Contenu connexe
Similaire à Defending Healthcare Networks with NetFlow
Similaire à Defending Healthcare Networks with NetFlow (20)
Plus de Lancope, Inc. (20)
Defending Healthcare Networks with NetFlow
- 1. Defending Health Care Networks
with NetFlow
Jeffrey M. Wells, CCIE, CISSP
Director of Business Development
jwells@lancope.com
© 2013 Lancope, Inc. All rights reserved.
1
- 2. The Healthcare IT Problem Space
• Rapidly changing technology and pressure for adoption.
• Expensive stationary and mobile devices.
• High-risk medical equipment (automated pharmacies, medical
robots, etc.)
• Need to provide guest access for patients and their loved ones.
• Need to provide access for transient professionals – visiting
surgeons, etc.
• Need to provide access that’s open to “any device, anywhere”.
• Need to monitor and differentiate access.
• Enormous, complex and murky regulatory environment.
• Patient care aspect of business enormously magnifies risk.
• For Healthcare IT these all boil down to a problem with visibility.
© 2013 Lancope, Inc. All rights reserved.
2
- 3. Examples
Monitoring medical devices
•
•
•
Where is my crash cart? Who
used it last? Is it in use now?
What devices on the network are
touching my infusion pumps?
Is my automated pharmacy
secured? Are the network access
policies working?
Differentiated access
•
•
•
Bandwidth management
•
•
•
How can I ensure rapid delivery of
radiology images from my PACS
system across the hospital
internetwork?
How do I know the QoS policies
I’ve implemented are working?
Which clinics are utilizing the
network the most effectively?
© 2013 Lancope, Inc. All rights reserved.
Is patient guest access sufficiently
isolated?
Is that patient’s bored, angry
teenage son trying to hack us?
Can I get the visiting neurosurgeon
with his iPad online rapidly so he can
do the job we’re paying him for?
Regulatory environment
•
•
•
How do I track access to regulated
information?
How can I ensure compliance with
HIPAA, ACA, PCI or other regulatory
requirements for critical systems?
How do I deal with an audit in the
most efficient way possible?
3
- 4. The Big Picture
How can I ensure that my IT
operations and underlying
infrastructure positively impact my
patients’ medical outcomes?
© 2013 Lancope, Inc. All rights reserved.
4
- 5. Additionally …
We still have to deal with all the “normal” IT issues common to
all business:
• Network monitoring and management
• Security of assets and data
• Advanced threats – detect and respond
• Antivirus
• Et cetera…
It all boils down to a problem of visibility
© 2013 Lancope, Inc. All rights reserved.
5
- 6. What would be the ideal visibility situation?
Full packet capture or IDS everywhere…?
3560-X
Internet
Shasta
ASR-1000
Lompoc
3925 ISR
WAN
Cat6k
Cat6k
ASA
Chandler
Cat4k
Datacenter
DMZ
Access
UCS with
Nexus
1000v
3850
Stack(s)
© 2013 Lancope, Inc. All rights reserved.
6
- 9. End-to-end visibility via flow telemetry …
… your infrastructure is the source:
3560-X
Internet
Shasta
NetFlow
NetFlow
NetFlow
Lompoc
NetFlow
3925 ISR
WAN
NetFlow
ASR-1000
NetFlow
Cat6k
NetFlow
Cat6k
NetFlow
ASA
Chandler
NetFlow
DMZ
NetFlow
Cat4k
NetFlow
Datacenter
NetFlow
UCS with
Nexus
1000v
NetFlow
Access
NetFlow
NetFlow
NetFlow
3850
Stack(s)
© 2013 Lancope, Inc. All rights reserved.
9
- 11. Typical Use Cases
• Protecting Patient Data
– Enhancing data privacy and security policy enforcement
• Ensuring Regulatory Compliance with industry legislation
– Reduce the risk of data tampering or theft, track user identity and
increase accountability
• Monitoring Data from a range of devices
– Track critical devices on the network including heart pumps, dialysis
machines, drug dispensing machines, etc. View the device, location
and activity to ensure machines are secure and operating within policy
• Securing Hospital Guest Networks
– Maintain a robust BYOD policy to ensure visitors can use the hospital
guest network without accessing confidential data and devices
© 2013 Lancope, Inc. All rights reserved.
11
- 12. Typical Use Cases -
• Rapid reaction to network or security issues
– “Network is slow/down”
– “My app isn’t working”
• Network Bandwidth Management
– Ensure devices on the network are correctly configured
– Track data across the network including large electronic images and
files (X-Rays, MRI scans, etc)
• Enhance Network Infrastructure
– Augment investment in existing hardware (switches and routers) by
capturing flow data for full end-to-end visibility across the network
– Monitor RTP infrastructure: VoIP, video, etc.
– Monitor QoS policies
© 2013 Lancope, Inc. All rights reserved.
12
- 14. How are my critical links being utilized?
© 2013 Lancope, Inc. All rights reserved.
14
- 15. Who talks to my HIPAA hosts?
Legitimate
What’s this??
© 2013 Lancope, Inc. All rights reserved.
15
- 20. Further learning
• Market Brief (Network & Security Challenges in Healthcare)
• http://www.lancope.com/resource-center/market-briefs/networkchallenges-of-healthcare/
• Webinar: Defending HealthCare Networks: 30th October
http://www.lancope.com/company-overview/webinar/defendinghealthcare-networks-with-netflow
• Featured Case Studies/Success stories
• http://www.lancope.com/resource-center/case-studies/stanford/
• http://www.lancope.com/resource-center/case-studies/psbc-case-study/
• CTD Video
• http://www.lancope.com/resource-center/videos/ctd/
© 2013 Lancope, Inc. All rights reserved.
20
- 22. Thank You
Jeffrey M. Wells, CCIE, CISSP
Director of Business Development
jwells@lancope.com
www.lancope.com
@Lancope (company)
@netflowninjas (company blog)
https://www.facebook.com/Lancope
http://www.linkedin.com/groups/NetFlow-Ninjas-2261596/about
https://plus.google.com/u/0/103996520487697388791/posts
http://feeds.feedburner.com/NetflowNinjas
© 2013 Lancope, Inc. All rights reserved.
22