The People's Bank of China, China Banking and Insurance Regulatory Commission and China Securities Regulatory Commission published the Guidelines for Financial Sector Implementing the Action Plan for Promoting the Large-Scale Deployment of Internet Protocol Version 6 (IPv6) in the Financial Sector (Document YF 2018 [No. 343], hereinafter referred to as "Document No. 343") on January 10, 2019 to put forward specific implementation guidelines for IPv6 deployment among financial institutions. It is required that by the end of 2020, Internet applications for public service provided by financial institutions shall support IPv6 connection. However, many financial institutions do not have the capability at present.
Based on scientific interpretation of the implementation guidelines published by regulatory authorities and the experience of implementation in many domestic financial institutions, ECCOM has launched IPv6 compliance solutions for the financial sector to help financial customers grasp innovation and reform opportunities in global network information technology and meet national strategic cybersecurity supervision requirements, accelerate the updating of software and hardware infrastructure and application systems, and complete the transformation of service platforms to IPv6 in the financial sector.
ECCOM can help users sort out existing IT architecture, evaluate the network for dual-stack capability, and assist users in dual-stack route planning and dual-stack transformation in the Internet area. We also help them deploy network infrastructure solutions, make the address plan for NAT64, NAT66, DNSv6 and IPv6 addresses, and apply the application infrastructure transformation.
Transform the application network protocol stack or the infrastructure communication channel first;
The transformation at the application and system level is a continuous thing, which cannot be done overnight, and the business has no demands in this regard;
Financial customers of demonstration units and those of non-demonstration units specified in Document No. 343 are unbalanced in technology and O&M capabilities;
The transformation conducted by infrastructure departments must guarantee secure and stable system operation.
ECCOM has gained extensive project experience from in-depth participation in IPv6 transformation in state-owned banks, national commercial banks and other organizations. We have refined industry solutions to provide tailor-made IPv6 compliance transformation solutions for customers.
ECCOM has had an in-depth consideration of DDoS, APT, Web and other common attack means in the solutions in accordance with Document No. 343, established targeted protection and an in-depth protection strategy that meets the zero-trust architecture.
Regardless of transformation with dual-stack or NAT64 translation, the transformation and cutover of applications are widely involved. Based on in-depth research on user application systems, ECCOM has established mutual access of application systems and the dependency relationship with the infrastructure level. We help customers cut over from existing network architecture to the new dual-stack/conversion infrastructure step by step. Each step is risk-controllable and rollbackable. It is intended to maximize customer business continuity.
Meet regulatory requirements: It does not only meet regulatory requirements at the information system level, but also allow enterprises to participate in the large-scale promotion of national network security strategies such as Snowball Plan.
Protocol advantages: By introducing IPv6, we have obtained a broader address space and prepared for the pipeline infrastructure level of the future Internet of Everything; IPv6 protocol itself has better security and more flexible scalability features.
Improved business continuity: It does not only provide network-level, host-level, application-level and data center-level disaster recovery and switching from the perspective of infrastructure, but also provides the protocol-level disaster recovery capability to ensure business continuity.