In response to the five major trends of application modernization in the financial industry, consistent delivery experience is the key

With the rapid development of digital technology, how to more effectively serve the real economy and industrial development through digital transformation and innovation has become an important issue in the financial industry, especially the banking industry.

Looking at the development of the banking industry, each stage has typical characteristics: in the 1.0 stage, banks basically provide services to users with branches as the characteristics. In the 2.0 stage, self-service services such as ATMs and online banking appear. In the 3.0 stage, the banking industry is evolving towards mobile Internet, and mobile payment and P2P services appear, providing individuals with financial services that can be obtained anytime and anywhere. In the 4.0 stage, the trend of open banking model is becoming more and more obvious, and the boundaries of banks are more blurred. With the provision of API capabilities, banking services can be embedded in the services of various industries. Users are no longer restricted by the venue when consuming financial services, and can conveniently use embedded financial services in the upstream and downstream ecosystems.

The overall evolution of the banking industry relies on the support of IT systems. The development of banks has undergone several stages of technological support, from traditional mainframes to self-service Internet, to the mobile era, and then to the API economy era. The first two stages mainly relied on traditional IT architecture. In the era of mobile Internet and API economy, open source capabilities, cloud-native modern architecture and modern applications are needed, which puts forward different requirements for the development of banking IT technology.

With the evolution of cloud-native technology, banks need to build a new system architecture to meet the needs of rapid business development, quickly launch new businesses, and adapt to agile demands such as sudden surges in traffic. In the new increment, PaaS and containers are the bottom layer, on which you can build your own distributed architecture, including distributed components, and applications are transformed into microservices, which are then provided to the outside world through open platforms. It can be seen that the agile service center will be the incremental technology service capability output provided by the financial industry for new development trends.

This change also coincides with many of the views raised in F5's "2022 Application Strategy Status Report" released this year. The report points out that almost all companies have now transformed into digital companies, providing customers, partners and employees with a more seamless experience of optimized workflows through IT technology. When analyzing and comparing various industries, the financial services industry is a digital pioneer, with up to 94% of financial institutions actively implementing business automation, and 99% of financial services institutions actively promoting application modernization.

In this process, the financial industry, especially the banking industry, has shown the following trends.

Application modernization is advancing rapidly

First, the modernization of applications is advancing rapidly, and more and more representative application forms and release forms of agile service centers, including APIs, microservices, and new application interfaces, have emerged. At the same time, technology is developing rapidly, and the corresponding management process changes have a certain lag in the overall process and organization-related parts, and efforts are still needed in this regard.

Multi-cloud strategies mature

The second trend is that the multi-cloud strategy is becoming more mature. Liu Xufeng, technical director of the financial industry in China and deputy general manager of the software division of F5, said that the entire IT infrastructure of the financial industry adopts a hybrid multi-cloud strategy. Some applications are suitable for deployment in local data centers, some in private clouds, and some in public clouds. The starting point of the enterprise will consider the requirements of security and compliance, the requirements of cost-effectiveness, and whether the latency of the application is acceptable. Different deployment forms are adopted according to the characteristics of different applications, which constitutes a hybrid multi-cloud model.

Cloud repatriation is gaining momentum

The third trend is the growing momentum of cloud repatriation. More and more companies are migrating their selected applications from the cloud back to local or hosted data centers. The report shows that the amount of application repatriation has exploded by 168%. Liu Xufeng summarized the reasons into four points.

The first reason is the security and compliance limitations of the application itself after it is migrated to the cloud. If an application cannot accept the security risks on the cloud, it will require to return to the private cloud or to its own local data center, because internal solutions usually have better management and clear security boundaries, which can achieve better data control. The second reason is cost. Some applications are deployed throughout the year, and once deployed, they will provide the same scale of services to the outside world 24/7, which does not give full play to the agility and recyclability of the public cloud. If this type of application is used in the public cloud for a long time, the cost will not be reduced, and it may even increase the cost. The third reason is that the business indicators and business performance of the application have declined significantly. Because if the application is migrated to the cloud, some adjustments and adaptations need to be made to the architecture. For some architectures designed based on traditional environments, if they are migrated to the cloud, many limitations will be exposed, such as latency issues, which will affect the user experience. Such applications are not suitable for cloud migration and will also be considered to be repatriated to the local area. The fourth reason is that the business availability indicators cannot be met after cloud migration. Because the public cloud system is an external system for cloud users, the availability depends entirely on the capabilities of the public cloud provider. If the public cloud service is interrupted, users can only wait passively and have no autonomous control. If the application has autonomous and controllable requirements for availability, it is not suitable to hand it over to an external system.

Liu Xufeng, Technical Director of Financial Industry and Deputy General Manager of Software Division of F5 China

The edge is developing rapidly

The fourth trend is that the edge is developing very fast. The biggest use of edge deployment is to reflect the focus on and improvement of user experience. Edge cloud is also a very important part of multi-cloud. Local data centers still exist, but at the same time, application modernization is driving the adoption of multi-cloud. Whether applications are deployed in public clouds, private clouds, or edge clouds, the application security and application delivery links that support them will become more and more decentralized, which also means that most organizations will continue to face the challenges of complexity and security.

Concerns about safety continue to grow

The fifth trend is that the focus on security is increasing. Consistent security assurance is a very important link in a multi-cloud environment, because different clouds are heterogeneous. From the perspective of operation and maintenance, whether the security policies adopted in heterogeneous platforms can be easily released and pushed down, and whether the security policy changes in one cloud form can be synchronized to other clouds in a timely manner, these are all requirements for consistent security.

In addition, with the development of modern applications, the security protection methods of modern applications and APIs are very different from those in traditional fields. Due to the microservice architecture of modern applications, applications are divided into many microservice forms, so its boundaries, definitions, logical relationships between mutual calls, and integration with upstream and downstream third parties have become very complicated. Where modern applications and APIs should be located and in what form is a key trend that users are concerned about.

Provide full-path application security and delivery

Over the years, F5 has provided multi-cloud application services, focusing on application security and application delivery. The deployment forms support traditional data centers, virtual machines, containers, etc., focusing on the full-path application security and delivery capabilities from writing application code to providing it to end users through the delivery path. F5 has a series of mature response strategies and accumulated experience in response to the development trend of multi-cloud.

In the application delivery category, F5 mainly provides reliable delivery to help users achieve a highly available architecture, including providing high availability for distributed databases and distributed object storage, and providing multi-cloud and multi-active solutions under different multi-cloud application architectures. At the same time, F5 China will also actively embrace localization to solve users' practical problems. In the modern application category, F5 focuses on container platform solutions, including container empowerment, linkage with DevOps, and microservice governance. F5 will build it into a technical middle platform for users to help users build an agile architecture. In the field of application security, F5 provides API security, container cloud security, zero-trust architecture, active confrontation, collaborative defense, etc., to provide users with consistent security protection in multi-cloud environments and complex strategies. In terms of building a distributed cloud, F5 provides users with SaaS-based services, including application security and SaaS-side delivery capabilities for application delivery.

The financial industry is also facing a collision with traditional IT processes on the road to digital transformation. With the consistent delivery experience provided in a multi-cloud environment, F5 will help more financial institutions advance the application modernization process faster and more securely.