Survival for financial institutions is dependent on their ability to adapt to changing customer needs and expectations. At the same time, they have to maintain a high level of security, complying with the Federal Financial Institutions Examination Council (FFIEC) and other requirements. Aging technology makes both goals difficult to accomplish when expanding service into branches and kiosks. Many banks and lenders are finding SD-WAN technology is a key piece in bringing a broad variety of services close to their customers while protecting sensitive financial information. The SD-WAN finance industry transformation is happening right now, and it will bring major changes in the way institutions offer services.
For a long time, SD-WAN was promoted as a low-cost alternative to MPLS. It’s become a mainstream technology in its own right. It has strengths which other WAN technologies don’t. Many financial institutions use it as part of a hybrid network, with MPLS for the backbone. An existing MPLS network is fast and reliable but difficult to expand or reconfigure.
It’s not an either-or choice. SD-WAN functionality can run on top of MPLS, giving the benefits of virtual network configuration together with the consistent performance of a dedicated, non-internet data link layer. The management features of software-defined networking apply to all the connections, regardless of their physical form.
Cost aside, the biggest benefit of SD-WAN technology is the flexibility and power of management. Building on SDN concepts, it uses open standards and cloud-based management and this permits reconfiguration of the network with minimal effort. When used together with Network function virtualization (NFV), it allows rapid, scalable deployment and management of new network resources. A remote branch can upgrade its services without a visit from a technician.
An MPLS-based WAN is dependent on last-mile wiring, so adding a new location takes time and effort. Adding every branch and ATM to the network isn’t always practical. Any office with a reliable high-speed internet connection can join an SD-WAN. The types of connections can vary at each location, depending on what works best there.
The flexibility and agility of SD-WAN let financial institutions offer a broad range of services, even at the smallest branches. Providing service in thinly populated areas means opening branches with just a few employees, and traditionally they haven’t been able to offer more than basic service because it isn’t practical for them to have specialists there every day. With SD-WAN technology, a branch can set up a telepresence facility, letting customers talk with loan officers and other specialists without extra travel. Some banks are even looking into augmented reality applications.
Kiosks and ATMs can offer more services and handle transactions that require a higher level of network access when they’re integrated into the network. Standalone units which aren’t located at branches can offer video conferencing with a teller.
Having branches and machines on the network allows integration with both central servers and cloud services. This gives them access to many forms of information and ways of presenting it.
Any expansion of service has to keep the highest level of security standards and comply with all applicable regulations and business standards. A properly configured and managed SD-WAN accomplishes this even when the number of services grows.
A basic principle of network security is minimizing the attack surface. Services which devices outside the bank’s network access are reachable over the internet. However secure their connections are, each service represents a potential target. Bringing all devices and services inside the network reduces the number of points to defend. SD-WAN provides uniform end-to-end encryption for all traffic, which is easier to maintain and verify than separate security for each service.
Cybersecurity awareness and protection is a critical part of FFIEC compliance. Institutions need to guard not only against outright breaches but disruptions and degradations of service as well. Under FFIEC guidelines, banks are required to protect themselves against DDoS attacks. Services which aren’t vulnerable to penetration are often vulnerable to overloading. Keeping as many services as possible inside the SD-WAN reduces the number of channels available for DDoS.
Security monitoring is part of FFIEC compliance. Traffic which is entirely inside the network is easier to monitor, allowing faster detection of any suspicious activity. Kiosks and ATMs are edge devices open to public access, and as such, they need to be treated with special care. Having them as part of the network, configured so they have only the privileges necessary for their task, aids in intrusion prevention and detection.
Software in edge devices needs the latest patches to eliminate vulnerabilities. Network managers on an SD-WAN can automate the deployment of patches, updating all installations in a single operation wherever they are. Windows of vulnerability are kept short, and software is consistent in every branch and on every device.
NFV goes together with SD-WAN so frequently that many treat them as aspects of the same technology. They’re separate categories, but the ability to configure the network remotely and the ability to deploy virtual network functions (VNFs) have a natural synergy. NFV makes the network more easily scalable and configurable, reducing the need for dedicated devices. Deploying entire subnets is just a matter of software configuration.
NFV allows Quality of Service (QoS) optimization in the network. Voice and video connections from branches and kiosks require minimizing latency and jitter to provide acceptable quality. Giving them first priority on bandwidth will yield smooth communication with a minimum of interruption. Interactions which aren’t real-time, such as account queries, won’t suffer from being delayed a fraction of a second.
Every financial institution wants to attract customers and give them a problem-free experience. This means offering more convenient services while making sure no one can access or alter their private information without authorization. An SD-WAN is invisible to the user, but they’ll like what they see. They’ll get smarter ATMs and kiosks, letting them do more of their banking without standing in line for a teller. When they need to talk to a person, they’ll be able to do it at their local branch, even if the person they need is in the downtown office.
The SD-WAN finance industry transformation is gaining in speed. It’s now a proven technology, one which will let banks improve their competitive position and maintain compliance with all industry requirements.