ebook img

The Medical-Grade Network: Helping Transform Healthcare PDF

128 Pages·2008·2.11 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview The Medical-Grade Network: Helping Transform Healthcare

White Paper The Medical-Grade Network: Helping Transform Healthcare Authors Mike Gibbs Howard Quillen Cisco Internet Business Solutions Group (IBSG) Cisco IBSG Copyright © 2007 Cisco Systems, Inc. All rights reserved. White Paper Table of Contents The Medical-Grade Network 1 Identity-Based Networking Services . . . . . . . . . . . . . . . . .22 Helping Transform Healthcare 1 Data Center Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 Persistent Business Challenges 1 Clinic Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 Minimizing Costs 1 Clinic/MOB IP Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 More Patients, Fewer Caregivers . . . . . . . . . . . . . . . . . . . . . . 2 Intrusion Detection System . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 New Care Model 2 Intrusion Prevention System . . . . . . . . . . . . . . . . . . . . . . . . . .26 MGN: Providing a Foundation for a Connected Network Admission Control . . . . . . . . . . . . . . . . . . . . . . . . . . .26 Healthcare Ecosystem 3 Remote Clinician Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 Inside the Medical-Grade Network 5 Business-/Clinician-Ready Teleworker VPNs . . . . . . . .28 Teleworker IP Telephony Security . . . . . . . . . . . . . . . . . . . .29 Medical-Grade Network Architecture 5 Broadband Access Technologies . . . . . . . . . . . . . . . . . . . .29 Networked Infrastructure Layer 6 WAN/MAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Digital Subscriber Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Data Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Cable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 Data Center Core Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 Satellite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Data Center Aggregation Layer . . . . . . . . . . . . . . . . . . . . . . .10 IP Telephony Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 Data Center Access Layer. . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 IP Communications Security Design . . . . . . . . . . . . . . . .30 Server Cluster Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 Mobility Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31 Multitiered Data Center Model . . . . . . . . . . . . . . . . . . . . . . .11 Secure Wireless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34 Multitiered Server Farms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 Passive Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34 Data Center Storage Services . . . . . . . . . . . . . . . . . . . . . . . .11 Active Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Data Center Edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 WLAN QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Campus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Guest Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Campus Core Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 WLAN IP Multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Campus Distribution Layer . . . . . . . . . . . . . . . . . . . . . . . . . . .13 High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 Radio Resource Management 37 Campus Access Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 Automated Interference Avoidance and Enterprise Edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 Power Adjustment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Clinic/MOB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 Optimized Per-User Performance Through Small Offce/Telemedicine Site . . . . . . . . . . . . . . . . . . . . . . .17 User Load Balancing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Interactive Services Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 Asset and Staff Management . . . . . . . . . . . . . . . . . . . . . . . . .37 Security Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 Outbreaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 Wi-Fi Location System and Chokepoint System . . . . .38 Noncompliant Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 Medical Electromagnetic Compatibility Standards . .39 Unauthorized Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 Wireless Architectural Design 39 Denial of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 WLAN Deployment Models . . . . . . . . . . . . . . . . . . . . . . . . . . .39 Secure Sockets Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 Site Survey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 Transparent LAN Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 RF Design Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. i White Paper Table of Contents (Continued) Data Rate Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 Computing Services Attributes . . . . . . . . . . . . . . . . . . . . . .58 Power Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 Server Clustering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 Antenna Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 Input/Output Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 Channel Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42 Utility Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 RF Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 High-Performance Computing . . . . . . . . . . . . . . . . . . . . . . . .60 RF Deployment Best Practices. . . . . . . . . . . . . . . . . . . . . . . .43 InfniBand Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Wireless Networks Are Targets . . . . . . . . . . . . . . . . . . . . . . . .44 Quality of Service—Service Levels and The Components of the Secure Wireless Solution . .44 Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 InfniBand Subnet Management and QoS . . . . . . . . . . . .61 Key Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Remote Direct Memory Access . . . . . . . . . . . . . . . . . . . . . . .61 Required Security Extensions . . . . . . . . . . . . . . . . . . . . . . . .45 Identity Services Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . .62 IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Identity-Based Network Access Control . . . . . . . . . . . . .63 Application-Layer Attributes 63 802.1x/EAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Application-Integration Attributes . . . . . . . . . . . . . . . . . . . . .64 EAP Authentication Benefts . . . . . . . . . . . . . . . . . . . . . . . . . . .46 Collaboration/Conferencing Attributes . . . . . . . . . . . . . .64 EAP Authentication Protocols . . . . . . . . . . . . . . . . . . . . . . . . .47 Collaboration/Unifed Messaging Attributes . . . . . . . .66 Mobility Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Unifed Messaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67 Mobile UC Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49 Single-Number Reachability . . . . . . . . . . . . . . . . . . . . . . . . .68 Voice Traffc Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . .49 Collaboration/Internet Protocol Contact Wireless Networking Challenges . . . . . . . . . . . . . . . . . . . . .49 Center Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68 Multifaceted Approach to End-to-End Quality Collaboration/IP Phone Attributes . . . . . . . . . . . . . . . . . . .70 of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50 Computer Telephony Integration Applications . . . . . . .72 Network and Service Management . . . . . . . . . . . . . . . . . . .51 Collaboration/Video Delivery Attributes . . . . . . . . . . . . .72 Storage Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52 End-to-End IP Video Connectivity . . . . . . . . . . . . . . . . . . . .74 Storage Area Network Fabric . . . . . . . . . . . . . . . . . . . . . . . . . .53 Advanced Technologies and Flexible Architecture Storage Area Network Extension . . . . . . . . . . . . . . . . . . . . . .53 Combine to Meet Changing Clinical and Storage Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 Business Needs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Network-Attached Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . .54 Glossary 76 Storage over a Metro-Optical Network . . . . . . . . . . . . . . .54 Storage over a Wide-Area Network . . . . . . . . . . . . . . . . . . .54 IP Communications Attributes . . . . . . . . . . . . . . . . . . . . . . . .55 Productivity Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 Open Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56 Flexible Reconfguration of Hospital Spaces . . . . . . . . .56 Call Admission Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57 High-Availability Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57 Session Initiation Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. ii White Paper The Medical-Grade Network: Helping Transform Healthcare The Medical-Grade Network Helping Transform Healthcare Healthcare organizations worldwide are turning to information technology to cope with mounting pressures to reduce costs and improve quality and safety. They are using technology to create an integrated system of care that connects patients, clinicians, payers, and support organizations so that all key stakeholders can exchange information more effectively. ® The Cisco Medical-Grade Network (MGN) provides the industry-specific framework required to meet healthcare’s unique needs for interoperability, security, availability, productivity, and flexibility. Persistent Business Challenges A number of business challenges confront the healthcare industry. Among these are service quality, safety, rising costs, and a shortage of skilled staff to meet the needs of an ever-expanding number of patients with an increasingly complex burden of illness. Meeting these challenges requires a shift from acute episodic care to preventive and long-term chronic care management. This new care model must be supported by interoperable health information technology and patient-centric care systems. Minimizing Costs Controlling costs and administrative waste, while delivering high-quality care, is a primary concern for clinicians and those who pay for healthcare—including insurance companies, employers, patients, governments, and taxpayers. In a May 2006 report, the Centers for Medicare and Medicaid Services estimated that annual health expenditures in the United States would reach $1.9 trillion in 2006, rising to more than $2.4 trillion by 2015. Healthcare costs have risen from 7.2 percent of the gross domestic product (GDP) in 1965 to more than 16 percent today. These costs are projected to be 20 percent of the GDP in just under a decade. Rising healthcare costs are a global concern, with significant increases seen in several countries in the European Union and Canada. According to the Organization for Economic Co-operation and Development, healthcare spending accounted for 10.9 percent of the GDP in Switzerland, 10.7 percent in Germany, 9.5 percent in France, and 9.7 percent in Canada. According to the Centers for Disease Control and Prevention (CDC), chronic conditions account for approximately 75 percent of all U.S. healthcare costs. Uninsured or underinsured patients who have acute conditions usually lack basic healthcare access, and without routine preventive care, their conditions can become chronic. The CDC estimates that by 2013, 56 million people in the United States under the age of 65 (nearly 28 percent of the workforce) will not have insurance. Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. 1 White Paper Unnecessary spending also is driving up costs. A 2003 study published in the Annals of Internal Medicine reported that 30 percent of healthcare expenditures are unnecessary and wasteful. This is largely the result of inefficient healthcare practices, such as redundant testing, unnecessary hospital admissions, and manual paperwork. In 2004, Harvard Medical School researchers reported that the United States spent $399 billion annually on healthcare bureaucracy—essentially the administrative costs of insurers, hospitals, physicians, nursing homes, and other health-related institutions. More Patients, Fewer Caregivers The following statistics show an alarming increase in the number of patients and a decrease in workforce personnel: • On October 17, 2006, the U.S. Census Bureau announced that the U.S. population had surpassed 300 million—a population increase of more than 5 percent in just five years. The Census Bureau predicts that the U.S. population will increase to 392 million by 2050—a number nearly 50 percent larger than the population in 1995. Yet the Journal of the American Medical Association reports that there has been a steady decline in the number of U.S. medical school graduates choosing primary care. Coupled with the worldwide aging population, the skilled staff shortage is reaching crisis levels. • According to the United States Department of Health and Human Services, there was a 6 percent nursing shortage in 2000; that shortage will double by 2010, resulting in a deficit of 275,000 full-time registered nurses. By 2015, the shortage is expected to more than triple to 20 percent and will escalate to 29 percent by 2020. To offset the widening gap between the number of patients and the number of skilled staff, healthcare organizations must increase their productivity. New Care Model To improve healthcare outcomes while decreasing costs, healthcare organizations are emphasizing outpatient and preventive care. Collaborative technologies can play a major role in this new care model by creating new synergies and improving the efficacy of treatment modalities. In this new model, patients assume greater responsibility for their personal healthcare, advocating for themselves as healthcare consumers. As a result, they need access to information about their own health and clinicians. Through the Internet and other information sources, patients can access information about treatment protocols and alternatives. In the competitive healthcare world, the transparency of patient and practitioner information may influence practitioner selection and retention. As a result of the increased availability of information, patients are demanding higher- quality services. The MGN plays a critical role in this new care model by facilitating information sharing across the healthcare delivery system. The network provides the platform for exchanging reliable, accurate, and consistent patient information. This provides the foundation for a connected health ecosystem. 2 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. White Paper MGN: Providing a Foundation for a Connected Healthcare Ecosystem Several decades ago, a single physician treated all of a patient’s various illnesses. Today, a patient receives treatment from multiple physicians and clinics. This creates the need for medical and clinical information to be shared securely among many healthcare entities. To provide the framework for this new healthcare world, a connected healthcare ecosystem is needed—where networked resources of medical information, knowledge support, and process optimization are all parts of the system. Figure 1 illustrates the envisioned connected health ecosystem where information is quickly and reliably exchanged. Figure 1 Connected Healthcare Ecosystem Vision Hospitals Clinics Patients/MDs at Home Retail Pharmacies Urgent Universities Care Cable DSL Dial Organ Donor/ Harvesting Long-term Care Research Outpatient Centers Suppliers Connected Health Core Employers Reference Labs National Health Information Network Health PBMs Insurers State/Fed Agencies For many healthcare organizations, the first step is to use technology to create a platform where information can be collected and exchanged electronically. The MGN creates the foundation technology from which this information can be appropriately disseminated within the hospital or healthcare system, paving the way for a connected healthcare ecosystem that addresses the business challenges discussed in this paper. The MGN helps create collaborative relationships that lead to a connected healthcare community with interoperable processes, technology, and people to provide information anywhere, anytime. The resulting patient benefit is the delivery of safe, affordable, efficient, and accessible healthcare. Figure 2 illustrates the beneficiaries within this community. 3 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. White Paper Figure 2 Interoperable Healthcare Ecosystem Connected Connected Health Hospital Information Exchanges Connected Connected Health Life Sciences Authorities and Research Connected Connected Patient Clinician Connected Connected Public Health Payer The MGN meets healthcare’s unique needs for security, availability, productivity, flexibility, and interoperability by providing integration with each functional area. These capabilities optimize interactions among healthcare participants, processes, applications, and hardware components. The MGN facilitates and integrates diverse business and clinical communications across the continuum of care. The MGN also meets the storage requirements of the healthcare environment by enforcing identity- and policy-based privacy and security from inside the network to beyond organizational walls. The network also securely stores large amounts of data for extended time periods. The acute care environment often demands around-the-clock data availability. The MGN’s high-availability design can support this requirement along with the convergence of data, voice, video, and imaging. In addition, it enables real-time access to people and information when and where it is needed. By automating workflow and collaboration, the network helps optimize clinical and business processes; the clinical applications that run on the network now augment clinicians’ professional skills. 4 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. White Paper Access to healthcare, 24 hours a day, seven days a week, is not limited to just healthcare workers; patients and their families demand increased access to their clinicians, regardless of location. The MGN supports clinical requirements offsite, enabling remote collaboration on a global scale. This is driving new solutions, such as the Cisco TelePresence and Collaborative Care conferencing solutions. The MGN promotes strict adherence to required healthcare service levels. Because each healthcare organization has different business requirements, the network is designed to support service-level requirements based on specific business and clinical needs. All components of the MGN’s end-to-end-framework function cohesively to maximize performance and minimize integration challenges, reducing the network’s operational expenses and the capital necessary to procure equipment. Inside the Medical-Grade Network The MGN meets today’s healthcare needs while laying the foundation for future requirements. It is based on Cisco’s modular Service-Oriented Network Architecture (SONA), which means that new applications, technologies, and equipment can be added easily to the network. The MGN framework is segmented into three layers: networked infrastructure layer, interactive services layer, and application layer. Each layer enables system-wide communications, allowing the network to operate efficiently and disseminate clinical and business information throughout the healthcare system. Each layer will be discussed, in detail, in the rest of this document. Medical-Grade Network Architecture The MGN is an end-to-end solution that streamlines operations and supports a variety of medical applications. As stated above, the MGN architecture is built on three layers: the networked infrastructure layer, which provides a converged network foundation that enables secure, reliable, and highly available connectivity to network-enabled devices; the interactive services layer, which enables mobility, security, and more efficient utilization of resources; and the applications layer, which contains the business, clinical, and collaborative applications that are used in the healthcare environment. This section will describe the technical details of the MGN framework. 5 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. White Paper Figure 3 MGN Architecture Elements Business and Patient Care Strategy, Process, and Workflow Requirement Instant Unified HIS LIS/CIS/RIS EMR PACS Conferencing Messaging Messaging Patient Asset IP Video CPOE Admin IPCC Mgmt Mgmt Phone Delivery Advanced Analytics and Decision Support Application Delivery Application-Oriented Networking Voice and Security Services Collaboration Services Infrastructure Mobility Services Services Compute Services Storage Services Identity Services Network Infrastructure Virtualization Infrastructure Management Enterprise Data Campus Branch WLAN WAN Teleworker Edge Center Server Storage Client Networked Infrastructure Layer The networked infrastructure layer is the source of all IT resources that are connected over a single IP network. This layer demonstrates how a fully integrated network enables quality of service (QoS), security, and high availability even in the most demanding healthcare environment. This layer supports traditional functions, such as routing, switching, and transport technology. The attributes that are required for the MGN at the networked infrastructure layer are identified in Figure 5. Figure 4 Networked Infrastructure Layer—Structure Enterprise Data Campus Branch WLAN WAN Teleworker Edge Center Server Storage Client 6 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved. Networked Networked Interactive Application Infrastructure Layer Infrastructure Layer Services Layer Collaboration Layer White Paper Figure 5 Networked Infrastructure Layer Attributes Networked Infrastructure Layer Attributes Network Virtualization • Private VLANs (PVLAN) • Network address translation Wireless • Convergence of wired/wireless infrastructure, WLAN controllers, access points, VPNs/ VLANs, and distributed antenna systems High Availability • Spanning Tree Protocol (STP) • Nonstop forwarding (NSF) • Standby Router Protocols (HSRP, VRRP) • Path redundancy • Device redundancy • Stateful switchover (SSO) • High-performance routing protocols (OSPF, EIGRP, BGP, PIM-SM) • In Service Software Upgrade (ISSU), Global Load Balancing Protocol (GLBP) • Application-aware Quality of Service (QoS) • Voice over Wi-Fi support with Fast roaming and WMM (Wi-Fi Multimedia) Security • Access control lists • Wireless IDS/IPS (Intrusion detection and prevention system) • Wireless rogue devices detection and localization Scalability • IP multicast • Rate-limiting • Multiprotocol Label Switching (MPLS) • Web Cache Communication Protocol (WCCP) for transparency, load balancing, and failover • Generic Routing Encapsulation (GRE) • Multiple wireless SSIDs Voice and Multimedia • In-line power—Power over Ethernet (PoE) • Voice over Wi-Fi Management • Fault and performance indicators (SNMP, syslog, RMON, MIB, NetFlow) • Network management event correlation The following section details places in the network as they pertain to the networked infrastructure layer. (This section also introduces several interactive services layer components, which are discussed in greater detail later in this document.) 7 Cisco IBSG Copyright © 2008 Cisco Systems, Inc. All rights reserved.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.