Local breakout from all locations and enhanced endpoint security for the cloud era
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
By creating local breakouts directly connected to the internet and using DNS-layer security, Hokkoku Bank realizes a new work style for the cloud computing era that enables them to easily, safely, and reliably work from anywhere.
| Executive Summary |
|
| Customer Name: The Hokkoku Bank, Ltd. Industry: Finance Location: Isihkawa Pref., Japan Number of Employees: 2,220 (including temporary, business staff, and 428 overseas local hires) |
|
| Challenges |
●
Intensive review of the bank’s unique network
●
Environment with secure internet connection
●
Move away from centralized network and security
|
| Solutions |
|
| Results |
●
Deployment of SD-WAN to all branches was completed in just three months
●
Cloud-based secure operations now conducted without concern for location or tools
|
Concerning the overall direction of the project, Naoki Shintani, the Systems Planning Section Head of the Systems Department says, “We wanted to create the ideal cloud-native, internet-native network.” He describes the challenges the bank faced to date, and the consideration process, as follows. “When considering the various changes in the business environment and recent technological advancements, we felt the need to completely overhaul the network architecture employed at the bank, as it had become less and less usable, much like networks characteristic of financial institutions, having focused solely on security. In 2014, we started using VDI (virtual desktop infrastructure) as part of our ‘anywhere store’ concept but faced numerous challenges such as the cumbersome login process, unstable sessions, and connections frequently being interrupted. We needed to ensure that all of our employees could safely and reliably access the internet in order to make effective use of various cloud services.
At the same time, a review of centralized network configurations is in order to respond to increasing amounts of traffic. The team then concluded that a breakout mechanism that would allow them to directly connect to the internet from any device in its offices was the ideal solution.”
“The bank felt that enhancing endpoint security through SD-WAN and Umbrella was the best way to go about creating an internet-native network capable of making full use of the cloud.”
-Mr. Naoki Shintani, Systems Planning Head, Systems Department, Hokkoku Bank
On the security front, Mr. Tomoaki Yoshikawa, the Systems Planning Section Head of the Systems Department commented stating, “As we continued to promote the use of Microsoft 365 and other cloud-based services, we needed to rethink our approach to security, which had traditionally limited points of access to the internet and had more or less focused on protecting only the boundaries between the bank and the outside world. In order to maximize cloud service functionality and truly reap the benefits thereof, information networks generally want to allow internet access and fully utilize the cloud. This required the use of fat clients and novel strategies to enhance endpoint security.” said Mr. Yamanaka concerning the results.
Selected Cisco SD-WAN for its reliability and future prospects as a network device
Prompt deployment across all offices and robust, comprehensive support upon launch are expected
We received proposals from numerous companies, but decided to engage the Cisco SD-WAN and Cisco Umbrella solution offered by NTT West. Mr. Atsushi Hatta, Acting Section Head of the Systems Department’s Systems Planning Section, explains why the bank selected the Integrated Service Router (ISR)-based Cisco SD-WAN solution as follows. “We use Cisco networking equipment at the bank and placed a significant degree of importance on backbone network reliability as a platform for digitalization. In addition to speedy deployment to all of our offices, we saw value in the robust and comprehensive support that Cisco promised not only during the design phase, but also upon launch, and believed that Cisco’s ISR-based SD-WAN solution would continue to evolve and grow as a service in the years to come.”
Selected Umbrella for its advanced defense, deployment, and operational capabilities
Saw value in Cisco SD-WAN and Cisco AnyConnect VPN’s integrability with other solutions
Mr. Masakazu Marugane, an Assistant from the Management Group (Security) in the Systems Department’s Systems Planning Section explains why the bank chose Cisco Umbrella as follows. “We compared and considered many other security solutions, but felt that there were many advantages from an operational and solution-based point of view to using only Cisco products. We were drawn to Cisco Umbrella because its agentless nature lent to speedy deployment across all offices, and will also play a hand in making future updates easier to implement, as well as for its integrability with the Cisco AnyConnect VPN, which allows us to tweak the way we use the service based on the situation at hand.”
Utilize proof of concept to develop an understanding of new technology usability
Lend to the prompt finalization of specifications and speedy project kick-off
Another key deciding factor behind the bank’s decision to adopt the Cisco solution was the proof of concept (PoC) that NTT West conducted. Mr. Hatta describes the benefits thereof as follows. “We had NTT West carry out a PoC early on in the process, which allowed us to quickly identify requirements, issues, and challenges, as well as firm up specifications and figure out what equipment and devices to install.
“We revisited our way of thinking regarding how a bank should be, and sought to define the ideal cloud-native network configuration.”
-Mr. Naoki Shintani Systems Planning Head, Systems Department, Hokkoku Bank
The in-depth technological verification exercises carried out allowed us to see and appreciate firsthand the usability of new technologies, which provided us with a sense of relief and assurance. Carrying out a PoC in the initial stages of the project proved to be very important. During this process, we were able to understand the upsides of using micro-segmentation as a way to divide our existing network environment from future IT infrastructure and leveraging SD-WAN router-enabled logical partitioning when deploying to all offices. At the same time, NTT West analyzed Cisco Umbrella’s threat detection capabilities and overall usefulness in great detail.”
Effectively completed SD-WAN deployment to all offices in three months
The project was kicked off in June 2019. After procuring the necessary equipment, the SD-WAN deployment process was effectively completed within three months’ time, and encompassed a total of 105 offices across the Hokuriku region, Tokyo, Osaka, Aichi, and Singapore. The bank began using SD-WAN in October 2020.
The bank was able to use Cisco SD-WAN to create a local breakout from all of its offices.
Approximately 2,000 client devices are protected by Cisco Umbrella’s DNS layer security and make effective use of Cisco AnyConnect’s VPN capabilities as required, depending on the network environment and destination address. The bank has since distributed Windows machines equipped with SIM cards to enable its employees to simply power up their device and access the cloud to safely and securely carry out their work anywhere and anytime, without having to worry about the hassle of connecting to the internet or dealing with security software and tools. This new IT infrastructure has promoted remote collaboration throughout the organization in the form of web conferences and chatting, and the bank has noticed a marked improvement in productivity levels. Mr. Hatta stated, “We also view the ease of deployment as being one of the advantages of using Cisco SD-WAN. For a moment, we were worried about how the COVID-19 pandemic might affect things, but are most grateful that NTT West worked closely with Cisco to ensure that the project continued smoothly without any issues.”
New solutions to propel further change
Looking ahead, the bank is considering using Cisco Webex® Calling as a way of promoting bring your own device (BYOD) and replacing corporate smartphones. It also hopes to leverage the solution to monitor and visually represent employee behavior using Cisco Secure Network Analytics (Cisco Stealthwatch®) as well as monitor end-to-end network service quality using other products such as ThousandEyes. In addition, the bank hopes to employ Cisco Duo’s multi-factor authentication capabilities to implement Zero Trust security models. Mr. Shintani described his expectations for Cisco as follows. “As technology and work styles continue to change and evolve rapidly, Cisco has contributed in many ways through its robust support, strong track record and reliability when it comes to mission-critical networks, as well as its extensive product lineup which encompasses security, collaboration solutions, and more. We will continue to strive to change and grow, without being constrained by conventional ways of thinking, and look forward to working with Cisco in the future.”
Hokkoku Bank was formed on December 18, 1943, through the merger of three banks: Kano Godo Bank, Kashu Bank, and Nowa Bank. As a regional leading bank, and based on the bank’s corporate philosophy of “Trust — a bridge to a fruitful regional future: to enrich interactions and build up growth in the region,” Hokkoku Bank aims to become a bank that is “trusted and loved by every client in the region” by leading regional activities in various aspects.
To learn more, visit Cisco SD-WAN and Cisco Umbrella.