Your SlideShare is downloading. ×
Defending Healthcare Networks with NetFlow
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Defending Healthcare Networks with NetFlow

4,491
views

Published on

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
4,491
On Slideshare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
15
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Defending Health Care Networks with NetFlow Jeffrey M. Wells, CCIE, CISSP Director of Business Development jwells@lancope.com © 2013 Lancope, Inc. All rights reserved. 1
  • 2. The Healthcare IT Problem Space • Rapidly changing technology and pressure for adoption. • Expensive stationary and mobile devices. • High-risk medical equipment (automated pharmacies, medical robots, etc.) • Need to provide guest access for patients and their loved ones. • Need to provide access for transient professionals – visiting surgeons, etc. • Need to provide access that’s open to “any device, anywhere”. • Need to monitor and differentiate access. • Enormous, complex and murky regulatory environment. • Patient care aspect of business enormously magnifies risk. • For Healthcare IT these all boil down to a problem with visibility. © 2013 Lancope, Inc. All rights reserved. 2
  • 3. Examples Monitoring medical devices • • • Where is my crash cart? Who used it last? Is it in use now? What devices on the network are touching my infusion pumps? Is my automated pharmacy secured? Are the network access policies working? Differentiated access • • • Bandwidth management • • • How can I ensure rapid delivery of radiology images from my PACS system across the hospital internetwork? How do I know the QoS policies I’ve implemented are working? Which clinics are utilizing the network the most effectively? © 2013 Lancope, Inc. All rights reserved. Is patient guest access sufficiently isolated? Is that patient’s bored, angry teenage son trying to hack us? Can I get the visiting neurosurgeon with his iPad online rapidly so he can do the job we’re paying him for? Regulatory environment • • • How do I track access to regulated information? How can I ensure compliance with HIPAA, ACA, PCI or other regulatory requirements for critical systems? How do I deal with an audit in the most efficient way possible? 3
  • 4. The Big Picture How can I ensure that my IT operations and underlying infrastructure positively impact my patients’ medical outcomes? © 2013 Lancope, Inc. All rights reserved. 4
  • 5. Additionally … We still have to deal with all the “normal” IT issues common to all business: • Network monitoring and management • Security of assets and data • Advanced threats – detect and respond • Antivirus • Et cetera… It all boils down to a problem of visibility © 2013 Lancope, Inc. All rights reserved. 5
  • 6. What would be the ideal visibility situation? Full packet capture or IDS everywhere…? 3560-X Internet Shasta ASR-1000 Lompoc 3925 ISR WAN Cat6k Cat6k ASA Chandler Cat4k Datacenter DMZ Access UCS with Nexus 1000v 3850 Stack(s) © 2013 Lancope, Inc. All rights reserved. 6
  • 7. Traditional Monitoring © 2013 Lancope, Inc. All rights reserved. 7
  • 8. Introducing NetFlow Technology telephone bill NetFlow © 2013 Lancope, Inc. All rights reserved. 8
  • 9. End-to-end visibility via flow telemetry … … your infrastructure is the source: 3560-X Internet Shasta NetFlow NetFlow NetFlow Lompoc NetFlow 3925 ISR WAN NetFlow ASR-1000 NetFlow Cat6k NetFlow Cat6k NetFlow ASA Chandler NetFlow DMZ NetFlow Cat4k NetFlow Datacenter NetFlow UCS with Nexus 1000v NetFlow Access NetFlow NetFlow NetFlow 3850 Stack(s) © 2013 Lancope, Inc. All rights reserved. 9
  • 10. StealthWatch Management Console StealthWatch FlowReplicator NetFlow, syslog, SNMP ID1100 StealthWatch FlowCollector StealthWatch FlowSensor NetFlow enabled routers, switches, firewalls © 2013 Lancope, Inc. All rights reserved. vSphere with StealthWatch FlowSensor VE User and Device Information 10
  • 11. Typical Use Cases • Protecting Patient Data – Enhancing data privacy and security policy enforcement • Ensuring Regulatory Compliance with industry legislation – Reduce the risk of data tampering or theft, track user identity and increase accountability • Monitoring Data from a range of devices – Track critical devices on the network including heart pumps, dialysis machines, drug dispensing machines, etc. View the device, location and activity to ensure machines are secure and operating within policy • Securing Hospital Guest Networks – Maintain a robust BYOD policy to ensure visitors can use the hospital guest network without accessing confidential data and devices © 2013 Lancope, Inc. All rights reserved. 11
  • 12. Typical Use Cases - • Rapid reaction to network or security issues – “Network is slow/down” – “My app isn’t working” • Network Bandwidth Management – Ensure devices on the network are correctly configured – Track data across the network including large electronic images and files (X-Rays, MRI scans, etc) • Enhance Network Infrastructure – Augment investment in existing hardware (switches and routers) by capturing flow data for full end-to-end visibility across the network – Monitor RTP infrastructure: VoIP, video, etc. – Monitor QoS policies © 2013 Lancope, Inc. All rights reserved. 12
  • 13. Use case examples © 2013 Lancope, Inc. All rights reserved. 13
  • 14. How are my critical links being utilized? © 2013 Lancope, Inc. All rights reserved. 14
  • 15. Who talks to my HIPAA hosts? Legitimate What’s this?? © 2013 Lancope, Inc. All rights reserved. 15
  • 16. Monitor complex relationships © 2013 Lancope, Inc. All rights reserved. 16
  • 17. Monitor wireless guests © 2013 Lancope, Inc. All rights reserved. 117
  • 18. Monitor critical servers or devices © 2013 Lancope, Inc. All rights reserved. 18
  • 19. Identity integration From any report, instantly answer the question of “who”… © 2013 Lancope, Inc. All rights reserved. 19
  • 20. Further learning • Market Brief (Network & Security Challenges in Healthcare) • http://www.lancope.com/resource-center/market-briefs/networkchallenges-of-healthcare/ • Webinar: Defending HealthCare Networks: 30th October http://www.lancope.com/company-overview/webinar/defendinghealthcare-networks-with-netflow • Featured Case Studies/Success stories • http://www.lancope.com/resource-center/case-studies/stanford/ • http://www.lancope.com/resource-center/case-studies/psbc-case-study/ • CTD Video • http://www.lancope.com/resource-center/videos/ctd/ © 2013 Lancope, Inc. All rights reserved. 20
  • 21. Q&A © 2013 Lancope, Inc. All rights reserved. 21
  • 22. Thank You Jeffrey M. Wells, CCIE, CISSP Director of Business Development jwells@lancope.com www.lancope.com @Lancope (company) @netflowninjas (company blog) https://www.facebook.com/Lancope http://www.linkedin.com/groups/NetFlow-Ninjas-2261596/about https://plus.google.com/u/0/103996520487697388791/posts http://feeds.feedburner.com/NetflowNinjas © 2013 Lancope, Inc. All rights reserved. 22