Free Essay

Networking

In: Computers and Technology

Submitted By dioncriss
Words 8999
Pages 36
Solution | Healthcare Network

Allied Telesis
Healthcare Network Construction Guidebook

Contents

Healthcare Network Solution | Introduction Outline of a Healthcare Network Importance of the network Main requirements in designing a healthcare network Non-stop Network Network bandwidth and QoS (Quality of Service) Data capacity Network bandwidth and cost of LAN devices QoS (Quality of Service) Redundancy and proactive measures to overcome network failures Core switch redundancy Comparison of redundancy of communication Loop protection Secure and Reliable Network Security Importance of security: both physical and human factors Threats to network security Network authentication External network (Internet) connection Inter-regional cooperative healthcare network Effective use of Wireless LAN Security in Wireless LAN Install and operation of Wireless LAN Ease of Operation Critical issues for network operation SNMP (Simple Network Management Protocol) Measures against system failures; device failures, incorrect wiring Use of SNMP IPv6 Network Configuration Example Network configuration for hospitals with fewer than 100 beds Network configuration for hospitals with more than 100 and fewer than 200 beds Network configuration for hospitals with more than 200 beds (i) Network configuration for hospitals with more than 200 beds (ii)

3 4 4 5 7 7 7 8 9 10 10 11 12 13 13 13 14 15 19 20 21 21 22 23 23 24 24 25 26 27 28 30 32 34

2 | Healthcare Network Solution

Healthcare Network Solution | Introduction

At the end of the 20th century, computers and the technology field overall began embracing the idea of being ‘open.’ With this, we saw the development of new interoperable platforms and the advent of more healthcare-focused technologies, such as the computerization of roentgenography, CT, and sonography scanning and x-ray communications tools. At the same time, centralized computer systems downsized and tools such as electronic medical charts began operating on standard software such as Windows and UNIX. Meanwhile, with the explosive spread of the Internet, hospital networks began standardizing on IP (Internet Protocol) and shifting away from more conventional protocols, such as SNA. It has now become possible for individual hospitals to operate on a single IP network, as the systems have become more convenient and economical. However, as electronic medical charts have become more commonplace, hospital operations have shifted to a paperless environment where all the information is managed as electronic data.This means if the network shuts down, all medical treatment stops. Furthermore, the network, which is set up across all corners of a hospital, is large-scale and increasingly complex.The global penetration of Windows, UNIX, and IP networks has rendered them more inexpensive, but security issues are now more of a concern. In keeping with these developments in hospital network administration, this booklet explains important features about hospital network construction based on three key concepts: ‘Non-stop Network,’ ‘Secure and Reliable Network,’ and ‘Ease of Operation.’

Healthcare Network Solution | 3

Outline of a Healthcare Network

Importance of the network
Today, hospitals generally conduct business with use of multiple integrated healthcare information systems. However, a network does not exist for each system; rather, it must be designed, constructed, and operated as a single, common infrastructure. Since a network system failure can lead directly to entire hospital routines and operations coming to a halt, a ‘Non-stop Network’ is one of the most important components within hospital administration.

Meanwhile, as a result of the explosive spread of Internet in the latter half of the 1990’s, previously closed IP networks became more open and inexpensive.This has made the technology more readily available, but at the expense of exposing a variety of security vulnerabilities. As a result, hospital networks dealing with highly personal information are required to design and adopt ‘Safe and Reliable Networks.’ Based on recent advancement in healthcare technology, most networks are expected to be established as regional alliance infrastructures among many hospitals to ensure maximum security and reliability.

Personnel payroll system

Medicine control system

Reception Accounting Medicine Inspection Outpatient Radiography Nursing-care clinic support

4 | Healthcare Network Solution

Reservation / reception management system

Financial control system

Electronic chart system

Providing meals / nutritional-care system

Goods control system

Radiation / RIS / PACS

Nursing-care support system

Medical information / accounting system

Medical examination linkage system

Clinical trial control system

Inspection system

Ordering system

Hospital Network

Administration

Clinical Medical trial examination

Hospital network

Main requirements in designing a healthcare network
Non-stop network I Network bandwidth and QoS Large volumes of image data, such as from CTs and MRIs, are mainly accessed from the radiography section. Additionally, data or applications handled by various medical information systems run via the network.Therefore, it is important to pay attention to bandwidth in order for large volumes of data transmission to be carried out efficiently, quickly, and easily. By using QoS (Quality of Service) practices, it becomes possible to give increased priority to processing the data to minimize delay, even within a limited bandwidth system.
I

Secure and reliable network I Importance of security If personal or critical information is leaked or compromised, such as electronic medical charts, it can be very damaging to patients.Together with physical management (such as antitheft devices, limiting access to patients’ rooms) using PCs and the server, the following measures must be taken on the network system: - Security measures are based on the proper control of various IT devices. For example, the possibility of computer virus infections must be minimized, since they can be caused by private PCs brought in from outside, unauthorized access via the Internet from outside the network, or even from within the hospital LAN.Therefore, firewall or virus protection is needed for the Internet, and network authentication must be in place to prevent the use of unauthorized PCs for LAN-related problems. - When constructing a regional alliance-based healthcare network via the Internet, it is necessary to build a VPN (Virtual Private Network). By doing so, even with access to public networks like the Internet, the virtual tunnel with encrypted communication safely connects all the LAN terminals. The security measures above are not automatic, but are established as post-installation steps. Following a strict protocol on a daily basis is crucial for their success.
I

Redundancy and preventive measures against system failures If a hospital network stops suddenly, running applications shut down.Therefore, a network system failure is a serious problem directly linked with system-wide hospital applications such as accounting or medical services. In order to construct a ‘Non-stop Network,’ it is necessary to ensure network device and path redundancy and enhance its reliability. By doing so, it becomes possible to keep network downtime at a minimum in the event of system failure. Sometimes a problem caused by human error may cause the entire network to shut down. It is also important to take measures to prevent unnecessary trouble, particularly network loops, when constructing a non-stop network.

Effective use of Wireless LAN Today, in a hospital that includes patient rooms, the use of Wireless LAN (WLAN) technology is growing as people use laptops and other devices. While WLAN service is an effective way of providing Internet access to inpatients as a hospital amenity, adequate security measures must be taken when implementing an open LAN environment.

Healthcare Network Solution | 5

Ease of operation I Early detection and restoration of system failures with the improvement in system functions of operation and control By constantly monitoring network devices, early detection of a system failure can facilitate a quick recovery. For improvements in operation and control performance, it is highly important to use SNMP (Simple Network Management Protocol).
I

Consideration of shift to IPv6-based Network With the development and the expansion of the Internet over the last few years, the remaining available IP addresses under IPv4 will likely become exhausted. Acquiring a new IPv4 global address is estimated to be even more difficult by 2011. Although IPv4 is the current standard, it is necessary to support two versions of IP to meet the next-generation IP standard, such as IPv6, when selecting network devices.

6 | Healthcare Network Solution

Non-stop Network

Network bandwidth and QoS (Quality of Service)
When constructing a network, it is necessary in advance to determine the size of all hospital data communication requirements and data-access frequency, and to take possible staff and patient increases into consideration.

Data capacity One of the most important aspects of network design is securing enough capacity to support a large volume of data communication during peak periods. Listed below are the main data types and sizes streaming throughout a network. A network design is required to take into account handling large data volumes of data and access frequency.

Examples of Data Capacity
Text data Receipt, prescription order receipt E-mail with a large number of characters Tens of kbytes (hundreds of kbits) Approx. 20kbytes (160kbits) Image data MRI Chest X-ray Echo Web (top page of Japan Health, Labor and Welfare Ministry) Approx. 500kbytes * 100 sheets (400Mbits: per one inspection) Approx. 30Mbytes (one sheet: 240Mbit) Approx. 300kbytes * 10 sheets (24Mbits: per one inspection)

Approx. 240kbytes (2Mbits)

1Gbps
Receipt
X-ray

Receipt

MRI Receipt Receipt
X-ray

MRI

100Mbps
X-ray Receipt Receipt Receipt
Data transmission

Although much depends on the capability of individual PCs and applications, a chest radiograph image normally takes three seconds at 100Mbps and may be received at up to 0.3 seconds in 1Gbps.The impact of bandwidth expansion from 100Mbps to 1Gbps can be dramatic and significant.

In addition, as the above chart indicates, when medical image data like X-rays or MRI flow through 100Mbps-LANs, interference occurs with the other data communication, such as a delay in processing time.

Healthcare Network Solution | 7

Network bandwidth and cost of LAN devices The cost of network devices is determined by the selection of 1Gbps or 10Gbps speeds for the main line connecting core and floor switches, or 1Gbps or 100Mbps for the branch line connecting floor and edge switches. Listed here are the examples of cost comparisons of the entire network system. Notes: These prices are only for switches and optical modules, not including cables. These prices are calculated based on Allied Telesis standard price.

Condition: Comparisons with actual design for a general hospital with approximately 600 beds I Core switch redundancy
I I

Floor switch (6 units) Edge switch (20 units) calculated with a switch and AT-SFP/XFP optical module

Core switch

A. Main line: 10Gbps Branch line: 1Gbps

Floor switch x6

B. Main line: 1Gbps Branch line: 1Gbps

Edge switch x20

C. Main line: 1Gbps Branch line: 100Mbps

Est. $250,000

Est. $100,000

10G optical fiber 1G optical fiber 1G copper line 100M copper line

Est. $80,000

Cost comparison

8 | Healthcare Network Solution

QoS (Quality of Service) QoS is a technology giving priority to specific traffic and securing a fixed level of response throughput. Usually, a switch processes packets in an entry sequence format; when traffic is heavy, delays occur; in the worst case the packet itself is lost or destroyed. With QoS features, priority processing of audio/video traffic is made possible and maximum communications traffic can be controlled to minimize the risk of sound and video traffic delay and packet destruction.

The switch receiving a packet identifies the data and carries out the QoS processing. QoS processing is classified roughly into priority control and bandwidth control. Priority control processes the high-priority packets first through multiple processing buffers with different levels of priority. Meanwhile, bandwidth control is managed by securing enough bandwidth and by controlling high-traffic data.

Without QoS

Sound packet delay

Voice

Data With QoS (priority processing of sound)
Priority processing of sound packet Priority processing of sound packet

Voice
Data packet control

Data

Quality of Service

Healthcare Network Solution | 9

Redundancy and proactive measures to overcome network failures
Core switch redundancy Star topology is commonly adopted for LANs residing inside buildings. Since star topology is constructed based on core switches, it is important to create core-switch redundancy to ensure stable operation without the network shutdown.

Multiple methods exist for redundancy, including making the power supply and management modules redundant inside the chassis, or even the chassis itself redundant.

Management module redundancy

Chassis redundancy Power supply redundancy

Redundancy

Network Devices Types and Comparison of Redundancy Function
Capacity/ports Large capacity Large ports Middle capacity Middle ports Small capacity Small ports Redundancy Management module Power supply Price Others Power consumption: large Excellent expandability Power consumption: normal Relatively-compact size Power consumption: low Compact size

Chassis type

High

Modular type

Power supply

Middle

Box type

Power supply (some products are not covered by redundancy)

Low

10 | Healthcare Network Solution

Comparison of redundancy of communication Chassis redundancy uses redundant protocols to automatically switch to standby equipment in the event of system failure. Redundant protocols include not only a standard protocol, but also a vendor-specific protocol which covers the shortcomings of standard protocols.Therefore, we can make decisions that take into account the function, bandwidth, and ease of operation.

STP (Spanning-Tree Protocol): When making a path redundant by using several Layer 2 switches on a LAN, STP provides path redundancy while preventing undesirable loops in a network.

1. Active/standby configuration

2. Active/standby distributed configuration

3. Stack configuration

Switch

Switch

Switch

Master

Slave

Master slave

Master slave

Switch (stack)

Switch (stack)

Switch

Switch

Switch

Switch

Switch

Switch

With redundancy configuration by STP or single VLAN, one device stands by and does not operate.

An efficient operation is possible by distributing master/slave switches with VLANs. However, that may make the setting and design more complex.

In stack configuration, load distribution is possible even with a single VLAN configuration. Also, setting and design are very easy. Note: Link aggregation connection between distribution switches.

Redundancy communication

Healthcare Network Solution | 11

Loop protection In network operations, a system administrator is most troubled by human errors, yet these mistakes can be alleviated by device functionality. Common errors arise as desktop PC switches are detached, cables are connected and disconnected on a daily basis based on floor layout changes, and PCs are carried in or out of their original locations. Examples of desktop-switch failures:
I I I I

Loop failures frequently appear to be human-made, such as an unintentional connection error by users. For example, a loop failure occurred when one hospital staff member inserted an extra LAN cable into the switch.This can lead to larger problems, such as an entire network breakdown.Therefore, some measures have to be taken into account to minimize the effect on the entire system. Loop-preventive functions such as ‘Loop Guard’ and ‘ForceMDI’ can automatically detect a loop and shut down a port – making it possible to create a loop-preventing design.

Cable-related failures (e.g. connector comes out of RJ-45 plug) Network device breakdown (e.g. if it gets wet) Terminal setting errors, duplication of IP Loop failures

LDF transmission

1. LDF transmission Normally (non-loop), the device does not receive LDF

LDF transmission

Loop detection

3.Actions after loop detection (receiving LDF). Loop failures can be prevented with presetting actions as below. Port nullification Port link down Dropping broadcast

2. LDF reception

Comparison of loop defense functions
Loop guard: LDF (Loop Detection Flame) method

Comparison of Loop Defense Functions
Method MAC address slashing LDF Rate limit ForceMDI Summary Detecting frequently changing registered ports with the same MAC address and blocking ports at the time the loop occurs. Determining whether the receiving LDF is a loop. If so, it takes action, such as blocking ports. Presetting the traffic rate. If it receives excessive traffic, it detects a loop and takes action, such as blocking ports. Force ports to MDI or MDI-X (ForceMDI function), preventing linkup caused by improper cable connections. Price High price Relatively low price Relatively low price Low price

12 | Healthcare Network Solution

Secure and Reliable Network

Security
Importance of security: both physical and human factors ‘System security’ is normally focused on system-related factors such as firewalls, but physical factors such as locking a server room and password non-disclosure policies are also important. Security-related accidents often occur in the absence of sufficient security measures. As listed below, this is like leaking water from the lowest point when pouring it into a barrel. Eventually, lack of security measures in any of several factors can lead to serious accidents. For example, if a PC connected to the network is placed where patients or visitors can come and go, it could lead to serious problems, such as someone using a PC improperly. Additionally, personal information may be compromised if a PC is stolen, so a physical measure like a wire lock is required.

To protect confidential data, certain types of access need to be restricted to authorized users inside the hospital. Additionally, authorized users must strictly follow security rules, such as not disclosing their IDs or passwords to anyone without authorization. As mentioned above, security is not guaranteed by merely installing a security system. Establishing, communicating, and enforcing proper security rules based on potential and actual risks affecting daily operation is essential. Examples of security rules: I Prohibiting personal PCs in the hospital
I I

Password setting/encryption with e-mail attachment Set a password to screen-saver

PC theft

Virus

Coded communication

Pass ord management

PC / server management

Management of entering and leaving a room

Biometrics

Intruder

Staff misconduct

Security

Healthcare Network Solution | 13

Threats to network security As the following diagram shows, unauthorized entry from the outside and malicious internal access may lead to data being falsified, leaked, or lost. Such risks must be understood so security measures can be properly designed, operated, and managed. From a security standpoint, even if the external network connection (Internet connection) is physically separated from the healthcare information network, both networks can be connected if there are two network interfaces in PCs. However, separation of two networks is not always entirely safe because there is still a risk of virus infection or the malicious use of external memory devices such as a USB stick. Since there are tradeoffs between convenience and safety in security measures, integrated security must be in place that treats the entire hospital as one integrated network infrastructure.

Apart from a regular Internet connection, there may be connection points outside the network that on occasion are attached to the system, such as those used for medical device maintenance. All staff members must be trained to recognize the danger of potential hacking and strictly follow security rules.

External Network
Tapping of confidential information sending virus unauthorized access Virus infection

Internal Network
Unauthorized terminal connection Leakage of confidential information

External threats

Internet

Internal threats

Attacking the internal network

Unauthorized use of a system

Falsification of confidential information

Threats to network security

14 | Healthcare Network Solution

Network authentication One of these network security measures is authentication.This is a function that allows authorized personnel only to access information depending upon each person’s access level. Although an authentication application function can restrict access, the danger of tapping via an unauthorized terminal is still a risk. In addition, establishing network authentication eliminates unauthorized terminals (making it impossible to access a network) and improves security. There are two types of authentication functions for switches:
I I

I

RADIUS (Remote Authentication Dial in User Service) RADIUS is a networking protocol providing centralized authentication, authorization, and accounting (tracking consumption of network resources by users) management for computers to connect and use network services. Originally, it was developed for user authentication of a remote connection through a dial-up connection, but now, it is widely used as a general authentication protocol in wired and Wireless LANs. Radius protocol is defined in IETF (Internet Engineering Task Force), RFC (Request for Comments) 2865.

Port security function Terminal authentication function

I

IEEE 802.1x IEEE 802.1x is an IEEE standard for port-based network access control and is part of the IEEE 802.1 working group (higher-layer LAN protocols) of networking protocols. It provides an authentication mechanism for network terminals, and is becoming more widely used as both wired and wireless network authentications and for managing a ‘quarantined’ network.

Furthermore, when an unauthorized terminal tries to connect to the network, it is possible to notify system administrators through switch log information, SNMP TRAP, and the RADIUS server.
I

MAC address This is 6byte (48-bit) address assigned to LAN interfaces or network devices.The first three bytes are assigned by IEEE (The Institute of Electrical and Electronics Engineers) standards, and the latter half of the three bytes are assigned by each manufacturer to avoid duplication.This address uniquely identifies each node on a network and corresponds with Layer 2, the data link layer of the OSI Reference Model. A MAC address is different from a Layer 3 IP address, and is a unique address for each device. It is also known as a ‘hardware address.’

Comparison of Functions
Function Summary With preregistration of MAC address in connecting terminals, it is possible to intercept communication with devices lacking registered MAC addresses. This can authenticate terminals with using RADIUS server. There are several authentication methods, such as IEEE 802.1x, MAC address base or Web, etc. It is possible to construct flexibility depending on a user's network environment. Feature Its operation control is complicated at the time of additional terminal deployment or replacement. (It is necessary to change settings for each device.) With use of RAIDUS server, it can allow integrated control of terminals and ease of operation.

Port security

Terminal authentication

Healthcare Network Solution | 15

I

Port security function Even a relatively low-cost switch can provide port security functions, so the security system can be enforced inexpensively. In cases where terminals are added or transferred, it is necessary to change settings.

Wall Outlet Wall Outlet

I

Terminal authentication function Different from port security, an authentication process is established using RADIUS, not by the unit itself. This provides ease-of-operation, such as not having to change authentication devices settings even if terminals are added or transferred. In addition, a recent product provides three authentication methods within one authentication switch. It allows an authentication network to be constructed more flexibly.

An unregistered PC tries to communicate. Now prevent its communication by shutting down the port.

Unauthorized intruder

Port security function

Comparison of Authentication Method
Authentication method IEEE 802.1x Summary Authenticate with use of a client supported IEEE 802.1x. It can authenticate by both user account and certificate. Authentication with use of a terminal MAC address. Feature Some older OSs need other client software.

MAC

Even printers and complex devices are available. Since any terminals with a browser are available, it can authenticate regardless of OSs.

Web

Authenticate users by a Web browser.

RADIUS server

IEEE 802.1x - supported switch

Who are you? I am XXX. Password is ******** I am XXX. Password is ******** You are allowed to enter the network.

Authentication completed. You are allowed to connect to the network.

IEEE 802.1x authentication

16 | Healthcare Network Solution

I

VLAN VLAN is a function to divide a LAN virtually into multiple networks. In many cases, one VLAN represents one user group. With restricting communication between VLANs, it can ensure a constant level of security between intergroup communications. Generally,VLAN is classified according to a switch port, and when a terminal is transferred, it becomes necessary to change the switch setting.

VLAN configured switch

Physical LAN cable VLAN10 VLAN20 VLAN30

VLAN function

Healthcare Network Solution | 17

I

Dynamic VLAN As laptops become more common, there is increased demand to access data on the same VLAN from different places, rather than from a fixed location. Dynamic VLAN has a function to dynamically assign VLAN to a PC with a link to an authentication function based on MAC addresses and user IDs.This enables users to participate in the original VLAN group regardless of their physical locations. In addition, even if a PC is moved, it is not necessary to change switch settings.

I

Multiple dynamic VLAN The switch supports multiple dynamic VLAN, which can assign different VLANs to each user using one physical port.This function enables integration of authentication switches into one unit and is inexpensively configured with edge switches.

Authentication switch (configuredVLAN)

VLAN configuration

Even if a PC is transferred to another switch, it is possible to enter the original network

Authentication switch (configured VLAN) Authentication switch (configuredVLAN)

VLAN10 VLAN20 VLAN30

Dynamic VLAN

Authentication switches can be integrated into one unit Edge switches can be configured at a lower cost

Authentication switch (configured VLAN)

VLAN10 VLAN20 VLAN30

Multiple dynamic VLAN

18 | Healthcare Network Solution

The chart below compares authentication costs using edge switches and integrated authentication switches with multiple dynamic VLAN function.

Condition:
I 200 units of authentication terminals I 20 units of edge switches

Authentication Costs
Authentication method By an edge switch Type and number of switches 1 unit of floor switch; 20 units of edge switches are integrated 20 units of authentication edge switches 1 unit of authentication floor switch; 20 units of edge switches are integrated 20 units of authentication packet transmission edge switches Cost Approx. $27,000

By one integrated authentication switch

Approx. $13,500

External network (Internet) connection An Internet-accessible environment is always exposed to external threats.Therefore, unauthorized access from the outside must be restricted by all possible means. Since the use of P2P software like ‘Winny’ could be the cause of an information leak, traffic from within must also be monitored.

Comparison of Main Security Devices
Authentication method Firewall/Intrusion Detection System (IDS) Intrusion Prevention System (IPS) Summary Packet filtering, monitoring of session state. It is possible to prevent attacks targeting an OS weakness, by checking the communicating information in the upper layer. An all-inclusive security product with multiple security functions; firewall, antivirus, intrusion detection, and anti-spam. Feature Protection from outside attacks and detection of hackers (the most common measure). Detection and blocking of P2P traffic, such as ‘Winny’ and ‘Share.’ Integrated, low-cost security for small and medium-sized companies.

Unified Threat Management (UTM)

Healthcare Network Solution | 19

Inter-regional cooperative healthcare network In recent years, medical technology advancement has caused shortages of medical specialists. Consequently, a regional center hospital and other hospitals/clinics in the region must cooperate at higher levels, as healthcare organizations are becoming more differentiated. In order to ensure and support cooperation among regional hospitals, including medical services, the use of a network in a regional center hospital as the network core is required. Some networks use Internet-type public services because of economic reasons; in these cases, additional security measures are required beyond general external connections.
Comparison of VPN Functions
IPSec VPN Operation and control Security

In keeping with this,VPN is becoming more commonplace as a network that safely connects with the outside virtual world. There are two primary VPN connection methods: IPSec and SSL. VPN (Virtual Private Network): This technology enables connection of specific points safely through a virtual encrypted tunnel on a public network like the Internet, using cryptographic technology.VPN provides a connection between multiple LANs or remote access to a LAN from an external terminal.

SSL VPN This makes management easier since there is no need to add a device or change settings each time a new hospital is added. Secure communication is ensured via VPN.

It is necessary to buy devices and VPN software and to change the setting every time a new hospital joins the network. Secure communication is ensured via VPN.

I Since there are many relatively inexpensive products, lower-cost
Others

I Two-way communication is possible I In many cases, this function is mounted on firewall or routers

configuration is possible if there are a few bases

I The initial installation cost is high I Basically, it is one-way communication I Authentication function for connection availability based on a client’s security status. (Security patch, OS, etc.)

IPSec VPN
Center hospital

SSL VPN
Center hospital Server (resource in hospital)
DICOM PACS DICOM

IPSec VPN device

SSL VPN device DMZ

PACS

Server (resource in hospital)

Firewall Internet Connection between a firewall and aVPN device Connection between a firewall and a router Connection between firewalls Internet

Hospital/clinic

Hospital/clinic

VPN connections

20 | Healthcare Network Solution

Effective use of Wireless LAN
As laptop and handheld terminal use has increased with the increasingly widespread use of electronic medical charts, Wireless LANs are becoming more commonplace in hospitals. Wireless LANs have made it easier for hospitals to provide Internet access to patients as an amenity. As long as Wireless LAN access points support dynamic VLAN, it is possible to activate several networks using a single wireless access point.

Security in Wireless LAN As Wireless LANs establish transmission with electrical wave impulses, without cables, it raises the risk of hacking and interception by a third party. For this reason, encryption and authentication are essential for establishing wireless connections between wireless terminals and access points. As far as encryption schemes used at original wireless points are concerned, ‘WEP’ was the standard and considered mainstream, but it has lately become regarded as less secure due to vulnerability and security issues caused by malicious third parties deciphering codes. Today’s wireless access points support ‘WPA2’ that uses a robust encryption scheme (AES; Advanced Encryption Standard) to reduce vulnerability. In addition, by integrating an IEEE 802.1x authentication function, secure wireless networks are more easily constructed.

RADIUS Server Medical information

Wireless LAN access point

Nurses

Internet Inpatients

Wireless connections

Healthcare Network Solution | 21

Install and operation of Wireless LAN When a Wireless LAN device is installed and established, it is necessary to take into account radio-wave interference, and ease of control and operation for a large quantity of wireless access points as well as security. If radio-wave interference occurs, it may delay transmission or cause errors. With proper access channel design and construction, radio-wave interferences can be prevented. But if there are a large number of wireless access points, it becomes more necessary to prevent radio-wave interferences due to the number of available channels.

Preliminary research before setting of wireless access point: I Install a trial wireless access point, then check its terminal communication condition. I Confirm the setup position of a wireless access point using a site-survey tool. Functions contained in wireless access points:
I I

Interference avoidance by automatic channel management function of a wireless access point. Interference avoidance by using a Wireless LAN switch system.

It is possible to construct a secure Wireless LAN network by conducting preliminary research on its communication condition and installation environment, including the use of wireless device functions.

Occurence of radio interference to adjacent AP , because of the same channel

Automatic changing to the channel avoiding duplication among adjacent APs with use of automatic channel function

ch1

ch1

ch1

ch6

Automatic channel management

22 | Healthcare Network Solution

Ease of Operation

Critical issues for network operation
Maintaining stable, uninterrupted operation is essential for network infrastructures. Therefore, it is necessary to consider network configuration, wiring design, device setting, and overall network environment improvements at all times to be able to respond to unexpected failures and interruptions.
I I I I

Secure the space for network device setting Check power supplies Check wiring connection Keep terminal and network device well-organized

If the cable is connected to the unused port, all communication can be potentially wiretapped because of shared hub use. In addition, performance issues can be a concern.

There is a possibility of loop failure by incorrect wiring connections due to loose cable management.

With devices not placed on a rack, the switch is inconveniently located and difficult to replace. In addition, it can be affected by heat and insufficient exhaust space.

With only one core switch, the entire hospital network operation is dependent upon its operation, and might break down in the case of failure.

Healthcare Network Solution | 23

SNMP (Simple Network Management Protocol)
Measures against system failures; device failures, incorrect wiring If network monitoring cannot be conducted, such as by using non-SNMP-compliant products, administrators must check PCs, cables, and LAN switches individually when terminal users report connection errors.This causes problem resolution to take significantly longer, especially when there are numerous hospital floors covering a large area. SNMP significantly helps alleviate this problem.

SNMP (Simple Network Management Protocol): This is a protocol for network control and management, such as controlling configuration, performance, and fault monitoring. This is a standardized protocol as defined in RFC (Request for Comments) 1157 of IETF (Internet Engineering Task Force).

Cables are plugged into switches?

Floor switch
PC is working properly? Communication error occurence Switches are working properly?

Edge switch

Cable is plugged into PC?

Cable plug-in is not damaged?

SNMP

24 | Healthcare Network Solution

Use of SNMP To ensure stable network system operation, early detection of unusual activities and prompt response is essential. In a hospital, there are many devices connected to the network throughout the infrastructure, including hospital terminals, servers, and printers. In the case of device failure, measures should be taken immediately to minimize any impact on the system. Quick recovery efforts nearly always shorten system down-time.

In network operation and management, it is important to constantly monitor network device conditions, such as performance and communication; this makes it possible to detect failures and conduct recovery work at early stages. In order to constantly monitor network devices, each device needs to correspond to an SNMP function. Additionally, intensive remote monitoring and control is accomplished using SNMP-compatible devices in conjunction with network-monitoring servers.

SNMP Compatible Devices
Type Network device (intelligent) Network device (non-intelligent) PC, server, printer, UPS Compatibility Yes No Yes Feature Layer 3 switch, router, firewall are compatible. Low-cost edge switch (dumb switch) is incompatible. Windows system is compatible with installation of SNMP service program.

* Some inexpensive printers or UPS are incompatible

Network monitoring and control
This displays network composition clearly in the network tree/map so that failure points can be checked visually. It allows recovery actions to take place at early stages.
I

Display device conditions in colors.

Condition monitoring with Ping and SNMP I Device error alerts with icons changing colors I Optional automatic e-mailing to administrators control Statistical information can be checked and displayed as graphs.
I

SNMP MIB information device display I Packet and error count, MAC table display

Each device can be controlled in detail. When clicking on a device displayed in the network map or tree, the device front panel activates as a GUI to allow intuitive control.

Healthcare Network Solution | 25

IPv6
As a result of IPv4 addresses becoming exhausted, there is growing interest in a shift to IPv6. Carriers already support IPv6 in their new service offerings, and Windows Vista and Windows 7 also supports it as a standard. For now, IPv4 is still the mainstream in a LAN, however, in creating and constructing new networks it’s necessary to consider IPv6 compatibility and support. One of the greatest advantages of IPv6 is ease of management. Since IP addresses are automatically generated from MAC address on PCs in the network, it reduces an administrator’s burden in assigning IP addresses without having to use a DHCP server.

When shifting to IPv6 from IPv4, especially in environments where there are many terminals such as PCs and medical devices, it is better to install a dual-stack switch supporting both IPv4 and IPv6. Then a gradual shift to IPv6 can take place.

Core Layer 3 switch

IPv4
Floor Layer 2 switch

IPv6
Edge Layer 2 switch

Core Layer 3 switch

Floor Layer 2 switch

Edge Layer 2 switch
Gradual shift to IPv6

26 | Healthcare Network Solution

Network Configuration Example

Based on the points noted previously, listed below are some examples of network configuration by hospital scale.
Sample Requirements in Network Composition
Configuration 1 Hospitals with fewer than 100 beds Functions to be used Configuration 2 Hospitals with more than 100 and fewer than 200 beds Configuration 3 Hospitals with more than 200 beds (i) Configuration 4 Hospitals with more than 200 beds (ii)

I Layer 3 routing I Network monitoring (SNMP)

I I I I

Layer 3 routing VLAN Core switch redundancy Network monitoring (SNMP)

I I I I

I Network monitoring (SNMP)

Layer 3 routing VLAN Core switch redundancy IEEE 802.1x/ MAC authentication

I Layer 3 routing I VLAN I Management module inside the I IEEE 802.1x/ MAC authentication core switch redundancy

I Network monitoring (SNMP)
Y

Regional medical care cooperation Service for patients using network Communication bandwidth (Wired part) Price (LAN device) Key points in selection

n/a

n/a

Y

n/a

n/a

Internet access service for inpatients High-speed (1Gbps)

Internet access service for inpatients High-speed (1Gbps)

High-speed (1Gbps)

High-speed (1Gbps)

Approx. $40,000

Approx. $100,000

Approx. $270,000

Approx. $325,000

In terms of cost, it can back up communications devices without duplicating wiring and devices. By using Gigabit Ethernet for all the wired networks (not including wireless), network stability is secured.

It ensures redundancy of core It ensures network stability and switches and optically duplicates the security at a high level, including backbone. core switch and backbone duplication, providing broadband By using Gigabit Ethernet for all the access and employing network wired networks (not including authentication. wireless), network stability is secured. The firewall supports UTM* functions in order to meet various Internet threats. *UTM: antivirus, anti SPAM, web filtering, attack detection and prevention

It ensures stability and security of network at a high level, including inside the core switch redundancy, providing broadband access, and employing network authentication. The firewall is compatible for UTM* functions in order to meet various Internet threats. *UTM: antivirus, anti SPAM, web filtering, attack detection and prevention

Expandability

Backbone speed can be easily increased by adding modules to core switches. Modules can be compatible for optical fiber.

Internet access service in a hospital ward is possible based on highcapacity communication bandwidth on each floor.

It is easy to expand communication ports by adopting a high-capacity ports-configurable device as a core switch. (A single unit is expandable up to 96 ports.)

It is easy to expand communication ports by adopting a high-capacity ports-configurable device as a core switch. (A single unit is expandable up to 192 ports.)

Healthcare Network Solution | 27

Network configuration for hospitals with fewer than 100 beds
Requirements: I Create a high-speed Gigabit (1Gbps) network (except wireless parts) I Allow network connection from every room in a hospital I Use a Wireless LAN in a hospital ward to allow doctors and nurses to access internal hospital information systems regardless of their location
I

Conditions: Number of departments I Number of beds
I I I I

5 50 50 5 5 (total)

Number of PCs Number of medical inspection devices Servers

Secure, economical efficiency and ease-of-operation

Nurse station

Hospital ward

Nurse station Internet A total of 20 wireless APs

Hospital ward Server room Radiology department Reception and accounting Outpatient department Outpatient department
UTP (1000T) UTP (100TX)

*Desktop switches are not included in this composition

Securing of backup devices

Network configuration for hospitals with fewer than 100 beds

28 | Healthcare Network Solution

Hospitals with fewer than 100 beds
Points for network design I Gigabit network All wired parts in the LAN, from core to desktop switches, are secured by Gigabit bandwidth (1Gbps).
I

I

Inexpensive and secure network In order to save costs, backup devices can substitute for devices duplication. To simplify ease of operation, each floor switch is unified and related to a product of the same series. Additionally, each floor’s switch settings are saved to backup devices to enable fast response and minimized network downtime in the event of a system failure.

Network using Layer 3 switch A network can be logically segmented by each section using Layer 3 switches, such as accounting and reception, medical care, to keep data properly compartmentalized and prevent unnecessary data from other sections affecting specific areas. In addition, by adding VLAN, network configuration can be managed easily and flexibly in case of future growth and/or subdivision of departments within a hospital.

I

Wireless LAN used in a hospital ward In a hospital ward, a 24-hour response is required for patients. Therefore, doctors and nurses need to be able to wirelessly connect to read charts and update patient information. (This configuration uses PoE (Power over Ethernet) enabled switches that allow electrical power to be transferred to wireless access points, and eliminates the need for the power supply construction.)

I

Early detection of failures and recovery work through network monitoring Since each network device supports SNMP, it is possible to remotely check individual device communication and condition using network monitoring software (SwimSuite).This way, even if failure occurs, the fault point and communication levels can be visually confirmed, enabling early detection and quick recovery. In addition, since communications ports can be also monitored, unauthorized connections are easily detected.This means network monitoring functions are used effectively not just for quick recovery, but also for security.

Healthcare Network Solution | 29

Network configuration for hospitals with more than 100 and fewer than 200 beds
Requirements: I Create high-speed Gigabit (1Gbps) network I Allow network connection from every room in a hospital I Use a Wireless LAN in a hospital ward to allow doctors or nurses to access internal hospital information systems regardless of their location
I

Conditions: I Number of departments I Number of beds
I I I

7 150 180 10 8 (total)

Number of PCs Number of medical inspection devices Servers

Minimize network downtime caused by circuit error and device failure

Nurse station

Hospital ward

Internet

Nurse station

A total of 40 wireless APs Server room Pharmacy

Hospital ward

MRI and radiology department Outpatient department Reception and accounting Outpatient department
Optical fiber (1000SX) UTP (1000T) UTP (100TX) Link aggregation

Outpatient department

*Desktop switches are not included in this composition
Network configuration for hospitals with more than 100 and fewer than 200 beds

30 | Healthcare Network Solution

Hospitals with more than 100 and fewer than 200 beds
Points for network design I Gigabit network All wired parts in the LAN, from core to desktop switches, are secured by Gigabit bandwidth (1Gbps).
I

I

Core switch and backbone duplication Uninterrupted network operation inside a hospital can be ensured by using redundant core switches (VCS:Virtual Chassis Stacking), even if an accident occurs in any one of the core switches. With dual cable wiring between core switches and floors, or between core switches and important medical practice points, even if a cable breaks, communication can be ensured with the one remaining cable.This path duplication is important in areas such as medical examination rooms, reception, or accounting where electric chart system shutdown would be catastrophic. Additionally, this configuration is very economical since these two duplicated paths are commonly available at the same time.

Network by using Layer 3 switch A network can be logically segmented by each section using Layer 3 switches, such as accounting and reception, medical care, to keep data properly compartmentalized and prevent unnecessary data from other sections affecting specific areas. In addition, by adding VLAN, network configuration can be managed easily and flexibly in case of future growth and/or subdivision of departments within a hospital.

I

Wireless LAN used in a hospital ward In a hospital ward, a 24-hour response is required for patients. Therefore, doctors and nurses need to be able to wirelessly connect to read charts and update patient information. (This configuration uses PoE (Power over Ethernet) enabled switches that allow electrical power to be transferred to wireless access points, and eliminates the need for the power supply construction.)

I

Early detection of failures and recovery work through network monitoring Since each network device supports SNMP, it is possible to remotely check individual device communication and condition using network monitoring software (SwimSuite).This way, even if failure occurs, the fault point and communication levels can be visually confirmed, enabling early detection and quick recovery. In addition, since communications ports can also be monitored, unauthorized connections are easily detected.This means network monitoring functions are used effectively not just for quick recovery, but also for security.

Healthcare Network Solution | 31

Network configuration for hospitals with more than 200 beds (i)
Requirements: I Create high-speed Gigabit (1Gbps) network I Operate as the core of a hospital in regional healthcare, and share healthcare information with other regional healthcare facilities
I I I

Conditions: Number of departments I Number of beds
I I I I

15 350 450 30 15 (total)

Allow network connection from every room in a hospital Provide Internet connection service to hospital wards or open spaces to patients Authenticate network by using RADIUS server (IEEE 802.1x, MAC authentication)
Nurse station

Number of PCs Number of medical inspection devices Servers

Nurse station

Hospital ward

Hospital ward

A total of 80 wireless APs

Nurse station Hospital ward

Nurse station Hospital ward

Internet Pharmacy

Server room

MRI and radiology department Outpatient department Reception and accounting Outpatient department
Optical fiber (1000SX) UTP (1000T) UTP (100TX) Link aggregation

Outpatient department

*Desktop switches are not included in this composition

Network configuration for hospitals with more than 200 Beds (i)

32 | Healthcare Network Solution

Hospitals with more than 200 beds (i)
Points for network design I Gigabit network All wired parts in the LAN, from core to desktop switches, are secured by Gigabit bandwidth (1Gbps).
I

I

Internet access service for patients Information leaks and virus infections to the internal information system are prevented by preventing patients access to the internal network. Moreover, in view of user privacy, using a multiple VLAN function prevents direct communication among patients.

Network by using Layer 3 switch A network can be logically segmented by each section using Layer 3 switches, such as accounting and reception, medical care, to keep data properly compartmentalized and prevent unnecessary data from other sections affecting specific areas. In addition, by adding VLAN, network configuration can be managed easily and flexibly in case of future growth and/or subdivision of departments within a hospital.

I

Network connection by using an authentication function By the setting of a user ID and a password for access to a network, public (non-hospital staff) access can be blocked. Switches at each floor that support IEEE 802.1x or MAC authentication are used, and PCs or printers are connected to information sockets available in each room. Input of an ID and a password on PCs is required by a switch using the IEEE 802.1x function.Then, after the ID and the password are authenticated by RADIUS server, the switch opens a port to allow connection with the internal hospital information system. As for a device which cannot input an ID and password, such as a printer, the access to the internal network is controlled by MAC authentication.Thus, network security is ensured by preventing unauthorized terminals from accessing the internal network.

I

Wireless LAN used in a hospital ward In a hospital ward, a 24-hour response is required for patients. Therefore, doctors and nurses need to be able to wirelessly connect to read charts and update patient information. (This configuration uses PoE (Power over Ethernet) enabled switches that allow electrical power to be transferred to wireless access points, and eliminates the need for the power supply construction.)

I

Core switch and backbone duplication Uninterrupted network operation inside a hospital can be ensured by using redundant core switches (VCS:Virtual Chassis Stacking), even if an accident occurs in any one of the core switches. With dual cable wiring between core switches and floors, or between core switches and important medical practice points, even if a cable breaks, communication can be ensured with the one remaining cable.This path duplication is important in areas such as medical examination rooms, reception, or accounting where electric chart system shutdown would be catastrophic. Additionally, this configuration is very economical since these two duplicated paths are commonly available at the same time. Furthermore, distinguished from the second configuration using box switches as stated on page 31, modular switches are used in this configuration since numerous ports can be configured in the modular switch—enabling economical operation and network expandability.
Healthcare Network Solution | 33

I

Early detection of failures and recovery work through network monitoring Since each network device supports SNMP, it is possible to remotely check individual device communication and condition using network monitoring software (SwimSuite).This way, even if failure occurs, the fault point and communication levels can be visually confirmed, enabling early detection and quick recovery. In addition, since communications ports can also be monitored, unauthorized connections are easily detected.This means network monitoring functions are used effectively not just for quick recovery, but also for security.

I

Network by using VPN A regional healthcare network must be designed with the expectation of an increase in access points. By using a highperformance firewall, it becomes possible to establish 250 IPSec VPN connection available points.

Network configuration for hospitals with more than 200 Beds (ii)
Requirements: I Create high-speed Gigabit (1Gbps) network I Operate as the core of a hospital in regional healthcare, and share healthcare information with other regional healthcare facilities
I I I

Conditions: Number of departments I Number of beds
I I I I

15 350 450 30 15 (total)

Allow network connection from every room in a hospital Provide Internet connection service to hospital wards or open spaces to patients Authenticate network by using RADIUS server (IEEE 802.1x, MAC authentication)

Number of PCs Number of medical inspection devices Servers

Nurse station

Nurse station

Hospital ward

Hospital ward

A total of 80 wireless APs

Nurse station Hospital ward

Nurse station Hospital ward

Internet Pharmacy

Server room

MRI and radiology department Outpatient department Reception and accounting Outpatient department
Optical fiber (1000SX) UTP (1000T) UTP (100TX) Link aggregation

Outpatient department

*Desktop switches are not included in this composition

Network configuration for hospitals with more than 200 Beds (ii)

34 | Healthcare Network Solution

Hospitals with more than 200 beds (ii)
Points for network design I Gigabit network All wired parts in the LAN, from core to desktop switches, are secured by Gigabit bandwidth (1Gbps).
I

I

Internet access service for patients Information leaks and virus infections to the internal information system are prevented by preventing patients access to the internal network. Moreover, in view of user privacy, using a multiple VLAN function prevents direct communication among patients.

Network by using Layer 3 switch A network can be logically segmented by each section using Layer 3 switches, such as accounting and reception, medical care, to keep data properly compartmentalized and prevent unnecessary data from other sections affecting specific areas. In addition, by adding VLAN, network configuration can be managed easily and flexibly in case of future growth and/or subdivision of departments within a hospital.

I

Network connection by using an authentication function By the setting of a user ID and a password for access to a network, public (non-hospital staff) access can be blocked. Switches at each floor that support IEEE 802.1x or MAC authentication are used, and PCs or printers are connected to information sockets available in each room. Input of an ID and a password on PCs is required by a switch using the IEEE 802.1x function.Then, after the ID and the password are authenticated by RADIUS server, the switch opens a port to allow connection with the internal hospital information system. As for a device which cannot input an ID and password, such as a printer, the access to the internal network is controlled by MAC authentication.Thus, network security is ensured by preventing unauthorized terminals from accessing the internal network.

I

Wireless LAN used in a hospital ward In a hospital ward, a 24-hour response is required for patients. Therefore, doctors and nurses need to be able to wirelessly connect to read charts and update patient information. (This configuration uses PoE (Power over Ethernet) enabled switches that allow electrical power to be transferred to wireless access points, and eliminates the need for the power supply construction.)

I

Early detection of failures and recovery work through network monitoring Since each network device supports SNMP, it is possible to remotely check individual device communication and condition using network monitoring software (SwimSuite).This way, even if failure occurs, the fault point and communication levels can be visually confirmed, enabling early detection and quick recovery. In addition, since communications ports can also be monitored, unauthorized connections are easily detected.This means network monitoring functions are used effectively not just for quick recovery, but also for security.

I

Core switch and backbone duplication By installing two unit functions (modules) into one unit, a core switch can increase its own availability and achieve stronger stability.With inside the unit redundancy, the connection between modules is duplicated to ensure an alternate path.This also allows high-speed switching in circuit resistance time (designed target level: 1 second) using real-time hardware conditions. In addition, all power supplies and fans can be duplicated. As a redundancy between core and floor switches, link aggregation helps to achieve high-speed switching.

I

Network by using VPN A regional healthcare network must be designed with the expectation of an increase in access points. By using a highperformance firewall, it becomes possible to establish 250 IPSec VPN connection available points.
Healthcare Network Solution | 35

USA Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895 European Headquarters | Via Motta 24 | 6830 Chiasso | Switzerland | T: +41 91 69769.00 | F: +41 91 69769.11 Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830

www.alliedtelesis.com
© 2009 Allied Telesis Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. EMEA2092 Rev.A

Similar Documents

Premium Essay

Networking

...Networking in My Life and Career Angel Salvador Maldonado DeVry University Author Note This paper was prepared for CEIS-100 taught by Professor Reinaldo Fernandez. Course Project Week #: 2 Networking in My Life and Career A network is defined as a group of computers that are connected to share information. An NIC is a Network Interface Card. It is the physical component of a computer that allows a computer to connect to a network. Three types of media used for network connections are cable television coaxial, fiber optic cable and wireless connections. There have often been times when I have had to access my home wireless internet network and have not been able too. I start to troubleshoot by disconnecting and re connecting to the wireless network in the Open Network and Sharing Center. If that does not work, I check my wireless router to see if the lights on the router are green indicating that it is working properly. If there is a red or orange light on the router, I unplug the power source of the router and let it reset. This usually resolves the issue. My career goal is to become a Network System Administrator. That being said, I will be dealing with networks on a daily basis. A Network System Administrator is responsible for designing, installing, maintaining and upgrading networks in businesses of different sizes. I still have not taken any networking classes. I do know that by the time I obtain my Associates in Network Systems Administration I will have......

Words: 298 - Pages: 2

Premium Essay

Networking

...headquarters. Until now, its networks have relied entirely on wired connections. The company’s CIO (chief information officer) decided long ago that she would wait until wireless technology “settled down” before investing in it. 1. What can you tell her about the wireless standards that might convince her that now is the time to adopt wireless technology? There are many advantages to wireless networks. Some advantages of a wireless network are convenience, mobility, ease of set up, the cheaper cost in the long run, and with the newest 802.11 standards the throughput could be just as good as or even better than some Ethernet connections without the hustle of all the wires. 2. Also, what can you tell her to convince her that wireless networking could improve the company’s productivity? With the implication of a wireless network it opens up more options for employees such as the ability to use laptops and their smartphones to complete work so it can be completed however they would like. 3. Which employees could make best use of wireless connections and how? The production, order fulfillment, and research departments would probably benefit the most from the wireless connections so that they can work while on the go and easily update any data even when outside the office. 4. In what type of situations would all employees benefit from wireless...

Words: 570 - Pages: 3

Free Essay

Networking

...1. List two advantages of wireless networking. User mobility in the workplace, and cost effective networking media for use in areas that are difficult or too costly to wire. 2. What are the three areas defined for the IEEE 802.11 standard? Physical Layer (PHY): The method of transmitting the data, which may be either RF or infrared (although infrared is rarely used.) Medium Access Control (MAC): The reliability of the data service, access control to the shared wireless medium, protecting the privacy of the transmitted data. MAC management protocols and services: Authentication, association, data delivery, and privacy. 3. What is an ad hoc network? In this network, the wireless clients (stations) communicate directly with each other. 4. What is the purpose of an Extended Service Set? By adding multiple access points to the network, the range of mobility of a wireless client in the LAN is extended. 5. What are the four physical layer technologies being used in 802.11 wireless networking? Direct Sequence Spread Spectrum (DSSS), Frequency Hopping Spread Spectrum (FHSS); Infrared, and Orthogonal Frequency Division Multiplexing (OFDM) 6. Describe the frequency spectrum for the DSSS channels in 802.11b wireless networking. It implements 14 channels (each consuming 22 MHz) over approximately 90 MHz of RF spectrum in the 2.4 GHz ISM (industrial, scientific, and medical) band. 7. Define a pseudorandom sequence as it applies to FHSS. Pseudorandom means the......

Words: 1208 - Pages: 5

Premium Essay

Networking

...I. Computer Dynamics Computer Dynamics is a microcomputer software development company that has a 300-computer network. The company is located in three adjacent five-story buildings in an office park, with about 100 computers in each building. Each building is approximately 90 feet long by 50 feet wide. They are set about 100 feet apart. The current network is poorly design for its current needs and must be completely replaced. Describe the network you would recommend and how it would be configured with the goal of building a new network that will support the company’s needs for the next 3 years with few additional investments. Figure 11.16 provides a list of equipment and costs you can use to build your network. You will need to make some assumptions, so be sure to document your assumptions and explain why you have designed the network in this way. We need 5 switches has 24 ports each in each floor to create the access layer of the network and also we need 100 Cat 5 cables in each floor to connect the computer to the switches. All the switches in the four floors are connected to core layer 3 switch using fiber optic cable to handle this huge number of connection. creating Vlans on each access layer switches to give privileges to each group of users can reduce the process in the core switches. then we can create a link between the core switch and the router. The router have T3 wan interface and connection with ISP pop to provide 44.370 Mbps can be pretty good for 300......

Words: 271 - Pages: 2

Free Essay

Networking

...NT1210 FINAL PROJECT INTRO TO NETWORKING Computer lab design Item | Qty | Description | Price | Item code | Total | HP All-in-One PC | 32 | 18-5110 (G4B05AA#ABA) AMD Dual-Core Processor E1-2500 (1.40GHz) 4GB DDR3 500GB HDD 18.5" Windows 8.1 | $309.99 | Item#: N82E16883280514 | $9,919.68 | Tri-Band Gigabit Wireless Router | 1 | NETGEAR R8000-100NAS Nighthawk X6 AC3200 | $299.99 | Item#: N82E16833122611 | $299.99 | Laser Printer | 2 | Samsung SL-C1860FW/XAA Up to 19 ppm Color Wireless 802.11b/g/n | $224.99 | Item#: N82E16828112551 | $250.00 | 48-Port Fast Ethernet Smart Switch | 1 | NETGEAR ProSAFE FS750T2NA w/ 2 Gigabit Ports 10/100 Mbps | $214.50 | Item#: N82E16833122082 | $214.50 | Pivot-Plug Surge Protector | 3 | BELKIN BP112230-08 8 Feet 12 Outlets 4320 Joules | $33.99 | Item#: N82E16812107131 | $101.97 | Printer/Fax Stand | 1 | Safco 5206BL Under desk, 1-Shelf, 19w x 16d x 13-1/2h, Black | $56.99 | Item#: N82E16848045141 | $56.99 | Wireless Keyboard and Mouse Combo - Black | 32 | Logitech MK520 2.4GHz | $39.95 | Item #: N82E16823126192 | $1278.40 | Black Cat 6 Network Cable | 8 | Link Depot C6M-25-BKB 25 FT | $7.99 | Item #: N82E16812189032 | $63.92 | | | | | Total | 12,185.45 | Labor charge | $22.00 | 5 Technical assemblers | 20 hrs. | | $2,200 | | | | | Total | 14,385.45 | taxes | $.07 | | | | $.07 | | | | | Total | 15,392.432 | Justification for product necessity. In order to turn this classroom into a......

Words: 538 - Pages: 3

Premium Essay

Computer Networking

...Varna Free University “Chernorizec Hrabar” ------------------------------------------------------------------------Institute of Technology Introduction to Computer Networking Prof. Teodora Bakardjieva 1 1.0 Introduction The purpose of the networking guidelines are as follows:  to assist students in understanding the benefits of networking  to help students place in context their current stage of networking development in their school.  to assist students in planning the next stage of network development in their school.  to provide standard networking ‘models’ and best practice to students that will assist students in their network planning. This document includes information under the following main headings:  Introduction to Networking  Advantages of Networking  Types of Networks  Models of networking appropriate to students  NCTE recommendation to students  Some relevant terms. 1.1. Basic of Networking A computer network consists of a collection of computers, printers and other equipment that is connected together so that they can communicate with each other. Fig 1 gives an example of a network in a school comprising of a local area network or LAN connecting computers with each other, the internet, and various servers. 2 File and Print Server CD or Multimedia Servers Access to: Internet content & learning resources, Scoilnet etc Email communication Users computers Cache, Proxy, Filtering,......

Words: 4611 - Pages: 19

Free Essay

Business Networking

...Business networking is a socioeconomic business activity by which groups of like-minded businesspeople recognize, create, or act upon business opportunities. A business network is a type of business social network whose reason for existing is business activity. There are several prominent business networking organizations that create models of business networking activity that, when followed, allow the business person to build new business relationships and generate business opportunities at the same time. A professional network service is an implementation of information technology in support of business networking. Many business people contend business networking is a more cost-effective method of generating new business than advertising or public relations efforts. This is because business networking is a low-cost activity that involves more personal commitment than company money. Country-specific examples of informal networking are guanxi in China, blat in Russia, and Good ol' boy network(US)/Old boy network(UK). In the case of a formal business network, its members may agree to meet weekly or monthly with the purpose of exchanging business leads and referrals with fellow members. To complement this business activity, members often meet outside this circle, on their own time, and build their own one-to-one business relationship with the fellow member. Business networking can be conducted in a local business community, or on a larger scale via the Internet. Business......

Words: 297 - Pages: 2

Free Essay

Wireless Networking

...WIRELESS NETWORKING Introduction A wireless network is any type of computer network that uses wireless data connections for connecting network nodes .Wireless networking is a method by which homes, telecommunications networks and enterprise (business).Installations avoid the costly process of introducing cables into a building, or as a connection between various equipment locations. Wireless telecommunications networks are generally implemented and administered using radio communication. This implementation takes place at the physical level (layer) of the OSI model  network structure. Examples of wireless networks include cell phone networks, Wi-Fi local networks and terrestrial microwave networks. Wireless network made up of There are two kinds of wireless networks: * An ad-hoc, or peer-to-peer wireless network * Access point Ad-hoc or peer-to-peer wireless network It consists of a number of computers each equipped with a wireless networking interface card. Each computer can communicate directly with all of the other wireless enabled computers. They can share files and printers this way, but may not be able to access wired LAN resources, unless one of the computers acts as a bridge to the wired LAN using special software. (This is called "bridging") Each computer with a wireless interface can communicate directly with all of the others. Access point or base station A wireless network can also use an access......

Words: 1355 - Pages: 6

Free Essay

Ip Networking

...Wiring a LAN * * * Task 1: Communicating on a star topology Procedure 1. Disconnect your lab computer from the ITT LAN and plug in your network cable to the ITT lab computer. 2. Connect the other end of your network cable to the hub provided by the instructor. Answer the following questions: a. What is the purpose of the hub? b. What is the topology you are creating? 3. Turn on the hub and verify that a link light is illuminated both on the computer’s network interface card (NIC) and the network hub. If not, check with the instructor. Answer the question: a. What does the link light indicate? 4. On the workstation, open a command prompt by clicking START> RUN and type CMD. 5. Next, type the IPCONFIG/ALL command to determine current TCP/IP settings for clients on a network. Record the following: a. Your computer’s IP address b. Classmate’s IP address connected with your hub 6. Next, use the PING command to verify network connectivity between clients. Type PING XX.XX.XX.XX at the command prompt where XX.XX.XX.XX is the IP address that you recorded in Step 5b. 7. You will receive ICMP replies from your classmate’s computer illustrating that your computers are connected and communicating. If not, you can check with your instructor. 8. Now, unplug your network cable from the hub and repeat Step 6. What was the result? 9. Unplug your cable from the ITT computer. Replace the ITT UTP cable to the ITT......

Words: 401 - Pages: 2

Premium Essay

Social Networking

...Social networking sites are a part of everyday life and they have brought revolutionary changes in communication between people. These sites provide different resources such as email and instant messages in one place. Availability of these resources makes the communication easy and faster. When we look at the social impact of social networking sites, we find that these sites have both positive and negative effects. Because of this fact, it is necessary to analyze both advantage and drawbacks of social networking sites. Undoubtedly, social networking sites are advantageous to young generation. With the help of these sites, people can communicate and express themselves by exchanging messages and comments. Social networking sites help in establishing connection with people, friends and relatives. These sites can be accessed from any part of the globe. Therefore, a person can interact with any person from any place. For example a student can clear his doubts with the help of a teacher. People having different professions can make groups like doctors, lawyers, students, poets, writers, social workers etc. The most common disadvantage of social networking sites is addiction. Often users of these sites get addicted to it. They spend hours using these sites and it harms their performance in other fields. It causes mental health problems and sometimes it harms their body too. Sometimes users provide their personal information to others which is insecure. We can see......

Words: 297 - Pages: 2

Premium Essay

Social Networking

...Social Networking in our daily life Social network is a structured set of organisations between a set of dyadicties. The network provides a bundle of methods to manage the pattern of social enities. Some of the methods used in social entities are related to communication. Facebook, Viber, Skype and WhatsApp are the top communities used around the world. Social network works with the help of social networking service. Social networking service is a platform to build social relation among people who share their interests and activities. There are many types of social services as Facebook, Viber, WhatsApp, Tango, WeChat, Skype and Instagram. They allow you to share your photos, feelings and other activities with your friends, by clicking a few keys on your mobile phone or PC. There are many advantages and disadvantages of social netorking. If we take a look at these communities we see many benefits crawling towards us. The most appealing benefit is that they make the way to communicate with our family and friends much more easier. We can share photos, videos and talk to them. If we even take a closer look, we see many harmful effects coming towards us. The most harm done is that our eye sight gets weak. We waste a lot of time in talking which we have to consume in our schedule to study. The final decision which comes after this whole discussion is that social networking is useful in some ways. It should be used when needed and not to spend extra time on these...

Words: 258 - Pages: 2

Premium Essay

Networking Labs for Unit 6

...Brandon Hellbach Unit 6 Labs Lab 6.1: Wireless Broadcast Domains Exercise 6.1.1 – A Basic Service Set does exactly what its name says; basic wireless service, one and only one AP creates the wireless LAN. Extended Service Set extends the wireless functions of a Basic Service Set. The difference is that in a BBS uses one AP to create one wireless LAN while an ESS uses more than one AP to create one wireless LAN. Exercise 6.1.2 – IEEE 802.11 Standards Standard | Frequency (GHz) | Maximum Transmission Rate (Mbps) | Standard Indoor Transmission Range (m) | Standard Outdoor Transmission Range (m) | 802.11a | 5 | 54 | 40 | 100 | 802.11b | 2.4 | 11 | 70 | 150 | 802.11g | 2.4 | 54 | 38 | 140 | 802.11n | 2.4 or 2.5 | 600 | 75 | | Lab 6.1 Review 1. It uses a beacon like transmission to find other devices on IBSS mode and on the same SSID to connect and share. 2. Infrared has a very short range and cannot penetrate walls and other objects making radio frequency superior. 3. Although WLANs have a lower speed they are more convenient than wired LANs. So the trade-off is speed for convenience of not having wires everywhere which is why WLANs are more common in households. Lab 6.2: Identifying WLANs Exercise 6.2.1 - What information about the wireless networks is available using the utility? The utility provides the name, signal strength, and MAC address of the available wireless networks. What information is given on the wireless networks with the......

Words: 574 - Pages: 3

Premium Essay

Computing Trends - Networking Proposal for Rubha Reidh

...Networking Proposal for Rubha Reidh Name Institution Table of Contents Abstract 3 Introduction 5 Overview of Satellite Link Technology 7 Overview of Fibre Optics Link Technology 9 Choice of Satellite over Fibre Internet Connection 10 Wireless Networking Design 12 Mesh Network Backbone 13 802.11 Access Points 15 Intranet Services 16 Challenges 16 Proposed System Design 17 Phase I: Bed and breakfast building to include the private rooms, common area and lounge 17 Phase II: Extending to cover the lighthouse and associated surrounding area 18 Budget 18 Phase I Deployment 18 Phase II Deployment 19 References 21 Abstract The aim of the Rubha Reidh internet project is to construct a robust computer network to encompass the whole lighthouse area using a high speed and reliable internet connection. This has been determined as mesh networking technology. This network will deliver access to email, Web pages, and internet resources for users in the lighthouse area, using both laptops and desktops, as well as mobile devices with connectivity capability. By leveraging the usage of robust and inexpensive wireless network technology, this plan will substantially decrease expenditures for ensuring internet connectivity for the whole lighthouse area, as well as allow better elasticity in planning and expansion. Rubha Reidh is an automated lighthouse that is located in the Scottish remote western coast. Its remoteness stems from the fact that its nearest neighbour is Melvaig...

Words: 4859 - Pages: 20

Premium Essay

The Influence of Social Networking Website

...What is Social Networking Website? The definition of social networking is “the relationships that exist between network of people” (Walter & Ribiere, 2004). Today, when we talk about social networking, we think of social networking websites like Facebook, MySpace, and Twitter, which are the top three popular social networking sites in the United States (Alexa.com, 2010). These sites are defined as web-based platforms that allow individuals to build their own profiles and reflect social relations. The users of these sites are able to “articulate a list of other users with whom they share a connection, and view and traverse their list of connections and those made by others within the system” (Boyd &Ellison, 2008). Within the system, the users are able to present themselves, articulate their social networks, and establish or maintain connections with others; moreover, these social networking websites can be oriented toward different fields like work-related, romantic relationship related, interest sharing related, or student community (Ellison, Steinfield & Lampe, 2008). Mostly, users participate in these sites for interaction with their friends or meet new people. With these sites, they provide various features such as profiles, comments, private messaging, photo-sharing, and video-sharing capabilities; moreover, with the improving technology, now users are capable of using mobile phones to achieve online interactions. How Popular are Social Networking......

Words: 2114 - Pages: 9

Premium Essay

Role of Social Networking in Marketing Commuication

...Influence and evolution of social networking on marketing communication about viability about sustainability of Social Networking as a marketing communication tool Things which can be included in topic are- 1. What is Social Networking? (in brief) 2. IMC 3. Role of social networking as marketing communication 4. Influence of Sn on Mc 5. Evolution of Sn on Mc 6. Sustainability of Sn as Mc 7. Future scope 8. Conclusion Social Networking A social network is a social structure made up of individuals (or organizations) called "nodes", which are tied (connected) by one or more specific types of interdependency, such as friendship, kinship, common interest, financial exchange, marketing communication etc. [pic] There are many SOCIAL NETWORKING SERVICES as online services platform, or site that focuses on building and reflecting of social networks or social relations among people, who, for example, share interests and/or activities. A social network service consists of a representation of each user (often a profile), his/her social links, and a variety of additional services. Most social network services are web-based and provide means for users to interact over the Internet, such as e-mail and instant messaging. Online community services are sometimes considered as a social network service, though in a broader sense, social network service usually means an......

Words: 4646 - Pages: 19