With an operating area spanning over 10,000 square miles, South Western Ambulance Service NHS Foundation Trust (SWASFT) provides a range of emergency and urgent care services including NHS 111 call-handling and triage, urgent care, patient transport and emergency 999 care to 20% of mainland England. Across its geographical area, SWASFT serves 5.3 million inhabitants and 17.5 million visitors every year.
With a skilled workforce of over 4,000 employees, working from over 100 sites, including airbases and clinical hubs, incorporating many remote areas like the Forest of Dean, Bodmin Moor, Exmoor, Dartmoor, and the Isles of Scilly, Adrian Cory, Head of ICT Services for SWASFT, needed a centralised, easy to manage network infrastructure to link everyone together. Cory was looking for an ultimate solution for all of the various challenges facing the Trust, including VPN connections and and thin clients.
On the advice of a trusted partner, SWASFT requested trial equipment from Cisco Meraki and used it for a couple weeks before submitting an order for over 100 Meraki switches and 300 Meraki access points. Familiarity and resiliency were two key factors in considering a new network solution. The organisation’s core infrastructure utilises Cisco equipment and the team is very familiar with Cisco products. Transitioning to the Meraki solution for wireless and switching at their distributed sites was “clear and easy to work out”, according to Greg Moyse, Senior Systems Analyst. The side-by-side deployment of on-premise and cloud-based Cisco products provides the IT team with the security, flexibility, and ease-of-use they needed. “Having the cloud-based controller and 100% resiliency is vital to us”, Moyse emphasised.
We can do remote troubleshooting, like running cable tests on switch ports, and have a contractor fix it. That’s easily a 2.5-hour drive avoided. Greg Moyse, Senior Systems Analyst
Implementing the highly distributed Meraki solution, as well as managing the on-going upkeep of the network, is a joint effort spearheaded by Cory, led by Moyse, and supported by a highly-skilled project team providing project governance, supplier management and more. The physical deployment was sub-contracted to an external company and took between four and five months to complete. According to Moyse, “the online configuration was very simple. Once we had completed a couple of test installations, we found it very easy. With Meraki, we can create a new network and migrate over to that new network when required”.
Each location has 1-2 Meraki APs, which route back through an 8-, 24-, or 48-port Meraki switch depending on the size of the stations. Moyse commented, “based on whether the site is small, medium, or large, I can take a template from one location and roll it out to all of the similar sites”.
Built into the dashboard are location heatmaps, which allow the IT team to see where the network is used most heavily and adjust AP placements and quantities as needed. As the Trust expands its Meraki deployment, the IT team can simply add new devices and have them instantly visible in the centralised dashboard.
“I put the APs in a box with some instructions, ship it to someone to set it up onsite, and I’ll see it in the dashboard”, Moyse described.
The IT team has configured a set of SSIDs which are available at any of the sites throughout the Trust’s network. The continuity of SSIDs allows employees to travel to any site and have automatic access to the network and resources. Corporate devices and mobile devices have restrictions enabled which ensure fair usage. Employees can connect to care facilities while they’re in the field or via the wireless system at stations to securely share patient medical data. Once the ambulances arrive at hospitals, the patient’s information is already accessible when they are formally handed over to hospital staff.
Maintenance of ambulances and other vehicles in the trust’s 1,000-strong fleet are performed at one of the 20 locations equipped with diagnostic systems. These systems are isolated on an SSID with VLAN tagging enabled to direct internet traffic directly out of the network to its end destination.
Users connecting to the guest SSID are prompted to register with their corporate credentials before accessing the network for security purposes. The network traffic is then automatically assigned a VLAN tag and routed securely through additional filtering policies. On the Meraki side, this SSID can also be enabled with Layer 3 firewall rules and per-client SSID limits to prevent specific users from abusing their network privileges.
In the main IT office, wallboards are setup for on-going monitoring of the distributed network, which Greg Moyse explained in more detail, “We can monitor what people are doing. Netflix used to be the biggest user of bandwidth and we could identify a particular user on a specific day in dashboard. We can send users an email if they are using too much bandwidth, or revoke their splash login completely.”
While the APs are providing users with the SSIDs to access the internet, the Meraki switches are physically connecting them to the network and employing features like Quality of Service rules to prioritise specifically tagged traffic. Built into the dashboard are a plethora of live tools, giving the IT team the power to remotely assess potential issues and be proactive with their network management.
Greg Moyse said, “it’s handy if something occurs in a remote part of Cornwall. We can do remote troubleshooting, like running cable tests on switch ports, and have a contractor fix it. That’s easily a 2.5-hour drive avoided”.
Using role-based administration in the dashboard, non-network colleagues can have access to perform specific tasks, like executing help-desk tickets for guest authentication. Greg Moyse commented, “A lot of options that previously would need to have been purchased, are already in the dashboard, like location tracking for example. It’s very easy with the dashboard’s integration with Google Maps, the team can also zoom in to see deployments in detail, network health, and a general view of what is happening.”
The reaction to the new network infrastructure has been extremely positive. More users are accessing the guest network than before and are enjoying the ability to access both personal and professional resources quickly. Many of the substations provide training and in the past relied on thin clients, struggling with compatible OS versions and poor connections. Now, this training is performed using the wireless infrastructure and independent devices.
Greg Moyse said, “Our training managers have given us really positive feedback. We’ve given our colleagues the tools they need and the ability to enjoy the same experience wherever they are.”
As the needs of the trust grow or change, the members of the IT and project team can add new devices, update configurations, or implement Meraki technology in new ways. For example, the team has recently installed a Meraki Z1 device using 4G to provide connectivity to a location with no telephony.
“Meraki is an easy, out-of-the-box solution that I can use from anywhere. I have a guy who just took a switch with him. I’ve already preconfigured the device to be up-and-running when it’s plugged in”, said Moyse.