Cedel Bank Grows with NT

Cedel Bank implemented NT and BackOffice in a mission-critical environment on the fast track.

Warren Pickett

May 31, 1997

10 Min Read
ITPro Today logo in a gray background | ITPro Today

NT proves its worth in a high-security, high-availability environment

In the fast-paced world of securities trading, where you're turning over more than half amillion dollars every second, your computing environment has to be up to the task. At Cedel Bank, aglobal securities clearing, settlement, and custody institution, the need for a robust and stableoperating system that will grow with the bank led the IS staff to Windows NT. "In anenvironment where high availability, security, and flexibility are mandatory, the question was neverwhether we should migrate to NT, but rather when and how we could best achieve the migration,"said Ian Cohen, senior manager of group information services.

For several years, Cedel Bank had been actively migrating its core IS technologies fromprincipally mainframe-based batch systems to a client/server and realtime environment. The migrationwas progressing well, but the client-side operating system (Windows 3.1) and network operatingsystem (Novell NetWare) could not support increasing demands on the bank. Windows 3.1 suffered fromsignificant memory and security constraints, and Novell was unable to provide a manageable andviable future for servers.

In 1996, Cedel Bank completed an ambitious program to migrate its entire internal network anddesktop environment to NT and BackOffice. Cedel Bank adopted the latest versions of all majorMicrosoft products within a very short time. Both internal staff and Microsoft have hailed themigration project as a major success.

A subsidiary of Cedel International, Cedel Bank serves as a global clearing organization tominimize risk in the settlement of cross-boarder securities trading. The bank has an annualizedsettlement turnover rate of more than $13 trillion, holds more than $1 trillion of customers'securities in safekeeping, and processes trades of up to $100 billion every business day. Cedel Bankhas offices in Luxembourg, London, New York, Hong Kong, Tokyo, and Dubai. Cedel Bank also operatesLiberty, an order routing service (InterTrade) for North America, Europe, and Asia.

NT on the Fast Track
In late 1995, Cedel Bank decided to switch fully to NT, and in January 1996, the bankimplemented a short-term strategy to address the following five major business requirements:

  • Access from anywhere--access to any data and application (subject to security), from anycompany PC, at any time, from anywhere (24*7 availability)

  • Security of information and services--secure access to all data and resources (thorough virusand intruder prevention and detection)

  • Rapid deployment of technology--a robust framework to enable the bank to quickly build anddeploy new applications

  • Productivity and efficiency--improved systems management, better customer responsiveness andsupport, and less manual intervention

  • Cost-effective services--using the most cost-effective approach to solve problems and dealwith challenges (note that cost effective does not mean least expensive)

Cedel Bank created a detailed design of its future IS environment in March 1996 and beganimplementing its solution in October 1996, a little more than eight months from initial planning toglobal implementation. Although Cedel Bank's NT environment is relatively modest (about 800 usersworldwide), it is very complex. "With the bank's nine offices in Luxembourg and five offices inother countries, the design of the environment needed to be right, especially when we wereconsidering business requirements, NT domains, SMS [Systems Management Server] servers, and Exchangesites," Cohen said.

Facing demands from its users to provide significant new features and improvements for itscustomers, Cedel Bank scheduled an aggressive eight-month project to migrate to NT. During thoseeight-months, the bank

  • replaced Windows 3.1 with NT 3.51 (and later NT 4.0) on all PCs

  • replaced the existing servers with the newest Compaq symmetric multiprocessing (SMP) range

  • replaced Novell NetWare 3.11 and 3.12 with NT Server 4.0

  • migrated its network protocol from IPX/SPX to TCP/IP and its WAN protocol from X25 to framerelay

  • centralized its critical data and applications on hundreds of gigabytes of realtime mirroreddisk arrays

  • created a warm standby facility in a backup data center

  • migrated from Microsoft Mail to Microsoft Exchange

  • implemented direct TCP/IP and failover with Microsoft Systems Network Architecture (SNA)Server for mainframe services

  • migrated from static to fully dynamic TCP/IP addressing using Dynamic Host ConfigurationProtocol (DHCP) and Windows Internet Name Service (WINS)

  • implemented Microsoft SMS for electronic software distribution, auditing, and management

  • implemented an intranet using Microsoft Internet Information Server (IIS) and InternetExplorer (IE) 3.0

  • migrated from Microsoft Office 4.2 to Office 95

  • implemented a new security model, including access from any PC via roaming hardware profiles

  • implemented a complete NT printing environment

During the project's first three months (March, April, May), Cedel Bank focused oninfrastructure design. Specifically, the IS staff looked at domain design, Exchange site design, SMSsite design, SNA server configuration, DHCP/WINS design, LAN/WAN traffic analysis and projections,disk array and server evaluation and selection, a minimum desktop PC specification, applicationinventory, and so forth. The intent was to ensure that the infrastructure the bank was designing wasclear from the start.

During June and July, Cedel Bank performed several tasks in parallel. The IS staff upgraded thedesktop hardware, installed and commissioned all infrastructure hardware, tested the underlying NTserver and back office infrastructure, and created SMS packages. The IS staff also createdunattended installation scripts that let it install NT 4.0, NTFS, Exchange client, SMS client,Office 95, IE 3.0, and a corporate screen saver with only two manual operations at each PC. At thesame time, the bank began to implement desktop design changes (e.g., shortcuts and directorystructures) and migrate old systems to new systems (e.g., MS Mail to Exchange).

NT 4.0 was still in beta at this point in the migration, and Cedel Bank decided to initiallystick with NT 3.51 because the release date for NT 4.0 was still unclear. The bank began testing thealpha build of the Cedel Bank workstation to ensure that the infrastructure and fundamental elementswere in place and working. At this point, the bank also began to implement user training modules onvarious components (NT overview, Exchange, Office 95, NT development, etc.) of the new environment.

In August, Cedel Bank began beta testing the new environment, using more than 60 users andfixing problems to prepare for the next beta release. The beta testing focused on the products theusers would receive and how the users would receive the products.

A month after the beta testing began, Cedel Bank made a critical decision to replace itsexisting NT 3.51 systems with NT 4.0. The bank allowed for a one-month delay so it could rework theenvironment and deploy NT 4.0. IS staff members believed that NT 4.0's features had value andrealized that they could avoid a second full-force migration to NT 4.0 later if they switched now.

In October, the bank performed the second phase of beta testing to fix minor bugs in the systemand prepare for a live migration of the remaining systems. The live migration in Luxembourg tookfive weekends to migrate about 150 users per weekend. In November, after successfully migrating thelocal systems, the bank began migrating systems in other countries. For the final step, the IS staffperformed a year-end freeze and stopped making additional changes (other than urgent fixes orcustomer requests) to systems in the new environment.

"By adopting an aggressive but achievable schedule and working as a team, we were able togo from a blank page in March to successful migration in October," Cohen said. "Consideringthe complexity of the migration, which involved approximately 800 users, 26 servers, and fullimplementation of BackOffice, Office 95, realtime disk mirroring, and a warm standby facility, therelatively short period in which we migrated to NT shows that we did many things right."

Lessons Learned
Cohen is pleased with the way the bank handled the migration to NT, but he admits that somethings went wrong. "We had our share of problems, such as getting MS Mail and Exchange tocoexist during the transition and getting desktop shortcuts to follow users when they used anotherPC in the system," he said. "If we had to perform the migration all over again, we woulddo some things differently, such as improving the way we approached user training. Our guidingprinciples throughout the project were to adapt, improvise, and overcome." For Cohen's thoughtson where the project succeeded and where it fell short, see the sidebar, "An Interview with IanCohen," page 120.

Cohen realizes that undertaking a large-scale migration can't purely be an exercise intechnology. "To be successful, you need to navigate various planning, testing, technical, andlogistical challenges," he said. "You need to approach the migration much like a militaryexercise and know what you want to achieve."

Cohen said that companies need to have a good grasp of their existing environment, includinghardware and especially software. Cedel Bank identified where it had installed applications andhardware products, who was using these components, how critical the components were to theenterprise, what language the applications were written in, and whether the components werecompatible with the new systems the bank was installing. During the migration, Cedel Bank used acommercial product to audit its existing systems, but found that the software audited only majorproducts and none of the applications the bank had developed internally. To help fill the missingholes, the IS staff had the beta users verify the results of the audit locally in their groups.

Cohen pointed out that you need to inform users that your efforts will focus on those productsand applications that you know exist, that your company requires, and that are legal. "Circulatethe inventory, and make sure that your users have the opportunity to inform you of products andapplications that you might be unaware of," Cohen said.

Cedel Bank also had to resist the temptation to manually install products and services,especially for workstation users. "Although this approach can seem like the most expedient wayout, you otherwise run the risk of ending up with many different configurations and flavors ofinstallation, which can present real problems for future support and maintenance," Cohen said.He suggested that companies use available tools such as CIXSTART and installation script generatorsto make installations as automated, consistent, and repeatable as possible.

Cohen also suggested that companies perform some dry runs. Specifically, you'll want to knowhow fast you can install one PC and whether you can install several machines at a time. You'll alsowant to know of any staffing, network saturation, server responsiveness, and capacity bottlenecksbefore you take the new environment online. "Keep in mind the best and worst case scenarios,including any backout or contingency actions, and plan accordingly," Cohen said. "CedelBank is evidence that you can deploy NT and BackOffice in a reasonable time and at a reasonable costif you take a practical and realistic approach to the project."

Cedel Bank let the new environment stabilize for the first few months of 1997 before performinga full disaster test to simulate how the bank would recover the system in the face of a majorcatastrophe such as a fire. The bank is still exploring ways to make the most of NT, IIS, IE,server-side scripting, and ActiveX and Java applications, and looking to the next wave of BackOfficeproducts.

SOLUTION SUMMARY
Operating in a highly available, highly secure environment requires just as versatile anoperating system as possible. When Cedel Bank began to outgrow its existing client/ server network,it created a detailed plan to redesign its IS environment around Windows NT and the MicrosoftBackOffice suite. The bank selected NT because the operating system provided a robust, secure, andflexible environment that could grow to meet the bank's existing and future needs. The bank's designaddressed short-term business needs such as 24*7 availability, security of information and services,deployment of technology, productivity and efficiency, and cost-effective services.

The bank went from the initial planning stages to implementation of the new NT environmentwithin eight months. In that time, the bank tackled such tasks as placing NT 4.0 on all PCs andservers, creating a warm standby facility, migrating from MS Mail to Exchange, implementing dynamicTCP/IP, migrating from Microsoft Office 4.2 to Office 95, implementing an intranet, and implementinga new security model with roaming hardware profiles. Both Microsoft and internal staff have hailedthe project as a success.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like