Browse
Search
Agenda 01-17-23; 8-j - End Point Protection – Managed Detection Response CrowdStrike Contract
OrangeCountyNC
>
BOCC Archives
>
Agendas
>
Agendas
>
2023
>
Agenda - 01-17-2023 Business Meeting
>
Agenda 01-17-23; 8-j - End Point Protection – Managed Detection Response CrowdStrike Contract
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/12/2023 11:35:38 AM
Creation date
1/12/2023 11:30:30 AM
Metadata
Fields
Template:
BOCC
Date
1/17/2023
Meeting Type
Business
Document Type
Agenda
Agenda Item
8-j
Document Relationships
Agenda for January 17, 2023 BOCC Meeting
(Message)
Path:
\BOCC Archives\Agendas\Agendas\2023\Agenda - 01-17-2023 Business Meeting
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
2
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
1 <br /> ORANGE COUNTY <br /> BOARD OF COMMISSIONERS <br /> ACTION AGENDA ITEM ABSTRACT <br /> Meeting Date: January 17, 2023 <br /> Action Agenda <br /> Item No. 8-j <br /> SUBJECT: End Point Protection — Managed Detection Response CrowdStrike Contract <br /> DEPARTMENT: Information Technologies (IT) <br /> ATTACHMENT(S): INFORMATION CONTACT: <br /> David Mathias IT Operations Manager/ <br /> Security Officer, 919.245.2272 <br /> Jim Northrup, Chief Information Officer, <br /> 919.245.2276 <br /> PURPOSE: To approve and authorize the Manager to sign a one-year contract with Carahsoft <br /> Technology Corporation (Carahsoft) and CrowdStrike in the amount of $112,965 to move 1,500 <br /> devices, e.g., computers and servers, from the currently deployed Carbon Black endpoint <br /> protection to CrowdStrike end point protection, with the addition of a vendor initiated managed <br /> detection system. <br /> BACKGROUND: This service utilizing a different vendor, i.e., CWD-G, Inc was presented to and <br /> approved by the Board of Commissioners at the November 15, 2022 Business meeting. However, <br /> the service could not be implemented as approved in November due to the vendor's inability to <br /> utilize and sign the Orange County contract template due to conflicting terms in the template and <br /> purchasing vehicle used to meet legal requirements, i.e., CDW-G could not use the Omnia <br /> Cooperative Purchasing Agreement. The proposed new vendor for consideration is Carahsoft, <br /> and all documents, processes and procedures have been vetted by the Carahsoft, Orange County <br /> Purchasing staff, and the County Attorney's Office. <br /> Orange County Information Technologies is currently deploying Carbon Black and a next <br /> generation antivirus system on all compatible computing devices. The current system has been <br /> managed successfully by IT staff since 2019. One of the shortcomings of the current system is <br /> that, unless IT staff is focused on email 24 hours a day/7 days a week, detection may go unnoticed <br /> for hours. For example, an event or infection could occur on a Sunday at 11:59 PM, thereby <br /> increasing the risk of a single machine infecting other machines around it, i.e., the network until <br /> staff monitoring of email resumes at 8:00 am on Monday. <br /> The proposed CrowdStrike system not only replaces Carbon Black, but has an additional <br /> component of 24 hours a day/7 days a week monitoring and response, e.g., an infection or harmful <br /> event is remediated up to and including network quarantine. Through the contract the vendor <br /> guarantees a 1 to 2 hour response time, dependent on event severity, per the Service Level <br /> Agreement. Real world response times are considerably less and available upon request. <br />
The URL can be used to link to this page
Your browser does not support the video tag.