Every computer on a network, including the internet, is allocated a unique sequence of numbers known as an Internet Protocol (IP) address that identifies the computer and enables communication over the network.
One of the security measures used by application service providers (ASP) is to restrict access to authorised users by their IP address or IP address range. This is achieved by using an access control list (ACL) that lists the IP addresses of authorised users. When a user’s range changes they will be denied access to the service until their new range is added to the ACL.
Private networks such as the BT Transition Network and the Health and Social Care Network (HSCN) utilise a private range of IP addresses to enable communication within the private network. These private ranges cannot be addressed directly from the internet, so when an internet service is accessed it is necessary to allocate an IP address that is accessible. To do this, network address translation is used to adopt an IP from the publicly addressable range on the internet gateway; this is the range of IP addresses that the ASP requires to allow access to their service.
This IP address is different on HSCN and ASPs that use ACLs will need to be advised of this change to allow access to their service. The diagrams below provide further information.
NHS organisations on the BT Transition Network (formerly N3) typically accessed the internet via the BT Transition Network Enhanced Internet Gateway (EIG) see figure 1.