Leading bank evolves how IT and data centers deliver highly secure and scalable customer experiences
– PT Bank Central Asia Tbk(BCA), a private bank in Indonesia serving more than 16 million corporate, commercial and individual customers, reinforced its commitment to improve customer experience, drive digital transformation and scale to support new technology when they became the first bank in the region back in December 2015 to select Cisco® Application Centric Infrastructure (Cisco ACI™). Since that time, BCA has implemented the industry’s leading software-defined networking (SDN) solution to accelerate service innovation and application deployment, free up IT to be more proactive, and provide new levels of security.
Today’s banking customers continue to adopt new channels to manage their finances. As these trends add complexity to IT infrastructure, a scalable, reliable and secure banking network is critical to deliver a seamless and secure customer experience. With services provided through 1,213 branches, 17,207 ATMs, over 400,000 electronic data capture machines, and the web and mobile apps, BCA leveraged Cisco’s ACI fabric as the foundation for increasing both software flexibility and hardware performance scalability, allowing the bank’s IT systems to stay nimble. Cisco ACI’s ability to centralize and automate management and policy enforcement along with its SDN capabilities also help to simplify BCA’s application deployment processes while maintaining a highly-secure environment.
A cultural shift at BCA
The holistic architecture Cisco ACI creates empowers IT managers with the ability to manage an institution’s entire network environment from a single console, the Cisco Application Policy Infrastructure Controller (APIC). The automation, programmability and centralized management capabilities of the APIC ignited a cultural shift in BCA’s IT organization by eroding technological and procedural barriers that previously isolated operations, server and application teams and is fostering increased communication and collaboration between departments while also minimizing the human error factor.
“Our mission at BCA is to deliver unparalleled and secure customer experiences, regardless of the platform they use,” says Lily Wongso, Data Center Network Manager at PT Bank Central Asia. “In the past, we spent most of our time fulfilling requests from the server and application teams, but Cisco ACI is saving us critical time and allowing our teams to try new things, explore new products and enhance our underlying systems and overall security posture.”
BCA’s IT department saw immediate process and performance improvements with ACI, including:
VM manual connectivity processes reduced from five to three
Time required for new VM servers for existing applications reduced from 10-20 minutes to 10 seconds
Endpoint physical port tracing time reduced from 5-10 minutes to 30 seconds
Capacity measuring time reduced from 10-30 minutes to 20 seconds
Entire manual processes behind network configuration replaced by XML/JSON scripting with Cisco API
New level of security and troubleshooting
In addition to gaining performance and operational efficiencies, Cisco ACI also strengthens BCA’s security posture by streamlining how the bank’s IT team manages its infrastructure and data repositories, which is critical when handling sensitive customer and financial information. With Cisco ACI, connections are established only with policy-based instructions, allowing IT managers to control how they secure and segment their data centers whether workloads are in physical or virtual environments. By controlling security policies for each segment’s endpoints across multiple environments, vulnerable surface areas are minimized and potential attacks are blocked during uncontracted communication between servers.
Additional security features include:
Improved visibility and troubleshooting – Locating culprit VMs and their physical hosts requires lots of manual effort and time, but Cisco ACI addresses this by equipping the IT operations team with a map of the bank’s physical and virtual component locations.
Packet route monitoring – The Cisco ACI traceroute feature provides visibility over data flows from backend systems to customer-facing channels, allowing IT to quickly spot and tackle root causes of problems by exposing the routes that packets take.
Network pulse-check – Cisco ACI’s health score feature helps detect and expose where issues reside in system infrastructures and provides recommended actions to take against them. As a result, troubleshooting tasks that used to take 10 minutes or more now take just seconds.