ABOUT RAIFFEISEN BANK
ABOUT RAIFFEISEN BANK
With over 20 years of activity in our country, Raiffeisen Bank Romania is one of the banks of systemic importance for the domestic banking economy, according to the National Bank of Romania classification for the current year. Raiffeisen Bank has intensified the simplification and digital transformation process in recent years. The bank has invested in new technologies to lay the foundation for a secure and flexible IT infrastructure, and is working on improving the work model. Today, the bank offers customers a suite of digital lending solutions, online payments and payments by phone, that respond to customers’ needs to access banking anywhere, anytime. Raiffeisen Bank has over 650,000 digital customers using the Raiffeisen Smart Mobile and Raiffeisen Online applications.
Raiffeisen Bank offers universal banking services for 2 million clients – individuals, 92,000 SMEs and 5,700 large and medium-sized companies. The bank has nearly 5,000 employees, over 400 agencies across the country, approximately 900 ATMs, 250 multifunctional machines (MFMs) and a network of 20,000 ATMs.
TEHNOLOGICAL CONTEXT
TEHNOLOGICAL CONTEXT
In order to operate efficiently and safely the complex infrastructure owned at national level and to keep up with the digital transformation process of banking services, Raiffeisen Bank Romania decided last year to relocate the IT infrastructure to a new Data Center with multiple improvements compared to the present one. The relocation project also involved the modernization of the networking segment.
“In the old data center, we use Cisco switches from Nexus family, which are at the end of their operating cycle. Therefore, a change was needed, especially since we wanted to take advantage of a number of new features that simplify our operational tasks and allow us to integrate with third-party technologies, such as WMware vCenter or Red Hat OpenShift”, declares Emilian Dăneţ, Team Leader IT Communication Services, Raiffeisen Bank Romania.
Technological upgrades in the area of networking equipment, however, were also necessary in order to facilitate the transition to a new network architecture, such as Software Defined Networking (SDN). SDN ensures an efficiency increase for operating geographically distributed infrastructures – respectively of a network with hundreds of branches -, as well for levels of security and availability.
Raiffeisen Bank Romania opted for Cisco Application Centric Infrastructure (ACI) because it is a mature SDN solution that allows extension of the visibility over the IT infrastructure and quick identification of elements necessary for optimal functioning of the applications.
CHOOSING THE IMPLEMENTATION PARTNER
CASE STUDY SDN CISCO ACI – CHOOSING THE IMPLEMENTATION PARTNER
In order to achieve this networking project, Raiffeisen Bank Romania has chosen Datanet Systems as an implementation partner. The two companies have collaborated for more than 16 years, and Datanet Systems is the main Cisco partner in Romania, having several infrastructure project implementations in the main data centers in the country. In addition, Datanet is the first company in Romania to invest in the creation and development of a Cisco ACI laboratory, which allows companies to perform simulations, tests and validations of SDN architectures in scenarios that reproduce real life specifications and configurations.
„We have a business relationship with Datanet Systems dating back to 2003 and we have carried out several projects together, both in the area of Cisco solutions, as well as on other security and networking technologies. We know well the team and also the skills of Datanet specialists and we are confident that we can rely on them in any situation, and trust is a very important element in a business decision“, explains Emilian Dăneţ, Team Leader IT Communication Services, Raiffeisen Bank Romania
PROJECT DEVELOPMENT
CASE STUDY SDN CISCO ACI – PROJECT DEVELOPMENT
The modernization project involved several stages of development. Raiffeisen Bank Romania’s IT team has carefully prepared each step, to minimize the risks of affecting the bank’s activity and to facilitate a smooth transition to the new infrastructure. The implementation of the SDN architecture lasted 4 months, ending in March 2019. In parallel, Datanet specialists also provided the knowledge transfer and training necessary for the bank’s IT team to efficiently operate the new network architecture.
In order to carry out the actual migration to the new Data Center, the bank’s IT Department initially commutated the activity to the Disaster Recovery center owned by Raiffeisen Bank Romania. Subsequently, the complete migration to the new production site was performed in one weekend, with Datanet Systems specialists working permanently with the beneficiary’s team. The process was conducted according to the plan, without any incidents. The entire relocation process was completed in April 2019, following the bank’s methodology and rules.
„The entire project was carried out without any incidents and after transitioning to production, there were no support tickets issued. This shows that Datanet Systems team has done its job well and we have learned how to operate properly“, declared Emilian Dăneţ, Team Leader IT Communication Services, Raiffeisen Bank Romania.
DESCRIPTION OF THE SDN SOLUTION IMPLEMENTED
DESCRIPTION OF THE SDN SOLUTION IMPLEMENTED
The Cisco ACI SDN solution uses spine-leaf architecture and this type of architecture has multiple benefits. This architecture implies that all the leaves are connected to all the existing spines. There is no direct connectivity between the leaves or between the spines. The access path is always “leaf-spine-leaf”.
Advantages of the SDN Cisco ACI solution
The first advantage relates to latency, any destination is just a step away, thus eliminating the disadvantage of classical architecture, where there is a cascade between the switches and the response time is not predictable. Also, to have very small delays, the cut-through method is used in ASICs.
Another major advantage relates to the scalability of the fabric. If more ports are needed, one more leaf is added. If more bandwidth is needed between the leaves, add a spine. This improves the entire fabric, not just a certain segment of the network.
Automation is another important factor. By using the ACI solution, a policy can be very easily implemented throughout the network. As an example, let’s say we have to enable Cisco Discovery Protocol (CDP) on all ports in a classic network. An engineer should manage dozens of switches and perform hundreds of orders in a fairly long time.
In the ACI universe, a few clicks are sufficient and the configuration will be pushed from the controller to the automatically selected leaves. Also, centralization is another major advantage, this allows consistency and synchronization of a set of policies throughout the network. It allows the centralization of factory errors at a single point, where engineers can quickly and easily establish the root cause of a problem.
MAIN TECHNICAL CHARACTERISTICS
MAIN TECHNICAL CHARACTERISTICS
The ACI solution has three main components:
a)APIC controller cluster – based on Cisco UCS C-series servers.
b) Spine – can be Nexus 9500 or 9300.
c) Leaf – Nexus 9300.
The solution also allows integration with third-party solutions like Vmware vCenter, offering the ability to directly create Cisco ACI port groups in vCenter. Thus, the network part is pushed to the virtual machine, not just to the hypervisor, reducing configuration time.
The ACI solution also supports the interconnection of an APIC cluster with other APIC clusters from other data centers (DR, etc.). This is done with the help of a “multi-site” controller, thus avoiding the disadvantages of dividing a single cluster between data centers.
MAIN BENEFITS
MAIN BENEFITS OBTAINED BY RAIFFEISEN BANK
The new network architecture used by the bank ensures a reduction of workload required to install and configure the virtual machines, both on-premises and in Cloud environments, thus facilitating the development of hybrid approaches and alignment with current technological trends. With this solution, the bank’s IT department automatically detects configuration errors and can make configuration templates that facilitate the rapid multiplication of services and reuse of infrastructure resources. At the same time, the solution helps to simplify the process of defining and centralizing the policies through which applications and infrastructure elements communicate with each other and access the resources, as well as the specific security rules.
Cisco ACI has allowed integration with VMware vCenter and the Red Hat OpenShift container platform, as well as with various public cloud services. Also, the Nexus 9300 switches, installed and configured by Datanet specialists, allowed an increase in connectivity capabilities, ensuring flexibility and long-term scalability of the bank’s IT infrastructure.
The project has generated both strategic and operational gains:
- Reduction of operating time by 30%, by simplifying the activity, automating tasks and using a single console, which integrates all information. Moreover, the operation no longer requires niche certifications for the IT department and can be carried out by almost any team member;
- Elimination of human error risk, because the new system does not accept incorrect configuration commands, which is a very important element in the banking industry;
- Considerable reduction of diagnosing and problem solving time, the system ensuring permanent monitoring of the entire infrastructure, by centralizing data from several sources;
- Simplification of the network segmentation processes, necessary for separating and securing the infrastructures used in the bank’s branches throughout the country;
- Reuse and capitalization of existing hardware in the bank’s infrastructure. The ACI architecture is compatible with Cisco B22 Fabric Extenders blades, also used in the previous configuration to ensure integration with third-party servers;
- Creation of a solid foundation for further developments.
FURTHER DEVELOPMENTS
FURTHER DEVELOPMENTS
The technological upgrade achieved on the networking area with the help of Datanet Systems specialists represents a first step in a larger modernization project of Raiffeisen Bank Romania
„We have plans to expand the use of Cisco technology in the Disaster Recovery center, to modernize the entire IT infrastructure of the bank. The project with Datanet Systems helps us in this regard, because it is much easier to replicate an implementation or technology that has already proven its benefits,“ said Emilian Dăneţ, Team Leader IT Communication Services, Raiffeisen Bank Romania.