Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security
Uploaded by klunixctf

Midterm Practical

advertisement 
Cloud 101: Midterm Scenario Practical
Practical Directions: To complete your midterm practical, you will be asked to interpret a scenario and
develop the following:
1) Use Case: You will write a briefing for management that will outline the benefits associated with
the cloud strategy, platform, and services you will be proposing. (100 points)
2) Requirements. A complete list of requirements derived from the scenario or explicitly included.
Requirements should be documented in as a list and categorized using the following
(Regulatory, Usability, Architecture, Cost, Scalability, Elasticity, Compute, Networking, Storage,
Security, and Availability). (100 points)
3) Cost estimate. You should be able to determine the cost projections of the services that are
planned to meet the requirements. Use aws.amazon.com/tco-calculator to provide estimates
for AWS. (100 points)
4) Architecture Diagram. You should use the correct icons for the cloud platform you are designing
and translate requirements into a working architecture diagram using the principles and
practices discussed in class. (100 points)
5) Build and Demonstrate. You should be able to provision, orchestrate, build, and configure cloud
services that are specifically identified in the POC (Proof of Concept) section of categorized
requirements. (100 points)
You will turn in the following for full grading consideration for your midterm practical. 1) Cloud
migration strategy and cloud platform proposal. 2) The requirements list (document or
spreadsheet), 3) The cost estimate (screenshot or document), 4) the architecture diagram
(draw.io, slide, or document), and 5) a screenshot of each service showing the configuration as
outlined in requirements (if required configuration is not visible in your screenshot, it will be
assumed you did not meet the requirement when grading is conducted).
Let’s get started. This is a feasibility study.
Scenario: You have been hired by a medical imaging company to help architect and engineer solutions in
the cloud. The company has not selected a cloud platform nor began a cloud strategy. The company is
open to options and is awaiting your advisement. The company is in 6 states including California,
Oregon, Nevada, Utah, New Mexico, and Colorado. The company specializes in heart and brain imaging
and also performs other MRI, CAT, and radiology services. The company has 47 imaging centers and 2
corporate locations in California and Colorado, where you work.
The company has been encountering major engineering problems associated with moving images
between their centers and the corporate datacenter and is looking to expand to a model to allow
radiologists in any center to read an image in any other center. Remote reading of images is not
possible, so the images have to be local for radiologists to read them properly. This has been a major
design challenge with the traditional datacenter and hub and spoke SD-WAN network that has allowed
the company to expand to its current size. The company has also been experiencing outages with
imaging systems that is preventing radiologists from interacting with the system for extended periods of
time. Lastly, the company had a breach of the imaging portal where patients access their readings and
referring physicians’ interface with these services. 565 patient records were exposed in a publicly
reportable breach just 6 months ago and it was reported to OCR who is expected to audit the security of
the company within the next year. The breach occurred with a credential stuffing attack against the
patient portal which does not currently offer multi-factor authentication and has no specific security
controls to protect the web portal itself. The company does have the website configured with port
forwarding using IIS and uses a third party validated certificate to provide encrypted sessions.
To see if the cloud is a viable option, the company wants you to initially build and proof of concept for a
small portion of the company’s overall network. The portion associated with the POC is depicted below
in this architecture diagram.
POC Requirements:
1) Enterprise Imaging reads between centers occurs over the SD-WAN. This is too slow and the
reads cannot be replicated to all sites to support the new strategy. Therefore, the company is
seeking to provide a remote / home reading capability to center and home users.
2) RIS, EMR, and H77 interface systems are out of scope for the POC. NO exam ordering,
scheduling, or physician referral interfaces are in scope for the POC but all services should be
represented on the proposed architecture diagram. PACS is in scope. Backups are in scope.
More information on service architecture is located here: https://radiologykey.com/medicalimaging-informatics/
3) Modalities and reading systems MUST successfully interface with the POC PACS cloud
infrastructure proposed and demonstrated.
4) Patient Portal for PACS/RIS should be depicted and demonstrated with NEW security controls.
5) Security and availability requirements including the following MUST be part of the POC.
a. Logging
b. Cloud compliance
c. Access
d. Firewalls
e. VPN
f. WAN Integration to Centers
g. Emergency backup systems
h. Meaningful use access to PHI
i. PHI data security controls
j. Image delivery and availability
6) No images should be stored on reading workstations, which MUST be dedicated for remote
readings.
7) POC should show the following in a demonstration:
a. Compute: A Server/computer resource with detailed tagging for distributed support of
PACS functionality. Model does not have to reflect actual scale.
b. Storage: An appropriate data storage resource that can scale for storing and searching
on PACS images with a description of how these will be accessible by reading
workstations.
c. Security: A firewall that can be implemented similar to the current architecture. Other
security controls and services should be depicted.
d. Regulatory: Environment should be demonstrated to meet applicable regulatory and
legal requirements.
e. Logging: Logging of environment and server changes and access events.
f. Availability: Load balancing options for PACS reading and interfaces – does not have to
be explicitly demonstrated – if so, this is Extra Credit
g. Backup and Archiving:
h. Scalability and Elasticity: The ability to meet demand increases and reductions without
paying for unneeded resources. Does not need to be implemented in POC, just depicted,
or discussed.
i. Cost Management: A cost model that does not exceed current costs unless benefits and
value are properly modeled. The budget should be set at $700,000 per year (current). A
secondary budget with demonstrated value should be set at the POC discretion.
Related documents
ELEMENTS OF WEATHER SUMMARY
ELEMENTS OF WEATHER SUMMARY
Aero English
Aero English
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
Cloud Based Business Growth Support Processes
Cloud Based Business Growth Support Processes
Download
advertisement