Clinical Network Isolation and Medical Device Protection
Healthcare networks connect life-critical medical devices, patient records, and clinical systems. When ransomware reaches a hospital network, it does not just encrypt data. It cancels surgeries, diverts ambulances, and puts lives at risk.
Healthcare
When a hospital receptionist's email and a ventilator share the same network, every phishing email is a potential path to patient harm.
100%
Medical device network isolation
Zero
Direct paths between clinical and admin networks
5
Clinical zones with independent governance
Full
DSPT and NIS2 compliance evidence
Healthcare faces life-critical cyber threats.
Patient Safety Risk
Ransomware attacks on healthcare networks force the cancellation of surgeries and diversion of emergency patients, directly endangering lives.
Medical Device Vulnerabilities
Connected medical devices run embedded operating systems that cannot be patched without recertification, creating permanent vulnerabilities on the clinical network.
Flat Hospital Networks
Many hospitals share a single network for clinical systems, medical devices, admin workstations, and guest Wi-Fi, enabling rapid ransomware propagation.
The Scenario
Scenario: Hospital Ransomware Attack
Ransomware enters through a phishing email opened on an administrative workstation. Within four hours, it propagates across the flat hospital network, encrypting clinical workstations, imaging systems, and electronic health records. Emergency departments divert patients to neighbouring hospitals. Surgical lists are cancelled for eleven days. Three MRI machines require complete rebuild because their embedded controllers were encrypted. With Firevault Control, the administrative network is physically separated from clinical systems and medical devices. The ransomware cannot propagate beyond the admin zone because the network path to clinical systems does not exist.
"The ransomware encrypted everything on our network in under four hours. Our MRI scanners, our patient records, even the pharmacy dispensing system. The only systems that survived were the ones that happened to be switched off that night."
Where each Control module is deployed across clinical systems, devices and research.
Healthcare networks carry a corporate estate, clinical systems, a long tail of medical devices and a research environment. Control puts a real boundary at every change of trust so a compromise in one estate does not become a clinical incident.
Grounded in NHS DSPT, HSCN reference architecture, IEC 80001 and NIST SP 1800-30.
Internet / HSCN
External
External traffic stops at the perimeter.
Corporate IT
IT
Office estate. Not part of clinical.
Office estate. Not part of clinical.
Identity sits behind its own boundary.
Identity
IT
Clinical messaging is named and authorised.
Clinical DMZ
DMZ · trust boundary
Clinical messaging brokered, not direct.
Clinical messaging brokered, not direct.
Clinical data moves on approved routes only.
Clinical systems
Data
Devices on their own fabric. Named access only.
Medical devices
Field
Often unpatchable. Segmentation is the control.
Often unpatchable. Segmentation is the control.
Research
Data
Crown jewels
Off-network
Detail callout · A
Offline Secure Storage
Patient archives, imaging history, research datasets and any clinical record you must keep recoverable.
Offline by design · secure by defaultModules & symbols
Where each module is deployed, and what it does there.
One row per module. Placement on the network, then plain-English purpose at that point.
-
Firebreak
On the H0 to H1 link
A real hardware off switch on the corporate perimeter, ready to drop the live path into clinical systems during an incident.
-
Validate
On the H0 to H1 link, the H1 to H2 link and inside the clinical DMZ
Requests crossing into clinical systems are checked for origin, integrity and authority.
-
Isolate
On the H1 to H2 link, the H3 to H4 link and the H3 to RES link
Corporate, identity, clinical, devices and research sit on their own physical fabrics. A compromise in one does not reach the others.
-
Lock
On the H2 to DMZ link and the H3 to H4 link
Device and clinical messaging access tie to the right team, the right ward and the right authority.
-
Transfer
Inside the clinical DMZ and on the H3 to RES link
When data moves between clinical and research, Transfer governs the route, the de-identification and the landing point.
Featured In
'%3e%3cpath%20fill='%23E40784'%20d='M141.363%2026.6a5.905%205.905%200%200%201-5.899-5.9%205.905%205.905%200%200%201%205.899-5.895%205.901%205.901%200%200%201%205.895%205.895%205.9%205.9%200%200%201-5.895%205.9Zm0-8.347a2.448%202.448%200%200%200%200%204.895%202.449%202.449%200%200%200%202.447-2.448%202.449%202.449%200%200%200-2.447-2.447ZM141.363%200c-.821%200-1.638.052-2.447.144v3.731a16.897%2016.897%200%200%201%202.447-.177c9.373%200%2017.002%207.626%2017.002%2017.002%200%20.825-.063%201.642-.177%202.448h3.732c.095-.81.143-1.627.143-2.448%200-11.411-9.285-20.7-20.7-20.7Z'/%3e%3cpath%20fill='%23E40784'%20d='M141.363%207.268c-.825%200-1.645.077-2.447.228v3.787a9.733%209.733%200%200%201%202.447-.313c5.369%200%209.734%204.368%209.734%209.734%200%20.832-.107%201.652-.313%202.447h3.783c.151-.802.228-1.623.228-2.447.004-7.412-6.024-13.436-13.432-13.436Z'/%3e%3cpath%20fill='%23fff'%20d='M71.382%207.537h-2.84a5.82%205.82%200%200%200-5.815%205.818v9.785h4.037v-9.789a1.78%201.78%200%200%201%201.777-1.777h2.841V7.537ZM80.539%2019.1a3.787%203.787%200%200%201-3.783-3.784%203.787%203.787%200%200%201%203.783-3.783%203.787%203.787%200%200%201%203.783%203.784%203.787%203.787%200%200%201-3.783%203.783Zm0-11.6c-4.313%200-7.82%203.507-7.82%207.82%200%204.313%203.507%207.82%207.82%207.82%201.372%200%202.66-.357%203.78-.982v.982h4.036V15.32c.004-4.313-3.503-7.82-7.816-7.82ZM41.806%2018.71a5.512%205.512%200%200%201-4.34%202.1%205.55%205.55%200%200%201-5.541-5.541%205.55%205.55%200%200%201%205.542-5.543c1.696%200%203.279.766%204.339%202.102l.088.114%201.656-1.656-.077-.092a7.865%207.865%200%200%200-6.01-2.797c-4.339%200-7.871%203.533-7.871%207.872s3.532%207.871%207.871%207.871a7.865%207.865%200%200%200%206.01-2.797l.077-.091-1.656-1.656-.088.113ZM19.479%207.397c-4.34%200-7.872%203.53-7.872%207.872%200%204.342%203.533%207.871%207.872%207.871a7.883%207.883%200%200%200%207.205-4.71l.081-.18H24.15l-.037.058a5.543%205.543%200%200%201-10.05-1.873h13.2l.015-.11c.048-.357.073-.714.073-1.053%200-4.346-3.529-7.875-7.871-7.875Zm-5.417%206.705a5.54%205.54%200%200%201%205.417-4.376%205.54%205.54%200%200%201%205.417%204.376H14.06ZM46.192%2023.14h2.33v-8.847a4.599%204.599%200%200%201%204.593-4.592%204.599%204.599%200%200%201%204.592%204.592v8.844h2.33v-9.149h-.008a6.887%206.887%200%200%200-2.082-4.648%206.89%206.89%200%200%200-4.832-1.972%206.863%206.863%200%200%200-4.593%201.751V.545h-2.33V23.14ZM2.686%207.393H0v2.33h2.686v8.471a4.944%204.944%200%200%200%204.94%204.939h2.435v-2.33H7.625a2.613%202.613%200%200%201-2.609-2.612V9.726h3.772v-2.33H5.016V1.84h-2.33v5.553ZM101.968%208.457a7.721%207.721%200%200%200-2.547-.858c-.088-.014-.177-.03-.265-.04-.1-.011-.199-.022-.302-.03a9.993%209.993%200%200%200-.574-.029c-.022%200-.04-.004-.062-.004h-.037c-4.313%200-7.82%203.507-7.82%207.82%200%204.313%203.507%207.82%207.82%207.82h.037c.25%200%20.496-.014.743-.04l.037-.003a7.742%207.742%200%200%200%203.003-.939v.979h4.037L106.005.537h-4.037v7.92Zm0%206.863a3.788%203.788%200%200%201-3.769%203.78%203.786%203.786%200%200%201-3.76-3.78c0-2.08%201.688-3.772%203.764-3.78a3.787%203.787%200%200%201%203.765%203.78ZM119.75%2023.11h4.037V15.299c-.011-4.302-3.515-7.798-7.82-7.798-4.313%200-7.821%203.507-7.821%207.82%200%204.313%203.508%207.82%207.821%207.82%201.372%200%202.66-.357%203.783-.982v.953Zm-3.783-4.01a3.786%203.786%200%200%201-3.783-3.784%203.786%203.786%200%200%201%203.783-3.783%203.79%203.79%200%200%201%203.783%203.78v.003a3.787%203.787%200%200%201-3.783%203.784ZM132.273%207.5a5.824%205.824%200%200%200-5.818%205.818v9.822h4.037v-9.822a1.78%201.78%200%200%201%201.777-1.777h2.841V7.5h-2.837ZM173.736%2020.807a5.534%205.534%200%200%201-5.527-5.527%205.534%205.534%200%200%201%205.527-5.528%205.535%205.535%200%200%201%205.528%205.528%205.535%205.535%200%200%201-5.528%205.527Zm0-13.399a7.852%207.852%200%200%200-5.527%202.274V7.393h-2.344V30h2.344v-9.127a7.836%207.836%200%200%200%205.527%202.275c4.339%200%207.872-3.533%207.872-7.872s-3.533-7.868-7.872-7.868ZM186.735%2023.14h-2.385v-9.81a5.84%205.84%200%200%201%205.833-5.834h2.848v2.385h-2.848a3.45%203.45%200%200%200-3.448%203.448v9.811ZM202.813%209.774a5.535%205.535%200%200%200-5.528%205.528%205.535%205.535%200%200%200%205.528%205.527%205.534%205.534%200%200%200%205.527-5.527%205.534%205.534%200%200%200-5.527-5.528Zm0%2013.4c-4.339%200-7.872-3.533-7.872-7.872%200-4.34%203.533-7.872%207.872-7.872s7.872%203.53%207.872%207.872c0%204.339-3.533%207.871-7.872%207.871Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h210.68v30H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Key Capabilities
NHS Data Sovereignty
All clinical data and configurations remain within the agreed jurisdiction in secured Firevault Bunkers, meeting NHS data residency requirements.
Clinical Governance Access
Access to clinical systems requires authorisation from both IT and clinical governance teams, reflecting the dual nature of healthcare technology.
DSPT Compliance
Automated compliance logging maps directly to Data Security and Protection Toolkit requirements and NIS2 Article 21 outcomes for healthcare.
Cellular Management
Out-of-band management via cellular connectivity ensures control over hospital networks independent of the compromised infrastructure.
Patient Data Audit Trail
Every access to clinical systems and patient data paths is recorded in tamper-proof logs for regulatory and clinical governance audit.
Rapid Clinical Recovery
Verified baselines of clinical system configuration enable rapid restoration of patient-critical services without relying on production systems.
Demo to Live
Adoption Guide
Clinical Network Assessment
Map all network paths between admin systems, clinical applications, medical devices, and guest access to identify segmentation gaps and patient safety risks.
Clinical Zone Design
Design physically separated zones for administration, clinical systems, medical devices, and imaging with Control modules at each boundary.
Ward-Level Pilot
Deploy in a representative ward or department with full zone separation, controlled updates, and compliance logging to validate clinical workflows.
Trust-Wide Deployment
Phased deployment across the trust with verified configuration baselines, continuous DSPT evidence generation, and 24/7 cellular management capability.
Clinical Network Assessment
Map all network paths between admin systems, clinical applications, medical devices, and guest access to identify segmentation gaps and patient safety risks.
Clinical Zone Design
Design physically separated zones for administration, clinical systems, medical devices, and imaging with Control modules at each boundary.
Ward-Level Pilot
Deploy in a representative ward or department with full zone separation, controlled updates, and compliance logging to validate clinical workflows.
Trust-Wide Deployment
Phased deployment across the trust with verified configuration baselines, continuous DSPT evidence generation, and 24/7 cellular management capability.
Questions
Frequently Asked
Speak to the team to organise a PoC
Walk through your blueprint with the Firevault team and scope a proof of concept on your estate. 30 minutes, no sales pitch.