Professional Documents
Culture Documents
2019/2020 A005
TERMS OF REFERENCE FOR THE APPOINTMENT OF A SERVICE PROVIDER TO
PROVIDE DMRE WITH HOSTED TELEPHONE SERVICES (PABX), HOSTED
SERVER INFRASTRUCTURE, INCLUDING THE FOLLOWING SERVICES:
EXCHANGE SERVER 2016, ACTIVE DIRECTORY 2016, ALL DMRE CORE
APPLICATIONS FOR A PERIOD OF 36 MONTHS.
1. INVITATION
2. CONTRACT PERIOD
3. OBJECTIVE
4. BACKGROUND
The current DMR Data and telephone infrastructure is running on the 3COM
Technology Telephone (VCX, Gateway and 3COM switches) and Data (Dell,
EMC storage and HP). The current virtualization software is VMware and hyper
visor for other regional branches.
Page 1 of 25
The infrastructure is out of warranty and has reached the end of life which
means that the spares equipment’s are no longer available in the market and
support is limited from the vendors/suppliers.
The hardware has completed eight-year lifespan and the managed services has
lapsed in March 2013.
The solution will be deployed to all sites as per the table below:
NB: The location of sites might change.
5. SCOPE OF WORK
The Department needs a one stop integrated solution with the following
capabilities:
Page 2 of 25
5.1 Deploy hybrid Microsoft Active Directory Services 2016 latest version,
Microsoft Exchange Services 2016 latest version to the new DMRE
domain services
5.1.1 The Microsoft Exchange server 2016 latest version must be hosted using
IaaS model (Infrastructure as a Service). The service provider will be
responsible for the OS and keeping the Exchange application available.
Administration of the Exchange server will be done remotely by DMRE
Exchange Administrator.
5.1.2 The service provider must provide, install and maintain Windows Server
Operating Systems, i.e. OS patching, security upgrades, OS hardening
and OS upgrades.
5.1.3 For hybrid purposes Service provider to Upgrade the on-premises DMR
and Energy Active Directory Forest Infrastructure to Windows Server
2016 version and ensure that the two domains integrate with the new
DMRE domain, in addition to perform the hardening activities needed and
Perform remediation on all issues.
5.1.4 Enable active directory (AD) to connect between on-premises
environment with office 365 and migrate few mailboxes for testing
purposes.
5.1.5 State-of-the-art e-mail hygiene services must be included in the service
offer, including SPAM filtering, malware filtering, anti-spoofing, and
identification and blocking of zero-day attacks (sandboxing). The
effectiveness of the e-mail hygiene service needs to be detailed in the bid
document
5.1.6 Service provider must conduct and lead the solution envisioning
workshops, to discuss and capture the solution requirements.
5.1.7 Service provider must conduct the AD Design and Upgrade, planning
workshops for the DMRE production AD Forest (Single AD Forest:
dmre.gov.za) and its Child Domains.
5.1.8 Service provider will be required to remove/clean all Legacy Domain
Controllers.
5.1.9 Deploy DMRE Microsoft Exchange 2016 latest version and migrate all
existing mailboxes from DMR and Energy exchange servers.
Page 3 of 25
5.1.10 Enable mail archiving solution to ensure business continuity
5.2.1 The required storage space must be made available by the service
provider for the various applications to function optimally and 200TB of
storage should use as a base.
5.2.2 As DMRE’s storage space requirements increase, additional storage
space must be made available at a predetermined cost
5.2.3 The service provider must make general data storage space available to
DMRE as part of the service offering, i.e. storage not necessarily
associated with a server or application but used for general file storage.
The cost of renting the storage space on a monthly basis must be
specified in the tender bid document.
5.4.1 DMRE requires 99.5% availability. Any failures to meet this target must
result in penalties payable as per predetermined penalty clauses.
5.4.2 The datacentre must be connected to one or more additional data centres
situated in South Africa and the data replicated every 15 minutes from the
primary to the secondary data centre. Should the primary data centre fail,
DMRE users must be automatically failed over to the secondary data
centre within a period not exceeding 4 hours.
5.4.3 The service provider must make use of tier two data centres to provide
the stipulated services to DMRE.
Page 4 of 25
5.4.4 Disaster recovery tests of DMRE hosted servers and applications must be
conducted every six months by the service provider and the results
reported to DMRE.
5.5.1 The service provider must provide a backup service for DMRE data
residing in the service provider’s data center that meets the requirements
listed below. The cost of the service must be included in the monthly
service fee.
Page 5 of 25
must be provided at monthly SLA meetings between the DMRE
and the service provider.
5.5.4.1 Since DMRE long term plan is to move most of its servers to the
cloud, the cloud service provider must be able to host non-core
DMRE applications and servers at the same data center used for
the hosting of the core applications. This includes Windows
servers and applications such as SharePoint, SQL, file servers, as
well as non-Microsoft applications such as Manage Engines,
Magic etc. These should be provided as either Infrastructure as a
Service (IaaS) or as Software as a Service (SaaS), depending on
DMRE requirements.
5.6 Replacement of Switches with for Power over Ethernet capability (POE)
capability
5.6.1 Service provider to replace current network switches for both DMR and
DoE (Attached Annexure A)
5.6.2 Monitoring solution for all switch devices.
Page 6 of 25
5.6.3 Switches equipment should be an outright purchase.
5.7 Wi-Fi LAN Coverage on the Campus Network for all DMRE offices
5.7.1 Wi-Fi LAN Coverage on the Campus Network for all DMRE offices
5.7.2 Internet gateway connectivity for the wireless network
5.8.1 Supply, install and maintain a hosted or on premise VOIP PABX system
which includes the following:
Page 7 of 25
5.8.1.8 The solution should cater for reporting on caller activity per user
and be able to allow the user to identify personal calls from work
related calls. Reporting functionality should be via a web interface
to allow users to login and view and manage their usage.
5.8.1.9 Auto Attended IVR (Interactive Voice Response)
5.8.1.9.1 Allow caller to be transferred to the relevant extension without
the intervention of an operator. i.e. press 1 for department 1,
press 2 for department 2 or hold for switchboard.
5.8.1.9.2 Ability for the system to use auto-attended on identified
extensions.
5.8.1.9.3 The solution must cater for hunting capability.
5.8.1.9.4 System must be able to forward calls to other extension within
the same business unit if the number is busy or unavailable.
5.8.1.9.5 There must be an ability to provide announcements or delay
treatments while in a queue and these must differ and change
between various callers.
5.8.1.9.6 Ensure in the event the call is queued and the agent does not
become available within a predefined period the call needs to
be re-queued.
5.9 Supply, install and maintain Call Centre Management System which
includes the following:
5.9.6 The IVR system should be customized as per DMRE request as follows:
Page 8 of 25
5.9.6.1 Ensure in the event the call is queued and the agent does not
become available within a predefined period the call needs to be
re-queued.
Page 9 of 25
options, e.g. individual enquiries press 1, business enquiries press
2 etc.
5.10.13 Hunt group to be setup for each department
5.10.14 All calls to be recorded and kept on disk for a minimum of 6
months and then backed up to tape and kept offsite for a period of
1 year.
5.10.15 The system must general individual report and show the following:
5.10.16 The system should record all calls taken by Call Centre agents
and times for quality assurance purpose.
5.10.17 The Call Centre agent will log calls received using the new
implemented system.
5.10.18 View reports-The Call Centre agent will be able to view all calls
received and logged under their name using the new implemented
system.
5.10.19 Auto Answer within 3 rings.
5.10.20 Calculate compliance based on the following:
5.10.21 The overall target compliance for each agent must be 98%.
Page 10 of 25
5.11.1 The system should provide telephony functions on the existing underlying
data infrastructure within DMRE.
5.11.2 The hosted or on-premise solution must be an easily updatable and
manageable solution and should not hinder the Authority from integrating
with other standards-based telephony solutions including Microsoft
Exchange and Microsoft Skype for Business or newer versions or
derivatives of the above when available.
5.11.3 The system should manage Call Admission Control (CAC) mechanisms to
optimize the usage of the bandwidth in the WAN for multi-site
configurations.
5.12.1 The system software must be hosted in the DMR’s private cloud or on the
Bidder’s premises with API interface as may be required by the DMRE as
per the government policy.
5.12.2 The system must manage, control and support a range of IP telephone
stations for both voice and telephony applications as well as IP
application stations for voice, telephony, and Web services support
including Microsoft Exchange and Microsoft Skype for Business.
5.12.3 All hardware is to be owned and maintained by the hosted provider.
5.13.1 The Service Provider must determine DMRE specific cloud security
requirements and propose additional security requirements based on best
practices where necessary.
5.13.2 The Service Provider must document the agreed-on security controls, and
review and update these policies as necessary to ensure they remain
current and effective.
5.13.3 The Service Provider must implement the cloud security strategies, and
monitor and assess effectiveness thereof
5.13.4 The solution must provide self-protection mechanisms to counter Denial
of Service attacks.
Page 11 of 25
5.13.5 The solution should have virus protection and avoid spreading of possible
viruses. The System must support Network Time Protocol V4.1.2 (RFC
1305) to synchronize the system data/time of network devices.
5.13.6 The System must support Syslog services for both internal and external
command and configuration control accounting with a minimum of 5-day
history.
5.13.7 IP Phones should not support direct, external initiated, connections via
HTTP, telnet, FTP, TFTP or any other protocol as means to prevent
distributed Denial of Service attack exploitation.
5.13.8 The bidder must ensure that the hosted VOIP PABX solution is configured
in a highly availably fashion and supports failover to a secondary solution
or data centre in the event of an outage. The solution must be able to
integrate with other sip devices without additional licences
5.13.9 IP Phones must support 802.1x (EAP-MD5 or better) for authentication
and access control to the network, this mechanism must allow the user to
be connected to the solution once he has passed the authentication
process; not before.
5.13.10 The IP Phones should use Microsoft AD authentication and a
primary means to authenticate users. Users should ideally be
allocated PINs associated to their AD accounts for authentication.
5.13.11 The hosted or on premise VOIP PABX system should have the
capability to, based on standard mechanisms (such as 802.1Q
and DHCP), assign automatically the corresponding voice VLAN
number to the IP station clients during IP station initialization,
allowing for the separation of voice and data traffic at the IP
station.
5.13.12 The IP station must have the ability to strip any VLAN tags
assigned to traffic entering the network through the 'guest port' of
the IP station, and further can switch that traffic into an identified
data VLAN, further enhancing enforced voice and data traffic
separation.
5.13.13 The management Platform must provide a backup mechanism for
all critical system information in both a manual and an
automatic/scheduled archival and a Disaster Recovery
Page 12 of 25
mechanism.
5.13.14 The hosted or on premise PABX solution should provide complete
encryption capabilities with the ability to encrypt all traffic (media
and call control signalling) between IP phones, call controllers,
media gateways and all other associated endpoints via a strong
encryption algorithm (e.g. IPsec and SRTP, etc.).
5.13.15 The hosted or on premise VOIP PABX solution should encrypt the
voice content as well as the signalling between the IP station and
the call server.
5.13.16 For multi-node solutions, IP stations must be capable of
communicating via encrypted streams between any and all
physical and logical network areas.
Page 13 of 25
5.15.1 Allow the Authority to setup Allowance Limit for Each Extension,
5.15.2 The system should calculate all calls made by the user monthly and allow
the user to mark calls as personal or work related.
5.15.3 The system should be able to deduct the allowance from the total calls
made and display the Total owed by the user,
5.15.4 Users should be able to login directly (VIA Web Portal) to the system
using the unique username.
5.15.5 The system should advice users when they are about to reach certain
percentage of the allocated allowance.
5.15.6 The solution should allow for allocating a fixed monthly allowance once
limit is reached the responsible manager will motivate for increase.
5.16 Service provider to supply and install fully equipped boardroom facilities.
5.17 Service provider to supply and install video conferencing equipment for
minimum one boardroom per region.
Page 14 of 25
6.1.11 Guide of the Exchange upgrade
6.1.12 Implement and configure Exchange 2016 based on Microsoft low Level
design document.
6.1.13 Migrate up to 1,800 mailboxes from old DMR and Energy Exchange setup
to new one Sign off.
6.1.14 Decommission old Exchange setup
6.1.15 Successful installation of the hosted or on premise VOIP PABX
6.1.16 Call Centre Management Systems as per the requirements.
6.1.17 Acceptable uptime of more than 98% per month for the duration of the
contract.
6.1.18 Implementation and utilization of Telephone Management System as
indicated under scope.
6.1.19 Successful implementation of the project plan.
6.1.20 Project Charter
6.1.21 Stakeholder management plan including project organization structure
and roles and responsibilities
6.1.22 Communications management plan
6.1.23 Risk management plan
6.1.24 Procurement management plan
6.1.25 Detailed project schedule and WBS
6.1.26 Scheduled project status and progress reports
6.1.27 Bi-Weekly and monthly status and progress reports
6.1.28 Project closing presentation
6.1.29 Project conclusion document outlining work completed, lessons learned
and recommendations for “next steps”
6.1.30 SLA document will be drawn up with a successful bidder.
6.1.31 Policies, procedures and processes
6.1.32 Warranty Document and License Packs/Portal
6.1.33 Fully functional video conferencing across all regions and communicating
to each other (regions)
6.1.34 Fully installed and functional boardroom facilities.
Page 15 of 25
7.1.1 Provide documentation of the current infrastructure.
7.1.2 Provide access to the current infrastructure
7.1.3 Manage and monitor the delivery of services through the SLA which will
include periodic performance review.
7.2 The Service provider will be responsible for:
7.2.1 The Service Provider shall perform strictly in accordance with the
requirements of the Terms of Reference and Service Level Agreement.
7.2.1 The Service Provider shall at all material times act diligently, reasonably
and with care, when dealing with all Departmental information and/or
intellectual property belonging to the Department.
8. REPORTING REQUIREMENTS
8.1 This project will be implemented in line with the Scope of work and will
be managed based on the following:
8.1.1 Service provider will report to the Chief Information Officer or delegated
official.
8.1.2 Service provider will be expected to provide various reports monthly (e.g.
project status report) in a form of Portable Document Format (PDF)/
Microsoft standard format, as well as provide any other project related
report/s as requested by the Department.
8.1.3 Service provider will be expected to have compulsory meetings with the
Department in accordance with service level agreement for the duration
of the lease agreement. In case of emergencies, either party may
propose a meeting and both parties must reasonably avail themselves for
such a meeting.
8.1.4 Service provider will be expected to provide all the project management
documents in line with the DMR methodology.
9.1 Bidders are requested to submit five copies of technical proposals plus the
original.
Page 16 of 25
9.2 Service providers are expected to index the proposals for easy reference.
Compliance Criteria
• A valid and original Tax Clearance Certificate
• An originally signed B-BBEE Certificate or affidavit
• Signed SBD forms
Disqualifying criteria:
• Signed accreditation certificates on letter head:
• OEM accreditation for software
• OEM accreditation for all solutions offered
• Hosting must be in South Africa
A score is allocated to each proposal and if the document scored more than the
minimum requirement for functionality of 70%, service providers will be eligible to
move to the next round on evaluation stage.
Page 17 of 25
12. COMPANY EXPERIENCE IN CONDUCTING SIMILAR PROJECTS
12.1 Service provider should have minimum of five (5) years’ experience in
implementation of the similar project
12.2 Service provider is required to provide proof in form of testimonial
indicating that they have successfully implemented similar project. The
testimonial(s) or reference letter(s) must be in signed and in letterhead of
company that received the services, duration of the project executed and contact
details for verification purposed.
12.3 Testimonials should reflect projects executed within 5 years.
12.4 DMRE reserves the right to contact the persons on the Testimonial/s or
Reference Letter/s should include contact details for verification purposes.
Page 18 of 25
13.1.4.1 Must have certification in of the proposed solution(s) equivalent to
MCSE. 3-years’ qualification in Information Technology or
equivalent is added advantage
Page 19 of 25
14.1.5 The team members must have a minimum of 3-years’ experience in
successfully implementing similar project as per our TOR.
14.1.6 Qualifications should be certified, and international qualifications should
be verified by SAQA. If not, they will be ignored.
14.1.7 The service provider is required to attach detailed CV’s as it will be used
to account for experience.
NB: Minimum 2 resources per stream. Addition number of resource will
be added advantage.
16.1 The company’s technical proposal should clearly demonstrate that they
understood the TOR requirements, have adequate infrastructure (office
across all regions with contact number and physical address, warehouse
and distribution etc) to execute the project within the stipulated
turnaround times.
16.2 Proposal should also include detailed implementation approach.
16.3 Must clearly indicate technology readiness and network coverage.
16.4 All shortlisted service providers will be expected to do a presentation
where points will be allocated.
Page 20 of 25
17.1 Each proposal with a functionality score of more than the minimum
required, will be on equal footing to proceed to this final round of evaluation.
The proposed price and B-BBEE compliance are the only aspects considered
in this round. The final evaluation score is calculated on 80/20* principle. The
submission that scores the highest in this round will be awarded the tender or
it may be a lower scoring bid on justifiable grounds or no award at all.
CRITERIA WEIGHT
Project cost 80
B-BBEE Status level contributor 20
18. PRICING
19.1 Provision of the Preferential Procurement Policy Framework Act (PPPFA), Act 5
of 2000 and its regulations 2017 will apply in terms of awarding points.
Page 21 of 25
19.2 Preference Points Claim Form, SBD 6.1 should be completed and signed by the
bidder to be able to claim preference points.
19.3 Calculation of points for B-BBBEE status level contributor:
19.4 Points will be awarded to a bidder for attaining the B-BBEE status level of
contributor in accordance with the table below:
20.1 Criteria to be considered in evaluating the bid 80/20 in terms of the Preferential
Procurement Policy Framework Act is applicable. Table below will be applied in
order to evaluate each bid.
Page 22 of 25
TEAM LEADER
- 5
- Team leader’s Qualifications
- 15
- Team leader’s Experience
TEAM MEMBERS
NB: Bidders who obtain at least 70% under technical evaluation will be eligible to
Page 23 of 25
21.4 The DMR will be under no obligation to accept any quantities in excess of those
ordered.
21.5 Deliveries not complying with the purchase order will be returned to the service
provider at the service provider’s expense.
21.7 The service provider will sign a confidentiality agreement regarding the protection
of DMR information that is not in the public domain.
21.9 The Service provider will be expected to enter into a Service Level Agreement
and be subject to a periodic performance review. The SLA should include sign off
in terms of all replenished consumables for monitoring purposes
21.10 The service provider will be expected to fully guarantee and maintain all items on
the contract against manufacturing defects and provision of valid and up to date
system/ software licenses for the entire agreement period of five years.
21.11 Delivery must be within 30 days after issue of the purchase order.
21.12 The DMR reserves the right to verify the authenticity of the information submitted,
any falsified information may result in the disqualification or cancellation of the
contract.
22.2 If subcontracting is envisaged, the service provider must clearly indicate which
parts of the work will be subcontracted. The service provider must accept full
responsibility for any work that is subcontracted.
22.4 Where no subcontractor is given, it shall be assumed that the work shall be carried
out directly by the service provider.
22.5 Should it transpire that the proposal submitted by the service provider is not
acceptable; the Department may decide to reject the proposal.
Page 24 of 25
22.6 Data created or collected from a third party on behalf of the Department by the
service provider, as part of contract performance, shall become the property of the
Department.
22.7 Data provided to the service provider by the Department shall remain the property
of the Department. The service provider may not release or make use of such data
except authorised in writing by the Department.
22.8 For any third-party software, as part of this project, the service provider must
warrant to the Department that it has obtained all rights, licenses, permissions and
authorisations necessary or incidental to any materials owned by third parties
supplied or specified by it for incorporation in the project.
Page 25 of 25