China: H3C Constructs New Financial Network for Bank of China

Introduction

E-commerce is an electronic means of business transaction which oriented from bank industry. It is believed that banks will play a key role in E-commerce activities. Can taking all the E-commerce business processed on site as the most popular concept about E-commerce progress? Or is it necessary forbank to construct its new network? After the reconsiderations, Jiaxing Branch, Bank of China confirmed the answer to the latter question.

Encountering the Data Transmission Bottleneck

The E-commerce is a mainly trend in China driven by some cross-nation IT manufacturers. The concept always runs faster than its application. The popularity of this concept almost makes people believe that if you don't start E-commerce now, you'll have no more business or quite a long time, people's fascination toward E-commerce is no less than having the company listed. However, when the banks all began their financing on the stock market one after another, they have not yet figured out the right way towards E-commerce.

When speaking of the status of E-commerce banking at present, Yulei, manager of the network equipment sector of the information science and technology department of the Jiaxing Branch, Bank of China, said in terms of the E-commerce application, the Chinese domestic banks have fallen behind foreign banks by a big distance. The distance is decided by two factors, one is technology, another is market. To the bank, the first obstacle in E-commerce application is the data bottleneck problem. To start E-commerce application without first solving this problem is the same as building castles in the air.

This bank had been running its online services on its office LAN for quite several years. The application system currently running on the network has varied a lot from what was expected when the network was still under design. And so is the scale of users. Now the whole performance of the existing network equipment is far from satisfaction. There had been a lot of Hubs added to the old LAN. The performance of these shared devices can degrade seriously when the network has a lot of hosts. Besides, the Hubs cannot support VLAN functions. When a certain host broadcasts a packet, all the hosts in the network will receive it. And when the multicast packets grow, the network performance degrades more seriously.

In addition, the Hubs have only limited switching capacity and processing capability and cannot sustain the rapid growth of the data traffic and the multiply of service types. What's more, the L2 switches used in the network cannot provide the L3 routing function. All these defects result in the low efficiency of the old network.

Through network optimization, the density of the network ports can be greatly enhanced to satisfy the development demands of the office administration and service applications.

Optimizing the Internal Network

The network optimization for most banks is a complex process. Due to some historical reasons and the development of technologies, most major banks are running more than one network simultaneously to have the different service systems, telephone system, video system, management system, monitoring system and office system, they are running on different physical platforms. A modern bank network should be an integrated network platform that can afford a reliable service coverage and service bearing on the same network infrastructure. This is the only means to lower the operation and maintenance costs while achieving a higher management efficiency and a highly-unified standard.

Network security is another important issue in network optimization.

From the technical point of view, the security of the current finance network mainly relies on the security mechanisms of the network itself and the network services. One is the other's supplement. The security mechanism of the network refers to the safe transmission of the network data and the legal usage of the network resources. The security mechanism of the network services refer to the authorization, usage and monitoring of the network services. The two aspects must be combined to form a secure network system.

Today's financial networks all revolve around two things: one is service, another is application. As the finance service projects multiply geometrically, the finance body has to consider if the network has the expansibility to support smooth expansions or upgrades, so as to accommodate the growth and change of the services in the future by giving the least change to the existing network architecture and equipment.

To cope with the complexity of the increased business data H3C has prudently construct the new network based on the customer's demands and revolutionized its research and development, production, sales and services.

From Yulei's opinion, to start E-commerce application, the bank should first understand E-commerce properly by analyzing the market from the point of view of a modern commercial bank and then locate a right position for itself on the market so as to develop applications that exactly meet the customers' demands. The technologies must meet the practical needs and shall be innovative. After a thorough study on the demands of the customer, H3C proposes its solution arbitrary platform integration, free service add-on, sophisticated security mechanism, simple and highly-efficient management" providing an innovative idea for enterprise information development.

Yanghu, the sales manager of the finance network department of H3C, revealed that the old equipment and congested bandwidth of the old LAN of Jiaxing Branch, Bank of China can no longer bear the expansion of services and rapid growth of users, hence, H3C has reconstructed the network on a full scale, conforming it into an advanced, manageable, highly reliable, secure and multi-service network, under the precondition that the reconstruction is smoothly completed without influencing the routine work of the bank.

The new network has inherited the tree topology of the original network but has merged the redundancy design that will best guarantee the viability and self-healing features of this LAN.

The core equipment adopted for this LAN, S8016, is a high-end gigabit routing switch dedicated to the backbone, core and convergence layers of IP MANs, large-scale enterprise networks and campus networks as the backbone equipment. It implements the hardware-based L2/L3 forwarding and supports L2~L7 switching, QOS guarantee and a sophisticated security management mechanism, meeting the high-end customers' requirements for multi-service, high reliability, large capacity and a modular structure completely. As a high-end routing switch, S8016 adopts the shared-memory switching fabric and the distributed forwarding mode, resulting in 128Gbit/s total throughput, 256Gbit/s backplane capacity, 128Gbit/s user port traffic and 96Mpps packet forwarding capability. This device provides 16 service card slots. In its full configurations, it can provide up to 64 GE ports, 256 FE ports and POS ports (128 STM-1, 32 STM-4 or 16 STM-16). Due to the adoption of a large-capacity switching chip and high-performance network processor, S8016 can fully deploy the Diff-Serv/QoS function, traffic control functions, and such service processing functions as NAT (Network Address Translation), WEB Switch and DHCP (Dynamic Host Configuration Protocol). Therefore, it has the carrier-class reliability, high density and large switching capacity features and is suitable for various network solutions.

Users' demands for network resources usually change with the specific applications. A finance network shall be able to adapt to the change of users' demands via flexible system configuration and resource reallocation. The S8016 and S3026 switches developed by H3C support all the common switching, routing and NMS standards in the industry. They are easy to configure and can be remotely managed through Quidview or other tools.

The development of technologies and the increase of application demands require each network to be scalable. The S8016 switch is based on a multi-layer switching network architecture and therefore can be easily expanded or upgraded. Most of the S8016 devices adopted for city banks are configured with 5 to 6 service slots. About 10 slots are reserved. For expansions, the customer only needs to purchase new modules and directly insert them to the reserved slots, without having to purchase another switch or restart the switch (S8016 supports the hot swapping of boards), thus protecting customer's investment.

As an important part of the service system, the network must be highly reliable to guarantee the work efficiency. When selecting the equipment and deciding their configurations, H3C has fully considered about the high reliability of the core switching platform. As a result, each S8016 is configured with dual routing switch units, dual switching engines and multiple power supplies, including the distributed switching fabric to guard against single-point failures. It is said that the specifications of such configurations have already reach the carrier-class standard. In the network scheme proposed by H3C, two GE multi-mode optical interfaces are added between the S3026 switch at each floor and the core switch S8016 for redundant connections (but the interfaces actually adopted are two 100M connections). And the equipment is to run the STP protocol to guarantee the normal operation of the ring network, so that if any node or line in the backbone network becomes faulty, the network can quickly recover itself using the redundant physical ring.

Let PC Fly

Although for Jiaxing Branch, Bank of China, the current network architecture is still far from the true sense of E-commerce, it does pave the ground for smooth E-commerce applications in the future. After the core switching system was put to operation, the work efficiency of the bank has been greatly enhanced. The entire project started in March, 2003 and ended in mid-June, 2003. In the three and half months, Jiaxing Branch, Bank of China has greatly enjoyed the advantages brought by the enhanced work efficiency. Before the new network scheme was applied, the bank had been doing all the online business on its Intranet. At the busiest hours, some PCs would just stop responding and refuse to work. But after the optimization, all the transactions can be smoothly done online. By the word of the employees, "Let PCs fly" However, Yulei still has to admit that the current application still want some improvements, like service integration, network optimization, security optimization and so on. But in any case, the development steps of the Jiaxing Branch have been approaching the ultimate goal of E-commerce.

EC HyperLink E-commerce and Finance

There is a close relationship between E-commerce and the finance industry. The features about the finance industry determine that the management information is vital to enterprises, in particular, the banks. From strategy analysis and business operation to service running and finance management, all have to be based on high-quality information management. On one hand, it is a precondition for E-commerce that the banks must implement electronic payment. On the other hand, because of the market demands and the pressure of competitions, it is also necessary for the bank to introduce a new generation of the finance service network to improve its business management, to expand its service range, to develop new services and to provide more means of service. The new generation of the banking network developed by H3C can provide access to all bank outlets, ATMs, auto-deposit machines, intelligent equipment in business halls, machines for consultancy service, OA, VOIP and POS terminals and more all through one network equipment. Based on the uniform standards and the universal technical platform as well as the combined adoption of an enhanced user authentication function, management system, server software system and cluster system, it serves as an integrated solution for the finance body to implement accurate, convenient and highly-efficient management.

As Yulei firmly believes, the network optimization conducted today is for tomorrow's E-commerce applications.