ARUBA医疗行业无线技术方案

整理文档很辛苦,赏杯茶钱您下走!

免费阅读已结束,点击下载阅读编辑剩下 ...

阅读已结束,您可以下载文档离线阅读编辑

资源描述

医疗行业无线解决方案公司介绍CONFIDENTIAL©Copyright2016.Aruba,aHewlettPackardEnterpriseCompany.AllrightsreservedHPEandAruba…BetterTogether“ClientsgloballyshouldconsiderHPArubaforallwired/WLANaccesslayeropportunities.”GartnerMQforWiredandWirelessLANAccessInfrastructure,August2015Source:GartnerMagicQuadrantfortheWiredandWirelessLANAccessInfrastructureSeptember2015.TimZimmerman,BillMenezes,AndrewLerner,IDNumber:G00277052ThisMagicQuadrantgraphicwaspublishedbyGartnerInc.aspartofalargerresearchnoteandshouldbeevaluatedinthecontextoftheentirereport.TheGartnerreportisavailableuponrequestfromHP.TheMagicQuadrantisagraphicalrepresentationofamarketplaceatandforaspecifictimeperiod.ItdepictsGartner'sanalysisofhowcertainvendorsmeasureagainstcriteriaforthatmarketplace,asdefinedbyGartner.Gartnerdoesnotendorseanyvendor,productorservicedepictedintheMagicQuadrant,anddoesnotadvisetechnologyuserstoselectonlythosevendorsplacedintheLeadersquadrant.TheMagicQuadrantisintendedsolelyasaresearchtool,andisnotmeanttobeaspecificguidetoaction.Gartnerdisclaimsallwarranties,expressorimplied,withrespecttothisresearch,includinganywarrantiesofmerchantabilityorfitnessforaparticularpurpose.LeaderinCampusNetworksCONFIDENTIAL©Copyright2016.Aruba,aHewlettPackardEnterpriseCompany.Allrightsreserved2015关键能力报告WiredandWirelessLANAccessInfrastructureEnterpriseUnifiedWiredandWLANAccessHPEAruba4.14Cisco4.14Avaya3.64Extreme3.63EnterpriseWired-OnlyConnectivityCisco4.24HPEAruba4.15Juniper3.91Brocade3.74EnterpriseWireless-OnlyConnectivityHPEAruba4.11Cisco4.06Aerohive3.82Avaya3.55SMBand/orSmallorRemoteBranchOfficeHPEAruba4.12Cisco4.11Avaya3.62Extreme3.61VoiceOverWLANHPEAruba4.10Cisco4.05Aerohive3.81Avaya3.53IaaSorManagedServiceHPEAruba4.14Cisco4.11Aerohive3.63Avaya3.61Source:GartnerCriticalCapabilitiesfortheWiredandWirelessLANAccessInfrastructureSeptember2015.BillMenezes,TimZimmerman,AndrewLerner,MichelleA.Brosnahan,IDNumber:G00270164.ThedatausedincreationofthistablewaspublishedbyGartnerInc.aspartofalargerresearchnoteandshouldbeevaluatedinthecontextoftheentirereport.TheGartnerreportisavailableuponrequestfromHP.Gartnerdoesnotendorseanyvendor,productorservicedepictedinitsresearchpublications,anddoesnotadvisetechnologyuserstoselectonlythosevendorswiththehighestratingsorotherdesignation.GartnerresearchpublicationsconsistoftheopinionsofGartner'sresearchorganizationandshouldnotbeconstruedasstatementsoffact.Gartnerdisclaimsallwarranties,expressedorimplied,withrespecttothisresearch,includinganywarrantiesofmerchantabilityorfitnessforaparticularpurpose.5全球超过500家高端医院正在使用Aruba的无线解决方案6是多家专业医疗厂商的合作解决方案提供商NewIEC80001-2StandardRecommendsagainstmultipleSSIDSStressesairtimefairnessHighlightsspectrumanalysisDropoutsaslowas0.02%方案设计介绍8CONFIDENTIAL©Copyright2015.ArubaNetworks,anHPCompany.Allrightsreserved医疗行业正在革新Location????MobileEngagementGuestAccessMobileEHRDigitalImagingIoT13整体网络架构INTERNETAC7210-1AC7210-2核心交换机核心交换机POE接入交换机POE接入交换机APAP医疗内网防火墙/网闸防火墙核心交换机AC7000医疗外网WAN/4GRAP-3家/酒店/救护车服务器群14内外网融合方案—内网流量INTERNETAC7200-1AC7200-2核心交换机核心交换机POE接入交换机POE接入交换机AP-325AP-325医疗内网防火墙/网闸防火墙核心交换机AC7000医疗外网WAN/4GRAP-3家/酒店/救护车服务器群15内外网融合方案—外网流量INTERNETAC7200-1AC7200-2核心交换机核心交换机POE接入交换机POE接入交换机AP-325AP-325医疗内网防火墙/网闸防火墙核心交换机AC7000医疗外网WAN/4GRAP-3家/酒店/救护车服务器群GRE隧道案例:中山大学附属肿瘤医院,无线外网应用GRE控制器认证系统17新一代控制器OS----MultizoneAP3-nodeClusterPrimaryZoneMobilityMaster/StandbyStandalone中国电信Standalone中国移动Standalone中国联通Standalone迈外迪18远程VPN访问方案—如远程会诊INTERNETAC7200-1AC7200-2核心交换机核心交换机POE接入交换机POE接入交换机AP-325AP-325医疗内网防火墙/网闸防火墙核心交换机AC7000医疗外网WAN/4GRAP-3家/酒店/救护车服务器群GRE隧道IPSEC隧道21SSID设计–内部员工SSID–认证方式–802.1x认证,EAP-PEAP或EAP-TLS–医生护士移动终端、医疗设备和语音视频终端–外网SSID–认证方式–MAC+portal双因素认证–首次portal认证成功后,后台自动将用户名和MAC地址绑定–后续连接做无感知认证(MAC认证)–住院病人MAC地址绑定有效期为5天,每个帐号只能绑定一个终端–病人家属通过注册手机号接收密码短信或微信认证,MAC地址绑定有效期为1天,每个帐号只能绑定一个终端–医生MAC地址绑定有效期为1个月,每个帐号可绑定两个终端–部分医生和病人及家属终端–启用终端隔离22不间断的无线医疗网络接入智能优化终端与AP之间的无线连接非优化连接问题的消除=大幅减少医生护士投诉基于802.11标准,不需要安装任何终端软件实时的射频校准DEVICETYPEINTERFERENCELOCATIONCONGESTION‘MU-MIMOAware’ArubaClientMatch™专利技术—漫游优化设计23ArubaClientMatch极大改善“粘滞”终端问题终端漫游后自动优化到最佳AP终端漫游后仍然“粘滞”在原来的AP上不具备CLIENTMATCH24案例:上海儿童医院,卓越的漫游及定位效果25第三方测试评估项目主要有:•射频稳定性(ping包延迟)•连续漫游(挑选其中14个AP,Ping+RSSI记录)•无线定位(评估精确度、延迟)移动查房系统评估的项目主要有:•漫游下的系统访问速度故障排查工具(AirWave)测试点位26漫游测试用例:一共14个AP,终端为thinkpadx201(测试机构提供),以低于正常步行速度持续移动,观察切换过程,并记录丢包情况和信号强度•漫游切换次数:Cisco7/8次vsAruba13次(100%)•切换时的RSSI:Cisco-70dBm左右vsAruba-50至-65dBm(Aruba结果见上图)测试结果27传统安全架构EnterprisePerimeterEmployeesEmployeesWANBranchOfficeBranchEmployeesInternetDataCenterVisitorsContractorsEnterprisePerimeterHomeOfficesPartnerSites28Aruba基于角色和内容感知的策略执行DataCenterBillTammyPartnersBranchEmployeesSteveBobJaneScottKimContractorsVisitorsJane29实现基于角色的用户接入控制ApplicationServices外来访客医生护士医疗设备患者、家属医院领导VirtualAP1SSID:HospitalVirtualAP2SSID:GUESTDMZRADIUSLDAPADCaptivePortal基于角色的接入控制接入权限SecureTunnelToDMZ基于SSID的接入控制医院领导医生护士医疗设备患者、家属外来访客30更加直观的用户体验Aruba方法:基于角色的动态策略传统方法:基于SSID实现权限分离31SSID:SYSUCC-In作用:医院内网无线终端接入无线网络认证方式:采用MAC认证和802.1X认证结合的认证方式MAC认证(通过)=802.1X认证=账号身份匹对=匹配相应策略MAC认证(失败)=拒绝接入隔离功能:启用二层隔离功能,即同个VLAN下的终端无法相互访问SSID广播:隐藏SSID案例:中山大

1 / 49
下载文档,编辑使用

©2015-2020 m.777doc.com 三七文档.

备案号:鲁ICP备2024069028号-1 客服联系 QQ:2149211541

×
保存成功