Background

"We needed a secure environment, a high degree of reliability, fast connections and a support team that would be there when we needed them," says Chad Hebel, Vice President of Operations for Medical Edge. "We initially purchased our own equipment and telecommunications lines and administered the network ourselves. However, our growth has been phenomenal and with that, our needs became more complex. At the same time, the range of products we were providing to our internal 'customers' required more and more bandwidth. On top of all this, we were being bombarded with compliance issues as they relate to HIPAA. That's when we decided to bring in Maxuptime."

"We had actually helped Medical Edge when they initially installed their network," says Bob Reese. Bob and his partner, Bruce Goldstein, had a long history working with Medical Edge. Most of that was as consultants assisting Medical Edge with their network. Bob continues, "My consulting practice, Robert Reese & Associates, assisted many companies such as Medical Edge. As we added telecommunications to our portfolio of services, we began to approach our consulting customers with these new service opportunities. It was then that we decided to create a corporate identity separate from Robert Reese & Associates and that was when Maxuptime was born."

"We knew their network very well and felt we could help them achieve the service levels required by using Maxuptime's MPLS network," adds Bruce Goldstein. "As their needs would grow, they could upgrade their connectivity without having to invest in the underlying technology. They would be able to leverage the investment we made in our network to their advantage."

The Network

Our approach was to copy Medical Edge's existing network model into our own infrastructure. At the time, this was easy to do because their network was rather small. They had 3 PRI circuits for making ISDN connections between the individual offices and their network. Additionally, they had 2 T1 circuits; one for backhauling the remote office traffic and the other for internet connectivity.

The only difference was that because their existing network was private and ours was public, we had to incorporate a mechanism for security. We decided to use Multi Protocol Label System (MPLS) as a virtual platform to ensure the privacy of Medical Edge's traffic. Briefly, MPLS partitions network routers into multiple router instances. Each customer gets their own, private virtual router which makes their traffic invisible to other partitions, including general internet traffic. The partitions are synchronized between all routers on the network. Because the partitioning occurs on the edge of our network, no special equipment is necessary at the customer's premises.

Bob Reese explains, "We knew the transition period would be critical because all the Medical Edge healthcare facilities depend on the network for patient management - in real time. We couldn't afford any downtime, so we took great pains to ensure that each office remained connected to the application servers at Medical Edge's main office. We purchased the necessary telecommunications line to duplicate the existing infrastructure on our network. We then began to methodically move each office to the new network, even work through an entirely unexpected problem. The new ISDN PRI circuits worked just fine. However, our vendor's switched network had difficulties in communicating with the ILEC network in some areas. However, we worked through the vendor difficulties and finally got the network running.

The network is constructed in the following manner: The corporate office has a DS3 connecting to Maxuptime's network as well as a T1 circuit for backup. The DS3 is provisioned into 2 logical circuits using frame relay encapsulation. One logical circuit is for backhauling all the remote office data and the other is for internet connectivity. Each remote office connects through the Maxuptime MPLS network to get to the corporate office network. Once on that network, they can access the patient management databases as well as other functions. Remote offices also get connectivity to the internet through the corporate office internet connection.

A firewall with 6 physical connections is used to protect all corporate data. In this fashion, we separately manage Internet traffic, corporate traffic, remote clinic traffic, and VPN traffic. The corporate office is protected from both internet intrusions as well as potential difficulty from the remote sites. Additionally, using 3DES encryption, connections are made over the internet to many business partners and remote sites connecting from distant cities.

Since the initial installation, Medical Edge has upgraded many of their remote connections to ADSL. Some of the larger sites have T1 connectivity. In the not too distant future, as more and more services are added to the mix, all of the remote sites will be upgraded to T1 circuits.