Introduction

I work as an IT service manager in an international, government-funded, non-for-profit bank. The banking centers and ATMs operate in areas significantly far from the standard commercial data networks. The gap between commercial networks and our data endpoints is closed using our infrastructure. Available funds are always very limited. One result is that we operate on old infrastructure and operate a scattered network maintained by different service providers.

The backbone was, in 2019, migrated from Frame Relay to MPLS (Multiprotocol Label Switching). The MPLS network spans over four continents. A global service provider manages it, and it provides high-speed, highly reliable backbone services. However, the last mile to our Branches and ATMs provides a challenge.

Historically, German Telekom could guarantee adequate bandwidth as their network was SDH (Synchronous Digital Hierarchy) based. Higher bandwidths could be provided by combining multiple channels and using TDM (Time-Division Multiplexing). The ATMs were connected using two copper wires out of the Telekom cables and had a bandwidth of 1.544 Mbit (T1), and banking centres used four pairs of the Telekom copper infrastructure to run on 6.312 Mbit (T2) data lines.

German Telekom’s modernisation project of their network “TDM to Ethernet” resulted in a massive downgrade of the available bandwidth over the old infrastructure. The reasons are that Ethernet demands higher quality cables, higher bandwidth for needed management traffic and reduces the distance between active network devices (D’Ambrosia, 2020). German Telekom cannot anymore guarantee the needed bandwidth using the old cables while keeping  the standard SLAs (Service level Agreements) upright. Therefore, German Telekom announced that they will discontinue our data services based on the currently used business data lines by the end of 2025 for the reasons mentioned above.

Modernising the physical last-mile cables is an essential prerequisite to receiving services from German Telekom in the future and has already started. The goal is a direct connection using single-mode fibre cables for all banking centres and, where possible, also for the ATMs. ATM connections can also run on twisted pair cables minimum CAT 6 (Category 6) if the distance between active devices is shorter than 100 meters. The targeted minimum bandwidth for a banking centre is 100 Mbit; for an ATM, it is 10 Mbit; and for our district office in Germany, it is 1 Gbit. Adding redundancy to the district office network is planned for the future.

First negotiations with our service provider show that a managed data connection for our branches and ATMs into the MPLS cloud is very costly. We expect to see $600 monthly for a single 10 Mbit connection into the MPLS cloud. Pricing for higher bandwidth is not yet provided. Management’s direction is to investigate possible alternatives but to focus on direct internet access data lines (DIA) and Software Defined Networks (SDN). It is expected to see a significant cost saving by using DIAs; additional costs for SDN configuration and maintenance need to be gathered. Another important reason to investigate SD-WAN is the need to outsource main banking services.

Main payment processing applications, like SWIFT and TARGET, are offered only via cloud services. Previously in-house managed applications like payroll or data warehousing need to be migrated to cloud service providers to enhance compliance with current legislation and to account for the shortage of qualified persons in the labour market. SD-WAN allows dynamic traffic routing between these cloud services to ensure low latency of the data flow and therefore enhance application performance (CISCO, 2018) SD-WANs centralised management platform allows to dynamically adjust network policies allowing to react flexible to changing business needs(CISCO, 2018).

Our planned project start date for identifying, deciding on and implementing a solution was moved to January 2025 as we are currently in a handover situation to a new management entity.

Deliverables:

1. Explore Alternative Solutions and prepare a high-level view of available technologies that are usable to connect the branches and ATMs to the MPLS backbone.
2. Provide a cost overview for possible solutions.
3. Recommend one technology based on the research outcome.

4. Describe the security concerns of the planned solution and possible mitigations.
5. Create a high-level roadmap to transition away from the current infrastructure.
6. Build up a part of the anticipated network using packet tracer or CISCO sandbox.

This project will provide insight if other technologies provide enough benefits over the current MPLS solution to pursue a migration. The conduct of this project will allow me to gain detailed knowledge about the advantages and disadvantages of network technologies, in special, SD-WAN solutions. It will enable me to take an active role in the upcoming network re-design project in 2025.