Tool for identification and evaluation of medical devices and other hospital assets
Client information:
University Hospital Plzeň
ID: 00669806
Implementation period
August 2024 – April 2025
Project value
34.6 million CZK
Project type
Cybersecurity
Client statement
„The implementation of the tool for identification and evaluation of medical devices represented a significant milestone in cybersecurity for our hospital. As one of the largest hospitals in the Czech Republic, we manage thousands of devices whose safe operation is critical for patient care.
The project was undoubtedly challenging on several levels:
- Technologically, we were introducing a completely new platform that had to be able to identify and monitor an extremely diverse spectrum of devices
- The process side required re-evaluation and adjustment of our established procedures for asset management, risk management and security incident response
- In terms of capacity, it meant significant workload for our key employees
We appreciate the professional approach of the supplier, who was able to flexibly respond to the specifics of our environment. The result is a functional solution that provides us with unprecedented insight into our devices and their security status.
Jakub Machka
Cybersecurity Manager, University Hospital Plzeň
Project goals
The goal of the project was to fundamentally increase the cybersecurity and resilience of University Hospital Plzeň against modern threats.
The project brought the hospital:
Complete overview of more than 1500 active devices in the network, including medical technology, servers and workstations
Immediate identification of risks and vulnerabilities that may threaten hospital operations or patient safety
Acceleration and simplification of IT and medical asset management through automated inventory and dynamic lists
Implementation of processes for prevention and resolution of security incidents in accordance with legislative requirements
5-year operational support that ensures long-term sustainability of the solution
Monitored devices
Operational support
Continuous monitoring
Project description
The project was implemented as a comprehensive turnkey contract including three main phases:
Analysis and solution design
Detailed survey of the hospital's ICT environment and design of architecture adapted to its specific needs. The goal was to cover not only IT infrastructure, but also operational technologies and medical devices.
Delivery and implementation
Installation and configuration of specialized sensors (appliances) and Claroty xDome security platform. The solution enables the hospital to:
- •Continuously monitor and automatically identify more than 1500 devices on the network
- •Visualize their communication and detect potential risks
- •Integrate asset management into existing processes
5-year support and development
The project ensures not only implementation, but also long-term service, updates and the possibility of developing the solution according to the hospital's future needs.
Technologies used
Claroty xDome (formerly Medigate)
- •Passive DPI traffic analysis
- •Device inventory and classification
- •Communication maps with risk detection
- •Integration with Cisco ISE, Active Directory
HW infrastructure
- •Dedicated Dell R640 appliances
- •Redundant power supply
- •Local sensors for hospital campuses
- •Cloud management in EU
Process integration
- •Asset management
- •Risk management
- •Vendor management
- •Incident response (MITRE ATT&CK ICS)