Fujifilm Synapse

1 Introduction

Synapse is Fujifilm’s Picture Archiving and Communication System (PACS). It allows filmless diagnosis with high quality image processing. Synapse allows the archiving and distribution of vast amounts of image information from all modalities, managing it with a single system.

Such a powerful tool requires reliable and powerful support. The KEMP LoadMaster delivers an exceptional, cost-effective and easy to use solution which, by employing Adaptive Load Balancing, balances requests across Synapse. Synapse consists of the following servers:

Database Server

Windows Internet Information Server (IIS)

Storage Server

Digital Imaging and Communications in Medicine (DICOM) Server

Hospital Information System (HIS) Server

When deployed as a pair, two LoadMasters give the security of High Availability (HA). HA allows two physical or virtual machines to become one logical device. Only one of these units is ever handling traffic at any particular moment. One unit is active and the other is a hot standby (passive). This provides redundancy and resiliency, meaning if one LoadMaster goes down for any reason, the hot standby can become active, therefore avoiding any downtime.

1.1 Document Purpose

This document is intended to provide guidance on how to deploy Synapse with a KEMP LoadMaster. The KEMP Support Team is available to provide solutions for scenarios not explicitly defined.

1.2 Intended Audience

This document is intended to be used by anyone deploying Synapse with a KEMP LoadMaster.

2 Template

KEMP has developed a template containing our recommended settings for this workload. You can install this template to help when creating Virtual Services, as it automatically populates the settings. This is quicker and easier than manually configuring each Virtual Service. If needed, changes can be made to any of the Virtual Service settings after using the template.

Download released templates from the Templates section on the KEMP documentation page: http://kemptechnologies.com/documentation.

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description on the KEMP Documentation Page.

For steps on how to manually add and configure each of the Virtual Services using the recommended settings, refer to the steps in this document.

3 Enable Subnet Originating Requests Globally

It is best practice to enable the Subnet Originating Requests option globally.

In a one-armed setup (where the Virtual Service and Real Servers are on the same network/subnet) Subnet Originating Requests is usually not needed. However, enabling Subnet Originating Requests should not affect the routing in a one-armed setup.

In a two-armed setup where the Virtual Service is on network/subnet A, for example, and the Real Servers are on network B - Subnet Originating Requests should be enabled on LoadMasters with firmware version 7.1-16 and above.

When Subnet Originating Requests is enabled, the LoadMaster will route traffic so that the Real Server will see traffic arriving from the LoadMaster interface that is in that network/subnet not the Virtual Service address.

When Subnet Originating Requests is enabled globally, it is automatically enabled on all Virtual Services. If the Subnet Originating Requests option is disabled globally, you can choose whether or not to enable Subnet Originating Requests on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to System Configuration > Miscellaneous Options > Network Options.

SCMONO002.png

2. Tick the Subnet Originating Requests check box.

4 Synapse Virtual Services Configuration

The KEMP LoadMaster uses Adaptive Agent Load Balancing to distribute the various requests received. The LoadMaster recognizes that requests received on different ports are different types of requests.

Refer to the following sections for step-by-step instructions on creating and configuring Fujifilm Synapse Virtual Services.

4.1 Create Fujifilm Synapse Virtual Services

When deploying Fujifilm Synapse, three Virtual Services must be configured.

4.1.1 Configure the Synapse HTTP Virtual Service

The following are the steps involved and the values required to set up the first of the Fujifilm Synapse Virtual Services:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add New.

Configure the Synapse HTTP.png

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 80 in the Port text box.

HTTP requests received on Port 80 and external (HTTPS) requests on Port 443 are distributed to their most available server in the same adaptive manner.

4. Enter a recognizable Service Name, for example Synapse HTTP.

5. Ensure tcp is selected as the Protocol.

6. Click Add this Virtual Service.

7. Expand the Standard Options section.

Configure the Synapse HTTP_1.png

8. Deselect the Transparency check box.

9. Select the Subnet Originating Requests check box.

10. Select Source IP Address from the Mode drop-down list.

11. Select 1 Hour from the Timeout drop-down list.

12. Select resource based (adaptive) from the Scheduling Method drop-down list.

13. Expand the Advanced Properties section.

VSVSAP003.png

14. Select None from the Add HTTP Headers drop-down list.

15. Expand the Real Servers section.

Configure the Synapse HTTP_3.png

16. Ensure the HTTP Protocol is selected and HEAD is selected from the HTTP Method drop down list.

Configure the Synapse HTTP_4.png

17. Add the Real Servers:

18. Click the Add New button.

19. Enter the Real Server Address.

This is the address of the backend server.

20. Enter 80 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These can be changed by an administrator.

21. Click Add this Real Server. Click OK to the pop-up message.

22. Repeat the steps above to add more Real Servers as needed, based on the environment.

4.1.2 Configure the Synapse DICOM Virtual Service

1. The following are the steps involved and the values required to set up the second of the Fujifilm Synapse Virtual Services:

2. In the LoadMaster Web User Interface (WUI) main menu, go to Virtual Services > Add New.

Configure the Synapse DICOM.png

3. Enter the same IP address in the Virtual Address text box as you did when setting up the Synapse HTTP Virtual Service in the Configure the Synapse HTTP Virtual Service section.

4. Enter 104 in the Port text box.

TCP connections on port 104 are recognized as DICOM requests and are forwarded to the DICOM server which the LoadMaster determines is the most available based on processor and memory utilization.

5. Enter a recognizable Service Name, for example Synapse DICOM.

6. Ensure TCP is selected as the Protocol.

7. Click Add this Virtual Service.

Configure the Synapse DICOM_1.png

8. Select HTTP/HTTPS as the Service Type.

9. Expand the Standard Options section.

Configure the Synapse DICOM_2.png

10. Ensure Transparency is deselected.

11. Select the Subnet Originating Requests check box.

12. Select Source IP Address from the Mode drop-down list.

13. Select 1 Hour from the Timeout drop-down list.

14. Select resource based (adaptive) from the Scheduling Method drop-down list.

15. Expand the Advanced Properties section.

VSVSAP003.png

16. Select None from the Add HTTP Headers drop-down list.

17. Expand the Real Servers section.

Configure the Synapse DICOM_4.png

18. Ensure TCP Connection Only is selected from the Real Server Check Parameters drop down list.

Configure the Synapse DICOM_5.png

19. Add the Real Servers:

20. Click the Add New button.

21. Enter the Real Server Address.

This is the address of the backend server.

22. Enter 104 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These can be changed by an administrator.

23. Click Add this Real Server. Click OK to the pop-up message.

24. Repeat the steps above to add more Real Servers as needed, based on the environment.

4.1.3 Configure the Synapse External Virtual Service

1. The following are the steps involved and the values required to set up the third Fujifilm Synapse Virtual Service:

2. In the LoadMaster Web User Interface (WUI) main menu, go to Virtual Services > Add New.

Configure the Synapse External.png

3. Enter the same IP address in the Virtual Address text box as you did when setting up the Synapse HTTP and Synapse DICOM Virtual Services.

4. Enter 443 in the Port text box.

HTTP requests received on Port 80 and external (HTTPS) requests on Port 443 are distributed to their most available server in the same adaptive manner.

5. Enter a recognizable Service Name, for example Synapse External.

6. Ensure TCP is selected as the Protocol.

7. Click Add this Virtual Service.

8. Expand the SSL Properties section.

Configure the Synapse External_1.png

9. Select the Enabled check box.  Click OK to the pop-up that appears.

10. Select the Reencrypt check box.

11. Ensure the Support TLS Only check box is selected.

12. Ensure the Require SNI hostname check box is not selected.

13. Ensure No Client Certificates required is selected from the Client Certificates drop down list.

14. Expand the Standard Options section.

Configure the Synapse External_2.png

15. Select the Subnet Originating Requests check box.

16. Select Source IP Address from the Mode drop-down list.

17. Select 1 Hour from the Timeout drop-down list.

18. Select resource based (adaptive) from the Scheduling Method drop-down list.

19. Expand the Advanced Properties section.

VSVSAP011.png

20. Select None in the Add HTTP Headers drop-down list.

21. Expand the Real Servers section.

Configure the Synapse External_4.png

22. Select HTTPS Protocol from the drop-down list.

Configure the Synapse External_5.png

23. Add the Real Servers:

24. Click the Add New button.

25. Enter the Real Server Address.

This is the address of the backend server.

26. Enter 443 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These can be changed by an administrator.

27. Click Add this Real Server. Click OK to the pop-up message.

28. Repeat the steps above to add more Real Servers as needed, based on the environment.

5 Adaptive Agent Configuration

The configuration of Adaptive Agent is based on the requirements of the actual hardware and Operating System on which Synapse is running.

For more information and step by step instructions on installing and setting up Adaptive Agent please use the following links:

Install Adaptive Agent (Windows), Technical Note: https://support.kemptechnologies.com/hc/en-us/articles/203126529-Install-Adaptive-Agent

LoadMaster Adaptive Agent for Microsoft Windows: https://support.kemptechnologies.com/hc/en-us/articles/202375687-LoadMaster-Adaptive-Agent-for-Microsoft-Windows

6 Health Checking

By sending KEMP heartbeat checks, the LoadMaster periodically ensures that each of the servers in a deployment is still running.  As part of the KEMP heartbeat checks, on port 104 the LoadMaster opens a TCP connection to determine if the DICOM server on the Synapse server is still responding.

The LoadMaster does not currently support DICOM Echo health checking.

The LoadMaster can also be configured to test the IIS service. The LoadMaster performs a check over HTTP to the web server. A particular URL to be reached is identified and a value (for example, DB-OK) set for LoadMaster to find. The LoadMaster calls the URL to determine if the database server is running successfully. If it is, the webpage returns a message containing the value.  If not, an error message is returned. The LoadMaster can recognize this and looks for this value in every health check it performs.

7 Additional Features

Additional KEMP LoadMaster security and optimization features can be enabled for the deployment of SAP. The deployment steps and configuration settings of these features can be found in the documents which are listed in the References section of this document. These documents can be found on the KEMP documentation web page: http://kemptechnologies.com/loadmaster-documentation/

Edge Security Pack (ESP) - A solution that provides edge security, SSO application integration and flexible authentication options is critical for optimal user experience and information security policy compliance.

Web Application Firewall (WAF) - This enables secure deployment of web applications, preventing Layer 7 attacks while maintaining core load balancing services which ensures superior application delivery and security.

Content Caching - The LoadMaster can cache static content that fits certain criteria (file extension, query string, caching headers, size, and so on). As long as the file meets these criteria it can be stored locally in the LoadMaster to avoid unnecessary requests to the Real Server to retrieve the file.

Intrusion Detection – The LoadMaster’s implementation of Intrusion Detection leverages Snort. Snort is an open source network intrusion prevention and detection system (IDS/IPS). Snort rules can be imported to the LoadMaster and applied to HTTP/HTTPS connections.

References

Unless otherwise specified, the following documents can be found at http://kemptechnologies.com/documentation.

Virtual Services and Templates, Feature Description

Install Adaptive Agent (Windows), Technical Note

LoadMaster Adaptive Agent for Microsoft Windows

Document History

 

Date

Change

Reason for Change

Version

Resp.

Aug 2015

First draft of document

Initial draft

1.0

KG

Oct 2015

Release updates

Updated for 7.1-30 release

2.0

LB

Dec 2015

Release updates

Updated for 7.1-32 release

3.0

LB

Jan 2016

Minor changes

Updated Copyright Notices

4.0

LB

Mar 2016

Release updates

Updated for 7.1-34 release

5.0

LB

July 2016

Release updates

Updated for 7.1.35 release

6.0

LB

Jan 2017

Minor changes

Updated Copyright Notices

7.0

LB

July 2017 Release updates Updated for 7.2.39 release 8.0 LB

 

 

Was this article helpful?

0 out of 0 found this helpful

Comments