Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
Request for Quotation – LAN and WAN Version 1.0 Page 1
REQUEST FOR QUOTATION
Security and Network Support for
Local Area Network (LAN) and
Wide Area Network (WAN)
DEADLINE: MONDAY, 20 JUNE 2016
Request for Quotation – LAN and WAN Version 1.0 Page 2
REQUEST FOR QUOTATION
Security and Network Support for LAN and WAN
1. TERMS OF REFERENCE
1.1 Background
1.1.1 SAQA is located in one building at 1067 Arcadia Street, Hatfield, Pretoria, Gauteng.
1.1.2 The ICT systems have been in place for a number of years and are considered stable –
as such we are not looking for new systems or configurations. These systems are
supported and maintained by a number of vendors.
1.1.3 The basic WAN connectivity is provided as follows:
1.1.3.1. 2x E1 lines, connecting to an Avaya G450 PABX
1.1.3.2. 1x ADSL (4Mb), connecting to a Telkom ADSL modem
1.1.3.3. 1x Fibre Optic cable (6Mb), connecting to a Cisco fibre router
1.1.3.3.1. 1Mb is provisioned for Voice (VoIP)
1.1.4 The basic LAN setup is as follows:
1.1.4.1. A centralised Server Room containing:
1.1.4.1.1. Firewall
1.1.4.1.2. Core switch (gateway)
1.1.4.1.3. 9x HP and 3com network switches
1.1.4.2. Per floor setup:
1.1.4.2.1. 8x HP and 3com PoE network switches
1.1.4.2.2. The 3com switches are 100Mb
1.1.4.2.3. The HP switches are 1Gb
1.1.4.3. Fibre links:
1.1.4.3.1. All floor switches are connected to the Server Room via fibre optic
cable.
1.1.4.4. 2x WiFi networks
Request for Quotation – LAN and WAN Version 1.0 Page 3
1.1.5 The network supports 4 VLANs:
1.1.5.1. 1x for the main network
1.1.5.2. 1x for the Voice network
1.1.5.3. 1x for the SAQA WiFi Guest network
1.1.5.4. 1x for the DMZ
1.2 Scope
1.2.1 The specifications presented here describe the current setup and constitute the extent of
the support required.
1.2.2 Firewall
1.2.2.1. This protects the LAN perimeter and must have 99.99% uptime.
1.2.2.2. The current Firewall is IPTables based, running on a CentOS7 server.
1.2.3 Proxy
1.2.3.1. There is a Squid Proxy running that allows content filtering and access control to
websites.
1.2.3.2. This proxy server allows (statistical) reporting on internet (web) usage.
1.2.4 (Public) DNS hosting
1.2.4.1. SAQA has 13 public IP addresses that require entries in a public DNS.
1.2.4.2. This will include domain registration and renewal on all SAQA's domain names.
1.2.5 HTTPS (SSL) support
1.2.5.1. Provide and support HTTPS configuration and certificate installation on Apache,
Tomcat and IIS.
1.2.6 Spam Filter
1.2.6.1. A spam filter must be maintained outside SAQA's perimeter to restrict spam
intrusions.
1.2.6.2. The email must then be forwarded from the spam filter to SAQA's onsite mail
server.
Request for Quotation – LAN and WAN Version 1.0 Page 4
1.2.6.3. Ensure SAQA email accounts are not blocked from sending email by EBL's,
while assisting SAQA clients whose email has been blocked by EBL's to which
SAQA subscribes.
1.2.7 Mail Spooling
1.2.7.1 Off-site mail spooling must be provided for up to 10 days, so that emails are not
lost during any closure period at SAQA (including the end-of-year break).
1.2.8 ADSL
1.2.8.1 Management of an ADSL service of at least 4Mb, with certain network traffic
routed over this line. Usage can be charged at a separate per Mb rate.
1.2.8.2 Bandwidth monitoring on the ADSL line:
1.2.8.2.1 Local usage
1.2.8.2.1 International usage
1.2.9 Ethernet switch management (17x)
1.2.9.1 Existing switches must be maintained and configuration changes saved.
1.2.9.2 From time to time configuration changes will be required (to individual ports or to
the switch setup).
1.2.9.3 Support and maintenance of the VLAN configurations
1.2.10 LAN Support
1.2.10.1 Networking support on Windows, Linux and AIX servers and workstations
when required
1.2.10.2 Network traffic management
1.2.11 WiFi Network and AP management
1.2.11.1 Configuration and maintenance of 4x HP WiFi APs in Autonomous mode.
1.2.11.2 Configuration and maintenance of 2x Aruba WiFi APs with a Virtual Console.
1.2.11.1 Configuration and management of 2x WiFi networks (including a Guest
Network, isolated from the SAQA network, with unrestricted internet access).
1.2.12 VPN Management
1.2.12.1. Setup and maintenance of VPN access to the SAQA network, using OpenVPN.
1.2.12.2. Monitoring of VPN user access.
Request for Quotation – LAN and WAN Version 1.0 Page 5
1.2.12.3. Troubleshooting and assistance for individual VPN users (these may be non-
SAQA staff).
1.2.13 Disaster Recovery and Continuity Support
1.2.13.1 Support recovery exercises during bi-annual off-site DR testing
1.2.13.1.1. This includes re-routing individual email addresses to off-site
servers during these tests
1.2.13.1.2. This includes re-routing individual and group email addresses to
off-site servers during real-time emergencies
1.2.14 General Network Trouble-shooting
1.2.14.1 Undertaking, or assisting with, troubleshooting of any incidents on the LAN
and local switches as they arise.
1.2.14.2 Undertaking troubleshooting of any incidents on the WAN, in collaboration with
our Fibre service provider.
1.2.14.3 Perimeter security maintenance and monitoring.
1.2.15 Minimum Hours
1.2.15.1 Time allocated for support services must not be less than 20 hours per month
and these hours will include ad-hoc services not specified, but related to this
contract.
1.3 SLA
1.3.1 An SLA will be formulated containing the specific duties and responsibilities of all parties.
1.3.2 This will include a monthly report on services rendered (as per the scope above), and is
a prerequisite for invoicing.
1.3.3 Support is required on a 24/7/365 basis.
1.3.4 Response times:
1.3.4.1 The standard response time during working hours and after hours should be 2-4
hours.
1.3.4.2 For urgent incidents the response time should be within 2 hours.
1.3.4.3 For crisis incidents (eg. loss of connectivity) the response time should be
immediate.
Request for Quotation – LAN and WAN Version 1.0 Page 6
1.4 Proposal Options
1.4.1 There should be two options provided: one for 2 years and one for 3 years
Request for Quotation – LAN and WAN Version 1.0 Page 7
2. Technical Evaluation
2.1. The Checklist below forms the first part of the technical evaluation. Every requirement
must be satisfied (every answer must be YES) in order to proceed to the next phase.
PHASE 1:
Item Yes No
Firewall
Maintain the current Firewall (IP Tables based, running on a
CentOS7 server), protecting the LAN perimeter
Maintain a 99.99% server uptime
Proxy
Maintain a Squid Proxy for content filtering and access control to
websites
Use the Proxy to provide (statistical) reporting on internet (web)
usage
Reverse proxy configuration and support to control and protect
offsite access to internal systems on the SAQA network (for
selected users)
(Public) DNS hosting
Provide a public DNS to host 13 IP addresses
Maintain the domain registration and renewal on all SAQA's
domain names (which include various TLD's such as .info,
.education, .org, .org.za, .co.za, etc)
HTTPS (SSL) support
Provide and support HTTPS configuration and certificate
installation on Apache, Tomcat and IIS
Spam Filter
A spam filter must be provided and maintained outside SAQA's
perimeter to restrict spam intrusions
The email is to be forwarded from the external spam filter to the
SAQA onsite mail server
Request for Quotation – LAN and WAN Version 1.0 Page 8
Monitor and manage various EBL's to ensure SAQA email
accounts are not blocked from sending email, while assisting
SAQA clients whose email has been blocked by EBL's to which
SAQA subscribes
Mail Spooling
Off-site mail spooling to be provided for up to 10 days, so that
emails are not lost during any closure period at SAQA (including
the annual end-of-year break).
ADSL
Management of an ADSL service of at least 4Mb. Usage can be
charged at a separate per Mb rate.
Routing of specified network traffic over this line
Bandwidth monitoring on the ADSL line: Local usage
Bandwidth monitoring on the ADSL line: International usage
Ethernet switch management
Existing switches to be maintained and configuration changes
saved
Support for configuration changes (to individual ports or to the
switch setup)
Support and maintenance of VLAN configurations
LAN Support
Networking support on Windows, Linux and AIX servers when
required
Networking support on Windows and Linux workstations when
required
Network traffic management
WiFi Network and AP management
Configuration and maintenance of 4x HP WiFi APs in
Autonomous mode
Configuration and maintenance of 2x Aruba WiFi APs with a
Request for Quotation – LAN and WAN Version 1.0 Page 9
Virtual Console
Configuration and management of 2x WiFi networks (including a
guest network, isolated from the SAQA network, with unrestricted
internet access)
VPN Management
Setup and maintenance of VPN access to the SAQA network,
using OpenVPN
Monitoring of VPN user access
Troubleshooting and assistance for individual VPN users (these
may be non-SAQA staff)
Disaster Recovery and Continuity Support
Support recovery exercises during bi-annual off-site DR testing
Re-routing individual email addresses to off-site servers during
these tests
Re-routing individual and group email addresses to off-site
servers during real-time emergencies
General Network Trouble-shooting
Undertaking, or assisting with, troubleshooting of any incidents on
the LAN and local switches, as they arise
Undertaking troubleshooting of any incidents on the WAN, in
collaboration with our Fibre service provider, as they arise
Technical Support
Support will be provided on a 24/7/365 basis
Urgent incident response time will be within 2 hours
Crisis incident response time will be immediate
Request for Quotation – LAN and WAN Version 1.0 Page 10
2.2. If the above checklist is fully satisfied, the following score sheet and criteria shall be
further applied, regarding previous experience within IT Security and Networking (LAN &
WAN):
PHASE 2:
No
Technical Criteria
Score
Points
Max
1 Provide CV’s of staff members to be involved on this project
Excellent = 25-35 Acceptable = 15-25 Unacceptable = 0-15
35
2 Provide a Project List of related work Excellent = 20-30 Acceptable = 15-20 Unacceptable = 0-15
30
3 Provide contactable References of recent or current Clients
Excellent = 25-35 Acceptable = 15-25 Unacceptable = 0-15
35
TOTAL
100
Bidders MUST score 80% for phase 2 to qualify for further evaluation
Bidders that fail to score 80% will be disqualified for being technically non-compliant
and will not be considered for the next Phase of evaluation
Request for Quotation – LAN and WAN Version 1.0 Page 11
3. CONDITIONS UNDER WHICH QUOTATIONS ARE TO BE
SUBMITTED
SAQA reserves the right to reject any quotation that, in its opinion, is not according to the
specification.
The appointment of the successful bidder will be subject to signing a Service level Agreement.
The bidder will be disqualified should any attempt be made by the service provider,
either directly or indirectly, to canvass SAQA, or any of its employees in respect of the
quotation between the date of the quotation and the date of award.
SAQA reserves the right not to accept the lowest quotation, as the quality of the proposal
and the ability to deliver the required services will play a major role when the proposals
are evaluated. Similarly SAQA is not bound to select any of the service providers bidding
for this contract
SAQA reserves the right to award only part of the contract, if it deems necessary.
3.1 SUBMISSION OF QUOTATIONS
3.1.1 Bid documents to attach
The following documents must be attached:
- Central Supplier Database Registration Form.
- Declaration of Interest (SBD4 Form)
- Preference Points Claim Form (SBD6.1 Form)
- Declaration of Bidder’s Past Supply Chain Management Practices (SBD8 Form)
- Certificate of Independent Bid Determination (SBD9 Form)
3.1.2 Quotations must be received before the deadline as indicated in the Request for
Quotation. They must include the signed standard bid documentation and all other
relevant documents required and submitted to the following address:
Request for Quotation – LAN and WAN Version 1.0 Page 12
Physical Address
South African Qualifications Authority
SAQA House Building
6th Floor
1067 Arcadia Street
Hatfield, Pretoria, 0083
All quotations must be received before 11:00
on Monday, 20 June 2016
3.2 EVALUATION CRITERIA (PHASE 3)
AWARDING OF POINTS is subject to the following:
Submission of all required documentation
100% compliance to SAQA’s Term of Reference and specification
Preference points for this quotation shall be awarded for:
(a) Price; and (b) B-BBEE Status Level of Contribution.
The maximum points for this quotation are allocated as follows:
POINTS
PRICE 80
B-BBEE STATUS LEVEL OF CONTRIBUTION 20
Total points for Price and B-BBEE 100
Request for Quotation – LAN and WAN Version 1.0 Page 13
THE 80/20 PREFERENCE POINT SYSTEMS
A maximum of 80 points is allocated for price on the following basis:
80/20
min
min180
P
PPtPs
Where
Ps = Points scored for comparative price of bid under consideration
Pt = Comparative price of bid under consideration
Pmin = Comparative price of lowest acceptable bid
Points awarded for B-BBEE Status Level of Contribution
In terms of Regulation 5 (2) and 6 (2) of the Preferential Procurement Regulations,
preference points must be awarded to a bidder for attaining the B-BBEE status level of
contribution in accordance with the table below:
B-BBEE Status Level of Contributor Number of points (80/20 system)
1 20
2 18
3 16
4 12
5 8
6 6
7 4
8 2
Non-compliant contributor 0
Request for Quotation – LAN and WAN Version 1.0 Page 14
Bidders who qualify as EMEs in terms of the B-BBEE Act must submit a certificate
issued by an Accounting Officer as contemplated in the CCA or a Verification Agency
accredited by SANAS or a Registered Auditor. Registered auditors do not need to meet
the prerequisite for IRBA’s approval for the purpose of conducting verification and
issuing EMEs with B-BBEE Status Level Certificates.
Bidders other than EMEs must submit their original and valid B-BBEE status level
verification certificate or a certified copy thereof, substantiating their B-BBEE rating
issued by a Registered Auditor approved by IRBA or a Verification Agency accredited by
SANAS.
A trust, consortium or joint venture, will qualify for points for their B-BBEE status level as
a legal entity, provided that the entity submits their B-BBEE status level certificate.
A trust, consortium or joint venture will qualify for points for their B-BBEE status level as
an unincorporated entity, provided that the entity submits their consolidated B-BBEE
scorecard as if they were a group structure and that such a consolidated B-BBEE
scorecard is prepared for every separate bid.
Tertiary institutions and public entities will be required to submit their B-BBEE status
level certificates in terms of the specialized scorecard contained in the B-BBEE Codes of
Good Practice.
A person will not be awarded points for B-BBEE status level if it is indicated in the bid
documents that such a bidder intends sub-contracting more than 25% of the value of the
contract to any other enterprise that does not qualify for at least the points that such a
bidder qualifies for, unless the intended sub-contractor is an EME that has the capability
and ability to execute the sub-contract.
SBD 3.3
PRICING SCHEDULE (Services)
NAME OF BIDDER: ………………………………………………………………………………………………
CLOSING TIME 11:00 CLOSING DATE: 13 JUNE 2016
OFFER TO BE VALID FOR 90 DAYS FROM THE CLOSING DATE OF BID.
ITEM DESCRIPTION BID PRICE IN RSA CURRENCY NO **(ALL APPLICABLE TAXES INCLUDED)
1. The accompanying information must be used for the formulationof proposals.
2. NB: PLEASE REFER TO THE TERMS OF REFERENCE
Please ensure that a firm price is quoted inclusive of all the tender requirements
Bidders are required to indicate a ceiling price based on the total estimated time for completion of all phases and including all expenses inclusive of all applicable taxes for the project. YEAR 1: R……………………………………………...
YEAR 2: R……………………………………………...
TOTAL ………………………………………………………………
3. Period required for commencement with project afteracceptance of bid ……………………………………………………………….
4. Are the rates quoted firm for the full period of contract? *YES/NO
7. If not firm for the full period, provide details of the basis on whichadjustments will be applied for, for example consumer price index. ……………………………………………………………….
……………………………………………………………….
……………………………………………………………….
……………………………………………………………….
*[DELETE IF NOT APPLICABLE]