Transcription
IntelliSitePathology SolutionWhitepaper Pathology RemoteViewing IT requirementsHardware and software prerequisites for optimal connectivityand usage of Philips IntelliSite Pathology Solution
Contents1. Management summary32. Introduction43. A closer look at the Image Management System64. Summary of network requirements105. Addendum: Network performance explained112
1ManagementsummaryBy digitizing images that pathologists normally view through a microscope, Philipsaims to offer integrated solutions that help to enhance the operational efficiency andproductivity of pathology departments.The Philips IntelliSite Pathology Solutionplatform, which is an automated digitalslide creation, management, viewing andanalysis system is designed to meet theneeds of high volume labs and expandto create virtual networks across multiplelabs. Distributing scans instead of samplescan simplify the pooling of knowledge ofhighly specialized pathologists in differentlocations. It can also remove logistics anddifficulties related to inter-lab distributionand retrieval of specimens. However, tomake the most of these benefits and offer anopportunity to improve user experience andworkflow, the network must be optimized forthis application. This has consequences forthe hospital IT infrastructure and client sideinfrastructure. The adaptations, if any arerequired, are relatively minor and will haveno far-reaching consequences for networkinfrastructure. Data safety is also guaranteedat all times.This whitepaper, provides a descriptionof the solution workflow, hardware andsoftware components and the mostcommon requirements and guidelines,across different topologies, with regard to: Network and device specifications Providing sufficient network capacity at thecentral hosting location, VPN gateway andclient site Configuring HTTPS as a business criticalapplication to connect to the IMSapplication server Configuring the VPN client to allow IMSclient / server communication Elements that affect performance: fromfirewalls to virus scanners and cabling Secure Internet DNS implementation toprevent DNS time-outs An overview and explanation of the factorsaffecting network performance Philips Digital Pathology Solutions willassist customers during the projectassessment and implementation tohelp meet the network requirements fordeployment and Intended Use.Potential benefits obtained bydigizing slides Case distribution and workload balancing Turn-around time Reduced courier costs Research, education and collaboration Access to digitally stored archives Image analyse tools availableSource: The U.S. Anatomic Pathology Market 20113
2IntroductionThe Philips IntelliSite Pathology Solution is an automated,integrated digital slide creation, management, viewingand analysis system. It enables digitization of pathologyspecimens and secure digital distribution of high-qualityscans across multiple sites. In this way, utilizing theknowledge and resources of highly specialized pathologistswith specific areas of expertise, becomes easier. Thisapproach also removes logistics and difficulties relatedto inter-lab distribution and retrieval of specimens. Fullintegration with patient information and administrativesystems makes the process even more efficient.4
Specimens are scanned in batches usingthe Philips Ultra Fast Scanner (UFS).The resulting images can be viewedand evaluated / read on a screen, withbespoke IMS software. Scans are assignedto appropriate pathologists, with specificareas of expertise. Each file is tagged withall the relevant patient data and linked torelevant additional information and notes.The pathologist is assigned a caseload bythe case administrator. He/she logs on tothe Philips Image Management System(IMS) website and sees his/her case listwith images, which he/she can analyze,along with related patient data and notesfrom the pathologist who sent the scan.The aim is that with digital pathologythroughput times, and the time duringwhich need to be wait for a result maybecome significantly shorter. Aroundthe world, medical institutions arelooking for ways of improving qualitywhilst cutting cost. The Philips IntelliSitePathology Solution is developed toprovide support in doing so. However, thissolution implies specific requirementsfor the communications network andinfrastructure. If these are not met, thesystem performance quality, ease ofworkflow and speed can vary. Errors canbe the result of physical problems or datahaving to travel long distances across thenetwork, but may also, for example, be theresult of firewall and system configurationsettings or issues with the provider.For an optimal user experience andfull functionality the network must beoptimized for this application, and firewallsconfigured accordingly, freeing up httpsports. There should be adequate networkcapacity and sufficient redundancy,based on usage patterns, and a maximumnumber of possible (simultaneous)users. In this document we have listed anumber of practical requirements, basedon practical usage, which will result insafe, rapid, error-free and user friendlyoperation. A dedicated model andspecifications describe how to achieveoptimum performance when using thesystem on a hospital campus, over a highspeed network. Adhering to these modelsavoid latency, loss of connections andsystem errors.Why this document?This document has been created tosupport network related discussionsbetween labs, hospital departments andIT professionals. It should be noted thatthis document focuses on internal andexternal (internet-facilitated) collaborationusage with multiple user locations. We candiscern two client/usage types. Broadlyspeaking, one has a strong internal focus,and is more research-oriented. Thesolution can be used over the internal LANnetworks which this group typically uses.Setting this up is fairly straightforward.A 1 Gb/s connected server and 100Mb/sclient connection will work perfectly.remote locations, the network topologychanges. Often, home office connectionsrun through a consumer-grade network.In short: a poor quality network meansdelays. Bandwidth is usually between20-100 Mb/s, which is also dependent onthe number of simultaneous users. Whenworking from home, latency can be causedby oversubscription. Furthermore, thesenetworks are generally not symmetrical,and upload speeds are significantly lowerthan downloads. This means that thenetwork at the hospital end must be of thehighest quality and carefully configured forthis application.The other user type relies on licensingand external partners in SOHO-typesettings. Regional panels consisting ofmultiple pathologists, for example, whopeer review each other’s work. For thisgroup, we have developed the DMZsystem, which is accessible through theinternet. Remote users are a differentstory. When you have a wide dispersionof pathologists across the hospital site,or when they are working from home orHospital IT policies understandablyemphasize patient data security andprefer to keep their networks as ‘closed’ aspossible’. Philips can provide assessments,depending on how extensive the networkis, to find the optimal balance betweenmaintaining security and guaranteeing apositive user experience5
3A closer look at theImage ManagementSystemHow does it work?The solution is a platform based on the Philips Ultra Fast Scanner(UFS) - and the Philips Image Management System (IMS). TheUFS is responsible for the acquisition of image data and the IMSfor storage, retrieval, archiving and management of the WholeSlide Images (WSI). It also links slides to the corresponding cases,patient data and notes. The IMS deploys the IMS web-based client- the application for users to interact with the IMS applicationserver. This client allows viewing, including functions such aspanning and zooming, sharing taking measurements, creatingannotations and bookmarking of the presentation states of theWSI. The Philips IMS Viewer guides the user through the steps ofthe workflow using task-oriented pages.The IMS web client uses HTTPS* to connect to the IMS applicationserver. This guarantees confidentiality and integrity of thetransmitted information that meet privacy laws and regulationsrequirements. Performance of the Philips IMS web client plays avery important role in the entire user experience. Below, we willdescribe the characteristics of the Philips IMS web client, allowingcustomers to take the network requirements into account whenimplementing the Philips Digital Pathology Solution.IMS application characteristicsA pathologist who has been assigned a case through integrationwith the Laboratory Information System, (LIS) can view the entireslide image, which presents tissue as scanned by the PhilipsUltra Fast Scanner (UFS). Bandwidth, latency and ‘backup logs’are vital to maintaining the high image quality which is requiredfor diagnostics. Every time the pathologist zooms or pans, theworkstation screen needs to be refreshed and the demandingapplication settings required to do this can affect systemperformance and network requirements.As a workaround for this on slower systems or during peak datatraffic times, users are offered a choice of two compressionsettings: ‘Compression level 1’ - which has higher networkrequirements - and ‘Compressed’, with lower network6requirements. These settings can be configured by the applicationuser, or determined at server level. When a user is viewing in the‘degraded’ performance mode, this is clearly indicated on thescreen. This is especially important as tissue scan viewing mustbe carried out in line with a number of legal and compliancerequirements.Updating the monitor requires data to be sent from the IMS serverto the IMS web client. In a typical scenario, the pathologist willstart to view the image at 10x magnification and will increase to20x or 40x for regions of interest. This panning and zooming willrequire ongoing image updates on the monitor of the pathologistworkstation, requiring uninterrupted data to flow from the IMSserver to the IMS client. For a smooth viewing experience whenviewing in highest quality the network requirement is 40 Mb/s. ForCompressed viewing quality, this is 10 Mb/s. When a pathologistis not viewing slides, for example whilst writing notes, data flowbetween server and client is minimal. For each implementationof the Philips Digital Pathology Solution, the effective networkcapacity and quality requirements are determined by theworkflow, the number of pathologists and the number of slides.* Secure HTTP, the standard protocol for secure access to webapplications
Remote user inHome OfficePathologists IMS viewerBranch office NorthPathologists IMS viewerInternetHospital AIMS ServerHospital BFirewallFirewallIMS ServerPathologistsIMS viewerWANPathologistsIMS viewerUFS scannerUFS scannerBranch office SouthPathologists IMS viewerUFS scannerConfiguring the network for optimum rollout and performance7
Capacity issues, latency and packet loss may all have an impact onthe performance of the IMS web client. Also, the network topologyand quality play a major part in determining the IMS viewingperformance level. What steps does an IT department need totake to ensure that the network configuration provides an optimaldeployment and performance for the Philips IMS application?We will discuss these items below. (For an explanation anddefinition of these elements, please turn to the chapter ‘Networkperformance explained’ at the back of this document.)IMS deploymentsThe Philips Image Management System (IMS) can be deployedin a single site or across multiple sites within the same network,allowing access from all locations. Users can connect to the IMSapplication through a LAN, WAN, Internet VPN or direct Internetconnection. Deployments on Internet are optional.Multisite deployment: working with the Philips IMS applicationusing a WAN and Internet topologyBefore using the solution, it is important to check whether all thesoftware elements are available/compatible with your system, andwhether the latest updates and patches have been installed. TheIMS application server software runs on Windows Server platformand the Microsoft Internet Information Server (IIS) is used to hostweb-based application services. For secure transmission Philipsuse the HTTPS protocol which includes TLS encryption via a X.509server certificate. The web client is downloaded and installedautomatically during the first logon. The web client is usingMicrosoft Silverlight technology which is available as an add-onfor all major web browsers. Web browser communication and websecurity settings also affect the IMS web application.A closer look at usage across topologiesLANIn a LAN topology all users have a high speed wired connectionof 100 Mb/s or 1 Gb/s. A wired network provides the best quality;a wireless network is an extension of the LAN. The wireless partof the network is shared by multiple users, which means wirelessnetwork capacity will typically be between 10 and 50 Mb/s,depending on the number of users. Latency and packet loss will behigher than over a LAN. For a good performance the IT departmentneeds to ensure the network speed per client system meets theminimum requirements for your Intended Use / image viewingquality. A 1 Gb/s connection is advised.WANWhen multiple sites are interconnected the topology is referred toas a Wide Area Network (WAN). Pathologists located at the remoteInternetWhen using the solution across the Internet, latency, packet lossand the number of ‘hops’ between networks can be substantiallyhigher than in a WAN topology. Multiple telecom operators andnetwork exchanges may be required to create the interconnectednetwork and end-to-end capacity or Quality of Service cannot beguaranteed. Each interconnection between operators may lead tonetwork congestion and introduce higher latency and packet loss.Https can be placed in a higher cue position, ensuring the data hasgreater priority. Companies which already use a number of webbased applications will probably already have this configured onthe client side.Internet connection between IMS client and server.Home Office and VPN over InternetWorking from home introduces a number of components that mayinfluence the IMS user experience. The connection at home isprovided by an Internet Service Provider (ISP) and will most likelybe a consumer-grade connection with a pre-specified upstream/downstream capacity (e.g. up 4 Mb/s / down 50 Mb/s). Its inherent8branch offices are using the Philips IMS located in the datacenterat the main location. A WAN connection is provided by a singleprovider and typically has a capacity between 2 and 50 Mb/s forsmall to medium sites and between 50 and 200 Mb/s for the mainlocation where the servers are located. Latency for continentalconnections can be between 20 and 60 ms or up to 250 ms forintercontinental connections. See below for an overview of thePhilips IMS in a WAN topology.WAN connection between IMS client and serverThis figure shows that there is greater distance between client andserver and more active network components are involved. This willaffect capacity, latency and packet loss values.oversubscription means that the physical network capacityprovided by the ISP will be shared by many customers, which canreduce the available bandwidth and introduce packet loss andhigher latency. In addition, ISPs interconnect their networks with afixed capacity, and that can also cause network congestion.For secure remote access to applications hosted in the hospitalnetwork, a Virtual Private Network (VPN) connection is used. AVPN connection is created between the client workstation and aVPN gateway located in the hospital network. A VPN gateway istypically located in the Demilitarized Zone (DMZ) which protectsthe hospital network and applications from Internet threats A VPNconnection adds security by authentication the remote user andby encrypting the network connection. This added security willcause additional latencies or impact available capacity.Internet connection with secure VPN between IMS client andserver. The user is authenticated on the workstation, and uses aVPN client to obtain a ‘secure tunnel’ over the Internet to theVPN gateway.
The network department can ensure an optimal IMS userexperience by following these stepsMake sure sufficient network capacity is available at each site.Ensure that HTTPS traffic is configured in Quality of Servicesettings as a business critical applicationBranch officeMain locationWANPathologists IMS viewerClientsAccessswitchCoreswitchCoreswitchAny locationInternetPathologists IMS viewerServerswitchSecure hostingwith DMZFirewallIMS serverClientsThe network department can ensure an optimal IMS userexperience by following these steps, as an extension to thepreviously mentioned steps for Internet hostingMake sure sufficient capacity is available on the VPN gateway(network capacity, CPU and number of connections)Ensure that the VPN client is configured to allow IMS client / servercommunicationAny locationInternetPathologists IMS viewerSecure hostingwith DMZFirewallIMS serverClientsVPN clientVPN gateway9
4Summaryof networkrequirementsFor a good Philips IMS Application user experience, requirementsgiven in table 1 should be met:DescriptionRequirementNetwork speed on IMS serverNetwork capacity per client High Quality viewing quality Compressed viewing qualityLatencyNumber of network hops1 or 10 Gb/s40 Mb/s, average data flow from server to client10 Mb/s, average data flow from server to clientAs low as possible, advised between 1 and 60 msAs low as possible, advised maximum is 12 hopsNetwork capacityFor clarification, we will calculate the network capacity requirements for four typical usagescenarios:CasesNetwork Capacity RequirementCase 1High Quality viewing settingBranch office incoming: 40 Mb/s x 10 x 0.2 80 Mb/s10 pathologists in one branch office Main site outgoing: 80 Mb/sConcurrent usage is 20%Case 2High Quality viewing settingBranch office incoming: 40 Mb/s x 5 x 0.3 67 Mb/s5 pathologists in each branch office Main site outgoing: 100 Mb/s4 branch officesConcurrent usage is 30%Case 3Compressed viewing settingHome office incoming: 10 Mb/s10 pathologists working from home Central Internet connection outgoing:Concurrent usage is 20% 10 Mb/s x 10 x 0.2 20 Mb/sCase 4Compressed viewing settingHome office incoming: 10 Mb/s40 pathologists working from home Central Internet connection outgoing:Concurrent usage is 40% 10 Mb/s x 40 x 0.4 100 Mb/s10
5 AddendumNetworkperformanceexplainedNetwork capacity is expressed in Megabitsper second (Mb/s) or Gigabit per second(Gb/s). Typical network speeds for a LocalArea Network (LAN) are 10/100 Mb/sor 1/10 Gb/s. In a Wide Area Network(WAN) speeds can range from 2 to 200Mb/s. Internet connection speeds can beanything between 10 and 100 Mb/s fordomestic locations or between 10 Mb/sand 1 Gb/s for business locations.The second cause of latency is networkcomponents. These components can benetwork interfaces, switches or routersthat route IP packets from one network toanother. Each network ‘hop’ might requirea few milliseconds of processing. This addsdelay to the network connection. The thirdelements is security measures such asfirewalls and encryption. It takes time toverify and secure each connection.Latency is the delay in milliseconds (ms)between client and server. This delay isthe result of three key factors. It takestime for a signal to travel the distancebetween client and server. Over a fibrenetwork, signals travel at the speed oflight. Therefore: the greater the distancebetween two points the longer it takes forsignals to travel from origin to destination.Packet loss can be caused by anycomponent in the end-to-end networkinfrastructure. Packet loss occurs wheneverdata sent across a network is dropped, forexample because a buffer on a networkport is full or a faulty cable has been used.11
Like to know more?Would you like to know more about the integrated pathologysolution, or discover how this solution might benefit yourorganization? Feel free to get in touch.Headquarters / BeneluxVeenpluis 6, 5684 PC Best,The NetherlandsPhone: 800 PHILIPSH ( 800 74454774)Email:digitalpathology@philips.com 2015 Koninklijke Philips N.V. All rights reserved.Specifications are subject to change without notice.Trademarks are the property of Koninklijke Philips N.V.(Royal Philips) or their respective owners.www.philips.comPrinted in the athologyCUS4522 207 26501 * JUN 2015
UFS is responsible for the acquisition of image data and the IMS for storage, retrieval, archiving and management of the Whole Slide Images (WSI). It also links slides to the corresponding cases, patient data and notes. The IMS deploys the IMS web-based client - the application for users to interact with the IMS application server.
