320 likes | 488 Views
High-Capacity Healthcare Networks Advocate Health Care: Metro-Area Service Delivery. Revision 4.7. Gary Horn Director, Enterprise Architecture and Network Security Advocate Health Care. The drivers for change.
E N D
High-Capacity Healthcare NetworksAdvocate Health Care: Metro-Area Service Delivery Revision 4.7 Gary Horn Director, Enterprise Architecture and Network Security Advocate Health Care
The drivers for change • The current Sonet/ATM based metro network is running near the 95th percentile in bandwidth utilization • Maximum speed (best case) 38Mb/s • Large file transfers suffer from cell discards and re-transmission • The current transport platform is at end-of support • Service parts will become more sparse or non-existent • No further software development • No service enhancement possible • Obsolete network management platform • Unable to integrate with current NOC models • The current metro network does not meet the needs dictated by corporate growth and related business plans • PACS • Real-time disaster recovery (business continuance) • Centralized file and print services • Increased traffic resulting from new, robust applications • Future patient entertainment • Future multi-media communications • Streaming video • Distance learning
Single-slice Multi-slice Medical procedures that drive the need for bandwidth Greater life-saving success due to imaging capabilities drive ever-increased usage Imaging capabilities are also increasing density • 32 64 128 256 slice images
Imaging drives huge bandwidth requirements • MRI files ~100MB • Multi-slice CT files can be upwards of 500MB • Radiology studies create 250 – 1,000 MB versus 20 – 50 MB ten years ago
Definitions • Fiber • A glass strand or strands which is/are protected by a color coded buffer tube and which is/are used to transmit a communication signal along the glass strand in the form of pulses of light. • Dark Fiber • A Fiber between two specified locations that has no optronics or electronics attached to it. • Lambda • A frequency/wavelength on a Wave Division Multiplexed (WDM) optical transport system. • Multi Protocol Label Switching (MPLS) • A data-carrying mechanism that belongs to the family of packet-switched networks. MPLS operates at an OSI Model layer that is generally considered to lie between traditional definitions of Layer 2 (data link layer) and Layer 3 (network layer). • Virtual Private LAN Service (VPLS) • A method to provide Ethernet based multipoint to multipoint communication over IP/MPLS networks. It allows geographically dispersed sites to share an Ethernet broadcast domain by connecting sites through pseudo-wires.
Critical hospital applications that need to be transported • EMR / eICU / PACS • Critical for patient care, downtime cannot be tolerated • Human Resources • Time and attendance • Payroll • Laboratory • Orders and results • Supply Chain • Medical Supplies • Financial Systems • Admissions / Discharge / Transfer • Bed availability • Billing • Email / Voice Communication • VoIP Tie Trunks / IP Telephony • Network mediation (e-gate) • Ties everything together
DR / BC Typical metro network layout for hospital networks • Leased fiber networks: WDM, GbEs and 10 GbEs are typical • Multiple lambdas, VRFs and VPLS instances for different traffic types • Service-based connectivity typically runs at 100Mbp/s • Service-based connectivity provides a cost-effective “Metro-Service Overlay” Data Center Physician Offices Universities Clinics Labs
Example: Regional Healthcare Network Medical Staff Services Remote Access Services MD Secure Remote Access 5620 SAM Centralized Data Center 7450 ES IP/MPLS/VPLS Network Metro-Service Overlay 7750 SR Patient Records 7710 SR 7450 ES Research and Education Medical Imaging / PACS Remote Clinic Patient Entertainment Services
University On-duty physician Doctor’s office IP / MPLS / VPLSNetwork Emergency Patient Universal and secure access, fixed and mobile networks • Network security is Mandatory
IP / MPLS Multi-Service Edge Routers and Switches VPLS VPLS VPLS VPLS The Advocate Health Care cost model 11 Sites, two 10 GbEs each, with QoS ability: • $1890 / month per site (maintenance & right of way fees) • One-time charge of $857,200 on a 20-Year Indefeasible Right to Use (IRU). • Positive cash flow in 22 months when compared to a managed option (AT&T) Tail-site connectivity via metro-service overlay • High bandwidth, no mileage sensitivity • Fixed monthly cost • QoS enabled Clinics / Offices Labs
Summary • The network design provides a strong value to Advocate Health Care in terms of: • Inter-site bandwidth • Total built capacity • Scalability • Flexibility and turn-around time for growth • Cost (installation, operating, and maintenance) • The network is comprised of a physical ring formed by a pair of optical fibers. The transport network employs Alcatel-Lucent (ALU) 1696 optical equipment to interconnect ALU 7450 Ethernet Service Switches (ESS) or ALU 7750 Ethernet Service Routers (ESR) and associated 10GbE connections. • The 1696 Metro Span (MS) uses DWDM (Dense Wavelength Division Multiplexing) to enable transmission of multiple channels over a single pair of fibers, using one wavelength (or lambda) for each channel. • The 1696 MS currently supports a maximum of 32 wavelengths protected, and 64 wavelengths unprotected. • The 7450s and 7750s (7x50) are connected in a hub and spoke topology using the 1696s. The US Signal (co-location site) and Lutheran General locations are used as the hub sites and the remaining sites are connected to these hubs. • The 7x50s terminate directly into the local (site) WAN core (Cisco 6509) via 802.1q 10GbE trunking.
Physical Topology • Most of the sites have fiber builds varying from 0.1 to 2.5 miles to connect to the metro fiber ring. Most builds are to be non-diverse route/entrance, except for Lutheran General and Christ Hospitals. • The fibers will terminate in the data center at each location • The fiber ring will contain both aerial and buried segments • The fiber ring will be comprised of 250 route-miles of fiber
Network Design Approach • Each site will have 10GbE bandwidth available to connect to each of the hub sites and both the hub sites are connected over 4-10GbEs • Each lambda will carry traffic from 2 sites using 4XAny cards. For the spoke links, at each site one 10GbE connection will be dropped off and the other patched thru. • These links are protected at the 7x50 using LAG (Link Aggregation Grouping) and each of the 10GbE ports in the LAG are connected over two different directions on the ring, ensuring that the connection to the far end is maintained thru either one of these connections in case of a single fiber cut. • In the case of a fiber cut, the data connectivity is restored through the 7x50 using 50ms MPLS/VPLS fast re-route. • Several site-to site connectivity options are available including: • VPRN • VPLS • E-Pipe (AToM) • Raw (native) Optical
Good Shepherd Condell 7750 2 X 10GbE 7450 2 X 10GbE 1692 2 1692 2 Christ Hospital OBSC US Signal 7450 2 x10GbE 7450 2 x 10GbE 7750 4 x10GbE 1696 1 1696 1,2 1696 2 Equipment Solution Design 32 Km 33 Km Lutheran General Illinois Masonic Trinity Hospital 42 Km 7450 4 x10GbE 7750 4 x 10GbE 7450 2 x 10GbE 1696 1 1696 1,2 1696 1 27 Km South Suburban Fiber connectivity Ring 1 7450 2 x 10GbE Other sites: VPLS+CE MGT+PubWiFi 1696 1 100 Km Acute Care Sites: VPLS+PACS+CE MGT+PubWiFi Data Centers: VPLS+CE MGT+PACS+PubWiFi 25 Km 7x50 over 1696 Ring 1 Co-Loc Centers: VPLS+CE MGT+PACS Mirror High Tech Medical 69.2 Km 7450 2 x10GbE 1696 1 Good Samaritan 7450 2 x 10GbE 1696 2 16.4 Km 19.5 Km 5 Km 34.5 Km
New Dark Fiber Network 32 Km 33 Km Lutheran General Hospital Illinois Masonic Medical Center 42 Km Trinity Hospital 27 Km Condell Medical Center South Suburban Hospital 100 Km Fiber Connectivity Ring 1 7x50 over 1696 Ring 1 Other sites: VPLS+CE MGT+PubWiFi Acute Care Sites: VPLS+PACS+CE MGT+PubWiFi Good Shepherd Hospital Data Centers: VPLS+CE MGT+PACS+PubWiFi 25 Km Co-Loc Centers: VPLS+CE MGT+PACS Mirror 69.2 Km High Tech Medical Good Samaritan Hospital US Signal (JORE) 16.4 Km Christ Medical Center Oakbrook Support Center 19.5 Km 5 Km 34.5 Km
MetroNet Logical Topology Condell Medical Center Oakbrook Support Center Lutheran General Hospital Christ Medical Center South Suburban Hospital Good Shepherd Hospital Good Samaritan Hospital US Signal High Tech Medical 40 GbE DWDM Connection Fiber Connectivity Ring 1 Other Sites: VPLS+CE MGT+PubWiFi Acute Care Sites: VPLS+PACS+CE MGT+PubWiFi Data Centers: VPLS+CE MGT+PACS+PubWiFi Illinois Masonic Medical Center Trinity Hospital Co-Loc Centers: VPLS+CE MGT+PACS Mirror
Service Protection MechanismsIntra-Ring MPLS LSP: il-gshp-ss1:il-obsc-ss1-1 Strict primary and secondary LSP paths are disjoint and optimal Fast Re-Route with Shared Risk Link Group for sub 50ms failure recovery away from failed SRLG
Applications Forwarding Classes and Rates in the Backbone Guaranteed Best Effort
Service Design for Internet Firewall High Availability HA for Network Security Infrastructure • VPLS for HA on public FWs interfaces • VPLS for HA on private FWs interfaces • Epipe to like FWs for HA • S-Hook to connect public FW VPLS to Internet VRF at LUTH and JORE • Shortest AS path routing • Internet VRF can contain entire Internet routes • Active/Standby or Active/Active peering points
5620 SAM: Essential in Managing Critical Network Services Key Features Key Differentiators Key Benefits • Enables rapid delivery of differentiated services across Ethernet and IP/MPLS technologies • Assure high quality IP and Ethernet based services through comprehensive IP/Ethernet/MPLS OAM tools • Reduces OPEX by setting the operational standards for the delivery of more satisfying business services • Supports Managed Communication Services (VPLS, IP VPNs, VLLs), Triple Play, Enhanced Internet Services and support for composite services. • Point and click Metro Ethernet, IP and MPLS service automation • Manages pseudowires including frame relay, ATM and Ethernet internetworking • End-to-end management supporting Alcatel 7750 SR, 7450 ESS, 7250 SAS & Telco CLE • Template based management to speed up creation and provisioning of differentiated services • Service Test Manager to facilitate service verification and SLA management • Functionally complete and integrated carrier-grade management suite • Service-Aware Element Management • Intelligent, policy-based fault management and service impact correlation • Comprehensive IP/MPLS network and service management support • User-friendly Graphical User Interfaces • CNM toolkit for portal creation • High-available system configuration • Integration with Alcatel 5620 NM Optional Information • Modular, carrier-grade architecture • Open OSS interfaces (SAM-O) • OSS integration services package
Service Assurance with the 5620 SAM Calculate SLA Performance Metrics Integrate OAM Toolkit with Test Policy Definitions 5620 SAM Operator GUI OAM Notification Test Service Latency, Jitter, Packet Loss and Response Times Schedule a Suite of Tests at Service Activation or Time of Day OAM Notification (flat file) 5620 SAM Automate On-Demand Test Suites from Fault Notification Threshold Monitor Alerts Operator of Potential SLA Metric Violation OSS OAM & Service Assurance Test MIBs Service Assurance Tests (PE-PE) OAM Tests Voice Voice IP/MPLS Data Data Video Video 7750 SR 7750 SR Ensure Predictable End-User Experience and Measure SLA Conformance with Service-Aware OAM Toolkit and Service Assurance Agent
Advocate Network Service Delivery Model SAN//PACS SAN//PACS Edge CMDX CMDX 4506 Optical Remote Site Centralized WiFi Controller 7x50 Video 7450 WiFi, Router Or Switch 100/G Ports MPLS VPLS Voice IP DHCP/AAA Application Servers 6509 Local Access Core SAN/NAS OS6850 Aggregation Remote Site WiFi, Router Or Switch 100/G Ports AP60 3750 100/G Ports