Digital reference architecture in hybrid cloud
1 like•720 views
The document outlines a reference architecture for digital banking on a hybrid cloud, emphasizing the transformation of infrastructure and applications to enhance agility and competitiveness in the financial sector. It details key components such as app modernization, data architecture, integration and APIs, and a cloud-ready operating model essential for deploying scalable, secure, and efficient banking services. The architecture is designed to support traditional and modernized applications, leveraging a hybrid multicloud foundation while maintaining compliance and security in a rapidly changing environment.
Digital reference architecture in hybrid cloud
- 1. Digital Banking Reference Architecture on Hybrid Cloud HYBRID CLOUD FOUNDATION PUBLIC CLOUDPRIVATE CLOUD DEDICATED CLOUD ON PREMISE OFF PREMISE TRADITIONAL APPS MODERNIZED APPLICATIONS INTEGRATION AND APIs API Composition Events Data SynchronisationConnectivity Reusable services DIGITAL SERVICES FOUNDATION Digital Agility Fabric Automation Fabric Data Fabric { } { } { } { } { } { } DATA SYSTEMS LANDSCAPE 3rd-Party Banking Solution APIs SYSTEMS OF ENGAGEMENTS External Channels Partner & Ecosystem Mobile Internet Kiosk White-label OfferingsBranch ATM Internal CRM Credit DWP CLOUD-READY OPERATING MODEL Automation DevOps Architecture & Governance Identity & Access Mgnt Security & Compliance CONTAINERS Multi Cloud Management IaaS CaaS PaaS IaaS CaaS PaaS Legacy IaaS CaaS PaaS SaaS Davide Veronese CTO Cloud, IBM Italy [email protected] Slack: @davide.veronese
- 2. 2 Digital Banking Reference Architecture on Hybrid Cloud • This document contains the high-level description of a Reference Architecture including infrastructure and applications concepts/solutions in a Hybrid Cloud context for the FS enterprises. • I describe how: • app modernization • data architecture modernization • APIs • DevOps • Digital and Open banking • Cloud-ready operating model Can be aligned in a unique target architecture More info: https://davideveronese.wordpress.com/
- 3. An optimized & composable architecture to drive efficiency and business flexibility with Cloud 3 HYBRID CLOUD FOUNDATION PUBLIC CLOUDPRIVATE CLOUD DEDICATED CLOUD ON PREMISE OFF PREMISE TRADITIONAL APPS MODERNIZED APPLICATIONS INTEGRATION AND APIsAPI Composition Events Data SynchronisationConnectivity Reusable services DIGITAL SERVICES FOUNDATION Digital Agility Fabric Intelligent Automation Fabric Data & Insights Fabric { } { } { } { } { } { } DATA SYSTEMS LANDSCAPE 3rd -Party Banking Solution APIs SYSTEMS OF ENGAGEMENTS External Channels Partner & Ecosystem Mobile Internet Kiosk White-label OfferingsBranch ATM Internal CRM Credit DWP CLOUD-READY OPERATING MODEL Automation DevOps Architecture & Governance Identity & Access Mgnt TRADITIONAL APPLICATIONS • Transaction processing requiring high volume processing capabilities with security and transaction integrity • Complex legacy applications built over years from scratch or packaged applications (Mainframes with COBOL, PASCAL and other legacy technologies or COTS e.g. SAP, Oracle, CAD) MODERNIZED APPLICATION BUS MODULES • Portfolio / long tail of applications supporting core business SORs • Decomponentized and Service Orientation • Variety of tech stack – OS, DB, MW, Runtimes DATA SYSTEMS LANDSCAPE • Enterprise Data Warehouses, Data Marts, Operational Data Stores • Analytical Processing systems requiring heavy compute resources need DIGITAL SERVICES FOUNDATION • Digital Agility Fabric with such capabilities as Microservices, API and Containers at core • Hybrid Data fabric with rapid access to transactional data source of truth, analytical processing at the edge, automation enabled by Machine Learning and AI CLOUD-READY OPERATIING MODEL • Full Software Defined Delivery model • Increased and improved collaboration • DevOps CoC • New roles definition Security & Compliance The Digital Banking Reference Architecture on Hybrid Cloud CONTAINERS Multi Cloud Management IaaS CaaS PaaS IaaS CaaS PaaS Legacy IaaS CaaS PaaS SaaS
- 4. 4 Reference Architecture highlights Why this reference architecture There are multiple internal and external factors that indicate how the financial industry and their revenue pools are substantially disrupted, such as: new customer behavior, new FinTech capabilities and regulators requirements. This leads the banks to wonder how their infrastructure, applications and operating models could evolve to achieve the flexibility and agility required to take part of an ecosystem as the only way to remain competitive in the market. With this asset I framed all the technical transformation topics in one single and consistent view. The view is organized in 10 focus area including important topics as: Containers, Core-to-Cloud and Open Banking. Digital Banking Hybrid Multicloud Why: a core layer of this asset is the Digital Services Foundation, intended to host the implementation and governance of new cloud-native banking capabilities Why: more than in other sectors, the internal and external factors are forcing the banks to change how they produce services. A clear target state is required to coordinate and align the changes Why: the banking technology architecture is usually based on traditional on-premise IT. This, have to be extended with Cloud to gain flexibility and agility
- 5. 5 Investments in and the Rise of the Fintechs This is a non exhaustive list of new FinTech players who are becoming aggressive to erode part of the traditional banks revenue. The banks have to become more agile and flexible to offer digital native products/services or to integrate with these new players keeping the client experience control Fact So what
- 6. Financial regulators, key events and publications for 2020
- 7. Reference Architecture highlights: 10 areas • Hybrid cloud foundation: the infrastructure and middleware systems at the base • Traditional Applications: not cloud-ready applications which will continue top stay on traditional IT, mainly belonging to Core Banking systems • Modernized applications: transformed or modernized applications which will take advantages from underlying Cloud technology solutions • Containers: the emerged technology to increase application portability • Data systems: never forget the data! • Integration and APIs: the traditional integration layer now is becoming much more complex • Digital services foundation: where to design, implement and govern the new digital banking services • 3rd -party banking solution APIs: the merging banking services available in SaaS model • Systems of engagements: the traditional internal and external channels where the banks which have recently centralized most part of investments • Cloud-ready operating model: the new model including DevOps required to operate the overall complexity UniCredit / IBM confidential HYBRID CLOUD FOUNDATION PUBLIC CLOUDPRIVATE CLOUD DEDICATED CLOUD ON PREMISE OFF PREMISE TRADITIONAL APPS MODERNIZED APPLICATIONS INTEGRATION AND APIs API Composition Events Data SynchronisationConnectivity Reusable services DIGITAL SERVICES FOUNDATION Digital Agility Fabric Automation Fabric Data Fabric { } { } { } { } { } { } DATA SYSTEMS LANDSCAPE 3rd-Party Banking Solution APIs SYSTEMS OF ENGAGEMENTS External Channels Partner & Ecosystem Mobile Internet Kiosk White-label OfferingsBranch ATM Internal CRM Credit DWP CLOUD-READY OPERATING MODEL Automation DevOps Architecture & Governance Identity & Access Mgnt Security & Compliance CONTAINERS Multi Cloud Management IaaS CaaS PaaS IaaS CaaS PaaS Legacy IaaS CaaS PaaS SaaS 7
- 8. Hybrid MultiCloud foundation • Hybrid: the banking application workload is heterogeneous, and the hybrid infrastructure will guarantee to support an optimized disposition model where the applications will run where the combination of economics and innovation benefits is maximized • MultiCloud: to guarantee the application portability and to avoid any vendor lock-in the adoption of a single Cloud provider is not an option • Infrastructure automated provisioning, MultiCloud DevOps, Ops management, Security&Compliance and Financial Governance are not an optional for an efficient Hybrid MultiCloud management system 8
- 9. Traditional Applications • Doesn’t make sense to transform all the banking applications to make them cloud-ready or cloud-native • Some applications mainly in core banking are probably highly optimized and super efficient • An API enablement approach can make these applications part of the APIs drive ecosystem: z/OS Connect1 is the answer • Batches programs are very common in banking context, while batch-less is a common Cloud pattern. A Batch Modernization2 approach make sense here 9 TRADITIONAL APPS 1.https://developer.ibm.com/mainframe/products/zosconnect/ 2.https://w3-connections.ibm.com/wikis/home?lang=en#!/wiki/W5d7205eb1fa3_4d16_98b5_a1374434b877/page/Batch%20Modernization
- 10. Modernized Applications (1/2) • Doesn’t make sense to transform all the banking applications to make them cloud-ready or cloud-native • A Cloud readiness assessment can be done to evaluate costs and benefits • IBM is uniquely positioned to help our clients with tools, methods and professional services: • Cloud Innovate1 • BlueCAT2 • Data Center and Cloud Migration methodology3 • Cloud Advisory Services (CAS4) and Cloud Migration Factory (CMF5) organizations 10 1.An Easier Way to Process Your Cloud Migration - https://www.ibm.com/blogs/think/2017/03/granger-cloud/ 2.IBM Services Cloud Modernization and Migration - https://www.ibm.com/downloads/cas/RDAVJAZ7 3.https://w3-connections.ibm.com/wikis/home?lang=en#!/wiki/W7e547598dac7_4572_8b34_e4b898794acc/page/DCCM%20Overview%20-%20Snippets 4.https://w3.ibm.com/services/lighthouse/documents/57833 5.https://w3.ibm.com/w3publisher/cloudmigrationfactory-factory MODERNIZED APPLICATIONS
- 11. Modernized Applications (2/2) • The current mainframe application can leverage the following technology for a progressive modernization • Containerization: Red Hat OpenShift on Z1 and zCX2 for native Docker container management • API Enablement: z/OS Connect3 to enables z/OS-based programs and data to participate fully in the new API economy • DevOps: Z Open Development, Z Open Unit Test, Z Development and Test Environment (zD&T), UrbanCode Velocity and UrbanCode Deploy for z Systems • Open source frameworks: Zowe4 to allow Z based functionality to be accessible across an organization • Cloud integration: z/OS Cloud Broker5 11 1.https://www.ibm.com/blogs/systems/red-hat-openshift-now-available-ibm-z-linuxone/ 2.https://www.ibm.com/support/z-content-solutions/container-extensions/ 3.https://developer.ibm.com/mainframe/products/zosconnect/ 4.https://www.zowe.org/ 5.https://www.ibm.com/us-en/marketplace/zos-cloud-broker MODERNIZED APPLICATIONS
- 12. Containers • Containerization is one of the application cloudification/modernization option to guarantee the maximum level of portability in a Hybrid MultiCloud context • The mainframe also supports the Containers technology: • Recently announced Red Hat OpenShift on Z1 • zCX2 for native Docker container management • Red Hat OpenShift3 is the key platform to run and manage containers based on Kubernetes as orchestrator • IBM Cloud Paks4 are enterprise-ready, containerized software solutions that give banks an open, faster and more secure way to move core business applications to any cloud 12 1.https://www.ibm.com/blogs/systems/red-hat-openshift-now-available-ibm-z-linuxone/ 2.https://www.ibm.com/support/z-content-solutions/container-extensions/ 3.https://www.openshift.com/ 4.https://www.ibm.com/cloud/paks/ CONTAINERS
- 13. Data • As the applications, even the data have to be ready for a Hybrid MultiCloud context • IBM Cloud Pak for Data1, a fully-integrated data and AI platform that modernizes how businesses collect, organize and analyze data and infuse AI throughout their organizations • Leverage the wide range of partner solutions2 to help build a best-in-class platform, with a growing ecosystem of technology partners and system integrators. • Enterprise Data Warehouses, Data Marts, Operational Data Stores and Event driven data capture • Analytical Processing systems requiring heavy compute resources need 13 1.https://www.ibm.com/cloud/paks/ 2.https://www.ibm.com/products/cloud-pak-for-data/partners#section-heading-1 DATA SYSTEMS LANDSCAPE
- 14. Integration and APIs • The integration layer is responsible to host application and data decoupling capabilities between: • Core banking ó new digital services • Core banking / digital services ó 3rd party platform/services • IBM Cloud Pak for Integration1, a complete set of integration capabilities to efficiently connect applications and data wherever they live: • API lifecycle management • App & data integration • Enterprise messaging • Events streams • Secure gateway 14 1.https://www.ibm.com/cloud/cloud-pak-for-integration INTEGRATIONANDAPIs APIComposition Events DataSynchronisationConnectivity Reusableservices
- 15. Digital Services Foundation • Leverage IBMs Banking reference model to Enhance BIAN Architecture • Digital Services Enablement (DSE) Architecture Building Blocks Are Defined To Help Banks Accelerate Transformation To Digital And Open Banking 15 DIGITAL SERVICES FOUNDATION Digital Agility Fabric Intelligent Automation Fabric Data & Insights Fabric { } { } { } { } { } { } Digital Services Enablement1 1. IBM Digital Core Systems, Sajal Mukherjee, Offering Leader | Ram Ravishankar, DE & CTO - IBM Services for Cloud Strategy Intelligent Automation Fabric Digital Agility Fabric Data & Insights Fabric Product Fulfillment (Operations and Execution) Loans & Deposits Cards Consumer Services Sales & Service Customer Mgmt Sales & Service Sales Risk & Compliance Models Bus Analysis & reporting Data Lake Reference data SoR Data Event History Party data Fraud Model Credit Risk Risk Models Campaign Mgmt Product Matching Offers… Product Portfolio Market Research ReportingLoans Current Account Other.. Authori zation Billing Other.. Service Product Currency Other.. Customer Agreement Customer Entitlement Other.. µService Foundation Other Cloud Services (e.g. Smart Contract, IoT, Key Management) Service Mesh Social Data Business Rules Management Servicing Order - Chatbot Prospect ManagementParty Lifecycle Mgmt Robotic Process Automation Cognitive Process Automation Market Data Entitlement ...
- 16. 3rd party Banking solutions There are multiple internal and external factors that indicate how the financial industry and their revenue pools are substantially disrupted, such as new FinTech capabilities and regulators requirements. This leads the banks to wonder how their infrastructure, applications and operating models could evolve to achieve the flexibility and agility required to take part of an ecosystem as the only way to remain competitive in the market. 16 3rd-Party Banking Solution APIs
- 17. Systems of engagement • This is the area where the banks have dedicated most part of the IT budget in the last years • It’s mandatory for the banks to protect the investments done, and take the benefits in terms of business agility and flexibility provided by the remaining IT organizations and technology • The Digital Service Foundation layer will provide new digital capabilities to be integrated with the traditional systems of engagement 17 1.https://www.ibm.com/cloud/cloud-pak-for-integration SYSTEMS OF ENGAGEMENTS External Channels Partner & Ecosystem Mobile Internet Kiosk White-label OfferingsBranch ATM Internal CRM Credit DWP
- 18. Cloud ready operating model • How the IT is able to operate the new platform is a key success factor • There are 2 models that are coexisting: • Traditional IT: reach of exceptions, dedicated processes and customizations • Cloud model: where automation and standardization are at the core to guarantee flexibility and reduced cost-to-serve • The new operating model have to guarantee the status-quo to avoid high risks related to major changes, and to adopt cloud-ready capabilities as: • DevOps: a multi-technology and multi-role discipline to dev, deploy and run sw in a modern way • Architecture and governance: to enrich the consolidated architectural capabilities with Cloud-related topics as Microservices and APIs • Automation: this is mandatory to have a more efficient operating model. Automation means more standards and less manual tasks resulting in the reduction of operational risks. 18 1.https://www.ibm.com/cloud/cloud-pak-for-integration CLOUD-READY OPERATING MODEL Automation DevOps Architecture & Governance Identity & Access Mgnt Security & Compliance