BUILDING A FAULT TOLERANT IT INFRASTRUCTURE
GOALS AND OBJECTIVES
To issue and promote a national payment card and enable the processing of transactions with cards from international payment systems.
A disaster-resistant transaction processing system without a single point of failure.
- The installation and commissioning of IT infrastructure in two data centers
- Development of a gateway for secure access to data for processing
- Organization of NCPS network joints with operator networks at MMTS-9 and MMTS-10 communication nodes
- Huawei equipment
Our team faced a very difficult task in this project: the creation of IT infrastructure for a new payment system from scratch and on extremely short timescales, and the arrangement of nationwide technical support for the operation of the new system. Requirements for independence from possible sanctions, as well as the need to ensure guaranteed delivery times and use only standard components (so as to avoid being tied to specific suppliers) determined our choice of vendor: Huawei promptly provided all categories of required equipment.
As Huawei equipment had previously been used in projects of this scale and level of criticality, thorough testing was carried out with the involvement of an international team of experts and Huawei’s R&D center in China.
After systems architecture was developed and possible configurations envisaged, the transaction processing system’s IT infrastructure was created at two Russian Central Bank data center sites, united by an optical DWDM ring. The data centers were built over the course of two months, construction being maintained in three shifts, working 24 hours per day. To ensure telecommunications interaction for participating banks, the NPCS network was connected to operator networks at the MMTS-9 and MMTS-10 communication nodes. Subscriber sets were delivered and connected to 120 banks in 16 cities, and communication channels were tested.
Instead of the classic three-tier Mission Critical architecture (data layer - logic layer - client layer), which does not comply with strict continuity conditions, the transaction processing system designed by Jet Infosystems is based on grid architecture principles. The NCPS 1.0 grid-system consists of peer-to-peer interconnected nodes with data evenly distributed between them, while each node also serves as a traffic processing node supportive of dynamic routing. In case of failure at a single node, the load is automatically transferred to other nodes, ensuring fault tolerance and systems continuity.
A gateway for secure access to processing data was installed, eliminating direct Internet access from external systems and users, yet at the same time providing for interactive processing of Internet requests and maintaining NCPS’s communication with international payment systems and participating banks. This solution is compliant with Russian legislation and the requirements of national regulators (Central Bank of the Russian Federation, FSB, FSTEC) in terms of information protection.
In just seven months, the solutions were designed and tested, IT infrastructure for two data centers was delivered, installed and commissioned, and a tremendous amount of work implemented so as to connect key NCPS participants. The new platform has sufficient strength and performance margins and requires almost no major adjustment for effective operation. An access gateway ensures secure operation of all application systems requiring Internet access and interaction for processing purposes.
Overall, the project provides a glimpse into the future of corporate IT technical solutions. A year after project launch, the benefits of moving from monolithic applications and specialized hardware to distributed horizontally-scalable modular systems based on standard server platforms and open source software when building critical business systems could be clearly felt and demonstrated. The solution chosen has allowed NPCS to reach target fault and disaster tolerance standards without the significant costs typical for systems with similar continuity requirements which are built according to the classical model.
The new systems architecture allows expansion of computing resources without the suspension of business processes, making it possible for the NCPS to expand geographically and increase the number of the payment system participants.
In 2 months
Both data centers built
Connected to the system using subscriber sets
Time taken to build the system’s nationwide IT infrastructure
15 to 20 million transactions per day
Performed with Mir, Visa, MasterCard, American Express, JCB and UnionPay cards