We are standing up some new PA firewalls and have been testing with some HL7 servers. Testing has been going well until recently where "unknown-tcp" traffic gets denied. It seems that it only happens when the transfer of a specific file/message is being transferred. I spoke with our the HL7 Interface/Server guy and he shared this bit with me.. "HL7, most if not about all, messages begin with the “MSH” segment, Message Header. These files, the HGS Meditech Lab Charge files, are in an HL7 batch. The first segment is “FHS” – File Header, the BHS – Batch, then MSH and all the data. So it is a “Batched” HL7 file, first time in 20+ years of doing this that I run across a charge file like this." I got around the issue by creating a security policy allow "unknown-tcp" between the two specific servers but is that the only solution? Thoughts?
... View more