Department of Information Technology

Similar documents
Request for Proposal MDM Offeror s Questions for RFP for Virtual Private Network Solution (VPN)

Government of Rajasthan Department of Information Technology and Communication. Corrigendum

Remote Access Clients for Windows

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel

E-GOVERNANCE MISSION MODE PROJECT (MMP) CRIME & CRIMINAL TRACKING NETWORK & SYSTEMS (CCTNS) IMPLEMENTATION OF CCTNS IN GOA

Fortinet Certified Network Security Administrator

Configuring a Site-to-Site VPN Tunnel Between Cisco RV320 Gigabit Dual WAN VPN Router and Cisco (1900/2900/3900) Series Integrated Services Router

Introduction of Quidway SecPath 1000 Security Gateway

Implementing Cisco IOS Network Security

McAfee Firewall Enterprise 8.2.1

Release Notes. SonicOS is the initial release for the Dell SonicWALL NSA 2600 network security appliance.

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

*TKtr *W4>K. Government of India itwm mitm Ministry of Labour & Employment W T HSlPT&llem. Directorate General of Mines Safety TENDER NOTICE

Security Policy Revision Date: 23 April 2009

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

Sought. Why only 400 Mbps? We recommend upto 2Gbps. HTTP Requests /Sec Why 12500? We recommend upto

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Fortinet Network Security NSE4 test questions and answers:

Request for Quotation For the Supply, Installation, and Configuration of Firewall Upgrade Project

McAfee Firewall Enterprise 8.3.1

IINS Implementing Cisco Network Security 3.0 (IINS)

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course

/ /Res Dated INVITATION FOR BIDS

- Introduction to PIX/ASA Firewalls -

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

ClockWork Enterprise 5

Corente Cloud Services Exchange

Sophos Certified Architect Course overview

Understanding SofaWare Management Portal URL Filtering. S-box Solutions. Rolf Wagner

Introduction to Security and PIX Firewall

NETASQ MIGRATING FROM V8 TO V9

Sl. No. Ref Sections/Clause requiring Clarification. RFP (Page No.)

How To Establish IPSec VPN connection between Cyberoam and Mikrotik router

ISG50 Application Note Version 1.0 June, 2011

SofaWare Management Architecture Basics

Release Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved

Securing Networks with PIX and ASA

Microsoft TMG Replacement. How FORTINET integrated secuity platforms Help Protect the Perimeter in a Microsoft Infrastructure Environment

Support of Windows Server 2012 The NCP Secure Enterprise VPN Server supports the Windows Server 2012 (64 bit) operating system.

QUESTIONS & ANSWERS. ItB tender 72-09: IT Equipment. Elections Project

Complying with PCI Data Security

ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239

How To Use Mindarray For Business

Zscaler. How to enable SSL scanning. on your school s. Zscaler web filter

Understanding the Cisco VPN Client

Service "NCPCLCFG" is not running In this case, increase the WaitForConfigService setting until the problem is circumvented

Overview Servers and Infrastructure Communication channels Peer-to-Peer connections Data Compression and Encryption...

Check Point Security Administrator R70

(d-5273) CCIE Security v3.0 Written Exam Topics

REQUEST FOR PROPOSAL FOR SUPPLY & INSTALLATION OF Firewall. Bill of Material

Section & clause No. 1 5 Time Schedule Last date/time for Sale of document Bid closing date/time Bid opening date/time. No Page No

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Draft Technical Specifications for Multilevel Security Authentication Device

SVN5800 Secure Access Gateway

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Savitribai Phule Pune University

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher

Wherever there is a conflict, the Addenda to the RFP document and the RFP document (in that order) override the explanations that are provided here.

McAfee Next Generation Firewall (NGFW) Administration Course

Asymetrical keys. Alices computer generates a key pair. A public key: XYZ (Used to encrypt) A secret key: ABC98765 (Used to decrypt)

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

NCP Secure Enterprise Management Next Generation Network Access Technology

Cisco ASA. Administrators

Print4 Solutions fully comply with all HIPAA regulations

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

REMOTE ACCESS VPN NETWORK DIAGRAM

Implementing Cisco IOS Network Security v2.0 (IINS)

Chapter 5 Virtual Private Networking Using IPsec

CLOUD SERVICES (INFRASTRUCTURE) SERVICE TERMS PART C - INFRASTRUCTURE CONTENTS

Viewing VPN Status, page 335. Configuring a Site-to-Site VPN, page 340. Configuring IPsec Remote Access, page 355

Alliance Key Manager Solution Brief

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Keying Mode: Main Mode with No PFS (perfect forward secrecy) SA Authentication Method: Pre-Shared key Keying Group: DH (Diffie Hellman) Group 1

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

FIPS Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0

Data Sheet. NCP Secure Enterprise Management. Next Generation Network Access Technology

Re-Tender RFP for Providing Dedicated Web Hosting Services for IBA Pre-Bid Queries

How To Configure A Kiwi Ip Address On A Gbk (Networking) To Be A Static Ip Address (Network) On A Ip Address From A Ipad (Netware) On An Ipad Or Ipad 2 (

Wharf T&T Cloud Backup Service User & Installation Guide

Overview and Deployment Guide. Sophos UTM on AWS

NEFSIS DEDICATED SERVER

Steelcape Product Overview and Functional Description

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Managing Enterprise Security with Cisco Security Manager

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Data Sheet. NCP Secure Enterprise Management. General description. Highlights

Firewalls und IPv6 worauf Sie achten müssen!

Cisco ASA, PIX, and FWSM Firewall Handbook

Internet. SonicWALL IP SEV IP IP IP Network Mask

DNA. White Paper. DNA White paper Version: 1.08 Release Date: 1 st July, 2015 Expiry Date: 31 st December, Ian Silvester DNA Manager.

NCP Secure Enterprise Management Next Generation Network Access Technology

SVN3000 Security Access Gateway SSL/IPSec VPN Access Gateway

F-Secure Messaging Security Gateway. Deployment Guide

Transcription:

S.No. Page no & clause 1. Technical 2. Technical Existing RFP Clause Vendor Queries Bank Reply Appliance should have minimum of 16 GB RAM or more expandable up to 64GB. Firewall should have dual power supplies, redundant hard disk & cooling fans. 6GB of RAM is sufficient for the appliances based on Multi Core Architecture and they provide better performance based on the System Architecture. Request you to make it 6GB or more. Considering the throughputs requested and the current FW appliance. We feel that a minimum of 16 GB RAM on the FW appliance should be sufficient to meet the Banks HDD are primarily used for storing reports, which can be stored internally or externally. Request to provide an option to provide external reporting with redundant Hard Drive if not internal. Appliance should have minimum 16 GB RAM. Solution should have dual power supplies, redundant hard disk and cooling fans on the firewall appliances as well as on centralized monitoring, management and Log server if required separately. 3. Technical The communication between all the components of Firewall System (firewall module, logging & policy management server, and the GUI/ WebUI Console) GUI and Reporting Module can be made available as an out of box management and reporting, the communication of which is encrypted. Request you to accept quotes on such solutions. Page 1 of 5

4. Technical 5. Technical 6. Technical 7. Technical should be encrypted with SSL or PKI. IPsec ISAKMP methods should support Diffie- Hellman Group 1,2,5,14 & 19, MD5 & SHA Hash, RSA & Manual Key Exchange Authentication, 3DES/AES- 256 Encryption of the Key Exchange Material and algorithms like RSA-1024 / 1536 It should support the VOIP Applications Security by supporting to filter SIP, H.323, MGCP and Skinny flows. Should have more than 100+ Categories based on Urls, Application types, Security Risk level etc Solution should have an option of mechanism of education users for eg Ask user before allowing access website. Request you to make DH group as 1, 2,5,and 14. Also the hashing parameters like MD5 & SHA along with encryption parameters such as 3DES/AES256 can provide the great level of security to the VPN. Request to make it It should support the VOIP Applications Security by supporting to filter SIP, H.323 as MGCP and Skinny flow are not commonly used protocols. Request you to make it Should have more than 80+ Categories based on Urls, Application types, Security Risk level etc. since the URL s supported with 80+ categories might be higher than the competition providing 100+ categories. It is always better to have controls in the administrators hand instead of the users, since users can access anything and everything if the access is given to them. Recommended is to use a newer As this is the Security System and latest algorithms techniques for encryption/ decryption and Hashing is necessary for the protection of the system. Bank is using VOIP application and to protect the system the said support is required. Should have more than 80+ predefined Categories based on Urls, Application types, Security Risk level etc. However solution should be able to create custom categories for URL and application. Solution should have an option of allow / block / Monitor / Authentication a user before allowing access to Page 2 of 5

8. Technical Page no- 14 Should be able to scan any file irrespective of it size. feature Temporary Access Portal where in a Portal can be made accessible to end users wherein the users can ask for temporary access of web categories or URLs through the same. Also the administrator can restrict prohibited categories which the users can access and to rule down the request put forward by his team members. The need to Allow/Block / Monitor / Authenticate a user in the Banks environment should be sufficient to meet the Bank's requirements. Kindly let us know if this wound meet UBI's requirement Scanning file irrespective of the size may increase the load on the system CPU and Memory and may drag down the performance of the Appliance. For example if the file size is 1GB it might take much time and resources of the appliance and user also will not get notified for the same. website. However solution should have capability to send customized messages to guide the user at the time of accessing website.. Page 3 of 5

9. Technical Firewall Real-Time Monitoring, Management & Log Collection should be available & stored. Not able to understand " & stored " The firewall appliance/management server should be able to store configuration and Logs locally. The Solution should be capable to take backup of the configuration and logs on periodical intervals. 10. Technical 11. Technical 12. Technical It should support BGP, OSPF, RIPv1 &2, Multicast Tunnels, DVMRP protocols Application Control Databases should have sizable application and widget control list Solution should have an option of creating custom categories for URL and Application control. Need to know the requirement of DVMRP on a security appliance Widget Control List is specific to a particular Vendor Custom Categories are not possible in Application Control but FortiOS allows for configuring Application Overrides. Kindly let us know if this would meet the Banks requirement It should support BGP, OSPF, RIPv1 &2, Multicast Tunnels, Multicast protocols like DVMRP,PIM etc. Application Control Databases should have application control list. Should have more than 80+ predefined Categories based on URLs, Application types, Security Risk level etc. However solution should be able to create custom categories for URL and application. Page 4 of 5

13. New clause NA Under NSIC and MSME, sought the exemption from tender fee and EMD/BG. MSMEs registered under Single Point Registration Scheme of NSIC may be exempt from payment of cost of RFP and EMD. For this purpose bidder must submit the relevant Registration Certificate clearly indicating their capacity and monetary limit. In case the capacity and monetary limit specified in the registration certificate is less than the tender value, bidder must get assessed the competency of the unit to execute contract of the higher value keeping in view of the pending load on the unit from inspection agency of NSIC for higher capacity / competence. However the exemption is only for Bid Security. If such a bidder is successful, then bid security as per the RFP document shall be submitted Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information