Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Get Pricing/Info Forum Contact Us

Huawei Anti-DDoS Boosts Online Banking

Total: 0 products

  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C
  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C
  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C
  • Choose product to compare

Cancel
Compare with CISCO
Compare with H3C

Select Region

If you cannot find your country/region here,

please fill out a Get Pricing/Info form to submit your requirement. We will contact you as soon as possible.

Huawei Anti-DDoS Boosts Online Banking

2013/4/7 15:58:25

Background

China Everbright Bank (CEB) serves customers in 60 major cities in 25 provinces, municipalities, and autonomous regions, with more than 600 branches and banking outlets. Headquartered in Beijing, CEB is now a nationwide joint-stock commercial bank with profound social influence. CEB’s goal of becoming a top-rated, listed bank will require a secure data center.

Challenges

CEB’s data center needed to be more efficient in supporting back end services, sharing information, and providing 24/7 support for services (such as banking, telephone, self-service, enterprise, and mobile banking). One of the most important challenges was whether the data center could provide uninterrupted availability — even when faced with a Distributed-Denial-of-Service (DDoS) attack.

Other challenges include the following:

  • DDoS attacks

These common network attacks can cause severe damage. Under a DDoS attack, a data center may be overwhelmed by a large number of malicious service requests, preventing it from responding promptly to legitimate requests.

  • Slow response and defense times

CEB’s traditional anti-DDoS network gateway needed a few minutes to detect DDoS attacks and start defending against them. This delay directly affected the financial services controlled by the data center and undermined the bank’s reputation. CEB needed a new anti-DDoS solution that provided quicker response and defense against DDoS attacks.

  • Lack of a simple, reliable anti-DDoS defense system

CEB lacked an advanced data center with highly secure network access, backed by an anti-DDoS system. They needed a system with high stability and self-defense capabilities that would not negatively affect the existing network.

Solution

After analyzing CEB’s service demands and existing data center conditions, Huawei offered an anti-DDoS solution (USG 5300) that would help improve the bank’s competitive edge. This solution would defend against DDoS attacks from the Internet and ensure that the data center provided uninterrupted support to CEB’s banking services.

Huawei’s solution would protect CEB’s data center from DDoS attacks at the management plane and at the detection and cleaning centers. The solution offers a variety of compelling features:

  • Quick response for fast and accurate defense

The solution mitigates traffic model self-learning and packet-by-packet deep inspection technology to ensure quick and accurate responses. Once abnormal traffic or packets are detected, the defense mechanism is activated within two seconds. In addition, Huawei’s Abnormal Traffic Inspection and Control (ATIC) system promote the defense performance of the entire system and effectively guarantee the network security of CEB’s data center. The ATIC system implements layer-by-layer filtering in seven aspects: IP address reputation, transport layer, application layer, signature identification, session defense, cyber behavior, and traffic shaping.

  • Separation between detection and cleaning centers for improved efficiency and reliability

The detection and cleaning centers are deployed separately. If the cleaning center fails, the detection center runs properly and continues generating detection reports and alarm notifications in real time. This approach helps CEB learn about every attack on its network.

  • Flexible management and high scalability

Huawei’s anti-DDoS solution has three defense modes: Detection without cleaning, automatic detection and cleaning, and manual interactive defense. The flexible use of these three modes fulfills CEB’s requirements for mitigating risks and increasing availability when new services go live.

Benefits

  • Improved bandwidth utilization

With Huawei’s solution, CEB sees “zero” network security incidents triggered by DDoS attacks on its data center’s online services. In addition, invalid traffic is stopped from consuming bandwidth and server resources, saving costs and increasing revenues.

  • Mitigated risks to network stability and service continuity

Huawei’s anti-DDoS equipment was deployed in bypass mode. This approach did not change the existing network architecture or incur any network cutover risks or single points of failure. This ensures service continuity while reducing implementation and operating costs.

  • Increased customer satisfaction

Huawei’s anti-DDoS solution helps CEB create a robust network environment. It offers customers a better experience with online services, increasing satisfaction and loyalty.

WORLDWIDE