Product Overview
Shengteng Weixun desktop cloud solution provides cloud desktops and applications for doctors' stations, nurse stations, self-service equipment, and ward (mobile rounds) in the general hospital and branch hospitals. Achieve the following goals:
Unified specification, deployment, management, maintenance and monitoring;
Information is safe and secure, can be seen, used, and can not be taken;
Rapid deployment for business;
Reduce energy consumption and green office;
- The specific construction objectives are as follows:
Centralized update and unified release of the application: The unified access system transfers the application's upgrade, change, and maintenance to the unified management and operation of the background, and centrally publishes, configures, and updates the system on the system instead of the user. The terminal user does not need any Change to get the latest applications and services, reducing the operational support required for the terminal.
Secure access, decentralized and decentralized, centralized management and control, unified access system will provide integrated security access control, integrate existing security procedures, and achieve concentration of users in different security domains and different access types according to the corresponding permission policy. Control, as well as flexible allocation and usage audits of different business resources.
Improve user access experience: The unified access system provides the best access experience. Users are no longer affected by network quality, achieving consistent access experience in different network environments, and improving the availability and continuity of business systems.
- Scene analysis:
Application scenario: outpatient doctor workstation, resident workstation, nurse workstation, branch, etc.
Applications: HIS system (Easy Lianzhong), electronic case system (Haitai), charge accounting system, medical graphics storage transmission processing system (PACS), radiology information system (RIS), laboratory information system (LIS), ultrasound information system ( UIS), pathological information system (PIS), hospital office system (OA), etc.
Peripherals: parallel port / U port printer (needle and laser printer), medical card / medical insurance card reader (U port), etc.
Key indicators
First, the security program
The centralized deployment architecture isolates the user's direct access to the back-end server through the cloud desktop. At the same time, all the data is isolated in the data center through virtualization technology, which greatly improves the overall security of the system.
User access security: First, the user needs to authenticate the identity of the hospital through the Active Directory. After the user passes the authentication, the user accesses the connection server through the firewall and the quarantine area through the encrypted link, and then allows the user to connect to the virtualized server cluster. Further enhance the security of the overall system. When a user needs to access the cloud desktop on the external network, the user must first authenticate the trusted site through the self-signed certificate, and then combine the dynamic password system to achieve high-security login.
Security of the transport protocol: When a user accesses a virtual desktop or virtual application, a user session is established through a protocol, and an open standard security protocol and a public key architecture are used to ensure security. Only the image changes of the application client and the operation data of the mouse, the keyboard, and the like are transmitted, and the data of the application is not directly transmitted by itself, thereby avoiding the possibility that the data is leaked in the terminal. In addition, the protocol itself transmits different types of data through 32 virtual channels, and the encoding operation of the transmitted data is realized to some extent.
Strategic control: The system provides centralized and fine-grained policies to control authorized access of users, and determines whether users can obtain access to applications based on attributes such as users, network location, terminal environment, applications, and servers. Through advanced access control AAC, you can determine whether the user is in the network segment we approve. If the network segment is not approved, the system allows the visitor to make limited access, but cannot change or copy the information at will, and can not take the information away.
Integration with digital certificates: Users can use smart cards for desktop login or business system access. The smart card is authenticated by a digital certificate.
Second, the impact of network pattern analysis
At present, the data transmission between the user IT internal network terminal and the data center core service server, the bandwidth demand from the data center to the user terminal, the expansion of the IT scale and the development of the service directly exert pressure on the network bandwidth.
After the implementation of the desktop virtualization project, a large amount of business data transmission is concentrated between the core business server inside the data center and the desktop/application virtualization architecture, and only n (terminal number) multiplication is required between the data center network outlet and the terminal device. With less than 200Kbps of network traffic, it is used to deliver images of virtual desktops and virtual applications and return the corresponding information of the mouse and keyboard. Significantly reduce bandwidth requirements and control bandwidth requirements.
At the same time, the introduction of the desktop virtualization architecture does not change the overall pattern of the existing IT internal bearer network. You only need to add a virtual desktop/virtual application infrastructure cluster between the core business server network segment of the data center and the data center network exit. The VLANs of the virtual desktop/virtual application infrastructure clusters can be divided into different core service server VLANs to implement isolation of service systems.
Providing users with access to the cloud desktop through the Internet, adding a VPN device between the internal bearer network and the Internet exit of the IT, and opening only one port 443 on the Internet can be realized, and the security of the external network access is enhanced.
Third, operation and maintenance management
Since the application access environment is uniformly delivered to the unified desktop and application management platform, the operation status of the platform is related to the stable and efficient user access environment, and becomes a key system in IT operation and maintenance. The platform provides performance detection and load testing solutions, specifically providing a means of monitoring the access experience between the client and the virtual user environment, providing continuous application performance visibility for the entire application through user, application, system and network performance data The health and availability of IT services on the infrastructure provides unparalleled visibility. The platform's load-testing solution provides automated load and performance testing for the delivery of user-access environments, anticipating the required resources, significantly reducing the maintenance costs associated with recursive testing, and instability due to configuration or software changes The chance of achieving is minimized.
At the same time, the platform's monitoring and operation and maintenance can provide real-time alarms, and can be integrated with third-party monitoring platforms to achieve unified monitoring of the system and accelerate the response of operation and maintenance management.
From the perspective of operation and maintenance, the platform can provide rapid virtual user environment or platform server construction and provisioning, and can realize centralized mirroring management, and can easily implement backup and restore based on virtualization technology.
In the desktop virtualization environment, the access mode and traditional mode of the user's application to the desktop system have changed a lot. Therefore, new requirements are put forward for the operation and maintenance management mode. In this section, the operation and maintenance management mode is virtualized on the desktop. Explain the impact of the construction and response measures.
In the desktop virtualization environment, you need to consider two aspects of operation and maintenance, physical terminals and virtual desktops:
1. Front-end entity terminal operation and maintenance analysis After applying the virtual desktop, the cloud terminal is used as the front-end device. In this scenario, the operation and maintenance content of the front-end device will be greatly simplified, but all front-end devices need to be managed uniformly, such as terminal management, patch management, anti-virus management, and admission control management.
This solution uses CCM (Cloud Terminal Management System) to realize intelligent management of all cloud terminals in the hospital.
2. Virtual desktop operation and maintenance analysis
The difference between virtual desktops and traditional desktops is that they are concentrated on the computing resources of the data center. This kind of concentration brings great convenience to operation and maintenance compared with traditional terminal decentralized placement. IT managers Operation and maintenance focus is concentrated in the data center. In particular, when the front end of the user adopts a thin client or a lock mode PC, the maintenance of the front-end equipment dispersed in various locations of the hospital is simplified to only replacement of the faulty device. After replacement, users can immediately connect to the virtual desktop or virtual application provided in the background, and continue office and business operations without interruption, ensuring continuity of productivity.
Fourth, the integration program
The construction of the desktop cloud platform needs to fully consider the existing IT architecture and application access relationships, so that the platform can be smoothly constructed and integrated.
operating system:
The platform centralizes the application system client from the original terminal to the data center deployment operation and accesses the application system background, and does not need any adjustment of the application system background, and only needs to complete the concurrent deployment of the client running environment, therefore, The access architecture of the original application system does not bring about large-scale adjustments.
User directory:
Active Directory, which is used for user identity authentication, is an important identity authentication system in the IT architecture, which enables unified authentication of cross-platform systems. Therefore, Active Directory based on desktop cloud platform for identity authentication can be compared with existing user directory systems. In particular, Microsoft Active Directory is uniformly certified.
The platform will build the corresponding computer account, user group and other objects in the Active Directory, and does not change the schema of the Active Directory itself. Therefore, there is no need to make extensive modifications to the existing Active Directory, but access to the Active Directory and objects. Creation requires certain and user rights.
User profile management can also be built based on roaming user profiles provided by Active Directory to achieve user access experience and data consistency in a multi-server farm environment.
Virtualization architecture:
For platform deployment and operation and maintenance convenience, high availability, and dynamic resource allocation, the platform can support a variety of common virtualization architectures.
V. Risk Analysis and Coping Strategies
The establishment of the desktop cloud platform will focus application access on the platform of the data center. The concentration of access pressure, data, and deployment management and operation will inevitably bring new challenges to the operation of the data center. On the one hand, the rationality of the platform system architecture, fully considering the high availability of the platform, will avoid operational risks and reduce the stability risks brought by system failures. On the other hand, it is necessary to ensure a healthy and orderly operation of the system from a operational perspective through reasonable monitoring, maintenance, and backup strategies.
In addition, by accessing the background application through the unified terminal virtualization application platform, user data and application data are concentrated in the data center storage. While avoiding the security risks brought by data dispersion, it is also necessary to fully consider the data protection strategy, through different types of applications. Authorized access by sub-areas to achieve data security isolation, improve application access security, improve audit supervision mechanism, and avoid security risks of data centralized access.
Sixth, high availability and disaster recovery backup
This program fully considers the high availability of the system, mainly reflected in the following aspects:
Desktop cloud platform function server: All servers use two or more deployment architectures to achieve balanced and high availability. Two functional servers are distributed to different physical hosts to avoid centralized one-site and physical host downtime. The resulting business disruption.
Virtual machine infrastructure cluster: The virtual desktop resource pool is used to provide virtual desktops to end users. The virtual desktop support capabilities are calculated according to the hardware resource configuration of the virtualized infrastructure server, and redundancy is implemented according to n+1 configuration.
Server virtualization architecture: Through the functions of the underlying server virtualization system, online migration of virtualized servers can be realized, and system availability is improved. With the support of the resource pool, all virtual servers can be migrated online between physical servers, providing external services without disrupting services. Virtualized resource pools enable high availability, and when high availability is enabled, virtual machines on failed hosts can automatically restart on another physical server based on priority and resource availability.
company profile
Fujian Shengteng Information Co., Ltd. is a leading provider of desktop cloud solutions in China. It always adheres to independent research and development, and focuses on the application of cloud, and strives to develop supporting management systems to form a complete system of “end-end solutionsâ€, “cloud systems†and “cloud solutionsâ€. Focusing on the concept of “in-depth integration industry applicationâ€, we broke through the traditional architecture of “hardware + virtualization system + desktop + cloud terminalâ€, completed the new upgrade of desktop 2.0, redefine industry standards and lead development. The program is widely used in the information construction of medical, education, insurance, government, energy, and enterprise industries.
- ã€Collection of this page】 ã€Copy Link】 ã€Print】
External fixation of the lower limb is a treatment used to fix a fracture or dislocation of the lower limb.The functions of these external fixation methods are mainly as follows.
1. Stabilize a fracture or joint dislocation.External fixators can fix the bone or joint in the correct position to prevent further displacement or dislocation,thereby promoting the healing of the fracture or joint dislocation.
2. Pain relief,external fixators can reduce pain and discomfort by fixing and supporting fractures or joint dislocations.
3. Promote fracture healing,external fixator can provide a stable environment,promote fracture healing and bone tissue regeneration.
4. Protect surrounding tissues.External fixators can protect surrounding soft tissues (such as muscles,tendons and blood vessels) from further damage and reduce the occurrence of complications.
In general,the classification and function of lower limb external fixation is mainly to stabilize and protect fractures or joint dislocation,promote healing and restore function.The specific treatment should be selected according to the patient's condition and the doctor's advice.
external fixator femur,leg fixator,Hip External Fixator,external fixation ankle
Jiangsu Aomed Ortho Medical Technology Co.,Ltd , https://www.aomedortho.com