Академический Документы
Профессиональный Документы
Культура Документы
Table of Contents
Due Diligence ......................................................................................................................................................13
Abbreviations ......................................................................................................................................................14
1. Key Information .............................................................................................................................................16
1.1. Fact Sheet ................................................................................................................................................16
1.2. Purpose of this RFP ................................................................................................................................18
2. Background – Cyber Security .......................................................................................................................19
3. APTS Overview ..............................................................................................................................................21
4. Attractive Investment Avenue – The State of Andhra Pradesh .................................................................22
5. AP Cyber Security Project Vision .................................................................................................................23
6. Project Objective ............................................................................................................................................24
7. Project Coverage and Duration.....................................................................................................................25
7.1. Coverage .................................................................................................................................................25
7.1.1. AP Government Infrastructure ......................................................................................................25
7.1.2. Small and Medium Enterprise (SME) ...........................................................................................25
7.1.3. Other Clients..................................................................................................................................25
7.2. Duration ..................................................................................................................................................26
7.2.1. Design & Implementation phase ...................................................................................................26
7.2.2. Operations & Management of AP-SOC phase ..............................................................................26
8. Proposed Services – Core Services ................................................................................................................27
8.1. Threat Monitoring, Analytics & Incident Management ..........................................................................27
8.2. Security Infrastructure Device Management ..........................................................................................27
8.3. Threat Surface Management Services.....................................................................................................27
8.4. Brand Monitoring and Protection Services .............................................................................................27
9. Responsibilities of the Stakeholders ..............................................................................................................28
9.1. Responsibilities of the Bidder/Service Provider .....................................................................................28
9.1.1. Technology infrastructure .............................................................................................................28
9.1.2. People/Resources...........................................................................................................................28
9.1.3. Processes .......................................................................................................................................28
9.2. Responsibilities of the Departments / Agencies......................................................................................29
9.3. Responsibilities of APTS ........................................................................................................................29
9.3.1. AP-SOC Facility ............................................................................................................................29
9.3.2. Responsibility Matrix ....................................................................................................................29
9.4. Services commitment by GoAP/APTS ...................................................................................................30
10. Detailed Scope of Work................................................................................................................................31
10.1. Threat Monitoring, Analytics & Incident Management ........................................................................31
Conflict of Interest
.................................................................................................................................................................E
rror! Bookmark not defined.
22. Compliance Requirements
..............................................................................................................................................................................Er
ror! Bookmark not defined.
22.1. Pre- Qualification Compliance
.......................................................................................................................................................................E
rror! Bookmark not defined.
22.2. Technical Compliance
.......................................................................................................................................................................E
rror! Bookmark not defined.
23. Annexure: Network and IT Infrastructure in the State of AP
..............................................................................................................................................................................Er
ror! Bookmark not defined.
DISCLAIMER
The information contained in this Tender or subsequently provided to bidders, whether verbally or in
documentary or any other form by or on behalf of the APTS herein called the Authority or any of its
employees or advisers, is provided to bidders on the terms and conditions set out in this Tender and
such other terms and conditions subject to which such information is provided.
This Tender is issued by the Andhra Pradesh Technology Services, Vijayawada. This Tender is not an
agreement and is neither an offer nor invitation by the Authority to the prospective bidders or any other person.
The purpose of this Tender is to is to solicit Techno commercial offers from interested parties for taking part in
the implementation and management of cyber security operations center in the scope of work as mentioned in
this document. This Tender includes statements, which reflect various assumptions and assessments arrived at
by the Authority in relation to the Implementation and Management of Cyber Security Operation Center. Such
assumptions, assessments and statements do not purport to contain all the information that each Applicant may
require. This Tender may not be appropriate for all persons, and it is not possible for the Authority, its
employees or advisers to consider the objectives, technical expertise and particular needs of each party who
reads or uses this Tender. The assumptions, assessments, statements and information contained in this
Tender, may not be complete, accurate, adequate or correct. Each Applicant should, therefore, conduct its
own investigations and analysis and should check the accuracy, adequacy, correctness, reliability and
completeness of the assumptions, assessments and information contained in this Tender and obtains
independent advice from appropriate sources.
Information provided in this Tender to the bidders is on a wide range of matters, some of which depends upon
interpretation of law. The information given is not an exhaustive account of statutory requirements and should
not be regarded as a complete or authoritative statement of law. The Authority accepts no responsibility for the
accuracy or otherwise for any interpretation or opinion on the law expressed herein.
The Authority, its employees and advisers make no representation or warranty and shall have no liability to any
person including any Applicant under any law, statute, and rules or regulations or tort, principles of restitution
or unjust enrichment or otherwise for any loss, damages, cost or expense which may arise from or be incurred
or suffered on account of anything contained in this Tender or otherwise, including the accuracy,
adequacy, correctness, reliability or completeness of the Tender and any assessment, assumption,
statement or information contained therein or deemed to form part of this Tender or arising in any way in this
Selection of Service Provider.
The Authority also accepts no liability of any nature whether resulting from negligence Or otherwise
however caused arising from reliance of any Bidder upon the statements contained in this Tender. The
Authority may in its absolute discretion, but without being under any obligation to do so, update, amend or
supplement the information, assessment or assumption contained in this Tender. The issue of this Tender
does not imply that the Authority is bound to select an Bidder or bidders, as the case may be, for the
selection of Cyber AP-SOC services and the Authority reserves the right to reject all or any of the Proposals
without assigning any reasons whatsoever.
The Bidder shall bear all its costs associated with or relating to the preparation and submission of its Proposal
including but not limited to preparation, copying, postage, delivery fees, expenses associated with any
demonstrations or presentations which may be required by the Authority or any other costs incurred in
connection with or relating to its Proposal. All such costs and expenses will remain with the Bidder and the
Authority shall not be liable in any manner whatsoever for the same or for any other costs or other
expenses incurred by a Bidder in preparation or submission of the Bid, regardless of the conduct or outcome of
the Selection Process.
Due Diligence
The Bidder is expected to examine all instructions, forms, terms and specifications in this RFP and study the
Bid Document carefully. Bid shall be deemed to have been submitted after careful study and examination of
this RFP with full understanding of its implications.
Each Bidder should, at its own costs without any right to claim reimbursement, conduct its own
investigations, analysis and should check the accuracy, reliability and completeness of the information in
this RFP and wherever felt necessary obtain independent advice. The Bid should be precise, complete
and in the prescribed format as per the requirement of this RFP. Failure to furnish all information required by
this RFP or submission of a Bid not responsive to this RFP in each and every respect shall be at the
Bidder’s own risk and may result in rejection of the Bid and for which the APTS shall not be held responsible.
Any decision taken by APTS as to completeness of the Bid and/or rejection of any/ all Bid(s) shall be
final, conclusive and upon the Bidder(s) and shall not be question / challenged by the Bidder(s).
Abbreviations
Abbreviation Description
API Application Programming Interface
APT Advances Persistent Threat
APTS Andhra Pradesh Technology Services , Also referred as “Authority”
BG APTS Guarantee
CERT Computer Emergency Response Team
CISA Certified Information Systems Auditor
CISSP Certified Information Systems Security Professional
AP-SOC AP Cyber Security Operations Centre
CND Computer Network Defence
DAM Database Activity Monitoring
DD Demand Draft
DLP Data Loss Prevention
DR Disaster Recovery
EMD Earnest Money Deposit
EPS Events Per Second
FRS Functional Requirement Specifications
GIS Geographic Information System
GoAP Government of Andhra Pradesh
GRC Governance, Risk and Compliance
GST Goods and Service Tax
ICT Information and Communication Technology
IDS Intrusion Detection System
IoT Internet of Things
IPS Intrusion Prevention System
ISO International Standards Organization
IT E&C
IT Electronics & Communication Department
Department
ITIL Information Technology Infrastructure Library
LOI Letter of Intent
MD Managing Director
NAC Network Access Control
NIST National Institute of Standards and Technology
OEM Original Equipment Manufacturer
OSWAP Open Web Application Security Project
PIM Privileged Identity Manager
QCBS Quality and Cost based Selection
RFP Request For Proposal
SAN Storage Access Network
Abbreviation Description
SAP Systems, Applications, Products in Data Processing
SI Systems Integrator
SIEM Security Information and Event Management tool
SLA Service Level Agreement
SME Subject Matter Expert
AP-SOC AP Security Operations Center
SOP Standard Operation Procedure
SPOC Single Point of Contact
SQL Structured Query Language
SRS System Requirement Specifications
SSH Services or Secure Shell
SSL Secure sockets Layer
T&M Time and Material
TTP Tactics, Techniques and Procedures
User Department The Departments which shall use these services as per the scope of this document
VA Vulnerability Assessment
VPN Virtual Private Network
VLAN Virtual Local Area Network
WAF Web Application Firewall
1. Key Information
1.1. Fact Sheet
S. No Item Details
1. RFP reference No and Date APTS/N/CYBERSECURITY/AP-SOC/2017
Rs. 50,000/- (Rupees Fifty Thousand only) (DD in the
2. Non-Refundable Tender Cost favour of The Managing Director, Andhra Pradesh
Technology Services Limited payable at Vijayawada.
Publication of Tender Document through e-
3. 08/09/2017
Tender
15/09/2017, 5.00PM (No written Queries would be
4. Last date for Submission of Pre-Bid Queries
considered beyond the said date and time)
16/09/2017, AT 10.3o AM at Conference Hall, 3rd
5. Pre-Bid Conference Date, Time & Venue
Floor, APSFL, RTC Bhavan, Vijayawada, AP
6. Publish Response to Pre-bid queries 21/09/2017
7. Last Date and Time for Submission of Bids 27/09/2017, 2.00 PM
Venue/ Locations for opening of technical
8. On e-procurement Website
bids and Financial bids
Prequalification Bid opening date on e-
9. 27/09/2017, 2.30 PM
procurement platform
10. Indicative date for Technical presentation 04/10/2017 and 5/10/2017
11. APTS Contact Person for any Queries Mr. K.Dhavuryan Naik, Manager (Cyber Security)
12. APTS Contact Person E-Mail ID dhavuryannaik.k@gov.in,
13. APTS Contact Person Contact Number Mr. K.Dhavuryan Naik: 09963029418
The method of selection is Least Cost (L1) among the
14. Method of Selection
technically qualified bidders.
Three-Stage Bid System
1. Pre-qualification Bid
15. Bid Process Stages
2. Technical Bid
3. Financial / Price Bid
16. EMD Rs. 25,00,000/-
Date and Time of submission of original
copies of EMD (Physical Copy), tender
17. document fee (Physical Copy) and 1 hard 27/09/2017, 2.30PM
copies of Technical Proposal and One
Softcopy to the O/o MD APTS
18. Performance Security Rs. 10% of contract value
1. Submission of PBG within 7 calendar days
2. PBG validity: 90 days beyond contract period
19. Performance Security validity period
Submission of PBG: Within 10 days of receipt of letter
of notification of award
S. No Item Details
Maximum period to sign the contract is 12 calendar
20. Period of Signing the contract
days from the date of issue of Letter of Award (LoA).
180 working days from the date of submission of
21. Bid Validity
online bids
22. Contract period As per the timelines defined in the RFP
Minimum of 75 Marks
23. Technical Evaluation Minimum Cut off
Score
RFP Format
The intent of this RFP is to invite proposals from the prospective bidders and the contents are provided in
following Sections:
This RFP document consists of the instructions to the respective bidders on the process of bids submission
with respective forms to be submitted by the bidder for each category of bid evaluation
Within India, Security incidents in 2016 have increased by around 82% from 2015. The types of incidents
handled were mostly related to malicious code, phishing, website intrusion, spam, network scanning and
probing and malware propagation. A report by the National Crime Records Bureau (NCRB), Ministry of Home
Affairs, Government of India, titled Crime in India-2014, shows a 69% increase in cases reported under the
Information Technology (IT) Act in 2014 from the year before.
It is necessary to highlight that a cyber security program is just not about existing technology – it is also about
developing standards & guidelines to promote security, developing a capacity in terms of both law
enforcement, and niche technical skills, and creating a governance structure to ensure public and private sector
entities adhere to the state guidelines.
Government of India had notified the “National Cyber Security Policy in 2013”. The National Policy lays down
a number of strategies for realizing the vision of ‘building a secure and resilient cyberspace for citizens,
businesses and Government’. These strategies seek to create an assurance framework; strengthen the regulatory
framework; create capabilities and systems required for assessment of risks, early warning and incident
management; protect Critical Information Infrastructure; secure e-Government services; develop human
resources, and above all, create an all-round awareness of the importance of cyber security.
The e-Pragati Program being currently implemented by the Government is based on a whole-of-government
approach, whereby all the e-Governance systems are interconnected and integrated and provide a wide range of
services online. Core datasets like the People Hub, Land Hub, Entity Hub, GIS Hub and IoT Hub will be
created and extensively used in providing digital services. The AP FibreNet initiative will make universal
access to Internet a reality soon.
In this context, it is all the more necessary for Andhra Pradesh to fortify its cyber security mechanisms and
create a robust security ecosystem in the State. The Government feels it expedient to establish the Andhra
Pradesh Cyber Security Policy, to complement and supplement the National Cyber Security Policy 2013, and to
give a practical effect to it in the State.
The State of Andhra Pradesh has been a pioneer in the use of ICTs extensively for delivery of public services
and felt the need to establish “Andhra Pradesh Cyber Security Policy” to complement and supplement the
National Cyber Security Policy 2013 and issued a vide G.O MS 2 dated 01.03.2017 “Andhra Pradesh Cyber
Security Policy 2017”.
3. APTS Overview
Andhra Pradesh Technology Services (APTS) is a government owned company incorporated in the year 1986,
under the administrative control of IT, E&C Department.
APTS is a self-sustained company whose major activities are Implementation of major IT Projects in Andhra
Pradesh, Software development, IT Consultancy services, Partnerships, Audits and Appraisals etc.
APTS is also focusing on Establishing MoUs, JVs and SPVs with technology partners for adopting new &
innovative technologies and to promote and market the technologies across the country.
APTS is identified by government as nodal agency for implementation of Cyber Security Policy.
Bidders are requested to go through the link below to understand the detailed policy incentives for IT in AP
1. AP IT Policy 2014-20
http://www.apiic.in/wp-content/uploads/2015/07/AP-IT-Policy-2014-2020.pdf
2. Amendments to AP IT Policy 2014-20
http://www.apit.ap.gov.in/Other%20Docs/2016ITC_MS21.PDF
The AP-SOC Service Provider shall open an office and operate, deliver the services from the jurisdiction of AP
CRDA region.
6. Project Objective
In view of the growing use of IT and evolving new threat and vulnerable environment, Government of Andhra
Pradesh intends to select a Service Provider with suitable security solution to implement the Cyber Security
Operations Centre (AP-SOC) in well-phased manner clearly demonstrating value to all beneficiaries of the
project and provides comprehensive awareness and of cyber threats to the Government and SME’s across the
state. AP-SOC will act as state of art and shall also act as center for detection and defense with its excellence
where as it will also provide logical security to different department within state.
Government of Andhra Pradesh (GoAP) intends to select a service provider with suitable security service to
implement the Andhra Pradesh Cyber - Security Operations Centre (AP-SOC) in well-phased manner clearly
demonstrating value to all Stakeholders. AP-SOC will act as state of art and shall act as center for
Identification, detection and response to Cyber Security to various departments in the state. As part of the
roadmap, Government of AP would like to setup Computer Emergency Response Team (CERT) in the State
and would like to leverage AP-SOC for the same. AP-SOC will help the government to baseline security across
the state departments and improve the security awareness and monitoring to build CERT-AP in the state.
APTS intends to invite bids from suitable Service Provider to design, implementation and operations of a
Andhra Pradesh Cyber - Security Operations Centre (AP-SOC) to provide comprehensive information security
monitoring and possible remediation. The overview of the initiative is as follows:-
1. Select AP-SOC Service Provider to provide Security Monitoring Services in the State on a Service Model –
“Pay as per usage”.
2. Provide Security Monitor services for the Government and Critical Information Infrastructure (CII) and can
also extend the services to Small and Medium Enterprises (SME) in State to promote investment and create
job opportunities.
3. Bidder is responsible for the Implementation and Operations of services covering core technology
components , People and Process. APTS is responsible to provide the Data centre space and AP-SOC
facility.
4. Core services proposed to be provided include
a. Threat monitoring, Analytics and Incident Management
b. Security Infrastructure Device Management
c. Threat Surface Management Services
d. Brand Monitoring and Protection Services.
7.1. Coverage
AP-SOC will provide services to the following stakeholders as follows:
Most of the state departments have hosted their applications in the State Data Centre (SDC). However, some of
the departments have their own Data centre as well. All these applications, IT infrastructure will be monitored
using AP-SOC over a period of time.
All the government applications shall eventually hosted in common data centre (Pi data centre) in
Andhra Pradesh
Bidders is expected to provide revenue sharing to APTS for any such services provided to other clients from the
same facilities. The price offered to other entities for similar service levels will not be lower than price offered
to AP Govt.
Bidder is expected to maintain logical segregation between the AP-SOC consumer entities and will put
appropriate controls in place to ensure zero data leakage between AP-SOC consumer entities. APTS may, from
time to time, ask for compliance report and can engage third parties to audit compliance.
Note: Services mentioned in the RFP and respective SLA is for the govt. of AP only or the
clients for which payment is made by GoAP. Bidder is free to provide additional services or
modified SLA to agencies/departments outside AP government client.
7.2. Duration
1. The partnership shall initially for a period of 3 years extendable by additional 2 years basis on the
performance and service provided by the selected bidder on a mutually agreed terms.
2. As part of the implementation and operations, bidders is expected to integrate devices with EPS as
specified in the RFP.
2. The key responsibilities include but not limited to staffing, reporting the SLAs, trainings for the staff,
reviewing SOPs and making required updates etc.
3. Bidder will also be required to maintain, manage and upgrade AP-SOC infrastructure to meet evolving
threats scenarios.
9.1.2. People/Resources
1. Bidder is expected to deploy sufficient resources to provide 24*7*365 services as defined to meet the
Service Levels.
2. Apart from the AP-SOC operations resources, Bidders is expected to deploy experienced resources to
coordinate with various Stakeholders to integrate, monitor and support in any security incident.
3. Bidder is expected to estimate the number of resources required to provide the services to meet the
SLA.
9.1.3. Processes
1. Bidder is responsible to prepare guidelines and SoP’s for the AP-SOC operations based on the
international standard and best practices including ISO 27001, ISO 9001, and Cert-In Guidelines etc.
2. The above Guidelines and SoP's will be approved by the GoAP/ APTS.
2. Departments /agencies will take corrective action in case of gaps identified in the infrastructure/
Applications managed by them or their service provider.
APTS clients
Activity APTS Bidder
# (Departments)
1 AP-SOC Solution Strategy, Design & plan M &S P
2 AP-SOC Solution procurement and supply M&S P
3 Installation & integration of Cyber solutions M&S P
4 Training M &S P
5 Documentations M&S P
6 Acceptance of the AP-SOC solution M &S P
7 Ongoing AP-SOC Operations M&S - P
8 AP-SOC Operations Review M &S V&M P
9 SLA Reports M&S V&M P
0 Incident Resolution M P V&M
2. Bidder should consider, Vijayawada as Primary AP-SOC site and Hyderabad as secondary/ DR
site.
Bidder should define, develop, update and maintain metrics for measuring, monitoring and reporting
status and effectiveness of various activities mentioned in the SOW.
Bidder should define, develop, update and maintain metrics for implemented technology, identifying
efficiency and effectiveness of tools, activities used within the security program, people-based metrics
and process based metrics etc an same must be updated in real time and provide current status of
security posture to APTS stakeholders.
3. Collect network flow data, including Layer 7 (application-layer) data, from switches and routers
4. Collects vulnerability information from network and application vulnerability scanners in real time and
offline.
5. Perform immediate event normalization and correlation for threat detection and compliance reporting
6. Ability to extend / integrate the platform with any other applications/ platforms utilizing custom apps
and APIs.
7. The proposed solution must be configured, managed, and monitored through a centralized management
console. It should be configured, managed, and upgraded easily, thereby allowing operations team to
focus on core operations activities.
8. Proposed solution should be accessible through web UI, and other interface.
9. Solution should have capability filter/analyze events and flows into a handful of actionable intelligence
with trend analytics, perform event and flow data searches in both real-time streaming mode or on a
historical basis to enhance analysis to prioritize and responds immediately.
10. Integration support to collect various global Threat Intelligence to identify activity associated with
suspicious IP addresses, such as those suspected of hosting malware
11. The proposed solution should be able to integrate with all the leading technologies out of the box. For
any specific technology bidder will be able to create connectors/ parsers and should be able to support
changes in the ecosystem.
12. Meets regulatory requirements around log management, retention, review, and continuous monitoring,
reporting as communicated from time to time.
13. Ability to do full-text search on any field in the indexed data based without any limitation.
14. Solution should enable the easy creation of a wide range of visualizations (not limited to fixed, pre-
canned reports).
15. Visualizations should have the ability to update in real-time and should be able to make clear
outliers/anomalies in need of further investigation
16. Visualizations all support drill-down, click-through capabilities to get from summaries to raw events
within seconds.
17. Threat Intelligence feeds (Indicators of Compromise – IP addresses, Domains, Hashes, etc.) from open
source and other commercial providers to be integrated with the proposed solution to provide advanced
security monitoring services.
a. 24x7 real-time monitoring uptime, availability, health performance of security devices with
mitigation support.
b. Track and follow-ups with stockholders for resolution of reported incidents tickets.
c. Analyzing, advising and logging calls related to security advisories received from external agency
security vendors/OEMs for troubleshooting & resolving the incident, problem and changes for the
devices under management.
d. Ensure systems are up and running, including their other aspects like Configuration, Re-
configuration, updates, upgrades, bug fixes, problem analysis, performance analysis, configuration
optimizations, migration of devices, audits, users profile management, root cause analysis, on-site
support.
e. Bidder should ensure facilitation support for implementation of new security products.
f. Bidder shall ensure logical and acceptable conclusion of all the monitoring, management,
mitigation, administration and reporting issues. This includes tracking of AMC renewal /
validation, RMA support and related vendor/OEM management etc.
g. Bidder must ensure a smooth handover of these devices from current vendor in specified and
declared timelines with proper project management
h. The bidder should deploy appropriate separate (other than monitoring) dedicated on-site manpower
resource to ensure the same.
i. Bidder also has to ensure smooth operations of the in-scope services and solutions.
j. Bidder should ensure the regular SLA tracking and MIS reporting.
Bidder should consider, Vijayawada as Primary AP-SOC site and Hyderabad as secondary/ DR site.
Bidder should define, develop, update and maintain metrics for measuring, monitoring and reporting
status and effectiveness of various activities mentioned in the SOW.
Bidder should define, develop, update and maintain metrics for implemented technology, identifying
efficiency and effectiveness of tools, activities used within the security program, people-based
metrics and process based metrics etc an same must be updated in real time and provide current status
of security posture to APTS stakeholders.
16. Conduct Recovery exercise of above backup on quarterly basis or as per the APTS/department
guidelines.
1.
1. The bidder shall be required to have a capacity to perform VA/PT for atleast 250 IPs to begin with.
The bidder needs to provide details of how the solution/service can scale to cater future
requirement.
2. This will also include monitoring and detection of any kind of unauthorized changes on the
website URL and web site defacement.
3. Bidder shall continuously monitor, detect and responsible for take down phishing sites, brand
abuse, retrieval of compromised customer information and forensic details of such attacks and
take down the sites and provide appropriate solution.
4. Bidder should implementation of real time detection mechanisms and alerts
5. Track and follow-ups with stakeholders for resolution of reported security incidents tickets.
6. Analyzing, advising and logging calls related to security advisories received from external
agency like State-CERT, National-CERT, security vendors/OEMs etc.
7. Identify the origin threat, RCA, measures for preventive recurrence.
Bidder shall provide 24*7*365 management of brand abuse incidents with following activities in
broad level under security device management, but not limited to:
1. Track hosting of phishing sites through implementation of watermark and other means.
2. Monitoring similar domain name registration.
3. Monitoring junk e-mail messages.
4. Monitoring spam traps to detect phishing mails.
5. Monitor networks known to be sources of attacks and/or points of collection of compromised data.
6. Monitor any fraudulent/rouge mobile apps targeting customers to capture their credentials for
fraudulent transactions.
7. Remove fraudulent/rouge mobile app targeting customers to capture their credentials hosted on
popular app stores provided by companies such as Google, Apple, and Microsoft etc.
8. Perform Web site analysis to detect phishing sites.
9. Taking down of phishing sites anywhere in the world either on bidder own reach or through
partnerships. Bidder should have alternative response mechanisms other than web site take down to
minimize impact of phishing.
10. Blocking of the phishing sites in web browsers including but not limited to the following browsers
a. Internet Explorer
b. Mozilla Firefox
c. Google Chrome
d. Opera
11. Providing incident reports on phishing attacks and fraudulent/rouge mobile apps involving threat
analysis and threat categorization.
12. Anti-malware monitoring of websites/portals and implement all the measures as may be necessary
from time to time to mitigate the evolving threats.
13. Bidder must have capability for 24X7 monitoring for Malicious Mobile Code (MMC) infection of
the websites.
14. Service should be tool based automated solution with e-mail & SMS alerts.
15. Service should support scanning to a depth of multiple pages for static and dynamic links.
16. Solution must support checking all website links against well-known global black lists.
17. Bidder must manage incidents for MMC infection/injection including solution, coordination for
recovery in the shortest possible time.
18. Solution must provide online interface to see previous online reports of all the websites under
monitoring.
19. Monitoring of compromised servers for forensic information related to APTS customers till the
primary incident is closed and provide complete forensic details to the APTS
20. The selected bidder shall ensure resolution of Phishing, Pharming, Trojans, and Malware related
incidents within 2 hours once it is reported by the bidder.
21. Once the phishing site is taken down, the IP and domain name where it was hosted should be kept
under continuous supervision so that the phishing site on the same IP and with the same domain
name does not resurface.
22. Bidder should provide a customized real time dashboard.
Note: All the components proposed should not be End of Life or End of Support during the contract
period.
10.8. Scalability
Since the APTS would like to extend the services to other department and states, proposed solutions offered
should be modular, scalable, and should be able to address the future requirements.
10.9. Availability
The services/ solutions in scope should be designed with adequate redundancy and fault tolerance to ensure
High Availability (HA) and disaster recovery requirement.
Identification & Remediation of Security Threat and their breaches: The SOC
solution should be able to identify security threat\vulnerabilities across the identified
departments at ICT environment under Government of AP and remediate those
vulnerabilities.
Incident Management: Reporting and logging of security events/incidents through the use
of appropriate tools. Closely track and monitor the closure of those security incidents and
escalate them to appropriate teams/ individuals in the specific departments if required.
Continuous Improvement: Continuously improve SOC services/ operations, with proper
plan of action applied.
Milesto Deliverabl
Freque Durati ne es/expecte
Require Description ncy on d
#
ments outcomes
1 Strategy The bidders shall develop the strategy and One One T0+1 Service
operating framework for AP-SOC design, time Weeks Strategy
Week
implementation and operations as per the contract Framewor
period for integration & monitoring requirements k
for APTS.
2 Design & The bidder shall develop architecture design for One One T0+2 Solution
Plan AP-SOC and provide the detailed plan for time Week Weeks Design
implementation of AP-SOC as per the design in and Plan
terms of people, process, and technology and AP-
SOC infrastructure.
3 Procurem The bidder shall identify, procure and supply the One Six T0+8 Technolog
ent & best in class technology solution and equipment for time Weeks Weeks y
Supply setting up AP-SOC infrastructure, which includes Solutions
Core technologies (SIEM, Incident response
platform, Threat intel platforms, ticketing tools
etc.), underlying, software, Operating systems,
servers, storage, backup solution, racks, network,
security devices along with desktops / laptops for
analysts, Audio-video setup with extended displays,
collaboration tools, phone sets and other system
requirement to build a fully equipped AP-SOC.
4 Installati 1. Installation of underlying infrastructure One Six T0+14 Server/
on & network & server racks, servers, network and time Weeks Data
Weeks
Integratio security equipment as per design requirements. center
n 2. Installation & integration of core AP-SOC tools setup
& technology as per design for threat
AP-SOC
monitoring, detection and response.
technology
3. Integration of log sources for log collection,
implement
storage, correlation, monitoring & reporting.
ed
4. Process / workflow implementation
5. Installation & integration of user computing AV
(laptops/ desktops/ monitors etc), collaboration installation
tools, phone sets & related infrastructure. Process/
6. Audio-Video (AV) installation & integration as
workflow
per design. implement
7. Installation & integration of solution for Patch
management, Vulnerability assessment, penetration
ed
testing, mobile testing.
Milesto Deliverabl
Freque Durati ne es/expecte
Require Description ncy on d
#
ments outcomes
5 Training Provide training to the identified APTS personnel/ One 5 days T0+15 Training
AP-SOC team on the product architecture, time at Weeks Agenda &
functionality and the solution design – to be the time contents
provided before the implementation of solution implem
Training
entation
schedule
& half
yearly Training
during delivery
operatio
ns
6 Documen 1. Develop and provide all the technical, process, One One T0+16 Project
tation SOP documents. time & Week Weeks documents
2. Technical product installation & configuration regular
Implement
guide (customized guide as per design & updatio
ation
implementation). n
document
SOP for
AP-SOC
operations
7 Testing Parallel T0+16
and Trial activity Weeks
Run along
with
Docum
entation
7 Operatio 1. 24x7 real-time monitoring, logging, analyzing, Ongoin Contrac T0+17 Incident
ns responding to stakeholders (security devices g after t period Weeks Monitorin
management teams/vendors/ systems Go live to g, &
integrators) with mitigation advisories and T0+156 reporting
recommendations. Weeks through
2. Track and follow-ups with stockholders for alerts,
resolution of reported security incidents tickets. reports,
3. Analyzing, advising and logging calls related to dashboard
security advisories received from external s
agency like State-CERT, National-CERT,
Threat
security vendors/OEMs etc.
advisory
4. Ensure systems are up and running condition,
their other aspects like Configuration, Re- Log
configuration, upgrades, bug fixes, problem storage
analysis, performance analysis, configuration Use case
optimizations, migration of devices, audits, developme
users profile management, root cause analysis, nt &
on-site support. enhancem
5. Bidder should ensure facilitation support for ent
implementation of new security products.
6. Bidder shall ensure logical and acceptable
conclusion of all the monitoring, management,
mitigation, administration and reporting issues.
Milesto Deliverabl
Freque Durati ne es/expecte
Require Description ncy on d
#
ments outcomes
This includes tracking of AMC renewal /
validation, RMA support and related
vendor/OEM management etc.
7. Bidder must ensure a smooth handover of these
devices from current vendor in specified and
declared timelines with proper project
management
8. The bidder should deploy appropriate separate
(other than monitoring) dedicated on-site
manpower resource to ensure the same.
9. Bidder also has to ensure smooth operations of
the in-scope services and solutions.
10. Bidder should ensure the regular SLA tracking
and MIS reporting
11. Continuous identification, monitoring of threat
landscape and attacks surface for APTS and
associated departments/ business functions.
12. Perform Vulnerability scanning, Penetration
testing, application code reviews, mobile testing
for identify the known/unknown vulnerability,
follow-ups with stakeholders and ensure the
remedial action.
13. Continuously monitor for the missing Patches,
recommend for necessary patches and ensure
remedial action.
14. Coordinate with external agency like State-
CERT, National-CERT, and security
vendors/OEMs etc. for new /zero day
vulnerabilities and solution and remedial action.
15. Bidder has to provide the solution that monitor
the Logo, URLs, domain name, rogue mobile
application, Social media monitoring etc
16. Bidder shall continuously monitor, detect and
responsible for take down phishing sites, brand
abuse, retrieval of compromised customer
information and forensic details of such attacks
and take down the sites and provide appropriate
solution.
17. Bidder should implementation of real time
detection mechanisms and alerts
18. Track and follow-ups with stockholders for
resolution of reported security incidents tickets.
19. Analyzing, advising and logging calls related to
security advisories received from external
agency like State-CERT, National-CERT,
security vendors/OEMs etc.
20. Identify the origin threat, RCA, measures for
preventive recurrence
21. Identify the origin threat, RCA, measures for
preventive recurrence.
22. Log Management / storage service to ensure
Milesto Deliverabl
Freque Durati ne es/expecte
Require Description ncy on d
#
ments outcomes
logs availability for live correlation, analysis
and forensics investigation. Perform on-going
optimization, configure additional use-cases,
and suggest improvements as a Continuous
Improvement Process.
23. Perform log backup and archival as per policy
requirements, and applicable legal and statutory
requirements.
11.1. Reports
Expected Reports in the Operation Stage
Following are the minimum reports, bidders shall provide in the operation phase to APTS.
1. Daily Reports:
1. Top attacker and Target report
2. Top firewall ports access report (inbound/outbound)
3. Top Signature triggered
4. Top Account brute forced
5. Top systems infected
6. Top virus infection in the network
7. SIEM/monitoring tool performance report
8. Daily firewall utilization report (CPU and Memory)
9. Firewall availability report
2. Weekly Reports
1. Weekly security incidents status report
2. Daily device utilization report
3. Device availability report
4. Antivirus and Patch compliance status report
5. Anti-phishing and Anti-malware status report
6. Device: Incident, Service request and Change status report
7. Weekly threat advisory and vulnerability report
Monthly Reports
1. Executive summary report for all the services
2. Monthly Security incident status report
3. Monthly security incident trend analysis
4. Monthly device availability report
Quarterly Reports
1. Quarterly Security incident status report
2. Quarterly security incident trend analysis
3. Quarterly device availability report
A proposal valid for shorter period may be rejected as non-responsive. APTS may seek the selected applicant’s
consent to an extension of proposal validity (but without the modification in proposals). Where the applicant
claims confidentiality or seeks to reserve intellectual property rights in respect of any part of its response or
requests such part should be treated as “confidential” or “commercial in confidence”, they must:
• Clearly mark the part of the document in respect of which the claim is made
• State the basis of claim for confidentiality for each item marked (a blanket claim cannot be reasonably
made)
• Convince APTS that such a claim is reasonable
• “Corrupt practice” means the offering, giving, receiving or soliciting of anything of value to influence
the action of APTS or any personnel of Bidder in contract execution
APTS will declare a Firm Blacklist either indefinitely or for a stated period of time, for awarding the contract,
if it at any time determines that the Firm has engaged in corrupt, fraudulent and unfair trade practice in
competing for, or in executing, the contract.
Mandatory documentary
# Pre-Qualification Criteria
evidence to be submitted
The Bidder must be a registered company in India,
registered under the Companies Act 1956/ 2013. Copy of Certificate of
1. The Bidder should be operating in India for the last
Incorporation - Format P#2
three years as on 31/03/2017
Mandatory documentary
# Pre-Qualification Criteria
evidence to be submitted
31/03/2017. Certificate from the statutory auditor stating the
Average Annual Turnover of the firm in the last 3
financial years
-- Form P5
Copy of the audited Profit & Loss Statements for
The bidder should have an Average Annual turnover each of the last 3 financial years
of at least Rs. 25 crore (Rupees Twenty Five Certificate from the statutory auditor stating the
4. crores) in each of the last three financial years from
income from Information Security based security
Information Security Services as on 31/03/2017
services revenue
-- Form P6
The bidder should have completed:
At least 2 SOC completed projects in India/Global
in last 3 financial years, each with value not less
than Rs. 5 Crores.
(OR)
At least 3 SOC completed projects in India/Global
in last 3 financial years, each with value not less Copy of the Work Orders along with client
than Rs. 3 Crores. certificate / work completion certificate stating the
5. scope and progress of the project.
(OR)
-- Form P7
At least 5 SOC completed projects in India/Global
in last 3 financial years, each with value not less
than Rs. 2 Crore.
* Note: SOC Revenue to include SOC design,
implementation and operations. SOC will be
considered as Security Monitoring and Security
Device management.
Bidder is providing Managed Security Operations Copy of the Work Orders along with client
Services (MSS) to 3 clients with minimum 5000 certificate / work completion certificate stating the
6. EPS for last 3 financial year in India as on date of scope and progress of the project
submission of bid. -- Form P8
Copies of the valid ISO 27001 certificate from
7. The Bidder should have an ISO 27001 certification
authorized agencies
The Bidder should not have been blacklisted by Self-declaration by the Bidder duly signed by the
8. Central Government / Any State Government / Any authorized signatory as per the format specified at -
PSUs in India as on the date of bid submission. - Form p9
The bidder should be a System Integrator (SI) for
the proposed SIEM solution during the last three Enclosed copies of reference letter /completion
financial years as on date of bid submission, and certificate provided by clients where SIEM solution
9. should have successfully implemented the is implemented.
proposed SIEM at a minimum of two Public/
Private Organization in India or Globally.
Mandatory documentary
# Pre-Qualification Criteria
evidence to be submitted
The bidder should have at least 100 full time Self-declaration by the Bidder duly signed by the
Technically Qualified Personnel on its rolls in the authorized signatory.
10. area of Security and IT services on its payroll for
the past three years. -- Form P11
Note:
• Bidder should operate the teams from Andhra Pradesh, preferable from AP CRDA region.
• In case, the bidder is not having GST registration in AP at the time of bid submission, an under taking
must be submitted that they will obtain GST in AP. The successful bidders has to obtain the GST in
AP. The eligible payments shall be released on submission of the GST registration certificate.
1. Bidders can submit their bids with self-declarations in respect of the pre-qualification criteria
prescribed in the RFP
2. The procuring agency shall evaluate the bids based on the self-declaration and select the successful
bidder
3. The successful bidder should submit the documents to prove their pre-qualification as specified in the
RFP, within 5 working days from the date of declaration of successful bidder
4. APTS will receive support documentations, verify the compliance with the requirements of the RFP
and if they are in order, issue the award notification
5. Failure to submit all support documents by the successful bidder within specified time or non-
compliance with the self-declaration or non-fulfillment of the pre-qualification criteria specified in the
RFP, upon their verification, shall entail forfeiting the EMD and Blacklisting of such bidder for a
period of two years. In such cases, the procuring agency may proceed further with the next-ranked bid.
However, Bidder should submit the following support documents mandatorily as part of the bid
response
i. Power of Attorney (POA) or Board Resolution authorizing the person signing the proposal to sign
on behalf of the firm or Letter of Authorization
ii. Self-declaration confirming the truth of the data or information furnished by the bidder.
iii. Receipt of purchase of bid
This RFP does not constitute an offer by APTS. The bidder’s participation in this process may result in
APTS selecting the bidder for APTS to engage in further discussions toward execution of a contract.
The commencement of such discussions does not, however, signify a commitment by APTS to execute
a contract or to continue negotiations. APTS may terminate discussions at any time without assigning
any reason.
After release of the RFP, APTS will accept Request for Clarification from the interested parties. All
clarifications should be sent in writing as per the format provided in the table below.
All clarifications should be sent from email ID of Prime contact person of the bidder on or before the deadline
mentioned in the RFP. Telephone calls will not be accepted for clarifying the queries.
All enquiries / clarifications from the prospective bidders for this RFP must be directed to the contact person
notified by APTS as given in the data sheet. In no event will APTS be responsible for ensuring that Bidders’
inquiries have been received by APTS. APTS may at its option share the replies to the queries by publishing it
in the website www.apts.gov.in/ apeProcurement portal. However, APTS makes no representation or warranty
as to the completeness of any response, nor does APTS undertake to answer all the queries that have been
posed by the Bidder. The bidders or their designated representatives may attend the Pre–Bid Meeting at their
own cost, at the venue on date specified in the RFP Datasheet. It is not mandatory for all the prospective
bidders to attend the pre bid meeting to participate in the pre bid discussions & to receive the clarifications
issued during the pre-bid.
The purpose of the meetings will be to clarify issues and to answer questions on any matter relating to the RFP
that may be raised at that stage. Participants to the Pre-Bid meeting should carry-
It may be noted that participants not carrying the above documents will not be allowed to attend the Pre-Bid
meeting. The participants are advised to be present 30 minutes in advance to the scheduled time of the Pre-Bid
Meeting.
• Please note that not attending the Pre–Bid Meeting will not be a cause for disqualification of a bidder.
• No queries will be answered in regard to the tender document before the Pre-Bid meeting.
• After issue of pre bid clarifications, no further clarifications shall be entertained.
ii. At any time prior to the deadline (or as extended by APTS) for submission of bids, APTS, for any
reason, whether at its own initiative or in response to clarifications requested by prospective bidder,
APTS may modify the RFP document by issuing amendment(s). All bidders who have attended the
pre-bid meeting will be notified of such amendment(s) and will also be made available on
www.apts.gov.in/ apeProcurement portal, and these will be binding on all the bidders.
iii. In order to allow bidders a reasonable time to take the amendment(s) into account in preparing their
bids, APTS, at its discretion, may extend the deadline for the submission of bids.
Contact Registration Authorities of any Certifying Authorities in India. The list of CAs is available by clicking
the link: https://tender.apeprocurement.gov.in/DigitalCertificate/signature.html
acknowledgement is not generated by the e-Procurement system are treated as invalid or not saved in
the system. Such invalid bids are not made available to the Tender Inviting Authority for processing
the bids. The GoAP and APTS are not responsible for incomplete bid submission by bidders.
13.4.9. Deactivation of Bidders
As per the GO. Ms. No. 174 - I&CAD dated: 1-9-2008, if the bidder fails to submit the original hard
copies of uploaded certificates/documents, DD/BG towards EMD within stipulated time or if any
variation is noticed between the uploaded documents and the hardcopies submitted by the bidder, as
the successful bidder will be suspended from participating in the tenders on e-Procurement platform
for a period of 3 years. The e-Procurement system would deactivate the user ID of such defaulting
bidder based on the trigger/recommendation by the Tender Inviting Authority in the system. Besides
this, the department shall invoke all processes of law including criminal prosecution of such
defaulting bidder as an act of extreme deterrence to avoid delays in the tender process for execution of
the development schemes taken up by the government. Other conditions as per tender document are
applicable.
technology methodologies for carrying out activities and obtaining the expected outputs, and the
degree of detail of such output. Bidders should also explain the proposed methodologies and
highlight the compatibility of those methodologies to the proposed approach and the needs of the
project. Applicant shall also include the risk management plan, security, business continuity plan,
disaster recovery plan and quality assurance plans as a part of approach and methodology, Work
methodology & Work Plan: In this part the applicant should propose the main activities of the
assignment, their content and duration, phasing and interrelations, meetings, milestones (including
interim approvals by the client), and delivery dates of the reports/ documents. The proposed work
plan should be consistent with the technical approach and methodology, showing understanding of
the scope of work and ability to translate them into a feasible working plan. A list of the final
documents, including reports to be delivered as final output, should be included here. The work plan
should be consistent with the work schedule, milestones, deliverables, meetings and presentations
shall be clearly mentioned
D. Organization and staffing: In this part the applicant should propose the structure and composition
of team for the main disciplines of the assignment, the key expert/ firm responsible, and proposed
technical and support staff may be provided. Capacity building: Bidder should submit a brief
approach note on training of APTS/ITE&C Department staff during implementation and post-
implementation. Bidder should provide hands on training before requesting for acceptance and
completion of implementation. Training and manual details should be provided to all the users.
E. Approach for Project implementation: Detailed approach for carrying out the project
implementation along with the support and maintenance during the contract. Bidders should submit
a detailed approach for both first and second phase implementation. Bidders need to give detailed
approach how they would implement complete project with integration plan.
F. Company profile: Details of the point of contact along with brief work profile of the Bidder as well
as other partner firms including relevant experiences of executing similar projects. Bidder may
include relevant case studies and attested copies of completion certificates from clients in support of
the case studies.
G. Innovation: If any, on the RFP to improve performance in carrying out the project. Innovativeness
in terms of proposing the functional services that can be taken up by the APTS/ITE&C Department
beyond what is already provided in the RFP shall be appreciated.
H. Other Information: Any other information relevant to the solution as preferred by the bidder can
also be placed in the document.
I. Technical Forms: The Bidder shall submit the technical Forms as per the list given below
amount, the decision of APTS will be final and binding on the proposals (in case of
discrepancy, the amount in words will be considered as final).
C. Prices quoted by the Bidder shall be final (exclusive of all taxes, duties, insurance, license fee
and other costs). No variation in prices will be allowed under any circumstances during the
entire period of project. No Conditional and open ended bid shall be evaluated and the
same is liable for rejection.
D. The commercial proposal submitted by the Bidder should be inclusive of all the items in the
technical proposal and should incorporate all the clarifications provided by the Bidder on the
technical proposal during the evaluation of the technical proposal.
E. Prices shall be quoted in Indian Rupees (INR) only.
F. The Bidder shall quote the price for all the components, the services of the solution to meet the
requirements of C-SOC as listed in this RFP.
G. Bids with price adjustment shall be rejected.
H. The price quoted in the commercial proposal shall be the only payment, payable by APTS to
the successful Bidder for completion of the contractual obligations by the successful Bidder
under the Contract, subject to the terms of payment specified as in the proposed commercial
bid or the one agreed between APTS and the Bidder. The price would be inclusive of all taxes,
duties, charges and levies as applicable.
I. The prices, once offered, must remain fixed and must not be subject to escalation for any
reason whatsoever within the period of the validity of the proposal and the contract (for
successful bidder). A proposal submitted with an adjustable price quotation or conditional
proposal may be rejected as nonresponsive.
J. Bidder should provide all prices, quantities as per the prescribed format given in volume II of
this RFP. Bidder should not leave any field blank. In case the field is not applicable, Bidder
must indicate “0” (zero) in all such fields.
K. It is mandatory to provide breakup of all taxes, duties and levies wherever applicable and/or
payable. All the taxes of any nature whatsoever shall be borne by the Bidder.
L. The bid amount shall be inclusive of packing, forwarding, transportation, insurance, delivery
charges and any other charges as applicable till the end of the contract period.
M. APTS / ITE &C Department reserves the right to ask the Bidder to submit proof of payment
against any of the taxes, duties, levies indicated within specified time frames.
N. Price Commitment and Validity: As part of the technical proposal, the Bidder will be asked to
provide a complete Bill of Materials (along with the complete technical specifications for each
of the individual items) for the procurement of the components required for APTS/ITE&C
Department and for their maintenance as specified in this RFP. In the Commercial bid, the
Bidder will be asked to provide pricing for the same. Managing Director, APTS reserves the
right to procure (by itself) the proposed components from the Bidder at rates not exceeding the
rates proposed by the Bidder as part of their Commercial Proposal.
b. The Bidder may withdraw, substitute, or modify its bid on the e-procurement portal, in accordance with
the process specified below, no later than the date and time specified in the BDS
c. The process of modification & withdrawal of bid:
i. The bidder can withdraw/modify the bid submitted by him previously. However, if a bid is
withdrawn, the bidder can’t participate in the bid again.
ii. After entering with the Login ID and Password, the bidder can modify or resubmit the bid
for any number of times till the last date of submission by clicking on the option “My bid”.
The lists of tenders which the bidder participated previously are displayed here with the bid
ID.
iii. Each Bid ID has a corresponding “Action” column containing the list of icons for ‘Rebid
Submission, EMD Resubmission, Tender Fee Resubmission, Financial Bid Resubmission,
Bid Withdrawal’ are displayed.
iv. After resubmission, the bidder will get an acknowledgment with Re-Bid Attempts Counter
Number for that particular bid. As the bidder attempts further rebid submissions, the Re-
Bid Attempts Counter number goes on increasing.
v. In Case of withdrawal of bid, the bidder need to click the “Withdraw Bid “Icon under
“Action” column of respective bid ID in ‘My Bid’ Section. Once the bidder with draws the
bid, he/she cannot participate in the bid again. For further details please refer ‘Bidders
Manual KIT’ by logging into https://eprocure.gov.in/eprocure/app
d. No bid may be modified subsequent to the deadline for submission of bids. No bid may be withdrawn
in the interval between the deadline for submission of bids and the expiration of period of bid validity
specified by the Bidder on the bid form. Withdrawal of a bid during this interval may result in the
forfeiture of EMD of the bidder.
The tenders that do not conform to the tender conditions and tenders from firms without EMD, Bid document
fee shall be straight away rejected.
Subsequent to the preliminary scrutiny and identification of qualified bidders, further evaluation of the bids will
be done in three stages and at the end of every stage short listed bidders will be informed of the result to have a
fair and transparent competition.
1. The technical bid will be examined by an evaluation committee as per the GO.Rt.5, dated 13.01.2016, ITE
&C Department, Government of Andhra Pradesh, based on the evaluation criteria and the points system
specified in this RFP.
2. The bidders, who score an aggregate technical score of 80, will qualify for the evaluation of the commercial
bid.
3. Non Compliance of any technical specification in the hardware proposed from the RFP requirements, the
proposal shall be summarily rejected.
2. Technical proposal of the bidders will be opened and evaluated who meets all the prequalification criteria.
The evaluation committee will evaluate the Technical Proposals on the basis of the technical evaluation
criterion as provided below. The bidder has to follow the structure while drafting the RFP as per the Forms
provided against each criterion. The bidder should attain a qualifying score of 75 marks to be considered
for the Commercial bid. The bidder who fails to attain 75 marks overall in Technical score would be
considered as dis-qualified
Max Form
S. No. Evaluation Criteria
Score No
The Average Annual Turnover of the bidder in the last three 4 T1
financial years (In FY 2016-17, FY 2015-16 and FY 2014-15).
I a) Rs 100 cr to <=200 cr 2 Marks (or)
b) >Rs200 cr to <500cr 3 Marks (or)
c) >=Rs 500 cr 4 Marks
II The Annual Turnover of the bidder in the last three financial years 6 T2
exclusively from Information Security services (In FY 2016-17,
FY 2015-16 and FY 2014-15).
a) Rs 25 to <=50 cr 4 Marks (or)
b) >50 to <=75 cr 5 Marks (or)
c) >Rs 75 cr 6 Marks
The Bidder’s successful implementation experience with proposed 10 T3
SIEM at Public/ Private Organization in India or Globally in last
three years.
III a) <2 to <=4 6Marks (or)
b) >4 to <=6 8 Marks (or)
c) >6 10 Marks
Number of SOC completed /go-live projects in India/Global in last 10 T4
3 financial years, each with value not less than Rs. 5 Crores value
in last 3 years
IV a) 2 to <=4 6 Marks (or)
b) >4 to <=6 8 Marks (or)
c) >6 10 Marks
Number of Managed Security Operations Services (MSS) to 15 T4
Clients (India/Global) with minimum 5000 EPS for last 3 financial
years
V a) <5 clients 10 Marks
b) >=5 and <7 clients 12 Marks
c) >=8 Clients 15 Marks
Proposed Organization Structure and team profiles. This will cover 20 T4
the number of resources proposed, Education/certification and
experience
VI Project Director –6 Marks
Max Form
S. No. Evaluation Criteria
Score No
a) Project Manager –4 Marks
b) Design Lead 4 Marks
c) L3 Profiles - 6 Marks
Approach and Methodology 15 T4
Bidder approach and methodology to design, implement and
operate the AP-SOC.
VII a) Understanding of the Project objective and requirement - 1
marks
b) Approach for AP-SOC integration and operations – 3
Marks
c) SLA Management methodology, SLA monitoring console
for PMU – 3 Marks
d) Approach for positing services to other State Government
Departments and private organizations – 3 Marks
e) Risk Management Strategy – Highlight the associated
risks/problem and plans for mitigations - 3 Marks
f) Proposed timelines activities. Sequencing and dependencies
amount activities and WBS –2 Marks
VIII Technology Solution design/ Architecture proposed 15
a) Solution Design and Architecture – 10 Marks
b) Proposed tools/ products and roadmap – 5 Marks
IX Exit Management 5
a. Comprehensiveness & completeness of the plan for exit
management – 5 Marks
100
Bidder is required to carry out due diligence for the number of resources to run the operations successfully. However,
bidder is required to propose the following minimum resources. The following is indicative number of resources for the
first year and consider for evaluation
1. Engineering
Graduate/MCA
1. Support implementation
2. Minimum of 3-5
of SOC processes and perform
year of
periodic check for compliance CCNA, CCSP,
L2 Security experience in the
2. Handle Incident Escalations CEH
2. Analyst IT security
from SOC L1
industry,
3. Conduct periodic Vulnerability
preferably
Assessment and Reporting
working in a
4. Client Engagement
SOC/NOC
environment
1. Engineering 1. Prior work experience in SOC or Security or
Graduate/MCA NOC environment Network
2. Minimum of 5-8 2. Familiarity needed with several certification is
L3 Security
year of key security technologies Cisco desirable, with
3. Analyst
experience in the Security products, Checkpoint relevant
IT security firewalls, Juniper firewalls, DLP certifications like
industry, tools( MacAfee) , Source fire CISSP, CISM,
preferably IDS, MacAfee/splunk SIEM , CISA or GIA
Minimum Preferred
S.No Role Minimum Key Roles & Responsibilities
Qualifications Certifications
working in a Certificate and key management
SOC/NOC tools, Firewall monitoring and
environment OS compliance checkers.
3. System administration
background in Linux/Unix
Strong analytical and problem
solving skills
4. Assessment and Reporting
5. Client Engagement
1. Lead and manage Security
Operations Center
2. Primarily responsible for security
event monitoring, management and
1. Engineering
response
Graduate/MCA/P
3. Ensure incident identification, 1. CEH
ost Graduate with
assessment, quantification, 2. Additionally
certification or
reporting, communication, one more
SOC specialization in
mitigation and monitoring certification in
Manager domain areas
4. Ensure compliance to SLA, process information
2. Minimum of 10+
adherence and process improvisation security
4. Years’
to achieve operational objectives domain.
experiencein the
5. Revise and develop processes to 3. CISSP
IT security
strengthen the current Security 4. PMP
industry,
Operations Framework, Review 5. GCIH
preferably
policies and highlight the challenges 6. GSEC
working in a
in managing SLAs
SOC/NOC
6. Responsible for team & vendor
environment
management, overall use of
resources and initiation of corrective
action where required for Security
Operations Center
1. Engineering
Graduate/MCA/P
ost Graduate with 1. CEH
certification or 2. Additionally
specialization in one more
domain areas. certification in
2. 1. Design and Implement information
Solution Minimum of 8 of SOC Architecture and perform security
5.
Architect Years’ periodic check for compliance domain.
experiencein the 3. CISSP
IT security 4. PMP
industry, 5. GCIH
preferably 6. GSEC
working in a
SOC/NOC
environment
Minimum Preferred
S.No Role Minimum Key Roles & Responsibilities
Qualifications Certifications
1. Engineering
Graduate/MCA
2. Minimum of 1-2
year of 1. L1 Operations of Network Security
experience in the devices
CCNA or Tool
L1 Device IT security 2. Patch Management
6. based
Management industry, 3. Updating devices
certifications
preferably 4. Tickets Handling
working in a
SOC/NOC
environment
1. Engineering
Graduate/MCA
2. Minimum of 3
1. L2 Operations of Network Security
year of
devices CCNA or Tool
experience in the
2. Patch Management based
L2 Device IT security
7. 3. Troubleshooting and testing certifications
Management industry,
4. Updating devices
preferably
5. Tickets Handling
working in a
SOC/NOC
environment
Client Engagement
1. Engineering
Graduate/MCA
Brand 2. Minimum of 3-5
Management year of
9. CEH/OSCP/CISM
and experience in the
Protection IT security
industry
Bidder has to make presentations at APTS premises or at a place decided by APTS to facilitate the procurement
committee in understanding the bidder’s capabilities to execute the project. The date for presentation will be
communicated in advance. Bidder are expected to communicate the requirements for conducting this exercise 2
days in advance to APTS. Bidder shall ensure that the representative carries a valid photo ID and
authorization letter from the bidder.
The presentations should cover cases of installations of the software in an environment similar to APTS/ITE&C
requirements. The objective of the presentation is to:
The Commercial Bids of the Bidders who qualify in the Technical Stage will be evaluated as per the Evaluation
Criteria mentioned below:
a. The commercial evaluation shall be based in accordance with the following criteria
i. All the bids will be compared on the basis of their Lowest Grand Total specified in the section
Note: Arithmetical Errors in Commercial Proposals - If there is a discrepancy between the unit price
and the total price that is obtained by multiplying the unit price and quantity, the unit price shall
prevail and the total price shall be corrected. If there is a discrepancy between the rates in
words and figures, the rate in words will govern. If the bidder does not accept the correction of
errors, the bid will be rejected and EMD may be forfeited. Bidder is advised to exercise
adequate care in quoting the prices. No excuse for corrections in the quoted figures will be
entertained after the commercial proposals are received by APTS.
The Bidder with the lowest grand total is the successful bidder
a. A PBG for an amount of xxxx should be furnished by the bidder in the form of a Bank Guarantee
as per the format provided in this RFP Forms from Nationalized/ scheduled banks in India
b. The PBG should be furnished within the stipulated working days mentioned in the bid data sheet
from the signing of the contract and should be valid for entire term of the contract.
c. The Performance Bank Guarantee should be valid for the period specified in Bid Data Sheet
d. The performance guarantee shall be returned to the Bidder within 30 days of the date of successful
discharge of all contractual obligations at the end of the period of the agreement by the APTS
e. In the event of any amendments to agreement, the bidder shall within 15 days of receipt of such
amendment furnish the amendment to the performance guarantee as required.
Failure of the successful bidder to sign the contract in the specified period, proposed in this document and as
may be modified, elaborated or amended through the award letter, shall constitute sufficient grounds for the
annulment of the award and forfeiture of the bid security, in which event APTS may make the award to another
bidder or call for new bids.
14.4.5. Failure to agree with the Terms & Conditions of the RFP
Failure of the successful bidder to agree with the Terms & Conditions of the RFP shall constitute sufficient
grounds for the annulment of the award, in which event APTS may award the contract to the next best value
bidder as per this RFP or call for new proposals or invoke the EMD/PBG.
14.5. Disqualification
The proposal is liable to be disqualified under the following cases:
g. The price information, the pricing policy or pricing mechanisms or any document indicative of the
commercial aspects of the proposal are either fully or partially enclosed or is part of the Pre-
Qualification Bid/Technical Proposal Bid.
h. Bidder fails to deposit the Performance Bank Guarantee (PBG) at the time of signing the contract.
i. Bidder does not sign the contract within 15 days of the receiving the letter of acceptance from
APTS.
j. Bidder or any person acting on its behalf indulges in corrupt and fraudulent practices.
k. If bidder provides quotation only for a part of the project
l. In case any one bidder submits multiple proposals or if common interests are found in two or more
bidders, the bidders are likely to be disqualified, unless additional proposals/bidders are withdrawn
upon notice immediately
m. Bidders may specifically note that while evaluating the proposals, if it comes to APTS’s knowledge
expressly or implied, that some bidders may have colluded in any manner whatsoever or otherwise
joined to form an alliance resulting in delaying the processing of proposal then the bidders so
involved are liable to be disqualified for this contract as well as for a further period of three years
from participation in any of the tenders floated by APTS
n. The response to the pre-qualification criteria, technical proposal and the entire documentation
submitted should not contain any information on price, pricing policy, pricing mechanism or any
information indicative of the commercial aspects of the bid.
o. During validity of the proposal, or its extended period, if any, the Bidder increases prices quoted in
the commercial proposal.
15.1. Definitions
a) Days: All Working and Non-working days (365 days in a calendar year)
b) “Scheduled Maintenance Time” shall mean the time that the System is not in service due to a scheduled
activity as defined in this SLA. The scheduled maintenance time would not be during 16X7 (7:00 am to 11:00
pm) timeframe preferably on weekends. Further, scheduled maintenance time is planned downtime taken after
permission of the client.
c) “Scheduled operation time” means the scheduled operating hours of the System for the month. All scheduled
maintenance time on the system would be deducted from the total operation time for the month to give the
scheduled operation time. The total operation time for the systems and applications within the DCs and near
DCs will be 24X7X365 (per year).
d) “System or Device downtime” means accumulated time during which the System is totally inoperable within
the Scheduled Operation Time but outside the scheduled maintenance time and measured from the time a call is
logged with the BIDDER of the failure or the failure is known to the BIDDER from the availability
measurement tools to the time when the System is returned to proper operation.
e) “Availability” means the time for which the services and facilities are available for conducting operations on
the system including application and associated infrastructure. Availability is defined as: {(Scheduled
Operation Time – System Downtime)/ (Scheduled Operation Time)} * 100%
f) “Helpdesk Support” shall mean the support centre which shall handle Fault reporting, Trouble Ticketing and
related enquiries during this contract. Helpdesk support is to be provided as per service window defined in this
RFP.
g) “Incident” refers to any event/abnormalities in the functioning of the any of IT Equipment/Services that may
lead to disruption in normal operations of the Data Centre, System or Device services.
f) If liquidated damages calculations exceed 19% of the quarterly payment for two consecutive quarters, then
the client can take appropriate action including termination of the contract and forfeiting of Performance Bank
Guarantee. If liquidated damages calculations in any quarter exceed 30% of quarterly payment, then the client
can take appropriate action including termination of the contract and forfeiting of Performance Bank
Guarantee.
g) During the transition phase, the SLAs would be calculated but the liquidated damages may be applicable at a
reduced rate, as per the client’s discretion.
h) Bidder shall be responsible for the approval of all policy documents wherever applicable.
i) The severity levels of SLAs and the associated financial Liquidated Damages are defined as per the following
table:
1 2.0%
2 1.0%
3 0.5%
4 0.25%
T > 45 Days 1
Note: In the event of circumstances beyond the control of vendor, the target dates may be revised with mutual
agreement.
15.4. Operations
15.4.1. (AP-SOC)
3. Correlation rules & Configuration of correlation rules & T=30 Days Nil
threshold values threshold values within 30 days from
T + 5 days 4
T + 10 days 3
T + 20 days 2
T + 30 days 1
97.99%> T >= 95 % 3
T < 95 % 2
97.99%> T >= 95 % 3
T < 95 % 2
T < 85 % 2
95%> T >= 92 % 3
90% > T 1
T>=99% Nil
P2: 99% of all high priority incidents
within 8 hours of the event identification
99% > T >=95 % 4
95%> T >= 92 % 3
90% > T 1
T>=99% Nil
P3: 99%of all medium priority incidents
97.99%> T >= 95 % 3
T < 95 % 2
T>=95% Nil
P4: 95% of all low priority incidents
within 72 hrs of the event identification
94.99% > T >= 90 % 4
Severity
# SLA Parameter Definition Target
Level
device. Final penalty to be levied will be the
average of the individual penalties for each
device
Frequency of measurement: Monthly
T = 100 % Nil
% of devices for which backups are taken
based on the agreed backup policy. 100% > T >= 95 % 4
4 Backup
Target: 100%
95%> T >= 90 % 3
Frequency of measurement: Monthly
90% > T 2
T = 100 % Nil
% of successful restorations on devices for
which backups are taken based on the agreed
100% > T >= 95 % 4
restoration policy.
5 Restoration
Target: 100% 95%> T >= 90 % 3
Frequency of measurement: Quarterly
90% > T 2
T = 100 % Nil
% of devices for which configuration review
and fine tuning completed as per agreed
Configuration 100% > T >= 95 % 4
process.
6 review and
performance tuning Target: 100% 95%> T >= 90 % 3
Frequency of measurement: Quarterly
90% > T 2
Target: 100%
90% > T 2
Frequency of measurement: Quarterly
For all P1 & P2 incidents resolved during the 7 days >=T >5 days 4
quarter, BIDDER to submit RCA reports.
Submission of root
10 days >=T >7 days 3
7 cause analysis Target: 5 working days post incident
(RCA) resolution
12 days >=T >10
2
Frequency of measurement: Monthly days
T >12 days 1
Security Inventory BIDDER must maintain & update the T = Once a week Nil
8
/License/OEM configuration management database (CMDB)
Severity
# SLA Parameter Definition Target
Level
support as per the defined deadlines:
Management
Deviation 4
Target: Once a week
Quality of the Missing of the critical / high risk finding as 100% Nil
The Contracting Authority shall release the payment to Service Provider only if the Service Provider is able to
achieve the Service Levels as specified in Service Level Agreement.
16.1.2. Payment Milestones for the Services to be delivered as per the scope of the
RFP
S.No Client (Who takes SOC AP- SOC Service APTS (Nodal Agency) Payment Timelines
service) Provider
Buy the service and pay
1. Provide Services to
AP Govt. Departments to AP- SOC service Quarterly
departments
provider
Buy the service and pay
2. SME-1 (Funding by the Provide Services to
to AP- SOC service Quarterly
govt.) SME
provider
3. Provide Services to
Other States/Govt. Not Applicable Not Applicable
other states
1. In case of servicing clients other than AP govt. departments /SME-1, bidder is entitled to share 10% of the
revenue share per service
2. All payments are subject to the application of liquidated damages and penalties defined and provided for in
this Agreement and the SLA.
1. APTS shall raise invoice to the departments and AP –SOC service provider will get the payment from
APTS
2. Generally and unless otherwise agreed in writing between the Parties or expressly set out in the Service
Level Agreement, the AP SOC Service Provider shall raise an invoice as per the terms of payment as
stated in this Schedule.
3. Any invoice presented in accordance with this Article shall be in a form agreed with APTS.
4. The completeness of the Invoice shall mean the submission of the Invoice along with the acceptance
certificate of the respective deliverables of the milestones and other associated dependencies to process
and approve the invoice.
5. Invoice should have the taxes at actuals at the prevailing rates at the time of submission of invoice.
6. Invoices shall be accurate and all adjustments to or changes in the terms of payment as stated in the
Terms of Payment Schedule shall be applied to the next payment invoice. The Service Provider shall
waive any charge for a Service that is not invoiced within six months after the end of the month in
which the terms of payment as stated in the Terms of Payment Schedule relating to such Service are
authorized or incurred, whichever is later.
7. Payments to AP-SOC service provider shall be made within one week of the receipt of payment by the
department, subject to adjustments if any for the previous performance.
8. The Contracting Authority (APTS) shall be entitled to delay or withhold payment of any invoice or part
of it delivered by the AP-SOC Service Provider under this Schedule where the Contracting Authority
disputes such invoice or part of it provided that such dispute is bona fide. The withheld amount shall be
limited to that which is in dispute. The disputed amount shall be settled in accordance with the
escalation procedure as set out in the Governance Schedule (Schedule IV of this Agreement). Any
exercise by the Contracting Authority (APTS) under this Article shall not entitle the AP-SOC Service
Provider to delay or withhold provision of the Services.
9. The Service Provider shall pay all their sub-contractors in a timely fashion in accordance with a
mechanism, which will not prejudice the objective of the Project.
10. If any amount is due and payable by the Service Provider to the Contracting Authority (APTS) or Its
Nominated Agencies, the same shall be either adjusted by the Service Provider in the subsequent
Invoices or Paid to the Contracting Authority in a method as informed by the Contracting Authority or
its Nominated Agencies on a case to case basis.
11. APTS shall be responsible for withholding taxes from the amounts due and payable to the Service
Provider wherever applicable.
12. The Service Provider shall pay for all other taxes in connection with this Agreement, and SLA
including, but not limited to, property, sales, use, excise duty, value-added, goods and services,
consumption and other similar taxes (GST) or duties.
13. In the event of any increase or decrease of the rate of taxes due to any statutory notification/s or new
enactments during the Term of the Agreement the consequential effect shall be to the account of the
Contracting Authority. Taxes should be invoiced at actuals at the prevailing rates at the time of
submission of invoice.
14. In the event that any new laws or regulations imposing Taxes in respect of Supplier supplies/services
under this Agreement are enacted after the Effective Date, the party directly subject to such Taxes
under such laws or regulations shall be responsible for such Taxes. Where such Taxes are the
responsibility of supplier and supplier is entitled to charge them to contracting authority, contracting
authority shall pay/ Adjust as the case may be, these Taxes in addition/deduction of taxes to the
consideration payable under this Agreement.