ARC 2013 - Work session - Business Continuity & Connectivity

261 views

Published on

Presentation used in the Business Continuity & Connectivity work sessions at ARC 2013, 21-23 May in Gaboron, Botswana

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
261
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

ARC 2013 - Work session - Business Continuity & Connectivity

  1. 1. Business continuity andconnectivityWork sessionAfrican Regional Conference, Gaborone21-23 May 2013Mark Buysse
  2. 2. Agenda2Business continuityConnectivityAfrican Regional Conference - Business continuity and connectivity work session
  3. 3. African Regional Conference - Business continuity and connectivity work session 3
  4. 4. What is Business Continuity?4Objective“Enable your organisation tosurvive a disaster andto resume normal business inthe shortest time”African Regional Conference - Business continuity and connectivity work session
  5. 5. Resiliency• “To minimise the impact of a technical failure on your business,you should be prepared for any disaster that might arise.”• Failover procedures• HSM Resilience• PKI resilience– Certificate renewal– SO access to secondary SNL• Failover routes• Application data to restore5PrepareTestLearnAfrican Regional Conference - Business continuity and connectivity work sessionVPNMessaging applicationCommunication interfaceHardware Security Module(HSM)SWIFTNet connectivity
  6. 6. Lite2 scenarioAfrican Regional Conference - Business continuity and connectivity work sessionSWIFTNetLite2 ServerUserISP 1Autoclient LSO RSOProductionISP 2https://www2.swift.com/support/knowledgebase/tip/5017169SWIFTNetLite2 ServerUserISP 1Autoclient LSO RSODRISP 26
  7. 7. Lite2 AutoClient ResiliencyMultiple instances - locally or over distant sites7• Two or more separate Lite2 AutoClient instances, withunique instance names, can connect to Lite2 server usingseparate Lite2 tokens.• Both tokens must contain equivalent DNs.• Both AutoClients (Production & Disaster) are active atthe same time; Production instance is connected to theback-office application.• All same files will be downloaded on all AutoClients.No routing to specific AutoClient is possible.Support for Active/Hot Standby configurationsAutoClientProduction 1SWIFTNetLite2 ServerAutoClientDisasterInternetAfrican Regional Conference - Business continuity and connectivity work sessionInternet
  8. 8. Lite2 AutoClient ResiliencyMultiple instances - locally or over distant sites8• Two or more separate Lite2 AutoClient instances, withunique instance names and using separate Lite2tokens. Only 1 AutoClient instance is active.• Both tokens must contain equivalent DNs.•Once started, the Disaster AutoClient instance willretrieve by default all files from the last 30 days.Support for Active/Cold Standby configurationsAutoClientProductionSWIFTNetLite2 ServerAutoClientDisasterInternetAfrican Regional Conference - Business continuity and connectivity work sessionInternet
  9. 9. Single host infrastructure9Prime/Backup sitePRIMARY host•Alliance Access 7.0.65•Alliance Gateway 7.0.21VPNVPN-Bronze-SilverorVPNVPNContingency siteDR host•Alliance Access 7.0.50•Alliance Gateway 7.0.20-Bronze-Silveror9CopyBackups•Alliance Access 7.0.65•Alliance Gateway 7.0.21Keep your Backup orContingency systems on thesame patch level andlicenseImplement Backups onAlliance Gateway andSWIFTNet LinkMultiple ISPRAHA license on AllianceGateway can providetransparent failoversBackup tokens or HSMclusterHow to recover lostmessages on DRprocedure?Is the DR site working?Connectivity?Certificates?Applications?African Regional Conference - Business continuity and connectivity work sessionIn case of system failure, the backoffice and users need to switch to thecontingency SAA
  10. 10. Extra resiliency locally11Prime/Backup sitePRIMARY host•Alliance Entry/Access•Alliance GatewayBACKUP host•Alliance Entry/Access•Alliance GatewayVPNVPN-Bronze (ISP, ISP)-Silver (LL, ISP)VPNVPNContingency siteDR host•Alliance Entry/Access•Alliance Gateway-Bronze-Silveror or11African Regional Conference - Business continuity and connectivity work session
  11. 11. Extra resilience for emergencies12Prime/Backup sitePRIMARY host•Alliance Entry/Access•Alliance GatewayVPNVPN-Bronze (ISP, ISP)-Silver (LL, ISP)VPNVPNContingency siteDR host•Alliance Entry/Access•Alliance Gateway-Bronze-Silveror or12African Regional Conference - Business continuity and connectivity work sessionLite 2 Lifelineservice
  12. 12. Worst casePrime/Backup sitePRIMARY host•Alliance Entry/Access•Alliance GatewayBACKUP host•Alliance Entry/Access•Alliance GatewayVPNVPN-Bronze (ISP, ISP)-Silver (LL, ISP)VPNVPNContingency siteDR host•Alliance Entry/Access•Alliance Gateway-Bronze-Silveror or13Secure Channel, offline request:• Who can do it?• Do they have a activated SecureCode Card?African Regional Conference - Business continuity and connectivity work session
  13. 13. Multi host with local resiliencyRAHA license14VPNVPNContingency siteVPNVPNPrime/Backup sitePRIMARY host•Alliance Entry/AccessBACKUP host•Alliance GatewayDR host-Bronze (ISP, ISP)-Silver (LL, ISP)-Bronze-Silver•Alliance Entry/Access •Alliance Entry/Access•Alliance Gateway •Alliance GatewayDMZ DMZRAHA RAHA RAHA14finRMA/FileactAfrican Regional Conference - Business continuity and connectivity work sessionSplit traffic over two sites:Advantage: All sites used constantlyDisadvantage: extra SNL licenseRealtime FileAct or InterAct servicesneed a reroute to receive on adifferent SAG.SnF InterAct and FileAct: Automaticfailover to backup Gateway.On Access only.Back office only need to switch incase of SAA failure
  14. 14. Alliance Access Resiliency based on DBreplication15DB REDOLogSoftware+DBBackupDBBackupDB Backup(on-line)Daily CopyRestoreBackupCold Backup(No messages& Events)SynchPrimary SAA Backup SAA Disaster SAADB REDOLogSoftware+DB REDOLogSoftware+Production Site Contingency SiteAfrican Regional Conference - Business continuity and connectivity work session
  15. 15. 16DB REDOLogSoftware+DBBackupDBBackupDB Backup(on-line)Daily CopyRestoreBackupCold Backup(No messages& Events)SynchPrimary Backup DisasterDB REDOLogSoftware+DB REDOLogSoftware+• Message loss• ISN/OSN gap check• Message Retrieval & Resendwith PDE• Archive restoredProduction SiteResiliency without DB RecoveryContingency SiteAfrican Regional Conference - Business continuity and connectivity work session• No message loss• Automatic redo log replayat start-up• Operations transparentlyresumed
  16. 16. 17DBREDOLog+CTLSoftware+MirrorDiskBackup disk+Database Recovery optionWhat is DB Recovery?Alliance AccessRecoveryDBBackupContains configurationData onlyCopy of REDO LogRecovery BackupsAfrican Regional Conference - Business continuity and connectivity work session
  17. 17. 18DB REDOLogSoftware+PrimaryMirrorDiskBackupdisk+Database Recovery optionRecoveryBackupDB REDOLogSoftware+MirrorDiskBackupdisk+Database Recovery optionSynchDisasterDB REDOLogSoftware+MirrorDiskBackupdisk+Database Recovery optionAsynchoptionalResiliency with DB RecoveryAfrican Regional Conference - Business continuity and connectivity work session
  18. 18. Site Recovery – Partial DB Recovery19DB REDOLogSoftware+SynchPrimary Backup DisasterDB REDOLogSoftware+DB REDOLogSoftware+MirrorDiskBackupdisk+Database Recovery optionMirrorDiskBackupdisk+Database Recovery optionSynchoptionalMirrorDiskBackupdisk+Database Recovery optionAsynch Disk replication (SAN)!DatabaseRecoveryPartial mode‘Up to lastvalid data’?African Regional Conference - Business continuity and connectivity work session
  19. 19. AccessPartial DB Recovery - Database Repair Service20RecoveryReportRepairCompleteORInvestigationPDEAfrican Regional Conference - Business continuity and connectivity work session
  20. 20. A single command…saa_dbrecoveryAnd a few minutes to restore all data!21Just one command and a few minutes away…Benchmark for1M messagesAfrican Regional Conference - Business continuity and connectivity work sessionCompressed Include archive backup Windows AIX SunNo No 00:04:06 00:04:10 00:02:00Yes No 00:08:16 00:09:10 00:10:35No Yes 00:04:43 00:05:15 00:02:32Yes Yes 00:12:12 00:14:46 00:18:22
  21. 21. 22SAADBSoftwareWhat is Alliance Access hosted Database?Alliance AccessCustomersOracle instanceSAADBreplicationAfrican Regional Conference - Business continuity and connectivity work session
  22. 22. SummaryAfrican Regional Conference - Business continuity and connectivity work session 23PrepareTestLearn
  23. 23. Agenda24Business continuityConnectivityBusiness continuityConnectivityAfrican Regional Conference - Business continuity and connectivity work session
  24. 24. African Regional Conference - Business continuity and connectivity work session 25
  25. 25. ARC 2012• Connectivity – and the cost of connectivity – isstill a significant problem in Africa. In aneconomic environment where banks need tobe able to extract the maximum value frominvestments made in the operationalenvironment…• The most important thing is to increaseconnectivity across the region – and thatmeans in terms of people and financialinfrastructure. We’ve done well in areas liketelecommunications – we’ve brought in fibre-optics, for example – but we still have much todo in terms of physical and financialinfrastructureAfrican Regional Conference - Business continuity and connectivity work session 26Source : http://www.swift.com/news/events/arc_report
  26. 26. SWIFT Connect EverywhereConnectivity in your hand palmAfrican Regional Conference - Business continuity and connectivity work session 29
  27. 27. Telecom trendsAfrican Regional Conference - Business continuity and connectivity work session 30Focus of telecomoperators today isabsorbing the growth ofmobile data and mobileconnected devicesRolling out physicalinfrastructure remainsvery expensiveExplosive growth in mobileconnected devices, arrivalof broadband mobiletechnologiesRoaming agreementsallow to access thesenetworks with singledevice
  28. 28. • Investments in submarine cable tohook up the African continent (co-investment by the Networkpartners)-connectivity to the globalnetwork• Local market conditions(regulation/licensing-expensive toconnect )• Internet/ISP quality• Regions with limited physicalinfrastructure will remain unservedthe coming years by fixed networks• Fast uptake & roll out of modernmobile networksFocus on AfricaAfrican Regional Conference - Business continuity and connectivity work session 3131Global connectivityLast mile challenges & opportunities
  29. 29. Introducing: Swift Connect Everywhere32SWIFTCONNECTEVERYWHEREPrincipleLeverage evolution & investment inmobile technolgyOne Stop Shopping-SWIFTprovidedGlobal coverageAccess provider independentAfrican Regional Conference - Business continuity and connectivity work sessionPrivate VPN-non internet basedPossible to Package including cloud service (Lite2) andtelecom connectivity in a 1SS model
  30. 30. Introducing: M2M technologyAfrican Regional Conference - Business continuity and connectivity work session 33HOWMachine-to-Machine is the remote interchange ofdata between two or more devices, or a centralstation in order to support a specific businessprocess or product. It existed always but recentlygained traction as concept due to adoption ofmobile technology & the developments ofmanagement platform.1. Explosion of mobile connected devices (the internet of things)2. Global data roaming providers and plans allowing worldwide connectivity with asingle SIM3. Introduction of management platforms to manage these connected devicesWhy interesting for SWIFT & the communityWhat is M2M?AllianceUserGlobaltelcoLocaltelco
  31. 31. M2M: where does it come from,where is it usedHVAC Transport, Fire& Safety, Lighting,Security, Access etc.TVs, Power Systems,Dishwashers, Lighting,Washer/Dryers.Meters/Lights,Alarms etc.Pumps, Valves, Vats,Conveyors, Pipelines, Motors,Drives, Converting, Fabrication,Assembly/Packaging,Vessels/Tanks etc. MRI, PDAs, Implants,Surgical Equip.,Pumps, Monitors,Telmedicine etc.Turbines, windmills,UPS, Batteries,Generators, Meters,Drills, Fuels Cells, etc.Servers, Storage,PCs, routers,Switches, PBXs etc.Cars, Ambulances,Fire, Breakdown, LoneWorker, HomelandSecurity, EnvironmentMonitor, etc.Vehicles, Lights, Ships,Planes, Signage, Tolls,Containers, etc.POS Terminals, Tags,Cash Registers,Vending machines,Signs etc.Source: Beecham ResearchBuildingsConsumer& HomeIT & NetworksSecurity / PublicSafetyIndustrialHealthcare& LifeSciences EnergyRetailTransportationCommercial,Institutional,IndustrialInfrastructure,Awareness & Safety,Comfort &ConvenienceResourceAutomation,Fluid/Processes,Converting/ DiscreteCare,In Vivo/Home,ResearchSupply/Demand,Alternative, Oil/GasStores, Hospitality,SpecialtyTrans Systems,Vehicles,Non-VehicularTracking,Equipment,SurveillanceEnterprise, PublicPredictions“There are more machines than there arepeople in the world. Someday they’ll all beconnectedto the internet.”International Telecommunications Union,“Internet of Things” Report (2005)Use cases:• Atos Wordline: wireless paymentterminals• ATM: US-24% are connected throughcellular, Europ-5/10%)
  32. 32. What is Swift Connect Everywhere? (1/2)Easy, cost-effective network connectivity to SWIFTAfrican Regional Conference - Business continuity and connectivity work sessionLocalnetworkCustomersiteGlobalnetworkLocal mobile provider35Global Telco providersWhat do you need:A contract with SWIFT for theserviceWhat does SWIFT provide:A wireless device that:• Creates the secure encryptedtunnel to SWIFT• Includes tamperproof SIM card• Builds the connectivity with theavailable mobile network• Uses a private VPN-not internetbasedEntire product life cyclemanagementLocal mobile provider 3Local mobile provider 1
  33. 33. What is Swift Connect Everywhere? (2/2)African Regional Conference - Business continuity and connectivity work session 36CustomerContractual model SWIFTCONNECTEVERYWHERE• One time set-up fee• Fixed Monthly recurring for theservice• Fixed Monthly recurring for the CPE* Under discussion• SWIFT has a master contractwith the global Telco and M2Mplatform provider who in theirturn have the local roamingagreements• Customer contracts withSWIFT• Invoicing through SWIFT (noother contract or invoicingnecessary)• SWIFT manages the devicesand the connectivity• SWIFT is single point ofconnect throughout entireproduct life cyclePricing model*Telco-M2Mprovider
  34. 34. Swift Connect Everywhere: who is it for?37Lite 2Lite 2 LifelineserviceAllianceConnect:ultimateback-upNetwork access method for low volume usersAfrican Regional Conference - Business continuity and connectivity work session
  35. 35. Key featuresAfrican Regional Conference - Business continuity and connectivity work session 38• IP-SEC tunneling& encryption(same as AllianceConnect)• Not internet based(DDoS attacks)• Build in resiliency• Dual SiM-card againstnetwork failure possible• Multiple roamingagreements per country• MV-SIPN redundancyResilient Secure Managed• One stopshopping• End to endSWIFTmanaged
  36. 36. Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb MarRoadmapAfrican Regional Conference - Business continuity and connectivity work sessionQ2’13 Q3’13 Q4’13 Q1’14PilotLiveExternal Pilot39POC
  37. 37. Swift Connect Everywhere: innovating closeto the coreAfrican Regional Conference - Business continuity and connectivity work session 40SwiftmanagedfootprintManagementplatformGlobalroamingagreementsWirelessbroadbandtechnologiesSWIFTCONNECTEVERYWHEREM2M technology
  38. 38. Questions & AnswersAfrican Regional Conference - Business continuity and connectivity work session 41

×