PNB has 4680 branches on the point-to-point network with around 3700 branches
connected through CBS. As per RBI guidelines, financial data exchange between
branches and the data center has to be encrypted. So, PNB decided to deploy
IPsec encryption to secure all its data transfer over the WAN. IPSec encryption
is being used as DPD (Dead Peer Detection), RRI (Reverse Route Injection) and
HSRP (Hot Standby Routing Protocol). In this method, the IP Sec tunnel is formed
in between the peer routers (branch/NC/ZNC router to VPN Concentrator). The DPD
is used to check whether the end router is alive or not. In the RRI process,
routes are injected into routing protocol to distribute surrounding devices.
This directs traffics to appropriate head-end (VPNC) through correct SAs
(Security Associations) and avoids policy mismatch & packet loss. The project
was implemented in three phases without any downtime taken for applications. The
project has given more confidence to our existing customers and enabled the Bank
to bring in more clients and business.
Project Head RIS Sidhu |
Project Specs |
Deployment Location: Across India
Team Size: Tech Used: Implementation |