|
||||||||||
|
||||||||||
|
||||||||||
|
||||||||||
KEB(Korea Exchange Bank) is one of the biggest banks in Korea. KEB has more than 300 |
||||||||||
conventional branches nationwide. In particular, KEB is the strongest bank in foreign exchange. |
||||||||||
|
||||||||||
|
||||||||||
|
||||||||||
Banks are the most security-minded organizations classified with the national security |
||||||||||
implications. At this point, KEB had to verify the integrity of data and information they use on |
||||||||||
the network. In particular, KEB isolated the systems and the networks from the hostile intrusion |
||||||||||
outside. To ensure the integrity of the network, KEB isolated the systems and the networks from |
||||||||||
the external network. They prohibited all the access to the external network, only except for the |
||||||||||
modem connection allowed the only few restricted number of people. Those who authorized the |
||||||||||
access to the external network were responsible for the customer services, for the government, |
||||||||||
stock market, the financial supervisors service, general enterprises, etc. |
||||||||||
It is very important operation of business. But, from the security procedure on the modem |
||||||||||
connection. |
||||||||||
Apart from the vulnerability of the modem connection, the need to the external access, in |
||||||||||
particular the internet, out of branch offices have explosively increased. In fact, already the |
||||||||||
new technology, such as the internet, has been transforming the way they have worked. The |
||||||||||
free accessibility to the new information is not the option anymore, it becomes a must to |
||||||||||
prosper the business and the lives of employees as well. But the free accessibility is totally |
||||||||||
different story at the security point of view. At this point, KEB had been suffered from the |
||||||||||
dilemma. |
||||||||||
|
||||||||||
|
||||||||||
|
||||||||||
At first, KEB tried to build an additional network physically isolated from the internal network, |
||||||||||
in order to authorize the internet access without the security concerns. But the way to build |
||||||||||
the additional network took lots of budget. It was quite a burden to KEB who had suffered from |
||||||||||
the restructuring caused by the economy crisis of Korea and Asia. On top of it, the one more |
||||||||||
isolated network can not give any internet accessibility to people who work at branch offices. |
||||||||||
At this moment, KEB heard about our solution, the physical network separation, from one of our |
||||||||||
client who already adopted our solution. At first, KEB decided to install one piece of NetSwitch II |
||||||||||
-M at their information system center of its headquarter for the evaluation. |
||||||||||
From the evaluation, the network and security administrators came to realize that they could |
||||||||||
achieve the result of building the totally isolated networks, the perfect network topology to |
||||||||||
provide security as far as known, the internal network from the untrusted network with their |
||||||||||
current network line. To begin with, KEB could use the budget and time with efficiency. Apart |
||||||||||
from this advantage, there are more merits KEB expected. NetSwitch II-M is really simple in |
||||||||||
installation, implementation, and maintenance. |
||||||||||
Right after evaluation of NetSwitch II-M, KEB decided to setup NetSwitch II-M for all people at |
||||||||||
the headquarter. And KEB placed the firewall on the external network as recommended by FNET. |
||||||||||
Because it was necessary to control the accessibility from the inside and outside. |
||||||||||
And it announced the permission to access to the internet all people who needed to use the |
||||||||||
information on the internet. By removing its sensitive systems and network, from untrusted |
||||||||||
networks, the external networks, KEB could drastically reduce the risk of compromise. |
||||||||||
Strictly from the security point of view, it has been said that the only way to really secure a |
||||||||||
system is to take off the network. At this point, NetSwitch II-M realized this concept, the |
||||||||||
physical isolation, on network. |
||||||||||
|
||||||||||
KEB could ensure the integrity of the information on its internal network for the headquarter, |
||||||||||
but it confronted the need to the internet access out of its more than 300 branch offices. |
||||||||||
Branch office, it is totally different story from the headquarter. Basically, most of the branch |
||||||||||
offices had smaller than 30 people. And rental fee of the leased line for the external network |
||||||||||
was enormous to manage. |
||||||||||
The moment KEB had been troubled with this matter, FNET suggested another security solution, |
||||||||||
NetSwitch II-R was, basically, designed for the small offices, such as the branch offices or |
||||||||||
SOHO. It has all features of NetSwitch II-M. Additionally, it embedded the features of |
||||||||||
switching hub and firewall system. NetSwitch II-R supported WAN interface for ISDN, xDSL, |
||||||||||
and cable modem, inexpensive way to access to the internet compared to the leased line. |
||||||||||
The users at the branch offices can access the internet through ADSL with about 50,000 |
||||||||||
(less than $50.00 USD) per month. And the internet connection was totally disconnected |
||||||||||
with the internal network. Furthermore, the security administrator could control the internet |
||||||||||
accessibility with the firewall features embedded with NetSwtich II-R. KEB could preserve the |
||||||||||
internal network as the totally trusted network. |
||||||||||
With the security features and advantages of NetSwitch II-R, KEB also decided to install |
||||||||||
NetSwitch II-R in all branch offices nationwide. |
||||||||||
|
||||||||||
|
||||||||||
|
||||||||||
From the security point of view, the safest network topology to provide security is the physical |
||||||||||
isolation. You use the different networks for the internal and external network, you can complete |
||||||||||
the integrity of information on your internal network. The network and security administrator of |
||||||||||
KEB started recommending our solutions to their neighbors, the banks facing the same situation |
||||||||||
of their own accord. |
||||||||||
Needless to mention, it is true that KEB saved lots of its budget with NetSwitch II-M and NetSwitch |
||||||||||
II-R solutions. One of executives at KEB, who was fully responsible for the network, mentioned |
||||||||||
that KEB could save almost 40% of their budget in network division. In terms of time, it is quite |
||||||||||
important that how early you can complete all installation when you adopt a new system. |
||||||||||
All solutions of FNET are very simple in installation. In case of NetSwitch II-R, it just took a |
||||||||||
couple of months to install all branch offices, more than 300 offices, nationwide. |
||||||||||
|
||||||||||
Copyright by FNET(C) since 1998-2015, All rights reserved |