Type of document: Invitation to tender
Country: United Kingdom
OJEU Ref: (2017/S 202-415396/EN)
Nature of contract: Supply contract
Procedure: Open procedure
Regulation of procurement: EU
Type of bid required: Global bid
Contract notice
Supplies
Directive 2014/24/EU
Section I: Contracting authority
I.1) Name and addresses
Official name: Barnsley Metropolitan Borough Council
Postal address: Westgate Plaza One, Westgate
Town: Barnsley
Postal code: S70 2DR
Country: United Kingdom
Email: jamesfarrimond@barnsley.gov.uk
Internet address(es):
Main address:
Address of the buyer profile:
I.3) Communication
The procurement documents are available for unrestricted and full direct access, free of charge,at:
Additional information can be obtained from:
the above mentioned address
Tenders or requests to participate must be submitted:
electronically via:
I.4) Type of the contracting authority
Regional or local authority
I.5) Main activity
General public services
Section II: Object
II.1) Scope of the procurement
II.1.1) Title: Cyber Security.
Reference number: DN299755
II.1.2) Main CPV code: 48000000
II.1.3) Type of contract: Supplies
II.1.4) Short Description: The Council has multiple lines of defence when it comes to security; a number of endpoint products are due for contract renewal within the next 12 months. The Council’s IT Services is undergoing a rationalisation programme to streamline the number of contracts with multiple suppliers. As a result, a number of services have been pulled together to create a Cyber Security Suite which includes Endpoint antivirus, Email Protection, Password Solutions, Policy Management, Vulnerability Scanning, Phishing Simulation and Consultancy.
II.1.5) Estimated total value:
Value excluding VAT: 985000.00 Currency: GBPII.1.6) Information about lots:
The contract is divided into lots: Yes
Tenders may be submitted for all lots
II.2) Description
II.2.1) Title: Email Overview
Lot No:1
II.2.2) Additional CPV code(s)
48000000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 1 — Email Overview (Secure Email and Email Filtering)
There are newly introduced Government standards that the Council would like to comply with going forward, these are based around e-mail security and encryption, specifically DMARC and SPF, there is a requirement that the encryption used should be a minimum of TLS 1.2. Guidance on Government secure e-mails can be found here.
We would like to utilise the solution to replace the current encrypted e-mail solution and GCSX (Government Secure Intranet) secure e-mail solution that we have in place for secure e-mail exchange between both government partners and external non-government parties. Additionally, the council has a noncore requirement for replacement of a hosted secure e-mail solution that is used to generate invoices and mail these securely to customers. If an API or similar integration method is offered for the encrypted e-mail solution then this could also be used to replace this system in addition.
We would foresee that the e-mail filtering and encryption products could be via a single interface or product. There is a requirement for a secure portal or web based access to allow non-Government or non-technical users to be able to utilise the secure e-mail functionality.
We would like to use this opportunity, to make sure we are in a position for GDPR compliance, so want to make use of DLP policies on the device and some form of protective monitoring of e-mails, both within the content body and attachments.
**Please note this lot compromises of 2 elements Secure Email and Email Filtering. Secure Email contract start date will be 1.4.2018 and Email Filtering start date will be 19.5.2018.**.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 40000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-04-01End: 2021-03-31
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
II.2.1) Title: Endpoint Protection
Lot No:2
II.2.2) Additional CPV code(s)
48000000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 2 — Endpoint Protection
In addition to signature based end point security, we would like to incorporate the use of behavioural based threat protection, which will involve consistently monitoring for abnormal behaviour patterns across our entire corporate network, but primarily on the endpoint devices.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 70000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-05-07End: 2021-05-06
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
II.2.1) Title: Password Enforcment
Lot No:3
II.2.2) Additional CPV code(s)
48000000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 3 — Password Enforcement
The Council is looking to increase the security of the password policies whilst looking to make the process easier for the end user.
The Council would expect to see features like blocking of dictionary passwords, blocks on reuse of similar passwords, self-reset and some kind of password strength tool to show users how secure / insecure a password is.
The password solution will need to work with Active Directory as this is our one source for Single Sign On within various products used across the corporate estate.
We would like to implement a password reward system, whereby users who use stronger passwords are rewarded with a longer expiry period, if this is possible.
We currently have a password reset tool and are hoping to replace this and build upon the functionality offered by a replacement product.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 10000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-07-31End: 2021-07-30
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
II.2.1) Title: Policy Management
Lot No:4
II.2.2) Additional CPV code(s)
48000000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 4 — Policy Management
The Council are looking to be able to rapidly distribute policy changes, updates and news to users across our corporate estate. This is to enable better policy understanding and compliance across the organisation.
The Council would be looking for an easy to use and understand management interface that would allow us to audit policy, and target updates or tests at specific user groups.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 18000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-04-01End: 2021-03-31
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
II.2.1) Title: Vulnerability Scanning
Lot No:5
II.2.2) Additional CPV code(s)
48000000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 5 — Vulnerability Scanning
The Council are aiming to complete proactive scanning throughout the year on a regular cycle and make changes to secure any issues that have been identified. The Council view this as taking a proactive approach to security by blocking loopholes before they are exploited by the new generation of ransomware.
The Council are looking for a regularly updated tool that will be able to scan end user devices as well as servers, switches and firewalls for known vulnerability in Hardware and Software including both Operating Systems and applications. This will allow us to patch and take appropriate controls to secure our entire estate.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 18000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-04-01End: 2021-03-31
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
II.2.1) Title: Phishing Simulation
Lot No:6
II.2.2) Additional CPV code(s)
48000000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 6 — Phishing simulation
The Council currently have a phishing simulation tool that we have used across the authority with some relative degree of success. The Council currently complete most of our education of phishing manually and would like to move towards to more automated solution. We’d like to build education and training into the core of our phishing simulation, with the ability to run campaigns targeted amongst individual groups of users, or levels of management etc.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 8000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-03-03End: 2021-03-02
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
II.2.1) Title: Security Consultancy
Lot No:7
II.2.2) Additional CPV code(s)
72200000, 72600000
II.2.3) Place of performance
Nuts code: UKE31
II.2.4) Description of the procurement:
Lot 7 — Security Consultancy
The Council has a requirement to carry out annual an IT Health check for our PSN membership, and are looking toward gaining Cyber Essentials Plus and PCI DSS compliance.
The Council is looking for a partner to be able to carry out the above certifications / audits as required and also assist us with gaining the accreditations. The accreditation requirements for ITHC. Cyber Essentials and PCI DSS are not a strict requirement within the first year, but we would like to be able to plan our work towards these, with support from a consultancy provider.
The support could be in multiple forms for example a number of days over the duration or the agreement or a set number of days per year, these could be weighted around timescales to help us achieve compliance. We are open to new ideas and creativity in this area, in terms of how the consultancy could be delivered to suit the Council and provider.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value:
Value excluding VAT: 33000.00 Currency: GBP
II.2.7) Duration of the contract,framework agreement or dynamic purchasing system
Start: 2018-04-01End: 2021-03-31
This contract is subject to renewal: no
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted: no
II.2.11) Information about options
Options yes
Description of options: 2 different products may be submitted per lot as stated within Appendix 5 of the Pricing Schedule.
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:no
Section IV: Procedure
IV.1) Description
IV.1.1) Type of procedure:
Open procedure
IV.1.8) Information about the Government Procurement Agreement(GPA)
The procurement is covered by the Government Procurement Agreement: no
IV.2) Administrative information
IV.2.2) Time limit for receipt of tenders or requests to participate
Date: 2017-11-24 Local time: 12:00
IV.2.4) Languages in which tenders or requests to participate may be submitted:EN
IV.2.7) Conditions for opening tenders
Date: 2017-11-24 Local time: 12:30
Section VI: Complementary information
VI.1) Information about recurrence:
This is a recurrent procurement: no
VI.2) Information about electronic workflows
VI.4) Procedures for review
VI.4.1) Review body
Official name: The High Court
Postal address: The Strand
Town: London
Country: United Kingdom
VI.5) Date of dispatch of this notice:2017-10-18