North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: Banc of America Article
- From: Daniel Senie
- Date: Wed Jan 29 13:18:54 2003
At 12:46 PM 1/29/2003, firstname.lastname@example.org wrote:
Perhaps the bank bought VPN service with an SLA from a large network
vendor. That SLA was not met due to network congestion. Said vendor will be
responsible for reparations to the bank. That doesn't help the customers,
of course. Now the bank COULD just use T-1 or faster circuits to all
branches, but the network vendors are pushing VPNs (whether formed by IPSec
tunnels, Frame Relay, MPLS, etc.) as cheaper alternatives. It would be
foolish and irresponsible for the bank management to spend many times the
amount of money.
> IIRC, the ATM system is similar to CC transactions. A best effort is
> made to authorize against your account (Credit Card or Banking) but if
> it fails and the transaction is within a normal range (your daily card
> limit) the CC/ATM completes the transaction.
Too bad it is not the case, but lets presume that it is. How does it
explain branches not being able to process direct withdrawals either?
The incident on hand illustrates that the design of our financial
networks is broken. If a non sophisticated worm managed to create so many
problems, what is going to happen should a real attack be mounted against
the networks used by financial services?
Of course even the T-1 circuits can have problems. ATT did melt their
telephony backbone on Martin Luther King Day some years back. So should the
bank run their own fiber between branches to ensure they're OK in the event
of an SS7 meltdown? Where do you draw the line? Which technology do YOU
trust? Which can you afford?