC Clause 1.1

(b) (i), or its duly authorized

Purchasing Agent if so specified

in the BDS (interchangeably

referred to as “the Purchaser” in

these Bidding Documents),

invites bids for the supply and

installation of the Information

System (IS), as briefly described

in the BDS and specified in

greater detail in these Bidding

Documents

Bidder is going to provide

services only. Bidder is not

“supplying” any Information

System. The definition of

“Information System” as se out

in Clause 5.1, page 12 is wide

and does not represent the

actual scope of the contract.

_ No Change

158. 11 3.4 By signing the Bid Submission

Form, the Bidder represents

that it either is the owner of the

Intellectual Property Rights in

the hardware, software or

materials offered, or that it has

proper authorization and/or

license to offer them from the

owner of such rights. For the

purpose of this Clause,

Intellectual Property Rights shall

be as defined in GCC Clause 1.1

(c) (xvii). Willful

misrepresentation of these facts

shall be considered a fraudulent

practice subject to the

provisions of Clauses 3.1

through 3.4 above, without

prejudice of other remedies that

the Purchaser may take

This clause is not applicable to

the nature of services that are

to be provided. Bidder is not

providing any Intellectual

Property Rights. Bidder is also

not providing any license in

respect of any IPR.

_ No Change

159. 12 5.1 For the purposes of these

Bidding Documents, the

Information System means all:

As we understand, the Contract

would be based on OPEX and

not CAPEX. Hence, the Bidder

would be providing services

only. Any equipment provided

by Bidder to Purchaser would

be only meant for availing the

service and such equipment

would remain the property of

Bidder. Therefore, Bidder is not

supplying Goods, hardware,

supplies, software, consumable

items. Further, the bidder is not

required to do any software

development.

_ No Change

160. (a) the required information

technologies, including all

information processing and

communications-related

hardware, software, supplies,

and consumable items that the

Supplier is required to supply

and install under the Contract,

plus all associated

documentation, and all other

materials and goods to be

supplied, installed, integrated,

and made operational

(collectively called “the Goods”

in some clauses of the ITB); and

This definition is too wide and

does not represent the actual

scope.

_ No Change

161. (b) the related software

development, transportation,

insurance, installation,

customization, integration,

commissioning, training,

technical support, maintenance,

repair, and other services

necessary for proper operation

of the Information System to be

provided by the selected Bidder

and as specified in the Contract.

This definition is too wide and

does not represent the actual

scope.

_ No Change

162. 13 6.1 that, in the case of a Bidder

offering to supply key goods

components of the Information

System, as identified in the BDS,

that the Bidder does not itself

produce, the Bidder is duly

authorized by the producer to

supply those components in the

Purchaser’s country under the

Contract(s) that may result from

this bidding; (This will be

accomplished by including

Manufacturer’s Authorizations

in the bid, based on the sample

found in Section VII.)

Bidder is not supplying/selling

any key goods component of

the Information System. Bidder

will only provide services.

Hence this clause is not

applicable.

_ No Change

163. 14 6.3 If a Bidder intends to

subcontract major items of

supply or services, it shall

include in the bid details of the

name and nationality of the

proposed Subcontractor for

The service may be provided in

conjunction with other foreign-

end administrations, underlying

third party carriers, local loop

providers or any other common

carriers (collectively or

_ No Change

each of those items and shall be

responsible for ensuring that

any Subcontractor proposed

complies with the requirements

of ITB Clause 4, and that any

Goods or Services components

of the Information System to be

provided by the Subcontractor

comply with the requirements

of ITB Clause 5 and the related

evidence required by ITB Clause

13.1 (e) (iii) is submitted.

Bidders are free to list more

than one Subcontractor against

each item. Quoted rates and

prices will be deemed to apply,

whichever Subcontractor is

appointed, and no adjustment

of the rates or prices will be

permitted. The Purchaser

reserves the right to delete any

proposed Subcontractor from

the list. This shall be done prior

to Contract signature, by

deleting such unacceptable

Subcontractors from Appendix 3

to the Contract Agreement,

which shall list the approved

Subcontractors for each item

prior to Contract signature.

Subsequent additions and

deletions from the list of

approved Subcontractors shall

individually “Third Party Service

Providers”). It may not be

possible to list down the name

of such Third Party Service

Providers.

be performed in accordance

with GCC Clause 20 (as revised

in the SCC, if applicable) and

Appendix 3 to the Contract

Agreement.

164. For the purposes of these

Bidding Documents, a

Subcontractor is any vendor or

The bidder with whom the

Bidder contracts for the supply

or execution of any part of the

Information System to be

provided by the Bidder under

the Contract (such as the supply

of major hardware, software, or

other components of the

required Information

Technologies specified, or the

performance of related Services,

e.g., software development,

transportation, installation,

customization, integration,

commissioning, training,

technical support, maintenance,

repair, etc.)

_ No Change

165. 20 13.1(vi) (vi) Attachment 6: Intellectual

Property

This attachment is not

applicable to the Contract since

Bidder is not providing any

_ No Change

A list of: _ No Change

(1) all Software included in the

Bidder’s bid, assigning each item

to one of the software

categories defined in GCC Clause

1.1 (c):

software and customer material _

(A) System, General Purpose,

and Application Software; and

_

(B) Standard and Custom

Software.

_

(2) all Custom Materials, as

defined in GCC Clause 1.1 (c),

included in the Bidder’s bid.

_

All Materials not identified as

Custom Materials shall be

deemed Standard Materials, as

defined in GCC Clause 1.1 (c).

_

Re-assignments among the

Software and Materials

categories, if necessary, will be

made during the

implementation of the Contract

according to GCC Clause 39

(Changes to the System).

_

166. 21 14.5 _ All charges for services are net

of applicable taxes. Except for

taxes based on Bidder's net

income, Purchaser will be

responsible for payment of all

applicable VAT, GST,

consumption tax, use, excise,

access, bypass, franchise,

regulatory or other like taxes,

fees, charges or surcharges,

whether now or hereafter

enacted, however designated,

imposed on or based on the

provision, sale or use of the

Bidder’s services (hereafter

"Taxes"). For the avoidance of

doubt, Purchaser shall

reimburse Bidder for any

regulatory fees charged to

Bidder by any Governmental

Authority or agency, including

but not limited to the Telecom

Regulation Authority of India, in

connection with service(s) to be

provided. In the event that any

regulatory fees are imposed on

Bidder in connection with the

service(s) to be provided

hereunder (including but not

limited to International Bearer

Circuit Fees, Universal Service

Fund Contributions and/or their

equivalents), Bidder shall

_ No Change

provide Purchaser with an

invoice for such regulatory fees

along with supporting

documentation and Purchaser

shall pay such invoice within

thirty (30) days from the date of

the same

167. 39 35 Until a formal Contract is

prepared and executed, the

notification of award shall

constitute a binding Contract

Notification of award to

constitute a binding Contract

provided such award contains

mutually agreed terms and

conditions between the Bidder

and Purchaser

_

No Change

168. 40 38 Both Purchaser and Bidder can

agree on the proposed

Adjudicator at the time of

dispute depending upon the

nature of dispute. The proposed

adjudicator, as mentioned in

the BDS, may not be able to

resolve all kinds of dispute.

Hence , we do not accept such

adjudicator

_ No Change

169. 66 1.1(b)(vi Adjudicator There are two different names

appearing in the bid documents

(a) Ravi Kant Gupta and (b) S.C.

Agnihotri

_ Adjudicator is Dr. Ravi Kant

Gupta. Please refer Addenda.

170. 66 1.1(c) (i) and

(iii)

Information System and

Information Technologies

These definitions do not

represent the correct scope of

services. Bidder is not

supplying/selling any

_ No Change

Information Technologies,

Materials, Goods

171. 66 1.1(c) (iv) Goods Bidder is not selling any Goods.

Hence this is not applicable

_ No Change

172. 68 (xvi) Customer Materials This is not applicable to the

nature of services to be

provided by Bidder

_ No Change

173. 69 (d) (i) “Delivery” This definition is not applicable

since there is not transfer of

Goods involved from Bidder to

Purchaser

_ No Change

174. 71 (xii) “Post Warranty Services Period” This is not applicable to the


provided

_ No Change

175. 74 4.1.1 EDI What is EDI? _ EDI is "Electronic Data

Interchange".

176. 76 6.1.1 Settlement of disputes :

Adjudicator

Adjudicator to be agreed

between the parties at the time

of dispute which will depend

upon the nature of dispute

_ No Change

177. 78 7 Scope of the System Bidder is only going to provide

the services and not sell any


Goods

_ No Change

178. 80 9.8 The Supplier shall permit the

Bank and/or persons appointed

by the Bank to inspect the

Supplier’s offices and/or the

accounts and records of the

Supplier and its sub-contractors

relating to the performance of

the Contract, and to have such

accounts and records audited by

auditors appointed by the Bank

if required by the Bank

Bidder will not be able to

ensure inspection in respect of

sub-contractors. Any inspection

on Bidder’s offices shall be

subject to compliance by Bank

or persons appointed by Bank

to Bidder’s security policy.

_ No Change

179. 82 10.1 The Purchaser is responsible for

performing and safely storing

timely and regular backups of its

data and Software in accordance

with accepted data

management principles, except

where such responsibility is

clearly assigned to the Supplier

elsewhere in the Contract

Supplier is not responsible for

performing and safely storing

timely and regular backups of

Purchaser’s data and Software

_

No Change

180. 83 12.3 Payments shall be made

promptly by the Purchaser, but

in no case later than forty five

(45) days after submission of a

valid invoice by the Supplier

Instead of 45 days this should

be 30 days

_

No Change

181. 86 15 Copyright This clause is not required since

Bidder is not supplying any

Standard Software, Standard

Material, Customer Software or

any other kind of Software

_ No Change

182. 87 16 Software License Agreements Not applicable to the nature of

Services provided by Bidder.

_ No Change

183. 89 17.2 For the purposes of GCC Clause

17.1, the Supplier is also

deemed to be the Receiving

Party of Confidential

Information generated by the

Supplier itself in the course of

the performance of its

obligations under the Contract

and relating to the businesses,

finances, suppliers, employees,

or other contacts of the

Purchaser or the Purchaser’s use

of the System.

We do not accept this clause.

Supplier will be considered

Receiving Party in respect of

such information generated by

Supplier which contain

Purchaser’s Confidential

Information

_ No Change

184. 92 18.2.5 The Supplier’s Representative

may, subject to the approval of

the Purchaser (which shall not

be unreasonably withheld), at

any time delegate to any person

any of the powers, functions,

and authorities vested in him or

her. Any such delegation may be

revoked at any time. Any such

delegation or revocation shall be

subject to a prior notice signed

by the Supplier’s Representative

and shall specify the powers,

functions, and authorities

thereby delegated or revoked.

No such delegation or

revocation shall take effect

Supplier’s Representative

should be able to delegate

powers without approval of

Purchaser, otherwise it would

be operational difficult to

provide the services

_ No Change

unless and until the notice of it

has been delivered.

185. 93 201 List of Approved Subcontractors The service may be provided in

conjunction with other foreign-

end administrations, underlying

third party carriers, local loop

providers or any other common

carriers (collectively or

individually “Third Party Service

Providers”). It may not be

possible to list down the name

of such Third Party Service

Providers.

_

No Change

186. 94 20.2 The Supplier may, at its

discretion, select and employ

Subcontractors for such critical

items from those

Subcontractors listed pursuant

to GCC Clause 20.1. If the

Supplier wishes to employ a

Subcontractor not so listed, or

subcontract an item not so

listed, it must seek the

In case of local loop, it may not

be feasible to Supplier to take

Purchaser’s prior approval

_

No Change

Purchaser’s prior approval

under GCC Clause 20.3

187. 97 22.1 Subject to related Purchaser's

responsibilities pursuant to GCC

Clauses 10 and 14, the Supplier

shall manufacture or procure

and transport all the


Materials, and other Goods in

an expeditious and orderly

manner to the Project Site

This clause is not applicable

since Supplier is going to

provide services only

_

No Change

188. 99 23.1 At any point during performance

of the Contract, should

technological advances be

introduced by the Supplier for

Information Technologies

originally offered by the Supplier

in its bid and still to be

delivered, the Supplier shall be

obligated to offer to the

Purchaser the latest versions of

the available Information

Technologies having equal or

better performance or

functionality at the same or

lesser unit prices, pursuant to

GCC Clause 39 (Changes to the

System).


the nature of services to be

provided by Supplier

_

No Change

189. 101 25 Inspections and Tests This clause is not applicable to



_ No Change

190. 103 27.2.1 Second Para - This clause is not applicable to



_

No Change

At the Purchaser’s discretion,

Operational Acceptance Tests

may also be performed on

replacement Goods, upgrades

and new version releases, and

Goods that are added or field-

modified after Operational

Acceptance of the System

191. 108 29 Defect Liability Please note these are not

applicable to the nature of

services to be provided by

Supplier.

_ No Change

192. Alternatively it can be stated as

under :

_ No Change

193. Except for warranties expressly

agreed to be made by the

Supplier in applicable SLA,

Supplier makes no warranties

or representations express or

implied, either in fact or by

operation of law, statutory or

otherwise, including warranties

of merchantability, satisfactory

quality, and fitness for a

particular use or non-

_ No Change

infringement

194. 111 31 & 32 Intellectual Property Rights

Warranty


the nature of Services to be

provided. We are not providing

any IPR to Purchaser.

_ No Change

195. Intellectual Property Rights

Indemnity

_ No Change

196. Therefore no warranty and

indemnity is required to be

provided

_ No Change

197. 114 33.1 (a) Limitation of Liability Additionally, Supplier shall not

be liable to the Purchaser for

any incidental, special,

exemplary or punitive damages

(including but not limited to

damages for lost revenues, loss

of goodwill, loss of anticipated

savings, loss of customers, loss

of data, interference with

business or cost of purchasing

replacement services) arising

out of the performance or

failure to perform under any

order or the Contract, whether

or not caused by the acts or

omissions or negligence of its

employees or agents, and

_ No Change

regardless of whether Supplier

has been informed of the

possibility of the likelihood of

such damages

198. 114 33.1(b) Suggest to reword as under : _ No Change

199. the aggregate liability of the

Supplier to the Purchaser,

whether under the Contract, in

tort or otherwise, and for

damages arising out of the

furnishing or the failure to

furnish services (including but

not limited to mistakes,

omissions, interruptions, failure

to transmit or establish

connections, delays, errors or

other defects) is limited to any

applicable credit allowances

due

_ No Change

200. Nothing in terms and conditions

of Contract shall be construed

as limiting the liability of either

party for personal injury or

death resulting from the

negligence of a party or its

employees

_ No Change

201. 115 34.1 Transfer of Ownership There is no transfer of

ownership involved. Hence this

clause is not applicable

_ No Change

202. 116 36.2 Please prefix the word

“tangible” before the word

“property” in 8th line of the Para

_ No Change

203. 117 36.4 Please suffix the following

words “including due to

negligence of Purchaser, its

employees, officers and agents”

after the word “perils” in 10th

line of the Para

_ No Change

204. 127 41.1.1 The rates and charges set forth

in each order form and Contract

are established in reliance on

the term commitment given by

the Purchaser. If Purchaser

cancels a service or order form

or terminates the Contract or

order for its convenience during

a term commitment, then

Purchaser shall have to pay to

Supplier which Purchaser

acknowledges is a genuine pre-

estimate of Supplier’s loss,

within ten (10) days of such

termination: (i) an amount

equal to the total of any and all

waived installation charges as

reflected on the terminated

order form(s), (ii) an amount

_ No Change

equal to one hundred percent

(100%) of the service fees

payable for the unexpired

remainder of the Contract

period, plus (ii) any

documented third party

expenses not covered by (i)

above incurred by Supplier in

respect of the terminated order

form (including any Local Loop

charges). In any event,

Purchaser shall be obligated to

pay Supplier for any service

delivered to Purchaser up to the

date of termination.

205. Additionally, Purchaser to

provide at least 60 days

termination notice in case

termination of Contract for

convenience

_ No Change

206. 41.1.2 (d) (i)

and (ii)

These clauses are not applicable

to the nature of Services to be


_ No Change

207. 128 41.1.3 Please insert new sub clause (f)

and mention the following :

_ No Change

208. Purchaser shall pay to Supplier

which Purchaser acknowledges

is a genuine pre-estimate of

Supplier’s loss, within ten (10)

days of such termination: (i) an

amount equal to the total of

any and all waived installation

charges as reflected on the

terminated order form(s), (ii) an

amount equal to one hundred

percent (100%) of the service

fees payable for the unexpired

remainder of the Contract

period, plus (ii) any



above incurred by Supplier in

respect of the terminated order

form (including any Local Loop


Purchaser shall be obligated to

pay Supplier for any service

delivered to Purchaser up to the

date of termination.

_ No Change

209. 129 41.2.1 (c) “…. This portion is not relevant to

the Contract since Supplier is

not providing any IPR to the

Purchaser

_ No Change

210. Including but not limited to

willful misrepresentation of

facts concerning ownership of

Intellectual Property Rights in,

or proper authorization and/or

licenses from the owner to

offer, the hardware, software,

_ No Change

or materials provided under this

Contract. “

211. 131 41.2.2 Cure Period of 14 days Please increase cure period to

30 days

_ No Change

212. 131 41.2.3 (c)

and (d)




_ No Change

213. 131 41.2.4 This clause is not applicable to

the nature of Services.

Purchaser will not be able to

complete the System on its own

considering the nature of

Services. Hence this sub-clause

should have be replaced with

the same Para as mentioned in

clause 41.1.2(c)

_ No Change

214. 132 41.2.6 This clause is not applicable to


provided by Supplier.

_ No Change

215. 133 41.3.1 We do not wish to give

additional 28 days’ time period

_ No Change

216. 134 41.3.3 (d) (i)

and (ii)




_ No Change

217. 135 42 Assignment Additionally, the Supplier may

assign the Contract to an

Affiliate or as part of a

corporate reorganization,

consolidation, merger or sale of

substantially all of its assets by

providing advance written

notice to Purchaser of any such

proposed assignment.

_ No Change

218. The term “Affiliate” means - an

entity that now or in the future,

directly or indirectly controls, is

controlled by or is under

common control with a party.

For purposes of the foregoing,

"control" shall mean the

ownership of more than fifty

percent (50%) of the (i) voting

power to elect the directors of

the said entity, or (ii) ownership

interest in said entity

_ No Change

219. 143 GCC 7.3 The Supplier’s obligations under

the Contract will include the

recurrent cost items and other

services (items ii, iii and iv) as

detailed below:,

Definition of “Operation and

Maintenance” required

_ No Change

220. i) Operation and Maintenance of

MPLS network systems for three

years from the date of

Commissioning and acceptance.

_ No Change

221. ii) Technical assistance during

warranty period.

Para (iv) may not applicable to

the nature of Services

_ No Change

222. iii) Warranty maintenance

support: All infrastructure of this

schedule

_ No Change

223. Will be under Comprehensive

warranty of three years.

_ No Change

224. iv) Changeover to higher version

of the offered standard software

and operating system during

warranty period.

_ No Change

225. 144 GCC 8.1 Purchaser would have to sign

Customer Order Form within 30

days from the Effective Date of

Contract

_ No Change

226. 144 GCC 9.5 Additional Clauses These are not applicable to the



_ No Change

227. 147 GCC 12.1 (A) (i) What is export authorization

against Bank Guarantee

_ No Change

228. 147 GCC 12.1 (B) Instead of quarterly

installments it should be

monthly

_ No Change

229. 148 GCC 12.3 Interest on delayed payment Interest payment to be 1.5

percent per month

_ No Change

230. 148 GCC13.3.1 Since the contract is for 36

months then why is

_ No Change

performance security required

for 42 months?

231. 149 GCC 15 This is not applicable to nature

of services to be provided by

Supplier

_ No change

232. 150 GCC 17.7 Since contract is terminated

then “Period of Contract”

would not be relevant. Instead

mention it as 3 years.

_ No change

233. 169 Definitions We understand that reference

to Company means Supplier

and reference to Customer

means Purchaser

_ No change

234. 211 Inspections and Tests prior to

shipment of Goods and at final

acceptance

These would not be relevant to



Acceptance will be in relation to

servicers only

_ No change

235. 228 List of Software and Materials:

In accordance with ITB Clause

13.1 (e) (vi) (ITB Clauses 13.1 (c)

(vi) and 25.1 (e) (vi) in the two-

stage SBD), Bidders must

submit, as part of their bids, lists

of all the Software included in

the bid assigned to one of the

following categories: (A) System,

General-Purpose, or Application

Software; or (B) Standard or

Custom Software. Bidders must

These are not applicable to the

nature of Services to be

provided by the Supplier

_

_

No change

also submit a list of all Custom

Materials. If provided for in the

Bid Data Sheet, the Purchaser

may reserve the right to

reassign certain key Software to

a different category.

236. 234 Bid Submission Form – First Para Suggest to re-word as under : _ No change

Having examined the Bidding

Documents, including Addenda

Nos. [ insert numbers ], the

receipt of which is hereby

acknowledged, we, the

undersigned, offer to supply,

install, achieve Operational

Acceptance of, and support the

Information System under the

above-named Contract in full

conformity with the said

Bidding Documents subject to

the terms mentioned in our

response to the Bidding

Documents for the sum of: ….

_ No Change

237. 235 4th Para Please delete the following : _ No Change

238. “We accept the appointment of

Sh. S C Agnihotiri, Retired

Controller of Stores, Indian

Railways with expertise in

Procurement, Contract

Management and Information

Technology., as in the Bid Data

_ No Change

Sheet ] as the Adjudicator.”

239. Replace with following text : _ No Change

240. Parties will mutually agree to

the appointment of an

independent person as the

Adjudicator depending upon

the nature of dispute

_ No Change

241. 235 5th Para Please delete the following Para

since it is not applicable to the

nature of services

_ No Change

242. We hereby certify that the

Software offered in this bid and

to be supplied under the

Contract (i) either is owned by

us, or (ii) if not owned by us, is

covered by a valid license from

the proprietor of the Software.

_ No Change

243. 235 8th Para Notification of award shall

contain mutually agreed terms

and conditions

_ No Change

244. 236 Attachment 6 : Intellectual

Property (Software and Material

Lists)

Not applicable _ No Change

245. 256 3.3 Software List Not Applicable _ No Change

246. 257 3.4 List of Custom Materials Not Applicable _ No Change

247. 280 Appendix 2 Adjudicator Parties shall agree upon the

name of Adjudicator when the

dispute arises depending on the

nature of dispute. Hence this is

not required as of now.

_ No Change

248. 282 Appendix 4 Categories of Software Not Applicable _ No Change

249. 283 Appendix 5 Custom Materials Not Applicable _ No Change

Additional Clauses Needs to be added

Sl

No.

Page

No Section /

Clause

No.


Change

Requested revised

specifications

Clarifications /



IASRI COMMENTS

Additional Clauses to be added are as under: (Supplier is also referred to as “Service Provider” in below

clauses):

No Change

(1) Definitions _ No Change

250. _ _ _ "Affiliate" means an entity that

now or in the future, directly or

indirectly controls, is controlled

by or is under common control

with a party. For purposes of

the foregoing, "control" shall

mean the ownership of more

than fifty percent (50%) of the

(i) voting power to elect the

directors of the said entity, or

_ No Change

(ii) ownership interest in said

entity.

251. _ _ _ "PURCHASER Premises" means

the location or locations

occupied by PURCHASER or its

End Users to which Service is

delivered.

_ No Change

252. _ _ _ "End Users" means any person

or entity deriving use of the

Services through the

PURCHASER including but not

limited to the PURCHASER, an

Affiliate of the PURCHASER or a

customer of the PURCHASER.

_ No Change

253. _ _ _ "Facilities" means any and all

devices supplied by Service

Provider that are used to

deliver the Services, including

but not limited to all terminal

and other equipment, wires,

fiber optic cables, lines, circuits,

ports, routers, switches,

cabinets, racks, private rooms

and the like. Facilities shall not

include any such devices sold to

PURCHASER by Service Provider

or owned by PURCHASER

_ No Change

254. _ _ _ "Governmental Authority"

means any federal, national,

state, regional, county, city,

municipal, local, territorial, or

tribal government, whether

foreign or domestic, or any

department, agency, bureau or

other administrative or

regulatory body obtaining

authority from any of the

foregoing, including without

limitation, courts, public utilities

and communications

authorities.

_ No Change

255. _ _ _ "Local Loop" means the

connection between the

PURCHASER Premises and a

Service Provider Point of

Presence.

_ No Change

256. _ _ _ "Order Form(s)" means the

form(s) so entitled (including

any attachments thereto)

signed by PURCHASER and

Service Provider setting out

matters relating to Service

Provider’s delivery of Services

to PURCHASER and governed by

the Contract.

_ No Change

257. _ _ _ "Service Commencement Date"

means (i) the date PURCHASER

has accepted or has been

deemed to have accepted the

service in accordance with the

provisions of the Contract; or

(ii) the date PURCHASER begins

using the service other than for

testing purposes, whichever

date is earlier.

_ No Change

258. _ _ _ "Service Provider Network"

means the telecommunications

network consisting of fibers and

optical and transmission

equipment which is owned

and/or leased and operated and

maintained by Service Provider

or its Affiliates.

_ No Change

259. _ _ _ "Service Provider Point of

Presence" means data center

space owned or leased by

Service Provider or any of its

Affiliates for the purpose of

among other things locating

and collocating communications

equipment and to which the

Service Provider Network is

directly connected

_ No Change

260. _ _ _ "Services Fees" means charges

for Service Provider services

(including but not limited to

_ No Change

monthly recurring charges and

non-recurring charges) as

identified in the Order Form(s)

261. _ _ _ (2) Miscellaneous _

262. _ _ _ 2.1 Additional Termination or

Suspension by Service Provider :

Service Provider shall have the

right, upon written notice, to

immediately terminate or

suspend the Contract or any

Order Form(s), and discontinue

or suspend the delivery of the

affected services (without

liability) in the event that:

_ No Change

263. _ _ _ (a) PURCHASER has violated any

law rule, regulation or policy of

any Governmental Authority

related to the services or

PURCHASER’s or an End User’s

use thereof; or

_ No Change

264. _ _ _ (b) PURCHASER has engaged in

conduct that has caused or may

cause (in Service Provider’s sole

reasonable judgment) damage

to the Facilities, Service

Provider Network or third

parties; or

_ No Change

265. _ _ _ (c) In the event Service Provider

receives any direction,

notification or instruction from

any Governmental Authority to

suspend or terminate the

provision of services to

PURCHASER (through no fault

or negligence of Service

Provider).

_ No Change

266. _ _ _ 2.2 Service Provider’s

Remedies. The rates and

charges set forth in each Order

Form are established in reliance

on the term commitment made

therein. If PURCHASER

cancels/terminates service or

Order Form during a term

commitment for convenience,

or if Service Provider terminates

an Order Form due to reasons

specified in Section 2.1 (of the

Miscellaneous terms above) ,

PURCHASER agrees to pay to

Service Provider which

PURCHASER acknowledges is a

genuine pre-estimate of Service

Provider’s loss, within ten (10)

days of such termination: (i) an

amount equal to the total of

any and all waived installation

charges as reflected on the

terminated Order Form(s), (ii)

an amount equal to one

_ No Change

hundred percent (100%) of the

Service Fees payable for the

unexpired remainder of

Contract period, plus (ii) any



above incurred by Service

Provider in respect of the

terminated Order Form

(including any Local Loop


PURCHASER shall be obligated

to pay Service Provider for any

service delivered to PURCHASER

up to the date of termination.

267. _ _ _ 2.4 Contents of

Communications. Service

Provider does not monitor and

will have no liability or

responsibility for the content of

any communications

transmitted via the services,

and PURCHASER will indemnify,

defend and hold Service

Provider harmless from any and

all claims (including claims by

any Governmental Authority

seeking to impose penal

sanctions) related to such

content or for claims by third

parties relating to PURCHASER’s

use of the service

_ No Change

268. _ _ _ 2.5 Content of the Internet.

Service Provider provides only

access to the Internet. Service

Provider does not operate or

control the information,

services, opinions or other

content of the Internet, and

Service Provider makes no

warranties or representations

regarding any such information,

services, opinions or other

content. PURCHASER agrees

that it shall make no claim

whatsoever against Service

Provider relating to the content

of the Internet or respecting

any information, product,

service or software ordered

through or provided by virtue of

the Internet. Service Provider

reserves the right to take such

measures as may be reasonably

necessary, in Service Provider’s

sole discretion, to ensure

security and continuity of

service on the Service Provider

Network, including but not

limited to identification and

blocking or filtering of Internet

traffic sources which Service

Provider deems to pose a

security or operational risk or a

violation of its AUP. In addition,

_ No Change

PURCHASER understands that

Service Provider does not own

or control other third party

networks outside of the Service

Provider Network, and Service

Provider is not responsible or

liable for any filtering or access

restrictions imposed by such

networks or for the

performance (or non-

performance) within such

networks or within

interconnection points between

the Service Provider Network

and other third party networks

269. _ _ _ 2.6 Regulatory and Legal

Changes. In the event of any

change in applicable law,

regulation, decision, rule or

order that materially increases

the costs or other terms of

delivery of service, Service

Provider and PURCHASER agree

to negotiate regarding the rates

to be charged to PURCHASER to

reflect such increase in cost

and, in the event that the

Parties are unable to reach

agreement respecting new

rates within thirty (30) days

after Service Provider’s delivery

of written notice requesting

negotiation, then (a) Service

Provider may pass such

increased costs through to

PURCHASER upon thirty (30)

days’ notice, and (b)

PURCHASER may terminate the

affected Order Form without

termination liability by

delivering written notice of

termination no later than thirty

(30) days after the effective

date of the rate increase

_ No Change

270. _

_

_

2.7 PURCHASER Premises.

PURCHASER will allow Service

Provider access to and use of

the PURCHASER Premises

_

No Change

required by Service Provider for

the inspection and scheduled or

emergency maintenance or

removal of the Facilities relating

to the services. Service

Provider shall have a right to

inspect any PURCHASER

Premises or any premises used

by an End User to ensure that

the PURCHASER and/or End

User is complying with all

applicable laws, rules and

regulations. Any such inspection

or non-inspection however,

shall not relieve PURCHASER of

any of its duties under the

Contract nor shall it cause

Service Provider to waive any of

its rights hereunder or impose

any duty, obligation or liability

onto Service Provider.

PURCHASER will be responsible

for providing and maintaining at

its own expense, the level of

power, heating and air

conditioning necessary to

maintain the proper

environment for the Facilities

on the PURCHASER Premises.

PURCHASER will provide a safe

place to work and comply with

all laws and regulations

regarding the working

conditions on the PURCHASER

Premises. In the event that

PURCHASER fails to meet its

obligations regarding the

PURCHASER Premises

hereunder and, as a result,

Service Provider is unable to

install or continue the delivery

of services, then

(notwithstanding the absence

of services) PURCHASER will pay

all charges for such services

during such time. Except for

emergency repairs or for

inspection at the instruction of

Governmental Authority,

Service Provider will notify

PURCHASER seven (7) days in

advance of any regularly

scheduled maintenance that

will require access to the

PURCHASER Premises.

271. _ _ _ 2.8 Acceptable Use Policy.

PURCHASER's use of service

shall at all times comply with

Service Provider’s then-current

Acceptable Use Policy ("AUP”)

and Privacy Policy, as amended

by Service Provider and

communicated in writing to

PURCHASER from time to time

and which are available on

Service Provider’s web site

_ No Change

(www.tatacommunications.com

). PURCHASER hereby expressly

acknowledges that it has

reviewed, understands and

accepts Service Provider’s AUP

and the rights of Service

Provider as set out in the AUP

272. _ _ _ 2.9 (i) PURCHASER represents

and warrants that the

performance of PURCHASER's

obligations under the Contract

and use of services will not

violate any applicable law, rule

or regulation or any applicable

manufacturers' specifications or

otherwise unreasonably

interfere with Service Provider

's customers' use of the services

or Service Provider Network ;

(ii) Service Provider represents

and warrants that the

performance of Service

Provider 's obligations under

the Contract will not violate any

applicable law, rule or

regulation.

_ No Change

http://www.tatacommunications.com/

http://www.tatacommunications.com/

_ _ _ 2.10 Facilities. Except as

otherwise agreed in writing,

title to all Facilities shall remain

with Service Provider. Service

Provider will provide and

maintain the Facilities in good

working order. PURCHASER

shall not, and shall not permit

others to, change, rearrange,

disconnect, remove, repair,

attempt to repair, or otherwise

tamper with any Facilities,

without the prior written

consent of Service Provider.

The PURCHASER shall ensure

that the Facilities shall not be

used for any purpose other

than that for which Service

Provider provides them.

PURCHASER shall not take any

action that causes the

imposition of any lien or

encumbrance on the Facilities.

In no event will Service Provider

be liable to PURCHASER or any

other person for interruption of

service or for any other loss,

cost or damage caused or

related to improper use or

maintenance of the Facilities by

PURCHASER or third parties

provided access to the Facilities

by PURCHASER.

No Change

273. _ _ _ 2.11 Disputed Bills. In the event

PURCHASER disputes in good

faith any portion of Service

Provider’s invoice, PURCHASER

must pay the undisputed

portion of the bill and submit a

written claim for the disputed

amount, documenting the basis

of its claim. All claims must be

submitted to Service Provider

within forty-five (45) days of

receipt of billing for those

Service Provider services.

PURCHASER acknowledges that

it is able to and that it is

reasonable to require

PURCHASER to dispute bills

within that time and

PURCHASER therefore waives

the right to dispute the charges

not disputed within the time

frame set forth above.

No Change

274. _ _ _ 2.12 PURCHASER will be solely

responsible for all charges

incurred respecting the Services

even if such charges were

incurred through or as a result

of fraudulent or unauthorized

use of the Services.

_ No Change

_ _ _ 2.13 PURCHASER-Provided

Equipment and Customer

Configuration. If requested by

PURCHASER, Supplier may, at

its option, install certain

PURCHASER-provided

communications equipment.

Unless otherwise agreed by

Service Provider in writing,

Service Provider will not

thereafter be responsible for

the operation or maintenance

of such PURCHASER-provided

equipment. PURCHASER shall

be solely responsible for the

compliance of its own

equipment with applicable

standards and for obtaining any

necessary approvals or

authorizations prior to its use.

Service Provider will not be

responsible for the transmission

or reception of signals by

PURCHASER-provided

equipment or for the quality of,

or defects in, such transmission

or reception. PURCHASER shall

ensure that PURCHASER-

provided equipment does not

interfere with or otherwise

degrade the operation of the

Facilities or the Service Provider

Network. Service Provider shall

_ No Change

have full control over the

configuration of the Service

Provider Network used in

providing the Service and shall

be entitled to alter the

configuration.

275. _ _ _ 2.14 Indemnification. Each

Party shall indemnify the other

from any claims by third parties

(including Governmental

Authority) and expenses

including legal fees and court

costs respecting (i) damage to

tangible property caused by

such Party’s negligence or

willful misconduct; (ii) a breach

by either Party of above

referred clause 2.9 (i) and 2.9

(ii) respectively;

_ No Change



File. No. : 36(26)/2012 -CPS Annexure – II

Addenda No. 1

Subject : Addenda in the Bid Document IFB No: 36(26)/2012 - CPS due on 21/11/2012 and extended up to 20.02.2013 for procurement of

Equipments / Goods/ Services for Establishment, operation, maintenance of MPLS network (National Agricultural Bioinformatics Grid) under

National Agriculture Innovation Project in ICAR at IASRI New Delhi.

Against Credit 4161-IN/4162-IN

1. The following specifications of subject Bid Document are amended as under:-

Note : The page numbers mentioned in this document are as per the published PDF document ( Upper right corner) of this ICB .

S.No. Page No.

Queries Reference No.

Section Original Specification As Per Bid Document Read as

1. 3 Qualification

Criteria

1. The bidder should have 50 crore turnover in each last three Financial Years ending on 31.03.2012.


2. 3 -do- 2. The bidder should have at least 200 MPLS PoPs. 2. The bidder or any one of its JV Partner should have at least 100 MPLS PoPs.

3. 3 -do- 3. The bidder should have in similar service (MPLS VPN) in last 3 Years.

3. The bidder or any one of its JV Partner should have in similar service (MPLS VPN) in last 3 Years (2009-2012).

4. 3 -do- 4. The bidder should have National Long Distance License (NLD) /UASL or other valid license to offer MPLS VPN services in all Indian states and Union territories.

4. The bidder or any one of its JV Partner should have National Long Distance License (NLD) /UASL or other valid license to offer MPLS VPN services in all Indian states and Union territories.

5. 3 -do- 5. The bidder should delivered MPLS VPN Services in at least 15 states in India.

5. MPLS network should be covering all state capital and main cities. The bidder or any one of its JV Partner should delivered MPLS VPN Services in at least 15 states in India.

6. 3 -do- 6. The bidder should have delivered and working with MPLS VPN network of minimum 1000 links.

6. The bidder or any one of its JV Partner should have delivered and working with MPLS VPN network of minimum 500 or more MPLS links.

7. 3 -do- 7. The bidder should have minimum 2 NOCs in different seismic zones in India with at least 100 engineers each. At least one NOC should be DoT certified.

7. The bidder or any one of its JV Partner should have minimum 2 NOCs in different seismic zones in Global and at least one in India with at least 50 engineers each.

8. 3 -do- 8. The bidder should have ISO-27000, ISO 9001 and ISO 20000 certificates.

8. The bidder or any one of its JV Partner should have ISO-27000:01, ISO 9001:2000 and ISO 20000 certificates.

9. 3 -do- New Added Qualification 9. The bidder or any one of its JV Partner shall have on bidders Payroll at least 20 engineers with CCNA/CCNP for managing field problems and 02 engineers with CCIE certification in “Routing & Switching” and/or “Security” specializations to provide support in case of critical problems and 05 no. of ITIL Certified personal for end to end management from last one year.

10. 43 ITB 6.1 (a) Qualification

requirements

for Bidders

1.The bidder should have 50 crore turnover in each last three Financial Years ending on 31.03.2012.and also should have been profitable for all these years


11. 43 -do- 2. The bidder should have at least 200 MPLS Pops.

CTO certificate (Attach list)

2. The bidder or any one of its JV Partner should have at least 100 MPLS Pops.

Any one of JV Partner or bidder to provide necessary document.

12. 43 -do- 3. The bidder should have been in similar service in last 3 Years (2008-2011).

Certification of incorporation

3. The bidder or any one of its JV Partner should have in similar service (MPLS VPN) in last 3 Years (2009-2012).

Certification of incorporation of the Bidder. In case of JV certificate of all participants should be enclosed.

13. 43 -do- 4. The bidder should have National long distance license (NLD) /UASL or other valid license to offer MPLS VPN services in all Indian states and Union territories.


14. 43 -do- 5. MPLS network should be covering all state capital and main cities. The bidder should delivered MPLS VPN Services in at least 15 states in India.


15. 43 -do- 6. The bidder should have delivered and should be presently working with MPLS VPN network of minimum 1000 links. 500 or more MPLS Link.


16. 43 -do- 7. The bidder should have NOC (Network Operation Centre) with at

HR certificate

7. The bidder or any one of its JV Partner should have minimum 2 NOCs in different seismic zones in

CTO certificate

least 100 engineers minimum 2 NOCs in different seismic zones in India with at least 100 engineers each. At least one NOC should be DoT

Global and at least one in India with at least 50 engineers each.

17. 44 -do- 8. The bidder should have ISO-27000, ISO 9001 and ISO 20000 certificates.


18. 44 -do- New Added Qualification and Documentation required

9. The bidder or any one of its JV Partner shall have on bidders Payroll at least 20 engineers with CCNA/CCNP (Cisco Certified Network Associate / Cisco Certified Network Associate Professional) for managing field problems and 02 engineers with CCIE (Cisco Certified Internetwork Expert) certification in “Routing & Switching” and/or “Security” specializations to provide support in case of critical problems and 05 no. of ITIL Certified personal for end to end management from last one year.

Declaration from Bidder and Required certificates and CV’s of the employees.

19. 168 Technical

Requirements,

1.1.2 Scope of

Work

Detail scope of work for each component has been

provided in the technical specification, Service

Level Agreement and Related Information

Technology Issues and Initiatives sections given

below

Detail scope of work for each component has been provided in the technical specification, Service Level Agreement, Network Diagram with Details Explanation of Network Connectivity and Implementation of NKN and Related Information Technology Issues and Initiatives sections given below.

20. 169 Technical

Requirements, 1.2

Service Level

Agreement:

Performance

Requirements of the

System

Internet Service Level Agreement (SLA) Complete SLA for Internet is Deleted because we are going to use NKN Internet.

21. 181 Technical Requirements, SLA for MPLS, 2.3 SERVICE LEVEL PARAMETERS

Service Availability (Service uptime including

last mile) IASRI hub site 99.9%

Service Availability (Service uptime including last mile) IASRI hub site 99.5%

22. 181 Technical Requirements, SLA for MPLS, 2.3 SERVICE LEVEL PARAMETERS

I. IASRI Site MTTR repair 3 hours I. IASRI Site MTTR repair 4 hours

23. 182 Technical Requirements, SLA for MPLS 2.6 SERVICE CREDITS

< 99.9% to 99.5% 3% of MRC

< 99.5% to 99.3% 3% of MRC

24. 182 Technical Requirements, SLA for MPLS 2.6 SERVICE CREDITS

<99.5% to 99% 4.5% of MRC

<99.3% to 99% 4.5% of MRC

25. 187 1.3 Related Information Technology Issues and Initiatives




2. The bidder should have at least 200 MPLS Pops. 2. The bidder or any one of its JV Partner should have at least 100 MPLS Pops.


3. The bidder should have in similar service (MPLS VPN) in last 3 Years.

3. The bidder/JV Partners should have in similar service (MPLS VPN) in last 3 Years (2009-2012).


4. The bidder should have National Long Distance License (NLD) /UASL or other valid license to offer MPLS VPN services in all Indian states and Union territories



5. The bidder should delivered MPLS VPN Services in at least 15 states in India.



6. The bidder should have delivered and working with MPLS VPN network of minimum 1000 links.



7. The bidder should have minimum 2 NOCs in different seismic zones in India with at least 100 engineers each. At least one NOC should be DoT certified.

7. The bidder or any one of its JV Partner should have minimum 2 NOCs in different seismic zones in Global and at least one in India with at least 50 engineers each.


8. The bidder should have 24*7 Help Desk

8.The bidder or any one of its JV Partner should have 24*7 Help Desk


9. The bidder should have Toll free number.

9. The bidder or any one of its JV Partner should have Toll free number.


8. The bidder should have ISO-27000, ISO 9001 and ISO 20000 certificates.



New Added Qualification 11. The bidder or any one of its JV Partner shall have on bidders Payroll at least 20 engineers with CCNA/CCNP for managing field problems and 02 engineers with CCIE certification in “Routing & Switching” and/or “Security” specializations to provide support in case of critical problems and 05 no. of ITIL Certified personal for end to end management from last one year.

36. 187 1.3 Related Information Technology Issues

New Added Qualification 12. The bidder or any one of its JV Partner should provide a 10 Days In-

and Initiatives house training at IASRI for IASRI support staff will be conducted after operational acceptance and 2 days at least once a year up to three years.


11.The bidder should provide a at least 10 Days

Network Administrator training that cover all the

advance topic about Security, Management,

Administration of IPS, Firewall, NAC, AAA,

Router, LLB etc.

13. The bidder or any one of its JV Partner should provide a at least 07 Days Network Administrator training that cover all the advance topic about Security, Management, Administration of IPS, Firewall, NAC, AAA, Router, LLB etc. During implementation of the solution, a team of four IASRI officers would be sent to OEM’s product development centre globally for a period of one week, as part of a training programme on the Networking and Security solution deployed. All the cost related to the training (travelling, boarding and lodging, etc.) shall be borne by the vendor.


New Added Qualification 16. Bidder or any one of its JV Partner should provide OEM Authorization letter for three years Services and Warranty.


New Added Qualification 17. The Proposed Products of the OEM should be ISO –Certified.


New Added Qualification 18. The Proposed Products of the OEM should have in Gartner/IDC Report.


New Added Qualification 19. Bidder should either be an authorized Dealer/ distributor/system integrator of the OEM(s) of the offered products. A certificate to this effect should be enclosed with the bid (Authorization letter issued by OEM for this Bid).


New Added Item 20. The bidder shall be responsible for the creating the telecom room infrastructure for terminating the ISP last mile connectivity, the scope of work shall include but not limited to provide the following: 1 number 42u Rack with 2 Nos. PDU and other accessories, Glass Partitioning enclosure to accommodate the above rack, and suitable Door, 2 Numbers Comfort A/C, Timing Control for Operation the above A/C in sequence, Antistatic Flooring, Network Cabling connectivity with the DC, Lighting fixtures,1 wall socket of 5 Ampere Rating, Biometric Entry to the Door of the ROOM, Electrical Cabling from the Existing DC to the telecom room, (no backup/UPS is to be provisioned by Bidder, same shall be facilitated from the Existing DC UPS), Necessary Patch cords and cabling, Signage etc.


New Added Qualification 21. Three years comprehensive onsite warranty 24*7 should cover all items of hardware, Software and its updates, license and support.


New Added Qualification 22. Warranty for all components will start only after successful completion the acceptance test.


New Added Qualification 23. OEMs of Routers, Firewall, IPS, UTM and Switches Should certify that they will provide support for their product and will maintain spares inventory as required.


New Added Qualification 24. Bidder or any one of its JV Partner should have back to back arrangement with OEM for providing warranty and support.


New Added Qualification 25. OEM should have all the responsibility of service and support during the Warranty and AMC period.


New Added Qualification 26. Firewall and UTM should be from different OEM’s.

49. 190 C. TECHNICAL

SPECIFICATIONS

C1.0 Internet Connectivity C1.0 Internet Connectivity (Implementation of the existing NKN

connectivity worth 1Gbps across the central site).


SPECIFICATIONS,

Internet Connectivity

C1.0-(I) 20MBPS Internet Connectivity and Features:

Deleted this Scope of Work of 20 Mbps Internet Connectivity and its features.


SPECIFICATIONS,

C2.0 MPLS

Connectivity

C2.0-(I) 48 MBPS MPLS Connectivity C2.0-(I) 24 MBPS MPLS Connectivity


SPECIFICATIONS,

C2.0 MPLS

Connectivity

MPLS network should be on dedicated fiber based solution.

The last mile shall be on OFC in a self-healing ring architecture


SPECIFICATIONS,

C2.0 MPLS

Connectivity

MPLS Ring Fiber channel is connected to The bidder Pop as Active and Backup line.

The proposed link should be capable of prioritization of Voice/Video/Data traffic on basis of class of Service (CoS) /QoS.


SPECIFICATIONS,

C2.0 MPLS

Connectivity

MPLS bandwidth can virtually be shared the link as the dedicated internet connection as well as the dedicated MPLS connection.

MPLS bandwidth should be dedicated MPLS connection between the Primary Data Centre and Regional Data Centre.


SPECIFICATIONS,

C2.0 MPLS

Connectivity

The bidder should provide 99.9% uptime of the link.

The bidder should provide 99.5% uptime of the link.


SPECIFICATIONS,

C2.0 MPLS

Connectivity

Break Link should be repaired within Two Hours (Maximum).

Break Link should be repaired within Four Hours (Maximum).

57. 191 C3.0 Hardware & Software for Internet and MPLS Connectivity

C3.0-(I) Router for Internet Connectivity 01 Nos. C3.0-(I) Router for Internet Connectivity 02 Nos.

58. 191 C3.0-(I) Router for Internet Connectivity

New added feature in Router Architecture: Router should have common criteria certification and EAL Certification.


Should provide performance of up to 2000 Kpps Should provide performance of up to 2000 Kpps for IPv4 & IPv6.

60. 191 C3.0-(I) Router for Internet

Router should have 2 or more Service Module slot Router should have 2 or more Service /Network Module Slot Module slot

Connectivity with hot swappable modules.

with hot swappable modules.


Non-Stop forwarding on the routing protocols NSF

Awareness.

"NSF Awareness/ Graceful Restart (GR) /non-stop-routing (NSR)".


Should support cRTP to compress voice (RTP)

streams

Should support cRTP /LFI to compress voice (RTP) streams


Should support hardware or software assisted flow-

based traffic analysis of applications, hosts,

performance-based measurements on application

and network latency, quality of experience metrics

for network-based services such as voice over IP

(VoIP) and video.

Should support hardware or software assisted flow-based traffic analysis such as net flow /sflow or equivalent.


Should have the ability to monitor events and take

informational, corrective, action when the

monitored events occur or when a threshold is

reached.

Should have the ability to monitor events and take informational, corrective, action when the monitored events occur or when a threshold is reached through NMS.

65. 193 C3.0-(II) MPLS Router In High Availability Mode

New added feature in Router Architecture: Router should have common criteria certification and EAL Certification.


Should provide performance of upto 2000 Kpps. Should provide performance of upto 2000 Kpps for IPv4 & IPv6.


V.35 Sync Serial (2 Mbps), Async Serial, E1 G.703.

V.35 Sync Serial (2 Mbps), E1 G.703.


Ch-E1 , E3 and STM-1 support

Ch-E1/E1, E3.


IPSec VPN IPSec VPN/ SSL VPN /Tunnel-Less VPN/Dynamic-VPN


SSL VPN Feature Deleted


Tunnel-Less VPN Feature Deleted


Non-Stop forwarding on the routing protocols NSF

Awareness.

"NSF Awareness/ Graceful Restart (GR) /non-stop-routing (NSR)".



streams

Should support cRTP/LFI to compress voice (RTP) streams


Support for Auto-QoS

Support for Auto-QoS/Equivalent.


It should be possible to recognize a wide variety of

applications, including web-based and other

Feature Deleted

difficult-to-classify protocols that utilize dynamic

TCP/User Datagram Ports (UDP) port assignments.

When an application is recognized and classified, a

network should be able to invoke services for that

specific application


Should support hardware/Software assisted flow-





(VoIP) and video.

Should support hardware/Software assisted flow-based traffic analysis such as net flow /sflow or equivalent.





reached.


78. 195 C3.0-(III) Firewall In High Availability Mode

Internal redundant power supply

Redundant power supply


Encrypted throughput: minimum 800 Mbps

Encrypted throughput: minimum 1500 Mbps


Concurrent connections: up to 1,000,000

Concurrent connections: up to 2,000,000


New Added feature Firewall should support minimum 50,000 new connections per second


New Added feature BGP4,OSPF v3, RIPng


RTP, L2TP

RTP


PPPoE, EAP-TLS, RTP

PPPoE, RTP


Other support Other support (Required at day Zero)


802.1Q, NAT, PAT, IP Multicast support, Remote

Access VPN, Time based Access control lists, URL

Filtering, support VLAN, Layer 2 Firewall, Virtual

Firewall, Radius/ TACACS

802.1Q, NAT, PAT, IP Multicast support, IPsec VPN, Time based Access control lists, support VLAN, Layer 2 Firewall, , Radius/ TACACS

87. 197 C3.0-(IV) IPS (Intrusion prevention system)

The vendor shall proposed a IPS system capable of

supporting a traffic inspection throughput of up to

5.0 Gbps

The vendor shall proposed a IPS system capable of supporting a traffic inspection throughput of up to 1.5 Gbps

88. 197 C3.0-(IV) New Added feature The IPS should have SSL traffic inspection capability through internal /

IPS (Intrusion prevention system)

external SSL appliance.


The proposed IPS should provide the ability to

protect up to 10 x 1GE segments + 1 x 10GE

network segment. 5 x 10/100/1000 Copper segments

and 5 x 1GE SFP segments plus 1 x 10GE XFP

segment.

The proposed IPS should provide the ability to protect up to 6 x 1GE segments 3 x 10/100/1000 Copper segments and 3 x 1GE SFP segments.


The proposed IPS should able to provide security

context for up to 100,000 sessions

Feature Deleted


The proposed IPS should support 100,000

connection per seconds setup

The proposed IPS should support 60,000 connection per seconds setup


The proposed IPS must able to operate in

Asymmetric traffic environment with DV filters

protection

Feature Deleted


The proposed IPS solution must support Adaptive

Filter Configuration which will alert or disable

ineffective filter in the event of congestion

condition.

Feature Deleted


The proposed IPS solution must passed in ICSA

Labs IPS certification

The proposed IPS solution must pass in ICSA Labs IPS certification /NSS Lab Certification.


The proposed IPS solution must support Digital

vaccine update of at least 2 times a week or at least

100 update per year.

The proposed IPS solution must support Signature update of at least 1 times a week or at least 100 update per year.


The proposed management system shall allow the

update of latest Digital Vaccine to be manually,

automatically or based on schedule

The proposed management system shall allow the update of latest Digital Vaccine/Signature to be manually, automatically or based on schedule


The proposed management system shall allow the

distribute of latest Digital Vaccine update manually,

automatically or based on schedule to the various

IPS devices

The proposed management system shall allow the distribute of latest Digital Vaccine/Signature update manually, automatically or based on schedule to the various IPS devices


New Added feature IPS should have the ability to control traffic based on geographical locations. For e.g. a policy can be created to block traffic coming or going to a particular country.


New Added feature IPS should have the ability to block connection to or from outside based on the reputation of the IP address that is trying to communicate with the

network using global threat intelligence.


New Added feature IPS Should support provide advanced botnet protection using heuristic/annually detection methods.

101. 201 C3.0-(V) L2

Switch for

MPLS

C3.0-(V) L2 Switch 16 Port (10/100/1000

Mbps) for MPLS in High Availability Mode

and Single Mode for Internet

03 Nos. C3.0-(V) L2 Switch 24 Port (10/100/1000 Mbps) for MPLS in High Availability Mode and High Availability Mode for Internet (NKN)

04 Nos.

102. 201 C3.0-(V) L2

Switch for

MPLS

Physical Specification: Should be rack mountable

with 16-port 10/100/1000Mbps and 2 1000BaseT or

SFP slots

Physical Specification: Should be rack mountable with 24-port 10/100/1000Mbps with 4 combo ports.

103. 201 C3.0-(V) L2

Switch for

MPLS

11.9 million packets per second forwarding rate on

64-byte packets

35 million packets per second forwarding rate on 64-byte packets

104. 201 C3.0-(V) L2

Switch for

MPLS

Centralized VLAN Management. VLANs created

on the Core Switches should be propagated to all the

other switches automatically, thus reducing the

overhead of creating / modifying / deleting VLANs

in all the switches in turn eliminating the

configuration errors & troubleshooting.

feature Deleted

105. 202 C3.0-(V) L2

Switch for

MPLS

Unknown unicast and multicast port blocking to

allow tight control by filtering packets that the

switch has not already learned how to forward

Unknown unicast and multicast port blocking to allow tight control by filtering packets.

106. 203 C3.0-(V) L2

Switch for

MPLS

BPDU Guard feature, to shut down Spanning Tree

Protocol Port Fast enabled interfaces when BPDUs

are received to avoid accidental topology loops.

BPDU/Equivalent Guard feature, to shut down Spanning Tree Protocol Port Fast enabled interfaces when BPDUs/Equivalent feature are received to avoid accidental topology loops.

107. 203 C3.0-(V) L2

Switch for

MPLS

Support SNMPv1, SNMPv2c, and SNMPv3 and

Telnet interface support delivers comprehensive in-

band management, and a CLI-based management

console provides detailed out-of-band management.

Support SNMPv1, SNMPv2c, and SNMPv3 and Telnet interface support delivers comprehensive in-band management, and a CLI-based management console.

108. 203 C3.0-(VI)

NMS

(Network

Management

System)

New Added feature The proposed NMS Solution should support seamless Integration with the existing EMS (HP-Open View)

109. 204 C3.0-(VI)

NMS

(Network

Management

System)

Support for inventory management- Inventory

management is a time consuming effort, especially

if the job has to be performed on every single device

separately. Detailed hardware and software

characteristics for the device must be stored and

analyzed for better management.

Support for inventory management- Inventory management tool required only for network devices.

110. 204 C3.0-(VI)

NMS

(Network

Management

System)

3. Display the total traffic, max. rate, min. rate,

average rate and link utility in the incoming and

outgoing directions within a given time span in the

form of table statistics.

Feature Deleted

111. 204 C3.0-(VI)

NMS

(Network

Management

System)

4. Manage the applications without fixed ports, for

example, P2P, BT, and eDonkey. This type of

applications is identified based on the features of the

data of the packet application layer.

Feature Deleted

112. 204 C3.0-(VI)

NMS

(Network

Management

System)

Provide LAN trouble shooting capabilities at the

network and application packet levels (display

single or multi-segment, real-time performance

information at the data link, network and application

layers with intuitive drill downs)

Provide LAN trouble shooting capabilities at the network and application packet levels (display single or multi-segment, real-time performance information network and application layers).

113. 205 C3.0-(VII)

UTM (Unified

threat

management)

New Added Item C3.0-(VII)

UTM (Unified threat management) 02Nos.

114. Firewall throughput should be at least 5Gbps or above with VPN performance with encryption of 1Gbps or above

115. The device should have integrated IPS with IPS throughput of 750Mbps or higher and should have support for antivirus with its throughput of 250Mbps or higher

116. The device shall support at least 350,000 concurrent connections with least 25000 connections per second and it Should support at least 7000 security policies

117. The device should support Unlimited users 118. Minimum of 6 x 10/100/1000 Copper Ports and Min. 4 Fiber Ports on day

one with Support for PoE ports(optional when required) and at least 1 WAN slot

119. Support DES (56-bit), 3DES (168-bit) and AES encryptions 120. Support static NAT ,Policy based NAT and PAT(Port Address Translation) 121. DoS and DDos protection for all/any interface, should have IP spoofing,

and provide protection against SYN cookie 122. should have Intrusion Prevention System (IPS), should support State full

protocol signatures 123. Should have support for UTM features like Antivirus, Antispyware,

AntiSpam, Antiadware, Antikeylogger & Should support Content filtering

124. Command Line Interface using console, Telnet and SSH and should be manageable with the proposed centralized management system

125. Should support deployment in Active/Active High Availability (HA) architecture

126. Shall be capable of Stateful Failover of Firewall and VPN Sessions 127. VRRP should be supported 128. Link failure detection 129. Should support at least 3500 VLANs 130. The device should support BGP, OSPF, Rip v1/v2, static routes, IGMP

v1/v2/v3 & RSVP 131. User authentication based on RADIUS, RSA Secure-ID, and LDAP & Internal

user database for user authentication. 132. 205 D1.0-(I)

24 MBPS

MPLS

Connectivity

24 MBPS MPLS Connectivity

12 MBPS MPLS Connectivity

133. 205 D1.0-(I)

24 MBPS

MPLS

Connectivity

MPLS network should be on fiber based solution.

The last mile shall be on OFC in self-healing ring architecture (for only Kusmaur, Maunath Bhanjan location if last mile on OFC is not possible then you can provide last miles on RF with the same SLA).

134. 205 D1.0-(I)

24 MBPS

MPLS

Connectivity

MPLS connectivity should be in a Single Fiber

channel connection.

The proposed link should be capable of prioritization of Voice/Vedio/Data traffic on basis of class of Service (CoS)/QoS.

135. 206 D1.0-(I)

24 MBPS

MPLS

Connectivity

MPLS bandwidth can virtually be shared the link as

the dedicated internet connection as well as the

dedicated MPLS connection.

MPLS bandwidth should be dedicated MPLS connection between the Primary Data centre and Regional Data Centre.

136. 206 D2.0-(I)

Router for

MPLS

Connectivity

New Added feature Router should have common criteria certification and EAL Certification.

137. 206 D2.0-(I)

Router for

MPLS

Connectivity

V.35 Sync Serial (2 Mbps), Async Serial, E1 G.703. V.35 Sync Serial (2 Mbps), E1 G.703.

138. 206 D2.0-(I)

Router for

MPLS

Connectivity

Ch-E1, E3 and STM-1 should be supported. Ch-E1/E1, E3 should be supported.

139. 206 D2.0-(I)

Router for

MPLS

Connectivity

IPSec VPN IPSec VPN/ SSL VPN / Tunnel-Less VPN/Dynamic VPN.

140. 206 D2.0-(I) SSL VPN Feature Deleted

Router for

MPLS

Connectivity

141. 206 D2.0-(I)

Router for

MPLS

Connectivity

Tunnel-less VPN

Feature Deleted

142. 206 Non-Stop forwarding on the routing protocols NSF

Awareness.

"NSF Awareness/ Gracefull Restart (GR) /non-stop-routing (NSR)"

143. 207 D2.0-(I)

Router for

MPLS

Connectivity


streams

Should support cRTP/LFI to compress voice (RTP) streams

144. 207 D2.0-(I)

Router for

MPLS

Connectivity

Support for Auto-QoS

Support for Auto-QoS/Equivalent.

145. 207 D2.0-(I)

Router for

MPLS

Connectivity

It should be possible to recognize a wide variety of

applications, including web-based and other

difficult-to-classify protocols that utilize dynamic

TCP/User Datagram Ports (UDP) port assignments.

When an application is recognized and classified, a

network should be able to invoke services for that

specific application

Feature Deleted

146. 208 D2.0-(I)

Router for

MPLS

Connectivity

Should provide a provision to analyze IP service

levels for IP applications and services by using

active traffic monitoring (the generation of traffic in

a continuous, reliable, and predictable manner) for

measuring network performance

Should support integration of NMS for providing a provision to analyze IP service levels for IP applications and services by using active traffic monitoring (the generation of traffic in a continuous, reliable, and predictable manner) for measuring network performance

147. 208 D2.0-(I)

Router for

MPLS

Connectivity

Should support hardware or software assisted flow-





(VoIP) and video.

Should support hardware or software assisted flow-based traffic analysis such as net flow /sflow or equivalent.

148. 208 D2.0-(I)

Router for

MPLS

Connectivity




reached.


149. 208 D2.0-(II)

Firewall Encrypted throughput: minimum 300 Mbps Encrypted throughput: minimum 500 Mbps

150. 208 D2.0-(II)

Firewall Concurrent connections: up to 1,000,00 Concurrent connections: up to 5,000,00

151. 208 D2.0-(II)

Firewall New Added feature Firewall should support minimum 25,000 new connections per second

152. 209 D2.0-(II)

Firewall Firewall throughput: Up to 01 Gbps Firewall throughput: Up to 02 Gbps

153. 209 D2.0-(II)

Firewall New Added feature BGPv4, OSPF v3, RIPng.

154. 209 D2.0-(II)

Firewall RTP, L2TP RTP

155. 209 D2.0-(II)

Firewall PPPoE, EAP-TLS, RTP PPPoE, RTP

156. 209 D2.0-(II)

Firewall •Other support •Other support (Required at day Zero)

157. 209 D2.0-(II)

Firewall 802.1Q, NAT, PAT, IP Multicast support, Remote

Access VPN, Time based Access control lists,

support VLAN, Layer 2 Firewall, Radius/ TACACS

802.1Q, NAT, PAT, IP Multicast support, , IPsec VPN, Time based Access control lists, support VLAN, Layer 2 Firewall, Radius/ TACACS.

158. 214 Section VI.

Technical Requirements

Replacement Diagram

E. IMPLEMENTATION SCHEDULE (Tentatively)

Wk1 Wk2 Wk3 Wk4 Wk5 Wk6 Wk7 Wk8 Wk9 Wk10 Wk11 Wk12 Wk13 Wk14 Wk15 Wk16 Wk16-171

Delivery and Procurement of Hardware

Site Readiness Assessment

Existing Setup Study

Site Remediation Recommendation

Validation & finalization of final system requirement

Design workshops to capture the current and planned

business and technical requirements

Development of Low Level Design (LLD) document

Bandwidth Termination & Configuration

Scheduling & Tracking of Deliveries

BOM Verification & Installation as per LLD

Review and finalization of Acceptance Test plans

Refining and fine-tuning network and system configuration

based on test results

Acceptance Test sign-off

Handholding Training

Operations & Maintenance

M4

Training

Validation

Bandwidth Handover

M1 M2

Activity

Delivery of Hardware

Planning

Design

Implementation

M3

Sustenance 159. 215 Section VI.

Technical

Requirements

Table-A

System Inventory Table

C1.0 20 MBPS Internet Connectivity 01 C1.0 Implementation of NKN Internet Connectivity 01

160. 215 Section VI. Technical

Requirements

Table-A

System Inventory

C2.0 48 MBPS MPLS Connectivity C2.0 24 MBPS MPLS Connectivity

Table


Technical

Requirements Table-A

System Inventory Table

D1.0 24 MBPS MPLS Connectivity D1.0 12 MBPS MPLS Connectivity

162. 225 Section VI. Technical

Requirements

H. Attachments

(Drawing No.1)

1.MPLS and Internet

Connectivity

For Designing the MPLS

and Internet Connection at

Main Site as well as Domain

Site.

1. Network Connectivity To define the connectivity type between the primary datacenter and regional datacenters. Also defining the outside access to the primary datacenter through existing NKN network.


Technical

Requirements

H. Attachments (Drawing No.2)

New Added Drawing 2.Primary Datacenter The figure shows the existing and the required infrastructure to complete the datacenter design.


Technical

Requirement

s

Replaceme

nt of

Drawing-1

Drawing-1


Technical

Requirement

s

New Added

Drawing

Drawing-2


Technical

Requirement

s New Added Scope of work (About Given Drawing Network Connectivity)

Scope of Work 1. Network Connectivity

1. IASRI shall like to use the existing NKN connectivity worth 1Gbps across the central site and the 5 Regional

Datacenters, and hence this connectivity shall be used as a primary mode of interconnectivity between the sites

over IPsec VPN.

2. IASRI shall require a secondary MPLS connectivity for all the Regional Datacenters to the Central Site as shown

in the network diagram. The Central Site shall have single 24 Mbps connectivity to this network and the Regional

Datacenters have been planned to have single 12 Mbps connectivity each to complete the internetwork between

the regional and central site.

3. All the internet traffic shall be under the purview of the existing NKN link and hence shall be controlled through

access policy for outside access to the facility. The existing webservers available for the internet users accessing

the IASRI facilities shall be a part of the DMZ and the core HPC framework shall have no direct access from the

internet and has to be segregated from the direct internet access in a Militarized Zone as shown in the network

diagram.

4. At present 3 out of the 5 Regional Datacenters have NKN connectivity deployed at sites and the other 2 shall get

connected to the NKN in near future.

5. Central Site and 3 Regional Datacenters have existing NKN connectivity with a single link of 1 Gbps. 6. The connection between the sites shall be encrypted over secure IPsec-VPN, to avoid any intrusion from the public

network.


Technical

Requirement

s New Added Scope of work details (About NKN)

2. National Knowledge Network Key Highlights NKN was approved in March 2010 by the Cabinet with an outlay of ` 5990 Crores. As a forerunner of NKN Initial phase has been successfully executed by National Informatics Centre (NIC). The architecture of NKN has been designed for reliability, availability & scalability. The network consists of an ultra-high speed core, starting with multiple 2.5/10 G and progressively moving towards 40/100 Gigabits per Second (Gbps). The core is complimented with a distribution layer covering all districts at appropriate speeds. The participating institutions at the edge would seamlessly connect to NKN at gigabit speed. The NKN shall be a critical information infrastructure for India to evolve as a knowledge society. NKN is a significant step which will enable scientists, researchers and students from across the country to work together for advancing human development in critical and emerging areas.

NKN Services Generic Services: Internet, Intranet, Network Management Views, e-Mail, Messaging Gateways, Caching Gateways, Domain Name System, Web Hosting, Voice over IP, Multipoint Control Unit (MCU) Services, Video Portals, SMS Gateway, Co-Location Services, Video Streaming etc. Community Services: Shared Storage, e-Mail List Software Application (LISTSERV), Authentication Service, EVO, Session Initiation Protocol (SIP), Collaboration Service, Content Delivery Service, International Collaborations with EU-India Grid, Global Ring Network for Advanced Applications Development (GLORIAD) etc. Special Services: Virtual Private Network Stitching Services [VPN@L2 (Virtual Private Wire Service /Virtual Private LAN Service), VPN@L3] etc.

NKN is a hierarchical network divided into three basic layers - Core (Level 1), Distribution (Level 2), and Edge (User Level).

Depending on the type of connectivity required by the user organization, geographical presence, and the location of Points of

Presence (PoP) of NKN, (belonging to Core and Distribution), connectivity would be provided to the institutes. NKN backbone will

typically have 18 Core PoPs and around 25 Distribution PoPs across the country.

The Core PoPs will be connected as per the figure below. Distribution PoPs can connect to different core PoPs using links from

different National Long Distance service providers (NLDs), and form the NKN Backbone. Each of the Core PoPs will have last mile

from a different NLD. This would ensure high availability at the PoP level. The proposed Core Backbone for NKN is shown in the

figure.

From the NKN PoPs, end user institutions are directly connected. These connections are referred to as Edge connectivity or the Last

Mile. In large cities it may so happen that NKN will have multiple PoPs. When multiple PoP locations are there in the same city,

design should be such that they are economically utilized from the point of view of end users, NLDs, and long distance link

investment and management. For example, in a city with Dual PoPs, the interconnection between the NKN PoPs and the end users

will be as shown in the figure. In such scenarios, institutes that can demonstrate the need for extremely high availability can be

provided with the last mile from different NLDs to the two different NKN PoPs. Institutes in such cities with 1 Gbps bandwidth

would be connecting using Optical Fiber Cable (OFC) with in-built protection by the NLD, and the remote end will be terminated on

both the NKN PoPs; one of the NKN PoPs will act as the Primary or active link; in case of primary link failure, the secondary NKN PoP

would become active. Both the NKN PoPs will also be connected using high capacity protected links. This would also be helpful in

making User Site level redundancies in NKN.

The end user institutions connecting to respective PoPs (Core or Distribution) will have the option to operate at speeds from 100

Mbps - 1 Gbps per connection. As far as possible, the last mile connection to the respective institute shall be on a Protected link. In

other words, link protection would be built by the NLD itself for the institute. Multiple such links from the institute, with different

bandwidths (1 Gbps or 100 Mbps) will also be possible.

While there are multiple ways by which one can achieve connectivity to various organizations/ institutes, NKN design chooses the best in terms of availability, technology, and future proofing. Interesting thing to note here however is that NKN does not stop with mere connectivity! NKN ensures that multiple choices are available to the users for running various services, because, it is the

services that are to be run on the network that makes the difference. NKN takes ownership of delivering the packets end to end as per the requirements of the applications.


Technical

Requirement

s New Added Scope of work (About NKN Implementation )

3. Implementation of NKN The Bidder/Service Provider is required to leverage the NKN connectivity to interconnect the central site with the regional centers over IPsec VPN site to site connectivity for an uninterrupted secure data flow between the central and regional sites and also ensure configuring a secure internet policy for availability of internet services for the employees/users at all the sites concerned over NKN. The bidder shall connect all the regional sites to the central site as and when NKN is made available at the respective sites as internetworking is completely under the scope of the new Service Provider.

169. 235 Section VII.

Sample

Forms

(1. BID

SUBMISSIO

N FORM

(SINGLE-

STAGE

BIDDING)

“We accept the appointment of Sh. S C Agnihotiri,

Retired Controller of Stores, Indian Railways with

expertise in Procurement, Contract Management

and Information Technology., as in the Bid Data

Sheet ] as the Adjudicator.”

“We accept the appointment of Sh. Dr. Ravi Kant Gupta , Retired Controller of Stores, Indian Railways with expertise in Procurement, Contract Management and Information Technology., as in the Bid Data Sheet ] as the Adjudicator.”

170. 267 Section VII.

Sample

Forms

(3.5.6a

Candidate

Summary

Summarize professional experience over the last

twenty years, in reverse chronological order.

Indicate particular technical and managerial

experience relevant to the project.

Summarize professional experience over the last Seven years, in reverse chronological order. Indicate particular technical and managerial experience relevant to the project.

171. 280 Appendix 2.

Adjudicator Name: [Sh. S C Agnihotiri.] Name: [Sh. Dr. Ravi Kant Gupta.]

2. The following corrigendum issued to the subject IFB may also be noted wherever applicable in the bid document.

Existing Amended to

Last Date for sale of bidding document 20.11.2012 up to 04.00 PM 19.02.2013 up to 04.00 PM

Last date and time for receipt of bids 21.11.2012 by 11.00 AM 20.02.2013 by 11.00 AM

Time & date of opening of bids 21.11.2012 at 11.30 AM 20.02.2013 at 11.30 AM

All other terms and conditions of the subject bid document will remain unchanged.

