o   Staff Access - connect to a wireless access point (WAP) configured for their access to the practice network the WLAN or wireless local area network via a dedicated primary Wi-Fi network for all devices on the network used by staff. No other users will be able to access the Wi-Fi service on this primary network provided by the access point and therefore access to the network restricted. Staff are expected to use the guest user account if they bring their own devices to the practice.    

o   Patients Access are provided with the opportunity to connect to WI-FI in reception with a guest access login to the network https://www.linksys.com/gb/support-article?articleNum=140727#q13

 

WiFI - configuration of the WAP for the patients must ensure that they are not able to connect to the practice network, server and files held within that network. This can be achieved by using the guest feature in the software configuration mentioned below. The SSID can be the same – the same access point but with a guest suffix. The patients are provided with the login required to access the guest account. Between 30 and 50 guest users can connect to the access point using this login.

   

Installation - When the wireless access point is installed – connecting the RJ45 socket to the Ethernet network cable on the network one of the first things that must be done is change the WAP administrator password as it will come in the box with a default user name and password. Only the practice manager should have access to this. The SSID name for the WAP device can be set at Wireless_Access or similar name. Guest mode is set to enabled. WPA (Wi-Fi protected access) or WPA2 is enabled. 

 

 

o   Location of the access point – logically outside of the firewall so all requests for access to the network have to pass through the network firewall. This is not an issue for the patients and people waiting in the reception – they will just be granted access to the wired LAN. However it will be a problem for the staff with tablets wanting to connect to the network wirelessly so they access the network using the primary wireless access. It may be that there are two access points - one for staff access and one isolated for use by patients. Physically – in the reception area assuming that the AP has the capability to broadcast to reach the three treatment rooms and also provide a service to patients in the waiting room. If this is not the case, one AP can be established in the reception/waiting area and one where the server is based with improved wireless access signal likely in this way. Note for discussion - that it is possible to provide the entire network through a WLAN rather than a wired LAN. This has the drawback that if the wireless access point goes down, access in each of the treatment rooms will be lost. There are implications for managing a service like this - given that there is no network manager / technician on site. 

o   Software configuration via a web interface with the WAP – knowing the IP address of the WAP this can be typed into a browser and the settings configured. The key setting will be enabling the DHCPv6 server to provide dynamic addressing for connection of patient devices wirelessly to the WAP. The WAP will be set up in infrastructure mode. 

o   It may be that during testing of the signal and connection to that signal it is determined that the 802.11b channel needs to be changed to ensure the best signal is delivered. 1- 11 channels available, again configured via the web interface.   

 

o   Consider multifunction access point 

Tablets are configured to access only patient records using the primary WiFi service. All other features are disabled and locked by network admin / practice manager. 

Routing in facilitated by RIPv1 classful routing protocol Class C. More than enough addresses can be assigned using this protocol. RIPv2 would provide the ability to use sub-nets not needed? 

Service provided by the DNS system will flag the network and from there the PC’s on the network, with IPv6 addressing and DCHP server providing dynamic assignment for the PC’s on the LAN, running from the same server in the same space as the file server.