Defending Healthcare Networks with NetFlow
-
Upload
lancope-inc -
Category
Technology
-
view
4.013 -
download
1
description
Transcript of Defending Healthcare Networks with NetFlow
![Page 1: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/1.jpg)
Defending Health Care Networks with NetFlow
Jeffrey M. Wells, CCIE, CISSP
Director of Business Development
© 2013 Lancope, Inc. All rights reserved. 1
![Page 2: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/2.jpg)
• Rapidly changing technology and pressure for adoption.
• Expensive stationary and mobile devices.
• High-risk medical equipment (automated pharmacies, medical robots, etc.)
• Need to provide guest access for patients and their loved ones.
• Need to provide access for transient professionals – visiting surgeons, etc.
• Need to provide access that’s open to “any device, anywhere”.
• Need to monitor and differentiate access.
• Enormous, complex and murky regulatory environment.
• Patient care aspect of business enormously magnifies risk.
• For Healthcare IT these all boil down to a problem with visibility.
The Healthcare IT Problem Space
© 2013 Lancope, Inc. All rights reserved. 2
![Page 3: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/3.jpg)
3
Examples
• Where is my crash cart? Who
used it last? Is it in use now?
• What devices on the network are
touching my infusion pumps?
• Is my automated pharmacy
secured? Are the network access
policies working?
Monitoring medical devices
• How can I ensure rapid delivery of
radiology images from my PACS
system across the hospital
internetwork?
• How do I know the QoS policies
I’ve implemented are working?
• Which clinics are utilizing the
network the most effectively?
Bandwidth management
• How do I track access to regulated
information?
• How can I ensure compliance with
HIPAA, ACA, PCI or other regulatory
requirements for critical systems?
• How do I deal with an audit in the
most efficient way possible?
Regulatory environment
• Is patient guest access sufficiently
isolated?
• Is that patient’s bored, angry
teenage son trying to hack us?
• Can I get the visiting neurosurgeon
with his iPad online rapidly so he can
do the job we’re paying him for?
Differentiated access
© 2013 Lancope, Inc. All rights reserved.
![Page 4: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/4.jpg)
How can I ensure that my IT operations and underlying infrastructure positively impact my patients’ medical outcomes?
The Big Picture
© 2013 Lancope, Inc. All rights reserved. 4
![Page 5: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/5.jpg)
We still have to deal with all the “normal” IT issues common to all business:
• Network monitoring and management
• Security of assets and data
• Advanced threats – detect and respond
• Antivirus
• Et cetera…
Additionally …
It all boils down to a problem of visibility
© 2013 Lancope, Inc. All rights reserved. 5
![Page 6: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/6.jpg)
What would be the ideal visibility situation?
Full packet capture or IDS everywhere…?
6
InternetShasta
Lompoc
Chandler
ASR-1000
Cat6k
UCS withNexus 1000v
ASACat6k
3925 ISR
3560-X
3850Stack(s)
Cat4kDatacenter
WAN
DMZ
Access
© 2013 Lancope, Inc. All rights reserved. 6
![Page 7: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/7.jpg)
Traditional Monitoring
7© 2013 Lancope, Inc. All rights reserved.
![Page 8: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/8.jpg)
Introducing NetFlow Technology
telephone bill
NetFlow
© 2013 Lancope, Inc. All rights reserved. 8
![Page 9: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/9.jpg)
End-to-end visibility via flow telemetry …
… your infrastructure is the source:
9
InternetShasta
Lompoc
Chandler
ASR-1000
Cat6k
UCS withNexus 1000v
ASACat6k
3925 ISR
3560-X
3850Stack(s)
Cat4kDatacenter
WAN
DMZ
Access
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlowNetFlow
© 2013 Lancope, Inc. All rights reserved. 9
![Page 10: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/10.jpg)
StealthWatchManagement
Console
StealthWatchFlowReplicator
StealthWatchFlowCollector
NetFlow,syslog, SNMP
NetFlow enabled routers, switches,
firewalls
StealthWatchFlowSensor
vSphere with StealthWatch
FlowSensor VE
User and Device Information
ID1100
© 2013 Lancope, Inc. All rights reserved. 10
![Page 11: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/11.jpg)
• Protecting Patient Data– Enhancing data privacy and security policy enforcement
• Ensuring Regulatory Compliance with industry legislation– Reduce the risk of data tampering or theft, track user identity and
increase accountability
• Monitoring Data from a range of devices– Track critical devices on the network including heart pumps, dialysis
machines, drug dispensing machines, etc. View the device, location and activity to ensure machines are secure and operating within policy
• Securing Hospital Guest Networks– Maintain a robust BYOD policy to ensure visitors can use the hospital
guest network without accessing confidential data and devices
Typical Use Cases
© 2013 Lancope, Inc. All rights reserved. 11
![Page 12: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/12.jpg)
• Rapid reaction to network or security issues– “Network is slow/down”
– “My app isn’t working”
• Network Bandwidth Management– Ensure devices on the network are correctly configured
– Track data across the network including large electronic images and files (X-Rays, MRI scans, etc)
• Enhance Network Infrastructure– Augment investment in existing hardware (switches and routers) by
capturing flow data for full end-to-end visibility across the network
– Monitor RTP infrastructure: VoIP, video, etc.
– Monitor QoS policies
Typical Use Cases -
© 2013 Lancope, Inc. All rights reserved. 12
![Page 13: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/13.jpg)
Use case examples
© 2013 Lancope, Inc. All rights reserved. 13
![Page 14: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/14.jpg)
How are my critical links being utilized?
© 2013 Lancope, Inc. All rights reserved. 14
![Page 15: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/15.jpg)
Who talks to my HIPAA hosts?
Legitimate
What’s this??
© 2013 Lancope, Inc. All rights reserved. 15
![Page 16: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/16.jpg)
Monitor complex relationships
© 2013 Lancope, Inc. All rights reserved. 16
![Page 17: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/17.jpg)
Monitor wireless guests
© 2013 Lancope, Inc. All rights reserved. 117
![Page 18: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/18.jpg)
Monitor critical servers or devices
© 2013 Lancope, Inc. All rights reserved. 18
![Page 19: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/19.jpg)
Identity integration
From any report, instantly answer the question of “who”…
© 2013 Lancope, Inc. All rights reserved. 19
![Page 20: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/20.jpg)
• Market Brief (Network & Security Challenges in Healthcare)
• http://www.lancope.com/resource-center/market-briefs/network-challenges-of-healthcare/
• Webinar: Defending HealthCare Networks: 30th Octoberhttp://www.lancope.com/company-overview/webinar/defending-healthcare-networks-with-netflow
• Featured Case Studies/Success stories
• http://www.lancope.com/resource-center/case-studies/stanford/
• http://www.lancope.com/resource-center/case-studies/psbc-case-study/
• CTD Video
• http://www.lancope.com/resource-center/videos/ctd/
Further learning
© 2013 Lancope, Inc. All rights reserved. 20
![Page 21: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/21.jpg)
Q&A
© 2013 Lancope, Inc. All rights reserved. 21
![Page 22: Defending Healthcare Networks with NetFlow](https://reader033.fdocuments.in/reader033/viewer/2022051816/545c37b7af7959be098b46d9/html5/thumbnails/22.jpg)
Thank YouJeffrey M. Wells, CCIE, CISSP
Director of Business Development
www.lancope.com@Lancope (company)@netflowninjas (company blog)
https://www.facebook.com/Lancope
http://www.linkedin.com/groups/NetFlow-Ninjas-2261596/about
https://plus.google.com/u/0/103996520487697388791/posts
http://feeds.feedburner.com/NetflowNinjas
© 2013 Lancope, Inc. All rights reserved. 22