FujiFilm Synapse

Deployment Guide

UPDATED: 11 January 2018

FujiFilm Synapse

Copyright Notices

Copyright © 2002-2018 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP
Technologies logo are registered trademarks of KEMP Technologies, Inc.

KEMP Technologies, Inc. reserves all ownership rights for the LoadMaster and KEMP 360 product line
including software and documentation.

Used, under license, U.S. Patent Nos. 6,473,802, 6,374,300, 8,392,563, 8,103,770, 7,831,712, 7,606,912,
7,346,695, 7,287,084 and 6,970,933

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 2

FujiFilm Synapse

Table of Contents

1 Introduction 4

1.1 Document Purpose 4

1.2 Intended Audience 4

2 Template 5

3 Enable Subnet Originating Requests Globally 6

4 Synapse Virtual Services Configuration 7

4.1 Create Fujifilm Synapse Virtual Services 7

4.1.1 Configure the Synapse HTTP Virtual Service 7

4.1.2 Configure the Synapse DICOM Virtual Service 8

4.1.3 Configure the Synapse External Virtual Service 10

5 Adaptive Agent Configuration 13

6 Health Checking 14

7 Additional Features 15

References 16

Last Updated Date 17

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 3

FujiFilm Synapse
1 Introduction

1 Introduction
Synapse is Fujifilm’s Picture Archiving and Communication System (PACS). It allows filmless diagnosis
with high quality image processing. Synapse allows the archiving and distribution of vast amounts of
image information from all modalities, managing it with a single system.

Such a powerful tool requires reliable and powerful support. The KEMP LoadMaster delivers an
exceptional, cost-effective and easy to use solution which, by employing Adaptive Load Balancing,
balances requests across Synapse. Synapse consists of the following servers:

Database Server

Windows Internet Information Server (IIS)

Storage Server

Digital Imaging and Communications in Medicine (DICOM) Server

Hospital Information System (HIS) Server

When deployed as a pair, two LoadMasters give the security of High Availability (HA). HA allows two
physical or virtual machines to become one logical device. Only one of these units is ever handling traffic
at any particular moment. One unit is active and the other is a hot standby (passive). This provides
redundancy and resiliency, meaning if one LoadMaster goes down for any reason, the hot standby can
become active, therefore avoiding any downtime.

1.1 Document Purpose

This document is intended to provide guidance on how to deploy Synapse with a KEMP LoadMaster. The
KEMP Support Team is available to provide solutions for scenarios not explicitly defined.

1.2 Intended Audience

This document is intended to be used by anyone deploying Synapse with a KEMP LoadMaster.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 4

FujiFilm Synapse
2 Template

2 Template
KEMP has developed a template containing our recommended settings for this workload. You can install
this template to help when creating Virtual Services, as it automatically populates the settings. This is
quicker and easier than manually configuring each Virtual Service. If needed, changes can be made to any
of the Virtual Service settings after using the template.

Download released templates from the Templates section on the KEMP documentation page:
http://kemptechnologies.com/documentation.

For more information and steps on how to import and use templates, refer to the Virtual Services and
Templates, Feature Description on the KEMP Documentation Page.

For steps on how to manually add and configure each of the Virtual Services using the recommended
settings, refer to the steps in this document.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 5

FujiFilm Synapse
3 Enable Subnet Originating Requests Globally

3 Enable Subnet Originating Requests Globally

It is best practice to enable the Subnet Originating Requests option globally.

In a one-armed setup (where the Virtual Service and Real Servers are on the same network/subnet)
Subnet Originating Requests is usually not needed. However, enabling Subnet Originating Requests
should not affect the routing in a one-armed setup.

In a two-armed setup where the Virtual Service is on network/subnet A, for example, and the Real
Servers are on network B - Subnet Originating Requests should be enabled on LoadMasters with
firmware version 7.1-16 and above.

When Subnet Originating Requests is enabled, the LoadMaster will route traffic so that the Real Server
will see traffic arriving from the LoadMaster interface that is in that network/subnet not the Virtual
Service address.

When Subnet Originating Requests is enabled globally, it is automatically enabled on all Virtual Services.
If the Subnet Originating Requests option is disabled globally, you can choose whether or not to enable
Subnet Originating Requests on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to System Configuration >
Miscellaneous Options > Network Options.

2. Tick the Subnet Originating Requests check box.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 6

FujiFilm Synapse
4 Synapse Virtual Services Configuration

4 Synapse Virtual Services Configuration

The KEMP LoadMaster uses Adaptive Agent Load Balancing to distribute
the various requests received. The LoadMaster recognizes that requests
received on different ports are different types of requests.

Refer to the following sections for step-by-step instructions on creating and configuring Fujifilm Synapse
Virtual Services.

4.1 Create Fujifilm Synapse Virtual Services

When deploying Fujifilm Synapse, three Virtual Services must be configured.

4.1.1 Configure the Synapse HTTP Virtual Service

The following are the steps involved and the values required to set up the first of the Fujifilm Synapse
Virtual Services:

1. In the main menu of the LoadMaster Web User Interface (WUI), go to Virtual Services > Add
New.

2. Enter a valid IP address in the Virtual Address text box.

3. Enter 80 in the Port text box.

HTTP requests received on Port 80 and external (HTTPS) requests on

Port 443 are distributed to their most available server in the same
adaptive manner.

4. Enter a recognizable Service Name, for example Synapse HTTP.

5. Ensure tcp is selected as the Protocol.

6. Click Add this Virtual Service.

7. Configure the settings as recommended in the following table:

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 7

FujiFilm Synapse
4 Synapse Virtual Services Configuration

Section Option Value

Standard Options Transparency Disabled

Subnet Originating Requests Enabled
Persistence Mode Source IP Address
Timeout 1 Hour
Scheduling Method resource based (adaptive)
Advanced Properties Add HTTP Headers None
Real Servers Real Server Check Method HTTP Protocol

8. Add the Real Servers:

a) Click the Add New button.

b) Enter the Real Server Address.

This is the address of the backend server.

c) Enter 80 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These
can be changed by an administrator.

d) Click Add this Real Server. Click OK to the pop-up message.

e) Repeat the steps above to add more Real Servers as needed, based on the
environment.

4.1.2 Configure the Synapse DICOM Virtual Service

1. The following are the steps involved and the values required to set up the second of the
Fujifilm Synapse Virtual Services:

2. In the LoadMaster Web User Interface (WUI) main menu, go to Virtual Services > Add New.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 8

FujiFilm Synapse
4 Synapse Virtual Services Configuration

3. Enter the same IP address in the Virtual Address text box as you did when setting up the
Synapse HTTP Virtual Service in the Configure the Synapse HTTP Virtual Service section.

4. Enter 104 in the Port text box.

TCP connections on port 104 are recognized as DICOM requests and are
forwarded to the DICOM server which the LoadMaster determines is
the most available based on processor and memory utilization.

5. Enter a recognizable Service Name, for example Synapse DICOM.

6. Ensure TCP is selected as the Protocol.

7. Click Add this Virtual Service.

8. Configure the settings as recommended in the following table:

Section Option Value

Basic Properties Service Name HTTP/HTTPS

Standard Options Transparency Disabled
Subnet Originating Requests Enabled
Persistence Mode Source IP Address
Timeout 1 Hour
Scheduling Method resource based (adaptive)
Advanced Properties Added HTTP Headers None
Real Servers Real Server Check Method TCP Connection Only

9. Add the Real Servers:

a) Click the Add New button.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 9

FujiFilm Synapse
4 Synapse Virtual Services Configuration

b) Enter the Real Server Address.

This is the address of the backend server.

c) Enter 104 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These
can be changed by an administrator.

d) Click Add this Real Server. Click OK to the pop-up message.

e) Repeat the steps above to add more Real Servers as needed, based on the
environment.

4.1.3 Configure the Synapse External Virtual Service

1. The following are the steps involved and the values required to set up the third Fujifilm
Synapse Virtual Service:

2. In the LoadMaster Web User Interface (WUI) main menu, go to Virtual Services > Add New.

3. Enter the same IP address in the Virtual Address text box as you did when setting up the
Synapse HTTP and Synapse DICOM Virtual Services.

4. Enter 443 in the Port text box.

HTTP requests received on Port 80 and external (HTTPS) requests on

Port 443 are distributed to their most available server in the same
adaptive manner.

5. Enter a recognizable Service Name, for example Synapse External.

6. Ensure TCP is selected as the Protocol.

7. Click Add this Virtual Service.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 10

FujiFilm Synapse
4 Synapse Virtual Services Configuration

8. Configure the settings as recommended in the following table:

Section Option Value Comments

Click OK to the pop-up that

SSL Properties SSL Accelerationt Enabled
appears.
Reencrypt Enabled
Supported Protocols TLS1.0; TLS1.1; TLS1.2
Require SNI hostname Disabled
No Client Certificates
Client Certificates
Required
Standard Subnet Originating
Enabled
Options Requests
Persistence Mode Source IP Address
Timeout 1 Hour
resource based
Scheduling Method
(adaptive)
Advanced
Added HTTP Headers None
Properties
Real Server Check
Real Servers HTTPS Protocol
Method

9. Add the Real Servers:

a) Click the Add New button.

b) Enter the Real Server Address.

This is the address of the backend server.

c) Enter 443 as the Port.

The Real Server Port should match the Virtual Service Port.

The Forwarding method and Weight values are set by default. These
can be changed by an administrator.

d) Click Add this Real Server. Click OK to the pop-up message.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 11

FujiFilm Synapse
4 Synapse Virtual Services Configuration

e) Repeat the steps above to add more Real Servers as needed, based on the
environment.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 12

FujiFilm Synapse
5 Adaptive Agent Configuration

5 Adaptive Agent Configuration

The configuration of Adaptive Agent is based on the requirements of the actual hardware and Operating
System on which Synapse is running.

For more information and step by step instructions on installing and setting up Adaptive Agent please
use the following links:

Install Adaptive Agent (Windows), Technical Note:

https://support.kemptechnologies.com/hc/en-us/articles/203126529-Install-Adaptive-Agent

LoadMaster Adaptive Agent for Microsoft Windows:

https://support.kemptechnologies.com/hc/en-us/articles/202375687-LoadMaster-Adaptive-Agent-
for-Microsoft-Windows

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 13

FujiFilm Synapse
6 Health Checking

6 Health Checking
By sending KEMP heartbeat checks, the LoadMaster periodically ensures that each of the servers in a
deployment is still running.  As part of the KEMP heartbeat checks, on port 104 the LoadMaster opens a
TCP connection to determine if the DICOM server on the Synapse server is still responding.

The LoadMaster does not currently support DICOM Echo health

checking.

The LoadMaster can also be configured to test the IIS service. The LoadMaster performs a check over
HTTP to the web server. A particular URL to be reached is identified and a value (for example, DB-OK) set
for LoadMaster to find. The LoadMaster calls the URL to determine if the database server is running
successfully. If it is, the webpage returns a message containing the value.  If not, an error message is
returned. The LoadMaster can recognize this and looks for this value in every health check it performs.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 14

FujiFilm Synapse
7 Additional Features

7 Additional Features
Additional KEMP LoadMaster security and optimization features can be enabled for the deployment of
SAP. The deployment steps and configuration settings of these features can be found in the documents
which are listed in the References section of this document. These documents can be found on the KEMP
documentation web page: http://kemptechnologies.com/loadmaster-documentation/

Edge Security Pack (ESP) - A solution that provides edge security, SSO application integration and
flexible authentication options is critical for optimal user experience and information security policy
compliance.

Web Application Firewall (WAF) - This enables secure deployment of web applications, preventing
Layer 7 attacks while maintaining core load balancing services which ensures superior application
delivery and security.

Content Caching - The LoadMaster can cache static content that fits certain criteria (file extension,
query string, caching headers, size, and so on). As long as the file meets these criteria it can be stored
locally in the LoadMaster to avoid unnecessary requests to the Real Server to retrieve the file.

Intrusion Detection – The LoadMaster’s implementation of Intrusion Detection leverages Snort.

Snort is an open source network intrusion prevention and detection system (IDS/IPS). Snort rules
can be imported to the LoadMaster and applied to HTTP/HTTPS connections.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 15

FujiFilm Synapse
References

References
Unless otherwise specified, the following documents can be found at
http://kemptechnologies.com/documentation.

Virtual Services and Templates, Feature Description

Install Adaptive Agent (Windows), Technical Note

LoadMaster Adaptive Agent for Microsoft Windows

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 16

FujiFilm Synapse
Last Updated Date

Last Updated Date

This document was last updated on 11 January 2018.

Copyright © 2002 - 2018 KEMP Technologies, Inc. All Rights Reserved. 17