Supply and Deployment of Cybersecurity and Authentication Solutions for SAPO IT Infrastructure

Publication date:
Deadline

General background

The EU Anti-Corruption Initiative in Ukraine (EUACI) is the European Union’s technical support program in the area of anti-corruption in Ukraine, financed by the European Union, the United Kingdom International Development, and co-financed and implemented by the Ministry of Foreign Affairs of Denmark. The overall objective of the EUACI is to achieve significant progress in preventing and countering corruption, ensuring the coherence and systemic anti-corruption activities of state and local self-government bodies, and to empower civil society and citizens to contribute to the combatting of corruption, as well as the proper process of Ukraine’s post-war recovery. The program runs till April 2027.

The Specialized Anti-Corruption Prosecutor’s Office (SAPO) is one of the key EUACI’s partner. SAPO is now an independent legal entity and is transitioning its IT infrastructure from the Prosecutor General’s Office. Under its 2026–2028 Development Strategy, it is building a standalone, integrated IT environment, introducing internal digital services, and strengthening IT governance through proper licensing and certification.

In 2025–2026, the EUACI supported the deployment of SAPO’s IT infrastructure, including a new network, server cluster, structured cabling system, cooling, UPS systems, and core enterprise services. End-user migration to the new environment is currently underway.

The next step is implementing cybersecurity and authentication solutions, including software, licenses, and technical support to ensure secure, uninterrupted operations and protection against modern cyber threats. Based on the existing architecture, these solutions should be implemented using the deployed Fortinet/FortiGate infrastructure, with proper licensing, updates, and vendor support.

The procurement covers Fortinet-based cybersecurity tools, including FortiGate 200F licenses, multi-factor authentication, OTP software, endpoint protection, network access control, and 24×7 vendor support for at least 12 months, as specified in the TOR.

This will strengthen system security, enable centralized security management, improve access control, and ensure faster incident response while meeting modern cybersecurity standards.

Given SAPO’s budget constraints and the goal of full IT independence, SAPO requests the EUACI support for this procurement. The EUACI is seeking an experienced consultant to support implementation of the project.

Objective

The objective of the project is to strengthen the cybersecurity and operational resilience of SAPO’s independent IT infrastructure through the acquisition, deployment, and technical support of Fortinet-based security and authentication solutions.

The project aims to ensure secure access to information systems, protect critical digital assets from evolving cyber threats, enable centralized security management, and maintain uninterrupted operation of SAPO’s IT environment by leveraging and enhancing the existing Fortinet infrastructure in a cost-effective and sustainable manner.

Scope of work and Deliverables

The project will support the completion of SAPO’s independent IT infrastructure by procuring, deploying, and commissioning cybersecurity and authentication solutions based on the existing Fortinet ecosystem. The scope includes:

  1. Procurement and delivery of the required software, licenses, and manufacturer-provided service technical support in accordance with the approved Technical Specifications (TOR).
  2. Provision of subscription licenses and security services for the existing FortiGate 200F firewall, including access to signature updates, security intelligence, software upgrades, and 24×7 technical support.
  3. Deployment and configuration of a secure and multi-factor authentication (MFA) solution, including mobile one-time password (OTP) capabilities for authorized users.
  4. Deployment and configuration of endpoint protection software to safeguard user devices against malware and other cyber threats.
  5. Deployment and configuration of a network access control (NAC) solution to enable secure identification of users and devices and enforce access policies across the network.
  6. Integration of all procured solutions with SAPO’s existing Fortinet-based infrastructure and directory services to ensure centralized management and interoperability.
  7. Testing, validation, and commissioning of the implemented solutions to confirm compliance with the technical requirements and operational readiness.
  8. Provision of manufacturer-backed warranty and support services in accordance with the contractual and technical requirements.

Budget, timeframe, and location

The maximum budget for the assignment all included may not exceed EUR 33,000. The Tenderer’s financial proposal shall include all costs for a fee and project-related reimbursable expenses.

The assignment will start following a notification issued by the EUACI, but not earlier than the date of signing the contract between the EUACI and the Supplier. The tentative start date is 31 July 2026. All activities envisaged under this contract shall be completed with a total duration of up to 3 months. The project activities are expected to take place at SAPO’s premises in Kyiv.

The consultant may request an advance payment of up to 30% of the total cost upon contract signing. The remaining 70% will be paid after the goods and services are delivered in accordance with the requirements outlined in the Scope of Work and Deliverables of this TOR.

All payments are subject to verification of deliverable completion and approval by both SAPO and the EUACI.

Reporting and management

The performance of the Contractor will be judged upon reaching the purpose of this contract as well as obtaining its results, as indicated in the section Objective and Deliverables herein respectively. Moreover, the performance of the Contractor will be judged upon the successful implementation of all the specific activities indicated in section Scope of work of this document.

By signing the contract, the Consultant agrees to hold in trust and confidence any information or documents disclosed to the Consultant or discovered by the Consultant or prepared by the Consultant in the course of or as a result of the implementation of the contract, and agrees that it shall be used only for the contract implementation and shall not be disclosed to any third party. The Consultant also agrees not to retain copies of any written information or prototypes in its archive and for its use.

In the period until acceptance, the EUACI, Contractor, and SAPO will hold regular project group meetings to exchange information and seek to clarify any questions of whatsoever nature. The purpose of the project group meetings is to ensure follow-up on any activities between the meetings, and to maintain a common overview of the current stage of the project at a detailed level, based on the applicable detailed schedule, and to ensure the day-to-day progress.

How to apply

The deadline for submitting the proposals is 24 July 2026, 17.00 Kyiv time. All interested companies should submit filled and signed Appendix 1: Forms for Letter of Tender

The proposal shall include the aforementioned information and should be submitted within the above deadline to [email protected] CC to [email protected] indicating the subject line: SAPO Fortinet.

Bidder will receive an auto-reply from the [email protected] mailbox when the offer has been received. If you do not receive an auto-reply, your offer was not received and you should contact the EUACI by phone.

Bidding language: English.

Any clarification questions regarding the bid request should be addressed to  [email protected], not later than 17 July 2026 17.00 Kyiv time.

Evaluation criteria

The key selection criteria for the supplier are:

  • Compliance of a supplier with requirements outlined in Appendix 1.
  • Compliance of the software with the technical specifications outlined in Appendix 1.
  • Best price.
EUACI
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.