When HDFC decided to interconnect its branches, it was looking for the most cost-effective method.

The hub and spoke architecture proved to be beneficial in many ways. by Minu Sirsalewala HDFC Bank had a centralized IP-based network right since its inception. All branches across the country converge at their respective zonal hub location, which in turn conects to the data center at Chandivili, Mumbai. Network Based on the bank's hub & spoke architecture for the network, the branches are distributed under different regions and each major location has a regional hub. The branches falling under a location connect to the hub at the main region. These hubs then connect to the central site (data center) using a combination of 2 Mbps and 64 Kbps pipes, depending on the total volume of the transactions that pass through. C.N. Ram, Head-Information Technology, HDFC Bank says, "Each branch is connected to their regional hub, as to connect every branch directly to the data center involves huge costs. This kind of architecture helps save cost." A highlight of HDFC Bank's network is the presence of two or more hubs in one location. "To balance the load and reduce the dependency on a single line, the bank has two hub locations within a region to share the load. The branches are split between the two hubs, so that one hub failure does not incapacitate all the branches in that region," explained C.N. Ram. A step ahead In the coming years HDFC Bank plans to deploy connections, with built-in redundancy in the network. For example, Madras could be connected to Bangalore and Kolkata, with all three of them being connected to Chandivili. Therefore, if the Kolkata-Chandivili link fails, then Kolkata will use the Madras link to connect to the Chandivili data center. The bank is also considering alternate connectivity solutions as VSATs are relatively more expensive, and in remote areas it is difficult to set up the required infrastructure. The bank has tested CDMA and GSM solutionsspecially for ATMs as they consume very small bandwidths. The bank's servers have also undergone phases of development inline with the bank's expansion plans. Servers The bank started with applications on SCO-Unix boxes from Compaq almost eight years back. The software then used was MicroBanker from i-flex Solutions (then called CITIL). The set-up supported about 10 branches initially. "With an expansion in the number of branches the bank felt the need to consider Unix/RISC boxes rather than an Intel/SCO Unix platform, and selected the Sun platform. Since then the bank has been running applications on a Sun platform," said C.N. Ram.

With the growth in transaction volumes, number of branches and the number of users the hardware platform has also been upgraded. Till recent times the database was operating on a direct attached storage (DAS), and from 1st April 2003 the bank switched to storage attached network (SAN). The bank's earliest server was a Sun Ultra 170; over time it moved to Sun Ultra 3500, 4500, and then Sun E10 K. Now the applications run on Sun's Star Fire 15K Server. Banking applications The bank uses separate software for corporate and retail banking as there was no single package that met both their business requirements. On the corporate side HDFC Bank started with MicroBanker and then moved to Flexcube in 2002. They use Flexcube UBS, which operates on a Compaq Alpha box-GS160. This database was also on DAS and was moved to SAN over last year (December 2002). The bank uses SAN solutions from Hitachi Data Systems. On the retail side the bank uses Finware from i-flex solutions. The bank did not face any serious migration issues as they use upgraded products or new products usually from the same vendors. The vendors have programs that enable the migration or upgrades. "When HDFC Bank had acquired Times Bank in 2000 all the Times Bank customers were shifted from their package (called Kapiti) to HDFC Bank's Finware and MicroBanker. We had the vendors develop the software required to migrate the data from Kapiti to Finware so that the task for the operating departments was greatly reduced and the conversion was done in a short space of three months with minimum disruption to customer service," said C.N. Ram. Storage The bank currently deploys SAN but feels they will need to consider NAS sometime in the future. According to C. N. Ram the bank's storage requirement is growing at a rate of four to five percent every month. With an increase in data volume, the capacity of the hardware also needs to be updated. This calls for huge investments as all areas like backup, disaster recovery and others need to be addressed. The bank has to store data for seven years as per the RBI guidelines, and as it is not necessary to store the data on-linethe bank uses tapes for off-line storage. The bank anticipates storage costs to come down, and bulk purchases would be economical. Disaster Recovery setup C.N. Ram says, "Our approach is that we need to protect our data first as the basis for a business continuity plan." The bank has a disaster recovery (DR) site at Chennai. The data at the main center is replicated in real-time on-line at the Chennai site. The data is stored on the servers at the DR site and the database is constantly replenished. If some disaster was to occur, data (up to the last second) will be replicated, and be available. This gives both, the bank and the customer a feeling of security.

Security at HDFC Bank Pre-Internet banking Security concerns during the pre-Internet period had more to do with the internal activities of a business. Right from the early days technology solutionslike banking applications for mainframes, AS400 or Unixhad lot of security built-in. Transactions that are directed from the branch to the main server are encrypted; there are individual passwords, and numerous functions have two levels of authorization. Thus security in banking, to a large extent, is built into the software or the application itself. Internet banking The moment a business opens up through a medium like Internet, external security becomes of prime importance. One has to start considering protection tools like firewalls, IDS, and others. According to C.N. Ram, it is not enough to take care of security from the hardware or software perspective, one needs to have security policies in place, which will tell you how to review the logs. Ram informs that HDFC Bank has a mechanism in place where a third-party is hired to manage their entire security. This third-party is constantly onsite looking at logs, making the required changes, as there are patches and upgrades being constantly released, and it is imperative to incorporate all of these. "You are protecting the infrastructure, but you also have to keep a vigil on the logs to see who is trying to attack you or hack into your system," says Ram. The bank also has safety measures in terms of who has access, or who is authorized to access certain kinds of data. "Much of the security deals with the classification of the information you have. Thus people who are functionally responsible for a particular area are also responsible for the data they have. For example, a corporate banking customer will not have access to retail banking data, and vice-versa. These are generally built-in the banking packages systems," said C.N. Ram. Security is directly related to the business. The banking systems over the years have been built with lots of security concern based on the kind of business they do. He further added that security is not limited to hardware and soft-warepremise security also plays an equally important role. Physical access is combined with data access. One has to have swipe cards to access the area where the data is. Thus there is lot of emphasis on access control mechanisms, which is in fact physical security.
Minu Sirsalewala can be reached at minus@networkmagazineindia.com

Banking through multi-channels

Today banking is not limited to a branch. People have lesser time to spend on their banking activities and would like to avail the banking services through other channels. In a competitive market where the services offered command market share, banks are constantly vying for customers. Banking has become a process of choice and convenience. By offering different channels even the banks have been successful in diverting their operations from a branch to other channels. The result of which has been a cut in the cost per transaction at the branch.

An average transaction at the branch costs around Rs.100; at an ATM it is about Rs.40, and on the Internet it's around Rs. 20.