About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Network Resilience in Financial Services – Why it Matters and How Firms Can Achieve it

Subscribe to our newsletter

By Alan Stewart-Brown, vice president EMEA, Opengear

Firms across the financial services sector are increasingly reliant on IT networks to deliver
core services, but this can leave them vulnerable to rapidly escalating security threats.
Hacking software is widely available and threats from social engineering, phishing, and
malware attacks are an ever-present reality.

To alleviate the more severe threats, we see financial networks having to implement alerting,
centralised logging, IPSEC or OpenSSL VPN tunnels, SSH key authentication, stateful
firewall, remote AAA and more. But it is not possible to guard against every threat. Cyber-
attacks are close to inevitable and becoming more so, and every device in a financial services
firm’s network is a potential target, including branch and edge devices.

Security must be factored into every element of an organisation’s network infrastructure. It’s
a complex undertaking that, even if successfully achieved, does not guarantee success, not
least because cyber-attacks are far from the sole threat to network resilience. System outages
can also be the result of natural disasters, construction or vehicle accidents, not to mention
environmental conditions and arguably the biggest threat of all, human error.

A broad array of network elements can also cause outages. Cable interconnects, dense
compute chassis, power supplies, switches, storage arrays, and even air conditioning are all
potential sources of problems. The impact security breaches and system outages have on
financial services firms can be severe. Firms’ systems and networks are typically business-
critical and even the smallest amount of downtime can potentially be disastrous. Reputational
damage caused by any outage, however caused, also factors greatly in the financial services
and banking sector that relies heavily on consumer trust.

Route map to the future

Whatever the origin of these threats, their prevalence highlights the importance of firms
developing networks that are resilient, reliable and secure. Financial organisations need edge
solutions that are as dependable as their data centres, eradicating the risk of a complex router
becoming a single point of failure. In an ideal world, this means uninterrupted internet
connectivity for all LANs and equipment over a link that is not incorporated within the
production network. Every site needs to be able to use high-speed networks whenever the
primary link is unavailable.

One solution is to leverage Smart Out-of-Band (OOB) technology, which delivers sufficient
bandwidth on an alternate path to enable critical functions to keep running until the network
event is resolved. OOB management allows admins to maintain and manage components like
power supply units, servers and WAN devices and resolve malfunctions via remote access. If
there is an issue with connectivity, out-of-band solutions offer a failover solution. Today this
is normally managed via cellular, although alternatives are available.

OOB management can ensure continuous remote access of network administrators to critical
components like switches and routers, and security applications like firewalls and encryption
tools. Typically, this approach means there is no requirement for an onsite visit. In the event
that it does prove necessary, the technician can ensure arrival onsite with the correct spare
part in hand to resolve any issues quickly.

Getting smarter

Deploying smart OOB platforms can help address security issues in innovative ways and
their deployment has several major advantages. The first is that they offer a simpler way to
deploy multi-factor authentication (MFA) that only needs to be integrated into the console
server to be enforceable across the whole security appliance layer.

Second, smart OOB console technology can become a system of record for all configuration
changes and patches with changes sent over an alternative pathway. An update failure that
renders the device unreachable via the production IP network can often be rectified via this
same OOB connectivity that accesses the service ports on most network devices to reach the
underlying console.

This approach assists the network and security managers in determining if critical
infrastructure has been patched and enables forensic investigators to discover if a breach was
aided and abetted by the actions of an insider or was simply an oversight.

Another proactive security benefit is the capability of the smart OOB appliance to bring the
event logs in directly from connected devices and forward these to a central SIEM or Security
Analytics platform for early detection and prevention of targeted attacks. Finally, smart OOB
connectivity is also useful during a cyber-attack that disrupts the production IP network such
as DDoS, a targeted switch attack or a rogue admin ‘lock out’ attempt, as the out-of-band
console server provides an encrypted direct connection to critical devices like routers and
firewalls using 3G/4G cellular modems. The ability to quickly and securely access logs from
impacted devices can help pinpoint root causes and enable remediation to begin faster as well
as significantly reducing consequential downtime.

Key Role of Resilience

Outages are bad news for financial institutions, but they are inevitable because of human
error, complexity of network devices, modern software stacks, hardware devices, and the
growing prevalence of cyber-attacks. To keep consumers happy and the institution’s
reputation intact, financial services must be prepared for outages. The good news is Smart
OOB with failover to secure cellular can keep services up and running even if part of the
network is down.

Subscribe to our newsletter

Related content


Recorded Webinar: Leveraging interoperability: Laying the foundations for unique best-of-breed trading solutions

Interoperability on the trading desk promises more actionable insights, real-time decision making, faster workflows and reduced errors by ensuring data consistency across frequently used applications. But how can these promises be kept in an environment characterised by multiple applications and user interfaces, numerous workflows and technology vendors competing for space on the trader’s desktop? This...


Countdown to T+1: Market Readiness and the Push for Automation

As the North American T+1 settlement deadlines fast approach – 28th May 2024 for all US securities settled through DTC and 27th May for Canadian securities – the industry has been ramping up in preparation. And although the shorter settlement cycle promises to increase settlement efficiency, improve liquidity, decrease counterparty risk and reduce overall trading...


AI in Capital Markets Summit London

The AI in Capital Markets Summit will explore current and emerging trends in AI, the potential of Generative AI and LLMs and how AI can be applied for efficiencies and business value across a number of use cases, in the front and back office of financial institutions. The agenda will explore the risks and challenges of adopting AI and the foundational technologies and data management capabilities that underpin successful deployment.


Regulatory Data Handbook 2020/2021 – Eighth Edition

This eighth edition of A-Team Group’s Regulatory Data Handbook is a ‘must-have’ for capital markets participants during this period of unprecedented change. Available free of charge, it profiles every regulation that impacts capital markets data management practices giving you: A detailed overview of each regulation with key dates, data and data management implications, links to...