The URL can be used to link to this page

Res No 073-24-16178RESOLUTION NO. 073-24-16178 A RESOLUTION OF THE MAYOR AND CITY COMMISSION OF THE CITY OF SOUTH MIAMI, FLORIDA, AUTHORIZING THE CITY MANAGER TO NEGOTIATE AND ENTER INTO A MULTI-YEAR AGREEMENT WITH COMPUQUIP TECHNOLOGIES, LLC FOR THE PURCHASE OF A FORTINET FIREWALL APPLIANCE UTILIZING THE TERMS AND CONDITIONS OF THE NATIONAL COOPERATIVE PURCHASING ALLIANCE (NCPA)/OMNIA PARTNERS CONTRACT PURSUANT TO REQUEST FOR PROPOSALS NO. 40-22, FOR A THREE-YEAR TERM; PROVIDING FOR IMPLEMENTATION, CORRECTIONS, AND EFFECTIVE DATE. WHEREAS, the City of South Miami (the "City") previously installed a Check Point firewall appliance in 2016, which was placed into service by the City's Information Technology provider, the Miami-Dade County Information Technology Department ("ITO''); and WHEREAS, the City's Police Department installed a Fortinet firewall appliance in 2022 that is compliant with Federal Information Processing Standards (FIPS), as mandated by the Criminal Justice & Information Services (CJIS), and managed by the Federal Bureau of Investigation (FBI) and the Florida Department of Law Enforcement (FDLE); and WHEREAS, although there is no ens requirement for the City, ITO recommends that the City replace the Check Point firewall appliance with a Fortinet firewall appliance to ensure that the entire City operates on a single firewall platform, enabling ITO to manage the City's firewall systems more effectively; and WHEREAS, Compuquip Technologies, LLC, an authorized reseller for Fortinet (the "Vendor"), has provided a quote for the Fortinet firewall appliance (the "Fortinet Firewall"), attached hereto as Exhibit "A," in the amount of$81,l l9.08 for a three-year term, and a one-time fee for deployment services in the amount of $13,000 as set forth in the quote attached hereto as Exhibit "B''; and WHEREAS, pursuant to Article III, Section 5 of the City Charter, and the City's Purchasing Policy adopted by ordinance as part of the 2023/2024 FY Budget, the City's bidding process may be conducted by making purchases through other governmental agencies that have followed competitive bidding procedures similar to the City's adopted procedures; and WHEREAS, the type of services contemplated by the City has been competitively bid through the National Cooperative Purchase Alliance (''NCPA''), an Omnia Partners Company, pursuant to Request for Proposals No. 40-22, which resulted in an agreement with the Vendor included in this agenda item (the "NCPA Contract"), based on competitive bidding procedures similar to the City's adopted procedures; and Page 1 of3 Res. No. 073-24-16178 WHEREAS, the Vendor has agreed to extend the terms and conditions of the NCP A Contract to the City; and WHEREAS, the City Commission desires to approve the purchase of the Fortinet Firewall from the Vendor in an amount not to exceed $81,119.08 for a three-year term and a one-time fee for deployment services in the amount of $13,000, consistent with the Quotes attached hereto as Exhibits ''N' and "B,>' respectively, and authorize the City Manager to negotiate and enter into an agreement with the Vendor, in substantially the form attached hereto as Exhibit "C" consistent with the Quotes and based on the terms and conditions of the NCPA Contract; and WHEREAS, the cost of the Fortinet Firewall will be charged to Account No. 001-1340- 513-4634 for FY 2024 -$27,039.68 and the balance each fiscal year thereafter: FY 2025 - $27,039.68, FY 2026 -$27,039.68, and a one-time fee for deployment services of$13,000 charged to FY 2024-2025, or such other funding source(s) as determined by the City Manager to be in the best interests of the City; and WHEREAS, the City Commission finds that this Resolution is in the best interest and welfare of the City. NOW, THEREFORE, BE IT RESOLVED BY THE CITY COMMISSION OF THE CITY OF SOUTH MIAMI, FLORIDA, AS FOLLOWS: Section 1. Recitals. The above-stated recitals are true and correct and are incorporated herein by this reference. Section 2. Approval of Purchase. The City Commission hereby authorizes the purchase of the Fortinet Firewall from the Vendor in an amount not to exceed $81,119.08 over a three-year term and a one-time fee for deployment services in the amount of $13,000, consistent with the Quotes attached hereto as Exhibits "A" and "B," respectively. Section 3. Authorization. The City Manager is hereby authorized to negotiate and enter into an agreement with the Vendor for the purchase of the Fortinet Firewall for a three-year term, in substantially the fonn attached hereto as Exhibit "C," consistent with the Quotes attached hereto as Exhibits "A" and "B," respectively, based on the terms and conditions of the NCPA Contract, subject to the City Attorney's approval as to form, content, and legal sufficiency. The City Manager is hereby authorized to charge the costs of the Fortinet Firewall to Account No. 001- 1340-513-4634 for FY 2024 -$27,039.68 and the balance each fiscal year thereafter: FY 2025 - $27,039.68, FY 2026-$27,039.68, andaone-timefeefor deployment services of$13,000 charged to FY 2024-2025, or such other funding source(s) as determined by the City Manager to be in the best interests of the City. Section 4. Implementation. The City Manager is authorized to take any and all actions necessary to implement the purposes of this Resolution. Page2 of3 Res. No. 073-24-16178 Section 5. Corrections. Conforming language or technical scrivener-type corrections may be made by the City Attorney for any conforming amendments to be incorporated into the final resolution for signature. Section 6. adoption. Effective Date. This Resolution shall become effective immediately upon PASSED AND ADOPTED this 4 th day of June, 2024. ATTEST: READ AND APPROVED AS TO FORM, LANGUAGE, LEGALITY AND EXECUTION THEREOF CITY ATTORNEY Page 3 of 3 APPROVED: ~~ MAYOR COMMISSION VOTE: Mayor Fernandez: Vi ce Mayor Bonich: Commissioner Calle: Commissioner Liebman : Commissioner Corey: 4-0 Yea Yea Yea Yea Absent Agenda Item No:7. City Commission Agenda Item Report Meeting Date: June 4, 2024 Submitted by: Steven Kulick Submitting Department: Finance Department Item Type: Resolution Agenda Section: Subject: A RESOLUTION OF THE MAYOR AND CITY COMMISSION OF THE CITY OF SOUTH MIAMI, FLORIDA, AUTHORIZING THE CITY MANAGER TO NEGOTIATE AND ENTER INTO A MULTI-YEAR AGREEMENT WITH COMPUQUIP TECHNOLOGIES, LLS FOR THE PURCHASE OF A FORTINET FIREWALL APPLIANCE UTILIZING THE TERMS AND CONDITIONS OF THE NATIONAL COOPERATIVE PURCHASING ALLIANCE (NCPA)/OMNIA PARTNERS CONTRACT PURSUANT TO REQUEST FOR PROPOSALS NO. 40-22, FOR A THREE-YEAR TERM; PROVIDING FOR IMPLEMENTATION, CORRECTIONS, AND EFFECTIVE DATE. 3/5 (CITY MANAGER) Suggested Action: Attachments: CM_Memo_Fortinet_Firewall_for_the_City.docx Resolution Approving Multi-Year Agreement with Compuquip Technologies LLC for Fortinet Firewall.DOCX Exhibit A - Quotation City of South Miami - Fortinet - FW (R1).pdf Exhibit B - Quotation City of South Miami - PS - Fortinet Deployment(R1).pdf Exhibit C - Cover Agreement Compuquip Technologies LLC.DOCX Fortinet_Response_Contract (1).pdf RFP No 40-22 IT_Security_and_Data_Protection_Solutions.pdf NCPA_01-154_CONTRACT__Reseller_Partner_List_-February_2024.pdf NCPA Wholly-Owned subsidary of Omnia Parnters.pdf Sun Biz Compuquip LLC.pdf Miami Herald Ad.pdf 1 CITY OF SOUTH MIAMI OFFICE OF THE CITY MANAGER INTER-OFFICE MEMORANDUM TO:The Honorable Mayor, Vice Mayor, and Members of the City Commission FROM:Genaro “Chip” Iglesias,City Manager DATE:June 4, 2024 SUBJECT:Fortinet Firewall Agreement ($81,119.08 over a 3-year period) RECOMMENDATION:Approval of the Fortinet firewall appliance agreement for the City, for a three (3) year term, purchased from Compuquip Technologies, LLC, an authorized reseller for Fortinet, onto a piggyback agreement from Omnia Partners Contract No. 01-154, a purchasing cooperative, replacing the current Check Point firewall appliance in the amount of $81,119.08 over a 3-year period. BACKGROUND: The City previously installed the Check Point firewall appliance in 2016 and was placed into service by the City’s IT provider, Miami-Dade County ITD. The South Miami Police Department however, installed a Fortinet firewall appliance in 2022 that is Federal Information Processing Standards (FIPS) compliant which is mandated by the Criminal Justice & Information Services (CJIS) and managed by the Federal Bureau of Investigation (FBI) and Florida Department of Law Enforcement (FDLE). While there is no CJIS requirement for the City, Miami-Dade County ITD is recommending the City replace the Check Point firewall appliance with a Fortinet appliance,so the entire City is on a single firewall appliance enabling Miami-Dade County ITD to manage the City’s firewall platforms more effectively. The Check Point firewall license expires December 2024. The purchase of the Fortinet appliance is from Compuquip Technologies, LLC, an authorized reseller of Fortinet under a piggyback agreement from Omnia Partners Contract No. 01-0154. The Omnia Partners contract expires November 30, 2025,with two (2) additional one (1) year renewal periods expiring November 30, 2027. The original solicitation,No. 40-22 for “IT Security Products and Data Protection Solutions,”was issued by the National Cooperative Purchase Alliance (NCPA)who was acquired by Omnia Partners as a wholly owned subsidiary in December 2022. The purchase of the Fortinet firewall appliance license shall be for a term of three (3) years and shall not exceed $81,119.08. As a comparison, the three-year cost for the Check Point firewall was $142,247.60, see below: 2 CITY OF SOUTH MIAMI OFFICE OF THE CITY MANAGER INTER-OFFICE MEMORANDUM Check Point Firewall Three-Year Costs FY2023-2024 $48,832.16 FY2022-2023 $46,707.72 FY2022-2023 $46,707.72 TOTAL $142,247.60 The Fortinet license provides 24-7 support and threat protection services. Compuquip will also provide deployment services for the coordination of the removal of the current Check Point firewall and installation of the Fortinet firewall appliance for a one-time cost of $13,000. Miami-Dade County ITD has reviewed and approved the Compuquip Technologies, LLC quotationand the equipment provided,ensuring that the devices meet the City’s firewall requirements. FUNDING:Not to exceed $81,119.08 over three (3) years for the Fortinet firewall appliance, (FY2024 - $27,039.68 and the balance each fiscal year thereafter: FY2025 - $27,039.68; FY2026 - $27,039.68) and a one-time fee for Deployment Services ($13,000) charged to Fiscal Year 2024-2025 account no. 001-1340-513-4634 ATTACHMENTS:Resolution Quotations from Compuquip Technologies, LLC Fortinet Response and Omnia Partners (NCPA) Contract #01-154. IT Security Products & Data Protection Solicitation No. 40-22 NCPA/Omnia Partners Contract No. 01-154 Authorized Reseller Listing Press Release Acquisition of NCPA by Omnia Partners, December 6, 2022 Sun Biz, Compuquip Technologies, LLC 3 I AGREEMENT BETWEEN THE CITY OF SOUTH MIAMI AND COMPUQUIP TECHNOLOGIES, LLC T HIS AGREE ,ENT (this "Agreement") is made effective as of the I 4 I day of JUNE _ , 2024 (the "Effective Date"), by and between the CITY OF SOUTH MIAMI, FLORIDA, a Florida municipal corporation (the "City"), and COMPUQUIP TECHNOLOGIES, LLC, a Florida limited liability company (the "Vendor"). Collectively, the City and the Vendor are referred to as the "Parties." WHEREAS, the City desires to utilize the Fortinet firewall appliance (the "Fortinet Firewall") for the City's cybersecurity needs; and WHEREAS, pursuant to Article III, Section 5 of the City Charter, the City may make purchases through other governmental agencies that have followed similar bidding procedures; and WHEREAS, Region 14 Education Service Center ("Region 14 ESC") on behalf of the National Cooperative Purchasing Alliance, an OMNIA Partners Company (the "NCPA"), issued RFP #40-22 requesting proposals for IT Security Products and Data Protection Solutions (the "RFP"); and WHEREAS, F011inet, Inc. ("Fortinet) provided a proposal in response to the competitive solicitation, which resulted in Contract Number 01-154 between Region 14 ESC on behalf of the NCPA and Fortinet for the IT Security Products and Data Protection Solutions, incorporating the proposal submitted in response to the RFP (the "NCPA Contract"), attached hereto as Exhibit "A"; and WHEREAS, the Vendor 1s an authorized reseller for Fortinet under the NCPA Contract; and WHEREAS, the Vendor has provided the City with a quote for the Fortinet Firewall and a quote for professional deployment services (collectively, the "Services"), based on the terms and conditions of the NCPA Contract, which quotes are attached hereto as composite Exhibit "B" (the "Quotes"); and WHEREAS, the Parties wish to incorporate the tenns and conditions of the NCP A Contract attached hereto as Exhibit "A," except as otherwise modified or amended herein; and WHEREAS, in accordance with Article III, Section 5 of the City Charter, the City wishes to enter into this Agreement with the Vendor for the Services in an amount not to exceed $81, I I 9.08, together with a one-time fee for professional deployment services in the amount of $13,000, for the period commencing on the Effective Date, through November 30, 2027, based on Page 1 of 6 the terms and conditions of the NCPA Contract attached hereto as Exhibit "A" and the Quotes attached hereto as composite Exhibit "B." NOW, THEREFORE, in consideration of the mutual covenants and conditions contained herein, the City and the Vendor agree as follows: 1. Incorporation of Contract. The terms and conditions of the NCPA Contract attached hereto as Exhibit "A" are incorporated as though fully set forth herein. Except as otherwise specifically set forth or modified herein, all terms in the NCPA Contract are hereby ratified and affirmed and shall remain unmodified and in full force and effect in accordance with its terms. 2. Defined Terms. All initial capitalized terms used in this Agreement shall have the same meaning as set forth in the NCPA Contract unless otherwise provided in this Agreement. All references to the "Region 14 Education Service Center" shall be replaced with the City of South Miami where applicable. 3. Term. The term of this Agreement shall commence on the Effective Date and shall continue through no later than November 30, 2027, unless earlier terminated. 4. Compensation. Compensation for the Services provided by the Vendor shall be in an amount not to exceed $81,119.08, together with a one-time fee for professional deployment services in the amount of $13,000, for the period commencing on the Effective Date and continuing through no later than November 30, 2027, based on the terms and conditions of the NCPA Contract attached hereto as Exhibit "A" and the Quotes attached hereto as composite Exhibit "B." 5. Indemnification. A. Vendor shall indemnify and hold harmless the City, its officers, agents and employees, from and against any and all demands, claims, losses, suits, liabilities, causes of action, judgment or damages, arising from Vendor's performance or non-performance of any provision of this Agreement, including, but not limited to, liabilities arising from contracts between the Vendor and third parties made pursuant to this Agreement. Vendor shall reimburse the City for all its expenses including reasonable attorneys' fees and costs incurred in and about the defense of any such claim or investigation and for any judgment or damages arising from Vendor's performance or non-performance of this Agreement. B. Nothing herein is intended to serve as a waiver of sovereign immunity by the City nor shall anything included herein be construed as consent to be sued by third parties in any matter arising out of this Agreement or any other contract. The City is subject to section 768.28, Florida Statutes, as may be amended from time to time. C. The provisions of this section shall survive termination of this Agreement. 6. Governing Law and Venue. This Agreement is made under, and in all respects, shall be interpreted, construed, enforced, and governed by and in accordance with the laws of the State of Florida. Venue for any legal action resulting from this Agreement shall lie solely in Miami Page 2 of 6 7. Termination. A. The City Manager, without cause, may terminate this Agreement upon five (5) calendar days written notice to the Vendor, or immediately with cause. B. Upon receipt of the City's written notice of termination, Vendor shall immediately stop work on the project unless directed otherwise by the City Manager. C. In the event of termination by the City, the Vendor shall be paid for all work accepted by the City Manager up to the date of termination, provided that the Vendor has first complied with the provisions of Section 18.6.4. D. The Vendor shall transfer all books, records, reports, working drafts, documents, maps, and data pertaining to the Services and the project to the City, in a hard copy and electronic format within fourteen (14) days from the date of the written notice of termination or the date of expiration of this Agreement. 8. Ownership and Access to Records and Audits. A. Vendor acknowledges that all inventions, innovations, improvements, developments, methods, designs, analyses, drawings, reports, compiled information, and all similar or related information (whether patentable or not) which relate to Services to the City which are conceived, developed or made by Vendor during the term of this Agreement ("Work Product") belong to the City. Vendor shall promptly disclose such Work Product to the City and perform all actions reasonably requested by the City (whether during or after the term of this Agreement) to establish and confirm such ownership (including, without limitation, assignments, powers of attorney and other instruments). B. Vendor agrees to keep and maintain public records in Vendor's possession or control in connection with Vendor's performance under this Agreement. The City Manager or her designee shall, during the term of this Agreement and for a period of three (3) years from the date of termination of this Agreement, have access to and the right to examine and audit any records of the Vendor involving transactions related to this Agreement. Vendor additionally agrees to comply specifically with the provisions of Section 119.070 l, Florida Statutes. Vendor shall ensure that public records that are exempt or confidential and exempt from public records disclosure requirements are not disclosed, except as authorized by law, for the duration of the Agreement, and following completion of the Agreement until the records are transferred to the City. C. Upon request from the City's custodian of public records, Vendor shall provide the City with a copy of the requested records or allow the records to be inspected or copied within a reasonable time at a cost that does not exceed the cost provided by Chapter 119, Florida Statutes, or as otherwise provided by law. D. Unless otherwise provided by law, any and all records, including but not limited to rep01ts, surveys, and other data and documents provided or created in connection with this Agreement are and shall remain the property of the City. Page 3 of 6 E. Upon completion of this Agreement or in the event of termination by either party, any and all public records relating to the Agreement in the possession of the Vendor shall be delivered by the Vendor to the City Manager, at no cost to the City, within seven (7) days. All such records stored electronically by Vendor shall be delivered to the City in a format that is compatible with the City's information technology systems. Once the public records have been delivered upon completion or termination of this Agreement, the Vendor shall destroy any and all duplicate public records that are exempt or confidential and exempt from public records disclosure requirements. F. Any compensation due to Vendor shall be withheld until all records are received as provided herein. G. Vendor's failure or refusal to comply with the provisions of this section shall result in the immediate termination of this Agreement by the City. H. Notice Pursuant to Section 119.0701(2)(a), Florida Statutes. IF THE CONTRACTOR HAS QUESTIONS REGARDING THE APPLICATION OF CHAPTER 119, FLORIDA STATUTES, TO THE CONTRACTOR'S DUTY TO PROVIDE PUBLIC RECORDS RELATING TO THIS AGREEMENT, CONTACT THE CUSTODIAN OF PUBLIC RECORDS: Nkenga "Nikki" Payne, CMC, FCRM, City Clerk, 6130 Sunset Drive, First Floor, South Miami, FL 33143, 305-663- 6340, npayne @ southmiamifl.gov . 9. Notices/Authorized Representatives. Any notices required by this Agreement shall be in writing and shall be deemed to have been properly given if transmitted by hand-delivery, by registered or certified mail with postage prepaid return receipt requested, or by a private postal service, addressed to the parties (or their successors) at the addresses listed on the signature page of this Agreement or such other address as the party may have designated by proper notice. 10. Public Entity Crimes Affidavit. Vendor shall comply with Section 287 .133, Florida Statutes (Public Entity Crimes Statute), notification of which is hereby incorporated herein by reference, including execution of any required affidavit. 11. Independent Contractor. The Vendor and its employees, volunteers and agents shall be and remain an independent contractor and not an agent or employee of the City with respect to all of the acts and services performed by and under the terms of this Agreement. This Agreement shall not in any way be construed to create a partnership, association or any other kind of joint undertaking, enterprise or venture between the parties. 12. Counterparts. This Agreement may be executed in several counterparts, each of which shall be deemed an original and such counterparts shall constitute one and the same instrument. 13. E-Verify Affidavit. In accordance with Section 448.095, Florida Statutes, the City requires all contractors doing business with the City to register with and use the E-Verify system to verify Page 4 of 6 the work authorization status of all newly hired employees. The City will not enter into a contract unless each party to the contract registers with and uses the E-Verify system. The contracting entity must provide of its proof of enrollment in E-Verify. For instructions on how to provide proof of the contracting entity's participation/enrollment in E-Verify, please visit: https:/ /www.e-verify .gov /fag/how-do-i-provide-proof-of-m y-participationenrollment-in-e- verify . By entering into this Agreement, the Vendor acknowledges that it has read Section 448.095, Florida Statutes; will comply with the E-Verify requirements imposed by Section 448.095, Florida Statutes, including but not limited to obtaining E-Verify affidavits from subcontractors; and has executed the required affidavit attached hereto and incorporated herein. 14. Conflicts; Order of Priority. This document without exhibits is referred to as the "Base Agreement." In the event of a conflict between the terms of this Base Agreement and any exhibits or attachments hereto, or any documents incorporated herein by reference, the conflict shall be resolved in the following order of priorities and the more stringent criteria for performance of the Services shall apply: A. First Priority: This Base Agreement; B. Second Priority: E-Verify Affidavit; C. Third Priority: Exhibit "A": the NCP A Contract; and D. Fourth Priority: Exhibit "B": the Vendor's Quote. (Remainder of Page Intentionally Left Blank. Signature Pages Follow.] Page 5 of 6 IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be executed the day and year as first stated above. CITY OF SOUTH MIAMI By:-'<:::=.L---1-~'----+~~--- COMPUOUIP TECHNOLOGIES, LLC ~'v .-~ By:~ -~f'' Gen City Mana Name: Eric Dosal Cl~~ '~ l..&i(ez. ~..>\.i C~\-f ~ Title: CEO --------------Attest: By: --+--1¥'~--------- Nkeng ' ayne, CMC, FCRM, City Clerk Approved as to Form and Legal Sufficiency: By: ~c+-"-.,.,._.'-'-"'--.:~..,,__.,.,.~c..._:_---- Weiss City Attorney Addresses for Notice: City of South Miami Attn: City Manager 6130 Sunset Drive, First Floor South Miami, FL 33143 305-668-2510 (telephone) chip@southmiamifl.gov (email) With a copy to: Weiss Serota Helfman Cole & Bierman, P.L. Attn: City of South Miami Attorney 2800 Ponce de Leon Boulevard, Suite 1200 Coral Gables, FL 33134 larango@wsh-law.com (email) Entity: Compuquip Addresses for Notice: Compuguip Technolo gies , LLC Attn: Luis Suarez 973 7 NW 41 s1 Street. Suite 786 Doral FL 33178 .,..,78=6'--'-6'"""'4~1---"-54..,_,3'-'-7 _______ (telephone) ~78~6~-5~1~3-~4=63~3 _______ (email) With a copy to: __________ (telephone) ___________ (email) Page 6 of 6 E-VERIFY AFFIDAVIT In accordance with Section 448.095, Florida Statutes, the City requires all contractors doing business with the City to register with and use the E-Verify system to verify the work authorization status of all newly hired employees. The City will not enter into a contract unless each party to the contract registers with and uses the E-Verify system. The contracting entity must provide of its proof of enrollment in E-Verify. For instructions on how to provide proof of the contracting entity's participation/enrollment in E-Verify, please visit: htt ps://www.e-verify .gov /fa q/how-do-i-provide-proof-of-m y-partici pationenrollment-in-e-verify By signing below, the contracting entity acknowledges that it has read Section 448.095, Florida Statutes and will comply with the E-Verify requirements imposed by it, including but not limited to obtaining E-Verify affidavits from subcontractors. □ Check here to confirm proof of enrollment in E-Verify has been attached to this Affidavit. In the presence of: Signed, sealed and delivered by: Witness #1 Print Name: _______ _ Print Name: ___________ _ Title: --------------- Witness #2 Print Name: --------Entity Name: ___________ _ ACKNOWLEDGMENT State of Florida County of ______ _ The foregoing instrument was acknowledged before me by means of □ physical presence or 0 online notarization, this __ day of ___________ , 20 _, by ______ _ ______ (name of person) as ______________ (type of authority) for ___________ (name of party on behalf of whom instrument is executed). Notary Public (Print , Stamp , or Type as Commissioned) ___ Personally known to me; or ___ Produced identification (Type of Identification: _____________ ) ___ Did take an oath; or Did not take an oath --- EXHIBIT ''A" NCPA CONTRACT (OMNIA PARNTERS) PROPOSAL SUBMITTED To: Region 14 Education Service Center and The National Cooperative Purchasing Alliance IN RESPONSE To: RFP#40-22 IT Security Products and Data Protection Solutions SUBMITTED BY: FORTINET, INC. 899 Kifer Road Sunnyvale, California 94086-5205 www .fortinet.com ..... 1· . . . . . . . . . . . . . . . . . . . . . . ----• ■ a ■ ■ ■ ■ I ■ ■ ■ ■ ■ ■ ............. ·---- FOREWORD Fortinet, Inc. is pleased to respond to this Request for Proposal (RFP) for IT Security Products and Data Protection Solutions issued by the Texas Region 14 Education Service Center (ESC) on behalf of the National Cooperative Purchasing Alliance (NCPA). Forti net is one of the world's top cybersecurity brands, delivering broad, integrated, and automated protection to enable organizations to securely accelerate their digital journey. We rank number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses. For over 20 years, Fo1tinet's mission has been to secure people, devices, and data. Fortinet has been the driving force in the evolution of cybersecurity and the convergence of networking and security. Fortinet's network security solutions are the most deployed, most patented, and among the most validated in the industry. Fortinet secures the largest enterprises, service providers, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network-today and into the future. We appreciate the opportunity to submit this response and in the event we are awarded a contract, we look forward to working with the Region 14 ESC and NCPA. In keeping with the RFP instructions, our proposal consists of the following information: Tabs Tab 1 -Master Agreement I Signature Form Tab 2 -NCPA Administration Agreement Tab 3 -Vendor Questionnaire Tab 4 -Vendor Profile Tab 5 -Products and Services / Scope Tab 6 -References Tab 7 -Pricing Tab 8 -Value Added Products and Services Tab 9 -Required Documents Should you have any questions about our proposal, please do not hesitate to contact me. Best regards, Jerilyn Bailey Public Sector Contracts Manager F :::RTlnET Phone: (850) 728-6504 I Email: bai/e_1j a.fort111et co111 TAB 1 MASTER AGREEMENT -GENERAL TERMS AND CONDITIONS Customer Support The vendor shall provide timely and accurate technical advice and sales support. The vendor shall respond to such requests within one (1) working day after receipt of the request. Disclosures Respondent affirms that he/she has not given, offered to give, nor intends to give at any time hereafter any economic opportunity, future employment, gift, loan, gratuity, special discount, trip, favor or service to a public servant in connection with this contract. The respondent affirms that, to the best of his/her knowledge, the offer has been arrived at independently, and is submitted without collusion with anyone to obtain information or gain any favoritism that would in any way limit competition or give an unfair advantage over other vendors in the award of this contract. Renewal of Contract Unless otherwise stated, all contracts are for a period of three (3) years with an option to renew for up to two (2) additional one-year terms or any combination of time equally not more than 2 years if agreed to by Region 14 ESC and the vendor. Funding Out Clause Any/all contracts exceeding one (1) year shall include a standard "funding out" clause. A contract for the acquisition, including lease, of real or personal property is a commitment of the entity's current revenue only, provided the contract contains either or both of the following provisions: Retains to the entity the continuing right to terminate the contract at the expiration of each budget period during the term of the contract and is conditioned on a best efforts attempt by the entity to obtain appropriate funds for payment of the contract. Shipments (if applicable) The awarded vendor shall ship ordered products within seven (7) working days for goods available and within four (4) to six (6) weeks for specialty items after the receipt of the order unless modified. If a product cannot be shipped within that time, the awarded vendor shall notify the entity placing the order as to why the product has not shipped and shall provide an estimated shipping date. At this point the participating entity may cancel the order if estimated shipping time is not acceptable. Tax Exempt Status Since this is a national contract, knowing the tax laws in each state is the sole responsibility of the vendor. Payments The entity using the contract will make payments directly to the awarded vendor or their affiliates (distributors/business partners/resellers) as long as written request and approval by NCPA is provided to the awarded vendor. Adding Authorized Distributors/Dealers Awarded vendors may submit a list of distributors/partners/resellers to sell under their contract throughout the life of the contract. Vendor must receive written approval from NCPA before such distributors/partners/resellers considered authorized. Purchase orders and payment can only be made to awarded vendor or distributors/ business partners/resellers previously approved by NCPA. Pricing provided to members by added distributors or dealers must also be less than or equal to the pricing offered by the awarded contract holder. All distributors/partners/resellers are required to abide by the Terms and Conditions of the vendor's agreement with NCPA. Pricing All pricing submitted shall include the administrative fee to be remitted to NCPA by the awarded vendor. It is the awarded vendor's responsibility to keep all pricing up to date and on file with NCPA. All deliveries shall be freight prepaid, F.O.B. destination and shall be included in all pricing offered unless otherwise clearly stated in writing Warranty Proposal should address the following warranty information: • Applicable warranty and/or guarantees of equipment and installations including any conditions and response time for repair and/or replacement of any components during the warranty period. • Availability of replacement parts • Life expectancy of equipment under normal use • Detailed information as to proposed return policy on all equipment Products: Vendor shall provide equipment, materials and products that are new unless otherwise specified, of good quality and free of defects Construction: Vendor shall perform services in a good and workmanlike manner and in accordance with industry standards for the service provided. Safety Vendors performing services shall comply with occupational safety and health rules and regulations. Also all vendors and subcontractors shall be held responsible for the safety of their employees and any conditions that may cause injury or damage to persons or property. Permits Since this is a national contract, knowing the permit laws in each state is the sole responsibility of the vendor. Indemnity The awarded vendor shall protect, indemnify, and hold harmless Region 14 ESC and its participants, administrators, employees and agents against all claims, damages, losses and expenses arising out of or resulting from the actions of the vendor, vendor employees or vendor subcontractors in the preparation of the solicitation and the later execution of the contract. Franchise Tax The respondent hereby certifies that he/she is not currently delinquent in the payment of any franchise taxes. Supplemental Agreements The entity participating in this contract and awarded vendor may enter into a separate supplemental agreement to further define the level of service requirements over and above the minimum defined in this contract i.e. invoice requirements, ordering requirements, specialized delivery, etc. Any supplemental agreement developed as a result of this contract is exclusively between the participating entity and awarded vendor. Certificates of Insurance Certificates of insurance shall be delivered to the Public Agency prior to commencement of work. The insurance company shall be licensed in the applicable state in which work is being conducted. The awarded vendor shall give the participating entity a minimum of ten (10) days notice prior to any modifications or cancellation of policies. The awarded vendor shall require all subcontractors performing any work to maintain coverage as specified. Legal Obligations It is the Respondent's responsibility to be aware of and comply with all local, state, and federal laws governing the sale of products/services identified in this RFP and any awarded contract and shall comply with all while fulfilling the RFP. Applicable laws and regulation must be followed even if not specifically identified herein. Protest A protest of an award or proposed award must be filed in writing within ten (10) days from the date of the official award notification and must be received by 5:00 pm CST. Protests shall be filed with Region 14 ESC and shall include the following: • Name, address and telephone number of protester • Original signature of protester or its representative • Identification of the solicitation by RFP number • Detailed statement of legal and factual grounds including copies of relevant documents and the form of relief requested Any protest review and action shall be considered final with no further formalities being considered. Force Majeure If by reason of Force Majeure, either party hereto shall be rendered unable wholly or in part to carry out its obligations under this Agreement then such party shall give notice and full particulars of Force Majeure in writing to the other party within a reasonable time after occurrence of the event or cause relied upon, and the obligation of the party giving such notice, so far as it is affected by such Force Majeure, shall be suspended during the continuance of the inability then claimed, except as hereinafter provided, but for no longer period, and such party shall endeavor to remove or overcome such inability with all reasonable dispatch. The term Force Majeure as employed herein, shall mean acts of God, strikes, lockouts, or other industrial disturbances, act of public enemy, orders and regulation of any kind of government of the United States or any civil or military authority; insurrections; riots; epidemics; pandemic; landslides; lighting; earthquake; fires; hurricanes; storms; floods; washouts; droughts; arrests; restraint of government and people; civil disturbances; explosions, breakage or accidents to machinery, pipelines or canals, or other causes not reasonably within the control of the party claiming such inability. It is understood and agreed that the settlement of strikes and lockouts shall be entirely within the discretion of the party having the difficulty, and that the above requirement that any Force Majeure shall be remedied with all reasonable dispatch shall not require the settlement of strikes and lockouts by acceding to the demands of the opposing party or parties when such settlement is unfavorable in the judgment of the party having the difficulty Prevailing Wage It shall be the responsibility of the Vendor to comply, when applicable, with the prevailing wage legislation in effect in the jurisdiction of the purchaser. It shall further be the responsibility of the Vendor to monitor the prevailing wage rates as established by the appropriate department of labor for any increase in rates during the term of this contract and adjust wage rates accordingly. Termination Either party may cancel this contract in whole or in part by providing written notice. The cancellation will take effect 30 business days after the other party receives the notice of cancellation. After the 30th business day all work will cease following completion of final purchase order. Open Records Policy Because Region 14 ESC is a governmental entity responses submitted are subject to release as public information after contracts are executed. If a vendor believes that its response, or parts of its response, may be exempted from disclosure, the vendor must specify page-by-page and line-by-line the parts of the response, which it believes, are exempt. In addition, the respondent must specify which exception(s) are applicable and provide detailed reasons to substantiate the exception(s). The determination of whether information is confidential and not subject to disclosure is the duty of the Office of Attorney General (OAG). Region 14 ESC must provide the OAG sufficient information to render an opinion and therefore, vague and general claims to confidentiality by the respondent are not acceptable. Region 14 ESC must comply with the opinions of the OAG. Region14 ESC assumes no responsibility for asserting legal arguments on behalf of any vendor. Respondent are advised to consult with their legal counsel concerning disclosure issues resulting from this procurement process and to take precautions to safeguard trade secrets and other proprietary information. PROCESS Region 14 ESC will evaluate proposals in accordance with, and subject to, the relevant statutes, ordinances, rules, and regulations that govern its procurement practices. NCPA will assist Region 14 ESC in evaluating proposals. Award(s) will be made to the prospective vendor whose response is determined to be the most advantageous to Region 14 ESC, NCPA, and its participating agencies. To qualify for evaluation, response must have been submitted on time, and satisfy all mandatory requirements identified in this document. Contract Administration The contract will be administered by Region 14 ESC. The National Program will be administered by NCPA on behalf of Region 14 ESC. Contract Term The contract term will be for three (3) year starting from the date of the award. The contract may be renewed for up to two (2) additional one-year terms or any combination of time equally not more than 2 years. It should be noted that maintenance/service agreements may be issued for up to (5) years under this contract even if the contract only lasts for the initial term of the contract. NCPA will monitor any maintenance agreements for the term of the agreement provided they are signed prior to the termination or expiration of this contract. Contract Waiver Any waiver of any provision of this contract shall be in writing and shall be signed by the duly authorized agent of Region 14 ESC. The waiver by either party of any term or condition of this contract shall not be deemed to constitute waiver thereof nor a waiver of any further or additional right that such party may hold under this contract. Price Increases Should it become necessary, price increase requests may be submitted at any point during the term of the contract by written amendment. Included with the request must be documentation and/or formal cost justification for these changes. Requests will be formally reviewed, and if justified, the amendment will be approved. Products and Services Additions New Products and/or Services may be added to the resulting contract at any time during the term by written amendment, to the extent that those products and/or services are within the scope of this RFP. Competitive Range It may be necessary for Region 14 ESC to establish a competitive range. Responses not in the competitive range are unacceptable and do not receive further award consideration. Deviations and Exceptions Deviations or exceptions stipulated in response may result in disqualification. It is the intent of Region 14 ESC to award a vendor's complete line of products and/or services, when possible. Estimated Quantities While no minimum volume is guaranteed, the estimated (but not limited to) annual volume for Products and Services purchased under the proposed Master Agreement is $50 million dollars annually. This estimate is based on the anticipated volume of Region 14 ESC and current sales within the NCPA program. Evaluation Region 14 ESC will review and evaluate all responses in accordance with, and subject to, the relevant statutes, ordinances, rules and regulations that govern its procurement practices. NCPA will assist the lead agency in evaluating proposals. Recommendations for contract awards will be based on multiple factors, each factor being assigned a point value based on its importance. Formation of Contract A response to this solicitation is an offer to contract with Region 14 ESC based upon the terms, conditions, scope of work, and specifications contained in this request. A solicitation does not become a contract until it is accepted by Region 14 ESC. The prospective vendor must submit a signed Signature Form with the response thus, eliminating the need for a formal signing process. Contract award letter issued by Region 14 ESC is the counter-signature document establishing acceptance of the contract. NCPA Administrative Agreement The vendor will be required to enter and execute the National Cooperative Purchasing Alliance Administration Agreement with NCPA upon award with Region 14 ESC. The agreement establishes the requirements of the vendor with respect to a nationwide contract effort. Clarifications/Discussions Region 14 ESC may request additional information or clarification from any of the respondents after review of the proposals received for the sole purpose of elimination minor irregularities, informalities, or apparent clerical mistakes in the proposal. Clarification does not give respondent an opportunity to revise or modify its proposal, except to the extent that correction of apparent clerical mistakes results in a revision. After the initial receipt of proposals, Region 14 ESC reserves the right to conduct discussions with those respondent's whose proposals are determined to be reasonably susceptible of being selected for award. Discussions occur when oral or written communications between Region 14 ESC and respondent's are conducted for the purpose clarifications involving information essential for determining the acceptability of a proposal or that provides respondent an opportunity to revise or modify its proposal. Region 14 ESC will not assist respondent bring its proposal up to the level of other proposals through discussions. Region 14 ESC will not indicate to respondent a cost or price that it must meet to neither obtain further consideration nor will it provide any information about other respondents' proposals or prices. Multiple Awards Multiple Contracts may be awarded as a result of the solicitation. Multiple Awards will ensure that any ensuing contracts fulfill current and future requirements of the diverse and large number of participating public agencies. Past Performance Past performance is relevant information regarding a vendor's actions under previously awarded contracts; including the administrative aspects of performance; the vendor's history of reasonable and cooperative behavior and commitment to customer satisfaction; and generally, the vendor's businesslike concern for the interests of the customer. EVALUATION CRITERIA Pricing (40 points) Electronic Price Lists • Products, Services, Warranties, etc. price list • Prices listed will be used to establish both the extent of a vendor's product lines, services, warranties, etc. available from a particular bidder and the pricing per item. Ability to Provide and Perform the Required Services for the Contract (25 points) • Product Delivery within participating entities specified parameters • Number of line items delivered complete within the normal delivery time as a percentage of line items ordered. • Vendor's ability to perform towards above requirements and desired specifications. • Past Cooperative Program Performance • Quantity of line items available that are commonly purchased by the entity. • Quality of line items available compared to normal participating entity standards. References and Experience (20 points) • A minimum of ten (10) customer references for product and/or services of similar scope dating within past 3 years • Respondent Reputation in marketplace • Past Experience working with public sector. • Exhibited understanding of cooperative purchasing Value Added Products/Services Description, (8 points) • Additional Products/Services related to the scope of RFP • Marketing and Training • Minority and Women Business Enterprise (MWBE) and (HUB) Participation • Customer Service Technology for Supporting the Program (7 points) • Electronic on-line catalog, order entry use by and suitability for the entity's needs • Quality of vendor's on-line resources for NCPA members. • Specifications and features offered by respondent's products and/or services F ::: RTI nET: TAB 1 SIGNATURE FORM The undersigned hereby proposes and agrees to furnish goods and/or services in strict compliance with the terms, specifications and conditions at the prices proposed within response unless noted in writing. The undersigned further certifies that he/she is an officer of the company and has authority to negotiate and bind the company named below and has not prepared this bid in collusion with any other Respondent and that the contents of this proposal as to prices, terms or conditions of said bid have not been communicated by the undersigned nor by any employee or agent to any person engaged in this type of business prior to the official opening of this proposal. Prices are guaranteed: 120 days Fortinet , Inc. Company Name 899 Kifer Road Address Sunnyvale California 94086 City State Zip (850) 728-6504 N/A Telephone Number Fax Number baileyj@fortinet.com Email Address Jerilyn Bailey Public Sector Contracts Manager Printed Name Position Authorized Si gnature F :::RTlnEr:, TAB2 NCPA ADMINISTRATION AGREEMENT This Administration Agreement is made as of December 1 , 2022 between National Cooperative Purchasing Alliance ("NCPA") and Fortinet, Inc. ("Vendor"). Recitals WHEREAS, Region 14 ESC has entered into a certain Master Agreement dated , by and December 1, 2022 , referenced as Contract Number 01-154 , by and between Region 14 ESC and Vendor, as may be amended from time to time in accordance with the terms thereof (the "Master Agreement"), for the purchase of IT Security Products and Data Protection Solutions; WHEREAS, said Master Agreement provides that any state, city, special district, local government, school district, private K-12 school, technical or vocational school, higher education institution, other government agency or nonprofit organization (hereinafter referred to as "public agency" or collectively, "public agencies") may purchase products and services at the prices indicated in the Master Agreement; WHEREAS, NCPA has the administrative and legal capacity to administer purchases under the Master Agreement to public agencies; WHEREAS, NCPA serves as the administrative agent for Region 14 ESC in connection with other master agreements offered by NCPA WHEREAS, Region 14 ESC desires NCPA to proceed with administration of the Master Agreement; WHEREAS, NCPA and Vendor desire to enter into this Agreement to make available the Master Agreement to public agencies on a national basis; NOW, THEREFORE, in consideration of the payments to be made hereunder and the mutual covenants contained in this Agreement, NCPA and Vendor hereby agree as follows: General Terms and Conditions • The Master Agreement, attached hereto as Exhibit 1 and incorporated herein by reference as though fully set forth herein, and the terms and conditions contained therein shall apply to this Administration Agreement except as expressly changed or modified by this Administration Agreement. • NCPA shall be afforded all of the rights, privileges and indemnifications afforded to Region 14 ESC under the Master Agreement, and such rights, privileges and indemnifications shall accrue and apply with equal effect to NCPA under this Administration Agreement including, but not limited to, Contractor's obligation to provide appropriate insurance and certain indemnifications to Region 14 ESC. • Contractor shall perform all duties, responsibilities and obligations required under the Master Agreement in the time and manner specified by the Master Agreement. • NCPA shall perform all of its duties, responsibilities, and obligations as administrator of purchases under the Master Agreement as set forth herein, and Contractor acknowledges that NCPA shall act in the capacity of administrator of purchases under the Master Agreement. • With respect to any purchases made by Region 14 ESC or any Participating Agency pursuant to the Master Agreement, NCPA (a) shall not be construed as a dealer, re- marketer, representative, partner, or agent of any type of Contractor, Region 14 ESC, or such Participating Agency, (b) shall not be obligated, liable or responsible (i) for any orders made by Region 14 ESC, any Participating Agency or any employee of Region 14 ESC or Participating Agency under the Master Agreement, or (ii) for any payments required to be made with respect to such order, and (c) shall not be obligated, liable or responsible for any failure by the Participating Agency to (i) comply with procedures or requirements of applicable law, or (ii) obtain the due authorization and approval necessary to purchase under the Master Agreement. NCPA makes no representations or guaranties with respect to any minimum purchases required to be made by Region 14 ESC, any Participating Agency, or any employee of Region 14 ESC or Participating Agency under this Administration Agreement or the Master Agreement. • With respect to any supplemental agreement entered into between a Participating Agency and Contractor pursuant to the Master Agreement, NCPA, its agents, members and employees shall not be made party to any claim for breach of such agreement. • This Administration Agreement supersedes any and all other agreements, either oral or in writing, between the parties hereto with respect to the subject matter hereof, and no other agreement, statement, or promise relating to the subject matter of this Administrative Agreement which is not contained herein shall be valid or binding. • Contractor agrees to allow NCPA to use their name and logo within website, marketing materials and advertisement. Any use of NCPA name and logo or any form of publicity regarding this Administration Agreement or the Master Agreement by Contractor must have prior approval from NCPA. • If any action at law or in equity is brought to enforce or interpret the provisions of this Administration Agreement or to recover any administrative fee and accrued interest, the prevailing party shall be entitled to reasonable attorney's fees and costs in addition to any other relief to which such party may be entitled. • Neither this Administration Agreement nor any rights or obligations hereunder shall be assignable by Contractor without prior written consent of NCPA, provided, however, that the Contractor may, without such written consent, assign this Administration Agreement and its rights and delegate its obligations hereunder in connection with the transfer or sale of all or substantially all of its assets or business related to this Administration Agreement, or in the event of its merger, consolidation, change in control or similar transaction. Any permitted assignee shall assume all assigned obligations of its assignor under this Administration Agreement. • This Administration Agreement and NCPA's rights and obligations hereunder may be assigned at NCPA's sole discretion, to an existing or newly established legal entity that has the authority and capacity to perform NCPA's obligations hereunder. Term of Agreement This Agreement shall be in effect so long as the Master Agreement remains in effect, provided, however, that the obligation to pay all amounts owed by Vendor to NCPA through the termination of this Agreement and all indemnifications afforded by Vendor to NCPA shall survive the term of this Agreement. Fees and Reporting The awarded vendor shall electronically provide NCPA with a detailed quarterly report showing the dollar volume of all sales under the contract for the previous quarter. Reports are due on the fifteenth (15th ) day after the close of the previous quarter. It is the responsibility of the awarded vendor to collect and compile all sales under the contract from participating members and submit one (1) report. The report shall include at least the following information as listed in the example below: Entity Name Zip Code State PO or Job# Sale Amount Total ----- Each quarter NCPA will invoice the vendor based on the total of sale amount(s) reported. From the invoice the vendor shall pay to NCPA an administrative fee based upon the tiered fee schedule below. Vendor's annual sales shall be measured on a calendar year basis. Deadline for term of payment will be included in the invoice NCPA provides. Annual Sales Through Contract 0 -$30,000,000 $30,000,001 -$50,000,000 $50,000,001 + Administrative Fee 2% 1.5% 1% Supplier shall maintain an accounting of all purchases made by Public Agencies under the Master Agreement. NCPA and Region 14 ESC reserve the right to audit the accounting for a period of four (4) years from the date NCPA receives the accounting. In the event of such an audit, the requested materials shall be provided at the location designated by Region 14 ESC or NCPA. In the event such audit reveals an under reporting of Contract Sales and a resulting underpayment of administrative fees, Vendor shall promptly pay NCPA the amount of such underpayment, together with interest on such amount and shall be obligated to reimburse NCPA's costs and expenses for such audit. UULU.:>1y11 C:.IIVt'IUfJt' IU. r..>..>..>J-\OJ-\"t-UO I l-+£OL-:.,::;n:.\.,-OC'+J-\ULUUOOV.l ACKNOWLEDGMENT OF CONTRACTOR REQUIREMENTS National Cooperative Purchasing Alliance Organization Matthew Mackel Name Director. Business Development Title PO Box 701273 Address Houston, TX 77270 Address Signature December 1 , 2022 Date Fortinet, Inc. Vendor Name John Whittle Name EVP of Corporate Development, Chief Legal Officer Title 899 Kifer Road Address Sunnyvale, CA 94086 Address GDocuSigned by: jbb, ~ 2FBD4ABC620f440 Signature 12/7/2022 Date DocuSigned by: .,,.... ... , (___ ::: \ \:'°a,¢,E-l .. _ .. ✓ 12 7 2022 F :::RTlnET: TAB3 VENDOR QUESTIONAIRE Please provide responses to the following questions that address your company's operations, organization, structure, and processes for providing products and services. Locations Covered • Bidder must indicate any and all locations where products and services can be offered. • Please indicate the price co-efficient for each location if it varies. 1K] All 50 States & District of Columbia (Selecting this box is equal to checking all boxes below) □Alabama D Illinois D Montana □ Rhode Island D Alaska D Indiana D Nebraska D South Carolina D Arizona Dlowa D Nevada D South Dakota D Arkansas D Kansas D New Hampshire D Tennessee D California D Massachusetts D New Jersey D Texas D Colorado D Michigan D New Mexico □ Utah D Connecticut D Minnesota D New York D Vermont D Delaware D Mississippi D North Carolina D Virginia □ D.C. D Missouri D North Dakota D Washington D Florida D Kentucky □Ohio D West Virginia D Georgia D Louisiana D Oklahoma D Wisconsin D Hawaii D Maine D Oregon D Wyoming □ Idaho D Maryland D Pennsylvania 1K] All U.S. Territories and Outlying Areas (Selecting this box is equal to checking all boxes below) D American Somoa D Federated States of Micrones □Guam D Northern Marina Island D Puerto Rico D U.S. Virgin Islands D Midway Islands lfil All Canada Provinces and Territories (Selecting this box is equal to checking all boxes below) 0 Alberta D British Columbia D Manitoba D New Brunswick D Newfoundland and Labrador D Nova Scotia D Ontario D Prince Edward Island D Quebec D Saskatchewan D Northwest Territories D Nunavut D Yukon If awarded a Master Agreement, will your company extend the terms offered in your Proposal to public agencies in Canada? If no or maybe, please explain. 1K] Yes D Maybe 0 No If awarded a Master Agreement, will your company extend the terms offered in your Proposal to private sector customers? D Yes D Maybe IB] No Minority and Women Business Enterprise (MWBE) and (HUB) Participation It is the policy of some entities participating in NCPA to involve minority and women business enterprises (MWBE) and historically underutilized businesses (HUB) in the purchase of goods and services. Respondents shall indicate below whether or not they are an M/WBE or HUB certified. D Minority/Women Business Enterprise Respondent Certifies that this firm a Minority/ Women Business Enterprise Small Business, MWBE and HUB Growth D Historically Underutilized Business Respondent Certifies that this firm is a Historically Underutilized Business If Proposer is a Large, National or Multinational Organization/Corporation, what programs are in place that partners or supports the growth of small and MWEB and HUB business? If yes, please describe. D N/A, we are a recognized small, MWEB or HUB organization D No, we do not have any programs in place. ~ Yes, we have programs in place. Residency Responding Company's principal place of business is in the city of-'Sc....;;u ___ n---n_,__yv_a-'1---e _____ _ State of California Felony Conviction Notice Please Check Applicable Box (If the 3rd box is checked, a detailed explanation of the names and convictions must be attached): Ix] A publicly held corporation; therefore, this reporting requirement is not applicable. D Is not owned or operated by anyone who has been convicted of a felony. D Is owned or operated by the following individual(s) who has/have been convicted of a felony Distribution Channel Which best describes your company's position in the distribution channel: D Manufacturer Direct D Certified education/government reseller D Authorized Distributor ~ Manufacturer marketing through reseller D Value-added reseller D Other: ----------------- Processing Contact Information Contact Person Title Company Address City/State/Zip Phone Email Pricing Information Jerilyn Bailey Public Sector Contracts Manager Fortinet, Inc. 899 Kifer Road Sunnyvale, CA 94086 (850) 728-6504 baileyj@fortint.com In addition to the current typical unit pricing furnished herein, the Vendor agrees to offer all future product introductions at prices that are proportionate to Contract Pricing. If answer is no, attach a statement detailing how pricing for NCPA participants would be calculated for future product introductions . Ix] Yes □ No Pricing submitted includes the required NCPA administrative fee. The NCPA fee is calculated based on the invoice price to the customer. I[] Yes 0 No F :::RTlnET: Response to RFP# 40-22 TAB 4 VENDOR PROFILE Please provide the following information about your company: • Company's official registered name. Our company's official registered name is Fortinet, Inc. • Brief history of your company, including the year it was established. Fortinet, headquartered in Sunnyvale, California, is a profitable and rapidly growing US company whose core competencies are cyber threat research; cybersecurity product research and development; and the design, implementation and support of integrated cybersecurity solutions based on our extensive portfolio of proprietary products. Fortinet was founded in 2000 by Ken Xie and is led by a strong management team with deep experience in networking and security. Fortinet is the only security leader to develop and build custom security processing unit (SPU) technology that offers the best perfonnance and value in the industry with Security Compute Ratings that are much higher than other vendors that offer software-oriented or CPU-driven approaches. Each day the Fortinet FortiGuard Labs use one of the most effective and proven artificial intelligence (AI) and machine learning systems in the industry to process and analyze more than 100 billion events daily, and send actionable real-time threat intelligence to customers. The Fortinet Security Fabric (Attachment l) is at the heart of the Fortinet security strategy that delivers security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. It is a platfonn organically built around a common operating system and management framework to enable broad visibility, seamless integration and interoperability between critical security elements, and granular control and automation. Fortinet has its products tested by the industry's most prominent and impartial third party performance and effectiveness testing organizations and our products have achieved consistent positive test results! Fortinet is commitment to cybersecurity innovation and excellence and Fortinet has been recognized as a LEADER three years in a row on four Gartner® Magic Quadrant™ reports. The Fortinet market position and solution effectiveness have been widely validated by industry analysts, independent testing labs, business organizations, and media outlets worldwide. Fortinet is proud to count the majority of Fortune 500 companies among its satisfied customers. See Fo1tinefs Corporate Brochure (Attachment 2) for additional information. ~ f • Year Founded ~ 200) Cu!itomers 595 ,000- Sunnyvale, CA!ttomla ~II Heodquarta,o Number of Employee, 11.508 Units Shipped to Dato 8.8M illl Flnanalal Hlghllghtn J1M9 c:•M.--tn-u..r1!a $1.03B $1.30B Ql 1011 a.a.... Stock Symbol FTNT Global Patents 1279 , ...... 247 •- F :::RTlnET: Response to RFP# 40-22 • Company's Dun & Bradstreet (D&B) number. Our D&B Number is 040806445. • Company's organizational chart of those individuals that would be involved in the contract. US SLED SALES I Felix Alvarez Director SLED Contracts Team I I I Jerilyn Bailey Amy lee RFP Response Contract Manager SLED Contracts Team SLED Contracts T earn • Corporate office location. c List the number of sales and services offices for states being bid in solicitation. If awarded a contract in response to this RFP , Fortinet's entire line of products and services will be available to NCP A customers in all 50 states, the District of Columbia, and in US territories. Fortinet sells its products and services through its established distribution channel that includes US-based distributors and resellers across the country. Fortinet provides pre-sales guidance and account management to our customers, distributors, and resellers through strategically placed district sales teams. SALES OFFICES COVERAGE North Central District ND, SD, NE, MN, IA, WI IL Ohio Valley District MI, IN, OH, KY New England District Upstate NY, VT, NH, ME, MA, CT, RI Northeast District PA, NJ, NYC, DE Mid-Atlantic District WV VA, TN NC SC Florida/ Georgia District FL,GA South Central District KS, MO, OK, AR, LA, MS, AL Texas District TX California District CA West District WA, OR, MT, ID, WY, NV, UT, CO, AZ, NM Great Lakes District WI, IL Fortinet supports its products and services through the following Regional Technical Assistance Centers and Supply Depots: OFFICES LOCATIONS Regional Technical Assistance Plano, Texas Ottawa, Ontario ON Canada Centers* Burnaby, BC Canada Supply Depots Fortinet maintains 35 hardware storage facilities worldwide and 200 regional equipment depots. Response to RFP# 40-22 * Fortmet uses a follow-the-sun model for technical ass is lance. Support will therefore be provided to NCPA customers from these North American centers during regular business hours and will roll Ol'er to TA Cs in other regions q(ter hours (except 111 the case o.l contracts/purchase orders that require supportfrom US TA Cs only ). o List the names of key contacts at each with title, address, phone and e-mail address. Responsibility Name and Contact Information Jerilyn Bailey RFP Response Public Sector Contracts Manager bailevi @fortinet.com Amy Lee Contract Management and Reporting Public Sector Contracts Manager leea @fortinet.com Contract Administration Fortinet SLED Contracts Team SLED Contracts(a}fortinet.com • Define your standard terms of payment. If awarded a contract in response to this RFP, customers will make payments directly to the Fortinet-approved distributor or reseller with whom the order was placed . Payment terms are net thirty (30) days from the date of the invoice . Late fees may be charged on all amounts not paid when due at the rate of one and one half percent ( 1.5%) per month or the highest rate permitted by law, whichever is lower. • Who is your competition in the marketplace? The table below provides infonnation on our competitors per segment within the market: Market See.ment Competitors Enterprise Firewalls Definition: Pwpose -b11ilt appliances for sec11ri11g e11te1prise networks. Able to s11pport single-• Palo Alto e11te1prise firewall deployments and large and/or complex deployments. Th e ability to provide • Check Point virtual versions for the data center is now an e.1pectatio11 as is the ability to deploy in cloud e11viro11me11ts . Unified Threat Management Devices Definition : M11ltifu11ctio11al network sec11rity products designed for small to m edium-size • Check Point organizations (JOO to 1,000 employees). Typical capabilities provided i11cl11de e11te1prise • Sophos firewall, intru sion prevention, remote access, sec11re web/email gateway, routing and wan co1111 ectivitv. • Barracuda . Checkpoint Next-Generation Firewall . Cisco Definition. Deep-packet inspection.firewalls that move beyond port/protocol inspection and • Forcepoint blocking to add application-level inspection, intrusion prevention, and to bring in intelligence • Palo Alto from outside the.firewall. • Sophos • SonicWall • WatchGuard Data Center Security Gateway (DCSG) Defi niti on. DCSGs protects data center servers and the applications that nm 011 them (i .e., web • Juniper sen•ers, mail servers, DNS servers, application servers, etc.)from potential threats. They converge data center.firewall and data center intrusion prevention system technologies and • Palo Alto pe1form access control and deep packet inspection to protect server applications from remote • Cisco attacks. Response to RFP# 40-22 Data Center Intrusion Protection Systems (DCIPS) Definition. Data center network security devices are deployed to protect servers and • Juniper applications hosted in the data center. Data center intrusion prevention systems (DC/PS) are deployed at critical points in the network. Their role is to idellfify and block sophisticated • McAfee threats against web servers, application servers, and database servers without false positives • Trend Micro or degradation of network pe1forma11ce. Breach Detection (or Advanced Threat Protection) Definition. These products provide enhanced detection of advanced ma/ware, zero-day attacks, • Trend Micro and targeted attacks that could bypass defenses such as next ge11eratio11firewalls, i11t111sio11 • Lastline prevention systems, intrusion detection systems, a11tivirusle11dpoi11t protection (i11cludi11g host • Check Point !PS), and secure web gateways. Web Application Firewalls • F5 Definition: Physical or virtual appliance to protect public and intemal web applications, • lmperva whether deployed 011 premise or remotely hosted. Should protect against a variety of attacks i11cl11di11,! injection attacks and atJtJlication-layer denial of service (DoS). • Akamai Wired and Wireless LAN Access Infrastructure • Riverbed Definition: This market segment consists of vendors supplying wired and wireless networking • Dell EMC hardware and software that enables devices to connect to the e11te1prise wired LAN or Wi-Fi • Juniper network. • New H3C • Sentinel One Advanced Endpoint Protection (AEP) • McAfee Definition: AEP products protect endpoints from a multitude of attack threat vectors targeting • Symantec a ve1y dynamic e11te1prise class endpoint attack swface. They should also be resistant to • Cylance evasion techniques and provide low false positive results. • Trend Micro • ESET • Provide Annual Sales for last 3 years broken out into the following categories: o Cities / Counties o K-12 o Higher Education o Other government agencies or nonprofit organizations • Provide the revenue that your organization anticipates each year for the first three (3) years of this agreement. Response to RFP# 40-22 • What differentiates your company from competitors? Fortinet offers the most cost effective networking and cyber security solutions in the market providing the best total cost per protected megabit of traffic as tested by independent sources such as NSS labs. Recognized as a leader by technology research firm Garter, Fortinet lowers total cost of ownership by integrating cyber security into all of our products and simplifying administration through near single-pane of glass management. With the added benefit of our integrated Forti Guard Services, Fortinet provides near real-time effectiveness to cyber threats by ensuring that all threats known and unknown can be identified and mitigated as close to the source and as quickly as possible. In summary, Fortinet products protect your entire digital attack surface more effectively, at lower total cost and can be managed more efficiently than any other product on the market today. • Describe how your company will market this contract if awarded. Fortinet provides marketing on its products and services throughout the sales lifecycle. Fortinet's marketing strategy is geared towards nurturing our relationships with our customers to grow business, lock in brand loyalty, and foster customer advocacy for our solutions. Fortinet has created marketing materials specifically geared toward public sector customers and intends to market the NCPA contract in a multitude of ways to reach our intended audience. Each of these avenues will promote awareness of the NCP A contract and highlight our products and services. Fortinet understands the importance of marketing NCPA contracts to public sector customers and during the life of the contract Forti net's marketing plan will include the following: l~I Website advertisement and social media awareness campaigns. ~ . General media exposure in various digital and print publications . ffi Sales team trainings to inform them of the contract and teach them how to promote the contract to our customers. i" Customer outreach activities from our sales team, within their respective areas of operation or vertical focus, to get our current customers acquainted with the NCPA contract. ~ Conference calls and webinars to inform and educate potential new customers on the value proposition of the NCPA contract. ••• Participation in advisory councils, sponsored regional events, and attendance at annual * public sector tradeshows to promote NCPA contract awareness. Fortinet will also provide support on marketing efforts executed by our authorized resellers. While each reseller will operate their own marketing program, Fortinet will assist its authorized resellers by providing in depth information on its products and will also outline the value proposition of the NCP A contract. • Describe how you intend to introduce NCPA to your company. Fortinet understands that effective communication to our sales team regarding the awarded NCPA contract is crucial to our success as a NCP A contract holder. Our SLED Contracts Team will take the lead on introducing the NCPA contract to Fortinet Sales Account Managers responsible for sales to the SLED market. This team will also introduce the contract to Channel Managers responsible for recruiting and supporting resellers who serve this market. Response to RFP# 40-22 Upon contract award, our SLED Contracts Team will utilize the following methods to introduce NCPA to our company: • Group Conference Calls • Training Webinars • Training Materials • Ongoing Contract Use Monitoring • Ongoing Contract Promotion • Describe your firm's capabilities and functionality of your on-line catalog / ordering website. Since Fortinet uses a channel model for sales, we do not have, nor do we intend to implement, an ordering website for the NCPA contract. What we do provide is our website (www .fortinet.com) that SLED customers can use to find detailed information on our products and services and to access technical support. In addition, we have a contracts site (www .fortinet.com/resources/sled- contracts-grants) within our website that will have a dedicated page for the NCPA contract that will provide information on how to use our NCPA contract and assists customers to connect with qualified and capable authorized resellers who serve their geographic market. • Describe your company's Customer Service Department (hours of operation, number of service centers, etc.) To provide effective support to a customer base that spans the globe, Fortinet has made it a priority to build a best-in class global infrastructure for technical assistance and warranty/maintenance support. This infrastructure features three global Centers of Expertise (COE) supplemented by regional Technical Assistance Centers (T ACs). It also includes 35 hardware storage facilities worldwide and 200 regional depots. This infrastructure provides the foundation for Forti Care Services (Attachment 3), the program through which we will provide support for products covered by warranty and, thereafter, maintenance support for products covered by a Forti Care maintenance plan. • Green Initiatives (if applicable) o As our business grows, we want to make sure we minimize our impact on the Earth's climate. We are taking every step we can to implement innovative and responsible environmental practices throughout NCPA to reduce our carbon footprint, reduce waste, energy conservation, ensure efficient computing and much more. To that effort we ask respondents to provide their companies environmental policy and/or green initiative. Fortinet is focused on reducing the environmental footprint of our customers by innovating highly efficient, integrated appliances and cloud-based security solutions. Product Design & Life Cycle Management: When it comes to our products, environmental sustainability is a top priority at the design stage and throughout the entire product lifecycle. This includes product energy use and efficiency, the safety of material inputs required for proper product operations (e.g., chemicals, water), ease of reuse and recycling, and proper disposal at the end of life. All of our products comply with all globally recognized product environmental compliance directives and regulations. We are also working to eliminate PVC from Product Packaging. Response to RFP# 40-22 Regarding compliance with the WEEE directive, Fortinet requires its distributors and resellers worldwide to perform an environmentally friendly, WEEE-compliant collection of discarded products at no charge to the user. Energy Management: Years of dedicated innovation and the development of the industry's only security-focused processors have allowed Fortinet to integrate multiple security and networking functions into a single, energy-efficient platform. This has resulted in appliances that use less power, space, and cooling. In addition, Fortinet's family of proprietary secure processor units (SPUs) are built for power and efficiency. As a result, Fortinet produces the most energy-efficient appliances in the industry, helping our customers and partners reduce their environmental footprint. These advanced security solutions consume as much as 3X fewer resources than traditional appliances, helping lower the ecological impact of data centers, which consume around 2% of all energy worldwide. Climate Change and Environmental Management: Fortinet takes its responsibility to the environment seriously. We have pledged to reduce our impact on climate change and have taken steps to mitigate our environmental footprint. From an operations standpoint, we are committed to driving an environmentally low impact business, including energy, air pollution, waste, and water, across our globally distributed offices, facilities, and data centers. This includes monitoring and managing our impact on the climate from owned operations and supply chains related to greenhouse gas emissions, energy efficiency, and renewable energy procurement; the ability to recover from and manage risks, such as the impact of more extreme weather events and natural disasters; and transition risks, such as the increasing cost of energy and customer expectations related to energy and emissions. Fortinet invests in renewable electricity and sustainable projects. All of Fo11inet's owned facilities around the world run on 100 % renewable electricity. Furthennore, Fortinet's recent headquarters expansion is a state-of-the-art 172,000-square-foot and LEED-Gold certified. This all electric, net-zero facility has implemented multiple energy efficiency measures including solar panels and radiant cooling, which uses 30 % less energy than a standard building and conserves 76,800 gallons of water annually. Fortinet also incentivizes employees at its headquarters to reduce their environmental footprint by providing onsite solar-powered EV Charging Stations, preferred parking spaces for sustainable energy vehicles, and installed bike racks. Fortinet works with supply chain and logistics service providers committed to ensuring the application and enforcement of environmental policies aimed at reducing air emissions and pollutions by promoting the use of clean fuels, transportation network optimization, and investing in fuel-saving technologies. We have local RMA depots in over 20 countries and central regional depots in North America, Europe, and Asia. These help us reduce transportation-related emissions by minimizing shipping distances and consolidating shipments, collecting defective products at centralized locations, performing local repairs, and recycling defective units in compliance with local regulations. • Anti-Discrimination Policy (if applicable) o Describe your organizations' anti-discrimination policy. At Fortinet we believe everyone should be treated equally regardless of race, sex, gender identification, sexual orientation, national origin, native language, religion, age, disability, marital status, citizenship, genetic information, pregnancy, or any other characteristic protected by law. In support of this Fortinet strives to provide a work environment where everyone can work F :::RTlnET: Response to RFP# 40-22 together comfortably and productively. Each individual has the right to work in a professional atmosphere that promotes equal opportunity and prohibits discriminatory practices, including sexual and other forms of prohibited harassment. Fortinet's anti-discrimination and anti- harassment policy prohibits all forms of harassment based on an individual's race, color, religion, sex (including pregnancy, childbirth, breastfeeding, and related medical condition), age, national origin, disability, sexual orientation, gender (including gender identity and expression), marital status (including registered domestic partnership status), civil union status, familial status, ancestry, physical or mental disability, medical condition, genetic information or traits, caregiver status, citizenship status, Civil Air Patrol status, military or veteran status, status as a victim of domestic violence, assault, or stalking, or any other characteristic protected by applicable federal, state, or local laws. This policies applies to all employees of Fortinet, including supervisors and managers, as well as to customers, partners, vendors, and any other third parties we do business with. • Vendor Certifications (if applicable) Provide a copy of all current licenses, registrations and certifications issued by federal, state and local agencies, and any other licenses, registrations or certifications from any other governmental entity with jurisdiction, allowing respondent to perform the covered services including, but not limited to, licenses, registrations, or certifications. Certifications can include M/WBE, HUB, and manufacturer certifications for sales and service. Fortinet is committed to innovation and excellence and we are our proud to meet and exceed a wide range of national, regional, and international requirements, and our solutions and services have earned the respect of independent third-party testing labs around the world. Forti net's submitted Product Certifications Brochure (Attachment 4) outlines the certifications our products have received and contains access to our Certifications Resource Center that serves as the repository for product compliance reports, certifications, and independent validation results. In addition to the product certifications outlined in our Product Certifications Brochure, we wish to make you aware of the following certifications: • ISO 9001 :2015, Quality Management System: the scope of this certificate covers the design, development, and manufacture of Network Security Products and the Delivery of Associated Security Services and Support. • Our price list includes selected products that are certified for compliance under the US National lnfonnation Assurance Program Common Criteria Evaluation and Validation Scheme (CCEVS). • Our price list includes selected products certified by the National Institute of Standards and Technology for compliance with FIPS 140-2, Security Requirements for Cryptographic Modules. F :::RTlnET: Response to RFP# 40-22 TAB 5 PRODUCTS AND SERVICES Respondent shall perform and provide these products and/or services under the terms of this agreement. The supplier shall assist the end user with making a determination of their individual needs. Fortinet's goal, if awarded a contract, is to establish a productive and mutually beneficial partnership with the Texas Region 14 ESC and NCPA. To accomplish this, Fortinet is proud to offer our entire line of products and services in response to this RFP and Fortinet agrees to work closely with customers utilizing the awarded contract to assist them in determining their individual needs for IT Security Products and Data Protection Solutions. Warranty Proposal should address the following warranty information: • Applicable warranty and/or guarantees of equipment and installations including any conditions and response time for repair and/or replacement of any components during the warranty period. • Availability of replacement parts • Life expectancy of equipment under normal use • Detailed information as to proposed return policy on all equipment Fortinet's submitted EULA and Warranty Tenns (Attachment 5) complies with this requirement. Products • Vendor shall provide equipment, materials and products that are new unless otherwise specified, of good quality and free of defects As the manufacturer Fortinet understands that good quality is critical to satisfying customers and retaining their loyalty. In our endeavor to continuously achieve this objective, Fortinet has actively participated in third-party audits and testing since we first opened our doors. Through these third- party audits and testing we validate our design and development processes which help us guarantee that our products and solutions meet and exceed a wide range of regional, national, and international standard quality requirements. Construction • Vendor shall perform services in a good and workmanlike manner and in accordance with industry standards for the service provided. Fortinet is committed to ensuring that all of our products and services consistently exceed industry benchmarks and remain compliant with public sector regulatory frameworks and standards . The following is a list of suggested (but not limited to) IT Security Products and Data Protection Solutions categories. List all categories along with manufacturer that you are responding with: • Security Threat Intelligence Products and SeNices • Security Information and Event Management (SIEM) • Managed Security Services • Security awareness training • Security Consulting Services • Content Filtering • Anti-Virus/ Anti-Spam • Network Forensics / Real -Time Monitoring • Network Access Control • Firewalls • l'Jetwork Storage / Archiving F :::RTlnET: Response to RFP# 40-22 • Wireless Networks Bandwidth Management • Networking Hardware • Application Security • Cloud Security • Email Security and Archiving • Data Protection o Backup o Cloud Backup Risk Assessments , Encryption and Pseudonymization .> Data Destruction • Data Loss Prevention (OLP) • Consulting Services We have edited the list above to show which suggested capabilities Fottinet's products and services address. Described at a high level, our products and services include: • Physical and virtual cybersecurity appliances (hardware appliances and perpetual software licenses) that provide functional capabilities in these areas: o Network Security o Cloud Security o Web Application Security o Email Security o Advanced Threat Protection o Secure Unified Access o Endpoint Security o Management and Analytics • FortiGuard Security Subscriptions (term software licenses) for: o Application control o Intrusion prevention o Antivirus o Sandboxing o IP reputation and anti-botnet o Web filtering o Web application security o Credential stuffing defense o Database security o Virus outbreak protection o Content disarm and reconstruction o Security rating • Hardware and software maintenance plans (as described in Section 4.12) o 8 x 5 support o 24 x 7 support o 3600 support (24 x 7 support with proactive monitoring and health checks) o Premium support services • Professional Services o Remote engineering support o Onsite engineering support • Training o Onsite courses o Self-paced courses o Instructor-led virtual courses Response to RFP# 40-22 TAB 6 REFERENCES Provide at least ten ( 10) customer references for products and/or services of similar scope dating within the past three (3) years. Please provide a range of references across all eligible government entity groups including K-12, higher education, city, county, or non-profit entities. All references should include the following information from the entity: • Entity Name • Contact Name and Title • City and State • Phone • Email • Years Serviced • Description of Services • Annual Volume NCPA also accepts Procurated review scores to evaluate relationships with their customers. Vendors without a current Procurated score will be rated based solely on the references provided, and will not be penalized for lack of Procurated scoring. To find out your company's Procurated score please go to https://www.procurated.com. Response to RFP# 40-22 TAB 7 PRICING Please submit price list electronically via our online Bonfire portal (pricing can be submitted as Discount off MSRP, cost plus, etc). Products, services, warranties, etc. should be included in price list. Prices submitted will be used to establish the extent of a respondent's products and services (Tab 5) that are available and also establish pricing per item. Price lists must contain the following: • Product name and part number (include both manufacturer part number and respondent part number if different from manufacturers). • Description • Vendor's List Price • Percent Discount to NCPA participating entities Fortinet's submitted price list complies with this requirement. Not To Exceed Pricing • NCPA requests pricing be submitted as "not to exceed pricing" for any participating entity. • The awarded vendor can adjust submitted pricing lower but cannot exceed original pricing submitted for solicitation. • NCPA requests that vendor honor lower pricing for similar size and scope purchases to other members. Fortinet will ensure that all resellers authorized to sell through an awarded NCPA contract understand that the prices on our price list are "not to exceed prices"; however, since size and scope are only two of multiple factors that can impact the price ofa customer's unique security solution, we cannot honor the request to honor lower pricing for similar size and scope purchases. F :::RTlnET. Response to RFP# 40-22 TAB 8 VALUE ADDED PRODUCTS AND SERVICES Include any additional products and/or services available that vendor currently performs in their normal course of business that is not included in the scope of the solicitation that you think will enhance and add value to this contract for Region 14 ESC and all NCPA participating entities. If awarded a NCPA contract in response to this RFP, as value adds to our submitted offer of our entire line of products and services, Fortinet is proud to offer the following two FREE additional programs: 1. FORTINET'S FREE GRANT SUPPORT PROGRAM Public sector organizations face unique challenges in defending against the constant changing cyber threats landscape and most public sector agencies lack adequate funding to purchase the protection resources they need. Federal and state grants can provide valuable funding to the public sector that initiates or expands purchases they otherwise would not be able to. Through Fortinet's free Grant Support Program, Fortinet helps empower public sector customers to find and access grant funding to make their mission critical projects happen! Our FREE Grant Support Program helps public sector agencies by: a. Providing comprehensive grants infonnation for entities that are understaffed or lack experience with grant applications and don't know where to start. Finding and applying for grants can be a daunting and complicated task, but doing so is imperative right now for the public sector since currently there are billions of dollars in funding available for cybersecurity projects and solutions. Our Grant Support Program was created to assist entities successfully find and apply for grants. Our Grants Support Program consultants provide extensive grant resources and services, such as: in-depth grant research, grant funding availability reports, and grant application development assistance. We of course cannot guarantee funding, but we will do everything we can to assist an entity in submitting a successful grant application. b. Identifying all available grant funding for technology-rich projects. With a few specifics about an entity's needs, our Grants Support Program consultants will develop customized reports on funding opportunities that are the best fit for the project. The reports will identify the most relevant funders based on the project type, the organization type ( or types, in the case of a consortium project), and the geographic location where the project will be deployed. Then our consultants will review their findings with the entity on a conference call scheduled at the entity's convenience. We will also continually monitor granting sources and will provide notifications to the entity when grants or funding opportunities are released that best serve their project. c. Providing customized consultation services that help develop project ideas and even expand cybersecurity modernization initiatives. Grants tend to be awarded to projects that address a clearly identified need, either for a specific population or a defined geographic community. In addition, fundable projects F :::RTlnET. Response to RFP# 40-22 should have measurable objectives and a compelling reason for including the security technology needed to achieve those objectives . Our Grants Support Program consultants will help entities clarify and articulate their specific technology needs, assist in the development of measurable objectives, and provide input on other elements that might further strengthen the entities project proposal, application or other information required by the grant. Grants Support Program Frequently Asked Questions: • What's the benefit of utilizing Fortinet's Grants Support Program? Our Grants Support Program is designed to help public sector entities overcome financial barriers that prevent our customers from purchasing Fortinet 's cybersecurity solutions. We provide free support by assigning a grant expert who works with the entity throughout the entire grants process. • What entities are eligible to receive gra11tftmds? The public sector entities listed below are generally eligible to apply for federal or state grant funding opportunities as long as the project identified on the entity's submitted grant application meets the grant requirements. Government Organizations o State governments o County governments o City or township governments o Special district governments o Native American tribal governments Education Organizations o Independent school districts o Public and state controlled institutions of higher education o Private institutions of higher education Public Housing Organizations o Public housing authorities o Native American housing authorities • What are tire top gra11tftmdi11g streams for cybersecurity? Thousands of grant opportunities are made available each year in the US, providing billions of dollars in funding. Of course, not all of these opportunities are technology-friendly; however the following grant opportunities have been identified as the top funding streams for cybersecuri ty: o Infrastructure Investment and Jobs Act, including State and Local Cybersecurity Grant Program ($550B) o Stimulus funding from the American Rescue Plan ($1.9T) o Tying into energy and climate funding available through Inflation Reduction Act ($369B) o Tying into annual funding available from 26 federal grant-making agencies ($700B) • Where do I get more information on Fortinet's Grants Support Program? For more information on this program, please email us at: sled ca pture @fortinet.com . F :::RTlnET: Respon se to RFP# 40-22 2. FORTINET'S FREE SECURITY AWARENESS AND TRAINING PROGRAM The US education sector is in the midst of a cyber crisis. The shift to cloud-based virtual learning during COVID-19 created the perfect stonn for threat actors to capitalize on. Education IT departments, already weathering a shortage of physical resources, funding, and staffing, unexpectedly faced an even greater challenge. Without the human resources and advanced solutions to secure vulnerabilities in their networks, K-12 school districts and higher- ed institutions became easy targets . In July 2022, Fortinet participated in the White House National Cyber Workforce and Education Summit where Fortinet participated in important discussions around solutions to help address this significant challenge facing the cybersecurity industry in the United States . As a result of these discussions, Fortinet announced its commitment to expand its existing Information Security Awareness and Training program to make it available to all K-12 school districts and systems across the United States for FREE! Schools that take advantage of this free offering will be training their staff and faculty with skillsets and knowledge that could prevent them from falling victim to popular threat methods, such as social engineering attempts, reducing the likelihood of a security breach. Fortinet 's Security Awareness and Training program was developed by Fortinet's award-winning Training Institute. With content incorporating threat intelligence insights from FortiGuard Labs, this training arms faculty and staff with the latest knowledge , guidance, and tips to make smarter choices when confronted by cyberattacks and other security risks. Security Awareness and Training Frequently Asked Questions: • What key be11efits will K-12 school districts a11d systems gai11from pa1ticipati11g i11 this trai11i11g? By participating in our Security Awareness and Training K-12 school districts and systems will : o Have trained faculty and staff that will prevent or recognize and report potential security threats whether in an email, online, or in a physical setting . o Satisfy city, county, state, and national requirements for security and awareness training across major frameworks (this training aligns to the National Institute of Standards and Technology framework -NIST 800-50 and NIST 800-16). o Prevent the impact of breaches caused by faculty and staff errors and/or poor judgement. o Ensure faculty and staff are properly trained on data privacy and security, and are motivated to protect personally identifiable information and other sensitive data. • How comprehe11sive is this free trai11i11g program? We are offering the premium version of our Infonnation Security Awareness and Training program free of charge to K-12 school districts and systems . This premium training consists of 23 Base Modules, 10 Re-engagement Modules and 18 Reinforcement Modules and is delivered in multiple formats, including video, text, audio, imagery, and animation, which appeals to different learning styles to ensure that the training is understood and applied . • Where do I get more i11formatio11 011 this trai11i11g? For more information on this program visiting our website at http://fortinet.com/Kl2trainingUS , or to register for this training, please email us at kl2trainingUS @ fortinet.com . Response to RFP# 40-22 TAB 9 REQUIRED DOCUMENTS • Federal Funds Certifications • Clean Air and Water Act & Debarment Notice • Contractors Requirements • Required Clauses for Federal Assistance by FTA • Federal Required Signatures • Antitrust Certification Statements Texas Government Code§ 2155.005 • State Notice Addendum FEDERAL FUNDS CERTIFICATIONS Participating Agencies may elect to use federal funds to purchase under the Master Agreement. The following certifications and provisions may be required and apply when a Participating Agency expends federal funds for any purchase resulting from this procurement process. Pursuant to 2 C.F .R. § 200.326, all contracts, including small purchases, awarded by the Participating Agency and the Participating Agency's subcontractors shall contain the procurement provisions of Appendix II to Part 200, as applicable. APPENDIX II TO 2 CFR PART 200 (A) Contracts for more than the simplified acquisition threshold currently set at $250,000, which is the inflation adjusted amount determined by the Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council (Councils) as authorized by 41 U.S.C. 1908, must address administrative, contractual, or legal remedies in instances where contractors violate or breach contract terms, and provide for such sanctions and penalties as appropriate. • Pursuant to Federal Rule (A) above, when a Participating Agency expends federal funds, the Participating Agency and Offerer reserves all rights and privileges under the applicable laws and regulations with respect to this procurement in the event of breach of contract by either party. (B) Termination for cause and for convenience by the grantee or subgrantee including the manner by which it will be effected and the basis for settlement. (All contracts in excess of $10,000) • Pursuant to Federal Rule (B) above, when a Participating Agency expends federal funds, the Participating Agency reserves the right to terminate any agreement in excess of $10,000 resulting from this procurement process in the event of a breach or default of the agreement by Offerer as detailed in the terms of the contract (C) Equal Employment Opportunity. Except as otherwise provided under 41 CFR Part 60, all contracts that meet the definition of "federally assisted construction contract" in 41 CFR Part 60- 1.3 must include the equal opportunity clause provided under 41 CFR 60-1.4(b ), in accordance with Executive Order 11246, "Equal Employment Opportunity" (30 CFR 12319, 12935, 3 CFR Part, 1964-1965 Comp., p. 339), as amended by Executive Order 11375, "Amending Executive Order 11246 Relating to Equal Employment Opportunity," and implementing regulations at 41 CFR part 60, "Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor." • Pursuant to Federal Rule (C) above, when a Participating Agency expends federal funds on any federally assisted construction contract, the equal opportunity clause is incorporated by reference herein. (D) Davis-Bacon Act, as amended (40 U.S.C. 3141-3148). When required by Federal program legislation, all prime construction contracts in excess of $2,000 awarded by non-Federal entities must include a provision for compliance with the Davis-Bacon Act (40 U.S.C. 3141-3144, and 3146-3148) as supplemented by Department of Labor regulations (29 CFR Part 5, "Labor Standards Provisions Applicable to Contracts Covering Federally Financed and Assisted Construction"). In accordance with the statute, contractors must be required to pay wages to laborers and mechanics at a rate not less than the prevailing wages specified in a wage determination made by the Secretary of Labor. In addition, contractors must be required to pay wages not less than once a week. The non-Federal entity must place a copy of the current prevailing wage determination issued by the Department of Labor in each solicitation. The decision to award a contract or subcontract must be conditioned upon the acceptance of the wage determination. The non-Federal entity must report all suspected or reported violations to the Federal awarding agency. The contracts must also include a provision for compliance with the Copeland "Anti-Kickback" Act (40 U.S.C. 3145), as supplemented by Department of Labor regulations (29 CFR Part 3, "Contractors and Subcontractors on Public Building or Public Work Financed in Whole or in Part by Loans or Grants from the United States"). The Act provides that each contractor or subrecipient must be prohibited from inducing, by any means, any person employed in the construction, completion, or repair of public work, to give up any part of the compensation to which he or she is otherwise entitled. The non-Federal entity must report all suspected or reported violations to the Federal awarding agency. • Pursuant to Federal Rule (D) above, when a Participating Agency expends federal funds during the term of an award for all contracts and subgrants for construction or repair, offeror will be in compliance with all applicable Davis-Bacon Act provisions • Any Participating Agency will include any current and applicable prevailing wage determination in each issued solicitation and provide Offeror with any required documentation and/or forms that must be completed by Offeror to remain in compliance the applicable Davis-Bacon Act provisions. (E) Contract Work Hours and Safety Standards Act (40 U.S.C. 3701-3708). Where applicable, all contracts awarded by the non-Federal entity in excess of $100,000 that involve the employment of mechanics or laborers must include a provision for compliance with 40 U.S.C. 3702 and 3704, as supplemented by Department of Labor regulations (29 CFR Part 5). Under 40 U.S.C. 3702 of the Act, each contractor must be required to compute the wages of every mechanic and laborer on the basis of a standard work week of 40 hours. Work in excess of the standard work week is permissible provided that the worker is compensated at a rate of not less than one and a half times the basic rate of pay for all hours worked in excess of 40 hours in the work week. The requirements of 40 U.S.C. 3704 are applicable to construction work and provide that no laborer or mechanic must be required to work in surroundings or under working conditions which are unsanitary, hazardous or dangerous. These requirements do not apply to the purchases of supplies or materials or articles ordinarily available on the open market, or contracts for transportation or transmission of intelligence. • Pursuant to Federal Rule (E) above, when a Participating Agency expends federal funds, offeror certifies that offeror will be in compliance with all applicable provisions of the Contract Work Hours and Safety Standards Act during the term of an award for all contracts by Participating Agency resulting from this procurement process. (F) Rights to Inventions Made Under a Contract or Agreement. If the Federal award meets the definition of "funding agreement" under 37 CFR §401.2 (a) and the recipient or subrecipient wishes to enter into a contract with a small business firm or nonprofit organization regarding the substitution of parties, assignment or performance of experimental, developmental, or research work under that "funding agreement," the recipient or subrecipient must comply with the requirements of 37 CFR Part 401, "Rights to Inventions Made by Nonprofit Organizations and Small Business Firms Under Government Grants, Contracts and Cooperative Agreements," and any implementing regulations issued by the awarding agency. • Pursuant to Federal Rule (F) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency resulting from this procurement process, the offeror agrees to comply with all applicable requirements as referenced in Federal Rule (F) above (G) Clean Air Act (42 U.S.C. 7401-7671q.) and the Federal Water Pollution Control Act (33 U.S.C. 1251-1387), as amended-Contracts and subgrants of amounts in excess of $150,000 must contain a provision that requires the non-Federal award to agree to comply with all applicable standards, orders or regulations issued pursuant to the Clean Air Act (42 U.S.C. 7401-7671q) and the Federal Water Pollution Control Act as amended (33 U.S.C. 1251-1387). Violations must be reported to the Federal awarding agency and the Regional Office of the Environmental Protection Agency (EPA). • Pursuant to Federal Rule (G) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency member resulting from this procurement process, the offeror agrees to comply with all applicable requirements as referenced in Federal Rule (G) above (H) Debarment and Suspension (Executive Orders 12549 and 12689)-A contract award (see 2 CFR 180.220) must not be made to parties listed on the government wide exclusions in the System for Award Management (SAM), in accordance with the 0MB guidelines at 2 CFR 180 that implement Executive Orders 12549 (3 CFR part 1986 Comp., p. 189) and 12689 (3 CFR part 1989 Comp., p. 235), "Debarment and Suspension." SAM Exclusions contains the names of parties debarred, suspended, or otherwise excluded by agencies, as well as parties declared ineligible under statutory or regulatory authority other than Executive Order 12549. • Pursuant to Federal Rule (H) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency resulting from this procurement process, the offeror certifies that neither it nor its principals is presently debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation by any federal department or agency. If at any time during the term of an award the offeror or its principals becomes debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation by any federal department or agency, the offeror will notify the Participating Agency (I) Byrd Anti-Lobbying Amendment (31 U.S.C. 1352)-Contractors that apply or bid for an award exceeding $100,000 must file the required certification. Each tier certifies to the tier above that it will not and has not used Federal appropriated funds to pay any person or organization for influencing or attempting to influence an officer or employee of any agency, a member of Congress, officer or employee of Congress, or an employee of a member of Congress in connection with obtaining any Federal contract, grant or any other award covered by 31 U.S.C. 1352. Each tier must also disclose any lobbying with non-Federal funds that takes place in connection with obtaining any Federal award. Such disclosures are forwarded from tier to tier up to the non-Federal award. • Pursuant to Federal Rule (I) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term and after the awarded term of an award for all contracts by Participating Agency resulting from this procurement process, the offerer certifies that it is in compliance with all applicable provisions of the Byrd Anti- Lobbying Amendment (31 U.S.C. 1352). The undersigned further certifies that: o No Federal appropriated funds have been paid or will be paid for on behalf of the undersigned, to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with the awarding of a Federal contract, the making of a Federal grant, the making of a Federal loan, the entering into a cooperative agreement, and the extension, continuation, renewal, amendment, or modification of a Federal contract, grant, loan, or cooperative agreement. o If any funds other than Federal appropriated funds have been paid or will be paid to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with this Federal grant or cooperative agreement, the undersigned shall complete and submit Standard Form-LLL , "Disclosure Form to Report Lobbying ", in accordance with its instructions. o The undersigned shall require that the language of this certification be included in the award documents for all covered sub-awards exceeding $100,000 in Federal funds at all appropriate tiers and all subrecipients shall certify and disclose accordingly. RECORD RETENTION REQUIREMENTS FOR CONTRACTS INVOLVING FEDERAL FUNDS When federal funds are expended by Participating Agency for any contract resulting from this procurement process, offerer certifies that it will comply with the record retention requirements detailed in 2 CFR § 200.334. The offerer further certifies that offerer will retain all records as required by 2 CFR § 200.334 for a period of three years after grantees or subgrantees submit final expenditure reports or quarterly or annual financial reports, as applicable, and all other pending matters are closed. CERTIFICATION OF COMPLIANCE WITH THE ENERGY POLICY AND CONSERVATION ACT When Participating Agency expends federal funds for any contract resulting from this procurement process, offeror certifies that it will comply with the mandatory standards and policies relating to energy efficiency which are contained in the state energy conservation plan issued in compliance with the Energy Policy and Conservation Act (42 U.S.C. 6321 et seq.; 49 C.F.R. Part 18). CERTIFICATION OF COMPLIANCE WITH BUY AMERICA PROVISIONS To the extent purchases are made with Federal Highway Administration, Federal Railroad Administration, or Federal Transit Administration funds, offeror certifies that its products comply with all applicable provisions of the Buy America Act and agrees to provide such certification or applicable waiver with respect to specific products to any Participating Agency upon request. Participating Agencies will clearly identify whether Buy America Provisions apply in any issued solicitation. Purchases made in accordance with the Buy America Act must still follow the applicable procurement rules calling for free and open competition. CERTIFICATION OF ACCESS TO RECORDS Offeror agrees that the Inspector General of the Agency or any of their duly authorized representatives shall have access to any non-financial documents, papers, or other records of offeror that are pertinent to offeror's discharge of its obligations under the Contract for the purpose of making audits, examinations, excerpts, and transcriptions. The right also includes timely and reasonable access to offeror's personnel for the purpose of interview and discussion relating to such documents. This right of access will last only as long as the records are retained. CERTIFICATION OF APPLICABILITY TO SUBCONTRACTORS Offeror agrees that all contracts it awards pursuant to the Contract shall be bound by the foregoing terms and conditions. CLEAN AIR AND WATER ACT AND DEBARMENT NOTICE By the signature below (Under Federal Required Signatures), I, the Vendor, am in compliance with all applicable standards, orders or regulations issued pursuant to the Clean Air Act of 1970, as Amended (42 U.S. C. 1857 (h), Section 508 of the Clean Water Act, as amended (33 U.S.C. 1368), Executive Order 117389 and Environmental Protection Agency Regulation, 40 CFR Part 15 as required under 0MB Circular A-102, Attachment 0, Paragraph 14 (1) regarding reporting violations to the granter agency and to the United States Environment Protection Agency Assistant Administrator for the Enforcement. I hereby further certify that my company has not been debarred, suspended or otherwise ineligible for participation in Federal Assistance programs under Executive Order 12549, "Debarment and Suspension", as described in the Federal Register and Rules and Regulations. CONTRACTOR REQUIRMENTS Contractor Certification Contractor's Employment Eligibility By entering the contract, Contractor warrants compliance with the Federal Immigration and Nationality Act (FINA), and all other federal and state immigration laws and regulations. The Contractor further warrants that it is in compliance with the various state statues of the states it is will operate this contract in. Participating Government Entities including School Districts may request verification of compliance from any Contractor or subcontractor performing work under this Contract. These Entities reserve the right to confirm compliance in accordance with applicable laws. Should the Participating Entities suspect or find that the Contractor or any of its subcontractors are not in compliance, they may pursue any and all remedies allowed by law, including, but not limited to: suspension of work, termination of the Contract for default, and suspension and/or debarment of the Contractor. All costs necessary to verify compliance are the responsibility of the Contractor. The offeror complies and maintains compliance with the appropriate statutes which requires compliance with federal immigration laws by State employers, State contractors and State subcontractors in accordance with the E-Verify Employee Eligibility Verification Program. Contractor shall comply with governing board policy of the NCPA Participating entities in which work is being performed. Fingerprint & Background Checks If required to provide services on school district property at least five (5) times during a month, contractor shall submit a full set of fingerprints to the school district if requested of each person or employee who may provide such service. Alternately, the school district may fingerprint those persons or employees. An exception to this requirement may be made as authorized in Governing Board policy. The district shall conduct a fingerprint check in accordance with the appropriate state and federal laws of all contractors, subcontractors or vendors and their employees for which fingerprints are submitted to the district. Contractor, subcontractors, vendors and their employees shall not provide services on school district properties until authorized by the District. The offeror shall comply with fingerprinting requirements in accordance with appropriate statutes in the state in which the work is being performed unless otherwise exempted. Contractor shall comply with governing board policy in the school district or Participating Entity in which work is being performed. Business Operations in Sudan, Iran In accordance with A.RS. 35-391 and A.RS. 35-393, the Contractor hereby certifies that the contractor does not have scrutinized business operations in Sudan and/or Iran. REQUIRED CLAUSES FOR FEDERAL ASSISTANCE PROVIDED BY FTA ACCESS TO RECORDS AND REPORTS Contractor agrees to: a) Maintain all non-financial books, records, accounts and reports required under this Contract for a period of not less than two (2) years after the date of termination or expiration of this Contract or any extensions thereof except in the event of litigation or settlement of claims arising from the performance of this Contract, in which case Contractor agrees to maintain same until the FTA Administrator, the U.S. DOT Office of the Inspector General, the Comptroller General, or any of their duly authorized representatives, have disposed of all such litigation, appeals, claims or exceptions related thereto . b) Permit any of the foregoing parties to inspect all non-financial work, materials, and other data and records that pertain to the Project, and to audit the non-financial books, records, and accounts that pertain to the Project and to reproduce by any means whatsoever or to copy excerpts and transcriptions as reasonably needed for the purpose of audit and examination. The right of access detailed in this section continues only as long as the records are retained. FTA does not require the inclusion of these requirements of Article 1.01 in subcontracts. CIVIL RIGHTS / TITLE VI REQUIREMENTS 1) Non-discrimination. In accordance with Title VI of the Civil Rights Act of 1964, as amended, 42 U.S.C. § 2000d, Section 303 of the Age Discrimination Act of 1975, as amended, 42 U.S.C. § 6102, Section 202 of the Americans with Disabilities Act of 1990, as amended, 42 U.S.C. § 12132, and Federal Transit Law at 49 U.S.C. § 5332, Contractor or subcontractor agrees that it will not discriminate against any employee or applicant for employment because of race, color, creed, national origin, sex, marital status age, or disability. In addition, Contractor agrees to comply with applicable Federal implementing regulations and other applicable implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. 2) Equal Employment Opportunity. The following Equal Employment Opportunity requirements apply to this Contract: a. Race, Color, Creed, National Origin, Sex. In accordance with Title VII of the Civil Rights Act, as amended, 42 U.S.C. § 2000e, and Federal Transit Law at 49 U.S .C. § 5332, the Contractor agrees to comply with all applicable Equal Employment Opportunity requirements of U.S. Dept. of Labor regulations, "Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor, 41 CFR, Parts 60 et seq., and with any applicable Federal statutes, executive orders, regulations, and Federal policies that may affect construction activities undertaken in the course of this Project. Contractor agrees to take affirmative action to ensure that applicants are employed, and that employees are treated during employment, without regard to their race, color, creed, national origin, sex, marital status, or age. Such action shall include, but not be limited to, the following : employment, upgrading, demotion or transfer, recruitment or recruitment advertising, layoff or termination, rates of pay or other forms of compensation; and selection for training, including apprenticeship. In addition, Contractor agrees to comply with any implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. b. Age. In accordance with the Age Discrimination in Employment Act (ADEA) of 1967, as amended, 29 U.S.C. Sections 621 through 634, and Equal Employment Opportunity Commission (EEOC) implementing regulations, "Age Discrimination in Employment Act", 29 CFR Part 1625, prohibit employment discrimination by Contractor against individuals on the basis of age, including present and prospective employees. In addition, Contractor agrees to comply with any implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. c. Disabilities. In accordance with Section 102 of the Americans with Disabilities Act of 1990, as amended (ADA), 42 U.S.C. Sections 12101 et seq., prohibits discrimination against qualified individuals with disabilities in programs, activities, and services, and imposes specific requirements on public and private entities. Contractor agrees that it will comply with the requirements of the Equal Employment Opportunity Commission (EEOC), "Regulations to Implement the Equal Employment Provisions of the Americans with Disabilities Act," 29 CFR, Part 1630, pertaining to employment of persons with disabilities and with their responsibilities under Titles I through V of the ADA in employment, public services, public accommodations, telecommunications, and other provisions. d. Segregated Facilities. Contractor certifies that their company does not and will not maintain or provide for their employees any segregated facilities at any of their establishments, and that they do not and will not permit their employees to perform their services at any location under the Contractor's control where segregated facilities are maintained. As used in this certification the term "segregated facilities" means any waiting rooms, work areas, restrooms and washrooms, restaurants and other eating areas, parking lots, drinking fountains, recreation or entertainment areas, transportation, and housing facilities provided for employees which are segregated by explicit directive or are in fact segregated on the basis of race, color, religion or national origin because of habit, local custom, or otherwise. Contractor agrees that a breach of this certification will be a violation of this Civil Rights clause. 3) Solicitations for Subcontracts. Including Procurements of Materials and Equipment. In all solicitations, either by competitive bidding or negotiation, made by Contractor for work to be performed under a subcontract, including procurements of materials or leases of equipment, each potential subcontractor or supplier shall be notified by Contractor of Contractor's obligations under this Contract and the regulations relative to non-discrimination on the grounds of race, color, creed, sex, disability, age or national origin. 4) Sanctions of Non-Compliance. In the event of Contractor's non-compliance with the non-discrimination provisions of this Contract, Public Agency shall impose such Contract sanctions as it or the FTA may determine to be appropriate, including, but not limited to: 1) Withholding of payments to Contractor under the Contract until Contractor complies, and/or; 2) Cancellation, termination or suspension of the Contract, in whole or in part. Contractor agrees to include the requirements of this clause in each subcontract financed in whole or in part with Federal assistance provided by FT A, modified only if necessary to identify the affected parties. DISADVANTAGED BUSINESS PARTICIPATION This Contract is subject to the requirements of Title 49, Code of Federal Regulations, Part 26, "Participation by Disadvantaged Business Enterprises in Department of Transportation Financial Assistance Programs", therefore, it is the policy of the Department of Transportation (DOT) to ensure that Disadvantaged Business Enterprises (DBEs), as defined in 49 CFR Part 26, have an equal opportunity to receive and participate in the performance of DOT-assisted contracts. 1) Non-Discrimination Assurances. Contractor or subcontractor shall not discriminate on the basis of race, color, national origin, or sex in the performance of this Contract. Contractor shall carry out all applicable requirements of 49 CFR Part 26 in the award and administration of DOT-assisted contracts. Failure by Contractor to carry out these requirements is a material breach of this Contract, which may result in the termination of this Contract or other such remedy as public agency deems appropriate. Each subcontract Contractor signs with a subcontractor must include the assurance in this paragraph . (See 49 CFR 26.13(b )). 2) Prompt Payment. Contractor is required to pay each subcontractor performing Work under this prime Contract for satisfactory performance of that work no later than thirty (30) days after Contractor's receipt of payment for that Work from public agency. In addition, Contractor is required to return any retainage payments to those subcontractors within thirty (30) days after the subcontractor's work related to this Contract is satisfactorily completed and any liens have been secured. Any delay or postponement of payment from the above time frames may occur only for good cause following written approval of public agency. This clause applies to both DBE and non-DBE subcontractors. Contractor must promptly notify public agency whenever a DBE subcontractor performing Work related to this Contract is terminated or fails to complete its Work, and must make good faith efforts to engage another DBE subcontractor to perform at least the same amount of work. Contractor may not terminate any DBE subcontractor and perform that Work through its own forces, or those of an affiliate, without prior written consent of public agency. 3) DBE Program. In connection with the performance of this Contract, Contractor will cooperate with public agency in meeting its commitments and goals to ensure that DBEs shall have the maximum practicable opportunity to compete for subcontract work, regardless of whether a contract goal is set for this Contract. Contractor agrees to use good faith efforts to carry out a policy in the award of its subcontracts, agent agreements, and procurement contracts which will, to the fullest extent, utilize DBEs consistent with the efficient performance of the Contract. ENERGY CONSERVATION REQUIREMENTS Contractor agrees to comply with mandatory standards and policies relating to energy efficiency which are contained in the State energy conservation plans issued under the Energy Policy and Conservation Act, as amended, 42 U.S.C. Sections 6321 et seq. and 41 CFR Part 301-10. FEDERAL CHANGES Contractor shall at all times comply with all applicable FTA regulations, policies, procedures and directives, listed directly or by reference in the Contract between Public Agency and the FTA, and those applicable regulatory and procedural updates that are communicated to Contractor by Public Agency, as they may be amended or promulgated from time to time during the term of this contract. Contractor's failure to so comply shall constitute a material breach of this Contract. INCORPORATION OF FEDERAL TRANSIT ADMINISTRATION (FTA) TERMS The provisions include, in part, certain Standard Terms and Conditions required by the U.S. Department of Transportation (DOT), whether or not expressly set forth in the preceding Contract provisions. All contractual provisions required by the DOT and applicable to the scope of a particular Contract awarded to Contractor by a Public Agency as a result of solicitation, as set forth in the most current FTA Circular 4220.1 F, published February 8th , 2016, are hereby incorporated by reference. Anything to the contrary herein notwithstanding, all FTA mandated terms shall be deemed to control in the event of a conflict with other provisions contained in this Contract. Contractor agrees not to knowingly perform any act, knowingly fail to perform any act, or refuse to comply with any reasonable public agency requests that would directly cause public agency to be in violation of the FTA terms and conditions. NO FEDERAL GOVERNMENT OBLIGATIONS TO THIRD PARTIES Agency and Contractor acknowledge and agree that, absent the Federal Government's express written consent and notwithstanding any concurrence by the Federal Government in or approval of the solicitation or award of the underlying Contract, the Federal Government is not a party to this Contract and shall not be subject to any obligations or liabilities to agency, Contractor, or any other party (whether or not a party to that contract) pertaining to any matter resulting from the underlying Contract. Contractor agrees to include the above clause in each subcontract financed in whole or in part with federal assistance provided by the FT A. It is further agreed that the clause shall not be modified, except to identify the subcontractor who will be subject to its provisions. PROGRAM FRAUD AND FALSE OR FRAUDULENT STATEMENTS Contractor acknowledges that the provisions of the Program Fraud Civil Remedies Act of 1986, as amended, 31 U.S.C. §§ 3801 et seq. and U.S. DOT regulations, "Program Fraud Civil Remedies," 49 CFR Part 31, apply to its actions pertaining to this Contract. Upon execution of the underlying Contract, Contractor certifies or affirms, to the best of its knowledge, the truthfulness and accuracy of any statement it has made, it makes, it may make, or causes to me made, pertaining to the underlying Contract or the FTA assisted project for which this Contract Work is being performed. In addition to other penalties that may be applicable, Contractor further acknowledges that if it makes, or causes to be made, a false, fictitious, or fraudulent claim, statement, submission, or certification, the Federal Government reserves the right to impose the penalties of the Program Fraud Civil Remedies Act of 1986 on Contractor to the extent the Federal Government deems appropriate. Contractor also acknowledges that if it makes, or causes to me made, a false, fictitious, or fraudulent claim, statement, submission, or certification to the Federal Government under a contract connected with a project that is financed in whole or in part with Federal assistance originally awarded by FTA under the authority of 49 U.S.C. § 5307, the Government reserves the right to impose the penalties of 18 U.S.C. § 1001 and 49 U.S.C. § 5307 (n)(1) on the Contractor, to the extent the Federal Government deems appropriate. Contractor agrees to include the above clauses in each subcontract financed in whole or in part with Federal assistance provided by FTA. It is further agreed that the clauses shall not be modified, except to identify the subcontractor who will be subject to the provisions. FEDERAL REQUIRED SIGNATURES Offeror certifies compliance with all provisions, laws, acts, regulations, etc. as specifically noted in the pages above. It is further acknowledged that offeror agrees to comply with all federal, state, and local laws, rules, regulations and ordinances as applicable. Offeror Fortinet, Inc. Address 899 Kifer Road City/State/Zip Sunnyvale, CA 94086 Authorized Signature Date 11/15/2022 ANTITRUST CERTIFICATION STATEMENTS TEXAS GOVERNMENT CODE § 2155.005 I affirm under penalty of perjury of the laws of the State of Texas that: (1) I am duly authorized to execute this contract on my own behalf or on behalf of the company, corporation, firm, partnership or individual (Company) listed below; (2) In connection with this bid, neither I nor any representative of the Company has violated any provision of the Texas Free Enterprise and Antitrust Act, Tex. Bus. & Comm. Code Chapter 15; (3) In connection with this bid, neither I nor any representative of the Company has violated any federal antitrust law; and (4) Neither I nor any representative of the Company has directly or indirectly communicated any of the contents of this bid to a competitor of the Company or any other company, corporation, firm, partnership or individual engaged in the same line of business as the Company. Company Name Fortinet, Inc. Address 899 Kifer Road City/State/Zip Sunnyvale, CA 94086 Telephone Number (850) 728-6504 Fax Number N/A Email Address baileyj@fortinet.com Printed Name Jerilyn Bailey Title Public Sector Contracts Manager Authorized Signature STATE NOTICE ADDENDUM The National Cooperative Purchasing Alliance (NCPA), on behalf of NCPA and its current and potential participants to include all county, city, special district, local government, school district, private K-12 school, higher education institution, state, tribal government, other government agency, healthcare organization, nonprofit organization and all other Public Agencies located nationally in all fifty states, issues this Request for Proposal (RFP) to result in a national contract. For your reference, the links below include some, but not all, of the entities included in this proposal: http://www.usa.gov/Agencies/State and Territories.shtml https://www.usa.gov/local-governments @ ~e~~t~~ !!es~!:n~g~!1!!.1e~:e~~!~ mesh plattonn Security-Driven Q Networking w 111 -~· ■ (<•)) X ~ @ @ ~ ••• • • .... FortlGate NGFW w/ SOC acceleration and Industry-leading secure SD-WAN FortlGate SD-WAN Applicatlon-centric, scalable, and Secure SO.WAN with NGFW FortlExtender Extend scalable and resilient L TE and LAN connectivily FortlAP Protect LAN Edge deployments with wireless connectivity FortlSwltch Deliver security, performance , and manageable access to data Llnksys HomeWRK Enterprise networking solution for remote and hybrid workers FortlSASE Scalable, Simple, and Secure Access for Remote Workforce FortlProxy Enforce internet compliance and granular apptlcation control Fortllsolator Maintain an ·air-gap~ between browser and web content 111 ~ © €} {@ ►(f V ---...-- ~ @ Cloud ,A Security W, FortlGateVM NGFW w/ SOC acceleration and Industry-leading secure SO.WAN FortlODoS Machine-learning quickly Inspects traffic at layers 3, 4, and 7. FortlCWP Manage risk and compliance thtough mIJU-doud Infrastructures FortlDevSec Continuous appllcatlon security testing In CVCO pipelines FortlWeb Prevent web application attacks against critical web assets FortlADC Applicatio~aware intelligence for distribution of application traffic FortlGSLB Cloud Ensure business continuity during unexpected network downtime FortlMall Secure mai gateway to protect against SPAM and virus attecl<s FortlCASB Prevent mlsconfiguratIons of Saas applications and meet compliance ~ ~i €)=> 1-j,wal ill Zero Trust ~ Access w FortlNAC Enforce dynamic network access control and network segmentation ZTNAAgent Remote access, application access, and risk reduction FortlAuthentlcator Identify users wherever they are and enforce strong authentication FortlToken One-Ume password application with push no11ficatlon FortlCllent Fabric Agent IPSec and SSL VPN tunnel. endpoint telemetry and more @. FortlConnect ~ Simplified guest access , BYOD , and policy managemem FortiGuard Threat Intelligence Po\1ered by For1iGuard Lc,bs • ~ ~ ''®t'ifa~\ Thraal Mo1p ~~•-....... . Fabric Management Center: NOC Q ~ <ill) + @ ) 60 0 Forti Manager Cenlralized managemem of your Foninet security Infrastructure FortlGate Cloud Saas w/ zero touch deployment, configuration, and management FortlMonltor Analysis tool to provide NOC and SOC monitoring capabilities FortlAIOps Network lmpect10n to rapidly analyze . enabCe , and correlate FortlExtender Cloud Deploy . manage , and customize L TE internet access FNDN Exclusive developer community for access to advanced tools & scnpts Open~ Ecosystem g The Industry's most extensive ecosystem or Integrated solutions w 00 Fabric Connectors Fort,net•developed DevOps Tools & Scripts Fortme1 & commumty•dnven ~ Fabric API Integrations ~ Penner.led ¥ Extended Ecosystem ,t "-Threat sharing w1 tech vendors INTERACTIVE INFOGRAPHICS Icons on this document link to add1ttonal information Fabric Management a Center: SOC v FortiCare • .Bi Support Services 5P. ~ ~ ~ ,.ct ~ ~ 'OJ '-.::. jm ,j <@ ® FortlDeceptor Discover active attackers inside with decoy assets FortlNDR Accelerate mitigation of evolving threats and threat Investigation FortlEDR Automated protection and orchestrated Incident response FortlSandbox / FortlAI Secure vtnual RNTtlme environment to expose unknown threats FortlAnalyzer Correlation , reporting , and log management In Security Fabnc FortlSIEM Integrated security . performance , and availability monitoring FortlSOAR Automated security operations , analytics , and response FortlTester Network performance testing and breech attack •lmulation (BAS) SOC as a Service continuous awareness and comrol of events. alerts, and threats Incident Response Service Olg ltal forensic analysis, response, containment, and guidance @(l)m FortlCare Essentials 15% of hardware, FG-80 & below FortiCare Premium· FortiCare Elite·· 20% of hardware 25% of hardware · FortlC3re Premium ,s fonnerly 24x7 Support. lower support price for Sw1u:hes and APs " Response llme for Htgh Pnonly lsckets. Availabla lor Fo,uGa\e, FortiManager Fo11JAnalyze1 FortiSwi!en and Fo.-llAP ~ l£I ~ § ~ ® . s ~9 ~ Fortlnet Brochure HlgNlghtlng our broad, Integrated, end automated solutions, quarterly Free Training Fortlnet is committed to training over 1 million people by 2025 Free Assessments Validate existing network controls for NGFW, Email, and SO.WAN FortlOS The Hean of the Fort ino! Security Fabric FortlCamera Centrally-managed HDTV-quality security coverage reliability FortlFone Robust IP Phones w/ HO Audio with centralized managemem Revised June 1. 202~ I © Fortinet Inc. All Rights Reserved. F :::RTlnET: Convergence of Networking and Security Digital Security, everywhere you need it. Networking Q3 I 2022 Security Strong Growth in Annual Billings and Profitability BILLINGS GAAP OPERATING MARGIN CAGR:24% 1.SB 2.2B 2.6B 3.1B 4.2B 7.5" 13.0" 16.2" 20.5" 19.5" 2017 2018 2019 2020 2021 2017 2018 2019 2020 2021 Highly Diversified Across Regions and Segments Q2 2022 REVENUE BY REGION Q2 2022 BILLINGS BY SEGMENT ■ EMEA ■ AMERICAS ■ APAC ■ HIGH-END ■ MIDRANGE ■ ENTRY-LEVEL Technological Leadership Nearly 3X more patents than comparable Network Security companies II) .... C: Q) .... cu C. ti) ::::, #3faiil ■i3i 925 Palo Alto Networks 344 SonicWall 219 Zscaler 139 Check Point 95 Source US Patent Office, As of June 30, 2022 1279 Global Patents 925 U.S. Patents 354 International Patents (247 Pend ing Patents) A Large and Growing Total Available Market Total Addressable market of $138B in 2022 growing to $199B by 2026 Source Fortmet estimates based on recent analyst research 2026 opportunity shewn Networking & Communications $68.4B Network St'cunty $27.1B Zeto Trust St'curily $29.3B Cloud Sccuuty $31.2B Security Ops $42.6B The Most Deployed Network Security Solution Over One-Third of All Firewall Shipments 40.0% Js.o •t. 30.0% 25.0% 20.0% 10.0•1o 5.0% 0.0% IDC Cisco ~------P-~....:_----· _.,....------Check Point --· -----.------------ --------Palo Al l a Networks 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 Source IOC V/orldw1de Security ~pphance Tracher February 2022 {based on unit shipments of Firewall, UT'v1 and VPM appliances) .. Fortinet -Making possible a digital world you can always trust For over 20 years, Fortinet has been a driving force in the evolution of cybersecurity and the convergence of networking and security. Our network security solutions are the most deployed, most patented, and among the most validated in the industry. Our broad, complementary portfolio of cybersecurity solutions are built from the ground up with integration and automation in mind, enabling more efficient, self-healing operations and a rapid response to known and unknown threats. Investing In Global Scale • With over 2M square feet of real estate owned, we are investing in long term economic growth. • Commitment to carbon neutral by 2030. • New state-of-the-art LEED- Gold Certified 172,000 sqft HQ building . 7 Mission: to secure people, devices and data everywhere Founded: October 2000 Headquarters: Sunnyvale, CA Fortinet IPO (FTNT): November 2009 NASDAQ100andS&PSO~ Only cybersecurity company in both Corporate Social Responsibility ., Investing $1 o B billings b in the future 2025 Learn more at Fortinet.com/CSR A digital world you can always trust is essential to achieving just and sustainable societies. At Fortinet, we believe it is our corporate social responsibility to deliver on that vision by innovating sustainable security technologies, diversifying cybersecurity talent, and promoting responsible business across our value chain . cCb '-l..Jl Innovative for a Safe Internet Growing an Inclusive Cybersecurity Workforce Respecting the Environment Key Fortinet Advantages Security Fabric Organically developed, highly integrated and automated cybersecurity platform ••• • • ---SPU Security Processors Superior NGFW and SD-WAN performance and efficiency Promoting Responsible Business # of companies Value& Performance Integration Prevention Detection The only company to excel at all key stages of network security 4 The Convergence of Networking and Security Traditional networking lacks awareness of content, applications, users, devices, location and more . Organizations have overlaid security solutions on to the network later to account for this shortcoming -but doing so has led to increased management complexity, performance bottlenecks, poor user experience, and the potential introduction of new exploitable gaps or vulnerabilities . A better Security-driven Networking approach converges networking and security into a single, accelerated solution . A specially designed operating system and security processors work in concert to greatly improve network performance and security posture, adding greater awareness while also improving user experience, easing management complexity, and decreasing footprint and power consumption. Networking m VPN X -❖--• WLAN Switch Routing @ Pro xy ooe Appliances Lack Awareness + Security 000 Software Delivers Network Awareness Security-Driven Networking ZTNA ➔ ((•)) eg ~ -~-X □CJ □ NGFW ~ .. -----------... ~ l=~I ca • (o) 1 Appli ance I I VM Saas ·-----------· Consolidation of Vendors and Point Solutions to a Platform Cybersecurity has traditionally been deployed one solution at time, in response to each emerging problem or challenge. However, individual security solutions -typically from a new vendor -are not designed to work well with the other deployed solutions . With meaningful levels of cross-vendor integration and automation proving difficult to achieve, management complexity is massively increased, and effective response to new threats is simply too slow. A more effective approach is to consolidate point product vendors into a cybersecurity platform, allowing for much tighter integration , increased automation, and a more rapid, coordinated, and effective response to threats across the network . Cybersecurity Point Products Cybersecurity Platform Approach • . . 20 Vendors 4-6 Platforms The Fortinet Security Fabric The Fortinet Security Fabric is at the heart of the Fortinet security strategy. It is a platform organically built around a common operating system and management framework to enable broad visibility, seamless integration and interoperability between critical security elements, and granular control and automation. Broad visibility and protection of the entire digital attack surface to better manage risk. Integrated solution that reduces management complexity and shares threat intelligence . Automated self-healing networks with Al-driven security for fast and efficient operations. Learn more at Fortinet.com/Securityfabric • I . . . ' . .. -·----·--•- ... . . . . . . . . . . . . . Broad Portfolio of Solutions to Protect Your Digital Attack Surface @ @ ~ @ @ @ Zero Trust Secure Cloud Network Security Open Access Networking Security Operations Operations Ecosystem • ZTNA Agent • Network • Cloud-native • Network • Endpoint (EDR/ • Fabric • Authentication Firewall Protection Management XDR) Connectors • MFA/Token • SD-WAN • DevSecOps • Network • Automation: • Fabric API • SASE • SD-Branch • Cloud Firewall Orchestration SIEM/ SOAR • Fabric DevOps • Web Proxy • SD-WAN for • Network • Managed SOC • Extended Multi-cloud Monitoring &MDR Ecosystem • Wi-Fi • WAF • Cloud • DRPS, EASM • 490+ Open • Switching • Email Security Management • Deception Ecosystem • 5G/LTE •ADC/ GSLB • Digital • Integrations • Network Experience Access Control • Anti-DDOS Monitoring • And More ... • CASB • FortiGuard Labs -Industry-leading Threat Intelligence • Founded in 2002, FortiGuard Labs is Fortinet's elite cybersecurity threat intelligence and research organization. Partnering with law enforcement agencies, government organizations, and security vendor alliances worldwide to fight emerging global security risks. FortiGuard labs maintain real-time threat intelligence and innovative prevention tactics and tools across the Fortinet Security Fabric in three key categories: Trusted ML and Al Stop unknown faster with Powerful combination of actionable local learning and Al & ML models on large-scale cloud-driven data lakes. ~ Real-Time Threat -~ Intelligence Proactive security posture through continuous security updates based on in-house research and collaboration. Threat hunting and Outbreak Alerts Faster remediation wi!tl Alerts, analysis and detection, prevention and remediation tools including outbreaks. Global Leadership & Collaboration: <>CYBER THREAT ., I •• WORLD ECQNOMIC FQRUM -. INTERPOL FortiGuard Al-Powered Security Rich set of industry leading security capabilities unified into one security framework . Delivering coordinated, context- aware policy for hybrid deployments across networks, endpoints, and clouds. The services continually assess the risk and automatically adjust the prevention to counter known and unknown threats in real-time . Market Leading Security as a Service ML-enabled security, deployed close to the protected assets powered by FortiGuard Labs Consistent Context Aware Policy Centralized detection and prevention delivered from the cloud built for hybrid environments FortiGuard Security Integration Across the Security Fabric FortlGate Coordinated Real-Time Prevention Continuously assess the risks and automatically respond and counter known and unknown threats Q. soc * (HWNM/SASEI Proxy FortlTrust XOR FortlWeb FortlMail FortlADC Platforms FortlNDR ® Antivirus & & & & & & & & ILSBX & & & & & bl Credential Stuffing & & & & ~ URL & & & & & & & DNS & & & & IP·REP & & & Newin DVCPROT & FortiOS 7.2 IPS & & & & NEW FortiSandbox BOT/C2 & & & & & lnline Blocking WAF SIG & ANN & NEW loT/ IT Device protectior AntiSpam & NEW Dedicated IPS MITRE ATT&CK & & NEW SOC as a Service Threat Hunting & & NEW Outbreak Detection Auto IR & & Outbreak & & & Enhanced Web Security loC & & & More FortiGuard subscription services are available across our broad Security Fabric portfolio of solutions Learn more at Fortinet.com/fortiguard .. FortiOS -The Foundation of the Security Learn more at Fortinet.com/fortiOS FortiOS is the foundation of the Fortinet Security Fabric, converging and consolidating many security and networking technologies and use cases into a simplified, single policy, and management framework . What's New In FortiOS 7.2 eg o FortiGate SD-WAN ~m FortiGate Firewall gg a SD-Branch !!Iii LAN Edge CCJC Automated Overlay □Cl □ FortiGate is the first □CJ □ Automation, simplified □CJ □ Zero Touch Provisioning Orchestration and next-generation firewall Deployment, and Campus and Large-Scale Large Scale Zero Touch to support HTTP/3 .0 Orchestration for Global SD-Branch Provisioning Scale management ~i ZTNA l•lt.un J FortiToken / @ SASE ~E[] Identity Unified Policy Configuration FortiToken Cloud Automated provisioning of Zero Touch Provisioning in a Single GUI Fido-based passwordless ZTNA agents & Apps from Campus and Large-Scale Authentication FortiSASE SD-Branch FortiCare -Expertise At Your Service Learn more at Fortinet.com/support ® • ., FortiCare Services help thousands of organizations every year to get the most out of their Fortinet Security Fabric solutions . We have over 1,400 experts providing accelerated implementation, reliable assistance, and proactive care through advanced support and professional services to maximize your security and performance. 1400+ EXPERTS 24X7 TECHNICAL SUPPORT 23 GLOBAL SUPPORT CENTERS Adopting new technologies is not a project with a start and a finish. Instead, it is a journey from design and implementation to optimization, operations, and ongoing management of the solution. Fortinet has you covered every step of the way, freeing up your resources to focus on your business needs . ~ ~ ~ ~ ~ Design Deploy Operate Optimize Evolve Business Accelerated Reliable Performance Personalized Alignment Implementation Assistance Excellence Care • High-level design • Migration • 24x7 Support • Health checks • Product upgrade • Low-level design • Configuration • Premium hardware • Software upgrade assistance • Product-agnostic • Implementation replacement recommendation • Transformation workshops • Technical account • Incident readiness readiness • Validation • Knowledge Transfer management • Penetration testing • Migration & • Proactive Incident replacement avoidance • Software upgrade • Ded i cated resources Training and Certifications Fortinet NSE Certification Program The Fortinet Network Security Expert (NSE) Certification Program is an 8-level training and assessment program designed for customers, partners, and employees to help close the cybersecurity skills gap. With over 840,000 security certifications to date, Fortinet delivers expert-level training in local languages in 136 countries and territories worldwide through our ecosystem of Authorized Training Centers, academic partners, and a variety of online options (many of them free of charge). Fortinet Training & Education Partner Program!: The Fortinet Training lnstitute's ecosystem of public and private partnerships help Fortinet address the skills gap by increasing the access and reach of our cybersecurity certifications and training. The Academic Partner program works with academic institutions including K-12 and higher education. The Education Outreach program partners with industry, academia, government and nonprofits to reach a broad population, in 94 countries and territories, while also focusing on recruiting women, minorities, veterans, and other underrepresented groups. 930,000+ Till 471 29 CERTIFICATIONS ~ A CADE MIES PARTNERS Information Security Awareness Analyst EDUCATION OUTREACH PARTNERS • Learn about today's cyberthreats and how you can secure your information . Develop a detailed understanding of how to implement network security management and analytics. Security Associate Specialist • Learn about security solutions that have been created to address security problems faced by organizations . • Develop an understanding of the Security Fabric products that augment FortiGate, providing deeper and more comprehensive network security. Security Associate Architect • Learn about the key Fortinet products and the cybersecurity problems they address . • Develop the knowledge required to integrate Fortinet products into network security solution deployment and administration. Professional Expert • Develop the knowledge required to manage the day-to-day configuration, monitoring, and operation of FortiGate devices to support corporate network security policies. Demonstrate the ability to design, configure, install, and troubleshoot a comprehensive network security solution in a live environment. Learn more at Fortinet.com/nse-tralning Figures as of June 30, 2022 New Fortinet Security Awareness and Training Service The Security Awareness and Training service offers every organization the ability to further protect their critical digital assets from cyber threats by building employee cybersecurity awareness and creating a cyber-aware culture. Free cybersecurity awareness and training for all U.S. School Districts At the National Cyber Workforce and Education Summit at the White House on July 19, 2022, Fortinet announced it is offering a customized academic version of its Security Awareness and Training service free to all U.S school districts starting with more than 8 million staff and faculty. This offering is part of Fortinet's mission to help close the cybersecurity skills gap. Our Pledge to Train 1 Million People by 2026 Fortinet has pledged to train 1 million people globally over 5 years through its Training Advancement Agenda (TAA) and Fortinet Training Institute programs to help close the cybersecurity skills gap. January 2022 marked the start of this five-year pledge that will use Fortinet's award-winning certification program content as the basis for meeting this goal. The Fortinet Training Institute has been recognized by various organizations for our contribution to excellence in cybersecurity training and certification as well as our many programs that help close the cybersecurity skills gap. CYIIR SICURITY OLOUL IXCILLINCI 10 Our Global Partner Commitment Fortinet is a channel-centric company that has created a large, global network of trusted advisors that customers can rely on to secure their digital transformation and strategically drive their business growth. ENGAGE ao,ooo+ F Ci RTlnET. PARTNER PROGRAM ACTIVE PARTNERS The Engage Partner Program is designed to help partners built a valuable, highly-differentiated security practice that leverages the industry's best solutions to drive customer success. Fortinet's global partner program is driven by three basic concepts: Growth Through Technology Differentiation Fortinet's breadth of products are tightly integrated into one highly-automated, high-performing platform that spans endpoint, network, and cloud, and includes tools to easily connect with adjacent technologies. Analyst Recognition • Network Firewall • DEM • SD-WAN • VPN • WLAN/LAN • NAC • Endpoint • EMAIL • SIEM • IRM • WAAP • XDR • Indoor Location • SOAR Services • Indoor Location Services • Enterprise • WAF Email Security • All-In-One • ICS ZeroTrust • Endpoint Edge Detection and • Software- Response Defined WAN • Enterprise • Endpoint Firewalls Detection and Response • Enterprise EmailSecurity • IT/OT Security • SIEM Platform • ICS Business Success with Proven Credibility Fortinet's superior technology innovation and industry leading threat intelligence, alongside our customer ratings and independent analyst reports leadership validates and differentiates our partners' offerings. Long-term, Sustained Growth The Engage Partner Program offers sustained sales, marketing, and executive support so you can grow productive, predictable, and successful relationships. With drivers of growth built into the program, like our Specializations, we provide paths to expertise for solutions that are driving demand in the market -ensuring you are positioned for success. f:I SPECIALIZATION SD-WAN i:i SPECIALIZATION Data Center i:i SPECIALIZATION LAN Edge and SD-Branch i:i SPECIALIZATION Zero Trust Access i:! SPECIALIZATION Operational Technology 0 SPECIALIZATION Security Operations 0 SPECIALIZATION Adaptive Cloud Security Network Firewall ■•N_etwork Firewall • Data-Center Edge • WLAN/LAN • Distributed Edge Access Infrastructure SD-WAN • Email Security • Security w/ • WAN Edge Infrastructure SD-WAN • Small Branch WAN • Remote Workforce • SD-WAN • Worldwide • Critical SD-WAN Infrastructure Infrastructure •SWG • Modern • NAC Endpoint • WAN Edge Infrastructure • North America Healthcare • Security Service Access (SSA) - Forward Mover • Zero-Trust Network Access (ZTNA) -Fast Mover Gartner: Fortinet is recognized as a LEADER in 2 Gartner® 2021 Magic Quadrant™ Reports: Network Firewalls WAN Edge Infrastructure Fortinet is also recognized in 4 additional Gartner 2021 Magic Quadrant Reports, including a wide range of technologies: And Fortinet is an 'Honorable Mention' in 2 additional Gartner 2020/2021 Magic Quadrant Reports: {0 (<•>) Web Application and API Protection Wired and WLAN Secure Web Gateway Learn more at Fortinet.com/solutions/gartner-magic-quadrants ~ SIEM Endpoint ill Protection Platforms Indoor Location Services GARTNER and MAGIC OUA0RAMT are registered trademarV.s and service marf:s of Ganner, Inc and/or its aff1hates m the US and m1ernauonally and are used herein with permission All nghts reserved Gartner Peer Insights content consists of the opinions of md1v1dual end users based on their own experiences with the vendors hsted on the platform, should not be construed as statements of fact, nor do they represent the vcews of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted m this content nor mal-.es any warranties, e.(pressed or 1mp11ed, with respect to this content, about its accuracy or completeness. mcludmg an;• warranties of merchantability or fitness for a particular purpose Third Party Testing and Certifications Fortinet submits its products for impartial, third party performance and effectiveness testing with the most prominent organizations in the industry, with consistent positive results. virus 11 1111ilti • Only vendor w ith all three VB100, VBSpam, and VBWeb certifications • Highest "VBSpam+" rating • Antiphishing Approved ~labs ~ MITRE Certified in 5 technology areas: • Anti-Malware Network • Network Firewall • IPsec VPN • Web Application Firewall • Advanced Threat Defense 100% Protection, 2 Years in a Row • All Test Cases • All Signature-Independent • Top Analytical Detection .. CUSTOMER RECOGNITION Gartner Peer Insights Customers' Choice distinctions are based on the ratings of vendors by verified end-user professionals across a variety of industries and from locations around the world. These distinctions take into account both the number of end-user reviews a vendor receives, along with the overall ratings score a vendor receives from those end users. Fortinet is proud to be named a Gartner Peer Insights Customers' Choice in several critical areas: .. t ..._ ~-..... hts ~ Customers' ~• Choice2022 ..... f Network Firewalls Wired and Wireless LAN Access Infrastructure Email Security WAN Edge Infrastructure See our Gartner Peer Insights reviews and distinctions at www.gartner.com/reviews Garlner Gartner Peer Insights Vo1ce of the Customer' Network Firewalls, Peer Contributors, 9 April 2021 Gartner Gartner Peer Insights Voice of the Customer· Wired and Wireless lAN Access Infrastructure, Peer Conuibutors, 12 May 2021 Gartner, Gartner Peer Insights Voice of the Customer·· Ema I Secu11ty, Peer Contributors, 5 February 2021 Garlner, Gartner Peer Insights Voice of the Customer': WAN Edge Infrastructure, Peer Contributors, 5 February 2021 Tne GARTNER PEER INSIGHTS CUSTOMERS" CHOICE badge Is a uademark and service mark of Gartner, Inc and/or its afflhates and 1s used herem with perm1ss1on All rights reserved. Gartner Peer Insights Customers' Choice constitute the subjective opinions of mdividual end·user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates. Fortinet secures over half a million enterprises, service providers, and government organizations around the world. 5th largest airline in the United States. HQ: United States Checkers A chain of double drive-thru restaurants in the United States. The company operates Checkers and Rally's restaurants in 28 states, and the District of Columbia. HQ: United States HUGHES. A global leader in managed services providing end-to-end fully managed cybersecurity, networking, and digital signage solutions tailored to the unique business requirements of today's enterprise. HQ: United States JJlL Region Stockholm Sweden's largest regional health provider. HQ: Sweden UNIVERSITYoF BIRMINGHAM One of the UK's largest universities, the University of Birmingham is over 100 years old with over 30,000 students across the world. HQ: United Kingdom Business Services Orange is one of the world's leading telecommunications operators and global provider of IT and telecommunication services. HQ: France Visit Fortinet.com/Customers to see how many of our customers benefit from Fortinet solutions and the Fortinet Security Fabric. SoftBank SoftBank is a multinational conglomerate that aspires to drive towards digital transformation. HQ: Japan We lab Provider of online financial services to more than 42 million individual users and more than 300 corporate users in Hong Kong, Mainland China, and Indonesia. HQ: Hong Kong • macQuane CLOUD SERVICES Provider of flexible hybrid IT solutions for business and government. HQ: Austrailia Cop_mgni. Q 2022 i=ortine· 1--c .~11 , gms res-;:r ,~ci Fcrl1ne· ::on_ Gate~ Fon.1C-:re-;,nd Fort1G'JCHci • d:ld certain ot1ei m<n~s ire reg •;tereo uacJem,·:·..:s oi Fo·· 1 .... • 11, -:--·cl o·h,::,.• Fe·· '1e· 1 : ...... ,es 'l>2re,1 'Tl-i~ also oe ·s-g1sterea a:ic/o· c "'lmon l~·.v t·acferr,J•.._s of FonmeL .;11 ot:1er o;,:.d'JCt or cornpon·, n;:-:mes mov be i.rdd<?mc:r~s of ·ne1r resp'?ctr,e ov:ner~ Pe·"·r,.,..vn ° 1,0 ·ne-r.:>·• 01\a red "wen e·e .1t..:iineo in lntemal IJi) tests J1(1er tieal cor,liticns, J:"l<i astual pe.forr.-,i:Jnce ano otrier res:...:lls rr.z-:1 va~J i\:ei:\\'Crl: ·,~HiaulE:s, rnifeeni: rtt·.-,or;., en, ·0nrei1::, an<: ol"'P' com: l n . ...,.a~ a::ect c2'f.Y"lar !; r':'.;.uli.3 Noi.ning ne·21n reo·csen;:~ an,1 o ro ng comrr-.itment iJy Fortinet, aici Fc•rt111et 01sc/a1ms all war:antis-s, \-.r:<:-tn=r c:q:;r2ss o: 1mpl eci 2,cepi. i.•J i.f''= e:ce·r ~ • 12· ei·e·s at) 1c11q wr i.i.e" C0'1i:ra::· s1gneo oy Forunel's Ge:-:eral Cov1sel '" tn a ouc'1aser tnat e (u·essly ,·..-a~rants that tne mem1i1Ed prcuuct '" II 1;er!orm accord ng to certe11n e:,pressly-l(ie'lt I ed oe·· ,·ma,~c. 'llet· a10 "'such e ,e1r cnl1 me soec fie ~erfor:":",a ... ,ce rr-etncs e,:Yessly oer·: eu 1n sucn 01r.(i1;;g \-.riti.en cor.iract snall t.e Oino1ng :,:"1 Fon.,ret Fer abschJi:e clar,i.J' an1 s1..cn war·arty .'.111 Le IT ·eu ·o ce·:cr,....a1ce ........ e sa--e oeal c.on(J • ens JS in Fcrtinei.'5 ntem,il ldb t~s•.s Fo·· 1e· d15cl;:1rns 1n full an_1 coven;:nts, repre5entairons, ano gu<:ran~e'=S Pl!~S•Jc::-it he'ei.o, netner et.pr<=s5 o· "lr.l eo ·'='" d -i -11 e· '1QS r1e'lt Oie':.i 'le'e -i ---.1~ nOi. oe generallv cn:dJhle ano Fo:· net rese·1 ·es :ne ngnt to r:ria:1ge, mod1iv, uansier or oth~r • 1se re•11se i:h1s oui~l·c.-:iuon without nJttce, and ·'le rrosl CJr'"?'l' 1e· -i ::/ t"e rL-cl o· :.-i sr-dll o.::-<.:0!:1 ,:rnle 0e11s or 02 / 2022 v2 07.1]6 22 FortiCare Services Technical Support, Advanced Services, and Professional Services q p o-O -o d b r£1 ~ Hit the ground running with new capabilities Fast-track return on investment with streamlined migration and deployment Get expert help when you need it Accelerate incident resolution and maximize efficacy with 24x7 assistance from technical experts Enhance your security with tailored guidance Increase productivity and avoid incidents with operational reviews, account planning, and upgrade assistance Confidence in Your Investment Businesses are making huge investments in security and Fortinet Security Fabric technologies to provide essential services critical to securing their most valuable assets. Organizations often lack the in-house expertise or resources for initial deployment, product support, and ongoing operations. At Fortinet, we understand these challenges and provide FortiCare Serv ices to th ousands of organ izations every year to address them. We want organizations to feel conf ident that they are max imizing the value of their investments quickly and realizing efficiency and efficacy ga ins over t ime. Whether migrating to a Fortinet Next-Generation Firewall (NGFW), implement ing software- defined wide-area networking (SD-WAN ) to protect your branch locations, or automating security operations functions, we w ill w ork with you to match the proper services with your unique business needs. We are ded icated to your success and provide the expertise you need when you need it. Services Forti Care Support Services is per-device support services, and it provides customers access to over 1,400 experts to ensure efficient and effective operations and maintenance of their Fortinet capabilities. Global technical support is offered 24x7 with flexible add-ons, including enhanced service level agreements (SLAs) and premium hardware replacement through 200+ in-country depots. Advanced Services is account-based services, and provides high-touch account management and business guidance through designated resources to meet the needs of enterprises and service providers. Additionally, Enterprise Support Agreements (ESAs) are available to simplify consumption of the services. ® -., Expertise at Your Service ■ 24x7 Global Support ■ 1,400+ NSE and Industry Certified Global Resources ■ 3 Regional Centers of Expertise ■ 23 Support Centers ■ 40 Regional Depots ■ 200+ In-country Depots ■ 4-hour Expedited Hardware Replacement Availability FortiCare Worldwide 24x7 Support support. fortinet.com FortiCare Services Technical Support, Advanced Services, and Professional Services ________ _ Professional Services provides accelerated implementation and configuration optimization through QuickStart or custom engagements leveraging the services of highly skilled experts to promote first-time accuracy and avoid costly post-deployment issues. The Journey Adopting new technologies is not a project with a start and a finish. Instead, it is a journey from design and implementation to operations, optimization, and ongoing management of the solution. Fortinet has you covered every step of the way, freeing up your resources to focus on your business. Feature Highlights: Technical Support Organizations depend on Fortinet solutions to provide critical services. If any issues arise, they need to be addressed quickly to help ensure security and business continuity. Flexible support options help organizations maximize uptime, security, and performance according to the individual needs of each business. Fortinet offers three different per-device support options to meet the needs of different devices, i.e., FortiCare Essential, FortiCare Premium, and FortiCare Elite. Organizations have the flexibility to buy different levels of service for different devices based on their needs. FortiCare Essential FortiCare Essential is the base-level service, and it is targeted toward devices that require a limited amount of support and can tolerate next-business-day, web-only response for critical as well as non-critical issues. This service is only offered to FortiGate models 8x and below and to low-end FortiWifi devices. .... • • ..... FortiCare Premium FortiCare Premium is targeted toward devices that require 24x7x365 with one-hour response for critical issues and the next business-day response for non-critical issues. FortiCare Elite FortiCare Elite services offers enhanced service-level agreements (SLAs) and accelerated issue resolution. This advanced support offering provides access to a dedicated support team. Single-touch ticket handling by the expert technical team streamlines resolution. This option also provides Extended End-of-Engineering-Support (EoE's) of 18 months for added flexibility and access to the new FortiCare Elite Portal. This intuitive portal provides a single unified view of device and security health . 2 FortiCare Services Technical Support, Advanced Services, and Professional Services FortiCare Service Offerings RMA Web Support Telephone Support Firmware Updates Asset Management Portal Response Time (Crit ical Issue) Response Time (Non-c ri t ical Issue) Extended End -of-Engine ering-Support (E-EoES) for Long Term Suppo rted Firmware (LTS) of 18 months* Device Ins ights and Monitoring Portal (FortiCare Elite Portal) • Currently ava ilabl e fo r FortiGate only FortiCare ESSENTIAL Return and replace only .., .., .., Next business day Next business day Advan ced re placem ent (P RMA availa b le) .., .., .., 1 hour Next bus iness day Advanced replacement (PRMA available) .., .., .., 15 mins 2 business hours .., .., For tiCar e Services is provided by the support teams located in the three regional Technical Assistance Centers (TACs) and three regi onal Centers of Excellence (COE). Fortinet Technical Assistance Centers ~ Regional COE: ■ Vancouver ••• . -••• ■ Sophia Antipolis ■ Kuala Lumpur ~ AMER Regional TAC: ■ Ottawa ■ Sunrise ■ Chicago ■ Mexico City ■ Sunnyvale ■ Bogota ■ Plano ■ Uberlandia EMEA Regional TAC : ■ Bangalore ■ Prague ~ APAC Regional TAC : ■ Beijing ■ Tokyo ■ Dubai ■ Lisbon ■ Sydney ■ Manila ■ Frankfurt ■ Tel Aviv ■ Seoul ■ Singapore 3 FortiCare Services Technical Support, Advanced Services, and Professional Services Self-service Resources For expedited answers, Fortinet maintains ample self-service resources to get you the answers you need, fast. All the answers to your questions are now in one place. The Fortinet community is a knowledge-sharing hub for customers, partners, Fortinet experts, and colleagues. The community is a place to collaborate , share insights and experiences, and get answers to questions. community.fortinet.com Feature Highlights: Advanced Services For enhanced security and tailored guidance, FortiCare Advanced Services gives you direct assistance from technical experts who know your business and can help accelerate issue resolution. With designated account management and service delivery, you can focus on your business while we focus on your success. Entitlements vary by level but can include: 'J l lJ-11!.IC:.'. ,\•fi.:,t·· ,., r ;•J,11lh 1· ·1 •J:l;l•;·' Annual Training Package .... • • .... for focused resolution of rncomrng technical support issues. annual service and performance review. Quarterly operational review to cover technical ticket statistics, quality issues, overall ongoing ticket analysis, product life cycle, ongoing activity, and 90-day project planning. of crit1tal incidents (Priority-1 and Priority-2) related to Fortinet appliances. which may include software recommendation, upgrade testing, and planning assistance. for remote after-hours assistance, product upgrade assistance, and software recommendations. including NSE 4 and NSE 5 training and certification vouchers . 4 FortiCare Services Technical Support, Advanced Services, and Professional Services Enterprise Services offerings come in four levels: Premium, Business, First, and Global First .. Techn ical Support 24x7x365 24x7x365 Direct Access to ASE Team Designated ASE Enhanced Reponse SLA v' Bus iness Rev iew Biannual Account Planning Dev ice Performance Adv ic e Dev ice Configura tion Adv ice Root Cause Analys is Pl NSE 4 Train ing & Certificati on 3 3 NSE 5 Tra ining & Certification 3 Advanced Serv ices Po ints 6 Service Provider offerings come in two levels: Select and Elite. Benefits vary by level. ••• • • ..... Techn ical Support Direct Access to ASE Team Enhanced Repon se SLA Business Review Account Planning Performance /Configuration Advice Desi gnated Relat ionsh ip Manager 18-month Extended Firmware Lab Testing Upgrade Assistance Root Cause Analys is NSE 4 Training & Certi fi cation NSE 5 Tra ining & Certification Advanced Services Po ints 24x?x36 5 v' v' v' v 5 Days P1/P2 3 3 6 24x7x365 Lead TAM v Quarterly v' v' v' v' 5 Days 2 Products P1/P2 5 5 12 24x7x365 Lead TAM v' Quarterly v' v' v' P1/P2 5 5 16 24x?x365 3 Regional TAMs v' Quarterly v' v' v' P1/P2 15 15 48 24x?x365 Lead TAM v Quarterly v' v' v' v' 15 Days 6 Products P1/P2 15 15 36 5 FortiCare Services I Technical Support, Advanced Services, and Professional Services -----''-------------------------------- In addition, Global First for Enterprises and Global Elite for Service Providers are available to extend the geographical coverage of the service. These service levels provide a designated lead engineer per region covering EMEA, Americas, and Asia Pacific. The service features, as described in the First service, are provided within each region with global coordination. Feature Highlights: Professional Services As networks and threats rapidly evolve, it's critical to make sure security capabilities can keep up. Given the global cybersecurity skills shortage, today's organizations often lack the in-house expertise or enough staff to deploy, operate, and maintain the new technologies required to close security gaps. FortiCare Professional Services delivers expert help to ensure Fortinet deployments are optimized for each customer's unique needs. Professional Services provides Design, Deploy, Operate , Optimize, and Evolve services. In addition, Professional Services also offers product-agnostic consulting services. Evolve Personalized Care Product Upgrade Assistance Transformation Readiness Migration and Replacement Lab Testing Optimize Performance Excellence Health Checks Software Upgrade Recommendation Incident Readiness Penetration Testing I Design ~ Business Alignment Hi gh-level Design Lo w-level Design Product-agnostic Workshops Site Survey Deploy Acceleated Implementation M igration Configuration Validation Knowledge Transfer Operate Reliable Assi stance Resi dent Engineer • Train in g Key benefits to engaging Fortinet Professional Services: ••• . -..... Hit the ground running with new capabilities , achieve faster time-to-value with streamlined expert deployment of Fortinet products and solutions . Achieve increased uptime by leveraging subjec t matter experts who can proactively review changes, performance, and policies for reliability and sustained security. Supplement in-house teams with dedicated resources that can bring industry expertise to perform upgrades or handle technical incidents. Increase staff productivity by offloading redundant operational tasks including configurations to Fortinet domain experts who know your business 6 FortiCare Services Technical Support, Advanced Services, and Professional Services Cybersecurity Advisory and Consulting Services allow our experts to partner with business leaders, helping organizations be at their best through this ever-changing environment. Fortinet experts discover existing security posture elements through a vendor-agnostic approach; align findings to business goals, strategic objectives, and compliance requirements; and guide existing projects and future planning toward framework maturity. ~ Discover ~ Align Ed Guide Business Goals Security Framework . Architectural Design Security Posture Compliance Requirements Operational Practices Systems/Objectives Strategic Objectives Maturity Roadmap FortiGuard Labs Consulting Consulting services are designed to help your organization address your specific threat landscapes and improve your organization's ability to use threat intelligence to meet that challenge. These services leverage the expertise and experience of the FortiGuard Labs team and provide the answers to the questions organizations are asking most: Threats What are the most important threats on which I should focus? Environment Is my environment as secure as it needs to be? cCb q___j.l Operations Are my people properly trained to defend us against the threats we face? www.fortinet.com CupµuJl1t O 2022 Full nt:t I•·• Al l r ghls reser,,,N Fufl, ti' F.rt1Gate" Fort,C,Ht! a ,J F.,11,G ,ard" and certo:r uther ffidrls att: reg•Sh~r,:d U,h.l,;> a,:.s of Fvrt• et, loc, <1 ! d Olht!I Funmt:I ar es h<!r,: , m.i, .itsu I.Ii: f<::,)•Sh:1.:-J al'l'J (\lf cummun lar; tradema1ls ul Furtmet .All ulh,:r prutJuct or company name ~ may be trademari., of the,, respe :1,.e O-Nners Performance and other metr <.s :ontameO l'u!1e1n were attained m ,ntemal lab te ots unde1 Ideal cond,uor s and actual pe1!01mance and other res ins m11y .ary rletwor~ vauables, dJlerent net...,ori.. en,·1ronments and other cond11,ons may allccl per!o1mance results Not~•n<J h • c n represents an;· bmd,ng comm 1ment bi Fott net, and Fort nel d1scra1ms a• wa11an:1 i:s -,..hcther e,press or 1mp•ed. c, ept to the e)tent Fort met en1crs a b ·ndm<J w1,uen con11ac1 , s1qned b/' Fo111ners General Counsel. with ,1 purchase, that e•pressl:, ,.,,1uants lhat the K1en1 fled product v. perform acco1d1nsi to certa n e,p1essl)•ldent,I ed pe,formance metrics and ,n such e.-ent ,)l'ly the spe-c,l,c perto,mance metrics e,pressl)· Klent,f,ed in such b nd:ng ,•mu..-n ccn11act snan ti! b:nd~HJ on Fon.net For absolute clanty, an; such Willlilnly v.1n be 1,m,tecl to performance n lhe same -deal t cncl1hons as n Fort,ners nternal lab tests Fort,net d,sclil•ms n fun an1 ~o,enal'lls 1epresentat1ons and guarantees pursuant hereto, ..,hether e~pres , or mpl,ed Fort•llet reserves 1he11ght to change. mod,fy. tri1nsle1, 01 otherwise rev,se lh1S pue~cat,on ·,•,,thou\ notice ill".d ine m-:1st '"'nelll ven-,n ol tne pue•ca\lon shal oe apphcat>le Apr,1 29 2022 12 09 Pl.I 150J571-0-0-EN F :::RTlnET. 2H'21 BROCHURE Fortinet Product Certifications I I BROCHURE Fortinet Product Certifications Fortinet Product Certifications Organizations looking to expand, upgrade, or replace their security solutions often find themselves struggling to compare solutions from different vendors. In addition to consistent information about features and functions, they also need information about the compliance and certification level of individual solutions and whether they will enable them to meet regulatory requ irements. To help companies navigate this process, third-party labs and aud itors conduct independent testing to enable a fair comparison between products for things like performance, compliance, and functionality. Using industry standards and advanced benchmarking technologies, such as independent validation of products and services, is essential for businesses to evaluate whether a solut ion will meet their unique business requirements. Third-party Testing Fortinet has actively participated in third-party testing since we first opened our doors. We are comm itted to the testing and certification process and believe that it provides three key benefits: • It validates our design and development process. Third-party labs set standards for functionality, performance, and real-world use cases that help drive the development of key features. Certifications At-a-Glance • Fortinet's commitment to innovation and excellence has earned the respect of independent test labs around the world • 25+ years of consistent testing and compl iance • A wide range of global certifications across verticals ■ It helps improve our technology. Direct feedback from standardized benchmark testing helps us in our effort to continually improve our technologies. • It allows our customers to easily compare our technologies against solutions from other vendors. Annual testing helps us set the bar higher every year, with the objective of achieving a leadership position in every test in which we participate. Certifications and Regulatory Compliance Public and private sector organizations alike require solutions that meet regulatory and compliance requirements. Fortinet is committed to meeting a wide range of national, regional, and international requirements, and we subject our solutions and services to independent third-party audits and testing to guarantee compliance. The Fortinet Certifications Resource Center (CRC) Fortinet's CRC is the repository for product compliance reports, certifications, and independent validation results from unbiased agencies. The scope of Fortinet's product certifications includes the following categories: Product Certifications i ..... i • • • • • Independent lab testing of Fortinet products using industry standards, best practices, and real-world testing environments ..... --..... Information Security Certifications and examinations of Fortinet's infrastructure security and networking solutions Compliance Certifications attesting to Fortinet products' compliance with public sector regulatory frameworks and standards 2 BROCHURE I Fortinet Product Certifications Product Certifications Overview Category Certification Description ' Latest Publication Date Product Certifications Information Security Government Regulations ••• •• ..... r 1 ICSA Labs AV-Comparatives SE Labs MEF 3 0 ICSA Labs is an independent division of Verizon. They provide third-party testing and certification of security and health-related IT products and network-connected devices to measure product compliance, reliability , and performance. AV-Comparatives is an independent lab offering systematic testing to determine whether security software-such as PC/Mac-based antivirus products and mobile security solutions-lives up to its claims. Using one of the largest sample collections in the world, they create a real-world environment for truly accurate testing. Certification by AV-Comparatives provides a globally recognized seal of approval for software performance SE Labs tests a range of solutions, including endpoint software, network appliances, and cloud services, on their ability to detect attacks, protect against intrusions, or both. MEF 3.0 is an SD-WAN Certification Program that uses Spirent as their SD- WAN Authorized Certification and Test Partner (ACTP). Certification involves rigorous tests of the service attributes and requirements defined in MEF 70 and described in detail in the upcoming MEF SD-WAN Certif1cat1on Test Requirements (MEF W90) standard. IPsec VPN Firewall WAF 08/10/2021 08/25/2021 09/27/2021 Business Security Test: Mar-Jun 2021 Email Security Services Protection: Jan-Mar 2020 MEF 3.0 SD-WAN: Jun 2020 VB is a world leader in security software testing. Their publicly available test VBSpam Sept 2021 Sept 2021 Virus Bulletin reports cover anti-malware protections of all types as well as enterprise-level email and web security solutions. VB100 MITRE Engenuity's ATT&CK"' evaluations assess the ability of a vendor's solutions to defend against specific adversary tactics and techniques. They openly publish these results to provide end-users with the information needed to make good purchasing decisions. These evaluations are not a competitive MITRE Engenu1ty analysis. There are no scores, rankings, or ratings. Instead , they show how each vendor approaches threat detection in the context of the MITRE ATT&CK knowledge base to provide an unbiased assessment of detection and protection capabilities and highlight potential gaps to drive the industry forward Round 3. Fin l /Carbanak: SOC2 Is an audit ing procedure that ensures that service providers securely manage their customers' data. It covers their security, availability, processing SOC2 integrity, confidentiality, and/or privacy controls. Compliance is based on the AICPA's (American Institute of Certified Public Accountants) TSC (Trust Services Criteria). ISO/IEC 27001 Is an International standard for managing information security. It Apr 2021 SOC2 Type 2: Apr-Sept 2021 defines requirements and controls for establishing, implementing, maintaining, ISO /IEC 27001: ISO and continually improving an organization's Information Security Management Jun 2021-Jun 2024 FIPS Validated Common Criteria System (ISMS). The Federal Information Processing Standard 140-2 (FIPS 140-2) is an 1nformat1on technology se c urity accred itation program for validating cryptographic modules developed by vendors that meet well-defined security standards. Common Criteria is an international standard (ISO/IEC 15408) operated by 17 certificate-authorizing nations. 31 countries have accepted it for their respective government acquisition requirements for their IT/networking infrastructures. FIPS 140-2 Aug 2021 Level 1 FIPS 140-2 Sept 2021 Level 2 CC EAL4+ Oct 2021 FWcPP+IPS Jan 2021 +VPN 3 BROCHURE Fortinet Product Certifications Summary Fortinet is committed to the independent testing and cert1ficat1on of its products and services . ICSA, AV-Comparatives, Virus Bulletin, and other independent testing organizations have consistently validated the effectiveness of Fortinet solutions . Fortinet earned ICSA's prestigious Excellence in Information Security Testing (EIST) award for 15 years of participation in 2017 and has been recognized by ICSA for outstanding achievement in information security certification testing 10 years in a row. "Real-world third-party validation is an essential resource for enterprises considering security products, helping to cut through the confusion that can be caused by vendor marketing. Fortinet relies on a variety of third-party testing and compliance labs to provide reliable information to organizations making critical security purchasing decisions. They also demonstrate Fortinet's commitment to meeting high industry standards for security detection, performance, reliability, management, and value." -Fortinet CEO Ken Xie F :::RTlnET: www.forti net.com Cop1r,ght o 1011 Foninct. roe Al nghls res~11cd Fortincl'. Fc111Gatc", For1,C,11c• iina Fort•Guard', and certain O1hc1 m.:111,,s a,'! ,cg,stcrca cra<Jemar~ s of FoniriN, In..:, and othc, Fo,tinct names herein mar .ibo b(! 1eg1stcrcd and/or common laH iradcmar~s ol Fo11,nc1 AD othe1 prOduCl 01 company names ma/ DC uaclcmar1-s ol theu rcspcct,vc o-... ncu. Pc1fo,mance and othe1 mc111es contained herein "t,Cic a11,u1Cd ,n ,nicrnal lat) tests under Klcal cond,IIOl'IS. and actual pc,lcnmancc and other ,csults ma)· vary. Nct...-oik vauablcs, d,lfc1cnt nc1wo1i.. cnv1ton~nu ami other CQni:i.i,ons ma:1 allect p~1lormance results Nothing herein iel)l'esen1s ani' t,,l'ld,n,g comm11rr.en1 bf Fonifle1, and Fo11ine1 d1scl.l1ms alv.a1tantiH, ... h•tner eip1ess or 1mphed, e,cepl 10 tne exten1 Fo1!,ne1 enters a b1nd:ng \~ritten contrac1, si!JMd bJ Foruners General C'JUllStl. \\,th a pu1ch,ne1 1n11 e,p,euty warrants lhi!ll th! iden1d1ed p1o<hJ>:l 1~111 pe1lo1m accoro,ng 10 c•ita n e,i::ressly•idenh!i!'O perlorman,:e mtlti'CS and. in such e,ent. onry tne spec1l,c perlorman,:e me11,cs elpitssty ident,lleCI ,n sucn bin':l.ng 11ri1ten contract snaa be btlKll/1';1 on For1o11et t-or atiiOlute clanty. any su<:n wauanty w11 te htmted 10 P!rformaw.:'! m 1ne sam! ul'e•lcon<ht1cns ,s,n Fortinets ,ntemal lab 1!515 Fortmel a,s.cl.l,ms in fun any co~enants, 1eprnen1a1,ons, an,;t guatantees puauan1 ne,!to .... ne1r,er e1preu or 1mi;l1!<1 Forto11et ,eser\·es tl'le rigrit 10 cnar,,ge, m001fy. tr,1n1;fe1, Ot otner ... 1se If JI$! tl'l,5 flUtl)CJl1:X, ... itnout notl'CP.. and lhP. mo,1 CU!t@nl Ve!'il!ln of \M ruNC-'hOn Shal be .tl'l)lie.ablP. Oecemtitl 1/, 2'.)1194/AIA IJ8'J66S·O·O·Etl F :::RTlnET Product License Agreement/ EUlA and Warranty Terms Product License Agreement The parties to th!$ ,;crffment ~re you (the end-customer) and Fortinel, Inc, rFortlne11. CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT (THE OR THIS ~AGREEMENT"' OR ~EuLA•J US£0R INSTALLATION Of FORTINET PRODUCT(S) ANO ANY UPDATES THERETO, INCLUDING HARDWARE APPLIANCE PRODUCTS, sonwARE AND FIRMWARE INQ.UDED THEREIN BY FORTIN ET, ANO STANO-ALONE SOFTWARE PRODUCTS SOLO BY FORTI NET (TOGETHER, THE "PRODUCTS~) CONSTITUTES ACCEPTANCE BY YOU OF THE TERMS IN THIS AGREEMENT, AS AMENDED OR UPDATED FROM TIME TO TIME IN FORTI NETS 01SCA£TION BY FORTINET PUBLISHING AN AMENDED OR UPDATED VERSION. FORTINET SHALL NOT BE BOUND BY ANY AOOITIONALAND/OR CONFLICTING PROVISIONS IN ANY ORDER, RflfASE,ACCEPTANCE OR OTHER WRITTEN CORRESPONDENCE OR OTHER WRITTEN OR VERBAL COMMUNICATION UNLESS EXPRESSLY AGREED TO IN A WRITING SIGNED BY THE GENERAL COUNSEL OF FORTIN ET. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, DO NOT START THE INSTALLATION PROCESS OR USE THE PROOUCTS. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, YOU SHOULD IMMEDIATELY, ANO IN NO MNT lATER THAN FIVE (S) CALENDAR DAYS AFTER YOUR REalPT OF THE PROOUCT,IMMEOIATELY NOTIFY i:c>RTINIT UGAL L[GAL@fORT!NH COM OF REQU(STEO EULA CHANGES. 1. License Grant. TM~ .1 IN:ense agrttment bt!tWft'n you and Foninet no! a sales .igreement The term •Software•, as used lhroughout 1hls Agrc-emcnl, 1ncludcs ;ill Fort1nc1 and 1hlrd p;irty firmware and software provided 10 You with, or incorporated into, Fort1net appliances and any stand-alone software provided to You by Fort1ne1 With the eices,tion of any OPf'n source software contained 1n Fortmet's Products which 11 discuss<!d m detail m section 15 below. and the term ·sottw;ire· mdudes any accompanying documentat10n, any updates ;ind enhancements of the software or hrmware provided 10 '{OU by fort1nel, al tts op11on. Fort met gr,ijnls to you a non 1ranslerablc (cxcepl as provided 1n secuon s 1·Transfer"} ¥Id seclc n 15 j"Open Source Software·) below), non·t'11dus1VC, revocable 1m the event of '{Our fa11ure to comply with tht'~ tt'rms, m the event of termination, or 1n the event Fortmet Is not properly p.11d for the .ipplicable Product) license to use the Soft wart" solely for your mternal bus1neu purpc»es fprOYldt"d, 1f (a) .igret"d by Fort,nt't m writing. (bl you are authonztd by FortInet 11'1 wnllng to provide m.magtd serv1ce providt'r seMces rMSSP") to your end<ustomef\, and le) you p~ for an MSSP IICt'nse, lhen you may use the Softwa~ .ind/or Soltw,ue embedd~ 1n Fort1net Hardware to provide those Sl"Mces, wbJ~t to the 01her r~1nc110ns 1n 1h1s Agreement), 1n accordance with !he terms set forth m this Agrt't'mcn1 and subJect to ,ijny further restrictions In Fortinet documentation (mdudmg license term rcstnctt0nsl. and solely on the Fortmt"I .ipphance. or, m the c;isc of blades, CPUs, plalfOfm, dCVICCS or databases, on the single blade, CPU. platform, device or datab.ise on which Fort met m)laUed the Software, or, for s1.ind-alone Software, solely on a single compu1e, running a validly-Ileen~ copy of the operatmg system for which the Software was designed unless ;ind e•cept St!t forth 1n IM pubhshed documenut1on otherwise For ctanty, notw1thstandmg anything to the contr.iry, all hct"nses of Softw.ire to be 1nnall<!d on blades, CPUs, platforms, devices or dal.ibascs .ire hccnsed per blade, solely for one blildl' and not !or mult,pll' blildt'S th.it rNY bf' installed 1n a chassis, per CPU per pl.itform. per deVICC, or per dal,ijbaSl' basis, up to the blade CPU , plalfOfm, dt'Vlcc, databasl' number dchned m the license and as applicable and In accordanct' With the documentation Tht' Software 1~ ·muse~ on any apph;inces, bl.idu, CPUs, pl;i1forms, d~1ces, or d.it.ibases when 111s loaded into temporary memory (1.c RAMI, acccssl'd, downloaded, mslaUcd, or used on an apphancc, blade, CPU platform device or database You agree th.11, e•<cpt for !he lunned spec1f1c hcense nghts granted 1n this section t . you rtte1ve no l1censenghtstotheSoltware 2. Limitation on Use. You a~ prohlbltt"d from and may not :11tcmpl to. and, d you arc a corpor.it1on, you arc responsible to pl't'vent your cmpl()y1!es and contr,1ctors fromilllt'mpllng to (a) mochly, translate. reverse engineer, decompile disassemble, createdenvat1Ve works based on, !l ubhccnse, or distribute the Software, (bl rent or lease any nghts tr1 the Software many form to anyth11d party or make the Softwa~ ~va1lablc or accessible 10 third parties 1n .iny other manner (except as express 'y perrnined for MSSP p.1nnen), (d transfer assign or subllcense right to ,1ny other person or entity (e•cept as provided in section 5) (di remove any proprietary not1ct', l.ibels or marks on the Softw;irt'. Products, and cont.iiner~: (el use the Softw.ire to determine, or d1Wo1oC the results of ,ijny benchm.irkmg or performance measurements; (fl 1n1crfcre with a platform for use of the Software, !&) use the Softw.:.re on a device not owned and control ed by vou. !hi use automated means to access Online portions ol lhe pl.itform !or the Software, (11 use the Soltw.ire lor th1rd party training. commercial time-sharing or St'MCe burc.iu use or (e•ccpt as c11prcssly set forth 1n this Agreemenl) use the Software to provide services to third parties, (Jfl share non,pub&c features or content of the software wtth any H11rd party; (kl access the soflwarc m order to build a competitive product or SCMCC, to build .i product using s1mi•ar 1deas, features, functions or graphics of the ~oftware, or to (0PY .iny 1deo1), lt'ature), func!lon) or gr.iphlcs of the software; or, (I) ~gage In web scr;ipmg or da1;i scraping on or rel.1ted to the sohware, 1ncludmg without hmitallon, collection of 1nlorm,mon through any software that 51mulates human actlVlty or any bot or web crawler 3. Proprietary Rights. All nghts (1nclud1ng c:opynghts, trade st"Cret, patt-nl and otht'r mtcllcctual proptorty nghts). title, Intcrt-st In and to the Software and any Product, and any copy thett'Of remain wtlh fortmel. You acknowlt-dgt-that no !Ille or other mlcllcclual property ngh1s 1n tht- Softwarc or other Products is transferred to vou ;ind YoU wilt not acquire any nghu to the Sohw.:.re or other Products e11cept for the specdlC limited license as t'•prcssly set forth in section 1 ("license Grant·) above You eiprt'ssly agree ,ijnd acknowledgt-that Forti net owns. retains, and shall retain all intellectual property nghts In and to, .ind you have no 1n1ellectual property nghts 1n and to, the Products ;ind lhe Software other than the Uceni.e Grant You agree to keep confidential .all fort1net conf1dent1al mlorm.at1on and only to use such 1nformat1on for the purposes for which Fortinct disclosed 11. 4. Term and Termination. The term of !he-~ccnse 1s the shorter of la) 1he term as set forth 1n the ordcnng documents, other fonmet documenlauon, or per Fort1nt-t practice~ or pol1c1cs (such as with evaluation or beta licenses or subscnp!lon or other term hccn)CS) and lb) for the duration ot Fon:1nct's copynght tn the Software Fort met m.iy terminate this Agrtt'lnent, and the licenses .ind other rights herein, lmmedi;itely w1lhou1 notice 11 you breach or fail to comply with any of the tcrw and cond1t1ons of this Agreemcnl Of for other re.isons .is st.itcd m Fomnet's other documentation You agree 1hal, upon such termination, you will cc.a!,(! using the Software .lnd .any Product and either destroy all coplC!s of !he Fort1ne1 documt-n1;it10n or reiurn all m;i1c.-1als 10 Fortin ct 5. Transfer. II you .ire a Fort1net conuacted and author11~ reseller or distributor of Products, you m~ transfer (not rent or lease unle» spcc1lici11Jy agrct'd to 1n wr1tmg by Fort1ne1) the Software to one end user on ;i permant"flt basis, prOV1ded lh,ijt {I) you ensure that your cus10mcr and 1he end user receives a copy ol this Agrl-cmenl, 1s bound by its terms and cond1t1ons, and, by selling the Product or Software, you ht'rcby ;ie:rt'e to enforce the terms 111 lh1s Agreement ~aInst such end user (It) you .it all times comply with ,ijtt apphrablc Ur111ed Slates e•port control 1-s and regulations, and ( 11) you .igrcc to refund any fees p,11d to you by an end user who purchased Product!sJ from you but does not agree to the term~ contained m this Agreement and therefore wish(:) to return the Productbl as prOV1d<!d for 1n this Agreement Further, 11 you arc a non-authonzed rest-tier ol Products and Services, you arc not J\.lthonred to sell Producl4 s), Software or SeN1c~. but, regardless, by ~llIng Product(s), Software or Serv,ces, YoU hereby agree you ~re bound by lhe reslnc11ons .ind obhga11ons herein and arc bound 10 (I) ensure th.it your customer and the end user rece1Vc .a copy or th1) Agreement and arc bound in full by all re)tnctIon) and ob~gauons her ctn l•l enforce the restrictions and obllgauons 1n this Agreement ,ijg,ij1nst such customer .and/or end user, (•1 t comply willI aU .ipplicable United States export control laws and regu a1Ions •nd all other appllcablt" laws, and (1vl refund any fees p.-ud to you by .i customer and/or end u~r who purchased Product(s) from you but dOM not agree to the." rcstr1C110ns and obl1gat10ns con1ained In this Agreement and therclorc wtshes to return the Product(sl as provided for In lh1s Agreement NotWlthstandmg anvthmg to !he conir.iry, distributor\, resellen and other Fort1nt"t partners (a) arc no1 agents of Fortmet and (bl arc not o1uthori1ed to bind FortInet 1n any way. Fort1net's license, warranty, and support 1s onlyavahble for Producu that you purchas<!d directly from an aulhonzcd Fortmct chanl"lt'I partner Products not purch;ised from ;in ;aulhor1zcd Fortmct channel partner arc no! chg1blc, will not be supported, ;ind may be block<!d from reg1stra11on 6. limited Warranty. Fort1nc1 provides 1h1s btr111<!d warranty lor 11s product only 10 the single end user person or en11ty that originally purcha.s<!d lhc Produc1 from Fon met or 11s au1hon1<!d res.ell er or d1stnbutor and paid for such Product The warranty Is only vahd for Products which arc properly registered on Fortmet•~ Support WebsItt', t!.~ or such other website as prOV1ded by Forti net, or tor wtnch the-warranty othc,wise starts according to Fortinct's policies, and any support 1s only vahd for products properly purch.as<!d through authori:<!d d1str1butof\ and resellers The warranty penods discussed below will start accordlnc 10 Fortmc1•, pohaes posied at ~ or such other website as provided by Forti net It Is the Fortinel distributor's and re,seller's responsiblhty to make dear to the end user the d.i1e the product w,1s ong1nally shipped from Forti net. and It Is the end user's respons1b•ity to understand the ongmal ship d.itc from the p,jjrty from which the end user purchasNI the product All warranty claims must be submitted in writing to Fort met before the el(piration of 1he warranty term or such claims arc w;ilved m full. Forti net provides no warranty for .any beta, donation or ev.atu.atlon Products Fort1Mt warrants that the hardware portion of the-Products rHardware·J will be free from material defC!Cts 1n workmanship as comp,jjred 10 the functional spec1ficat1ons for the pcnod set'°""' as follows and applicable 10 the Product type !"Hardware Warranty Period-) (a) a three hundred Sllrty five 136S1 day limited warr,ijnty for the-Hardware products; {bl lor FortrAP, the w;irranty ht'rt'ln sh;ill last from the start of the warranty period as discussed ;above until five (SJ years foaowing the product .announced cnd-of.11fe date Hardware. le) for Forti Switch Hardware apph.:.nce products otbtt" than the FortiSwitch•SOOO series, the warranty herein shal last from the start of !he warranty penocl as discuss<!d abov1? until five (SI ye.:.rs foUowtng the product announced end -of ti le dalt' Hardware Fort1net's sole obhgat10n shall be to repair or offer replacement Hardware for the defective Hardware ill no ch.irge to the ong1nal owner This obhgat1on 1s eiclusive ol tr.insport fees, labor, de· inst.albtion, mstallation, rcconfigur111 ron, or return shipment and h;indltr1g fees and costs, and Fortinet shall have no obligation rel.:.t<!d thereto. Such repair or replaccmt'nt will be rendered by Fortmcl al a11 authorized Forti net SCMCt' facility as determined by fort1net. The replacement H;irdware need not be new or ol .in 1dentIca l make, model, or p.1rt , Fortinet m.iy, m 1ts diKret1on, replace the defect1v.-Hardware (or any p.1rt thereof) wtth any recond1t1oned Product that Fortinet reasonably determines 1s subst;int1all,; equivalent (or supenor) 1n all matcn.al respects to the delC!Ct lve Hardware The Hardware Warranty PNIIOO lot W rc~1ed o, replac~nt Hardw:ire shall be for the greater of the remain ng Hardware Warranty Per1od or ninety days from the ddvcry of the repair~ or replacement Hardware II Fomnet determnes 1n •t~ re.isonable d1scret1on that a material defect 1s ,neap.able of correction or that it 1s not practical to repair or replace defective Hardware, the pncc p.11d by the onginal purcha.ser for the dcfect1Ve Hardware will be refund~ by fortme1 upon return 10 Fortinet of the delccttve Hardware All Hardware (or part thereof) that 1s replaced by Forti net, or for which the purcha.se pncc 1s refund~. sha l become' the property of Fo rt1net upon replacement or refund Fort1net warr.ints th.at Software as m1t1any Shipptd by fort1net will subuantIally conform to Fort1net's then-current functional spec1flcat1ons for the Software, as set forth m the applicable documen1a11on for .a penod of ninety (90) days !"Software W,ijrr.anty Penocr), if the Software Is properly mstallt'd on •pprovcd Hardware and operated as contempla1ed 1n its documentation Fortmt't's sole obltpuon sh;ilt be to repair or offer replacement Softw.irt for the non-conforming Sottwart' with 1,0ftware that substantially conforms to fortint'l's funct1on;il spec1!1c.111ons. This oblig,ijtlOn 1s c11dusive of transport fees, labor dc•tn5lallat1on, mstall.ation, reconfiguration. or return shipment and handling fees and costs, and Fortinct shall h~ no obligation related thereto hccpt as otl\e,w,,(' ,sttto ti,. Fortmet 1n writing, the warranty replacement Software is prOYided only to the ongmal licensee, and is subject to the terms and cond1t1ons ol the hccnse granted by Fortmet for lhc Software. The Software Warranty Pcnod shall c,:tend for an additional ninety t9Jt days after any warranty replacement software is delivert'd. If Fort met determines in its rea!.Onable discretion thal a material non- conformance 1s mcapablt' of correction or that It is not practical lo rt'p;iir or replace 1he non•conlorming Soltwart', the price paid by 1he ongin;il llcenstt for the non<onforming Software will be refunded by Fort1net; provided that the non-conforming Software (and all copes thereof) 1s first retum<!d to Fort1nct The hcense 1ranl<!d respectll'lg ,UIV Softw,ijrc for which a refund 1s given .iutom.it1cally terminates 1mmed1a1ely upon refund For purpose of the ;above hardware and software warranties, the term *funcuonal spectficat1ons-me.ans solely those speaf1cat1ons ;iu1honzed and published by Fortmel !hat t'ipressly slate 1n such specifications that they arc the functional spec1!1ca11ons tt'ferred 10 1n this section 6 of this Agreement, and, In the event no such spec1hcat10ns arc provided to you with the Software or Hardware, there shall be no warranty on such Software 7. Disclaimer of Other Warranties and Restrictions. EXCEPT FOR THE LIMITED WARRANTY SPEC1FIEO IN SECTION 6 ABOVE, THE PRODUCT ANO sonwARE ARE PROVIDED ·AS-1s· WITHOUT ANY WARRANTY OF ANY KIND INCLUOING, WITHOUT UMITA TION ANY IMPLIED WARRANTY, IMPLIED OR EXPRESS WARRANTY OF MERCHANTABILITY, OR WARRANTY FOR FITNESS FOR A PARTICULAR PURPOSE ANO NON INFRI HGfMlNT 1J AN'f IMPLIED WARRANTY CANNOT BE OISClAIMED 1N ANY TERRITORY WHERE A PRODUCT IS SOLD, THE OU RATION OF SUCH IMP\.1(0 WARRANTY SHALL BE UMITED TO NINETY 1901 DAYS FROM THE DATE OF ORIGINAL SHIPMENT FROM FORTIN ET EXCEPT AS EXPRESSLY COVERED UNDER THE UMITEOWARRANTY PRCMDEOHEREIN, THE ENTIRE RISK AS TO THE QUALITY, SELECTION AND PERFORMANCE OF THE PRODUCT ISWITH THE PURCHASER OF THE PRODUCT NOTWITHSTANDING ANYTHING TO THE CONTRARY, THE HARDWARE WARRANTY PERIOD DISCUSSED ABOVE DOES NOT APPLY TO CERTAIN FORTIN ET PRODUCTS, INCLUDING FORTITOKEN WHICH HAS A 365 DAY WARRANTY FROM TI-tE DATE OF SHIPMENT FROM FORTINET'S FACIUTIES, ANO THE SOFTWARE WARRANTY DOES NOT APPLY TO CERTAIN FORTINIT PRODUCTS. YOU HEREBY ACKNOWLEDGE ANO AGREE THAT NO VENDOR CAN ASSURE COMPLETE SECURITY ANO NOTHING HEREIN OR ELSEWHERE SHALL BE OEEMEO TO IMPLY A SECURITY GUARANTEE OR ASSURANCE, ANO FORTINET DISCLAIMS LIABIUTY REGAROING YOUR WEB BROWSER'S REQUIREMENTS OR ANY THIRD PARTY DEVICE OR U,LiANa USE.D ro OPERATE THE SOFTWARE The warranty m Section 6 above does not apply 1f the Software, Product or any other equipment upon wt11ch the Software 1s .luthonzf'd to be used (a) has been alter~. e11cep1 by FortInet or its authonzf'd rep~sentauve, (bl has not been 1nsuUed, c>per Xl!'d, repaired, updated lo the latest version, or ma1n1.uned In accordance with 1nstruct1ons supplied by Fortinet, le) has ~n sub1ectcd 10 •bnormal physic.ii or elt'ctncal stress, misuse. neghgence, or acc1den1, (di Is lict'nscd tor beta, ~aluauon, donat10n, lcst1ng or dt'monstr;al1on purposes or for which Fort1net does no! charge a purchast' pnce or license fee; or (e) 1s procurt'd from a non- authonzed resener or non-.11uthomed d1stnbu1or In the case of beta, teshn&, evaluat10n, donation or free Software or Product, the end user acknowledges and agrees that such Software or Product may cont am bup or errors and could cause systl'm f.a ib-H , datii loss and other issues, and the end user agrees that such Software Of Product is provtded ·as is-wtthout any warranty whatsoever >Ni Fort inf'! disclaims any warranty or Uablhty whatsoever An end user's use of evaluation or beta Softw.ire or Product 1s limit~ to thirty (30) days from onginal shipment unless otherwise agrct'd In wntmg by Fortinet. For danty, notwithst.and1nR anything to lhe contral'lf, all sales .ire final and no proviS1on m this EUlA entitles '{OU to retum Products, other than as expressly set forth hcrem. 8. Governing Law. Any disputl"s an)mg out ol this Agreement or fortinct's hmitcd warranty shall be governed by the laws of the stale ol Cahlorn1a, Without regard to the conflict of laws principles. In the even! of any disputes arising out of this Agref'ment or Fort1net's limited warranty, the p;irties submit 10 the 1unsd1ct1on of the f~er.al and state courts located In Santa 0.1ro1 County, Cal1!om1a, as applicable, and .igrce th.ii any controversy or cl,ij1m .armne out of or relat1ne to this Agreement shall be dc1crm1ncd m the federal .and state courts located 1n Santa a.a,a County, Cahlorma, as .ipplicablt' 9. Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY lAW ANO NOTWITHSTANDING ANYTHING TO THE CONTRARY, FORTINET ISNOT LIABlf UNDER ANY CONTRACT, NEGLIGENCE, TORT STRICT LIABIUTY, INFRINGEMENT OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY LOSS OF USE OF THE PRODUCT OR SERVICE OR ANY DAMAGES OF ANY KIND WHATSOEVER, WHETHER DIRECT, SPECIAL, IN □DENTAL OR CONSEQUENTIAL (INCLUOING. BUT NOT UMITEO TO, DAMAGES FOR LOSS OF GOODWILL. LOSS OF PROFIT LOSS OF OPPORTUNITY , LOSS OR DAMAGE RElAUO TO USE OF THE PRODUCT OR SERVICE 1N CONNECTION WITH HIGH RISI; ACftv'H(S, OC INSTALLATION AND1NSTAllATION F[ESANDCOSTS, DAMAGE TO PERSONAL OR REAL PROPERTY, WORK STOPPAGE COMPUTER FAILURE OR MALFUNCTION, COMPUTER SECURITY BREAOi , COMPUTER VIRUS INFECTION, LOSS OF INFORMATION OR D,I.T• CONTAINED IN, STORED ON, OR INTEGRATED WITH ANY PROOUCTlNClUDING ANY PRODUCT RETURNED TO FOllllNCT "D" WARRANTY SERVICE) RESULTING FROM THE USE OF THE PRODUCT, RELATING TO WARRANTY SERVICE, OR ARISING OUT Of ANY 8REAOi OF THE LIMITED WARRANTY IN SECTION 6 ABOVE, EVEN IF FORTIN ET HAS BEEN ADVISED OF THE POSSIBILITY OF SUOI DAMAGES. THE SOU REMEDY FOR A BREACH OF THE LIMITED WARRANTY IS, AT FORTI NET'S SOLE ANO ABSOLUTE OISCRETI ON REPAIR, REPLACEMENT , OR REFUND OF THE DEFECTIVE OR NON CONFORMING PRODUCT AS SPECIFICALLY STATE D.,,."Sl.ClJOl'w i ABOVE, PRCMOEO, HOWEVER , IN NO EVENT SHALL ANY ENO•CUSTOMER REMfOIES UNDER THIS EUlA .a.NO AM IUP,Ofl:T AGREEMENT EXCEED THE AMOUNT PAID TO FORTIN[T FOR THE SPECIFIC APPLICABLE DEFECTIVE OR NON-CONFORMING PJIOOUC'I" ATISSUE. 10. Compliance with Laws, including Import/Export Laws and FCPA. You .ire advised that the Products may be subject to the United St,ijles Eiport Administration Rt'gulations and other import and eiport laws, divers.on contrary to United Slates law ;ind regulo111on is prohibited. You .agree to comply with .all o1ppl1cable 1nterna11onal and national laws that apply 10 !ht' Products as well as end user, end-use, and destm.it1on restrictions issued by U.S. and other govt'rnments, For .idd1t1onal 1nformat1on on U S. elq)Ort controls 5e1! tlUR> lj,rww bl) dgs p Fort1net assumt's no respons1blh1y or r1ab1hty lo, '{Our ladure 10 ob1a1n any neces~rv import and e11port .ipprovals and licenses, and Fort1net reserves the nghl to 1crmmatt' or ,uspend shipments. seMces and support 1n the t'Vcnt Fort1ne1 has a reasonable basI~ to suspect any import or c11port violation You rep~nt that neither the United States Bul't'.'.IU of Industry and Secunty nor any other governmental agency has issued saftCvons aga nu you or othel"Wlse suspended, revoked or denied your eiport pr1V1leges You agrtt not to use or transfer the Products for any use relating to nuclear, c:hcmital or b10log1cal weapons, or missdc technology, unless authorized by the United States ~t tw regulation or ~t'cific written license. Additionally, '{OU agree not to d~'f Of l"di~CO'f e•po,,. ift'1JIOt1 ot1r.a11unt thr "rodud:1 contrary to the laws Of regulations of any other governmental entity that has junsd1ct1on over such Hport, import, u.ansm1ss10n or use. furthermore, You hcl't'by ,ijgree that, for any order\ that You place wilh Fortinel whereby ,ijny lcga.lorrC1\,ll~oryrtqui,ttMt1U may apply to f011Wt :iud'I ~ re«iin'rN:"IIJ ~C'dto the ~C!nlilflO"tll r,afhcofl A.n91 Re,:UIIM.iCl"l,Of luV~Aa,OI tfl.e '"'* Acr~~Alt.youMt'fdDOn11tilet.0~1,1ni:l!l,f P-.iri;~C)f-Otfwb,...n ~fOf~!ty¥(1uMd/Of.Ml'fPJl'lnft"$dH r1y~~f;11.,. .J4)t'akteq111rtff'IC!t'lt 1"wtrtmc, 0t~foi,Jflll'ltS-n,olbol,ondby~~l~f~U. 'fOl.ltrpl'nt"l!ll~IYoQ~st~.¥id you hcrt-by agree 10 coqily w ith. iill il PII~ ~ ~""I but N)I •t1111rd 10 ci. U.S Fo,e,:r ~ jJfM11u·~ Ac1 YIN represent !fl.ti yvv l\erC'by <11rn Um 'f'O'lt ollftd you, t-n'olO'tftl ~ ti« «c~i:d. MVf will nQt ,t(l:pl, ,tnylflq ot v-.C. ~ ffiOnl'Y, miralt,, t'flltft.tlflfftt'114. f)altd,lo, t,1<,ot'I, OC!'la. t HWII, l!Vl.luM.tOft, don.K,on Of fftt "'1-od!M!\l, .-idfo, ,elatK ~-or ~re else ol value, 1n e11change for f-cln.1/\t'I ~.11"""' t:llff'M\ blainr,, or for n~w OU,.1"'"'i ~1#11U"' Yo u r('prftnll N wMil-'II 10 Fortin et that you and your cmploYl'eS, consut1ants, .igt'nU and reprc,.cntati~) wil no4 use ~·• p~s .and St'Mces 10 engage m, or support in any way, viotat10ns or abuses of human nghls, including those 1nll'dvl,.-<•'liOl"l-NP, """""Ill.MC:•, k l rhbOf\. ot c11ccssive use of force You .agree you and "°"'"~• 111o\llbc! re"~ tocOff!Pff>Afu!I w.tt\illlilws ~C,O.IOU ,tlll)Uc:Atile1,o any and all deahngs with Fortin et In general .ind its d1stribu1on, resellers and partncn. 11. U.S. Government End Users. The Software and accompanying documentation are dttmed to be "commeraal computer software· .ind "comme,c;a~COfl'ilutH software documentation; respectively, pursuant toOFAR Section 227 7202 and FAR Section 12.212, as apphcable Any use modif1Cat10n, reproduct10n, rclc.ise, perlorm¥1ce, display or d1sctosurc of the Software and accompanYlng documentation by the United States Government shall be governed solely by the terms of this Agrttment and shall be prohibit~ e11cept to the e,:tent e11pressly pcrmtted by the terms of this Agreement and its successors 12. Tax liability. You agree to be responsible for payment ol any sales or llSI" to111es 1mpos<!d at .iny time on lh1s tn,m.;a,a,on 13. General Provisions. Eueptasspec1ficallyperrni1tedandrequ1redmsect1onS('iransfer")above,youac,oc-no1to~~iM-,rff"ff'lt'l'llotU~Mlj,of the rights or obliga11ons under this Aflrcement without the 0,10, "'"'lf'II COfl~"' ol fon ~ Tll,1 -.C,~1'11 lhll ae btnli!n& upon. .ind inure to the benefit ol, the suctt'ssors .and l)t"fmilted .lS'C"S of thc part1Cs. Ttic-Um!N ~IO'l~CM!vi!m!OflonCDnl.l".ilf.b '°'°"' International !),ijJes ol Goods Is e11pressly t'•ck.lded. Th s Agreement ,ijnd other Fortmet agreements may be amend~ or supplemented on y by a wntmg th;al refers eipl-c1tly to the agreement signed on bch.ill ol both parties, or, !or llus Agrttment, .is otherwise e•pressly prOV1ded In the lc,ijd 1n above Section 1 ;above, provided, notwithu.and1n& anything lo the contrary .and except !Of ltus Agreement wtuch m3y be amended or updated u e•prcssly prOVlded m the lead m above Section l above. for any amendment or other agreement to be bInd1ng on Fort1net, such amendment or other agl'ffmenl muu be signed by Fort1net's General Counsel No w.i1ver w1H be 1mpl1cd from conduct or failure to enforce nghts nor elf('Cl,ve unless m .a writing signed on behalf of the party agams1 whom the W,ijlVt'r 1s asserted I any pan ol 1h1s Agl't'ement is found unenforceable, th;1t part will be enforced to the INP!Tlil,.-i l!"tltfll perm1ncd and the remamder shall continue 1n lull force .ind effect You acknowledge lh,ijl you have read this Agreeme111, ~~I.Mid It, and ~ree to be bound by its terms and cond1t1ons NotW1thstand1ng.inyth1ng to the contrary, this EIJtAtorA"1..I~ 1i-...e,11,e: agreement between Fort1ne1 ,ijnd tts end customers and supersedes any and all prior representations or confhctmg pr0m1M.s, .1.told\ ,.,_ hm1tat1ons ol l,abilny, warranues, or otherwise 1n any .ind a I purported end customer agreements, wht'ther entered 1n10 now or In the future In the event of a conflict ~tween this EULA and ;inotht'r agreement, this EULA sh;ilJ prevail unless the con!Ucting agreement c11pressly states that 11 replaces this EULA. c-prcssly referring to this EULA. .:.nd 1s .agreed to 1n wnt1ng by ;jut homed rc~eSHlt311WS ol lM pat'l.ie-1 (wt.lie~ Wt-l l'N-OH•ol fortJrl('l ,,\i-l)n,11,ft ',~tiitCo~ t•. Privacy. You agree to f ort1net s cdl:ttuon. use, dl:l.dosure. prot('Cl1on ilncJ tran.d cr of your mforma110n. as set forth 1n the Fort1nct prtvacy pohcy on the Fortinet -..veb s11e ~o J(w,,,,w rs,,, ".'S:l CR!!Y.llbou'x,/,Qrvjilty "lmll, 1nt1WCS.ng 1aJ 1-0ffiner, use of the Customer 1nform.it10n to send 1nlorm;it1on reg;ird'"C rort1 ne1 products N seMces, ancf (bJ f ortmet's d Isd osure ol your 1nlormat10n 10 prOYoldt: assistance to law enforcemt!'nt, governmental ;igenc1Cs and other authontlf!S or to .allow Fort1nel to prot('CI its Customers' and/or end users'nghts 15. Open Source Software. Fort1nct'sproductS ~ll'ICk.detOftwa,efnOdl.linWt.r,~torlWD<tn~to1M11Jf"llhdet~GM!~i1lhlbl!c t..cttlk.. \le:..,....l. of A,1,-.e 1,,i r GPt•t or GNUtn,ir, GcnrulfaubkllCCMC", VCf\lOl\11 , of rcOu,..,., lfflf"lGN.-J orO\her OIK'I' source software licenses which, .imong other nahts, permit the user to use. copy modify and red1str1bul." moduln, o, pOf'tlon:s thereof, and m.iy also require ilttnbut10I\ ditdo\utn .,,., KtnJ to 1hr \OufU codot"Or,t,i Sol..rce Softw,t!lt•) The-GPl 1~1 tti.1 for ...,,Optn Sourct Soh w.Metg!jt'ff'O..-ndt'flflltGP\.,~itd,suit,l,lted to~l11Me-•e-wt.tib.e~t0tm:ic,~ttit-\OUII" codt .also be made ava1l;able to those users. For any Open Source Softw,1,e covertd under the GPl the source code Is made ,ijva1lable on !his CO or download pack.:.ge If any Open Source Soflw;are licenses re!qutrc that Fortmet prOV1de nghls 10 use, copy or modify ;any Open Source Software program that ;ire broader lhiin the rights grant~ m !his aart'cment, then such nghts sh;ill lake precedence ovt'r the nghts and restr1Ct tOt11 ~'bft fC>l"l>IMi l w9p,<Mde, f0t • CNrit re!k-aintOVt Uoitldard di~nbutlorlca\H, Inc CQfflplc,:t machmc•tc,Xfabllt copy of lftt moct.llN' sdlwM"t ~, fo Obtlll\ • compleu • ffi,kt\in.,,rH Oabtt, copy, pit~ kflid V'fkjr w,411e11 r ~nl , atonc witl't iJ c~,111 11\t'~ of US SlS 00, 10G-ctltt'.i "1.ehc U(Cf!~ '°"'co(odt Rtql.tt'St, klnll'tCl,lftC., ffl UN Rd. Sunnyvale, CA 94086 lM To rf'(elyt, I Nl !Ntdrf-ed ~ mocUti, VOto1 ~t ah.o~ll.lde 1i,e Joia-Mr,g 1rttorffl.wtJOn: (11 Nffl'C:, (bl Address, (c) Telephone number (d i E-mail Addms (el ProehKt Jl'll'(h~ (If olQPCIU bltL tfl P~ Seri.-! Nuw..bef (,t appliiu!)ift open source sot1warc modules are licensed free of charg_c There 1s no warranty for these modul es. to the e•tcnt permitted by applicable law The copynght holdt'rs prOV1de these software modules •AS·IS-wilhout warranty of any kind either e•presscd or 1mpbed i n no even! wt~ the copyright holder for the open source softw;irc ~ h.1ble to YoU for dam3ges, in d uding any special, incidental or consequential damages ansing out of the use or mabt' Ity lo use the software modules, even 11 such holder has been ;advis<!d of the possib1hty of such d,ijm.agcs A ful l copy of this Icense 1nduding ,ijdd1tional open sOUrct' software license dltdow,n Mid third party license disclosures ;applicable 10 cen;im Fon1ne1 product,. may obtained by contacting Fort1nct's leg,jjl Department at :ru 11em:111r1 com GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE Version 2. June 1991 Copyright (C) 1989. 1991 Free Software Foundation. Inc. 59Temple Place. Suite 330, Boston, MA 02111-1307 USA TERMS AND CONDITIONS FOR COPYING, OISTRIBUTION AND MODI Ft CATION This License applies lo any program or other ....ork v.tii<:h c:ontains a notice plac:ed by tho c:op)'fight holder saying il may be distnbuted undor tho terms of this G$1"loral Public License. The "Program·. below, refers lo any sud, program or wen. and a ·....orx based on the Program"meanseither the Program or any derivative work under cop)'fight law: that isto say, a work containing the Program or a portion of it. either verbatim or with modificalions and.lor lranslated into another language. (Hereinafter, translation isinduded Wthoutlimitalion in tho lerm "modification".) Each licensee is addressed as "you" . Ac:tivilles other than cop)"ng. distribution and modific:ation are not covered by this License; they are outside its scope. Tho act of running the Program is not restricted, and tho output from the Program is covered only if its contents constitute a ....ork based on the Program (independenl of having boon made by running the Program). Whether that is true depends on ....+iat the Program does. 1. You may copy and distribute verbatim copies of tho Program's source code as you receiV11 it, in any medium, provided that )Cu conspicuously and appropriately publish on oac:h copy an appropriate copyright notice and disclaimer of warranty. keep intact al tho notices that refer to this License and to the absence of any warranty. and give any other recipients of the Program a copy of this License along with the Program. You may charge a foe for the physical act of lransferring a copy, and ',(lu may at ~ option offer warranty protection in exc:hange for a fee 2 You may modify yourccpyor copes of the Progam or any portion of it. thus fanning a v.ork based on lhe Program, and copy and dlWlbute such modific:allons or work under the lerms of Section 1 above, provided that you also meet all oft~ condiltons: a) You must cause the modified r•es toc:a,ry p,om.,enl notices statingthal ',(luchanged Iha files and the date of any "''""" b) You must cause any .....:irk that you di:.tribute or publish. thal in ....tlole or in part contains or is derived from the Program or any part ther&of. to be licensed as a 'M101a al no c:hargo lo all ttird parties under the terms of lhis License, c) If the modified program normaly reads commands interactively Men run. you must c:ause it. 'M\on started running for such interactive use in tho most ordinary way, to print or display en announcement induding an appropriate copyright notice and a notice that th&re is no warranty (or else, saying that you p,ovide a warranty) and that users may redistribute the program under these conditions, and telling lhe user how to viow a copy of this License. (Exception: if the Program itself is interaclive but does nol normaly print such an announc:emont. your wor1il. based on the Program is not required to print an announcement.) These requirements apply to the modified ....ork as a ....+iole. If identifiable sections of that work are not d&rived from tho Program, and can be reasonably considered indopondont and separate wol"Xs in themselves, lhen this License, and its terms, do not apply to those sections when you distriblJle them as separate works. But ....+ion )QI distribute the same sections as part of a ....+iole 'M\ich is a ....ork based on the Program. the distribution of tho ....+iolo must be on the terms of this License . ....+iose permissions for other licensees extend to the entire ....+iola, and thus 10 each and every part regardless of ....+io wrote it.. Thus. it is not the intent of this section to daim rights or contest your rights to work witten entirely by )(lu: rather. the intent is to exorcise the right to control the distribution of derivallve 01 oaaective ....orks based on tho Program. In addttion, mere aggregation of another wen not based on Uie Program with the Program (or ~th a work based on lhe Program) on a volume of a storage« dislributlon medium does not brirlg the other 'MO<k under tho scope of this License. 3. You may copy and cistribulO the Prog-am (or a work based on IL under Section 2)in object code or exOC\ltable form under Ow1 tetms of SectiOM 1 and 2 abovo provided that )(lu also do one of tho fotlowing: a) Accompany it Wlh the completo cOtTesponding mechine-(eadab6e source code, 'M\ich must be distnbuled undor the terms of Sections1 and 2 above on a medium customarily used for software intMchange; or. b) Accomf)Wlyit Wlh a witten offer, valid for al leasl lhreo yoats. to give any lhird party, for a chargo no more than your cost of phy.;icallv performirlg source distnbullon, a complete machine-(eadablo copy of tho COf"Tespondmg sOVlce code, to be distributed under the terms of Sections 1 and 2 obovo on a medium customarily used for software interchange; or. c) Accompany it wth tho information you received as lo tho offer to distribute c:orresponding source code. (This alternative Is enowect only for noncommercial distribution and onlv if )CU received lhe program In object code or executable form Wth such an offer. m accord 'Mlh Subsec:tion b abovo.) Source code for a work moans the preferred form of the work for making modifications to it. For an executable ....ork. complete source code means all the source code for all modules ii contains. plus any associated interlace definition files, plus the scripts usad to conlrol compilation and instaDation of I.he executable. However, as a special exc:eption, the sourc:e code distributed need not include anything that is normally distributed (in either source or binary form) 'Mth the major components (compiler, kernel, and so on) of the operating system on 'M\ich the executable runs, unless that component itself accompanies the exOC\ltable. If distribution of e,ieculable or object code is made by offering access to copy from a designated place. then offering equivalent access to copy lho source code from tho same place counts as distribution of the source code, even though third parties are not compelled to oapy the source along with the object code. -4. You may not copy, modify, sublicense, or distribute the Progr.vn exc:ept as expressly provided under this License. Any attempt otl\ef'Mse to copy. modify, sub~c:enso or distribute !he Program is void. and 'Ml automatically terminate your rights under this Licen:wi. However, parties ¥lt,o haYO received copies, or rights. from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You ate not requi,red to ac:cept this License. since ',(IU have net '9'ed it. Ho'Mllww. nothing else grants )OU permi~on to modify or distribute the Program or its derivative 'M)l'kl,. These actiOM are p,ohitNted by law if )(ludo nOl accept this License. Therefore. by modifying or distribwng the Program (Of anyYIIOfk based on the Program). you indicate your acc:eptanc:o of this License lo do so. and an its lerms and c:ond1tions for cop~ng. distributing or modif)ing tho Pro;ram °' works based on 11. 6. Each time )Cu redistribute tho Program (or any Yll'0f1I. based on the Program), the recipient automatically receives a license from the on~al licensor ID copy, distribule or modify the ?r°"am S4lbject to these terms and condilions. You may not impose any further restrictions on the recipionts· oxercise of the rights granted herein. You are not responsible for eflforcing compliance by third parties lo this Licen:wi . 7. If. as a consequence of a courl judgment or allegation of patent infringement or for any other reason (not limited to patent issues~ ccnditions are imposed on you (wtiethor by court order, agreement or othel'Wise) that conlradict the ccnditions of this License. they do not excuse you from tho conditions of this License. If )CU cannot distribute so as to satisfy simultaneously )Cur obligations under this Lic:enso and any other pertinont obligations, lhen as a consequence ~u may not distribute the Program at all. For example. if a patent license would nol permit royalty4-eo redistribution of the Program by all those ....tio receive copies directly or indirectly through you. then the only way )(IU could satisfy both it and this Lic:enso -would be to refrain entirely from distribution of tho Program. Jf any portion of this seclion is hold invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the secbon as a ....t.ole Is intended to apPly m other circumstances. It Is not the purpose of this secbon to 1nduc:e you to 1nfnn90 any patents or other property right claims or to contesl validity of any such claims: this section has tho solo purpose of p,otecting the Integnty of the free software distnbutlon system 'M\ich is implemented by public license p,acticos. Many people have made 90nemus contributions to tho Wide range of software distributed through that system in reliance on consistent applicallon of that system: It is up to tho author(donor to decide 1f twi or she is ~ing to distribute software through any other system and a licensee cannot impose lhat c:hoice. This section Is intanded to make thoroughly dear v.hat ,s belleved to be a consequence of the resl of this license. 8 If the dlstnbution and/of use of the Progam Is resl.nCtecf m c:ertan countnes •!her bypat.enb o, bycopynghted 1ntorfaces lhe on11nal cop)flght holder 'M'CI ptaces !he Prognwn under hs License may add an ekpbot geooraphlcal distnbut1on kmltatlon excludmg those c:ountnes. so that distnbullOn Is permrttod only in o, among countnes nol thus ow.duded In suc:h case this LICense incorporates tho km1ta11on as 1f 'Mitten In the body of this License 9. lho Free Software Foundation may pubhsh reVlsed and/or now ve,sions of tho General P\.C>lic license from lime to time. Such new versions 'Ml be similar In $pint IO the present verSIOn but may differ in dolail to ad dross naw p,oblems or conc:erns. Each version is Qiven a dist1ngu1sh1ng \1'9fSlon number If the Program spoc:i&es a \o'Ol'Slon ni.mber of this License v.tiic:h aPP'as to it and "any later vorSIOfl• )(IU have the opt,on offolOWlng the lorms and ccnditions oilh&r of that vers,on or of any later version published by the Free Software FoundalJon. If the Pr0e7am does not spec:1fy a version rwmbor of this Lic:onse. )Cu mav choose any version ever pub~shed by tho Free Software Foundation. 10. If )Cu wish to incorporate parts of tho Program into other free programs 'M\ose distribution condilions are different write to the author to ask f0t permission. For software whlc:h Is c:op)'f,ghled by the Free Software Foundalion write to the Free Software Foundation; we somettmes make excepbons for this . Our decision YIIII be guided by the two goals of preservmg the free status of all derivatives of our free software and of promoting lhe shanng and reuse of software generally NOWARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE. THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM ·As Is·wITHOUT WARRANTY OF Ar-N KIND. EITHER EXPRESSED OR IMPLIED INCLUOlNG BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY ANO FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHO\.A.D THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 12. IN NO EVENT UM..ESS REQUIRED BY APPUCABLE LAW OR AGREED TO IN WR1TING WILL ANY COPYRIGHT HOLDER. OR ANY OTHER PARTY WHO MAY MOOtFY ANOfOR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES. NCUJOING ANY GENERAL SPECIAL . INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR tNABILtTY TO use THE PROGRAM t1NCLUOtNG BUT NOT LIMITED TO LOSS OF DATA OR OAT A BEING RENDERED I NA CCU RA TE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF TiiE PROGRAM TO OPERATE WITH At,tY OTHER PROGRAMS). EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSStBILITY OF SUCH DAMAGES. GNU LESSER GENERAL PUBLIC LICENSE Version 2. 1, February 1908 Copyright (C) 1991, 1999 Froe Soft.Naro Foundallon. Inc . 59Tomplo Plac:o, Suite 330, Boston. MA 02111-1307 USA TERMS ANO CONDITIONS FOR COPYING. OISTRIBUTION AND MODIFICATION 0. This Lic:enso Agreement app~es to any software library°' other program which contains a notice placed by tho cop)'fight holder °' other authorimd party sa)"ng it may be distributed under the terms of this Lesser General Public License (also called "this Lic:ense"). Each licensee is addressed as ·you·. A 1ibratY moans a collection of software functions and/or data prepared so as to be conveniently linked with application programs ('M\ich use some of those functions and data) to form oxOC\ltables. The "library, below, refers to any such software library or -work which has boon distributed under those terms. A ·....an. based on the Library means either the Library or any derivaho 'NOrk under copyright law: that is to say, a work conLainino !he Library or a Portion of it. eilher verbatim or with modifications and/or translated straightforv.ordly into another l,a,n9',1.s~. (Hereinafter, translation Is included without limitation in the term ·modrfieation·.) •Source code" for a work means tho preforred fonn of the ....ork for making modifications to ii. For a library, complete source code means all the source code for all modules it contains. plus any associated interface definition files, plus the scripts used to conlrol compilation and installation of the library. ACIMties other than cop)"ng. Qstribution and modification are not CO\'Ofed by this license: they are outside its xope. Tho act of running a program using the library is not restricted, and outplJI from such a p,og,am tS c:ovored onty if its contents consblula a YIIOfk based on the Library (independent of the use of the Library in a tool for Ywnling it). Whather tN!t ia n,e depends on v.tiat the Library does and ~I tho pr09fam that uses lhe Library does. 1. You mav copy and distribute verballm copies of tho Library's complete source c:ode as you receive it. in any medium. provided that"® conspicuouslv and appropriately publish on each copv an appropriate cop~ht notice and disdaimer ol warranty; kNP intact an the nolleos that refer to this License and to the absence of any warranty; and distribute a copy of lhis License along wilh the Library. You may c:hargo a fee for the physical act of transferring a copy, and you may al your option offer warranty prot&etion in exchan90 for a fee. 2 You mavmodify your copy or copies of the Library or any portion of ii. lhus forming a YIIOfk based on the Library, and c:opy and di~buta such modificabons or wen under the torms of Socbon 1 above pro..,ded that you also meet all of these condibons: a) The modified work must itself be a software library b) You must cause the files modified to carryp,ominent notices statinglhal you c:hanged the f~es and the date of any change. c) You must cause the ....+iole of tho 'NOrk to be Ic:ensed atno c:harge to all third parties under the terms of this License. di If a facihty in the modified Library refers to a function or a table of dala to be supplied by an application program that uses the facility. other than as an argument passed when the faci•ty is invoked. then you must make a good faith effort 10 ensure that. in the event an appl1cabon does not supply such funcllOn or table the fad1ty slill operates and performs ....+iatever part of its purpose remains meaningful. These rfl(luiternonts apply to the modified 'MO<k as a whole. If ielentdiable sections of that work are not d&rived from the Library. and can be reasonably considered indepondenl and separate works in themselv,es, thon this Lic:onse, and its terms. do not apply to lho:wi sections 'When you <istribute them as separate works. But ¥otien )«I Qstributo I.he same sec ti OM as part of a 'MIO!e v.tiich Is a v.ork based on tho Ltbrary the dlstnbulton of the Yohole must be on the terms of tn,s License. whoso permissions fo, other IKensoes extend IO the enll'e ¥!hole and thus to each and e\o'Ol'y part regardlass ot W\O wrote it. Thus, it;, not the intent of this socllon to c:tarm nghls o, c:ontost yow nghts to -wo'11. 'Millen entirely by you rathar. the intent is to exorcise the nght to contr~ the d1.slflbutlon of donvabve °' 00lect1ve wor\s based on the Ubraty In addition. mere a,ggregotion ol anolhor work not bas-od on Ulo Library wth lhe Library for .,.lh a wor1I. basod on the Library) on a volume of a storage or distnbut1on medium does not bnng 1he ether w::,rk undflf the scope of this License 3. You mavopt to apply the terms of the ordinary GNU General Pub~c License instead of this License to a given copy of the Library. To do this, you must alter aD the notic:es that refer to this License, so thal they refer to the ordinary GNU General Pubhc License, version 2 instead of to this license (If a newer vorsion than version 2 of the ordinary GNU General Public: License has appeared, then you can specify that version instead 1f yoy 'Msh ) Do not make any other c:hange in these notices. Once this change is made in a given copy, 11 is irreversible for that copy, so the ordinary GNU General Public Uc:ense applies to au subsequent copies and derivativo works made from thal copy. This option is useful ....+ien you wish to cop1 p~rt of the code of the Library into a program that is not a library. 4. You may c:opy and distribute the library (or a portion or derivative of it. under Section 2) in object c:ode or exec:utable form under the terms of Sections 1 and 2 above pro..,ded lhat you accompany it with the complete corresponding machine- readable SOUfce code. 'M'lich must be d1stnbuted under tho lerms of S6Ctions 1 and 2 abovo on a medium customanly used for software interchange If chslribu!lon of object c:ode Is made by offering access to copy from a designated place, I.hen offering equivalont access to copy Iha sowce code from the same plac:e satisfies the requiremont to distribute the source code, even thCNfitl third 1)1,Au ere not compelled to copv the source along wlh the object c:odcl. 5. A program that contains no derivative of any portion of the library. bu1 is deStgned to work wth the Library by being compiled°' ~lled Wlh il tS calod a "\l.ork that uses the Library~. Suc:h a work. ln isolation, is not a derivative WO.-of the L1bfary and thelafo,e !alls outside the scope of lhis License. How6ver ~nlung a '"'M>r1'. that uses the Library· "Mth the Library c:reatos an exacuiable that is a deriva•w of the Library {because it contams portions of the Libfary) rather than a ""work lhal usu the library The executable Is thfltefore covered by this Ltcense Section 6 states terms for d1stnbut,on of S4lc:h executables March 2021 EULA. Copynght i:o 2021 Fortmet. Inc , All Rights Reserved Contents and Terms Are SubJect to Change by For11net Without Pnor Notice VVhon a ~ that uses the library· uses material from a head$J Mee that is part of the library, the object code for 1ho 'M)l'I,, maybe a derivativewor11. oflhelibraryoven \hough lhe~¢0o.i1 not . VVhflthflf this is lruo is especialy signilic:ant if Iha"'°"' can bo ~nked .,,.thou! the Library or f the -work is itself a libfary Tho threshokl fo, this to be true is not p,ecisely dafined by law. If such an object file uses only numerical parameters, data struc:ture la',(luts and accessors, and smaH macros and M'I• lnJine functions (len lines o, less in length). then the use of the objecl file is unroslricted regardless of ....+-.ether 11 is legal ya derivative work. (Executables containing this object code plus portions of the Library will :wll fall under Section 6.) Otf"lcirwise, d the v.ork is a derivative of the Library, you may distribute the object c:ode for the work under the terms of Section 6. Any executables containing that ....or1'. also fall under Section 6. 'M\ether or not lhey are linked directly Wth U,e Library itself. 6. As an exception to the Sections above. you may also combine or link a "work that uses the Library"' with the Library to produce a wol"X containin,g po,•mtso# lh• Lit:t •y. lill'ld 6Atribvte !hat ""°'h. under 1enn., ol yo,.,r cno.ca. o,o-..dld U'l•t ltlie terms permit mod1ficalron of the ';11,0,li. f« ',OIi °"""" u1e and ro .... rs.e engine•irlfa fo, dtllbugg,"g weh mcaiiCMIOns. You must give prOl't'inan1 nofica WO\~ ~yof the wor" f,M lhe LIK•y i, uMd in ii and !NI the Ubfl,Y""" its ltM •re cov&red by this License. You must supply a copy of this License. If lhe work during execution displays cop)'f1ght nolices. you must indude the c:opyright notice for the Library among lhem. as well as a reference directing the user to the copy of this License. Also, you must do one of these things· a) Accompany the v.ork 'Mth the complete corresponding mac:hine-readable source c:ode for the Library including Matever changes wore used in the ..ark l ....niehmuSt bedis1n~ ~• S.C;on, 1 Mld2 above! and ,f ~~ 11-atiox.a.il.abi. linked with I.he Library, with the complete machine-readable ·worlr. that uses lhe Library". aa ebJacl coda~ sourca code. so that the user can modify the Library and then relink to produee a modtfied executable conta1n1ng the modrfied Library (It is understood that tf"le user 'M\O changes the eonlonb of definitions files in trw. 1..itw•y-'I not ~nl)' k able to recompile the application lo use tho modified defini'°"5 ) b) Use a suitabte shared library mechanism forhnking'Mth the Ubfaty. 4 tuitabl,e mechuum JS one triat (1l use, ttf\oll'I IJme a copyol the libfa,y already present on tho user's computer system rather lhan cop)'ng library func:trons .,to lhe oxeculabl•. and 12)'MPi Operate property wth a modified version ol lhe llbraiy, if the user instals one as long as the modified version is interface-compatible with the version that the work was made wilh. c:) Accompany the work 'Mth a .....-Itten offer, valid for al leasl lhree years. lo give the same user the materials specified In Subsection ea. above for a charge no more than lhtt cost of performing this distribution. d) If d1stnbut1on of the w::,'11. Is made by offering access to copy from a designated place offer equwalent acc.ess to copy tho abOve specified matenals from the same place e) Verify that tho user has already received a copy of these matenats 01 that you have already sant this user a copy For an executable, the required form of the "wol"X that uses tho Library" musl include any data and utility programs needed for reproducmg the executable from It. However as a spocral exc:eption the materials to be d1slrlbutod need not include anvthlng that rs normally distnbuted (in otther source or binary form) ~lh the major components (c:ompiler kernel , and so onl ofthe~alitlotPWft °" IM'lic:.hfr• •~lerun.a-. Ultles.a l\atcomponentftsetf iltccw,,t)all\>•.1 lhenecuubM-ltfNly happe,11hat h.l rto#emenl oonlraclct:.1 the licen'41euielion• ol ~ P'Ol'WiMarylililrM!:fl lhM do not~ ac;.c:omoanythe GCMWetil'IQ &ySl.-n. $uch a o::anttadri.1ion fflellN you UMot U.M bo4h i\em Md i'9 LJbr·I')' logllthef 1" M executable that )Cu di,.ritKlt._ 7. You may place library faci~ties that are a work based on tho Library side-by-side in a single library togeth&r wth other library facililles not ccvered by this License. and distribute suc:h a combined library. provided that the separate cllstnbution of the work based on the Library and of tho other library faclli~s is othet"Mse pannitted and pro..,ded that )(lu do those t....o things. a) Accompany tho combined ltbrary>Mth a copy of Che same work based on the Library uncombined wth any other library rao,t.tn n.. mu SI be diwtM~ und• Iha tams of 1M Sec:lion.s aoo..,. b l Gtve prominent notlCow,th the combined library of the fact that part of itis a Wl)fk based on the Library and exp,lammg ~e to find Cha ace,o,r1p.anwi,ft9u'lCO'fltlil'led form ol Che ume IMlf'li.. 8 Youmaynoteopy moc:tay, sublicense linkwilh, or distributethoLiDra,y•xcept as ui,,.i,.sl~Jl'O',lldtld undef lhdL,cer\M Any attempt othonMse to c:opy modify subltcense bnk with. or distnbute the Library Is VOid, and 'Nill automat1c:ally termmato )(!Ur nghts under this License However parties Yoho have rec•ved copies or rights. from )CU under this Uconso will not have th111, licenses temunated so long as such partios remain in fuD compliance 9. You are not required to accept this Lic:ense, since )(lu have not signed 11. However, nothing else ;rants )Cu permission to modify or distribute the Library or its derivative works. These ac:tions are prohibited bylaw if )Cu do not accept this License. Therefore. by modifying or distribubng tho Library (or any v.ork based on the Library), you indiut• ',Ol' acceptance of this License to do so, and all its terms and c:onditions for copying, IIMribUlinl, or ~not,-l.i)t#y o, works based on ii. 10. Each llme you redistribute the Library (or any-work based on the Library). therecipienl automatically receives a lic:enso from lhe original lic:ensor to copy, distribute, ~nk with or modify "e LC°at\l 54.1bjoet IO !hase ierm.1111d condikJl\1. You "'~Y not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. 11. If, as a consequence of a courtjudgml!ll'ltor allegation ofpatontinfri~.,,t0t lo-111y Df',el-rM.M)fl (l'IOI Wftiled IO patent is:.ues). conditions are imposed on you ('M\ether by court order, agreement or otherwise) that contradic:t the condibons of this License, they do r'IOt excuse you from the conditions of this License. If you cannot distribute so as to saufy simu1tan«au:sly you, ob6gations under this License and any other pertinent obligations, then as a consequence you may not d' ~uce the Lionirv at a.. h:11 ..-nt)le. if a PMent lic:e,nM ~ not ,-mI1 royally.free ,odi,.lb'-llion ol lfte Library by al !hose """° ,acet .... cop-, dit"t,ctl~ or indir«:Uy !trough .,.au. !Mn 1t1e only way yau could sao.sfy boU'I it 8'l'CI ,.,. tic:.ensewouldbetoratrMlar\llr.YhamdlSl.ti~of~Librli')". If any portion of this sec:tion is held inva6d or unenforc:eable under -"Y partic:utar circum5tance lhe balance of the sec:,on Is intended to apply, and lhe s,oction as a ....+,oie is inlonded 10 apply in other CUC\ltTtstanc:es It is not the purposo of this secbon to induce you to infringo any patents Of other property nght da1msor to c.cnle.tt validily of any such claims: this &ection has the sole purpose of PfOIKting the integrity of tho free software d1str1butJon system v.tiic:h is implemented by pub~c license practices. Many people have made generous contrrbutions to the wide range of software distributed ltvough that system in reliance on consistent application of that system· It Is up to tho author/donor to dec~e ii he or she is wining to distribute sohware through any other system •nd • I~ ~t ~ that c::hot(a Tha section is intended lo make thoroughly clear wtiat is believed to be a consequence of the rHl of Wits llCa\M 12. If the distribution and/or use of the Library is restricted in c:ertain countries either by patents or by copynghted intoriaces, the original cop),fight holder v-.ho plac:es the Library under thi1 L<en.se may add 8fl t.pkil a-oqr•i,t,i~ distribution timitation excluding those countries. so that distribution it permitllOd only it'I or lli"IOl'lil! covniti,•i not. uw. excluded. In suc:h case, this License incorporates the limitation as if witten in the body of this License 13. The Free Software Foundation may publish revised and/or now versions o4 lhe Lasser Getl«aA Pl.iblie L~ &om lime to lime. Such new vorsions 'MU be sim~ar in spirit to lhe present version. but may differ in de tad to .adltess new p,oblcn,t o, c:oncerns. Each v,ersion is giYOn a distinguishing version number. If the library speafios a version number of this license ....+iic:h applies to it and ·any laler version•. you have I.he option of follo'Mng the terms and conditions either of that version or of any later version published by the Free Software Foundation. If tho Library does not specify a license version number )(IU mav c:hoO• any .-,ion .....,r put,iah.N by lt'9 Free Sobw211e Foundatoft. 14. If you wish to incorporate parts of the Library inlo other free programs v.tloso distribution condi•ont.,.. 1nc;ornp,1U.e with those. 'Mite to the author to ask for permission. For softwafe v.tlich is ccp','1'ighted by I.he Free Software Foundation write to the Free Sofrwafe F~<lation, WII ..IOftlatim.a; ,..a,ae •~bona ro, this.~ d~Sten Wi n ~ o-,ad•4 by the TWD goals of preserving tha free status of all derivatives of our free softwtta and of promot,ng tho shanng and reuse of sDftw.n generalv 1.S Tho. .v;vran4~disdamflf~ II\ $eQon:s 11 Md 12Qf hClfacaclftOGP\. L,c:enso1:1tne0,~9d heret11 Pa~c:! nl :! DocuSign Envelope ID: 9B0C3DA4-7F48-4824-BB04-11C700CC842D ♦)NCPA NCPA /Omnia Partners Fortinet Contract 01-154 -Authorized Reseller Partners An OMNIA Partners Company Reseller Name Contact Email 11:11 Systems Heath Johnson h johnson@llllsj/stems.com SS Technologies Michael Overton m ichael .overton @Sstechnolo gies .com ACC Techn i cal Servi ces, Inc (Acctek) Paul Wh ite l!Wh i te @acctek.com Ahead, Inc. Brooks Souders brooks.souders @ahead .com Airgap Labs LLC Frank Wang fwang@a i rgaQlabs.com All Covered Adam Goebel agoebel@allcovered .com AMS.NET Thomas Vascon i tvascon i @ams .net Aquila, Inc. Aaron Jaramillo aaroni@aguilagrouQ .com Aspire Technology Partners, LLC Daniel Bongiovann i teamas oi re (<v as oi retransforms.com BCI, Inc. Robin Carpenter rcar Qenter @bc ianswers .com Blackhawk Data Maryanne Pagano m Qagano @blackhawkl l.com BorderLAN Securi ty Diane Rogers d1ane@borderlan .com; deena@borderlan .com C2 Enterprises Phil Thompson Qh iliQ.thomQson@c2 itsj/stems .com Carolina Advanced Digital Susan Jabbusch susan @cadinc.com Carousel Industries of North America, LLC Lauren Testa ltesta@ca rouselind ustries.com Chromis Technology, LLC Zach Garcia zgar ci a@chrom is.com Compuquip Cybersecurity Luis Santiago lsant iago @com Qug uiQ .com Computacenter Mitzi Justice m itz i .just ic e @com Qutacenter.com CCNYTech Jason Germond jason .germond@ccnj/tech.com Continental Resources, Inc. (ConRes) Lou Novakis lnovakis@conres.com Converge Technology Solutions Lynda Thomas ContractSales5uQQOrt-Publ icSector@convergetQ .com DataFree'd Mike Phalovich mQuhalov ich@datafreed.com DGR Systems Amanda Dugger adugger@dgrSl£Stems.com DOF Creations, LLC. Saeed Gordon sb gordon @dofcreat ions.com Dox Electronics Ken Schwartz kens@doxnet.com DyntekServices (Exclusive Networks) Darlene Pricher darlene.Qric her @d :.,:ntek.com EduTek Ltd Mario Caligiuri mario.cali gi uri @edutekltd.com ePlus Technology, Inc. Amy Knower Aml£.Knower@eQlus .com ESX Technology Solutions Renee Ramirez rram irez@esxtech.com Gulf South Technology Solutions, Inc James Moak james @g ulfsouthtech.com GST Phillip Lin Qhilli Ql @g stinc.com Heartland Business Solutions Partner Relations i ngui[Y@hbs.net Hypertec USA Mike Marracino mmarraci no@hyQertec .com iConvergence Beau Peyton beau nrni iconver"ence .com lnfobond Jo Davalos w yra gu1 @i nfobond .com ; jdavalos @i nfobond .com In-Telecom Consulting LLC Shawn Torres storres @i n-telecom.com lnterDev LLC Gary Nichols GN ichols@lnterdev.com ISG Technology Michael Reece mreece@i sgtech.com ISSQUARED, Inc. Lee Craft-Gobeille curt .hedges@ncanet.com; lee .craft@ncanet .com Katalyst Luke Johnson 1iohnson@katall£Stng .com Layer 3 Communications Paula Sands QSands @1a yer3com .com Layers Consulting Elden Quesinberry egues i nber[Y@L8 C.com Liquid Networx Robert Short Ateam@l iguidnetworx.com Mission Critical Systems Maryanne Caruso mcaruso @locked .com MXN Corporation ( Exclusive Networks) Deborah Arnett ins idesales @mxncorQ.com Nth Generation Computing Inc Steve Jung Steve.Jung@nth.com NetSync Jeff Barker jbarker@netsy nc.com Network Experts of New York Anu McGowan anu@albanj/-technology.com PC Solutions & Integration (Exclusive Networks) David Rudnick dav id@Qcsusa.net Peak Methods Jennifer McCuistian Qeak .accounti ng@QeakuQt ime .com; Jenn ifer.McCu ist1an@QeakuQt i me.com PIER Group LLC Chad Williams cwilliams@QiergrouQ .com PNG Telecommunications Inc., dba Powernet Tony Wells twells@Qowernetco .com PNW Security LLC Derek Hanson derek@Qnwsecurity .com Presidio Jackie Arnett jarnett@Qresid io.com Prosys Mitzi Justice m itz i.just ice@Qrosys is.com Fortinet NCPA 01 -154 Resellers DocuSign Envelope ID: 9B0C3DA4-7F48-4B24-BB04-11C700CC842D Seamless Advanced Solutions Steven Frank sfrank @sas -us.com Secure Cyber Defense LLC Judy Brinegar jbri negar @secdef.com Scientel Solutions Glenn Luckman gluckman@scientelsolutions .com SHI Hannah Visbeen PS Contracts@shi.com Sun Management John Samuel 1samuel@sunmanagement.net Structured Communication Services, Inc . Casey Richmond crichmond @structured .com Step CG Luke Gurekovich lgurekovich @ste11c g.com Surelock Technology Guy Anderson ganderson @surelocktechnolo&}'..com Teklinks dba C Spire Business Nicky Hobbs nhobbs @cs111re .com Terawolf Technologies Inc Gaylord Van Bracklin !ll(b@terawolf.com Universal Data Stephanie Kavanaugh skavanaugh@udi.com United Data Technologies Mike Hendrix mhendrix@udtonline .com Verinext Drew Campbell drew.cam 11 bell @veri next.com Vector Resources, Inc. dba VectorUSA Briana Borrenpohl bferna ndes @vectorusa .com World Wide Technologies Matt Lang Matthew.Lan11®wwt .com · Carol.Hartm "®wwt.com Xigent Solutions Barb Canham barbcanham@xigentsolut1ons .com ; Xiologix LLC Sheryl Still ins ide sales ra:>xiolo 11.ix .com Xtel Communications Harbinder Goraya harbmder@xtel.net Zivaro Sean Mccroskey smccroske11@z ivaro.com Fortinet NCPA 01-154 Resellers EXHIBIT "B" COMPUQUIP QUOTE • compUQUIP Quotation cyber secu rlt 9737 NW 41 Street, Suite 786 Doral, FL 33178 US Phone: (786) 641-5437 Fax: (786) 513-4633 Ship To City of South Miami 6130 Sunset Drive South Miami, FL 33143 us Fortinet -Managers -3 years QTY PART# 1 FC2-10-M3004-248-02-36 2 FMG-VM-10-UG Fortinet Firewalls -3 years QTY PART# 2 FG-401 F-BDL-950-36 2 FG-121 G-BOL-950-36 8 FN-TRAN-SFP+SR Quote#: Quote Date: Expires On: Q-17401-2 5/1/2024 6/1/2024 Nestor Valconi nvalconi@compuquip.com Send PO to : order@compuquip.com DESCRIPTION Bill To City of South Miami 6130 Sunset Drive South Miami, FL 33143 us FortiManager -VM Support 3 Year 24x7 FortiCare Contract (1 -110 dev1cesMrtual Domains ) Upgrade license for adding 10 Fortinet devicesMrtual Domains ; allows for total of 2 GB/Da y of Logs and 200 GB storage capacity. UNIT PRICE $7.520.20 $845.78 Fortlnet -Managers -3 years TOTAL: DESCRIPTION UNIT PRICE Fort1net-Fort 1Gate-401F Hardware plus 3 Year Fort,Care Premium and FortiGuard Unified $29.119.81 Threat Protection (UTP ) Fort1net-FortJGate-121G Hardware plus 3 Year Fort1Care Premium and FortiGuard Unified $6.542.44 Threat Protect,on (UTP) Forti net -1 OGE SFP+ transceiver module. sh ort range for al systems with SFP+ and SFP/ $72.85 SFP+ slots Fortlnet Firewalls -3 years TOTAL: EXTENDED $7 ,520.20 $1 ,691.56 $9,211.76 EXTENDED $58,239.62 $13,084.88 $582.80 $71.907.30 TOTAL: $81,11906 Reference: Omnia Partners Contract #01-154 Page 1 of 2 Signature: Effective Date: __ / __ / __ Name (Print): Title: THANK YOU FOR YOUR BUSINESS! Page 2 of 2 • compu9u1p Quotation cyber ~ec unry 9737 NW 41 Street, Suite 786 Doral, FL 33178 US Phone: (786) 641-5437 Fax: (786) 513-4633 Ship To City of South Miami 6130 Sunset Drive South Miami, FL 33143 us QTY PART# 1 CO-PS-FF DESCRIPTION Compuqu1p Professiona l Services Fixed Fee 5600s Cluster -Swap quote for the Firewalls -mulb VDOM for SDWan and PD -401F 120Gs-Data Center City of south Miam i -10 manager counl Conversion from CheckPo int lo Fort,net 102 Policies with Che ckPoinl NAT -70 Rules App Control -95 Ru les Quote#: Quote Date: Expires On: Q-16950-3 5/1/2024 6/3/2024 Nestor Valconi nvalconi@compuquip.com Send PO to: order@compuquip.com Bill To City of South Miami 6130 Sunset Drive South Miami, FL 33143 us UNIT PRICE $13.000.00 TOTAL: Reference: Omnia Partners Contract #01-154 Signature: Effective Date: __ / __ / __ Name (Print): Title: THANK YOU FOR YOUR BUSINESS! Page 1 of 1 EXTENDED $13.000.00 $13.000.00 9737 NW 41 Street, Suite 786 Doral, FL 33178 US Phone: (786) 641-5437 Fax: (786) 513-4633 Quotation Quote #:Q-17401-2 Quote Date:5/1/2024 Expires On:6/1/2024 Nestor Valconi nvalconi@compuquip.com Send PO to: order@compuquip.com Ship To City of South Miami 6130 Sunset Drive South Miami, FL 33143 US Bill To City of South Miami 6130 Sunset Drive South Miami, FL 33143 US Fortinet - Managers - 3 years QTY PART #DESCRIPTION UNIT PRICE EXTENDED 1 FC2-10-M3004-248-02-36 FortiManager - VM Support 3 Year 24x7 FortiCare Contract (1 - 110 devices/Virtual Domains)$7,520.20 $7,520.20 2 FMG-VM-10-UG Upgrade license for adding 10 Fortinet devices/Virtual Domains; allows for total of 2 GB/Day of Logs and 200 GB storage capacity. $845.78 $1,691.56 Fortinet - Managers - 3 years TOTAL:$9,211.76 Fortinet Firewalls - 3 years QTY PART #DESCRIPTION UNIT PRICE EXTENDED 2 FG-401F-BDL-950-36 Fortinet - FortiGate-401F Hardware plus 3 Year FortiCare Premium and FortiGuard Unified Threat Protection (UTP) $29,119.81 $58,239.62 2 FG-121G-BDL-950-36 Fortinet - FortiGate-121G Hardware plus 3 Year FortiCare Premium and FortiGuard Unified Threat Protection (UTP) $6,542.44 $13,084.88 8 FN-TRAN-SFP+SR Fortinet - 10GE SFP+ transceiver module, short range for all systems with SFP+ and SFP/ SFP+ slots $72.85 $582.80 Fortinet Firewalls - 3 years TOTAL:$71,907.30 TOTAL: $81,119.06 Reference: Omnia Partners Contract #01-154 Page 1 of 2 7 Signature: Effective Date: ______/______/______ Name (Print): Title: THANK YOU FOR YOUR BUSINESS! Page 2 of 2 8 9737 NW 41 Street, Suite 786 Doral, FL 33178 US Phone: (786) 641-5437 Fax: (786) 513-4633 Quotation Quote #:Q-16950-3 Quote Date:5/1/2024 Expires On:6/3/2024 Nestor Valconi nvalconi@compuquip.com Send PO to: order@compuquip.com Ship To City of South Miami 6130 Sunset Drive South Miami, FL 33143 US Bill To City of South Miami 6130 Sunset Drive South Miami, FL 33143 US QTY PART #DESCRIPTION UNIT PRICE EXTENDED 1 CQ-PS-FF Compuquip Professional Services Fixed Fee 5600s Cluster - Swap quote for the FireWalls -multi VDOM for SDWan and PD - 401F 120Gs- Data Center City of south Miami - 10 manager count Conversion from CheckPoint to Fortinet 102 Policies with CheckPoint NAT - 70 Rules App Control - 95 Rules $13,000.00 $13,000.00 TOTAL:$13,000.00 Reference: Omnia Partners Contract #01-154 Signature: Effective Date: ______/______/______ Name (Print): Title: THANK YOU FOR YOUR BUSINESS! Page 1 of 1 9 Page 1 of 6 AGREEMENT BETWEEN THE CITY OF SOUTH MIAMI AND COMPUQUIP TECHNOLOGIES, LLC THIS AGREEMENT (this “Agreement”) is made effective as of the day of , 2024 (the “Effective Date”), by and between the CITY OF SOUTH MIAMI, FLORIDA, a Florida municipal corporation (the “City”), and COMPUQUIP TECHNOLOGIES, LLC, a Florida limited liability company (the “Vendor”). Collectively, the City and the Vendor are referred to as the “Parties.” WHEREAS, the City desires to utilize the Fortinet firewall appliance (the “Fortinet Firewall”) for the City’s cybersecurity needs; and WHEREAS,pursuant to Article III, Section 5 of the City Charter, the City may make purchases through other governmental agencies that have followed similar bidding procedures; and WHEREAS, Region 14 Education Service Center (“Region 14 ESC”) on behalf of the National Cooperative Purchasing Alliance, an OMNIA Partners Company (the “NCPA”), issued RFP #40-22 requesting proposals for IT Security Products and Data Protection Solutions (the “RFP”); and WHEREAS,Fortinet, Inc. (“Fortinet) provided a proposal in response to the competitive solicitation, which resulted in Contract Number 01-154 between Region 14 ESC on behalf of the NCPA and Fortinet for the IT Security Products and Data Protection Solutions, incorporating the proposal submitted in response to the RFP (the “NCPA Contract”), attached hereto as Exhibit “A”; and WHEREAS,the Vendor is an authorized reseller for Fortinet under the NCPA Contract; and WHEREAS,the Vendor has provided the City with a quote for the Fortinet Firewall and a quote for professional deployment services (collectively, the “Services”), based on the terms and conditions of the NCPA Contract, which quotes are attached hereto as composite Exhibit “B” (the “Quotes”); and WHEREAS,the Parties wish to incorporate the terms and conditions of the NCPA Contract attached hereto as Exhibit “A,” except as otherwise modified or amended herein; and WHEREAS,in accordance with Article III, Section 5 of the City Charter, the City wishes to enter into this Agreement with the Vendor for the Services in an amount not to exceed $81,119.08, together with a one-time fee for professional deployment services in the amount of $13,000, for the period commencing on the Effective Date, through November 30, 2027, based on 10 Page 2 of 6 the terms and conditions of the NCPA Contract attached hereto as Exhibit “A” and the Quotes attached hereto as composite Exhibit “B.” NOW, THEREFORE, in consideration of the mutual covenants and conditions contained herein, the City and the Vendor agree as follows: 1. Incorporation of Contract. The terms and conditions of the NCPA Contract attached hereto as Exhibit “A” are incorporated as though fully set forth herein. Except as otherwise specifically set forth or modified herein, all terms in the NCPA Contract are hereby ratified and affirmed and shall remain unmodified and in full force and effect in accordance with its terms. 2. Defined Terms. All initial capitalized terms used in this Agreement shall have the same meaning as set forth in the NCPA Contract unless otherwise provided in this Agreement. All references to the “Region 14 Education Service Center” shall be replaced with the City of South Miami where applicable. 3. Term.The term of this Agreement shall commence on the Effective Date and shall continue through no later than November 30, 2027, unless earlier terminated. 4. Compensation.Compensation for the Services provided by the Vendor shall be in an amount not to exceed $81,119.08, together with a one-time fee for professional deployment services in the amount of $13,000, for the period commencing on the Effective Date and continuing through no later than November 30, 2027, based on the terms and conditions of the NCPA Contract attached hereto as Exhibit “A” and the Quotes attached hereto as composite Exhibit “B.” 5. Indemnification. A.Vendor shall indemnify and hold harmless the City, its officers, agents and employees, from and against any and all demands, claims, losses, suits, liabilities, causes of action, judgment or damages, arising from Vendor’s performance or non-performance of any provision of this Agreement, including, but not limited to, liabilities arising from contracts between the Vendor and third parties made pursuant to this Agreement. Vendor shall reimburse the City for all its expenses including reasonable attorneys’ fees and costs incurred in and about the defense of any such claim or investigation and for any judgment or damages arising from Vendor’s performance or non-performance of this Agreement. B.Nothing herein is intended to serve as a waiver of sovereign immunity by the City nor shall anything included herein be construed as consent to be sued by third parties in any matter arising out of this Agreement or any other contract. The City is subject to section 768.28, Florida Statutes, as may be amended from time to time. C.The provisions of this section shall survive termination of this Agreement. 6. Governing Law and Venue.This Agreement is made under, and in all respects, shall be interpreted, construed, enforced, and governed by and in accordance with the laws of the State of Florida. Venue for any legal action resulting from this Agreement shall lie solely in Miami 11 Page 3 of 6 7.Termination. A.The City Manager, without cause, may terminate this Agreement upon five (5) calendar days written notice to the Vendor, or immediately with cause. B.Upon receipt of the City's written notice of termination, Vendor shall immediately stop work on the project unless directed otherwise by the City Manager. C.In the event of termination by the City, the Vendor shall be paid for all work accepted by the City Manager up to the date of termination, provided that the Vendorhas first complied with the provisions of Section 18.6.4. D.The Vendor shall transfer all books, records, reports, working drafts, documents, maps, and data pertaining to the Services and the project to the City, in a hard copy and electronic format within fourteen (14) days from the date of the written notice of termination or the date of expiration of this Agreement. 8. Ownership and Access to Records and Audits. A.Vendor acknowledges that all inventions, innovations, improvements, developments, methods, designs, analyses, drawings, reports, compiled information, and all similar or related information (whether patentable or not) which relate to Services to the City which are conceived, developed or made by Vendor during the term of this Agreement (“Work Product”) belong to the City. Vendor shall promptly disclose such Work Product to the City and perform all actions reasonably requested by the City (whether during or after the term of this Agreement) to establish and confirm such ownership (including, without limitation, assignments, powers of attorney and other instruments). B.Vendor agrees to keep and maintain public records in Vendor’s possession or control in connection with Vendor’s performance under this Agreement. The City Manager or her designee shall, during the term of this Agreement and for a period of three (3) years from the date of termination of this Agreement, have access to and the right to examine and audit any records of the Vendor involving transactions related to this Agreement. Vendor additionally agrees to comply specifically with the provisions of Section 119.0701, Florida Statutes. Vendor shall ensure that public records that are exempt or confidential and exempt from public records disclosure requirements are not disclosed, except as authorized by law, for the duration of the Agreement, and following completion of the Agreement until the records are transferred to the City. C.Upon request from the City’s custodian of public records, Vendor shall provide the City with a copy of the requested records or allow the records to be inspected or copied within a reasonable time at a cost that does not exceed the cost provided by Chapter 119, Florida Statutes, or as otherwise provided by law. D.Unless otherwise provided by law, any and all records, including but not limited to reports, surveys, and other data and documents provided or created in connection with this Agreement are and shall remain the property of the City. 12 Page 4 of 6 E.Upon completion of this Agreement or in the event of termination by either party, any and all public records relating to the Agreement in the possession of the Vendor shall be delivered by the Vendor to the City Manager, at no cost to the City, within seven (7) days. All such records stored electronically by Vendor shall be delivered to the City in a format that is compatible with the City’s information technology systems. Once the public records have been delivered upon completion or termination of this Agreement, the Vendor shall destroy any and all duplicate public records that are exempt or confidential and exempt from public records disclosure requirements. F.Any compensation due to Vendor shall be withheld until all records are received as provided herein. G.Vendor’s failure or refusal to comply with the provisions of this section shall result in the immediate termination of this Agreement by the City. H.Notice Pursuant to Section 119.0701(2)(a), Florida Statutes. IF THE CONTRACTOR HAS QUESTIONS REGARDING THE APPLICATION OF CHAPTER 119, FLORIDA STATUTES, TO THE CONTRACTOR’S DUTY TO PROVIDE PUBLIC RECORDS RELATING TO THIS AGREEMENT, CONTACT THE CUSTODIAN OF PUBLIC RECORDS: Nkenga “Nikki” Payne, CMC, FCRM, City Clerk, 6130 Sunset Drive, First Floor, South Miami, FL 33143, 305-663- 6340, npayne@southmiamifl.gov. 9. Notices/Authorized Representatives.Any notices required by this Agreement shall be in writing and shall be deemed to have been properly given if transmitted by hand-delivery, by registered or certified mail with postage prepaid return receipt requested, or by a private postal service, addressed to the parties (or their successors) at the addresses listed on the signature page of this Agreement or such other address as the party may have designated by proper notice. 10. Public Entity Crimes Affidavit.Vendor shall comply with Section 287.133, Florida Statutes (Public Entity Crimes Statute), notification of which is hereby incorporated herein by reference, including execution of any required affidavit. 11. Independent Contractor.The Vendor and its employees, volunteers and agents shall be and remain an independent contractor and not an agent or employee of the City with respect to all of the acts and services performed by and under the terms of this Agreement. This Agreement shall not in any way be construed to create a partnership, association or any other kind of joint undertaking, enterprise or venture between the parties. 12. Counterparts. This Agreement may be executed in several counterparts, each of which shall be deemed an original and such counterparts shall constitute one and the same instrument. 13. E-Verify Affidavit.In accordance with Section 448.095, Florida Statutes, the City requires all contractors doing business with the City to register with and use the E-Verify system to verify 13 Page 5 of 6 the work authorization status of all newly hired employees. The City will not enter into a contract unless each party to the contract registers with and uses the E-Verify system. The contracting entity must provide of its proof of enrollment in E-Verify. For instructions on how to provide proof of the contracting entity’s participation/enrollment in E-Verify, please visit: https://www.e-verify.gov/faq/how-do-i-provide-proof-of-my-participationenrollment-in-e- verify. By entering into this Agreement, the Vendor acknowledges that it has read Section 448.095, Florida Statutes; will comply with the E-Verify requirements imposed by Section 448.095, Florida Statutes, including but not limited to obtaining E-Verify affidavits from subcontractors; and has executed the required affidavit attached hereto and incorporated herein. 14. Conflicts; Order of Priority.This document without exhibits is referred to as the “Base Agreement.” In the event of a conflict between the terms of this Base Agreement and any exhibits or attachments hereto, or any documents incorporated herein by reference, the conflict shall be resolved in the following order of priorities and the more stringent criteria for performance of the Services shall apply: A.First Priority: This Base Agreement; B.Second Priority: E-Verify Affidavit; C.Third Priority: Exhibit “A”: the NCPA Contract; and D.Fourth Priority: Exhibit “B”: the Vendor’s Quote. [Remainder of Page Intentionally Left Blank. Signature Pages Follow.] 14 Page 6 of 6 IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be executed the day and year as first stated above. CITY OF SOUTH MIAMI By: Genaro “Chip” Iglesias City Manager Attest: By: Nkenga “Nikki” Payne, CMC, FCRM, City Clerk Approved as to Form and Legal Sufficiency: By: Weiss Serota Helfman Cole & Bierman, P.L. City Attorney Addresses for Notice: City of South Miami Attn: City Manager 6130 Sunset Drive, First Floor South Miami, FL 33143 305-668-2510 (telephone) chip@southmiamifl.gov (email) With a copy to: Weiss Serota Helfman Cole & Bierman, P.L. Attn: City of South Miami Attorney 2800 Ponce de Leon Boulevard, Suite 1200 Coral Gables, FL 33134 larango@wsh-law.com (email) COMPUQUIP TECHNOLOGIES, LLC By: Name: Title: Entity: Addresses for Notice: Compuquip Technologies, LLC Attn: Luis Suarez 9737 NW 41st Street, Suite 786 Doral, FL 33178 786-641-5437 (telephone) 786-513-4633 (email) With a copy to: (telephone) (email) 15 EXHIBIT “A” NCPA Contract 16 COMPOSITE EXHIBIT “B” Vendor’s Quotes 17 E-VERIFY AFFIDAVIT In accordance with Section 448.095, Florida Statutes, the Cityof South Miami requires all Vendors doing business with the City to register with and use the E-Verify system to verify the work authorization status of all newly hired employees. The City will not enter into a contract unless each party to the contract registers with and uses the E-Verify system. The contracting entity must provide of its proof of enrollment in E-Verify. For instructions on how to provide proof of the contracting entity’s participation/enrollment in E-Verify, please visit: https://www.e-verify.gov/faq/how-do-i-provide-proof-of-my-participationenrollment-in-e-verify By signing below, the contracting entity acknowledges that it has read Section 448.095, Florida Statutes and will comply with the E-Verify requirements imposed by it, including but not limited to obtaining E-Verify affidavits from subvendors. ☐Check here to confirm proof of enrollment in E-Verify has been attached to this Affidavit. In the presence of: Signed, sealed and delivered by: Witness #1 Print Name: Print Name: Title: Witness #2 Print Name: Entity Name: ACKNOWLEDGMENT State of Florida County of The foregoing instrument was acknowledged before me by means of ☐physical presence or ☐ online notarization, this day of , 20 , by (name of person) as (type of authority) for (name of party on behalf of whom instrument is executed). Notary Public (Print, Stamp, or Type as Commissioned) Personally known to me; or Produced identification (Type of Identification:) Did take an oath; or Did not take an oath 18 PROPOSAL SUBMITTED TO: Region 14 Education Service Center and The National Cooperative Purchasing Alliance IN RESPONSE TO: RFP# 40-22 IT Security Products and Data Protection Solutions SUBMITTED BY: FORTINET, INC. 899 Kifer Road Sunnyvale, California 94086-5205 www.fortinet.com 19 Response to RFP# 40-22 FOREWORD Fortinet, Inc. is pleased to respond to this Request for Proposal (RFP) for IT Security Products and Data Protection Solutions issued by the Texas Region 14 Education Service Center (ESC) on behalf of the National Cooperative Purchasing Alliance (NCPA). Fortinet is one of the world’s top cybersecurity brands, delivering broad, integrated, and automated protection to enable organizations to securely accelerate their digital journey. We rank number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses. For over 20 years, Fortinet’s mission has been to secure people, devices, and data. Fortinet has been the driving force in the evolution of cybersecurity and the convergence of networking and security. Fortinet’s network security solutions are the most deployed, most patented, and among the most validated in the industry. Fortinet secures the largest enterprises, service providers, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. We appreciate the opportunity to submit this response and in the event we are awarded a contract, we look forward to working with the Region 14 ESC and NCPA. In keeping with the RFP instructions, our proposal consists of the following information: Tabs Tab 1 – Master Agreement / Signature Form Tab 2 – NCPA Administration Agreement Tab 3 – Vendor Questionnaire Tab 4 – Vendor Profile Tab 5 – Products and Services / Scope Tab 6 – References Tab 7 – Pricing Tab 8 – Value Added Products and Services Tab 9 – Required Documents Should you have any questions about our proposal, please do not hesitate to contact me. Best regards, Jerilyn Bailey Public Sector Contracts Manager Phone: (850) 728-6504 | Email: baileyj@fortinet.com 20 TAB 1 MASTER AGREEMENT - GENERAL TERMS AND CONDITIONS Customer Support The vendor shall provide timely and accurate technical advice and sales support. The vendor shall respond to such requests within one (1) working day after receipt of the request. Disclosures Respondent affirms that he/she has not given, offered to give, nor intends to give at any time hereafter any economic opportunity, future employment, gift, loan, gratuity, special discount, trip, favor or service to a public servant in connection with this contract. The respondent affirms that, to the best of his/her knowledge, the offer has been arrived at independently, and is submitted without collusion with anyone to obtain information or gain any favoritism that would in any way limit competition or give an unfair advantage over other vendors in the award of this contract. Renewal of Contract Unless otherwise stated, all contracts are for a period of three (3) years with an option to renew for up to two (2) additional one-year terms or any combination of time equally not more than 2 years if agreed to by Region 14 ESC and the vendor. Funding Out Clause Any/all contracts exceeding one (1) year shall include a standard “funding out” clause. A contract for the acquisition, including lease, of real or personal property is a commitment of the entity’s current revenue only, provided the contract contains either or both of the following provisions: Retains to the entity the continuing right to terminate the contract at the expiration of each budget period during the term of the contract and is conditioned on a best efforts attempt by the entity to obtain appropriate funds for payment of the contract. Shipments (if applicable) The awarded vendor shall ship ordered products within seven (7) working days for goods available and within four (4) to six (6) weeks for specialty items after the receipt of the order unless modified. If a product cannot be shipped within that time, the awarded vendor shall notify the entity placing the order as to why the product has not shipped and shall provide an estimated shipping date. At this point the participating entity may cancel the order if estimated shipping time is not acceptable. Tax Exempt Status Since this is a national contract, knowing the tax laws in each state is the sole responsibility of the vendor. 21 Payments The entity using the contract will make payments directly to the awarded vendor or their affiliates (distributors/business partners/resellers) as long as written request and approval by NCPA is provided to the awarded vendor. Adding Authorized Distributors/Dealers Awarded vendors may submit a list of distributors/partners/resellers to sell under their contract throughout the life of the contract. Vendor must receive written approval from NCPA before such distributors/partners/resellers considered authorized. Purchase orders and payment can only be made to awarded vendor or distributors/ business partners/resellers previously approved by NCPA. Pricing provided to members by added distributors or dealers must also be less than or equal to the pricing offered by the awarded contract holder. All distributors/partners/resellers are required to abide by the Terms and Conditions of the vendor's agreement with NCPA. Pricing All pricing submitted shall include the administrative fee to be remitted to NCPA by the awarded vendor. It is the awarded vendor’s responsibility to keep all pricing up to date and on file with NCPA. All deliveries shall be freight prepaid, F.O.B. destination and shall be included in all pricing offered unless otherwise clearly stated in writing Warranty Proposal should address the following warranty information: • Applicable warranty and/or guarantees of equipment and installations including any conditions and response time for repair and/or replacement of any components during the warranty period. • Availability of replacement parts • Life expectancy of equipment under normal use • Detailed information as to proposed return policy on all equipment Products: Vendor shall provide equipment, materials and products that are new unless otherwise specified, of good quality and free of defects Construction: Vendor shall perform services in a good and workmanlike manner and in accordance with industry standards for the service provided. Safety Vendors performing services shall comply with occupational safety and health rules and regulations. Also all vendors and subcontractors shall be held responsible for the safety of their employees and any conditions that may cause injury or damage to persons or property. 22 Permits Since this is a national contract, knowing the permit laws in each state is the sole responsibility of the vendor. Indemnity The awarded vendor shall protect, indemnify, and hold harmless Region 14 ESC and its participants, administrators, employees and agents against all claims, damages, losses and expenses arising out of or resulting from the actions of the vendor, vendor employees or vendor subcontractors in the preparation of the solicitation and the later execution of the contract. Franchise Tax The respondent hereby certifies that he/she is not currently delinquent in the payment of any franchise taxes. Supplemental Agreements The entity participating in this contract and awarded vendor may enter into a separate supplemental agreement to further define the level of service requirements over and above the minimum defined in this contract i.e. invoice requirements, ordering requirements, specialized delivery, etc. Any supplemental agreement developed as a result of this contract is exclusively between the participating entity and awarded vendor. Certificates of Insurance Certificates of insurance shall be delivered to the Public Agency prior to commencement of work. The insurance company shall be licensed in the applicable state in which work is being conducted. The awarded vendor shall give the participating entity a minimum of ten (10) days notice prior to any modifications or cancellation of policies. The awarded vendor shall require all subcontractors performing any work to maintain coverage as specified. Legal Obligations It is the Respondent’s responsibility to be aware of and comply with all local, state, and federal laws governing the sale of products/services identified in this RFP and any awarded contract and shall comply with all while fulfilling the RFP. Applicable laws and regulation must be followed even if not specifically identified herein. Protest A protest of an award or proposed award must be filed in writing within ten (10) days from the date of the official award notification and must be received by 5:00 pm CST. Protests shall be filed with Region 14 ESC and shall include the following: • Name, address and telephone number of protester • Original signature of protester or its representative • Identification of the solicitation by RFP number • Detailed statement of legal and factual grounds including copies of relevant documents and the form of relief requested 23 Any protest review and action shall be considered final with no further formalities being considered. Force Majeure If by reason of Force Majeure, either party hereto shall be rendered unable wholly or in part to carry out its obligations under this Agreement then such party shall give notice and full particulars of Force Majeure in writing to the other party within a reasonable time after occurrence of the event or cause relied upon, and the obligation of the party giving such notice, so far as it is affected by such Force Majeure, shall be suspended during the continuance of the inability then claimed, except as hereinafter provided, but for no longer period, and such party shall endeavor to remove or overcome such inability with all reasonable dispatch. The term Force Majeure as employed herein, shall mean acts of God, strikes, lockouts, or other industrial disturbances, act of public enemy, orders and regulation of any kind of government of the United States or any civil or military authority; insurrections; riots; epidemics; pandemic; landslides; lighting; earthquake; fires; hurricanes; storms; floods; washouts; droughts; arrests; restraint of government and people; civil disturbances; explosions, breakage or accidents to machinery, pipelines or canals, or other causes not reasonably within the control of the party claiming such inability. It is understood and agreed that the settlement of strikes and lockouts shall be entirely within the discretion of the party having the difficulty, and that the above requirement that any Force Majeure shall be remedied with all reasonable dispatch shall not require the settlement of strikes and lockouts by acceding to the demands of the opposing party or parties when such settlement is unfavorable in the judgment of the party having the difficulty Prevailing Wage It shall be the responsibility of the Vendor to comply, when applicable, with the prevailing wage legislation in effect in the jurisdiction of the purchaser. It shall further be the responsibility of the Vendor to monitor the prevailing wage rates as established by the appropriate department of labor for any increase in rates during the term of this contract and adjust wage rates accordingly. Termination Either party may cancel this contract in whole or in part by providing written notice. The cancellation will take effect 30 business days after the other party receives the notice of cancellation. After the 30th business day all work will cease following completion of final purchase order. Open Records Policy Because Region 14 ESC is a governmental entity responses submitted are subject to release as public information after contracts are executed. If a vendor believes that its response, or parts of its response, may be exempted from disclosure, the vendor must specify page-by-page and line-by-line the parts of the response, which it believes, are exempt. In addition, the respondent must specify which exception(s) are applicable and provide detailed reasons to substantiate the exception(s). The determination of whether information is confidential and not subject to disclosure is the duty of the Office of Attorney General (OAG). Region 14 ESC must provide the OAG sufficient 24 information to render an opinion and therefore, vague and general claims to confidentiality by the respondent are not acceptable. Region 14 ESC must comply with the opinions of the OAG. Region14 ESC assumes no responsibility for asserting legal arguments on behalf of any vendor. Respondent are advised to consult with their legal counsel concerning disclosure issues resulting from this procurement process and to take precautions to safeguard trade secrets and other proprietary information. 25 PROCESS Region 14 ESC will evaluate proposals in accordance with, and subject to, the relevant statutes, ordinances, rules, and regulations that govern its procurement practices. NCPA will assist Region 14 ESC in evaluating proposals. Award(s) will be made to the prospective vendor whose response is determined to be the most advantageous to Region 14 ESC, NCPA, and its participating agencies. To qualify for evaluation, response must have been submitted on time, and satisfy all mandatory requirements identified in this document. Contract Administration The contract will be administered by Region 14 ESC. The National Program will be administered by NCPA on behalf of Region 14 ESC. Contract Term The contract term will be for three (3) year starting from the date of the award. The contract may be renewed for up to two (2) additional one-year terms or any combination of time equally not more than 2 years. It should be noted that maintenance/service agreements may be issued for up to (5) years under this contract even if the contract only lasts for the initial term of the contract. NCPA will monitor any maintenance agreements for the term of the agreement provided they are signed prior to the termination or expiration of this contract. Contract Waiver Any waiver of any provision of this contract shall be in writing and shall be signed by the duly authorized agent of Region 14 ESC. The waiver by either party of any term or condition of this contract shall not be deemed to constitute waiver thereof nor a waiver of any further or additional right that such party may hold under this contract. Price Increases Should it become necessary, price increase requests may be submitted at any point during the term of the contract by written amendment. Included with the request must be documentation and/or formal cost justification for these changes. Requests will be formally reviewed, and if justified, the amendment will be approved. Products and Services Additions New Products and/or Services may be added to the resulting contract at any time during the term by written amendment, to the extent that those products and/or services are within the scope of this RFP. Competitive Range It may be necessary for Region 14 ESC to establish a competitive range. Responses not in the competitive range are unacceptable and do not receive further award consideration. 26 Deviations and Exceptions Deviations or exceptions stipulated in response may result in disqualification. It is the intent of Region 14 ESC to award a vendor’s complete line of products and/or services, when possible. Estimated Quantities While no minimum volume is guaranteed, the estimated (but not limited to) annual volume for Products and Services purchased under the proposed Master Agreement is $50 million dollars annually. This estimate is based on the anticipated volume of Region 14 ESC and current sales within the NCPA program. Evaluation Region 14 ESC will review and evaluate all responses in accordance with, and subject to, the relevant statutes, ordinances, rules and regulations that govern its procurement practices. NCPA will assist the lead agency in evaluating proposals. Recommendations for contract awards will be based on multiple factors, each factor being assigned a point value based on its importance. Formation of Contract A response to this solicitation is an offer to contract with Region 14 ESC based upon the terms, conditions, scope of work, and specifications contained in this request. A solicitation does not become a contract until it is accepted by Region 14 ESC. The prospective vendor must submit a signed Signature Form with the response thus, eliminating the need for a formal signing process. Contract award letter issued by Region 14 ESC is the counter-signature document establishing acceptance of the contract. NCPA Administrative Agreement The vendor will be required to enter and execute the National Cooperative Purchasing Alliance Administration Agreement with NCPA upon award with Region 14 ESC. The agreement establishes the requirements of the vendor with respect to a nationwide contract effort. Clarifications/Discussions Region 14 ESC may request additional information or clarification from any of the respondents after review of the proposals received for the sole purpose of elimination minor irregularities, informalities, or apparent clerical mistakes in the proposal. Clarification does not give respondent an opportunity to revise or modify its proposal, except to the extent that correction of apparent clerical mistakes results in a revision. After the initial receipt of proposals, Region 14 ESC reserves the right to conduct discussions with those respondent’s whose proposals are determined to be reasonably susceptible of being selected for award. Discussions occur when oral or written communications between Region 14 ESC and respondent’s are conducted for the purpose clarifications involving information essential for determining the acceptability of a proposal or that provides respondent an opportunity to revise or modify its proposal. Region 14 ESC will not assist respondent bring its proposal up to the level of other proposals through discussions. Region 14 ESC will not indicate to respondent a cost or price that it must meet to neither obtain further consideration nor will it provide any information about other respondents’ proposals or prices. 27 Multiple Awards Multiple Contracts may be awarded as a result of the solicitation. Multiple Awards will ensure that any ensuing contracts fulfill current and future requirements of the diverse and large number of participating public agencies. Past Performance Past performance is relevant information regarding a vendor’s actions under previously awarded contracts; including the administrative aspects of performance; the vendor’s history of reasonable and cooperative behavior and commitment to customer satisfaction; and generally, the vendor’s businesslike concern for the interests of the customer. 28 EVALUATION CRITERIA Pricing (40 points) Electronic Price Lists • Products, Services, Warranties, etc. price list • Prices listed will be used to establish both the extent of a vendor’s product lines, services, warranties, etc. available from a particular bidder and the pricing per item. Ability to Provide and Perform the Required Services for the Contract (25 points) • Product Delivery within participating entities specified parameters • Number of line items delivered complete within the normal delivery time as a percentage of line items ordered. • Vendor’s ability to perform towards above requirements and desired specifications. • Past Cooperative Program Performance • Quantity of line items available that are commonly purchased by the entity. • Quality of line items available compared to normal participating entity standards. References and Experience (20 points) • A minimum of ten (10) customer references for product and/or services of similar scope dating within past 3 years • Respondent Reputation in marketplace • Past Experience working with public sector. • Exhibited understanding of cooperative purchasing Value Added Products/Services Description, (8 points) • Additional Products/Services related to the scope of RFP • Marketing and Training • Minority and Women Business Enterprise (MWBE) and (HUB) Participation • Customer Service Technology for Supporting the Program (7 points) • Electronic on-line catalog, order entry use by and suitability for the entity’s needs • Quality of vendor’s on-line resources for NCPA members. • Specifications and features offered by respondent’s products and/or services 29 SIGNATURE FORM The undersigned hereby proposes and agrees to furnish goods and/or services in strict compliance with the terms, specifications and conditions at the prices proposed within response unless noted in writing. The undersigned further certifies that he/she is an officer of the company and has authority to negotiate and bind the company named below and has not prepared this bid in collusion with any other Respondent and that the contents of this proposal as to prices, terms or conditions of said bid have not been communicated by the undersigned nor by any employee or agent to any person engaged in this type of business prior to the official opening of this proposal. Prices are guaranteed: 120 days ____________________________________________________________________________ Company Name ____________________________________________________________________________ Address ____________________________________________________________________________ City State Zip ___________________________________ ___________________________________ Telephone Number Fax Number ____________________________________________________________________________ Email Address ___________________________________ ___________________________________ Printed Name Position ____________________________________________________________________________ Authorized Signature Fortinet, Inc. 899 Kifer Road Sunnyvale California 94086 (850) 728-6504 N/A baileyj@fortinet.com Jerilyn Bailey Public Sector Contracts Manager TAB 1 30 TAB 2 NCPA ADMINISTRATION AGREEMENT This Administration Agreement is made as of _________________________________, by and between National Cooperative Purchasing Alliance (“NCPA”) and ____________________________________ (“Vendor”). Recitals WHEREAS, Region 14 ESC has entered into a certain Master Agreement dated _______________________, referenced as Contract Number _______________________, by and between Region 14 ESC and Vendor, as may be amended from time to time in accordance with the terms thereof (the “Master Agreement”), for the purchase of IT Security Products and Data Protection Solutions; WHEREAS, said Master Agreement provides that any state, city, special district, local government, school district, private K-12 school, technical or vocational school, higher education institution, other government agency or nonprofit organization (hereinafter referred to as “public agency” or collectively, “public agencies”) may purchase products and services at the prices indicated in the Master Agreement; WHEREAS, NCPA has the administrative and legal capacity to administer purchases under the Master Agreement to public agencies; WHEREAS, NCPA serves as the administrative agent for Region 14 ESC in connection with other master agreements offered by NCPA WHEREAS, Region 14 ESC desires NCPA to proceed with administration of the Master Agreement; WHEREAS, NCPA and Vendor desire to enter into this Agreement to make available the Master Agreement to public agencies on a national basis; NOW, THEREFORE, in consideration of the payments to be made hereunder and the mutual covenants contained in this Agreement, NCPA and Vendor hereby agree as follows: General Terms and Conditions •The Master Agreement, attached hereto as Exhibit 1 and incorporated herein by reference as though fully set forth herein, and the terms and conditions contained therein shall apply to this Administration Agreement except as expressly changed or modified by this Administration Agreement. •NCPA shall be afforded all of the rights, privileges and indemnifications afforded to Region 14 ESC under the Master Agreement, and such rights, privileges and indemnifications shall accrue and apply with equal effect to NCPA under this Administration Agreement including, but not limited to, Contractor’s obligation to provide appropriate insurance and certain indemnifications to Region 14 ESC. Fortinet, Inc. December 1, 2022 December 1, 2022 01-154 31 •Contractor shall perform all duties, responsibilities and obligations required under the Master Agreement in the time and manner specified by the Master Agreement. •NCPA shall perform all of its duties, responsibilities, and obligations as administrator of purchases under the Master Agreement as set forth herein, and Contractor acknowledges that NCPA shall act in the capacity of administrator of purchases under the Master Agreement. •With respect to any purchases made by Region 14 ESC or any Participating Agency pursuant to the Master Agreement, NCPA (a) shall not be construed as a dealer, re- marketer, representative, partner, or agent of any type of Contractor, Region 14 ESC, or such Participating Agency, (b) shall not be obligated, liable or responsible (i) for any orders made by Region 14 ESC, any Participating Agency or any employee of Region 14 ESC or Participating Agency under the Master Agreement, or (ii) for any payments required to be made with respect to such order, and (c) shall not be obligated, liable or responsible for any failure by the Participating Agency to (i) comply with procedures or requirements of applicable law, or (ii) obtain the due authorization and approval necessary to purchase under the Master Agreement. NCPA makes no representations or guaranties with respect to any minimum purchases required to be made by Region 14 ESC, any Participating Agency, or any employee of Region 14 ESC or Participating Agency under this Administration Agreement or the Master Agreement. •With respect to any supplemental agreement entered into between a Participating Agency and Contractor pursuant to the Master Agreement, NCPA, its agents, members and employees shall not be made party to any claim for breach of such agreement. •This Administration Agreement supersedes any and all other agreements, either oral or in writing, between the parties hereto with respect to the subject matter hereof, and no other agreement, statement, or promise relating to the subject matter of this Administrative Agreement which is not contained herein shall be valid or binding. •Contractor agrees to allow NCPA to use their name and logo within website, marketing materials and advertisement. Any use of NCPA name and logo or any form of publicity regarding this Administration Agreement or the Master Agreement by Contractor must have prior approval from NCPA. •If any action at law or in equity is brought to enforce or interpret the provisions of this Administration Agreement or to recover any administrative fee and accrued interest, the prevailing party shall be entitled to reasonable attorney’s fees and costs in addition to any other relief to which such party may be entitled. •Neither this Administration Agreement nor any rights or obligations hereunder shall be assignable by Contractor without prior written consent of NCPA, provided, however, that the Contractor may, without such written consent, assign this Administration Agreement and its rights and delegate its obligations hereunder in connection with the transfer or sale of all or substantially all of its assets or business related to this Administration Agreement, or in the event of its merger, consolidation, change in control or similar transaction. Any permitted assignee shall assume all assigned obligations of its assignor under this Administration Agreement. •This Administration Agreement and NCPA’s rights and obligations hereunder may be assigned at NCPA’s sole discretion, to an existing or newly established legal entity that has the authority and capacity to perform NCPA’s obligations hereunder. Term of Agreement This Agreement shall be in effect so long as the Master Agreement remains in effect, provided, however, that the obligation to pay all amounts owed by Vendor to NCPA through the 32 termination of this Agreement and all indemnifications afforded by Vendor to NCPA shall survive the term of this Agreement. Fees and Reporting The awarded vendor shall electronically provide NCPA with a detailed quarterly report showing the dollar volume of all sales under the contract for the previous quarter. Reports are due on the fifteenth (15th) day after the close of the previous quarter. It is the responsibility of the awarded vendor to collect and compile all sales under the contract from participating members and submit one (1) report. The report shall include at least the following information as listed in the example below: Entity Name Zip Code State PO or Job # Sale Amount Total ____________ Each quarter NCPA will invoice the vendor based on the total of sale amount(s) reported. From the invoice the vendor shall pay to NCPA an administrative fee based upon the tiered fee schedule below. Vendor’s annual sales shall be measured on a calendar year basis. Deadline for term of payment will be included in the invoice NCPA provides. Annual Sales Through Contract Administrative Fee 0 - $30,000,000 2% $30,000,001 - $50,000,000 1.5% $50,000,001+ 1% Supplier shall maintain an accounting of all purchases made by Public Agencies under the Master Agreement. NCPA and Region 14 ESC reserve the right to audit the accounting for a period of four (4) years from the date NCPA receives the accounting. In the event of such an audit, the requested materials shall be provided at the location designated by Region 14 ESC or NCPA. In the event such audit reveals an under reporting of Contract Sales and a resulting underpayment of administrative fees, Vendor shall promptly pay NCPA the amount of such underpayment, together with interest on such amount and shall be obligated to reimburse NCPA’s costs and expenses for such audit. 33 &0#2#!#!! A!#" *********************************** Fc;5B=k5e=CB *********************************** (5A9 *********************************** .=e@9 *********************************** 88c9dd *********************************** 88c9dd *********************************** -=;B5efc9 *********************************** 5e9 *********************************** 09B8Cc(5A9 *********************************** (5A9 *********************************** .=e@9 *********************************** 88c9dd *********************************** 88c9dd *********************************** -=;B5efc9 *********************************** 5e9 (5e=CB5@CCa9c5e=g9*fc7<5d=B;@@=5B79)RrWLQeW, ,Qc .LIer 5RDG 6XQQ\YDOe, CA 40 -RKQ :KLWWOe (9P RI CRrSRrDWe DeYeORSmeQW, CKLeI /eJDO 2IILcer Matthew Mackel Director, Business Development PO Box 701273 Houston, TX 77270 December 1, 2022 34 TAB 3 VENDOR QUESTIONAIRE Please provide responses to the following questions that address your company’s operations, organization, structure, and processes for providing products and services. Locations Covered •Bidder must indicate any and all locations where products and services can be offered. •Please indicate the price co-efficient for each location if it varies. All 50 States & District of Columbia (Selecting this box is equal to checking all boxes below) Alabama Illinois Montana Rhode Island Alaska Indiana Nebraska South Carolina Arizona Iowa Nevada South Dakota Arkansas Kansas New Hampshire Tennessee California Massachusetts New Jersey Texas Colorado Michigan New Mexico Utah Connecticut Minnesota New York Vermont Delaware Mississippi North Carolina Virginia D.C. Missouri North Dakota Washington Florida Kentucky Ohio West Virginia Georgia Louisiana Oklahoma Wisconsin Hawaii Maine Oregon Wyoming Idaho Maryland Pennsylvania All U.S. Territories and Outlying Areas (Selecting this box is equal to checking all boxes below) American Somoa Northern Marina Island Federated States of Micrones Puerto Rico Guam U.S. Virgin Islands Midway Islands X X 35 All Canada Provinces and Territories (Selecting this box is equal to checking all boxes below) Alberta Prince Edward Island British Columbia Quebec Manitoba Saskatchewan New Brunswick Northwest Territories Newfoundland and Labrador Nunavut Nova Scotia Yukon Ontario If awarded a Master Agreement, will your company extend the terms offered in your Proposal to public agencies in Canada? If no or maybe, please explain. Yes Maybe No If awarded a Master Agreement, will your company extend the terms offered in your Proposal to private sector customers? Yes Maybe No Minority and Women Business Enterprise (MWBE) and (HUB) Participation It is the policy of some entities participating in NCPA to involve minority and women business enterprises (MWBE) and historically underutilized businesses (HUB) in the purchase of goods and services. Respondents shall indicate below whether or not they are an M/WBE or HUB certified. Minority/Women Business Enterprise Historically Underutilized Business Respondent Certifies that this firm Respondent Certifies that this firm is a a Minority / Women Business Enterprise Historically Underutilized Business Small Business, MWBE and HUB Growth If Proposer is a Large, National or Multinational Organization/Corporation, what programs are in place that partners or supports the growth of small and MWEB and HUB business? If yes, please describe. N/A, we are a recognized small, MWEB or HUB organization No, we do not have any programs in place. Yes, we have programs in place. X X X x 36 Residency Responding Company’s principal place of business is in the city of ______________________, State of _________________. Felony Conviction Notice Please Check Applicable Box (If the 3rd box is checked, a detailed explanation of the names and convictions must be attached): A publicly held corporation; therefore, this reporting requirement is not applicable. Is not owned or operated by anyone who has been convicted of a felony. Is owned or operated by the following individual(s) who has/have been convicted of a felony Distribution Channel Which best describes your company’s position in the distribution channel: Manufacturer Direct Certified education/government reseller Authorized Distributor Manufacturer marketing through reseller Value-added reseller Other: ______________________________________ Processing Contact Information Contact Person __________________________________________________________ Title __________________________________________________________ Company __________________________________________________________ Address __________________________________________________________ City/State/Zip __________________________________________________________ Phone __________________________________________________________ Email __________________________________________________________ Pricing Information In addition to the current typical unit pricing furnished herein, the Vendor agrees to offer all future product introductions at prices that are proportionate to Contract Pricing. If answer is no, attach a statement detailing how pricing for NCPA participants would be calculated for future product introductions. Yes No Sunnyvale California X X Jerilyn Bailey Public Sector Contracts Manager Fortinet, Inc. 899 Kifer Road Sunnyvale, CA 94086 (850) 728-6504 baileyj@fortint.com X 37 Pricing submitted includes the required NCPA administrative fee. The NCPA fee is calculated based on the invoice price to the customer. Yes No X 38 Response to RFP# 40-22 TAB 4 VENDOR PROFILE Please provide the following information about your company: • Company’s official registered name. Our company’s official registered name is Fortinet, Inc. • Brief history of your company, including the year it was established. Fortinet, headquartered in Sunnyvale, California, is a profitable and rapidly growing US company whose core competencies are cyber threat research; cybersecurity product research and development; and the design, implementation and support of integrated cybersecurity solutions based on our extensive portfolio of proprietary products. Fortinet was founded in 2000 by Ken Xie and is led by a strong management team with deep experience in networking and security. Fortinet is the only security leader to develop and build custom security processing unit (SPU) technology that offers the best performance and value in the industry with Security Compute Ratings that are much higher than other vendors that offer software-oriented or CPU-driven approaches. Each day the Fortinet FortiGuard Labs use one of the most effective and proven artificial intelligence (AI) and machine learning systems in the industry to process and analyze more than 100 billion events daily, and send actionable real-time threat intelligence to customers. The Fortinet Security Fabric (Attachment 1) is at the heart of the Fortinet security strategy that delivers security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. It is a platform organically built around a common operating system and management framework to enable broad visibility, seamless integration and interoperability between critical security elements, and granular control and automation. Fortinet has its products tested by the industry’s most prominent and impartial third party performance and effectiveness testing organizations and our products have achieved consistent positive test results! Fortinet is commitment to cybersecurity innovation and excellence and Fortinet has been recognized as a LEADER three years in a row on four Gartner® Magic Quadrant™ reports. The Fortinet market position and solution effectiveness have been widely validated by industry analysts, independent testing labs, business organizations, and media outlets worldwide. Fortinet is proud to count the majority of Fortune 500 companies among its satisfied customers. See Fortinet’s Corporate Brochure (Attachment 2) for additional information. 39 Response to RFP# 40-22 • Company’s Dun & Bradstreet (D&B) number. Our D&B Number is 040806445. • Company’s organizational chart of those individuals that would be involved in the contract. • Corporate office location. o List the number of sales and services offices for states being bid in solicitation. If awarded a contract in response to this RFP, Fortinet’s entire line of products and services will be available to NCPA customers in all 50 states, the District of Columbia, and in US territories. Fortinet sells its products and services through its established distribution channel that includes US-based distributors and resellers across the country. Fortinet provides pre-sales guidance and account management to our customers, distributors, and resellers through strategically placed district sales teams. SALES OFFICES COVERAGE North Central District ND, SD, NE, MN, IA, WI, IL Ohio Valley District MI, IN, OH, KY New England District Upstate NY, VT, NH, ME, MA, CT, RI Northeast District PA, NJ, NYC, DE Mid-Atlantic District WV, VA, TN, NC, SC Florida/ Georgia District FL, GA South Central District KS, MO, OK, AR, LA, MS, AL Texas District TX California District CA West District WA, OR, MT, ID, WY, NV, UT, CO, AZ, NM Great Lakes District WI, IL Fortinet supports its products and services through the following Regional Technical Assistance Centers and Supply Depots: OFFICES LOCATIONS Regional Technical Assistance Centers* Plano, Texas Ottawa, Ontario ON Canada Burnaby, BC Canada Supply Depots Fortinet maintains 35 hardware storage facilities worldwide and 200 regional equipment depots. 40 Response to RFP# 40-22 * Fortinet uses a follow-the-sun model for technical assistance. Support will therefore be provided to NCPA customers from these North American centers during regular business hours and will roll over to TACs in other regions after hours (except in the case of contracts/purchase orders that require support from US TACs only). o List the names of key contacts at each with title, address, phone and e-mail address. Responsibility Name and Contact Information RFP Response Jerilyn Bailey Public Sector Contracts Manager baileyj@fortinet.com Contract Management and Reporting Amy Lee Public Sector Contracts Manager leea@fortinet.com Contract Administration Fortinet SLED Contracts Team SLED_Contracts@fortinet.com • Define your standard terms of payment. If awarded a contract in response to this RFP, customers will make payments directly to the Fortinet-approved distributor or reseller with whom the order was placed. Payment terms are net thirty (30) days from the date of the invoice. Late fees may be charged on all amounts not paid when due at the rate of one and one half percent (1.5%) per month or the highest rate permitted by law, whichever is lower. • Who is your competition in the marketplace? The table below provides information on our competitors per segment within the market: Market Segment Competitors Enterprise Firewalls Definition: Purpose -built appliances for securing enterprise networks. Able to support single- enterprise firewall deployments and large and/or complex deployments. The ability to provide virtual versions for the data center is now an expectation as is the ability to deploy in cloud environments. • Palo Alto • Check Point Unified Threat Management Devices Definition: Multifunctional network security products designed for small to medium-size organizations (100 to 1,000 employees). Typical capabilities provided include enterprise firewall, intrusion prevention, remote access, secure web/email gateway, routing and wan connectivity. • Check Point • Sophos Next-Generation Firewall Definition. Deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and to bring in intelligence from outside the firewall. • Barracuda • Checkpoint • Cisco • Forcepoint • Palo Alto • Sophos • SonicWall • WatchGuard Data Center Security Gateway (DCSG) Definition. DCSGs protects data center servers and the applications that run on them (i.e., web servers, mail servers, DNS servers, application servers, etc.) from potential threats. They converge data center firewall and data center intrusion prevention system technologies and perform access control and deep packet inspection to protect server applications from remote attacks. • Juniper • Palo Alto • Cisco 41 Response to RFP# 40-22 Data Center Intrusion Protection Systems (DCIPS) Definition. Data center network security devices are deployed to protect servers and applications hosted in the data center. Data center intrusion prevention systems (DCIPS) are deployed at critical points in the network. Their role is to identify and block sophisticated threats against web servers, application servers, and database servers without false positives or degradation of network performance. • Juniper • McAfee • Trend Micro Breach Detection (or Advanced Threat Protection) Definition. These products provide enhanced detection of advanced malware, zero-day attacks, and targeted attacks that could bypass defenses such as next generation firewalls, intrusion prevention systems, intrusion detection systems, antivirus/endpoint protection (including host IPS), and secure web gateways. • Trend Micro • Lastline • Check Point Web Application Firewalls Definition: Physical or virtual appliance to protect public and internal web applications, whether deployed on premise or remotely hosted. Should protect against a variety of attacks including injection attacks and application-layer denial of service (DoS). • F5 • Imperva • Akamai Wired and Wireless LAN Access Infrastructure Definition: This market segment consists of vendors supplying wired and wireless networking hardware and software that enables devices to connect to the enterprise wired LAN or Wi-Fi network. • Riverbed • Dell EMC • Juniper • New H3C Advanced Endpoint Protection (AEP) Definition: AEP products protect endpoints from a multitude of attack threat vectors targeting a very dynamic enterprise class endpoint attack surface. They should also be resistant to evasion techniques and provide low false positive results. • Sentinel One • McAfee • Symantec • Cylance • Trend Micro • ESET • Provide Annual Sales for last 3 years broken out into the following categories: o Cities / Counties o K-12 o Higher Education o Other government agencies or nonprofit organizations • Provide the revenue that your organization anticipates each year for the first three (3) years of this agreement. 42 Response to RFP# 40-22 • What differentiates your company from competitors? Fortinet offers the most cost effective networking and cyber security solutions in the market providing the best total cost per protected megabit of traffic as tested by independent sources such as NSS labs. Recognized as a leader by technology research firm Garter, Fortinet lowers total cost of ownership by integrating cyber security into all of our products and simplifying administration through near single-pane of glass management. With the added benefit of our integrated FortiGuard Services, Fortinet provides near real-time effectiveness to cyber threats by ensuring that all threats known and unknown can be identified and mitigated as close to the source and as quickly as possible. In summary, Fortinet products protect your entire digital attack surface more effectively, at lower total cost and can be managed more efficiently than any other product on the market today. • Describe how your company will market this contract if awarded. Fortinet provides marketing on its products and services throughout the sales lifecycle. Fortinet’s marketing strategy is geared towards nurturing our relationships with our customers to grow business, lock in brand loyalty, and foster customer advocacy for our solutions. Fortinet has created marketing materials specifically geared toward public sector customers and intends to market the NCPA contract in a multitude of ways to reach our intended audience. Each of these avenues will promote awareness of the NCPA contract and highlight our products and services. Fortinet understands the importance of marketing NCPA contracts to public sector customers and during the life of the contract Fortinet’s marketing plan will include the following: Website advertisement and social media awareness campaigns. General media exposure in various digital and print publications. Sales team trainings to inform them of the contract and teach them how to promote the contract to our customers. Customer outreach activities from our sales team, within their respective areas of operation or vertical focus, to get our current customers acquainted with the NCPA contract. Conference calls and webinars to inform and educate potential new customers on the value proposition of the NCPA contract. Participation in advisory councils, sponsored regional events, and attendance at annual public sector tradeshows to promote NCPA contract awareness. Fortinet will also provide support on marketing efforts executed by our authorized resellers. While each reseller will operate their own marketing program, Fortinet will assist its authorized resellers by providing in depth information on its products and will also outline the value proposition of the NCPA contract. • Describe how you intend to introduce NCPA to your company. Fortinet understands that effective communication to our sales team regarding the awarded NCPA contract is crucial to our success as a NCPA contract holder. Our SLED Contracts Team will take the lead on introducing the NCPA contract to Fortinet Sales Account Managers responsible for sales to the SLED market. This team will also introduce the contract to Channel Managers responsible for recruiting and supporting resellers who serve this market. 43 Response to RFP# 40-22 Upon contract award, our SLED Contracts Team will utilize the following methods to introduce NCPA to our company: • Group Conference Calls • Training Webinars • Training Materials • Ongoing Contract Use Monitoring • Ongoing Contract Promotion • Describe your firm’s capabilities and functionality of your on-line catalog / ordering website. Since Fortinet uses a channel model for sales, we do not have, nor do we intend to implement, an ordering website for the NCPA contract. What we do provide is our website (www.fortinet.com) that SLED customers can use to find detailed information on our products and services and to access technical support. In addition, we have a contracts site (www.fortinet.com/resources/sled- contracts-grants) within our website that will have a dedicated page for the NCPA contract that will provide information on how to use our NCPA contract and assists customers to connect with qualified and capable authorized resellers who serve their geographic market. • Describe your company’s Customer Service Department (hours of operation, number of service centers, etc.) To provide effective support to a customer base that spans the globe, Fortinet has made it a priority to build a best-in class global infrastructure for technical assistance and warranty/maintenance support. This infrastructure features three global Centers of Expertise (COE) supplemented by regional Technical Assistance Centers (TACs). It also includes 35 hardware storage facilities worldwide and 200 regional depots. This infrastructure provides the foundation for FortiCare Services (Attachment 3), the program through which we will provide support for products covered by warranty and, thereafter, maintenance support for products covered by a FortiCare maintenance plan. • Green Initiatives (if applicable) o As our business grows, we want to make sure we minimize our impact on the Earth’s climate. We are taking every step we can to implement innovative and responsible environmental practices throughout NCPA to reduce our carbon footprint, reduce waste, energy conservation, ensure efficient computing and much more. To that effort we ask respondents to provide their companies environmental policy and/or green initiative. Fortinet is focused on reducing the environmental footprint of our customers by innovating highly efficient, integrated appliances and cloud-based security solutions. Product Design & Life Cycle Management: When it comes to our products, environmental sustainability is a top priority at the design stage and throughout the entire product lifecycle. This includes product energy use and efficiency, the safety of material inputs required for proper product operations (e.g., chemicals, water), ease of reuse and recycling, and proper disposal at the end of life. All of our products comply with all globally recognized product environmental compliance directives and regulations. We are also working to eliminate PVC from Product Packaging. 44 Response to RFP# 40-22 Regarding compliance with the WEEE directive, Fortinet requires its distributors and resellers worldwide to perform an environmentally friendly, WEEE-compliant collection of discarded products at no charge to the user. Energy Management: Years of dedicated innovation and the development of the industry's only security-focused processors have allowed Fortinet to integrate multiple security and networking functions into a single, energy-efficient platform. This has resulted in appliances that use less power, space, and cooling. In addition, Fortinet's family of proprietary secure processor units (SPUs) are built for power and efficiency. As a result, Fortinet produces the most energy-efficient appliances in the industry, helping our customers and partners reduce their environmental footprint. These advanced security solutions consume as much as 3X fewer resources than traditional appliances, helping lower the ecological impact of data centers, which consume around 2% of all energy worldwide. Climate Change and Environmental Management: Fortinet takes its responsibility to the environment seriously. We have pledged to reduce our impact on climate change and have taken steps to mitigate our environmental footprint. From an operations standpoint, we are committed to driving an environmentally low impact business, including energy, air pollution, waste, and water, across our globally distributed offices, facilities, and data centers. This includes monitoring and managing our impact on the climate from owned operations and supply chains related to greenhouse gas emissions, energy efficiency, and renewable energy procurement; the ability to recover from and manage risks, such as the impact of more extreme weather events and natural disasters; and transition risks, such as the increasing cost of energy and customer expectations related to energy and emissions. Fortinet invests in renewable electricity and sustainable projects. All of Fortinet’s owned facilities around the world run on 100% renewable electricity. Furthermore, Fortinet's recent headquarters expansion is a state-of-the-art 172,000-square-foot and LEED-Gold certified. This all electric, net-zero facility has implemented multiple energy efficiency measures including solar panels and radiant cooling, which uses 30% less energy than a standard building and conserves 76,800 gallons of water annually. Fortinet also incentivizes employees at its headquarters to reduce their environmental footprint by providing onsite solar-powered EV Charging Stations, preferred parking spaces for sustainable energy vehicles, and installed bike racks. Fortinet works with supply chain and logistics service providers committed to ensuring the application and enforcement of environmental policies aimed at reducing air emissions and pollutions by promoting the use of clean fuels, transportation network optimization, and investing in fuel-saving technologies. We have local RMA depots in over 20 countries and central regional depots in North America, Europe, and Asia. These help us reduce transportation-related emissions by minimizing shipping distances and consolidating shipments, collecting defective products at centralized locations, performing local repairs, and recycling defective units in compliance with local regulations. • Anti-Discrimination Policy (if applicable) o Describe your organizations’ anti-discrimination policy. At Fortinet we believe everyone should be treated equally regardless of race, sex, gender identification, sexual orientation, national origin, native language, religion, age, disability, marital status, citizenship, genetic information, pregnancy, or any other characteristic protected by law. In support of this Fortinet strives to provide a work environment where everyone can work 45 Response to RFP# 40-22 together comfortably and productively. Each individual has the right to work in a professional atmosphere that promotes equal opportunity and prohibits discriminatory practices, including sexual and other forms of prohibited harassment. Fortinet’s anti-discrimination and anti- harassment policy prohibits all forms of harassment based on an individual’s race, color, religion, sex (including pregnancy, childbirth, breastfeeding, and related medical condition), age, national origin, disability, sexual orientation, gender (including gender identity and expression), marital status (including registered domestic partnership status), civil union status, familial status, ancestry, physical or mental disability, medical condition, genetic information or traits, caregiver status, citizenship status, Civil Air Patrol status, military or veteran status, status as a victim of domestic violence, assault, or stalking, or any other characteristic protected by applicable federal, state, or local laws. This policies applies to all employees of Fortinet, including supervisors and managers, as well as to customers, partners, vendors, and any other third parties we do business with. • Vendor Certifications (if applicable) o Provide a copy of all current licenses, registrations and certifications issued by federal, state and local agencies, and any other licenses, registrations or certifications from any other governmental entity with jurisdiction, allowing respondent to perform the covered services including, but not limited to, licenses, registrations, or certifications. Certifications can include M/WBE, HUB, and manufacturer certifications for sales and service. Fortinet is committed to innovation and excellence and we are our proud to meet and exceed a wide range of national, regional, and international requirements, and our solutions and services have earned the respect of independent third-party testing labs around the world. Fortinet’s submitted Product Certifications Brochure (Attachment 4) outlines the certifications our products have received and contains access to our Certifications Resource Center that serves as the repository for product compliance reports, certifications, and independent validation results. In addition to the product certifications outlined in our Product Certifications Brochure, we wish to make you aware of the following certifications: • ISO 9001:2015, Quality Management System: the scope of this certificate covers the design, development, and manufacture of Network Security Products and the Delivery of Associated Security Services and Support. • Our price list includes selected products that are certified for compliance under the US National Information Assurance Program Common Criteria Evaluation and Validation Scheme (CCEVS). • Our price list includes selected products certified by the National Institute of Standards and Technology for compliance with FIPS 140-2, Security Requirements for Cryptographic Modules. 46 Response to RFP# 40-22 TAB 5 PRODUCTS AND SERVICES Respondent shall perform and provide these products and/or services under the terms of this agreement. The supplier shall assist the end user with making a determination of their individual needs. Fortinet’s goal, if awarded a contract, is to establish a productive and mutually beneficial partnership with the Texas Region 14 ESC and NCPA. To accomplish this, Fortinet is proud to offer our entire line of products and services in response to this RFP and Fortinet agrees to work closely with customers utilizing the awarded contract to assist them in determining their individual needs for IT Security Products and Data Protection Solutions. Warranty Proposal should address the following warranty information: • Applicable warranty and/or guarantees of equipment and installations including any conditions and response time for repair and/or replacement of any components during the warranty period. • Availability of replacement parts • Life expectancy of equipment under normal use • Detailed information as to proposed return policy on all equipment Fortinet’s submitted EULA and Warranty Terms (Attachment 5) complies with this requirement. Products • Vendor shall provide equipment, materials and products that are new unless otherwise specified, of good quality and free of defects As the manufacturer Fortinet understands that good quality is critical to satisfying customers and retaining their loyalty. In our endeavor to continuously achieve this objective, Fortinet has actively participated in third-party audits and testing since we first opened our doors. Through these third- party audits and testing we validate our design and development processes which help us guarantee that our products and solutions meet and exceed a wide range of regional, national, and international standard quality requirements. Construction • Vendor shall perform services in a good and workmanlike manner and in accordance with industry standards for the service provided. Fortinet is committed to ensuring that all of our products and services consistently exceed industry benchmarks and remain compliant with public sector regulatory frameworks and standards. The following is a list of suggested (but not limited to) IT Security Products and Data Protection Solutions categories. List all categories along with manufacturer that you are responding with: • Security Threat Intelligence Products and Services • Security Information and Event Management (SIEM) • Managed Security Services • Security awareness training • Security Consulting Services • Content Filtering • Anti-Virus / Anti-Spam • Network Forensics / Real – Time Monitoring • Network Access Control • Firewalls • Network Storage / Archiving 47 Response to RFP# 40-22 • Wireless Networks • Bandwidth Management • Networking Hardware • Application Security • Cloud Security • Email Security and Archiving • Data Protection o Backup o Cloud Backup o Risk Assessments o Encryption and Pseudonymization o Data Destruction • Data Loss Prevention (DLP) • Consulting Services We have edited the list above to show which suggested capabilities Fortinet’s products and services address. Described at a high level, our products and services include: • Physical and virtual cybersecurity appliances (hardware appliances and perpetual software licenses) that provide functional capabilities in these areas: o Network Security o Cloud Security o Web Application Security o Email Security o Advanced Threat Protection o Secure Unified Access o Endpoint Security o Management and Analytics • FortiGuard Security Subscriptions (term software licenses) for: o Application control o Intrusion prevention o Antivirus o Sandboxing o IP reputation and anti-botnet o Web filtering o Web application security o Credential stuffing defense o Database security o Virus outbreak protection o Content disarm and reconstruction o Security rating • Hardware and software maintenance plans (as described in Section 4.12) o 8 x 5 support o 24 x 7 support o 360o support (24 x 7 support with proactive monitoring and health checks) o Premium support services • Professional Services o Remote engineering support o Onsite engineering support • Training o Onsite courses o Self-paced courses o Instructor-led virtual courses 48 Response to RFP# 40-22 TAB 6 REFERENCES Provide at least ten (10) customer references for products and/or services of similar scope dating within the past three (3) years. Please provide a range of references across all eligible government entity groups including K-12, higher education, city, county, or non-profit entities. All references should include the following information from the entity: • Entity Name • Contact Name and Title • City and State • Phone • Email • Years Serviced • Description of Services • Annual Volume NCPA also accepts Procurated review scores to evaluate relationships with their customers. Vendors without a current Procurated score will be rated based solely on the references provided, and will not be penalized for lack of Procurated scoring. To find out your company’s Procurated score please go to https://www.procurated.com. 49 Response to RFP# 40-22 TAB 7 PRICING Please submit price list electronically via our online Bonfire portal (pricing can be submitted as Discount off MSRP, cost plus, etc). Products, services, warranties, etc. should be included in price list. Prices submitted will be used to establish the extent of a respondent’s products and services (Tab 5) that are available and also establish pricing per item. Price lists must contain the following: • Product name and part number (include both manufacturer part number and respondent part number if different from manufacturers). • Description • Vendor’s List Price • Percent Discount to NCPA participating entities Fortinet’s submitted price list complies with this requirement. Not To Exceed Pricing • NCPA requests pricing be submitted as “not to exceed pricing” for any participating entity. • The awarded vendor can adjust submitted pricing lower but cannot exceed original pricing submitted for solicitation. • NCPA requests that vendor honor lower pricing for similar size and scope purchases to other members. Fortinet will ensure that all resellers authorized to sell through an awarded NCPA contract understand that the prices on our price list are "not to exceed prices”; however, since size and scope are only two of multiple factors that can impact the price of a customer’s unique security solution, we cannot honor the request to honor lower pricing for similar size and scope purchases. 50 Response to RFP# 40-22 TAB 8 VALUE ADDED PRODUCTS AND SERVICES Include any additional products and/or services available that vendor currently performs in their normal course of business that is not included in the scope of the solicitation that you think will enhance and add value to this contract for Region 14 ESC and all NCPA participating entities. If awarded a NCPA contract in response to this RFP, as value adds to our submitted offer of our entire line of products and services, Fortinet is proud to offer the following two FREE additional programs: 1. FORTINET’S FREE GRANT SUPPORT PROGRAM Public sector organizations face unique challenges in defending against the constant changing cyber threats landscape and most public sector agencies lack adequate funding to purchase the protection resources they need. Federal and state grants can provide valuable funding to the public sector that initiates or expands purchases they otherwise would not be able to. Through Fortinet’s free Grant Support Program, Fortinet helps empower public sector customers to find and access grant funding to make their mission critical projects happen! Our FREE Grant Support Program helps public sector agencies by: a. Providing comprehensive grants information for entities that are understaffed or lack experience with grant applications and don’t know where to start. Finding and applying for grants can be a daunting and complicated task, but doing so is imperative right now for the public sector since currently there are billions of dollars in funding available for cybersecurity projects and solutions. Our Grant Support Program was created to assist entities successfully find and apply for grants. Our Grants Support Program consultants provide extensive grant resources and services, such as: in-depth grant research, grant funding availability reports, and grant application development assistance. We of course cannot guarantee funding, but we will do everything we can to assist an entity in submitting a successful grant application. b. Identifying all available grant funding for technology-rich projects. With a few specifics about an entity’s needs, our Grants Support Program consultants will develop customized reports on funding opportunities that are the best fit for the project. The reports will identify the most relevant funders based on the project type, the organization type (or types, in the case of a consortium project), and the geographic location where the project will be deployed. Then our consultants will review their findings with the entity on a conference call scheduled at the entity’s convenience. We will also continually monitor granting sources and will provide notifications to the entity when grants or funding opportunities are released that best serve their project. c. Providing customized consultation services that help develop project ideas and even expand cybersecurity modernization initiatives. Grants tend to be awarded to projects that address a clearly identified need, either for a specific population or a defined geographic community. In addition, fundable projects 51 Response to RFP# 40-22 should have measurable objectives and a compelling reason for including the security technology needed to achieve those objectives. Our Grants Support Program consultants will help entities clarify and articulate their specific technology needs, assist in the development of measurable objectives, and provide input on other elements that might further strengthen the entities project proposal, application or other information required by the grant. Grants Support Program Frequently Asked Questions: • What’s the benefit of utilizing Fortinet’s Grants Support Program? Our Grants Support Program is designed to help public sector entities overcome financial barriers that prevent our customers from purchasing Fortinet’s cybersecurity solutions. We provide free support by assigning a grant expert who works with the entity throughout the entire grants process. • What entities are eligible to receive grant funds? The public sector entities listed below are generally eligible to apply for federal or state grant funding opportunities as long as the project identified on the entity’s submitted grant application meets the grant requirements. Government Organizations o State governments o County governments o City or township governments o Special district governments o Native American tribal governments Education Organizations o Independent school districts o Public and state controlled institutions of higher education o Private institutions of higher education Public Housing Organizations o Public housing authorities o Native American housing authorities • What are the top grant funding streams for cybersecurity? Thousands of grant opportunities are made available each year in the US, providing billions of dollars in funding. Of course, not all of these opportunities are technology-friendly; however the following grant opportunities have been identified as the top funding streams for cybersecurity: o Infrastructure Investment and Jobs Act, including State and Local Cybersecurity Grant Program ($550B) o Stimulus funding from the American Rescue Plan ($1.9T) o Tying into energy and climate funding available through Inflation Reduction Act ($369B) o Tying into annual funding available from 26 federal grant -making agencies ($700B) • Where do I get more information on Fortinet’s Grants Support Program? For more information on this program, please email us at: sled_capture@fortinet.com. 52 Response to RFP# 40-22 2. FORTINET’S FREE SECURITY AWARENESS AND TRAINING PROGRAM The US education sector is in the midst of a cyber crisis. The shift to cloud-based virtual learning during COVID-19 created the perfect storm for threat actors to capitalize on. Education IT departments, already weathering a shortage of physical resources, funding, and staffing, unexpectedly faced an even greater challenge. Without the human resources and advanced solutions to secure vulnerabilities in their networks, K-12 school districts and higher- ed institutions became easy targets. In July 2022, Fortinet participated in the White House National Cyber Workforce and Education Summit where Fortinet participated in important discussions around solutions to help address this significant challenge facing the cybersecurity industry in the United States. As a result of these discussions, Fortinet announced its commitment to expand its existing Information Security Awareness and Training program to make it available to all K-12 school districts and systems across the United States for FREE! Schools that take advantage of this free offering will be training their staff and faculty with skillsets and knowledge that could prevent them from falling victim to popular threat methods, such as social engineering attempts, reducing the likelihood of a security breach. Fortinet’s Security Awareness and Training program was developed by Fortinet's award-winning Training Institute. With content incorporating threat intelligence insights from FortiGuard Labs, this training arms faculty and staff with the latest knowledge, guidance, and tips to make smarter choices when confronted by cyberattacks and other security risks. Security Awareness and Training Frequently Asked Questions: • What key benefits will K-12 school districts and systems gain from participating in this training? By participating in our Security Awareness and Training K-12 school districts and systems will: o Have trained faculty and staff that will prevent or recognize and report potential security threats whether in an email, online, or in a physical setting. o Satisfy city, county, state, and national requirements for security and awareness training across major frameworks (this training aligns to the National Institute of Standards and Technology framework -NIST 800-50 and NIST 800-16). o Prevent the impact of breaches caused by faculty and staff errors and/or poor judgement. o Ensure faculty and staff are properly trained on data privacy and security, and are motivated to protect personally identifiable information and other sensitive data. • How comprehensive is this free training program? We are offering the premium version of our Information Security Awareness and Training program free of charge to K-12 school districts and systems. This premium training consists of 23 Base Modules, 10 Re-engagement Modules and 18 Reinforcement Modules and is delivered in multiple formats, including video, text, audio, imagery, and animation, which appeals to different learning styles to ensure that the training is understood and applied. • Where do I get more information on this training? For more information on this program visiting our website at http://fortinet.com/K12trainingUS, or to register for this training, please email us at k12trainingUS@fortinet.com. 53 Response to RFP# 40-22 TAB 9 REQUIRED DOCUMENTS • Federal Funds Certifications • Clean Air and Water Act & Debarment Notice • Contractors Requirements • Required Clauses for Federal Assistance by FTA • Federal Required Signatures • Antitrust Certification Statements Texas Government Code § 2155.005 • State Notice Addendum 54 FEDERAL FUNDS CERTIFICATIONS Participating Agencies may elect to use federal funds to purchase under the Master Agreement. The following certifications and provisions may be required and apply when a Participating Agency expends federal funds for any purchase resulting from this procurement process. Pursuant to 2 C.F.R. § 200.326, all contracts, including small purchases, awarded by the Participating Agency and the Participating Agency’s subcontractors shall contain the procurement provisions of Appendix II to Part 200, as applicable. APPENDIX II TO 2 CFR PART 200 (A) Contracts for more than the simplified acquisition threshold currently set at $250,000, which is the inflation adjusted amount determined by the Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council (Councils) as authorized by 41 U.S.C. 1908, must address administrative, contractual, or legal remedies in instances where contractors violate or breach contract terms, and provide for such sanctions and penalties as appropriate. • Pursuant to Federal Rule (A) above, when a Participating Agency expends federal funds, the Participating Agency and Offeror reserves all rights and privileges under the applicable laws and regulations with respect to this procurement in the event of breach of contract by either party. (B) Termination for cause and for convenience by the grantee or subgrantee including the manner by which it will be effected and the basis for settlement. (All contracts in excess of $10,000) • Pursuant to Federal Rule (B) above, when a Participating Agency expends federal funds, the Participating Agency reserves the right to terminate any agreement in excess of $10,000 resulting from this procurement process in the event of a breach or default of the agreement by Offeror as detailed in the terms of the contract (C) Equal Employment Opportunity. Except as otherwise provided under 41 CFR Part 60, all contracts that meet the definition of “federally assisted construction contract” in 41 CFR Part 60- 1.3 must include the equal opportunity clause provided under 41 CFR 60-1.4(b), in accordance with Executive Order 11246, “Equal Employment Opportunity” (30 CFR 12319, 12935, 3 CFR Part, 1964-1965 Comp., p. 339), as amended by Executive Order 11375, “Amending Executive Order 11246 Relating to Equal Employment Opportunity,” and implementing regulations at 41 CFR part 60, “Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor.” • Pursuant to Federal Rule (C) above, when a Participating Agency expends federal funds on any federally assisted construction contract, the equal opportunity clause is incorporated by reference herein. (D) Davis-Bacon Act, as amended (40 U.S.C. 3141-3148). When required by Federal program legislation, all prime construction contracts in excess of $2,000 awarded by non-Federal entities must include a provision for compliance with the Davis-Bacon Act (40 U.S.C. 3141-3144, and 3146-3148) as supplemented by Department of Labor regulations (29 CFR Part 5, “Labor Standards Provisions Applicable to Contracts Covering Federally Financed and Assisted Construction”). In accordance with the statute, contractors must be required to pay wages to laborers and mechanics at a rate not less than the prevailing wages specified in a wage determination made by the Secretary of Labor. In addition, contractors must be required to pay 55 wages not less than once a week. The non-Federal entity must place a copy of the current prevailing wage determination issued by the Department of Labor in each solicitation. The decision to award a contract or subcontract must be conditioned upon the acceptance of the wage determination. The non- Federal entity must report all suspected or reported violations to the Federal awarding agency. The contracts must also include a provision for compliance with the Copeland “Anti-Kickback” Act (40 U.S.C. 3145), as supplemented by Department of Labor regulations (29 CFR Part 3, “Contractors and Subcontractors on Public Building or Public Work Financed in Whole or in Part by Loans or Grants from the United States”). The Act provides that each contractor or subrecipient must be prohibited from inducing, by any means, any person employed in the construction, completion, or repair of public work, to give up any part of the compensation to which he or she is otherwise entitled. The non-Federal entity must report all suspected or reported violations to the Federal awarding agency. • Pursuant to Federal Rule (D) above, when a Participating Agency expends federal funds during the term of an award for all contracts and subgrants for construction or repair, offeror will be in compliance with all applicable Davis-Bacon Act provisions • Any Participating Agency will include any current and applicable prevailing wage determination in each issued solicitation and provide Offeror with any required documentation and/or forms that must be completed by Offeror to remain in compliance the applicable Davis-Bacon Act provisions. (E) Contract Work Hours and Safety Standards Act (40 U.S.C. 3701-3708). Where applicable, all contracts awarded by the non-Federal entity in excess of $100,000 that involve the employment of mechanics or laborers must include a provision for compliance with 40 U.S.C. 3702 and 3704, as supplemented by Department of Labor regulations (29 CFR Part 5). Under 40 U.S.C. 3702 of the Act, each contractor must be required to compute the wages of every mechanic and laborer on the basis of a standard work week of 40 hours. Work in excess of the standard work week is permissible provided that the worker is compensated at a rate of not less than one and a half times the basic rate of pay for all hours worked in excess of 40 hours in the work week. The requirements of 40 U.S.C. 3704 are applicable to construction work and provide that no laborer or mechanic must be required to work in surroundings or under working conditions which are unsanitary, hazardous or dangerous. These requirements do not apply to the purchases of supplies or materials or articles ordinarily available on the open market, or contracts for transportation or transmission of intelligence. • Pursuant to Federal Rule (E) above, when a Participating Agency expends federal funds, offeror certifies that offeror will be in compliance with all applicable provisions of the Contract Work Hours and Safety Standards Act during the term of an award for all contracts by Participating Agency resulting from this procurement process. (F) Rights to Inventions Made Under a Contract or Agreement. If the Federal award meets the definition of “funding agreement” under 37 CFR §401.2 (a) and the recipient or subrecipient wishes to enter into a contract with a small business firm or nonprofit organization regarding the substitution of parties, assignment or performance of experimental, developmental, or research work under that “funding agreement,” the recipient or subrecipient must comply with the requirements of 37 CFR Part 401, “Rights to Inventions Made by Nonprofit Organizations and Small Business Firms Under Government Grants, Contracts and Cooperative Agreements,” and any implementing regulations issued by the awarding agency. 56 • Pursuant to Federal Rule (F) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency resulting from this procurement process, the offeror agrees to comply with all applicable requirements as referenced in Federal Rule (F) above (G) Clean Air Act (42 U.S.C. 7401-7671q.) and the Federal Water Pollution Control Act (33 U.S.C. 1251-1387), as amended— Contracts and subgrants of amounts in excess of $150,000 must contain a provision that requires the non- Federal award to agree to comply with all applicable standards, orders or regulations issued pursuant to the Clean Air Act (42 U.S.C. 7401- 7671q) and the Federal Water Pollution Control Act as amended (33 U.S.C. 1251- 1387). Violations must be reported to the Federal awarding agency and the Regional Office of the Environmental Protection Agency (EPA). • Pursuant to Federal Rule (G) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency member resulting from this procurement process, the offeror agrees to comply with all applicable requirements as referenced in Federal Rule (G) above (H) Debarment and Suspension (Executive Orders 12549 and 12689)—A contract award (see 2 CFR 180.220) must not be made to parties listed on the government wide exclusions in the System for Award Management (SAM), in accordance with the OMB guidelines at 2 CFR 180 that implement Executive Orders 12549 (3 CFR part 1986 Comp., p. 189) and 12689 (3 CFR part 1989 Comp., p. 235), “Debarment and Suspension.” SAM Exclusions contains the names of parties debarred, suspended, or otherwise excluded by agencies, as well as parties declared ineligible under statutory or regulatory authority other than Executive Order 12549. • Pursuant to Federal Rule (H) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency resulting from this procurement process, the offeror certifies that neither it nor its principals is presently debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation by any federal department or agency. If at any time during the term of an award the offeror or its principals becomes debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation by any federal department or agency, the offeror will notify the Participating Agency (I) Byrd Anti-Lobbying Amendment (31 U.S.C. 1352)—Contractors that apply or bid for an award exceeding $100,000 must file the required certification. Each tier certifies to the tier above that it will not and has not used Federal appropriated funds to pay any person or organization for influencing or attempting to influence an officer or employee of any agency, a member of Congress, officer or employee of Congress, or an employee of a member of Congress in connection with obtaining any Federal contract, grant or any other award covered by 31 U.S.C. 1352. Each tier must also disclose any lobbying with non-Federal funds that takes place in connection with obtaining any Federal award. Such disclosures are forwarded from tier to tier up to the non-Federal award. • Pursuant to Federal Rule (I) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term and after the awarded term of an award for all contracts by Participating Agency resulting from this procurement process, the 57 offeror certifies that it is in compliance with all applicable provisions of the Byrd Anti- Lobbying Amendment (31 U.S.C. 1352). The undersigned further certifies that: o No Federal appropriated funds have been paid or will be paid for on behalf of the undersigned, to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with the awarding of a Federal contract, the making of a Federal grant, the making of a Federal loan, the entering into a cooperative agreement, and the extension, continuation, renewal, amendment, or modification of a Federal contract, grant, loan, or cooperative agreement. o If any funds other than Federal appropriated funds have been paid or will be paid to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with this Federal grant or cooperative agreement, the undersigned shall complete and submit Standard Form-LLL, “Disclosure Form to Report Lobbying”, in accordance with its instructions. o The undersigned shall require that the language of this certification be included in the award documents for all covered sub-awards exceeding $100,000 in Federal funds at all appropriate tiers and all subrecipients shall certify and disclose accordingly. RECORD RETENTION REQUIREMENTS FOR CONTRACTS INVOLVING FEDERAL FUNDS When federal funds are expended by Participating Agency for any contract resulting from this procurement process, offeror certifies that it will comply with the record retention requirements detailed in 2 CFR § 200.334. The offeror further certifies that offeror will retain all records as required by 2 CFR § 200.334 for a period of three years after grantees or subgrantees submit final expenditure reports or quarterly or annual financial reports, as applicable, and all other pending matters are closed. CERTIFICATION OF COMPLIANCE WITH THE ENERGY POLICY AND CONSERVATION ACT When Participating Agency expends federal funds for any contract resulting from this procurement process, offeror certifies that it will comply with the mandatory standards and policies relating to energy efficiency which are contained in the state energy conservation plan issued in compliance with the Energy Policy and Conservation Act (42 U.S.C. 6321 et seq.; 49 C.F.R. Part 18). CERTIFICATION OF COMPLIANCE WITH BUY AMERICA PROVISIONS To the extent purchases are made with Federal Highway Administration, Federal Railroad Administration, or Federal Transit Administration funds, offeror certifies that its products comply with all applicable provisions of the Buy America Act and agrees to provide such certification or applicable waiver with respect to specific products to any Participating Agency upon request. Participating Agencies will clearly identify whether Buy America Provisions apply in any issued solicitation. Purchases made in accordance with the Buy America Act must still follow the applicable procurement rules calling for free and open competition. 58 CERTIFICATION OF ACCESS TO RECORDS Offeror agrees that the Inspector General of the Agency or any of their duly authorized representatives shall have access to any non-financial documents, papers, or other records of offeror that are pertinent to offeror’s discharge of its obligations under the Contract for the purpose of making audits, examinations, excerpts, and transcriptions. The right also includes timely and reasonable access to offeror’s personnel for the purpose of interview and discussion relating to such documents. This right of access will last only as long as the records are retained. CERTIFICATION OF APPLICABILITY TO SUBCONTRACTORS Offeror agrees that all contracts it awards pursuant to the Contract shall be bound by the foregoing terms and conditions. 59 CLEAN AIR AND WATER ACT AND DEBARMENT NOTICE By the signature below (Under Federal Required Signatures), I, the Vendor, am in compliance with all applicable standards, orders or regulations issued pursuant to the Clean Air Act of 1970, as Amended (42 U.S. C. 1857 (h), Section 508 of the Clean Water Act, as amended (33 U.S.C. 1368), Executive Order 117389 and Environmental Protection Agency Regulation, 40 CFR Part 15 as required under OMB Circular A-102, Attachment O, Paragraph 14 (1) regarding reporting violations to the grantor agency and to the United States Environment Protection Agency Assistant Administrator for the Enforcement. I hereby further certify that my company has not been debarred, suspended or otherwise ineligible for participation in Federal Assistance programs under Executive Order 12549, “Debarment and Suspension”, as described in the Federal Register and Rules and Regulations. 60 CONTRACTOR REQUIRMENTS Contractor Certification Contractor’s Employment Eligibility By entering the contract, Contractor warrants compliance with the Federal Immigration and Nationality Act (FINA), and all other federal and state immigration laws and regulations. The Contractor further warrants that it is in compliance with the various state statues of the states it is will operate this contract in. Participating Government Entities including School Districts may request verification of compliance from any Contractor or subcontractor performing work under this Contract. These Entities reserve the right to confirm compliance in accordance with applicable laws. Should the Participating Entities suspect or find that the Contractor or any of its subcontractors are not in compliance, they may pursue any and all remedies allowed by law, including, but not limited to: suspension of work, termination of the Contract for default, and suspension and/or debarment of the Contractor. All costs necessary to verify compliance are the responsibility of the Contractor. The offeror complies and maintains compliance with the appropriate statutes which requires compliance with federal immigration laws by State employers, State contractors and State subcontractors in accordance with the E-Verify Employee Eligibility Verification Program. Contractor shall comply with governing board policy of the NCPA Participating entities in which work is being performed. Fingerprint & Background Checks If required to provide services on school district property at least five (5) times during a month, contractor shall submit a full set of fingerprints to the school district if requested of each person or employee who may provide such service. Alternately, the school district may fingerprint those persons or employees. An exception to this requirement may be made as authorized in Governing Board policy. The district shall conduct a fingerprint check in accordance with the appropriate state and federal laws of all contractors, subcontractors or vendors and their employees for which fingerprints are submitted to the district. Contractor, subcontractors, vendors and their employees shall not provide services on school district properties until authorized by the District. The offeror shall comply with fingerprinting requirements in accordance with appropriate statutes in the state in which the work is being performed unless otherwise exempted. Contractor shall comply with governing board policy in the school district or Participating Entity in which work is being performed. Business Operations in Sudan, Iran In accordance with A.R.S. 35-391 and A.R.S. 35-393, the Contractor hereby certifies that the contractor does not have scrutinized business operations in Sudan and/or Iran. 61 REQUIRED CLAUSES FOR FEDERAL ASSISTANCE PROVIDED BY FTA ACCESS TO RECORDS AND REPORTS Contractor agrees to: a) Maintain all non-financial books, records, accounts and reports required under this Contract for a period of not less than two (2) years after the date of termination or expiration of this Contract or any extensions thereof except in the event of litigation or settlement of claims arising from the performance of this Contract, in which case Contractor agrees to maintain same until the FTA Administrator, the U.S. DOT Office of the Inspector General, the Comptroller General, or any of their duly authorized representatives, have disposed of all such litigation, appeals, claims or exceptions related thereto. b) Permit any of the foregoing parties to inspect all non-financial work, materials, and other data and records that pertain to the Project, and to audit the non-financial books, records, and accounts that pertain to the Project and to reproduce by any means whatsoever or to copy excerpts and transcriptions as reasonably needed for the purpose of audit and examination. The right of access detailed in this section continues only as long as the records are retained. FTA does not require the inclusion of these requirements of Article 1.01 in subcontracts. CIVIL RIGHTS / TITLE VI REQUIREMENTS 1) Non-discrimination. In accordance with Title VI of the Civil Rights Act of 1964, as amended, 42 U.S.C. § 2000d, Section 303 of the Age Discrimination Act of 1975, as amended, 42 U.S.C. § 6102, Section 202 of the Americans with Disabilities Act of 1990, as amended, 42 U.S.C. § 12132, and Federal Transit Law at 49 U.S.C. § 5332, Contractor or subcontractor agrees that it will not discriminate against any employee or applicant for employment because of race, color, creed, national origin, sex, marital status age, or disability. In addition, Contractor agrees to comply with applicable Federal implementing regulations and other applicable implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. 2) Equal Employment Opportunity. The following Equal Employment Opportunity requirements apply to this Contract: a. Race, Color, Creed, National Origin, Sex. In accordance with Title VII of the Civil Rights Act, as amended, 42 U.S.C. § 2000e, and Federal Transit Law at 49 U.S.C. § 5332, the Contractor agrees to comply with all applicable Equal Employment Opportunity requirements of U.S. Dept. of Labor regulations, “Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor, 41 CFR, Parts 60 et seq., and with any applicable Federal statutes, executive orders, regulations, and Federal policies that may affect construction activities undertaken in the course of this Project. Contractor agrees 62 to take affirmative action to ensure that applicants are employed, and that employees are treated during employment, without regard to their race, color, creed, national origin, sex, marital status, or age. Such action shall include, but not be limited to, the following: employment, upgrading, demotion or transfer, recruitment or recruitment advertising, layoff or termination, rates of pay or other forms of compensation; and selection for training, including apprenticeship. In addition, Contractor agrees to comply with any implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. b. Age. In accordance with the Age Discrimination in Employment Act (ADEA) of 1967, as amended, 29 U.S.C. Sections 621 through 634, and Equal Employment Opportunity Commission (EEOC) implementing regulations, “Age Discrimination in Employment Act”, 29 CFR Part 1625, prohibit employment discrimination by Contractor against individuals on the basis of age, including present and prospective employees. In addition, Contractor agrees to comply with any implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. c. Disabilities. In accordance with Section 102 of the Americans with Disabilities Act of 1990, as amended (ADA), 42 U.S.C. Sections 12101 et seq., prohibits discrimination against qualified individuals with disabilities in programs, activities, and services, and imposes specific requirements on public and private entities. Contractor agrees that it will comply with the requirements of the Equal Employment Opportunity Commission (EEOC), “Regulations to Implement the Equal Employment Provisions of the Americans with Disabilities Act,” 29 CFR, Part 1630, pertaining to employment of persons with disabilities and with their responsibilities under Titles I through V of the ADA in employment, public services, public accommodations, telecommunications, and other provisions. d. Segregated Facilities. Contractor certifies that their company does not and will not maintain or provide for their employees any segregated facilities at any of their establishments, and that they do not and will not permit their employees to perform their services at any location under the Contractor’s control where segregated facilities are maintained. As used in this certification the term “segregated facilities” means any waiting rooms, work areas, restrooms and washrooms, restaurants and other eating areas, parking lots, drinking fountains, recreation or entertainment areas, transportation, and housing facilities provided for employees which are segregated by explicit directive or are in fact segregated on the basis of race, color, religion or national origin because of habit, local custom, or otherwise. Contractor agrees that a breach of this certification will be a violation of this Civil Rights clause. 3) Solicitations for Subcontracts, Including Procurements of Materials and Equipment. In all solicitations, either by competitive bidding or negotiation, made by Contractor for work to be performed under a subcontract, including procurements of materials or leases of equipment, each potential subcontractor or supplier shall be notified by Contractor of Contractor's obligations under this Contract and the regulations relative to non-discrimination on the grounds of race, color, creed, sex, disability, age or national origin. 63 4) Sanctions of Non-Compliance. In the event of Contractor's non-compliance with the non-discrimination provisions of this Contract, Public Agency shall impose such Contract sanctions as it or the FTA may determine to be appropriate, including, but not limited to: 1) Withholding of payments to Contractor under the Contract until Contractor complies, and/or; 2) Cancellation, termination or suspension of the Contract, in whole or in part. Contractor agrees to include the requirements of this clause in each subcontract financed in whole or in part with Federal assistance provided by FTA, modified only if necessary to identify the affected parties. DISADVANTAGED BUSINESS PARTICIPATION This Contract is subject to the requirements of Title 49, Code of Federal Regulations, Part 26, “Participation by Disadvantaged Business Enterprises in Department of Transportation Financial Assistance Programs”, therefore, it is the policy of the Department of Transportation (DOT) to ensure that Disadvantaged Business Enterprises (DBEs), as defined in 49 CFR Part 26, have an equal opportunity to receive and participate in the performance of DOT-assisted contracts. 1) Non-Discrimination Assurances. Contractor or subcontractor shall not discriminate on the basis of race, color, national origin, or sex in the performance of this Contract. Contractor shall carry out all applicable requirements of 49 CFR Part 26 in the award and administration of DOT-assisted contracts. Failure by Contractor to carry out these requirements is a material breach of this Contract, which may result in the termination of this Contract or other such remedy as public agency deems appropriate. Each subcontract Contractor signs with a subcontractor must include the assurance in this paragraph. (See 49 CFR 26.13(b)). 2) Prompt Payment. Contractor is required to pay each subcontractor performing Work under this prime Contract for satisfactory performance of that work no later than thirty (30) days after Contractor’s receipt of payment for that Work from public agency. In addition, Contractor is required to return any retainage payments to those subcontractors within thirty (30) days after the subcontractor’s work related to this Contract is satisfactorily completed and any liens have been secured. Any delay or postponement of payment from the above time frames may occur only for good cause following written approval of public agency. This clause applies to both DBE and non-DBE subcontractors. Contractor must promptly notify public agency whenever a DBE subcontractor performing Work related to this Contract is terminated or fails to complete its Work, and must make good faith efforts to engage another DBE subcontractor to perform at least the same amount of work. Contractor may not terminate any DBE subcontractor and perform that Work through its own forces, or those of an affiliate, without prior written consent of public agency. 3) DBE Program. In connection with the performance of this Contract, Contractor will cooperate with public agency in meeting its commitments and goals to ensure that DBEs shall have the maximum practicable opportunity to compete for subcontract work, regardless of whether a contract goal is set for this Contract. Contractor agrees to use good faith efforts to carry out a policy in the award of its subcontracts, agent agreements, and procurement contracts which will, to the fullest extent, utilize DBEs consistent with the efficient performance of the Contract. 64 ENERGY CONSERVATION REQUIREMENTS Contractor agrees to comply with mandatory standards and policies relating to energy efficiency which are contained in the State energy conservation plans issued under the Energy Policy and Conservation Act, as amended, 42 U.S.C. Sections 6321 et seq. and 41 CFR Part 301-10. FEDERAL CHANGES Contractor shall at all times comply with all applicable FTA regulations, policies, procedures and directives, listed directly or by reference in the Contract between Public Agency and the FTA, and those applicable regulatory and procedural updates that are communicated to Contractor by Public Agency, as they may be amended or promulgated from time to time during the term of this contract. Contractor’s failure to so comply shall constitute a material breach of this Contract. INCORPORATION OF FEDERAL TRANSIT ADMINISTRATION (FTA) TERMS The provisions include, in part, certain Standard Terms and Conditions required by the U.S. Department of Transportation (DOT), whether or not expressly set forth in the preceding Contract provisions. All contractual provisions required by the DOT and applicable to the scope of a particular Contract awarded to Contractor by a Public Agency as a result of solicitation, as set forth in the most current FTA Circular 4220.1F, published February 8th, 2016, are hereby incorporated by reference. Anything to the contrary herein notwithstanding, all FTA mandated terms shall be deemed to control in the event of a conflict with other provisions contained in this Contract. Contractor agrees not to knowingly perform any act, knowingly fail to perform any act, or refuse to comply with any reasonable public agency requests that would directly cause public agency to be in violation of the FTA terms and conditions. NO FEDERAL GOVERNMENT OBLIGATIONS TO THIRD PARTIES Agency and Contractor acknowledge and agree that, absent the Federal Government’s express written consent and notwithstanding any concurrence by the Federal Government in or approval of the solicitation or award of the underlying Contract, the Federal Government is not a party to this Contract and shall not be subject to any obligations or liabilities to agency, Contractor, or any other party (whether or not a party to that contract) pertaining to any matter resulting from the underlying Contract. Contractor agrees to include the above clause in each subcontract financed in whole or in part with federal assistance provided by the FTA. It is further agreed that the clause shall not be modified, except to identify the subcontractor who will be subject to its provisions. PROGRAM FRAUD AND FALSE OR FRAUDULENT STATEMENTS Contractor acknowledges that the provisions of the Program Fraud Civil Remedies Act of 1986, as amended, 31 U.S.C. §§ 3801 et seq. and U.S. DOT regulations, “Program Fraud Civil Remedies,” 49 CFR Part 31, apply to its actions pertaining to this Contract. Upon execution of the underlying Contract, Contractor certifies or affirms, to the best of its knowledge, the truthfulness and accuracy of any statement it has made, it makes, it may make, or causes to me 65 made, pertaining to the underlying Contract or the FTA assisted project for which this Contract Work is being performed. In addition to other penalties that may be applicable, Contractor further acknowledges that if it makes, or causes to be made, a false, fictitious, or fraudulent claim, statement, submission, or certification, the Federal Government reserves the right to impose the penalties of the Program Fraud Civil Remedies Act of 1986 on Contractor to the extent the Federal Government deems appropriate. Contractor also acknowledges that if it makes, or causes to me made, a false, fictitious, or fraudulent claim, statement, submission, or certification to the Federal Government under a contract connected with a project that is financed in whole or in part with Federal assistance originally awarded by FTA under the authority of 49 U.S.C. § 5307, the Government reserves the right to impose the penalties of 18 U.S.C. § 1001 and 49 U.S.C. § 5307 (n)(1) on the Contractor, to the extent the Federal Government deems appropriate. Contractor agrees to include the above clauses in each subcontract financed in whole or in part with Federal assistance provided by FTA. It is further agreed that the clauses shall not be modified, except to identify the subcontractor who will be subject to the provisions. 66 FEDERAL REQUIRED SIGNATURES Offeror certifies compliance with all provisions, laws, acts, regulations, etc. as specifically noted in the pages above. It is further acknowledged that offeror agrees to comply with all federal, state, and local laws, rules, regulations and ordinances as applicable. Offeror __________________________________________________________ Address __________________________________________________________ City/State/Zip __________________________________________________________ Authorized Signature __________________________________________________________ Date __________________________________________________________ Fortinet, Inc. 899 Kifer Road Sunnyvale, CA 94086 11/15/2022 67 ANTITRUST CERTIFICATION STATEMENTS TEXAS GOVERNMENT CODE § 2155.005 I affirm under penalty of perjury of the laws of the State of Texas that: (1) I am duly authorized to execute this contract on my own behalf or on behalf of the company, corporation, firm, partnership or individual (Company) listed below; (2) In connection with this bid, neither I nor any representative of the Company has violated any provision of the Texas Free Enterprise and Antitrust Act, Tex. Bus. & Comm. Code Chapter 15; (3) In connection with this bid, neither I nor any representative of the Company has violated any federal antitrust law; and (4) Neither I nor any representative of the Company has directly or indirectly communicated any of the contents of this bid to a competitor of the Company or any other company, corporation, firm, partnership or individual engaged in the same line of business as the Company. Company Name __________________________________________________________ Address __________________________________________________________ City/State/Zip __________________________________________________________ Telephone Number __________________________________________________________ Fax Number __________________________________________________________ Email Address __________________________________________________________ Printed Name __________________________________________________________ Title __________________________________________________________ Authorized Signature __________________________________________________________ Fortinet, Inc. 899 Kifer Road Sunnyvale, CA 94086 (850) 728-6504 N/A baileyj@fortinet.com Jerilyn Bailey Public Sector Contracts Manager 68 STATE NOTICE ADDENDUM The National Cooperative Purchasing Alliance (NCPA), on behalf of NCPA and its current and potential participants to include all county, city, special district, local government, school district, private K-12 school, higher education institution, state, tribal government, other government agency, healthcare organization, nonprofit organization and all other Public Agencies located nationally in all fifty states, issues this Request for Proposal (RFP) to result in a national contract. For your reference, the links below include some, but not all, of the entities included in this proposal: http://www.usa.gov/Agencies/State_and_Territories.shtml https://www.usa.gov/local-governments 69 Response to RFP# 40-22 ATTACHMENTS 1. Fortinet Security Fabric 2. Fortinet Corporate Brochure (Q3 2022 – Convergence of Networking and Security) 3. Fortinet Support Services 4. Fortinet Product Certifications Brochure 5. Fortinet EULA and Warranty 70 2© Fortinet Inc. All Rights Reserved.Revised June 1,2022 Icons on this document link to additional information INTERACTIVE INFOGRAPHICS The industry’s highest-performing integrated cybersecurity mesh platform Fortinet Security Fabric FortiFone Robust IP Phones w/ HD Audio with centralized management FortiCamera Centrally-managed HDTV-quality security coverage reliability FortiOS The Heart of the Fortinet Security Fabric Free Assessments Validate existing network controls for NGFW, Email, and SD-WAN Free Training Fortinet is committed to training over 1 million people by 2025 Fortinet Brochure Highlighting our broad, integrated, and automated solutions, quarterly FortiCare Elite** 25% of hardware* FortiCare Essentials 15% of hardware, FG-80 & below FortiCare Premium* 20% of hardware *FortiCare Premium is formerly 24x7 Support. Lower support price for Switches and APs **Response time for High Priority tickets. Available for FortiGate, FortiManager, FortiAnalyzer, FortiSwitch, and FortiAP FortiCareSupport Services Incident Response Service Digital forensic analysis, response, containment, and guidance SOC as a Service Continuous awareness and control of events, alerts, and threats FortiTester Network performance testing and breach attack simulation (BAS) FortiSOAR Automated security operations, analytics, and response FortiSIEM Integrated security, performance, and availability monitoring FortiAnalyzer Correlation, reporting, and log management in Security Fabric FortiSandbox / FortiAI Secure virtual runtime environment to expose unknown threats FortiEDR Automated protection and orchestrated incident response FortiNDR Accelerate mitigation of evolving threats and threat investigation FortiDeceptor Discover active attackers inside with decoy assets Fabric Management Center: SOC Extended Ecosystem Threat sharing w/ tech vendors Fabric API Integrations Partner-led DevOps Tools & Scripts Fortinet & community-driven Fabric Connectors Fortinet-developed The industry’s most extensive ecosystem of integrated solutions Open Ecosystem FNDN Exclusive developer community for access to advanced tools & scripts FortiExtender Cloud Deploy, manage, and customize LTE internet access FortiAIOps Network inspection to rapidly analyze, enable, and correlate FortiMonitor Analysis tool to provide NOC and SOC monitoring capabilities FortiGate Cloud SaaS w/ zero touch deployment, configuration, and management FortiManager Centralized management of your Fortinet security infrastructure Fabric Management Center: NOC Threat Map Powered by FortiGuard Labs FortiGuard Threat Intelligence FortiConnect Simplified guest access, BYOD, and policy management FortiClient Fabric Agent IPSec and SSL VPN tunnel, endpoint telemetry and more FortiToken One-time password application with push notification FortiAuthenticator Identify users wherever they are and enforce strong authentication ZTNA Agent Remote access, application access, and risk reduction FortiNAC Enforce dynamic network access control and network segmentation Zero Trust Access FortiCASB Prevent misconfigurations of SaaS applications and meet compliance FortiMail Secure mail gateway to protect against SPAM and virus attacks FortiGSLB Cloud Ensure business continuity during unexpected network downtime FortiADC Application-aware intelligence for distribution of application traffic FortiWeb Prevent web application attacks against critical web assets FortiDevSec Continuous application security testing in CI/CD pipelines FortiCWP Manage risk and compliance through multi-cloud infrastructures FortiDDoS Machine-learning quickly inspects traffic at layers 3, 4, and 7. FortiGate VM NGFW w/ SOC acceleration and industry-leading secure SD-WAN Cloud Security FortiIsolator Maintain an “air-gap” between browser and web content FortiProxy Enforce internet compliance and granular application control FortiSASE Scalable, Simple, and Secure Access for Remote Workforce Linksys HomeWRK Enterprise networking solution for remote and hybrid workers FortiSwitch Deliver security, performance, and manageable access to data FortiAP Protect LAN Edge deployments with wireless connectivity FortiExtender Extend scalable and resilient LTE and LAN connectivity FortiGate SD-WAN Application-centric, scalable, and Secure SD-WAN with NGFW FortiGate NGFW w/ SOC acceleration and industry-leading secure SD-WAN Security-Driven Networking 71 Convergence of Networking and Security Digital Security, everywhere you need it. Q3 / 2022 72 Strong Growth in Annual Billings and Profitability Source: Fortinet estimates based on recent analyst research. 2026 opportunity shown. Source: IDC Worldwide Security Appliance Tracker, February 2022 (based on unit shipments of Firewall, UTM, and VPN appliances) Technological Leadership Nearly 3X more patents than comparable Network Security companies A Large and Growing Total Available Market Total Addressable market of $138B in 2022 growing to $199B by 2026 Source: US Patent Office, As of June 30, 2022 The Most Deployed Network Security Solution Over One-Third of All Firewall Shipments BILLINGS GAAP OPERATING MARGIN Q2 2022 REVENUE BY REGION Q2 2022 BILLINGS BY SEGMENT Highly Diversified Across Regions and Segments US Patents925 U.S. Patents 354 International Patents (247 Pending Patents) 1279 Global Patents 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 FY 2021 Results Revenue: $3.34 B Billings: $4.18 B Q2 2022 Results Revenue: $1.030 B Billings: $1.304 B Op. Margin (GAAP): 19.0% EPS (GAAP): $0.21/share Cash + Investments: $1.943 B Market Cap: $44.6 B (As of June 30, 2022) Customers 595,000+ Cumulative Units Shipped 8.8+ Million Headcount By Region AMERICAS US 3,413 CANADA 2,162 REST OF AMERICAS 784 EMEA FRANCE 468 UK 382 REST OF EMEA 1,939 APAC INDIA 585 JAPAN 513 REST OF APAC 1,262 TOTAL 11,508 ALL INFORMATION AS OF JUNE 30, 2022 2 73 BURNABY BAY AREA FRISCO CHICAGO SUNRISE OTTAWA SOPHIA Fortinet – Making possible a digital world you can always trust For over 20 years, Fortinet has been a driving force in the evolution of cybersecurity and the convergence of networking and security. Our network security solutions are the most deployed, most patented, and among the most validated in the industry. Our broad, complementary portfolio of cybersecurity solutions are built from the ground up with integration and automation in mind, enabling more efficient, self-healing operations and a rapid response to known and unknown threats. Investing In Global Scale •With over 2M square feet of real estate owned, we are investing in long term economic growth. •Commitment to carbon neutral by 2030. •New state-of-the-art LEED- Gold Certified 172,000 sqft HQ building. Innovative for a Safe Internet Growing an Inclusive Cybersecurity Workforce Respecting the Environment Promoting Responsible Business Key Fortinet Advantages Security Fabric Organically developed, highly integrated and automated cybersecurity platform Security Processors Superior NGFW and SD-WAN performance and efficiency The only company to excel at all key stages of network security Corporate Social Responsibility A digital world you can always trust is essential to achieving just and sustainable societies. At Fortinet, we believe it is our corporate social responsibility to deliver on that vision by innovating sustainable security technologies, diversifying cybersecurity talent, and promoting responsible business across our value chain. Mission: to secure people, devices and data everywhere Founded: October 2000 Headquarters: Sunnyvale, CA Fortinet IPO (FTNT): November 2009 Investing in the future billings by 2025$10BNASDAQ 100 and S&P 500: Only cybersecurity company in both Learn more at Fortinet.com/CSR 374 The Convergence of Networking and Security Traditional networking lacks awareness of content, applications, users, devices, location and more. Organizations have overlaid security solutions on to the network later to account for this shortcoming — but doing so has led to increased management complexity, performance bottlenecks, poor user experience, and the potential introduction of new exploitable gaps or vulnerabilities. A better Security-driven Networking approach converges networking and security into a single, accelerated solution. A specially designed operating system and security processors work in concert to greatly improve network performance and security posture, adding greater awareness while also improving user experience, easing management complexity, and decreasing footprint and power consumption. Networking Security Security-Driven Networking Consolidation of Vendors and Point Solutions to a Platform Cybersecurity has traditionally been deployed one solution at time, in response to each emerging problem or challenge. However, individual security solutions — typically from a new vendor — are not designed to work well with the other deployed solutions. With meaningful levels of cross-vendor integration and automation proving difficult to achieve, management complexity is massively increased, and effective response to new threats is simply too slow. A more effective approach is to consolidate point product vendors into a cybersecurity platform, allowing for much tighter integration, increased automation, and a more rapid, coordinated, and effective response to threats across the network. Cybersecurity Point Products Cybersecurity Platform Approach 4 75 Secure Networking •Network Firewall •SD-WAN •SD-Branch •Web Proxy •Wi-Fi •Switching •5G/LTE •Network Access Control •And More... Cloud Security •Cloud-native Protection •DevSecOps •Cloud Firewall •SD-WAN for Multi-cloud •WAF •Email Security •ADC / GSLB •Anti-DDOS •CASB Zero Trust Access •ZTNA Agent •Authentication •MFA/Token •SASE Network Operations •Network Management •Network Orchestration •Network Monitoring •Cloud Management •Digital Experience Monitoring Security Operations •Endpoint (EDR/ XDR) •Automation: SIEM/ SOAR •Managed SOC & MDR •DRPS, EASM •Deception Open Ecosystem •Fabric Connectors •Fabric API •Fabric DevOps •Extended Ecosystem •490+ Open Ecosystem •Integrations Broad Portfolio of Solutions to Protect Your Digital Attack Surface The Fortinet Security Fabric The Fortinet Security Fabric is at the heart of the Fortinet security strategy. It is a platform organically built around a common operating system and management framework to enable broad visibility, seamless integration and interoperability between critical security elements, and granular control and automation. Broad visibility and protection of the entire digital attack surface to better manage risk. Integrated solution that reduces management complexity and shares threat intelligence. Automated self-healing networks with AI-driven security for fast and efficient operations. Learn more at Fortinet.com/SecurityFabric 576 Trusted ML and AI Stop unknown faster with Powerful combination of actionable local learning and AI & ML models on large-scale cloud-driven data lakes. Threat hunting and Outbreak Alerts Faster remediation with Alerts, analysis and detection, prevention and remediation tools including outbreaks. Real-Time Threat Intelligence Proactive security posture through continuous security updates based on in-house research and collaboration. FortiGate (HW/VM/SASE)Proxy FortiTrust XDR FortiWeb FortiMail FortiADC SOC Platforms FortiNDR Content Security Antivirus ✓✓✓✓✓✓✓✓ IL SBX ✓✓✓✓ Credential Stuffing ✓✓✓✓ Web Security URL ✓✓✓✓✓✓✓ DNS ✓✓✓✓ IP-REP ✓✓✓ Device Security DVC PROT ✓ IPS ✓✓✓✓ BOT/C2 ✓✓✓✓✓ Application Security WAF SIG ANN AntiSpam Soc Security MITRE ATT&CK ✓✓ Threat Hunting ✓✓ Auto IR ✓✓ Outbreak ✓✓✓ IoC ✓✓✓ FortiGuard Labs – Industry-leading Threat Intelligence Founded in 2002, FortiGuard Labs is Fortinet’s elite cybersecurity threat intelligence and research organization. Partnering with law enforcement agencies, government organizations, and security vendor alliances worldwide to fight emerging global security risks. FortiGuard labs maintain real-time threat intelligence and innovative prevention tactics and tools across the Fortinet Security Fabric in three key categories: FortiGuard AI-Powered Security Rich set of industry leading security capabilities unified into one security framework. Delivering coordinated, context- aware policy for hybrid deployments across networks, endpoints, and clouds. The services continually assess the risk and automatically adjust the prevention to counter known and unknown threats in real-time. New in FortiOS 7.2 NEW FortiSandbox Inline Blocking NEW IoT/ IT Device protection NEW Dedicated IPS NEW SOC as a Service NEW Outbreak Detection Enhanced Web Security FortiGuard Security Integration Across the Security Fabric Global Leadership & Collaboration: Market Leading Security as a Service ML-enabled security, deployed close to the protected assets powered by FortiGuard Labs Coordinated Real-Time Prevention Continuously assess the risks and automatically respond and counter known and unknown threats Consistent Context Aware Policy Centralized detection and prevention delivered from the cloud built for hybrid environments More FortiGuard subscription services are available across our broad Security Fabric portfolio of solutions Learn more at Fortinet.com/fortiguard ✓ ✓ ✓ ✓ 6 77 ZTNA Unified Policy Configuration in a Single GUI FortiToken / FortiToken Cloud Fido-based passwordless Authentication SASE Automated provisioning of ZTNA agents & Apps from FortiSASE Identity Zero Touch Provisioning Campus and Large-Scale SD-Branch FortiGate SD-WAN Automated Overlay Orchestration and Large Scale Zero Touch Provisioning FortiGate Firewall FortiGate is the first next-generation firewall to support HTTP/3.0 SD-Branch Automation, simplified Deployment, and Orchestration for Global Scale management LAN Edge Zero Touch Provisioning Campus and Large-Scale SD-Branch FortiOS – The Foundation of the Security FortiOS is the foundation of the Fortinet Security Fabric, converging and consolidating many security and networking technologies and use cases into a simplified, single policy, and management framework. What’s New In FortiOS 7.2 Learn more at Fortinet.com/fortiOS Adopting new technologies is not a project with a start and a finish. Instead, it is a journey from design and implementation to optimization, operations, and ongoing management of the solution. Fortinet has you covered every step of the way, freeing up your resources to focus on your business needs. FortiCare Services help thousands of organizations every year to get the most out of their Fortinet Security Fabric solutions. We have over 1,400 experts providing accelerated implementation, reliable assistance, and proactive care through advanced support and professional services to maximize your security and performance. FortiCare – Expertise At Your Service 1400+ EXPERTS 24x7 TECHNICAL SUPPORT 23 GLOBAL SUPPORT CENTERS Design Business Alignment •High-level design •Low-level design •Product-agnostic workshops Deploy Accelerated Implementation •Migration •Configuration •Implementation •Validation •Knowledge Transfer Operate Reliable Assistance •24x7 Support •Premium hardware replacement •Technical account management •Proactive Incident avoidance •Dedicated resources Optimize Performance Excellence •Health checks •Software upgrade recommendation •Incident readiness •Penetration testing Evolve Personalized Care •Product upgrade assistance •Transformation readiness •Migration & replacement •Software upgrade Learn more at Fortinet.com/support FortiTrust – Redefining the Future of Security Services FortiTrust provides user-based licensing across all networks, endpoints and clouds •Access: Add ZTNA to your FortiGate-based network. •Identity: Cloud-based subscription across enterprise hybrid environments. 778 New Product Spotlight: FortiGate 4800F series Deliver ultra-high performance to secure Hyperscale data centers and 5G The SPU Advantage Fortinet’s Security Processors (SPUs) radically increase the speed, scale, efficiency and value of Fortinet solutions while greatly improving user experience, reducing footprint and power requirements. From entry-level to high-end solutions, SPU-powered Fortinet appliances deliver superior Security Compute Ratings versus industry alternatives. High-end Appliances Security Compute Ratings are benchmarks that compare the performance metrics of Fortinet SPU-based next-generation firewalls to similarly priced solutions from vendors that utilize generic processors for networking and security. Network Processor 7 NP7 Network Processors operate in-line to deliver unmatched performance for network functions and hyperscale for stateful firewall functions. 1 Industry average (entry-level) is calculated as the average of the similarly priced PAN-820, Cisco FPR-1120, Juniper SRX-345, and Check Point SG-3600. Industry average (high end) is calculated as the average of the similarly priced PAN-7050, Cisco FPR-9300, Juniper SRX-5400, and Check Point SG-28000. All data from public datasheets. 2 Fortinet metrics from public datasheets. Content Processor 9 CP9 As a co-processor to the main CPU, Content Processors offload resource-intensive processing and drive content inspection to accelerate security functions. System- on-a-Chip 4 SoC4 The System-on-a-Chip consolidates network and content processing, delivering fast application identification, steering, and overlay performance. Specification FortiGate 4801F1 Security Compute Rating Industry Average2 PAN PA-54503 Check Point Quantum 28000 Cisco FPR-4145 Juniper SRX-54004 Firewall 2.4 Tbps 15x 158 Gbps 136.4 Gbps 145 Gbps 80 Gbps 270 Gbps IPsec VPN 800 Gbps 19x 42 Gbps 34.8 Gbps 49 Gbps 23 Mbps 60 Gbps Threat Prevention 70 Gbps 1.5x 46 Gbps 61.8 Gbps 30 Gbps N/A N/A SSL Inspection 55 Gbps 5.5x 10 Gbps N/A N/A 10 Gbps N/A Concurrent Sessions 280M/1760M2 34x 51M 40M 32M 40M 91M Connections per second 900K/25M2 19x 1.3M 1.45M 615K 1.5M 1.7M 4 3 2 1 0 80 60 40 20 0 400 300 200 100 0 10 8 6 4 2 0 10 8 6 4 2 0 30 20 10 5 0 Entry-level Appliances SSL Inspection (Gbps) SSL Inspection (Gbps) Industry Avg (1)Industry Avg (1) Industry Avg (1) Industry Avg (1) Industry Avg (1) Industry Avg (1) FG 200F (2)FG 4401F(2) FG 4401F(2) FG 4401F(2) FG 200F (2) FG 200F (2) Connections Per Second (K) Connections Per Second (M) Power Consumption (Watts/Gbps FW) Power Consumption (Watts/Gbps FW) 6x More 9x More 9x More 9x More 7x Less 7x Less Ultra-scalable and high-performance Security Flexible, scalable dynamic, segmentation Secure, ultra-high- performance DCI with 400G support Notes: 1. Fortinet: Enabled by a Hyperscale License 2. PAN: Calculated with 2xNC and 2xDPC cards, no services and support. PAN Application Firewall used as they don’t publish stateful FW 3. Juniper: SRX5400E-B2 8 79 Training and Certifications Our Pledge to Train 1 Million People by 2026 Fortinet has pledged to train 1 million people globally over 5 years through its Training Advancement Agenda (TAA) and Fortinet Training Institute programs to help close the cybersecurity skills gap. January 2022 marked the start of this five-year pledge that will use Fortinet’s award-winning certification program content as the basis for meeting this goal. The Fortinet Training Institute has been recognized by various organizations for our contribution to excellence in cybersecurity training and certification as well as our many programs that help close the cybersecurity skills gap. New Fortinet Security Awareness and Training Service The Security Awareness and Training service offers every organization the ability to further protect their critical digital assets from cyber threats by building employee cybersecurity awareness and creating a cyber-aware culture. Free cybersecurity awareness and training for all U.S. School Districts At the National Cyber Workforce and Education Summit at the White House on July 19, 2022, Fortinet announced it is offering a customized academic version of its Security Awareness and Training service free to all U.S school districts starting with more than 8 million staff and faculty. This offering is part of Fortinet’s mission to help close the cybersecurity skills gap. Figures as of June 30, 2022 Information Security Awareness Learn about today's cyberthreats and how you can secure your information. Security Associate Learn about security solutions that have been created to address security problems faced by organizations. Security Associate Learn about the key Fortinet products and the cybersecurity problems they address. Professional Develop the knowledge required to manage the day-to-day configuration, monitoring, and operation of FortiGate devices to support corporate network security policies. 3NSE ASSOCIATE Analyst Develop a detailed understanding of how to implement network security management and analytics. Specialist Develop an understanding of the Security Fabric products that augment FortiGate, providing deeper and more comprehensive network security. Architect Develop the knowledge required to integrate Fortinet products into network security solution deployment and administration. Expert Demonstrate the ability to design, configure, install, and troubleshoot a comprehensive network security solution in a live environment. 6NSE SPECIALIST Fortinet NSE Certification Program The Fortinet Network Security Expert (NSE) Certification Program is an 8-level training and assessment program designed for customers, partners, and employees to help close the cybersecurity skills gap. With over 840,000 security certifications to date, Fortinet delivers expert-level training in local languages in 136 countries and territories worldwide through our ecosystem of Authorized Training Centers, academic partners, and a variety of online options (many of them free of charge). Fortinet Training & Education Partner Programs The Fortinet Training Institute’s ecosystem of public and private partnerships help Fortinet address the skills gap by increasing the access and reach of our cybersecurity certifications and training. The Academic Partner program works with academic institutions including K-12 and higher education. The Education Outreach program partners with industry, academia, government, and nonprofits to reach a broad population, in 94 countries and territories, while also focusing on recruiting women, minorities, veterans, and other underrepresented groups. 29 EDUCATION OUTREACH PARTNERS 930,000+ CERTIFICATIONS 471 ACADEMIES PARTNERS Learn more at Fortinet.com/nse-training 980 The Engage Partner Program is designed to help partners built a valuable, highly-differentiated security practice that leverages the industry’s best solutions to drive customer success. Fortinet’s global partner program is driven by three basic concepts: Growth Through Technology Differentiation Fortinet’s breadth of products are tightly integrated into one highly-automated, high-performing platform that spans endpoint, network, and cloud, and includes tools to easily connect with adjacent technologies. Fortinet is a channel-centric company that has created a large, global network of trusted advisors that customers can rely on to secure their digital transformation and strategically drive their business growth. Our Global Partner Commitment Analyst Recognition 60,000+ ACTIVE PARTNERS •Network Firewall •SD-WAN •WLAN/LAN •Endpoint •SIEM •WAAP •Indoor Location Services •Network Firewall •WLAN/LAN Access Infrastructure •Email Security •WAN Edge Infrastructure •DEM •VPN •NAC •EMAIL •IRM •XDR •SOAR •Indoor Location Services Network Firewall •Data-Center Edge •Distributed Edge SD-WAN •Security w/ SD-WAN •Small Branch WAN •Remote Workforce •Enterprise Email Security •ICS •Endpoint Detection and Response •Enterprise Firewalls •Worldwide SD-WAN Infrastructure •Modern Endpoint •WAF •All-In-One ZeroTrust Edge •Software-Defined WAN •Endpoint Detection and Response •Enterprise EmailSecurity •SD-WAN •Critical Infrastructure •SWG •NAC •WAN Edge Infrastructure •North America Healthcare •IT/OT Security Platform •SIEM •ICS •Security Service Access (SSA) - Forward Mover •Zero-Trust Network Access (ZTNA) - Fast Mover Business Success with Proven Credibility Fortinet’s superior technology innovation and industry leading threat intelligence, alongside our customer ratings and independent analyst reports leadership validates and differentiates our partners’ offerings. Long-term, Sustained Growth The Engage Partner Program offers sustained sales, marketing, and executive support so you can grow productive, predictable, and successful relationships. With drivers of growth built into the program, like our Specializations, we provide paths to expertise for solutions that are driving demand in the market — ensuring you are positioned for success. 10 81 CUSTOMER RECOGNITION Gartner Peer Insights Customers’ Choice distinctions are based on the ratings of vendors by verified end-user professionals across a variety of industries and from locations around the world. These distinctions take into account both the number of end-user reviews a vendor receives, along with the overall ratings score a vendor receives from those end users. Fortinet is proud to be named a Gartner Peer Insights Customers’ Choice in several critical areas: Network Firewalls Wired and Wireless LAN Access Infrastructure Email Security WAN Edge Infrastructure See our Gartner Peer Insights reviews and distinctions at www.gartner.com/reviews Fortinet is recognized as a LEADER in 2 Gartner® 2021 Magic Quadrant™ Reports: Fortinet is also recognized in 4 additional Gartner 2021 Magic Quadrant Reports, including a wide range of technologies: And Fortinet is an ‘Honorable Mention’ in 2 additional Gartner 2020/2021 Magic Quadrant Reports: GARTNER and MAGIC QUADRANT are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose. •Only vendor with all three VB100, VBSpam, and VBWeb certifications •Highest “VBSpam+” rating •Antiphishing Approved Certified in 5 technology areas: •Anti-Malware Network •Network Firewall •IPsec VPN •Web Application Firewall •Advanced Threat Defense 100% Protection, 2 Years in a Row •All Test Cases •All Signature-Independent •Top Analytical Detection Network Firewalls WAN Edge Infrastructure Secure Web Gateway Indoor Location Services Third Party Testing and Certifications Fortinet submits its products for impartial, third party performance and effectiveness testing with the most prominent organizations in the industry, with consistent positive results. Web Application and API Protection Wired and WLAN SIEM Endpoint Protection Platforms Gartner, Gartner Peer Insights ‘Voice of the Customer’: Network Firewalls, Peer Contributors, 9 April 2021 Gartner, Gartner Peer Insights ‘Voice of the Customer’: Wired and Wireless LAN Access Infrastructure, Peer Contributors, 12 May 2021 Gartner, Gartner Peer Insights ‘Voice of the Customer’: Email Security, Peer Contributors, 5 February 2021 Gartner, Gartner Peer Insights ‘Voice of the Customer’: WAN Edge Infrastructure, Peer Contributors, 5 February 2021 The GARTNER PEER INSIGHTS CUSTOMERS’ CHOICE badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates. Learn more at Fortinet.com/solutions/gartner-magic-quadrants 1182 Copyright © 2022 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Certain offerings mentioned herein may not be generally available, and Fortinet reserves the right to change, modify, transfer or otherwise revise this publication without notice, and the most current version of the publication shall be applicable Revision: Q2 / 2022 v2 07.06.22 Fortinet secures over half a million enterprises, service providers, and government organizations around the world. Visit Fortinet.com/Customers to see how many of our customers benefit from Fortinet solutions and the Fortinet Security Fabric. 5th largest airline in the United States. A chain of double drive-thru restaurants in the United States. The company operates Checkers and Rally's restaurants in 28 states, and the District of Columbia. One of the UK’s largest universities, the University of Birmingham is over 100 years old with over 30,000 students across the world. Provider of online financial services to more than 42 million individual users and more than 300 corporate users in Hong Kong, Mainland China, and Indonesia. A global leader in managed services providing end-to-end fully managed cybersecurity, networking, and digital signage solutions tailored to the unique business requirements of today’s enterprise. Sweden’s largest regional health provider. Orange is one of the world’s leading telecommunications operators and global provider of IT and telecommunication services. Provider of flexible hybrid IT solutions for business and government. SoftBank is a multinational conglomerate that aspires to drive towards digital transformation. HQ: United States HQ: United States HQ: United States HQ: United Kingdom HQ: Hong Kong HQ: Sweden HQ: France HQ: Austrailia HQ: Japan 83 Hit the ground running with new capabilities Fast-track return on investment with streamlined migration and deployment Get expert help when you need it Accelerate incident resolution and maximize efficacy with 24x7 assistance from technical experts Enhance your security with tailored guidance Increase productivity and avoid incidents with operational reviews, account planning, and upgrade assistance FortiCare Services Technical Support, Advanced Services, and Professional Services Expertise at Your Service n 24x7 Global Support n 1,400+ NSE and Industry Certified Global Resources n 3 Regional Centers of Expertise n 23 Support Centers n 40 Regional Depots n 200+ In-country Depots n 4-hour Expedited Hardware Replacement Availability FortiCare Worldwide 24x7 Support support.fortinet.com Confidence in Your Investment Businesses are making huge investments in security and Fortinet Security Fabric technologies to provide essential services critical to securing their most valuable assets. Organizations often lack the in-house expertise or resources for initial deployment, product support, and ongoing operations. At Fortinet, we understand these challenges and provide FortiCare Services to thousands of organizations every year to address them. We want organizations to feel confident that they are maximizing the value of their investments quickly and realizing efficiency and efficacy gains over time. Whether migrating to a Fortinet Next-Generation Firewall (NGFW), implementing software- defined wide-area networking (SD-WAN) to protect your branch locations, or automating security operations functions, we will work with you to match the proper services with your unique business needs. We are dedicated to your success and provide the expertise you need when you need it. Services FortiCare Support Services is per-device support services, and it provides customers access to over 1,400 experts to ensure efficient and effective operations and maintenance of their Fortinet capabilities. Global technical support is offered 24x7 with flexible add-ons, including enhanced service level agreements (SLAs) and premium hardware replacement through 200+ in-country depots. Advanced Services is account-based services, and provides high-touch account management and business guidance through designated resources to meet the needs of enterprises and service providers. Additionally, Enterprise Support Agreements (ESAs) are available to simplify consumption of the services. 1 84 FortiCare Services | Technical Support, Advanced Services, and Professional Services 2 Professional Services provides accelerated implementation and configuration optimization through QuickStart or custom engagements leveraging the services of highly skilled experts to promote first-time accuracy and avoid costly post-deployment issues. The Journey Adopting new technologies is not a project with a start and a finish. Instead, it is a journey from design and implementation to operations, optimization, and ongoing management of the solution. Fortinet has you covered every step of the way, freeing up your resources to focus on your business. Feature Highlights: Technical Support Organizations depend on Fortinet solutions to provide critical services. If any issues arise, they need to be addressed quickly to help ensure security and business continuity. Flexible support options help organizations maximize uptime, security, and performance according to the individual needs of each business. Fortinet offers three different per-device support options to meet the needs of different devices, i.e., FortiCare Essential, FortiCare Premium, and FortiCare Elite. Organizations have the flexibility to buy different levels of service for different devices based on their needs. FortiCare Essential FortiCare Essential is the base-level service, and it is targeted toward devices that require a limited amount of support and can tolerate next-business-day, web-only response for critical as well as non-critical issues. This service is only offered to FortiGate models 8x and below and to low-end FortiWifi devices. FortiCare Premium FortiCare Premium is targeted toward devices that require 24x7x365 with one-hour response for critical issues and the next business-day response for non-critical issues. FortiCare Elite FortiCare Elite services offers enhanced service-level agreements (SLAs) and accelerated issue resolution. This advanced support offering provides access to a dedicated support team. Single-touch ticket handling by the expert technical team streamlines resolution. This option also provides Extended End-of-Engineering-Support (EoE’s) of 18 months for added flexibility and access to the new FortiCare Elite Portal. This intuitive portal provides a single unified view of device and security health. 85 FortiCare Services | Technical Support, Advanced Services, and Professional Services 3 FortiCare Included Features Per-device Service Options FortiCare ESSENTIAL FortiCare PREMIUM FortiCare ELITE RMA Return and replace only Advanced replacement (PRMA available) Advanced replacement (PRMA available) Web Support ✓✓✓ Telephone Support —✓✓ Firmware Updates ✓✓✓ Asset Management Portal ✓✓✓ Response Time (Critical Issue)Next business day 1 hour 15 mins Response Time (Non-critical Issue)Next business day Next business day 2 business hours Extended End-of-Engineering-Support (E-EoES) for Long Term Supported Firmware (LTS) of 18 months*——✓ Device Insights and Monitoring Portal (FortiCare Elite Portal) — —✓ FortiCare Service Offerings FortiCare Services is provided by the support teams located in the three regional Technical Assistance Centers (TACs) and three regional Centers of Excellence (COE). Fortinet Technical Assistance Centers Regional COE: n Vancouver n Sophia Antipolis n Kuala Lumpur AMER Regional TAC: n Ottawa n Chicago n Sunnyvale n Plano n Sunrise n Mexico City n Bogota n Uberlandia EMEA Regional TAC: n Bangalore n Dubai n Frankfurt n Prague n Lisbon n Tel Aviv APAC Regional TAC: n Beijing n Sydney n Seoul n Tokyo n Manila n Singapore * Currently available for FortiGate only 86 FortiCare Services | Technical Support, Advanced Services, and Professional Services 4 Self-service Resources For expedited answers, Fortinet maintains ample self-service resources to get you the answers you need, fast. All the answers to your questions are now in one place. The Fortinet community is a knowledge-sharing hub for customers, partners, Fortinet experts, and colleagues. The community is a place to collaborate, share insights and experiences, and get answers to questions. community.fortinet.com Feature Highlights: Advanced Services For enhanced security and tailored guidance, FortiCare Advanced Services gives you direct assistance from technical experts who know your business and can help accelerate issue resolution. With designated account management and service delivery, you can focus on your business while we focus on your success. Designated Advanced Technical Support for focused resolution of incoming technical support issues. Service Relationship Management annual service and performance review. Quarterly operational review to cover technical ticket statistics, quality issues, overall ongoing ticket analysis, product life cycle, ongoing activity, and 90-day project planning. Root Cause Analysis of critital incidents (Priority-1 and Priority-2) related to Fortinet appliances. Upgrade Assistance which may include software recommendation, upgrade testing, and planning assistance. Advanced Service Points for remote after-hours assistance, product upgrade assistance, and software recommendations. Annual Training Package including NSE 4 and NSE 5 training and certification vouchers. Entitlements vary by level but can include: 87 FortiCare Services | Technical Support, Advanced Services, and Professional Services 5 Enterprise Services offerings come in four levels: Premium, Business, First, and Global First.. Service Provider offerings come in two levels: Select and Elite. Benefits vary by level. FortiCare Included Features Account-level Advanced Services Premium Business First Global First Technical Support 24x7x365 24x7x365 24x7x365 24x7x365 Direct Access to ASE Team ✓Designated ASE Lead TAM 3 Regional TAMs Enhanced Reponse SLA ✓✓✓✓ Business Review —Biannual Quarterly Quarterly Account Planning ✓✓✓✓ Device Performance Advice ——✓✓ Device Configuration Advice ——✓✓ Root Cause Analysis — P 1 P1/P2 P1/P2 NSE 4 Training & Certification 3 3 5 15 NSE 5 Training & Certification —3 5 15 Advanced Services Points —6 16 48 FortiCare Included Features Account-level Advanced Services Select Elite Global Elite Technical Support 24x7x365 24x7x365 24x7x365 Direct Access to ASE Team ✓Lead TAM Lead TAM Enhanced Reponse SLA ✓✓✓ Business Review —Quarterly Quarterly Account Planning ✓✓✓ Performance/Configuration Advice —✓✓ Designated Relationship Manager ✓✓✓ 18-month Extended Firmware —✓✓ Lab Testing 5 Days 5 Days 15 Days Upgrade Assistance —2 Products 6 Products Root Cause Analysis P1/P2 P1/P2 P1/P2 NSE 4 Training & Certification 3 5 15 NSE 5 Training & Certification 3 5 15 Advanced Services Points 6 12 36 88 FortiCare Services | Technical Support, Advanced Services, and Professional Services 6 Key benefits to engaging Fortinet Professional Services: In addition, Global First for Enterprises and Global Elite for Service Providers are available to extend the geographical coverage of the service. These service levels provide a designated lead engineer per region covering EMEA, Americas, and Asia Pacific. The service features, as described in the First service, are provided within each region with global coordination. Feature Highlights: Professional Services As networks and threats rapidly evolve, it’s critical to make sure security capabilities can keep up. Given the global cybersecurity skills shortage, today’s organizations often lack the in-house expertise or enough staff to deploy, operate, and maintain the new technologies required to close security gaps. FortiCare Professional Services delivers expert help to ensure Fortinet deployments are optimized for each customer’s unique needs. Professional Services provides Design, Deploy, Operate, Optimize, and Evolve services. In addition, Professional Services also offers product-agnostic consulting services. Design Business Alignment • High-level Design • Low-level Design • Product-agnostic Workshops • Site Survey Evolve Personalized Care • Product Upgrade Assistance • Transformation Readiness • Migration and Replacement • Lab Testing Optimize Performance Excellence • Health Checks • Software Upgrade Recommendation • Incident Readiness • Penetration Testing Deploy Acceleated Implementation • Migration • Configuration • Validation • Knowledge Transfer Operate Reliable Assistance • Resident Engineer • Training Faster Time-to-Value Increased Service Uptime Access to Industry Expertise Increased Productivity Hit the ground running with new capabilities, achieve faster time-to-value with streamlined expert deployment of Fortinet products and solutions. Achieve increased uptime by leveraging subject matter experts who can proactively review changes, performance, and policies for reliability and sustained security. Supplement in-house teams with dedicated resources that can bring industry expertise to perform upgrades or handle technical incidents. Increase staff productivity by offloading redundant operational tasks including configurations to Fortinet domain experts who know your business 89 FortiCare Services | Technical Support, Advanced Services, and Professional Services Copyright © 2022 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. www.fortinet.com April 29, 2022 12:09 PM FIDDLE LEAF:Graphic Design:Fortinet:Projects:fa-forticare-services-brochure:fa-forticare-services-brochure-042922 Folder:fa-forticare-services-brochure-042922 1563571-0-0-EN Cybersecurity Advisory and Consulting Services allow our experts to partner with business leaders, helping organizations be at their best through this ever-changing environment. Fortinet experts discover existing security posture elements through a vendor-agnostic approach; align findings to business goals, strategic objectives, and compliance requirements; and guide existing projects and future planning toward framework maturity. Discover Business Goals Security Posture Systems/Objectives Align Security Framework Compliance Requirements Strategic Objectives Guide Architectural Design Operational Practices Maturity Roadmap Threats What are the most important threats on which I should focus? Environment Is my environment as secure as it needs to be? Operations Are my people properly trained to defend us against the threats we face? FortiGuard Labs Consulting Consulting services are designed to help your organization address your specific threat landscapes and improve your organization’s ability to use threat intelligence to meet that challenge. These services leverage the expertise and experience of the FortiGuard Labs team and provide the answers to the questions organizations are asking most: 90 Fortinet Product Certifications BROCHURE 2H’21 91 BROCHURE | Fortinet Product Certifications 2 Fortinet Product Certifications Organizations looking to expand, upgrade, or replace their security solutions often find themselves struggling to compare solutions from different vendors. In addition to consistent information about features and functions, they also need information about the compliance and certification level of individual solutions and whether they will enable them to meet regulatory requirements. To help companies navigate this process, third-party labs and auditors conduct independent testing to enable a fair comparison between products for things like performance, compliance, and functionality. Using industry standards and advanced benchmarking technologies, such as independent validation of products and services, is essential for businesses to evaluate whether a solution will meet their unique business requirements. Third-party Testing Fortinet has actively participated in third-party testing since we first opened our doors. We are committed to the testing and certification process and believe that it provides three key benefits: nnIt validates our design and development process. Third-party labs set standards for functionality, performance, and real-world use cases that help drive the development of key features. Certifications At-a-Glance nnFortinet’s commitment to innovation and excellence has earned the respect of independent test labs around the world nn25+ years of consistent testing and compliance nnA wide range of global certifications across verticals nnIt helps improve our technology. Direct feedback from standardized benchmark testing helps us in our effort to continually improve our technologies. nnIt allows our customers to easily compare our technologies against solutions from other vendors. Annual testing helps us set the bar higher every year, with the objective of achieving a leadership position in every test in which we participate. Certifications and Regulatory Compliance Public and private sector organizations alike require solutions that meet regulatory and compliance requirements. Fortinet is committed to meeting a wide range of national, regional, and international requirements, and we subject our solutions and services to independent third-party audits and testing to guarantee compliance. The Fortinet Certifications Resource Center (CRC) Fortinet’s CRC is the repository for product compliance reports, certifications, and independent validation results from unbiased agencies. The scope of Fortinet’s product certifications includes the following categories: Product Certifications Independent lab testing of Fortinet products using industry standards, best practices, and real-world testing environments Information Security Certifications and examinations of Fortinet’s infrastructure security and networking solutions Compliance Certifications attesting to Fortinet products’ compliance with public sector regulatory frameworks and standards 92 BROCHURE | Fortinet Product Certifications 3 Product Certifications Overview Category Certification Description Latest Publication Date Product Certifications ICSA Labs ICSA Labs is an independent division of Verizon. They provide third-party testing and certification of security and health-related IT products and network-connected devices to measure product compliance, reliability, and performance. IPsec VPN 08/10/2021 Firewall 08/25/2021 WAF 09/27/2021 AV-Comparatives AV-Comparatives is an independent lab offering systematic testing to determine whether security software—such as PC/Mac-based antivirus products and mobile security solutions—lives up to its claims. Using one of the largest sample collections in the world, they create a real-world environment for truly accurate testing. Certification by AV-Comparatives provides a globally recognized seal of approval for software performance. Business Security Test: Mar-Jun 2021 SE Labs SE Labs tests a range of solutions, including endpoint software, network appliances, and cloud services, on their ability to detect attacks, protect against intrusions, or both. Email Security Services Protection: Jan-Mar 2020 MEF 3.0 MEF 3.0 is an SD-WAN Certification Program that uses Spirent as their SD- WAN Authorized Certification and Test Partner (ACTP). Certification involves rigorous tests of the service attributes and requirements defined in MEF 70 and described in detail in the upcoming MEF SD-WAN Certification Test Requirements (MEF W90) standard. MEF 3.0 SD-WAN: Jun 2020 Virus Bulletin VB is a world leader in security software testing. Their publicly available test reports cover anti-malware protections of all types as well as enterprise-level email and web security solutions. VBSpam Sept 2021 VB100 Sept 2021 MITRE Engenuity MITRE Engenuity's ATT&CKTM evaluations assess the ability of a vendor's solutions to defend against specific adversary tactics and techniques. They openly publish these results to provide end-users with the information needed to make good purchasing decisions. These evaluations are not a competitive analysis. There are no scores, rankings, or ratings. Instead, they show how each vendor approaches threat detection in the context of the MITRE ATT&CK knowledge base to provide an unbiased assessment of detection and protection capabilities and highlight potential gaps to drive the industry forward. Round 3: Fin7/Carbanak: Apr 2021 Information Security SOC2 SOC2 is an auditing procedure that ensures that service providers securely manage their customers' data. It covers their security, availability, processing integrity, confidentiality, and/or privacy controls. Compliance is based on the AICPA's (American Institute of Certified Public Accountants) TSC (Trust Services Criteria). SOC2 Type 2: Apr-Sept 2021 ISO ISO/IEC 27001 is an international standard for managing information security. It defines requirements and controls for establishing, implementing, maintaining, and continually improving an organization's Information Security Management System (ISMS). ISO/IEC 27001: Jun 2021-Jun 2024 Government Regulations FIPS Validated The Federal Information Processing Standard 140-2 (FIPS 140-2) is an information technology security accreditation program for validating cryptographic modules developed by vendors that meet well-defined security standards. FIPS 140-2 Level 1 Aug 2021 FIPS 140-2 Level 2 Sept 2021 Common Criteria Common Criteria is an international standard (ISO/IEC 15408) operated by 17 certificate-authorizing nations. 31 countries have accepted it for their respective government acquisition requirements for their IT/networking infrastructures. CC EAL4+Oct 2021 FWcPP+IPS +VPN Jan 2021 93 BROCHURE | Fortinet Product Certifications Copyright © 2021 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. www.fortinet.com December 17, 2021 9:47 AM 1380665-0-0-EN Summary Fortinet is committed to the independent testing and certification of its products and services. ICSA, AV-Comparatives, Virus Bulletin, and other independent testing organizations have consistently validated the effectiveness of Fortinet solutions. Fortinet earned ICSA’s prestigious Excellence in Information Security Testing (EIST) award for 15 years of participation in 2017 and has been recognized by ICSA for outstanding achievement in information security certification testing 10 years in a row. “Real-world third-party validation is an essential resource for enterprises considering security products, helping to cut through the confusion that can be caused by vendor marketing. Fortinet relies on a variety of third-party testing and compliance labs to provide reliable information to organizations making critical security purchasing decisions. They also demonstrate Fortinet’s commitment to meeting high industry standards for security detection, performance, reliability, management, and value.” - Fortinet CEO Ken Xie 94 Product License Agreement / EULA and Warranty Terms Product License Agreement The parties to this agreement are you (the end-customer) and Fortinet, Inc. ("Fortinet"). CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT (THE OR THIS “AGREEMENT” OR “EULA”). USE OR INSTALLATION OF FORTINET PRODUCT(S) AND ANY UPDATES THERETO, INCLUDING HARDWARE APPLIANCE PRODUCTS, SOFTWARE AND FIRMWARE INCLUDED THEREIN BY FORTINET, AND STAND-ALONE SOFTWARE PRODUCTS SOLD BY FORTINET (TOGETHER, THE "PRODUCTS") CONSTITUTES ACCEPTANCE BY YOU OF THE TERMS IN THIS AGREEMENT, AS AMENDED OR UPDATED FROM TIME TO TIME IN FORTINET’S DISCRETION BY FORTINET PUBLISHING AN AMENDED OR UPDATED VERSION. FORTINET SHALL NOT BE BOUND BY ANY ADDITIONAL AND/OR CONFLICTING PROVISIONS IN ANY ORDER, RELEASE, ACCEPTANCE OR OTHER WRITTEN CORRESPONDENCE OR OTHER WRITTEN OR VERBAL COMMUNICATION UNLESS EXPRESSLY AGREED TO IN A WRITING SIGNED BY THE GENERAL COUNSEL OF FORTINET. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, DO NOT START THE INSTALLATION PROCESS OR USE THE PRODUCTS. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, YOU SHOULD IMMEDIATELY, AND IN NO EVENT LATER THAN FIVE (5) CALENDAR DAYS AFTER YOUR RECEIPT OF THE PRODUCT, IMMEDIATELY NOTIFY FORTINET LEGAL LEGAL@FORTINET.COM OF REQUESTED EULA CHANGES. 1. License Grant. This is a license agreement between you and Fortinet, not a sales agreement. The term "Software", as used throughout this Agreement, includes all Fortinet and third party firmware and software provided to you with, or incorporated into, Fortinet appliances and any stand-alone software provided to you by Fortinet, with the exception of any open source software contained in Fortinet’s Products which is discussed in detail in section 15 below, and the term “Software” includes any accompanying documentation, any updates and enhancements of the software or firmware provided to you by Fortinet, at its option. Fortinet grants to you a non- transferable (except as provided in section 5 ("Transfer") and section 15 ("Open Source Software") below), non-exclusive, revocable (in the event of your failure to comply with these terms, in the event of termination, or in the event Fortinet is not properly paid for the applicable Product) license to use the Software solely for your internal business purposes (provided, if (a) agreed by Fortinet in writing, (b) you are authorized by Fortinet in writing to provide managed service provider services (“MSSP”) to your end-customers, and (c) you pay for an MSSP license, then you may use the Software and/or Software embedded in Fortinet Hardware to provide those services, subject to the other restrictions in this Agreement), in accordance with the terms set forth in this Agreement and subject to any further restrictions in Fortinet documentation (including license term restrictions), and solely on the Fortinet appliance, or, in the case of blades, CPUs, platform, devices or databases, on the single blade, CPU, platform, device or database on which Fortinet installed the Software, or, for stand-alone Software, solely on a single computer running a validly-licensed copy of the operating system for which the Software was designed unless and except set forth in the published documentation otherwise. For clarity, notwithstanding anything to the contrary, all licenses of Software to be installed on blades, CPUs, platforms, devices or databases are licensed per blade, solely for one blade and not for multiple blades that may be installed in a chassis, per CPU, per platform, per device, or per database basis, up to the blade, CPU, platform, device, database number defined in the license and as applicable and in accordance with the documentation. The Software is "in use" on any appliances, blades, CPUs, platforms, devices, or databases when it is loaded into temporary memory (i.e. RAM), accessed, downloaded, installed, or used on an appliance, blade, CPU, platform, device, or database. You agree that, except for the limited, specific license rights granted in this section 1, you receive no license rights to the Software. 2. Limitation on Use. You are prohibited from and may not attempt to, and, if you are a corporation, you are responsible to prevent your employees and contractors from attempting to: (a) modify, translate, reverse engineer, decompile, disassemble, create derivative works based on, sublicense, or distribute the Software; (b) rent or lease any rights in the Software in any form to any third party or make the Software available or accessible to third parties in any other manner (except as expressly permitted for MSSP partners); (c) transfer assign or sublicense right to any other person or entity (except as provided in section 5): (d) remove any proprietary notice, labels, or marks on the Software, Products, and containers; (e) use the Software to determine, or disclose the results of, any benchmarking or performance measurements; (f) interfere with a platform for use of the Software; (g) use the Software on a device not owned and controlled by you; (h) use automated means to access online portions of the platform for the Software; (i) use the Software for third- party training, commercial time-sharing or service bureau use or (except as expressly set forth in this Agreement) use the Software to provide services to third parties, (j) share non-public features or content of the software with any third party; (k) access the software in order to build a competitive product or service, to build a product using similar ideas, features, functions or graphics of the software, or to copy any ideas, features, functions or graphics of the software; or, (l) engage in web scraping or data scraping on or related to the software, including without limitation, collection of information through any software that simulates human activity or any bot or web crawler. 3. Proprietary Rights. All rights (including copyrights, trade secret, patent and other intellectual property rights), title, interest in and to the Software and any Product, and any copy thereof remain with Fortinet. You acknowledge that no title or other intellectual property rights in the Software or other Products is transferred to you and you will not acquire any rights to the Software or other Products except for the specific limited license as expressly set forth in section 1 (“License Grant”) above. You expressly agree and acknowledge that Fortinet owns, retains, and shall retain all intellectual property rights in and to, and you have no intellectual property rights in and to, the Products and the Software other than the License Grant. You agree to keep confidential all Fortinet confidential information and only to use such information for the purposes for which Fortinet disclosed it. 4. Term and Termination. The term of the license is the shorter of (a) the term as set forth in the ordering documents, other Fortinet documentation, or per Fortinet practices or policies (such as with evaluation or beta licenses or subscription or other term licenses) and (b) for the duration of Fortinet's copyright in the Software. Fortinet may terminate this Agreement, and the licenses and other rights herein, immediately without notice if you breach or fail to comply with any of the terms and conditions of this Agreement or for other reasons as stated in Fortinet’s other documentation. You agree that, upon such termination, you will cease using the Software and any Product and either destroy all copies of the Fortinet documentation or return all materials to Fortinet. 5. Transfer. If you are a Fortinet contracted and authorized reseller or distributor of Products, you may transfer (not rent or lease unless specifically agreed to in writing by Fortinet) the Software to one end user on a permanent basis, provided that: (i) you ensure that your customer and the end user receives a copy of this Agreement, is bound by its terms and conditions, and, by selling the Product or Software, you hereby agree to enforce the terms in this Agreement against such end user, (ii) you at all times comply with all applicable United States export control laws and regulations, and (iii) you agree to refund any fees paid to you by an end user who purchased Product(s) from you but does not agree to the terms contained in this Agreement and therefore wishes to return the Product(s) as provided for in this Agreement. Further, if you are a non-authorized reseller of Products and Services, you are not authorized to sell Product(s), Software or Services, but, regardless, by selling Product(s), Software or Services, you hereby agree you are bound by the restrictions and obligations herein and are bound to: (i) ensure that your customer and the end user receive a copy of this Agreement and are bound in full by all restrictions and obligations herein (ii) enforce the restrictions and obligations in this Agreement against such customer and/or end user, (iii) comply with all applicable United States export control laws and regulations and all other applicable laws, and (iv) refund any fees paid to you by a customer and/or end user who purchased Product(s) from you but does not agree to the restrictions and obligations contained in this Agreement and therefore wishes to return the Product(s) as provided for in this Agreement. Notwithstanding anything to the contrary, distributors, resellers and other Fortinet partners (a) are not agents of Fortinet and (b) are not authorized to bind Fortinet in any way. Fortinet’s license, warranty, and support is only available for Products that you purchased directly from an authorized Fortinet channel partner. Products not purchased from an authorized Fortinet channel partner are not eligible, will not be supported, and may be blocked from registration. 6. Limited Warranty. Fortinet provides this limited warranty for its product only to the single end-user person or entity that originally purchased the Product from Fortinet or its authorized reseller or distributor and paid for such Product. The warranty is only valid for Products which are properly registered on Fortinet’s Support Website, https://support.fortinet.com, or such other website as provided by Fortinet, or for which the warranty otherwise starts according to Fortinet’s policies, and any support is only valid for products properly purchased through authorized distributors and resellers. The warranty periods discussed below will start according to Fortinet’s policies posted at http://www.fortinet.com/aboutus/legal.html or such other website as provided by Fortinet. It is the Fortinet distributor’s and reseller’s responsibility to make clear to the end user the date the product was originally shipped from Fortinet, and it is the end user’s responsibility to understand the original ship date from the party from which the end user purchased the product. All warranty claims must be submitted in writing to Fortinet before the expiration of the warranty term or such claims are waived in full. Fortinet provides no warranty for any beta, donation or evaluation Products. Fortinet warrants that the hardware portion of the Products ("Hardware") will be free from material defects in workmanship as compared to the functional specifications for the period set forth as follows and applicable to the Product type ("Hardware Warranty Period"): (a) a three hundred sixty-five (365) day limited warranty for the Hardware products; (b) for FortiAP, the warranty herein shall last from the start of the warranty period as discussed above until five (5) years following the product announced end-of-life date Hardware; (c) for FortiSwitch Hardware appliance products other than the FortiSwitch-5000 series, the warranty herein shall last from the start of the warranty period as discussed above until five (5) years following the product announced end-of-life date Hardware. Fortinet's sole obligation shall be to repair or offer replacement Hardware for the defective Hardware at no charge to the original owner. This obligation is exclusive of transport fees, labor, de- installation, installation, reconfiguration, or return shipment and handling fees and costs, and Fortinet shall have no obligation related thereto. Such repair or replacement will be rendered by Fortinet at an authorized Fortinet service facility as determined by Fortinet. The replacement Hardware need not be new or of an identical make, model, or part; Fortinet may, in its discretion, replace the defective Hardware (or any part thereof) with any reconditioned Product that Fortinet reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware. The Hardware Warranty Period for the repaired or replacement Hardware shall be for the greater of the remaining Hardware Warranty Period or ninety days from the delivery of the repaired or replacement Hardware. If Fortinet determines in its reasonable discretion that a material defect is incapable of correction or that it is not practical to repair or replace defective Hardware, the price paid by the original purchaser for the defective Hardware will be refunded by Fortinet upon return to Fortinet of the defective Hardware. All Hardware (or part thereof) that is replaced by Fortinet, or for which the purchase price is refunded, shall become the property of Fortinet upon replacement or refund. Fortinet warrants that Software as initially shipped by Fortinet will substantially conform to Fortinet's then-current functional specifications for the Software, as set forth in the applicable documentation for a period of ninety (90) days ("Software Warranty Period"), if the Software is properly installed on approved Hardware and operated as contemplated in its documentation. Fortinet's sole obligation shall be to repair or offer replacement Software for the non-conforming Software with software that substantially conforms to Fortinet's functional specifications. This obligation is exclusive of transport fees, labor, de-installation, installation, reconfiguration, or return shipment and handling fees and costs, and Fortinet shall have no obligation related thereto. Except as otherwise agreed by Fortinet in writing, the warranty replacement Software is provided only to the original licensee, and is subject to the terms and conditions of the license granted by Fortinet for the Software. The Software Warranty Period shall extend for an additional ninety (90) days after any warranty replacement software is delivered. If Fortinet determines in its reasonable discretion that a material non- conformance is incapable of correction or that it is not practical to repair or replace the non-conforming Software, the price paid by the original licensee for the non-conforming Software will be refunded by Fortinet; provided that the non-conforming Software (and all copies thereof) is first returned to Fortinet. The license granted respecting any Software for which a refund is given automatically terminates immediately upon refund. For purpose of the above hardware and software warranties, the term “functional specifications” means solely those specifications authorized and published by Fortinet that expressly state in such specifications that they are the functional specifications referred to in this section 6 of this Agreement, and, in the event no such specifications are provided to you with the Software or Hardware, there shall be no warranty on such Software. 7. Disclaimer of Other Warranties and Restrictions. EXCEPT FOR THE LIMITED WARRANTY SPECIFIED IN SECTION 6 ABOVE, THE PRODUCT AND SOFTWARE ARE PROVIDED "AS-IS" WITHOUT ANY WARRANTY OF ANY KIND INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY, IMPLIED OR EXPRESS WARRANTY OF MERCHANTABILITY, OR WARRANTY FOR FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IF ANY IMPLIED WARRANTY CANNOT BE DISCLAIMED IN ANY TERRITORY WHERE A PRODUCT IS SOLD, THE DURATION OF SUCH IMPLIED WARRANTY SHALL BE LIMITED TO NINETY (90) DAYS FROM THE DATE OF ORIGINAL SHIPMENT FROM FORTINET. EXCEPT AS EXPRESSLY COVERED UNDER THE LIMITED WARRANTY PROVIDED HEREIN, THE ENTIRE RISK AS TO THE QUALITY, SELECTION AND PERFORMANCE OF THE PRODUCT IS WITH THE PURCHASER OF THE PRODUCT. NOTWITHSTANDING ANYTHING TO THE CONTRARY, THE HARDWARE WARRANTY PERIOD DISCUSSED ABOVE DOES NOT APPLY TO CERTAIN FORTINET PRODUCTS, INCLUDING FORTITOKEN WHICH HAS A 365 DAY WARRANTY FROM THE DATE OF SHIPMENT FROM FORTINET’S FACILITIES, AND THE SOFTWARE WARRANTY DOES NOT APPLY TO CERTAIN FORTINET PRODUCTS. YOU HEREBY ACKNOWLEDGE AND AGREE THAT NO VENDOR CAN ASSURE COMPLETE SECURITY AND NOTHING HEREIN OR ELSEWHERE SHALL BE DEEMED TO IMPLY A SECURITY GUARANTEE OR ASSURANCE, AND FORTINET DISCLAIMS LIABILITY REGARDING YOUR WEB BROWSER’S REQUIREMENTS OR ANY THIRD PARTY DEVICE OR APPLIANCE USED TO OPERATE THE SOFTWARE. The warranty in Section 6 above does not apply if the Software, Product or any other equipment upon which the Software is authorized to be used (a) has been altered, except by Fortinet or its authorized representative, (b) has not been installed, operated, repaired, updated to the latest version, or maintained in accordance with instructions supplied by Fortinet, (c) has been subjected to abnormal physical or electrical stress, misuse, negligence, or accident; (d) is licensed for beta, evaluation, donation, testing or demonstration purposes or for which Fortinet does not charge a purchase price or license fee; or (e) is procured from a non- authorized reseller or non-authorized distributor. In the case of beta, testing, evaluation, donation or free Software or Product, the end user acknowledges and agrees that such Software or Product may contain bugs or errors and could cause system failures, data loss and other issues, and the end user agrees that such Software or Product is provided “as-is” without any warranty whatsoever, and Fortinet disclaims any warranty or liability whatsoever. An end user’s use of evaluation or beta Software or Product is limited to thirty (30) days from original shipment unless otherwise agreed in writing by Fortinet. For clarity, notwithstanding anything to the contrary, all sales are final and no provision in this EULA entitles you to return Products, other than as expressly set forth herein. 8. Governing Law. Any disputes arising out of this Agreement or Fortinet’s limited warranty shall be governed by the laws of the state of California, without regard to the conflict of laws principles. In the event of any disputes arising out of this Agreement or Fortinet’s limited warranty, the parties submit to the jurisdiction of the federal and state courts located in Santa Clara County, California, as applicable, and agree that any controversy or claim arising out of or relating to this Agreement shall be determined in the federal and state courts located in Santa Clara County, California, as applicable. 9. Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY LAW AND NOTWITHSTANDING ANYTHING TO THE CONTRARY, FORTINET IS NOT LIABLE UNDER ANY CONTRACT, NEGLIGENCE, TORT, STRICT LIABILITY, INFRINGEMENT OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY LOSS OF USE OF THE PRODUCT OR SERVICE OR ANY DAMAGES OF ANY KIND WHATSOEVER, WHETHER DIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF GOODWILL, LOSS OF PROFIT, LOSS OF OPPORTUNITY, LOSS OR DAMAGE RELATED TO USE OF THE PRODUCT OR SERVICE IN CONNECTION WITH HIGH RISK ACTIVITIES, DE- INSTALLATION AND INSTALLATION FEES AND COSTS, DAMAGE TO PERSONAL OR REAL PROPERTY, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, COMPUTER SECURITY BREACH, COMPUTER VIRUS INFECTION, LOSS OF INFORMATION OR DATA CONTAINED IN, STORED ON, OR INTEGRATED WITH ANY PRODUCT INCLUDING ANY PRODUCT RETURNED TO FORTINET FOR WARRANTY SERVICE) RESULTING FROM THE USE OF THE PRODUCT, RELATING TO WARRANTY SERVICE, OR ARISING OUT OF ANY BREACH OF THE LIMITED WARRANTY IN SECTION 6 ABOVE, EVEN IF FORTINET HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SOLE REMEDY FOR A BREACH OF THE LIMITED WARRANTY IS, AT FORTINET’S SOLE AND ABSOLUTE DISCRETION: REPAIR, REPLACEMENT, OR REFUND OF THE DEFECTIVE OR NON-CONFORMING PRODUCT AS SPECIFICALLY STATED IN SECTION 6 ABOVE; PROVIDED, HOWEVER, IN NO EVENT SHALL ANY END-CUSTOMER REMEDIES UNDER THIS EULA AND ANY SUPPORT AGREEMENT EXCEED THE AMOUNT PAID TO FORTINET FOR THE SPECIFIC APPLICABLE DEFECTIVE OR NON-CONFORMING PRODUCT AT ISSUE. 10. Compliance with Laws, including Import/Export Laws and FCPA. You are advised that the Products may be subject to the United States Export Administration Regulations and other import and export laws; diversion contrary to United States law and regulation is prohibited. You agree to comply with all applicable international and national laws that apply to the Products as well as end user, end-use, and destination restrictions issued by U.S. and other governments. For additional information on U.S. export controls see https://www.bis.doc.gov. Fortinet assumes no responsibility or liability for your failure to obtain any necessary import and export approvals and licenses, and Fortinet reserves the right to terminate or suspend shipments, services and support in the event Fortinet has a reasonable basis to suspect any import or export violation. You represent that neither the United States Bureau of Industry and Security nor any other governmental agency has issued sanctions against you or otherwise suspended, revoked or denied your export privileges. You agree not to use or transfer the Products for any use relating to nuclear, chemical or biological weapons, or missile technology, unless authorized by the United States Government by regulation or specific written license. Additionally, you agree not to directly or indirectly export, import or transmit the Products contrary to the laws or regulations of any other governmental entity that has jurisdiction over such export, import, transmission or use. Furthermore, you hereby agree that, for any orders that you place with Fortinet whereby any legal or regulatory requirements may apply to Fortinet such as requirements related to the International Traffic in Arms Regulations, or Buy American Act, or the Trade Agreements Act: you are responsible to ensure the Purchase Order submitted to Fortinet by you and/or any partners clearly states the specific requirement in writing, or otherwise Fortinet is not bound by any such requirements. You represent that you understand, and you hereby agree to comply with, all applicable laws including but not limited to the U.S. Foreign Corrupt Practices Act . You represent that you hereby agree that you and your employees have not accepted, and will not accept, anything of value, including money, meals, entertainment, paid-for travel, beta, testing, evaluation, donation or free Products and/or related services, or anything else of value, in exchange for Fortinet maintaining current business or for new business opportunities. You represent and warrant to Fortinet that you and your employees, consultants, agents and representatives will not use Fortinet’s products and services to engage in, or support in any way, violations or abuses of human rights, including those involving censorship, surveillance, detention, or excessive use of force. You agree you and your employees will be responsible to comply in full with all laws and policies applicable to any and all dealings with Fortinet in general and its distributors, resellers and partners. 11. U.S. Government End Users. The Software and accompanying documentation are deemed to be "commercial computer software" and "commercial computer software documentation," respectively, pursuant to DFAR Section 227.7202 and FAR Section 12.212, as applicable. Any use, modification, reproduction, release, performance, display or disclosure of the Software and accompanying documentation by the United States Government shall be governed solely by the terms of this Agreement and shall be prohibited except to the extent expressly permitted by the terms of this Agreement and its successors. 12. Tax Liability. You agree to be responsible for payment of any sales or use taxes imposed at any time on this transaction. 13. General Provisions. Except as specifically permitted and required in section 5 (“Transfer”) above, you agree not to assign this Agreement or transfer any of the rights or obligations under this Agreement without the prior written consent of Fortinet. This Agreement shall be binding upon, and inure to the benefit of, the successors and permitted assigns of the parties. The United Nations Convention on Contracts for the International Sales of Goods is expressly excluded. This Agreement and other Fortinet agreements may be amended or supplemented only by a writing that refers explicitly to the agreement signed on behalf of both parties, or, for this Agreement, as otherwise expressly provided in the lead-in above Section 1 above, provided, notwithstanding anything to the contrary and except for this Agreement which may be amended or updated as expressly provided in the lead-in above Section 1 above, for any amendment or other agreement to be binding on Fortinet, such amendment or other agreement must be signed by Fortinet’s General Counsel. No waiver will be implied from conduct or failure to enforce rights nor effective unless in a writing signed on behalf of the party against whom the waiver is asserted. If any part of this Agreement is found unenforceable, that part will be enforced to the maximum extent permitted and the remainder shall continue in full force and effect. You acknowledge that you have read this Agreement, understand it, and agree to be bound by its terms and conditions. Notwithstanding anything to the contrary, this EULA constitutes the entire agreement between Fortinet and its end-customers and supersedes any and all prior representations or conflicting provisions, such as limitations of liability, warranties, or otherwise in any and all purported end customer agreements, whether entered into now or in the future. In the event of a conflict between this EULA and another agreement, this EULA shall prevail unless the conflicting agreement expressly states that it replaces this EULA, expressly referring to this EULA, and is agreed to in writing by authorized representatives of the parties (which, in the case of Fortinet, is Fortinet’s General Counsel). 14. Privacy. You agree to Fortinet’s collection, use, disclosure, protection and transfer of your information, as set forth in the Fortinet privacy policy on the Fortinet web site (http://www.fortinet.com/about-us/privacy.html), including (a) Fortinet’s use of the Customer information to send information regarding Fortinet products and services; and (b) Fortinet’s disclosure of your information to provide assistance to law enforcement, governmental agencies and other authorities or to allow Fortinet to protect its Customers’ and/or end users’ rights. 15. Open Source Software. Fortinet’s products may include software modules that are licensed (or sublicensed) to the user under the GNU General Public License, Version 2, of June 1991 (“GPL”) or GNU Lesser General Public License, Version 2.1, of February 1999 (“LGPL”) or other open source software licenses which, among other rights, permit the user to use, copy, modify and redistribute modules, or portions thereof, and may also require attribution disclosures and access to the source code ("Open Source Software"). The GPL requires that for any Open Source Software covered under the GPL, which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any Open Source Software covered under the GPL, the source code is made available on this CD or download package. If any Open Source Software licenses require that Fortinet provide rights to use, copy or modify any Open Source Software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. Fortinet will provide, for a charge reflecting our standard distribution costs, the complete machine-readable copy of the modified software modules. To obtain a complete machine-readable copy, please send your written request, along with a check in the amount of US $25.00, to General Public License Source Code Request, Fortinet, Inc., 899 Kifer Rd, Sunnyvale, CA 94086 USA. To receive the modified software modules, you must also include the following information: (a) Name, (b) Address, (c) Telephone number, (d) E-mail Address, (e) Product purchased (if applicable), (f) Product Serial Number (if applicable). All open source software modules are licensed free of charge. There is no warranty for these modules, to the extent permitted by applicable law. The copyright holders provide these software modules “AS-IS” without warranty of any kind, either expressed or implied. In no event will the copyright holder for the open source software be liable to you for damages, including any special, incidental or consequential damages arising out of the use or inability to use the software modules, even if such holder has been advised of the possibility of such damages. A full copy of this license, including additional open source software license disclosures and third party license disclosures applicable to certain Fortinet products, may obtained by contacting Fortinet’s Legal Department at legal@fortinet.com. March 2021 EULA; Copyright © 2021 Fortinet, Inc., All Rights Reserved. Contents and Terms Are Subject to Change by Fortinet Without Prior Notice. Page 1 of 2 95 GNU GENERAL PUBLIC LICENSE GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) Source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest vali dity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2 instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine- readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for your own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. 15. The warranty disclaimer contained in Sections 11 and 12 of the preceding GPL License is incorporated herein. March 2021 EULA; Copyright © 2021 Fortinet, Inc., All Rights Reserved. Contents and Terms Are Subject to Change by Fortinet Without Prior Notice. Page 2 of 2 96 REQUEST FOR PROPOSAL (RFP) FOR IT Security Products and Data Protection Solutions SOLICITATION NUMBER 40-22 PUBLICATION DATE Tuesday, October 4th, 2022 Competitive Solicitation by Region 14 Education Service Center for IT Security Products and Data Protection Solutions on behalf of itself and other Government Agencies and made available through the National Cooperative Purchasing Alliance RFP # 40-22 97 NOTICE TO RESPONDENT: Submittal Deadline: Thursday, November 17th, 2022 2:00pm CT Questions regarding this solicitation must be submitted to questions@ncpa.us no later than Thursday, November 10th, 2022. All questions and answers will be posted to http://www.ncpa.us/solicitations. It is the intention of Region 14 Education Service Center (herein “Region 14 ESC”) to establish a Master Agreement for IT Security Products and Data Protection Solutions for use by Region 14 ESC and other public agencies supported under this contract. This Request for Proposal is issued on behalf of the National Cooperative Purchasing Alliance through a public agency clause, which provides that any county, city, special district, local government, school district, private K-12 school, higher education institution, state, other government agency, healthcare organization or nonprofit organization may purchase Products and Services through this contract. Respondents will be required to execute the NCPA Administration Agreement upon award. This contract will allow agencies to purchase on an “as needed” basis from a competitively awarded contract. Respondents are requested to submit their total line of available products and services. While this solicitation specifically covers IT Security Products and Data Protection Solutions, respondents are encouraged to submit an offering on any or and all products and services available that they currently perform in their normal course of business. Responses shall be received electronically no later than the submittal deadline via our online Bonfire portal at ncpa.bonfirehub.com Immediately following the deadline, all responses will be publicly opened and the respondents recorded. Any response received later than the specified deadline will be disqualified. Responses will remain sealed by our online Bonfire portal until the bid opening time specified. Responses received outside our online Bonfire portal will not be accepted. Sealed responses may be submitted on any or all items, unless stated otherwise. Proposal may be rejected for failure to comply with the requirements set forth in this invitation. 98 INTRODUCTION/SCOPE Region 14 ESC on behalf of itself and all states, local governments, school districts, and higher education institutions in the United States of America, and other government agencies and non- profit organizations (herein “Public Agency” or collectively “Public Agencies”) is soliciting proposals from qualified vendors to enter into a Master Agreement for a complete line of IT Security Products and Data Protection Solutions. Region 14 ESC, as the lead public agency, has partnered with NCPA to make the resultant contract available to all participating agencies in the United States. NCPA provides marketing and administrative support for the awarded vendor that promotes the successful vendor’s products and services to Public Agencies nationwide. The Vendor will execute the NCPA Administration Agreement (Tab 2) upon award. Vendor should thoroughly review all documents and note any exceptions to NCPA terms and conditions in their proposal. Awarded vendor(s) shall perform covered product or services under the terms of this agreement. Respondents shall provide pricing based on a discount from their standard pricing schedules for products and/or services offered. Electronic Catalog and/or price lists must accompany the proposal. Multiple percentage discount structure is also acceptable. Please specify where different percentage discounts apply. Additional pricing and/or discounts may be included. Each product or service proposed is to be priced separately with all ineligible items identified. Services may be awarded to multiple vendors. Respondents may elect to limit their proposals to a single product or service within any category, or multiple products or services within any and all categories. The National Cooperative Purchasing Alliance (herein “NCPA”) assists public agencies to increase their efficiency and reduce their costs when procuring goods and services. This is accomplished by awarding competitively solicited contracts that are leveraged nationally by combining the volumes and purchasing power of entities nationwide. Our contracts are available for use by any entity that complies with procurement laws and regulations. It is the intention of Region 14 ESC and NCPA to achieve the following objectives through this RFP. • Provide a comprehensive competitively solicited Master Agreement offering Products and Services to Public Agencies; • Achieve cost savings of Vendors and Public Agencies through a single competitive solicitation process that eliminates the need for multiple proposals; • Combine the purchasing power of Public Agencies to achieve cost effective pricing; • Reduce the administrative and overhead costs of Vendors and Public Agencies through state of the art purchasing procedures. 99 INSTRUCTIONS TO RESPONDENTS Submission of Response • Only responses received via our online Bonfire portal will be accepted. Faxed or mailed responses will not be accepted. • Responses may be submitted on any or all items, unless stated otherwise. Region 14 ESC reserves the right to reject or accept any response. • Deviations to the terms, conditions and/or specifications shall be conspicuously noted in writing by the respondent and shall be included with the response. • Withdrawal of response will not be allowed for a period of 120 days following the opening. Pricing will remain firm for 120 days from submittal. Public Bid Opening The public bid opening will be held via Zoom meeting. Interested parties who wish to attend the bid opening should email contracts@ncpa.us by 4:00 pm the day before the bid opening date to receive an invitation. Required Proposal Format Responses shall be provided electronically via our online Bonfire portal. Tabs should be used to separate the proposal into sections, as identified below. Respondents failing to organize in the manner listed may be considered non-responsive and may not be evaluated. It’s recommended that all tabs, with the exception of Tab 7 (Pricing), be submitted in Portable Document Format (PDF). Please note pricing can be submitted separately in a alternate format (e.g. xlsx, xls, csv). Tabs Tab 1 – Master Agreement / Signature Form Tab 2 – NCPA Administration Agreement Tab 3 – Vendor Questionnaire Tab 4 – Vendor Profile Tab 5 – Products and Services / Scope Tab 6 – References Tab 7 – Pricing Tab 8 – Value Added Products and Services Tab 9 – Required Documents 100 TAB 1 MASTER AGREEMENT - GENERAL TERMS AND CONDITIONS Customer Support The vendor shall provide timely and accurate technical advice and sales support. The vendor shall respond to such requests within one (1) working day after receipt of the request. Disclosures Respondent affirms that he/she has not given, offered to give, nor intends to give at any time hereafter any economic opportunity, future employment, gift, loan, gratuity, special discount, trip, favor or service to a public servant in connection with this contract. The respondent affirms that, to the best of his/her knowledge, the offer has been arrived at independently, and is submitted without collusion with anyone to obtain information or gain any favoritism that would in any way limit competition or give an unfair advantage over other vendors in the award of this contract. Renewal of Contract Unless otherwise stated, all contracts are for a period of three (3) years with an option to renew for up to two (2) additional one-year terms or any combination of time equally not more than 2 years if agreed to by Region 14 ESC and the vendor. Funding Out Clause Any/all contracts exceeding one (1) year shall include a standard “funding out” clause. A contract for the acquisition, including lease, of real or personal property is a commitment of the entity’s current revenue only, provided the contract contains either or both of the following provisions: Retains to the entity the continuing right to terminate the contract at the expiration of each budget period during the term of the contract and is conditioned on a best efforts attempt by the entity to obtain appropriate funds for payment of the contract. Shipments (if applicable) The awarded vendor shall ship ordered products within seven (7) working days for goods available and within four (4) to six (6) weeks for specialty items after the receipt of the order unless modified. If a product cannot be shipped within that time, the awarded vendor shall notify the entity placing the order as to why the product has not shipped and shall provide an estimated shipping date. At this point the participating entity may cancel the order if estimated shipping time is not acceptable. Tax Exempt Status Since this is a national contract, knowing the tax laws in each state is the sole responsibility of the vendor. 101 Payments The entity using the contract will make payments directly to the awarded vendor or their affiliates (distributors/business partners/resellers) as long as written request and approval by NCPA is provided to the awarded vendor. Adding Authorized Distributors/Dealers Awarded vendors may submit a list of distributors/partners/resellers to sell under their contract throughout the life of the contract. Vendor must receive written approval from NCPA before such distributors/partners/resellers considered authorized. Purchase orders and payment can only be made to awarded vendor or distributors/ business partners/resellers previously approved by NCPA. Pricing provided to members by added distributors or dealers must also be less than or equal to the pricing offered by the awarded contract holder. All distributors/partners/resellers are required to abide by the Terms and Conditions of the vendor's agreement with NCPA. Pricing All pricing submitted shall include the administrative fee to be remitted to NCPA by the awarded vendor. It is the awarded vendor’s responsibility to keep all pricing up to date and on file with NCPA. All deliveries shall be freight prepaid, F.O.B. destination and shall be included in all pricing offered unless otherwise clearly stated in writing Warranty Proposal should address the following warranty information: • Applicable warranty and/or guarantees of equipment and installations including any conditions and response time for repair and/or replacement of any components during the warranty period. • Availability of replacement parts • Life expectancy of equipment under normal use • Detailed information as to proposed return policy on all equipment Products: Vendor shall provide equipment, materials and products that are new unless otherwise specified, of good quality and free of defects Construction: Vendor shall perform services in a good and workmanlike manner and in accordance with industry standards for the service provided. Safety Vendors performing services shall comply with occupational safety and health rules and regulations. Also all vendors and subcontractors shall be held responsible for the safety of their employees and any conditions that may cause injury or damage to persons or property. 102 Permits Since this is a national contract, knowing the permit laws in each state is the sole responsibility of the vendor. Indemnity The awarded vendor shall protect, indemnify, and hold harmless Region 14 ESC and its participants, administrators, employees and agents against all claims, damages, losses and expenses arising out of or resulting from the actions of the vendor, vendor employees or vendor subcontractors in the preparation of the solicitation and the later execution of the contract. Franchise Tax The respondent hereby certifies that he/she is not currently delinquent in the payment of any franchise taxes. Supplemental Agreements The entity participating in this contract and awarded vendor may enter into a separate supplemental agreement to further define the level of service requirements over and above the minimum defined in this contract i.e. invoice requirements, ordering requirements, specialized delivery, etc. Any supplemental agreement developed as a result of this contract is exclusively between the participating entity and awarded vendor. Certificates of Insurance Certificates of insurance shall be delivered to the Public Agency prior to commencement of work. The insurance company shall be licensed in the applicable state in which work is being conducted. The awarded vendor shall give the participating entity a minimum of ten (10) days notice prior to any modifications or cancellation of policies. The awarded vendor shall require all subcontractors performing any work to maintain coverage as specified. Legal Obligations It is the Respondent’s responsibility to be aware of and comply with all local, state, and federal laws governing the sale of products/services identified in this RFP and any awarded contract and shall comply with all while fulfilling the RFP. Applicable laws and regulation must be followed even if not specifically identified herein. Protest A protest of an award or proposed award must be filed in writing within ten (10) days from the date of the official award notification and must be received by 5:00 pm CST. Protests shall be filed with Region 14 ESC and shall include the following: • Name, address and telephone number of protester • Original signature of protester or its representative • Identification of the solicitation by RFP number • Detailed statement of legal and factual grounds including copies of relevant documents and the form of relief requested 103 Any protest review and action shall be considered final with no further formalities being considered. Force Majeure If by reason of Force Majeure, either party hereto shall be rendered unable wholly or in part to carry out its obligations under this Agreement then such party shall give notice and full particulars of Force Majeure in writing to the other party within a reasonable time after occurrence of the event or cause relied upon, and the obligation of the party giving such notice, so far as it is affected by such Force Majeure, shall be suspended during the continuance of the inability then claimed, except as hereinafter provided, but for no longer period, and such party shall endeavor to remove or overcome such inability with all reasonable dispatch. The term Force Majeure as employed herein, shall mean acts of God, strikes, lockouts, or other industrial disturbances, act of public enemy, orders and regulation of any kind of government of the United States or any civil or military authority; insurrections; riots; epidemics; pandemic; landslides; lighting; earthquake; fires; hurricanes; storms; floods; washouts; droughts; arrests; restraint of government and people; civil disturbances; explosions, breakage or accidents to machinery, pipelines or canals, or other causes not reasonably within the control of the party claiming such inability. It is understood and agreed that the settlement of strikes and lockouts shall be entirely within the discretion of the party having the difficulty, and that the above requirement that any Force Majeure shall be remedied with all reasonable dispatch shall not require the settlement of strikes and lockouts by acceding to the demands of the opposing party or parties when such settlement is unfavorable in the judgment of the party having the difficulty Prevailing Wage It shall be the responsibility of the Vendor to comply, when applicable, with the prevailing wage legislation in effect in the jurisdiction of the purchaser. It shall further be the responsibility of the Vendor to monitor the prevailing wage rates as established by the appropriate department of labor for any increase in rates during the term of this contract and adjust wage rates accordingly. Termination Either party may cancel this contract in whole or in part by providing written notice. The cancellation will take effect 30 business days after the other party receives the notice of cancellation. After the 30th business day all work will cease following completion of final purchase order. Open Records Policy Because Region 14 ESC is a governmental entity responses submitted are subject to release as public information after contracts are executed. If a vendor believes that its response, or parts of its response, may be exempted from disclosure, the vendor must specify page-by-page and line-by-line the parts of the response, which it believes, are exempt. In addition, the respondent must specify which exception(s) are applicable and provide detailed reasons to substantiate the exception(s). The determination of whether information is confidential and not subject to disclosure is the duty of the Office of Attorney General (OAG). Region 14 ESC must provide the OAG sufficient 104 information to render an opinion and therefore, vague and general claims to confidentiality by the respondent are not acceptable. Region 14 ESC must comply with the opinions of the OAG. Region14 ESC assumes no responsibility for asserting legal arguments on behalf of any vendor. Respondent are advised to consult with their legal counsel concerning disclosure issues resulting from this procurement process and to take precautions to safeguard trade secrets and other proprietary information. 105 PROCESS Region 14 ESC will evaluate proposals in accordance with, and subject to, the relevant statutes, ordinances, rules, and regulations that govern its procurement practices. NCPA will assist Region 14 ESC in evaluating proposals. Award(s) will be made to the prospective vendor whose response is determined to be the most advantageous to Region 14 ESC, NCPA, and its participating agencies. To qualify for evaluation, response must have been submitted on time, and satisfy all mandatory requirements identified in this document. Contract Administration The contract will be administered by Region 14 ESC. The National Program will be administered by NCPA on behalf of Region 14 ESC. Contract Term The contract term will be for three (3) year starting from the date of the award. The contract may be renewed for up to two (2) additional one-year terms or any combination of time equally not more than 2 years. It should be noted that maintenance/service agreements may be issued for up to (5) years under this contract even if the contract only lasts for the initial term of the contract. NCPA will monitor any maintenance agreements for the term of the agreement provided they are signed prior to the termination or expiration of this contract. Contract Waiver Any waiver of any provision of this contract shall be in writing and shall be signed by the duly authorized agent of Region 14 ESC. The waiver by either party of any term or condition of this contract shall not be deemed to constitute waiver thereof nor a waiver of any further or additional right that such party may hold under this contract. Price Increases Should it become necessary, price increase requests may be submitted at any point during the term of the contract by written amendment. Included with the request must be documentation and/or formal cost justification for these changes. Requests will be formally reviewed, and if justified, the amendment will be approved. Products and Services Additions New Products and/or Services may be added to the resulting contract at any time during the term by written amendment, to the extent that those products and/or services are within the scope of this RFP. Competitive Range It may be necessary for Region 14 ESC to establish a competitive range. Responses not in the competitive range are unacceptable and do not receive further award consideration. 106 Deviations and Exceptions Deviations or exceptions stipulated in response may result in disqualification. It is the intent of Region 14 ESC to award a vendor’s complete line of products and/or services, when possible. Estimated Quantities While no minimum volume is guaranteed, the estimated (but not limited to) annual volume for Products and Services purchased under the proposed Master Agreement is $50 million dollars annually. This estimate is based on the anticipated volume of Region 14 ESC and current sales within the NCPA program. Evaluation Region 14 ESC will review and evaluate all responses in accordance with, and subject to, the relevant statutes, ordinances, rules and regulations that govern its procurement practices. NCPA will assist the lead agency in evaluating proposals. Recommendations for contract awards will be based on multiple factors, each factor being assigned a point value based on its importance. Formation of Contract A response to this solicitation is an offer to contract with Region 14 ESC based upon the terms, conditions, scope of work, and specifications contained in this request. A solicitation does not become a contract until it is accepted by Region 14 ESC. The prospective vendor must submit a signed Signature Form with the response thus, eliminating the need for a formal signing process. Contract award letter issued by Region 14 ESC is the counter-signature document establishing acceptance of the contract. NCPA Administrative Agreement The vendor will be required to enter and execute the National Cooperative Purchasing Alliance Administration Agreement with NCPA upon award with Region 14 ESC. The agreement establishes the requirements of the vendor with respect to a nationwide contract effort. Clarifications/Discussions Region 14 ESC may request additional information or clarification from any of the respondents after review of the proposals received for the sole purpose of elimination minor irregularities, informalities, or apparent clerical mistakes in the proposal. Clarification does not give respondent an opportunity to revise or modify its proposal, except to the extent that correction of apparent clerical mistakes results in a revision. After the initial receipt of proposals, Region 14 ESC reserves the right to conduct discussions with those respondent’s whose proposals are determined to be reasonably susceptible of being selected for award. Discussions occur when oral or written communications between Region 14 ESC and respondent’s are conducted for the purpose clarifications involving information essential for determining the acceptability of a proposal or that provides respondent an opportunity to revise or modify its proposal. Region 14 ESC will not assist respondent bring its proposal up to the level of other proposals through discussions. Region 14 ESC will not indicate to respondent a cost or price that it must meet to neither obtain further consideration nor will it provide any information about other respondents’ proposals or prices. 107 Multiple Awards Multiple Contracts may be awarded as a result of the solicitation. Multiple Awards will ensure that any ensuing contracts fulfill current and future requirements of the diverse and large number of participating public agencies. Past Performance Past performance is relevant information regarding a vendor’s actions under previously awarded contracts; including the administrative aspects of performance; the vendor’s history of reasonable and cooperative behavior and commitment to customer satisfaction; and generally, the vendor’s businesslike concern for the interests of the customer. 108 EVALUATION CRITERIA Pricing (40 points) Electronic Price Lists • Products, Services, Warranties, etc. price list • Prices listed will be used to establish both the extent of a vendor’s product lines, services, warranties, etc. available from a particular bidder and the pricing per item. Ability to Provide and Perform the Required Services for the Contract (25 points) • Product Delivery within participating entities specified parameters • Number of line items delivered complete within the normal delivery time as a percentage of line items ordered. • Vendor’s ability to perform towards above requirements and desired specifications. • Past Cooperative Program Performance • Quantity of line items available that are commonly purchased by the entity. • Quality of line items available compared to normal participating entity standards. References and Experience (20 points) • A minimum of ten (10) customer references for product and/or services of similar scope dating within past 3 years • Respondent Reputation in marketplace • Past Experience working with public sector. • Exhibited understanding of cooperative purchasing Value Added Products/Services Description, (8 points) • Additional Products/Services related to the scope of RFP • Marketing and Training • Minority and Women Business Enterprise (MWBE) and (HUB) Participation • Customer Service Technology for Supporting the Program (7 points) • Electronic on-line catalog, order entry use by and suitability for the entity’s needs • Quality of vendor’s on-line resources for NCPA members. • Specifications and features offered by respondent’s products and/or services 109 SIGNATURE FORM The undersigned hereby proposes and agrees to furnish goods and/or services in strict compliance with the terms, specifications and conditions at the prices proposed within response unless noted in writing. The undersigned further certifies that he/she is an officer of the company and has authority to negotiate and bind the company named below and has not prepared this bid in collusion with any other Respondent and that the contents of this proposal as to prices, terms or conditions of said bid have not been communicated by the undersigned nor by any employee or agent to any person engaged in this type of business prior to the official opening of this proposal. Prices are guaranteed: 120 days ____________________________________________________________________________ Company Name ____________________________________________________________________________ Address ____________________________________________________________________________ City State Zip ___________________________________ ___________________________________ Telephone Number Fax Number ____________________________________________________________________________ Email Address ___________________________________ ___________________________________ Printed Name Position ____________________________________________________________________________ Authorized Signature 110 TAB 2 NCPA ADMINISTRATION AGREEMENT This Administration Agreement is made as of _________________________________, by and between National Cooperative Purchasing Alliance (“NCPA”) and ____________________________________ (“Vendor”). Recitals WHEREAS, Region 14 ESC has entered into a certain Master Agreement dated _______________________, referenced as Contract Number _______________________, by and between Region 14 ESC and Vendor, as may be amended from time to time in accordance with the terms thereof (the “Master Agreement”), for the purchase of IT Security Products and Data Protection Solutions; WHEREAS, said Master Agreement provides that any state, city, special district, local government, school district, private K-12 school, technical or vocational school, higher education institution, other government agency or nonprofit organization (hereinafter referred to as “public agency” or collectively, “public agencies”) may purchase products and services at the prices indicated in the Master Agreement; WHEREAS, NCPA has the administrative and legal capacity to administer purchases under the Master Agreement to public agencies; WHEREAS, NCPA serves as the administrative agent for Region 14 ESC in connection with other master agreements offered by NCPA WHEREAS, Region 14 ESC desires NCPA to proceed with administration of the Master Agreement; WHEREAS, NCPA and Vendor desire to enter into this Agreement to make available the Master Agreement to public agencies on a national basis; NOW, THEREFORE, in consideration of the payments to be made hereunder and the mutual covenants contained in this Agreement, NCPA and Vendor hereby agree as follows: General Terms and Conditions • The Master Agreement, attached hereto as Exhibit 1 and incorporated herein by reference as though fully set forth herein, and the terms and conditions contained therein shall apply to this Administration Agreement except as expressly changed or modified by this Administration Agreement. • NCPA shall be afforded all of the rights, privileges and indemnifications afforded to Region 14 ESC under the Master Agreement, and such rights, privileges and indemnifications shall accrue and apply with equal effect to NCPA under this Administration Agreement including, but not limited to, Contractor’s obligation to provide appropriate insurance and certain indemnifications to Region 14 ESC. 111 • Contractor shall perform all duties, responsibilities and obligations required under the Master Agreement in the time and manner specified by the Master Agreement. • NCPA shall perform all of its duties, responsibilities, and obligations as administrator of purchases under the Master Agreement as set forth herein, and Contractor acknowledges that NCPA shall act in the capacity of administrator of purchases under the Master Agreement. • With respect to any purchases made by Region 14 ESC or any Participating Agency pursuant to the Master Agreement, NCPA (a) shall not be construed as a dealer, re- marketer, representative, partner, or agent of any type of Contractor, Region 14 ESC, or such Participating Agency, (b) shall not be obligated, liable or responsible (i) for any orders made by Region 14 ESC, any Participating Agency or any employee of Region 14 ESC or Participating Agency under the Master Agreement, or (ii) for any payments required to be made with respect to such order, and (c) shall not be obligated, liable or responsible for any failure by the Participating Agency to (i) comply with procedures or requirements of applicable law, or (ii) obtain the due authorization and approval necessary to purchase under the Master Agreement. NCPA makes no representations or guaranties with respect to any minimum purchases required to be made by Region 14 ESC, any Participating Agency, or any employee of Region 14 ESC or Participating Agency under this Administration Agreement or the Master Agreement. • With respect to any supplemental agreement entered into between a Participating Agency and Contractor pursuant to the Master Agreement, NCPA, its agents, members and employees shall not be made party to any claim for breach of such agreement. • This Administration Agreement supersedes any and all other agreements, either oral or in writing, between the parties hereto with respect to the subject matter hereof, and no other agreement, statement, or promise relating to the subject matter of this Administrative Agreement which is not contained herein shall be valid or binding. • Contractor agrees to allow NCPA to use their name and logo within website, marketing materials and advertisement. Any use of NCPA name and logo or any form of publicity regarding this Administration Agreement or the Master Agreement by Contractor must have prior approval from NCPA. • If any action at law or in equity is brought to enforce or interpret the provisions of this Administration Agreement or to recover any administrative fee and accrued interest, the prevailing party shall be entitled to reasonable attorney’s fees and costs in addition to any other relief to which such party may be entitled. • Neither this Administration Agreement nor any rights or obligations hereunder shall be assignable by Contractor without prior written consent of NCPA, provided, however, that the Contractor may, without such written consent, assign this Administration Agreement and its rights and delegate its obligations hereunder in connection with the transfer or sale of all or substantially all of its assets or business related to this Administration Agreement, or in the event of its merger, consolidation, change in control or similar transaction. Any permitted assignee shall assume all assigned obligations of its assignor under this Administration Agreement. • This Administration Agreement and NCPA’s rights and obligations hereunder may be assigned at NCPA’s sole discretion, to an existing or newly established legal entity that has the authority and capacity to perform NCPA’s obligations hereunder. Term of Agreement This Agreement shall be in effect so long as the Master Agreement remains in effect, provided, however, that the obligation to pay all amounts owed by Vendor to NCPA through the 112 termination of this Agreement and all indemnifications afforded by Vendor to NCPA shall survive the term of this Agreement. Fees and Reporting The awarded vendor shall electronically provide NCPA with a detailed quarterly report showing the dollar volume of all sales under the contract for the previous quarter. Reports are due on the fifteenth (15th) day after the close of the previous quarter. It is the responsibility of the awarded vendor to collect and compile all sales under the contract from participating members and submit one (1) report. The report shall include at least the following information as listed in the example below: Entity Name Zip Code State PO or Job # Sale Amount Total ____________ Each quarter NCPA will invoice the vendor based on the total of sale amount(s) reported. From the invoice the vendor shall pay to NCPA an administrative fee based upon the tiered fee schedule below. Vendor’s annual sales shall be measured on a calendar year basis. Deadline for term of payment will be included in the invoice NCPA provides. Annual Sales Through Contract Administrative Fee 0 - $30,000,000 2% $30,000,001 - $50,000,000 1.5% $50,000,001+ 1% Supplier shall maintain an accounting of all purchases made by Public Agencies under the Master Agreement. NCPA and Region 14 ESC reserve the right to audit the accounting for a period of four (4) years from the date NCPA receives the accounting. In the event of such an audit, the requested materials shall be provided at the location designated by Region 14 ESC or NCPA. In the event such audit reveals an under reporting of Contract Sales and a resulting underpayment of administrative fees, Vendor shall promptly pay NCPA the amount of such underpayment, together with interest on such amount and shall be obligated to reimburse NCPA’s costs and expenses for such audit. 113 ACKNOWLEDGMENT OF CONTRACTOR REQUIREMENTS ___________________________________ Organization ___________________________________ Name ___________________________________ Title ___________________________________ Address ___________________________________ Address ___________________________________ Signature ___________________________________ Date ___________________________________ Vendor Name ___________________________________ Name ___________________________________ Title ___________________________________ Address ___________________________________ Address ___________________________________ Signature ___________________________________ Date National Cooperative Purchasing Alliance 114 TAB 3 VENDOR QUESTIONAIRE Please provide responses to the following questions that address your company’s operations, organization, structure, and processes for providing products and services. Locations Covered • Bidder must indicate any and all locations where products and services can be offered. • Please indicate the price co-efficient for each location if it varies. All 50 States & District of Columbia (Selecting this box is equal to checking all boxes below) Alabama Illinois Montana Rhode Island Alaska Indiana Nebraska South Carolina Arizona Iowa Nevada South Dakota Arkansas Kansas New Hampshire Tennessee California Massachusetts New Jersey Texas Colorado Michigan New Mexico Utah Connecticut Minnesota New York Vermont Delaware Mississippi North Carolina Virginia D.C. Missouri North Dakota Washington Florida Kentucky Ohio West Virginia Georgia Louisiana Oklahoma Wisconsin Hawaii Maine Oregon Wyoming Idaho Maryland Pennsylvania All U.S. Territories and Outlying Areas (Selecting this box is equal to checking all boxes below) American Somoa Northern Marina Island Federated States of Micrones Puerto Rico Guam U.S. Virgin Islands Midway Islands 115 All Canada Provinces and Territories (Selecting this box is equal to checking all boxes below) Alberta Prince Edward Island British Columbia Quebec Manitoba Saskatchewan New Brunswick Northwest Territories Newfoundland and Labrador Nunavut Nova Scotia Yukon Ontario If awarded a Master Agreement, will your company extend the terms offered in your Proposal to public agencies in Canada? If no or maybe, please explain. Yes Maybe No If awarded a Master Agreement, will your company extend the terms offered in your Proposal to private sector customers? Yes Maybe No Minority and Women Business Enterprise (MWBE) and (HUB) Participation It is the policy of some entities participating in NCPA to involve minority and women business enterprises (MWBE) and historically underutilized businesses (HUB) in the purchase of goods and services. Respondents shall indicate below whether or not they are an M/WBE or HUB certified. Minority/Women Business Enterprise Historically Underutilized Business Respondent Certifies that this firm Respondent Certifies that this firm is a a Minority / Women Business Enterprise Historically Underutilized Business Small Business, MWBE and HUB Growth If Proposer is a Large, National or Multinational Organization/Corporation, what programs are in place that partners or supports the growth of small and MWEB and HUB business? If yes, please describe. N/A, we are a recognized small, MWEB or HUB organization No, we do not have any programs in place. Yes, we have programs in place. 116 Residency Responding Company’s principal place of business is in the city of ______________________, State of _________________. Felony Conviction Notice Please Check Applicable Box (If the 3rd box is checked, a detailed explanation of the names and convictions must be attached): A publicly held corporation; therefore, this reporting requirement is not applicable. Is not owned or operated by anyone who has been convicted of a felony. Is owned or operated by the following individual(s) who has/have been convicted of a felony Distribution Channel Which best describes your company’s position in the distribution channel: Manufacturer Direct Certified education/government reseller Authorized Distributor Manufacturer marketing through reseller Value-added reseller Other: ______________________________________ Processing Contact Information Contact Person __________________________________________________________ Title __________________________________________________________ Company __________________________________________________________ Address __________________________________________________________ City/State/Zip __________________________________________________________ Phone __________________________________________________________ Email __________________________________________________________ Pricing Information In addition to the current typical unit pricing furnished herein, the Vendor agrees to offer all future product introductions at prices that are proportionate to Contract Pricing. If answer is no, attach a statement detailing how pricing for NCPA participants would be calculated for future product introductions. Yes No 117 Pricing submitted includes the required NCPA administrative fee. The NCPA fee is calculated based on the invoice price to the customer. Yes No Cooperatives List any other cooperative or state contracts currently held or in the process of securing. Cooperative/State Agency Discount Offered Expires Annual Sales Volume 118 TAB 4 VENDOR PROFILE Please provide the following information about your company: • Company’s official registered name. • Brief history of your company, including the year it was established. • Company’s Dun & Bradstreet (D&B) number. • Company’s organizational chart of those individuals that would be involved in the contract. • Corporate office location. o List the number of sales and services offices for states being bid in solicitation. o List the names of key contacts at each with title, address, phone and e-mail address. • Define your standard terms of payment. • Who is your competition in the marketplace? • Provide Annual Sales for last 3 years broken out into the following categories: o Cities / Counties o K-12 o Higher Education o Other government agencies or nonprofit organizations • Provide the revenue that your organization anticipates each year for the first three (3) years of this agreement. $_________ in year one $_________ in year two $_________ in year three • What differentiates your company from competitors? • Describe how your company will market this contract if awarded. • Describe how you intend to introduce NCPA to your company. • Describe your firm’s capabilities and functionality of your on-line catalog / ordering website. • Describe your company’s Customer Service Department (hours of operation, number of service centers, etc.) • Green Initiatives (if applicable) 119 o As our business grows, we want to make sure we minimize our impact on the Earth’s climate. We are taking every step we can to implement innovative and responsible environmental practices throughout NCPA to reduce our carbon footprint, reduce waste, energy conservation, ensure efficient computing and much more. To that effort we ask respondents to provide their companies environmental policy and/or green initiative. • Anti-Discrimination Policy (if applicable) o Describe your organizations’ anti-discrimination policy. • Vendor Certifications (if applicable) o Provide a copy of all current licenses, registrations and certifications issued by federal, state and local agencies, and any other licenses, registrations or certifications from any other governmental entity with jurisdiction, allowing respondent to perform the covered services including, but not limited to, licenses, registrations, or certifications. Certifications can include M/WBE, HUB, and manufacturer certifications for sales and service. 120 TAB 5 PRODUCTS AND SERVICES Respondent shall perform and provide these products and/or services under the terms of this agreement. The supplier shall assist the end user with making a determination of their individual needs. Warranty Proposal should address the following warranty information: • Applicable warranty and/or guarantees of equipment and installations including any conditions and response time for repair and/or replacement of any components during the warranty period. • Availability of replacement parts • Life expectancy of equipment under normal use • Detailed information as to proposed return policy on all equipment Products • Vendor shall provide equipment, materials and products that are new unless otherwise specified, of good quality and free of defects Construction • Vendor shall perform services in a good and workmanlike manner and in accordance with industry standards for the service provided. The following is a list of suggested (but not limited to) IT Security Products and Data Protection Solutions categories. List all categories along with manufacturer that you are responding with: • Security Threat Intelligence Products and Services • Security Information and Event Management (SIEM) • Managed Security Services • Security awareness training • Security Consulting Services • Content Filtering • Anti-Virus / Anti-Spam • Network Forensics / Real – Time Monitoring • Network Access Control • Firewalls • Network Storage / Archiving • Wireless Networks • Bandwidth Management • Networking Hardware • Application Security • Cloud Security • Email Security and Archiving 121 • Data Protection o Backup o Cloud Backup o Risk Assessments o Encryption and Pseudonymization o Data Destruction • Data Loss Prevention (DLP) • Consulting Services 122 TAB 6 REFERENCES Provide at least ten (10) customer references for products and/or services of similar scope dating within the past three (3) years. Please provide a range of references across all eligible government entity groups including K-12, higher education, city, county, or non-profit entities. All references should include the following information from the entity: • Entity Name • Contact Name and Title • City and State • Phone • Email • Years Serviced • Description of Services • Annual Volume NCPA also accepts Procurated review scores to evaluate relationships with their customers. Vendors without a current Procurated score will be rated based solely on the references provided, and will not be penalized for lack of Procurated scoring. To find out your company’s Procurated score please go to https://www.procurated.com. 123 TAB 7 PRICING Please submit price list electronically via our online Bonfire portal (pricing can be submitted as Discount off MSRP, cost plus, etc). Products, services, warranties, etc. should be included in price list. Prices submitted will be used to establish the extent of a respondent’s products and services (Tab 5) that are available and also establish pricing per item. Price lists must contain the following: • Product name and part number (include both manufacturer part number and respondent part number if different from manufacturers). • Description • Vendor’s List Price • Percent Discount to NCPA participating entities Not To Exceed Pricing • NCPA requests pricing be submitted as “not to exceed pricing” for any participating entity. • The awarded vendor can adjust submitted pricing lower but cannot exceed original pricing submitted for solicitation. • NCPA requests that vendor honor lower pricing for similar size and scope purchases to other members. 124 TAB 8 VALUE ADDED PRODUCTS AND SERVICES Include any additional products and/or services available that vendor currently performs in their normal course of business that is not included in the scope of the solicitation that you think will enhance and add value to this contract for Region 14 ESC and all NCPA participating entities. 125 TAB 9 REQUIRED DOCUMENTS • Federal Funds Certifications • Clean Air and Water Act & Debarment Notice • Contractors Requirements • Required Clauses for Federal Assistance by FTA • Federal Required Signatures • Antitrust Certification Statements Texas Government Code § 2155.005 • State Notice Addendum 126 FEDERAL FUNDS CERTIFICATIONS Participating Agencies may elect to use federal funds to purchase under the Master Agreement. The following certifications and provisions may be required and apply when a Participating Agency expends federal funds for any purchase resulting from this procurement process. Pursuant to 2 C.F.R. § 200.326, all contracts, including small purchases, awarded by the Participating Agency and the Participating Agency’s subcontractors shall contain the procurement provisions of Appendix II to Part 200, as applicable. APPENDIX II TO 2 CFR PART 200 (A) Contracts for more than the simplified acquisition threshold currently set at $250,000, which is the inflation adjusted amount determined by the Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council (Councils) as authorized by 41 U.S.C. 1908, must address administrative, contractual, or legal remedies in instances where contractors violate or breach contract terms, and provide for such sanctions and penalties as appropriate. • Pursuant to Federal Rule (A) above, when a Participating Agency expends federal funds, the Participating Agency and Offeror reserves all rights and privileges under the applicable laws and regulations with respect to this procurement in the event of breach of contract by either party. (B) Termination for cause and for convenience by the grantee or subgrantee including the manner by which it will be effected and the basis for settlement. (All contracts in excess of $10,000) • Pursuant to Federal Rule (B) above, when a Participating Agency expends federal funds, the Participating Agency reserves the right to terminate any agreement in excess of $10,000 resulting from this procurement process in the event of a breach or default of the agreement by Offeror as detailed in the terms of the contract (C) Equal Employment Opportunity. Except as otherwise provided under 41 CFR Part 60, all contracts that meet the definition of “federally assisted construction contract” in 41 CFR Part 60- 1.3 must include the equal opportunity clause provided under 41 CFR 60-1.4(b), in accordance with Executive Order 11246, “Equal Employment Opportunity” (30 CFR 12319, 12935, 3 CFR Part, 1964-1965 Comp., p. 339), as amended by Executive Order 11375, “Amending Executive Order 11246 Relating to Equal Employment Opportunity,” and implementing regulations at 41 CFR part 60, “Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor.” • Pursuant to Federal Rule (C) above, when a Participating Agency expends federal funds on any federally assisted construction contract, the equal opportunity clause is incorporated by reference herein. (D) Davis-Bacon Act, as amended (40 U.S.C. 3141-3148). When required by Federal program legislation, all prime construction contracts in excess of $2,000 awarded by non-Federal entities must include a provision for compliance with the Davis-Bacon Act (40 U.S.C. 3141-3144, and 3146-3148) as supplemented by Department of Labor regulations (29 CFR Part 5, “Labor Standards Provisions Applicable to Contracts Covering Federally Financed and Assisted Construction”). In accordance with the statute, contractors must be required to pay wages to laborers and mechanics at a rate not less than the prevailing wages specified in a wage determination made by the Secretary of Labor. In addition, contractors must be required to pay 127 wages not less than once a week. The non-Federal entity must place a copy of the current prevailing wage determination issued by the Department of Labor in each solicitation. The decision to award a contract or subcontract must be conditioned upon the acceptance of the wage determination. The non- Federal entity must report all suspected or reported violations to the Federal awarding agency. The contracts must also include a provision for compliance with the Copeland “Anti-Kickback” Act (40 U.S.C. 3145), as supplemented by Department of Labor regulations (29 CFR Part 3, “Contractors and Subcontractors on Public Building or Public Work Financed in Whole or in Part by Loans or Grants from the United States”). The Act provides that each contractor or subrecipient must be prohibited from inducing, by any means, any person employed in the construction, completion, or repair of public work, to give up any part of the compensation to which he or she is otherwise entitled. The non-Federal entity must report all suspected or reported violations to the Federal awarding agency. • Pursuant to Federal Rule (D) above, when a Participating Agency expends federal funds during the term of an award for all contracts and subgrants for construction or repair, offeror will be in compliance with all applicable Davis-Bacon Act provisions • Any Participating Agency will include any current and applicable prevailing wage determination in each issued solicitation and provide Offeror with any required documentation and/or forms that must be completed by Offeror to remain in compliance the applicable Davis-Bacon Act provisions. (E) Contract Work Hours and Safety Standards Act (40 U.S.C. 3701-3708). Where applicable, all contracts awarded by the non-Federal entity in excess of $100,000 that involve the employment of mechanics or laborers must include a provision for compliance with 40 U.S.C. 3702 and 3704, as supplemented by Department of Labor regulations (29 CFR Part 5). Under 40 U.S.C. 3702 of the Act, each contractor must be required to compute the wages of every mechanic and laborer on the basis of a standard work week of 40 hours. Work in excess of the standard work week is permissible provided that the worker is compensated at a rate of not less than one and a half times the basic rate of pay for all hours worked in excess of 40 hours in the work week. The requirements of 40 U.S.C. 3704 are applicable to construction work and provide that no laborer or mechanic must be required to work in surroundings or under working conditions which are unsanitary, hazardous or dangerous. These requirements do not apply to the purchases of supplies or materials or articles ordinarily available on the open market, or contracts for transportation or transmission of intelligence. • Pursuant to Federal Rule (E) above, when a Participating Agency expends federal funds, offeror certifies that offeror will be in compliance with all applicable provisions of the Contract Work Hours and Safety Standards Act during the term of an award for all contracts by Participating Agency resulting from this procurement process. (F) Rights to Inventions Made Under a Contract or Agreement. If the Federal award meets the definition of “funding agreement” under 37 CFR §401.2 (a) and the recipient or subrecipient wishes to enter into a contract with a small business firm or nonprofit organization regarding the substitution of parties, assignment or performance of experimental, developmental, or research work under that “funding agreement,” the recipient or subrecipient must comply with the requirements of 37 CFR Part 401, “Rights to Inventions Made by Nonprofit Organizations and Small Business Firms Under Government Grants, Contracts and Cooperative Agreements,” and any implementing regulations issued by the awarding agency. 128 • Pursuant to Federal Rule (F) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency resulting from this procurement process, the offeror agrees to comply with all applicable requirements as referenced in Federal Rule (F) above (G) Clean Air Act (42 U.S.C. 7401-7671q.) and the Federal Water Pollution Control Act (33 U.S.C. 1251-1387), as amended— Contracts and subgrants of amounts in excess of $150,000 must contain a provision that requires the non- Federal award to agree to comply with all applicable standards, orders or regulations issued pursuant to the Clean Air Act (42 U.S.C. 7401- 7671q) and the Federal Water Pollution Control Act as amended (33 U.S.C. 1251- 1387). Violations must be reported to the Federal awarding agency and the Regional Office of the Environmental Protection Agency (EPA). • Pursuant to Federal Rule (G) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency member resulting from this procurement process, the offeror agrees to comply with all applicable requirements as referenced in Federal Rule (G) above (H) Debarment and Suspension (Executive Orders 12549 and 12689)—A contract award (see 2 CFR 180.220) must not be made to parties listed on the government wide exclusions in the System for Award Management (SAM), in accordance with the OMB guidelines at 2 CFR 180 that implement Executive Orders 12549 (3 CFR part 1986 Comp., p. 189) and 12689 (3 CFR part 1989 Comp., p. 235), “Debarment and Suspension.” SAM Exclusions contains the names of parties debarred, suspended, or otherwise excluded by agencies, as well as parties declared ineligible under statutory or regulatory authority other than Executive Order 12549. • Pursuant to Federal Rule (H) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term of an award for all contracts by Participating Agency resulting from this procurement process, the offeror certifies that neither it nor its principals is presently debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation by any federal department or agency. If at any time during the term of an award the offeror or its principals becomes debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation by any federal department or agency, the offeror will notify the Participating Agency (I) Byrd Anti-Lobbying Amendment (31 U.S.C. 1352)—Contractors that apply or bid for an award exceeding $100,000 must file the required certification. Each tier certifies to the tier above that it will not and has not used Federal appropriated funds to pay any person or organization for influencing or attempting to influence an officer or employee of any agency, a member of Congress, officer or employee of Congress, or an employee of a member of Congress in connection with obtaining any Federal contract, grant or any other award covered by 31 U.S.C. 1352. Each tier must also disclose any lobbying with non-Federal funds that takes place in connection with obtaining any Federal award. Such disclosures are forwarded from tier to tier up to the non-Federal award. • Pursuant to Federal Rule (I) above, when federal funds are expended by Participating Agency, the offeror certifies that during the term and after the awarded term of an award for all contracts by Participating Agency resulting from this procurement process, the 129 offeror certifies that it is in compliance with all applicable provisions of the Byrd Anti- Lobbying Amendment (31 U.S.C. 1352). The undersigned further certifies that: o No Federal appropriated funds have been paid or will be paid for on behalf of the undersigned, to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with the awarding of a Federal contract, the making of a Federal grant, the making of a Federal loan, the entering into a cooperative agreement, and the extension, continuation, renewal, amendment, or modification of a Federal contract, grant, loan, or cooperative agreement. o If any funds other than Federal appropriated funds have been paid or will be paid to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with this Federal grant or cooperative agreement, the undersigned shall complete and submit Standard Form-LLL, “Disclosure Form to Report Lobbying”, in accordance with its instructions. o The undersigned shall require that the language of this certification be included in the award documents for all covered sub-awards exceeding $100,000 in Federal funds at all appropriate tiers and all subrecipients shall certify and disclose accordingly. RECORD RETENTION REQUIREMENTS FOR CONTRACTS INVOLVING FEDERAL FUNDS When federal funds are expended by Participating Agency for any contract resulting from this procurement process, offeror certifies that it will comply with the record retention requirements detailed in 2 CFR § 200.334. The offeror further certifies that offeror will retain all records as required by 2 CFR § 200.334 for a period of three years after grantees or subgrantees submit final expenditure reports or quarterly or annual financial reports, as applicable, and all other pending matters are closed. CERTIFICATION OF COMPLIANCE WITH THE ENERGY POLICY AND CONSERVATION ACT When Participating Agency expends federal funds for any contract resulting from this procurement process, offeror certifies that it will comply with the mandatory standards and policies relating to energy efficiency which are contained in the state energy conservation plan issued in compliance with the Energy Policy and Conservation Act (42 U.S.C. 6321 et seq.; 49 C.F.R. Part 18). CERTIFICATION OF COMPLIANCE WITH BUY AMERICA PROVISIONS To the extent purchases are made with Federal Highway Administration, Federal Railroad Administration, or Federal Transit Administration funds, offeror certifies that its products comply with all applicable provisions of the Buy America Act and agrees to provide such certification or applicable waiver with respect to specific products to any Participating Agency upon request. Participating Agencies will clearly identify whether Buy America Provisions apply in any issued solicitation. Purchases made in accordance with the Buy America Act must still follow the applicable procurement rules calling for free and open competition. 130 CERTIFICATION OF ACCESS TO RECORDS Offeror agrees that the Inspector General of the Agency or any of their duly authorized representatives shall have access to any non-financial documents, papers, or other records of offeror that are pertinent to offeror’s discharge of its obligations under the Contract for the purpose of making audits, examinations, excerpts, and transcriptions. The right also includes timely and reasonable access to offeror’s personnel for the purpose of interview and discussion relating to such documents. This right of access will last only as long as the records are retained. CERTIFICATION OF APPLICABILITY TO SUBCONTRACTORS Offeror agrees that all contracts it awards pursuant to the Contract shall be bound by the foregoing terms and conditions. 131 CLEAN AIR AND WATER ACT AND DEBARMENT NOTICE By the signature below (Under Federal Required Signatures), I, the Vendor, am in compliance with all applicable standards, orders or regulations issued pursuant to the Clean Air Act of 1970, as Amended (42 U.S. C. 1857 (h), Section 508 of the Clean Water Act, as amended (33 U.S.C. 1368), Executive Order 117389 and Environmental Protection Agency Regulation, 40 CFR Part 15 as required under OMB Circular A-102, Attachment O, Paragraph 14 (1) regarding reporting violations to the grantor agency and to the United States Environment Protection Agency Assistant Administrator for the Enforcement. I hereby further certify that my company has not been debarred, suspended or otherwise ineligible for participation in Federal Assistance programs under Executive Order 12549, “Debarment and Suspension”, as described in the Federal Register and Rules and Regulations. 132 CONTRACTOR REQUIRMENTS Contractor Certification Contractor’s Employment Eligibility By entering the contract, Contractor warrants compliance with the Federal Immigration and Nationality Act (FINA), and all other federal and state immigration laws and regulations. The Contractor further warrants that it is in compliance with the various state statues of the states it is will operate this contract in. Participating Government Entities including School Districts may request verification of compliance from any Contractor or subcontractor performing work under this Contract. These Entities reserve the right to confirm compliance in accordance with applicable laws. Should the Participating Entities suspect or find that the Contractor or any of its subcontractors are not in compliance, they may pursue any and all remedies allowed by law, including, but not limited to: suspension of work, termination of the Contract for default, and suspension and/or debarment of the Contractor. All costs necessary to verify compliance are the responsibility of the Contractor. The offeror complies and maintains compliance with the appropriate statutes which requires compliance with federal immigration laws by State employers, State contractors and State subcontractors in accordance with the E-Verify Employee Eligibility Verification Program. Contractor shall comply with governing board policy of the NCPA Participating entities in which work is being performed. Fingerprint & Background Checks If required to provide services on school district property at least five (5) times during a month, contractor shall submit a full set of fingerprints to the school district if requested of each person or employee who may provide such service. Alternately, the school district may fingerprint those persons or employees. An exception to this requirement may be made as authorized in Governing Board policy. The district shall conduct a fingerprint check in accordance with the appropriate state and federal laws of all contractors, subcontractors or vendors and their employees for which fingerprints are submitted to the district. Contractor, subcontractors, vendors and their employees shall not provide services on school district properties until authorized by the District. The offeror shall comply with fingerprinting requirements in accordance with appropriate statutes in the state in which the work is being performed unless otherwise exempted. Contractor shall comply with governing board policy in the school district or Participating Entity in which work is being performed. Business Operations in Sudan, Iran In accordance with A.R.S. 35-391 and A.R.S. 35-393, the Contractor hereby certifies that the contractor does not have scrutinized business operations in Sudan and/or Iran. 133 REQUIRED CLAUSES FOR FEDERAL ASSISTANCE PROVIDED BY FTA ACCESS TO RECORDS AND REPORTS Contractor agrees to: a) Maintain all non-financial books, records, accounts and reports required under this Contract for a period of not less than two (2) years after the date of termination or expiration of this Contract or any extensions thereof except in the event of litigation or settlement of claims arising from the performance of this Contract, in which case Contractor agrees to maintain same until the FTA Administrator, the U.S. DOT Office of the Inspector General, the Comptroller General, or any of their duly authorized representatives, have disposed of all such litigation, appeals, claims or exceptions related thereto. b) Permit any of the foregoing parties to inspect all non-financial work, materials, and other data and records that pertain to the Project, and to audit the non-financial books, records, and accounts that pertain to the Project and to reproduce by any means whatsoever or to copy excerpts and transcriptions as reasonably needed for the purpose of audit and examination. The right of access detailed in this section continues only as long as the records are retained. FTA does not require the inclusion of these requirements of Article 1.01 in subcontracts. CIVIL RIGHTS / TITLE VI REQUIREMENTS 1) Non-discrimination. In accordance with Title VI of the Civil Rights Act of 1964, as amended, 42 U.S.C. § 2000d, Section 303 of the Age Discrimination Act of 1975, as amended, 42 U.S.C. § 6102, Section 202 of the Americans with Disabilities Act of 1990, as amended, 42 U.S.C. § 12132, and Federal Transit Law at 49 U.S.C. § 5332, Contractor or subcontractor agrees that it will not discriminate against any employee or applicant for employment because of race, color, creed, national origin, sex, marital status age, or disability. In addition, Contractor agrees to comply with applicable Federal implementing regulations and other applicable implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. 2) Equal Employment Opportunity. The following Equal Employment Opportunity requirements apply to this Contract: a. Race, Color, Creed, National Origin, Sex. In accordance with Title VII of the Civil Rights Act, as amended, 42 U.S.C. § 2000e, and Federal Transit Law at 49 U.S.C. § 5332, the Contractor agrees to comply with all applicable Equal Employment Opportunity requirements of U.S. Dept. of Labor regulations, “Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor, 41 CFR, Parts 60 et seq., and with any applicable Federal statutes, executive orders, regulations, and Federal policies that may affect construction activities undertaken in the course of this Project. Contractor agrees 134 to take affirmative action to ensure that applicants are employed, and that employees are treated during employment, without regard to their race, color, creed, national origin, sex, marital status, or age. Such action shall include, but not be limited to, the following: employment, upgrading, demotion or transfer, recruitment or recruitment advertising, layoff or termination, rates of pay or other forms of compensation; and selection for training, including apprenticeship. In addition, Contractor agrees to comply with any implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. b. Age. In accordance with the Age Discrimination in Employment Act (ADEA) of 1967, as amended, 29 U.S.C. Sections 621 through 634, and Equal Employment Opportunity Commission (EEOC) implementing regulations, “Age Discrimination in Employment Act”, 29 CFR Part 1625, prohibit employment discrimination by Contractor against individuals on the basis of age, including present and prospective employees. In addition, Contractor agrees to comply with any implementing requirements FTA may issue that are flowed to Contractor from Awarding Participating Agency. c. Disabilities. In accordance with Section 102 of the Americans with Disabilities Act of 1990, as amended (ADA), 42 U.S.C. Sections 12101 et seq., prohibits discrimination against qualified individuals with disabilities in programs, activities, and services, and imposes specific requirements on public and private entities. Contractor agrees that it will comply with the requirements of the Equal Employment Opportunity Commission (EEOC), “Regulations to Implement the Equal Employment Provisions of the Americans with Disabilities Act,” 29 CFR, Part 1630, pertaining to employment of persons with disabilities and with their responsibilities under Titles I through V of the ADA in employment, public services, public accommodations, telecommunications, and other provisions. d. Segregated Facilities. Contractor certifies that their company does not and will not maintain or provide for their employees any segregated facilities at any of their establishments, and that they do not and will not permit their employees to perform their services at any location under the Contractor’s control where segregated facilities are maintained. As used in this certification the term “segregated facilities” means any waiting rooms, work areas, restrooms and washrooms, restaurants and other eating areas, parking lots, drinking fountains, recreation or entertainment areas, transportation, and housing facilities provided for employees which are segregated by explicit directive or are in fact segregated on the basis of race, color, religion or national origin because of habit, local custom, or otherwise. Contractor agrees that a breach of this certification will be a violation of this Civil Rights clause. 3) Solicitations for Subcontracts, Including Procurements of Materials and Equipment. In all solicitations, either by competitive bidding or negotiation, made by Contractor for work to be performed under a subcontract, including procurements of materials or leases of equipment, each potential subcontractor or supplier shall be notified by Contractor of Contractor's obligations under this Contract and the regulations relative to non-discrimination on the grounds of race, color, creed, sex, disability, age or national origin. 135 4) Sanctions of Non-Compliance. In the event of Contractor's non-compliance with the non-discrimination provisions of this Contract, Public Agency shall impose such Contract sanctions as it or the FTA may determine to be appropriate, including, but not limited to: 1) Withholding of payments to Contractor under the Contract until Contractor complies, and/or; 2) Cancellation, termination or suspension of the Contract, in whole or in part. Contractor agrees to include the requirements of this clause in each subcontract financed in whole or in part with Federal assistance provided by FTA, modified only if necessary to identify the affected parties. DISADVANTAGED BUSINESS PARTICIPATION This Contract is subject to the requirements of Title 49, Code of Federal Regulations, Part 26, “Participation by Disadvantaged Business Enterprises in Department of Transportation Financial Assistance Programs”, therefore, it is the policy of the Department of Transportation (DOT) to ensure that Disadvantaged Business Enterprises (DBEs), as defined in 49 CFR Part 26, have an equal opportunity to receive and participate in the performance of DOT-assisted contracts. 1) Non-Discrimination Assurances. Contractor or subcontractor shall not discriminate on the basis of race, color, national origin, or sex in the performance of this Contract. Contractor shall carry out all applicable requirements of 49 CFR Part 26 in the award and administration of DOT-assisted contracts. Failure by Contractor to carry out these requirements is a material breach of this Contract, which may result in the termination of this Contract or other such remedy as public agency deems appropriate. Each subcontract Contractor signs with a subcontractor must include the assurance in this paragraph. (See 49 CFR 26.13(b)). 2) Prompt Payment. Contractor is required to pay each subcontractor performing Work under this prime Contract for satisfactory performance of that work no later than thirty (30) days after Contractor’s receipt of payment for that Work from public agency. In addition, Contractor is required to return any retainage payments to those subcontractors within thirty (30) days after the subcontractor’s work related to this Contract is satisfactorily completed and any liens have been secured. Any delay or postponement of payment from the above time frames may occur only for good cause following written approval of public agency. This clause applies to both DBE and non-DBE subcontractors. Contractor must promptly notify public agency whenever a DBE subcontractor performing Work related to this Contract is terminated or fails to complete its Work, and must make good faith efforts to engage another DBE subcontractor to perform at least the same amount of work. Contractor may not terminate any DBE subcontractor and perform that Work through its own forces, or those of an affiliate, without prior written consent of public agency. 3) DBE Program. In connection with the performance of this Contract, Contractor will cooperate with public agency in meeting its commitments and goals to ensure that DBEs shall have the maximum practicable opportunity to compete for subcontract work, regardless of whether a contract goal is set for this Contract. Contractor agrees to use good faith efforts to carry out a policy in the award of its subcontracts, agent agreements, and procurement contracts which will, to the fullest extent, utilize DBEs consistent with the efficient performance of the Contract. 136 ENERGY CONSERVATION REQUIREMENTS Contractor agrees to comply with mandatory standards and policies relating to energy efficiency which are contained in the State energy conservation plans issued under the Energy Policy and Conservation Act, as amended, 42 U.S.C. Sections 6321 et seq. and 41 CFR Part 301-10. FEDERAL CHANGES Contractor shall at all times comply with all applicable FTA regulations, policies, procedures and directives, listed directly or by reference in the Contract between Public Agency and the FTA, and those applicable regulatory and procedural updates that are communicated to Contractor by Public Agency, as they may be amended or promulgated from time to time during the term of this contract. Contractor’s failure to so comply shall constitute a material breach of this Contract. INCORPORATION OF FEDERAL TRANSIT ADMINISTRATION (FTA) TERMS The provisions include, in part, certain Standard Terms and Conditions required by the U.S. Department of Transportation (DOT), whether or not expressly set forth in the preceding Contract provisions. All contractual provisions required by the DOT and applicable to the scope of a particular Contract awarded to Contractor by a Public Agency as a result of solicitation, as set forth in the most current FTA Circular 4220.1F, published February 8th, 2016, are hereby incorporated by reference. Anything to the contrary herein notwithstanding, all FTA mandated terms shall be deemed to control in the event of a conflict with other provisions contained in this Contract. Contractor agrees not to knowingly perform any act, knowingly fail to perform any act, or refuse to comply with any reasonable public agency requests that would directly cause public agency to be in violation of the FTA terms and conditions. NO FEDERAL GOVERNMENT OBLIGATIONS TO THIRD PARTIES Agency and Contractor acknowledge and agree that, absent the Federal Government’s express written consent and notwithstanding any concurrence by the Federal Government in or approval of the solicitation or award of the underlying Contract, the Federal Government is not a party to this Contract and shall not be subject to any obligations or liabilities to agency, Contractor, or any other party (whether or not a party to that contract) pertaining to any matter resulting from the underlying Contract. Contractor agrees to include the above clause in each subcontract financed in whole or in part with federal assistance provided by the FTA. It is further agreed that the clause shall not be modified, except to identify the subcontractor who will be subject to its provisions. PROGRAM FRAUD AND FALSE OR FRAUDULENT STATEMENTS Contractor acknowledges that the provisions of the Program Fraud Civil Remedies Act of 1986, as amended, 31 U.S.C. §§ 3801 et seq. and U.S. DOT regulations, “Program Fraud Civil Remedies,” 49 CFR Part 31, apply to its actions pertaining to this Contract. Upon execution of the underlying Contract, Contractor certifies or affirms, to the best of its knowledge, the truthfulness and accuracy of any statement it has made, it makes, it may make, or causes to me 137 made, pertaining to the underlying Contract or the FTA assisted project for which this Contract Work is being performed. In addition to other penalties that may be applicable, Contractor further acknowledges that if it makes, or causes to be made, a false, fictitious, or fraudulent claim, statement, submission, or certification, the Federal Government reserves the right to impose the penalties of the Program Fraud Civil Remedies Act of 1986 on Contractor to the extent the Federal Government deems appropriate. Contractor also acknowledges that if it makes, or causes to me made, a false, fictitious, or fraudulent claim, statement, submission, or certification to the Federal Government under a contract connected with a project that is financed in whole or in part with Federal assistance originally awarded by FTA under the authority of 49 U.S.C. § 5307, the Government reserves the right to impose the penalties of 18 U.S.C. § 1001 and 49 U.S.C. § 5307 (n)(1) on the Contractor, to the extent the Federal Government deems appropriate. Contractor agrees to include the above clauses in each subcontract financed in whole or in part with Federal assistance provided by FTA. It is further agreed that the clauses shall not be modified, except to identify the subcontractor who will be subject to the provisions. 138 FEDERAL REQUIRED SIGNATURES Offeror certifies compliance with all provisions, laws, acts, regulations, etc. as specifically noted in the pages above. It is further acknowledged that offeror agrees to comply with all federal, state, and local laws, rules, regulations and ordinances as applicable. Offeror __________________________________________________________ Address __________________________________________________________ City/State/Zip __________________________________________________________ Authorized Signature __________________________________________________________ Date __________________________________________________________ 139 ANTITRUST CERTIFICATION STATEMENTS TEXAS GOVERNMENT CODE § 2155.005 I affirm under penalty of perjury of the laws of the State of Texas that: (1) I am duly authorized to execute this contract on my own behalf or on behalf of the company, corporation, firm, partnership or individual (Company) listed below; (2) In connection with this bid, neither I nor any representative of the Company has violated any provision of the Texas Free Enterprise and Antitrust Act, Tex. Bus. & Comm. Code Chapter 15; (3) In connection with this bid, neither I nor any representative of the Company has violated any federal antitrust law; and (4) Neither I nor any representative of the Company has directly or indirectly communicated any of the contents of this bid to a competitor of the Company or any other company, corporation, firm, partnership or individual engaged in the same line of business as the Company. Company Name __________________________________________________________ Address __________________________________________________________ City/State/Zip __________________________________________________________ Telephone Number __________________________________________________________ Fax Number __________________________________________________________ Email Address __________________________________________________________ Printed Name __________________________________________________________ Title __________________________________________________________ Authorized Signature __________________________________________________________ 140 STATE NOTICE ADDENDUM The National Cooperative Purchasing Alliance (NCPA), on behalf of NCPA and its current and potential participants to include all county, city, special district, local government, school district, private K-12 school, higher education institution, state, tribal government, other government agency, healthcare organization, nonprofit organization and all other Public Agencies located nationally in all fifty states, issues this Request for Proposal (RFP) to result in a national contract. For your reference, the links below include some, but not all, of the entities included in this proposal: http://www.usa.gov/Agencies/State_and_Territories.shtml https://www.usa.gov/local-governments 141 Reseller Name Contact Email 11:11 Systems Heath Johnson hjohnson@1111systems.com 5S Technologies Michael Overton michael.overton@5stechnologies.com ACC Technical Services, Inc (Acctek)Paul White pwhite@acctek.com Ahead, Inc.Brooks Souders brooks.souders@ahead.com Airgap Labs LLC Frank Wang fwang@airgaplabs.com All Covered Adam Goebel agoebel@allcovered.com AMS.NET Thomas Vasconi tvasconi@ams.net Aquila, Inc.Aaron Jaramillo aaronj@aquilagroup.com Aspire Technology Partners, LLC Daniel Bongiovanni teamaspire@aspiretransforms.com BCI, Inc.Robin Carpenter rcarpenter@bcianswers.com Blackhawk Data Maryanne Pagano mpagano@blackhawk11.com BorderLAN Security Diane Rogers diane@borderlan.com; deena@borderlan.com C2 Enterprises Phil Thompson philip.thompson@c2itsystems.com Carolina Advanced Digital Susan Jabbusch susan@cadinc.com Carousel Industries of North America, LLC Lauren Testa ltesta@carouselindustries.com Chromis Technology, LLC Zach Garcia zgarcia@chromis.com Compuquip Cybersecurity Luis Santiago lsantiago@compuquip.com Computacenter Mitzi Justice mitzi.justice@computacenter.com CCNY Tech Jason Germond jason.germond@ccnytech.com Continental Resources, Inc. (ConRes)Lou Novakis lnovakis@conres.com Converge Technology Solutions Lynda Thomas ContractSalesSupport-PublicSector@convergetp.com DataFree'd Mike Phalovich mpuhalovich@datafreed.com DGR Systems Amanda Dugger adugger@dgrsystems.com DOF Creations, LLC.Saeed Gordon sbgordon@dofcreations.com Dox Electronics Ken Schwartz kens@doxnet.com DyntekServices (Exclusive Networks)Darlene Pricher darlene.pricher@dyntek.com EduTek Ltd Mario Caligiuri mario.caligiuri@edutekltd.com ePlus Technology, Inc.Amy Knower Amy.Knower@eplus.com ESX Technology Solutions Renee Ramirez rramirez@esxtech.com Gulf South Technology Solutions, Inc James Moak james@gulfsouthtech.com GST Phillip Lin phillipl@gstinc.com Heartland Business Solutions Partner Relations inquiry@hbs.net Hypertec USA Mike Marracino mmarracino@hypertec.com iConvergence Beau Peyton beaup@iconvergence.com Infobond Jo Davalos wyragui@infobond.com; jdavalos@infobond.com In-Telecom Consulting LLC Shawn Torres storres@in-telecom.com InterDev LLC Gary Nichols GNichols@Interdev.com ISG Technology Michael Reece mreece@isgtech.com ISSQUARED, Inc.Lee Craft-Gobeille curt.hedges@ncanet.com; lee.craft@ncanet.com Katalyst Luke Johnson ljohnson@katalystng.com Layer 3 Communications Paula Sands psands@layer3com.com Layer8 Consulting Elden Quesinberry equesinberry@L8C.com Liquid Networx Robert Short Ateam@liquidnetworx.com Mission Critical Systems Maryanne Caruso mcaruso@locked.com MXN Corporation (Exclusive Networks)Deborah Arnett insidesales@mxncorp.com Nth Generation Computing Inc Steve Jung Steve.Jung@nth.com NetSync Jeff Barker jbarker@netsync.com Network Experts of New York Anu McGowan anu@albany-technology.com PC Solutions & Integration (Exclusive Networks)David Rudnick david@pcsusa.net Peak Methods Jennifer McCuistian peak.accounting@peakuptime.com; Jennifer.McCuistian@peakuptime.com PIER Group LLC Chad Williams cwilliams@piergroup.com PNG Telecommunications Inc., dba Powernet Tony Wells twells@powernetco.com PNW Security LLC Derek Hanson derek@pnwsecurity.com Presidio Jackie Arnett jarnett@presidio.com Prosys Mitzi Justice mitzi.justice@prosysis.com NCPA /Omnia Partners Fortinet Contract 01-154 - Authorized Reseller Partners Fortinet NCPA 01-154 Resellers DocuSign Envelope ID: 9B0C3DA4-7F48-4B24-BB04-11C700CC842D 142150 Seamless Advanced Solutions Steven Frank sfrank@sas-us.com Secure Cyber Defense LLC Judy Brinegar jbrinegar@secdef.com Scientel Solutions Glenn Luckman gluckman@scientelsolutions.com SHI Hannah Visbeen PS_Contracts@shi.com Sun Management John Samuel jsamuel@sunmanagement.net Structured Communication Services, Inc.Casey Richmond crichmond@structured.com Step CG Luke Gurekovich lgurekovich@stepcg.com Surelock Technology Guy Anderson ganderson@surelocktechnology.com TekLinks dba C Spire Business Nicky Hobbs nhobbs@cspire.com Terawolf Technologies Inc Gaylord Van Brocklin gvb@terawolf.com Universal Data Stephanie Kavanaugh skavanaugh@udi.com United Data Technologies Mike Hendrix mhendrix@udtonline.com Verinext Drew Campbell drew.campbell@verinext.com Vector Resources, Inc. dba VectorUSA Briana Borrenpohl bfernandes@vectorusa.com World Wide Technologies Matt Lang Matthew.Lang@wwt.com; Carol.Harting@wwt.com Xigent Solutions Barb Canham barbcanham@xigentsolutions.com; Xiologix LLC Sheryl Still inside_sales@xiologix.com Xtel Communications Harbinder Goraya harbinder@xtel.net Zivaro Sean McCroskey smccroskey@zivaro.com Fortinet NCPA 01-154 Resellers DocuSign Envelope ID: 9B0C3DA4-7F48-4B24-BB04-11C700CC842D 143151 PRESS RELEASE Acquisition of NCPA Offers Additional Value to the Market FRANKLIN, Tenn., Dec. 6, 2022 /PRNewswire/ -- OMNIA Partners announces the acquisition of National Cooperative Purchase Alliance (NCPA), a leading national government purchasing cooperative based in Houston, TX. This most recent acquisition enriches OMNIA Partners as the nation's most experienced cooperative purchasing organization serving state and local government, K-12 education, and higher education institutions. The successful integration of NCPA into OMNIA Partners augments the organization's differentiators of unparalleled scale and expertise while driving increased savings and efficiency for the purchasing community. "OMNIA Partners is recognized as the leader in cooperative purchasing by continually creating additional value and delivering extensive solutions to our participants and suppliers," said M. Todd Abner, Founder, President & CEO of OMNIA Partners. "The acquisition of NCPA enhances our value in the public sector market by adding additional world class supplier partners and further extending OMNIA Partners reach into the public sector." OMNIA Partners, Public Sector will continue to utilize the lead agency contracting process that has become a strategic best practice in public procurement. All contracts available in the portfolio have been competitively solicited and publicly awarded by a lead agency. The expansive contract portfolio and all contract documentation may be viewed on the website. "NCPA is thrilled to join OMNIA Partners," says Matthew Mackel, Director of Business Development, NCPA. "The merger of our two organizations will provide procurement teams immediate access to a 144 larger offering of innovative, world-class solutions that will transform their purchasing process." About OMNIA Partners OMNIA Partners, Public Sector is the nation's largest and most experienced cooperative purchasing organization dedicated to public sector procurement. Our immense purchasing power and industry- leading suppliers have produced a comprehensive portfolio of cooperative contracts and partnerships, making OMNIA Partners the most valued and trusted resource for organizations nationwide. Through the economies of scale created by OMNIA Partners, our participants now have access to an extensive portfolio of competitively solicited and publicly awarded agreements. The lead agency contracting process continues to be the foundation on which we are founded. OMNIA Partners is proud to offer more value and resources to K -12 education, state and local government, higher education, and non - profits. 145 Document Number FEI/EIN Number Date Filed Effective Date State Status Last Event Event Date Filed Event Effective Date Department of State / Division of Corporations / Search Records / Search by Entity Name / Detail by Entity Name Florida Limited Liability Company COMPUQUIP TECHNOLOGIES, LLC Filing Information L13000063675 59-2189948 04/30/2013 05/07/1982 FL ACTIVE CONVERSION 04/30/2013 NONE Principal Address 9737 NW 41 Street Suite 786 Doral, FL 33178 Changed: 01/03/2020 Mailing Address 9737 NW 41 Street Suite 786 Doral, FL 33178 Changed: 12/18/2019 Registered Agent Name & Address DOSAL, ERIC 9737 NW 41 Street Suite 786 Doral, FL 33178 Address Changed: 12/18/2019 Authorized Person(s) Detail Name & Address Title MGR D C Florida Department of State 5/8/24, 4:40 PM Detail by Entity Name https://search.sunbiz.org/Inquiry/CorporationSearch/SearchResultDetail?inquirytype=EntityName&directionType=Initial&searchNameOrder=COMPUQ…1/2146 DOSAL, BRIAN 9737 NW 41 Street Suite 786 Doral, FL 33178 Title MGR DOSAL, ERIC 9737 NW 41 Street Suite 786 Doral, FL 33178 Annual Reports Report Year Filed Date 2022 03/08/2022 2023 03/03/2023 2024 02/08/2024 Document Images 02/08/2024 -- ANNUAL REPORT View image in PDF format 03/03/2023 -- ANNUAL REPORT View image in PDF format 03/08/2022 -- ANNUAL REPORT View image in PDF format 01/31/2021 -- ANNUAL REPORT View image in PDF format 01/03/2020 -- ANNUAL REPORT View image in PDF format 12/18/2019 -- AMENDED ANNUAL REPORT View image in PDF format 02/27/2019 -- ANNUAL REPORT View image in PDF format 08/04/2018 -- AMENDED ANNUAL REPORT View image in PDF format 01/15/2018 -- ANNUAL REPORT View image in PDF format 11/07/2017 -- AMENDED ANNUAL REPORT View image in PDF format 02/02/2017 -- ANNUAL REPORT View image in PDF format 02/08/2016 -- ANNUAL REPORT View image in PDF format 02/02/2015 -- ANNUAL REPORT View image in PDF format 12/10/2014 -- AMENDED ANNUAL REPORT View image in PDF format 01/21/2014 -- ANNUAL REPORT View image in PDF format 04/30/2013 -- Florida Limited Liability View image in PDF format Florida Department of State, Division of Corporations 5/8/24, 4:40 PM Detail by Entity Name https://search.sunbiz.org/Inquiry/CorporationSearch/SearchResultDetail?inquirytype=EntityName&directionType=Initial&searchNameOrder=COMPUQ…2/2147 9737 NW 41 STREET SUITE 786 DORAL, FL 33178 Current Principal Place of Business: Current Mailing Address: 9737 NW 41 STREET SUITE 786 DORAL, FL 33178 US Entity Name: COMPUQUIP TECHNOLOGIES, LLC DOCUMENT# L13000063675 FEI Number: 59-2189948 Certificate of Status Desired: Name and Address of Current Registered Agent: DOSAL, ERIC 9737 NW 41 STREET SUITE 786 DORAL, FL 33178 US The above named entity submits this statement for the purpose of changing its registered office or registered agent, or both, in the State of Florida. SIGNATURE: Electronic Signature of Registered Agent Date Authorized Person(s) Detail : I hereby certify that the information indicated on this report or supplemental report is true and accurate and that my electronic signature shall have the same legal effect as if made under oath; that I am a managing member or manager of the limited liability company or the receiver or trustee empowered to execute this report as required by Chapter 605, Florida Statutes; and that my name appears above, or on an attachment with all other like empowered. SIGNATURE: Electronic Signature of Signing Authorized Person(s) Detail Date FILED Feb 08, 2024 Secretary of State 9061756142CC ERIC DOSAL CFO 02/08/2024 2024 FLORIDA LIMITED LIABILITY COMPANY ANNUAL REPORT Yes Title MGR Name DOSAL, BRIAN Address 9737 NW 41 STREET SUITE 786 City-State-Zip:DORAL FL 33178 Title MGR Name DOSAL, ERIC Address 9737 NW 41 STREET SUITE 786 City-State-Zip:DORAL FL 33178 148 20A .............................................................................................MIAMI HERALD FRIDAY MAY 24 2024 GULFSTREAM PARK ENTRIES FOR MAY 24 Copyright 2024 Equibase Company. POST TIME 12:55 P.M. 1ST--$65,000,5 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Ghostly Rose (FL)L Reyes 118 J E Gonzalez 30/1 2 Legal Maneuver (KY)J C Ferrer 118 C A David 4/1 3 War Warrior (KY)M A Vasquez 118 M E Casse 3/1 4 Megastar (ON)E Gonzalez 118 F Abreu 10/1 5 Hyper Venom (NY)A Thomas 118 M V Laurato 20/1 6 Incanto (IRE)H R Diaz,Jr.118 J Sisterson 8/5 7 Fear the Facts (KY)E Perez 118 R B Hess,Jr.5/1 8 Honor That Dude (LA)E Jaramillo 118 M E Casse 8/1 2ND--$41,000,1 1/16th Miles Turf PP Horse Jockey Wgt Trainer Odds 1 Grand David (KY)E Jaramillo 122 V Barboza,Jr.9/2 2 Treasure King (FL)E J Zayas 122 S A Joseph,Jr.7/2 3 Uno Tiger (FL)L Reyes 122 K O’Connell 20/1 4 Awesome Crusader (FL)E Gonzalez 120 C A David 10/1 5 Hakkimi (CHI)E Perez 120 A M Sanchez 12/1 6 American Speed (KY)J E Morelos 120 J O’Dwyer 2/1 7 Cashier Check (FL)M A Vasquez 122 V Barboza,Jr.6/1 8 Mutaawid (KY)L Panici 122 D C Hurtak 10/1 9 Vladislav (KY)S Leon 122 O M Gonzalez 8/1 3RD--$25,000,1 Mile PP Horse Jockey Wgt Trainer Odds 1 Lola Loca (FL)J E Morelos 125 L Duco 8/1 2 Rose View (FL)E Greenidge 111 R Laurin 6/1 3 Awesomely Wild (FL)R Martinez 108 V Heard 20/1 4 Alma Pura (FL)A Santos 118 A O Agostini 10/1 5 Iron Shield (KY)E J Zayas 118 S A Joseph,Jr.8/5 6 Spanish Girl (KY)M Gonzalez 108 P R Garcia 15/1 7 Family Stash (FL)J Trejos 125 A W Dobber 30/1 8 Lady Monique (KY)C Gil 118 C Narvaez 2/1 9 Lady Oakridge (LA)L Reyes 118 M J Williams 12/1 4TH--$33,000,5 1/2 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Condora (FL)E J Zayas 118 E Plesa,Jr.5/2 2 Chloe’s Toy (KY)L Reyes 123 S Budhoo 2/1 3 Foxy Lady (FL)R Martinez 113 P R Garcia 10/1 4 Wisco Disco (KY)E Jaramillo 118 C A David 4/1 5 Miguel’s Belle (FL)M Gonzalez 110 C A David 12/1 6 Patty’s Having Fun (FL)S Leon 118 F Santillana 15/1 7 Kaitie Kait (FL)M A Vasquez 118 E Cordero 7/2 5TH--$41,000,1 Mile Turf PP Horse Jockey Wgt Trainer Odds 1 Hot Blooded (FL)H R Diaz,Jr.118 M J Maker 7/2 2 Henley’s Joy (KY)M A Vasquez 118 J F D’Angelo 3/1 3 Golden Glider (KY)J E Morelos 118 M E Casse 12/1 4 Fly the W (KY)E J Zayas 120 B S Dibona 9/5 5 Sword Zorro (IRE)E Gonzalez 118 R Keithan 20/1 6 Lord of War (KY)E Jaramillo 118 M E Casse 5/1 7 Mr Crowley (ON)L Reyes 120 B N Croft 8/1 8 Sir Saffer (FL)J C Ferrer 118 K O’Connell 20/1 6TH--$23,000,5 1/2 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Nightsaber (GB)J M Rios 125 S D Acker 15/1 2 R Firebird (FL)A Santos 120 G S Bennett 10/1 3 Misprint (KY)L Reyes 120 B S Dibona 8/1 4 Taking It All (FL)L Panici 120 G F Lee 7/2 5 Ave Fenix (KY)E Gonzalez 125 M McGoey 20/1 6 Musical Journey (FL)A Medina 125 A De La Cerda 30/1 7 Red Hot Spark (FL)E J Zayas 120 E L Dobles 3/1 8 Splurge (FL)M A Vasquez 125 C A David 5/2 9 Kozem (KY)J E Morelos 120 R Coy 10/1 10 Glorious Wave (FL)J Trejos 125 A Quiroz 8/1 7TH--$33,000,1 Mile 70 Yards PP Horse Jockey Wgt Trainer Odds 1 Musthavebeenlove (FL)L Reyes 118 K O’Connell 20/1 2 Thank the Academy (KY)S Spanabel 123 A O Agostini 15/1 3 Confer (FL)J C Ferrer 123 L Cazares 10/1 4 Ground Stop (KY)H R Diaz,Jr.123 D Damen 20/1 5 Cloud Storage (FL)A Santos 123 G S Bennett 12/1 6 Trendy (KY)E Gonzalez 118 M Bowersock 8/1 7 Go Margie Go (KY)M A Vasquez 120 B Kelly 9/2 8 Dontmesswithtess (CA)E Perez 123 H Wilensky 7/2 9 Singing Sandra (FL)L Panici 118 K O’Connell 6/1 10 Cabernet (FL)E J Zayas 123 J Alvarado 8/1 11 Beira (KY)E Jaramillo 118 V Barboza,Jr.4/1 8TH--$61,000,5 Furlongs (Turf) PP Horse Jockey Wgt Trainer Odds 1 Candymaker (KY)H R Diaz,Jr.118 T Schuh 15/1 2 Richy (FL)L Panici 123 J M Gulick 12/1 3 Cantaro (KY)L Reyes 123 J Garoffalo 6/1 4 Portofino (KY)E J Zayas 123 J F Orseno 9/5 5 Bella Future (FL)M A Vasquez 125 L Cazares 4/1 6 Three Zero (KY)S Leon 123 C A David 6/1 7 Abrir Caminos (CHI)E Perez 123 A M Sanchez 5/1 8 Nichiren (CA)J M Rios 123 R Crichton 8/1 9 Classicstateofmind (KY)J E Morelos 123 A Graffeo 30/1 9TH--$60,000,5 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Manhattan Boy (FL)J E Morelos 118 O M Gonzalez 20/1 2 Power of Justice (KY)L Reyes 124 L Cazares 5/1 3 Rivertrance (KY)E J Zayas 118 M E Casse 9/2 4 Tricky Tiger (FL)S Leon 118 J D Arias 30/1 5 Cheyenne Brave (FL)E Perez 124 K O’Connell 8/1 6 Hope You Dance (NY)A Thomas 119 A Graffeo 10/1 7 Urban Legend (KY)E Jaramillo 118 J F D’Angelo 9/5 8 Four Beach Friends (KY)L Panici 118 S Dwoskin 8/1 9 Doctor’s Orders (FL)M A Vasquez 118 M E Casse 4/1 HORSE RACING GULFSTREAM PARK ENTRIES FOR MAY 25 Copyright 2024 Equibase Company. POST TIME 12:55 P.M. 1ST--$33,000,5 1/2 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Galipan (FL)L Reyes 118 F Santillana 20/1 2 Breezer (KY)E Perez 118 J F D’Angelo 10/1 3 Academy Choice (NY)A Thomas 123 H Alter 2/1 4 Insisting (FL)C Gil 118 J F D’Angelo 10/1 5 Mr Narcissistic (ON)E J Zayas 123 S A Joseph,Jr.9/5 6 Pack Plays (CA)L Panici 118 D A Dakin 15/1 7 Etnico (NY)E Jaramillo 123 F Abreu 5/2 2ND--$29,000,1 Mile Turf PP Horse Jockey Wgt Trainer Odds 1 Tiz a Prince (KY)A Santos 121 V Russo 20/1 2 Uranium (KY)A Morales 121 N Moubarak 5/1 3 Harpoon Harry (KY)E Gonzalez 123 G S Bennett 8/1 4 Grand Journey (KY)J C Ferrer 123 C A David 8/5 5 My Boy Blue (KY)L Panici 121 L Kurtinecz 15/1 6 Vintner (FL)H R Diaz,Jr.121 M R Yanez 30/1 7 Citizen K (NY)E J Zayas 123 B S Dibona 9/5 8 My Man Flint (KY)J M Rios 121 K Davey 10/1 9 Copazo (FL)S Leon 121 G Ochoa 30/1 3RD--$37,000,5 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Foggy Note (FL)M A Vasquez 125 R B Spatz 5/2 2 Peggysue I Love U (FL)E Gonzalez 120 M Bowersock 15/1 3 Three Girls (NY)A Santos 125 J Delgado 2/1 4 Lita (NY)L Reyes 125 S Klesaris 3/1 5 Time to Salsa (FL)J Suarez 125 P R Torres 30/1 6 Super Spin (FL)E J Zayas 125 J F Orseno 9/2 7 Princess Blakely (FL)H R Diaz,Jr.125 C M Gambolati 6/1 4TH--$25,000,7 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Assertive Attitude (KY)E Perez 124 P M Serpe 6/1 2 Bullet Blues (FL)R Martinez 108 L J McKanas 30/1 3 Blazing Tyreek (KY)S Leon 118 D C Hurtak 20/1 4 Fifty One Fifty (FL)J Ocasio 124 L M Ramirez 6/1 5 Im Still Brave (FL)E J Zayas 124 P R Torres 9/2 6 Jake’s Affection (KY)J C Ferrer 118 P M Serpe 15/1 7 Rebel Joke (ON)E Gonzalez 124 G Delgado 8/1 8 Golden Sombrero (KY)L Reyes 124 B S Dibona 3/1 9 Testa Dura (NY)L Panici 124 D J Manning 12/1 10 Tapit’s Direction (FL)C Gil 124 H Alter 12/1 11 Franks Mimi (FL)J M Rios 118 M Yates 5/1 5TH--$75,000,5 Furlongs Turf PP Horse Jockey Wgt Trainer Odds 1 All in Sync (KY)H R Diaz,Jr.117 T Schuh 10/1 2 Grimes (KY)E J Zayas 117 F Abreu 12/1 3 Hilarious Affair (KY)L Reyes 117 F Abreu 5/1 4 Sigiloso (FL)M Meneses 116 A M Sanchez 6/1 5 Bouncer (FL)M A Vasquez 117 M E Casse 8/1 6 Xy Speed (KY)E Gonzalez 123 M Lerman 7/5 7 Mamba On Three (FL)E Jaramillo 120 F Abreu 5/2 6TH--$26,000,1 Mile 70 Yards PP Horse Jockey Wgt Trainer Odds 1 Initforthelove (FL)E J Zayas 122 G S Bennett 7/2 2 Uncle Armando (FL)S Leon 122 D C Hurtak 6/1 3 Burning Man (KY)A Thomas 122 M Ciamei 20/1 4 Readyseekgo (KY)J M Rios 122 K Davey 20/1 5 Swan Lake (FL)L Reyes 122 E L Dobles 7/5 6 Voltamour (ON)J Trejos 122 M McGoey 30/1 7 Captain Anthony (FL)E Gonzalez 120 F Abreu 5/2 8 Millennium Condo (KY)J E Morelos 122 E Soler 10/1 7TH--$100,000,7 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Mbagnick (CHI)M Meneses 119 A M Sanchez 10/1 2 Loco Abarrio (FL)E Gonzalez 120 R B Spatz 5/2 3 Collaborate (KY)L Reyes 118 R B Hess,Jr.10/1 4 Shaq Diesel (FL)M A Vasquez 120 D Fawkes 4/1 5 Vivir Con Alegria (CHI)E Perez 120 A M Sanchez 6/1 6 Octane (FL)E Jaramillo 124 J Alvarado 7/5 7 Ticking (FL)E J Zayas 118 E Plesa,Jr.20/1 8TH--$25,000,5 Furlongs PP Horse Jockey Wgt Trainer Odds 1 Six Feet Apart (KY)E Greenidge 114 G G Jackson 15/1 2 Wicklow Gal (FL)M Gonzalez 11110 C A David 9/2 3 Heir to the Roar (FL)J E Morelos 123 R Sierra 4/1 4 Lovin Makes Cents (FL)M A Vasquez 123 E Nunez 7/2 5 Magic Moonstar (FL)J C Ferrer 121 J Garoffalo 12/1 6 Macassa (FL)S Leon 121 B N Croft 30/1 7 Kikilove (FL)L Reyes 121 R Romero 20/1 8 Drinks On Me (KY)C Gil 121 N Moubarak 6/1 9 Ideal Breeze (FL)A Thomas 121 K A Guciardo 12/1 10 Sheza Rajun Cajun (FL)E Gonzalez 121 S D Acker 10/1 11 Amor Y Control (FL)J Trejos 121 M Ciamei 6/1 9TH--$95,000,1 1 16th Miles (Turf) PP Horse Jockey Wgt Trainer Odds 1 Love Me Not (KY)J E Morelos 122 M Ciamei 20/1 2 Marwad (GB)L Reyes 122 N Moubarak 6/1 3 Benvolio (KY)S Leon 115 H Parra 30/1 4 Me and Mr.C (FL)H R Diaz,Jr.122 M J Maker 9/2 5 Eldon’s Prince (ON)M A Vasquez 122 S A Joseph,Jr.6/1 6 Eyes On the King (KY)E Jaramillo 122 M E Casse 10/1 7 Main Event (KY)E J Zayas 124 F Abreu 7/5 8 Win for the Money (KY)E Gonzalez 122 M E Casse 3/1 10TH--$33,000,1 Mile 70 Yards PP Horse Jockey Wgt Trainer Odds 1 Heathcliff (KY)M A Vasquez 118 A De La Cerda 6/1 2 Dollar Liberty (KY)C Gil 118 N Moubarak 10/1 3 Karaoke (KY)H R Diaz,Jr.118 J F Orseno 10/1 4 Team Captain (KY)E Jaramillo 118 F Abreu 3/1 5 Silent and Violent (ON)L Reyes 118 J F D’Angelo 7/2 6 Mega Glorious (KY)J C Ferrer 118 X A Rivera 6/1 7 Miracle Trip (KY)E Perez 118 J F D’Angelo 12/1 8 Designated Hitter (KY)E J Zayas 118 J B Begg 5/1 9 My Noble Knight (FL)J M Rios 118 X A Rivera 15/1 10 Magicshadow (FL)L Panici 118 B N Croft 20/1 11TH--$61,000,1 Mile Turf PP Horse Jockey Wgt Trainer Odds 1 O Captain (KY)E Gonzalez 120 G Delgado 5/1 2 Scat Tu Tap (KY)S Leon 120 F Abreu 10/1 3 Big Commerce (KY)L Reyes 120 J F D’Angelo 12/1 4 Swashbuckle (NY)E Perez 122 J Negrete 10/1 5 Fredo (KY)L Panici 120 A Sano 8/5 6 Immense Faith (KY)H R Diaz,Jr.120 R Yanez 30/1 7 Lord Eddard Stark (FL)E J Zayas 120 J F Orseno 6/1 8 Spy Hunter (FL)E Jaramillo 120 J F D’Angelo 3/1 9 Analogy (KY)J C Ferrer 120 H Parra 30/1 GULFSTREAM PARK RESULTS FOR MAY 23 Copyright 2024 Equibase Company. 1ST--5 Furlongs 8 Speed of Sound Hector Rafael Diaz,Jr.16.60 7.00 4.20 2 Popstyle Edwin Gonzalez 4.00 2.80 4 Episode Leonel Reyes 5.60 $1 Exacta (8-2)$28.70;$0.10 Superfecta (8-2-4-3)$99.54; $0.50 Trifecta (8-2-4)$85.65. 2ND--1 Mile Dirt 2 El Rojo Vivo Leonel Reyes 6.40 4.20 4.40 3 Fontina Edgard J.Zayas 4.20 4.80 1 Antillean Elijah Greenidge 5.60 $1 Daily Double (8-2)$23.10;$1 E (2-3)$18.20;$0.10 S (2-3-1-7)$9.93;$0.50 T (2-3-1)$26.55. 3RD--5 1/2 Furlongs 4 Acamar Miguel Angel Vasquez 9.80 5.00 3.40 5 Truth and Honesty Jesus M.Rios 4.20 3.00 9 Warlord Cruzan Joseph Trejos 4.40 $1 DD (2-4)$25.30;$1 E (4-5)$18.30;$0.10 S (4-5-9-1) $76.051;$0.50 T (4-5-9)$65.15. 4TH--7 Furlongs Dirt 4 Awesome Beast Edwin Gonzalez 20.80 12.00 5.20 5 Sioux Edgard J.Zayas 5.00 2.80 1 Jonas’Dream Emisael Jaramillo 2.40 $1 DD (4-4)$92.10;$1 E (4-5)$58.40;$0.10 S (4-5-1-2) $58.59;$0.50 T (4-5-1)$76.90. 5TH--7 1/2 Furlongs Turf 8 Mister Abarrio Edgard J.Zayas 6.80 3.40 2.20 7 Internal Capital Cipriano Gil 5.00 3.40 9 Split Strike Emisael Jaramillo 2.60 4 Iron Man Jimmy Leonel Reyes 2.40 $1 DD (4-8)$54.00;$1 E (8-7)$18.00;$0.10 S (8-7-4-9) $26.25;$0.10 S (8-7-9-4)$29.99;$0.50 T (8-7-9)$23.15; $0.50 T (8-7-4)$32.25. 6TH--6 1/2 Furlongs Dirt 3 One Sharp Cookie Edgard J.Zayas 6.00 3.40 2.80 4 Street Earnings Edwin Gonzalez 9.80 6.60 2 Asher’s Edge Miguel Angel Vasquez 5.00 $1 DD (8-3)$9.50;$1 E (3-4)$48.30;$0.10 S (3-4-2-5) $83.09;$0.50 T (3-4-2)$117.45. 7TH--5 Furlongs 5 Anatomy Miguel Angel Vasquez 14.60 3.80 2.80 1 Admiral Hopper Edgard J.Zayas 2.20 2.10 8 Fortuna Belle Edwin Gonzalez 3.40 $1 DD (3-5)$25.10;$1 E (5-1)$13.00;$0.10 S (5-1-8-7) $18.55;$0.50 T (5-1-8)$28.05. 8TH--1 Mile Turf 3 Modica Hector Rafael Diaz,Jr.10.60 4.80 3.20 4 Sir Mendel Leonel Reyes 7.00 4.00 9 Whiting Field Edwin Gonzalez 3.20 $1 DD (5-3)$39.70;$1 E (3-4)$32.50;$0.10 S (3-4-9-1) $37.46;$0.50 T (3-4-9)$53.55. 149 Reseller Name Contact Email 11:11 Systems Heath Johnson hjohnson@1111systems.com 5S Technologies Michael Overton michael.overton@5stechnologies.com ACC Technical Services, Inc (Acctek)Paul White pwhite@acctek.com Ahead, Inc.Brooks Souders brooks.souders@ahead.com Airgap Labs LLC Frank Wang fwang@airgaplabs.com All Covered Adam Goebel agoebel@allcovered.com AMS.NET Thomas Vasconi tvasconi@ams.net Aquila, Inc.Aaron Jaramillo aaronj@aquilagroup.com Aspire Technology Partners, LLC Daniel Bongiovanni teamaspire@aspiretransforms.com BCI, Inc.Robin Carpenter rcarpenter@bcianswers.com Blackhawk Data Maryanne Pagano mpagano@blackhawk11.com BorderLAN Security Diane Rogers diane@borderlan.com; deena@borderlan.com C2 Enterprises Phil Thompson philip.thompson@c2itsystems.com Carolina Advanced Digital Susan Jabbusch susan@cadinc.com Carousel Industries of North America, LLC Lauren Testa ltesta@carouselindustries.com Chromis Technology, LLC Zach Garcia zgarcia@chromis.com Compuquip Cybersecurity Luis Santiago lsantiago@compuquip.com Computacenter Mitzi Justice mitzi.justice@computacenter.com CCNY Tech Jason Germond jason.germond@ccnytech.com Continental Resources, Inc. (ConRes)Lou Novakis lnovakis@conres.com Converge Technology Solutions Lynda Thomas ContractSalesSupport-PublicSector@convergetp.com DataFree'd Mike Phalovich mpuhalovich@datafreed.com DGR Systems Amanda Dugger adugger@dgrsystems.com DOF Creations, LLC.Saeed Gordon sbgordon@dofcreations.com Dox Electronics Ken Schwartz kens@doxnet.com DyntekServices (Exclusive Networks)Darlene Pricher darlene.pricher@dyntek.com EduTek Ltd Mario Caligiuri mario.caligiuri@edutekltd.com ePlus Technology, Inc.Amy Knower Amy.Knower@eplus.com ESX Technology Solutions Renee Ramirez rramirez@esxtech.com Gulf South Technology Solutions, Inc James Moak james@gulfsouthtech.com GST Phillip Lin phillipl@gstinc.com Heartland Business Solutions Partner Relations inquiry@hbs.net Hypertec USA Mike Marracino mmarracino@hypertec.com iConvergence Beau Peyton beaup@iconvergence.com Infobond Jo Davalos wyragui@infobond.com; jdavalos@infobond.com In-Telecom Consulting LLC Shawn Torres storres@in-telecom.com InterDev LLC Gary Nichols GNichols@Interdev.com ISG Technology Michael Reece mreece@isgtech.com ISSQUARED, Inc.Lee Craft-Gobeille curt.hedges@ncanet.com; lee.craft@ncanet.com Katalyst Luke Johnson ljohnson@katalystng.com Layer 3 Communications Paula Sands psands@layer3com.com Layer8 Consulting Elden Quesinberry equesinberry@L8C.com Liquid Networx Robert Short Ateam@liquidnetworx.com Mission Critical Systems Maryanne Caruso mcaruso@locked.com MXN Corporation (Exclusive Networks)Deborah Arnett insidesales@mxncorp.com Nth Generation Computing Inc Steve Jung Steve.Jung@nth.com NetSync Jeff Barker jbarker@netsync.com Network Experts of New York Anu McGowan anu@albany-technology.com PC Solutions & Integration (Exclusive Networks)David Rudnick david@pcsusa.net Peak Methods Jennifer McCuistian peak.accounting@peakuptime.com; Jennifer.McCuistian@peakuptime.com PIER Group LLC Chad Williams cwilliams@piergroup.com PNG Telecommunications Inc., dba Powernet Tony Wells twells@powernetco.com PNW Security LLC Derek Hanson derek@pnwsecurity.com Presidio Jackie Arnett jarnett@presidio.com Prosys Mitzi Justice mitzi.justice@prosysis.com NCPA /Omnia Partners Fortinet Contract 01-154 - Authorized Reseller Partners Fortinet NCPA 01-154 Resellers DocuSign Envelope ID: 9B0C3DA4-7F48-4B24-BB04-11C700CC842D 142150 Seamless Advanced Solutions Steven Frank sfrank@sas-us.com Secure Cyber Defense LLC Judy Brinegar jbrinegar@secdef.com Scientel Solutions Glenn Luckman gluckman@scientelsolutions.com SHI Hannah Visbeen PS_Contracts@shi.com Sun Management John Samuel jsamuel@sunmanagement.net Structured Communication Services, Inc.Casey Richmond crichmond@structured.com Step CG Luke Gurekovich lgurekovich@stepcg.com Surelock Technology Guy Anderson ganderson@surelocktechnology.com TekLinks dba C Spire Business Nicky Hobbs nhobbs@cspire.com Terawolf Technologies Inc Gaylord Van Brocklin gvb@terawolf.com Universal Data Stephanie Kavanaugh skavanaugh@udi.com United Data Technologies Mike Hendrix mhendrix@udtonline.com Verinext Drew Campbell drew.campbell@verinext.com Vector Resources, Inc. dba VectorUSA Briana Borrenpohl bfernandes@vectorusa.com World Wide Technologies Matt Lang Matthew.Lang@wwt.com; Carol.Harting@wwt.com Xigent Solutions Barb Canham barbcanham@xigentsolutions.com; Xiologix LLC Sheryl Still inside_sales@xiologix.com Xtel Communications Harbinder Goraya harbinder@xtel.net Zivaro Sean McCroskey smccroskey@zivaro.com Fortinet NCPA 01-154 Resellers DocuSign Envelope ID: 9B0C3DA4-7F48-4B24-BB04-11C700CC842D 143151