WENETWORKING INC.

Dream Care GeneralHOSPITAL

Network Design
Medical Facility Network Proposal
Members
Name ID
Abiye Leul
Belayneh Teshome
Birhanu Kassahun
Demeke Aregaw
11/20/2008

Page 0
 EXECUTIVE SUMMARY

We as networking professionals advise firm that delivers well thought out business plans
based on statistics, research, and organization. We propose that the company (known as Dream
Care General Hospital) should take the following five critical points into consideration:

 A network planned and built around redundancy should be implemented for

facilitating Dream Care General Hospital’s needs and tasks.
 A network that is easy to use, manipulate, and troubleshoot should be adopted.
 As far as hardware it is Dream Care General Hospital’s best interest to disregard
cost due to the nature of the business. However, we will only supply the highest
standards of price to quality products ratio.
 All policies should govern the network to keep it secure, efficient, and productive.
 A disaster recovery plan should be implemented in order to prepare for lost data,
uncontrollable disasters, and hardware failure.

By implementing these changes within Dream Care General Hospital’s business

environment, the company will better facilitate its employees, patients, and hardware. This will
provoke a more productive and fluent flow of data which will allow the company to become
more efficient. With a network developed around redundancy Dream Care General Hospital will
have a close to zero percent of point failure. Many backup plans have been implemented in order
to keep a 99.9% uptime for defense against many various uncontrollable situations that may
occur on a daily basis. We understand what our affiliates do and make it our goal to specify
customized plans for each project. This network will also be very simple to manipulate and
change as growth and expansion of Dream Care General Hospital begins to play its role.

It should also be noted that we take a pride in our research of perfect solutions to business
needs. We incorporate the closest attention to detail and only suggest the best product based on
quality for our companies services. The same can be said for our policies which we construct and
develop around our customized networks.

After gathering information about various products and services, as well as Dream Care
General Hospital’s business plan and layout, we have the following policies prepared to enhance
connectivity, organization, and overall productivity…

Page 1
 ORGANIZATION LAYOUT

Currently, the Hospital facilities do not meet the requirements of modern network
standards. Due to the tremendous risk involved with Hospital needs of connectivity and
maintenance, we have prepared a new layout of logical and physical topologies that will fulfill
the Hospital’s need of 99.9% connection uptime, full scale office range, security, and back-up
capability.

The current setup of Dream Care General Hospital has no any network access. The wired
users are made up of the manager, pharmacist, 10 specialist doctors, HR, OPD, finance, nurses,
Public Outreach, Medical Supplies, Medical Records, Counseling, an Office general service
officer, Receptionist and other various support personnel. Together these make up all of the staff
that work and collaborate together to operate Dream Care General Hospital’s datacenter and
Hospital building.

The network starts off with four server boxes that will be located within the datacenter
across the street from the hospital. Two servers will run at all times, as the primary server and the
remaining two are as a backup. The backups will thoroughly copy everything within the network
every weekend, as well as store files that have been manipulated after a day’s work through
Differentiation. The backup servers will also be available to kick in and take over the task of
primary servers if the primary servers ever fail for any reason. This setup will allow Dream Care
General Hospital to have high hardware failure tolerance which will in the end make server or
network downtime non-existent.

These four servers will connect to main-Switch 1, which are connected to Router1.
Router1 is hardwired to a trunk line form of the Internet. Through the internet, the datacenter will
allow its information to be accessed by the Hospital facility via Virtual Private Networking
(VPN). The VPN allows Router1 to connect to Router2, which is located in the hospital and is
also hooked up to a trunk line form of the Internet. It should be noted Router2 is connected to
main switch2, which will allow the router1 and Router2 to connect to each other if the Internet
connectivity ever fails, thus giving Dream Care General hospital a high tolerance for connection
failure.

Furthermore, Router1 is connected to main-Switch1which is located near to manager

office. This means each office of Dream Care General Hospital’s care center will contain a
switch for easy wire running as needed, maintenance, and port allocation. There six Wireless
Access Points (WAPs) which are hardwired into the switches of their respected location. The
naming of these WAPs will be consistent with their location, etc. The hard wired devices such as
workstations, computers, printers, and others will be connected their office’s respected switch as
well. (See Datagram 1.1 and 1.2)

With this network setup, Dream Care General Hospital will have a star topology with
easy failure justification, troubleshooting, and efficiency. The main network of the facility will
function through the Internet VPN, allowing personnel to access the Hospital’s network offsite
and conduct project file collaboration. The direct connection P2P WAP will serve simply as a

Page 2
backup that will only be turned on if the Internet connection fails for any reason. With this
information flow, Dream Care General Hospital will be more efficient, productive, and have zero
connection failure or time loss.

Page 3
 HARDWARE AND WIRING

The following are the proposed hardware and network wiring configurations that we find
will suffice Dream Care General Hospital’s Needs…

The server is a very important element of a business’s network; it is the sole brain and
computing device that dictates the information flow of the network. Therefore, it is very
important to Dream Care General Hospital’s interest that they use top of the line servers. A
trustworthy manufacturer with a good warranty that can support their hardware at any given time
is a need in the medical field. We have decided to go with CISCO brand server to support Dream
Care General Hospital’s new network based on their reputation, services, and high standard
products.

The model we have chosen is the Cisco UCS® C480 ML M5 Rack Server based on its
efficient infrastructure, quick task completion, and high reviews. After contacting CISCO, they
recommended this system because it will fulfill all of Dream Care General Hospital’s
requirements of server needs. This hardware features “Go-Green” technology which allows for
utility savings and energy efficiency, room for growth, security, and the newest system
management tools. Both the primary and backup servers, ALPHA and BRAVO, will be of this
hardware specification. It should also be noted that both servers will run Windows Server 2003
for easy workstation and device calibration.

Server Specification Data Table 1.1:

Feature
Latest Intel® Xeon® Scalable processors with
up to 28 cores per socket
Cisco® 12-Gbps SAS Modular RAID
Controller in a dedicated slot
8 NVIDIA SXM2 V100 32GB modules with
NVLink interconnect
Modular storage support with up to 24 front-
accessible hot-swappable Hard Disk Drives
(HDDs) and Solid-State Disks (SSDs)
Benefit
support for two processor configurations
providing enterprise-class data protection for
up to 24 SAS/SATA HDDs and SSDs
Fast Deep Learning model training
Modularity to right-size storage options to
match training requirements
Flexibility to expand as storage needs
increase

High-capacity memory support of up to 3 TB Large memory footprint to deliver performance

using 128-GB DIMMs
Up to 6 PCIe NVMe drives
Support for up to 4 PCIe Generation 3.0 slots
Hot-swappable, redundant power supplies
and capacity for large model training
Up to 6 Gen3 x4 lanes NVMe drives for
extreme I/O performance for faster
model training
Support for up to four 10/25 or 40/100G Cisco
VICs
Increased high availability

Page 4
Power supplies Hot-pluggable, redundant 1600W AC
Integrated dual 10-Gbps Ethernet Increased network I/O performance and
additional network options
Table 1 server specification

When looking for a provider of routing and switching devices, one can trust no one more
than Cisco Networking Systems. They provide the best in device warranties, support, price,
durability, and function. Their systems are known worldwide and would serve well under Dream
Care General Hospital’s command. Their networking infrastructures are superior technologies
that integrate all network devices and operating standards together. Dream Care General Hospital
needs a total of two P2P WAP routers, two Internet connectivity routers, seven WAP routers, and
five total layer3 switches.

The models of Cisco devices we have decided to go with are Basic 5GHz Complete Wireless
Bridge Kit (1/2 mile LOS) for the P2P WAP, two Cisco RV320 Dual Gigabit WAN VPN Router
for the Internet/VPN connection, 24 Port 10/100btx 2- GBIC Ports DC-Pwrd STD Multilayer
SW for the multiple switches needs, and Cisco Aironet 1552S Outdoor Access Point for the
WAPs required throughout the network. All of these devices allow room for expansion, multiple
device connectivity with ease, and simple troubleshooting. These are all top of the line and come
with full warranties and support.

Dream Care General Hospital has the need for 200 workstations for the various wired
users, as well as 104 workstations for the college. We have decided to go with HP workstations
for the network environment based on their low costs, reliability, and superior tech support. If a
HP computer ever fails under warranty, HP will send out a representative to fix the problem as
soon as possible, which is highly valuable in the high risk Hospital environment. The model we
have decided to go with is the HP LV2011 20. We also prefer Kyocera FS-1220MFP multi
function printer.

Workstation Table 2:
Hardware Specification
Processor: Intel™ Core®2 Quad Q6600
(2.40GHz/1066MHz/2X4MB L2) 375W
Operating System: Genuine Windows 7
Warranty & Services: 3 Year Warranty and 3 Year NBD On-Site
Chavesis Configuration: Mini-Tower Chavesis Configuration
Memory: 2GB, 667MHz, DDR2 SDRAM Memory,
NECC (2 DIMMS)
Optical Drive: 16X DVD+/-RW w/ Cyberlink PowerDVD™
and Roxio Creator™ Dell Ed
Hard Drive: 80GB SATA 3.0Gb/s with NCQ and 8MB
DataBurst Cache™
Monitor
File System: NTFS File System

Page 5
System Documentation: Resource DVD - contains Diagnostics and
Drivers
Video Card: 256MB PCIe x16 nVidia Quadro FX570, Dual
Monitor DVI Capable

Table 2 workstation specification

Kyocera FS-1220MFP - Printer Specifications

Printer type Paper Print RAM Processor Noise Weight Max duty
capacity speed speed level cycle
A4 Mono 250 sheets Up to 20 64 MB 390 MHz Up to 8.7 kg 20,000
Multifunction ppm 50 db pages /
Laser Printer month
Table 3 printer specification

As far as Dream Care General Hospital’s need for cabling, the network will need over 1000, 000
feet of total cable that will allow little to no interference, and must have the durability to
withstand the test of time of data flow and ever changing environment conditions. Dream Care
General Hospital have zero tolerance for connectivity failure due to the high risk operations
involved, so we have decided to utilize 24 gauge shielded CAT6. Having shielded cabling will
cut out interference of all other radio frequencies and disturbances throughout the Hospital
environment.

The final hardware and devices that Dream Care General Hospital should be concerned
with purchasing for the network infrastructure are disaster recovery devices. All of the
workstations, servers, and important devices will need backup batteries to support the systems
for a short period of down time for events such as power flickers or outages. The Cyber Power
Cp600LCD 340W backup utilities will fit this job well due to their long battery life and cheap
price. Also, since power failure could be a life threatening situation, we suggest the purchase of a
backup generator capable of powering the Hospital facilities for a long amount of time. This will
allow a large window of time for the fixing of the power or for management and staff to organize
an evacuation. The Elite 100 kW Generator by Guardian is a reliable, quick, efficient, and well
supported product that will keep the Dream Care General Hospital facilities fully functional
during a power crisis.

BUDGET

The following is the budget of the hardware and devices that we propose to implement
within Dream Care General Hospital’s facilities…

Page 6
Budget Table 4:
Quantity of Items Hardware/Devices Price
X4 Cisco UCS® C480 ML M5 $5500 Each
Rack Server
x30 Cyber Power Cp600LCD $30 Each
340W
x1 Guardian Elite 100 kW $18,800 Each
Generator
x6 1000000ft Shielded CAT6 $170 Each
Cable
x1 Basic 5GHz Complete $1000 Each
Wireless Bridge Kit (1/2 mile
LOS)
X7 Cisco Aironet 1552S Outdoor $500 Each
Access Point

X304 HP 200 G3 All-in-One $1020 Each

PC

x5 Cisco Catalyst 3550 Series $3200 Each

Intelligent Ethernet Switches

x4 Cisco RV320 Dual Gigabit $160 Each

WAN VPN Router

X8 Kyocera FS-1220MFP £94.47

X1 Skype For Business (Office £3.80- £11.30

365)

Table 4 budget allocation

IP INFORMATION

Page 7
The following specified information is in regards to Dream Care General Hospital’s new network
infrastructure IP addresses…

We have decided to go with a Class B IP address, 172.16.0.1, due to the fact that a class C
may not contain enough hosts for all of the connected clients. A Class C will only allow up to a
maximum of 254 total available hosts for the network, therefore, we proposes the use of a Class
B to allow 510 available hosts on one network. Dream Care General Hospital’s network will use
this Class B IP and internal NAT subnetting to communicate the network designated IPs to the
global network IPs, 90.44.22.5 and 90.44.22.6.

IP: Class B - 172.16.0.1

Subnet Mask: 255.255.254.0
Total Available Hosts: 510
Network Address: 172.16.0.0
Range: 172.16.0.1 - 172.16.1.254
Broadcast: 172.16.1.255
Designated IP Table 5:
Router1: 90.44.22.5 MAIN-WAP1A: 172.16.0.16
Router2: 90.44.22.6 MAIN-WAP2B: 172.16.0.17
Main1 (Primary Server1): 172.16.0.1 MAIN-WAP2D: 172.16.0.18
Main1 (Primary Server1): 172.16.0.2 MAIN-WAP2E: 172.16.0.19
Backup1 (mirror Server1): 172.16.0.3 MAIN-WAP3A: 172.16.0.20
Backup 2 (mirror Server2): 172.16.0.4 MAIN-WAP3B: 172.16.0.21
MAIN-Switch1: 172.16.0.5 MAIN-WAP3C: 172.16.0.22

MAIN-Switch2: 172.16.0.6 Filing System: 172.16.0.23

MAIN-Switch4: 172.16.0.7
MAIN-Switch4: 172.16.0.8
MAIN-Switch5: 172.16.0.9
MAIN-WAP1A: 172.16.0.10
MAIN-WAP1B: 172.16.0.11
MAIN-WAP1C: 172.16.0.12
MAIN-WAP1D: 172.16.0.13
DHCP: 172.16.0.24
Exchange Server: 172.16.0.25
OPDPRINTER1: 172.16.0.26
NURSE PRINTER1: 172.16.0.27
ADMIN PRINTER2: 172.16.0.28
RECEPTIONPRINTER3: 172.16.0.29
FP PRINTER4: 172.16.0.30

MAIN-WAP1E: 172.16.0.14 REGISTRAR PRINTER4: 172.16.0.38

MAIN-WAP2A: 172.16.0.15 NURSING DEPT PRINTER4: 172.16.0.31

COMPUTER ASSISTANT PRINTER4: ACCOUNTING DEPT PRINTER4: 172.16.0.32

172.16.0.33

Page 8
Table 5 IP addressing

Page 9
 The rest of the IPs, ranging from 172.16.0.32 to 172.16.1.254, will allow up to four hundred
and seventy-seven dynamic IPs left for connecting hosts on the network for use. These will be
designated to the three hundred four wired workstations, and other devices connected to the network.
VLAN INFORMATION
The following table generalizes information about VLAN and type of users that access the
corresponding VLAN.
Number Name Users /offices Number of hosts
1 Blood bank area
2 OPD
3 Nurse
4 Admin area
5 F P area
6 Reception area
7 Student
8 Registrar area
9 Dean office area
10 Nursing
12 Accounting

NETWORK POLICIES

The following are the guidelines and policies pertaining to DREAM CARE
GENERALHOSPITAL’s network that we believe fit to keep consistent integrity throughout the
workspace…

Email Policy
1.0 Purpose
The purpose is to prevent tarnishing of the public image of DREAM CARE GENERALHOSPITAL.
When email goes out from DREAM CARE GENERALHOSPITAL, the general public will tend to
view that message as an official policy statement from the DREAM CARE GENERALHOSPITAL.
2.0 Scope
This policy covers appropriate use of any email sent from an DREAM CARE GENERALHOSPITAL
email address and applies to all employees, vendors, and agents operating on behalf of DREAM CARE
GENERALHOSPITAL.

3.0 Policy
3.1 Prohibited Use. The DREAM CARE GENERALHOSPITAL email system shall not to be used for
the creation or distribution of any disruptive or offensive messages, including offensive comments
about race, gender, hair color, disabilities, age, sexual orientation, pornography, religious beliefs and
practice, political beliefs, or national origin. Employees who receive any emails with this content from
any DREAM CARE GENERALHOSPITAL employee should report the matter to their supervisor
immediately.

3.2 Personal Use.

Using a reasonable amount of DREAM CARE GENERALHOSPITAL resources for personal emails is
acceptable, but non-work related email shall be saved in a separate folder from work related email.
Sending chain letters or joke emails from an DREAM CARE GENERALHOSPITAL email account is
prohibited. Virus or other malware warnings and mass mailings from DREAM CARE
GENERALHOSPITAL shall be approved by DREAM CARE GENERALHOSPITAL VP Operations
before sending. These restrictions also apply to the forwarding of mail received by an DREAM CARE
GENERALHOSPITAL employee.

3.3 Monitoring
DREAM CARE GENERALHOSPITAL employees shall have no expectation of privacy in anything
they store, send or receive on the company’s email system. DREAM CARE GENERALHOSPITAL
may monitor messages without prior notice, but is not obliged to monitor email messages.

3.4 Automatic Forwarding

Employees must exercise utmost caution when sending any email from inside DREAM CARE
GENERALHOSPITAL to an outside network. Unless approved by an employee's manager, DREAM
CARE GENERALHOSPITAL email will not be automatically forwarded to an external destination.
Sensitive information will not be forwarded via any means, unless that email is critical to business and
is encrypted in accordance with the Acceptable Encryption Policy.

4.0 Enforcement
Any employee found to have violated this policy may be subject to disciplinary action, up to and
including termination of employment.
5.0 Definitions
Email - The electronic transmission of information through a mail protocol.
SMTP or IMAP - Typical email clients include Eudora and Microsoft Outlook.
Forwarded Email - Email resent from an internal network to an outside point.
Chain Email or Letter - Email sent to successive people. Typically the body of the note have direction
to send out multiple copies of the note and promises good luck or money if the direction is followed.
Sensitive Information - Information is considered sensitive if it can be damaging to DREAM CARE
GENERALHOSPITAL or its customers' reputation or market standing.
Virus Warning - Email containing warnings about virus or malware. The overwhelming majority of
these emails turn out to be a hoax and contain bogus information usually intent only on frightening or
misleading users.
Unauthorized Disclosure - The intentional or unintentional revealing of restricted information to
people, both inside and outside Dream Care General Hospital, who do not have a need to know that
information.

Internet Equipment Policy

1.0 Purpose
The purpose of this policy is to define standards to be met by all equipment owned and/or operated by
DREAM CARE GENERALHOSPITAL. These standards are designed to minimize the potential
exposure to DREAM CARE GENERALHOSPITAL from the loss of sensitive or company confidential
data, intellectual property, damage to public image etc., which may follow from unauthorized use of
DREAM CARE GENERALHOSPITAL resources.

The policy defines the following standards:

 Ownership responsibility
 Secure configuration requirements
 Operational requirements
 Change control requirement

2.0 Scope
All equipment or devices owned and/or operated by DREAM CARE GENERALHOSPITAL (including
hosts, routers, switches, etc.) and/or registered in any Domain Name System (DNS) domain owned by
DREAM CARE GENERALHOSPITAL, must follow this policy. This policy also covers any host
device outsourced or hosted at external/third-party service providers, if that equipment resides in the
"DREAM CARE GENERALHOSPITAL.com" domain or appears to be owned by DREAM CARE
GENERALHOSPITAL. All new equipment which falls under the scope of this policy must be
configured according to the referenced configuration documents, unless a waiver is obtained from
InfoSec. All existing and future equipment deployed on DREAM CARE GENERALHOSPITAL's un-
trusted networks must comply with this policy.

3.0 Policy
3.1. Ownership and Responsibilities
Equipment and applications within the scope of this policy must be administered by support groups
approved by InfoSec for system, application, and/or network management.
Support groups will be responsible for the following:
 Equipment must be documented in the corporate wide enterprise management system. At a
minimum, the following information is required:
 o Host contacts and location.
o Hardware and operating system/version.
o Main functions and applications.
o Password groups for privileged passwords.
 Network interfaces must have appropriate Domain Name Server records (minimum of A and
PTR records).
 Password groups must be maintained in accordance with the corporate wide password
management system/process.
 Immediate access to equipment and system logs must be granted to members of InfoSec upon
demand, per the Audit Policy.
 Changes to existing equipment and deployment of new equipment must follow and corporate
governess or change management processes/procedures.
To verify compliance with this policy, InfoSec will periodically audit equipment per the Audit Policy.

3.2. General Configuration Policy

All equipment must comply with the following configuration policy:
 Hardware, operating systems, services and applications must be approved by InfoSec as part of
the pre-deployment review phavee.
o Operating system configuration must be done according to the secure host and router
installation and configuration standards.
 All patches/hot-fixes recommended by the equipment vendor and InfoSec must be installed.
This applies to all services installed, even though those services may be temporarily or
permanently disabled. Administrative owner groups must have processes in place to stay current
on appropriate patches/hotfixes.
 Services and applications not serving business requirements must be disabled.
 Trust relationships between systems may only be introduced according to business
requirements, must be documented, and must be approved by InfoSec.
 Services and applications not for general access must be restricted by access control lists.
 Insecure services or protocols (as determined by InfoSec) must be replaced with more secure
equivalents whenever such exist.
 Remote administration must be performed over secure channels (e.g., encrypted network
connections using SSH or IPSEC) or console access independent from the networks. Where a
methodology for secure channel connections is not available, one-time passwords
(DES/SofToken) must be used for all access levels.
 All host content updates must occur over secure channels.
 Security-related events must be logged and audit trails saved to InfoSec-approved logs. Security
related events include (but are not limited to) the following:
o User login failures.
o Failure to obtain privileged access.
o Access policy violations.
 InfoSec will address non-compliance waiver requests on a case-by-case basis and approve
waivers if justified.

3.3. New Installations and Change Management Procedures

All new installations and changes to the configuration of existing equipment and applications must
follow the following policies/procedures:
 Configuration changes must follow the Corporate Change Management (CM) Procedures.
  InfoSec must be invited to perform system/application audits prior to the deployment of new
services.
 InfoSec must be engaged, either directly or via CM, to approve all new deployments and
configuration changes.

3.4. Equipment Outsourced to External Service Providers

The responsibility for the security of the equipment deployed by external service providers must be
clarified in the contract with the service provider and security contacts, and escalation procedures
documented. Contracting departments are responsible for third party compliance with this policy.

4.0 Enforcement
Any employee found to have violated this policy may be subject to disciplinary action, up to and
including termination of employment. External service providers found to have violated this policy
may be subject to financial penalties, up to and including termination of contract.

5.0 Definitions
Terms Definitions
Secure Channel - Out-of-band console management or channels using strong encryption according to
the Acceptable Encryption Policy. Non-encrypted channels must use strong user authentication (one-
time passwords).
Un-Trusted Network - Any network firewalled off from the corporate network to avoid impairment of
production resources from irregular network traffic (lab networks), unauthorized access (partner
networks, the Internet etc.), or anything else identified as a potential threat to those resources.

DREAM CARE GENERALHOSPITAL Computer Network and Internet Access Policy

1.0 Disclaimer
The Internet is a worldwide network of computers that contains millions of pages of information. Users
are cautioned that many of these pages include offensive, sexually explicit, and inappropriate material.
In general, it is difficult to avoid at least some contact with this material while using the lnternet. Even
innocuous search requests may lead to sites with highly offensive content. Additionally, having an e-
mail address on the lnternet may lead to receipt of unsolicited e-mail containing offensive content.
Users accessing the lnternet do so at their own risk and the DREAM CARE GENERALHOSPITAL is
not responsible for material viewed or downloaded by users from the Internet. To minimize these risks,
your use of the Internet at DREAM CARE GENERALHOSPITAL is governed by the following policy:

2.0 Permitted Use of Internet and Company Computer Network

The computer network is the property of DREAM CARE GENERALHOSPITAL ("Company") and
may only be used for legitimate business purposes. Users are provided access to the computer network
to assist them in the performance of their jobs. Additionally, certain employees ("Users") may also be
provided with access to the Internet through the computer network. All Users have a responsibility to
use Company's computer resources and the Internet in a professional, lawful and ethical manner. Abuse
of the computer network or the Internet, may result in disciplinary action, including possible
termination, and civil and/or criminal liability.

3.0 Computer Network Use Limitations

3.1 Prohibited Uses.
Without prior written permission from Company, the Company's computer network may not be used to
disseminate, view or store commercial or personal advertisements, solicitations, promotions,
destructive code (e.g., viruses, self-replicating programs, etc.), political material, pornographic text or
images, or any other unauthorized materials. Employees may not use the Company's Internet
connection to download games or other entertainment software (including screen savers), or to play
games over the Internet. Additionally, you may not use the computer network to display, store or send
(by e-mail or any other any other form of electronic communication such as bulletin boards, chat
rooms, Usenet groups, etc.) material that is fraudulent, harassing, embarrassing, sexually explicit,
profane, obscene, intimidating, defamatory or otherwise inappropriate or unlawful. Furthermore,
anyone receiving such materials should notify their supervisor immediately.

3.2 Illegal Copying.

Users may not illegally copy material protected under copyright law or make that material available to
others for copying. You are responsible for complying with copyright law and applicable licenses that
may apply to software, files, graphics, documents, messages, and other material you wish to download
or copy. You may not agree to a license or download any material for which a registration fee is
charged without first obtaining the express written permission of the company.

3.3 Communication of Trade Secrets.

Unless expressly authorized to do so, User is prohibited from sending, transmitting, or otherwise
distributing proprietary information, data, trade secrets, or other confidential information belonging to
Company. Unauthorized dissemination of such material may result in severe disciplinary action as well
as substantial civil and criminal penalties under state and federal Economic Espionage laws.

4.0 Duty Not to Waste Computer Resources

4.1 Accessing the Internet.
To ensure security and avoid the spread of viruses, Users accessing the Internet through a computer
attached to Company's network must do so through an approved Internet firewall or other security
device. Bypassing Company's computer network security by accessing the Internet directly by modem
or other means is strictly prohibited unless the computer you are using is not connected to the
Company's network.

4.2 Frivolous Use.

Computer resources are not unlimited. Network bandwidth and storage capacity have finite limits, and
all Users connected to the network have a responsibility to conserve these resources. As such, the User
must not deliberately perform acts that waste computer resources or unfairly monopolize resources to
the exclusion of others. These acts include, but are not limited to, sending mass mailings or chain
letters, spending excessive amounts of time on the Internet, playing games, engaging in online chat
groups, uploading or downloading large files, accessing streaming audio and/or video files, or
otherwise creating unnecessary loads on network traffic associated with non-business-related uses of
the Internet.

5.0 No Expectation of Privacy

Employees are given computers and Internet access to assist them in the performance of their jobs.
Employees should have no expectation of privacy in anything they create, store, send or receive using
the company's computer equipment. The computer network is the property of the Company and may be
used only for Company purposes.

5.1 Waiver of Privacy Rights.

User expressly waives any right of privacy in anything they create, store, send or receive using the
company's computer equipment or Internet access. User consents to allow company personnel access to
and review of all materials created, stored, sent or received by User through any Company network or
Internet connection.

5.2 Monitoring of Computer Internet Usage.

The Company have the right to monitor and log any and all aspects of its Computer system including,
but not limited to, monitoring Internet sites visited by Users, monitoring chat and newsgroups,
monitoring file downloads, and all communications sent and received by users.

6.0 Blocking Sites With Inappropriate Content.

The Company have the right to utilize software that makes it possible to identify and block access to
Internet sites containing sexually explicit or other material deemed inappropriate in the workplace.

Guidelines on Anti-Virus Procedures

Recommended procedures to prevent virus problems:
 Always run the corporate standard, supported anti-virus software is available from the corporate
download site. Download and run the current version; download and install anti-virus software
updates as they become available.
 NEVER open any files or macros attached to an email from an unknown, suspicious or
untrustworthy source. Delete these attachments immediately, then "double delete" them by
emptying your Trash.
 Delete spam, chain, and other junk email without forwarding, in with DREAM CARE
GENERALHOSPITAL's Email Policy.
 Never download files from unknown or suspicious sources.
 Avoid direct disk sharing with read/write access unless there is absolutely a business
requirement to do so.
 Always scan a floppy diskette from an unknown source for viruses before using it.
 Back-up critical data and system configurations on a regular basis and store the data in a safe
place.
 If lab testing conflicts with anti-virus software, run the anti-virus utility to ensure a clean
machine, disable the software, and then run the lab test. After the lab test, enable the anti-virus
software. When the anti-virus software is disabled, do not run any applications that could
transfer a virus, e.g., email or file sharing.
 New viruses are discovered almost every day. Periodically check the Lab Anti-Virus Policy and
this Recommended Processes list for updates.

Wireless Communication Policy

1.0 Overview
The purpose of this policy is to secure and protect the information assets owned by DREAM CARE
GENERALHOSPITAL. DREAM CARE GENERALHOSPITAL provides computer devices, networks,
and other electronic information systems to meet missions, goals, and initiatives. DREAM CARE
GENERALHOSPITAL grants access to these resources as a privilege and must manage them
responsibly to maintain the confidentiality, integrity, and availability of all information assets. This
policy specifies the conditions that wireless infrastructure devices must satisfy to connect to DREAM
CARE GENERALHOSPITAL network. Only those wireless infrastructure devices that meet the
standards specified in this policy or are granted an exception by the Information Security Department
are approved for connectivity to a DREAM CARE GENERALHOSPITAL network.
2.0 Scope
All employees, contractors, consultants, temporary and other workers at DREAM CARE
GENERALHOSPITAL, including all personnel affiliated with third parties that maintain a wireless
infrastructure device on behalf of DREAM CARE GENERALHOSPITAL must adhere to this policy.
This policy applies to all wireless infrastructure devices that connect to a DREAM CARE
GENERALHOSPITAL network or reside on a DREAM CARE GENERALHOSPITAL site that
provide wireless connectivity to endpoint devices including, but not limited to, laptops, desktops,
cellular phones, and personal digital assistants (PDAs). This includes any form of wireless
communication device capable of transmitting packet data.

The Information Security Department must approve exceptions to this policy in advance.

3.0 Policy Statement

3.1 General Network Access Requirements
All wireless infrastructure devices that reside at a DREAM CARE GENERALHOSPITAL site and
connect to a DREAM CARE GENERALHOSPITAL network, or provide access to information
classified as DREAM CARE GENERALHOSPITAL Confidential, DREAM CARE
GENERALHOSPITAL Highly Confidential, or DREAM CARE GENERALHOSPITAL Restricted
must:
Be installed, supported, and maintained by a approved support team.
Use DREAM CARE GENERALHOSPITAL approved authentication protocols and infrastructure.
Use DREAM CARE GENERALHOSPITAL’s approved encryption protocols.
Maintain a hardware address (MAC address) that can be registered and tracked.
Not interfere with wireless access deployments maintained by other support organizations.

3.4 Home Wireless Device Requirements

Wireless infrastructure devices that provide direct access to the DREAM CARE
GENERALHOSPITAL corporate network, must conform to the Home Wireless Device Requirements
as detailed in the Wireless Communication Standard. Wireless infrastructure devices that fail to
conform to the Home Wireless Device Requirements must be installed in a manner that prohibits direct
access to the DREAM CARE GENERALHOSPITAL corporate network. Access to the DREAM
CARE GENERALHOSPITAL corporate network through this device must use standard remote access
authentication.

4.0 Enforcement
An employee found to have violated this policy may be subject to disciplinary action, up to and
including termination of employment. A violation of this policy by a temporary worker, contractor or
vendor may result in the termination of their contract or assignment with DREAM CARE
GENERALHOSPITAL.

5.0 Definitions
DREAM CARE GENERALHOSPITAL Network – A wired or wireless network, including indoor,
outdoor, and alpha networks that provide connectivity to corporate services.
Corporate Connectivity – A connection that provides access to an DREAM CARE
GENERALHOSPITAL network.
Information Assets – Information that is collected or produced and the underlying hardware, software,
services, systems, and technology that is necessary for obtaining, storing, using, and securing that
information which is recognized as important and valuable to an organization.
MAC Address – The MAC address is a hardware number that uniquely identifies each node on a
network and is required for every port or device that connects to the network
DREAM CARE GENERALHOSPITAL Naming Conventions
1.0 Overview
The purpose of this policy is to ensure that network components are named with the same standards.
DREAM CARE GENERALHOSPITAL have many different networking components and for the IT
department to quickly and effectively diagnose problems, the components must have a naming
convention so that IT employees can find them quickly.

2.0 Scope
This policy mainly affects Information Technology Department personnel. Said employees must abide
by all of DREAM CARE GENERALHOSPITAL's naming conventions. This policy applies to all
network hardware including but not limited to servers, workstations, routers, WAPs, etc.

3.0 Policy
3.1 Server Conventions
DREAM CARE GENERALHOSPITAL have two servers, the primary and the secondary. The primary
server is named Alpha and the secondary is Bravo.

3.2 Component Conventions

Components other than servers will be named using a hierarchy based on abbreviations starting with
building, department, component type and number. For example, the first workstation in human
resources would be named as such: MAINHRWS1 (MAINHumanResourcesWorkStation1).

4.0 Definitions
WAP – Wireless Access Point. These are used throughout the DREAM CARE GENERALHOSPITAL
for the wireless network.
Server – Computer that serves files and services to the HOSPITAL's network.
 SECURITY POLICIES

DREAM CARE GENERALHOSPITAL provides a wide variety of IT resources, including

computers, networks, software, computer accounts, and wireless devices, for use by their staff. These
resources are administered by the Computer Operations department, and they are intended for the
legitimate business of the DREAM CARE GENERALHOSPITAL. Appropriate business use of IT
resources includes instruction, research, and the official work of the offices, departments, and other
agencies. In recognition of the World Wide Web as an important communication medium and facilities
encourages its use as a means of supporting and fulfilling the mission and official work of DREAM
CARE GENERALHOSPITAL. It is critical that technology systems maintain adequate security and we
safeguard the confidentiality of data. The following are the guidelines and policies pertaining to the
security of DREAM CARE GENERALHOSPITAL’s network that WEbelieves will keep all malicious
activity non-existent…

Scope
This policy applies to all DREAM CARE GENERALHOSPITAL personnel who administer, manage,
maintain, or use DREAM CARE GENERALHOSPITAL’s IT resources, their supervisors, and their
unit administrators. It applies to all locations of those resources, whether on site or from remote
locations.

Objective
This policy statement is intended to support appropriate and effective use of information technology
(IT) resources at the DREAM CARE GENERALHOSPITAL, while providing guidelines for allowable
use.

1.0 User Account Access

1.1 Scope
This outlines individual responsibilities concerning the legal and ethical use of DREAM CARE
GENERALHOSPITAL’s computer systems, network resources, and electronic information. By
definition, all DREAM CARE GENERALHOSPITAL’s information technology resources, including
computer hardware, software, data, and physical and network infrastructure, as well as all personally
owned devices connecting to these resources, fall within the intent of this policy.

1.2 Access
1.2.1: Accounts are to be made only by management
1.2.2: No user is to create, modify, execute or retransmit any computer program or instructions to gain
unauthorized access to the DREAM CARE GENERALHOSPITAL.
1.2.3: Personal devices are not to be used to spy on activities of others is strictly forbidden.
1.2.4: Attempts to degrade the performance of the DREAM CARE GENERALHOSPITAL’s
technology systems are prohibited.
1.2.5: Users are to refrain from controlling systems, overloading networks with excessive data, disk
space and other information technology resources.

2.0 Password Requirements

2.1 Scope
This includes all personnel who have or are responsible for an account or any form of access that
supports or requires a password on any system that resides at any DREAM CARE
GENERALHOSPITAL facility, have access to the DREAM CARE GENERALHOSPITAL network, or
stores any non-public DREAM CARE GENERALHOSPITAL information.
2.2 Guidelines for Strong Passwords
Creating Strong Passwords:
2.2.1: Passwords must contain both upper and lower case characters.
2.2.2: Passwords must be at least 14 characters long.
2.2.3: Passwords must contain a combination of numbers, letters and symbols.
2.2.4: Passwords cannot be a word in any dictionary.
2.2.5: Passwords must be changed every 90 days.
2.2.6: Passwords cannot be based on personal information, names of family, or username.
2.2.7: Passwords are not to be written down, stored on-line or shared with anyone.
2.2.8: Passwords are not to be sent out through email messages or via phone or instant messaging.

3.0 Network Access

3.1 Network access is made available for the exclusive use of DREAM CARE GENERALHOSPITAL
employees and other agencies.
3.2 To ensure the functionality, availability and security of DREAM CARE GENERALHOSPITAL
technologies, personal devices may not interfere with DREAM CARE GENERALHOSPITAL
provided services, functions or roles.
3.3 Employees may not use any technologies that serve to bypass controls for ingress to or egress from
the network, nor may individuals extend network access beyond that which is provided by the DREAM
CARE GENERALHOSPITAL.

4.0 Hardware Firewall

4.1 Scope
All hardware devices must be used in compliance with the applicable licenses, notices, contracts and
agreements. Firewalls are used to establish a secure environment for the DREAM CARE
GENERALHOSPITAL’s computer and network resources and will filter traffic to mitigate risks and
losses associated with security threats to the DREAM CARE GENERALHOSPITAL’s network and
information systems.

4.2 Firewalls Security Services

4.2.1: Needs to be updated by the Administrator to apply patches and other
security enhancements and stay current on new vulnerabilities and incidents.
4.2.2: Access control between the internal network and un-trusted networks.
4.2.3: Block unwanted traffic, while providing security that does not place and undue burden on
authorized users.
4.2.4: Hide systems names, network topology, network device types, and internal user ID’s from the
Internet.
4.2.5: Provide stronger authentication than standard applications.
4.2.6: Log conspicuous traffic to and from the DREAM CARE GENERALHOSPITAL’s internal
network.

4.3 Firewall Logging

4.3.1: Configured to detect emergencies, such as system unusable messages
4.3.2: Detect alerts, critical conditions and error messages
4.3.3: Log and detect failed and multiple unsuccessful login attempts
5.0 Encryption
5.1 Purpose
This is to make certain that encryption keys are securely managed. It’s imperative that they are created,
stored, used and destroyed in the appropriate manner in all situations so critical and confidential
information is protected from unauthorized persons. It is important that these keys be accorded the
highest levels of security available and that staff and managers are aware of their responsibilities.

5.2 Scope
This affects all users of computer systems and networks responsible for the management and use of
encryption keys.

5.3 Use of Encryption

Encryption must be used to encode data where the risk of loss through theft or interception is high,
where there is the potential for a major security breach should that data get into the hands of
unauthorized persons and where the loss of the data would have a major impact on DREAM CARE
GENERALHOSPITAL's business.

6.0 Log Tracking

6.1 Log Retention
6.1.1: Network and system logs related to personally identifiable health information must be retained
for 6 years, payment card, debit or credit transactions, must be retained for 1 year.
6.1.2: All other network and system logs will be retained for 90 days, which include: server operating
system logs, email records, VoIP activity, internet usage monitoring software logs, remote access logs,
network edge routers, database transactional, firewall logs, IDS software logs, software security
monitoring/violation logs.

7.0 Risk Assessment

7.1 Actions
7.1.1: Risks to critical and sensitive administrative information resources must be managed. Such risks
may relate to the physical security of computer and communications systems, the integrity of data
maintained or transmitted within those systems, as well as to the stability and reliability of the
associated application.
7.1.2: This provides an approved risk analysis program and methodology for accomplishing the
assessment of risk to DREAM CARE GENERALHOSPITAL administrative information resources.
Every 6 months.
7.1.3: The Information Security Manager (ISM) periodically performs a risk analysis of all critical and
sensitive central comp1anies systems and data. These systems which process critical or sensitive
information must periodically perform the risk analysis for those information resources. Risk Analysis
and security measures apply to administrative systems developed and/or maintained by the ISM.

8.0 Departmental Security Coordinator

8.1 Purpose
Analysis of trends and types of security incidents and breaches is important to the integrity of DREAM
CARE GENERALHOSPITAL’s data management and computer security. All security incidents and
breaches must be reported to data custodians for investigation and analysis.

8.2 Actions
8.2.1: Each department or major organizational unit must have a designated Departmental Security
Coordinator (DSC). The function of the DSC is to communicate and coordinate access to
administrative systems for employees in that department.

8.3 Responsibilities
8.3.1: Teaching new employees the basics of terminal usage--signing on, changing passwords and
locating keys.
8.3.2: Instructing new employees regarding data access, security and confidentiality and having them
review the DREAM CARE GENERALHOSPITAL Data Access.
8.3.3: Impressing upon all users, new and existing, the necessity for preserving confidentiality of
DREAM CARE GENERALHOSPITAL’s data.
8.3.4: Ensuring users periodically change their passwords. Especially, if they suspect someone else that
might know it.
8.3.5: Encouraging users to sign-off their terminal anytime they leave it unattended, or activating a
password protected screen saver.

9.0 Incident Reporting

9.1 Purpose
Analysis of trends and types of security incidents and breaches is important to the integrity of DREAM
CARE GENERALHOSPITAL data management and computer security. All security incidents and
breaches must be reported to data custodians for investigation and analysis.

9.2 Actions
9.2.1: Each department or major organizational unit must have a designated Departmental Security
Coordinator (DSC). The function of the DSC is to communicate and coordinate access to
administrative systems for employees in their department as follows:
9.2.1.2: To request new user-ids or authorization for departmental employees to access On-line
Administrative Systems files, the DSC should complete and sign the Request for On-line user-id and
Administrative System Access form and mail to AIS.
9.2.1.3: Authorized file access can be granted only by the appropriate Application Security Manager
(ASM). Each ASM will contact the DSC to discuss specific access and update authority to be granted
users.

10.0 Administrator for Information Systems (AIS)

10.1 Responsibilities
10.1.1: Ensuring compliance with all Federal, State and DREAM CARE GENERALHOSPITAL
regulations regarding security of computer files.
10.1.2: Approving and establishing user-ids, which define the user to the AIS Security System and
forwarding the Access Form to the appropriate ASM(s).
10.1.3: Providing monthly, each DSC a current list of all user-ids in their department identifying the
files each users can access and/or update

11.0 Documentation
11.1 Purpose
The security risk to DREAM CARE GENERALHOSPITAL’s data is also related to the stability and
reliability of the associated administrative systems and applications, which in turn, is related to the
quality and accessibility of the technical documentation of those systems and applications.
11.2 Actions
The level of detail required within such documentation is a function of the size, complexity and
criticality of the system/application. System or application documentation should be viewed as "work
in progress" and evolutionary, and thus must be constantly revised and updated throughout the life
cycle of the system/application.

11.2.1: In keeping with paperwork reduction objectives, and to facilitate documentation currency, it is
desirable that administrative system/application documentation, to the maximum degree possible, be
maintained on-line.
11.2.2: Although no specific format can address all cases, documentation of critical and sensitive
administrative systems and applications should, as a minimum, include:
11.2.2.1: Business case/analysis, or process description,
11.2.2.2: System description/design/architecture,
11.2.2.3: Data/database design and dictionary,
11.2.2.4: Programming logic, programmer notes, and
11.2.2.5: Operational procedures and help

12.0 Wireless Network Security

12.1 Purpose
With the use of wireless communication brings security issues to DREAM CARE
GENERALHOSPITAL, and wireless networks require an increase in cooperation and coordination to
maximize the technology’s benefits to the employees of DREAM CARE GENERALHOSPITAL This
document sets forth the policies for using wireless technologies and assigns responsibilities for the
deployment of wireless services and the administration of the wireless radio frequency spectrum in a
distributed environment.

12.2 Scope
This policy applies to all wireless network devices utilizing DREAM CARE GENERALHOSPITAL IP
space and all users of such devices, and governs all wireless connections to the company’s network
backbone, frequency allocation, network assignment, registration in the Domain Name System, and
services provided over wireless connections to the company’s network backbone.

12.3 Guidelines
12.3.1: Wireless equipment and users must follow all network connection policies set forth.
12.3.2: Interference or disruption of other authorized communications that result from the intentional or
incidental misuse or misapplication of wireless network radio frequency spectrum is prohibited.
12.3.3: Wireless access points must abide by all federal, state, and local laws, rules or regulations
pertaining to wireless networks.
12.3.4: Wireless access points shall require user authentication at the access point before granting
access to Internet services.
12.3.5: Wireless passwords and data must be encrypted.
12.3.6: Wireless networks must be designed and deployed to avoid physical and logical interference
between components of different network segments and other equipment.
12.3.7: Institutional Security Office (ISO) will attempt to resolve any interference or security incidents
by coordinating with the registered Point of Contact (POC) for the wireless network.
12.3.8: Any wireless network that poses a security threat may be disconnected from the company’s
backbone network.
13.0 Physical Security
13.1 Purpose
A balanced security program must include a solid physical security foundation. A solid physical
security foundation protects and preserves information, physical assets, and human assets by reducing
the exposure to various physical threats that can produce a disruption or denial of computer service.
Managers are responsible for ensuring that corporate information assets under their control are properly
protected through the implementation of cost-effective physical security measures.

13.2 Responsibilities
13.2.1 The manager in charge of a computer facility that operates any platform computer system is
responsible for providing adequate physical protection of computer equipment and data media.
13.2.2 All the DREAM CARE GENERALHOSPITAL users are responsible for securing their access
unit from unauthorized use. Whenever a user is away from his or her access unit during the day, he or
she must protect the DREAM CARE GENERALHOSPITAL information assets by either logging off
of the computer, or activating a password protected screen saver.
13.2.3 At the end of the workday, each user is required to log off of his or her access unit.
13.2.4 DREAM CARE GENERALHOSPITAL offices and building shall have normal physical security
controls in place. Areas should be designed having limited accessibility with personnel access
controlled by a biometric hand scanner.

14.0 Violations and Enforcement

14.1 Purpose
Users who violate these policies may be denied access to Facilities IT resources and may be subject to
other penalties and disciplinary action, within the DREAM CARE GENERALHOSPITAL. Violations
may be handled through the DREAM CARE GENERALHOSPITAL disciplinary procedures applicable
to the relevant user. Additionally, Facilities may temporarily suspend, block or restrict access to an
account, independent of such procedures, when it reasonably appears necessary to do so in order to
protect the integrity, security, or functionality of Facilities or other IT resources or to protect the
DREAM CARE GENERALHOSPITAL from liability. The DREAM CARE GENERALHOSPITAL
may also refer suspected violations of applicable law to appropriate law enforcement agencies.
 DISATER RECOVERY PLAN

Every business, regardless of location, should have a backup plan. The following is the Disaster
Recovery Plan (DRP) that wehave found that DREAM CARE GENERALHOSPITAL should
envelop…

JEM’s disaster recovery plan produces solutions for a wide variety of problems for the
preparation of natural or man-made disasters that DREAM CARE GENERALHOSPITAL may be
viable to. To completely protect our data entirely, as well as add a secondary backup for DREAM
CARE GENERALHOSPITAL’s data, WEhave chosen CA ARCserve for the hot site. It is an integrated
package including the CA ARCserve Backup base product, a client agent for high-performance backup,
two CA XOsoft WANSyncHA licenses for continuous data protection, replication and failover to a
replica server, plus CA XOsoft Assured Recover to test and verify the recoverability of DREAM CARE
GENERALHOSPITAL’s backup. During the consideration process, WEfocused the majority of the
time on adhering to the Recovery Time and Recovery Point Objectives. The CA ARCerve solution
delivers the ability to align information protection with business requirements across the full range of
data protection needs for both the speed of recovery and maximum allowable data loss which meets
DREAM CARE GENERALHOSPITAL’s needs in case of an uncontrollable disaster. This system
utilizes not only the function of tape storage, but disk storage as well. They provide extended protection
capabilities for a server using continuous data protection, replication, and fail-over combined with
guaranteed high-performance. They support multiple operating systems in case of changes in hardware
as well, making calibration smooth and effortless.

DREAM CARE GENERALHOSPITAL’s Recovery Time Objective (RTO) is extremely

important considering the daily tasks that occur in their facilities. Since this is the case down time is not
an option because it could result in more than just data loss. To help keep these two objectives at a
minimum WEalso suggests the incorporation of a backup generator and battery packs to all
workstations, servers, and important devices. The batteries will act as a small time frame battery filler
to stop down time during power flickers or outages. The backup generator can then be turned on then
with enough time allowed to start up its parameters if need be. JEM’s RTO is as follows:

Hardware Computers System Network Applications

Down Time Estimate: MAX 10 Minutes MAX 10 Minutes MAX 10 Minutes

DISASTER RECOVERY POLICIES

DREAM CARE GENERALHOSPITAL Management:

1. DREAM CARE GENERALHOSPITAL is responsible for the following established policies and
procedures for the development and exercise of an agency disaster recovery plan.
2. DREAM CARE GENERALHOSPITAL is responsible for the development and testing of a disaster
recovery plan for companies IT systems.
Note: For most important and time critical data, a mirror system, or at least a mirror disk may
be needed for a quick recovering.
Information Technology Policies
Policy 100-00: Disaster Recovery
The state of business is critical. It is essential we run 100 percent of the time. If such a disaster
recovery planning and the capability for implementing a recovery is essential for all critical data
processing applications and their peripheral support activities.

Objectives:
The objective of this policy is to enhance the operational capabilities all information technology
resources, i.e. hardware, software and personnel that support the critical missions of the state in the
event of a natural or
man-made disaster.

Scope:
This policy applies to the data center.

Actions:
1. In case of a natural disaster, such as a hurricane, floods, wild fires, if there is server damage, or
servers cannot be access by the administrator, backups will be used for access to the same
material that would be backed up every night.
2. Immediately contact all managers and advise them of the situation and status.
3. Actions to be taken are to access back up and implement them as soon as possible without
exceeding Recovery Time Objective time.
4. Backups will be updated every night by Differential backup.
5. All backups must conform to the following best practice procedures:
5.1: All data, operating systems, and utility files must be adequately and systematically backed
up. (Ensure this includes all patches, fixes and updates).
5.2: Records of what is backed up and to where must be maintained.
5.3: Records of software licensing should be backed up.
5.4: The backup media must be precisely labeled and accurate records must be maintained of
back-ups done and to which back-up set they belong.
5.5: Copies of the back-up media, together with the back-up record, should be stored safely in a
remote location, at a sufficient distance away, to escape any damage from a disaster at the main
site.
5.6: Regular tests of restoring data/software from the backup copies should be undertaken, to
ensure that they can be relied upon for use in an emergency.
6. In case of security breach or malicious code is places on hardware immediate shut down of
infected
server is to take place. Backup will replace the primary server before server shut down for no
down time.
6.1: Shut down of servers will include full wipe of all files and a clean install will be necessary.
6.2: Possible capture of malicious code will be sent to government agencies for inspection.
7. UPS will be placed on all machines using building power. In case of power outage the UPS will
provide sufficient power for the time the generator will kick in.
7.1: UPS will be tested every 4 months. This will ensure all UPS are working. Tests need to be
documented every time test is issued.
8. Disk/ Fault tolerance will be handled by a RAID system of 0 + 1; this system will be striped
mirrored disks. Data is striped across multiple mirrored disks. Failure of any one disk causes no
data loss and no speed loss. Failure of a second disk could result in data loss. This is faster than
a single disk for both reads and writes.
Enforcement:
Policy 100-00: Disaster Recovery
Reporting
DREAM CARE GENERALHOSPITAL will be required to submit annual disaster recovery
plans along with documentation of all test exercises.

DATAGRAM

The following are the diagram of the logical and physical topologies that meets standards
of networking solutions.