The healthcare industry face challenges when implementing SD-WAN and SASE. Leading providers (Aryaka, BT, Cisco Meraki and Masergy) all offer tailored solutions for improved security and regulatory compliance. |
- SD-WAN & CyberSecurity Providers & Vendors for Healthcare
SD-WAN solutions can be tailored to a client’s industry vertical to maximise efficiency and suitability for that sector. However, it is essential to understand what needs to be included and what to prioritise – ease of deployment and management, visibility over the entire infrastructure and advanced security for all apps and devices should first be considered.
Table of Contents
“Today, approximately 30% of the world’s data volume is being generated by the healthcare industry. By 2025, the compound annual growth rate of data for healthcare will reach 36%. That’s 6% faster than manufacturing, 10% faster than financial services, and 11% faster than media & entertainment.” The Healthcare Data Explosion report from RBC Capital Markets
Implementing an SD-WAN and SASE solution for the healthcare sector has many benefits, but also comes with a range of challenges, regulations and legal mandates that need to be considered.
- Secure Access Service Edge (SASE) is SSE + SD-WAN (Access).
Larger networks come with increased availability and scalability but also increases the depth of potential security risks. According to the HIPAA Journal H1 2o24 report, there were 387 breaches of 500 or more data records that were reported to OCR, which represents an 8.4% increase from H1 2023. Healthcare in particular is one of the most heavily regulated technology sectors, which is understandable as companies within the sector possess some of the most confidential client data. The Health Insurance Portability and Accountability Act (HIPAA) is the closest US equivalent regulation to the UK Data Protection Act 2018. Both of these prevent people and organisations from possessing, sharing and using inaccurate information of individuals, as well as many more data security principles.
Following regulations and implementing features using the foundation of SASE, Zero Trust Security (including Privileged Access Management – PAM) and Secure Web Gateways (SWG) are essential components to build the necessary security policies to comply with security regulations.
- SASE Routing and Security Improvements
To increase the overall visibility into a network and thus drastically reduce the collateral risk of a breach (which may result in high fines and legal costs), monitoring and reporting tools are essential. Other points to consider include: user privileges and access levels, full visibility of every asset including all IoMT (Internet of Medical Things) devices, advanced security and whether a third-party management solution will be required.
The Netify research team have curated the top ten vendors and providers which are the best fit for clients in the healthcare business sector: Aryaka, BT Business, Cato Networks, CDW, Cisco Meraki, Colt, GTT, Lumen, Masergy, NTT and Open Systems. Read on to learn about the pros and cons of each provider, to help you decide on a suitable solution for your company.
Editors Note – Providers are listed alphabetically.
Aryaka Managed SD WAN & SASE Cybersecurity
Aryaka tailors solutions to meet the specific needs of each of their client’s organisations. They focus on creating a smooth transition whilst delivering improved operations, application performance and security. Their SD-WAN offering is delivered as a fully managed service which allows clients to focus their time on other business deployment needs. One of Aryaka’s SD-WAN features is the ability to identify different traffic types, which allows for segmentation and the application of certain policies to each segment. This is an important security and performance feature for businesses with large numbers of IoMT/IoT devices – such as a healthcare company. The company also offer an as-a-Service (SD-WANaaS) approach (most prominently available with their SmartServices platform). The platform includes SmartInsights for powerful analytics, SmartSecure for improved security, SmartCloud to incorporate cloud/multi-cloud services, SmartOptimize for accelerated application performance and SmartConnect for improved global connectivity.
In real-world healthcare deployments, Aryaka has been successfully implemented for Augmedix, in order to support their IoT-based medical documentation system.
Improving IoT support was important for Augmedix, as it allowed physicians to communicate in real time with remote scribes using devices such as Google Glass, enabling scribes to document patient health records effectively from remote locations.
This had several benefits which included significantly improved application performance, Quality of Service (QoS) capabilities for prioritising medical documentation and a more rapid deployment using existing internet connections.
The implementation reclaimed significant time for physicians by automating EHR documentation, boosting their productivity by over 30%. To achieve this, the infrastructure utilises Aryaka’s global private network to bypass public internet congestion, connecting to Aryaka Points of Presence (PoPs).
Aryaka Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:30 PM | hyelland | 01/11/2024 04:30 PM | Very strong customer service with high Net Promoter Score (NPS) of 65 (where the industry average is 12) | Not ideal for smaller customers as Aryaka have a strong focus on providing connectivity for global organisations. |
| 2 | hyelland | 01/11/2024 04:30 PM | hyelland | 01/11/2024 04:30 PM | Super fast private global network | No DIY or co-managed service |
| 3 | hyelland | 01/11/2024 04:30 PM | hyelland | 01/11/2024 04:30 PM | Powerful web application for management (MyAryaka Cloud Portal) | |
| Pros | Cons |
BT Managed SD WAN & SASE Cybersecurity
BT is one of the largest telecommunications companies and are a strong choice for clients based in the UK. They have the capability to add services from other underlay providers, including Cisco (both Meraki and Viptela), VMware, Versa Networks, Fortinet, Zscaler and Nokia. The BT solution is backed up by their acquisition of connectivity provider EE, offering network speeds of up to 10Gbps and 4G/5G connectivity, allowing roaming users to access the corporate network from anywhere. BT do not currently have a SASE solution, but they offer an extensive portfolio of security services including: firewall with identity-based clarification, network encryption and IPS, all of which can be managed via their central management dashboard. BT are a good choice for healthcare companies because the CIO of the company spoke with CIO’s from the National Health Service (NHS) to discuss the transitioning of their infrastructure. It was decided that connectivity is one of the biggest benefits for collaboration between departments – video consultations between departments such as MRI and X-ray needed to be implemented. Connectivity for these NHS services is supplied by BT.
BT Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:31 PM | hyelland | 01/11/2024 04:31 PM | Globally recognised with a large presence | As with other large providers, can be a slow process to raise a change or query |
| 2 | hyelland | 01/11/2024 04:31 PM | hyelland | 01/11/2024 04:31 PM | High speed 5G mobile network via EE | No SASE solution |
| 3 | hyelland | 01/11/2024 04:31 PM | hyelland | 01/11/2024 04:31 PM | Fullly managed, allowing for more time to focus on other business development | |
| 4 | hyelland | 01/11/2024 04:31 PM | hyelland | 01/11/2024 04:31 PM | Allows 3rd party providers to connect to their backbone network | |
| Pros | Cons |
Cato Networks SD WAN & SASE Cybersecurity
- Zero Trust Network Access (ZTNA) within SASE
Cato Networks provide SD-WAN and SASE solutions to over 900 enterprise customers across the globe. Powered by their private global network, their backbone is built on over 70 PoPs connected via multiple SLA-backed Internet providers. This is beneficial, because the PoPs permanently monitor client’s networks for issues such as latency, packet loss, interference and jitter, ensuring the best route is selected for each packet. Security is one of Cato’s strong points, as their SASE Cloud ensures that all locations, devices and users are connected securely and in the most optimal way possible. The security features available include: Firewall as a Service (FWaaS), Secure Web Gateway (SWG), Next-Generation Antivirus (NGAV) and Cloud Access Security Broker (CASB).
An example case study for Cato Networks within the healthcare industry is Fullerton Health. A major Asia-Pacific healthcare provider, Fullerton Health, implemented Cato’s SASE solution to address connectivity and security challenges across their 550 facilities in nine countries.
Fullerton’s network had fallen behind primarily due to growth and numerous acquisitions meaning that the old network infrastructure was quickly becoming outdated and too complex to work with.
Cato’s solution involved deploying Cato Sockets to connect all locations, providing plug-and-play connectivity via a central portal. Despite the pandemic, all 550 locations were connected within a year, and the implementation included integrated secure remote access and cloud connectivity. The results included a 30% reduction in telecommunications costs, fast and dedicated cloud provider connectivity, simplified security through distributed points of presence, and enhanced monitoring capabilities for regulatory compliance.
Cato Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:32 PM | hyelland | 01/11/2024 04:32 PM | Good range of SD WAN offerings | Lacks a fully managed option, which requires clients to be more active in checking logs and acting on outages |
| 2 | hyelland | 01/11/2024 04:32 PM | hyelland | 01/11/2024 04:32 PM | Exclusive hardware (Cato Socket) allowing clients to connect into their backbone network from anywhere | No native support for cloud vendors such as AWS, Azure or Google |
| 3 | hyelland | 01/11/2024 04:32 PM | hyelland | 01/11/2024 04:32 PM | DIY and co-managed offerings | |
| 4 | hyelland | 01/11/2024 04:32 PM | hyelland | 01/11/2024 04:32 PM | Excellent SASE services | |
| Pros | Cons |
CDW Managed SD WAN & SASE Cybersecurity
CDW are able to adapt their solutions to the needs of each industry vertical, offering hardware, security, virtualisation, data storage and much more. The company also offers specialised solutions for healthcare, helping clients to digitally transform to improve patient outcomes and clinician efficiency whilst reducing operational expenses. The company offers a managed SASE service which seamlessly enables secure remote access – important for the healthcare industry as it allows patients to receive treatment more efficiently. An example of this is allowing doctors to travel out to patients, whilst still being connected to the hospital via a remote solution – this works in the same way for video consultations from home.
One of CDW’s healthcare adaptations is the partnership of CDW with Stockport NHS Foundation Trust.
The Trust needed to adapt their infrastructure to improve patient care and staff work-life balance. CDW implemented a state-of-the-art Cisco wireless network covering all clinical areas, which not only provided faster connectivity but also enabled the trust to leverage advanced technologies, such as Kontakt.io RTLS (Real Time Location Services) for tracking medical devices and mobile communication badges for instant messaging, replacing outdated bleep systems.
Investments were also made in mobile devices for digital patient records, which reduced time spent on manual paperwork and minimised human errors. The LEAP system allowed for rapid escalation of critical situations to the appropriate teams via handheld tablets, further improving response times.
CDW Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:33 PM | hyelland | 01/11/2024 04:33 PM | Fully managed SD WAN and SASE | Not as much brand awareness as other companies |
| 2 | hyelland | 01/11/2024 04:33 PM | hyelland | 01/11/2024 04:33 PM | Dedicated SASE solution with a range of features | |
| 3 | hyelland | 01/11/2024 04:33 PM | hyelland | 01/11/2024 04:33 PM | Team of certified engineers for support | |
| Pros | Cons |
Cisco Meraki SD WAN & SASE Cybersecurity
Cisco Meraki is a market leader for the cloud-managed IT sector, with their product portfolio including: wireless, network hardware and security services. All of Meraki’s products are managed via a user-friendly web portal that is known for its simplicity due to a lack of CLI. The company’s connectivity offerings are strong, with SD-WAN, Auto VPN connections and next-generation WiFi 6, each of which are ideal for a large infrastructure such as a hospital. Aware that standard IoMT/IoT devices aren’t compatible with standard 802.1x security protocols, Meraki created a feature called Identity PSK (iPSK) which combines private PSK with RADIUS authentication using MAC address to allow different PSKs to be set for specific devices or groups. Meraki’s security offerings are strong and can be managed by their dedicated security team, Cisco Talos. The team monitors and defends customer networks, with the aim to identify new vulnerabilities. Cisco Umbrella is Meraki’s flexible security offering which is built up of features including: SWG, CASB, NGFW, DNS-layer security and interactive threat intelligence.
One example of Cisco Meraki’s real-world implementations is Kindred Healthcare. The largest post-acute care provider in the United States, Kindred implemented Cisco Meraki solutions to enhance the management of their network infrastructure across over 2,000 locations.
Cisco Meraki’s solution provided Kindred with zero-touch deployment capabilities, which greatly simplified scaling operations. Cisco’s plug-and-play devices, paired with centralised management and secure VPN connections, made it possible for branch locations to connect seamlessly to the enterprise network without requiring on-site expert administrators to manually do this.
Further to this, by using Cisco Meraki’s infrastructure also supported dual SSIDs to separate internal healthcare applications from guest access, improving security and reliability.
Meraki Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:37 PM | hyelland | 01/11/2024 04:37 PM | Simplified support with a dedicated team for identifying risks | Expensive licenses needed for all hardware/software |
| 2 | hyelland | 01/11/2024 04:37 PM | hyelland | 01/11/2024 04:37 PM | Use of artificial intelligence and machine learning to identify malware or unusual user behaviour | No CLI which increases the learning curve for veteran Cisco users |
| 3 | hyelland | 01/11/2024 04:37 PM | hyelland | 01/11/2024 04:37 PM | Network industry leading back system | |
| 4 | hyelland | 01/11/2024 04:37 PM | hyelland | 01/11/2024 04:37 PM | User friendly cloud based dashboard | |
| Pros | Cons |
Colt Managed SD WAN & SASE Cybersecurity
Colt’s SD-WAN offering allows customers to utilise the Internet as a private business network. They have fibre lines connecting 212 cities to over 29000 buildings in 51 metropolitan areas, allowing users to benefit from flexible, responsive and reliable services as well as 24/7 operational monitoring. Colt’s services aim to increase collaborative and remote working flexibility, with improved access and performance of cloud-based services. Colt have partnered with Versa Networks, an industry leading SASE provider, to offer enhanced SASE solutions. Colt is also a good choice for companies with large numbers of remote workers, as their Remote Access feature is good for video consultations, offering high performance without compromising security.
Colt was implemented by a leading medical provider in order to move to a cloud-first strategy in its global network of 25000 employees. The move aimed to support partnerships with Microsoft, Zscaler, SAP and other global technology providers, with an emphasis on improving productivity and enhancing security.
By moving to a cloud-first strategy, the company was able to boost productivity, improve the efficiency of service delivery and enhance data security. Future plans include further optimisation of application performance, which application-aware routing capabilities from SD-WAN may be able to ease.
Colt Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:34 PM | hyelland | 01/11/2024 04:34 PM | Caters to customers of all sizes | No support for South America or parts of the Middle East |
| 2 | hyelland | 01/11/2024 04:34 PM | hyelland | 01/11/2024 04:34 PM | Good proactive monitoring and support | Long lead times on support cases |
| 3 | hyelland | 01/11/2024 04:34 PM | hyelland | 01/11/2024 04:34 PM | Extensive Pan-European service coverage | |
| Pros | Cons |
Lumen Managed SD WAN & SASE Cybersecurity
Targeting larger organisations that require global WAN connectivity, Lumen provides an all-in-one platform that focuses heavily on security and availability whilst also being cost effective. The company is recognized as a top-tier global WAN provider with private fibre lines throughout North America, Latin America, EMEA and Asia Pacific. Lumen also holds partnerships with Cisco (Meraki and Viptela), Versa Networks and VMware. Lumen provides SASE in a simplified platform that secures the network with powerful analytics, increased visibility and the possibility to optimise specific application performance – highly beneficial to IoMT devices. Lumen aim to enhance healthcare through technology by modernising communications between medical experts and patients and implementing the latest connected health technology and enhanced predictions for patient data whilst ensuring overall security.
Lumen worked with Surest Health Plan to develop a health plan that would support employee health while reducing overall healthcare costs. They implemented the Surest app-driven health plan, which encouraged healthier lifestyles and smart healthcare choices by providing real-time information on care options and costs.
The benefit of this was that members experienced an 11% to 16% reduction in monthly healthcare costs, increased use of primary care and reduced emergency department visits. The plan also led to 52% lower out-of-pocket expenses for employees compared to traditional health plans, with 89% of households engaging with the Surest app or member services.
Lumen Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | Expansive backbone network ideal for global coverage | Not ideal for DIY |
| 2 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | Useful cost saving tool on their website | Customers claim that the implementation process can take time |
| 3 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | Optional (for a fee) on-site installation and maintenance at each SD WAN site | |
| 4 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | Strong security services | |
| Pros | Cons |
Masergy Managed SD WAN & SASE Cybersecurity
Masergy are pioneers in the software-defined network space, offering a range of solutions including SD-WAN, SASE and Microsoft Teams all via their AI powered management portal. Each of these services run on Masergy’s private networks which provides clients with lower latency and increased security. They have multiple NOCs and SOCs spread over three continents, providing coverage and 24/7 monitoring to over 100 countries. Aware of the challenges that healthcare organisations face, Masergy have a solution in place which tackles issues such as support for new and legacy IoMT devices, offering advanced telemedicine services and securely connects with an ecosystem of medical and technical partners. One current customer said “COVID-19 spiked our telemedicine usage to 100%, and our Masergy network never even hiccuped.” Masergy’s SASE solution uses AI and big data to analyse and provide connectivity that is high speed without compromising overall security.
Healthcare organisations that have partnered with Masergy are frequently noticing improved performance to their digital health service offerings.
A non-profit healthcare provider serving remote and rural areas increased their bandwidth in order to support mobile clinics, ensuring uninterrupted telemedicine visits.
Similarly, Essen Health Care, serving underserved communities in New York, leveraged Masergy’s network to provide high-quality phone and video services to thousands of patients. Masergy also provided advanced security solutions to detect and prevent HIPAA violations, such as quarantining sensitive files accidentally shared with third parties.
Masergy Managed CyberSecurity
| wdt_ID | wdt_created_by | wdt_created_at | wdt_last_edited_by | wdt_last_edited_at | Pros | Cons |
|---|---|---|---|---|---|---|
| 1 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | Masergy guarantee 100% availability to the following: SD WAN sites confirgured for high availability, direct cloud connections and packet delivery (edge-to-edge) | Limited cloud acces, but Masergy do allow 3rd party cloud connections |
| 2 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | Strong AI use including AI-enabled SASE | Fully managed solution only |
| 3 | hyelland | 01/11/2024 04:36 PM | hyelland | 01/11/2024 04:36 PM | AI powered management portal which provides maximum coverage for the network, cloud applications, security and AIOps with clear real-time analytics and controls | |
| Pros | Cons |
