END USER INSIGHT
The current challenge for UKSH and the thing that will see it continue to grow is Digital Transformation .
Digital Transformation and a consistent network experience
In 2015 , UKSH devised a plan to centralise the services provided by 21 clinics at its Kiel site and 20 at its Lübeck site . Digitalisation of healthcare and work processes was a necessity . The goal was to take full advantage of the technological potential in order to be fit for future challenges . Rudolf Dück , CIO at UKSH , said : “ We recognised the need for a singular , fully-available WLAN solution across all sites to replace the previously fragmented and unreliable network . Critically , the network infrastructure needed to be stable and secure .”
Linking diverse technologies to a single solution
UKSH wanted a network architecture that could adapt . Rudolf Dück said the emphasis was on openness and the ability to create and manage an ecosystem that may involve multiple partners .
Aruba ’ s partner , AirITSystems GmbH , was tasked with defining UKSH ’ s needs and compiling the components necessary for the solution .
Secure and automated dynamic access control
The centrepiece of the Aruba architecture is the ability to offer Colourless Ports and Dynamic Segmentation , as simple and secure ways to manage and role-based automate policy enforcement for the wired and wireless networks . The Colourless Port concept means that regardless of which type of device is connected to any switch , based on the identity and role of the device , ClearPass will download the appropriate role settings to the used port . It unifies and automates enforcement policies and can completely eliminate VLAN sprawl and complex and error-prone portbased configurations .
This makes a huge impact for a network the size of UKSH , comprising 1,600 Aruba 2930 Modular and Fixed form factor campus access switches and over 3,000 wireless access points .
While security policies are applied to and automated over all the ports and for both the wired and wireless network , Dynamic Segmentation or user-based tunnelling is currently applied to the smaller part of the network and in a number of the smaller buildings where the old cabling is now insufficient for allowing access to all the users . To solve this challenge , the team deployed individual Aruba 2930F switches and channelled traffic to the Aruba Mobility Controllers .
By establishing Dynamic Segmentation over these switches , each cable / port in such buildings was able to be securely scaled up to eight ports on each of the switches in this domain . In this sector , because all wired as well as wireless traffic is channelled through the Mobility Controllers , and a private tunnel is established between any wired or wireless device and the controller , all policies are managed via the controllers . Also , all wired devices have access to the same controller services as wireless ones connecting , including full Colourless Port capability .
For UKSH , the underlying advantage of Dynamic Segmentation was that through the use of the 2930F switches , the IT team avoided the need for additional cabling in older buildings by allowing a single cable / port to be expanded to multiple ports on the same switch , thus saving significant costs .
“ The Aruba architecture was the obvious choice for us due to the way wired and wireless networks are unified , with the same levels of security , management , monitoring and automation ,” said Marcus
48 Issue 21 www . intelligentdatacentres . com