Country / Region
Challenges for digital campus construction, and the urgency of removing network barriers
In the past few years, a number of digital and intelligent technologies have been widely incorporated into different service channels of banks, and the comprehensive digitalization of office scenarios is speeding up, which results in higher personalized requirements for campus network construction. Safe and efficient campus networks provide a solid foundation for banks to provide digital services.
Huaxia Bank faces similar technical challenges as other campus networks. Its office campus in Beijing is composed of three cross-regional buildings, each of which is accessed by 3,000 endpoints. The O&M of devices and security policies has always been a major challenge for IT management. Huaxia Bank now mainly faces the following three challenges:
• Difficult network O&M: Due to the high availability and reliability of the network architecture in the bank campus, the bank faces issues such as complex network construction planning, rigid network policies, and long period. Network O&M consumed 80% to 90% of the network administrators' time and energy.
• Security monitoring and control: As applications become digital, a large number of endpoints and staff access the network via different ways, complicating the network security access configuration. The O&M architecture based on conventional network management fails to meet the requirements of the changing wireless campus network and IoT application environment.
• Unified management: For the construction of emerging scenarios such as the IoT in campus, the campus network needs to support cross-regional and unified management of IP address resources and policies, so as to meet the requirements of various digital scenarios in the campus.
Reshape the network architecture as a new benchmark for the smart bank campus
After understanding the pain points and demands of Huaxia Bank's Beijing office campus comprehensively, H3C Group, a subsidiary of Unigroup and a strategic partner of Huaxia Bank for many years, provided the AD-Campus solution based on SDN technology. The solution helps Huaxia Bank's new building perform characteristic functions in line with service demands, such as fixed-mobile convergence, smart IoT, person-centered network, and simplified O&M, paving the way for the development of its digital services.
AI-powered visualized network O&M
A simply O&M function module is embedded in AD-Campus to provide the unique function of the integration of management, control and analysis. In addition to automatic configuration and management of large-scale infrastructures, the platform collects network data and indicators in real-time through Telemetry protocols, and uses data analysis technologies and AI algorithms to classify and analyze faults and provide recovery suggestions. Using this system, the new office building of Huaxia Bank divides the network- and user-related faults into 11 categories and more than 40 subcategories. By doing so, the O&M personnel can accurately identify network faults. All maintenance measures can be implemented automatically, and manual work efficiency has been increased by over 50%.
A solution integrating multiple security and protection products
The entire network uses overlay technology, which features the cross-WAN channel isolation capability. The VXLANs can be isolated only at the endpoint (VTEP), and the endpoints only need to communicate with each other through IP addresses. One physical network is divided into multiple logical networks to effectively isolate O&M, office, and IoT networks. In addition, based on the cloud-native architecture, the SDN controller SeerEngine has rich open interfaces. By associating with the background authentication system, SeerEngine can implement a security check before an endpoint obtains network resources. Based on the check results, SeerEngine associates with network devices to allocate the corresponding user group network to implement security isolation based on user groups.
Unified management, and software-defined flexible network construction
With SDN network architecture as the core to access a two-layer architecture, high degree of standardization, flexible architecture, and service deployment (application/endpoint) without connection with the location (service-location separation), the solution has completely solved the problem of traditional network channels that bind endpoints and people through physical access locations. People and applications are centered, and all network resources move with people and applications, based on which policies are allocated. In addition, H3C deployed a unified user identity authentication system to ensure the unified access management of wired and wireless endpoints on the intranet.
At the same time, through the outstanding integration ability of the AD-Campus solution, H3C introduced its mature data center and new WAN technology to the Huaxia Bank campus scenario, realizing various digital service scenarios including intelligent robots, paperless, HD video conferencing, VR communication, digital conference rooms, intelligent security and protection, and intelligent buildings based on the IoT system, and facilitating the digital transformation of all the services of Huaxia Bank.
Financial development is the foundation of economic development and financial stability is a prerequisite for economic stability. Huaxia Bank and H3C reshaped the network architecture, significantly improving the flexibility and stability of the network. By removing the barriers between different campuses and different devices, Huaxia Bank has substantially accelerated the reform of the financial management concept and service mode, paving the way for China's steady economic development.