Created on 18.6.2007
Poole Hospital NHS Trust have chosen Khipu Network’s Healthcare NAC Director solution to provide secure dynamic Role Based Access to their wired and wireless networks, coupled with Infoblox, the high availability DNS / DHCP appliance based solution.
Poole Hospital NHS Trust had approached a number of suppliers to assist them in acquiring a solution that would enable the Hospital to implement access control for their new network but were unable to find a technology that would provide role based access for each of their various 5000 client devices.
Following the selection of their new network vendor ‘Extreme Networks’, they found that they could not complete the deployment of the new switches without a more intelligent approach to device and user management. Additionally, the Hospital realised that the network availability was limited by Microsoft Windows Server based domain controllers that served network services such as IP addressing and domain name resolution.
The Hospital established that the availability required for running a 24x7 healthcare network could not be provided using basic Windows server services. There were insufficient high availability features provided within server based solutions for network services to manage addressing across the NHS Trust. Outages would mean that there was a risk of patient care being affected.
The Infoblox DNSone appliance platform was chosen by Poole Hospital to provide high availability of network services. This meant that connection to their new network would not be affected by server outages and they would be able to co-locate their network services across two data-centres, giving them the confidence that their network would still operate in the event of one data-centre being offline. Poole Hospital also wanted to structure their new network to a maximum of 250 devices per segment so that there was better management, performance and security. For directory services, they had chosen Microsoft’s Active Directory (AD).
The Network Manager at Poole Hospital made the decision to increase availability using the Infoblox appliances:
“Khipu Networks had experience in implementing High Availability network services for NHS sites and were able to offer the solution at a cost point that we could achieve. The benefits of the appliance platform were clear to us; we could no longer afford to run DNS and DHCP from our domain controllers and the Infoblox appliances provided the services we needed and increased availability to 99.999%”
Poole Hospital’s Network Team found that a RADIUS solution worked for client devices that could authenticate on AD and RADIUS using certificated access control to determine the correct role or segment on their network. The problem they faced was typical in the hospital and other Healthcare environments; Bob Down, IT Manager at Poole Hospital had approached a number of suppliers but not one came back with a tried and tested solution that would suit a multi-vendor network that didn’t add risk in deployment and continuous operation:
“My problem is that we have many devices which will not support AD and/or certificated devices. For this, we need a solution which will provide multiple VLAN selection depending on the device, irrespective of where it is physically connected to the network.”
Bob told Khipu Networks that he was looking for a solution that could determine a role based on a type of device or user. There were some key criteria for the Hospital network but most importantly, the solution needed to be out-of-band as in-line solutions would reduce the availability and scalability of the network.
Khipu Networks suggested the use of NAC Director from Bradford Networks, a Network Access Control solution which can communicate with any network switch or wireless controller to provide access control based on many different factors, whether location, device or user specific. Poole Hospital needed to provide different access controls for approved third-party visitors, Poole Hospital staff and other NHS Staff whilst restricting access for unauthorised staff. Bob added:
“NAC Director from Khipu Networks was an easy choice for us to make, we felt confident it would work on our wired and wireless (Aruba) networks, even though they are from different vendors, giving the users role-based access and the IT department a consistent administration interface allowing us to manage devices just as we needed!”
Poole Hospital are the first NHS site to implement NAC Director for role-based access, clearly leading the healthcare sector with an innovative approach to providing resilient patient care focussed secure networking.
About Poole Hospital NHS Trust
Poole Hospital NHS Trust is an acute general hospital with 780 beds. The hospital mainly serves the 272,000 people living in Poole, East Dorset and Purbeck. It is the major trauma centre for East Dorset and provides a broad range of district hospital care and a number of core services - ear, nose & throat, child health and maternity –for a wider catchment area, including Bournemouth and Christchurch. The hospital also provides specialist services, such as provides oral surgery and neurological care, for the whole of Dorset and is the Cancer Centre for Dorset.
Last year they treated 46,815 inpatients, 17,597 day cases, 172,710 out patients and 56,557 people attended accident and emergency. At least 85 per cent of admissions are unplanned emergency cases. As the major trauma centre for East Dorset, the hospital provides services for all medical, elderly, surgical and child health emergency admissions.
Poole Hospital is applying to become an NHS Foundation Trust later this year.
About Khipu Networks Limited
Khipu Networks are a UK based advanced systems integrator, focusing on supplying innovative secure compliant infrastructure solutions across the public and private sector. The company is a leading adopter of new and best in breed technology, expert technical staff ensure that customers get the solutions they need, when they want them and how they need them. The ethos is to ensure that the customer has the edge on the security and compliance of their network and not the attacker. Hampshire based Khipu Networks Ltd are the security division of the White Clarke Group of companies
For further information, please contact Khipu:
- T: 01252 773184
- Register Your Interest and one of our commercial consultants will contact you. Click Here
