Jan 04 2019

Review: The Cisco Meraki MS120-24 Switch Connects Care Campuses

Ideal for linking clinics or specialized departments into a large enterprise healthcare network, this solution is powerful and easy to manage.

Healthcare is unique in that many of its large enterprise networks are different from the more homogeneous corporate behemoths found in other industries. Within a single hospital, the network often breaks down into smaller components that serve specialists, clinicians, administrators and sometimes even the public. Healthcare systems add clinics and remote facilities to that list, and sometimes even multiple hospitals.

The Cisco Meraki MS120 24-port cloud-managed switch is designed with that kind of environment in mind. It’s a Layer 2 switch that is no more difficult to set up than a simple hub, and multiple units can be managed from one location or by remote administrators.

Configuration on a test network took less than five minutes; most of that time was spent plugging it in and attaching various devices.

Once connected, the MS120 is managed through a user-friendly interface that rejects overly complicated command lines in favor of a more commonsense approach that makes setting policies and pushing them out to switches very easy. If multiple Cisco Meraki switches are present in a network, they can easily be managed all at once, or configured as groups that need to behave differently, such as those serving the public versus those that serve clinicians.

MORE FROM HEALTHTECH: Arm yourself with the right info to stay HIPAA-compliant in the cloud.

A Strong and Secure Switch for Hospitals

That simple interface is still quite powerful. The Cisco graphical user interface displays all of the information gathered by the Layer 2 switch, including data about the application, OS, client and hostnames of everything using the device to communicate. Even Media Access Control addresses can be used to configure where to forward frames moving through the MS120.

The MS120 is also equipped with a full toolset for diagnosing network problems remotely. This includes the ability to fully capture live packets streaming through the switch for analysis, and to push out new rules and configurations automatically or as needed.

Cisco Meraki MS120-24

Because the MS120 is managed through the cloud, it’s always ready to receive the latest firmware updates. Cisco can deliver those updates on a set schedule, or they can be installed automatically without disrupting communications.

By combining intelligent hardware with an intuitive interface that can be accessed through the cloud, Cisco has created a new kind of switch that could be the cure for managing the increasingly complex network environment of healthcare organizations and systems.

Cisco's MS120: A Mission to Protect and Serve

Cisco has designed an efficient switch for the healthcare field. With zero-touch deployment and the ability to centrally manage and troubleshoot devices through the cloud, it will save a lot of hours for overworked IT teams. But putting all the eggs in one basket means that the basket had better be secure.

In other words, administrators need to know that only authorized users can log in to the Cisco Meraki MS120-24 switches. Thankfully, there is an army of security protocols embedded inside each Meraki switch.

For starters, two-factor authentication is the default for administrators accessing the dashboard. The switch also supports role-based access control that can be specifically configured by device; for example, granting only certain administrators access to switches on the clinical network, or separating admins by department. That can be a good way to ensure that the entire healthcare system cannot be compromised by the actions of one administrator.

In fact, the MS120 switch even allows security to be configured down to the port, by enabling MAC whitelisting and denying everything else. Even if attackers were able to defeat every other form of security, they would still need a specifically authorized device before making any changes.

The switch can also recognize Dynamic Host Configuration Protocol snooping, which might indicate an attacker’s reconnaissance on a network, and it can block such activities automatically by policy.

Of course, it has all the basic security one would expect from a switch, such as the ability to use a RADIUS server for authentication. But it goes the extra mile to layer on additional protections, which is prudent for a device designed to help keep information legally protected by HIPAA away from unauthorized eyes.



aaa 1