sequence spread spectrum (DSSS), which is more reliable than the frequency-hopping technique used in the Proxim APs.
The second measure taken by St Luke’s was to acquire a software solution from NetMotion Wireless (netmotionwireless.com) called Mobility. The basic layout of the Mobility solution is shown in Figure C9.1. Mobility software is installed in each wireless client device (typically a laptop, handheld, or tablet PC) and in two NetMotion servers whose task is to maintain connections. The two servers provide a backup capability in case
one server fails. The Mobility software maintains the state of an application even if a wireless device moves out of range, experiences interference, or switches to standby mode. When a user comes back into range or switches into active mode, the user’s application resumes where it left off.
In essence, Mobility works as follows: Upon connecting, each Mobility client is assigned a virtual IP address by the Mobility server on the wired network. The Mobility server manages network traffic on behalf of the client, intercepting packets destined for the client’s virtual address and forwarding them to the client’s current POP (point of presence) address. While the POP address may change when the device moves to a different subnet, from one coverage area to another, or even from one network to another, the virtual address remains constant while any connections are active. Thus, the Mobility server is a proxy device inserted between a client device and an application server.
Enhancing WLAN Security
In 2007, St. Luke’s upgraded to Mobility XE mobile VPN solution [NETM07]. This migration was undertaken to enhance security and compliance with HIPPA data transmission and privacy requirements. Mobility XE server software was deployed in the IT department’s data center and client software was installed on laptops, handheld devices, and tablet PCs.
With Mobility XE running on both clients and servers, all transmitted data passed between them is encrypted using AES (Advanced Encryption Standard) 128-bit encryption. Mobility XE also serves as an additional firewall; devices that are not recognized by the Mobility XE server are not allowed to access the network. This arrangement helped St. Luke’s achieve its IT goal of having encryption for all wireless data communications.
Mobility XE also enables the IT department to centrally manage all wireless devices used by clinicians. This allows them to monitor the