1. Client Overview


  KEB(Korea Exchange Bank) is one of the biggest banks in Korea. KEB has more than 300

  conventional branches nationwide. In particular, KEB is the strongest bank in foreign exchange.


 2. Security Concerns


  Banks are the most security-minded organizations classified with the national security

  implications. At this point, KEB had to verify the integrity of data and information they use on

  the network. In particular, KEB isolated the systems and the networks from the hostile intrusion

  outside. To ensure the integrity of the network, KEB isolated the systems and the networks from

  the external network. They prohibited all the access to the external network, only except for the

  modem connection allowed the only few restricted number of people. Those who authorized the

  access to the external network were responsible for the customer services, for the government,

  stock market, the financial supervisors service, general enterprises, etc.

  It is very important operation of business. But, from the security procedure on the modem


  Apart from the vulnerability of the modem connection, the need to the external access, in

  particular the internet, out of branch offices have explosively increased. In fact, already the

  new technology, such as the internet, has been transforming the way they have worked. The

  free accessibility to the new information is not the option anymore, it becomes a must to

  prosper the business and the lives of employees as well. But the free accessibility is totally

  different story at the security point of view. At this point, KEB had been suffered from the



  3. Implementing NetSwitch II-M & NetSwitch II-R


  At first, KEB tried to build an additional network physically isolated from the internal network,

  in order to authorize the internet access without the security concerns. But the way to build

  the additional network took lots of budget. It was quite a burden to KEB who had suffered from

  the restructuring caused by the economy crisis of Korea and Asia. On top of it, the one more

  isolated network can not give any internet accessibility to people who work at branch offices.

  At this moment, KEB heard about our solution, the physical network separation, from one of our

  client who already adopted our solution. At first, KEB decided to install one piece of NetSwitch II

  -M at their information system center of its headquarter for the evaluation.

  From the evaluation, the network and security administrators came to realize that they could

  achieve the result of building the totally isolated networks, the perfect network topology to

  provide security as far as known, the internal network from the untrusted network with their

  current network line. To begin with, KEB could use the budget and time with efficiency. Apart

  from this advantage, there are more merits KEB expected. NetSwitch II-M is really simple in

  installation, implementation, and maintenance.

  Right after evaluation of NetSwitch II-M, KEB decided to setup NetSwitch II-M for all people at

  the headquarter. And KEB placed the firewall on the external network as recommended by FNET.

  Because it was necessary to control the accessibility from the inside and outside.

  And it announced the permission to access to the internet all people who needed to use the

  information on the internet. By removing its sensitive systems and network, from untrusted

  networks, the external networks, KEB could drastically reduce the risk of compromise.

  Strictly from the security point of view, it has been said that the only way to really secure a

  system is to take off the network. At this point, NetSwitch II-M realized this concept, the

  physical isolation, on network.


  KEB could ensure the integrity of the information on its internal network for the headquarter,

  but it confronted the need to the internet access out of its more than 300 branch offices.

  Branch office, it is totally different story from the headquarter. Basically, most of the branch

  offices had smaller than 30 people. And rental fee of the leased line for the external network

  was enormous to manage.

  The moment KEB had been troubled with this matter, FNET suggested another security solution,

  NetSwitch II-R was, basically, designed for the small offices, such as the branch offices or

  SOHO.  It has all features of NetSwitch II-M. Additionally, it embedded the features of

  switching hub and  firewall system. NetSwitch II-R supported WAN interface for ISDN, xDSL,

  and cable modem, inexpensive way to access to the internet compared to the leased line.

  The users at the branch offices can access the internet through ADSL with about 50,000

  (less than $50.00 USD) per month. And the internet connection was totally disconnected

  with the internal network. Furthermore, the security administrator could control the internet

  accessibility with the firewall features embedded with NetSwtich II-R. KEB could preserve the

  internal network as the totally trusted network.

  With the security features and advantages of NetSwitch II-R, KEB also decided to install

  NetSwitch II-R in all branch offices nationwide.


  4. Results : Secure, Cost & Time-Effective


  From the security point of view, the safest network topology to provide security is the physical

  isolation. You use the different networks for the internal and external network, you can complete

  the integrity of information on your internal network. The network and security administrator of

  KEB started recommending our solutions to their neighbors, the banks facing the same situation

  of their own accord.

  Needless to mention, it is true that KEB saved lots of its budget with NetSwitch II-M and NetSwitch

  II-R solutions. One of executives at KEB, who was fully responsible for the network, mentioned

  that KEB could save almost 40% of their budget in network division. In terms of time, it is quite

  important that how early you can complete all installation when you adopt a new system.

  All solutions of FNET are very simple in installation. In case of NetSwitch II-R, it just took a

  couple of months to install all branch offices, more than 300 offices, nationwide.


Copyright by FNET(C) since 1998-2015, All rights reserved