L o a d i n g
Get A Quote
icon Case Study

Securing and Modernizing IT Infrastructure for a Leading Healthcare Provider

Client

A Premier Multi-Specialty Healthcare Group

Partner

Acenet Technologies India Pvt. Ltd.

Project

Comprehensive Network Security Overhaul & Disaster Recovery Infrastructure Implementation

Executive Summary

A leading healthcare provider with a central headquarters and critical data operations approached Acenet Technologies with a clear objective: to significantly enhance the security, reliability, and manageability of their entire IT environment. Their existing infrastructure required a robust redesign to protect sensitive patient data, ensure constant availability, and establish a solid foundation for future growth. Acenet delivered a complete end-to-end solution, from strategic planning and new hardware provisioning to advanced configuration and security hardening.

The Challenge

The client's IT infrastructure faced several critical challenges that posed risks to their operations and data security:

Outdated Security Posture
  • The network lacked segmentation
  • Used outdated antivirus solutions
  • Unsecured access points
Unoptimized Network Architecture
  • IP addressing scheme was disorganized
  • Network traffic was not efficiently managed or isolated
Lack of Redundancy and Disaster Recovery
  • No formalized disaster recovery plan
  • No robust failover mechanisms
  • Risk of significant downtime
Insufficient Hardware for Modern Demands
  • Existing servers and storage outdated
  • Unable to handle current and future data loads efficiently
  • Lack of secure infrastructure for modern demands

The Acenet Solution

Acenet Technologies designed and proposed a multi-phased solution addressing every layer of the IT infrastructure, focusing on security, performance, and scalability.

Phase 1: Strategic Security & Network Hardening

Our experts defined a detailed work procedure to secure the existing environment before introducing new hardware. Key actions included:

  • Active Directory & DNS Consolidation: Centralizing management by adding all servers to the Active Directory for streamlined control.
  • Network Re-IP & Segmentation: Restructuring the IP address scheme and creating VLANs to logically separate and secure different types of network traffic.
  • Security Policy Enforcement: Implementing advanced password encryption (128-bit AES), deploying a new enterprise-grade antivirus/anti-malware solution (Sophos), and configuring endpoint protection to block threats from USB drives and spam.
  • Firewall Fortification: Reconfiguring the perimeter firewall (SonicWall) to operate on a strict deny-by-default policy, opening only essential ports and creating a DMZ for secure public-facing servers.
  • Secure Remote Access: Setting up a secured Remote Desktop infrastructure for authorized remote support.
Phase 2: State-of-the-Art Hardware Implementation

A new, high-availability infrastructure was proposed to form the backbone of the client's DR and production environment:

  • High-Performance Servers: Deployment of two Lenovo ThinkSystem SR650 servers in a failover cluster, ensuring zero single point of failure.
  • Centralized Storage: Implementation of a large-capacity QNAP NAS (84 TB) for secure and redundant data storage.
  • Network Core Upgrade: Installation of a high-speed Netgear fiber optic switch (XSM4216F) to handle 10G traffic between servers and storage.
  • Operational Efficiency: Provision of a secure server rack with a KVM console for easy onsite management of all equipment.

Key Outcomes & Benefits

The implementation of this holistic solution provided the client with a transformative IT environment:

Enhanced Security

A dramatically reduced attack surface through network segmentation, strict firewall rules, advanced endpoint protection, and hardened server configurations.

Improved Reliability & Uptime

The new clustered server architecture with redundant components ensures high availability for critical healthcare applications, minimizing downtime.

Robust Disaster Recovery

The modern infrastructure provides a reliable platform for automated backups and swift disaster recovery, safeguarding vital healthcare data.

Scalability for Future Growth

The new system is built with ample processing power, memory, and storage capacity to easily accommodate future expansion and technological advancements.

Centralized Management

Simplified IT operations through unified management tools for servers, storage, and security, reducing administrative overhead.

Multi-Branch VPN Integration

As part of the healthcare provider’s continued expansion, the requirement arose to securely connect over 25 branch offices to the central head office network. This extension ensures unified access to critical applications, electronic medical records, and communication services while maintaining stringent security and reliability standards.

The Challenge

Secure, Scalable Multi-Branch Connectivity

  • The institution needed a secure and scalable VPN solution to connect multiple branch offices. Key challenges included ensuring data confidentiality across public internet links, providing high availability, supporting bandwidth-intensive applications, and enabling centralized management
The Solution

Enterprise-Grade VPN Deployment – site-to-site VPN architecture

  • To address these challenges, a site-to-site VPN architecture was deployed
  • Implemented SonicWall NSA 3700 high-availability firewalls at the head office
  • Branch offices equipped with SonicWall firewalls/IPSec tunnels
  • Centralized policies for encryption, access control, traffic prioritization
  • Redundant VPN links at head office for business continuity
  • Dynamic routing (OSPF/BGP) to reroute traffic during failures
The Result

A unified, secure WAN with

  • The VPN integration delivered a robust, secure, and scalable wide-area network (WAN):
  • Secure, encrypted communication between 25+ branches and head office
  • Seamless access to centralized applications (EMR, VoIP, imaging)
  • High availability via redundant head office VPN clusters
  • Simplified management with centralized monitoring and alerts
  • Scalable onboarding of new branches with minimal configuration

This VPN deployment enhanced the institution’s digital transformation journey, ensuring a unified and resilient infrastructure capable of supporting both present and future needs.

"This project underscores our commitment to delivering not just hardware, but intelligent, secure, and reliable technology solutions tailored to the critical needs of the healthcare sector."

Krishnan. B, IT Manager