I want to share an interesting story about the USNS Mercy (T-AH-19) with our readers. The Mercy is the lead ship in its class of hospital ships in non-commissioned service with the United States Navy. Her sister ship is USNS Comfort (T-AH-20). Per the Geneva Conventions, the Mercy cannot carry offensive weaponry, and attacking her is a war crime. Both ships are serving the nation in its fight against COVID-19.
The Mercy - a 65,000 ton converted oil tanker which hosts 1000 hospital beds (including 80 intensive care beds) - is currently docked in the Port of Los Angeles to help the Southern California region cope with COVID-19. To appreciate her size and scale, the entire state of Maine has 1,061 total hospital beds, including 61 ICU beds.
With any hospital, secure networking communications are essential. The Mercy’s network must accommodate not only official naval vessel communications, but also civilian medical staff and patient communications. As with numerous US government agencies, the US Navy is a pfSense® software user, and so is the USNS Mercy.
Since the IT staff of the Mercy is charged with the task of providing secure reliable communications to a number of user groups on board, they are continually evaluating and improving network services on the ship. As part of the COVID-19 response mission, they needed network devices that could process large amounts of IPSec and GRE traffic, while applying traffic policies to ensure critical data would flow through bandwidth constrained ship communication circuits. This has historically included Netgate appliances such as the SG-4860.
However, upon arriving in the Los Angeles area, the ship was given a 1 Gb/s link to shore, a circuit much faster than is typically provisioned for the ship. To meet the unique requirements of this install, Mercy once again looked to Netgate and the XG-1537, a data center class product that can handle 16.4 Gbps of routed traffic, 14.5 Gbps of firewall-processed traffic, or 2.77 Gbps of IPSec traffic. Within an hour of being ordered, Netgate shipped the appliance to California overnight, and the device was operational the next day, replacing a SG-4860.
A faster link also brought new challenges from increased traffic. To develop traffic shaping policies that enabled the best experience for all of Mercy’s diverse users, the Mercy IT crew called on Netgate’s support team. Within a few hours, one of Netgate’s top engineers had listened to the concerns of the ship, and a policy design was proposed and implemented - allowing critical medical data to flow while patients were able to keep in touch with friends and family ashore.
The flexibility of the pfSense platform, providing robust routing, firewall, VPN, and traffic shaping technologies integrated in a small form factor, with responsive subject matter expert support, is a key enabler that made Netgate and pfSense stand out to the Mercy IT team, and is why they continue to play a central role during these critical missions.
As we shared in our COVID-19 blog series, we are here to help. Those on the healthcare frontline are the soldiers in our war against COVID-19. Anything that can be done to assist them is worth it. I’m proud of Netgate’s products, support services, and our role in protecting government defense, healthcare, and civilian operations - and thought the community might appreciate hearing a live story to which we can all relate.
Be safe out there. Let us know if we can help you in any way.