ICICI_1

ICICI Bank Secure Access Points

Amvean technology was tasked at building a managed centrally-controlled wireless management infrastructure for a local New York based bank. The project required consideration of the bank information security protocol and the wireless system was to service guests and external auditing staff that would routinely visit.

Due to compliance, the bank was not permitted to allow guests to join their wireless network.  Technology selection, installation and security were a part of the scope of this project.

Client Details

ICICI Bank (Industrial Credit and Investment Corporation of India) is an Indian multinational banking and financial services company headquartered in Mumbai, Maharashtra, India, with its registered office in Vadodara. In 2014, it was the second largest bank in India in terms of assets and third in term of market capitalisation. It offers a wide range of banking products and financial services for corporate and retail customers through a variety of delivery channels and specialised subsidiaries in the areas of investment banking, life, non-life insurance, venture capital and asset management. The bank has a network of 4,183 branches and 13,498 ATMs in India, and has a presence in 17 countries including here in New York.

Project Scope entailed the following:

  • 1. Wireless site survey to determine optimal location for one additional access-point
    2. Required cabling runs from server room to the respective locations where the Access Points will be installed
    3. Installation and Configuration of the Access Point on both 2.4GHz / 5 GHz bands
    4. Installation and Programming of Power over Ethernet Switch
    5. Post installation wireless site survey and respective adjustment
    6. Programming relevant network equipment Wireless Access Controller
    7. Install Network Switch and/or Network Routing Equipment to accommodate the new  internet service provider
    8. Network diagram and respective network configuration files

The hardware required for the project consisted of, one new Access Points from Cisco and  relevant mounting kits, Cisco 1900 routing equipment or equivalent, Cisco Wireless Access Controller with PoE capabilities, Cat5e plenum overhead cabling, and three Cisco AIR-CAP1602 Access Points at different locations.  

Summary:

  • Network cable run to access points and termination to the server rack
  • Installation and configuration of cisco 1921 router with two VLANS
  • Setup network remote VPN service
  • Enabling of QOS service to take advantage of the Cogent Fiber downlink
  • Installation and configuration of a Cisco 2504 Wireless Mobile Controller for both staff and guest access
  • Applying applicable bandwidth and security restrictions per banking policies   


Project Equipment (supplied by Amvean)

ICICI Bank_devices

Cisco 1921 Router
Cisco Switch SF200-24P
Cisco Mobile Controller 2504 WLC – 5 AP Licenses
Cisco AIR Mesh Wifi Acess Points

Operations
Amvean performed a detailed site and they scoped the installations and configurations on all devices at the close of the business day. The normal daily operations of our client’s business didn’t get affected since this was a new setup and didn’t require any operational shutdowns of servers and existing equipment.
First the cat5e network cables were overhead in the ceiling where it was not-visible. Call termination were performed for RJ-45 runs and also the Fiber was terminated and tested and secured to the access points mounted on the walls (see pic).

20160415_104258

Cisco AIR-CAP1602 AP Install

Cogent fiber links

Cogent Internet Fiber Link Installation

Afterwards, the rest of the Cisco  Router 1921 and Cisco WLC 2504 equipment was attached to a server rack (see pic).

1921 router with 2504 wlc

Cisco 1921 Router with 2504 wlc

Network Implementation
On the software configuration end, the Cisco router 1921 was configured with specific IP addresses, routing information and VLAN requirements for the wireless lan controller. Access points were connected to the PoE switch, in addition to the router and controller, as seen in this example topology.

ICICI Network topology

Conclusion
Ultimately the Amvean tested the wireless system installation to ensure that we met all the client wireless installation requirement and network security. Staff members were able to gain wireless access using a preset password and Amvean also applied filtered by network mac address scheme to only allow selected devices to join the network.

Guest of the company were each provided a username and unique password  which was time-generated so that guest would have access for a finite amount of time. Cisco Mobile 2504 enforced controller’s authentication and policy settings across the network. As a whole, all went as planned.

WiFi speeds from the access points at different locations on the office floor were tested and produced excellent download and upload results.

To say the least, the biggest achievement of the day were the smiles on our client’s faces and nods of approval. Once again Amvean had come through, with the promise of what this company prioritizes … total customer satisfaction!