Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
The Saturn Partners, Inc.
Capabilities Statement
Carole Crawford President & CEO
Winter 2014
Cyber Security and SCADA Security Engineering
P a g e | 2
COMPANY OVERVIEW
We are The Saturn Partners, Inc., Since 2001, we’ve been providing network and critical
infrastructure security services, serving clients in industries such as banking, health care, utilities,
education and federal government sectors, with the ratio of clients returning to us for services
each year or sooner in the range of 87%.
Take a look at these security concerns for your network environment:
By 2015, we will witness several successful, internationally known hacker attacks on sensitive
data that governments and prominent enterprises will have failed to protect.
By 2015, almost one-third of companies plan on delivering private cloud capabilities.
Many companies have major "holes" in their overall security programs, which can produce
catastrophic results in case of a major breach in the network environment. An example is a client
who conducts regular third party vulnerability testing on the network, maintains a high quality
body of IT security policies, but has an obsolete disaster recovery plan that hasn't been updated
or tested for years.
OUR CORE SERVICES AT A GLANCE:
Cyber risk assessment and analysis
Vulnerability Assessment and Penetration Testing
Disaster Recovery Planning/Testing and COOP
Physical/environmental security assessments
Breach and compromise assessments
SCADA services for Critical Infrastructure
Wireless Security Assessments
Policy and Procedure Review and Design
Standards-based assessments (ISO, NIST, FERC, SOX, GLBA, HITECH)
NOTE: For more on these specialized services for your particular environment, email us at
[email protected] or call us at 262-942-3626 or 312-961-9469 today.
See more specifics on additional Cyber security related services later in this brochure....
No matter what your business is, IT management will see security concerns that will force needed
change...which demands that you adapt your IT and ENVIRONMENTAL security programs
for 2014.
P a g e | 3
Whether you need help in the areas of disaster recovery planning/testing, vulnerability
assessments (including penetration testing), social engineering, IT security policy development or
SCADA testing, The Saturn Partners is at the forefront when it comes to helping clients address
and plan for new security threats in 2014.
If your organization is facing budget constraints which prevent you from moving forward with
necessary security audits, contact us. Our SCALABLE solutions are designed to fit any security
program budget. Get in touch with us today for a free consultation on how we can help you.
Company Overview
The Saturn Partners, Inc. (SPI) is a 100% Woman-Owned, Small Business
Administration’s (SBA) Small Business. located near Chicago, Illinois in Southeastern
Wisconsin. SPI services include cyber security, SCADA security, business re-
engineering, disaster recovery planning, testing; assessments on overall efficiency and
productivity within management, operations and network ranks, and customized
training in emergency preparedness, operational efficiency, and streamlining of
operational processes which affect overall productivity, among other areas.
Since 2001, SPI has worked with banks and credit unions to help prepare for Federal Deposit
Insurance Corporation (FDIC), the Statement on Auditing Standards No. 70 (SAS 70) and other
operational audits; hospitals and clinics to overhaul strategic operations while adhering to Health
Insurance Portability and Accountability Act (HIPAA) standards. Additionally, SPI works with
electrical and water utilities to assist with developing protection standards along North American
Electric Reliability Corporation (NERC) and Federal Energy Regulatory Commission (FERC)
guidelines, for critical grid infrastructures, to guard against mechanical failure and compromise
both internally and externally. SPI has worked with state universities to develop safety and
soundness programs for their operational and network structure in case of disaster or compromise
and train for incident response at all levels of management. Since 2005, we have offered SCADA
consulting and testing services for utilities and other grid operated industry clients, including in
the Eastern Caribbean region.
In May, 2012, Saturn also won a spot on Cambridge International’s Small Business team for HHS
and their CIO3CP contract. In addition, Saturn has a spot on the Small Business team for
Cambridge International Inc. for EAGLE II, awarded in Fall of 2013.
P a g e | 4
SERVICES
SPI has focused on assisting clients with development and testing of all elements of a sound
Information Technology (IT) and environmental security plan. Because Security is a PROCESS
AND NOT A PRODUCT, SPI offers these Security services to clients, either separately or as a
bundled offering. These can be tailored to fit any regulatory standards to which clients are seeking
to adhere.
Specifically, SPI offers services under the following North American Industry Classification
System (NAICS) Codes and qualifies as a small business for each code:
238210 - Electrical Contractors and Other Wiring Installation Contractors
512290-Other Sound Recording Industries
519190-All Other Information Services
532490-Other Commercial and Industrial Machinery and Equipment Rental and Leasing
541330-Engineering Services
541350-Building Inspection Services
541380-Testing Laboratories
541420-Industrial Design Services
541490-Other Specialized Design Services
561499-All Other Business Support Services
541511-Custom Computer Programming Services
541512-Computer Systems Design Services
541513-Computer Facilities Management Services
541519-Other Computer Related Services
541611-Administrative Management and General Management Consulting Services
541614-Process, Physical Distribution, and Logistics Consulting Services
541618-Other Management Consulting Services
541620-Environmental Consulting Services
541690-Other Scientific and Technical Consulting Services
561621-Security Systems Services (except Locksmiths)
562910-Remediation Services
Additional services offered under our Cyber security umbrella include
Cyber Security Testing and Plan Development
Remote Scanning Services
IT Vulnerability Assessments/External/Internal
Penetration Testing
Business Continuity/Disaster Recovery Planning and Testing
Voice over IP Telephony Assessments
Business Processes/Efficiency Studies and Audits
P a g e | 5
Safety and Soundness Auditing
SCADA/Critical Controls Security
Voice over IP Systems Implementation/Management and Call Center Assistance
24/7 Monitoring Services/Managed Scanning Services
Patch and Anti-Virus Management
Host and Perimeter Intrusion Protection
Email Encryption and Privacy Protection
VoIP and WAN Infrastructure Design
Web Application Security Analysis
SLA Review Services
Web Development/Hosting
Redundant/Fail-Over Site Design
Data Vaulting/Availability Solutions
Secure Data Center Solutions
Secure Internet Access Services
Internet and Email Content Management
Federal or Regulatory Audit Compliance Assistance
Certification and Accreditation Services
800 Series Compliance Assistance
Security Testing and Evaluation Services (ST&E)
Network Security Policy Development and Auditing
Custom Software and Web Development Services
Environmental Auditing
Project Management Expertise
Security Awareness and NIMS-related Disaster Preparedness Training
Managed Security Risk Services through Acquisition Lifecycle
Emergency Notification Services
Web Based Customized Network Security Training Services
P a g e | 6
STAFF QUALIFICATIONS
SPI deploys engineers and analysts worldwide for specific projects for clients in the financial,
health care and other sectors, and added business continuity planning and disaster recovery
planning services in 2005 to the company lineup of services. The Saturn Partners, Inc. is located
in Pleasant Prairie, Wisconsin, on the shores of Lake Michigan, approximately 45 minutes north
of Chicago.
At SPI our staff is the cornerstone of our success. Seasoned in-house staff and consultant
associates, each of whom possesses specialized professional expertise that enables the company to
provide clients with the highest level of quality in service and product delivery, comprise our
team. Committed to ongoing growth and improvement, our staff is eager and ready to help clients
meet the ever-changing demands of an ever-changing world.
SPI has a highly experienced professional staff with cumulative experience in excess of 100
years. Through participation in numerous professional associations and technical committees, the
SPI staff maintains current proficiency in many specialty areas.
Among the certifications held by members of our team are the following. (ADD RAY'S NEW
ACRONYMS HERE)
CISSP (Certified Information Systems Security Professional)
CBCP (Certified Business Continuity Professional)
PMP (Project Management Professional)
CCSP (Certified Cisco Security Professional)
CISA (Certified Information Systems Auditor)
CSOX (Certified Sarbanes-Oxley)
CCNA (Cisco Certified Network Associate)
CCDA (Cisco Certified Design Associate)
HIMS (Health Information Management System)
Certified Ethical Hacker
SCADA Certified Engineer
The following are Key Personnel at SPI and their resumes are available upon request. The SPI
team collectively has experience in most levels of government at the local, state, and Federal
Levels to include the US Department of Defense, National Security Agency, US Department of
Navy, among others.
Carole Crawford
Blake Turrentine, CISSP (SEE BLAKE'S AND JOVON'S RESUME HERE
Jared R. Greene, CPTE, CCDP, CISSP, ISSAP, ISSMP, CCNP, PCIP, CHS
Jovon Itwaru, CISSP, SCJP, MCSA
P a g e | 7
Ray Friedman, CISSP
Below is a sample of capabilities summaries of some of our team members:
Carole Crawford
Ms. Crawford founded The Saturn Partners, Inc. (SPI) in 2001 after leaving the technology sector
to focus on work related to Internet security and the new, but growing Internet security threat in
the network environments of corporate clients. She received her MBA from Roosevelt University
in Chicago and worked in various levels of management in the software, high speed ATM and
other technology sectors during the years before founding the company.
Serving as the managing partner and currently Chief Operations Officer for SPI, Ms. Crawford
began developing security policies for banks to comply with the Gramm-Leach-Bliley Act,
followed by compliance assistance for hospitals related to HIPAA privacy standards. Next was
compliance with Federal standards bodies and development of services for disaster recovery
planning for networks and SCADA testing for critical infrastructures such as those found in
electrical utilities, transportation hubs and chemical factories.
Jovan Itwaru, CISSP, SCJP, MCSA
Mr. Itwaru is a systems analyst with extensive experience in security, architecture, and design
implementation. He is experienced in problem identification and efficient resolution
incorporation with extensive practical application of network management in enterprise
environments. Mr. Itwaru is a team oriented professional desiring a challenging atmosphere to
meet organizational goals and objectives.
Shelley Fraizer, CISSP
Ms. Frazier has extensive experience in providing security support for multimillion-dollar
military information systems. She is highly successful in the development of security
documentation, by understanding network and system engineering concepts combined with the
knowledge and understanding of security directives. Ms. Frazier has also provided support in
security assessments, requirements analysis, certification and accreditation (C&A), certification
test and evaluation (CT&E), security test and evaluation (ST&E) and experience with multilevel
automated information systems. She has provided security support for multiple governmental
agencies, which include Department of Army, the National Security Agency (NSA) and the
Department of the Air Force and maintains current DOD Top Secret Clearance.
Ray Friedman, CISSP:
Raymond Friedman is the CEO and President of Mile2® and has been in the IT Security space
since 2002. While in this industry, he has been actively engaged in consulting for global financial
P a g e | 8
and government institutions; performing security audits, penetration tests and digital forensics
services. During his tenure at Mile2®, Raymond has spearheaded the development of the present
series of Mile2® certifications which have become globally recognized. Presently, Raymond
carries several certifications and advanced degrees such as the Master of Science in Accounting –
Forensics & Controllership, the Certified Information Systems Security Officer, Certified
Penetration Testing Engineer and Certified Digital Forensics Examiner. Ray has conducted
dozens of Vulnerability Assessments, Penetration Tests, Social Engineering projects and other
related work for The Saturn Partners since 2009.
STRATEGIC TEAMING PARTNERS
It is becoming increasingly important for companies to team on projects to provide the highest
possible quality service in responding to complex government requirements. By creating such
relationships, customers receive the full complement of specialized expertise and comprehensive
solutions for their programs.
We are proud of the partnerships we have built with many professional organizations including:
Transystems (Kansas City, MO)
Transystems is a very large transportation construction and consulting firm, positioned
strongly in the FAA and DOT, providing airport construction, transit construction and
highway construction projects. SPI has subcontracted to Transystems in providing
SCADA testing services to the Department of Water Resources in California, a
Transystems client. SPI also offers vulnerability testing, security policies and disaster
recovery planning services to Transystems in various offices in the U.S.
CH2M Hill (Milwaukee, WI)
SPI works closely with the Milwaukee location and other regions in pursuing joint
environmental security projects where infrastructure security is an issue. Based in
P a g e | 9
Denver, this large environmental partner has teams with SPI on projects involving EPA
and other government agencies.
Technical Toolboxes and TechCorr/Catalyst
These Canadian and Texas companies work closely with SPI to enhance SPI services in
the SCADA area, adding maintenance services, upgrades, auditing services system
replacement and inspection services to SCADA clients in the utilities and oil/gas pipeline
sectors.
Ready Alert Services (Tampa, FL)
SPI partners with Ready Alert to offer web/text based emergency notification services to
the DHS/Customs and Border Patrol, through an 8a sole source prime contract awarded to
SPI in January of 2009. Other work with Ready Alert includes project management duties
for Ready Alert clients Indianapolis International Airport, South Bend Indiana Airport and
others. SPI is expanding the offering for Ready Alert, pursuing further contract expansion
to TSA within DHS and other areas where this vital and competitively priced service is
greatly.
Robert Slye Electronics (Arlington, VA)
SPI has a 5 year 8a sole source contract with Slye where SPI is the Prime contract holder
to offer specialized AV and electronic support services to the U.S. Treasury/OCC on a
monthly basis for special events. This Arlington, VA based partner has worked with such
agencies as the Smithsonian, U.S. Army, U.S. Treasury and other agencies since 1960 and
hand-picked SPI, a Wisconsin based 8a, for this important and sensitive AV contract with
the OCC.
Mile2: IT Security Training/Disaster Recovery Planning/Testing/Social Engineering:
P a g e | 10
Mile 2 is our source for sensitive, high level training certification offerings, For just a
sampling of the type of training services offered by this valued partner, see below:
.
P a g e | 11
SPECIFIC PROJECT SUMMARIES
PROJECT ONE: Emergency Alert & Consulting Services
Company/Agency Name:
Department of Homeland Security
Customs and Border Protection (Office of Air and
Marine)
Address: 1120 Seaway Drive, Suite 200, Ft. Pierce FL 34949
Phone Number: 772-466-1648, ext 105
FAX NUMBER: N/A
POC FOR THE PROJECT: Chris Wiyda
POC EMAIL ADDRESS: [email protected]
PROJECT PERIOD OF
PERFORMANCE: November 2008-2013
BRIEF DESCRIPTION:
SPI was contracted as a prime contract holder on this emergency notification alert services and
consulting contract for the Customs and Border Protection office of the Department of Homeland
Security (DHS), within the Office of Air and Marine. Currently this new contract is set to run for
one (1) year to launch the service in the Miami District, and eventually expand into California and
other regions in subsequent years. There is no current cutoff to the contract, which commenced
on November 7, 2008.
SERVICES PROVIDED:
SPI’s subcontract partner, Ready Alert Services of Largo, Florida will assist in managing the
service implementation and rollout, with SPI as the project management for the duration of the
contract. The service provides real time confirmation that the recipients of a text message, used in
the event of failure of conventional telecommunication service, have read and responded to the
alert, which is sent and tracked in real time. The service reaches thousands of people in minutes
with one easy to send alert transmitted simultaneously to the recipient’s cell phone, pager, PDA
and all e-mail accounts. This service can be used in non-emergency mode as well for mass
updates and scheduling as well.
RESULTS ACHIEVED:
This contract will deliver a fully managed program to DHS and we expect to expand into other
areas. We expect to improve overall emergency preparedness levels within this agency with this
service and develop it for DHS in other regions to come.
P a g e | 12
PROJECT TWO: HIPAA Operational Compliance Audit
Company/Agency Name: The Monroe Clinic
Address: 515 22nd Avenue, Monroe, WI
Phone Number: 608-324-1584
FAX NUMBER: N/A
POC FOR THE PROJECT: Ron Mattson, IT Director
PROJECT PERIOD OF
PERFORMANCE: Fall 2006, and Fall 2013/Winter 2014
BRIEF DESCRIPTION:
SPI was contacted to guide hospital management in compliance with HIPAA standards for safety and
soundness.
SERVICES PROVIDED:
SPI was tasked to upgrade all operational management processes for critical systems, infrastructure,
personnel and security policy, and construct a working blueprint for business continuity of systems,
aligned with HIPAA security and operational management guidelines, for infrastructure, operational
procedures, security and soundness policy and business continuity for systems for this client.
Extensive in- and out-brief meetings were conducted, before, during and at the conclusion of the project
work. The purpose of this was to serve as checkpoints throughout the work in the areas of policy
development, audit of management procedures, controls, and ongoing advisement to the client of the status
of current standards of business continuity and systems preparedness in case of disaster to the hospital
operational system or its environment. Using proven change management processes, SPI was able to
instigate and assist with immediate and ongoing changes to less than efficient standards within the hospital
operations, as well as networks, according to HIPAA guidelines.
All systems, controls and procedures were tested for soundness; training parameters for employees and
management were upgraded using Power Point tools for future training sessions.
SPI made recommendations regarding system placement, equipment usage, upgrades of equipment and
software for patient recordkeeping, to replace old and outdated methods of record management. New
safeguards were put in place by SPI as a result of weaknesses found in communications policies and
network structures, and all systems standards were upgraded, to be put into place for use during 2006-
2007.
A slight project delay of a week was encountered due to the under-estimation of the size of the overall
environment to be audited, but this was handled with adjustments to the original estimates and we still
finished the project within the desired timeframe. Our reports were delivered on time, within 30 days of
project completion, which consisted of offsite research and surveys, offsite testing and onsite inspections,
analysis and training sessions with hospital management during the two week onsite portion of the project.
SPI continues to monitor the process of streamlining and upgrading all communications, systems
management practices, software applications and policies into 2008, when we are scheduled to return to
P a g e | 13
undergo another complete audit of Monroe Clinic to review all standards and practices once again for
HIPAA compliancy and overall efficiency.
Tools involved included HIPAA standards, power point training programs, matrices with timelines for
suggested upgrades and changes, policy templates we have developed, training examples for employee
responsibility and duty under both HIPAA and current legal policy for Monroe Clinic, using power point
and written guidelines as part of our audit report.
RESULTS ACHIEVED: SPI succeeded in raising management awareness of serious weaknesses in core management practices
within the network and key department management areas located in outpatient, nursing, cardiac and
emergency sectors. All policies governing management practices in these departments were reviewed and
upgraded using the latest standards and guidelines to assure HIPAA compliancy.
P a g e | 14
PROJECT THREE: Business Continuity Planning and Development
Company/Agency Name: Grenada Electrical Utilities, Ltd
Address: St George’s Parish, Grenada, West Indies
Phone Number: 473-440-2111
FAX NUMBER: N/A
POC FOR THE PROJECT: Jeffrey Neptune, Director of Operations
POC EMAIL ADDRESS: [email protected]
Project Performance Period: September 2004, 2007 and 2012 ongoing
BRIEF DESCRIPTION:
SPI was first contracted to design, test and implement disaster preparedness for a three island
utility in the Eastern Caribbean after devastation left behind by Hurricane Ivan in late 2004.
SERVICES PROVIDED:
SPI’s planning and designing of this emergency response/disaster recovery and business
continuity effort for GRENLEC included all operations, SCADA infrastructure, networks,
personnel policies and upper management strategic planning for downtime and outage, when
from attack or operational/structure failure.
SPI evaluated the risk to business process failures, identified critical and necessary business
functions/processes and their resource dependencies; estimated the financial and operational
impacts of disruption and the required recovery timeframe for these critical business functions.
SPI also assessed the effectiveness of existing risk reduction measures.
SPI was also tasked to identify a range of specific recovery strategies to address interruptions of
production processes, identify the computing resources required to recover the various distributed
processing environments and document alternative recovery strategies within a Recovery Strategy
Selection report to Grenada Electricity Services, Ltd.
No problems were encountered during this project, although SPI anticipated a normal lag
times/delays in getting our business impact analyses back from senior management. However,
we received the surveys back in 30 days and SPI was able to complete milestones in a timely
fashion
RESULTS ACHIEVED:
SPI has successfully developed an updatable emergency and disaster response plan with a clear
management blueprint to assist with continuity of operations (COOP) for this island utility,
aligned along with the U.S. examples of those plans designed by NERC for American utilities to
follow for safety, soundness, efficiency of infrastructure management and management
procedures.
P a g e | 15
PROJECT FOUR: Operational Security Audit
Company/Agency Name: University of Wisconsin
Address: Hwy E, Kenosha, WI 53144
Phone Number: 262-595-2010
FAX NUMBER: N/A
POC FOR THE PROJECT: Ann Marie Durso/CIO
POC EMAIL ADDRESS: [email protected]
Project Performance Period: October-November 2006
BRIEF DESCRIPTION: SPI was contracted to train management staff on information systems forensics and protection of
intellectual property and electronic data for prosecution at trial, after isolating cause of the breach
at several management levels.
SERVICES PROVIDED: This project evolved after several breaches of confidentiality at the management level in the
finance office. SPI mission was to isolate the source of the breach and redesign system and policy
controls for the university operational management team. SPI provided guidance, training on
evidence protection, forensics, collection and isolation; support, testing services, analysis and
hands on instruction to upper operational management in the areas of electronic evidence retrieval
and use in prosecution.
Our audit revealed holes in policy management, weaknesses in management policy regarding the
financial office, record keeping and auditing, informational security and lack of emergency
preparedness in case of attack on campus infrastructure, assets, systems or personnel. Our work
included drafting of new guidelines and policies for usage of campus assets or network facilities,
and training of operations personnel to spot attempt of compromise or theft of financial records,
both on paper and electronic. SPI developed guidelines and policy templates for upper
management to used and designed a program to build teams within operations, IT and law
enforcement to tighten management day to day on all University assets. Forensics work was also
done to assist FBI locally to isolate financial records tampering and instruct staff on best practices
to use to assist law enforcement with prosecution of criminal activity against the University
including protection of evidence.
RESULTS ACHIEVED:
SPI conducted strategic planning, policy overhaul, staff cross-training and efficiency auditing to
upgrade operations overall at this campus, and elevated security/disaster preparedness levels at
the university overall, both from a network and operations standpoint.
P a g e | 16
PROJECT FIVE: Project Management & Security Review
Company/Agency Name: U.S. Department of Treasury
Office of the Comptroller
Address: 250 E Street SW, Washington, DC 20219
Phone Number: 202-874-5096
FAX NUMBER: N/A
POC FOR THE PROJECT: Andrea Lipiro, Contracts Officer
POC EMAIL ADDRESS: [email protected]
Project Performance Period: August 2006-August 2011
BRIEF DESCRIPTION: SPI was contracted to supply project management and security standard review to the Office of
Special Events for the Office of the Comptroller of the Currency at the U.S. Treasury Department
in Washington, DC. SPI is currently executing the third year of a five (5) year contract as the
prime contractor in conjunction with a Virginia based audio visual subcontractor, Robert Slye
Electronics, Inc. (Slye).
SERVICES PROVIDED: This project entails management and logistics and security guidelines support to subcontract
Slye’s physical infrastructure design of all electronic communications for each Special Event
ordered during the course of any contract year. To date, the OCC has ordered services, as needed
for special events, approximately once every 90 to 120 days. SPI serves as project manager and
final auditor of all security standards and testing of equipment and connections for security or
infrastructure problems prior to set up of each event structure and delivery by subcontractor
Robert Slye Electronics, at the OCC. Once these steps to test and evaluate the project
infrastructure, including connections, wiring, and physical security requirements is complete,
Slye is able to set up the event and tear it down upon completion, wherein at that time SPI signs
off at completion that all security measures and proper checklists are followed to run and
structure the event setup.
RESULTS ACHIEVED:
SPI has structured and audited each event with the highest standards in electronic security,
infrastructure security and efficiency and has had zero downtime or problems with any event
since starting this contract in 2006. Ms. Brown, the client POC. The contract expired in 2011,
with the OCC developing an in house team to do the work for the agency.
P a g e | 17
PROJECT SIX: SCADA/NERC Compliance Auditing
Company/Agency Name: California Department of Water Resources
Address: Sacramento, California
Phone Number: 202-874-5096
FAX NUMBER: 916-654-5554
POC FOR THE PROJECT: John J. Rizzardo, PE
POC EMAIL ADDRESS: [email protected]
Project Performance Period: January 2009- March 2010
BRIEF DESCRIPTION: SPI conducted SCADA testing on critical control systems for a large California water utility
company. The objective was to test SCADA system for vulnerabilities and also advise the client
how to prepare for upcoming NERC audit. Standards review was conducted along lines of
standards CIP 0002-0009 with recommendations for the client regarding adherence to NERC
security guidelines for water utilities.
SERVICES PROVIDED: SPI conducted full testing of all SCADA and network security
parameters for DWR during this audit; systems were also inspected and upgrades were
recommended. SPI followed benchmarks for the testing according to current NERC/FERC
guidelines, to help DWR prepare for an upcoming State of California audit of its systems, both
network and SCADA
RESULTS ACHIEVED: SPI’s customized out-brief instructed DWR on step-by-step processes to
harden all SCADA and network systems, complete with timetable to complete this work prior to
the state audit to take place. By remaining on call to DWR until the California State audit was
complete, SPI were able to address last minute security issues and walk through upgrades and
hardening processes with the client. The result was improved ratings from the California State
audit regarding the soundness of SCADA and network systems at DWR.