Sample Request for Proposal
The following document illustrates the elements commonly found in a request for proposal specifically
for VPN equipment and services. It is available in Microsoft Word and Adobe PDF formats.
VPN Request for Proposal
97K WORD 2K
VPN Request for Proposal
REQUEST FOR PROPOSAL FOR [Company]
A. STATEMENT OF PURPOSE
[Company] wishes to acquire a commercially available virtual private network (VPN) installation to meet
its growing communications and changing technological needs.
It is the purpose of this Request for Proposal (RFP) to determine the vendor and networking equipment
that will best accommodate the current and future needs of [Company].
Vendors are invited to propose alternative solutions to the specifications contained in this RFP. The
alternative should clearly state the technical and functional advantages and disadvantages of the VPN
system in comparison with the proposed alternative.
B. BACKGROUND INFORMATION
[Company background, business operations, and infrastructure (number of sites, WAN connections, number
and OS of servers, number and OS of workstations, projected growth in number of sites and bandwidth
[Company] desires to exercise a strict control over long distance expenditures and wants to set a
standard networking model for our future locations. Therefore [Company] requires a network environment,
which is globally, centrally manageable, scalable to future needs and is capable of supporting roaming
[Company] also desires to reduce the Cost of Ownership of our existing WAN.
The proposed VPN must support current operational LAN's and must be able to expand to meet increasing
space and growing staffing requirements at geographically spread locations. [Company] also wants to
consult with their customers and their vendors on possible implementations of supply-chain VPN
C. INSTRUCTIONS TO VENDORS
1.1 Owner: [Company]
1.2 Premises: (New/existing) construction will be utilized for [Company] operations. For (new)
construction an equipment room will be supplied to the VPN vendor. For (existing) construction, each
installation will be examined and, in as much as possible, existing space, conduit, and raceways will be
1.3 Scope, Quality of Work, Guarantee: The successful Vendor (if any is chosen) shall furnish all
labor, materials, and equipment necessary to perform and complete the work called for in the
specifications, plans, or other instructions attached to or referred to in the resultant contract. All
work shall be done in a workmanlike manner by workmen skilled in their respective trades, and all
materials furnished shall be new and the best of their respective kinds, unless otherwise specified. The
work shall be completed within the time stated in the contract, but the successful Vendor shall not be
liable for delays due to causes beyond his/her reasonable control. The successful Vendor will comply with
the Owner's performance schedule unless the Owner formally declares and approves an extended time interval
for work completion and system acceptance. The successful Vendor shall be held to repair or replace, at
his/her expense, any equipment or materials found to be defective within one (1) year (if originally
proposed) from the date of system cutover.
1.4 Compliance with Laws, Permits: The successful Vendor shall comply with all local, state, and
Federal rules, regulations, ordinances, codes, and laws relating to the work or the conduct thereof and
shall secure and pay for any permits and licenses necessary for the execution of the work.
1.5 Reservation: This RFP does not commit Owner to pay any costs incurred in the preparation of
proposals. Furthermore, Owner reserves the right to accept or reject any or all proposals or any part of a
1.6 Liability Insurance: Vendor shall agree to maintain General Liability Insurance, Worker's
Compensation, and Employer's Liability Insurance to cover all its personnel engaged in the performance of
the services herein described, as well as damages arising as a result of the performance of such services.
Vendor further agrees to require its subcontractor(s), if any, to maintain General Liability Insurance,
Worker's Compensation, and Employer's Liability Insurance. The amount of such coverage shall be as
reasonably determined by the owner.
1.7 Owner to Provide: Owner shall provide appropriate environmental conditions, necessary commercial
power facilities for the system, access to the premises, a secure equipment storage area, and suitable
conditions for the Vendor's workers.
1.8 Manufacturer's Authorized Representative: To be considered, any person, firm or corporation
responding to this RFP must be the manufacturer's authorized dealer with manufacturer certified
technicians capable of installing and maintaining the product proposed.
D. SYSTEM REQUIREMENTS
1.1 The following technical and functional specifications describe the VPN.
1.2 In addition to basic VPN equipment, the system shall include VPN security devices, wire and cable,
distribution frames, and all other necessary ancillary equipment. The following paragraphs list features
which shall be supplied as a minimum. Equivalent or features over and above those stated may be noted in
the Vendor's response.
1.3 The VPN equipment shall be new and must be able to provide centrally managed VPN security of
distributed sites. The VPN equipment shall also be of the current standard production of the manufacturer
at the time of the proposal. The Vendor is required to supply the latest version of software, providing
all the features enumerated in this specification, at the time of contract award. The equipment must be an
off?the?shelf type compatible with other VPN vendor equipment.
1.4 The VPN under consideration will be acquired based on one supplier providing the total system
including installation, operational training, and follow?on maintenance for the period of the contract.
The contract will be for a complete operational system. The Vendor will be responsible for interfacing
their equipment to the local network and [Company's] designated carrier(s). The Vendor shall also
guarantee the equipment is certified/registered for direct connection to the public switched network.
2.0 Technical Specifications
2.1 NAT (LAT) or PAT
Each host of [Company's] existing network is privately addressed. Remote workers should be able to use
their static assigned address on every possible location. To the public Internet, every address should be
The successful vendor shall propose the latest commercial available and cross-platform compatible
tunneling protocol. The vendor shall ensure the compliance with local encryption policies and foreign
governments and minimize weaker security policies.
2.3 Internet direct access
Direct Internet access from every local network and/or for every remote worker should be manageable on
a central and secure/auditable manner.
The proposed VPN should be able to be centrally managed by an SNMP manager station (like for instance
2.5 SMTP and POP
[ISP] hosts our mail server for in-bound and out-bound mail. After the VPN implementation, [Company]
intents to develop its own internal SMTP-mail distribution. [Company] also intends to centralize their
POP-mail after VPN implementation.
2.6 HTTP and FTP
[ISP] hosts our home page. Internal as well as external (to the public Internet) FTP sessions should be
The proposed VPN should be configurable to make use of a DMZ to let [Company] exploit their (future)
2.8 VPN management
Provide centrally managed VPN connections of distributed sites.
2.9 Security management
Tiered management with separated access/auditing controls is highly desirable. The geographical
distributed firewalls should be centrally manageable.
Provide user authentication within existing and future framework of NT-domains to enable a single user
2.11 Application prioritization
Vendor's proposed solution should contain an application prioritization protocol. This would allow
[Company] to prioritize applications run over the VPN implementation.
2.12 Remote users communication method
Remote workers should be able to choose among analog, ISDN, xDSL, cable, or wireless connections.
2.13 Local ISP's
Roaming users should be able to connect, as much as possible, to the nearest ISP-POP by a 'local-zone'
call connection establishment.
2.14 Multi-homed VPN equipment
The VPN tunnel end points need to be multi-homed. (See 2.1)
3.0 Functional Specifications
3.1 Transparency to users
Remote workers should experience the connection to the VPN as a single click connection (connect
through the Internet and start the tunnel with one click).
If possible, remote workers should be presented with the possibility to choose the local ISP-POP.
3.3 Performance report
The proposed VPN management system should be able to conduct, on a monthly basis, a performance
analysis of the total VPN.
3.4 Quality of Service
Vendors should explain besides Quality of Service, the possibility of a helpdesk agreement between
[Company] IT staff and Vendor's call center.
3.5 Education of users and IT personal
Vendor should indicate the availability of end user training. The vendor should also state the terms
and conditions to train average network administrators to VPN administrators. The vendor should also
indicate if classes are available to train someone to the level of security administrator.
3.6 Bandwidth management
CIR (committed information rate) is to be agreed on and guaranteed by the successful vendor. [Company]
desires to manage the use of bandwidth. [Company] must be able to report the bandwidth usage on an
intermediate time interleave and to prioritize protocols and/or applications.
3.7 Fault resilience
The vendor shall state its network availability and the fault resilience.
The successful vendor shall state the scalability of the VPN equipment as well as the scalability of
The vendor shall propose maintenance contracts including a hardware as well as software upgrade path.
4.0 CABLING REQUIREMENTS
4.1 Optical fiber
Possible optical fiber connections should be compatible with local available standards.
Every connection to the local network should be UTP (or better) and 10/100 MB (or faster), but
compatible with resisting infrastructure.
4.3 Power supply
Power connectors should be in range with the country specific specifications.
5.0 COST JUSTIFICATION
Please provide pricing information and notes with as much detail as possible. For software provide
estimated cost of hardware platform, if applicable. Please follow the following guidelines below for
pricing as applicable:
The pricing information should be denominated in US dollars.
5.2 Line Item Pricing of Components
Every individual component should be offered with its own individual price.
5.3 Telecommunications costs
Telecommunication costs should be in subdivision per country and must reflect communication costs for
the main access line as well as a basic cost for remote connections.
5.4 Labor, supplies, and other applicable fees
All should be supplied in cost per unit (cost/day; cost/hour).
5.5 Hourly cost for support
For the support contract there should be a clear definition on the costs per call/incident, the cost
for availability of support personnel.
5.6 Client licenses additional to this RFP
The successful vendor shall clearly define the additional costs if any.
The Vendor shall provide one full year warranty against defects in material and workmanship from time
of system acceptance of the installed system. Warranty shall include all parts and labor required honoring
A. Maintenance is to be provided on a complete service basis. Maintenance costs, other than those
covered under warranty, shall be listed separately from the cost of equipment and shall include the costs
of all parts and labor. The initial maintenance contract will be for a one-year period starting at the
conclusion of the warranty service period. The one-year maintenance cost must be included as a separate
cost in the basic offering.
B. The Vendor's response shall indicate if Vendor plans to provide total system maintenance or
subcontract the system maintenance or any part thereof. In the event the use of subcontract maintenance is
planned, the offeror shall indicate what portion(s) of the system maintenance will be provided by the
subcontractor and shall furnish proof of an agreement or that a tentative agreement has been negotiated
with the subcontractor to provide maintenance on the proposed system. The Vendor shall also provide
sufficient documentation that indicates the subcontractor is properly trained and has been certified by
the equipment manufacturer to provide maintenance on the proposed system or any part thereof.
C. Maintenance will include coordination with the local IT company concerning operation of CO trunks or
network access trunks and access devices. This coordination will include the resolution of problems
involving the local telephone company's circuitry and will be a part of the Vendor's warranty service and
maintenance contract responsibilities as Owner's agent.
7.2 Emergency Maintenance
It is preferred that every VPN component be integrated with an SNMP based UPS system.
8.0 GENERAL REQUIREMENTS
The Vendor shall provide a minimum of 2 hours of station user instruction on premises for [Company's]
personnel on the features and operation of the installed VPN. Class scheduling shall be coordinated with
[Company's] designated representative.
A set of "as installed" reproducible drawings of equipment and the cable distribution system
shall be developed by the Vendor and provided in accordance with the delivery schedule set forth in the
8.3 Technical Practices
One set of technical practices for the VPN components and station equipment, including a parts listing
by manufacturer's nomenclature, shall also be provided in accordance with the delivery schedule set forth
in the contract.
8.4 Recommended Spare Parts
The Vendor shall provide a manufacturer's recommended spare parts list in accordance with the delivery
schedule set forth in the contract.
8.5 Contractual Support Agreement
The Vendor shall have a commitment from the manufacturer for parts supply, maintenance, and
manufacturing field support, including software, for a three-year period. This commitment shall be
included in accordance with the delivery schedule set forth in the contract.
8.6 Absence of Specifications
The absence of specifications regarding system installation details implies that best general practices
will prevail and that first quality material and workmanship will be applied. Certification standards,
when available, for the to-be-installed equipment and materials, will prevail.
8.7 Coordination with Telephone Company
All coordination of the system shall be the responsibility of the Vendor.
8.8 System Cutover
The system shall be installed and tested acceptance within the number of days after date of contract
award set forth in the contract.
8.9 Testing of the Installed VPN
The system shall, as a minimum, be tested as follows: The installed VPN must demonstrate its capability
of providing the services enumerated in the contract. Test equipment required for demonstration would be
Vendor provided. Vendor will also provide documented test results.
8.10 Vendor's Response to Each Specific Paragraph
Vendor shall respond to the system requirements by at least listing each paragraph/subparagraph, its
title and the Vendor's response. The Vendor's response must be explained in detail and shall indicate
compliance and how the offeror proposes to satisfy each requirement.
The Vendor must state specific paragraph terms and conditions to which the Vendor takes exception. The
Vendor shall state the exact requirement to which exception is taken. Any additional costs associated with
an exception must be identified and included in the pricing section.
9.0 SITE PREPARATION
The Owner will provide the site preparation necessary to house the VPN equipment. The physical,
environmental, and electrical specifications of the equipment room are to be considered within the normal
standards of a computer room.
Vendor's additional requirements must be noted in the Vendor's response to the specifications. Vendor's
site preparation requirements in addition to or less than those provided herein will be evaluated for
10.0 PROCUREMENT OPTIONS
10.1 Purchase Option
A. Total VPN system purchase cost including equipment and installation costs must be identified as a
separate line item.
B. Provide cost for maintenance for the one-year period following warranty.
10.2 Lease Option
VPN system monthly recurring cost shall be for a system installed in accordance with the specification
for an initial lease term of 3 years.
Same as paragraph 10.2; however, at the end of the specified lease period, title will pass to customer.
11.0 EVALUATION CRITERIA
11.1 System Requirements
Vendor shall respond to each paragraph and subparagraph of SECTION D, SYSTEM REQUIREMENTS.
11.2 Maintenance Staffing
Vendor shall provide information on the number of certified technicians on its staff to service the VPN
11.3 Escalation Procedures
Vendor will furnish a chart, which shows the escalation procedures to be followed to resolve problems
11.4 Preventative Maintenance
Vendor shall list the type and frequency of preventive maintenance procedures that will be provided
under warranty and included in Vendor's maintenance contract.
11.5 Remote Maintenance and Diagnostic Testing
Vendor shall list the type, capabilities and frequency of these procedures.
11.6 Technical Support
Vendor shall provide information on the type of technical support, who will provide the technical
support and the hours when technical support will be available.
11.7 Service Area
Vendor shall supply the name, street address, city, state, zip code, and telephone number of Vendor's
local service centers. Indicate the distance from this local service center to Owner's facility in
kilometers and driving time.
11.8 Contact for Maintenance
Vendor shall indicate whom the Owner's coordinator will contact to obtain service for the VPN
11.9 Maintenance Response Time
Vendor shall list the response time and the availability of emergency and routine maintenance.
11.10 Dispatching of Technicians for Requests for Maintenance
Vendor shall provide the methods used to dispatch technical staff to respond to Owner's calls for
11.11 Maintenance Records
Vendor shall indicate the type of maintenance records maintained and the location of these records.
11.12 Spare Parts
Vendor shall supply information on the geographical location of replacement spare parts and indicate
the distance from this parts depot to Owner's facility in kilometers and driving time. In addition, list
the emergency back up location for spare parts and indicate the distance from that location to Owner's
facility in kilometers and driving time or the time required to get parts from that depot to Owner's
Vendors shall indicate if disaster equipment is available, its location and the time required to ship
it from its location to Owner's facility.
11.14 System Implementation Schedule
Vendor shall provide a total system implementation plan for the project.
11.15 Trainers or Instructors
Vendor shall supply information relating to the number of trainers, their years of training experience
and whether the manufacturer of the equipment certifies them.
Vendor shall provide data on the IT-staff training, including class size, length of training class
session, number of students per class, the training techniques to be employed, any materials to be
provided for IT-personnel and other information which will help evaluate Vendor's training techniques.
Vendor shall supply the following information about a minimum of three VPN installations, completed in
the past three years having approximately the same configuration setup. Include the name of the owner,
complete address, name and phone number of the owner representative familiar with the VPN system, and date
installation was completed.
12.0 SOFTWARE AGREEMENT
Owner agrees to accept reasonable licensing terms and conditions related to any proprietary computer
software required to be delivered under the terms of any contract resulting from this RFP.
13.0 ADDITIONAL QUESTIONS
13.1 Data encryption
Is the VPN equipment capable of handling Triple DES encryption, 56-bit independent keys?
What is the compliancy of the vendors proposed VPN-equipment to IPv6 (IETF RFC2460)?
13.3 Mobile IP
Does the possibility exist to implement RFC2002, which describes IP mobility support for Remote
Is the proposed VPN Lan-on-demand capable?
13.5 Policy based management
Is the VPN equipment capable of policy-based management?
E. SUBMISSION AND OPENING OF PROPOSALS
The proposals, in two (2) copies, shall be submitted in a sealed envelope and delivered in person, by
courier or by Mail by the time and to the place noted below:
Time: _____ CST
[City, State, Zip]
Telephone: [Reply Contact phone]
Attention: [Reply Contact Name]
E-mail: [Reply Contact email Address]
1.2 Exhibits and Documentation
A. The Vendor shall respond to this RFP by supplying a cover letter, completing, and returning the
responses to SECTION D, SYSTEM REQUIREMENTS and EXHIBIT A of this RFP. The award will be based on the
stated criteria, which shall be used to identify the responsible Vendor whose system most nearly satisfies
the overall specifications. The Vendor will also submit with its proposal its most current financial
B. Vendor shall include in its response technical and physical specifications, with visual
representations, for the systems proposed.
EXHIBIT A: SYSTEM PRICING
Besides the Total VPN Purchase Price the vendor shall provide a pricing on required hardware and
software broken down by product and number. The vendor shall also provide a pricing on client licenses in
addition to those required by this RFP. A separate column shall indicate the telecommunication costs for
leased lines, remote workers and CPE equipment if applicable. This column shall also include the labor,
supplies, other applicable fees and maintenance and support contract costs.