• Resources
  • Case Study: Medical Technology Company
Automation & APIsDNSMigration

Case Study: Medical Technology Company

Global medical technology company turns to BlueCat and significantly reduces their operating costs through the power of network automation.

Technology brainstorm featured image
Key takeawaysThis key takeaway was generated through LLMs crawling the page and coming up with an overview of the content.

A global medical technology company with nearly $20 billion in revenue and over 70,000 employees moved from manual, on-site device maintenance to a centrally managed remote operations model by consolidating fragmented Microsoft DNS into BlueCat DNS Integrity. The company faced HIPAA-driven encryption and VPN management for 15,000+ devices, IP conflicts from disparate hospital networks, and poor DNS visibility across on-prem, third-party, and growing AWS environments — problems solved by a unified DNS platform, API-driven automation, and a custom portal using NAT and DMVPN. The result: automated IP provisioning, single-portal VPN management, reduced on-site visits, improved uptime and compliance, and significant operational cost and resource savings while enabling remote diagnostics, audits, and firmware updates at scale.

How did migrating from Microsoft DNS to BlueCat DNS Integrity improve management of remote medical devices?

Migrating to BlueCat DNS Integrity centralized disparate DNS namespaces and legacy systems under a single administration portal, enabling a single point of truth for DNS across on-prem, third-party, and AWS environments. The platform’s API allowed the company’s developers to build a custom portal that integrates device host records into BlueCat Address Manager and automates IP provisioning and NAT/DMVPN configuration. This eliminated manual coordination with hospital IT for IP changes, reduced address conflicts, and enabled real-time DNS updates, which collectively simplified large-scale remote device management and supported HIPAA-compliant VPN connections.

What technical mechanisms were used to secure and connect 15,000+ field devices while maintaining compliance?

To meet HIPAA encryption and management needs for over 15,000 devices, the company used VPN tunnels and a Dynamic Multipoint Virtual Private Network (DMVPN) architecture managed through the BlueCat-backed portal. The custom portal leverages BlueCat DNS Integrity’s API to automate creation and maintenance of VPN endpoints, integrate device host records into the Address Manager, and apply Network Address Translation (NAT) as needed. Centralized control over VPN configurations and automated DNS updates allowed the organization to maintain encrypted connections at scale and manage compliance from a single administrative interface.

What operational benefits did Field Service Engineers and network administrators gain from the BlueCat solution?

Field Service Engineers gained the ability to perform remote audits, port scans, firmware updates, and remote launches through the Data Admin portal built on the BlueCat API, drastically reducing the need for routine on-site visits. Network administrators obtained automated IP provisioning, the ability to reserve address blocks per facility, and an accurate, real-time DNS database that minimizes human error and downtime associated with manual DNS management. Together, these improvements reduced team size requirements, shortened response times, improved reliability, and delivered significant cost and resource savings while maintaining compliance and scalability.

The Customer

BlueCat was approached by a leading medical technology company with nearly $20 billion in annual revenue and over 70,000 employees around the world. The company’s primary business is supplying hospitals and clinics with a wide variety of medical devices.

All of the company’s medical devices require periodic maintenance. In the past, it employed a large team of Field Service Engineers which visited medical facilities on a set schedule to service and troubleshoot devices. In recent years, the company decided to connect all of its devices to the internet, enabling remote diagnostics and updates. This allows a smaller number of Field Service Engineers to effectively maintain a larger fleet of devices.

The Challenge

Managing network connections between medical devices deployed in the field and the company’s service staff proved to be a multifaceted challenge:

Compliance: Under the Health Insurance Portability and Accountability Act (HIPAA), all of the connections between medical devices and the company’s servers had to be encrypted. This involved creating and managing separate VPN tunnels for over 15,000 field-deployed devices.

Network Conflicts: The company’s devices rely on the IT infrastructures of the medical centers and clinics where they are deployed. The devices are assigned IP addresses by the network teams of each facility, usually without any coordination. This introduces the potential that devices in different facilities will be assigned the same IP address, making remote monitoring and maintenance much harder to track.

Visibility: The company’s network infrastructure has been shaped over time by multiple mergers, acquisitions, strategic initiatives, and partnerships. On-prem assets are a tangle of directly administered data centers and services managed by third party providers. Maintaining visibility into the DNS of this complex enterprise is a significant challenge. The company recently started to use the AWS cloud for much of its internal compute. As its use of the cloud grows in volume and sophistication, the company will want to manage its cloud DNS from a central location.

The company’s Microsoft-based DNS did not deliver the range of functionality required by such a complex, compliance-based network architecture. In order to deliver the efficiency of automated processes, the company needed a single point of truth for its DNS infrastructure – one which supported the use of APIs and automation.

The Solution

To address its many DNS-related challenges, the company turned to BlueCat. Working with BlueCat’s migration team, the company transitioned its scattered on-prem DNS resources from Microsoft to DNS Integrity. A significant part of the migration effort involved bringing legacy systems and namespaces under a single DNS administration portal, organizing and accounting for dispersed data sets across the enterprise. This laid the foundation for the company to tackle the larger challenge of managing its connections to devices in the field.

Using DNS Integrity’s robust API, the company’s application development team then built a custom portal to manage remote devices through the BlueCat back-end. This portal uses Network Address Translation (NAT) and a Dynamic Multipoint Virtual Private Network (DMVPN), automatically integrating host records from remote devices with the BlueCat Address Manager.

The Impact

With the company’s custom-built portal running through BlueCat’s API, the company is now able to automatically establish and maintain remote connections with medical devices without the need to constantly adjust IP addresses in coordination with hospital IT teams.

BlueCat’s centralized system allows network administrators to automate IP provisioning for individual devices, set aside blocks of IP addresses for entire medical facilities, and maintain an accurate DNS database that is updated in real time.

Automating the DNS back-end also gives administrators the ability to manage the 15,000+ VPN connections required by HIPAA from a single portal – something that was impossible under the previous Microsoft-based architecture. The system also offers a more reliable architecture which avoids the errors and downtime naturally associated with manual DNS management.

Where the company’s Field Service Engineers used to visit customer sites on a regular rotation to service and maintain medical devices, they can now perform the same tasks through the Data Admin portal which runs on the BlueCat API. Field Service Engineers now have the ability to perform complete audits of device functionality by scanning ports, performing remote launches, and updating firmware – all without the need to go on site.

Doing so requires a much smaller team which operates on more efficient timeframes. The cost and resources associated with on-site visits are now the exception rather than the rule, offering significant operational savings for the company.

“BlueCat’s platform is highly stable” says the company’s lead DNS administrator. “With BlueCat’s API, we were able to create a custom platform which helps us manage resources at scale, saving time and money.”

Related content

BlueCat Centralized DDI control datasheet header with branding, headline, and introductory description text
Resources

BlueCat Horizon Data Sheet

BlueCat Horizon is a SaaS-based orchestration and control plane that centralizes DDI policy, identity, reporting, and automation across heterogeneous,…

Read more
Marketing explainer for modern SaaS-delivered DDI orchestration with statistic on spreadsheet reliance and benefits summary
Resources

BlueCat Horizon Explainer

BlueCat Horizon is a SaaS-based DDI platform that unifies and automates DNS, DHCP, and IP address management across existing environments like Active…

Read more
City skyline at dusk with glowing blue light trails arcing like data streams over the streets
Resources

Hybrid and Multicloud Networking Strategies for Cloud Migrations

Hybrid multicloud DNS should centralize DDI, governance, and cloud integration to avoid brittle forwarding and restore visibility.

Read more
Frustrated IT engineer at laptop with overlaid network observability UI widgets showing memory utilization, allocation percen
Resources

DNS and DDI Automation for Lean NetOps and CloudOps Teams

How lean NetOps teams design DDI automation workflows that actually reduce manual DNS, DHCP, and IPAM work. Choose your path based on your constraint.

Read more