Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology Infrastructure Barclays Bank PLC 19 January 2007.

Published byRosalyn Carson Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology Infrastructure Barclays Bank PLC 19 January 2007."— Presentation transcript:

1 Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology Infrastructure Barclays Bank PLC 19 January 2007

2 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

3 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

4 Concept of Network Convergence It is a Standard Platform that allows you to integrate Data, Voice, Fax, Video and other Telephony applications. It is the passport for the organization’s future success Definition For the Operator Ability to extend service offering to consumers Ability to provide the same level of service across multiple networks Ability to use the same network for Voice, Video, Data For the Consumer Ability to move across multiple networks Ability to access same or similar levels of services from anywhere Ability to cross integrate across multiple networks

5 Concept of Network Convergence-Contd. What are the motivation Factors? For Operators Service bundling generates additional revenues Utilization of capacity in a better way. Growth potential and sustainability For Application/Service Providers Create service and applications that are available from anywhere at the same time. New services/applications are made possible (place shifting/Time shifting technologies) Integrating across Silos For Consumers Ubiquitous (being every where at the same time) access to data and services

6 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

7 Why Network Convergence? A vision of the Future Lower Cost Simplified Provisioning - Reduction in cables, cable plants, One medium Easier Management - Due to combination of multiple systems and NW Less Maintenance – Because of reduction in the number of cable plants Fewer User Interfaces – use of single cable plant with appropriate switching More Rapid Provisioning – Existing cables can carry new signals and new services can be engineered. Improved service - Due to fewer components service quality improved. New services – Use of IP as common switching technology, More intelligence resides on user equipment. Need for fixed services reduced. Simplification of user’s Life – Less cables at user desk

8 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

9 Types of Convergence TRANSPORT Same physical pipes and transport technology carry multiple services, usually of different customers Convergence at this level is primarily used by carriers to provision their infra str. Used for local access as well as reducing the customer’s overall Telecom bill SWITCHING Same cable plant carries different types of traffic, carries out proper switching Distinction between services becomes less distinct or disappears entirely Users see a bit pipe, and services are defined by end - user equipment APPLICATION The same end-user type of device and network handles /delivers all content User does not have separate network interface devices TELECOMMUNICATION / IT Closing of the distinction between Telecom and Information Processing –use of application service providers and Network computing Multiple functions provided through one source.

10 N etwork Architecture for IT and Communications CENTRALIZED Places all the applications, mgmt and network connections in a single point Worked well when networks and computers were expensive Initially used by large organizations HORIZONTAL Resembles an organizational chart Large enterprises like banks and schools with off- campus facilities fit this model The architecture design is flexible and can last a long time HIERARCHICAL More flexible: allows sites to be added easily Loss of one site does not bring down the operation of other sites Modular approach can produce a longer lasting solution Architecture of Choice – Consistent, Obvious (similar to other experiences, limiting training expenses and reducing errors) & Intuitive

11 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

12 Obstructions to Network Convergence Inertia needed to change infrastructure – You would have invested considerable time, material and effort for the existing Network. Regulatory – Massive Governmental regulatory regime Human Factors – users / consumers have to be convinced of the benefits Protocol, Standards and Compatibility Issues -In some converged services the market has not stabilized thus standards and compatibility remains a potential problem Clash of Cultures - Telecommunication and IT take polar views of how a network should run. Telecom staffers believe data Networks are unstable while IT managers tend towards networking (fast packet rates) Need to Interoperate with existing Infrastructure & Applications - No new solution will be acceptable if it does not interoperate with existing systems and applications. Unproven reliability and availability - In case of major technological changes CEOs want to have POC that new system will perform at levels equal to or exceeding the existing system.

13 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

14 Security concerns on converged Networks Threats and Attacks - Denial of Service (DoS) – Voice or Network Infrastructure Malicious code System vulnerabilities Unauthorized access Packet or call floods Network or call routing/forwarding disruptions Priority queue exhaustion Invalid connection terminations Spam over Internet Telephony (SPIT) Account lockouts

15 Security concerns on converged Networks- Contd. Threats and Attacks - Non DoS data or Voice Service outage Hardware or software failure Loss of power or cooling Cable cuts Improper configuration Insufficient change and problem management practices

16 Security concerns on converged Networks- Contd. Threats and Attacks - Environmental Control Issues – Power and Cooling Terrorism Utilities Accidental Acts of nature Equipment failure

17 Threats and Attacks-Vulnerabilities of Converged Networks Attacks against the data network and services can indirectly or directly affect voice services The data network can provide communication paths that permit attacks directly against the voice environment One current area of concern is the use of IP soft phones or other IP voice communications applications on the data network – Prevents the use of strong, conventional approaches to logical separation and protection – PCs have demonstrated continued susceptibility to mal ware and spy ware

18 Security concerns on converged Networks- Contd. Threats and Attacks Malicious Code The data industry is very familiar with mal ware threats and attacks. IP voice services will naturally face similar issues. IP voice services must be concerned with both mal ware attacks in the data environment as well as attacks directed at the voice environment Malicious code can be introduced in a variety of ways – Exploit vulnerabilities in applications or operating system – E-mail attachments – Instant messaging programs Common attacks and infections – Trojan horse, worms, bots, key-loggers, root kits and spy ware

19 Threats and Attacks Identity, Privacy and Integrity Issues Session hi-jacking Compromised system accounts Unauthorized call routing Unauthorized access to voice or NW components Unauthorized data access Unwanted content exposure Malicious code and spy ware Social Engineering Phishing schemes Network identity masquerading Voice identity masquerading Unauthorized NW access Unauthorized access to voice services Caller-ID hacks Voice mailbox squatting or redirection

20 Mitigation and Recommendations

21 Mitigation and Recommendations Denial of Service (DoS) - Voice or Network Infrastructure Follow “Best Practices” Process and procedures for secure configuration, management and operation Harden voice and network infrastructure devices thru embedded or adjunct mechanisms Control network traffic to limit exposure to attacks and minimize damage Compartmentalize networks and services for voice and data Implement NW access authentication where possible/feasible Utilize emerging technologies for admission control Utilize verified software and firmware (such as IP phone firmware)

22 Mitigation and Recommendations Non-Dos Data or Voice Service Outages Redundant networks, data services and voice services – Diverse paths and diverse providers where possible and appropriate – Provide redundant centralized services that are geographically dispersed Backup and emergency voice services Redundant and diverse power – Multiple feeds, circuits, UPS, generators, devices with dual power supplies Redundant and resilient cooling and/or provide for emergency procedures and equipment Develop disaster recovery plans and procedures (include backup equipment and backup sites)

23 Mitigation and Recommendations Environmental Control Issues – Power and Cooling Multiple, diverse path, building power feeds Network and voice devices should use diverse building power Utilize Power-over-Ethernet (PoE) Utilize UPS power for infrastructure devices Utilize emergency generator backup power for critical components Provision portable A/C units for critical infrastructure components Develop standards, policies and procedures for dealing with environmental control issues

24 Mitigation and Recommendations Vulnerabilities of Converged Networks Develop process and procedures for secure configuration, management and operation of NW and voice infrastructure devices Access authentication, particularly in common areas Disable unused services or protocols on voice compartments Restrict access to services or protocols in the voice compartment that are used by management and support Disable embedded data switch ports on IP phones when not needed/desired (such as lobbies, cafeterias, etc.)

25 AGENDA Concept of Network Convergence Why Network Convergence What are the types of Convergence Obstructions to Network Convergence Security concerns and Mitigation steps Conclusion

26 Conclusions Look at Convergence on a broad angle. Don’t focus too much on Technological capabilities alone. You need not be market leader. Best to be market follower Be agile, work smarter, Identify new challenges early. Respond more effectively and compete more successfully. Ensure compliance. Manage all forms of risks more effectively. Integrate your channels to market effectively through converged IT and communication services Protect - Detect - React to : Security breaches

27 Thank You & Your questions are welcome ! Contact : yesarebe@yahoo.com

Download ppt "Network Convergence for Banking Industry – some basics S.R.BALASUBRAMANIAN Advisor – Technology Infrastructure Barclays Bank PLC 19 January 2007."

Similar presentations

www.itexpo.com October 10-13, 2006 San Diego Convention Center, San Diego California VoIP/SOA Integration Impact on IT Apps, Processes, & Overall Business.

October 10-13, 2006 San Diego Convention Center, San Diego California VoIP/SOA Integration Impact on IT Apps, Processes, & Overall Business.
Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
Saif Bin Ghelaita Director of Technologies & Standards TRA UAE

Saif Bin Ghelaita Director of Technologies & Standards TRA UAE
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security Controls – What Works

Security Controls – What Works
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Chapter 12 Strategies for Managing the Technology Infrastructure.

Chapter 12 Strategies for Managing the Technology Infrastructure.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Colombo, Sri Lanka, 7-10 April 2009 Multimedia Service Delivery on Next Generation Networks Pradeep De Almeida, Group Chief Technology Officer Dialog Telekom.

Colombo, Sri Lanka, 7-10 April 2009 Multimedia Service Delivery on Next Generation Networks Pradeep De Almeida, Group Chief Technology Officer Dialog Telekom.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Confidential 1 MAP Value Proposition.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Confidential 1 MAP Value Proposition.
CredoGov VDI Introduction James Gunn

CredoGov VDI Introduction James Gunn

Similar presentations

Ads by Google