FROM: Robert Thompson, General Manager
Originator: Wally Ritchie, Director of Finance
SUBJECT:
title
NETWORK TAPS FOR INDUSTRIAL CONTROL SYSTEM (ICS) NETWORK AND OFFICE NETWORK
end
GENERAL MANAGER'S RECOMMENDATION
recommendation
RECOMMENDATION:
A. Approve a Purchase Order Contract to Insight Public Sector, Inc. for the purchase of Network Test Access Points for the Industrial Control System (ICS) network and Office network utilizing the OMNIA Cooperative Purchasing Agreement, Contract No. 23-6692-03, for a total amount not to exceed $250,231 (Includes Sales Tax); and
B. Approve a contingency in the amount of $25,023 (10%).
body
BACKGROUND
Orange County Sanitation District’s (OC San) current network traffic monitoring tool is known as a Switch Port Analyzer (SPAN). The SPAN is used by administrators to monitor network performance, provide alerts when problems occur, and help troubleshoot network issues. It is also used for monitoring cyber security activities including intrusion detection.
RELEVANT STANDARDS
• Protect OC San assets
• Ensure the public’s money is wisely spent
• 24/7/365 treatment plant reliability
• Maintain a culture of improving efficiency to reduce the cost to provide the
current service level or standard
PROBLEM
The current setup has issues with the SPAN sessions overloading the network switches. When this happens, information is dropped and causes network outages.
PROPOSED SOLUTION
A Network Test Access Point (TAP) is the preferred modern method for monitoring mission-critical and high-volume environments. TAPs operate independently of network equipment and provide a complete, real-time view of network activity without risk of causing performance issues and network outages. They are designed to be fail-safe and will not interrupt network traffic. There is a total of five Network TAPs that need to be implemented between Plant Nos. 1 and 2, covering both the ICS network and Office network.
TIMING CONCERNS
It is crucial to implement TAPs network traffic monitoring hardware as soon as possible. The IT infrastructure team has encountered network outages due to the overload of network switches. As these failures occur, they disrupt business continuity and plant processing operations.
RAMIFICATIONS OF NOT TAKING ACTION
Without implementing TAPs, heavy reliance on SPAN sessions can overload switches, leading to information loss. This degrades the monitoring accuracy and network performance. Additionally, visibility into network activity is reduced, which limits the visibility of possible malicious activity to the Cyber Security team, and the IT Infrastructure team can't diagnose performance issues.
PRIOR COMMITTEE/BOARD ACTIONS
N/A
FINANCIAL CONSIDERATIONS
This request complies with authority levels of OC San’s Purchasing Ordinance. This item has been budgeted, (Budget Update FY 2025-26 Information Technology Capital Program, Page A-7).
ATTACHMENT
The following attachment(s) may be viewed on-line at the OC San website (www.ocsan.gov) with the complete agenda package:
N/A