TATA POWER CC25DPP014 Privileged Access Management System PAM Instruction Manual
- September 12, 2024
- Tata Power
Table of Contents
TATA POWER CC25DPP014 Privileged Access Management System PAM
Product Information
Specifications :
- Product Name: Privileged Access Management system (PAM)
- Manufacturer: Tata Power Company Limited
- Locations: Odisha and Delhi
- Compliance: Common Criteria Evaluation Assurance Level EAL 2+, FIPS 140-2, ISO/IEC 27002
Product Usage Instructions
Downloading Tender Documents :
Interested bidders can download the tender documents from the TPC website
www.tatapower.com starting from 18.07.2024.
Submission of Tender Fee :
The Tender Fee must be submitted online through NEFT/RTGS in favor of The Tata
Power Company Limited. Bids submitted without this Fee will be rejected.
-
Pre-Bid Meeting
If there is a Pre-Bid Meeting, it will be held on 25.07.2024 at 15:30 hours. Bidders are encouraged to attend for any clarifications. -
Bid Submission Deadline:
-
The deadline for bid submission is 21.08.2024 by 17:00 Hrs. Late submissions will not be accepted.
-
Opening of Price of Qualified Bids:
The date and time of opening the Price of Qualified Bids will be notified to successful bidders through the TPC website or email. -
Regular Updates:
Bidders should regularly visit the TPC website for any modifications or clarifications to the bid documents.
Frequently Asked Questions (FAQ)
-
Q: What compliance standards must the PAM solution meet?
A: The PAM solution must comply with Common Criteria Evaluation Assurance Level EAL 2+, FIPS 140-2, and ISO/IEC 27002 standards. -
Q: How can interested bidders access the tender documents?
-
A: Interested bidders can download the tender documents from the TPC website starting from 18.07.2024.
RFQ No.: 4100035087
NIT No.: CC25DPP014
Corrigendum to
OPEN TENDER NOTIFICATION FOR Supply, Installation, Commissioning & Testing of
Privileged Access Management system (PAM) at Tata Power Odisha and Delhi.
Tender Enquiry No.: CC25DPP014
Due Date for Bid Submission: 21.08.2024 [17:00 Hrs.] The Tata Power Company
Limited
Mumbai, Maharashtra
The Calendar Events for the tender has been Revised as follows
Calendar of Events
(a)| Date of availability of tender documents
from TPC Website
| From 18.07.2024 to 14.08.2024, 15:00 Hrs
---|---|---
(b)| Date & Time of Pre-Bid Meeting (If any)| 25.07.2024 at 15:30 hours
(c)| Last Date of receipt of pre-bid queries, if
any
| 25.07.2024 up to 17:00 Hours
(d)| Last Date of Posting Consolidated replies to all the pre-bid queries as
received| 06.08.2024 up to 17:00 Hours
(e)| Last date and time of receipt of Bids| 21.08.2024 up to 17:00 Hrs
(f)| Date & Time of opening of Price of qualified bids| Will be notified to
the successful bidders through our website / e-mail.
Note :-
- In the event of last date specified for submission of bids and date of opening of bids is declared as a closed holiday for TPC Mumbai office, the last date of submission of bids and date of opening of bids will be the following working day at appointed times.
- Bidders are requested to submit bids within the due date.
- In case Bid EMD being submitted in the form of BG, then hard copy of BG should reach us before the due date. Bids submitted without BG shall not be accepted.
- Bidder can join the ariba event through the link below or seek the link from TataPower. Bids without tender fees shall be not be accepted. Any last minute request for due date extension due to ariba issues shall not be entertained.
- Ariba link
All other details as per the Original tender document dt 18.07.2024 is
applicable.
Tender documents may be downloaded by interested eligible bidders from TPC
website www.tatapower.com with effect from
18.07.2024.
The Tender Fee shall be compulsorily submitted online through NEFT/ RTGS in
favor of “The Tata Power Company Limited”. Any such bid submitted without this
Fee shall be rejected.
Bidders are requested to visit TPC website
www.tatapower.com regularly for any modification/
clarification to the bid documents.
Tender Reference – CC25DPP014| | |
---|---|---|---
Tender Name – SITC of Privileged Access Management (PAM) at Odisha and
Delhi| |
Responses to Queries
Sr No| Reference to Tata Power Tender Document / pre-bid|
Description of query| Remarks – Query / Clarification sought by
bidder| Tata Power Response
1| 2| 3| 4| 5
1| Page 3| The solution should be in the Gartner magic Quadrant for any 2 of
the last 3 years which is mandatoty for all proposed solutions.| Request to
make this as preferred Condition.| Pre-bid response dt. 07.08.24 is
applicable. Also refer to the revised architecture appended to this
corrigendum.
6| Page 9| ARCON solution exists at TPSODL and the proposed solution should
seamlessly integrate with the same for inter-operability.| Unlike other
endpoint or firewall solutions, PAM stores sensitive encrypted data and
passwords. It is not technically feasible to integrate two dissimilar vaults
having different keys and storing mechanism. From a PAM standpoint, we would
be integrating with target servers and devices directly into our PAM solution|
Kindly refer to the revised architecture appended to this corrigendum.
7| | | This integration point requested may not be relevant and will lead to
bidders proposing only a single PAM vendor (i.e. Arcon). To allow more
participation and evaluation options for Tata Power, we sincerely request you
to remove this
point.
| Kindly refer to the revised architecture appended to this corrigendum.
8| Page 3| PAM solution must have Common Criteria Evaluation Assurance Level
EAL 2+, FIPS 140-2, ISO/IEC 27002 compliant.| Request Tata Power to remove the
addition of point 10 mentioned in page 3 of the corrigendum.| This is to
clarify that proposed solution should be 3rd party tested for relevant EAL /
FIPS/ ISO27001 standard to ensure better Assurance level.
10| –| | How many privilege users will have third-party tool/ thick client-
based access through PAM, such as, target Database access using, MS SQL Studio
client, SQL Developer for Oracle Database etc. Request you to provide the
count of such users out of total PAM users?| Kindly refer to the revised
architecture appended to this corrigendum.
15| Page 3| Gartner Quadrant| Request to make this as preferred Condition.|
Pre-bid response dt. 07.08.24 is applicable. Also refer to the revised
architecture appended to this corrigendum.
16| –| Eligility criteria of relavent work experience| We are unable to
participate this bid after the
pre-bid response of PAM experience only.
|
Tender clause stands
17| Page 9| **ARCON solution exists at TPSODL and the proposed solution should seamlessly integrate with the same for inter-operability| Please help us understand the use case here.|
Kindly refer to the revised architecture appended to this corrigendum.
18| –| Do users have access to multiple sites, or is it limited to one
dedicated site| Could you please confirm if the employees of all DISCOMS are
connected to their respective local Active Directory (AD) systems, which are
synchronized with the global AD to facilitate access to multiple sites? Your
clarification on this matter would be greatly appreciated.| Kindly refer to
the revised architecture appended to this corrigendum.
19| –| How many applications are expected to be hosted via PAM (Privilege
Access Management)? This information will assist in sizing the RDS (Remote
Desktop Service) server| we need an approximate count of applications to be
hosted via PAM| Kindly refer to the revised architecture appended to this
corrigendum.
20| Page 3| Gartner Quadrant| Request to make this as preferred Condition.|
Pre-bid response dt. 07.08.24 is applicable. Also refer to the revised
architecture appended to this corrigendum.
21| 1.7 Qualification Criteria| Pre – qualifying conditions| For Global
experiences kindly clarify if the ,conversion rate on the date of PO issuance
needs to be considered for the conversion of value into INR or kindly provide
the value conversion guidelines to be considered for this tender.|
Tender clause stands
22| 19 Termination|
- handover all Documents, equipment, materials and spares relating to the supply of goods prepared by the
- Contractor or procured from other sources up to the date of termination for which the Contractor has received payment equivalent to the value thereof; and”
| Kindly clarify if there is any minimum no. of spares requirement to
considered so that the appropriate financials of the same can be considered.|
Tender clause stands
23| 1.4 Mandatory documents required along with the Bid| Proof of successful
handling/completion of AMC| As many of the projects are under NDA with the
customer, so kindly allow Chartered Accountant (CA) certificate showcasing the
required details.| Bidders to submit relevant proof as per the tender
requirement
24| 1.4 Mandatory documents required along with the Bid| Proof of successful
Implementation/completion of new installations| As many of the projects are
under NDA with the customer, so kindly allow Chartered Accountant (CA)
certificate showcasing the required details.| Bidders to submit relevant proof
as per the tender requirement
HLD – PAM Deployment Architecture
Proposed Solution Connectivity Steps envisaged (As per above Architecture)
- User shall select the appropriate PAM portal and authenticate.
- Local PAM Gateway Agent shall connect with local Discom AD to authenticate and Connect to the appropriate PAM Server
- PAM Server shall show the list of Servers user is having access and user shall select the Server for access via PAM.
License Revision
| Discom | Host License Requirement | User License Requirement |
|---|---|---|
| TPDDL | 300 | 60 |
| TPCODL | 400 | 80 |
| TPNODL | 500 | 100 |
| TPWODL | 300 | 60 |
| Total | 1500 | 300 |
The Quantity Mentioned here is indicative and minimum quantity shall be 1300 Nos. with 20% user licenses.