The bank is a modern financial enterprise which has strong shareholder strength and diversified main bodies of equity, and has engaged in NRA account business for nearly twenty years. The bank has established cooperative relations with hundreds of banks around the world, and has a lot of unique products and services in NRA account business. Through restructuring and the introduction of the new shareholders including the local state-owned enterprises and quality private enterprises, etc., the bank is transformed from a foreign bank into a Chinese joint-stock commercial bank. The bank’s capital strength has been improved through capital and share increase.
The data center is an important part of the overall development of IT. The completion of production data center shall lay a solid foundation for improving the bank’s operational management decision-making level and risk control ability, and support the enhancement of service level and information technology service quality of the bank as a whole. It must also satisfy the information system construction needs of the bank over the next 3 to 5 years, so that the data center will become the basic platform for the stable, secured and efficient operation of the core business of the bank.
The bank’s data center is mainly divided into production network, office network, operation and maintenance network and testing network, which are subdivided respectively into eight network areas, two network areas, two network areas, and one independent network according to the different applications.
Based on the different needs of the functional areas, the high, medium, and low-end network switches are combined to construct network, so as to meet the access needs of different users and different applications. Each of the functional areas is not directly interconnected with the other regions, and the firewall is deployed in the edge of each area for security isolation. The data access between areas needs to be filtered through corporate security policy, so that only those data in compliance with corporate security standards will be delivered for application. In addition, according to the security levels in different areas, the anti-DDoS attack device, IPS/IDS device, and vulnerability scanning device are deployed and the security firewall device is applied to ensure the stable operation of network. In area where the application is more concentrated, the application delivery products are deployed to improve application response speed, enhance application security, and promote client satisfaction.
Related solutions: Network Architecture