Presentation is loading. Please wait.

Presentation is loading. Please wait.

HSM Refresh – box replacement Planning and replacement overview SWIFT July 2013.

Similar presentations


Presentation on theme: "HSM Refresh – box replacement Planning and replacement overview SWIFT July 2013."— Presentation transcript:

1 HSM Refresh – box replacement Planning and replacement overview SWIFT July 2013

2 New box replacement procedure is similar to existing box failure replacement procedure, and new box is backward compatible HSM Refresh- planning and replacement overview2

3 Whats new – IS6 HSM Box 3 Physical characteristics New hardware with enterprise class server-grade components Redundancy for critical components Contains two hot-swappable power supply units rated at 450W each Field replaceable cooling fans Standard 1U rack mount chassis Weight is 28lb (12.7kg) New decommission button on back of the box, mainly used in the unlikely event of returning boxes to factory USB to serial adapter packaged along with the box New sensor to monitor power supply Visual indicator (led) on back of HSM box and an audio alarm Sensor output accessible via HSM commands or new SNL rls7.0.25 Compatibility New box is backward compatible. It can interoperate with old boxes and hence, no software upgrade or certificate migration is needed.

4 HSM Refresh- planning and replacement overview Whats new – PIN Entry Device (PED) 4 PED used locally with HSM box IS6 HSM uses a new PED with similar physical characteristics as the old one Old PEDs cannot be used with new HSM boxes New PED is backward compatible. Hence, new PEDs must be used to operate new and old boxes. PED used at remote offices New PED can be used locally or remotely. No separate remote PED anymore. Customers can use PEDs packaged with HSM boxes at remote office. This can reduce need for ordering additional PEDs for remote office. New PEDs must be available at remote office before starting any HSM box refresh

5 HSM Refresh- planning and replacement overview Deployment prerequisites 5 New devices All new boxes must be onsite and contents checked For remote PED users, new PED must be available at the remote office. Old PEDs cannot be used with new boxes. Existing HSM information Existing HSM boxes are running version 5.6.1 or 5.6.4 Password of HSM admin, monitor and operator accounts are available and verified Keys and PINs for HSM SO/admin, domain and user are available and verified For remote PED users o Working remote PED workstation o Current remote PED key (orange key) and its PIN must be available and verified Infrastructure readiness Two power sources must be available for each HSM box PC or laptop with serial port within 1.8 metres of the HSM rack

6 HSM Refresh- planning and replacement overview HSM box refresh scenarios 6 #Existing setupFuture setupProcedure overview 1Old 2-box clusterNew 2-box cluster 1*Old 2-box clusterNew 2-box cluster 2Old 3-box clusterNew 3-box cluster 3Old 4-box clusterNew 4-box cluster 4Stand alone old boxStand alone new box * For customers who prefer to keep at least 2 boxes in cluster at all times during refresh procedure, new box can be added to cluster before removing old ones. This will require additional network connection. Click here (1B) Click here (2B) Click here (3B) Click here (4B) Click here (2B*) Replacement can be performed in single or multiple downtime windows based on customer preference. Each procedure includes an intermediate checkpoint step which can be used to come out of the downtime window, and continue the rest in next downtime window. Replacement can be performed in single or multiple downtime windows based on customer preference. Each procedure includes an intermediate checkpoint step which can be used to come out of the downtime window, and continue the rest in next downtime window.

7 HSM Refresh- planning and replacement overview7 Current Intermediate Final 2-box Cluster : Overview Stop all SNLs Disconnect & remove old secondary from cluster Add new HSM box to existing cluster as secondary, using existing network connection Promote new HSM as Primary Checkpoint – validate new HSM Disconnect & remove old secondary from cluster Add new HSM box to existing cluster as secondary, using existing network connection Re-register other SNLs Start all SNLs Verify MMF Verify and ensure all prerequisites are met. Necessary PED keys, their pins and account passwords are available and verified.

8 HSMbox_1 (P) HSMbox_2 (S) SNL_1 SNL_2 SNL_3 HSMbox_1 (P) SNL_1 SNL_2 SNL_3 1 2 4 5 3 HSMbox_1 (P) IS6_HSMbox_1 (S) SNL_1 SNL_3 6 7 SNL_2 89 2-box cluster : Detailed steps (1/3) 1 Stop all SNL instances. Manage replacement from SNL_1 2 Take backup of HSMbox_1 (for fallback purpose) 3Disconnect HSMbox_2 from network 4Remove HSMbox_2 from cluster configuration 5 Prepare IS6_HSMbox_1 and connect it to network, using the network cable that was previously connected to HSMbox_2 6 Configure IS6_HSMbox_1 with the same network parameters as HSMbox_2 7 If HSMbox_1 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_1 to 5.6.1 8 Initialize IS6_HSMbox_1 with the Remote PED Secret (For remote PED only) 9 Add IS6_HSMbox_1 to the cluster as a secondary HSM box (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview8

9 2-box cluster : Detailed steps (2/3) 10Promote IS6_HSMbox_1 to primary HSM box Check point ** Checkpoint - confidence test IS6_HSMbox_1 (optional) a) Deregister all SNL instances except SNL_1 b) Register all SNL instances except SNL_1 c) Start all SNL and verify the message flow d) Stop all SNL 11Disconnect HSMbox_1 from network 12Remove HSMbox_1 from cluster configuration 13Reset the cluster compatibility version of IS6_HSMbox_1 14 Prepare IS6_HSMbox_2 and connect it to network, using the network cable that was previously connected to HSMbox_1 HSMbox_1 (P) SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 IS6_HSMbox_1 (S) IS6_HSMbox_1 (P) 12 10 11 13 HSMbox_1 (S) SNL_1 SNL_2 SNL_3 IS6_HSMbox_1 (P) ---------- Checkpoint ---------- 14 (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview9 ** In case replacement is planned over multiple downtime windows, break at checkpoint

10 2-box cluster : Detailed steps (3/3) 15 Configure IS6_HSMbox_2 with the same network parameters as HSMbox_1 16 Initialize IS6_HSMbox_2 with the Remote PED Secret (For remote PED only) 17Add IS6_HSMbox_2 to the cluster as a secondary HSM box 18Deregister all SNL instances except SNL_1 19Register all SNL instances except SNL_1 20Start all SNL and verify the message flow IS6_HSMbox_2 (S) SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 19 IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) IS6_HSMbox_1 (P) 15 17 20 16 18 (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview10 Return to list of scenarios Return to list of scenarios Go to end of all scenarios Go to end of all scenarios

11 HSM Refresh- planning and replacement overview11 Current Intermediate Final 2-box Cluster : Overview (using third network connection) Stop all SNLs Add new HSM box to existing cluster as standby, using a new network connection Disconnect & remove old secondary from cluster Promote new HSM as Primary Checkpoint – validate new HSM Add new HSM box to existing cluster as standby, using existing network connection Disconnect & remove old secondary from cluster Re-register other SNLs Start all SNLs Verify MMF Verify and ensure all prerequisites are met. Necessary PED keys, their pins and account passwords are available and verified.

12 HSMbox_1 (P) HSMbox_2 (S) SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 1 2 45 3 SNL_1 SNL_3 6 7 SNL_2 2-box cluster : Detailed steps (1/3) (using third network connection) 1 Stop all SNL instances. Manage replacement from SNL_1 2 Take backup of HSMbox_1 (for fallback purpose) 3 Prepare IS6_HSMbox_1 and connect it to network using a new network connection 4Configure network parameters of IS6_HSMbox_1 5 If HSMbox_1 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_1 to 5.6.1 6 Initialize IS6_HSMbox_1 with the Remote PED Secret (For remote PED only) 7 Add IS6_HSMbox_1 to the cluster as a standby HSM box 8Disconnect HSMbox_2 from network 9Remove HSMbox_2 from cluster configuration (P) Primary; (S) Secondary; (SB) Standby HSMbox_1 (P) HSMbox_2 (S) IS6_HSMbox_1 HSMbox_1 (P) HSMbox_2 (S) IS6_HSMbox_1 (SB) HSM Refresh- planning and replacement overview12

13 2-box cluster : Detailed steps (2/3) (using third network connection) 8Disconnect HSMbox_2 from network 9Remove HSMbox_2 from cluster configuration 10Promote IS6_HSMbox_1 to primary HSM box Check point ** Checkpoint - confidence test IS6_HSMbox_1 (optional) a) Deregister all SNL instances except SNL_1 b) Register all SNL instances except SNL_1 c) Start all SNL and verify the message flow d) Stop all SNL 11 Prepare IS6_HSMbox_2 and connect it to network using the network cable that was previously connected to HSMbox_2 12 Configure IS6_HSMbox_2 with the same network parameters as HSMbox_2 13 If HSMbox_1 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_2 to 5.6.1 14 Initialize IS6_HSMbox_2 with the Remote PED Secret (For remote PED only) 15Add IS6_HSMbox_2 to the cluster as a standby HSM box SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 10 11 SNL_1 SNL_2 SNL_3 ---------- Checkpoint ---------- (P) Primary; (S) Secondary; (SB) Standby HSMbox_1 (P) IS6_HSMbox_1 (S) HSMbox_1 (S) IS6_HSMbox_1 (P) 8 9 HSMbox_1 (S) IS6_HSMbox_1 (P) IS6_HSMbox_2 12 13 14 15 HSM Refresh- planning and replacement overview13 ** In case replacement is planned over multiple downtime windows, break at checkpoint

14 2-box cluster : Detailed steps (3/3) (using third network connection) 16Disconnect HSMbox_1 from network 17Remove HSMbox_1 from cluster configuration 18 Reset the cluster compatibility version of IS6_HSMbox_1 and IS6_HSMbox_2 19Deregister all SNL instances except SNL_1 20Register all SNL instances except SNL_1 21Start all SNL and verify the message flow SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 19 16 18 SNL_1 SNL_2 SNL_3 21 (P) Primary; (S) Secondary; (SB) Standby HSMbox_1 (S) IS6_HSMbox_1 (P) IS6_HSMbox_2 (SB) 17 IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) 20 IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) HSM Refresh- planning and replacement overview14 Return to list of scenarios Return to list of scenarios Go to end of all scenarios Go to end of all scenarios

15 HSM Refresh- planning and replacement overview15 Current Intermediate Final 3-box Cluster : Overview Stop all SNLs Disconnect & remove old secondary from cluster Add new HSM box to existing cluster as standby, using existing network connection Promote new HSM as Primary. Checkpoint – validate new HSM Disconnect & remove old standby from cluster Add new HSM box to existing cluster as standby, using existing network connection Repeat above 2 steps Re-register other SNLs Start all SNLs Verify MMF Verify and ensure all prerequisites are met. Necessary PED keys, their pins and account passwords are available and verified.

16 HSMbox_3 (SB) HSMbox_1 (P) HSMbox_2 (S) SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 1 2 4 5 3 IS6_HSMbox_1 SNL_1 SNL_3 6 7 SNL_2 8 9 3-box cluster : Detailed steps (1/4) 1 Stop all SNL instances. Manage replacement from SNL_1 2 Take backup of HSMbox_1 (for fallback purpose) 3Disconnect HSMbox_2 from network 4Remove HSMbox_2 from cluster configuration 5 Prepare IS6_HSMbox_1 and connect it to network, using the network cable that was previously connected to HSMbox_2 6 Configure IS6_HSMbox_1 with the same network parameters as HSMbox_2 7 If HSMbox_1 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_1 to 5.6.1 8 Initialize IS6_HSMbox_1 with the Remote PED Secret (For remote PED only) 9 Add IS6_HSMbox_1 to the cluster as a standby HSM box HSMbox_3 (S) HSMbox_1 (P) HSMbox_3 (S) HSMbox_1 (P) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview16

17 3-box cluster : Detailed steps (2/4) 10Promote IS6_HSMbox_1 to primary HSM box Check point ** Checkpoint - confidence test IS6_HSMbox_1 (optional) a) Deregister all SNL instances except SNL_1 b) Register all SNL instances except SNL_1 c) Start all SNL and verify the message flow d) Stop all SNL 11Disconnect HSMbox_1 from network 12Remove HSMbox_1 from cluster configuration 13 Prepare IS6_HSMbox_2 and connect it to network, using the network cable that was previously connected to HSMbox_1 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 12 10 11 13 SNL_1 SNL_2 SNL_3 ---------- Checkpoint ---------- IS6_HSMbox_1 (SB) HSMbox_3 (S) HSMbox_1 (P) IS6_HSMbox_1 (P) HSMbox_3 (S) HSMbox_1 (SB) IS6_HSMbox_1 (P) HSMbox_3 (S) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview17 ** In case replacement is planned over multiple downtime windows, break at checkpoint

18 IS6_HSMbox_2 (SB) 3-box cluster : Detailed steps (3/4) 14 Configure IS6_HSMbox_2 with the same network parameters as HSMbox_1 15 If HSMbox_3 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_2 to 5.6.1 16 Initialize IS6_HSMbox_2 with the Remote PED Secret (For remote PED only) 17Add IS6_HSMbox_2 to the cluster as a standby HSM box 18Disconnect HSMbox_3 from network 19Remove HSMbox_3 from cluster configuration 20 Reset the cluster compatibility version of IS6_HSMbox_1 and IS6_HSMbox_2 21 Prepare IS6_HSMbox_3 and connect it to network, using the network cable that was previously connected to HSMbox_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) IS6_HSMbox_1 (P) HSMbox_3 (S) IS6_HSMbox_2 19 15 17 20 16 18 14 IS6_HSMbox_1 (P) HSMbox_3 (S) 21 (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview18

19 IS6_HSMbox_3 (SB) 3-box cluster : Detailed steps (4/4) 22 Configure IS6_HSMbox_3 with the same network parameters as HSMbox_3 23 Initialize IS6_HSMbox_3 with the Remote PED Secret (For remote PED only) 24Add IS6_HSMbox_3 to the cluster as a standby HSM box 25Deregister all SNL instances except SNL_1 26Register all SNL instances except SNL_1 27Start all SNL and verify the message flow SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 26 22 24 27 23 25 IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) IS6_HSMbox_3 IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) IS6_HSMbox_3 (SB) IS6_HSMbox_1 (P) IS6_HSMbox_2 (S) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview19 Return to list of scenarios Return to list of scenarios Go to end of all scenarios Go to end of all scenarios

20 HSM Refresh- planning and replacement overview20 Current Intermediate Final 4-box Cluster : Overview Stop all SNLs Disconnect & remove old secondary from cluster Add new HSM box to existing cluster as standby, using existing network connection Promote new HSM as Primary. Checkpoint – validate new HSM Disconnect & remove old standby from cluster Add new HSM box to existing cluster as standby, using existing network connection Repeat above 2 steps for remaining boxes Re-register other SNLs Start all SNLs Verify MMF Verify and ensure all prerequisites are met. Necessary PED keys, their pins and account passwords are available and verified.

21 HSMbox_4 (SB) HSMbox_3 (SB) HSMbox_1 (P) HSMbox_2 (S) SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 1 2 4 5 3 IS6_HSMbox_1 SNL_1 SNL_3 6 7 SNL_2 8 9 4-box cluster : Detailed steps (1/5) 1 Stop all SNL instances. Manage replacement from SNL_1 2 Take backup of HSMbox_1 (for fallback purpose) 3Disconnect HSMbox_2 from network 4Remove HSMbox_2 from cluster configuration 5 Prepare IS6_HSMbox_1 and connect it to network, using the network cable that was previously connected to HSMbox_2 6 Configure IS6_HSMbox_1 with the same network parameters as HSMbox_2 7 If HSMbox_1 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_1 to 5.6.1 8 Initialize IS6_HSMbox_1 with the Remote PED Secret (For remote PED only) 9 Add IS6_HSMbox_1 to the cluster as a standby HSM box HSMbox_4 (SB) HSMbox_3 (S) HSMbox_1 (P) HSMbox_4 (SB) HSMbox_3 (S) HSMbox_1 (P) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview21

22 4-box cluster : Detailed steps (2/5) 10Promote IS6_HSMbox_1 to primary HSM box Check point ** Checkpoint - confidence test IS6_HSMbox_1 (optional) a) Deregister all SNL instances except SNL_1 b) Register all SNL instances except SNL_1 c) Start all SNL and verify the message flow d) Stop all SNL 11Disconnect HSMbox_1 from network 12Remove HSMbox_1 from cluster configuration 13 Prepare IS6_HSMbox_2 and connect it to network, using the network cable that was previously connected to HSMbox_1 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 12 10 11 13 SNL_1 SNL_2 SNL_3 ---------- Checkpoint ---------- IS6_HSMbox_1 (SB) HSMbox_4 (SB) HSMbox_3 (S) HSMbox_1 (P) IS6_HSMbox_1 (P) HSMbox_4 (SB) HSMbox_3 (S) HSMbox_1 (SB) IS6_HSMbox_1 (P) HSMbox_4 (SB) HSMbox_3 (S) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview22 ** In case replacement is planned over multiple downtime windows, break at checkpoint

23 4-box cluster : Detailed steps (3/5) 14 Configure IS6_HSMbox_2 with the same network parameters as HSMbox_1 15 If HSMbox_3 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_2 to 5.6.1 16 Initialize IS6_HSMbox_2 with the Remote PED Secret (For remote PED only) 17Add IS6_HSMbox_2 to the cluster as a standby HSM box 18Disconnect HSMbox_3 from network 19Remove HSMbox_3 from cluster configuration 20 Prepare IS6_HSMbox_3 and connect it to network, using the network cable that was previously connected to HSMbox_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 19 15 17 20 16 18 14 IS6_HSMbox_1 (P) HSMbox_4 (SB) HSMbox_3 (S) IS6_HSMbox_2 IS6_HSMbox_1 (P) HSMbox_4 (SB) HSMbox_3 (S) IS6_HSMbox_2 (SB) IS6_HSMbox_1 (P) HSMbox_4 (S) IS6_HSMbox_2 (SB) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview23

24 4-box cluster : Detailed steps (4/5) 21 Configure IS6_HSMbox_3 with the same network parameters as HSMbox_3 22 If HSMbox_4 s on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_3 to 5.6.1 23 Initialize IS6_HSMbox_3 with the Remote PED Secret (For remote PED only) 24Add IS6_HSMbox_3 to the cluster as a standby HSM box 25Disconnect HSMbox_4 from network 26Remove HSMbox_4 from cluster configuration 27 Reset the cluster compatibility version of IS6_HSMbox_1, IS6_HSMbox_2 and IS6_HSMbox_3 28 Prepare IS6_HSMbox_4 and connect it to network, using the network cable that was previously connected to HSMbox_4 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 26 22 24 28 23 25 21 IS6_HSMbox_3 IS6_HSMbox_1 (P) HSMbox_4 (S) IS6_HSMbox_3 (SB) IS6_HSMbox_1 (P) IS6_HSMbox_3 (SB) IS6_HSMbox_1 (P) HSMbox_4 (S) IS6_HSMbox_2 (SB) 27 IS6_HSMbox_2 (S) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview24

25 4-box cluster : Detailed steps (5/5) 29 Configure IS6_HSMbox_4 with the same network parameters as HSMbox_4 30 Initialize IS6_HSMbox_4 with the Remote PED Secret (For remote PED only) 31Add IS6_HSMbox_4 to the cluster as a standby HSM box 32Deregister all SNL instances except SNL_1 33Register all SNL instances except SNL_1 34Start all SNL and verify the message flow SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 33 29 31 34 30 32 IS6_HSMbox_1 (P) IS6_HSMbox_3 (SB) IS6_HSMbox_2 (S) IS6_HSMbox_4 IS6_HSMbox_1 (P) IS6_HSMbox_3 (SB) IS6_HSMbox_2 (S) IS6_HSMbox_4 (SB) IS6_HSMbox_1 (P) IS6_HSMbox_3 (SB) IS6_HSMbox_2 (S) IS6_HSMbox_4 (SB) (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview25 Return to list of scenarios Return to list of scenarios Go to end of all scenarios Go to end of all scenarios

26 HSM Refresh- planning and replacement overview26 Current Intermediate Final 1-box Cluster : Overview Stop all SNLs Backup old box Disconnect old box from network Configure new HSM box as stand-alone HSM box, using existing network connection Restore backup Register all SNLs Start all SNLs Verify MMF Verify and ensure all prerequisites are met. Necessary PED keys, their pins and account passwords are available and verified.

27 HSMbox_1 (P) SNL_1 SNL_2 SNL_3 1 2 4 5 3 IS6_HSMbox_1 (P) 6 78 1-box cluster : Detailed steps (1/2) 1Deregister all SNL instances. 2Take backup of HSMbox_1 3Disconnect HSMbox_1 from network 4 Prepare IS6_HSMbox_1 and connect it to network, using the network cable that was previously connected to HSMbox_1 5 Configure IS6_HSMbox_1 with the same network parameters as HSMbox_1 6 If HSMbox_1 is on software version 5.6.1, set cluster compatibility version of IS6_HSMbox_1 to 5.6.1 7 Initialize IS6_HSMbox_1 with the Remote PED Secret (For remote PED only) 8Configure IS6_HSMbox_1 as stand-alone HSM box (P) Primary; (S) Secondary; (SB) Standby SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 HSM Refresh- planning and replacement overview27

28 1-box cluster : Detailed steps (2/2) 9Restore HSM backup on IS6_HSMbox_1 10Reset the cluster compatibility version of IS6_HSMbox_1 11Register all SNL instances 12Start all SNL and verify the message flow 12 IS6_HSMbox_1 (P) 10 11 SNL_1 SNL_2 SNL_3 SNL_1 SNL_2 SNL_3 IS6_HSMbox_1 (P) 9 (P) Primary; (S) Secondary; (SB) Standby HSM Refresh- planning and replacement overview28 Return to list of scenarios Return to list of scenarios Go to end of all scenarios Go to end of all scenarios

29 Thank you 29HSM Refresh- planning and replacement overview

30 Backup HSM Refresh- planning and replacement overview30

31 HSM Refresh- planning and replacement overview Budgeting for box replacement 31 Build inventory of HSM boxes (and remote PEDs) to be replaced Include all environments with HSM boxes, like development, test, production & DR Include all spare boxes Identify location and tier of each box Verify against entitlement information provided by SWIFT Budget for box replacement HSM box fees Subsidized one-time fees per box & recurring annual fees Refer to pricing and subsidy email from SWIFT or contact your SWIFT contact Deployment effort Project planning Sanity testing of new boxes & deployment preparation Installation and verification Use of external resources or consultants Tip: Procedure is similar to failure replacement Other costs Additional power source Decommission and destroy old boxes Incorporate best practices into operational procedures Attend training, e.g. new web class Operating your HSM

32 HSM Refresh- planning and replacement overview Replacement approach – key points 32 Recommend customers to configure and use each new HSM box in their test environment as confidence test, before adding them to their production environment. This can help detect hardware or software problems before production deployment. HSM boxes must be deployed in production environment during customers downtime window. This will avoid SPOF situation during business operations. To avoid network changes in the production environment, new HSM boxes will re-use the network connections and IP addresses of the current HSM boxes. This will avoid the need for new network cables, IP addresses, routing rules, firewall/router updates etc.


Download ppt "HSM Refresh – box replacement Planning and replacement overview SWIFT July 2013."

Similar presentations


Ads by Google