Computerized Networking of HIV Providers

Networking Fundamentals

Presented by:

Tom Lang – LCG Technologies Corp.

May 8, 2003

Agenda

• Network Infrastructure (“plumbing”)

• VPN & the “Internet”

• Network Resources

• Putting IT all together

• Application Architecture

• Networking & HIPAA

• Support Requirements

• Lots of Questions & Some Answers

What is a Computer Network?

A Computer Network

Share computer resources – consists of two major sets of components:• “Plumbing” – roads, traffic lights and signs• Resources – restaurants, gas stations and hotels

LAN – Local Area Network (one domain / office)WAN – Wide Area Network (more than one domain / segment / office)

The “Plumbing” of a Network?

• Cabling – physical connection that ties together all of the resources (roads / highways)

• Hubs / Switches – manage the communication traffic within one “network domain / segment / office” to make sure traffic “continues to move” (side street & city traffic lights and signs)

• Routers – manage the communication traffic between “network domains / segments / offices” to make sure traffic “continues to move” (on / off ramp traffic lights and signs)

Cabling

Manufactured to handle certain levels / speeds of traffic (alley, 2 lane street, 4 lane highway)

• Category 3 – “old” phone cabling• Category 5 – “old” data standard, up to 100 MB and less

than 300 feet• Category 5e – “current” data standard, up to 100 MB and

less than 328 feet / up to 1 GB and less than 290 feet• Category 6 – “new” data standard, up to 10 GB and

longer runs

10 ports each will get their own 100 MB

• Switches – provide a “switched” environment (visualize “stacking” of four lanes on top of each other, each with their own traffic light):

• Hubs – provide a “shared” environment (one traffic light at an intersection of 4 lanes):

Hubs / Switches

Which is better / faster?

10 ports that share 100 MB each port will get 10 MB

“Plumbing” on Network Drawings (Test)

Local Area Network

Which one is it?

Virtual Private Network – what is it?

• A private network (your LAN) thatuses a public network (the Internet)to share resources

• Most common approach – VPN clientsoftware on your home computer / laptopthat connects to your office firewall device

• Allows you to gain access to the same computer resources from home / remote location that you would have as if you were sitting in your office

Virtual Private Network – what it looks like?

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Home Computerw/ VPN Client

Internet

Firewall w/ VPN

LANResources

RS CS TR RD TD CDTALK / DATA

TALK

CableModem

Headquarters Location

RS CS TR RD TD CDTALK / DATA

TALK

DSLRouter

Firewall w/ VPN

LAN

Remote Location

The Internet – what is it?

• Largest network of computer resources available• Every resource has a mailing address (IP address:

192.168.1.1)• Numbers too hard to remember – use English names

(LCGTech.com = 63.85.252.55)• Servers (domain name) provide the

lookup of names to IP addresses allover the world so that traffic is routedto the correct “physical” server

Network Resources

• Firewall (protection device between an internal “safe” network domain and an “untrusted” or “unsafe” network domain – Internet)

• Server (high-end computer – file sharing, application, database, web, e-mail, network security access, backup responsibilities, logging and auditing, etc.)

• Printer (standalone, directly on thenetwork, connected to a server orworkstation and “shared” for othercomputers to use)

Firewall Specifications

• Separate hardware device (versus software only)• License for number of “nodes” or computers

behind the firewall that need access throughthe firewall

• Virtual private network (VPN) capability• Filtering capability – allows you to turn off access to certain

Internet resources (websites, etc.) for each internal computer / node

• Anti-virus capability (can scan the traffic as it goes through your firewall, before it gets to your computer)

Servers (types)

Primary functions in a small network (“file server”)• File, small application, print, security and backup

If needed, other dedicated functions include:• Application (accounting, etc.)• Database (SQL Server, Oracle, etc.)• Web & E-mail (more cost effective to

look to a hosting company for theseservices)

Server Definitions

• CPU – central processing unit, brains of the computer• OS – operating system, provides the interface between us

and the computer / server components• RAID – Redundant Array of Independent Disks, provides

redundancy levels (0 5) for hard drive configurations (mirrored to data striping)

• IDE/ATA – integrated drive electronics / AT Attachment, less expensive and allows up to 100 MB / second transfer rates (workstation drives)

• UltraSCSI – Ultra fast small computer systems interface, more expensive and allows up to 320+ MB / second transfer rates (server data drives)

Server Specifications (minimum preferred)

• CPU – the faster the better(XEON – server, Pentium4– workstation)

• Memory – we all would like more(minimum 512 MB)

• OS – Microsoft Windows 2000 Server• Hard drives – two types preferred

Boot drives for the OS (two – IDE, RAID 1) Data drives (UltraSCSI, RAID 1 or 5)

• Tape drive – required for backing up data, design a tape rotation scheme for catastrophic failure or accidental failures

• Redundancies – power supplies, network cards, etc.

Putting “IT” All Together

Local Area Network

Internet

Server Laptop

WorkstationPrinter

Printer

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Home Computerw/ VPN Client

RS CS TR RD TD CDTALK / DATA

TALK

CableModem

Application Architecture (Types)

Standalone Application Networked Application

Application

Database

Single Workstation /Server

Application

Database

Single Server

Workstation

Application

Workstation

Networked Application (LAN deployment)

DatabaseServer

Local Area Network

FileServer

WorkstationWorkstationWorkstation

Running SQL Server

Application(developed in VisualBasic, .NET, Java)

Networked Application (WAN deployment #1)

Home Computer

RS CS TR RD TD CDTALK / DATA

TALK

CableModem

Internet

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Firewallw/ VPN

Headquarters Location

RS CS TR RD TD CDTALK / DATA

TALK

DSLRouter

Firewall w/ VPN

Local Area Network

Workstation

DatabaseServerFile

Server

LAN

WorkstationWorkstation

Remote Location

Home Location

SQLServer

VB App

VB App

VB Appw/ VPNClient

Networked Application (WAN deployment #2)

Home Computer

RS CS TR RD TD CDTALK / DATA

TALK

CableModem

Internet

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Firewallw/ VPN

Headquarters Location

RS CS TR RD TD CDTALK / DATA

TALK

DSLRouter

Firewall w/ VPN

Local Area Network

Workstation

DatabaseServerFile

Server

LAN

WorkstationWorkstation

Remote Location

Home Location

SQLServer

VB App

Term Svr(VB App)

Term Svr(VB App)w/ VPNClient

TerminalServer

VB App

Networked Application (Web deployment #1)

Home Computer

RS CS TR RD TD CDTALK / DATA

TALK

CableModem

Internet

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Firewallw/ VPN

Headquarters Location

RS CS TR RD TD CDTALK / DATA

TALK

DSLRouter

Firewall w/ VPN

Local Area Network

Workstation

DatabaseServerFile

Server

LAN

WorkstationWorkstation

Remote Location

Home Location

Web Appl(.NET / Java)SQL Server

InternetExplorer

InternetExplorer

(with or w/out VPN)

WebServer

InternetExplorer

(with or w/out VPN)

Networked Application (Web deployment #2)

Home Computer

RS CS TR RD TD CDTALK / DATA

TALK

CableModem

Internet

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Firewallw/ VPN

Headquarters Location

RS CS TR RD TD CDTALK / DATA

TALK

DSLRouter

Firewall w/ VPN

Local Area Network

Workstation

FileServer

LAN

WorkstationWorkstation

Remote Location

Home Location

InternetExplorer

(with or w/out VPN)

InternetExplorer

(with or w/out VPN)

PWR

OK

WIC0ACT/CH0

ACT/CH1

WIC0ACT/CH0

ACT/CH1

ETHACT

COL

Router

Firewallw/ VPN

Hosting (ASP) Location

Local Area Network

DatabaseServer

Web Appl(.NET / Java)SQL ServerWeb

Server

InternetExplorer

(with or w/out VPN)

Networking & HIPAA Security (2 years out)

• Physical: building, data, workstation use,security awareness, data disposal,equipment control, facility, etc.

• Technical: audit controls, role-based &user-based access, transaction security,data and system integrity, encryption, authentication, data backup plan, disaster recovery plan, testing, etc.

• Administrative: Policies, procedures, training, security management, personnel security, contingency planning, chain of trust partner agreements, emergency operations, etc.

Support Requirements

• Break / Fix & Basic Setup(PCs, printers, Windows –A+ Certified)

• Server Systems Configuration(firewall, server, database, webhosting – MCSE, MCBDA,firewall trained, MCP-I / MCSE-I)

• Business Applications (Specialized skills / knowledge for CAREWare, accounting, etc. – direct from vendor)

Questions