Banking:

Secure, Analyze and Test with the Netlayer Solution

The banking industry was an early magnet of hacker attempts to get past the corporate firewall. Currently, the banking industry accounts for nearly one in three hacker attacks. And the stakes are high. Clients expect safety, innovation and convenience as a differentiator. At the same time, hackers are stealing client information and money and today’s technology makes it easier to breach traditional IT perimeter defensest. Moreover, the regulatory environment makes it difficult to justify relying on traditional perimeter firewall based security.

Netlayer’s solutions, NFVgrid and X-Barrier, both have a place in the banking industry. From security and analytics to virtual machine management Netlayer has tools that change the way your network operates.

Security

Banking IT networks can have a lot in common with the medical industry; especially in the number of edge devices and the low level of protection provided to these devices. Moreover, the cost of an intrusion in both industry’s is high and the regulatory environment is always adding an new layer of difficulty. To protect the network as well as extending the security of older devices, we created X-Barrier...the Netlayer intranet security solution. X-Barrier automatically protects banking network edge devices, core equipment and intranets to the device level. X-Barrier touches on the key areas of compliance: endpoints, data access, applications, infrastructure and security management, thus leaving your institution better defended not only against hackers but also against liability and litigation.

Unlike a traditional firewall, X-Barrier segregates every device or set of devices within the network into microsegments. User-defined permissions and auto-detect can set permissions for the destinations each device connects to and what happens when a breach occurs. Instead of waiting for a human to notice a problem, X-Barrier raises flags immediately for operators to address issues immediately. By treating the network as a collection of micro-segments, authorized and unauthorized activity is quickly and easily determined. X-Barrier detects and blocks improper communication attempts no matter where they are from. With X-Barrier installed, a hacker would have to rewrite the security provisions for that micro-segment and this can only be done by authorized network operators.

Unlike traditional security arrangements, X-Barrier makes reporting fast and clear. Quarantined nodes and suspicious activity such as low- or high- bandwidth use, or historically unusual activity, are all presented on the X- Barrier dashboard as soon as the alarm is thrown. This is a difference that can play a crucial role when regulatory compliance questions arise.

analysis

Any security solution is only as good as the analytics that feeds it. NFVgrid and X-Barrier use the NFVgrid analytics block. Our experience with Big Data acquisition and processing solutions forms the backbone for everything from automated lifecycle management to network optimization and security.

Banking services require low-latency as well as highly-granular analytics. With this in mind, we’ve streamlined the NFVgrid Analytics module – from placing all the packet and log data on a single database to choosing what gets a 100% packet read to the way we process the data. Wherever possible, we promote speed.

NFVgrid Analytics makes it possible for NFVgrid and X-Barrier to detect low-level intrusions such as probes spread out over time. We also use a variety of exponential moving averages (EMA) to slice the same data in multiple ways. For instance, the analytics block utilizes both a day-of-the- week EMA as well as a runtime average to predict network behavior. Security-focused automation tools such as dynamic threshold determination, auto-scaling, graph analysis and alarm management handle the rest, whether in the data center or on the network edge.

testing

With software ruling the intranet and data center, the need to test upgrades and other functions is critical. Banks cannot afford to have an update bring the systems to a halt. NFVgrid enables operators the chance to do virtual machine testing on their own. While NFVgrid will not point precisely to the source of the error, it lets operators troubleshoot without having to bring the updated network live. For further information on testing with NFVgrid, please contact us!