Page 1 ” Challenge Zithaklinik Relies Heavily On It Architecture

Transcript

Hospital revises security to focus on consolidation and software defined data center roadmaps Thanks to Trend Micro Deep Security and Smart Protection network, Zitha could gain a huge improvement in securing and managing mobile nurse stations. ” -S  teve Cloos, Head of the IT Department ZithaKlinik / Luxembourg ” EXECUTIVE SUMMARY CHALLENGE Customer Name: ZithaKlinik ZithaKlinik relies heavily on IT architecture. The infrastructure and the application for “Electronic Patient Record” (EPR) are the most important assets for ZithaKlinik. It is crucial that all systems required for doctors and nurses in order to work with the Electronic Patient Record, are constantly up and running. This includes not only the core system call ORBIS from AGFA Healthcare but also all secondary systems related to ORBIS, like the considerable Citrix Farm providing the client part of the application. The entire infrastructure relies heavily on virtualization. The IT department runs today 140 back-end servers virtualized on vSphere and 80 provisioning servers virtualized on XenServer. The only remaining non-virtualized systems are 2 which are in direct relation to the Electronic Patient Record and some servers related to IP telephony. Industry: Healthcare Location: Luxembourg BUSINESS NEEDS: • Running critical healthcare service in Luxembourg • Serving 100 medical professionals • Service provider model • Guaranteed secure accessibility of Electronic Patient Record system to doctors and nurses • Centralized management Page 1 of 4 • CASE STUDY • HEALTHCARE The back-end infrastructure is based on VMware. For the front-end part ZithaKlinik works with Windows based ThinClients and classical PCs. The desktop deployment is today a mix of classical unattended installation for physical devices and a Citrix Provisioning Server based XenApp approach. End-users consume application services via multiple devices. To deliver the EPG to all doctors and nurses an impressive XenAPP farm with 80 servers is required. The application is mainly consumed on HP Windows based Thin Clients. Mobile is a clear trend. Users like nurses or external doctors are not educated in IT and mostly patient care centered. All these facts represent a huge management challenge for ZithaKlinik. SECURITY IS KEY SOLUTION: Security plays a very important role for ZithaKlinik. As their data center concept is based on virtualization, it was obvious that the security layer had to move into the hypervisor layer. The overall security strategy is based on risk minimization to ZithaKlinik’s reputation as it evolved its IT model and infrastructure architecture to leverage advanced technologies. Data in the Healthcare Sector is personal and highly security sensitive. It was crucial to avoid vulnerabilities associated with the move to the virtualization and terminal-based desktops. Further it was obvious that performance is a challenge in providing terminalbased desktops and back-end applications based on SLAs. The customers of ZithaKlinik are inter alia the external doctors. Getting close to the business and serving the needs of the doctors is positively recognized. • Virtualization strategy / software defined data center “The focus of the IT on the business requirements of the ZithaKlinik proves that the IT is changing from service provider to business partner through optimal support of the clinical processes.” says Dr. Philippe Turk, Director. Performance is one of the most important criteria for end user satisfaction in a hospital. Keeping virtual desktops and servers performing optimally, without being overtaxed by security scans and updates is one important aspect. Central management is therefore another requirement. Finally ZithaKlinik had to be sure that the benefits of virtualization are not overshadowed by increased vulnerability to security breaches. BENEFITS: Trend Micro Deep Security leverages the threat intelligence of the Trend Micro Smart Protection Network infrastructure. This future generation innovation combines sophisticated cloud-based reputation technology and the expertise of TrendLabs researchers to deliver real-time protection from emerging threats. The integrated solution for physical and virtual systems addresses seven PCI regulations and offers more than 20 control capabilities, with highlights that include: • Firewall, intrusion detection and prevention (IDS/IPS), file integrity monitoring, log inspection, web application protection and antivirus protection in one integrated solution • Recommendation scan feature for automated configuration • A compact 5 MB footprint After carefully evaluating Trend Micro Deep Security in a lab test it became one of the major pillars of the Zitha IT architecture. While during the next month moving over from terminal service based desktop mainly to virtual desktops, Deep Security established already the base for the security for VDI. Everything is ready today. That Zitha already uses Deep Security today not only in the virtual environment but also on physical devices, shows the trust of Zitha in the added value of the Deep Security solution. End devices in the healthcare sector are often very special. Zitha maintains a pool of 40 wireless, mobile nurse stations from Ergotron. These stations are PC based medical equipment mounted on sliding tables. They are used by the medical staff for the handling of data at the point of care. To keep them updated with the latest security patterns was difficult in the past. “Thanks to Trend Micro Deep Security and Smart Protection network, Zitha could gain a huge improvement in securing and managing mobile nurse stations”, Steve Cloos, head of the IT department at ZithaKlinik. For specific use cases like USB scanning, some dedicated Trend Micro OfficeScan Desktops are provided by the IT department for the end user. A direct use of USB memory sticks is prevented by internal policies. Trend Micro’s roadmap in consolidating their products and the fact that they offer one single cost effective security solution, was another main argument to select Trend Micro. Page 2 of 4 • CASE STUDY • HEALTHCARE • Citrix Frontend – VMware backend • Trend Micro Enterprise Security Solution for endpoint protection and Deep Security to take advantage of multiple capabilities to protect virtualized servers and desktops in the data center • Physical desktops are protected with the same solution • Secure SLA based service provider approach towards the doctors • Support of virtual and physical endpoints • Smooth security roadmap that extends protection into the “software defined data center”-strategy • Trend Micro Smart Protection Network guaranties an always up-to-date security Trend Micro Products • Trend Micro Deep Security http://www.trendmicro.nl/producten/deepsecurity/ • Trend Micro Smart Protection Network http://www.trendmicro.nl/technologie-innovatie/onze-tech/smart-protection-network/ PARTNER ADDED VALUE DEPLOYMENT ENVIRONMENT: The Integrator Tecsys IT-HAUS is a long-term trusted advisor at ZithaKlinik. Working with them for a year, especially in IT/Business alignment and IT process implementation, tecsys IT-HAUS has a strong awareness of the business angle of the IT in ZithaKlinik. The IT staff of Zitha organizes all production operations themselves. tecsys IT-HAUS supported especially in the design and implementation of the virtualization and security architecture. This support did enable Zitha to take the right decisions regarding their future in the world of software defined data centers while tremendously shorten down time to market and implementation cost. Sites: 2 FUTURE INVESTIGATIONS As a hospital includes many medical devices that are based on classical PC hardware but not operated or owned by IT, Smart Protection Network could be enhanced in the future with intelligent threat management. Further mobile devices become more and more a challenge for IT. BYOD is a hospital reality since years. These devices are often owned by the doctors and therefore not managed by IT at all. On that level Zitha is also investigating together with Trend Micro how to enhance the security on mobile devices. Virtual desktops: 50 Physical Desktops including Thin Clients: 450 Notebooks: 100 Physical backend servers: 16 Physical frontend/desktop servers: 6 Storage infrastructure: HP P4500 9 node multisite cluster with full replication Backend network connectivity: Cisco - up to 40 GB between data centers Backend infrastructure: HP servers, Citrix frontend, VMware backend, Trend Micro Deep Security, HP Thin Clients and Workstations Company Profile: The ZithaKlinik is a leading hospital situated in the capital of Luxembourg. It provides high quality medical and nursing care to the country’s population. Founded in 1924, it offers modern facilities and business services to about 100 medical professionals as they perform their specialist duties across five sites. The clinic has 256 beds, conducts over 8,000 operations annually, hospitalizes over 9,000 patients annually and employs 800 personnel. Page 3 of 4 • CASE STUDY • HEALTHCARE Securing Your Journey to the Cloud ©2012 by Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo, OfficeScan, and Trend Micro Control Manager are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their owners. Information contained in this document is subject to change without notice. [CS01_Template_120402] Page4 of 4 • CASE STUDY • HEALTHCARE