Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
REQUEST FOR PROPOSAL
FOR
ENGAGEMENT OF NETWORK INTEGRATOR (NI)
AND
SETTING UP OF NEXT GEN NETWORK OPERATIONS CENTRES (NOCS)
REF: SBI/GITC/NW&C/20-21/706 DATED 18.08.2020
DEPUTY GENERAL MANAGER,
NETWORKING & COMMUNICATION DEPARTMENT,
GLOBAL IT CENTRE, GITC,
SECTOR -11, CBD BELAPUR,
NAVI MUMBAI – 400614
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 2 of 329 Confidential & Proprietary
Schedule of Events
Sl
No
Particulars Remarks
1 Contact details of issuing
department
(Name, Designation, Email address
for sending any kind of
correspondence regarding this
RFP)
Deputy General Manager,
Networking & Communication Dept.,
State Bank Global IT Centre,
First Floor, D Wing, Sector 11,
CBD Belapur, Navi Mumbai-400614
2 Bid Document Availability
including changes/amendments, if
any to be issued
RFP may be downloaded from Bank’s
website https://www.sbi.co.in procurement
news from 18.08.2020.
3 Last date for requesting
clarification
Up to 6.00 pm on 02.09.2020
All communications regarding
points/queries requiring clarifications shall
be provided in the format specified in the
RFP through e-mail.
4 Pre-bid meeting at
From 3.00 pm to 6.00 pm on 07.09.2020 at
GITC Belapur or through VC depending
upon the COVID-19 Lockdown position at
the discretion of the Bank.
5 Clarifications to queries raised at
the pre-bid meeting will be
provided by the Bank.
On 15.09.2020
6 Last date and time for Bid
submission
Up to 3.00 PM on 30.09.2020
7 Address for submission of Bids Deputy General Manager,
Networking & Communication Dept. State
Bank Global IT Centre,
First Floor, D Wing, Sector 11,
CBD Belapur, Navi Mumbai-400614
8 Date and Time of Opening of
Technical Bids
30.09.2020 at 4:00 PM
9 Opening of Indicative Price Bids Indicative price bid of technically qualified
bidders only will be opened on a subsequent
date (will be advised later)
10 Reverse Auction On a subsequent date (will be advised later)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 3 of 329 Confidential & Proprietary
11 Tender Fee Rs.25,000/-
The amount should be deposited in
A/c No. 37608352111,
IFSC - SBIN0011343
Account Name: Sys. Sus. Br. Parking
Account
The tender fee will be non-refundable.
12 Earnest Money Deposit
Rs.2 Crore
The amount should be deposited in
A/c No. 37608352111,
IFSC - SBIN0011343
Account Name: Sys. Sus. Br. Parking
Account
Or
EMD should be in the form of a Bank
guarantee. EMD shall be valid up to 180
days from the bid submission date.
Bidder should deposit EMD and Tender
Fee separately.
13 Bank Guarantee 10% of the
total value
of the
Contract
Performance Security in the
form of BG should be valid
for 5 year(s) and three
months from the effective
date of the Contract.
14 Contact details of the agency
appointed for e-procurement
M/s E-Procurement Technologies Ltd,
Ahmedabad
Website: https://etender.sbi/SBI/
Contact details:
Shri Imtiyaz Tajani- Mob: 7968136831
Email: [email protected]
Shri Nisarg Thakkar-Mob: 7968136822
Email: [email protected]
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 4 of 329 Confidential & Proprietary
Part-I
S.N. INDEX
1 INVITATION TO BID
2 DISCLAIMER
3 DEFINITIONS
4 SCOPE OF WORK
5 ELIGIBILITY AND TECHNICAL CRITERIA
6 COST OF BID DOCUMENT
7 CLARIFICATIONS AND AMENDMENTS ON RFP/PRE-BID MEETING
8 CONTENTS OF BID DOCUMENTS
9 EARNEST MONEY DEPOSIT (EMD)
10 BID PREPARATION AND SUBMISSION
11 DEADLINE FOR ONLINE SUBMISSION OF BIDS
12 MODIFICATION AND WITHDRAWAL OF BIDS
13 PERIOD OF BID VALIDITY AND VALIDITY OF PRICE QUOTED IN
REVERSE AUCTION (RA)
14 BID INTEGRITY
15 BIDDING PROCESS OF TECHNICAL BIDS
16 TECHNICAL EVALUATION
17 EVALUATION OF INDICATIVE PRICE BIDS AND FINALIZATION
18 CONTACTING THE BANK
19 AWARD CRITERIA AND AWARD OF CONTRACT
20 POWERS TO VARY OR OMIT WORK
21 WAIVER OF RIGHTS
22 CHANGE IN ORDERS
23 CONTRACT AMENDMENT
24 BANK’S RIGHT TO ACCEPT ANY BID AND TO REJECT ANY OR ALL
BIDS
25 BANK GUARANTEE
26 COUNTRY OF ORIGIN/ELIGIBILITY OF PRODUCTS & SERVICES
27 DELIVERY, INSTALLATION AND COMMISSIONING
28 SYSTEM INTEGRATION TESTING AND USER ACCEPTANCE
TESTING
29 SERVICES (HARDWARE)
30 SERVICES (OTHER THAN HARDWARE)
31 WARRANTY AND ANNUAL MAINTENANCE CONTRACT FOR
HARDWARE
32 WARRANTY AND ANNUAL MAINTENANCE CONTRACT (OTHER
THAN HARDWARE)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 5 of 329 Confidential & Proprietary
33 PENALTIES
34 RIGHT TO VERIFICATION
35 INSPECTION AND TESTING FOR HARDWARE
36 INSPECTION AND TESTING (OTHER THAN HARDWARE)
37 RIGHT TO AUDIT
38 SUB-CONTRACTING
39 INSURANCE
40 VALIDITY OF AGREEMENT
41 LIMITATION OF LIABILITY
42 CONFIDENTIALITY
43 DELAY IN SERVICE PROVIDER’S PERFORMANCE
44 SERVICE PROVIDER’S OBLIGATIONS
45 TECHNICAL DOCUMENTATION (FOR HARDWARE)
46 TECHNICAL DOCUMENTATION (OTHER THAN HARDWARE)
47 INTELLECTUAL PROPERTY RIGHTS AND OWNERSHIP
48 LIQUIDATED DAMAGES
49 CONFLICT OF INTEREST
50 CODE OF INTEGRITY AND DEBARMENT/BANNING
51 TERMINATION FOR DEFAULT
52 FORCE MAJEURE
53 TERMINATION FOR INSOLVENCY
54 TERMINATION FOR CONVENIENCE
55 DISPUTES/ARBITRATION (APPLICABLE IN CASE OF SUCCESSFUL
BIDDER ONLY)
56 GOVERNING LANGUAGES
57 APPLICABLE LAW
58 TAXES AND DUTIES
59 TAX DEDUCTION AT SOURCES
60 TENDER FEE
61 EXEMPTION OF EMD AND TENDER FEE
62 NOTICES
Part-II
APPENDIX INDEX
A BID FORM
B BIDDER’S ELIGIBILITY CRITERIA
C TECHNICAL & FUNCTIONAL SPECIFICATIONS
D BIDDER DETAILS
E SCOPE OF WORK AND PAYMENT SCHEDULE
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 6 of 329 Confidential & Proprietary
F INDICATIVE PRICE BID
G CERTIFICATE OF LOCAL CONTENT
H BANK GUARANTEE FORMAT
I PROFORMA OF CERTIFICATE TO BE ISSUED BY THE BANK
AFTER SUCCESSFUL COMMISSIONING AND ACCEPTANCE OF
THE SERVICES AND SOLUTIONS (HARDWARE & SOFTWARE)
J PENALTIES
K SERVICE LEVEL AGREEMENT
L NON-DISCLOSURE AGREEMENT
M PRE-BID QUERY FORMAT
N FORMAT FOR SUBMISSION OF CLIENT REFERENCES
O PRE-CONTRACT INTEGRITY PACT
P FORMAT FOR EMD BANK GUARANTEE
Q MINIMUM RESOURCE REQUIREMENTS
R UNDERTAKING OF AUTHENTICITY
S MANUFACTURERS' AUTHORIZATION FORM
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 7 of 329 Confidential & Proprietary
1. INVITATION TO BID:
i. State Bank of India (hereinafter referred to as ‘SBI/the Bank’), having its
Corporate Centre at Mumbai, various other offices (LHOs, Administrative Offices,
Regional Business Offices (RBOs), Global IT Centre, Foreign Offices (FOs),
Branches, etc.) of State Bank of India, Subsidiaries and Joint Ventures available at
various locations and managed by the Bank (collectively referred to as State Bank
Group or ‘SBG’ hereinafter). This Request for Proposal (RFP) has been issued by
the Bank on behalf of SBG for the Engagement of Network Integrator and
setting up of Next Gen Network Operations Centers (NOCs).
ii. To meet the Services and Solutions (hardware & software) requirements, the Bank
proposes to invite online Bids from eligible Bidders as per details/scope of work
mentioned in Appendix-E of this RFP document.
iii. Bidder shall mean any entity (i.e. juristic person) who meets the eligibility criteria
given in Appendix-B of this RFP and willing to provide the Solutions and Services
as required in this RFP. The interested Bidders who agree to all the terms and
conditions contained in this RFP may submit their Bids with the information desired
in this RFP. Consortium bidding is not permitted under this RFP.
iv. Address for submission of online Bids, contact details including email addresses for
sending communications are given in Schedule of Events of this RFP.
v. The purpose of SBI behind this RFP is to seek a detailed technical and commercial
proposal for the procurement of the Solutions and Services as desired in this RFP.
The proposed Solutions and Services must integrate with the Bank’s existing
infrastructure seamlessly.
vi. This RFP document shall not be transferred, reproduced, or otherwise used for a
purpose other than for which it is specifically issued.
vii. Interested Bidders are advised to go through the entire RFP before submission of
online Bids to avoid any chance of elimination. The eligible Bidders desirous of
taking up the project for supply of proposed Services and Solutions (hardware &
software) for SBI are invited to submit their technical and commercial proposal in
response to this RFP. The criteria and the actual process of evaluation of the
responses to this RFP and subsequent selection of the successful Bidder will be
entirely at Bank’s discretion. This RFP seeks proposals from Bidders who have the
necessary experience, capability & expertise to provide SBI the proposed Services
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 8 of 329 Confidential & Proprietary
and Solutions (hardware & software) adhering to Bank’s requirements outlined in
this RFP.
2. DISCLAIMER:
i. The information contained in this RFP or information provided subsequently to
Bidder(s) whether verbally or in documentary form/email by or on behalf of SBI, is
subject to the terms and conditions set out in this RFP.
ii. This RFP is not an offer by the State Bank of India, but an invitation to receive
responses from the eligible Bidders.
iii. The purpose of this RFP is to provide the Bidder(s) with information to assist the
preparation of their Bid proposals. This RFP does not claim to contain all the
information each Bidder may require. Each Bidder should conduct its own
investigations and analysis and should check the accuracy, reliability and
completeness of the information contained in this RFP and where necessary obtain
independent advice/clarifications. Bank may in its absolute discretion, but without
being under any obligation to do so, update, amend, or supplement the information
in this RFP.
iv. The Bank, its employees, and advisors make no representation or warranty and shall
have no liability to any person, including any Bidder under any law, statute, rules
or regulations or tort, principles of restitution or unjust enrichment or otherwise for
any loss, damages, cost or expense which may arise from or be incurred or suffered
on account of anything contained in this RFP or otherwise, including the accuracy,
adequacy, correctness, completeness or reliability of the RFP and any assessment,
assumption, statement or information contained therein or deemed to form or
arising in any way for participation in this bidding process.
v. The Bank also accepts no liability of any nature whether resulting from negligence
or otherwise, howsoever caused arising from a reliance of any Bidder upon the
statements contained in this RFP.
vi. The Bidder is expected to examine all instructions, forms, terms and specifications
in this RFP. Failure to furnish all information required under this RFP or to submit
a Bid not substantially responsive to this RFP in all respect will be at the Bidder’s
risk and may result in rejection of the Bid.
vii. The issue of this RFP does not imply that the Bank is bound to select a Bidder or to
award the contract to the Selected Bidder, as the case may be, for the Project and
the Bank reserves the right to reject all or any of the Bids or Bidders without
assigning any reason whatsoever before issuance of a purchase order and/or its
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 9 of 329 Confidential & Proprietary
acceptance thereof by the successful Bidder as defined in Award Criteria and Award
of Contract in this RFP.
3. DEFINITIONS:
In this connection, the following terms shall be interpreted as indicated below:
i. “The Bank” ‘means the State Bank of India (including domestic branches and
foreign offices), Subsidiaries and Joint Ventures, where the Bank has ownership of
more than 50% of voting securities or the power to direct the management and
policies of such Subsidiaries and Joint Ventures.
ii. “Networking & Communication department or NW&C” is presently the owner
of this RFP, in future if the department splits/change in name etc. the scope of the
selected NI shall remain same
iii. “Bidder/Channel Partner” means an eligible entity/firm submitting the Bid in
response to this RFP.
iv. “Bid” means the written reply or online submission of the response to this RFP.
v. “Network” means the Bank’s network spread across the globe (i.e. branches and
offices in India and abroad).
vi. “Management” means the five functional areas as defined by ISO, i.e. Fault,
Configuration, Administration, Performance, and Security Management (FCAPS).
vii. “Solution” means application along with the associated hardware and software
infrastructure to achieve the common goal.
viii. “Network Integrator (NI)” means bidder who shall be providing Network
Integration services and solution management services.
ix. “The Contract” means the agreement entered into between the Bank and Service
Provider, as recorded in the Contract Form signed by the parties, including all
attachments and appendices thereto and all documents incorporated by reference
therein.
x. “Total Contract Price/Project Cost/TCO” means the price payable to Service
Provider over the entire period of Contract for the full and proper performance of
its contractual obligations.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 10 of 329 Confidential & Proprietary
xi. “Vendor/Service Provider” is the successful Bidder found eligible as per
eligibility criteria set out in this RFP, whose technical Bid has been accepted and
who has emerged as L1 (lowest in the reverse auction) Bidder as per the selection
criteria set out in the RFP and to whom a notification of award has been given by
the Bank.
xii. “The Equipment/Product” means all the hardware, it’s all components, associated
software/firmware/operating software which the Vendor is required to supply to the
Bank under the Contract.
xiii. “Solutions/ Services / System” means all Software products and its associated
hardware infrastructure, services, the scope of work and deliverables to be provided
by a Bidder as described in the RFP and include services ancillary to the
development of the solution, such as installation, commissioning, integration with
existing systems, provision of technical assistance, training, certifications, auditing
and other obligation of Service Provider covered under the RFP.
xiv. Annual Maintenance Contract (AMC) - It would be the annual cost of
maintenance/upkeep/updation of Product, Solutions and Service.
xv. “Site(s)” means Branches/Offices, Data Centres (DC), Offshore Development
Centre (ODC), War site, or any other location decided by the Bank (depending on
the context where the term “site” has been referred to).
xvi. “Device” means all the devices physical/virtual managed under Networking &
Communication department.
4. SCOPE OF WORK:
As given in Appendix-E of this document.
The Bank may, at its sole discretion, provide remote access to its Information
Technology (IT) system to IT Service Provider through a secured Virtual Private
Network (VPN) in order to facilitate the performance of IT Services. Such remote
access to the Bank’s information technology system shall be subject to the
following:
i. Service Provider shall ensure that the remote access to the Bank’s VPN is
performed through a laptop/desktop (“Device”) specially allotted for that
purpose by the Service Provider and not through any other private or public
Device.
ii. Service Provider shall ensure that only its authorized
employees/representatives access the Device.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 11 of 329 Confidential & Proprietary
iii. Service Provider shall be required to get the Device hardened/configured as
per the Bank’s prevailing standards and policy.
iv. Service Provider and/or its employee/representative shall be required to
furnish an undertaking and/or information security declaration on the
Bank’s prescribed format before such remote access is provided by the
Bank.
v. Service Provider shall ensure that services are performed in a physically
protected and secure environment which ensures confidentiality and
integrity of the Bank’s data and artefacts, including but not limited to
information (on customer, account, transactions, users, usage, staff, etc.),
architecture (information, data, network, application, security, etc.),
programming codes, access configurations, parameter settings, executable
files, etc., which the Bank representative may inspect. Service Provider shall
facilitate and/ or handover the Device to the Bank or its authorized
representative for investigation and/or forensic audit.
vi. Service Provider shall be responsible for protecting its network and
subnetworks, from which remote access to the Bank’s network is performed,
effectively against unauthorized access, malware, malicious code and other
threats in order to ensure the Bank’s Information Technology system is not
compromised in the course of using remote access facility.
5. ELIGIBILITY AND TECHNICAL CRITERIA:
i. Bid is open to all Bidders who meet the eligibility and technical criteria as given in
Appendix-B & Appendix-C of this document. The Bidder has to submit the
documents substantiating eligibility criteria as mentioned in this RFP document.
(a) If any Bidder submits Bid on behalf of Principal/OEM, the same Bidder shall
not submit a Bid on behalf of another Principal/OEM under the RFP. Bid
submitted with option of multiple OEMs shall also be considered bid submitted
on behalf of multiple OEM.
(b) Either the Bidder on behalf of Principal/OEM or Principal/OEM itself is
allowed to Bid, however both cannot Bid simultaneously.
ii. The Bidder shall also submit PRE-CONTRACT INTEGRITY PACT along with
technical Bid as prescribed in Appendix-O duly signed by the Bidder on each page
and witnessed by two persons. The Pre-Contract Integrity Pact shall be stamped
as applicable in the State where it is executed. Bid submitted without Pre-Contract
Integrity Pact, as per the format provided in the RFP, shall not be considered.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 12 of 329 Confidential & Proprietary
6. COST OF BID DOCUMENT:
The participating Bidders shall bear all the costs associated with or relating to the
preparation and submission of their Bids including but not limited to preparation,
copying, postage, delivery fees, expenses associated with any demonstration or
presentations which may be required by the Bank or any other costs incurred in
connection with or relating to their Bid. The Bank shall not be liable in any manner
whatsoever for the same or for any other costs or other expenses incurred by a
Bidder regardless of the conduct or outcome of the bidding process.
7. CLARIFICATION AND AMENDMENTS ON RFP/PRE-BID MEETING:
i. Bidder requiring any clarification on RFP may notify the Bank in writing strictly as
per the format given in Appendix-M by e-mail within the date/time mentioned in
the Schedule of Events.
ii. A pre-Bid meeting will be held in person or online on the date and time specified
in the Schedule of Events which may be attended by the authorized representative
of the Bidders interested to respond to this RFP, through Microsoft Teams or any
other online mode.
iii. The queries received (without identifying source of query) and response of the Bank
thereof will be posted on the Bank’s website or conveyed to the Bidders.
iv. The Bank reserves the right to amend, rescind, or reissue the RFP, at any time prior
to the deadline for submission of Bids. The Bank, for any reason, whether, on its
own initiative or in response to a clarification requested by a prospective Bidder,
may modify the RFP, by an amendment which will be made available to the Bidders
by way of corrigendum/addendum. The interested parties/Bidders are advised to
check the Bank’s website regularly till the date of submission of Bid document
specified in the Schedule of Events/email and ensure that clarifications/amendments
issued by the Bank, if any, have been taken into consideration before submitting the
Bid. Such amendments/clarifications, if any, issued by the Bank will be binding on
the participating Bidders. Bank will not take any responsibility for any such
omissions by the Bidder. The Bank, at its own discretion, may extend the deadline
for submission of Bids in order to allow prospective Bidders a reasonable time to
prepare the Bid, for taking the amendment into account. Nothing in this RFP or any
addenda/corrigenda or clarifications issued in connection thereto is intended to
relieve Bidders from forming their own opinions and conclusions in respect of the
matters addressed in this RFP or any addenda/corrigenda or clarifications issued in
connection thereto.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 13 of 329 Confidential & Proprietary
v. No request for a change in commercial/legal terms and conditions, other than what
has been mentioned in this RFP or any addenda/corrigenda or clarifications issued
in connection thereto, will be entertained and queries in this regard, therefore will
not be entertained.
vi. Queries received after the scheduled date and time will not be responded/acted
upon.
8. CONTENTS OF BID DOCUMENT:
i. The Bidder must thoroughly study/analyze and properly understand the contents of
this RFP, its meaning and impact of the information contained therein.
ii. Failure to furnish all information required in this RFP or submission of Bid not
responsive to this RFP in any respect will be at the Bidder’s risk and responsibility
and the same may finally result in rejection of its Bid. The Bank has made
considerable effort to ensure that accurate information is contained in this RFP and
is supplied solely as guidelines for Bidders.
iii. The Bid prepared by the Bidder, as well as all correspondence and documents
relating to the Bid exchanged by the Bidder and the Bank and supporting documents
and literature shall be submitted in English.
iv. The information provided by the Bidders in response to this RFP will become the
property of the Bank and will not be returned. Incomplete information in the Bid
document may lead to a non-consideration of the proposal.
9. EARNEST MONEY DEPOSIT (EMD):
i. The Bidder shall furnish EMD for the amount and validity period mentioned in
Schedule of Events of this RFP.
ii. EMD is required to protect the Bank against the risk of Bidder’s conduct. The EMD
should be directly credited to the designated account or it should be in form of Bank
Guarantee (as prescribed in Appendix-P) issued in favour of State Bank of India
by any Scheduled Commercial Bank in India. In case, SBI is the sole Banker of the
Bidder, a Letter of Comfort from SBI would be acceptable. If EMD is directly
credited to designated account, proof of remittance of EMD in the designated
account should be enclosed with the technical bid. However, if EMD is in form of
Bank Guarantee, scanned copy of original EMD Bank Guarantee should be
uploaded on portal of e-Procurement agency along with technical bid. Original
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 14 of 329 Confidential & Proprietary
EMD Bank Guarantee should be posted/couriered/given in person to the Bank at
the address specified in Schedule of Event Sl. No. 1, within the bid submission date
and time for the RFP.
iii. Any Bid not accompanied by EMD for the specified amount and not submitted to
the Bank as mentioned in this RFP will be rejected as non-responsive.
iv. The EMD of the unsuccessful Bidder(s) would be refunded/returned by the Bank
within 2 weeks of the Bidder being notified as being unsuccessful.
v. The EMD of successful Bidder will be discharged upon the Bidder signing the
Contract and furnishing the Bank Guarantee for the amount and validity as
mentioned in this RFP, which should be strictly on the lines of format placed at
Appendix-H.
vi. No interest is payable on EMD.
vii. The EMD may be forfeited:-
(a) if a Bidder withdraws his Bid during the period of Bid validity specified in this
RFP; or
(b) if a technically qualified Bidder does not participate in the auction by not
logging in, in the reverse auction tool; or
(c) if a Bidder makes any statement or encloses any form which turns out to be
false/incorrect at any time prior to the signing of Contract; or
(d) if the successful Bidder fails to accept Purchase Order and/or sign the Contract
with the Bank or furnish Bank Guarantee, within the specified time period in
the RFP.
viii. If EMD is forfeited for any reasons mentioned above, the concerned Bidder may be
debarred from participating in the RFPs floated by the Bank/this department, in the
future, as per sole discretion of the Bank.
10. BID PREPARATION AND SUBMISSION:
i. Online submission of Bids: The Bid is to be submitted separately for technical and
Indicative price through e-tendering. TECHNICAL PROPOSAL FOR
ENGAGEMENT OF NETWORK INTEGRATOR (NI) & SETTING UP OF
NEXT GEN NETWORK OPERATIONS CENTRES (NOC) Ref:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 15 of 329 Confidential & Proprietary
SBI/GITC/NW&C/20-21/706 Dated 18.08.2020 is to be uploaded in the e-
Tendering application of M/s E-Procurement Technologies Ltd.
(a) Index of all the documents, letters, bid forms, etc. submitted in response to RFP
along with page numbers.
(b) Bid covering letter/Bid form on the lines of Appendix-A on Bidder’s letterhead.
Proof of remittance of EMD (if directly credited in designated account) and
Tender Fee as specified in this document. In case, EMD is submitted in the form
of BG, scanned copy of original BG should be uploaded subject to compliance
of requirement mentioned in clause no 11(ii).
(c) Proof of remittance of EMD (if directly credited in designated account) and
Tender Fee as specified in this document. In case, EMD is submitted in the form
of BG, the original BG should be enclosed.
(d) Specific response with supporting documents in respect of Eligibility Criteria
as mentioned in Appendix-B and technical eligibility criteria on the lines of
Appendix-C.
(e) Bidder’s details as per Appendix-D on Bidder’s letterhead.
(f) Bidder should provide licensing details of Software / Database / Middleware /
Operating System / Third-Party Software etc.
(g) Audited financial statement and profit and loss account statement as mentioned
in Part-II.
(h) A copy of board resolution along with a copy of Power of Attorney (POA
wherever applicable) showing that the signatory has been duly authorized to
sign the Bid document.
(i) A detailed explanation of the functioning of Solutions.
(j) Undertaking of Authenticity as per Appendix-R.
(k) Format for Manufacturer’s Authorization Form as per Appendix-S.
Note: A copy of board resolution along with a copy of Power of Attorney (POA
wherever applicable) showing that the signatory has been duly authorized to sign
the Bid document. In addition to the uploading of board resolution along with a
copy of POA (wherever applicable) in e-tender application, a duly signed POA on
stamp paper shall be submitted to the Bank immediately once the lockdown period
declared due to Covid-19 is lifted.
ii. Online submission of Bids: The Bid is to be submitted separately for technical and
Indicative price through e-tendering INDICATIVE PRICE BID FOR
ENGAGEMENT OF NETWORK INTEGRATOR (NI) & SETTING UP OF
NEXT GEN NETWORK OPERATIONS CENTRES (NOC) Ref:
SBI/GITC/NW&C/20-21/706 Dated 18.08.2020 is to be uploaded in the e-
Tendering application of M/s E-Procurement Technologies Ltd.
iii. Bidders may please note:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 16 of 329 Confidential & Proprietary
(a) The Bidder should quote for the entire package on a single responsibility basis
for Services and Solutions (hardware & software) it proposes to supply.
(b) While submitting the Technical Bid, the literature on the Services and Solutions
(hardware & software) should be segregated and kept together in one section.
(c) Care should be taken that the Technical Bid shall not contain any price
information. Such a proposal, if received, will be rejected.
(d) Bids are liable to be rejected if only one Bid (i.e. Technical Bid or Indicative
Price Bid) is received.
(e) If deemed necessary the Bank may seek clarifications on any aspect from the
Bidder. However, that would not entitle the Bidder to change or cause any
change in the substances of the Bid already submitted or the price quoted.
(f) The Bidder may also be asked to give a presentation for the purpose of
clarification of the Bid post submission.
(g) The Bidder must provide specific and factual replies to the points raised in the
RFP.
(h) Any inter-lineation, erasures or overwriting shall be valid only if they are
initialed by the person signing the Bids.
(i) The Bank reserves the right to reject Bids not conforming to above.
(j) Digitally signed Technical Bid, the literature on the hardware and its associated
operating Software should be uploaded in the e-Tendering application of M/s
E-Procurement Technologies Ltd.
(k) The Bid document shall be complete in accordance with various clauses of the
RFP document or any addenda/corrigenda or clarifications issued in connection
thereto, and digitally signed by the authorized representative of the Bidder
Board resolution authorizing the representative to Bid and make commitments
on behalf of the Bidder is to be uploaded in the e-Tendering application of M/s
E-Procurement Technologies Ltd.
(l) The Bid shall be printed, typed or written in indelible ink and shall be digitally
signed by the Bidder or a person or persons duly authorized to bind the Bidder
to the Contract and uploaded in the e-Tendering application of M/s E-
Procurement Technologies Ltd.
(m) All the digitally signed enclosures (Bid submission) shall have a serially
numbered file naming system according to the index and uploaded in the e-
Tendering application of M/s E-Procurement Technologies Ltd in respective
attachment tabs.
11. DEADLINE FOR ONLINE SUBMISSION OF BIDS:
i. Bids must be submitted online on portal of e-Procurement agency by the date and
time mentioned in the “Schedule of Events”.
ii. Wherever applicable, the Bidder shall submit the original EMD Bank Guarantee
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 17 of 329 Confidential & Proprietary
and Pre- Contract Integrity Pact together with their respective enclosures and seal
it in an envelope and mark the envelope as “Technical Bid”. The said envelope shall
clearly bear the name of the project and name and address of the Bidder. In addition,
the last date for bid submission should be indicated on the right and corner of the
envelope. The original documents should be submitted within the bid submission
date and time for the RFP at the address mentioned in Sl No 1 of Schedule of Events.
iii. In the event of the specified date for submission of Bids being declared a holiday
for the Bank, the Bids will be received up to the appointed time on the next working
day.
iv. In case the Bank extends the scheduled date of submission of Bid document, the
Bids shall be submitted by the time and date rescheduled. All rights and obligations
of the Bank and Bidders will remain the same.
v. Any Bid received after the deadline will not be accepted.
12. MODIFICATION AND WITHDRAWAL OF BIDS:
i. The Bidder may modify or withdraw its Bid after the Bid’s submission, provided
that written notice of the modification, including substitution or withdrawal of the
Bids, is received by the Bank, prior to the deadline prescribed for submission of
Bids.
ii. A withdrawal notice may also be sent by the authorised representatives of the
company through email, but followed by a signed confirmation copy, not later than
the deadline for submission of Bids.
iii. No modification in the Bid shall be allowed, after the deadline for submission of
Bids.
iv. No Bid shall be withdrawn in the interval between the deadline for submission of
Bids and the expiration of the period of Bid validity specified in this RFP.
Withdrawal of a Bid during this interval may result in the forfeiture of EMD
submitted by the Bidder.
v. Withdrawn Bids, if any, will be returned unopened to the Bidders.
13. PERIOD OF BID VALIDITY AND VALIDITY OF PRICE QUOTED IN
REVERSE AUCTION (RA):
i. The bid shall remain valid for a duration of 6 calendar months from Bid submission
date.
ii. Price quoted by the Bidder in Reverse auction shall remain valid for 6 calendar
months from the date of the conclusion of RA.
iii. In exceptional circumstances, the Bank may solicit the Bidders’ consent to an
extension of the period of validity. The request and the responses thereto shall be
made in writing. A Bidder is free to refuse the request. However, in such a case, the
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 18 of 329 Confidential & Proprietary
Bank will not forfeit its EMD. However, any extension of the validity of Bids or
price will not entitle the Bidder to revise/modify the Bid document.
iv. Once Purchase Order or Letter of Intent is issued by the Bank, the said price will
remain fixed for the entire Contract period and shall not be subjected to a variation
on any account, including exchange rate fluctuations and custom duty. A Bid
submitted with an adjustable price quotation will be treated as non-responsive and
will be rejected.
14. BID INTEGRITY:
Wilful misrepresentation of any fact within the Bid will lead to the cancellation of
the contract without prejudice to other actions that the Bank may take. All the
submissions, including any accompanying documents, will become the property of
the Bank. The Bidders shall be deemed to license and grant all rights to the Bank,
to reproduce the whole or any portion of their Bid document for the purpose of
evaluation and to disclose the contents of submission for regulatory and legal
requirements.
15. BIDDING PROCESS OF TECHNICAL BIDS:
i. All the technical Bids received up to the specified time and date will be opened for
initial evaluation on the time and date mentioned in the Schedule of Events of this
document. The technical Bids will be opened online in the presence of
representatives of the Bidders who choose to attend the same on portal of e-
Procurement agency. However, Bids may be opened even in the absence of
representatives of one or more of the Bidders.
ii. In the first stage, only technical Bid will be opened and evaluated. Bids of such
Bidders satisfying eligibility criteria and agree to comply with all the terms and
conditions specified in the RFP will be evaluated for technical
criteria/specifications/eligibility. Only those Bids complied with technical criteria
shall become eligible for indicative price Bid opening and further RFP evaluation
process.
iii. The Bank will examine the Bids to determine whether they are complete, required
formats have been furnished, the documents have been properly signed, EMD and
Tender Fee for the desired amount and validity period is available and the Bids are
generally in order. The Bank may, at its discretion waive any minor non-conformity
or irregularity in a Bid that does not constitute a material deviation.
iv. Prior to the detailed evaluation, the Bank will determine the responsiveness of each
Bid to the RFP. For purposes of these Clauses, a responsive Bid is one, which
conforms to all the terms and conditions of the RFP in toto, without any deviation.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 19 of 329 Confidential & Proprietary
v. The Bank’s determination of a Bid’s responsiveness will be based on the contents
of the Bid itself, without recourse to extrinsic evidence.
vi. After the opening of the technical Bids and preliminary evaluation, some or all the
Bidders may be asked to make presentations on the Solutions/Services proposed to
be offered by them.
vii. If a Bid is not responsive, it will be rejected by the Bank and will not subsequently
be made responsive by the Bidder by correction of the non-conformity.
16. TECHNICAL EVALUATION:
i. Technical evaluation will include technical information submitted as per technical
Bid format, demonstration of proposed Solutions/services, reference calls and site
visits, wherever required. The Bidder may highlight the noteworthy/superior
features of their Services and Solutions (hardware & software). The Bidder will
demonstrate/substantiate all claims made in the technical Bid along with supporting
documents to the Bank, the capability of the Services and Solutions (hardware &
software) to support all the required functionalities at their cost in their lab or those
at other organizations where similar Services and Solutions (hardware & software)
is in use.
ii. During evaluation and comparison of Bids, the Bank may, at its discretion ask the
Bidders for clarification on the Bids received. The request for clarification shall be
in writing and no change in prices or substance of the Bid shall be sought, offered
or permitted. No clarification at the initiative of the Bidder shall be entertained after
bid submission date.
17. EVALUATION OF INDICATIVE PRICE BIDS AND FINALIZATION:
i. The folder containing the indicative price Bid(s) of only those Bidders, who are
short-listed after technical evaluation, would be opened.
ii. All the Bidders who qualify in the evaluation process shall have to participate in the
online reverse auction to be conducted by Bank’s authorized M/s E-Procurement
Technologies Ltd.
iii. Shortlisted Bidders who shall be willing to participate in the reverse auction process
must have a valid digital signature certificate. Such Bidders will be trained by M/s
E-Procurement Technologies Ltd for this purpose. Bidders shall also be willing to
abide by the e-business rules for reverse auction framed by M/s E-Procurement
Technologies Ltd. The details of e-business rules, processes and procedures will be
provided to the short-listed Bidders.
iv. The Bidder will be selected as L1 on the basis of net total of the price evaluation as
quoted in the Reverse Auction.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 20 of 329 Confidential & Proprietary
v. The successful Bidder is required to provide price confirmation and price breakup
strictly on the lines of Appendix-F within 48 hours of the conclusion of the Reverse
Auction, failing which Bank may take appropriate action.
vi. Errors, if any, in the price breakup format will be rectified as under:
(a) If there is a discrepancy between the unit price and total price which is obtained
by multiplying the unit price with quantity, the unit price shall prevail and the
total price shall be corrected unless it is a lower figure. If the Bidder does not
accept the correction of errors, the Bid will be rejected.
(b) If there is a discrepancy in the unit price quoted in figures and words, the unit
price in figures or in words, as the case may be, which corresponds to the total
Bid price for the Bid shall be taken as correct.
(c) If the Bidder has not worked out the total Bid price or the total Bid price does not
correspond to the unit price quoted either in words or figures, the unit price quoted
in words shall be taken as correct.
(d) The Bidder should quote for all the items/services desired in this RFP. In case,
prices are not quoted by any Bidder for any specific product and / or service, for
the purpose of evaluation, the highest of the prices quoted by other Bidders
participating in the bidding process will be reckoned as the notional price for that
service, for that Bidder. However, if selected, at the time of award of Contract,
the lowest of the price(s) quoted by other Bidders (whose Price Bids are also
opened) for that service will be reckoned. This shall be binding on all the Bidders.
However, the Bank reserves the right to reject all such incomplete Bids.
18. CONTACTING THE BANK:
i. No Bidder shall contact the Bank on any matter relating to its Bid, from the time of
opening of indicative price Bid to the time, the Contract is awarded.
ii. Any effort by a Bidder to influence the Bank in its decisions on Bid evaluation, Bid
comparison or contract award may result in the rejection of the Bid.
19. AWARD CRITERIA AND AWARD OF CONTRACT:
i. Applicability of Preference to Make in India, Order 2017 (PPP-MII Order)
Guidelines on Public Procurement (Preference to Make in India), Order 2017 (PPP-
MII Order) and any revision thereto will be applicable for this RFP and allotment will
be done in terms of said Order as under:
(a) Among all qualified bids, the lowest bid (as quoted in the reverse auction) will
be termed as L1. If L1 is from a local supplier, the contract will be awarded to L1.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 21 of 329 Confidential & Proprietary
(b) If L1 is not from a local supplier, the lowest bidder among the local suppliers
will be invited to match the L1 price subject to local supplier’s quoted price falling
with the margin of purchase preference, and the contract shall be awarded to such
local supplier subject to matching the L1 price.
(c) In case such lowest eligible local supplier fails to match the L1 price, the local
supplier with the next higher bid within the margin of purchase preference shall be
invited to match the L1 price and so on and contract shall be awarded accordingly.
In case none of the local suppliers within the margin of purchase preference matches
the L1 price, then the contract will be awarded to the L1 bidder.
For the purpose of Preference to Make in India, Order 2017 (PPP-MII Order):
“Local content” means the amount of value-added in India which shall be the total
value of the item procured (excluding net domestic indirect taxes) minus the value
of imported content in the item (including all customs duties) as a proportion of the
total value, in percent.
“Local supplier” means a supplier or service provider whose product or service
offered for procurement meets the minimum 50% local content.
“Margin of purchase preference” means the maximum extent to which the price
quoted by a local supplier may be above the L1 for the purpose of purchase
preference. The margin of purchase preference shall be 20%.
ii. Verification of local content
The local supplier at the time of submission of bid shall be required to provide a
certificate as per Appendix-G from the statutory auditor or cost auditor of the
company (in the case of companies) or from a practicing cost accountant or
practicing chartered accountant (in respect of suppliers other than companies)
giving the percentage of local content.
iii. The total cost of Solutions along with the cost of all items specified in Appendix-
F would be the Total Cost of Ownership (TCO)/Total Project Cost and should be
quoted by the Bidder(s) in indicative price bid and reverse auction.
iv. Bank will notify successful Bidder in writing by way of issuance of the purchase
order through letter or fax/email that its Bid has been accepted. The selected Bidder
has to return the duplicate copy of the same to the Bank within 7 working days,
duly Accepted, Stamped and Signed by Authorized Signatory in token of
acceptance.
v. The successful Bidder will have to submit a Non-disclosure Agreement, Bank
Guarantee for the amount and validity as desired in this RFP and strictly on the lines
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 22 of 329 Confidential & Proprietary
of format given in the Appendix-L of this RFP together with the acceptance of all
terms and conditions of RFP.
vi. Copy of board resolution and Power of Attorney (POA wherever applicable)
showing that the signatory has been duly authorized to sign the acceptance letter,
contract and NDA should be submitted.
vii. The successful Bidder shall be required to enter into a Contract with the Bank and
submit the Bank Guarantee, within 30 days from the issuance of Purchase Order or
within such extended period as may be decided by the Bank.
viii. Till execution of a formal contract, the RFP, along with the Bank’s notification of
award by way of issuance of the purchase order and Service Provider’s acceptance
thereof, would be binding contractual obligation between the Bank and the
successful Bidder.
ix. The Bank reserves the right to stipulate, at the time of finalization of the Contract,
any other document(s) to be enclosed as a part of the final Contract.
x. Failure of the successful Bidder to comply with the requirements/terms and
conditions of this RFP shall constitute sufficient grounds for the annulment of the
award and forfeiture of the EMD and/or BG.
xi. Upon notification of award to the successful Bidder, the Bank will promptly notify
the award of the contract to the successful Bidder on the Bank’s website. The EMD
of each unsuccessful Bidder will be discharged and returned.
20. POWERS TO VARY OR OMIT WORK:
i. No alterations, amendments, omissions, additions, suspensions, or variations of the
work (hereinafter referred to as variation) under the contract shall be made by the
successful Bidder except as directed in writing by Bank. The Bank shall have full
powers, subject to the provision herein after contained, from time to time during the
execution of the contract, by notice in writing to instruct the successful Bidder to
make any variation without prejudice to the contract. The finally selected Bidder
shall carry out such variation and be bound by the same conditions as far as
applicable as though the said variations occurred in the contract documents. If any,
suggested variations would, in the opinion of the finally selected Bidder, if carried
out, prevent him from fulfilling any of his obligations under the contract, he shall
notify Bank thereof in writing with reasons for holding such opinion and Bank shall
instruct the successful Bidder to make such other modified variation without
prejudice to the contract. The finally selected Bidder shall carry out such variation
and be bound by the same conditions as far as applicable as though the said
variations occurred in the contract documents. If the Bank confirms its instructions,
the successful Bidder’s obligations shall be modified to such an extent as may be
mutually agreed, if such variation involves extra cost. Any agreed difference in cost
occasioned by such variation shall be added to or deducted from the contract price
as the case may be.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 23 of 329 Confidential & Proprietary
ii. In any case in which the successful Bidder has received instructions from the Bank
as to the requirements for carrying out the altered or additional substituted work
which either then or later on, will in the opinion of the finally selected Bidders,
involve a claim for additional payments, such additional payments shall be mutually
agreed in line with the terms and conditions of the order.
iii. If any change in the work is likely to result in a reduction in cost, the parties shall
agree in writing so as to the extent of change in contract price, before the finally
selected Bidder(s) proceeds with the change.
21. WAIVER OF RIGHTS:
Each Party agrees that any delay or omission on the part of the other Party to
exercise any right, power or remedy under this RFP will not automatically operate
as a waiver of such right, power or remedy or any other right, power or remedy,
and no waiver will be effective unless it is in writing and signed by the waiving
Party. Further, the waiver or the single or partial exercise of any right, power, or
remedy by either Party hereunder on one occasion will not be construed as a bar to
a waiver of any successive or other rights, power, or remedy on any other
occasion.
22. CHANGE IN ORDERS:
i. The Bank may, at any time, by a written order given to Service Provider, make
changes within the general scope of the Contract in any one or more of the
following:
(a) Method of shipment or packing;
(b) Place of delivery;
(c) Quantities to be supplied subject to 25% above or below the originally
declared quantities.
ii. If any such change causes an increase or decrease in the cost of, or the time required
for Service Provider’s performance of any provisions under the Contract, an
equitable adjustment shall be made in the Contract Price or delivery schedule, or
both, and the Contract shall accordingly be amended. Any claims by Service
Provider for adjustment under this clause must be asserted within 15 days from the
date of Service Provider’s receipt of Bank’s change order.
23. CONTRACT AMENDMENT:
No variation in or modification of the terms of the Contract shall be made, except
by written amendment, signed by the parties.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 24 of 329 Confidential & Proprietary
24. BANK’S RIGHT TO ACCEPT ANY BID AND TO REJECT ANY OR ALL
BIDS:
The Bank reserves the right to accept or reject any Bid in part or in full or to cancel
the bidding process and reject all Bids at any time prior to contract award as specified
in Award Criteria and Award of Contract, without incurring any liability to the
affected Bidder or Bidders or any obligation to inform the affected Bidder or Bidders
of the grounds for the Bank’s action.
25. BANK GUARANTEE:
i. Performance security in form of Bank Guarantee [BG] for the amount with validity
period as specified in this RFP strictly on the format at Appendix-H is to be
submitted by the finally selected Bidder (s). The BG has to be issued by a Scheduled
Commercial Bank other than SBI and needs to be submitted within the specified
time of receipt of formal communication from the Bank about their Bid finally
selected. In case, SBI is the sole Banker for the Bidder, a Letter of Comfort from
SBI may be accepted.
ii. The Bank Guarantee is required to protect the interest of the Bank against delay in
supply/installation and/or the risk of non-performance of the successful Bidder in
respect successful implementation of the project, or performance of the material or
services sold, or breach of any terms and conditions of the Agreement, which may
warrant invoking of Bank Guarantee.
26. COUNTRY OF ORIGIN / ELIGIBILITY OF PRODUCTS & SERVICES:
i. All Products and components thereof to be supplied under the Contract shall have
their origin in eligible source countries, as per the prevailing import trade control
regulations in India.
ii. For purposes of this clause, “origin” means the place where the Products are mined,
grown, or manufactured or produced, or the place from which the related product is
supplied. Products are produced when, through manufacturing, processing or
substantial and major assembly of components, a commercially-recognized product
results that is substantially different in basic characteristics or in purpose or utility
from its components.
27. DELIVERY, INSTALLATION AND COMMISSIONING:
i. Service Provider shall provide such packing of the Products as is required to prevent
its damage or deterioration during transit thereof to the location given by the Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 25 of 329 Confidential & Proprietary
The packing shall be sufficient to withstand, without limitation, rough handling
during transit and exposure to extreme temperature, salt and precipitation during
transit and open storage. Size and weight of packing cases shall take into
consideration, where appropriate, the remoteness of the Products final destination
and the absence of heavy handling facilities at all transit points.
ii. Service Provider will have to supply the Product(s) in ‘Factory Sealed Boxes’ with
System OEM seal.
iii. Delivery, installation and commissioning of the Products shall be made by Service
Provider in accordance with the system approved / ordered and within the time
schedule given in the Scope of work given in Appendix-E of this document.
iv. The delivery will be deemed complete when the Products/ components/ associated
software/firmware are received in good working condition at the designated
locations, mentioned in this RFP.
v. The installation will be deemed to be completed, when the Product including all the
hardware, accessories/components, firmware/system software, and other associated
software have been supplied, installed and operationalised as per the technical
specifications and all the features as per the technical specifications are
demonstrated and implemented as required, on the systems, to the satisfaction of
the Bank. Service Provider has to resolve any problem faced during installation and
operationalisation.
vi. In addition, Service Provider will supply all associated documentation relating to
the Products/hardware, system software/firmware, etc. The Product(s) are
considered accepted (commissioned and operationalised) after signing the
acceptance test plan document jointly by the representative of the Bank and the
engineer from Service Provider on the lines of format/certificate on the lines of
Appendix-I of this RFP. The component level checking for individual item may be
included during the acceptance test. The acceptance test plan document shall be
deemed to form a part of the agreement, to be signed between Service Provider and
the Bank. On the evaluation of the acceptance test results, if required, in view of the
performance of the Products (including hardware equipment/ components/
software), as observed during the acceptance test, Service Provider shall take
remedial measures including upgradation of any of the components thereunder,
including replacement thereof, at no additional cost to the Bank within a fortnight
from the date of notification of the same to Service Provider. Service Provider
should ensure that the Product meets the requirements of the Bank as envisaged in
the RFP.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 26 of 329 Confidential & Proprietary
vii. The details of the documents to be furnished by Service Provider are specified
hereunder:-
(a) 2 copies of Vendor’s Invoice showing contract number, products description,
quantity, unit price and total amount.
(b) Delivery Note or acknowledgement of receipt of Products from the consignee or
in case of products from abroad, original and two copies of the negotiable clean
Airway Bill.
(c) 2 copies of packing list identifying contents of each of the package.
(d) Insurance Certificate.
(e) Manufacturer’s warranty certificate.
viii. The above documents shall be received by the Bank before arrival of Products
(except where it is handed over to the Consignee with all documents). If these
documents are not received, Service Provider will be responsible for any
consequent expenses.
ix. For the system & other software/firmware required with the hardware ordered for,
the following will apply:-
(a) Service Provider shall supply standard software/firmware package published by
third parties in or out of India in their original publisher-packed status only, and
should have procured the same either directly from the publishers or from the
publisher's sole authorized representatives only.
(b) Service Provider shall provide complete and legal documentation of all sub
systems, licensed operating systems, licensed system software/firmware, licensed
utility software and other licensed software. Service Provider shall also provide
licensed software for all software/firmware whether developed by them or
acquired from others.
(c) In case Service Provider is providing software/firmware which is not its
proprietary software then Service Provider should have valid agreements with the
software/firmware vendor for providing such software/firmware to the Bank,
which includes support from the software/firmware vendor for the proposed
software for the entire period required by the Bank.
(d) The ownership of the supplied hardware shall be that of the Bank from the date
of delivery of the same. In other words, wherever the ownership of the hardware
is indicated, the name “State Bank of India” must appear to indicate that the Bank
is the perpetual owner of the hardware including use of software license
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 27 of 329 Confidential & Proprietary
embedded to the hardware in perpetuity. Evidence to this effect must be submitted
before the payment can be released.
28. SYSTEM INTEGRATION TESTING & USER ACCEPTANCE TESTING:
Service Provider should integrate the Solutions with the existing systems as per the
requirement of the Bank and carry out thorough system integration testing.
System integration testing will be followed by user acceptance testing, plan for
which has to be submitted by Service Provider to the Bank. The UAT includes
functional tests, resilience tests, benchmark comparisons, operational tests, load
tests, etc. SBI staff / third Party vendor designated by the Bank will carry out the
functional testing. This staff / third party vendor will need necessary on-site training
for the purpose and should be provided by Service Provider. Service Provider
should carry out other testing like resiliency/benchmarking/load etc. Service
Provider should submit a result log for all testing to the Bank.
On satisfactory completion of the aforementioned tests, the User Acceptance Test
(UAT) letter will be issued to Service Provider by the competent authority on the
line of Appendix-I.
29. SERVICES (Hardware):
i. Service Provider shall ensure that key personnel with relevant skill-sets are
available at designated locations for installation and commissioning of the Product.
ii. Service Provider shall ensure that the quality of methodologies for delivering the
Products/Services, adhere to quality standards/timelines stipulated thereof.
iii. Service Provider shall be willing to transfer skills to relevant personnel of the Bank,
by means of training and documentation.
iv. Service Provider shall provide and implement patches/ upgrades/ updates for
Products (software/ firmware/ OS) as and when released by Service Provider/ OEM
free of cost. Service Provider should bring to notice of the Bank all releases/ version
changes.
v. Service Provider shall obtain a written permission from the Bank before applying
any of the patches/ upgrades/ updates. Service Provider has to support older
versions of the OS/firmware/middleware etc in case the Bank chooses not to
upgrade to latest version.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 28 of 329 Confidential & Proprietary
vi. Service Provider shall provide maintenance support for the Product including
embedded software/ OS/ middleware etc over the entire period of Contract.
vii. All product updates, upgrades & patches shall be provided by Service Provider free
of cost during warranty and AMC/ ATS/ S&S period.
viii. Service Provider shall provide legally valid firmware/software. The detailed
information on license count and type of license should also be provided to the
Bank.
ix. Service Provider shall keep the Bank explicitly informed the end of support dates
on related Products including embedded software/ OS/ middleware etc should
ensure support during warranty and AMC/ATS/S&S.
30. SERVICES (other than Hardware):
i. All professional services necessary to successfully implement the proposed
Solutions will be part of the RFP/Contract.
ii. The Bidder should also submit as part of technical Bid an overview of Project
Management approach of the proposed product.
iii. Bidder should ensure that key personnel with relevant skill-sets are available to the
Bank.
iv. Bidder should ensure that the quality of methodologies for delivering the services
adhere to quality standards/timelines stipulated therefor.
v. Bidder shall be willing to transfer skills to relevant personnel from the Bank, by
means of training and documentation.
vi. Bidder shall provide and implement patches/ upgrades/ updates for hardware/
software/ Operating Systems / Middleware etc. as and when released by Service
Provider/ OEM or as per requirements of the Bank. Bidder should bring to notice
of the Bank all releases/ version changes.
vii. Bidder shall obtain written permission from the Bank before applying any of the
patches/ upgrades/ updates. The Bidder has to support older versions of the
hardware/ software/ Operating System /Middleware etc. in case the Bank chooses
not to upgrade to the latest version.
viii. Bidder shall provide maintenance support for Hardware/ Software/ Operating
System/ Middleware over the entire period of contract.
ix. All product updates, upgrades & patches shall be provided by the Bidder/ Service
Provider free of cost during warranty and AMC/ ATS/ S&S period.
x. Bidder shall provide legally valid Solutions. The detailed information on license
count and type of license shall also be provided to the Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 29 of 329 Confidential & Proprietary
xi. The Bidder shall keep the Bank explicitly informed the end of support dates on
related products/hardware/firmware and should ensure support during warranty and
AMC/ATS/S&S.
31. WARRANTY AND ANNUAL MAINTENANCE CONTRACT FOR
HARDWARE:
i. Service Provider shall support the Product and its associated items/components
including OS/firmware during the period of warranty and AMC (if included in the
RFP) as specified in Scope of Work in this RFP.
ii. During the warranty and AMC period (if included in the RFP), Service Provider
will have to undertake comprehensive support of the entire Product
(hardware/components/ operating software/firmware) supplied by them at no
additional cost to the Bank. During the support period (warranty and AMC), Service
Provider shall maintain the Product (hardware/ software, etc.) to comply with
parameters defined for acceptance criteria and Service Provider shall be responsible
for all costs relating to labour, spares, maintenance (preventive and corrective),
compliance of security requirements and transport charges from and to the
designated site(s) in connection with the repair/ replacement of the Product
(hardware/ equipment/ components/ software or any component/ part thereunder),
which, under normal and proper use and maintenance thereof, proves defective in
design, material or workmanship or fails to conform to the specifications, as
specified.
iii. During the support period (warranty and AMC), Service Provider shall ensure that
services of professionally qualified personnel are available for providing
comprehensive on-site maintenance of the Product and its components as per the
Bank’s requirements. Comprehensive maintenance shall include, among other
things, day to day maintenance of the system as per the RFP, reloading of
firmware/software, compliance to security requirements, etc. when required or in
the event of system crash/malfunctioning, arranging and configuring facility as per
the RFP, fine tuning, system monitoring, log maintenance, etc. Service Provider
shall provide services of an expert engineer at SBI GITC, Belapur or at any other
locations wherever required, whenever it is essential. In case of failure of Product
(hardware, system software or any of its components), Service Provider shall ensure
that Product is made operational to the full satisfaction of the Bank within the given
timelines. Service Provider shall provide preventive maintenance schedules as per
periodicity defined in RFP.
iv. On site comprehensive warranty for the Product would include free replacement of
spares, parts, kits, resolution of problem, if any, in Product.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 30 of 329 Confidential & Proprietary
v. Warranty/ AMC (if included in the RFP) for the system software/ off-the shelf
software will be provided to the Bank as per the general conditions of sale of such
software.
vi. Support (Warranty/ AMC, if included in the RFP) would be on-site and
comprehensive in nature and must have back to back support from the OEM/Service
Provider. Undertaking on the lines of Appendix-H of this RFP document is
required to be submitted by Service Provider, duly endorsed by the OEM that in
case Service Provider fails to provide Services then OEM shall provide the same at
no extra cost, to the satisfaction of the Bank. Service Provider warrants Products
against defect arising out of faulty design, materials, etc. during the specified
support period. Service Provider will provide support for operating systems and
other pre-installed software components/system software during the specified
period of the hardware on which these software and operating system will be
installed. Service Provider shall repair or replace worn out or defective parts
including all plastic parts of the Equipment at his own cost including the cost of
transport.
vii. In the event of system break down or failures at any stage, protection available,
which would include the following, shall be specified.
(a) Diagnostics for identification of systems failures
(b) Protection of data/ Configuration
(c) Recovery/ restart facility
(d) Backup of system software/ Configuration
viii. Prompt support shall be made available as desired in this RFP during the support
period at the locations as and when required by the Bank.
ix. Service Provider shall be agreeable for on-call/on-site support during peak weeks
(last and first week of each month) and at the time of switching over from PR to DR
and vice-versa. No extra charge shall be paid by the Bank for such needs, if any,
during the support period.
x. Service Provider support staff should be well trained to effectively handle queries
raised by the employee(s) or authorized user(s) of the Bank.
xi. Updated escalation matrix shall be made available to the Bank once in each quarter
and each time the matrix gets changed.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 31 of 329 Confidential & Proprietary
32. WARRANTY AND ANNUAL MAINTENANCE CONTRACT (Other than
Hardware):
i. The selected Bidder shall support the Solutions during the period of warranty and
AMC as specified in Scope of work in this RFP from the date of acceptance of the
Solutions by State Bank of India.
ii. During the warranty and AMC period, the Bidder will have to undertake
comprehensive support of the Solutions supplied by the Bidder and all new
versions, releases, and updates for all standard Software to be supplied to the Bank
at no additional cost. During the support period, the Bidder shall maintain the
Solutions to comply with parameters defined for acceptance criteria and the Bidder
shall be responsible for all costs relating to labour, spares, maintenance (preventive
and corrective), compliance of security requirements and transport charges from
and to the Site (s) in connection with the repair/ replacement of the Solutions, which,
under normal and proper use and the maintenance thereof, proves defective in
design, material or workmanship or fails to conform to the specifications, as
specified.
iii. During the support period (warranty and AMC), Service Provider shall ensure that
services of professionally qualified personnel are available for providing
comprehensive on-site maintenance of the Solutions and its components as per the
Bank’s requirements. Comprehensive maintenance shall include, among other
things, day to day maintenance of the Solutions as per the Bank’s policy, reloading
of firmware/software, compliance to security requirements, etc. when required or
in the event of system crash/malfunctioning, arranging and configuring facility as
per the requirements of the Bank, fine tuning, system monitoring, log maintenance,
etc. The Bidder shall provide services of an expert engineer at SBI GITC, Belapur
or at other locations wherever required, whenever it is essential. In case of failure
of Solutions, the Bidder shall ensure that Solutions are made operational to the full
satisfaction of the Bank within the given timelines.
iv. Warranty/ AMC for the system software/ off-the shelf Software will be provided to
the Bank as per the general conditions of sale of such software.
v. Support (Warranty/ AMC) would be on-site and comprehensive in nature and must
have back to back support from the OEM/Service Provider. Service Provider will
warrant products against defects arising out of faulty design etc. during the specified
support period.
vi. In the event of a system break down or failures at any stage, protection available,
which would include the following, shall be specified.
(a) Diagnostics for identification of systems failures
(b) Protection of data/ Configuration
(c) Recovery/ restart facility
(d) Backup of system software/ Configuration
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 32 of 329 Confidential & Proprietary
vii. Prompt support shall be made available as desired in this RFP during the support
period at the locations as and when required by the Bank.
viii. The Bidder shall be agreeable for on-call/on-site support during peak weeks (last
and first week of each month) and at the time of switching over from PR to DR and
vice-versa. No extra charge shall be paid by the Bank for such needs, if any, during
the support period.
ix. Bidder support staff should be well trained to effectively handle queries raised by
the customers/employees of the Bank.
x. Updated escalation matrix shall be made available to the Bank once in each
quarter and each time the matrix gets changed.
33. PENALTIES:
As mentioned in Appendix-J of this RFP.
34. RIGHT TO VERIFICATION:
The Bank reserves the right to verify any or all of the statements made by the Bidder
in the Bid document and to inspect the Bidder’s facility, if necessary, to establish
to its satisfaction about the Bidder’s capacity/capabilities to perform the job.
35. INSPECTION AND TESTING FOR HARDWARE:
i. The Bank reserves the right to carry out pre-shipment inspection or demand a
demonstration of the Product on a representative model at Service Provider’s
location.
ii. The inspection and tests prior to dispatch of Products / at the time of final
acceptance would be as follows:
(a) Service Provider shall intimate the Bank before dispatching Products for
conducting inspection and testing.
(b) Inspection / pre-shipment acceptance testing of Products as per quality control
formats including functional testing and burn-in tests at full load, quality control
tests etc., as per the standards / specifications and may be done at factory site of
Service Provider by the Bank or its authorized agency before dispatch of Products.
In case of failure by Service Provider to provide necessary facility / equipment at
his premises, all the cost of such inspection like travel, boarding, lodging and
other incidental expenses of the Bank’s representatives to be borne by Service
Provider.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 33 of 329 Confidential & Proprietary
(c) Successful conduct and conclusion of inspection and testing shall be the sole
responsibility of Service Provider. However, the Bank may at its sole discretion,
waive inspection of Products.
(d) In the event of Product failing to pass the inspection and tests, as per the
specifications given, Service Provider shall rectify and deliver the product after
re-inspection within the timeline mentioned in the RFP.
(e) The inspection and tests may also be conducted at the point of delivery and / or at
the Products’ final destination. Reasonable facilities and assistance, including
access to drawings and production data, shall be furnished, at no charge to the
Bank.
(f) Nothing stated herein above shall in any way release Service Provider from any
warranty or other obligations under this RFP.
iii. The Bank’s right to inspect, test and where necessary reject the Products after the
Products arrival at the destination shall in no way be limited or waived by reason of
the Products having previously being inspected, tested and passed by the Bank or
its representative prior to the Products shipment from the place of origin by the
Bank or its representative prior to the installation and commissioning.
Nothing stated hereinabove shall in any way release Service Provider from any
warranty or other obligations under this RFP
36. INSPECTION AND TESTING (Other than Hardware):
i. The Bank reserves the right to carry out a pre-shipment inspection or demand a
demonstration of the product on a representative model at Service Provider’s
location.
ii. The inspection and test prior to dispatch of the product/at the time of final
acceptance would be as follows:
(a) Service Provider shall intimate the Bank before dispatching products for
conducting inspection and testing.
(b) The inspection and acceptance test may also be conducted at the point of delivery
and / or at the products’ final destination. Reasonable facilities and assistance,
including access to drawings and production data, shall be furnished to the
inspectors, at no charge to the Bank. In case of failure by Service Provider to
provide necessary facility / equipment at its premises, all the cost of such
inspection like travel, boarding, lodging & other incidental expenses of the
Bank’s representatives to be borne by Service Provider.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 34 of 329 Confidential & Proprietary
iii. The Bank’s right to inspect, test the product/ Solution after delivery of the same to
the Bank and where necessary reject the products/solution which does not meet the
specification provided by the Bank. This shall in no way be limited or waived by
reason of the products/ Solution having previously being inspected, tested and
passed by the Bank or its representative prior to the products/ Solution shipment
from the place of origin by the Bank or its representative prior to the installation
and commissioning.
iv. Nothing stated hereinabove shall in any way release Service Provider from any
warranty or other obligations under this contract.
v. System integration testing and User Acceptance testing will be carried out as per
requirement of the Bank.
37. RIGHT TO AUDIT:
i. The Selected Bidder (Service Provider) shall be subject to annual audit by internal/
external Auditors appointed by the Bank/ inspecting official from the Reserve Bank
of India or any regulatory authority, covering the risk parameters finalized by the
Bank/ such auditors in the areas of products (IT hardware/ Software) and services
etc. provided to the Bank and Service Provider is required to submit such
certification by such Auditors to the Bank. Service Provider and or his / their
outsourced agents / sub – contractors shall facilitate the same. The Bank can make
its expert assessment on the efficiency and effectiveness of the security, control,
risk management, governance system and process created by the Service Provider.
The Service Provider shall, whenever required by the Auditors, furnish all relevant
information, records/data to them. All costs for such audit shall be borne by the
Bank. Except for the audit done by Reserve Bank of India or any
statutory/regulatory authority, the Bank shall provide reasonable notice not less than
7 (seven) days to Service Provider before such audit and same shall be conducted
during normal business hours.
ii. Where any deficiency has been observed during audit of the Service Provider on
the risk parameters finalized by the Bank or in the certification submitted by the
Auditors, the Service Provider shall correct/resolve the same at the earliest and shall
provide all necessary documents related to resolution thereof and the auditor shall
further certify in respect of resolution of the deficiencies. The resolution provided
by the Service Provider shall require to be certified by the Auditors covering the
respective risk parameters against which such deficiencies have been observed.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 35 of 329 Confidential & Proprietary
iii. Service Provider further agrees that whenever required by the Bank, it will furnish
all relevant information, records/data to such auditors and/or inspecting officials of
the Bank/Reserve Bank of India and/or any regulatory authority(ies). The Bank
reserves the right to call for and/or retain any relevant information /audit reports on
financial and security review with their findings undertaken by the Service
Provider. However, Service Provider shall not be obligated to provide records/data
not related to Services under the Agreement (e.g. internal cost breakup etc.).
38. SUBCONTRACTING:
As per the scope of this Agreement sub-contracting is not permitted, unless
otherwise permitted elsewhere in the RFP.
39. INSURANCE:
i. The insurance shall be for an amount equal to 100 percent of the value of the
Products from place of dispatch to final destination on “All Risks” basis, valid for
a period of one month after delivery of Products at the defined destination.
ii. Should any loss or damage occur, Service Provider shall:
(a) initiate and pursue claim till settlement and
(b) promptly make arrangements for repair and / or replacement of any damaged item
to the satisfaction of the Bank, irrespective of settlement of claim by the
underwriters.
40. VALIDITY OF AGREEMENT:
The Agreement/ SLA will be valid for the period of 5 year(s). The Bank reserves
the right to terminate the Agreement as per the terms of RFP/ Agreement.
41. LIMITATION OF LIABILITY:
i. The maximum aggregate liability of Service Provider, subject to clause 34 (iii), in
respect of any claims, losses, costs or damages arising out of or in connection with
this RFP/Agreement shall not exceed the total Project Cost.
ii. Under no circumstances shall either Party be liable for any indirect, consequential
or incidental losses, damages or claims including loss of profit, loss of business or
revenue.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 36 of 329 Confidential & Proprietary
iii. The limitations set forth herein shall not apply with respect to:
a) claims that are the subject of indemnification pursuant to infringement of third
party Intellectual Property Right;
b) damage(s) occasioned by the Gross Negligence or Wilful Misconduct of Service
Provider,
c) damage(s) occasioned by Service Provider for breach of Confidentiality
Obligations,
d) Regulatory or statutory fines imposed by a Government or Regulatory agency
for non-compliance of statutory or regulatory guidelines applicable to the Bank,
provided such guidelines were brought to the notice of Service Provider.
For the purpose of clause 34(iii)(b) “Gross Negligence” means any act or failure
to act by a party which was in reckless disregard of or gross indifference to the
obligation of the party under this Agreement and which causes injury, damage to
life, personal safety, real property, harmful consequences to the other party, which
such party knew, or would have known if it was acting as a reasonable person,
would result from such act or failure to act for which such Party is legally liable.
Notwithstanding the forgoing, Gross Negligence shall not include any action taken
in good faith.
“Wilful Misconduct” means any act or failure to act with an intentional disregard
of any provision of this Agreement, which a party knew or should have known if it
was acting as a reasonable person, which would result in injury, damage to life,
personal safety, real property, harmful consequences to the other party, but shall not
include any error of judgment or mistake made in good faith.
42. CONFIDENTIALITY:
Confidentiality obligation shall be as per Non-Disclosure Agreement (Appendix-
L) and clause 15 of Service Level Agreement placed as Appendix-K to this RFP.
43. DELAY IN SERVICE PROVIDER’S PERFORMANCE:
i. Delivery, installation, commissioning of the Solutions and performance of Services
shall be made by Service Provider within the timelines prescribed in Part II of this
RFP.
ii. If at any time during performance of the Contract, Service Provider should
encounter conditions impeding timely delivery of the Solutions and performance of
Services, Service Provider shall promptly notify the Bank in writing of the fact of
the delay, its likely duration and cause(s). As soon as practicable after receipt of
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 37 of 329 Confidential & Proprietary
Service Provider’s notice, the Bank shall evaluate the situation and may, at its
discretion, extend Service Providers’ time for performance, in which case, the
extension shall be ratified by the parties by amendment of the Contract.
iii. Any delay in performing the obligation/ defect in performance by Service Provider
may result in imposition of penalty, liquidated damages, invocation of Bank
Guarantee and/or termination of Contract (as laid down elsewhere in this RFP
document).
44. SERVICE PROVIDER’S OBLIGATIONS:
i. Service Provider is responsible for and obliged to conduct all contracted activities
in accordance with the Contract using state-of-the-art methods and economic
principles and exercising all means available to achieve the performance specified
in the Contract.
ii. Service Provider is obliged to work closely with the Bank’s staff, act within its own
authority and abide by directives issued by the Bank from time to time and complete
implementation activities.
iii. Service Provider will abide by the job safety measures prevalent in India and will
free the Bank from all demands or responsibilities arising from accidents or loss of
life, the cause of which is Service Provider’s negligence. Service Provider will pay
all indemnities arising from such incidents and will not hold the Bank responsible
or obligated.
iv. Service Provider is responsible for activities of its personnel or sub-contracted
personnel (where permitted) and will hold itself responsible for any misdemeanors.
v. Service Provider shall treat as confidential all data and information about the Bank,
obtained in the process of executing its responsibilities, in strict confidence and will
not reveal such information to any other party without prior written approval of the
Bank as explained under ‘Non-Disclosure Agreement’ in Appendix-L of this RFP.
45. TECHNICAL DOCUMENTATION (For Hardware):
i. Service Provider shall deliver the following documents to the Bank for every
hardware / firmware / software including third party software before software/
service become operational, which includes, user manuals, installation manuals,
operation manuals, design documents, process documents, technical manuals,
functional specification, software requirement specification, on-line tutorials/
computer based tests, system configuration documents, system/database
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 38 of 329 Confidential & Proprietary
administrative documents, debugging/diagnostics documents, test procedures etc.
ii. Service Provider shall provide documents related to review records/ Test Bug
Reports/ Root Cause Analysis Report, list of all Product components, list of all
dependent/external modules and list of all documents relating to traceability of
service level failure as and when applicable.
iii. Service Provider shall also provide the MIS reports as per requirements of the Bank.
Any level/ version changes and/or clarification or corrections or modifications in
the above mentioned documentation should be supplied by Service Provider to the
Bank, free of cost in timely manner.
46. TECHNICAL DOCUMENTATION (Other than Hardware):
i. Service Provider shall deliver the following documents to the Bank for every
Software including third party Software before software/ service become
operational, which includes, user manuals, installation manuals, operation manuals,
design documents, process documents, technical manuals, functional specification,
Software requirement specification, on-line tutorials/ CBTs, system configuration
documents, system/database administrative documents, debugging/diagnostics
documents, test procedures etc.
ii. Service Provider shall also provide documents related to Review Records/ Test Bug
Reports/ Root Cause Analysis Report, list of all Product components, list of all
dependent/external modules and list of all documents relating to traceability of the
Solutions as and when applicable.
iii. Service Provider shall also provide the MIS reports, data flow documents, data
register and data dictionary as per requirements of the Bank. Any level/ version
changes and/or clarification or corrections or modifications in the above-mentioned
documentation should be supplied by Service Provider to the Bank, free of cost in
timely manner.
47. INTELLECTUAL PROPERTY RIGHTS AND OWNERSHIP:
i. For any technology / Software / Solution developed/used/supplied by Service
Provider for performing Services or licensing and implementing Software and
Solution for the Bank as part of this RFP, Service Provider shall have right to use
as well right to license for the outsourced services or third party product. The Bank
shall not be liable for any license or IPR violation on the part of Service provider.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 39 of 329 Confidential & Proprietary
ii. Without the Bank’s prior written approval, Service provider will not, in performing
the Services, use or incorporate, link to or call or depend in any way upon, any
Software or other intellectual property that is subject to an Open Source or Copy-
left license or any other agreement that may give rise to any third-party claims or to
limit the Bank’s rights under this RFP.
iii. Subject to clause 39 (iv) and 39 (v) of this RFP, Service Provider shall, at its own
expenses without any limitation, indemnify and keep fully and effectively
indemnified the Bank against all cost, claims, damages, demands, expenses and
liabilities whatsoever nature arising out of or in connection with all claims of
infringement of Intellectual Property Right, including patent, trademark, copyright,
trade secret or industrial design rights of any third party arising from use of the
technology / Software / products or any part thereof in India or abroad, for Software
licensed/developed as part of this engagement. In case of violation/ infringement of
patent/ trademark/ copyright/ trade secret or industrial design or any other
Intellectual Property Right of third party, Service Provider shall, after due
inspection and testing, without any additional cost (a) procure for the Bank the right
to continue to using the Software supplied; or (b) replace or modify the Software to
make it non-infringing so long as the replacement to or modification of Software
provide substantially equivalent functional, performance and operational features
as the infringing Software which is being replaced or modified; or (c) to the extent
that the activities under clauses (a) and (b) above are not commercially reasonable,
refund to the Bank all amounts paid by the Bank to Service Provider under this
RFP/Agreement.
iv. The Bank will give (a) notice to Service provider of any such claim without
delay/provide reasonable assistance to Service provider in disposing of the claim;
(b) sole authority to defend and settle such claim and; (c) will at no time admit to
any liability for or express any intent to settle the claim provided that (i) Service
Provider shall not partially settle any such claim without the written consent of the
Bank, unless such settlement releases the Bank fully from such claim, (ii) Service
Provider shall promptly provide the Bank with copies of all pleadings or similar
documents relating to any such claim, (iii) Service Provider shall consult with the
Bank with respect to the defense and settlement of any such claim, and (iv) in any
litigation to which the Bank is also a party, the Bank shall be entitled to be
separately represented at its own expenses by counsel of its own selection.
v. Service Provider shall have no obligations with respect to any infringement claims
to the extent that the infringement claim arises or results from: (i) Service Provider’s
compliance with the Bank’s specific technical designs or instructions (except where
Service Provider knew or should have known that such compliance was likely to
result in an infringement claim and Service Provider did not inform the Bank of the
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 40 of 329 Confidential & Proprietary
same); (ii) any unauthorized modification or alteration of the Software by the Bank
or its employee; (iii) failure to implement an update to the licensed Software that
would have avoided the infringement, provided Service Provider has notified the
Bank in writing that use of the update would have avoided the claim.
vi. Service Provider shall grant the Bank a fully paid-up, irrevocable, exclusive,
unlimited, perpetual license throughout the territory of India or abroad to access,
replicate and use Software provided by Service Provider, including all inventions,
designs and marks embodied therein perpetually. The source code /object code
/executable code and compilation procedures of the Solutions made under this
agreement are the proprietary property of the Bank and as such Service Provider
shall make them available to the Bank after successful User Acceptance Testing.
Service Provider agrees that the Bank owns the entire right, title and interest to any
inventions, designs, discoveries, writings and works of authorship, including all
Intellectual Property Rights, copyrights. Any work made under this agreement shall
be deemed to be ‘work made for hire’ under any Indian/U.S. or any other applicable
copyright laws.
48. LIQUIDATED DAMAGES:
If the Service Provider fails to deliver product and/or perform any or all the Services
within the stipulated time, schedule as specified in this RFP/Agreement, the Bank
may, without prejudice to its other remedies under the RFP/Agreement, and unless
otherwise extension of time is agreed upon without the application of liquidated
damages, deduct from the Project Cost, as liquidated damages as specified in
Appendix-J. Once the maximum deduction is reached, the Bank may consider
termination of the Agreement.
49. CONFLICT OF INTEREST:
i. Bidder shall not have a conflict of interest (the “Conflict of Interest”) that affects
the bidding Process. Any Bidder found to have a Conflict of Interest shall be
disqualified. In the event of disqualification, the Bank shall be entitled to forfeit and
appropriate the Bid Security and/or Performance Security (Bank Guarantee), as the
case may be, as mutually agreed upon genuine estimated loss and damage likely to
be suffered and incurred by the Bank and not by way of penalty for, inter alia, the
time, cost and effort of the Bank, including consideration of such Bidder’s proposal
(the “Damages”), without prejudice to any other right or remedy that may be
available to the Bank under the bidding Documents and/ or the Agreement or
otherwise.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 41 of 329 Confidential & Proprietary
ii. Without limiting the generality of the above, a Bidder shall be deemed to have a
Conflict of Interest affecting the bidding Process, if:
(a) the Bidder, its Member or Associate (or any constituent thereof) and any other
Bidder, its Member or any Associate thereof (or any constituent thereof) have
common controlling shareholders or other ownership interest; provided that this
disqualification shall not apply in cases where the direct or indirect shareholding
of a Bidder, its Member or an Associate thereof (or any shareholder thereof
having a shareholding of more than 5% (five per cent) of the paid up and
subscribed share capital of such Bidder, Member or Associate, as the case may
be) in the other Bidder, its Member or Associate, has less than 5% (five per cent)
of the subscribed and paid up equity share capital thereof; provided further that
this disqualification shall not apply to any ownership by a bank, insurance
company, pension fund or a public financial institution referred to in section
2(72) of the Companies Act, 2013. For the purposes of this Clause, indirect
shareholding held through one or more intermediate persons shall be computed
as follows: (aa) where any intermediary is controlled by a person through
management control or otherwise, the entire shareholding held by such
controlled intermediary in any other person (the “Subject Person”) shall be taken
into account for computing the shareholding of such controlling person in the
Subject Person; and (bb) subject always to sub-clause (aa) above, where a person
does not exercise control over an intermediary, which has shareholding in the
Subject Person, the computation of indirect shareholding of such person in the
Subject Person shall be undertaken on a proportionate basis; provided, however,
that no such shareholding shall be reckoned under this sub-clause (bb) if the
shareholding of such person in the intermediary is less than 26% of the
subscribed and paid up equity shareholding of such intermediary; or
(b) a constituent of such Bidder is also a constituent of another Bidder; or
(c) such Bidder, its Member or any Associate thereof receives or has received any
direct or indirect subsidy, grant, concessional loan or subordinated debt from any
other Bidder, its Member or Associate, or has provided any such subsidy, grant,
concessional loan or subordinated debt to any other Bidder, its Member or any
Associate thereof; or
(d) such Bidder has the same legal representative for purposes of this Bid as any
other Bidder; or
(e) such Bidder, or any Associate thereof, has a relationship with another Bidder, or
any Associate thereof, directly or through common third party/ parties, that puts
either or both of them in a position to have access to each other’s information
about, or to influence the Bid of either or each other; or
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 42 of 329 Confidential & Proprietary
(f) such Bidder or any of its affiliates thereof has participated as a consultant to the
Bank in the preparation of any documents, design or technical specifications of
the RFP.
iii. For the purposes of this RFP, Associate means, in relation to the Bidder, a person
who controls, is controlled by, or is under the common control with such Bidder
(the “Associate”). As used in this definition, the expression “control” means, with
respect to a person which is a company or corporation, the ownership, directly or
indirectly, of more than 50% (fifty per cent) of the voting shares of such person,
and with respect to a person which is not a company or corporation, the power to
direct the management and policies of such person by operation of law or by
contract.
50. CODE OF INTEGRITY AND DEBARMENT/BANNING:
i. The Bidder and their respective officers, employees, agents and advisers shall
observe the highest standard of ethics during the bidding Process. Notwithstanding
anything to the contrary contained herein, the Bank shall reject Bid without being
liable in any manner whatsoever to the Bidder if it determines that the Bidder has,
directly or indirectly or through an agent, engaged in
corrupt/fraudulent/coercive/undesirable or restrictive practices in the bidding
Process.
ii. Bidders are obliged under code of integrity to Suo-moto proactively declare any
conflicts of interest (pre-existing or as and as soon as these arise at any stage) in
RFP process or execution of contract. Failure to do so would amount to violation of
this code of integrity.
iii. Any Bidder needs to declare any previous transgressions of such a code of integrity
with any entity in any country during the last three years or of being debarred by
any other procuring entity. Failure to do so would amount to violation of this code
of integrity.
iv. For the purposes of this clause, the following terms shall have the meaning
hereinafter, respectively assigned to them:
(a) “corrupt practice” means making offers, solicitation or acceptance of bribe,
rewards or gifts or any material benefit, in exchange for an unfair advantage
in the procurement process or to otherwise influence the procurement process
or contract execution;
(b) “Fraudulent practice” means any omission or misrepresentation that may
mislead or attempt to mislead so that financial or other benefits may be
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 43 of 329 Confidential & Proprietary
obtained or an obligation avoided. This includes making false declaration or
providing false information for participation in an RFP process or to secure a
contract or in execution of the contract;
(c) “Coercive practice” means harming or threatening to harm, persons or their
property to influence their participation in the procurement process or affect
the execution of a contract;
(d) “Anti-competitive practice” means any collusion, bid-rigging or anti-
competitive arrangement, or any other practice coming under the purview of
the Competition Act, 2002, between two or more bidders, with or without the
knowledge of the Bank, that may impair the transparency, fairness and the
progress of the procurement process or to establish bid prices at artificial, non-
competitive levels;
(e) “Obstructive practice” means materially impede the Bank’s or Government
agencies investigation into allegations of one or more of the above mentioned
prohibited practices either by deliberately destroying, falsifying, altering; or
by concealing of evidence material to the investigation; or by making false
statements to investigators and/or by threatening, harassing or intimidating
any party to prevent it from disclosing its knowledge of matters relevant to
the investigation or from pursuing the investigation; or by impeding the
Bank’s rights of auditor access to information;
v. Debarment/Banning
Empanelment/participation of Bidders and their eligibility to participate in the
Bank’s procurements is subject to compliance with the code of integrity and
performance in contracts as per the terms and conditions of contracts. Following
grades of debarment from empanelment/participation in the Bank’s procurement
process shall be considered against delinquent Vendors/Bidders:
(a) Holiday Listing (Temporary Debarment - suspension):
Whenever a Vendor is found lacking in performance, in case of less frequent and
less serious misdemeanors, the vendors may be put on a holiday listing (temporary
debarment) for a period of up to 12 (twelve) months. When a Vendor is on the
holiday listing, he is neither invited to bid nor are his bids considered for evaluation
during the period of the holiday. The Vendor is, however, not removed from the list
of empanelled vendors, if any. Performance issues which may justify holiday listing
of the Vendor are:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 44 of 329 Confidential & Proprietary
• Vendors who have not responded to requests for quotation/tenders consecutively
three times without furnishing valid reasons, if mandated in the empanelment
contract (if applicable);
• Repeated non-performance or performance below specified standards (including
after-sales services and maintenance services etc.);
• Vendors undergoing process for removal from empanelment/participation in the
procurement process or banning/debarment may also be put on a holiday listing
during such proceedings.
(b) Debarment from participation including removal from empanelled list
Debarment of a delinquent Vendor (including their related entities) for a period (one
to two years) from the Bank’s procurements including removal from empanelment,
wherever such Vendor is empanelled, due to severe deficiencies in performance or
other serious transgressions. Reasons which may justify debarment and/or removal
of the Vendor from the list of empanelled vendors are:
• Without prejudice to the rights of the Bank under Clause 42(i) hereinabove, if a
Bidder is found by the Bank to have directly or indirectly or through an agent,
engaged or indulged in any corrupt/fraudulent/coercive/undesirable or restrictive
practices during the Bidding Process, such Bidder shall not be eligible to
participate in any EOI/RFP issued by the Bank during a period of 2 (two) years
from the date of debarment.
• Vendor fails to abide by the terms and conditions or to maintain the required
technical/operational staff/equipment or there is a change in its
production/service line affecting its performance adversely, or fails to cooperate
or qualify in the review for empanelment;
• If Vendor ceases to exist or ceases to operate in the category of requirements for
which it is empanelled;
• Bankruptcy or insolvency on the part of the vendor as declared by a court of law;
or
• Banning by the Ministry/Department or any other Government agency;
• Other than in situations of force majeure, technically qualified Bidder withdraws
from the procurement process or after being declared as successful bidder: (i)
withdraws from the process; (ii) fails to enter into a Contract; or (iii) fails to
provide performance guarantee or any other document or security required in
terms of the RFP documents;
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 45 of 329 Confidential & Proprietary
• If the Central Bureau of Investigation/CVC/C&AG or Vigilance Department of
the Bank or any other investigating agency recommends such a course in respect
of a case under investigation;
• Employs a Government servant or the Bank’s Officer within two years of his
retirement, who has had business dealings with him in an official capacity before
retirement; or
• Any other ground, based on which the Bank considers, that continuation of
Contract is not in the public interest.
• If there is a strong justification for believing that the
partners/directors/proprietor/agents of the firm/company have been guilty of a
violation of the code of integrity or Integrity Pact (wherever applicable), evasion
or habitual default in payment of any tax levied by law; etc.
(c) Banning from Ministry/Country-wide procurements
For the serious transgression of code of integrity, a delinquent Vendor (including
their related entities) may be banned/debarred from participation in a procurement
process of the Bank including procurement process of any procuring entity of
Government of India for a period not exceeding three years commencing from the
date of debarment.
51. TERMINATION FOR DEFAULT:
i. The Bank may, without prejudice to any other remedy for breach of Agreement,
written notice of not less than 30 (thirty) days, terminate the Agreement in whole
or in part:
(a) If the Service Provider fails to deliver any or all the obligations within the time
period specified in the RFP/Agreement, or any extension thereof granted by
the Bank;
(b) If the Service Provider fails to perform any other obligation(s) under the
RFP/Agreement;
(c) Violations of any terms and conditions stipulated in the RFP;
(d) On the happening of any termination event mentioned in the RFP/Agreement.
Prior to providing written notice of termination to Service Provider under clause 43
(i) (a) to 43 (i) (c), the Bank shall provide Service Provider with a written notice of
30 (thirty) days to cure such breach of the Agreement. If the breach continues or
remains unrectified after the expiry of the cure period, the Bank shall have the right
to initiate action in accordance with the above clause.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 46 of 329 Confidential & Proprietary
ii. In the event the Bank terminates the Contract in whole or in part for the breaches
attributable to Service Provider, the Bank may procure, upon such terms and in such
manner as it deems appropriate, Software and Services similar to those undelivered,
and subject to the limitation of liability clause of this RFP Service Provider shall be
liable to the Bank for any increase in cost for such similar Solutions and/or Services.
However, Service Provider shall continue the performance of the Contract to the
extent not terminated.
iii. If the Contract is terminated under any termination clause, Service Provider shall
handover all documents/ executable/ Bank’s data or any other relevant information
to the Bank in a timely manner and in proper format as per the scope of this RFP
and shall also support the orderly transition to another vendor or to the Bank.
iv. During the transition, Service Provider shall also support the Bank on technical
queries/support on process implementation or in case of Software provision for
future upgrades.
v. The Bank’s right to terminate the Contract will be in addition to the penalties /
liquidated damages and other actions as specified in this RFP.
vi. In the event of failure of the Service Provider to render the Services or in the event
of termination of Agreement or expiry of the term or otherwise, without prejudice
to any other right, the Bank at its sole discretion may make alternate arrangements
for getting the Services contracted with another vendor. In such a case, the Bank
shall give prior notice to the existing Service Provider. The existing Service
Provider shall continue to provide services as per the terms of the Agreement until
a ‘New Service Provider’ completely takes over the work. During the transition
phase, the existing Service Provider shall render all reasonable assistance to the new
Service Provider within such period prescribed by the Bank, at no extra cost to the
Bank, for ensuring smooth switch over and continuity of services, provided where
transition services are required by the Bank or New Service Provider beyond the
term of this Agreement, reasons for which are not attributable to Service Provider,
payment shall be made to Service Provider for such additional period on the same
rates and payment terms as specified in this Agreement. If existing Service Provider
breaches this obligation, they shall be liable for paying a penalty of 10% of the total
Project Cost on demand to the Bank, which may be settled from the payment of
invoices or Bank Guarantee for the contracted period or by an invocation of Bank
Guarantee.
52. FORCE MAJEURE:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 47 of 329 Confidential & Proprietary
i. Notwithstanding the provisions of terms and conditions contained in this RFP,
neither party shall be liable for any delay in performing its obligations herein if and
to the extent that such delay is the result of an event of Force Majeure.
ii. For the purposes of this clause, 'Force Majeure' means and includes wars,
insurrections, revolution, civil disturbance, riots, terrorist acts, public strikes, hartal,
bundh, fires, floods, epidemic, quarantine restrictions, freight embargoes, declared
general strikes in relevant industries, Vis Major, acts of Government in their
sovereign capacity, impeding the reasonable performance of Service Provider
and/or Sub-Contractor but does not include any foreseeable events, commercial
considerations or those involving fault or negligence on the part of the party
claiming Force Majeure.
iii. If a Force Majeure situation arises, Service Provider shall promptly notify the Bank
in writing of such condition and the cause thereof. Unless otherwise directed by the
Bank in writing, Service Provider shall continue to perform its obligations under
the Contract as far as is reasonably practical and shall seek all reasonable alternative
means for performance not prevented by the Force Majeure event.
iv. If the Force Majeure situation continues beyond 30 (thirty) days, either party shall
have the right to terminate the Agreement by giving notice to the other party.
Neither party shall have any penal liability to the other in respect of the termination
of the Agreement as a result of an event of Force Majeure. However, Service
Provider shall be entitled to receive payments for all services actually rendered up
to the date of the termination of the Agreement.
53. TERMINATION FOR INSOLVENCY:
The Bank may, at any time, terminate the Contract by giving written notice to
Service Provider, if Service Provider becomes Bankrupt or insolvent or any
application for bankruptcy, insolvency or winding up has been filed against it by
any person. In this event, the termination will be without compensation to Service
Provider, provided that such termination will not prejudice or affect any right of
action or remedy, which has accrued or will accrue thereafter to the Bank.
54. TERMINATION FOR CONVENIENCE:
i. The Bank, by written notice of not less than 90 (ninety) days, may terminate the
Contract, in whole or in part, for its convenience, provided same shall not be
invoked by the Bank before completion of half of the total Contract period
(including the notice period).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 48 of 329 Confidential & Proprietary
ii. In the event of termination of the Agreement for the Bank’s convenience, Service
Provider shall be entitled to receive payment for the Services rendered (delivered)
up to the effective date of termination.
55. DISPUTES / ARBITRATION (APPLICABLE IN CASE OF SUCCESSFUL
BIDDER ONLY):
i. All disputes or differences whatsoever arising between the parties out of or in
connection with the Contract (including dispute concerning interpretation) or in
discharge of any obligation arising out of the Contract (whether during the progress
of work or after completion of such work and whether before or after the termination
of the Contract, abandonment or breach of the Contract), shall be settled amicably.
If however, the parties are not able to solve them amicably within 30 (thirty) days
after dispute occurs as evidenced through the first written communication from any
Party notifying the other regarding the disputes, either party (SBI or Service
Provider), give written notice to other party clearly setting out there in specific
dispute(s) and/or difference(s) and shall be referred to a sole arbitrator mutually
agreed upon, and the award made in pursuance thereof shall be binding on the
parties. In the absence of consensus about the single arbitrator, the dispute may be
referred to an arbitration panel; one to be nominated by each party and the said
arbitrators shall nominate a presiding arbitrator, before commencing the arbitration
proceedings. The arbitration shall be settled in accordance with the applicable
Indian Laws and arbitration proceeding shall be conducted in accordance with
Arbitration and Conciliation Act 1996 and any amendment thereto. Any appeal will
be subject to the exclusive jurisdiction of courts at Mumbai.
ii. Service Provider shall continue work under the Contract during the arbitration
proceedings unless otherwise directed by the Bank or unless the matter is such that
the work cannot possibly be continued until the decision of the arbitrator is
obtained.
iii. Arbitration proceeding shall be held at Mumbai, India, and the language of the
arbitration proceedings and that of all documents and communications between the
parties shall be in English.
56. GOVERNING LANGUAGE:
The governing language shall be English.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 49 of 329 Confidential & Proprietary
57. APPLICABLE LAW:
The Contract shall be interpreted in accordance with the laws of the Union of India
and shall be subjected to the exclusive jurisdiction of courts at Mumbai.
58. TAXES AND DUTIES:
i. Service Provider shall be liable to pay all corporate taxes and income tax that shall
be levied according to the laws and regulations applicable from time to time in India
and the price Bid by Service Provider shall include all such taxes in the quoted price.
ii. Prices quoted should be exclusive of all Central / State Government taxes/duties
and levies but inclusive of all corporate taxes and Custom duty as also cost of
incidental services such as transportation, road permits, insurance etc. The quoted
prices and taxes/duties and statutory levies such as GST etc. should be specified in
the separate sheet (Appendix-F).
iii. Custom duty as also cost of incidental services such as transportation, road permits,
insurance, etc. in connection with the delivery of products at the site including any
incidental services and commissioning, if any, which may be levied, shall be borne
by Service Provider and the Bank shall not be liable for the same. Only specified
taxes/ levies and duties in the Appendix-F will be payable by the Bank on actuals
upon production of the original receipt wherever required. If any specified taxes/
levies and duties in Appendix-F are replaced by the new legislation of Government,
the same shall be borne by the Bank. The Bank shall not be liable for payment of
those Central / State Government taxes, levies, duties or any tax/ duties imposed by
local bodies/ authorities, which are not specified by the Bidder in Appendix-F
iv. Prices payable to Service Provider as stated in the Contract shall be firm and not
subject to adjustment during the performance of the Contract, irrespective of
reasons whatsoever, including exchange rate fluctuations, any upward revision in
Custom duty.
v. Income / Corporate Taxes in India: The Bidder shall be liable to pay all corporate
taxes and income tax that shall be levied according to the laws and regulations
applicable from time to time in India and the price Bid by the Bidder shall include
all such taxes in the contract price.
vi. All expenses, stamp duty, and other charges/ expenses in connection with the
execution of the Agreement as a result of this RFP process shall be borne by Service
Provider. The Agreement/ Contract would be stamped as per Maharashtra Stamp
Act, 1958 and any amendment thereto.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 50 of 329 Confidential & Proprietary
59. TAX DEDUCTION AT SOURCE:
i. Wherever the laws and regulations require deduction of such taxes at the source of
payment, the Bank shall effect such deductions from the payment due to Service
Provider. The remittance of amounts so deducted and issuance of a certificate for
such deductions shall be made by the Bank as per the laws and regulations for the
time being in force. Nothing in the Contract shall relieve Service Provider from his
responsibility to pay any tax that may be levied in India on income and profits made
by Service Provider in respect of this Contract.
ii. Service Provider’s staff, personnel and labour will be liable to pay personal income
taxes in India in respect of such of their salaries and wages as are chargeable under
the laws and regulations for the time being in force, and Service Provider shall
perform such duties in regard to such deductions thereof as may be imposed on him
by such laws and regulations.
60. TENDER FEE:
Non-refundable Tender Fee should be directly credited to the designated account as
mentioned in Schedule of Events. Proof of remittance of Tender Fee in the
designated account should be enclosed with the technical bid. The Bids without
tender fee will not be considered valid.
61. EXEMPTION OF EMD AND TENDER FEE:
Micro & Small Enterprises (MSE) units and Start-ups* are exempted from payment
of EMD and tender fee provided the products and/or services they are offering, are
manufactured and/or services rendered by them. Exemption as stated above is not
applicable for selling products and/or services, manufactured/ rendered by other
companies.
Bidder should submit supporting documents issued by competent Govt. bodies to
become eligible for the above exemption.
Bidders may please note:
i. NSIC certificate/ Udyog Aadhar Memorandum should cover the items tendered to
get EMD/tender fee exemptions. Certificate/ Memorandum should be valid as on
due date / extended due date for Bid submission.
ii. “Start-up” company should enclose the valid Certificate of Recognition issued by
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 51 of 329 Confidential & Proprietary
the Department for Promotion of Industry and Internal Trade (DPIIT), (erstwhile
Department of Industrial Policy and Promotion), Ministry of Commerce & Industry,
Govt. of India with the technical bid.
iii. *Start-ups that are not under the category of MSE shall not be eligible for exemption
of tender fee.
iv. The bidder who solely on its own, fulfills each eligibility criteria condition as per
the RFP terms and conditions and who are having MSE or Start-up company status,
can claim an exemption for EMD/ tender fee.
v. If all these conditions are not fulfilled or supporting documents are not submitted
with the technical Bid, then all those Bids without tender fees /EMD will be
summarily rejected and no queries will be entertained.
62. NOTICES:
Any notice given by one party to the other pursuant to this Contract shall be sent to
other party in writing or by Fax and confirmed in writing to other Party’s address.
The notice shall be effective when delivered or on the notice’s effective date
whichever is later.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 52 of 329 Confidential & Proprietary
Part-II
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 53 of 329 Confidential & Proprietary
Appendix-A
BID FORM (TECHNICAL BID)
[On Company’s letter head]
(To be included in Technical Bid Folder)
Date: ______________
To:
DEPUTY GENERAL MANAGER,
NETWORKING & COMMUNICATION DEPARTMENT,
GLOBAL IT CENTRE, GITC,
SECTOR -11, CBD BELAPUR,
NAVI MUMBAI – 400614
Dear Sir,
Ref: SBI/GITC/NW&C/20-21/706 Dated 18.08.2020
Engagement of Network Integrator and Setting up of Next Gen Network Operations
Centers (NOCs)
We have examined the above RFP, the receipt of which is hereby duly acknowledged and
subsequent pre-bid clarifications/modifications/revisions if any, furnished by the Bank and
we offer to provide NI (Network Integrator) Services, Setting up of Next Gen Network
Operations Centres and to Design, Supply, Delivery, Implementation, Commission &
Management of desired Solutions as detailed in this RFP. We shall abide by the terms
and conditions spelled out in the RFP. We shall participate and submit the commercial Bid
through online auction to be conducted by the M/s E-Procurement Technologies Ltd, on
the date advised to us.
i. While submitting this Bid, we certify that:
▪ The undersigned is authorized to sign on behalf of the Bidder and the necessary
support document delegating this authority is enclosed to this letter.
▪ We declare that we are not in contravention of conflict of interest obligation
mentioned in this RFP.
▪ Indicative prices submitted by us have been arrived at without agreement with any
other Bidder of this RFP for the purpose of restricting competition.
▪ The indicative prices submitted by us have not been disclosed and will not be
disclosed to any other Bidder responding to this RFP.
▪ We have not induced or attempted to induce any other Bidder to submit or not to
submit a Bid for restricting competition.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 54 of 329 Confidential & Proprietary
▪ We have quoted for all the products/services mentioned in this RFP in our indicative
price Bid.
▪ The rate quoted in the indicative price Bids are as per the RFP and subsequent pre-
Bid clarifications/ modifications/ revisions furnished by the Bank, without any
exception.
▪ The product costs mentioned in the price bid include all the implementation-related
costs including but not limited to installation, integration, customization, testing,
operationalization, UAT, closure of vulnerabilities in various security reviews &
audits, etc.
▪ The Indicative commercial bid includes prices for personnel resources (onsite and
backend), cost of development of processes & methodologies, tools used,
deliverables as per Bank’s requirements, and other terms and conditions of the RFP.
▪ All components required for each technology Solution should be provided. If any
such item is left out and if it is found necessary at any stage, the bidder shall procure
it at their own cost.
▪ The Bank reserves the right to procure or not to procure any or all items, including
upgrades depending on the Bank’s requirements. All components of the NGNOC
must be separately given and not bundled.
▪ The warranty period of three years of each item procured shall start from the date
of product go live as mentioned in RFP or 3 months from the date of complete
delivery of BOM in all respect, whichever is earlier, provided such delay is
attributable to the Bank.
▪ The Bank reserves the right to enter into AMC for part or full project/items. The
Bank may avail AMC / ATS even after Contract period of the project duration. Such
an AMC rate for Hardware shall be 10% p.a. of the cost of Hardware / Appliances
and for Software shall be 15% p.a. of the cost for Software & Customized
Applications.
▪ The Contract Cost and Contract Cost granular breakup totals should work out to the
same annual/total cost of the contract
▪ The bidder should maintain the same ratio of cost as indicated in the indicative
commercial bid. The per-branch / per item cost will be worked out after the price
discovery and the payment will be made for the actual number of branches/items.
▪ The bidder should quote the prices exclusive of all taxes.
ii. We undertake that, in competing for (and, if the award is made to us, in executing) the
above contract, we will strictly observe the laws against fraud and corruption in force in
India namely “Prevention of Corruption Act 1988”.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 55 of 329 Confidential & Proprietary
iii. We undertake that we will not offer, directly or through intermediaries, any bribe, gift,
consideration, reward, favor, any material or immaterial benefit or another advantage,
commission, fees, brokerage or inducement to any official of the Bank, connected directly or
indirectly with the bidding process, or to any person, organization or third party related to the
contract in exchange for any advantage in the bidding, evaluation, contracting and
implementation of the contract.
iv. We undertake that we will not resort to canvassing with any official of the Bank, connected
directly or indirectly with the bidding process to derive any undue advantage. We also
understand that any violation in this regard will result in the disqualification of bidders
from the further bidding process.
v. It is further certified that the contents of our Bid are factually correct. We have not sought
any deviation from the terms and conditions of the RFP. We also accept that in the event
of any information/data/particulars proving to be incorrect, the Bank will have the right
to disqualify us from the RFP without prejudice to any other rights available to the Bank.
vi. We certify that while submitting our Bid document, we have not made any changes in the
contents of the RFP document, read with its amendments/clarifications provided by the
Bank.
vii. We agree to abide by all the RFP terms and conditions, contents of Service Level
Agreement as per template available at Appendix-K of this RFP, and the rates quoted
therein for the orders awarded by the Bank up to the period prescribed in the RFP, which
shall remain binding upon us.
viii. On acceptance of our technical bid, we undertake to participate in Reverse Auction by
way of login in Reverse auction tool. In case of declaration as a successful Vendor on
completion of the Reverse Auction process, we undertake to complete the formalities as
specified in this RFP.
ix. The commercial bidding process will be through the Reverse Auction process to be
conducted by the M/s E-Procurement Technologies Ltd. We understand that our
authorized representative who would participate in the reverse auction process would be
possessing a valid digital certificate for the purpose.
x. Till execution of a formal contract, the RFP, along with the Bank’s notification of award
by way of issuance of the purchase order and our acceptance thereof, would be a binding
contractual obligation on the Bank and us.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 56 of 329 Confidential & Proprietary
xi. We understand that you are not bound to accept the lowest or any Bid you may receive
and you may reject all or any Bid without assigning any reason or giving any explanation
whatsoever.
xii. We hereby certify that neither we nor any of our sister concern company is under the
debarment/blacklist period for breach of contract/fraud/corrupt practices by any
Scheduled Commercial Bank/ Public Sector Undertaking / State or Central Government
or their agencies/ departments or any Law Enforcement Authority for breach of any
Regulations or Laws on the date of online submission of the bid for this RFP.
xiii. We hereby certify that we (participating in RFP as OEM)/ our OEM have a support center
and level 3 escalation (highest) located in India.
xiv. We hereby certify that on the date of online submission of Bid, we do not have any
Service Level Agreement pending to be signed with the Bank for more than 6 months
from the date of the issue of the purchase order.
xv. We hereby certify that we have read the clauses contained in O.M. No. 6/18/2019-PPD,
dated 23.07.2020 order (Public Procurement No. 1), order (Public Procurement No. 2)
dated 23.07.2020 and order (Public Procurement No. 3) dated 24.07.2020 regarding
restrictions on procurement from a bidder of a country which shares a land border with
India. We further certify that we are not from such a country or if from a country, has
been registered with competent authority. We certify that we fulfil all the requirements
in this regard and is eligible to participate in this RFP
xvi. We hereby certify that neither we nor any of our sister concern company serves as any of
the following – (a) Service/System Integrator for the Bank’s Security Operations Centre
(SOC), and (b) Information Systems Security Partners (ISSPs) empanelled with SBI.
xvii. If our Bid is accepted, we undertake to enter into and execute at our cost, when called
upon by the Bank to do so, a contract in the prescribed form and we shall be solely
responsible for the due performance of the contract.
xviii. We, further, hereby undertake and agree to abide by all the terms and conditions
stipulated by the Bank in the RFP document.
Dated this ....... day of ............................ 2020
______________________________________________________________
(Signature) (Name)
(In the capacity of)
Duly authorised to sign Bid for and on behalf of
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 57 of 329 Confidential & Proprietary
______________________________________
Seal of the company.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 58 of 329 Confidential & Proprietary
Appendix-B
Bidder’s Eligibility Criteria
Bidders meeting the following criteria are eligible to submit their Bids along with
supporting documents. If the Bid is not accompanied by all the required documents
supporting eligibility criteria, the same would be rejected:
S.
No. Eligibility Criteria
Compliance
(Yes/No) Documents to be submitted
1.
The Bidder must be an Indian
firm/company/ organization
registered under the Companies Act
2013 and should be in existence for
more than 3 years in India.
Copy of the Partnership deed / Bye-
Law / Certificate of Incorporation
issued by Registrar of Companies
and full address of the registered
office along with Memorandum &
Articles of Association/ Partnership
Deed.
2.
The Bidder must comply with the
requirements contained in O.M. No.
6/18/2019-PPD, dated 23.07.2020
order (Public Procurement No. 1),
order (Public Procurement No. 2)
dated 23.07.2020 and order (Public
Procurement No. 3) dated 24.07.2020
Bidder should specifically certify in
Appendix A in this regard and
provide copy of registration
certificate issued by competent
authority wherever applicable.
3.
The Bidder must have a minimum
annual IT turnover of Rs.300 crore in
each of the last three financial years
(FY 2017-18, 2018-19, 2019-20)
Copy of the audited Balance Sheet
and P&L statement of the bidder for
the last three financial years: 2017-
18, 2018-19, 2019-20 and certificate
from Chartered Accountant.
4.
Bidder should have experience of
minimum 5 years in providing the
Network Management & Support
Services.
Copy of the order and / or
Certificate of completion of the
work. The Bidder should also
furnish the user acceptance report.
5.
Client references and contact details
(email/ landline/ mobile) of
customers for whom the Bidder has
executed Network Management &
Support Services in India.
(Start and End Date of the Project to
be mentioned) in the past (At least 3
client references are required)
Bidder should specifically confirm
on their letterhead in this regard as
per Appendix-N
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 59 of 329 Confidential & Proprietary
6.
Bidder should be a profitable
organization based on Profit Before
Tax (PBT) for at least two out of three
financial years (2017-18, 2018-19,
2019-20).
Copy of the audited Balance Sheet
and P&L statement of the bidder for
the last three financial years: 2017-
18, 2018-19, 2019-20 and certificate
from Chartered Accountant.
7.
Past/present litigations, disputes, if
any (Adverse litigations could result
in disqualification, at the sole
discretion of the Bank)
Brief details of litigations, disputes,
if any are to be given on the
Company’s letterhead.
8.
Bidders or any of its sister concern
company should not be under the
debarment/blacklist period for breach
of contract/fraud/corrupt practices by
any Scheduled Commercial Bank/
Public Sector Undertaking / State or
Central Government or their
agencies/ departments or any Law
Enforcement Authority for breach of
any Regulations or Laws on the date
of submission of the bid for this RFP.
Bidder should specifically certify in
Appendix A in this regard.
9.
The bidder, if participating as
Channel Partner of any OEM, then
OEM should have a support centre
and level 3 escalation (highest)
located in India.
For OEMs, directly participating, the
conditions mentioned above for the
support centre remain applicable.
Bidder should specifically certify in
Appendix A in this regard.
10.
The Bidder should not have any
Service Level Agreement pending to
be signed with the Bank for more than
6 months from the date of issue of the
purchase order.
Bidder should specifically certify in
Appendix A in this regard.
11.
The Bidder does not appear in any
“Caution” list of RBI / IBA or any
other regulatory body for outsourcing
activity on the date of submission of
the bid for this RFP.
Bidder should specifically certify in
Appendix A in this regard.
12.
To avoid conflict of interest the
bidder or sister concern company
should not be any of the following –
Bidder should specifically certify in
Appendix A in this regard.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 60 of 329 Confidential & Proprietary
a. Service/System Integrator for the
Bank’s Security Operations Centre
(SOC)
b. Information Systems Security
Partners (ISSPs) empanelled with
SBI.
13.
Bidder should have experience in
Implementing Network Operations
Centre (NOC) for at least one of their
clients in the last 5 years. The NOC
implemented shall be capable of
monitoring & managing at least
5,000 remote network devices
(such as routers, switches, etc.) per
project.
Deployment certificate issued by
client to bidder / OEM / Verifiable
proof – attach copy obtained from
each such client.
14.
The Bidder should have experience
in Maintaining Network Operations
Centre (NOC) for at least one of their
clients in the last 5 years for
managing and monitoring their
network consisting of at least 15,000
remote network devices (such as
routers, switches, etc.) per project.
The minimum maintenance period
shall be 6 months continuously.
Deployment certificate issued by
client to bidder / OEM / Verifiable
proof – attach copy obtained from
each such client.
15.
The NOC tools (i.e. Network
Management, Monitoring &
Operations tools) proposed by the
Bidder (for installation in the Bank’s
NOC) should have been deployed in
at least 3 organization’s NOC in
BFSI sector.
Certificate from the OEM on the
OEM’s letterhead certifying the
criteria specified, along with the
mention of the name and contact
details of the client. The certificate
has to be arranged by the Bidder.
16.
The OEM of the Log Management
Solution (LMS), as per the definition
provided in Appendix-C, proposed
by the Bidder should have a client
with at least 100 network devices
(deployed in DC) integrated with the
LMS including at least 5
firewalls/IPS in HA for log
collection.
Certificate from the OEM on the
OEM’s letterhead certifying the
criteria specified, along with the
mention of the name and contact
details of the client. The certificate
has to be arranged by the Bidder.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 61 of 329 Confidential & Proprietary
17.
The Bidder should have
implemented the LMS (as per the
definition provided in Appendix-C)
in the last 5 years for at least 1 client.
Only those references shall be
considered which are running
successfully for at least 2 years.
Certificate from the referenced
client on the Client’s letterhead
certifying the fulfillment of the
criteria
18.
The Bidder must have management
experience of a minimum of 2 years
for the following two solutions:
a. Network Access Control (NAC)
b. Centralized Internet Proxy
Solution
Certificate from the referenced
client on the Client’s letterhead
certifying the fulfillment of the
criteria
Documentary evidence must be furnished against each of the above criteria along with an index.
All documents must be signed by the authorized signatory of the Bidder. Relevant portions, in
the documents submitted in pursuance of eligibility criteria, should be highlighted.
Eligibility criteria mentioned at Sl No 2 to 5 in the table above are relaxed for Start-ups
subject to their meeting of quality and technical specifications. Bidder to note the
followings:
i. “Start-up” company should enclose the valid Certificate of Recognition issued by the
Department for Promotion of Industry and Internal Trade (DPIIT), (erstwhile
Department of Industrial Policy and Promotion), Ministry of Commerce & Industry,
Govt. of India with the technical bid.
ii. The bidder who solely on its own, fulfills each eligibility criteria condition as per the
RFP terms and conditions and who are having Start-up company status, can claim an
exemption for eligibility criteria mentioned at Sl No 2 to 5 in the table above.
iii. If all these conditions are not fulfilled or supporting documents are not submitted with
the technical Bid, then all those Bids will be summarily rejected, and no queries will
be entertained.
Name & Signature of authorised signatory
Seal of Company
Date:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 62 of 329 Confidential & Proprietary
Appendix-C
Technical & Functional Specifications
1. All specifications provided in this Appendix are mandatory. Non-compliance with
any of the specifications will render the Bidder disqualified.
2. All customizations and integrations required shall be completed by the Bidder
through respective OEMs within 6 months from the date of issuance of the Purchase
Order.
3. Compliance with all the specifications mentioned in this Appendix must be
supported by relevant and verifiable documents. All such supporting documents
must be submitted along with the technical bid.
New Solution-1: Log Management Solution (LMS)
S.
No
.
Minimum Technical/Functional
Specifications
Compli
ance
(Y/N)
Available
as part of
the solution
(Y/N)
Marks in
score
chart: 3
marks
Provided
as 3rd
Party
Sol*
(Y/N)
Marks in
score
chart: 2
marks
Customizat
ion
require*
(Y/N)
Marks in
score
chart: 1
mark
Definition:
A Log Management Solution (LMS)
is a Software system that aggregates
and stores log files from multiple
network endpoints and systems into a
single location. LMS applications are
used to centralize all of the log data
from disparate systems into a single
place where they can be viewed and
correlated by an IT security analyst.
Broadly, the LMS shall have the
following capabilities & features:
1. Log Collection
• Log collection needs to be
non-intrusive (i.e. collection
of logs without requiring any
special change in application/
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 63 of 329 Confidential & Proprietary
Software running on the
device under reference).
• Logs need to be collected
from a diverse set of devices,
servers, and applications
available in the network.
• The Solution should not
require the use of agents on
the monitored assets, except
if the asset being monitored
does not provide any means
of native log shipping.
2.Secure Log Storage
• The log data needs to be
stored in an archive for
forensic analysis and
regulatory compliance
requirements.
• The log data storage should
be secure (i.e. encrypted) and
tamper-proof
• The retention duration should
be flexible
• The storage location, media
also should be flexible (read-
only media, mass storage
system, etc.)
3. Log Normalization
The logs from heterogeneous sources
should be normalized to have a
common format facilitating analysis
and correlation
4. Log Analysis
• The logs need to be analysed
to get a full picture of the
network security events
• The logs correlation across
multiple devices
5. Report and Alert Generation
• There should be
customizable, custom, and
scheduled reports in different
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 64 of 329 Confidential & Proprietary
formats and should be
distributable.
• The alerts should be notified
in real-time. There should be
more notification
mechanisms and even other
programs should be executed
to carry out remedial
measures.
Detailed requirements have been
defined below.
A General
1
The proposed LMS must be a
purpose-built hardware Appliance.
For any additional hardware, OS,
Database and storage, and any other
license to support the Solution
including scalability, the bidder
should factor them with no additional
cost to the Bank (other than quoted in
the RA).
2
The LMS should be on-premises and
appliance-based having a Hardened
Operating System with a clear
physical separation of the collection
engine, the logging engine, and the
co-relation engine. The Solution
should have a scalable architecture,
catering to multi-tier support, and
distributed deployments. The
collection engine should be available
in all DCs and the rest of the
components are to be deployed in two
DCs (either in active-active or active-
passive mode depending on the
Bank’s decision).
3
The Solution should offer Single
Global View of all the log data
received from devices deployed
across sites/geographies
4
The Solution should be deployed to
collect and correlate data from
multiple and heterogeneous devices
spread across the Bank’s network.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 65 of 329 Confidential & Proprietary
5
The Solution shall provide both
agent-based and agent-less
architecture to collect the security
logs across various hardware &
software resources and assets running
various operating systems. During the
contract period, if a new OS is
introduced, the agent should support
the same for achieving the objective
specified above, at no extra cost to the
Bank.
6
The Solution should not require the
use of agents on the monitored assets,
except if the asset being monitored
does not provide any means of native
log shipping. The installation of the
agent on all applicable devices shall
be the responsibility of the selected
Bidder.
7
The Solution should be able to handle
up to 60,000 Sustained EPS. The
proposed Solution should take into
account upgrades of hardware,
software, licenses as applicable over
the contract period at no additional
cost to the Bank. The Solution should
be scalable up to 1,00,000 Sustained
EPS during the currency of the
contract period.
8
The Solution should support the
collection of logs from at least 1 Lakh
devices from day one and should be
scalable to support a maximum of 2
Lakh devices (data sources) during
the contract period.
9
The Solution should be able to
perform single-site & multi-site
correlation across the Network.
10
For assets not natively supported, the
Solution should provide the collection
of events through customization of
connectors or similar integration.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 66 of 329 Confidential & Proprietary
11
The Solution must supply API and
graphical tools for creating new
connectors or similar parsing
solution. The Solution should
provide ease of use of regular
expression based ability to create
custom parsers.
12
The Solution receiver or log
collection component must store the
data locally if communication with
centralized correlators is unavailable.
The minimum holding period shall be
of 72 hours.
13
The Solution should provide the
capacity to maintain the Normalized
logs online for six months. Further,
logs should be kept in an archive for
the entire duration of the contract. The
Solution should have the facility to
retrieve the archive logs as and when
required by the Bank without
degrading the performance.
Note: Average Event Size considered
is 500 Bytes per Event.
14
Must allow correlating events and
alerts to existing data in lists
(watchlist), also allows the creation of
new and editing existing lists, both as
an automated and manual mode. Must
allow the creation of static or dynamic
Lists.
15
The Solution should support
integration with RADIUS,
TACACS+, Active Directory, and
other similar external servers for
performing AAA functionalities.
16
The solution should provide a single
pane of glass to manage all the LMS
components and view for all events
and incidents across the organization
and should provide Real-Time
Analysis and Reporting.
17
The Solution should be capable of
retrieving the archived logs for
analysis, correlation, reporting, and
forensic purposes.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 67 of 329 Confidential & Proprietary
18
The Solution should be able to collect
data from new devices added into the
environment, without any disruption
to the ongoing data collection.
19
The solution shall have the following
provisions for log storage:
(a) Raw Logs: On Log Collectors
(for 72 hours) and Archival
Servers (for the entire
duration of the contract)
(b) Normalized Logs: On Log
Manager (online for 6 months
at any given point of time)
20
The Solution's log receiver/collector
component should be able to work in
high availability (HA) mode.
21
The Solution should be able to ingest
Indicators of Compromise (IoCs) to
compare with log data stored on them
and generate alerts in case of a match
with the bad entities (e.g., IP
addresses, domains, URLs, file
hashes) that could be signs of an
attacker or breach activity in the
Bank's network.
22
The Solution should be licensed based
on the EPS count (and not licensed by
the number of users, device types,
and/or the number of network or end
systems devices that are subject to
logging).
23
The Solution should have
comprehensive coverage of various
local & global regulatory &
compliance mandates out of the box
at no extra cost particularly relevant
to the BFSI sector. For example,
PCI, ISO27000 & others
24
The proposed Solution should have
the facility for retrieval of logs in a
fast manner without impacting (like
device hang, high CPU and Memory
utilization, console access
termination, etc.).
25 Intercommunication between
different components of LMS should
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 68 of 329 Confidential & Proprietary
happen as per the Bank's security
policy.
26
The Solution should have the
flexibility to define a set of rules for
analyzing the incident/ events.
27
The Solution should support the
clustering of the management server
to support linear scaling, increased
throughput & to ensure data
integrity.
28 The Solution shall be integrated with
the Bank's SIEM solutions.
B Log Collection & Management
29
The Solution shall be integrated with
the existing Firewalls, IPS, Servers,
Gateways routers, switches, etc.
30
The Solution architecture shall factor
for log collection and storage at
intermediate points to optimize the
use of system and network resource
31
The Log Management & Analytic
Solution should be able to collect logs
via several ways including SYSLOG,
OPSec, WMI, SDEE (Security
Device Event Exchange), Calls to
MS-SQL Systems via ODBC, FTP,
SCP (Secure Copy Protocol), SNARE
(System intrusion Analysis and
Reporting Environment), Adiscon,
etc.
32
The Solution should provide the
capability to integrate with an
external storage solution (to be
arranged by the bidder) to store events
for historical reporting and analysis.
33
The Solution should provide a data
aggregation technique to summarize
and reduce the number of events
stored in the master database.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 69 of 329 Confidential & Proprietary
34
The Solution should have the
capability to audit any tampering of
collected log.
35
The Solution should have the
capability such that the data collected
from the receiver or the log collector
can be forwarded to its own storage
component of the Solution and
external SIEM Solution of the Bank,
in a secure manner (encryption).
36
The proposed Solution should
provide a minimum log compression
of 75% for ensuring log compression
to reduce overall log storage space for
the raw log format.
37
The Solution must be able to
compress data available on or off the
system for archiving purposes for
ensuring efficient consumption of
storage space.
38
The Solution should support flexible
and reliable distributed & centralized
log collection & processing
architecture. It should minimize the
consumption of bandwidth to the
extent possible.
39
The Solution must be fault-tolerant
(ability to continue logging/alerting in
the event of failure of a few Solution
components).
40
The Solution architecture should be
implemented in such a manner that
there shall be no loss of data/logs
during the execution of maintenance
activities and failure of one or more
Solution components and other
similar reasons (like DR drills etc.)
41
The Solution must be flexible,
configurable, and provide automatic
learning of data sources, collect &
store event logs.
42
The Solution must have a toolkit & /or
interfaces to allow for creation
/integration with unsupported legacy
or custom event sources.
43 The Solution must provide support for
various methods that can be used to
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 70 of 329 Confidential & Proprietary
alert concerned officials about
important and critical events (e.g.,
SMTP, SNMP, SMS, etc.)
44
The Solution must be customizable
allowing integration and automation
with other solutions such as IPS,
SIEM, Ticketing Systems,
Automation & Orchestration, & other
3rd party products & relevant
technologies.
45
The Solution must allow for rule-
based & risk-based rules to detect
specific conditions/events.
46
The Solution should create Alerts/
notifications in several ways, i.e. from
the dashboards, configuration
settings, or when one or more number
of events occurs with configurable
conditions, thresholds being
met/exceeded and more.
47
The Solution should be able to
support the following actions based
on configurable condition defined:
Log Event, Create a Case, Execute a
Script, Send Message, Generate
Reports, modify a watch list, Trigger
an automatic IPS block, etc.
48
The Solution should support the use
of open & scalable data bus
specifically built for high-volume
data processing.
49
The Solution should support the
forwarding of raw logs to multiple
destinations at the same time.
50
The Solution should support the
sending of raw logs to third party
products without sending them to
local log storage.
51
The Solution should have a diagnostic
tool to identify and fix/troubleshoot
various issues on log collection,
processing, parsing, data source,
retrieval of data, the performance of
the Solution and its various
components, etc.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 71 of 329 Confidential & Proprietary
52
The Solution must be flexible and
configurable to arrange & organize
logs based on various physical and
logical types of source devices
integrated with the solution.
53
The Solution must provide
discretionary access controls to view,
analyze, report, and alert on the event
data.
C Reporting
54
The Solution should provide
customizable and custom reports
templates.
55 The Solution should allow scheduling
of creation and distribution of reports
56
The Solution must provide fully
customizable queries and report
libraries to define reports and alert
combinations.
57
The Solution should support
automated scheduled archiving
functionality into the log storage
component of the solution.
58 The proposed Solution should
provide a segregated dashboard.
59
The proposed Solution should support
several different formats of the
reports including PDF, CSV, etc.
D Correlation
60
The Solution should provide both
rule-based and rule-less (RISK
SCORE BASED) correlations against
data collected from multiple devices
across the network.
61
The Solution should support real-time
threat intelligence from the OEM or
other trusted third party feed vendors.
62
The Solution should have pre-defined
correlation rules out of the box, to
provide correlation on the fly.
63
The Solution shall provide a user-
friendly graphical user interface to
create/edit/delete correlation rules.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 72 of 329 Confidential & Proprietary
64
The filtering options should support
Boolean operations including "OR,
"NOT" and "AND" logic operations.
65
The Solution must support the ability
to integrate with at least one cloud
intelligence system with information
from global risks and use the
information collected in this system in
the correlation of events.
66
The Solution should employ AI
(Artificial Intelligence) and ML
(Machine Learning) enabled tool
(either internal or external) that can
automatically parse and analyse all of
the network devices’ logs and learn
the baseline of the Bank’s network
environment, and generate alerts on
both previously known and unknown
issues.
67
The Solution should provide
flexibility to the Administrator for
controlling the replication and should
also perform incremental
synchronization between components
of the Solution deployed across
different locations.
New Solution-2: Network Performance Monitoring & Diagnostics (NPMD)
General Specification
Feasible
(Y/N)
Compliance
(Y/N) &
Supporting
Docs
Available
as part of
Solution
(Y/N)
Marks
in score
chart: 3
marks
Provide
d as 3rd
Party
Sol*
(Y/N)
Marks
in
score
chart:
2 mark
Cust.
Require
d*
(Y/N)
Marks
in
score
chart:
1 mark
Definition:
NPMD tools allow for IT operations to
understand the performance of
applications, the network and
infrastructure components via network
instrumentation. Additionally, these
tools provide insight into the quality of
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 73 of 329 Confidential & Proprietary
end user experience. The goal of NPMD
products is not only to monitor the
network components to facilitate outage
and degradation resolution, but also to
identify performance optimization
opportunities. This is conducted via
diagnostics, analytics and debugging
capabilities to complement additional
monitoring of today’s complex IT
environment.
1 Solution should be available on
on-premises
2
Solution should support capture
of application data flowing in the
Data Center network for analysis.
It should be a passive deployment
of the Solution without need for
any agents to be deployed on the
applications.
3
Solution should provide data
collection and intelligence to help
baseline performance, alert on
deviations and aid in root cause
analysis for performance issues
with applications, servers or
network.
4
Solution should support
scalability with an extremely
small footprint to provide long-
term historical trending with
trace-level diagnostics
5
Solution should provide complete
visibility into the Bank's entire
enterprise network, while
presenting integrated data from
multiple environments into a
common unified dashboard.
6
The Solution should provide
network path monitoring along
with latency between each hop.
7
Solution should provide alerting
view on Business dashboard in
with different colour (to indicate
severity) showing the EURT (End
User Response Time) metric for
Business applications
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 74 of 329 Confidential & Proprietary
8
The Business Critical Application
dashboard should clearly give the
detail metrics associated with
HIGH end user response time
which includes Server response
time, Network round Trip Time
and Data transfer time.
9
Solution Should also give
business critical network
dashboard to understand the
Traffic, latency and Bandwidth
utilization per
location/site/branches/application
10
Solution should propose
automated /manual baseline for
end user response time and
provide visual alert if any
deviation on baseline happens
11
Solution should capture packets
automatically, in case abnormal
values are observed on critical
servers. These packets are
presented for later analysis as
PCAP files, which can be
downloaded through the web
graphical interface at the
conversation level.
12
Solution should provide single
pane of glass for complete
network and application visibility
13
Solution should support easy
integration with other data
sources and monitoring tools
using Open APIs.
14
The Solution MUST include a
comprehensive logging capability
to log all the system events
15 Solution should support NTP, for
Time Synchronization
16
Solution should offer a 100%
Web-based user interface for
centralized monitoring,
configuration and reporting
purposes.
Network Performance Monitoring
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 75 of 329 Confidential & Proprietary
17
It should be able to
collect/capture Real time
NetFlow and other flow
technologies, such as sFlow,
jFlow, other flow variants
(Xflow), IPFIX and SNMP for
network monitoring and analysis.
Additionally, it should also
provide Deep Packet Inspection
(DPI) for packet analysis. It
should also be capable of using
packet-captured data into
analytics to identify and isolate
problem areas.
18
The Solution should, not only
capture and analyze packet data,
but also correlate the collated
traffic data from different
sources, and then produce it to the
user in a web-based interface for
monitoring and analysing
network traffics. It should
categorize traffic according to
elements like source or
destination IP address, port usage,
application type, and volume. It
should provide the visibility on
how traffic flows over a specific
network link or to servers or
applications.
19
The Solution should be able to
perform multiple concurrent
captures of jobs without
impacting the performance.
20
Network analyser Solution
should be capable of performing
Real-time packet capture, 24x7
network monitoring, advanced
protocol analysis, in-depth packet
decoding, and automatic expert
diagnosis. The Solution must
provide comprehensive high-
level view of entire network,
thereby giving quick insight to
resolve problems.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 76 of 329 Confidential & Proprietary
21
The Solution should must provide
flow and packet analysis of both
real-time and historic playback
data. It should be capable of
monitoring all conversations and
able to reconstruct packet stream.
22
The Solution should be capable of
capturing the performance
metrics such as, but not limited to:
A Packet loss, Retransmission rate,
Retransmission delay
B Round trip Timer
C Throughput, traffic volume
D Number of connections
E Data transfer time, server
response time
F Timeouts
G One way delay, jitter
H Loss bursts, reorder packet
I Packet delay variance
23
The Solution should be able to
provide complete visibility of
network activities, end user
experience, device status,
application and network
performance. It must also
provide summarized analysis,
breaking down application
response time into at least the
following components:
A Client and Server response
B Network bandwidth
C Network latency
D Network congestion
E Network protocol (e g TCP)
24
It should be able to provide
insight into network bandwidth
usage and traffic patterns with
real-time visibility about those
which are consuming network
bandwidth. It should be further
able to provide bandwidth use
usage by application/URL, details
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 77 of 329 Confidential & Proprietary
of protocols, IP addresses and
users
25
The Solution should provide
analytics to identify and narrow
down on issues to determine
whether end-user experience of
slowness in accessing of the
information is on account of
Network issue or end-user
machine issue or an Application
issue. It should be able to
calculate response times for all
relevant applications and
determine the impact on user
experience. The analytics should
reveal information to
troubleshoot slow network,
prolonged website response,
computational response of
ERP/CRM transactions and file
downloading, patch management
instances etc.
26
The Solution should be able to
detect and alert on network
congestion incidents with drill
down of it up to client, server,
application or user level to
identify the root cause of the
problem. It should be further able
to measure traffic by user or
application, identify bandwidth
hogs and provide information
about sites/URLs which are
consuming bandwidth. The
Solution must be able to identify
the root cause of the problem by
pinpointing on the entity.
27
The Solution should alert on the
abnormal behaviour like, whether
application traffic suddenly
increases, decreases, drops in
response time or disappears
completely etc.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 78 of 329 Confidential & Proprietary
28
It should provide analysis of
network traffic patterns over
months, days, or minutes by
drilling down
29
Suspicious hosts should be
identified and diagnosed enabling
user to pinpoint network
problems in seconds
30
Solution should be able to map
the traffic, IP address, and MAC
of each host on the network,
allowing for easy identification of
each host and the traffic in the
network. The Solution should
further be able to provide network
packet flow diagram to illustrate
network communication between
multiple application tiers
31
Should be able monitor QoS
performance on a per-class basis
and set up alerts based on severity
level for proactive notifications of
application issue
32
Should be able to capture, and
analyze VoIP and video calls.
33
The network visualization and
analytics should be able to
identify network optimization
issues and improve application
performance of voice, video, etc.
34
It should integrate with Active
Directory to enable reporting and
troubleshooting by user name
35 It must support both IPv4 and
IPv6 Protocols
36
The Solution must be able to cater
on Network Traffic Monitoring
and Forensics. It should be able
to furnish summarized Executive
Dashboard & detail Traffic
Analysis Dashboard which gives
comprehensive & customizable
view of network traffic on a
single pane, allowing us to spot
potential problems quickly with
top views of network traffic data.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 79 of 329 Confidential & Proprietary
It should give the root cause of
bandwidth issues with an intuitive
point-and-click interface. The
Solution should enable us to drill
down into any element’s traffic
using multiple views to get the
right perspective that will help to
investigate and isolate excessive
network bandwidth utilization
and unexpected application
traffic
37
The Solution must contain
reporting tool or feature thereby
providing both standard &
customizable reports for Network
Operations team, Executives, and
towards Capacity Planning. The
Solution must enable us to create
in-depth network traffic reports
with a few clicks, or schedule
automatic delivery on given
periodicity
(Weekly/Monthly/Yearly)
38
The visual analytics and reporting
should provide network traffic
and bandwidth usage by the
applications and users to identify
trouble areas and thereby improve
network performance
39
The Solution should provide AI
and ML capabilities to help in
preventing of Network problems
before they occur The Solution
should include unsupervised
learning module to gather real-
time network data and which
learns the behavior of devices,
applications, and users on the
network It should be capable to
bring together and correlate
network and application data to
predict anomaly and performance
issues
40
The vendor should build
minimum three use cases for
predictive analytics and machine
learning to:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 80 of 329 Confidential & Proprietary
A Predict Application bandwidth
usage
B Predict network and application
failure/performance issues
C Detect network anomalies like
unusual network access
41
The Solution should offer an
integrated alert viewer to look at
alerts generated based on real
time monitoring where thresholds
are exceeded for service
parameters.
42
Solution should offer ability to
filter alerts by baseline,
availability, threshold etc. and
support grouping by alert
type/device
43
Solution should support visibility
into east-west traffic in VMware
NSX environments for
application and user experience
service assurance
44
Solution should support
analyzing protocol-specific
details for DNS, LDAP, DHCP,
and RADIUS
45
Also Solution should allow to
create/define custom application
based on various parameter
including but not limited to IP
Address, Port Number etc.
46
Solution should support inbuilt
decryption of SSL/TLS traffic if
decryption keys are available
47
Solution should support multi-
segment analysis to troubleshoot
issues by capturing similar traffic
before and after each capture
points (firewall/load balancers
etc.) to understand packet loss or
latency
48
Solution shall display the status of
all SSL certificates being used
across the monitored network
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 81 of 329 Confidential & Proprietary
49
Solution should provide session
views of SSL/TLS certificates
approaching expiration dates, the
issuer of the certificate, the
hostnames of the servers to which
certificates were issued, and
whether the certificates are self-
signed
End-user monitoring using NPMD
50
Solution should monitor all the
business-critical applications
including standard and custom
applications and provide real-
time transaction level monitoring
51
Performance monitoring of all
application operations (web,
database, file sharing etc.)
52
All application errors are traced
and categorized based on their
origin and severity
53
Identify slowdowns, pinpoint
their origin and instantly
understand their scope (which
users for which transactions)
54
Solution should be able to sort
data by multiple criteria: number
of queries, individual response
codes, error statuses, processing
times, network data, transfer
times, etc.
55
Evaluate the impact of
deployments and migrations on
network resources and end-user
experience
56
Solution should be able to
monitor the application
transactions decoded in real time
57
Web applications
(HTTP/HTTPS), SQL databases
transactions (MS-SQL, Oracle,
MySQL, PostgreSQL), Name
resolution and other common
network services, Storage and file
transfer (CIFS, SMB v1, v2, v3)
and VoIP calls (RTP, SIP)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 82 of 329 Confidential & Proprietary
58
Solution should provide Web
transactions metrics like page Hit
response time, Page load time,
error counts, page count
59
Solution should provide search
function that allows users to
search for IP addresses, server
names, server aliases,
applications etc.
60
Solution should measure end-user
experience against Service Level
Agreements
61
Solution should offer a host
analysis to view performance for
a specific user.
62
Solution should be able to provide
full visibility into all the activities
from End Point to the Data center,
(To analyse user data in real-time
to identify and classify End-User
Network issues , detect struggles
and proactively predict and
influence next steps in their
digital journey).
63
The Solution should be able to
give full visibility of customer
experience across the digital
transactions from the frontend to
the backend including various
interfaces for the transactions.
64
The proposed Solution should be
able to monitor user journey
within a visit/session and tracing
it back to backend systems.
65
The Solution should be able to
monitor End-User device traffic
usage as well as network
performance.
66
The proposed Solution should
automatically discover and
monitor various Network Traffic
(like Web, Mail, client server,
remote access terminal services,
fileserver, Voice, Video,
collaboration, database, etc.)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 83 of 329 Confidential & Proprietary
67
The Solution should be capable of
performing prediction- based
anomaly detection to identify
unusual or unexpected events and
measurements within the
monitored environment.
68
The proposed Solution should
automatically baseline
metrics/KPIs in the monitored
environment. Any deviations to
this baseline should be
automatically alert can be raised
to the respective team.
69
The proposed Solution should be
able to integrate with ITSM tools
like BMC Remedy, Service Now,
etc.
70
The proposed Solution should be
able to provide online auto
analysis to identify which
component or tier is contributing
to slowness of the monitored
transaction.
71
It should have capability to
monitor network interfaces, like
N/W bandwidth, etc.
72
It should support traffic analysis
all major Network Protocol like
http, https, NTP,
AD/LDAP,SecurePOP3, Secure
SMTP, DNS, DHCP, FTP,
SFTP,SMB v1,v2,
SNMPv1,v2,v3 Voice SIP,H232,
RTSP, ICMP, Remote Desktop:
Microsoft Remote Desktop,
Citrix ICA, Middle ware &
Database: MQ(Message Queue),
Oracle Db, MS SQL, Syslog,
SNMP, OSPF, BGP
73
Provide Dependency topology in
the data center for critical
Network & Application tire.
74
Solution should have capability to
monitor Network Traffic within
the Virtual Infrastructure or at OS
level
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 84 of 329 Confidential & Proprietary
75
Solution should be capable of
decrypting SSL& TLS traffic
with provided Certificates &
Private Keys
76
The Solution should consider
relevant log messages that are
associated with problems for
root-cause analysis
77
The Solution should have
advanced analytics capability to
ensure predictability
78
The authentication process
should support Active Directory
and LDAP
79
The proposed Solution must be
able to integrate with the various
tools of the Bank, including
ITSM.
80
The proposed Solution should
monitor 24X7 transactions right
from web server to back end
systems without causing
application performance
overhead (Max. resource
utilization should not exceed 5%)
and without missing out
transactions which breach
normalcy
81
The Solution must have an early
warning system mechanism.
During peak hours or month ends
or while running campaigns, the
Solution should auto-detect
problems before they can impact
the customers. The Solution must
be capable of identifying
performance issues and prioritize
it, to indicate the severity of the
problem (business impact of the
problem) and its impact on the
user experience
82
The proposed Solution should
have an Analytical capability for
assisting in identifying the root
cause through multitude of
dashboards and reports. (The
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 85 of 329 Confidential & Proprietary
proposed Solution should
simplify the operations
monitoring process significantly
by narrowing down to the correct
team to address the problem. e.g.
network, application, server,
middleware or database teams.
The objective is to reduce Mean
Time to Identify (MTTI) and
Mean Time to Resolve (MTTR)
83 The Solution should be able to
monitor itself
84
Proposed Solution should be able
to measure count and response
time for every network
transaction captured in the data
center.
85
The Solution should be able to
automatically detect and alert on
unexpected low or high traffic
problem
86
The proposed Solution should
support integration Bank's Email,
Bank's SMS Gateway
87
The Solution should allow to test
new features by running periodic
synthetic transactions on the
target within the Bank intranet
(i.e. branch locations to data
center & private cloud
environment)
88
The Solution should have
capability to store at least 12
months data of performance data,
issues & events
89
The Solution must integrate with
various systems / applications in
the Bank including but not limited
to SOC, PIMS, NOC, Command
Centre, ITAM, Service Desk,
ADS, SSO, ITSM, CRM,
Complaint management, etc.
90
The Solution should able to
capture log using syslog from
across multiple hosts
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 86 of 329 Confidential & Proprietary
91 Solution should support SNMP
based monitoring
92
The Solution must have Synthetic
Monitoring Capabilities with
reports and Dashboards for
analysis
93
Proposed Solution should be able
to monitor traffic before & after
Load-balancers and WAF to
provide pre & post analytics.
94
Solution should provide
connectivity Percentage of
properly established TCP
connections compared to TCP
connection that were refused or
timed-out
95
Proposed Solution should be able
to provide easy to use interface to
chart the usage on multiple
dimensions such as Network,
Application, Voice &Video
96
The proposed Solution should
allow measuring of customer
adoption of the services or
campaigns e.g. number of
session, from location, total
traffic, network & application
errors and network & application
response times to create
baselines.
97
The Solution must monitor, in
real-time, everything coming to
and from the data center. In
addition to uptime and the
Solution must use response times,
usage patterns, and failed
transactions as key metrics. These
will help to identify
communication issues between
modern applications and core
banking systems and isolate the
source of any transaction
slowdowns or failed consumer
interactions
98 Proposed Solution should
highlight
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 87 of 329 Confidential & Proprietary
Network/application/underlying
virtual infrastructure as part of
incident management and RCA
Reporting and Dashboard
99
Solution should be able to create
reports of application, service and
network conditions that can be
shared.
100
Solution should offer Daily /
Weekly / Monthly trend-based
reporting. The reports should be
customized as per the
requirements of the Bank from
time-to-time during the entire
contract period.
101
Solution should offer role based
access for report which include
create, schedule, and view reports
102
Solution should offer integrated
application and network
performance dashboard views.
These should be customizable
based on applications and
network elements/subnet being
monitored and the metrics of
interest.
103
Drill-down from the performance
dashboard view should be
available to jump into detailed
performance for the specific
application/network metrics
104
Dashboards should be single view
which should be completely
configurable and must provide
dynamic view in order to
radically improve early
diagnostics and impact analysis.
105
Solution should provide
dashboard which should provide
drill down option from the
general view to detailed analysis
and problem resolution views.
106
The dashboard should provide
status of alerts based on per
application/per location.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 88 of 329 Confidential & Proprietary
107
Solution should offer an
integrated reporting module to
generate reports in multiple
formats as per the requirements of
the Bank in multiple formats (pdf,
csv, rtf etc.) for performance of
application, network, and
voice/video applications.
108
Solution should support
customized scheduling of reports.
Solution should have scheduled
report be sent in an email as a
PDF, RTF, or CSV file
attachment
Sizing Details
109
The NI must offer a scalable
monitoring Solution that could
handle current demands, while
providing seamless
expansion/instrumentation.
110
Solution should have sufficient
storage and should support
optimization on data storage
which can help improve storage
for key KPI based metrics
111
The Synthetic transaction and
business transaction testing
required for 100
branches/locations and shall be
scalable to all branches/locations.
The selected NI should be able to
use these licenses for synthetic
testing for any branch based on
the requirement. The license
should not be tied to any
particular system or location and
should be used in a rotational way
as and when any issue is observed
by any user of any branch / office.
112 The packet capture Solution
should be deployed at all DCs
113
The Solution should support
monitoring of at least 1L
network devices
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 89 of 329 Confidential & Proprietary
114
The Solution should measure and
store Network bursts up to 1-
second peaks, the highest 1-
second value seen for each of
three metrics for each 15-minute
time period. The time at which the
1-second peak occurred is also
stored. The user can view the 1-
second peak values in Burst
views. For each peak, the three
available metrics that can be
displayed in these Burst views are
utilization, byte rate, and bit rate.
Detailed historical data of a week.
115
The Solution should support
Traffic capture on Microsoft
Hyper-V, Vmware ESX, NSX-V
& NSX-T, and Open Stack
Platforms.
116
SNMP and flow capture will be
required from around 24000
branches/offices for capturing
link and device health details in
addition to transaction
monitoring details for network
devices at branches
Miscellaneous Requirements
117
Solution should provide
capability to filter undesired, non-
security logs at collection,
processing and visualisation
layer.
118
Solution should provide
capability to filter blacklist,
whitelist single or group of IP,
User, URL, etc. in rules reports
dashboard.
119 Have capability to selectively
filter PII, SPDI information and
Bank’s classified information.
120
Provide complete control over
traffic capture filters providing
the ability to filter network traffic
either during capture or when
replaying capture traffic later,
inclusively or exclusively.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 90 of 329 Confidential & Proprietary
Sizing Requirements for identifying number of capture points and throughput
requirements for NPMD Solution:
Throughput Requirement
Data Center
Internet
(Capture
Points)
MPLS
(Capture
Points)
TPC
(Capture
Points)
Replication
(Capture
Points)
Core
(Capture
Points)
Total
Capture
Point
Data Centre 1 1Gbps
(4)
5Gbps
(2)
4 Gbps
(6)
7 Gbps
(2)
20 Gbps
(2) 16
Data Centre 2 10Gbps
(16)
10Gbps
(2)
2 Gbps
(6)
20 Gbps
(2)
60 Gbps
(10) 36
Data Centre 3 10Gbps
(12)
10Gbps
(2)
2 Gbps
(6)
20 Gbps
(2)
40 Gbps
(8) 30
Data Centre 4 10Gbps
(16)
10Gbps
(2)
4 Gbps
(6)
20 Gbps
(2)
60 Gbps
(10) 36
Note: Details regarding sources of capture points have been specified in the clause labelled
“Data Sources” under Scope of Work of NPMD in Appendix-E. Packet capture in raw
format to be stored for 7 days.
NOC TOOLS:
S.
No. Functional Details
Feasible
(Y/N)
Complia
nce
(Y/N) &
Supporti
ng Docs
Availa
ble as
part of
Solutio
n
(Y/N)
Marks
in
score
chart:
3
marks
Provide
d as
3rd
Party
Sol*
(Y/N)
Marks
in score
chart:
2 mark
Cust.
Required
* (Y/N)
Marks in
score
chart: 1
mark
Service desk
1
Service desk support to be
established at NOC-1 and
NOC-2 and the calls have to be
distributed between the 2
NOCs.
2 Omnichannel/Integrate social
media, chat bots, email, along
with voice & SMS.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 91 of 329 Confidential & Proprietary
3
Inbound Communication/Auto
call distribution and intelligent
routing support for
communications.
4 Interactive voice response
5 Ticket Management/Auto
ticketing.
6 Manual ticketing.
7 Ticket escalation
8 Warm Call transfer/Facility to
transfer calls after talking to
forwarding agent.
9 Call scripting/To aid agents to
provide consistent and uniform
response to callers.
10
Digital Agents/Chat
Bots/Machine learning to
handle more routine or simpler
customer requests
11
AI assistance/To provide
predictive suggestions for live
agents based on customer
history and real-time
interaction.
12
Out bound
communication/Automated
dialers, voice broadcast & IVR
Surveys for outbound calling
13 Click to call/One-click calling
for agents
14 Voice over IP/For internal
communications.
15 Soft phone/For internal voice
communications.
16
ITSM Integration/Provide 360°
view of client context. Eg. On
screen display of the
customer/existing ticket
information.
17
Mobile app/User
interaction/push
notification/self-help through
mobile apps. -Android
18 Mobile app/User
interaction/push
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 92 of 329 Confidential & Proprietary
notification/self-help through
mobile apps. -iOS
19 Agent dashboard/Visibility of
call queue, call abonnement.
20 Quality monitoring/Monitoring
conversation content
21
Analytics/KPIs such as average
time in the queue, average call
abandonment rate, and average
handle time.
22 Integrated customer analytics
for multichannel interactions.
23 Reporting/Historic reporting
24 Real-time reporting
25 Administration/Customised
SMS & Email templates, IVR
Studio, define service levels.
26 On-premises platform Should
be installed in SBI environment
27 Operating system./OS used.
28 Database used.
29 IP phone/soft phone systems.
30 Licensing./Enterprise Grade.
FCAPS Tools
31
SNMP V3 protocol-based
polling and receiving SNMP
traps.
32
Capability to configure
different polling speeds for
different devices.
33
Ability to check availability of
a remote connectivity resource
– infra devices or URLs
through heartbeat.
34
Ability to monitor Branches
LAN/ WAN link and enrich
with geo-location, branch id,
business hours to Service
Provider (SP) link types
35
Auto ticketing for incidents
from network or Event
Management systems.
36
Auto ticketing for non-
reachability, drops in the
network and high latency.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 93 of 329 Confidential & Proprietary
37
Event correlation engine which
can correlate the events on the
basis of event pairing, event
sequencing etc.
38
Capability to ‘filter-out’
symptom alarms and deduce
the root cause of failure in the
infrastructure automatically.
39
Capability to consolidate
alarms from non-IT systems
such as sensor/SNMP enabled
UPS, DG sets etc. to provide a
view of the operations
environment that supports the
branch level IT assets
40
Out of the box storyboards for
Isolated Links, Links on
Primary, Secondary etc.
41 Integration with service desk
for ticket management.
Alarm Reduction
42 Parent and Child Incident
Mapping.
43
Ability to suppress/aggregate
the alerts based on the CI
relationships maintained in
CMDB.
44
Rule based
updation/suppression of
subsequent events of an
incident.
45
Auto resolution of child
incident upon resolution of
Parent incident.
46
Auto assigning of incident
tickets to support agents for
actions.
47 Support manual ticket creation
and service desk integration.
48 Severity based categorisation
and prioritisation of the tickets.
49 Client-based monitoring
console.
50 GUI-based monitoring console.
51 Service desk integration for
incident management.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 94 of 329 Confidential & Proprietary
52 API integration to Telecom
Service providers.
Incident Notification
53 Sending incident triggered auto
emails to stakeholders.
54
Automated SMS notification of
major incidents to stake holders
based on escalation matrix.
55 Automated SMS notification of
critical link incidents to TSPs
56
Capability to integrate with
Banks SMS gateway and email
system for sending
notifications.
57
Performance of automated first
level trouble shooting and
providing quick notes to the
agent before assigning tickets.
Incident troubleshooting
58
Mobility device interface to
field agents to attend to and
update on the tickets assigned
to them.
59 Ability to store attachments
(e.g. Screenshots).
60 Auto escalation of incidents.
61
Auto escalation of link
incidents/ link down cases to
service providers based on the
escalation matrix after
predefined trigger points.
62
Restriction to change the
incident ticket status to
"resolved" with out clearance
of the incident in the network or
resolution updated by Network
Management System.
63 Auto generation of daily
incident report.
64
Auto generation of Incident
reports:
i) Hourly
ii) Daily
iii) Weekly
iv) Monthly
v) Custom period
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 95 of 329 Confidential & Proprietary
65 Auto generation of monthly
incident analytical report.
Problem Management
66
Support Problem Tickets
lifecycle steps – New, Assess,
Root Cause Analysis, Fix In-
Progress, Resolved and Closed.
67
Auto creation of problem
management tickets based on
business rules for consecutive
incidents.
68
Creation of Problem
Management ticket for repeated
incident tickets within a pre-
defined period.
69 Manual ticket creation for
Problem Management.
70
Review and approval process
for Problem Ticket corrective
action.
71
Options to accept risks for
specific Problem Management
tickets.
Root Cause Analysis (RCA)
72
Capability to capture detailed
RCA with corrective actions in
the incident management
system.
73
Out of the box root cause
analysis with multiple root
cause algorithms inbuilt for
root cause analysis.
74
Use advanced root-cause
analysis techniques and policy-
based condition correlation
technology for comprehensive
analysis of infrastructure faults.
Performance Management
75 Monitor network / link latency
on real-time.
76
Monitor and display response
time, availability, and
performance of network
devices.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 96 of 329 Confidential & Proprietary
77
Network health monitoring,
Capability to check various
parameters on router like CPU
Utilization, Memory
Utilization, Errors and
Discards, Voltage,
Temperature, CRC error,
Collisions, Buffer statistics
(Hits, misses and failures) etc.
78
Network traffic analysis, which
show how exactly the
bandwidth is being utilized
through interface-specific
reports on which user, source
and destination IP address,
conversation, type of traffic
(HTTP / HTTPS / SFTP /
TCP/IP , UDP, application
specific etc.) and other
parameters / overheads etc. is
occupying bandwidth etc.
79
Capability to auto escalate
breach of bandwidth utilization
beyond predefined cut-off point
within 30 minutes.
80
Provide reports on utilization
trends of elements like
memory, CPU etc. for all
devices.
81
Provide reports on downtimes,
uptimes, packet loss, latency,
jitter etc. for all links.
82
Provide near-real time network
monitoring and measurement
of network performance &
availability.
83 Network performance trends
and predictive analysis
84 Predictive analysis report to
identify potential problems.
85 Monthly bandwidth
optimization report.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 97 of 329 Confidential & Proprietary
86
Provide out-of-the-box
performance reports on:
→ Executive Summary report
that gives an overall view of a
group of elements, showing
volume and other important
metrics.
→ Capacity Planning report
which provides a view of under
and over-utilized elements.
→ Service Level report
detailing elements that breach
availability/response time
SLAs.
87
Capability to provide
performance data & threshold-
based alerts for real time
performance monitoring,
reporting and historical
trending.
88
Ability to provide Service
provider wise link performance
reports with details of circuit
ID, bandwidth, down time, up
since etc.
89
Provide Service provider
performance rank report using
statistical data model.
90 Support SNMP V3, Syslog,
NetFlow, API integration.
91
Support Command line-based
response analysis as data
sources.
92
Support custom scripts for
monitoring and alerting upon
crossing set thresholds.
93
Ability to create correlation
between sudden increase in
network traffic and Slashdot
effect, with users, systems and
applications usage to create
correlated compound alert.
94
Capability to integrate with
other systems and overlay and
predict business volume vs
network usage.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 98 of 329 Confidential & Proprietary
95
Provide user experience alerts
regarding issues affecting
customer’s experience using
the anomalies discovered based
on Machine Learned data
model from user experience
golden signals.
96
Capability to use automated
data slicing, Natural Language
Generation (NLG) and user
feedback based fine tuning of
insights control to create
automated insights.
97
Dynamic auto base lining of
alerts for utilization, bandwidth
usage, packet errors, latencies
etc.
98
Support Anomalies related to
rare events, sudden spikes in
usage and abnormal variations
in patterns.
99
Perform Operational
performance index (OPI) for
better prediction of incidents
across each touch point and
across business flows.
100
Provide SP indexing with
following functionalities:
→ Indicate robustness of
current operations and SLA via
measuring customer experience
index.
→ Performance Scoring.
→ Should use Monte Carlo
probabilistic methods.
→ Uses proxy signals like
Branch peak hours, ISP link
outages and other data
enrichments to make the index
dynamics and more specific.
→ Capacity planning and
assess trade off choices in
choosing the best ISP across
geo locations.
101 out-of-the-box, customizable
dashboards, alerts, and reports
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 99 of 329 Confidential & Proprietary
102
Capability to ingest logs,
metrics, flows, and events into
efficient key-value databases
where they are stored to later be
accessed and analysed.
103
The Asset management system
with configuration
management database [CMDB]
of all assets with details of all
configuration Items (CI) as per
ITIL definition.
Configuration Management
104 Maintenance of complete
lifecycle of all assets.
105 Customisable asset database.
106
Capability to capture details
like Sites/branches, physical
and logical assets like Licenses,
IP Subnets, Link details, AMC
contracts etc.
107
Auto discovery of manageable
elements connected to the
infrastructure:
i) Seed router-based discovery
– Using route tables and SNMP
MIBs
ii) IP discovery
iii) Import data - from pre-
formatted files (IPs, ranges,
strings or ports)
iv) Trap-Based Discovery –
whenever new devices are
added with capability to
exclude specific devices based
on IP addresses / IP Address
range.
108
Discovery & inventory of
heterogeneous physical
network devices with providing
information of make, models
and their category.
109 Auto mapping of connectivity
between managed elements.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 100 of 329 Confidential & Proprietary
110
Mapping capability grouped
by:
i) Network topology.
ii) Geographic locations of the
equipment.
iii) User group/departments.
iv) Manual selection of fields to
view customized topology and
devices groups.
111
Asset management system shall
have the capability to discover
assets, track changes of
attributes and maintain the
history within its database.
112 Provide location wise details of
spare devices.
113
Maintain relationship details of
all CIs of a particular asset in
the CMDB to facilitate
suppression/aggregation of
alerts, to identification of
affected entities etc.
114
Auto discover IOS Software
against an application's
knowledgebase.
115
Mechanism for adding
proprietary and legacy of
network products.
116 Provide details of
decommissioned assets.
117
Detect in real time the
configuration and asset
information changes made
across a multi-vendor device
network.
118
Detect and track any
configuration changes and
generate real-time alerts.
119
Detect, compare & alert on
changes based on which
decision could be made for
rollback or implementation of
changes.
120
Support configuration
deployment/rollback using
policies, configuration
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 101 of 329 Confidential & Proprietary
templates and ad-hoc
commands.
121
Provide options to take
incremental, scheduled and full
configuration backup.
122
Capability to perform
Configuration backups
/Policies/OS images/rollback to
multiple devices at a time.
123
Task Scheduling for specific
date, weekly, monthly,
quarterly etc.
124
Capability to automate all
repetitive & time-consuming
tasks related to network device
configuration & change
processes.
125
Deploy and monitor IOS
operating system images,
network security patches from
a centralized network
management system.
126
Push standard templates for
existing network devices and
new deployments.
127
Support multi-protocol device
communications (Telnet, SSH,
TFTP, FTP etc.).
128
Capability to integrating other
management systems and
ITSM tools through Rest API’s
for change management and
custom workflows.
129
Support standard, emergency,
and normal service changes as
per ITIL framework.
130
Support various roles for
requester, approver,
reviewer/CAB etc.
131 Support post-facto approvals.
132
Support risk assessment of the
change, scheduling of change,
record impacted assets and
associated CIs.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 102 of 329 Confidential & Proprietary
133
Ability to detect change
conflicts, integrate with
Incident and problem
management processes to drive
an Integrated Change.
134 Provide Change management
reports and analytics.
135
Manage network compliance
by comparing devices to
Custom defined, best-practice
standards, Gold Standard, etc.
136
Capability of automated
remediation to bring devices
back to policy compliance or to
a default configuration status.
137 Records of device usage and
frequency of usage.
138 Automatically discovers and
maps network devices
139 Automatic deployment of
devices within 1 hr.
140
Provide GUI based reports &
topological maps of network
devices by location and
impact.
141
Provide a single dashboard to
track the infrastructure devices
of Data Centres with drill down
facility.
142
Capability to forecast the
capacity requirements on the
Network devices based on the
utilization analysis using
Machine Learned Data Model.
143
Univariate forecasting of
bandwidth usage and capacity,
enabling better planning of
bandwidth and ISP SLA terms.
144
The proposed Solution should
able to provide bandwidth
consumption information for IP
to IP communication or IP to
Geo location communication or
IP to IPs communications.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 103 of 329 Confidential & Proprietary
145
Automated SLA compliance
calculation and SLA breach
warning alerts.
146
Automated web-based SLA
report generation and
distribution
147 SLA compliance historical
reporting with trend analysis
148 Provide report generation
utilities.
149 OEM wise asset report
detailing ports and interfaces.
150
Provide browser based
customizable Executive
dashboards widget/page
showing Device Statistics &
their Compliance.
151
Generate scheduled custom
report on all aspects of network
device statistics and their
compliance.
152
Operational Level Agreement
(OLA) compliance monitoring
with service desk integrations
153
Capability to identify
vulnerabilities based on
security advisories and take
necessary corrective actions.
154 Capability to Integration with
Banks AAA system.
155 Capability to integrate with
Banks security solutions
156 Enterprise Grade License.
157 On premises deployment.
158 Support for multi-locational
deployment.
Robotic Process Automation (RPA)
159 Graphical User Interface
160 Intelligent process automation
using AI
161 Multi-environment support.
162 NLP (Natural Language
Processing) based chatbots
163 ML based Task Bots
164 Automate tasks in real-time
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 104 of 329 Confidential & Proprietary
165 Drag and drop interface.
166 Recording Macros.
167 Self-learning Bots
168 Feature rich analytics suite.
169 Real-time reports and analytics
170 Auto-login features to run the
bots
171 Capture desktop insights
172 Provide a contextual assistance
173 Deploy, maintain and execute
bots from a centralized server
174 OCR support
175
Ability to automate the
operational activities which are
carried out on a day to day
basis.
176
Capability for automating, but
not limited to, the following
NOC activities:
Reports.
→ SLA Compliance.
→ Events Detection and
Monitoring including Network
Performance issues.
→ Incidents Recording and
Monitoring.
→ Service requests.
→ Change Management
requests.
→ Moving Average
Convergence Divergence
(MACD) Histogram.
→ Approval process.
→ Assets’ Profiling.
→ Configuration
Changes/Upgrades,
verification of configuration
parameters.
→ Penalty Calculations.
177 Support on premises,
multilocational deployment.
178 Capability to integrate with
Banks security solutions
Mobile Apps
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 105 of 329 Confidential & Proprietary
Mobile App for field agents to
receive and update tickets
assigned to them.
Mobile App for branch users
to view health status of their
links, to perform branch link
helth test and register
complaint, view complaint
status etc.
Enterprise Data backup solution
179 Backup and Recovery
180 Real Time Synchronization.
181 Automated replication in two
or more locations.
182 On premises deployment.
183 Backup Scheduling.
184 Incremental Backup.
185 Secure Data Storage.
186 Multiple System/Platform
Support.
187 Audit Trail.
188
100 TB Data Storage
infrastructure to retain NOC
operation data for a minimum
of 5 years.
189 Support on premises,
multilocational deployment.
190 Capability to integrate with
Banks security solutions.
Access Control and Attendance System
191 Face recognition, contactless
(4 units)
192 Two-factor authentication.
193
Capability to create access
groups to access restricted
areas.
194 Capacity to handle minimum
of 500 people.
195 Push to exit buttons (2 units)
196 Multi locational attendance
software.
197
Capability to generate
Daily/monthly attendance
reports containing Name,
Time in, Time out, Number of
hours inside the premises in a
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 106 of 329 Confidential & Proprietary
24X7 operation environment
with multiple shifts
198 Data storage capacity for 5
years.
199 Access Cards for secondary
authentication (200 units)
Video Surveillance System (Only for NOC-2)
200
32 channel NVR supporting 8
miga pixel resolution and 30
frams per second with
relevent software.
201 4 mega pixel IP Dom cameras
(Day&Night). (25 units)
202 PoE
203
4 mega pixel IP Bullet
cameras (Day&Night). (2
Units)
204 4X4 TB storage with relevent
software.
Video Wall Display
205
Commercial grade, narrow
bezel video wall display
units. (6 numbers)
206 Minimum 3840x2160
resolution.
207 Minimum 55” size.
208 Swivel wall mounts (6 units)
209 HDMI cables. (6 numbers)
210 Video wall content distributer
Software license (10 users)
VoIP phone
211 IP phones (180 units)
212 LCD display
213 Dial pad
214 PoE
215 Speaker phone.
216 Call conferencing.
217 Base stand
218 Headsets with mic.
219 Necessary license
220 Soft phone License (180
users)
NOTE:
A. The services being provided under NOC should be automated as under:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 107 of 329 Confidential & Proprietary
B. 10% of the services to be automated by end of First year
C. 30% of the services to be automated by end of Second year
D. 50% of the services to be automated by end of Third year
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 108 of 329 Confidential & Proprietary
TECHNICAL EVALUATION PROCESS & SCORE CHART
1. The objective of technical evaluation and shortlisting of the bidders is to facilitate the selection
of the most optimal Solution(s) that appropriately meet the requirements of the Bank. All bids
shall be evaluated by an evaluation committee set up for this purpose by the Bank. The Bank
will evaluate the technical offers of the bidders complying with Eligibility Criteria mentioned
in the Appendix-B and the proposals meeting the said criteria will only be taken up for further
technical evaluation.
2. As part of the technical bid, the bidder shall have to submit all the specified
documents/information covering all the clauses specified in the RFP. The Bidders shall be
required to deliver an exclusive presentation (full day) detailing the proposed architecture for
NOC and various applications/Solutions (to be implemented by the selected NI),
implementation approach, rollout strategy, etc.
Note: Under the COVID-19 crisis, the bidder may be requested to present their proposal
through the Video Conferencing platform. The details of the VC shall be shared with the
bidders at an appropriate time.
3. The bidders are expected to submit the soft copy of the presentation to the Bank along
with their technical and commercial bids.
4. A bidder shall qualify the technical evaluation stage by scoring a minimum of 75% of total
marks. Based on the scores, qualified bidders shall be shortlisted for further participation in
the RFP process. The decision of the Bank in regard to evaluation would be final and binding
on all the Bidders to this document.
5. The technical offer submitted by the Bidders shall be evaluated as per the various components
mentioned below:
a) Technical requirements of Solution
b) Past experience/Implementation Experience
c) Site Visit to the Bidder’s Network Operation Center (NOC)
d) Client (referenced) site visit
e) Bidder Presentation – Approach Methodology, Proposed Team for
Implementation
Note: NOC visit or visiting the offices of the referenced organization’s office shall be decided
by the Bank during the evaluation process. The Bank may or may not visit the sites for one or
more bidders depending on the various factors, including Covid situation.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 109 of 329 Confidential & Proprietary
6. The presentations would be delivered to a competent panel chosen appropriately by the Bank
for the purpose of technical evaluation. The evaluation process for shortlisting of the bidder
will be based on the evaluation matrix given below:
SCORE CHART
S.
No. Criteria Max Mark Scoring
1
The number of projects executed by the
Bidder in the last 5 years in Implementing
Network Operations Center (NOC) for
their clients capable of monitoring &
managing at least 5,000 remote network
devices (such as routers, switches, etc.)
per project.
6
3 or more projects – 6 marks
2 projects – 4 marks
1 project – 2 Marks
2
The number of projects executed by the
Bidder in the last 5 years in Maintaining
Network Operations Center (NOC) for
their clients for managing and monitoring
the network consisting of at least 15,000
remote network devices (such as routers,
switches, etc.) per project. The minimum
maintenance period shall be 6 months.
6
3 or more projects – 6 marks
2 projects – 4 marks
1 project – 2 Marks
3 No. of years of experience of the Bidder in
operating Own/ Captive NOC. 6
Number of years:
Above 10 years: 6
8-10 years: 4
5-8 years: 2
4
The number of L3 resources (as defined in
Appendix-Q) available with Bidder in the
network management domain in India,
excluding the resources involved in
Compliance, Governance, and non-NOC
related domain.
6
Number of L3 Resources (as
per the definition specified in
Appendix-Q of this RFP)
100+: 6 marks
51 – 100 : 4 Marks
Up to 50 : 2 Marks
5
a. The OEM of the NOC tools
(other than NPMD and
LMS) proposed by the
Bidder shall have a
deployment with at least
10,000 networked devices
e. 5
f. 5
j. Implementation
Experience:
➢ Above 30000 network
devices – 5 marks
➢ 20000 to 30000 network
devices – 4 marks
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 110 of 329 Confidential & Proprietary
in the BFSI (Banking,
Financial Services, and
Insurance) sector in India.
b. The number of clients for
whom the Solution has
been implemented by the
Bidder with at least 10,000
networked devices in the
BFSI sector in India.
c. The OEM of the NOC
tools (other than NPMD
and LMS) proposed by the
Bidder should be managing
devices deployed in at least
2,500 branches/offices in
the BFSI sector in India.
d. The number of clients, with
at least 2500
branches/offices, for whom
the NOC tools have been
implemented by the
Bidder.
e. Compliance to technical and functional
specifications mentioned for NOC tools in
Appendix-C (Table-3)
g. 5
h. 5
i. 50
➢ 10000 to 20000 network
devices – 3 marks
k. References:
➢ 3 or more references – 5
marks
➢ 2 references – 4 marks
➢ 1 reference – 3 marks
l. Implementation
Experience:
➢ Above 7500
branches/offices – 5 marks
➢ 5000 to 7500
branches/offices – 4 marks
➢ 2500 to 5000
branches/offices – 3 marks
m. References:
➢ 3 or more references – 5
marks
➢ 2 references – 4 marks
➢ 1 reference – 3 marks
e. The score derived against
Appendix-C will be normalized
to 50 marks
6
n. The OEM of the NPMD
Solution proposed by the
Bidder should have a client
with at least 3 applications
integrated with the NPMD
Solution. An application
shall be considered if its
application infrastructure
has been deployed in two
different DCs (primary and
secondary). Also, one of
the applications should
have an average TPS of at
least 7000 in an
a. 5
p. 5
c. 20
a. Implementation
experience:
➢ 5 or more Integrated
applications – 5 marks
➢ 4 Integrated applications –
4 marks
➢ 3 Integrated applications –
3 marks
q. References:
➢ 3 or more references – 5
marks
➢ 2 references – 4 marks
➢ 1 reference – 3 marks
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 111 of 329 Confidential & Proprietary
organization in the BFSI
sector.
o. The number of clients for
whom NPMD Solution has
been implemented by the
Bidder. Only those
references shall be
considered which are
running successfully for
at least 2 years.
c. Compliance to technical and functional
specifications mentioned for NPMD
Solution in Appendix-C
c. The score derived against
Appendix-C will be normalized
to 20 marks
7
r. The OEM of the LMS
proposed by the Bidder
should have a client with at
least 100 network devices
deployed in at least one DC
that should include at least
5 firewalls/IPS in HA for
log collection.
s. The number of clients for
whom LMS has been
implemented by the
Bidder. Only those
references shall be
considered which are
running successfully for
at least 2 years.
c. Compliance to technical and functional
specifications mentioned for LMS in
Appendix-C
a. 5
t. 5
c. 30
a. Implementation
experience:
➢ More than 500 network
devices – 5 marks
➢ 251 – 500 network devices
– 4 marks
➢ 100 – 250 network devices
– 3 marks
u. References:
➢ 3 or more references – 5
marks
➢ 2 references – 4 marks
➢ 1 reference – 3 marks
c. The score derived against
Appendix-C will be normalized
to 30 marks
8
Experience in the management of the
following Solutions (including
provisioning of L3 support) for at least 2
years:
a. Network Access Control (NAC)
b. Network Security Policy
Management (NSPM) –
c. Time Servers (Network Time
Protocol)
6 Evaluation by the Committee
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 112 of 329 Confidential & Proprietary
d. Centralized Video Conferencing
Solution management
e. VPN Solution for remote access
through the Internet
f. Proxy Solution
9
Presentation:
Detailed explanation on the transition plan
for taking over from the existing NI within
the stipulated time in the RFP (in terms of
management of all DCs, branches/offices,
link management, existing applications,
and provisioning of the dashboard and all
MIS reports as defined in the RFP)
The transition plan for handing over to
another NI while exiting should also be
presented.
8 Evaluation by the Committee
10
Presentation:
NOC architecture, NOC infrastructure
(name of OEM of the set of tools,
hardware configuration, licenses, physical
access control, etc.) proposed for
monitoring & management of the Bank’s
network as per the specifications in the
RFP.
Obtention of two certificates, namely ISO
27001:2013, ISO 9001:2015.
Incident management life cycle (from
identification to its closure depending on
the severity of the incident). Data import
from the existing tools. Also, the display
of sample MIS reports.
8 Evaluation by the Committee
11
Presentation:
The proposed architecture, Solution
components (make, model, qty. and
Gartner or Forrester reports for the
respective Solution components), their
deployment sites, traffic flow, Active-
Active/Passive mode and functioning of the
Solution (in normal and disaster situations)
for each of the following new Solutions:
a. NPMD
b. LMS
c. NOC Tools
8 Evaluation by the Committee
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 113 of 329 Confidential & Proprietary
Note: The bidder should present 10 top use
cases useful in the Bank for each of the
following:
a) Artificial Intelligence and Machine
Learning
b) Robotic Process Automation
c) Workflow Automation
12
Presentation:
How the Bidder proposes to take over the
management of LAN (in accordance with
the requirements mentioned in the RFP
document) at Branches/Offices, Corporate
Centers and Data Centers including all sites
in the Bank’s foreign offices/Hubs.
8 Evaluation by the Committee
13
Presentation:
A three-year plan for providing
professional training, developing the
required expertise and skill set so that the
in-house team could manage the network
independently. Professional training to be
imparted should be specific to the network
& Solutions deployed & configured for the
Bank.
8 Evaluation by the Committee
14
Presentation:
SLA compliance including (but not limited
to):
a. Uptime/downtime for links and devices
b. Link reliability and load
c. Response times, depending on the
severity of the issue, etc.
8 Evaluation by the Committee
15 Quality of response 7 Evaluation by the Committee
Total 225
Note: Compliance with all the specifications mentioned above must be supported by relevant
and verifiable documents. All such supporting documents must be submitted along with the
technical bid.
Name & Signature of authorized signatory
Seal of Company
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 114 of 329 Confidential & Proprietary
Appendix-D
Bidder Details
Details of the Bidder
S. No. Particulars Details
1. Name
2. Date of Incorporation and/or commencement
of business
3. Certificate of incorporation
4. Brief description of the Bidder including
details of its main line of business
5. Company website URL
6. Company PAN Number
7. Company GSTIN Number
8. Particulars of the Authorized Signatory of the
Bidder
a) Name
b) Designation
c) Address
d) Phone Number (Landline)
e) Mobile Number
f) Fax Number
g) Email Address
9 Details for EMD Refund (applicable only if
EMD is directly credited in designated
account):-
a) Account No.
b) Name of the account holder
c) Name of Bank
d) IFSC Code
Name & Signature of authorized signatory
Seal of Company
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 115 of 329 Confidential & Proprietary
Appendix-E
Scope of Work and Payment Schedule
Note: For the purpose of this document, the term “network” would imply the Bank’s network
spread across the globe (i.e. branches and offices in India and abroad) and the term
“management” would imply the five functional areas as defined by ISO, i.e. Fault,
Configuration, Administration, Performance, and Security Management (FCAPS). Any
clarification/ interpretation in any of the clauses will be decided mutually else Bank’s
decision will be final and binding on the selected NI.
1. The selected Network Integrator (NI) shall be responsible for the management of the
Bank’s entire network spanned across the globe. The scope of management shall
include existing and upcoming network devices, communication links, LAN (including
branches and offices of the Bank), WAN, and various Solutions as specified in this RFP
document.
2. It may be noted that the selected NI shall be accountable for the management of the
following three categories of Solutions, namely (a) Existing Solutions as mentioned
under Category 1, (b) network related new Solutions that shall be procured by the Bank
during the NI contract period, other than solutions covered under this RFP, and (c) new
Solutions being procured through this RFP. Thus, the selected NI shall have to provide
services related to network management as well as for coordination with the existing SI’s
for the management of Solutions. The following table summarizes points to be
considered by the selected NI for the management of all the three categories of Solutions
mentioned above:
Category of Solution Broad Role of the selected NI
Category-1: Existing
Solutions under the
purview of NW&C
department
The selected NI shall have to manage the following existing
Solutions as per the Scope and SLA provided under
Appendix-E and J respectively
a) Network Access Control (NAC) by HPE/Aruba
b) Secure Web Gateway (SWG) Solution by Symantec
c) Domain Name System (DNS) by F5
d) Network Security Policy Management (NSPM)
by Algosec
e) Time Servers (Network Time Protocol) by Spectrum
f) VPN Solution by Palo Alto
g) Centralized Video conferencing by Polycom
Note: During the currency of the NI contract, an existing
application with another department may be transferred to the
NW&C department. In such cases, the selected NI will be
required to manage that Solution also, if Banks desires so.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 116 of 329 Confidential & Proprietary
The additional resources required would be taken at
discovered rates.
Category-2: New
Solutions that shall be
procured by NW&C
department during the
contract period with
the selected NI
The selected NI shall be responsible for providing
Consultancy for drafting Technical Scope of Work, Technical
and Functional Specifications, Bill of Quantity (BOQ)/Bill
Of Material (BOM) and Service Level Agreement (SLA),
wherever desired by the Bank and will also be responsible for
Management of the Solution. The selected NI will be paid a
consultancy fee and management fee for each such
requirement as detailed in Appendix-F. Requirements for
additional resources, if any, will be mutually discussed and
arrived at. The cost of such additional resources will be paid
as per the rates discovered through this RFP.
Note: The Scope of Work finalized by the selected NI may be
modified by the Bank and the Bank’s decision in this regard
shall be final and binding on the selected NI.
Category-3: New
Solutions being
procured through this
RFP
New Solutions as part of this RFP: Design, supply,
implementation, and management of the below mentioned
Solutions as part of this RFP:
a) Network Management, Monitoring & Operations tools
(hereinafter referred to as “NOC tools”)
b) Log Management Solution (LMS)
c) Network Performance Monitoring & Diagnostics
(NPMD)
Note: The technical and functional specifications of the
above-mentioned solutions have been described in Appendix-
C of this document.
3. It is to be noted that the Bank may issue the PO/LoI for the above-mentioned Solutions
(existing solutions under category-1 and new solutions under category-3), individually,
within the price validity period. The Bank also reserves the right to procure one or more
of the above-mentioned Solutions and as such, the cost discovered for such Solutions, if
not procured, and the associated services (including manpower) shall not be payable by
the Bank to the selected NI. The required Bank Guarantee shall be submitted by the
selected NI as per the individual PO/ LOI.
4. The selected NI shall not be eligible for participation in any of the procurement processes
conducted by the Networking & Communication Department during the entire contract
period. However, this restriction shall not apply for the RFP floated by the Bank for
selection of Network Integrator.
5. The period of contract for availing all the services mentioned above shall be of 5 years
and would be extendable by another 5 years, at the discretion of the Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 117 of 329 Confidential & Proprietary
6. The selected NI shall be responsible for providing professional training to the Bank’s
designated in-house team and gradual knowledge transfer, help them develop necessary
skills and expertise for managing the Bank’s network by the completion of the initial
three years. As such several teams shall be formed by the Bank in consultation with
the selected NI such that the members of these teams shall be shadowing the
members of the selected NI’s team members from day one.
7. It may also be noted that after the completion of first 3 years of the contract, the critical
services undertaken by the L2 and L3 resources of the NI may be taken over by the Bank
and the amount corresponding to those services shall not be payable by the Bank
(including the cost of L2/L3 NI resources that shall be engaged for those services).
Taking over the services can be done at any stage of the contract after the initial 3 years.
The services, not taken-over shall have to be performed by the selected NI
uninterruptedly throughout the period of contract. The decision to taking-over of the
services shall be announced by the Bank in not less than 3 months in advance. A written
sign-off shall be provided to the selected NI after the successful hand-over of the
services. However, until the said signoff is provided by the Bank, the selected NI shall
have to continue to provide the services as per the terms of the RFP. It may be noted that
the Bank may decide to hand-over the already taken-over services back to the selected
NI in which case the selected NI shall have to provide the services as usual.
8. The selected NI shall be responsible for the establishment of two Network Operations
Centre (NOC) at Bank’s premises. The entire NOC infrastructure shall be owned by the
Bank and the selected NI shall have to manage the Bank’s network through these NOCs.
9. Any Solution (including category-3) to be provided by the selected NI under this RFP,
the following points must adhere:
a. All solutions and its sub-components should be deployed on the premises of
the Bank.
b. All components of the solutions to be deployed in the Bank’s DCs must have
dual power supplies and rack-mountable (in standard racks). It should come
with a rack mounting kit.
c. Standard racks (19″/42U with perforated front and rear doors) shall also be
provided by the selected NI along with the Power Distribution Units for all
new solutions being procured through this RFP. However, the Bank may
decide to install the Solution components in Bank’s provided racks. In such
cases, the rack cost shall not be payable to the selected NI.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 118 of 329 Confidential & Proprietary
d. All components of the solutions must be Ipv6 compatible.
e. UAT setups are to be provided for testing configurational changes,
application of patches, OS & firmware upgrades, etc. before
installing/applying the same on production devices/solutions.
f. There shall be no data loss while performing upgrades or any other
maintenance activities that may require downtime.
g. The Bidder to ensure implementation of all Solutions from Professional
Services of respective OEMs having necessary certifications, adequate
implementation experience and on the payroll of the OEM for designing,
installing, and commissioning of the Solutions onsite. The resource shall be
required to continue for a period of 6 months from the go-live date (i.e. after
the system is brought into production with operational traffic/load meant for
its intended use).
h. All solutions/tools to be procured through this RFP shall be part of NOC
and must be compatible with each other in terms of integration and
interoperability. A unified dashboard shall have to be provided so that a
single URL shall be used for viewing all the desired information generated
by various tools including NOC tools, LMS, NPMD etc.
The following sections shall describe the SoW in detail:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 119 of 329 Confidential & Proprietary
Section A: Transition
Subsection A1: Taking-over network operations by Selected NI from its Predecessor
1. It shall be the responsibility of the selected NI to take over the entire network operations
from the current NI within 180 days from the date of issuance of Letter of
Intent (LoI)/Purchase Order (PO). This shall include the takeover of the management of
all branches/offices of the Bank, existing devices and links, all Data Centres and Hub
locations in India & abroad, existing applications, Setting up of two NOC Centres,
procurement of tools and other Solutions for NOCs etc.
2. The selected NI shall provide the exhaustive list of documents and information required
from the current NI within 10 days and draft transition plan within 15 days from the date
of issuance of LoI/PO based on which the selected NI shall plan the transition from the
current NI. However, each prospective bidder shall be required to provide along with
their technical bids, the list of essential documents with a brief description of the contents
of the documents that are typically required for taking over network operations by a new
NI from an existing NI. This shall apply to the existing NI as well.
3. It shall be the responsibility of the selected NI to document, collect, maintain and
update all essential information about the Bank’s global network including IP
Addressing Schema, Data Centre LAN Architecture (including all network segments such
as the Internet, Intranet, Extranet, Replication segments, etc.), overall WAN architecture,
NOC architecture, interconnectivity between the DCs, inventory of all network devices
and their configurations, all communication links, etc. It may be noted that the documents
readily available with the current NI shall be provided by the Bank to the selected NI.
4. The selected NI shall develop a consolidated Standard Operating Procedure (SOP) for day
to day operations for management and monitoring of the Bank’s network. The SOP shall
serve as a step by step illustrative guide with the required screenshot for carrying out any
operations for intended users/administrators of the respective solutions. The initial draft
of all such SOPs shall have to be provided by the selected NI within 3 months from the
date of issuance of PO/LoI. The illustrative list of SOPs is as under:
SNO SOP name SOP description
1 Information Security
Management systems
(ISMS Framework)
The purpose of this document is to provide guidance
for external and internal auditors, Networking and
Communication Department (managers, employees
and vendors) for understanding and implementing
the activities related to Information Security
Management Systems (ISMS). This Framework is
created using accepted structure of the ISO/IEC
27001. The ISMS framework is labelled using the
ISO/IEC 27001:20013 nomenclatures
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 120 of 329 Confidential & Proprietary
2 ISMS Scope Document State Bank of India is India’s largest Bank with a
network of over 23000+ branches spread across
India. Bank also has presence in 32 countries across
the globe. The Bank offers wide range of products
and services to both Corporate and Retail Customers.
The Bank also has one of the largest networks of
56000+ ATMs spread across geographical locations.
Bank provides services to its customers through
alternate channels such as Internet Banking, Debit
Cards, and Mobile Banking etc.
To expand further reach, Bank is forging ahead with
cutting edge technologies and innovative new
banking models.
3 Statement of
Applicability
This document details the applicability and
justification for all ISO/IEC 27001:2013 controls for
Networking and Communication Department and
operations within the scope as mentioned in ISMS
Scope.
4 IP Allocations IP addresses are used to uniquely identify systems.
This document will provide guideline on IP
allocation process followed by Networking and
Communication Department.
5 TACAS ID Management TACACS is used as an interface to login to all
networking devices. This document will provide
guidelines on user access creation, modification,
deletion process for TACACS, followed by
Networking and Communication Department.
6 Link Procurement,
Decommission/Surrender
The purpose of this document is to provide guidelines
for Link procurement, Decommission/Surrender
process followed by Networking and
Communication Department
7 VPN configuration The objective of this document is to define a common
configuration deployed on SBI branch routers for
encrypting traffic via a VPN (Virtual Private
Network) tunnels using Internet Protocol security
(IPSEC) suite. The termination of the tunnels will be
at the VPN concentrators located at the SBI data
center.
VPN Configuration based on best practices –
(Security for VPNs with IPsec Configuration Guide,
Cisco Release) is used as a reference to aid the
preparation of the document.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 121 of 329 Confidential & Proprietary
8 Document Control The Purpose of this document is to provide
guidelines for Networking and Communication
Department on how to create and maintain
documents.
This procedure should be followed by all the
personnel at Networking and Communications
Department as and when they create
documents.Network Integrators / Vendors are
responsible comply with this procedure for their
respective processes
9 Password Management All users should have unique individual user IDs for
logging and accessing all the networking devices,
and tools. Shared IDs may be permitted for specific
business requirements after approval from the DGM
of Networking and Communication Department.
All appropriate IT assets (IT systems and data) that
require authentication using passwords should have
appropriate password controls in place to prevent
unauthorized or illegal access.
Password controls should be automated using system
features and parameters wherever feasible on all IT
assets.
10 Patch Management This document establishes a procedure to identify
and to patch technical vulnerabilities for network
devices managed by Networking & Communication
Department.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 122 of 329 Confidential & Proprietary
11 Incident Management The purpose of this document is to illustrate the
processes and activities involved in incident
management process to restore normal operations
following an incident, for Networking and
Communication Department at SBI.
The activities and associated sub activities for
Incident Management defined in this document are:
Incident Detection: Detect/Report Incident, Take
Ownership, Incident Verification, Obtain Incident
Details, Log Incident Details
Incident Classification: Define & Assign Type,
Category and Priority, Provide Initial Support,
Allocate Incident
Investigation and Diagnosis: Take Technical
Ownership, Ensure Correct Assignment, Initial
Client Contact, Match Incident, Investigate Incident
& Diagnose Incident, Update Incident Details,
Functional Escalation
Resolution and Recovery: Implement
solution/workaround, Ensure Recovery, Record
solution
Incident Closure: Confirm Closure, Admin and
Quality, Close Incident
Objective of the incident management
process is to:
i. Establish a structured, formulated process whereby
the incident moves from incident lifecycle stage
within specified time limits to ensure resolution in
accordance with the service level targets.
ii. Record and to establish ownership for each
incident to ensure resolution of the incident within
the specified service level targets.
iii. Maintain relationships with other processes to
ensure that configuration management database,
known error database, are updated.
12 Operational Security
Procedure
This document establishes procedure to ensure
correct and secure operations of Networking and
Communications Department.
This procedure is applicable to Networking and
Communications Department.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 123 of 329 Confidential & Proprietary
13 User Access
Management
The purpose of this document is to outline the
procedure in which user access accounts are created,
changed and terminated for Networking and
Communication Department. The goal of access
process is to ensure standardization across all
information technology systems and ensure the
appropriate data owners are contacted, informed and
approve each user access request. All user access
requests must be documented using procedures
outlined in this process. Implementation of this
procedure minimizes unauthorized access to
proprietary information and technology. This
procedure should be followed to request and approve
access to applications, create user accounts including
passwords, and provide ongoing maintenance of user
accounts.
Networking and Communications Department
controls logical access to all network infrastructure
for SBI. The overall goal of logical access is to
enforce and track the level of access to technology
equipment’s, preserving both data integrity and data
confidentially. Several ‘Controls’ for network tools
equipment’s security are essential to achieve this
goal. Logical access controls are protection
mechanisms that limit users' access to information
and restrict their forms of access on the system to
only what is appropriate for them.
14 Backup Management The purpose of this document is to provide a
guideline for adequate backup to be taken ensuring
that data is not lost and can be recovered in the event
of an equipment failure, intentional destruction of
data, or disaster.The purpose of this document is to
provide a guideline for adequate backup to be taken
ensuring that data is not lost and can be recovered in
the event of an equipment failure, intentional
destruction of data, or disaster.
Network Integrator (NI) should be responsible for
periodic backups of all the networking devices,
secure storage of the backups, and device recovery in
cases of failed backup.Networking and
Communication Department should ensure that the
timely backups are taken by the NI. Also, Network
Integrator should conduct restoration drills once in
every year, and report the results to DGM of
Networking and Communication Department, to
ensure that the device backups are operational and
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 124 of 329 Confidential & Proprietary
functional as per requirement. This activity should
help in restoring the backup in situations if the device
fails.
Networking and Communication Department should
ensure that the timely backups are taken by the NI.
Also, Network Integrator should conduct restoration
drills once in every year, and report the results to
DGM of Networking and Communication
Department, to ensure that the device backups are
operational and functional as per requirement. This
activity should help in restoring the backup in
situations if the device fails.
15 Disposal of Information
and System procedure
The purpose of this document is to define a procedure
for disposing information assets used by Networking
and Communication Department.
16 Risk assessment and
Treatment Procedure
The objective of this document is to provide
procedure and methodology for assessing the risks to
Networking and Communications Department.
The purpose of Risk Assessment and Risk Treatment
Methodology is to quantify numerically the risk
against the identified threats and vulnerabilities for
the identified critical information assets through the
application of existing and additional controls.
Risk Assessment and Risk Treatment Methodology
should enable identification and mitigation of
identified risks affecting the identified Information
assets, Intellectual property, which may result in any
adverse impact on the business operations.
This procedure is applicable to all the information
assets, intellectual property (that should have a
business impact when compromised); comprising of
documents in digital or non-digital format, and or
residing on different storage media, but not restricted
to, such as CDs, DVDs, tapes, hard disks etc. Other
assets including network infrastructure equipment,
software, tools, services and supporting utilities like
electrical supply, UPS systems, air-conditioning and
power substations identified and available in its
premises and those outside its premises with the
external parties of the company. External parties are
those who have signed the third party agreement with
Networking and Communications Department.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 125 of 329 Confidential & Proprietary
17 Network Security The purpose of this document is to provide procedure
for development and implementation of network
security procedure for Networking and
Communication Department.
SBI’s network must be used for valid business
purpose only. Networking and Communication
Department is responsible for protecting information
that passes through the network.
Network security resources such as Firewall, IDS,
etc. assist to protect all business data, and application
systems from unauthorized access.
Networking and Communication Department should
ensure security of information in networks and
protection of connected services from unauthorized
access.
18 Asset Management The purpose of this document is to provide a
guideline on appropriate classification, protection of
assets, for Networking & Communication
Department. All information assets should be
classified and protected in accordance with their
criticality and sensitivity.
19 Capacity Management The purpose and objective of this document is to
provide guidance on performing capacity analysis for
network devices.
20 NSPM firewall rule
implementation
The objective of this document is to define guideline
that should be followed by Application Departments,
Dependent Departments, Networking &
Communication Department, Information Security
Department (ISD) and Network Integrator for
firewall rule implementation.
21 Governance Structure
Procedure
The purpose and objective of this document is to
define Networking & Communication Department
Information Security Governance Structure & roles
and responsibilities of respective team.
Benefits of Information security governance
includes, effective management, mitigation of risks
and reduction of potential impacts on information
resources to an acceptable level.
22 Information Security
Awareness and training
procedure
The purpose of the document is to provide guideline
on implementing security control requirement for
Information Security Awareness and Training, as
identified in ISO 27001.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 126 of 329 Confidential & Proprietary
5. Above set up of the SOP documents need to be reviewed by the selected NI every quarter
from its approval by the Bank.
6. Based on the information collected by the selected NI, a detailed transition plan shall be
prepared and presented to the Bank (within 30 days from the date of issuance of
LoI/PO) explaining the important milestones with timelines and the sub-activities
involved to achieve each milestone. Any dependency on the current NI should be
highlighted by the selected NI at the initial stage and also during the transition period well
in advance so that the information could be provided by the current NI to the selected NI
and hence avoid delays in the project.
7. The selected NI shall appoint an onsite dedicated team consisting of at least a
professional Project Manager and an adequately sized technical team, having relevant
certifications and experience that shall be responsible for taking care of the entire
transition. It may be noted that the Bank reserves the right to change one or more transition
team members at any stage during the transition in case it is found that the identified team
members are not performing to the satisfaction of the Bank. The Bank also reserves the
right to interview the team members individually and give its decision on the inclusion or
exclusion of the team members. The Bank may also require augmentation of the team if it
is felt by the Bank that the team is not adequately sized. The selected NI shall have to
honour the request of the Bank without seeking additional cost, whatsoever.
8. The selected NI shall have to appoint a Single Point of Contact (SpoC) who shall be
supervising the entire process of transition from the current NI to the selected NI and shall
be stationed at the IT-NW&C department. The SpoC shall be responsible for addressing
the concerns raised by the Bank effectively and efficiently.
9. The selected NI shall have to form teams parallel to the team structure of the current NI
so that the corresponding team may interact with each other and make all efforts to
complete the project as per the approved transition plan.
10. The selected NI shall submit on the first working day of every week the progress
concerning the number and other details of branches/offices of the Bank for which the
management has been taken over by the selected NI. This weekly progress report should
also mention the issues (if any) being faced by the selected NI in carrying out the transition
smoothly. The progress should adhere to the approved transition plan.
11. As and when the transition in the management of a given LHO (including all other
offices/corporate offices and branches located under the geographic area) is completed by
the selected NI, a sign-off shall have to be provided by the respective LHOs. Similarly,
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 127 of 329 Confidential & Proprietary
transition in the management of the network of a given FO shall be provided by the
respective FO. For remaining locations such as DCs, State Bank Bhavan, GITC and other
corporate establishments located in Mumbai and Navi Mumbai shall be provided by the
IT-Networking & Communication Dept. Once it has been declared by the selected NI that
a branch/office of the Bank has been migrated, from that point onwards it shall become
the responsibility of the NI for the management of that branch/office, i.e. all issues in the
network are to be reported to the selected NI who shall be responsible for the rectification
of the issue as per the SLA defined in this RFP. The format of sign-off shall be finalized
by the Bank in consultation with the selected NI.
12. The selected NI shall have to maintain the database of all the branches such that all
essential details of the branches are stored and updated as and when there is any change.
The essential information that the selected NI shall have to obtain and store includes
branch code, branch name, branch complete postal address with the PIN, IP address
segment(s) assigned, GPS coordinates (latitude & longitude), Network IT assets (live or
spare) with serial number wherever possible, power backup (UPS, generators, etc.),
network links it has along with the associated details like link provider, bandwidth, last-
mile technology, etc. This database may be linked to the Links DB and Devices DB
(explained elsewhere in this RFP).
13. The selected NI shall have to provide the Escalation matrix along with the contact person
name, designation, email-ids, contact numbers, complete postal address (for sending letter
correspondence, if any). As and when there is any change in the Escalation matrix, the
selected NI shall update the same and provide the latest copy to the Bank.
14. The NI should ensure effective and efficient management of the existing network and
application infrastructure including management of existing branches, offices, devices,
links, Data Centres, the existing set of applications, etc.
15. While designing the network, the technical feasibility of using both the links (Primary link
and backup/alternate link) in active-active mode with load balancing as 1st preference,
load-sharing as 2nd preference shall be studied and implemented. The last preference of
the Bank shall be active-passive mode. However, regardless of active-active or active-
passive modes of utilizing the link bandwidth, the configuration should be such that when
one link goes down, the other link shall take an entire load of carrying the branch traffic
automatically and seamlessly to ensure there shall be no isolation/disruption in
connectivity.
16. The selected NI shall also be responsible for the implementation of the specialized
Solutions, that are in the process of being implemented and those that shall be procured
during the tenure of the contract. Any issue that may prevent the successful commissioning
of the Solution, shall be resolved jointly by the selected NI and the SI. However, if the
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 128 of 329 Confidential & Proprietary
issue pertains to the networking infrastructure, the sole responsibility of resolving the issue
shall rest on the selected NI.
Subsection A2: Handing-over network operations by Selected NI to its Successor
17. Each prospective bidder shall be required to provide along with their technical bids, the
list of essential documents with a brief description of the contents of the documents that
are typically required for handing over network operations by a current NI to its successor.
This shall apply to the existing NI as well.
Section B: Next Gen Network Operations Center (NOCs)
18. The selected NI shall be required to establish/build two NOCs (NOC-1 and NOC-2) at two
different locations in India. NOC-2 shall be a replica of NOC-1 except for UAT set up
which will only be in NOC-1. It may be noted that the NOCs that the selected NI shall
establish should comply with each clause specified in this RFP elsewhere including
scalability.
19. The selected NI shall be responsible for Design, Supply, Implementation, Customization,
Integration, Operationalization, and Maintenance of the Bank’s own Network Operation
Centres (NOC-1 and NOC-2) with all necessary tools and IT infrastructure including wall-
mounted screens, desktops (specifications provided below), etc. The operationalization of
NOC-1 should be completed by the selected NI in 150 days from the date of issuance
of the Letter of Intent (LoI)/Purchase Order (PO). The timelines to be followed for the
establishment of the Bank’s NOC are provided below:
Minimum Desktop Specifications for operations in NOCs: CPU i7 processor, 8 GB
RAM, 1TB HDD and dual connection monitor capability, Windows 10 (64 bit), alongwith
with keyboard, mouse, mouse-pad, and compatible monitors (minimum 15 inches).
Desktop quantity 200 (with suitable number of monitors).
S. No. Description
Timelines
(from the date of issuance
of PO/LoI)
1
Provisioning of (a) onsite Program
Manager, (b) onsite team of technical
resources from the selected NI and the
OEM for the commissioning of the
Solutions, (c) Escalation Matrix
7 days
2 Site survey where the NOC tools, NPMD
and LMS are required to be built. 21 days
3
Online submission of complete Solution
design and implementation approach
document. The selected NI shall discuss
30 days
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 129 of 329 Confidential & Proprietary
the approach in detail with the Bank. The
approach shall be finalized by the
selected NI in consultation with the Bank.
The Bank may make suitable changes in
the approach which shall be final and
binding on the selected NI at no
additional cost to the Bank.
4
Hardware Delivery (including all the
components of the solution) at the
intended site of NOC tools, NPMD and
LMS deployment.
60 days
5
Installation, Configuration,
Commissioning, & Operationalization of
the NOC-1, NPMD and LMS
150 days
6
Installation, Configuration,
Commissioning, Customization &
Operationalization of the NOC-2
180 days
20. The NOCs so established by the selected NI shall be compliant to the specifications as
mandated by the following certifications:
20.1 ISO 27001:2013 (for ensuring that international standards are being followed for
maintaining confidentiality, integrity, and availability of customer data, systems,
and infrastructure)
20.2 ISO 9001:2015 (focused on meeting customer expectations and delivering
customer satisfaction)
21. It shall be the responsibility of the selected NI to obtain the above-specified
certifications within 365 days from the date of issuance of the PO/LoI for the
establishment of the Bank’s own NOC. The prospective bidders shall have to submit
along with the technical bids the NOC establishment plan (along with the specific
milestones and the corresponding timelines) including obtention of the above-mentioned
certifications on behalf of the Bank.
22. Banks NOC facility including tools and associated infrastructure must be set up in the
Bank identified premises/location. The implementation of NOC-2 shall be carried out after
the successful operationalization of NOC-1.
23. The selected NI shall be responsible to ensure that the NOC architecture, tool
configuration, and NOC operations comply with the Bank’s information security policies
and industry-leading standards and applicable laws and regulations. The illustrative list of
security and other guidelines has been enumerated below:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 130 of 329 Confidential & Proprietary
23.1 The NOC must be physically secured and must have separate entry and exit gates
for NOC personnel with two-factor access control with one factor should be a
biometric feature (preferably face recognition). The NI must not allow
unauthorized entry and should have the facility to track and report on the
same. Similar access control to be provided for network/server rooms wherever
required.
23.2 The NOC including server/ network room must have security measures for high-
quality video surveillance of this facility with complete coverage of NOC area with
clear legible images. Minimum 180 days complete surveillance image archival
facility for audit and forensic purposes.
23.3 The NOC must have state of the art telephony systems (i.e. use of
automation/advanced features for electronic transmission of voice and data to
improve NOC operational efficiency in terms of overall user experience) which
are IVR based for call receiving and dispatch to the right teams.
23.4 NOC telephony systems should support Inbound /outbound international /domestic
voice calls through a toll-free number.
23.5 NOC telephony systems should have redundancy and high availability.
23.6 The system must be redundant with the ability for reporting and capability for
integration with the Bank’s Email and other solutions.
23.7 The telephony system must have the ability for the supervisor to barge in, listening,
and coaching.
23.8 There should also be a system for call recording and reporting, for call quality,
auditing, and training.
23.9 The telephony system must be compliant with all relevant TRAI regulations and
have the necessary clearances by the competent authority.
23.10 NOC service desk should able to handle a minimum of 2000 calls per day.
23.11 NOC service desk team should be equipped and trained to assign the tickets/calls
to the respective team of engineers (like NAC, proxy, etc.) with the criticality level.
23.12 Branches and other users should be able to register their complaints through
various modes like Voice calls, missed calls, emails, SMS, mobile apps.
23.13 Service Desk system should generate auto tickets to avoid any missing complaints.
23.14 NOC telephony should prompt callers to self-direct through the main menu and
call tree with IVR/ voice bot. Ability to provide customized messages, menus, and
treatments based on the purpose of calling.
23.15 NOC service desk system should display customer information to the agents as the
call arrives. It should also support integration with ITSM tools for intelligent call
routing.
23.16 NOC service desk should have the ability to automatically distribute emails to the
best-fit agent based on content analysis and keywords.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 131 of 329 Confidential & Proprietary
23.17 The service desk system should be capable of providing reports to measure the
required metrics and data for analysis of performance at all stages of
complaints/requests.
23.18 NOC infrastructure should have the ability to send automated and agent-assisted
communication through multiple channels like voice, email, SMS, and mobile
apps.
23.19 The tools deployed in the NOC must be enterprise-grade licensed Software and
hardware, which must be recorded in an asset base and must be auditable.
23.20 The tools must be capable of SNMP V3 protocol-based polling and receiving
SNMP traps
23.21 The tools must be capable of monitoring of all network devices and links on the
Bank’s network.
23.22 The tools must be able to deliver all the service outcomes with the ability to grow
for future scale without any disruption to the ongoing operations.
23.23 The tools must be integrated for all service operations, from the service desk to
monitoring incident management to problem management, change management,
configuration management, etc.
23.24 The tools shall have the features to provide dashboards for operational and business
views.
23.25 Asset tracking and reporting- Ability to have a comprehensive asset Database of
all monitored assets with all Configuration Items (CI) details as per ITIL definition
and report generation utilities.
23.26 The NOC tools must be able to monitor all managed elements (including links) on
the network in a secured manner while providing an authentication mechanism for
all authorized users and logs for the same.
23.27 The NI shall be responsible for the integration of a third-party network into the SBI
network. The selected NI should also have database of the all the third party
network owners, IP addresses used and the applications being used with the
owners, for overseeing any kind of network-related work done by other vendors /
third party apart from NI and make sure that the implementation is compatible with
the Bank’s current LAN and WAN architecture.
23.28 The selected NI Shall be responsible for any acts of third party/ OEM/ Vendor
engaged by them on behalf of the Bank.
23.29 The NOC tools shall be integrated with the Bank’s endpoint security solutions such
as Active Directory (AD), Anti-virus (AV), Patch Management System (PMS),
Data Leakage Prevention (DLP), etc.
24. The bidders shall provide the details of the proposed NOCs (NOC-1 & NOC-2) containing
at least the following information meeting with Bank’s Security policies:
24.1 NOC Architecture diagram (LLD and HLD) including security segments (like
firewall/ IPS etc.)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 132 of 329 Confidential & Proprietary
24.2 Bill of Material (BoM) – Name of the software/hardware model, Qty, Purpose,
other technical details.
24.3 Traffic/Data flow between the components of NOC systems.
24.4 Business Continuity Plan (BCP) – clearly stating different scenarios considered.
24.5 A short write-up on each Software tool and explanation to describe the purpose
and dependency of such tools.
24.6 Hardware configuration of each physical component.
24.7 List of Software and utilities used for NOC operation.
Note: The information stated in point number 23 should be provided by the Bidders
during their technical online bid submission.
25. The selected NI shall be responsible for monitoring all the network devices and
communication links from the NOC and for providing a unified portal so that the same
may be used for the following:
25.1 To view the current health status of the entire network of the Bank in a single high-
level view.
25.2 Starting from a country/location, it should be possible to drill down further up to
the branch having a network health issue.
25.3 Device/link uptime.
25.4 Devices resources (CPU, Memory, etc.) utilization.
25.5 Link utilization and up/down status (for both primary and secondary links).
25.6 Voice call flow monitoring.
25.7 Ticket monitoring (status of tickets, resolution time and method, etc.).
25.8 SLA Reporting in the format provided by the Bank. All SLA reports should be
available on the portal which can be downloaded as and when required by the
Bank.
Note: Multiple portals/URLs for viewing different information will not be acceptable to
the Bank. Also, the features/capabilities listed above is for illustration purpose only and,
thus, should not be treated as an exhaustive list of features. The format of reports shall be
finalized by the Bank after discussing the same with the selected NI.
26. The portal/dashboard should be accessible by different users from different locations.
Dashboard/ portal and all tools must have user access control and should provide logs for
the same, it should also provide role-based access.
27. The selected NI shall have to monitor the sites pro-actively and should take necessary
actions to restore the link without waiting for the down call from Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 133 of 329 Confidential & Proprietary
28. The selected NI shall be responsible for impact assessment and modification of NOC
operations at no extra cost, on account of any changes to applicable information security
policies/procedures/standards/ regulations, etc.
29. The selected NI shall be responsible for monitoring network from NOC location and
maintaining network uptime by ensuring that faults are effectively resolved
within the defined timelines. The NI shall also be responsible for directing and
coordinating with the field team to carry out corrective/ change activities on-site in case
field support is required.
30. The selected NI shall be responsible for integrating each device with the NOC monitoring
and management systems so that every critical parameter/element/resource can be
monitored and managed proactively. The NI must ensure that the NOC tools should be
capable of handling 1,50,000 network devices and 1,00,000 communication links in
the Bank’s network, from day one and scalable up to 2,50,000 network devices and
1,50,000 communication links.
31. The selected NI shall also be responsible for providing NOC tools that should be both
horizontally and vertically scalable.
32. The selected NI shall be responsible for the development and implementation of following
processes for monitoring, management and operation of the NOC including, but not
limited to:
32.1 Capacity Planning.
32.2 Configuration and Change Management.
32.3 Incident and Escalation management processes.
32.4 Daily standard operating procedures.
32.5 Training procedures and material.
32.6 Reporting metrics and continuous improvement procedures.
32.7 The DR plan for the entire network must be developed by the selected NI.
32.8 Security Patch management procedure.
32.9 Integration of NOC tools with the Banks’ other applications/ tools.
Note: The technical bid should contain an overview of the processes mentioned above.
33. Each bidder shall have to provide distribution of the network engineers that according to
them would suffice for the management of the network and solutions as described in this
document. The bidder, to provide this information, may seek relevant information in the
form of queries that may be raised through pre-bid queries. The Bank shall provide the
required information that shall not constitute a violation/breach of sharing confidential
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 134 of 329 Confidential & Proprietary
information or for any other legitimate reasons. The format to be used by each bidder is
provided below:
Location:
S.No. Role
Designation
(operations
manager, project
manager, technical
resource etc.)
Level
(SD, Field
Engineers, L1,
L2, L3 etc.)
Specialization
(project
management,
security, routing
& switching,
architect ,
system admin,
etc.)
Count
Type of resource
(dedicated/shared,
offsite/onsite)
Note: The above information is required to be provided for each of the following locations
separately: GITC, PR NOC, DR NOC, 17 LHOs, inside 5 DCs of the Bank. Bank’s
proposal on the same is provided in Appendix-Q.
34. The selected NI shall have to ensure the capability to receive and respond to calls and
emails on a 24/7 basis from the Bank and its vendors.
35. NOC Tools: The following table describes the minimum set of features that the NOC tools
shall have:
Sr. Tool Type Functionality
1 Event
Monitoring &
Detection
• The network monitoring tool must provide the information
necessary for network management (i.e. ISO FCAPS
model).
• The tool should collect useful information from various
parts of the network so that the network can be managed
and controlled.
• The tool should be able to find network performance trends
and do predictive analysis.
• Network incidents should be detected, monitored, and
resolved.
• The monitoring tool should keep a record of what devices
of the network are used by users and how often they are
used.
• This tool must also be able to generate bandwidth
optimization reports.
• Must be capable of SNMP V3 (or any updated version
released during the contract period) protocol-based polling
and receiving SNMP traps.
• monitoring of all device and links on the network
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 135 of 329 Confidential & Proprietary
• The proposed Solution must automatically discover
manageable elements connected to the infrastructure and
map the connectivity between them.
• The proposed system must support multiple types of
discovery including the following:
• Seed router-based discovery – Using route tables and
SNMP MIBs
• IP discovery
• Import data – from pre-formatted files (Ips, ranges,
strings or ports)
• Trap-Based Discovery – whenever new devices are added
with the capability to exclude specific devices based on
IP addresses / IP Address range
• The system should provide discovery & inventory of
heterogeneous physical network devices with providing
information about the make, models, and their category.
• The system should support maps grouped by network
topology, geographic locations of the equipment, and user
group/departments. These should help in understanding
physical Networks, virtual Network services, and the
relationships between them. It should also support the
manual selection of fields to view customized topology
and device groups.
• The proposed Solution must provide a detailed asset
report, organized by vendor name and device, listing all
ports for all devices.
• Network Fault Management should support both client-
based and GUI-based monitoring console.
• The proposed Solution should provide out of the box root
cause analysis with multiple root cause algorithms inbuilt
for root cause analysis.
• The system must use advanced root-cause analysis
techniques and policy-based condition correlation
technology for a comprehensive analysis of infrastructure
faults.
• It should have a strong event correlation engine that can
correlate the events based on event pairing, event
sequencing, etc.
• The system must be able to ‘filter-out’ symptom alarms
and deduce the root cause of failure in the infrastructure
automatically
• The system should be able to consolidate alarms from
non-IT systems such as sensor/SNMP enabled UPS, DG
sets, etc to provide a view of the operations environment
that supports the branch level IT assets.
• The tool must use AI-based ML for the following:
➢ Elicit patterns and real-time correlations to
cluster relevant events and reduce event clutter
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 136 of 329 Confidential & Proprietary
➢ Identify anomalous conditions to address
problems before they affect customers
➢ Baseline normal operational patterns and adapt
thresholds to changing behavior in real-time
2 Incident
management
• All networks level alerts from Network and Event
Management Systems shall be ticketed in ITSM Tool
automatically or through administrator-defined rules.
• The tool should be able to escalate incident/ link down
cases to the service providers based on the escalation
matrix after predefined trigger points.
• Incident Management to support Parent and Child Incident
Mapping.
• Based on the rules defined, all subsequent events of the
same Incident to be updated or suppressed under an
existing Incident.
• The tool should leverage the relationship between Cis in a
CMDB (configuration management database) for
identification of the root cause of the incident.
• Resolving Parent Incident should automatically resolve all
child Incidents.
• The selected NI shall have to monitor the sites pro-
actively through the NOC and should take the necessary
action to restore the link without waiting for the down
call from Bank.
• The tool should be able to auto-assign incidents to support
personnel for actions to fix, confirmation, test, etc.
• When an Incident is raised and before assignment to an
agent, the System shall perform initial Level
troubleshooting and automated checks to provide a quick
update of the Incident in the notes.
• The System shall only allow the Network Incidents to get
resolved, only when the network event is cleared in the
Network or detected by Network Management System.
• The tool should be able to generate reports on
statistics/metrics about incidents (e.g. average time open,
number of incidents with each status total number raised,
open or closed).
• The tool should be able to store the information about the
attributes of incidents (e.g. severity)
• The tool should be able to store attachments (e.g.
screenshots).
• The tool should be able to prioritize incidents.
• This tool must be able to send incident triggered SMS and
email to all the stakeholders of the Bank and NI. Since the
Bank has its SMS Gateway, the selected NI shall have to
integrate the NOC tool and the Bank’s SMS Gateway for
sending the SMS messages.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 137 of 329 Confidential & Proprietary
• SMS and email must be based on policies defined by the
Bank under need to know basis. The tool should provide
incident reports – hourly, daily, weekly, monthly, yearly,
and for a specified period.
• Integration of Incident management systems with the Bank
vendors and partners through relevant APIs.
• Auto escalation processes to be supported.
• Problem Tickets in ITSM tool shall follow the lifecycle of
Problem Management – New, Assess, Root Cause
Analysis, Fix In-Progress, Resolved, Closed, etc.
• Problem Management tickets shall be created
automatically and by the system based on business rules
on consecutive incidents.
• Repeated Incidents within a predefined interval shall
qualify for automated problem management tickets.
• The incident management system shall capture detailed
RCA with corrective actions.
• Corrective actions as indicated in the Problem Ticket shall
be reviewed and approved in the ITSM tool.
• ITSM tool shall also provide options to accept risks for
specific Problem Management tickets.
• NI is responsible for providing ticketing tool access to the
network service providers for effective incident
monitoring and resolution.
• The selected NI shall also be responsible to integrate their
ticketing tool with the ticketing tools of other service
providers (external solutions) or ticketing tools being used
by the Bank (internal solutions).
3 SLA
Compliance
• Automated SLA compliance calculation and SLA breach
warning alerts.
• Automated web-based SLA report generation and
distribution
• SLA compliance historical reporting with trend analysis
• Operational Level Agreement (OLA) compliance
monitoring with service desk integrations
• It should be uniquely positioned for ITIL, Six Sigma and
other quality improvement initiatives
4 Network
performance
& capacity
management.
• Speeds troubleshooting, resolves network outages and
reduces downtime
• Monitors and displays response time, availability, and
performance of network devices.
• Improves operational efficiency with out-of-the-box,
customizable dashboards, alerts, and reports
• Automatically discovers and maps network devices and
typically deploys in less than an hour.
• Network health monitoring, which for example checks
various parameters on the router like CPU Utilization,
Memory Utilization, Errors and Discards, Voltage,
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 138 of 329 Confidential & Proprietary
Temperature, CRC error, Collisions, Buffer statistics (Hits,
misses and failures), etc.
• Network traffic analysis, which shows how exactly the
bandwidth is being utilized through interface-specific reports
on which user, source and destination IP address,
conversation, type of traffic (HTTP / HTTPS / SFTP / TCP/IP,
UDP, application-specific, etc.) and other
parameters/overheads, etc. is occupying bandwidth, etc.
• This tool must monitor network/link latency in real-time.
• This tool must be able to auto escalate regarding the breach
of max utilization of bandwidth and also able to report
regarding breach of x% growth in traffic within 30 minutes.
• Trends of the utilization of all assets. It could be a memory,
CPU, bandwidth, downtimes, uptimes, packet loss, latency,
jitter, etc.
• The Solution should provide near-real-time network
monitoring and Measurement of end-to-end Network
performance & availability to define service levels and
further improve upon them.
• The proposed Solution should provide the following
performance reports out-of-the-box:
o An executive summary report that gives an overall
view of a group of elements, showing volume and
other important metrics for the technology being
viewed.
o Capacity Planning report which provides a view
of under and over-utilized elements.
o Service Level report that shows the elements with
the worst availability and worst response time.
• The tool should have the capability to configure different
polling speeds for different devices in the managed
infrastructure with the capability to poll critical devices.
• The Solution should be able to provide performance data
& threshold-based alerts for real-time performance
monitoring, reporting, and historical trending.
• The tools should use AI-based machine learning that
provides capacity predictions for link up-gradation, down-
gradation, network device augmentation etc.
• Ability to monitor Branches LAN/ WAN link and enrich
with geo-location, branch id, business hours to Service
Provider (SP) link types and create SP performance rank
report using a statistical data model.
• The monitoring Solution needs to be able to ingest logs,
metrics, flows, and events into efficient key-value databases
where they are stored to later be accessed and analyzed.
• The system should have the ability to check the
availability of a remote connectivity resource – infra devices
or URLs through the heartbeat.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 139 of 329 Confidential & Proprietary
• The proposed Solution should support, SNMP V3,
Syslog, NetFlow, API integration where applicable, and
Command line-based response analysis as data sources.
• The Solution should be able to monitor custom scripts
and alerting the same when it crosses the set thresholds.
• The proposed Solution should be capable of generating
reports and to notify the concerned team through Email/SMS
• Ability to create a correlation between a sudden increase
in network traffic and Slashdot effect, with users, systems,
and applications used to create a correlated compound alert.
• The proposed Solution should be capable to provide GUI
based reports & topological maps of network devices by
location and impact.
• The Solution should have the ability to integrate with
other systems and overlay and predict business volume vs
network usage.
• The proposed Solution should provide a single dashboard
to track the infrastructure devices of DC and DR with a drill-
down facility.
• User experience alerts- use the anomalies discovered
using Machine Learned data model from user experience
golden signals to create custom alerts regarding issues
affecting customer experience.
• The Solution should use automated data slicing, Natural
Language Generation (NLG), and user feedback based fine-
tuning of insights control to create automated insights.
• The system should have a dynamic auto baselining of
alerts for utilization, bandwidth usage, packet errors,
latencies, etc.
• The system should support Anomalies related to rare
events, sudden spikes in usage, and abnormal variations in
patterns.
• The Solution should have univariate forecasting of
bandwidth usage, capacity enabling better planning of
bandwidth, and telecom and Internet service providers SLA
terms.
• The Solution should perform Operational performance
index (OPI) involves a better prediction of incidents across
each touchpoint and business flows.
• The Solution should have SP indexing with the following
functionalities:
o Indicate robustness of current operations and SLA
via measuring customer experience index.
o Performance Scoring.
o It should use Monte Carlo probabilistic methods.
o Uses proxy signals like Branch peak hours, ISP
link outages, and other data enrichments to make the
index dynamics and more specific.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 140 of 329 Confidential & Proprietary
o Capacity planning and assess trade-off choices in
choosing the best ISP across geo-locations.
• Out of the box storyboards for Isolated Links, Links on
Primary, Secondary, etc.
• The proposed Solution should able to provide bandwidth
consumption information for IP to IP communication or IP to
Geolocation communication or IP to Ips communications.
5 Asset
profiling and
management
• Following entities shall be part of the Asset database
[CMDB]
Sites/Branches, Physical Assets including non-IT assets
that support IT assets, Logical Assets – Licenses, IP
Subnets, Links, etc.
• The asset DB shall maintain the lifecycle of each Asset in
the database
• The asset management system shall have the capability to
discover assets, track changes of attributes, and maintain
the history within its database.
• In addition to used/live devices proposed tool should also
capture the spare and free devices with their location so
that the same information can be used in mobilization.
• The tool should help maintain AMC contracts of each asset
in the SBI network.
• Ability to have a comprehensive asset Database of all
monitored assets with all Configuration Items (CI) details
as per ITIL definition and report generation utilities.
• The Asset management system should also support a
Configuration management database [CMDB] of all
assets.
• CMDB shall maintain relationships of all Cis of a
particular asset in the database
• Incident Management Process shall use the relationships to
suppress/aggregate the alerts based on the relationships
maintained by CMDB.
• Change Management Process shall use the relationships to
identify the affected entities based on the relationships
maintained by CMDB.
• The tool should be automated and should accelerate the
process of asset identification of all SBI’s network
devices.
• Advanced auto-discovery that checks IOS Software
against an application’s knowledgebase.
• Monthly asset knowledgebase updates.
• A fast, convenient mechanism for adding proprietary and
legacy of network products.
• This tool must be capable enough to highlight those
devices which are with decommissioned branches.
• For physical universe – To provide a dedicated IT asset
life-cycle management suite which will have a separate
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 141 of 329 Confidential & Proprietary
ITAM module where the dynamic real-time inventory will
be available on the fly. This ITAM module should be part
of ITSM, which will be used for Bank’s network
management.
6 Configuration
management
• In real-time, the Solution should detect configuration and
asset information changes made across a multi-vendor device
network.
• The Solution should capable to detect, compare & alert on
changes based on which decision could be made for rollback
or implementation of changes.
• The Solution should be able to identify vulnerabilities
based on security advisories and take necessary corrective
actions.
• The Solution should support configuration
deployment/rollback using policies, configuration templates,
and ad-hoc commands.
• The Solution should provide options to take incremental,
scheduled, and full configuration backup.
• The Solution should capable of performing Configuration
backups /Policies/OS images/rollback to multiple devices at a
time
• The Solution should have provision to Schedule the Task
for a specific date, weekly, monthly, quarterly, etc.
• The Solution should capable to automate all repetitive &
time-consuming tasks related to network device configuration
& change processes.
• The Solution should be able to track and detect any
configuration changes and alert accordingly.
• Deploy and monitor IOS operating system images,
network security patches from a centralized network
management system.
• The Solution should be able to push standard templates for
existing network devices and new deployments.
• The Solution should support the device communications
protocols (for example, Telnet, SSH, TFTP, FTP etc…)
• The Solution should manage network compliance by
comparing devices to Custom defined, best-practice standards,
Gold Standard, etc…
• Should maintain policy compliance using continuous
configuration auditing and remediation.
• The Solution should capable of automated remediation to
bring devices back to policy compliance or to a default
configuration status.
• It should manage device access and authorization through
a centralized control model.
• The Solution should provide a browser-based
customizable Executive dashboards widget/page showing
Device Statistics & their Compliance.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 142 of 329 Confidential & Proprietary
• Schedule and generate custom reports on all aspects of
network device statistics and their compliance.
• The Solution should capable of integrating other
management systems and ITSM tools through Rest APIs for
change management and custom workflows.
• For logical universe – IPAM tool for mitigating challenges
related to IP distribution, IP usage, central dashboard.
7 Change
Management
• The system should support all the three types of service
changes ITIL describes — standard, emergency, and normal.
• Support various roles for the requester, approver,
reviewer/CAB, etc.
• Should support risk assessment of the change, scheduling
of change, record impacted assets, and associated Cis.
• Ability to detect change conflicts, integrate with Incident
and problem management processes to drive an Integrated
Change.
• Must support Change management reports and analytics.
• Should support post-facto approval.
8 Dashboard &
Reporting
• NI is responsible for providing different operational and
business dashboards as per Banks requirements
• NI must set up a minimum of 6 wall displays of
minimum 55” size for displaying various screens (which
are critically required) for the dashboard in the NOC.
• Call/ticket monitoring (status of open and closed tickets,
resolution time and method, etc.)
• The dashboard must have a drill-down approach to the
branch level, incident ticket updates, and log of times from
when the incident has occurred and what actions are taken
till resolution.
• The tool should have the ability to filter views by problem
type, by Circle, by Branch Code, by down-since, and other
such various filters. The tool should also support regular
expression for specifying the search criteria.
• The tool must be capable of providing different views
based on login credentials, by Bank Circles, Regions, and
Countries, etc.
• The entire dashboard should be as real-time as possible
with capability for back in time and calendar filters.
• The Dashboard should be GUI based (e.g. Country map
showing all branches, color coding on branches based on
the health of the network of branches, etc.) automated user-
friendly tool that will give an integrated picture of
the health of all the Bank branches and Foreign Offices.
• SLA Reporting (including links health details) in the
format provided by the Bank. All SLA reports should be
available on the portal which can be downloaded as and
when required by the Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 143 of 329 Confidential & Proprietary
• Operational reports as per the format defined by the
Bank.
• The selected NI shall provide a WEB based Business
dashboard for the Bank and its vendors (if required),
that shall provide for the following (but not limited to):
• A complete view of the network health across
India and overseas
• Colour coded view of outages in the network
• The bandwidth of the branches
• Link status. If down, it shall display the downtime
details and ETR and the reason for the outage. The
link status should display for both Primary and
secondary links at branches. The incident ticket
should be generated for both the links if both links
down. Manually generated incident tickets should
reflect in Dashboard immediately after ticket
generation.
• Near real-time bandwidth utilization, etc.
• Categorization of the incidents shall be discussed
and finalized with the selected NI
• country map displaying all important locations such as
LHOs, Corporate offices, and other important and critical
sites in India and branches/offices in foreign countries
• Mobile dashboard (android, iOS, and Windows
compatible): The selected NI shall also be responsible to
extend their “desktop” dashboard reporting service to the
mobile dashboard wherein all the stakeholders of the Bank
will be able to see outputs on the mobile dashboard. The
mobile dashboard should be implemented as a mobile
application. The selected NI shall have to provide the
mobile dashboard within 90 days from the start of the
contract.
• The tool to provide a Web and mobile-based business
dashboard for the Bank and its vendors (if required), that
provide for the following (but not limited to):
• A complete view of the network health across the
country and overseas.
• Color-coded view of outages in the network.
• Information regarding all the network devices
deployed on the entire SBI LAN and WAN
network as well as information about the OS
version installed on these devices.
• The number of ports available.
• Bandwidth details of primary link and secondary
link
• Link status up and down with colour codes (Y/N).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 144 of 329 Confidential & Proprietary
• The bandwidth of the branches and its utilization
for both links.
• Link down status including the downtime details.
• Details of expected time of restotation (ETR)
• Reliability of links, packets loss, latency, jitters
etc.
• Real-time bandwidth utilization etc.
• Application-wise bandwidth utilization such as
bandwidth utilized for CBS, LLMS etc.
• Various incidents, problems, service and change
requests, and their status.
• Capacity trends and forecasts.
• Status and health of non-IT assets such as UPS etc. that are
used to support the routers and other IT assets in the
branch.
• Fully customizable dashboard according to the
requirement of the Bank.
• It should have full compatibility with web and mobile-
based (android and iOS).
• The selected NI shall have to build a workflow for link
management staring from the proposal for link
procurement, conducting feasibility, issue of the purchase
order, link delivery, its deployment, BW
upgrade/downgrade, and surrender/termination.
• All the reports should made available online,
downloadable, and print-friendly in excel and pdf.
• The dashboard should meet all security parameters as per
the Bank’s IS policy.
• The dashboard should support major browsers such as
Microsoft Internet Explorer, Google Chrome, Mozilla
Firefox.
• Dashboard sign-off will be provided only after the
closure of all security observations pertaining to the
dashboard.
Note : The Mobile dashboard to be provided by the
selected NI for monitoring purpose/for
Branches/Controllers as stated above should provide the
following informations on their Mobiles-(android, iOS,
and Windows compatible):
• Complete view of the network health across the
country and overseas through drop down Circle-
wise, Adminstative Office-wise, Regional
Business Office-wise and Branche-wise.
• Color-coded view of outages in the network.
• Status of network devices deployed on LAN and
WAN network.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 145 of 329 Confidential & Proprietary
• Bandwidth details of primary link and secondary
link
• Link status up and down with colour codes (Y/N).
• The bandwidth of the branch and its utilization for
both links.
• Link downtime details and expected time of
restotation (ETR)
• Reliability of links, packets loss, latency, jitters
etc.
• Real-time bandwidth utilization etc.
• Application-wise bandwidth utilization such as
bandwidth utilized for CBS, LLMS etc.
• Centralised portal for management of physical and
logical universe.
Note: Specific details regarding the Dashboard tool shall be
discussed with the selected NI. The decision of the Bank shall
be final and binding on the selected NI.
9 Process
Automation • NI must provide tools capable of automating, but not
limited to, the following NOC activities:
o Reports.
o SLA Compliance.
o Events Detection and Monitoring including
Network Performance issues.
o Incidents Recording and Monitoring.
o Service requests.
o Change Management requests.
o Moving Average Convergence Divergence
(MACD) Histogram.
o Approval process.
o Assets’ Profiling.
o Configuration Changes/Upgrades, verification of
configuration parameters.
o Penalty Calculations.
o Patch Management
• The NI should be able to automate the operational
activities which are carried out on a day to day basis.
• A dashboard for all the mentioned tools should be provided
by the NI.
• The tool should able to reduce human efforts at routine
activities by automating the tasks on the above service
operation areas.
• The automation capability should complement the NI
technical skills by reducing the incident resolution times.
• The tool must also have the ability to learn new actions via
the recording of the NOC operator activities, to be
automated for the next occurrence of this activity.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 146 of 329 Confidential & Proprietary
• The NI must have an established CSI capability to
continually improve the Network availability, by
leveraging the automation tool capability and process
excellence.
• The automation tool capability must be installed and
operated as a part of the NOC services.
Data to be collected and stored for the entire contract period in a structured
retrievable format:
• Branch wise band width utilisation.
• Application wise bandwidth utilisation for all locations.
• Branch wise band width utilisation at various points of time.
• Data of all incidents with complete action points and time lines.
• Ticket life cycle with data point likes, ticket generation time, various action points
with timelines.
• Request data with complete action points and time lines.
• Call statistics as per the SLA.
• Service desk statistics for various modes of inward communications with data
points like, complainant branch/department, called purpose, action taken, various
action details with timelines.
• Team wise operational statistics with action timelines.
• IT assets life cycle management data.
• Device data.
• Device/ link stats – Bandwidth, CPU, Memory utilization…
• Branch /region /AO /LHO wise link deployed data.
• TSP wise link life cycle data.
• Change request data.
• Knowledge base.
Note: This list is not exhaustive and NI should collect and preserve all data
relevant to network and NOC operations management.
Note:
a. The data required for the period before the commencement of the contract (starting
from 01.01.2016) shall have to be obtained from the existing NI during the
transition phase and shall have to be imported into the Dashboard and other relevant
tools.
b. Multiple portals/URLs for viewing different information will not be acceptable to
the Bank.
c. NI is responsible for obtaining any statutory approvals/ licenses to operate Banks
NOC.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 147 of 329 Confidential & Proprietary
36. NOC Reports:
36.1 The selected NI shall provide the periodic or on-demand reports as requested by
the Bank.
36.2 The details of the reports, the frequency of the reports, and the format of the reports
will be decided by the Bank.
36.3 All the required reports should be available and preserved in the dashboard and
should be downloadable in pdf and excel format as per the Bank’s requirement.
36.4 The selected NI must discuss all the reports with the Bank and their exact online
submission time etc. and then take a call for all the three levels mentioned in SLA
compliance.
36.5 The NI may be required to provide some/all the following reports or more.
However, the required report frequency and the exhaustive list shall be finalized
with the selected NI. Also, the selected NI must make available the reports from
01.01.2016.
The sample list of reports:
Sl.
No.
Report Requirement Frequency
1 Call Statistics (daily, weekly, monthly) Daily/Weekly/Monthly
2 Daily Reporting with uptime /downtime &
reason
Daily
3 Escalation Report On request
4 MTBF Analysis Report calculated quarterly Quarterly
5 MTTR Analysis Report (Monthly) Monthly
6 Frequent Problem Analysis Report Monthly
7 Vendor wise Analysis / Performance
Report (downtime status)
Online
8 Online Link Up/Down Report Online
9 Group-wise Link up/down, utilization, SLA
Report
Online
10 Location wise links up/down report Online
11 Application-level BW utilization on-
demand Link analysis such as
up/down/utilization history
Online
12 BW utilization on crossing threshold limit
etc.
Monthly
13 Top 10 Link (high / low uptime) Online
14 Last 3 call history for a location Online
15 CRC Errors Reports On request
16 Router CPU Utilization Reports Daily
17 Router Free Memory Reports Daily
18 Network Uptime Report Online
19 Application Response Time Reports Online
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 148 of 329 Confidential & Proprietary
20 Updated network diagram/topology
information
Online
21 BGP/OSPF/any other IGP uptime report. On request
22 Incident Reports/Alerts Online
23 Root Cause Analysis (RCA) report for
critical incident
Online
24 Updated port wise hardware information Online
25 Update on all the activities conducted in the
network.
Weekly
26 Change Management Report for each
change
Monthly
27 Isolated branches report 11:00 AM & 5:30 PM,
Daily
28 Link down incidents report 11:00 AM & 4:30 PM,
Daily
29 Isolated branches 11:00 AM dashboard data
updated report.
4:00 PM, Daily
30 >72 Hrs isolated branch down BSNL
category incidents reports
10:30 AM, Daily
31 Greater than 24Hrs down branches report. 2.30 PM, Daily
32 Daily Top 10 Bw utilization, CPU/Memory
utilization report
11:00 AM,
Daily
33 Backup Link testing report 6:00 PM, Weekly
34 Branch Downtime Report –
Telco/DD/Bank category 10am to 6pm
4:00 PM,
Daily
35 ORM Report – Branch network downtime
report 10 am to 6 pm
Monthly
36 Major Incident Report on
daily/weekly/monthly basis
Daily/Weekly/Monthly
37 NOC Staff attendance report Daily/ Monthly
38 Overall deployed branch and link details
report
Monthly
39 FAR Implementation status report 01:00 PM Daily
40 L1, L2 & L3 Pending tickets status report 01:00 PM Daily
41 AAA User management report Monthly
42 Updated network diagram/topology
information
On-demand
43 Update on all the activities conducted in the
network.
Weekly
44 Proof Of Concept (POC) result/report On-demand
45 Change Management Report for each
change
On-demand
46 Asset Reports On-demand
47 Weekly stock report Weekly
48 Monthly shifting of links/sites report Monthly
49 Manpower deployment-cum-attendance
report
Daily
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 149 of 329 Confidential & Proprietary
50 SLA and Penalty report (with calculation
formula)
Daily
51 Others (as per requirement stated in RFP) On-demand
37. The following are the tentative expectations with respect to OEM involvement during the
contract period, that the selected NI shall have to ensure:
37.1 Review of Technical Requirements Specification document, considering all
quantitative and qualitative aspects related to the configuration of the Solution
from an industry-leading practice and in tune with regulatory guidelines.
37.2 Review of Solution architecture to assess the extent to which the same will support
business requirements and review gaps/ customizations if any.
37.3 Review of information requirements and supporting processes w.r.t completeness
and quality
37.4 Review of functional configuration by duly benchmarking against defined scope
and business requirements
37.5 Review of test strategy, scenarios and test cases developed for supporting the
configuration for conducting UAT of the Solution configured.
37.6 Review of UAT environment, plans, mapping of test cases, triggering of use cases
developed and functional requirement specification and tracking mechanism for
resolution of issues.
37.7 OEM certificate Go-live of the respective component.
Section C: Site Survey, LAN Implementation & its Management
38. The selected NI shall be responsible for:
38.1 Surveying new site(s) and conducting Preventive Maintenance (PM) at the sites
such as branches, offices, Data Centres (DC), Offshore Development Centre
(ODC), War site, or any other site decided by the Bank. The scope of the
survey/PM, inter alia, shall also involve checking of proper cabling-and-tagging
and as well as rectification of any anomalies/deficiencies observed.
38.2 Reviewing and designing the LAN architecture for the existing and upcoming sites,
respectively.
38.3 To ensure proper cabling (copper/fiber) in the Data Centres and Offices through a
reputed data cable vendor including all passive materials on need basis. The actual
cost of the cables and associated passive materials (like connectors, patch panel,
LIU.etc.) shall be borne by the Bank
38.4 Installation and configuration of all active network devices (existing or new).
38.5 Replacement of devices that have reached End-of-life (EoL) or End-of-Software
Support or faulty devices (Switches and Routers shall be provided by the Bank as
per the recommendation of the selected NI).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 150 of 329 Confidential & Proprietary
38.6 Providing a certificate for successful cabling by the cabling vendor to the Branch
wherein the concerned engineer of the selected NI would also certify that the
cabling has been done properly and as per the requirement of the Bank.
38.7 Certification includes the quality of cables and material (branded) used for cabling.
38.8 LAN troubleshooting. NI is responsible for monitoring up to the I/O point. NI may
recommend the replacement of cables/patch cords as required.
38.9 Preventive Maintenance (every quarter) – The selected NI shall have to provide
a facility in the unified dashboard for the Bank using which the Bank officials may
track the progress of the Preventive Maintenance (PM) activities and can follow-
up with the concerned teams of the NI. The selected NI shall have to make
available an online tool/application for reporting network related issues by
branches and offices, entry of field visit reports by field personnel, closure remarks
with visit performance evaluation by Bank’s officials concerned like grading, etc.
Additionally, all PM reports shall have to be uploaded and maintained on the
dashboard, throughout the contract period, so that any PM report can be fetched
online and reviewed as and when required by the Bank. An illustrative list of
activities that shall have to be performed as part of a scheduled plan, rather than as
a response to a breakdown, has been provided below:
a) Inspect all cabling for breaks
b) Make sure that cables are labeled correctly, and labels are not coming off
c) Replace any worn or unreadable labels.
d) Check that cable supports are properly installed and that no attachment
points are coming loose.
e) Proper termination of data cables between Switch/Router and LAN I/O
ports at the user end and between Switches and Routers.
f) Identifying components or parts of network devices that are wearing out or
making unusual sounds and requires repair or replacement. Such identified
components/devices (if any) must be replaced before they fail to prevent
unnecessary network downtime. The estimated date and time of
replacement should also be mentioned in the PM report.
g) Demonstrate to network users how to properly connect and disconnect
cables, as well as how to move them if necessary.
h) Proper termination of data cables between Switch/Router and LAN I/O
ports at the user end and between Switches and Routers.
i) To check the condition of network devices and other network equipment to
make sure that they are kept clean and are in good working order.
j) All network devices are installed within the closed network racks and that
only authorized users can open the racks for maintenance and other
important activities.
k) To prepare the inventory of network devices (live and those that are kept
as spares) recording the details such as make and model of the device,
number of ports connected and free, whether there are free slots available
for expansion, etc.
l) To record the versions of Software and firmware running on the devices.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 151 of 329 Confidential & Proprietary
m) To check proper functioning of UPS, batteries, and Earthing
n) To check if the batteries of UPS are weak or providing insufficient power
backup. If the same requires replacement, it should be brought to the
notice of the concerned officials of the Bank. The list of such officials
shall be provided by the Bank to the selected NI.
o) To ensure proper maintenance of UPS are being carried out by the
UPS/AMC vendor and that periodic inspections are being conducted by
the said vendors. In case of any issue while dealing with the vendors the
matter may be brought to the notice of the concerned officials of the Bank.
p) To check the expiry of AMC and if in case the same is going to be expired
soon, it should be informed to the concerned officials of the Bank.
q) To record the date and time when the last PM was carried out including the
name of the NI personnel who carried out the same and whether the
findings of the previous PM report has been closed/addressed.
39. The selected NI shall be responsible for:
39.1 Keeping up to date Branch network architecture in a central repository
39.2 Network device replacement
39.3 New device deployment (including configuration & making it live)
39.4 LAN troubleshooting
39.5 Ensure proper:
a) Earthing
b) UPS Power
c) UPS maintenance
d) Network Rack Security
39.6 LAN Management Cost will be calculated based on the number of deployed
switches in the Bank’s network (including domestic and foreign offices but excluding
Data Center switches) per year
39.7 For example, if there are ‘N’ number of switches deployed in the Bank’s network
as on the last date of a given calendar quarter, the LAN management cost payable
shall be as under:
‘X’/30,000 * ‘N’
Where ‘X’ is the rate discovered for 30,000 deployed switches (weight), and ‘N’ is the
number of deployed switches arrived at by fetching the data directly from the
monitoring tool.
Note:
a. A supporting document/evidence must be attached with the PM report.
b. Format of the PM report shall be finalised in discussion with the selected NI.
Under the PM report. The list of checks may increase or decrease over the
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 152 of 329 Confidential & Proprietary
contract period and shall be binding on the selected NI with no additional cost
to the Bank, whatsoever. The decision of the Bank shall be final in this regard.
40. In case the Bank plans to migrate to wireless, LAN replacing the current wired LAN,
selected NI shall be responsible for designing, configuring, implementing, managing, and
troubleshooting the same.
41. In case the Bank opts for Geo-tagging, the selected NI will be responsible to migrate from
manual devices tagging to Geotagging.
42. Existing Sites: It shall be the responsibility of the selected NI to perform a site survey
for every branch and offices of the Bank. However, to begin with, a list
of approximately 5000 critical branches/offices of the Bank including Foreign
offices shall be provided to the selected NI for carrying out site surveys. After conducting
the site survey, the selected NI shall have to submit the list of deficiencies observed by
them (if any) and the recommendations to remove those identified deficiencies. The
selected NI shall have to complete the above-mentioned task within 6 months from the
date of issuance of the list of the branches/offices. The deficiency may be in terms of
unstructured cabling, presence of unmanaged switches/hubs, network racks not adequate
in size and/or not under lock and key protection, unavailability of enough UPS power,
backup UPS, proper Earthing, availability of alternate links, load balancing vs
sharing, ineffective implementation of Quality of Services (QoS), improper configuration
of the devices installed at the sites, etc. The Bank reserves the right to accept/reject the
recommendations made by the selected NI. However, if the Bank provides approval for
the implementation of the recommendations, the selected NI shall have to oblige for
the implementation of the same. It is to be noted that ensuring complete implementation
of recommendations at all the sites shall be the responsibility of the selected NI that may
require a repeated visit(s) to the site. The utilization of the links, quality of the links,
statistics like the number of times the links went down, number of hours impacted in
working hours, to be gathered along with the above-mentioned details.
43. Commissioning of New Links, Shifting of existing links and surrender of existing
links: At sites where the Bank shall be opening a new branch/office or is shifting an
existing branch/office, the selected NI shall have to perform the site survey and to assess
the site readiness and once the site survey is done, detailed site readiness report will have
to be submitted by the selected NI to the Bank in a mutually agreed format. It shall be the
responsibility of the selected NI to coordinate with the TSPs and to carry-out
all other associated tasks/activities required for making the site Live including the
shifting of the network devices and communication links from the existing to the new
site within 2 weeks (after the date of site-readiness declaration) for BSNL / MTNL
links and 6 weeks for links from Alternate Service Providers. However, the Bank shall
facilitate the selected NI to carry-out the activities to the extent possible. It shall be the
responsibility of the selected NI to coordinate with the TSPs and to carry-out
all other associated tasks/activities required for surrendering an existing link including
decommissioning of the links in the NOC tools within 4 weeks for all links.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 153 of 329 Confidential & Proprietary
44. For the opening of a new branch/office, the selected NI shall have to assess the hardware
and link requirements of that office/branch and should provide the Bill of Material /
Bill of Quantity to the Bank with proper justification of the hardware requirements so
assessed. Once the required hardware is provided to the NI, the NI shall verify the same
against the BoM / BoQ and shall provide acceptance of the same. The LAN at the new
location shall also have to be designed, implemented, and managed by the selected NI.
45. The selected NI shall have to maintain rack mounting facilities for network
equipment at all sites, ensure standard Earthing and power backup should be
maintained at all sites, physical security of all devices at all locations.
46. For smooth operation, management of existing network, integration with other networks,
and further expansion of the network, NI must submit the network hardware/ related
software, etc. requirements along with proper justification of bill of material and quantity.
Section D: Communication Link Management
47. The selected NI shall have to design the nomenclature for naming the links so that each
link can be identified uniquely. This will help in remote troubleshooting or for first-level
troubleshooting.
48. The selected NI shall have to create and manage the database of all links in-use by the
Bank. This database should have information such as link provider, link technology
(Wired(copper/fiber), RF, WiMax, 3G/4G, VSAT, etc.), date of link commissioning/de-
commissioning/shifting/upgrade, bandwidth, primary/secondary, branch/office address
where the link has been terminated, etc. It is to be noted that once a record/information is
created/inserted into the database, the same should never be deleted. It should be possible
to view the history of links that have undergone shifting, upgrades, etc. This database may
be linked to the Branch DB and Devices DB (explained elsewhere in this document).
49. The selected NI shall have to monitor all the links regardless of the service provider,
primary/secondary/tertiary, technology, etc. and provide the link uptime/downtime
reports at the frequency defined in this document. The NI shall also carry-out link failure
testing exercises periodically. This is to ensure that the secondary link is always in a
ready state to carry the application traffic the moment the primary link fails.
50. NI shall be responsible for branch BCP activity as per the schedule prescribed by the
Circles. The selected NI shall conduct functional testing of ASP links once in a quarter.
NI shall conduct scenario-based testing of DC links once in a month.
51. The alternate path from the branches / Data Centers shall be designed and implemented
and tested periodically with 6 months interval.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 154 of 329 Confidential & Proprietary
52. The selected NI shall have to design and plan for shifting of the network (i.e. network
devices, links, racks, LAN cables, etc.) of the identified branches of the Bank including
Foreign offices from one location to another as and when required by the Bank. The
selected NI will be responsible for deploying all the network devices at the re-
located sites. Before deploying, proper permissions shall have to be obtained by the
selected NI from the Bank. The deployment reports should be shared by the selected NI
with the Bank mentioning the old and new location address, date of decommissioning
at the old location and date of commissioning of links at the new location, etc. All the
relevant databases must be updated after the successful shifting.
53. As a part of link capacity planning and management, the selected NI shall
be responsible to monitor utilization of links (deployed across the Bank’s network) and,
if required, shall identify the bandwidth by which the link shall have to be upgraded, based
on a scientific study conducted by the selected NI(to be shared with the Bank along with
recommendation), to keep the link utilization under normal level. The selected NI shall
have to assess the feasibility of link up-gradation based on the device resources on which
the upgraded link shall have to be terminated 154pproxe recommending the up-
gradation to the Bank. The up gradation of the link by coordinating with the TSPs shall be
the responsibility of the selected NI. This exercise needs to be carried out on a proactive
basis.
54. The selected NI should employ an appropriate Solution to maintain the entire link lifecycle
which includes but not limited to the feasibility study, issuing PO, live link, bandwidth
detail, circuit id, bandwidth up-gradation and degradation, termination of link with a
proper workflow and dashboards.
55. The Bank regularly carries out up-gradation of the link bandwidth at branches and other
offices of the Bank as a part of network capacity planning on the recommendations of the
NI. The selected NI shall be responsible for the above-mentioned task. For the same, the
NI will need to carry out the installation of all necessary hardware and tools (that may be
at layer 1 of OSI reference model) including modems at branch and exchange end, the
configuration of routers, redeployment of the change in the NOC and coordination in
configuration changes at TSPs end (NOC level and Point of Presence), and project manage
the same. NI will be responsible for managing and monitoring all current and future
communication links regardless of the TSP and communication technology.
56. The selected NI is required to carry out bandwidth assessment, keeping in view the traffic
patterns and application deployment including bandwidth assessment for new application
and recommend bandwidth up-gradation accordingly. The selected NI shall have to
ensure technical feasibility before issuing such recommendations. If the bandwidth must
be increased and the current hardware/setup is not having the capability, the selected NI
shall have to provide the best technical Solution (including financial aspect) for addressing
the same.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 155 of 329 Confidential & Proprietary
57. The bandwidth utilization per application per user has to be properly assessed which can
be used to scale up the application in branches.
58. Change of link/telecom service providers, as and when required by the Bank, at any / all
locations including Foreign Offices. The selected NI is required to coordinate with the
existing and new service providers and carry out necessary configuration changes (at no
extra cost to the Bank) for ensuring smooth, seamless, and timely migration. All such
requirements shall be discussed with the selected NI so that a proper Scope of Work may
be prepared while procuring such services by the Bank. In case of any dispute regarding
the role/scope of the selected NI and the System Integrators (SI), the bank’s decision shall
be final and binding to the selected NI.
59. The selected NI shall also be responsible for the migration of all existing VSAT locations
to Wired/RF/WiMAX connectivity or any other last-mile technology including 4G/5G
links/networks or any upcoming technology as advised by the Bank.
60. A proper POC and security review should be conducted for new technologies being
introduced from time to time by the Bank in coordination with the TSP / ISP. This is also
applicable for introducing new technology/devices/service providers or solutions as
required by the Bank.
61. The selected NI shall have to prepare a Disaster Recovery Plan (for the network including
links, equipment) that shall specify at least the following: a step-by-step procedure for
moving to an alternate site, rollback, RTO/RPO, MTTR, dependencies, etc. The
document should update periodically and put up to the Bank for approvals.
62. A dashboard to be developed/prepared or incorporate in existing dashboard the following
details with drill down up to RBO and Branch level with provision for export to
spreadsheets:
62.1 Summary of available links details with Bank level, Circle, Network, AO and RBO
level drill down for all the following three categories
62.2 Summary of links service provider wise breakup
62.3 Summary of links with bandwidth categorization like below 2 Mbps, above 2 Mbps
and 2 Mbps
62.4 Summary of links with last mile break up like fiber, copper, RF, 4G, etc.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 156 of 329 Confidential & Proprietary
63. Detailed links wise dashboard for branches on a portal. A branch code or branch name as
an input parameter and the detailed history of the incidents should be visible on the portal.
Like details of the links primary and secondary links, service provider, bandwidth, etc and
the details like how many times the links were down and when it came up with detailed
report provision for export to spreadsheets.
64. The dashboards should also be made available on Mobile/Tab with a proper App. Asstated
above.
65. The downtime reports should be made available on the above dashboards and Mobile/Tab
apps with following details:
65.1 The downtime dashboards should be drill down from Bank level, Circle level,
Network level, AO level, and RBO level.
65.2 The downtime dashboards for history also should be available for yearly, monthly,
quarterly, and half-yearly reports for bank-level to Circle and RBO level drill
down.
66. Following QOS shall be configured by the selected NI:
Sr.
No.
Type of Application Allocation of
bandwidth
1 Core-Data: Critical applications like CBS, ATM,
INB, etc.
60 %
2 Intranet-Apps: SBI Times, AD, AV, NAC, etc. 15 %
3 Infra-support: Management and monitoring of the
devices, etc.
15 %
4 Default Class/ Default category/Video Remaining
Note: The QoS is to be implemented in such a manner that if there is no lower-class
traffic, then the higher class traffic should be able to use the available bandwidth. It
should be reviewed once in a calendar year. This is only illustrative, and the Bank shall
advise suitably to the selected NI from time-to-time during the entire contract period.
The selected NI will be responsible to make the required configurations without any extra
cost to the Bank.
Section E: Device Management
67. The selected NI shall have to design the nomenclature for naming the network
devices so that each device can be identified uniquely.
68. The selected NI shall have to create and manage the database of all network devices
that comes under the purview of the Networking & Communication department (and
hence to be managed by the selected NI). This database should have information such
as device name, device type, device model, serial number, device interface type,
free/occupied, the current version of the device OS and firmware, branch/office address
where the device has been deployed, etc. It is to be noted that once a record/information
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 157 of 329 Confidential & Proprietary
is created/inserted into the database, the same should never be deleted. This database may
be linked to the Links DB and Branch DB (explained elsewhere in this document).
69. The selected NI shall have to ensure that all security advisories are tracked and
implemented after obtaining the written approval from the Bank. Besides, the
selected NI shall also keep track of all the security patches released by the OEMs of the
devices that are being used in the Bank’s network and accordingly patch/upgrade the
device OS and/or the device firmware (as the case may be). However,
the patches/upgrades shall have to be tested first before applying the same on
production devices. For all other updates/patches/upgrades released by the OEM, the
selected NI shall keep track of the same and must record whether or not the
updates/patches/upgrades were applied on the relevant devices. If the action was taken by
the selected NI, the approval from the Bank and the date on which the action was executed
by the selected NI must be recorded. If no action was taken by the selected NI, the reason
for the same and the Bank’s approval for the same should be maintained so that the same
may be produced to the Bank, whenever required.
70. The selected NI shall have to ensure that a device must be hardened as per the
configuration document provided by the Bank’s security/ risk department before
deploying the device in the production environment. Whenever a new configuration
document is released by the Bank, the selected NI shall have to apply the same on all the
devices including the devices that were hardened previously using the previous version of
the Bank’s document.
71. The selected NI is responsible for configuration and Secure Configuration Document
(SCD) implementation of devices with a TAT of T+2. NI is also responsible to check
the impact of such configuration and promptly advise the Bank.
72. The remote access management must be performed by the selected NI only using secure
channels such as SSH version 2 and above.
73. The access to the devices must only be provided after successful authentication of the
user and the user must be permitted to execute commands as per his/her authorization
level. All the activities of the user must be recorded and must be reviewed by the selected
NI and report to the Bank in case any abnormality is observed by them. It must be noted
that the administrative access of devices should not be through a generic user ID.
74. The selected NI shall have to ensure that all devices (network and systems) under the
purview of the NW&C department and that are being managed by them are integrated
with the Bank’s Time server (NTP based Solution).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 158 of 329 Confidential & Proprietary
75. The selected NI shall have to ensure that all devices under the purview of the NW&C
department and that are being managed by them are integrated with the Bank’s IT
Assets Management System (ITAM Solution).
76. The selected NI shall have to ensure the physical security of all the network
devices being managed by them.
77. The Bank and/or its appointed Auditors shall have the right to audit/review the
selected NI’s entire infrastructure and may also seek relevant documents that may
help the auditors to carry out the auditing in an effective and meaningful way. The Bank
shall, however, provide at least 7 days prior notice to the selected NI so that necessary
arrangements shall be made by them. The cost of transportation, boarding, and lodging
shall be borne by the Bank for the Bank’s appointed team of auditors and shall bear
no other cost related to auditing.
78. The selected NI shall prepare and maintain an updated Escalation Matrix right from
the first level to topmost official (CEO/ Chairman/ Global Head, etc.). The selected NI
shall provide this document to the concerned officials in the Bank.
79. As a part of device capacity planning and management, the selected NI shall
be responsible to monitor utilization of resources (such as RAM, hard disk space,
etc.) of network devices and Solution/application hardware components (deployed
across the Bank’s network and under the purview of NW&C department) and, if required,
the selected NI shall identify the hardware components that need to be upgraded to keep
the resource utilization under normal level. The selected NI shall recommend the
requirement for carrying out the up-gradation and shall have to implement the same.
This exercise needs to be carried out on a proactive basis (and not on a reactive basis).
80. The selected NI must complete the process of deployment of new devices/links and un-
deployment of decommissioned devices and links with a TAT of T+3 days.
81. The selected NI shall be responsible for the verification of the Bill of Material (BoM)
and Bill of Quantity (BoQ) for any procurement done by the Networking &
Communication dept. during the tenure of the contract.
82. The selected NI shall have to submit periodic reports at half-yearly intervals (i.e. 30th April
and 31st October) containing at least the following information:
82.1 Network devices including switch, modem, routers which are under warranty
82.2 Network devices which are not under warranty
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 159 of 329 Confidential & Proprietary
82.3 Network devices which are under “End of service/ End of Life” category
82.4 Network devices which are under “End of sale” category
82.5 Interim arrangement for supporting network device which will be nearing the end
of life or that have already reached the end of life but still in use on the Bank’s
network, as the replacement may take time longer than EoL date.
83. The selected NI shall be responsible for the replacement of devices with a new device
across all the branches and offices of the Bank without any additional cost to the Bank.
Reasons for replacement shall include existing devices reaching the end of life/Software
support, faulty devices, etc.
84. Bank procures various devices that are required to be sent to its destinations. In the interim,
the Bank has to keep those devices in a warehouse in Mumbai. Such an arrangement has
to be made by the selected NI to keep the devices under proper conditions. The selected
NI will provide details of the devices kept in the warehouse at regular intervals to the
Bank. The Bank will visit the warehouse at irregular intervals to verify the correctness of
the stock and other things.
85. The selected NI shall be responsible to migrate network/network elements of the Bank to
Ipv6 addressing scheme for the Bank as per National Ipv6 Deployment Roadmap
Guidelines issued by Government of India/Regulatory Authority/Requirement of the Bank
from time to time. The NI must present a detailed document of the project idea along with
the utilization of these addresses. The NI will be responsible to provide inventory of
network devices that are non-Ipv6 compliant and deployed in the Bank’s network. The NI
will be responsible for the overall management of Ipv4 and Ipv6 IP addresses including
assignment, allocation, configuration, and inventory of IP addresses. Ipv6 migration shall
include migration of all network devices and networking solutions deployed in the Bank’s
Intranet and the entire responsibility for the same shall rest on the NI. Further, the
NI shall coordinate/assist the Bank in migration of all endpoints on the network to
Ipv6 following the Bank’s policy. In this regard, the NI has to compile and provide all the
reports/plans/data related to Ipv6 Migration as per the regulatory requirements.
86. The selected NI shall be responsible for integrating all the network devices with AAA
Solution procured by the Bank and the AAA Solution shall be managed as per the Bank’s
security policy.
87. The selected NI shall be responsible for taking AMC/warranty for the devices which are
being used in the network beyond the already taken AMC/warranty till the replacement of
such devices are not arranged by the Bank.
88. The selected NI shall be responsible to replace the Faulty Hardware component within the
next business day from the notification date.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 160 of 329 Confidential & Proprietary
Section F: Configuration Management
89. The selected NI shall have to perform following illustrative list of activities on
the Configuration management:
89.1 Monitor network and system configuration information so that the effects on
network operation of various versions of hardware and Software elements can be
tracked and managed
89.2 Naming conventions for network devices, starting from device name to individual
interface, should be planned and implemented as part of the configuration
standard. The naming convention for devices may use geographical location,
building name, floor, and so forth. For the interface naming convention, it can
include the segment to which a port is connected, the name of connecting hub, and
so forth.
89.3 While adding new configuration commands on existing network devices, the same
must be verified for integrity before actual implementation takes place. An
improperly configured network device can have a disastrous effect on network
connectivity and performance. Configuration command parameters must be
checked to avoid mismatches or incompatibility issues. While making
configuration changes on critical devices the changes shall be tested or simulated
before the changes are made.
89.4 Backing up configuration files on a separate server automatically each time
configuration changes are made.
89.5 Restoration of the configuration file.
89.6 Maintaining change audit log to track changes and the username/user-ids (along
with the timestamps) of individuals issuing changes. This audit log should be
maintained for some time as specified in the Bank’s IS policy
89.7 Provide a dynamic listing of devices found in the network as part of inventory
management. Discovery engines such as those implemented in network
management platforms should be utilized.
89.8 Schedule and automate Software upgrades after business hours on a day and
time specified by the Bank to have no/minimal business impact.
89.9 The patches once released by its OEM as per the severity/criticality under four
categories namely critical, high, medium, and low. The patches under the category
must be implemented in the respective devices within the mentioned time period
as under:
Implementation timelines
Critical: within 48 hours
High: within 72 hours
Medium: within 7 days
Low: within 30 days
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 161 of 329 Confidential & Proprietary
89.10 For every change request, there should be a maker and checker of the
configuration from the selected NI’s team. All changes must be documented and
signed by the selected NI official confirming that not only the configuration is done
on a device are correct and complete but also that the testing of the configuration
has also been performed.
89.11 The Change Request shall not be closed until confirmation for acceptance is
obtained from the Application Owner (originator of the Change Request). It may
be noted that the Firewall Rule Implementation is one kind of Change Request.
90. The selected NI shall be responsible for the implementation and management of network
configuration management tools.
91. The selected NI shall provide documentation related to every activity of the NOC
operations. (as per the scope of work) like network design/expansion, equipment
configuration, layout plan, and any changes made to, or deviations from design,
configuration, baseline configuration, etc.
92. The selected NI should maintain relevant updated SOPs for all the activities performed at
the NOC. NI is also responsible for maintaining and updating network diagrams (HLD
and LLD) of the Bank.
93. The selected NI shall be responsible for the translation of configuration information
extracted from one device to a form that can be applied on a similar device but from a
different OEM. For example, if a Cisco L3-Switch needs to be replaced by a Juniper L3-
Switch, it shall be the responsibility of the selected NI to convert the Cisco Switch
configuration into Juniper Switch configuration. This shall apply to other categories of
devices also including, but not limited to firewalls, routers, L3 switches, IDS/IPS, etc.
94. The selected NI shall be responsible for maintaining, validating, and managing all
the IP addresses already allocated and those that shall be allocated during the
period of contract. The IP Addresses must be managed by using specialized
Software tools meant for IP address management (IPAM) which will form part of
NOC tools. The IP addresses shall include private and public IP addresses. The NI
shall be responsible for the allocation of LAN, WAN, management IP addresses, etc.
The NI shall have to keep a record of each IP address allocated to various servers
and network devices along with the purpose of the IP address (management IP, data
IP), date of allocation, requestor details, department, and application name. The details
of any IP address should be readily available for reference as and when required. It
shall be the responsibility of the selected NI to reclaim the IP addresses of discontinued
applications and the same should be reflected in the IPAM tool. The tool should have
the facility to extend its accessibility to other users to get the details of a particular IP
or set of Ips addresses allocated to the user/application with its location and ownership.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 162 of 329 Confidential & Proprietary
95. The selected NI should provide the following illustrative list of services related to IP
address management:
95.1 Planning, tracking, and managing Internet Protocol (v4 and v6) address space used
in the Bank’s network
95.2 Provide centralized inventory reporting showing which device is assigned to which
IP address within the network at any time. This centralized inventory should provide
quick search capabilities for finding following information (including but not limited
to) for any given IP address:
a) IP Address
b) Last Alive Time
c) Status (Used / Unused)
d) Location Name
e) Mac Address
f) Device Type
g) Device Name
h) Port Number
95.3 The NI shall investigate thoroughly the cases on IP address conflicts and identify
the machine/user who had used the IP address under reference that resulted in IP conflict
issues. The generation of IP conflict issues especially in a server segment is of grave
concern and the NI shall have to put in place a suitable mechanism for the detection and
resolution of the IP conflict issue.
96. The selected NI shall be responsible for ensuring compliance with all the security
policies shared by the Bank with them. The NI shall have to provide to the Bank,
Compliance certificate periodically.
97. The selected NI shall configure the devices to ensure data Confidentiality ©, Integrity
(I), and Availability (A) of the data to the clients/end-users/servers/devices. The selected
NI shall be responsible for implementing an L2 extension between two locations,
whenever it is required to be implemented by the Bank, ensuring the CIA.
98. The selected NI shall have to streamline the change management processes that are to
be followed before making any change to the state of the network. The SOP to be prepared
by the NI must capture step-by-step all aspects of the change management processes. It
should be noted that there must be a provision for making changes in emergencies and
priority to be given to critical changes.
99. The selected NI shall be responsible to enable/configure network device security
features (including MAC binding, port mapping, etc.) following the Bank’s Access
control policies.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 163 of 329 Confidential & Proprietary
100. For all the new configurations or configuration update related activities (that may
require downtime or not) on the network devices must be carried out during the time
window specified by the Bank with the object of having no / minimal business impact.
101. The selected NI has to provide a centralized tool from where configuration to
device/devices can be done. The tool should have:
101.1 Capability to track the devices where the configuration is not applied and provision
to provide reports.
101.2 Capability to do incremental configuration in network device/ devices.
101.3 Capability to track all the changes done by the user with details.
101.4 Functionality to save the previous configuration of devices.
101.5 Functionality to take a scheduled or periodic backup of devices and display the
report of success.
101.6 Feature to compare the current and backup configuration of device/ devices.
102. Device/ devices configuration from tool should happen over secure protocols meeting
Bank’s security policy.
103. The selected NI must provide inputs on the audit report recommendations of various Audit
reports, like IS Audit, SSAE16, Network Security Review audit, Management Audit, and
any other Regulatory audit, etc. NI should also implement the audit report
recommendations on the instruction of the Bank in prescribed Turnaround Time (TAT).
104. The selected NI will work closely with the Bank’s security team/department/agency for
finalizing the network design or any other work-related to Bank’s LAN & WAN. The
selected NI will have to co-ordinate with the Bank’s security Team for secure management
of the network. All the security processes should comply with SBI’s current security
policy.
105. The selected NI is also responsible for cabling in the Bank’s Data Centres, branches, and
offices. During the cabling, NI has to coordinate with different team members/departments
as and when required.
106. The selected NI shall take over all the firewalls and other network devices deployed in the
Bank’s network (including foreign offices).
107. The selected NI shall be responsible for the provisioning of a dedicated team in the NOC
that shall be implementing the firewall rules within T+2 days from the time the team
receives the approved rules for implementation. The team should be divided into two sub-
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 164 of 329 Confidential & Proprietary
teams so that one team shall implement and the other team reviews the implemented rules.
Any troubleshooting involved concerning the implemented rules, this dedicated team shall
be involved. Detailed discussions shall be held with the selected NI.
108. The selected NI shall be responsible for carrying out network revamp activity at all foreign
offices hub locations as and when directed by the Bank.
109. The selected NI shall be responsible for the migration of foreign office network to Hub-
and-Spoke network architecture as and when required by the Bank.
Section G: Fault Management
110. The selected NI shall have to ensure the implementation of the below-mentioned flow of
fault management activity:
110.1 Collect messages from network components;
110.2 Generate alarms by filtering the messages;
110.3 Diagnose the faults that caused the messages by correlating the alarms;
110.4 Determine a plan for correction of faults;
110.5 Correct the fault; and
110.6 Verify that the network problem is eliminated.
111. The selected NI shall manage the spares parts and stock at strategic locations identified
/Regional Business Office / District Sales Hub /Financial Inclusion and Micro-
Marketing Centers. This arrangement shall be a stop-gap arrangement until the Return
Merchandise Authorisation (RMA) is received and installed. The purpose of this is to
ensure that the functioning of a branch/office is least affected on account of a device
failure by replacing the faulty device on the same business day (maximum next
business day) as per the details mentioned in the SLA. It may be noted that the selected
NI shall be responsible for the transportation of spare equipment/parts from the
strategic location to the impacted branch/ office (including all permissions, insurance,
etc.) at no extra cost to the Bank.
112. The selected NI should be able to analyze the problems identified in the network,
perform a root cause analysis for the problem, and troubleshoot the network issue. The
selected NI shall also analyze whether the application slowness is on account of
abnormality in the network parameters (High Latency, Bandwidth utilization,
CPU utilization of Network devices). If the issue is found to be on account of the
network issue, the NI shall take all necessary measures to resolve
the inaccessibility/slowness issue immediately.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 165 of 329 Confidential & Proprietary
113. It shall be the responsibility of the selected NI to ensure that same or similar issues do
not occur repeatedly. This shall have to be achieved by conducting proper root cause
analysis and identification of preventive measures and its execution. Additionally, the
selected NI shall have to build a central knowledge base containing the incident and
corresponding Solution in detail which should be accessible to the respective user
group
114. The selected NI shall be responsible for the customization of the dashboard tool to have
features that may grow or shrink over time during the currency of the contract. No
additional cost shall be payable to the NI for such changes.
115. The selected NI should provide reports of incidents and its recurrences in the past. The
selected NI should correlate the incidents and take proactive measures to prevent
recurrences of incidents. The selected NI should use AI and ML to analyze the faults and
incidents.
116. The selected NI is responsible for SMS and email notification of incidents as per the
escalation matrix provided by the Bank.
117. The selected NI shall submit incident closure report for all the Incidents. Major incidents
shall include any issue reported at Data Centres, Corporate Centre Offices, Critical
Branches/Offices, or cluster of branches within one hour of the closure of the incident.
118. The selected NI is responsible for submitting detailed RCA of the incident within 72 hours
after the incident resolution
119. The selected NI should conduct a monthly meeting with the Bank’s designated team in the
first week of every month.
120. Knowledgebase should be created for each incident, along with RCA. The knowledgebase
shall be updated with the details of the incident within a week of final RCA submission.
Section H: Performance Management
121. The selected NI shall be responsible for improving the reliability and availability of assets
while minimizing risk and operating costs including but not limited to condition
monitoring, predictive maintenance, asset integrity management, reliability-centered
maintenance using technologies such as asset health data collection, visualization, and
analysis.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 166 of 329 Confidential & Proprietary
122. Performance Optimization Assessment Report: The selected NI shall be responsible to
identify and document areas where the existing/prevailing network management processes
can be optimized in terms of performance and efficiency of the network and execution of
network-related operations. This exercise shall be carried out at least once every 6 months
in a given calendar year (report should be submitted by June & December). Based on the
approval of the Bank, the NI shall be obliged to optimize the network management
processes as per the Bank’s recommendations.
123. The selected NI shall be responsible for the provisioning of interfaces/hardware/Software
components to meet the objective of the Bank as described in this document at no
additional cost to the Bank.
124. The NI shall be responsible for integrating with the Bank’s SIEM Solution, provide any
additional logs that the Bank may wish to monitor, at no additional cost to the Bank. NI
shall be responsible for timely compliance of all Device-level audits (DLA), Vulnerability
Assessment (VA) audit observations, Penetration testing observations, CERT alerts, and
SOC alerts, etc.
125. The selected NI shall have to track problems in the Bank’s network that may be hindering
the performance of a set of applications or end-user efficiency and shall
also recommend practically feasible Solutions to reduce/eliminate the same.
126. The selected NI shall have to establish the basis for system/network expansion, by
determining the present status of the network and provide suggestions/recommendations.
However, even if the Bank does/does not consider and/or implement any or all of NI’s
suggestions/recommendations, the NI shall not be released from any of its contractual
obligations under this RFP.
127. Network device performance metrics provide information about the system resources on
each device. These metrics should be critically analyzed by the selected NI to ascertain
whether a resource overuse problem is a central cause for a reduction in performance. The
selected NI shall have to specify a clear recommendation of replacing/augmenting the
capacity of the device in question and how the same may be achieved. The responsibility
shall lie on the NI till the recommendations are not closed or the problem is not fixed. If
there are feasible solutions that may be exercised until the time the issue is closed, the
selected NI shall have to implement the same.
128. The selected NI shall provide a way for the end-user to view the link performance at any
given point of time and ascertain the UP and Down status of the links. In case the link is
Down, the end-user should also be in a position to know the current status of the action
taken by the NI and there should be an explicit mention of the reason for the link going
down and ETR (Estimated time to Restore).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 167 of 329 Confidential & Proprietary
129. The NI is expected to improve the operations on an ongoing basis. The NI is expected to
provide a quarterly report of the new improvements suggested, action plans, and the status
of these improvements to the Bank. Implementation area could include process changes/
training resulting in efficiency/ SLA improvement etc.
Section I: Business Continuity & Disaster Recovery
130. The selected NI shall be responsible for creating Business Continuity Plan (BCP) and
Disaster Recovery Plan (DRP) documents considering several scenarios. For example,
unavailability of one DC at a time considering all DCs of the Bank (i.e. all DCs are up
except DC1, all DCs are up and running except DC2 and so forth), unavailability of one
or more segments (i.e. Intranet, Extranet, Internet, Replication, etc.). The NI shall be
responsible for the review and updation of the BCP and DRP as per the Bank’s
Policy regularly.
131. The selected NI shall design and maintain identical network logical architecture in all the
Data Centre to the extent possible.
132. The selected NI shall have to identify issues in the DR sites of respective applications if
there may be any challenge during Integrated Business Continuity Exercise (IBCE). The
NI is expected to do this exercise proactively without waiting for the declaration of IBCE.
On identification of the issue/limitation/challenge, the selected NI shall have to
recommend options for the Bank using which the issue may be resolved. On receiving the
approval from the Bank on the best option (with amendments, if any), it shall be the
responsibility of the NI to implement the same. NI quality control team will oversee the
DR Drills and submit a comprehensive report to the Bank thereafter.
133. After the completion of the IBCE, the NI shall submit a report to the Bank within a week,
detailing the issues that were reported by the application teams and resolution thereof by
the NOC team. Report shall also contain preventive measures taken for non-recurrence.
134. The selected NI shall be responsible for carrying out testing of redundancy built at device
and link-level at regular intervals covering all the setups deployed in the network. The test
report shall also be submitted to the Bank. However, the NI shall provide a detailed plan
for failover testing indicating how the same shall be carried out by the NI and the measures
taken by NI to ensure no negative impact on the normal functioning of the Bank is
observed. Only after the prior approval of the Bank, the NI shall carryout out the testing.
135. The selected NI shall be responsible for testing of Primary as well as backup link in terms
of availability and reliability. NI must also conduct monthly functional testing on these
links. Also, NI must conduct failover testing for network elements every quarter.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 168 of 329 Confidential & Proprietary
Section J: Training – Bank’s Technical & Non-technical Staff
136. The selected NI shall be responsible for the preparation and distribution of basic
troubleshooting guide as well as basic training to the Bank’s staff with the technical
and non-technical background that shall serve at least two main purposes: (a) enable
the Bank’s staff to carry out the troubleshooting by themselves and need not escalate
every issue with the NI, and (b) facilitate the Bank’s staff to escalate the issue to the right
team with relevant information so that the issue may be addressed quickly. The basic
training exercise shall be carried out at least twice in a given Calendar year. The
selected NI shall have to maintain a gap at least 3 months between 2 successive trainings.
137. The selected NI shall provide advanced training to the Bank’s employees to enable them
to manage the network independently, considering the following points
137.1 The training should be given in batches each comprising maximum of 20
officials. The number of batches will depend upon the requirement as desired by
the Bank.
137.2 The training shall have to be provided by professional trainers with hands-on
experience for 3 years:
137.3 The training shall be specific to the setup established for the Bank by the NI.
137.4 The training shall be provided in the presence of L3 engineers of the NI who are
actively involved in the monitoring of the network and implementation of the
Bank’s NOC. The Bank may or may not relax this requirement either on a
temporary or permanent basis.
137.5 The Bank shall interview the trainers and may accept and reject the proposed
trainers.
137.6 The contents that shall be covered by the trainers shall have to be provided to the
Bank’s designated team at least one week in advance
137.7 The reading material shall have to be prepared/compiled by the trainers as
reference material for the Bank’s team so that the same may be referred at any
given point of time, if necessary. It is to be noted that the trainers shall use the
same material for providing the training.
137.8 The entire plan of training the Bank’s in-house team to meet the Bank’s
expectation shall have to be shared with the Bank before commencing the
training.
137.9 The scope of the training shall be all the aspects covered in this RFP (i.e. the Bank’s
network and applications/solutions management) which according to the Bank are
critical.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 169 of 329 Confidential & Proprietary
Section K: Solutions Management
138. Broadly, the selected NI shall be responsible for design/implementation/management and
day to day operation of the following categories of Solutions:
138.1 Category–1 – Management of following existing applications/Solutions:
a) Network Access Control (NAC) by HPE/Aruba
b) Centralized Proxy Solution by Symantec
c) Domain Name System (DNS) by F5
d) Network Security Policy Management (NSPM) by Algosec
e) Time Servers (Network Time Protocol) by Spectrum
f) VPN Solution by Palo Alto
g) Centralized Video conferencing by Polycom
Note: The above list of applications/Solutions represents major Solutions that are
worth mentioning. There may be few more applications that are still under the
control of the NW&C department that the selected NI shall have to manage for the
entire duration of the contract.
138.2 Category–2 – New Solutions to be procured during the tenure of the NI
contract: The selected NI shall be responsible for providing Consultancy for drafting
Technical Scope of Work, Technical and Functional Specifications, Bill of Quantity
(BOQ)/Bill Of Material (BOM) and Service Level Agreement (SLA), wherever
desired by the Bank and will also be responsible for Management of the Solution. The
selected NI will be paid a consultancy fee and management fee for each such
requirement as detailed in Appendix-F. Requirements for additional resources, if any,
will be mutually discussed and arrived at. The cost of such additional resources will
be paid as per the rates discovered through this RFP.
Note: The Scope of Work finalized by the selected NI may be modified by the Bank and
the Bank’s decision in this regard shall be final and binding on the selected NI.
138.3 Category 3 – New Solutions as part of this RFP: Design, supply, and
implementation and management of the below mentioned Solutions as part of this RFP:
a) Set of Network Management and Monitoring tools
b) Log Management Solution (LMS)
c) Network Performance Monitoring & Diagnostics (NPMD)
139. The selected NI shall have to manage the existing Solutions as per the Scope and SLA
provided under Appendix-E and J respectively. The management of such existing
applications shall be taken over completely by the selected NI within 60 days from
the date of issuance of PO/LoI for the respective Solution. The selected NI shall also
have to identify any technical feature that has not been implemented but is required by the
Bank. All such identified features shall then be implemented by the selected NI in
consultation with the respective Sis. The selected NI shall also be responsible for
providing a dedicated team for the management of such Solutions. Additionally, the
migration of such applications to Ipv6 shall also be the responsibility of the selected NI
140. A dedicated support team for each Solution shall be available for 24/7 *365 days support.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 170 of 329 Confidential & Proprietary
141. Dedicated program managers shall be provided by the selected NI to oversee and manage
the solutions deployed in the bank.
142. For category-2 applications/Solutions (as mentioned above), the selected NI shall be
responsible for carrying out the below-mentioned activities
142.1 To conduct Proof-of-Concept (PoC), wherever required by the Bank.
142.2 Responding to the queries raised by the bidders regarding SoW and Tech Specs.
The cost payable for this activity has been provided as under:
Description Cost Payable
Consultancy fees upon acceptance
of the proposal of NI by the Bank
after the discovery of rates.
1% of the TCO discovered for the new solution, subject to
a maximum of Rs. 5,00,000/-.
In case of consultancy work is undertaken by the selected
NI as per the Bank’s requirement and completed as per
Scope provided by the Bank, the Bank shall pay a fixed
cost of Rs. 1,00,000/- to the selected NI, even though the
TCO could not be finalized due to any reason, irrespective
of the number of attempts in completing the RFP.
Management fees upon acceptance
of the proposal of NI by the Bank.
3% of the TCO discovered for the new solution. The
payment shall be made on a pro-rata basis, for the
remaining contract period of NI RFP.
Additional Resources As per rate discovered under this RFP, on an actual basis.
142.3 Technical evaluation and compliance of the RFP requirements by the bidders.
142.4 After the delivery of the hardware and Software components, verification of the
BoM and BoQ as per the commitment made by the selected bidder in its technical
bids.
142.5 Implementation of the Solution with the involvement of the selected bidder and the
OEM of the Solution as specified in the SoW of the respective RFP
142.6 To facilitate security review of the implemented Solution. The review is generally
conducted by the Bank’s security department/agencies
142.7 Timely closure of security observations
142.8 Commissioning of the Solution
142.9 Management of the new Solution as explained in this document during the
remaining duration of the NI contract.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 171 of 329 Confidential & Proprietary
143. For category-3 applications/Solutions (as specified above), it shall be the responsibility
of the selected NI to design, supply, deliver, build/implement, commission, and manage
the Solution. All components of the Solution including third party OEM shall have to be
managed by the selected NI only. Additionally, the migration of such applications to Ipv6
shall also be the responsibility of the selected NI at any stage during the currency of the
contract period.
The Solution shall be deemed commissioned when all the below mentioned conditions
are met:
i. All DC components of the Solution are integrated among themselves and with
the intended external Solutions of the Bank.
ii. Issuance of security clearance certificate/confirmation from the Bank’s
Security team/consultants/departments.
iii. Issuance of completion certificate by the selected NI for every
Technical/Functional requirement.
iv. Issuance of compliance certificate from the Bank (this shall be issued by the
Bank after demonstration of the compliance of each Technical/Functional
requirement by the selected NI to the satisfaction of the Bank).
144. The selected NI shall ensure that each Solution shall be implemented by directly involving
the technical team of experts from the OEM in consultation with the Bank. The Bidder, at
the time of online submission of bid documents, shall be required to submit a
confirmation/undertaking in this regard on the OEM’s letterhead.
145. The Bidder to involve at least one onsite L3 resource (from Professional Services) having
necessary certifications from the OEM and having adequate experience in implementation
of a given Solution and who is/are on the payroll of the OEM for designing, installing and
commissioning of the Solution onsite (for central components).
146. While implementing the Solutions, the selected NI shall use open standard
protocols/technologies to the extent possible. In case there exists a feature that can be
implemented either using the availab“e “open-standard proto”ol” or using“a “proprietary
proto”ol”, the selected NI shall have to use the open-standard protocol. However, if for
some technical reasons the use of the open standard is not preferred / feasible by the
selected NI, the reason for the same needs to be documented and submitted to the Bank
on their letterhead.
147. The NI shall also be responsible for the integration of solutions being managed by other
departments of the Bank with the Bank’s network and shall perform all tasks jointly till
the commissioning of the Solution. As such the NI shall be responsible for the analysis
and troubleshooting of the solutions from network reachability and performance
perspective.
148. The selected NI shall have to make available an engineer on the site, if warranted, from
the pool of resources mentioned at Appendix-Q. The travelling and boarding cost will be
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 172 of 329 Confidential & Proprietary
borne by the Bank on actual basis, which should not be more than the eligibility of Bank’s
MMGS-III officials.
149. It shall be the responsibility of the selected NI to liaison with
all the concerned stakeholders including telecom/Internet service providers, application
vendor(s), and network device/Software vendor with the sole intent of resolving the
issue or expediting any task/project rollout. The NI shall also extend all technical and
other support as per the directions issued by the Bank.
150. The NI shall be responsible for escalating unresolved problems/issues to higher
authorities/engineers and get it rectified within the stipulated period and ensure uptime as
defined in this bid document. The NI shall have to provide the call escalation matrix to
every location. The same shall have to be made visible in prominent areas within an
office/branch.
151. The selected NI shall have to provide field engineers at any of the Bank’s
branches/offices/location, in India or abroad, for carrying out a physical inspection at and
for facilitating hands-and-feet support for remote teams located elsewhere at any time/day
approved by the Bank (including holidays). The same engineer may require visiting the
site multiple times until the closure of the issue. At foreign offices, the NI shall have to
take the consent from the concerned Bank official in the respective foreign offices before
designating a person so identified by the selected NI for the job. The engineer so selected
should speak English and the local language fluently and should also have basic
networking knowledge so that intended support may be extended by him/her for
accomplishing the task. No additional cost shall be payable by the Bank for the above-
stated task. It is to be noted that the Bank official at foreign offices may help in providing
necessary permissions for entrance and exit and nothing other than this should be assumed
by the selected NI. However, wherever possible, the Bank’s technical staff at the site under
reference shall provide all technical support to the extent possible.
152. The selected NI shall be responsible for the provisioning of the technical staff and the
helpdesk to provide the required support on a 24x7x365 basis for each solution. The onsite
team of network engineers should also be made available at prominent locations including
NOC(s), at all LHOs, DCs of the Bank, GITC (Global IT Center located in CBD Belapur,
Navi Mumbai), SBB (State Bank Bhavan at Nariman Point, Mumbai), etc.
153. The selected NI shall be responsible to attend any issue that shall be reported by the
Bank, within the minimum time as mentioned as part of the SLA in this document. The
reporting mechanism may be anyone of the following:
153.1 Standard Ticketing tool
153.2 SMS
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 173 of 329 Confidential & Proprietary
153.3 Telephone/Mobile call
153.4 E-mail
Note: Except for the first option, for the rest of the options, the selected NI shall implement
a process wherein the complaint/issue reported shall be reflected in the ticketing tool and
the corresponding complaint number may be issued to the requestor. This way the
ticketing tool shall contain all the issues reported regardless of the channel used to register
the same.
154. For all modes of escalations (as described above), the selected NI must maintain track of
reporting time, resolution time, and sequence of events up to resolution
time. The NI shall be responsible to update the progress/status to the designated officials
of the Bank, on a regular basis, till the time the incident/issue gets resolved.
155. The selected NI Team will be responsible to maintain the records of the issue reported and
their resolution as a reference in the future along with the closure of any incident in a
timely manner. The root cause analysis (RCA) report also must be submitted to the Bank
in case of any incident or issue and the same shall be maintained by the selected NI
156. The servers/applications Patch or upgrade along with the upgrade of all the components
of Solution shall be taken care by the selected NI as per the bank’s guideline. DR drill or
production movement from one DC to another DC will be performed by the selected NI
for all the Solutions under the Bank’s guideline and policy.
157. The selected NI shall be responsible to report to the Bank at least 12 months prior to the
set of devices going End of Life (EoL)/End of Software Support (EoSS). At the same time
the NI shall have to design the device replacement plan in addition to the sharing of
technical specifications of the devices required and the Scope of Work (SoW) for the
prospective Systems Integrator (SI). It has to be ensured that no equipment in the Bank’s
network shall be EoL/EoSS at any given point of time. However, for the devices that have
already reached EoL/EoSS before the selected NI taking the charge, the NI shall have to
only design and plan the replacement strategy. In either case, the selected NI shall be
involved in planning the replacement and also implementation of the replacement plan.
158. The selected NI shall provide a way for the end-user to view the link performance at any
given point of time and ascertain the Up and Down status of the links. In case the link is
Down, the end-user should also be in a position to know the current status of the action
taken by the NI and there should be an explicit mention of the reason for the link going
down and ETR (Estimated time to Restore).
159. The selected NI shall be responsible to migrate network/network elements of the Bank to
Ipv6 addressing scheme for the Bank as per National Ipv6 Deployment Roadmap
Guidelines issued by Government of India/Regulatory Authority/Requirement of the Bank
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 174 of 329 Confidential & Proprietary
from time to time. The NI must present detailed document of the project idea along with
the utilization of these addresses. The NI will be responsible to provide inventory of
network devices which are non Ipv6 compliant and deployed in the Bank’s network. The
NI will be responsible for the overall management of Ipv4 and Ipv6 IP addresses including
assignment, allocation, configuration, and inventory of IP addresses. Ipv6 migration shall
include migration of all network devices and networking Solutions deployed in the Bank’s
Intranet and the entire responsibility for the same shall rest on the NI. Further, the
NI shall coordinate/assist the Bank in migration of all end points on the network to Ipv6 in
accordance with the Bank’s policy. In this regard, the NI has to compile and provide all
the reports/plans/data related to Ipv6 Migration as per the regulatory requirements.
Section L – Log Management Solution (LMS)
160. The selected NI should supply, install, commission, integrate and operate the Log
Management Solution (LMS) with all required accessories hardware and software. The
equipment which will be quoted should not be in the list of End of Life/Support
declarations by the OEMs for at least 7 years from the date of issuance of LoI/PO.
161. The selected NI shall have to provide product support for active components from the
OEM and maintain the “Total Solution” for the entire contract period. If the selected NI
is not able to provide support for the said period then the NI shall upgrade the component/
sub-components with an alternative that is acceptable to the Bank at no additional cost and
without causing any performance degradation and/or project delays. An undertaking shall
have to be provided by the selected NI from the OEM on their letterhead.
162. The selected NI should bid for latest model with latest specifications as per requirements
stated in the RFP document provided at Appendix-C.
163. The selected NI should consider the Bank’s requirement, operational needs, existing
Security Portfolio, customization while implementing a robust, scalable Solution with all
industry best practices incorporated in the Solution.
164. The selected NI should be able to integrate all existing and proposed future IT
infrastructure setup including Security Solutions switches, routers, firewalls, IDS/IPS, and
existing and new Solutions that shall be under the purview of the Networking &
Communications dept. during the tenure of the contract. The selected NI should provide a
detailed Plan of action (POA) for integrating the LMS with all the above IT infrastructure
and Solutions. The POA shall include the approach, risk, benefits and downtimes (if any).
Post approval of POA, the NI shall work with the Bank’s internal/in-house IT team and
application owners to complete the integration of infrastructure and security controls.
165. The selected NI shall have to perform necessary configuration of all the
equipment/Solution, enable log generation from the devices, collection, normalize logs,
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 175 of 329 Confidential & Proprietary
enhance logs with Threat Intelligence, correlate logs, create & test use cases (especially
correlation rules) customized to the Bank’s requirement
166. The selected NI should continuously improve & recommend/create new correlation rules
based on new threats and incidents.
167. The selected NI should suggest the appropriate OS/firmware for all the supplied devices;
the OS/firmware should be of N-1 version. All critical/major vulnerabilities known till the
time of implementation should be remediated for the provided version.
168. The Bank shall perform its own VAPT (Vulnerability Assessment & Penetration Testing)
& Risk Assessment (RA) on the entire Solution before going live and the NI needs to fix
all the vulnerabilities/risks highlighted in the reports.
169. All the devices to be hosted should support both Ipv4 and Ipv6.
170. The selected NI shall provide all the necessary Software licenses, implement, customize,
and train the Bank’s inhouse team.
171. The selected NI shall have to ensure that the OEM of the Solution would subsequently
provide first, second and third level of support through bug fixes, updates and upgrades.
172. The selected NI will deploy and validate all the features in the Solution including (but not
limiting to) co-relation, use cases, Threat Intelligence Integration, Dashboard setup and
Report Customization, etc.
173. The selected NI should provide the cost of procuring blocks of additional 1000 EPS so
that the same may be procured in case it is required during the duration of the contract.
174. The selected NI is expected to utilize the information presented in this RFP and submit a
proposal(s) that may include variations of hardware and Software where allowed but that
meets all requirements specified and yet will fulfil future expectations as articulated. This
includes all hardware and Software required for implementing the proposed LMS its
remote Management and Operations. However, in case the bidders require more
information than has been presented in the RFP document, the same may be raised through
pre-bid queries and the information so requested shall be discussed during the pre-bid
meeting.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 176 of 329 Confidential & Proprietary
175. The selected NI shall arrange and facilitate the audit of the Solution by the regulators
and/or by the team appointed/identified by the Bank. The Bank shall, however, inform the
selected NI well in advance.
176. The Bank’s decision to extend, renew, transfer, reduce, terminate or change scope of the
Solution would be final and cannot be challenged by the bidder under any circumstances.
The decision will be based on the past performance of the Solution Operation and
Management services meeting all the Bank’s requirements.
177. The selected NI shall have to provide full documentation of the project and shall have to
update the document as and when there is any change in the Solution implemented for the
Bank. The Bank may provide a format for documentation to the successful bidder, if
required. The said documentation should include the following but may not be limited to:
177.1 Architecture & design document including Traffic flow document between the
devices.
177.2 Infrastructure build document
177.3 IP address allocations to various components.
177.4 Project Plan with milestones, resourcing and deliverables.
177.5 Inventory list consisting hostnames, make, model, serial number
177.6 Contract number for raising RMA with OEM in case of hardware failure
177.7 Testing cases and test results documented before and after implementation.
177.8 Standard Operating Procedures
177.9 Industry Best Practiced Use cases and customization for the Bank
177.10 Vendor support details and escalation matrix
177.11 OEM support details and escalation matrix
178. The selected NI shall assign project manager and associated support personnel for this
project. The number of resources provided along with their skillsets (example L1, L2, L3
implementation or Operations) will need to be shared with the Bank as part of the final
project plan.
179. The selected NI shall furnish teaming agreement with OEM for the above scope of work
and submit the same as part of the bid. This teaming agreement should include but not
limited to the ownership of the activities, timelines and resources associated to the
activities.
180. The selected NI shall further provide the deliverables and sign off for each of the
deliverables at various stages of customization and implementation. Further, the Bidder
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 177 of 329 Confidential & Proprietary
should arrange for sign-off by OEM for each of the critical stages of customization and
implementation.
181. The selected NI would ensure his personnel involved in the implementation and
management of the Solution have undergone background verification / police verification,
signed NDA’s & other HR related checks. The Bank may seek documents confirming
police verification of one or more employees of the NI at any stage of the contract. The
selected NI shall have to provide such documents to the Bank as and when required by the
Bank.
182. The OEM/OEMs should be committed to the success of the project by being involved in
implementation of the project till its completion. The selected NI shall ensure that OEM’s
should be involved in the overall implementation, support, sustenance, etc. for each of the
proposed Solution by the bidder as per the scope of work defined in RFP. The selected NI
shall ensure that the product OEM is involved in the implementation of the project till its
completion. A letter from the product OEM confirming the same must be submitted in the
technical bid.
183. The selected NI shall have to obtain from the OEM a certificate to the Bank post
implementation, confirming that the implementation of the Solution has been carried out
with best industry practices and the standards and no zero day threats or malware in the
installed device or appliance exists.
184. The following are the tentative expectations with respect to OEM involvement during the
contract period, that the selected NI shall have to ensure:
184.1 Review of Technical Requirements Specification document, considering all
quantitative and qualitative aspects related to configuration of the Solution from
an industry leading practices perspective and in tune with regulatory guidelines.
184.2 Review of Solution architecture to assess the extent to which same will support
business requirements and review gaps/ customizations, if any.
184.3 Review of information requirements and supporting processes w.r.t completeness
and quality
184.4 Review of functional configuration by duly benchmarking against defined scope
and business requirements
184.5 Review of test strategy, scenarios and test cases developed for supporting the
configuration for conducting UAT of the Solution configured.
184.6 Review of UAT environment, plans, mapping of test cases, triggering of use cases
developed and functional requirement specification and tracking mechanism for
resolution of issues.
184.7 OEM certificate Go live of respective component.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 178 of 329 Confidential & Proprietary
Section M – Network Performance Monitoring & Diagnostics (NPMD)
185. Bank’s vision is to have a “Network Performance Monitoring and Diagnostic” Solution
at The Bank’s Data centers located in Mumbai and Hyderabad and across Bank’s branches
/ offices. Vendor should supply all necessary hardware and Software for the required
Solution, along with necessary licenses. Further objective expected of Solution is to
capture data from continuous streams of network traffic, application servers, databases,
web servers, web services, ERP packages, virtual systems, cloud resources and end-user
systems (client machines) and convert those raw data into easy-to interpret charts and
tables that quantify exactly how the corporate infrastructure (including application, end-
user and network) is being used, by whom, and for what purpose.
186. It is to be noted that the prospective bidders shall have to provide the details of the Solution
vendor plus what all components are being provided by the third party vendors that are
considered by the bidder for identifying the OEM for the supply of the component and
sub-components.
187. The selected NI shall be responsible to document reports that need to be generated for
fault, performance and analysis of the network performance as per the Bank’s requirement.
188. The selected NI shall be responsible to supply necessary documents such as Installation
Guide, Administration Guide, Manuals and Data Sheet etc. The NI shall also provide the
Solution architecture document (HLD and LLD) that shall be scrutinized by the Bank’s
security departments. It shall be the responsibility of the selected NI to close all the open
observations that may be raised by the Information Security Department of the Bank.
189. The central devices will have to be installed on all Data Centres of the Bank and should
be sized as per the details mentioned in technical specifications.
190. The Data Centre devices should be in High availability across DC and DR. All central
components of the Solution should be in High Availability within the DC and also across
DC and DR.
191. All central components to be placed in DC site should have dual power supply.
192. The offered NPMD Solution should support at least the following. The detailed technical
specifications are mentioned in this RFP document. All the proposed Components for
NPMD Solution should be from single vendor. Solution should have following:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 179 of 329 Confidential & Proprietary
192.1 Solutions should have capability for network and application visibility,
monitoring, analytics, reporting, and troubleshooting.
192.2 Provides insight into the performance of all infrastructure and application
components involved in service delivery.
192.3 Supports Unified Communications & Collaboration service features including call
setup / teardown and call quality analysis.
192.4 Dashboard, Service and Traffic Monitors with contextual Session Analysis and
Packet Analysis drill downs.
192.5 Real-time proactive alerting notifies of problems before they become service
impacting, user affecting events. Customizable reporting module provides day-
today business and operational reports which can be scheduled for daily, weekly
and monthly delivery.
192.6 Scalable, enterprise-class architecture supports large scale geographically
distributed deployments in physical, virtualized, hybrid, or private cloud-based
environments with single pane of glass.
192.7 The offered NPMD Solution should be scalable, secure, robust, advanced, flexible,
easy to deploy, reliable, built in redundancy and should support distributed
architecture along with the 3rd party integrations.
193. Supply, installation, Implementation, Operations and Maintenance of Network
Performance Monitoring and Diagnostic Solution at the Bank’s Data Centers located in
Mumbai and Hyderabad and across Bank’s branches / offices.
194. Solution tools include the ability to combine data from disparate monitoring silos and
correlate them through log files, hardware statistics and network usage reports collected
through both synthetic and real methods, and provide advanced analytics/AI/ML features
to improve end user experience for the services provided by the Bank’s IT.
195. The information is to be displayed in a dashboard that makes it easier for IT professionals
to read data logs, which saves them from having to perform memory dependent and error
prone manual correlation and analysis.
196. Bank needs the Solution, with total visibility – including the underlying physical as well
as virtual infrastructure including network devices / components. Three sets of
performance metrics are required to be closely monitored:
196.1 Performance experienced by end users (both front end and back end) of the
application.
196.2 Performance metrics to measure the computational resources used by the
application for the load, indicating whether there is adequate capacity to support
the load, as well as possible points/locations of a performance bottleneck.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 180 of 329 Confidential & Proprietary
196.3 Flow based (NetFlow, Jflow, IPFIX etc) capture, having potential to capture real-
time packets with Deep Packet Inspection (DPI) capability. Analysis of traffic
captured at multiple segments using centralized management console with
Predictive analytics and anomaly detection using AI/ML.
197. The Solution shall be able to monitor the health and performance on the End-user system,
Servers and underlying network infrastructure while also providing functional dimensions
of digital experience monitoring (DEM).
198. The Solution shall apply data-driven analytics and ML technology to enhance the
effectiveness of monitoring.
199. The Solution shall discover network quality which can further help in optimizing the
performance and availability of networks.
200. The Solution should help the Bank monitor all the components at all layers for an optimal,
application and network delivery and helps to improve the end user experience. The
Solution strives to detect and diagnose complex application and network performance
problems to maintain an expected level of service.
201. To provide robust NPMD Solution with scalability to meet future needs for monitoring
network and application performance, a platform which provides analytics for issue
tracking, auto ticketing and predicting issues and integrate with various platforms /
application systems in the Bank.
202. Data Sources: The Solution should be an end-to-end monitoring Solution that shall have
the capability to monitor all the components involved in the application flow, including
end-points, network devices at branches and Data Centres and servers (WEB/APP/DB).
This shall be achieved by monitoring the following elements at different layers by:
202.1 End Points: The Solution shall monitor the different applications and processes
running in the end point, health of the end-point and monitoring performance of
critical transactions of critical applications with respect to the end-point. The
information captured shall enable the centralized monitoring team of the selected
NI to identify if the slowness experienced by the end-user is due to the poor
performance or over-utilization of the end-point itself.
202.2 Network devices at branches: The Solution shall monitor the health of the
networking devices and network links at branches, in addition to capturing the top
talkers (flows utilizing max bandwidth) at individual branches. Further, the
Solution shall provide this capability without having the need to capture packets
from the networking devices at the branches. The Solution should be able to
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 181 of 329 Confidential & Proprietary
provide this functionality with the use of flows and/or SNMP data from networking
devices at branches only.
202.3 Network devices at Data Centres: The Solution shall have the capability to
capture packets from identified locations with respect to the application flow for
critical applications to enable the user to extract in-depth information regarding the
performance of the transactions. The Solution should provide a mechanism to
collect packet capture from multiple sources, aggregating the collected packets and
share with their analytics tool for further processing. The Solution should provide
mechanism to create baseline with respect to the performance of critical
transactions of Bank’s applications and also provide customized dashboards to
proactively monitor the performance of these transactions. Bank may, during the
contract period for which the cost is valid go for additional procurement of devices
as per the rate specified in the RFP.
202.4 Monitor health of Network Devices: The Solution shall provide a mechanism to
capture the health of the network devices, including the CPU utilization, memory
utilization, up/down status, etc. using SNMP data from network devices.
202.5 Application Monitoring: The Solution shall provide a mechanism to monitor the
performance of the application server. This shall include monitoring the CPU and
memory utilization of the application servers and their respective resource
utilization, monitoring the time taken to process individual transactions / DB
queries / modules / piece of codes.
202.6 Central Dashboard: The Solution shall have a central component that shall enable
the users of the Solution to have an end-to-end visibility of all the components of
their IT infrastructure and also co-relate the information provided by the different
components of the Solution. The central dashboard will be in Active-Passive setup
across DC-DR.
203. The team managing the Solution shall include resources who will have to gain knowledge
about both the network architecture and application architecture.
204. Submit architecture diagram of entire setup with network and Information security
requirements (HLD and LLD) while deploying the setup in High Availability in Bank’s
Data Centres.
205. Solution should be capable of seamless DC-DR replication without any lag.
206. The MIS being generated through the Solution should also provide: i. Break-up of critical
issues per application ii. Categorization of RCA
207. The Solution must integrate with various systems / applications in the Bank including but
not limited to SOC, PIMS, NOC, Command Centre, ITAM, Service Desk, ADS, SSO,
ITSM, Complaint management.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 182 of 329 Confidential & Proprietary
208. The Product should be compliant with guidelines issued by applicable regulatory
authorities such as RBI, UIDAI etc, if any.
209. If the Bank desires to have, the Bidder should be able to setup a MOC (Monitoring
Operations Center) Lab for Synthetic Monitoring which is to be managed 24*7 along with
the support. The selected NI needs to verify all alerts for authenticity, considering the
Bank’s IT environment, before escalating to the Bank’s team.
210. The Solution should have automated capability to monitor End-to-End Transaction in
synthetic testing. This should also include the Journey involving 3rd party integrations and
merchants.
211. Provide end-to-end deployment methodology in the Bank’s environment.
212. Bank will conduct security audit for the entire Solution, from time-to-time and also before
commissioning of the Solution. The selected NI will be responsible for closing all the
security observations made by the Bank during the entire contract period. For the first
time, the Solution will only be allowed to be deployed by the Bank once all the security
observations made by the Bank are closed or an exception is received from the Bank. The
selected NI will be responsible for closure of all security observations and then
deployment of the Solution at all 24000 locations 182pprox.. (including DCs, DRs and
other branches and offices) of the Bank as per timelines specified above.
213. The bidder should upfront provide all the relevant pre-requisites which are expected from
Bank’s side in their deployment methodology document.
214. Attach Solution document and deployment methodology containing detailed bill of
material (make, model, OS details: version, date of release product development path, etc.)
explaining the bidder’s approach regarding implementation and commissioning of the
Solution.
215. The selected NI should arrange a certification from OEM that the proposed Solution is
Enterprise grade and that it will work for an enterprise. The proposed Solution should have
enterprise license without any restrictions to use the features mentioned in the RFP from
day one.
216. The selected NI is required to deliver all the required equipment meant for a
branch/office/DCs i.e. appliances, servers, serial-to-ethernet converter, racks, cables, etc.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 183 of 329 Confidential & Proprietary
in a single shipment. Bank will not accept the partial delivery of the equipment. The partial
delivery or installation will not be considered as installed.
217. The selected NI is required to configure the commissioned network equipment and the
Central Management servers and NOC portal for Management and monitoring/SLA. The
Solution will be considered deployed for a branch only after the deployment of the site on
the NOC portal.
218. The selected NI is responsible for taking backup of all in-scope Solution/device. The
backup shall include but not limited to configuration backup, Log backup and same needs
to be stored for contract period on the Log management Solution covered as detailed in
this RFP.
219. The proposed and deployed Solution should identify the time taken by individual
component/application to process the traffic.
220. Intercommunication between different components of NPMD (if any) should happen as
per the Bank’s security policy.
221. The selected NI should arrange Hands-on LAB training on the product with the OEM in
OEM LAB for the Bank officials.
222. The following are the tentative expectations with respect to OEM involvement during the
contract period, that the selected NI shall have to ensure:
222.1 Review of Technical Requirements Specification document, considering all
quantitative and qualitative aspects related to configuration of the Solution from
an industry leading practices perspective and in tune with regulatory guidelines.
222.2 Review of Solution architecture to assess the extent to which same will support
business requirements and review gaps/ customizations, if any.
222.3 Review of information requirements and supporting processes w.r.t completeness
and quality
222.4 Review of functional configuration by duly benchmarking against defined scope
and business requirements
222.5 Review of test strategy, scenarios and test cases developed for supporting the
configuration for conducting UAT of the Solution configured.
222.6 Review of UAT environment, plans, mapping of test cases, triggering of use cases
developed and functional requirement specification and tracking mechanism for
resolution of issues.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 184 of 329 Confidential & Proprietary
222.7 OEM certificate Go live of respective component.
Section N – Category-1/Existing Solution Management
223. Network Access Control (NAC)
223.1 The selected NI shall be responsible for the implementation, management and day
to day operations 24*7*365 with regard to NAC solution.
223.2 The selected NI shall be responsible to implement NAC related configuration on
all the switches (existing as well new) as per the Bank’s requirement from the
device deployment date itself. The most common place where implementation may
require are the branches, offices, Data Centres (DC), Offsite Data Centres (ODC)
and foreign locations of the Bank’s entities etc.
223.3 The selected NI shall be responsible to do appropriate changes at the NAC servers
to make switch configuration effective as per the Bank’s requirement.
223.4 The selected NI shall be responsible to test the appropriate scenarios with respect
to NAC related configuration on network devices and NAC solution and make
them effective without disrupting the existing operations or deteriorating user
experience.
223.5 The selected NI shall be responsible to keep proper record with sanctity of the
NAC deployed switches, ports, devices, end-points etc. The selected NI shall also
be responsible to do periodic review of such configuration data and submit report
to the Bank.
223.6 The selected NI shall be responsible to provide the data, report in specified format
as and when required for audit and review or any other purpose to the Bank. Bank
has the right to change the format and selected NI shall be abided to provide the
information in the format.
223.7 The selected NI shall be responsible to deploy proper mechanism to ensure 100%
implementation of the NAC.
223.8 The selected NI shall be responsible for complete management and administration
of the NAC solution in the Bank. The selected NI shall also be responsible to
manage NAC related configuration on network devices as per the Bank’s
guidelines.
223.9 The selected NI shall be responsible for the redeployment of the solution in case
of any need to relocation the device
223.10 The selected NI shall be responsible for monitoring of all possible physical and
logical parameters of the NAC solution including relevant components (for
example NAC servers, racks, switches load balancers etc.). The parameters are for
example utilisation of the server network interface, Hard disk, RAM and CPU.
223.11 The selected NI shall be responsible to resolve any issue in performance of the
solution or operation due to abnormality observed in physical or logical parameters
in consultation with the OEMs.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 185 of 329 Confidential & Proprietary
223.12 The selected NI shall be responsible to coordinate with solution SI or OEM as and
when needed for resolution of any issue in the NAC solution.
223.13 The selected NI shall be responsible to coordinate among different stakeholders
(like Active-Directory owners, Anti-virus owners, etc) for additional
functionalities/configurational features, integration and till the resolution of any
issue.
223.14 The selected NI shall be responsible for policy and other parameter configuration
in NAC infrastructure as per the Bank’s guideline and policy. The selected NI shall
also ensure clean-up of unused and unwanted policies configuration from the NAC
solution. Configuration clean-up shall be done under the supervision of Bank’s
designated officials and as per Bank policy.
223.15 The selected NI shall be responsible to resolve the NAC related day to day
operational issues. The selected NI shall also be responsible to create
knowledgebase for such operation issues and corrective steps taken for resolution.
223.16 The selected NI shall be responsible to upgrade the NAC solution software which
include OS, patch, end-point agents etc. The upgrade must be done with proper
testing and documentation as per the Bank’s guideline and policy.
223.17 The selected NI shall be responsible for creation and maintenance of all document
related to solution implementation/management and day to day operation. The
documents may include Solution document, standard operating procedure (SOP)
documents, asset register, incident documents, change request (CRF) documents,
Architecture and flow diagram document, user access management document etc.
223.18 The selected NI shall be responsible for timely closure of the security audit
observation and incidents as per the Bank guidelines and policy.
223.19 The selected NI shall be responsible to perform feasibility study to check existing
or new functionality of the solution based on modification in existing requirement
or new requirement as advised by the Bank.
223.20 The selected NI shall be responsible to provide the training to the Bank’s
designated officials across all the Circles.
223.21 The selected NI shall be responsible to perform the Disaster recovery drill and
production movement as and when Bank will announce the Integrated Business
Continuity Exercise (IBCE). The DR drill will also be conducted in case of issue
in solution Production setup at primary data centre. The selected NI shall also share
the documentation and report for such activity as per Bank’s requirement.
223.22 The selected NI shall be responsible to attend any reported issue within the
minimum time as mentioned as part of the SLA in this document. The reporting
mechanism may be anyone of the following:
a. Standard Ticketing tool
b. SMS
c. Telephone/Mobile call
d. E-mail
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 186 of 329 Confidential & Proprietary
223.23 The selected NI shall be responsible to provide hand and feet support to the
concerned officials for resolution of NAC related issues. The selected NI shall also
be responsible to provide support over remote session of desktops for analysis and
troubleshooting of issue causing abnormal blocking of network access on the end
machine.
223.24 The selected NI shall be responsible to track all the reported issue till resolution.
The selected NI shall also be responsible to update the progress / status to the
designated officials of the Bank, on regular basis, till the time the incident / issue
gets resolved.
224. Virtual Private Network (VPN)
224.1 The selected NI shall be responsible to monitor and manage the existing VPN
solution in high availability (including DC and DR).
224.2 The selected NI shall be responsible for the redeployment of the solution in case
of any need to relocation.
224.3 The selected NI shall be responsible to implement new feature or solution (as and
when required to the Bank) as per the Bank’s policy. New feature and services
responsibility include following but not limited to:
a. Enable access of services and applications inside the organisation network
from internet or intranet trusted machine in a secured manner.
b. No direct communication from the external users to the internal private
network bypassing the Secure Remote Desktop Gateway.
c. Ensure superior visibility, precise control, and threat prevention at the
application level.
d. Ensure controlled application access with user-based policies
e. Automated security deployment and policy updates
f. Two factor authentications for users on boarding.
g. Provide real time statistics on connected users, IP address, TCP connections,
and system utilization.
h. Integration of existing VPN solution with Bank’s infrastructures.
i. Upgrade of software, patches and closure of security
vulnerabilities/observation.
j. Coordination among different stakeholders.
k. Tracking and resolution of issues reported for the VPN.
l. Carry out quarterly review of the system performance.
224.4 The selected NI shall be responsible to check all release /version change of patches/
upgrades/updates of Hardware/software/OS/Middleware etc. as and when released
for the platform. The selected NI shall ensure implementation of upgrades and
changes as per the Bank’s policy.
224.5 The selected NI shall inform the Bank well in advance for end of support dates on
related products/ licences.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 187 of 329 Confidential & Proprietary
224.6 The NI shall be responsible to submit Root Cause Analysis reports (wherever
applicable within 3 working days from the date of incident or from the date of
reporting by the Bank, whichever is earlier)
225. Video Conferencing (VC)
225.1 The selected NI shall be responsible to monitor and manage the Bank’s Video
Conferencing solution deployed across the Bank (including abroad).
225.2 The selected NI shall be responsible for the redeployment of the solution in case
of any need to relocation the device
225.3 The selected NI shall be responsible to track, troubleshoot and resolve the reported
issue by end users.
225.4 The selected NI shall be responsible to carry out quarterly review of the system
performance and accordingly perform the following maintenance and support
activities (but not limited to):
a. Diagnostic check of the performance of the entire solution as well as
individual components and hardware configurations.
b. Operating system component check (for updates and vulnerabilities).
c. All necessary services & configurations for successful functioning of the
solution as per the features specified in the RFP.
d. Preventive maintenance (to be performed quarterly with supporting reports)
e. Troubleshooting and resolution of issues
225.5 The selected NI shall be responsible for the submission of various reports
mentioned below but not limited to:
a. Uptime report
b. Number of Conference calls and their details for e.g. start time, call duration,
call drop (if any)
c. Number of participants in specified call (with joining and end time etc.)
d. System performance report
e. Number of Calls by specified room-based end point and total duration of the
calls in a specified period.
f. Call Quality Report.
g. Preventive maintenance report etc.
h. Any other report as and when desired by the Bank.
225.6 The selected NI shall ensure Software updates for equipment are up to date at any
point of time, without impacting services
225.7 Timely closure of all security vulnerabilities
225.8 Integration with other solutions of the Bank.
226. Secure Web Gateway (SWG)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 188 of 329 Confidential & Proprietary
226.1 The selected NI shall be responsible for the redeployment of the solution in case
of any need to relocation the device.
226.2 The selected NI shall be responsible for the deployment and maintenance of
additional hardware if procured by bank
226.3 The selected NI shall be responsible for timely updating of related technical
documents pertaining to Proxy and its related components.
226.4 The selected NI shall be responsible for deployment of proxy solution at foreign
offices of SBI.
226.5 The selected NI shall provide proactive monitoring and management of all the
appliances which are part of the solution at DC and DR site.
226.6 The selected NI shall be responsible to coordinate with different stakeholders
(including OEM) for resolving reported issues or implementing new features.
226.7 The selected NI shall track and monitor all the cases till resolution.
226.8 The selected NI shall be responsible for implementing Bank approved internet
access guidelines. The operations should always adhere to the guideline.
226.9 The selected NI shall be responsible to closure of security and audit observation.
226.10 The selected NI shall be responsible to track all the upgrade release by the OEM
for the platform and implement suitable release as per Bank’s policy.
226.11 The selected NI shall be responsible to provide periodic reports as requested by the
Bank in specified format.
226.12 The selected NI shall be responsible to provide reports on service request logged
by end-users, support calls logged with OEM in the below given format:
a. Call logged date
b. logged by (details of end-user/OEM)
c. Action Taken
d. Status
e. Call Closed Date
226.13 The selected NI shall notify all malware, spyware, viruses, phishing & other web-
based threats incidents to the Bank immediately and resolve within 4 hours. To
provide incident root cause analysis reports within 3 working days of the incident
containing details of:
a. Description of the incident
b. Cause of incident
c. Damage observed impact in terms of download/data loss/any other damage
d. Supporting evidence
e. Recovery Time
f. Steps to be taken to avoid the same in future
g. Remedial steps taken- both corrective & preventive.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 189 of 329 Confidential & Proprietary
226.14 The selected NI shall be responsible to fine-tune the solution, providing
suggestions/recommendations for various issues reported to them or for adoption
of best practices in the industry etc.
226.15 The selected NI shall be responsible to monitor the health of all devices on
proactive basis.
226.16 The selected NI shall conduct DR drill as and when required and submit the report
in the necessary format.
226.17 The selected NI shall review all the pending issues and should discuss with the
Bank on weekly basis.
226.18 The selected NI shall be responsible for configuration backup. Restoration and
testing of restored data.
226.19 The selected NI shall follow Bank’s approved Change request Management
process.
226.20 The selected NI shall keep proper tracking of all activities and user access on proxy
or routed through proxy.
226.21 The selected NI shall be responsible to track the end of support dates on related
products/ hardware as soon as they are declared by their respective OEMs and
informed to the Bank well in advance.
226.22 The selected NI shall be responsible to implement and manage any additional
hardware and software procured by the Bank, at any stage during the contract
period. Additional software/hardware/licences procured at a later stage shall also
be managed centrally using the existing central managers commissioned.
226.23 The selected NI shall be responsible to carry out quarterly review of the system
performance (including preventive maintenance) and carry out maintenance and
support activities including (but not limited to) the following:
a. Diagnostic check of the performance of the entire solution as well as
individual components and hardware configurations
b. Operating system component check (for updates and vulnerabilities).
c. All necessary services & configuration for successful functioning of the
solution
d. Cleaning and removal of dust and dirt from the interior and exterior of the
equipment and necessary repair of the equipment
226.24 The selected NI shall be responsible to provide Root Cause Analysis reports
(wherever applicable, within 3 working days from the date of incident or from the
date of reporting by the Bank, whichever is later).
226.25 The selected NI shall be responsible to ensure integration of the Solution with other
solutions of the bank (existing or future) such as Active Directory (AD), Data Loss
Prevention (DLP), Privileged Identity Management System (PIMS), SIEM etc. as
and when the need arises during the entire duration of the contract without
additional cost to the Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 190 of 329 Confidential & Proprietary
226.26 The selected NI shall be responsible for the submission of various reports (such as
uptime report, system performance report, preventive maintenance report etc.)
periodically and on-demand by the bank. The frequency and various other types of
the reports shall be discussed with the selected NI.
226.27 The selected NI shall be responsible to perform following activities but not limited
to:
a. User Management – User creation/deletion/modification (after receiving
appropriate authorization from Bank) for internet access responding to
queries of end-user, user access policy management etc.
b. Fault Management – Detecting, isolating and correcting problems,
reporting problems of end-users and managers, tracking trends related to the
problem.
c. Incident Management – The Helpdesk team will provide for an incident
management process to seamlessly facilitate a fault/call from initial
identification, notification, logging, diagnosing, and closing the issue.
d. Log Management – Retention of all logs (including user access logs,
security logs, audit trail etc.) for a period as per the Bank’s requirement
e. URL whitelisting – URL addition and deletion as per bank requirement.
f. Managed Appliance Database – Appliance Database would be maintained
by the Help Desk. Managed appliances information must include (but not
limited to) Make, Model, Serial number, Installation location, rack, IP
addresses, physical connectivity (port to port), Software version, Firmware
version, License Details etc.
g. MIS Report Generation requirement and Preparation of Disaster Recovery
(DR) Plan, Business Incident Analysis (BIA), Call Tree report, Risk
Assessment (RA) reports, all type of Audit compliance, responses &
resolution of audit queries as per the Bank’s requirement in compliance with
the Bank’s internal policies
h. Preparation and submission of user-defined reports including Top URLs
visited, Top bandwidth users, Policy violations, URL Categories, Appliance
performance, Appliances usage, Project Plan, DR Plan, Business Continuity
Plan and other report as required by Bank.
227. Domain Name System (DNS)
227.1 The selected NI shall have to manage the Domain Name Service (DNS) Solution
for day to day operation on 24*7 support basis. The selected NI has to assign One
dedicated engineer L2 or L3 having expertise in F5 DNS or other DNS Solution
procured by Bank during the NI contract. The dedicated engineer will manage,
maintain the DNS Solution along with DNS related documents preparation, apply
patches and OS/ firmware fixes as an when released by OEM or required by Bank
along with closure of security incidents if any raised by Bank or advisories. Timely
submission of the root cause analysis of any incident related to DNS.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 191 of 329 Confidential & Proprietary
227.2 The selected NI shall also perform the DC and DR switching of the DNS as per
the IS policy of the Bank.
227.3 The selected NI shall be responsible to redeploy the solution in case of relocation
of the device are needed to the Bank.
227.4 The selected NI shall be responsible for the deployment and maintenance of
additional hardware if procured by bank
227.5 The selected NI shall be responsible for timely updating of related technical
documents pertaining to DNS and its related components.
227.6 The selected NI shall be responsible for maintaining the uptime of the solution.
227.7 The selected NI shall be responsible for Record creation, Record modification,
Record monitoring in DNS and automatic sync of the DNS records across the
solution.
227.8 The selected NI shall be responsible to conduct daily health check, fault
identification, isolation, resolution and submission of the report to the Bank.
227.9 The selected NI shall be responsible to conduct preventive maintenance of the
solution in every quarter and submit report to the Bank.
227.10 The selected NI shall be responsible for conducting and coordinating DR Drills of
DNS solution.
227.11 The selected NI shall be responsible to track the software upgrade and release for
the platform and implement appropriate upgrade in the solution.
227.12 The selected NI shall be responsible for timely closure of security and audit
observation.
227.13 The selected NI shall be responsible for following activities (but not limited to)
a. Log Management
b. User management
c. Asset Management
d. Integration with Bank’s other solutions.
e. Backup, Restoration, and testing.
f. Monthly reporting of issues and cases raised with OEM etc.
g. Generic reports as required
227.14 The selected NI shall be responsible to carry out quarterly review (including
preventive maintenance) of the system performance and perform following
maintenance and support activities (but not limited to):
a. Diagnostic check of the performance of the entire solution as well as
individual components and hardware configurations.
b. Operating system component check (for updates and vulnerabilities)
c. All necessary services & configuration for successful functioning of
application
d. Trouble shooting and resolution issues
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 192 of 329 Confidential & Proprietary
228. Time Servers (Network Time Protocol)
228.1 NI has to manage and maintain the Network Time Protocol (NTP) overall infra as
per Bank policy, manage, maintain the NTP appliances, upgrade of OS/firmware,
closure of security incidents, preparation of various documents related with NTP.
228.2 The selected NI shall be responsible for the redeployment of the solution in case
of relocation of the device.
228.3 The selected NI shall be responsible for the deployment and maintenance of
additional hardware if procured by bank
228.4 The selected NI shall be responsible for timely updating of technical documents
pertaining to NTP and its related components.
228.5 The selected NI should be responsible for maintaining uptime of the devices.
228.6 The selected NI shall be responsible for Record creation, Record modification,
Record monitoring in NTP
228.7 The selected NI shall be responsible to conduct daily health check of the solution.
228.8 The selected NI shall be responsible for fault identification, isolation, and
resolution of the issues.
228.9 The selected NI shall be responsible for conducting and coordinating DR Drills of
NTP solution including documentation.
228.10 The selected NI shall be responsible to ensure that the NTP solution is in Sync with
all sites at real time.
228.11 The selected NI shall be responsible for closure of security and audit observation.
228.12 The selected NI shall be responsible for following activities (but not limited to):
a. Log Management
b. User management
c. Asset Management
d. Integration with SBI security solutions.
e. Backup, Restoration, and testing.
f. Monthly reporting to project manager with issues, cases raised with OEM
etc.
g. Generic reports as required
228.13 The selected NI shall be responsible to carry out quarterly review of the system
performance and perform following maintenance and support activities (but not
limited to):
a. Diagnostic check of the performance of the entire solution as well as
individual components and hardware configurations.
b. Operating system component check (for updates and vulnerabilities)
c. All necessary services & configuration for successful functioning of
application
d. Preventive maintenance.
e. Trouble shooting and resolution issues
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 193 of 329 Confidential & Proprietary
f. RCA Documents
228.14 The selected NI shall be responsible to provide the report as and when required by
the Bank for uptime, number of devices and their details which are taking the time
directly from the NTP solution, system performance.
228.15 The selected NI shall be responsible to track and resolve the reported issue and
integrate the solution with Bank’s infrastructure. The selected NI shall also be
responsible for ensuring the time dissemination to each device in the network.
228.16 The selected NI shall be responsible to track all the release updates/upgrades for
the platform and implement appropriate upgrade as per Bank’s policy.
229. Network Security Policy Management (NSPM)
229.1 NSPM Solution shall be handled by selected NI for day to day task,
implementation of the FARs, changes in the workflow if required by Bank, Regular
OS and patches updates according to the security policy of the Bank and as well as
the closure of security-related incidents raised by an auditor, advisory or by Bank,
Preparation of the documents and reports related to the NSPM Solution as and
when required by Bank. Selected NI shall assign a dedicated team to perform day
to day operations and OEM certified expert engineers in NSPM Solution for the
administration of the same.
229.2 The selected NI shall be responsible for redeployment of the solution in case of
relocation of the device.
229.3 The selected NI shall be responsible for the deployment and maintenance of
additional hardware if procured by bank
229.4 The selected NI shall be responsible for timely updating of related technical
documents pertaining to NSPM and its related components.
229.5 The selected NI shall be responsible for maintaining uptime of the solution.
229.6 The selected NI shall be responsible to manage the development and deployment
of firewall automation workflow as per Banks requirement. The selected NI should
make modifications in the workflow as and when required by the Bank without
additional cost to the Bank.
229.7 The selected NI shall be responsible for NSPM system administration and
management.
229.8 The selected NI shall be responsible Record creation, Record modification, Record
monitoring in NSPM and ensure sync between the devices.
229.9 The selected NI shall be responsible to conduct daily health check and submit a
report.
229.10 The selected NI shall be responsible to track and resolve the reported issue and
integrate the solution with Bank’s infrastructure.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 194 of 329 Confidential & Proprietary
229.11 The selected NI shall be responsible to track all the release updates/upgrades for
the platform and implement appropriate upgrade as per Bank’s policy.
229.12 The selected NI shall be responsible for closure of all security and audit
observation.
229.13 The selected NI shall be responsible for fault identification, isolation, and
resolution of the issues.
229.14 The selected NI shall be responsible for conducting and coordinating DR Drills of
NSPM solution including documentation.
229.15 The selected NI shall be responsible for following activities (but not limited to):
a. Log Management
b. User management
c. Asset Management
d. Integration with Bank’s other infrastructure.
e. Backup, Restoration, and testing.
f. Monthly reporting to project manager with issues, cases raised with OEM
etc.
g. Specific reports as and when required
229.16 The selected NI shall be responsible to carry out quarterly review of the system
performance and perform following maintenance and support activities (but not
limited to):
a. Diagnostic check of the performance of the entire solution as well as
individual components and hardware configurations.
b. Operating system component check (for updates and vulnerabilities)
c. All necessary services & configuration for successful functioning of
application
d. Preventive maintenance.
e. Trouble shooting and resolution issues
f. RCA Documents
229.17 The selected NI shall be responsible for the submission of various reports (such as
uptime, request raised in the system by whom and when, time taken to process the
requests by each layer for review and approve etc) as and when required by the
Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 195 of 329 Confidential & Proprietary
PAYMENT SCHEDULE:
Sr.
No. Category Payment Terms
1 Delivery of Hardware & Software for
NOC-1 and NOC-2, LMS and NPMD
30% of the respective component value
2
Installation of Hardware &
customization of Software of NOC-1,
LMS and NPMD
30% of the respective component value
3 UAT & Production & Go Live of
NOC-1 LMS and NPMD
20% of the respective component value
4
Installation of Hardware &
customization of Software of NOC-2,
DR setup of LMS and NPMD
10% of the respective component value
5 Production & Go Live of NOC-2 10% of the respective component value
6 Human/ Personnel Resources Quarterly arrear basis. Pro-rata basis as per
“cost per resource” for the respective role
7 Annual Maintenance Contract (AMC)
/ Annual Technical Support (ATS) Quarterly in Arrears
8 LAN Management Quarterly in Arrears
9 NOC/Network Certification charges/
Trainings & Certifications On completion of Task
10 Rate Contract for incremental items After delivery and sign off
11 Miscellaneous Recurring Charges Quarterly in arrears for the services rendered and
pro-rata wherever applicable
12 Cost for Storage (per pallet)/ Cost of
Insurance/ Courier Charges On production of relevant proofs
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 196 of 329 Confidential & Proprietary
Appendix-F
Indicative Price Bid
The indicative Price Bid needs to contain the information listed hereunder in a sealed
envelope bearing the identification–“Indicative Price Bid for Procurement of
______________________”.
Name of the Bidder – M/s
(Rs. In Lakh excluding all applicable taxes)
S.
No Description Qty Amount
Proportion to
Total Cost of (in
%age)
I One-time Costs
1 Hardware / Appliances (Table A)
2 Software & customized applications
(Table B)
3
NOC set-up (installation in DCs, UAT
etc.) including Software installation and
customizations, if any
4 Integration of entire IT infra of the
Bank with each NOC technology as per
scope of work
5 Transition from existing NOC to
New NOC
Total Cost of I (1+2+3+4+5)
II Recurring Costs
1 LAN Management (Table C)
2 Personnel Resources (Table D)
3 Rate Contract for incremental items
(Table E)
4 Trainings & Certifications (Table F)
5 NOC/Network Certification charges
(Table G)
6 Miscellaneous Recurring Charges
(Table H)
Total Cost of II (1+2+3+4+5+6)
*TCO for Contract period (I + II)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 197 of 329 Confidential & Proprietary
Add rows in above table for additional items, if any.
*This will be the Total Cost of Ownership (TCO)/Total Project Cost and should be quoted in
the reverse auction.
Note:
These are the indicative commercials for services provided by the bidder for setting
up NGNOC including installation of hardware, software, applications etc. as per Bill
of Material submitted in the technical bid for NGNOC
Table A: Hardware/ Appliances
(Rs. In Lakh excluding all applicable taxes)
S.N Hardware
Description Quantity
Cost
including
three years
warranty
(A)
Post
warranty
AMC for
two years
(B)
Cost for
Contract
period
C=(A+B)
Proportion
to Total
cost of (in
%age)
A1. DCs Location Setup
1.
NOC-1 setup
(Each tool /
Solution /sub-
component to be
mentioned as a
separate line-
item, including
racks)
2. NOC-2 setup (Each
tool / Solution /sub-
component to be
mentioned as a
separate line-item,
including racks)
3. LMS (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item,
including racks)
4. NPMD (Each tool /
Solution /sub-
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 198 of 329 Confidential & Proprietary
component to be
mentioned as a
separate line-item,
including racks)
Total cost
A2. UAT Environment
1.
NOC-1 setup (Each
tool / Solution /sub-
component to be
mentioned as a
separate line-item,
including racks)
2. LMS (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item,
including racks)
3. NPMD (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item,
including racks)
Total cost
Total cost of Table A (A1 + A2)
Add rows in above table for additional items, if any.
Note –
• Bidder must propose hardware which require optimized space, power
consumption and cooling. Preference will be given to greener technologies.
• Comprehensive annual maintenance for Hardware / Appliances mentioned above
for 2 years, after the end of comprehensive warranty should be 10 % p.a. of the
cost for Hardware / Appliances.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 199 of 329 Confidential & Proprietary
Table B: Software & customized applications
Software cost in below table is not applicable to technologies based on proprietary
appliance having specific throughput as per data sheet provided in the technical bid. As
such, it is assumed that the Software cost is loaded in appliance cost in table B above.
(Rs. In Lakh excluding all applicable taxes)
S.N Description Quantity
Cost
including
three years
warranty
(A)
Post
warranty
AMC for
two years
(B)
Cost for
Contract
period
C=(A+B)
Proportion
to Total
cost of (in
%age)
B1. DCs Location Setup
1.
NOC-1 setup
(Each tool /
Solution /sub-
component to be
mentioned as a
separate line-
item including
perpetual license
cost)
2. NOC-2 setup (Each
tool / Solution /sub-
component to be
mentioned as a
separate line-item
including perpetual
license cost)
3. LMS (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item
including perpetual
license cost)
4. NPMD (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 200 of 329 Confidential & Proprietary
including perpetual
license cost)
Total cost
B2. UAT Environment
1.
NOC-1 setup (Each
tool / Solution /sub-
component to be
mentioned as a
separate line-item
including perpetual
license cost)
2. LMS (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item
including perpetual
license cost)
3. NPMD (Each tool /
Solution /sub-
component to be
mentioned as a
separate line-item
including perpetual
license cost)
Total cost
Total cost of Table B (B1 + B2)
Add rows in above table for additional items, if any.
Note:
• It is the responsibility of the Bidder & OEM to envisage Software / applications
required for smooth running of the GCSOC for Contract period without any extra
procurement than above. If any required at latter stage bidder has to bear the cost.
• Comprehensive annual maintenance for Software & Customized Applications
mentioned above for 2 years, after the end of comprehensive warranty should be
15% p.a. of the cost for Software & Customized Applications.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 201 of 329 Confidential & Proprietary
Table-C : LAN Management Cost
Description
Switch
Weight
[A]
Unit
Cost
per
year
(in
Rs.)
[B]
Total
Cost
(per
year)
[C] =
[A] x
[B]
Total
Cost
for 5
Years
[D] =
5 x
[C]
Proportion
to Total
cost of (in
%age)
*Data Center/ offices LAN
Management scope as described in
section ‘C’ of Scope of Work.
4,500
LAN Management Cost Bank’s
Branches/offices network excluding
Data Center switches) per year
30,000
Total of Table C
Note-1: LAN Management Cost will be calculated based on the number of deployed
switches in the Bank’s network (including domestic and foreign offices but excluding Data
Center switches) per year. For example, if there are ‘N’ number of switches deployed in
the Bank’s network as on the last date of a given calendar quarter, the LAN management
cost payable shall be as under: ‘X’/30,000 * ‘N’
Where ‘X’ is the rate discovered for 30,000 deployed switches (weight), and ‘N’ is the
number of deployed switches arrived at by fetching the data directly from the monitoring
tool.
Note-2: Data Center LAN Management includes cabling between two network devices
and/ or network device and server/solution component within the Data Center. LAN
Management Cost will be calculated based on the number of Racks per year. The payment
will be made based on actual number of deployed racks at the end of each quarter.
For example, if there are ‘N’ number of Racks (as defined above) deployed in given Data
Center as on the last date of a given calendar of a quarter, the LAN management cost
payable for that Data Center shall be as under:
‘Y’/4,500 * ‘N’
Where ‘Y’ is the rate discovered for 4,500 racks (weight)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 202 of 329 Confidential & Proprietary
Table-D:
Table D.1: Human Resource (dedicated) Cost
Role Description
(minimum working
hour for each resource
is 8 hours per day)
Weight
[A]
Individual
Resource
Cost per
month (in
Rs.)
[B]
Total
Resource
Cost
(per
month)
[C] = [A]
x [B]
Total
Resource
Cost for
5 Years
[D] = 60
x [C]
Proportion
to Total
cost of (in
%age)
Service Desk Engineer 42
Field engineer 749
L1 Engineer 85
L2 Engineer 51
L3 Engineer (Routing &
Switching) / Security /
Others (NW, D&C, QA
etc.)
58
Manager Operation / Data
Center / Asset
Management / TSP
Management
35
Manager project 4
Manager Engagement 3
System Engineer/
Administrator
4
Total 1031
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 203 of 329 Confidential & Proprietary
Table D.2: Human Resource (non-dedicated) Cost
Such resources shall be required in FO locations
Country Branch Name Non-
dedicated
Engineers
Required
[A]
Individ
ual
Resourc
e Cost
per day
(in Rs.)
[B]
Total
Resour
ce Cost
(per
day)
[C] =
[A] x
[B]
Cost
for 60
days
[D] =
[C] x
60
Proportio
n to
Total
cost of
(in
%age)
Australia
Sydney_Branch
1
BCP_Sydney
Melbourne
Bahrain
Bahrain Manama
Branch 1
FCB-Bahrain_Branch
Bahrain_Branch
Banglades
h
Khulna
1
Dhaka_Branch
Gulshan_Branch
Chittagong_Branch
Country Office
Belgium Antwerpen_Branch
1
Belgium_BCP
Botswana Botswana_Branch
1
Gaborone_BCP
Canada
Surrey_Branch
2
Totonto_HQ_Branch
Brampton_Branch
Vancouver_Branch
Missisauge_HO
Scarborough_Branch
Mississauga_Branch
China Shanghai_Branch
1
Shanghai BCP
Germany Frankfurt_Branch
1
Frakfurt BCP
HongKon
g
Cameron Road_BCP 1
Queensroad_Branch
Israel Tel-aviv-israel_Branch
1
Israel_BCP
Japan Osaka_Branch 2
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 204 of 329 Confidential & Proprietary
Tokyo_Branch
OSAKA BCP
Tokyo BCP
South
Korea
Seoul Branch 1
Seoul BCP
Maldives
Male, IGMH_Branch
2
SinooHithadoo_Branc
h
ADKHospital_Branch
Maldives_BCP
Attol_Branch
Mamingli
Hulumale
Maldives_HO
Mauritius
Port Louis
4
Super Unic
Supermarket
Bagatelle Mall ATM
Rose Belle Branch
Vacoas_Branch
Goodlands_Branch
China_Town_Branch
Central-flacq_Branch
Rodrigues_Branch
Mahebourg_Branch
Triolet_Branch
Curepipe_Branch
Rose-hill_Branch
Quatre-bornes_Branch
Mte-blanche_Branch
SBIIntouch_Mauritius
Ebene_Branch
Myanmar Myanmar_BCP
1
Yangon_Branch
Nepal Khatmandu_Branch 1
Oman Oman_Branch
1
Oman_BCP Branch
Singapore
Ananda Bhavan ATM
5
SuntecCity ATM
Changi Business Park
Changi T1
ATM(Changi Airport
Terminal 1)
Changi T2 ATM
Dhoby Ghaut ATM
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 205 of 329 Confidential & Proprietary
Farrer Park ATM
Hougang Mall ATM
Jurong Bird Park ATM
Little India Arcade
ATM
Marina Bay Sands
ATM
NTU ATM
Singapore_917
Toa Payoh Branch
Zoo ATM(MANDAI
ZOO)
SBIFO-SNG-2960-
AMOKO
Marine Parade Branch
Little India Branch
Jurong East Branch
Ang Mo Kio Branch
Clementi Branch
Jurong East Branch
Singapore
Headquarters (Celcil
Street)
South
Africa
Lenasia_Branch
1
Durban_Branch
Johannesburg_Branch
Sri Lanka
Colombo Main Branch
1
BCP_Branch
Kandy_Branch
Mawatha_Branch
UAE
Dubai_Main Branch
1
Dubai BCP Branch
Dubai_RH Office
Branch
United
Kingdom
London main Branch 2
4
Coventry Branch
Wolverhampton
Branch
Manchester Branch
Leicester Branch
Birmingham Branch
Bisposgate
Golders Green Branch
Southall Branch
EastHam Branch
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 206 of 329 Confidential & Proprietary
Harrow Branch
Ilford Branch
Hounslow Branch
Harrow (DR)
United
states
Losangels-
Agency_Branch
4
Newyork_Branch
Chicago_Branch
Losangels_Branch
SanJose_Branch
New York BCP
Turkey Istanbul_RO 1
Number of Non-dedicated
Resources 40
Grand Total
Total of Table D
Important points: Requirement of non-dedicated resource at FO
a. Non-dedicated resource shall be L1 engineer.
b. Per day working hours shall be 8 hours and payment will be made pro-rata based
on the certificate from the concerned officials.
c. The above table is only for discovery of resource cost per person per day, but the
cost shall be payable only when services are availed from the resources for a given
location.
d. The resource should be able to speak fluent English and the local language.
e. The rate quoted will remain firm over the period of contract.
f. For TCO, one visit per month has been assumed.
g. The above is only for discovery of resource cost per person per day, however the
cost shall be payable only when services are availed from the resources for a given
location.
Table-E: Rate Contract for incremental Software/ hardware/ Appliances / Systems
S. No. Description Quantity Cost
Payable
1. LMS-additional license cost Per 5 Thousand
EPS
2. LMS-additional online storage cost Per TB
3. NPMD-additional capacity augmentation
cost
Per 5 GB
Throughput
Requirement
4. NPMD-additional online storage cost Per TB
5 Storage for NOC operation data Per 5 TB
Add rows in above table for additional items, if any.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 207 of 329 Confidential & Proprietary
Note:
• Bidder should include rate Contract for each incremental software/ hardware /
system of individual NGNOC technology setup in individual row, required on case
to case basis.
• Table E should include all applicable charges including but not limited to logical
computing, processing, storage, networking Software and hardware units per such
incremental setup, supply, installation, deployment, integration of the incremental
systems procured with NGNOC setup cohesively.
• The rates mentioned in the Table E and all other commercials shall remain static
for the entire contract period
• This will be considered for TCO only, need basis order may be placed during the
Contract period.
• The rate quoted in the rate Contract table must not be more than 5% in variation
to the pro-rata cost mentioned in table A & B.
Table-F: Trainings and Certifications
S.
No.
Description of Training Timelines Cost
Payable
Proportion
to Total
cost of (in
%age)
1 Basic Training to LHOs, and
other administrative offices.
Half-yearly
during entire
contract
period
2 Advanced training and
certification to Bank’s
designated in-house team from
date of issuance of PO/LOI per
batch. (Cost will be paid per
batch-wise).
Within 2.5
years
Total cost of the Table F
Table-G: NOC/Network Certification charges
ISO 27001:2013, ISO9001:2015 within 365 days from date of issuance of PO/LoI.
S. No. Obtention of Certifications Cost Payable
1 ISO 27001:2013
2 ISO9001:2015
Total of Table G
Note: The charges payable for the certification will be on actual basis on production of
invoices from the certifying agencies.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 208 of 329 Confidential & Proprietary
Table-H: Miscellaneous Recurring Charges
Description Per year
per unit
cost
One Year
Cost
Five
Year
Cost
H.1 New Branches and shifting of branches
Establishing new Branches onetime (domestic) NA NA
Establishing new Branches onetime (Foreign) NA NA
Shifting charges onetime domestic NA NA
Shifting charges onetime foreign NA NA
Installation, configuration of per router NA NA
Installation, configuration of per switch NA NA
Installation of Modem NA NA
Installation, configuration of SDWAN NA NA
Total Contract Value for 5 years
H.2 Insurance, warehouse storage, transportation charges
Cost for Storage (per pallet) On actual basis
Cost of Insurance On actual basis
Courier Charges On actual basis
Assumptions:
1. As on date approximate domestic 24000 branches and 91 Foreign Offices
branches
2. Approximate opening of new domestic branches 700 per year and 5 foreign
offices branches per year
3. Approximate shifting of domestic branches 200 per year and 5 in foreign
offices.
4. Total DC and DR are 5 in number as on date
We, M/s ___________________, hereby confirm that all the items including
Hardware, Software and Services as required for complying with the Scope of
Work as also making the systems and services operational for Contract period as
per the requirement of the Bank have been included in the above Commercial Bid.
We undertake that no additional charges shall be levied by us on the Bank.
Breakup of Taxes and Duties
Sr.
No.
Name of activity/Services Tax 1 Tax 2 Tax 3
Mention Name of Tax
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 209 of 329 Confidential & Proprietary
GST%
1.
2.
3.
Grand Total
Name & Signature of authorised signatory
Seal of Company
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 210 of 329 Confidential & Proprietary
Illustration
(Rs. In Lakh excluding all applicable taxes)
Particulars Indicative
Price Bid
Quote
(INR)
Proportion
to Total
Cost ‘G’
(in %age)
of
indicative
price bid
Final
Price
(INR)
in
reverse
auction
Minimum
final price
should
not be
below
(INR)
Maximum
final price
should not
exceed
(INR)
A B
C
D* E
(95% of
D)
F
(95% of
D)
Item 1 25 13.16 9.87 9.38 10.36
Item 2 50 26.32 19.74 18.75 20.72
Item 3 75 39.47 29.60 28.13 31.09
Item 4 40 21.05 15.79 15.00 16.58
Grand Total
(1 + 2 + 3 +
4)= G
190 100 75
* Ideal final price breakup based on final price of Rs. 75 quoted in the reverse auction.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 211 of 329 Confidential & Proprietary
Appendix -G
Certificate of Local Content
<Certificate from the statutory auditor or cost auditor of the company (in case of
companies) or from a practicing cost accountant or practicing chartered accountant (in
respect of suppliers other than companies) giving the percentage of local content, on their
letter head with Registration Number with seal.>
Date:
To
Dear Sir,
Ref.: RFP No. SBI/GITC/NW&C/20-21/706 Dated 18.08.2020
This is to certify that proposed ______________ <product details> is having the local
content of ___________ % as defined in the above mentioned RFP2. This certificate is
submitted in reference to the Public Procurement (Preference to Make in India), Order 2017
including revision thereto.
Signature of Statutory Auditor/Cost Auditor
Registration Number:
Seal
Counter-signed:
Bidder OEM
< Certified copy of board resolution for appointment of statutory/cost auditor should also
be enclosed with the certificate of local content.>
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 212 of 329 Confidential & Proprietary
Appendix -H
BANK GUARANTEE FORMAT
(TO BE STAMPED AS AN AGREEMENT)
THIS Bank GUARANTEE AGREEMENT executed at _________this _________day
of _________201 by _________ (Name of the Bank) _________ having its Registered
Office at _________and its Branch at _________ (hereinafter referred to “s “the
Guaran”or”, which expression shall, unless it be repugnant to the subject, meaning or
context thereof, be deemed to mean and include its successors and permitted assigns) IN
FAVOUR OF State Bank of India, a Statutory Corporation constituted under the State
Bank of India Act, 1955 having its Corporate Centre at State Bank Bhavan, Nariman Point,
Mumbai and one of its offices at____________(procuring office address), hereinafter
referred to “SBI” which expression shall, unless repugnant to the subject, context or
meaning thereof, be deemed to mean and include its successors and assigns).
WHEREAS M/s__________________________________________, incorporated under
__________________________________ Act having its registered office at
__________________________________ and principal place of business at
__________________________________ (hereinafter referred to as “Service Provider/
Vendor” which expression shall unless repugnant to the context or meaning thereof shall
include its successor, executor & assigns) has agreed to develop, implement and support
_________ (name of Solutions and service) (hereinafter referred to as “Services”) to SBI
in accordance with the Request for Proposal (RFP) Ref.: RFP No: SBI/GITC/NW&C/20-
21/706 Dated 18.08.2020 (RFP For Engagement of Network Integrator and setting up
of Next Gen Network Operations Centers (NOCs).
WHEREAS, SBI has agreed to avail the Services from the Service Provider for a period of
______ year(s) subject to the terms and conditions mentioned in the RFP.
WHEREAS, in accordance with terms and conditions of the RFP/Purchase
order/Agreement dated_________, Service Provider is required to furnish a Bank
Guarantee for a sum of Rs.__________/- (Rupees _________ only) for due performance
of the obligations of the Service Provider in providing the Services, in accordance with the
RFP/Purchase order/Agreement guaranteeing payment of the said amount of
Rs.__________/- (Rupees __________ only) to SBI, if Service Provider fails to fulfill its
obligations as agreed in RFP/Agreement.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 213 of 329 Confidential & Proprietary
WHEREAS, the Bank Guarantee is required to be valid for a total period of _____ months
and in the event of failure, on the part of Service Provider, to fulfill any of its commitments
/ obligations under the RFP/Agreement, SBI shall be entitled to invoke the Guarantee.
AND WHEREAS, the Guarantor, at the request of Service Provider, agreed to issue, on
behalf of Service Provider, Guarantee as above, for an amount of Rs.___________/-
(Rupees ___________ only).
NOW THIS GUARANTEE WITNESSETH THAT
1. In consideration of SBI having agreed to entrust the Service Provider for rendering
Services as mentioned in the RFP, we, the Guarantors, hereby unconditionally and
irrevocably guarantee that Service Provider shall fulfil its commitments and obligations
in respect of providing the Services as mentioned in the RFP/Agreement and in the
event of Service Provider failing to perform / fulfil its commitments / obligations in
respect of providing Services as mentioned in the RFP/Agreement, we (the Guarantor)
shall on demand(s), from time to time from SBI, without protest or demur or without
reference to Service Provider and not withstanding any contestation or existence of any
dispute whatsoever between Service Provider and SBI, pay SBI forthwith the sums so
demanded by SBI not exceeding Rs.__________/- (Rupees ____________only).
Any notice / communication / demand from SBI to the effect that Service Provider
has failed to fulfil its commitments / obligations in respect of rendering the
Services as mentioned in the Agreement, shall be conclusive, final & binding on
the Guarantor and shall not be questioned by the Guarantor in or outside the court,
tribunal, authority or arbitration as the case may be and all such demands shall be
honoured by the Guarantor without any delay.
2. We (the Guarantor) confirm that our obligation to the SBI, under this guarantee shall
be independent of the agreement or other understandings, whatsoever, between the SBI
and the Service Provider.
3. This Guarantee shall not be revoked by us (the Guarantor) without prior consent in
writing of the SBI
WE (THE GUARANTOR) HEREBY FURTHER AGREE & DECLARE THAT-
i. Any neglect or forbearance on the part of SBI to Service Provider or any indulgence
of any kind shown by SBI to Service Provider or any change in the terms and
conditions of the Agreement or the Services shall not, in any way, release or discharge
the Bank from its liabilities under this Guarantee.
ii. This Guarantee herein contained shall be distinct and independent and shall be
enforceable against the Guarantor, notwithstanding any Guarantee or Security now or
hereinafter held by SBI at its discretion.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 214 of 329 Confidential & Proprietary
iii. This Guarantee shall not be affected by any infirmity or absence or irregularity in the
execution of this Guarantee by and / or on behalf of the Guarantor or by merger or
amalgamation or any change in the Constitution or name of the Guarantor.
iv. This Guarantee shall not be affected by any change in the constitution of SBI or
Service Provider or winding up / liquidation of Service Provider, whether voluntary
or otherwise
v. This Guarantee shall be a continuing guarantee during its validity period.
vi. This Guarantee shall remain in full force and effect for a period of __ year(s)
____month(s) from the date of the issuance i.e. up to _________. Unless a claim
under this Guarantee is made against us on or before ____, all your rights under this
Guarantee shall be forfeited and we shall be relieved and discharged from all
liabilities there under.
vii. This Guarantee shall be governed by Indian Laws and the Courts in Mumbai, India
alone shall have the jurisdiction to try & entertain any dispute arising out of this
Guarantee.
Notwithstanding anything contained herein above:
i. Our liability under this Bank Guarantee shall not exceed Rs__________________/-
(Rs. ________________only)
ii. This Bank Guarantee shall be valid up to________________
iii. We are liable to pay the guaranteed amount or any part thereof under this Bank
Guarantee only and only if SBI serve upon us a written claim or demand on or before
________________
Yours faithfully,
For and on behalf of bank.
__________________________
Authorised official
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 215 of 329 Confidential & Proprietary
Appendix -I
PROFORMA OF CERTIFICATE TO BE ISSUED BY THE BANK
AFTER SUCCESSFUL COMMISSIONING AND ACCEPTANCE
OF THE SERVICES AND SOLUTIONS (HARDWARE & SOFTWARE)
Date:
M/s.______________
d) Sub: Certificate of delivery, installation and commissioning
This is to certify that the Solutions as detailed below has/have been successfully installed
and commissioned (subject to remarks in Para No. 2) in accordance with the
Contract/specifications.
a) PO No._________________ dated _________________________
b) Description of the Solution _______________________________
c) Quantity ____________________________________________ _
d) Date of installation______________________________________
e) Date of acceptance test __________________________________
f) Date of commissioning ___________________________________
e) Details of specifications of Solutions not yet commissioned and recoveries to be
made on that account:
f) S. No. Description Amount to be recovere3. The
installation and commissioning have been done to our entire satisfaction and staff
have been trained to operate the Solutions4. Service Provider has
fulfilled his contractual obligations satisfactorily
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 216 of 329 Confidential & Proprietary
or
Service Provider has failed to fulfil his contractual obligations with regard to the
following:
(a)
(b)
g) (c5. The amount of recovery on account of non-supply of
Solutions/Services is given under Para No. 2 above.
Signature _______________________
Name _______________________
Designation with stamp __________________
______________________________________
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 217 of 329 Confidential & Proprietary
Appendix-J
Liquidated Damages and Penalties
Table of Liquidated Damages (LD):
S.
No. Description
Timelines
(from the
date of
issuance
of
PO/LoI)
LD penalties (in %)
1
Provisioning of (a) onsite Program
Manager, (b) onsite team of
technical resources from the
selected NI (10) and the OEM, (c)
Escalation Matrix
7 days
0.5% of the total Quarterly
Operating Cost for delay of
each day or part thereof
maximum up to 5% of total
Quarterly Operating Cost.
2
Submission of complete Solution
design and implementation
approach document.
30 days
0.5% of the total Quarterly
Operating Cost for delay of
each day or part thereof
maximum up to 5% of total
Quarterly Operating Cost.
3
Hardware Delivery (including all
the components NOC-1, NOC-2,
NPMD and LMS) at the site of
installation.
60 days
0.5% of the total Hardware
Cost (including warranty cost)
for delay of each week or part
thereof maximum up to 5% of
total Hardware Cost
(including warranty cost).
4
Stages:
➢ Stage 1: 25 % of proposed team
strength (excluding NOC-2
strength) within 45 days from
the date of issuance of LoI/PO
➢ Stage 2: 50 % of proposed team
strength (excluding NOC-2
strength) within 60 days from
the date of issuance of LoI/PO
➢ Stage 3: 75% of proposed team
strength (excluding NOC-2
strength) within 75 days from
the date of issuance of LoI/PO
➢ Stage 4: 100% of proposed
team strength (excluding NOC-
2 strength) within 90 days from
the date of issuance of LoI/PO
➢ Stage 5: 100% of proposed
team strength for NOC-2 after
0.5% of the total Quarterly
Operating Cost for delay of
each day or part thereof
maximum up to 5% of total
Quarterly Operating Cost.
The penalty will be applicable
for each stage separately.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 218 of 329 Confidential & Proprietary
150 days to 180 days from the
date of issuance of LoI/PO
5
Installation, Configuration,
Commissioning &
Operationalization of the NOC-1
and its UAT.
150 days
0.5% of the total Hardware
(including warranty cost) of
NOC-1 and its UAT. Cost for
delay of each week or part
thereof maximum up to 5% of
total Hardware (including
warranty cost) and NOC-1
and its UAT cost.
6
Installation, Configuration,
Commissioning &
Operationalization of the NOC-2.
180 days
0.5% of the total Hardware
(including warranty cost) of
NOC-2. Cost for delay of each
week or part thereof
maximum up to 5% of total
Hardware (including warranty
cost) and NOC-2 cost.
7
Installation, Configuration,
Commissioning &
Operationalization of the NPMD
including customization and
integration.
150 days
0.5% of the total Hardware
(including warranty cost) of
NPMD solution. Cost for
delay of each week or part
thereof maximum up to 5% of
total Hardware (including
warranty cost) and NPMD
Solution cost.
8
Installation, Configuration,
Commissioning &
Operationalization of LMS
including customization and
integration.
150 days
0.5% of the total Hardware
(including warranty cost) of
LMS solution. Cost for delay
of each week or part thereof
maximum up to 5% of total
Hardware (including warranty
cost) and LMS Solution cost.
(All these LDs will run concurrently)
Operating Cost will include the following charges:
• LAN Management Cost
• Personnel Resources charges
Note: At any stage of the contract period, if it is observed that one or more solution(s) have
not been implemented as per the functional and technical specifications (defined in
Appendix-C, Appendix-E or elsewhere in this document), the selected NI shall have to
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 219 of 329 Confidential & Proprietary
rectify the deficiencies at no additional cost to the Bank. However, the Bank reserves right
to return the entire Solution after recovering the cost of devices / equipment out of the
future payable amount.
Table A – Transition (Takeover):
S.
No.
Milestone SLA Terms Penalty for delay (in
INR)
1 Submission of weekly
progress report till
completion of
handover
To be submitted on the
first working day of every
week
Rs.2,00,000 per day for
delay
2 Transition completion
and complete takeover
Within 180 days from
the date of issuance
of Letter of
Intent (LoI)/Purchase
Order (PO).
Rs.5,00,000 per day for
delay
3 a) A toll-free number
and email IDs for
attending to
issues/escalations
raised by the domestic
Branches
b) A toll-free number
and email IDs for
attending to
issues/escalations
raised by
the foreign offices
c) TRAI approval
a) 3 months from date of
issuance of PO/LoI
v. 3 months
from date
of issuance
of PO/LoI
c) Within 150 days from
date of issuance of
PO/LoI
a) Rs. 2,00,000/-
per week of delay
w. Rs.
2,00,000/-
per week of delay) Rs.
2,00,000/-
per week of delay
4 Survey of existing
branches/offices/Data
Centers
Within 6 months from the
date of sharing the list
➢ Rs.10,000 per
branch/office for
delay for each week
➢ Rs 50,000 per Data
Center for delay for
each week
5 Submission of all
Standard Operating
Procedures (SOPs)
related to all
services/operations.
Within 150 days from
date of issuance of
PO/LoI
Rs. 5000/- per SOP per
week of delay or part
thereof
Table B – Network Operations Center (NOC)
S.
No.
Milestone SLA Terms Penalty for delay (in
INR)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 220 of 329 Confidential & Proprietary
1 Helpdesk response
time (monthly basis):
x. Average
call not
responded/
technically
dropped
rate should
be < 3%
y. Average
call
waiting
time
should be
<15
seconds
c. Average speed of
answer the call <8
seconds.
For the corresponding
month of breach:
z. Rs. 10,000
per
percentage
or part
thereof.
aa. Rs. 10,000
for each
additional
5 seconds
slot or part
thereof.
c. Rs. 10,000 for each
additional 5 seconds slot
or part thereof.
2 Ticket Handling Creation and Assignment
of the ticket/incident,
including engineer
assignment
➢ Issue reported over
SMS/Mail/App/Web:
automatic ticket and /
or;
➢ Issue reported over
call: 5 minutes after
end of the call
Rs.1,000 per instance for
delay of each 5 minutes or
part thereof.
3 NOC premises and
processes
Certifications
ISO 27001:2013,
ISO9001:2015 & within
365 days from date of
issuance of PO/LoI.
Rs.10,000/- per week or
part thereof per certificate
4 Automation of NOC ➢ 10% of the services to
be automated by end
of first year
➢ 30% of the services to
be automated by end
of second year
➢ 50% of the services to
be automated by end
of third year
10% of the quarterly
payment
Table C – Resource Availability (Leave/Replacement management)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 221 of 329 Confidential & Proprietary
S.
No.
Expected output SLA Terms Penalty in Rs.
1 Shortage of resources on a daily
basis
As per requirement
specified in Appendix-
Q
One and a half times
per day discovered
rate of respective
category per
resource.
Table D - Site Survey, LAN Implementation & Its Management
Category Frequency Activities involved SLA Terms Penalty
Data
Centers
Monthly Health check-up &
cleaning of all
devices,
repair/replacement
of faulty devices,
verification of
adherence to best
practices
Report to be
submitted in the
first week of the
following month.
Rs.1,00,000 per
month per
defaulting Data
Center
Branches/
offices in
India
Quarterly Preventive
Maintenance
Report to be
submitted in the
first week of the
following quarter.
Rs.10,000 per
month per branch
/ office for delay
Foreign
Offices
On need
basis
As advised by the
Bank.
Within a week of
the visit.
Rs.10,000 per
month per branch
for delay
Branches/
offices
- Completion of site
survey for 5000
critical branches
Six-months Rs.10,000 per day
for delay
Table E - Communication Link Management
E.1. Link failure leading to isolation of locations:
Location Quarterly
Uptime
Requirement
(%)
SLA Terms Penalty (in INR) per
incident
Data Center 99.999 Response time
= 1 minute
Downtime from 1 to 5
min - Rs.5000/-.
Downtime beyond 5 min -
Rs. 5000/- for every 1
minutes or part thereof.
GITC and its annex
buildings, State Bank
Bhavan and annex
building, LHOs and
99.995 Response time
= 2 minutes
Downtime from 2 to 10
min - Rs.5000/-.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 222 of 329 Confidential & Proprietary
Foreign
Offices/branches
Downtime beyond 10 min
- Rs. 5000/- for every 1
minutes or part thereof.
Critical
Branches/offices
99.99 (during
7 am to 9 pm)
Response time
= 5 minutes
Downtime from 5 to 15
min - Rs.2000/-
Downtime beyond 15 min
- Rs. 2000/- for every 1
minutes or part thereof.
Other than Rural
branches/offices
99.9 (during 7
am to 9 pm)
Response time
= 10 minutes
Downtime from 10 to 15
min - Rs.1000/-
Downtime beyond 15 min
- Rs. 1000/- for every 1
minutes or part thereof.
Rural
Branches/Offices
99.9 (during 7
am to 9 pm)
Response time
= 10 minutes
Downtime from 10 to 15
min - Rs.1000/-
Downtime beyond 15 min
- Rs. 1000/- for every 1
minutes or part thereof.
Note: For the branches/offices categorized under Critical, Other than Rural and
Rural, the penalty calculation will be based on working days.
E.2. Link Failure not leading to isolation:
Location Quarterly
Uptime
Requirement
(%)
SLA Terms Penalty (in INR) per
incident
Data Center 99.999 Response time
= 1 minute
Downtime from 1 to 5
min - Rs.2500/-.
Downtime beyond 5 min -
Rs. 2500/- for every 1
minutes or part thereof.
GITC and its annex
buildings, State Bank
Bhavan and annex
building, LHOs and
Foreign
Offices/branches
99.995 Response time
= 2 minutes,
Cumulative
Resolution time
= 6 mins 30
seconds
Downtime from 2 to 10
min - Rs.2500/-.
Downtime beyond 10 min
- Rs. 2500/- for every 1
minutes or part thereof.
Critical Branches 99.99 (during
7 am to 9 pm)
Response time
= 5 minutes,
Cumulative
Resolution time
= 13 minutes 6
seconds
Downtime from 5 to 15
min - Rs.1000/-
Downtime beyond 15 min
- Rs. 1000/- for every 1
minutes or part thereof.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 223 of 329 Confidential & Proprietary
Other than Rural
branches/offices
99.9 (7 am to
9 pm)
Response time
= 5 minutes,
Cumulative
Resolution time
= 120 minutes
Downtime from 10 to 15
min - Rs.500/-
Downtime beyond 15 min
- Rs. 500/- for every 1
minutes or part thereof.
Rural
Branches/Offices
99.86 (7 am to
9 pm)
Response time
= 5 minutes,
Cumulative
Resolution time
= 180 minutes
Downtime from 10 to 15
min - Rs.500/-
Downtime beyond 15 min
- Rs. 500/- for every 1
minutes or part thereof.
Note: The NI to ensure seamless 24*7 connectivity. However, the business hours for the
purpose of SLA every day on all working days:
• All domestic branches/ offices: 7 AM to 9 PM.
• Foreign Offices it will be 24x7.
E.3. Commissioning, Shifting and Deployment of Links for new / Existing Branches
S. No. Milestone SLA Terms Penalty for delay
(in INR)
1 Commissioning of new
Link / Shifting of
existing links for
branches
2 weeks for BSNL / MTNL
links
6 weeks for ASP links
Rs.10,000 for each
week and part
thereof per link
2 Commissioning of new
Link / Shifting of
existing links for
administrative offices
and other location
2 weeks for BSNL / MTNL
links
6 weeks for ASP links
Rs.20,000 for each
week and part
thereof per link
3 Deployment of new
Link / Shifting of
existing links in
database
2 weeks for BSNL / MTNL
links
6 weeks for ASP links
Rs.20,000 for each
week and part
thereof per link
4 Deployment of new
Link / Shifting of
existing links for
monitoring
3 days for all links Rs.20,000 for each
week and part
thereof per link
5 Delay in the
surrendering of the links
4 weeks Rs.10,000 for each
week and part
thereof per link
6 Delay in upgradation of
links
2 weeks Rs.10,000 for each
week and part
thereof per link
Table F: Network Performance Parameters:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 224 of 329 Confidential & Proprietary
Failure to implement and annual review QOS within 2
weeks after Bank’s communication
Rs.10,00,000 per instance
Failure to provide a Performance Optimization Assessment
Report and its implementation in June and December each
year.
Rs.25,000/- per breach
Table G - Device Management
S.
No.
SLA Terms Penalty per incident (in INR)
1
Data Center
Failure of set of Devices
(Hardware/Software component)
within a given Data Center leading
to the disruption of any services
performed by the said devices.
➢ Restored within 10 minutes from the
incident: Rs.1,00,000
➢ Restored within 30 minutes from the
incident: Rs.5,00,000
➢ Restored within 60 minutes from the
incident: Rs.10,00,000
➢ Restored beyond 60 minutes from the
incident Rs.10,00,000 per hour or part
thereof
2 GITC and its annex buildings,
State Bank Bhavan and annex
building, LHOs and Foreign
Offices/branches
Failure of Devices
(Hardware/Software component)
within a given location leading to
the disruption of any services
performed by the said devices.
➢ Restored within 20 minutes from the
incident: Rs.50,000
➢ Restored within 60 minutes from the
incident: Rs.2,00,000
➢ Restored beyond 60 minutes from the
incident Rs.2,00,000 per hour or part
thereof
3 Critical Branches
Failure of Devices
(Hardware/Software component)
within a given location leading to
the disruption of any services
performed by the said devices.
➢ Restored within 30 minutes from the
incident: Rs.20,000
➢ Restored within 60 minutes from the
incident: Rs.50,000
➢ Restored beyond 60 minutes from the
incident Rs.50,000 per hour or part
thereof
4 Other than Rural
branches/offices
➢ Restored within 30 minutes from the
incident: Rs.10,000
➢ Restored within 60 minutes from the
incident: Rs.25,000
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 225 of 329 Confidential & Proprietary
Failure of Devices
(Hardware/Software component)
within a given location leading to
the disruption of any services
performed by the said devices.
➢ Restored beyond 60 minutes from the
incident Rs.25,000 per hour or part
thereof
5 Rural Branches/Offices
Failure of Devices
(Hardware/Software component)
within a given location leading to
the disruption of any services
performed by the said devices.
➢ Restored within 30 minutes from the
incident: Rs.5,000
➢ Restored within 60 minutes from the
incident: Rs.15,000
➢ Restored beyond 60 minutes from the
incident Rs.15,000 per hour or part
thereof
Note: SLA requirement for devices deployed in HA shall be 100% uptime.
Table H - Configuration Management (including device shifting wherever applicable)
Table H.1
Parameter Timelines
Penalty in INR
Configuration backup of all
devices at both NOC-1 and
NOC-2
As and when there is a
change in configuration
and additionally complete
backup for all devices on a
monthly basis
(configuration backup for
at least last 3 months to be
retained)
➢ Rs.10,000 for Data
Centre devices for each
day for the delay
➢ Rs.1,000 for branches
and other offices for
each day for the delay.
Delay in allocation of IP
address
T+1 Rs.10,000 for each instance
IP Address Management Any IP conflict situation
reported due to wrong IP
allocated by selected NI
Rs.10,000 for each instance
Delay in Firewall Rule
Implementation.
T+2 Rs.10,000 per firewall rule
implementation request.
Misconfiguration of
network devices affecting
the availability of services
Rs.10,000 for each instance
Table H.2: Patch management, Hardening of Devices as per SCDs
S.
No.
Parameter SLA Terms Penalty in
INR
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 226 of 329 Confidential & Proprietary
1 The security features like
firmware upgradation and
hardening of devices
related to all devices must
be done.
a) Within One week from release
date for noncritical
b) Within 24 hours from release date
for critical
c) For SCDs, TAT will be T+2 days
from the approved date
INR 10,000
per day
beyond TAT
2 Implementation of
Patches from its release
Critical: beyond 48 hours 10,000 per
hour
High: beyond 72 hours 5,000 per
hour
Medium: beyond 7 days 5,000 per
day
Low: beyond 30 days 5,000 per
day
Table I - Fault Management
Milestone SLA Terms Penalty for delay
(in INR)
Creation of
Knowledgebase
Knowledgebase should be created for each
incident, along with RCA. The knowledgebase
shall be updated with the details of the incident
within a week of final RCA submission.
Rs.10,000 per week
for the delay or part
thereof from the
date of incident
Table J – Performance Management
Milestone SLA Target Penalties
Performance
and capacity
Any degradation in performance of any
application on account of issue related to
performance or capacity of network up to 5
minutes.
Rs.10,000 for every 5
minutes per instance or part
thereof beyond initial 5
minutes.
Performance
optimization
Identification, documentation and
optimization in the area of day to day
network operation at every 6 months
interval.
Rs.1,00,000 per month for
the delay or part thereof.
Table K – Training:
S.
No.
Milestone SLA
Terms
Penalty for delay (in INR)
1 Basic Training to LHOs, and other
administrative offices.
Half-
yearly
Rs.10,000 per month for the
delay as per calendar year.
2 Advanced training and certification
to Bank’s designated in-house team
from date of issuance of PO/LOI
Within
2.5 years
Rs.10,00,000 per month for
the delay.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 227 of 329 Confidential & Proprietary
Table L – Submission of incidents and RCA:
SLA Terms Penalty
Delay in submission in incident report
beyond one hour of closure of the incident
Rs. 5000 per hour
Delay in submission of RCA beyond three
days of the incident
Rs. 5000 per day
Submission of report which include steps
taken to resolve issues during the IBCE and
its preventive actions in future IBCEs.
Beyond one week of completion of IBCE
Rs. 5000 per week or part thereof.
Table M – Audit/VAPT observation:
S.
No.
Milestone SLA Terms Penalty
1 NI shall provide information / documents
desired by branches / offices / Foreign Offices /
Auditors / Regulators etc.
Within 2
working days
Rs. 10,000 per
day
2 NI shall provide inputs on the audit report
recommendations
a) IS Audit
b) SSAE16
c) Management Audit
d) The Monetary Authority of Singapore
(MAS) Audit
e) RBI
f) Overseas Regulators
g) For any other audit
1 week Rs. 10,000 per
day
3 NI shall provide inputs on the audit report
recommendations for Network Security Review
Audit
30 days Rs. 10,000 per
day
4 Delay in closure of Audit observations:
Critical:
High:
Medium:
Low:
Penalty (per unique observation) for low has
been mentioned in column 4. Medium will be
twice the penalty mentioned for low, medium
will be 3 times and critical will be 4 times.
Up to 2 day 2,000 per day
2 to 5 days 5,000 per day
6 days to 10
days
10,000/- per
day
after 10 days 20,000 for each
week or part
thereof
Table N – Dashboard and Reporting:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 228 of 329 Confidential & Proprietary
Delay in providing the dashboard (“desktop” and “mobile”) as per the features specified
in this RFP, shall attract penalty as described below:
SLA Penalty
150 days from the date of LOI/PO Nil/-
Beyond 90 days from the date of LOI/PO Rs.5,00,000/- per week or part
thereof
Table O: Non-submission of reports at different levels:
S.
No.
Milestone SLA Target Penalty
1 Daily Report By 12:00 noon next
day
Rs.10,000 per hour or part thereof
2 Weekly
Report
By next working day Rs.10,000 per day
3 Monthly
Report
By 5th of following
month
Rs.50,000 per day
4 Quarterly
Report
By 5th of following
month
Rs.50,000 per day
5 Half-yearly
Report
By 5th of following
month
Rs.50,000 per day
6 Yearly Report By 5th of following
month
Rs.50,000 per day
Table P: SLA for Category-1 solutions:
P.1 Uptime requirement
Sr. No. Description Penalty for the breach
1 Uptime of the solution is 100% and for
each instance is 99.9% on a monthly
basis. Scheduled downtime (Only, If
approved by bank) will not be reckoned
for downtime calculation. Uptime of the
solution means no disruption or
degradation in service even if some
instance/site is down/not working.
As per the table titled
“UPTIME PENALTY” for the
incidents as given below.
2 Fixing the security vulnerabilities, taking
prompt action on the advisories sent by
the Bank's Security Consultant or by the
Bank officials within three working days.
Rs.5, 000/- per day after due
date.
P.2 Uptime penalty
Sr. No. Uptime
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 229 of 329 Confidential & Proprietary
(Solution-combined for both
sites i.e. DC DR)
Penalty
1 100% or If uptime is <100% and
up to 99.99%
Nil
2 If uptime is <99.99% and up to
99.5%
Rs. 1,00,000/-
3 If uptime is <99.5% and up to
99.0%
Rs. 2,00,000/-
4 If uptime is <99.00% and up to
98.00%
Rs. 5, 00,000/- + Rs. 50,000/- for
every additional downtime of 0.5%.
Bank may also forfeit the PBG and/or
terminate the contract and/or take any
other suitable action.
5. Disruption on any application
service due to DNS/NTP Issue.
Rs. 20,000 per application for every
30 minutes of downtime
P.3 Service SLA (other than above components) for Proxy Solution
Severity Level-1
Respon
se
Level-2
Respons
e
Level-3
Response
Status
Update Severity
Level
Description Max
Resolution
Time
S-1:
Critical
At central or
any given FO
location:
Business has
stopped-i.e.
Internet is
inaccessible
by the users.
However,
ISPlinks are
up &
functional.
30 Min Immedi
ate
Immedia
te
15 min Continuou
s
Phone
Bridge
S-1:
Critical
Production
impact for an
application
due to internet
access issue
using proxy
caused due to
human or
technical
mistakes.
However, the
other
30 Min Immedi
ate
Immedia
te
15 min Continuou
s
Phone
Bridge
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 230 of 329 Confidential & Proprietary
applications
are working
as expected
with no
impact or
issues.
S-2:
Serious
Any fault in
the solution
resulting in
the
degradation or
unavailability
of services
(such as slow
Internet
access,
disabling of
one or more
services
temporarily
etc.).
1 Hour Immedi
ate
Immedia
te
30 min 30 Min
updates
over
phone &
S-3:
Import
ant
User account
creation/deleti
on
/modification
and other
product
features such
as reporting,
real time
monitoring,
policy
management
etc. are not
functioning.
4 Hours Immedi
ate
Immedia
te
2 Hours Hourly
updates
over
phone &
emails
S-4:
Non-
critical
This shall
include any
other fault not
covered by
S1, S2 and S3
and shall be
informed by
the Bank to
the Bidder.
24 Hours Immedi
ate
Immedia
te
12 Hours Emails
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 231 of 329 Confidential & Proprietary
Severity Level Time Ranges for restoration of
service/ resolution of problem
Per incident penalties
S-1: Critical
<=30 min NIL
>30 Min-1 hr Rs.50,000/-
>1 hr-6 hrs Rs.1,00,000/-
After 6 hrs, every delay of 1 hrs Rs. 2,00,000/-
S-2: Serious
<=1 Hr NIL
>1 Hr-4Hrs Rs. 50,000/-
>4 Hrs-12 Hrs Rs. 75,000/-
After 12 hrs, every delay of 1 hr Rs. 1,00,000/-
S-3: Important
<= 4 hrs NIL
>4 Hrs to 12 Hrs RS. 25,000/-
>12 Hrs-24 Hrs Rs.50,000/-
After 24 Hrs, Every delay of 1 Hr Rs. 75,000/-
S-4: Non-critical
<=24 hrs NIL
>24 hrs to 48 hrs Rs. 10,000/-
>48 hrs to 72 hrs Rs. 20,000/-
After 72 hrs, every delay of 2hrs Rs. 30,000/-
Note:
Bank will impose a maximum penalty of 20% of the overall quarterly charges
payable to the selected NI.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 232 of 329 Confidential & Proprietary
Appendix-K
Service Level Agreement
BETWEEN
STATE BANK OF INDIA
AND
___________________
Commencement Date:
Date of Expiry:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 233 of 329 Confidential & Proprietary
Table of Contents
1. DEFINITIONS & INTERPRETATION ........................................................ 235
2. SCOPE OF WORK .......................................................................................... 239
3. FEES /COMPENSATION ............................................................................... 239
4. LIABILITIES/OBLIGATION ........................................................................ 243
5. REPRESENTATIONS &WARRANTIES ..................................................... 244
6. GENERAL INDEMNITY ................................................................................ 246
7. CONTINGENCY PLANS ................................................................................ 247
8. TRANSITION REQUIREMENT .................................................................. 247
9. LIQUIDATED DAMAGES ............................................................................. 248
10. RELATIONSHIP BETWEEN THE PARTIES ......................................... 248
11. SUB CONTRACTING ................................................................................. 249
12. INTELLECTUAL PROPERTY RIGHTS ................................................. 249
13. INSTALLATION .......................................................................................... 251
14. INSPECTION AND AUDIT ........................................................................ 251
15. CONFIDENTIALITY .................................................................................. 252
16. OWNERSHIP ................................................................................................ 255
16---- SOURCE CODE ESCROW AGREEMENT .............................................. 257
17. TERMINATION ........................................................................................... 258
18. DISPUTE REDRESSAL MACHANISM & GOVERNING LAW .......... 260
19. POWERS TO VARY OR OMIT WORK................................................... 261
20. WAIVER OF RIGHTS ............................................................................... 262
21. LIMITATION OF LIABILITY .................................................................. 262
22. FORCE MAJEURE ...................................................................................... 263
23. NOTICES ...................................................................................................... 264
24. GENERAL TERMS & CONDITIONS ...................................................... 265
ANNEXURE-A ......................................................................................................... 268
ANNEXURE-B ......................................................................................................... 272
ANNEXURE-C ......................................................................................................... 274
ANNEXURE-D ......................................................................................................... 276
ANNEXURE-E ......................................................................................................... 278
ANNEXURE-F ......................................................................................................... 279
ANNEXURE G ......................................................................................................... 281
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 234 of 329 Confidential & Proprietary
This agreement (“Agreement”) is made at_________ (Place) on this __________day of
_______ 201_.
BETWEEN
State Bank of India, constituted under the State Bank of India Act, 1955 having its
Corporate Centre and Central Office at State Bank Bhavan, Madame Cama Road, Nariman
Point, Mumbai-21 and its Global IT Centre at Sector-11, CBD Belapur, Navi Mumbai-
400614 through its ______________Department,1 hereinafter referred to as “the Bank”
which expression shall, unless it be repugnant to the context or meaning thereof, be deemed
to mean and include its successors in title and assigns of the First Part:
AND
________________________2 a private/public limited company/LLP/Firm <strike off
whichever is not applicable> incorporated under the provisions of the Companies Act,
1956/ Limited Liability Partnership Act 2008/ Indian Partnership Act 1932 <strike off
whichever is not applicable>, having its registered office at ……………………………..
hereinafter referred to as “Service Provider/ Vendor”, which expression shall mean to
include its successors in title and permitted assigns of the Second Part:
WHEREAS
A. “The Bank” is carrying on business in banking in India and overseas and desirous to
avail services for ____________3, and
____________4, and
B. Service Provider in the business of providing ____________5, and has agreed to
supply __________ (Software) and/or providing the Services as mentioned in
Request for Proposal (RFP) No. ____________ dated ____________issued by the
Bank along with its clarifications/ corrigenda, referred hereinafter as a “RFP” and
same shall be part of this Agreement.
1Name & Complete Address of the Dept. 2Name & Complete Address ( REGISTERED OFFICE) of Service Provider, 3Purpose of the Agreement 4Any other connected purpose or details of RFP floated by the Bank 5Brief mentioning of service providers experience in providing the services required by the Bank.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 235 of 329 Confidential & Proprietary
NOW THEREFORE, in consideration of the mutual covenants, undertakings and
conditions set forth below, and for other valid consideration the acceptability and
sufficiency of which are hereby acknowledged, the Parties hereby agree to the following
terms and conditions hereinafter contained:-
1. DEFINITIONS & INTERPRETATION
1.1 Definition
Certain terms used in this Agreement are defined hereunder. Other terms used in this
Agreement are defined where they are used and have the meanings there indicated. Unless
otherwise specifically defined, those terms, acronyms and phrases in this Agreement that
are utilized in the information technology services industry or other pertinent business
context shall be interpreted in accordance with their generally understood meaning in such
industry or business context, unless the context otherwise requires/mentions, the following
definitions shall apply:
1.1.1 ‘The Bank’ shall mean the State Bank of India (including domestic branches
and foreign offices) Subsidiaries and Joint Ventures, where the Bank has
ownership of more than 50% of voting securities or the power to direct the
management and policies of such Subsidiaries and Joint Ventures. < Strike of
whichever is inapplicable>
1.1.2 “Code” shall mean computer programming code contained in the Software. If
not otherwise specified, Code shall include both Object Code and Source
Code which means programming languages, including all comments and
procedural code, and all related development documents (e.g., flow charts,
schematics, statements of principles of operations, end-user manuals,
architecture standards, and any other specifications that are used to create or
that comprise the Code). Code shall include Maintenance Modifications and
Enhancements in the Software.
1.1.3 “Confidential Information” shall have the meaning set forth in Clause 15.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 236 of 329 Confidential & Proprietary
1.1.4 “Deficiencies” shall mean defects arising from non-conformity with the
mutually agreed specifications and/or failure or non-conformity in the Scope
of Services.
1.1.5 “Documentation” will describe in detail and in a completely self-contained
manner how the user may access and use the ……………. (name of the
Software/ maintenance services) <Strike off whichever is Inapplicable>,6 such
that any reader of the Documentation can access, use and maintain all of the
functionalities of the Software, without the need for any further instructions.
‘Documentation’ includes, user manuals, installation manuals, operation
manuals, design documents, process documents, technical manuals,
functional specification, Software requirement specification, on-line
tutorials/CBTs, system configuration documents, system/database
administrative documents, debugging/diagnostics documents, test procedures,
Review Records/ Test Bug Reports/ Root Cause Analysis Report, list of all
Product components, list of all dependent/external modules and list of all
documents relating to traceability of the Product as and when applicable etc.
1.1.6 “Intellectual Property Rights” shall mean, on a worldwide basis, any and all:
(a) rights associated with works of authorship, including copyrights &moral
rights; (b) Trade Marks; (c) trade secret rights; (d) patents, designs, algorithms
and other industrial property rights; (e) other intellectual and industrial
property rights of every kind and nature, however designated, whether arising
by operation of law, contract, license or otherwise; and (f) registrations, initial
applications, renewals, extensions, continuations, divisions or reissues thereof
now or hereafter in force (including any rights in any of the foregoing).
1.1.7 “Open Source or Copyleft license” shall mean a license of a computer
program in which the source code is available to the general public for use
and/or modification from its original design.
6 Name of Software
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 237 of 329 Confidential & Proprietary
1.1.8 “Project Cost” means the price payable to Service Provider over the entire
period of Agreement (i.e. Rs.___________<in words>) for the full and proper
performance of its contractual obligations.
1.1.9 “Project Documents” shall mean all the plans, drawings and specifications
used while bidding and all other documents necessary to complete all work.
1.1.10 “Request for Proposal (RFP)” shall mean RFP NO. _____________ dated
_____________ along with its clarifications/ corrigenda issued by the Bank
time to time.
1.1.11 “Revision control procedure”shall mean the procedure for management of
changes to documents, Software programs, and other collections of
information made during this engagement.
1.1.12 “Root Cause Analysis Report” shall mean a report addressing a problem or
non-conformance, in order to get to the ‘root cause’ of the problem, which
thereby assists in correcting or eliminating the cause, and prevent the problem
from recurring.
1.1.13 ‘Services’ shall mean and include the Services offered by Service Provider
more particularly described in Clause 2 of this Agreement. ‘Services’ shall
also include the implementation services, training services and maintenance
Services <Strike off whichever is Inapplicable> and other obligation of
Service Provider to be provided under this Agreement.
1.1.14 “Software” shall mean (a) the Software product(s) described in this
Agreement; (b) all maintenance, modifications and enhancements that are
provided to the Bank; (c) the Code contained in or otherwise related to each
of the foregoing; and (d) the Documentation.
1.1.15 “Test Bug Reports” shall mean a report providing the details as to the
efficiency of Software in relation with reporting and resolution of any bug.
1.2 Interpretations:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 238 of 329 Confidential & Proprietary
1.2.1 Reference to a person includes any individual, firm, body corporate,
association (whether incorporated or not) and authority or agency (whether
government, semi government or local).
1.2.2 The singular includes the plural and vice versa.
1.2.3 Reference to any gender includes each other gender.
1.2.4 The provisions of the contents table, headings, clause numbers, italics, bold
print and underlining is for ease of reference only and shall not affect the
interpretation of this Agreement.
1.2.5 The Schedules, Annexures and Appendices to this Agreement shall form part
of this Agreement.
1.2.6 A reference to any documents or agreements (and, where applicable, any of
their respective provisions) means those documents or agreements as
amended, supplemented or replaced from time to time provided they are
amended, supplemented or replaced in the manner envisaged in the relevant
documents or agreements.
1.2.7 A reference to any statute, regulation, rule or other legislative provision
includes any amendment to the statutory modification or re-enactment or,
legislative provisions substituted for, and any statutory instrument issued
under that statute, regulation, rule or other legislative provision.
1.2.8 Any agreement, notice, consent, approval, disclosure or communication under
or pursuant to this Agreement is to be in writing.
1.2.9 The terms not defined in this agreement shall be given the same meaning as
given to them in the RFP. If no such meaning is given technical words shall
be understood in technical sense in accordance with the industrial practices.
1.3 Commencement, Term & Change in Terms
1.3.1 This Agreement shall commence from its date of execution mentioned above/
be deemed to have commenced from _______ (Effective Date).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 239 of 329 Confidential & Proprietary
1.3.2 This Agreement shall be in force for a period of ______ year(s) from Effective
Date, unless terminated by the Bank by notice in writing in accordance with
the termination clauses of this Agreement.
1.3.3 The Bank shall have the right at its discretion to renew this Agreement in
writing, for a further term of _____ years on the mutually agreed terms &
conditions.
1.3.4 Either Party can propose changes to the scope, nature or time schedule of
services being performed under this Service Level Agreement. Such changes
can be made upon mutually accepted terms & conditions maintaining the spirit
(Purpose) of this Service Level Agreement.
2. SCOPE OF WORK
The scope and nature of the work which Service Provider has to provide to the
Bank (Services) is described in Annexure-A.
3. FEES /COMPENSATION
3.1 Professional fees
3.1.1 Service Provider shall be paid fees and charges in the manner detailed in
hereunder, the same shall be subject to deduction of income tax thereon
wherever required under the provisions of the Income Tax Act by the Bank.
The remittance of amounts so deducted and issuance of certificate for such
deductions shall be made by the Bank as per the laws and regulations for the
time being in force. Nothing in the Agreement shall relieve Service Provider
from his responsibility to pay any tax that may be levied in India on income
and profits made by Service Provider in respect of this Agreement.
3.1.2 ______________
3.1.3 ______________
3.2 All duties and taxes (excluding7____________ or any other tax imposed by the
Government in lieu of same), if any, which may be levied, shall be borne by
Service Provider and Bank shall not be liable for the same. All expenses, stamp
duty and other charges/ expenses in connection with execution of this
7 Please determine the applicability of the taxes.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 240 of 329 Confidential & Proprietary
Agreement shall be borne by Service Provider. ___________ <insert tax
payable by the Bank> or any other tax imposed by the Government in lieu of
same shall be borne by the Bank on actual upon production of original receipt
wherever required.
3.3 Service Provider shall provide a clear description quantifying the service
element and goods element in the invoices generated by them.
3.4 Payments
3.4.1 The Bank will pay properly submitted valid invoices within reasonable
period but not exceeding 30 (thirty) days after its receipt thereof. All
payments shall be made in Indian Rupees.
3.4.2 The Bank may withhold payment of any product/services that it disputes in
good faith, and may set-off penalty amount or any other amount which
Service Provider owes to the Bank against amount payable to Service
Provider under this Agreement. However, before levying penalty or
recovery of any damages, the Bank shall provide a written notice to Service
Provider indicating the reasons for such penalty or recovery of damages.
Service Provider shall have the liberty to present its case in writing together
with documentary evidences, if any, within 21 (twenty one) days. Penalty
or damages, if any, recoverable from Service Provider shall be recovered by
the Bank through a credit note or revised invoices. In case Service Provider
fails to issue credit note/ revised invoice, the Bank shall have right to
withhold the payment or set-off penal amount from current invoices.
3.5 Payment terms for NI services and Setting up of Next Gen NOCs:
3.5.1 Payment (in Indian Rupees only) will be made strictly in accordance with
the following schedule by the Networking & Communication Department,
GITC, Belapur.
3.5.2 Payments:100% of the quarterly value of the total contract value or the
quarterly value calculable will be paid in arrears subject to execution of SLA
agreement and submission of PBG. In any case, the payment made will be
after deduction of SLA penalties, TDS, Withholding Tax. The quarter will
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 241 of 329 Confidential & Proprietary
mean calendar quarter(s) and the first such payment accordingly may be for
a part of the calendar quarter.
3.5.3 No representation will be entertained for releasing ad-hoc payments, of any
nature.
3.5.4 Prices: Prices payable to the NI as stated in the Contract shall be firm and
not subject to adjustment during performance of the Contract, irrespective
of reasons whatsoever, including exchange rate fluctuations, changes in
present levied taxes, any new taxes, duties, levies, charges, etc. (other than
GST and VAT wherever applicable). In other words, the rate agreed to by
the shortlisted bidders will be non-negotiable for a period of 5 years. The
Bidder shall indicate on the bid form, the prices of the services under the
Contract in Indian National Rupee (INR). Prices indicated on the price
Schedule shall be entered separately in the following manner:
3.5.5 Price will be quoted including all costs except GST and VAT wherever
applicable which will be paid at actuals.
3.5.6 Fixed Price - A bid submitted with an adjustable price quotation will be
treated as nonresponsive and rejected.
3.5.7 The various payments will be made as per table below:
PAYMENT SCHEDULE:
Sr.
No. Category Payment Terms
1 Delivery of Hardware & Software for
NOC-1 and NOC-2, LMS and NPMD
30% of the respective component value
2
Installation of Hardware &
customization of Software of NOC-1,
LMS and NPMD
30% of the respective component value
3 UAT & Production & Go Live of
NOC-1 LMS and NPMD
20% of the respective component value
4
Installation of Hardware &
customization of Software of NOC-2,
DR setup of LMS and NPMD
10% of the respective component value
5 Production & Go Live of NOC-2 10% of the respective component value
6 Human/ Personnel Resources Quarterly arrear basis. Pro-rata basis as per
“cost per resource” for the respective role
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 242 of 329 Confidential & Proprietary
7 Annual Maintenance Contract (AMC)
/ Annual Technical Support (ATS) Quarterly in Arrears
8 LAN Management Quarterly in Arrears
9 NOC/Network Certification charges/
Trainings & Certifications On completion of Task
10 Rate Contract for incremental items After delivery and sign off
11 Miscellaneous Recurring Charges Quarterly in arrears for the services rendered and
pro-rata wherever applicable
12 Cost for Storage (per pallet)/ Cost of
Insurance/ Courier Charges On production of relevant proofs
3.6 Bank Guarantee and Penalties
3.6.1 Service Provider shall furnish performance security in the form of Bank
Guarantee for an amount of Rs. ________ valid for a period of _____year(s)
____month(s) from a Scheduled Commercial Bank other than State Bank of
India in a format provided/ approved by the Bank.
3.6.2 The Bank Guarantee is required to protect the interest of the Bank against
delay in supply/installation and/or the risk of non-performance of Service
Provider in respect of successful implementation of the project; or
performance of the material or services sold; or breach of any terms and
conditions of the Agreement, which may warrant invoking of Bank
Guarantee.
3.6.3 If at any time during performance of the Contract, Service Provider shall
encounter unexpected conditions impeding timely completion of the
Services under the Agreement and performance of the services, Service
Provider shall promptly notify the Bank in writing of the fact of the delay,
it’s likely duration and its cause(s). As soon as practicable, after receipt of
Service Provider’s notice, the Bank shall evaluate the situation and may at
its discretion extend Service Provider’s time for performance, in which case
the extension shall be ratified by the Parties by amendment of the
Agreement.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 243 of 329 Confidential & Proprietary
3.6.4 Performance of the obligations under the Agreement shall be made by
Service Provider in accordance with the time schedule8 specified in this
Agreement.
3.6.5 Service Provider shall be liable to pay penalty at the rate mentioned in
Annexure ‘F’ in respect of any delay beyond the permitted period in
providing the Services.
3.6.6 Subject to Clause 17 of this Agreement, any unexcused delay by Service
Provider in the performance of its Contract obligations shall render this
Agreement to be terminated.
3.6.7 No penalty shall be levied in case of delay(s) in deliverables or performance
of the contract for the reasons solely and directly attributable to the Bank.
On reaching the maximum of penalties specified the Bank reserves the right
to terminate the Agreement.
4. LIABILITIES/OBLIGATION
4.1 The Bank’s Duties /Responsibility(if any)
(i) Processing and authorising invoices
(ii) Approval of Information
(iii) ____________
4.2 Service Provider Duties
(i) Service Delivery responsibilities
(a) To adhere to the service levels documented in this Agreement.
(b) Solutions provided and/or maintained by Service Provider shall be free
from OWASP Top 10 vulnerabilities (latest) during the term of
Agreement.
(c) Service provider shall ensure to filter all phishing / spamming / overflow
attacks in order to ensure availability and integrity on continuous basis.
(d) Service Provider shall without any additional cost, rectify the
vulnerabilities observed by the Bank during security review of Code. The
8 Please ensure that the time scheduled is suitably incorporated in the Agreement.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 244 of 329 Confidential & Proprietary
Code shall be comprehensively reviewed periodically by the Bank or its
authorized representative.
(e) Service Provider shall ensure that Service Provider’s personnel and its
sub-contractors (if allowed) will abide by all reasonable directives issued
by the Bank, including those set forth in the Bank’s then-current
standards, policies and procedures (to the extent applicable), all on-site
rules of behaviour, work schedules, security procedures and other
standards, policies and procedures as established by the Bank from time
to time.
(f) Service Provider agrees and declares that it shall be the sole responsibility
of Service Provider to comply with the provisions of all the applicable
laws, concerning or in relation to rendering of Services by Service
Provider as envisaged under this Agreement.
(g) ____________<the concerned dept. may add duties depending on the
nature of agreement>
(ii) Security Responsibility
(a) To maintain the confidentiality of the Bank's resources and other intellectual
property rights.
(b) ____________
5. REPRESENTATIONS &WARRANTIES
5.1 Service Provider warrants that the technical quality and performance of the
Services provided will be consistent with the mutually agreed standards.
Warranty shall be for a period of ____________ (Term) from the date of
acceptance.
5.2 Any defect found will be evaluated mutually to establish the exact cause of the
defect. Bank may have direct and separate agreement with Service Provider to
provide technical support to the Bank for related deficiencies.
5.3 Service Provider warrants that at the time of delivery the Software/Equipment
or its component is free from malware, free from any obvious bugs, and free
from any covert channels in the code (of the versions of the
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 245 of 329 Confidential & Proprietary
applications/Software being delivered as well as any subsequent
versions/modifications delivered).
5.4 Service Provider represents and warrants that its personnel shall be present at
the Bank premises or any other place as the Bank may direct, only for the
Services and follow all the instructions provided by the Bank; Act diligently,
professionally and shall maintain the decorum and environment of the Bank;
Comply with all occupational, health or safety policies of the Bank.
5.5 Service Provider warrants that it shall be solely liable and responsible for
compliance of applicable Labour Laws in respect of its employee, agents,
representatives and sub-contractors (if allowed) and in particular laws relating
to terminal benefits such as pension, gratuity, provided fund, bonus or other
benefits to which they may be entitled and the laws relating to contract labour,
minimum wages, etc., and the Bank shall have no liability in this regard.
5.6 Each Party represents and warrants that it has all requisite power and
authorization to enter into and perform this Agreement and that nothing
contained herein or required in the performance hereof conflict or will conflict
with or give rise to a breach or default under, or permit any person or entity to
terminate, any contract or instrument to which the party is bound.
5.7 Service Provider warrants that it has full right, title and interest in and to all
software, copyrights, trade names, trademarks, service marks, logos symbols
and other proprietary marks (collectively ‘IPR’) owned by it (including
appropriate limited right of use of those owned by any of its vendors, affiliates
or subcontractors) which it provides to the Bank, for use related to the Services
to be provided under this Agreement.
5.8 Service Provider shall perform the Services and carry out its obligations under
the Agreement with due diligence, efficiency and economy, in accordance with
generally accepted techniques and practices used in the industry and with
professional standards recognized by international professional bodies and
shall observe sound management practices. It shall employ appropriate
advanced technology and safe and effective equipment, machinery, material
and methods.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 246 of 329 Confidential & Proprietary
5.9 Service Provider has the requisite technical and other competence, sufficient,
suitable, qualified and experienced manpower/personnel and expertise in
providing the Services to the Bank.
5.10 Service Provider shall duly intimate to the Bank immediately, the changes, if
any in the constitution of Service Provider.
5.11 Service Provider warrants that to the best of its knowledge, as on the Effective
Date of this Agreement, the Software/Equipment does not violate or infringe
any patent, copyright, trademarks, trade secrets or other Intellectual Property
Rights of any third party.
5.12 Service Provider shall ensure that all persons, employees, workers and other
individuals engaged by or sub-contracted (if allowed) by Service Provider in
rendering the Services under this Agreement have undergone proper
background check, police verification and other necessary due diligence checks
to examine their antecedence and ensure their suitability for such engagement.
No person shall be engaged by Service Provider unless such person is found to
be suitable in such verification and Service Provider shall retain the records of
such verification and shall produce the same to the Bank as when requested.
5.13 During the Warranty Period if any Software/Equipment or any component
thereof is supplied by Service Provider is inoperable or suffers degraded
performance not due to causes external to the Software/Equipment, Service
provider shall, at the Bank’s request, promptly replace the Software/Equipment
or specified component with new Software/Equipment of the same type and
quality. Such replacement shall be accomplished without any adverse impact
on the Bank’s operations within agreed time frame.
5.14 ____________<any other additional warranty can be incorporated>
6. GENERAL INDEMNITY
6.1 Service provider agrees and hereby keeps the Bank indemnified against all
claims, actions, loss, damages, costs, expenses, charges, including legal
expenses (Attorney, Advocates fees included) which the Bank may suffer or
incur on account of (i) Service Provider’s breach of its warranties, covenants,
responsibilities or obligations; or (ii) breach of confidentiality obligations
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 247 of 329 Confidential & Proprietary
mentioned in this Agreement; or (iii) any wilful misconduct and gross negligent
acts on the part of employees, agents, representatives or sub-contractors (if
allowed) of Service Provider. Service provider agrees to make good the loss
suffered by the Bank.
6.2 Service provider hereby undertakes the responsibility to take all possible
measures, at no cost, to avoid or rectify any issues which thereby results in non-
performance of Software/Equipment within reasonable time. The Bank shall
report as far as possible all material defects to Service provider without undue
delay. Service provider also undertakes to co-operate with other service
providers thereby ensuring expected performance covered under scope of work.
7. CONTINGENCY PLANS
Service provider shall arrange and ensure proper data recovery mechanism,
attrition plan and other contingency plans to meet any unexpected obstruction to
Service Provider or any employees or sub-contractors (if allowed) of Service
Provider in rendering the Services or any part of the same under this Agreement
to the Bank. Service Provider at Banks discretion shall co-operate with the Bank
in case on any contingency.
8. TRANSITION REQUIREMENT
In the event of failure of Service Provider to render the Services or in the event of
termination of Agreement or expiry of term or otherwise, without prejudice to any
other right, the Bank at its sole discretion may make alternate arrangement for getting
the Services contracted with another vendor. In such case, the Bank shall give prior
notice to the existing Service Provider. The existing Service Provider shall continue
to provide services as per the terms of the Agreement until a ‘New Service Provider’
completely takes over the work. During the transition phase, the existing Service
Provider shall render all reasonable assistance to the new Service Provider within
such period prescribed by the Bank, at no extra cost to the Bank, for ensuring smooth
switch over and continuity of Services, provided where transition services are
required by the Bank or New Service Provider beyond the term of this Agreement,
reasons for which are not attributable to Service Provider, payment shall be made to
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 248 of 329 Confidential & Proprietary
Service Provider for such additional period on the same rates and payment terms as
specified in this Agreement. If existing vendor is breach of this obligation, they shall
be liable for paying a penalty of Rs.___________ on demand to the Bank, which
may be settled from the payment of invoices or Bank guarantee for the contracted
period. Transition & Knowledge Transfer plan is mentioned in Annexure G.
9. LIQUIDATED DAMAGES
If Service Provider fails to deliver product and/or perform any or all the Services
within the stipulated time, schedule as specified in this Agreement, the Bank may,
without prejudice to its other remedies under the Agreement, and unless otherwise
extension of time is agreed upon without the application of liquidated damages,
deduct from the Project Cost, as liquidated damages as specified in Annexure-F.
Once the maximum deduction is reached, the Bank may consider termination of the
Agreement.
10. RELATIONSHIP BETWEEN THE PARTIES
10.1 It is specifically agreed that Service Provider shall act as independent service
provider and shall not be deemed to be the Agent of the Bank except in respect
of the transactions/services which give rise to Principal - Agent relationship by
express agreement between the Parties.
10.2 Neither Service Provider nor its employees, agents, representatives, Sub-
Contractors shall hold out or represent as agents of the Bank.
10.3 None of the employees, representatives or agents of Service Provider shall be
entitled to claim any absorption or any other claim or benefit against the Bank.
10.4 This Agreement shall not be construed as joint venture. Each Party shall be
responsible for all its obligations towards its respective employees. No
employee of any of the two Parties shall claim to be employee of other Party.
10.5 All the obligations towards the employee(s) of a Party on account of personal
accidents while working in the premises of the other Party shall remain with
the respective employer and not on the Party in whose premises the accident
occurred unless such accidents occurred due to gross negligent act of the Party
in whose premises the accident occurred.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 249 of 329 Confidential & Proprietary
10.6 For redressal of complaints of sexual harassment at workplace, Parties agree to
comply with the policy framed by the Bank (including any amendment thereto)
in pursuant to the Sexual Harassment of Women at Workplace (Prevention,
Prohibition and Redressal) Act, 2013 including any amendment thereto.
11. SUB CONTRACTING
As per the scope of this Agreement sub-contracting is not permitted.
12. INTELLECTUAL PROPERTY RIGHTS
12.1 For any technology / Software / Solution developed/used/supplied by Service
provider for performing Services or licensing and implementing Software and
Solution for the Bank as part of this Agreement, Service Provider shall have
right to use as well right to license for the outsourced services or third party
product. The Bank shall not be liable for any license or IPR violation on the
part of Service Provider.
12.2 Without the Bank’s prior written approval, Service provider will not, in
performing the Services, use or incorporate, link to or call or depend in any way
upon, any Software or other intellectual property that is subject to an Open
Source or Copy-left license or any other agreement that may give rise to any
third-party claims or to limit the Bank’s rights under this Agreement.
12.3 Subject to clause 12.4 and 12.5 of this Agreement, Service Provider shall, at its
own expenses without any limitation, indemnify and keep fully and effectively
indemnified the Bank against all cost, claims, damages, demands, expenses and
liabilities whatsoever nature arising out of or in connection with all claims of
infringement of Intellectual Property Right, including patent, trademark,
copyright, trade secret or industrial design rights of any third party arising from
use of the technology / Software/Equipment or any part thereof in India or
abroad, for Equipment supplied/Software licensed/developed as part of this
engagement. In case of violation/ infringement of patent/ trademark/ copyright/
trade secret or industrial design or any other Intellectual Property Right of third
party, Service Provider shall, after due inspection and testing, without any
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 250 of 329 Confidential & Proprietary
additional cost (a) procure for the Bank the right to continue to using the
Software/Equipment supplied; or (b) replace or modify the
Software/Equipment to make it non-infringing so long as the replacement to or
modification of Software provide substantially equivalent functional,
performance and operational features as the infringing Software/Equipment
which is being replaced or modified; or (c) to the extent that the activities under
clauses (a) and (b) above are not commercially reasonable, refund to the Bank
all amounts paid by the Bank to Service Provider under this Agreement.
12.4 The Bank will give (a) notice to Service provider of any such claim without
delay/provide reasonable assistance to Service provider in disposing of the
claim; (b) sole authority to defend and settle such claim and; (c) will at no time
admit to any liability for or express any intent to settle the claim provided that
(i) Service Provider shall not partially settle any such claim without the written
consent of the Bank, unless such settlement releases the Bank fully from such
claim, (ii) Service Provider shall promptly provide the Bank with copies of all
pleadings or similar documents relating to any such claim, (iii) Service Provider
shall consult with the Bank with respect to the defense and settlement of any
such claim, and (iv) in any litigation to which the Bank is also a party, the Bank
shall be entitled to be separately represented at its own expenses by counsel of
its own selection..
12.5 Service Provider shall have no obligations with respect to any infringement
claims to the extent that the infringement claim arises or results from: (i)
Service Provider’s compliance with the Bank’s specific technical designs or
instructions (except where Service Provider knew or should have known that
such compliance was likely to result in an Infringement Claim and Service
Provider did not inform the Bank of the same); (ii) any unauthorized
modification or alteration of the Software/Equipment by the Bank; or (iii)
failure to implement an update to the licensed Software that would have
avoided the infringement, provided Service Provider has notified the Bank in
writing that use of the update would have avoided the claim.
12.6 Service provider hereby grants the Bank a fully paid-up, irrevocable, unlimited,
perpetual, non-exclusive/exclusive license throughout the territory of India or
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 251 of 329 Confidential & Proprietary
abroad to access, replicate, modify and use Software licensed/developed
including its upgraded versions available during the term of this Agreement by
Service provider as part of this engagement, including all inventions, designs
and trademarks embodied therein perpetually.
12.7 Software licensed/developed as part of this Agreement can be put to use in all
offices of the Bank.
13. INSTALLATION
Service provider will install the software/support the Bank in installation of the
Software developed into the Bank’s production, disaster recovery, testing and
training environment, if required.
14. INSPECTION AND AUDIT
14.1 It is agreed by and between the parties that Service Provider shall be subject to
annual audit by internal/external Auditors appointed by the Bank/ inspecting
official from the Reserve Bank of India or any regulatory authority, covering
the risk parameters finalized by the Bank/ such auditors in the areas of products
(IT Equipment / Software) and services etc. provided to the Bank and Service
Provider shall submit such certification by such Auditors to the Bank. Service
Provider and or his / their outsourced agents /sub – contractors (if allowed by
the Bank) shall facilitate the same. The Bank can make its expert assessment
on the efficiency and effectiveness of the security, control, risk management,
governance system and process created by Service Provider. Service Provider
shall, whenever required by such Auditors, furnish all relevant information,
records/data to them. All costs for such audit shall be borne by the Bank. Except
for the audit done by Reserve Bank of India or any statutory/regulatory
authority, the Bank shall provide reasonable notice not less than 7 (seven) days
to Service Provider before such audit and same shall be conducted during
normal business hours.
14.2 Where any Deficiency has been observed during audit of Service Provider on
the risk parameters finalized by the Bank or in the certification submitted by
the Auditors, it is agreed upon by Service Provider that it shall correct/ resolve
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 252 of 329 Confidential & Proprietary
the same at the earliest and shall provide all necessary documents related to
resolution thereof and the auditor shall further certify in respect of resolution
of the Deficiencies. It is also agreed that Service Provider shall provide
certification of the auditor to the Bank regarding compliance of the
observations made by the auditors covering the respective risk parameters
against which such Deficiencies observed.
14.3 Service Provider further agrees that whenever required by the Bank, it will
furnish all relevant information, records/data to such auditors and/or inspecting
officials of the Bank/ Reserve Bank of India and/or any regulatory authority
(ies). The Bank reserves the right to call for and/or retain any relevant
information/ audit reports on financial and security review with their findings
undertaken by Service Provider. However, Service Provider shall not be
obligated to provide records/data not related to Services under the Agreement
(e.g. internal cost break-ups etc.).
15. CONFIDENTIALITY
15.1 “Confidential Information” mean all information which is material to the
business operations of either party or its affiliated companies, designated as
being confidential or which, under the circumstances surrounding disclosure
out to be treated as confidential, in any form including, but not limited to,
proprietary information and trade secrets, whether or not protected under any
patent, copy right or other intellectual property laws, in any oral, photographic
or electronic form, whether contained on computer hard disks or floppy
diskettes or otherwise without any limitation whatsoever. Without prejudice to
the generality of the foregoing, the Confidential Information shall include all
information about the party and its customers, costing and technical data,
studies, consultants reports, financial information, computer models and
programs, Software Code, contracts, drawings, blue prints, specifications,
operating techniques, processes, models, diagrams, data sheets, reports and
other information with respect to any of the foregoing matters. All and every
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 253 of 329 Confidential & Proprietary
information received by the parties and marked confidential hereto shall be
assumed to be confidential information unless otherwise proved. It is further
agreed that the information relating to the Bank and its customers is deemed
confidential whether marked confidential or not.
15.2 All information relating to the accounts of the Bank’s customers shall be
confidential information, whether labeled as such or otherwise.
15.3 All information relating to the infrastructure and Applications (including
designs and processes) shall be deemed to be Confidential Information whether
labeled as such or not. Service provider personnel/resources responsible for the
project are expected to take care that their representatives, where necessary,
have executed a Non-Disclosure Agreement to comply with the confidential
obligations under this Agreement.
15.4 Each party agrees that it will not disclose any Confidential Information received
from the other to any third parties under any circumstances without the prior
written consent of the other party unless such disclosure of Confidential
Information is required by law, legal process or any order of any government
authority. Service provider, in this connection, agrees to abide by the laws
especially applicable to confidentiality of information relating to customers of
Banks and the banks per-se, even when the disclosure is required under the law.
In such event, the Party must notify the other Party that such disclosure has
been made in accordance with law; legal process or order of a government
authority.
15.5 Each party, including its personnel, shall use the Confidential Information only
for the purposes of achieving objectives set out in this Agreement. Use of the
Confidential Information for any other purpose shall constitute breach of trust
of the same.
15.6 Each party may disclose the Confidential Information to its personnel solely
for the purpose of undertaking work directly related to the Agreement. The
extent of Confidential Information disclosed shall be strictly limited to what is
necessary for those particular personnel to perform his/her duties in connection
with the Agreement. Further each Party shall ensure that each personnel
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 254 of 329 Confidential & Proprietary
representing the respective party agree to be bound by obligations of
confidentiality no less restrictive than the terms of this Agreement.
15.7 The non-disclosure obligations herein contained shall not be applicable only
under the following circumstances:
(i) Where Confidential Information comes into the public domain during
or after the date of this Agreement otherwise than by disclosure by
receiving party in breach of the terms hereof.
(ii) Where any Confidential Information was disclosed after receiving the
written consent of disclosing party.
(iii)Where receiving party is requested or required by law or by any Court
or governmental agency or authority to disclose any of the Confidential
Information, then receiving party will provide the other Party with
prompt notice of such request or requirement prior to such disclosure.
(iv) Where any Confidential Information was received by the receiving
party from a third party which does not have any obligations of
confidentiality to the other Party.
(v) Where Confidential Information is independently developed by
receiving party without any reference to or use of disclosing party’s
Confidential Information.
15.8 Receiving party undertakes to promptly notify disclosing party in writing any
breach of obligation of the Agreement by its employees or representatives
including confidentiality obligations. Receiving party acknowledges that
monetary damages may not be the only and / or a sufficient remedy for
unauthorized disclosure of Confidential Information and that disclosing party
shall be entitled, without waiving any other rights or remedies, to injunctive or
equitable relief as may be deemed proper by a Court of competent jurisdiction.
15.9 Service Provider shall not, without the Bank’s prior written consent, make use
of any document or information received from the Bank except for purposes of
performing the services and obligations under this Agreement.
15.10 Any document received from the Bank shall remain the property of the Bank
and shall be returned (in all copies) to the Bank on completion of Service
Provider’s performance under the Agreement.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 255 of 329 Confidential & Proprietary
15.11 Upon expiration or termination of the Agreement, all the Bank’s proprietary
documents, customized programs partially or wholly completed and associated
documentation, or the Bank’s materials which are directly related to any project
under the Agreement shall be delivered to the Bank or at the Bank’s written
instruction destroyed, and no copies shall be retained Service provider without
the Bank’s written consent.
15.12 The foregoing obligations (collectively referred to as “Confidentiality
Obligations”) set out in this Agreement shall survive the term of this Agreement
and for a period of five (5) years thereafter provided Confidentiality
Obligations with respect to individually identifiable information, customer’s
data of Parties or Software in human-readable form (e.g., source code) shall
survive in perpetuity.
16. OWNERSHIP
16.1 Service Provider will provide Source Code for every version of Software
customized/developed specifically for the Bank, without any cost to the Bank,
and it will be treated as the property of the Bank.
16.2 The Source Code /Object Code /executable code and compilation procedures
of the Solutions made under this Agreement are the proprietary property of the
Bank and as such Service provider shall make them available to the Bank after
successful User Acceptance Testing.
16.3 Service Provider agrees that the Bank owns the entire right, title and interest to
any inventions, designs, discoveries, writings and works of authorship,
including all Intellectual Property Rights, copyrights. Any work made under
this Agreement shall be deemed to be ‘work made for hire’ under any
Indian/U.S. or any other applicable copyright laws.
16.4 Service Provider shall ensure proper change management process covering
impact assessment, requirement and Solution documents detailing changes
made to the Software for any work order, in addition to enabling the
programmers identify and track the changes made to the source code. The
Source Code will be delivered in appropriate version control tool maintained at
the Bank’s on site location.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 256 of 329 Confidential & Proprietary
16.5 Service Provider shall adhere to revision control procedure of the Bank to
maintain required documentation and configuration files as well as Source
Code. Necessary backup and restoration of the revision control Software related
information will be handled by the service team as per the approved backup
policy of the Bank.
16.6 For each application developed by Service Provider on Software, including
third party Software before the platform become operational, Service Provider
shall deliver all documents to the Bank, which include coding standards, user
manuals, installation manuals, operation manuals, design documents, process
documents, technical manuals, and other documents, if any, as per work order.
16.7 Service Provider shall also provide documents related to Review Records/ Test
Bug Reports/ Root Cause Analysis Report, details and documentation of all
product components, details and documentation of all dependent/ external
modules and all documents relating to traceability of the Software supplied/
customized under this Agreement before its production release.
16.8 All Software programs supplied/developed, program documentation, system
documentation and testing methodologies along with all other information and
documents (other than tools being proprietary to Service Provider) and used for
customized Software development shall be the exclusive property of the Bank.
16.9 The Intellectual Property Rights on the Software Code, copyright and source
code for various applications/ interfaces developed under this Agreement, and
any other component/ framework/ middleware used/ developed as pre-built
Software assets to deliver the Solution, shall belong to the Bank and the Bank
shall have complete and unrestricted rights on such property. However, Service
Provider shall hold All Intellectual Property rights in any pre-built Software
per se, except for those which have been assigned under this Agreement.
16.10 All information processed by Service Provider during Software development/
customization, implementation& maintenance belongs to the Bank. Service
Provider shall not acquire any other right in respect of the information for the
license to the rights owned by the Bank. Service Provider will implement
mutually agreed controls to protect the information. Service Provider also
agrees that it will protect the information appropriately.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 257 of 329 Confidential & Proprietary
16---- SOURCE CODE ESCROW AGREEMENT9
16.1 Service Provider shall deposit the source code of the Software and everything
required to independently maintain the Software, to the source code escrow
account and agrees to everything mentioned in source code escrow agreement.
16.2 Service provider shall deposit the latest version of source code in escrow account
at regular intervals as mentioned in source code escrow agreement.
16.3 The Bank shall have the right to get the source code released and will receive no
opposition/hindrances from the escrow agent and Service provider under the
following conditions:-
(i) In the event wherein Service provider files a voluntary petition in
bankruptcy or insolvency or has been otherwise declared
Insolvent/Bankrupt; or
(ii) In the event wherein Service provider has declared its expressed/written
unwillingness to fulfill his contractual obligations under this Agreement;
or
(iii) Service Provider is wound up, or ordered wound up, or has a winding up
petition ordered against it, or assigns all or a substantial part of its business
or assets for the benefit of creditors, or permits the appointment of a
receiver for the whole or substantial part of its business or assets, or
otherwise ceases to conduct its business in the normal course; or
(iv) Service Provider discontinues business because of insolvency or
bankruptcy, and no successor assumes Service Provider’s Software
maintenance obligations or obligations mentioned in the Agreement; or
(v) Service Provider dissolves or ceases to function as a going concern or to
conduct its operation in the normal course of business or intends and
conveys its intention to do so; or
(vi) Any other release condition as specified in source code escrow agreement.
16.4 Service provider agrees to bear the payment of fees due to the escrow agent.
9 This agreement is to be made wherein ownership over the Software is not provided. The user
department has to delete inapplicable para from clause 16 (Ownership and Escrow Agreement).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 258 of 329 Confidential & Proprietary
16.5 The escrow agreement shall ipso-facto would get terminated on delivery of source
code to either of the parties upon the terms & conditions mentioned in source
code escrow agreement.
17. TERMINATION
17.1 The Bank may, without prejudice to any other remedy for breach of Agreement,
by written notice of not less than 30 (thirty) days, terminate the Agreement in
whole or in part:
17.1.1 If Service Provider fails to deliver any or all the obligations within the
time period specified in the Agreement, or any extension thereof
granted by the Bank;
17.1.2 If Service Provider fails to perform any other obligation(s) under the
Agreement;
17.1.3 Violations of any terms and conditions stipulated in the RFP;
17.1.4 On happening of any termination event mentioned herein above in this
Agreement.
Prior to providing a written notice of termination to Service Provider
under clause 17.1 (i) to 17.1 (iii), the Bank shall provide Service
Provider with a written notice of 30 (thirty) days to cure such breach of
the Agreement. If the breach continues or remains unrectified after
expiry of cure period, the Bank shall have right to initiate action in
accordance with above clause.
17.2 The Bank, by written notice of not less than 90 (ninety) days, may terminate
the Agreement, in whole or in part, for its convenience, provided same shall
not be invoked by the Bank before completion of half of the total Contract
period (including the notice period). In the event of termination of the
Agreement for the Bank’s convenience, Service Provider shall be entitled to
receive payment for the Services rendered (delivered) up to the effective date
of termination.
17.3 In the event the Bank terminates the Agreement in whole or in part for the
breaches attributable to Service Provider, the Bank may procure, upon such
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 259 of 329 Confidential & Proprietary
terms and in such manner, as it deems appropriate, Software/Equipment or
services similar to those undelivered and subject to clause 21 Service Provider
shall be liable to the Bank for any excess costs for such similar
Software/Equipment or services. However, Service provider, in case of part
termination, shall continue the performance of the Agreement to the extent not
terminated.
17.4 The Bank shall have a right to terminate the Agreement immediately by giving
a notice in writing to Service Provider in the following eventualities:
(i) If any Receiver/Liquidator is appointed in connection with the business of
Service Provider or Service Provider transfers substantial assets in favour of
its creditors or any orders / directions are issued by any Authority / Regulator
which has the effect of suspension of the business of Service Provider.
(ii) If Service Provider applies to the Court or passes a resolution for voluntary
winding up of or any other creditor / person files a petition for winding up or
dissolution of Service Provider.
(iii) If any acts of commission or omission on the part of Service Provider or its
agents, employees, sub-contractors or representatives, in the reasonable
opinion of the Bank tantamount to fraud or prejudicial to the interest of the
Bank or its employees.
(iv) Any document, information, data or statement submitted by Service Provider
in response to RFP, based on which Service Provider was considered eligible
or successful, is found to be false, incorrect or misleading.
17.5 In the event of the termination of the Agreement Service Provider shall be liable
and responsible to return to the Bank all records, documents, data and
information including Confidential Information pertains to or relating to the
Bank in its possession.
17.6 In the event of termination of the Agreement for material breach, Bank shall
have the right to report such incident in accordance with the mandatory
reporting obligations under the applicable law or regulations.
17.7 Upon termination or expiration of this Agreement, all rights and obligations of
the Parties hereunder shall cease, except such rights and obligations as may
have accrued on the date of termination or expiration; the obligation of
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 260 of 329 Confidential & Proprietary
indemnity; obligation of payment ;confidentiality obligation; Governing Law
clause; Dispute resolution clause; and any right which a Party may have under
the applicable Law.
18. DISPUTE REDRESSAL MACHANISM & GOVERNING LAW
18.1 All disputes or differences whatsoever arising between the parties out of or in
connection with this Agreement (including dispute concerning interpretation)
or in discharge of any obligation arising out of the Agreement (whether during
the progress of work or after completion of such work and whether before or
after the termination of this Agreement, abandonment or breach of this
Agreement), shall be settled amicably.
18.2 If the parties are not able to solve them amicably within 30 (thirty) days after
dispute occurs as evidenced through the first written communication from any
Party notifying the other regarding the disputes, either Party [the Bank or
Service Provider] shall give written notice to other party clearly setting out
there in, specific dispute(s) and/or difference(s), and shall be referred to a sole
arbitrator mutually agreed upon, and the award made in pursuance thereof shall
be binding on the Parties.
18.3 In the absence of consensus about the single arbitrator, the dispute may be
referred to an arbitration panel; one to be nominated by each Party and the said
arbitrators shall nominate a presiding arbitrator, before commencing the
arbitration proceedings. The arbitration shall be settled in accordance with the
applicable Indian Laws and the arbitration shall be conducted in accordance
with the Arbitration and Conciliation Act, 1996.
18.4 Service Provider shall continue work under the Agreement during the
arbitration proceedings, unless otherwise directed by the Bank or unless the
matter is such that the work cannot possibly be continued until the decision of
the arbitrator is obtained.
18.5 Arbitration proceeding shall be held at Mumbai, India, and the language of the
arbitration proceedings and that of all documents and communications between
the parties shall be in English.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 261 of 329 Confidential & Proprietary
18.6 This Agreement shall be governed by laws in force in India. Subject to the
arbitration clause above, all disputes arising out of or in relation to this
Agreement, shall be subject to the exclusive jurisdiction of the courts at
Mumbai only.
18.7 In case of any change in applicable laws that has an effect on the terms of this
Agreement, the Parties agree that the Agreement may be reviewed, and if
deemed necessary by the Parties, make necessary amendments to the
Agreement by mutual agreement in good faith, in case of disagreement
obligations mentioned in this clause shall be observed.
19. POWERS TO VARY OR OMIT WORK
19.1 No alterations, amendments, omissions, additions, suspensions or variations of
the work (hereinafter referred to as variation) under the Agreement shall be
made by Service provider except as directed in writing by Bank. The Bank shall
have full powers, subject to the provision herein after contained, from time to
time during the execution of the Agreement, by notice in writing to instruct
Service Provider to make any variation without prejudice to the Agreement.
Service Provider shall carry out such variations and be bound by the same
conditions, though the said variations occurred in the Agreement documents. If
any suggested variations would, in the opinion of Service Provider, if carried
out, prevent them from fulfilling any of their obligations under the Agreement,
they shall notify the Bank, thereof, in writing with reasons for holding such
opinion and Bank shall instruct Service Provider to make such other modified
variation without prejudice to the Agreement. Service Provider shall carry out
such variations and be bound by the same conditions, though the said variations
occurred in the Agreement documents. If Bank confirms their instructions
Service Provider’s obligations will be modified to such an extent as may be
mutually agreed. If such variation involves extra cost, any agreed difference in
cost occasioned by such variation shall be mutually agreed between the parties.
In any case in which Service Provider has received instructions from the Bank
as to the requirement of carrying out the altered or additional substituted work,
which either then or later on, will in the opinion of Service Provider, involve a
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 262 of 329 Confidential & Proprietary
claim for additional payments, such additional payments shall be mutually
agreed in line with the terms and conditions of the order.
19.2 If any change in the work is likely to result in reduction in cost, the parties shall
agree in writing so as to the extent of reduction in payment to be made to
Service Provider, before Service provider proceeding with the change.
20. WAIVER OF RIGHTS
Each Party agrees that any delay or omission on the part of the other Party to
exercise any right, power or remedy under this Agreement will not
automatically operate as a waiver of such right, power or remedy or any other
right, power or remedy and no waiver will be effective unless it is in writing
and signed by the waiving Party. Further the waiver or the single or partial
exercise of any right, power or remedy by either Party hereunder on one
occasion will not be construed as a bar to a waiver of any successive or other
right, power or remedy on any other occasion.
21. LIMITATION OF LIABILITY
21.1 The maximum aggregate liability of Service Provider, subject to clause 21.3,
in respect of any claims, losses, costs or damages arising out of or in connection
with this Agreement shall not exceed the total Project Cost.
21.2 Under no circumstances shall either Party be liable for any indirect,
consequential or incidental losses, damages or claims including loss of profit,
loss of business or revenue.
21.3 The limitations set forth in Clause 21.1 shall not apply with respect to:
(i) claims that are the subject of indemnification pursuant to Clause 1210
(infringement of third party Intellectual Property Right);
(ii) damage(s) occasioned by the Gross Negligence or Willful
Misconduct of Service Provider;
(iii) damage(s) occasioned by Service Provider for breach of
Confidentiality Obligations ;
10 Please see Clause 12 ‘IPR Indemnification’
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 263 of 329 Confidential & Proprietary
(iv) Regulatory or statutory fines imposed by a Government or
Regulatory agency for non-compliance of statutory or regulatory
guidelines applicable to the Bank, provided such guidelines were
brought to the notice of Service Provider.
For the purpose of clause 21.3(ii) “Gross Negligence” means any act
or failure to act by a party which was in reckless disregard of or gross
indifference to the obligation of the party under this Agreement and
which causes injury, damage to life, personal safety, real property,
harmful consequences to the other party, which such party knew, or
would have known if it was acting as a reasonable person, would
result from such act or failure to act for which such Party is legally
liable. Notwithstanding the forgoing, Gross Negligence shall not
include any action taken in good faith.
“Willful Misconduct” means any act or failure to act with an
intentional disregard of any provision of this Agreement, which a
party knew or should have known if it was acting as a reasonable
person, which would result in injury, damage to life, personal safety,
real property, harmful consequences to the other party, but shall not
include any error of judgment or mistake made in good faith.
22. FORCE MAJEURE
22.1 Notwithstanding anything else contained in the Agreement, neither Party shall
be liable for any delay in performing its obligations herein if and to the extent
that such delay is the result of an event of Force Majeure.
22.2 For the purposes of this clause, 'Force Majeure' means and includes wars,
insurrections, revolution, civil disturbance, riots, terrorist acts, public strikes,
hartal, bundh, fires, floods, epidemic, quarantine restrictions, freight
embargoes, declared general strikes in relevant industries, Vis Major, acts of
Government in their sovereign capacity, impeding reasonable performance of
Service Provider and /or sub-contractor but does not include any foreseeable
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 264 of 329 Confidential & Proprietary
events, commercial considerations or those involving fault or negligence on the
part of the party claiming Force Majeure.
22.3 If Force Majeure situation arises, the non-performing Party shall promptly
notify to the other Party in writing of such conditions and the cause(s) thereof.
Unless otherwise agreed in writing, the non-performing Party shall continue to
perform its obligations under the Agreement as far as is reasonably practical,
and shall seek all reasonable alternative means for performance not prevented
by the Force Majeure event.
22.4 If the Force Majeure situation continues beyond 30 (thirty) days, either Party
shall have the right to terminate the Agreement by giving a notice to the other
Party. Neither Party shall have any penal liability to the other in respect of the
termination of this Agreement as a result of an event of Force Majeure.
However, Service Provider shall be entitled to receive payments for all services
actually rendered up to the date of the termination of this Agreement.
23. NOTICES
23.1 Any notice or any other communication required to be given under this
Agreement shall be in writing and may be given by delivering the same by hand
or sending the same by prepaid registered mail, postage prepaid, telegram or
facsimile to the relevant address set forth below or such other address as each
Party may notify in writing to the other Party from time to time. Any such notice
given as aforesaid shall be deemed to be served or received at the time upon
delivery (if delivered by hand) or upon actual receipt (if given by postage
prepaid, telegram or facsimile).
23.2 A notice shall be effective when it is delivered or on the effective date of the
notice, whichever is later.
23.3 The addresses for Communications to the Parties are as under.
(a) In the case of the Bank
___________________
___________________
___________________
(b) In case of Service Provider
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 265 of 329 Confidential & Proprietary
___________________
___________________
___________________
23.4 In case there is any change in the address of one Party, it shall be promptly
communicated in writing to the other Party.
24. GENERAL TERMS & CONDITIONS
24.1 TRAINING: Service Provider shall train designated Bank officials on the
configuration, operation/ functionalities, maintenance, support &
administration for Software, application architecture and components,
installation, troubleshooting processes of the proposed Services as mentioned
in this Agreement.
24.2 PUBLICITY: Service Provider may make a reference of the Services rendered
to the Bank covered under this Agreement on Service provider’s Web Site or
in their sales presentations, promotional materials, business plans or news
releases etc., only after prior written approval from the Bank.
24.3 SUCCESSORS AND ASSIGNS: This Agreement shall bind and inure to the
benefit of the Parties, and their respective successors and permitted assigns.
24.4 NON-HIRE AND NON-SOLICITATION: During the term of this Agreement
and for a period of one year thereafter, neither Party shall (either directly or
indirectly through a third party) employ, solicit to employ, cause to be solicited
for the purpose of employment or offer employment to any employee(s) of the
other Party, or aid any third person to do so, without the specific written consent
of the other Party. However, nothing in this clause shall affect the Bank’s
regular recruitments as per its recruitment policy and not targeted to the
employees of Service provider.
24.5 SEVERABILITY: The invalidity or unenforceability of any provision of this
Agreement shall not in any way effect, impair or render unenforceable this
Agreement or any other provision contained herein, which shall remain in full
force and effect.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 266 of 329 Confidential & Proprietary
24.6 MODIFICATION: This Agreement may not be modified or amended except in
writing signed by duly authorized representatives of each Party with express
mention thereto of this Agreement.
24.7 ENTIRE AGREEMENT: The following documents along with all addenda
issued thereto shall be deemed to form and be read and construed as integral
part of this Agreement and in case of any contradiction between or among them
the priority in which a document would prevail over another would be as laid
down below beginning from the highest priority to the lowest priority:
(i) This Agreement;
(ii) Annexure of Agreement;
(iii) Purchase Order No._______ dated ________; and
(iv) RFP
24.8 PRIVITY: Neither this Agreement nor any provision hereof is intended to
confer upon any person/s other than the Parties to this Agreement any rights or
remedies hereunder.
24.9 DUE AUTHORISATION: Each of the undersigned hereby represents to the
other that she/ he is authorized to enter into this Agreement and bind the
respective parties to this Agreement.
24.10 COUNTERPART: This Agreement may be executed in duplicate and each
copy is treated as original for all legal purposes.
IN WITNESS WHEREOF, the Parties hereto have caused this Agreement to be
executed by their duly authorized representatives as of the date and day first
mentioned above.
State Bank of India _____________Service Provider
By: By:
Name: Name:
Designation: Designation:
Date: Date:
WITNESS:
1. 1.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 267 of 329 Confidential & Proprietary
2. 2.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 268 of 329 Confidential & Proprietary
ANNEXURE-A
DELIVERABLES/SCOPE OF WORK
1. Description of Deliverables:
[Identify each individual component of the Deliverables, including equipment
and software, by name and version.]
2. Specifications, Performance Standards, and Functional Requirements:
[Include here all of the specifications, performance standards, and functional
requirements for the Deliverables that are important to the Bank. Be certain
to include run and operator response times (if applicable) which are part of
the Acceptance criteria discussed in this agreement.]
2.1 Service Provider undertakes and warrants to provide technical support with
resolution time frame as per the matrix given below:
Severity Description Response Time Resolution
time
Critical
High/Major
Medium/
Low/Minor
Very Low/Cosmetic
3. Documentation:
[Identify here all user manuals and other documentation concerning the
Software.]
4. Place of Service11
1. _______________
2. _______________
11Brief description of place of service
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 269 of 329 Confidential & Proprietary
5. Standard Services
Standard services to be delivered under this agreement are illustratively
listed below:-
The details of services, their responsibilities and availability to be
described----
1……
2…….
6. Maintenance/ Upgrades
6.1 Service Provider shall maintain and upgrade the Software during the
warranty and support period so that the Software shall, at all times during the
warranty and support period, meet or exceed the specifications in the Project
Documents and the performance requirements as set forth in this Agreement.
Service provider shall, at no cost to the Bank, promptly correct any and all
errors, Deficiencies and defects in the Software.
6.2 Service Provider shall have the operational maintenance obligations (e.g.,
telephone support, problem resolution, on-site services) as mentioned in
Annexure A. <kindly add operational maintenance obligation with
deliverables>
7. Correction of Deficiencies in Deliverables
7.1 If Service provider is unable to correct all Deficiencies preventing
acceptance of a deliverable or meet the performance requirments, for which
Service provider is responsible within the timelines as mentioned in this
Agreemnet, the Bank may at its discretion:
a) Without prejudiced to the Bank’s other rights under this Agreement, allow
Service provider to continue its efforts to make corrections; or
b) Accept the deliverable with its Deficiencies and reach agreement with
Service provider on an equitable reduction to Service provider’s charges for
developing such deliverable to reflect the uncorrected Deficiencies; or
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 270 of 329 Confidential & Proprietary
c) Terminate this Agreement for cause in accordance with Clause 17 (except
that the Bank is under no obligation to provide Service provider any further
opportunity to cure) and recover its damages as set forth in this Agreement.
8. Service Milestones12
Milestones13 related to in-scope services and/or components includes
<Strike off whichever is not applicable>:-
Service Category Milestone Duration (in
months/weeks/days/hours)
Development
<Strike off if not
applicable>
<Brief description of
milestone>
<mention the duration >
Delivery
<Brief description of
milestone>
<mention the duration >
Installation
<Brief description of
milestone>
<mention the duration >
Configuration
<Brief description of
milestone>
<mention the duration >
User
Acceptance
Testing
<Brief description of
milestone>
<mention the duration >
Documentation
<Brief description of
milestone>
<mention the duration >
Training
<Brief description of
milestone>
<mention the duration >
Live in
Production
<Brief description of
milestone>
<mention the duration >
9. Risk Management
a. Service Provider shall identify and document the risk in delivering the
Services. Service Provider shall identify the methodology to monitor and
12 The Purpose of this clause is identify any assumption made for this agreement. 13Assumptions may include items including how the services will be used in future, projected
growth rates that may impact how services are to be delivered and future changes that were
considered but not included in the agreement
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 271 of 329 Confidential & Proprietary
prevent the risk, and shall also document the steps taken to manage the
impact of the risks.
b. Service Request14
14The purpose of this clause is to document the process and timeframe for responding to the
service requests.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 272 of 329 Confidential & Proprietary
ANNEXURE-B
INFRASTUCTURE MANAGEMENT METRICS<strike off which ever in not
applicable>
(a) Service metric for Recovery Time objective (RTO)<strike off if not
applicable>
SL
no.
Service level
category
Service level object Measurement range/criteria
1. RTO during
disaster for
shifting to
<Place>DC
<……………….
(requirement to be filled by
the concerned dept.)/ 4
hours><strike off which ever
in not applicable>
<…………………><to be filled in by
the concerned dept. depending on the
criticality of service>
(b) SLA for Recovery Point Objective<strike off if not applicable>
SL
no.
Service level
category
Service level object Measurement range/criteria
1. RPO during
disaster for
shifting to
<Place>
<……………….(requirement
to be filled by the concerned
dept.)/ 99.999% of PR site
data recovery><strike off
which ever in not applicable>
<…………………><to be filled in by
the concerned dept. depending on the
criticality of service>
(c) INFRASTUCTURE SUPPORT METRICS<strike off if not applicable>
Activities Severity Response
Time (mins)
Resolution
Time
(mins)
Measur
ement
Criteria Operational
Task
Details
<to be filled
in by the
…………… Level 1 ……….. ………….
. <……
………
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 273 of 329 Confidential & Proprietary
Activities Severity Response
Time (mins)
Resolution
Time
(mins)
Measur
ement
Criteria Operational
Task
Details
concerned
dept.
depending on
the criticality
of service>
……………. Level 2 ……………
.
……… ……><
to be
filled in
by the
concern
ed dept.
dependi
ng on
the
criticali
ty of
service
>
……………. Level ….n ………….. …………
<to be filled
in by the
concerned
dept.
depending on
the criticality
of service>
………………
…..
Level 1 ………… ……….
………………
……
Level 2 ………… ………….
………………
……..
Level…..n ………… ………….
..
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 274 of 329 Confidential & Proprietary
ANNEXURE-C
APPLICATION DEVELOPMENT & MAINTENANCE METRIC.
Impact Level Description/Measure Response Time Resolution Time
Level 1 Low impact <to be filled in by the
concerned dept.
depending on the
criticality of service>
<to be filled in by the
concerned dept.
depending on the
criticality of service>
Level 2 Medium impact <to be filled in by the
concerned dept.
depending on the
criticality of service>
<to be filled in by the
concerned dept.
depending on the
criticality of service>
........... ........
Level..... Highest impact <to be filled in by the
concerned dept.
depending on the
criticality of service>
<to be filled in by the
concerned dept.
depending on the
criticality of service>
Urgency Level Description/Measure Response time Resolution time
Level 1 <to be filled in by the
concerned dept.
depending on the
criticality of service>
<to be filled in by the
concerned dept.
depending on the
criticality of service>
Level 2 <to be filled in by the
concerned dept.
depending on the
criticality of service>
<to be filled in by the
concerned dept.
depending on the
criticality of service>
...........
Level..... To be performed on top
priority
<to be filled in by the
concerned dept.
depending on the
criticality of service>
<to be filled in by the
concerned dept.
depending on the
criticality of service>
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 275 of 329 Confidential & Proprietary
<Priorities are to be filled in by the concerned dept. depending on the criticality of
service>
IMPACT
Urgency Level
Level 1 Level 2 Level n
Level 1 Priority A Priority A Priority C
Level 2 Priority A Priority B Priority D
.... Priority J Priority K Priority L
Level..... Priority L Priority M Priority N Priority O
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 276 of 329 Confidential & Proprietary
ANNEXURE-D
SERVICE DESK SUPPORT METRIC<strike off if not applicable>
SL
no.
Service level
category
Service level object Measurement range/criteria
1. Call type
level 1, <strike
off which ever
in not
applicable>
<……………….(requirement)/
call escalated by sbi service
desk to ……………service
provider’s team><strike off
which ever in not applicable>
<…………………><to be filled in
by the concerned dept. depending on
the criticality of service>
Call type
level 12,
<strike off
which ever in
not applicable>
<……………….(requirement)/
call escalated by sbi service
desk to ……………service
provider’s team><strike off
which ever in not applicable>
<…………………><to be filled in
by the concerned dept. depending on
the criticality of service>
SERVICE LEVEL REPORTING/ FREQUENCY15<strike off if not applicable>
<Describe the service level reporting frequency and methodology>
15The purpose of this section is to document reports used to measure service levels. These reports must
align with the service measurement and should support these measurements.
Report Name Interval Recipient Responsible
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 277 of 329 Confidential & Proprietary
SERVICE REVIEW MEETING16<strike off if not applicable>
Service Review meeting shall be held annually/ half yearly. The
following comprise of the Service Review Board:
▪ President,
▪ Members…………….
16The purpose of this section to describe the frequency of meeting and composition of service review board.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 278 of 329 Confidential & Proprietary
ANNEXURE-E
ESCALATION MATRICS17<strike off if not applicable>
17 To ensure that the service beneficiary receives senior management attention on
unresolved issues, Service Provider operates a problem escalation procedure in order that
any unresolved problems are notified to Service Provider management personnel on a
priority basis dependent upon the impact and urgency of the problem.
Service level
Category
Response/Resolution
Time
Escalation thresholds
Escalation Level 1 Escalation.........
Escalation
to
Escalation
Mode
Escalation
to
Escalation
Mode
Production
Support
<Name,
designation
contact
no.>
Service
Milestones
<Name,
designation
contact
no.>
Infrastructure
Management
<Name,
designation
contact
no.>
Application
Development
&
Maintenance
<Name,
designation
contact
no.>
Service Desk
Support
<Name,
designation
contact
no.>
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 279 of 329 Confidential & Proprietary
ANNEXURE-F
<Under mentioned are proposed penalty metrics, they are required to be customized by
the concerned dept.><strike off whichever is not applicable>
S.
No. Description
Timelines
(from the
date of
issuance
of
PO/LoI)
LD penalties (in %)
1 <specify the milestone/ activity/
task>
<timelines
in minutes
/ hours
/days><
to be
provided
by the
dept.>
<specify the liquidated
damages as certain
percentage of quarterly
operating cost>
PENALTY FOR NON PERFORMANCE OF SLA
Service level
category
SLA Measure Penalty
Calculation
Application
Uptime/Downtime/
RTO/RPO <strike
off whichever is
not applicable>
<delay in minutes / hours /days>< to be provided
by the dept.>
Delivery Schedule <Delay ( in working days)>< to be provided>
Installation <delay in minutes / hours /days>< to be provided
by the dept.>
User Acceptance
Testing
<delay in minutes / hours /days>< to be provided
by the dept.>
Live in Production <delay in minutes / hours /days>< to be provided
by the dept.>
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 280 of 329 Confidential & Proprietary
PENALTY FOR EVERY ITEMS, Penalty at the rates given below:
Category of
defect
Service Area Penalty
Minor
Medium
Major
Critical
PENALTY FOR NON PERFORMANCE AT HELP DESK
Periodical training <Delay ( in working days)>< to be provided>
………<For
each resource
not trained>
Source Code <Delay ( in working days)>< to be provided>
Non-availability of
staff
Reports/
Service
Area
SLA
measurement
Penalty % on ___________
<to be provided by the dept.,>
Calculate penalty on
0 % ______% (for
every 1%
shortfall from
the stipulated
service level
Help
Desk
Time taken
for resolution
of calls
(99.9% of the
calls should
More than
or equal to
99.9 % of
service
level
Less than 99.9 %
of service level <to be provided by the dept.,>
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 281 of 329 Confidential & Proprietary
ANNEXURE G
Transition & Knowledge Transfer Plan
1. Introduction
1.1 This Annexure describes the duties and responsibilities of Service Provider and the
Bank to ensure proper transition of services and to ensure complete knowledge
transfer.
2. Objectives
2.1 The objectives of this annexure are to:
(1) ensure a smooth transition of Services from Service Provider to a
New/Replacement SERVICE PROVIDER or back to the Bank at the
termination or expiry of this Agreement;
(2) ensure that the responsibilities of both parties to this Agreement are clearly
defined in the event of exit and transfer; and
(3) ensure that all relevant Assets are transferred.
3. General
3.1 Where the Bank intends to continue equivalent or substantially similar services to
the Services provided by Service Provider after termination or expiry the
Agreement, either by performing them itself or by means of a New/Replacement
SERVICE PROVIDER, Service Provider shall ensure the smooth transition to the
Replacement SERVICE PROVIDER and shall co-operate with the Bank or the
Replacement SERVICE PROVIDER as required in order to fulfil the obligations
under this annexure.
be resolved
within the
stipulated
response
time)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 282 of 329 Confidential & Proprietary
3.2 Service Provider shall co-operate fully with the Bank and any potential
Replacement SERVICE PROVIDERs tendering for any Services, including the
transfer of responsibility for the provision of the Services previously performed
by Service Provider to be achieved with the minimum of disruption. In particular:
3.2.1 during any procurement process initiated by the Bank and in anticipation of the
expiry or termination of the Agreement and irrespective of the identity of any
potential or actual Replacement SERVICE PROVIDER, Service Provider shall
comply with all reasonable requests by the Bank to provide information relating
to the operation of the Services, including but not limited to, hardware and
Software used, inter-working, coordinating with other application owners, access
to and provision of all performance reports, agreed procedures, and any other
relevant information (including the configurations set up for the Bank and
procedures used by Service Provider for handling Data) reasonably necessary to
achieve an effective transition, provided that:
3.2.1.1 Service Provider shall not be obliged to provide any information concerning the
costs of delivery of the Services or any part thereof or disclose the financial
records of Service Provider to any such party;
3.2.1.2 Service Provider shall not be obliged to disclose any such information for use by
an actual or potential Replacement SERVICE PROVIDER unless such a party
shall have entered into a confidentiality agreement; and
3.2.1.3 whilst supplying information as contemplated in this paragraph 3.2.1 Service
Provider shall provide sufficient information to comply with the reasonable
requests of the Bank to enable an effective tendering process to take place but
shall not be required to provide information or material which Service Provider
may not disclose as a matter of law.
3.3 In assisting the Bank and/or the Replacement SERVICE PROVIDER to transfer
the Services the following commercial approach shall apply:
(1) where Service Provider does not have to utilise resources in addition to those
normally used to deliver the Services prior to termination or expiry, Service
Provider shall make no additional Charges. The Bank may reasonably
request that support and materials already in place to provide the Services
may be redeployed onto work required to effect the transition provided
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 283 of 329 Confidential & Proprietary
always that where the Bank agrees in advance that such redeployment will
prevent Service Provider from meeting any Service Levels, achieving any
other key dates or from providing any specific deliverables to the Bank, the
Bank shall not be entitled to claim any penalty or liquidated damages for the
same.
(2) where any support and materials necessary to undertake the transfer work or
any costs incurred by Service Provider are additional to those in place as part
of the proper provision of the Services the Bank shall pay Service Provider
for staff time agreed in advance at the rates agreed between the parties and
for materials and other costs at a reasonable price which shall be agreed with
the Bank.
3.4 If so required by the Bank, on the provision of no less than 15 (fifteen) days’
notice in writing, Service Provider shall continue to provide the Services or an
agreed part of the Services for a period not exceeding 6 (Six) months beyond the
date of termination or expiry of the Agreement. In such event the Bank shall
reimburse Service Provider for such elements of the Services as are provided
beyond the date of termination or expiry date of the Agreement on the basis that:
(1) Services for which rates already specified in the Agreement shall be provided on
such rates;
(2) materials and other costs, if any, will be charged at a reasonable price which shall
be mutually agreed between the Parties.
3.5 Service Provider shall provide to the Bank an analysis of the Services to the extent
reasonably necessary to enable the Bank to plan migration of such workload to a
Replacement SERVICE PROVIDER provided always that this analysis involves
providing performance data already delivered to the Bank as part of the
performance monitoring regime.
3.6 Service Provider shall provide such information as the Bank reasonably considers
to be necessary for the actual Replacement SERVICE PROVIDER, or any
potential Replacement SERVICE PROVIDER during any procurement process,
to define the tasks which would need to be undertaken in order to ensure the
smooth transition of all or any part of the Services.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 284 of 329 Confidential & Proprietary
3.7 Service Provider shall make available such Key Personnel who have been
involved in the provision of the Services as the Parties may agree to assist the
Bank or a Replacement SERVICE PROVIDER (as appropriate) in the continued
support of the Services beyond the expiry or termination of the Agreement, in
which event the Bank shall pay for the services of such Key Personnel on a time
and materials basis at the rates agreed between the parties.
3.8 Service Provider shall co-operate with the Bank during the handover to a
Replacement SERVICE PROVIDER and such co-operation shall extend to, but
shall not be limited to, inter-working, co-ordinating and access to and provision
of all operational and performance documents, reports, summaries produced by
Service Provider for the Bank, including the configurations set up for the Bank
and any and all information to be provided by Service Provider to the Bank under
any other term of this Agreement necessary to achieve an effective transition
without disruption to routine operational requirements.
4. Replacement SERVICE PROVIDER
4.1 In the event that the Services are to be transferred to a Replacement SERVICE
PROVIDER, the Bank will use reasonable endeavors to ensure that the
Replacement SERVICE PROVIDER co-operates with Service Provider during
the handover of the Services.
5. Subcontractors
5.1 Service Provider agrees to provide the Bank with details of the Subcontracts (if
permitted by the Bank) used in the provision of the Services. Service Provider
will not restrain or hinder its Subcontractors from entering into agreements with
other prospective service providers for the delivery of supplies or services to the
Replacement SERVICE PROVIDER.
6. Transfer of Configuration Management Database
6.1 6 (six) months prior to expiry or within 2 (two) week of notice of termination of
this Agreement Service Provider shall deliver to the Bank a full, accurate and up
to date cut of content from the Configuration Management Database (or
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 285 of 329 Confidential & Proprietary
equivalent) used to store details of Configurable Items and Configuration
Management data for all products used to support delivery of the Services.
7. Transfer of Assets
7.1 6 (six) months prior to expiry or within 2 (two) week of notice of termination of
the Agreement Service Provider shall deliver to the Bank the Asset Register
comprising:
(1) a list of all Assets eligible for transfer to the Bank; and
(2) a list identifying all other Assets, (including human resources, skillset
requirement and know-how), that are ineligible for transfer but which are
essential to the delivery of the Services. The purpose of each component and
the reason for ineligibility for transfer shall be included in the list.
7.2 Within 1 (one) month of receiving the Asset Register as described above, the Bank
shall notify Service Provider of the Assets it requires to be transferred, (the
“Required Assets”), and the Bank and Service Provider shall provide for the
approval of the Bank a draft plan for the Asset transfer.
7.3 In the event that the Required Assets are not located on Bank premises:
(1) Service Provider shall be responsible for the dismantling and packing of the
Required Assets and to ensure their availability for collection by the Bank or
its authorised representative by the date agreed for this;
(2) any charges levied by Service Provider for the Required Assets not owned
by the Bank shall be fair and reasonable in relation to the condition of the
Assets and the then fair market value; and
(3) for the avoidance of doubt, the Bank will not be responsible for the Assets.
7.4 Service Provider warrants that the Required Assets and any components thereof
transferred to the Bank or Replacement SERVICE PROVIDER benefit from any
remaining manufacturer’s warranty relating to the Required Assets at that time,
always provided such warranties are transferable to a third party.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 286 of 329 Confidential & Proprietary
8. Transfer of Software Licenses
8.1 6 (six) months prior to expiry or within 2 (two) week of notice of termination of
this Agreement Service Provider shall deliver to the Bank all licenses for Software
used in the provision of Services which were purchased by the Bank.
8.2 On notice of termination of this Agreement Service Provider shall, within 2 (two)
week of such notice, deliver to the Bank details of all licenses for SERVICE
PROVIDER Software and SERVICE PROVIDER Third Party Software used in
the provision of the Services, including the terms of the Software license
agreements. For the avoidance of doubt, the Bank shall be responsible for any
costs incurred in the transfer of licenses from Service Provider to the Bank or to
a Replacement SERVICE PROVIDER provided such costs shall be agreed in
advance. Where transfer is not possible or not economically viable the Parties will
discuss alternative licensing arrangements.
8.3 Within 1 (one) month of receiving the Software license information as described
above, the Bank shall notify Service Provider of the licenses it wishes to be
transferred, and Service Provider shall provide for the approval of the Bank a draft
plan for license transfer, covering novation of agreements with relevant Software
providers, as required. Where novation is not possible or not economically viable
the Parties will discuss alternative licensing arrangements.
9. Transfer of Software
9.1 Wherein State Bank of India is the owner of the software, 6 (six) months prior to
expiry or within 2 (two) weeks of notice of termination of this Agreement Service
Provider shall deliver, or otherwise certify in writing that it has delivered, to the
Bank a full, accurate and up to date version of the Software including up to date
versions and latest releases of, but not limited to:
(a) Source Code (with source tree) and associated documentation;
(b) application architecture documentation and diagrams;
(c) release documentation for functional, technical and interface specifications;
(d) a plan with allocated resources to handover code and design to new
development and test teams (this should include architectural design and
code ‘walk-through’);
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 287 of 329 Confidential & Proprietary
(e) Source Code and supporting documentation for testing framework tool and
performance tool;
(f) test director database;
(g) test results for the latest full runs of the testing framework tool and
performance tool on each environment; and
10. Transfer of Documentation
10.1 6 (six) months prior to expiry or within 2 (two) weeks of notice of termination of
this Agreement Service Provider shall deliver to the Bank a full, accurate and up-
to date set of Documentation that relates to any element of the Services as defined
in Annexure A.
11. Transfer of Service Management Process
11.1 6 (six) months prior to expiry or within 2 (two) weeks of notice of termination of
this Agreement Service Provider shall deliver to the Bank:
(a) a plan for the handover and continuous delivery of the Service Desk function
and allocate the required resources;
(b) full and up to date, both historical and outstanding Service Desk ticket data
including, but not limited to:
(1) Incidents;
(2) Problems;
(3) Service Requests;
(4) Changes;
(5) Service Level reporting data;
(c) a list and topology of all tools and products associated with the provision of
the Software and the Services;
(d) full content of Software builds and server configuration details for Software
deployment and management; and
(e) monitoring Software tools and configuration.
12. Transfer of Knowledge Base
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 288 of 329 Confidential & Proprietary
12.1 6 (six) months prior to expiry or within 2 (two) week of notice of termination of
this Agreement Service Provider shall deliver to the Bank a full, accurate and up
to date cut of content from the knowledge base (or equivalent) used to
troubleshoot issues arising with the Services but shall not be required to provide
information or material which Service Provider may not disclose as a matter of
law.
13. Transfer of Service Structure
13.1 6 (six) months prior to expiry or within 2 (two) weeks’ notice of termination of
this Agreement Service Provider shall deliver to the Bank a full, accurate and up
to date version of the following, as a minimum:
(a) archive of records including:
(1) Questionnaire Packs;
(2) project plans and sign off;
(3) Acceptance Criteria; and
(4) Post Implementation Reviews.
(b) programme plan of all work in progress currently accepted and those in
progress;
(c) latest version of documentation set;
(d) Source Code (if appropriate) and all documentation to support the services
build tool with any documentation for ‘workarounds’ that have taken place;
(e) Source Code, application architecture documentation/diagram and other
documentation;
(f) Source Code, application architecture documentation/diagram and other
documentation for Helpdesk; and
(g) project plan and resource required to hand Service Structure capability over
to the new team.
14. Transfer of Data
14.1 In the event of expiry or termination of this Agreement Service Provider shall
cease to use the Bank’s Data and, at the request of the Bank, shall destroy all
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 289 of 329 Confidential & Proprietary
such copies of the Bank’s Data then in its possession to the extent specified by
the Bank.
14.2 Except where, pursuant to paragraph 14.1 above, the Bank has instructed Service
Provider to destroy such Bank’s Data as is held and controlled by Service
Provider, 1 (one) months prior to expiry or within 1 (one) month of termination
of this Agreement, Service Provider shall deliver to the Bank:
(1) An inventory of the Bank’s Data held and controlled by Service Provider,
plus any other data required to support the Services; and/or
(2) a draft plan for the transfer of the Bank’s Data held and controlled by
Service Provider and any other available data to be transferred.
15. Training Services on Transfer
15.1 Service Provider shall comply with the Bank’s reasonable request to assist in the
identification and specification of any training requirements following expiry or
termination. The purpose of such training shall be to enable the Bank or a
Replacement SERVICE PROVIDER to adopt, integrate and utilize the Data and
Assets transferred and to deliver an equivalent service to that previously
provided by Service Provider.
15.2 The provision of any training services and/or deliverables and the charges for
such services and/or deliverables shall be agreed between the parties.
15.3 Subject to paragraph 15.2 above, Service Provider shall produce for the Bank’s
consideration and approval 6 (six) months prior to expiry or within 10 (ten)
working days of issue of notice of termination:
(1) A training strategy, which details the required courses and their objectives;
(2) Training materials (including assessment criteria); and
(3) a training plan of the required training events.
15.4 Subject to paragraph 15.2 above, Service Provider shall schedule all necessary
resources to fulfil the training plan, and deliver the training as agreed with the
Bank.
15.5 SERVICE PROVIDER shall provide training courses on operation of licensed
/open source Software product at Bank’s ________Premises, at such times,
during business hours as Bank may reasonably request. Each training course will
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 290 of 329 Confidential & Proprietary
last for ________hours. Bank may enroll up to ________ of its staff or ________
employees of the new/replacement service provider in any training course, and
Service Provider shall provide a hard copy of the Product (licensed or open
sourced) standard training manual for each enrollee. Each training course will be
taught by a technical expert with no fewer than _______ years of experience in
operating _______Software system. SERVICE PROVIDER shall provide the
_______ training without any additional charges.
16. Transfer Support Activities
16.1 6 (six) months prior to expiry or within 10 (ten) Working Days of issue of notice
of termination, Service Provider shall assist the Bank or Replacement SERVICE
PROVIDER to develop a viable exit transition plan which shall contain details
of the tasks and responsibilities required to enable the transition from the
Services provided under this Agreement to the Replacement SERVICE
PROVIDER or the Bank, as the case may be.
16.2 The exit transition plan shall be in a format to be agreed with the Bank and shall
include, but not be limited to:
(1) a timetable of events;
(2) resources;
(3) assumptions;
(4) activities;
(5) responsibilities; and
(6) risks.
16.3 Service Provider shall supply to the Bank or a Replacement SERVICE
PROVIDER specific materials including but not limited to:
(a) Change Request log;
(b) entire back-up history; and
(c) dump of database contents including the Asset Register, problem
management system and operating procedures. For the avoidance of doubt
this shall not include proprietary Software tools of Service Provider which
are used for project management purposes generally within Service
Provider's business.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 291 of 329 Confidential & Proprietary
16.4 Service Provider shall supply to the Bank or a Replacement SERVICE
PROVIDER proposals for the retention of Key Personnel for the duration of the
transition period.
16.5 On the date of expiry Service Provider shall provide to the Bank refreshed
versions of the materials required under paragraph 16.3 above which shall
reflect the position as at the date of expiry.
16.6 Service Provider shall provide to the Bank or to any Replacement SERVICE
PROVIDER within 14 (fourteen) Working Days of expiry or termination a full
and complete copy of the Incident log book and all associated documentation
recorded by Service Provider till the date of expiry or termination.
16.7 Service Provider shall provide for the approval of the Bank a draft plan to
transfer or complete work-in-progress at the date of expiry or termination.
17. Use of Bank Premises
17.1 Prior to expiry or on notice of termination of this Agreement, Service Provider
shall provide for the approval of the Bank a draft plan specifying the necessary
steps to be taken by both Service Provider and the Bank to ensure that the
Bank’s Premises are vacated by Service Provider.
17.2 Unless otherwise agreed, Service Provider shall be responsible for all costs
associated with Service Provider’s vacation of the Bank’s Premises, removal of
equipment and furnishings, redeployment of SERVICE PROVIDER Personnel,
termination of arrangements with Subcontractors and service contractors and
restoration of the Bank Premises to their original condition (subject to a
reasonable allowance for wear and tear).
____________________________XXXXX____________________________
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 292 of 329 Confidential & Proprietary
Appendix -L
NON-DISCLOSURE AGREEMENT
THIS RECIPROCAL NON-DISCLOSURE AGREEMENT (the “Agreement”) is made at
___________ between:
State Bank of India constituted under the State Bank of India Act, 1955 having its Corporate
Centre and Central Office at State Bank Bhavan, Madame Cama Road, Nariman Point,
Mumbai-21 and its Global IT Centre at Sector-11, CBD Belapur, Navi Mumbai- 400614
through its _________________ Department (hereinafter referred to as “Bank” which
expression includes its successors and assigns) of the ONE PART;
And
____________________________________ a private/public limited company/LLP/Firm
<strike off whichever is not applicable> incorporated under the provisions of the
Companies Act, 1956/ Limited Liability Partnership Act 2008/ Indian Partnership Act 1932
<strike off whichever is not applicable>, having its registered office at
_________________ (hereinafter referred to as “_________” which expression shall
unless repugnant to the subject or context thereof, shall mean and include its successors
and permitted assigns) of the OTHER PART;
And Whereas
1. _________________________________________ is carrying on business of providing
_________________________________, has agreed to __________________________
for the Bank and other related tasks.
2. For purposes of advancing their business relationship, the parties would need to
disclose certain valuable confidential information to each other (the Party receiving the
information being referred to as the “Receiving Party” and the Party disclosing the
information being referred to as the “Disclosing Party. Therefore, in consideration of
covenants and agreements contained herein for the mutual disclosure of confidential
information to each other, and intending to be legally bound, the parties agree to terms and
conditions as set out hereunder.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 293 of 329 Confidential & Proprietary
NOW IT IS HEREBY AGREED BY AND BETWEEN THE PARTIES AS UNDER
1. Confidential Information and Confidential Materials:
(a) “Confidential Information” means non-public information that Disclosing Party
designates as being confidential or which, under the circumstances surrounding
disclosure ought to be treated as confidential. “Confidential Information” includes,
without limitation, information relating to developed, installed or purchased
Disclosing Party Software or hardware products, the information relating to general
architecture of Disclosing Party’s network, information relating to nature and
content of data stored within network or in any other storage media, Disclosing
Party’s business policies, practices, methodology, policy design delivery, and
information received from others that Disclosing Party is obligated to treat as
confidential. Confidential Information disclosed to Receiving Party by any
Disclosing Party Subsidiary and/ or agents is covered by this agreement
(b) Confidential Information shall not include any information that: (i) is or
subsequently becomes publicly available without Receiving Party’s breach of any
obligation owed to Disclosing party; (ii) becomes known to Receiving Party free
from any confidentiality obligations prior to Disclosing Party’s disclosure of such
information to Receiving Party; (iii) became known to Receiving Party from a source
other than Disclosing Party other than by the breach of an obligation of
confidentiality owed to Disclosing Party and without confidentiality restrictions on
use and disclosure; or (iv) is independently developed by Receiving Party.
(c) “Confidential Materials” shall mean all tangible materials containing Confidential
Information, including without limitation written or printed documents and computer
disks or tapes, whether machine or user readable.
2. Restrictions
(a) Each party shall treat as confidential the Contract and any and all information
(“confidential information”) obtained from the other pursuant to the Contract and
shall not divulge such information to any person (except to such party’s “Covered
Person” which term shall mean employees, contingent workers and professional
advisers of a party who need to know the same) without the other party’s written
consent provided that this clause shall not extend to information which was rightfully
in the possession of such party prior to the commencement of the negotiations
leading to the Contract, which is already public knowledge or becomes so at a future
date (otherwise than as a result of a breach of this clause). Receiving Party will have
executed or shall execute appropriate written agreements with Covered Person,
sufficient to enable it to comply with all the provisions of this Agreement. If the
Service Provider appoints any Sub-Contractor (if allowed) then the Service Provider
may disclose confidential information to such Sub-Contractor subject to such Sub
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 294 of 329 Confidential & Proprietary
Contractor giving the Bank an undertaking in similar terms to the provisions of this
clause. Any breach of this Agreement by Receiving Party’s Covered Person or Sub-
Contractor shall also be constructed a breach of this Agreement by Receiving Party.
(b) Receiving Party may disclose Confidential Information in accordance with judicial
or other governmental order to the intended recipients (as detailed in this clause),
provided Receiving Party shall give Disclosing Party reasonable notice (provided
not restricted by applicable laws) prior to such disclosure and shall comply with any
applicable protective order or equivalent. The intended recipients for this purpose
are:
i. the statutory auditors of the either party and
ii. government or regulatory authorities regulating the affairs of the parties and
inspectors and supervisory bodies thereof
(c) Confidential Information and Confidential Material may be disclosed, reproduced,
summarized or distributed only in pursuance of Receiving Party’s business
relationship with Disclosing Party, and only as otherwise provided hereunder.
Receiving Party agrees to segregate all such Confidential Material from the
confidential material of others in order to prevent mixing.
3. Rights and Remedies
(a) Receiving Party shall notify Disclosing Party immediately upon discovery of any
unauthorized used or disclosure of Confidential Information and/ or Confidential
Materials, or any other breach of this Agreement by Receiving Party, and will
cooperate with Disclosing Party in every reasonable way to help Disclosing Party
regain possession of the Confidential Information and/ or Confidential Materials and
prevent its further unauthorized use.
(b) Receiving Party shall return all originals, copies, reproductions and summaries of
Confidential Information or Confidential Materials at Disclosing Party’s request, or
at Disclosing Party’s option, certify destruction of the same.
(c) Receiving Party acknowledges that monetary damages may not be the only and / or
a sufficient remedy for unauthorized disclosure of Confidential Information and that
disclosing party shall be entitled, without waiving any other rights or remedies
(including but not limited to as listed below), to injunctive or equitable relief as may
be deemed proper by a Court of competent jurisdiction.
i. Suspension of access privileges
ii. Change of personnel assigned to the job
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 295 of 329 Confidential & Proprietary
iii. Termination of contract
(d) Disclosing Party may visit Receiving Party’s premises, with reasonable prior notice
and during normal business hours, to review Receiving Party’s compliance with the
term of this Agreement.
4. Miscellaneous
(a) All Confidential Information and Confidential Materials are and shall remain the
sole and of Disclosing Party. By disclosing information to Receiving Party,
Disclosing Party does not grant any expressed or implied right to Receiving Party to
disclose information under the Disclosing Party’s patents, copyrights, trademarks, or
trade secret information.
(b) Confidential Information made available is provided “As Is,” and disclosing party
disclaims all representations, conditions and warranties, express or implied,
including, without limitation, representations, conditions or warranties of accuracy,
completeness, performance, fitness for a particular purpose, satisfactory quality and
merchantability provided same shall not be construed to include fraud or wilful
default of disclosing party.
(c) Neither party grants to the other party any license, by implication or otherwise, to
use the Confidential Information, other than for the limited purpose of evaluating or
advancing a business relationship between the parties, or any license rights
whatsoever in any patent, copyright or other intellectual property rights pertaining
to the Confidential Information.
(d) The terms of Confidentiality under this Agreement shall not be construed to limit
either party’s right to independently develop or acquire product without use of the
other party’s Confidential Information. Further, either party shall be free to use for
any purpose the residuals resulting from access to or work with such Confidential
Information, provided that such party shall maintain the confidentiality of the
Confidential Information as provided herein. The term “residuals” means
information in non-tangible form, which may be retained by person who has had
access to the Confidential Information, including ideas, concepts, know-how or
techniques contained therein. Neither party shall have any obligation to limit or
restrict the assignment of such persons or to pay royalties for any work resulting
from the use of residuals. However, the foregoing shall not be deemed to grant to
either party a license under the other party’s copyrights or patents.
(e) This Agreement constitutes the entire agreement between the parties with respect to
the subject matter hereof. It shall not be modified except by a written agreement
dated subsequently to the date of this Agreement and signed by both parties. None
of the provisions of this Agreement shall be deemed to have been waived by any act
or acquiescence on the part of Disclosing Party, its agents, or employees, except by
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 296 of 329 Confidential & Proprietary
an instrument in writing signed by an authorized officer of Disclosing Party. No
waiver of any provision of this Agreement shall constitute a waiver of any other
provision(s) or of the same provision on another occasion.
(f) In case of any dispute, both the parties agree for neutral third party arbitration. Such
arbitrator will be jointly selected by the two parties and he/she may be an auditor,
lawyer, consultant or any other person of trust. The said proceedings shall be
conducted in English language at Mumbai and in accordance with the provisions of
Indian Arbitration and Conciliation Act 1996 or any Amendments or Re-enactments
thereto. Nothing in this clause prevents a party from having recourse to a court of
competent jurisdiction for the sole purpose of seeking a preliminary injunction or
any other provisional judicial relief it considers necessary to avoid irreparable
damage. This Agreement shall be governed by and construed in accordance with the
laws of Republic of India. Each Party hereby irrevocably submits to the exclusive
jurisdiction of the courts of Mumbai.
(g) Subject to the limitations set forth in this Agreement, this Agreement will inure to
the benefit of and be binding upon the parties, their successors and assigns.
(h) If any provision of this Agreement shall be held by a court of competent jurisdiction
to be illegal, invalid or unenforceable, the remaining provisions shall remain in full
force and effect.
(i) The Agreement shall be effective from _______ ("Effective Date”) and shall be valid
for a period of ________ year(s) thereafter (the "Agreement Term"). The foregoing
obligations as to confidentiality shall survive the term of this Agreement and for a
period of five (5) years thereafter provided confidentiality obligations with respect
to individually identifiable information, customer’s data of Parties or Software in
human-readable form (e.g., source code) shall survive in perpetuity.
5. Suggestions and Feedback
Either party from time to time may provide suggestions, comments or other
feedback to the other party with respect to Confidential Information provided
originally by the other party (hereinafter “feedback”). Both party agree that all
Feedback is and shall be entirely voluntary and shall not in absence of separate
agreement, create any confidentially obligation for the receiving party. However,
the Receiving Party shall not disclose the source of any feedback without the
providing party’s consent. Feedback shall be clearly designated as such and, except
as otherwise provided herein, each party shall be free to disclose and use such
Feedback as it sees fit, entirely without obligation of any kind to other party. The
foregoing shall not, however, affect either party’s obligations hereunder with
respect to Confidential Information of other party.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 297 of 329 Confidential & Proprietary
Dated this __________ day of _______ (Month) 20__ at __________(place)
For and on behalf of ___________________________
Name
Designation
Place
Signature
For and on behalf of ___________________________
Name
Designation
Place
Signature
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 298 of 329 Confidential & Proprietary
Appendix-M
Pre-Bid Query Format
(To be provide strictly in Excel format)
Vendor
Name
Sl.
No
RFP
Page No
RFP
Clause
No.
Existing
Clause
Query Suggested
clause
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 299 of 329 Confidential & Proprietary
Appendix-N
Format for Submission of Client References
To whosoever it may concern
Particulars Details
Client Information
Client Name
Client address
Name of the contact person and designation
Phone number of the contact person
Official e-mail address of the contact person
Project Details
Name of the Project
Start Date
End Date
Current Status (In Progress / Completed)
Size of Project
Value of Work Order (In Lakh) (only single work
order)
Name & Signature of authorised signatory
Seal of Company
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 300 of 329 Confidential & Proprietary
Appendix-O
PRE CONTRACT INTEGRITY PACT
(TO BE STAMPED AS AN AGREEMENT)
General
This pre-Bid pre-contract Agreement (hereinafter called the Integrity Pact) is made
on _____ day of the month of 201 , between, on the one hand, the State
Bank of India a body corporate incorporated under the State Bank of India Act, 1955
having its Corporate Centre at State Bank Bhavan, Nariman Point, Mumbai through its
________ ____________________ Department / Office at Global IT Center at CBD
Belapur, 400614,
(hereinafter called the "BUYER", which expression shall mean and include, unless the
context otherwise requires, its successors) of the First Part
And
M/s____________________ represented by Shri________________, Chief Executive
Officer/ Authorised signatory (hereinafter called the "BIDDER/Seller which expression
shall mean and include, unless the context otherwise requires, its / his successors and
permitted assigns of the Second Part.
WHEREAS the BUYER proposes to procure (Name of the Stores/Equipment/Item) and
the BIDDER/Seller is willing to offer/has offered the stores and
WHEREAS the BIDDER is a private company/public company/Government
undertaking/partnership/registered export agency, constituted in accordance with the
relevant law in the matter and the BUYER is an Office / Department of State Bank of
India performing its functions on behalf of State Bank of India.
NOW, THEREFORE,
To avoid all forms of corruption by following a system that is fair, transparent and free
from any influence/prejudiced dealings prior to, during and subsequent to the currency
of the contract to be entered into with a view to :
➢ Enabling the BUYER to obtain the desired service / product at a competitive price
in conformity with the defined specifications by avoiding the high cost and the
distortionary impact of corruption on public procurement; and
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 301 of 329 Confidential & Proprietary
➢ Enabling BIDDERs to abstain from bribing or indulging in any corrupt practice
in order to secure the contract by providing assurance to them that their competitors
will also abstain from bribing and other corrupt practices and the BUYER will
commit to prevent corruption, in any farm, by its officials by following
transparent procedures.
The parties hereto hereby agree to enter into this Integrity Pact and agree as follows:
1. Commitments of the BUYER
1.1 The BUYER undertakes that no official of the BUYER, connected directly or
indirectly with the contract, will demand, take a promise for or accept, directly
or through intermediaries, any bribe, consideration, gift, reward, favour or any
material or immaterial benefit or any other advantage from the BIDDER, either
for themselves or for any person, organisation or third party related to the contract
in exchange for an advantage in the bidding process, Bid evaluation, contracting
or implementation process related to the contract.
1.2 The BUYER will, during the pre-contract stage, treat all BIDDERs alike, and
will provide to all BIDDERs the same information and will not provide any such
information to any particular BIDDER which could afford an advantage to that
particular BIDDER in comparison to other B1DDERs.
1.3 All the officials of the BUYER will report to the appropriate authority any
attempted or completed breaches of the above commitments as well as any
substantial suspicion of such a breach.
1.4 In case any such preceding misconduct on the part of such official(s) is
reported by the BIDDER to the BUYER with full and verifiable facts and the
same is prima facie found to be correct by the BUYER, necessary disciplinary
proceedings, or any other action as deemed fit, including criminal proceedings
may be initiated by the BUYER and such a person shall be debarred from further
dealings related to the contract process. In such a case while an enquiry is being
conducted by the BUYER the proceedings under the contract would not be
stalled.
2. Commitments of BIDDERs
2.1 The BIDDER commits itself to take all measures necessary to prevent corrupt
practices, unfair means and illegal activities during any stage of its Bid or during
any pre-contract or post-contract stage in order to secure the contract or in
furtherance to secure it and in particular commit itself to the following:
2. 2 The BIDDER will not offer, directly or through intermediaries, any bribe, gift,
consideration, reward, favour, any material or immaterial benefit or other
advantage, commission, fees, brokerage or inducement to any official of the
BUYER, connected directly or indirectly with the bidding process, or to any
person, organisation or third party related to the contract in exchange for any
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 302 of 329 Confidential & Proprietary
advantage in the bidding, evaluation, contracting and implementation of the
contract.
2.3 The BIDDER further undertakes that it has not given, offered or promised to give,
directly or indirectly any bribe, gift, consideration, reward, favour, any material or
immaterial benefit or other advantage, commission, fees, brokerage or inducement
to any official of the BUYER or otherwise in procuring the Contract or forbearing
to do or having done any act in relation to the obtaining or execution of the contract
or any other contract with State Bank of India for showing or forbearing to show
favour or disfavour to any person in relation to the contract or any other contract
with State Bank of India.
2.4 Wherever applicable, the BIDDER shall disclose the name and address of agents
and representatives permitted by the Bid documents and Indian BIDDERs shall
disclose their foreign principals or associates, if any.
2.5 The BIDDER confirms and declares that they have not made any payments to any
agents/brokers or any other intermediary, in connection with this Bid/contract.
2.6 The BIDDER further confirms and declares to the BUYER that the BIDDER is the
original vendors or service providers in respect of product / service covered in the
Bid documents and the BIDDER has not engaged any individual or firm or
company whether Indian or foreign to intercede, facilitate or in any way to
recommend to the BUYER or any of its functionaries, whether officially or
unofficially to the award of the contract to the BIDDER, nor has any amount been
paid, promised or intended to be paid to any such individual, firm or company in
respect of any such intercession, facilitation or recommendation.
2.7 The BIDDER, at the earliest available opportunity, i.e. either while presenting the
Bid or during pre-contract negotiations and in any case before opening the
financial Bid and before signing the contract, shall disclose any payments he has
made, is committed to or intends to make to officials of the BUYER or their family
members, agents, brokers or any other intermediaries in connection with the
contract and the details of services agreed upon for such payments.
2.8 The BIDDER will not collude with other parties interested in the contract to
impair the transparency, fairness and progress of the bidding process, Bid
evaluation, contracting and implementation of the contract.
2.9 The BIDDER will not accept any advantage in exchange for any corrupt
practice, unfair means and illegal activities.
2.10 The BIDDER shall not use improperly, for purposes of competition or personal
gain, or pass. on 'to° others, any -information provided by the BUYER as part of
the business relationship, regarding plans, technical proposals and business
details, including information contained in any electronic data carrier. The
BIDDER also undertakes to exercise due and adequate care lest any such
information is divulged.
2.11 The BIDDER commits to refrain from giving any complaint directly or through any
other manner without supporting it with full and verifiable facts.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 303 of 329 Confidential & Proprietary
2.12 The BIDDER shall not instigate or cause to instigate any third person to commit
any of the actions mentioned above.
2.13 If the BIDDER or any employee of the BIDDER or any person acting on behalf of
the BIDDER, either directly or indirectly, is a relative of any of the officers of the
BUYER, or alternatively, if any relative of an officer of the BUYER has financial
Interest/stake in the BIDDER's firm, the same shall be disclosed by the BIDDER
at the time of filing of tender. The term 'relative' for this purpose would be as
defined in Section 6 of the Companies Act 1956.
2.14 The BIDDER shall not lend to or borrow any money from or enter into any
monetary dealings or transactions, directly or indirectly, with any employee of the
BUYER.
3. Previous Transgression
3.1 The BIDDER declares that no previous transgression occurred in the last three
years immediately before signing of this Integrity Pact, with any other company
in any country in respect of any corrupt practices envisaged hereunder or with
any Public Sector Enterprise / Public Sector Banks in India or any Government
Department in India or RBI that could justify BIDDER's exclusion from the
tender process.
3.2 The BIDDER agrees that if it makes incorrect statement on this subject, BIDDER
can be disqualified from the tender process or the contract, if already awarded,
can be terminated for such reason.
4. Earnest Money (Security Deposit)
4.1 While submitting commercial Bid, the BIDDER shall deposit an amount
(specified in RFP) as Earnest Money/Security Deposit, with the BUYER through
any of the mode mentioned in the RFP / Bid document and no such mode is
specified, by a Bank Draft or a Pay Order in favour of State Bank of India from
any Bank including SBI . However payment of any such amount by way of Bank
Guarantee, if so permitted as per Bid documents / RFP should be from any
Scheduled Commercial Bank other than SBI and promising payment of the
guaranteed sum to the BUYER on demand within three working days without
any demur whatsoever and without seeking any reasons whatsoever. The demand
for payment by the BUYER shall be treated as conclusive proof for making such
payment to the BUYER.
4.2 Unless otherwise stipulated in the Bid document / RFP, the Earnest Money/Security
Deposit shall be valid upto a period of five years or the complete conclusion of the
contractual obligations to the complete satisfaction of both the BIDDER and the
BUYER, including warranty period, whichever is later.
4.3 In case of the successful BIDDER a clause would also be incorporated in the
Article pertaining to Performance Bond in the Purchase Contract that the
provisions of Sanctions for Violation shall be applicable for forfeiture of
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 304 of 329 Confidential & Proprietary
Performance Bond in case of a decision by the BUYER to forfeit the same-
without assigning any reason for imposing sanction for violation of this Pact.
4.4 No interest shall be payable by the BUYER to the BIDDER on Earnest
Money/Security Deposit for the period of its currency.
5. Sanctions for Violations
5.1 Any breach of the aforesaid provisions by the BIDDER or any one employed by
it or acting on its behalf (whether with or without the knowledge of the BIDDER)
shall entitle the BUYER to take all or any one of the following actions, wherever
required:
(i) To immediately call off the pre contract negotiations without assigning any
reason and without giving any compensation to the BIDDER. However, the
proceedings with the other BIDDER(s) would continue, unless the BUYER
desires to drop the entire process.
(ii) The Earnest Money Deposit (in pre-contract stage) and/or Security
Deposit/Performance Bond (after the contract is signed) shall stand forfeited
either fully or partially, as decided by the BUYER and the BUYER shall not be
required to assign any reason therefore.
(iii) To immediately cancel the contract, if already signed, without
giving any compensation to the BIDDER.
(iv) To recover all sums already paid by the BUYER, and in case of an Indian
BIDDER with interest thereon at 2% higher than the prevailing Base Rate of State
Bank of India, while in case of a BIDDER from a country other than India with
interest thereon at 2% higher than the LIBOR. If any outstanding payment is due
to the BIDDER from the BUYER in connection with any other contract for any
other stores, such outstanding could also be utilized to recover the aforesaid sum
and interest.
(v) To encash the advance Bank guarantee and performance bond/warranty bond, if
furnished by the BIDDER, in order to recover the payments, already made by the
BUYER, along with interest.
(vi) To cancel all or any other Contracts with the BIDDER. The BIDDER shall be
liable to pay compensation for any loss or damage to the BUYER resulting from
such cancellation/rescission and the BUYER shall be entitled to deduct the
amount so payable from the money(s) due to the BIDDER.
(vii) To debar the BIDDER from participating in future bidding processes of the
BUYER or any of its Subsidiaries for a minimum period of five years, which may
be further extended at the discretion of the BUYER.
(viii) To recover all sums paid, in violation of this Pact, by BIDDER(s) to any
middleman or agent or broker with a view to securing the contract.
(ix) Forfeiture of Performance Bond in case of a decision by the BUYER to forfeit
the same without assigning any reason for imposing sanction for violation of this
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 305 of 329 Confidential & Proprietary
Pact.
(x) Intimate to the CVC, IBA, RBI, as the BUYER deemed fit the details of such
events for appropriate action by such authorities.
5.2 The BUYER will be entitled to take all or any of the actions mentioned at para
5.1(i) to (x) of this Pact also on the Commission by the BIDDER or any one
employed by it or acting on its behalf (whether with or without the knowledge of
the BIDDER), of an offence as defined in Chapter IX of the Indian Penal code,
1860 or Prevention of Corruption Act, 1988 or any other statute enacted for
prevention of corruption.
5.3 The decision of the BUYER to the effect that a breach of the provisions of this
Pact has been committed by the BIDDER shall be final and conclusive on the
BIDDER. However, the BIDDER can approach the Independent Monitor(s)
appointed for the purposes of this Pact.
6. Fall Clause
The BIDDER undertakes that it has not supplied/is not supplying similar
product/systems or subsystems at a price lower than that offered in the present
Bid in respect of any other Ministry/Department of the Government of India or
PSU or any other Bank and if it is found at any stage that similar product/systems
or sub systems was supplied by the BIDDER to any other Ministry/Department
of the Government of India or a PSU or a Bank at a lower price, then that very
price, with due allowance for elapsed time, will be applicable to the present case
and the difference in the cost would be refunded by the BIDDER to the BUYER,
if the contract has already been concluded.
7. Independent Monitors
7.1 The BUYER has appointed Independent Monitors (hereinafter referred to as
Monitors) for this Pact in consultation with the Central Vigilance Commission
(Names and Addresses of the Monitors to be given).
NAME SHRI K. CHANDRAHAS DR. PARVEZ HAYAT
CADRE IRS (Retd) IPS (Retd)
ADDRESS G-1, Reliance Homes,
8-2-547/R, Road No. 7,
Banjara Hills,
Hyderabad - 500034
B-4/69-A
Safdarjung Enclave,
New Delhi- 110029
e-mail ID [email protected] [email protected]
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 306 of 329 Confidential & Proprietary
7.2 The task of the Monitors shall be to review independently and objectively,
whether and to what extent the parties comply with the obligations under this Pact.
7.3 The Monitors shall not be subjected to instructions by the representatives of the
parties and perform their functions neutrally and independently.
7.4 Both the parties accept that the Monitors have the right to access all the
documents relating to the project/procurement, including minutes of meetings.
Parties signing this Pact shall not approach the Courts while representing the
matters to Independent External Monitors and he/she will await their decision in
the matter.
7.5 As soon as the Monitor notices, or has reason to believe, a violation of
this Pact, he will so inform the Authority designated by the BUYER.
7.6 The BIDDER(s) accepts that the Monitor has the right to access without
restriction to all Project documentation of the BUYER including that provided
by the BIDDER. The BIDDER will also grant the Monitor, upon his request and
demonstration of a valid interest, unrestricted and unconditional access to his
project documentation. The same is applicable to Subcontractors. The Monitor
shall be under contractual obligation to treat the information and documents of
the BIDDER/Subcontractor(s) with confidentiality.
7.7 The BUYER will provide to the Monitor sufficient information about all
meetings among the parties related to the Project provided such meetings could
have an impact on the contractual relations between the parties. The parties will
offer to the Monitor the option to participate in such meetings.
7.8 The Monitor will submit a written report to the designated Authority of
BUYER/Secretary in the Department/ within 8 to 10 weeks from the date of
reference or intimation to him by the BUYER / BIDDER and, should the occasion
arise, submit proposals for correcting problematic situations.
8. Facilitation of Investigation
In case of any allegation of violation of any provisions of this Pact or payment of
commission, the BUYER or its agencies shall be entitled to examine all the
documents including the Books of Accounts of the BIDDER and the BIDDER
shall provide necessary information and documents in English and shall extend
all possible help for the purpose of such examination.
9. Law and Place of Jurisdiction
This Pact is subject to Indian Law. The place of performance and jurisdiction is
the seat of the BUYER.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 307 of 329 Confidential & Proprietary
10. Other Legal Actions
The actions stipulated in this Integrity Pact are without prejudice to any other
legal action that may follow in accordance with the provisions of the extant law
in force relating to any civil or criminal proceedings.
11. Validity
11.1 The validity of this Integrity Pact shall be from date of its signing and extend
upto 5 years or the complete execution of the contract to the satisfaction of both
the BUYER and the BIDDER/Seller, including warranty period, whichever is
later. In case BIDDER is unsuccessful, this Integrity Pact shall expire after six
months from the date of the signing of the contract, with the successful Bidder
by the BUYER.
11.2 Should one or several provisions of this Pact turn out to be invalid; the remainder
of this Pact shall remain valid. In this case, the parties will strive to come to an
agreement to their original intentions.
12. The parties hereby sign this Integrity Pact at _____ on ___________
For BUYER For BIDDER
Name of the Officer. Chief Executive Officer/
Designation Authorised Signatory
Office / Department / Branch Designation
State Bank of India.
Witness Witness
1
1.
2
2.
Note: This agreement will require stamp duty as applicable in the State where it is
executed or stamp duty payable as per Maharashtra Stamp Act, whichever is
higher.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 308 of 329 Confidential & Proprietary
Appendix-P
FORMAT FOR EMD BANK GUARANTEE
To:
Deputy General Manager,
Networking & Communication Dept.,
State Bank Global IT Centre,
First Floor, D Wing, Sector 11,
CBD Belapur, Navi Mumbai-400614
EMD BANK GUARANTEE FOR
ENGAGEMENT OF NETWORK INTEGRATOR (NI) & SETTING UP OF NEXT
GENERATION NETWORK OPERATIONS CENTRE (NOC) TO STATE BANK
OF INDIA TO MEET SUCH REQUIRMENT AND PROVIDE SUCH SERVICES
AND SOLUTIONS (HARDWARE & SOFTWARE) AS ARE SET OUT IN THE
RFP NO.SBI:xx:xx DATED dd/mm/yyyy
WHEREAS State Bank of India (SBI), having its Corporate Office at Nariman Point,
Mumbai, and Regional offices at other State capital cities in India has invited Request for
Proposal to develop, implement and support ________________(name of Solutions and
service) as are set out in the Request for Proposal SBI:xx:xx dated dd/mm/yyyy.
2. It is one of the terms of said Request for Proposal that the Bidder shall furnish a Bank
Guarantee for a sum of Rs._________/-(Rupees _____________________ only)
as Earnest Money Deposit.
3. M/s. ________________________, (hereinafter called as Bidder, who are our
constituents intends to submit their Bid for the said work and have requested us to furnish
guarantee in respect of the said sum of Rs.__________/-(Rupees _____________________
only)
4. NOW THIS GUARANTEE WITNESSETH THAT
We _____________________________ (Bank) do hereby agree with and undertake to the
State Bank of India, their Successors, assigns that in the event of the SBI coming to the
conclusion that the Bidder has not performed their obligations under the said conditions of
the RFP or have committed a breach thereof, which conclusion shall be binding on us as
well as the said Bidder, we shall on demand by the SBI, pay without demur to the SBI, a
sum of Rs.__________/- (Rupees _____________________ Only) that may be demanded
by SBI. Our guarantee shall be treated as equivalent to the Earnest Money Deposit for the
due performance of the obligations of the Bidder under the said conditions, provided,
however, that our liability against such sum shall not exceed the sum of Rs.__________/-
(Rupees _____________________ Only).
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 309 of 329 Confidential & Proprietary
5. We also agree to undertake to and confirm that the sum not exceeding Rs.__________/-
(Rupees _____________________ Only) as aforesaid shall be paid by us without any
demur or protest, merely on demand from the SBI on receipt of a notice in writing stating
the amount is due to them and we shall not ask for any further proof or evidence and the
notice from the SBI shall be conclusive and binding on us and shall not be questioned by
us in any respect or manner whatsoever. We undertake to pay the amount claimed by the
SBI, without protest or demur or without reference to Bidder and not-withstanding any
contestation or existence of any dispute whatsoever between Bidder and SBI, pay SBI
forthwith from the date of receipt of the notice as aforesaid. We confirm that our obligation
to the SBI under this guarantee shall be independent of the agreement or agreements or
other understandings between the SBI and the Bidder. This guarantee shall not be revoked
by us without prior consent in writing of the SBI.
6. We hereby further agree that –
a) Any forbearance or commission on the part of the SBI in enforcing the conditions
of the said agreement or in compliance with any of the terms and conditions
stipulated in the said Bid and/or hereunder or granting of any time or showing of
any indulgence by the SBI to the Bidder or any other matter in connection
therewith shall not discharge us in any way our obligation under this guarantee.
This guarantee shall be discharged only by the performance of the Bidder of their
obligations and in the event of their failure to do so, by payment by us of the sum
not exceeding Rs.__________/- (Rupees _____________________ Only)
b) Our liability under these presents shall not exceed the sum of Rs.__________/-
(Rupees _____________________ Only)
c) Our liability under this agreement shall not be affected by any infirmity or
irregularity on the part of our said constituents in tendering for the said work or
their obligations there under or by disSolution or change in the constitution of our
said constituents.
d) This guarantee shall remain in force upto 180 days provided that if so desired by
the SBI, this guarantee shall be renewed for a further period as may be indicated
by them on the same terms and conditions as contained herein.
e) Our liability under this presents will terminate unless these presents are renewed
as provided herein upto 180 days or on the day when our said constituents comply
with their obligations, as to which a certificate in writing by the SBI alone is the
conclusive proof, whichever date is earlier.
f) Unless a claim or suit or action is filed against us on or before____(date to be
filled by BG issuing bank), all the rights of the SBI against us under this guarantee
shall be forfeited and we shall be released and discharged from all our obligations
and liabilities hereunder.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 310 of 329 Confidential & Proprietary
g) This guarantee shall be governed by Indian Laws and the Courts in Mumbai, India
alone shall have the jurisdiction to try & entertain any dispute arising out of this
guarantee.
Notwithstanding anything contained hereinabove:
(a) Our liability under this Bank Guarantee shall not exceed Rs……….………/-
(Rupees …………………….only)
(b) This Bank Guarantee shall be valid upto ……………………….
(c) We are liable to pay the guaranteed amount or any part thereof under this Bank
Guarantee only and only if you serve upon us a written claim or demand on or before
……………………
Yours faithfully,
For and on behalf of
_______________________________
Authorized official of the bank
(Note: This guarantee will require stamp duty as applicable in the State where it is executed
and shall be signed by the official(s) whose signature and authority shall be verified)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 311 of 329 Confidential & Proprietary
Appendix-Q
MINIMUM RESOURCE REQUIREMENT
Table-1:
The breakup of resources between operational delivery streams is indicated below:
Role NOC 1 +
NOC 2
All
DCs NW&C LHOs AO
RBO+
Imp Brs Total
Service Desk 42 - - - - - 42
Field Engg. - - - 85 90 574 749
L1 Engineers 30 22 33 - - - 85
L2 Engineers 36 - 15 - - - 51
L3 (R&S)
42 - 16 - - - 58 L3 Security
***L3 Others (NW,
D&C, QA)
$$ Mgr-Ops, DC,
AM, TSP Mgmt 4 - 14 17 - - 35
Project Manager - - 4 - - - 4
Engagement
Managers 2 - 1 - - - 3
System Engineer/
Administrator 4 4
TOTAL 160 22 83 102 90 574 1031
(***Network Design, Compliance & Quality Assurance) $$ Manager-Operations, Data
Centre, Asset Management, TSP Management).
Note: The number of resources mentioned against each location is tentative. The resources
can be readjusted anywhere as per Bank’s requirement.
Above number of resources also includes:
Category L1 L2 L3 Manager
Proxy 12 3 1
1
DNS 3 1 1
NTP 3 1 -
NSPM 3 2 1
NAC** 12 4 1
Other existing Solution
in the RFP 6 3 -
Security and
Compliance 1 1
Note:
➢ There shall be at least one NI resource representing as a Single Point of
Contact (SPOC) at each of the LHO.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 312 of 329 Confidential & Proprietary
➢ All the resources mentioned above are “dedicated” resources and shall work
only for SBI under this RFP/project.
➢ In addition to the above mentioned dedicated resources, the Bank shall also
require 40 non-dedicated resources for foreign offices to provide technical
support to the central team in troubleshooting or implementation of any new
Solution or revamping of the existing network architecture or for similar other
purposes. The payment in lieu of services availed by them shall be paid on a
per day basis (where one day shall be equivalent to 8-man hours). The cost of
same shall have to be specified by the bidders in the table provided in
Appendix-F.
TABLE-2: RESOURCE PROFILE DESCRIPTION
Sr No Designation Job Description
1 Engagement
Manager
1) Responsible for setting up direction for Program
management team, operation management team and
technical delivery team to carry out activities
2) Responsible for handling high level escalations
3) Responsible for smooth working of operations at all
the levels (NOC, GITC, DCs, LHOs, Zonal Offices,
Branches & Foreign Offices).
4)Primarily accountable for successful implementation
of the project, Act to remove critical project bottlenecks
5) Identification of working team members, project
management office members and team leads
6) Single point of contact for banks senior management
7) Be a part of steering committees set up by the Bank
for rollout of IT Projects, if so required by the Bank.
8) responsible to implement all requirement mentioned
in this RFP.
2 Project
Manager
1) Responsible for doing timely SLA Review and
meeting with the SBI stakeholders.
2) Responsible for Change management request
approvals
3) This team must be acting as consultants for SBI for
new technology adoption, effective use of technology
resources available at SBI.
4) Report on progress to PMO and the Bank.
5) Identify and report any risks to PMO and the Bank.
6) Seek advice from the PMO on mitigation measures
and deploy these at the respective SBI branches.
7) Must be responsible for carrying out regular service
improvement plans.
8) This team comprises of Network Design Team,
Implementation Team, and Integration Team which
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 313 of 329 Confidential & Proprietary
includes technical specialists, network engineers, team
leaders etc.
9) Responsible for establishing new or enhancement of
Data Centres.
10) Product implementation, which includes
deployment of new product into the network, solving
compatibility issues and configuring it.
11) Responsible for conducting proof of concept for
new technologies/devices to be implemented in the
Bank
3 Managers-
TSP
1) Follow up with service providers and other
stakeholders for provisioning, upgradation, degradation
and termination of the Link.
2) Responsible to coordinate with NOC to deploy the
link and update the link database.
3) Lifecycle Management of all the links in SBI network
including third party link owners and their users.
4) Decommissioning of links.
5)Invoice management from BSNL, MTNL and all
other TSP‟s.
6) Verification and Escalation for any payment related
discrepancy in relation to link database and SLA tools
with respective services provider.
4
Operations
Manager -
Data Center
1) Responsible for management of Devices & Link
Uptime.
2)Reviewing and ensuring monthly Preventative
Maintenance.
3) Responsible for Managing Escalation and resolving
issues on time with coordination of GSC and
application owners.
4) Coordination with different stakeholders and
execution of any change in the Data Centre(s), GITC
and its annex building Locations.
5) Data Centre link Upgradation and New deliveries.
6) Execution of task highlighted in Audit compliance.
7) Building LAN Management.
8) Coordination with client and Application team for
Major change activity in Data Centre for smooth DC
operation.
9) Responsible for implementation of standard cabling,
tagging etc in Data Centres.
10) Responsible to follow up with OEM, SI for RMA
and other activities.
11) Rendering support to Project Team to execute
operational project at Data Centres.
12) Ensuring no ticket remains unattended for more
than 15 minutes by NOC engineers.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 314 of 329 Confidential & Proprietary
5 Managers -
Compliance
1) Responsible for implementation of security
measures and achieving compliance for the Bank’s
Network. They will also responsible for timely closure
of IT audit observation and submission of reports and
periodic interval.
2) Responsible for gathering all the evidences required
for audits faced by the Bank
3) Responsible for Setting overall QA test strategy that
includes all various types of testing being performed
by the QA team
4) Responsible for resolving escalated issues and risks
with firm mitigation plans and escalate outstanding
issues if required
5) Responsible for identifying needs for implementing
new processes and analyse project trends to improve
and optimize existing processes. Ensure both new and
existing processes are being followed
6) Responsible for participating in the Business
Requirements Document (BRD) review and Functional
Design Document review meetings.
7) Responsible for performing any necessary follow-up
on requirements analysis, estimates, including re-
estimates, attendance at kick-off meetings, etc.
8) Responsible for ensuring testing commitments to
ensure the quality and compliance as stipulated in IT &
IT Policy, Procedure documents.
9) Play the role of verifier of
configuration/architectural changes by other teams
6 Managers-
Monitoring
1) Daily review with Field Team for the branches
isolated for more than 24 hrs.
2) Ensuring and reporting Quarterly PM of All
Branches
3) All the backlogs of ITSM Tickets to be cleared
4) Follow-up with field team to reduce BSNL isolated
cases
5) Follow-up with field team for the branches running
on backup
6) Follow-up with field team for the branches isolated
for more than 72 hours
7) Continue to removed merged and closed branches
from Monitoring.
8) PAN India follow-up to be continued to nullify the
pending remedy tickets.
9) Follow-up with Team to keep the incident tickets as
minimum as possible.
10) Follow-up with stake holder for faulty hardware
replacement.
11) Escalation handling
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 315 of 329 Confidential & Proprietary
12) Rendering support to Project Team to execute
operational project at LHOs and Branches
7 Managers -
Assets
1) Preparing and maintaining the network asset
inventory.
2) Responsible for sharing the asset inventory with the
Bank as and when updated or asked by the Bank.
3) Transportation of products from vendor/bidder’s
warehouse to the branch location.
4) Movement and transportation of devices from one
location to another.
5) Responsible for getting permission, insurance and
other requirement for asset movement and
transportation.
6) Responsible for sharing support details of devices
on periodic basis with the Bank.
7) Responsible to update the support details of devices
in asset inventory tool.
8 L3 Engineers
(NDC & QA)
1) Responsible to close all the IT audit observation and
submit evidences.
2) Responsible for gathering all the evidences required
for audits faced by the Bank
3) Responsible for Set the overall QA test strategy that
includes all the various types of testing being
performed by the QA team
4) Responsible for resolving escalated issues and risks
with firm mitigation plans and escalate outstanding
issues if required
5) Responsible for identifying needs for implementing
new processes and analyse project trends to improve
and optimize existing processes. Ensure both new and
existing processes are being followed
6) Responsible for participating in the Business
Requirements Document (BRD) review and Functional
Design Document review meetings.
7) Responsible for performing any necessary follow-up
on requirements analysis, estimates, including re-
estimates, attendance at kick-off meetings, etc.
8) Responsible for ensuring testing commitments
Ensure the quality and compliance as stipulated in IT
& IT Policy, Procedure documents
9) Play the role of verifier of
configuration/architectural changes by other teams
10) Responsible for implementation of security and
compliance recommendation as per Bank’s policies.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 316 of 329 Confidential & Proprietary
9 L3 Engineers
(IT Security)
1) Ensuring that all the audits findings are closed
within given time and providing proofs (that can be
shown to the auditor) to the Bank
2) Assisting the design team while designing the
architecture for new branches such that all the security
best practices are in place from day one.
3) Ensuring that all the network devices are configured
as per the Bank’s security policy, best practices to
ensure Secured Network Architecture.
4) Configure and manage Firewalls & IPS across the
network
5) Work on the vulnerabilities pointed out by various
agencies such as OEM, CERT, SOC, ISD, network
department / other departments, government agencies,
etc.
6) Providing selective resource access by configuring
suitable access list on router. This includes hardening
the perimeter security by configuring appropriate IP
addresses and communication ports on router.
7) Masking private IP addresses by configuring NAT
on routers. This can be made static or dynamic based
on client’s policies.
8) User Account Management: Configuring user
authentication through TACACS or RADIUS servers
9)Configuring authentication protocols that are
available in Network/server devices OS (like PAP,
CHAP and AAA)
10)Implementing encrypted password management
mechanisms on all supported devices Implementing
privilege rights based on user rights for controlled
access. All requests for user creation, modification and
deletion will be authorized by SBI concerned people in
a prescribed format.
11) Ensuring security against asynchronous terminals,
such as console terminals and from integrated modem
line.
12) Disabling reverse telnet by default and enable only
on need base
13) Prompt resolution of tickets raised by application
owners.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 317 of 329 Confidential & Proprietary
10 L3 Engineers
(R&S)
1) Escalation point for Help Desk (HD) engineers
2)This position serves as the subject matter expert and
is responsible for the architecture, design and
development of secure network infrastructures
3)Create basis of design, HLD (high level design),
LLD (low level design), implementation plan and
NRFU (network ready for use) for large scale Network
Infrastructure Security Projects that involves firewalls,
IPS, VPN, SSL Offload, Device hardening, DDoS
protection techniques, Identity Management suites,
Link Encryption, Data Protection, Web and Email
security devices.
4) Developing requirements for Data Centre LANs,
WANs, virtual private networks (VPNs)
5) Must be able to lead projects throughout the full
lifecycle of project delivery including the requirement
gathering, planning, design, implementation, testing,
optimization and hand-over phases
11 L2 Engineers
1) Responsible for coordinating with Field Engineers
to troubleshoot issues related to Critical
branches/offices.
2)Ownership of change request and incidents to
determine root cause
3) Identification and mitigate various security threats
Maintaining internal IT System in adherence with SBI
policies and standards
4) Assisting Senior support tiers with project based
configuration and deployment work
5) Offsite technical implementation, installation, and
configuration of hardware when required
6) All the escalations done by L1relating to other
branches are handled by L2 Engineers.
12 L1 Engineers
- Data Centre
1) 24x7 hands and feet support for L2& L3 for Project
related activity
2) Follow up with Service Providers for Link
restoration
3) Investigate first line support in Data Centres during
failures
4) Onsite support for GSC and GITC technical team
during operation/project failures
5) Onsite assistance during IOS upgrade
6) carrying out Preventive Maintenance for Data
Centre
7) Network device installation/de-installation, network
cable connectivity/ removal/ replacement as an when
required
8) Managing LAN Network. (GITC, Nerul, Juinagar,
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 318 of 329 Confidential & Proprietary
Kapas Bhavan, Balaji Bhavan, MTNL Building,
Station Building, SBB- Corp Centre and Chennai DR)
13
L1 Engineer
(other than
field)
Major Job Duties and Responsibilities:
• Handling end-user LAN related issues including
troubleshooting of NAC
• Responsible to handle issues raised by branches
and application departments.
• Escalating issues to L2, L3 and other NOC support
engineer.
• Daily and scheduled backup of devices through
centralized tool.
14
NAC
Administrator
Major Job Duties and Responsibilities:
• NAC implementation, administration, and
maintenance (including all components such as
load balancers, switches, etc.)
• NAC server management including Software
updates, upgrades. configurational changes, policy
creation/modification, VA/PT observations
closure, making new entries, removal/purging of
old/invalid entries, synchronization between local
and remote sites servers, provisioning of access to
remote users, etc.
• Implementation of industry standard/best practices
security in a time bound manner
• Extraction and dissemination of various reports in
prescribed formats
• NAC issue troubleshooting (at server and client
level) including handling escalation calls from
end-users, resolution of issues as per the defined
SLA, coordination with other teams handling
NAC dependent Solution components (such as
AD, AV, patch management, etc.). the team may
require taking remote access of the end-user
devices for troubleshooting
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 319 of 329 Confidential & Proprietary
15
DNS
Administrator
Major Job Duties and Responsibilities:
• Management of DNS devices deployed in the
Bank
• Perform data entry work on the Domain Name
Services (DNS) portal adding, deleting, and
updating object records for IP management.
• Resolving discrepancies, perform standard tests
(ping, lookups, SSH) to validate data source prior
to applying changes.
• Update, open or close tickets or reply to requestor.
• Collaborate with support team members to
identify and resolve issues and discrepancies.
• Work with multiple applications and documents to
achieve the desired results.
• Documentation and other DNS operation related
activity
Closure of security, audit and SOC observation
16
Proxy Major Job Duties and Responsibilities:
• Management of proxy devices deployed in the
Bank
• Providing internet access to user/application on
need basis as per approval of the Bank
• Handling internet related issues for user desktops
and applications server
• Tracking of all the access provided to end
user/application
Closure of security, audit and SOC observation
17
System
Engineer
Major Job Duties and Responsibilities:
• Management of Tools deployed in NOC
• Designing and implementing functionality as per
the Bank’s requirement.
• Customisation of tools.
• Keeping all the tools up-to-date and accessible to
set of desired users
• Closure of security, audit and SOC observation.
• Automation of NOC operation processes.
• Data back and management.
Note: The job description provided above for each role is illustrative in nature.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 320 of 329 Confidential & Proprietary
TABLE-3: EDUCATIONAL/PROFESSIONAL QUALIFICATION AND
CERTIFICATION AND EXPERIENCE CRITERIA FOR NI RESOURCES
S.No. Position Proposed Skill Sets
1 Field Engineer
Qualification:
• Diploma in Computer Science / Electronics
and/ or Telecommunications
Engineering / Information Technology
OR
• Bachelor’s degree in any stream
Certification:
• Certification in CCNA or any other certification
in the computer network field such as JNCIA,
CompTIA Network+.
Experience:
• Minimum 1 year of experience in network
configuration
Skills:
• Person should have adequate knowledge of net
working devices.
• Sound analytical and troubleshooting skills
• Good Team Management and co- ordination ski
lls
2 Level L1
Qualification:
• Diploma in Computer Science / Electronics
and/ or Telecommunications
Engineering / Information Technology
OR
• Bachelor’s degree in any stream
Certification:
CCNA or any other certification in the computer
network field such as JNCIA, CompTIA Network+.
Experience:
Minimum 2 years of experience in network
configuration is recommended.
Skills:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 321 of 329 Confidential & Proprietary
• Person should have adequate knowledge of net
working devices.
• Sound analytical and troubleshooting skills
• Good Team Management and co- ordination ski
lls
3
Level L2
(Routing &
Switching)
Qualification:
Bachelor’s degree in any stream
Certifications:
Any one of the certifications mentioned below (or
equivalent):
Cisco CCNP
JNCIS-ENT
JNCIS-SP
Experience:
Candidates who have 5 years of hands-on experience
in managing network of any reputed organization
with at least 3 years in any one of the following :
a. Level-2 resource in an organization in the business
of providing Network Services,
OR
b. As TAC resource of an OEM (in the field of
network security devices such as firewall, IPS etc.)
OR
c. Experience in managing network operation and
management for any organization in BFSI sector
4 Level L2
(Security)
Qualification:
Bachelor’s degree in any stream.
Certifications:
Any one of the certifications mentioned below:
Cisco CCNP Security
JNCIS-SEC
Check Point Certified Security Administrator
(CCSA) R80.x
Palo Alto Networks Certified Cybersecurity
Associate (PCCSA)
Certified McAfee Security Specialist
Fortinet NSE 1
Fortinet NSE 2
Fortinet NSE 3
Experience:
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 322 of 329 Confidential & Proprietary
Candidates who have 3 years of hands-on experience
in managing network of any reputed organization
with at least 1.5 years in any one of the following:
a. Level-2 resource in an organization in the business
of providing Network Services,
OR
b. As TAC resource of an OEM (in the field of
network security devices such as firewall, IPS etc.)
OR
c. Experience in managing network security for any
organization in BFSI sector
5 Helpdesk
(HD)
Qualification:
Diploma / Bachelor’s degree in any stream
Certification:
• CCNA or any other Certification in CCNA or
any other certification in the computer network
field is preferred.
Experience:
• Minimum 1 year of experience in network
service desk operations.
Skills:
• Person should have adequate knowledge
of networking devices.
• Sound analytical and troubleshooting skills
• Good Team Management and co- ordination ski
lls
• Fluent in English and Hindi
6
Level -
L3 (Routing
and
Switching)
Qualification:
Bachelor’s degree in any stream
Certifications:
Any one of the certifications mentioned below:
Cisco CCDP
Cisco CCDE
Cisco CCIE Data Center
Cisco CCIE Routing and Switching
Cisco CCIE Service Provider
Juniper JNCIE-DC
Juniper JNCIE-SP
Citrix Certified Professional – Networking
Aruba Certified ClearPass Professional (ACCP) (For
NAC L3 Resource)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 323 of 329 Confidential & Proprietary
Aruba Certified ClearPass Expert (ACCX) (For
NAC L3 Resource)
Experience:
Candidates who have 6 years of hands-on
experience in managing network of any reputed
organization with at least 3 years in any one of the
following:
a. Level-3 resource in an organization in the
business of providing Network Services,
OR
b. As TAC resource of an OEM (in the field of
network routing and switching etc.)
OR
c. Experience in managing network security for
any organization in BFSI sector
Skills:
1. Should have expert level knowledge of IT
Security, routing and switching protocol and
networking devices.
2. Sound analytical and troubleshooting skills
3. Good Team Management and co- ordination
skills
4. Fluent in at least Hindi and English languages
7 Level L3 (IT
Security)
Qualification:
Bachelor’s degree in any stream
Certifications:
Any one of the certifications mentioned below:
Cisco CCIE Security
Juniper JNCIE-SEC
Palo Alto Networks Certified Network Security
Administrator (PCNSA)
Palo Alto Networks Certified Network Security
Engineer (PCNSE)
Fortinet NSE 4
Fortinet NSE 5
Fortinet NSE 6
Fortinet NSE 7
Fortinet NSE 8
Certified McAfee Security Specialist
TippingPoint (Trend Micro) Certified Professional
Check Point Certified Security Expert (CCSE)
R80.x,
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 324 of 329 Confidential & Proprietary
Check Point Certified Security Master (CCSM)
R80.x
Experience:
Candidates who have 6 years of hands-on
experience in managing network of any reputed
organization with at least 3 years in any one of the
following:
a. Level-3 resource in an organization in the
business of providing Network Services,
OR
b. As TAC resource of an OEM (in the field of
network security devices such as firewall, IPS
etc.)
OR
c. Experience in managing network security for
any organization in BFSI sector
Skills:
1. Should have expert level knowledge of IT
Security, routing and switching protocol and
networking devices.
2. Sound analytical and troubleshooting skills
3. Good Team Management and co- ordination
skills
4. Fluent in at least Hindi and English
languages
8 Manager
Qualification:
Graduate/ Postgraduate in any stream
Certifications:
PMP/ ITIL (Intermediate or Expert) or
equivalent certification
Experience:
Minimum 5 years of experience in dealing with
telecommunication company as manager.
Person should have minimum 2 years of
experience in handling
team of network operations.
Skills:
Good analytical, reasoning, problem solving,
reporting and follow-up skills
Microsoft Office Certifications for Microsoft
Word, excel and PowerPoint
Good Team Management and co- ordination skills
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 325 of 329 Confidential & Proprietary
Fluent in English and Hindi
9 Project
Manager
Qualification:
Graduate/Postgraduate in any stream.
Certifications:
PMP or equivalent certification
Experience:
Minimum 8 years of experience in handling
deployment of large-scale IT projects as project
manager. Person should have minimum 3 years
of experience in network project handling.
Skills:
Excellent knowledge in Microsoft Word, excel
and PowerPoint, SharePoint.
Good Team Management and co- ordination skills.
Fluent in English and Hindi
10 Engagement
Manager
Qualification:
Graduate/Post-graduate in any stream.
Certifications:
CCIE or equivalent certification and PMP / ITIL
(Intermediate or Expert) equivalent certification
Experience:
Minimum 10 years of experience in handling
Bank’s WAN or a similar network.
Out of which 5+ years of experience in
networking project handling.
Skills:
Good and quick Decision maker.
Leadership qualities to lead multiple team
efficiently with conflict resolution.
Good Team Management and co- ordination skills.
Fluent in English and Hindi
Note:
a. Experience certificates to be provided by the selected NI for all its employees engaged
with the Bank’s network & Solution management as a supporting document that its
resources are having requisite experience as defined in the RFP. If a portion of the
experience is from the previous employer, the NI shall have to obtain the experience
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 326 of 329 Confidential & Proprietary
certificate from the previous employer on the letterhead of all of their previous
employers.
b. Each and every resource proposed by the selected NI that shall be engaged by the Bank
under this RFP, shall be interviewed by a panel of interviewers appointed by the Bank
and on the recommendation/acceptance of the panel the resource shall be engaged for
working for the Bank. Also, elevation of any resource one level to another (L1 to L2,
L2 to L3 etc.), the same panel shall conduct the interview and based on the panel’s
decision, the NI resource/personnel may be elevated.
c. At any given point of time during the NI contract period, there shall be at least two L3
resources having expert knowledge about the products and solutions coming under the
purview of selected NI for management. Such team of experts should cover all OEM
products being used by the Bank in its network. The same shall be applicable for all
new products and solutions procured by the NW&C department during the NI contract
period.
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 327 of 329 Confidential & Proprietary
Appendix–R
Undertaking of Authenticity
To:
(Name and address of Procuring Office)
Sub: Undertaking of Authenticity for supplied Product(s)
Ref RFP No: SBI/GITC/NW&C/20-21/706 Dated 18.08.2020 (RFP For Engagement
of Network Integrator and setting up of Next Gen Network Operations Centers
(NOCs).
With reference to the Product being quoted to you vide our Bid No:___________ dated
___________, we hereby undertake that all the components /parts /assembly / software etc.
used in the Product to be supplied shall be original new components / parts / assembly /
software only, from respective Original Equipment Manufacturers (OEMs) of the Products
and that no refurbished / duplicate / second hand components /parts/ assembly / software
shall be supplied or shall be used or no malicious code are built-in in the Product being
supplied.
1. We also undertake that in respect of licensed operating systems and other software
utilities to be supplied, the same will be sourced from authorized sources and supplied with
Authorized License Certificate (i.e. Product keys on Certification of Authenticity in case
of Microsoft Windows Operating System).
2. Should you require, we hereby undertake to produce the certificate from our OEM
supplier in support of above undertaking at the time of delivery/installation. It will be our
responsibility to produce such letters from our OEM supplier’s at the time of delivery or
within a reasonable time.
3. In case of default and/or the Bank finds that the above conditions are not complied with,
we agree to take back the Product(s) supplied and return the money paid by you, in full
within seven days of intimation of the same by the Bank, without demur or any reference
to a third party and without prejudice to any remedies the Bank may deem fit.
4. We also take full responsibility of both Product(s) & Service(s) as per the content of the
RFP even if there is any defect by our authorized Service Centre / Reseller / SI etc.
Dated this ....... day of ............................ 202
______________________________________________________________
(Signature) (Name) (In the capacity of)
Duly authorised to sign Bid for and on behalf of
_____________________________________
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 328 of 329 Confidential & Proprietary
Appendix- S
MANUFACTURERS' AUTHORIZATION FORM
No. Date:
To:
(Name and address of Procuring Office)
Dear Sir:
Ref RFP No: SBI/GITC/NW&C/20-21/706 Dated 18.08.2020 (RFP For Engagement
of Network Integrator and setting up of Next Gen Network Operations Centers
(NOCs).
We, who are established and reputable manufacturers / producers of
________________________ having factories / development facilities at
___________________________________________ (address of factory / facility) do
hereby authorise M/s ___________________ (Name and address of Authorised Business
Partner (ABP)) to submit a Bid, and sign the contract with you against the above RFP.
2. We hereby extend our full warranty for the Products and services offered by the above
ABP against the above RFP.
3. We also undertake to provide any or all of the following materials, notifications, and
information pertaining to the Products supplied by the ABP:
(a) Such Products as the Bank may opt to purchase from the ABP, provided, that
this option shall not relieve the ABP of any warranty obligations under the RFP;
and
(b) In the event of termination of production of such Products:
i. advance notification to the Bank of the pending termination, in sufficient time
to permit the Bank to procure needed requirements; and
ii. following such termination, furnishing at no cost to the Bank, operations
manuals, standards and specifications of the Products, if requested.
4. We duly authorise the said ABP to act on our behalf in fulfilling all installations,
Technical support and maintenance obligations required by the contract.
Yours faithfully,
(Name of Manufacturer / Producer)
RFP for Engagement of Network Integrator (NI)
&
Setting up of Next Gen Network Operations Centre (NOC)
Page 329 of 329 Confidential & Proprietary
Note: This letter of authority should be on the letterhead of the manufacturer and should be
signed by a person competent and having the power of attorney to bind the
manufacturer. The Bidder in its Bid should include it.