View this presentation to learn about digital transformation in banking and how Cloudflare can help. You will learn about:
-Common challenges banks are facing when migrating to the cloud;
-How to integrate your existing on-premise infrastructure alongside public facing workloads;
-Why global load balancers are an essential part of any multi-cloud strategy;
-What banks can do to support faster innovation across your organization;
-What banks should be aware of regarding compliance and monitoring
3. We are entirely focused on moving to the public cloud.
Everything new we build new on AWS. We have been
migrating legacy applications.
Rob Alexander, CIO, Capital One
4. Forces of change in banking
Customers
Digital savvy,
multi-channel
customers
Competition
Smaller players
are often more
nimble and
competitive
Legacy apps
Many banking
applications are
dated
Automation
The need for
greater
efficiency and
agility
5. Modernizing architecture and infrastructure
On Prem Hybrid Cloud Native Multi CloudPrivate Cloud
Modern MicroservicesMonolithic Legacy Stacks
7. Challenges of cloud migrations
Integration
How to work with existing
systems, including legacy
or on-prem.
Complexity
How to balance the
benefits of an off the shelf
solution with bespoke
requirements.
Security/compliance
Security is ranked as IT’s top
concern when it comes to the
cloud.
Business alignment
IT and business need to work
hand-in-hand to determine
strategic goals.
8. We are building a
Global Cloud Network
where anything connected to
the Internet faster, more
secure, and more reliable.
11. 180Data centers globally
2.8BMonthly active visitors
generating 1.4 trillion
page view
8MRequests/second
websites, apps & APIs
in 150+ countries
16M+
2x
Speed up each
request by
Cloudflare’s Global Anycast Network
11
12. Customer: Large Global Bank
The customer is a long
established New York
based financial institution
with over $1.5 trillion of
assets under
management.
CHALLENGES
• Wanted to replace Akamai Prolexic.
• Required DDoS and infrastructure protection
• Spikes in DNS traffic that customer had not been aware of
• Needed to pass bank’s IT architectural review board
CLOUDFLARE SOLUTION
• Started with DNS
• Always-on, unmetered DDoS solution, no human intervention
required
• Application layer security
13. DNS performance and scale
Global Anycast network
• 180+ data centers
• 75 countries (including China)
• Over 1.5M queries per second
Record propagation
• Globally in seconds
• P99 < 2 minutes
14. Deployment models
DNS
Primary DNS
● Records managed via
API/Dashboard/Terraform
● DNSSEC Managed by
Cloudflare
Secondary DNS
● DNS Only
● Records managed via Zone
Transfer (AXFR/IXFR)
DNS Firewall
● DNS Only
● Records
managed/signed at
Origin server(s)
● Does not require NS
change
15. Cloudflare Load Balancing
Americas
• Health checks with fast failover
• Global and local load balancing
American
Consumers
European
Consumers
Origin pool
Asian
Consumers
Europe
Origin pool
Asia
Origin pool
Configuration made simple
Easy configuration in the Cloudflare
dashboard, or automation through a
powerful API.
DDoS resilient service
Anycast network that is 10X bigger
than the largest DDoS attack ever
recorded ensures traffic continues to
be routed even under stress.
Global DNS network
Health checks from each Cloudflare
data center enables fast failover
unbound by DNS propagation delays.
16. Security is everyone’s concern
SECURITY
Largest DDoS attack had
1.3 terabits/sec2
Brand Reputation
1 - Google study, 2 - Wired.com, 3- Forrester
17. Factors increasing exposure to security risks
Greater scrutiny by
government and media
around data, privacy
and security
Greater attack surface area
from more public APIs, moving
to the cloud, and increasing
third-party integrations
Stronger and more
sophisticated attackers
18. 18
Industry Legacy Scrubbing
● Long propagation times (up to 300 sec)
● Asynchronous routing
● Adds significant latency
● Typically requires manual intervention and
regular testing (config drift)
Always-On
● Zero propagation time
● Synchronous routing
● No added latency; ongoing perf. improvements
● Immediate, automated mitigation, with no
“cutover” required
Industry On-Demand vs. Cloudflare Always On
19. Cloudflare Security Summary
19
Cloudflare continues to
out-innovate the
market, driving growth
in security-only deals
The threat landscape is
exploding with the
growth in new platforms
and devices; security
solution use cases are
expanding to meet
them
Cloud-based solutions
reduce complexity,
improve time to
response and combine
performance and
security in a single,
integrated offering
Data-driven threat
intelligence dynamically
adapts our platform to
meet the ever changing
threat landscape
20. IDC MarketScape: WW DDoS Prevention Solutions
IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of ICT suppliers in a given market. The research methodology utilizes a rigorous
scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. The Capabilities
score measures vendor product, go-to-market and business execution in the short-term. The Strategy score measures alignment of vendor strategies with customer requirements in a
3-5-year timeframe. Vendor market share is represented by the size of the icons.
Cloudflare is positioned as a
Leader
in the IDC MarketScape:
Worldwide DDoS Prevention
Solutions 2019 Assessment
According to IDC, Cloudflare Strengths are its
"unique architecture" and "rapid on-boarding
process which is considered one of the easiest
and fastest in the industry."
Source: IDC MarketScape: Worldwide DDoS Prevention Solutions 2019
Vendor Assessment, by Martha Vazquez, March 2019, IDC #US43699318
Report Link: here