COMMISSION 
AGENDA MEMORANDUM                        Item No.          4d 
ACTION ITEM                            Date of Meeting       June 27, 2017 
DATE:     June 19, 2017 
TO:        Dave Soike, Interim Executive Director 
FROM:    Matt Breed, ICT Infrastructure Services 
SUBJECT:  Enterprise Network Firewall Upgrade Project (CIP #C800908) 
Amount of this request:               $1,500,000 
Total estimated project cost:          $1,500,000 
ACTION REQUESTED 
Request Commission authorization for the Executive Director to (1) proceed with the Enterprise
Network Firewall Upgrade project; (2) procure required hardware, software, vendor services,
and maintenance; and (3) use Port staff for implementation, for a total project cost not to
exceed $1,500,000. 
EXECUTIVE SUMMARY 
This project will procure and upgrade firewalls protecting the Port Enterprise network through
which our financial, human resource, maintenance, project management, and many other
critical systems communicate. Our network firewalls provide the first line of defense against
cyber threats. Because cyber-crime is increasing rapidly in sophistication and prevalence, it is
imperative that we keep pace with current technology in order to stay ahead of these very real
threats.
A network firewall is a security device that grants or rejects network access between an
untrusted zone such as the Internet and an internal network. The Port network is constantly
inundated with outside hacking attempts and viruses. Our firewalls are designed to protect our
internal network resources from these external security vulnerabilities and advanced threats.
Existing Port firewalls, last upgraded seven years ago, do not have the necessary sophistication
and advanced features to fend off today's advanced cyber threats, and have reached their end
of life. 
JUSTIFICATION 
This project includes several important benefits. 
(1) More advanced security features to stay ahead of today's cyber threats 

Template revised September 22, 2016.

COMMISSION AGENDA  Action Item No. 4d                                  Page 2 of 4 
Meeting Date: June 27, 2017 
(2) Increased processing speeds to meet new system requirements and allow for more
frequent and realistic security penetration testing. 
(3) Continued availability of replacement hardware and security patches. 
(4) Common management platform across Port networks to reduce inconsistency and
improve efficiency when dealing with security incidents. 
DETAILS 
Scope of Work 
(1) Procure and replace firewall equipment and software for the Port Enterprise network at
the Port's main SeaTac and backup Liberty Lake data centers. 
Schedule 
Commission design authorization               2017 Quarter 2 
Procurement Complete                       2017 Quarter 4 
Installation Complete                            2018 Quarter 4 
Cost Breakdown                                     This Request           Total Project 
Hardware/Software                                    $880,000             $880,000 
Vendor Implementation Services                          $182,000              $182,000 
Port Labor                                                  $350,000               $350,000 
WA State Tax                                              $88,000               $88,000 
Total                                                         $1,500,000              $1,500,000 
ALTERNATIVES AND IMPLICATIONS CONSIDERED 
Alternative 1  Purchase firewall equipment as it fails from 3rd party vendors 
Cost Implications: $0 for project implementation 
Pros: 
(1)   Capital funds are available for other projects. 
Cons: 
(1)    After May 2019, our current firewall vendor will no longer provide security patches for
our system due to the system age. This leaves our network vulnerable to new cyberattacks
that are constantly maturing and evolving. These attacks will cause network
outages, data loss, and corruption on one of our two largest networks running
financials, maintenance, public safety, and access control systems. 

Template revised September 22, 2016; format updates October 19, 2016.

COMMISSION AGENDA  Action Item No. 4d                                  Page 3 of 4 
Meeting Date: June 27, 2017 
(2)   While redundant firewalls are in place to ensure an individual firewall failure doesn't
immediately put our organization network in jeopardy, the failing equipment must be
replaced or we risk the serious operational impacts of a total failure. 
(3)    Individual firewall failures would need to be replaced with 3rd party equipment,
reducing our effectiveness and ability to manage the system. This 3rd party
equipment is extremely scarce at the moment and will be increasingly hard to find as
the market matures. 
(4)    A catastrophic firewall failure would expose  the Port's information systems and
sensitive data to cyber-attacks. 
(5)   This solution will not scale to accommodate future needs that will require faster
throughput and more advanced security features. 
This is not the recommended alternative. 
Alternative 2    Purchase and install redundant network firewall systems for the Port's
Enterprise network 
Cost Implications: $1,500,000 
Pros: 
(1)    Significantly improves the protection of our data and information systems that are
increasingly more vulnerable to cyber-attacks as a result of potential equipment
failure and the growing sophistication of cyber threats. 
(2)    Improves our flexibility, performance, and management capability to meet current
and future technology requirements. 
(3)    Provides a common management platform across multiple Port networks. 
(4)   Meets future requirements for faster throughput and advanced security features. 
Cons: 
(1)   Capital funding is not available for other efforts. 
This is the recommended alternative. 

FINANCIAL IMPLICATIONS 
Cost Estimate/Authorization Summary              Capital        Expense           Total 
COST ESTIMATE 
Original estimate                                   $800,000               $0        $800,000 
Current change                                   $700,000              $0       $700,000 
Revised estimate                                $1,500,000              $0      $1,500,000 

Template revised September 22, 2016; format updates October 19, 2016.

COMMISSION AGENDA  Action Item No. 4d                                  Page 4 of 4 
Meeting Date: June 27, 2017 
AUTHORIZATION 
Previous authorizations                                   $0               $0               $0 
Current request for authorization                $1,500,000               $0      $1,500,000 
Total authorizations, including this request       $1,500,000               $0      $1,500,000 
Remaining amount to be authorized                    $0             $0             $0 
Annual Budget Status and Source of Funds 
This project was included in the 2016-2020 capital budget and plan of finance under committed
CIP #C800908 in the amount of $800,000. A competitive procurement was completed in early
2017 to set a firewall equipment standard and through that process it was determined that a
larger budget will be necessary to meet the objectives for this project. The remaining $700,000
for the capital funding will be transferred from the IT Renewal/Replacement CIP (C800097) to
the project (C800908) resulting in no net change to the overall capital budget. 
Financial Analysis and Summary 
Project cost for analysis              $1,500,000 
Business Unit (BU)                  ICT 
Effect on business performance     NA 
(NOI after depreciation) 
IRR/NPV (if relevant)                NA 
CPE Impact                       $0.01 
Future Revenues and Expenses (Total cost of ownership) 
Annual maintenance costs are estimated to increase by $31,000. This will be budgeted in the
Information & Communication Technology (ICT) Operating Budget. 
ATTACHMENTS TO THIS REQUEST 
None 
PREVIOUS COMMISSION ACTIONS OR BRIEFINGS 
None 





Template revised September 22, 2016; format updates October 19, 2016.