Using DMZ for External Access

Mirth® Appliance by NextGen Healthcare Deployment Guide, 4.1

Opening Network Ports Through a Firewall

When operating a Mirth® Appliance by NextGen Healthcare through a firewall or other device performing access control, it is necessary to allow some network traffic so that certain features can function. Traffic Direction Port Protocol Service Note Out 80 tcp Software Update Can be restricted to mirthhq.mirthcorp.com. Out 443 tcp Software Update Can be locked down to mirthhq.mirthcorp.com. Out 25 tcp Mail Delivery Not necessary if you use a mail relay behind the firewall. Out 123 udp NTP (time) Not necessary if you use an NTP server behind the firewall. In 80 tcp Control Panel Only necessary to open if you perform administration through the firewall. An alternative is to use VPN service. In 8080, 8443 tcp Mirth Only necessary to open if you perform administration through the firewall. An alternative is to use VPN service. Out 53 tcp DNS Not necessary if there is a local DNS server behind the firewall. In 1194 udp VPN This is the default value. Can be changed. Only necessary if you use t

Mirth® Appliance by NextGen Healthcare Deployment Guide, 4.1

Deployment Considerations

The flexibility of the Mirth® Appliance by NextGen Healthcare enables a variety of deployment options. NextGen Healthcare provides recommendations for planning the placement of your appliance. Using DMZ for External Access If the appliance is used for connectivity to sources outside your organization’s private network, NextGen Healthcare recommends that the unit be placed into a DMZ network. Bridging Disconnected Network Segments A Mirth® Appliance by NextGen Healthcare with multiple Ethernet interfaces can be used as a message firewall to bridge otherwise disconnected networks. Opening Network Ports Through a Firewall When operating your hardware through a firewall, it is necessary to allow some network traffic to pass so that certain features of the appliance can function properly.

System Administrator Help

Opening External Applications

NextGen Healthcare has a number of vendors that have integrated their applications with the NextGen® Enterprise platform. The vendor applications use NextGen® Enterprise API solutions to interact with your electronic health records data. Many of these applications are listed on NextGen API Marketplace, which includes application information and links to the respective vendor websites. Some of these vendor applications are designed to be easily opened from NextGen® Enterprise EHR or NextGen® Enterprise PM. These external applications run code from other vendors. In NextGen® Enterprise EHR, you can use the following features to open external applications: The External Applications button on the patient information card. The Launch External Application trigger. A trigger is a template component that associates an action with a given User Interface (UI) control, such as a button. You can use the Template Editor to add this trigger to custom templates. In NextGen® Enterprise PM, you can use

NextGen® Enterprise EHR Help

Clinical Decision Support

Clinical Decision Support refers to the external resources that provide evidence-based decision support interventions. These external resources enable you to select one or more electronic clinical decision support interventions based on each and at least one combination of the following: Problem list Medication list Medication allergy list Demographics Laboratory tests and values/results Vital signs In NextGen® Enterprise EHR, clinical decision support electronically identifies diagnostic and therapeutic reference information for the user. The HL7 InfoButton link set up in File Maintenance activates the Clinical Decision Support URL to connect you to context-sensitive information based on the active NextGen® Enterprise EHR module. Note: NextGen Healthcare recommends that the URLs associated with Clinical Decision Support access sites or vendors that provide you with additional information, such as suggested care plans and recommendations based on the patient's results or diagnoses. Acc

System Administrator Help

Configure External Applications

System Administrator provides the EXTERNAL APPLICATION SETUP window to configure each external application that users can open from NextGen® Enterprise EHR or NextGen® Enterprise PM. For NextGen® Enterprise EHR, this configuration applies to both the External Applications button and the Launch External Application template trigger. In System Administrator, select View > External Application Setup. The EXTERNAL APPLICATION SETUP window opens. The list of licensed applications appears in the left pane. EXTERNAL APPLICATION SETUP Window If the EXTERNAL APPLICATION SETUP window does not open, a message may appear indicating the following. Your user account does not have permission to access the EXTERNAL APPLICATION SETUP window. In this case, enable the OPERATIONS > Administration > External Application Setup security right for your user group. The API is not available. For information about troubleshooting NextGen API services, refer to the NextGen®API Suite Manager Installation Guide for

Mirth® Appliance by NextGen Healthcare Deployment Guide, 4.1

Download a VPN Client Software Bundle

After you add a connection, your next step is to download a VPN client software bundle to send to the user. Download VPN Client Bundle window On the Download VPN Software Bundle window, select the VPN user’s platform (Windows or Linux), and then enter the public server address and a password for encrypting the software bundle’s contents. The Public Server Address field is the IP address that the client uses to connect to the appliance. If the user is connecting over an existing private network, they may be able to connect to the actual IP address of the appliance (this is the default value). Most likely, the user is on the other side of a firewall and it is necessary to give them an external IP address. You can attempt to look up the external IP address of the appliance using the Detect External IP Address button. If there are any questions about which IP address to use, contact your network administrator. Note: If there is a firewall between the user and the appliance, then the Public

Using DMZ for External Access

Recommendations

Opening Network Ports Through a Firewall

Deployment Considerations

Opening External Applications

Clinical Decision Support

Configure External Applications

Download a VPN Client Software Bundle

Opening Network Ports Through a Firewall

Deployment Considerations

Opening External Applications

Clinical Decision Support

Configure External Applications

Download a VPN Client Software Bundle