current location:SOLUTIONS
Financial Service
Solution Introduction
The financial industry has faced a great opportunity during recent years. Taking advantage of information technology, financial institutions effectively reduce costs of resources, promote work efficiency, improve service quality, and enhance competitive strength. Information technology plays an increasingly important role in financial services. In turn, more and more business processes rely on information technology. However, information technology also brings new risks and challenges to the financial industry.
With the rapid growth of financial industry and increasing diversity of financial products and services, the financial industry becomes more dependent on information systems. The business development requires increased network nodes and business systems, leading to much more complicated interconnection between application systems and network systems. There are also more and more external interconnections and internal users. In this context, information systems are facing both external and internal risks.
In particular, information systems are built based on data centralization. Information security risks may cause immeasurable impacts on financial services and even the entire financial system. Moreover, an exponential growth in the information system scale leads to complicated dependency between internal objects, and problems in the fundamental processes are likely to cause systematic breakdown.

Solution Introduction

1. Security Domain Architecture

Security domain design enables users to directly reduce their security risks in information systems. The boundary of a security domain acts as a risk control point. Users can prevent and control risks by establishing an in-depth defense system. Using security domain construction to strengthen internal IT control, IT administrator can clearly know about their assets in protection, the protection levels and measures, and potential threats; therefore, they can deploy new services more easily. Security domain architecture is used as the basis for adopting security technology and business expansion, and is conducive to monitoring security conditions and developing protection strategy systems.

2. Perimeter Security Protection

The unified threat management (UTM) adopts integrated design to fully consider all aspects of access security, and resolves access security problems as a whole. The UTM is an ideal solution for cost-effective, high efficiency, and easy management. It provides comprehensive, real-time security protection for network perimeter and helps users to counter increasingly complicated security threats.

The intrusion prevention system uses a signature- and behavior-based detection method in the detection process, to analyze data packet signature s and effectively identify abnormal access behaviors and data packets in the network.

3. Web Security Protection

The web security protection is mainly applied to analyze the HTTP/HTTPS traffic for Web servers, protect systems from attacks targeting Web application vulnerabilities, and optimize all aspects of Web application access, to improve the availability, performance, and security of Web or network protocol applications and ensure that Web service applications can be delivered quickly, securely, and reliably.

4. Security Auditing and Management

The network security auditing system is designed to parse, analyze, record, and report the system access behaviors of the related staff. It enables users to make prevention plans in advance; perform real-time monitoring and respond to non-compliance behaviors during the process; and prepare compliance reports and trace an accident afterwards. Moreover, it can strengthen the monitoring of internal and external network behaviors and ensure the normal operations of core assets (databases).

The security management platform can obtain information about system security logs or security events and perform comprehensive intelligent analysis on such information. The security events to be analyzed include firewall events, IDS/IPS events, security auditing system events, and other network device and server system events. Based on these security events, the security management platform can use quantitative calculation methods and intuitive charts to display the risk indexes of different IT security domains. It provides a strong data basis for safe operation and maintenance, auditing and assessment of a security system.

5. Security Services

Professional security services allow users to perform an overall assessment on all information systems. Through such assessment and auditing, users can analyze and locate system security risks and weaknesses, develop policies for managing information system security risks, and improve information security management and assurance systems, relevant rules and operation procedures.

Based on the assessment results, users can categorize their information systems into different security levels by following the national standards and security protection requirements for information systems of banking and financial institutions. Depending on the security levels, users can develop different security protection strategies and deploy different security devices to strengthen their systems.

Product Deployment

6. Related Products

Unified threat management (UTM), intrusion prevention system (IPS), intrusion detection system (IDS), web application firewall (WAF), security operations center (SOC), and database auditing.

7. Success Cases

a. Security services for the People's Bank of China.

Venustech provided the People's Bank of China with security services for its portal website and business information systems during the Beijing 2008 Olympic Games and the 60th anniversary of the founding of the People's Republic of China, to monitor its network traffic and security dynamics in real time, thereby promptly detecting and making timely responses to potential security risks on its portal website and business information systems.

b. Security protection systems for the Export-Import Bank of China.

When building the security protection systems of the Export-Import Bank of China, Venustech deploys various systems and devices, including unified threat management, intrusion detection/prevention system, anti-virus gateway and other devices, to build a comprehensive and in-depth prevention system, to ensure that the website information system and intranet system of the Export-Import Bank of China can be operated securely and reliably.