Internet & Network Infrastructure
Deployment Timeline
A chronological view of every major network deployment from the August 2023 LAN refurbishment through the October 2025 enterprise upgrade.
Full LAN cable replacement and additional network ports added to high-traffic areas before CCMS rollout.
What was done:
- Complete replacement of legacy LAN cabling throughout the clinic
- New network ports added to high-traffic areas
- Backbone wiring upgraded to support gigabit speeds
Constraint that remained:
Only 1 LAN port per room — limiting multi-device deployment. Staff were physically tethered to a single desktop per room. Without wireless expansion, SystmOne adoption at scale would not have been possible.
Following the JKNJ Unit Pengurusan Maklumat review, the first Access Point was deployed at OPD to enable wireless CCMS access.
Assessment: JKNJ Unit Pengurusan Maklumat review on 12 September 2023 recommended Access Point (AP) routers for wireless coverage. CCMS deployment was creating urgent demand for every staff member to have dedicated PC or laptop access — wireless networking became essential across consultation, procedure, and registration rooms.
Deployment:
| Detail | Value |
|---|---|
| Device | Ruijie EW1800-GX (Wi-Fi 6) |
| Location | OPD Unit |
| Coverage | Consultation rooms |
| Type | Single AP, self-managed |
First wireless coverage in the clinic — proved the model before scaling.
Wireless coverage extended to KKIA and the Fever Unit with a second Ruijie EW1800-GX.
Deployment:
| Detail | Value |
|---|---|
| Device | Ruijie EW1800-GX (Wi-Fi 6) |
| Location | KKIA Unit |
| Coverage | KKIA + Fever Unit |
KKIA reten and Fever consultation workflows could now run on laptops/tablets, completing the first wave of wireless rollout for the high-priority clinical units.
Tenda Nova MX3 mesh system deployed to eliminate weak-signal pockets in the KKIA corridor.
As CCMS usage scaled, dead zones in the KKIA area became the most reported connectivity complaint. A consumer-grade mesh was deployed as a fast, low-cost mitigation while waiting for budget approval for the enterprise upgrade.
Deployment:
| Detail | Value |
|---|---|
| Device | Tenda Nova MX3 Mesh Wi-Fi System |
| Mesh Node 1 | Room 21 |
| Mesh Node 2 | Room 24 |
| Result | Eliminated dead zones in KKIA corridor and adjacent procedure rooms |
Tenda AC8 1800 deployed at the Registration Counter to give the front-desk and adjacent units their own high-speed access.
Deployment:
| Detail | Value |
|---|---|
| Device | Tenda AC8 1800 (Wi-Fi 6 capable) |
| Location | Registration Counter |
| Coverage Zone | Registration Counter, NCD Room, Laboratory |
Front-desk operations and high-traffic administrative workflows got dedicated bandwidth — reducing contention with the clinical units sharing the older APs.
Transition from ad-hoc consumer devices to a centralized, managed enterprise network — funded by BPKK budget allocation.
Funding: BPKK budget allocation enabled the move from consumer-grade equipment to enterprise hardware with centralized management.
Hardware:
| Device | Quantity | Role |
|---|---|---|
| TP-Link Omada 24-Port PoE Switch | ×1 | Core distribution switch |
| TP-Link Omada EAP670 (Wi-Fi 7) | ×3 | Ceiling-mount managed APs |
Access Point Placement:
| AP | Location | Coverage |
|---|---|---|
| EAP670 #1 | KKIA | KKIA & Fever consultation/procedure rooms |
| EAP670 #2 | NCD Unit | Registration counter, Lab Unit, NCD clinic |
| EAP670 #3 | OPD | Outpatient consultation zones |
Impact:
- Network stability improved dramatically
- PoE switch delivers power + data over single cables (less rack clutter)
- EAP670s provide seamless roaming between zones — clinical staff can move with their laptops without re-associating
- Centralized management via Omada SDN for future scalability
Current Network State
Backup Internet Service
- Unifi backup line (TM Muar) installed as a secondary ISP in the server zone
- Ensures continuity during GITN outages or maintenance windows
Security Controls — MAC Whitelisting
Only pre-registered, whitelisted clinic devices may connect to Wi-Fi—unknown devices are automatically blocked, preventing unauthorized use and protecting CCMS bandwidth.
- All routers require MAC address whitelisting
- Enforces restricted access, bandwidth integrity, and service quality for clinical systems
Hardware Reference
Ancillary Equipment & Adapters
Beyond core infrastructure, several supporting devices were procured to bridge legacy hardware:
| Device | Purpose |
|---|---|
| Multiple Tenda WiFi Adapters | USB Wi-Fi adapters enabling wireless connectivity for older desktop PCs without built-in Wi-Fi |
| Wi-Fi 6 LAN Cables | Upgraded backbone cabling from GITN main router to both the Omada PoE switch and legacy TP-Link switches |
Switch Inventory
| Device | Type | Ports | Management |
|---|---|---|---|
| TP-Link Omada 24-Port PoE Switch | PoE / Core | 24 Gigabit | Managed (Omada SDN) |
| TP-Link 24-Port Gigabit Switch | Access | 24 Gigabit | Non-managed |
| TP-Link 24-Port Gigabit Switch | Access | 24 Gigabit | Non-managed |
| TP-Link 24-Port Gigabit Switch | Access | 24 Gigabit | Non-managed |
Summary of Progress
The continuous improvement and expansion of network ecosystem helps us to achieve:
- Simultaneous CCMS sessions across OPD, KKIA, NCD, Fever, and Registration units
- Wireless flexibility for laptops, tablets, and legacy desktops
- Redundant connectivity via primary (GITN) and backup (Unifi/TM) lines
- Centralized management via Omada SDN for future scalability
Contributor
Dr Fuad Jaafar
Facilitator, CCMS • KK Bandar Maharani