Addressing Technology Barriers Blurring the Lines Between IT and - - PowerPoint PPT Presentation

Addressing Technology Barriers

Blurring the Lines Between IT and Simulation Brian Florek, MS EMT-P May 2018 brian@ssemse.net

Disclosures

• Brian Florek not an employee of or affiliated

with Laerdal Medical Corporation

• Brian Florek provides independent consulting

services for simulation centers

Learning Objectives

• Explain the basic concepts of wired and wireless networking
• Demonstrate the importance of enterprise network security

and IT policies

• Construct a simulator network environment after performing

a needs assessment

• Share lessons learned on integrating the environment into an

enterprise / corporate environment

• Discuss how to build happy and mutually beneficial

relationships with IT staff at your institution

Basic Concepts of Networking

Bob wants to use his desktop computer to check his email, but his email is on the internet. How does his computer get to the internet?

Basic Concepts of Networking

At home, Bob has a network set up consisting of a modem, router, and switch all in one device. This makes it easy to connect a few devices at once.

Basic Components of a Network

• Node – Devices that connect to the network. Computer, cell phone,

printer, etc.

• Network Interface Card (NIC) – The parts of a node that interface

with the network

• Switch – A device that can create multiple network connections

from a single cable, and learns where to send bits of data

• Wireless Access Point (WAP) – A device that send out wireless

signals for nodes to connect to the network through

• Router – A device that directs network traffic to the appropriate

node or switch on the local area network (LAN). Routers can be used to connect to larger wide area networks (WAN), or the internet

Network Communications

• Each node has a hostname, MAC address, and an IP

address

– The IP address can either be static or dynamic, and can be assigned by the router (dynamic via DHCP server) or requested by the node (static) – Routers can also store designated IP addresses for nodes based on their MAC address (DHCP reservation) – Hostnames are text-based names of a device, and are used by some network services to discover and communicate with nodes

Network Communications

• Nodes use specific languages and instruction

sets to communicate with each other. These languages and instruction sets are known as protocols and services.

• Network engineers can allow or disallow

certain services and protocols on networks for security and efficiency reasons.

In Transmission Control Protocol (TCP) communications, each node asks for and confirms receipt of data.

• Hi. I’m Bob’s desktop.

Can I please access the internet? No problem. Your address is 10.10.10.2 Hey Internet, If you need to get to Bob’s Desktop, talk to me first and I will relay the info! I’m Bob’s router. You can reach me at 10.10.10.1 if you need anything.

In Transmission Control Protocol (TCP) communications, each node asks for and confirms receipt of data.

• Hi. I’m Bob’s laptop.
• OK. Your address

is 10.10.10.3

In Transmission Control Protocol (TCP) communications, each node asks for and confirms receipt of data.

• Hi. I’m Bob’s phone. I’m just

here so I won’t get fired. I’ll use my cell service if I need anything If you say so... Your address is 10.10.10.4

In Transmission Control Protocol (TCP) communications, each node asks for and confirms receipt of data. Hey I need to get to Google! No Problem. Out to the internet you go! When the internet responds I’ll send the data to 10.10.10.2. Leave Port 80 open for me!

I have information for Bob’s Desktop. I need the pictures from Bob’s phone… I’ll connect you, but you’ll need permission to get in! You have to come in through Port 101. I’m busy on Port 100.

• OK. He’s at 10.10.2 and you

can go in through Port 80.

I don’t talk to strangers that PING me. Gee thanks. I want to see who is here! PING!!! Welcome back. Your address is 10.10.10.5. Hey I’m back from my nap. Can I talk on the network? 10.10.10.3 is here. 10.10.10.2 is here. Good to see everyone! Easy over there. We don’t ping in these parts…

Some nodes don’t respond to PINGs. They prefer to be asked who they are through another service. I’m looking for a phone to talk to and share pictures with. I’ll ask through Bonjour! Since you asked nicely… I’m Bob’s phone, and can be talked to at 10.10.10.4 through Port 666.

Some communications (like video or data streams) requires constant feeding of information and can’t wait for replies from destinations. These streams use User Datagram Protocols (UDP). I’m gonna keep sending data until someone tells me to stop!

Basic Concepts of Networking

At work, Bob’s computer goes through a series of switches, routers, and wireless access points to access the internet. This also allows computers to talk to printers on the network.

In an enterprise environment, routers and switches are set up to eliminate as much extra traffic as

• possible. “Subnets” may be set up to stop traffic

from having to go across multiple switches.

• Hi. I’m Bob’s desktop.

Can I please access the internet? No problem. Your address is 10.10.10.2 I’m Bob’s router. You can reach me at 10.10.10.1 if you need anything.

• Hi. I’m Bob’s laptop.
• OK. Your address

is 10.10.10.3

• Hi. I’m Bob’s phone. I’m just

here so I don’t get fired. I’ll use my cell service if I need anything If you say so... Your address is 10.10.10.4 Hey I need to get to Google! No Problem. Out to the internet you go! When the internet responds I’ll send the data to 10.10.10.2. Leave Port 80 open for me! I have information for Bob’s Desktop. I’ll connect you, but you’ll need permission to get in! You have to come in through Port 101. I’m busy on Port 100.

• OK. He’s at 10.10.2 and you

can go in through Port 80. I’m gonna keep sending data until someone tells me to stop!

Computers can also be “managed,” and may not be allowed to send data using certain protocols and

• ports. This helps limit network traffic and can

protect nodes from malicious data transmissions.

• Hi. I’m Bob’s desktop.

Can I please access the internet? No problem. Your address is 10.10.10.2 I’m Bob’s router. You can reach me at 10.10.10.1 if you need anything.

• Hi. I’m Bob’s laptop.
• OK. Your address

is 10.10.10.3

• Hi. I’m Bob’s phone. I’m just

here so I don’t get fired. I’ll use my cell service if I need anything If you say so... Your address is 10.10.10.4 Hey I need to get to Google! No Problem. Out to the internet you go! When the internet responds I’ll send the data to 10.10.10.2. Leave Port 80 open for me! I have information for Bob’s Desktop. I’ll connect you, but you’ll need permission to get in! You have to come in through Port 101. I’m busy on Port 100.

• OK. He’s at 10.10.2 and you

can go in through Port 80. I’m gonna keep sending data until someone tells me to stop!

So What Does This Mean For Simulation?

• In the realm of simulation, networks can be very

simple or very complex

• Similar to Bob’s home network, simulator

networks can utilize all-in-one router / wireless access points for ease of use

• In our enterprise example, simulators and

computers can be managed by corporate network administrators to comply with policies

Bob’s Home Simulator Network

Some simulators have the ability to act as both a network node and a router / wireless access point. In Bob’s home network, the hardware in his simulators connect to Bob’s wireless access point as nodes.

Bob’s Home Simulator Network

Bob’s home router is set up to allow pretty much any service and network protocol, because Bob isn’t too worried about security and doesn’t have the knowledge needed to enable special services.

Bob’s Enterprise Simulation Network

At work, Bob’s wireless simulators connect to wireless access points, while his computers and patient monitors connect to wired switches.

Bob’s Enterprise Simulation Network

Bob’s work network limits access and services. This helps eliminate security risks and eliminates extra network chatter.

Bob’s Mini Simulation Network

Bob’s mini simulation network relies

• n the mannequin (or Link Box) to

create a wireless network to connect to.

What Do You See?

Here we see Bob’s 3G opened up. Note the white box in his lap. That box is a router & access point combined into

• ne unit.

What Do You See?

Bob’s 3G is actually a node (Windows 7 PC to be exact) that connects to the mini-router’s wired ethernet network. The mini router acts as a bridge to Bob’s simulation network or acts as a wireless access point for other devices to connect to.

What Do You See?

Bob’s LinkBox has an Android Operating System to control the mannequin, and can act as a node on Bob’s simulation network

• r a wireless access point.

Wireless Networking Primer

• Wireless communication occurs over regulated

radio frequencies, using the 802.11 A, B, G, N, & AC standards

• In the United States, the 2.4 GHz and 5.0GHz

frequency bands are used

• A radio can only broadcast on one channel at a

time, and each radio can only transmit a set distance away from itself

2.4GHz vs 5.0GHz

https://www.metageek.com/training/resources/design-dual-band-wifi.html

Wireless Networking Primer

In order to get the best network performance, channel interference must be minimized

https://betanews.com/2015/07/09/enterprise-class-wi-fi-for-the-smb-15-best-practices-from-the-field/

Wireless Networking Primer

Nodes can connect to the same SSID (network name) from different radios, as long as the security settings are the same. This allows nodes to “roam” and select the best radio to connect to

http://4.bp.blogspot.com/- ibhba8dZ8R8/Tuj5tt_1VgI/AAAAAAAACfY/tYAUF9XVU zQ/s1600/Wi-Fi+Roaming.JPG

Wireless Networking Primer

In order to get the best network performance, physical and electrical interference must be minimized

https://www.linksys.com/us/support-article?articleNum=136503

Wireless Networking Primer

• Security protocols enable authentication for

devices joining wireless networks

• Security protocols can also be used to encrypt the

data being transmitted between network nodes

• Nodes must be able to support the type of

security being used by a network, or they will be unable to join the network

Wireless Networking Primer

Best Practices should be followed when designing wireless networks. If you don’t know current best practices, let an expert help!

Network Planning

• Do you need to be mobile?
• Do you need to have multiple devices active in the same area? Are

there enough wireless channels to support your number of devices?

• Do you have enough laptops & tablets to dedicate to each

simulator?

• If my simulator powers off, will it re-connect to the right computer?
• Do you have to comply with your office’s networking policies?
• Are all devices on the network secure enough to be exposed to the

internet?

Example Enterprise / Private Network

Note: In situations where multiple network connections exist, it is important to disable network “bridging.”

Network Planning

Generally, networks used for simulation should:

Be limited in size and connectivity to control devices, simulators, and AV capture as necessary – This helps limit traffic on the network – If a private network is not possible, try creating a Virtual Private Network. This keeps simulation traffic away from larger enterprise traffic

Network Planning

Generally, networks used for simulation should:

Do the heavy lifting of setup Whenever possible, allow nodes to accept statically reserved IP addresses from routers

Network Planning

Generally, networks used for simulation should:

Do the heavy lifting of setup – This avoids configuration changes on the node, which avoids accidental duplication of settings, and makes it easy to identify troublemaking devices on a network

Network Planning

Generally, networks used for simulation should:

Avoid bridging multiple networks – Allowing nodes to have multiple network connections creates extraneous network traffic and can expose unprotected nodes to viruses and

• ther malicious attacks

Network Planning

Generally, networks used for simulation should:

Utilize wireless channel planning – Using automatic channel control or other means

• f avoiding radio interference will help keep

wireless networks stable and avoid “data collisions” – Mobile solutions should be prepared to test and modify network channel selection if an area has limited channel availability

Network Planning

Generally, networks used for simulation should:

Have enough wireless access points for proper coverage – There are limitations and recommendations for wireless coverage per access point. Each device is

• different. Plan for the worst case scenario.

Network Planning

Generally, networks used for simulation should:

Comply with local network policies – Work within your institution’s policies. Creating your own networks may be against policy… you may interfere with other services and networks

Network Planning

Generally, networks used for simulation should:

Have hidden / secured SSIDs – Avoid extra network traffic by limiting access to the network to known nodes. Don’t give guest access to the network to avoid the risk of viruses, etc

Network Planning

Generally, networks used for simulation should:

Be thoroughly tested – Test all possible scenarios that your network may

• face. Test corners of rooms and hallways. Test

networks at full capacity with all simulators on and running scenarios. Don’t forget that humans have a high water content and will absorb wireless

• signals. Account for this in testing!

Network Planning

Generally, networks used for simulation should:

Have redundancy and backup plans in place – Networks tend to fail at the worst possible times. If you are depending on wireless access points, have some extra network cables and switches available.

• It is possible to configure your “on the road”

setup as an exact copy of your “at home” setup.

• Purchasing redundant equipment and

mirroring router setup can eliminate extra configuration and setup time

Example Enterprise / Private Network

In this setup, two of the same routers were purchased. In the lab environment, the router’s wireless radio is disabled and the other WAPs provide wireless

• coverage. On the road, the router

functions as the WAP. This also provides redundancy should either router fail.

Planning Time!!!

• Take 15 minutes to draw out the ideal network

map for your needs

– Don’t worry about current limitations... This is an exercise in planning.

• Consider your need to be mobile / operate in

multiple environments

Getting Along With Your IT Guy

• Building a strong relationship with your IT

support is beneficial for both parties

• IT staff members are tasked with creating the

most standardized environment possible in

• rder to maintain the highest level of support

for the largest number of customers

What You Want What They Want

• A fully customized

network

• Everything to work now
• Special software with

special protocols & ports

• High speed, low drag
• A fully standardized

environment

• Something that works

in the long term

• Compliance with

enterprise policy

• Safety & security

Know Your Nodes

• When coming to the table with IT…

– Have a sketch of your network plan – Know what protocols and ports your nodes will need to communicate

• Work with simulator technical support to identify these
• Understand that some local policies do not allow for some

simulator traffic. Custom policies may need to be built

– Know what types of software you will need installed

• n computers, and have an idea of how often they will

need to be updated – Know that you will have to be flexible and patient

Know Your Nodes

• When coming to the table with IT…

– Understand that simulators and the computers that come with them are essentially unsecured, and are huge liabilities to enterprise environments – Understand that IT personnel are trained to direct users towards universal solutions. Be ready to state your case on why you need what you need – Know your resources. Keep close contact with experts and be ready to ask them for help and guidance. Be ready to build this help into your budget

Know Your Nodes

Know Your Nodes

Keeping an Amicable Relationship

• IT staff may feel more comfortable building a

custom environment for users that are knowledgeable and have a solid baseline understanding of what they are working with

• Ensure IT staff members of your familiarity with

local policy and security concerns

• Ensure communication is regular and tracked via

trouble tickets. Trouble tickets build a repository

• f information for technical teams to work with

And When it Fails…

Technology can be fickle. Nodes will disconnect. Cables and power supplies will fail. Cooler heads must prevail.

And When it Fails…

Keep notes on what happens immediately before & after a network / simulator failure. This way, conditions can be re-created and tested. Share your notes with your support team and be ready to troubleshoot with them.

Simulating Simulation

• We are in the business of simulation. Use it for

internal training!

• Have technicians practice running scenarios

with scripted failures. Simulators losing power, computers crashing, and networks failing are all great scenarios to train your technical staff to handle.

Questions?

brian@ssemse.net