IT services: consulting, software development, Internet and support | Tenderlake

IT services: consulting, software development, Internet and support

Contract Value:
EUR 10M - 10M
Notice Type:
Contract Notice
Published Date:
01 August 2023
Closing Date:
28 August 2023
Location(s):
DE7 HESSEN (DE Germany/DEUTSCHLAND)
Description:
Support safety components

Procurement of support services to secure network transitions in the LAN and WAN environment through security gateways for connecting various internal and external network areas.

The aim is to conclude a framework agreement (for a total term of 4 years) for support services to secure network transitions in the LAN and WAN environment through security gateways for connecting various internal and external network areas (Hesse network, third-party networks and Internet).

The total tender volume amounts to € 9,850,000.00 (net) for a total term of four years.

The security gateways vary according to the requirements of the security guidelines of the respective network gateways. In addition to security gateways, which consist only of a firewall cluster, more complex security gateways are in operation to separate special security zones from external networks and the Internet. These security gateways consist of, among other things, complex architectures with firewall systems, network components and servers that provide basic infrastructure services (e.g.: http proxy DNS, mail relaying and systems with antispam and antivirus checking) for communication with internal and external networks.

Overall, there are high security requirements for confidentiality, integrity and availability of communication for the services to be awarded. Efficient and comprehensive fault management supports the continuous availability and safety of the components used. In order to fulfil these tasks, HZD is looking for a service partner to support HZD in the operation of the security gateways.

The components are operated continuously 24 hours a day, 7 days a week. The inventory is subject to constant changes due to the needs of end customers. The contractor must be able to implement the need for change in a timely manner and under the conditions offered within the framework conditions described. Forecasts of future demand are estimates and do not lead to any purchase obligation, but only provide indications of the currently expected development of demand during the term of the contract.

Present security components:

1. Firewalls

- Checkpoint

- Genuscreen

2. Webgateway

- Broadcom ProxySG (BlueCoat)

- CISCO Web Security Appliance (WSA)

- Squid Proxy based on Linux appliances

3. DNS-Server

- Bind DNS based on Linux appliances

4. Mail relay server with anti-spam and anti-virus components

- Mail relay systems based on Linux appliances

5. Netzwerkomponenten

Current service solution:

In the following, the service solution that HZD (hereinafter also referred to as the client, abbreviated AG) provides to its customers (offices of the state) is described and explained in more detail.

The services include consulting and procurement, integration into the existing network structure, implementation of security policies and regulations, as well as day-to-day operation and monitoring of security and infrastructure components. The service is provided by HZD with the support of the contractor up to 24 hours a day, 7 days a week. The responsible contractual partner vis-à-vis the customer is HZD. The Contractor shall use only the central management tools provided by HZD for active network monitoring and fault containment and shall therefore be completely subject to HZD's control. The type and scope of fault documentation are specified by HZD within the framework of standardised service processes. HZD operates the services and their components at various service levels, which differ in the type of remote monitoring by HZD or the contractor. The customer has the option to choose between the following services. The services are offered in the form of service packages, each with different service levels.

Serviceklassen:

- "Operating hours": base Mon-Sun 00:00-24:00; 24*7 Incident Mon-Sun 00:00-24:00; Premium Mon-Sun 00:00-24:00

- "Service time": basic Mon-Thu 08:00-16:00, Fri 08:00-14:30; 24*7 Incident Mon-Sun

00:00-24:00; Premium Mon-Sun 00:00-24:00

- "Call acceptance": basis Mon-Sun 00:00-24:00; 24*7 Incident Mon-Sun 00:00-24:00

Clock; Premium Mon-Sun 00:00-24:00

- "Maintenance window": basic 4h per week, Tue 18:00-22:00; 24*7 Incident 4h each

Week, Tue 18:00-22:00; Premium 4h per week, Tue 18:00-22:00

- "Response time": - Base PRIO A: 4 hours, PRIO B: 4 hours, PRIO C: 8 hours, PRIO D: 12 hours;

- 24*7 Incident PRIO A: 1 Std., PRIO B: 2 Std., PRIO C: 4 Std., PRIO

D: 12 hrs.

- Premium PRIO A: 1 Std., PRIO B: 2 Std., PRIO C: 8 Std., PRIO D: 12

Std.

- "max. on-site time (HWTausch)": basis 24h during the "service time basis"; 24*7

Incident 24h during the "service time basis"; Premium 4 h during the "service time"

Premium"

Service overview:

The client expects the contractor to provide operational support for the safety components. The services required by the contractor are to be designed and interlinked in such a way that the commitments agreed with the HZD customers can be kept at all times. The contractor will adapt its own service processes according to the requirements of the client. The Contractor undertakes to integrate the Trouble Ticket System (currently Remedy) used in the HZD into its infrastructure. HZD intends to replace Remedy with Cherwell during the term of the contract. The contractor undertakes not to charge any additional costs for this change. Furthermore, he undertakes to create the organizational prerequisites for the implementation of the reporting/information channels in his support structure. This must be proven by a declaration of consent (file: "declaration of consent") when the offer is submitted. The use of communication or administration systems of the contractor for the provision of the services is excluded.

By submitting his offer, the contractor undertakes to provide the required services in full by 01.11.2023 at the latest after providing technical access and a maximum of 4 weeks of instruction. Due to the dynamics in this environment and the long-term commitment of at least two years, it can be assumed that there will be release/version changes or the use of successor products or products from other manufacturers in the affected systems. The contractor must therefore be able to support both the current versions of the software used or the current products and, if necessary, old versions. The contractor undertakes to train its employees accordingly in the use of new products so that the provision of services is still possible. It can be assumed that during the term of the framework agreement there may be changes (extensions as well as reductions) of the range of services in the variants described above due to new release/version changes or the use of successor products or products from other manufacturers in the affected systems. As an example, the change of the web gateway product ProxySG from the manufacturer Broadcom to the product Secure Web Appliance from the manufacturer CISCO, which is comparable in function, is currently on the agenda. The services to be provided by the bidder are identical. By submitting his offer, the contractor assures that he is in a position in terms of expertise, personnel and time to guarantee support services by professionally qualified (certified) employees for the services described in this bill of quantities according to task and scope. The contractor also assures that the systems listed in this tender will be supported by him for at least five years after the start of the contract.

HZD offers its customers the operation of security gateways. This service includes, among other things, 1st and 2nd level support in the event of malfunctions. When carrying out the infrastructure operation, the client is guided by the IT service management processes according to ITIL. Decisive for the provision of the services are essentially the IT service support processes.

The client expects the support of the contractor in the following areas:

• 1st and 2nd level support for the safety components

• Hardware replacement and remote commissioning

• Replacement device management and on-site hardware replacement

• Herstellerrückversicherung

• Systembetrieb

• backup

• Change Management

• Problem Management

• Release Management

The required services must be designed and interlinked in such a way that they are compatible with the service hours.

The services to be provided by the contractor are mainly in the area of incident management and operational activities. In the case of the 24x7 incident service class to the customer, the services are divided between HZD and the contractor. The HZD provides the services during the service time of the service class Basis. Outside of these hours, a service class "IM Night" is defined as relevant for the contractor. At this time, the contractor takes over the services. Incident management includes:

1st level support, 2nd level support, hardware replacement and on-site commissioning

The places of service provision are basically all offices of the state of Hesse, all current and future locations of the HZD in Wiesbaden, Mainz and Hünfeld as well as the location of FITKO in Frankfurt am Main. The services may be provided under certain circumstances. are also provided at the contractor's location.

Download full details as .pdf
The Buyer:
Land Hessen, vertreten durch die Hessische Zentrale für Datenverarbeitung
CPV Code(s):
72000000 - IT services: consulting, software development, Internet and support