Supporting peoples’ healthcare needs with natively integrated security and connectivity

With the acceleration of retail branch digitisations, cloud adoption, and hybrid workforce, Medux’s traditional approach of backhauling traffic to a centralised location was outdated and at odds with the organisation’s cloudfirst digital transformation ambitions. Faced with underwhelming network performance and connectivity issues, Medux needed to transform its networking and security architecture to optimise connectivity across users, devices, and applications. In addition, Medux needed to find an alternative to expensive MPLS connections owing to multiple connected locations.

Medux helps people enjoy a better quality of life. The Dutch organisation specialises in the provision of care equipment – wheelchairs, crutches, and more – to healthcare institutions and individuals. More than one million Medux healthcare aids are in service, supported by 2,600 employees. The Group also comprises the subsidiaries Medux Harting Bank, Atlas Kidtech, and MediPoint.

Medux is modernising fast. Business acquisitions and growing demand from customers to order, rent, and collect healthcare devices inspired Medux to switch its legacy infrastructure to an Azure cloud-first strategy.

As part of this modernisation, Medux needed to renew the network that supported more than 120 stores and offices across the Netherlands, in town centres, hospitals, and other locations. On-premises network security relied on first-generation firewalls in the data centre. Connectivity was based on an expensive, inflexible, and dedicated WAN links with limited bandwidth.

“The legacy network limited the agility of the stores, was expensive to run, and lacked the flexibility to support a modern, growing retail organisation,” says Natasja Lucas, IT Manager, Medux.

For example, each Medux retail store typically relied on a two-megabit line. If someone printed a 150-meg document, the session might freeze, calls would drop out, and customers wouldn’t be able to collect the healthcare devices so important to their wellbeing. The legacy architecture lacked the ability to prioritise applications, load balance, and failover, which significantly impacted their ability to support a growing customer base. Moreover, adding a new store to the Medux network took time and money, through adding hardware and an expensive, inflexible MPLS contract.

Medux collaborated closely with ncubed, the Dutch managed service partner, to develop secure, resilient, high-performance network connectivity. The requirements included:

• Connect sites and applications with multiple modern transport such as broadband, internet, and LTE to deliver business agility with drive improved performance, WAN capacity and application resiliency security, and agility.
• Provide granular visibility into application network performance and availability for faster troubleshooting and reduced trouble tickets.
• Simplify operations with business policies based on applications and application SLAs instead of fragmented network capabilities.
• Create policies based on business intent not fragmented networking features.
• Implement superior security outcomes with best-in-class security with cloud-delivered Prisma Access.

Medux standardised on a highly resilient managed security service from ncubed. Connected network and SASE security natively applies Zero Trust network architecture (ZTNA) 2.0 – optimising Medux’s resilience and flexibility.

“We’ve been huge fans of Palo Alto Networks for many years,” says Michael Ataman, Chief Executive Officer of ncubed. “The company is at the forefront of innovation and growth. Everything we have deployed at Medux is best-in-class and integrates seamlessly, transforming cloud security and simplicity.”

ML-Powered NGFWs and Prisma SD-WAN Instant-On Network (ION) models are deployed in the Azure cloud, with critical Medux applications tunnelled to this Azure hub. Some 2,600 staff – whether working in the stores, the Medux offices, or remotely at home – receive the same secure, always-on connectivity experience.

Jean-Philippe Gorsira, Cloud Infra & Security Architect, Medux explains, “We have developed an open compute environment in every site. Owing to the virtualisation, Medux has the flexibility to scale any network function up or down as demand changes. For instance, if we need to add a new retail store or an extra level of firewall security, we just buy a new licence – there’s no additional hardware or other cost overhead.”

The SD-WAN platform also simplifies management, enabling app-defined SD-WAN policies. Jean-Philippe Gorsira adds, “Medux has the flexibility to manage the network without networking or understanding routing protocols. Decisions are made based on how a link will deliver an application using policy generated SLAs.”

This high-performance strategy is modernising Medux’s operating model: the stores can offer more responsive and resilient service, the business is more agile, and people can work with confidence from anywhere.

The benefits include:

• Increased performance: The new environment significantly increased connectivity performance. “People can work when, where, and how they choose – at the speed of business. There’s no latency problem, and if someone decides to print that 150MB document, no-one will notice,” says Michael Ataman.
• Flexible connectivity: Medux has the flexibility to scale sites up or down, depending on demand. The team can also create policies based on business intent rather than a series of fragmented networking features. “With the local Internet breakouts, Medux is paying far less per megabyte of performance. The organisation can add capacity extremely quickly,” says Natasja Lucas.
• Superior security: Medux can confidently meet required performance and availability demands, including remote office WAN high availability, bandwidth, and dynamic path selection. “Many retailers were hit last year by the Kaseya threat – one Belgian supermarket didn’t trade for one week. Although Medux doesn’t use Kaseya, we have enjoyed a continuous revenue stream since using Prisma SD-WAN,” says Michael Ataman.
• Reduced costs: The low-cost cloud model, inexpensive connectivity breakouts, elimination of hardware, maintenance, and other factors have helped Medux reduce operational costs.
• Elastic WAN capacity: The subscription-based model reduces WAN costs by enabling Medux to purchase bandwidth on a per-Mbps basis and effortlessly allocate bandwidth from an aggregated pool.
• Simplified operations: Medux has complete visibility and control over the infrastructure. Zero touch provisioning and deployment means resources are not tied to slow, expensive deployment models.

Natasja Lucas concludes, “Prisma SD-WAN represents the future of the cloud-delivered retail branch network. It transforms application performance and visibility, while reducing the overall cost and complexity of Medux’s WAN.”

Learn more about Palo Alto Networks on the website where you can also read many more customer stories.