Changed switches in all buildings within hours with configuration templates
Discovered over 200 medical devices with Meraki Enterprise Mobility Device Management (MDM)
Educated new employees about entire Meraki network within 20 minutes
For more than 100 years, the Harbin Clinic has been committed to providing innovative patient care in Northwest Georgia. It is the largest privately owned, multi-specialty physician group in the state, comprised of 240 medical professionals representing 40 different medical specialties and services. Today, there are 21 Harbin Clinic practices located across eleven counties.
When Ernest Staats, Senior IT Security and Network Administrator, first joined Harbin Clinic, he realized quickly that their network “was in need of help.” Their flat Layer 2 network continuously dropped data packets and lost connections since it could not manage a high volume of traffic. Harbin’s 1GB dark fiber network had reached its limit. It was difficult for the team to troubleshoot given the lack of visibility into the network. The IT team could not even see what was plugged into their switches.
When issues came up with machines that vendors like McKesson and GE operated on Harbin’s network, the vendor support teams had a difficult time solving issues due to Harbin’s network. As a result, most IT problems took a long time to fix or remained unsolved. On Staats’ first day he was asked to solve Harbin’s guest WiFi problem. He replied that he would be able to fix the problem quickly — if they had Meraki.
Prior to working with Harbin Clinic, Staats deployed Meraki in dozens of schools as part of his security and network consulting business. He found that Meraki was easy to implement at schools in a short period of time and did not require a large IT staff to handle. His only challenge at Harbin Clinic was convincing a skeptical team that they should try Meraki instead of keeping a traditional on-premises vendor. Once Staats showed his team how the Meraki switches work, they chose Meraki.
Staats’ team needed to replace 178 traditional switches with Meraki switches in 24 buildings over a 100 mile radius. As a part of this project, they also had to re-cable, set up a Layer 3 network, and switch their entire Layer 2 network to Layer 3. They were only allowed to work on this project on nights and weekends so they would not impact patient care. Additionally, they needed to correlate their schedules with the schedules of the vendors since they were re IP-ing the entire network. In some of the larger three- to four-story buildings, they had to meet with as many as fourteen vendors on-site.
To implement Meraki, they would pre-stage a building, get the network ready, and plan what the IP scheme was going to be ahead of traveling to the site. Staats’ team lined up hundreds to thousands of pieces of equipment in each building and made sure that the vendors for the different types of equipment were ready to change their IP addresses. They would then pre-stage the equipment and get the IP addresses set up.
With Meraki, the Harbin Clinic has the ability to clone configurations through the template feature. As a result, for each of the subsequent 24 buildings they were able to change the switches within hours rather than days or weeks.
During the process, the team discovered at least 200 medical devices located in their buildings that they did not even know that they had. Staats’ team now tracks all of these devices through the Meraki MDM dashboard.
After implementing Meraki, Staats’ team noticed immediate benefits. The dashboard’s search ability allowed them to quickly find and contain network issues. When troubleshooting, the team started performing packet captures on individual ports, which allowed them to monitor their traffic. Most importantly, they have been able to use Meraki switches to contain ransomware and solve security issues.
One security instance stands out in particular. Staats’ team received an email from Sword & Shield, their managed security information and event management (SIEM) provider, indicating a workstation within Harbin Clinic’s network had been compromised by ransomware and that its IP was reaching out to external, malicious CnC sources. In response to Sword & Shield’s email, the Harbin network/security team looked at the affected IP address and determined it was in the Cancer Center based on the newly developed “per-building” IP scheme. After identifying the location, the team was then able to leverage the Meraki dashboard to determine which workstation was assigned this IP address, and which switch port it was attached to. They disabled the port before the ransomware propagated itself further into the network infrastructure, where it would have inevitably caused more damage. The time from the alert to the time the port was shut down was less than five minutes.
Today, Harbin uses Meraki MS switches, MX security, MR access points, and MV cameras. New team members are trained on Meraki within 20 minutes. Some team members joke that Meraki’s mobile app is their version of Facebook because they like seeing how much data is being used and what’s happening with their network. Vendors no longer blame equipment issues on Harbin’s network and, as a result, Staats’ team is able to solve equipment issues.
When the Harbin team has questions about Meraki, they utilize Meraki support.
The Meraki tech support are rockstars. The tech support is #1Ernest Staats, Senior IT Security and Network Administrator
After implementing Meraki, his team transitioned from chasing fires to working on security projects with their extra time.
Moving forward, their goals are to increase visibility through more logging and correlation with their security information and event management (SIEM). This will help them gain more information about their users.
Additionally, the Harbin team plans on implementing more Meraki MV cameras in remote datacenters. Staats categorized the cameras as “a set it and forget it technology.” It takes his team just five minutes to get each camera up and running, and they are able to access the video in the Meraki dashboard from any location. This makes it easy to delegate users and assign different permissions to each camera.
Staats has the following advice for people considering Meraki: “Try it out! Always come in with an open mind and I think you will be surprised with the results you get.”