Fujifilm Synapse

 

1Introduction

Synapse is Fujifilm’s Picture Archiving and Communication System (PACS). It allows filmless diagnosis with high quality image processing. Synapse allows the archiving and distribution of vast amounts of image information from all modalities, managing it with a single system.

Such a powerful tool requires reliable and powerful support. The KEMP LoadMaster delivers an exceptional, cost-effective and easy to use solution which, by employing Adaptive Load Balancing, balances requests across Synapse. Synapse consists of the following servers:

  • Database Server
  • Windows Internet Information Server (IIS)
  • Storage Server
  • Digital Imaging and Communications in Medicine (DICOM) Server
  • Hospital Information System (HIS) Server

When deployed as a pair, two LoadMasters give the security of High Availability (HA). HA allows two physical or virtual machines to become one logical device. Only one of these units is ever handling traffic at any particular moment. One unit is active and the other is a hot standby (passive). This provides redundancy and resiliency, meaning if one LoadMaster goes down for any reason, the hot standby can become active, therefore avoiding any downtime.

1.1Document Purpose

This document is intended to provide guidance on how to deploy Synapse with a KEMP LoadMaster. The KEMP Support Team is available to provide solutions for scenarios not explicitly defined.

1.2Intended Audience

This document is intended to be used by anyone deploying Synapse with a KEMP LoadMaster.

2Synapse Templates

KEMP have developed templates containing our recommended settings for Fujifilm Synapse as outlined in this document. These templates can be installed on the LoadMaster and used when creating each of the Virtual Services. Using a template automatically populates the settings in the Virtual Services. This is quicker and easier than manually configuring Virtual Services individually. If needed, changes can be made to any of the Virtual Service settings after using the template.

Released templates can be downloaded from the Templates section on the KEMP documentation page: http://kemptechnologies.com/documentation.

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description.

For steps on how to manually add and configure each Virtual Services, refer to Section 4.

 

3Enable Subnet Originating Requests Globally

It is best practice to enable the Subnet Originating Requests option globally.

In a one-armed setup (where the Virtual Service and Real Servers are on the same network/subnet) Subnet Originating Requests is usually not needed. However, enabling Subnet Originating Requests should not affect the routing in a one-armed setup.

In a two-armed setup where the Virtual Service is on network/subnet A, for example, and the Real Servers are on network B - Subnet Originating Requests should be enabled on LoadMasters with firmware version 7.1-16 and above.

When Subnet Originating Requests is enabled, the LoadMaster will route traffic so that the Real Server will see traffic arriving from the LoadMaster interface that is in that network/subnet.

When Subnet Originating Requests is enabled globally, it is automatically enabled on all Virtual Services. If the Subnet Originating Requests option is disabled globally, you can choose whether or not to enable Subnet Originating Requests on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

  1. In the main menu of the LoadMaster WUI, go to System Configuration > Miscellaneous Options > Network Options.

Figure 3‑1: Subnet Originating Requests

  1. Tick the Subnet Originating Requests check box.

Figure 3‑2: Architecture Overview

4Synapse Virtual Services Configuration

The KEMP LoadMaster uses Adaptive Agent Load Balancing to distribute the various requests received. The LoadMaster recognizes that requests received on different ports are different types of requests.

Refer to the following sections for step-by-step instructions on creating and configuring Fujifilm Synapse Virtual Services.

4.1Create Fujifilm Synapse Virtual Services

When deploying Fujifilm Synapse, three Virtual Services must be configured.

4.1.1Configure the Synapse HTTP Virtual Service

The following are the steps involved and the values required to set up the first of the Fujifilm Synapse Virtual Services:

  1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services> Add New.

Figure 4‑1: Virtual Service parameters

  1. Enter a valid IP address in the Virtual Address text box.
  2. Enter 80 in the Port text box.

HTTP requests received on Port 80 and external (HTTPS) requests on Port 443 are distributed to their most available server in the same adaptive manner.

  1. Enter a recognizable Service Name, for example Synapse HTTP.
  2. Ensure tcp is selected as the Protocol.
  3. Click Add this Virtual Service.
  4. Expand the Standard Options section.

Figure 4‑2: Standard Options for Synapse HTTP

  1. Deselect the Transparency check box.
  2. Select the Subnet Originating Requests check box.
  3. Select Source IP Address from the Mode drop-down list.
  4. Select 1 Hour from the Timeout drop-down list.
  5. Select resource based (adaptive) from the Scheduling Method drop-down list.
  6. Expand the Advanced Properties section.

Figure 4‑3: Advanced Properties section

  1. Select None from the Add HTTP Headers drop-down list.
  2. Expand the Real Servers section.

Figure 4‑4: Real Servers section

  1. Ensure the HTTP Protocol is selected and HEAD is selected from the HTTP Method drop down list.

Figure 4‑5: Real Servers section

  1. Add the Real Servers:

a)Click the Add New button.

b)Enter the Real Server Address.

This is the address of the backend server.

c)Enter 80 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These can be changed by an administrator.

d)Click Add this Real Server. Click OK to the pop-up message.

e)Repeat steps b) to d) above to add more Real Servers as needed, based on the environment.

4.1.2Configure the Synapse DICOM Virtual Service

The following are the steps involved and the values required to set up the second of the Fujifilm Synapse Virtual Services:

  1. In the LoadMaster Web User Interface (WUI) main menu, go to Virtual Services> Add New.

Figure 4‑6: Basic Properties parameters

  1. Enter the same IP address in the Virtual Address text box as you did when setting up the Synapse HTTP Virtual Service in Section 4.1.1
  1. Enter 104 in the Port text box.

TCP connections on port 104 are recognized as DICOM requests and are forwarded to the DICOM server which the LoadMaster determines is the most available based on processor and memory utilization.

  1. Enter a recognizable Service Name, for example Synapse DICOM.
  2. Ensure TCP is selected as the Protocol.
  3. Click Add this Virtual Service.

Figure 4‑7: Basic Properties

  1. Select HTTP/HTTPS as the Service Type.
  2. Expand the Standard Options section.

Figure 4‑8: Standard Options for Synapse DICOM

  1. Ensure Transparency is deselected.
  2. Select the Subnet Originating Requests check box.
  3. Select Source IP Address from the Mode drop-down list.
  4. Select 1 Hour from the Timeout drop-down list.
  5. Select resource based (adaptive) from the Scheduling Method drop-down list.
  6. Expand the Advanced Properties section.

Figure 4‑9: Advanced Properties parameters

  1. Select None from the Add HTTP Headers drop-down list.
  2. Expand the Real Servers section.

Figure 4‑10: Real Servers parameter

  1. Ensure TCP Connection Only is selected from the Real Server Check Parameters drop down list.

Figure 4‑11: Real Servers section

  1. Add the Real Servers:

a)Click the Add New button.

b)Enter the Real Server Address.

This is the address of the backend server.

c)Enter 104 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These can be changed by an administrator.

d)Click Add this Real Server. Click OK to the pop-up message.

e)Repeat steps b) to d) above to add more Real Servers as needed, based on the environment.

4.1.3Configure the Synapse External Virtual Service

The following are the steps involved and the values required to set up the third Fujifilm Synapse Virtual Service:

  1. In the LoadMaster Web User Interface (WUI) main menu, go to Virtual Services> Add New.

Figure 4‑12: Basic Properties parameters

  1. Enter the same IP address in the Virtual Address text box as you did when setting up the Synapse HTTP and Synapse DICOM Virtual Services.
  1. Enter 443 in the Port text box.

HTTP requests received on Port 80 and external (HTTPS) requests on Port 443 are distributed to their most available server in the same adaptive manner.

  1. Enter a recognizable Service Name, for example Synapse External.
  2. Ensure TCP is selected as the Protocol.
  3. Click Add this Virtual Service.
  4. Expand the SSL Properties section.

Figure 4‑13: SSL Properties parameters

  1. Select the Enabled check box. Click OK to the pop-up that appears.
  2. Select the Reencrypt check box.
  3. Ensure the Support TLS Only check box is selected.
  4. Ensure the Require SNI hostname check box is not selected.
  5. Ensure No Client Certificates required is selected from the Client Certificates drop down list.
  6. Expand the Standard Options section.

Figure 4‑14: Standard Options parameters

  1. Select the Subnet Originating Requests check box.
  2. Select Source IP Address from the Mode drop-down list.
  3. Select 1 Hour from the Timeout drop-down list.
  4. Select resource based (adaptive) from the Scheduling Method drop-down list.
  5. Expand the Advanced Properties section.

Figure 4‑15: Advanced Properties parameters

  1. Select None in the Add HTTP Headers drop-down list.
  2. Expand the Real Servers section.

Figure 4‑16: Real Servers parameters

  1. Select HTTPS Protocol from the drop-down list.

Figure 4‑17: Real Servers section

  1. Add the Real Servers:

a)Click the Add New button.

b)Enter the Real Server Address.

This is the address of the backend server.

c)Enter 443 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These can be changed by an administrator.

d)Click Add this Real Server. Click OK to the pop-up message.

e)Repeat steps b) to d) above to add more Real Servers as needed, based on the environment.

5Adaptive Agent Configuration

The configuration of Adaptive Agent is based on the requirements of the actual hardware and Operating System on which Synapse is running.

For more information and step by step instructions on installing and setting up Adaptive Agent please use the following links:

6Health Checking

By sending KEMP heartbeat checks, the LoadMaster periodically ensures that each of the servers in a deployment is still running. As part of the KEMP heartbeat checks, on port 104 the LoadMaster opens a TCP connection to determine if the DICOM server on the Synapse server is still responding.

The LoadMaster does not currently support DICOM Echo health checking.

The LoadMaster can also be configured to test the IIS service. The LoadMaster performs a check over HTTP to the web server. A particular URL to be reached is identified and a value (for example, DB-OK) set for LoadMaster to find. The LoadMaster calls the URL to determine if the database server is running successfully. If it is, the webpage returns a message containing the value. If not, an error message is returned. The LoadMaster can recognize this and looks for this value in every health check it performs.

7Additional Features

Additional KEMP LoadMaster security and optimization features can be enabled for the deployment of SAP. The deployment steps and configuration settings of these features can be found in the documents which are listed in the References section of this document. These documents can be found on the KEMP documentation web page: http://kemptechnologies.com/loadmaster-documentation/

  • Edge Security Pack (ESP) - A solution that provides edge security, SSO application integration and flexible authentication options is critical for optimal user experience and information security policy compliance.
  • Web Application Firewall (WAF) - This enables secure deployment of web applications, preventing Layer 7 attacks while maintaining core load balancing services which ensures superior application delivery and security.
  • Content Caching - The LoadMaster can cache static content that fits certain criteria (file extension, query string, caching headers, size, etc.). As long as the file meets these criteria it can be stored locally in the LoadMaster to avoid unnecessary requests to the Real Server to retrieve the file.
  • Intrusion Detection – The LoadMaster’s implementation of Intrusion Detection leverages Snort. Snort is an open source network intrusion prevention and detection system (IDS/IPS). Snort rules can be imported to the LoadMaster and applied to HTTP/HTTPS connections.

References

Unless otherwise specified, the following documents can be found at http://kemptechnologies.com/documentation.

Virtual Services and Templates, Feature Description Install Adaptive Agent (Windows), Technical Note LoadMaster Adaptive Agent for Microsoft Windows

Document History

Date

Change

Reason for Change

Version

Resp.

Aug 2015

First draft of document

Initial draft

1.0

KG

Oct 2015

Release updates

Updated for 7.1-30 release

2.0

LB

Dec 2015

Release updates

Updated for 7.1-32 release

3.0

LB

Jan 2016

Minor changes

Updated

4.0

LB

Mar 2016

Release updates

Updated for 7.1-34 release

5.0

LB

July 2016

Release updates

Updated for 7.1.35 release

6.0

LB

Was this article helpful?

0 out of 0 found this helpful

Comments