Part of Architecture pattern for connected medical devices - Genomics Pillar
Genomics specific design principles
For this pattern, we recommend that you also consider the following:
- Ensure proper business continuity planning is considered when determining the logical grouping of connected medical devices (CMDs), as part of the overall network segmentation strategy, with participation of a clinical safety officer.
- Create virtual local area networks (VLANs) to host a mixed economy of genomics CMDs to prevent the possibility that a specific type of genomics CMDs become unavailable due to a cyber-attack.
- Intra or inter-VLAN traffic must be over secure protocol.
- VLANs must be associated with unique IP subnets on the network, to ensure effective segmentation.
- For inter-VLAN routing, access controls lists must be configured on the connecting router to ensure only authorised traffic is forwarded between the applicable VLANs, enabling the routing process in a multi-VLAN environment.
- Where VLAN trunks links are configured to traffic frames between switches on the network, ensure authorisation to share such information is obtained especially for VLANs that host genome sequencing data.
- Network subject matter experts should consider the limitation of a maximum 254 IP addresses available per subnet when designing VLAN segmentation.
Last edited: 5 October 2023 3:48 pm