Areg Alimian
Sr. Director, Finance and Capital Markets

Enterprise Healthcare Networks - The Need for Security and Application Intelligence

June 24, 2016 by Areg Alimian

Every week, we hear about another healthcare enterprise network being hacked. Cybercriminals have found a lucrative business in stealing patient information. According to the FBI, electronic health records often go for approximately $50 per record on the cyber market. Some experts estimate that number higher, at approximately $500, depending on the type of medical record. In order to protect patients’ most sensitive information, these networks need to be secure and reliable.

An average enterprise network may need to support a myriad of desktops, laptops, and mobile devices for electronic healthcare record (EHR) access. And that access may be from multiple facilities, across a large geographic area. In addition, virtually all medical devices (whether infusion pumps, patient monitors, or other medical devices) will need to be connected to the network.  This amplifies exposure to cyber attacks and significantly increases attack vectors for successful information compromise. 

The interconnectedness of technologies and sensitive medical information is growing and becoming more complex. Physicians use their own mobile devices to connect to the EHR, while consumers, who typically do not have enterprise-grade security, do the same. The typical healthcare enterprise network has thousands of devices with real time and non-real time life-critical applications, all with unique bandwidth and security requirements. Furthermore, in a 2016 HIMSS survey, 47% of healthcare enterprise networks indicated that they intend to add even more connected health technologies to their platforms.

As we become more connected, the need for healthcare organizations to have complete network visibility that extends past Layer 4 information (in the open systems interconnection [OSI] model, this is the transport layer) rises exponentially.

Application intelligence is a critical part of understanding what is happening in the network. Good, reliable intelligence provides network monitoring tools the right information at right times—even before events happen.

This intelligence should be able to identify unknown applications and mitigate security threats from suspicious applications and locations. To stop stealth attacks, there should be bi-directional hidden security sockets layer (SSL) decryption capability. This makes it easier and quicker for downstream monitoring tools to process information.

Now that life-critical medical devices have become part of the enterprise network, it becomes even more important to predict and forestall network congestion. The best way to do this: to spot trends in application usage.

Ixia’s Application and Threat Intelligence (ATI) processor can dynamically detect new and unknown applications. It also provides granular application behavior, user geo-location, mobile device identification, and browser information. As a result, it provides application-level visibility.

When you have this kind of transparency, you are able not only to protect your network but also to protect lives.

To learn more about Ixia and its intelligent network visibility solutions, visit