The Export Import Bank of Bangladesh Limited (EXIM Bank) transitioned into a full-fledged bank with activities that adhere to Islamic law and uses a real-time banking application called Temenos Transact. To ensure it could scale this solution across its branches and enhance the security of online banking transactions, EXIM Bank leveraged F5 Advanced Web Application Firewall (WAF) and Advanced Firewall Manager (AFM).
Founded in 1999, the Export Import Bank of Bangladesh Limited (EXIM Bank) is a business bank with finance and investment services that are compliant with the Islamic Shariah guidelines, which includes the sharing of profit and loss, and the prohibition of the collection and payment of interest by lenders and investors. It is a dynamic financial institution that has grown to 118 branches across Bangladesh.
As a champion of technology-driven banking solutions, EXIM Bank takes advantage of a Core Banking System (CBS) that enhances inter-branch connectivity. The Bank has also been placed on a centralized IT platform with two modern data centers where Temenos Transact runs along with alternate delivery channels like ATMs and SMS banking to provide streamlined services with real time information updates. This allowed increasingly digital savvy customers to have the flexibility to access banking accounts and services both offline and online, without being tied to a single branch.
Internal branch users can also leverage a centralized view of customer records, reducing the risks that can result from manual data entry, out-of-date information and the need to resubmit details to different departments every time.
To increase customer satisfaction rates, the Bank was looking for ways to enhance its user experience and secure communications for over 5,000 customers who access its finance services digitally. Internally, with about 2,000 CBS users, EXIM Bank had to also ensure its CBS solutions were accessible to its growing internal branch users. As a high-growth bank, it was pertinent for EXIM Bank to ensure scalability for future performance. Business critical applications also had to maintain high-availability on its disaster centre and recovery site, and be able to withstand all planned and unplanned outages, so that EXIM could continue business as usual.
In addition, the active utilization of EXIM Bank’s various delivery channels for all banking activities generated a high volume of incoming traffic. Given the sensitive nature of these interactions and increased web traffic that opened the door to new security vulnerabilities, the need for a comprehensive web protection was critical. EXIM Bank needed a solution that could integrate seamlessly into its existing CBS architecture, while providing future scalability and advanced security.
As our customers move online, the service load on our system was increasing by the day. Our web protection was also insufficient to tackle this increased web traffic. We knew the Bank would beat risk if we did not take action to better guard ourselves against malicious cyberattacks.
EXIM Bank opted for F5 BIG-IP with built-in Local Traffic Manager (LTM), Advanced Web Application Firewall (WAF), Advanced Firewall Manager (AFM) and Domain Name System (DNS) to leverage the modules’ load balancing, application security and application availability features.
Incorporating F5 proxy-based Single Traffic Management Operating System (TMOS) architecture, a collection of real-time features and functions, purpose-built and designed as a full-proxy solution with the power and performance required in today’s network infrastructure, EXIM Bank gained an extremely powerful and adaptable solution. Complementing F5 BIG-IP solutions, increased network traffic and assaults are efficiently managed and guarded against. The solution improved EXIM Bank’s server capacity and optimized SSL traffic management, enabling it to efficiently address and respond to incoming queries from all banking systems.
With F5’s DNS Solution, EXIM Bank achieved higher availability for its customer facing banking applications while decreasing recovery time in disaster recovery drills and reducing the application downtime during any failure scenario. This feature helps EXIM bank’s application availability for internal as well as external users.
Through machine learning and behavioral analytics, F5 Advanced WAF protects EXIM Bank’s digital banking infrastructure by monitoring and profiling normal traffic behavior. Spotting and blocking any suspicious traffic patterns independently, this automated intelligence enables EXIM Bank’s security infrastructure to differentiate between friendly bots from malicious ones, providing protection from automated attacks, such as application-layer Distributed Denial-of-Service (DDoS) assaults, data breaches, malicious APIs or any of the OWASP top 10 threats.
F5 AFM is effective in guarding against targeted network infrastructure-level attacks. By protecting against more than 100 attack signatures, F5 AFM can mitigate against more hardware-based signatures than any other firewall vendor. Built on a full-proxy architecture, the solution integrates perfectly into the Bank’s new security infrastructure, giving better flexibility and security performance to mitigate any DDoS and protocol attacks before banking services can be overwhelmed and degraded.
With the ability to enable real-time password encryption for safer online banking transactions, F5’s suite of solutions protects EXIM Bank’s digital banking infrastructure against external threats, while guaranteeing service stability and ensuring a high quality user experience.
One of our key considerations was improving the availability of our central banking system across all of our branches while ensuring our internet banking facilities are more than adequately protected. F5 BIG-IP is highly adaptable and allowed us to add on additional features such as Advanced WAF and AFM, so we can enhance our capabilities both internally and externally.
By taking advantage of a highly adaptable single-appliance hardware solution, with add-on software features such as F5 Advanced WAF and AFM, EXIM Bank was able to implement effective online security for external customers, enhance the internal user experience of its central banking system and improve performance scalability.
F5 Advanced WAF targets malicious traffic patterns without administrator intervention, thanks to a combination of machine learning, deep application expertise and highly accurate behavioral DoS detection and mitigation. This protects EXIM Bank against increasingly sophisticated attacks and web applications are safer from application-layer DDoS threats.
With a combination of both hardware and software solutions, including F5 BIG-IP with built-in LTM, WAF, AFM and DNS, EXIM Bank improved accessibility to its banking services for all of its customers, improving their user experience and ensuring service quality.
The highly adaptable F5 single-appliance hardware solution enables EXIM Bank to enjoy future performance scalability as it continues to cater to increasingly digital savvy banking customers in a growing market.