Four years ago, when Sharp HealthCare
installed Cisco wireless LANs in its seven
San Diego area hospitals it was a Wi-Fi pioneer. Today, with Wi-Fi increasingly
a mission-critical resource in the company, Sharp is moving on to the leading
edge again, installing a next-generation Wi-Fi WLAN based on equipment from
Aruba Wireless Networks.
It first installed the WLANs to support an electronic bedside medical charting
application. Nurses enter patient chart information in a spreadsheet-like
application on PCs mounted on carts, which they wheel from room to room and
bed to bed.
Now scores of doctors and other medical professionals also use the WLANs
to access the Sharp network with their Wi-Fi-enabled PDAs and laptops. More
and more are requesting access all the time.
The Aruba solution features a central wireless switch or controller at the
company’s data center, which includes a built-in firewall and intrusion detection
features. The controller can manage access points remotely and monitor and
track clients. In Sharp’s case, network management data travels over the company’s
dedicated fiber backbone which links hospitals and data center.
The Aruba access points are "thinAPs" — meaning much of the critical
software functions reside on the switch rather than the AP. The APs also work
as network sensors, able to capture data packets on nearby segments of the
network and send them back to the controller.
Sharp also this year completed deploying 200 Wi-Fi-based "wireless pumps"
— intravenous (I.V.) infusion units from Alaris Medical Systems that connect to a
central server over the WLAN and allow doctors and nurses to remotely monitor
delivery of medications.
The new initiatives lay the groundwork for a future in which wireless will
be even more vital than it is today, says Gary Jenkins, the company’s senior
network engineer.
"It seems that every new application we want to put into the hospitals
anymore is wireless," Jenkins says. "So we’re really trying to beef
up the infrastructure to support what’s coming rather than building it larger
for what we need now."
One new application will let doctors access patient medical records online
over the WLAN as they do their rounds. Another will see pharmacy department
employees using tablet PCs to track and monitor meds.
More and more medical professionals in the company carry Wi-Fi-enabled PDAs
and laptops, and given that virtually every new laptop sold, and many new
PDAs too, have Wi-Fi built in, demand for wireless access will only grow,
Jenkins says.
"Originally four years ago we didn’t need to have every nook and cranny
covered for wireless," he says. "Now we’re trying to prepare for
a time when we do — and it’s coming pretty soon."
The immediate impetus for upgrading the wireless infrastructure had to do
with the already high cost of managing existing WLANs and the increasingly
high cost of ownership going forward. Sharp was looking for a more centralized
approach to network management.
With about 200 access points spread around its seven hospitals and several
clinics, performing a security or other upgrade to AP firmware, which involved
physically visiting each site, could be a significant undertaking.
The seven Sharp hospitals are spread out around the San Diego region. The
two furthest separated are 100 miles apart, each a 30-minute or longer drive
from the company’s central data center where Jenkins and other IT staff work.
Also, if management called Jenkins’ office and reported a problem with a
network, he had to get in his car and drive to the site to troubleshoot. He
only received two or three such calls a year and the problems never turned
out to be network related, but Jenkins still had to go.
"It’s not such a good thing when you’re sitting in an intensive care
unit, troubleshooting a network problem," he adds. "You really don’t
want to be sitting next to patients, disturbing them. These people are very
sick."
When Sharp started looking at next-generation wireless solutions, it was
actually looking for three things — centralized network management and security,
remote packet sensing and the ability to force guests using wired Ethernet
outlets in conference rooms to authenticate themselves on the network.
The Aruba solution was the only one that answered all three needs and it
did it for about the same price as any one of the separate solutions the company
considered. Jenkins also liked the fact that it used just two different devices
— the central controller and the dual-function AP/sensors.
"At the time, in January or February [2004], when we were looking at
finding another solution, Cisco didn’t have its [centralized management] product
announced," Jenkins points out.
The thin-access point architecture was another strong plus in favor of Aruba.
It means eventually Jenkins won’t have to visit each site to do AP firmware
upgrades. He’ll only have to make software changes at the central controller.
"That’s going to make it a lot easier," he says.
The full benefit won’t kick in, however, until Sharp replaces all its Cisco
APs with Aruba units, and there is currently no time table for doing that.
"The Cisco APs are perfectly good," Jenkins points out. "We’re
not going to throw them out."
In the meantime, he is installing Aruba AP/sensors in locations such as intensive
care and emergency departments. This is both to provide additional coverage
and also so that Sharp can take advantage now of the remote monitoring and
troubleshooting capabilities of the Aruba solution.
The sensors can capture packets moving between non-Aruba APs and send them
to the controller for analysis, and the controller can monitor the Cisco APs
— though it can’t perform remote software updates and other management functions.
The centralized security features were another reason Sharp chose Aruba.
In the past, it would have no idea if someone was trying to hack into the
network to stage a denial of service attack, or if employees were installing
rogue access points.
While the Aruba switch doesn’t manage client devices, other than to control
the authentication process, it can monitor and track them, mapping where a
particular client has been in the network at different times and locating
a client at any point in time.
This is useful for a number of reasons, says Jeanette Lee, a senior systems
engineer with Aruba. Sharp can analyze data about where users are using the
network, or trying to use it, to figure out where it needs to expand coverage
or increase capacity.
The ability to triangulate the location of an individual client could be
useful in a number of situations, Lee says — for example, if a worm-infected
device was trying to spread its infection over the WLAN. "If you’ve got
a couple of hundred users, finding one when they’re all mobile is very difficult
without these features," she notes.
Although the Aruba solution does not offer full-blown asset tracking functionality,
the ability to triangulate a client could also help Sharp locate a misplaced
wireless IV unit, Lee suggests.
The IV units are not quite as scary as they might at first sound. It’s not
as if a computer system controls how much medicine a patient gets via the
WLAN. Nurses still calibrate the IV units in the old way, but the wireless
pumps transmit data about how they are calibrated and how much they dispense
to a central server for analysis and tracking.
Previous generations of the devices had to be taken to a computer lab, first
to be programmed with the profile for a particular hospital and later to have
the data stored in it downloaded to a server. Now the devices automatically
send data over the WLAN.
This eliminates down time for the IV units and saves IT staff time. It also
enables real-time monitoring by medical personnel and some logical checking
functions — for example, it can set off an alarm at a data center console
if a nurse enters obviously incorrect calibration information.
The devices work on any Wi-Fi LAN, Lee says, but the Aruba network controller
does allow Sharp to prioritize packets to and from the IV units.
Sharp HealthCare is like a lot of enterprise Wi-Fi users. As demand for Wi-Fi
services increases, and more and more mission-critical — and in Sharp’s case,
medically caritical — applications run over the WLAN, tighter management
and security is crucial so total cost of ownership starts to become a big
issue.
Aruba is by no means the only vendor with a solution, but given the acute
security and cost concerns in the health care industry, the fact that a successful
and forward thinking company like Sharp is using Aruba is certainly a recommendation.