| Home > Solution > Financial Industry |
| |
|
|
|
|
| Hillstone Network Optimization Solution for Financial Industry |
| |
| |
|
|
| |
|
| 一、Analysis of Network Status and Security Problems for Financial Industry |
As financial reforms advances in China, all banks put the focus of competition on service. The banks are increasingly investing in digitize services, and expanding the scale of computer network and application coverage. However, it should be noted that these initiatives while brings benefits also brings new security issues, and these issues are now becoming more and more urgent. The reasons lies mainly in three aspects: First, along with China’s economic reform, financial reform deepens, the financial risks increase rapidly. Guarding against and defusing financial risks have become a very important issue for governments at all levels and the financial sector. Second, as computer applications are getting widespread and computers are more networked nowadays, the system’s security vulnerabilities have also increased. For many years, the banks constantly expanded computerized banking outlets and launched new varieties of computerized services under competitive pressures, but ignored the building of computer management system and security measures. This makes computer security issues more prominent. Third, with spreading of network technology and the internationalization of financial networks, technology of computer crimes are improving and cases of computer crimes are on the rise. This also demands a bank information system with a higher security mechanism.
Development of network communication technology has given rise to breakthroughs in time and space constraint for banking businesses (such as universal cash saving and withdrawing service, bank card business, intermediary business, telephone banking business, and the upcoming online banking business, etc.). It greatly improves the business process, and even to some extent changes the traditional business model. However, adopting new technologies and new systems is accompanied by information security risks. With deeper penetration of information technology, information security will be more closely linked to core bank business. The information security construction of commercial banks should be able to ensure the safety application of new technologies, so that it can guarantee the safety as well as play an important role in business operation. |
|
|
| |
|
|
|
Banking network is divided into business network and office automation network. The two networks are physically separated. The authentication server, CA server, front-end processor, and intermediate business front-end processor are connected to business network. Intrusion detection system and virus prevention system are connected to the main switch. The authentication server, CA server, and intrusion detection system are managed by secure management terminal and auditing terminal. The root CA server is placed in an isolation area and not connects with any network to ensure the safety of the root CA. Business network is connected to the first level network through VPN and firewall.
Web server, online banking server, and Email server are placed in the DMZ zone, connecting to the Internet through anti-virus security appliance, IPS, and firewall. Office network is also connected to the Internet through VPN and firewall. |
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
| |
|
|
