As part of a recent expansion, Batesville, Ark.-based White River Health System upgraded its wired and wireless LANs, enhancing its ability to support more than 4,000 connected devices.
While the modernization provided WRHS clinicians a vehicle to improve patient care delivery, Director of Information Systems Jeff Reifsteck knew more work was necessary. An inability to closely monitor the organization’s entire network environment and act on problems in real time could put patient privacy and safety at risk.
To that end, WRHS is also upgrading its network management suite with solutions from Extreme Networks. The setup provides Reifsteck with peace of mind that the organization can stay ahead of the curve in terms of potential bottlenecks and cyberthreats.
“By adding new tools for gathering and analyzing network data, we have the visibility to identify problems in real time, usually before end users even report them,” he says.
WRHS isn’t alone when it comes to making such upgrades. Hospitals throughout the country are making enhanced visibility a key consideration when revamping their networks for better performance and security, and ultimately for higher levels of patient care.
Tap Digital Transformation with Granular View of Performance
Zeus Kerravala, a principal analyst at ZK Research, calls the network “the building block of digital transformation” in every industry, including healthcare.
However, all too often, IT officials struggle to achieve full performance potential because of blurred vision. Nearly half the network managers across all sectors have no confidence that they know about all the devices connected to their networks, he says.
“Visibility is the first step — and one of the most important ones — for network optimization,” Kerravala says.
To gain visibility and dynamic management capabilities, WRHS’s technicians rely on the Extreme Management Center, a central console that integrates with a suite of network optimization tools. One of the most important is ExtremeControl, a network access controller, says Matt Stone, network administrator.
Photography by Dero Sanford
“That enables us to change device settings dynamically, rather than by physically touching everything,” he says. “It allows us to make adjustments a lot faster than when we had to walk or drive to the relevant closet.”
Another component of the hospital’s setup is ExtremeAnalytics, which displays detailed information about network traffic patterns. Wesley Evans, a hardware solutions manager at WRHS, says the tool allows the organization’s IT team to see performance at a granular level and troubleshoot problems without having to sort through extensive log files. For instance, when the network recently experienced a communications slowdown after being flooded with 4 terabytes of data, the IT team was quickly able to determine that a misconfigured software application was the culprit.
“It gives us real-time statistics about application and network response times for a complete picture of what end users are experiencing,” he says.
“We would not have identified that problem so quickly without analytics,” Stone adds.
Data Throughput Gets a Boost with Wireless Upgrades
When IT officials at Lorien Health Services felt a similar drive to gain new insights into their network operations, they focused on modernizing their wireless infrastructure.
The slowness of Lorien’s previous generation of wireless devices caused nurses and other staff to unexpectedly be dropped from the networks, leading to frustration and lost productivity, says Michael Bowman, a network engineer with the skilled nursing facility, which has 14 locations throughout the Baltimore area.
Legacy equipment wasn’t the only culprit. The brick and cement facilities also made it difficult to provide reliable Wi-Fi coverage where it was needed.
To overcome these problems, the IT team upgraded the Wi-Fi network with Aruba’s Mobile First Network suite, which enhances visibility through Simple Network Management Protocol monitoring. In addition, Bowman worked with engineers from Aruba to heat map each facility and determine the optimum number and placement of access points and controllers. The upfront work paid off, as the network can now support as much as a gigabit of data throughput, triple its previous capacity.
Just as important, Aruba RADIUS authentication provides single sign-on capabilities, which means staff no longer have to reauthenticate when they move throughout a facility and connect with different access points.
The suite helps Bowman monitor network performance and maintain tight security.
“We can analyze any log data or run standard reports to quickly see performance trends or areas where there may be network interference,” he says. “If there’s channel interference, the technology tells me where the problem is, down to the IP address of the individual access point and its physical location in the facility. Then, I can just switch the channel or do some other adjustment to overcome the issue.”
The solution also sends email alerts at the first sign of suspicious activity. “If there’s a new device that’s trying to connect, we can authenticate it or decide that it should be blocked,” Bowman says.
Better Network Management Ensures HIPAA Compliance
As part of its network management strategy, Sentara Healthcare (an integrated, not-for-profit system that operates 12 hospitals and hundreds of care facilities in North Carolina and Virginia) uses a software-defined segmentation solution that not only helps it to better control its networks, but also enhances security. It allows administrators to dynamically define and apply policies as the mix of devices changes.
“People have been talking about network segmentation for so many years, it was easy to assume that everyone was doing it,” says Daniel Bowden, vice president of information security at Sentara Healthcare. “But that’s just not the case.”
The health system uses Cisco DNA Center, which includes Cisco IOS XE 16. The solution provides programmable interfaces for visibility into application performance and the behavior of switches and routers.
In addition, Cisco Software-Defined Access lets Sentara administrators enforce segmentation policies, a significant change from earlier, hard-wired segmentation techniques where an individual had to manually change the IP addresses to alter segments.
“We just create the policies and profiles and then apply them to the network,” IT Director Chad Spiers says.
The security implications of dynamic network segmentation are significant for healthcare organizations, the Sentara executives say. If hackers successfully breach a networked medical device, for example, segmentation gives the IT staff a way to limit the outbreak to a small part of the network.
“Network segmentation is one of the most important things you can do to mitigate risk,” Bowden says.
WRHS’s team is also adding segmentation to its toolbox, implementing Extreme’s Information Governance Engine to analyze its networks for signs of regulatory noncompliance issues. The solution will help officials achieve the security and privacy goals that HIPAA addresses and, almost as significantly, reduce the burden of preparing for audits.
While the improvements in network visibility may make life easier for the IT staff, the big winners ultimately are the clinicians, Reifsteck says.
“When clinicians aren’t worrying about the performance and reliability of their networked devices and applications, they’re able to focus more on caring for patients,” he says.