middle east conference 2012 business continuity johan limborgh, support duty manager imran mohsin...
TRANSCRIPT
Middle East Conference 2012
Business Continuity
Johan Limborgh, Support Duty manager
Imran Mohsin Mirza, Senior Technical Sales Expert
Agenda
Best Practice resilient setup
Connectivity resilience
Database resilience
2
Business continuity @ SWIFT
3
Business Continuity Plan
• Objective
“enable your organisation to survive a disaster andto resume normal business in the shortest time”
• Business Continuity Plan (BCP) or Contingency Plan– process of analysis, development, documentation,
implementation, testing of procedures ...
• Disaster Recovery
– subset of BCP, covers infrastructure / operations
4
What is Business Continuity, Incident & Crisis management ?
5
Business Continuity, Incident & Crisis management @ SWIFT
Incident recovery
Crisis & reputation management
Re-active
Prioritise
Prepare plans
Test & enhance
Pro-active
6
Business Continuity @ SWIFTWhy?
• To practice & enhance readiness to ensure Business continues regardless
• To update & improve business continuity plans (per site), recovery plans (per department/function) and system recovery procedures (per system/service)
• To continuously improve SWIFT’s resilience approach
7
Business Continuity @ SWIFTHow? Plan & Exercise!
• Simulation Support exercises (scope end to end)– Site failure & recovery of critical functions– External event: staff safety and contingency (pandemic flu, catastrophic risk)
• Service continuity exercises (scope system resilience)– Component failure and take over
• Community tests (includes you)– Cold start exercise (DRI): annual, invitation to Premium customers– Global OPC recovery: annual, open for all customers– SWIFT Crisis Coordination and Communication (SC3): every 3 year - industry
group at business level (includes board and CEO)
8
SWIFT Crisis Executive
Technical Team
SWIFT Duty manager
Command Centre Manager
Level 1 Level 2 Level 3 Level 4
4 level joint management and escalation process
24*7: generic contacts
Operational Helpdesk
Operational Manager
Incident Manager
Executive
SWIFT
Customer
0’ 15’ 30’ 90’
Support portfolio
Premium CustomGlobal Key Accounts, Large MIs and any customer looking for customised services
Premium PlusHigh volume customers and MIs
PremiumService Bureaus & branches of Premium Plus customers
Standard PlusLow and mid
volume
StandardAlliance
Lite
Messages per day
Recovery timeobjective
300,00040,000200 10,000
< 6 h
< 4 h
< 2 h
< 1 h
RE
MO
TE
SU
PP
OR
T
9
10
Operationalaccount management
Onsite support
Monitoring
Call & problemmanagement
Reporting
Preventive
Products
Connectivity andmessagingPhone alerting
Incident and crisis mgtSMS notification
Support analysisAvailability
Service Manager
Priority handling mgt escalation
Health checkTroubleshooting trainingBusiness Continuity testsOperational Monitoring tool
Named contactCase review
Highly customised
Bespoke contracts
On request for blocking problems
Unlimited phoneaccess
Newsletters
Premium PlusStandard Plus Premium Premium CustomStandard
Managed connectivity
Emergency / consultancy
Embedded Supportability
Online supportPhone upgrade
Configurationbrowser
Support package features
Incident reporting on swift.com
10
11
Remote Support
• Troubleshoot technical issues
• Reduce incident-handling time
• Upload files and data
• Avoid travel costs
• And more !
You Own It, You Control It!
Remote Support 3,000 EURper location/year
Real-time problem solverA secure and efficient way to diagnose and troubleshoot your problems
- Secure - Faster resolution - No software installation - Less contact shifts
Service build on « top » of Remote Support (*)
Remotely upgrading your environment to release 7.0- Efficient and effective upgrade - Low cost upgrade service - Peace of mind - SWIFT expertise
The SWIFT Remote Support ultimately saved us time and money by resolving (in our case) an upgrade from Alliance 6 to 7.0. The remote supporter was fast and avoided a minimal disruption of our business operations.” “The benefits of this new service allowed for a reduced downtime since we did not have the necessary in house knowledge, it was fast and easy” R. Hoppe - IT CBAS Denmark – Carnegie Bank A/S
(*) in order to benefit from these services you need to order the Remote Support service first
depending on your
configuration as of
1,750 EUR/day
12
Agenda
Best Practice resilient setup
Connectivity resilience
Database resilience
13
Business continuity @ SWIFT
Sometimes this happens…
14
VPNVPN
PRIMARY host
?
NOTHING
VPNVPN
CONTINGENCY host
• Alliance Entry/Access
• Alliance Gateway?• Alliance Entry/Access
• Alliance Gateway
?
Resiliency principles
“To minimise the impact of a technical failure on your business, you should be prepared for any disaster that might arise.”
• Prioritise for High probability - High impact risks• Fast recovery. Availability. Reliability.• Remove Single Points Of Failure for hardware, software,
network, site, procedures, people• SWIFTNet infrastructure
at customer premises:
15
VPN
Messaging application
Communication interface
Hardware Security Module (HSM)
SWIFTNet connectivity
16
Best Practice resilient setupSmall FIN configuration – Single host
16
Prime/Backup site
PRIMARY host
• Alliance Entry/Access
• Alliance Gateway
BACKUP host
• Alliance Entry/Access
• Alliance Gateway
VPNVPN
-Bronze (ISP, ISP)-Silver (LL, ISP)
VPNVPN
Contingency site
DR host
• Alliance Entry/Access
• Alliance Gateway
-Bronze-Silver
Messages flow connected to secondary Gateway with
automatic* failover mechanism. *Except on Entry for InterAct/FileAct.
Database Recovery feature supporting recovery on the
standby Access from replicated database
or or
Support for Alliance Access and Gateway
Configuration Replication between systems
17
Best Practice resilient setupSmall FIN configuration – Multi host
17
VPNVPN
Contingency site
VPNVPN
Prime/Backup sitePRIMARY host
• Alliance Entry/Access
BACKUP host
• Alliance Gateway
DR host
-Bronze (ISP, ISP)-Silver (LL, ISP)
-Bronze-Silver
• Alliance Entry/Access • Alliance Entry/Access
• Alliance Gateway • Alliance GatewayDMZ DMZ
RAHA RAHA RAHA
Resiliency Best Practices
• Failover procedures • HSM Resilience• PKI resilience
– Certificate renewal– SO access to secondary SNL
• Failover routes• Application data to restore
18
Prepare
TestLearn
Agenda
Best Practice resilient setup
Connectivity resilience
Database resilience
19
Business continuity @ SWIFT
DR host
Connectivity Resilience without RAHA
20
Legend: Primary route(s)
Backup route
Prime ContingencyBack office application
Back office must failover to contingency Alliance Access
PRIMARY host
• Alliance Entry/Access
• Alliance Gateway
• Alliance Entry/Access
• Alliance Gateway
VPNVPN VPNVPN
Loss of in-flight transactions, retrieval costs and
reconciliation
Alliance Gateway license simplification
• Starter Set license became Gateway license on 01/01/2011
• 3 production /test/contingency systems allowed instead of 1
• All Gateway license options can be added– Only a re-license on Gateway is required
• Remote API Host Adapter RAHA offers remote access to applications that link to SWIFTNet Link– Automatic failover to backup Gateway– DMZ setup possible
21
DR hostPRIMARY host
• Alliance Entry/Access
• Alliance Gateway
Connectivity ResilienceWith RAHA – Single host
22
Legend: Primary route(s)
Backup route
Prime ContingencyBack office application
• Alliance Entry/Access
• Alliance Gateway
VPNVPN VPNVPN
FIN: Automatic failover of LT to backup Gateway.
No loss of in-flight messages.
RAHA
SnF InterAct and FileAct: Automatic failover to backup Gateway.
On Access only
Very easy to implement• No change in hardware, no software installation
• Purchase RAHA license
• Relicense Alliance Gateway– Online passwords– R7 easy Relicensing GUI
• Configure Entry/Access with – Backup connection– Assign secondary connection to LT (Entry/Access), SnF
Emission/Reception profile (Access only)– No need to install RA on R7!
Implement when migrated to R7
23
DMZ
24
Prime
DMZ
Contingency
Back office application
Legend: Primary route(s)
Backup routeConnectivity Resilience With RAHA – Multi host
Messaging interface
Communication interface
Messaging interface
Communication interface
CONTINGENCY host
• Alliance Entry/Access
• Alliance Gateway
VPNVPN VPNVPN
• Alliance Gateway
PRIMARY host
• Alliance Entry/Access
RAHA
Alliance Lite2 as Emergency Service
A backup connectivity to your private infrastructure
25
MV-SIPNHSM
Private Infra
AA/AE
Alliance Lite2 as cold backup
Only available for Alliance Access and Entry customers
Browser
@Internet
Optional: MV-SIPN
AutoC
AA
ALLIANCE LITE2
Agenda
Best Practice resilient setup
Connectivity resilience
Database resilience
26
Business continuity @ SWIFT
27
What is Database Recovery?
DBREDOlogs
Database Recovery option
MirrorDisk
BackupDisk
Software
Recovery
Recover from any
database failure
without message loss.
Easy and fast.
28
Database Recovery and synch disk replication
Database Recovery option
DBREDOlogs
MirrorDisk
BackupDisk
Software
Database Recovery option
DBREDOlogs
MirrorDisk
BackupDisk
Software
Primary Contingency
SynchronousDisk
ReplicationRecovery only required if DB corrupt, full recovery
29
Database Recovery and asynch disk replication
Database Recovery option
DBREDOlogs
MirrorDisk
BackupDisk
Software
Database Recovery option
DBREDOlogs
MirrorDisk
BackupDisk
Software
Primary Contingency
AsynchronousDisk
Replication
Production Site Loss
Recovery always required, up to last valid transaction
Database Recovery Benefits
• Full content recovery up to the last committed state• Native feature• Based on Industry proven technology• Single command to recover• Complement to Mirroring or Cluster options• Supported and qualified by SWIFT• Further enhanced with release 7.0 to support asynchronous
data replication
30
Database Recovery option
MirrorDisk
BackupDisk
Thank you!