Cisco AON Software

Simplify HIPAA Compliant Information Exchange

Product Overview

• Delivery and management of patient care

• Benefits eligibility verification

• Claims

• Billing

• Electronic prescriptions

• Other administrative functions

Figure 1. Cisco AON Form Factors

Branch Office		Network Module for Cisco 2800/3700/3800 Routers Single-core 1 GHz Intel 373 Celeron-M CPU, 1 GB RAM, 80 GB hard disk drive
		CADE-1010 Integrated Single-Core Appliance Single-core Intel D352 3.2 GHz CPU, 1 GB RAM, 250 GB hard disk drive
Enterprise Data Center		CADE-2142 Integrated Dual Quad-Core Appliance 2 Quad-Core Intel E5320 1.86 GHz CPUs, Up to 18 GB RAM, Up to 735 GB hard disk drive

Features and Benefits

• A simplified Web-based management console for centrally provisioning and managing HIPAA-compliant document exchange over the Internet

• Full support for HIPAA-compliant X12 and National Council for Prescription Drug Programs (NCPDP) message transformation and delivery

• Secure, reliable, interoperable information exchange of any document regardless of type over the Internet, including HL7 and DICOM, using proven, interoperable message transport standards including HTTP over Secure Sockets Layer (SSL)¹, payload encryption, digital signatures, reliable delivery, and authentication and authorization support

• Direct integration to healthcare information systems utilizing application integration protocols including Java Message Service (JMS), Web Services (WS), and Java Database Connectivity (JDBC) as well as direct file system access for document delivery/pickup using Network File System (NFS) and Common Internet File System (CIFS)

• Web-based administrative console for transaction auditing and monitoring transaction delivery exceptions

• Centralized remote management and lights-out operation

• An integrated hardware/software system with built-in support for clustering and load balancing to simplify operations and reduce the total cost of ownership

• Simple-to-use policy-driven execution framework for system extension and customization, including a workflow designer for message workflow modification

• Application programming interface (API) and software development kit (SDK) for end-customer or third-party development of additional functionality using Java

• Cisco Unified Communications integration support for policy-driven notification of critical information

Cisco AON Platform Features

• Enforce consistent business policies across information access and exchange

• Provide visibility of information flow, including monitoring and metering of information flow for both business and infrastructure purposes

• Facilitate communication between disparate applications by routing information to the appropriate destination, in the format expected by that destination

• Enhance application optimization and security by providing application-level load-balancing, processing offload, message caching, compression, encryption, and digital signature capability in addition to authentication and authorization services

Built-In Transformation Support and Failsafe Security

Cisco AON includes support for the following security features:

• Authentication: Cisco AON can verify the identity of a sender's inbound message-based content (username and password, WS-Security profile, digital certificate, and so on). The solution integrates with security frameworks, such as Kerberos Protocol, and Lightweight Directory Access Protocol (LDAP) servers such as Netegrity SiteMinder, Microsoft Active Directory, OpenLDAP, and SunONE.

• Authorization: Cisco AON can determine which level of access the originator of the message should have to the services it is attempting to invoke. Features supported include Security Assertion Markup Language (SAML) authorization assertion embedded in Simple Object Access Protocol (SOAP), WS-Security headers, LDAP group-based authorization, and customer-defined rule-based control policies.

• Nonrepudiation and data integrity: Cisco AON can digitally sign message elements or entire messages at any given AON device. Features supported include insertion and verification of XML signatures in WS-Security headers, detached envelope and enveloping XML signature types, signatures based on private keys, Secure Hash Algorithm version 1 (SHA-1) digest computation, and RSA digest encryption.

• Confidentiality: Based upon policy, Cisco AON can encrypt and decrypt message elements or entire messages. Features supported include Triple Digital Encryption Standard (3DES) and Advanced Encryption Standard (AES)-128/192/256 symmetric ciphers, RSA symmetric ciphers, destination URL-based keys, and certificates.

• Centralized key management: The Cisco AON Management Console (AMC) allows users to register, configure, bind, and provision keys and certificates from the Cisco AMC server to the AON device. Capabilities include generating, registering, and obtaining Class 2 and SSL certificates using Verisign Class 3 Certificate Service; fetching, uploading, and importing SSL certificates; importing PKCS#12 certificates; and importing keys from Java keystores.

• Transport-layer security: Cisco AON supports transport-layer security mechanisms such as SSL 3.0.

Service Oriented Architecture (SOA) Support

Visibility

• Logging: Cisco AON can log messages to external systems for purposes of auditing and compliance or for future analysis.

• Contextual lookup: Cisco AON can refer to external systems to obtain contextual information required to analyze the data. For example, it can call out to a customer database to look up customer information based on a customer ID in the message.

• Notification and alerting: Cisco AON can notify or alert other applications or even end users through e-mail, text messages, and phone calls (using Cisco Unified Communications) in the case of a critical event. For example, if the service-level agreement (SLA) to deliver a message has been exceeded or a critical message has been received, operations personnel can be alerted to take corrective action.

Intelligent Message Routing

• Protocol support: Cisco AON understands various application access methods and provides adapters for most commonly used application transport protocols: HTTP, HTTPS, Tibco EMS, WebSphere JMS and MQ, and BEA JMS. Additionally, a custom adapter SDK is available for creation of new adapters to any environment. Most policies and bladelets used within Cisco AON understand the semantics of these protocols natively, allowing for higher fidelity and control of the interaction.

• Protocol switching: A Cisco AON node can act as a protocol gateway between multiple applications; for example, receiving an application message through WebSphere MQ and sending it to another application as a Web Service Message. Cisco AON supports protocol translation between any combination of its supported protocols.

Extensibility

• The Adapter Developer Kit (ADK) supports development of plug-in custom adapters to receive and send messages from Cisco AON.

• The Bladelet Developer Kit (BDK) supports development of custom bladelets in Java and C/C++. This capability is also available in the system optimized code execution path.

Scalability and Performance

• Virtual cluster: As application message traffic increases, additional Cisco AON devices (blades or appliances) can easily be added to a virtual cluster. Thus Cisco AON can scale horizontally and transparently to match the increased traffic.

Benefits over Server-Based Software Solutions

Cisco AON Design, Configuration, and Management

• Cisco AON Development Studio (ADS) is used to create policy execution plans (PEPs) that represent a set of operations (bladelets) to apply to application messages.

• Cisco AON Management Console provides centralized control for configuration, certificate management, and lifecycle management of a distributed AON network.

System Requirements

Ordering Information

Table 1. Ordering Information

Service and Support

For More Information