Shaun -- Here is an alternative proposal. On the VistA server machine, or better yet, on another PC inside the server firewall, run VMWare. For every user that wants to run the CPRS GUI, fire up a Windows guest within which the CPRS GUI will run. This Windows guest will run a TightVNC (http://tightvnc.com/) server. The client will run a TightVNC client (there are native VNC clients, clients in Java, clients that run in browsers, clients for just about every operating system) which will tunnel through the firewalls (and which can be carried over an ssh connection). VNC can also be made very secure.
One benefit of this is that the server session doesn't go away (unless the server goes down). So, if the network connection is lost, a client can reconnect to the session. A session can be left running while a client changes from one location to another - simply terminating the client, going to the new location, and starting a new client to connect to the server will to the trick. The down side is that the server will need a lot of memory, and some decent CPU. But computers are getting cheaper all the time, and it doesn't need to be a high end machine or need high end IO - i.e., Walmart PCs will to the trick as long as they have enough RAM. -- Bhaskar On Fri, 2004-09-24 at 11:28, CS Wagner wrote: > Our problem is that we have a firewall on our network where the Vista > server is. The client side has a firewall also where CPRS is. CPRS > requires a connection from the server to the client on a randomly > generated port. To allow for that, we'd have to basically remove the > entire client-side firewall. Sure, we can only ports 5,000 and up, but > that's still a huge hole in the firewall. > > We tried the VPN route, but that led to yet another issue. The server's > network does have VPN, but it is highly restricted. There is a lot of > paperwork involved in getting an account set up. Once done, we'd have > another problem - the client's computer won't be able to use the > client-side network anymore. That means that they'd have to have a CPRS > computer on VPN and a regular computer off the VPN for everything else. > > As for tunneling on SSH, that would be the #1 solution if CPRS ran well > on Linux. We could tunnel into the Vista server on port 22 and display > the X-CPRS on the client's machine. We could also upgrade CPRS easily > by only upgrading it on the server and not going client to client. But, > the major dawback is getting CPRS to run on Linux without paying out so > much money that we'd be better of buying some other EMR system. > > -Shaun > > Joseph Dal Molin wrote: > > >What is the issue regarding your network security...it will be good to > >know should others have a similar setup? > > > >And dumb question...did you try setting up a VPN and tunneling...?? > > > >Joseph > > > >On Fri, 2004-09-24 at 10:32, CS Wagner wrote: > > > > > >>It is becoming clear that we cannot use CPRS with our network security. > >>Is it possible to effectively use Vista without CPRS? I can easily set > >>up SSH accounts for each user so that gtm starts when the login. I > >>assume that setting the primary menu in Vista will change what they see > >>once gtm starts. I just don't know what menus to give the different > >>people (nurses, providers, clerks...). I also haven't found user's > >>documentation. Everything is directed toward the > >>administrator/programmer, not the average user. So, I'm afraid I'll > >>have to set aside a lot of time to write documentation while I'm trying > >>to learn what to do. > >> > >>What I'm trying to get done right now: > >> * Have a provider SSH in and immediately get to a patient selection > >>screen where he can view/edit patient info > >> * Give nurses the same menu - is there any function for a nurse to > >>hand-off the patient to a provider without having the nurse log off and > >>having the provider log back in and select the same patient? > >> * Have clerks SSH in and immediately get to a screen to add patients or > >>schedule visits for existing patients. > >> > >>If I can get to that point, my history has included years of making > >>graphical front-ends for telnet/ssh menus (written in Cobol and/or > >>Ada). I will be able to do the same for this without the loop-back > >>security headache of CPRS. > >> > >> -Shaun > >> > >> > >>------------------------------------------------------- > >>This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 > >>Project Admins to receive an Apple iPod Mini FREE for your judgement on > >>who ports your project to Linux PPC the best. Sponsored by IBM. > >>Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php > >>_______________________________________________ > >>Hardhats-members mailing list > >>[EMAIL PROTECTED] > >>https://lists.sourceforge.net/lists/listinfo/hardhats-members > >> > >> > >> > > > > > > > >------------------------------------------------------- > >This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 > >Project Admins to receive an Apple iPod Mini FREE for your judgement on > >who ports your project to Linux PPC the best. Sponsored by IBM. > >Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php > >_______________________________________________ > >Hardhats-members mailing list > >[EMAIL PROTECTED] > >https://lists.sourceforge.net/lists/listinfo/hardhats-members > > > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 > Project Admins to receive an Apple iPod Mini FREE for your judgement on > who ports your project to Linux PPC the best. Sponsored by IBM. > Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php > _______________________________________________ > Hardhats-members mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/hardhats-members *************************************************************************** This electronic mail transmission contains confidential and/or privileged information intended only for the person(s) named. Any use, distribution, copying or disclosure by another person is strictly prohibited. *************************************************************************** NOTE: Ce courriel est destine exclusivement au(x) destinataire(s) mentionne(s) ci-dessus et peut contenir de l'information privilegiee, confidentielle et/ou dispensee de divulgation aux termes des lois applicables. Si vous avez recu ce message par erreur, ou s'il ne vous est pas destine, veuillez le mentionner immediatement a l'expediteur et effacer ce courriel. ------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php _______________________________________________ Hardhats-members mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/hardhats-members
