Emergency General Hospital

一、Pain points and needs

According to relevant policy requirements, the Emergency General Hospital needs to carry out graded protection construction for HIS system (Level 3), PACS, and LIS system (Level 2), while taking into account network boundary security and business scalability, ultimately achieving more practical security measures and means on the basis of ensuring compliance. In addition to meeting the compliance requirements, the urgent needs of hospital networks mainly include the following four aspects:

1、Based on the characteristics of the business system and the hospital's network security requirements, sort out the hospital network and business systems, construct network security zone boundaries, and ensure the security protection of key business systems.

2、Internet border security is strengthened. With the rise of "Internet plus+Medical", the interconnection of internal and external network services has become the trend of hospital business development. Internet exports have become the key node of the entire hospital network. It is necessary to strengthen the security protection of Internet borders, and strengthen the security of Internet export links, border protection, intrusion prevention, traffic management, log audit, etc.

3、Build security detection response capability. On the basis of border protection, strengthening continuous security monitoring of the internal network is also a top priority for hospital network security work. The current medical network environment is becoming increasingly complex, and ransomware incidents targeting the medical system occur from time to time. Hackers have multiple means to break through boundaries and enter the internal network, causing damage or theft of business systems. Therefore, it is necessary to strengthen the continuous detection capability of the internal network on the basis of border security defense, and timely detect hidden threats within the internal network and high-risk external attack behaviors.

4、Replacement of old office terminals. The traditional PC device centric computing model and IT desktop management are pain points in information technology construction.

二、The solution

1、Security protection for critical business systems. Sort out the network situation of the hospital, preliminarily divide the network into security zones according to the security requirements of different business systems, construct security boundaries, and protect the security of business systems such as HIS, LIS, PACS, etc.

2、Internet border security is strengthened. After the internal and external network boundaries are opened, the Internet outlet becomes the key node of the entire hospital network. According to the security and stability requirements of the Internet outlet, the outlet link is expanded, and load balancing equipment is used to ensure the stability and high availability of the outlet link; By deploying the next generation firewall of Suntrust at the Internet outlet to block a large number of Internet attacks and achieve access control, intrusion prevention, and botnet detection capabilities, it can comprehensively resist new threats and network attacks and meet the requirements of hierarchical protection on regional boundaries; Simultaneously deploying a deep trust internet behavior management device to allocate reasonable bandwidth for user internet traffic and external business traffic, meeting audit compliance requirements.

3、Establish a security operation center to monitor network security status in real-time. By deploying a deep trust security perception system, establishing a security operation center, and continuously monitoring network traffic, we can achieve full network traffic visibility, timely detect latent threats and internal attacks, adjust strategies to achieve dynamic defense, and make the hospital network truly secure.

4、Replacement of old office terminals. To solve this problem, a hybrid mode of "traditional PC+desktop virtualization" is adopted to replace the old office terminals in hospitals. For general office scenarios, desktop virtualization is given priority, gradually realizing the transformation of hospital office desktops.

5、Host security protection. Deploy the Deep Trust Terminal Detection Response System (EDR), with assets as the center, to accurately and continuously detect host security, and quickly address terminal asset security issues through collaborative response, building a terminal detection response platform.

6、Other security compliance constructions. Deploy log audit system, database audit, and terminal access system to meet the requirements for log audit and centralized control in terms of security.

三、Program value

1、The user's original network security construction was relatively weak. Through this security construction, we will help the user establish strict security domains for both internal and external networks, and build a network security boundary.

2、Deploy a security awareness platform, strengthen continuous detection of internal network security, respond quickly to identified issues, and promptly handle and adjust security policies. Build a closed-loop security system that integrates prevention, defense, detection, and response based on security perception and boundary defense, to help users meet their compliance needs.

3、Help users establish a perceptible and easy to operate security operation system, providing a safe and stable operating environment for medical business during the rampant period of medical ransomware.