Like any other industry, healthcare has also been seeing a massive increase in IP traffic. Users are now connecting from everywhere at any time from various mobile phones and IoT devices. The increasing network demand in healthcare was being managed with strict network security services, legacy network equipment, and tight IT budgets.
As technology has been changing, healthcare departments should also be equipped with the latest tools and strictly monitored Network security Services for better results. Technologies offered services such as electronic health records, remote monitoring, and instant online access for doctors, medical staff, and patients and their families.
According to an enterprise network specialist at Enterprise Strategy Group, Dan Conde, healthcare networks demands the same requirements as any other network. However, there are some unique pressures not found in other industries, such as HIPAA compliance and telemedicine initiatives. Telemedicine can include remote access via camera and microphones in rural areas with a bad connection, or remote care from buses or vans, he added. Not having advanced tools handling extensive data such as imaging can add more pressure on a healthcare network.
Let’s understand how both of the industries are working together to offer modern networking security services in healthcare.
Consulate Health Care is the sixth-largest organization to offer healthcare services to the senior citizens of the US. Modern wireless network technology was the key to have them reach their goals. The organization based-in Florida has 200+ healthcare centers in 21 states, along with assisted living, rehabilitation centers and nursing facilities in 21 states.
“Over several years and some acquisitions, we had multiple technologies supporting our care centers. Those technologies weren’t supportive of an enterprise-wide deployment of applications like electronic health records and telemedicine initiatives,” says Kurt Rodriguez, VP of telecom and infrastructure at Consulate.
In an attempt to improve their WLAN, Consulate Health Care, evaluated their existing WLANs using Cisco and Aerohive equipment, replaced with Aruba Networks.
Consulate preferred using Aruba’s controller-less model over a controller one, to enable their team of three IT engineers to deploy secure wireless architecture. The initially deployed 2,700 Aruba Instant access points have now reached to almost 4,300 in a span of two years. Every day the WLAN is used by 2,500 company devices, 1,600 third-party devices authorized by the company, and 3,100 guest user devices.
Having the controller-less access points (APs) benefits their IT team to access and manage each location without taxing the network. You can achieve business continuity with APs. If one of them at any location fails, another AP at the site will take over its job.
The Consulate uses Aruba’s controllers in its data center as well, and Remote Access Points (RAPs) for employees deployed at their homes to keep the workforce supported. It offers a smooth VPN tunnel for the employees working remotely, added Rodriguez.
He added that Aruba Clear Pass enables a secure guest network since it supported Consulate’s BYOD policy. The software ensures that only authenticated devices of patients, residents, and their visitors get through and ensures that all devices abide by corporate security policies. Visitors with BYOD and users with authorized devices can enroll themselves as not to burden the small IT staff by constant network access requests. The flexibility by the Consulate is the key, said CIO Mark Crandall.
“It’s becoming more and more important for that interoperability across the continuum of care,” he says. “We need to be able to share data very readily upstream and downstream [with] acute care providers and doctors who come into our facilities and may not be employees.”
The WLAN upgrade offered a secure and improved network that is required by the doctors to do their job, Crandall added.
Since the Consulate hadn’t heard of the tools before, it was a learning experience for the engineers as well. Rodriguez said. Not only did they manage the wireless APs, but routers, switches, and the data center. The enterprise-based tools allowed their small team to manage the large wireless architecture, with low operating costs and higher efficiency.
To centrally update and troubleshoot the network, Consulate has been equipped with Aruba’s AirWave Network Management System. Transparency offers better problem identification, such as rogue AP in a care center.
For Baystate Health, the network upgrade resulted in a complete makeover for its data center. It was serving 800,000 people in western New England with multiple facilities, including teaching and children’s hospital, health insurance companies, trauma center, and hospice care.
Having two data centers equipped with legacy gear, it faced ever-increasing maintenance and licensing costs along with complications. These complications were expensive to manage, said Mike Feld, Interim CTO. “IT budgets aren’t increasing, but our requirements are,” he says.
The organization has decided to build a new big data center with dual cooling power to replace their old one. But after tapping Vertitech IT for help, Baystate went for a software-defined architecture. This infrastructure will consist of three physical data centers merged into one logical active-active-active data center. This logical data center will be using VMware ESX, NSX, and Virtual SAN on Cisco UCS. They are also under the process of retaining one of their old data centers, with a downsized design, while adding two smaller facilities. Instead of spending $6 to $8 million, Baystate was expecting the cost to be around $2 million for the infrastructure redesign, says Patrick Streck, IT director.
Baystate’s new hyper-converged design is possible through VMware’s NSX network virtualization. It will be the core element of the plan. Feld said, “the main value to us is that solid networking underpinning that everything else gets stuck on top of.”
At a higher level, Baystate used NSX to deploy a single layer network across their three data centers using dark fiber, treating them as one logical data center, says Dave Miller, Baystate Chief Architect.
With their compliance and security requirements, Baystate leveraged the NSX’s micro-segmentation capability for non-traditional perimeter-based security, Miller added. The security policies will be associated with VM rather than firewall rule up-gradation.
Mastering NSX requires engineers to learn new concepts, ones that are different from the existing ones. VMware education services and Veritech IT trained the Baystate staff to help them excel.
The active-active-active data center replaces the disaster recovery concept with high availability. All three data centers will be working all the time. The performance will be not be decreased in the event of one data center failure.
“The traditional limits of networking with subnets and VLANs and how you span them between locations is eliminated with NSX,” Feld said.
Apart from NSX virtual infrastructure, Baystate plans to use Cisco’s ACI to manage their routers and switches handling internet links, MLPS, and WAN.
The new Baystate infrastructure will also include 10,000 virtual desktops to offer access to doctors and employees anywhere. VMware Horizon will boost security and compliance services. Streck said, “Our security office loves it from the perspective that all we’re presenting on screens are pixels instead of actual data transfers,” he says.
Moreover, VDI will allow Baystate will isolate the endpoints while cutting the capital costs.