St. Joseph Health System
“The Infoblox devices provide the necessary resiliency and features that allow us to ensure nonstop delivery of the network identity services essential to providing access to critical applications and help us better serve our patients.”
—Area vice president of information systems, St. Joseph Health System
The Customer
St. Joseph Health System, which exists to extend the Catholic health care ministry of the Sisters of St. Joseph of Orange, has more than 14 hospitals, three home health agencies, as well as hospice care, outpatient services, nursing facilities and doctor’s organizations. It is committed to delivering the best possible health care services for its patients. In order to do this, many of SJHS physicians, nurses, staff and administration rely on the organization’s extensive distributed network and IP applications ranging from email and print to advanced applications used by the SJHS staff to help care for and serve its patients.
The Challenge
While undertaking a Microsoft Active Directory (AD) migration project, the SJHS discovered some fault tolerance shortcomings with the IP address assignment capabilities—delivered by the dynamic host configuration protocol (DHCP)—of the Microsoft AD solution that could potentially jeopardize network availability.
In addition, due to stringent HIPPA compliance requirements, SJHS representatives were concerned about the potential security vulnerabilities inherent in alternative systems for delivering both domain name resolution and IP address assignment network identity services.
In its quest to find a new network identity infrastructure solution, SJHS established the following criteria:
Easy to deploy;
Complements a Microsoft AD environment;
Easily scales and serves the need for nonstop DNS and DHCP services in a distributed organization;
Reduces security risk; and
Simplifies ongoing management.
The Solution
St. Joseph Health System selected and deployed Infoblox appliances running the DNSone package to ensure nonstop delivery of domain name resolution and IP address management services—network identity services that are essential to the operation and access of its IP networks and applications.
Just over two years ago, SJHS purchased its first four Infoblox appliances running the DNSone package—2 pairs deployed in high-availability (HA) mode—to reliably perform internal domain name resolution (DNS). After witnessing the reliability, scalability and manageability of the Infoblox purpose-built, secure appliances, SJHS expanded its deployment to include 2 additional Infoblox appliances running the DNSone module for external DNS service delivery.
Soon thereafter, recognizing the integrated DHCP and fault tolerance capabilities of the Infoblox devices, SJHS decided to maintain Microsoft AD at the network core and extend the DNS and DHCP services throughout its network, leveraging Infoblox appliances.
Today, to ensure nonstop domain name resolution and IP address management service delivery, while reducing administrative overhead, SJHS has deployed more than 15 Infoblox devices throughout its network.
“Infoblox has worked well within the SJHS environment. We have been pleased with the integrated DHCP and fault tolerance features as well as the easy integration with Microsoft AD,” said Robert Van Vuren, network architect for Perot Systems, an outsourcing partner with SJHS responsible for driving deployment of the organization’s network identity infrastructure and information systems.
Infoblox appliances are designed to provide the foundation for next-generation network identity services. The hardened appliance design and intuitive GUI enable the offloading of network identity services, such as DNS, DHCP and RADIUS, from general-purpose servers that lack reliability and scalability, require significant management overhead for patching and upgrading, and often introduce security vulnerabilities. Instead, these services can be easily managed by a purpose-built, hardened appliance that is inherently secure, reliable and scalable, freeing network administration resources and providing increased security. Additionally, the Infoblox appliances can be deployed stand-alone or in high-availability pairs to ensure nonstop operation, and can be optionally linked into robust, distributed ID grids for unparalleled network identity infrastructure availability and management benefits.
The Result
The Infoblox devices integrated easily with SJHS Microsoft AD environment and provide the necessary resiliency and features that ensure nonstop delivery of the network identity services that are essential to providing access to its critical applications.
Bill Lazarus, area vice president of Information Systems at SJHS commented: “Our 14 hospitals and additional facilities all need to have 24/7 availability to the applications and services necessary to give our patients state-of-the-art health care. The Infoblox devices provide the necessary resiliency and features that allow us to ensure nonstop delivery of the services essential to providing access to those critical applications and help us better serve our patients.”
With its new Infoblox network identity infrastructure, the SJHS can rest assured its constituents will benefit from nonstop network identity services, allowing the team to consistently leverage the network and its advanced applications to deliver the best possible health care services for its patients.