engineering projects (india) limited (a govt. of india...
TRANSCRIPT
Engineering Projects (India) Limited (A Govt. of India Enterprise)
NOTICE INVITING TENDER (e-tender)
TENDER NOTICE NO: DLI/CON/ITD/622 16.07.2018
Single stage two envelope system (e-tender) is invited for “Hiring of Managed Services for Disaster Recovery (Backup Site) Site for EPI at different seismic zone through Ministry of Electronics & Information Technology (MeitY) Govt. of India empanelled Cloud Service Providers (CSPs) and Bandwidth between Data Center and Proposed Disaster Recovery Site”
The detailed description, Scope of work, technical specifications, instructions to bidders etc.
are as follows:
Annexure-I
Detailed Scope of work for Hiring of Managed Services for Disaster Recovery (Backup Site) Site for EPI at different seismic zone through Ministry of Electronics & Information Technology (MeitY) Govt. of India empanelled Cloud Service Providers (CSPs) and Bandwidth between Data Center and Proposed Disaster Recovery Site
DR Site Requirements:
Dedicated rack space scaling up to 42U standard
Built in logical separation for all the environment with respect to IT environment, Storage and backup modules & network elements
Data centre facilities including power & cooling with a minimum uptime of 99.5%
Location of the Disaster Recovery Site Should be in different seismic zone and approximate 1000 KM (± 10%) far away from existing BSNL Data Centre, Faridabad, Haryana (India).
Disaster Recovery system to be built in a different seismic zone with respect to the DC
Provision of rated power & environmental control including temperature and humidity to DC & DR facilities for rack space provisioned
Electrical systems provisioned should be backed up with N+1 redundant UPS systems and generators in case of grid failure
DR Site Capabilities:
All facilities completely confirming & certified by Uptime Institute as Tier III Datacentres.
Security – ISO 27001 and SAS70 Compliant
Centralized & automated monitoring of functionalities of entire DR site.
Flexibility in operations & management with ability to quickly add or remove space to accommodate as per requirement.
24x7 online supports must be available.
Solution Expectations:
IT Infrastructure on OPEX
Flexibility & Scalability
End-to-End Business Services including DR replication
Unambiguous service levels
Cost transparency
Entire solution can be broadly classified into three components:
Data Centre Infrastructure
IT Infrastructure which includes servers, storage, network & security, backup
Platform Managed Services including DR replication management
Detailed Hardware & Services Components for DR Site: Part 1: (Infrastructure Hosting Site)
Components Description Quantity
Infrastructure:
Physical Host 2 CPU / Growth - 2 x 6 cores + 16 GB RAM + 2 x 300 GB SAS
1
Additional Storage for Server of 50 GB-SAS 125
Additional RAM for Server of 16 GB 6
Server Management (Physical) 1
Nexus 10G Fiber with MM SFP 1
Nexus 1G Copper 1 Nexus 1G Copper 1
Router Port (L3 Ports) 4
OS - SUSE Enterprise Server (1-2 CPUs, Priority OS - SUSE Enterprise Server (1-2 CPUs, Priority
Virtualization Management 1 1
Virtual OS Management 2
Part 2: (Bandwidth Management)
Components Description Quantity
Bandwidth
Dedicated MPLS Link 2 MBPS
Dedicated Internet Link (DC-DR) 2 MBPS
Technological Platform
(i) Existing environment
S.
No. Solution Component Purpose
Configuration
Required Units
1 Development Server
VM1 : ERP IDES
VM 2 : SAP ERO Dev
VM 3 : SAP NetWeaver Ent Portal
Dev
VM 4 : BI (BW) Dev System
VM 5 : DMS Dev
Same specs :
Dell R720, 12
cores (2x6),
128GB RAM,
5x600GB SAS
disks in RAID 5,
dual port FC
HBA with FC
cables
4
2 Quality Server
VM1 : ERP Quality
VM 2 : SAP NetWeaver Ent Portal
Quality
VM 3 : BI (BW) Quality System
3 Production Server 1
VM 1 : SAP ERP DB
VM 2 : SAP NetWeaver Ent Portal
DB
VM 3 : BI (BW) Quality System DB
VM 4 : System ERP App1
VM 5 : SAP Netweaver Ent Portal
App1
VM 6 : BI (BW) Quality System
App1
VM 7 : DMS (MaxDB Database)
4 Production Server 2
VM1 : SAP ERP CI
VM 2 : SAP Netweaver Ent Portal
CI
VM 3 : BI (BW) Quality System CI
VM 4 : SAP ERP App 2
VM 5 : SAP Netweaver Ent Portal
App2
VM 6 : BI (BW) Quality System
App2
VM 7 : Solution Manager
5 Backup Server For data backup
Dell R710, 8
Cores (2x4),
32GB RAM, 5 x
600GB SAS
disks in RAID 5,
4 x 1Gbps NICs
1
6 OS / Software licenses SUSE Linux Enterprise Server for
SAP Applications 11 for AMD64 &
Intel64 (1-2 CPUs, Priority Support,
SuSE Linux
Latest Version,
Priority Support
4
Unlimited VMs) - 5 years
7 OS / Software licenses Microsoft
Windows 2008
R2 Enterprise
Server
1
8 OS / Software licenses CommVault
CommServe 10,
with unlimited
backup agents
1
9 Shared Storage Service FC Volume 5 TB for data
5 TB Usable in
RAID 5 or better
(7 TB raw)
5
10 BSNL Support GSC Support
Managed ICT
Services for
Servers - Level
3
5
11 BSNL Support GSC Support
Managed ICT
Services for
Backup - Level
3
1
Proposed Environment
The environment should not be less than following parameters and should cover 100% instances of production server of existing environment of EPI‟s Data Center.
Components Description Quantity
Infrastructure:
Physical Host 2 CPU / Growth - 2 x 6 cores + 16 GB RAM + 2 x 300 GB SAS
1
Additional Storage for Server of 50 GB-SAS 125
Additional RAM for Server of 16 GB 6
Server Management (Physical) 1
Nexus 10G Fiber with MM SFP 1
Nexus 1G Copper 1 Nexus 1G Copper 1
Router Port (L3 Ports) 4
OS - SUSE Enterprise Server (1-2 CPUs, Priority OS - SUSE Enterprise Server (1-2 CPUs, Priority
Virtualization Management 1
Virtual OS Management 2
DR Solution Parameters
No. of Drills Required At least twice annually (once in every half year) or on implementation of major changes in the primary Data Centre environment to be approved by EPIL.
DC – DR Replication Asynchronous replication for database
DR Infrastructure
Capacity
DR Health check, replication and sustenance of DR Instances
DR Drill - 2 drills annually with required compute and memory.
DR server instances compute and memory will be increased as per demand, in the event of a site failover or switchover.
DR Delivery Model Services model
DR Drill
i. DRSP would be responsible for regularly conducting the DR drill test at least twice a
year from the date of commissioning and go-live of DRsite.
ii. The DR drill exercise will encompass various scenarios such as fail-over and fall-back
from DC to DR and vice-versa.
iii. DRSP would be responsible to update the DR run-book on an on going basis.
iv. DRSP would work closely for greater integration and success of DR program.
v. DR Plan would be reviewed with EPIL annually.
Preventive Maintenance of DataCenter
i. DRSP would publish the outage maintenance calendar atleast 2months in advance. The
calendar should be communicated to EPIL through e-mail. DRSP would not execute
any unscheduled maintenance impacting the services of EPIL without prior intimation to
authorized person at EPIL. Emergency maintenance needs to be formally
communicated through an emergency RFC.
ii. DRSP would revoke the access to the premise for the dormant users and individuals.
The revised list of authorized personnel would be shared by the EPIL.
Physical Security Management System
i. DRSP would have a visitor management system in place to provide access to the data
center premises to authorized individuals only.
ii. Visitor credentials/Photo-ID and photograph shall be captured in the visitor log.
Access to the DR premises shall be given by DRSP only to the notified
individuals. EPIL would notify DRSP for such visits.
iii. DRSP would have a mechanism to scan the visitor baggage and frisk the
individual entering the Data Center premises.
Annexure-II
Service Level Agreement (SLA) between EPI and Cloud Service Providers (CSP)
Service Level Agreement (SLA) :
A contractual agreement between EPI and Service Provider where the EPI‟s requirements are specified and a service provider defines the level of service, responsibilities, priorities and security and guarantees regarding availability, performance, and other aspects of the service.
Performance and Conformance:
CSP needs to ensure that guaranteed service levels are achieved in the GI Cloud else it may affect effective service delivery.
SLA are required to be defined for each of the services that will be provided by the GI Cloud. Existing contractual agreements and SLA both with third part data centre operators, and cloud service providers, may be evaluated and customised to meet the government‟s requirements.
For failure to adhere to the service levels, proper penalty clauses must be incorporated. This will require proper interpretation of SLAs. Proper institutional mechanism should be established to resolve any conflict and provide for timely intervention (if required).
A fully functional 24x7 helpdesk may be incorporated.
Availability Availability is a key service level objective, since it describes whether the cloud service can actually be used, and it is typically necessary to specify numeric values for availability for Government Department/ Agency to identify which services/resources are to be monitored under availability and indicate the measure of availability. The indicative parameters for designing Availability linked SLAs are enlisted below:
Availability of Provisioned Resources for Pre-Production/Production environment could include VMs, Storage, OS, VLB, Security Components.
Availability of Critical Services- Some of the services such as Provisioning / De- Provisioning; User Activation / De-Activation; User Profile Management; Register Support Request or Incident; Access Utilization Monitoring Reports are critical for cloud services and hence the service levels needs to be monitored.
Service Level Agreements for Core Infra Support Services
Sl. Service Level Agreement
1. Virtual Instance
2. Operating System
3. Storage Management
4. Physical Servers
5. Network and Security Operation & Management
6. Disaster recovery services
Service-Level Agreement Components:
Description of services to be provided
Scope of the services
Location(s) where services are to be provided
Responsibilities and duties of service provider
Responsibilities and duties of service recipient
Description of acceptable performance levels
Metrics to be used for evaluating performance
Process for monitoring, tracking and evaluating performance
Process for resolving poor performance
Remedies for failure to provide acceptable performance, time frames, escalation procedures
Protection of intellectual property, as applicable
Compliance with legislation, standards, regulation, acceptable practices Termination of agreement
Support Channels - Incident and Helpdesk
Support is an interface made available by the cloud service provider to handle issues and queries raised by the Government Department/ Agency. The following are key parameters to be factored when gauging the support requirements from CSP.
Support hours: The hours during which the cloud service provider provides a support interface that accepts general inquiries and requests from the Government Department/ Agency.
Support responsiveness: The maximum time the cloud service provider will take to acknowledge an inquiry or request raised by the Department. It is typical for responsiveness to vary depending on a severity level which is attached to the customer request, with a shorter response time associated with higher severity levels. (Indicative Severity Levels enclosed in Annexure 3)
Resolution time: The time taken to complete any necessary actions as a result of the request.
Response Time Response time is the time interval between an initiated event (stimulus) by the Department/ Agency and a cloud service provider initiated event in response to that stimulus. Response time can be a highly significant aspect of the user experience of a cloud service – for some critical requests such as (Service with significant number of end users or public users), response times that are greater than some threshold are regarded as unacceptable and can make the cloud service effectively unusable. A factor that needs to be considered is that many cloud services support multiple different operations and that it is likely that the response time will differ for the different operations. As a result, response time SLOs need to clearly state which operation(s) are concerned.
Performance Service Level Objectives for Performance deal with the actual mechanisms used to guarantee that the Department‟s data is available (online or offline) in case of failures forbidding access to it. Proposed SLOs allow customers e.g., to fine-tune their risk assessment and business continuity procedures.
Latency: Latency may address the storage and the time when the data is placed on mirrored storage.
Maximum Data Restoration: Time refers to the committed time taken to restore cloud service customer data from a backup. Concrete details related with to the frequency and method used by the cloud service provider‟s backup and recovery mechanism(s).
Security Incident and Management Reporting Specifying measurable security level objectives in SLAs is useful to improve both assurance and transparency.
Percentage of timely incident reports: Describes the defined incidents to the cloud service which are reported to the Department in a timely fashion. This is represented as a percentage by the number of defined incidents reported within a predefined time limit after discovery, over the total number of defined incidents to the cloud service which are reported within a predefined period (i.e. month, week, year, etc.).
Percentage of timely incident responses: Describes the defined incidents that are assessed and acknowledged by the cloud service provider in a timely fashion. This is represented as a percentage by the number of defined incidents assessed and acknowledged by the cloud service provider within a predefined time limit after discovery, over the total number of defined incidents to the cloud service within a predefined period. (i.e. month, week, year, etc.).
Percentage of timely incident resolutions: describes the percentage of defined incidents against the cloud service that are resolved within a predefined time limit after discovery.
Vulnerability Management: Vulnerability Management refers to managing a weakness of an asset or group of assets, e.g. software or hardware related, that can be exploited by one or more threats. The set of service level objectives is not exhaustive, and not all the service level objectives are applicable to all cloud services. The Information about technical vulnerabilities should be obtained in a timely fashion, the organization's exposure to such vulnerabilities evaluated and appropriate measures taken to address the associated risk.
Percentage of timely vulnerability corrections describes the number of vulnerability corrections performed by the cloud service provider, and is represented as a percentage by the number of vulnerability corrections performed within a predefined time limit, over the total number of vulnerability corrections to the cloud service which are reported within a predefined period (i.e. month, week, year, etc.).
Percentage of timely vulnerability reports describes the number of vulnerability reports by the cloud service provider to the Department, and is represented as a percentage by the number of vulnerability reports within a predefined time limit, over the total number of vulnerability reports to the cloud service which are reported within a predefined period (i.e. month, week, year, etc.).
Reports of vulnerability corrections is a description of the mechanism by which the cloud service provider informs the Department of vulnerability corrections applied to the provider's systems, including the frequency of the reports. Apart from the above, some key measurements required for monitoring are also indicated in Annexure 2
Indicative SLOs for MSP/SI: The following SLOs are pertinent if the Department engages a Managed Service Provider or a System Integrator for managing the cloud services.
Recovery Point Objective is the maximum allowable time between recovery points. RPO does not specify the amount of acceptable data loss, only the acceptable time window. In particular, RPO affects data redundancy and backup. A small RPO suggests mirrored storage of both transient and persistent data while a larger window allows for a periodic backup approach.
Recovery Time Objective is the maximum amount of time a business process may be disrupted, after a disaster, without suffering unacceptable business consequences. Cloud services can be critical components of business processes.
Availability of Reports (Reports such as Provisioning, Utilization Monitoring
Reports, User Profile Management etc.)
Request – Response: Percentage of successful requests.
Availability of the network links at DC and DR (links at DC / DRC, DC-DRC link) The Definitions of the Key terms used in the Section are provided in Annexure 1. The indicative Penalties against breach in Service Levels are mentioned in Annexure 2 and the severity levels for the SLAs are defined in Annexure 3. Measurement and Monitoring: The following clauses related to measurement and monitoring may be included in the RFP:
The SLA parameters shall be monitored on a <<periodic basis/ monthly basis>> as per the individual SLA parameter requirements. However, if the performance of the system/services is degraded significantly at any given point in time during the contract and if the immediate measures are not implemented and issues are not rectified to the complete satisfaction of Department or an agency designated by them, then the Department will have the right to take appropriate disciplinary actions including termination of the contract.
The full set of service level reports should be available to the Department on a monthly basis or based on the project requirements.
The Monitoring Tools shall play a critical role in monitoring the SLA compliance and hence will have to be customized accordingly. The CSP shall make available the Monitoring tools for measuring and monitoring the SLAs. The MSP may deploy additional tools and develop additional scripts (if required) for capturing the required data for SLA report generation in automated way. The tools should generate the SLA Monitoring report in the end of every month which is to be shared with the Department on a monthly basis. The Department or its nominated agency shall have full access to the Monitoring Tools/portal (and any other tools / solutions deployed for SLA measurement and monitoring) to extract data (raw, intermediate as well as reports) as required during the project. The Department or its nominated agency will also audit the tool and the scripts on a regular basis.
The measurement methodology / criteria / logic will be reviewed by the Department.
In case of default on any of the service level metric, the SP shall submit performance improvement plan along with the root cause analysis for the Department ‟s approval.
Periodic Reviews:
The SLAs might require to be modified based on the project needs. Therefore, Departments need to ensure that the relevant clauses are included in the Agreement that would allow the Departments to modify the SLAs. The following clauses are provided as guidance to the departments while preparing the Service Level Agreement.
During the contract period, it is envisaged that there could be changes to the SLA, in terms of measurement methodology / logic / criteria, addition, alteration or deletion of certain parameters, based on mutual consent of both the parties, i.e. the Department and SP.
The Department and SP shall each ensure that the range of the Services under the SLA shall not be varied, reduced or increased except by the prior written agreement of the Department and SP in accordance with the Change Control Schedule.
The SLAs may be reviewed on an annual basis by the Department in consultation with the SP and other agencies.
Penalties
For the Departments to ensure that the Cloud Service Providers adhere to the Service Level Agreements, this section describes the Penalties which may be imposed on CSPs. In case these service levels cannot be achieved at service levels defined in the agreement, the departments should invoke the performance related penalties. Payments to the SP to be linked to the compliance with the SLA metrics laid down in the agreement. To illustrate calculation of penalties, an indicative example is provided below.
The payment should be linked to the compliance with the SLA metrics.
The penalty in percentage of the <<Periodic Payment>>) is indicated against each SLA parameter in the table.
(i) For ex: For SLA1 if the penalty to be levied is 7% then 7% of the <<Periodic Payment (monthly)>>) is deducted from the total of the <<periodic/monthly> bill and the balance paid to the SP.
(ii) If the penalties are to be levied in more than one SLA then the total applicable penalties
are calculated and deducted from the total of the <<periodic/monthly> bill and the balance paid to the SP. For ex: SLA1 =7% of the <<Periodic Payment (monthly)>>, SLA12=10% of the <<Periodic Payment (monthly)>>, SLA19=2% of the <<Periodic Payment (monthly)>> Then Amount to be paid = Total <<periodic/monthly> bill – {(19% of the <<Periodic Payment (monthly)>>)}
(iii) In case multiple SLA violations occur due to the same root cause or incident then the
SLA that incurs the maximum penalty may be considered for penalty calculation rather than a sum of penalties for the applicable SLA violations.
(iv) Penalties shall not exceed 100% of the <<periodic/monthly>> bill. If the penalties exceed more than 50% of the total <<periodic/monthly> bill, it will result in a material breach. In case of a material breach, the operator will be given a cure period of one month to rectify the breach failing which a notice to terminate may be issued by the Department.
For Systems:
SLA Achieved (%) = 100 – [(100*(system downtime – planned downtime))/Total
operating hours for the month]
Example:
Total operating hours for the month = (days of the month*24) = 31*24 hours
= 744 hours System Downtime = 80 hours
Planned Downtime = 70 hours
SLA Achieved = 100 – [100*(80-70))/744] = 98.66% The SLA would be measured on a monthly basis:
Severity
Severity Type
Description
Response Time
Resolution Time
Incident Closure Report Time
RCA Reporting Time
S1
Emergency
Services affecting core
production environments
and direct impact to business. Incidents which can
hamper the operation of
more than two infrastructure
services
15 Minutes
4 Hours
8 Hours
1 Week
S2
Major
Service affecting the supported
infrastructure with no direct impact to the operation but will affect the services if not
resolved in time
30 Minutes
8 Hours
12 Hours
2 week
S3
Minor
System and services not affecting the
overall operation
1 Hours
16 Hours
24
Hours
n/a
S4
Routine
Routine service request
4 Hours 36 Hours 48 Hours
n/a
Call Severity Definition:
Severity
Level
Report for Analysis/Evaluation of Severity Level
Severity Level S1: (During Incident stage, when DR will act as primary DC)
Severe business impact that affects a large number of users or has significant sales or revenue impact due to unavailability of core production server, core network switch and firewall/UTM.
Server Utilization and Uptime Report, Network performance monitoring Report, Root- Cause Analysis Report, Report on critical production system Availability, Performance and Capacity Usage etc.
Physical Security or access breach in Datacenter.
EPIL Visitors Summary Report, Data Center and operations area Access /Exit reports, CCTV footage.
Unavailability of production servers / Domain Server / Mail Server due to worms, malware, untested patch deployment, network error etc.
Release Management Report, Incident report including viruses, Security reports – Traffic Log Report for attack, anti-virus, malware, worms etc., Information Security Status Report
Any O/S issues related to untested patch deployment, patch deployment, unplanned patch deployment, any O/S related services etc.
Release Management Report, Configuration Management/Changes Report
Unavailability of application and database of production servers due to storage problems.
Storage Infrastructure checklist, Uptime and Performance Report
WAN connectivity - Due to any issues in cross connect.
Network performance monitoring Report, Root- Cause Analysis Report
Severity Level S2:
(During Drill time)
Unavailability of Production servers due to worms, malware, untested patch deployment, O/S and storage related issues, LAN connectivity.
Release Management Report, Incident report including viruses, Security reports – Traffic Log Report for attack, anti-virus, malware, worms etc., Information Security Status Report
Critical patch/antivirus roll out in non – production server
Release Management Report, Configuration Management/Changes Report
Back-up and restoration issues for non- production servers.
Backup & Restore report
Delay in support over the stipulated time mentioned in the table above(S1).
Incidents and resolution Report etc.
Severity Level S3: (During Cold Stage)
Error or bug in the system functionality that does not interrupt business processes due to availability of a workaround
Incidents and resolution Report, Incident Summary Report etc.
Delay in support over the stipulated time mentioned in the table above(S1).
Incidents and resolution Report etc.
Non-critical error or a cosmetic change that disrupts neither the functional nor operational flow
Incidents and resolution Report, Incident Summary Report etc.
IMAC, software and hardware installation IMAC Report
Non-critical patch/antivirus rollout Release Management Report, Configuration Management/Changes Report
Annexure-III
PRICE FORMAT
Price bid is in two parts as follows:
Part 1: (Infrastructure Hosting Site)
Part 2: (Bandwidth Management) Terms & Conditions for Price Bid Part 1 & 2: 1. The CSP has to submit their prices for Part1 & 2 separately in prescribed format only in
per annum basis.
2. The entire contract will be minimum period of 5 years for Hiring of Managed Services for Disaster Recovery (Backup Site) Site for EPI at different seismic zone through Ministry of Electronics & Information Technology (MeitY) Govt. of India empanelled Cloud Service Providers (CSPs).
3. Total price inclusive of all taxes should be indicated in word also as per prescribed format.
4. The successful CSP shall submit 5% of annual value of total order value as a security deposit in the form of Bank Guarantee on yearly basis.
5. In case of additional requirement of component, the unit price will be applicable on pro-rata rate basis and CSP will have to agree on this rate till completion of contract period.
6. After successful completion of 5 years contract period, the contract should be extended on yearly basis on mutual agreed terms & conditions.
Annexure-III A
PRICE FORMAT
Part 1: (Infrastructure Hosting Site)
Components/ Description Quantity Unit Price Total
Price per annum
Infrastructure:
Physical Host (2 CPU / Growth - 2 x 6 cores + 16 GB RAM + 2 x 300 GB SAS)
1
Additional Storage for Server of 50 GB-SAS 125
Additional RAM for Server of 16 GB 6
Server Management (Physical) 1
Nexus 10G Fiber with MM SFP 1
Nexus 1G Copper 1 Nexus 1G
Copper 1
Router Port (L3 Ports) 4
OS - SUSE Enterprise Server (1-2 CPUs, Priority
OS - SUSE Enterprise Server (1-2 CPUs, Priority
Virtualization Management 1 1
Virtual OS Management 2
One Time Charges 1
GST
Grand Total
Total Price (All inclusive including all taxes and GST) in word: ……………………………………………………….
Annexure-III B
PRICE FORMAT
Part 2: (Bandwidth Management)
Components / Description Quantity Unit Price Total Price
per annum
Bandwidth
Dedicated MPLS Link 2 MBPS
Dedicated Internet Link (DC-DR) 2 MBPS
One Time Charges 1
GST
Grand Total
Total Price (All inclusive including all taxes and GST) in word: ………………………………………………………. Note: L1 shall be decided based upon the total price of Part1 and Part2.
Annexure-IV
LIST OF ACTIVITIES FOR DR SITE
Sr. No. List of activities
1.0 One-time setup activities
Activities
EPI CSP Remark, if any
1.1 Identify authorized users of the EPIL servers ✔
1.2 Internet Connectivity to EPIL servers ✔
1.3 Provisioning of servers for primary site ✔
1.4 Provisioning of servers for DR site ** ✔
1.5 Provision Firewall and load balancer devices (if applicable) **
✔
1.6 Installation of Standard SuSE Linux image ✔
1.7 Provide root access of servers to EPIL authorized users **
✔
1.8 OS level clustering on the primary site for DB servers (if applicable) **
✔
1.9 Installation of Database ✔
1.10 OS clustering of Databases ✔
1.11 Installation of EPIL application and associated dependencies
✔
1.12 Configure database and application Backup on primary/DR site
✔
1.13 Configure database and application replication to DR site
✔
1.14 Compliance sign off on Primary and DR infrastructure
✔
2.0 Operational Activities responsibility matrix:
Activities
EPI SP Remark, if any
2.1 Connectivity issues resolution ✔
2.2 Power uptime to the cloud servers* ✔
2.3 Uptime of underlying infrastructure ✔
2.4 Uptime of Firewall and load balancer devices* ✔
2.5 Operating System uptime and maintenance ✔
2.6 Application uptime and maintenance ✔
2.7 Database uptime and maintenance ✔
2.8 Data backup and recovery ✔
2.9 Ensure application and database is available on the DR site as per the RTO and RPO expectations of EPIL**
2.10 Change DNS records for the EPIL website, as needed
✔
2.11 Change DNS records for the EPIL website during DR event**
✔
2.12 Uptime of underlying Infrastructure (hardware and software) at DR site**
✔
2.13 Bring up required services (application and database) at DR site**
✔
2.14 Test the application on the DR site, upon DR trigger**
✔
2.15 Test online traffic routing and access upon DR ✔
trigger**
2.16 Switch back to Primary site** ✔
2.17 Maintain and report connectivity SLA ✔
2.18 Maintain and report server availability SLA ✔
2.19 Maintain and report application SLA ✔
2.20 Helpdesk/contact point for complaints and fault resolution – connectivity
✔
2.21 Helpdesk/contact point for complaints and fault resolution – Infrastructure (Hardware and Server) availability
✔
2.22 Helpdesk/contact point for complaints and fault resolution - Operating System, DR, Application, Services and Database
✔
2.23 Datacentre security ✔
2.24 OS, Application and Database security ✔
Annexure-V
TERMS & CONDITIONS
(i) Delivery Schedule:
Following milestones to be achieved:
Stages Particular Duration Completion Schedule
Stage 1 Set up of Disaster Recovery/
Backup Site as per EPI‟s
requirement including
connectivity
6-8 weeks Maximum 8
weeks from the
date of
acceptance of
PO
Stage 2 First DR Drill for testing of EPI‟s satisfaction
2 weeks after the
completion of
stage 1.
10 weeks from
the date of PO
Stage 3 Assessment Report on
successful setup of Disaster
Recovery/ Backup Site as per
EPI‟s requirement
5 weeks after
completion of
stage 2.
15 weeks from
the date of PO
(ii) Payment Terms (Part-1 & 2) on yearly basis
25% of per annum charge After successful completion of 3 months
25% of per annum charge After successful completion of 6 months
25% of per annum charge After successful completion of 9 months
25% of per annum charge After successful completion of 12 months
The same method should be followed in further year after getting satisfactory services.
(iii) Price
Price shall remain fixed during the contract period of 5 years. There shall be no increase in price for any reason whatsoever. Therefore, no request for any escalation of the cost / price shall be entertained. Other terms & conditions
Payment of all managed services shall be payable at the end of each quarter after providing successful services.
EMD shall be refunded after acceptance of the order.
One-time installation charge, if any, will be paid after successful completion of installation & set-up of servers & DR site on full satisfaction of EPI Official.
Minimum Contract Period is for 5 years for all managed services included in Contracts.
Any additional hardware commercials will be calculated at given commercial & price break-up in submitted offer by bidders and can be added during contract period.
Contract Period if for 5 years and if services found satisfactory, EPIL may continue after discussion on mutually agreed terms& same price as mentioned on Annexure V.
In case EPI does not want to continue after 5 years contract then dedicated hardware for this will be transferable as per prevailing book value.
Backup will be done on a local backup server on disks. No tape based backup is in scope. Frequency of backup and number of backups will be as advised by EPIL and as agreed by successful bidder. . Under backup services, the responsibility of ensuring that the data is duly backed up and tested for restore at critical time is responsibility of successful bidder.
Firewall, Network and Storage Services are shared backend infrastructure services, shared here applies only to the extent that EPIL doesn‟t have to setup or pay for the switches, routers, firewalls, storage appliances etc, Shared doesn‟t mean anything else and in terms of security considerations entire infrastructure remain dedicated and isolated for EPIL.
Proposed IDC infrastructure should be scalable, secured and monitored 24x7x365 days and should be available over the phone or e-mail.
FORCE MAJEURE Any delay or failure of the performance of either party hereto shall not constitute default hereunder to give rise to any claims for damages, if any to the Extent such delay or failure of performance is caused by occurrences such as Acts of God or the public enemy, expropriation, compliance with any order or request of Government authorities/ courts, acts or war, rebellions, sabotage fire, floods, illegal strikes, or riots (other than Contractor‟s employees). Only extension of time shall be considered for Force majeure conditions as accepted by EPI. No adjustment in contract price shall be allowed for reasons of force majeure.
Arbitration Clause/ Dispute Resolution Before restoring arbitration as per the clause given below, the parties if they so agree may
explore the possibility of conciliation as per the provisions of Part III of the Arbitration and
Conciliation (Amendment) Act 2015. When such conciliation has failed, the same shall be
referred to the Sole Arbitrator appointed by the Chairman & Managing Director (CMD) of
Engineering Projects (India) Ltd. (EPI) or any other person discharging the functions of CMD
of EPI. The person approached for appointment as Arbitrator shall disclose in writing
circumstances, in terms of Sub-Section (1) of Section (12) of the Arbitration and Conciliation
(Amendment) Act 2015thereof.
The Arbitrator shall be appointed within 30 days of the receipt of letter of invocation of
arbitration duly satisfying the requirements of this clause.
The language of the Arbitration shall be English.
The Venue of the Arbitration Proceedings shall be New Delhi.
Annexure-VI
Data Sheet: Brief information related to services, clarification and submission of Tender document:
Sr. No. Description Details
1. Estimated cost of the tender (for five years)
Rs. 1,25,88,470/- (exclusive of all taxes)
2. Cost of Tender document (tender Fee)
Rs.2,360 (Non-refundable) inclusive of 18% GST in the form of crossed demand draft from any nationalized/scheduled Bank in favour of “Engineering Projects (India) Ltd‟, payable at New Delhi.
3. EMD Rs. 2,51,769/- in the form of crossed demand draft from any nationalized/scheduled Bank in favour of “Engineering Projects (India) Ltd‟, payable at New Delhi.
4. Solvency Bidder should have solvency of Rs. 50,35,388/- issued by his bankers in the name of the bidder. The solvency certificate should not have been issued earlier than one year of the last date of submission of the tender.
5. Publishing of the Tender
16.07.2018 from 06:00 pm
6. Last date for submission of queries to Tenders by post or fax or E-mail.
27.07.2018 upto 05:00 pm
7. Address for submission of Tender document
Executive Director (Contracts) Engineering Projects (India) Ltd, 3rd floor, Core 3, Scope Complex, 7, Lodhi Road, New Delhi – 110003, Ph: 011- 24361666, extn 2313 Fax: 011 - 24363426 E-mail: [email protected]
8. Document available for download. Date & Time
16.08.2018 from 06:00 pm
9. Last date and time of
06.08.2018 upto 05:00 pm
Please note carefully Instructions to the bidders, the requirements for submitting Tenders and the date and time for submittal. The Tenders must be submitted online not later than the specified date and time. Tenders received after the due date and time or those which are incomplete are liable to be rejected. Further, corrigendum/ addendum, if any, issued to the tender document, shall also be published on the website. It is the bidder‟s responsibility to submit the completed tender document taking into account all addenda/corrigenda issued. EPI reserves the right to accept or reject any or all Tenders received or annul this Tender process at its absolute discretion without assigning any reason whatsoever.
Annexure-VII
Eligibility Criterion for Hiring of Managed Services for Disaster Recovery /Backup Site for EPI at different seismic zone through Ministry of Electronics & Information Technology (MeitY) Govt. of India empanelled Cloud Service Providers (CSPs) The CSP should possess the requisite experience, resources and capabilities in providing the services necessary to meet the requirements, as described in the tender document. The Bid must be complete in all respects and should cover the entire scope of work as stipulated in the document. Bidders not meeting the Eligibility Criteria will not be considered for further evaluation. The invitation to bid is open to all Bidders who qualify the Eligibility Criteria as given below:
Sr. No. Criteria Supporting Documents (Documentary evidence to be submitted along with Technical Bid)
1. The bidder should be an Indian Company registered under the Companies Act 1956 for the last 5 years and having its sales office in Delhi/NCR.
Copy of proof of Certificate of Incorporation to be enclosed
2. Average Annual financial turnover during the last 3 years (i.e. 2017-18, 2016-17 and 2015-16), ending 31st march of the previous FY should be atleast 50% of the estimated cost.
In support of this firm shall submit copies of Audited Financial statements consisting of Balance Sheet, statement of profit and loss, CA certificate for turnover.
procurement of tenders
10. Last date and time for submission of Tenders
07.08.2018 upto 12:00 pm
11. Techno-Commercial Bid Opening, Date & Time
07.08.2018 at 03:00 pm
12. Date & Time for demonstrate the suitability of the proposed product
Will be informed to the bidders separately.
13. Price Bid Opening Date & Time
Will be informed to the technically qualified bidders separately.
3. Bidder should have three similar works costing not less than the amount equal to 40% of the estimated cost
OR Two similar works costing not less than the amount equal to 60% of the estimated cost
OR One similar work costing not less than the amount equal to 80% of the estimated cost.
Copy of Work Order/completion Certificate to be enclosed.
4. The bidder should be empanelled as Cloud Service Provider (CSP) with Ministry of Electronics & Information Technology, Govt. of India (MeitY).
Copy of proof to be enclosed.
5. The bidder should not have been blacklisted by any Government department/PSU/CPSE. Self-declaration to that effect should be submitted along with the technical bid.
(Attach Undertaking).
6 The bidder should have registration under GST& should have valid GSTIN number. The bidder must submit as compliances of GST Act, the invoices in GST compliant format, failing which the GST amount shall be recovered/ adjusted by EPI without any prior notice from the next invoices or available dues with EPI. The bidder is requested to update/ upload the GST/ Taxes data periodically so as to avail Input Tax Credit (ITC) by EPI, failing which it shall be recovered/ adjusted by EPI without any prior notice from the next invoices or available dues with EPI
(Attach copy of certificate)
7. PAN No. is to be indicated (Attach Copy)
8. CSP must have Tier-III certified Copy of proof to be enclosed.
9. The CSP should have minimum cloud stack at least two locations in India in different Seismic Zone.
Copy of proof to be enclosed.
10. The CSP should have at least two data center in different Seismic Zone.
Copy of proof to be enclosed.
11. The Date Center building should be owned by the bidder or should be on long term (not less than 5 years) lease directly
Copy of proof to be enclosed.
12. Bidders have to submit confirmation letter whether they are registered under MSME Act or not and if yes, then relevant copies of the registration letter (Registered under single point registration scheme of NSIC, Govt. of India, Ministry of MSME, New Delhi vide Gazette Notification dated 26.03.2012 along with the form of Memorandum-2 with the concerned DIC) to be enclosed in Technical Bid and a request letter for exemption from submission of Tender fee and EMD
(Attach Copy)
13. Bidders should give a notarized/self certification that during last 10 years they have not been debarred/ reprimanded by any of their client.
(Attach Original)
Failure to provide the desired information and documents as mentioned above may lead to disqualification of the bidder.
If any of the credentials are proved to be false/forged that shall lead to disqualification and forfeiture of EMD besides debarring the fraudulent bidder from future EPIL tenders.
Insufficient Tender fee or Tender fee without GST shall lead to disqualification.
Annexure-VIII
A. Instruction to Bidders
(i) Clarifications of Bidding Documents
A prospective Bidder requiring any clarification of the Bidding Documents may
notify EPI in writing through email at [email protected] any time
prior to the deadline for receiving such queries as mentioned in Annexure –VI.
(ii) Zero Deviation This is a ZERO Deviation Bidding Document. Bidder is to ensure compliance of all
provisions of the Bidding Document and submit their bid accordingly. Bids with any
deviation to the bid conditions shall be liable for rejection. Corrigenda/Addenda, if
any, shall also be available on TCIL Portal, EPI website & CPPP. Further, bidder
shall give an undertaking on their letter head that the terms and conditions of this
TENDER are acceptable.
(iii) Amendment of Bidding Documents
a) At any time prior to the deadline for submission of bids, EPI may for any
reason, whether at its own initiative or in response to a clarification requested
by a Bidder, amend the Bidding Documents.
b) Amendments will be provided in the form of Addenda/corrigenda to the
Bidding Documents, which will be posted on TCIL Portal, EPI‟s website and
CPPP. Addenda will be binding on Bidders. It will be assume that the
amendments contained in such Addenda/corrigenda had been taken into
account by the Bidder in its Bid.
c) In order to afford Bidders reasonable time in which to take the amendment into
account in preparing their bids, EPI may, at its discretion, extend the deadline
for the submission of bids, in which case, the extended deadline will be posted
in TCIL Portal, CPPP &EPI‟s website.
d) From the date of issue, the Addenda to the tender shall be deemed to form an
integral part of the TENDER.
B: Preparation of Bid
(i) Price Bid
Prices must be quoted in Indian Rupees only and should include all costs and taxes
including Goods & Service Tax (GST).
(ii) Period of Validity of Bids
Bids shall remain valid for a period of 180 days after the date of price Bid opening or as
may be extended from time to time. EPI holds the right to reject a bid valid for a period
shorter than 180 days as non-responsive, without any correspondence.
(iii) Signing of Bid
The Bid shall be signed by a person or persons duly authorized to sign on behalf of the Bidder. All pages of the bid, except for printed instruction manuals and specification sheets shall be initiated by the person or persons signing the bid.
The Bid shall contain no interlineations, erasures, or overwriting, except to correct errors
made by the Bidder, in which case such corrections shall be initialed by the person or
persons signing the Bid.
The Bid shall be signed by a person or persons duly authorized to bind the Bidder to the
contract. Such authority shall be either in the form of a written and duly stamped Power of
Attorney or a Board Resolution duly certified by the company‟s competent authority, extract
of which duly certified as true copy should accompany the Bid.
C. Other instructions with respect to e-tendering
(i) Interested bidders have to necessarily register themselves on the portal https://www.tcil-india-electronictender.com through M/s Telecommunications Consultants India Limited, New Delhi to participate in the bidding under this invitation for bids. It shall be the sole responsibility of the interested bidders to get them registered at the aforesaid portal for which they are required to contact M/s Telecommunications Consultants India Limited, New Delhi at following address to complete the registration formalities:
M/s Telecommunications Consultants India Limited, 6th Floor, TCIL Bhawan, Greater Kailash – 1, New Delhi – 110 048 Contact No. : 011-26241790, 98683 93717/75/92 Email-ID: [email protected]
(ii) They may obtain further information regarding this tender from ED(Contracts) at the address given below from 10:00 hours to 17:00 hours on all working days till the last date of online submission of Bidding Documents.
Executive Director (Contracts)
Engineering Projects (India) Limited
Core -3, Scope Complex, 7 Lodhi Road,
New Delhi – 110 003
Phone: +91 11 24361666 extn 2301
Fax: +91 11 24363426
Email: [email protected]
(iii) For proper uploading of the bids on the portal namely https://www.tcil-india-electronictender.com (hereinafter referred to as the „portal‟), it shall be the sole responsibility of the bidders to apprise themselves adequately regarding all the relevant procedures and provisions as detailed at the portal as well as by contacting M/s Telecommunications Consultants India Limited, New Delhi directly, as and when required, for which contact details are mentioned above. The Employer in no case shall be responsible for any issues related to timely or properly uploading/submission of the bid in accordance with the relevant provisions of Section Instruction to Bidders of the Bidding Documents.
(iv) Bidders can download the bid document from the portal without registering or paying document fees in advance, any time from 18:00 Hrs. on 16.07.2018; however interested bidders have to pay tender fees for participating in the tendering and submitting the bid.
(v) E-Bids must be submitted/ uploaded along with scanned copies of relevant documents pertaining pre-qualification criteria under “Single Stage Two Envelope Bidding Procedure” on the TCIL portal on or before last date and time of online bid submission. Late bids will not be accepted. Under the above procedure, only Technical Part shall be opened in the presence of the bidders‟ representatives who choose to attend in person at the address given in clause above on schedule date and time of bid opening or may be viewed by the bidders by logging into the portal as per features available to them. Price part shall be opened of technically qualified bidders.
(vi) The price bid of those bidders whose bid has been technically accepted on the basis of documents submitted shall be opened with prior intimation to them. However, it is made clear that the offer of the L-1 bidder shall be accepted subject to the confirmation of the authenticity of the PQ documents/BG from the concerned department/Bank.
(vii) Tender fee, EMD, NSIC/MSME certificate as per pre-qualification criteria if bidder is claiming Tender fee/EMD exemption, Affidavit Annexure-I and Pass Phrase (Both for technical and financial bid in separate envelope) to decrypt the bid must be submitted in physical form at the address given above on or before Last date and time of online bid submission. If the above documents are not received in time then their offer shall not be considered and EPI shall not be responsible for any postal delay in respect of submission of hard copy part of the bids.