Sangfor SSL VPN helps BOC Fund achieve "best risk control"
BOC Fund Management Co., Ltd. is a Sino-foreign joint venture fund management company jointly established by Bank of China Co., Ltd. and BlackRock Investment Management Co., Ltd., two leading global financial brands. Its predecessor was BOC International Fund Management Co., Ltd. BOC International Fund stands out in the industry for its outstanding performance in fund management and won the honorary title of China's Best Risk Management Fund Management Company and the Excellent Award for Chinese Investor Education. Approved by the China Securities Regulatory Commission and the Chinese Ministry of Commerce, and has completed the registration change procedures at the State Administration for Industry and Commerce, BOCI Fund Management Co., Ltd. was renamed BOC Fund Management Co., Ltd.
For fund companies, information construction has self-evidently important significance, and almost all business, information, and transactions need to rely on various business systems and networks. After years of development, BOC Fund has completed a relatively complete network and application system at the headquarters and various branches. The headquarters intranet has deployed a series of information resources such as file servers, office systems, and business systems to achieve centralized and unified application of data platform.
https://www.webwiki.com/topvpnguides.com
In daily use, the BOC Fund Information Center has found that many fund staff often need to deal with immediate business quickly when they are on a business trip or during a foreign investigation. However, due to the high security requirements of the fund company for core data, various business systems and office systems cannot be directly exposed on the public network, resulting in many businesses that need to be processed immediately after returning to the company, which greatly affects the rapid response Claim. At the same time, in order to ensure the smooth operation of the company's network and various systems at all times, even if the engineers of the information center are outside or at home, they also need to have the necessary technical means to connect to the relevant company's internal network resources to implement related management and maintenance.
Only complete information construction can guarantee the company's rapid development. After realizing this problem, BOC Fund Information Center immediately set out to seek a solution for remote access and established three basic principles: First, it must meet security requirements, The server cannot be externally placed in a secure domain. At the same time, it must be a secure tunnel established after the user's identity is confirmed; It can respond quickly, and the convenience needs to be ensured on the terminal to provide the greatest convenience; finally, the adopted solution must minimize the changes to the existing network and integrate well with the business system, which must not affect the use of normal applications.
After carrying out a series of investigations and tests, and considering peer networking experience, BOC Fund finally adopted Singsong SSL VPN to achieve remote access, on the basis of three principles to meet the needs of mobile office workers and remote maintenance of information center personnel .
SSL VPN is recognized in the industry as a virtual private network with high security and flexible deployment. BOC Fund deployed SSL VPN in bypass mode and set accordingly. Only VPN traffic passes through the device, and the rest of the data is transmitted in the original way, which will not have any impact on the existing network.
The release of the intranet server is completed through the SSL VPN security release. SSL VPN only opens port 443 to the outside world, and the SSL VPN itself is placed after the export security device, and the security of the device itself is guaranteed. For users who access the SSL VPN encrypted tunnel, strict identity authentication is used. SSL VPN can provide USB KEY certificates, SMS passwords, dynamic tokens, hardware feature codes and other combination of hard and soft identity authentication methods to ensure the user to the greatest extent. The legality of the identity guarantees the security of the tunnel entrance. After the user accesses, the intranet access rights are strictly divided according to the user's identity, restricting the business personnel to only access the application systems within the permission range, and the network maintenance personnel can perform remote access management on network devices across the network.
In the use of user terminals, SSL VPN has a unique advantage, which is different from traditional VPN access methods. SSL VPN uses the SSL protocol built in the browser to build a secure tunnel, without the need to install client software or Complex configuration. Users logging into SSL VPN can be as convenient as logging into HTTPS online banking and email, in line with daily usage habits.
Through the construction of SSL VPN platform, BOC Fund has built a safe, fast and convenient mobile office platform and remote maintenance platform, and interpreted the best risk control of information construction on the road of development.