The Vendor is required to provide for an on-premises vulnerability management tool for the county’s supervisory control and data acquisition (SCADA) infrastructure.
- SCADA vulnerability management tool that:
• Meets county’s security and operational requirements.
• Integrates or interfaces with the county’s existing vulnerability management tool.
• Detects and manages an inventory of operations technology (OT) devices in multiple locations.
• Identifies potential security threats and assets with known vulnerabilities.
• Provides risk assessment and prioritization tools.
- The solution detects and catalogs a baseline inventory of organizational assets and asset attributes.
- The baseline self-configures without user configuration and tuning.
- The solution automatically detects and catalogs changes to the asset inventory.
- The solution identifies the following organizational assets:
• Traditional network devices (workstations, servers, routers, switches, etc.)
• SCADA devices (PLCs, HMIs, MCCs, VFDs, etc.)
• Mobile devices (laptops, tablets, etc.)
• IoT devices (IP cameras, etc.)
• Cloud environments (web apps, hosted storage/platforms, etc.)
• Other (please list under Vendor Comments)
- Under Vendor Comments, describe the discovery techniques the solution uses to detect organizational assets.
- Please identify which of the following asset attributes are detected and tracked by the solution:
• Asset/Device type
• Make & model
• IP address ranges
• Vulnerabilities
• Firmware release
• OS & release
- The solution can be configured to populate asset attributes from vendor resources specific to those assets.
- The solution allows authorized users to edit asset attributes.
- The solution allows authorized users to:
• Define and enter additional asset attributes/tags (e.g., location of asset, criticality).
• Modify and customize tags.
• Automatically tag assets based on predefined attributes.
• Automatically group assets based on characteristics.
• Enable group scanning, reporting and remediating based on asset tags.
- The solution identifies and tracks status for vulnerabilities in OT endpoints and network, and correlates between CVEs and devices.
- The solution detects and reports on the following:
• Traffic anomalies.
• Network security anomalies.
• Potential misconfigurations.
- The solution performs Deep Packet Inspection of:
• All packets.
• Identified traffic, including the industrial traffic.
- The solution supports packet deduplication on multi-link connections.
- The solution supports the following scanning support options:
• Scheduled scans.
• Ability to stop and restart scans.
• Ability to scan a system with changing IP addresses.
- The solution supports scanning of the following IT devices and technologies:
• Laptops
• Servers
• Routers
• Switches
• Remote Access Gateways
• Firewalls
• Radio communications/Cell routers
• Virtual environments.
• Other (please list under Vendor Comments)
- The solution supports encryption of data moving from agents or endpoints to the appliance or hosted cloud environment.
- Contract Period/Term: 1 year
- A Mandatory Pre-Proposal Conference Date: April 30, 2025
- Questions/Inquires Deadline: May 09, 2025
