Abstract: Michael Harnum, Regional Manager, MCI The content of your Web site--the took and feet, the data in your Legacy systems--needs to sit on a machine somewhere. That machine, the server, needs to be tied somewhere to the Internet. Unisys proposes that the Web site sits at one Unisys' outsourcing centers, and the Legacy data stays at the bank. Many banks want their data at their facility for security and so that they can trouble shoot in the event of problems. The Web site has everything but the data. The moment Unisys' facility validates a user, a private connection from the bank's legacy system to MCI's network is activated and the necessary account information is provided to the bank customer at the Web site. Communication occurs via an MCI private network that does not, at any point, touch the public Internet. The bank's number one security risk is the channel between the bank's system and its Web site, which allows a bank representative to get into the Web site and update it--and get back into the bank's system. There are numerous layers of security to ensure that only the bank's representatives make their way from the site into the bank's internal systems. Typically someone coming from the Internet goes through a firewall and the playroom (another type of firewall creating the illusion that one is inside the bank's system). Then, a certificate server lets authenticated users through a gateway, which grants them access to the file server at the bank (a computer that accesses the bank's legacy system). Each bank representative has a predesignated means of identification, including a password that changes every 60 seconds. Secondly, only a designated network address can access the Web site. Every single computer connected to the Internet has a numeric address for identification, the IP address. Most Internet dial-up accounts, including Unisys,' use a process called dynamic IP allocation. That means the addresses from which authorized users dial change continually. If a user doesn't have the right address at any given time, we don't Let him in. The next security layer is the central access list. Even if the user advances a password and address accepted by the server, the list is checked to make sure the password and address match official expectation. The identification process for Internet customers parallels how companies grant visitor passes in the physical world. Further security could be provided using encrypted sessions. With most fire watts, once you get in, information flows freely across the Internet. Encryption scrambles the data even after the door has been opened. You need to have some intelligence on the client end to support that, so it's not tremendously popular. Beyond encryption is a technology whereby the end-user is challenged throughout the session to make sure that the person who originally signed on is the same person as the one who is now on. That can get pretty expensive. Firewalls--hardware and software to shield appLications--could be put at both ends of the private tine between the legacy system server and the Web server. Either way, users hitting your Web site are never realty getting to your legacy server. They are querying information, which is delivered through a private connection. Hosting options and their cost Your two other options for the communications service would be to use a small, local Internet Service Provider (ISP) or to have a direct line to your place. This way, we do the operations network and maintenance, Transcor designs the smarts that sit on a Unisys machine. The total cost of the Unisys component of your Web site would be roughly $2,000 for installation, plus about $6,000 a month in operating costs. With a less powerful server, you could save a little bit. However, if you want to do some real funky things, the cost might go up a little bit. A shared server solution we don't have finalized pricing for yet, but it would be significantly less, typically $1,000 to $4,000 a month, depending on how much space you take up. …
Publication Year: 1998
Publication Date: 1998-02-01
Language: en
Type: article
Access and Citation
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot