Today, it is necessary for all hospitals to use modern IT solutions due to the rapid development of medical imaging technologies, which enable doctors to reach an accurate diagnosis. For this reason, there has been over a decade of dynamic growth in the amount of computer equipment (workstations and diagnostic equipment, but also traditional, professional servers and mass storage devices) in hospitals. The transmission of all data between these systems must be reliable and secure, without any outages or risk of the information being accessed by unauthorized parties.
This was the challenge facing the Central Clinical Hospital of the Ministry of Interior. “We had to transfer more and more diagnostic data, and due to this constant increase, the time of data transmission between medical equipment, servers and workstations kept getting longer. This caused the transmission of test results to take longer, thus delaying the diagnosis,” recounts Marcin Oleksiński, the network’s administrator and coordinator of the IT section in the hospital.
At that time, each attempt at developing the LAN infrastructure caused numerous problems. A portion of the hospital’s switches were not manageable. Small switches began to appear in selected spots within the infrastructure more and more frequently, as the need to provide additional ports arose. “Sometimes one of the employees would accidentally unplug the network cable and then plug it into another, random port,” adds Marcin Oleksiński. “This lead to loops appearing in the network, and it was almost impossible to find them manually. The switches we had also started to fail with increased frequency due to the material being worn-out. We had to urgently replace our network equipment.”
Reliable and Secure
In 2009, a public tender was put out in order to replace all network equipment and selected structured cabling. It was planned to double the number of available network ports and ensure the possibility of quickly expanding the infrastructure if needed. However, parts of optical fiber cabling used earlier were preserved and are still used for projects that are less demanding in terms of accessibility and reliability, for instance for videoconferences.
The tender put out by the hospital involved a comprehensive replacement of the infrastructure, the cabling and the optic fibers, delivery of network switches, telephone exchange, IP telephones and other elements. Among the requirements listed, there were issues like reliability, safety policies and a system of management of all active network devices (wired and wireless). Another demand was for a lifetime guarantee and an unlimited access to updates. The tender was won by the Siemens Enterprise Communication and Telsar consortium, and part of their offer included network solutions by Extreme Networks.
“The implementation and system configuration alone took less than three months,” says Marcin Oleksiński. “Everything went without a hitch and our employees did not experience any inconveniences. They did, however, notice a considerable increase in efficiency.”
There are currently about 900 computers, 200 terminals (the number is constantly growing), about 100 wireless access points and 200 printers working in the hospital’s network. All diagnostic devices are also connected to the network, where they have their own VLAN.
More Data? No Problem.
The hospital’s IT infrastructure currently consists of two data centers, situated about 250 meters from each other and connected with an optic fiber. Each of them also has a separate Internet connection. In the near future, they will both work in the active-active mode. One of the data centers has a core switch installed, with all its components (power supply, switch modules etc.) duplicated, while the installation of the second core switch in the spare data center has also been planned.
“Our main challenge is the enormous amount of data that still keeps growing,” says Marcin Oleksiński. “When we were reviewing the tender offers, the diagnostic devices generated about 300–800 images for a single test. Today, that number has grown to about 1,000–2,500, while the resolution of the images has also become much higher. For now, our work comfort is high, since we are only using about 35% of the network’s capacity. However, we are also planning further development, for instance we want to install 3D cameras in the operating rooms and broadcast the videos from performed surgeries.”
The hospital also benefits from a secure, wireless network. It is accessible to both patients and doctors, who can use the hospital application on tablets when making their rounds. The use of mobile devices considerably improves the effectiveness of the treatment process, as it provides the doctors with immediate access to all test results and enables them to instantaneously order additional tests or surgeries. The safety of the transmitted data is ensured by both the devices in the network infrastructure (MAC address authentication of the wireless card in tablets) and the hospital application itself, as it requires every user to log in with their individual password.
No Strangers Allowed
One of the characteristics of the hospital’s functioning and necessary servicing of the diagnostic devices is the fact that the network must also be accessible to servicing teams. It was impossible to centrally carry out actions conforming to the safety policies, which often resulted in members of the servicing team plugging in their own routers with DHCP server and with no safety policies into the network. Today, that issue has been eliminated.
“Thanks to the implementation of a manageable network, it is now possible to access the entire infrastructure without the need to manually identify potential problems or anomalies,” sums up Marcin Oleksiński. “A device that has not been authorized by us can no longer be connected to the network. Thanks to the common, integrated graphic interface used in all Extreme Networks devices, I don’t have to enter the same configuration data of virtual LANs or safety policies multiple times, which decreases the risk of mistakes.”
The administrators of the hospital’s IT department manage the entire infrastructure on their own. They emphasize the clear interface of the devices, and after having attended relevant training sessions, they also praise the commitment of Extreme Networks’ technical support. From time to time, the infrastructure is being expanded due to the ongoing implementation of terminals that service medical applications and in order to make additional network ports accessible to the users.
There are several features what were not requested in the original tender and I use almost daily. Features like Compass what is able to find any device in the network based on hostname, username, mac or IP address. The search result is extended by the status of the port, statistics, traffic seeing on the port and many other useful information. Another such feature is called policy profile. Policy profiles allow me to define allowed applications for each end system type. Policy profiles are applied to both wired and wireless end systems. All is centrally managed. We have full visibility where each and every end system is connected and we control what privileges are applied. This is very useful especially with wide diversity of end systems. We received those as package with management system NetSight.