Sample RFP









Contact Us


Services Menu


Services Main
Small Business Services
Enterprise Services
Product Development
Advertise on FirstVPN
Customer Examples
Sample RFP


Sample Request for Proposal


The following document illustrates the elements commonly found in a request for proposal specifically for VPN equipment and services. It is available in Microsoft Word and Adobe PDF formats.

VPN Request for Proposal

VPN Request for Proposal






[Company] wishes to acquire a commercially available virtual private network (VPN) installation to meet its growing communications and changing technological needs.

It is the purpose of this Request for Proposal (RFP) to determine the vendor and networking equipment that will best accommodate the current and future needs of [Company].

Vendors are invited to propose alternative solutions to the specifications contained in this RFP. The alternative should clearly state the technical and functional advantages and disadvantages of the VPN system in comparison with the proposed alternative.


[Company background, business operations, and infrastructure (number of sites, WAN connections, number and OS of servers, number and OS of workstations, projected growth in number of sites and bandwidth needs).]


[Company] desires to exercise a strict control over long distance expenditures and wants to set a standard networking model for our future locations. Therefore [Company] requires a network environment, which is globally, centrally manageable, scalable to future needs and is capable of supporting roaming workers.

[Company] also desires to reduce the Cost of Ownership of our existing WAN.

The proposed VPN must support current operational LAN's and must be able to expand to meet increasing space and growing staffing requirements at geographically spread locations. [Company] also wants to consult with their customers and their vendors on possible implementations of supply-chain VPN implementations.



1.1 Owner: [Company]
[Company Address]

[Company Phone]
[Company Fax]
[Company Website]

1.2 Premises: (New/existing) construction will be utilized for [Company] operations. For (new) construction an equipment room will be supplied to the VPN vendor. For (existing) construction, each installation will be examined and, in as much as possible, existing space, conduit, and raceways will be used.

1.3 Scope, Quality of Work, Guarantee: The successful Vendor (if any is chosen) shall furnish all labor, materials, and equipment necessary to perform and complete the work called for in the specifications, plans, or other instructions attached to or referred to in the resultant contract. All work shall be done in a workmanlike manner by workmen skilled in their respective trades, and all materials furnished shall be new and the best of their respective kinds, unless otherwise specified. The work shall be completed within the time stated in the contract, but the successful Vendor shall not be liable for delays due to causes beyond his/her reasonable control. The successful Vendor will comply with the Owner's performance schedule unless the Owner formally declares and approves an extended time interval for work completion and system acceptance. The successful Vendor shall be held to repair or replace, at his/her expense, any equipment or materials found to be defective within one (1) year (if originally proposed) from the date of system cutover.

1.4 Compliance with Laws, Permits: The successful Vendor shall comply with all local, state, and Federal rules, regulations, ordinances, codes, and laws relating to the work or the conduct thereof and shall secure and pay for any permits and licenses necessary for the execution of the work.

1.5 Reservation: This RFP does not commit Owner to pay any costs incurred in the preparation of proposals. Furthermore, Owner reserves the right to accept or reject any or all proposals or any part of a proposal.

1.6 Liability Insurance: Vendor shall agree to maintain General Liability Insurance, Worker's Compensation, and Employer's Liability Insurance to cover all its personnel engaged in the performance of the services herein described, as well as damages arising as a result of the performance of such services. Vendor further agrees to require its subcontractor(s), if any, to maintain General Liability Insurance, Worker's Compensation, and Employer's Liability Insurance. The amount of such coverage shall be as reasonably determined by the owner.

1.7 Owner to Provide: Owner shall provide appropriate environmental conditions, necessary commercial power facilities for the system, access to the premises, a secure equipment storage area, and suitable conditions for the Vendor's workers.

1.8 Manufacturer's Authorized Representative: To be considered, any person, firm or corporation responding to this RFP must be the manufacturer's authorized dealer with manufacturer certified technicians capable of installing and maintaining the product proposed.



1.0 Scope

1.1 The following technical and functional specifications describe the VPN.

1.2 In addition to basic VPN equipment, the system shall include VPN security devices, wire and cable, distribution frames, and all other necessary ancillary equipment. The following paragraphs list features which shall be supplied as a minimum. Equivalent or features over and above those stated may be noted in the Vendor's response.

1.3 The VPN equipment shall be new and must be able to provide centrally managed VPN security of distributed sites. The VPN equipment shall also be of the current standard production of the manufacturer at the time of the proposal. The Vendor is required to supply the latest version of software, providing all the features enumerated in this specification, at the time of contract award. The equipment must be an off?the?shelf type compatible with other VPN vendor equipment.

1.4 The VPN under consideration will be acquired based on one supplier providing the total system including installation, operational training, and follow?on maintenance for the period of the contract. The contract will be for a complete operational system. The Vendor will be responsible for interfacing their equipment to the local network and [Company's] designated carrier(s). The Vendor shall also guarantee the equipment is certified/registered for direct connection to the public switched network.


2.0 Technical Specifications

2.1 NAT (LAT) or PAT

Each host of [Company's] existing network is privately addressed. Remote workers should be able to use their static assigned address on every possible location. To the public Internet, every address should be translated.

2.2 VPN-tunneling

The successful vendor shall propose the latest commercial available and cross-platform compatible tunneling protocol. The vendor shall ensure the compliance with local encryption policies and foreign governments and minimize weaker security policies.

2.3 Internet direct access

Direct Internet access from every local network and/or for every remote worker should be manageable on a central and secure/auditable manner.

2.4 SNMP

The proposed VPN should be able to be centrally managed by an SNMP manager station (like for instance HP-OpenView).

2.5 SMTP and POP

[ISP] hosts our mail server for in-bound and out-bound mail. After the VPN implementation, [Company] intents to develop its own internal SMTP-mail distribution. [Company] also intends to centralize their POP-mail after VPN implementation.

2.6 HTTP and FTP

[ISP] hosts our home page. Internal as well as external (to the public Internet) FTP sessions should be possible.

2.7 DMZ

The proposed VPN should be configurable to make use of a DMZ to let [Company] exploit their (future) eCommerce server.

2.8 VPN management

Provide centrally managed VPN connections of distributed sites.

2.9 Security management

Tiered management with separated access/auditing controls is highly desirable. The geographical distributed firewalls should be centrally manageable.

2.10 LDAP

Provide user authentication within existing and future framework of NT-domains to enable a single user logon.

2.11 Application prioritization

Vendor's proposed solution should contain an application prioritization protocol. This would allow [Company] to prioritize applications run over the VPN implementation.

2.12 Remote users communication method

Remote workers should be able to choose among analog, ISDN, xDSL, cable, or wireless connections.

2.13 Local ISP's

Roaming users should be able to connect, as much as possible, to the nearest ISP-POP by a 'local-zone' call connection establishment.

2.14 Multi-homed VPN equipment

The VPN tunnel end points need to be multi-homed. (See 2.1)


3.0 Functional Specifications

3.1 Transparency to users

Remote workers should experience the connection to the VPN as a single click connection (connect through the Internet and start the tunnel with one click).

3.2 Roaming

If possible, remote workers should be presented with the possibility to choose the local ISP-POP.

3.3 Performance report

The proposed VPN management system should be able to conduct, on a monthly basis, a performance analysis of the total VPN.

3.4 Quality of Service

Vendors should explain besides Quality of Service, the possibility of a helpdesk agreement between [Company] IT staff and Vendor's call center.

3.5 Education of users and IT personal

Vendor should indicate the availability of end user training. The vendor should also state the terms and conditions to train average network administrators to VPN administrators. The vendor should also indicate if classes are available to train someone to the level of security administrator.

3.6 Bandwidth management

CIR (committed information rate) is to be agreed on and guaranteed by the successful vendor. [Company] desires to manage the use of bandwidth. [Company] must be able to report the bandwidth usage on an intermediate time interleave and to prioritize protocols and/or applications.

3.7 Fault resilience

The vendor shall state its network availability and the fault resilience.

3.8 Scalability

The successful vendor shall state the scalability of the VPN equipment as well as the scalability of the bandwidth.

3.9 Maintenance

The vendor shall propose maintenance contracts including a hardware as well as software upgrade path.



4.1 Optical fiber

Possible optical fiber connections should be compatible with local available standards.

4.2 UTP

Every connection to the local network should be UTP (or better) and 10/100 MB (or faster), but compatible with resisting infrastructure.

4.3 Power supply

Power connectors should be in range with the country specific specifications.



Please provide pricing information and notes with as much detail as possible. For software provide estimated cost of hardware platform, if applicable. Please follow the following guidelines below for pricing as applicable:

5.1 Currency

The pricing information should be denominated in US dollars.

5.2 Line Item Pricing of Components

Every individual component should be offered with its own individual price.

5.3 Telecommunications costs

Telecommunication costs should be in subdivision per country and must reflect communication costs for the main access line as well as a basic cost for remote connections.

5.4 Labor, supplies, and other applicable fees

All should be supplied in cost per unit (cost/day; cost/hour).

5.5 Hourly cost for support

For the support contract there should be a clear definition on the costs per call/incident, the cost for availability of support personnel.

5.6 Client licenses additional to this RFP

The successful vendor shall clearly define the additional costs if any.



The Vendor shall provide one full year warranty against defects in material and workmanship from time of system acceptance of the installed system. Warranty shall include all parts and labor required honoring the warranty.



7.1 Maintenance

A. Maintenance is to be provided on a complete service basis. Maintenance costs, other than those covered under warranty, shall be listed separately from the cost of equipment and shall include the costs of all parts and labor. The initial maintenance contract will be for a one-year period starting at the conclusion of the warranty service period. The one-year maintenance cost must be included as a separate cost in the basic offering.

B. The Vendor's response shall indicate if Vendor plans to provide total system maintenance or subcontract the system maintenance or any part thereof. In the event the use of subcontract maintenance is planned, the offeror shall indicate what portion(s) of the system maintenance will be provided by the subcontractor and shall furnish proof of an agreement or that a tentative agreement has been negotiated with the subcontractor to provide maintenance on the proposed system. The Vendor shall also provide sufficient documentation that indicates the subcontractor is properly trained and has been certified by the equipment manufacturer to provide maintenance on the proposed system or any part thereof.

C. Maintenance will include coordination with the local IT company concerning operation of CO trunks or network access trunks and access devices. This coordination will include the resolution of problems involving the local telephone company's circuitry and will be a part of the Vendor's warranty service and maintenance contract responsibilities as Owner's agent.

7.2 Emergency Maintenance

It is preferred that every VPN component be integrated with an SNMP based UPS system.



8.1 Training

The Vendor shall provide a minimum of 2 hours of station user instruction on premises for [Company's] personnel on the features and operation of the installed VPN. Class scheduling shall be coordinated with [Company's] designated representative.

8.2 Drawings


A set of "as installed" reproducible drawings of equipment and the cable distribution system shall be developed by the Vendor and provided in accordance with the delivery schedule set forth in the contract.

8.3 Technical Practices

One set of technical practices for the VPN components and station equipment, including a parts listing by manufacturer's nomenclature, shall also be provided in accordance with the delivery schedule set forth in the contract.

8.4 Recommended Spare Parts

The Vendor shall provide a manufacturer's recommended spare parts list in accordance with the delivery schedule set forth in the contract.

8.5 Contractual Support Agreement

The Vendor shall have a commitment from the manufacturer for parts supply, maintenance, and manufacturing field support, including software, for a three-year period. This commitment shall be included in accordance with the delivery schedule set forth in the contract.

8.6 Absence of Specifications

The absence of specifications regarding system installation details implies that best general practices will prevail and that first quality material and workmanship will be applied. Certification standards, when available, for the to-be-installed equipment and materials, will prevail.

8.7 Coordination with Telephone Company

All coordination of the system shall be the responsibility of the Vendor.

8.8 System Cutover

The system shall be installed and tested acceptance within the number of days after date of contract award set forth in the contract.

8.9 Testing of the Installed VPN

The system shall, as a minimum, be tested as follows: The installed VPN must demonstrate its capability of providing the services enumerated in the contract. Test equipment required for demonstration would be Vendor provided. Vendor will also provide documented test results.

8.10 Vendor's Response to Each Specific Paragraph

Vendor shall respond to the system requirements by at least listing each paragraph/subparagraph, its title and the Vendor's response. The Vendor's response must be explained in detail and shall indicate compliance and how the offeror proposes to satisfy each requirement.

8.11 Exceptions

The Vendor must state specific paragraph terms and conditions to which the Vendor takes exception. The Vendor shall state the exact requirement to which exception is taken. Any additional costs associated with an exception must be identified and included in the pricing section.



The Owner will provide the site preparation necessary to house the VPN equipment. The physical, environmental, and electrical specifications of the equipment room are to be considered within the normal standards of a computer room.

Vendor's additional requirements must be noted in the Vendor's response to the specifications. Vendor's site preparation requirements in addition to or less than those provided herein will be evaluated for cost.



10.1 Purchase Option

A. Total VPN system purchase cost including equipment and installation costs must be identified as a separate line item.
B. Provide cost for maintenance for the one-year period following warranty.

10.2 Lease Option

VPN system monthly recurring cost shall be for a system installed in accordance with the specification for an initial lease term of 3 years.

10.3 Lease?Purchase

Same as paragraph 10.2; however, at the end of the specified lease period, title will pass to customer.



11.1 System Requirements

Vendor shall respond to each paragraph and subparagraph of SECTION D, SYSTEM REQUIREMENTS.

11.2 Maintenance Staffing

Vendor shall provide information on the number of certified technicians on its staff to service the VPN equipment.

11.3 Escalation Procedures

Vendor will furnish a chart, which shows the escalation procedures to be followed to resolve problems or procedures.

11.4 Preventative Maintenance

Vendor shall list the type and frequency of preventive maintenance procedures that will be provided under warranty and included in Vendor's maintenance contract.

11.5 Remote Maintenance and Diagnostic Testing

Vendor shall list the type, capabilities and frequency of these procedures.

11.6 Technical Support

Vendor shall provide information on the type of technical support, who will provide the technical support and the hours when technical support will be available.

11.7 Service Area

Vendor shall supply the name, street address, city, state, zip code, and telephone number of Vendor's local service centers. Indicate the distance from this local service center to Owner's facility in kilometers and driving time.

11.8 Contact for Maintenance

Vendor shall indicate whom the Owner's coordinator will contact to obtain service for the VPN equipment.

11.9 Maintenance Response Time

Vendor shall list the response time and the availability of emergency and routine maintenance.

11.10 Dispatching of Technicians for Requests for Maintenance


Vendor shall provide the methods used to dispatch technical staff to respond to Owner's calls for service.

11.11 Maintenance Records

Vendor shall indicate the type of maintenance records maintained and the location of these records.

11.12 Spare Parts

Vendor shall supply information on the geographical location of replacement spare parts and indicate the distance from this parts depot to Owner's facility in kilometers and driving time. In addition, list the emergency back up location for spare parts and indicate the distance from that location to Owner's facility in kilometers and driving time or the time required to get parts from that depot to Owner's facility.

11.13 Disaster

Vendors shall indicate if disaster equipment is available, its location and the time required to ship it from its location to Owner's facility.

11.14 System Implementation Schedule

Vendor shall provide a total system implementation plan for the project.

11.15 Trainers or Instructors

Vendor shall supply information relating to the number of trainers, their years of training experience and whether the manufacturer of the equipment certifies them.

11.16 Training

Vendor shall provide data on the IT-staff training, including class size, length of training class session, number of students per class, the training techniques to be employed, any materials to be provided for IT-personnel and other information which will help evaluate Vendor's training techniques.

11.17 References

Vendor shall supply the following information about a minimum of three VPN installations, completed in the past three years having approximately the same configuration setup. Include the name of the owner, complete address, name and phone number of the owner representative familiar with the VPN system, and date installation was completed.



Owner agrees to accept reasonable licensing terms and conditions related to any proprietary computer software required to be delivered under the terms of any contract resulting from this RFP.



13.1 Data encryption

Is the VPN equipment capable of handling Triple DES encryption, 56-bit independent keys?

13.2 IPv6

What is the compliancy of the vendors proposed VPN-equipment to IPv6 (IETF RFC2460)?

13.3 Mobile IP

Does the possibility exist to implement RFC2002, which describes IP mobility support for Remote workers?

13.4 LAN-on-Demand

Is the proposed VPN Lan-on-demand capable?

13.5 Policy based management

Is the VPN equipment capable of policy-based management?



1.1 Submission

The proposals, in two (2) copies, shall be submitted in a sealed envelope and delivered in person, by courier or by Mail by the time and to the place noted below:

Time: _____ CST
Date: _________

Location: [Company]
[Reply Address]
[City, State, Zip]

Telephone: [Reply Contact phone]
Attention: [Reply Contact Name]
E-mail: [Reply Contact email Address]

1.2 Exhibits and Documentation

A. The Vendor shall respond to this RFP by supplying a cover letter, completing, and returning the responses to SECTION D, SYSTEM REQUIREMENTS and EXHIBIT A of this RFP. The award will be based on the stated criteria, which shall be used to identify the responsible Vendor whose system most nearly satisfies the overall specifications. The Vendor will also submit with its proposal its most current financial statements.

B. Vendor shall include in its response technical and physical specifications, with visual representations, for the systems proposed.



Besides the Total VPN Purchase Price the vendor shall provide a pricing on required hardware and software broken down by product and number. The vendor shall also provide a pricing on client licenses in addition to those required by this RFP. A separate column shall indicate the telecommunication costs for leased lines, remote workers and CPE equipment if applicable. This column shall also include the labor, supplies, other applicable fees and maintenance and support contract costs.


home | research | products | services | news | downloads | company | partners | contact
Please contact our Webmaster with any questions or comments.
Copyright 2000 FirstVPN. All rights reserved.