CIS207L_5.2_Technical_Presentation_Talking_Points
docx
keyboard_arrow_up
School
ECPI University, Greensboro *
*We aren’t endorsed by this school
Course
207
Subject
Information Systems
Date
Nov 24, 2024
Type
docx
Pages
4
Uploaded by corada5995
Small Office Configuration
Cisco ISR 4321 implemented into network to replace obsolete Cisco ISR 1941 in compliance with HIPAA requirements to maintain security updates from Cisco as the ISR
1941 is EOL.
Obsolete network hub replaced with Cisco 2960-24TT switch to improve network stability and security such as reduces network collisions and allow for VLAN segregation
of network devices to comply with HIPAA security requirements.
Switchport security implemented on 2960-24TT with only authorized existing devices MAC addresses programmed as allowed. Any new MAC addresses connected will result in a restrict violation. All unused ports are administratively shutdown.
VLANs implemented to segregate devices for HIPAA compliance.
VLAN 10 - Medical staff PCs, printer, and wireless access point.
VLAN 20 - Medical records server for the site.
VLAN 30 – Patient WAP (Wireless Application Protocol)
East Office Configuration
Cisco ISR 4321 implemented into network to replace obsolete Cisco ISR 1941 in compliance with HIPAA requirements to maintain security updates from Cisco as 1941 is
EOL.
Switchport security implemented on 2960-24TT with only authorized existing devices MAC addresses programmed as allowed. Any new MAC addresses connected will result in a restrict violation. All unused ports are administratively shutdown.
VLANs implemented to segregate devices for HIPAA compliance.
VLAN 10 - Medical staff PCs, printer, and wireless access point.
VLAN 20 – Medical records server for the site.
VLAN 30 – Medical staff PCs
VLAN 40 – Patient WAP (Wireless Application Protocol)
Accounting Office Configuration
Cisco ISR 4321 implemented into network to replace obsolete Cisco ISR 1941 in compliance with HIPAA requirements to maintain security updates from Cisco as 1941 is
EOL.
Switchport security implemented on 2960-24TT with only authorized existing devices MAC addresses programmed as allowed. Any new MAC addresses connected will result in a restrict violation. All unused ports are administratively shutdown.
VLANs implemented to segregate devices for HIPAA compliance.
VLAN 10 - Staff PCs, printer, and wireless access point.
VLAN 20 – Medical records server for the site.
VLAN 30 – Employee WAP (Wireless Application Protocol)
West Office Configuration
Cisco ISR 4321 implemented into network to replace obsolete Cisco ISR 1941 in compliance with HIPAA requirements to maintain security updates from Cisco as 1941 is
EOL.
Switchport security implemented on 2960-24TT with only authorized existing devices MAC addresses programmed as allowed. Any new MAC addresses connected will result in a restrict violation. All unused ports are administratively shutdown.
VLANs implemented to segregate devices for HIPAA compliance.
VLAN 10 - Staff PCs, printer, and wireless access point.
VLAN 20 – Medical records server for the site.
VLAN 30 – Employee WAP (Wireless Application Protocol)
VLAN 40 – Patient WAP (Wireless Application Protocol)
WAN Ingress/Egress Configuration (Security)
Cisco ASA 5506-X implemented on internet facing border gateway. The firewall is connected to the small office and serves as the point of ingress and egress for internet traffic for the network. This allows for easy tracking and control of traffic coming from and going to the public internet.
All patient WAPs (Wireless Application Protocols) are ACL restricted to only access the outside internet and are blocked from accessing all internal subnets. This is done in accordance with HIPAA security standards to prevent any unauthorized access to PHI (Protected Health Information) and PII (Personally identifiable information) networks within the medical group’s network.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Network Wide Configuration
All unused ports on the routers are shutdown to prevent unauthorized access to the network. Any future expansion can be accommodated by turning the needed ports on at the time of implementation of the new equipment install.
All PHI (Protected Health Information) and PII (Personally identifiable information) systems require credentialed access managed via the radius server in the accounting office. All users will be issued an individual account and password to login with on any PHI and PII containing network.
Syslog maintained on all network devices and can be reviewed to monitor for any unauthorized access attempts. Any possible breaches must be reported in accordance with
the data breach rule of HIPAA.2