Customer Solution Case Study
/ German Hospitals Replace Linux Firewall to Give GPs Secure Access to Patient Records
Overview
Country or Region:Germany
Industry:Healthcare
Customer Profile
Kreiskrankenhaus Gummersbach has a workforce of 1,600 staff. In addition to its medical duties, the hospital maintains its own operational departments, such as finance, personnel, and IT.
Business Situation
To reduce running costs, Kreiskrankenhaus Gummersbach wanted to securely publish two Web servers and give 50 GPs in the area access to the hospitals’ data from its intranet.
Solution
Kreiskrankenhaus chose the ValueServer Security 2004 system, powered by Microsoft® Internet Security and Acceleration (ISA) server, part of the Microsoft Windows Server™ 2003 System.
Benefits
Patient records securely available online
Application layer inspection for viruses
Good integration with messaging & collaboration applications
Quick and easy installation and management / “The price/performance ratio is incredibly good. Yet there is no trade-off in the solution’s ability to protect our servers. It’s the perfect solution for Small and Medium-sized Enterprises.”
Ralph Kippels, Head of IT, Kreiskrankenhaus Gummersbach
German hospital Kreiskrankenhaus Gummersbach employs 1,600 people. The organisation wanted to reduce its running costs, and believed this could be achieved by giving 50 general practitioners (GPs or family doctors) in the area access to patient data available on its Intranet. As a result, the organisation sought an up-to-date, front-end firewall solution that checked for viruses and worms at the application layer, a level of inspection its existing Linux solution could not reach. Kreiskrankenhaus chose the ValueServer Security 2004 system, powered by Microsoft® Internet Security and Acceleration (ISA) Server 2004, part of Microsoft Windows Server™ 2003, from Microsoft Platinum Original Equipment Manufacturer (OEM) Partner Pyramid Computer. Now, the Web servers are better safeguarded against potential intrusions, and GPs can check patient information such as treatment records and appointments, securely online.
Situation
Kreiskrankenhaus Gummersbach has a workforce of 1,600 staff whose responsibilities cover operational departments, such as finance, personnel, and IT as well as the standard medical work of a hospital.
The organisation wanted to lower its IT operating costs and decided to do this by reducing expenditure on answering general practitioners’ (GPs or family doctors) enquiries for patient information. Up to this point, answers had been supplied by post and telephone. To meet this objective, Kreiskrankenhaus Gummersbach chose to publish two Web servers, giving 50 GPs in the area access to the hospitals’ patient available on its Intranet.
But, the organisation knew its existing Linux firewall alone could not safeguard the Intranet securely enough from intrusion. The system checked for viruses and worms only at the network layer instead of the application layer, known as Application-Layer Filtering (ALF), where modern intrusions regularly occur. “We wanted to protect our servers with the latest intruder detection techniques and so Application-Layer Filtering was a key requirement for a new firewall,” says Ralph Kippels, Head of IT, Kreiskrankenhaus Gummersbach. The organisation sought a single front-end firewall solution that provided ALF and created a Demilitarised Zone (DMZ) around the network.
Yet it did not want IT personnel to continue to suffer the same problems as with the existing Linux firewall. They found the legacy solution difficult to integrate with the collaboration and messaging servers, Microsoft® Exchange Server 2003 and Microsoft Office Outlook® Web Access (OWA), which had improved employee productivity by giving them access to their mails away from the hospital.
Solution
After considering other firewall solutions, Kreiskrankenhaus Gummersbach chose the ValueServer Security 2004 system from Microsoft Platinum Original Equipment Manufacturer (OEM) Partner, Pyramid Computer. The system is powered by Microsoft Internet Security and Acceleration (ISA) Server 2004, part of Microsoft Windows Server™ 2003 and acts as an additional layer of security for the network.
Kreiskrankenhaus Gummersbach IT personnel began implementation in December 2004, and the perimeter security solution went live in January 2005, after a successful test period. “The deployment process was extremely straightforward. We bought the system and completed the installation and configuration ourselves,” says Kippels.
The staff found it easier to configure than the Linux firewall, using the rules-based Wizard. Plus, it only required two people to complete the whole process.
The IT team deployed ValueServer Security 2004 alongside the existing Linux firewall solution. With the new system’s ALF capability, the contents of data packets would be checked to ensure they corresponded with the description given by the packets’ header code. The solution was then integrated with Active Directory directory service, Exchange Server 2003 and Outlook Web Access severs.
Benefits
Through the ValueServer Security 2004 solution, built on ISA Server 2004, KreiskrankenhausGummersbach receives tighter perimeter security from a system that requires minimal IT management, and offers superior integration.
Improved Privacy Without Less Access
IT personnel know any worms or viruses originating from GPs’ computers will be checked by the firewall at the application layer where modern-day intrusions often occur. In addition, with Secure Socket Layer (SSL) bridging, GPs are aware that accessing patient data and making appointments can be done securely. Kippels says: “ISA Server 2004 gives us the necessary guarantee that patient records will remain confidential.”
Simple Maintenance And Automatic Updates
Aside from having a robust firewall, Kreiskrankenhaus also benefits from a solution that is easy to manage, based on a point and click rules-based Wizard. “With the automatic updates, we have less responsibility for update management,” says Kippels.
Furthermore, under the Application Programme Interface (API) programme between Microsoft and its partners for ISA 2004, firewall solutions such as ValueServer Security 2004 will always have up-to-date virus and intruder detection software.
Easy Integration With Other Applications
Being able to integrate the solution with Exchange Server and Outlook Web Access has maintained the productivity of employees. It was simple to establish a safe connection between OWA and Exchange Server that passed through the firewall with the ISA 2004 OWA Wizard.
Furthermore, the linkup with Active Directory ensures IT personnel can use the directory’s user database to authenticate both inbound and outbound access through the firewall.
Good Price And Great Performance
Kippels is impressed by the price/performance ratio of the solution. He says: “The price/performance ratio is incredibly good. Yet there is no trade-off in the solution’s ability to protect our servers. It’s the perfect solution for Small and Medium-sized Enterprises (SMEs).”
Kreiskrankenhaus is now planning to extend Intranet access for patient records to more GPs in the area.
Microsoft Windows Server System
Microsoft® Windows Server SystemTM is a comprehensive, integrated, and interoperable server infrastructure that helps reduce the complexity and costs of building, deploying, connecting, and operating agile business solutions. Windows Server System helps customers create new value for their business through the strategic use of their IT assets. With the Windows ServerTM operating system as its foundation, Windows Server System delivers dependable infrastructure for data management and analysis; enterprise integration; customer, partner, and employee portals; business process automation; communications and collaboration; and core IT operations including security, deployment, and systems management.
For more information about Windows Server System, go to: