Table of Contents HOL-MBL-1661

Similar documents
Table of Contents HOL-SDC-1415

Table of Contents HOL-PRT-1464

Table of Contents HOL-HBD-1301

VMware AirWatch: Directory and Certificate Authority

Table of Contents HOL-1701-CHG-5

Table of Contents HOL-1703-SDC-4

Enter your Appserv username and password to sign in to the Website

Table of Contents HOL-1757-MBL-6

1) Use either Chrome of Firefox to access the VMware vsphere web Client. FireFox

Table of Contents. VMware AirWatch: Technology Partner Integration

AppDefense Getting Started. VMware AppDefense

VMware AirWatch - Workspace ONE, Single Sign-on and VMware Identity Manager

Table of Contents HOL-SDC-1317

Remote Access to the CIS VLab (308)

Table of Contents HOL-SDC-1315

VMware AirWatch - Unified Endpoint Management for Windows 10

VMware Horizon Client Install & Login Windows PC

Contents Overview... 2 Part I Connecting to the VPN via Windows OS Accessing the Site with the View Client Installing...

Cisco Virtual Application Container Services 2.0 Lab v1

Table of Contents HOL SLN

CIS 231 Windows 7 Install Lab #2

ForeScout CounterACT. Configuration Guide. Version 1.1

Deployment User Guide

Dell SC Series Integration with VMware VVols

Table of Contents HOL SDC

FireFox. CIS 231 Windows 10 Install Lab # 3. 1) Use either Chrome of Firefox to access the VMware vsphere web Client.

Parallels Remote Application Server

VMware vrealize Operations for Horizon Administration. 20 SEP 2018 VMware vrealize Operations for Horizon 6.6

VMware vrealize Operations for Horizon Administration. Modified on 3 JUL 2018 VMware vrealize Operations for Horizon 6.4

VMware Horizon Client Install for non-uh Devices (VDI)

FireFox. CIS 231 Windows 2012 R2 Server Install Lab #1

HIPAA Controls. Powered by Auditor Mapping.

Appserv Internal Desktop Access Mac OS Device with Safari Browser. Enter your Appserv username and password to sign in to the Website

Table of Contents HOL NET

Windows 8.1 User Guide for ANU Staff

REVISED 1 AUGUST REVIEWER'S GUIDE FOR VMWARE APP VOLUMES VMware App Volumes and later

Table of Contents HOL SLN

REVISED 1 AUGUST QUICK-START TUTORIAL FOR VMWARE APP VOLUMES VMware App Volumes and later

VMware End User Computing Global Demo Environment Walkthrough Guide

IaaS Integration for Multi- Machine Services. vrealize Automation 6.2

Windows 8.1 User Guide for ANU Staff

Locate your Advanced Tools and Applications

Tableau Server on Microsoft Azure:

Table of Contents HOL ADV

Table of Contents HOL-PRT-1467

ForeScout Extended Module for MaaS360

Send the Ctrl-Alt-Delete key sequence to the Guest OS one of two ways: Key sequence: Ctlr-Alt-Ins Menu Sequence: VM / Guest / Send Ctrl-Alt-Delete

vshield Administration Guide

1) Use either Chrome of Firefox to access the VMware vsphere web Client. FireFox

JCCC Virtual Labs. Click the link for more information on installing on that device type. Windows PC/laptop Apple imac or MacBook ipad Android Linux

ForeScout CounterACT. (AWS) Plugin. Configuration Guide. Version 1.3

Horizon Cloud with On-Premises Infrastructure Administration Guide. VMware Horizon Cloud Service Horizon Cloud with On-Premises Infrastructure 1.

Table of Contents HOL NET

Horizon Console Administration. 13 DEC 2018 VMware Horizon 7 7.7

FAQ. General Information: Online Support:

IaaS Integration for Multi-Machine Services

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline Collector 2.0

Table of Contents HOL CMP

Radiology Associates - Office Computer Set-Up Guide

Agility 2018 Hands-on Lab Guide. VDI the F5 Way. F5 Networks, Inc.

Tenable.io User Guide. Last Revised: November 03, 2017

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

VMware Skyline Collector Installation and Configuration Guide. VMware Skyline 1.4

WELCOME TO ACE GROUP Table of Contents

ForeScout Extended Module for MobileIron

Connecting to the Virtual Desktop Infrastructure (VDI)

CIS 231 Windows 2012 R2 Server Install Lab #1

ForeScout Extended Module for Tenable Vulnerability Management

VMware vsphere: What s New Lab Manual ESXi 5.5 and vcenter Server 5.5

Secure Mobile Access Module

vcenter Server and Host Management Update 2 Modified on 04 OCT 2017 VMware vsphere 6.0 VMware ESXi 6.0 vcenter Server 6.0

VMware vsphere 5.5: Install, Configure, Manage Lab Addendum. Lab 3: Configuring VMware ESXi

Installing and Configuring vcloud Connector

TECHNICAL WHITE PAPER AUGUST 2017 REVIEWER S GUIDE FOR VIEW IN VMWARE HORIZON 7: INSTALLATION AND CONFIGURATION. VMware Horizon 7 version 7.

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

CIS 231 Windows 10 Install Lab # 3

Table of Contents HOL CMP

VMware vrealize Operations for Horizon Administration

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

WINDOWS HOST GUIDE. Remote Support & Management PC Mac Tablet Smartphone Embedded device. WiseMo Host module on your PC or Server

IC121-End-to-End Virtual Security Hands-On Lab

Table of Contents HOL-1710-SDC-6

Table of Contents HOL VWS

AppsWatch. Automai, Corp.

Administering Cloud Pod Architecture in Horizon 7. Modified on 4 JAN 2018 VMware Horizon 7 7.4

Application Virtualization Hosting Environment

VMware vrealize Operations for Horizon Administration

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: VMWARE IDENTITY MANAGER ARCHITECTURE

VMware Horizon Client Installation Guide (Windows)

VMware Horizon View 5.2 Reviewer s Guide REVIEWER S GUIDE

VMware Workspace ONE UEM Integration with Apple School Manager

ForeScout Extended Module for ServiceNow

vrealize Suite Lifecycle Manager 1.0 Installation and Management vrealize Suite 2017

Virtual Desktop Infrastructure Setup for MacOS

ForeScout Extended Module for VMware AirWatch MDM

Table of Contents HOL SLN

VMware vsphere 5.5: Install, Configure, Manage Lab Addendum. Lab 21: VMware vsphere Distributed Resource Scheduler

Technology Services Group Procedures. IH Anywhere guide. 0 P a g e

PHYSICIAN S OFFICE STAFF Instructions for Paragon s WebStation for Physicians

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Transcription:

Table of Contents Lab Overview -... 2 Lab Guidance... 3 Module 1 - Just-In-Time Application Deployment (30 minutes)... 4 Module 1 Introduction... 5 Just-In-Time Applications using App Volumes... 6 Module 1 Summary... 47 Module 2 - Identity Based Dynamic FireWall Services (30 minutes)... 48 Module 2 Introduction... 49 Identity Based Firewall... 50 Module 2 Summary... 80 Module 3 - Compliance and Regulatory Data Security (45 minutes)... 81 Module 3 Introduction... 82 Data Security... 83 Module 3 Summary... 120 Lab Review and Summary... 121 Lab Review and Summary... 122 Page 1

Lab Overview - HOL- MBL-1661 Page 2

Lab Guidance The Table of Contents can be accessed under MORE OPTIONS in the upper right-hand corner. Note: It may take more than 90 minutes to complete this lab. The modules are independent of each other so you can start at the beginning of any module and proceed from there as well as repeat the lab after re-enrolling Healthcare organizations frequently perceive that security and speed are mutually exclusive benefits. Most healthcare organizations are stuck with archaic and brittle forms of securing their data centers and end points. These same organizations have yet to modernize their approach to application delivery. With HIPAA, HITECH, and PCI compliance requirements, healthcare organizations need to look at innovative ways to secure one of the most vulnerable access points: the end point. We need to address a better way to provision new clinical applications and services, and we need to do so in real-time. Virtualization has brought tremendous efficiency, flexibility and speed to the consumption of resources in the datacenter. These benefits are enabled by the abstraction of compute and memory resources from the underlying physical hardware. What if we did the same thing for network and application provisioning? In this lab we'll show you some new and exciting ways to provision applications in realtime to clinicians and end users. We'll also take a look at securing the end point leveraging identity-based dynamic firewalls to secure the desktop. Lastly, we're going to take a look at ensuring compliance on our end points. A brief description of each module follows: Lab Module List: Module 1 - Just-In-Time Application Deployment (30 minutes). Module 2 - Identity Based Dynamic FireWall Services (30 minutes). Module 3 - Compliance and Regulatory Data Security (45 minutes). Lab Captains: Mark Richards, Staff Systems Engineer David Coleman, Sr. Systems Engineer This lab manual can be downloaded from the Hands-on Labs Document site found here: http://docs.hol.vmware.com/hol-2016 Page 3

Module 1 - Just-In-Time Application Deployment (30 minutes) Page 4

Module 1 Introduction In module one, we are going to discuss and demonstrate Just-In-Time application deployment. This will demonstrate the ability to provision applications in real time and how doing so is valuable to clinicians. The solution saves clinicians and end users time spent waiting for IT and adds time back to seeing patients. Page 5

Just-In-Time Applications using App Volumes In this module you will leverage VMware App Volumes for just in time applications delivery. Connect to the Win7-Internal endpoint Double Click the Win7-Internal remote desktop icon to connect to the endpoint Page 6

Check your desktop, then Launch the VMware Horizon Client Based on the Hand on Labs environment you will be using the Win7-Internal virtual machine as a desktop endpoint. This would normally be your physical device. 1. Validate that you are connected to the Win7-Internal desktop. 2. Click the VMware Horizon Client Page 7

Connect to the Horizon desktop Double Click the cloud icon to connect to the Horizon infrastructure and your virtual desktop. Logon A new Clinician was hired and provisioned a virtual desktop. Logon as Dr. Melissa Null using the following credentials: 1. User name: mnull 2. Password: VMware1! 3. Domain: CORP 4. Click Login Page 8

Connect to the Healthcare Desktop Double Click the Healthcare Desktop icon to connect to your Horizon Windows 7 desktop. Page 9

Launch Fuji Synapse 1. Launch the Fuji Synapse Application. Wait, where is the application? 2. Note the connection information: desktop name is Win7-View-01a and the user name is mnull. Page 10

Start Menu...Programs Maybe the Application Icon was not placed on the desktop, let's go check. 1. Click the Windows Start icon 2. Click on All Programs Page 11

Fuji Program Folder 1. Notice that there is no Fuji application folder. Finally, let's check to see if the application is installed at all. 2. Click Control Panel Page 12

Control Panel In the Control Panel, under the Programs grouping 1. Click Uninstall a program Page 13

Installed Programs 1. Notice that no Fuji application is installed on the desktop. Now that you validated that the application was not installed, we need to check the App Volumes assignments. Page 14

Open the Chrome Browser 1. From the ControlCenter desktop 2. Launch the Google Chrome browser Page 15

Open a new tab to App Volumes Manager 1. Click to open a New Tab 2. Click the App Volumes Manager bookmark to open the manager 3. Logon as Administrator 4. Password is VMware1! 5. Click Login to open the manager Page 16

App Volumes Manager 1. Click on the Volumes tab to locate the application container Page 17

Review the AppStack 1. Click the AppStacks tab 2. Expand the Fuji Synapse Workstation AppStack 3. Click on the Assignments and notice that only the Doctors group is listed. 4. Click the X to close the assignments window Page 18

Assign the AppStack It appears that we need to assign the application(s) or AppStack to the user group 1. Click Assign Page 19

Assign Fuji Synapse Workstation AppStack 1. In the search windows enter clinical 2. Click Search to look up the group in Active Directory 3. Click on the Corp\Clinical group 4. Check the Assign box 5. Click on Assign Page 20

Confirm the Assignment Notice you have multiple choices for how the application will be attached. You can either attach the applications on the next login or immediately. 1. In most cases you will attach AppStacks on next login or reboot, make sure that is the option chosen 2. Click Assign to complete Return to the Horizon View Session Let's return to your Horizon desktop. 1. Click the Win7-Internal Page 21

Disconnect and Log Off Since the application will be delivered on a login process we need to disconnect and logoff. 1. Click Options 2. Click Disconnect and Log Off Confirm Click ok to disconnect the desktop Page 22

Optional Cancel Due to the Hands-on-Labs environment occasionally the screen does not refresh. 1. If you are presented this screen, please click the X to close the client. Page 23

Reconnect; Launch the VMware Horizon Client Based on the Hand on Labs environment you will be using the Win7-Internal virtual machine as a desktop endpoint. This would normally be your physical desktop. 1. Validate that you are connected to the Win7-Internal desktop. 2. Click the VMware Horizon Client Page 24

Connect to the Horizon desktop Double Click the Cloud Icon to connect to the load balanced Horizon infrastructure. Logon Logon back on as Dr. Melissa Null with 1. User name: mnull 2. Password: VMware1! 3. Domain: CORP 4. Click Login Page 25

Connect to the Healthcare Desktop Double Click the Healthcare Desktop icon to connect to the Horizon desktop pool. Page 26

Just-In-Time Application Delivery 1. Notice that you are connected to the same desktop Win7-View-01a and connected as user mnull 2. Based on your assignment AppVolumes delivered the Fuji Synapse Application without modifying the desktop or going through an install process. Page 27

Start Menu...Programs Maybe the Application Icon was not placed on the desktop, let's go check. 1. Click the Windows Start icon 2. Click on All Programs Page 28

Fuji Program Folder 1. Notice that you now have a FujiFilm Medical application folder. Finally, let's check to see if the application is installed. 2. Click Control Panel Page 29

Control Panel In the Control Panel, under the Programs grouping 1. Click Uninstall a program Page 30

Installed Programs 1. Notice that the Synapse Workstation application from Fuji is installed on the desktop. 2. Click the X to close Control Panel Page 31

Launch Fuji Synapse 1. Double Click the application icon to launch the Fuji Synapse Application. Page 32

Connect to Synapse Double Click the Synapse network (this may take a moment) Page 33

All Studies Double Click the All Studies (with images) folder Page 34

Search for Patient 1. In Patient Name search for Allen and press enter 2. from the filtered list find the patient Allen,Ted with the Acc# 1378 and double click the record Page 35

Minimize the Patient Information Minimize the Patient Information windows 1. Click the minus to minimize Page 36

Expose The Hidden Toolbar Fuji Synapse has a full set of features located in the hidden toolbar 1. Move your mouse pointer to the top of the window to expose the Toolbar Page 37

Close the Patient record 1. Click Organize 2. Click Close on Patient Image to return to the records Page 38

Search on Acc # 1203 1. Clear any Patient Name data 2. Enter 1203 in the Acc # field to filter the view 3. Double-Click the patient record to open Page 39

Close Patient Information 1. Close the Patient Information to view the image Page 40

Image Tools 1. Right Click in the image to reveal the Image Tools 2. Click on the Cine... option Page 41

Lossless Image review 1. You can review a lossless image in motion based on the stored image scan 2. After you review the image 3. click the X to close the Cine tool Page 42

Close the Images 1. Click Organize 2. Click Close on Patient Image to return to the records Page 43

Log Off Synapse To Log Off Synapse 1. Click File 2. Log Off Synapse Page 44

Disconnect and Log Off 1. Click Options 2. Click Disconnect and Log Off Confirm Page 45

Optional Cancel Due to the Hands-on-Labs environment occasionally the screen does not refresh. 1. If you are presented this screen, please click the X to close the client. Page 46

Module 1 Summary In Module 1 we discussed and demonstrated how leveraging Just-In-Time Deployment provisions applications in real time without affecting clinician workflows. Leveraging this solution will enable clinicians to receive near instantaneous application access and does so seamlessly from the end user perspective. Page 47

Module 2 - Identity Based Dynamic FireWall Services (30 minutes) Page 48

Module 2 Introduction In this module we are going to take a look at leveraging NSX with identity based firewalling to allow access to our PACS application. By utilizing NSX we have the ability to change the firewall policies in real time, this can be done at either the group or individual level with granularity as required. This flexibility allows healthcare IT departments to not only provide a more secure system but one that can be quickly adapted as requirements change. Page 49

Identity Based Firewall Connect to the Win7-Internal endpoint Double Click the Win7-Internal remote desktop icon to connect to the endpoint Page 50

Check your desktop, then Launch the VMware Horizon Client Based on the Hand on Labs environment you will be using the Win7-Internal virtual machine as a desktop endpoint. This would normally be your physical desktop. 1. Validate that you are connected to the Win7-Internal desktop. 2. Click the VMware Horizon Client Page 51

Connect to the Horizon desktop Double Click the Cloud Icon to connect to the load balanced Horizon infrastructure. Logon Logon with 1. User name: administrator 2. Password: VMware1! 3. Domain: CORP 4. Click Login Page 52

Connect to the Healthcare Desktop Double Click the Healthcare Desktop icon to connect to the Horizon desktop pool. Page 53

Horizon View Desktop 1. Notice that your session details and your user name should be Administrator. Page 54

Launch Fuji Synapse 1. Double Click the application icon to launch the Fuji Synapse Application. Note: This may take 25-60 seconds to respond Page 55

Connection Warning Click OK to close the warning Page 56

Connect to Synapse Double Click the Synapse network Page 57

Failed to connect Error Notice that you can not connect the application to the backend. 1. Click OK to close the error Page 58

Launch Internet Explorer 1. Close Fuji Synapse 2. Open Internet Explorer Enable Synapse Plugin 1. Click Enable to allow the Fuji Synapse plugin Page 59

Connection Denied 1. Notice that you have no access to the application back-end. You must not have network access. 2. Click X to close Internet Explorer Page 60

Review the Dynamic Identity based Firewall Policies Click the - to minimize the Win7-Internal RDP session Page 61

Check your desktop, then Launch Google Chrome 1. Validate that you are on the ControlCenter desktop. 2. Double Click the Google Chrome icon Page 62

Connect to vcenter WebClient 1. Check the box Use Windows session authentication 2. Click Login Navigate to Networking and Security 1. Click the house icon 2. Click on Network & Security to manage NSX Review the Firewall Policies 1. On the left click on Firewall 2. Expand the Doctors Access Security Policy - Firewall (Rule 3) 3. Click on the Doctors ActiveDirectory to reveal the Effective members that this policy will apply to 4. Notice that the member list is empty Page 63

Page 64

Add the Doctors Active Directory Group 1. On the left click Service Composer 2. Click on the Security Groups 3. Click on the Doctors ActiveDirectory Security Group 4. Click on the edit security group icon Page 65

Include the AD Group 1. Click on 3 Select objects to include 2. Click on the drop down tab 3. Select Directory Group 4. Choose the Active Directory group called Doctors 5. Click the arrow to include the group 6. Choose Finish Page 66

Return to the Firewall Policies and Review 1. On the left click on Firewall 2. Expand the Doctors Access Security Policy - Firewall (Rule 3) 3. Click on the Doctors ActiveDirectory to reveal the Effective members that this policy will apply to 4. Notice that the member list now includes your Horizon View desktop session. Return to the desktop to validate you have access. Page 67

Return to the Win7-Internal session 1. Click the Win7-Internal Page 68

Test User Identity Rule Your Horizon View session may be locked, please unlock the computer to continue 1. Click on the Send Ctrl-Alt-Delete Page 69

Unlock the Computer Click on the CORP\Administrator Locked icon Page 70

Authenticate to Unlock 1. Enter the Administrator password VMware1! and click enter Page 71

Launch Fuji Synapse 1. Double Click the application icon to launch the Fuji Synapse Application. Page 72

Connect to Synapse Now that you included the Active Directory group to the policy you should be able to refresh the application Notice that you are now connected to the application and have multiple systems to connect to 1. Double Click the Synapse network Page 73

All Studies Double Click the All Studies (with images) folder Page 74

Search for Patient 1. In Patient Name search for Knee and press enter 2. from the filtered list find the patient Knee and double click the record Page 75

Review the Image Network access allows the application to function as normal Page 76

Close the Patient record 1. Click Organize 2. Click Close. 3. This will return you to return to the records Page Page 77

Close the Application 1. Click the X to close the Application Page 78

Disconnect and Log Off from the Horizon desktop 1. Click the Windows Start icon 2. Click Log off to disconnect the session Page 79

Module 2 Summary In Module two we demonstrated how by leveraging identity based firewalling with NSX we could provision access to applications at a group or individual level. This same capability can be utilized to allow access to a machine or groups of machines. This granular level of security greatly improves our security posture. Page 80

Module 3 - Compliance and Regulatory Data Security (45 minutes) Page 81

Module 3 Introduction Too frequently in healthcare we have seen loss of PHI data that is leveraged for malicious purposes. In this module we will demonstrate how NSX Data Security can greatly enhance our compliance posture. http://www.hipaajournal.com/hospital-employee-steals-protected-patient-data-tocommit-identity-theft-8064/ VMware NSX Data Security scans and analyzes data on your Virtual Machines and will report the number of violations detected, as well as what files violated your policy. It essentially provides visibility into any sensitive data that is in your environment. Based on the violations reported by NSX Data Security, you can ensure that sensitive data is adequately protected and assess compliance with regulations around the world.to begin using NSX Data Security, you create a policy that defines the regulations that apply to data security in your organization and specifies the areas of your environment and files to be scanned. A regulation is composed of content blades, which identify the sensitive content to be detected. NSX supports PCI, PHI, and PII related regulations only. Page 82

Data Security When you start a Data Security scan, NSX analyzes the data on the virtual machines in your vsphere inventory and reports the number of violations detected and the files that violated your policy.in this section we will configure Data Security, select the pattern we want to identify on the workload and also do a scan to determine any sensitive data matching the pattern resident on the VM in our scenario which is "Win7-View-02a. In our case we have shown you a PHI example but you can select from a vast list of regulations as well create your own custom patterns using wild cards. Page 83

Check your desktop, then connect to the Win7-Internal endpoint 1. Validate that you are on the ControlCenter desktop. 2. Double Click the Win7-Internal shortcut. Check your desktop, then Launch the VMware Horizon Client Based on the Hand on Labs environment you will be using the Win7-Internal virtual machine as a desktop endpoint. This would normally be your physical desktop. 1. Validate that you are connected to the Win7-Internal desktop. 2. Click the VMware Horizon Client Page 84

Page 85

Connect to the Horizon desktop Double Click the Cloud Icon to connect to the load balanced Horizon infrastructure. Logon Logon as Dr. Gus Bode using 1. User name: gbode 2. Password: VMware1! 3. Domain: CORP 4. Click Login Page 86

Connect to the Data Security Desktop Double Click the Data Security Desktop icon to connect to the Horizon desktop pool. Page 87

Validate your Session Details 1. Notice your session details and your user name should be gbode. 2. Launch the Windows Explorer Page 88

Navigate to My Documents 1. Click on Documents 2. Double Click the Patient Information file to open Page 89

Review the contents Review the contents of the file and notice that this is a violation of many regulations including PHI,PII,PCI. Page 90

Manage Data Security Check your desktop, then Launch Google Chrome 1. Validate that you are on the ControlCenter desktop. 2. Double Click the Google Chrome icon Page 91

Connect to vcenter WebClient 1. Check the box Use Windows session authentication 2. Click Login Navigate to Networking and Security 1. Click the house icon 2. Click on Network & Security to manage NSX Page 92

Manage Data Security 1. On the left side click Data Security 2. Click on the Manage tab 3. Notice the empty list of regulations and standards already defined 4. Click Edit... Page 93

View All Regulatory Templates Click "All" to view all the templates. Notice that there are over 90 pre-defined templates covering Regulations, States, and Countries. Page 94

Filter for and Select HIPAA template 1. Enter "HIPAA" in the filter field and press enter (The filter field is case-sensitive) 2. Check the box ( Do NOT select the Low Threshold regulations for this Lab ) Page 95

Filter for and Select Identification Numbers 1. Enter "Social" in the filter field and press enter (The filter field is case-sensitive) 2. Check the boxes for "Canada Social Insurance" and "US Social Security Numbers" 3. Click "Next" Page 96

Finish selecting the regulation and standard Click on "Finish" to set the data pattern Page 97

Publish the change Click "Publish Changes". Start the Data Security Scan Click on the "Start" button to start scanning for violations Page 98

Monitor the Data Security Scan. 1. Notice the Status changes to "In Progress". Also "Stop" and "Pause" buttons show up 2. Click on "Monitor" Page 99

Check the progress of security scan Scan Status shows "In Progress" and also the color changed to turquoise. You can also "Refresh" the Dashboard at any time. Note: A typical scan takes anywhere from 10-15 minutes depending on the scope of scan. Return to the Win7-Internal session 1. Click the Win7-Internal Page 100

Return to the Desktop while the scan is running 1. Click on the Win7-Internal remote desktop session to return to your desktop. 2. Close the offending file Page 101

Close Windows Explorer Close Windows Explorer Page 102

Launch Fuji Synapse 1. Right Click the Radiologist Synapse Dashboard icon to start Fuji Synapse Page 103

Connect to Synapse You are presented with your Dashboard 1. Click the UNREAD Clinic (Synapse) link Page 104

Search for Patient In the Patient Name enter Thompson Page 105

Select Patient 1. Right Click Thompson, Bill patient 2. Click Open in new Window to open the images Page 106

Minimize the Patient Information 1. Click the minus to minimize the patient information Page 107

Image Tools 1. Right Click in the image to reveal the Image Tools 2. Click on the Cine... option Page 108

Lossless Image review 1. Review the full motion of the images You will notice after a minute or two you desktop will become un-responsive. Page 109

Policy Enforced As soon as the Data Security scan locates a violation it will tag the offending object with that violation and apply the associated security policies. Our policy is defined to block all incoming and outgoing network traffic. Page 110

Try to reconnect to the offending desktop 1. Double Click the Data Security Desktop icon to connect to the Horizon desktop pool. Note: You may need to log back on to Horizon. If prompted, please login with gbode and password with VMware1!. Page 111

Connection Error For this Hands on Lab we only have a single VM in the Horizon desktop pool, thus you receive an error while trying to connect. This is due to the dynamic firewall policy the was applied to the offending VM. Page 112

Scan completion 1. Click on the Google Chrome vsphere Web Client in the task bar Page 113

Scan Review 1. Click the Refresh link 2. Once the scan is completed the color will change to purple. 3. Notice under "View Regulations Violated Report", it shows the violation types of US Social Security Numbers and Canada Social Insurance Numbers 4. If you hover your mouse over on of the violation bars, you can see the number of offenses found. 5. Under "Top VM's Violating Regulations", it shows the VM name that has violated the PCI regulations. Page 114

Complete scan report 1. Click on Reports 2. Click Refresh once or twice for the reports screen to update 3. You can see the number of violations and the regulation policy that was triggered. Notice the number of violations. View Report In order to see the files which have violated the regulations 1. Click on the drop down menu "View Report" and 2. Select Violating files Page 115

Detailed Report Selecting the "Violating files" option will allow you to view details about the violating workload 1. Name of the offending VM 2. The compute cluster and DataCenter the VM is a member of 3. The path and name of the offending file 4. The Regulations that the files violate 5. and finally, the date and time stamp of the file. Download Report You can optionally Download Complete Report in a CSV file format. Page 116

Canvas View To view the offending VM in the policy 1. Click Service Composer from the left 2. Click on Canvas 3. Type Violations in the filter and press enter Page 117

Violating VM show up in "Data Security" Group 1. On the PHI, PII, HIPAA Data Violations canvas Click the VM icon 2. As a result of violation, the offending VM "Win7-View-02a" shows up in the security group. Page 118

Firewall Policy Review 1. On the PHI, PII, HIPAA Data Violations canvas click the Firewall icon 2. Notice that 2 firewall policies blocking east / west traffic are defined. Since the Win7-View-02a VM was a member of the "PHI, PII, HIPAA Data Violations" group the firewall rules are applied. Our rules are listed below, but you can defined multiple rules to control any east/west traffic or services. Policy Member is the Source so all traffic is blocked out going Policy Member is the Destination so all traffic inbound is blocked Page 119

Module 3 Summary In Module 3 we demonstrated how with NSX Data security we can detect compliance violations and isolate that system from the network. Utilizing this capability we can greatly enhance our compliance stature and protect our healthcare organization from breaches. Page 120

Lab Review and Summary Page 121

Lab Review and Summary Security is top of mind for everyone in healthcare IT. The End point has always been one of the easiest access points to hack an organization. Through this lab we have demonstrated new and innovative ways to better your organizations stance on compliance, security and a new and faster way to provision applications to end users. By leveraging solution sets such as NSX and App Volumes we can significantly improve our security posture and improve the time and consistency in the manner in which we deliver new applications to our clinicians and end users. Page 122

Conclusion Thank you for participating in the VMware Hands-on Labs. Be sure to visit http://hol.vmware.com/ to continue your lab experience online. Lab SKU: Version: 20160301-100130 Page 123

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback