WiFi hotspots for large hospitals
A hospital group in Germany planned to set up WiFi hotspots for its 11 hospitals to provide their patients with free Internet access. After upgrading the bandwidth of the Internet connections in those hospitals, the existing solution was no longer sufficient - something new had to be found.
Customer requirements
The customer requested:
- easy integration into their existing IT infrastructure,
- central management of hotspots by their IT group,
- high WiFi throughput for best use of the new Internet connection,
- reliable WiFi coverage of large areas,
- load distribution between the access points for coping with large crowds,
- compliance with the EU-wide Data Protection Ordinance (»DSGVO«) and
- legal protection of the public hotspot in case of abuse.
Special legal requirements in the EU and Germany
The DSGVO introduced strict data protection requirements throughout the whole EU from May, 2018 on. For example, personal data (this even includes IP and MAC addresses!) may only be stored and processed under very specific conditions and strict requirements are placed on the integrity of the IT systems for processing the data.
Additionally, even after the third amendment of the German Telemedia Act (»Telemediengesetz«) at the end of 2017, there can be still liability claims of rights holders against providers of WiFi hotspots deployed in Germany. Prosecutors may also issue injunctions for technical measures that most conventional hotspot systems do not offer.
Solution for legal certainty
Our company developed a legally compliant Wireless Captive Portal using its own hard- and software, which has proven itself in thousands of cases over more than 12 years now and is constantly adapted to the current legal situation. To allow such adjustments, the exclusive use of Open Source Software (OSS) is required, which in fact means that only Linux or BSD Unix can be used as operating systems. Our solution prevents cost-intensive penalties for the hotspot provider, while avoiding common tricks such as forwarding data abroad via VPN into foreign countries, which considerably reduces the bandwidth of the Internet uplink.
Easy integration into the existing network with Omada EAPs and JetStream switches
PoE-capable Omada EAPs, VLAN-aware JetStream Smart Switches and the VLAN-capable hotspot gateway are used for easy integration of the hotspot system into the existing IT infrastructure. Features such as load balancing, bandwidth control and Quality of Service are essential functions for a WiFi installation with a large user base. What's more, Omada EAPs are easy to install, fit inconspicuously on the ceiling and thus perfectly into the ambience and can be easily managed centrally via the Omada Controller software.
Central management with Omada Controller
TP-Link's Omada Controller is used for the central administration of the EAPs such as configuration, monitoring, firmware updates and statistics, while the handling of the portal page and the logon of the users is realized by the WiFiGate gateway:
Cost-efficient solution with the Omada Enterprise EAPs
Omada EAP320 were chosen for high data throughput, reliable WLAN coverage, load balancing and AirTime fairness. The separation between the public hotspot for patients and a separate Internet access via WiFi for the employees of the clinics during their work breaks is realized via VLANs.
A separate management VLAN isolates the data flow for administrative tasks. The dual image memory for the firmware of the JetStream switches and the WiFiGate reduces downtime during firmware updates and - in case of the WiFiGate - offers an automatic fail-over if the firmware update is interrupted due to a power failure or operator error.
Conclusion
All these benefits and the excellent TP-Link support are what make the Omada series EAPs and JetStream switches the preferred devices in our WiFi hotspot installations.