Transcript
TERMS OF REFERENCE For the Procurement of Software Maintenance of CheckPoint Firewall For the Philippine Deposit Insurance Corporation
FACT SHEET for a Firewall Appliance Maintenance
MINIMUM MANDATORY REQUIREMENT
1. Approved Budget of the Contract (ABC)
PhP380,000
2. Scope
Supply and delivery of at least 1-year software and hardware maintenance for the existing firewall appliance for the period from December 1, 2013 to November 30, 2014.
3. Features of existing firewall
a. Current Checkpoint Firewall appliance – CPAP-SG4207 – Checkpoint 4200 Appliance with Firewall, VPN, Identity Awareness, Advanced Networking and Clustering, Mobile Access for 5 concurrent users, IPS and Application Control blades. b. The firewall appliance supports the following: 1. four(4) built-in 10/100/1000Base-T RJ45 ports 2. Network expansion slot support in either 4 x 10/100/1000Base-T RJ45, 2 x 1000Base-F SFP or 4 x 1000Base-F SFP Ports 3. 3 Gbps of Firewall Throughput 4. 400 Mbps of VPN Throughput 5. 1.2 million concurrent connections 6. 25,000 Connections per second 7. 2 Gbps IPS Throughput 8. License Users: Unlimited 9. 256 VLANs per interface or a total of 1024 VLANs 10. 802.3ad passive and active link aggregation 11. 250 GB of storage space c. Supports High Availability (HA) features: 1. Active/Active 2. Active/Passive 3. Session synchronization for firewall and VPN 4. Session failover for routing change 5. Device failure detection 6. Link Failure detection d. Integrated IPS e. Integrated IPSec VPN f. Integrated User Awareness – Windows AD integration g. Integrated Application Control - identify, allow, block or limit usage (based on bandwidth and/or time) of applications, including Web 2.0 and social networking, regardless of port, protocol or evasive technique used to traverse the network. h. Integrated Networking and Acceleration and Clustering: 1. ISP redundancy for reliability and fault-tolerance 2. Quality of Service (QoS) prioritization guarantees bandwidth and controls latency i. Application load balancing manages server workloads during high volume traffic a. Priority/Premium technical support b. On-site maintenance c. Standard 24x7 unlimited telephone and email support, including weekends and holidays.
4. Other features
FACT SHEET for Checkpoint Firewall Software Maintenance
5. Delivery 6. Others
MINIMUM MANDATORY REQUIREMENT d. Standard 24x7 on-site troubleshooting and repair of Checkpoint software within 2-hour response time, including weekends and holidays e. All software patches/updates to be performed by Certified Checkpoint Administrator. f. On-site update and testing of new updates. g. Implementation of firewall policies as required by PDIC. h. Support for the server where the firewall is installed such as but not limited to installation and set-up when necessary i. Service subscription to IPS with the following features: 1. Comprehensive network protection against malicious and unwanted network traffic, including: a. Malware attacks b. DoS and DDoS attacks c. Application and server vulnerabilities d. Insider threats e. Unwanted application traffic, including IM and P2P 2. Monitor traffic based on the source or destination 3. Trusted Security a. Real-time protections b. Microsoft vulnerability coverage including preemptive protections against emerging vulnerabilities and exploits. 4. Integrated IPS 5. Multi-gigabit IPS Performance 6. Inspect SSL Encrypted Traffic 7. Unified Management j. Preemptive Security Updates Delivery of Certificate of Cover shall be within 30 calendar days upon execution of the contract. a. Only quotations from partners that are duly authorized by the manufacturer to provide, sell, configure and support the firewall appliance shall be accepted. The certification from the manufacturer authorizing the supplier to provide such product should be submitted together with the quotation. Quotations that do not include the Certification shall not be accepted/considered for award. b. Prospective bidder/s should have at least two (2) certified security professionals. Training certificates of the certified security professionals should be attached to the quotation. c. All product updates/upgrades are to be to be performed by certified security professionals. d. Supplier must have a capacity to escalate product technical issues directly to the manufacturer. e. Any and all costs necessary for the supplier to fulfill its obligations in the supply, delivery, installation and commissioning of the firewall shall be deemed included in the financial proposal. Any cost incurred in the fulfillment of the obligations but were not included in the financial proposal shall be shouldered by the supplier with the lowest complying quotation.
