All Tech Talks VMware

VMware SD-WAN Healthcare IoT Provides Actionable Insights for IoT Healthcare Networks

We tend to consider IoT (Internet of Things) devices, or smart devices, as a vastly consumer-driven market with a broad spectrum of gadgets, from useful to frivolous. 

Beyond the fads, there is a real market for industrial IoT, particularly in the healthcare vertical. Specialized IoT devices are becoming ubiquitous in healthcare: MRIs, infusion pumps, blood analyzers, EKGs, and much more are at the heart of today’s patient care. 

Challenges of Healthcare IoT

Healthcare IoT devices are delivering incredible value but have their own set of challenges. 

Do we know what is running on our network? Do we know where those devices are located? How do we ensure that life support devices get guaranteed traffic priority and that other activities do not impact critical infrastructure? Behavior is also necessary: is a blood pump’s expected behavior to connect to a random cloud-based server? 

Security is perhaps the most critical of those challenges. Ensuring IoT devices are not compromised or subject to vulnerabilities is paramount. This is especially true in healthcare, a vertical frequently targeted by ransomware attacks, which can have potentially devastating effects, including loss of life.

How to handle those challenges? In the past, Operational Technology (OT) networks were segregated in the datacenter. Still, the prevalence of cloud services combined with networking at the edge (remote work, mobile endpoints, telehealthcare) makes full segregation nearly impossible. Even traditional networking cannot fully handle those challenges. 

SD-WAN to the Rescue

SD-WAN is a solution that improves both user and operational experience by properly prioritizing and routing traffic, ensuring QoS (quality of service) thresholds are not violated, and deliver reliable collaboration, VOIP, unified communications, and SaaS access are provided.

For example, if we look at VMware SD-WAN, the healthcare use case was taken very seriously with deep collaboration between VMware and industry IoT stakeholders. This collaboration has led VMware to implement a treasure trove of IoT-related features to their Edge Network Intelligence (ENI) product, which is part of the VMware SD-WAN suite of products.

ENI, VMware’s vendor-agnostic AIOps solution, provides a rich client experience that bridges the gap between Edge, Core, and Cloud networks, delivering end-to-end visibility, alerts, recommendations, and actionable insights to improve operational readiness. How does that apply to healthcare IoT?

Algorithmic IT Operations for Healthcare IoT 

ENI uses an AI/ML-powered hierarchical identification engine that identifies and on-boards any new devices. This engine is integrated with commercially available CMMS / CMDBs for inventory management and can extract detailed information about newly identified devices. 

It can also be used to find unauthorized devices on the network. Among the asset inventory feature is the ability to assess how many of those devices are present on the network, quantify the overall network traffic, when they were last seen and which VLANs they are connected to.

ENI is strongly focused on operations and providing contextual visibility. Operators can get a view of their IoT environment at a glance and identify potential performance/application issues while also being presented with a view of symptoms and possible root causes. ENI is also integrated with IT Service Desk tools such as ServiceNow or Slack and provides a comprehensive set of alerting features, tools, and communication methods to allow operators to be informed and intervene at the earliest.

Operators can also deep dive into specific assets to look for more detailed information, including device behavior. This part is critical in identifying whether devices are operating as expected or showing anomalous behavior symptoms (examples: higher amounts of data, communications through different ports/protocols, connection to unknown hosts and/or outside the network).

One of ENI’s most appreciated features is the Biomed Dashboard, which provides a high-level device and infrastructure overview. This view includes incidents and advisories sorted by priority level and category type, shows site-level incidents, highlights problematic devices or groups, provides a device inventory summary, and allows drill-downs to more detailed information.

Talking about problematic devices/groups, ENI provides contextual information about those devices, which help the operators gather all the elements they need for proper analysis and resolution. For example, they can get information about the network and physical location, get performance information, identify IoT device model information, status, error messages, and potential vulnerability status thanks to ENI’s integration with CVE databases.

Where Does Edge Network Intelligence Truly Shine?

When we look at ENI, two features stand out. One is the change verification system. When changes are made to the infrastructure, ENI can detect some of these automatically if the device/component is among ENI supported devices. 

Otherwise, an operator can manually annotate that a change was made on a specific portion of the infrastructure, be it a network change, a configuration change on devices, or any other type of potentially impacting activity. 

When such annotations are made, ENI can provide performance reports on different metrics by looking at measured data before and after the change, allowing the operator to select the metric they want to look at. This provides quantifiable data and visual cues about the overall impact of a configuration change.

The second great feature is ENI’s root-cause analysis capabilities, backed by AI/ML. ENI can identify performance issues across the entire infrastructure landscape and correlate them, showing evidence that the same problem impacts a large portion of devices. 

ENI then triggers its AI/ML engine to analyze other environmental factors that might be related to the given problem and subsequently provides the most probable root cause for the incident. Comprehensive information is provided across a single pane view, giving operators all the insights they need plus the ability to raise an incident ticket directly from ENI.

Conclusion

SD-WAN is at the heart of modern networking. It provides essential security, performance, and availability features to networks while allowing for non-disruptive activities across the edge, core, and cloud networks.

Beyond core SD-WAN features (security, QoS, availability, traffic prioritization), VMware has extended the capabilities of their SD-WAN solution into the operational management field. VMware SD-WAN Edge Network Intelligence appears to be a gem for operations teams, providing the ideal toolset to monitor, identify, troubleshoot, and remediate any potential issues.

While we could say that these attributes are essential to any organization, we cannot stress enough how important these are for the world of healthcare, where the struggle against running out of time is permanent, and where each second is decisive in saving a life. VMware SD-WAN ENI helps operators assess/fix their healthcare infrastructure in real-time, making a difference not only for the organizations but also and mainly for the patients and their families.

About the author

Max Mortillaro

Massimiliano "Max" Mortillaro is a Partner & Principal Analyst at TECHunplugged.io. He's a former 5-star VMware vExpert, one of the re-founders of the Czech Republic VMware User Group and its former leader. He's an advocate for online security, privacy, encryption and digital rights. Like his name very wrongfully hints, Max is French and lives with his family in Prague, Czech Republic. Besides being a failed sportsman he is a general bon vivant and the impersonation of your average hobbit in full size.

Leave a Comment