With the rapid development of digital technology, how to more effectively serve the real economy and industrial development through digital transformation and innovation has become an important issue for the development of the financial industry, especially the banking industry.

Throughout the development of the banking industry, each stage has typical characteristics: in the 1.0 stage, banks basically provide services to users based on the characteristics of outlets. In the 2.0 stage, self-service such as ATM machines and online banking appeared. In the 3.0 stage, the banking industry is evolving to the mobile Internet, with mobile payment and P2P services emerging, providing individuals with financial services that can be obtained anytime, anywhere. In the 4.0 stage, the trend of the open banking model is becoming more and more obvious, and the boundaries of banks are more blurred. With the provision of API capabilities, banking services can be embedded in services of all walks of life, and users are no longer affected when consuming financial services. Due to the limitations of the venue, embedded financial services can be conveniently used in the upstream and downstream ecosystems.

The overall evolution process of the banking industry relies on the support of IT systems. The assistance of technology corresponds to several stages in the development of banks, from traditional mainframes to self-service Internet, to the mobile era, and then to the API economy era. The first two The stage mainly relies on traditional IT architecture. In the era of mobile Internet and API economy, open source capabilities, cloud-native modern architecture and modern applications are required, which puts forward different requirements for the development of bank IT technology.

With the evolution of cloud native technology, in order to meet the needs of rapid business development, banks can quickly launch new services, and can adapt to agile needs such as sudden surge in traffic, they need to build a new system architecture and form new increments. That is, the sensitive service center. In the new increment, PaaS and containers are the bottom layers. On this basis, you can build your own distributed architecture, including distributed components, and applications have become microservices, and then provide services through the open platform. It can be seen that the sensitive service center will be the incremental technological service capability output provided by the financial industry for the new development trend.

This change also coincides with many of the points made in the "2022 Status of Application Strategy Report" released by F5 this year. The report states that almost every business today has transformed into a digital enterprise, providing customers, partners and employees with a seamless experience with more optimized workflows through IT technology. When analyzing and comparing various industries, the financial services industry is even more of a digital pioneer. Up to 94% of financial institutions are actively implementing business automation, and 99% of financial service institutions are actively promoting application modernization.

During this process, the financial industry, especially the banking industry, has shown the following trends.

Application modernization is advancing rapidly

The first is that the modernization of applications is advancing rapidly, and more and more representative application forms and release forms of agile service centers including APIs, microservices, and new application interfaces have emerged. At the same time, technology is developing rapidly, and the corresponding management process changes have a certain lag with the whole process and organization-related parts, and efforts still need to be made in this regard.

A multi-cloud strategy is maturing

The second trend is the maturation of multi-cloud strategies. Liu Xufeng, technical director of the financial industry in F5 China and deputy general manager of the software division, said that the entire IT facility of the financial industry adopts a hybrid multi-cloud strategy. Some applications are suitable for deployment in local data centers, some in private clouds, and some in public clouds. . The starting point of the enterprise will consider the requirements of security compliance and cost-effectiveness, including whether the application delay is acceptable. Different deployment forms are adopted according to different application characteristics, which constitutes a hybrid multi-cloud model.

Cloud repatriation is growing stronger

The third trend is the growing development of cloud repatriation. More and more enterprises are migrating their selected applications from the cloud back to on-premises or hosted data center deployments, with the report showing an explosive 168% increase in the number of applications migrated back. The reasons are summarized by Liu Xufeng in four points.

The first is the security and compliance restrictions of the application itself after going to the cloud. If an application cannot accept the security risks on the cloud, it will be required to return to the private cloud, or to return to its own on-premises data center, because internal solutions usually have better management and clear security boundaries, which can achieve Better data control; the second reason is expense. Some applications are deployed throughout the year, and as long as they are deployed, they will provide services of the same scale 7×24, so that the agile and recyclable characteristics of public clouds are not brought into play. If this type of application is used in the public cloud for a long time, the cost cannot be reduced, and it will even increase the cost. The third reason is that the business indicators and business performance of the application have dropped significantly. Because if the application is migrated to the cloud, some adjustments and adaptations to the architecture are required. For some architectures designed based on traditional environments, if migrated to the cloud, many limitations will be exposed, such as the problem of delay, which affects the user experience. This kind of application is not suitable for the cloud, and will also consider repatriation to the local; The four reasons are that the availability of the business cannot be achieved after going to the cloud. Because public cloud systems are external to cloud users, availability is entirely dependent on the capabilities of the public cloud provider. If the public cloud service is interrupted, users can only wait passively, without independent controllability. If the application has autonomous and controllable requirements for availability, it is not suitable for handing over to an external system.

​F5 China Financial Industry Technical Director, Deputy General Manager of Software Division Liu Xufeng

The fringe is growing rapidly

The fourth trend is that the fringe is growing very fast. The biggest use of edge deployment is to reflect the attention and improvement of user experience, and edge cloud is also a very important link in multi-cloud. On-premises data centers still exist, but at the same time, application modernization is driving multi-cloud adoption. Whether applications are deployed in public, private, or edge clouds, the application security and application delivery links that support them will become increasingly fragmented, which also means Most organizations will continue to address the challenges of complexity and security.

Concerns about safety continue to grow

The fifth trend is that the focus on security is continuing to increase. Consistent security assurance is a very important link in a multi-cloud environment, because different clouds are heterogeneous, whether the security policies adopted under heterogeneous platforms can be easily released and pushed from the perspective of operation and maintenance, a kind of Whether the security policy changes in the cloud form can be synchronized to other clouds in a timely manner is a requirement for consistent security.

In addition, with the development of modern applications, the security protection methods of modern applications and APIs are very different from those in traditional fields. Due to the architecture of modern application microservices, the application is divided into many microservice forms, so its boundaries, definitions, logical relationships of mutual calls, and integration with upstream and downstream third parties have become very complex. Where should modern applications and APIs be located and in what form of protection is a key trend that users pay attention to.

Provides full-path application security and delivery

Over the years, F5 has provided multi-cloud-based application services, focusing on application security and application delivery. The deployment form supports traditional data centers, virtual machines, containers, etc., focusing on starting from the application code writing, and providing it through the delivery path. Omni-path application security and delivery capabilities for end users. For the multi-cloud development trend, F5 has a series of mature coping strategies and experience accumulation.

In the application delivery category, F5 mainly provides reliable delivery and helps users achieve a highly available architecture, including providing high availability for distributed databases and distributed object storage, and providing multi-cloud and multi-active solutions under different multi-cloud application architectures. At the same time, F5 China will also actively embrace localization to solve the practical problems of users. In the category of modern applications, F5 focuses on container platform solutions, including container empowerment, linkage with DevOps, and microservice governance. F5 builds it into a technology center for users to help users build a sensitive system Architecture. In the field of application security, F5 provides API security, container cloud security, zero-trust architecture, active confrontation, collaborative defense, etc., to provide users with consistent security guarantees in a multi-cloud environment and complex policies. In building a distributed cloud, F5 provides users with SaaS-based services, including application security and SaaS-side delivery capabilities for application delivery.

On the road of digital transformation, the financial industry is also facing a collision with traditional IT processes. With a consistent delivery experience across multi-cloud environments, F5 will help more financial institutions modernize their applications faster and more securely.