Scribd Logo
Upload

Welcome to Scribd!

  • 06-Sentinel & Remote Desktop

    Uploaded by

    José Manuel Valdez Revilla
    8 views12 pages
    The Sentinel Service provides remote support for medical equipment by periodically receiving system updates and status information. It allows for troubleshooting, preventative maintenance, remote software updates, and application support. System logging can also be activated remotely to help with problem diagnosis. The service works by sending status information from the medical equipment to database servers, which technical support can then access remotely through a secure web portal. Remote desktop connections can also be initiated to allow for direct remote access to the medical equipment.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Sentinel Service provides remote support for medical equipment by periodically receiving system updates and status information. It allows for troubleshooting, preventative maintenance, remote software updates, and application support. System logging can also be activated remotely to help with problem diagnosis. The service works by sending status information from the medical equipment to database servers, which technical support can then access remotely through a secure web portal. Remote desktop connections can also be initiated to allow for direct remote access to the medical equipment.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views12 pages

    06-Sentinel & Remote Desktop

    Uploaded by

    José Manuel Valdez Revilla
    The Sentinel Service provides remote support for medical equipment by periodically receiving system updates and status information. It allows for troubleshooting, preventative maintenance, remote software updates, and application support. System logging can also be activated remotely to help with problem diagnosis. The service works by sending status information from the medical equipment to database servers, which technical support can then access remotely through a secure web portal. Remote desktop connections can also be initiated to allow for direct remote access to the medical equipment.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Sentinel Service

    The Sentinel Service System provides remote support for Hitachi Medical Equipment.
    It also provides up-to-date System Status Information with periodic intervals.

    The Sentinel Service is a product from:

    Questra Corporation
    nowadays
    Axeda Corporation (axeda.com)
    What can we do with the Sentinel Service ?

    Troubleshooting and preventive maintenance


    The Sentinel Server periodically receives system updates directly from the modality.
    Information will be provided such as pressure levels, temperatures, voltages and other critical system functions.
    Hitachi Technical Support can log into the Server to review the data and can even receive automated messages
    about risky situations to take preventive actions.

    Remote installation of Software Service Packs


    No need to plan on-site visits to install Software Service Packs

    Application Support
    Remote Desktop support by the applications helpdesk

    System Logging
    In case problems occur, system logging can be activated remotely to be downloaded and evaluated

    2
    How does the Sentinel Service work? HMC Sentinel Japan
    RD Server 133.145.173.152 Database Server
    133.145.173.151

    Internet

    Firewall
    SYSTEM STATUS INFO

    Web Server 133.145.173.150


    Customer

    system status information periodically HMSA NTS


    Firewall

    sent to the Database Server

    Firewall
    HITACHI

    HTTPS://WWW.SENTINEL-SERVICE.COM/qss=133.145.173.150  WS.SENTINEL-SERVICE.COM=133.145.173.151  RD.SENTINEL-SERVICE.COM=133.145.173.152


    How does the Sentinel Service work? HMC Sentinel Japan
    RD Server 133.145.173.152 Database Server
    133.145.173.151

    Internet

    Firewall
    Web Server 133.145.173.150
    Customer

    NTS Twinsburg, OH reviews information HMSA NTS


    Firewall

    Firewall
    HITACHI

    HTTPS://WWW.SENTINEL-SERVICE.COM/qss=133.145.173.150  WS.SENTINEL-SERVICE.COM=133.145.173.151  RD.SENTINEL-SERVICE.COM=133.145.173.152


    How does the Sentinel Service work? HMC Sentinel Japan
    RD Server 133.145.173.152 Database Server
    133.145.173.151

    Internet
    RD trigger

    Firewall
    Web Server 133.145.173.150
    Customer

    Remote Desktop trigger is sent HMSA NTS


    Firewall

    to Database Server

    Firewall
    HITACHI

    HTTPS://WWW.SENTINEL-SERVICE.COM/qss=133.145.173.150  WS.SENTINEL-SERVICE.COM=133.145.173.151  RD.SENTINEL-SERVICE.COM=133.145.173.152


    How does the Sentinel Service work? HMC Sentinel Japan
    RD Server 133.145.173.152 Database Server
    133.145.173.151

    Internet

    RD trigger

    Firewall
    NEW SYSTEM STATUS INFO

    Web Server 133.145.173.150


    Customer

    new system status information is sent to


    the Database Server. HMSA NTS
    Firewall

    During this session, an RD trigger will be


    sent back to the MR Console to initiate

    Firewall
    HITACHI a session with the RD Server

    HTTPS://WWW.SENTINEL-SERVICE.COM/qss=133.145.173.150  WS.SENTINEL-SERVICE.COM=133.145.173.151  RD.SENTINEL-SERVICE.COM=133.145.173.152


    How does the Sentinel Service work? HMC Sentinel Japan
    RD Server 133.145.173.152 Database Server
    133.145.173.151

    Internet

    REMOTE
    REMOTEDESKTOP
    DESKTOPSESSION
    SESSIONREQUEST
    REQUEST

    Firewall
    Web Server 133.145.173.150
    Customer

    a Remote Desktop session will be


    HMSA NTS
    Firewall

    established with the RD Server

    Firewall
    HITACHI

    HTTPS://WWW.SENTINEL-SERVICE.COM/qss=133.145.173.150  WS.SENTINEL-SERVICE.COM=133.145.173.151  RD.SENTINEL-SERVICE.COM=133.145.173.152


    How does the Sentinel Service work? HMC Sentinel Japan
    RD Server 133.145.173.152 Database Server
    133.145.173.151

    Internet

    REMOTE DESKTOP SESSION ESTABLISHED

    Firewall
    Firewall
    Web Server 133.145.173.150
    Customer

    HMSA NTS
    Firewall

    Firewall
    HITACHI

    HMSA NTS can connect with the Customer’s Modality


    through the remote desktop connection between the
    RD Server and the Modality

    HTTPS://WWW.SENTINEL-SERVICE.COM/qss=133.145.173.150  WS.SENTINEL-SERVICE.COM=133.145.173.151  RD.SENTINEL-SERVICE.COM=133.145.173.152


    Is the Sentinel Service Secure?

    The Hitachi Oasis, Echelon and Oval MRI Workstations and the CT Scenaria Workstations communicate with
    Hitachi Sentinel servers using the TLSv1 cryptographic protocol for the safe transportation of data. It uses
    mutual authentication (2SSL) providing extra security between the client and server authentication processes.

    The Sentinel servers do not respond to ICMP ping commands from the internet and will only allow connections
    when there is an agreement on the correct cipher suite TLS_RSA_with_RC4_128_MD5 (using 128 bit depth
    encryption w/o compression) in combination with a valid certificate exchange.

    This method of operation is very secure and hard to intercept/hack from the “outside world”.

    In addition, before a remote desktop session can be initiated, the operator or technologist has to approve the
    session.
    Before the approved session will be established, all patient sensitive information will be anonymized (HIPAA
    safe)

    9
    What ports need to be opened on the hospital firewall??
    NTS will access the Graphical User Interface (GUI) of Webserver 133.145.173.150
    (https://www.sentinel-service.com/qss) to review all installed devices.
    When a remote desktop session is needed, a trigger will be sent to the database desktop server
    ws.sentinel-service.com (133.145.173.151 to trigger the modality to send a RD request.

    Therewith, the initial RD request will be send by the modality via an outbound SSL packet (not inbound that
    may be blocked by the hospital’s firewall).
    The rd.sentinel-service.com server will accept the RD session and the connection is established.
    In order to make the connection with the server, outbound port 443 needs to be open for the modality, nothing
    more !

    We do not use a VPN for the connection, “just” a regular SSL/TLSv1 connection.

    True or not true?


    Port 5800/5900 must be opened for the RD connection…: misunderstanding!
    The connection runs through the TLSv1 connection which requires port 443 outbound only.

    10
    What kind of Remote Desktop program is used?
    When the Questra software wants to establish a Remote Desktop session (RD session), the ultraVNC program is
    used.

    VNC was originally developed (by Olivetti and Oracle Research Labs) to be used only in a LAN, due to security
    issues.
    Wen used over the internet, a secure connection (SSL: Secure Socket Layer or TLSv1: Transport Layer 1) is
    required for safety.
    Nowadays, there are several companies who deliver the VNC concept of platform independent remote desktop
    control. One of the most popular versions is RealVNC (from RealVNC Ltd.), by the original developers of VNC.
    RealVNC is free for use (http://www.realvnc.com). The paid versions of RealVNC offer more functionality which
    is not needed for our purposes.

    UltraVNC is comparable with Microsoft’s RDP (Remote Desktop Protocol) that uses TCP Port 3389.

    11
    Sentinel Technical Information Sheet

    You might also like