Network Security Solution for West China Hospital of Sichuan University

Pain points and needs

1、At present, West China Hospital has several Internet outlets. Against the background of endless attacks from the Internet, West China Hospital is also faced with security risks far higher than other hospitals in the industry. At present, traditional firewalls cannot meet the network security protection needs brought about by the rapid development of the network. Traditional IP/port based identification strategies cannot accurately manage network security issues, including DDoS attacks, 0Day vulnerabilities, and other security risks. At the same time, using IPS and WAF devices in series to access the network not only has the problems of high investment, single point of failure, and possible performance bottlenecks, but also has the problem of being easily hacked one by one and unable to build a complete linkage defense system.

2、The hospital data center carries important business systems such as HIS, LIS, PACS, and there are numerous terminals within the hospital intranet. As an important node of "data exchange" with the Internet, the terminal has become the key point of hackers' strategic attacks. According to statistics, 80% of security incidents come from terminals, so hospitals need to establish an intrusion prevention mechanism and terminal security detection mechanism that can effectively defend against attacks targeting vulnerabilities, phishing software, and zombie crawlers.

3、At present, the hospital does not provide effective network traffic control measures, and there are problems with unreasonable bandwidth allocation and low utilization efficiency. According to the Cybersecurity Law and the requirements of Level Protection 2.0, hospitals urgently need to establish an efficient and feasible mechanism to control and record the online behavior of internal personnel.

4、Medical personnel need to access the hospital's internal system when on business trips, which results in multiple types of access terminals and inconsistent security rules. According to the relevant requirements of security auditing in Level Protection 2.0, the behavior of remote access users needs to be audited separately. Therefore, hospitals need to establish a secure and controllable system for remote access.

5、In order to respond to national policies and further explore innovation in the "Internet medical field", the Internet Hospital of West China Hospital of Sichuan University was put into trial operation on December 29, 2018. West China Hospital currently has more than 200 web business systems, involving Internet hospital APP, portal website, official account and other businesses, which need unified and visible security protection. At the same time, due to the characteristics of high user access volume, high security and availability requirements of business systems, hospitals need to retain and analyze access logs and security logs, issue one click security threat alerts, and continuously detect the availability and security of business systems.

The solution

·By deploying the next generation firewall of Suntrust at multiple network boundary exits of the hospital, users can meet the needs of defending Internet exits, including intrusion prevention systems, botnet detection, and Web application protection. By deploying internet behavior management devices at the exit of the office network, intelligent flow control of export traffic can be achieved, effectively ensuring the internet experience needs of internal network users. At the same time, all internet behaviors of wired and wireless WiFi in hospitals can be audited to meet the relevant requirements of Public Security Order No. 82.

·For the cloud business of West China Hospital, through the purchase of cloud eye and Yundun components on the security SaaS platform of Shenzhen Trust, the professional capabilities of online and offline security experts are integrated, and a set of closed-loop security SaaS service system of continuous assessment, continuous reinforcement and active response is built for medical users' Internet business in the way of "SaaS+online experts" on duty, to ensure the safe and stable operation of the business, and let users grasp the security situation anytime and anywhere in the way of full visibility.

Program value

·The DeepTrust Level Protection 2.0 solution starts from the actual needs of users and designs the most suitable security solution for them. By leveraging the technological advantages accumulated by Shenxin in the network security industry over the past decade, and utilizing Shenxin's next-generation firewall, internet behavior management, and other security products, we have built a complete L2-L7 layer security defense system for users, meeting their multi-dimensional security needs for secure access, threat detection and defense, traffic management, log auditing, and more. Help users better embrace "Internet plus" and use the Internet to better serve their own business development. Security SaaS products have the characteristics of "discovery upon occurrence, and disposal upon discovery". Through continuous evaluation of business systems and hosting of business by security experts, threats are continuously analyzed, strategies are dynamically optimized, and attack countermeasures are completed online to ensure that the security protection status of the business remains in the optimal state.

·At the same time, the design and planning of the plan meet the security requirements of the Cybersecurity Law and Level Protection 2.0, ensuring that the hospital's security construction is legal and compliant.