Vital Sync™
Virtual Patient Monitoring Platform and Informatics Manager
Installation Instructions
Medtronic, Medtronic with rising man logo, and Medtronic logo are trademarks of Medtronic. Third-party trademarks (“TM*”) belong
to their respective owners. The following list includes trademarks or registered trademarks of a Medtronic entity in the United States
and/or in other countries.
BIS™, Capnostream™, INVOS™, Nellcor™, Newport™, OxiMax™, Puritan Bennett™, Vital Sync™
U.S. patents: www.medtronic.com/patents
Symbols
Federal law restricts this device to sale by or on the order of a physician
Consult instructions for use
Manufacturer
3
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.2 Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.3 Applicable Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.4 Safety Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.5 Obtaining Technical Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.6 Warranty Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.7 Licensing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.8 HIPAA Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2 Product and Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.2 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3 Installation Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.4 Upgrade Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.5 Security Requirements and Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3 Supporting Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.2 Operating System Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.3 Add IIS Role Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.4 Install Message Queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.5 Configure IIS to Use HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.6 Configure the IIS Application Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
3.7 Install the Database Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.8 Distributor Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
3.9 Enable Remote Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
4 Installing Software Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
4.2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
5 Additional Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
5.2 Database Agent Startup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
5.3 Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
5.4 Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
5.5 HTTPS and SSL Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
5.6 Distributed Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
5.7 Data Warehouse Cleansing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
5.8 Applet Manager Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
6 Connectivity to External Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
6.2 Vital Sync HL7 Reporter Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
6.3 Vital Sync ADT In Adapter Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
4
6.4 Vital Sync Alarm Reporter Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
6.5 LDAP Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
6.6 AD Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
6.7 Gateway Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
6.8 Multiparameter Monitor Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Figures
Figure 1. Server Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 2. IIS Add Roles and Features Wizard—Start Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Figure 3. IIS Add Roles and Features Wizard—Installation Type Page . . . . . . . . . . . . . . . . . . . . . 23
Figure 4. IIS Add Roles and Features Wizard—Destination Server Selection Page . . . . . . . . . . . 23
Figure 5. IIS Add Roles and Features Wizard—Select Server Roles Page . . . . . . . . . . . . . . . . . . 24
Figure 6. IIS Add Roles and Features Wizard—Add Required Features Page . . . . . . . . . . . . . . . 24
Figure 7. IIS Add Roles and Features Wizard—Select Features Page . . . . . . . . . . . . . . . . . . . . . . 25
Figure 8. IIS Add Roles and Features Wizard—Select Features Page (.NET Framework 4.6 fields
shown) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Figure 9. IIS Add Roles and Features Wizard—Web Server Role (IIS) Page . . . . . . . . . . . . . . . . . 26
Figure 10. IIS Add Roles and Features Wizard—Select Role Services Page (common HTTP and
health/diagnostics options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 11. IIS Add Roles and Features Wizard—Select Role Services Page (performance and security
options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 12. IIS Add Roles and Features Wizard—Select Role Services Page (application development
options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 13. IIS Add Roles and Features Wizard—Confirmation Page . . . . . . . . . . . . . . . . . . . . . . . 28
Figure 14. Internet Information Services (IIS) Manager (application pools shown) . . . . . . . . . . . . 29
Figure 15. Edit Application Pools (Advanced Settings dialog) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Figure 16. Application Pool Identity Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Figure 17. Set Credentials Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Figure 18. Microsoft™* SQL Server™* Installation Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Figure 19. Microsoft™* SQL Server™* Setup Wizard—Product Key . . . . . . . . . . . . . . . . . . . . . . . 32
Figure 20. Microsoft™* SQL Server™* Setup Wizard—License Terms . . . . . . . . . . . . . . . . . . . . . 33
Figure 21. Microsoft™* SQL Server™* Setup Wizard—Microsoft™* Update . . . . . . . . . . . . . . . . 34
Figure 22. Microsoft™* SQL Server™* Setup Wizard—Install Setup Files (details shown) . . . . . 34
Figure 23. Microsoft™* SQL Server™* Setup Wizard—Install Rules . . . . . . . . . . . . . . . . . . . . . . . 35
Figure 24. Microsoft™* SQL Server™* Setup Wizard—Feature Selection . . . . . . . . . . . . . . . . . . 36
Figure 25. Microsoft™* SQL Server™* Setup Wizard—Feature Rules . . . . . . . . . . . . . . . . . . . . . 36
Figure 26. Microsoft™* SQL Server™* Setup Wizard—Instance Configuration . . . . . . . . . . . . . . 37
Figure 27. Microsoft™* SQL Server™* Setup Wizard—Server Configuration . . . . . . . . . . . . . . . 38
Figure 28. Microsoft™* SQL Server™* Setup Wizard—Database Engine Configuration . . . . . . 38
Figure 29. Microsoft™* SQL Server™* Setup Wizard—Database Engine Configuration (administrator
added) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Figure 30. Microsoft™* SQL Server™* Setup Wizard—Feature Configuration Rules . . . . . . . . . 39
Figure 31. Microsoft™* SQL Server™* Setup Wizard—Ready to Install . . . . . . . . . . . . . . . . . . . . 40
Figure 32. Microsoft™* SQL Server™* Setup Wizard—Finish . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
5
Figure 33. Microsoft™* SQL Server™* Management Studio Object Explorer (server context
menu) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Figure 34. Database Server Properties Dialog (Memory page) . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Figure 35. Microsoft™* SQL Server™* Management Studio (Replication folder context
menu) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 36. Configure Distribution Wizard—Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 37. Configure Distribution Wizard—Distributor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 38. Configure Distribution Wizard—Snapshot Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 39. Configure Distribution Wizard—Distribution Database . . . . . . . . . . . . . . . . . . . . . . . . . 45
Figure 40. Configure Distribution Wizard—Publishers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Figure 41. Configure Distribution Wizard—Wizard Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Figure 42. Configure Distribution Wizard—Complete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Figure 43. Configure Distribution Wizard—Finish . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Figure 44. Microsoft™* SQL Server™* Management Studio Object Explorer (new database
shown) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Figure 45. Microsoft™* SQL Server™* Configuration Manager—SQL Server Browser Context
Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Figure 46. Microsoft™* SQL Server™* Configuration Manager—SQL Server Browser Properties
Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Figure 47. Microsoft™* SQL Server™* Configuration Manager—TCP/IP Properties Dialog . . . . 50
Figure 48. Microsoft™* SQL Server™* Configuration Manager—Named Pipes Properties
Dialog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Figure 49. Microsoft™* SQL Server™* Configuration Manager—Native Client 11.0 (32-Bit) Client
Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Figure 50. Microsoft™* SQL Server™* Configuration Manager—Native Client 11.0 Client
Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Figure 51. Microsoft™* SQL Server™* Configuration Manager—SQL Server Browser Start . . . 52
Figure 52. Microsoft™* SQL Server™* Configuration Manager—SQL Server Restart . . . . . . . . 53
Figure 53. Microsoft™* SQL Server™* Configuration Manager—SQL Server Agent Restart . . . 53
Figure 54. Informatics Installation Wizard—Welcome Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Figure 55. Informatics Installation Wizard—Feature License Information Page . . . . . . . . . . . . . . . 57
Figure 56. Informatics Installation Wizard—Destination Location Page . . . . . . . . . . . . . . . . . . . . . 58
Figure 57. Informatics Installation Wizard—Select Features Page . . . . . . . . . . . . . . . . . . . . . . . . . 58
Figure 58. Informatics Installation Wizard—Language Options Page . . . . . . . . . . . . . . . . . . . . . . . 59
Figure 59. Informatics Installation Wizard—Administrator Password Page . . . . . . . . . . . . . . . . . . 60
Figure 60. Informatics Installation Wizard—Nurse Station Account Creation Page . . . . . . . . . . . . 61
Figure 61. Informatics Installation Wizard—Bedside Monitoring Station Account Creation
Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure 62. Informatics Installation Wizard—Failover Log File Page . . . . . . . . . . . . . . . . . . . . . . . . 63
Figure 63. Informatics Installation Wizard—Primary (Informatics) Database Information Page . . 63
Figure 64. Informatics Installation Wizard—Primary (Informatics) Logon Information Page . . . . . 64
Figure 65. Informatics Installation Wizard—Database Overwrite Warning Dialog . . . . . . . . . . . . . 65
Figure 66. Informatics Installation Wizard—Replication (InformaticsDataWarehouse) and DataMart
Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
6
Figure 67. Informatics Installation Wizard—Replication (InformaticsDataWarehouse) and DataMart
Logon Information Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Figure 68. Informatics Installation Wizard—Enable Replication Page . . . . . . . . . . . . . . . . . . . . . . 67
Figure 69. Informatics Installation Wizard—Distribution Database Page . . . . . . . . . . . . . . . . . . . . 67
Figure 70. Informatics Installation Wizard—User Manual Location Page . . . . . . . . . . . . . . . . . . . . 68
Figure 71. Informatics Installation Wizard—Report Server URL Page . . . . . . . . . . . . . . . . . . . . . . 68
Figure 72. Informatics Installation Wizard—Alarm Reporter Email Settings Page . . . . . . . . . . . . . 69
Figure 73. Informatics Installation Wizard—Alarm Reporter SMS Settings Page . . . . . . . . . . . . . 70
Figure 74. Informatics Installation Wizard—Installation Summary Page . . . . . . . . . . . . . . . . . . . . 71
Figure 75. Informatics Installation Wizard—Previous Installation Dialog . . . . . . . . . . . . . . . . . . . . 71
Figure 76. Informatics Installation Wizard—Confirmation Page . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Figure 77. Informatics Installation Wizard—Data Collection Service Start Dialog . . . . . . . . . . . . . 72
Figure 78. Informatics Installation Wizard—Finish Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Figure 79. Microsoft™* SQL Server™* Management Studio (Informatics Replication publication
shown) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Figure 80. Microsoft™* SQL Server™* Management Studio—SQL Server Agent Start . . . . . . . 76
Figure 81. Microsoft™* SQL Server™* Management Studio (Job Activity Monitor icon
present) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Figure 82. Microsoft™* SQL Server™* Management Studio—Replication Monitor Launch . . . . 78
Figure 83. Replication Monitor Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Figure 84. Replication Monitor Screen (Agents Tab)—Snapshot Agent Start . . . . . . . . . . . . . . . . 79
Figure 85. Replication Monitor Screen (Agents Tab) (Snapshot Agent running) . . . . . . . . . . . . . . 79
Figure 86. New Subscription Wizard—Start Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Figure 87. New Subscription Wizard—Publication Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Figure 88. New Subscription Wizard—Distribution Agent Location Page . . . . . . . . . . . . . . . . . . . 86
Figure 89. New Subscription Wizard—Subscribers Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Figure 90. Connection Dialog (for Data Warehouse server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Figure 91. New Subscription Wizard—Distribution Agent Security Page . . . . . . . . . . . . . . . . . . . . 87
Figure 92. Distribution Agent Security Dialog (account fields) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Figure 93. New Subscription Wizard—Synchronization Schedule Page . . . . . . . . . . . . . . . . . . . . 89
Figure 94. New Subscription Wizard—Initialize Subscriptions Page . . . . . . . . . . . . . . . . . . . . . . . 89
Figure 95. New Subscription Wizard—Wizard Actions Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Figure 96. New Subscription Wizard—Confirmation Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Figure 97. New Subscription Wizard—Finish Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Figure 98. Microsoft™* SQL Server™* Management Studio Object Explorer (Data Warehouse report
server shown) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Figure 99. Replication Monitor Screen (Agents Tab) (Snapshot Agent shown) . . . . . . . . . . . . . . . 92
7
8
1 Introduction
1.1 Overview
This manual provides information on installation and setup of Vital Sync virtual patient monitoring
platform and informatics manager software components, as well as other software required for their
installation and use, including prerequisites, installation procedures, and configuration details.
Note: Before installation, carefully read this manual, any necessary system documentation, and
precautionary information and specifications
• Section 1.2, Conventions • Section 1.6, Warranty Information
• Section 1.3, Applicable Version • Section 1.7, Licensing Information
• Section 1.4, Safety Information • Section 1.8, HIPAA Disclaimer
• Section 1.5, Obtaining Technical Assistance
1.2 Conventions
Text and terminology conventions used in this manual include the following:
• Warnings alert users to potential serious outcomes (death, injury, or adverse events) to the patient,
user, or environment.
• Cautions alert users to exercise appropriate care for safe and effective use of the product.
• Notes provide additional guidelines or information.
• Button names, menu options, and field names generally appear in boldface text.
• The term “click” refers to the action activating buttons and menus in an application’s user interface.
If using a touchscreen monitor or mobile device, substitute “touch” for “click” where it appears in the
text.
• The terms “platform”, “components”, “software”, and “software components” generally refer to part
or all of the Vital Sync virtual patient monitoring platform, the Vital Sync informatics manager, or
both.
1.3 Applicable Version
This manual applies to installing version 3.0 of the Vital Sync virtual patient monitoring platform and
informatics manager. Version information for supporting software is indicated in other sections of this
manual.
1.4 Safety Information
This section contains generally applicable safety information for this product.
1.4.1 Warnings
• Warning: The Vital Sync Virtual Patient Monitoring Platform and Informatics Manager is intended
to supplement and not to replace any part of the facility’s monitoring. Do not rely on the Vital Sync
Virtual Patient Monitoring Platform and Informatics Manager as the sole source of alarms. In order
to assure a timely response to device alarms, a clinician (not necessarily the clinician viewing data
in the platform) must be within visual and/or audible range of the alarming device. In order to provide
medical intervention, a clinician must interact with the device at the bedside.
• Warning: The platform is intended only as an adjunct in patient assessment. It must be used in
conjunction with clinical signs and symptoms and periodic patient observations.
9
• Warning: The dedicated bedside display unit is designed for use in conjunction with the Vital Sync
Virtual Patient Monitoring Platform and Informatics Manager. Do not rely on the dedicated bedside
display unit as a primary source of alarms.
• Warning: Always follow the facility’s established patient safety protocols when using the Vital Sync
Virtual Patient Monitoring Platform and Informatics Manager.
• Warning: The alarm rule functionality within the software is intended to supplement and not replace
any part of the facility’s monitoring. Do not rely on the platform as the sole source of alarms.
• Warning: Alarm rules should adhere to facility policy, procedures, and alarm management
protocols. This alarm management protocol should address alarm safety and the potential impact
of alarm fatigue in all patient care areas within the facility.
• Warning: Alarm priority normalization and ranking functionality within the software is intended to
supplement and not replace any part of the facility’s monitoring. Do not rely on the platform as the
sole source of alarms.
• Warning: The default alarm priority is determined by the connected device, and cannot be changed
on the device itself. The same alarm condition may be reported with a different priority on different
device models. Carefully review the Alarm Normalization Report for default alarm priorities for each
connected device model.
• Warning: Alarm priorities in the software should not be set to be lower than those on the actual
device. Use caution if changing the priority of a device alarm in the software to a different level than
is indicated on the actual device, especially for devices that are life-sustaining.
• Warning: Alarms from connected devices should not be set as notifications in the platform,
especially for devices that are life-sustaining. Because notifications do not audibly annunciate,
setting an alarm as a notification may cause users to not respond or delay in responding to a
clinically significant event.
• Warning: Notifications from connected devices should not be set as alarms in the platform,
especially for events not requiring clinical intervention. Setting a notification as an alarm may create
nuisance audible alerts that are not clinically significant.
• Warning: If using audible alerts, ensure the sound volume of the PC or mobile device on which the
software is used is sufficient for alerts to be heard and recognized.
• Warning: It is possible for the platform’s audible alert tone to be confused with audible alarm tones
from connected devices when in close physical proximity. Users should carefully attend to all
audible indicators when within audible range of connected devices.
• Warning: When setting alarm rules and priorities in the software for any device, consult the
operator’s manual for the device in question for default priority levels of device alarms, and for a
description of each device alarm. Obtain a detailed understanding of the patient or device
conditions that trigger any alarm before creating an alarm rule or adjusting the alarm’s priority in the
software.
• Warning: Medtronic does not assume any responsibility for accuracy, reliability, or clinical
relevance of user-designed derived parameter algorithms.
1.4.2 Cautions
• Caution: Federal law restricts this device to sale by or on the order of a physician.
• Caution: Do not set alarm limits to extreme values that render the monitoring system useless.
Ensure alarm limits are appropriate for each patient.
• Caution: Connected devices report data to the platform periodically, not continuously. Because of
this, as well as delays caused by network bandwidth or hardware limitations or network loading, the
true duration of any device alarm will be longer than the delay set in this screen for that alarm.
Carefully consider these factors when choosing delay settings, and use the shortest delay settings
10
that are practical to reduce nuisance alarms, to avoid undue delay in response to events actually
requiring direct clinical intervention.
• Caution: Loss of patient privacy may occur if using the software on unsecured or unencrypted
networks. Always adhere to facility patient privacy practices and procedures to ensure security of
patient data on the facility’s network.
• Caution: For the most accurate interpretation of data and alerts from the Vital Sync software, the
intended user (operator) position is less than 4 meters from the display screen and audio speakers.
1.4.3 Notes
• Note: Some smartphones and tablets do not support the sounding of audible alerts from the
platform. Make sure to test audible alert capability.
• Note: Audible alerts only sound to indicate alarms on devices linked to patients. Audible alerts do
not sound for notifications.
• Note: The platform has been verified on systems using Microsoft™* Windows™* and
Windows™*-based software. User experience may vary with other operating systems and
hardware and software configurations.
1.5 Obtaining Technical Assistance
1.5.1 Technical Services
For technical information and assistance if unable to correct a problem while using the software, contact
a local Medtronic representative, or contact Medtronic Technical Services directly.
Medtronic Technical Services
15 Hampshire Street
Mansfield, MA 02048 USA
1 800 497 4968, or 1 925 463 4635, or contact a local Medtronic representative
HIMSupport@Medtronic.com
When calling Medtronic or a local Medtronic representative, provide the software version number, build
number, date of build, and GTIN (Global Trade Item Number), shown on the About screen.
1.5.2 Related Documents
Before installing, carefully read this manual as well as installation documentation for the supporting
software. This information is essential for understanding the installation process and information shown
during installation.
1.6 Warranty Information
The information contained in this document is subject to change without notice. Medtronic makes no
warranty of any kind with regard to this material, including, but not limited to, the implied warranties or
merchantability and fitness for a particular purpose. Medtronic shall not be liable for errors contained
herein or for incidental or consequential damages in connection with the furnishing, performance, or use
of this material.
1.7 Licensing Information
For more details regarding software licenses, refer to the following sections.
11
1.7.1 Vital Sync and Third Party Software
Licenses obtained from Medtronic for use of the Vital Sync virtual patient monitoring platform (including
the informatics manager) do not include licenses for any third party software, including software
identified elsewhere in this manual. (Refer to Section 2.2, Prerequisites, page 13; Section 2.2.2,
Recommended Configuration, page 14; Chapter 3; and Chapter 5.)
Users must obtain their own licenses for the downloading and use of such third party software.
1.7.2 Open Source Software Disclosure
This section identifies the open source software that may be separately called, executed, linked,
affiliated, or otherwise utilized by this Vital Sync software product.
Such open source software is licensed to users subject to the terms and conditions of the separate
software license agreement for such open source software.
Use of the open source software by users of the Vital Sync virtual patient monitoring platform and
informatics manager shall be governed entirely by the terms and conditions of such license.
Obtain the source or object code and applicable license for any open source software at the following
sites:
• NCalc—https://www.nuget.org/packages/ncalc/
• RestSharp—http://restsharp.org/
• Ninject—https://www.nuget.org/packages/Ninject/4.00-beta-0134
• NHibernate—http://nhibernate.info/
• NLog—https://www.nuget.org/packages/NLog/4.3.7
• Newtonsoft.Json—https://www.nuget.org/packages/Newtonsoft.Json/
• Swashbuckle Core—https://www.nuget.org/packages/Swashbuckle.Core/5.6.0
• D3—https://d3js.org/
• Spin.js—https://spin.js.org/
• Foundation—http://foundation.zurb.com
• JQuery—http://jquery.com
• JQuery blockUI—http://malsup.com/jquery/block/
• JQuery DateTimePicker—https://github.com/xdan/datetimepicker
• JQuery Tools—https://jquerytools.github.io/
• JQuery UI—http://jqueryui.com
• JQuery UI Touch Punch—http://touchpunch.furf.com
• JQuery Validation—https://jqueryvalidation.org/
• MvcPaging—https://www.nuget.org/packages/MvcPaging/
1.8 HIPAA Disclaimer
The Vital Sync Virtual Patient Monitoring Platform and Informatics Manager is a software application
used in conjunction with electronic medical devices within the customer’s secure health information
system. Healthcare providers using the software are expected to take appropriate security measures to
protect the confidentiality of all data created, stored or transmitted on their systems. See Section 2.5,
Security Requirements and Recommendations, page 17.
Although the software contains certain features to assist users in the users’ steps to protect their data,
Medtronic cannot provide any assurance that the user’s use of the software will comply with HIPAA
regulations or be otherwise in compliance with the customer’s obligations as a covered entity.
12
2 Product and Installation Overview
2.1 Overview
This chapter describes the requirements and general process for installation and configuration of
Vital Sync virtual patient monitoring platform and informatics manager software components, as well as
for supporting software.
• Section 2.2, Prerequisites • Section 2.4, Upgrade Installation
• Section 2.3, Installation Process • Section 2.5, Security Recommendations
2.2 Prerequisites
In order to install and use software components, the systems in question must meet certain hardware
and operating system requirements, and must also have other supporting software installed and
configured. Instructions for installation and setup of some supporting software are included in this
manual.
Note: To install software, administrative rights are required on the destination system or systems.
2.2.1 Minimum Requirements
See Table 1, Table 2, and Table 3 for minimum hardware and software requirements.
Table 1. Minimum Hardware Requirements (physical server)
Requirement Server with components installed Central monitoring station desk-
top
CPU 3.1 GHz, 8M cache, 5 GT/s QPI, 4
core
RAM 16 GB 4 GB
Hard drive capacity 500 GB 50 GB
External storage External tape or other customer-
sourced backup for data archive
Network 100/1000 Mbps Ethernet
Wireless network Bandwidth (Kbps) equal to 5.7X+270Y
(X=number of active devices; Y=number of active display devices)
Other hardware Uninterruptible power supply Touch-enabled display with
Table 2. Minimum Hardware Requirements (virtual machine)
Requirement Database server Web / data collector server
CPU 2.6 GHz 6 VCPU 2.6 GHz 6 VCPU
RAM 16 GB 8 GB
Hard drive capacity 580 GB (minimum 4 drives) 80 GB
External storage External tape or other customer-
sourced backup for data archive
Network 100/1000 Mbps Ethernet
Wireless network Bandwidth (Kbps) equal to 5.7X+270Y
1–1.65 GHz, dual core
None
1920×1080 resolution
Video card compatible with touchenabled display
Speakers (monitor-mounted or external)
None
13
Table 2. Minimum Hardware Requirements (virtual machine) (continued)
Requirement Database server Web / data collector server
(X=number of active devices; Y=number of active display devices)
Table 3. Minimum Software Requirements
Requirement Server with components installed Central monitoring station desk-
top
Operating system Microsoft™* Windows™* Server
2016 Standard with all current
updates
Database software Microsoft™* SQL Server™* 2016
Standard Edition with Service Pack 1
(required only on the server hosting
the database component)
Supporting software Microsoft™* Web Deploy 3.0
Internet Information Services (IIS) 8.0
Microsoft™* .NET Framework 4.6.2
Note: Specific deployments may have higher minimum requirements than those listed here. Consult
with the Medtronic Solution Delivery Team for more information.
Microsoft™* Windows™* 10 Professional (64-bit)
None
Microsoft™* Internet Explorer 11
Adobe™* Reader™* DC
2.2.2 Recommended Configuration
Note: While all components can be installed on a single system, Medtronic recommends that the
Informatics Web and Database components should be installed on separate systems, especially if a
large number of users will be accessing and using the software, or if a large number of patients and
devices will be connected and monitored.
Note: The Data Collection Service, Applet Manager Service (if used), and Informatics Web
components should be installed on a server separate from the Database component, so that
resource-intensive functions requiring database access (such as reporting) will not interfere with
ongoing clinical operations. Refer to Section 5.6, Distributed Deployment, page 83 for more
information.
See Table 4 for recommended software.
Table 4. Recommended Software
Requirement Servers with components instal-
led
Operating system Microsoft™* Windows™* Server
2019 Standard with all current
updates
Database software Microsoft™* SQL Server™* 2019
Standard Edition with all current
updates (required only on the server
hosting the database component)
Supporting software Microsoft™* Web Deploy 3.0
Internet Information Services (IIS)
10.0
Microsoft™* .NET Framework 4.6.2
Central monitoring station desktop
Microsoft™* Windows™* 10 Professional (64-bit)
None
Microsoft™* Edge™* (version 89) or
Google™* Chrome™* (version 89)
Adobe™* Reader™* DC
14
For best results when using Web browsers to access the software and perform program functions,
ensure that the display resolution is set to at least 1024 x 768 (1920 x 1080 for a central monitoring
station).
Note: To maximize performance, and for best connectivity with remote devices, Medtronic
recommends that the Vital Sync virtual patient monitoring platform and informatics manager, its
necessary supporting software, and related applications (such as the Vital Sync early warning score
application) should be the only applications running on the systems on which they are installed.
Note: Some smartphones and tablets do not support the sounding of audible alerts from the platform.
Make sure to test audible alert capability.
2.2.3 Device-Specific Configuration
Facilities using compatible Welch Allyn™* multiparameter monitors use Welch Allyn™* Network
Connectivity Engine™* software to enable communication with the Vital Sync software.
The Welch Allyn™* software requires a physical server deployment. See Table 5 for details.
Table 5. Welch Allyn™* Server Requirements
Requirement Details
CPU 3.1 GHz, 4 core
RAM 8 GB
Hard drive capacity 100 GB (after installation of gateway software)
Network 1000 Mbps Ethernet
Operating system Microsoft™* Windows™* Server 2012 R2 Stand-
ard (x64)
Supporting software Welch Allyn™* CDIS-NCE Gateway suite
2.3 Installation Process
Note: Licenses obtained from Medtronic for installation and use of the Vital Sync virtual patient
monitoring platform (including the informatics manager) do not include licenses for any third party
software identified in this chapter. Users must obtain their own licenses for the downloading and use of
such third party software.
For a first-time installation of the software, the process includes the following steps:
• Ensure applicable supported updates for Microsoft™* Windows™* Server have been downloaded
and installed, as described in the release notes.
• Add IIS role services and (if necessary) message queuing. Refer to Section 3.3, Add IIS Role
Services, page 21 and Section 3.4, Install Message Queuing, page 28.
• Configure IIS to use HTTPS, and configure the default IIS application pool. Refer to Section 3.5,
Configure IIS to Use HTTPS, page 29 and Section 3.6, Configure the IIS Application Pool,
page 29.
• Install and configure Microsoft™* SQL Server™*. Refer to Section 3.7, Install the Database Server,
page 31 and Section 3.8, Distributor Configuration, page 42. Versions of the software from 2016
and later do not include Microsoft™* SQL Server™* Management Tools in the same installer
package; if needed, install these separately.
• Set up database connectivity for remote users. Refer to Section 3.9, Enable Remote Connection,
page 48.
• Install Vital Sync software components. Refer to Chapter 4.
15
• If needed to enable HL7 message and/or alarm message availability for external systems, configure
the Vital Sync HL7 Reporter Service, Vital Sync ADT In Adapter Service, and Vital Sync Alarm
Reporter Service. Refer to Chapter 6.
• If needed, perform LDAP and active directory server integration. Refer to Section 6.5, LDAP
Integration, page 103 and Section 6.6, AD Integration, page 104.
• If using a Lantronix™* gateway with the Vital Sync software, enable and configure unique device
identification. Refer to Section 6.7, Gateway Configuration, page 105.
• Start database agents running to fully enable replication. Refer to Section 5.2, Database Agent
Startup, page 75.
• Confirm that firewall ports are properly configured to allow the software to communicate with the
network and with devices to be monitored. Refer to Section 5.3, Firewall Configuration, page 80.
• Perform date and time synchronization on all systems. Refer to Section 5.4, Time Synchronization,
page 81.
• If needed, configure reporting to connect to the Data Warehouse server. Refer to Section 5.6.3,
Reporting Configuration, page 83.
• For a multi-system deployment, perform additional configuration procedures as needed. For an
example of such a deployment, refer to Section 5.6, Distributed Deployment, page 83.
• If using a central monitoring station or Welch Allyn™* multiparameter monitors, perform appropriate
hardware setup. Consult with the Medtronic Solution Delivery Team for assistance.
During setup and installation, confirm that appropriate steps are taken to ensure cybersecurity. See
Section 2.5 for more information, or consult with facility IT personnel or the Medtronic Solution Delivery
Team for assistance.
2.4 Upgrade Installation
To upgrade from a previous version of the Vital Sync virtual patient monitoring platform and informatics
manager, the process includes the following steps:
• Before installing any software, make backups of all application database files created with the
previous installation of the software, and save the backups in a safe location. The backup process
prevents data loss in the event that problems occur during installation of the current version of the
software.
• Ensure supporting software is already installed on all systems to be used with the upgraded version,
as described in Chapter 3. Additional installation of supporting software should not be necessary
unless the deployment configuration has changed from that used for the previous version of the
software.
• Install Vital Sync software components. Refer to Chapter 4.
• If needed, perform additional configuration procedures as described in Chapter 5 and Chapter 6.
Additional steps necessary will vary depending on deployment.
During setup and installation, confirm that appropriate steps are taken to ensure cybersecurity. See
Section 2.5 for more information, or consult with facility IT personnel or the Medtronic Solution Delivery
Team for assistance.
For upgrades to existing installations of the Vital Sync virtual patient monitoring platform and informatics
manager, supported upgrade paths directly to version 3.0 depend on the version of Microsoft™*
Windows™* Server that is in use. See Table 6.
16
Table 6. Supported Software Upgrade Paths
Platform installation Upgrade path
(Windows™* Server 2016)
v2.6.4 (including patches) v2.6.4 to v3.0.0
v2.7.0 v2.7.0 to v3.0.0
v2.8.0 v2.8.0 to v3.0.0
v2.9.0 v2.9.0 to v3.0.0
v2.10.0 v2.10.0 to v3.0.0
• Note: Upgrade paths apply to single-PC and distributed (four-PC) installations.
• Note: Windows™* Server 2019 is not supported for use with versions of the platform previous to
v3.0.0. Upgrading to Windows™* Server 2019 will require an upgrade of the Vital Sync software to
v3.0.0.
• Note: If upgrading from v2.5.x, to avoid potential database problems, first upgrade to v2.6.4, then
upgrade to v3.0.0.
• Note: If upgrading from a version of the software previous to v2.5.x, uninstall the older version
before installing the current version. Consult the Medtronic Solution Delivery Team for more
information.
• Note: Vital Sync RSS installations are not supported in v3.0.0, and will not be upgraded.
(Windows™* Server 2019)
Not applicable (not implemented
on Windows™* Server 2019)
Upgrade path
2.5 Security Requirements and Recommendations
Cybersecurity risks from using the Vital Sync software have been addressed using a combination of
application logic, installation configuration, and particular software and hardware settings. However,
using the Vital Sync software does carry some residual risk.
The potential adverse events associated with the residual cybersecurity risks in the Vital Sync software
include, but are not limited to, the following:
1. Delay of treatment due to loss of Vital Sync software availability or Vital Sync software data
integrity
2. Misdiagnosis due to loss of Vital Sync software data integrity
3. Loss of patient privacy
2.5.1 Required Actions
The following actions are required during installation and software configuration to reduce cybersecurity
risks to an acceptable and controlled level:
1. Configure Microsoft™* Windows™* Server to disable weak ciphers. For details, see the following
document:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protoc
ols-in-ad-fs
2. Configure Microsoft™* Windows™* Server to enforce NLA authentication for RDP, to reduce the
possibility of exploiting the RDP protocol.
3. Configure Microsoft™* Windows™* Server to disable TCP global timestamps on Vital Sync
servers.
4. Configure Internet Information Services (IIS) to disable the default IIS home page.
5. Configure IIS to prevent cross-site-scripting attacks.
6. After installation, disable unused Data Collection Service protocol handler listeners to limit the
number of open ports.
17
7. Disable password caching for browsers used to access the Vital Sync software.
8. Configure Microsoft™* SQL Server™* to enable TDE encryption of the MDF file.
9. Disable TLS 1.0 and 1.1, and use TLS 1.2 instead, to protect communication to and from
Microsoft™* SQL Server™*.
10. Configure Microsoft™* SQL Server™* to use a signed certificate for encryption, and configure
client servers to trust the signed certificate.
11. Configure IIS to require SSL using signed certificates, to force clients to connect using HTTPS.
Utilize TLS 1.2, and disable weaker encryption protocols and ciphers.
12. Encrypt Vital Sync service and IIS application configuration files (including connection string files)
to prevent unauthorized viewing or modification.
13. Configure the Vital Sync client to always use HTTPS to connect to the InformaticsWeb application.
See Section 5.5.
Consult with the Medtronic Solution Delivery Team and with facility IT personnel for assistance.
2.5.2 Recommended Actions
Medtronic recommends additional practices and procedures to reduce cybersecurity risks to an
acceptable and controlled level. Consult with the Medtronic Solution Delivery Team and with facility IT
personnel for assistance.
2.5.2.1 Network Configuration
• All medical devices should exist on the same domain.
• Use whitelisting with regard to communication controls across the facility network. Use blacklisting
to block unwanted sites.
• Wireless communication should be encrypted where possible.
• Analysis of the overall security configuration of the network should be current.
• Use appropriate third party software to monitor the facility network for suspicious or unauthorized
use.
2.5.2.2 Vital Sync Servers and Operating Systems
• The user is responsible for maintaining the operating system software with all current patches and
upgrades. Medtronic recommends that the operating system server is appropriately configured to
optimize cybersecurity.
• The user is responsible for maintaining certain other software components with all current patches
and upgrades. Medtronic recommends that these components are appropriately configured to
optimize cybersecurity.
• If possible, control physical access to the Vital Sync servers and hard drives at the facility.
• Deploy antivirus software on Vital Sync servers.
• Deploy firewall software and configure it to only accept connections from a specific list of IP
addresses on Vital Sync servers to specific ports.
• Use appropriate third party security products designed to monitor files or folders for access and
modifications and alert security personnel if warranted.
• Make critical BIOS updates according to server vendor hardware and security patch
recommendations.
• Change BIOS and system configuration to disable USB ports on systems where the Vital Sync
software is installed.
• Configure operating systems on servers to limit user access to the operating system control panel.
• Enable SSH or TLS tunneling.
18
• Configure Windows™* Remote Desktop Connection to use TLS 1.2 encryption.
• Disable SMB version 1. Enable SMB signing to reduce the possibility of exploiting the SMB
protocol.
• Use file structure or disk encryption to protect files on Vital Sync servers.
• Service accounts should use the domain account that is given access to the service, and should not
have an administrative role, in order to prevent service dumps containing sensitive information.
• Configure user accounts to lock after multiple subsequent failed login attempts, to prevent brute
force attacks.
• Utilize active directory authentication and authorization.
• Do not configure Web browsers to automatically save authentication credentials.
• Disable web page caching in Web browsers used to access the Vital Sync software.
2.5.2.3 Platform Installer
For security considerations related to the installer, see Section 4.2.2, Security Considerations,
page 55. Other recommendations are included within the installation procedure.
2.5.2.4 Database Server Software
• The user is responsible for maintaining the Microsoft™* SQL Server™* software with all current
patches and upgrades. Medtronic recommends that servers on which Microsoft™* SQL Server™*
is installed are appropriately configured to optimize cybersecurity.
• Create and use a new custom account to connect to the database, instead of using the default
network service role.
• If possible, use Windows™* authentication instead of mixed mode authentication for Microsoft™*
SQL Server™*. For example terminology, see the following document:
https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/authentication-in-sql-server
• Encrypt physical database files using TDE to protect data at rest.
2.5.2.5 Vital Sync Services, IIS Applications, and Device Configuration
• Install the Data Collection, Alarm Reporter, and Applet Manager services on the system where
MSMQ is configured.
• Configure MSMQ per active directory user account. It is possible to configure and limit the Data
Collection, Applet Manager, and Alarm Reporter services with a Microsoft™* Windows™* domains
account with permissions for the MSMQ system. The Data Collection and Applet Manager services
should have write permissions; the Alarm Reporter service should have read permission.
• Deploy ECDHE or use a 2048-bit or stronger Diffie-Hellman group.
• Configure IIS to use HTTPS. See Section 3.5.
• Configure IIS to send the Strict-Transport-Security response header with value
“max-age=31536000;”.
• Configure HTTP response headers to nosniff for X-Content-Type-Options in the IIS Admin
Console.
• Configure IIS to disable the X-Powered-By and X-AspNet-Version headers.
• During platform installation, set the Alarm Reporter email plugin to use SSL to encrypt
communications between the Alarm Reporter and the external SMTP server. (If using SSL, also
configure the operating system to use TLS 1.2.)
• Configure the ADT In Adapter Service to only accept connections from a single, specific IP address.
(It will then reject connections from any other IP address.)
19
• Data Collection Service raw protocol handler data file logging is disabled by default. This function
should only be enabled temporarily if needed for debugging purposes.
• Configure the DeviceData and InformaticsWeb applications to use HTTPS. See Section 5.5.
• The Device Data Service only needs to be running during Vital Sync software installation. It can be
stopped when installation is complete.
• Vital Sync software users should follow secure password guidelines when creating passwords, to
reduce the likelihood of a brute force attack guessing a password.
• Configure any device that does not show its serial number by default in the Vital Sync software to use
an inventory tag, to reduce visibility of that device’s IP address in the platform user interface. See the
reference manual for more information.
20
3 Supporting Software
3.1 Overview
This chapter provides details on installing and configuring supporting software required before installing
Vital Sync virtual patient monitoring platform and informatics manager software components.
• Note: Licenses obtained from Medtronic for installation and use of the Vital Sync virtual patient
monitoring platform (including the informatics manager) do not include licenses for any third party
software identified in this chapter. Users must obtain their own licenses for the downloading and use
of such third party software.
• Note: To install and configure software, administrative rights are required on destination systems.
• Note: Setup and configuration procedures in this chapter are to support the Vital Sync virtual patient
monitoring platform and informatics manager software.
The primary task is the installation of Microsoft™* SQL Server™* on the system where certain specific
Vital Sync software components will reside.
At certain points, the following steps are also required to allow systems and software components to
communicate and properly exchange information:
• Adding Microsoft™* Windows™* Server Internet Information Services (IIS) roles and configuring
the default application
• Configuring the database servers to allow replication
• Enabling remote connection to the database servers
• Section 3.2, Operating System Updates
• Section 3.3, Add IIS Role Services • Section 3.7, Install the Database Server
• Section 3.4, Install Message Queuing • Section 3.8, Distributor Configuration
• Section 3.5, Configure IIS to use HTTPS • Section 3.9, Enable Remote Connection
• Section 3.6, Configure the IIS Application Pool
3.2 Operating System Updates
Before performing any procedures detailed in this manual, ensure supported Microsoft™* Windows™*
service packs and updates have been downloaded to and installed on the affected system or systems.
Reference the release notes for this version of the software for more information.
3.3 Add IIS Role Services
After ensuring that supported operating system updates and service packs are installed, add IIS role
services.
The Add Roles wizard shows a series of screens for selection of options. If changes are required to
selections already made, click Back to go back to the previous screen, then make the change.
In any screen, if needed, click Cancel to stop configuration and exit the wizard.
Note: Add IIS role services to the same system where the Data Collection Service and Informatics Web
components are to be installed. (Refer to Section 5.6, Distributed Deployment, page 83 for details on
installation in a distributed environment.)
Note: This manual shows screen captures for adding IIS role services using version 10.0 of IIS. Version
8.0 of IIS is also supported. The procedure does not differ significantly between the two versions. If
encountering problems during or after adding IIS role services, contact the Medtronic Solution Delivery
Team.
To add IIS role services:
21
1. From the Start menu, select Administrative Tools.
2. Open the Server Manager. Figure 1. Server Manager
3. In the Dashboard pane, click on Add Roles and Features to start the Add Roles and Features
wizard.
Figure 2. IIS Add Roles and Features Wizard—Start Page
4. Verify that tasks listed on the page have been completed, then click Next to access the Installation
Type page.
22
Figure 3. IIS Add Roles and Features Wizard—Installation Type Page
5. Click the Role-based or feature-based installation radio button if it is not already selected.
6. Click Next to access the Destination Server Selection page. Figure 4. IIS Add Roles and Features Wizard—Destination Server Selection Page
7. Click the Select a server from the server pool radio button if it is not already selected.
8. In the Server Pool pane, find the desired server and click on it to select it.
9. Click Next to access the Select Server Roles page.
23
Figure 5. IIS Add Roles and Features Wizard—Select Server Roles Page
10. Check the Web Server (IIS) check box, then click Next to access the Add Required Features
page.
Figure 6. IIS Add Roles and Features Wizard—Add Required Features Page
11. Ensure that the Include management tools check box is checked, then click Add Features to
access the Select Features page.
24
Figure 7. IIS Add Roles and Features Wizard—Select Features Page
12. Click the triangle next to the .NET Framework 4.6 Features check box to show available options
Figure 8. IIS Add Roles and Features Wizard—Select Features Page (.NET Framework 4.6 fields
shown)
13. Click the triangle next to the WCF Services check box to show available options.
14. Make selections as shown in Figure 8, then click Next to access the Web Server Role (IIS) page.
25
Figure 9. IIS Add Roles and Features Wizard—Web Server Role (IIS) Page
15. If needed, review the text on the page, then click Next to access the Select Role Services page.
Figure 10. IIS Add Roles and Features Wizard—Select Role Services Page (common HTTP and
health/diagnostics options)
16. Make selections in the role services fields as shown in Figure 10, then scroll down in the pane.
26
Figure 11. IIS Add Roles and Features Wizard—Select Role Services Page (performance and security options)
17. Make selections in the role services fields as shown in Figure 11, then scroll down in the pane.
Figure 12. IIS Add Roles and Features Wizard—Select Role Services Page (application
development options)
18. Make additional selections in the role services fields as shown in Figure 12, page 27, then click
Next to access the confirmation page.
27
Figure 13. IIS Add Roles and Features Wizard—Confirmation Page
19. If desired, scroll down to view installation selections, then click Install. (Click Cancel to stop
installation.)
20. The results screen indicates whether the installation was successful, and lists role services
installed. If desired, click the Print, e-mail, or save link to print, email or save the installation
report, then click Close to exit the wizard.
Note: If installation is unsuccessful, problems that occurred will be shown in the results screen. Resolve
the problems and repeat the procedure for adding IIS role services before continuing with the other
procedures in this chapter.
3.4 Install Message Queuing
After adding IIS role services, add the Microsoft™* Message Queuing feature. For details on
installation, reference the technical document Installing and Managing Message Queuing, available
online at the following URL:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-20
08/cc771474(v=ws.11)
• Note: Installing message queuing is only necessary if configuring the Vital Sync Alarms Reporter
Service. See Section 6.4.3, MSMQ Queue Configuration, page 99 for details.
• Note: Install message queuing on the same systems where IIS role services were just added. (Refer
to Section 5.6, Distributed Deployment, page 83 for details on installation in a distributed
environment.)
• Note: Install the Data Collection, Alarm Reporter, and Applet Manager services on the system
where MSMQ is configured.
• Note: Configure MSMQ per active directory user account. It is possible to configure and limit the
Data Collection, Applet Manager, and Alarm Reporter services with a Microsoft™* Windows™*
domains account with permissions for the MSMQ system. The Data Collection and Applet Manager
services should have write permissions; the Alarm Reporter service should have read permission.
28
3.5 Configure IIS to Use HTTPS
After adding IIS role services, configure IIS to use HTTPS. For details, reference the technical document
How To Set Up an HTTPS Service in IIS, available online at the following URL:
https://support.microsoft.com/en-us/help/324069/how-to-set-up-an-https-service-in-iis
Other configuration to enable use of HTTPS and SSL is also required. See Section 5.5.
3.6 Configure the IIS Application Pool
After adding IIS role services, update the default Microsoft™* Windows™* Server Internet Information
Services (IIS) application pool to ensure that the Informatics Web component (when installed) will have
appropriate authority to run reports.
Note: Configure the IIS application pool on the same systems where IIS role services are installed.
Note: This manual shows screen captures for application pool configuration using version 10.0 of IIS.
Version 8.0 of IIS is also supported. The procedure does not differ significantly between the two
versions. If encountering problems during or after configuration, contact the Medtronic Solution
Delivery Team.
To configure the IIS application pool:
1. Open the IIS Manager. Figure 14. Internet Information Services (IIS) Manager (application pools shown)
2. Click Application Pools in the far left pane.
3. Click on DefaultAppPool to select it, then click Advanced Settings under Edit Application
Pool in the far right pane to open the Advanced Settings dialog.
29
Figure 15. Edit Application Pools (Advanced Settings dialog)
4. In the Identity field, click the ... button to open the Application Pool Identity dialog. Figure 16. Application Pool Identity Dialog
5. Click the Custom account radio button, then click Set to open the Set Credentials dialog. Figure 17. Set Credentials Dialog
6. User name—Enter the user name for an appropriate administrative user with authority to run
reports. Often, the same user will also be set up as the administrator when Microsoft™* SQL
Server™* is installed. Refer to Section 3.7, Install the Database Server, page 31.
7. Password—Enter the password for the specified administrative user.
8. Confirm password—Enter the password just entered in the Password field.
9. Click OK to save and return to the Application Pool Identity dialog.
10. Click OK to save application pool identity settings and return to the Advanced Settings dialog.
11. Click OK to save advanced settings for the default application pool and return to the IIS Manager.
12. Exit the IIS Manager.
30