Network Security
Donald37
PFCHNetworksText.docxPatton-Fuller Community Hospital Network Diagrams
Overview
The Patton-Fuller Community Hospital intranet Web site contains seven network diagrams. These are titled:
· Top View
· Logical Network
· Administration Network Details
· Radiology
· RIS Data Center
· OR/ICU/Ward Floor Systems
· IT Data Center
Each of the diagrams is described in detail on the following pages of this document.
Top View Network Diagram
The top view network diagram represents the hospital structure from an Information Technology network perspective. The diagram visually distinguishes between the hospital’s clinical areas and its administrative functions.
The clinical areas are:
· Emergency Rooms and Operating Rooms
· Pharmacy
· Labs
· Radiology
· Doctors personal offices
· Wards
· Outpatient examining rooms
· Intensive Care Units
The administrative functions are:
· Information Technology Department
· Admitting/Discharge
· Facilities
· Human Resources
· Hospital Senior Management
· Finance
The backbone network structure for the entire hospital is 1000 BaseT. Individual sections of departmental networks such as Radiology use different standards such as 1000 BaseF.
The entire hospital has a complete power backup system with automatic cutover to a large diesel motor generator set. Individual departments have local UPS (Uninterruptible Power Supply) as depicted on the individual department network diagrams.
HIPAA (Health Insurance Portability and Accountability Act) is rigorously enforced. All patient data files are encrypted for storage using AES (Advanced Encryption Standard). All access to patient data files requires identification and authentication of each user. In all Radiology modalities the DICOM (Digital Imaging and Communication in Medicine) standard and PACS (Picture Archiving and Communication System) are standard.
Logical Network
The Logical Network diagram provides an overview of the logical network interconnections for the hospital.
At the center of the diagram is a Network Bridge. Two networks are shown as being connected through the bridge. One network contains the administrative functions of the hospital and the other network contains the clinical areas of the hospital.
Administrative Functions Network
The administrative functions network consists of the following nodes:
· Hospital Executive Management
· Human Resources
· Operations
· Facilities
· Finance
· Information Technology and Data Center
The nodes of the administrative functions network are depicted in a bus architecture with the nodes connect to an Ethernet backbone. The backbone is 1000 BaseT and utilizes CAT 6 cable.
Clinical Areas Network
The clinical areas network consists of the following nodes:
· Radiology
· Operating Rooms
· Wards
· Intensive Care Units
· Emergency Room
· Labs
· Pharmacy
The nodes of the administrative functions network are depicted in a bus architecture with the nodes connect to an Ethernet backbone. The backbone is 1000 BaseF and utilizes single mode fiber cable.
Administrative Network Details
The Administrative Network Details diagram depicts three workstations and two printers networked via an Ethernet backbone in a bus architecture. The backbone is 1000 BaseT using CAT 6 cable.
Details of the three types of workstations and the two types of printers are as follows:
Executive Management
All workstations for the executive managers have the following specifications:
· Apple iMAC
· 24 inch monitor
· 2.4 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 500 megabyte hard drive
· Wireless communications card
· 10/100/1000baseT
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP
Senior Management in Human Resources, Operations and Finance
All workstations for senior managers in Human Resources, Operations and Finance have the following specifications:
· Apple iMAC
· 20 inch monitor
· 2 gigahertz processor
· 350 megabyte hard drive
· Wireless communications card
· 10/100/1000BaseT
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP
Data entry in Human Resources, Operations and Finance
The workstations for personnel who are only involved in data entry in Human Resources, Operations or Finance have the following specifications:
· Thin Client computers using Hewlett-Packard Model L1706
Printers
Each major department has two black and white laser printers and one color laser printer.
The black and white networked laser printers are Hewlett-Packard Model 4350.
The color networked laser printers are Hewlett-Packard Model 4200pht.
Radiology
The network diagram for Radiology depicts four workstations and a printer arranged in a bus architecture along an Ethernet backbone. The backbone is 1000 BaseF using single mode fiber.
The nodes provide the specifications for
· Modality viewing stations
· DICOM (Digital Imaging and Communication in Medicine) Digital to film printer
· Emergency Room
· Laboratories
· Pharmacy
The specifications for each node are as follows:
Modality Viewing Stations
Modality viewing stations will be found in MRI (Magnetic Resonance Imaging), CT (Computer Tomography), X-Ray, Mammograms, PET (Positron Emission Tomography), Nuclear Medicine and Sonography. Each modality has its own viewing station with the following specifications:
· Apple Mac Pro
· Two 3 gigahertz quad processors
· 16 gigabytes of RAM (Random Access Memory)
· Four 750 megabyte hard drives in RAID (Redundant Array of Independent Disks)
· Nvidia FX 4500 image card
· Fiber Optic Network card
· Two Apple 30 inch Cinema flat panel displays
· OsiriX imaging software
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP Pro
· One American Power Conversion 2 kilo volt amps Uninterruptible Power Supply
DICOM Digital to film printer
The DICOM Digital to Film printer is a KODAK Model 6800 Dry Laser Printer. There is one printer for each of the modality viewing stations and one more in the Emergency Room.
Emergency Room
The Emergency Room has one workstation for use with the portable X-Ray machine. The specifications for this workstation are:
· MAC PRO
· Two Dual 3 gigahertz processors
· 8 gigabytes of RAM (Random Access Memory)
· Two 750 gigabyte hard drives in RAID (Redundant Array of Independent Disks)
· Fiber card
· Super drive
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP Pro
· OsiriX imaging software
· 30 inch Display
Each Emergency Room bay also has a workstation. The specifications for these workstations are:
· iMAC
· 20 inch display
· 2.0 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 350 gigabyte hard drive
· Superdrive
· Fiber card
· Operating System virtualization with MAC OS X and Windows XP Pro
Laboratories
Workstations in the hospital laboratories have the following specifications:
· Apple iMAC
· 20 inch display
· 2.4 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 500 megabyte hard drive
· Fiber Card
· Super Drive
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP Pro
Each lab has one Hewlett-Packard Model 4700pht color laser printer.
Pharmacy
The pharmacy workstations have the following specifications:
· Apple iMAC
· 20 inch display
· 2.4 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 500 megabyte hard drive
· Fiber card
· Super drive
· Operating System virtualization with MAC OS X and Windows XP Pro
The pharmacy has two Hewlett-Packard Model 4350 black and white laser printers.
RIS (Radiology Information System) Data Center
The RIS Data Center is made up of Apple Cluster Servers, data center workstations and two printers.
Apple Cluster Servers
The Apple Cluster Servers are running Mac OS X (Leopard) Xserve with Remote Desktop. The servers are running PACS (Picture Archiving and Communication System).
The servers are connected via a 4 gigabit fiber link to a 10 terabyte disk storage device.
Back up power for the servers is provided by an InfraStruXure model ISXT280HD8R Uninterruptible Power Supply.
Data Center Workstations
The RIS Data Center workstation specifications are:
· Apple iMAC
· 20 inch display
· 2.4 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 350 megabyte hard drive
· Superdrive
· Fiber card
· Wireless communication card
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP Pro
Printers
The RIS Data Center has two printers.
One Hewlett-Packard Model 4350 black and white laser printer.
One Kodak Model 6800 Dry Laser DICOM to Film printer.
The Apple servers, the data center workstations and the printers are networked using a bus architecture with a 1000 BaseF backbone using single mode fiber.
OR/ICU/Ward Floor Systems
Operating Room Systems
Operating Room systems consist of RIS imaging and OR Workstations.
The OR RIS Imaging specifications are:
· Apple MAC PRO
· Two 3 gigahertz dual processors
· 4 gigabytes of RAM (Random Access Memory)
· 750 megabyte hard drive
· Nvidia 4600 Video Card
· Fiber Card
· Operating System Virtualization with MAC OS X (Leopard) and Windows VP Pro
· OsiriX imaging software
· 30 inch flat panel, wall-mounted display
The OR workstation specifications are:
· Apple iMAC
· 20 inch display
· 2.0 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 350 megabyte hard drive
· Fiber card
· Superdrive
· Wireless communication card
· Operating System virtualization with MAC OS X (Leopard) and Windows XP Pro
Intensive Care Unit – Ward Rooms/Bed Locations
Each ward and each ICU area has at least one Wireless Access Point. The wireless access points are Cisco 1250 Series (5 gigahertz).
Each room has one network connection per bed. The room connections are connected to the network through a 24 port Fiber Optic Hub. Each ward or ICU has a hub.
Nurses Stations
The nurses’ workstation specifications are:
· Apple iMAC
· 20 inch display
· 2.0 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 350 megabyte hard drive
· Fiber Card
· SuperDrive
· Operating System Virtualization with MAC OS X (Leopard) and Windows XP Pro
Each nurses station has one Hewlett-Packard Model 4350 printer.
The OR systems, the wireless access points, the fiber optic hubs and the nurses workstations are networked in a bus architecture using 1000 BaseF backbone with single mode fiber.
IT Data Center
The Information Technology Data Center consists of a Hospital HIS System Computer, a Windows Exchange Server, an Internet Server, data center workstations and a RAS Server.
Hospital HIS System Computer
The hospital HIS system computer is an IBM Series Z9EC mainframe running Linux for its operating system and the IBM DB2 database. The mainframe has 18 processors and 32 gigabytes of RAM (Random Access Memory). The main frame is using AES (Advanced Encryption Standard) security.
The mainframe is connected, via a 4 gigabit fiber link, to a 10 terabyte NAS (Network Attached Storage).
Back up power for the mainframe is provided by an InfraStruXure model ISXT280HD8R Uninterruptible Power Supply.
Windows Exchange Server
The Windows Exchange Server is an IBM System x3250 with XENON Dual Core 2.6 gigahertz processors. The server has 2 gigabytes of RAM (Random Access Memory). Data storage is in RAID (Redundant Array of Independent Disks) (RAID 1). The server is running Microsoft Windows Server 2003 Enterprise.
Internet Server
The hospital’s Internet Server is an IBM System x3250 with XENON Dual Core 2.6 gigahertz processors. The server has 2 gigabytes of RAM (Random Access Memory). Data storage is in RAID (Redundant Array of Independent Disks) (RAID 1). The system is running Linux and Apache. The server is connected to the Internet through a Cisco router, Model 7609 at OC-1 (Optical Carrier classification 1).
Data Center Workstations
The data center workstation specifications are:
· Apple iMAC with 20 inch display
· 2.0 gigahertz processor
· 2 gigabytes of RAM (Random Access Memory)
· 350 megabyte hard drive
· 1000BaseT LAN (Local Area Network)
· SuperDrive
· Operating System virtualization with MAC OS X (Leopard) and Windows XP Pro
RAS Server
The RAS Server (Remote Access Server) is an IBM System x3250 running Linux. The RAS Server is connected to the Internet through a Cisco ASA 5510 VPN router.
The IT Data Center servers and workstations are networked on a bus architecture using 1000 BaseT with CAT 6 cable.
This network diagram shows the IT Data Centers network backbone being connected to the Network Bridge which, in turn, is connected to the 1000 BaseF Fiber network from the hospital’s clinical departments.
