Avaya Inc.
– Proprietary & Confidential.
Use pursuant to the terms of your signed agreement or Avaya policy.
4
avaya.com
1. Overview: Medical Device Authentication
using Identify Engines
This document provides the framework for implementing device level authentication controls.
Future documents will build on this as a base to further define pre-canned solutions that utilize
device level authentication.
1.1 Access Layer
Any of the following access layer switches that can be used with Ignition Server for device
authentication. However, only the ERS5500 or ERS5600 series can be used if User Access
Policies are also required allowing the RADIUS server to tell the switch what policy to apply for a
specific user or device.
ERS5500
ERS5600
ERS4500
ERS2400
1.2 Ignition Server
– Biomedical Device Authentication
For the Ignition Server to authenticate biomedical devices from an EAP authenticator, it must
know the device identity (typically the MAC address). In an existing network consisting of many
biomedical devices, most likely each device identity will not be known, thus making it very difficult
to authorize each device based solely on the full MAC address. Avaya
’s Ignition Server can be
configured for device authentication using just the prefix of the biomedical manufacturer’s vendor
MAC. In turn, the Ignition Server can keep a data base of the full MAC address of each device
once it is authenticated by the Ignition Server.
The following is a list of top biomedical manufacturers vendor MAC’s.
Prefix
Vendor
00095C
Philips Medical System
– Cardiac and Monitoring System
00251B
Philips CareServant
001865
Siemens Medical Solutions Diagnostics Manufacturing
(formerly Bayer Diagnostics Sudbury Ltd)
0030E6
Draeger Medical Systems, Inc. (was: SIEMENS MEDICAL SYSTEMS)
0003B1
Hospira Inc. (was: Abbott Laboratories)
001AFA
Welch Allyn, Inc.
