Vital Sync™
Virtual Patient Monitoring Platform and Informatics Manager
Installation Instructions
Medtronic, Medtronic with rising man logo, and Medtronic logo are trademarks of Medtronic. Third-party trademarks (“TM*”) belong to their
respective owners. The following list includes trademarks or registered trademarks of a Medtronic entity in the United States and/or in other
countries.
BIS™, Capnostream™, INVOS™, Nellcor™, Newport™, OxiMax™, Puritan Bennett™, Vital Sync™
U.S. patents: www.medtronic.com/patents
Symbols
Federal law restricts this device to sale by or on the order of a physician
Consult instructions for use
Manufacturer
3
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.3 Applicable Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.4 Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.5 Obtaining Technical Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.6 Warranty Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.7 Licensing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.8 HIPAA Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2 Product and Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.2 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3 Installation Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.4 Upgrade Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.5 Security Requirements and Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3 Supporting Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.2 Operating System Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.3 Add IIS Role Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.4 Install Message Queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.5 Congure IIS to Use HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.6 Congure the IIS Application Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.7 Install the Database Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
3.8 Distributor Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
3.9 Enable Remote Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4 Installing Software Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
4.2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
5 Additional Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.2 Database Agent Startup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
5.3 Device Firmware Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5.4 Firewall Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5.5 Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
5.6 HTTPS and SSL Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
5.7 Distributed Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
5.8 Data Warehouse Cleansing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
5.9 Applet Manager Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
6 Connectivity to External Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
6.2 Vital Sync HL7 Reporter Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
4
6.3 Vital Sync ADT In Adapter Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
6.4 Vital Sync Alarm Reporter Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
6.5 LDAP Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
6.6 AD Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
6.7 Gateway Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
6.8 Multiparameter Monitor Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Figures
Figure 1. Server Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 2. IIS Add Roles and Features Wizard—Start Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 3. IIS Add Roles and Features Wizard—Installation Type Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Figure 4. IIS Add Roles and Features Wizard—Destination Server Selection Page . . . . . . . . . . . . . . . . . . . . . . . . . 23
Figure 5. IIS Add Roles and Features Wizard—Select Server Roles Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Figure 6. IIS Add Roles and Features Wizard—Add Required Features Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Figure 7. IIS Add Roles and Features Wizard—Select Features Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Figure 8. IIS Add Roles and Features Wizard—Select Features Page (.NET Framework 4.6 elds shown) . . . . 25
Figure 9.
Figure 10.
options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 11.
options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 12.
options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 13.
Figure 14.
Figure 15.
Figure 16.
Figure 17.
Figure 18.
Figure 19.
Figure 20.
Figure 21. Microsoft™* SQL Server™* Setup Wizard—Microsoft™* Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Figure 22. Microsoft™* SQL Server™* Setup Wizard—Install Setup Files (details shown) . . . . . . . . . . . . . . . . . . . 34
Figure 23. Microsoft™* SQL Server™* Setup Wizard—Install Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
IIS Add Roles and Features Wizard—Web Server Role (IIS) Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
IIS Add Roles and Features Wizard—Select Role Services Page (common HTTP and health/diagnostics
IIS Add Roles and Features Wizard—Select Role Services Page (performance and security
IIS Add Roles and Features Wizard—Select Role Services Page (application development
IIS Add Roles and Features Wizard—Conrmation Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Internet Information Services (IIS) Manager (application pools shown) . . . . . . . . . . . . . . . . . . . . . . . . . 29
Edit Application Pools (Advanced Settings dialog) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Application Pool Identity Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Set Credentials Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Microsoft™* SQL Server™* Installation Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Microsoft™* SQL Server™* Setup Wizard—Product Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Microsoft™* SQL Server™* Setup Wizard—License Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Figure 24. Microsoft™* SQL Server™* Setup Wizard—Feature Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Figure 25. Microsoft™* SQL Server™* Setup Wizard—Feature Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Figure 26. Microsoft™* SQL Server™* Setup Wizard—Instance Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Figure 27. Microsoft™* SQL Server™* Setup Wizard—Server Conguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Figure 28. Microsoft™* SQL Server™* Setup Wizard—Database Engine Conguration . . . . . . . . . . . . . . . . . . . . 37
Figure 29. Microsoft™* SQL Server™* Setup Wizard—Database Engine Conguration (administrator
added) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Figure 30. Microsoft™* SQL Server™* Setup Wizard—Feature Conguration Rules . . . . . . . . . . . . . . . . . . . . . . . . 38
Figure 31. Microsoft™* SQL Server™* Setup Wizard—Ready to Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
5
Figure 32. Microsoft™* SQL Server™* Setup Wizard—Finish . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Figure 33. Microsoft™* SQL Server™* Management Studio Object Explorer (server context menu) . . . . . . . . 40
Figure 34. Database Server Properties Dialog (Memory page) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Figure 35. Microsoft™* SQL Server™* Management Studio (Replication folder context menu) . . . . . . . . . . . . . 41
Figure 36. Congure Distribution Wizard—Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Figure 37. Congure Distribution Wizard—Distributor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Figure 38. Congure Distribution Wizard—Snapshot Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 39. Congure Distribution Wizard—Distribution Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 40. Congure Distribution Wizard—Publishers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 41. Congure Distribution Wizard—Wizard Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 42. Congure Distribution Wizard—Complete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Figure 43. Congure Distribution Wizard—Finish . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Figure 44. Microsoft™* SQL Server™* Management Studio Object Explorer (new database shown) . . . . . . . 46
Figure 45. Microsoft™* SQL Server™* Conguration Manager—SQL Server Browser Context Menu . . . . . . . 47
Figure 46. Microsoft™* SQL Server™* Conguration Manager—SQL Server Browser Properties Dialog . . . . 47
Figure 47.
Figure 48.
Figure 49.
Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Figure 50.
Figure 51.
Figure 52.
Figure 53.
Figure 54.
Figure 55.
Figure 56.
Figure 57.
Figure 58.
Figure 59.
Figure 60.
Figure 61. Informatics Installation Wizard—Bedside Monitoring Station Account Creation Page . . . . . . . . . . 59
Figure 62. Informatics Installation Wizard—Failover Log File Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Figure 63. Informatics Installation Wizard—Primary (Informatics) Database Information Page . . . . . . . . . . . . . 60
Microsoft™* SQL Server™* Conguration Manager—TCP/IP Properties Dialog . . . . . . . . . . . . . . . . . 48
Microsoft™* SQL Server™* Conguration Manager—Named Pipes Properties Dialog . . . . . . . . . . . 49
Microsoft™* SQL Server™* Conguration Manager—Native Client 11.0 (32-Bit) Client
Microsoft™* SQL Server™* Conguration Manager—Native Client 11.0 Client Protocols . . . . . . . . 50
Microsoft™* SQL Server™* Conguration Manager—SQL Server Browser Start . . . . . . . . . . . . . . . . . 50
Microsoft™* SQL Server™* Conguration Manager—SQL Server Restart . . . . . . . . . . . . . . . . . . . . . . . 51
Microsoft™* SQL Server™* Conguration Manager—SQL Server Agent Restart . . . . . . . . . . . . . . . . . 51
Informatics Installation Wizard—Welcome Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Informatics Installation Wizard—Feature License Information Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Informatics Installation Wizard—Destination Location Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Informatics Installation Wizard—Select Features Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Informatics Installation Wizard—Language Options Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Informatics Installation Wizard—Administrator Password Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Informatics Installation Wizard—Nurse Station Account Creation Page . . . . . . . . . . . . . . . . . . . . . . . . 58
Figure 64. Informatics Installation Wizard—Primary (Informatics) Logon Information Page . . . . . . . . . . . . . . . . 61
Figure 65. Informatics Installation Wizard—Database Overwrite Warning Dialog . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure 66. Informatics Installation Wizard—Replication (InformaticsDataWarehouse) and DataMart
Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure 67. Informatics Installation Wizard—Replication (InformaticsDataWarehouse) and DataMart Logon
Information Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Figure 68. Informatics Installation Wizard—Enable Replication Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Figure 69. Informatics Installation Wizard—Distribution Database Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Figure 70. Informatics Installation Wizard—User Manual Location Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Figure 71. Informatics Installation Wizard—Report Server URL Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
6
Figure 72. Informatics Installation Wizard—Alarm Reporter Email Settings Page . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Figure 73. Informatics Installation Wizard—Alarm Reporter SMS Settings Page . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Figure 74. Informatics Installation Wizard—Installation Summary Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Figure 75. Informatics Installation Wizard—Previous Installation Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Figure 76. Informatics Installation Wizard—Conrmation Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Figure 77. Informatics Installation Wizard—Data Collection Service Start Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Figure 78. Informatics Installation Wizard—Finish Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Figure 79. Microsoft™* SQL Server™* Management Studio (Informatics Replication publication shown) . . . 72
Figure 80. Microsoft™* SQL Server™* Management Studio—SQL Server Agent Start . . . . . . . . . . . . . . . . . . . . . . 72
Figure 81. Microsoft™* SQL Server™* Management Studio (Job Activity Monitor icon present) . . . . . . . . . . . . 73
Figure 82. Microsoft™* SQL Server™* Management Studio—Replication Monitor Launch . . . . . . . . . . . . . . . . . 74
Figure 83. Replication Monitor Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Figure 84. Replication Monitor Screen (Agents Tab)—Snapshot Agent Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Figure 85. Replication Monitor Screen (Agents Tab) (Snapshot Agent running) . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Figure 86. New Subscription Wizard—Start Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Figure 87.
Figure 88.
Figure 89.
Figure 90.
Figure 91.
Figure 92.
Figure 93.
Figure 94.
Figure 95.
Figure 96.
Figure 97.
Figure 98.
server shown) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Figure 99.
Table 1. Minimum Hardware Requirements (physical server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Table 2. Minimum Hardware Requirements (virtual machine) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
New Subscription Wizard—Publication Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
New Subscription Wizard—Distribution Agent Location Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
New Subscription Wizard—Subscribers Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Connection Dialog (for Data Warehouse server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
New Subscription Wizard—Distribution Agent Security Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Distribution Agent Security Dialog (account elds) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
New Subscription Wizard—Synchronization Schedule Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
New Subscription Wizard—Initialize Subscriptions Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
New Subscription Wizard—Wizard Actions Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
New Subscription Wizard—Conrmation Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
New Subscription Wizard—Finish Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Microsoft™* SQL Server™* Management Studio Object Explorer (Data Warehouse report
Replication Monitor Screen (Agents Tab) (Snapshot Agent shown) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Tables
Table 3. Minimum Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Table 4. Recommended Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Table 5. Welch Allyn™* Server Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Table 6. Supported Software Upgrade Paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Table 7. Minimum and Maximum Device/Hardware Firmware Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Table 8. Firewall Ports To Be Opened . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Table 9. Medtronic Device/Protocol Destination Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Table 10. Recommended Source Ports for Device Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Table 11. Additional LdapClient Parameter Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Table 12. Additional AD Server Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
7
8
1 Introduction
1.1 Overview
This manual provides information on installation and setup of Vital Sync virtual patient monitoring platform and
informatics manager software components, as well as other software required for their installation and use,
including prerequisites, installation procedures, and conguration details.
Note: Before installation, carefully read this manual, any necessary system documentation, and precautionary
information and specications
• Section 1.2, Conventions • Section 1.6, Warranty Information
• Section 1.3, Applicable Version • Section 1.7, Licensing Information
• Section 1.4, Safety Information • Section 1.8, HIPAA Disclaimer
• Section 1.5, Obtaining Technical Assistance
1.2 Conventions
Text and terminology conventions used in this manual include the following:
• Warnings alert users to potential serious outcomes (death, injury, or adverse events) to the patient, user, or
environment.
• Cautions alert users to exercise appropriate care for safe and eective use of the product.
• Notes provide additional guidelines or information.
•
Button names, menu options, and eld names generally appear in boldface text.
• The term “click” refers to the action activating buttons and menus in an application’s user interface. If using
a touchscreen monitor or mobile device, substitute “touch” for “click” where it appears in the text.
• The terms “platform”, “components”, “software”, and “software components” generally refer to part or all of the
Vital Sync virtual patient monitoring platform, the Vital Sync informatics manager, or both.
1.3 Applicable Version
This manual applies to installing version 3.1 of the Vital Sync virtual patient monitoring platform and informatics
manager. Version information for supporting software is indicated in other sections of this manual.
1.4 Safety Information
This section contains generally applicable safety information for this product.
1.4.1 Warnings
•
Warning: The Vital Sync Virtual Patient Monitoring Platform and Informatics Manager is intended to
supplement and not to replace any part of the facility’s monitoring. Do not rely on the Vital Sync Virtual Patient
Monitoring Platform and Informatics Manager as the sole source of alarms. In order to assure a timely
response to device alarms, a clinician (not necessarily the clinician viewing data in the platform) must be
within visual and/or audible range of the alarming device. In order to provide medical intervention, a clinician
must interact with the device at the bedside.
•
Warning: The platform is intended only as an adjunct in patient assessment. It must be used in conjunction
with clinical signs and symptoms and periodic patient observations.
•
Warning: The dedicated bedside display unit is designed for use in conjunction with the Vital Sync Virtual
Patient Monitoring Platform and Informatics Manager. Do not rely on the dedicated bedside display unit as
a primary source of alarms.
9
•
Warning: Always follow the facility’s established patient safety protocols when using the Vital Sync Virtual
Patient Monitoring Platform and Informatics Manager.
•
Warning: The alarm rule functionality within the software is intended to supplement and not replace any
part of the facility’s monitoring. Do not rely on the platform as the sole source of alarms.
•
Warning: Alarm rules should adhere to facility policy, procedures, and alarm management protocols. This
alarm management protocol should address alarm safety and the potential impact of alarm fatigue in all
patient care areas within the facility.
•
Warning: Alarm priority normalization and ranking functionality within the software is intended to
supplement and not replace any part of the facility’s monitoring. Do not rely on the platform as the sole source
of alarms.
•
Warning: The default alarm priority is determined by the connected device, and cannot be changed on the
device itself. The same alarm condition may be reported with a dierent priority on dierent device models.
Carefully review the Alarm Normalization Report for default alarm priorities for each connected device model.
•
Warning: Alarm priorities in the software should not be set to be lower than those on the actual device. Use
caution if changing the priority of a device alarm in the software to a dierent level than is indicated on the
actual device, especially for devices that are life-sustaining.
•
Warning: Alarms from connected devices should not be set as notications in the platform, especially for
devices that are life-sustaining. Because notications do not audibly annunciate, setting an alarm as a
notication may cause users to not respond or delay in responding to a clinically signicant event.
•
Warning: Notications from connected devices should not be set as alarms in the platform, especially for
events not requiring clinical intervention. Setting a notication as an alarm may create nuisance audible alerts
that are not clinically signicant.
•
Warning: If using audible alerts, ensure the sound volume of the PC or mobile device on which the software
is used is sucient for alerts to be heard and recognized.
•
Warning: It is possible for the platform’s audible alert tone to be confused with audible alarm tones from
connected devices when in close physical proximity. Users should carefully attend to all audible indicators
when within audible range of connected devices.
•
Warning: When setting alarm rules and priorities in the software for any device, consult the operator’s
manual for the device in question for default priority levels of device alarms, and for a description of each
device alarm. Obtain a detailed understanding of the patient or device conditions that trigger any alarm
before creating an alarm rule or adjusting the alarm’s priority in the software.
•
Warning: Medtronic does not assume any responsibility for accuracy, reliability, or clinical relevance of
user-designed derived parameter algorithms.
1.4.2 Cautions
•
Caution: Federal law restricts this device to sale by or on the order of a physician.
•
Caution: Do not set alarm limits to extreme values that render the monitoring system useless. Ensure alarm
limits are appropriate for each patient.
•
Caution: Connected devices report data to the platform periodically, not continuously. Because of this, as
well as delays caused by network bandwidth or hardware limitations or network loading, the true duration
of any device alarm will be longer than the delay set in this screen for that alarm. Carefully consider these
factors when choosing delay settings, and use the shortest delay settings that are practical to reduce nuisance
alarms, to avoid undue delay in response to events actually requiring direct clinical intervention.
•
Caution: Loss of patient privacy may occur if using the software on unsecured or unencrypted networks.
Always adhere to facility patient privacy practices and procedures to ensure security of patient data on the
facility’s network.
•
Caution: For the most accurate interpretation of data and alerts from the Vital Sync software, the intended
user (operator) position is less than 4 meters from the display screen and audio speakers.
10
1.4.3 Notes
•
Note: Some smartphones and tablets do not support the sounding of audible alerts from the platform. Make
sure to test audible alert capability.
•
Note: Audible alerts only sound to indicate alarms on devices linked to patients. Audible alerts do not sound
for notications.
•
Note: The platform has been veried on systems using Microsoft™* Windows™* and Windows™*-based
software. User experience may vary with other operating systems and hardware and software congurations.
1.5 Obtaining Technical Assistance
1.5.1 Technical Services
For technical information and assistance if unable to correct a problem while using the software, contact a local
Medtronic representative, or contact Medtronic Technical Services directly.
Medtronic Technical Services
15 Hampshire Street
Manseld, MA 02048 USA
1 800 497 4968, or 1 925 463 4635, or contact a local Medtronic representative
HIMSupport@Medtronic.com
When calling Medtronic or a local Medtronic representative, provide the software version number, build number,
date of build, and GTIN (Global Trade Item Number), shown on the
1.5.2 Related Documents
Before installing, carefully read this manual as well as installation documentation for the supporting software. This
information is essential for understanding the installation process and information shown during installation.
About
screen.
1.6 Warranty Information
The information contained in this document is subject to change without notice. Medtronic makes no warranty
of any kind with regard to this material, including, but not limited to, the implied warranties or merchantability and
tness for a particular purpose. Medtronic shall not be liable for errors contained herein or for incidental or
consequential damages in connection with the furnishing, performance, or use of this material.
1.7 Licensing Information
For more details regarding software licenses, refer to the following sections.
1.7.1 Vital Sync and Third Party Software
Licenses obtained from Medtronic for use of the Vital Sync virtual patient monitoring platform (including the
informatics manager) do not include licenses for any third party software, including software identied elsewhere
in this manual. (Refer to Section 2.2, Prerequisites, page 13; Section 2.2.2, Recommended Conguration, page 14;
Chapter 3; and Chapter 5.)
Users must obtain their own licenses for the downloading and use of such third party software.
1.7.2 Open Source Software Disclosure
This section identies the open source software that may be separately called, executed, linked, aliated, or
otherwise utilized by this Vital Sync software product.
Such open source software is licensed to users subject to the terms and conditions of the separate software
license agreement for such open source software.
11
Use of the open source software by users of the Vital Sync virtual patient monitoring platform and informatics
manager shall be governed entirely by the terms and conditions of such license.
Obtain the source or object code and applicable license for any open source software at the following sites:
•
NCalc—https://www.nuget.org/packages/ncalc/
•
RestSharp—http://restsharp.org/
•
Ninject—https://www.nuget.org/packages/Ninject/4.0.0-beta-0134
•
NHibernate—http://nhibernate.info/
•
NLog—https://www.nuget.org/packages/NLog/4.3.7
•
Newtonsoft.Json—https://www.nuget.org/packages/Newtonsoft.Json/
•
Swashbuckle Core—https://www.nuget.org/packages/Swashbuckle.Core/5.6.0
•
D3—https://d3js.org/
•
Spin.js—https://spin.js.org/
•
Foundation—http://foundation.zurb.com
•
JQuery—http://jquery.com
•
JQuery blockUI—http://malsup.com/jquery/block/
•
JQuery DateTimePicker—https://github.com/xdan/datetimepicker
•
JQuery Tools—https://jquerytools.github.io/
•
JQuery UI—http://jqueryui.com
•
JQuery UI Touch Punch—http://touchpunch.furf.com
•
JQuery Validation—https://jqueryvalidation.org/
•
MvcPaging—https://www.nuget.org/packages/MvcPaging/
•
Antlr3.Runtime—https://www.nuget.org/packages/Antlr3.Runtime
•
Iesi.Collections—https://www.nuget.org/packages/Iesi.Collections/4.0.2
1.8 HIPAA Disclaimer
The Vital Sync Virtual Patient Monitoring Platform and Informatics Manager is a software application used in
conjunction with electronic medical devices within the customer’s secure health information system. Healthcare
providers using the software are expected to take appropriate security measures to protect the condentiality of
all data created, stored or transmitted on their systems. See Section 2.5, Security Requirements and
Recommendations, page 17.
Although the software contains certain features to assist users in the users’ steps to protect their data, Medtronic
cannot provide any assurance that the user’s use of the software will comply with HIPAA regulations or be
otherwise in compliance with the customer’s obligations as a covered entity.
12
2 Product and Installation Overview
2.1 Overview
This chapter describes the requirements and general process for installation and conguration of Vital Sync virtual
patient monitoring platform and informatics manager software components, as well as for supporting software.
• Section 2.2, Prerequisites • Section 2.4, Upgrade Installation
• Section 2.3, Installation Process • Section 2.5, Security Requirements and Recom‐
mendations
2.2 Prerequisites
In order to install and use software components, the systems in question must meet certain hardware and
operating system requirements, and must also have other supporting software installed and congured.
Instructions for installation and setup of some supporting software are included in this manual.
Note: To install software, administrative rights are required on the destination system or systems.
2.2.1 Minimum Requirements
See Table 1, Table 2, and Table 3 for minimum hardware and software requirements.
Table 1. Minimum Hardware Requirements (physical server)
Requirement Server with components installed Central monitoring station desktop
CPU 3.1 GHz, 8M cache, 5 GT/s QPI, 4 core 1–1.65 GHz, dual core
RAM 16 GB 4 GB
Hard drive capacity 500 GB 50 GB
External storage External tape or other customer-sourced
backup for data archive
Network 100/1000 Mbps Ethernet
Wireless network Bandwidth (Kbps) equal to 5.7X+270Y
(X=number of active devices; Y=number of active display devices)
Other hardware Uninterruptible power supply Touch-enabled display with 1920×1080
Table 2. Minimum Hardware Requirements (virtual machine)
Requirement Database server Web / data collector server
CPU 2.6 GHz 6 VCPU 2.6 GHz 6 VCPU
RAM 16 GB 8 GB
Hard drive capacity 580 GB (minimum 4 drives) 80 GB
External storage External tape or other customer-sourced
backup for data archive
Network 100/1000 Mbps Ethernet
Wireless network Bandwidth (Kbps) equal to 5.7X+270Y
(X=number of active devices; Y=number of active display devices)
None
resolution
Video card compatible with touch-en‐
abled display
Speakers (monitor-mounted or external)
None
13
Table 3. Minimum Software Requirements
Requirement Server with components installed Central monitoring station desktop
Operating system Microsoft™* Windows™* Server 2016
Standard with all current updates
Database software Microsoft™* SQL Server™* 2016 Standard
Edition with Service Pack 1 (required only
on the server hosting the database com‐
ponent)
Supporting software Microsoft™* Web Deploy 3.0
Internet Information Services (IIS) 8.0
Microsoft™* .NET Framework 4.6.2
Note: Specic deployments may have higher minimum requirements than those listed here. Consult with the
Medtronic Solution Delivery Team for more information.
2.2.2 Recommended Conguration
Note: While all components can be installed on a single system, Medtronic recommends that the Informatics Web
and Database components should be installed on separate systems, especially if a large number of users will be
accessing and using the software, or if a large number of patients and devices will be connected and monitored.
Note: The Data Collection Service, Applet Manager Service (if used), and Informatics Web components should be
installed on a server separate from the Database component, so that resource-intensive functions requiring
database access (such as reporting) will not interfere with ongoing clinical operations. Refer to Section 5.7,
Distributed Deployment, page 79 for more information.
Microsoft™* Windows™* 10 Professional
(64-bit)
None
Microsoft™* Internet Explorer 11
Adobe™* Reader™* DC
See Table 4 for recommended software.
Table 4. Recommended Software
Requirement Servers with components installed Central monitoring station desktop
Operating system Microsoft™* Windows™* Server 2019
Standard with all current updates
Database software Microsoft™* SQL Server™* 2019 Standard
Edition with all current updates (required
only on the server hosting the database
component)
Supporting software Microsoft™* Web Deploy 3.0
Internet Information Services (IIS) 10.0
Microsoft™* .NET Framework 4.6.2
For best results when using Web browsers to access the software and perform program functions, ensure that the
display resolution is set to at least 1024 x 768 (1920 x 1080 for a central monitoring station).
Note: To maximize performance, and for best connectivity with remote devices, Medtronic recommends that the
Vital Sync virtual patient monitoring platform and informatics manager, its necessary supporting software, and
related applications (such as the Vital Sync early warning score application) should be the only applications
running on the systems on which they are installed.
Microsoft™* Windows™* 10 Professional
(64-bit)
None
Microsoft™* Edge™* (version 89) or
Google™* Chrome™* (version 89)
Adobe™* Reader™* DC
Note: Some smartphones and tablets do not support the sounding of audible alerts from the platform. Make sure
to test audible alert capability.
14
2.2.3 Device-Specic Conguration
Facilities using compatible Welch Allyn™* multiparameter monitors use Welch Allyn™* Network Connectivity
Engine™* software to enable communication with the Vital Sync software.
The Welch Allyn™* software may be deployed on a physical server or on a virtual machine. See Table 5 for
requirements.
Table 5. Welch Allyn™* Server Requirements
Requirement Details
CPU 3.1 GHz, 4 core
RAM 8 GB
Hard drive capacity 100 GB (after installation of gateway software)
Network 1000 Mbps Ethernet
Operating system Microsoft™* Windows™* Server 2012 R2, Microsoft™*
Windows™* Server 2016, or Microsoft™* Windows™*
Server 2019
Supporting software Welch Allyn™* CDIS-NCE Gateway suite v5.3.0.6
2.3 Installation Process
Note:
platform (including the informatics manager) do not include licenses for any third party software identied in this
chapter. Users must obtain their own licenses for the downloading and use of such third party software.
For a rst-time installation of the software, the process includes the following steps:
Licenses obtained from Medtronic for installation and use of the Vital Sync virtual patient monitoring
• Ensure applicable supported updates for Microsoft™* Windows™* Server have been downloaded and
installed, as described in the release notes.
• Add IIS role services and (if necessary) message queuing. Refer to Section 3.3, Add IIS Role Services, page 21 and
Section 3.4, Install Message Queuing, page 28.
• Congure IIS to use HTTPS, and congure the default IIS application pool. Refer to Section 3.5, Congure IIS to
Use HTTPS, page 28 and Section 3.6, Congure the IIS Application Pool, page 29.
• Install and congure Microsoft™* SQL Server™*. Refer to Section 3.7, Install the Database Server, page 30 and
Section 3.8, Distributor Conguration, page 41. Versions of the software from 2016 and later do not include
Microsoft™* SQL Server™* Management Tools in the same installer package; if needed, install these
separately.
• Set up database connectivity for remote users. Refer to Section 3.9, Enable Remote Connection, page 46.
• Install Vital Sync software components. Refer to Chapter 4.
• If needed to enable HL7 message and/or alarm message availability for external systems, congure the Vital
Sync HL7 Reporter Service, Vital Sync ADT In Adapter Service, and Vital Sync Alarm Reporter Service. Refer to
Chapter 6.
• If needed, perform LDAP and active directory server integration. Refer to Section 6.5, LDAP Integration, page 99
and Section 6.6, AD Integration, page 100.
• If using a Lantronix™* gateway with the Vital Sync software, enable and congure unique device
identication. Refer to Section 6.7, Gateway Conguration, page 101.
• Start database agents running to fully enable replication. Refer to Section 5.2, Database Agent Startup,
page 71.
• Conrm that rewall ports are properly congured to allow the software to communicate with the network
and with devices to be monitored. Refer to Section 5.4, Firewall Conguration, page 76.
• Perform date and time synchronization on all systems. Refer to Section 5.5, Time Synchronization, page 78.
15
• If needed, congure reporting to connect to the Data Warehouse server. Refer to Section 5.7.3, Reporting
Conguration, page 80.
• For a multi-system deployment, perform additional conguration procedures as needed. For an example of
such a deployment, refer to Section 5.7, Distributed Deployment, page 79.
• If using a central monitoring station or Welch Allyn™* multiparameter monitors, perform appropriate
hardware setup. Consult with the Medtronic Solution Delivery Team for assistance.
During setup and installation, conrm that appropriate steps are taken to ensure cybersecurity. See Section 2.5 for
more information, or consult with facility IT personnel or the Medtronic Solution Delivery Team for assistance.
2.4 Upgrade Installation
To upgrade from a previous version of the Vital Sync virtual patient monitoring platform and informatics manager,
the process includes the following steps:
• Before installing any software, make backups of all application database les created with the previous
installation of the software, and save the backups in a safe location. The backup process prevents data loss in
the event that problems occur during installation of the current version of the software.
• Ensure supporting software is already installed on all systems to be used with the upgraded version, as
described in Chapter 3. Additional installation of supporting software should not be necessary unless the
deployment conguration has changed from that used for the previous version of the software.
• Install Vital Sync software components. Refer to Chapter 4.
• If needed, perform additional conguration procedures as described in Chapter 5 and Chapter 6. Additional
steps necessary will vary depending on deployment.
During setup and installation, conrm that appropriate steps are taken to ensure cybersecurity. See Section 2.5 for
more information, or consult with facility IT personnel or the Medtronic Solution Delivery Team for assistance.
For upgrades to existing installations of the Vital Sync virtual patient monitoring platform and informatics
manager, supported upgrade paths directly to version 3.1 depend on the version of Microsoft™* Windows™*
Server that is in use. See Table 6.
Table 6. Supported Software Upgrade Paths
Platform installation Upgrade path
(Windows™* Server 2016)
v2.7.0 v2.7.0 to v3.1.0
v2.8.0 v2.8.0 to v3.1.0
v2.9.0 v2.9.0 to v3.1.0
v2.10.0 v2.10.0 to v3.1.0
v3.0.0 v3.0.0 to v3.1.0 v3.0.0 to v3.1.0
•
Note: Upgrade paths apply to single-PC and distributed (four-PC) installations.
•
Note: Windows™* Server 2019 is not supported for use with versions of the platform previous to v3.0.0.
Upgrading to Windows™* Server 2019 will require an upgrade of the Vital Sync software to v3.0.0 or later.
•
Note: If upgrading from v2.5.x, to avoid potential database problems, rst upgrade to v2.7.0, then upgrade
to the current version using the appropriate upgrade path.
•
Note: If upgrading from a version of the software previous to v2.5.x, uninstall the older version before
installing the current version. Consult the Medtronic Solution Delivery Team for more information.
•
Note: Vital Sync RSS installations are not supported in this release of the platform, and will not be upgraded.
(Windows™* Server 2019)
Not applicable (not implemented on
Upgrade path
Windows™* Server 2019)
16
2.5 Security Requirements and Recommendations
Cybersecurity risks from using the Vital Sync software have been addressed using a combination of application
logic, installation conguration, and particular software and hardware settings. However, using the Vital Sync
software does carry some residual risk.
The potential adverse events associated with the residual cybersecurity risks in the Vital Sync software include, but
are not limited to, the following:
1. Delay of treatment due to loss of Vital Sync software availability or Vital Sync software data integrity
2. Misdiagnosis due to loss of Vital Sync software data integrity
3. Loss of patient privacy
2.5.1 Required Actions
The following actions are required during installation and software conguration to reduce cybersecurity risks to
an acceptable and controlled level:
1. Congure Microsoft™* Windows™* Server to disable weak ciphers. For details, see the following document:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-a
d-fs
2. Congure Microsoft™* Windows™* Server to enforce NLA authentication for RDP, to reduce the possibility
of exploiting the RDP protocol.
3. Congure Microsoft™* Windows™* Server to disable TCP global timestamps on Vital Sync servers.
4. Congure Internet Information Services (IIS) to disable the default IIS home page.
5. Congure IIS to prevent cross-site-scripting attacks.
6. After installation, disable unused Data Collection Service protocol handler listeners to limit the number of
open ports.
7. Disable password caching for browsers used to access the Vital Sync software.
8. Congure Microsoft™* SQL Server™* to enable TDE encryption of the MDF le.
9. Disable TLS 1.0 and 1.1, and use TLS 1.2 instead, to protect communication to and from Microsoft™* SQL
Server™*.
10. Congure Microsoft™* SQL Server™* to use a signed certicate for encryption, and congure client servers
to trust the signed certicate.
11. Congure IIS to require SSL using signed certicates, to force clients to connect using HTTPS. Utilize TLS 1.2,
and disable weaker encryption protocols and ciphers.
12. Encrypt Vital Sync service and IIS application conguration les (including connection string les) to
prevent unauthorized viewing or modication.
13. Congure the Vital Sync client to always use HTTPS to connect to the InformaticsWeb application. See
Section 5.6.
Consult with the Medtronic Solution Delivery Team and with facility IT personnel for assistance.
2.5.2 Recommended Actions
Medtronic recommends additional practices and procedures to reduce cybersecurity risks to an acceptable and
controlled level. Consult with the Medtronic Solution Delivery Team and with facility IT personnel for assistance.
2.5.2.1 Network Conguration
• All medical devices should exist on the same domain.
• Use whitelisting with regard to communication controls across the facility network. Use blacklisting to block
unwanted sites.
17
• Wireless communication should be encrypted where possible.
• Analysis of the overall security conguration of the network should be current.
• Use appropriate third party software to monitor the facility network for suspicious or unauthorized use.
2.5.2.2 Vital Sync Servers and Operating Systems
• The user is responsible for maintaining the operating system software with all current patches and upgrades.
Medtronic recommends that the operating system server is appropriately congured to optimize
cybersecurity.
• The user is responsible for maintaining certain other software components with all current patches and
upgrades. Medtronic recommends that these components are appropriately congured to optimize
cybersecurity.
• If possible, control physical access to the Vital Sync servers and hard drives at the facility.
• Deploy antivirus software on Vital Sync servers.
• Deploy rewall software and congure it to only accept connections from a specic list of IP addresses on
Vital Sync servers to specic ports.
• Use appropriate third party security products designed to monitor les or folders for access and modications
and alert security personnel if warranted.
• Make critical BIOS updates according to server vendor hardware and security patch recommendations.
• Change BIOS and system conguration to disable USB ports on systems where the Vital Sync software is
installed.
• Congure operating systems on servers to limit user access to the operating system control panel.
• Enable SSH or TLS tunneling.
• Congure Windows™* Remote Desktop Connection to use TLS 1.2 encryption.
• Disable SMB version 1. Enable SMB signing to reduce the possibility of exploiting the SMB protocol.
• Use le structure or disk encryption to protect les on Vital Sync servers.
•
Service accounts should use the domain account that is given access to the service, and should
administrative role, in order to prevent service dumps containing sensitive information.
• Congure user accounts to lock after multiple subsequent failed login attempts, to prevent brute force
attacks.
• Utilize active directory authentication and authorization.
• Do not congure Web browsers to automatically save authentication credentials.
• Disable web page caching in Web browsers used to access the Vital Sync software.
not
have an
2.5.2.3 Platform Installer
For security considerations related to the installer, see Section 4.2.2, Security Considerations, page 53. Other
recommendations are included within the installation procedure.
2.5.2.4 Database Server Software
• The user is responsible for maintaining the Microsoft™* SQL Server™* software with all current patches and
upgrades. Medtronic recommends that servers on which Microsoft™* SQL Server™* is installed are
appropriately congured to optimize cybersecurity.
• Create and use a new custom account to connect to the database, instead of using the default network
service role.
• If possible, use Windows™* authentication instead of mixed mode authentication for Microsoft™* SQL
Server™*. For example terminology, see the following document:
18
https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/authentication-in-sql-server
• Encrypt physical database les using TDE to protect data at rest.
2.5.2.5 Vital Sync Services, IIS Applications, and Device Conguration
• Install the Data Collection, Alarm Reporter, and Applet Manager services on the system where MSMQ is
congured.
• Congure MSMQ per active directory user account. It is possible to congure and limit the Data Collection,
Applet Manager, and Alarm Reporter services with a Microsoft™* Windows™* domains account with
permissions for the MSMQ system. The Data Collection and Applet Manager services should have write
permissions; the Alarm Reporter service should have read permission.
• Deploy ECDHE or use a 2048-bit or stronger Die-Hellman group.
• Congure IIS to use HTTPS. See Section 3.5.
• Congure IIS to send the Strict-Transport-Security response header with value “max-age=31536000;”.
•
Congure HTTP response headers to nosni for X-Content-Type-Options in the IIS Admin Console.
• Congure IIS to disable the X-Powered-By and X-AspNet-Version headers.
• During platform installation, set the Alarm Reporter email plugin to use SSL to encrypt communications
between the Alarm Reporter and the external SMTP server. (If using SSL, also congure the operating system
to use TLS 1.2.)
• Congure the ADT In Adapter Service to only accept connections from a single, specic IP address. (It will then
reject connections from any other IP address.)
• Data Collection Service raw protocol handler data le logging is disabled by default. This function should only
be enabled temporarily if needed for debugging purposes.
• Congure the DeviceData and InformaticsWeb applications to use HTTPS. See Section 5.6.
• The Device Data Service only needs to be running during Vital Sync software installation. It can be stopped
when installation is complete.
• Vital Sync software users should follow secure password guidelines when creating passwords, to reduce the
likelihood of a brute force attack guessing a password.
• Congure any device that does not show its serial number by default in the Vital Sync software to use an
inventory tag, to reduce visibility of that device’s IP address in the platform user interface. See the reference
manual for more information.
19
20
3 Supporting Software
3.1 Overview
This chapter provides details on installing and conguring supporting software required before installing
Vital Sync virtual patient monitoring platform and informatics manager software components.
•
Note: Licenses obtained from Medtronic for installation and use of the Vital Sync virtual patient monitoring
platform (including the informatics manager) do not include licenses for any third party software identied
in this chapter. Users must obtain their own licenses for the downloading and use of such third party software.
•
Note: To install and congure software, administrative rights are required on destination systems.
•
Note: Setup and conguration procedures in this chapter are to support the Vital Sync virtual patient
monitoring platform and informatics manager software.
The primary task is the installation of Microsoft™* SQL Server™* on the system where certain specic Vital Sync
software components will reside.
At certain points, the following steps are also required to allow systems and software components to
communicate and properly exchange information:
• Adding Microsoft™* Windows™* Server Internet Information Services (IIS) roles and conguring the default
application
• Conguring the database servers to allow replication
• Enabling remote connection to the database servers
• Section 3.2, Operating System Updates
• Section 3.3, Add IIS Role Services • Section 3.7, Install the Database Server
• Section 3.4, Install Message Queuing • Section 3.8, Distributor Conguration
• Section 3.5, Congure IIS to use HTTPS • Section 3.9, Enable Remote Connection
• Section 3.6, Congure the IIS Application Pool
3.2 Operating System Updates
Before performing any procedures detailed in this manual, ensure supported Microsoft™* Windows™* service
packs and updates have been downloaded to and installed on the aected system or systems. Reference the
release notes for this version of the software for more information.
3.3 Add IIS Role Services
After ensuring that supported operating system updates and service packs are installed, add IIS role services.
The Add Roles wizard shows a series of screens for selection of options. If changes are required to selections
already made, click Back to go back to the previous screen, then make the change.
In any screen, if needed, click Cancel to stop conguration and exit the wizard.
Note: Add IIS role services to the same system where the Data Collection Service and Informatics Web
components are to be installed. (Refer to Section 5.7, Distributed Deployment, page 79 for details on installation in
a distributed environment.)
Note: This manual shows screen captures for adding IIS role services using version 10.0 of IIS. Version 8.0 of IIS is
also supported. The procedure does not dier signicantly between the two versions. If encountering problems
during or after adding IIS role services, contact the Medtronic Solution Delivery Team.
To add IIS role services:
1.
From the Start menu, select Administrative Tools.
2. Open the Server Manager.
21
Figure 1. Server Manager
3.
In the Dashboard pane, click on
Figure 2.
IIS Add Roles and Features Wizard—Start Page
Add Roles and Features
to start the Add Roles and Features wizard.
4.
Verify that tasks listed on the page have been completed, then click Next to access the Installation Type
page.
22
Figure 3. IIS Add Roles and Features Wizard—Installation Type Page
5.
Click the
6.
Click
Role-based or feature-based installation
to access the Destination Server Selection page.
Next
radio button if it is not already selected.
Figure 4.
7.
Click the Select a server from the server pool radio button if it is not already selected.
8. In the Server Pool pane, nd the desired server and click on it to select it.
9.
Click Next to access the Select Server Roles page.
IIS Add Roles and Features Wizard—Destination Server Selection Page
23
Figure 5. IIS Add Roles and Features Wizard—Select Server Roles Page
10.
Check the
Web Server (IIS)
check box, then click
to access the Add Required Features page.
Next
Figure 6.
11.
Ensure that the
Select Features page.
IIS Add Roles and Features Wizard—Add Required Features Page
Include management tools
check box is checked, then click
Add Features
to access the
24
Figure 7. IIS Add Roles and Features Wizard—Select Features Page
12.
Click the triangle next to the
.NET Framework 4.6 Features
check box to show available options
Figure 8.
13.
Click the triangle next to the WCF Services check box to show available options.
14.
Make selections as shown in Figure 8, then click Next to access the Web Server Role (IIS) page.
IIS Add Roles and Features Wizard—Select Features Page (.NET Framework 4.6 elds shown)
25
Figure 9. IIS Add Roles and Features Wizard—Web Server Role (IIS) Page
15.
If needed, review the text on the page, then click
to access the Select Role Services page.
Next
Figure 10.
health/diagnostics options)
16. Make selections in the role services elds as shown in Figure 10, then scroll down in the pane.
IIS Add Roles and Features Wizard—Select Role Services Page (common HTTP and
26
Figure 11. IIS Add Roles and Features Wizard—Select Role Services Page (performance and security options)
17. Make selections in the role services elds as shown in Figure 11, then scroll down in the pane.
Figure 12. IIS Add Roles and Features Wizard—Select Role Services Page (application development
options)
18.
Make additional selections in the role services elds as shown in Figure 12, page 27, then click Next to access
the conrmation page.
27
Figure 13. IIS Add Roles and Features Wizard—Conrmation Page
19.
If desired, scroll down to view installation selections, then click
20. The results screen indicates whether the installation was successful, and lists role services installed. If
desired, click the
exit the wizard.
Print, e-mail, or save
link to print, email or save the installation report, then click
Install
. (Click
Cancel
to stop installation.)
Close
to
Note:
problems and repeat the procedure for adding IIS role services before continuing with the other procedures in this
chapter.
If installation is unsuccessful, problems that occurred will be shown in the results screen. Resolve the
3.4 Install Message Queuing
After adding IIS role services, add the Microsoft™* Message Queuing feature. For details on installation, reference
the technical document Installing and Managing Message Queuing, available online at the following URL:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc77
1474(v=ws.11)
•
•
•
•
Installing message queuing is only necessary if conguring the Vital Sync Alarms Reporter Service. See
Note:
Section 6.4.3, MSMQ Queue Conguration, page 94 for details.
Note: Install message queuing on the same systems where IIS role services were just added. (Refer to
Section 5.7, Distributed Deployment, page 79 for details on installation in a distributed environment.)
Note: Install the Data Collection, Alarm Reporter, and Applet Manager services on the system where MSMQ is
congured.
Note: Congure MSMQ per active directory user account. It is possible to congure and limit the Data
Collection, Applet Manager, and Alarm Reporter services with a Microsoft™* Windows™* domains account
with permissions for the MSMQ system. The Data Collection and Applet Manager services should have write
permissions; the Alarm Reporter service should have read permission.
3.5 Congure IIS to Use HTTPS
After adding IIS role services, congure IIS to use HTTPS. For details, reference the technical document How To Set
Up an HTTPS Service in IIS, available online at the following URL:
https://support.microsoft.com/en-us/help/324069/how-to-set-up-an-https-service-in-iis
28
Other conguration to enable use of HTTPS and SSL is also required. See Section 5.6.
3.6 Congure the IIS Application Pool
After adding IIS role services, update the default Microsoft™* Windows™* Server Internet Information Services (IIS)
application pool to ensure that the Informatics Web component (when installed) will have appropriate authority
to run reports.
Note: Congure the IIS application pool on the same systems where IIS role services are installed.
Note: This manual shows screen captures for application pool conguration using version 10.0 of IIS. Version 8.0
of IIS is also supported. The procedure does not dier signicantly between the two versions. If encountering
problems during or after conguration, contact the Medtronic Solution Delivery Team.
To congure the IIS application pool:
1. Open the IIS Manager. Figure 14. Internet Information Services (IIS) Manager (application pools shown)
2.
Click Application Pools in the far left pane.
3.
Click on DefaultAppPool to select it, then click Advanced Settings under Edit Application Pool in the
far right pane to open the Advanced Settings dialog.
Figure 15. Edit Application Pools (Advanced Settings dialog)
4.
In the Identity eld, click the ... button to open the Application Pool Identity dialog.
29
Figure 16. Application Pool Identity Dialog
5.
Click the Custom account radio button, then click Set to open the Set Credentials dialog. Figure 17. Set Credentials Dialog
6.
User name
Often, the same user will also be set up as the administrator when Microsoft™* SQL Server™* is installed.
Refer to Section 3.7, Install the Database Server, page 30.
7.
Password—Enter the password for the specied administrative user.
8.
Conrm password—Enter the password just entered in the Password eld.
9.
Click OK to save and return to the Application Pool Identity dialog.
10.
Click OK to save application pool identity settings and return to the Advanced Settings dialog.
11.
Click OK to save advanced settings for the default application pool and return to the IIS Manager.
12. Exit the IIS Manager.
—Enter the user name for an appropriate administrative user with authority to run reports.
3.7 Install the Database Server
After conguring the IIS application pool, install and congure the database server software.
The installation wizard shows a series of screens for selection of application options. If needing to change a
selection already made, click Back to go back to the previous screen, then make the change.
In any screen, if needed, click Cancel to stop the installation and exit the wizard.
Note: Install the database server software on the system where the Database component is to be installed. If using
a distributed deployment with separate Online Transaction Processing (OLTP) and Data Warehouse systems,
install the database server software on both systems.
To access the installation program:
1. Find and right-click on the icon for the computer on the desktop, then click Explore, or navigate to the
computer in Windows Explorer™*.
2. Double-click on the directory containing the installation les to open the directory.
3.
Find Setup.exe.
30
Loading...