®

Tap Technology Enables Healthcare’s Digital Future
White Paper

Executive Overview
A revolution is taking place in the practice and business of
healthcare. Digital information technology is enabling instant
access to patient records and imaging data; collaboration between
local doctors and remote specialists; mobile voice and data
connectivity; and more convenient billing and payments. The
EHQH¿WVRIGHSOR\LQJWKHVHQHZWHFKQRORJLHVDUHPRUHHI¿FLHQW
operations, lower costs, and, ultimately, improved quality of care
and better medical outcomes.

A critical enabler of digital healthcare initiatives is a network that
connects systems and people so quickly, securely, and reliably that it is invisible to users; it just works.
Underneath the hood, systems and professionals constantly monitor and tune the network, dealing with
issues before they impact users. For these monitoring systems and professionals to succeed in this
PLVVLRQWKH\QHHGYLVLELOLW\RIDOORIWKHQHWZRUNWUDI¿FDOORIWKHWLPH7KLVSDSHUH[DPLQHVKRZ7DS
WHFKQRORJ\SURYLGHVWKLVNH\FDSDELOLW\RIWUDI¿FYLVLELOLW\WRHQDEOHKHDOWKFDUH¶VGLJLWDOIXWXUH
Introduction
Healthcare reform legislation is in the headlines, and more than
US$30 billion in the American Recovery and Reinvestment Act
of 2009 (ARRA, also known as the economic stimulus plan) is
allocated for Health Information Technology (HIT) investments.
This activity has focused attention on information and
communications technology (ICT) as a means to drive down
healthcare costs and increase the quality of patient care. Much
of the ARRA money is in the form of incentives to encourage
adoption of electronic health records, but ICT offers many more
opportunities for modernization within the healthcare industry.
$IHZRIWKHEHQH¿WV,&7FDQEULQJWRKHDOWKFDUHRUJDQL]DWLRQV
include:
‡ %HWWHUVKDULQJRIGLDJQRVWLFGDWDZLWKSLFWXUHDUFKLYLQJDQGFRPPXQLFDWLRQVV\VWHPV3$&6WR
store and access data-rich images generated by computed tomography (CT or CAT scans),
magnetic resonance imagery (MRI), and other methods
‡ ,PSURYHGFRPPXQLFDWLRQFROODERUDWLRQDQGPRELOLW\IRUFDUHJLYHUVE\OHYHUDJLQJ,3WHOHSKRQ\
technology
‡ 3UHYHQWLRQRIPHGLFDOHUURUVVXFKDVDGPLQLVWHULQJWKHZURQJPHGLFLQHE\PDNLQJDFFXUDWH
information available at the point of care using wireless, handheld devices
‡ $KLJKHUOHYHORIPHGLFDOWHDPFROODERUDWLRQDQGUHPRWHFDUHGHOLYHU\HQDEOHGE\
videoconferencing, telepresence, and telemedicine
‡ (QHUJ\VDYLQJVDQGFRPSOLDQFHZLWKHQYLURQPHQWDOUHJXODWLRQVWKURXJKLPSURYHGPDQDJHPHQWRI
KHDWLQJYHQWLODWLRQDLUFRQGLWLRQLQJDQGOLJKWLQJV\VWHPVLQKRVSLWDOVFOLQLFVDQGPHGLFDORI¿FH
buildings
®
Tap Technology Enables Healthcare’s Digital Future
White Paper

‡ %HWWHUSK\VLFDOVHFXULW\DQGDFFHVVFRQWUROLQKRVSLWDOVDQGPHGLFDOEXLOGLQJVXVLQJHOHFWURQLF
authentication and surveillance systems
‡ &DSLWDODQGRSHUDWLQJH[SHQVHVDYLQJVE\WDJJLQJDQGWUDFNLQJHTXLSPHQWHOHFWURQLFDOO\
‡ (I¿FLHQF\DQGFRVWVDYLQJVIURPFHQWUDOL]LQJDQGFRQVROLGDWLQJVHUYLFHVVXFKDVVHFXULW\DQG
building management

HIT’s foundation
The common foundation of all of these HIT initiatives is a secure, reliable, high performance network to
carry all of the electronic data and audio/video communications. In fact, the trend is to converge as many
RIWKHVHVHUYLFHVDVSRVVLEOH±DQGSUHIHUDEO\DOORIWKHP±RQWRDVLQJOH,3QHWZRUNIRUPD[LPXPHI¿FLHQF\
and integration. To meet this challenge, the network must possess these key attributes:

‡ High performance, to provide quick response times and handle a wide variety of protocols and
data types
‡ Secure,WRSURWHFWFRQ¿GHQWLDOSDWLHQWGDWDDQGWRFRPSO\ZLWKWKH+HDOWK,QVXUDQFH3RUWDELOLW\
DQG$FFRXQWDELOLW\$FW+,3$$DQG3D\PHQW&DUG,QGXVWU\3&,UHTXLUHPHQWVV
‡ Reliable, so services are always available
‡ Interoperable (standards based), to integrate many different types of systems
‡ 6FDODEOH to grow with the organization
7RGD\¶V,3QHWZRUNWHFKQRORJ\PHHWVDOORIWKHVHUHTXLUHPHQWVDQGPDQ\YHQGRUVLQFOXGLQJ,%0+3DQG
&LVFRDUHGHOLYHULQJ+,7VROXWLRQVEDVHGRQFRQYHUJHG,3QHWZRUNV

Keeping your network healthy
:LWKVHUYLFHVGHSHQGLQJPRUHDQGPRUHKHDYLO\RQWKHQHWZRUNLWLVFULWLFDOWRDKHDOWKFDUHRUJDQL]DWLRQ¶V
VXFFHVVWRFRQVWDQWO\PRQLWRUWKHKHDOWKRIWKHQHWZRUNPXFKOLNHDSDWLHQW¶VKHDOWKLVPRQLWRUHG0RVW
networking equipment such as enterprise-class switches and routers have monitoring facilities integrated
within their software, but sometimes it is necessary to apply specialized monitoring tools such as protocol
analyzers, intrusion detection systems, and forensic recorders. These tools need to be able to listen to
WKHQHWZRUNWUDI¿FZLWKRXWGLVWXUELQJLWLQDQ\ZD\DQGIRUWKDWMREWKH\QHHG7UDI¿F$FFHVV3RUWVRU7DSV
/LNHDGRFWRUXVHVDVWHWKRVFRSHWROLVWHQWRDSDWLHQW¶VKHDUWEHDWD7DSHQDEOHVDPRQLWRULQJWRROWR
listen to the data passing through a network link.

Tap technology includes a variety of Tap types with different capabilities that make it possible for
PRQLWRULQJWRROVWRVHHDOORIWKHWUDI¿FDQ\ZKHUHDQGDWDQ\WLPHRQDPHGLFDORUJDQL]DWLRQ¶VQHWZRUN
The main categories of Taps are:

‡ Network Taps, which connect one monitoring tool to
RQH¿EHURUFRSSHUQHWZRUNOLQNHQDEOLQJ
WKHWRROWROLVWHQWRDOORIWKHWUDI¿FRQWKHOLQN±
ZLWKRXWDQ\LPSDFWRQWKHWUDI¿FDQGZLWKRXW
introducing a potential point of failure
‡ Regeneration Taps, which connect several
monitoring tools to a single network link,
enabling network managers, security specialists, and
FRPSOLDQFHRI¿FHUVWRDFFHVVWKHVDPH
WUDI¿FVLPXOWDQHRXVO\ZLWKRXWFRQÀLFWV
®
Tap Technology Enables Healthcare’s Digital Future
White Paper

‡ Aggregation Taps,ZKLFKFRPELQHWKHWUDI¿FSDVVLQJ
through as many as 10 network links or
switch Span ports and send all of the data to one or
more tools, enabling fewer tools to monitor
larger sections of the network
‡ Data Monitoring Switches, which are high port
density devices that incorporate tapping,
regeneration, and aggregation functions; they also do
VZLWFKLQJDQG¿OWHULQJWRGLUHFWRQO\
WUDI¿FRILQWHUHVWWRVSHFL¿FWRROVLQFUHDVLQJWKH
HI¿FLHQF\RIWKHWRROV'DWD0RQLWRULQJ6ZLWFKHV
are ideal for sharing a pool of tools across an entire
network
‡ Bypass Switches, which are fail-safe access ports for
in-line devices such as intrusion
SUHYHQWLRQV\VWHPV,36V¿UHZDOOVDQG:HE
DSSOLFDWLRQ¿UHZDOOVWKH\NHHSWKHQHWZRUNWUDI¿F
ÀRZLQJ ZKHQWKHLQOLQHGHYLFHIDLOVRULVUHPRYHGIRU
maintenance or upgrade
Some typical use cases of the various types of Taps in healthcare environments are presented in the
following sections.
Use cases
Information at the bedside
A hospital is deploying wireless handheld devices so doctors and nurses can access digital health
UHFRUGVDQGSUHVFULSWLRQLQIRUPDWLRQDWWKHSDWLHQW¶VEHGVLGH7KHQHWZRUNDGPLQLVWUDWRUGHSOR\VQHWZRUN
Taps at each wireless access point so that if issues arise with wireless connectivity, a protocol analyzer
FDQEHDWWDFKHGWRH[DPLQHZLUHOHVVWUDI¿FLPPHGLDWHO\ZLWKRXWZDLWLQJIRUDPDLQWHQDQFHZLQGRZRU
UHFRQ¿JXULQJVZLWFKHVWRDFFHVVWUDI¿FWKURXJK6SDQSRUWV7KHWLPHVDYHGE\KDYLQJWKH7DSVUHDG\DQG
waiting at the access points can increase the quality of patient care and even save lives.
Performance, security, and compliance without competition
To keep their network-based health and business applications running smoothly, a healthcare
organization employs a network administrator to maintain and tune the system; a security specialist
RMON Analyzer Forensic IDS
Regeneration Tap Implementation
Switch Switch Firewall
The passive Regeneration Tap
provides a permanent, in-line
access port to monitor
all full-duplex trafc without
data stream interference.
The network signal is regenerated
so that multiple monitoring devices
can have real-time, simultaneous
monitoring access to all trafc.
The network signal is regenerated
so that multiple monitoring devices
can have real-time, simultaneous
monitoring access to all trafc.
Regeneration Tap
1
2
3
®
Tap Technology Enables Healthcare’s Digital Future
White Paper

WRSUHYHQWVSDPPDOZDUHDQGDWWDFNHUVIURPHQWHULQJWKHQHWZRUNDQGDFRPSOLDQFHRI¿FHUWR
HQVXUHWKDW+,33$DQG3&,UHTXLUHPHQWVDUHPHW7KHDGPLQLVWUDWRUKDGLQVWDOOHG7DSVRQFULWLFDO
QHWZRUNOLQNVWRSURYLGHSHUFHQWYLVLELOLW\RIWKHWUDI¿FEXWVFKHGXOLQJXVHRIWKH7DSVEHWZHHQWKH
DGPLQLVWUDWRU¶VRZQQHHGVDQGWKRVHRIWKHVHFXULW\VSHFLDOLVWDQGFRPSOLDQFHRI¿FHUZDVDSUREOHP
– often someone could not get use of the Tap when it was necessary. The solution was to replace the
Taps with Regeneration TapsWKDWSURYLGHVLPXOWDQHRXVDFFHVVWRWKHVDPHWUDI¿FWKURXJKIRXUSRUWV
(DFKRIWKHWKUHHSURIHVVLRQDOVZDVJLYHQRZQHUVKLSRIRQHSRUWRQHDFK5HJHQHUDWLRQ7DSVRWKH\DOO
KDGFRQWLQXRXVDFFHVVWRDOORIWKHWUDI¿FDWDQ\WLPH7KH\DOVRIRXQGWKDWWKH\FRXOGDWWDFKDIRUHQVLF
UHFRUGHUWRWKHIRXUWKSRUWZKHQLWZDVQHFHVVDU\WRFDSWXUHDOORIWKHWUDI¿FIRUDQH[WHQGHGSHULRGRI
WLPHWRLQYHVWLJDWHDVHFXULW\EUHHFKRUGDWDOHDNDJHSUREOHPDQGWKHSUHVHQFHRIWKHH[WUDWRROGLGQRW
OLPLWWKHLUQRUPDOWUDI¿FDFFHVV
Health insurer balances the demand
A health insurer achieved huge cost savings by implementing a customer self-help application on the
Internet. Customers could connect through a Web browser to check claims status, pay bills, and receive
quotes, all without human intervention – and without the costs of having humans answer the phone.
The Web site is so popular that a farm of eight Web servers is needed to service all of the requests in a
timely manner, and a load balancer distributes incoming requests to the different servers. They use an
Aggregation TapWRFRPELQHWKHWUDI¿FJRLQJWRHDFKRIWKHHLJKWVHUYHUVDQGVHQGLWDVDVLQJOHVWUHDP
WRD:HEDSSOLFDWLRQPRQLWRULQJV\VWHPWKDWYHUL¿HVWKDWQRSDFNHWVZHUHGURSSHGE\WKHORDGEDODQFHU
Without the Aggregation Tap, more NICs would have to be added to the monitoring system – but the
V\VWHPRQO\VXSSRUWVIRXU1,&VVRWZRV\VWHPVZRXOGKDYHWREHDSSOLHGWRVHHDOORIWKHWUDI¿F

The digital hospital of the future – now!
A new hospital is being built and digital HIT systems are a focus of the planned operations. The network
is, of course, a fundamental part of the building plan. The network architect knows that the network
ZLOOKDYHWRFDUU\ODUJHDPRXQWVRIGDWDLPDJHYRLFHYLGHRHPDLODQG,QWHUQHWWUDI¿FUHOLDEO\DQG
VHFXUHO\7KHUHIRUHWUDI¿FPRQLWRULQJLVHVVHQWLDODQGD0RQLWRULQJ$FFHVV3ODWIRUP0$3LVLQWHJUDWHG
within the network architecture.
RMON
Analyzer
Forensic
IDS
RRMON
AAnalyzer
ID
F
DS
Forensic
1
2
Workgroup
Workgroup
Switch Switch
Link Aggregator Implementation
The passive Link Aggregator Tap provides multiple permanent, in-line
access ports to monitor all full-duplex trafc without data interference.
Using a single NIC, the
monitoring devices receive
all combined trafc from
Side A and Side B, including
physical layer errors.
Link Aggregator
®
Tap Technology Enables Healthcare’s Digital Future
White Paper

$WWKHFRUHRIWKH0$3DUHWHQData Monitoring Switches that will be deployed at key locations
WKURXJKRXWWKHKRVSLWDO7KH'DWD0RQLWRULQJ6ZLWFKHVZLOOJDWKHUFRSLHVRIWUDI¿FIURPQHWZRUNOLQNV
Taps, and switch Span ports throughout the network, and direct them to a central network operations
center (NOC) for monitoring. Through the Data Monitoring Switches, professionals in the NOC will be able
WRGLUHFWWUDI¿FIURPDQ\ZKHUHLQWKHKRVSLWDO¶VQHWZRUNWRDQ\RIWKHWRROVLQWKH12&WRTXLFNO\WUDFN
down issues before they impact doctors, nurses, and patients. The Data Monitoring Switches will enable
WUDI¿FIURPPXOWLSOHOLQNVWREHDJJUHJDWHGDQGVHQWWRSDUWLFXODUWRROVDQGIRUWUDI¿FWREHregenerated so
PXOWLSOHWRROVFDQEHDSSOLHGWRWKHVDPHWUDI¿FDWWKHVDPHWLPH7KH\DOVRHQDEOHWKH12&SHUVRQQHO
WRVHOHFWSDUWLFXODUWUDI¿FRILQWHUHVWVXFKDVVSHFL¿FSURWRFROW\SHVRU9/$16WRQDUURZGRZQLVVXHV
TXLFNO\DQGSUHYHQWWRROVIURPEHLQJRYHUORDGHG)RULQVWDQFHWKH\FDQIRFXVMXVWRQYRLFHWUDI¿FRU
e-mail. Furthermore, the system is easy to operate because all ten Data Monitoring Switches, even
WKRXJKWKH\DUHVFDWWHUHGDURXQGWKHKRVSLWDODUHOLQNHGE\KLJKVSHHG¿EHURSWLFFDEOHVVRWKH\DSSHDU
DVDVLQJOHORJLFDOGHYLFHWRWKHXVHUV7KHQHWZRUNDUFKLWHFWEHOLHYHVWKLV0$3DUFKLWHFWXUHLVHVVHQWLDO
to enable the NOC to keep the wide variety of health and business applications on which the hospital will
depend running at peak performance, with security and reliability worthy of the digital age.
HIPAA compliance without risking downtime
$VSDUWRIDGDWDVHFXULW\LQLWLDWLYHIRUDFKLHYLQJ+,3$$FRPSOLDQFHLQDODUJHPHGLFDOFOLQLFWKHFOLQLF¶V
QHWZRUNDUFKLWHFWVSHFL¿HVLQOLQHGDWDORVVSUHYHQWLRQ'/3DSSOLDQFHVWRFRQ¿QHFRQ¿GHQWLDOSDWLHQW
LQIRUPDWLRQWRGHSDUWPHQWVWKDWKDYHDOHJLWLPDWHQHHGIRULW)RUH[DPSOH¿QDQFLDOLQIRUPDWLRQZLOOEH
restricted to the Finance Department, and will not be accessible in Human Resources or the medical labs.
7KH'/3DSSOLDQFHH[DPLQHVDOOWUDI¿FOHDYLQJWKHGHSDUWPHQW¶V9/$1ZKHQLWGHWHFWVDGRFXPHQWZLWK
3URWHFWHG+HDOWK,QIRUPDWLRQ3+,WKDWLVQRWDOORZHGRXWVLGHRIWKHGHSDUWPHQWLWGURSVWKHSDFNHWVR
WKH3+,LVQRWWUDQVIHUUHGDQGVHQGVDFRPSOLDQFHZDUQLQJPHVVDJHWRWKHRULJLQDWRU
+RZHYHULQWHUGHSDUWPHQWDOQHWZRUNDFFHVVLVFULWLFDOWRWKHFOLQLF¶VIXQFWLRQLQJVRWKHQHWZRUNDUFKLWHFW
ZDQWVWRHQVXUHWKDWQHWZRUNWUDI¿FNHHSVÀRZLQJHYHQLID'/3DSSOLDQFHORVHVSRZHUIDLOVRULV
UHPRYHGIRUPDLQWHQDQFHRUDQRWKHUUHDVRQ7KHDUFKLWHFWVDWLV¿HVWKLVUHTXLUHPHQWE\DWWDFKLQJHDFK
IDS
Analyzer 2
Analyzer 1
RMON 1 RMON 2
Forensic
Director - Data Monitoring Switch Implementation
Switch
HTTP UDP DHCP FTP
Switch
Switch
Switch
Router Firewall
Switch
Switch
10Gbps
Director provides or enables
permanent, in-line or Span
access to monitor all
full-duplex or mirror port
trafc without data stream
interference at 1Gbps and
10Gbps.
Director flters user specifed
trafc on all connections to
the appropriate monitoring
devices by way of Indigo™
Suite CLI, Web or System
Management tools
For increased monitoring
leverage, Director units can
be easily daisy-chained, or
stacked using fexible XFP
modules.
Director
1
2
3
®
Tap Technology Enables Healthcare’s Digital Future
White Paper

'/3DSSOLDQFHWRWKHQHWZRUNWKURXJKDBypass SwitchZKLFKLVDGHYLFHVSHFL¿FDOO\GHVLJQHGWRNHHS
WUDI¿FÀRZLQJLQDOORIWKHVHFRQGLWLRQV

%\SDVV6ZLWFKHVDUHDOVRLQVWDOOHGDWGHSDUWPHQWDOJDWHZD\VWKDWDUHQRWUHFHLYLQJ'/3DSSOLDQFHVDW
WKLVWLPHWKH%\SDVV6ZLWFKHQDEOHVD'/3DSSOLDQFHWREHDGGHGDWDODWHUGDWHZLWKRXWLQFXUULQJDQ\
GRZQWLPHRUGLVWXUELQJWKHQHWZRUNWUDI¿FLQDQ\ZD\,QDGGLWLRQWKH%\SDVV6ZLWFKDGGVYDOXHHYHQ
ZLWKRXWD'/3DSSOLDQFHDWWDFKHGEHFDXVHLWVUHPRWHPDQDJHPHQWLQWHUIDFHDOORZVRSHUDWRUVWRPRQLWRU
QHWZRUNWUDI¿FWKURXJKWKHOLQNFRQWLQXRXVO\DQGWRDWWDFKVSHFLDOL]HGPRQLWRULQJWRROVLILVVXHVGHPDQG
deeper investigation.
IPS
When the 8ypass SwItch Is In 8ypass EnabIed mode, aII In-IIne traIIIc
contInues to IIow on the network IInk wIthout beIng dIrected through
the ÌPS appIIance.
8ecause In-IIne traIIIc Is no Ionger
IIowIng through the monItorIng devIce,
It may be removed and repIaced
wIthout downtIme.
Power to the 8ypass SwItch
Is ON and the heartbeat Is
sent and awaItIng receIpt
on monItor port D.
When the OptIcaI 8ypass SwItch Is In 8ypass DIsabIed
mode, aII In-IIne traIIIc Is routed through the ÌPS appIIance.
Power to the 8ypass SwItch
Is ON and the heartbeat Is
beIng receIved on MonItor
Port D.
1
2
2
3
1
IPS
Bypass Switch
Bypass Switch
Bypass Switch Disabled Mode
Bypass Switch Enabled Mode
Switch Switch Firewall
e OptIcaI 8ypass Sw
I In-IIne traIIIc Is ro
Switch
Switch Switch Firewall
nues to IIow on the
PS appIIance.
Switch
®
Tap Technology Enables Healthcare’s Digital Future
White Paper
- 7 -
Summary
Information and communications technologies are changing the way medicine is
practiced, driving down costs and increasing the quality of patient care across the
board. All of the new digital health initiatives depend on the foundation of a rock-
solid, high-performance network. To ensure the necessary performance, security,
and reliability, the network must be on a wellness program, and not depend on
trips to the emergency room when something goes wrong. The network wellness
program means that systems and operators must be able to monitor all of the
breeches, data leakage, and regulatory compliance. Tap technology gives
into a single view, and for monitoring functions to be centralized in the NOC
protected and their ROI is increased when a Monitoring Access Platform built
with Tap technology is an integral part of the medical information network.
For further information on Tap technology:
http://www.netoptics.com
Net Optics, Inc.
5303 Betsy Ross Drive
Santa Clara, CA 95054
(408) 737-7777
info@netoptics.com
BRAIN FORCE Software GmbH
Ohmstr. 12
63225 Langen (near Frankfurt/M.)
Germany
Tel.: +49 6103 906-767
Fax: +49 6103 906-789
netoptics@brainforce.com
http://www.network-taps.eu
Distributed by

Sign up to vote on this title
UsefulNot useful