Adena Health System is a 238-bed facility that serves more than 250,000 residents throughout 10 counties in Ohio. The company’s IT group oversees a network that includes over 100 servers, 1,700 workstations, public and private wireless access points, and machines that run highly specialized medical applications for surgical and other procedures. All told, these systems are spread across a regional hospital, a critical-access hospital, three healthcare centers, and nearly 30 physician practices throughout the region.
Because Adena’s physicians and other medical professionals rely so heavily on the network, protecting it from malicious intrusion is a top priority. That’s why Brian Young, Senior Network Security and System Administrator, installed the McAfee Network Security Platform I-2600 (formerly McAfee IntruShield Network Intrusion Prevention System).
“We use Network Security Platform as our perimeter defense, which encompasses anything connected to the Internet or outside our firewall, such as a vendor or site-to-site VPN,” explains Young. “Initially, we set it up in monitoring mode to see what type of traffic was going in and out. Once we identified all the malicious traffic, we put it into prevention mode and started blocking and dropping packets.”
McAfee Network Security Platform eliminates threats and reclaims network bandwidth
Network Security Platform identified and blocked numerous major and minor threats, such as address resolution protocol (ARP) spoofing, malware, denial of service attacks, phishing, and peer-to-peer file sharing. Fortunately, before they were stopped, none of these threats caused any data loss, but Internet access was extremely slow. Hospital applications that required Internet services were effected and, in some cases, servers had to be rebooted to regain functionality.
“On my first day at Adena, I was able to circumvent the firewall without any authentication,” Young says. “At the time, the firewall was managed but not monitored by a VAR. So making the case for Network Security Platform wasn’t hard. I simply explained what I saw and what was needed. Then we just moved forward.”
Better, easier-to-manage protection at a lower cost
“At my previous employer, I’d used an IDS from Internet Security Systems,” notes Young. “But it was hard to deploy and manage, and difficult to teach to others. I migrated to Network Security Platform before I left and found it to be a good fit for Adena. Network Security Platform is much more intuitive. My team and I did the install in one day.”
Adena had spent $70,000 with a network security services provider for IDS monitoring. But their “solution” provided very little in the way of intrusion detection and intrusion prevention.
As added protection against a data loss disaster, “We really weren’t getting any kind of detection services out of them,” recalls Young. “We weren’t getting any information back. So when we deployed McAfee Network Security Platform, we knew much more about our network and what was going on than they did. Network Security Platform has paid off a million fold compared to what we had.”
"McAfee Network Security Platform has been very stable. It has been running without a problem since it was installed. Its functionality is fully deployed and it has been upgraded with the latest release. We’re very happy with McAfee Network Security Platform."Brian Young
Senior Network Security and System Administrator, Adena Health System
Scaling with Adena network
When Young first deployed Network Security Platform, Adena’s network was a 100-megabit/1-gigabit environment, so a single appliance was sufficient to protect the perimeter and several segments of the LAN. The network now features 10-gigabit bandwidth and, in the future, Young plans to install the new 10GigE IPS.
“Right now, Network Security Platform just supplies perimeter defense for the Internet and some remote sites,” remarks Young. “We’ll supplement the LAN with additional IPS devices and other security tools to fully support its10-gigabit capacity.”
Adena will soon extend its network capabilities with a fiber ring. The facility has received a fourteen-million-dollar government grant for fiber-ring expansion. The ring will cover an area in southern Ohio the size of Rhode Island — approximately 1,200 square miles.
“We’ll be putting security devices on the ring to protect the hospital,” Young says. “That’s when we’ll really be able to leverage the capability of the 10GigE.”
New data center to feature McAfee Network Security Central Manager
The data center will employ McAfee Network Security Central Manager (formerly McAfee IntruShield Command Center) to offload policy management to a central control point. This not only improves consistency, but it also removes responsibility for policy updates from local staff. Network Security Central Manager drives and monitors policy changes to ensure they take effect.
“We’ll be moving 100-plus servers and a 24-terabyte SAN,” Young elaborates. “Once the move is complete, we’ll be starting a security project for the entire network and Network Security Central Manager will be a big part of that.”