Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology...

Network Convergence for Banking Network Convergence for Banking Industry ndash some basicsIndustry ndash some basics

SRBALASUBRAMANIANAdvisor ndash Technology InfrastructureBarclays Bank PLC19 January 2007

AGENDA

bull Concept of Network Convergence

bull Why Network Convergence

bull What are the types of Convergence

bull Obstructions to Network Convergence

bull Security concerns and Mitigation steps

bull Conclusion

AGENDA

bull Concept of Network Convergencebull Why Network Convergencebull What are the types of Convergencebull Obstructions to Network Convergencebull Security concerns and Mitigation stepsbull Conclusion

Concept of Network Convergence

bull It is a Standard Platform that allows you to integrate Data Voice Fax Video and other Telephony applications

bull It is the passport for the organizationrsquos future success

DefinitionFor the Operator

bull Ability to extend service offering to consumersbull Ability to provide the same level of service across multiple

networksbull Ability to use the same network for Voice Video Data

For the Consumer

bull Ability to move across multiple networksbull Ability to access same or similar levels of services from

anywherebull Ability to cross integrate across multiple networks

Concept of Network Convergence-Contd

What are the motivation FactorsFor Operatorsbull Service bundling generates additional revenuesbull Utilization of capacity in a better waybull Growth potential and sustainabilityFor ApplicationService Providersbull Create service and applications that are available

from anywhere at the same timebull New servicesapplications are made possible (place

shiftingTime shifting technologies)bull Integrating across SilosFor Consumersbull Ubiquitous (being every where at the same time)

access to data and services

AGENDA






bull Conclusion

Why Network Convergence

bull A vision of the Futurebull Lower Costbull Simplified Provisioning - Reduction in cables cable plants One

medium

bull Easier Management - Due to combination of multiple systems and NW

bull Less Maintenance ndash Because of reduction in the number of cable plants

bull Fewer User Interfaces ndash use of single cable plant with appropriate switching

bull More Rapid Provisioning ndash Existing cables can carry new signals and new services can be engineered

bull Improved service - Due to fewer components service quality improved

bull New services ndash Use of IP as common switching technology More intelligence resides on user equipment Need for fixed services reduced

bull Simplification of userrsquos Life ndash Less cables at user desk

AGENDA






bull Conclusion

Types of Convergencebull TRANSPORTbull Same physical pipes and transport technology carry multiple services

usually of different customersbull Convergence at this level is primarily used by carriers to provision their

infra strbull Used for local access as well as reducing the customerrsquos overall Telecom

bill

bull SWITCHINGbull Same cable plant carries different types of traffic carries out proper

switchingbull Distinction between services becomes less distinct or disappears entirelybull Users see a bit pipe and services are defined by end - user equipment

bull APPLICATIONbull The same end-user type of device and network handles delivers all contentbull User does not have separate network interface devices

bull TELECOMMUNICATION ITbull Closing of the distinction between Telecom and Information Processing ndash

use of application service providers and Network computingbull Multiple functions provided through one source

Network Architecture for IT and Communications

bull CENTRALIZEDbull Places all the applications mgmt and network connections in a

single pointbull Worked well when networks and computers were expensivebull Initially used by large organizations

bull HORIZONTALbull Resembles an organizational chartbull Large enterprises like banks and schools with off- campus facilities

fit this modelbull The architecture design is flexible and can last a long time

bull HIERARCHICALbull More flexible allows sites to be added easilybull Loss of one site does not bring down the operation of other sitesbull Modular approach can produce a longer lasting solution

bull Architecture of Choice ndash Consistent Obvious (similar to other experiences limiting training expenses and reducing errors) amp Intuitive

AGENDA


Obstructions to Network Convergence

bull Inertia needed to change infrastructure ndash You would have invested considerable time material and effort for the existing Network

bull Regulatory ndash Massive Governmental regulatory regime

bull Human Factors ndash users consumers have to be convinced of the benefits

bull Protocol Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem

bull Clash of Cultures - Telecommunication and IT take polar views of how a network should run Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates)

bull Need to Interoperate with existing Infrastructure amp Applications -

No new solution will be acceptable if it does not interoperate with existing systems and applications

bull Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels

equal to or exceeding the existing system

AGENDA






bull Conclusion

Security concerns on converged Networks

Threats and Attacks - Denial of Service (DoS) ndash Voice

or Network Infrastructurebull 1048707 Malicious codebull 1048707 System vulnerabilitiesbull 1048707 Unauthorized accessbull 1048707 Packet or call floodsbull 1048707 Network or call routingforwarding

disruptionsbull 1048707 Priority queue exhaustionbull 1048707 Invalid connection terminationsbull 1048707 Spam over Internet Telephony (SPIT)bull 1048707 Account lockouts

Security concerns on converged Networks- Contd

Threats and Attacks - Non DoS data or Voice

Service outage

bull Hardware or software failurebull Loss of power or coolingbull Cable cutsbull Improper configurationbull Insufficient change and problem management practices


bull Threats and Attacks - Environmental Control Issues ndash Power and Cooling

bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature

bull Equipment failure

Threats and Attacks-Vulnerabilities of Converged Networks

bull Attacks against the data network and services can indirectly or directly affect voice services

bull The data network can provide communication paths that permit attacks directly against the voice environment

bull One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network

ndash Prevents the use of strong conventional approaches to logical separation and protection

ndash PCs have demonstrated continued susceptibility to mal ware and spy ware


Threats and Attacks Malicious Code bull The data industry is very familiar with mal ware

threats and attacks IP voice services will naturally face similar issues

bull IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment

bull Malicious code can be introduced in a variety of ways

ndash Exploit vulnerabilities in applications or operating system ndash E-mail attachments ndash Instant messaging programs

bull Common attacks and infections ndash Trojan horse worms bots key-loggers root kits and spy ware

Threats and AttacksIdentity Privacy and Integrity Issues

bull Session hi-jackingbull Compromised system

accountsbull Unauthorized call routingbull Unauthorized access to

voice or NW componentsbull Unauthorized data

accessbull Unwanted content

exposurebull Malicious code and spy

ware

bull Social Engineeringbull Phishing schemesbull Network identity

masqueradingbull Voice identity

masqueradingbull Unauthorized NW accessbull Unauthorized access to

voice servicesbull Caller-ID hacksbull Voice mailbox squatting

or redirection

MitigationandRecommendations

Mitigation and RecommendationsDenial of Service (DoS) - Voice or Network Infrastructure

bull Follow ldquoBest Practicesrdquobull Process and procedures for secure configuration

management and operationbull Harden voice and network infrastructure devices thru

embedded or adjunct mechanismsbull Control network traffic to limit exposure to attacks and

minimize damagebull Compartmentalize networks and services for voice and

databull Implement NW access authentication where

possiblefeasible bull Utilize emerging technologies for admission controlbull Utilize verified software and firmware (such as IP phone

firmware)

Mitigation and RecommendationsNon-Dos Data or Voice Service Outages

bull Redundant networks data services and voice services

ndash Diverse paths and diverse providers where possible and appropriate

ndash Provide redundant centralized services that are geographically

dispersedbull Backup and emergency voice servicesbull Redundant and diverse power ndash Multiple feeds circuits UPS generators devices with dual

power suppliesbull Redundant and resilient cooling andor provide

for emergency procedures and equipmentbull Develop disaster recovery plans and procedures

(include backup equipment and backup sites)

Mitigation and RecommendationsEnvironmental Control Issues ndash Power and Cooling

bull Multiple diverse path building power feedsbull Network and voice devices should use diverse building

powerbull Utilize Power-over-Ethernet (PoE)bull Utilize UPS power for infrastructure devicesbull Utilize emergency generator backup power for critical

componentsbull Provision portable AC units for critical infrastructure

componentsbull Develop standards policies and procedures for dealing

with environmental control issues

Mitigation and RecommendationsVulnerabilities of Converged Networks

bull Develop process and procedures for secure configuration

management and operation of NW and voice infrastructure

devices

bull Access authentication particularly in common areas

bull Disable unused services or protocols on voice compartments

bull Restrict access to services or protocols in the voice compartment that are used by management and support

bull Disable embedded data switch ports on IP phones when not

neededdesired (such as lobbies cafeterias etc)

AGENDA






bull Conclusion

Conclusions

bull Look at Convergence on a broad anglebull Donrsquot focus too much on Technological

capabilities alonebull You need not be market leader Best to be market

followerbull Be agile work smarter Identify new challenges

earlybull Respond more effectively and compete more

successfullybull Ensure compliance Manage all forms of risks

more effectivelybull Integrate your channels to market effectively

through converged IT and communication servicesbull Protect - Detect - React to Security breaches

Thank Youamp

Your questions are welcome

Contact yesarebeyahoocom

PowerPoint Presentation

AGENDA

Slide 3



Slide 6


Slide 8

Types of Convergence


Slide 11


Slide 13



Slide 16


Slide 18

Threats and Attacks Identity Privacy and Integrity Issues

Slide 20

Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure

Mitigation and Recommendations Non-Dos Data or Voice Service Outages

Mitigation and Recommendations Environmental Control Issues ndash Power and Cooling

Mitigation and Recommendations Vulnerabilities of Converged Networks

Slide 25

Conclusions

Slide 27

AGENDA






bull Conclusion

AGENDA








For the Consumer








AGENDA






bull Conclusion



medium








AGENDA






bull Conclusion




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27

AGENDA








For the Consumer








AGENDA






bull Conclusion



medium








AGENDA






bull Conclusion




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27







For the Consumer








AGENDA






bull Conclusion



medium








AGENDA






bull Conclusion




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27






AGENDA






bull Conclusion



medium








AGENDA






bull Conclusion




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27



medium








AGENDA






bull Conclusion




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27

AGENDA






bull Conclusion




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27




bill













AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27








AGENDA












AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27











AGENDA






bull Conclusion







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27







Service outage




bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27



bull Terrorism

bull Utilities

bull Accidental

bull Acts of nature





















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27




















ware





or redirection









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27









firmware)


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27


















devices






AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27

AGENDA






bull Conclusion

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27

Conclusions








Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27

Thank Youamp




AGENDA

Slide 3



Slide 6


Slide 8



Slide 11


Slide 13



Slide 16


Slide 18


Slide 20





Slide 25

Conclusions

Slide 27

Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology...

Documents

Transcript of Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology...