Solved

network analysis

Posted on 2012-03-29
6
411 Views
Last Modified: 2012-06-14
Hi

I have a client running a medical practice.  They are using an online EMR system called ezEMRx, and are having some serious issues where periodically the EMR system locks up with what I believe is network anomalies, and they loose their work.  Understandably, the doctors and technicians are very distraught over this.  Sometimes just one doctor is affected and at other times, all are disturbed.  

I've spoken with the EMR tech team.  They mentioned that there is actually very little tolerance for network issues since they need to be very careful because of industry guidelines.  According to them, there must be network related issues, in the office and/or with the ISP (Comcast).

I would like to perform the necessary analysis on the office network,  and have that available while I'll also work with Comcast to be sure they're network availability is undisturbed.

However, I really don't know where to start.  

The client is on a SBS2003 domain with windows XP and Windows 7 clients.  The network is protected by a Sonicwall hybrid router/firewall/access point leading to a switch, distributed through the office.  All clients are on a wired network when these events happen.

Does anyone have guidance as to what to use and how to do the necessary analysis.

Thanks

Mark
0
Comment
Question by:mlitin
6 Comments
 
LVL 10

Accepted Solution

by:
joelsplace earned 167 total points
ID: 37783247
If it happens often then you can just start pings and leave them running.  One to the server another to the Sonicwall another to the ISP's gateway etc to see where packets are being lost.  The clients aren't using wireless are they?
0
 

Author Comment

by:mlitin
ID: 37783450
Hi Joelsplace

Thanks.  Makes sense.  Will try this.

No.  Though there is wireless available, all the doctors are using wired when using that service.

I'll relate what I observe.

Thanks again.

Mark
0
 
LVL 8

Assisted Solution

by:hunart
hunart earned 167 total points
ID: 37783699
A few things you need to do to look at to ensure that the network is up and running:

1) You need some sort of network monitoring software such as Solarwinds or Nagios.  This way you could monitor if the network is down.  You can trigger the system to send you an email if the network is down or slow.

2) Contact the ISP and enquire about the network activity or log to see if there were network outages during the day or in the last 24 hours.  Your ISP should be able to provide you the info.

3) Invest money into a more stable network connection or get a redundancy network for this office if the data is that critical.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 166 total points
ID: 37784225
I would start with Wireshark.

As far as network forensics and wireshark training, there are likely few better at either than Laura Chappell... see http://chappellu.com/schedule.html

You can probably learn all you need to get started with Wireshark from watching her 4 Wireshark 101 freebies on
https://www.lcuportal2.com/index.php?option=com_content&view=category&layout=blog&id=49&Itemid=75

But those should help decide if the $699/year All-Access-Pass there is worth it to you, too.

K-Lite's Codec Pack enables viewing FLV files in a standalone WMP window, by the way.
edit:
x64 - http://www.codecguide.com/klcp_64bit.htm
then (or if 32-bit only), Standard or Full pack from
http://www.free-codecs.com/K_Lite_Codec_Pack_download.htm
0
 

Author Comment

by:mlitin
ID: 37867310
Thanks lots for your k=efforts and offerings.

I'm testing with a few of these over the next few weeks, and will open it up again after that with updates.

Thanks again.

Mark
0
 

Author Closing Comment

by:mlitin
ID: 38085358
Hi All

Thanks for your input.  I set pings going from and to the troubled PCs, and found little to none differences.  So further analysis brought me to directly correlate any  difference between the newest PC's present and used for the ERM access and the oldest, and for a startling correlation of failures with the oldest machines.  I have replaced the two with the worst track record with new machines and have observed a 90+% improvement with those machines.  I'm in the process of swapping out all of the old XP dinosaurs used by the doctors now.


Thanks lots for you input.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now