Deploypartners Case Study

Westpac is a multinational financial services corporation, one of the Australian “big four” banks. As of November 2011, Westpac has 12.2 million customers, Australia’s largest branch network with almost 1200 branches and more than 2800 ATMs. The bank is Australia’s second-largest provider of home lending and business banking lending.

Westpac’s charter was to improve IT service delivery through multi-factor technology renovation. This involved rationalizing existing systems to remove duplication or redundant technology, giving operators better views of network status, implementing centralized processing of all fault occurrences, and providing a secure infrastructure for Westpac’s Web Applications.

IBM engaged DeployPartners to assist in developing top level and detailed solution designs for Westpac Bank network requirements. This deployment to enhance Westpac’s management infrastructure would include new developments under:

  • hardware, server, mainframe, middleware and database monitoring – network & application management
  • performance & event management

The scale of the networks involved required up-to-date visibility of service activities including performance and health, and the root cause of any potential issue. It should have the capability to automate system responses so that issues are acted on before they ever become critical. Westpac personnel needed the capability to create, update and delete monitoring alerts when they need to, via a ‘role-based’ authorisation environment.

To safeguard a secure infrastructure for Westpac’s Web Applications they needed to provide a Single-Sign On and Web Security offering to their customers and partners. This being a critical part of a bank network, through which all Westpac Web applications will be run, High Availability and Scalability were key requirements.

Solution Overview

Delivering this project requirement incorporated technology from three DeployPartners architectural design and installed platforms, described below:

  • Netcool OMNIbus™ and ITM6
  • Tivoli Access Manager for Enterprise Perimeter Security
  • Composite Application Manager
Netcool Omnibus™

DeployPartners proposed a Tivoli Netcool™ solution to aggregate events from various systems. The IBM Tivoli Netcool product suite is a manager of large and highly complex infrastructure networks. The software offers breadth of coverage, rapid deployment, scalability, and ease of use – consolidating data from operational silos into a single real-time Web dashboard display.

Acting as a ‘Manager of Managers’, the platform would provide a single view of IT infrastructure health. Such a solution is particularly suited to the Westpac environment, where over 20 existing event sources feed information. With data centralised to the Network Operation Centre, the right automated responses are activated, and other key individuals, systems, and processes informed of service-affecting problems.

A Westpac Data Centre & two remote servers within Sydney house the new infrastructure, and are be responsible for collection of alarms from systems located in regional network.

The solution architecture has been designed incorporating IBM Tivoli Monitoring v6 (ITM6) to ensure high availability in the event of any one component failing. Each monitoring and processing component in the system has it’s own method of backup. If/when the primary objectserver fails, the failure will be detected and the routing of events from the probes will be re-directed to the backup objectserver.

Enterprise Perimeter Security (EPS)

The Enterprise Perimeter Security Program (EPS) aims to deliver a simplified, scalable and highly reliable hosting environment, designed to protect the information resources of Westpac. The EPS design combines a number of existing security environments, creating a reduction in the number of physical devices (servers, switches and firewalls), delivering cost savings and best protecting Westpac customers, staff and business partners.

The EPS project leverages on IBM Tivoli Access Manager (TAM) and IBM Tivoli Federated Identity Manager (TFIM) products to build a robust and fault-tolerant web security infrastructure for the program.

IBM Tivoli Access Manager (TAM) for e-business provides an access control management solution to centralise network and application security policy for e-business applications. The TAM component will be deployed by DeployPartners within the EPS to provide the authentication and authorisation platform for Westpac online banking. By providing a centralised, flexible, and scalable access control solution, TAM builds secure and easy-to-manage network-based applications and e-business infrastructure.

IBM Tivoli Federated Identity Manager (TFIM) simplifies application integration using many forms of user credentials, helps reduce administrative costs and facilitates compliance. TFIM handles federated single sign-on, web services security management, and user account provisioning based on open standards.

Supporting the EPS Program to achieve:

  • A unified front-end to all the customers and business partners
  • Support of multiple authentication types across multiple security domains and technologies
  • Single sign-on (giving access to multiple applications)
  • Access rights to only the right people
  • Secure, integrated, policy-based management of Users, access, portals, Web and custom applications
  • A nodular solution which can be scaled up or scaled out as required to satisfy increasing demand

Business Benefits

  • Deployment of a single “Manager of Managers” event management system
  • Aggregation of events to provide a single pane-of-glass view of IT infrastructure health
  • Developed and implemented the toolset to enable Operational staff to view, action, own and manage events from creation to resolution
  • Integrated with the Request/Incident and Problem Management system for the automatic creation of incidents
  • Creation of reports on event data for ITIL continual service improvement activities
  • A Highly Available solution that spanned two datacenters
  • Authentication and authorisation platform for Westpac online banking.