Upload
trinhtu
View
237
Download
10
Embed Size (px)
Citation preview
s.NO RFP Volume/Section RFP Page No. Content in the RFP Clarification sought Suggestions/Justification
1DC/DRC Monitoring
DashboardPage 122
The system should allow for easy deployment of
servers, operating systems application and
services for integrating and managing such
components collectively
As per our understading the clause means :
1. deployment of OS and software required on it
2. Managing the application, services on the servers
Kindly confirm if our understading is correct.
RFP conditions prevails
2
DC/DRC Monitoring
Dashboard
Page 122
122
The system should provide rack-view monitoring
for power consumption,capacity, services
deployed, and servers up, down and in critical
state.
The specification asked is vendor specific and will
restrict other OEM to participate, the specification
is w.r.t a Data center infrastructure monitoring and
is only a single point in the complete EMS
specification,request to kindly move it to specific
section and delete from here
RFP conditions prevails
3
DC/DRC Monitoring
Dashboard
Page 122
122
The system should automatically act on policy
deployment, pre- configurations and pre-
defined SOPs
The specification asked is highly vendor specific,
however we understand that the requirement is to
define policies for configuration management and
templates for standard configuration across your
Network Devices, kindly confirm if our understading
is correct.
RFP conditions prevails
4
DC/DRC Monitoring
Dashboard
Page 123
123
There should be a tight integration between
infrastructure metrics and logs to have the
single consolidated console of Infrastructure &
security events.
The Specification asked is vendor specific and will
restrict other OEM who do not have a SIEM
solution, request you to kindly rephrase it as " The
solution should provide tight integration capabilities
between Monitoring component solution and log
management solution to provide valuable
Dashbaords with information for engineers to work
promptly"
RFP conditions prevails
5
DC/DRC Monitoring
Dashboard
Page 123
123
Consolidate IT event management activities into
a single operations bridge that allows operator
quickly identify the cause of the IT incident,
reduces duplication of effort and decreases the
time it takes to rectify IT issues
The specification asked contains Vendor specific
keywords like operations bridge which restricts
other OEM to particiapte, request to neutralize the
point for functinality like " Proposed monitoring
solution should provide correlation of events and
provide Root Cause Analysis out of the box so
duplication of efforts can be avoided in crisis
situtations"
RFP conditions prevails
6
DC/DRC Monitoring
Dashboard
Page 123
123
The Operator should be able to pull up security
events related to a given Configuration Item,
from a single console which also has NOC
events, and use the security events to triage the
problem. This way the Operator gets
consolidated system/network event details and
security events (current and historical) from the
same console and save time in troubleshooting /
isolating the issue
The Specification asked is vendor specific and will
restrict other OEM to participate who do not have a
SIEM solution, request you to kindly remove this
point or rephrase as " The proposed infrasctuture
monitoring solution should provide capabilities to
forward events to SIEM solution or should provide
API for better integration between the two
components"
RFP conditions prevails
7
DC/DRC Monitoring
Dashboard
Page 124
124
Consolidated dashboard of the proposed EMS
solution must be able to do dynamic service
modelling of all business critical production
services & use near-real time Service Model for
efficient cross domain topology based event
correlation.
The Specification asked is vendor specific and will
restrict other OEM to participate request you kindly
define funtionality to be achieved in place of how to
achieve, request to kindly rephrase it as " Proposed
EMS solution must be able to do Service modelling
of all business critical production services and
present the services topology to identify which
services are impacted and because of which CI"
RFP conditions prevails
8
DC/DRC Monitoring
Dashboard
Page 124
124
The solution should support dynamic discovery
to maintains Run-time Service Model accuracy
e.g. virtualization and cloud
The Specification asked is vendor specific and will
restrict other OEM to participate request you kindly
define funtionality to be achieved in place of how to
achieve, request to kindly rephrase it as " Proposed
EMS solution must be able to do Service modelling
of all business critical production services and
present the services topology to identify which
services are impacted and because of which CI"
RFP conditions prevails
9
System and
Application
Monitoring
Page 126
126
The solution should provide a centralized point
of control with out-of-the-box policy-based
management intelligence for easy deployment
for the servers, operating systems, applications
and services for correlating and managing all the
IT infrastructure components of a business
service
As per our understading the clause means :
1. deployment of OS and software required on it
2. Managing the application, services on the servers
Kindly confirm if our understading is correct.
RFP conditions prevails
10Log Management
Page 129129
The proposed solution must provide UI based
wizard and capabilities to minimize false
positives and deliver accurate results
The requirement asked contains vendor specific
keywords and will restrict other OEM to participate
request to kindly nuetralize as " Proposed solution
must have options for log collection, Log Parsing
and storage, Alerts and notifications, Dashboard and
Visualization and integration workflow and custom
APIs which helps to derive meaningful and
actionalble information "
RFP conditions prevails
11Vol 2
Page 130130
The proposed system must not create more
than ticket for same recurring alarm to avoid
ticket flooding from Monitoring system
The help desk system will generate ticket based on
every alarm notification it receives. This seems to be
OEM specific points also. Please remove this point.
RFP conditions prevails
12
EMS Other Key
Requirements
Page 132
The solution should be deployable on Linux
operating systems to reduce the overall TCO
Request you to kindly rephrase it as " The solution
should be deployable on Linux operating systems to
reduce the overall TCO whereever possible"
RFP conditions prevails
LSCL Response/Remarks
13
EMS Other Key
Requirements
Page 132
The solution should run without any propriety
database license for data store -Data store must
be bundled within EMS (E.g. popular time-
series, no-sql, HBase based monitoring systems)
to reduce the TCO
Request you to kindly rephrase it as " The solution
should run without any propriety database license
for data store -Data store must be bundled within
EMS or standard RDBMS databases to reduce the
TCO"
RFP conditions prevails
14Fault Management
Page 127127
The Platform must include an event correlation
automatically fed with events originating from
managed elements, monitoring tools or data
sources external to the platform. This
correlation must perform:
• Event filtering
• Event Deduplication
• Event aggregation
• Event masking
The specifications mentioned contains vendor
specific terminology/functionality and will restrict
other OEMs to participate request to kindly
rephrase it as " The Platform must include an event
correlation automatically fed with events originating
from managed elements, monitoring tools. This
correlation must provide RCA on the alarms and
help the operator to focus on problem areas and
resolve issues promptly"
RFP conditions prevails
15Vol 2
Page 110Section: Website Security & Performance Monitoring
Highly Vendor specific. This qualifies under Security.
Hence requesting to please remove this clause. RFP conditions prevails
16Vol 2
Page 110Section: Website Monitoring
Highly Vendor specific. Requesting you to please
remove this clauseRFP conditions prevails
17Vol 2
Page 126
The solution should support Virtual platforms -
VMware and Microsoft Hyper-V, Citrix Xen,
AWS, Azure and provide capability to monitor
both Microsoft .NET and J2EE applications from
the same platform
Requesting to+D7 please rephrase as - The solution
should support Virtual platforms - VMware and
Microsoft Hyper-V, AWS, Azure and provide
capability to monitor both Microsoft .NET and J2EE
applications from the same platform
RFP conditions prevails
18 Generic Generic
There is no specifications of Identity and Access
Management and 2 factor authentication.
Requesting you to please include the specs of same
in corrigendum.
Identity and Access Management and 2 factor
authentication is very critical tool for any Smart City
Project
RFP conditions prevails
19Volume 2, Scope of
work
MSI is required to co-locate all the
hardware/software and related items as per the
design offered for the smart city infrastructure
including SLA monitoring and Help
desk management, in a State Data Centre (Tier
III+) data Center complying with
standard guidelines as per Telecommunications
Infrastructure UPTIME/TIA-942.
LSCL will avail hosting services. MSI will implement,
manage the architecture accordingly. Please
confirm the qualifications requirements for the
Data center operator that has to be proposed ?
RFP conditions prevails
20 Additional queries what type of services will be running on mpls. RFP is Self explanatory
21 Additional queries What will be payment terms for bandwidth RFP is Self explanatory
22 Additional queries Is ROW/RI waived off. RFP conditions prevails
23 Additional queries
Apart from MPLS, bandwidth serivce provider will
not be configuring any security/encrytion anywhere
in the network.
RFP conditions prevails
24 Additional queries
As per TRAI guidelines bandwidth can not be resold
, hence we request for tripartite Agreement
between ISP, MSI & Department
RFP conditions prevails
25
Vol1: 1.3
Definitions/Acrony
ms #13 -
Consortium
6
A consortium consists of multiple members (not
more than Three parties - Lead Bidder + 2
Consortium members) entering into a
Consortium Agreement for a common objective
of satisfying the Authority Agreement for a
common objective of satisfying the Authority
requirements & represented by lead member of
the consortium, designated as a "Lead Bidder”.
Also, the responsibility for successful execution
of the entire project will be that of the defined
Lead bidder. The consortium members should
have relevant experience of executing similar
roles and responsibilities in past as stated in the
MoU in Annexure 7.
Parent company existence of Bidder/ Lead
bidder would be
considered for only 100% subsidiary/ division/
sub division/ branch
business unit. For the purpose of technical
evaluation, net worth and turnover of only the
bidding entity will be considered. Net worth and
turnover of any parent, subsidiary, associate or
other related entity will not be Considered.
Since the RFP specifies "The consortium members
should have relevant experience of executing similar
roles and responsibilities in past"
While it is acceptable that for Sole bidder/Lead
bidder Profile, the networth and turnover of only
bidding entity is considered whereas for the Project
Experience criteria, could be fulfilled by any one of
the consortium partners.
The objective of forming a consortium is to draw on
the relevant experience and domain expertise of
consortium members to meet the requirement of
the RFP.
Please refer to the corrigendum 6
26
Vol1: 2.24.1 Initial
Composition; Full
Time Obligation;
Continuity of
Personnel
24
Bidder shall not make any changes to the
composition of the Key Personnel and not
require or request any member of the Key
Personnel to cease or reduce his or her
involvement in the provision of the Services
during the defined term of the engagement
unless that person resigns, is terminated for
cause, is long-term disabled, is on permitted
mandatory leave under Applicable Law or
retires. In any such case, the Authority's prior
written consent would be mandatory.
For the evolving needs of the projects during the
tenure and betterment of the process, we request
to allow make changes to the composition of the
key personnel by SI.
Please refer to the corrigendum 6
27
Vol1: Pre-
Qualification
Criteria #7
36
The sole bidder or lead bidder /consortium
partner should
have CMM level 5.
Documetry Evidence:- The Sole Bidder or the
Lead Bidder
1. Copies of valid certificates in the name
of the bidding entity
We request to correct the clause for documentry
Evidence as " The Sole Bidder or the Lead Bidder /
Consortium Partner
1. Copies of valid certificates in the name of the
bidding entity
Also, request to consider CMM Level 3 or higher
should have with Lead Bidder or Consortium
Member.
Please refer to the corrigendum 6
28
Vol1: Pre-
Qualification
Criteria #8
36
The sole bidder or lead bidder should have
completed at
least two projects in Govt/Semi Govt/ PSU; in
the field of
development and integration of citizen centric
web portal /
mobile app, database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT.
This scope of work relates to software
development, and relevent domain expert could be
a member of Consortium instead of being a lead
bidder.
1. We request to revise the clause as " The sole
bidder or lead bidder or any consortium partner
should have completed at least two projects in
Govt/Semi Govt/ PSU; in the field of development
and integration of citizen centric web portal /mobile
app, database management /data warehousing/
business analytics / cloud applications on the date
of release of NIT".
2. We request to consider project experience of
foreign locations from any of consortium member.
RFP conditions prevails
29
Vol1: Pre-
Qualification
Criteria #9
36-37
The Sole Bidder or any consortium member (in
case
of consortium) should have experience of
Operation and maintenance of network
comprising software, ICT hardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
The clause should be revised as "The Sole Bidder or
any consortium member (in case of consortium)
should have experience of Operation and
maintenance of network comprising
Application/software, ICT/IT hardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
RFP conditions prevails
30
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation #A2 -
CMM Certification
39
Marks shall be allotted as given below:
•CMM level 5 =3 marks
Documentry Evidence: Sole Bidder or Lead
Bidder of the
Consortium:
Certificate from
competent authority
We request to revise the clause as " Sole Bidder or
Lead Bidder or Any Consortium Member of the
Consortium: Certificate of CMM Level 3 or higher
from competent authority.
*Software company could be the consortium
member instead of being a lead bidder.
Please refer to the corrigendum 6
31
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B1 Web
Portal/mobile
app
39
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of
RFP.
Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
We request to revise the Clause as "The Sole Bidder
or lead member (in case of consortium) or any
member of consortium should have been awarded
and successfully executed & commissioned
project(s) related to development and integration of
citizen centric web portal / mobile app components
or both having minimum value of INR 15 crore in
India/Aborad during last five years as on the date of
release of RFP.
Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
*Software company could be the consortium
Please refer to the corrigendum 6
32
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B2 City centric
software Integration
Projects
41
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
We Request to revise the Clause as "The Sole Bidder
or lead member (in case of consortium) or any
member of Consortium" should have experience in
the field of City centric software Integration Projects
in India/Abroad.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
*Software company could be the consortium
member instead of being a lead bidder.
Please refer to the corrigendum 6
33
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B3 Software
Plateform
42
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of delivery)
with the above mentioned technology stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
We request to revise the Clause as "The Sole Bidder
or lead member (in case of consortium) or any
member of the consortium should have experience
in developing and implementing IT software
projects in India/Aborad with Java /J2EE,
Application Servers like JBoss or similar,
HTML5/CSS3, mobile apps native languages
(Android, ioS, Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects have been executed
(documentary evidence to be provided as proof of
delivery) with the above mentioned technology
stack".
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
*Software company could be the consortium
member instead of being a lead bidder.
Please refer to the corrigendum 6
34
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B4 Operation and
Maintenance
43
The bidder must have experience of providing
Handholding and Operational Manpower for
Turnkey IT projects. Minimum no. of manpower
per project should be 10.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Documentry Evidence:
Sole Bidder/or any Member of Consortium:
1.Work order/Contract clearly highlighting the
scope of work, Bill of Material and value of the
contract/order.
2.Completion Certificate issued & signed by the
competent authority of the client entity on the
entity’s letterhead
OR Self-certificate from the bidder signed by the
concerned project in-charge of the bidder and
counter signed by
authorised signatory for this bid holding written
special
power of attorney on stamp paper along with
the official contact details of the competent
authority of the client entity.
The Authority reserves the right to contact the
aforementioned competent authority.
Operation and Maintenance could be the contract
of IT infra management services also. We request
to revise the Clause as "The bidder must have
experience of providing Handholding and
Operational Manpower for Turnkey IT projects.
Minimum no. of manpower per project should be
10.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Documentry Evidence:
Sole Bidder/or any Member of Consortium:
1.Work order/Contract clearly highlighting the
scope of work, Bill of Material/Service Contract
Agreement and value of the contract/order.
2.Completion Certificate/certificate of contract in
existance as on date, issued & signed by the
competent authority of the client entity on the
entity’s letterhead OR Self-certificate from the
bidder signed by the concerned project in-charge of
the bidder and counter signed by authorised
signatory for this bid holding written special power
of attorney on stamp paper along with the official
contact details of the competent authority of the
client entity.
The Authority reserves the right to contact the
Please refer to the corrigendum 6
35
Vol1: 5.2 Pre-
Qualification Bid
Covering Letter
52
a. We hereby acknowledge and unconditionally
accept that the Authority can at its absolute
discretion apply whatever criteria it deems
appropriate, not just limiting to those criteria
set out in the RFP and related documents, in
short listing of Agency for providing services.
Terms and conditions should be applicable to bidder
as mentioned in to the RFP. We request to revise
the clause as " We hereby acknowledge and
unconditionally accept that the Authority can at its
absolute discretion apply those criteria set out in
the RFP and related documents, in short listing of
Agency for providing services".
Authority should not apply the criteria it deems
appropriate but out of the RFP and related
documents.
RFP conditions prevails
36
Vol2: 11 Payment
Terms and Schedule
#2
184
Due payments shall be made promptly by the
Authority, generally within Sixty (60) days after
submission of an invoice or request for payment
by MSI
We request to make payment within 30 days and
revise the clause as "Due payments shall be made
promptly by the Authority, generally within thirty
(30) days after submission of an invoice or request
for payment by MSI
RFP conditions prevails
37Vol2: 5.1 City
Network 113 [General query on costing of network]
We request to provide clarity of recurring cost of
network bandwidth consumption whether it would
be paid directly by LSCL to service proivder/SWAN
OR it would need to include bidder's proposal for
the costing to receive payment from LSCL in
comprehensive commerical proposal? And thus, to
be paid by SI to service provider/SWAN?
Please refer to the corrigendum 6
38
Vol2: 8 Project
Implementation
Timelines &
Deliverables:
166Resource # Resource Mobilization T+0.10
months
Based on sub systems of smart city scope of work,
we request to revise the resource mobilization up
to T+0.20 months
RFP conditions prevails
39
Vol2: 8 Project
implementation
Timelines &
Deliverables:
167
Phase 1 System Implementation – T+3 Months
(T is the date of Signing of the contract with
MSI)
Based on sub system of smart city scope of work,
we request to revise the Phase 1 System
Implementation up to T+6 Months
RFP conditions prevails
40
Vol2: 8 Project
implementation
Timelines &
Deliverables:
166Mobilization and Kick start: T + 1 month (T is the
date of Signing of the contract with MSI)
Based on Sub System of smart city scope of work,
we request to revise the Mobilization and Kick start
up to T+ 1 and half months [45 Days]
RFP conditions prevails
41
Vol2: 8 Project
implementation
Timelines &
Deliverables:
167iii. Phase 2 T + 6 months (T is the date of Signing
of the contract with MSI)
Based on Sub System of smart city scope of work,
we request to revise the Phase 2 T+12 Months (T is
the date of Signing of the contract with MSI)
RFP conditions prevails
42Vol3: 10. Bidder's
Obligations #10.2411
10.24. SI shall be responsible on an ongoing
basis for coordination with other vendors and
agencies of the Authority in order to resolve
issues and oversee implementation of the same.
SI shall also be responsible for resolving conflicts
between vendors in case of borderline
integration issues.
Responisbility would be with SI, but Authority
should be accountable for the resolveing of issues
and oversee implementation, in this this case.
RFP conditions prevails
43
Vol3: 1.
Implementation
Phase related SLAs #
Team mobilization
and
commencement of
work.
32
Target - Within 10 days of issuance of LoI or
contract
agreement, whichever is earliest.
We requsest to revise the target of Team
Mobilization up to 20 Days from the issuance of LoI
or contract agreement, whichever is earliest.
RFP conditions prevails
44Vol3: 2. Delay in
Implementation33
Target:
Kick off Date (T) +3 months for phase 1
Kick off Date (T) +6 months for phase 2
Due to various sub-Systems of Smart City timeline
should be revised as below.
Kick off Date (T) +6 months for phase 1
Kick off Date (T) +12 months for phase 2
RFP conditions prevails
45
Vol3: Operation &
Maintenance Phase
related SLAs
33 to 47
Entire Section of Operation & Maintenance
Phase, related to SLAs, Penalties, severity and
service level monitoring
Given SLA and penalties in RFP should be indicative.
Parameters and framework of Actual SLA and
penalties should be finaliized with considering
practical and realistic approach by monitoring
performance measures up to three months from
the final 'Go-Live' of the project. SLA holiday period
of three months should be observed mutually, after
the final 'Go-Live' of the project to set parameters
for SLA and panalties for Long term contract of five
years. SLA and Penalties parameters should be
reviewed at least once in a year for the betterment
of the project managment.
RFP conditions prevails
465.2 Data Center and
Disaster Recovery114
A.3 The authority has decided to host the
application and the data of the Integrated
Command &
Control Centre to the UP State Data Centre
(SDC) situated in Lucknow. The Disaster
Recovery
Centre (DRC) will be the cloud platform
developed by the National Informatics Centre
We request to consider Cloud Services for the
Primary Data Center and Disater Recovery
Infrastructure. The key benefits are listed as follows:
Stop Spending Money on Data Centre Operations –
Cloud computing vendors do the heavy lifting of
racking, stacking, and powering servers, so you can
focus on your customers and core business rather
than on IT infrastructure.
Do more for less – Moving to the cloud is not just an
effort to reduce cost and avoidance for the sake of
the obvious monetary value; it is also about the
increase in technological competitiveness that
comes with it. If you can deliver twice the capability
at the same cost, that equates to savings.
Benefit from economies of scale – Millions of
customers are aggregated in the Cloud, which
translates into lower, pay-as-you-go prices. We
continually focus on reducing our data centre
hardware costs, improving our operational
efficiencies, lowering our power consumption, and
passing savings back to customers.
Move from a forecast-procurement model to a
consumption model – Instead of investing more in
optimizing data centers and servers, pay only for the
resources you consume and increase or decrease
usage depending on need, not elaborate
forecasting. For example, development and test
RFP conditions prevails
47
Vol-1
6.8 Proposed Bill of
Material
79 Video Wall with Controller (55" each)Please change to:
Video Wall with Controller (70" each)Please refer to the corrigendum 6
48
Vol-1
7.2 Price
component for
CAPEX:
88 Video Wall with Controller (55” each)Please change to:
Video Wall with Controller (70" each)Please refer to the corrigendum 6
49
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 61 of 245The VDW shall be provided as per the following
requirements: 55” (Inch) each.
Please change to:
The VDW shall be provided as per the following
requirements: 55” (Inch) each in 2x2 matrix
Matrix of 4 video wall is
not mentioned anywhere.Please refer to the corrigendum 6
50
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 61 of 245
The native resolution of each Visual Display Unit
/ Rear Projection Module should be 1920 X 1080
pixels (Full HD) and should have LED as its light
source with ultra-thin configuration.
This shold be changed to:
The native resolution of each Visual Display Unit /
Rear Projection Module should be 1920 X 1080
pixels (Full HD) and should have LASER as its light
source with ultra-thin configuration.
Same is asked in clause 5 of Minimum Technical
Specifications of video wall, Page 224 of 245 - Voll 2
Laser Light source is the
latest technology and will
be supporte for a much
longer period, it has much
better brightness, lumen
efficiency , true
redundancy
Please refer to the corrigendum 6
51
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 62 of 245The brightness uniformity of the VDM shall be
>95%.
This shold be changed to:
The brightness uniformity of the VDM shall be
>98%.
In large walls the
uniformity of each cube is
very important and should
not be compromised
otherwise the video wall
will appear patchy hence
affecting the overall image
quality and VW
performance
RFP conditions prevails
52
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 62 of 245The Rear Projection Module shall have LED as its
light source.
This shold be changed to:
The Rear Projection Module shall have Laser as its
light source.
Same is asked in clause 5 of Minimum Technical
Specifications of video wall, Page 224 of 245 - Voll 2
Laser Light source is the
latest technology and will
be supporte for a much
longer period, it has much
better brightness, lumen
efficiency , true
redundancy
Please refer to the corrigendum 6
53
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 62 of 245
The Cube shall have redundancy in power
supply, LED light source and its driver circuitry
and its power supply
Should be changed to:
The Cube shall have inbuilt redundancy in power
supply and laser light source.
The asked specs is
manufacturer specific,
hence changed required.
Redundancy of all other
critical components is
provided
Please refer to the corrigendum 6
54
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 62 of 245Auto continuous-colour and brightness
management mechanism to be
This shold be changed to:
Auto colour and brightness management
mechanism to be provided
This is specific to a
manufacturer hence
should be changed as
asked to introduce more
competetion
RFP conditions prevails
55
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 63 of 245
The support structure shall incorporate sound
proofing to prevent noise penetration from the
equipment/s into the operations room.
Should be changed to:
The support structure shall incorporate 1 19" rack
mounting system to install equipment
The change is asked to
house the controller which
is to be provided with
video wall
RFP conditions prevails
56
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 63 of 245
Each VDW projection engine shall be modular to
allow sub-components to be replaced without
disruption to other components.
Should be changed to:
projection engine shall be modular having input
module and optical engine separate
The clarification sought is
more simplifiedRFP conditions prevails
57
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 63 of 245
Each display cube shall not exceed a thermal
dissipation of eight hundred (800) BTU per hour
under normal operating conditions.
Should be changed to:
Each display cube shall not exceed a thermal
dissipation of twelve hundred (1200) BTU per hour
under normal operating conditions.
Thermal dissipation asked
is too low compared to the
power consumption asked
of each cube in the specs,
hence should be changed
RFP conditions prevails
58
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 63 of 245
The VDW shall allow for easy maintenance of
modules, colour sync systems, etc. where
downtime is no greater than twenty (20)
minutes.
Should be changed to:
The VDW shall allow for easy maintenance of
modules, colour sync systems, etc. where downtime
is no greater than twenty (60) minutes.
The asked downtime is
very low and unrealistic,
hence request change for a
standard downtime of 60
mins
RFP conditions prevails
59
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 63 of 245
The AC input power shall be 110-240 VAC +/-
10% at 50/60 Hz +/- 1Hz. Power consumption of
each cube shall be less than 300W.
Should be changed to:
The AC input power shall be 110-240 VAC +/- 10% at
50/60 Hz +/- 1Hz. Power consumption of each cube
shall be less than 350W.
Change required to
introduce more
competetion
RFP conditions prevails
60
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 64 of 245
The VDW shall have redundancy of critical
components like light module, drivers and
power supplies.
Should be changed to:
The VDW shall have redundancy of critical
components like light module, and power supplies.
The asked specs is
manufacturer specific,
hence changed required.
Redundancy of all other
critical components is
provided
RFP conditions prevails
61
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 64 of 245The DCMS shall be able to display visual content
on any network attached display device.
Should be changed to:
The DCMS shall be able to display visual content on
the video wall
The clarification sought is
more simplifiedRFP conditions prevails
62
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 64 of 245
The DCMS shall be able to input, manage, and
distribute visual content, including digital CCTV
video, web pages, CATV, workstation
applications, and active screens from any
networked workstation.
Should be changed to:
The DCMS shall be able to input, manage, and
distribute visual content
The assked video wall is
not multi networked based
hence clarification and
change sought.
RFP conditions prevails
63
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 64 of 245
The DCMS shall be able to decode, transmit,
manage, and display the following formats of
digital streaming video:
• MPEG-4
• H.264
Should be changed to:
The DCMS shall be able to decode, transmit,
manage, and display the following formats of digital
streaming video
since H.264 is the
advanced codecRFP conditions prevails
64
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall have a seamless interface within
the VMS UI of the CCTV. All DCMS interactions
within the Video Management System shall be
no more than three (3) mouse clicks to execute
a DCMS function. The DCMS UI shall have the
ability to run independently while the Video
Management System is running.
Should be changed to:
The DCMS UI shall have the ability to run
independently while the Video Management System
is running.
The clarification sought is
more simplifiedRFP conditions prevails
65
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be accessible on any networked
workstation or networked monitor with OPS on
the ICCC network.
Should be changed to:
The DCMS client could be installed in required
workstation
The assked video wall is
not multi networked based
hence clarification and
change sought.
RFP conditions prevails
66
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be able to create and edit user
groups. DCMS permissions for users and user
groups shall be customizable. At a minimum the
definable permissions shall include UI function
rights, viewing access rights, source list access
rights, and display access rights.
Should be changed to:
DCMS shall be able to create users groups and edit
them
The clarification sought is
more simplifiedRFP conditions prevails
67
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be able to display a minimum of
two hundred (200) independent visual sources
simultaneously on the VDW in the Operations
Room. The sources shall be of 4CIF resolution.
Should be changed to:
The DCMS shall be able to display independent
visual sources simultaneously on the VDW in the
Operations Room. The sources could be of HD
resolutions
Better resolutions asked Please refer to the corrigendum 6
68
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be able to create and add
borders and text overlays to individual original
video content source. The borders and text
overlays shall have selectable options for colour,
widths, text size, and flash on/off.
Should be changed to:
The DCMS shall be able to add borders to individual
original video content source.
The clarification sought is
more simplifiedRFP conditions prevails
69
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be able to select and display any
region of a multi-monitor display on a DCMS
connected source. For example, if an operator
has three
(3) monitors, the operator can select monitors
one (1) through two (2) for display on the VDW,
while leaving monitor 3 for local display only.
Should be changed to:
The DCMS shall be able to select and display any
multi-monitor display on a DCMS connected source.
The clarification sought is
more simplifiedRFP conditions prevails
70
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245The DCMS shall be able to accept a minimum
input of four (4) CATV video sources;
Should be changed to:
The DCMS shall be able to accept a minimum input
of (4) CATV video sources through a demodulator if
available in the control room
demodulator should be
provided by SI, not in the
scope of video wall
manufacturer
RFP conditions prevails
71
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be able to control and manage
all CATV tuners remotely from all video
connected rooms in the ICCC;
Should be changed to:
The DCMS shall be able to show the inputs from
multiple demodulators
demodulator should be
provided by SI, not in the
scope of video wall
manufacturer
RFP conditions prevails
72
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 66 of 245
The DCMS shall have a SDK and API openly
available without charge for future integration
with third party applications.
Should be changed to:
The DCMS shall have a API available without
charge for future integration with third party
applications.
The clarification sought is
more simplifiedRFP conditions prevails
73
Vol-2
2.3.2 IoT Platform
Video Wall
Management
Software
Page 66 of 245
The software should enable the users to see the
desktop of the graphics display wall remotely on
the any PC or above connected with the DCMS
and Video Wall over the Ethernet and change
the size and position of the various windows
being shown.
Should be changed to:
The client software should enable the users to see
the desktop of the graphics display wall remotely on
any PC and change the size and position of the
various windows being shown.
The clarification sought is
more simplifiedRFP conditions prevails
74
Vol-2
6. Video Wall
Controller
Clause 18
Page 226 of 245Output: To connect to minimum 16 Displays
through HDMI
Please change to:
To connect to minimum 16 Displays through
HDMI/DVI
RFP conditions prevails
75RFP volume section -
2142
Database License should be un-restricted and
perpetual, to prevent any noncompliance in an
event of customization & integration.
Perpetual word should be removed as most of the
OEMs do not provide perpetual license.RFP conditions prevails
Bidder shall submit relevant
licences of all components for the
entire contract period
76RFP volume section -
2142
Database shall support for central storage of
data with multiple instances of database in a
clustered environment access the single
database/multiple database
This clause will not allow open source and open
source based cost effective
but equally competent RDBMS to be able to
participate and to lower over all cost of the
project.This is also specific to some OEMs.
RFP conditions prevails
77RFP volume section -
248 (Point 56)
The platform should also have the capability to
read data directly from a set of databases
(HBase, Mongo DB, Oracle, Cassandra, MySQL,
Impala). To connect to any of the databases
information on how to connect should be
provided.
Kindly also include PostgreSQL in the list of
databases.Please refer to the corrigendum 6
78RFP volume section -
2128 Databases(Oracle/SQL/MYSQL/DB2)
Kindly also include PostgreSQL in the list of
databases.Please refer to the corrigendum 6
79RFP volume section -
2156
Database protocol (MySQL, MSSQL, Oracle) on a
single device
Kindly also include PostgreSQL in the list of
databases.Please refer to the corrigendum 6
80 Vol-II, 1.4 11 Security
Kindly confirm if the proposed Server Operating
System for all servers shall be Common Criteria
EAL4+ cerified as security shall be an important
aspect.
RFP conditions prevails
81 Vol-II, 1.5 16 OEM Software RequirementsKindly confirm if the OEM Software support shall
not restrict the number of support cases/incidents.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
82 Vol-II, 1.5 16 OEM Software Requirements
Please clarify if
The Software OEM shall have defined product life
cycle and update policies for the all the supplied
products
RFP conditions prevails
83 Vol-II, 1.4 13 Open Standards
Kindly confirm if the bidder should adhere to the
policy of Government of India on adoption of open
source software issued by DeitY vide F. No.
1(3)/2014-EG II available on MeitY website at
"meity.gov.in/writereaddata/files/policy_on_adopti
on_of_oss.pdf"
RFP conditions prevails
84 Vol-II, 1.5 16 OEM Software Requirements
Kindly confirm if the bidder shall not propose any
freeware software/community edition. ( as any such
underlying freeware/community-edition may be a
severe security risk).
RFP conditions prevails
85 Vol-II, 1.5 16 OEM Software Requirements
Kindly confirm that important software components
eg Operating system, RDBMS etc even if bundled
with a solution have to be supported by the
respective OEM. ( as any such underlying
freeware/community-edition may be a severe
security risk)
RFP conditions prevails
86 Vol-II, 1.5 16 OEM Software Requirements
Kindly confirm if the bidder shall propose full-use
license for the software instead of restrictive
licensing which would restrict the department from
using the procured OS/RDBMS/Application Server
etc for any other application for smart city.
RFP conditions prevails
87 Volume 2, S.no 25 38 commercial- off-the-shelf (COTS) applications
Is Bidder allowed to quote be-spoke solution? RFP
Volume 2, Pg 171 Point 9.4 Software Development
states that bespoke developed solution are also
allowed. We understand that department does not
want bidder to develop application post winning
and as first-time exercise but does department
allows bidders who have already developed such
solution based on open source and open standards
technology to participate? This is as per guidelines
of Government of India defined on Volume 2, Pg
197. Please clarify for fair practice & comparable
solutions participation.”
RFP conditions prevails
88Volume 2, 12.1.4
Annex-D197 Open Standards
"Shall bidder also adhere to Government of India’s
Open Source preference policy to ensure that
source code of platforms is free from royalty
wherever possible?
(http://meity.gov.in/writereaddata/files/policy_on_
adoption_of_oss.pdf)?”
RFP conditions prevails
89 Volume 2, Pt 9.5 172 Integration
Do you want implementation agency to integrate
existing applications in a point to point access
mechanism or Do you recommend ESB (Enterprise
Service Bus) based integration implementation
mechanism to ensure industry standards based
integration between multiple applications /
departments without point to point complex
integration. ESB tool based approach is highly
recommended for agility, simplicity and security. It
also ensures future integration requirements
without direct dependency on existing applications
hence flexibility.”
RFP conditions prevails
90 Vol-!!, Pt 19 37 API Management
Please confirm if an API managment solution should
be provided as part of the overall solution and
whether it is required to protect backend API
servers with strict traffic control on incoming and
outgoing traffic, provide access control features to
determine exactly who is using the API, how it is
used, and how much is being used, centrally set up
and manage policy and application plans for all APIs
on one platform, provide API authentication and
security and Monitor and set alerts on traffic flow.
RFP conditions prevails
91 Vol-II, 1.4 13-14 Application Architecture
Kindly confirm that the product/framework/SI pre-
existing product or work must be wrapped in a
vendor neutral API so that at any time the OEM
product can be replaced without affecting rest of
the system. In addition, there must be at least 2
independent OEM products available using same
standard before it can be used to ensure system is
not locked in to single vendor implementation.
RFP conditions prevails
92 Vol-II, 1.5 16 OEM Software Requirements
Kindly confirm that OEM of the various proposed
system software shall have presence in India and
shall have its own India Support centre as well.
RFP conditions prevails
93 Vol-II, 1.5 16 OEM Software Requirements
Kindly confirm that the bidder shall propose full use
license/subscription of various industry leading
middleware software i.e. Integration Server, API
management , Application Server, RDBMS etc
instead of using any restrictive bundle as part of any
Platform. The proposed Platform shall support
multiple choices for the middleware software
instead of any vendor lock-in.
The Authority shall be able to use these OEM
Middleware software i.e. ESB, API Management,
RDBMS, Application server even if it decides to
change or discard the platform/bundle also at a
later date.
RFP conditions prevails
94 Vol-II, 1.4 13-14 Application Architecture
Kindly confirm that various system software
proposed as part of an application platform shall be
replaceable and should not cause any vendor lock-
in. The bidder shall not propose an application
platform/bundle which enforces vendor lock-in eg
that platform/bundle uses only specific OEM
products in that bundle that too with restricted use
only for that limited application.
The bidders shall not propose any restricted use
lock-in bundles/platforms for the smart city
projects.
RFP conditions prevails
95Vol-II Level 2
Vol-II, Integrate73,84 Intgegration of Various UP Govt Applications
The RFP specifies scope for Integration of Various
Applications of Government of Uttar Pradesh.
Please confirm that the bidder shall propose an
Industry leading Enterprise OEM ESB Solution.
RFP conditions prevails
96 Vol-II 136
Blade Chassis Specifications:
Have the capability for installing industry
standard flavours of Microsoft Windows, and
Enterprise Red Hat Linux Oss as well as
virtualization solution such as Vmware.
Request you to please modify this clause as below:
Have the capability for installing industry standard
flavours of Microsoft Windows, and Enterprise Red
Hat Linux OS as well as industry standard
virtualization solution.
Please refer to the corrigendum 6
97 Vol-II, 94. 57
Platform Software
There shall be no use of freeware, shareware
and proprietary software
Please clarify that the mentioned statement is not
allowing usage of Freeware, shareware and
Proprietary Software. Need more clarity on the
same under ICCC requirement for Lucknow Smart
City
RFP is Self explanatory
98 Vol-II, 7 163 Handholding and Training
Request you to please confirm if OEM training to be
considered as part of requirement as the training
requirement is more specific to Product and
Solution specific trainings and it is more
recommended to have trainings delivered by
industry experts.
RFP conditions prevails
Bidder's responsibility to train
staffs to meet the RFP
functionality to maintain
operations and maintenance
99 General
Request more clarity on below:
- What kind of upper-layer systems?
- Where are they hosted?
- What are their future application integration
plans?
RFP is Self explanatory
100Vol2 : Scope Of
Work72/ 2.4.13
The Building Management System (BMS) shall
be implemented foreffective
management,monitoring and integration of
various components like Access Control System,
fire detection system etc.
Kindly provide the approx. number of Non-IT
equipments to be considered for BMS.Please refer to the corrigendum 6
101 Vol 1 81 NA
Kindly provide estimated details about
infrastructure size like number of IT equipments,
sensors, etc. This is needed to design the BoM.
RFP is Self explanatory
102Volume II , Section
2.3.261
DLP display cube shall measure 55 inches in
diagonal
Request you to consider DLP display cube shall
measure 70 inches as that is the standard Size as
55" is not available with anyone
Please refer to the corrigendum 6
103Volume II , Section
2.3.261 Ultra-thin configuration
Request you to make it normal configuration so that
other OEM Can qualify .Too add more to this heat
dissipation is the best in Normal rear projection
cubes as compared to Ultra Thin cubes
RFP conditions prevails
104Volume II , Section
2.3.262
The VDW shall be capable of displaying high
definition (HD) and standard definition (SD)
content
Request you to consider The VDW shall be capable
of displaying 4K high definition (HD) and standard
definition (SD) content
Please refer to the corrigendum 6
105Volume II , Section
2.3.263
Each VDW unit shall have front-access to the
projection modules and internal components of
the cubes for maintenance purposes
Request you to consider Each VDW unit shall have
Rear-access to the projection modules and internal
components of the cubes for maintenance purposes
as the screen gap is minimum in Rear access as
Front access cubes are with 1.5 mm Screen gap or
more .To add more to this any failure of one cube in
Front access will lead to obstruction of View of
complete VDW Which will result in hindrance for
24x7 Viewing
Please refer to the corrigendum 6
106Volume II , Section
2.3.264 To add
To add The video wall content will be able to show
live on any remote display .Mobile with IE Which
will help in viewing the videowall remotely
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
107Volume II ,Section
12.1.9 224 Contrast Ratio 100000:1
Request you to consider 1000000:1 or more so that
other OEM Can qualify Please refer to the corrigendum 6
108Volume II ,Section
12.1.9 224 Brightness 500 nits
Request you to consider brightness of at least 300
cd/m² or more so that other OEM can qualify .RFP conditions prevails
109Volume II ,Section
12.1.9 224 Laser Light source
Request you to consider LED as Laser based
Videowall are nearly 35% costlier than LED
Videowall & Continous viewing of Laser will lead to
Operator fatigue as its too bright for Indoor
applications .
RFP conditions prevails
110Volume II ,Section
12.1.9 224
Dual Redundant and Hot Swappable Power
Supply. This should
be built inside the cube for fail safe operation
with cooling
features.
Request you to kindly delete so that other OEM can
qualify as this is speciifc to one OEM RFP conditions prevails
111Volume II ,Section
12.1.9 224 IR Remote control
Request you to delete the same as it is specific to
one OEM & Obsolete technology .Now days control
is through IP Which is latest technology.Hence IP
Control to be provided so that other OEM can
Qualify
Please refer to the corrigendum 6
112Volume II ,Section
12.1.9 224 RAID 0, 1, 5, 10 support
This is specific to one OEM . Request you to
consider RAID 0,1 so that other OEM Can qualifyRFP conditions prevails
113Volume II ,Section
12.1.9 224
Dust Prevention - Should meet or exceed IP6X
standard
This is specific to one OEM .Request you to mention
Protection against dust should be there which
should not hamper the functionality of VDW
RFP conditions prevails
114
Vol2_RFP
DATA CENTER
SPECIFICATION
141 Link Load Balancer Specifications
Link Load balancer can also act as aa IPv6 gateway
hence we request to add below IPv6 Features on
Link load balancing Specifications,
• IPV6 support with IPv6 to IP4 and IPv4 to IPv6
translation and full IPv6 support.
• IPV6 support with DNS 6 to DNS 4 & DNS 4 to DNS
6 translation
• Support full DNS bind function & Capable of
handling complete DNS bind records including
A,MX, AAAA for IPv6.
RFP conditions prevails
Bidders should meet the
functional requirement as per
desired SLA
115Vol2_RFP
5.3 data security145 2.2.11.5 data security
The RFP has included most of network and security
solution to strengthen C&C infrastructure. But Web
Application security network function is missing and
is essential network function for overall security of
application infrastructure. Application security will
surely improve the security posture and improve the
operational efficiency of the solution. Besides Cyber
Security Model Framework for Smart Cities circular
also recommends web application security devices
for overall end to end security model. We suggest
including application security solution with
minimum specifications to this project.
Application level security solution should be
provided through leading practices and standards
including the following:
Prevent OWASP top 10 vulnerabilities including SQL
Injection, XSS, Security Misconfiguration
Vulnerabilities, Restrict URL Access Vulnerabilities,
Insufficient Transport Layer Protection, Redirects
and Forwards Vulnerabilities
The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks. Machine
learning should be based on true ML algorithms,
and not just automation of dynamically learnt rules.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
116
Vol2_RFP
DATA CENTER
SPECIFICATION
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual
instance to support multiple load balancing and
security functions. Shall have minimum of 8x10G
SFP+ interfaces from day one. Shall have
security features like reverse-proxy firewall, sync-
flood and denial of service attack protection
from day one.
number of virtual instance requirements are on
higher side keeping current and future scalabulity
requirement under consideration. Multi-tanent
server load balancer appliance typically requires 2-3
virtual tanents each of DMZ, MZ and server farm.
16 instances are on higher side and will add surplus
cost in overall solution design. we rcommend to
reduce it to 8 virtual instances.
RFP conditions prevails
117Vol2_RFP
5.3 data security145 New Suggestion-Application security
RFP has addressed most of the Application Security
points but still some application security points are
missing like unknown attacks based on user inputs
and application responses, Zero day Attacks, atomic
attacks and complex attack chains hence to address
these kind of attacks request you to consider next
generation application security solution with
minimum requirements.
1.The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks. Machine
learning should be based on true ML algorithms,
and not just automation of dynamically learnt rules.
2. web application security solution should have
capability of performing static analysis of source
code & dynamic analysis at RUN time to identify
potential vulnerabilities in web applications and
solution must have option to deploy virtual patch
based on static and dynamic analysis results.
3. The Web application security solution should
address known & unknown attacks based on user
inputs and application responses using combination
of dedicated protectors/signature engines and
Machine Learning
4. WAF should support built-in correlation engine to
detect atomic attacks and complex attack chains.
Administrator should have option to define
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
118volume2 , 5.3 Data
Security147
All applications hosted on cloud should support
multi-tenancy with adequate
There are no specifications in detail for encryption
solution. Please include definate specification to
meet.
RFP conditions prevails
119
volume2 , 1.4
Finalization and
submission of a
detailed technical
architecture
11authentication, encryption and role based
access control mechanism.
This requires a PKI system and needs to be specified
as a separate component that includes HSM also. RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
120
Volume 2 7.24.1
Access Control
System
147
All traffic from city equipment/sensors to the
application servers shall be encrypted Secure
Socket Layer (SSL) or SSH and authenticated
prior to sending any information. The data at
rest or in transmit must be encrypted.
Is HSM based SSL acceleration is required looking at
the large volume of connections between devices.It
will also add adquate security against attacks.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
121
volume2 , 1.4
Finalization and
submission of a
detailed technical
architecture
12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based Authentication and Authorization, in
accordance with IT Act 2000, using the Digital
Certificates
issued by the Certifying Authorities (CA). In
particular, 3 factor authentications (login id &
password, biometric and digital Signature) shall
be implemented by the MSI for
officials/employees
involved in processing citizen services
There are no specifications listed for CA and HSM.
According to IT Act, any CA needs to be
implemented with adequate HSM security. Looking
at the large volume, high end HSM will be required
with good signing speed and key generation ability
in high availability mode. Any pointers to
performance will help in sizing.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
122
Volume 2
Functionality
Description
74
File layer encryption needs to be established for
consistent protection from credentialed user
access and multi-key support across different
platforms regardless of OS/platform/storage
type, while ensuring that this encryption is
transparent to both Hadoop and calling
applications and scales out as the cluster grows.
The performance expctations and detail
specification of encryption solution required would
be helpful
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
123
volume2 , 1.4
Finalization and
submission of a
detailed technical
architecture
11
The security services used to protect the
solution shall include:
Identification,Authentication, Access Control,
Administration and Audit and support for
industry standard
protocols.
Th industry standards needs algorithms and their
secure implementation using devices like HSMs,
Encryption tools etc. Kindly include HSMs and
Encryption tools as these are separate equipments
that needs to be incuded in the system and RFP.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
124
Volume 2
Functionality
Description
74
Data Protection / Data at rest: Platform should
support encryption for tenant data at rest (on
disk/storage)
Mopst of the storage devices have their native
encryption ability. However best practises suggest
keeping the keys separate in a Key manager. Please
specify if Key management is required for self
encryption devices eg: KMIP compatible key
management
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
125
Volume 2
Functionality
Description
74
Data Protection / Production Data integrity:
Platform should support procedure in place to
ensure production data shall not be replicated
or used in non-production environment
This indicates ability to Mask or Tokenize the data
so that production data will not get in clear in non-
production or replicated environments. File level
encryption is also a way to protect the same in
replication/backup databses. Does that indicate an
encryption solution should come along with
Tokenization, Detokenization, Masking, Unmasking
and File level encryption ability.Detail technical
specification around this will be helpful.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
126
Volume 2
Functionality
Description
234-235 UPS Specifications
UPS rating and warranty period not specified.
Request you to provide the Rating of UPS needed
and warranty on the same.
RFP conditions prevailsBidder shall provide a redundant
power supply as mentioned in RFP
127
Volume 2: Scope of
Work
Primary Storage
137 Solution/ Type: IP Based/iSCSI/FC/NFS/CIFS
Request to modify the clause as "Solution/ Type: IP
Based/iSCSI/NFS/CIFS" as FC protocol is majorly
needed for structured high performance
applications and is not really required for
survillance, video or unstructured data.
RFP conditions prevails
128
Volume 2: Scope of
Work
Secondary Storage
138
Solution/Type:
• Secondary Storage (Archival/Backup) can be
on any media such as Tapes, Disks, Disk systems,
etc. or its combination.
(so as to arrive at lower cost per TB)
• May or may not use de-duplication technology
• Compatible with primary storage
• Must use latest stable technology platform,
with support available for next 7 to 10 years.
Please modify and request to add below features
for better functioning of secondary storage.
"Solution/Type:
• Secondary Storage (Archival/Backup or Software
Defined Storage) can be on any media such as
Tapes, Disks, Disk systems, etc. or its combination.
(so as to arrive at lower cost per TB)
• May or may not use de-duplication technology
• Must provide WORM feature
• Enables placing data on cloud, SAN, DAS/ SSD
storage types with auto tiering.
• Compatible with primary storage
• Must use latest stable technology platform, with
support
available for next 7 to 10 years."
RFP conditions prevailsMinimum Specs Given, Bidder can
quote equivalent or higher
129
Volume 2: Scope of
Work New Clause Proposed "Backup Software"
Backup Software is required to write data on Tapes,
however no technical specification for backup
software has been provided or any BOQ. Request to
provide some minimum Specifications for a Backup
Software Solution. Some of general specifications
like below;
Backup software should work on Windows and
Linux Operating Systems to be quoted for this
requirement
It should be capable of LAN based and SAN based
backup /restore from various platforms including
Linux and Windows
The proposed Software Vendor must be available as
Leaders in Latest Gartner Magic Quadrant for
Enterprise Backup Software report.
It should be able to perform backup/ restore of both
file and block/ RDBMS data.
The backup software must provide functionality for
disk-to-tape, block/ file based full/ incremental
backup, vaulting of tapes offline, etc.
The backup software should allow creation of
additional backup copies within the same library
after the main backup.
It must have in-built calendar based scheduling
system .
It must have in built Java/ Browser based GUI for
centralized comprehensive management of backup.
Supplied backup software should allow individual
RFP conditions prevails
130
Vol2_RFP
DATA CENTER
SPECIFICATION- Link
Load Balancer
Specifications
141
Suggestion for nextGen platform with Global
load balancing and secure remote access
solution
Traditional hardware based networking appliances
does not offer flexibility, agility and multi-tenancy
to meet modern networking requirements such as
portability, automation, consolidation of multiple
network functions, management and orchestration.
Purpose built hardware with network function
virtualization are key attributes for next gen cloud
based data centres and provide agility, portability &
programmability with guaranteed performance.
Load balancer, application firewall, GSLB being AFE
(application front end) device must comply and
support next generation NFV and SDN
requirements, having said that it is suggested that
SI needs to deploy high performance purpose built
next generation multi-tenant NFV cloud platform.
The Platform should support multiple network
functions including link load balancing, SSL VPN &
global server load balancing functions with
dedicated hardware resources for each virtual
function for guaranteed performance.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
131
Vol2_RFP
5.3 data security -
2.2.11.5 data
security -
145 Suggestion for web application firewall
The RFP has included most of network and security
solution to strengthen C&C infrastructure. But Web
Application security network function is missing and
is essential network function for overall security of
application infrastructure. Application security will
surely improve the security posture and improve the
operational efficiency of the solution. Besides Cyber
Security Model Framework for Smart Cities circular
also recommends web application security devices
for overall end to end security model. We suggest
including application security solution with
minimum specifications to this project.
WAF should provide protection against OWASP
top10 web based vulnerabilities for layer7 attack
mitigation.
The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks.
WAF must have integrated static & dynamic
analyser of source code & to identify potential
vulnerabilities in web applications with admin
define policy to deploy virtual patch based on static
and dynamic analysis results.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
132
Vol2_RFP
DATA CENTER
SPECIFICATION-
Server Load
Balancer
Specifications
141
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual
instance to support multiple load balancing and
security functions. Shall have minimum of 8x10G
SFP+ interfaces from day one. Shall have
security features like reverse-proxy firewall, sync-
flood and denial of service attack protection
from day one.
number of virtual instance requirements are on
higher side keeping current and future scalability
requirement under consideration. Multi-tenant
server load balancer appliance typically requires 2-3
virtual tenants each of DMZ, MZ and server farm.
16 instances are on higher side and will add surplus
cost in overall solution design. we recommend to
reduce it to 6 virtual instances.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
133
Vol2_RFP
DATA CENTER
SPECIFICATION-
Server Load
Balancer
Specifications
141 Server Load Balancer - application transaction visibility/analytics
load balancer being AFE appliances offer application
availability and performance optimization, however
next generation load balancer solutions does offer
transaction level visibly that will help department to
quantify application performance in real time.
moreover application visibility and analytics solution
does provide performance metrics that help
application and network teams to identify and fix
the root cause of application and network issues -
one of the key requirements to host and manage
dynamic applications through load balancers. it is
highly recommend that server load balancer should
have end user transaction visibility module from day
one and should be from different OEM (not from
ADC). to meet the performance requirements this
module should run as dedicated virtual function on
LB platform with dedicated hardware resources with
minimum requirements mentioned below.
The solution should, at a minimum, provide
following measurements:
- Service usage by user, server, port and URL
- Counts of slow and fast transactions
- End-to-end transaction time
- End-to-end data transfer time
- Server response time
- HTTP redirect time
- Network round-trip time from the measurement
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
134 Vol 1 Addittion
Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be deployed in at least 1 city in India and
must be operational for more than a year with 3 use
cases mentioned in the tender.
This will ensure the
proposed CCC solution is
working as per customer
expectations and capable
of delivering desired
outcomes in Indian
conditions. Relevance of
min. 3 use-case will prove
the depth and integration
capabilities of the product.
RFP conditions prevails
135 Vol 1 Addittion
·Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should have min 1 deployment in cloud and min 1
deployment on-premises in India - Bidder to submit
OEM undertaking / Work Order / Purchase Order for
same. As multiple city technology are going in cloud,
ICCC solution must have experience in cloud
technology integration.
For the obvious advantages
of Cloud technology based
deployments, many cities
are starting to outsource
more and more elements
of their Smart City ICT & IT
infrastructure to cloud
service providers. As
multiple city technology
are going in cloud, CCC
solution must be
thoroughly proven for
cloud based deployments
and integrations. Also, for
any of the existing legacy
infrastructure or for
system which can be better
hosted locally, the CCC
should have On-premises
capabilities as well.
RFP conditions prevails
136 Vol 1 Addittion
Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be deployed in 5 cities globally with
minimum 3 smart city use cases either on Cloud or
On-premise architecture.
This will ensure the
proposed CCC product is of
Global/International
Standards and
meets/fulfills all
parameters required for
the Smart City use-case
domains. Relevance of
min. 3 use-case will prove
the depth and integration
capabilities of the product.
RFP conditions prevails
137 Vol 1 Addittion
Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be either be from Single OEM OR should be
pre-integrated and operational for more than a year
in a City locally or globally. OEM need to submit
project experience and undertaking on same.
Single OEM for Pre-
Integrated Visualization
layer & Normalization / IOT
platform will ensure
watertight integration,
seamless and trouble-free
operations. If not single
OEM, than propose
solution to be working
successfully for over 1 will
ensure the proposed
combination of products
are working as per
expectations and capable
of delivering desired
outcomes
RFP conditions prevails
138 Vol 1 Addittion
Smart City Platform/Software provider should be
Member of Smart Cities Council & Navigant
Research Report for Smart Cities Suppliers.
This will ensure the
proposed CCC product is of
Global/International
Standards and
meets/fulfills all
parameters required for
the Smart City use-case
domains.
RFP conditions prevails
139 Vol 1 Addittion
OEM should have registered office in India at least
from last 10 Years and should have software
development center and Research & Development
Lab in India.
Relevance of time will
prove the depth and
capabilities of the product
& its strategy, market
presence, staying power,
support mechanism.
RFP conditions prevails
140 Vol 1 Addittion
Bidder need to submit OEM's data sheet, ordering
guide & API document available on the public
domain along with bid document.
Documentary evidence to
substantiate capabilities of
proposed solution /
product, Product
Performance & Features,
Integration capabilities,
etc.
RFP conditions prevails
141 Vol 1 Addittion
OEM must be single legal entity or its holding
company, having annual revenue of more than INR
100 Crores in the last two financial years (2014-15
and 2015-16) either in India or Globally and at the
same time be profitable in last the 3 financial years
This will ensure no
smalll/local players
participate in the process
and only repuated brands
with expierence of industry
come forth.
RFP conditions prevails
142 Vol 1 AddittionOEM should have atleast 4 spare depots in the
country for material replacement and support
This again will ensure no
Chinese/Taiwan/Israel etc.
type of compaines who do
not have a support base
are able to participate.
RFP conditions prevails
143 Vol 1 Addittion
OEM should have executed atleast 5 mission-mode
projects of state or central government like SDC.
SWAN etc.
OEMs with past expierence
of executing mission
critical projects should be
preferred
RFP conditions prevails
144Volume-1, | Section
6.883 Proposed Bill of Material
Please add line item for Smart City Platform
applicationPlease refer to the corrigendum 6
145Volume 2, | Section
2.3.1 (Collaboration)46
The platform should allow the stakeholders to
be notified of the creation of collaboration
spaces using SMSs and announcements over
PSTN telephone calls.
Request you please change clause as "The platform
should allow the stakeholders to be notified of the
creation of collaboration spaces using SMSs
/announcements over PSTN telephone calls/Emails.
RFP conditions prevails
The platform should allow the
stakeholders to be notified of the
creation of collaboration spaces
using SMSs /announcements over
PSTN telephone calls/Emails.
146
Volume 2 | Section
2.3.1 (Incident
Management)
59
MSI has to provide an appropriate tools for
incident and SLA management for the SLA
Parameters defined in Vol. 3 of this RFP
Request you to please remove " SLA Management"
becasuse SLA management is part of "EMS" which is
already asked in RFP.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
147
Vol 2 | 1.4
Finalization and
submission of a
detailed technical
architecture
12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based
Authentication and Authorization, in accordance
with IT Act 2000, using the Digital Certificates
issued by the Certifying Authorities (CA). In
particular, 3 factor authentications (login id &
password, biometric and digital Signature) shall
be implemented by the MSI for
officials/employees
involved in processing citizen services.
1. Should the PKI based Auth & Auth solution be
deployed on- premise or cloud?
2. How many Digital Signature Certificates would be
required?
3. Should the application have the ability to just
validate DSC's or even issue DSC's?
4. Is Aadhar based authentication permitted too or
its just DSC?
5. What are the specifications of biometric systems
that should be integrated?
6.Can we expect that the biometric hardware
existing or new will have capability to integrate?
Should one quote for the biometric hardware too?
7. Should the biometric fingerprints be validated by
Aadhar ID or any other software?
8. Is a OTP based auth required?
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
148
Vol 2 | 1.5 Other
expectations from
MS
17 26. Build and certify ICCC as per ISO 27001:2011 standards
Is the expectation of ICCC platform to be ISO 27001
certified? In ISO 27001, 2011 standard isn't specified
in ISO Standards. Need further details.
RFP conditions prevails
149
Vol 2 | 2.1
Environmental
Sensors:
21 Mosquito Density
Is the expectation the environmental sensor should
be able to detect mosquito sensity too? Or
expecting a different sensor to measure this
density?
Please refer to the corrigendum 6
150
Vol 2 | 2.1
Environmental
Sensors:
21Functional Specs: CO upto 1000 ppm, Technical
Specs Range: CO : 0 – 31 ppm
Can you please clarify the difference? Should the
range be ppb or ppm in tech specs?RFP conditions prevails
151Vol 2 | 2.2 Variable
Message Sign Board25
The real time information can also be
pushed manually from ICCC as well as system
should capable to take the data from the cloud
for display on the board
Should application also be deployed on cloud to
send messages to VMS?RFP is Self explanatory
152
Vol 2 | 2.3
Centralized
Command & Control
Centre
29
suggestion for nextGen platform with Global
load balancing and secure remote access
solution
What's the SLA expected during this shift? Is there
any permitted downtime?RFP conditions prevails Query Not Clear
153
Vol 2 |2.3
Centralized
Command & Control
Centre
29
MSI should also continuously monitor all the
infrastructure/Servers/Routers/etc which
has been built as part of this RFP
What about monitoring of the sensor health and
sensor data correctness, sensor gateway health
status, battery life, warranty monitoring, security
issues coming from firmware, sensor performance
management?
RFP conditions prevails
154
Vol 2 | 2.3.1
General
Requirements: Point
23
37
The platform should also be able to bring in
other egovernance data (SCADA systems) as i-
frames in the
command and control centre dashboard
Why i-frames only? There are other ways to
integrate too.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
155
Vol 2 | 2.3.1
General
Requirements: Point
23
50
Integrate with other 3rd party applications
seamlessly.
The response time of the analytical tools used
should
be less than 10 sec
Can you clarify if its 3rd party applications or 3rd
party application data sources/apis?
Response time of an analytical tool varies from case
to case based on the amount of data that should be
processed. If one is looking at monthly data it could
show up in less than 2 sec. If its yearly data it could
vary. Request to remove this clause. Application
response time can be less but for reporting engines,
it may not be the case
RFP conditions prevails
156Vol 2, 3.1 Unified
Smart Mobility Card:82
Scope of Work: The MSI is expected to integrate
the services of various departments into
Lucknow Metro card so as to achieve the
concept of One City-One Card. Below are the
minimum list of the services/ departments that
are expected to be taken for the integration:
1. What is the integration required for Smart
Mobility Card to ICCC?
2. Will MSI be given access to LMC Application to
integrate the services?
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
157
Vol 2, Geographical
Information System
(GIS) & GIS City
Portal
85 3D Data of city
Will 3D data of city be provided as part of GIS
Platform or should be added? If it has to be added,
should 3D data modelling be considered too?
Please refer to the corrigendum 6
158
Vol 2, Geographical
Information System
(GIS) & GIS City
Portal
86
8 Core Arc GIS Server on Active-Active mode
along with two Desktop advanced are already
existing and the MSI shall evaluate the sizing as
per their requirement of the system and also
has to maintain the existing city portal and the
upgrade system for 5 years
Till when are the existing ArcGIS licenses valid?
Is there already a web GIS server?
Is the expectation to use ArcGIS platform only or
propose another based on the specs given further in
the RFP page 97 onwards?
Please refer to the corrigendum 6
159
Vol 2 | Technical
Requirement | WAN
/ Internet Router
132Bandwidth: Bandwidth on demand for cost
effective connection performance enhancement
Request you yo please specify the throughtput (min
& max) that’s needs to be considered.RFP conditions prevails
160
Vol 2 | Technical
Requirement |
Servers
135
Network interface:
2 X 20GbE LAN ports for providing Ethernet
connectivity
Optional: 1 X Dual-port 16Gbps FC HBA for
providing FC connectivity
Request to modify the specification: " 2 X 10GbE
LAN ports for providing Ethernet connectivity
Optional: 1 X Dual-port 16Gbps FC HBA for
providing FC connectivity.
The same can be provided using convered FCOE
ports on Blade/Rack server " The Required numer
of ports to be distrbuted across two adapters for
adapter level redundancy. "
Latest generation blade
architectures support dual
converged modules for IO
connectivity for carry Lan
and SAN traffic. This helps
in simplification, lower
cabling, power & cooling
without compromising
throughput. Adpater level
redundancy will provide
resileicy agaisnt any faults .
Also, We support
Converged network
adapter to provide LAN
and SAN access over FCOE.
Please refer to the corrigendum 6
161
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Dual network connectivity of 10 G speed for
each blade server for redundancy shall be
provided
Request to modify the specification: " Dual network
connectivity of 20 G uplink bandwidth for each
blade server for redundancy shall be provided "
Dedicated uplink
bandwidth of 20 Gbps per
server will ensure optimum
performance fior
demanding workloads
RFP conditions prevails
162
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plugs/hot-swap redundant 16 Gbps
Fiber Channel module for connectivity to the
external Fiber channel Switch and ultimately to
the storage device
Request to modify the specification: "Two hot-
plugs/hot-swap redundant 16 Gbps Fiber Channel or
FCOE module for connectivity to the external Fiber
channel Switch and ultimately to the storage
device"
Latest generation blade
architectures support dual
converged modules for IO
connectivity for carry LAN
and SAN traffic. This helps
in simplification, lower
cabling, power & cooling
without compromising
throughput. We support
dual converged modules to
carry both LAN & SAN
traffic. Hence kindly allow
for coverged IO modules.
Please refer to the corrigendum 6
163
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Provision of systems management and
deployment tools to aid in blade server
configuration and OS deployment
Request to modify this clause to "Provision of
systems management and deployment tools to aid
in blade server configuration and OS deployment
along with centalized management solution in HA
for single pane of glass view for configuration,
monitoring & management "
There should be
centralized management
dashboard for all the
chassis and blade servers
in a given data center for
single pane of glass view
RFP conditions prevails
164
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136 Minimum 1 USB portRequest you to modify this to " Minimum 1 USB
Ports at Blade Server or Chassis level "RFP conditions prevails
165
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plug/hot-swap, redundant 10 Gbps
Ethernet or FCoE module with minimum 16
ports (cumulative), having Layer 2/3
functionality
Request you to modify this to " Minimum Two hot-
plug/hot-swap, redundant 10 Gbps Ethernet or FCoE
module with minimum 16 ports (cumulative), to
meet uplink bandwidth per server for a fully loaded
chassis "
Sufficient bandiwtdh
shiuld be provisioned
considering fully loaded
chassis even if not all blade
slots are populated. This
will maintain the same
optimum performance
level & investment
protection even in case of
any future expansion of
number of blades in the
given chassis
RFP conditions prevails
166
Vol 2 | Technical
Requirement |
Servers
135
Processor:
• Latest series/ generation of 64 bit x86
processor(s) with Ten or higher Cores
• Processor speed should be minimum 2.4 GHz
• Minimum 2 processors per each physical
server
Request to Modify to " Processor:
• Latest series/ generation of 64 bit x86 processor(s)
skylake processors
• Processor speed should be minimum 2 GHz
• Minimum 2 processors per each physical server"
The current series by Intel
is teh Skylake chipset
which are more efficient
and perfromance oriented.
Also the bidder should be
let to decide the no. of
core per processor in order
to have teh best suitable
robust solution
RFP conditions prevails
167
Vol 2 | Technical
Requirement |
Servers
135
Internal Storage:
• 2 x 300 GB SAS (10k rpm) hot swap disk with
extensible bays
Request to Modify to " Internal Storage: 2 x 300 GB
SAS (10k rpm)"
The blades storage is
required only to hots the
OS binaries and metadata
rest all storage would be
required on external
storage as the servers are
external devices bootable
and is best recommended
as per best practice laws.
RFP conditions prevails
168
Vol 2 | Technical
Requirement | Anti-
APT
154
Solution must be custom built AntiAPT solution
and must not have network perimeter security
component part devices like firewall and IDS/IPS
Request to change to below , as custom built
solution can be easily compromised :- Solution
must not be a custom built Anti APT solution and
must not have network perimeter security
component part devices like firewall and IDS/IPS
Request to change to
below , as custom built
solution can be easily
compromised
RFP conditions prevails
Dedicated Custom built APT
solutions offer dedicated
resources to do analysis of
unknown threats with higher
acceleration instead of
UTM/Firewall based devices
having multiple security layers
hosted on shared resources.
169
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should use customizable
OS sandboxes for detecting zero day malwares,
This should not be a CPU or chip based function.
Request to Remove this clause As custom built solution
can be easily compromisedRFP conditions prevails
170
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should be able to detect
lateral movement (East West) of the attacker
without the need of installing agents on
endpoint/server machines.
Request to change as per below:
The proposed solution should be able to detect
lateral movement (East West) of the attacker with
or without the need of installing agents on
endpoint/server machines.
Incase of Anti APT lateral
movement (East West)
may not have actual
visibility without an agent
RFP conditions prevails
171
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should support Multiple
protocols for inspection. Example :• HTTP, FTP,
SMTP, SNMP, IM ,IRC,DNS and P2P protocols
Internal direction :SMB ,Database protocol
(MySQL, MSSQL, Oracle) on a single device
Request to Change the Clause As "The proposed
solution should support Multiple protocols for
inspection. Example HTTP,HTTPS SMTP, IMAP,
POP3, FTP NetBIOS-ssn (SMB)"
Specific to OEM RFP conditions prevails
172
Vol 2 | Technical
Requirement | Anti-
APT
156
The proposed solution should have an endpoint
security component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection,
ability to quarantine and clean the infected files,
ability to integrate
Request to Change the Clause As :- The proposed
solution should have an endpoint security
component and should have following
functionalities (Antivirus, antimalware, ransom ware
protection, Vulnerability Protection in endpoint,
and C&C detection, ability to quarantine and clean
the infected files, ability to integrate.
Specific to OEM Please refer to the corrigendum 6
173
Vol 2 | Technical
Requirement | Anti-
APT
156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
Request to Change the Clause As :- The proposed
solution should be able to run at least 5000 files a
day for sandboxes analysis of payload and on
premise sandbox solution should have the
capability to allow manual submission of suspicious
files for analysis
Different OEM use
different mechanism to
size their sandbox solution
hence requesting change
RFP conditions prevails
174
Vol 2 | Technical
Requirement | Anti-
APT
156
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
Request to Change the Clause As :- sandbox
solution should support following operating systems
( Win7 Win 10, )and must have the capability to
analyse large files and must be able to support more
than 50MB file size.
Different OEM use
different solution hence
requesting change
RFP conditions prevails
175
Vol 2 | Technical
Requirement | Anti-
APT
156
The solution should allow administrator to
categorize files as safe based on Hash values
(MD5) and proposed solution should be able to
provide customizable sandbox to match
customer's endpoint environments.
Request to Change the Clause As :-The solution
should allow administrator to categorize files as safe
based on Hash values (MD5/SHA 256) and proposed
solution should be able to provide sandbox to
match customer's endpoint environments.
MD5 Hash has problem of
overlapping hence
requesting change
RFP conditions prevails
176
Vol 2 | Technical
Requirement | Anti-
APT
156
The Proposed solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for
Sandboxing. This requirement should be based
on virtual execution and should not be
Hardware or chip based function
Request to Remove this clause , as custom built
solution can be easily compromise:- The Proposed
solution should support Windows 7 & Windows 10
operating environments for Sandboxing.
As custom built solution
can be easily compromisedRFP conditions prevails
177
Vol 2 | Technical
Requirement | Anti-
APT
157
Solution must be capable of performing multiple
file format analysis which includes but not
limited to the following: LNK, Microsoft objects,
pdf, exe files, compressed files, .chm, .swf, .jpg,
.dll, .sys, .com and .hwp
Request to Change the Clause As :- Solution must
be capable of performing multiple file format
analysis which includes but not limited to the
following: Microsoft objects, pdf, exe files,
compressed files, .chm, .swf, .jpg .dll, com
Different OEM support
different file types and
hence requesting change
RFP conditions prevails
178
Vol 2 | Technical
Requirement | Anti-
APT
157
The proposed solution should support exporting
of analysis results such as C&C server IP and
malicious domain listing and solution should
have capabilities to scan inside password
protected Archive and should have capabilities
to detect Malwares and Spywares on windows
and non-windows platforms.
Request to Change the Clause As :-The proposed
solution should support exporting of analysis results
such as C&C server IP and malicious domain listing
and solution should have capabilities to scan inside
Archive and should have capabilities to detect
Malwares and Spywares on windows and non-
windows platforms.
Specific to OEM RFP conditions prevails
179
Vol 2 | Technical
Requirement | Anti-
APT
157
The proposed solution should have option to
configure unrestricted internet for sandboxes
and proposed solution must have capabilities to
detect Mac, Linux and mobile malwares.
Request to Change the Clause As :-The proposed
solution should have option to configure
unrestricted internet for sandboxes and proposed
solution must have capabilities to detect malwares
& their behaviors .
Specific to OEM RFP conditions prevails
180
Vol 2 | Technical
Requirement | Anti-
APT
157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. Anti-APT
solution should share intelligence with
endpoint, security web gateway solution, HIPS•
server security & NIPS, similarly endpoint and
security web gateway, NIPS & HIPS(Server
Security) should submit files to AntiAPT solution
for analysis and all three (Anti•APT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console.
load balancer being AFE appliances offer application
availability and performance optimization, however
next generation load balancer solutions does offer
transaction level visibly that will help department to
quantify application performance in real time
This would restrict the
participation of renowed
OEM in proposing their
best of breed solution as it
allow only OEM to
participate
RFP conditions prevails
Proposed Anti-APT solution should
share Indicators of compromise for
mitigation based on sandbox
analysis with Endpoint AV, HIPS,
Web security and Email security
solutions to block unknown threat
and should manage through single
management console.
181
Vol 2 | Technical
Requirement |
Firewall
158Firewall shall have an Intrusion Prevention
System (IPS) with following features
When IPS is already asked why Firewall has IPS
capabiltiies only added in firewall sectionRFP conditions prevails
182
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151
Intrusion Prevention System (NIPS) should be
based on purpose-built platform that has Field
Programmable Gate Arrays (FPGAs), On-board
L2 Switch and dual plane architecture for Data
and control plane and NIPS should be
independent standalone solution.
Request for change as FPGA is OEM specific ask, this
would restrict other renowned/leaders in market
from participation.
RFP conditions prevails
183
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151
The proposed IPS should support "IPS on a stick"
in the Core switch by using VLAN Translation
that allows customers to inspect inter-vlan
traffic without adding additional in-line IPS per
VLAN.
Request you to remove this clause; as IPS has to be
either Inline or Inline TAP and use VLAN Tag as one
of the Filtering Criteria; As different interfaces can
be binded to the same zone and Intra-zone traffic
can be controlled using Access control rules; request
to consider the change.
Please refer to the corrigendum 6
184
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151Must support full redundancy solution (Active-
Passive, Active Active)
Request for the change to Must support full
redundancy solution (Active-Passive/Active Active)
for all deployment options - Passive/ Inline-
set/Routed
RFP conditions prevails
185
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151
The proposed IPS must able to operate in
Asymmetric traffic environment with DV filters
protection
Please share use case; It has dependency on
network design; Please refer to the corrigendum 6
186
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The proposed IPS solution must support
Adaptive Filter Configuration(AFC)
which will alert or disable ineffective filter in
case of noisy filters
Request for the change - The proposed IPS solution
must support Adaptive Filter Configuration(AFC) or
equivalent methods which will alert or disable
ineffective filter in case of noisy filters/signatures
RFP conditions prevails
187
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The proposed IPS must have real 10Gbps
throughput with atleast 60 million concurrent
sessions and 450,000 new connections per
second with <40 ms latency.
Please change the clause to - "The proposed IPS
must have real 10Gbps throughput with atleast 6
million concurrent sessions and 50,000 new
connections per second." As with standard port
offering of 10*8G = 80Gbps is far higher than the
Real world throughput asked; so as the box is
oversized; request you to consider the change.
RFP conditions prevails
188
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The IPS vendor must be position as a leader in
vulnerability research by the latest Frost and
Sullivan vulnerability tracker
Request to remove this clause as its OEM specific,
also next point ask for Gartner and NSS lab reports
and positions which are available.
Please refer to the corrigendum 6
189
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The IPS vendor should be in Gartner leader’s
quadrant in latest report. IPS
vendor must be in the recommended products
in the latest NSS report.
Request for the change to - The IPS vendor should
be in Gartner leader’s quadrant in latest report from
last 3 years. IPS vendor must be in the
recommended products in the latest NSS report.
RFP conditions prevails
190
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The IPS filter must support network action set
such as Block (drop packet),
Block (TCP Reset), Permit, Trust, Notify,
Trace(Packet Capture), Rate Limit and
Quarantine
Request you to change the clause to - The IPS filter
must support network action set such as Block (drop
packet), Block (TCP Reset), Permit, Trust, Notify,
Trace(Packet Capture), Rate Limit. Quarantine is
feature available in most HIPS solutions, and
product asked is Network IPS, hence request you to
remove quarantine word.
RFP conditions prevails
191
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
IPS solution must have vulnerability based filter
which are known for most
effectively for Zero Day Attack Protection and
ZDI technology should be inbuilt.
Request to remove word- ZDI as it is OEM specific
techonology and other renowned OEM in industyr
support equivalent technology with different
terminology.
RFP conditions prevails
IPS solution must have
vulnerability based filter which are
known for most effectively for
Zero Day Attack Protection and ZDI
technology/equivalent should be
inbuilt.
192
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The proposed IPS must provide bandwidth rate
limit to control the
unwanted/nuisance traffic such as P2P, Online
Game, etc
Request to remove this clause as separate Firewall
is asked in RFP, Firewall are capable of application
based filtering and would be better place to control
application based on bandwidth.
RFP conditions prevails
193
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152The proposed IPS must be able to support GTP
inspection for GPRS/3G mobile networksPlease remove this clause, as it is specific to OEM Please refer to the corrigendum 6
194
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS vendor must provide a global
threat intelligence portal that provide real-time
monitoring and statistics of malicious threats
and attacks and NIPS should integrate with
sandboxing to submit unknown files in
sandboxing for simulation and create IOC's on
real time basis as per
sandboxing analysis and revert back to NIPS to
block threats and sandboxing solution should
support customizable Windows 7/8/10 and
Microsoft 2008/12 operating environments for
Sandboxing with at least 60 virtual instances
running in single sandboxing box
Different OEM use different sizing parameter and
hence requesting to remove this clauseRFP conditions prevails
Considering sclability of traffic and
zero day specific threats this caunt
is requred.
195
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS system must support SNMP
and a private MIB that can beutilized from an
Enterprise Management Application such as HP
Open view, MRTG, etc.
Please change the clause to - "The proposed IPS
system must support SNMP and a private MIB that
can beutilized from any SIEM"
RFP conditions prevails
196
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS system must be able to be
managed locally independently without any
centralised management server
Request you to remove this clause; as Centralized
Management Console adds true value to the
architecture where event correlation,
administration, deployment, policy change could be
managed from centralized console removing
network and administrative overhead.
RFP conditions prevails
Functional requrement is abe to
achieve hence no need to procue
additional dedicated manfement
197
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
154
The management server must support the
archiving and backup of events and export to
NFS, SMB, SCP and SFTP and must allow the
report to be exported into other format such as
PDF, HTML, CSV, XML etc
Request you to consider the change - "The
management server must support the archiving and
backup of events and export to NFS, SMB, SCP/SFTP
and must allow the report to be exported into other
format such as PDF/HTML/CSV/XML etc" as Most
common formats for reports and data backup are
available in the management server.
RFP conditions prevails
198 Vol_1_RFP_0 8813. Audio Processor (As per
Bidder’s Solution)Specifications to be inserted in corrigendum RFP conditions prevails
199 Vol_1_RFP_0 8814.Audio Distribution Amplifier
(As per Bidder’s Solution)Specifications to be inserted in corrigendum RFP conditions prevails
200 Vol_1_RFP_0 8815.Audio Extractor (As per
Bidder’s Solution)Specifications to be inserted in corrigendum RFP conditions prevails
201 Vol_1_RFP_0 8916.Distribution Amplifier (As
per Bidder’s Solution)Specifications to be inserted in corrigendum RFP conditions prevails
202 Vol_1_RFP_0 89 17.AV Auto Switcher Specifications to be inserted in corrigendum RFP conditions prevails
203
Vol 1 2.29
Eligible Goods and
Services, and OEM
Criteria
34
h. The bidder’s proposed OEM(s) for the
following solutions must be included in
the Gartner magic quadrants (in either Leaders
or Challengers quadrant) as on
the day of submission of bid. Gartner Reports
released in the last 1 year to be
referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
Request customer to allow OEM(s) who are Leaders
or challengers or Visionaries from Gartner’s MQ for
Data Center Networking
The Requirement of Lan switches is for Data centre
RFP conditions prevails
204
Vol 2 Data Centre
TOR (Top of the
Rack ) Switch
135Resiliency:
• Dual load sharing AC and DC power supplies
The Switch support dual AC or Dc power supplies in
data Centre . Request for clarificationPlease refer to the corrigendum 6
205
RFP Volume 2 ,
Section 4.1 :
Geographical
Information System
(GIS) & GIS City
Portal
Subsection :
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
87
3: SAN Storage : Dual Controller, Fiber Channel
based storage with
16TB(8*2TB HDD), Scalability to 24 drives within
the same enclosure
Request you to please clarify:
1: Useable Capacity Required.
2: Required Performance parameter like required
IOPS.
3: Required Cache across controllers
(Recommended to have at least 48 GB Cache across
dual controller)
Please refer to the corrigendum 6
206
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Disaster
Recovery (DR) Site
120
Disaster Recovery Site will be on Meghraj cloud
platform (National Informatics Centre) with
100% uptime.
Please Clarify is required storage with relevant
Capacity & Performance (IOPS) is to be provisioned
by SI or it will be provided by NIC Meghraj Cloud.
If it has to be provisioned by NIC Megraj Cloud then
please confirm the Availability of Storage Capacity
at NIC Meghraj Cloud along with the details of
Storage (Make & Model) from which NIC Meghraj
cloud will allocate the required capacity since DR
Storage has to compatible with DC Storage.
RFP conditions prevails
207
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Disaster
Recovery (DR) Site
121
Both DC and DR Site shall work in an Active-
Active mode.
Please clarify is the required functionality of Active
Active DC & DR is required for some selected set of
application with the availability of this functionality
at application level. If yes please clarify the list of
applications with native functionality support of
Active Active DC & DR.
RFP conditions prevails
208
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Disaster
Recovery (DR) Site
121Zero RPO (Recovery Point Objective) and RTO
(Recovery Time Objective) of 10 minutes.
Please clarify is the required functionality of Zero
RPO is required for some selected set of application
with the availability of this functionality at
application level or is this requirement for all
applications.
If is it required for all applications then it will be a 3
Site Storage solution with Primary Site ( Lucknow
SDC ) , Near Line Site (Please confirm the Site ) & DR
Site ( NIC Meghraj).
RFP conditions prevailsBidder to ensure the functional
requirements of the RFP
209
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Primary
Storage
137
Storage:
Storage Capacity should be minimum 5 TB
(usable, after configuring in offered RAID
configuration)
Disks should be preferably minimum of 3 TB
capacity
Request you to please clarify:
1: Please confirm is 5 TB is storage capacity required
or else please clarify the useable Capacity Required.
2: Required Performance parameter like required
IOPS.
3: Please confirm if lower capacity Disks can be used
since disk capacity of 3 TB normally comes in NL SAS
disks which are not performance driven disks.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
210
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Primary
Storage
137Storage:
RAID Support : RAID 0, 1, 1+0, 5+0 and 6
Request you to please re-look at RAID requirement
since RAID 1+0 & 5+0 are non standard RAIDs.
Industry recognized RAIDs are RAID 0, 1, 5, 6 & RAID
10 ; any combination of RAID levels can exist in
single array
RFP conditions prevails
211
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
Page No : 57Perform backup verification to ensure integrity
of backup
Kindly change the specification to “Perform backup
verification for all backed up data to ensure
integrity of backup without restoring the data from
disk based backup appliances.”
Justification: Backup verification by restoring the
data can take a lot of time and resources, an
appliance should be proposed which can validate
the integrity of all backed up data without restoring
it, hence saving time and effort.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
212
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
57Support full, incremental, scheduled and on-
demand backups
Support full, incremental, scheduled,
on-demand backups, block based backups for
LINUX, WINDOWS, VMWare, Hyper-V, Exchange.
Justification: Block based backups allow faster
backups and restore for large file systems without
exerting any effort on the underlying systems.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
213
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
57
Provide additional programs and utilities
for the purpose of backup and recovery
and administration
Kindly change the specification to “Provide
additional programs and utilities
for the purpose of backup and recovery and
administration and should support data transfer
from clients to target device (tape, disk or object
storage) without need of a media server ever.”
Justification: The following specification allows cost
effective deployment of backup environment for
the solution. With growth of data more media
servers are required to send the data to the target
devices, the following specification asks vendors to
provide intelligent capability of sending data from
clients to the target media without need of media
servers ever, hence reducing costs, management
and administration of backup environment.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
214
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
141
Supported Backup Software: Should support
industry leading backup software such as Veritas
NetBackup.
Supported Backup Software: Should support
industry leading backup software such as DellEMC
NetWorker , Veritas NetBackup etc.
RFP conditions prevails
Supported Backup Software:
Should support industry leading
backup software such as Veritas
NetBackup, etc.
215
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery
NA
1. RFP mentions archival specifications which are
generic, clarification is required as to what needs to
be archived files, mails etc.
2. 4. RFP mentions that there are three
environments Prod, Dev, DR is backup required for
all ? since these are different environments
(logically and physically separated as per RFP) what
is the amount of data that has to be protected at
each site.
3. 6. On page 139 “Retrieval time for any data
stored on secondary storage should be max. 4 hours
for critical data & 8 hours for other data. This would
be taken into account for SLA calculation. (Critical
data means any data needing urgent attention by
the Judicial System or by Police Dept. for
investigation / terrorist treat perception).”
Requesting for information on amount of critical
data which may be needed to be restored in 4 hours
since restore times depend on amount of data,
network and restore location.
RFP conditions prevailsBidder shall maintain standard
Industry parctice
216
Volume-2, Section
5.2 Data Center and
Disaster Recovery,
Subsection : Servers
135
Network interface:
• 2 X 20GbE LAN ports for providing Ethernet
connectivity
(20GbE is proprietary to a specific OEM, need to
change it to 2x10GbE or 4x 10GbE, secondly when
they are asking for a 10G switch in the chassis it
defeats the purpose of taking 20GbE port on blade
server)
Please refer to the corrigendum 6
217
Volume-2, Section
5.2 Data Center and
Disaster Recovery,
Subsection : Blade
Chassis
Specifications
136
Dual network connectivity of 10 G speed for
each blade server for redundancy shall be
provided
Two hot-plug/hot-swap, redundant 10 Gbps
Ethernet or FCoE module with
Need clarity are they looking for 4x10G switches or
only 2x 10G switchesRFP conditions prevails Two No. of switches in redundancy
218Volume 2, 13
ANNEXURE 2221
Client Workstations :Windows 7 Pro, Ultimate or
Enterprise, 64-bit
OS asked is whereas the current offered OS by
Microsoft is Windows 10 Pro. Hence request to
change the same to Windows 10 Pro
RFP conditions prevailsBidder can provide current OS to
comply the functionality
219Volume 2, 13
ANNEXURE 2221
Client Workstations : Nvidia GeForce GT430 PCIe
Nvidia GeForce GTX460 PCIe
or faster.
Asked Graphics card are Nvidia GeForce GT430 PCIe
or Nvidia GeForce GTX460 PCIe. GeForce are
consumer series graphics card meant for gaming.
Request you to kindly change this to 1GB
professional series AMD/Nvidia graphic card
RFP conditions prevails
220Volume 2, 13
ANNEXURE 2221 Client Workstations : Min 22 Inch or Higher
Asked monitor is min 22 inch, however the standard
size is 21.5inch. Hence request you to kindly
ammend it to min 21.5inch or higher
Please refer to the corrigendum 6
221Volume 2, 13
ANNEXURE 2227
Monitoring Workstations : 22” TFT LED monitor,
Minimum 1920 x1080 resolution, 5 ms or
better response time, TCO 05 (or higher)
certified
Asked monitor is min 22 inch, however the standard
size is 21.5inch. Hence request you to kindly
ammend it to min 21.5inch or higher
Please refer to the corrigendum 6
222Volume 2, 13
ANNEXURE 2Page No : 228
Monitoring Workstations : SMPS; Minimum 400-
watt Continuous Power Supply with Full
ranging input and APFC. Power supply should be
90% efficient
with EPEAT Gold certification for the system.
Asked Power supply is Min 400 watt. Due to
technological advancement the equipment are
becoming more and more power efficent and
require less power, hence request you to kindly
chane this to Min 360 watt.
RFP conditions prevails
223Volume 2, 13
ANNEXURE 2Page No : 228
Monitoring Workstations : EPEAT Gold
certification for the system.
Asked is EPEAT Gold Certification, We request you
to kindly change this to EPEAT SilverRFP conditions prevails
224Volume 2, 13
ANNEXURE 2Page No : 227
Monitoring Workstations : BIOS controlled
electro-mechanical internal chassis lock for the
system
Asked is BIOS controlled electro-mechanical internal
chassis lock for the system which is OEM specific,
we suggest external locking arrangement which is
better controllable and cost effective
RFP conditions prevails
225
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 64 of 245
The DCMS shall be able to decode, transmit,
manage, and display the following formats of
digital streaming video:
• MPEG-4
• H.264
Should be changed to:
The DCMS shall be able to decode, transmit,
manage, and display the following formats of digital
streaming video
since H.264 is the
advanced codecRFP conditions prevails
226
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall have a seamless interface within
the VMS UI of the CCTV. All DCMS interactions
within the Video Management System shall be
no more than three (3) mouse clicks to execute
a DCMS function. The DCMS UI shall have the
ability to run independently while the Video
Management System is running.
Should be changed to:
The DCMS UI shall have the ability to run
independently while the Video Management System
is running.
The clarification sought is
more simplifiedRFP conditions prevails
227
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be accessible on any networked
workstation or networked monitor with OPS on
the ICCC network.
Should be changed to:
The DCMS client could be installed in required
workstation
The assked video wall is
not multi networked based
hence clarification and
change sought.
RFP conditions prevails
228
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 66 of 245
The DCMS shall be able to run a minimum of
twenty (20) workstation client software
instances simultaneously.
Should be changed to:
The DCMS shall be able to run a minimum of ten
(10) workstation client software instances
simultaneously.
The clarification sought is
more simplifiedRFP conditions prevails
229
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 66 of 245
The DCMS shall have the ability to self-monitor
and provide alerts to the administrator and
designated users via e-mail.
Should be changed to:
The DCMS shall have the ability to provide alerts to
the designated users via e-mail.
The clarification sought is
more simplifiedRFP conditions prevails
230
Vol_1,
2.29 Eligible Goods
and Services, and
OEM Criteria:
29
h. The bidder’s proposed OEM(s) for the
following solutions must be included in
the Gartner magic quadrants (in either Leaders
or Challengers quadrant) as on
the day of submission of bid. Gartner Reports
released in the last 1 year to be
referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
iii) Enterprise Network Firewalls
iv) Intrusion Prevention Systems
v) Modular Servers
1. This section mentions that proposed OEM(s) for
the following solutions must be included in
the Gartner magic quadrants (in either Leaders or
Challengers quadrant) as on
the day of submission of bid. Gartner Reports
released in the last 1 year to be for Wired and
Wireless LAN Access
2.Tender asks for Edge Level Switch Industrial grade
switch. . OEM to be in IDC / Gartner report. This
report is not applicable for Industrial switches, but
applicable for commercial Ethernet equipment.
The applicable reports for industrial Switches are
ARC /IHS reports.
None of the top manufacturers of Industrial
Ethernet equipment do fall in the IDC / Gartner
report.
Such specs do not allow the top global Industrial
Ethernet companies to participate in this prestigious
tender.
https://www.arcweb.com/
https://ihsmarkit.com/
We request to please consider Industrial Edge Level
Switch OEM market share by means of ARC/IHS
report
RFP conditions prevails
231
Industrial outdoor switch specs are missing. Which
need to have for connecting the camera and other
devices at outdoor juction box. Request to provide
the same
RFP conditions prevails
232 Vol 1 Addittion
Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be deployed in at least 1 city in India and
must be operational for more than a year with 3 use
cases mentioned in the tender.
This will ensure the
proposed CCC solution is
working as per customer
expectations and capable
of delivering desired
outcomes in Indian
conditions. Relevance of
min. 3 use-case will prove
the depth and integration
capabilities of the product.
RFP conditions prevails
233 Vol 1 Addittion
·Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should have min 1 deployment in cloud and min 1
deployment on-premises in India - Bidder to submit
OEM undertaking / Work Order / Purchase Order for
same. As multiple city technology are going in cloud,
ICCC solution must have experience in cloud
technology integration.
For the obvious advantages
of Cloud technology based
deployments, many cities
are starting to outsource
more and more elements
of their Smart City ICT & IT
infrastructure to cloud
service providers. As
multiple city technology
are going in cloud, CCC
solution must be
thoroughly proven for
cloud based deployments
and integrations. Also, for
any of the existing legacy
infrastructure or for
system which can be better
hosted locally, the CCC
should have On-premises
capabilities as well.
RFP conditions prevails
234 Vol 1 Addittion
Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be deployed in 5 cities globally with
minimum 3 smart city use cases either on Cloud or
On-premise architecture.
This will ensure the
proposed CCC product is of
Global/International
Standards and
meets/fulfills all
parameters required for
the Smart City use-case
domains. Relevance of
min. 3 use-case will prove
the depth and integration
capabilities of the product.
RFP conditions prevails
235 Vol 1 Addittion
Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be either be from Single OEM OR should be
pre-integrated and operational for more than a year
in a City locally or globally. OEM need to submit
project experience and undertaking on same.
Single OEM for Pre-
Integrated Visualization
layer & Normalization / IOT
platform will ensure
watertight integration,
seamless and trouble-free
operations. If not single
OEM, than propose
solution to be working
successfully for over 1 will
ensure the proposed
combination of products
are working as per
expectations and capable
of delivering desired
outcomes
RFP conditions prevails
236 Vol 1 Addittion
Smart City Platform/Software provider should be
Member of Smart Cities Council & Navigant
Research Report for Smart Cities Suppliers.
This will ensure the
proposed CCC product is of
Global/International
Standards and
meets/fulfills all
parameters required for
the Smart City use-case
domains.
RFP conditions prevails
237 Vol 1 Addittion
OEM should have registered office in India at least
from last 10 Years and should have software
development center and Research & Development
Lab in India.
Relevance of time will
prove the depth and
capabilities of the product
& its strategy, market
presence, staying power,
support mechanism.
RFP conditions prevails
238 Vol 1 Addittion
Bidder need to submit OEM's data sheet, ordering
guide & API document available on the public
domain along with bid document.
Documentary evidence to
substantiate capabilities of
proposed solution /
product, Product
Performance & Features,
Integration capabilities,
etc.
RFP conditions prevails
239 Vol 1 Addittion
OEM must be single legal entity or its holding
company, having annual revenue of more than INR
100 Crores in the last two financial years (2014-15
and 2015-16) either in India or Globally and at the
same time be profitable in last the 3 financial years
This will ensure no
smalll/local players
participate in the process
and only repuated brands
with expierence of industry
come forth.
RFP conditions prevails
240 Vol 1 AddittionOEM should have atleast 4 spare depots in the
country for material replacement and support
This again will ensure no
Chinese/Taiwan/Israel etc.
type of compaines who do
not have a support base
are able to participate.
RFP conditions prevails
241 Vol 1 Addittion
OEM should have executed atleast 5 mission-mode
projects of state or central government like SDC.
SWAN etc.
OEMs with past expierence
of executing mission
critical projects should be
preferred
RFP conditions prevails
242Volume 2, | Section
2.3.1 (Collaboration)46
The platform should allow the stakeholders to
be notified of the creation of collaboration
spaces using SMSs and announcements over
PSTN telephone calls.
Request you please change clause as "The platform
should allow the stakeholders to be notified of the
creation of collaboration spaces using SMSs
/announcements over
PSTN telephone calls/Emails.
RFP conditions prevails
The platform should allow the
stakeholders to be notified of the
creation of collaboration spaces
using SMSs /announcements over
PSTN telephone calls/Emails.
243
Volume 2 | Section
2.3.1 (Incident
Management)
59
MSI has to provide an appropriate tools for
incident and SLA management for the SLA
Parameters defined in Vol. 3 of this RFP
Request you to please remove " SLA Management"
becasuse SLA management is part of "EMS" which is
already asked in RFP.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
244
Vol 2 | 1.4
Finalization and
submission of a
detailed technical
architecture
12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based
Authentication and Authorization, in accordance
with IT Act 2000, using the Digital Certificates
issued by the Certifying Authorities (CA). In
particular, 3 factor authentications (login id &
password, biometric and digital Signature) shall
be implemented by the MSI for
officials/employees
involved in processing citizen services.
1. Should the PKI based Auth & Auth solution be
deployed on- premise or cloud?
2. How many Digital Signature Certificates would be
required?
3. Should the application have the ability to just
validate DSC's or even issue DSC's?
4. Is Aadhar based authentication permitted too or
its just DSC?
5. What are the specifications of biometric systems
that should be integrated?
6.Can we expect that the biometric hardware
existing or new will have capability to integrate?
Should one quote for the biometric hardware too?
7. Should the biometric fingerprints be validated by
Aadhar ID or any other software?
8. Is a OTP based auth required?
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
245
Vol 2 | 1.5 Other
expectations from
MS
17 26. Build and certify ICCC as per ISO 27001:2011 standards
Is the expectation of ICCC platform to be ISO 27001
certified? In ISO 27001, 2011 standard isn't specified
in ISO Standards. Need further details.
RFP conditions prevails
246
Vol 2 | 2.1
Environmental
Sensors:
21Functional Specs: CO upto 1000 ppm, Technical
Specs Range: CO : 0 – 31 ppm
Can you please clarify the difference? Should the
range be ppb or ppm in tech specs?RFP conditions prevails
247Vol 2 | 2.2 Variable
Message Sign Board25
The real time information can also be
pushed manually from ICCC as well as system
should capable to take
the data from the cloud for display on the board
Should application also be deployed on cloud to
send messages to VMS?RFP conditions prevails
Data can be taken from the cloud,
application will be hosted in SDC
248
Vol 2 | 2.3
Centralized
Command & Control
Centre
29
MSI shall also be responsible for dismantling
temporary command and control centre as and
when final ICCC is finalized. Shifting of existing
equipment from temporary to final location
shall also be under the scope of MSI
What's the SLA expected during this shift? Is there
any permitted downtime?RFP conditions prevails
LSCL is providing Final ICCC
Building
249
Vol 2 |2.3
Centralized
Command & Control
Centre
29
MSI should also continuously monitor all the
infrastructure/Servers/Routers/etc which
has been built as part of this RFP
What about monitoring of the sensor health and
sensor data correctness, sensor gateway health
status, battery life, warranty monitoring, security
issues coming from firmware, sensor performance
management?
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
250
Vol 2 | 2.3.1
General
Requirements: Point
23
50
Integrate with other 3rd party applications
seamlessly.
The response time of the analytical tools used
should be less than 10 sec
Can you clarify if its 3rd party applications or 3rd
party application data sources/apis?
Response time of an analytical tool varies from case
to case based on the amount of data that should be
processed. If one is looking at monthly data it could
show up in less than 2 sec. If its yearly data it could
vary. Request to remove this clause. Application
response time can be less but for reporting engines,
it may not be the case
RFP conditions prevails
251Vol 2, 3.1 Unified
Smart Mobility Card:82
Scope of Work: The MSI is expected to integrate
the services of various
departments into Lucknow Metro card so as to
achieve the concept of One City-One
Card. Below are the minimum list of the
services/ departments that are expected to
be taken for the integration:
1. What is the integration required for Smart
Mobility Card to ICCC?
2. Will MSI be given access to LMC Application to
integrate the services?
RFP conditions prevails
252
Vol 2, Geographical
Information System
(GIS) & GIS City
Portal
85 3D Data of city
Will 3D data of city be provided as part of GIS
Platform or should be added? If it has to be added,
should 3D data modelling be considered too?
Please refer to the corrigendum 6
253
Vol 2, Geographical
Information System
(GIS) & GIS City
Portal
86
8 Core Arc GIS Server on Active-Active mode
along with two Desktop advanced are
already existing and the MSI shall evaluate the
sizing as per their requirement of the
system and also has to maintain the existing city
portal and the upgrade system for
5 years
Till when are the existing ArcGIS licenses valid?
Is there already a web GIS server?
Is the expectation to use ArcGIS platform only or
propose another based on the specs given further in
the RFP page 97 onwards?
Please refer to the corrigendum 6
254
Vol 2 | Technical
Requirement | WAN
/ Internet Router
132Bandwidth: Bandwidth on demand for cost
effective connection performance enhancement
Request you yo please specify the throughtput (min
& max) that’s needs to be considered.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
255
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Dual network connectivity of 10 G speed for
each blade server for redundancy shall be
provided
Request to modify the specification: " Dual network
connectivity of 20 G uplink bandwidth for each
blade server for redundancy shall be provided "
Dedicated uplink
bandwidth of 20 Gbps per
server will ensure optimum
performance fior
demanding workloads
RFP conditions prevails
256
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plugs/hot-swap redundant 16 Gbps
Fiber Channel module for connectivity to the
external Fiber channel Switch and ultimately to
the storage device
Request to modify the specification: "Two hot-
plugs/hot-swap redundant 16 Gbps Fiber Channel or
FCOE module for connectivity to the external Fiber
channel Switch and ultimately to the storage
device"
Latest generation blade
architectures support dual
converged modules for IO
connectivity for carry LAN
and SAN traffic. This helps
in simplification, lower
cabling, power & cooling
without compromising
throughput. We support
dual converged modules to
carry both LAN & SAN
traffic. Hence kindly allow
for coverged IO modules.
Please refer to the corrigendum 6
257
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Provision of systems management and
deployment tools to aid in blade server
configuration and OS deployment
Request to modify this clause to "Provision of
systems management and deployment tools to aid
in blade server configuration and OS deployment
along with centalized management solution in HA
for single pane of glass view for configuration,
monitoring & management "
There should be
centralized management
dashboard for all the
chassis and blade servers
in a given data center for
single pane of glass view
RFP conditions prevails
258
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136 Minimum 1 USB portRequest you to modify this to " Minimum 1 USB
Ports at Blade Server or Chassis level "RFP conditions prevails
259
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plug/hot-swap, redundant 10 Gbps
Ethernet or FCoE module with minimum 16
ports (cumulative), having Layer 2/3
functionality
Request you to modify this to " Minimum Two hot-
plug/hot-swap, redundant 10 Gbps Ethernet or FCoE
module with minimum 16 ports (cumulative), to
meet uplink bandwidth per server for a fully loaded
chassis "
Sufficient bandiwtdh
shiuld be provisioned
considering fully loaded
chassis even if not all blade
slots are populated. This
will maintain the same
optimum performance
level & investment
protection even in case of
any future expansion of
number of blades in the
given chassis
RFP conditions prevails
260
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plugs/hot-swap redundant 16 Gbps
Fiber Channel module for connectivity to the
external Fiber channel Switch and ultimately to
the storage device
Request you to modify this to " MinimumTwo hot-
plugs/hot-swap redundant 16 Gbps Fiber Channel
module for connectivity to the external Fiber
channel Switch and ultimately to the storage device
to meet uplink bandwidth per server for a fully
loaded chassis "
Sufficient bandiwtdh
shiuld be provisioned
considering fully loaded
chassis even if not all blade
slots are populated. This
will maintain the same
optimum performance
level & investment
protection even in case of
any future expansion of
number of blades in the
given chassis
Please refer to the corrigendum 6
261
Vol 2 | Technical
Requirement |
Servers
135
Processor:
• Latest series/ generation of 64 bit x86
processor(s) with Ten or higher Cores
• Processor speed should be minimum 2.4 GHz
• Minimum 2 processors per each physical
server
Request to Modify to " Processor:
• Latest series/ generation of 64 bit x86 processor(s)
skylake processors
• Processor speed should be minimum 2 GHz
• Minimum 2 processors per each physical server"
The current series by Intel
is teh Skylake chipset
which are more efficient
and perfromance oriented.
Also the bidder should be
let to decide the no. of
core per processor in order
to have teh best suitable
robust solution
RFP conditions prevails
262
Vol 2 | Technical
Requirement |
Servers
135
Internal Storage:
• 2 x 300 GB SAS (10k rpm) hot swap disk with
extensible bays
Request to Modify to " Internal Storage: 2 x 300 GB
SAS (10k rpm)"
The blades storage is
required only to hots the
OS binaries and metadata
rest all storage would be
required on external
storage as the servers are
external devices bootable
and is best recommended
as per best practice laws.
RFP conditions prevails
263
Vol 2 | Technical
Requirement | Anti-
APT
154
Solution must be custom built Anti•APT solution
and must not have network perimeter security
component part devices like firewall and IDS/IPS
Request to change to below , as custom built
solution can be easily compromised :-
Solution must not be a custom built Anti APT
solution and must not have network perimeter
security component part devices like firewall and
IDS/IPS
Request to change to
below , as custom built
solution can be easily
compromised
RFP conditions prevails
Dedicated Custom built APT
solutions offer dedicated
resources to do analysis of
unknown threats with higher
acceleration instead of
UTM/Firewall based devices
having multiple security layers
hosted on shared resources.
264
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should use customizable
OS sandboxes for detecting zero day malwares,
This should not be a CPU or chip based function.
Request to Remove this clause As custom built solution
can be easily compromisedRFP conditions prevails
265
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should be able to detect
lateral movement (East West) of the attacker
without the need of installing agents on
endpoint/server machines.
Request to change as per below:
The proposed solution should be able to detect
lateral movement (East West) of the attacker with
or without the need of installing agents on
endpoint/server machines.
Incase of Anti APT lateral
movement (East West)
may not have actual
visibility without an agent
RFP conditions prevails
266
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should support Multiple
protocols for inspection. Example :• HTTP, FTP,
SMTP, SNMP, IM ,IRC,DNS and P2P protocols
Internal direction :SMB ,Database protocol
(MySQL, MSSQL, Oracle) on a single device
Request to Change the Clause As "The proposed
solution should support Multiple protocols for
inspection. Example HTTP,HTTPS SMTP, IMAP,
POP3, FTP NetBIOS-ssn (SMB)"
Specific to OEM RFP conditions prevails
267
Vol 2 | Technical
Requirement | Anti-
APT
156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
Request to Change the Clause As :- The proposed
solution should be able to run at least 5000 files a
day for sandboxes analysis of payload and on
premise sandbox solution should have the
capability to allow manual submission of suspicious
files for analysis
Different OEM use
different mechanism to
size their sandbox solution
hence requesting change
RFP conditions prevails
268
Vol 2 | Technical
Requirement | Anti-
APT
156
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
Request to Change the Clause As :- sandbox
solution should support following operating systems
( Win7 Win 10, )and must have the capability to
analyse large files and must be able to support more
than 50MB file size.
Different OEM use
different solution hence
requesting change
RFP conditions prevails
269
Vol 2 | Technical
Requirement | Anti-
APT
156
The solution should allow administrator to
categorize files as safe based on Hash values
(MD5) and proposed solution should be able to
provide customizable sandbox to match
customer's endpoint environments.
Request to Change the Clause As :-The solution
should allow administrator to categorize files as safe
based on Hash values (MD5/SHA 256) and proposed
solution should be able to provide sandbox to
match customer's endpoint environments.
MD5 Hash has problem of
overlapping hence
requesting change
RFP conditions prevails
270
Vol 2 | Technical
Requirement | Anti-
APT
156
The Proposed solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for
Sandboxing. This requirement should be based
on virtual execution and should not be
Hardware or chip based function
Request to Remove this clause , as custom built
solution can be easily compromise:- The Proposed
solution should support Windows 7 & Windows 10
operating environments for Sandboxing.
As custom built solution
can be easily compromisedRFP conditions prevails
271
Vol 2 | Technical
Requirement | Anti-
APT
157
Solution must be capable of performing multiple
file format analysis which includes but not
limited to the following: LNK, Microsoft objects,
pdf, exe files, compressed files, .chm, .swf, .jpg,
.dll, .sys, .com and .hwp
Request to Change the Clause As :- Solution must
be capable of performing multiple file format
analysis which includes but not limited to the
following: Microsoft objects, pdf, exe files,
compressed files, .chm, .swf, .jpg .dll, com
Different OEM support
different file types and
hence requesting change
RFP conditions prevails
272
Vol 2 | Technical
Requirement | Anti-
APT
157
The proposed solution should support exporting
of analysis results such as C&C server IP and
malicious domain listing and solution should
have capabilities to scan inside password
protected Archive and should have capabilities
to detect Malwares and Spywares on windows
and non-windows platforms.
Request to Change the Clause As :-The proposed
solution should support exporting of analysis results
such as C&C server IP and malicious domain listing
and solution should have capabilities to scan inside
Archive and should have capabilities to detect
Malwares and Spywares on windows and non-
windows platforms.
Specific to OEM RFP conditions prevails
273
Vol 2 | Technical
Requirement | Anti-
APT
157
The proposed solution should have option to
configure unrestricted internet for sandboxes
and proposed solution must have capabilities to
detect Mac, Linux and mobile malwares.
Request to Change the Clause As :-The proposed
solution should have option to configure
unrestricted internet for sandboxes and proposed
solution must have capabilities to detect malwares
& their behaviors .
Specific to OEM RFP conditions prevails
274
Vol 2 | Technical
Requirement | Anti-
APT
157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. Anti•APT
solution should share intelligence with
endpoint, security web gateway solution, HIPS•
server security & NIPS, similarly endpoint and
security web gateway, NIPS & HIPS(Server
Security) should submit files to AntiAPT solution
for analysis and all three (Anti•APT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console.
All of these functionalities are part of antivirus
solution hence we request you to remove these
clause as Anti-malware solution focuses more on
zero day and unknown threats.
This would restrict the
participation of renowed
OEM in proposing their
best of breed solution as it
allow only OEM to
participate
RFP conditions prevails
Proposed Anti-APT solution should
share Indicators of compromise for
mitigation based on sandbox
analysis with Endpoint AV, HIPS,
Web security and Email security
solutions to block unknown threat
and should manage through single
management console.
275
Vol 2 | Technical
Requirement |
Firewall
158Firewall shall have an Intrusion Prevention
System (IPS) with following features
When IPS is already asked why Firewall has IPS
capabiltiies only added in firewall sectionRFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
276
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151
Intrusion Prevention System (NIPS) should be
based on purpose-built platform that has Field
Programmable Gate Arrays (FPGAs), On-board
L2 Switch and dual plane architecture for Data
and control plane and NIPS should be
independent standalone solution.
Request for change as FPGA is OEM specific ask, this
would restrict other renowned/leaders in market
from participation.
RFP conditions prevails
FPGA technology is helpful in
boosting overall system
performance, both by performing
tasks at wire speed and by
reducing CPU load to achieve
desired performance
277
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151Must support full redundancy solution (Active-
Passive, Active Active)
Request for the change to Must support full
redundancy solution (Active-Passive/Active Active)
for all deployment options - Passive/ Inline-
set/Routed
RFP conditions prevails
278
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The proposed IPS solution must support
Adaptive Filter Configuration(AFC)
which will alert or disable ineffective filter in
case of noisy filters
Request for the change - The proposed IPS solution
must support Adaptive Filter Configuration(AFC) or
equivalent methods which will alert or disable
ineffective filter in case of noisy filters/signatures
RFP conditions prevails
279
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The proposed IPS must have real 10Gbps
throughput with atleast 60 million concurrent
sessions and 450,000 new connections per
second with <40 ms latency.
Please change the clause to - "The proposed IPS
must have real 10Gbps throughput with atleast 6
million concurrent sessions and 50,000 new
connections per second." As with standard port
offering of 10*8G = 80Gbps is far higher than the
Real world throughput asked; so as the box is
oversized; request you to consider the change.
RFP conditions prevails
280
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The IPS vendor should be in Gartner leader’s
quadrant in latest report. IPS
vendor must be in the recommended products
in the latest NSS report.
Request for the change to - The IPS vendor should
be in Gartner leader’s quadrant in latest report from
last 3 years. IPS vendor must be in the
recommended products in the latest NSS report.
RFP conditions prevails
281
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The IPS filter must support network action set
such as Block (drop packet),
Block (TCP Reset), Permit, Trust, Notify,
Trace(Packet Capture), Rate Limit and
Quarantine
Request you to change the clause to - The IPS filter
must support network action set such as Block (drop
packet), Block (TCP Reset), Permit, Trust, Notify,
Trace(Packet Capture), Rate Limit. Quarantine is
feature available in most HIPS solutions, and
product asked is Network IPS, hence request you to
remove quarantine word.
RFP conditions prevails
282
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
IPS solution must have vulnerability based filter
which are known for most
effectively for Zero Day Attack Protection and
ZDI technology should be inbuilt.
Request to remove word- ZDI as it is OEM specific
techonology and other renowned OEM in industyr
support equivalent technology with different
terminology.
RFP conditions prevails
IPS solution must have
vulnerability based filter which are
known for most effectively for
Zero Day Attack Protection and ZDI
technology/equivalent should be
inbuilt.
283
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
152
The proposed IPS must provide bandwidth rate
limit to control the unwanted/nuisance traffic
such as P2P, Online Game, etc
Request to remove this clause as separate Firewall
is asked in RFP, Firewall are capable of application
based filtering and would be better place to control
application based on bandwidth.
RFP conditions prevails
284
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS vendor must provide a global
threat intelligence portal that provide real-time
monitoring and statistics of malicious threats
and attacks and NIPS should integrate with
sandboxing to submit unknown files in
sandboxing for simulation and create IOC's on
real time basis as per
sandboxing analysis and revert back to NIPS to
block threats and sandboxing solution should
support customizable Windows 7/8/10 and
Microsoft 2008/12 operating environments for
Sandboxing with at least 60 virtual instances
running in single sandboxing box
Different OEM use different sizing parameter and
hence requesting to remove this clauseRFP conditions prevails
285
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS system must support SNMP
and a private MIB that can beutilized from an
Enterprise Management Application such as HP
Open view, MRTG, etc.
Please change the clause to - "The proposed IPS
system must support SNMP and a private MIB that
can beutilized from any SIEM"
RFP conditions prevails
286
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS system must be able to be
managed locally independently without any
centralised management server
Request you to remove this clause; as Centralized
Management Console adds true value to the
architecture where event correlation,
administration, deployment, policy change could be
managed from centralized console removing
network and administrative overhead.
RFP conditions prevails
287
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
154
The management server must support the
archiving and backup of events and export to
NFS, SMB, SCP and SFTP and must allow the
report to be exported into other format such as
PDF, HTML, CSV, XML etc
Request you to consider the change - "The
management server must support the archiving and
backup of events and export to NFS, SMB, SCP/SFTP
and must allow the report to be exported into other
format such as PDF/HTML/CSV/XML etc" as Most
common formats for reports and data backup are
available in the management server.
RFP conditions prevails
The management server must
support the archiving and backup
of events and export to NFS, SMB,
SCP/SFTP and must allow the
report to be exported into other
format such as
PDF/HTML/CSV/XML etc"
288 Firewall 159
Firewall shall have following user authentication
capabilities: • XAUTH VPN, Web based, 802.X
authentication
Firewall shall have following user authentication
capabilities: • XAUTH VPN, Web based/802.X
authentication
The 802.X authentication is
for wireless or port based
authentication on Switch.
This authentication is not
related to Firewall and
spcific to an OEM. Please
ammend the clause
accordingly.
RFP conditions prevails
289
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The advance secuirty solution should provide proxy,
caching, content filtering, SSL inspection, protocol
filtering, inline AV and content inspection ( 1000+
predifined pattern) in block mode on the same
Appliance. The solution should have at least 20+
million websites in its URL filtering database and'
should have pre-defined URL categories and
application protocols along with YouTube, Facebook
and linked-in controls. Solution vendor should
ensure that 100 predefined categories & 100+ pre-
defined protocols.
The web channel became
significantly more
malicious, both as an
attack vector and as the
primary support element
of other attack trajectories
(e.g., social, mobile, email).
there is nearly 6-fold
increase in malicious sites
overall. Moreover, 85
percent of these sites were
found on legitimate web
hosts that had been
compromised. It is
suggested to have Inline,
real-time information
security to prevent web-
borne threats.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
290
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The data secuirty solution should inspect the
sensitive content through 1500 pre-defined
templates, textual content inside
image,commulative content control and inspection
through web and email channel. The data end point
solution should inspect data leaks over HTTP ,
HTTPs and SMTP. The solution should be able to
block outbound emails sent via SMTP if its violates
the policy. Endpoint solution should support win 32
and 64 bit OS, Mac & Linux OS,Support wide variety
of platforms. The solution should be able to enforce
policies to detect data leaks even on image files
through OCR technology and should enforce policies
to detect low and slow data leaks
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
291
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The solution must be present in the latest Gartner's
Leader/Challanger quadrant for Data Loss
Prevention and Web Security . The OEM should
have own TAC center in India.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
292
Volume 1,Pre
qualification ,point
no. 2
35
The Sole Bidder or the Lead Bidder of
consortium should have an average annual
turnover of minimum INR 10 crore with
minimum average turnover of INR 5 crore from
one or more of the “specific business areas”
mentioned below over the last three financial
years and, in case of a Consortium, the average
annual turnover for each of the consortium
members over the last three Financial Years
should be INR 2.5 crore or more from one or
more of the “specific business areas” mentioned
below:
mobile app
capability
It is a large scale System Integration Project having
complex requirement of integrating to various
systems. In order to execute such projects it is
essential for the bidders to have prior experience in
ICT/IT Infrastructure/ IT system Integration in any
sector. It is very difficult to have such revenues
come from the four components specified and
implementation of most of the components are
recently started in India. Hence we request you to
consider the following clause
The Sole Bidder or the Lead Bidder of consortium
should have an average annual turnover of
minimum INR 40 crore with minimum average
turnover of INR 20 crore from one or more of the
“specific business areas” mentioned below over the
last three financial years and, in case of a
Consortium, the average annual turnover for each of
the consortium members over the last three
Financial Years should be INR 10 crore or more from
one or more of the “specific business areas”
mentioned below:
mobile app
capability
Please refer to the corrigendum 6
293Volume 1,Section
2.2929
The proposed OEM should have installed base
of at least 20% of the quoted product or
technology
This clause is very Subjective and is not applicable to
all components.Request you to remeove the clauseRFP conditions prevails
294
Volume 1,Pre
qualification ,point
no. 8
36
The sole bidder or lead bidder should have
completed at least two projects in Govt/
Semi Govt/ PSU; in the field of development and
integration of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT
Since the ICCC is to be implemented DC (on
premise) and DR (cloud ) we request you to amend
the clause as below.
The sole bidder or lead bidder should have
completed at least two. projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / implementation
on cloud on the date of release of NIT during last
five financial years.
RFP conditions prevails
AS per Section 43A of the
IT Act requires that
anycorporate which
possesses, deals or handles
‘sensitive personal data or
information’ through a
computer resource owned,
operated or controlled by
it, maintain and implement
‘reasonable security
practices and procedures’
to protect such
information. If a body
corporate is negligent in
maintaining and
implementing such
reasonable security
practices and procedures
and thereby causes any
wrongful loss or wrongful
gain, it will be liable to pay
295
Volume 1,Technical
qualification ,point
no. 1
37
Average annual turnover from “Specific Business
Areas” as mentioned
below for Sole bidder or Lead bidder (in case of
consortium) over the last
three Financial years
Marks shall be allotted as given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore
= 6.5 marks
•More than INR 20 Crore – up to INR 30 Crore =
6 marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
It is a large scale System Integration Project having
complex requirement of integrating to various
systems. In order to execute such projects it is
essential for the bidders to have prior experience in
ICT/IT Infrastructure/ IT system Integration in any
sector. It is very difficult to have such revenues
come from the four componenets specified and
implementation of most of the components are
recently started in India. Hence we request you to
consider the following clause
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or Lead
bidder (in case of consortium) over the last three
Financial years
Marks shall be allotted as given below:
• More than INR 100 Crore = 7 marks
• More than INR 80 Crore – up to INR 100 Crore =
6.5 marks
•More than INR 60 Crore – up to INR 80 Crore = 6
marks
•More than equal to INR 40 Crore - up to INR 60
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
RFP conditions prevails
296
Volume 1,Technical
qualification ,point
no. B3
42
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,mobile
apps native languages (Android, ioS, Windows,
Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
The documentry evidence asked for this clause will
not be able to justify the clause.So kindly request
you to allow bidders to provide a self certificate
highlighting the technologies and software used for
each of the project experience.
RFP conditions prevails
297 General
This is a Large integration project which includes
various integrations to be done. For such projects
Bidder's Proposed solution should be included
under technical evaluation. So, rrequest you to put
certain weightage to Proof of concept or
Presentation
RFP conditions prevails
298
Vol 1 Section 3.5.1
Technical Bid
Criteria &
Evaluation, B1
39 & 40
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum valuof
INR 15 crore in India during last five years as on
the date of release of RFP.Marks shall be
allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Generally such projects are not so large when
compared to the scope of RFP, as mentioned in the
respective clause. Kinldy amend the clause as :
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned project(s)
related to development and integration of citizen
centric web portal / mobile app components or both
having minimum valuof INR 5 crore in India during
last five years as on the date of release of
RFP.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Please refer to the corrigendum 6
299
Vol 1 Section 3.5.1
Technical Bid
Criteria &
Evaluation, B2
41
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Large scale Utility based enterprise integration
projects are focussed on citizens with various
integrations like Integration with SCADA, payment
gateways, Web Portal, GIS, etc and have similar
nature of work as City Centric Software intrgration.
Request Kindly ammend the clause as:
The Sole Bidder or lead member (in case of
consortium) should have experience in the field of
Enterprise integration/City centric software
Integration Projects during last Five financial years.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
300
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 62 of 245Auto continuous-colour and brightness
management mechanism to be
This shold be changed to:
Auto colour and brightness management
mechanism to be provided
This is specific to a manufacturer hence should be
changed as asked to introduce more competetion
RFP conditions prevails
301
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 64 of 245
The DCMS shall be able to decode, transmit,
manage, and display the following formats of
digital streaming video:
• MPEG-4
• H.264
Should be changed to:
The DCMS shall be able to decode, transmit,
manage, and display the following formats of digital
streaming video
since H.264 is the advanced codec
RFP conditions prevails
302
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall have a seamless interface within
the VMS UI of the CCTV. All DCMS interactions
within the Video Management System shall be
no more than three (3) mouse clicks to execute
a DCMS function. The DCMS UI shall have the
ability to run independently while the Video
Management System is running.
Should be changed to:
The DCMS UI shall have the ability to run
independently while the Video Management System
is running.
The clarification sought is more simplified
RFP conditions prevails
303
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 65 of 245
The DCMS shall be accessible on any networked
workstation or networked monitor with OPS on
the ICCC network.
Should be changed to:
The DCMS client could be installed in required
workstation
The assked video wall is not multi networked based
hence clarification and change sought.
RFP conditions prevails
304
Volume 1: section 3
sub point 3.5.1
(CMM Certification)
39Marks shall be allotted as given below:
•CMM level 5 =3 marks
Marks shall be allotted as given below:
•ISO 9001 & 27001 =1.5 marks
•CMM level 5 =1.5 marks
RFP conditions prevails
305
Volume 1: section 3
sub point 3.5.1
(Project Experience)
39 to 44
1. Web Portal/mobile app
2. City centric software Integration Projects
3. Software Platform
4. Operation & Maintenance
We request,
kindly consider on going project experience also for
evaluation process.
RFP conditions prevails
306
Volume 1: section 6
(Proposed Bill of
material)
78 Proposed bill of material
In line with overall approach for smart city initiative,
the GIS software should added in Bill of Material
seprately as per below:
COTS based GIS desktop - 3 nos.
COTS based Enterprise GIS Suite Server - 1 nos.
Please refer to the corrigendum 6
307
Volume 2: section 4
Sub point 4.1
(Proposed
Technology under
GIS initiative)
86 & 87 Arc GIS Desktop Advanced: 2 unit
We suggest that;
The overall integration done with CCC along with
the help of GIS platform (IT / softwares /
Applications)
We suggest that LSCL should not use a specific
product/software but use New Open COTS based
Geo-spatial Consortium standard certified
Enterprise GIS platform server / desktop products.
Which shall be completely integrated for
Applications and Services.
Please refer to the corrigendum 6
308 General
As we understand prestigious authority like yours
should support Indian company initiatives and
Indian product which are of equal or better
standard than foreign brands also Indian Govt. is
promoting ‘Make in India’ product concept in
various fields including Smart City Projects So, by
mentioning specific foreign brand in a tender is
against the spirit of Make India Program.
RFP conditions prevails
309 General
We also take this opportunity to brief that In-line
with ‘Make in India’ vision, SGL has taken initiatives
and has developed a first indigenous IGiS
(Integrated GIS and Image Processing Software), in
collaboration with world leading space Agency,
Indian Space Research Organization (ISRO). IGiS has
advanced features and functionalities and is
technically at par with the brand mentioned in
tender as per OGC and International Standards.
We are pleased to inform you that our IGiS software
is Integrated GIS & Image Processing Software
having equivalent features & functions to
international softwares like ArcGIS in single
platform
RFP conditions prevails
310RFP Volume 2,
Section 1.411
all the system logs should be properly stored &
archived for future analysis and forensics
whenever desired. The authority would carry
out the security audit of the entire system upon
handover and at regular interval during O&M
period.
In section 1.4, RFP has mentioned the requirement
of security forensics solution, but same has not be
elaborated in the technical specs sheet as done of
other security components. We recommend to
consider Forensic solution to have context
Awareness. The Forensic solution will provide the
complete session information and what happened
during, before and after. Forensic solution can See
the full source and scope of attacks and Arm
incident response teams with clear, concise
answers. This will also help to tighten security
posture.
RFP conditions prevails
311RFP Volume 2,
Section 4.3112
Portal must be secure in all the way and all the
latest security implementations like https, xss,
sql injection, OWASP vunrebelties etc should
be implemented/followed to avoid any hacking
In section 4.3, under minimum Technical &
Functional Requirements of Lucknow smart city
portal, RFP has asked for the security against
security implementations like https, xss, sql
injection, OWASP vunrebelties, this can be done via
WAF, so we recommend the WAF solution to
protect the application from OWA top 10. Rather in
technical specifications of SLB, reverse proxy
function has been requested. Our recommendation
is, It must be in dedicated solution to maintain the
better security and content scanning while upload
any user data to portal. The Proposed solution must
have capability to scan the file up to 1 Gbps and
having Caching feature for enhance end users
experience.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
312
RFP Volume 2,
Section 2.3.1, Point
74
52
Data Protection / Data at rest: Platform should
support encryption for tenant data at rest (on
disk/storage)
Please advise with this functionality are you looking
for hard disc encryption. The solution should also
include File Share Encryption - Policy-enforced file
encryption for collaborating teams.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
313
RFP Volume 2,
Section 2.3.1, Point
74
53
Patch Management: Platform should have
capabilities to patch vulnerabilities across VM
infrastructure, applications and systems.
Request you to please mentioned all the
environment like any other OS etc. It will help to
achieve ISO 27001.
RFP conditions prevails
314
RFP Volume 2,
Section 2.3.1, Point
99
59
appropriate tools for incident and SLA
management for the SLA Parameters defined in
Vol. 3 of this RFP
Are you looking for this functionality for Cyber
security incident as well, for that Forensic solution
to have context Awareness. The Forensic solution
will provide the complete session information and
what happened during, before and after. Forensic
solution can See the full source and scope of attacks
and Arm incident response teams with clear, concise
answers.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
315RFP Volume 2,
Section 4.3110 Security Audit:
Our assumptions is there will be multiple server
and network equipments in network and as per
best practice frameworks including GDPR, HIPAA,
NIST, PCIetc, the proposed tool must have function
to audit for security posture, prioritize remediation,
and reduce risk. Can you confirm is proposed
solution must have Compliance reports: PCI,
HITRUST, HIPAA, SOX, NIST 800-53, GLBA, ISO,
COBIT, ISO-27002, ITIL.
RFP is Self explanatory
316
RFP Volume
2,Section 5.3 Data
Security
146
The system shall include industry standards
based firewall and antivirus, and shall provide
content filtering, tracking, lockdown, and
malware detection and prevention capabilities.
This RFP lines incline towards UTM. We recommend
the proxy/SWG appliance must be in separate
appliance. From an architecture perspective, NGFW
simply repackages traditional firewall technology
and incorporates some advanced firewall features,
making it less secure than the full proxy
architecture. NGFWs use stream-based detection
methodologies, examining the traffic as it streams
by. This means that the firewall can only see a
fleeting portion of malware at any given time,
making it possible for malware to be delivered in
many segmented pieces. Conversely, Proxy
appliance waits for an entire object to be
reassembled and scanned before allowing it to be
delivered. We also recommend that the proxy
solution must be dedicated appliance based
solution and in Gartner leaders Quadrant since last
5 years.
RFP conditions prevails
317
RFP Volume 2,
Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint solution should have capability of AV,
Vulnerability protection, HIPS, Firewall, Device
control, virtual Patching and integrated DLP and
pre and post machine learning execution.
The current specification of Endpoint protection are
specific to one OEM, your are requested to make
specification open for wider participation.
RFP conditions prevails
Vulnerability protection and DLP
capability is required at endpoint
level to address current threat
landscape.
Bidders should provide AV,
Vulnerability protection, HIPS,
Firewall, Device control, virtual
Patching and DLP and pre and post
machine learning execution
capabilities at endpoint
318 RFP Volume 2 150
Solution should have feature to take backup of
ransom ware infected files and restoring the
same and Management Server should support
Active Passive high availability configuration.
Should have central management console for
server security and Anti-APT with sandboxing for
central visibility and control
These specks seems like vendor specific. RFP conditions prevails
Solution should have feature to
mitigate ransomware threat and
Management Server should
support Active Passive high
availability configuration. Should
have central management console
for server security and AntiAPT
with sandboxing for central
visibility and control.
319
RFP Volume
2,Section 5.3 Data
Security, Anti-APT
154
The proposed solution should be able to store
packet captures (PCAP) of all Malicious
communications detected by sandbox.
Please remove this clause as store packet captures
(PCAP) is not Anti-APT functionality, so remove this
clause to remove vendor locking.
RFP conditions prevails
320
RFP Volume
2,Section 5.3 Data
Security, Anti-APT
154
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
This is vendor specific clause, please remove the
same to make it open for leading security vendors
to participate
RFP conditions prevails
Considering Smart City traffic
volume and future scalability
considering unknown malware
threats the proposed solution
should be able to run at least 60
parallel sandboxes for analysis of
payload and on premise
customized sandbox solution
should have the capability to allow
manual submission of suspicious
files for analysis
321
RFP Volume
2,Section 5.3 Data
Security, Anti-APT
154
Endpoints should be able to submit suspicious
files directly to the on premise customized
sandbox solution without the need to be
intercepted by network based security solutions.
This is vendor specific clause, please remove the
same to make it open for leading security vendors
to participate
RFP conditions prevails
Endpoints should be able to
submit suspicious files directly to
the on premise customized
sandbox solution
322
RFP Volume
2,Section 5.3 Data
Security, Anti-APT
154
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyze large files and must be able to support
more than 40MB file size.
This is vendor specific clause, please remove the
same to make it open for leading security vendors
to participate
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
323
RFP Volume
2,Section 5.3 Data
Security, Anti-APT
154The proposed solution should support at least
100+ protocols for inspection.
This is vendor specific clause, please remove the
same to make it open for leading security vendors
to participate
RFP conditions prevails
324
RFP Volume
2,Section 5.3 Data
Security, Anti-APT
154
The proposed solution should have an endpoint
security component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection,
ability to quarantine and clean the infected files,
ability to integrate with Anti APT components
and automatically block/Quarantine zero day
malwares by sharing Indicators of Compromise.
This is vendor specific clause, please remove the
same to make it open for leading security vendors
to participate
RFP conditions prevails
Considering current landscape
possible data leakage due to a
malicious threat is a prominent
concern. Hence DLP capability is
desired at the endpoint channel to
avoid any intentional and
unintentional data exfilteration.
325
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Solution should support stateful Inspection
Firewall, Antimalware, Deep Packet Inspection
with HIPS, Integrity Monitoring and
Recommended scan in single module with
agentless and agent capabilities and Firewall
should have the capability to define different
rules to different network interfaces with
stateful inspection.
These specks seems like vendor specific. RFP conditions prevails
Proposed solution should support
stateful Inspection Firewall,
Antimalware, Deep Packet
Inspection with HIPS, Integrity
Monitoring functionality
326
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Host based IPS should support virtual patching
both known and unknown vulnerabilities until
the next scheduled maintenance window.
Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to server security
solution and sandboxing should have at least
virtual instance of server class OS - Win 2008,
win 2012.
These specks are vendor specific, please remove the
same.RFP conditions prevails
Host based IPS should support
virtual patching both known and
unknown vulnerabilities until the
next scheduled maintenance
window. Solution should have
capability to submit unknown files
to sandboxing
327
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Virtual Patching should be achieved by using a
high-performance HIPS engine to intelligently
examine the content of network traffic entering
and leaving hosts.
These specks are vendor specific, please remove the
same.RFP conditions prevails
328
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Solution should have feature to take backup of
ransom ware infected files and restoring the
same and Management Server should support
Active Passive high availability configuration.
Should have central management console for
server security and Anti-APT with sandboxing for
central visibility and control.
These specks are vendor specific, please remove the
same.RFP conditions prevails
Solution should have feature to
mitigate ransomware threat and
Management Server should
support Active Passive high
availability configuration. Should
have central management console
for server security and AntiAPT
with sandboxing for central
visibility and control.
329
RFP Volume
2,Section 5.3 Data
Security, Anti-Virus
159Antivirus shall include content filtering and data
loss prevention.
These specks are vendor specific, please remove the
same. Else please define what is the level of content
filtering and DLP requirements on the endpoint
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
330
RFP Volume
2,Section 5.3 Data
Security, Anti-Virus
159
Antivirus shall have features to prevent peer to
peer sharing, streaming media, games and other
applications from internet.
These are Web security requirements, please
remove e the same from this sectionsRFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
331
RFP Volume
2,Section 5.3 Data
Security
151, 152 Gartner leader’s quadrant
Presently RFP is asking for the Gartner leader’s
quadrant for only Endpoitn Protection and NIPS,
youa re requested to ask this qualification
uniformaly for other envisaged security coimpoents
as well such as Data Loss Prevention, Secure Web
Gateways, Managed Security Services
RFP conditions prevails
332 Camera Adjustment Tilt: 80° Change in to tilt: 0°~75°
Seeems to specific OEMs
should be Change in to tilt:
0°~75° which is ok enouhg
to fulfill the purpose.
Please make the necessary
changes.
RFP conditions prevails
333 Protection :- Level IP67 Change into Level IP66
Seeems to specific OEMs
should beChange into Level
IP66 which is ok enouhg to
fulfill the purpose. Please
make the necessary
changes.
RFP conditions prevails
334
Field of View 33° to 104° (horizontal) 19° to 56°
(vertical) 39° to 121° (diagonal)Change angle of view: 90.1°~31°
Seeems to specific OEMs
should be angle of view:
90.1°~31° degree which is
ok enouhg to fulfill the
purpose. Please make the
necessary changes.
RFP conditions prevails
335
Certifications Safety UL60950-1 second edition
CSA22.2-No.60950-1
IEC/EN60950-1 second edition IEC/EN60825
RFP conditions prevails
336
Certifications EMCRequirements
Specification
CISPR22 Class B ICES-003
EN50121-4
EN50155
EN50130-4
EN55022
EN55024 EN61000-3-2/-3-3 Class A VCCI Class B
KN22 Class B KN24
RFP conditions prevails
337 Camera Specs Not mentioned in tender.Please review tender document and mention
specifications for required camera.RFP conditions prevails
RFP-Vol-2, Section-
13 (19) (CCTV
System for Control
Room)
239
Change Into CE,FCC,UL Certifications
Seeems to specific
OEMs,Change Into
CE,FCC,UL Certifications
degree which is ok enouhg
to fulfill the purpose.
Please make the necessary
changes.
338 Volume 2 Page No. 11
•Security -The architecture must adopt an end-
to-end security model that protects data and
the infrastructure from malicious attacks, theft,
natural disasters etc. MSI must make provisions
for security of field equipment as well as
protection of the software system from hackers
and other threats. Using Firewalls and Intrusion
Prevention Systems such attacks and theft
should be controlled and well supported (and
implemented) with the security policy. The virus
and worm attacks should be well defended with
gateway level Anti-virus system, along with
workstation level Anti-virus mechanism. There
should also be an endeavour to make use of the
SSL/VPN technologies to have secured
communication between Applications and its
end users. Furthermore, all the system logs
should be properly stored & archived for future
analysis and forensics whenever desired. The
authority would carry out the security audit of
the entire system upon handover and at regular
interval during O&M period.
•Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft, natural
disasters etc. MSI must make provisions for security
of field equipment as well as protection of the
software system from hackers and other threats.
Using Firewalls and Intrusion Prevention Systems
such attacks and theft should be controlled and well
supported (and implemented) with the security
policy. All critical encryption keys to be managed
and audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
The virus and wormattacks should be well defended
with gateway level Anti-virus system, along with
workstation level Anti-virus mechanism. There
should also be an endeavour to make use of the
SSL/VPN technologies to have secured
communication between Applications and its end
users. Furthermore, all the system logs should be
properly stored & archived for future analysis and
forensics whenever desired. The authority would
carry out the security audit of the entire system
upon handover and at regular interval during O&M
period.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
339 Volume 2 Page No. 11
The systems implemented for project should be
highly secure, considering that it is intended to
handle sensitive data relating to the city and
residents of the city. The overarching security
considerations are described below.
I. The security services used to protect the
solution shall include: Identification,
Authentication, Access Control, Administration
and Audit and support for industry standard
protocols.
II. The solution shall support advanced user
authentication mechanisms including digital
certificates and biometric authentication.
III. Security design should provide for a well-
designed identity management system, security
of physical and digital assets, data and network
security, backup and recovery and disaster
recovery system.
Where are we keeping the Private keys of Digital
Certificates ?
As per CCA guidelines Private Keys should be kept in
FIPS 140-2 level 3 certfied HSM only.
HSM should be capable of storing all the provate
keys in FIPS certified Hardware only and never
stored in Software or in File Format (Not even in NV
RAM), also the Complete hardware based storage of
key material for entire Life cycle
Pls Add:- IV. All Encryption Keys for securing
sensitive data must be managed in a FIPS 140-2
Level 3 certified HSM as per Meity Guidelines.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
340 Volume 2 Page No. 12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based Authentication and Authorization, in
accordance with IT Act 2000, using the Digital
Certificates issued by the Certifying Authorities
(CA). In particular, 3 factor authentications
(login id & password, biometric and digital
Signature) shall be implemented by the MSI for
officials/employees involved in processing
citizen services.
Where are we keeping the PKI certificates and
Private Keys ?
Support for PKI based Authentication and
Authorization- The solution shall support PKI based
Authentication and Authorization, in accordance
with IT Act 2000, using the Digital Certificates issued
by the Certifying Authorities (CA). In particular, 3
factor authentications (login id & password,
biometric and digital Signature) shall be
implemented by the MSI for officials/employees
involved in processing citizen services.
Pls Add:- All PKI certificates and Keys used by
officials/employees are to be managed centrally
using a FIPS 140-2 Level 3 certified Hardware based
Key Manager compliant to KMIP Standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
341 Volume 2 Page No 34
This data must be exposed to application eco
system using secure APIs that require
Authenticated Access using API credentials. Keys
must be kept in a FIPS 140-2 Level 3 certified
HSM.
Where are we keeping the Private keys ?
As per CCA guidelines Private Keys should be kept in
FIPS 140-2 level 3 certified HSM only.
This data must be exposed to application eco
system using secure APIs that require Authenticated
Access using API credentials.
Pls Add:- Keys must be stored in a FIPS 140-2 Level
3 certified HSM on in software or in file format in
any of the form.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
342 Volume 2 Page No. 35
The attributes of the API key(s) must restrict /
allow access to relevant data, i.e. (the attributes
can be like: specific domain(either parking or
lighting or waste.
The attributes of the API key(s) must restrict / allow
access to relevant data, i.e. (the attributes can be
like: specific domain(either parking or lighting or
waste.
Pls Add:- This is to be implemented using
Encryption and User based Key Management
techniques. Keys must be kept in a FIPS 140-2 Level
3 certified HSM.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
343 Volume 2 Page No. 37
Platform functionality:- Application
management: Provides role-based access view
to applications. Role based access to be
implemented using CC EAL 5 + certified
Smartcards used as authenticators. Smartcards
should preferably also have RFID based access
capability in addition so that the same can be
integrated with BMS systems.
Application management: Provides role-based
access view to applications. Role based access to be
implemented using CC EAL 5 + certified Smartcards
used as authenticators. Smartcards should
preferably also have RFID based access capability in
addition so that the same can be integrated with
BMS systems.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
344 Volume 2 Page No. 39•The solution shall be available via a VPN as a
web-based interface or a thin-client interface.
•The solution shall be available via a VPN as a web-
based interface or a thin-client interface.
Pls Add:- VPN should use OTP for user access. OTP
token must be numeric grid-pattern based as
industry best practice.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
345 Volume 2 Page No. 51
g) Infrastructure components security: Platform
should support user encrypted storage volumes.
Restrict inbound access from public network
only on secure ports via DMZ proxy instances.
SSH access is restricted with secure key pair and
from designated jump hosts alone. User
management
and authentication is tied to Corporate SSO.
How are you going to encrypt the storage ?
Functional Requirement of Command and Control
Centre Platform:- g) Infrastructure components
security: Platform should support user encrypted
storage volumes through FIPS 140-2 level 3 certified
Key Manager appliance with APIs. Restrict inbound
access from public network only on secure ports via
DMZ proxy instances. SSH access is restricted with
secure key pair and from designated jump hosts
alone. User management and authentication is tied
to Corporate SSO .
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
346 Volume 2 Page No. 51
d) VM Infrastructure security: Platform should
have appropriate technical controls in place to
prevent attacks that target virtual infrastructure
How are you going to encrypt the VM / Hyperwiser
?
Functional Requirement of Command and Control
Centre Platform:- d) VM Infrastructure security:
Platform should have appropriate technical controls
in place to prevent attacks that target virtual
infrastructure through FIPS 140-2 level 3 certified
Key Manager appliance with APIs so that VMs can
be encrypted to avoid unauthorised access.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
347 Volume 2 Page No. 52
Software should support security standards:-
OAuth 2.0, HTTPS over SSL, and key
management help protect the data across all
domains.
How are you going to encrypt theapplication ?
Functional Requirement of Command and Control
Centre Platform:- Software should support security
standards:-OAuth 2.0, HTTPS over SSL, and key
management help protect the data across all
domain through FIPS 140-2 level 3 certified Key
Manager appliance with APIs so that applications
can be accessed by the authorised users only
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
348 Volume 2 Page No. 52
•Data Protection / Production Data integrity:-
Platform should support procedure in place to
ensure production data shall not be replicated
or used in non-production environment.
Which Platformare we refreing here ?
•Data Protection / Production Data integrity:-
Platform should support procedure in place to
ensure production data shall not be replicated or
used in non-production environment.
Pls Add:- . All Encryption Keys for securing
sensitive data must be managed in a FIPS 140-2
Level 3 certified HSM as per Meity Guidelines.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
349 Volume 2 Page No. 52
•Data Protection / Data at rest:-
Platform should support encryption for tenant
data at rest (on disk/storage).
Which Platformare we refreing here ?
•Data Protection / Data at rest:-
Platform should support encryption for tenant data
at rest (on disk/storage).
Pls Add:- All Encryption Keys for securing sensitive
data must be managed in a FIPS 140-2 Level 3
certified HSM as per Meity Guidelines.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
350 Volume 2 Page No. 72
The Biometric/Access card based Access Control
System shall be deployed with the objective of
allowing entry and exit to and from the premises
to authorized personnel only with appropriate
door locks and controller assemble connected
with BMS system. The system deployed shall be
based on proximity as well as biometric
technology for critical areas and proximity
technology for non-critical areas.
The Biometric/Access card based Access Control
System shall be deployed with the objective of
allowing entry and exit to and from the premises to
authorized personnel only with appropriate door
locks and controller assemble connected with BMS
system. The system deployed shall be based on
proximity as well as biometric technology for critical
areas and proximity technology for non-critical
areas.
Pls Add:- The access cards to be used by the BMS
system should also have a logical smartcard chip
that is to be used for Application Role based Access.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
351 Volume 2 Page No. 72
The SI shall provide CCTV system within the
Data center and Command and Control Center
on 24X7 bases. All important areas of the Data
center, Command and Control Center along with
the non-critical areas like locations for DG sets,
entry exit of Command Center, Entry and Exit of
building premises need to be under constant
video surveillance. Monitoring cameras shall be
installed strategically to cover all the critical
areas of all the respective locations and the feed
of the CCTV system should be integrated with
control and command centre.
The SI shall provide CCTV system within the Data
center and Command and Control Center on 24X7
bases. All important areas of the Data center,
Command and Control Center along with the non-
critical areas like locations for DG sets, entry exit of
Command Center, Entry and Exit of building
premises need to be under constant video
surveillance. Monitoring cameras shall be installed
strategically to cover all the critical areas of all the
respective locations and the feed of the CCTV
system should be integrated with control and
command centre.
Pls Add:- The CCTV system should be able to
prevent attacks from IoT botnets such as Mirai and
Reaper by using secure authentication techniques
like PKI. All PKI Keys to be managed and audited
centrally using a FIPS 140-2 Level 3 Hardware Based
Key Manager that supports KMIP standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
352 Volume 2 Page No. 141
All Encryption Keys to be managed and audited
centrally using a FIPS 140-2 Level 3 Hardware
Based Key Manager that supports KMIP
standards.
As Industry Best Practice :-
Pls Add:- All Encryption Keys to be managed and
audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
353 Volume 2 Page No. 143
Database shall provide functionality for
encryption of all sensitive data using secure
encryption/tokenization techniques. All
Encryption Keys to be managed and audited
centrally using a FIPS 140-2 Level 3 Hardware
Based Key Manager that supports KMIP
standards.
How are you going to encrypt the DB?
Database shall provide functionality for encryption
of all sensitive data using secure
encryption/tokenization techniques.
Pls Add:- All Encryption Keys to be managed and
audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
354 Volume 2 Page No. 151
Server protection for storage solution should
support SED drives. All Encryption Keys to be
managed and audited centrally using a FIPS 140-
2 Level 3 Hardware Based Key Manager that
supports KMIP standards.
As Industry Best Practice :-
Pls Add:- All Encryption Keys to be managed and
audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
355 Additionnal
Key Secure Specifications:-
"Key management solution needs to be leveraged
through dedicated FIPS 140-2 Level 3 certified Key
Management appliances with capacity of managing
1 Million Keys per appliance and at least 100
maximum concurrent clients per cluster, to
distribute keys and certificates, and manage
different keys for each group, application and user
in order to prevent access of encryption keys to an
attacker.
Key Management appliance should support
Encryption Algorithms including 3DES, AES-256, SHA-
256, SHA-384, SHA-512, Should support encryption
of virtual image disk with Track the key access to all
copies of your data.
RFP conditions prevails
356 Additionnal
HSM Specifications:-
Encryption Confidentiality of sensitive information
and data of users and portal information should be
ensured.
System must implement various measures to
achieve this including mechanisms to ensure
security of procurement data, spanning from strong
end-to-end encryption of sensitive data, use of
strong PKI national standards encryption, use of
FIPS 140-2 Level 3 certified HSM (Hardware Security
Module) appliances with the capabilities of storing
all Private Keys securely in FIPS Certified Hardware
only (Not in NV RAM) and never stored in software
or in File Server in any form, HSM should have
enhanced Audit Log Facility & Error logs managed by
separate audit role. Log entries should originate
from HSM, which should include, when, who, what
and result of logging. Audit log entries are ensured
against any truncation, modification, deletion,
addition. Critical events like tamper,
decommissioning, zeroization, SO creation audit role
creation should be logged automatically and
unconditionally. Logs should be sent to the server
before rewriting them, physical security, access
control, network security, stringent audit
mechanism, 24x7 monitoring, and measures such as
data partitioning and data encryption.
RFP conditions prevails
357
Volume I
6.8 Proposed Bill
of Material
794. Video Management Softwares - Set
How many cameras need to be recorded in this
Video Management Software?
Are these cameras new or existing cameras?
Where are these cameras located?
What are the camera specifications?
Please provide resolution/bitrate at which we need
to record these cameras?
RFP conditions prevailsBidder to study the existing
infrasturcture
358
Volume I
6.8 Proposed Bill
of Material
80
21. CCTV System in Command & Control Room -
Set
How many cameras are required in the Command &
Control Room?
Please provide the camera specification?
We understand that these cameras will be recorded
with the Video Management Software as per S.No. 4
above. Please confirm.
RFP conditions prevailsBidder has to propose as per the
building drawings
359
Volume II
1.4 Finalization and
submission of a
detailed technical
architecture
Page 12 of 245
• Interoperability - The system should have
capability to take feed from cameras
installed by private/Govt. at public places,
digitize (if required) & compress (if required)
this feed & store as per requirements.
How many such cameras need to be provisioned for
Video Recording?
Please also provide the make/model of these
cameras?
This information is required to calculate the storage
for these video feeds, as well as the server sizing of
the Video Management Software to be proposed.
RFP conditions prevailsBidders should comply RFP
functionality
360
Volume II
1.4 Finalization and
submission of a
detailed technical
architecture
Page 12 of 245
• Support for PKI based Authentication and
Authorization- The solution shall support PKI
based Authentication and Authorization, in
accordance with IT Act 2000, using the Digital
Certificates issued by the Certifying
Authorities (CA). In particular, 3 factor
authentications (login id & password,
biometric and digital Signature) shall be
implemented by the MSI for officials/employees
involved in processing citizen services.
PKI based Authentication and Authorization is OEM
specific. It should be removed.
Generic Authentication and authorization
requirements should be added so that it is not
restrictive to other parties.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
361
Volume II
1.5 Other
expectations from
MSI
Page 12 of 245
34. The MSI will setup a local server on the
Integrated Command & Control Centre which
will communicate with the central server.
What is the function of this local server?
Please further elaborate the expectation from this
local server
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
362
Volume II
Functional
Requirements of the
Variable Message
Sign Boards: (VMS)
Page 25 of 245
The system should be capable to display
warnings, traffic advice, route guidance, air
quality, traffic congestion, live journey time,
alternate routes to destination, whether
updates emergency messages and any other
dynamic messages automatically from the cloud
We understand that the Central VMS Controller
application shall be installed locally on physical
servers at the UP State Data Centre (SDC), so what is
the requirement of cloud here?
What is this cloud and what kind of information is
stored on this cloud?
RFP conditions prevails
363
Volume II
2.3 Centralized
Command & Control
Centre
Scope
Page 29 of 245
MSI should be able to provide Unified view for
each Departments:
What is the expectation for integration of Unified
Mobility card with CCC platform?
Kindly elaborate
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
364
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 33 of 245
The MSI has to provide, deploy and configured
an integrated operations and dashboard
application that integrated various Smart City
use cases on this platform. Proposed Solution
architecture should have combination of data
collection, and normalization with below
capabilities but not limited to. Command and
control centre software should support cloud
technology.
We understand that the Command and Control
center platform software proposed shall be locally
hosted in the UP State Data Centre (SDC) situated in
Lucknow. Please confirm.
RFP conditions prevails
365
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 35 of 245
Multitenant City operations Dashboard: City
software platform Dashboard should display
only relevant data (associated geographical
data) for the user who logs in
Multitenancy is not required here. Request you to
please remove the word "Multitenant".
City dashboard will display data relevant to the user
who logs in based on his role.
RFP conditions prevails
366
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 35 of 245
7. Device Abstraction method
The platform should normalize individual device
data into Things Query Language or equivalent
language to communicate among devices.
OEM specific, to be removed.
IOT devices will be integrated to the integration
layer of the CCC Software platform for data
exchange supporting different supported protocol.
RFP conditions prevails
367
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 36 of 245
10. Service management
a) Data brokerage, ID Management: Performs
service management
OEM specific, to be removed.RFP conditions prevails
368
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 36 of 245
12. Authentication, Authorization
System should support standard Authentication,
Authorization Performs The sentence looks incomplete. Please confirm. RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
369
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 36 of 245
Platform functionality
19. API management and gateway: Provides
secure API lifecycle, monitoring mechanism for
available APIs
20. User and subscription management:
Provides different tier of user categorization,
authentication, authorization, and services
based on the subscriptions
Both these points are OEM specific.
Generic requirements should be added instead of
exact OEM specific wordings.
RFP conditions prevails
370
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 37 of 245
23. The platform should also be able to bring in
other e- governance data (SCADA systems) as i-
frames in the command and control centre
dashboard
"as i-frames" should be removed.
Platform should be able to present the SCADA
system data in the command and control center
dashboard.
RFP conditions prevails
371
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 38 and 39
of 245
25 Control and Command Centre Operations
It shall provide possibility to connect to
workstations and accessible via web browser
The solution shall be available via a VPN as a
web-based interface or a thin-client interface
To be removed RFP conditions prevails
372
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 39 of 245
26. Integration capabilities
This platform is expected to integrate various
urban services devices at the street layer so that
urban services applications can be developed on
top of this platform independent of the
technology that is used in the devices.
OEM specific terminology ( Urban Services devices).
Requirements must me modified to generic
wordings so that it does not restrict participation.
RFP conditions prevails
373
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 40 of 245
28. Platform should support on the fly
deployment of Sensors. Platform shall have
the ability to add / remove sensors including
new vendor types without a need for shutdown.
OEM specific. To be removed RFP conditions prevails
374
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 41 of 245
30. Resiliency
• This architecture provides the smart city use
cases much needed resiliency while adapting
cloud architecture
This bullet point to be removed. It looks like a
feature of some OEM rather than a requirement.
The Command and Control center software
proposed shall be locally hosted in the UP State
Data Centre (SDC) situated in Lucknow.
RFP conditions prevails
375
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 41 of 245
The Smart City platform should have
demonstrated integration to collaboration tools
to bring multiple stake holders and responders
to respond an emergency or an urban services
event.
OEM specific terminology ( Urban Services events).
Requirements must me modified to generic
wordings so that it does not restrict participation.
RFP conditions prevails
376
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 41 of 245
31. API Based Open Platform
• Provides urban services’ API(s) to
develop operation applications for each of the
Urban Services domains. For example, the
lighting operator of the City should be able to
develop a City Lighting management
application based on the API(s) provided by the
platform. This lighting application should also
have the ability to access data from other
domains like environment based on the access
control configured in the system.
OEM specific terminology ( Urban Services). To be
removedRFP conditions prevails
377
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 41 of 245
• The vendor should have already
documented different Urban Services APIs using
which applications can be developed.
• The vendor should be able to demonstrate
existing applications that are developed using
these urban services APIs.
OEM specific terminology ( Urban Services). To be
removedRFP conditions prevails
378
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 42 of 245
34. Provides urban services API(s) to develop
operation applications for each of the Urban
Services domains. For example, the lighting
operator of the City should be able to develop a
City Lighting management application based on
the API(s) provided by the platform. This
lighting application should also have the
ability to access data from other domains like
environment based on the access control
configured in the system.
OEM specific. To be removed RFP conditions prevails
379
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 44 of 245
47. Service Catalog Management
The Service catalog management module should
allow categorizing the externalized and non-
externalized services into logical groups by
creating the service catalogs. In addition, system
should allow manage the service catalogs by
adding, modifying, or deleting the catalog
details.
OEM specific. To be removed RFP conditions prevails
380
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 44 of 245
49. Multi-tenancy
1. Single instance of SMART CITY PLATFORM
can be logically partitioned to host
multiple tenants.
2. Each tenant should have
respective administrator users.
3. Role based access control: Allows to
provision users with specific roles to delegate
monitoring and management of city resources
based on regions (sub-boundaries in the
tenant/City geography).Each Tenant can be
further partitioned (zones/streets etc) with
access to users for the respective
zones/streets.
OEM specific. To be removed.
Multi-tenancy is not required here. It is one city
which will have different users based on their role.
Administrator user can decide on different roles and
accesses of these users.
RFP conditions prevails
381
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 46 of 245 52. Collaboration
Points under "Collaboration" requirements are OEM
specific based on a certain capability of that
particular OEM.
Also many points are repeated more than once.
Requirements should be generic and not restrictive
for participation of other OEMs.
RFP conditions prevails
382
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 48 of 245
53. Enterprise resource planning (ERP)
integration System should allow integration of
business process
in ERP workflows like property tax collection etc.
Please specify which exact modules need to be
integrated to Smart City platform for dashboards/
visualizations?
Is it only "Property Tax Collection" or others as well.
Please help is providing more clarity and exact
requirement.
RFP conditions prevails
383
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 48 of 245
Analytics Engine should be an artificial
intelligence- based smart city analytics platform
module to maximize business value through
advanced machine learning capabilities
Terms like " Artificial Intelligence" and "Machine
learning" should be removed to avoid restrictions
for participation.
RFP conditions prevails
384
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement of
Command and
Control Centre
Platform:
Page 50 of 245
66. Cloud Infrastructure Operations
67.
68.
69.
All these points to be removed.
The Command and Control center software
proposed shall be locally hosted in the UP State
Data Centre (SDC) situated in Lucknow so cloud
related points are not relevant.
RFP conditions prevails
385
Volume II
2.3 Centralized
Command & Control
Centre
Functional
Requirement
of+C40
Page 52 of 245
72. Software should support security standards:
OAuth 2.0, HTTPS over SSL, and key
management help protect the data across all
domains.
OAuth 2.0 is OEM specific. To be removed. RFP conditions prevails
386 2.3.2 IoT Platform
All these points are already covered in Section 2.3
Centralized Command & Control Centre
Functional Requirement of Command and Control
Centre Platform:
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
387
Volume II
2.3.2 IoT
Platform
Page 59 of 245
1) Data Aggregation, Normalization and Access -
It is envisaged that the city will implement
multiple Smart City use cases over a period of
time. The potential example Smart City use
cases are-
• Smart Traffic Management
• Smart Energy Metering
• Connected Public Transport
• Public Wi-Fi and Urban Service Delivery over
Public Wi-Fi
• Kiosks for Citizen Information
• Citizen Interactive Kiosks for Urban Service
Delivery
Please provide the use case for each of these Smart
City elements/systems.RFP conditions prevails
388
Volume II
2.3.2 IoT
Platform
Page 59 of 245
The City will be using various device vendors for
various urban services. For example, in the
Smart city journey of the city, various vendors of
smart elements will be used for deployment and
each will be generating data in their own
format. This Smart City platform should be able
to define its own data model for each urban
service like parking, waste, lighting, transport
etc and map data from different device vendors
to the common data model. This way,
application development and analytics
applications do not need to worry about the
complexity of various data formats.
OEM specific terminology ( Urban Services). To be
removedRFP conditions prevails
389
Volume II
2.3.2 IoT
Platform
Page 60 of 245
The attributes of the API key(s) must restrict /
allow access to relevant data, i.e. (the attributes
can be like: specific domain (either parking or
lighting or waste etc. or combination of these),
RO / RW /, specific to tenant (city, street within
city etc.)
OEM specific. To be removed RFP conditions prevails
390
Volume II
2.3.2 IoT
Platform
Page 60 of 245
Multitenant City operations Dashboard: City
software platform Dashboard should display
only relevant data (associated geographical
data) for the user who logs in.
"Multitenant" word to be removed. RFP conditions prevails
391
Volume II
2.3.2 IoT
Platform
Page 60 of 245Visualization/Control and Command Centre
Layer
All these points are already covered in Section 2.3
Centralized Command & Control Centre
Functional Requirement of Command and Control
Centre Platform:
RFP conditions prevails
392
Volume II
2.4 Site
Preparation for
Command Control
Center,
Page 72 of 245
2.4.11 CCTV system
The SI shall provide CCTV system within the
Data center and Command and Control Center
on 24X7 bases. All important areas of the
Data center, Command and Control Center
along with the non-critical areas like locations
for DG sets, entry exit of Command Center,
Entry and Exit of building premises need to be
under constant video surveillance. Monitoring
cameras shall be installed strategically to cover
all the critical areas of all the respective
locations and the feed of the CCTV system
should be integrated with control and command
centre.
How many CCTV cameras are required within Data
center and Command and Control Center?
We understand that the Data center will be located
at the UP State Data Centre (SDC) situated in
Lucknow. There will be CCTV system already present
in the SDC. So do we still need to consider CCTV
cameras for Data Center or only for the Command
and Control Center?
RFP conditions prevailsBidder shall propose to meet ICCC
requirements / std
393Volume II
3.1 E Governance:Page 73 of 245
3. e-District (Municipal Services)
4. others city levels initiatives
Please elaborate on "Municipal Services", which are
these services?
Also please advise any other exact "city level E-
Governance initiatives" which need to be integrated
to CCC.
RFP conditions prevails
394
Volume II
3.5 Intelligent
Traffic Management
System
Page 77 of 245 3.5 Intelligent Traffic Management System
Please provide the scope of integration for
Intelligent Traffic Management System, as provided
for the above systems like Solid Waste Management
and Smart parking.
RFP conditions prevails
395
Volume II
3.6 ICT for City Bus
Services
Page 78 of 245 3.6 ICT for City Bus Services
Please provide the scope of integration for ICT for
City Bus Services, as provided for the above systems
like Solid Waste Management and Smart parking.
RFP conditions prevails
396
Volume II
3.7 City
Surveillance
Page 78 of 245
3.7 City Surveillance
Functional Requirements: City Surveillance
System will be required to be integrated with
Lucknow Command & Control Center by the
selected System Integrator to receive real-time
feeds of the camera installed by the respective
department. These video feeds will be utilized in
Analytical layer to help administration monitor
its assets and do a better urban planning, also
will implement the SoP to fulfil the use cases.
We understand that the Command and Control
center software proposed shall integrate with the
existing Video Management System software
installed for the City Surveillance System (Drishti) to
view the feed of 280 existing cameras. No new
Video Management System software is required for
these 280 existing cameras.
OR
Do we need to propose a new Video Management
software/recording servers/storage for recording
these 280 existing cameras
Please confirm the understanding.
RFP conditions prevails
397
Volume II
3.7 City
Surveillance
Drishti- City
Surveillance
Page 80 of 245
v ICCC will receive feeds of CCTV existing
cameras and new cameras on real time basis.
ICCC will be integrated with existing cameras
and new cameras.
1) Do we need to propose a new Video
Management System / Recording Servers/Storage
for recording the CCTV feeds from these new and
existing cameras?
2) Please provide the exact count of New and
Existing Cameras?
3) Please provide make/model of Existing Cameras
3) Please also provide the Camera Type/details of
the New Cameras?
4) For how many days do we need to store the
Camera feeds and at which resolution/bitrate?
RFP conditions prevails
398Volume II
3.8 UP Dial 100Page 80 of 245 3.8 UP Dial 100
Please provide the scope of integration for UP Dial
100 , as provided for the above systems like Solid
Waste Management and Smart parking.
RFP conditions prevails
399
Volume II
3.9 Integration of
SCADA Systems
(Water Supply,
Sewerage Pumping
Station etc.) (For
future integration)
Page 81 of 245
3.9 Integration of SCADA Systems (Water
Supply, Sewerage Pumping Station etc.) (For
future integration)
Please provide the scope of integration for SCADA
Systems (Water Supply, Sewerage Pumping Station
etc.) (For future integration) , as provided for the
above systems like Solid Waste Management and
Smart parking.
RFP conditions prevails
400
Volume II
3.11 Unified Smart
Mobility Card:
Page 82 of 245 3.11 Unified Smart Mobility Card:
We understand that the proposed Command and
Control Centre Platform software does not need to
integrate with the Unified Smart Mobility Card.
Please confirm the understanding.
If not, please provide a use-case/scope for the
integration.
RFP conditions prevails
401
Volume II
3.12 Biometric
Attendance System
of Sanitary Workers
Page 84 of 245
Functional Requirements: As soon as the IT
agency of the Lucknow Municipal Coorporation
will complete the work of Aadhaar Based
Attendance System, The Master System
Integrator who will be selected under the scope
of work of this RFP has to integrate the
Biometric Attendance Management System of
Sanitary Workers to Lucknow Control and
Command Centre and also will implement the
SoP to fulfil the use cases. The Integration of the
Biometric Systems will be utilized in Analytical
layer to help administration monitor the
services offered by its employees and do a
better planning.
Please provide the expectation of integrating the
Biometric Attendance Management System of
Sanitary Workers to Lucknow Control and Command
Centre
Also please provide the scope of this integration (
like provided for Solid Waste Management and
Smart parking etc.
RFP conditions prevails
402
Volume II
4.2 LSCL App
(Mobile App):s
Page 106 of 245 4.2 LSCL App (Mobile App):
We understand that the proposed Command and
Control Centre Platform software does not need to
integrate with the LSCL App (Mobile App). Please
confirm the understanding.
If not, please provide a use-case/scope for the
integration.
RFP conditions prevails
403
Volume II
4.3 Lucknow Smart
City Website:
Page 107 of 245 4.3 Lucknow Smart City Website:
We understand that the proposed Command and
Control Centre Platform software does not need to
integrate with the Lucknow Smart City Website.
Please confirm the understanding.
If not, please provide a use-case/scope for the
integration.
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
404
Volume II
5.2 Data Center
and Disaster
Recovery
Data Center
Page 116 of 245
Min 90 days Data Backup of the video feeds and
the transaction data for min 1 year shall be
stored within the Data Center infrastructure
preferable in a cost effective and innovative
manner.
Please provide the resolution/bitrate at which the
video feeds should be stored for 90 days in DCRFP conditions prevails
405
Volume II
5.2 Data Center
and Disaster
Recovery
Data Center
Page 116 of 245
In case the data center services are to go
down due to any unforeseen circumstance,
the Command Center should have access to the
video feeds of previous 90 days and the
transaction data for min 1 year from this data
backup facility.
Where will this "Data backup facility" located for 90
days video feeds ( if DC services go down)?RFP conditions prevails
406Volume II , Section
2.3.261 Ultra-thin configuration
Request you to make it normal configuration so that
other OEM Can qualify .Too add more to this heat
dissipation is the best in Normal rear projection
cubes as compared to Ultra Thin cubes
RFP conditions prevails
407Volume II , Section
2.3.264 To add
To add The video wall content will be able to show
live on any remote display .Mobile with IE Which
will help in viewing the videowall remotely
RFP conditions prevails
408Volume II ,Section
12.1.9 224 Brightness 500 nits
Request you to consider brightness of at least 300
cd/m² or more so that other OEM can qualify .RFP conditions prevails
409Volume II ,Section
12.1.9 224 Laser Light source
Request you to consider LED as Laser based
Videowall are nearly 35% costlier than LED
Videowall & Continous viewing of Laser will lead to
Operator fatigue as its too bright for Indoor
applications .
RFP conditions prevails
410Volume II ,Section
12.1.9 224 RAID 0, 1, 5, 10 support
.This is specific to one OEM . Request you to
consider RAID 0,1 so that other OEM Can qualifyRFP conditions prevails
411Volume II ,Section
12.1.9 224
Dust Prevention - Should meet or exceed IP6X
standard
This is specific to one OEM .Request you to mention
Protection against dust should be there which
should not hamper the functionality of VDW
RFP conditions prevails
412 RFP Vol_2, Servers 135
Network interface:
• 2 X 20GbE LAN ports for providing Ethernet
connectivity
• Optional: 1 X Dual-port 16Gbps FC HBA for
providing FC connectivity
Network interface:
• 2 X 10GbE LAN ports for providing Ethernet
connectivity
• Dual-port 16Gbps FC HBA for providing FC
connectivity
Or Equivalent Bandwidth if bidder is proposing
converged adapter.
Justification : We should have both the option open
either LAN & SAN separate or converged.
Please refer to the corrigendum 6
413RFP Vol_2, Primary
Storage137
Cache : Minimum 128 GB of useable cache
across all controllers. If cache is provided in
additional hardware for unified storage solution,
then cache must be over and above 128 GB.
Cache : 16 GB or higher as per the solution
requirement in terms of performance and SLA.
Justification: Let bidder should decide the cache
required for the offered solution.
RFP conditions prevails
414RFP Vol_2, Primary
Storage137
Storage:RAID solution offered must protect
against double disc failure.
Pls suggest if we can propose solution with RAID 5
also as it will more usable capacity with in same
number of disk drives.
RFP conditions prevails
415 Vol_2_RFP : SOW 169
Request to clarify the requirement of IoT Wireless
sensors and User device (Laptop, Phone) WLAN
connectivity to Command and Control Centre
Platform and data security requirements
RFP conditions prevails Query Not Clear
416 Vol_2_RFP : SOW 169
Request to clarify the requirement for API
connectivity requirements to Wired and Wireless
Data network
RFP conditions prevails Query Not Clear
417
EMS with Helpdesk;
EMS Other Key
Requirements
132
The solution should run without any propriety
database license for data store - Data store must
be bundled within EMS (E.g. popular time-
series, no-sql, HBase based monitoring systems)
to reduce the TCO
The OEM should deploy the solution as per the
product's architecture across web/app/database tier
& which can extend to either internal/external
databases. Please rephrase the same as:"The
solution should run with the recommended
database."
RFP conditions prevails
418
EMS with Helpdesk;
EMS Other Key
Requirements
132
The solution should be deployable on Linux
operating systems to reduce the overall TCO.
The OEM should deploy the solution as per the
product's recommended design & industry's best
practices, thus there should not be any limitation
around the deployment design. Please rephrase the
same as: "The solution should be deployable on
Windows / Linux operating systems to reduce the
overall TCO."
Please refer to the corrigendum 6
419 Vol_2_RFP.pdf 138
To store data as required, to meet the archival
requirement
for different type of data/information
Please provide details of TB of data that backup
software needs to be backed upRFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
420 Vol_2_RFP.pdf 139
Must include backup/archive application
portfolio
required
Please share backup software specifications. RFP conditions prevails
421
Eligible Goods and
Services, and OEM
Criteria (volume 1)
34
The bidder’s proposed OEM(s) for the following
solutions must be included in
the Gartner magic quadrants (in either Leaders
or Challengers quadrant) as on
the day of submission of bid
Is it a mandatory requirement for the OEM to be in
Leaders/Challengers Quadrant?Kindly clarify.RFP conditions prevails
422Variable Message
Sign Board27
Various users should access the system using
single sign on and
should be role based. Different roles which
could be defined (to be finalized at the stage of
SRS) could be Administrator, Supervisor, Officer,
Operator, etc.
Model of usage of the application
- Will it be used by specific set of users or all users
?
RFP conditions prevails
423Variable Message
Sign Board27
Various users should access the system using
single sign on and
should be role based. Different roles which
could be defined (to be finalized at the stage of
SRS) could be Administrator, Supervisor, Officer,
Operator, etc.
Does the Scope of work include end to end user life
cycle management ?RFP conditions prevails
424Variable Message
Sign Board27
Various users should access the system using
single sign on and
should be role based. Different roles which
could be defined (to be finalized at the stage of
SRS) could be Administrator, Supervisor, Officer,
Operator, etc.
No of users that would be managed by Identity and
Access Management and YoY growth of users
(assuming 10%)
RFP conditions prevails
425General
Requirements53 Enterprise resource planning (ERP) integration
No of end points (applications) and the their types
that this IDAM solution would be catering to. i.e.
SAP, Linux OS, Windows OS, SOAP, REST applications
etc.
RFP conditions prevails
426 Project Scope 12Support for PKI based Authentication and
Authorization
What are the different methods of advanced
authentication to be used and what all scenarios to
be used for advanced authentication i.e. SMS or
Mail OTP, fingerprint, etc
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
427 Release Operations 53
Patch timeline/ notifications: Platform vendor
should provide risk-based systems patching time
frames to tenants based on request
Need more details on tenants here and pls confirm
whethter the solution deployment planned. Ie cloud
based or some other way …
Please refer to the corrigendum 6
428 Volume 2, SIEM 160
A single log appliance should support minimum
30,000 EPS and packet appliance should support
upto 1GBPS line rate with multiple ingress
interfaces for capturing from multiple network
interfaces. Correlation Engine appliance should
be consolidated in a purpose build appliance
and should handle 100,000 EPS.
Putting Single log appliance to support 30,000 EPS
and packet appliance to support 1Gbps is
proprietary to specific vendor.
Need to rephrase as "Solution should support
100,000 EPS and packet rate at 1Gbps line rate ."
Please refer to the corrigendum 6
429
Vol 1, 2.29 Eligible
Goods and Services,
and OEM Criteria, h
Page 34
The bidder's proposed OEM(s) for the following
solutions must be included in the Gartner magic
quadrants (in either Leaders or Challengers)
1. Wired and Wireless LAN Access Infrastructure
We request you to please modify the clause as: The
bidder's proposed OEM(s) must be present in the
Gartner magic quadrants.
RFP conditions prevails
430
Vol 2, IP CCTV
camera for Control
Room, Pt 13
Page 240
Single-stream H.264 up to 1920 x 1080 at 30
frames per
second (fps) Single-stream MJPEG up to 1920 x
1080 at
30 fps
Dual-stream H.264 and MJPEG:
Primary stream programmable up to 1920 x
1080 at 30
fps
Secondary stream programmable up to 1024 x
576 at 15
fps
We suggest to ask for H.265 instead of H.264. H.265
can reduce the transmission bandwidth by 50%
while compare with H.264
Please refer to the corrigendum 6
431
RFP VOL 2 , WAN /
Internet Router,
Technical
Requirements
Page 133
Security features:
• MD5 encryption for routing protocol
• NAT
• URL based Filtering
• RADIUS/AAA Authentication
• Management Access policy
• IPsec / Encryption
• L2TP
URL Filtering is a security feature which should
idealy implemented on Security devices i.e.
Firewall along with other security policies and
Firewall shall be placed on edge of the network
to ensure secure passage of traffic inside the
Network ,Moreover Firewall has already been
required as per the RFP so suggest removing the
URL based filtering from this clause of router.
RFP conditions prevails
432Volume 2 - Disaster
Recovery (DR) Site120-121
Both DC and DR Site shall work in an Active-
Active mode with 100% recording of cameras
and application availability of all smart city
components.
Does that mean that both DC and DR will be Active
at all times? Or the DR will only be Active at the
time of a planned Switchover or an actual Failover.
RFP conditions prevails
433Volume 2 - Disaster
Recovery (DR) Site120-121
The SI shall design the DC and DR solution with
the necessary load balancing, replication and
recovery solution that provide zero RPO
(Recovery Point Objective) and RTO (Recovery
Time Objective) of 10 minutes.The DC and DR
site shall be periodically audited; updated and
mock drills shall be performed.
Sanovi DRM facilitates real time monitoring of RPO
and RTO being achieved in terms of time, data lag
and database transaction. It has inbuilt solution
signatures for detecting and monitoring various
replication mechanisms for data lag and time lag. It
also facilitates policy based actions for automated
response to any alert.
RFP conditions prevails
434Volume 2 - Disaster
Recovery (DR) Site120-121 DC/DRC Monitoring Dashboard
LSCL should include a Disaster Recovery
Management Solution which provides a dashboard
view of the real time status of disaster recovery
environment including the health of the sites,
applications, replication mechanisms and readiness
of the disaster recovery systems for recovery. The
DRM Solution faciltates alerts using
email/SMS/SNMP notifications on event threshold
conditions such as mentioned in the RFP to ensure
DR is monitored for any event impacting DR
readiness. The DRM Solution can also conduct DR
Drills from a centralized location.
RFP conditions prevails
435Volume 2 - Disaster
Recovery (DR) Site120-121 DC/DRC Monitoring Dashboard
The proposed Disaster Recovery Management
solution should be rated/mentioned in independent
analyst reports from either Gartner or IDC. Typically
5 years or more of recognition indicates a reliable
product.
RFP conditions prevails
436Volume 2 - Disaster
Recovery (DR) Site120-121 DC/DRC Monitoring Dashboard
As the DRM component communicates with all the
component of the Production and DR
environment,the DR Management solution should
be tested and certified by an A2LA Accredited
Organization to ensure that there are no security
vulnerabilities which can be exploited.
RFP conditions prevails
437Volume 2 - Disaster
Recovery (DR) Site120-121 DC/DRC Monitoring Dashboard
The DR Monitoring and Management software
should have a healthy customer base and the
product should be running successfully in at least 30
large organizations. Typically, large organisations
are defined by having revenue/assets of at least Rs
500 crores or more.
RFP conditions prevails
438Volume II Scope of
Work 11
The virus and worm attacks should be well
defended with gateway level Anti-virus system,
along with workstation level Anti-virus
mechanism.
Request you to please add minimum specification of
Anti-Virus Solution to have fair and competitive
bidding.
RFP conditions prevails
439Volume II Scope of
Work 12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based Authentication and Authorization, in
accordance with IT Act 2000, using the Digital
Certificates issued by the Certifying Authorities
(CA). In particular, 3 factor authentications
(login id & password, biometric and digital
Signature) shall be implemented by the MSI for
officials/employees involved in processing
citizen services.
Request you to please add minimum specification of
PKI and Hardware Security Module( HSM)
Specification.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
440Volume II Scope of
Work 52
Data Protection / Data at rest: Platform should
support encryption for tenant data at rest (on
disk/storage)
Request you to please add minimum specification of
Database Encryption Solution to have fair and
competitive bidding. RFP conditions prevails
441Volume II Scope of
Work 11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc. MSI must make provisions
for security of field equipment as well as
protection of the software system from hackers
and other threats.
Request you to please add minimum specification of
Security Analytics,Network Forensics and Intrusion
prevention Solution to have fair and competitive
bidding.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
442
Volume II Scope of
Work 55
Any anomalies shall be promptly identified &
investigated through SIEM(Security Incident
Management Framework
Request you to please add minimum specification of
SIEM and 2 Factor Authentication Solution to have
fair and competitive bidding.
Please refer to the corrigendum 6
443
Volume II Scope of
Work 112
Portal must be secure in all the way and all the
latest security implementations like https, xss,
sql injection, OWASP vunrebelties etc should be
implemented/followed to avoid any hacking.
To Achieve this, we suggest to implement WAF and
Request you to please add minimum specification of
web Application firewall Solution to have fair and
competitive bidding.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
444Volume II Scope of
Work 11
The security services used to protect the
solution shall include: Identification,
Authentication, Access Control, Administration
and Audit and support for industry standard
protocols.
Request you to please add minimum specification of
AAA Solution to have fair and competitive bidding.RFP conditions prevails
445
"Volume II Scope of
Work" 12
Single-Sign On- The application should enable
Single-Sign on so that any user once
authenticated and authorized by system is not
required to be re-authorized for completing any
of the services in the same session. For
employees of the department concerned, the
browser based application accessed on the
intranet, through Single-Sign-on mechanism, will
provide access to all the services of the
departments concerned (based on their roles
and responsibilities), Help module, basic and
advanced reporting etc. Similarly, for external
users (citizens, etc), based on their profile and
registration, the system shall enable Single-Sign
on facility to apply for various services, make
payments, submit queries /complaints and
check status of their applications.
Request you to please add minimum specification of
Single Sign on Solution to have fair and competitive
bidding.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
446
Vol2_RFP
DATA CENTER
SPECIFICATION
141 Link Load Balancer Specifications
Link Load balancer can also act as aa IPv6 gateway
hence we request to add below IPv6 Features on
Link load balancing Specifications,
• IPV6 support with IPv6 to IP4 and IPv4 to IPv6
translation and full IPv6 support.
• IPV6 support with DNS 6 to DNS 4 & DNS 4 to DNS
6 translation
• Support full DNS bind function & Capable of
handling complete DNS bind records including
A,MX, AAAA for IPv6.
RFP conditions prevails
Bidders should meet the
functional requirement as per
desired SLA
447Vol2_RFP
5.3 data security145 2.2.11.5 data security
The RFP has included most of network and security
solution to strengthen C&C infrastructure. But Web
Application security network function is missing and
is essential network function for overall security of
application infrastructure. Application security will
surely improve the security posture and improve the
operational efficiency of the solution. Besides Cyber
Security Model Framework for Smart Cities circular
also recommends web application security devices
for overall end to end security model. We suggest
including application security solution with
minimum specifications to this project.
Application level security solution should be
provided through leading practices and standards
including the following:
Prevent OWASP top 10 vulnerabilities including SQL
Injection, XSS, Security Misconfiguration
Vulnerabilities, Restrict URL Access Vulnerabilities,
Insufficient Transport Layer Protection, Redirects
and Forwards Vulnerabilities
The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks. Machine
learning should be based on true ML algorithms,
and not just automation of dynamically learnt rules.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
448
Vol2_RFP
DATA CENTER
SPECIFICATION
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual
instance to support multiple load balancing and
security functions. Shall have minimum of 8x10G
SFP+ interfaces from day one. Shall have
security features like reverse-proxy firewall, sync-
flood and denial of service attack protection
from day one.
number of virtual instance requirements are on
higher side keeping current and future scalabulity
requirement under consideration. Multi-tanent
server load balancer appliance typically requires 2-3
virtual tanents each of DMZ, MZ and server farm.
16 instances are on higher side and will add surplus
cost in overall solution design. we rcommend to
reduce it to 8 virtual instances.
RFP conditions prevails
449Vol2_RFP
5.3 data security145 New Suggestion-Application security
RFP has addressed most of the Application Security
points but still some application security points are
missing like unknown attacks based on user inputs
and application responses, Zero day Attacks, atomic
attacks and complex attack chains hence to address
these kind of attacks request you to consider next
generation application security solution with
minimum requirements.
1.The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks. Machine
learning should be based on true ML algorithms,
and not just automation of dynamically learnt rules.
2. web application security solution should have
capability of performing static analysis of source
code & dynamic analysis at RUN time to identify
potential vulnerabilities in web applications and
solution must have option to deploy virtual patch
based on static and dynamic analysis results.
3. The Web application security solution should
address known & unknown attacks based on user
inputs and application responses using combination
of dedicated protectors/signature engines and
Machine Learning
4. WAF should support built-in correlation engine to
detect atomic attacks and complex attack chains.
Administrator should have option to define
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
450 Volume 1, 7.2 E 90,91 Line Item missing for SIEM in Commercial sheet. Kindly Include the same as separate line Item RFP conditions prevails
451 Volume 2, SIEM 160 SIEM Specifications
Some part of SIEM specs has been mentioned under
EMS. Kindly confirm specifications under heading
SIEM (page 160 onwards )are to be considered.
Please refer to the corrigendum 6
452Volume II Scope of
Work 155
Solution must be custom built AntiAPT solution
and must not have network perimeter security
component part devices like firewall and IDS/IPS
Top security vendors have their Anti-APT solution as
well as Firewall and IPS, and Anti-APT is proven best
by NSS LABS. Request Please remove "must not
have network perimeter security component part
devices like firewall and IDS/IPS"
RFP conditions prevails
Custom built APT solutions offer
dedicated resources to do analysis
of unknown threats with higher
acceleration instead of
UTM/Firewall devices having
multiple security layers hosted on
shared resources.
453Volume II Scope of
Work 156
The proposed solution should have an endpoint
security component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection,
ability to quarantine and clean the infected files,
ability to integrate with Anti APT components
and automatically block/Quarantine zero day
malwares by sharing Indicators of Compromise.
Please remove integrated DLP from Endpoint
because this is not recommended model and DLP
always work on perimeter layer because any data
which is supposed to go out will go from network
only.
Request you to please change "The proposed
solution should have an endpoint security
component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection, ability
to quarantine and clean the infected files, ability to
integrate with Anti APT components and
automatically block/Quarantine zero day malwares
by sharing Indicators of Compromise."
RFP conditions prevails
Considering current landscape
possible data leakage due to a
malicious threat is a prominent
concern. Hence DLP capability is
desired at the endpoint channel to
avoid any intentional and
unintentional data exfilteration.
454Volume II Scope of
Work 156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
Asked number of parallel sandboxing is vendor
specific and because of this multiple known APT
vendor will not be able to bid in Smart City.
Request you to please Change"The proposed
solution should be able to run at least 50+ parallel
sandboxes for analysis of payload and on premise
customized sandbox solution should have the
capability to allow manual submission of suspicious
files for analysis"
RFP conditions prevails
Considering Smart City traffic
volume and future scalability
considering unknown malware
threats the proposed solution
should be able to run at least 60
parallel sandboxes for analysis of
payload and on premise
customized sandbox solution
should have the capability to allow
manual submission of suspicious
files for analysis
455Volume II Scope of
Work 156
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
Asked file size should not be bottle neck for Smart
City projects.
Request you to change" Solution should support
more than 60 MB file Size."
RFP conditions prevails
456Volume II Scope of
Work 157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. AntiAPT
solution should share intelligence with
endpoint, security web gateway solution,
HIPSserver security & NIPS, similarly endpoint
and security web gateway, NIPS & HIPS(Server
Security) should submit files to AntiAPT solution
for analysis and all three (AntiAPT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console.
In asked specs all the solution should be manage
through single management console, which is not
possible because as Smart City we do not know who
will win IPS,Web Security, Email Security, Endpoint
HIPS(server security) and if each solution is from
different vendor they will be having their own
managemnt console and we do not know that they
support REST API or someting else and also
different OEM endpoint solution will not be able to
send file to different OEM Anti-APT solution.
Request you to please change"The Proposed
solution should have option to share Indicators of
compromise for mitigation and clean up with AV
endpoint and Web gateway to block threat at web
gateway level and network level through NIPS.
AntiAPT solution should share intelligence with
endpoint, security web gateway solution, HIPSserver
security & NIPS, similarly endpoint and security web
gateway, NIPS & HIPS(Server Security) should
submit files to AntiAPT solution for analysis and all
three (AntiAPT, Web Security, Email security,
Endpoint, HIPS (server security) solution should
manage through single management console."
RFP conditions prevails
457Volume II Scope of
Work Additional Point
The Proposed Anti-APT solution must have
recommended rating in 2017 NSS BPS report from
NSS Labs and must have more than 98% security
efectivness.
RFP conditions prevails
458 Vol 1 6
A consortium consists of multiple members (not
more than Three
parties - Lead Bidder + 2 Consortium members)
Request to amend the clause as:
A consortium consists of multiple members (not
more than four
parties - Lead Bidder + 3 Consortium members)
RFP conditions prevails
459 Vol 1, 3.4.3,s.no.2 35
The Sole Bidder or the Lead Bidder of
consortium should have an average annual
turnover of minimum INR 10 crore with
minimum average
turnover of INR 5 crore from one or more of the
“specific
business areas” mentioned below over the last
three
financial years and, in case of a Consortium, the
average
annual turnover for each of the consortium
members over
the last three Financial Years should be INR 2.5
crore or
more from one or more of the “specific business
areas”
mentioned below:
Development including mobile app
capability
Request to amend the clause as:
The Sole Bidder or the Lead Bidder of consortium
should have an average annual turnover of
minimum INR100 crore with minimum average
turnover of INR 50 crore from one or more of the
“specific
business areas” mentioned below over the last
three
financial years and, in case of a Consortium, the
average
annual turnover for each of the consortium
members over the last three Financial Years should
be INR 10 crore or more from one or more of the
“specific business areas”
mentioned below:
Development including mobile app
capability
Please refer to the corrigendum 6
460 Vol 1, 3.4.3, S.no.7 36The sole bidder or lead bidder /consortium
partner should have CMM level 5.
Request to amend the clause as:
The sole bidder or lead bidder /consortium partner
should have CMM level 3.Please refer to the corrigendum 6
461Vol 1, 3.4.3,, PQ
s.no.836
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration
of citizen centric web portal / mobile app,
database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT.
Request to ammend the clause as:
The sole bidder or lead bidder/ consortium partner
should have experience in implementation of e-
governance solution/ software solution in at least
two projects in Govt/ Semi Govt/ PSU in last five
years as on the date of release of NIT.
RFP conditions prevails
462Vol 1, 3.4.3, PQ
s.no.836
Completion Certificate issued and signed
by the competent authority
e-governance projects have contract period of 5
years, we request you to consider ongoing projects
with client certificates
RFP Conditions prevails
463Vol 1, 3.4.3, pQ
S.No.936
The Sole Bidder or any consortium member (in
case of consortium) should have experience of
Operation and maintenance of network
comprising software, ICT hardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
Request to ammend the clause as:
The Sole Bidder or any consortium member (in case
of consortium) should have experience of Operation
and maintenance of ICT Infrastructure of minimum
project value of INR 100 Crore in the last five years
on the date of issue of NIT.
RFP Conditions prevails
464
Vol1, 3.5.1 Technical
Bid Criteria &
Evaluation,s.no.A1
44
Average annual turnover from “Specific Business
Areas” as mentioned
below for Sole bidder or Lead bidder (in case of
consortium) over the last
three Financial years
Marks shall be allotted as given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore =
6.5 marks
•More than INR 20 Crore – up to INR 30 Crore =
6 marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
Request to ammend as:
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or Lead
bidder (in case of consortium) over the last three
Financial years
Marks shall be allotted as given below:
• More than INR 150 Crore = 7 marks
• More than INR 125 Crore – up to INR 150 Crore =
6.5 marks
•More than INR 100 Crore – up to INR 125 Crore = 6
marks
• Equal to INR 100 = 5 Marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environmen
Please refer to the corrigendum 6
465
Vol1, 3.5.1 Technical
Bid Criteria &
Evaluation,s.no.A2
39 •CMM level 5 =3 marks
Please ammend to :
CMM level 5 =3 marks
Or
ISO 9001: 2008 & ISO 27001 & ISO20000 & CMM
Level 3: 3 Marks
RFP conditions prevails
466
Vol1, 3.5.1 Technical
Bid Criteria &
Evaluation,s.no.B1
40
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed &
commissioned project(s) related to
development and integration of citizencentric
web portal / mobile app components or both
having minimum value of INR 15 crore in India
during last five years as on the date of release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
The Sole Bidder or lead member or any of the
consortium partner should have been awarded and
successfully Implemented IT projects project
having solution development and implementation
as project components minimum value of INR 5
crore in India during last five years as on the date of
release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 4 Project = 20 marks
• 3 Project = 14 marks
• 2 Project = 10 marks
• 1 Project = 7 marks
Please refer to the corrigendum 6
467
Vol1, 3.5.1 Technical
Bid Criteria &
Evaluation,s.no.B1
40
Completion Certificate issued & signed by the
competent authority
of the client entity on the entity’s letterhead
e-governance projects have contract period of 5
years, we request you to consider ongoing projects
with client certificates
RFP Conditions prevails
468
Vol1, 3.5.1 Technical
Bid Criteria &
Evaluation,s.no.B2
42
The Sole Bidder or lead member (in case of
consortium) should have
experience in the field of City centric software
Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
The Sole Bidder or lead member/ Consortium
Partner should have experience in the field of e-
Governance Project/ Citizen centric Projects in last
5 years.
Marks shall be allotted as below:
• three Projects = 10 marks
•TwoProjects = 8 marks
• One Projects =6 marks
RFP Conditions prevails
469
Vol1, 3.5.1 Technical
Bid Criteria &
Evaluation,s.no.B3
42
The Sole Bidder or lead member (in case of
consortium) should have
experience in developing and implementing IT
software projects in India
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to
be provided as proof of
delivery) with the above mentioned technology
stack.
The Sole Bidder or lead member / Consortium
Partner should have experience in developing and
implementing IT software projects in India with Java
/J2EE, Application Servers like JBoss or similar,
HTML5/CSS3, mobile apps native languages
(Android, ioS, Windows, Hybrid language like
phonegap),.Net, PHP User Experience in designing
User Interfaces. At least 2 projects have been
executed (documentary evidence to be provided as
proof of
delivery) with the above mentioned technology
stack.
Please refer to the corrigendum 6
470
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 7
47
GIS Specialist:
a. Master in Geography with Post-Graduate
Diploma in Remote
Sensing & GIS/Master in Remote Sensing & GIS
from reputed
institute.
Request to consider qualification of
B.E/B.tech/MCA/Mtech with experience in GIS
Projects.
RFP conditions prevails
471
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 1
46
Project Director
a. Education: Full Time MBA/MCA/M. Tech &
B.Tech/B.E. from a reputed institute
b. Total Experience: At least 15 years in IT sector
c. Should have more than 8 years of experience
of handling such large projects
Request to consider qualification of
PGDBM/MBA/MCA/M. Tech & B. Tech/B.E. from a
reputed institute
RFP conditions prevails
472
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 2
46
Project Manager
a. Education: Full Time MBA/MCA/M. Tech & B.
Tech/B.E. from a reputed institute
b. Total Experience: At least 12 years in IT sector
c. Should have more than 5 years of experience
of handling such large projects as a project
manager
d. Should preferably have PMP or Prince2
certification
Request to consider qualification of
PGDBM/MBA/MCA/M. Tech & B.Tech/B.E. from a
reputed institute
Request to delete PMP or Prince 2 certification
RFP conditions prevails
473
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 3
46
Solution Architect
a. Education: Full time MCA/M. Tech/B.
Tech/B.E. in CS/IT from a reputed institute
b. Total Experience: At least 8 years in IT sector
c. Should have experience of more than 3 years
as Solution Architecture in large projects of
similar nature
Request to consider qualification MCA/M. Tech/B.
Tech/B.E. in CS/IT/EC from a reputed instituteRFP conditions prevails
474
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 4
46
Application Architect
a. B.Tech / M.Tech with at least 8 years from
reputed Architect Institute
b. Should have designed enterprise level
solutions of similar nature with experience
working on the cloud network for at least 2
projects
Request to consider qualification of
B.E/B.tech/MCA/Mtech from reputed instituteRFP conditions prevails
475
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 5
46
Database Management System Expert
a. B.Tech / MTech in CS/IT/EC with at least 8
years from reputed Institute with certification in
DBMS from reputed institute
b. Should have designed enterprise level
solutions comprising of data warehousing/ERP
for at least 2 projects
Request to consider qualification of
B.E/B.tech/MCA/Mtech in CS/IT/EC from reputed
institute
RFP conditions prevails
476
Vol 1, 3.5.2 Key
Personnel Criteria
S.No 6
47
Network Architect (DC/DRCloud)
a) B.Tech / MTech with at least 8 years from a
reputed Institute
b) Should have experience in designing &
implementing Network solutions for at least 3
similar projects.
Preference will be given to the experts with
CCNP Certifications.
c) Any professional certification that relates to
cloud computing/DC/DR, preferably CCNA(DC),
CCNP
(DC), DCDC(BICSI), CBCI, CBCP, etc
Request to consider qualification of
B.E/B.tech/MCA/Mtech from reputed institute
Professionals with CCNA/CCNP Certification is
preferebale.
RFP conditions prevails
477 Vol 2 Page 184 of 245 Please note that these two clauses are contradictory. Kindly provide the confirmation that all the payment will be done by Authority within 45 days of invoice. Please refer to the corrigendum 6
478 Vol 3 Page 16 of 51
Authority shall make all efforts to make
payments to SI within 45 days of receipt of
invoice(s) and all necessary supporting
documents.
Please refer to the corrigendum 6
479 Vol 1 Page 29 of 104
The Bidder shall quote only one specific make
and model from only one specific
OEM, for each of the goods. Providing more
than one option shall not be
allowed. All goods quoted by the Bidder must be
associated with item code and
names and with printed literature describing
configuration and functionality.
Any deviation from the printed specifications
should be clearly mentioned in the
offer document by the Bidder
Since as System Integrator, We are responsible to
meet the technical specification and SLA levels for
the entire technical Solution. In this regard we
understand that we shall propose multiple makes
which are technically equivalent and would meet
RFP requirements.
This will help the SI to offer a very competitive price
to the customer by taking aggressive risks on their
costs, which will totally benefit the customer. If only
one make is insisted the vendor does not support
the Si in times and therefore the costs go up
considerably.
For your Kind information, in almost all of the
government contracts there is a list of Compendium
of Suppliers approved for each of their item
required for the Project.This list is made part of the
contract.
During execution of the contract, the SI/Contractor
shall have to supply materials of makes/vendors
who are in that list only.
Hence we request you to kindly accept the same.
RFP Conditions prevails
480 Vol 3 Page 6 of 51
3.2. Obtaining of all statutory and other
approvals required for the performance of the
Services under this Contract. This may include
approvals/clearances, wherever
applicable, that may be required for execution
of this contract e.g. clearances
from Government authorities for importing
equipment, exemption of
Tax/Duties/Levies, work permits/clearances for
Bidder/Bidder’s team, etc
We understand that all statutory and other
approvals required for the performance of the
Services under this Contract is in bidder's scope
however we request LSCL to support in getting all
the clearance in time.
In case of delay due to any approvals & clearances
which are not attributable to the bidder, the
timelines shall be extended accordingly to complete
the project.
RFP conditions prevails
LSCL shall provide support in
getting clearance whereever
required on best effort basis
481 Payment Schedule
We requet you to ammend the payment schedule as
follows as it will help us in maintainig the cashflow
for the project,
RFP conditions prevails
482
Upon approval of SRS,FRS & SDD document by
the authority :T+1 Months : 10% of contract
value
Upon approval of SRS,FRS & SDD document by the
authority :T+1 Months : 20% of contract value on
pro-rata basis.
RFP conditions prevails
483
Phase I Operationalization & Go Live Acceptance
by the authority : T + 3 Months : 30% of contract
value
Phase I Operationalization & Go Live Acceptance by
the authority : T + 3 Months : 35% of contract value
on pro-rata basis.
RFP conditions prevails
484
Phase II Operationalization & Go Live
acceptance by the authority : T + 6 Months :
30% of contract value
Phase II Operationalization & Go Live acceptance by
the authority : T + 6 Months : 35% of contract value
on pro-rata basis.
RFP conditions prevails
485
Operations & Maintenance phase for a period of
60 months from the date of Go Live of the last
solution : T1 + 60 Months : 30% of Contract
Value in equal quarterly instalments
Operations & Maintenance phase for a period of 60
months from the date of Go Live of the last solution
: T1 + 60 Months : 10% of Contract Value in equal
quarterly instalments.
RFP conditions prevails
486 General New Clause proposed,
In order to have better working capital for the
project we propose an Assignment clause as below
to be included in the Payment Schedule, which shall
allow us to factor the bill with financing institution,
and therefore enable us to participate in the
Tender.
Assignment Clause (new Clause proposed) :
“The Contractor shall not, without the express prior
written consent of the Employer, assign to any third
party the Contract or any part thereof, or any right,
benefit, obligation or interest therein or there
under, except that the Contractor shall be entitled
to assign either absolutely or by way of charge any
monies due and payable to it or that may become
due and payable to it under the Contract to any
Financial Institution(s) or Bank(s) or NBFC(s).
In the event the Contractor assigns the monies due
and payable to it or that may become due and
payable to it, under the Contract, to any Financial
Institution(s) or Bank(s) or NBFC(s), the Employer
shall acknowledge the intimation letter it may
receive from such financial institution(s) or Bank(s)
or NBFC (s). If the Employer does not reply within
15 days of the receipt of the intimation letter, it can
be considered as “acknowledged by the Employer”.
Furthermore the Employer will provide an indicative
date by when the funds will be released to the
Contractor as a measure of comfort for the
RFP conditions prevails
487 Vol 1 Page 34 of 104
The bidder that has quoted the lowest Total
Price (Capex price + Opex price)
shall be awarded the contract. For the purpose
of arriving at L1, prices
inclusive of any applicable taxes and levies etc.
will be considered.
RFP Conditions prevails
488 Vol 3 Page 16 of 51
All payments agreed to be made by Authority to
SI in accordance with the Bid shall
be inclusive of all statutory levies, duties, taxes
and other charges whenever
levied/applicable, if any, and Authority shall not
be liable to pay any such levies/
other charges under or in relation to this
Contract and/or the Services.
RFP Conditions prevails
Vol 2 Page 185 of 245
Kindly confirm that any stauatory variation in
taxes/duties would be payable at actuals by client
as this is not under bidder's control.
489 Vol 2 Page 18 of 245
The MSI shall directly interact with electricity
boards for provision of electric supply at all
desired locations including any Field
Infrastructure solution mentioned in the RFP
document. The Lucknow Smart City shall
facilitate, if any documentation is required from
its Side. The MSI will submit the bill for
reimbursement on quarterly basis to the
Lucknow Smart City Limited.
We understand that MSI would be responsible for
One time connection charges as well as recurrent
charges for electricity consumed and authority will
reimburse on quarterly basis . Kindly confirm that
payment from the authority would be done within
15 days of submission of documents.
We also understand that recurring charges for
electricity shall not be included in Bidder's price.
Kindly confirm.
RFP conditions prevails
490 Vol 1 Page 36 of 104The sole bidder or lead bidder /consortium
partner should have CMM level 5.
We request you to consider the credentials of
subsidiary company.
"A parent company/firm shall be allowed to use the
credentials of its subsidiaries provided, the stake of
the parent company is more than 50% and
satisfactory documentary proofs establishing the
relationship and stake are submitted."
Please refer to the corrigendum 6
491 Vol 1 Page 36 of 104
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
We request you to ammend this clause as below,
The Bidder (any member in case of consortium)
shall have successfully executed at least two (2)
projects related to implementation of Integrated
Operations Centre/Command and Control Centre
integrating at least three (3) different city/campus-
wide applications/sensors at the command and
control centre for a city wide / campus wide
deployment having a minimum value of INR 10
crores per project during last seven (7) years.
RFP Conditions prevails
492 Vol 1 Page 35 of 105
2. The Sole Bidder or the Lead Bidder and all
other Members of Consortium:
Audited financial statements for the last three
financial years Certificate from the Statutory
Auditor on turnover details from the “specific
business areas” over the last three (3) financial
years
we request you to ammend the clause as follows,
"The Sole Bidder or the Lead Bidder and all other
Members of Consortium:
Audited financial statements for the last three
financial years Certificate from the Statutory
Auditor/ CA on turnover details from the “specific
business areas” over the last three (3) financial
years"
RFP Conditions prevails
493 Vol 3 Page 8 of 51
9.4. The Authority reserves the right to review,
approve and require amendment of the terms of
the Consortium Contract or any contract or
agreements entered into by and between the
members of such Consortium and no such
agreement/contract shall be executed,
amended, modified and/or terminated without
the prior written consent of the Authority. An
executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
Since Lead bidder shall be single point of contact for
the execution of the project, we request you to
remove this clause from contract document.
RFP Conditions prevails
494 Vol 1 Page 39 of 104
CMMi Certification : Sole Bidder or Lead Bidder
of the Consortium: Certificate from competent
authority
Please refer to the corrigendum 6
495
Vol2_RFP
DATA CENTER
SPECIFICATION-
Server Load
Balancer
Specifications
141 Server Load Balancer - application transaction visibility/analytics
load balancer being AFE appliances offer application
availability and performance optimization, however
next generation load balancer solutions does offer
transaction level visibly that will help department to
quantify application performance in real time.
moreover application visibility and analytics solution
does provide performance metrics that help
application and network teams to identify and fix
the root cause of application and network issues -
one of the key requirements to host and manage
dynamic applications through load balancers. it is
highly recommend that server load balancer should
have end user transaction visibility module from day
one and should be from different OEM (not from
ADC). to meet the performance requirements this
module should run as dedicated virtual function on
LB platform with dedicated hardware resources with
minimum requirements mentioned below.
The solution should, at a minimum, provide
following measurements with 5gbps of throughput:
- Service usage by user, server, port and URL
- Counts of slow and fast transactions
- End-to-end transaction time
- End-to-end data transfer time
- Server response time
- HTTP redirect time
- Network round-trip time from the measurement
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
496 Vol. 2 29
MSI should also continuously monitor all the
infrastructure/Servers/Routers/etc which has
been built as part of this RFP
Does Network monitoring tools / EMS applications
requiredRFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
497 vol.2 (section2.3.1) 30
The portal shall be designed to present Smart
Parking, Transport Management, Solid Waste
Management, and Vehicle Tracking
Management and other already implemented
umbrella for an enhanced user experience and
administrative control.and upcoming solutions
data under one
The mentioned application will be hosted in
Centralized command center or only the
intergartion required.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
498 vol.2 (section 2) Variable Message Sign boardWhat if there is a power Failure is there any UPS or
othere power source required.RFP conditions prevails
499 vol.2 (section 3)
MSI shall also be responsible for dismantling
temporary command and control
centre as and when final ICCC is finalized.
Shifting of existing equipment from temporary
to final location shall also be under the scope of
MSI.
Permanent ICCC will be a new constructed building
or the rented one. And who will own the rent or
construction cost.
RFP conditions prevailsLSCL is Constructing its own
Building
500 vol.2 (section 3) 31The mobile app has to be developed for
Android, iOS and Windows platforms.
Is the development of mobile app in windows
platforms required as there is not much smart
phone using windows plaeform.
Please refer to the corrigendum 6
501Vol-
2/Pg.18/245,Pt#28
The MSI shall directly interact with electricity
boards for provision of electric supply at all
desired locations.
►who will be the custodian and who will pay
monthly bills.RFP conditions prevails
502Vol-
2/Pg.18/245,Pt#29
All existing road Signs which are likely to be
affected by the works are to be carefully taken
down & stored.
►who will take the ownership for safety and
security of removed items. Who will provide
shade/godown/store/space for safe keeping.
RFP conditions prevails MSI has to take the ownership
503Vol-
2/Pg.18/245,Pt#31
Prior to starting the site clearance, the MSI shall
carry out survey of field locations for buildings,
structures, fences, trees, existing installations,
etc. The Lucknow Smart City shall be fully
informed of the results of the survey and the
amount and extent of the demolition and Site
clearance shall then be agreed with the LSCL.
►what is the time frame for clearance/approval
and how MSI will raise invoice.RFP conditions prevails
504
►Who will bear ROW cost for cable layout and
other civil works.who will pay for the rent of
building if required.
RFP conditions prevails
505►Required no. of boards are not mention as per
Annexures-4.RFP conditions prevails
506Vol-
2/Pg.23/243,Pt#2.2
Variable Message Sign Board:The VaMS boards
shall be viewable from a distance of 100m and
various angles on the road. For installing VaMS
Signboards, the SI shall provide Gantry with
spans, as required at various locations (Single
lane road, double lane road). Spans need to be
specified depending on the number of lanes
that need to be bridged. SI shall consider
additional space for lateral clearance as well as a
vertical clearance height as per NHAI (National
Highway Authority of India) guidelines.
►Needs calirification about quantity of Variable
sign board because as per mention crossing name
more than one roads are approaching/diverging.
(Refer Annexure-5)
RFP conditions prevails
507►Who will provide last mile connectivities from
various locations of proposed systems. RFP conditions prevails
MSI is responsible for last mile
connectivity
508
►Who will provide hardware interface with power
backup and which type of hardware will require for
different different type of systems.
RFP conditions prevails
509
►location details will require for different systems
before to consideration/plan for integration
because no. of locations for individual system will
effect on BOM,Capex and Opex cost.
RFP conditions prevails
510Vol-
2/Pg.29/243,Pt#2.3
Scope of work: MSI shall be responsible for
complete installation of temporary command
and control centre which also includes all civil,
mechanical, electrical and interior works.
►Calarification required if required ,then who will
bear the cost of electrical work like cable & other
fittings in between Power house/transformer and
temporaray/permanent command & control room
Please refer to the corrigendum 6
511Vol-
2/Pg.32/243,Picture
Illussion view of CCC: Dimension details are not
available
►Dimension details will require for interior work &
Aircondition BTU consideration.Please refer to the corrigendum 6
512Vol-
2/Pg.40/243,Pt#27
Functional Description,Integration Capabilities:
For example, if the City wants to deploy Smart
Parking solution, this platform should have the
ability and provision to write adaptors which
interface with the parking sensors or
management software of the parking sensors to
collect parking events, data and alerts and
notifications from the devices and their
software managers.
Clarification is require for no of future
parking,location of parking apart from 3 locations
mentioned in RFP namely-Jhande Park-Lalbagh,
Dayanidhaan Park-Lalbagh & Jhandewala Park-
Aminabad,no. of sensors at individual locations
because commecial will involve for the provision of
required hardware/network and scope of
maitenance with Capex/opex cost.
RFP conditions prevails
513
Vol-
2/Pg.71/243,Pt#2.4.
9
Fire Detection and Suppression System
Clarification is require for implementation of fire
system at both location namely temporary
command center/permanent commant center
because we can not shift/resuse all line items during
setup of fire alarm system at permanent location.
Please refer to the corrigendum 6
514
Vol-
2/Pg.72/243,Pt#2.4.
13
Building Management system
Clarification is require about etc. means which type
of system(Airconditioning system,lighting
system,power management) should include in BMS
integration because cost will involve for licence and
hardware also.
Please refer to the corrigendum 6
515Vol-
2/Pg.74/243,Pt#3.2
ICT Enabled Solid Waste
Management:Functional Requirements:Solid
Waste Management will be required to be
integrated with Lucknow Command & Control
Center to receive real-time feeds of the of waste
collection vehicles, status of sensor based bins.
These feeds will be utilized in Analytical layer to
help administration monitor its assets and do a
better planning and also will implement the SoP
to fulfil the use cases.
Clarification is require for intigration: MSI will take
the feed from a single dash board or take the feed
from individual sensors/vehciles from all locations.
RFP conditions prevailsMSI has to study and integrate the
existing system
Vol-
2/Pg.28/243,Pt#2.3
Centralized Command & Control Centre: It will
be a common facility from where various smart
components shall be operated and monitored
such as smart Signals, smart vehicles, Smart
street lights, smart parking, city Surveillance,
solid waste bins & Vehciles etc.
Vol-
2/Pg.19/245,Pt#2
Implement, View & Operate >Environmental
Sensors:
516Vol-2/Pg.76 to
77/243,Pt#3.4
Energy Efficient Street Lighting Solutions:
Functional Requirements>Services>The ICCC
should aggregate various data feeds from light
sensors and systems further process information
out of these data feeds to provide interface
/dashboards for generating alert and
notifications in real time.
Clarification is require for no of future street light
sub station cabinets,location of cabinets,no. of
sensors at individual locations because commecial
will involve for the provision of required
hardware/controller/network and scope of
maitenance with Capex/opex cost.
RFP conditions prevailsMSI has to study and integrate the
existing system
517Vol-
2/Pg.77/243,Pt#3.5
Intelligent Traffic Management System
>Functional Requirements:As soon as the
Technical Service Provider of the Integrated
Traffic Management will complete the work of
Integrated Traffic Management project, The
Master System Integrator who will be selected
under the scope of work of this RFP has to
integrate the Integrated Traffic Management
Systems to Lucknow Control and Command
Centre and also will implement the SoP to fulfil
the use cases.
Who will provide last mile connectivities from traffic
management control room and required
interface/network hardware. Scope of Capex &
Opex cost.
RFP is Self Explanatory
518Vol-2/Pg.83 to
84/243,Pt# 3.2
Biometric Attendance System of Sanitary
Workers >Functional Requirements: As soon as
the IT agency of the Lucknow Municipal
Coorporation will complete the work of Aadhaar
Based Attendance System, The Master System
Integrator who will be selected under the scope
of work of this RFP has to integrate the
Biometric Attendance Management System of
Sanitary Workers to Lucknow Control and
Command Centre and also will implement the
SoP to fulfil the use cases. The Integration of the
Biometric Systems will be utilized in Analytical
layer to help administration monitor the
services offered by its employees and do a
better planning.
location details will require before to
consideration/plan for integration because no. of
locations for individual system will effect on
BOM,Capex and Opex cost.
RFP conditions prevailsMSI has to study and integrate the
existing system
519 GeneralSupply of work station,laptop,printer and other
hardware those are mention in RFP-Vol2
Bill of materials are not found as per requirement. It
will impact on selection of vendor selection as per
there consideration of quantity.
Please refer to the corrigendum 6
520 RFP Vol_2, Servers 135
Network interface:
• 2 X 20GbE LAN ports for providing Ethernet
connectivity
• Optional: 1 X Dual-port 16Gbps FC HBA for
providing FC connectivity
Network interface:
• 2 X 10GbE LAN ports for providing Ethernet
connectivity
• Dual-port 16Gbps FC HBA for providing FC
connectivity
Or Equivalent Bandwidth if bidder is proposing
converged adapter.
Justification : We should have both the option open
either LAN & SAN separate or converged.
Please refer to the corrigendum 6
521RFP Vol_2, Primary
Storage137
Cache : Minimum 128 GB of useable cache
across all controllers. If cache is provided in
additional hardware for unified storage solution,
then cache must be over and above 128 GB.
Cache : 16 GB or higher as per the solution
requirement in terms of performance and SLA.
Justification: Let bidder should decide the cache
required for the offered solution.
RFP conditions prevails
522RFP Vol_2, Primary
Storage137 Solution/ Type: IP Based/iSCSI/FC/NFS/CIFS Pls specify speed of the protocols RFP conditions prevails
523RFP Vol_2, Primary
Storage137
Storage:RAID solution offered must protect
against double disc failure.
Pls suggest if we can propose solution with RAID 5
also as it will more usable capacity with in same
number of disk drives.
RFP conditions prevails
524RFP Vol_2, Primary
Storage137
Storage:
Disks should be preferably minimum of 3 TB
capacity
3 TB Disk is End of Life. Pls change it to 4 TB or
more.Please refer to the corrigendum 6
525Vol_2_RFP : WAN /
Internet Router132 Routing protocols of RIP, OSPF, and BGP.
Request to incorporate MPLS, MPLS L2 VPN, MPLS
V3 VPN protocol for integration with service
providor and private network infrastructure
securely.
Please refer to the corrigendum 6
526Vol_2_RFP : WAN /
Internet Router132
Protocol Support : Must have support for
TCP/IP, PPP, X.25, Frame relay and HDLC
Request to remove legacy X.25 protocol used for
low speed Serial WAN connectivity Please refer to the corrigendum 6
527
Vol_2_RFP : WAN /
Data Centre TOR
(Top of the Rack )
Switch
135 Dual load sharing AC and DC power supplies
Request to consider Dual load sharing AC or DC
power supplies as either of power source, AC
required to power the switch and AC and DC type
power supplies can't be used for load sharing.
Please refer to the corrigendum 6
528
Vol_2_RFP : WAN /
Data Centre TOR
(Top of the Rack )
Switch
134 Should support Ring protectionRequest to remove the feature as not relevant for
the ToR Switch typePlease refer to the corrigendum 6
529 Vol_2_RFP : SOW 169
Request to clarify the requirement of IoT Wireless
sensors and User device (Laptop, Phone) WLAN
connectivity to Command and Control Centre
Platform and data security requirements
RFP conditions prevails
530 Vol_2_RFP : SOW 169
Request to clarify the requirement for API
connectivity requirements to Wired and Wireless
Data network
RFP conditions prevails
531 Vol 2 Page 37
Platform should be able to be deployed on a
public
cloud for disaster recovery
Requirement for deploying in public cloud is only for
DR site or also the primary site has to be on public
cloud also?
RFP conditions prevails
532 Vol 2 Page 39
The platform should also be able to bring in
other egovernance
data (SCADA systems) as i-frames in the
command and control centre dashboard
Does SCADA systems already exist and here vendor
has to do only perform the integration with ICCC
and Smart City platform?
RFP conditions prevailsMSI has to study and integrate the
existing system
533 Vol 2 Page 40 Edge Computing support
Edge Compute Gateway is provided by use case and
application developer providers or it has to be
supplied by HPE apart from ICCC and Smart City
platform>
RFP conditions prevails
534 Vol 2 Page 42
All system messages (notifications, alerts and
alarms) should always visible from the
Notifications view,
which provides controls that operator can use to
sort and filter the messages that it displays.
There is no need to integrate with any existing
SNMP/OSS servers here?, we need to show all
alerts/alarms in CCC - Visualization Layer only is that
correct understanding?
RFP conditions prevails
535 Vol 2 Page 43
System should support LDAP to be used as an
additional data store for user management and
authentication.
Is there a need for external / existing LDAP, or the
default plaform LDAP support would be applicable?RFP conditions prevails
536 Vol 2 Page 47
The platform should allow stakeholders to
participate in the web conferencing session
using any means including smart phones,
laptop computers, PSTN telephones,
enterprise desk phones etc.
Does vendor need to quote for IP-PBX or Centrex
capability or we need to integrate from ICCC +
Smart City Platform to integrate with existing IP-PBX
and PSTN netwotk for Voice and Web calling
sessions?
RFP conditions prevails
537 Vol 2 Page 48
System should allow integration of business
process
in ERP workflows like property tax collection etc.
Please confirm the verion, interfaces for ERP
Integration with ICCCRFP is Self Explanatory
538 Vol 2 Page 50
Analytics Engine module should have below
intelligence capabilities;
a) Advanced Predictive Analytics should be part
of
the solution.
We understand Analytics would be part of the
application domain and existing use cases provided
or going to be deployed
RFP conditions prevails
539 Vol 2 Page 54
Outsourced SW Development: Platform should
have
appropriate controls in place to detect source
code
security defects, functionalities for any
outsourced
software development activities from suppliers,
open
source libraries
This is generally provided by application provider or
an independent tools for SW validation, this
shouldn’t be part of Smart City or ICCC platform?
Please clarify on this more what is the ask?
RFP conditions prevails
540 Vol 2 Page 59ICCC solutions should have a SMS gateway for
sending messages to citizens.
Does SMS Gateway can be offered on Cloud (3rd
Party) that’s what our understanding is and it would
have integration to ICCC and IoT platform provided
by us?
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
541 Additional queries How many racks are required. RFP conditions prevailsBidder to Propose as per the
Technical Architecture
542 Additional queries Dimensions of the racks required will be (600 X 1000
X 42U or 800 X 1000 X 42U etc)RFP is Self Explanatory
543 Additional queries What will be the Maximum rated load per rack. RFP conditions prevailsBidder to Propose as per the
Technical Architecture
544 Additional queries Power billing type : Rated or metered? RFP conditions prevailsBidder to Propose as per the
Technical Architecture
545 Additional queries Is Cage required around these racks? RFP conditions prevails
546 Additional queries Is biometric access /card reader is required on the
cage?RFP conditions prevails
547 Additional queries
Our shared CCTV system keeps 30 days cctv footage.
Does this suffice or you need dedicated camera and
DVR/NVR for the cage?
RFP conditions prevails
548 Additional queries How many cross connects are required? RFP conditions prevails
549 Additional queries Types of cross connects required : Fiber or
Ethernet/copper?RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
550 Additional queries Who will provide the racks, if SP, then do you have
any Rack OEM preference.RFP is Self Explanatory
551 Additional queries
Any inter rack cabling in the scope, if yes, then the
cabling diagram and other details needs to be
shared.
RFP conditions prevails
552 Additional queries
Acceptance for bandwidth will be site wise and
acceptance criteria will be ping test to DC-DR and
will be independent of acceptance for the project
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
553 Additional queries
Please confirm the scope for connectivity ( MPLS &
internet for including sim cards & Bulk message
requirement
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
554 Page 17 iii
Size and provision the WAN bandwidth
requirements across all locations considering
the
application performance, data transfer, DR and
other requirements for smart city
initiatives.
Please confirm the no of locations &with addresses
where the bandwidth has to be provided .This is
required for the feasibility of the locations
RFP is Self Explanatory
555 Page 17 iii
Size and provision the WAN bandwidth
requirements across all locations considering
the
application performance, data transfer, DR and
other requirements for smart city
initiatives.
Please confirm on how many locations Internet is
required & MPLS is required on how many locations
, please also confirm last mile & Uptime required
RFP conditions prevails
556 Additional queries what type of services will be running on mpls. RFP conditions prevails
557 Additional queries Please freeze MTTR and SLAs for bandwidth and DC Please refer to the Addendum 1
558 Additional queries What will be LD and SLA Penalty for bandwidth and
DC Please refer to the Addendum 1
559 Additional queries What will be payment terms for bandwidth RFP conditions prevails
560 Additional queries Is ROW/RI waived off. RFP conditions prevails
561 Additional queries
Apart from MPLS, bandwidth serivce provider will
not be configuring any security/encrytion anywhere
in the network.
RFP conditions prevails
562 Additional queries
As per TRAI guidelines bandwidth can not be resold
, hence we request for tripartite Agreement
between ISP, MSI & Department
RFP conditions prevails
563Vol 1, Section 3, PQ
Point No.235
The Sole Bidder or the Lead Bidder of
consortium should have an average annual
turnover of minimum INR 10 crore with
minimum average turnover of INR 5 crore from
one or more of the “specific business areas”
mentioned below over the last three financial
years and, in case of a Consortium, the average
annual turnover for each of the consortium
members over the last three Financial Years
should be INR 2.5 crore or more from one or
more of the “specific business areas” mentioned
below:
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
The annual turnover should be more.
he Sole Bidder or the Lead Bidder of consortium
should have an average annual turnover of
minimum INR 80 crore with minimum average
turnover of INR 50 crore from one or more of the
“specific business areas” mentioned below over the
last three financial years and, in case of a
Consortium, the average annual turnover for each of
the consortium members over the last three
Financial Years should be INR 25 crore or more from
one or more of the “specific business areas”
mentioned below:
Please refer to the corrigendum 6
564Vol 1, Section 3, PQ
Point No.736
The sole bidder or lead bidder /consortium
partner should have CMM level 5.
Printing Error: as CMM level 5 certificate is asked
from any of the bidder either Lead or consortium
hence certficate of any of the bidder should be
acceptable.
The Sole Bidder or the Lead Bidder or Consortium
Partner
1. Copies of valid certificates in the name of the
bidding entity
Please refer to the corrigendum 6
565Vol 1, Section 3, PQ
Point No.836
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
Experince of consortium partner should be consider.
The sole bidder or lead bidder or Consortium
Partner should have completed at least two projects
in Govt/ Semi Govt/ PSU; in the field of
development and integration of citizen centric web
portal / mobile app, database management /data
warehousing/ business analytics / cloud applications
on the date of release of NIT.
RFP Conditions prevails
566Vol 1, Section 3, PQ
Point No.936/37
The Sole Bidder or any consortium member (in
case of consortium) should have experience of
Operation and maintenance of network
comprising software, ICThardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
The Sole Bidder or any consortium member (in case
of consortium) should have experience of Operation
and maintenance of network
comprising software, ICThardware of minimum
project value of INR 10 Crore per year in the last
three years on the date of issue of NIT.
RFP Conditions prevails
567Vol 1, Section 3, TQ
Point No.A39
Average annual turnover from “Specific
Business Areas” as mentioned below for Sole
bidder or Lead bidder (in case of consortium)
over the last three Financial years
Marks shall be allotted as given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore
= 6.5 marks
•More than INR 20 Crore – up to INR 30 Crore =
6 marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
Experince of consortium memver should be consider
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or Lead
bidder or Consortium member (in case of
consortium) over the last three Financial years
Please refer to the corrigendum 6
568Vol 1, Section 3, TQ
Point No.A39
Marks shall be allotted as given below:
•CMM level 5 =3 marks
Certificate of consortium member should be
accepted.
Sole Bidder or Lead Bidder or Consortium Partner:
Certificate from competent authority
Please refer to the corrigendum 6
569Vol 1, Section 3, TQ
Point No.B139/40
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen
centric web portal / mobile app components or
both having minimum value
of INR 15 crore in India during last five years as
on the date of release of RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Experince of consortium member should be
consider.
The Sole Bidder or lead member or Consortium
Partner (in case of consortium) should have been
awarded and successfully executed &
commissioned project(s) related to development
and integration of citizen
centric web portal / mobile app components or both
having minimum value
of INR 15 crore in India during last five years as on
the date of release of RFP.
Please refer to the corrigendum 6
570Vol 1, Section 3, TQ
Point No.B241
The Sole Bidder or lead member (in case of
consortium) should have experience in the
field of City centric software Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Experince of consortium should be consider
The Sole Bidder or lead member or Consortium
Partner (in case of consortium) should have
experience in the field of City centric software
Integration Projects Marks shall be allotted as
below:
Please refer to the corrigendum 6
571Vol 1, Section 3, TQ
Point No.B342
The Sole Bidder or lead member (in case of
consortium) should have
experience in developing and implementing IT
software projects in India
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to
be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
.NET should be included in required technology and
experience of consortium member should be
consider.
The Sole Bidder or lead member or Consortium
Partner (in case of consortium) should have
experience in developing and implementing IT
software projects in India with Java /J2EE,
Application Servers like JBoss or similar, .Net
,HTML5/CSS3, mobile apps native languages
(Android, ioS, Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects have been executed
(documentary evidence to be provided as proof of
delivery) with the above mentioned technology
stack.
Please refer to the corrigendum 6
572Volume 2 Page
70/245 Pt no 2.4.6
UPS system shall provide a redundant power
supply to the following needs:
· Servers and important network and storage
equipment · Access control, Fire Detection
& suppression system and surveillance system
The system shall be automatic with power
supply from the mains and automatic
switchover to DG set as secondary source for
the Data Center. The specifications of UPS are
provided in this RFP.
Need clarification about type of loads such as Data
Center load, general lighting load,lighting system for
ICCC only,workstation load & etc in terms of KVA
Please refer to the corrigendum 6
573Volume 2 Page
235/245 Pt no 16
b) KVA rating as per the requirement to provide
the supply for KICCC
Need clarification about type of loads such as Data
Center load, general lighting load,lighting system for
ICCC only,workstation load, AC load & etc in terms
of KVA
RFP conditions prevailsBidder to Propose as per the
Technical Architecture
574
2.29 Eligible Goods
and Services, and
OEM Criteria Vol 1
Page No : 34
h. The bidder’s proposed OEM(s) for the
following solutions must be included in
the Gartner magic quadrants (in either Leaders
or Challengers quadrant) as on
the day of submission of bid. Gartner Reports
released in the last 1 year to be
referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
Request customer to allow OEM(s) who are Leaders
or challengers or Visionaries from Gartner’s MQ for
Data Center Networking
The Requirement of Lan switches is for Data centre
RFP conditions prevails
575
Data Centre TOR
(Top of the Rack )
Switch Volume 2
Page No : 135Resiliency:
• Dual load sharing AC and DC power supplies
The Switch support dual AC or Dc power supplies in
data Centre .
Request for clarification Please refer to the corrigendum 6
576
RFP Volume 2 ,
Section 4.1 :
Geographical
Information System
(GIS) & GIS City
Portal
Subsection :
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
Page No : 87
3: SAN Storage : Dual Controller, Fiber Channel
based storage with
16TB(8*2TB HDD), Scalability to 24 drives within
the same enclosure
Request you to please clarify:
1: Useable Capacity Required.
2: Required Performance parameter like required
IOPS.
3: Required Cache across controllers
(Recommended to have at least 48 GB Cache across
dual controller)
RFP conditions prevails
577
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Disaster
Recovery (DR) Site
Page No : 120
Disaster Recovery Site will be on Meghraj cloud
platform (National Informatics Centre) with
100% uptime.
Please Clarify is required storage with relevant
Capacity & Performance (IOPS) is to be provisioned
by SI or it will be provided by NIC Meghraj Cloud.
If it has to be provisioned by NIC Megraj Cloud then
please confirm the Availability of Storage Capacity
at NIC Meghraj Cloud along with the details of
Storage (Make & Model) from which NIC Meghraj
cloud will allocate the required capacity since DR
Storage has to compatible with DC Storage.
RFP conditions prevails
578
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Disaster
Recovery (DR) Site
Page No : 121
Both DC and DR Site shall work in an Active-
Active mode.
Please clarify is the required functionality of Active
Active DC & DR is required for some selected set of
application with the availability of this functionality
at application level. If yes please clarify the list of
applications with native functionality support of
Active Active DC & DR.
RFP conditions prevails
579
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Disaster
Recovery (DR) Site
Page No : 121Zero RPO (Recovery Point Objective) and RTO
(Recovery Time Objective) of 10 minutes.
Please clarify is the required functionality of Zero
RPO is required for some selected set of application
with the availability of this functionality at
application level or is this requirement for all
applications.
If is it required for all applications then it will be a 3
Site Storage solution with Primary Site ( Lucknow
SDC ) , Near Line Site (Please confirm the Site ) & DR
Site ( NIC Meghraj).
RFP conditions prevails
580
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Primary
Storage
Page No : 137
Storage:
Storage Capacity should be minimum 5 TB
(usable, after configuring in offered RAID
configuration)
Disks should be preferably minimum of 3 TB
capacity
Request you to please clarify:
1: Please confirm is 5 TB is storage capacity required
or else please clarify the useable Capacity Required.
2: Required Performance parameter like required
IOPS.
3: Please confirm if lower capacity Disks can be used
since disk capacity of 3 TB normally comes in NL SAS
disks which are not performance driven disks.
RFP conditions prevails
581
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Primary
Storage
Page No : 137Storage:
RAID Support : RAID 0, 1, 1+0, 5+0 and 6
Request you to please re-look at RAID requirement
since RAID 1+0 & 5+0 are non standard RAIDs.
Industry recognized RAIDs are RAID 0, 1, 5, 6 & RAID
10 ; any combination of RAID levels can exist in
single array
RFP conditions prevails
582
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
Page No : 57Perform backup verification to ensure integrity
of backup
Kindly change the specification to “Perform backup
verification for all backed up data to ensure
integrity of backup without restoring the data from
disk based backup appliances.”
Justification: Backup verification by restoring the
data can take a lot of time and resources, an
appliance should be proposed which can validate
the integrity of all backed up data without restoring
it, hence saving time and effort.
RFP conditions prevails
583
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
Page No : 57Support full, incremental, scheduled and on-
demand backups
Support full, incremental, scheduled,
on-demand backups, block based backups for
LINUX, WINDOWS, VMWare, Hyper-V, Exchange.
Justification: Block based backups allow faster
backups and restore for large file systems without
exerting any effort on the underlying systems.
RFP conditions prevails
584
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
Page No : 57
Provide additional programs and utilities
for the purpose of backup and recovery
and administration
Kindly change the specification to “Provide
additional programs and utilities
for the purpose of backup and recovery and
administration and should support data transfer
from clients to target device (tape, disk or object
storage) without need of a media server ever.”
Justification: The following specification allows cost
effective deployment of backup environment for
the solution. With growth of data more media
servers are required to send the data to the target
devices, the following specification asks vendors to
provide intelligent capability of sending data from
clients to the target media without need of media
servers ever, hence reducing costs, management
and administration of backup environment.
RFP conditions prevails
585
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery,Point 95
Page No : 141
Supported Backup Software: Should support
industry leading backup software such as Veritas
NetBackup.
Supported Backup Software: Should support
industry leading backup software such as DellEMC
NetWorker , Veritas NetBackup etc.
Please refer to the corrigendum 6
586
RFP Volume 2 ,
Section 5.2: Data
Center and Disaster
Recovery
Subsection: Backup
and
Recovery
NA
1. RFP mentions archival specifications which are
generic, clarification is required as to what needs to
be archived files, mails etc.
2. 4. RFP mentions that there are three
environments Prod, Dev, DR is backup required for
all ? since these are different environments
(logically and physically separated as per RFP) what
is the amount of data that has to be protected at
each site.
3. 6. On page 139 “Retrieval time for any data
stored on secondary storage should be max. 4 hours
for critical data & 8 hours for other data. This would
be taken into account for SLA calculation. (Critical
data means any data needing urgent attention by
the Judicial System or by Police Dept. for
investigation / terrorist treat perception).”
Requesting for information on amount of critical
data which may be needed to be restored in 4 hours
since restore times depend on amount of data,
network and restore location.
RFP conditions prevails
587
Volume-2, Section
5.2 Data Center and
Disaster Recovery,
Subsection : Servers
Page No : 135
• Latest series/ generation of 64 bit x86
processor(s) with Ten
or higher Cores
• Processor speed should be minimum 2.4 GHz
There is no deviation on this but we need clarity,
the specs are for E5-2640V4 CPU which is not the
latest generation now, the replacement CPU is 4114
it will have 10Core but 2.2 Ghz
RFP conditions prevails
Minimum Specifications are given,
bidder may propose higher
configuration as per the SLA
588
Volume-2, Section
5.2 Data Center and
Disaster Recovery,
Subsection : Blade
Chassis
Specifications
Page No : 136
Dual network connectivity of 10 G speed for
each blade server for redundancy shall be
provided
Two hot-plug/hot-swap, redundant 10 Gbps
Ethernet or FCoE module with
Need clarity are they looking for 4x10G switches or
only 2x 10G switchesRFP conditions prevails
589Volume 2, 13
ANNEXURE 2Page No : 221
Client Workstations : Nvidia GeForce GT430 PCIe
Nvidia GeForce GTX460 PCIe
or faster.
Asked Graphics card are Nvidia GeForce GT430 PCIe
or Nvidia GeForce GTX460 PCIe. GeForce are
consumer series graphics card meant for gaming.
Request you to kindly change this to 1GB
professional series AMD/Nvidia graphic card
RFP conditions prevails
590Volume 2, 13
ANNEXURE 2Page No : 228
Monitoring Workstations : SMPS; Minimum 400-
watt Continuous Power Supply with Full
ranging input and APFC. Power supply should be
90% efficient
with EPEAT Gold certification for the system.
Asked Power supply is Min 400 watt. Due to
technological advancement the equipment are
becoming more and more power efficent and
require less power, hence request you to kindly
chane this to Min 360 watt.
RFP conditions prevails
591Volume 2, 13
ANNEXURE 2Page No : 228
Monitoring Workstations : EPEAT Gold
certification for the system.
Asked is EPEAT Gold Certification, We request you
to kindly change this to EPEAT SilverRFP conditions prevails
592Volume 2, 13
ANNEXURE 2Page No : 227
Monitoring Workstations : BIOS controlled
electro-mechanical internal chassis lock for the
system
Asked is BIOS controlled electro-mechanical internal
chassis lock for the system which is OEM specific,
we suggest external locking arrangement which is
better controllable and cost effective
RFP conditions prevails
593 Vol2 Pg.120-121/245
Disaster Recovery Site will be on Meghraj cloud
platform (National Informatics Centre) with
100% uptime. The bidder has to work on
requirement of server configuration, Web
Server,
OS Platform, Environment as per the
requirement of the project. The authority will
help in
necessary documentation with National
Informatics Centre for Hosting. The MSI is
required to provision for a Disaster Recovery
(DR) Site same as of main Data Center (DC)
capacity & standard for Smart City Solution. The
DR site should not be in the same seismic
zone and should be at least 250 km from Main
DC site. DR site shall provision to cater to
100% load of the smart city system.
1. Whether DR site will be on Meghraj datacentre or
any other location with active-active mode. Kindly
explore DR location and requirements.
2. Is there network security devices (i.e. Firewall and
antivirus solution) requires at DR site to protect
threads
RFP conditions prevails
594
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 2
2
The smart city integrated platform shall be able
to normalize the data coming from different
devices / instruments of various OEMs
Please provide details regarding the estimated
number of such devices/instruments, avergae
packet size generated by these and frequency (per
sec, per min, etc.) at which data will be generated
by these.
RFP conditions prevails
595
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 48
48
The platform should have capability to provide
access to real time data and historical data from
various connected devices for reporting and
analytics.
Please provide details on the estimated size of the
data generated by all the devices/instruments that
will be required for reporting and analytics. Provide
yearly growth estimates and data retention period.
RFP conditions prevails
596
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 22
22Enabling analytics: Time shifted and real-time
data available for big data and analytics
In practice, some KPIs/functionalities would require
near real-time monitoring/alerting while others may
work fine with sizable latency. Please provide
details of the functionalities that will require real-
time monitoring/alerting and what is the acceptable
lowest common denominator.
RFP conditions prevails
597
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 48
48
The platform should have capability to provide
access to real time data and historical data from
various connected devices for reporting and
analytics.
Please provide details on estimated number of
internal users accessing these reports. Also mention
how many of these will be power users.
RFP conditions prevails
598
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 48
48
The platform should have capability to provide
access to real time data and historical data from
various connected devices for reporting and
analytics.
Will there be a requirement to publish some of
these reports on citizen portal? If yes, please
provide details on the nature of these reports - real-
time or historical?
RFP conditions prevails
599
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 56
56
The platform should also have the capability to
read data directly from a set of databases
(HBase, Mongo DB, Oracle, Cassandra, MySQL,
Impala). To connect to any of the databases
information on how to connect should be
provided.
Please provide details on the estimated data
volume, year-on-year growth percentage and data
retention period for this ERP data.
RFP conditions prevails
600
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 60
60The solution should have predictions with
measurable accuracy of at least > 70%
Accuracy of the models depends on various factors,
including but not limited to, quality and correctness
of data, amount of historical data available for ML
and nature of constraints. In view of this, accuracy
of > 70% can be assured only after the MSI analyses
the data sets. Consider modifying the clause.
RFP conditions prevails
601
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" point # 58
on page 60
60 General query
In-database analytics improves the overall efficiency
of analytics and AI by running complex algorithms,
built either using R or Python, in-place where data
resides. Thereby, eliminating the need to transport
large volume of data between systems.
We recommend that following requirement should
be included in the RFP section:
"The solution should provide in-database analytics
capabilities using open source technologies such as
Python and R"
RFP conditions prevails
602
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
114
The Disaster Recovery Centre (DRC) will be the
cloud platform developed by the National
Informatics Centre.
Kindly consider using cloud for Disaster Recovery,
provisioned by a MEITY empanelled cloud service
provider - which can offer you cost-savings by
changing capital expenses to operational expenses.
RFP conditions prevails
603
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
115
There should be dedicated rack space available
in the data center for the entire Smart City
project Infrastructure.
Kindly consider hosting the smart city solutions on a
Meity empaneled Cloud Service provider having
virtually separated infrastructure.
RFP conditions prevails
604
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
119
Storage requirements for the application suite
shall have to be assessed by the SI and
the storage solution shall be sized and procured
accordingly.
Kindly mention if any old/historic data also needs to
be stored.RFP conditions prevails
605
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
121Both DC and DR Site shall work in an Active-
Active mode.Please explain active-active mode in detail. RFP conditions prevails
606
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
123
The system should be capable of supporting at
least 100 thousand
network flow per second on single server with
capability to capture each
unique traffic conversations
Kindly explain the statement in more detail. RFP conditions prevails
607
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
125
The proposed solution must have suitable
system level backup mechanism for
taking backup of NM data manually of at least
one month.
Kindly explain the system level backup mechanism
in detail.RFP conditions prevails
608
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
140 Tape librarayKindly consider using cloud service for Data backup
and retention.RFP conditions prevails
609
Vol 2, Section 5.2
"Data Center and
Disaster Recovery"
114 General query
Kindly consider for DC & DR of smart city
applications- a cloud platform which gives benefits
like- hyper-scalability of infra, image mobility, low
capital expenses, pay as you go, less overhead for
management, flexibility to increase/decrease
infrastructure.
RFP conditions prevails
610Vol 2, Section 5.3
"Data Security"148
Care shall be taken while transmitting
confidential information over public
networks to other government agencies with a
prior permission from the
concerned authority.
We request that you consider a solution that
encrypts the data during transit as well as in the
data cener to ensure these security requirements.
Request you to also provide more details on the
medium used to transmit data across government
agencies.
RFP conditions prevails
611Vol 2, Section 5.3
"Data Security"152 NIPS
For NIPS solution, consider using cloud based
solution which can do hybrid monitoring.RFP conditions prevails
612Vol 2, Section 5.3
"Data Security"154
The centralized management server must be an
appliance based on a harden
OS shipped by default from factory and system
shall allow the latest update to
be manually, automatically or based on schedule
Request you to also consider using Microsoft
Deployment Toolkit or Windows Deployment
Services for deployment of OS images.
RFP conditions prevails
613Vol 2, Section 5.3
"Data Security"156
Customized sandbox solution should support
the following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
Windows XP, Windows Server 2003 and Windows
Server 2008 are out of support products. Consider
excluding these OS from the clause.
RFP conditions prevails
614
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The ICCC platform should provide an ability to
bring multiple stake holders on to a common
voice conference call as a standard operating
procedure in response configured events
Consider modifying the clause to- "The SI can select
a collaboration platform which is hosted in the OEM
datacentre & not necessarily to be in the Master
system integrator DC. The ICCC platform should
provide an ability to a person to bring multiple stake
holders on to a common PC based voice conference
call as a standard operating procedure in response
configured events."
RFP conditions prevails
615
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The stake holders can be on various types of
devices like computer, smart phones, tablets or
normal phones
Consider modifying the clause to- "The stake
holders can be on various types of devices like
computer, smart phones, tablets."
Please refer to the corrigendum 6
616
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The ICCC platform should have the capability to
bring in multiple stake holders automatically
into a common collaboration platform like
persistent chat rooms and virtual meeting
rooms in response to a SOP defined to handle a
particular event.
Consider modifying the clause to- "Basis SOP any
person of the team will bring in multiple stake
holders automatically into a common collaboration
platform like persistent chat rooms and virtual
meeting rooms in response to a SOP defined to
handle a particular event."
RFP conditions prevails
617
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The platform should allow the stakeholders to
be notified of the creation of collaboration
spaces using SMSs and announcements over
PSTN telephone calls.
Consider relaxing the clause to - "The platform
should allow the stakeholders to be notified of the
creation of collaboration spaces over email
notifications."
RFP conditions prevails
618
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The platform should allow stakeholders to
invoke a web conferencing session directly from
the collaboration space. The web conferencing
session should automatically include all
stakeholders in the collaboration space.
Consider modifying the clause to- "The platform
should allow stakeholders to invoke a web
conferencing session directly from the collaboration
space. The web conferencing session should provide
an option for all stakeholders in the collaboration
space to join in."
RFP conditions prevails
619
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The platform should allow stakeholders to
participate in the web conferencing session
using any means including smart phones, laptop
computers, PSTN telephones, enterprise desk
phones etc.
Consider relaxing the clause to- "The platform
should allow stakeholders to participate in the web
conferencing session using any means including
smart phones, laptop computers."
RFP conditions prevails
620
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The platform should allow the stakeholders to
access the collaboration spaces, participate in
conversations, share content, create web
conferences and control smart city devices from
any endpoint (smart phones, laptops and other
computers) and from any network location.
Consider relaxing the clause to- "The platform
should allow the stakeholders to access the
collaboration spaces, participate in conversations,
share content, create web conferences and control
smart city devices from PC endpoint (laptops and
other computers) and from any network location."
RFP conditions prevails
621
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Collaboration
46
The platform should allow the stakeholders to
be notified of the creation of collaboration
spaces using SMSs and announcements over
PSTN telephone calls.
Consider relaxing the clause to-"The platform
should allow the stakeholders to be notified of the
creation of collaboration spaces over email
notifications."
RFP conditions prevails
622
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General queryPlease specify the architecture of existing Active
Directory/LDAP forest.RFP conditions prevails
623
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system that gives a single login id-password for
accessing multiple apps and services. Please suggest
if you would like to go for synchronized identities to
on-premise or cloud AD/LDAP.
RFP conditions prevails
624
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system to restrict (Allow/Block/step up
authentication) access to SaaS based apps.
RFP conditions prevails
625
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system that enables Single Sign On to SaaS based
SAML 2.0 apps.
RFP conditions prevails
626
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system that enables you to restrict
(Allow/Block/Step up Authentication) access based
on risky sign-ins, Malicious IPs and Anonymous
logins in real time.
RFP conditions prevails
627
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system - that enables you to manage data flow of
LoB mobile apps. for eg: restricting copy paste
action to only managed apps
RFP conditions prevails
628
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using a authentication & authorization
system that allows you to give email access to users
only after mobile device enrollment.
RFP conditions prevails
629
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
Please specify if you have any company owned
devices to manage which you give out to
users.(Android, iOS and windows 10 devices)
RFP conditions prevails
630
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system that enables you to wipe data from devices
when device is unenrolled.
RFP conditions prevails
631
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
Please specify if there are going to be Linux client
machines in the centralize command and control
centre.
RFP conditions prevails
632
Vol 2, Section
"Functional
Requirement of
Command and
Control Centre
Platform" -
Authentication,
Authorization
36 General query
We suggest using authentication & authorization
system that gives users time based access to
administrators. Example- device management
admin, Help desk admins.
RFP conditions prevails
633
Volume 2, Section
2.3.1 "General
Requirements" of
Command and
Control Centre
Platform-Web
Portal & Mobile App
31 General query
Please clarify whether the portal required for
citizens will be different from the portal required for
Internal users.
RFP conditions prevails
634
Volume 2, Section
2.3.1 "General
Requirements" of
Command and
Control Centre
Platform-Web
Portal & Mobile App
31 General queryPlease specify if authenticated access to both the
portal & the app is required.RFP conditions prevails
635
Volume 2, Section
2.3.1 "General
Requirements" of
Command and
Control Centre
Platform-Web
Portal & Mobile App
31 General query
Consider adding the clause- "Internal Users should
be able to use it to store work files across multiple
devices with ease and security. "
RFP conditions prevails
636
Volume 2, Section
2.3.1 "General
Requirements" of
Command and
Control Centre
Platform-Web
Portal & Mobile App
31 General query
Consider adding the clause- "Internal Users should
be able to share selected files with colleagues as
needed, and edit Office documents together in real
time."
RFP conditions prevails
637
Volume 2, Section
2.3.1 "General
Requirements" of
Command and
Control Centre
Platform-Web
Portal & Mobile App
31 General query
Consider adding the clause- "Internal users should
be able to collaborate with online chatting and
online storing of content."
RFP conditions prevails
638
Volume 2, Section
2.3.1 "General
Requirements" of
Command and
Control Centre
Platform-Web
Portal & Mobile App
31 General query
Consider adding the clause "office documents
should open on a browser and users can edit the file
without opening these on client system"
RFP conditions prevails
639
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
We suggest using a data security solution with end-
point protection against malicious code execution as
well.
RFP conditions prevails
640
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Kindly clarify- why restoring Ransomware infected
files is needed since these files are already infected.
Instead, we suggest having a security system that do
you want the end-point to prevent any unknown
folder/file encryption processes (typical way of
ransomware attack).
RFP conditions prevails
641
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Request to consider a solution that gives ability to
native web-browser and OS to screen malicious and
untrusted websites and sandbox execution of
suspicious URLs or enable a read-only mode to
unverified websites
RFP conditions prevails
642
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Request to consider a solution that gives
virtualization-enabled security built-in in the end-
point OS
RFP conditions prevails
643
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Kindly mention if you have a security plan against
credential-protection. We suggest using a solution
that gives this ability.
RFP conditions prevails
644
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Request to consider a solution that gives protection
against physical drive loss via native drive
encryption in OS
RFP conditions prevails
645
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General queryRequest to consider a solution that gives network
protection capabilites in OS RFP conditions prevails
646
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Request to consider a solution that gives global
cloud-intelligence on advance threat to be
integrated with your OS and provide behavioral-
based alerting on a centralized dashboard for post-
breach scenarios
RFP conditions prevails
647
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Request to consider a solution that gives capabilities
of centralized APT breach monitoring with OS to
provide response capabilites like isolate file/ isolate
machine etc
RFP conditions prevails
648
Vol 2, Section 5.3
"Data Security"-
Endpoint protection
and storage
protection
150 General query
Request to consider a solution that gives machine-
learning based APT breach monitoring solution to
integrate with an SIEM solution (if used) or send
push notifications or email alerts
RFP conditions prevails
649 Volume I : 3.4.3 39
Stage 3: Commercial Evaluation
d. The bidder that has quoted the lowest Total
Price (Capex price + Opex price) shall be
awarded the contract. For the purpose of
arriving at L1, prices inclusive of any applicable
taxes and levies etc. will be considered.
The commercial evaluation must be on the basis of
QCBS, consisdering the fact that the RFP has an idea
of deployement for command and control centre
along with other systems which includes high
technical specifications which must be evaluated on
the quality basis as well. The QCBS bidding has a lot
of smart city tender referneces as well. The
proposed QCBS is 70:30.
Please refer to the corrigendum 6
650 Volume I : 3.4.3 41
Pre-Qualification Criteria
The sole bidder or lead bidder should have
completed at
least two projects in Govt/ Semi Govt/ PSU; in
the field of
development and integration of citizen centric
web portal /
mobile app, database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT.
This condition needs to be relaxed and should be in
sync with rest of the PQ criteria. PQ and TQ should
be free of bias. This condition should read:
"The sole bidder or lead bidder/consortium partner
should have completed at least two projects in
Govt/ Semi Govt/ PSU; in the field of development
and integration of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud applications
on the date of release of NIT."
Please refer to the corrigendum 6
651 Volume I : 3.5.1 46
3.5.1 Technical Bid Criteria & Evaluation
The Sole Bidder or lead member (in case of
consortium) should have
experience in the field of City centric software
Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
This condition needs to be relaxed and should be in
sync with rest of the PQ criteria. PQ and TQ should
be free of bias. This condition should read:
The Sole Bidder or lead member/consortium
partner (in case of consortium) should have
experience in the field of City centric software
Integration Projects having experience of
Integration of smart features like city wide Utility
SCADA System (Water/Power/ Sewerage/ Waste) ,
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
652 Volume II : 2.3 28
It will be a common facility
from where various smart components shall be
operated and monitored such as smart Signals,
smart vehicles, Smart street lights, smart
parking, city Surveillance, solid waste bins &
Vehciles
etc.
there are various ways to integrate with utilites
system however for real time integration the
CCC/IOE/ICCA platform need standrad OPC
connectivity like DA (Data access), AE (Alarm &
Events), HDA (Historical Data Access), XML DA (XML
Data Access) and finally DX (Data eXchange) as
industry practics. Please clarify whether platform
should have OPC connectivity for utility system
RFP conditions prevails
653 Volume III : 9.2 8
The Consortium member has agreed that SI is
the prime point of contact between the
Consortium member and the Authority and it
shall be primarily responsible for the discharge
and administration of all the obligations
contained herein and, the
Authority, unless it deems necessary shall deal
only with SI. SI along with all consortium
members shall be jointly and solely responsible
for the project
execution
Request to change the clause to that the Lead
bidder shall be jointly and solely liable whereas the
consortium members shall be solely liable for their
scope of work.
The request is in view of consideration that a lot of
sub systmes are from entirely different domain of
work hence joint and several liability of the
consortium partners makes experts in only one
domain unable to participate in the bid.
RFP conditions prevails
654 Volume III Addition:
Suspension by the Supplier -
The Seller shall have the right to suspend the
execution of Works, in part of whole, due to any of
the following reasons not attributable to SE,
without invalidating the other provisions of the
Contract. The Seller shall give a written notice for
suspension to the Buyer in case Buyer delays or fails
to fulfill its contractual obligations
a) Delay or default by the Buyer in providing
encumbrances free site fronts or right to access site
or approach road to site.
b) Seller payment are withheld /suspended beyond
reasonable time limit;
c) Buyer persistently fails to timely comply its
obligations including approval/ certifications of
drawings, documents, measurements or other
inputs.
d) The occurrence of Force Majeure event
e) A Change in Law or directive of any Government
Authority, where performance of contractual
obligations are not feasible or possible.
f) Repeated suspensions or work withheld by Buyer;
g) Any other reasons for which the Seller is not
liable and it is not feasible to continue works unless
issue is resolved.
If any of the above condition continues for more
than 15 days, the Seller may demobilize its
RFP conditions prevails
655 Addition:
Termination by the Seller
The Seller can terminate/ cancel the Contract with
prior written notice of 30 days to the Buyer for any
of the following reasons:-
a) Insolvency, receivership or bankruptcy
proceedings are commenced by or against the
Buyer;
b) Seller's payment are withheld /suspended
beyond reasonable time limit;
c) Buyer fails to fulfill its contractual obligations
d) Any material breach or representations or
warranties made was false or intentionally
misleading when made.
e) Buyer assigns or transfers the Contract or any
right or interest herein other than in accordance
with the Contract.
f) Persistently fails to timely comply its obligations
including approval/ certifications of drawings,
documents, measurements or other inputs.
g) The occurrence of Force Majeure event continues
for 3 months or above.
h) Buyer fails to take delivery of material due to
whatever reasons for more than 3 months.
i) Repetitive suspension of work due to reasons
attributable to Buyer.
j) A change in Law of any Government Authority,
where performance of contractual obligations are
RFP conditions prevails
656 VOL-II, FIREWALL 159
Firewall shall have the following minimum
capabilities:
• VPN functionalities with 2000 simultaneous
VPN tunnels
• Encrypted throughput: minimum 800 Mbps
• Concurrent connections: up to 100,000
Since the IPS throughput of 10Gbps is required in
RFP, the Firewall performance of only 800 Mbps is
not inline with the requirement. Considering 10
Gbps of NIPS, it is suggested that the Firewall
throughput should be atleast 50 Gbps or more for
IPv4 & IPv6 traffic and should be able to cater to at
least 20 Million concurrent connections and at least
400,000 new sessions per second
RFP conditions prevails
657 VOL-II, FIREWALL No mention of SSL inspection throughput
Today mostly all traffic is web based and
encrypted.It is therefore suggested that the Firewall
should support protection for SSL
encrypted traffic and should deliver at least 10 Gbps
of SSL inspection throughput to cater to present and
future traffic load.
RFP conditions prevails
658 VOL-II, ANTI-APT 155
Solution must be custom built AntiAPT solution
and must not have network perimeter security
component part devices like firewall and IDS/IPS
It is suggested to refer NSS labs BDS report of last 2
years and give fair chance to OEMs which are
Recommended by NSS. ATP is a framework and not
just a single box solution. APT solution has to be
tightly integrated with Security components like
Firewalls , Web Application Firewalls , EMail Security
solution for complete protection. Requesting to
revise this clause to "The AntiAPT solution should
be able to communicate bi-directionally with the
proposed Firewall / NGFW solution for automatic
blocking/threat update.
RFP conditions prevails
Custom built APT solutions offer
dedicated resources to do analysis
of unknown threats with higher
acceleration instead of
UTM/Firewall devices having
multiple security layers hosted on
shared resources.
659 VOL-II, ANTI-APT 155
Solution should be able to integrate with its own
threat intelligence portal for further
investigation, understanding and remediation of
an attack.
It is suggested to revise the clause to ' Solution
should be able to integrate with its own / third
party threat intelligence portal for further
investigation, understanding and remediation of an
attack.'
RFP conditions prevails
660 VOL-II, ANTI-APT 156The Proposed solution should monitor InterVM
traffic on a Port Mirror Session
This is capability of Port Mirroring Device to send
data separately & not related to the APT solution.
Request to please remove this clause
RFP conditions prevails
661 VOL-II, ANTI-APT
156
&
157
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
&
The Proposed solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for
Sandboxing. This requirement should be based
on virtual execution and should not be
Hardware or chip based function.
It is suggested to revise the clause to 'The solution
must be able to detect and report malware across
multiple operating systems (like: Windows XP,
Windows 7, Windows 8/8.1, Windows 10 (with
multiple service pack levels)
Today any file which needs to run in Sandbox
environment can run in 32bit or 64bit operating
systems depending on the file. It doesn’t matter if it
runs on Windows operating system or Windows
Server operating system. It is requested to remove
the Server OS from operating systems to allow other
leading Security OEMs to participate
RFP conditions prevails
662 VOL-II, ANTI-APT 156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
It is suggested to reduce the number to 56 parallel
sandboxes to allow leading security OEMs to
participate. The existing clause of 60 Sandboxing is
favouring one OEM and will make other OEMs
difficult to participate
RFP conditions prevails
Considering Smart City traffic
volume and future scalability
considering unknown malware
threats the proposed solution
should be able to run at least 60
parallel sandboxes for analysis of
payload and on premise
customized sandbox solution
should have the capability to allow
manual submission of suspicious
files for analysis
663 VOL-II, ANTI-APT 157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. AntiAPT
solution should share intelligence with
endpoint, security web gateway solution, HIPS
server security & NIPS, similarly endpoint and
security web gateway, NIPS & HIPS (Server
Security) should submit files to AntiAPT solution
for analysis and all three (AntiAPT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console
Kindly ask for solution to share intellengence with
Web Gateway, NIPS, endpoint, HIPS etc. Single
management console is only possible if all are from
one OEM and this will restrict other OEMs who do
not have their HIPS. Request to please remove the
clause of Single Management console as this is
specific to one OEM.
RFP conditions prevails
A single dashboard is required to
get the central visibility
The Proposed solution should have
option to share Indicators of
compromise for mitigation and
clean up with AV endpoint and
Web gateway to block threat at
web gateway level and network
level through NIPS. AntiAPT
solution should share intelligence
with endpoint, security web
gateway solution, HIPS server
security & NIPS, similarly endpoint
and security web gateway, NIPS &
HIPS (Server Security) should
submit files to AntiAPT solution for
analysis and all three (AntiAPT,
Web Security, Email security,
Endpoint, HIPS (server security)
solution should manage through
single management console.
664 VOL-II, ANTI-APT No metion of SSL inspection
Today most of the traffic is encrypted. Unless
AntiAPT solution is able to decrypt SSL the
encrypted traffic cannot be inspected and can
spread the malware inside the network without
being detected. It is suggested to include SSL
Inspection as mandatary requirement in the
required solution.
RFP conditions prevails
665 VOL-II, ANTI-APT No metion of AntiAPT throughput
Its is suggested that AntiAPT solution be able to
deliver at least 5 Gbps or more throughput. Without
mentioning the throughput, the solution can be a
bottleneck if any lower end throughput appliance is
proposed.
RFP conditions prevails
666 VOL-II, ANTI-APTNo metion of Files per hour inspection
mentioned
It is suggested that RFP should ask for atleast 1000
files per hour to be inspected in VM SandboxingRFP conditions prevails
667 WAF No mention of WAF specifications
It is suggested that
Web application firewall shall be an appliance based
solution and provide specialized application threat
protection from application-level attacks targeted at
web applications like SQL injection, cross-site
scripting, brute force etc and should support both
positive & negative security model for Web
Application Security. It should provide controls to
prevent identity theft, financial fraud and corporate
espionage. The solution should deliver 3 Gbps of
HTTPS WAF throughput and should be able to cater
to 1 Million concurrent connections and 90,000
HTTPs (2048 bit) transactions per second. WAF
appliance should have 8 x1G & 4 x10G ports and
should would in multiple modes such as Active
mode, passive mode, Transparent mode and reverse
proxy mode. The WAF solution should support
inbuilt / external Web Vulnerability Scanner to
detect existing vulnerabilities in the protected web
applications. The solution should have data leak
prevention module for alerting/blocking any credit
card leakage and information disclosure and Anti
Web Defacement module to provide ability to check
the authorized version of the website content. It
should support scanning for malicious content in
uploads along with File upload violations. The
solution should support fail open in case of
hardware failure.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
668 DDoS No mention of DDoS specifications
It is suggested that
DDoS shall be an appliance based solution with
minimum 8 x 1G LAN & 8 x 1G WAN interfaces (with
internal bypass) and should support at least 10 Gbps
of Mix throughput. The solution should be
completely behaviour based and must detect and
block HTTP Opcode Flood, URL/source/second, SYN
Flood attacks, Zombie Floods, ICMP Floods,
Fragment Flood, HTTP GET Flood and block Floods
from Unwanted Geographical areas. DDoS Appliance
should receive a continuous update feed of
Malicious Sources categorise as phishing, botnet
etc. and these sources should be blocked. DDoS DNS
flood mitigation should support at least 4 Million
queries per second and use techniques like DNS
Header anomaly prevention, DNS Unexpected
Query, Unsolicited DNS Response flood, DNS
Response cache under flood, DNS Query TTL checks
etc to prevent against DNS flooding & modern day
IoT based DNS DDoS attacks.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
669
Vol_2_RFP, 1.4
Finalization and
submission of a
detailed technical
architecture -
Scalability
10
The data center infrastructure shall be capable
of serving at least 1000 concurrent
users.
Does these 1000 concurrent users include both
internal and external users?RFP conditions prevails
670
Vol_2_RFP, 1.4
Finalization and
submission of a
detailed technical
architecture - Single-
Sign On
12
Similarly, for external users (citizens, etc), based
on their profile and registration, the system
shall enable Single-Sign on facility to apply for
various services,
What will be the tentative number of external users
for which Single Sign On will be required? This will
help in doing the sizing.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
671
Functional
Requirement of
Command and
Control Centre
Platform: -
Authentication,
Authorization
37System should support standard Authentication,
Authorization Performs
What will be the count of internal and external
users for which the Authentication, Authorization
and SSO features are required in the system.
RFP conditions prevails
672
Functional
Requirement of
Command and
Control Centre
Platform: - Multi-
tenancy
44Single instance of SMART CITY PLATFORM can
be logically partitioned to host multiple tenants.
What is the intent of creating the multiple tenants?
Do you have plan to share this platform with any
other Smart City?
Please refer to the corrigendum 6
673
Functional
Requirement of
Command and
Control Centre
Platform: -
Enterprise resource
planning (ERP)
integration
48
System should allow integration of business
process in ERP workflows like property tax
collection etc.
Can you please tell the details of ERP system that
need to be integrated like vendor etc.?RFP conditions prevails
674
Functional
Requirement of
Command and
Control Centre
Platform: - Analytics
Engine
Visualizations
50Integrate with other 3rd party applications
seamlessly.
Which all 3rd party applications are you anticipating
to integrate with?RFP conditions prevails
675
Technical
requirement -
Server
136Shall support Industry standard virtualization
hypervisor like Hyper-V, VMWARE and Citrix.
We request you to change it to 'Shall support
Industry standard virtualization hypervisor like
Hyper-V, VMWARE or Xen Server.'
Please refer to the corrigendum 6
676
Technical
requirement -
Server
135 Rack mountable/ BladeWe request you to change it to 'Rack Mountable or
Balde'RFP conditions prevails
677
Technical
requirement -
Primary Storage
137RAID solution offered must protect against
double disc faluire
We request you to change it to ' RAID solution
offered must protect against double disc faluire
with RAID 1+0'
RFP conditions prevails
678
Technical
requirement -
Primary Storage
137 RAID 0, 1, 1+0, 5+0 and 6We request you to change it to RAID 0, 1, 1+0, 5+0
or 6RFP conditions prevails
679
Technical
requirement -
Primary Storage
137
Minimum 128 GB of useable cache across all
controllers. If cache is provided in additional
hardware for unified storage solution, then
cache must be over and above 128 GB.
We request you to change it to 'Minimum 15%
performnce tier with high performing SSD disks
across the controllers'
RFP conditions prevails
680
Technical
requirement -
Primary Storage
137
The storage array must have complete cache
protection
mechanism either by de-staging data to disk or
providing complete cache data
protection with battery backup for up to 4 hours
We request you to change it to 'The storage array
must have complete cache protection
mechanism either by de-staging data to disk, writing
to multiple chache disks or providing complete
cache data
protection with battery backup for up to 4 hours'
RFP conditions prevails
681Vol 2 - Scope of
work29
MSI should be able to provide Unified view for
each Departments
1. What are various source system/ applications
being used at present?
2. What would be aggregated data volume/ size of
the source applications already in use?
3. How many users will be accessing UNIFIED VIEW
of these applications at present and what is the
concurrency level of users?
RFP conditions prevails
682Vol 2 - Scope of
work29
MSI should provide a universal dashboard to
view all applications in a consolidated manner.
1. How many users shall be accessing the dashboard
to view all applications and the dashboard required
to be viewed through Mobile also ?
RFP conditions prevails
683 30
The IT platform should be provided at an
optimum cost. Cost can be optimized by
leveraging the existing hardware and network
infrastructure, cloud
services, framework, and reusing software
components. The Uttar Pradesh has an IT
Platform with NIC in place with extensive
infrastructure and framework, which may be
leveraged. The selected bidder may suggest
other
cloud options too, which may be more cost
optimized. The bottom line is the selected
bidder will have to identify a solution at an
optimum cost for the LSCL
IT Platform.
1. Would you be able to provide us list of all IT
resource from hardware, infrastrucuture, network,
cloud and software already available on IT platfrom?
2. Please conirm if dept. is open for considering
technically robust and cost effective Cloud licenses,
subscription based at optimum cost for providing
Dashbooards and Analytics view
RFP conditions prevails
684 30
IoT Layer must integrate lots of Services in
the current scenario and must deliver an
architecture which will be future scalable and
can accommodate more Services/ Utility
Solution Integration. IoT shall be a Common
layer and is required for the Normalization of
the data from different edge applications. This
layer will aggregate and integrate utilities &
sensors data so as to ensure that Device
management, Analytics, Reporting, Dash
Boarding and Integration of the Different
Authorities data can be performed from a
Single operational screen. This layer shall also
integrate with different Independent Software
Vendor (ISV) applications Hosted at Data Center
or at Cloud to provide the completeness of the
solution. The Integrated command and control
Centre platform shall be implemented in the
form of a software system solutions comprising
of a middleware, web portal, mobile app,
several databases with specific purposes, and
required applications for pulling in data,
processing data and presenting data and run
predictive analytics as and when required. The
selected bidder has to deploy such platform for
integration of all smart component/sensors use
cases on this
platform.
RFP conditions prevails
685
Functionality
Description -
Platform
Functionality
Page no. 37Application management: Provides role-based
access view to applicationsRFP conditions prevails
686Global Market
PresencePage no. 44
Smart city suppliers should be adaptable to the
emerging needs of cities. Suppliers should
develop offerings that meet the growing
interest in urban Internet of Things (IoT)
applications, big data solutions, and the
transformation in city approaches to energy
policy, urban mobility
RFP conditions prevails
687Geospatial Bigdata
AnalyticsPage no. 102
Geospatial Bigdata Analytics
Server Software should support On-premise and
cloud based Big data analysis of spatial data
using Vector & Tabular data
RFP conditions prevails
688
Functional
Requirement of
Command and
Control Centre
Platform:
Vol 2 - Pg 54
Platform shall have no Single point of failure.
Software & hardware fault shall not result
total system failure.
Kindly confirm if you are looking proposed
Infrastructure components in active-active
clustering mode to avoid any single point of failure?
As per architecture best practices It is
recommended to have proposed software
components in active-active mode to avoid any
single point of failure.
RFP conditions prevails
689
4.1 Geographical
Information System
(GIS) & GIS City
Portal
Vol 2 - Pg 84,86
Base data has to be taken from GIS city portal
on
ArcGIS Platform and then the MSI has to analyse
the gap in the GIS data and shall augment
the GIS data as per the requirement.
xx. 8 Core Arc GIS Server on Active-Active mode
along with two Desktop advanced are
already existing and the MSI shall evaluate the
sizing as per their requirement of the
system and also has to maintain the existing city
portal and the upgrade system for
5 years.
Is it necessary to use ArcGIS as GIS Data platform or
MSI can propose better solution also for GIS Data
platform .
Please refer to the corrigendum 6
690
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
Vol 2 - Pg 87
02 Database Server (2U Rack Server with dual
Intel Xeon E52637 v4
processor, 256 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Please provide the Database software details
(Database Vendor and Database Version) which is
being used in existing GIS application
Please refer to the corrigendum 6
691 Database Vol 2 - Pg 142
Database shall have Active-Passive failover
clustering with objectives of
scalability and high availability.
As per Architecture best practice, for High Availbility
it is recommended to have active-active clustering
that provide High Availability (fault tolerance from
hardware failures or planned outages) , scalability
and Database load shared across all nodes which is
part of cluster . All the nodes are actively available
for all type of transactions (read / Write/update
operations)
We are suggesting you to kindly change it as
“Database shall have Active-Active clustering with
objectives of scalability and high availability. All the
Database nodes should be actively available for all
type of transactions (read / Write/update
operations)”
RFP conditions prevails
692
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
MSI should provide a dashboard view for their
DC/DRC solution for LSCL for
virtually monitoring all smart city projects
related DC & DRC activities inclusive
of hardware, application, data, bandwidth,
manage hosting services, storage
from the ICCC.
Does LSCL wants the DRM solution to provide
service based dashboard that should provide
Business-IT relationship and service availability, DR
readiness, Business function availability, etc
RFP conditions prevails
693
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
The system should able to generate automatic
and manual notifications, alerts and reports
based on performance to the concerned
operators/individuals.
Does LSCL want the DRM solution to provide alerts
through SMS, email, etc. in case of threshold breach
or threat of SLA violation
RFP conditions prevails
How important and frequent will be Predictive
Analysis on the collected data at Integrated Comand
and Control Centre and whether it gathers data
from all the department applications as mentioned
in page 29? For cost optimization and proven COTS
tools, it is strongly recommened to use Cloud
licenses for BI Analytics and Visualization. Please
confirm department's stand on it.
694
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
Does LSCL wants the proposed solution toprovide
services heat map to pinpoint the root cause of the
service degradation.
RFP conditions prevails
695
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
Does LSCL wants the proposed solution should
provide capability to define services, business
functions, IT Components and should be able to
monitor those from availability standpoint.
RFP conditions prevails
696
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
Does LSCL wants the proposed solution to support
concurrent / parallel application recovery workflows
to be executed as part of failover
RFP conditions prevails
697
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
Does LSCL wants the proposed solution should be
capable of Recovering Servers, Storage, Network,
Application, DB, Webserver and Middleware
layers on a click of a button
RFP conditions prevails
698
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
The proposed solution should provide out of the
box reports on RPO deviation, RTO deviation,
Datalag, Application DR Readiness status and
replication trendingcapable of generating reports in
pdf, csv, XML format
RFP conditions prevails
699
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
Does LSCL want the proposed solution to support all
major platforms including Linux, Windows, Solaris,
HPUX and AIX with native high availability
options. It must support both physical and virtual
platforms.
RFP conditions prevails
700
RFP Volume 2/ DC
DRC Monitoring
dashboard
122 Additional Queries
Does LSCL want the proposed solution to be capable
of monitoring the firewall policy updates that are
happening at production and if any change in
the policy is done at DC the same should be
identified and replicated across the DR firewall to
reflect the respective changes.
RFP conditions prevails
701
Vol-1
2.2 Eligible Bidders
b. Consortium of
Firms
13
Bids submitted by a consortium should comply
with the following requirements also:
ii. Any firm which is not a Lead Bidder to this
RFP cannot be a partner in any of the bids
submitted against this RFP
Request to change the clause as
Any firm which is not a Lead Bidder to this RFP can
be a partner in any number of bids submitted
against this RFP
In order to get the more
participant and
competitive proposal
please add the above
clause
RFP conditions prevails
702
Vol-1
2.8 Earnest Money
Deposit (EMD)
16
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-Procurement
portal. No exemption for submitting the EMD
will be given to any agency. Bid security in any
other form will not be entertained.
Request to please accept EMD in the form of BG
alsoPlease refer to the corrigendum 6
703
Vol-1
Pre-Qualification
Criteria
35
2. The Sole Bidder or the Lead Bidder of
consortium should have an average annual
turnover of minimum INR 10 crore with
minimum average turnover of INR 5 crore from
one or more of the “specific business areas”
mentioned below over the last three financial
years and, in case of a Consortium, the average
annual turnover for each of the consortium
members over the last three Financial Years
should be INR 2.5 crore or more from one or
more of the “specific business areas” mentioned
below:
• Software Application Development including
mobile app
• Multiple Software application integration
capability
• Database Management
• Business Analytics
• ICT Infrastructure and System Integration
• IoT/Cloud environment
Request to change the clause as
The Sole Bidder or the Lead Bidder of consortium
should have an average annual turnover of
minimum INR 10 crore with minimum average
turnover of INR 5 crore from one or more of the
“specific business areas” mentioned below over the
last three financial years below:
• Software Application Development including
mobile app
• Multiple Software application integration
capability
• Database Management
• Business Analytics
• ICT Infrastructure and System Integration
• IoT/Cloud environment
RFP conditions prevails
704
Vol-1
Pre-Qualification
Criteria
36
5. The Sole Bidder or the Lead bidder of
consortium, in case of a Consortium, should
possess any of the below Certifications which
are valid at the time of bidding:
• ISO 9001
• ISO 20000
• ISO 27001:2013 for Information Security
Management System
Request to please remove the requirement of ISO
20000 Certificate or else allow from any member of
the consortium
RFP conditions prevails
705
Vol-1
Pre-Qualification
Criteria
36
The sole bidder or lead bidder /consortium
partner should have CMM level 5. Request to remove this requirement RFP conditions prevails
706
Vol-1
Pre-Qualification
Criteria
36
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
Request to consider the Experience from any
member of the consortiumPlease refer to the corrigendum 6
707
Vol-1
3.5.1 Technical Bid
Criteria &
Evaluation
39
A. Sole bidder/ Lead bidder Profile
CMM Certification
Marks shall be allotted as given below:
•CMM level 5 =3 marks
Request to modify the clause as
• ISO 9001 - 1 Marks
• ISO 27001:2013 - 2 Marks
RFP conditions prevails
708
Vol-1
3.5.1 Technical Bid
Criteria &
Evaluation
39-40
B Project Experience
B1 Web Portal/mobile app
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Request to change the clause as
Web Portal/mobile app The Sole Bidder or any
member (in case of consortium) should have been
awarded and successfully executed & commissioned
project(s) related to development and integration of
citizen centric web portal / mobile app components
or both having minimum value of INR 2 crore in
India during last five years as on the date of release
of RFP.
.Marks shall be allotted as given below:
• More than equal to 4 Project = 20 marks
• 3 Project = 14 marks
• 2 Project = 10 marks
• 1 Project = 7 marks
Please refer to the corrigendum 6
709
Vol-1
3.5.1 Technical Bid
Criteria &
Evaluation
41
B Project Experience
B2 City centric software Integration Projects
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
• Three Projects = 8 marks
• Two Projects =6 marks
Request to Change the clause as
City centric software Integration Projects
The Sole Bidder or any member (in case of
consortium) should have experience in the field of
City centric software Integration Projects
Marks shall be allotted as below:
• Three Projects = 10 marks
• Two Projects = 8 marks
• One Projects =6 marks
Please refer to the corrigendum 6
710
Vol-1
3.5.1 Technical Bid
Criteria &
Evaluation
42
B Project Experience
B3 Software Platform
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of delivery)
with the above mentioned technology stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
• Three Projects = 8 marks
• Two Projects =6 marks
Request to change the clause as
The Sole Bidder or any member (in case of
consortium) should have experience in developing
and implementing IT software projects in India with
Java /J2EE, Application Servers like JBoss or similar,
HTML5/CSS3, mobile apps native languages
(Android, ioS, Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 1 projects have been executed
(documentary evidence to be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Three Projects = 10 marks
• Two Projects = 8 marks
• One Projects =6 marks
Please refer to the corrigendum 6
711
Vol-2
11 Payment Terms
and Schedule
185
Payment Schedule
1. Upon approval of SRS,FRS & SDD document by
the authority - T+1 Months - 10% of contract
value
1. Phase I Operationalization & Go Live
Acceptance by the authority - T + 3 Months -
30% of contract value
2. Phase II Operationalization & Go Live
acceptance by the authority - T + 6 Months -
30% of contract value
3. Operations & Maintenance phase for a period
of 60 months from the date of Go Live of the
last solution - T1 + 60 Months - 30% of Contract
Value in equal quarterly instalments
Request to Change the Payment Schedule as
1. Upon approval of SRS,FRS & SDD document by the
authority - T+1 Months - 10% of contract value
1. Phase I Operationalization & Go Live Acceptance
by the authority - T + 3 Months - 40% of contract
value
2. Phase II Operationalization & Go Live acceptance
by the authority - T + 6 Months - 30% of contract
value
3. Operations & Maintenance phase for a period of
60 months from the date of Go Live of the last
solution - T1 + 60 Months - 20% of Contract Value in
equal quarterly instalments
RFP conditions prevails
712Server Load
Balancer, Volume 2141
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual instance to support multiple load
balancing and security functions. Shall have
minimum of 8x10G SFP+ interfaces from day
one. Shall have security features like reverse-
proxy firewall, sync-flood and denial of service
attack protection from day one.
SUGGESTED CLASUE:
Multi-tenant hardware with multicore CPU support.
It shall support minimum 10 virtual instances and
shall be scalable to 100 instances on the same
appliance.
Device Throughput: 100 Gbps with 50% scalability in
case of future requirement.
Traffic Ports:
4 x 40 GbE QSFP+
20 x 10 GbE SFP+
SLB should support the Next Generation Features
like
1) Virtualization with Internal Hypervisor (10vADC
scalable upto 100)
2) Application Performance Monitoring
3) Web Performance Optimization
4) Security (ICSA Certified WAF, Defense
Messaging/Integration with DDoS solution)
5) Automation
SLB OEM should have TAC based in India and
present in Gartner Leader's Quadrant (2016).
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
713Link Load Balancer,
Volume 2141
Link load balancer shall be an appliance based
solution with minimum 64 bit speed core
architecture and purpose built hardware for
overall high performance. It shall have a
minimum of 64 GB RAM and at least 8x10G SFP+
ports. It shall have minimum of 120 Gbps
throughput. Shall support security features like
reverse-proxy firewall, sync-flood and denial of
service attack protection from day one. It shall
support multiple Internet links in active-active
load balancing and active-standby failover
mode.
Most of the Industry leading OEM's provide both
Link Load Balancer and Server load Balancer
solutions. Kindly allow the SLB and LLB from the
same OEM, in order to have better management
and single point of contact for Load Balancing
solutions.
SUGGESTED CLAUSE:
Link load balancer shall be an appliance based
solution with minimum 64 bit speed core
architecture and purpose built hardware for overall
high performance.
Device Throughput: 100 Gbps with 50% scalability in
case of future requirement.
Traffic Ports:
4 x 40 GbE QSFP+
20 x 10 GbE SFP+
It shall support multiple Internet links in active-
active load balancing and active-standby failover
mode.
LLB and SLB should be from same OEM
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
714New Component
Request, Volume 21
We are suggesting DEDICATED DDoS Attack
Mitigation protection solution for the Traffic
generated from the users, in order to safeguard
the Network & Application Infrastructure.
As per the recents Global events, related to IoT
DDoS attacks generated from Cameras, it
becomes a must requirement to handle the
ZERO-DAY DDoS THREATS on REAL TIME BASIS
(SIGNATURE LESS TECHNOLOGY) and the entire
process should be automatic (i.e. without
human intervention).
Dedicated DDoS Mitigation Solution will provide
behavioral based, automatically generated, real-
time signatures, preventing attacks that are not
vulnerability based and zero-minute attacks
such as: network and application floods, HTTP
page floods, malware propagation, Web
application hacking, brute force attacks aiming
to defeat authentication schemes, and
more—all without blocking legitimate users’
traffic and with no need for human intervention.
Pls confirm the solution requirement to be
proposed by the bidder, as part of the RFP SoW.
SUGGESTED CLAUSE:
Dedicated appliance based DDOS Mitigation
solution (not a part of Firewall or UTM or Router or
ADC or Proxy based Architecture) with DoS Flood
Attack Prevention Rate: upto 300 Mpps (EAL4+ or
above certified). Automatic Real Time Signature
generation within few seconds, without human
interference.
Device Throughput: 100 Gbps with 50% scalability in
case of future requirement.
Traffic Ports:
20 (SFP+) x 10GE
4 (QSFP+) x 40 GE and 4 (QSFP28) x 100 GE
DDoS Mitigation solution vendor should have OEM
TAC in India & should have Indian presense for more
than 10 years.
RFP conditions prevails
715 GIS Integration 13If this requires field survey, it needs to be done
by MSI.
What kind of field survey is expected? Please
elaborate.Please refer to the corrigendum 6
716 GIS Integration 13MSI is required to update GIS maps from time to
time.
What are the parameters that decide the update
frequency?Please refer to the corrigendum 6
717
1.5 Other
expectations from
MSI
159. Supply, Installation, and Commissioning of
entire solution at all the locations.
Assuming that locations are in Lucknow itself. How
many locations, solution needs to be installed?
Please specify.
RFP conditions prevails
718
Functional
requirement for
Environmental
Sensor:
20 Air Quality Parameters to monitor and display
Is data model for all the sensors and transmitted
data is finalised or MSI can propose the best suited
data model?
RFP conditions prevails
719 3.1 E Governance 73
1. Integrated Grievance Redressal System
2. Public Grievance Redressal System
3. e-District (Municipal Services)
4. others city levels initiatives
Are these application geo-enabled (GIS based)? RFP conditions prevailsMSI has to study and integrate the
existing system
720 General General Availability of GIS Infrastructure
What is current GIS infra with LSCL? Software
Licenses? Already deployed? Version, Number of
licenses? Etc
Please refer to the corrigendum 6
721
4.1 Geographical
Information System
(GIS) & GIS City
Portal
84 Existing data hosting in SDCWhat is backend database where all GIS data is
stored?Please refer to the corrigendum 6
722 3D Data of city 85 3D Data of city
What kind of 3D data is available? What is the level
of detail (LOD) it is representing? What is the
volume of the data? For how much area, 3D data is
available?
Please refer to the corrigendum 6
723 xviii 86
MSI to maintain, upgrade, integrate and
enhance the City GIS portal application and GIS
platform that is going to be developed under
the GIS initiative of Lucknow Smart City Limited.
Assuming that the application to be developed is
not in the current RFP Scope. Please clarify.Please refer to the corrigendum 6
724 xix 86
MSI to design and develop the GIS based
integrated application for Municipal
departments and other departments.
How many departments will be the part of this
integrated application?Please refer to the corrigendum 6
725Functional
requirements88 General
Assuming that data that needs to be functionally
incorporated has GIS enablement or is able to
integrated directly with GIS. Please clarify.
Please refer to the corrigendum 6
726Geo-enabling My
City My Pride App95 Specifications of mobile app
Please specify the specifications of the mobile app.
Number of users, OS etc.RFP conditions prevails
7274.2 LSCL App
(Mobile App):106 General
Specifications and OS for the mobile app needs to
be shared.RFP conditions prevails
728
Vol_1_RFP, 2.8
Earnest Money
Deposit (EMD)
page no 16
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-
Procurement portal. No exemption for
submitting the EMD will be given to any agency.
Bid security in any other form will not be
entertained.
Request you to kindly accept bid security in the
form of Bank Guarantee from a reputed
nationalised bank.
Dilution required:
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only) shall
be paid online through e-
Procurement portal or in the form of a Bank
guarantee from a reputed nationalised bank. No
exemption for submitting the EMD will be given to
any agency.
RFP conditions prevails
729
Vol_1_RFP, 3.4.3
Stage 3: Commercial
Evaluation.
Page no 34
A written undertaking from each of the
consortium members, in case of a
consortium, duly signed by the authorized
signatory, holding a written special
power of attorney for this bid on a stamp
paper, authorizing the lead bidder incur
liabilities and receive instructions for and
on behalf of any and all consortium
members, and the entire execution of the
Contract, including but not limited to
payments.
Request you to kindly consider Board resolution or
Power of attorney. Since board resolution is the
legal document signed by board of directors.
RFP conditions prevails
730
Volume 2: Scope of
Work , 1.3
Development Phase
/ iv
9
For the integrated solution, the MSI shall supply:
Assuming MSI shall supply source codes of software
developed under Lucknow smart city , All
Intellectual Property Rights (IPR) of software (COTS
software use for development) will be remain with
OEM/Suppliers. Please conrifm.
RFP conditions prevails
731
Volume 2: Scope of
Work , 1.3
Development Phase
/ iv
13
GIS Integration- MSI shall undertake detail
assessment for integration of all the Field level
ICT interventions proposed with the existing
Geographical Information System (GIS).
Please provide details of existing Geographical
Information System viz. Area of Interest (AOI), Data
Volume, Data Format, Avalibale layers etc.
RFP conditions prevails
732
Volume 2: Scope of
Work , 4 Integrate,
View & Operate ,
4.1 Geographical
Information System
(GIS) & GIS City
Portal
86
xix. MSI to design and develop the GIS based
integrated application for Municipal
departments and other departments.
Please provide the detail scope of work for
development of the GIS based integrated
application for Municipal departments and other
departments.
Please refer to the corrigendum 6
733 General NA NAWill you allow VPN Connectivity during the
customization/implementation phase ?RFP conditions prevails
734 General NA NA
How many total users are expected to use the
analytics/dashboards.Out these users how many
users will be concurrent ones ?
RFP conditions prevails
735 General NA NA
Kindly provide total amount of data in each of these
source systems. What is the expected YoY growth in
data
RFP conditions prevails
736 General NA NAPlease provide the Database technology used with
its version no?RFP conditions prevails
737 General NA NAPlease let us know the total no of models,
dashboards and KPIs required ?RFP conditions prevails
738 General NA NAWhat is the version of the implemented GIS
solution?Please refer to the corrigendum 6
739 General NA NAPlease confirm if mapping data is available using
standard OGC compliant protocol?Please refer to the corrigendum 6
740 General NA NA Do you need a separate development/QA server? RFP conditions prevails
741 General NA NA Are you planning to use LDAP for Single-Sign-On? RFP conditions prevails
742
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B2
41,City Centric
Software
Integration
project
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please clarify/define the scope of City Centric
Software Integration projects .
The Sole Bidder or lead
member (in case of
consortium) should have
experience in the field of
City centric software
Integration Projects
Marks shall be allotted as
below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
743
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B3
42, Software
platform
The Sole Bidder or lead member (in case of
consortium) should have
experience in developing and implementing IT
software projects in India
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to
be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please clarify if all the technoolgy components
specified should be present in same projects or
different projects can be submitted for different
components.
Also Request you to modify the clause as :The Sole
Bidder or lead member (in case of consortium)
should have experience in developing and
implementing IT software projects in India/ Global
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3, mobile apps native languages
(Android/ ioS/Windows/ Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to be
provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
• Three Projects = 8 marks
• Two Projects =6 marks
The Sole Bidder or lead
member (in case of
consortium) should have
experience in developing
and implementing IT
software projects in India
with Java /J2EE,
Application Servers like
JBoss or similar,
HTML5/CSS3,
mobile apps native
languages (Android, ioS,
Windows, Hybrid language
like
phonegap), User
Experience in designing
User Interfaces. At least 2
projects
have been executed
(documentary evidence to
be provided as proof of
delivery) with the above
mentioned technology
stack.
Marks shall be allotted as
below:
• Four Projects = 10 marks
•Three Projects = 8 marks
Please refer to the corrigendum 6
744
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B3
43, Operation
and
Maintenance
The bidder must have experience of providing
Handholding and Operational
Manpower for Turnkey IT projects. Minimum no.
of manpower per project
should be 10.
Marks shall be allotted as below: •
Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Request you to modify the clause as :The bidder
must have experience of providing Handholding and
Operational
Manpower for Turnkey IT projects. Minimum no. of
manpower per project should be 5.
Marks shall be allotted as below: • Four
Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
The bidder must have
experience of providing
Handholding and
Operational
Manpower for Turnkey IT
projects. Minimum no. of
manpower per project
should be 10.
Marks shall be allotted as
below: • Four
Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
RFP conditions prevails
745
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B3
39,Web
Portal/Mobile
App
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned /Go Live
project(s) related to development and integration of
citizen centric web portal / mobile app components
or both having minimum value
of INR 15 crore in India/Global during last Seven
years as on the date of release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
The Sole Bidder or lead
member (in case of
consortium) should have
been awarded and
successfully executed &
commissioned project(s)
related to development
and integration of citizen
centric web portal / mobile
app components or both
having minimum value
of INR 15 crore in India
during last five years as on
the date of release of
RFP.
.Marks shall be allotted as
given below:
• More than equal to 5
Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Please refer to the corrigendum 6
746 General NA
1.Work order/ Contract clearly
Highlighting the scope of work, Bill of
Material and value of the contract/order.
2.Completion
Certificate issued & signed by the
competent authority of the client entity on
the entity’s letterhead
OR Self-certificate from the bidder
signed by the concerned project
in-charge of the bidder and
counter signed by authorised signatory
for this bid holding written special
power of attorney on stamp paper
along with the official contact
details of the Competent authority of the client
entity. The Authority reserves
the right to contact the aforementioned
Competent authority.
1.Work order/ Contract clearly
Highlighting the scope of work, Bill of Material and
value of the contract/order.
2.Completion /Go Live
Certificate issued & signed by the
competent authority of the client entity on
the entity’s letterhead
OR Self-certificate from the bidder
signed by authorised signatory
for this bid holding written special
power of attorney on stamp paper
along with the official contact
details of the Competent authority of the client
entity. The Authority reserves the right to contact
the aforementioned
Competent authority.
1.Work order/ Contract
clearly
Highlighting the scope of
work, Bill of
Material and value of the
contract/order.
2.Completion
Certificate issued & signed
by the
competent authority of the
client entity on
the entity’s letterhead
OR Self-certificate from the
bidder
signed by the concerned
project
in-charge of the bidder and
counter signed by
authorised signatory
for this bid holding written
special
power of attorney on
stamp paper
along with the official
contact
details of the Competent
authority of the client
entity. The Authority
RFP conditions prevails
747Prequalification
Criteria36 ,Clause 8
The sole bidder or lead bidder should have
completed at least two projects in Govt/
Semi Govt/ PSU; in the field of
development and integration
of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT.
Completion Certificate issued and signed
by the competent authority
Request you to modify the clause as : The sole
bidder or lead bidder should have completed at
least two projects in Govt/
Semi Govt/ PSU; in the field of
development and integration
of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud applications
on the date of release of NIT. Completion /Go Live
Certificate issued and signed
by the competent authority OR Self-certificate from
the bidder
signed by authorised signatory on Company's
letterhead
The sole bidder or lead
bidder should have
completed at least two
projects in Govt/
Semi Govt/ PSU; in the
field of
development and
integration
of citizen centric web
portal /
mobile app, database
management /data
warehousing/ business
analytics / cloud
applications on the date of
release of NIT. Completion
Certificate issued and
signed
by the competent
authority
RFP conditions prevails
748 Volume 2 Page No. 11
•Security -The architecture must adopt an end-
to-end security model that protects data and
the infrastructure from malicious attacks, theft,
natural disasters etc. MSI must make provisions
for security of field equipment as well as
protection of the software system from hackers
and other threats. Using Firewalls and Intrusion
Prevention Systems such attacks and theft
should be controlled and well supported (and
implemented) with the security policy. The virus
and worm attacks should be well defended with
gateway level Anti-virus system, along with
workstation level Anti-virus mechanism. There
should also be an endeavour to make use of the
SSL/VPN technologies to have secured
communication between Applications and its
end users. Furthermore, all the system logs
should be properly stored & archived for future
analysis and forensics whenever desired. The
authority would carry out the security audit of
the entire system upon handover and at regular
interval during O&M period.
•Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft, natural
disasters etc. MSI must make provisions for security
of field equipment as well as protection of the
software system from hackers and other threats.
Using Firewalls and Intrusion Prevention Systems
such attacks and theft should be controlled and well
supported (and implemented) with the security
policy. All critical encryption keys to be managed
and audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
The virus and wormattacks should be well defended
with gateway level Anti-virus system, along with
workstation level Anti-virus mechanism. There
should also be an endeavour to make use of the
SSL/VPN technologies to have secured
communication between Applications and its end
users. Furthermore, all the system logs should be
properly stored & archived for future analysis and
forensics whenever desired. The authority would
carry out the security audit of the entire system
upon handover and at regular interval during O&M
period.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
749 Volume 2 Page No. 11
The systems implemented for project should be
highly secure, considering that it is intended to
handle sensitive data relating to the city and
residents of the city. The overarching security
considerations are described below.
I. The security services used to protect the
solution shall include: Identification,
Authentication, Access Control, Administration
and Audit and support for industry standard
protocols.
II. The solution shall support advanced user
authentication mechanisms including digital
certificates and biometric authentication.
III. Security design should provide for a well-
designed identity management system, security
of physical and digital assets, data and network
security, backup and recovery and disaster
recovery system.
Where are we keeping the Private keys of Digital
Certificates ?
As per CCA guidelines Private Keys should be kept in
FIPS 140-2 level 3 certfied HSM only.
HSM should be capable of storing all the provate
keys in FIPS certified Hardware only and never
stored in Software or in File Format (Not even in NV
RAM), also the Complete hardware based storage of
key material for entire Life cycle
Pls Add:- IV. All Encryption Keys for securing
sensitive data must be managed in a FIPS 140-2
Level 3 certified HSM as per Meity Guidelines.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
750 Volume 2 Page No. 12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based Authentication and Authorization, in
accordance with IT Act 2000, using the Digital
Certificates issued by the Certifying Authorities
(CA). In particular, 3 factor authentications
(login id & password, biometric and digital
Signature) shall be implemented by the MSI for
officials/employees involved in processing
citizen services.
Where are we keeping the PKI certificates and
Private Keys ?
Support for PKI based Authentication and
Authorization- The solution shall support PKI based
Authentication and Authorization, in accordance
with IT Act 2000, using the Digital Certificates issued
by the Certifying Authorities (CA). In particular, 3
factor authentications (login id & password,
biometric and digital Signature) shall be
implemented by the MSI for officials/employees
involved in processing citizen services.
Pls Add:- All PKI certificates and Keys used by
officials/employees are to be managed centrally
using a FIPS 140-2 Level 3 certified Hardware based
Key Manager compliant to KMIP Standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
751 Volume 2 Page No 34
This data must be exposed to application eco
system using secure APIs that require
Authenticated Access using API credentials. Keys
must be kept in a FIPS 140-2 Level 3 certified
HSM.
Where are we keeping the Private keys ?
As per CCA guidelines Private Keys should be kept in
FIPS 140-2 level 3 certified HSM only.
This data must be exposed to application eco
system using secure APIs that require Authenticated
Access using API credentials.
Pls Add:- Keys must be stored in a FIPS 140-2 Level
3 certified HSM on in software or in file format in
any of the form.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
752 Volume 2 Page No. 35
The attributes of the API key(s) must restrict /
allow access to relevant data, i.e. (the attributes
can be like: specific domain(either parking or
lighting or waste.
The attributes of the API key(s) must restrict / allow
access to relevant data, i.e. (the attributes can be
like: specific domain(either parking or lighting or
waste.
Pls Add:- This is to be implemented using
Encryption and User based Key Management
techniques. Keys must be kept in a FIPS 140-2 Level
3 certified HSM.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
753 Volume 2 Page No. 37
Platform functionality:- Application
management: Provides role-based access view
to applications. Role based access to be
implemented using CC EAL 5 + certified
Smartcards used as authenticators. Smartcards
should preferably also have RFID based access
capability in addition so that the same can be
integrated with BMS systems.
Application management: Provides role-based
access view to applications. Role based access to be
implemented using CC EAL 5 + certified Smartcards
used as authenticators. Smartcards should
preferably also have RFID based access capability in
addition so that the same can be integrated with
BMS systems.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
754 Volume 2 Page No. 39•The solution shall be available via a VPN as a
web-based interface or a thin-client interface.
•The solution shall be available via a VPN as a web-
based interface or a thin-client interface.
Pls Add:- VPN should use OTP for user access. OTP
token must be numeric grid-pattern based as
industry best practice.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
755 Volume 2 Page No. 51
g) Infrastructure components security: Platform
should support user encrypted storage volumes.
Restrict inbound access from public network
only on secure ports via DMZ proxy instances.
SSH access is restricted with secure key pair and
from designated jump hosts alone. User
management
and authentication is tied to Corporate SSO.
How are you going to encrypt the storage ?
Functional Requirement of Command and Control
Centre Platform:- g) Infrastructure components
security: Platform should support user encrypted
storage volumes through FIPS 140-2 level 3 certified
Key Manager appliance with APIs. Restrict inbound
access from public network only on secure ports via
DMZ proxy instances. SSH access is restricted with
secure key pair and from designated jump hosts
alone. User management and authentication is tied
to Corporate SSO .
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
756 Volume 2 Page No. 51
d) VM Infrastructure security: Platform should
have appropriate technical controls in place to
prevent attacks that target virtual infrastructure
How are you going to encrypt the VM / Hyperwiser
?
Functional Requirement of Command and Control
Centre Platform:- d) VM Infrastructure security:
Platform should have appropriate technical controls
in place to prevent attacks that target virtual
infrastructure through FIPS 140-2 level 3 certified
Key Manager appliance with APIs so that VMs can
be encrypted to avoid unauthorised access.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
757 Volume 2 Page No. 52
Software should support security standards:-
OAuth 2.0, HTTPS over SSL, and key
management help protect the data across all
domains.
How are you going to encrypt theapplication ?
Functional Requirement of Command and Control
Centre Platform:- Software should support security
standards:-OAuth 2.0, HTTPS over SSL, and key
management help protect the data across all
domain through FIPS 140-2 level 3 certified Key
Manager appliance with APIs so that applications
can be accessed by the authorised users only
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
758 Volume 2 Page No. 52
•Data Protection / Production Data integrity:-
Platform should support procedure in place to
ensure production data shall not be replicated
or used in non-production environment.
Which Platformare we refreing here ?
•Data Protection / Production Data integrity:-
Platform should support procedure in place to
ensure production data shall not be replicated or
used in non-production environment.
Pls Add:- . All Encryption Keys for securing
sensitive data must be managed in a FIPS 140-2
Level 3 certified HSM as per Meity Guidelines.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
759 Volume 2 Page No. 52
•Data Protection / Data at rest:-
Platform should support encryption for tenant
data at rest (on disk/storage).
Which Platformare we refreing here ?
•Data Protection / Data at rest:-
Platform should support encryption for tenant data
at rest (on disk/storage).
Pls Add:- All Encryption Keys for securing sensitive
data must be managed in a FIPS 140-2 Level 3
certified HSM as per Meity Guidelines.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
760 Volume 2 Page No. 72
The Biometric/Access card based Access Control
System shall be deployed with the objective of
allowing entry and exit to and from the premises
to authorized personnel only with appropriate
door locks and controller assemble connected
with BMS system. The system deployed shall be
based on proximity as well as biometric
technology for critical areas and proximity
technology for non-critical areas.
The Biometric/Access card based Access Control
System shall be deployed with the objective of
allowing entry and exit to and from the premises to
authorized personnel only with appropriate door
locks and controller assemble connected with BMS
system. The system deployed shall be based on
proximity as well as biometric technology for critical
areas and proximity technology for non-critical
areas.
Pls Add:- The access cards to be used by the BMS
system should also have a logical smartcard chip
that is to be used for Application Role based Access.
RFP conditions prevails
761 Volume 2 Page No. 72
The SI shall provide CCTV system within the
Data center and Command and Control Center
on 24X7 bases. All important areas of the Data
center, Command and Control Center along with
the non-critical areas like locations for DG sets,
entry exit of Command Center, Entry and Exit of
building premises need to be under constant
video surveillance. Monitoring cameras shall be
installed strategically to cover all the critical
areas of all the respective locations and the feed
of the CCTV system should be integrated with
control and command centre.
The SI shall provide CCTV system within the Data
center and Command and Control Center on 24X7
bases. All important areas of the Data center,
Command and Control Center along with the non-
critical areas like locations for DG sets, entry exit of
Command Center, Entry and Exit of building
premises need to be under constant video
surveillance. Monitoring cameras shall be installed
strategically to cover all the critical areas of all the
respective locations and the feed of the CCTV
system should be integrated with control and
command centre.
Pls Add:- The CCTV system should be able to
prevent attacks from IoT botnets such as Mirai and
Reaper by using secure authentication techniques
like PKI. All PKI Keys to be managed and audited
centrally using a FIPS 140-2 Level 3 Hardware Based
Key Manager that supports KMIP standards.
Please refer to the corrigendum 6
762 Volume 2 Page No. 99
GIS System software should support VMware
vSphere, Microsoft Hyper-V & Huawei Fusion
Sphere virtualization environments. All VM
Images to be encrypted Using VM Agent based
software that is manageable using a ProtectV
Manager.
How are you going to encrypt the VM / Hyperwiser?
GIS System software should support VMware
vSphere, Microsoft Hyper-V
& Huawei Fusion Sphere virtualization
environments.
Pls Add:- All VM Images to be encrypted Using VM
Agent based software that is manageable using a
ProtectV Manager
Please refer to the corrigendum 6
763 Volume 2 Page No. 141
All Encryption Keys to be managed and audited
centrally using a FIPS 140-2 Level 3 Hardware
Based Key Manager that supports KMIP
standards.
As Industry Best Practice :-
Pls Add:- All Encryption Keys to be managed and
audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
764 Volume 2 Page No. 143
Database shall provide functionality for
encryption of all sensitive data using secure
encryption/tokenization techniques. All
Encryption Keys to be managed and audited
centrally using a FIPS 140-2 Level 3 Hardware
Based Key Manager that supports KMIP
standards.
How are you going to encrypt the DB?
Database shall provide functionality for encryption
of all sensitive data using secure
encryption/tokenization techniques.
Pls Add:- All Encryption Keys to be managed and
audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
765 Volume 2 Page No. 151
Server protection for storage solution should
support SED drives. All Encryption Keys to be
managed and audited centrally using a FIPS 140-
2 Level 3 Hardware Based Key Manager that
supports KMIP standards.
As Industry Best Practice :-
Pls Add:- All Encryption Keys to be managed and
audited centrally using a FIPS 140-2 Level 3
Hardware Based Key Manager that supports KMIP
standards.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
766 Additional queries
Key Secure Specifications:-
"Key management solution needs to be leveraged
through dedicated FIPS 140-2 Level 3 certified Key
Management appliances with capacity of managing
1 Million Keys per appliance and at least 100
maximum concurrent clients per cluster, to
distribute keys and certificates, and manage
different keys for each group, application and user
in order to prevent access of encryption keys to an
attacker.
Key Management appliance should support
Encryption Algorithms including 3DES, AES-256, SHA-
256, SHA-384, SHA-512, Should support encryption
of virtual image disk with Track the key access to all
copies of your data.
RFP conditions prevails
767 Additional queries
HSM Specifications:-
Encryption Confidentiality of sensitive information
and data of users and portal information should be
ensured.
System must implement various measures to
achieve this including mechanisms to ensure
security of procurement data, spanning from strong
end-to-end encryption of sensitive data, use of
strong PKI national standards encryption, use of
FIPS 140-2 Level 3 certified HSM (Hardware Security
Module) appliances with the capabilities of storing
all Private Keys securely in FIPS Certified Hardware
only (Not in NV RAM) and never stored in software
or in File Server in any form, HSM should have
enhanced Audit Log Facility & Error logs managed by
separate audit role. Log entries should originate
from HSM, which should include, when, who, what
and result of logging. Audit log entries are ensured
against any truncation, modification, deletion,
addition. Critical events like tamper,
decommissioning, zeroization, SO creation audit role
creation should be logged automatically and
unconditionally. Logs should be sent to the server
before rewriting them, physical security, access
control, network security, stringent audit
mechanism, 24x7 monitoring, and measures such as
data partitioning and data encryption.
RFP conditions prevails
768 Volume 2 141
Link load balancer shall be an appliance based
solution with minimum 64 bit speed core
architecture and purpose built hardware for
overall high performance. It shall have a
minimum of 64 GB RAM and at least 8x10G SFP+
ports. It shall have minimum of 120 Gbps
throughput. Shall support security features like
reverse-proxy firewall, sync-flood and denial of
service attack protection from day one. It shall
support multiple Internet links in active-active
load balancing and active-standby failover
mode.
64GB RAM is lower side to process the traffic
@120Gbps, RAM should be minimum of 128GB and
with 8x10G ports on Load Balancer 120Gbps
throughput can not be utilized as with 8x10G only
Max throughout will be 80Gbps only so request to
change clause as "Link load balancer shall be an
appliance based solution with minimum 64 bit
speed core architecture and purpose built hardware
for overall high performance. It shall have a
minimum of 128 GB RAM and at least 8x10G SFP+
ports and 6x40G QSFP+ Ports. It shall have minimum
of 120 Gbps throughput. Shall support security
features like reverse-proxy firewall, sync-flood and
denial of service attack protection from day one. It
shall support multiple Internet links in active-active
load balancing and active-standby failover mode."
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
769 Volume 2 141
It shall support built-in failover decision/health-
check conditions. It shall also support failover
and High Availability (HA) requirements. It shall
have redundant power supplies. Shall support
script based functions support for content
inspection, traffic matching and monitoring of
HTTP, SOAP, XML, diameter, generic TCP, TCPS.
Load balancer being highly critical solution at
perimeter, Thus HA failover should have mechanism
to mirror the active sessions on backup device, if
one device fails user session should not fail. Request
to change clause as "It shall support built-in failover
decision/health-check conditions . It shall also
support failover and High Availability (HA)
requirements with TCP, SSL and Persistence session
mirroring. It shall have redundant power supplies.
Shall support script based functions support for
content inspection, traffic matching and monitoring
of HTTP, SOAP, XML, diameter, generic TCP, TCPS."
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
770 Volume 2 141
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual instance to support multiple load
balancing and security functions. Shall have
minimum of 8x10G SFP+ interfaces from day
one. Shall have security features like reverse-
proxy firewall, sync-flood and denial of service
attack protection
from day one.
With 10Gbps of the system throughput per virtual
instance for 16 instances means total throughput of
160Gbps. with 8x10G ports on Load Balancer
160Gbps throughput can not be utilized with 8x10G.
With 8x10G Max throughout can be utilized is
80Gbps only so request to change clause as Multi-
tenant hardware with multicore CPU support. It
shall support minimum four (4) virtual instances and
shall be scalable to 16 instances on the same
appliance. Shall have minimum of 10 Gbps of system
throughput per virtual instance to support multiple
load balancing and security functions. Shall have
minimum of 8x10G SFP+ and 6x40G QSFP+
interfaces from day one. Shall have security features
like reverse-proxy firewall, sync-flood and denial of
service attack protection from day one.
RFP conditions prevails
771 Volume 2 141 New Clause
Should have and support 80,000 SSL TPS and 48,000
SSL TPS with ECC Cryptography where TPS = Only
one HTTP transaction over each new SSL
handshakes per second, without session reuse and
using a 2048 bit key SSL Certificate. 1 SSL TPS = 1
SSL CPS
RFP conditions prevails
772 Volume 2 141 New ClauseShould have minimum 40 Gbps Compression and
SSL throughputRFP conditions prevails
773 Volume 2 141 New Clause
System should be able to encrypt the user
credentials in real time so as to protect the
credentials especially password/Aadhar number or
any other sensitive parameter as defined by
department to protect from keyloggers and
credential stealing malware residing in the end
users system
RFP conditions prevails
774 Volume 2 141 New Clause
Solution must be able to detect the presence of
Remote Access Trojans (RATs) residing in the user's
web browser.
RFP conditions prevails
775 Volume 2 141 New Clause
Solution should perform comprehensive
countermeasure to protect against zero day attack,
Challenge – Response Mechanism, which should be
able to detect and protect attacks in real time
through inbuilt Captcha Mechanism
RFP conditions prevails
776 Volume 2 141 New Clause
Solution should integrate with AD, LDAP, Radius,
TACACS with inbuilt OTP mechanism for 2 Factor
Authentication
RFP conditions prevails
777 Volume 2 141 New ClauseProposed solution should be manageable from a
single management platform RFP conditions Prevails
778 Volume 1 34
The bidder’s proposed OEM(s) for the following
solutions must be included in the Gartner magic
quadrants (in either Leaders or Challengers
quadrant) as on the day of submission of bid.
Gartner Reports released in the last 1 year to be
referred and submitted.
Should be read as " The OEM of Link Load Balancer
and Server load balancer also should be in the
Gartner's Leaders Magic Quadrant for "Application
Delivery Controllers" in the latest published
report".
RFP conditions Prevails
779 Volume 2
Solution must be able to detect the presence of
Remote Access Trojans (RATs) residing in the
user's web browser.
This feature will help safeguard the application
servers from any illegitimate traffic arising from the
malicious/infected end user machine outside or
inside of the network.
RFP conditions Prevails
780 Volume 3 RFP conditions prevails Query Not Clear
781 Volume 4 RFP conditions prevailsMentioned Volume is not part of
the RFP
782 Volume 5
Solution should perform comprehensive
countermeasure to protect against zero day
attack, Challenge – Response Mechanism, which
should be able to Detect and protect attacks in
real time through inbuilt Captcha Mechanism
This will challenge the user request to application
server to avoid responding any request or flood
originating from illegitimate source such as
BOT.With inbuilt CAPTCHA capability requires no
additional changes at application level
RFP conditions prevailsMentioned Volume is not part of
the RFP
783 Volume 6
Solution should integrate with AD, LDAP, Radius,
TACACS with inbuilt OTP mechanism for 2 Factor
Authentication
Two Factor Authentication add a second layer of
authentication to ensure application is accessed by
authorized users only in case of primary
authentication has been compromised.
RFP conditions prevailsMentioned Volume is not part of
the RFP
784 Volume 7
Solution should encrypt the sensitive field in
the application in real time as compared to
being encrypted after a submit button or
equivalent being pressed
This helps protect user credentials from any
malware infected browser from stealing user
identity.
RFP conditions prevailsMentioned Volume is not part of
the RFP
785 Volume 8
Solution must have Geolocation IP address
database to identify the source of the attack
origin and IP Reputation Mechanism to identify
the Blacklisted TOR Networks or Proxy IP
address to Block the request immediately.
It will ensure that applications are protected from
request or attacks originated from globally known
black listed IP address. Also request from certain
geographic locations can be blocked as per
organization policy.
RFP conditions prevailsMentioned Volume is not part of
the RFP
Solution should perform application layer
encryption to protect user identity.
This feature will add security at application layer to
ensure IoT user identity is protected.
786 Volume 9
"Behavioral DoS/ Challenge response: Detects
and prevents zero-day DoS/DDoS flood attacks.
Connection Limit per source: Protects against
connection flood attacks.
SYN Protection: Prevents SYN flood attacks
using SYN authentication mechanism
PPS Limit per source: Protects against DoS
attacks that use a high PPS rate in a certain
connection.
DoS protection using Intelligence feed
signatures: Protects against known flood attacks
and flood attack tools that cause a denial of
service effect.
DNS Protection: Detects and prevents zero-day
DNS-flood attacks.
• DNS query limit
• DNS Nxdmain attack protection
• DNS TCP active authentication mechanism
Out of State/sequence Protection: Detects out-
of-state/sequence packets to provide additional
protection for TCP session–based attacks.
Zero Day Attack Protection:
The proposed device should support
comprehensive countermeasure to protect
against zero day attack, Challenge – Response
Mechanism, and which should be able to Detect
and protect attacks in real time through inbuilt
Captcha Mechanism
For complete Web application firewall features.RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
787 Firewall 159
Firewall shall have following user authentication
capabilities: • XAUTH VPN, Web based, 802.X
authentication
Firewall shall have following user authentication
capabilities: • XAUTH VPN, Web based/802.X
authentication
The 802.X authentication is
for wireless or port based
authentication on Switch.
This authentication is not
related to Firewall and
spcific to an OEM. Please
ammend the clause
accordingly.
RFP conditions Prevails
788
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The advance secuirty solution should provide proxy,
caching, content filtering, SSL inspection, protocol
filtering, inline AV and content inspection ( 1000+
predifined pattern) in block mode on the same
Appliance. The solution should have at least 20+
million websites in its URL filtering database and'
should have pre-defined URL categories and
application protocols along with YouTube, Facebook
and linked-in controls. Solution vendor should
ensure that 100 predefined categories & 100+ pre-
defined protocols.
The web channel became
significantly more
malicious, both as an
attack vector and as the
primary support element
of other attack trajectories
(e.g., social, mobile, email).
there is nearly 6-fold
increase in malicious sites
overall. Moreover, 85
percent of these sites were
found on legitimate web
hosts that had been
compromised. It is
suggested to have Inline,
real-time information
security to prevent web-
borne threats.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
789
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The data secuirty solution should inspect the
sensitive content through 1500 pre-defined
templates, textual content inside
image,commulative content control and inspection
through web and email channel. The data end point
solution should inspect data leaks over HTTP ,
HTTPs and SMTP. The solution should be able to
block outbound emails sent via SMTP if its violates
the policy. Endpoint solution should support win 32
and 64 bit OS, Mac & Linux OS,Support wide variety
of platforms. The solution should be able to enforce
policies to detect data leaks even on image files
through OCR technology and should enforce policies
to detect low and slow data leaks
RFP conditions Prevails
790
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The solution must be present in the latest Gartner's
Leader/Challanger quadrant for Data Loss
Prevention and Web Security . The OEM should
have own TAC center in India.
RFP conditions Prevails
791
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 10
Scalability -Important technical components of
the architecture must support scalability to
provide continuous growth to meet the growing
demand of the city. The system should also
support vertical and horizontal scalability so that
depending on changing requirements from time
to time, the system may be scaled upwards.
Should the Scalability be Vertical and Horizontal
while not being dependant on the Make , Model &
Brand. Should the solution consider the scalability
for any of the future Storage procured later and
merged into the same Storage Pool to provide the
Capacity & Performance regardless of the Storage
make.
RFP conditions Prevails
792
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 10
Availability - The architecture components
should be redundant and ensure that are no
single point of failures in the key solution
components. Considering the high sensitivity of
the system, design should be in such a way as to
be resilient to technology sabotage. To
Since Physical Components may be redundant, we
would like clarity on whether the Key CCTV Video
content for the latest 7 Days should also be
redundant on Primary & Secondary storage to avoid
the Data failure state from primary Storage.
Additionally, should the data storage for 90
additional days be required to be made online from
any storage platform including tapes.
RFP conditions Prevails
793
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc.
LTO Tape Storage is the Safest Storage to protect
the data against malicious attack, Theft and
disaster. In-built Active archiving Solution for CCTV
Video conent on Tape is mandatory for this critical
environment. Kindly confirm if the same is required
for Overall Security of Data.
RFP conditions Prevails
AS per Section 43A of the
IT Act requires that
anycorporate which
possesses, deals or handles
‘sensitive personal data or
information’ through a
computer resource owned,
operated or controlled by
it, maintain and implement
‘reasonable security
practices and procedures’
to protect such
information. If a body
corporate is negligent in
maintaining and
implementing such
reasonable security
practices and procedures
and thereby causes any
wrongful loss or wrongful
gain, it will be liable to pay
794
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 12
Interoperability - The system should have
capability to take feed from cameras installed by
private/Govt. at public places, digitize (if
required) & compress (if required) this feed &
store as per requirements.
Clarification needed on - the capabilities to keep the
Camera feeds on Primary & Secondary storage and
the Compatibility should be between all storages
alongwith the VMS engine to read the video data
recorded by the recording server. VMS server
should be aware of the Data location whether its
residing on Primary storage or archived to
secondary storage.
RFP conditions Prevails
795
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 12Open Standards - Systems should use open
standards and protocols to the extent possible.
Considering this point for the Offered Storage as-
Offered SAN Storage should be able to deliver the
required protocols for the Network users, they
could be connecting to FC or IP network.
RFP conditions Prevails
796
Functional
Requirement of
Command and
Control Centre
Platform:
Point no. 96 -
Archival and
Retrieval
Page no. 33
Ease of restoration of archived data from
online archieves or offline storage and it shall
be able to keep track of all archival activities
performed
Can we refer to this point as: "VMS application
server's catalog system shall be able to keep the
entire retention period history in their Catalog
records to locate the data kept on any of the
primary or secondary storage without having any
Disk Drive size limitation and the same data can be
restored from the application directly irrespective of
the Storage tier. Additionally, allocated disk size to
VMS server should not have any limitation on its
Volume capacity / size." VMS application shall
restore the data from Primary or from Auto archived
location i.e. Tape Library storage.
RFP conditions Prevails
797 3.7 City Surveillance Page no. 78Under the Project Total 280 cameras were
deployed at 70 Locations
Need to know the counting of the new Cameras and
would the retention be considered as 90 days for
the overall surveillance data.
RFP conditions Prevails
798 Primary Storage Page no. 136
Storage Capacity should be minimum 5 TB
(usable, after configuring in offered RAID
configuration)
Is the min. 5 TB Usable disk capacity required from
SSD / SAS or NL-SAS disk to meet the performance
and capacity criteria?
We proposed that the offered complete capacity in
the primary Storage should not have any limitation
in its LUN Size to ensure better flexibility to the
Applications.
RFP conditions Prevails
799 Primary Storage Page no. 136
Cache:
• Minimum 128 GB of useable cache across all
controllers. If cache is provided in additional
hardware for unified storage solution, then
cache must be over and above 128 GB.
Can additional SSD disk in the same appliance be
provided to meet the Cache requirement over and
above 128 GB?
RFP conditions Prevails
800 Primary Storage Page no. 136
Management software:
Should provide the functionality of proactive
monitoring of Disk drive and Storage system for
all possible disk failures
Management Solution should also be offered with
the in-built archiving functionality to move/ Archive
the CCTV Video content to Secondary Disk or Tape
Storage to optimize the primary storage sizing
RFP conditions Prevails
801 Secondary Storage Page no. 138Must use latest stable technology platform, with
support available for next 7 to 10 years.
The Solution should be sized according to the next 5
years of Capacity planning for archival data.RFP conditions Prevails
802 Tape library Page no. 140 Technology: LTO 6 Kindly change it to min. LTO-7 Generation or later RFP conditions Prevails
803 Tape library Page no. 140 Number Drives: Two LTO 6 DrivesMin. 2 or 3 LTO-7 Drives as it provides redundancy &
better read/write accessRFP conditions Prevails
804 Tape library Page no. 140 Media Slots: Minimum 45Min. slot comes to the Tape is 50, Kindly make it 50
to make it Generic to all.RFP conditions Prevails
805 Tape library Page no. 140 Interface: Minimum 4 Gbps FC Interface FC interface for the Tape Drives are 8 Gbps RFP conditions Prevails
806 Tape library Page no. 140Software: Security and Remote Management
Software
Need to know which security software is required.
Kindly confirm if you are reffering Encryption
Manager appliance in Redundant fashion which
keeps the Encryption keys in redundant fashion.
RFP conditions Prevails
807 Volume 1 78 of 245
3.5 Intelligent Traffic Management System
Description: As a part of Intelligent Traffic
Management, traffic Signals shall be made
intelligent’ in order to make the traffic flow
smooth and efficient and to help police to take
proactive/ reactive measures and ensure safe &
smooth environment on roads. The Intelligent
Traffic Management will include
Adaptive Traffic Signalling, Red Light Violation
Detection (RLVD) systems, Variable Message
Signs (VMS), CCTV Surveillance Cameras.
Public Address system, etc. at road
intersections, public places, market places or
other critical locations. Digital Signboards/ VMS
will enable Command & Control Centre to
communicate effectively with citizens and also
improve response while dealing with exigency
Situations. Pollution & environment sensors will
gather data about pollution, temperature, rains
and other identified parameters.
Functional Requirements: As soon as the
Technical Service Provider of the
IntegratedTraffic Management will complete the
work of Integrated Traffic Management project,
The Master System Integrator who will be
selected
We request you to include two software as under :
1. Command Centre Core Software for Smart City
Application and Adaptive Traffic Management
Globally as well as in Asian countries . Since Last 5
years . To
facilitate real Adaptive Traffic Management.
To reduce travel time , pollution .2. Traffic
Microsimulation Software .
RFP conditions Prevails
808
2.29 Eligible Goods
and Services, and
OEM Criteria Vol 1
Page No : 34
h. The bidder’s proposed OEM(s) for the
following solutions must be included in
the Gartner magic quadrants (in either Leaders
or Challengers quadrant) as on
the day of submission of bid. Gartner Reports
released in the last 1 year to be
referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
Request customer to allow OEM(s) who are
Leaders or challengers or Visionaries from
Gartner’s MQ for Data Center Networking
The Requirement of Lan switches is for Data centre
RFP conditions Prevails
8432.8 Earnest Money
Deposit (EMD)Vol. I; Pg. 21
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-Procurement
portal
Request to kindly accept submission of EMD in the
form Bank Guarantee alsoRFP conditions prevails
8442.16 Deviations and
ExclusionsVol. I; Pg. 26
Bids shall be submitted strictly in accordance
with the requirements and terms & conditions
of the RFP. The Bidder shall submit a No
Deviation Certificate as per the format
mentioned in Section 6.5. The bids with
deviation(s) are liable for rejection.
Request to kindly allow Bidders to submit
suggestions RFP conditions prevails
8452.30 Right to vary
quantityVol. I; Pg. 35
c. Repeat orders for extra items or additional
quantities may be placed, if it is provided in the
bidding document, on the rates and conditions
given in the contract if the original order was
given after inviting open competitive bids
Kindly note that the prices quoted are valid for the
period mentioned in Bid response as per OEMs
offer. In case of repeat orders for additional
quantities, the prevailing rates and conditions shall
be as per the revised offer from
RFP conditions prevails
846Pre-Qualification
CriteriaVol. I; Pg. 40 Statutory Auditor certificate
For the Pre-qualification requirement, wherever the
Statutory Auditor Certificate is asked for, kindly
allow submission of Chartered Accountant
Certificate also
RFP conditions prevails
847
1.5 Other
expectations from
MSI
Vol. II; Pg.16
22. MSI shall be responsible for setting up/
building / renovating the necessary physical
infrastructure including provisioning for
network, power, rack, etc. at all the locations.
Does this also involve any Civil Work e.g. Design and
Construction of building/premises etc. if yes how
many locations and what type of construction is
expected. Also for providing Network, Power, rack
etc. please suggest the existing infrastructure if any
which needs to be renovated/ Setup.Please also
clarify who will facilitate the permissions required, if
any, from third party agencies e.g. Power
companies, Regulatory authorities etc.
Please refer to the corrigendum 6
848
1.5 Other
expectations from
MSI
Vol. II; Pg.18
28. The MSI shall directly interact with
electricity boards for provision of electric supply
at all desired
locations including any Field Infrastructure
solution mentioned in the RFP document
Do Interact with Electricity companies on behalf of
Lucknow Smart City, we would require multiple
permission from you. Please clarify who will provide
these permissions. Also will the provision also
include the monthly recurring charges to be paid to
electricity companies
RFP conditions prevails
849
1.5 Other
expectations from
MSI
Vol. II; Pg.18
29. All existing road Signs which are likely to be
affected by the works are to be carefully taken
down and stored. Signs to be re-erected shall be
cleaned, provided with new fixings where
necessary and the posts re-painted in
accordance with City guidelines. Road Signs,
street name plate etc. damaged by the MSI
during their operation shall be repaired or
replaced at the MSI’s cost
Does this also include the constrcution/ repair of
the road patches if required during the process or
that will be done by the relevant authorities.
RFP conditions prevails
850
1.5 Other
expectations from
MSI
Vol. II; Pg.18
30. The infrastructure of existing systems or any
other filed Infrastructure including the poles,
cantilevers, aspects, controllers and cabling and
associated mountings and civil infrastructure
may need to be dismantled (where ever
applicable) and replaced with the new systems
proposed and shall be in the scope of MSI. The
dismantled infrastructure shall be delivered at
the Lucknow Smart City designated location
without damage, at no extra cost
Please elaborate further on this. Also if there is a
possible damangehappened to the dismantled
infrastructure how that will be handled by Lucknow
Smart City (Is there a penalty to be levied on the
MSI for this). Also since this is a complex work, we
request you to kindly remove this from the scope of
work for MSI
RFP conditions prevails
85110. Bidder’s
ObligationsVol. III; Pg.9
10.5 SI shall ensure that none of the Key
Personnel (refer RFP Volume I proposed) and
manpower exit from the project during first 6
months of the beginning of the project. In such
cases of exit, a penalty of INR 2 lakhs per such
replacement shall be imposed on SI
Request to kindly remove the penalty clause RFP conditions prevails
85210. Bidder’s
ObligationsVol. III; Pg.9
10.6 SI should submit profiles of only those
resources who shall be deployed on the project
For large System Integrators, it will be difficult to
hold the same resources till the support phase of
the project.
RFP conditions prevails
85310. Bidder’s
ObligationsVol. III; Pg.10
10.12 All the OEMs that Bidder proposes should
have Dealer possession licenses
Please elaborate further on this and the detail of
the required License. Since Most of the SI may not
have this, we request you to kindly remove the
requirement
RFP conditions prevails
85410. Bidder’s
ObligationsVol. III; Pg.11
10.15. If a product is de-supported by the OEM
for any reason whatsoever, from the date of
Acceptance of the System till the end of
contract, SI should replace the products/
solutions with an alternate that is acceptable to
the Authority at no additional cost to the
Authority and without causing any performance
degradation
Kindly note that SI shall offer products that are
offered by OEM which would generally be
supported for more than 5 years. Hence, kindly
remove this clause.
RFP conditions prevails
85510. Bidder’s
ObligationsVol. III; Pg.11
10.17. SI shall ensure that the OEMs provide the
support and assistance to SI in case of any
problems / issues arising due to integration of
components supplied by him with
any other component(s)/ product(s) under the
purview of the overall solution. If the same is
not resolved for any reason whatsoever, SI shall
replace the required
component(s) with an equivalent or better
substitute that is acceptable to Authority
without any additional cost to the Authority
Please note SI shall offer the products and solution
based on the requirement. Hence, please remove
this clause
RFP conditions prevails
85611 Payment Terms
and ScheduleVolI. II; Pg.184
2. Due payments shall be made promptly by the
Authority, generally within Sixty (60) days after
submission of an invoice or request for payment
by MSI
RFP conditions prevails
857 12. Payments VolI. III; Pg.16
12.1 Efforts to make payments to SI within 45
days of receipt of invoice(s) and all necessary
supporting documents
Please refer to the corrigendum 6
Kindly modify the clause as "Due payments shall be
made promptly by the Authority, generally within 30
days after submission of an invoice or request for
payment by MSI
85813. Intellectual
Property RightsVolI. III; Pg.17
Please include "The IPR of all pre-existing work shall
remain with the bidder and need not be transferred
to LSCL. Only IPR of development done specific to
the requirements of LSCL shall be made available to
LSCL".
RFP conditions prevails
859
24.1. The Goods supplied under this Contract
shall be comprehensively insured by SI at his
own cost, against any loss or damage, for the
entire period of the contract.
RFP conditions prevails
860
b. Employer's liability and workers'
compensation insurance in respect of the
Personnel of the Company, in accordance with
the relevant provisions of the Applicable Law, as
well as, with respect to such Personnel, any such
life, health, accident, travel or other insurance
as may be appropriate
RFP conditions prevails
86125. Transfer of
OwnershipVolI. III; Pg.23
25.1. SI must transfer all titles to the assets and
goods procured for the purpose of the project to
the Authority at the time of Acceptance of
System
Kindly note, all the newly supplied assets and goods
shall be transferred in the name of LSCL
immediately after the delivery of the same at LSCL
premises.
RFP is Self Explanatory
862 Vol I pg.21
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-Procurement
portal.
EMD will be given in the form of BG. Need
confirmation.Please refer to the corrigendum 6
863 Vol I pg.35 Right to vary quantityRequest variation cap at 10% of the total order
valueRFP conditions prevails
864 Vol II Pg.23
The Goods supplied under this Contract shall be
comprehensively insured by SI at his own cost,
against any loss or damage, for the entire period
of the contract.
Insurance will be borne by the MSA only till the time
of delivery of goods to the customer's premiseRFP conditions prevails
86527. Performance
SecurityVol III Pg.25
SI shall be required to submit five Bank
Guarantees of equal amount totaling 10% of the
value of the Contract. The Authority shall return
1st Bank Guarantee after 2 Bank Guarantee
after 2 years of signing of contract and
successful project execution, 2nd Bank
Guarantee after 3 years of contract signing and
successful project execution, 3rd Bank
Guarantee after 4 years of contract signing and
successful project execution and the 4th and 5th
Bank Guarantee one year after successful
completion of the contract.
We would submit rolling PBGs for each year. First
BG for 10% of the TCV valid for the entire contract
duration, 2nd BG will be submitted during the 2nd
year for 10% of the remaining contract value valid
for the remaining contract period upon getting back
the first BG from the customer, 3rd BG will be
submitted during the 3rd year for 10% of the
remaining contract value valid for the remaining
contract period upon getting back the 2nd BG from
the customer etc.
RFP conditions prevails
866Service Level
Agreement (SLA)Vol III pg. 45
Penalties
SLA : Maximum Penalty applicable for any
quarter shall not exceed 30% of the ‘applicable
fees’ for the respective quarter
Request cap at 10% of the applicable fees per
quarterRFP conditions prevails
867 14. Taxes VolI. III; Pg.17 TaxesVariation in existing tax rates or introduction to new
taxes to be passed on to the customerRFP conditions prevails
868 RFP conditions prevails Query Not clear
869 Vol 1, 3.4.3 34The sole bidder or lead bidder /consortium
partner should have CMM level 5.We request you to consider CMM Level3 RFP conditions prevails
870 Vol 1, 3.5.1 39 CMM level 5 =3 marks Please consider CMM Level 3 = 3 marks RFP conditions prevails
871 Vol 1, 3.5.1 39
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of RFP.
Generally website and Mobile app scope will be less
than INR 5 crore. We request you to amend this
clause that "The Sole Bidder or lead member (in
case of consortium) should have been awarded and
successfully executed & commissioned project(s)
related to development and integration of citizen
centric web portal / mobile app components or both
having minimum value of INR 3 crore in India during
last five years as on the date of release of RFP.
Please refer to the corrigendum 6
872 Vol 1, 3.5.2 46Project Director
Total Experience: At least 15 years in IT sectorWe request you to consider 12 years in IT Sector RFP Conditions Prevails
873 Vol 1, 3.5.2 47
GIS Specialist
a. Master in Geography with Post-Graduate
Diploma in Remote Sensing & GIS/Master in
Remote Sensing & GIS from reputed institute.
We request you to amend that
a. B.Tech/B.E with experience in GIS for minimum 3
years from reputed institute.
RFP Conditions Prevails
874 Vol 1, 6.8 78Environmental Sensors- Hardware As per
Bidder’s Solution)
Please provide the no. of Environmental sensors
requiredRFP Conditions Prevails
875 Vol 1, 6.8 78 UPS for VMS Please provide UPS backup time RFP conditions prevails Minimum 60 Min backup
876 Vol 1, 6.8 78 UPS for Environmental Sensor Please provide UPS backup time RFP conditions prevails Minimum 60 Min backup
877 Vol 1, 6.8 79 Operator ConsoleWe understand that Operator console is nothing but
workstation. Please confirm our understanding.RFP conditions prevails
878 Vol 1, 6.8 80 Online UPS (As per Bidders Solutions) Please provide UPS backup time RFP conditions prevails Minimum 60 Min backup
24. Insurance VolI. III; Pg.23
Kindly note that Insurance for the new equipment
supplied by SI shall be provided till the delivery of
the equipment at LSCL . Insurance for existing &
newly acquired assets of LSCL for the project period
shall not be the responsibility of SI. The workers
compensation policy shall be inherent and taken
care as per the respective Bidders' Organisation
policy.
879Server Load
Balancer, Volume 2141
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual instance to support multiple load
balancing and security functions. Shall have
minimum of 8x10G SFP+ interfaces from day
one. Shall have security features like reverse-
proxy firewall, sync-flood and denial of service
attack protection from day one.
SUGGESTED CLASUE:
Multi-tenant hardware with multicore CPU support.
It shall support minimum 10 virtual instances and
shall be scalable to 100 instances on the same
appliance.
Device Throughput: 100 Gbps with 50% scalability in
case of future requirement.
Traffic Ports:
4 x 40 GbE QSFP+
20 x 10 GbE SFP+
SLB should support the Next Generation Features
like
1) Virtualization with Internal Hypervisor (10vADC
scalable upto 100)
2) Application Performance Monitoring
3) Web Performance Optimization
4) Security (ICSA Certified WAF, Defense
Messaging/Integration with DDoS solution)
5) Automation
SLB OEM should have TAC based in India and
present in Gartner Leader's Quadrant (2016).
RFP conditions prevails
880Link Load Balancer,
Volume 2141
Link load balancer shall be an appliance based
solution with minimum 64 bit speed core
architecture and purpose built hardware for
overall high performance. It shall have a
minimum of 64 GB RAM and at least 8x10G SFP+
ports. It shall have minimum of 120 Gbps
throughput. Shall support security features like
reverse-proxy firewall, sync-flood and denial of
service attack protection from day one. It shall
support multiple Internet links in active-active
load balancing and active-standby failover
mode.
Most of the Industry leading OEM's provide both
Link Load Balancer and Server load Balancer
solutions. Kindly allow the SLB and LLB from the
same OEM, in order to have better management
and single point of contact for Load Balancing
solutions.
SUGGESTED CLAUSE:
Link load balancer shall be an appliance based
solution with minimum 64 bit speed core
architecture and purpose built hardware for overall
high performance.
Device Throughput: 100 Gbps with 50% scalability in
case of future requirement.
Traffic Ports:
4 x 40 GbE QSFP+
20 x 10 GbE SFP+
It shall support multiple Internet links in active-
active load balancing and active-standby failover
mode.
LLB and SLB should be from same OEM
RFP conditions prevails
881New Component
Request, Volume 21
We are suggesting DEDICATED DDoS Attack
Mitigation protection solution for the Traffic
generated from the users, in order to safeguard
the Network & Application Infrastructure.
As per the recents Global events, related to IoT
DDoS attacks generated from Cameras, it
becomes a must requirement to handle the
ZERO-DAY DDoS THREATS on REAL TIME BASIS
(SIGNATURE LESS TECHNOLOGY) and the entire
process should be automatic (i.e. without
human intervention).
Dedicated DDoS Mitigation Solution will provide
behavioral based, automatically generated, real-
time signatures, preventing attacks that are not
vulnerability based and zero-minute attacks
such as: network and application floods, HTTP
page floods, malware propagation, Web
application hacking, brute force attacks aiming
to defeat authentication schemes, and
more—all without blocking legitimate users’
traffic and with no need for human intervention.
Pls confirm the solution requirement to be
proposed by the bidder, as part of the RFP SoW.
SUGGESTED CLAUSE:
Dedicated appliance based DDOS Mitigation
solution (not a part of Firewall or UTM or Router or
ADC or Proxy based Architecture) with DoS Flood
Attack Prevention Rate: upto 300 Mpps (EAL4+ or
above certified). Automatic Real Time Signature
generation within few seconds, without human
interference.
Device Throughput: 100 Gbps with 50% scalability in
case of future requirement.
Traffic Ports:
20 (SFP+) x 10GE
4 (QSFP+) x 40 GE and 4 (QSFP28) x 100 GE
DDoS Mitigation solution vendor should have OEM
TAC in India & should have Indian presense for more
than 10 years.
RFP conditions Prevails
882
2.8, Earnest Money
Deposit (EMD), Vol
1
Page No : 21
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-
Procurement portal. No exemption for
submitting the EMD will be given to any agency.
Bid security in any other form will not be
entertained
The EMD fee may be exempted for public Sector
Undertaking organizations. RFP conditions Prevails
883
2.29 Eligible Goods
and Services, and
OEM Criteria Vol 1
Page No : 34
h. The bidder’s proposed OEM(s) for the
following solutions must be included in the
Gartner magic quadrants (in either Leaders or
Challengers quadrant) as on the day of
submission of bid. Gartner Reports released in
the last 1 year to be referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
Request customer to allow OEM(s) who are Leaders
or challengers or Visionaries from Gartner’s MQ for
Data Center Networking
The Requirement of Lan switches is for Data centre
RFP conditions Prevails
884Volume 2, 13
ANNEXURE 2Page No : 228
Monitoring Workstations : EPEAT Gold
certification for the system.
Asked is EPEAT Gold Certification, We request you
to kindly change this to EPEAT SilverRFP conditions Prevails
885Volume 2, 13
ANNEXURE 2Page No : 227
Monitoring Workstations : BIOS controlled
electro-mechanical internal chassis lock for the
system
Asked is BIOS controlled electro-mechanical internal
chassis lock for the system which is OEM specific,
we suggest external locking arrangement which is
better controllable and cost effective
RFP conditions Prevails
886Volume 2, City
Surveillance 3.7Page No : 78
ICCC will receive feeds of CCTV existing cameras
and new cameras on real time basis. ICCC will be
integrated with existing cameras and new
cameras.
Please provide details of existing cameras RFP conditions Prevails
887
Volume 2,
Integration with
SCADA 3.9
Page No : 79
Integration of SCADA Systems (Water Supply,
Sewerage Pumping Station
etc.) (For future integration)
Please provide details of existing systems RFP conditions Prevails
888
2.29 Eligible Goods
and Services, and
OEM Criteria Vol 1
Page No : 34
h. The bidder’s proposed OEM(s) for the
following solutions must be included in
the Gartner magic quadrants (in either Leaders
or Challengers quadrant) as on
the day of submission of bid. Gartner Reports
released in the last 1 year to be
referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
Request customer to allow OEM(s) who are
Leaders or challengers or Visionaries from
Gartner’s MQ for Data Center Networking
The Requirement of Lan switches is for Data centre
RFP conditions Prevails
889
Vol_1,2.29 Eligibal
Goods and Services
and OEM Criteria
Page No : 29
The bidder’s proposed OEM(s) for the following
solutions must be included in the Gartner magic
quadrants (in either Leaders or Challengers
quadrant) as on the day of submission of bid.
Gartner Reports released in the last 1 year to be
referred and submitted.
i) Wired and Wireless LAN Access Infrastructure
ii) Data Centre Networking
iii) Enterprise Network Firewalls
iv) Intrusion Prevention Systems
v) Modular Servers
1. This section mention that proposed OEM(s) for
the following solutions must be included in the
Gartner magic quadrants(in either Leaders or
Challengers quadrant) as on
the day of submission of bid. Gartner reports
released in the last 1 year to be for Wireless LAN
Access
2. Tender asks for edge Level Switch Industrial grade
switch. OEM to be in IDC/Gartner report. This report
is not applicable for Industrial switches, but
applicable
for commercial Ethernet equipment. The
applicablle report for Industrial Switches are
ARC/IHS report. None of the top manufactures of
Industrial Ethernet equipoment
do fall in the IDC/Gartner report.
Such reports do not allow the top global Industrial
Ethernet companies to participate in this prestigious
tender.
http:// www.arcweb.com/
http:// ihsmarkit.com/
We request you to please consider Industrial Edge
Level Switch OEM market share by means of
ARC/IHS report
RFP Conditions Prevails
890
Vol 1
Section 3.4.3
Pre-Qualification
Criteria
Track 7
36The sole bidder or lead bidder /consortium
partner should have CMM level 5.
We request you to kindly consider CMM Level 3
Organization to also participate in the Tender.
This would enable a broder spectrum of bidder to
participate in the bid and also enable Lucknow
Smart City in receiving more competative bids.
RFP conditions Prevails
891
Vol 1
Section 3.5.1
Pre-Technical Bid
Criteria &
Evaluation
Track A2
39Marks shall be allotted as given below:
•CMM level 5 =3 marks
As the qualifying criteria is CMM Level 5, so any
bidder who is eligible gets full marks. Hence, the
purpose of Technical Evaluation is not being
justified.
We request to allow CMM Level 3 Companies to
participate and and marking can be done
accordingly, for e.g.,
CMM Level 3 - 1 Mark
CMM Level 5 - 3 Marks
RFP conditions Prevails
892 Tourism Module 88 Toursism (Based on story map concept)
Clarification Sought: Tourist will be coming from
various geographical locations hence it is important
that
the tourist life cycle management solution should
be detailed out.
Modules Required: Tourist Segmentation , Tourist
Acquisition, Tourist Outreach , Tourist
Communication
Management , Tourist Journey Builder , Tourist Chat
Bot.
Rationale: The tourist module can be a revenue
generating module hence detailing of the
requirements is
strongly required.
Please refer to the corrigendum 6
893 Citizen Portal 89
Tourist information for the 199 heritages /
tourist spots identified
and documented. (Shown as POIs) – along with
Pictures and description
Proposed:
#It is important that CMS/Portal platform hosting
Tourism Module has built-in Digital Asset
Management
capability so that images and videos relevant to
heritate / tourist spots are managed centrally along
with its
meta-data.
#Also, to provide seamless experience to citizens on
low bandwidth, the images and videos must be
optimized automatically to speed up the page load
or App load.
# It is equally important that these videos and
images can also be automatically retrieved from
social media
platforms to enrich the tourist story boarding in the
context of citizen's browsing.
Rationale: High resolution images and videos can
make the sites and app load very slow. Increasing
number
of such assets will make it difficult to optimize the
images and videos automatically basis the
bandwidth.
Similarly, user generated content (UGC) relevant to
tourist stories pertaining to specific site and spots
will
make the story more lively and attarctive.
Please refer to the corrigendum 6
894
Citizen Portal-
Culture &
Community Events
91 Creation and upload of Events, Event Details, Calendar
Proposed: The citizen must be notified via push
notifications about a new event posted on Citizen
Portal, rather than citizen going to App or Web
Portal to see what's happening in Lucknow Smart
City. Rationale: Better citizen engagement and lively
community will make Lucknow a better Smart City
than rest of the other cities.
Please refer to the corrigendum 6
895Website
Monitoring110 Website Performance Report– Google Analytics Report (Monthly)
Clarification Sought: Google analytics is a restricted
solution , which be neutralised to include solutions
from other OEMS's.
Rationale: The data that is collected by google is
owned by google and not by the customer. Hence
request to relax this clause.
RFP conditions Prevails
896
Content
Management
System
109 Content Management System (CMS) & Layout Updates
Proposed: The proposed CMS Portal platform
should not have any RDBMS system as its own
content repository. Rationale: This will make the
maintenance of the website very simple and make it
highly scalable.
RFP conditions Prevails
897
Proposed: The CMS platform must provide a GUI
based (browser) mechanism to view the page
versions for
graphical compare different versions.
Rationale: To understand how the website pages
have changed over the period of the time, this will
be
important from compliance reasons.
RFP conditions Prevails
898
Proposed: The proposed CMS platform must also be
leveraged to provide content (images, text etc.) to
LSCL
Mobile app via Content as-a Service framework.
Rationale:This is important that the information
published on LSCL Website and Mobile App are
same and
there is no ambiguity.
RFP conditions Prevails
899
Website - Technical
and Functional
requirements
112
Site must be “responsively designed” to
accommodate mobile
users. This must include accommodations for
slower, cellular internet connections
Proposed: The CMS must have in-built digital asset
management solution to generation dynamic image
&
video renditions based on end user’s bandwidth to
optimize the page load experiences.
Rationale: This is to accommodate the slower
bandwidth speed and user experience.
RFP conditions Prevails
900Wep Portal &
Mobile App
31
&
113
The portal functions / features shall be
extended on to Mobile app also
for reaching out to more users and providing
quick access to the
services. Portal must be Omni channel i.e. its
design should be such that it can be
viewed easily on laptops, tablets and mobiles.
Clarification Sought: Citizens, availing the services
via LSCL Website/Citizen Portal/ Mobile App will
need
to fill forms and do digital enrollments electronically
through internet services. The users of the system
should
be able to track the status of application / inquiry at
any point of time.
Proposed :
e Forms: Design and development of the such
services must be done using electronic forms
application in
secure and usable format. All the hosted electronic
forms shall have the option of online submission
and
offline saving and later on submission by citizens or
inspectors while they are on field and may not have
connectivity.
Tracking : The e form solution should have in built
workflow engine to support tracking of citizen
application.
RFP conditions Prevails
901
Officer App- Field
Responder
Mobile Apps
54 & 106
Provide integrated Mobile Application for iOS,
Android and
Windows for capturing real-time information
from the field response
team using Mobile- Standard Operating
Procedure. Field Work Monitoring Module
Proposed: For field monitoring the e - form solution
must provide in built mobile app functionality.
Rationale: The field worker should be able to access
the LSCL inspection forms either through web portal
or
mobile app and the experience and the workflow
should be supported on both the platforms.
Frequent
changes in service forms / applications /inspection
RFP conditions Prevails
902 Officer App 106
Field Work Monitoring Module
encroachment
Clarification Sought:
Field Worker : Field workers who are carrying out
tasks on the field will need to input the data in pre
defined format of e forms inside the app. They also
need to sign the report submitted using e sign along
with
authentication, please clarify.
Officers : Officer need to validate the report and
give approval which would again need e - sign along
with
authentication. Please clarify.
RFP conditions Prevails
903Social Media
Platform108 Citizen App Modules
Proposed: It is important that citizens provide the
feedback to LSCL realtime through citizen portal and
mobile app and this would need functionality of
social engagement platform (managed on LSCL
digital platform).
Rationale: Citizen should be able to log in using
their social credentials and give the feedback to
LSCL via any digital interface.
RFP conditions Prevails
904 Help Desk 130
The proposed solution should automatically
suggest available technicians based on workload
while assigning tickets
The proposed solution (PBX, Gateways, ACD, CTI,
IVRS, Reporting, Recording and IP Phones must be
from same OEM.) should automatically suggest
available technicians based on workload while
assigning tickets
Without a proper call
center application, the
help desk cannot be
deployed with the features
asked.
RFP conditions Prevails
905 Help Desk 130
The proposed helpdesk system shall be capable
of assigning call requests to technical staff
manually as well as automatically based on
predefined rules, and shall support notification
and escalation over email
The proposed helpdesk system shall be capable of
assigning call requests to technical staff manually as
well as automatically based on predefined rules, and
shall support notification and escalation over email
using CRM (example: System should support skill
base routing, multiple group support, priority
handling and Queue status indicator.)
Email is part of CRM and
npot IPPBX. Without
defining the skills, defined
rules are simple and no
benchmark will be defined,
therby making it absurd to
compare any solutiol.
RFP conditions Prevails
906 Help Desk 131
The proposed helpdesk system shall integrate
tightly with the Knowledge tools and CMDB and
shall be accessible from the same login window
The proposed helpdesk system shall integrate
tightly with the Knowledge tools and CMDB and
shall be accessible from the same login window. The
call center solution should have been implemented
in minimum 5 projects (2 Emergency and three Non-
Emergency/BPO) handling over 100,000 calls per
day in each project in India or abroad in last 5 years.
Documentary evidence to be submitted.
This is required because
once live the number of
calls for all the applications
will be huge and the same
is seen in other
deployments also like
telemedicine, smart city
and Emergency resposne
where once deployed the
number of calls are more
than 2 lakhs calls per day.
Please refer to the corrigendum 6
907 Help Desk 131 Addition
The IP PBX should be modular, expandable,
embedded IP server-gateway/server based
architecture, having Unix or Linux or equivalent
operating system software based platform. The
system shall have hot standby/Active-Active
arrangement so that it should continue to operate
in case of failure or maintenance of main processor
or power supply or interfacing card or CPU etc. The
system should support IP or SIP as well as TDM. The
TDM can be supported through an external
Gateway.
Help desk must be
deployed in active -active
and modular architechture.
This will help integrate
with various application of
smart city and also provide
scalability and
redunandacy as desired.
RFP conditions Prevails
908 Help Desk 131 Addition
In the event of ACD failure for any reason, calls
should be routed by the built-in mechanism in the
PABX
Every help desk work on
call routing function
provided by ACD. However
if the ACD fails, no call will
come on help desk. So this
feature is a must.
RFP conditions Prevails
909 Help Desk 131 Addition
the citizen should be able to do chatbot with the
corporation with basic forms . The same should be
integrated with Help desk also to ensure in case the
chat wants to be transferred to agent, it can be
done automatically.
CHAT bot provides forms
like birth certificate, death
certificate, New
connection for water,
electricity, etc. these can
be automated to ensure
agents are not used.
RFP conditions Prevails
910 Help Desk 131 Addition
The Help desk should be able to do Citizen
emergency broadacst (CEB) to users usiing SMS,
EMAIL and calls. Also the CEB once triggered,
multiple eople can be taken into the call byu the
IPPBX immediately so that the decision is faster.
RFP Conditions Prevails
911 Vol_1_RFP 44 CMM Certification CMM level 5. Please more describe RFP is Self Explanatory
912 Vol_1_RFP 56 No Deviation Certificate Please give more information RFP is Self Explanatory
913 Vol_1_RFP 56 Total Responsibility Certificate Please give more information RFP is Self Explanatory
914 Vol_2_RFP 114
The authority has decided to host the
application and the data of the Integrated
Command & Control Centre to the UP State Data
Centre (SDC) situated in Lucknow. The Disaster
Recovery Centre (DRC) will be the cloud
platform developed by the National Informatics
Centre.
The DRC should be in the cloud platform as per
Meity guidelines (Meity empanelled CSP) and
audited by STQC for eligibility criteria as per
Government of India guidelines.
RFP Conditions Prevails
915 Vol_2_RFP 116
Centre is Tier III+)
to 99.982% availability.
substation next to DC
with N+N redundancy
As per TIA-942 in India only Ctrls Datacenter Tier IV
certified Data Centre. Kindly go through:
http://www.tia-
942.org/datacenter/4/IND/7/1/#tabs-1. Therefore
we request you change N+N to N+1 as the N+N is
requirement for Tier IV Data centre. Please follow
the link: http://www.gpxglobal.net/wp-
content/uploads/2012/10/TIERSTANDARD_Topolog
y_120801.pdf
Please refer to the corrigendum 6
916Vol2 (15. Online
UPS), pt. 3234
Input Power Factor at
Full Load, , > 0.9
As this is a Smart City Project latest Specifications
available for Input power factor are 0.99, this will
save approx. 10% of KVA Power Consumed w.r.t 0.9
requirement. Pls see if specications need to be
made better. This feature is available with all
leading manufacturers
RFP Conditions Prevails
917Vol2 (15. Online
UPS), pt. 9234 Inverter efficiency, >90%
As this is a Smart City Project latest Specifications
available for Inverter Efficiency are 96 %, this will
save approx. 6.5% of KW Power Consumed. Pls see
if specications need to be made better. This feature
is available with all leading manufacturers
RFP Conditions Prevails
918Vol2 (15. Online
UPS), pt. 10234
Over All AC-AC
Efficiency, > 85%
As this is a Smart City Project latest Specifications
available for Inverter Efficiency are 96 %, this will
save approx. 11% of KW Power Consumed. Pls see if
specications need to be made better. This feature is
available with all leading manufacturers
RFP Conditions Prevails
919Vol2 (15. Online
UPS), pt.17235
Cabinet, Rack / Tower type, 75KW/ 150KW/
200KW configurations
In higher rating UPS the UPS are all Tower Type
only, pls confirm.RFP Conditions Prevails
920Vol2 (15. Online
UPS), pt.17235
Cabinet, Rack / Tower type, 75KW/ 150KW/
200KW configurations
Please confirm if we can consider 25 KW & 50 KW
also in case the connected load is low or we will
have to consider 75 KW as Minimum rating
RFP Conditions Prevails
921Vol2 (15. Online
UPS), pt.17235
Cabinet, Rack / Tower type, 75KW/ 150KW/
200KW configurations
Please confirm if the UPS Need to be Modular in
name, meaning that a 75 KW UPS shall have an
inbuilt architecture of 3 x 25 KW or 4 x 20 KW
RFP Conditions Prevails
922Vol2 (15. Online
UPS), pt.17235
Cabinet, Rack / Tower type, 75KW/ 150KW/
200KW configurations
In case Modular systems are required, pls confrm
that the Power Modules are required to be Hot-
Swappable.
RFP Conditions Prevails
923Vol2 (15. Online
UPS), pt.18235 0 to 40 degrees centigrade
Please confirm that this temperature range is for
UPS Only as Battery Manufacturers recommend 25-
27 deg Temperature.
RFP Conditions Prevails
924 General General UPS Warranty & Battery Warranty to be clarified RFP Conditions Prevails
925 Vol1, RFP Pg 83 Proposed Bill of materialWe understand that The BOQ of the tender shall
include the “GIS Software” as a Line ItemPlease refer to the corrigendum 6
926 Vol2, RFP Pg 84Geographical Information system (GIS) & GIS
city portal
We understand that there would be requirement of
augmentation, enhancement & scale up of the
existing GIS solution and developing & integrating
GIS application. We request you to add the GIS
software in BOQ for augmentation of the same at
Enterprise level as per the requirement of the RFP.
Please refer to the corrigendum 6
927 Vol2, RFP Pg 161 Section 6: (OEM Professional Services for Project Implementation),
We understand that the project management and
execution of the project remains with MSI. OEM
responsibility will be to provide support.
RFP conditions Prevails
928 Vol2, RFP Pg 161 Section 6: (OEM Professional Services for Project Implementation),
As OEM to GIS software, we understand our scope is
limited to our products supplied. Also clarify how
the liability of SLA be distributed among OEMs while
the overall system will be an integration of many
sub-components.
RFP conditions Prevails
929
Volume 1,Pre
qualification ,point
no. 2
35
The Sole Bidder or the Lead Bidder of
consortium should have an average annual
turnover of minimum INR 10 crore with
minimum average turnover of INR 5 crore from
one or more of the “specific business areas”
mentioned below over the last three financial
years and, in case of a Consortium, the average
annual turnover for each of the consortium
members over the last three Financial Years
should be INR 2.5 crore or more from one or
more of the “specific business areas” mentioned
below:
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
As this is a large scale System Integration Project
having complex requirement of integrating to
various systems and to execute such projects it is
essential for the bidders to have prior experience in
ICT/ IT system Integration. Hence we request you to
consider the following clause as below
"The Sole Bidder or the Lead Bidder of consortium
should have an average annual turnover of
minimum INR 40 crore with minimum average
turnover of INR 20 crore from one or more of the
“specific business areas” mentioned below over the
last three financial years and, in case of a
Consortium, the average annual turnover for each of
the consortium members over the last three
Financial Years should be INR 10 crore or more from
one or more of the “specific business areas”
mentioned below:
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
Please refer to the corrigendum 6
930Volume 1,Section
2.2929
The proposed OEM should have installed base
of at least 20% of the quoted product or
technology
This clause is very Subjective and is not applicable to
all components.Request you to remeove the clauseRFP Conditions Prevails
931
Volume 1,Pre
qualification ,point
no. 8
36
The sole bidder or lead bidder should have
completed at least two projects in Govt/Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT
Since the ICCC is to be implemented with DC (on
premise) and DR (cloud ) we request you to amend
the clause as below.
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi Govt/
PSU; in the field of development and integration of
citizen centric web portal /mobile app/database
management /data warehousing/ business analytics
/ implementation on cloud on the date of release
of NIT during last five financial years.
Please refer to the corrigendum 6
932
Volume 1,Technical
qualification ,point
no. 1
37
Average annual turnover from “Specific Business
Areas” as mentioned
below for Sole bidder or Lead bidder (in case of
consortium) over the last
three Financial years
Marks shall be allotted as given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore
= 6.5 marks
•More than INR 20 Crore – up to INR 30 Crore =
6 marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
The scope of this project involves System
Integration of various systems third party systems.
In order to execute such projects it is essential for
the bidders to have prior experience in ICT/ IT
system Integration experience along with domain
exeperience. Hence we request you to consider the
following clause
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or Lead
bidder (in case of consortium) over the last three
Financial years
Marks shall be allotted as given below:
• More than INR 100 Crore = 7 marks
• More than INR 80 Crore – up to INR 100 Crore =
6.5 marks
•More than INR 60 Crore – up to INR 80 Crore = 6
marks
•More than equal to INR 40 Crore - up to INR 60
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
Please refer to the corrigendum 6
933
Volume 1,Technical
qualification ,point
no. B3
42
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,mobile
apps native languages (Android, ioS, Windows,
Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
The documentry evidence asked for this clause will
not be able to justify the clause.So kindly request
you to allow bidders to provide a self certificate
highlighting the technologies and software used for
each of the project experience.
Please refer to the corrigendum 6
934 General
This is a Large integration project which includes
various integrations to be done. For such projects
Bidder's Proposed solution should be included
under technical evaluation. So, request you to put
certain weightage to Proof of concept or
Presentation
RFP Conditions Prevails
935
Vol 1 Section 3.5.1
Technical Bid
Criteria &
Evaluation, B1
39 & 40
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum valuof
INR 15 crore in India during last five years as on
the date of release of RFP.Marks shall be
allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Generally the values of the projects of citizen
centric web portal / mobile app are very large when
compared to the scope of RFP, as mentioned in the
respective clause. Kinldy amend the clause as :
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned project(s)
related to development and integration of citizen
centric web portal / mobile app components or both
having minimum valuof INR 5 crore in India during
last five years as on the date of release of
RFP.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Please refer to the corrigendum 6
936
Vol 1 Section 3.5.1
Technical Bid
Criteria &
Evaluation, B2
41
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Large scale Utility based enterprise integration
projects are focussed on citizens with various
integrations like Integration with SCADA, payment
gateways, Web Portal, GIS, etc and have similar
nature of work as City Centric Software intrgration.
Request Kindly ammend the clause as:
The Sole Bidder or lead member (in case of
consortium) should have experience in the field of
Enterprise integration/City centric software
Integration Projects during last Five financial years.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
937Vol 1, 6.8 Proposed
BOM78
E. IT Infrastructures - Web application, DDoS,
UTM
Request authorities to provide minimum technical
specifications of security components. As these
component specifications are not mentioned in
Volume 2 or in any part of RFP.
Please refer to the corrigendum 6
938
Vol 1, 6.8 Proposed
BOM & 7.2 Price
component for
CAPEX
78 & 90E. IT Infrastructures, Point 1 - Security
components mismatching in both the tables
Conflict of requirements in IT infrastructure security
components in Proposed Bill of Material & in Price
component for CAPEX. Request authorities to
amend the security components requirement in
both the tables.
Please refer to the corrigendum 6
939
Vol 2, 5.2 Data
center & Disaster
recovery
114
Tentatively State Data centre will initially
provide the below items for the hosting
purpose. * Rack space,
* Internet connectivity,
* Physical Security,
* Logical Security,
* Cooling,
* VPN services,
* WLD services,
* UPS power,
* Firewall Security.
The MSI is expected to consider the above
components which will be provided by the State
Data Center.
As per RFP, we understand Primary Data Center is
located at UP SDC at Lucknow for both temporary
ICCC at Lucknow Nagar Nigam (Bhopal House) and
for Main ICCC at UP SDC. Request authorities to
clarify the items provided by SDC to be used by the
MSI - is it for temporary purpose or permanently ?
RFP is self explanatory
940
Vol 2, Technical
requirement - WAN
/ Internet Router
132 Techincal requirement of WAN / Internet Router
Request authorities to provide minimum technical
specs. of WAN/Internet Router like minimum
number of ports, minimum throughput, min. speed
of forwarding/routing performance and min. Ipv4
routes & MAC address. These details provide
bidders to give accurate sizing of the routers.
RFP conditions prevailsBidder to Propose as per the
Technical Architecture
941
Vol 2, Technical
requirement -
Primary Storage
136 Techincal requirement of Primary storage
Request to authorities to calrify about 5TB Primary
storage - Is 5TB used for both video & Non video
applications ?
RFP Conditions Prevails
942
Vol 2, Technical
requirement -
Secondary Storage
138Techincal requirement of secondary storage (for
Backup / Archival storage as per RFP)
Please provide minimum size of secondary storage
requirement and also tentative data size to be
backed up.
RFP Conditions Prevails
943
Vol 2, Technical
requirement -
Server Load
Balancer
139 Techincal requirement of Server Load balancer
Request authorities to provide minimum number of
ports & minimum throughput required for Server
Load Balancer. This helps bidders to do efficient
sizing.
RFP conditions prevailsBidder to Propose as per the
Technical Architecture
944
Vol 2, Technical
requirement -
Server Load
Balancer
139 & 141Techincal requirement of Server load balancer
mentioned in different pages.
Conflict of technical specs mentioned for server
load balancer. Request authoritites for clarification.RFP Conditions Prevails
945
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 62 of 245Auto continuous-colour and brightness
management mechanism to be
This shold be changed to:
Auto colour and brightness management
mechanism to be provided
This is specific to a manufacturer hence should be
changed as asked to introduce more competetion
RFP Conditions Prevails
946
Vol-2
2.3.2 IoT Platform
Video Display Wall
(VDW)
Page 63 of 245The brightness uniformity of each display cube
and across the entire VDW shall be at least 95%.
This shold be changed to:
The brightness uniformity of the VDM shall be
>98%.
In large walls the uniformity of each cube is very
important and should not be compromised
otherwise the video wall will appear patchy hence
affecting the overall image quality and VW
performance
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
947
Vol-2
2.3.2 IoT Platform
Display Content
Management
System (DCMS) or
Video Wall
Management
System
Page 64 of 245
The DCMS shall be able to decode, transmit,
manage, and display the following formats of
digital streaming video:
• MPEG-4
• H.264
Should be changed to:
The DCMS shall be able to decode, transmit,
manage, and display the following formats of digital
streaming video
• H.264
since H.264 is the advanced codec
RFP conditions prevails
948
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239
1.IP Camera should be a high-definition, full-
functioned
video endpoint with industry-leading image
quality and
processing power. The camera is capable of
resolutions
up to 1920 x 1080 at 30 frames per second (fps)
while
optimizing network usage with either H.264 or
MJPEG
compression.
Please help us to know the type of camera required
for control room, i.e. Dome Camera or Bullet
Camera.
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
949
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239
1.IP Camera should be a high-definition, full-
functioned
video endpoint with industry-leading image
quality and
processing power. The camera is capable of
resolutions
up to 1920 x 1080 at 30 frames per second (fps)
while
optimizing network usage with either H.264 or
MJPEG
compression.
H.264 is the old video compression technology,
whereas, H.265 is the latest video compression
technology. This compression technology which is
being used by many leading brands and helps to
reduce more than 50% bandwidth and storage
consumption, keeping the same image level
performance as H.264 Thus, reducing the load over
network and storage complexity. Thus will be more
economical solution. Thus, kindly make it
mandatory for the quoting H.265 compatible for the
CCTV Camera.
Thus, requesting you to ammend the clause to
H.265,H.264 or MJPEG compression.
Please refer to the corrigendum 6
950
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239 4.Dynamic Range-100 dB
During video surveillance, there is variation in
illuminance due to bright light sources . True WDR
value with 120db value will render better and good
qaulity image as compared with camera with 100 Db
. Request you to amend it to Dynamic Range-120dB
which is wide used and available with major brands.
RFP conditions prevails
951
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239 5.Lens- 3-10 mm
The lens size which is normally available with all the
major and reputed manufacturers is 2.8~12mm. It
also determine the overall optical zoom ratio. Thus,
requesting you to kindly ammend the Lens-
2.8~12mm.
RFP conditions prevails
952
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239 5.Lens- p-Iris
DC-Iris is majorly used by the majority of the OEMs.
Thus, requesting to kindly amend Auto Iris - P-
Iris/DC-Iris.
RFP conditions Prevails
953
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
24013.Number of streams: Dual-stream H.264 and
MJPEG:
Triple stream means the IP camera can
simultaneously output three different video
streams, each of video streams can be configured
with different resolution, frame rate, bitrate and
codec type. Where one stream is used for Live View,
second stream for remote viewing and third stream
for recording purpose.
Thus,requesting you to ammend the Streaming
Capacity to Three Streams video profiles instead of
2 Video profiles.
RFP conditions prevails
954
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
240
13.Number of streams: Secondary stream
programmable up to 1024 x 576 at 15 fps
Nowadays in the market, triple streams cameras are
used, hence requesting you to ammend the
requirement to Any other stream except main
stream programmable up to 1024 x 576 at 15 fps
RFP conditions prevails
955
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
240 15.Local Storage- Micro SD
As the project includes Megapixels IP cameras &
extended days of recording,requesting to add SD
storage to 128GB for storage purpose. Also, the
proposed camera should support Automatic failover
feature feature wherein during network
disconnection between the camera and storage
device, the data stored in SD card shall be pulled
back and merged with storage available in the
storage device/server. Thus, kindly add clause that
Camera should support Automatic failover system
for storage.
RFP Conditions Prevails
956
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
240 16.Video Compression-H.264 & Motion JPEG
H.264 is the old video compression technology,
whereas, H.265 is the latest video compression
technology. This compression technology which is
being used by many leading brands and helps to
reduce more than 50% bandwidth and storage
consumption, keeping the same image level
performance as H.264 Thus, reducing the load over
network and storage complexity. Thus will be more
economical solution. Thus, kindly make it
mandatory for the quoting H.265 compatible for the
CCTV Camera.
Thus, requesting you to ammend the clause to
Video Compression-H.265,H.264 & Motion JPEG
RFP conditions prevails
957
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
240
25.Certifications Safety-UL60950-1 second
edition CSA22.2-No.60950-1 IEC/EN60950-1
second edition IEC/EN60825
IEC/EN60825 is only applicable for Safety of laser
products, while the requirement in the tender is not
of laser, thus request you to delete this requirement
RFP Conditions Prevails
958
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241
26.Certifications EMC-Requirements- CISPR22
Class B ICES-003
EN50121-4
EN50155
EN50130-4
EN55022
EN55024 EN61000-3-2/-3-3 VCCI Class B
KN22 Class B KN24
1)CISPR22 is equivalent to EN55022 which is
covered under the CE certification.
2)Class B ICES-003 is equivalent to EN std. covered
under CE certifcate
3)EN50121-4 EN50155 are std, for Railway
application match railway std. not applicable for this
project.
4)EN55022 EN55024; EN55022 and EN55024
covered under CE certification; EN61000-3-2/-3-3;
EN61000 std are covered under EN50130 std which
falls under the CE certification.
5) VCCI is japanese std while FCC is US std which is
globally accepted and are equivalent to each other
6)Class B KN22 Class B KN24 are Korean std. and
equivalent to EN std. covered under CE certification;
Thus request you to ammend certification to UL, CE,
FCC which declares that the product complies with
the essential requirements of the relevant health,
safety and environmental protection legislation.
RFP Conditions Prevails
959
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241
27.OEM Criteria-All proposed Cameras should
be from Single OEM and OEM should have
Registration in India min from 10 Years
We request you to kindly remove this caluse basis
the following. 1) in case if any one of the camera
specification is not complied by OEM, their other
complied camera will also not be quoted by SI as
well this will lead Monopoly for OEM who's all
camera comply in this tender, they will charge high
price and take advantage of this condition. 2). Many
world class OEM's have come to India for business
few years back, we request you to reduce this 10
years period to 5 or 7 years so that world's best
OEM's who have come India for business can
participate in this tender and provide best quality
equipment at very competative prices.
RFP Conditions Prevails
960
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239 To be added
For the smooth switching between Day and Night
mode, it is recommended to have builtin IR within
the camera with more IR Range.
Thus, request you to add IR Illuminator as Internal
in camera with min 30M IR distance.
RFP Conditions Prevails
961 To be added Storage
The technical specifications for CCTV Video storage
has not been mentioned in the tender, thus, please
help to clarify how storage will be done of the IP
CCTV Camera for control Room.
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
962
Vol_2_RFP , page no
23
In Scope of Work -
Technical
specificaations ,
Point no. 13.
Display size of Environmental sensors should be 3x2 mts.
(1)What kind of display is to be provided?
(2)Is it integrated with each sensors?
(3) What will be the functionality of the display?
RFP is Self Explanatory
963 General Need BoM RFP conditions prevails Query Not Clear
964Vol_2_RFP , page no
813.10 GPS Tracking of Vehciles
Need BoM, Specify software application
requirement
(1)Qty of Municipality vehicles
(2)Qty of GPS devicesRFP Conditions Prevails
965 General AFCS card
To use the Smart card for the CCPS, will the
Lucknow Corporation provide the card data
structure for third party integration?
RFP Conditions Prevails
966 General GeneralNeed BoM, Specify software application
requirementRFP conditions prevails Query Not Clear
967Volume II Scope of
Work 127-130 EMS - Log Management and Network-Flow based Traffic Analysis
Since SIEM specification has been given seperately
in the RFP, So request you to delete "Log
Management" and "Network-Flow based traffic
analysis" at page 127-130 as this is feature of SIEM
solution.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
968Volume II Scope of
Work 145
2.2.11.5 data security (DLP has been asked in
every command center RFP of smart city which
is missing here)
It is recommended that DLP (Data Leakage
Privention Solution) should be proposed to meet
functional requirement. We request you to add
minimum technical specification of DLP solution.
RFP conditions prevails
We are aware of data exfiltration
threat and have already desired
DLP functionality as per published
RFP
969Volume II Scope of
Work 12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based Authentication and Authorization, in
accordance with IT Act 2000, using the Digital
Certificates issued by the Certifying Authorities
(CA). In particular, 3 factor authentications
(login id & password, biometric and digital
Signature) shall be implemented by the MSI for
officials/employees involved in processing
citizen services.
we recommend and request you to please add
minimum specification of PKI and Hardware Security
Module( HSM) Specification to meet functional
requirement. There are only two OEM in this space
and it has also been asked in every smart city RFP
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
970Volume II Scope of
Work 11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc. MSI must make provisions
for security of field equipment as well as
protection of the software system from hackers
and other threats.
Request you to please add minimum specification of
Security Analytics,Network Forensics Solution to
have fair and competitive bidding. RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
971
Volume II Scope of
Work 112
Portal must be secure in all the way and all the
latest security implementations like https, xss,
sql injection, OWASP vunrebelties etc should be
implemented/followed to avoid any hacking.
To Achieve this, we suggest to implement WAF and
Request you to please add minimum specification of
web Application firewall Solution to have fair and
competitive bidding.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
972
Vol2_RFP
DATA CENTER
SPECIFICATION
141 Link Load Balancer Specifications
Link Load balancer can also act as aa IPv6 gateway
hence we request to add below IPv6 Features on
Link load balancing Specifications,
• IPV6 support with IPv6 to IP4 and IPv4 to IPv6
translation and full IPv6 support.
• IPV6 support with DNS 6 to DNS 4 & DNS 4 to DNS
6 translation
• Support full DNS bind function & Capable of
handling complete DNS bind records including
A,MX, AAAA for IPv6.
RFP conditions prevails
Bidder's should meet the
functional requirement to
maintain desired SLA
973Vol2_RFP
5.3 data security145 2.2.11.5 data security
The RFP has included most of network and security
solution to strengthen C&C infrastructure. But Web
Application security network function is missing and
is essential network function for overall security of
application infrastructure. Application security will
surely improve the security posture and improve the
operational efficiency of the solution. Besides Cyber
Security Model Framework for Smart Cities circular
also recommends web application security devices
for overall end to end security model. We suggest
including application security solution with
minimum specifications to this project.
Application level security solution should be
provided through leading practices and standards
including the following:
Prevent OWASP top 10 vulnerabilities including SQL
Injection, XSS, Security Misconfiguration
Vulnerabilities, Restrict URL Access Vulnerabilities,
Insufficient Transport Layer Protection, Redirects
and Forwards Vulnerabilities
The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks. Machine
learning should be based on true ML algorithms,
and not just automation of dynamically learnt rules.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
974
Vol2_RFP
DATA CENTER
SPECIFICATION
Multi-tenant hardware with multicore CPU
support. It shall support minimum four (4)
virtual instances and shall be scalable to 16
instances on the same appliance. Shall have
minimum of 10 Gbps of system throughput per
virtual
instance to support multiple load balancing and
security functions. Shall have minimum of 8x10G
SFP+ interfaces from day one. Shall have
security features like reverse-proxy firewall, sync-
flood and denial of service attack protection
from day one.
number of virtual instance requirements are on
higher side keeping current and future scalabulity
requirement under consideration. Multi-tanent
server load balancer appliance typically requires 2-3
virtual tanents each of DMZ, MZ and server farm.
16 instances are on higher side and will add surplus
cost in overall solution design. we rcommend to
reduce it to 8 virtual instances.
RFP conditions Prevails
975Vol2_RFP
5.3 data security145
New Suggestion-Application security
RFP has addressed most of the Application Security
points but still some application security points are
missing like unknown attacks based on user inputs
and application responses, Zero day Attacks, atomic
attacks and complex attack chains hence to address
these kind of attacks request you to consider next
generation application security solution with
minimum requirements.
1.The application security solution should have
positive security model with machine learning
capabilities to detect and prevent anomaly in
application traffic and unknown attacks. Machine
learning should be based on true ML algorithms,
and not just automation of dynamically learnt rules.
2. web application security solution should have
capability of performing static analysis of source
code & dynamic analysis at RUN time to identify
potential vulnerabilities in web applications and
solution must have option to deploy virtual patch
based on static and dynamic analysis results.
3. The Web application security solution should
address known & unknown attacks based on user
inputs and application responses using combination
of dedicated protectors/signature engines and
Machine Learning
4. WAF should support built-in correlation engine to
detect atomic attacks and complex attack chains.
Administrator should have option to define
RFP conditions Prevails
976Volume II Scope of
Work 155
Solution must be custom built AntiAPT solution
and must not have network perimeter security
component part devices like firewall and IDS/IPS
Top security vendors have their Anti-APT solution as
well as Firewall and IPS, and Anti-APT is proven best
by NSS LABS. Request Please remove "must not
have network perimeter security component part
devices like firewall and IDS/IPS". By tender
condition we are limiting to specific OEM and
incresing the cost as well.
RFP conditions prevails
Custom built APT solutions offer
dedicated resources to do analysis
of unknown threats with higher
acceleration instead of
UTM/Firewall devices having
multiple security layers hosted on
shared resources.
977Volume II Scope of
Work 156
The proposed solution should have an endpoint
security component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection,
ability to quarantine and clean the infected files,
ability to integrate with Anti APT components
and automatically block/Quarantine zero day
malwares by sharing Indicators of Compromise.
Please remove integrated DLP from Endpoint
because this is not recommended model and DLP
always work on perimeter layer because any data
which is supposed to go out will go from network
only.
Request you to please change "The proposed
solution should have an endpoint security
component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection, ability
to quarantine and clean the infected files, ability to
integrate with Anti APT components and
automatically block/Quarantine zero day malwares
by sharing Indicators of Compromise."
RFP conditions prevails
Considering current landscape
possible data leakage due to a
malicious threat is a prominent
concern. Hence DLP capability is
desired at the endpoint channel to
avoid any intentional and
unintentional data exfilteration.
978Volume II Scope of
Work 156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
Asked number of parallel sandboxing is vendor
specific and because of this multiple known APT
vendor will not be able to bid in Smart City.
Request you to please Change"The proposed
solution should be able to run at least 50+ parallel
sandboxes for analysis of payload and on premise
customized sandbox solution should have the
capability to allow manual submission of suspicious
files for analysis" 60 is specific to OEM
RFP conditions prevails
Considering Smart City traffic
volume and future scalability
considering unknown malware
threats the proposed solution
should be able to run at least 60
parallel sandboxes for analysis of
payload and on premise
customized sandbox solution
should have the capability to allow
manual submission of suspicious
files for analysis
979Volume II Scope of
Work 156
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
Asked file size should not be bottle neck for Smart
City projects.
Request you to change" Solution should support
more than 60 MB file Size."
RFP conditions Prevails
980Volume II Scope of
Work 157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. AntiAPT
solution should share intelligence with
endpoint, security web gateway solution,
HIPSserver security & NIPS, similarly endpoint
and security web gateway, NIPS & HIPS(Server
Security) should submit files to AntiAPT solution
for analysis and all three (AntiAPT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console.
In asked specs all the solution should be manage
through single management console, which is not
possible because as Smart City we do not know who
will win IPS,Web Security, Email Security, Endpoint
HIPS(server security) and if each solution is from
different vendor they will be having their own
managemnt console and we do not know that they
support REST API or someting else and also
different OEM endpoint solution will not be able to
send file to different OEM Anti-APT solution.
Request you to please change"The Proposed
solution should have option to share Indicators of
compromise for mitigation and clean up with AV
endpoint and Web gateway to block threat at web
gateway level and network level through NIPS.
AntiAPT solution should share intelligence with
endpoint, security web gateway solution, HIPSserver
security & NIPS, similarly endpoint and security web
gateway, NIPS & HIPS(Server Security) should
submit files to AntiAPT solution for analysis and all
three (AntiAPT, Web Security, Email security,
Endpoint, HIPS (server security) solution should
manage through single management console."
Asking Single console will restrict to specific OEM.
RFP conditions Prevails
981Volume II Scope of
Work Additional Point
The Proposed Anti-APT solution must have
recommended rating in 2017 NSS BPS report from
NSS Labs and must have more than 98% security
efectivness.
RFP conditions Prevails
982RFP Volume 2,
Section 1.411
all the system logs should be properly stored &
archived for future analysis and forensics
whenever desired. The authority would carry
out the security audit of the entire system upon
handover and at regular interval during O&M
period.
In section 1.4, RFP has mentioned the requirement
of security forensics solution, but same has not be
elaborated in the technical specs sheet as done of
other security components. We recommend to
consider following minimum requirement for
Forensic solution:
1. Forensic solution should have context Awareness.
2.The Forensic solution should provide the complete
session information and what happened during,
before and after.
3. Forensic solution should provide information on
full source and scope of attacks and Arm incident
response teams with clear, concise answers. This
will also help to tighten security posture.
4. The proposed solution have root cause analysis.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
983RFP Volume 2,
Section 4.3112
Portal must be secure in all the way and all the
latest security implementations like https, xss,
sql injection, OWASP vunrebelties etc should
be implemented/followed to avoid any hacking
In section 4.3, under minimum Technical &
Functional Requirements of Lucknow smart city
portal, RFP has asked for the security against
security implementations like https, xss, sql
injection, OWASP vulnerabilities, this can be done
via WAF, so we recommend the WAF solution to
protect the application from OWA top 10. Rather in
technical specifications of SLB, reverse proxy
function has been requested. Our recommendation
is, It must be in dedicated solution to maintain the
better security and content scanning while upload
any user data to portal. The Proposed solution must
have capability to scan the file up to 1 Gbps and
having Caching feature for enhance end users
experience.
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
984
RFP Volume 2,
Section 2.3.1, Point
74
52
Data Protection / Data at rest: Platform should
support encryption for tenant data at rest (on
disk/storage)
Please advise with this functionality are you looking
for hard disc encryption. The solution should also
include File Share Encryption - Policy-enforced file
encryption for collaborating teams.
RFP conditions Prevails
985
RFP Volume 2,
Section 2.3.1, Point
99
59
appropriate tools for incident and SLA
management for the SLA Parameters defined in
Vol. 3 of this RFP
Are you looking for this functionality for Cyber
security incident as well, for that Forensic solution
to have context Awareness. The Forensic solution
will provide the complete session information and
what happened during, before and after. Forensic
solution can See the full source and scope of attacks
and Arm incident response teams with clear, concise
answers.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
986
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Firewall rules should filter traffic based on
source and destination IP address, port, MAC
address, etc. and should detect reconnaissance
activities such as port scans and Solution should
be capable of blocking and detecting IPv6
attacks and Product should Support CVE cross
referencing when applicable for vulnerabilities.
This seems to be combining of different product
specification in to HIPS. HIPS is to protect servers
from unauthorized access, malware and unwanted
traffic. CVE cross referencing is for Vulnerability
Management and not HIPS. These are OEM specific.
We request you to rephrase the specification to
"Firewall rules should filter traffic based on source
and destination IP address, port, MAC address, etc.
and should detect reconnaissance activities such as
port scans and Solution should be capable of
blocking and detecting IPv6 attacks"
RFP conditions prevails
CVE id published by OEM
pertaining to vulnerabilities is a
desired functionality to get
required information and help to
minimize the risk level
987
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Host based IPS should support virtual patching
both known and unknown vulnerabilities until
the next scheduled maintenance window.
Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to server security
solution and sandboxing should have at least
virtual instance of server class OS Win 2008, win
2012.
HIPS solutions are for mission critical servers and
servers do not download files from unknown
sources. Server Security-HIPS works on least
privilege access to the critical resources and
applications. We suggest to have Network Anti-APT
from servers which will have no impact on the
servers compute and performance of the
application which runs on the server. It is therefore
suggest to rephrase this OEM specific specification
to "Host based IPS should support virtual patching
both known and unknown vulnerabilities. Solution
should provide least access privilege to the
applications or resources to protect servers from
hackers and malicious code." and move changed
specification to "Solution should have capability to
submit unknown files to sandboxing for simulation
and create IOC's on real time basis as per
sandboxing analysis and revert back to server
security solution and sandboxing should have at
least virtual instance of windows
7/8/10/2008/2012." to Anti-APT
RFP conditions Prevails
988
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
HIPS should have signatures for known &
unknown vulnerabilities and exploits. It should
also allow for creation of custom signatures to
secure home grown legacy applications.
Detailed events data to provide valuable
information, including the source of the attack,
the time, and what the potential intruder was
attempting to exploit, should be logged.
There can't be signatures for unknown
vulnerabilities and exploits. The specification should
be rephrased to "HIPS should have policies/custom
policies to protect from vulnerabilities and exploits.
It should also allow for creation of custom
signatures/policies to secure home grown legacy
applications. Detailed events data to provide
valuable information, including the source of the
attack, the time, and what the potential
intruder/process/application was attempting to
exploit, should be logged."
RFP conditions Prevails
989
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Should provide automatic recommendations
against existing vulnerabilities, Dynamically
tuning IDS/IPS sensors (Eg. Selecting rules,
configuring policies, updating policies, etc.) And
provide automatic recommendation of removing
assigned policies if vulnerability no longer exists
For Example If a patch is deployed unwanted
signatures should be unassigned.
This is an OEM specific specification because there
are no sensors for HIPS. We suggest to move this
specification to NIPS as this is a NIPS function not
HIPS.
RFP conditions prevails
Fixing existing vulnerabilities by
automatic ally configuring policies
by sharing recommendation is a
desired functionality to minimize
security risk. Hence please
consider specification RFP
conditions Prevails
990
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
150
Solution should have feature to take backup of
ransom ware infected files and restoring the
same and Management Server should support
Active Passive high availability configuration.
Should have central management console for
server security and AntiAPT with sandboxing for
central visibility and control.
SIr, this is not standard functionality of HIPS. By
taking backup of the files on servers at an
unscheduled downtime will not only hamper the
day-to-day operations but there are chances to
corrupt open files/databases. This being an OEM
specific and not for HIPS. It is suggested to remove
this specification.
RFP conditions prevails
Solution should have feature to
mitigate ransomware threat and
Management Server should
support Active Passive high
availability configuration. Should
have central management console
for server security and AntiAPT
with sandboxing for central
visibility and control.
991
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
150
Host IPS should be capable of recommending
rules based on vulnerabilities with the help of
virtual patching and should have capabilities to
schedule recommendation scan and entire
features of solution should be agentless.
HIPS is both agent and agentless. The objective is to
restrict application and operating system behavior
using policy-based least privilege access control so
that no application or user gains administrative
privileges of it own. This is specific to an OEM. We
suggest to have this specification rephrased as
"Host IPS should be capable of recommending
policies based on OS/vulnerabilities with the help
of virtual patching and should have capabilities to
schedule recommendation scan and solution should
be agent/agentless."
RFP conditions prevails
Host IPS should be capable of
recommending policies based on
OS/vulnerabilities with the help of
virtual patching and should have
capabilities to schedule
recommendation scan and
solution should be
agent/agentless.
992
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint vulnerability protection should scan
the machine and provide CVE number visibility
and accordingly create rule for virtual patch
against vulnerability.
This is an OEM specific specification. There are only
a vendor which provides vulnerability scan and
integrated DLP as a part of Anti-virus. We suggest to
remove so that all leading OEMs can participate.
RFP conditions prevails
CVE id published by OEM
pertaining to vulnerabilities is a
desired functionality to get
required visibilily and mitigate
using virtual patching technology
to minimize potential risk level
993
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint solution should have pre and post
execution machine learning and behavior
monitoring along with ransom ware protection
engine, ransom ware engine should have
feature to take backup of ransom ware
encrypted files and restoring the same.
This is an OEM specific specification. There are only
a vendor which provides vulnerability scan and
integrated DLP as a part of Anti-virus. We suggest to
remove so that all leading OEMs can participate.
RFP conditions prevails
Endpoint solution should have pre
and post execution machine
learning and behavior monitoring
along with ransom ware
protection engine
994
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint solution should have integrated DLP
with predefined templates for HIPAA, PCIDSS,
and GLBA etc. for compliance requirements and
should have capability to create policies on basis
of regular expression, key word and dictionary
based for data loss presentation.
Only single OEM has integrated DLP with anti-virus.
We suggest to remove so that all leading OEMs can
participate.
RFP conditions prevails
Endpoint solution should have DLP
capability with predefined
templates for HIPAA, PCIDSS, and
GLBA etc. for compliance
requirements and should have
capability to create policies on
basis of regular expression, key
word and dictionary based for data
loss presentation.
995
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage
protection+B52
150-151
Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to Endpoint security
solution to block and clean threats and
sandboxing solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for Sandboxing
with at least 60 virtual instances running in
single sandboxing box.
This is a repeat of the specification under HIPS on
page 149 of the tender document. It seems there is
a attempt to have only single OEM participate. We
suggest to move this to Anti-APT which should read
as "Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to Endpoint security
solution to block and clean threats and sandboxing
solution should support customizable Windows
7/8/10/Microsoft 2008/12 operating environments
for Sandboxing"
Please refer to the corrigendum 6
996
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
151
Host IPS should be capable of recommending
rules based on vulnerabilities on endpoint and
Host IPS should have dynamic rules based on
System posture and endpoint posture
This is a repeat of the specification under HIPS on
page 150 of the tender document. It seems there is
a attempt to have only single OEM participate. We
request to remove this specification.
Please refer to the corrigendum 6
997
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
151
Solution should deprovision corresponding HIPS
rules id System upgraded or patched and Should
support Detecting and Blocking Reconnaissance
on the endpoint
This is an OEM specific specifications. It seems there
is a attempt to have only single OEM participate.
We request to remove this specification.
RFP conditions prevails
Proposed solution should have
capability to deprovision
corresponding HIPS rules id
998
RFP Volume
2,Section 5.3,Anti-
virus
160 Antivirus shall have built in URL filtering. This is again a OEM specific. Please delete this. Please refer to the corrigendum 6
999
RFP Volume
2,Section
5.3,Network based
Intrusion Prevention
System (NIPS)
153
The proposed IPS vendor must provide a global
threat intelligence portal that provide real-time
monitoring and statistics of malicious threats
and attacks and NIPS should integrate with
sandboxing to submit unknown files in
sandboxing for simulation and create IOC's on
real time basis as per sandboxing analysis and
revert back to NIPS to block threats and
sandboxing solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for Sandboxing
with at least 60 virtual instances running in
single sandboxing box.
Only one OEM can qualify this specification. The
same specification has been asked in HIPS, Endpoint
protection and storage protection, and anti-apt. The
OEM has to have all these solutions. Therefore, It
seems there is a attempt to have only single OEM
participate. We suggest to delete this specification
so that leading OEMs can participate.
Please refer to the corrigendum 6
1000
RFP Volume
2,Section 5.3,Anti-
virus
We suggest to have deception technology as a part
of endpoint protection so that lucknow smart city
will be able to detect and identify attackers during
the early stages of a breach.
RFP conditions Prevails
1001
RFP Volume
2,Section 5.3,Anti-
virus
We suggest to have endpoint protection to deploy
customizable baits across the endpoint installation
and expose hidden adversaries. These decoys must
which include fake credentials, files and other
enticing assets. This will help , exposing
attacker/hacker without him/her knowing.
RFP conditions Prevails
1002
RFP Volume 2,
4.2LSCL App (Mobile
App)
106The app shall be available for in two modules
i.e. for Citizen and Officers Login. ….
Officers Mobile devices need multi-layered mobile
protection against known, unknown and targeted
attacks. These devices need to be protection from
suspicious networks and malicious developers and
apps before they can harm officers mobile device.
We suggest to have protection for officers mobile
devices for unpatched known vulnerabilities,
uncovering zero day vulnerabilities in apps and OS
and real time response and protection against
various known, unknown and targeted malware
attacks for iOS and Andriod.
RFP conditions Prevails
1003 Vol-II, 1.4; Security 11
Kindly confirm if the proposed Server Operating
System for all servers shall be Common Criteria
EAL4+ cerified as security shall be an important
aspect.
EAL4+ is a Security certification standard to build a
secured infrastructure solution and to avoid and
remove vulnerabilities in non certified platforms
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1004Vol-II, 1.4; Open
Standards13
Kindly confirm if the bidder should adhere to
the policy of Government of India on adoption
of open source software issued by DeitY vide F.
No. 1(3)/2014-EG II available on MeitY website
at
"meity.gov.in/writereaddata/files/policy_on_a
doption_of_oss.pdf"
As per GoI Adoption Policy for Open Source
Softwares usageRFP conditions Prevails
1005
Vol-II, 1.5; OEM
Software
Requirements
16
Kindly confirm if the bidder shall not propose
any freeware software/community edition. (as
any such underlying freeware/community-
edition may be a severe security risk).
To minimize the security risks and to avoid
vulnerabilities in software solutions, it is a
mandatory requirement for bidder to avoid usage
of any such freeware / community software
products to prevent unauthorized access and to
provide a secured platform to run and store nation
government data
RFP conditions Prevails
1006Vol-II, Pt 19; API
Management37
Please confirm if an API managment solution
should be provided as part of the overall
solution and whether it is required to protect
backend API servers with strict traffic control
on incoming and outgoing traffic, provide
access control features to determine exactly
who is using the API, how it is used, and how
much is being used, centrally set up and
manage policy and application plans for all APIs
on one platform, provide API authentication
and security and Monitor and set alerts on
traffic flow.
In todays application infrastructure APIs are the
most important component and it is required to
manage APIs, Control APIs and Update APIs to
provide a centralized control on the Applications
connectivity
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1007
Vol-II, 1.5; OEM
Software
Requirements
16
Kindly confirm that OEM of the various
proposed system software shall have presence
in India and shall have its own India Support
centre as well.
RFP conditions Prevails
1008
Vol-II, Point 2
Web GIS Server;
Virtualization &
Cloud Compatibility
GIS System software
should support
VMware vSphere,
Microsoft Hyper-V
& Huawei Fusion
Sphere virtualization
environments.
99
Request you to please modify this clause more
generic as below:
GIS System software should support Industry
standard Virtualization Solutions.
This clarification to allow maximum participation of
more virtualization solutions by allowing other
Industry standard solutions
Please refer to the corrigendum 6
1009
Vol-II
Servers:
Virtualization:
• Shall support
Industry standard
virtualization
hypervisor like
Hyper-V, VMWARE
and Citrix.
136
Request you to please modify this clause as
below:
Virtualization:
• Shall support Industry standard virtualization
hypervisor technologies.
The reason for correction of the clause is to allow
other virtualization solutions, let bidder decide on
the best solution as per the application stack
selected part of the project. Hence making this
statement more generalized to allow maximum
participation of more Virtualization Solutions.
RFP conditions Prevails
1010 Pg 38 Vol 2
The solution should provide ability to attach
documents and other artifacts to incidents and
other entities
Since there would be lots of document which would
get generated as part of various processes and
approvals. So our understanding is that required
Enterprise Document Management System should
have at least but not limited to below mentioned
capabilities:
- Categorization of documents in folders-subfolders
just like windows interface. There should not be any
limit on the number of folder and levels of sub
folder
- Document Version Management with Check Out /
Check In
- Extensive document and folder level operation
such as move / copy, email, download, delete,
metadata association etc
- Repository should be format agnostic
- Indexing of the documents on user defined
parameters
- Association of the key words with the documents
Kindly confirm our understanding.
RFP Conditions Prevails
1011 Pg 46 Vol 2
The platform should allow stakeholders to share
content relevant to the issue In the
collaboration space. This content may include
text; pictures, video, PDF/DOC/DOCX documents
etc. and stakeholders should be able to view the
content directly from the collaboration space.
As per mentioned in the RFP, Document
Management System should have an inbuilt viewer
to view various document formats.
Request you to include the following specification
to ensure best of breed solution for the Document
Viewer.
- Server based Inbuilt Document Image Viewer for
displaying image document without native viewer
- Viewer should be platform independent and
support Linux based browser
- Support comprehensive annotation features like
highlighting, marking text, underlining putting sticky
notes on documents, and support for text and
image stamps etc.
- Automatic stamping of annotations with user
name, date and time of putting annotations
- Securing annotations for selective users
RFP Conditions Prevails
1012 Pg 58 Vol 2 Source Code
As per our understanding, the department requires
the source code of the Custom development done
for this project. However if Source Code of COTS
based solution is required then same can be kept
under the Escrow Agreement.
Please confirm our understanding.
RFP Conditions Prevails
1013 Pg 48 Vol 2 ERP integrationNeed more clarity on the process flows which will
be handled by ERP system.RFP Conditions Prevails
1014 Pg 113 Vol 2Should have workflow capabilities with regard to
the content approval and publishing process.
Our recommendation is that the Workflow
Management System should be based on Business
Process Management (BPM) platform which has the
capabilities of graphically modeling the processes or
workflows, in built Form designer, process
simulator, configurable Business Activity Monitoring
tool(Dashboards) and integrated Document
Management System for storing documents.
RFP Conditions Prevails
1015 Pg 38 Vol 2 Workflow and Business logic engine
Our recommendation is that the system should have
a workflow engine to support different types of
document routing mechanism including Sequential
routing, Parallel routing, Rule based & Ad-hoc
routing
RFP Conditions Prevails
1016 General Requirement for Enterprise Mobility Framework
As per mentioned in the RFP document, The
solution should support mobile application
development & deployment. With respect to the
requirement, we suggest that department has the
requirement for enterprise mobility framework in
which mobile applications and its services can be
configured/ managed centrally. For the ease of
departmental officials, we recommend that
department requires COTS (Commercial Off the
Shelf) based Enterprise Mobility framework so that
officials can make the changes by just doing the
configurations instead of writing/modifying the
lines of code.
Please confirm our understanding.
RFP Conditions Prevails
1017 GeneralRequirement of Imaging capabilities in
Enterprise Mobility Framework
As mobile apps would be used for capturing various
documents/images. So imaging features become the
important requirement of mobile application
framework. So our recommendation is that mobile
application framework should have below
mentioned features:-
a. Image compression, B/w conversion from color
images
b. G4 compression for B&W, JPEG for color and gray
scale
c. Multiple page document capture
d. Auto cropping, Auto orientation, perspective
correction, noise removal, geo capture
Please confirm our understanding.
RFP Conditions Prevails
1018 General Integration
We assume that below are the mentioned systems,
with which proposed system needs to be
integrated:
1. GIS application & GIS city portal
2. e-Governance/Website /Mobile App
3. UP dial 100
4. City Surveillance system
5. SCADA systems (Water Supply, Sewerage
Pumping Station etc)
6. Smart Mobility Card (Services covered - Municipal
Services Payments, Public Parking – On street and
Off Street (including multi-level parking) in the city
& Utility (water) Payments)
7. Biometric Attendance System (Sanitary Workers)
8. SMS Gateway system
9. Digital Signature
In case of integration with any other system, please
let us know system details & integration
touchpoints.
RFP is Self Explanatory
1019 General Storage and Archival
As mentioned in the RFP document, the system
should have the capability of centrally controlled
auditing, expiration & retention policies, archival,
retention and regulatory compliances.
So with this our understanding is that the
department requires the integrated Records
Management System which has the below
mentioned capabilities:
a. Capability to define retention policy, disposition
policy etc
b. Capability to capture details about the electronic
as well physical records including warehouse
location, box no etc.
c. Capability to track Physical records movement
d. Compliance with standards like DoD 5015.2, ISO
15489, VERS etc.
Please confirm our understanding.
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1020 General Uptime of SolutionPlease provide clarity on the uptime of the
solution.RFP conditions prevails Query Not Clear
1021 General Storage duration of Documents/Files Please provide the duration RFP Conditions Prevails
1022 General Scalability
Request you to include the following specification
to ensure best of breed solution and this will also
enhance the scalability of proposed Content &
document management module :
The system should store only index information in
database while images should be stored in separate
file server. DMS should be designed for storing high
volumes. DMS should store image and binary
document in a separate file server and not in
RDBMS.
RFP Conditions Prevails
1023 General Scanning
We understand that less paper initiative is key
requirement of project and so there will be
requirement of capture solution for scanning paper
documents with support for following :
• Both bulk and web scan capabilities
• Automatic extraction of data using OCR
• Automatic file and document separation using
blank page separator, barcode separator and fix
page
• Automatic correction of parameters like improper
resolution, format/ compression not proper, skew,
wrong orientation, error in automatic cropping,
punch hole marks etc during scanning
Please confirm if our understanding is correct.
RFP Conditions Prevails
1024 General User Count
Please let us know number of concurrent user
(internal as well as external) login licenses along
with user types/ roles.
RFP Conditions Prevails
1025 General Setup Details
Proposed solution shall be deployed at which setup -
1) State wide cloud setup 2) 3rd party cloud
provider 3) On premise setup?
RFP Conditions Prevails
1026
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
MSI should provide a dashboard view for their
DC/DRC solution for LSCL for virtually
monitoring all smart city projects related DC &
DRC activities inclusive of hardware, application,
data, bandwidth, manage hosting services,
storage from the ICCC.
Does LSCL wants the DRM solution to provide
service based dashboard that should provide
Business-IT relationship and service availability, DR
readiness, Business function availability, etc
RFP Conditions Prevails
1027
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
The system should able to generate automatic
and manual notifications, alerts and reports
based on performance to the concerned
operators/individuals.
Does LSCL want the DRM solution to provide alerts
through SMS, email, etc. in case of threshold breach
or threat of SLA violation
RFP Conditions Prevails
1028
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
Does LSCL wants the proposed solution toprovide
services heat map to pinpoint the root cause of the
service degradation.
RFP Conditions Prevails
1029
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
Does LSCL wants the proposed solution should
provide capability to define services, business
functions, IT Components and should be able to
monitor those from availability standpoint.
RFP Conditions Prevails
1030
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
Does LSCL wants the proposed solution to support
concurrent / parallel application recovery workflows
to be executed as part of failover
RFP Conditions Prevails
1031
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
Does LSCL wants the proposed solution should be
capable of Recovering Servers, Storage, Network,
Application, DB, Webserver and Middleware
layers on a click of a button
RFP Conditions Prevails
1032
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
The proposed solution should provide out of the
box reports on RPO deviation, RTO deviation,
Datalag, Application DR Readiness status and
replication trendingcapable of generating reports in
pdf, csv, XML format
RFP Conditions Prevails
1033
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
Does LSCL want the proposed solution to support all
major platforms including Linux, Windows, Solaris,
HPUX and AIX with native high availability
options. It must support both physical and virtual
platforms.
RFP Conditions Prevails
1034
RFP Volume 2/ DC
DRC Monitoring
dashboard
122
Does LSCL want the proposed solution to be capable
of monitoring the firewall policy updates that are
happening at production and if any change in
the policy is done at DC the same should be
identified and replicated across the DR firewall to
reflect the respective changes.
RFP Conditions Prevails
1035
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 10
Scalability -Important technical components of
the architecture must support scalability to
provide continuous growth to meet the growing
demand of the city. The system should also
support vertical and horizontal scalability so that
depending on changing requirements from time
to time, the system may be scaled upwards
Assuming the Scalability should be Vertical and
Horizontal while not being dependent on the Make ,
Model & Brand. Should the solution consider the
scalability for any of the future Storage procured
later and merged into the same Storage Pool to
provide the Capacity & Performance regardless of
the Storage make. Scalability can be achieved if
Storage solution or platform supports Scalability by
supporting the Storage tiering between Primary
Storage Disk to Disk, Tape, Object Storage & Cloud
RFP Conditions Prevails
1036
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 10
Availability - The architecture components
should be redundant and ensure that are no
single point of failures in the key solution
components. Considering the high sensitivity of
the system, design should be in such a way as to
be resilient to technology sabotage. To
Since Physical Components may be redundant, we
would like clarity on whether the Key CCTV Video
content for the latest 7 Days should also be
redundant on Primary & Secondary Tape storage to
avoid the Data failure state from primary Storage.
Additionally, should the data storage for 90
additional days be required to be made online from
any storage platform including tapes.
Availability of the Data also required the Primary &
Secondary Storage should be in the Same Global
Storage pool regardless of Primary Disk and
Secondary Tape Storage to Write & Read the data
available for users.
RFP Conditions Prevails
1037
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc.
LTO Tape Storage is the Safest Storage to protect
the data against malicious attack, Theft and
disaster. In-built Active Archiving Solution for CCTV
Video content on Tape is mandatory for this critical
environment. Kindly confirm if the same is required
for Overall Security of Data.
RFP Conditions Prevails
1038
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 12
Interoperability - The system should have
capability to take feed from cameras installed by
private/Govt. at public places, digitize (if
required) & compress (if required) this feed &
store as per requirements
Clarification needed on - the capabilities to keep the
Camera feeds on Primary & Secondary storage and
the Compatibility should be between all storages
along with the VMS engine to read the video data
recorded by the recording server. VMS server
should be aware of the Data location whether its
residing on Primary storage or archived to
secondary storage.
RFP Conditions Prevails
1039
1.4 Finalization and
submission of a
detailed technical
architecture
Page no. 12Open Standards - Systems should use open
standards and protocols to the extent possible.
Considering this point for the Offered Storage as-
Offered SAN Storage should be able to deliver the
required protocols for the Network users, Users
could be connecting to FC or IP network.
RFP Conditions Prevails
1040
Functional
Requirement of
Command and
Control Centre
Platform:
Point no. 96 -
Archival and
Retrieval
Page no. 33
Ease of restoration of archived data from online
archives or offline storage and it shall
be able to keep track of all archival activities
performed
Can we refer to this point as: "VMS application
server's catalog system shall be able to keep the
entire retention period history in their Catalog
records to locate the data kept on any of the
primary or secondary storage without having any
Disk Drive size limitation and the same data can be
restored from the application directly irrespective of
the Storage tier. Additionally, allocated disk size to
VMS server should not have any limitation on its
Volume capacity / size." VMS application shall
restore the data from Primary or from Auto archived
location i.e. Tape Library storage.
RFP Conditions Prevails
1041 3.7 City Surveillance Page no. 78 Under the Project Total 280 cameras were deployed at 70 Locations
Need to know the counting of the new Cameras and
would the retention be considered as 90 days for
the overall surveillance data
RFP Conditions Prevails
1042
Functional
Requirement of
Command and
Control Centre
Platform: Point no.
96
Page no. 58
Ease of restoration of archived data from
online achieves or offline storage and it shall
be able to keep track of all archival activities
performed
Primary & Archival secondary Tape Storage shall be
integrated at the File System level to provide the
seamless restoration of Video Data for VMS
application.
RFP Conditions Prevails
1043
5.2 Data Center and
Disaster Recovery:
Data center
Page no. 115
The MSI is expected to consider the above
components which will be provided by the State
Data Centre.
Data center
Data Center's Storage platform shall support the
business continuity considering the parameters like -
Storage Tier Failure, Storage upgradation, Storage
Migration, Support of Heterogenous Operating
System support, Performance scalability on project
expansion, High bandwidth requirement to LAN &
SAN users, Support of multi OEM Storage in single &
Global namespace, It shall support multiple tiers
from the same storage platform i.e. SSD/ SAS/ Nl-
SAS Disk Tier, Tape Storage, Object storage tier etc.
RFP Conditions Prevails
1044
5.2 Data Center and
Disaster Recovery:
Data center
Page no. 116
Min 90 days Data Backup of the video feeds and
the transaction data for min 1 year shall be
stored within the Data Center infrastructure
preferable in a cost effective and innovative
manner.
If the Complete 90 Days Data is managed between
Primary Disk & Secondary Tape Storage to provide
the Data Protection on the complete Data, then
Backup of entire Data is not required because Video
Data Backed-up by the Backup application will not
be directly readable or accessible to VMS
application to read it. Hence requesting you to
change it to-
"Min 90 days Data of the video feeds and the
transaction & Flagged data for min 1 year shall be
stored within the Data Center infrastructure
preferable in a cost effective e.g. Tape Storage and
innovative manner."
RFP Conditions Prevails
1045
5.2 Data Center and
Disaster Recovery:
Data center
Page no. 116
In case the data center services are to go down
due to any unforeseen circumstance, the
Command Center should have access to the
video feeds of previous 90 days and the
transaction data for min 1 year from this data
backup facility.
Assumptions & Clarification needed on -In case of
Datacenter Service / Storage are to go down due to
any unforeseen circumstance, the Command Center
should have retrieve the video feeds of previous 90
days and the transaction data for min 1 year from
this Secondary Storage data facility in Native Format
to restore the data even without the Backup/
Archive Server.
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1046 Primary Storage Page no. 136
Storage Capacity should be minimum 5 TB
(usable, after configuring in offered RAID
configuration)
Assuming the Primary SAN Storage or Storage
Solution shall support all types of Disk and Tiering in
Multiple Storage medium e.g. Disk, Tape, Object
Storage, Cloud etc.
Is the min. 5 TB Usable disk capacity required from
SSD / SAS or NL-SAS disk to meet the performance
and capacity criteria? Considering 50 % write & 50%
Read job on Video Data.
We proposed that the offered capacity in the
primary Storage should not have any limitation in
creating the LUN Size to ensure better flexibility to
the Front-end VMS Applications and the same
applied to the VMS application to have the
Recording Drive without any Size Capping.
RFP Conditions Prevails
1047 Primary Storage Page no. 136
Cache:
• Minimum 128 GB of useable cache across all
controllers. If cache is provided in additional
hardware for unified storage solution, then
cache must be over and above 128 GB.
Can additional SSD disk in the same appliance be
provided to meet the Cache requirement over and
above 128 GB?
RFP Conditions Prevails
1048 Primary Storage Page no. 136
Management software:
Should provide the functionality of proactive
monitoring of Disk drive and Storage system for
all possible disk failures.
A single command console for entire storage
system.
Management Solution should also be offered with
the in-built archiving functionality to move/ Archive
the CCTV Video content to Secondary Disk or Tape
Storage to optimize the primary storage sizing.
Assuming Single Command Console for entire
Storage system means - Primary & Secondary
Storage.
RFP Conditions Prevails
1049 Secondary Storage Page no. 138Must use latest stable technology platform, with
support available for next 7 to 10 years
The Solution should be sized according to the next 5
years of Capacity planning for archival data.RFP Conditions Prevails
1050 Tape library Page no. 140 Technology: LTO 6Kindly change it to min. LTO-7 Generation Full
Height Drives or laterRFP Conditions Prevails
1051 Tape library Page no. 140 Number Drives: Two LTO 6 Drives
Min. 2 or 3 LTO-7 Drives as it provides redundancy &
better read/write access, or bidder to Calculate
Including for Secondary Storage & Backup
Mechanism
RFP Conditions Prevails
1052 Tape library Page no. 140 Media Slots: Minimum 45
Min. slot comes to the Tape is 50, Kindly make it 50
to make it Generic to all or bidder to Calculate
Including for Secondary Storage & Backup
Mechanism.
RFP Conditions Prevails
1053 Tape library Page no. 140 Interface: Minimum 4 Gbps FC Interface FC interface for the Tape Drives are 8 Gbps RFP Conditions Prevails
1054 Tape library Page no. 140 Software: Security and Remote Management Software
Need to know which security software is required.
Kindly confirm if you are referring Encryption
Manager appliance in Redundant fashion which
keeps the Encryption keys in redundant fashion.
RFP Conditions Prevails
1055
Vol_1_RFP, 2.8
Earnest Money
Deposit (EMD)
page no 16
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-
Procurement portal. No exemption for
submitting the EMD will be given to any agency.
Bid security in any other form will not be
entertained.
Request you to kindly accept bid security in the
form of Bank Guarantee from a reputed
nationalised bank.
Dilution required:
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only) shall
be paid online through e-
Procurement portal or in the form of a Bank
guarantee from a reputed nationalised bank. No
exemption for submitting the EMD will be given to
any agency.
RFP Conditions Prevails
1056
Vol_1_RFP, 3.4.3
Stage 3: Commercial
Evaluation.
Page no 34
A written undertaking from each of the
consortium members, in case of a
consortium, duly signed by the authorized
signatory, holding a written special
power of attorney for this bid on a stamp
paper, authorizing the lead bidder incur
liabilities and receive instructions for and
on behalf of any and all consortium
members, and the entire execution of the
Contract, including but not limited to
payments.
Request you to kindly consider Board resolution or
Power of attorney. Since board resolution is the
legal document signed by board of directors.
RFP Conditions Prevails
1057
Volume 2: Scope of
Work , 1.3
Development Phase
/ iv
9
For the integrated solution, the MSI shall supply:
Assuming MSI shall supply source codes of software
developed under Lucknow smart city , All
Intellectual Property Rights (IPR) of software (COTS
software use for development) will be remain with
OEM/Suppliers. Please conrifm.
RFP conditions Prevails
1058
Volume 2: Scope of
Work , 1.3
Development Phase
/ iv
13
GIS Integration- MSI shall undertake detail
assessment for integration of all the Field level
ICT interventions proposed with the existing
Geographical Information System (GIS).
Please provide details of existing Geographical
Information System viz. Area of Interest (AOI), Data
Volume, Data Format, Avalibale layers etc.
RFP conditions prevails
1059
Volume 2: Scope of
Work , 4 Integrate,
View & Operate ,
4.1 Geographical
Information System
(GIS) & GIS City
Portal
86
xix. MSI to design and develop the GIS based
integrated application for Municipal
departments and other departments.
Please provide the detail scope of work for
development of the GIS based integrated
application for Municipal departments and other
departments.
Please refer to the corrigendum 6
1060 General NA NAWill you allow VPN Connectivity during the
customization/implementation phase ?RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1061 General NA NA
How many total users are expected to use the
analytics/dashboards.Out these users how many
users will be concurrent ones ?
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1062 General NA NA
Kindly provide total amount of data in each of these
source systems. What is the expected YoY growth in
data
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1063 General NA NAPlease provide the Database technology used with
its version no?RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1064 General NA NAPlease let us know the total no of models,
dashboards and KPIs required ?RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1065 General NA NAWhat is the version of the implemented GIS
solution?Please refer to the corrigendum 6
1066 General NA NAPlease confirm if mapping data is available using
standard OGC compliant protocol?RFP Conditions Prevails
1067 General NA NA Do you need a separate development/QA server? RFP Conditions Prevails
1068 General NA NA Are you planning to use LDAP for Single-Sign-On? RFP Conditions Prevails
1069
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B2
41,City Centric
Software
Integration
project
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please clarify/define the scope of City Centric
Software Integration projects .RFP Conditions Prevails
1070
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B3
42, Software
platform
The Sole Bidder or lead member (in case of
consortium) should have
experience in developing and implementing IT
software projects in India
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to
be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please clarify if all the technoolgy components
specified should be present in same projects or
different projects can be submitted for different
components.
Also Request you to modify the clause as :The Sole
Bidder or lead member (in case of consortium)
should have experience in developing and
implementing IT software projects in India/ Global
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3, mobile apps native languages
(Android/ ioS/Windows/ Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to be
provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
• Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
1071
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B3
43, Operation
and
Maintenance
The bidder must have experience of providing
Handholding and Operational
Manpower for Turnkey IT projects. Minimum no.
of manpower per project
should be 10.
Marks shall be allotted as below: •
Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Request you to modify the clause as :The bidder
must have experience of providing Handholding and
Operational
Manpower for Turnkey IT projects. Minimum no. of
manpower per project should be 5.
Marks shall be allotted as below: • Four
Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
RFP Conditions Prevails
1072
Technical bid
criteria and
Evaluation, Project
Experience :Clause
B3
39,Web
Portal/Mobile
App
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned /Go Live
project(s) related to development and integration of
citizen centric web portal / mobile app components
or both having minimum value
of INR 15 crore in India/Global during last Seven
years as on the date of release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Please refer to the corrigendum 6
1073 General NA
1.Work order/ Contract clearly
Highlighting the scope of work, Bill of
Material and value of the contract/order.
2.Completion
Certificate issued & signed by the
competent authority of the client entity on
the entity’s letterhead
OR Self-certificate from the bidder
signed by the concerned project
in-charge of the bidder and
counter signed by authorised signatory
for this bid holding written special
power of attorney on stamp paper
along with the official contact
details of the Competent authority of the client
entity. The Authority reserves
the right to contact the aforementioned
Competent authority.
1.Work order/ Contract clearly
Highlighting the scope of work, Bill of Material and
value of the contract/order.
2.Completion /Go Live
Certificate issued & signed by the
competent authority of the client entity on
the entity’s letterhead
OR Self-certificate from the bidder
signed by authorised signatory
for this bid holding written special
power of attorney on stamp paper
along with the official contact
details of the Competent authority of the client
entity. The Authority reserves the right to contact
the aforementioned
Competent authority.
RFP Conditions Prevails
1074Prequalification
Criteria36 ,Clause 8
The sole bidder or lead bidder should have
completed at least two projects in Govt/
Semi Govt/ PSU; in the field of
development and integration
of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud
applications on the date of release of NIT.
Completion Certificate issued and signed
by the competent authority
Request you to modify the clause as : The sole
bidder or lead bidder should have completed at
least two projects in Govt/
Semi Govt/ PSU; in the field of
development and integration
of citizen centric web portal /
mobile app, database management /data
warehousing/ business analytics / cloud applications
on the date of release of NIT. Completion /Go Live
Certificate issued and signed
by the competent authority OR Self-certificate from
the bidder
signed by authorised signatory on Company's
letterhead
Please refer to the corrigendum 6
1075 Volume 1, 7.2 E 90,91 Line Item missing for SIEM in Commercial sheet. Kindly Include the same as separate line Item Please refer to the corrigendum 6
1076 Volume 2, SIEM 160 SIEM Specifications
Some part of SIEM specs has been mentioned under
EMS. Kindly confirm specifications under heading
SIEM (page 160 onwards )are to be considered.
Please refer to the corrigendum 6
1077 Volume I 36
The sole bidder or lead bidder /consortium
partner should have CMM level 5.
The Sole Bidder or the Lead Bidder 1. Copies of
valid certificates in the name of the bidding
entity
Looking to the tender scope of design, develop,
implement and maintain the Smart City System and
importance and criticality of the work, as well as we
would like to memtion here that authority always
prefer CMM Level -5 from Lead bidder only in all
these type of development of works. Hence, we
would request you to ask CMM level -5 from lead
bidder only as per Documentary Evidence column of
Prequalification and Supporting Documents
required column of Technical Bid Criteria &
Evaluation.
Please amend this clause and ask CMM level 5
certification from Sole Bidder or Lead Bidder of the
Consortium.
Please refer to the corrigendum 6
1078 Volume I 40
Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
With reference to this clause, we would like to
highlight the fact that here you have asked specific
order of development and integration of citizen
centric web portal / mobile app components or both
having minimum value of INR 15 crore , however, if
we look in practicle situation, orders of Mobile app
or Web portal having value in few lakhs not in crore.
Hence, we would request you to please amend
value of the orders Rs. 15 lacs or more for more
competitive and qualitative bids.
Further to this, if you consider estimation of the
project based on EMD value it is 2.5 crore or higher
side Rs. 5 crore accordingly asked orders Rs. 15
crore is three or more time higher against
estimation value of the tender. as well as this
criteria is restricting the competition, so please
amend the clause as requested.
Please refer to the corrigendum 6
1079 Volume I 16
2.8 Earnest Money Deposit (EMD)
EMD of Rs. 5,00,000/- (Rupees Five Lakh Only)
shall be paid online through e-
Procurement portal. No exemption for
submitting the EMD will be given to any agency.
Bid security in any other form will not be
entertained.
1. We understand here that Bank Guarantee is
allowed here for making EMD, please confirm.
2. According to rule of some nationalize banks, IFSC
Code of your banker is required for making BG, so
we request you to please share the same for making
BG and PBG .
Please refer to the corrigendum 6
1080
Volume 2
2- Level 1:
Implement, View &
Operate.
2.1
4 - 5
Environmental Sensors
Variable Message Sign Board
Centralized Command & Control Centre
E Governance
ICT Enabled Solid Waste Management
Smart Parking
Energy Efficient Street Lighting Solutions
Intelligent Traffic Management System
ICT for City Bus Services
City Surveillance
UP Dial 100
Integration of SCADA Systems
GPS Tracking of Vehciles
Unified Smart Mobility Card:
Biometric Attendance System of Sanitary
Workers
Geographical Information System (GIS) & GIS
City Portal
LSCL App (Mobile App)
Lucknow Smart City Website
1. Kindly provide the URLs of the existing
application/system whereever applicable.
2. Kindly let us know the method of integration and
the availabiity of web-services/interfaces/APIs for
each of the exiting application/systems. We assume
the successful bidder is required to merely integrate
based on the web-services/interfaces/APIs supplied
by LSCL.
3. Kindly provide details about the technology
platform for all the existing application/system
which MSI intends to integrate in the new solution.
4. Kindly share currently "Hosting architecture" and
"System architecture" of the existing
application/system.
5. For each of the existing applications/system we
would like to know the 'frequency' of sharing the
data.
6. Which type of integration required:
6.1 One way sharing of data
6.2 Two way sharing of data
7. Please share a little overview about every existing
system/applicaiton carrying details about nature of
applicaiton, its functional coverage and exact data
to be shared among the two systems.
RFP is Self Explanatory
1081
Volume 2
7. Handholding and
Training
163
End user training shall include all
the equipment including but not limited to all
the applications and infrastructure at
Operation centres data centres & field
Locations. End user training shall be
conducted at a centralized location or any other
location as identified by Authority
with inputs from the MSI.
1. Kindly share the list of location(s) where training
is required.
2. Kindly share the number of users to be trained.
3. We assume that required training infrastructure
will be provided by client.
RFP Conditions prevails
1082 General
1. Kindly share the "Types of users" who will access
the proposed system along with approximate total
number for each.
RFP Conditions prevails
1083RFP Volume 2,
Section 1.411
All the system logs should be properly stored &
archived for future analysis and forensics
whenever desired. The authority would carry
out the security audit of the entire system upon
handover and at regular interval during O&M
period.
In section 1.4, RFP has mentioned the requirement
of security forensics solution, but same has not be
elaborated in the technical specs sheet as done of
other security components. We recommend to
consider Forensic solution to have context
Awareness. The Forensic solution will provide the
complete session information and what happened
during, before and after. Forensic solution can See
the full source and scope of attacks and Arm
incident response teams with clear, concise
answers. This will also help to tighten security
posture.
Suggested : It is suggested
to create a separate
section which will be for
Network Analysis for post
breach analysis.The
Forensic solution will
provide the complete
session information and
what happened during,
before and after. Forensic
solution can see the full
source and scope of
attacks and arm incident
response teams with clear,
concise answers.
Minimum Requirement:
1. Provides insights into all
your network traffic,
including communications
between the applications
running in your virtual
networks; providing the
indexing, classification,
anomaly detection, storage
and replay capabilities you
need to gain a full
understanding of what is
happening in smart city
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1084RFP Volume 2,
Section 4.3112
Portal must be secure in all the way and all the
latest security implementations like https, xss,
sql injection, OWASP vunrebelties etc should
be implemented/followed to avoid any hacking
In section 4.3, under minimum Technical &
Functional Requirements of Lucknow smart city
portal, RFP has asked for the security against
security implementations like https, xss, sql
injection, OWASP vunrabilties, this can be done via
WAF, so we recommend the WAF solution to
protect the application from OWA top 10. Rather in
technical specifications of SLB, reverse proxy
function has been requested. Our recommendation
is, It must be in dedicated solution to maintain the
better security and content scanning while upload
any user data to portal. The Proposed solution must
have capability to scan the file up to 1 Gbps and
having Caching feature for enhance end users
experience.
Suggested :To mitigate the
risks a compromise poses
to web applications and
ongoing operations, Smart
City must implement Web
Application Firewalls (WAF)
to protect web properties
and enforce the security
and privacy of web
applications without
adversely affect the
performance of the web.
WAF addresses today’s
security concerns including
the Top Ten risks identified
by the Open Web
Application Security
Project (OWASP), providing
the most advanced policy,
control, accountability and
performance features
available in a WAF
solution.
Minimum Requirement:
1. Conduct advanced
threat analysis on both
inbound and outbound
content to detect and
RFP conditions prevails
Bidder's should meet the
functional requirement by
adhering OWASP framework
1085
RFP Volume 2,
Section 2.3.1, Point
74
52
Data Protection / Data at rest: Platform should
support encryption for tenant data at rest (on
disk/storage)
Please advise with this functionality are you looking
for hard disc encryption. The solution should also
include File Share Encryption - Policy-enforced file
encryption for collaborating teams.
RFP conditions Prevails
1086
RFP Volume 2,
Section 2.3.1, Point
74
53
Patch Management: Platform should have
capabilities to patch vulnerabilities across VM
infrastructure, applications and systems.
We suggest to have a separate section for Patch
Management. This will provide comprehensive view
of uptodate status of the patches and risk
associated with it. Please refer to the adjacent cell
for minimum requirements.
Suggested: An effective
and comprehensive patch
management strategy is an
essential part of securing
and protecting your
organization. The vast
majority of vulnerabilities
being exploited are ones
for which a fix has already
been available from the
software vendor.
Minimum Requirements:
1. Automated detection
and facilitating the
remediation of security
vulnerabilities for multiple
operating systems in the
Smart City Data Center.
2. Visibility into newly
released software updates
and the means to identify
computers susceptible to
the vulnerabilities
addressed by such updates
3. Target computers or
groups of computers
directly to the patch policy
to perform testing to
RFP conditions Prevails
1087
RFP Volume 2,
Section 2.3.1, Point
99
59
appropriate tools for incident and SLA
management for the SLA Parameters defined in
Vol. 3 of this RFP
Incident response is a compleax activity and needs
to be content and context aware. To compliment
incident response network traffic analysis which will
provide the complete session information and what
happened during, before and after any incident to
provide incident response teams with clear, concise
answers. Please refer to the information that must
be part of incident response in the adjacent cell.
Suggested: Incident
Response is an complex
activity and needs
evidence to mitigate and
respond effectively. To
accelerate Incident
Response, it is important
to have context around
what is happening in the
network to streamlined
post-breach evidence
gathering. There is a need
to have full visibility,
analytics, real-time threat
intelligence and system of
record to successfully
uncover advanced threats
and further protect
infrastructure and
workforce.
Minimum Requirements:
1. Provide comprehensive
analysis of advanced
threats, targeting both
your physical and
virtualized assets, with
actionable intelligence that
supports the quick
RFP conditions Prevails
1088RFP Volume 2,
Section 4.3110 Security Audit:
Smary City with mission critical server and network
infrastructure are audited on regular basis to keep
risk at the lowest. However, most of the time it is
manual process with no real time visibility of risk
nor there is historic evidence of compliance. We
suggest to have adjacent minimum requirements to
be part of security Audit.
Suggested: Traditionally,
organizations combine and
analyze data from multiple
different sources across its
IT environment manually
which does not establish a
unified and true view of IT
risk. There is requirement
to have automated
assessment to evaluate
whether Smart City
systems are properly
secured, configured, and
patched and mapped to
Smart City regulations and
frameworks. IT risk is
depended on the risk score
usually calculated on
Common Vulnerability
Scoring System(CVSS). This
provides a way to capture
the principal characteristics
of a vulnerability and
produce a numerical score
reflecting its severity. The
numerical score can then
be translated into a
qualitative representation
RFP is self explanatory
1089
RFP Volume
2,Section 5.3 Data
Security
146
The system shall include industry standards
based firewall and antivirus, and shall provide
content filtering, tracking, lockdown, and
malware detection and prevention capabilities.
This RFP lines incline towards UTM. We recommend
the proxy/SWG appliance must be in separate
appliance. From an architecture perspective, NGFW
simply repackages traditional firewall technology
and incorporates some advanced firewall features,
making it less secure than the full proxy
architecture. NGFWs use stream-based detection
methodologies, examining the traffic as it streams
by. This means that the firewall can only see a
fleeting portion of malware at any given time,
making it possible for malware to be delivered in
many segmented pieces. Conversely, Proxy
appliance waits for an entire object to be
reassembled and scanned before allowing it to be
delivered. We also recommend that the proxy
solution must be dedicated appliance based
solution and in Gartner leaders Quadrant since last
5 years.
Suggested :To mitigate the
risks a compromise poses
to web applications and
ongoing operations, Smart
City must implement Web
Application Firewalls (WAF)
to protect web properties
and enforce the security
and privacy of web
applications without
adversely affect the
performance of the web.
WAF addresses today’s
security concerns including
the Top Ten risks identified
by the Open Web
Application Security
Project (OWASP), providing
the most advanced policy,
control, accountability and
performance features
available in a WAF
solution.
Minimum Requirement:
1. Conduct advanced
threat analysis on both
inbound and outbound
content to detect and
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1090
RFP Volume
2,Section 5.3 Data
Security
151, 152 Gartner leader’s quadrant
Presently RFP is asking for the Gartner leader’s
quadrant for only Endpoint Protection and NIPS, you
are requested to ask this qualification uniformaly
for other envisaged security coimpoents as well
such as Data Loss Prevention, Secure Web
Gateways, Managed Security Services
RFP conditions Prevails
1091
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Firewall rules should filter traffic based on
source and destination IP address, port, MAC
address, etc. and should detect reconnaissance
activities such as port scans and Solution should
be capable of blocking and detecting IPv6
attacks and Product should Support CVE cross
referencing when applicable for vulnerabilities.
This seems to be combining of different product
specification in to HIPS. HIPS is to protect servers
from unauthorised access, malware and unwanted
traffic. CVE cross referencing is for Vulnerability
Management and not HIPS. These are OEM specific.
We request you to repharse the specification to
"Firewall rules should filter traffic based on source
and destination IP address, port, MAC address, etc.
and should detect reconnaissance activities such as
port scans and Solution should be capable of
blocking and detecting IPv6 attacks" and create a
vulnerability section with minimun requirements as
provided in adjacent cell.
Suggested: It is suggested
to have a separate section
for vulnerability
Assessment Manager.
Vulnerability Assessment
Manager scans the
network to discover
devices running on it,
probes vulnerabilities of
the discovered devices and
discovers the data which is
associated with each
device. This will allow Data
Center wide reporting of
vulerabilities and not just
servers.
Minimum Required:
1. Scans network, discovers
devices, and provides
associated vulnerabilities
for discovered devices
2. Automatically map a
vulnerability to a known
public exploit.
3. Scan engine to find
vulnerabilities, ports,
services, applications,
certificates and users
RFP conditions Prevails
1092
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Host based IPS should support virtual patching
both known and unknown vulnerabilities until
the next scheduled maintenance window.
Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to server security
solution and sandboxing should have at least
virtual instance of server class OS Win 2008, win
2012.
HIPS solutions are for mission critical servers and
servers do not download files from unknown
sources. Server Security-HIPS works on least
privilege access to the critical resources and
applications. We suggest to have Network Anti-APT
from servers which will have no impact on the
servers compute and performance of the
application which runs on the server. It is therefore
suggest to repharse this OEM specific specification
to "Host based IPS should support virtual patching
both known and unknown vulnerabilities. Solution
should provide least access privilege to the
applications or resources to protect servers from
hackers and malacious code." and move "Solution
should have capability to submit unknown files to
sandboxing for simulation and create IOC's on real
time basis as per sandboxing analysis and revert
back to server security solution and sandboxing
should have at least virtual instance of server class
OS win7/win10/Win 2008/win 2012." to Anti-APT
We suggest to move part
of specification to Anti-APT
and Please refer Serial no
22 for Anti-APT.
RFP conditions prevails
Host based IPS should support
virtual patching both known and
unknown vulnerabilities until the
next scheduled maintenance
window. Solution should have
capability to submit unknown files
to sandboxing
1093
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
HIPS should have signatures for known &
unknown vulnerabilities and exploits. It should
also allow for creation of custom signatures to
secure home grown legacy applications.
Detailed events data to provide valuable
information, including the source of the attack,
the time, and what the potential intruder was
attempting to exploit, should be logged.
How can we have signatures for unkown
vulnerabilities and exploits? The specification
should be rephrased to "HIPS should have
policies/custom policies to protect from
vulnerabilities and exploits. It should also allow for
creation of custom signatures/policies to secure
home grown legacy applications. Detailed events
data to provide valuable information, including the
source of the attack, the time, and what the
potential intruder/process/application was
attempting to exploit, should be logged."
We suggest to create a
new section for
Vulnerability Assessment
Manager. Please refer to
serial no. 9
RFP conditions Prevails
1094
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
149
Should provide automatic recommendations
against existing vulnerabilities, Dynamically
tuning IDS/IPS sensors (Eg. Selecting rules,
configuring policies, updating policies, etc.) And
provide automatic recommendation of removing
assigned policies if vulnerability no longer exists
For Example If a patch is deployed unwanted
signatures should be unassigned.
This is an OEM specific specification because there
are no sensors for HIPS. We suggest to move this
specification to NIPS as this is a NIPS function not
HIPS.
RFP conditions prevails
Fixing existing vulnerabilities by
automatic ally configuring policies
by sharing recommendation is a
desired functionality to minimize
security risk. Hence please
consider specification RFP
conditions Prevails
1095
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
150
Solution should have feature to take backup of
ransom ware infected files and restoring the
same and Management Server should support
Active Passive high availability configuration.
Should have central management console for
server security and AntiAPT with sandboxing for
central visibility and control.
Again Mixing of the specifications of products. By
taking backup of the files on servers at an
unscheduled downtime will not only hamper the
day-to-day operations but there are chances to
corrupt open files/databases. This being an OEM
specific and not for HIPS. It is suggested to remove
this specification.
We suggest to rephrase specification to "Solution
should provide protection from ransomware and
prefrably not allowing ransomware get installed by
using OS and application sandboxing." and Anti-APT
part of the specification is covered in anti-apt
section.
We have provide some
minimum requirements of
anti-APT at serial no 22
RFP conditions prevails
Solution should have feature to
mitigate ransomware threat and
Management Server should
support Active Passive high
availability configuration. Should
have central management console
for server security and AntiAPT
with sandboxing for central
visibility and control.
1096
RFP Volume
2,Section 5.3 Data
Security, Functional
Requirements Host
Intrusion Prevention
System (HIPS)
150
Host IPS should be capable of recommending
rules based on vulnerabilities with the help of
virtual patching and should have capabilities to
schedule recommendation scan and entire
features of solution should be agentless.
HIPS is both agent and agentless. The objective is to
restrict application and operating system behavior
using policy-based least privilege access control so
that no application or user gains administrative
previlges of it own. This is specific to an OEM. We
suggest to have this specification rephrased as
"Host IPS should be capable of recommending
policies based on OS/vulnerabilities with the help
of virtual patching and should have capabilities to
schedule recommendation scan and solution should
be agent/agentless."
RFP conditions prevails
Host IPS should be capable of
recommending policies based on
OS/vulnerabilities with the help of
virtual patching and should have
capabilities to schedule
recommendation scan and
solution should be
agent/agentless.
1097
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint vulnerability protection should scan
the machine and provide CVE number visibility
and accordingly create rule for virtual patch
against vulnerability.
This is an OEM specific specification. There are only
a vendor which provides vulnerability scan and
integrated DLP as a part of Anti-virus.
We suggest to have vulnerability as a section within
RFP which will provide update infromation about
vulnerabilities and aid to ISO27001. The minimum
requirement has been provided in serial no 9.
We suggest to create a
new section for
Vulnerability Assessment
Manager. Please refer to
serial no. 9
RFP conditions prevails
Vulnerability protection is required
at endpoint level to address
current threat landscape. Hence
please consider current clause as
below :
Bidder should provide vulnerability
assessment and mitigation
capabilities at endpoint
1098
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint solution should have pre and post
execution machine learning and behaviour
monitoring along with ransom ware protection
engine, ransom ware engine should have
feature to take backup of ransom ware
encrypted files and restoring the same.
This is an OEM specific specification. There are only
a vendor which provides backup of files as a part of
Anti-virus. Please also note that By taking backup of
the files on servers at an unscheduled downtime
will not only hamper the day-to-day operations but
there are high chances to corrupt open
files/databases. We suggest to rephrase the
specification to "Endpoint solution should have pre
and post execution machine learning and behaviour
monitoring along with ransom ware protection
engine, ransom ware engine to prevent
ransomware attacks."
RFP conditions prevails
Endpoint solution should have pre
and post execution machine
learning and behaviour monitoring
along with ransom ware
protection engine, ransom ware
engine to prevent ransomware
attacks.
1099
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150
Endpoint solution should have integrated DLP
with predefined templates for HIPAA, PCIDSS,
and GLBA etc. for compliance requirements and
should have capability to create policies on basis
of regular expression, key word and dictionary
based for data loss presentation.
Only single OEM has integrated DLP with anti-virus.
We suggest to remove so that all leading OEMs can
participate.
We suggest to have DLP as separate section and the
minimum requirement is mentioned in the adjacent
cell.
Suggested: We suggest to
have a DLP under separate
heading because as
employees become mobile
and data centers interact
with more number of users
(internal or external), it
becomes important for
Smart City stake holders to
ensure the citizen data is
secure and does not fall in
wrong hands. Any
unauthorised data leakage
of citizen data with have
adverse effect on Smart
City and loss of trust. Data
Loss/leakage can happen
at endpoint or network
level and protection needs
to be provided at these
levels.
Minimum Required:
1. Capture and analyze
outbound traffic on your
corporate network, and
detect sensitive content
and metadata over
standard, non-standard
RFP conditions prevails
Endpoint solution should have DLP
capability with predefined
templates for HIPAA, PCIDSS, and
GLBA etc. for compliance
requirements and should have
capability to create policies on
basis of regular expression, key
word and dictionary based for data
loss presentation.
1100
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
150-151
Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to Endpoint security
solution to block and clean threats and
sandboxing solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for Sandboxing
with at least 60 virtual instances running in
single sandboxing box.
This is a repeat of the specification under HIPS on
page 149 of the tender document. It seems there is
a attempt to have only single OEM participate. We
suggest to move this to Anti-APT which should read
as "Solution should have capability to submit
unknown files to sandboxing for simulation and
create IOC's on real time basis as per sandboxing
analysis and revert back to Endpoint security
solution to block and clean threats and sandboxing
solution should support customizable Windows
7/8/10/Microsoft 2008/12 operating environments
for Sandboxing"
Please refer Serial no 22
for Anti-APT.RFP conditions prevails
Solution should have capability to
submit unknown files to
sandboxing for simulation and
create IOC's on real time basis as
per sandboxing analysis and revert
back to Endpoint security solution
to block and clean threats and
sandboxing solution should
support customizable Windows
7/8/10/Microsoft 2008/12
operating environments for
Sandboxing"
1101
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
151
Host IPS should be capable of recommending
rules based on vulnerabilities on endpoint and
Host IPS should have dynamic rules based on
System posture and endpoint posture
This is a repeat of the specification under HIPS on
page 150 of the tender document. It seems there is
a attempt to have only single OEM participate. We
request to remove this specification.
We recommend to make vulnerability under
separate section. This will provide update to the
latest vulnerabilites and help Smart City to mitigate
the risk.
Please refer Serial no 9 for
Vulnerability Assessment
Manager.
RFP conditions prevails
Bidder should provide
vulnerabilities protection
capability using virtuat patching at
the endpoint having dynamic rules
based on System posture and
endpoint posture
1102
RFP Volume
2,Section 5.3 Data
Security, Endpoint
protection and
storage protection
151
Solution should deprovision corresponding HIPS
rules id System upgraded or patched and Should
support Detecting and Blocking Reconnaissance
on the endpoint
This is an OEM specific specifications. It seems there
is a attempt to have only single OEM participate.
We request to remove this specification.
RFP conditions prevails
Proposed solution should have
capability to deprovision
corresponding HIPS rules id
1103
RFP Volume
2,Section 5.3 Anti-
APT
155
The proposed solution should be able to store
packet captures (PCAP) of all Malicious
communications detected by sandbox.
Sandbox does not detect malacious
communications, it detonates the unknow,
suspicious files for any threat and can provide
packet capture (PCAP). Moreover, OEM provides
robust GUI with all necessary analyis in human
readable form from packet capture (pcap). This
seems to be an OEM specific and must be removed
or be amended to read "The proposed solution
should be able to provde complete flight data
records along with comprehensive reports on the
analysed file/malware detected by sandbox."
We suggested some of the minimum requirements
menioned in the adjacent cell.
RFP conditions Prevails
Suggested: Anti-APT
uncovers, prioritizes,
investigates, and
remediates advanced
threats across endpoint,
network, email, and web
traffic. Anti-APT
automatically sends
suspicious files to
sandboxing system for
rapid detection of even the
most complex and the
stealthiest advanced
attacks. Malware behaves
differently when executed
in a SandBox environment
than on a workstation, and
that difference can result
in some files not being
properly identified as
malware, Anti-APT There is
a need to train people
managing anti-APT,
understand proactive
planning and risk
management as well as
deployment, configuration
and assessment for Smart
City.
Minimum Specifications:
1. Detect network ingress
of a potential threat, and
automatically determine if
that threat was blocked by
on endpoint. So, that
attack will be prioritized
much lower on the list to
drastically reduce the
number of security events
analysts needs to examine
2. Sandbox containment of
operating system and
application processes
3. Access the binary
assembly code and
perform static analysis
based on common or
unique indicators
4. Provides anomaly
detection to detect and
report on suspicious
information found in a file.
Prefrable capabilities to
include, TLS callback
activity, CVE and exploit
detection, shell-code
detection, debugger
detection, watermark
tampering, and non-
standard file alignment,
RFC compliant etc
5. Collect and share the
threat intelligence from /
to external sources using
industry formats such as
STIX ,TAXII, etc.
6. Detect command and
control traffic activity with
IP level events, URL events,
and DNS activity using
detection mechanisms like
static analysis, behavioral
analysis, and reputation
analysis from intelligence
netwok.
7. Perform analysis on
"known" & "unknown"
content. Scaning files
using whitelisting, dual-AV,
file hash reputation, &
static code analysis looking
for known good & known
bad content. Send
unknown files & URLs are
sent to sandbox for
determination in a
customized sandbox
environment.
8. Dashboard to include
the latest high risk tasks,
search capabilities, recent
samples, multiple
processing stats, e.g.
queue size, sandbox
execution time, event
count, tasks complete, and
risk scores over say last 24
hours
9. Prevent zero-day threats
that exploit vulnerabilities
in popular software by
monitoring process
memory and preventing
such attacks
10. Query endpoints to
verify indicators (file hash,
registry changes, URLs,
process name, registry
changes, etc.) and take
action.
11. Provide Anti-virus,
malware, and spyware
scanning with one or
multiple simultaneous anti-
virus vendors at network
12. Quarantine endpoint if
the endpoint is not
compliant to the
compliance (like checking
of the missing OS patches,
outdated anti-virus
definitions, less disk space,
etc) check based on policy
to meet organizations
requirements.
13. At endpoint analyze
incoming data and blocks
threats while they travel
through the network
before hitting the system.
14. At endpoint should
1104
RFP Volume
2,Section 5.3 Anti-
APT
155The proposed solution should support at least
100+ protocols for inspection.
Is Lucknow Smart City having 100 protocols? Will it
be possible to provide list of those protocols as
different OEMs will have different protocols in that
list ? If it not available , we suggest to remove this
specification.
We also recommend following replacement of this
specification to read "The proposed solution should
detect Command and Control communication
activity with IP level events, URL events, and DNS
activity and map of entire execution of additional
dropped files"
RFP conditions Prevails
1105
RFP Volume
2,Section 5.3 Anti-
APT
The proposed solution should support to
monitor traffic from multiple segments like
WAN, DMZ, Server Farm, WiFi network, MPLS
links etc. simultaneously on a single appliance.
This functionality is to favour a single OEM. It
should be left to bidder/OEM to provide solution to
monitor different segments. We suggest to
rephrase the specification to "The proposed
solution should support to monitor traffic from
multiple segments like WAN, DMZ, Server Farm,
WiFi network, MPLS links etc. simultaneously."
Please refer to the corrigendum 6
1106
RFP Volume
2,Section 5.3 Anti-
APT
156
The proposed solution should have an built in
document vulnerabilities detection engine to
assure analysis precision and analysis efficiency.
This is an OEM specific specifications. It seems there
is a attempt to have only single OEM participate.
We request to remove this specification.
We recommend to make vulnerability under
separate section. This will provide update to the
latest vulnerabilites and help Smart City to mitigate
the risk. Please refer Serial no 9 for Vulnerability
Assessment Manager.
RFP conditions prevails
Existing vulnerabilities pertaining
to OS and 3rd party applications is
a prominent threat as same can be
used to compromise critical
running applications.
The proposed solution should have
an built in vulnerabilities
detection engine to assure analysis
precision and analysis efficiency.
1107
RFP Volume
2,Section 5.3 Anti-
APT
156
The Proposed solution should support remote
packet capturing for Kerberos traffic from the
remote location for analysis.
This is an OEM specific specifications. It seems there
is a attempt to have only single OEM participate.
We request to remove this specification.
Please refer to the corrigendum 6
1108
RFP Volume
2,Section 5.3 Anti-
APT
156
The proposed solution should have an endpoint
security component and should have following
functionalities (Antivirus, antimalware, ransom
ware protection, Vulnerability Protection in
endpoint, integrated DLP and C&C detection,
ability to quarantine and clean the infected files,
ability to integrate with Anti APT components
and automatically block/Quarantine zero day
malwares by sharing Indicators of Compromise.
This is an OEM specific specifications. It seems there
is a attempt to have only single OEM participate.
We request to remove this specification.
RFP conditions prevails
Considering current landscape
possible data leakage due to a
malicious threat is a prominent
concern. Hence DLP capability is
required at the endpoint channel
to avoid any intentional and
unintentional data exfilteration.
1109
RFP Volume
2,Section 5.3 Anti-
APT
156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
This is a repeat of the specification under "HIPS" on
page 149 and on 150-151 under "Endpoint
protection and storage protection" of the tender
document. It seems there is a attempt to have only
single OEM participate. We suggest to move this to
Anti-APT which should read as "The proposed
solution should be able to run parallel sandboxes
for analysis of payload and on premise customized
sandbox solution should have the capability to
allow manual submission of suspicious files for
analysis"
RFP conditions prevails
Considering Smart City traffic
volume and future scalability
considering unknown malware
threats the proposed solution
should be able to run at least 60
parallel sandboxes for analysis of
payload and on premise
customized sandbox solution
should have the capability to allow
manual submission of suspicious
files for analysis
1110
RFP Volume
2,Section 5.3 Anti-
APT
The Proposed solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for
Sandboxing. This requirement should be based
on virtual execution and should not be
Hardware or chip based function.
This is a repeat of the specification under "HIPS" on
page 149 and on 150-151 under "Endpoint
protection and storage protection" of the tender
document. It seems there is a attempt to have only
single OEM participate. We suggest to move this to
Anti-APT which should read as "The Proposed
solution should support customizable Windows
7/8/10/Microsoft 2008/12 operating environments
for Sandboxing. "
Please refer to the corrigendum 6
1111
RFP Volume
2,Section 5.3 Anti-
APT
157
The proposed solution should support exporting
of analysis results such as C&C server IP and
malicious domain listing and solution should
have capabilities to scan inside password
protected Archive and should have capabilities
to detect Malwares and Spywares on windows
and non-windows platforms.
Password protected files cannot be cracked, these
can be blocked/deleted only. It is therefore
requested to change the specification to read as
"The proposed solution should support exporting of
analysis results such as C&C server IP and malicious
domain listing and solution should have capabilities
to detect/block/delete password protected Archive
and should have capabilities to detect Malwares
and Spywares on windows and non-windows
platforms."
RFP conditions Prevails
1112
RFP Volume
2,Section 5.3 Anti-
APT
157
The proposed solution should have option to
configure unrestricted internet for sandboxes
and proposed solution must have capabilities to
detect Mac, Linux and mobile malwares.
Does unrestricted internet for sandbox mean that
sandboxing can be on cloud of OEM? Also, please
help us in understanding Mobile malwares?
RFP conditions prevailsAPT solution sholud be on Primise
sandbox solution
Suggested: Anti-APT
uncovers, prioritizes,
investigates, and
remediates advanced
threats across endpoint,
network, email, and web
traffic. Anti-APT
automatically sends
suspicious files to
sandboxing system for
rapid detection of even the
most complex and the
stealthiest advanced
attacks. Malware behaves
differently when executed
in a SandBox environment
than on a workstation, and
that difference can result
in some files not being
properly identified as
malware, Anti-APT There is
a need to train people
managing anti-APT,
understand proactive
planning and risk
management as well as
deployment, configuration
and assessment for Smart
City.
Minimum Specifications:
1. Detect network ingress
of a potential threat, and
automatically determine if
that threat was blocked by
on endpoint. So, that
attack will be prioritized
much lower on the list to
drastically reduce the
number of security events
analysts needs to examine
2. Sandbox containment of
operating system and
application processes
3. Access the binary
assembly code and
perform static analysis
based on common or
unique indicators
4. Provides anomaly
detection to detect and
report on suspicious
information found in a file.
Prefrable capabilities to
include, TLS callback
activity, CVE and exploit
detection, shell-code
detection, debugger
detection, watermark
tampering, and non-
standard file alignment,
RFC compliant etc
5. Collect and share the
threat intelligence from /
to external sources using
industry formats such as
STIX ,TAXII, etc.
6. Detect command and
control traffic activity with
IP level events, URL events,
and DNS activity using
detection mechanisms like
static analysis, behavioral
analysis, and reputation
analysis from intelligence
netwok.
7. Perform analysis on
"known" & "unknown"
content. Scaning files
using whitelisting, dual-AV,
file hash reputation, &
static code analysis looking
for known good & known
bad content. Send
unknown files & URLs are
sent to sandbox for
determination in a
customized sandbox
environment.
8. Dashboard to include
the latest high risk tasks,
search capabilities, recent
samples, multiple
processing stats, e.g.
queue size, sandbox
execution time, event
count, tasks complete, and
risk scores over say last 24
hours
9. Prevent zero-day threats
that exploit vulnerabilities
in popular software by
monitoring process
memory and preventing
such attacks
10. Query endpoints to
verify indicators (file hash,
registry changes, URLs,
process name, registry
changes, etc.) and take
action.
11. Provide Anti-virus,
malware, and spyware
scanning with one or
multiple simultaneous anti-
virus vendors at network
12. Quarantine endpoint if
the endpoint is not
compliant to the
compliance (like checking
of the missing OS patches,
outdated anti-virus
definitions, less disk space,
etc) check based on policy
to meet organizations
requirements.
13. At endpoint analyze
incoming data and blocks
threats while they travel
through the network
before hitting the system.
14. At endpoint should
1113
RFP Volume
2,Section 5.3 Anti-
APT
157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. AntiAPT
solution should share intelligence with
endpoint, security web gateway solution,
HIPSserver security & NIPS, similarly endpoint
and security web gateway, NIPS & HIPS(Server
Security) should submit files to AntiAPT solution
for analysis and all three (AntiAPT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console.
Only one OEM can qualify this specification. The
OEM has to have all these solutions. Therefore, It
seems there is a attempt to have only single OEM
participate. Moreover, the said OEM does not want
to be managed by single console. We suggest to
delete this specification so that leading OEMs can
participate and It is suggested to rephrase the
specification to read "The Proposed solution should
share Indicators of compromise for mitigation and
clean up with AV endpoint and network anti-APT.
The solution should share intelligence with all
controls points (endpoint, web, network) and
submit files to anti-apt for analysis. All the control
points should be centerally managed." so that all
leading OEMs can participate.
RFP conditions prevails
A single dashboard is required to
get the central visibility
The Proposed solution should have
option to share Indicators of
compromise for mitigation and
clean up with AV endpoint and
Web gateway to block threat at
web gateway level and network
level through NIPS. AntiAPT
solution should share intelligence
with endpoint, security web
gateway solution, HIPS server
security & NIPS, similarly endpoint
and security web gateway, NIPS &
HIPS (Server Security) should
submit files to AntiAPT solution for
analysis and all three (AntiAPT,
Web Security, Email security,
Endpoint, HIPS (server security)
solution should manage through
single management console.
1114
RFP Volume
2,Section 5.3,Anti-
virus
160 Antivirus shall have built in URL filtering. This is again a OEM specific. Please delete this.
Suggestion: Secure Web
gateway must be an
appliance based solution
Minimum Requirements:
1.Provided Should be on
premise solution. Solution
shall be used as Proxy
Appliance for internet
browsing .
2.Proposed solution must
have in recent Gartner
leader quadrant
3.Solution should have
Proxy cache features and
Content-filtering and have
enterprise class dual AV
support. The Provided
must have dual AV and
from Gartner leaders
Quadrant
4.Solution must have
Reverse proxy function in
same appliance.
5.The proposed solution
must have scallability
option without changing
the appliance.
6.Solution should be
Please refer to the corrigendum 6
1115
RFP Volume
2,Section 5.3,Anti-
virus
We suggest to have deception technology as a part
of endpoint protection so that lucknow smart city
will be able to detect and identify attackers during
the early stages of a breach.
This will enable to find
unknow malware exisitng
in the system to find out
its intent.
RFP conditions Prevails
1116
RFP Volume
2,Section 5.3,Anti-
virus
We suggest to have endpoint protection to deploy
customizable baits across the endpoint installation
and expose hidden adversaries. These decoys must
which include fake credentials, files and other
enticing assets. This will help , exposing
attacker/hacker without him/her knowing.
This will enable to find
unknow malware exisitng
in the system to find out
its intent.
RFP conditions Prevails
1117
Volume 1:-
Instructions to
Bidder
Section:- 3.4.1:- Pre
Qualification
Criteria
34
1. The Sole Bidder or Lead Bidder and each of
the members of the consortium, (in case of a
consortium), should be registered under
Companies Act, 1956/2013 or as amended. The
Sole Bidder or the Lead bidder (in case of a
consortium) should be in operation in India for a
period of at least 5 years as on 31st March 2017.
In case of a Consortium, each of the consortium
member other than the Lead Bidder should be
in operation in India for a period of at least 3
years as on 31st March 2017
Kindly increase the operation of the organization to
20 Years RFP conditions Prevails
1118
Volume 1:-
Instructions to
Bidder Section:-
3.4.1:- Pre
Qualification
Criteria
35
3.The Sole Bidder or the Lead Bidder should
have positive net worth as on 31st March 2017
as per the audited consolidated financial
statements For the purpose of this criterion, net
worth of only the bidding entity will be
considered.
Kindly make the clause for at least one year as a
positive net worthRFP conditions Prevails
1119
Volume 1:-
Instructions to
Bidder
Section:- 3.4.1:- Pre
Qualification
Criteria
367. The sole bidder or lead bidder /consortium
partner should have CMM level 5.
Kindly add PSU under Ministry of Communications &
IT in the clause as a lead bidderRFP conditions Prevails
1120
Volume 1:-
Instructions to
Bidder
Section:- 3.4.1:- Pre
Qualification
Criteria
36
8.The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
Kindly remove City Centric RFP conditions Prevails
Suggested: Anti-APT
uncovers, prioritizes,
investigates, and
remediates advanced
threats across endpoint,
network, email, and web
traffic. Anti-APT
automatically sends
suspicious files to
sandboxing system for
rapid detection of even the
most complex and the
stealthiest advanced
attacks. Malware behaves
differently when executed
in a SandBox environment
than on a workstation, and
that difference can result
in some files not being
properly identified as
malware, Anti-APT There is
a need to train people
managing anti-APT,
understand proactive
planning and risk
management as well as
deployment, configuration
and assessment for Smart
City.
Minimum Specifications:
1. Detect network ingress
of a potential threat, and
automatically determine if
that threat was blocked by
on endpoint. So, that
attack will be prioritized
much lower on the list to
drastically reduce the
number of security events
analysts needs to examine
2. Sandbox containment of
operating system and
application processes
3. Access the binary
assembly code and
perform static analysis
based on common or
unique indicators
4. Provides anomaly
detection to detect and
report on suspicious
information found in a file.
Prefrable capabilities to
include, TLS callback
activity, CVE and exploit
detection, shell-code
detection, debugger
detection, watermark
tampering, and non-
standard file alignment,
RFC compliant etc
5. Collect and share the
threat intelligence from /
to external sources using
industry formats such as
STIX ,TAXII, etc.
6. Detect command and
control traffic activity with
IP level events, URL events,
and DNS activity using
detection mechanisms like
static analysis, behavioral
analysis, and reputation
analysis from intelligence
netwok.
7. Perform analysis on
"known" & "unknown"
content. Scaning files
using whitelisting, dual-AV,
file hash reputation, &
static code analysis looking
for known good & known
bad content. Send
unknown files & URLs are
sent to sandbox for
determination in a
customized sandbox
environment.
8. Dashboard to include
the latest high risk tasks,
search capabilities, recent
samples, multiple
processing stats, e.g.
queue size, sandbox
execution time, event
count, tasks complete, and
risk scores over say last 24
hours
9. Prevent zero-day threats
that exploit vulnerabilities
in popular software by
monitoring process
memory and preventing
such attacks
10. Query endpoints to
verify indicators (file hash,
registry changes, URLs,
process name, registry
changes, etc.) and take
action.
11. Provide Anti-virus,
malware, and spyware
scanning with one or
multiple simultaneous anti-
virus vendors at network
12. Quarantine endpoint if
the endpoint is not
compliant to the
compliance (like checking
of the missing OS patches,
outdated anti-virus
definitions, less disk space,
etc) check based on policy
to meet organizations
requirements.
13. At endpoint analyze
incoming data and blocks
threats while they travel
through the network
before hitting the system.
14. At endpoint should
1121
Volume 1:-
Instructions to
Bidder
Section:- 3.4.1:- Pre
Qualification
Criteria
36-37
9. The Sole Bidder or any consortium member
(in case of consortium) should have experience
of Operation and maintenance of network
comprising software, ICT hardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
Kindly increase the project value to 7 Crore RFP Conditions prevails
1122
Volume 1:-
Instructions to
Bidder
Section:- 3.5.1:-
Technical Bid
Criteria &
Evaluation
39
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or
Lead bidder (in case of consortium) over the last
three Financial years Marks shall be allotted as
given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore
= 6.5 marks
•More than INR 20 Crore – up to INR 30 Crore =
6 marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks “Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management •Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
Kindly change the marking scheme as:-
• More than INR 200 Crore = 7 marks
• More than INR 150 Crore – up to INR 200 Crore =
6.5 marks
•More than INR 100 Crore – up to INR 150 Crore = 6
marks
•More than equal to INR 50 Crore - up to INR 100
Crore = 5 marks “Specific Business Areas” 100 Crore
= 5 marks “Specific Business Areas”
Please refer to the corrigendum 6
1123
Volume 1:-
Instructions to
Bidder
Section:- 3.5.1:-
Technical Bid
Criteria &
Evaluation
39
Marks shall be allotted as given below:
•CMM level 5 =3 marksKindly add PSU under Ministry of Communication &
IT so that we can participate as wellRFP Conditions Prevails
1124
Volume 1:-
Instructions to
Bidder
Section:- 3.5.1:-
Technical Bid
Criteria &
Evaluation
39-40
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of RFP. .Marks shall be
allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Kindly remove the specification of City Centric Please refer to the corrigendum 6
1125
Volume 1:-
Instructions to
Bidder
Section:- 3.5.1:-
Technical Bid
Criteria &
Evaluation
41 City centric software Integration Projects Remove clause of City Centric RFP Conditions prevails
1126
Volume 1:-
Instructions to
Bidder
Section:- 3.5.1:-
Technical Bid
Criteria &
Evaluation
42
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of delivery)
with the above mentioned technology stack.
Marks shall be allotted as below:
• Four Projects = 10 marks •Three Projects = 8
marks • Two Projects =6 marks
Kindly add C#, .Net, SQL as well Please refer to the corrigendum 6
1127
Volume 2:- Scope of
Work
1.Project Scope of
Work
4-5
Level 2: Integration & View
1. E-governance (IGRS, PGRS, Property Tax etc.)
2. ICT Enabled Solid Waste Management System
3. Smart Parking (for future integration)
4. Energy Efficient Smart Street Lighting Solution
(for future integration)
5. Intelligent Traffic Management System (for
future integration)
6. ICT for City Bus Services (for future
integration)
7. City Surveillance
8. UP Dial 100
9. Integration of SCADA Systems (Water Supply,
Sewerage Pumping Station etc.) (for future
integration)
10. GPS Tracking of Vehicles
11. Unified Smart Mobility Card
12. Biometric Attendance System of Sanitary
Workers
13. Any Other City Level Initiative.
For integration, MSI requires the APIs of these
already existing solutions. Who is going to provide
MSI with the APIs?
RFP conditions prevailsMSI has to study and integrate the
existing system
1128
Volume 2:- Scope of
Work
1.Project Scope of
Work
5
3: Integration, View & Operate
1. Geographical Information Systems (GIS) & GIS
City Portal
2. LSCL App (Mobile App).
3.Lucknow Smart City Website
(https://www.lucknowsmartcity.com)
For integration, MSI requires the APIs of these
already existing solutions. Who is going to provide
MSI with the APIs?
RFP conditions Prevails
1129
Volume 2:- Scope of
Work
1.Project Scope of
Work
1.3 Development
Phase
8
Considering the scope set in this RFP, the MSI
shall carefully understand the various prevailing
Smart City solutions which are currently under
implementation and envisaged in near future
and explicitly mention the same in the technical
proposal.
Existing solution and the future solution that are
prevailing and are to be integrated, MSI requires
APIs for the integration. Who is going to provide
MSI with the APIs?
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1130
Volume 2:- Scope of
Work
1.Project Scope of
Work
1.4 Finalization &
Submission of a
detailed technical
architecture
13
• GIS Integration- MSI shall undertake detail
assessment for integration of all the Field level
ICT interventions proposed with the existing
Geographical Information System (GIS). MSI is
required to carry out the seamless integration to
ensure ease of use of GIS in the Dashboards in
Command Control Centers. If this requires field
survey, it needs to be done by MSI. If such a
data is already available with city, it shall
facilitate to provide the same. MSI is to check
the availability of such data and it's suitability
for the project. MSI is required to update GIS
maps from time to time.
Here it is written about the site survey. As in the
RFP, it is written about the integration and view &
operate of the GIS module. This means that the GIS
module is already developed and we just need to
integrate it with the help of APIs. Survey is required
when we have to develop the GIS mapping from the
scratch. Kindly clarify.
Please refer to the corrigendum 6
1131
Volume 2:- Scope of
Work
1.Project Scope of
Work
1.4 Finalization &
Submission of a
detailed technical
architecture
13
• SMS Gateway Integration- MSI shall carry out
SMS Integration with the Smart City System and
develop necessary applications to send mass
SMS to groups/individuals. Any external/third
party SMS gateway can be used, but this needs
to be specified in the Technical Bid, and
approved during Bid evaluation.
Do MSI need to provide the SMS Gateway?? RFP conditions Prevails
1132
Volume 2:- Scope of
Work
1.Project Scope of
Work
1.5 Other
expectations from
MSI
18
28. The MSI shall directly interact with
electricity boards for provision of electric supply
at all desired locations including any Field
Infrastructure solution mentioned in the RFP
document. The Lucknow Smart City shall
facilitate, if any documentation is required from
its Side. The MSI will submit the bill for
reimbursement on quarterly basis to the
Lucknow Smart City Limited.
The desired locations will be ICCC, locations where
environmental sensors are placed and Variable
message sign boards?
RFP conditions Prevails
1133
Volume 2:- Scope of
Work
2.Level 1:
Implement, View &
Operate
2.2 Variable
Message Sign Board
23
Scope of Work:
The VaMS unit shall be able to communicate
with the Command Control Centre system using
GSM Data/ Wi-Fi/ Ethernet/SMS Channel. GSM
data channel (GPRS) / Wi-Fi/ Ethernet shall be
used to send online messages and SMS channel
shall be used to send configuration packets to
configure the SIM.
Who will provide the SMS Channel? RFP conditions Prevails
1134
Volume 2:- Scope of
Work
2.Level 1:
Implement, View &
Operate
2.3 Centralized
Command & Control
Centre
29
MSI should be able to provide Unified view for
each Departments:
Solid Waste Management
Intelligent Traffic Management System
ICT for City Bus Services
Smart Electricity Meter and Water SCADA
Environmental Sensors
City Surveillance
Variable Message Sign Boards
e-Governance/Mobile App
Mobility card
Any other Feeds as defined in this document or
feed from Future Integration
APIs of those systems that are already implemented
and those that are required to be implemented, are
not in MSI’s scope are required. Who will provide
those APIs?
RFP conditions prevails MSI has to study and integrate the existing system
1135
Data Centre TOR
(Top of the Rack )
Switch
Ports: • 24 or 48 (as per density required) 1G/
10G Ethernet ports (as per internal connection
requirements) and extra 2 numbers of Uplink
ports (40GE)
• All ports can auto-negotiate between all
allowable speeds, half-duplex or full duplex and
flow control for half-duplex ports.
Ports: 48 (as per density required) 1G/ 10G Ethernet
ports (as per internal connection requirements) and
extra 4 numbers of Uplink ports (10GE/ 40GE)
• All ports can auto-negotiate between all allowable
speeds, half-duplex or full duplex and flow control
for half-duplex ports.
RFP conditions Prevails
1136
Data Centre TOR
(Top of the Rack )
Switch
Switch type: Layer 3 RFP conditions Prevails
1137
Data Centre TOR
(Top of the Rack )
Switch
MAC: Support 32K MAC address. RFP conditions Prevails
1138
Data Centre TOR
(Top of the Rack )
Switch
Backplane: Capable of providing wire-speed
switchingRFP conditions Prevails
1139
Data Centre TOR
(Top of the Rack )
Switch
Throughput: 500 Mpps or betterThroughput: 500 Mpps or better and low latecy of
less than < 600ns for better performanceRFP conditions Prevails
1140
Data Centre TOR
(Top of the Rack )
Switch
Port Features: Must support Port Mirroring, Port
Trunking and 802.3ad LACP Link Aggregation
port trunks
Port Features: Must support Port Mirroring, Port
Trunking and 802.3ad LACP Link Aggregation port
trunks
Switch must supprt Stacking of 160Gbps to create
Virtualized Switching Architecture
RFP conditions Prevails
1141
Data Centre TOR
(Top of the Rack )
Switch
Flow Control: Support IEEE 802.3x flow control
for full-duplex mode ports.RFP conditions prevails Query not clear
1142
Data Centre TOR
(Top of the Rack )
Switch
Protocols:
• IPV4, IPV6
• Support 802.1D, 802.1S, 802.1w, Rate
limiting
• Support 802.1X Security standards
• Support 802.1Q VLAN encapsulation, IGMP
v1, v2 and v3 snooping
• 802.1p Priority Queues, port mirroring
• DHCP support
• Support up to 1024 VLANs
• Support IGMP Snooping and IGMP Querying
• Support Multicasting
• Should support Loop protection and Loop
detection
• Should support Ring protection
Protocols:
• IPV4, IPV6
• Support 802.1D, 802.1S, 802.1w, Rate limiting
• Support 802.1X Security standards
• Support 802.1Q VLAN encapsulation, IGMP v1,
v2 and v3 snooping
• 802.1p Priority Queues, port mirroring
• DHCP support
• Support up to 1024 VLANs
• Support IGMP Snooping and IGMP Querying
• Support Multicasting
• Should support Loop protection and Loop
detection
• Should support Ring protection
• Should support 1588 PTP Precision Time
Protocol
• Should support Equal Cost Multiple Path
• Should support MPLS Layer 2 VPN (VPLS/VPWS),
BGP based Layer 3 VPNs & MPLS Fast
Reroute to support rapid local convergence around
network failures
RFP conditions Prevails
1143
Data Centre TOR
(Top of the Rack )
Switch
Access Control:
• Support port security
• Support 802.1x (Port based network access
control).
• Support for MAC filtering.
• Should support TACACS+ and RADIUS
authentication
RFP conditions prevails Query not clear
1144
Data Centre TOR
(Top of the Rack )
Switch
VLAN:
• Support 802.1Q Tagged VLAN and port based
VLANs and Private VLAN
• The switch must support dynamic VLAN
Registration or equivalent
• Dynamic Trunking protocol or equivalent
RFP Conditions prevails
1145
Data Centre TOR
(Top of the Rack )
Switch
Protocol and Traffic:
• Network Time Protocol or equivalent Simple
Network Time Protocol support
• Switch should support traffic segmentation
• Traffic classification should be based on user-
definable application types: TOS, DSCP, Port
based, TCP/UDP port number
RFP conditions prevails Query not clear
1146
Data Centre TOR
(Top of the Rack )
Switch
Management:
• Switch needs to have a console port for
management via a console terminal or PC
• Must have support SNMP v1,v2 and v3
• Should support 4 groups of RMON
Should have accessibility using Telnet, SSH,
Console access, easier software upgrade
through network using TFTP etc. Configuration
management through CLI, GUI based software
utility and using web interface.
Management:
• Switch needs to have a console port for
management via a console terminal or PC
• Must have support SNMP v1,v2 and v3
• Should support 4 groups of RMON
Should have accessibility using Telnet, SSH,
Console access, easier software upgrade through
network using TFTP etc. Configuration management
through CLI, GUI based software utility and using
web interface.
RFP conditions prevails Query Not Clear
1147 Vol 1, PQ 4 35
The Sole Bidder or the Lead Bidder of
consortium, in case of a Consortium, should
have office in Lucknow or should furnish an
undertaking that the same would be established
As the bidder may already have a registered office
in state of U.P, we request to dilute it specifically to
be in city of Lucknow. While project office during
the work implementation can be established , it may
not feasible for bidder to open a registered office
when there is already a registered office in state.
Please modify as follows:
The Sole Bidder or the Lead Bidder of consortium, in
case of a Consortium, should have office in Lucknow
UP or should furnish an undertaking that the same
would be established
RFP conditions Prevails
1148 Vol 1, PQ2 35 Annual turn over
Please clarify in case of consortium , lead bidder
should have turn over of 5 cr for speccific business
areas along with 2.5 cr for other consortium
partners. Or each member including lead bidder
should have avg. 2.5 cr.
Please refer to the corrigendum 6
1149 Vol 1, PQ8 36
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials if consortium
member credentials can notbe used. We request to
modify as follows keeping in view consortium
requirement for PQ and TQ as per all other smart
city bids to encourgae more bidders to participate:
The sole bidder or lead bidder The bidder( or any
member of consortium) should have completed at
least two projects in Govt/ Semi Govt/ PSU; in the
field of development and integration of citizen
centric web portal / mobile app, database
management /data warehousing/ business analytics
/ cloud applications on the date of release of NIT.
Please refer to the corrigendum 6
1150 Vlo 1, 3.5.1. A 39 Technical Criteria- Annual Turn over
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials. We request to
modify keeping in view consortium requirement for
PQ and TQ as per all other smart city bids to
encourgae more bidders to participate:
Request to dilute to consider turn over from
consortium partner also.
Please refer to the corrigendum 6
1151 Vlo 1, 3.5.1. A 39 CMM level 5In PQ this certifcate is asked from any member of
consortium. Please change here as wellPlease refer to the corrigendum 6
1152 Vlo 1, 3.5.1. B1 39
B1. The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials if consortium
member credentials are not allowed. We request to
modify keeping in view consortium requirement for
PQ and TQ as per all other smart city bids to
encourgae more bidders to participate:
The Sole Bidder or lead member (in case of
consortium) Bidder or any member of consortium
should have been awarded and successfully
executed & commissioned project(s) related to
development and integration of citizen
Please refer to the corrigendum 6
1153 Vlo 1, 3.5.1. B2 40
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects
Marks shall be allotted as below:
1. Four Projects: 10 marks
2. Three Projects: 8 marks
3. Two projects: 6 marks
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials. We request to
modify keeping in view consortium requirement for
PQ and TQ as per all other smart city bids to
encourgae more bidders to participate:
The Sole Bidder or lead member (in case of
consortium) Bidder or any member of the
consortium should have experience in the field of
City centric software Integration Projects Marks
shall be allotted as below:
1. Four Three Projects: 10 marks
2. Three Two Projects: 8 marks
3. Two One projects: 6 marks
Please refer to the corrigendum 6
1154 Vol 1, 3.5.1. B3 40 Software platform
The Sole Bidder or lead member (in case of
consortium) Bidder or any of the consortium
member should have experience in developing and
implementing IT software projects in India
RFP conditions Prevails
1155 Vol1 , Annexure 7 101
The Parties shall be jointly and severally
responsible and bound towards the Authority
for the performance of the works in accordance
with the terms and conditions of the BID
document or contract
Bidder request to modify the clause in line with
other smart city (Belgavi, varanasi, Gandhinagar,
Warangal etc.) . A consortium member may have a
very limited scope in the rfp and most of the
reputed companies do not responsiblity of some
thing which is not in their scope:
Lead Bidder shall be jointly and severally
responsible and bound towards the Authority for
the performance of the works in accordance with
the terms and conditions of the BID document or
contract. Consortium members will be responsible
and liable only for their scope of work
RFP conditions prevails
1156 Vol1 , Right to vary Quantity 30
At the time of award of contract, the quantity of
goods, works or services originally specified in
the bidding documents may be
increased/decreased. It of the Bid and the
bidding documents.
Please limit the varitation to +-10% RFP Conditions Prevails
1157 Vol1 , 4.4 49
During the comprehensive warranty period, the
successful bidder shall provide all product(s) and
documentation updates, patches/fixes, and
version upgrades within 15 days of their
availability and should carry out installation and
make operational the same at no additional cost
to authority
Bidder understand here the upgrades doesnot mean
hardware upgrade as it is not possible to upgrade
the hardware whenever there is new upgrade
availble. It will be as per specification mention in
RFP. For Software only free availbale updates from
OEM can be provided as there is no way to find the
cost at bidding stgae of any paid upgrades or
updates. Bidder will maintain both hardware and
software during maintaince period. Please confirm
the bidder udnerstanding
RFP Conditions Prevails
1158 Volume 1, BoQ 88,89
Ceiling Speakers,Audio Processor, Audio
Distribution Amplifier,Audio Extractor,AV Auto
Switcher,
Please provide list of rooms where mentioned AV
equipment are required to installed along with
functional requirements
Please refer to the corrigendum 6
1159 Volume 1 92 Environmental Sensor Please confirm quantity of Environmental Sensors RFP is self explanatory
1160 Vol 3 , 5.3 7
The Authority reserves the right to amend any
of the terms and conditions in relation to the
Contract/Service Specifications and may issue
any such directions which are not necessarily
stipulated therein if it deems necessary for the
fulfilment of the Schedule of Requirements.
The clause is unilateral in nature.Please modify the
clause keeping in view the changes in other smart
city bid as follows:
The Authority reserves the right to amend any of
the terms and conditions in relation to the
Contract/Service Specifications with mutual
discussion and agreement and may issue any such
directions which are not necessarily stipulated
therein if it deems necessary for the fulfilment of
the Schedule of Requirements.
RFP conditions Prevails
1161 Vol 3 , 9.2 8
The Consortium member has agreed that SI is
the prime point of contact between the
Consortium member and the Authority and it
shall be primarily responsible for the discharge
and administration of all the obligations
contained herein and, the Authority, unless it
deems necessary shall deal only with SI. SI along
with all consortium members shall be jointly and
solely responsible for the project execution
Bidder request Modification as follows:
The Consortium member has agreed that SI is the
prime point of contact between the Consortium
member and the Authority and it shall be primarily
responsible for the discharge and administration of
all the obligations contained herein and, the
Authority, unless it deems necessary shall deal only
with SI. SI along with all consortium members shall
be jointly and solely responsible for the project
execution and consortium members will be
responsible and liable for their scope of work
RFP conditions Prevails
1162 Vol 3 , 9.4 9
9.4. The Authority reserves the right to review,
approve and require amendment of the terms of
the Consortium Contract or any contract or
agreements entered into by and between the
members of such Consortium and no such
agreement/contract shall be executed,
amended, modified and/or terminated without
the prior written consent of the Authority. An
executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
The clause is unilateral in nature.Please modify the
clause keeping in view the changes in other smart
city bid such as Varanassi, Waranagal, Belgavi etc. as
follows. There is consortium agreement given in the
RFP which will be submitted along with Bid. Any
other agreement between consortium members
should be out of perview of authority as it depneds
on larger strategic alignments between partners.
The Authority reserves the right to review, approve
and require amendment of the terms of the
Consortium Contract or any contract or agreements
entered into by and between the members of such
Consortium and no such agreement/contract shall
be executed, amended, modified and/or terminated
without the prior written consent of the Authority.
An executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
RFP conditions Prevails
1163 Vlo 3, clause 15 18
Regardless of anything contained (except for SI's
liability for bodily injury and/ or damage to
tangible and real property for which it is legally
liable and it's liability for patent and copyright
infringement in accordance with the terms of
this Agreement) the total liability of SI, is
restricted to the total value of the contract and
SI is notresponsible for any third party claims.
Bidder Requests Modification-
Regardless of anything contained (except for SI's
liability for bodily injury and/ or damage to tangible
and real property for which it is legally liable and it's
liability for patent and copyright infringement in
accordance with the terms of this Agreement) the
total liability of SI, is restricted to the total Annual
value of the contract and SI is notresponsible for
any third party claims.
RFP conditions Prevails
1164 Vol 3, 17.4 20
Where the Authority is of the view that no
further extension of the term be granted to SI,
the Authority shall notify SI of its decision at
least 3 (three) months prior to the expiry of the
Term. Upon receipt of such notice, SI shall
continue to perform all its obligations
hereunder, until such reasonable time beyond
the Term of the Contract within which, the
Authority shall either appoint an alternative
agency/SI orcreate its own infrastructure to
operate such Services as are provided under
thisContract.
There should be a time limit to which term is
extended. Bidder request Modification as follows:
Where the Authority is of the view that no further
extension of the term be granted to SI, the
Authority shall notify SI of its decision at least 3
(three) months prior to the expiry of the Term.
Upon receipt of such notice, SI shall continue to
perform all its obligations hereunder, until such
reasonable time one month beyond the Term of the
Contract within which, the Authority shall either
appoint an alternative agency/SI orcreate its own
infrastructure to operate such Services as are
provided under thisContract.
RFP conditions Prevails
1165 Vol 3, 28.3 25
This limitation of liability shall not affect SI
liability, if any, for damage to Third Parties
caused by SI or any person or company acting on
behalf of SI in carrying out the Services
This is uncapped Liablity. As a standard change in
the recent smart city bids like gandhinagar, belgavi
etc. it should be capped. Request modification as
follows:
This limitation of liability shall not affect SI liability,
if any, for damage to Third Parties caused by SI or
any person or company acting on behalf of SI in
carrying out the Services. The total liablity shall be
limited to total contract value.
RFP conditions Prevails
1166 Vol 3, 28.3 31
Each Party shall be responsible for its own costs
incurred in the quotation, preparation of CCNs
and in the completion of its obligations
described in this process provided SI meets the
obligations as set in the CCN. In the event SI is
unable to meet the obligations as defined in the
CCN then the cost of getting it done by third
party shall be borne by SI. Change requests and
CCNs shall be reported monthly to each Party's
representative who shall prioritize and review
progress.
This is uncapped risk purchase. Cost of work being
done by thrid party should be maximum of the item
rate submitted with bid. Wwe request following
modifications:
Each Party shall be responsible for its own costs
incurred in the quotation, preparation of CCNs and
in the completion of its obligations described in this
process provided SI meets the obligations as set in
the CCN. In the event SI is unable to meet the
obligations as defined in the CCN then the cost of
getting it done by third party shall be borne by SI.
Such cost will not exceed the item rate
submitted.Change requests and CCNs shall be
reported monthly to each Party's representative
who shall prioritize and review progress.
RFP conditions Prevails
1167 Vol 3, 42.3 45
Maximum Penalty applicable for any quarter
shall not exceed 30% of the ‘applicable fees’ for
the respective quarter.
Bidder request clarification that the maximum
capping of L.D for the entire duration of project is
capped at 10% of the total contract value as
mentioned in the clause 27.5 of vol 3 " The
deduction shall not in any case exceed 10 % of the
contract value.". Please confirm
RFP conditions Prevails
1168 Vol 3, 42.3 45
Maximum Penalty applicable for any quarter
shall not exceed 30% of the ‘applicable fees’ for
the respective quarter.
As is normal practice in industry and in all the smart
city RFPs, we request follwing modification:
Maximum Penalty applicable for any quarter shall
not exceed 30% 10% of the ‘applicable fees’ for the
respective quarter.
RFP conditions Prevails
1169 Volume 2 6
The estimate prepared shall be as per the
prevailing Schedule of Rates and for items not
available in the SOR, Data Rate shall be worked
out. The Client/Authority shall accord approval
for the same prior to commencement of
work),LAN Networking.
Please confirm the basis of defining prevailing
schedule of RatesRFP conditions Prevails
1170 Volume 2 11Redundancy has to be considered at the
core/data centre components level.
Please confirm level of redundancy needs to be
considered for Applications and core/data centre
components
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1171 Volume 2 13 GIS IntegrationPlease confirm required licenses for GIS Integration
will be provided by LSCLPlease refer to the corrigendum 6
1172 Volume 2 20
Digital Display Unit - Shall receive information
from the central application System and operate
accordingly
Please confirm whether Digital Display unit is an
integral part of Environmental sensor or it has be
provided as a separate unit, if yes, please provide
specifications
RFP Conditions Prevails
1173 Volume 2 21 CO2 : 0 to 10% / 0 to 20%If it goes beyond 5% it will be lethal. Hence request
you to change it to 05% (5000ppm)RFP Conditions Prevails
1174 Volume 2 21-22
O2 : 0 to 10% / 0 to 25% (2 ranges each,
maximum range ratio 1: 25 except O2)
*Optionally, N2O and CH4 can be measured
As O2 is not a pollutant and there is no need to
measure O2. Hence Request it to be remove. Also
N20 & CH4 both are not urban Pollutant and is not
used to Calculate AQI hence request to be removed.
Please refer to the corrigendum 6
1175 Volume 2 22 Real-time in Air Humidity Level DisplayOn Command Centre or VMD for which feed wil be
provided from Command CentreRFP Conditions Prevails
1176 Volume 2 21 General
Request you to add following features
- Calculate and display AQI (National Air Quality
Index)
- Show the AQI values with its colour schema as per
Indian guidelines
- Provide Alerts if AQI values cross th threshold
limits
RFP conditions prevails
1177 Volume 2 31 Web Portal & Mobile APPPlease confirm no. of concurrent user for Mobile
ApplicationRFP Conditions Prevails
1178 Volume 2 40 Edge ComputingPlease confirm whether Edge Computing devices are
required to be considered as part of the scopeRFP Conditions Prevails
1179 vol-2 : Scope of Work 29
MSI should be able to provide Unified view for
each Departments:
or feed from Future Integration
Bidder understanding is data feed for these
applications will be available to SI at ICCC and
bidder has to do integration. To get the view of all
these departments, network connectivity between
these departments and the ICCC are required. We
understand LSCL would provide the same as bidder
is not implementing agency for these soltuions and
is not part of this RFP. Pls confirm
RFP Conditions Prevails
1180 vol-2 - 2.3 Centralized Command & Control Centre30
MSI should setup a dedicated helpdesk to
support the field infrastructure laid out as part
of the RFP.
how many resources should be planned? Will it be
24*7 on shift basis? Hope LSCL would be pay for the
telephone bills on actuals?
Please refer to the corrigendum 6
1181 vol-2 - 2.3.1 General Requirements:59ICCC solutions should have a SMS gateway for
sending messages to citizens.
do we need have the captive SMS gateway at the
ICCC? Pls clarify RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1182 Volume 2 65The DCMS shall be able to accept a minimum
input of four (4) CATV videosources
Please confirm whether these CATV inputs are LAN
inputs or signal to be routed via
transmitter/receivers.
RFP Conditions Prevails
1183 Volume 2, 2.4 68 Site prepration for command and control center
The requirement given in this section is purely DC
requirment and CCC requirment is not cleared like:
Access Control : Do we need Biometric for DC only
or for Command Control Center as well.
Fire Suppression : we require gas based Suppression
system for DC or CCC.It is not recommended to
install gas based suppression system in CCC.
Please refer to the corrigendum 6
1184 Vloume 2, 2.4.2 69
The MSI shall install the top false ceiling with 1’
6” of space from the
actual room ceiling
Please share the Height of the floor .
From Actual ceiling to actual flooring with beam
dropping
RFP Conditions Prevails
1185 Vloume 2, 2.4.3 69
The MSI shall be responsible for raised flooring
and provide for suitable pedestal and under
structure designed to withstand various static
and rolling loads subjected to it in server racks.
The entire raised floor shall have laminated floor
covering and beadings on all sides of the
panel.
Do we need to consider the raised flooring in the
CCC as well or it is for DC only.Please refer to the corrigendum 6
1186 Vloume 2, 2.4.4 70
Two incoming HT feeder supply from different
sub-stations. Even if
one feeder is down, the other one keeps power
available.
Does Department provide the power from 2
different substation to proposed buildignPlease refer to the corrigendum 6
1187 Vloume 2, 2.4.5 70
Since Data center is a critical area, precision air
conditioning system shall be
exclusively installed to maintain the required
temperature.
Please share the cooling requirment and type of
cooling we need to consider for the Command
Control Center.
Please refer to the corrigendum 6
1188 Vol 2, 2.4.7 71Operations and maintenance of DG Set. SI shall
be responsible for fuel
Request to please remove the fuel from SI scope as
it is not allowed by law for MSI to procure fuel. Also
there is no way for the SI to consdier this cost in the
bid which depends on many factors like load, usage,
power cut , rate flactuations etc. MSI will manage as
part of O&M but fuel procurement needs to be
done by customer.
Please refer to the corrigendum 6
1189RFP Vol-2,2.4.11
CCTV system72
All important areas of the Data center,Command
and Control Center along with the non-critical
areas like locations for DG sets, entry exit of
Command Center, Entry and Exit of building
premises need to be under constant video
surveillance.
Please provide the layout of the temporary Data
Center/ building to calculate the numbers of cctv
cameras required for monitoring?
RFP conditions prevails
1190RFP Vol-2,2.4.11
CCTV system72 Storage
The technical specifications for CCTV Video storage
has not been mentioned in the tender, thus, please
help to clarify how storage to be
calculated(resolution, no of days, FPS) of the IP
CCTV Camera for control Room.
RFP conditions prevails
1191 vol-2: 3.1 E Governance: 73
Authority has decided to integrate the below
portal/services to the Lucknow
Command & Control Centre.
Web Portal:
1. Integrated Grievance Redressal System
2. Public Grievance Redressal System
3. e-District (Municipal Services)
4. others city levels initiatives
Bidder understands LSCL would provide the network
connectivity required for the integration to ICCC,
since these applications implementation is not part
of the scope of this RFP. Pls confirm
RFP is Self explanatory
1192
vol-2: 3.2 ICT
Enabled Solid Waste
Management:
74
Solid Waste Management will be required to be
integrated with
Lucknow Command & Control Center to receive
real-time feeds of the of waste collection
vehicles, status of sensor based bins
Bidder understands LSCL would provide the network
connectivity required for the integration of Solid
waste management to ICCC, since solid waste
implementation is not part of the scope of this RFP.
Pls confirm
RFP is Self explanatory
1193 vol-2 : 3.3 Smart Parking: 75
The Name of the these pilot underground
parking locations
are Jhande Park-Lalbagh, Dayanidhaan Park-
Lalbagh & Jhandewala Park-Aminabad. Also,
MSI has to ensure integration of all the parking
locations at control & command centre as &
when implementations of the parking locations
will be completed.
Bidder understands LSCL would provide the network
connectivity required for the integration of Parking
to ICCC, since Smart parking implementation is not
part of the scope of this RFP. Pls confirm
RFP is Self explanatory
1194
vol-2: 3.4 Energy
Efficient Street
Lighting Solutions:
77
MSI on-boarded under this RFP will be
responsible for
coordination with the implementing agency and
further integration of implemented smart
lighting solution in the city to Lucknow Control
and Command Centre, also will implement the
SoP to fulfil the use case
Bidder understands LSCL would provide the network
connectivity required for the integration of Smart
lightning to ICCC, since smart lightning
implementation is not part of the scope of this RFP.
Pls confirm
RFP is Self explanatory
1195
vol-2:3.5 Intelligent
Traffic Management
System
78
The Master System Integrator who will be
selected under the scope of work of this RFP has
to integrate the Integrated Traffic Management
Systems to Lucknow Control and Command
Centre and also will implement the SoP to fulfil
the use cases.
Hope LSCL would provide the network connectivity
required for the integration of Integrated traffic
management to ICCC, since deploying of Integrated
traffic management is not part of the scope of this
RFP. Pls clarify.
RFP is Self explanatory
1196
vol-2:3.5 Intelligent
Traffic Management
System
78
The Master System Integrator who will be
selected under the scope of work of this
RFP has to integrate the Integrated Traffic
Management Systems to Lucknow Control and
Command Centre
Hope LSCL would provide the network connectivity
required for the integration of Integrated traffic
management to ICCC, since deploying of Integrated
traffic management is not part of the scope of this
RFP. Pls clarify.
RFP is Self explanatory
1197vol-2:3.7 City
Surveillance79
There are total 280 cameras functioning at 70
locations under the project the
locations will be provided to the successful
bidder for integrating the feed into LCCC
hope LSCL would provide the network connectivity
for integrating the feed into LCCC? If not locations
needs to be shared before bid. Pls clarify
RFP is Self explanatory
1198vol-2:3.8 UP Dial
10081
Dial 100 System for the Lucknow city will be
required to be
integrated with Lucknow Command & Control
Center by the selected Master System
Integrator to receive real-time feeds on
emergency response management system of
police
department. T
Hope LSCL would provide the network connectivity
required for the integration of Dial 100 to ICCC,
since deploying of Dial 100 is not part of the scope
of this RFP. Pls clarify.
RFP is Self explanatory
1199
vol-2: 3.9
Integration of
SCADA Systems
81
Integration of SCADA Systems (Water Supply,
Sewerage Pumping Station etc.) (For future
integration
Hope LSCL would provide the network connectivity
required for the integration of SCADA to ICCC, since
deploying of Integrated SCADA is not part of the
scope of this RFP. Pls clarify.
RFP is Self explanatory
1200vol-2: 3.1 Unified
Smart Mobility Card:82
these PoS machine is deployed at all the 8 zonal
offices of the Lucknow Municipal
Corporation.
Do we need to provide network connectivity from
ICCC to all the 8 zonal offices of lucknow municipal
corp? pls clarify? We understand this connectivity is
out of scope of bidder and date will be availble at
ICCC for integration
RFP is Self explanatory
1201
vol-2:3.2 Biometric
Attendance System
of Sanitary Workers
84
The Master System Integrator who will be
selected under the scope of work of this RFP has
to integrate the Biometric Attendance
Management System of Sanitary Workers to
Lucknow Control and Command Centre
Hope LSCL would provide the network connectivity
required for the integration of Biometric
attendance management system to ICCC, since
deploying of the same is not part of the scope of
this RFP. Pls clarify.
RFP is Self explanatory
1202
vol-2:4.1
Geographical
Information System
(GIS) & GIS City
Portal
84
decided by the authority that the existing data
of the GIS application will be hosted in the State
Data Centre Lucknow. Later MSI is expected to
migrate the GIS data to centralized data centre
of LSCL which is located in State Data Centre
is the State Data Centre Lucknow and centralized
data centre of LSCL same? This is bit confusing as it
is mentioning centralized data center is in state data
center and migration has to happen from state date
center.pls calrify
Please refer to the corrigendum 6
1203
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
GIS Application
Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 64 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose latest Intel Xeon processor? Please refer to the corrigendum 6
1204
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
GIS Application
Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 64 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose 1TB HDD as SATA disk? RFP Conditions Prevails
1205
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart
City:Database Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 256 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose latest Intel Xeon processor? Please refer to the corrigendum 6
1206
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart
City:Database Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 256 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose 1TB HDD as SATA disk?RFP Conditions Prevails
1207 SAN Storage 87
Dual Controller, Fiber Channel based storage
with
16TB(8*2TB HDD), Scalability to 24 drives within
the
same enclosure
Can bidder quote NLSAS/SATA disks of 2TB
capacity?RFP Conditions Prevails
1208Volume-2
SAN Storage87
Dual Controller, Fiber Channel based storage
with
16TB(8*2TB HDD), Scalability to 24 drives within
the
same enclosure
How many storage front end FC ports bidder need
to quote?
What is minimum size of Internal storage cache
bidder need to quote?
RFP Conditions Prevails
1209Volume-2
SAN Switch87
What is the minimum specification bidder needs to
quote?RFP Conditions Prevails
1210
vol-2: 5.2 Data
Center and Disaster
Recovery:
114
The authority has decided to host the
application and the data of the Integrated
Command & Control Centre to the UP State Data
Centre (SDC) situated in Lucknow.
will the SDC act as DC? Pls clarify RFP Conditions Prevails
1211
vol-2: 5.2 Data
Center and Disaster
Recovery:
114 Racks to be caged
Since We need to install the rack in the SDC and
DCO is managing UPSDC ,So Caging of the Rack will
be provided by the DCO in SDC or we need to
consider the same .
RFP Conditions Prevails
1212 Volume 2 114
The authority has decided to host the
application and the data of the Integrated
Command & Control Centre to the UP State Data
Centre (SDC) situated in Lucknow.
Since it has been decided to host Data Centre in UP
State Data Centre, therefore would like to know
whether we need to consider cyber security
components like DDoS, DLP,SIEM, HIPS, NIPS etc.
RFP is Self explanatory
1213 Volume 2: Scope of
Work114
2. The MSI shall prepare the overall network
connectivity plan for this project. The plan
shall comprise of connectivity of field
equipment at the junctions to be connected
over
network.
1) As per overall network connectivity plan, Do
bidder needs to consider all field switches and
routers as per field connectivity with CCC and DC
2) If Yes, Please share the minimum field Switch and
router specification i.e. number of ports, uplink etc.
3) Copper or fiber connectivity. SFP SM or MM
mode
RFP Conditions Prevails
1214 Volume 2 115
The Disaster Recovery Centre (DRC) will be the
cloud platform developed by the National
Informatics Centre
Please confirm whether bidder is required to
consider cost for hosting DR at cloud as there is no
line item in BoQ for Cloud
RFP Conditions Prevails
1215 Volume 2 121
The SI shall design the DC and DR solution with
the necessary load balancing, replication and
recovery solution that provide zero RPO
(Recovery Point Objective) and RTO (Recovery
Time Objective) of 10 minutes.
Considering the requirement of DR in different
siesmic zone, providing zero Recovery Point
Objective is practically not possible. Request to
provide feasible value
RFP Conditions Prevails
1216 Volume-2 121 Disaster Recovery (DR) SiteSince DR will be in NIC cloud, bidder understood DC -
DR replication will be only host based replication.RFP Conditions Prevails
1217 Volume 2: Scope of
Work132
WAN / Internet Router Interface modules: Must
support up to 10G interfaces as per the design.
Must have capability to connect with variety of
interfaces.
1) Please add minimum ports requirement for sizing
2) Type of ports copper or fiber etc. RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1218 Volume-2 137
Primary Storage
Storage:
• Storage Capacity should be minimum 5 TB
(usable, after
configuring in offered RAID configuration)
• RAID solution offered must protect against
double disc
failure.
• Disks should be preferably minimum of 3 TB
capacity
• To store all types of data (Data, Voice, Images,
Video, etc.)
• Storage system capable of scaling vertically
and horizontally
Bidder understood quoted disk is of NLSAS/SATA
disk.Please refer to the corrigendum 6
1219 Volume 2: Scope of
Work139 Server Load balancer
minimum transection per second ( TPS ) and session
per second requirement for load balancerRFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1220 Volume 2: Scope of
Work141 Link Load Balancer
minimum transection per second ( TPS ) and session
per second requirement for load balancerRFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1221 Volume 2, clause 11 184
Due payments shall be made promptly by the
Authority, generally within Sixty (60) days after
submission of an invoice or request for payment
by MSI
60 days is very credit period which increases the bid
cost as well on account of cost of finance. Please
modify it as follows considering other smart city
RFPs:
Due payments shall be made promptly by the
Authority, generally within Sixty (60) Fifty (15)days
after submission of an invoice or request for
payment by MSI
RFP conditions prevails
1222 Volume 2 226To connect to minimum 16 Displays through
HDMI
As we understand that Video Wall Controller to be
connected to 2 x 2 Video Wall but in tender specs it
has been asked for 16 HDMI outputs. Please
provide list of display locations where remaining 12
HDMI outputs of Video Wall Controller to be
terminated
RFP Conditions Prevails
1223 Volume 2 233 Projector
Projector specs are given but its not part of BoQ.
Also specify whether projector(s) to be used as
portable or its need to supplied with supporting
accessories such as Projector Screen, Mounting and
Cables.
RFP conditions prevails
1224
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239
1.IP Camera should be a high-definition, full-
functioned video endpoint with industry-leading
image quality and processing power. The
camera is capable of resolutions up to 1920 x
1080 at 30 frames per second (fps) while
optimizing network usage with either H.264 or
MJPEG compression.
Please help us to know the type of camera required
for control room, i.e. Dome Camera or Bullet
Camera.
RFP conditions prevails
1225
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
240
25.Certifications Safety-UL60950-1 second
edition CSA22.2-No.60950-1 IEC/EN60950-1
second edition IEC/EN60825
IEC/EN60825 is only applicable for Safety of laser
products, while the requirement in the tender is not
of laser, thus request you to delete this requirement
RFP Conditions Prevails
1226
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241
27.OEM Criteria-All proposed Cameras should
be from Single OEM and OEM should have
Registration in India min from 10 Years
We request you to kindly remove this caluse basis
the following. 1) in case if any one of the camera
specification is not complied by OEM, their other
complied camera will also not be quoted by SI as
well this will lead Monopoly for OEM who's all
camera comply in this tender, they will charge high
price and take advantage of this condition. 2). Many
world class OEM's have come to India for business
few years back, we request you to reduce this 10
years period to 5 or 7 years so that world's best
OEM's who have come India for business can
participate in this tender and provide best quality
equipment at very competative prices.
RFP conditions prevails
1227
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241 Video management softwareFor Video management software the requirement is
of server based or NVR based system.RFP Conditions Prevails
1228
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241 General
Is there any requirement of internal IR illuminator
to have a better view during low light
condition?please share the range of internal IR
illuminator required?
RFP Conditions Prevails
1229 Volume 2 General
Please confirm whether bidder has to provide Call
Centre Solution for Integrated Command & Control
Centre
RFP Conditions Prevails
1230 Volume 2 GeneralPlease share the specification of the HVAC system
we need to consider. RFP Conditions Prevails
1231 Volume 2 General
Please share the specification of the Security Sysetm
Like Rodent ,Access and WLDS ,FDS and FFS we need
to consider.
Please refer to the corrigendum 6
1232 Volume 2 General
Please specify the number of person/workstations
we need to consider for design command control
center ,also specify any other areas like manager
cabins etc if required. Also please let us know the
Area requirments.
RFP Conditions Prevails
1233Vol 1, 2.18 - Late
Bids26
Authority reserves the right to modify and
amend any of the above-stipulated
condition/criterion.
We request modification:
Authority reserves the right to modify and amend
any of the above-stipulated condition/criterion
before submission date of the bid.
RFP Conditions Prevails
1234
Vol 1, 2.21
Acceptance/Rejectio
n of Bids22
In the event of any assumptions, presumptions,
key points of discussion, recommendation or
any points of similar nature submitted along
with the Bid, Authority reserves the right to
reject the Bid and forfeit the EMD.
We request modification:
In the event of any assumptions, presumptions, key
points of discussion, recommendation or any points
of similar nature submitted along with the Bid,
Authority reserves the right to reject the Bid and
forfeit the EMD.
RFP Conditions Prevails
1235
3.5.1 Technical Bid
Criteria &
Evaluation44
1.Work order/ Contract clearly
Highlighting the scope of work, Bill of Material
and value of the contract/order.
Since most of the work orders specially govt.
customer there are NDAs applicable . Hence sharing
work orders is not possible. We request to please
accept customer certificate or CA certifcaate from
bidder for project exprience.
Work order/ Contract clearly Highlighting the scope
of work, Bill of Material and value of the
contract/order.
RFP conditions prevails
1236
Vol1, 4.3
Performance Bank
Guarantee (PBG)48
Within fifteen (15) working days from the date
of issuance of LOI, the successful Bidder shall at
his own expense submit unconditional and
irrevocable Performance Bank Guarantee (PBG)
to the Authority. The PBG shall be from a
Nationalized Bank or a Scheduled Commercial
Bank in the format prescribed in Section 9 -
Annexure 5 (a), payable on demand, for the due
performance and fulfilment of the contract by
the bidder.
This Performance Bank Guarantee shall be for
an amount equivalent to 10% of total contract
value. PBG shall be invoked by Authority, in the
event the Bidder:
a. fails to meet the overall penalty condition as
mentioned in RFP Volume II or any changes
agreed between the parties,
b. fails to perform the responsibilities and
obligations as set out in the RFP to the complete
satisfaction of Authority,
c. Misrepresents facts/information submitted to
Authority
The performance bank guarantee shall be valid
till satisfactory completion of Post
Implementation Support. The performance bank
guarantee may be discharged/returned by
Authority upon being satisfied that there has
been due performance of the obligations of the
Request modification:
Within thirthy fifteen (15) working days from the
date of signing of mutually agreed contract
issuance of LOI, the successful Bidder shall at his
own expense submit unconditional and irrevocable
Performance Bank Guarantee (PBG) to the
Authority. The PBG shall be from a Nationalized
Bank or a Scheduled Commercial Bank in the format
prescribed in Section 9 - Annexure 5 (a), payable on
demand, for the due performance and fulfilment of
the contract by the bidder.
This Performance Bank Guarantee shall be for an
amount equivalent to 10% of total contract value.
PBG shall be invoked by Authority, in the event the
Bidder:
a. fails to meet the overall penalty condition as
mentioned in RFP Volume II or any changes agreed
between the parties,
b. fails to perform the responsibilities and
obligations as set out in the RFP as per the terms of
the RFP to the complete satisfaction of Authority,
c. Misrepresents facts/information submitted to
Authority
The performance bank guarantee shall be valid till
[date to be filled ]. satisfactory completion of Post
Implementation Support. The performance bank
guarantee may be discharged/returned by Authority
RFP conditions prevails
1237vol1 ,4.4 Warranty
& Maintenance54
If the successful bidder, having been notified,
fails to remedy the defect(s) within the period
specified in the contract, Authority may proceed
to take such reasonable remedial action as may
be necessary, at the successful bidder’s risk and
expense and without prejudice to any other
rights, which Authority may have against the
bidder under the contract.
During the comprehensive warranty period, the
successful bidder shall provide all product(s) and
documentation updates, patches/fixes, and
version upgrades within 15 days of their
availability and should carry out installation and
make operational the same at no additional cost
to Authority.
The successful bidder hereby warrants Authority
that:
We request modification:
If the successful bidder, having been notified, fails
to remedy the defect(s) within 30 days the period
specified in the contract, Authority may proceed to
take such reasonable remedial action as may be
necessary, at the successful bidder’s risk and
expense after providing a cure period of 30 days to
the bidder. Any such expenses under this section
shall not exceed 3% of the value of services under
defect and which remains unrepaired for 30 days of
cure period. and without prejudice to any other
rights, which Authority may have against the bidder
under the contract.
During the comprehensive warranty period, the
successful bidder shall provide all product(s) and
documentation updates, patches/fixes, and version
upgrades within 15 days of their availability and
should carry out installation and make operational
the same at no additional cost to Authority.
The successful bidder hereby covenants warrants
Authority that:
……
RFP conditions prevails
1238
10 Annexure 6 –
Non-Disclosure
Agreement102
d. To treat Confidential Information as
confidential unless and until Authority expressly
notifies the Bidder of release of its obligations in
relation to the said Confidential Information.
The confidentiality obligation shall be for three
years from the date of termination / expiry of the
contract.
The Confidential Information shall be documented
before its disclosure. The term of this NDA shall be
the duration of the Master Service Agreement.
RFP conditions prevails
1239
Vol3, A. General
Conditions of
Contract (GCC)
1. Definition of
Terms
4
1.2. “Applicable Law(s)” Any statute, law,
ordinance, notification, rule, regulation,
judgment, order, decree, bye-law, approval,
directive, guideline, policy, requirement or other
governmental restriction or any similar form of
decision applicable to the relevant party and as
may be in effect on the date of the execution of
this Agreement and during the subsistence
thereof, applicable to the Project.
We request modification:
. “Applicable Law(s)” Any statute, law, ordinance,
notification, rule, regulation, judgment, order,
decree, bye-law, approval, directive, guideline,
policy, requirement or other governmental
restriction or any similar form of decision applicable
to the relevant party and as may be in effect on the
date of the execution of this Agreement and during
the subsistence of this contract thereof, applicable
to the Project.
For consortium members, other than lead bidder,
shall be comply with the laws as applicable on their
scope of services.
RFP conditions prevails
1240 2. Interpretation 6
c. the word “include” or “including” shall be
deemed to be followed by “without limitation”
or “but not limited to” whether or not they are
followed by such phrases;
We request modification:
c. the word “include” or “including” shall be
deemed to be followed by “without limitation” or
“but not limited to” whether or not they are
followed by such phrases;
RFP conditions Prevails
1241 Vol3 ,4. Scope of work
Authority has engaged SI to provide services
related to implementation of Lucknow Smart
City solutions using which the Authority intends
to perform its business operations. SI is required
to provide such goods, services and support as
the Authority may deem proper and necessary,
during the term of this Contract, and includes all
such processes and activities which are
consistent with the proposals set forth in the
Bid, the Tender and this Contract and are
deemed necessary by the Authority, in order to
meet its business requirements (hereinafter
‘scope of work’).
We request modification:
Authority has engaged SI to provide services related
to implementation of Lucknow Smart City solutions
using which the Authority intends to perform its
business operations. SI is required to provide such
goods, services and support as mentioned under
the contract, the Authority may deem proper and
necessary, during the term of this Contract, and
includes all such processes and activities which are
consistent proposed with under the proposals and
as set forth in the Bid, the Tender and this Contract
and are deemed necessary by the Authority, in
order to meet its business requirements
(hereinafter ‘scope of work’).
RFP Conditions Prevails
1242Vol3, 10.13
10
10.13. The Authority reserves the right to review
the terms of the Warranty and Annual
Maintenance agreements entered into between
SI and OEMs and no such agreement/contract
shall be executed, amended, modified and/or
terminated without the prior written consent of
the Authority. An executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
Bidder requests deletion of the clause.
The Authority is not a signatory to these documents
and therefore, has no privity to these Agreements.
Also, such agreements are signed by Wipro not for a
specific project but at an organizational/alliance
level.
RFP Conditions Prevails
1243vol3, 15. Indemnity
18
15.1. SI shall indemnify the Authority from and
against any costs, loss, damages, expense, claims
including those from third parties or liabilities of
any kind howsoever suffered, arising or incurred
inter alia during and after the Contract period
out of:
a. any negligence or wrongful act or omission by
SI or any third party associated with SI in
connection with or incidental to this Contract; or
b. any breach of any of the terms of SI’s did as
agreed, the RFP and this Contract
by SI
c. any infringement of patent,
trademark/copyright or industrial design rights
arising from the use of the supplied goods and
related services or any part
thereof
15.2. SI shall also indemnify the Authority
against any privilege, claim or assertion made by
a third party with respect to right or interest in,
ownership, mortgage or disposal of any asset,
property etc.
15.3. Regardless of anything contained (except
for SI's liability for bodily injury and/ or damage
to tangible and real property for which it is
legally liable and it's liability for patent and
copyright infringement in accordance with the
terms of this Agreement) the total liability of SI,
Bidder requests modification: -
1. SI shall indemnify the Authority from and against
any costs, loss, damages, reasonable expense,
claims including those from third parties or
liabilities of any kind howsoever suffered, arising or
incurred inter alia during and after Contract period
out of:
any gross negligence or wrongful act or wilful
omission by SI or any third party associated with SI
in connection with or incidental to this Contract; or
a. any infringement of patent, trademark/copyright
or industrial design rights arising from the use of the
supplied goods and related services or any part
thereof
Regardless of anything contained (except for MSI's
liability for bodily injury arising out of gross
negligence or wilful misconduct for which it is
legally liable and it's liability for patent and
copyright infringement in accordance with the
terms of this Agreement) the total liability of SI, is
restricted to the fees (excluding reimbursements)
received by it under this Agreement during the
three months preceding the date of first claim. total
value of the contract and SI is not responsible for
any third party claims.
RFP conditions Prevails
1244 Vol III - 22.2 21
We request for deletion of following
Any failure or lapse on the part of SI in
performing any obligation as is reasonably
necessary and proper, to negate the damage
due to projected force majeure events or to
mitigate the damage that may be caused due to
the above mentioned events or the failure to
provide adequate disaster
management/recovery or any failure in setting
up a contingency mechanism would not
constitute force majeure, as set out above.
We request for deletion of following
Any failure or lapse on the part of SI in performing
any obligation as is reasonably necessary and
proper, to negate the damage due to projected
force majeure events or to mitigate the damage
that may be caused due to the above mentioned
events or the failure to provide adequate disaster
management/recovery or any failure in setting up a
contingency mechanism would not constitute force
majeure, as set out above.
Bidder requests the following to be added in the
Force Majeure clause: -
It stands clarified that the Authority shall not be
absolved from meeting its timely payment
obligations during the subsistence of Force
Majeure. In the event Force Majeure continues for
more than sixty (60) days, either party shall have
the right to terminate the contract in which case
the SI shall be paid for all the goods delivered and
services rendered up to the effective date of
termination.
RFP Conditions Prevails
1245
Vol III - 34 Events of
Default 27
Events of defualt are open ended. Request to please
define or limit it ot existing:
Events of defaults should be breach of terms as
mentioned under the contract and shall not include
any subsequent modification instruction of the
Authority. Request for deletion of "The events of
defaults are but not limited to :
RFP Conditions Prevails
1246
36.2 Consequence
of Termination 30
Where the termination of the Contract is prior
to its stipulated term on account of a Default on
the part of SI or due to the fact that the survival
of SI as an independent corporate entity is
threatened/has ceased, or for any other reason,
whatsoever, the Authority, through unilateral re-
determination of the consideration payable to
SI, shall pay SI for that part of the Services which
have been authorized by the Authority and
satisfactorily performed by SI up to the date of
termination. Without prejudice to any other
rights, the Authority may retain such amounts
from the payment due and payable by the
Authority to SI as may be required to offset any
losses caused to the Authority as a result of any
act/omissions of SI. In case of any loss or
damage due to default on the part of SI in
performing any of its obligations with regard to
executing the Schedule of
Requirements under the contract, SI shall
compensate the Authority for any such loss,
damages or other costs, incurred by the
Authority. Additionally, members of its team
shall perform all its obligations and
responsibilities under the Contract in
an identical manner as were being performed
before the collapse of SI as described above in
order to execute an effective transition and to
The payment paid to SI on termiantion is unialterally
decided by authority. Request to please make it on
mututal discussion
RFP Conditions Prevails
1247 General
We request to add the given clause as taxes vary
time to time and customer shall pay as per the
relevant rate applicable
Customer is responsible for payment of taxes,
duties, octroi / entry tax, cesses and any other
statutory levies (by whatever name called at the
applicable rates from time to time, including any
new levies or increase in existing levies) relating to
the proposal. However, Customer will not be
responsible for income taxes and wealth taxes that
may be payable by Wipro. In case of any new taxes
or levies being attracted to the transaction after the
date of submission of response by Wipro or if any
existing taxes or levies are changed thereafter, the
same shall be borne by the Customer.
RFP Conditions prevails
1248Vol 3, Limitation of
liablityBidder Request Addition
Notwithstanding anything contained herein, neither
Party shall be liable for any indirect, punitive,
consequential or incidental loss, damage, claims,
liabilities, charges, costs, expense or injury
(including, without limitation, loss of use, data,
revenue, profits, business and for any claims of any
third party claiming through Wipro) that may arise
out of or result from this Agreement. The aggregate
liability of Wipro under this Agreement, shall not
exceed the annual value of the contract.
RFP conditions prevails
1249
Pre-Qualification
Criteria, Vol 1,
Clause No 2>>
Documentary
Evidence
Page No : 35
The Sole Bidder or the Lead Bidder and all other
Members of Consortium:
Audited financial statements for the last
three financial years Certificate from the
Statutory Auditor on turnover details from the
“specific business areas” over the last three (3)
financial years
We request to accept CA Certificate. Because It is
impossible for a Statutory Auditor to audit Business
Specific Area Wise for all three years based on
different tenders in the country. Auditors are not
the same in all FYs. So Any CA Certifications can be
asked who can examine the turn-over and can issue
the certificates.
RFP conditions prevails
1250
Pre-Qualification
Criteria, Vol 1,
Clause No 8
Page No : 36
The sole bidder or lead bidder should have
completed at least two projects in Govt/
Semi Govt/ PSU; in the field of development
and integration of citizen centric web portal
/ mobile app, database management /data
warehousing/ business analytics / cloud
applications
on the date of release of NIT.
We request to include ERP as an option. RFP conditions prevails
1251
3.5.1 Technical Bid
Criteria &
Evaluation, Vol 1,
Clause No
1>>Documentary
Evidence
Page No : 39
Sole Bidder or Lead Bidder of the Consortium:
Certificate from the Statutory Auditor on
turnover details from the “specific
business areas” over the last three (3)
financial years
We request to accept CA Certificate. Because It is
impossible for a Statutory Auditor to audit Business
Specific Area Wise for all three years based on
different tenders in the country. Auditors are not
the same in all FYs. So Any CA Certifications can be
asked who can examine the turn-over and can issue
the certificates.
RFP conditions prevails
1252
3.5.1 Technical Bid
Criteria &
Evaluation, Vol 1,
Clause No B1
Page No : 39
The Sole Bidder or lead member (in case of
consortium) should have been awarded
and successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years
as on the date of release of RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
We request to accept the terms mentioned in Pre-
Qualification and reduce the project value.
Qualifying Criteria Turn-over is asked only INR 10
Crore and Project Value is being asked of the value
of INR 15 Crore. We also request to accept the
credential of Consortium. We request you to change
it as
The Sole Bidder or any member of consortium
should have been awarded and successfully
executed & commissioned project(s) related to
development and integration of citizen centric web
portal / mobile app components/ ERP or
Application Development or all having minimum
value of INR 5 crore in India/Abroad during last
five years as on the date of release of RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Please refer to the corrigendum 6
1253
3.5.1 Technical Bid
Criteria &
Evaluation, Vol 1,
Clause No B2>>City
Centric software
Integration Projects
Page No : 41
The Sole Bidder or lead member (in case of
consortium) should have experience in the
field of City centric software Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
We request to accept the credential of Utility and
Power Sector. And also accept the credential of
Consortium Partner. We request to change this as
The Sole Bidder or Any member of consortium
should have experience in the field of City centric
software Integration Projects/ Utility Sector/
Power/ Municipal Application
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
1254
3.5.1 Technical Bid
Criteria &
Evaluation, Vol 1,
Clause No
B3>>Software
Platform
Page No : 42
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of delivery)
with the above mentioned technology stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
This is restricting the Platform. We fulfill this criteria
But as principle, this should not be restricted
because there are several platform for
development. We also request you to accept the
credential of consortium partner and credential of
abroad. We are requesting to change it as
The Sole Bidder or Any member of consortium
should have experience in developing and
implementing IT software projects in India or
Abroad with appropriate Application Platform
mobile apps native languages (Android, ioS,
Windows, Hybrid language like phonegap), User
Experience in designing User Interfaces. At least 2
projects have been executed (documentary
evidence to be provided as proof of delivery)
with the above mentioned technology stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Please refer to the corrigendum 6
1255
R F P
D o c u m e n t V o l
u m e 2 : S c o p e
o f W o r k
135 D a t a C e n t r e T O R ( T o p o f t h e R a c k
) S w i t c h
D u a l l o a d s h a r i n g A C a n d D C p o w e r s
u p p l i e s
U s u a l l y t h e p o w e r
a v a i l a b i l i t y a t s i t e
i s o f o n e t y p e . M o r
e o v e r
e n t e r p r i s e s w i t c h
e s a r e u s u a l l y o n A
C p o w e r e d . I n l i n e
t o o u r u n d e r s t a n d i
n g w e w o u l d r e q u e s
t t o a m m e d t h e c l a u
s e a s " D u a l l o a d s h a
r i n g A C o r D C p o w e r s
u p p l i e s " . P l e a s e c o
n f i r m .
RFP conditions Prevails
1256
Pre-Qualification
Criteria Sr. No. 5
41
The Sole Bidder or the Lead bidder of
consortium, in case of a Consortium, should
possess any of the below Certifications which
are valid at the time of bidding:
Management System
Request you to exempt BSNL since BSNL is a Govt.
Orgnisation
RFP conditions prevails
1257
Pre-Qualification
Criteria Sr. No. 7
41
The sole bidder or lead bidder /consortium
partner should have CMM level 5.
Request you to exempt BSNL since BSNL is a Govt.
Orgnisation RFP Conditions Prevails
1258
Vol 1 Addittion Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be deployed in at least 1 city in India and
must be operational for more than a year with 3 use
cases mentioned in the tender.
This will ensure the
proposed CCC solution is
working as per customer
expectations and capable
of delivering desired
outcomes in Indian
conditions. Relevance of
min. 3 use-case will prove
the depth and integration
capabilities of the product.
RFP conditions Prevails
1259
Vol 1 Addittion ·Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should have min 1 deployment in cloud and min 1
deployment on-premises in India - Bidder to submit
OEM undertaking / Work Order / Purchase Order for
same. As multiple city technology are going in cloud,
ICCC solution must have experience in cloud
technology integration.
For the obvious advantages
of Cloud technology based
deployments, many cities
are starting to outsource
more and more elements
of their Smart City ICT & IT
infrastructure to cloud
service providers. As
multiple city technology
are going in cloud, CCC
solution must be
thoroughly proven for
cloud based deployments
and integrations. Also, for
any of the existing legacy
infrastructure or for
system which can be better
hosted locally, the CCC
should have On-premises
capabilities as well.
RFP conditions Prevails
1260
Vol 1 Addittion Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be deployed in 5 cities globally with
minimum 3 smart city use cases either on Cloud or
On-premise architecture.
This will ensure the
proposed CCC product is of
Global/International
Standards and
meets/fulfills all
parameters required for
the Smart City use-case
domains. Relevance of
min. 3 use-case will prove
the depth and integration
capabilities of the product.
RFP conditions Prevails
1261
Vol 1 Addittion Proposed Integrated Command Control Center
(ICCC) platform comprising of Pre-Integrated
Visualization layer & Normalization/IOT platform
should be either be from Single OEM OR should be
pre-integrated and operational for more than a year
in a City locally or globally. OEM need to submit
project experience and undertaking on same.
Single OEM for Pre-
Integrated Visualization
layer & Normalization / IOT
platform will ensure
watertight integration,
seamless and trouble-free
operations. If not single
OEM, than propose
solution to be working
successfully for over 1 will
ensure the proposed
combination of products
are working as per
expectations and capable
of delivering desired
outcomes
RFP conditions Prevails
1262
Vol 1 Addittion Smart City Platform/Software provider should be
Member of Smart Cities Council & Navigant
Research Report for Smart Cities Suppliers.
This will ensure the
proposed CCC product is of
Global/International
Standards and
meets/fulfills all
parameters required for
the Smart City use-case
domains.
RFP conditions Prevails
1263
Vol 1 Addittion OEM should have registered office in India at least
from last 10 Years and should have software
development center and Research & Development
Lab in India.
Relevance of time will
prove the depth and
capabilities of the product
& its strategy, market
presence, staying power,
support mechanism.
RFP conditions Prevails
1264
Vol 1 Addittion Bidder need to submit OEM's data sheet, ordering
guide & API document available on the public
domain along with bid document.
Documentary evidence to
substantiate capabilities of
proposed solution /
product, Product
Performance & Features,
Integration capabilities,
etc.
RFP conditions Prevails
1265
Vol 1 Addittion OEM must be single legal entity or its holding
company, having annual revenue of more than INR
100 Crores in the last two financial years (2014-15
and 2015-16) either in India or Globally and at the
same time be profitable in last the 3 financial years
This will ensure no
smalll/local players
participate in the process
and only repuated brands
with expierence of industry
come forth.
RFP conditions Prevails
1266
Vol 1 Addittion OEM should have atleast 4 spare depots in the
country for material replacement and support
This again will ensure no
Chinese/Taiwan/Israel etc.
type of compaines who do
not have a support base
are able to participate.
RFP conditions Prevails
1267
Vol 1 Addittion OEM should have executed atleast 5 mission-mode
projects of state or central government like SDC.
SWAN etc.
OEMs with past expierence
of executing mission
critical projects should be
preferred
RFP conditions Prevails
1268
Volume 2, | Section
2.3.1 (Collaboration)
46
The platform should allow the stakeholders to
be notified of the creation of collaboration
spaces using SMSs and announcements over
PSTN telephone calls.
Request you please change clause as "The platform
should allow the stakeholders to be notified of the
creation of collaboration spaces using SMSs
/announcements over
PSTN telephone calls/Emails.
RFP conditions prevails
The platform should allow the
stakeholders to be notified of the
creation of collaboration spaces
using SMSs /announcements over
PSTN telephone calls/Emails.
1269
Volume 2 | Section
2.3.1 (Incident
Management)
59
MSI has to provide an appropriate tools for
incident and SLA management for the SLA
Parameters defined in Vol. 3 of this RFP
Request you to please remove " SLA Management"
becasuse SLA management is part of "EMS" which is
already asked in RFP.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1270
Vol 2 | 1.4
Finalization and
submission of a
detailed technical
architecture
12
Support for PKI based Authentication and
Authorization- The solution shall support PKI
based
Authentication and Authorization, in accordance
with IT Act 2000, using the Digital Certificates
issued by the Certifying Authorities (CA). In
particular, 3 factor authentications (login id &
password, biometric and digital Signature) shall
be implemented by the MSI for
officials/employees
involved in processing citizen services.
1. Should the PKI based Auth & Auth solution be
deployed on- premise or cloud?
2. How many Digital Signature Certificates would be
required?
3. Should the application have the ability to just
validate DSC's or even issue DSC's?
4. Is Aadhar based authentication permitted too or
its just DSC?
5. What are the specifications of biometric systems
that should be integrated?
6.Can we expect that the biometric hardware
existing or new will have capability to integrate?
Should one quote for the biometric hardware too?
7. Should the biometric fingerprints be validated by
Aadhar ID or any other software?
8. Is a OTP based auth required?
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1271
Vol 2 | 1.5 Other
expectations from
MS
17
26. Build and certify ICCC as per ISO 27001:2011
standards
Is the expectation of ICCC platform to be ISO 27001
certified? In ISO 27001, 2011 standard isn't specified
in ISO Standards. Need further details.RFP conditions Prevails
1272
Vol 2 | 2.1
Environmental
Sensors:
21
Mosquito Density Is the expectation the environmental sensor should
be able to detect mosquito sensity too? Or
expecting a different sensor to measure this
density?
Please refer to the corrigendum 6
1273
Vol 2 | 2.1
Environmental
Sensors: 21
Functional Specs: CO upto 1000 ppm, Technical
Specs Range: CO : 0 – 31 ppm
Can you please clarify the difference? Should the
range be ppb or ppm in tech specs? RFP conditions Prevails
1274
Vol 2 | 2.2 Variable
Message Sign Board
25
The real time information can also be
pushed manually from ICCC as well as system
should capable to take
the data from the cloud for display on the board
Should application also be deployed on cloud to
send messages to VMS?
RFP conditions prevailsData can be taken from the cloud,
application will be hosted in SDC
1275
Vol 2 |2.3
Centralized
Command & Control
Centre
29
MSI should also continuously monitor all the
infrastructure/Servers/Routers/etc which
has been built as part of this RFP
What about monitoring of the sensor health and
sensor data correctness, sensor gateway health
status, battery life, warranty monitoring, security
issues coming from firmware, sensor performance
management?
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1276
Vol 2 | 2.3.1
General
Requirements: Point
23 37
The platform should also be able to bring in
other egovernance data (SCADA systems) as i-
frames in the
command and control centre dashboard
Why i-frames only? There are other ways to
integrate too.RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1277
Vol 2 | 2.3.1
General
Requirements: Point
23
50
Integrate with other 3rd party applications
seamlessly.
The response time of the analytical tools used
should
be less than 10 sec
Can you clarify if its 3rd party applications or 3rd
party application data sources/apis?
Response time of an analytical tool varies from case
to case based on the amount of data that should be
processed. If one is looking at monthly data it could
show up in less than 2 sec. If its yearly data it could
vary. Request to remove this clause. Application
response time can be less but for reporting engines,
it may not be the case
RFP conditions Prevails
1278
Vol 2, 3.1 Unified
Smart Mobility Card:
82
Scope of Work: The MSI is expected to integrate
the services of various
departments into Lucknow Metro card so as to
achieve the concept of One City-One
Card. Below are the minimum list of the
services/ departments that are expected to
be taken for the integration:
1. What is the integration required for Smart
Mobility Card to ICCC?
2. Will MSI be given access to LMC Application to
integrate the services?RFP conditions Prevails
1279
Vol 2, Geographical
Information System
(GIS) & GIS City
Portal
85
3D Data of city Will 3D data of city be provided as part of GIS
Platform or should be added? If it has to be added,
should 3D data modelling be considered too? Please refer to the corrigendum 6
1280
Vol 2, Geographical
Information System
(GIS) & GIS City
Portal
86
8 Core Arc GIS Server on Active-Active mode
along with two Desktop advanced are
already existing and the MSI shall evaluate the
sizing as per their requirement of the
system and also has to maintain the existing city
portal and the upgrade system for
5 years
Till when are the existing ArcGIS licenses valid?
Is there already a web GIS server?
Is the expectation to use ArcGIS platform only or
propose another based on the specs given further in
the RFP page 97 onwards?Please refer to the corrigendum 6
1281
Vol 2 | Technical
Requirement | WAN
/ Internet Router
132
Bandwidth: Bandwidth on demand for cost
effective connection performance enhancement
Request you yo please specify the throughtput (min
& max) that’s needs to be considered.Please refer to the Addendum 1
1282
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Dual network connectivity of 10 G speed for
each blade server for redundancy shall be
provided
Request to modify the specification: " Dual network
connectivity of 20 G uplink bandwidth for each
blade server for redundancy shall be provided "
Dedicated uplink
bandwidth of 20 Gbps per
server will ensure optimum
performance fior
demanding workloads
RFP Conditions Prevails
1283
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plugs/hot-swap redundant 16 Gbps
Fiber Channel module for connectivity to the
external Fiber channel Switch and ultimately to
the storage device
Request to modify the specification: "Two hot-
plugs/hot-swap redundant 16 Gbps Fiber Channel or
FCOE module for connectivity to the external Fiber
channel Switch and ultimately to the storage
device"
Latest generation blade
architectures support dual
converged modules for IO
connectivity for carry LAN
and SAN traffic. This helps
in simplification, lower
cabling, power & cooling
without compromising
throughput. We support
dual converged modules to
carry both LAN & SAN
traffic. Hence kindly allow
for coverged IO modules.
Please refer to the corrigendum 6
1284
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Provision of systems management and
deployment tools to aid in blade server
configuration and OS deployment
Request to modify this clause to "Provision of
systems management and deployment tools to aid
in blade server configuration and OS deployment
along with centalized management solution in HA
for single pane of glass view for configuration,
monitoring & management "
There should be
centralized management
dashboard for all the
chassis and blade servers
in a given data center for
single pane of glass view
RFP Conditions Prevails
1285
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications 136
Minimum 1 USB port Request you to modify this to " Minimum 1 USB
Ports at Blade Server or Chassis level "RFP Conditions Prevails
1286
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plug/hot-swap, redundant 10 Gbps
Ethernet or FCoE module with minimum 16
ports (cumulative), having Layer 2/3
functionality
Request you to modify this to " Minimum Two hot-
plug/hot-swap, redundant 10 Gbps Ethernet or FCoE
module with minimum 16 ports (cumulative), to
meet uplink bandwidth per server for a fully loaded
chassis "
Sufficient bandiwtdh
shiuld be provisioned
considering fully loaded
chassis even if not all blade
slots are populated. This
will maintain the same
optimum performance
level & investment
protection even in case of
any future expansion of
number of blades in the
given chassis
Please refer to the corrigendum 6
1287
Vol 2 | Technical
Requirement |
Blade-Chassis
Specifications
136
Two hot-plugs/hot-swap redundant 16 Gbps
Fiber Channel module for connectivity to the
external Fiber channel Switch and ultimately to
the storage device
Request you to modify this to " MinimumTwo hot-
plugs/hot-swap redundant 16 Gbps Fiber Channel
module for connectivity to the external Fiber
channel Switch and ultimately to the storage device
to meet uplink bandwidth per server for a fully
loaded chassis "
Sufficient bandiwtdh
shiuld be provisioned
considering fully loaded
chassis even if not all blade
slots are populated. This
will maintain the same
optimum performance
level & investment
protection even in case of
any future expansion of
number of blades in the
given chassis
RFP Conditions Prevails
1288
Vol 2 | Technical
Requirement |
Servers
135
Processor:
• Latest series/ generation of 64 bit x86
processor(s) with Ten or higher Cores
• Processor speed should be minimum 2.4 GHz
• Minimum 2 processors per each physical
server
Request to Modify to " Processor:
• Latest series/ generation of 64 bit x86 processor(s)
skylake processors
• Processor speed should be minimum 2 GHz
• Minimum 2 processors per each physical server"
The current series by Intel
is teh Skylake chipset
which are more efficient
and perfromance oriented.
Also the bidder should be
let to decide the no. of
core per processor in order
to have teh best suitable
robust solution
RFP Conditions Prevails
1289
Vol 2 | Technical
Requirement |
Servers
135
Internal Storage:
• 2 x 300 GB SAS (10k rpm) hot swap disk with
extensible bays
Request to Modify to " Internal Storage: 2 x 300 GB
SAS (10k rpm)"
The blades storage is
required only to hots the
OS binaries and metadata
rest all storage would be
required on external
storage as the servers are
external devices bootable
and is best recommended
as per best practice laws.
RFP Conditions Prevails
1290
Vol 2 | Technical
Requirement | Anti-
APT
154
Solution must be custom built Anti•APT solution
and must not have network perimeter security
component part devices like firewall and IDS/IPS
Request to change to below , as custom built
solution can be easily compromised :-
Solution must not be a custom built Anti APT
solution and must not have network perimeter
security component part devices like firewall and
IDS/IPS
Request to change to
below , as custom built
solution can be easily
compromised
RFP conditions prevails
Dedicated Custom built APT
solutions offer dedicated
resources to do analysis of
unknown threats with higher
acceleration instead of
UTM/Firewall based devices
having multiple security layers
hosted on shared resources.
1291
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should use customizable
OS sandboxes for detecting zero day malwares,
This should not be a CPU or chip based function.
Request to Remove this clause As custom built solution
can be easily compromisedRFP Conditions Prevails
1292
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should be able to detect
lateral movement (East West) of the attacker
without the need of installing agents on
endpoint/server machines.
Request to change as per below:
The proposed solution should be able to detect
lateral movement (East West) of the attacker with
or without the need of installing agents on
endpoint/server machines.
Incase of Anti APT lateral
movement (East West)
may not have actual
visibility without an agent RFP Conditions Prevails
1293
Vol 2 | Technical
Requirement | Anti-
APT
154
The proposed solution should support Multiple
protocols for inspection. Example :• HTTP, FTP,
SMTP, SNMP, IM ,IRC,DNS and P2P protocols
Internal direction :SMB ,Database protocol
(MySQL, MSSQL, Oracle) on a single device
Request to Change the Clause As "The proposed
solution should support Multiple protocols for
inspection. Example HTTP,HTTPS SMTP, IMAP,
POP3, FTP NetBIOS-ssn (SMB)"
Specific to OEM
RFP Conditions Prevails
1294
Vol 2 | Technical
Requirement | Anti-
APT
156
The proposed solution should be able to run at
least 60 parallel sandboxes for analysis of
payload and on premise customized sandbox
solution should have the capability to allow
manual submission of suspicious files for
analysis
Request to Change the Clause As :- The proposed
solution should be able to run at least 5000 files a
day for sandboxes analysis of payload and on
premise sandbox solution should have the
capability to allow manual submission of suspicious
files for analysis
Different OEM use
different mechanism to
size their sandbox solution
hence requesting changeRFP Conditions Prevails
1295
Vol 2 | Technical
Requirement | Anti-
APT
156
Customized sandbox solution should support
following operating systems (Windows XP,
Win7, Win8/8.1, Win 10, Windows Server 2003,
2008 & 2012) and must have the capability to
analyse large files and must be able to support
more than 40MB file size.
Request to Change the Clause As :- sandbox
solution should support following operating systems
( Win7 Win 10, )and must have the capability to
analyse large files and must be able to support more
than 50MB file size.
Different OEM use
different solution hence
requesting change
RFP Conditions Prevails
1296
Vol 2 | Technical
Requirement | Anti-
APT
156
The solution should allow administrator to
categorize files as safe based on Hash values
(MD5) and proposed solution should be able to
provide customizable sandbox to match
customer's endpoint environments.
Request to Change the Clause As :-The solution
should allow administrator to categorize files as safe
based on Hash values (MD5/SHA 256) and proposed
solution should be able to provide sandbox to
match customer's endpoint environments.
MD5 Hash has problem of
overlapping hence
requesting changeRFP Conditions Prevails
1297
Vol 2 | Technical
Requirement | Anti-
APT
156
The Proposed solution should support
customizable Windows 7/8/10 and Microsoft
2008/12 operating environments for
Sandboxing. This requirement should be based
on virtual execution and should not be
Hardware or chip based function
Request to Remove this clause , as custom built
solution can be easily compromise:- The Proposed
solution should support Windows 7 & Windows 10
operating environments for Sandboxing.
As custom built solution
can be easily compromised
RFP Conditions Prevails
1298
Vol 2 | Technical
Requirement | Anti-
APT
157
Solution must be capable of performing multiple
file format analysis which includes but not
limited to the following: LNK, Microsoft objects,
pdf, exe files, compressed files, .chm, .swf, .jpg,
.dll, .sys, .com and .hwp
Request to Change the Clause As :- Solution must
be capable of performing multiple file format
analysis which includes but not limited to the
following: Microsoft objects, pdf, exe files,
compressed files, .chm, .swf, .jpg .dll, com
Different OEM support
different file types and
hence requesting changeRFP Conditions Prevails
1299
Vol 2 | Technical
Requirement | Anti-
APT
157
The proposed solution should support exporting
of analysis results such as C&C server IP and
malicious domain listing and solution should
have capabilities to scan inside password
protected Archive and should have capabilities
to detect Malwares and Spywares on windows
and non-windows platforms.
Request to Change the Clause As :-The proposed
solution should support exporting of analysis results
such as C&C server IP and malicious domain listing
and solution should have capabilities to scan inside
Archive and should have capabilities to detect
Malwares and Spywares on windows and non-
windows platforms.
Specific to OEM RFP Conditions Prevails
1300
Vol 2 | Technical
Requirement | Anti-
APT
157
The proposed solution should have option to
configure unrestricted internet for sandboxes
and proposed solution must have capabilities to
detect Mac, Linux and mobile malwares.
Request to Change the Clause As :-The proposed
solution should have option to configure
unrestricted internet for sandboxes and proposed
solution must have capabilities to detect malwares
& their behaviors .
Specific to OEM RFP Conditions Prevails
1301
Vol 2 | Technical
Requirement | Anti-
APT
157
The Proposed solution should have option to
share Indicators of compromise for mitigation
and clean up with AV endpoint and Web
gateway to block threat at web gateway level
and network level through NIPS. Anti•APT
solution should share intelligence with
endpoint, security web gateway solution, HIPS•
server security & NIPS, similarly endpoint and
security web gateway, NIPS & HIPS(Server
Security) should submit files to AntiAPT solution
for analysis and all three (Anti•APT, Web
Security, Email security, Endpoint, HIPS (server
security) solution should manage through single
management console.
All of these functionalities are part of antivirus
solution hence we request you to remove these
clause as Anti-malware solution focuses more on
zero day and unknown threats.
This would restrict the
participation of renowed
OEM in proposing their
best of breed solution as it
allow only OEM to
participate
RFP conditions prevails
Proposed Anti-APT solution should
share Indicators of compromise for
mitigation based on sandbox
analysis with Endpoint AV, HIPS,
Web security and Email security
solutions to block unknown threat
and should manage through single
management console.
1302
Vol 2 | Technical
Requirement |
Firewall 158
Firewall shall have an Intrusion Prevention
System (IPS) with following featuresWhen IPS is already asked why Firewall has IPS
capabiltiies only added in firewall sectionRFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1303
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
151
Intrusion Prevention System (NIPS) should be
based on purpose-built platform that has Field
Programmable Gate Arrays (FPGAs), On-board
L2 Switch and dual plane architecture for Data
and control plane and NIPS should be
independent standalone solution.
Request for change as FPGA is OEM specific ask, this
would restrict other renowned/leaders in market
from participation.
RFP conditions prevails
FPGA technology is helpful in
boosting overall system
performance, both by performing
tasks at wire speed and by
reducing CPU load to achieve
desired performance
1304
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 151
Must support full redundancy solution (Active-
Passive, Active Active)
Request for the change to Must support full
redundancy solution (Active-Passive/Active Active)
for all deployment options - Passive/ Inline-
set/RoutedRFP conditions Prevails
1305
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 151
The proposed IPS must able to operate in
Asymmetric traffic environment with DV filters
protection
Please share use case; It has dependency on
network design;
Please refer to the corrigendum 6
1306
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
The proposed IPS solution must support
Adaptive Filter Configuration(AFC)
which will alert or disable ineffective filter in
case of noisy filters
Request for the change - The proposed IPS solution
must support Adaptive Filter Configuration(AFC) or
equivalent methods which will alert or disable
ineffective filter in case of noisy filters/signaturesRFP conditions Prevails
1307Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
The proposed IPS must have real 10Gbps
throughput with atleast 60 million concurrent
sessions and 450,000 new connections per
second with <40 ms latency.
Please change the clause to - "The proposed IPS
must have real 10Gbps throughput with atleast 6
million concurrent sessions and 50,000 new
connections per second." As with standard port
offering of 10*8G = 80Gbps is far higher than the
Real world throughput asked; so as the box is
oversized; request you to consider the change.
RFP conditions Prevails
1308
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
The IPS vendor should be in Gartner leader’s
quadrant in latest report. IPS
vendor must be in the recommended products
in the latest NSS report.
Request for the change to - The IPS vendor should
be in Gartner leader’s quadrant in latest report from
last 3 years. IPS vendor must be in the
recommended products in the latest NSS report.RFP conditions Prevails
1309Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
The IPS filter must support network action set
such as Block (drop packet),
Block (TCP Reset), Permit, Trust, Notify,
Trace(Packet Capture), Rate Limit and
Quarantine
Request you to change the clause to - The IPS filter
must support network action set such as Block (drop
packet), Block (TCP Reset), Permit, Trust, Notify,
Trace(Packet Capture), Rate Limit. Quarantine is
feature available in most HIPS solutions, and
product asked is Network IPS, hence request you to
remove quarantine word.
RFP conditions Prevails
1310
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
IPS solution must have vulnerability based filter
which are known for most
effectively for Zero Day Attack Protection and
ZDI technology should be inbuilt.
Request to remove word- ZDI as it is OEM specific
techonology and other renowned OEM in industyr
support equivalent technology with different
terminology. RFP conditions prevails
IPS solution must have
vulnerability based filter which are
known for most effectively for
Zero Day Attack Protection and ZDI
technology/equivalent should be
inbuilt.
1311
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
The proposed IPS must provide bandwidth rate
limit to control the
unwanted/nuisance traffic such as P2P, Online
Game, etc
Request to remove this clause as separate Firewall
is asked in RFP, Firewall are capable of application
based filtering and would be better place to control
application based on bandwidth. RFP conditions Prevails
1312
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 152
The proposed IPS must be able to support GTP
inspection for GPRS/3G mobile networks
Please remove this clause, as it is specific to OEM
Please refer to the corrigendum 6
1313
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 153
The proposed IPS vendor must provide a global
threat intelligence portal that provide real-time
monitoring and statistics of malicious threats
and attacks and NIPS should integrate with
sandboxing to submit unknown files in
sandboxing for simulation and create IOC's on
real time basis as per
sandboxing analysis and revert back to NIPS to
block threats and sandboxing solution should
support customizable Windows 7/8/10 and
Microsoft 2008/12 operating environments for
Sandboxing with at least 60 virtual instances
running in single sandboxing box
Different OEM use different sizing parameter and
hence requesting to remove this clause
RFP conditions Prevails
1314
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 153
The proposed IPS system must support SNMP
and a private MIB that can beutilized from an
Enterprise Management Application such as HP
Open view, MRTG, etc.
Please change the clause to - "The proposed IPS
system must support SNMP and a private MIB that
can be utilized from any SIEM"RFP conditions Prevails
1315
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS) 153
The proposed IPS system must be able to be
managed locally independently without any
centralised management server
Request you to remove this clause; as Centralized
Management Console adds true value to the
architecture where event correlation,
administration, deployment, policy change could be
managed from centralized console removing
network and administrative overhead.
RFP conditions Prevails
1316
Vol 2 | Technical
Requirement |
Network based
Intrusion Prevention
System (NIPS)
154 The management server must support the
archiving and backup of events and export to
NFS, SMB, SCP and SFTP and must allow the
report to be exported into other format such as
PDF, HTML, CSV, XML etc
Request you to consider the change - "The
management server must support the archiving and
backup of events and export to NFS, SMB, SCP/SFTP
and must allow the report to be exported into other
format such as PDF/HTML/CSV/XML etc" as Most
common formats for reports and data backup are
available in the management server.
RFP conditions prevails
The management server must
support the archiving and backup
of events and export to NFS, SMB,
SCP/SFTP and must allow the
report to be exported into other
format such as
PDF/HTML/CSV/XML etc"
1317
Vol 1 - Sec 3.4.3 34 The Sole Bidder or the Lead
Bidder of consortium should
have an average annual
turnover of minimum INR 10
crore with minimum average
turnover of INR 5 crore from
one or more of the “specific
business areas” mentioned
below over the last three
financial years and, in case of a
Consortium, the average
annual turnover for each of
the consortium members over
the last three Financial Years
should be INR 2.5 crore or
more from one or more of the
“specific business areas”
mentioned below:
Development including
mobile app
application integration
capability
System Integration
Please clarify whether projects/turnover for setting
up of wi-fi, LAN and network will be considered
under this clause.
Please refer to the corrigendum 6
1318
Vol 1 - Sec 3.4.3 37 The sole bidder or lead bidder
should have completed at
least two projects in Govt/
Semi Govt/ PSU; in the field of
development and integration
of citizen centric web portal /
mobile app, database
management /data
warehousing/ business
analytics / cloud applications
on the date of release of NIT.
Considering the fact that bids in consortium are
allowed we request the Authority to consider
projects from any of the consortium partner under
this clause. Please clarify Citizen Centric app and
portal created by BSNL for its users/consumers can
be considered under this clause? Please refer to the corrigendum 6
1319
Vol 1 - 3.5.1
Technical Bid
Criteria &
Evaluation
40 The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed &
commissioned project(s) related to
development and integration of citizen centric
web portal / mobile app components or both
having minimum value
of INR 15 crore in India during last five years as
on the date of release of
RFP.
.Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
Considering the fact that bids in consortium are
allowed we request the Authority to consider
projects from any of the consortium partner under
this clause. Please clarify Citizen Centric app and
portal created by BSNL for its users/consumers can
be considered under this clause?
Please refer to the corrigendum 6
1320
Vol 1 - 3.5.1
Technical Bid
Criteria &
Evaluation
41 The Sole Bidder or lead member (in case of
consortium) should have
experience in the field of City centric software
Integration Projects
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Considering the fact that bids in consortium are
allowed we request the Authority to consider
projects from any of the consortium partner under
this clause. Please clarify Citizen Centric app and
portal created by BSNL for its users/consumers can
be considered under this clause?
Please refer to the corrigendum 6
1321
Vol 1 - 3.5.1
Technical Bid
Criteria &
Evaluation
42 The Sole Bidder or lead member (in case of
consortium) should have
experience in developing and implementing IT
software projects in India
with Java /J2EE, Application Servers like JBoss or
similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like
phonegap), User Experience in designing User
Interfaces. At least 2 projects
have been executed (documentary evidence to
be provided as proof of
delivery) with the above mentioned technology
stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Considering the fact that bids in consortium are
allowed we request the Authority to consider
projects from any of the consortium partner under
this clause.
Please refer to the corrigendum 6
1322
Vol 2 - 1.3
Development Phase
8 Security Does the Master System Integrator need to get
Security Audit done by CERT In empanelled agency
at its own cost?
RFP conditions Prevails
1323
Volume-2, Section
5.2 Data Center and
Disaster Recovery,
Subsection : Servers
Page No : 135
• Latest series/ generation of 64 bit x86
processor(s) with Ten
or higher Cores
• Processor speed should be minimum 2.4 GHz
There is no deviation on this but we need clarity,
the specs are for E5-2640V4 CPU which is not the
latest generation now, the replacement CPU is 4114
it will have 10Core but 2.2 Ghz
RFP conditions prevails
Minimum Specifications are given,
bidder may propose higher
configuration as per the SLA
1324 Page-29
The Bidders proposed (OEMs) for the following
solutions must be included in the gartner magic
quadrants (In either leadears or challengers
quadrant) as on the day of submission of bid.
Gartners Reports released in the last 1 year to
be referred and submitted.
1. Wired and Wireless LAN Acess infrastructure
2. Data Centre Networking
3.Enterprise Network Firewalls
4. Intrusion Preventiond Systems
5. Moduler Servers
1. This section mentions that proposed OEMs for
the following solutions must be included in the
Gartners Magic quadrants (In either leaders or
challengers quadrant) as on the day of submission
of bid. Gartner reoprts released in the last 1 year to
be for wired and wireless Lan access
2. Tender asks for edge level switch industrial grade
switch. OEM to be in IDC/Gartner report . This
report is not applicable for industrial switches, but
applicable for industrial switches, but applicable for
commercial ethernet equipment. The applicable
report for industrial switches are ARC/IHS report.
None of the top manufactures of industrial ethernet
equipment do fall in the IDC/Gartner Report.
3. Such specs do not allow the top global industrial
ethhernet companies to participate in this
prestigious tender.
https://www.arcweb.com/ &
https://www.ihsmarkit.com , We request you to
please consider industrial edge level switch OEM
market share by means of ARC/IHS rpeort.
RFP conditions prevails
1325
Vol 1, PQ8 36 The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
Request you to kindly also consider the consortium
member credential since RFP is asking for
consortium and overall bid will depend on the
financial capablity, consortium partner quality and
solution understanding.Please refer to the corrigendum 6
1326
Vol 1, 3.5.1. A 39 CMM level 5 CMM level is asked from any member of consortium
in Pre quelaification. We request to kindly allow in
TQ also from consortium partnerRFP conditions prevails
1327
Vol 1, 3.5.1 B1 39 B1. The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen
Request to kindly also consider the consortium
member credential also since RFP is asking for
consortium and overall bid will depend on the
financial capablity, consortium partner quality and
solution understanding
RFP conditions prevails
1328
Vol 1, 3.5.1. B2 40 The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects
Marks shall be allotted as below:
1. Four Projects: 10 marks
2. Three Projects: 8 marks
3. Two projects: 6 marks
Request to kindly also consider the consortium
member credential since RFP is asking for
consortium and overall bid will depend on the
financial capablity, consortium partner quality and
solution understanding Please refer to the corrigendum 6
1329
Vol 1, 3.5.1. B3 40 Software platform Request to kindly also consider the consortium
member credential since RFP is asking for
consortium and overall bid will depend on the
financial capablity, consortium partner quality and
solution understanding
Please refer to the corrigendum 6
1330
Vol1 , Annexure 7 101 The Parties shall be jointly and severally
responsible and bound towards the Authority
for the performance of the works in accordance
with the terms and conditions of the BID
document or contract
Since different consortium member will have limited
scope and lead bidder is responsiblie for entire
project on behalf of consortium partner we request
following modification:
Lead Bidder shall be jointly and severally
responsible and consortium member for their scope
of work and bound towards the Authority for the
performance of the works in accordance with the
terms and conditions of the BID document or
contract.
RFP conditions prevails
1331
Vol 3 , 5.3 7 The Authority reserves the right to amend any
of the terms and conditions in relation to the
Contract/Service Specifications and may issue
any such directions which are not necessarily
stipulated therein if it deems necessary for the
fulfilment of the Schedule of Requirements.
Request to kindly make any amendment on mutual
discussion basis. The contract and specifcations are
given in rfp and any change to it should be mutually
discussed and agreedRFP conditions prevails
1332
Vol 3 , 9.2 8 The Consortium member has agreed that SI is
the prime point of contact between the
Consortium member and the Authority and it
shall be primarily responsible for the discharge
and administration of all the obligations
contained herein and, the Authority, unless it
deems necessary shall deal only with SI. SI along
with all consortium members shall be jointly and
solely responsible for the project execution
Since different consortium member will have limited
scope and lead bidder is responsiblie for entire
project on behalf of consortium partner we request
following modification:
Lead Bidder shall be jointly and severally
responsible and consortium member for their scope
of work and bound towards the Authority for the
performance of the works in accordance with the
terms and conditions of the BID document or
contract.
RFP conditions prevails
1333
Vol 3 , 9.4 9 9.4. The Authority reserves the right to review,
approve and require amendment of the terms of
the Consortium Contract or any contract or
agreements entered into by and between the
members of such Consortium and no such
agreement/contract shall be executed,
amended, modified and/or terminated without
the prior written consent of the Authority. An
executed copy of each of such
agreements/contracts shall, immediately upon
execution
be submitted by SI to the Authority.
Consortium agreement is given in the rfp. Any
change to it shall be based on mutual discussion and
agreement. For any other agreement signed
between partner should be out of the purview of
authority. Kindly remove the obligation of reviewing
and amending agreement between parties
RFP conditions prevails
1334
Vol 3, 28.3 25 This limitation of liability shall not affect SI
liability, if any, for damage to Third Parties
caused by SI or any person or company acting on
behalf of SI in carrying out the Services
This is open third party liablity. We request to kindly
limit it to the contract value
RFP conditions prevails
1335
Vol 3, 28.3 31 Each Party shall be responsible for its own costs
incurred in the quotation, preparation of CCNs
and in the completion of its obligations
described in this process provided SI meets the
obligations as set in the CCN. In the event SI is
unable to meet the obligations as defined in the
CCN then the cost of getting it done by third
party shall be borne by SI. Change requests and
CCNs shall be reported monthly to each Party's
representative who shall prioritize and review
progress.
Any work done thru third should be capped. We
request to kindly cap it to the quote value
RFP conditions prevails
1336
Vol 3, 42.3 45 Maximum Penalty applicable for any quarter
shall not exceed 30% of the ‘applicable fees’ for
the respective quarter.
Request to kindly cap the penalty at 10 % as is the
standard practice in smart city bids. Higher penalty
will unnecessary increase the bid costRFP conditions prevails
1337
Vol3, 10.13 10 10.13. The Authority reserves the right to review
the terms of the Warranty and Annual
Maintenance agreements entered into between
SI and OEMs and no such agreement/contract
shall be executed, amended, modified and/or
terminated without the prior written consent of
the Authority. An executed copy of each of such
agreements/contracts shall, immediately upon
execution
be submitted by SI to the Authority.
Request to kindly remove the review and
ammendment of the contract from authority
purview as these contracts are dependent on the
NDAs and larger MSAs. Warranty and maintaince
shall be provided as per the RFP
RFP conditions prevails
1338
36.2 Consequence
of
Termination
30 Where the termination of the Contract is prior
to its
stipulated term on account of a Default on the
part of SI or due to the fact that the survival of
SI as an independent corporate entity is
threatened/has ceased, or for any other reason,
whatsoever, the Authority, through unilateral re-
determination of the consideration payable to
SI, shall pay SI for that part of the Services which
have been authorized by the Authority and
satisfactorily performed by SI up to the date of
termination. Without prejudice to any other
rights, the Authority may retain such amounts
from the payment due and payable by the
Authority to SI as may be required to offset any
losses caused to the Authority as a result of any
act/omissions of SI. In case of any loss or
damage due to default on the part of SI in
performing any of its obligations with regard to
executing the Schedule of
Requirements under the contract, SI shall
compensate the Authority for any such loss,
damages or other costs, incurred by the
Authority. Additionally, members of its team
shall perform all its obligations and
responsibilities under the Contract in
an identical manner as were being performed
before the collapse of SI as described above in
MSI shall be party to the discussion with regard to
the payment . This is unilateral in nature . Request
to please change it to mutual
RFP conditions prevails
1339
Vol 1, 1.2 5
The method of selection is L1. The contract will
be awarded to the bidder quoting the lowest
‘Total Price’ post technical qualification. Prices
inclusive of any applicable taxes, levies etc. will
be considered for arriving at L1 price.
This is prestigious bid and time critical and requires
technically strong bidders with proven track record
participate. We request to kindly make it QCBS
selection method with 70:30 Technical : finance
weight. This is in accrodance with all the smart city
RFPs which has been released.
Please refer to the corrigendum 6
1340
Vol 1, PQ 4 35
The Sole Bidder or the Lead Bidder of
consortium, in case of a Consortium, should
have office in Lucknow or should furnish an
undertaking that the same would be established
As the bidder may already have a registered office
in state of U.P, we request to dilute it specifically to
be in city of Lucknow. While project office during
the work implementation can be established , it may
not feasible for bidder to open a registered office
when there is already a registered office in state.
Please modify as follows:
The Sole Bidder or the Lead Bidder of consortium, in
case of a Consortium, should have office in Lucknow
UP or should furnish an undertaking that the same
would be established
RFP conditions prevails
1341
Vol 1, PQ2 35 Annual turn over
Please clarify in case of consortium , lead bidder
should have turn over of 5 cr for speccific business
areas along with 2.5 cr for other consortium
partners. Or each member including lead bidder
should have avg. 2.5 cr.
Please refer to the corrigendum 6
1342
Vol 1, PQ8 36
The sole bidder or lead bidder should have
completed at least two projects in Govt/ Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials if consortium
member credentials can notbe used. We request to
modify as follows keeping in view consortium
requirement for PQ and TQ as per all other smart
city bids to encourgae more bidders to participate:
The sole bidder or lead bidder The bidder( or any
member of consortium) should have completed at
least two projects in Govt/ Semi Govt/ PSU; in the
field of development and integration of citizen
centric web portal / mobile app, database
management /data warehousing/ business analytics
/ cloud applications on the date of release of NIT.
Please refer to the corrigendum 6
1343
Vlo 1, 3.5.1. A 39 Technical Criteria- Annual Turn over
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials. We request to
modify keeping in view consortium requirement for
PQ and TQ as per all other smart city bids to
encourgae more bidders to participate:
Request to dilute to consider turn over from
consortium partner also.
Please refer to the corrigendum 6
1344
Vlo 1, 3.5.1. A 39 CMM level 5
In PQ this certifcate is asked from any member of
consortium. Please change here as well
Please refer to the corrigendum 6
1345
Vlo 1, 3.5.1. B1 39
B1. The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials if consortium
member credentials are not allowed. We request to
modify keeping in view consortium requirement for
PQ and TQ as per all other smart city bids to
encourgae more bidders to participate:
The Sole Bidder or lead member (in case of
consortium) Bidder or any member of consortium
should have been awarded and successfully
executed & commissioned project(s) related to
development and integration of citizen
Please refer to the corrigendum 6
1346
Vlo 1, 3.5.1. B2 40
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects
Marks shall be allotted as below:
1. Four Projects: 10 marks
2. Three Projects: 8 marks
3. Two projects: 6 marks
As consortium is allowed and overall quality of
consortium will depend on the partner consitution.
Most of the PQ and TQ are only asking for
cridentials of lead bidder only which in a way is
minimising the purpose of consortium formation.
There is no difference in sole bidder or lead bidder
for the purpose of credentials. We request to
modify keeping in view consortium requirement for
PQ and TQ as per all other smart city bids to
encourgae more bidders to participate:
The Sole Bidder or lead member (in case of
consortium) Bidder or any member of the
consortium should have experience in the field of
City centric software Integration Projects Marks
shall be allotted as below:
1. Four Three Projects: 10 marks
2. Three Two Projects: 8 marks
3. Two One projects: 6 marks
Please refer to the corrigendum 6
1347
Vol 1, 3.5.1. B3 40 Software platform
The Sole Bidder or lead member (in case of
consortium) Bidder or any of the consortium
member should have experience in developing and
implementing IT software projects in India
Please refer to the corrigendum 6
1348
Vol1 , Annexure 7 101
The Parties shall be jointly and severally
responsible and bound towards the Authority
for the performance of the works in accordance
with the terms and conditions of the BID
document or contract
Bidder request to modify the clause in line with
other smart city (Belgavi, varanasi, Gandhinagar,
Warangal etc.) . A consortium member may have a
very limited scope in the rfp and most of the
reputed companies do not responsiblity of some
thing which is not in their scope:
Lead Bidder shall be jointly and severally
responsible and bound towards the Authority for
the performance of the works in accordance with
the terms and conditions of the BID document or
contract. Consortium members will be responsible
and liable only for their scope of work
RFP conditions prevails
1349
Vol1 , Right to vary Quantity 30
At the time of award of contract, the quantity of
goods, works or services originally specified in
the bidding documents may be
increased/decreased. It of the Bid and the
bidding documents. Please limit the varitation to +-10%
Please refer to the corrigendum 6
1350
Vol1 , 4.4 49
During the comprehensive warranty period, the
successful bidder shall provide all product(s) and
documentation updates, patches/fixes, and
version upgrades within 15 days of their
availability and should carry out installation and
make operational the same at no additional cost
to authority
Bidder understand here the upgrades doesnot mean
hardware upgrade as it is not possible to upgrade
the hardware whenever there is new upgrade
availble. It will be as per specification mention in
RFP. For Software only free availbale updates from
OEM can be provided as there is no way to find the
cost at bidding stgae of any paid upgrades or
updates. Bidder will maintain both hardware and
software during maintaince period. Please confirm
the bidder udnerstanding
RFP conditions prevails
1351 Volume 1, BoQ 88,89
Ceiling Speakers,Audio Processor, Audio
Distribution Amplifier,Audio Extractor,AV Auto
Switcher,
Please provide list of rooms where mentioned AV
equipment are required to installed along with
functional requirements
RFP Conditions prevails
1352 Volume 1 92 Environmental Sensor Please confirm quantity of Environmental Sensors RFP Conditions prevails
1353
Vol 3 , 5.3 7
The Authority reserves the right to amend any
of the terms and conditions in relation to the
Contract/Service Specifications and may issue
any such directions which are not necessarily
stipulated therein if it deems necessary for the
fulfilment of the Schedule of Requirements.
The clause is unilateral in nature.Please modify the
clause keeping in view the changes in other smart
city bid as follows:
The Authority reserves the right to amend any of
the terms and conditions in relation to the
Contract/Service Specifications with mutual
discussion and agreement and may issue any such
directions which are not necessarily stipulated
therein if it deems necessary for the fulfilment of
the Schedule of Requirements.
RFP conditions prevails
1354
Vol 3 , 9.2 8
The Consortium member has agreed that SI is
the prime point of contact between the
Consortium member and the Authority and it
shall be primarily responsible for the discharge
and administration of all the obligations
contained herein and, the Authority, unless it
deems necessary shall deal only with SI. SI along
with all consortium members shall be jointly and
solely responsible for the project execution
Bidder request Modification as follows:
The Consortium member has agreed that SI is the
prime point of contact between the Consortium
member and the Authority and it shall be primarily
responsible for the discharge and administration of
all the obligations contained herein and, the
Authority, unless it deems necessary shall deal only
with SI. SI along with all consortium members shall
be jointly and solely responsible for the project
execution and consortium members will be
responsible and liable for their scope of work
RFP conditions prevails
1355
Vol 3 , 9.4 9
9.4. The Authority reserves the right to review,
approve and require amendment of the terms of
the Consortium Contract or any contract or
agreements entered into by and between the
members of such Consortium and no such
agreement/contract shall be executed,
amended, modified and/or terminated without
the prior written consent of the Authority. An
executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
The clause is unilateral in nature.Please modify the
clause keeping in view the changes in other smart
city bid such as Varanassi, Waranagal, Belgavi etc. as
follows. There is consortium agreement given in the
RFP which will be submitted along with Bid. Any
other agreement between consortium members
should be out of perview of authority as it depneds
on larger strategic alignments between partners.
The Authority reserves the right to review, approve
and require amendment of the terms of the
Consortium Contract or any contract or agreements
entered into by and between the members of such
Consortium and no such agreement/contract shall
be executed, amended, modified and/or terminated
without the prior written consent of the Authority.
An executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
RFP conditions prevails
1356
Vlo 3, clause 15 18
Regardless of anything contained (except for SI's
liability for bodily injury and/ or damage to
tangible and real property for which it is legally
liable and it's liability for patent and copyright
infringement in accordance with the terms of
this Agreement) the total liability of SI, is
restricted to the total value of the contract and
SI is notresponsible for any third party claims.
Bidder Requests Modification-
Regardless of anything contained (except for SI's
liability for bodily injury and/ or damage to tangible
and real property for which it is legally liable and it's
liability for patent and copyright infringement in
accordance with the terms of this Agreement) the
total liability of SI, is restricted to the total Annual
value of the contract and SI is notresponsible for
any third party claims.
RFP conditions prevails
1357
Vol 3, 17.4 20
Where the Authority is of the view that no
further extension of the term be granted to SI,
the Authority shall notify SI of its decision at
least 3 (three) months prior to the expiry of the
Term. Upon receipt of such notice, SI shall
continue to perform all its obligations
hereunder, until such reasonable time beyond
the Term of the Contract within which, the
Authority shall either appoint an alternative
agency/SI orcreate its own infrastructure to
operate such Services as are provided under
thisContract.
There should be a time limit to which term is
extended. Bidder request Modification as follows:
Where the Authority is of the view that no further
extension of the term be granted to SI, the
Authority shall notify SI of its decision at least 3
(three) months prior to the expiry of the Term.
Upon receipt of such notice, SI shall continue to
perform all its obligations hereunder, until such
reasonable time one month beyond the Term of the
Contract within which, the Authority shall either
appoint an alternative agency/SI orcreate its own
infrastructure to operate such Services as are
provided under thisContract.
RFP conditions prevails
1358
Vol 3, 28.3 25
This limitation of liability shall not affect SI
liability, if any, for damage to Third Parties
caused by SI or any person or company acting on
behalf of SI in carrying out the Services
This is uncapped Liablity. As a standard change in
the recent smart city bids like gandhinagar, belgavi
etc. it should be capped. Request modification as
follows:
This limitation of liability shall not affect SI liability,
if any, for damage to Third Parties caused by SI or
any person or company acting on behalf of SI in
carrying out the Services. The total liablity shall be
limited to total contract value.
RFP conditions prevails
1359
Vol 3, 28.3 31
Each Party shall be responsible for its own costs
incurred in the quotation, preparation of CCNs
and in the completion of its obligations
described in this process provided SI meets the
obligations as set in the CCN. In the event SI is
unable to meet the obligations as defined in the
CCN then the cost of getting it done by third
party shall be borne by SI. Change requests and
CCNs shall be reported monthly to each Party's
representative who shall prioritize and review
progress.
This is uncapped risk purchase. Cost of work being
done by thrid party should be maximum of the item
rate submitted with bid. Wwe request following
modifications:
Each Party shall be responsible for its own costs
incurred in the quotation, preparation of CCNs and
in the completion of its obligations described in this
process provided SI meets the obligations as set in
the CCN. In the event SI is unable to meet the
obligations as defined in the CCN then the cost of
getting it done by third party shall be borne by SI.
Such cost will not exceed the item rate
submitted.Change requests and CCNs shall be
reported monthly to each Party's representative
who shall prioritize and review progress.
RFP conditions prevails
1360
Vol 3, 42.3 45
Maximum Penalty applicable for any quarter
shall not exceed 30% of the ‘applicable fees’ for
the respective quarter.
Bidder request clarification that the maximum
capping of L.D for the entire duration of project is
capped at 10% of the total contract value as
mentioned in the clause 27.5 of vol 3 " The
deduction shall not in any case exceed 10 % of the
contract value.". Please confirm
RFP conditions prevails
1361
Vol 3, 42.3 45
Maximum Penalty applicable for any quarter
shall not exceed 30% of the ‘applicable fees’ for
the respective quarter.
As is normal practice in industry and in all the smart
city RFPs, we request follwing modification:
Maximum Penalty applicable for any quarter shall
not exceed 30% 10% of the ‘applicable fees’ for the
respective quarter.
RFP conditions prevails
1362 Volume 2 6
The estimate prepared shall be as per the
prevailing Schedule of Rates and for items not
available in the SOR, Data Rate shall be worked
out. The Client/Authority shall accord approval
for the same prior to commencement of
work),LAN Networking.
Please confirm the basis of defining prevailing
schedule of RatesRFP conditions prevails
1363 Volume 2 11Redundancy has to be considered at the
core/data centre components level.
Please confirm level of redundancy needs to be
considered for Applications and core/data centre
components
RFP conditions prevails
1364
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The advance secuirty solution should provide proxy,
caching, content filtering, SSL inspection, protocol
filtering, inline AV and content inspection ( 1000+
predifined pattern) in block mode on the same
Appliance. The solution should have at least 20+
million websites in its URL filtering database and'
should have pre-defined URL categories and
application protocols along with YouTube, Facebook
and linked-in controls. Solution vendor should
ensure that 100 predefined categories & 100+ pre-
defined protocols.
The web channel became significantly more
malicious, both as an attack vector and as the
primary support element of other attack trajectories
(e.g., social, mobile, email). there is nearly 6-fold
increase in malicious sites overall. Moreover, 85
percent of these sites were found on legitimate web
hosts that had been compromised. It is suggested to
have Inline, real-time information security to
prevent web-borne threats.
RFP conditions prevails
1365
1.4 Finalization and
submission of a
detailed technical
architecture
11
Security - The architecture must adopt an end-to-
end security model that protects data and the
infrastructure from malicious attacks, theft,
natural disasters etc
The data secuirty solution should inspect the
sensitive content through 1500 pre-defined
templates, textual content inside
image,commulative content control and inspection
through web and email channel. The data end point
solution should inspect data leaks over HTTP ,
HTTPs and SMTP. The solution should be able to
block outbound emails sent via SMTP if its violates
the policy. Endpoint solution should support win 32
and 64 bit OS, Mac & Linux OS,Support wide variety
of platforms. The solution should be able to enforce
policies to detect data leaks even on image files
through OCR technology and should enforce policies
to detect low and slow data leaks
AS per Section 43A of the IT Act requires that
anycorporate which possesses, deals or handles
‘sensitive personal data or information’ through a
computer resource owned, operated or controlled
by it, maintain and implement ‘reasonable security
practices and procedures’ to protect such
information. If a body corporate is negligent in
maintaining and implementing such reasonable
security practices and procedures and thereby
causes any wrongful loss or wrongful gain, it will be
liable to pay damages by way of compensation to
the person so affected. It is suggested to have Data
Security soltion which can operate alone in the
RFP conditions prevails
1366 Volume 2 13 GIS IntegrationPlease confirm required licenses for GIS Integration
will be provided by LSCLPlease refer to the corrigendum 6
1367
RFP_ Vol _2 ( 1.5
Other expectations
from MSI)
14
10. MSI shall provide the bandwidth required for
operationalizing each smart city initiative. The
bandwidth requirement shall be analyzed and
procured by the MSI at its own cost / risk.
MSI shall install and commission connectivity
across all designated locations if any required.
It shall be really difficult task to analyze and
calculate the required bandwidth sizing at this point
of time. Generally this all depends what all the KPI
and reports we mutually decide to generate during
SRS/ FRS stage from the existing and future coming
services.
Request you to ask the bandwidth cost against the
Multiple slabs as in Rate contract and same cost can
be factored for final billing to MSI as per need.
Please refer to the corrigendum 6
1368 Volume 2 20
Digital Display Unit - Shall receive information
from the central application System and operate
accordingly
Please confirm whether Digital Display unit is an
integral part of Environmental sensor or it has be
provided as a separate unit, if yes, please provide
specifications
RFP Conditions Prevails
1369 Volume 2 21 CO2 : 0 to 10% / 0 to 20%If it goes beyond 5% it will be lethal. Hence request
you to change it to 05% (5000ppm)RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1370 Volume 2 22 Real-time in Air Humidity Level DisplayOn Command Centre or VMD for which feed wil be
provided from Command CentreRFP Conditions Prevails
1371 Volume 2 21 General
Request you to add following features
- Calculate and display AQI (National Air Quality
Index)
- Show the AQI values with its colour schema as per
Indian guidelines
- Provide Alerts if AQI values cross th threshold
limits
RFP conditions prevails
1372 Volume 2 31 Web Portal & Mobile APPPlease confirm no. of concurrent user for Mobile
ApplicationRFP conditions prevails
1373
RFP_ Vol _2 ( 2.3.1
General
Requirements:)
31
Please share the no of Internal and External
Concurrent users to be factored for Web Services
server Sizing
RFP conditions prevails
1374 General
Functional Requirements of each integration Points
interprets as if all the daily operations activities (
SWM, Parking, ITMS, Surveillance etc. ) shall be
100% monitored , tracked and controlled from
Command and Control Platform.
Ideally Platform is only required to publish
dashboards of each service showing KPI, Status of
devices, Grievance no's related service and
triggering SOPs based on severity of alert and
notifications. Data for each service is processed and
some intelligent inputs , Business inputs and as if
analysis shall be notified based the on going
situation for Higher officers. future applications/
Services should be monitored and maintained by
respective vendor implementing the service and
Same vendor should be responsible for respective
SLA compliance. He should be bound to and
mandate to share the API/ and expose the data in
agreed format for command and control application
operations The way expectations are written shall
results in more operator for each service
monitoring. Please confirm and modify the language
accordingly
RFP conditions prevails
1375 Volume 2 40 Edge ComputingPlease confirm whether Edge Computing devices are
required to be considered as part of the scopeRFP conditions prevails
1376
vol-2 : Scope of Work 29
MSI should be able to provide Unified view for
each Departments:
or feed from Future Integration
Bidder understanding is data feed for these
applications will be available to SI at ICCC and
bidder has to do integration. To get the view of all
these departments, network connectivity between
these departments and the ICCC are required. We
understand LSCL would provide the same as bidder
is not implementing agency for these soltuions and
is not part of this RFP. Pls confirm
RFP conditions prevails
1377
vol-2 - 2.3 Centralized Command & Control Centre30
MSI should setup a dedicated helpdesk to
support the field infrastructure laid out as part
of the RFP.
how many resources should be planned? Will it be
24*7 on shift basis? Hope LSCL would be pay for the
telephone bills on actuals?
RFP conditions prevailsICCC will be functional on
24*7*365 basis
1378
vol-2 - 2.3.1 General Requirements:59
ICCC solutions should have a SMS gateway for
sending messages to citizens.
do we need have the captive SMS gateway at the
ICCC? Pls clarify
RFP is Self explanatory
1379 Volume 2 65
"The DCMS shall be able to display a minimum
of twenty (20) independent visual sources
simultaneously on all boardroom or auxiliary
display device. The sources shall be of 4CIF
resolution"
Please specify list of Meeting Room, Board Rooms,
Large Meeting Rooms, where in output of Video
Wall Controller is required to be displayed and
confirm they are in same building
RFP conditions prevails
1380 Volume 2 65The DCMS shall be able to accept a minimum
input of four (4) CATV videosources
Please confirm whether these CATV inputs are LAN
inputs or signal to be routed via
transmitter/receivers.
RFP conditions prevails
1381 Volume 2, 2.4 68
Site prepration for command and control center
The requirement given in this section is purely DC
requirment and CCC requirment is not cleared like:
Access Control : Do we need Biometric for DC only
or for Command Control Center as well.
Fire Suppression : we require gas based Suppression
system for DC or CCC.It is not recommended to
install gas based suppression system in CCC.
Please refer to the corrigendum 6
1382
RFP Vol-2,2.4.11
CCTV system
72
Storage
The technical specifications for CCTV Video storage
has not been mentioned in the tender, thus, please
help to clarify how storage to be
calculated(resolution, no of days, FPS) of the IP
CCTV Camera for control Room.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1383
vol-2: 3.1 E Governance: 73
Authority has decided to integrate the below
portal/services to the Lucknow
Command & Control Centre.
Web Portal:
1. Integrated Grievance Redressal System
2. Public Grievance Redressal System
3. e-District (Municipal Services)
4. others city levels initiatives
Bidder understands LSCL would provide the network
connectivity required for the integration to ICCC,
since these applications implementation is not part
of the scope of this RFP. Pls confirm
RFP is Self explanatory
1384vol-2: 3.2 ICT
Enabled Solid Waste
Management: 74
Solid Waste Management will be required to be
integrated with
Lucknow Command & Control Center to receive
real-time feeds of the of waste collection
vehicles, status of sensor based bins
Bidder understands LSCL would provide the network
connectivity required for the integration of Solid
waste management to ICCC, since solid waste
implementation is not part of the scope of this RFP.
Pls confirm
RFP is Self explanatory
1385
vol-2 : 3.3 Smart Parking: 75
The Name of the these pilot underground
parking locations
are Jhande Park-Lalbagh, Dayanidhaan Park-
Lalbagh & Jhandewala Park-Aminabad. Also,
MSI has to ensure integration of all the parking
locations at control & command centre as &
when implementations of the parking locations
will be completed.
Bidder understands LSCL would provide the network
connectivity required for the integration of Parking
to ICCC, since Smart parking implementation is not
part of the scope of this RFP. Pls confirm
RFP is Self explanatory
1386
vol-2: 3.4 Energy
Efficient Street
Lighting Solutions: 77
MSI on-boarded under this RFP will be
responsible for
coordination with the implementing agency and
further integration of implemented smart
lighting solution in the city to Lucknow Control
and Command Centre, also will implement the
SoP to fulfil the use case
Bidder understands LSCL would provide the network
connectivity required for the integration of Smart
lightning to ICCC, since smart lightning
implementation is not part of the scope of this RFP.
Pls confirm
RFP is Self explanatory
1387vol-2:3.5 Intelligent
Traffic Management
System 78
The Master System Integrator who will be
selected under the scope of work of this RFP has
to integrate the Integrated Traffic Management
Systems to Lucknow Control and Command
Centre and also will implement the SoP to fulfil
the use cases.
Hope LSCL would provide the network connectivity
required for the integration of Integrated traffic
management to ICCC, since deploying of Integrated
traffic management is not part of the scope of this
RFP. Pls clarify.
RFP is Self explanatory
1388 vol-2:3.5 Intelligent
Traffic Management
System 78
The Master System Integrator who will be
selected under the scope of work of this
RFP has to integrate the Integrated Traffic
Management Systems to Lucknow Control and
Command Centre
Hope LSCL would provide the network connectivity
required for the integration of Integrated traffic
management to ICCC, since deploying of Integrated
traffic management is not part of the scope of this
RFP. Pls clarify.
RFP is Self explanatory
1389
vol-2:3.7 City
Surveillance 79
There are total 280 cameras functioning at 70
locations under the project the
locations will be provided to the successful
bidder for integrating the feed into LCCC
hope LSCL would provide the network connectivity
for integrating the feed into LCCC? If not locations
needs to be shared before bid. Pls clarify
RFP is Self explanatory
1390
vol-2:3.8 UP Dial
100 81
Dial 100 System for the Lucknow city will be
required to be
integrated with Lucknow Command & Control
Center by the selected Master System
Integrator to receive real-time feeds on
emergency response management system of
police
department. T
Hope LSCL would provide the network connectivity
required for the integration of Dial 100 to ICCC,
since deploying of Dial 100 is not part of the scope
of this RFP. Pls clarify.
RFP is Self explanatory
1391 vol-2: 3.9
Integration of
SCADA Systems 81
Integration of SCADA Systems (Water Supply,
Sewerage Pumping Station etc.) (For future
integration
Hope LSCL would provide the network connectivity
required for the integration of SCADA to ICCC, since
deploying of Integrated SCADA is not part of the
scope of this RFP. Pls clarify.
RFP is Self explanatory
1392
vol-2: 3.1 Unified
Smart Mobility Card: 82
these PoS machine is deployed at all the 8 zonal
offices of the Lucknow Municipal
Corporation.
Do we need to provide network connectivity from
ICCC to all the 8 zonal offices of lucknow municipal
corp? pls clarify? We understand this connectivity is
out of scope of bidder and date will be availble at
ICCC for integration
RFP is Self explanatory
1393vol-2:3.2 Biometric
Attendance System
of Sanitary Workers 84
The Master System Integrator who will be
selected under the scope of work of this RFP has
to integrate the Biometric Attendance
Management System of Sanitary Workers to
Lucknow Control and Command Centre
Hope LSCL would provide the network connectivity
required for the integration of Biometric
attendance management system to ICCC, since
deploying of the same is not part of the scope of
this RFP. Pls clarify.
RFP is Self explanatory
1394
vol-2:4.1
Geographical
Information System
(GIS) & GIS City
Portal 84
decided by the authority that the existing data
of the GIS application will be hosted in the State
Data Centre Lucknow. Later MSI is expected to
migrate the GIS data to centralized data centre
of LSCL which is located in State Data Centre
is the State Data Centre Lucknow and centralized
data centre of LSCL same? This is bit confusing as it
is mentioning centralized data center is in state data
center and migration has to happen from state date
center.pls calrify
Please refer to the corrigendum 6
1395
RFP_ Vol _2 ( 4
Integrate, View &
Operate)
844.1 Geographical Information System (GIS) & GIS
City Portal
Then complete requirement of GIS city portal from
page no 84 to 105 should be deleted.
We understand GIS base maps are available with
authority and shall be provided for utilization with
command and control application.
Each SI for parking, SWM, Surveillance etc. should
be mandated to use the same Map for plotting the
Sensors in different vector layer.
MSI cant do the survey and do the plotting of
sensors for other services which will come in
future.. it is very unusual requirement.
Please refer to the corrigendum 6
1396 85
3D Data of city
This requirement at his point of time is not
required, Command and control application don’t
need the 3D mapping for its operations at all.
All this is required by City planners for
encroachment detection and other purposes, GIS
city application platform can be asked by respective
agency in separate rfp.
Request you to completely delete the requirement
Please refer to the corrigendum 6
1397 85
iv. The component mapping should be multi
layered keeping in vision the requirements for
next 20 years.
RFP conditions prevails Query Not Clear
1398 General
This complete GIS city portal requirement is
complete duplication of Command and control
application, functional requirement and detailed
specification ask for alerts and notifications all to be
raised on GIS portal also for actionable along with
SOP and all.
In our opinion its completely influenced by Arc GIS
vendor, not required at all with CCC application. It
will be completely only executed by GIS vendor no
in capacity of MSI also will multiply the project cost
2 X
Authority also need to have more operator in each
shift for handling the GIS portal modules.
Please refer to the corrigendum 6
1399 86
viii. All government buildings and spaces should
be geo tagged for the City of Lucknow.
ix. GIS data modal integrated should support
domains, subtype, spatial rules and
relationship, joins and spatial references etc.
x. GIS catalog should be used to manage and
maintain the GIS data modal. It must
support database administration for user
creation and management for GIS
database
xi. There must be grievance reporting
functionality that is associated with ward. This
interface must allow citizens to enter the
description and detail about the grievance that
can be submitted to respective city authority.
Command and control application completely works
with coordinated and latlong details, field team and
emergency team can be easily guided and sent to
respective location for actionable with base map
itself
RFP conditions prevails
1400
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
GIS Application
Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 64 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose latest Intel Xeon processor? Please refer to the corrigendum 6
1401
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart City:
GIS Application
Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 64 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose 1TB HDD as SATA disk? Please refer to the corrigendum 6
1402
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart
City:Database Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 256 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose latest Intel Xeon processor? Please refer to the corrigendum 6
1403
Volume-2
Proposed
Technology under
GIS initiative by
Lucknow Smart
City:Database Server
87
(2U Rack Server with dual Intel Xeon E52637 v4
processor, 256 GB RAM, 2*1 TB HDD, Windows
Server
2012 std. Dual Port Fiber HBA.
Can bidder propose 1TB HDD as SATA disk?Please refer to the corrigendum 6
1404 SAN Storage 87
Dual Controller, Fiber Channel based storage
with
16TB(8*2TB HDD), Scalability to 24 drives within
the
same enclosure
Can bidder quote NLSAS/SATA disks of 2TB
capacity?Please refer to the corrigendum 6
1405Volume-2
SAN Storage87
Dual Controller, Fiber Channel based storage
with
16TB(8*2TB HDD), Scalability to 24 drives within
the
same enclosure
How many storage front end FC ports bidder need
to quote?
What is minimum size of Internal storage cache
bidder need to quote?
Please refer to the corrigendum 6
1406Volume-2
SAN Switch87
What is the minimum specification bidder needs to
quote?Please refer to the corrigendum 6
1407 vol-2: 5.2 Data
Center and Disaster
Recovery: 114
The authority has decided to host the
application and the data of the Integrated
Command & Control Centre to the UP State Data
Centre (SDC) situated in Lucknow. will the SDC act as DC? Pls clarify
RFP is Self explanatory
1408vol-2: 5.2 Data
Center and Disaster
Recovery: 114 Racks to be caged
Since We need to install the rack in the SDC and
DCO is managing UPSDC ,So Caging of the Rack will
be provided by the DCO in SDC or we need to
consider the same .
RFP conditions prevails
1409 Volume 2 114
The authority has decided to host the
application and the data of the Integrated
Command & Control Centre to the UP State Data
Centre (SDC) situated in Lucknow.
Since it has been decided to host Data Centre in UP
State Data Centre, therefore would like to know
whether we need to consider cyber security
components like DDoS, DLP,SIEM, HIPS, NIPS etc.
RFP is Self explanatory
1410
Volume 2: Scope of
Work 114
2. The MSI shall prepare the overall network
connectivity plan for this project. The plan
shall comprise of connectivity of field
equipment at the junctions to be connected
over
network.
1) As per overall network connectivity plan, Do
bidder needs to consider all field switches and
routers as per field connectivity with CCC and DC
2) If Yes, Please share the minimum field Switch and
router specification i.e. number of ports, uplink etc.
3) Copper or fiber connectivity. SFP SM or MM
mode
RFP conditions prevails
1411 Volume 2 115
The Disaster Recovery Centre (DRC) will be the
cloud platform developed by the National
Informatics Centre
Please confirm whether bidder is required to
consider cost for hosting DR at cloud as there is no
line item in BoQ for Cloud
RFP Conditions Prevails
1412 Volume 2 121
The SI shall design the DC and DR solution with
the necessary load balancing, replication and
recovery solution that provide zero RPO
(Recovery Point Objective) and RTO (Recovery
Time Objective) of 10 minutes.
Considering the requirement of DR in different
siesmic zone, providing zero Recovery Point
Objective is practically not possible. Request to
provide feasible value
RFP conditions prevails
1413 Volume-2 121 Disaster Recovery (DR) SiteSince DR will be in NIC cloud, bidder understood DC -
DR replication will be only host based replication.RFP conditions prevails
1414 Volume 2: Scope of
Work 132
WAN / Internet Router Interface modules: Must
support up to 10G interfaces as per the design.
Must have capability to connect with variety of
interfaces.
1) Please add minimum ports requirement for sizing
2) Type of ports copper or fiber etc.
RFP conditions prevails
1415 Volume 2: Scope of
Work 139 Server Load balancer
minimum transection per second ( TPS ) and session
per second requirement for load balancerRFP conditions prevails
1416 Volume 2: Scope of
Work 141 Link Load Balancer
minimum transection per second ( TPS ) and session
per second requirement for load balancerRFP conditions prevails
1417 Firewall 159
Firewall shall have following user authentication
capabilities: • XAUTH VPN, Web based, 802.X
authentication
Firewall shall have following user authentication
capabilities: • XAUTH VPN, Web based/802.X
authentication
The 802.X authentication is for wireless or port
based authentication on Switch. This authentication
is not related to Firewall and spcific to an OEM.
Please ammend the clause accordingly.
RFP conditions prevails
1418
Volume 2, clause 11 184
Due payments shall be made promptly by the
Authority, generally within Sixty (60) days after
submission of an invoice or request for payment
by MSI
60 days is very credit period which increases the bid
cost as well on account of cost of finance. Please
modify it as follows considering other smart city
RFPs:
Due payments shall be made promptly by the
Authority, generally within Sixty (60) Fifty (15)days
after submission of an invoice or request for
payment by MSI
RFP conditions prevails
1419 Volume 2 226To connect to minimum 16 Displays through
HDMI
As we understand that Video Wall Controller to be
connected to 2 x 2 Video Wall but in tender specs it
has been asked for 16 HDMI outputs. Please
provide list of display locations where remaining 12
HDMI outputs of Video Wall Controller to be
terminated
RFP conditions prevails
1420 Volume 2 233 Projector
Projector specs are given but its not part of BoQ.
Also specify whether projector(s) to be used as
portable or its need to supplied with supporting
accessories such as Projector Screen, Mounting and
Cables.
RFP conditions prevails
1421
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
239
1.IP Camera should be a high-definition, full-
functioned video endpoint with industry-leading
image quality and processing power. The
camera is capable of resolutions up to 1920 x
1080 at 30 frames per second (fps) while
optimizing network usage with either H.264 or
MJPEG compression.
Please help us to know the type of camera required
for control room, i.e. Dome Camera or Bullet
Camera.
RFP conditions prevails
Bidder should meet the functional
requirements mentioned in the
RFP
1422
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
240
25.Certifications Safety-UL60950-1 second
edition CSA22.2-No.60950-1 IEC/EN60950-1
second edition IEC/EN60825
IEC/EN60825 is only applicable for Safety of laser
products, while the requirement in the tender is not
of laser, thus request you to delete this requirement
RFP conditions prevails
1423
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241
27.OEM Criteria-All proposed Cameras should
be from Single OEM and OEM should have
Registration in India min from 10 Years
We request you to kindly remove this caluse basis
the following. 1) in case if any one of the camera
specification is not complied by OEM, their other
complied camera will also not be quoted by SI as
well this will lead Monopoly for OEM who's all
camera comply in this tender, they will charge high
price and take advantage of this condition. 2). Many
world class OEM's have come to India for business
few years back, we request you to reduce this 10
years period to 5 or 7 years so that world's best
OEM's who have come India for business can
participate in this tender and provide best quality
equipment at very competative prices.
RFP conditions prevails
1424
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241
Video management software
For Video management software the requirement is
of server based or NVR based system.
RFP Conditions prevails
1425
Volume 2
13 Annexure 2
(Control &
Command Centre)
19. IP CCTV camera
for Control Room
241
General
Is there any requirement of internal IR illuminator
to have a better view during low light
condition?please share the range of internal IR
illuminator required?
RFP conditions prevails
1426 Volume 2 General
Please confirm whether bidder has to provide Call
Centre Solution for Integrated Command & Control
Centre
RFP conditions prevails
1427 Volume 2 GeneralPlease share the specification of the HVAC system
we need to consider. RFP conditions prevails
1428 Volume 2 General
Please share the specification of the Security Sysetm
Like Rodent ,Access and WLDS ,FDS and FFS we need
to consider.
Please refer to the corrigendum 6
1429 Volume 2 General
Please specify the number of person/workstations
we need to consider for design command control
center ,also specify any other areas like manager
cabins etc if required. Also please let us know the
Area requirments.
Please refer to the corrigendum 6
1430
Vol 1, 2.18 - Late
Bids 26
Authority reserves the right to modify and
amend any of the above-stipulated
condition/criterion.
We request modification:
Authority reserves the right to modify and amend
any of the above-stipulated condition/criterion
before submission date of the bid.
RFP conditions prevails
1431
Vol 1, 2.21
Acceptance/Rejectio
n of Bids
22
In the event of any assumptions, presumptions,
key points of discussion, recommendation or
any points of similar nature submitted along
with the Bid, Authority reserves the right to
reject the Bid and forfeit the EMD.
We request modification:
In the event of any assumptions, presumptions, key
points of discussion, recommendation or any points
of similar nature submitted along with the Bid,
Authority reserves the right to reject the Bid and
forfeit the EMD.
RFP conditions prevails
1432
3.5.1 Technical Bid
Criteria &
Evaluation
44
1.Work order/ Contract clearly
Highlighting the scope of work, Bill of Material
and value of the contract/order.
Since most of the work orders specially govt.
customer there are NDAs applicable . Hence sharing
work orders is not possible. We request to please
accept customer certificate or CA certifcaate from
bidder for project exprience.
Work order/ Contract clearly Highlighting the scope
of work, Bill of Material and value of the
contract/order.
RFP conditions prevails
1433
Vol1, 4.3
Performance Bank
Guarantee (PBG)
48
Within fifteen (15) working days from the date
of issuance of LOI, the successful Bidder shall at
his own expense submit unconditional and
irrevocable Performance Bank Guarantee (PBG)
to the Authority. The PBG shall be from a
Nationalized Bank or a Scheduled Commercial
Bank in the format prescribed in Section 9 -
Annexure 5 (a), payable on demand, for the due
performance and fulfilment of the contract by
the bidder.
This Performance Bank Guarantee shall be for
an amount equivalent to 10% of total contract
value. PBG shall be invoked by Authority, in the
event the Bidder:
a. fails to meet the overall penalty condition as
mentioned in RFP Volume II or any changes
agreed between the parties,
b. fails to perform the responsibilities and
obligations as set out in the RFP to the complete
satisfaction of Authority,
c. Misrepresents facts/information submitted to
Authority
The performance bank guarantee shall be valid
till satisfactory completion of Post
Implementation Support. The performance bank
guarantee may be discharged/returned by
Authority upon being satisfied that there has
been due performance of the obligations of the
Request modification:
Within thirthy fifteen (15) working days from the
date of signing of mutually agreed contract
issuance of LOI, the successful Bidder shall at his
own expense submit unconditional and irrevocable
Performance Bank Guarantee (PBG) to the
Authority. The PBG shall be from a Nationalized
Bank or a Scheduled Commercial Bank in the format
prescribed in Section 9 - Annexure 5 (a), payable on
demand, for the due performance and fulfilment of
the contract by the bidder.
This Performance Bank Guarantee shall be for an
amount equivalent to 10% of total contract value.
PBG shall be invoked by Authority, in the event the
Bidder:
a. fails to meet the overall penalty condition as
mentioned in RFP Volume II or any changes agreed
between the parties,
b. fails to perform the responsibilities and
obligations as set out in the RFP as per the terms of
the RFP to the complete satisfaction of Authority,
c. Misrepresents facts/information submitted to
Authority
The performance bank guarantee shall be valid till
[date to be filled ]. satisfactory completion of Post
Implementation Support. The performance bank
guarantee may be discharged/returned by Authority
RFP conditions prevails
1434
vol1 ,4.4 Warranty
& Maintenance 54
If the successful bidder, having been notified,
fails to remedy the defect(s) within the period
specified in the contract, Authority may proceed
to take such reasonable remedial action as may
be necessary, at the successful bidder’s risk and
expense and without prejudice to any other
rights, which Authority may have against the
bidder under the contract.
During the comprehensive warranty period, the
successful bidder shall provide all product(s) and
documentation updates, patches/fixes, and
version upgrades within 15 days of their
availability and should carry out installation and
make operational the same at no additional cost
to Authority.
The successful bidder hereby warrants Authority
that:
We request modification:
If the successful bidder, having been notified, fails
to remedy the defect(s) within 30 days the period
specified in the contract, Authority may proceed to
take such reasonable remedial action as may be
necessary, at the successful bidder’s risk and
expense after providing a cure period of 30 days to
the bidder. Any such expenses under this section
shall not exceed 3% of the value of services under
defect and which remains unrepaired for 30 days of
cure period. and without prejudice to any other
rights, which Authority may have against the bidder
under the contract.
During the comprehensive warranty period, the
successful bidder shall provide all product(s) and
documentation updates, patches/fixes, and version
upgrades within 15 days of their availability and
should carry out installation and make operational
the same at no additional cost to Authority.
The successful bidder hereby covenants warrants
Authority that:
……
RFP conditions prevails
1435
10 Annexure 6 –
Non-Disclosure
Agreement
102
d. To treat Confidential Information as
confidential unless and until Authority expressly
notifies the Bidder of release of its obligations in
relation to the said Confidential Information.
The confidentiality obligation shall be for three
years from the date of termination / expiry of the
contract.
The Confidential Information shall be documented
before its disclosure. The term of this NDA shall be
the duration of the Master Service Agreement.
RFP conditions prevails
1436
Vol3, A. General
Conditions of
Contract (GCC)
1. Definition of
Terms
4
1.2. “Applicable Law(s)” Any statute, law,
ordinance, notification, rule, regulation,
judgment, order, decree, bye-law, approval,
directive, guideline, policy, requirement or other
governmental restriction or any similar form of
decision applicable to the relevant party and as
may be in effect on the date of the execution of
this Agreement and during the subsistence
thereof, applicable to the Project.
We request modification:
. “Applicable Law(s)” Any statute, law, ordinance,
notification, rule, regulation, judgment, order,
decree, bye-law, approval, directive, guideline,
policy, requirement or other governmental
restriction or any similar form of decision applicable
to the relevant party and as may be in effect on the
date of the execution of this Agreement and during
the subsistence of this contract thereof, applicable
to the Project.
For consortium members, other than lead bidder,
shall be comply with the laws as applicable on their
scope of services.
RFP conditions prevails
1437
2. Interpretation 6
c. the word “include” or “including” shall be
deemed to be followed by “without limitation”
or “but not limited to” whether or not they are
followed by such phrases;
We request modification:
c. the word “include” or “including” shall be
deemed to be followed by “without limitation” or
“but not limited to” whether or not they are
followed by such phrases;
RFP conditions prevails
1438
Vol3 ,4. Scope of work
Authority has engaged SI to provide services
related to implementation of Lucknow Smart
City solutions using which the Authority intends
to perform its business operations. SI is required
to provide such goods, services and support as
the Authority may deem proper and necessary,
during the term of this Contract, and includes all
such processes and activities which are
consistent with the proposals set forth in the
Bid, the Tender and this Contract and are
deemed necessary by the Authority, in order to
meet its business requirements (hereinafter
‘scope of work’).
We request modification:
Authority has engaged SI to provide services related
to implementation of Lucknow Smart City solutions
using which the Authority intends to perform its
business operations. SI is required to provide such
goods, services and support as mentioned under
the contract, the Authority may deem proper and
necessary, during the term of this Contract, and
includes all such processes and activities which are
consistent proposed with under the proposals and
as set forth in the Bid, the Tender and this Contract
and are deemed necessary by the Authority, in
order to meet its business requirements
(hereinafter ‘scope of work’).
RFP conditions prevails
1439
Vol3, 10.13
10
10.13. The Authority reserves the right to review
the terms of the Warranty and Annual
Maintenance agreements entered into between
SI and OEMs and no such agreement/contract
shall be executed, amended, modified and/or
terminated without the prior written consent of
the Authority. An executed copy of each of such
agreements/contracts shall, immediately upon
execution be submitted by SI to the Authority.
Bidder requests deletion of the clause.
The Authority is not a signatory to these documents
and therefore, has no privity to these Agreements.
Also, such agreements are signed by Wipro not for a
specific project but at an organizational/alliance
level.
RFP conditions prevails
1440
vol3, 15. Indemnity
18
15.1. SI shall indemnify the Authority from and
against any costs, loss, damages, expense, claims
including those from third parties or liabilities of
any kind howsoever suffered, arising or incurred
inter alia during and after the Contract period
out of:
a. any negligence or wrongful act or omission by
SI or any third party associated with SI in
connection with or incidental to this Contract; or
b. any breach of any of the terms of SI’s did as
agreed, the RFP and this Contract
by SI
c. any infringement of patent,
trademark/copyright or industrial design rights
arising from the use of the supplied goods and
related services or any part
thereof
15.2. SI shall also indemnify the Authority
against any privilege, claim or assertion made by
a third party with respect to right or interest in,
ownership, mortgage or disposal of any asset,
property etc.
15.3. Regardless of anything contained (except
for SI's liability for bodily injury and/ or damage
to tangible and real property for which it is
legally liable and it's liability for patent and
copyright infringement in accordance with the
terms of this Agreement) the total liability of SI,
Bidder requests modification: -
1. SI shall indemnify the Authority from and against
any costs, loss, damages, reasonable expense,
claims including those from third parties or
liabilities of any kind howsoever suffered, arising or
incurred inter alia during and after Contract period
out of:
any gross negligence or wrongful act or wilful
omission by SI or any third party associated with SI
in connection with or incidental to this Contract; or
a. any infringement of patent, trademark/copyright
or industrial design rights arising from the use of the
supplied goods and related services or any part
thereof
Regardless of anything contained (except for MSI's
liability for bodily injury arising out of gross
negligence or wilful misconduct for which it is
legally liable and it's liability for patent and
copyright infringement in accordance with the
terms of this Agreement) the total liability of SI, is
restricted to the fees (excluding reimbursements)
received by it under this Agreement during the
three months preceding the date of first claim. total
value of the contract and SI is not responsible for
any third party claims.
RFP conditions prevails
1441
Vol III - 22.2 21
We request for deletion of following
Any failure or lapse on the part of SI in
performing any obligation as is reasonably
necessary and proper, to negate the damage
due to projected force majeure events or to
mitigate the damage that may be caused due to
the above mentioned events or the failure to
provide adequate disaster
management/recovery or any failure in setting
up a contingency mechanism would not
constitute force majeure, as set out above.
We request for deletion of following
Any failure or lapse on the part of SI in performing
any obligation as is reasonably necessary and
proper, to negate the damage due to projected
force majeure events or to mitigate the damage
that may be caused due to the above mentioned
events or the failure to provide adequate disaster
management/recovery or any failure in setting up a
contingency mechanism would not constitute force
majeure, as set out above.
Bidder requests the following to be added in the
Force Majeure clause: -
It stands clarified that the Authority shall not be
absolved from meeting its timely payment
obligations during the subsistence of Force
Majeure. In the event Force Majeure continues for
more than sixty (60) days, either party shall have
the right to terminate the contract in which case
the SI shall be paid for all the goods delivered and
services rendered up to the effective date of
termination.
RFP conditions prevails
1442
Vol III - 34 Events of
Default
27
Events of defualt are open ended. Request to please
define or limit it ot existing:
Events of defaults should be breach of terms as
mentioned under the contract and shall not include
any subsequent modification instruction of the
Authority. Request for deletion of "The events of
defaults are but not limited to :
RFP conditions prevails
1443
36.2 Consequence
of Termination
30
Where the termination of the Contract is prior
to its stipulated term on account of a Default on
the part of SI or due to the fact that the survival
of SI as an independent corporate entity is
threatened/has ceased, or for any other reason,
whatsoever, the Authority, through unilateral re-
determination of the consideration payable to
SI, shall pay SI for that part of the Services which
have been authorized by the Authority and
satisfactorily performed by SI up to the date of
termination. Without prejudice to any other
rights, the Authority may retain such amounts
from the payment due and payable by the
Authority to SI as may be required to offset any
losses caused to the Authority as a result of any
act/omissions of SI. In case of any loss or
damage due to default on the part of SI in
performing any of its obligations with regard to
executing the Schedule of
Requirements under the contract, SI shall
compensate the Authority for any such loss,
damages or other costs, incurred by the
Authority. Additionally, members of its team
shall perform all its obligations and
responsibilities under the Contract in
an identical manner as were being performed
before the collapse of SI as described above in
order to execute an effective transition and to
The payment paid to SI on termiantion is unialterally
decided by authority. Request to please make it on
mututal discussion
RFP conditions prevails
1444
General
We request to add the given clause as taxes vary
time to time and customer shall pay as per the
relevant rate applicable
Customer is responsible for payment of taxes,
duties, octroi / entry tax, cesses and any other
statutory levies (by whatever name called at the
applicable rates from time to time, including any
new levies or increase in existing levies) relating to
the proposal. However, Customer will not be
responsible for income taxes and wealth taxes that
may be payable by Wipro. In case of any new taxes
or levies being attracted to the transaction after the
date of submission of response by Wipro or if any
existing taxes or levies are changed thereafter, the
same shall be borne by the Customer.
RFP conditions prevails
1445
Vol 3, Limitation of
liablity
Bidder Request Addition Notwithstanding anything contained herein, neither
Party shall be liable for any indirect, punitive,
consequential or incidental loss, damage, claims,
liabilities, charges, costs, expense or injury
(including, without limitation, loss of use, data,
revenue, profits, business and for any claims of any
third party claiming through Wipro) that may arise
out of or result from this Agreement. The aggregate
liability of Wipro under this Agreement, shall not
exceed the annual value of the contract.
RFP conditions prevails
1446
Tender should have a
clause saying that GOI
Preferential Market Access
Policy to promote
domestic manufacturing
under Make in India is
applicable in this project-
as per the following
notifications
RFP conditions prevails
1447
a. Notification
No.8(78)/2010-IPHW dated
10 Feb 2012
RFP conditions prevails
1448
b. DoT notification No.18-
07/2010-IPdated 05 Oct
2012
RFP conditions prevails
1449
c. Guidelines issued by
DeitY vide No.8(78)/2010-
IPHW dated 12Jun 2013.
RFP conditions prevails
1450
d. Notification issued by
DeitY vide No.33(3)/2013-
IPHW dated 23Dec 2013.
RFP conditions prevails
1451
e. Guidelines issued by
DeitY vide No.33(7)/2015-
IPHW dated 16th
November,2015.
RFP conditions prevails
1452 RFP Conditions prevails
1453 RFP conditions prevails
1454
RFP Document
Volume 2: Scope of
Work
Additional Recommendation - Implementation of
Gazette Preferential market Access Policy of
Government of India on the project.
This PMA policy is made
mandate by MoUD via
1455
Vol1: 1.3
Definitions/Acrony
ms #13 -
Consortium
6
A consortium consists of multiple members (not
more than Three parties - Lead Bidder + 2
Consortium members) entering into a
Consortium Agreement for a common objective
of satisfying the Authority Agreement for a
common objective of satisfying the Authority
requirements & represented by lead member of
the consortium, designated as a "Lead Bidder”.
Also, the responsibility for successful execution
of the entire project will be that of the defined
Lead bidder. The consortium members should
have relevant experience of executing similar
roles and responsibilities in past as stated in the
MoU in Annexure 7.
Parent company existence of Bidder/ Lead
bidder would be
considered for only 100% subsidiary/ division/
sub division/ branch
business unit. For the purpose of technical
evaluation, net worth and turnover of only the
bidding entity will be considered. Net worth and
turnover of any parent, subsidiary, associate or
other related entity will not be Considered.
Since the RFP specifies "The consortium members
should have relevant experience of executing similar
roles and responsibilities in past"
While it is acceptable that for Sole bidder/Lead
bidder Profile, the networth and turnover of only
bidding entity is considered whereas for the Project
Experience criteria, could be fulfilled by any one of
the consortium partners.
The objective of forming a consortium is to draw on
the relevant experience and domain expertise of
consortium members to meet the requirement of
the RFP. RFP conditions prevails
1456
Vol1: 1.2 Fact sheet,
Method of Selection
&
3.4.3: Stage 3:
Commercial
Evaluation (d)
5
&
34
The method of selection is L1. The contract will
be awarded to the bidder quoting the lowest
‘Total Price’ post technical qualification. Prices
inclusive of any applicable taxes, levies etc. will
be considered for arriving at L1 price.
&
The bidder that has quoted the lowest Total
Price (Capex price + Opex price)
shall be awarded the contract. For the purpose
of arriving at L1, prices
inclusive of any applicable taxes and levies etc.
will be considered.
Since the RFP calls for implementation and O&M of
specilised sevices, the selection criteria may be
considered on QCBS (Quality and Cost Basis
Selection).
The 70% weightage may give to Technical Proposal,
whereas 30% weightage to Financial Proposal while
selecting the successful bidder. Please refer to the corrigendum 6
1457
Vol1: Pre-
Qualification
Criteria #2
35
The Sole Bidder or the Lead Bidder of
consortium should have an average annual
turnover of minimum INR 10 crore with
minimum average turnover of INR 5 crore from
one or more of the “specific business areas”
mentioned below over the last three financial
years and, in case of a Consortium, the average
annual turnover for each of the consortium
members over the last three Financial Years
should be INR 2.5 crore or more from one or
more of the “specific business areas” mentioned
below:
mobile app
capability
We request for following inclusion:
The Sole Bidder or the Lead Bidder of consortium
should have an average annual
turnover of minimum INR 10 crore with minimum
average turnover of INR 5 crore from one or more of
the “specific business areas” mentioned below over
the last three financial years and, in case of a
Consortium, the average annual turnover for each of
the consortium members over the last three
Financial Years should be INR 2.5 crore or more
from one or more of the “specific business areas”
mentioned below:
mobile app
capability
Data Center design and
implementation
Please refer to the corrigendum 6
1458
Vol1: Pre-
Qualification
Criteria #5
36
The Sole Bidder or the Lead bidder of
consortium, in case of a Consortium, should
possess any of the below Certifications which
are valid at the time of bidding:
Management System
We request for the following ammendment:
The Sole Bidder or any member of consortium, in
case of a Consortium, should possess any of the
below Certifications which are valid at the time of
bidding:
Management System
RFP conditions prevails
1459
Vol1: Pre-
Qualification
Criteria #7
36
The sole bidder or lead bidder /consortium
partner should have CMM level 5.
Documetry Evidence:- The Sole Bidder or the
Lead Bidder
1. Copies of valid certificates in the name of the
bidding entity
We request to correct the clause for documentry
Evidence as " The Sole Bidder or the Lead Bidder /
Consortium Partner
1. Copies of valid certificates in the name of the
bidding entity
Please refer to the corrigendum 6
1460
Vol1: Pre-
Qualification
Criteria #8
36
The sole bidder or lead bidder should have
completed at least two projects in Govt/Semi
Govt/ PSU; in the field of development and
integration of citizen centric web portal / mobile
app, database management /data warehousing/
business analytics / cloud applications on the
date of release of NIT.
This scope of work relates to software
development, and relevent domain expert could be
a member of Consortium instead of being a lead
bidder. So, we request the following ammendment:
1. We request to revise the clause as " The sole
bidder or lead bidder or any consortium partner
should have completed at least two projects in
Govt/Semi Govt/ PSU; in the field of development
and integration of citizen centric web portal /mobile
app, database management /data warehousing/
business analytics / cloud applications on the date
of release of NIT".
2. We request to consider 'Global' project
experience from any of consortium member.
Please refer to the corrigendum 6
1461
Vol1: Pre-
Qualification
Criteria #9
36-37
The Sole Bidder or any consortium member (in
case of consortium) should have experience of
Operation and maintenance of network
comprising software, ICT hardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
The clause should be revised as "The Sole Bidder or
any consortium member (in case of consortium)
should have experience of Operation and
maintenance of network comprising
Application/software, ICT/IT hardware of minimum
project value of INR 1 Crore per year in the last
three years on the date of issue of NIT.
RFP conditions prevails
1462
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation #A1 -
Annual turnover
39
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or
Lead bidder (in case of consortium) over the last
three Financial years
Marks shall be allotted as given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore =
6.5 marks
•More than INR 20 Crore – up to INR 30 Crore =
6 marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment
We request for following inclusion:
Average annual turnover from “Specific Business
Areas” as mentioned below for Sole bidder or Lead
bidder (in case of consortium) over the last three
Financial years
Marks shall be allotted as given below:
• More than INR 40 Crore = 7 marks
• More than INR 30 Crore – up to INR 40 Crore = 6.5
marks
•More than INR 20 Crore – up to INR 30 Crore = 6
marks
•More than equal to INR 5 Crore - up to INR 20
Crore = 5 marks
“Specific Business Areas”
•Software Application Development including
mobile app
•Multiple Software application integration
capability
•Database Management
•Business Analytics
•ICT Infrastructure and System Integration
•IoT/Cloud environment/ Data Center Design and
Implementation
Please refer to the corrigendum 6
1463
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation #A2 -
CMM Certification
39
Marks shall be allotted as given below:
•CMM level 5 =3 marks
Documentry Evidence: Sole Bidder or Lead
Bidder of the Consortium:
Certificate from competent authority
We request to revise the clause as " Sole Bidder or
Lead Bidder or Any Consortium Member of the
Consortium.Please refer to the corrigendum 6
1464
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B1 Web
Portal/mobile
app39
The Sole Bidder or lead member (in case of
consortium) should have been awarded and
successfully executed & commissioned
project(s) related to development and
integration of citizen centric web portal / mobile
app components or both having minimum value
of INR 15 crore in India during last five years as
on the date of release of
RFP.
Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
We request to revise the Clause as "The Sole Bidder
or lead member (in case of consortium) or any
member of consortium should have been awarded
and successfully executed & commissioned
project(s) related to development and integration of
citizen centric web portal / mobile app components
or both having minimum value of INR 15 crore in
India/International during last five years as on the
date of release of RFP.
Marks shall be allotted as given below:
• More than equal to 5 Project = 20 marks
• 4 Project = 14 marks
• 3 Project = 10 marks
• 2 Project = 7 marks
*Software company could be the consortium
member instead of being a lead bidder.
RFP conditions prevails
1465
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B2 City centric
software Integration
Projects
41
The Sole Bidder or lead member (in case of
consortium) should have experience in the field
of City centric software Integration Projects.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
We Request to revise the Clause as "The Sole Bidder
or lead member (in case of consortium) or any
member of Consortium" should have experience in
the field of City centric software Integration Projects
in India/Internationsl.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
*Software company could be the consortium
member instead of being a lead bidder.
Please refer to the corrigendum 6
1466
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B3 Software
Plateform
42
The Sole Bidder or lead member (in case of
consortium) should have experience in
developing and implementing IT software
projects in India with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3,
mobile apps native languages (Android, ioS,
Windows, Hybrid language like phonegap), User
Experience in designing User Interfaces. At least
2 projects have been executed (documentary
evidence to be provided as proof of delivery)
with the above mentioned technology stack.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
We request to revise the Clause as "The Sole Bidder
or lead member (in case of consortium) or any
member of the consortium should have experience
in developing and implementing IT software
projects (in house or for 3rd party) in
India/International with Java /J2EE, Application
Servers like JBoss or similar, HTML5/CSS3, mobile
apps native languages (Android, ioS, Windows,
Hybrid language like phonegap), User Experience in
designing User Interfaces. At least 2 projects have
been executed (documentary evidence to be
provided as proof of delivery) with the above
mentioned technology stack".
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
*Software company could be the consortium
member instead of being a lead bidder.
RFP conditions prevails
1467
Vol1: 3.5.1
Technical Bid
Criteria &
Evaluation - B
Project Experience
(Max –50 marks) - #
B4 Operation and
Maintenance
43
The bidder must have experience of providing
Handholding and Operational Manpower for
Turnkey IT projects. Minimum no. of manpower
per project should be 10.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Documentry Evidence:
Sole Bidder/or any Member of Consortium:
1.Work order/Contract clearly highlighting the
scope of work, Bill of Material and value of the
contract/order.
2.Completion Certificate issued & signed by the
competent authority of the client entity on the
entity’s letterhead
OR Self-certificate from the bidder signed by the
concerned project in-charge of the bidder and
counter signed by
authorised signatory for this bid holding written
special
power of attorney on stamp paper along with
the official contact details of the competent
authority of the client entity.
The Authority reserves the right to contact the
aforementioned competent authority.
Operation and Maintenance could be the contract
of IT infra management services also. We request
to revise the Clause as "The bidder must have
experience of providing Handholding and
Operational Manpower for Turnkey IT projects.
Minimum no. of manpower per project should be
10.
Marks shall be allotted as below:
• Four Projects = 10 marks
•Three Projects = 8 marks
• Two Projects =6 marks
Documentry Evidence:
Sole Bidder/or any Member of Consortium:
1.Work order/Contract clearly highlighting the
scope of work, Bill of Material/Service Contract
Agreement and value of the contract/order.
2.Completion Certificate/certificate of contract in
existance as on date, issued & signed by the
competent authority of the client entity on the
entity’s letterhead OR Self-certificate from the
bidder signed by the concerned project in-charge of
the bidder and counter signed by authorised
signatory for this bid holding written special power
of attorney on stamp paper along with the official
contact details of the competent authority of the
client entity.
The Authority reserves the right to contact the
Please refer to the corrigendum 6
1468
Vol1: 5.2 Pre-
Qualification Bid
Covering Letter
52
a. We hereby acknowledge and unconditionally
accept that the Authority can at its absolute
discretion apply whatever criteria it deems
appropriate, not just limiting to those criteria
set out in the RFP and related documents, in
short listing of Agency for providing services.
Terms and conditions should be applicable to bidder
as mentioned in to the RFP. We request to revise
the clause as " We hereby acknowledge and
unconditionally accept that the Authority can at its
absolute discretion apply those criteria set out in
the RFP and related documents, in short listing of
Agency for providing services".
Authority should not apply the criteria it deems
appropriate but out of the RFP and related
documents.
RFP conditions prevails
1469
Vol2: 11 Payment
Terms and Schedule
#2184
Due payments shall be made promptly by the
Authority, generally within Sixty (60) days after
submission of an invoice or request for payment
by MSI
We request to make payment within 30 days and
revise the clause as "Due payments shall be made
promptly by the Authority, generally within thirty
(30) days after submission of an invoice or request
for payment by MSI
Please refer to the corrigendum 6
1470
Volume 2, Scope of
Work. 1.3.
9 of 245
1.Development Phase: System Documentation:
Version control Data
2. Programs: Entire Source Code
3. Programs: All Old Versions to be maintained
1. Kindly modify it as " Version Control Data from
the date of installation".
2. Please let us know why would LSC require Source
Code, when the MSI is going to stay with the LSC for
the entire period of Life Cycle of the project.
Kindly note that all there will be third party
applications and the OEMs will not be willing to
share Source codes.
3. Kindly modify it as " All Old Versions to be
maintained from the date of installation".
RFP conditions prevails
1471
Volume 2, Scope of
Work. 1.514 of 245,
"MSI shall assess existing infrastructure's current
ability".....
Please share list of available infrastructure with
detailed data sheet.
RFP conditions prevails
1472
, Volume 2, Scope of
Work. 1.5
16 of 245
The MSI must attach OEM Authorization for the
various products listed below.
• Operating System
• Virtualization layers
• RDBMS
• Integration Layer
• Message Queue Layer
• Application server
• API Management Framework
• All other OEM Enterprise Software products
We would like to submit that following are not likely
to be provided by OEMs and will be developed by
MSI / Consortium, and OEM Authorization will not
be possible:
• Integration Layer
• Message Queue Layer
• Application server
• API Management Framework
Please advise
RFP conditions prevails
1473
, Volume 2, Scope of
Work. 1.5
19 of 245
The MSI will setup a local server on the
Integrated Command & Control Centre
which will communicate with the central
server.
We understand that Integrated Command & Control
Centre is one only. Please elaborate the purpose of
Local Server and Central Server and location of
Central Server.
Please refer to the corrigendum 6
1474
Volume 2, Scope of
Work
AND
Volume 2, Scope of
Work 2.2
24 & 26 of 245,
15. Storage Capacity : Minimum 100 GB
AND
p. The digital media player/thin client on the
LED display shall have minimum 4 GB, RAM and
16 GB flash memory with at least 1.5 Ghz
processor for playing rich content and for
integration with sensors.
VMS will be installed at outdoors. After going
through the technical and functional requirements,
we understand that few hundred MB storage will be
adequate. Equipping VMS will 100 GB storage and
making the storage functional will also require
compatible processors and other circuitry. This will
increase the cost of VMS exorbitantly high.
Please let us the purpose of 100 GB storage in VMS.
Please let us know which spec. is to be followed.
Please refer to the corrigendum 6
1475
Volume 2, Scope of
Work. 2.224 of 245,
20. Connectivity : IP Based Please let us know how the VMS will communicate
with Command Centre and vice versa? GPRS/4G
and/or Wi-Fi and/or over Fiber cable?RFP conditions prevails
Bidder may use wireless
technology covering the functional
requirement of the RFP
1476
Volume 2, Scope of
Work. 2.2
24 of 245,
Casing: IP 55 rated for housing As VMS will be installed outdoor, to protect it from
dust, humidity and rain, the casing should minimum
be IP 65 or 66.
Please advise.
RFP conditions prevails
1477
Volume 2, Scope of
Work. 2.3.1
40 of 245,
29. Edge Computing Please let us know the purpose of Edge Appliances.
To the best of our understanding, EDGE Appliance
will not add any advantage rather add cost to the
project. We request for the remove of the same.
Please confirm.
RFP conditions prevails
1478
Volume 2, Scope of
Work. 2.3.1
40 of 245,
52. Collaboration If the Collaboration Platform is to be interfaced with
PSTN Lines form the Service provider, there are
likely two options:
a) Implement Collaboration Platform offered by the
same service provider. This may lead to restriction
of few functional requirement as stated in the RFP.
b) Obtain ISP licence from TRAI. This option has
other legal implications.
Please advise.
RFP conditions prevails
Bidder should meet the functional
Requirements mentioned in the
RFP
1479
Volume 2, Scope of
Work. 2.3.2
61 of 245,
Video Display Wall (VDW) 1. Kindly let us know the Matrix of 55 inch display.
2. As the VDW is expected to be Wall-to-Wall lesser
the no. of display, lesser the no. of control
equipment, easier to install, configure, operate and
maintain.
Keeping in view of above, we suggest to change the
dimension of VDW from 55 inch to 70 inch.
3. "The native resolution of each Visual Display Unit
/ Rear Projection Module should be 1920 X 1080
pixels (Full HD) and should have LED as its light
source with ultra-thin configuration."- Please
remove ultra thin configuration so that all OEM Can
qualify
Please refer to the corrigendum 6
1480
Volume 2, Scope of
Work. 2.3.2
63 of 245,
Video Display Wall (VDW) "A pedestal shall be provided to support the VDW. If
the manufacturer’s standard pedestal does not
comply with the height requirement, the MSI shall
supply a custom setup."
As the name suggests Video Display Wall, it is best
implemented on a wall.
Kindly remove the requirement of Pedestal and
allow mounting on wall for better performance.
Pedestal may cause implementation problem.
RFP conditions prevails
1481
Volume 2, Scope of
Work. 2.3.2
65 of 245
Video Display Wall (VDW) Please provide information of "all boardroom or
auxiliary display device".
Understand that "boardroom or auxiliary display
device" are not in scope. If yes, please provide
specifications and functional requirements.
RFP conditions prevails
1482
Volume 2, Scope of
Work. 3.2
74 of 245
ICT Enabled Solid Waste Management Understand that the scope is to integrate the
existing command center of SWM with Integrated
Command & Control Centre.
Please advise.
RFP is Self Explanatory
1483
Volume 2, Scope of
Work. 3.3
75 of 245,
Smart Parking Understand that the scope is to integrate the
existing Parking Command/Operation center with
Integrated Command & Control Centre.
Please advise.
RFP is Self Explanatory
1484
Volume 2, Scope of
Work. 3.4
77 of 245,
Energy Efficient Street Lighting Solution Understand that the scope is to integrate the
existing Street Light Command/Operation center
with Integrated Command & Control Centre.
Please advise.
"ICCC should support lighting control like diming,
switch on/off, group/individual control etc."
Please confirm that the existing Street Light System
has all the features. Otherwise, this function is not
achievable.
RFP is Self Explanatory
1485
Volume 2, Scope of
Work. 3.5, 3.6, 3.7,
3.8, 3.9, 3.10 77, 78, 79, 80 of
245,
Multiple sub sections Understand that the scope is to integrate the
existing Systems' Command/Operation center with
Integrated Command & Control Centre.
Please advise.
RFP is Self Explanatory
1486
Volume 2, Scope of
Work. 3.7
80 of 245
City Surveillance "Should support multiple video sources from
multiple locations. Platform should have no
limitation in displaying the number of CCTV video
sources"
Does it mean that separate Video Management and
Recording Servers to be installed? Please confirm.
RFP conditions prevails
MSI has to study and integrate the
existing system
1487
Volume 2, Scope of
Work. 3.1
83 of 245
Unified Smart Mobility card "Scope of Work: The MSI is expected to integrate
the services of various departments into Lucknow
Metro card so as to achieve the concept of One City-
One Card. Below are the minimum list of the
services/ departments that are expected to be taken
for the integration:"
Kindly elaborate SoW further.
RFP is Self Explanatory
1488
Volume 2, Scope of
Work. 4.1
84 of 245,
Geographical Information System…. "…….MSI has to analyse the gap in the GIS data and
shall augment the GIS data as per the requirement.
MSI should conduct analysis of integration points
and provide a detailed report and get approval from
LSCL before integration."
It is difficult to quantify volume of work, in terms of
no. of data to be surveyed. Please suggest certain
no. of data so that the same can be the reference
point for all bidders.
Please refer to the corrigendum 6
1489
Volume 2, Scope of
Work. 4.1
85 and 87 of
245,
Geographical Information System…. i. MSI shall carry out collection of data from various
agencies or Government departments. Data
creation - Necessary Survey, collection from various
sources, compilation, digitization, accurate geo-
referencing, migration, data conversion, integration
& maintenance shall be carried out by MSI.
Authority will help in providing the authorizing
letters for collection of the data.
AND
xxi. Data creation - Necessary Survey, collection
from various sources, compilation, digitization,
accurate geo-referencing, migration, data
conversion, integration & maintenance shall be
carried out by MSI.
The volume of work in terms of data creation
through field survey can not be assessed and
quantified.
Please quantify the no. of data points so that
costing can be worked out.
Please refer to the corrigendum 6
1490
Volume 2, Scope of
Work. 5.1
114 of 245,
City Network "4. MSI should estimate the bandwidth requirement
for connectivity between ICCC and Data Center and
the same shall be clearly provisioned in the
technical proposal with detailed calculations. The
connectivity between ICCC and Datacenter shall be
through SWAN (State wide area network) "
Kindly let us know the existing capacity of SWAN
and dedicated bandwidth can be provided to the
project at the nearest Aggregation Point.
Please refer to the corrigendum 6
1491
Volume 2, Scope of
Work
142 of 245,
Database "Database Licence should be un-restricted and
perpetual"
Please advise if any OEM of Enterprise class
Database is offering "un-restricted and perpetual"
Licence.
To the best of our information no OEM is offering
such licence. Kindly remove this clause.
RFP conditions prevails
1492
Volume 2, Scope of
Work. 6161 of 245,
OEM Professional Services for Project
Implementation
This can be achieved thru' tripartite agreement and
need to be facilited by LSCL
Please confirm and provide the format of tripartite
agreement. RFP conditions prevails
1493
Volume 2 , Section
5.2: Data Center and
Disaster Recovery
Subsection: Disaster
Recovery (DR) Site
120
Disaster Recovery Site will be on Meghraj cloud
platform (National Informatics Centre) with
100% uptime.
Please Clarify is required storage with relevant
Capacity & Performance (IOPS) is to be provisioned
by SI or it will be provided by NIC Meghraj Cloud.
If it has to be provisioned by NIC Megraj Cloud then
please confirm the Availability of Storage Capacity
at NIC Meghraj Cloud along with the details of
Storage (Make & Model) from which NIC Meghraj
cloud will allocate the required capacity since DR
Storage has to compatible with DC Storage.
RFP conditions prevails
1494
Volume 2 , Section
5.2: Data Center and
Disaster Recovery
Subsection: Disaster
Recovery (DR) Site
121
Both DC and DR Site shall work in an Active-
Active mode. Please clarify is the required functionality of Active
Active DC & DR is required for some selected set of
application with the availability of this functionality
at application level. If yes please clarify the list of
applications with native functionality support of
Active Active DC & DR.RFP conditions prevails
1495
Volume 2 , Section
5.2: Data Center and
Disaster Recovery
Subsection: Disaster
Recovery (DR) Site
121
Zero RPO (Recovery Point Objective) and RTO
(Recovery Time Objective) of 10 minutes.
Please clarify is the required functionality of Zero
RPO is required for some selected set of application
with the availability of this functionality at
application level or is this requirement for all
applications.
If is it required for all applications then it will be a 3
Site Storage solution with Primary Site ( Lucknow
SDC ) , Near Line Site (Please confirm the Site ) & DR
Site ( NIC Meghraj). RFP conditions prevails
1496
Volume 1, Right to
vary quantity. 2.30
30
Right to vary quantity
a. At the time of award of contract, the quantity
of goods, works or services originally specified in
the bidding documents may be
increased/decreased. It shall be without any
change in the unit prices or other terms and
conditions of the Bid and the bidding
documents.
We request to provide some minimum/ maximum
ceiling to the "Right to vary quantity" and amend
the clause as below:
a. At the time of award of contract, the quantity of
goods, works or services originally specified in the
bidding documents may be increased/decreased (+/-
) by 10%. It shall be without any change in the unit
prices or other terms and conditions of the Bid and
the bidding documents.
Please refer to the corrigendum 6
1497
Volume 1, Right to
vary quantity. 2.30
30
Right to vary quantity
c. Repeat orders for extra items or additional
quantities may be placed, if it is provided in the
bidding document, on the rates and conditions
given in the contract if the original order was
given after inviting open competitive bids.
Delivery or completion period may also be
proportionally increased.
We request to provide some timeline ceiling to the
"Right to vary quantity" and amend the clause as
below:
c. Repeat orders for extra items or additional
quantities may be placed, if it is provided in the
bidding document, on the rates and conditions
given in the contract if the original order was given
after inviting open competitive bids till 6 months
from the date of signing of agreement. Delivery or
completion period may also be proportionally
increased.
Please refer to the corrigendum 6
1498Volume 1, Site Visit.
2.32 30
Site Visit We request to provide some layout/ sitemap etc
before arranging the site visit.Please refer to the corrigendum 6
1499
Volume 3, 8
8
Approvals and Required Consents We request to make this clause as part of Clause no.
3. on page no. 6 & 7 i.e. Conditions Precedent RFP conditions prevails
1500
Volume 3, 15
18 & 19
Indemnity We request LSCL to consider and Indemnify SI also
due to any breach, damage, loss etc occurred to SI
by Authority or people related to the authority. RFP conditions prevails
1501
Volume 3, 17.2
20
17.2. If the delay occurs due to circumstances
beyond control of SI such as strikes,
lockouts, fire, accident, defective materials,
delay in approvals or any cause
whatsoever beyond the reasonable control of SI,
a reasonable extension of time
shall be granted by the Authority.
We request to amend the clause as below:
17.2. If the delay occurs due to circumstances
beyond control of SI such as strikes, lockouts, fire,
accident, defective materials, delay in approvals or
any cause whatsoever beyond the reasonable
control of SI, a reasonable extension of time shall be
granted by the Authority as mutually agreed with
SI.
Further, if delays are beyond the SI control and
project gets delayed to unresonable timelines, then
the SI has right to submit the revised offer for
resuming the services/ deliveries.
RFP conditions prevails
1502
Volume 3,
Termination, 35
28 & 29
35.5. SI may, subject to approval by the
Authority, terminate this Contract before the
expiry of the term by giving the Authority a prior
and written notice at least 3 months in advance
indicating its intention to terminate the
Contract.
We request to amend the clause as below:
SI may, subject to approval by the Authority,
terminate this Contract before the expiry of the
term by giving the Authority a prior and written
notice at least 3 months in advance indicating its
intention to terminate the Contract. If the intention
attributed by SI is due to the failure on the part of
Authority, then the SI shall be duly compensated till
the date of termination for the material and
services assigned to LSCL and all relevent dues shall
be payable to SI.
RFP conditions prevails
1503
Volume 3,
Consequence of
Termination, 3629 & 30
We reuest to add:
In case the termination is due to failure attributed
to Authorities, there shall be a time bound payment
shcedule.
RFP conditions prevails
1504
Volume 1, Bid Price,
2.15
21
Prices quoted by the Bidder shall remain firm
during the entire contract period and not
subject to variation on any account. A bid
submitted with an adjustable price quotation
shall be treated as non-responsive and rejected.
We request for following amendment in this clause
as:
Prices quoted by the Bidder shall remain firm during
the entire contract period and not subject to
variation on any account except the statutory
changes, if any which shall be applicable to either
side to pass on/ levi on as per the changes
applicable. A bid submitted with an adjustable price
quotation shall be treated as non-responsive and
rejected.
RFP conditions prevails
1505
Volume 1, CAPEX,
7.2 87 to 91
Price component for CAPEX: Due to GST implementation and diffrenet GST rate
applicable to different supply items and services, we
request to split the CAPEX BOQ in Supply of items
and I&C of items
RFP conditions prevails