Healthcare Solutions Guide
As operating costs continue to grow, Allied Telesis is here to make sure you’re delivering the most secure, reliable and efficient healthcare solutions to your patients.
49%
of healthcare providers are in the process of transforming their business model over the next 12 months.
Source: Gartner Research, 2019
Healthcare Networking Needs and Objectives
The healthcare industry is undergoing business changes and technology upheavals more rapidly than any other major industry. Worldwide, the demand for healthcare services is outpacing the ability of service providers to see patients and provide high quality personal care. There is a shortage of healthcare professionals and facilities, particularly in rural or remote locations. Healthcare costs are rising much faster than personal incomes and the ability for patients to pay, putting the squeeze on care providers to deliver services at a lower cost.
The technology side of the business is seeing just as much change. A modern hospital room has, on average, 15 networked devices that monitor a patient’s condition and deliver medication or other forms of care. Health records have gone digital, and so care providers need continuous mobile access to the network to access these records and other relevant information. What’s more, many services are offered remotely over the network, including telemedicine and ambulatory care.
Disruptive technologies, such as AI, will provide opportunities to create new business and care delivery models. However, this will require more agile infrastructure that can respond rapidly to evolving new healthcare delivery models that can meet increased consumer expectations. This is the challenge faced by healthcare providers.
Another disruption is the decentralization of healthcare infrastructure to decrease the distance between patient and treatment. While this benefits the healthcare consumer, it also adds complexity for IT solutions.
Priorities for Healthcare Networks
- Facilitate access to information and resources, yet maintain the security of confidential data
- Provide secure network access to care providers and staff
- Provide guest internet access to patients and family members
- Protect confidential patient data from unauthorized access
- Be ready for emerging business applications
- Support and optimize multi-site WAN connections
- Be easy to configure, manage, and troubleshoot, minimizing costly administration and downtime
- Support centralized management for remote sites without IT resources
- Provide automatic recovery from equipment or link failure as well as from accidental loops
Key elements of an agile and future-proof healthcare network are:
Reliable High-Speed Wired and Wireless AccessCare providers using a variety of mobile devices need to reliably—and securely—access patient information from anywhere, and with enough bandwidth for medical imagery and video in real-time. Patient support systems including telemedicine and remote health monitors need a seamless connection without interruption. High-speed internet access for guests must also support high-density traffic. | |
Overall SecurityPatient records contain extremely sensitive and high-value information. Therefore, the network must be secured from unauthorized access as well as data leakage or theft. In parallel to cybersecurity, physical security must be implemented to protect assets and patients. | |
Easy Network ManagementThe network must easily manage wired and wireless devices on and off-premises from a remote operation center. Finding a network that meets all your needs can seem like an impossible task—but with an Allied Telesis networking solution tailored for your organization, it is both achievable and simple. |
Allied Telesis Solution for Healthcare
With our proven history of delivering highly reliable and feature-rich advanced network solutions, more and more healthcare providers are turning to Allied Telesis to achieve their objectives.
Allied Telesis has been implementing cutting-edge healthcare networks for many years, so we understand the need to supply advanced network services without increasing operational complexity. Our high-value product and service portfolio provides the security, mobility and high-performance network you need, with easy management for lower operational costs, both now and well into the future.
Let’s look at how Allied Telesis meets the challenges faced in healthcare and provides solutions that enable better outcomes for patients and the entities that treat them.
Looking to the Future
Allied Telesis products optimize your technology investments by fully integrating with existing systems and applications. As new business applications are developed, your network can easily adapt as our products help you build a more efficient and progressive infrastructure.
As new and exciting technologies are implemented in the provision of continuous care, Allied Telesis products remain at the forefront in providing a network infrastructure to facilitate patient access to the best care.
Unstoppable Network AccessProvide access anytime ensuring that your network is always up and running—even in case of link or network equipment failure—without the need of human intervention. | |
The Self-Defending NetworkOur smart edge security protects your wired and wireless network from threats by automatically quarantining suspect devices, thus creating a safe environment for sensitive patient data storage. | |
Reliable and Easy WAN ManagementSelect the optimal path between main building and remote sites for better performance and lower cost. |
No Compromise Wi-FiEnsure reliable, high-performance Wi-Fi connections everywhere they are needed and provide high device density support for medical equipment and caregiver access. | |
Network Management Made EasyAutomate your network management using a single smart tool to add intelligence and security with easy management and to reduce risks and support costs while enabling remote site support. | |
Digital Video SecurityDedicated product portfolio to securely and reliably transport video footage across the IP network. |
Unstoppable Network Access
VCStack and link aggregation provide a solution where network resources are spread across the virtual chassis members, ensuring device and path resiliency.
VCStack can be spread over long distances, with fiber connectivity. A long distance VCStack is perfect for distributed network environments or data-mirroring solutions.
Allied Telesis Ethernet Protection Switched Ring (EPSRing) solutions provide high performance, high reliability and flexible, scalable distributed network cores.
The recovery time when links or nodes go down is extremely fast—as low as 50 ms, making this solution ideal for the provision of a healthcare network with voice, video and data services.
The transition from paper to electronic health records concentrates information flow to within the IT infrastructure. At the same time, the development of an integrated healthcare system requires uninterrupted communication between different hospitals and to remote clinics and facilities.
As this transition is fully implemented, the high availability and accessibility of the IT infrastructure become vital for the whole healthcare ecosystem.
The Allied Telesis unstoppable network access solution has been developed to ensure that any network is able to survive multiple faults while still maintaining connectivity in a wide range of network architectures, thus providing a high available solution.
Within a complex system, the high availability has to consider multiple factors, where IT high availability is only one of the factors.
Network Equipment Power Supply
In the hospital, the continuity of power supply must be guaranteed by using a battery backup and an automated generator. The networking equipment can trust in this single power source but must also be designed to withstand the event of an internal PSU failure.
Allied Telesis proposes a whole series of equipment with a redundant PSU system so that if one of the two units fail, the equipment can still remain fully operational, even in a blackout.
Simplified Network Device Power Supply
Many devices in hospitals are connected directly to network switches. The use of PoE-enabled equipment to power these devices further enables backup power provisioning to the switch and delivers power back to the attached devices.
Virtual Stacking
Multiple Allied Telesis switches can be connected to form a single virtual switch. Together, the Virtual Chassis Stacking technology with Link Aggregation provides a resilient solution that is able to survive a link or equipment failure.
Ring Protection
When the distance between the devices is large, a ring topology for the network is the optimal solution. Allied Telesis provides Ring Protection protocols to save your network from link failure while providing a resilient infrastructure.
Redundant Core and Disaster Recovery
In the case where a further degree of resiliency is required, Allied Telesis can also provide core switches with an optimally redundant configuration for a disaster recovery architecture. This is accomplished by a virtual stack with network devices located in different rooms or even buildings.
Network Cybersecurity
66%
of patients have privacy concerns when health information is electronically exchanged.
Source: https://dashboard.healthit.gov
Cyber-attacks to medical institutions are on the rise and becoming frequent. Unauthorized access to patient data, ransomware and other types of attacks affect the daily operations and result in serious risk to patient privacy.
Keeping internal connections to resources secure while enabling internet access for staff and guests is mandatory for the healthcare industry.
The traditional security models that focus on preventing attacks from getting inside the network are not enough since attacks can easily come from within. For example, an infected laptop, tablet or IoT device connected to the network can pose a serious threat.
In parallel, attackers have increased the sophistication in their methods and now threats come in so many forms that maintaining a secure yet effective network has become a time-consuming and costly challenge.
While the traditional firewall-based approach is effective to detect and block threats and viruses coming from the Internet, it shows its limitations if the attack comes from inside the network. At this stage, the attack will spread east/west on the network (i.e., from one connected device to another), where it can be detected by the firewall only once the threat tries to cross the border to the internet. Once the threat is detected, an administrator can be alerted and asked to begin the remediation process.
Unfortunately this process depends on human resources, with reaction time that can be minutes to hours or even days depending on the resource availability and personal skills.
To enable a Self-Defending Network that helps organizations avoid lost time and unnecessary disruption to network services, the AMF-Sec Controller is key to our innovative and award-winning AMF Security solution.
Key Features:
- OpenFlow v1.3 compatible
- Suitable for both wired and wireless networks
- Integrates with business apps to save time and money
- Integrates with security products to detect threats
- Intelligent Isolation Adapter engine automatically blocks threats
- Scalable—add more business apps for greater value
The Self-Defending Network
The Self-Defending Network solution provides an integrated approach to network security automating manual IT operations and protecting from threats coming from both wired and wireless access devices.
Without the need for endpoint agents or software, the Self-Defending Network is able to automatically respond to threats once they are identified.
Firewall and security appliances identify threats, then the intelligent engine implementing the Isolation Adapter technology built into our AMF–Sec controller responds immediately to isolate the affected part of the network and quarantine the suspect device. Remediation can be applied so the device can re-join the network with minimal disruption. Responses are configurable, and comprehensive logging provides a clear audit trail.
To enable a Self-Defending Network that helps organizations avoid lost time and unnecessary disruption to network services, the AMF-Sec Controller is key to our innovative and award-winning AMF Security solution.
Reliable and Easy WAN Management
Build higher-performance, more secure WANs, and improve productivity while reducing complexity and cost.
WAN automation reduces the need for skilled resources at the branch by centralizing performance optimization and monitoring for easy WAN management.
The patient-centered approach of the healthcare industry follows the direction of service decentralization where care facilities are located at local sites. These local sites need to be connected to the main network as if they were in the same hospital building with secure and reliable access.
For the network infrastructure, the quality of the remote site connection is not a trivial matter and needs to be carefully developed to maintain the same quality level available in the main hospital. The main issues in providing a remote connection are the availability, cost, and security.
There are mainly two options to interconnect remote sites: a dedicated rented connection with a specific Service Level Agreement (SLA), or a private virtual link over a public network, wired or wireless.
The first solution is more expensive but guarantees the bandwidth and the link availability. The second solution is less expensive but does not guarantee performance and availability.
To provide high availability service, the best option is to connect the remote sites using multiple links and split the traffic between them depending on the application, the link cost and other parameters. The use of multiple links permits a backup in case of failure and results in a high-availability solution.
To secure the data between the remote site and the main hospital, a secure VPN link is always required. The multi-link management usually requires complex management, heavily involving the IT department for any required change.
Autonomous Secure WAN Management
Having multiple connections with different performances and cost requires continuous attention. Allied Telesis Software Defined WAN (SD-WAN) simplifies remote site connection control with an autonomous and centralized management tool.
SD-WAN Orchestrator is part of Vista Manager and centrally manages branch office connections for reliable and secure application delivery. With this you can set acceptable performance metrics, automatically optimize and load-balance application delivery, and easily monitor WAN performance.
SD-WAN, with Allied Telesis Application-Aware Firewalls, provides an integrated WAN security and WAN traffic management solution in a single device.
Dependable Wireless Connectivity
Allied Telesis Autonomous Wave Control (AWC) is an advanced network technology that utilizes Artificial Intelligence (AI) to deliver significant improvements in wireless network connectivity and performance while reducing deployment and operating costs.
AWC monitors the Wi-Fi environment and optimizes the wireless coverage to provide the best possible performance under any conditions.
In addition to the medical staff carrying mobile devices from room to room, a large number of medical devices such as image diagnostic and wearable monitors require a stable wireless network to provide or access information in real time.
For security reasons, devices with access to patient data require the user to reauthenticate once the network connection drops. For this reason, an uninterrupted roaming-free wireless solution is considered value-added for the healthcare market. A wireless connection is also used by medical devices as a backup link in case the wired connection fails, adding reliability to the whole network solution.
Although following the wireless technical standard improve overall performance, there are still limitations that require deep technical skills in order to implement a stable wireless network. In a wireless network, client disconnection and slow communication are typical wireless problems usually caused by one or more more technical issues. Interferences between radio channels, external wireless sources not under the IT control, and access points’ signal strength are the main reasons for wireless problems.
In a dynamic healthcare environment, there is a crucial need for a continuous network with monitoring and skilled IT resources to maintain the installation under control to provide a valuable wireless service.
No Compromise Wi-Fi
The Allied Telesis No Compromise Wi-Fi solution ensures reliable, high-performance wireless connections everywhere they are needed without increasing skilled resources.
By analyzing signal coverage gaps and Wi-Fi access point interference, Autonomous Wave Control (AWC) automatically delivers a high-quality wireless experience. This allows you to reduce your dependency on skilled network engineers and enjoy lower operating costs.
AWC Channel Blanket (AWC-CB) enables control of hybrid access points that simultaneously provide single and multi-channel Wi-Fi connectivity. Channel Blanket is the best radio technology to provide a seamless connection to critical personal and medical devices as they move around the hospital.
Heart rate monitors, blood glucose sensors and smart beds are just a few of the mobile devices that need reliable wireless connectivity for the best patient care. AWC-CB also enables device location tracking to easily find equipment and reduce the loss of expensive devices.
Simplified Network Management
Allied Telesis AWC Channel Blanket (AWC-CB) is the Single Channel solution for the Allied Telesis Wireless access point.
All access points that are members of the same blanket operate on the same channel. The intelligent controller AWC-CB manages interference and client access.
Together with traditional Multi Channel approach it provides a complete wireless access solution for any environment.
Increasing network complexity significantly raises demands on network management and specialized resources. Implementing an automation solution simplifies and lowers the cost of managing the network.
Vista Manager EX is a modular single-pane-of-glass approach to network management. It has a dashboard showing network details, status, and events on a topology map, and it highlights critical issues to minimize reaction time and to help resolve problems in a timely fashion without the need for highly-qualified network engineers.
A series of modules to control the wired network, wireless devices, the WAN link and automations tools make networking easy and the solution modular.
Autonomous Management Framework Plus (AMF Plus)
Reduce network operating costs with the added intelligence and automation of centralized management.
Automated services including firmware upgrades, backup, recovery and zero-touch provisioning are only some of the AMF Plus features to minimize the resources required to manage a complex healthcare network.
Autonomous Wave Control (AWC) - add-on module
Analyze and optimize the performance of complex wireless networks. Install and forget your wireless network with an autonomous tool that analyzes traffic patterns and automatically configures access points to meet demand.
Software Defined WAN (SD-WAN)
Centrally manage and automatically optimize inter-branch traffic with SD-WAN. Refer to the section on “Reliable and Easy WAN Management” for more details.
Simple Network Management Protocol (SNMP) - add-on module
Auto-discover and manage a wide range of devices in a multi-vendor environment within Vista Manager EX with SNMP add-on.
Different network views enable visibility the way you prefer. Extend network monitoring with automated notifications and alerts for proactive management.
Allied Telesis Autonomous Management Framework Plus (AMF plus) is a scalable network management platform.
It supports Allied Telesis switching, firewall, and wireless products, as well as a wide range of third-party devices—including video surveillance cameras and IP phones—for network automation.
Vista Manager EX delivers state-of-the-art monitoring and automatically creates a complete topology map of switches, firewalls and wireless APs.
With simplified VLAN creation and mapping, traffic analysis and SD-WAN operations, effortless management of all network devices is now a reality.
A Vista Manager version embedded in our core Allied Telesis switches and firewalls provides an easy and fast network management solution for small and medium installations.
Without the need for external tools, Vista Manager Mini provides easy access to the power of AMF Plus and AWC for wired and wireless management.
Physical Security
PoE Class
- Class 0 up to 15 W
- Class 1 up to 4 W
- Class 2 up to 7 W
- Class 3 up to 15 W
- Class 4 up to 30 W
- High PoE up to 60 W
Building access control systems help to protect the physical hospital environment, but not entirely. This is due to the large volume of staff working in the hospital, and patients and visitors coming in and out, making complete control difficult.
Therefore, an advanced video surveillance system is required to monitor both inside and out the medical facility, and to verify what’s happening in specific areas.
Digital Video Security
In any video surveillance implementation, all the storage devices, surveillance cameras and video management systems rely on the network infrastructure to transport video.
The effect of video surveillance on the network needs to be considered to avoid a negative impact on the performance of other services.
The traffic generated by IP cameras, in combination with the existing traffic on the main links from services, must be calculated in advance to correctly ensure a smooth and reliable transmission.
The key part of the installation is powered by PoE with power consumption that depends on multiple factors like the camera type and the accessories (heater, motors, etc.). In the network design phase, the access switches connected with the IP cameras need to be selected to be able to provide enough power to drive all the attached cameras.
ONVIF support
Allied Telesis has simplified the installation and setup of video surveillance networks by adding support for ONVIF protocols to our AMF network automation solution. This enables easier deployment, management, and maintenance of remote security cameras.
Milestone integration
The Milestone integration plug-in is an add-on to Milestone System’s XProtect VMS that enables direct control of IP cameras connected to Allied Telesis switches. The plug-in simplifies remote camera management for security staff by integrating common admin tasks into the XProtect graphical interface, saving time and expensive call outs.