Compared to traditional banking, online banking can greatly reduce the bank’s operating costs, effectively improve the bank's profitability; in addition, without the constraints of time and space, online banking facilitates client group expansion and service innovation by providing client with diversified and personalized service. On account of the development philosophy and governance outline of the bank, the online banking business will be a vital business system in the bank. Under the situation that the basic core system construction is completed, the bank starts the construction of the online banking system.
According to the characteristics of online banking, the online banking network is divided into Internet access area, WEB server area, APPP server area and DB server area. Internet access area uses security filtering and load balancing technology to allow the clients to access the online banking system through the Internet; WEB (page) is the portal and direct interface accessed by online banking clients; APP (application) server is a specific implementation of the various functions of online banking, including pages of session management, submitting to the background for processing, and submitting to the WEB server for response; while the main roles of DB (database) are to preserve and share various real-time business data (such as client payments) and static data (such as interest rate table) to support the operation of the business information system and check the legality of the client logging into the system.
Rich Cloud Technology has deployed network switches, application delivery devices, firewalls, anti - DDoS attack devices, IPS/IDS, vulnerability scanning system, and application firewall WFA devices in the project. Among these, the network switches are used to provide redundant connections with online banking server, various application devices and security devices; application delivery devices are used to achieve the multi-operator load balancing and local server load balancing of the online banking, so as to provide users with good online banking experience; firewall deploys access control list in the TCP/IP level to isolate different application areas; anti - DDoS attack devices filter DDoS attacks from the Internet so as to improve the availability of the online banking system; IPS / IDS devices block and monitor network-based attacks; vulnerability scanning system scans server systems and provides security recommendations to improve the security of the server system; application firewall conducts security monitoring based on WEB application of 4-7 layers, dynamically establishes model base for data access behavior and terminates the abnormal external access.
Related solutions:: Application Optimization | Information Anti-leakage | Database Security