Network issues in hospitals are often highly complex. In many places, the motto is: don’t touch anything as long as it works. Not so at the Cantonal Hospital of Graubünden (KSGR). The KSGR has an innovative network with a high degree of automation, which is particularly evident in the rapid, policy-compliant network access for all devices.
Unprecedented innovation in the network: this is a reality at the Cantonal Hospital of Graubünden (KSGR). The network access control solution from United Security Providers is at the heart of the KSGR network. As the central intelligence, the USP Network Authentication System® (USP NAS) ensures smooth operation and ensures that all known devices can securely access the right network.
The USP NAS offers the classic functionalities of a network access control solution. These include network transparency, protection against unauthorized devices and dynamic VLAN management. The latter ensures that devices newly connected to the KSGR network are automatically assigned to the appropriate network segment.
Portspeed: Automatic provisioning leads to greater efficiency and cost savings
But the KSGR goes one step further: it has an extensive inventory database that serves the USP NAS as the basis for dynamic VLAN management. The port configuration is provisioned dynamically based on the connected end device and its characteristics stored in the inventory database. Unlike usual, provisioning is therefore not based on the switch configuration, but on the end device itself.
A medical device that was previously connected to Switch 4 in Ward A and is now to be connected to Switch 7 in Ward B can thus be moved very easily. Once plugged into the new location, the medical device automatically has the correct provisioning and is ready for use.
The medical devices that are indispensable for hospital operations are therefore always ready for use – and have the optimum device-specific network configuration at all times. The high level of automation in the network makes KSGR employees more efficient, and operation is simpler and leaner than in traditional networks, which saves IT costs.
User-friendly: a plus for the workforce
Not only the medical devices, but also the KSGR staff have simple and secure network access at all times, for example for accessing clinical data or for catering, where the patients’ menus are selected via tablets. Mobile devices are consistently assigned to the corresponding network zone via both LAN and WLAN based on the device type and the zone assigned to this asset.
Independence & separation of security from the network infrastructure
USP NAS is the central intelligence in the network and regulates which devices are allowed to access which network segments of the hospital. USP NAS is completely independent of the type of network infrastructure, i.e. vendor-independent. As a result, KSGR was able to renew the switches completely independently when they reached the end of their life cycle. Whether HP, Aruba, Huawei or hybrid environments: USP NAS protects every network.
Long-standing partnership with Graubünden Cantonal Hospital
KSGR has been using the USP Network Authentication System® since 2012. Since then, the NAC solution has not only provided the desired level of protection in the network, but has also allowed KSGR to gradually expand further. “USP NAS gives us potential for the further implementation of innovation projects and enables us to continuously optimize our network in terms of costs, efficiency and user-friendliness,” says Stefan Juon, CISO at KGSR.